From 0273e9af46553ac62f7848e0c51b6530b08dcbeb Mon Sep 17 00:00:00 2001
From: Diego Dupin <diego.dupin@mariadb.com>
Date: Fri, 11 Jul 2025 15:52:08 +0200
Subject: [PATCH] [CONJS-323] correcting TypeError: validationFunction is not a
 function

---
 lib/cmd/handshake/authentication.js |  2 +-
 test/integration/test-ssl.js        | 23 ++++++++++++++++++++++-
 2 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/lib/cmd/handshake/authentication.js b/lib/cmd/handshake/authentication.js
index 52e426f..42622b6 100644
--- a/lib/cmd/handshake/authentication.js
+++ b/lib/cmd/handshake/authentication.js
@@ -99,7 +99,7 @@ class Authentication extends Command {
           } else {
             // certificate is not self signed, validate server identity
             const validationFunction =
-              opts.ssl === true || opts.ssl.checkServerIdentity === null
+              opts.ssl === true || typeof opts.ssl.checkServerIdentity !== 'function'
                 ? tls.checkServerIdentity
                 : opts.ssl.checkServerIdentity;
             const identityError = validationFunction(
diff --git a/test/integration/test-ssl.js b/test/integration/test-ssl.js
index 83292f9..95e1f06 100644
--- a/test/integration/test-ssl.js
+++ b/test/integration/test-ssl.js
@@ -468,7 +468,7 @@ describe('ssl', function () {
     if (!shareConn.info.isMariaDB() && !shareConn.info.hasMinVersion(5, 7, 10)) this.skip();
     if (Conf.baseConfig.host !== 'localhost') this.skip();
 
-    const conn = await base.createConnection({
+    let conn = await base.createConnection({
       ssl: {
         ca: ca,
         checkServerIdentity: (servername, cert) => {}
@@ -477,6 +477,27 @@ describe('ssl', function () {
     });
     await validConnection(conn);
     conn.end();
+
+    let success = false;
+    try {
+      conn = await base.createConnection({
+        ssl: {
+          ca: ca,
+          checkServerIdentity: (servername, cert) => {
+            throw new Error('test identity');
+          }
+        },
+        port: sslPort
+      });
+      await validConnection(conn);
+      conn.end();
+      success = true;
+    } catch (e) {
+      // eat
+    }
+    if (success && (!shareConn.info.isMariaDB() || !shareConn.info.hasMinVersion(11, 4, 0))) {
+      throw new Error('Must have thrown an exception, since server identity must not have been verified !');
+    }
   });
 
   it('CA name verification error', async function () {