1'use strict'; 2const common = require('../common'); 3 4if (!common.hasCrypto) 5 common.skip('missing crypto'); 6 7// This test verifies the behavior of the tls setSecureContext() method. 8// It also verifies that existing connections are not disrupted when the 9// secure context is changed. 10 11const assert = require('assert'); 12const https = require('https'); 13const fixtures = require('../common/fixtures'); 14const credentialOptions = [ 15 { 16 key: fixtures.readKey('agent1-key.pem'), 17 cert: fixtures.readKey('agent1-cert.pem'), 18 ca: fixtures.readKey('ca1-cert.pem') 19 }, 20 { 21 key: fixtures.readKey('agent2-key.pem'), 22 cert: fixtures.readKey('agent2-cert.pem'), 23 ca: fixtures.readKey('ca2-cert.pem') 24 }, 25]; 26let firstResponse; 27 28const server = https.createServer(credentialOptions[0], (req, res) => { 29 const id = +req.headers.id; 30 31 if (id === 1) { 32 firstResponse = res; 33 firstResponse.write('multi-'); 34 return; 35 } else if (id === 4) { 36 firstResponse.write('success-'); 37 } 38 39 res.end('success'); 40}); 41 42server.listen(0, common.mustCall(() => { 43 const { port } = server.address(); 44 const firstRequest = makeRequest(port, 1); 45 46 async function makeRemainingRequests() { 47 // Wait until the first request is guaranteed to have been handled. 48 if (!firstResponse) { 49 return setImmediate(makeRemainingRequests); 50 } 51 52 assert.strictEqual(await makeRequest(port, 2), 'success'); 53 54 server.setSecureContext(credentialOptions[1]); 55 firstResponse.write('request-'); 56 await assert.rejects(async () => { 57 await makeRequest(port, 3); 58 }, /^Error: self signed certificate$/); 59 60 server.setSecureContext(credentialOptions[0]); 61 assert.strictEqual(await makeRequest(port, 4), 'success'); 62 63 server.setSecureContext(credentialOptions[1]); 64 firstResponse.end('fun!'); 65 await assert.rejects(async () => { 66 await makeRequest(port, 5); 67 }, /^Error: self signed certificate$/); 68 69 assert.strictEqual(await firstRequest, 'multi-request-success-fun!'); 70 server.close(); 71 } 72 73 makeRemainingRequests(); 74})); 75 76function makeRequest(port, id) { 77 return new Promise((resolve, reject) => { 78 const options = { 79 rejectUnauthorized: true, 80 ca: credentialOptions[0].ca, 81 servername: 'agent1', 82 headers: { id } 83 }; 84 85 let errored = false; 86 https.get(`https://localhost:${port}`, options, (res) => { 87 let response = ''; 88 89 res.setEncoding('utf8'); 90 91 res.on('data', (chunk) => { 92 response += chunk; 93 }); 94 95 res.on('end', common.mustCall(() => { 96 resolve(response); 97 })); 98 }).on('error', (err) => { 99 errored = true; 100 reject(err); 101 }).on('finish', () => { 102 assert.strictEqual(errored, false); 103 }); 104 }); 105} 106