node/test/parallel/test-tls-session-cache.js

'use strict';
const common = require('../common');

if (!common.opensslCli) {
  common.skip('node compiled without OpenSSL CLI.');
  return;
}

if (!common.hasCrypto) {
  common.skip('missing crypto');
  return;
}

doTest({ tickets: false }, function() {
  doTest({ tickets: true }, function() {
    console.error('all done');
  });
});

function doTest(testOptions, callback) {
  const assert = require('assert');
  const tls = require('tls');
  const fs = require('fs');
  const join = require('path').join;
  const spawn = require('child_process').spawn;

  const keyFile = join(common.fixturesDir, 'agent.key');
  const certFile = join(common.fixturesDir, 'agent.crt');
  const key = fs.readFileSync(keyFile);
  const cert = fs.readFileSync(certFile);
  const options = {
    key: key,
    cert: cert,
    ca: [cert],
    requestCert: true
  };
  var requestCount = 0;
  var resumeCount = 0;
  var session;

  const server = tls.createServer(options, function(cleartext) {
    cleartext.on('error', function(er) {
      // We're ok with getting ECONNRESET in this test, but it's
      // timing-dependent, and thus unreliable. Any other errors
      // are just failures, though.
      if (er.code !== 'ECONNRESET')
        throw er;
    });
    ++requestCount;
    cleartext.end();
  });
  server.on('newSession', function(id, data, cb) {
    // Emulate asynchronous store
    setTimeout(function() {
      assert.ok(!session);
      session = {
        id: id,
        data: data
      };
      cb();
    }, 1000);
  });
  server.on('resumeSession', function(id, callback) {
    ++resumeCount;
    assert.ok(session);
    assert.equal(session.id.toString('hex'), id.toString('hex'));

    // Just to check that async really works there
    setTimeout(function() {
      callback(null, session.data);
    }, 100);
  });

  server.listen(0, function() {
    const args = [
      's_client',
      '-tls1',
      '-connect', `localhost:${this.address().port}`,
      '-servername', 'ohgod',
      '-key', join(common.fixturesDir, 'agent.key'),
      '-cert', join(common.fixturesDir, 'agent.crt'),
      '-reconnect'
    ].concat(testOptions.tickets ? [] : '-no_ticket');

    // for the performance and stability issue in s_client on Windows
    if (common.isWindows)
      args.push('-no_rand_screen');

    function spawnClient() {
      const client = spawn(common.opensslCli, args, {
        stdio: [ 0, 1, 'pipe' ]
      });
      var err = '';
      client.stderr.setEncoding('utf8');
      client.stderr.on('data', function(chunk) {
        err += chunk;
      });

      client.on('exit', common.mustCall(function(code, signal) {
        if (code !== 0) {
          // If SmartOS and connection refused, then retry. See
          // https://github.com/nodejs/node/issues/2663.
          if (common.isSunOS && err.includes('Connection refused')) {
            requestCount = 0;
            spawnClient();
            return;
          }
          common.fail(`code: ${code}, signal: ${signal}, output: ${err}`);
        }
        assert.equal(code, 0);
        server.close(common.mustCall(function() {
          setTimeout(callback, 100);
        }));
      }));
    }

    spawnClient();
  });

  process.on('exit', function() {
    if (testOptions.tickets) {
      assert.equal(requestCount, 6);
      assert.equal(resumeCount, 0);
    } else {
      // initial request + reconnect requests (5 times)
      assert.ok(session);
      assert.equal(requestCount, 6);
      assert.equal(resumeCount, 5);
    }
  });
}
test: enable linting for tests Enable linting for the test directory. A number of changes was made so all tests conform the current rules used by lib and src directories. The only exception for tests is that unreachable (dead) code is allowed. test-fs-non-number-arguments-throw had to be excluded from the changes because of a weird issue on Windows CI. PR-URL: https://github.com/nodejs/io.js/pull/1721 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> 10 years ago			`'use strict';`
test: handle SmartOS bug in test-tls-session-cache Sometimes, a SmartOS bug results in ECONNREFUSED when trying to connect to the TLS server that the test starts. Retry in that situation. Fixes: https://github.com/nodejs/node/issues/5111 Refs: https://smartos.org/bugview/OS-2767 PR-URL: https://github.com/nodejs/node/pull/7505 Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com> 9 years ago			`const common = require('../common');`
test: ignore tests when built without OpenSSL CLI fix #6880 11 years ago
			`if (!common.opensslCli) {`
test: abstract skip functionality to common The tap skipping output is so prevalent yet obscure in nature that we ought to move it into it's own function in test/common.js PR-URL: https://github.com/nodejs/node/pull/6697 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> 9 years ago			`common.skip('node compiled without OpenSSL CLI.');`
test: changing process.exit to return while skipping tests This patch uses `return` statement to skip the test instead of using `process.exit` call. PR-URL: https://github.com/nodejs/io.js/pull/2109 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Johan Bergström <bugs@bergstroem.nu> 10 years ago			`return;`
tls: session API returns 12 years ago			`}`
gyp: build openssl-cli tool and use it in tests fix #6663 11 years ago
test: refactor all tests that depends on crypto we had a few ways versions of looking for support before executing a test. this commit unifies them as well as add the check for all tests that previously lacked them. found by running `./configure --without-ssl && make test`. also, produce tap skip output if the test is skipped. PR-URL: https://github.com/iojs/io.js/pull/1049 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp> 10 years ago			`if (!common.hasCrypto) {`
test: abstract skip functionality to common The tap skipping output is so prevalent yet obscure in nature that we ought to move it into it's own function in test/common.js PR-URL: https://github.com/nodejs/node/pull/6697 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> 9 years ago			`common.skip('missing crypto');`
test: changing process.exit to return while skipping tests This patch uses `return` statement to skip the test instead of using `process.exit` call. PR-URL: https://github.com/nodejs/io.js/pull/2109 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Johan Bergström <bugs@bergstroem.nu> 10 years ago			`return;`
test: refactor all tests that depends on crypto we had a few ways versions of looking for support before executing a test. this commit unifies them as well as add the check for all tests that previously lacked them. found by running `./configure --without-ssl && make test`. also, produce tap skip output if the test is skipped. PR-URL: https://github.com/iojs/io.js/pull/1049 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp> 10 years ago			`}`

tools: re-enable comma-spacing linter rule The rule was disabled because of an eslint bug which is now resolved. All code in lib was already conforming and only test code needed a few changes to make the linter happy with this rule enabled. Ref: https://github.com/eslint/eslint/issues/2408 PR-URL: https://github.com/nodejs/io.js/pull/2072 Reviewed-By: Yosuke Furukawa <yosuke.furukawa@gmail.com> Reviewed-by: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Alex Kocharin <alex@kocharin.ru> 10 years ago			`doTest({ tickets: false }, function() {`
			`doTest({ tickets: true }, function() {`
gyp: build openssl-cli tool and use it in tests fix #6663 11 years ago			`console.error('all done');`
tls_wrap: parse tls session ticket extension And, if present and non-empty, don't invoke `resumeSession` callback. fix #5872 12 years ago			`});`
tls: session API returns 12 years ago			`});`

tls_wrap: parse tls session ticket extension And, if present and non-empty, don't invoke `resumeSession` callback. fix #5872 12 years ago			`function doTest(testOptions, callback) {`
test: handle SmartOS bug in test-tls-session-cache Sometimes, a SmartOS bug results in ECONNREFUSED when trying to connect to the TLS server that the test starts. Retry in that situation. Fixes: https://github.com/nodejs/node/issues/5111 Refs: https://smartos.org/bugview/OS-2767 PR-URL: https://github.com/nodejs/node/pull/7505 Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com> 9 years ago			`const assert = require('assert');`
			`const tls = require('tls');`
			`const fs = require('fs');`
			`const join = require('path').join;`
			`const spawn = require('child_process').spawn;`
tls: session API returns 12 years ago
test: handle SmartOS bug in test-tls-session-cache Sometimes, a SmartOS bug results in ECONNREFUSED when trying to connect to the TLS server that the test starts. Retry in that situation. Fixes: https://github.com/nodejs/node/issues/5111 Refs: https://smartos.org/bugview/OS-2767 PR-URL: https://github.com/nodejs/node/pull/7505 Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com> 9 years ago			`const keyFile = join(common.fixturesDir, 'agent.key');`
			`const certFile = join(common.fixturesDir, 'agent.crt');`
			`const key = fs.readFileSync(keyFile);`
			`const cert = fs.readFileSync(certFile);`
			`const options = {`
tls: session API returns 12 years ago			`key: key,`
			`cert: cert,`
			`ca: [cert],`
			`requestCert: true`
			`};`
			`var requestCount = 0;`
tls_wrap: parse tls session ticket extension And, if present and non-empty, don't invoke `resumeSession` callback. fix #5872 12 years ago			`var resumeCount = 0;`
tls: session API returns 12 years ago			`var session;`

test: handle SmartOS bug in test-tls-session-cache Sometimes, a SmartOS bug results in ECONNREFUSED when trying to connect to the TLS server that the test starts. Retry in that situation. Fixes: https://github.com/nodejs/node/issues/5111 Refs: https://smartos.org/bugview/OS-2767 PR-URL: https://github.com/nodejs/node/pull/7505 Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com> 9 years ago			`const server = tls.createServer(options, function(cleartext) {`
tls: session API returns 12 years ago			`cleartext.on('error', function(er) {`
			`// We're ok with getting ECONNRESET in this test, but it's`
			`// timing-dependent, and thus unreliable. Any other errors`
			`// are just failures, though.`
			`if (er.code !== 'ECONNRESET')`
			`throw er;`
			`});`
			`++requestCount;`
			`cleartext.end();`
			`});`
tls: introduce asynchronous `newSession` fix #7105 11 years ago			`server.on('newSession', function(id, data, cb) {`
			`// Emulate asynchronous store`
			`setTimeout(function() {`
			`assert.ok(!session);`
			`session = {`
			`id: id,`
			`data: data`
			`};`
			`cb();`
			`}, 1000);`
tls: session API returns 12 years ago			`});`
			`server.on('resumeSession', function(id, callback) {`
tls_wrap: parse tls session ticket extension And, if present and non-empty, don't invoke `resumeSession` callback. fix #5872 12 years ago			`++resumeCount;`
tls: session API returns 12 years ago			`assert.ok(session);`
			`assert.equal(session.id.toString('hex'), id.toString('hex'));`

			`// Just to check that async really works there`
			`setTimeout(function() {`
			`callback(null, session.data);`
			`}, 100);`
			`});`
test: add -no_rand_screen to s_client opts on Win RAND_screen() causes stability issues in invoking openssl-cli s_client on win2008r2 in CI. Disable to use it by adding -no_rand_screen options to all tls tests that use common.opensslCli. Fixes: https://github.com/nodejs/io.js/issues/2150 PR-URL: https://github.com/nodejs/io.js/pull/2209 Reviewed-By: Rod Vagg <rod@vagg.org> Reviewed-By: Joao Reis <reis@janeasystems.com> Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com> 10 years ago
test: use random ports where possible This helps to prevent issues where a failed test can keep a bound socket open long enough to cause other tests to fail with EADDRINUSE because the same port number is used. PR-URL: https://github.com/nodejs/node/pull/7045 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> 9 years ago			`server.listen(0, function() {`
test: handle SmartOS bug in test-tls-session-cache Sometimes, a SmartOS bug results in ECONNREFUSED when trying to connect to the TLS server that the test starts. Retry in that situation. Fixes: https://github.com/nodejs/node/issues/5111 Refs: https://smartos.org/bugview/OS-2767 PR-URL: https://github.com/nodejs/node/pull/7505 Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com> 9 years ago			`const args = [`
test: use random ports where possible This helps to prevent issues where a failed test can keep a bound socket open long enough to cause other tests to fail with EADDRINUSE because the same port number is used. PR-URL: https://github.com/nodejs/node/pull/7045 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> 9 years ago			`'s_client',`
			`'-tls1',`
			'-connect', `localhost:${this.address().port}`,
			`'-servername', 'ohgod',`
			`'-key', join(common.fixturesDir, 'agent.key'),`
			`'-cert', join(common.fixturesDir, 'agent.crt'),`
			`'-reconnect'`
			`].concat(testOptions.tickets ? [] : '-no_ticket');`
test: add -no_rand_screen to s_client opts on Win RAND_screen() causes stability issues in invoking openssl-cli s_client on win2008r2 in CI. Disable to use it by adding -no_rand_screen options to all tls tests that use common.opensslCli. Fixes: https://github.com/nodejs/io.js/issues/2150 PR-URL: https://github.com/nodejs/io.js/pull/2209 Reviewed-By: Rod Vagg <rod@vagg.org> Reviewed-By: Joao Reis <reis@janeasystems.com> Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com> 10 years ago
test: use random ports where possible This helps to prevent issues where a failed test can keep a bound socket open long enough to cause other tests to fail with EADDRINUSE because the same port number is used. PR-URL: https://github.com/nodejs/node/pull/7045 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> 9 years ago			`// for the performance and stability issue in s_client on Windows`
			`if (common.isWindows)`
			`args.push('-no_rand_screen');`
test: add -no_rand_screen to s_client opts on Win RAND_screen() causes stability issues in invoking openssl-cli s_client on win2008r2 in CI. Disable to use it by adding -no_rand_screen options to all tls tests that use common.opensslCli. Fixes: https://github.com/nodejs/io.js/issues/2150 PR-URL: https://github.com/nodejs/io.js/pull/2209 Reviewed-By: Rod Vagg <rod@vagg.org> Reviewed-By: Joao Reis <reis@janeasystems.com> Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com> 10 years ago
test: handle SmartOS bug in test-tls-session-cache Sometimes, a SmartOS bug results in ECONNREFUSED when trying to connect to the TLS server that the test starts. Retry in that situation. Fixes: https://github.com/nodejs/node/issues/5111 Refs: https://smartos.org/bugview/OS-2767 PR-URL: https://github.com/nodejs/node/pull/7505 Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com> 9 years ago			`function spawnClient() {`
			`const client = spawn(common.opensslCli, args, {`
			`stdio: [ 0, 1, 'pipe' ]`
tls_wrap: parse tls session ticket extension And, if present and non-empty, don't invoke `resumeSession` callback. fix #5872 12 years ago			`});`
test: handle SmartOS bug in test-tls-session-cache Sometimes, a SmartOS bug results in ECONNREFUSED when trying to connect to the TLS server that the test starts. Retry in that situation. Fixes: https://github.com/nodejs/node/issues/5111 Refs: https://smartos.org/bugview/OS-2767 PR-URL: https://github.com/nodejs/node/pull/7505 Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com> 9 years ago			`var err = '';`
			`client.stderr.setEncoding('utf8');`
			`client.stderr.on('data', function(chunk) {`
			`err += chunk;`
			`});`

			`client.on('exit', common.mustCall(function(code, signal) {`
			`if (code !== 0) {`
			`// If SmartOS and connection refused, then retry. See`
			`// https://github.com/nodejs/node/issues/2663.`
			`if (common.isSunOS && err.includes('Connection refused')) {`
			`requestCount = 0;`
			`spawnClient();`
			`return;`
			`}`
			common.fail(`code: ${code}, signal: ${signal}, output: ${err}`);
			`}`
			`assert.equal(code, 0);`
			`server.close(common.mustCall(function() {`
			`setTimeout(callback, 100);`
			`}));`
			`}));`
			`}`

			`spawnClient();`
tls: session API returns 12 years ago			`});`

			`process.on('exit', function() {`
gyp: build openssl-cli tool and use it in tests fix #6663 11 years ago			`if (testOptions.tickets) {`
			`assert.equal(requestCount, 6);`
			`assert.equal(resumeCount, 0);`
			`} else {`
			`// initial request + reconnect requests (5 times)`
			`assert.ok(session);`
			`assert.equal(requestCount, 6);`
			`assert.equal(resumeCount, 5);`
tls: session API returns 12 years ago			`}`
			`});`
			`}`