Browse Source

tls: fix setting NPN protocols

The NPN protocols was set on `require('tls')` or `global` object instead
of being a local property. This fact lead to strange persistence of NPN
protocols, and sometimes incorrect protocol selection (when no NPN
protocols were passed in client options).

fix #6168
v0.10.19-release
Fedor Indutny 11 years ago
parent
commit
1c3863abfd
  1. 5
      lib/tls.js
  2. 12
      test/simple/test-tls-npn-server-client.js

5
lib/tls.js

@ -1321,12 +1321,13 @@ exports.connect = function(/* [port, host], options, cb */) {
var sslcontext = crypto.createCredentials(options); var sslcontext = crypto.createCredentials(options);
convertNPNProtocols(options.NPNProtocols, this); var NPN = {};
convertNPNProtocols(options.NPNProtocols, NPN);
var hostname = options.servername || options.host || 'localhost', var hostname = options.servername || options.host || 'localhost',
pair = new SecurePair(sslcontext, false, true, pair = new SecurePair(sslcontext, false, true,
options.rejectUnauthorized === true ? true : false, options.rejectUnauthorized === true ? true : false,
{ {
NPNProtocols: this.NPNProtocols, NPNProtocols: NPN.NPNProtocols,
servername: hostname, servername: hostname,
cleartext: options.cleartext, cleartext: options.cleartext,
encrypted: options.encrypted encrypted: options.encrypted

12
test/simple/test-tls-npn-server-client.js

@ -61,6 +61,12 @@ var clientsOptions = [{
crl: serverOptions.crl, crl: serverOptions.crl,
NPNProtocols: ['c', 'b', 'e'], NPNProtocols: ['c', 'b', 'e'],
rejectUnauthorized: false rejectUnauthorized: false
},{
port: serverPort,
key: serverOptions.key,
cert: serverOptions.cert,
crl: serverOptions.crl,
rejectUnauthorized: false
},{ },{
port: serverPort, port: serverPort,
key: serverOptions.key, key: serverOptions.key,
@ -91,15 +97,19 @@ function startTest() {
connectClient(clientsOptions[0], function() { connectClient(clientsOptions[0], function() {
connectClient(clientsOptions[1], function() { connectClient(clientsOptions[1], function() {
connectClient(clientsOptions[2], function() { connectClient(clientsOptions[2], function() {
connectClient(clientsOptions[3], function() {
server.close(); server.close();
}); });
}); });
}); });
});
} }
process.on('exit', function() { process.on('exit', function() {
assert.equal(serverResults[0], clientsResults[0]); assert.equal(serverResults[0], clientsResults[0]);
assert.equal(serverResults[1], clientsResults[1]); assert.equal(serverResults[1], clientsResults[1]);
assert.equal(serverResults[2], 'first-priority-unsupported'); assert.equal(serverResults[2], 'http/1.1');
assert.equal(clientsResults[2], false); assert.equal(clientsResults[2], false);
assert.equal(serverResults[3], 'first-priority-unsupported');
assert.equal(clientsResults[3], false);
}); });

Loading…
Cancel
Save