tls: reset secureConnecting on client socket

davedoesdev · codebytere · commit eedc13174e8e · 2020-05-11T09:57:42.000-07:00
secureConnecting is never set to false on client TLS sockets. So if Http2Session constructor (in lib/internal/http2/core.js) is called after secureConnect is emitted, then it will wrongly wait for a secureConnect event. This fix sets secureConnecting to false when a client TLS socket has connected. PR-URL: #33209 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js
@@ -1512,11 +1512,13 @@ function onConnectSecure() {
       debug('client emit secureConnect. rejectUnauthorized: %s, ' +
             'authorizationError: %s', options.rejectUnauthorized,
             this.authorizationError);
+      this.secureConnecting = false;
       this.emit('secureConnect');
     }
   } else {
     this.authorized = true;
     debug('client emit secureConnect. authorized:', this.authorized);
+    this.secureConnecting = false;
     this.emit('secureConnect');
   }
 
diff --git a/test/parallel/test-http2-connect.js b/test/parallel/test-http2-connect.js
@@ -9,9 +9,11 @@ const {
 } = require('../common');
 if (!hasCrypto)
   skip('missing crypto');
+const fixtures = require('../common/fixtures');
 const assert = require('assert');
-const { createServer, connect } = require('http2');
+const { createServer, createSecureServer, connect } = require('http2');
 const { connect: netConnect } = require('net');
+const { connect: tlsConnect } = require('tls');
 
 // Check for session connect callback and event
 {
@@ -70,6 +72,36 @@ const { connect: netConnect } = require('net');
   connect(authority).on('error', () => {});
 }
 
+// Check for session connect callback on already connected TLS socket
+{
+  const serverOptions = {
+    key: fixtures.readKey('agent1-key.pem'),
+    cert: fixtures.readKey('agent1-cert.pem')
+  };
+  const server = createSecureServer(serverOptions);
+  server.listen(0, mustCall(() => {
+    const { port } = server.address();
+
+    const onSocketConnect = () => {
+      const authority = `https://localhost:${port}`;
+      const createConnection = mustCall(() => socket);
+      const options = { createConnection };
+      connect(authority, options, mustCall(onSessionConnect));
+    };
+
+    const onSessionConnect = (session) => {
+      session.close();
+      server.close();
+    };
+
+    const clientOptions = {
+      port,
+      rejectUnauthorized: false
+    };
+    const socket = tlsConnect(clientOptions, mustCall(onSocketConnect));
+  }));
+}
+
 // Check for error for init settings error
 {
   createServer(function() {

Original file line number	Diff line number	Diff line change
`@@ -1512,11 +1512,13 @@ function onConnectSecure() {`
`1512`	`1512`	`debug('client emit secureConnect. rejectUnauthorized: %s, ' +`
`1513`	`1513`	`'authorizationError: %s', options.rejectUnauthorized,`
`1514`	`1514`	`this.authorizationError);`
	`1515`	`+ this.secureConnecting = false;`
`1515`	`1516`	`this.emit('secureConnect');`
`1516`	`1517`	`}`
`1517`	`1518`	`} else {`
`1518`	`1519`	`this.authorized = true;`
`1519`	`1520`	`debug('client emit secureConnect. authorized:', this.authorized);`
	`1521`	`+ this.secureConnecting = false;`
`1520`	`1522`	`this.emit('secureConnect');`
`1521`	`1523`	`}`
`1522`	`1524`