1'use strict'; 2// Flags: --expose-internals 3 4const common = require('../common'); 5 6if (!common.hasCrypto) 7 common.skip('missing crypto'); 8 9const assert = require('assert'); 10const tls = require('tls'); 11const fixtures = require('../common/fixtures'); 12const { internalBinding } = require('internal/test/binding'); 13const binding = internalBinding('crypto'); 14 15const { fork } = require('child_process'); 16 17// This test ensures that extra certificates are loaded at startup. 18if (process.argv[2] !== 'child') { 19 // Parent 20 const NODE_EXTRA_CA_CERTS = fixtures.path('keys', 'ca1-cert.pem'); 21 const extendsEnv = (obj) => ({ ...process.env, ...obj }); 22 23 [ 24 extendsEnv({ CHILD_USE_EXTRA_CA_CERTS: 'yes', NODE_EXTRA_CA_CERTS }), 25 extendsEnv({ CHILD_USE_EXTRA_CA_CERTS: 'no' }), 26 ].forEach((processEnv) => { 27 fork(__filename, ['child'], { env: processEnv }) 28 .on('exit', common.mustCall((status) => { 29 // Client did not succeed in connecting 30 assert.strictEqual(status, 0); 31 })); 32 }); 33} else if (process.env.CHILD_USE_EXTRA_CA_CERTS === 'yes') { 34 // Child with extra certificates loaded at startup. 35 assert.strictEqual(binding.isExtraRootCertsFileLoaded(), true); 36} else { 37 // Child without extra certificates. 38 assert.strictEqual(binding.isExtraRootCertsFileLoaded(), false); 39 tls.createServer({}); 40 assert.strictEqual(binding.isExtraRootCertsFileLoaded(), false); 41} 42