|
|
@ -20,6 +20,9 @@ var serverCount = 0; |
|
|
|
function createServer() { |
|
|
|
var id = serverCount++; |
|
|
|
|
|
|
|
var counter = 0; |
|
|
|
var previousKey = null; |
|
|
|
|
|
|
|
var server = tls.createServer({ |
|
|
|
key: fs.readFileSync(common.fixturesDir + '/keys/agent1-key.pem'), |
|
|
|
cert: fs.readFileSync(common.fixturesDir + '/keys/agent1-cert.pem'), |
|
|
@ -27,14 +30,29 @@ function createServer() { |
|
|
|
}, function(c) { |
|
|
|
serverLog.push(id); |
|
|
|
c.end(); |
|
|
|
|
|
|
|
counter++; |
|
|
|
|
|
|
|
// Rotate ticket keys
|
|
|
|
if (counter === 1) { |
|
|
|
previousKey = server.getTicketKeys(); |
|
|
|
server.setTicketKeys(crypto.randomBytes(48)); |
|
|
|
} else if (counter === 2) { |
|
|
|
server.setTicketKeys(previousKey); |
|
|
|
} else if (counter === 3) { |
|
|
|
// Use keys from counter=2
|
|
|
|
} else { |
|
|
|
throw new Error('UNREACHABLE'); |
|
|
|
} |
|
|
|
}); |
|
|
|
|
|
|
|
return server; |
|
|
|
} |
|
|
|
|
|
|
|
var servers = [ createServer(), createServer(), |
|
|
|
createServer(), createServer(), |
|
|
|
createServer(), createServer() ]; |
|
|
|
var naturalServers = [ createServer(), createServer(), createServer() ]; |
|
|
|
|
|
|
|
// 3x servers
|
|
|
|
var servers = naturalServers.concat(naturalServers).concat(naturalServers); |
|
|
|
|
|
|
|
// Create one TCP server and balance sockets to multiple TLS server instances
|
|
|
|
var shared = net.createServer(function(c) { |
|
|
@ -54,7 +72,7 @@ function start(callback) { |
|
|
|
session: sess, |
|
|
|
rejectUnauthorized: false |
|
|
|
}, function() { |
|
|
|
sess = s.getSession() || sess; |
|
|
|
sess = sess || s.getSession(); |
|
|
|
ticketLog.push(s.getTLSTicket().toString('hex')); |
|
|
|
}); |
|
|
|
s.on('close', function() { |
|
|
@ -70,8 +88,14 @@ function start(callback) { |
|
|
|
|
|
|
|
process.on('exit', function() { |
|
|
|
assert.equal(ticketLog.length, serverLog.length); |
|
|
|
for (var i = 0; i < serverLog.length - 1; i++) { |
|
|
|
for (var i = 0; i < naturalServers.length - 1; i++) { |
|
|
|
assert.notEqual(serverLog[i], serverLog[i + 1]); |
|
|
|
assert.equal(ticketLog[i], ticketLog[i + 1]); |
|
|
|
|
|
|
|
// 2nd connection should have different ticket
|
|
|
|
assert.notEqual(ticketLog[i], ticketLog[i + naturalServers.length]); |
|
|
|
|
|
|
|
// 3rd connection should have the same ticket
|
|
|
|
assert.equal(ticketLog[i], ticketLog[i + naturalServers.length * 2]); |
|
|
|
} |
|
|
|
}); |
|
|
|