mirror of https://github.com/lukechilds/node.git
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
68 lines
2.2 KiB
68 lines
2.2 KiB
8 years ago
|
'use strict';
|
||
|
const common = require('../common');
|
||
|
const assert = require('assert');
|
||
|
const fs = require('fs');
|
||
|
|
||
|
// Tests that calling disableRenegotiation on a TLSSocket stops renegotiation.
|
||
|
|
||
|
if (!common.hasCrypto) {
|
||
|
common.skip('missing crypto');
|
||
|
return;
|
||
|
}
|
||
|
const tls = require('tls');
|
||
|
|
||
|
const options = {
|
||
|
key: fs.readFileSync(`${common.fixturesDir}/keys/agent1-key.pem`),
|
||
|
cert: fs.readFileSync(`${common.fixturesDir}/keys/agent1-cert.pem`)
|
||
|
};
|
||
|
|
||
|
const server = tls.Server(options, common.mustCall((socket) => {
|
||
|
socket.on('error', common.mustCall((err) => {
|
||
|
assert.strictEqual(
|
||
|
err.message,
|
||
|
'TLS session renegotiation disabled for this socket');
|
||
|
socket.destroy();
|
||
|
server.close();
|
||
|
}));
|
||
|
// Disable renegotiation after the first chunk of data received.
|
||
|
// Demonstrates that renegotiation works successfully up until
|
||
|
// disableRenegotiation is called.
|
||
|
socket.on('data', common.mustCall((chunk) => {
|
||
|
socket.write(chunk);
|
||
|
socket.disableRenegotiation();
|
||
|
}));
|
||
|
socket.on('secure', common.mustCall(() => {
|
||
|
assert(socket._handle.handshakes < 2,
|
||
|
`Too many handshakes [${socket._handle.handshakes}]`);
|
||
|
}));
|
||
|
}));
|
||
|
|
||
|
|
||
|
server.listen(0, common.mustCall(() => {
|
||
|
const port = server.address().port;
|
||
|
const client =
|
||
|
tls.connect({rejectUnauthorized: false, port: port}, common.mustCall(() => {
|
||
|
client.write('');
|
||
|
// Negotiation is still permitted for this first
|
||
|
// attempt. This should succeed.
|
||
|
client.renegotiate(
|
||
|
{rejectUnauthorized: false},
|
||
|
common.mustCall(() => {
|
||
|
// Once renegotiation completes, we write some
|
||
|
// data to the socket, which triggers the on
|
||
|
// data event on the server. After that data
|
||
|
// is received, disableRenegotiation is called.
|
||
|
client.write('data', common.mustCall(() => {
|
||
|
client.write('');
|
||
|
// This second renegotiation attempt should fail
|
||
|
// and the callback should never be invoked. The
|
||
|
// server will simply drop the connection after
|
||
|
// emitting the error.
|
||
|
client.renegotiate(
|
||
|
{rejectUnauthorized: false},
|
||
|
common.mustNotCall());
|
||
|
}));
|
||
|
}));
|
||
|
}));
|
||
|
}));
|