forked from nodejs/node
-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathtest-tls-set-secure-context.js
95 lines (78 loc) · 2.67 KB
/
test-tls-set-secure-context.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
'use strict';
const common = require('../common');
if (!common.hasCrypto)
common.skip('missing crypto');
// This test verifies the behavior of the tls setSecureContext() method.
// It also verifies that existing connections are not disrupted when the
// secure context is changed.
const assert = require('assert');
const events = require('events');
const https = require('https');
const timers = require('timers/promises');
const fixtures = require('../common/fixtures');
const credentialOptions = [
{
key: fixtures.readKey('agent1-key.pem'),
cert: fixtures.readKey('agent1-cert.pem'),
ca: fixtures.readKey('ca1-cert.pem')
},
{
key: fixtures.readKey('agent2-key.pem'),
cert: fixtures.readKey('agent2-cert.pem'),
ca: fixtures.readKey('ca2-cert.pem')
},
];
let firstResponse;
const server = https.createServer(credentialOptions[0], (req, res) => {
const id = +req.headers.id;
if (id === 1) {
firstResponse = res;
firstResponse.write('multi-');
return;
} else if (id === 4) {
firstResponse.write('success-');
}
res.end('success');
});
server.listen(0, common.mustCall(() => {
const { port } = server.address();
const firstRequest = makeRequest(port, 1);
(async function makeRemainingRequests() {
// Wait until the first request is guaranteed to have been handled.
while (!firstResponse) {
await timers.setImmediate();
}
assert.strictEqual(await makeRequest(port, 2), 'success');
server.setSecureContext(credentialOptions[1]);
firstResponse.write('request-');
const errorMessageRegex = common.hasOpenSSL3 ?
/^Error: self-signed certificate$/ :
/^Error: self signed certificate$/;
await assert.rejects(makeRequest(port, 3), errorMessageRegex);
server.setSecureContext(credentialOptions[0]);
assert.strictEqual(await makeRequest(port, 4), 'success');
server.setSecureContext(credentialOptions[1]);
firstResponse.end('fun!');
await assert.rejects(makeRequest(port, 5), errorMessageRegex);
assert.strictEqual(await firstRequest, 'multi-request-success-fun!');
server.close();
})().then(common.mustCall());
}));
async function makeRequest(port, id) {
const options = {
rejectUnauthorized: true,
ca: credentialOptions[0].ca,
servername: 'agent1',
headers: { id },
agent: new https.Agent()
};
const req = https.get(`https://localhost:${port}`, options);
let errored = false;
req.on('error', () => errored = true);
req.on('finish', () => assert.strictEqual(errored, false));
const [res] = await events.once(req, 'response');
res.setEncoding('utf8');
let response = '';
for await (const chunk of res) response += chunk;
return response;
}