node/test/parallel/test-tls-npn-server-client.js

// Copyright Joyent, Inc. and other Node contributors.
//
// Permission is hereby granted, free of charge, to any person obtaining a
// copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to permit
// persons to whom the Software is furnished to do so, subject to the
// following conditions:
//
// The above copyright notice and this permission notice shall be included
// in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.

'use strict';
const common = require('../common');
if (!common.hasCrypto)
  common.skip('missing crypto');

if (!process.features.tls_npn)
  common.skip('Skipping because node compiled without NPN feature of OpenSSL.');

const assert = require('assert');
const fs = require('fs');
const path = require('path');
const tls = require('tls');

function filenamePEM(n) {
  return path.join(common.fixturesDir, 'keys', `${n}.pem`);
}

function loadPEM(n) {
  return fs.readFileSync(filenamePEM(n));
}

const serverOptions = {
  key: loadPEM('agent2-key'),
  cert: loadPEM('agent2-cert'),
  crl: loadPEM('ca2-crl'),
  SNICallback: function(servername, cb) {
    cb(null, tls.createSecureContext({
      key: loadPEM('agent2-key'),
      cert: loadPEM('agent2-cert'),
      crl: loadPEM('ca2-crl'),
    }));
  },
  NPNProtocols: ['a', 'b', 'c']
};

const clientsOptions = [{
  port: undefined,
  key: serverOptions.key,
  cert: serverOptions.cert,
  crl: serverOptions.crl,
  NPNProtocols: ['a', 'b', 'c'],
  rejectUnauthorized: false
}, {
  port: undefined,
  key: serverOptions.key,
  cert: serverOptions.cert,
  crl: serverOptions.crl,
  NPNProtocols: ['c', 'b', 'e'],
  rejectUnauthorized: false
}, {
  port: undefined,
  key: serverOptions.key,
  cert: serverOptions.cert,
  crl: serverOptions.crl,
  rejectUnauthorized: false
}, {
  port: undefined,
  key: serverOptions.key,
  cert: serverOptions.cert,
  crl: serverOptions.crl,
  NPNProtocols: ['first-priority-unsupported', 'x', 'y'],
  rejectUnauthorized: false
}];

const serverResults = [];
const clientsResults = [];

const server = tls.createServer(serverOptions, function(c) {
  serverResults.push(c.npnProtocol);
});
server.listen(0, startTest);

function startTest() {
  function connectClient(options, callback) {
    options.port = server.address().port;
    const client = tls.connect(options, function() {
      clientsResults.push(client.npnProtocol);
      client.destroy();

      callback();
    });
  }

  connectClient(clientsOptions[0], function() {
    connectClient(clientsOptions[1], function() {
      connectClient(clientsOptions[2], function() {
        connectClient(clientsOptions[3], function() {
          server.close();
        });
      });
    });
  });
}

process.on('exit', function() {
  assert.strictEqual(serverResults[0], clientsResults[0]);
  assert.strictEqual(serverResults[1], clientsResults[1]);
  assert.strictEqual(serverResults[2], 'http/1.1');
  assert.strictEqual(clientsResults[2], false);
  assert.strictEqual(serverResults[3], 'first-priority-unsupported');
  assert.strictEqual(clientsResults[3], false);
});
meta: restore original copyright header A prior io.js era commit inappropriately removed the original copyright statements from the source. This restores those in any files still remaining from that edit. Ref: https://github.com/nodejs/TSC/issues/174 Ref: https://github.com/nodejs/node/pull/10599 PR-URL: https://github.com/nodejs/node/pull/10155 Note: This PR was required, reviewed-by and approved by the Node.js Foundation Legal Committee and the TSC. There is no `Approved-By:` meta data. 8 years ago			`// Copyright Joyent, Inc. and other Node contributors.`
			`//`
			`// Permission is hereby granted, free of charge, to any person obtaining a`
			`// copy of this software and associated documentation files (the`
			`// "Software"), to deal in the Software without restriction, including`
			`// without limitation the rights to use, copy, modify, merge, publish,`
			`// distribute, sublicense, and/or sell copies of the Software, and to permit`
			`// persons to whom the Software is furnished to do so, subject to the`
			`// following conditions:`
			`//`
			`// The above copyright notice and this permission notice shall be included`
			`// in all copies or substantial portions of the Software.`
			`//`
			`// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS`
			`// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF`
			`// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN`
			`// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,`
			`// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR`
			`// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE`
			`// USE OR OTHER DEALINGS IN THE SOFTWARE.`

test: enable linting for tests Enable linting for the test directory. A number of changes was made so all tests conform the current rules used by lib and src directories. The only exception for tests is that unreachable (dead) code is allowed. test-fs-non-number-arguments-throw had to be excluded from the changes because of a weird issue on Windows CI. PR-URL: https://github.com/nodejs/io.js/pull/1721 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> 10 years ago			`'use strict';`
test: fix tests for non-crypto builds Fix running the tests when node was compiled without crypto support. Some of these are cleanup after 52bae222a3a8480b2, where common was used before it was required. PR-URL: https://github.com/nodejs/node/pull/7056 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> 9 years ago			`const common = require('../common');`
test: simplify test skipping * Make common.skip() exit. Also add common.printSkipMessage() for partial skips. * Don't make needless things before skip PR-URL: https://github.com/nodejs/node/pull/14021 Fixes: https://github.com/nodejs/node/issues/14016 Reviewed-By: Refael Ackermann <refack@gmail.com> 8 years ago			`if (!common.hasCrypto)`
test: abstract skip functionality to common The tap skipping output is so prevalent yet obscure in nature that we ought to move it into it's own function in test/common.js PR-URL: https://github.com/nodejs/node/pull/6697 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> 9 years ago			`common.skip('missing crypto');`
test: simplify test skipping * Make common.skip() exit. Also add common.printSkipMessage() for partial skips. * Don't make needless things before skip PR-URL: https://github.com/nodejs/node/pull/14021 Fixes: https://github.com/nodejs/node/issues/14016 Reviewed-By: Refael Ackermann <refack@gmail.com> 8 years ago
			`if (!process.features.tls_npn)`
			`common.skip('Skipping because node compiled without NPN feature of OpenSSL.');`
test: refactor all tests that depends on crypto we had a few ways versions of looking for support before executing a test. this commit unifies them as well as add the check for all tests that previously lacked them. found by running `./configure --without-ssl && make test`. also, produce tap skip output if the test is skipped. PR-URL: https://github.com/iojs/io.js/pull/1049 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp> 10 years ago
test: fix require nits in some test-tls-* tests * Do not require if test is skipped. * Do not re-require without need. * Sort requiring by module names. PR-URL: https://github.com/nodejs/node/pull/14008 Reviewed-By: Refael Ackermann <refack@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> 8 years ago			`const assert = require('assert');`
			`const fs = require('fs');`
			`const path = require('path');`
			`const tls = require('tls');`
OpenSSL NPN in node.js closes #926. 14 years ago
			`function filenamePEM(n) {`
test: fix require nits in some test-tls-* tests * Do not require if test is skipped. * Do not re-require without need. * Sort requiring by module names. PR-URL: https://github.com/nodejs/node/pull/14008 Reviewed-By: Refael Ackermann <refack@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> 8 years ago			return path.join(common.fixturesDir, 'keys', `${n}.pem`);
OpenSSL NPN in node.js closes #926. 14 years ago			`}`

			`function loadPEM(n) {`
			`return fs.readFileSync(filenamePEM(n));`
			`}`

test: use eslint to fix var->const/let Manually fix issues that eslint --fix couldn't do automatically. PR-URL: https://github.com/nodejs/node/pull/10685 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Roman Reiss <me@silverwind.io> 8 years ago			`const serverOptions = {`
OpenSSL NPN in node.js closes #926. 14 years ago			`key: loadPEM('agent2-key'),`
			`cert: loadPEM('agent2-cert'),`
			`crl: loadPEM('ca2-crl'),`
crypto: move `createCredentials` to tls Move `createCredentials` to `tls` module and rename it to `createSecureContext`. Make it use default values from `tls` module: `DEFAULT_CIPHERS` and `DEFAULT_ECDH_CURVE`. fix #7249 11 years ago			`SNICallback: function(servername, cb) {`
			`cb(null, tls.createSecureContext({`
tls: reset NPN callbacks after SNI SNI callback selects a new SSL_CTX for the connection, which doesn't have NPN callbacks set up. 11 years ago			`key: loadPEM('agent2-key'),`
			`cert: loadPEM('agent2-cert'),`
			`crl: loadPEM('ca2-crl'),`
crypto: move `createCredentials` to tls Move `createCredentials` to `tls` module and rename it to `createSecureContext`. Make it use default values from `tls` module: `DEFAULT_CIPHERS` and `DEFAULT_ECDH_CURVE`. fix #7249 11 years ago			`}));`
tls: reset NPN callbacks after SNI SNI callback selects a new SSL_CTX for the connection, which doesn't have NPN callbacks set up. 11 years ago			`},`
OpenSSL NPN in node.js closes #926. 14 years ago			`NPNProtocols: ['a', 'b', 'c']`
			`};`

test: use eslint to fix var->const/let Manually fix issues that eslint --fix couldn't do automatically. PR-URL: https://github.com/nodejs/node/pull/10685 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Roman Reiss <me@silverwind.io> 8 years ago			`const clientsOptions = [{`
test: use random ports where possible This helps to prevent issues where a failed test can keep a bound socket open long enough to cause other tests to fail with EADDRINUSE because the same port number is used. PR-URL: https://github.com/nodejs/node/pull/7045 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> 9 years ago			`port: undefined,`
OpenSSL NPN in node.js closes #926. 14 years ago			`key: serverOptions.key,`
			`cert: serverOptions.cert,`
			`crl: serverOptions.crl,`
test: set rejectUnauthorized in tls/https tests Update the tls and https tests to explicitly set rejectUnauthorized instead of relying on the NODE_TLS_REJECT_UNAUTHORIZED environment variable getting set. 13 years ago			`NPNProtocols: ['a', 'b', 'c'],`
			`rejectUnauthorized: false`
tools: re-enable comma-spacing linter rule The rule was disabled because of an eslint bug which is now resolved. All code in lib was already conforming and only test code needed a few changes to make the linter happy with this rule enabled. Ref: https://github.com/eslint/eslint/issues/2408 PR-URL: https://github.com/nodejs/io.js/pull/2072 Reviewed-By: Yosuke Furukawa <yosuke.furukawa@gmail.com> Reviewed-by: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Alex Kocharin <alex@kocharin.ru> 10 years ago			`}, {`
test: use random ports where possible This helps to prevent issues where a failed test can keep a bound socket open long enough to cause other tests to fail with EADDRINUSE because the same port number is used. PR-URL: https://github.com/nodejs/node/pull/7045 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> 9 years ago			`port: undefined,`
OpenSSL NPN in node.js closes #926. 14 years ago			`key: serverOptions.key,`
			`cert: serverOptions.cert,`
			`crl: serverOptions.crl,`
test: set rejectUnauthorized in tls/https tests Update the tls and https tests to explicitly set rejectUnauthorized instead of relying on the NODE_TLS_REJECT_UNAUTHORIZED environment variable getting set. 13 years ago			`NPNProtocols: ['c', 'b', 'e'],`
			`rejectUnauthorized: false`
tools: re-enable comma-spacing linter rule The rule was disabled because of an eslint bug which is now resolved. All code in lib was already conforming and only test code needed a few changes to make the linter happy with this rule enabled. Ref: https://github.com/eslint/eslint/issues/2408 PR-URL: https://github.com/nodejs/io.js/pull/2072 Reviewed-By: Yosuke Furukawa <yosuke.furukawa@gmail.com> Reviewed-by: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Alex Kocharin <alex@kocharin.ru> 10 years ago			`}, {`
test: use random ports where possible This helps to prevent issues where a failed test can keep a bound socket open long enough to cause other tests to fail with EADDRINUSE because the same port number is used. PR-URL: https://github.com/nodejs/node/pull/7045 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> 9 years ago			`port: undefined,`
tls: fix setting NPN protocols The NPN protocols was set on `require('tls')` or `global` object instead of being a local property. This fact lead to strange persistence of NPN protocols, and sometimes incorrect protocol selection (when no NPN protocols were passed in client options). fix #6168 11 years ago			`key: serverOptions.key,`
			`cert: serverOptions.cert,`
			`crl: serverOptions.crl,`
			`rejectUnauthorized: false`
tools: re-enable comma-spacing linter rule The rule was disabled because of an eslint bug which is now resolved. All code in lib was already conforming and only test code needed a few changes to make the linter happy with this rule enabled. Ref: https://github.com/eslint/eslint/issues/2408 PR-URL: https://github.com/nodejs/io.js/pull/2072 Reviewed-By: Yosuke Furukawa <yosuke.furukawa@gmail.com> Reviewed-by: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Alex Kocharin <alex@kocharin.ru> 10 years ago			`}, {`
test: use random ports where possible This helps to prevent issues where a failed test can keep a bound socket open long enough to cause other tests to fail with EADDRINUSE because the same port number is used. PR-URL: https://github.com/nodejs/node/pull/7045 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> 9 years ago			`port: undefined,`
OpenSSL NPN in node.js closes #926. 14 years ago			`key: serverOptions.key,`
			`cert: serverOptions.cert,`
			`crl: serverOptions.crl,`
test: set rejectUnauthorized in tls/https tests Update the tls and https tests to explicitly set rejectUnauthorized instead of relying on the NODE_TLS_REJECT_UNAUTHORIZED environment variable getting set. 13 years ago			`NPNProtocols: ['first-priority-unsupported', 'x', 'y'],`
			`rejectUnauthorized: false`
OpenSSL NPN in node.js closes #926. 14 years ago			`}];`

test: fix style issues after eslint update Replace var keyword with const or let. PR-URL: https://github.com/nodejs/io.js/pull/2286 Reviewed-By: Roman Reiss <me@silverwind.io> 9 years ago			`const serverResults = [];`
			`const clientsResults = [];`
OpenSSL NPN in node.js closes #926. 14 years ago
test: use eslint to fix var->const/let Manually fix issues that eslint --fix couldn't do automatically. PR-URL: https://github.com/nodejs/node/pull/10685 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Roman Reiss <me@silverwind.io> 8 years ago			`const server = tls.createServer(serverOptions, function(c) {`
OpenSSL NPN in node.js closes #926. 14 years ago			`serverResults.push(c.npnProtocol);`
			`});`
test: use random ports where possible This helps to prevent issues where a failed test can keep a bound socket open long enough to cause other tests to fail with EADDRINUSE because the same port number is used. PR-URL: https://github.com/nodejs/node/pull/7045 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> 9 years ago			`server.listen(0, startTest);`
OpenSSL NPN in node.js closes #926. 14 years ago
			`function startTest() {`
			`function connectClient(options, callback) {`
test: use random ports where possible This helps to prevent issues where a failed test can keep a bound socket open long enough to cause other tests to fail with EADDRINUSE because the same port number is used. PR-URL: https://github.com/nodejs/node/pull/7045 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> 9 years ago			`options.port = server.address().port;`
test: use eslint to fix var->const/let Manually fix issues that eslint --fix couldn't do automatically. PR-URL: https://github.com/nodejs/node/pull/10685 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Roman Reiss <me@silverwind.io> 8 years ago			`const client = tls.connect(options, function() {`
OpenSSL NPN in node.js closes #926. 14 years ago			`clientsResults.push(client.npnProtocol);`
			`client.destroy();`

			`callback();`
			`});`
lib,test: remove extra semicolons PR-URL: https://github.com/nodejs/node/pull/2205 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Roman Reiss <me@silverwind.io> 9 years ago			`}`
OpenSSL NPN in node.js closes #926. 14 years ago
			`connectClient(clientsOptions[0], function() {`
			`connectClient(clientsOptions[1], function() {`
			`connectClient(clientsOptions[2], function() {`
tls: fix setting NPN protocols The NPN protocols was set on `require('tls')` or `global` object instead of being a local property. This fact lead to strange persistence of NPN protocols, and sometimes incorrect protocol selection (when no NPN protocols were passed in client options). fix #6168 11 years ago			`connectClient(clientsOptions[3], function() {`
			`server.close();`
			`});`
OpenSSL NPN in node.js closes #926. 14 years ago			`});`
			`});`
			`});`
Fixed a lot of jslint errors. Fixes #1831 13 years ago			`}`
OpenSSL NPN in node.js closes #926. 14 years ago
			`process.on('exit', function() {`
test: s/assert.equal/assert.strictEqual/ Use assert.strictEqual instead of assert.equal in tests, manually convert types where necessary. PR-URL: https://github.com/nodejs/node/pull/10698 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Teddy Katz <teddy.katz@gmail.com> 8 years ago			`assert.strictEqual(serverResults[0], clientsResults[0]);`
			`assert.strictEqual(serverResults[1], clientsResults[1]);`
			`assert.strictEqual(serverResults[2], 'http/1.1');`
			`assert.strictEqual(clientsResults[2], false);`
			`assert.strictEqual(serverResults[3], 'first-priority-unsupported');`
			`assert.strictEqual(clientsResults[3], false);`
OpenSSL NPN in node.js closes #926. 14 years ago			`});`