1'use strict'; 2const common = require('../common'); 3if (!common.hasCrypto) common.skip('missing crypto'); 4const fixtures = require('../common/fixtures'); 5 6// Test --tls-keylog CLI flag. 7 8const assert = require('assert'); 9const path = require('path'); 10const fs = require('fs'); 11const { fork } = require('child_process'); 12 13if (process.argv[2] === 'test') 14 return test(); 15 16const tmpdir = require('../common/tmpdir'); 17tmpdir.refresh(); 18const file = path.resolve(tmpdir.path, 'keylog.log'); 19 20const child = fork(__filename, ['test'], { 21 execArgv: ['--tls-keylog=' + file] 22}); 23 24child.on('close', common.mustCall((code, signal) => { 25 assert.strictEqual(code, 0); 26 assert.strictEqual(signal, null); 27 const log = fs.readFileSync(file, 'utf8').trim().split('\n'); 28 // Both client and server should log their secrets, 29 // so we should have two identical lines in the log 30 assert.strictEqual(log.length, 2); 31 assert.strictEqual(log[0], log[1]); 32})); 33 34function test() { 35 const { 36 connect, keys 37 } = require(fixtures.path('tls-connect')); 38 39 connect({ 40 client: { 41 checkServerIdentity: (servername, cert) => { }, 42 ca: `${keys.agent1.cert}\n${keys.agent6.ca}`, 43 }, 44 server: { 45 cert: keys.agent6.cert, 46 key: keys.agent6.key, 47 // Number of keylog events is dependent on protocol version 48 maxVersion: 'TLSv1.2', 49 }, 50 }, common.mustCall((err, pair, cleanup) => { 51 if (pair.server.err) { 52 console.trace('server', pair.server.err); 53 } 54 if (pair.client.err) { 55 console.trace('client', pair.client.err); 56 } 57 assert.ifError(pair.server.err); 58 assert.ifError(pair.client.err); 59 60 return cleanup(); 61 })); 62} 63