• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1'use strict';
2const common = require('../common');
3if (!common.hasCrypto)
4  common.skip('node compiled without crypto.');
5const fixtures = require('../common/fixtures');
6
7// This test ensures that TLS does not fail to read a self-signed certificate
8// and thus throw an `authorizationError`.
9// https://github.com/nodejs/node/issues/5100
10
11const assert = require('assert');
12const tls = require('tls');
13
14const pfx = fixtures.readKey('agent1.pfx');
15
16const server = tls
17  .createServer(
18    {
19      pfx: pfx,
20      passphrase: 'sample',
21      requestCert: true,
22      rejectUnauthorized: false
23    },
24    common.mustCall(function(c) {
25      assert.strictEqual(c.getPeerCertificate().serialNumber,
26                         '147D36C1C2F74206DE9FAB5F2226D78ADB00A426');
27      assert.strictEqual(c.authorizationError, null);
28      c.end();
29    })
30  )
31  .listen(0, function() {
32    const client = tls.connect(
33      {
34        port: this.address().port,
35        pfx: pfx,
36        passphrase: 'sample',
37        rejectUnauthorized: false
38      },
39      function() {
40        for (let i = 0; i < 10; ++i) {
41          // Calling this repeatedly is a regression test that verifies
42          // that .getCertificate() does not accidentally decrease the
43          // reference count of the X509* certificate on the native side.
44          assert.strictEqual(client.getCertificate().serialNumber,
45                             '147D36C1C2F74206DE9FAB5F2226D78ADB00A426');
46        }
47        client.end();
48        server.close();
49      }
50    );
51  });
52