'use strict'; const common = require('../common'); const assert = require('assert'); if (!common.hasCrypto) { common.skip('missing crypto'); return; } const https = require('https'); const crypto = require('crypto'); const fs = require('fs'); const options = { key: fs.readFileSync(common.fixturesDir + '/keys/agent1-key.pem'), cert: fs.readFileSync(common.fixturesDir + '/keys/agent1-cert.pem') }; const ca = fs.readFileSync(common.fixturesDir + '/keys/ca1-cert.pem'); const clientSessions = {}; let serverRequests = 0; const agent = new https.Agent({ maxCachedSessions: 1 }); const server = https.createServer(options, function(req, res) { if (req.url === '/drop-key') server.setTicketKeys(crypto.randomBytes(48)); serverRequests++; res.end('ok'); }).listen(0, function() { const queue = [ { name: 'first', method: 'GET', path: '/', servername: 'agent1', ca: ca, port: this.address().port }, { name: 'first-reuse', method: 'GET', path: '/', servername: 'agent1', ca: ca, port: this.address().port }, { name: 'cipher-change', method: 'GET', path: '/', servername: 'agent1', // Choose different cipher to use different cache entry ciphers: 'AES256-SHA', ca: ca, port: this.address().port }, // Change the ticket key to ensure session is updated in cache { name: 'before-drop', method: 'GET', path: '/drop-key', servername: 'agent1', ca: ca, port: this.address().port }, // Ticket will be updated starting from this { name: 'after-drop', method: 'GET', path: '/', servername: 'agent1', ca: ca, port: this.address().port }, { name: 'after-drop-reuse', method: 'GET', path: '/', servername: 'agent1', ca: ca, port: this.address().port } ]; function request() { const options = queue.shift(); options.agent = agent; https.request(options, function(res) { clientSessions[options.name] = res.socket.getSession(); res.resume(); res.on('end', function() { if (queue.length !== 0) return request(); server.close(); }); }).end(); } request(); }); process.on('exit', function() { assert.strictEqual(serverRequests, 6); assert.strictEqual(clientSessions['first'].toString('hex'), clientSessions['first-reuse'].toString('hex')); assert.notStrictEqual(clientSessions['first'].toString('hex'), clientSessions['cipher-change'].toString('hex')); assert.notStrictEqual(clientSessions['first'].toString('hex'), clientSessions['before-drop'].toString('hex')); assert.notStrictEqual(clientSessions['cipher-change'].toString('hex'), clientSessions['before-drop'].toString('hex')); assert.notStrictEqual(clientSessions['before-drop'].toString('hex'), clientSessions['after-drop'].toString('hex')); assert.strictEqual(clientSessions['after-drop'].toString('hex'), clientSessions['after-drop-reuse'].toString('hex')); });