1'use strict'; 2const common = require('../common'); 3if (!common.hasCrypto) 4 common.skip('missing crypto'); 5 6const assert = require('assert'); 7const tls = require('tls'); 8 9// We could get the `tlsSocket.servername` even if the event of "tlsClientError" 10// is emitted. 11 12const serverOptions = { 13 requestCert: true, 14 rejectUnauthorized: false, 15 SNICallback: function(servername, callback) { 16 if (servername === 'c.another.com') { 17 callback(null, {}); 18 } else { 19 callback(new Error('Invalid SNI context'), null); 20 } 21 } 22}; 23 24function test(options) { 25 const server = tls.createServer(serverOptions, common.mustNotCall()); 26 27 server.on('tlsClientError', common.mustCall((err, socket) => { 28 assert.strictEqual(err.message, 'Invalid SNI context'); 29 // The `servername` should match. 30 assert.strictEqual(socket.servername, options.servername); 31 })); 32 33 server.listen(0, () => { 34 options.port = server.address().port; 35 const client = tls.connect(options, common.mustNotCall()); 36 37 client.on('error', common.mustCall((err) => { 38 assert.strictEqual(err.message, 'Client network socket' + 39 ' disconnected before secure TLS connection was established'); 40 })); 41 42 client.on('close', common.mustCall(() => server.close())); 43 }); 44} 45 46test({ 47 port: undefined, 48 servername: 'c.another.com', 49 rejectUnauthorized: false 50}); 51 52test({ 53 port: undefined, 54 servername: 'c.wrong.com', 55 rejectUnauthorized: false 56}); 57