jiangcuo/node
1
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2025-05-08 20:39:30 +00:00
Code Issues Actions 12 Packages Projects Releases Wiki Activity
0f8e8f7c6b
node/test/parallel/test-tls-async-cb-after-socket-end.js
Sam Roberts 0f8e8f7c6b tls: introduce client 'session' event 
OpenSSL has supported async notification of sessions and tickets since
1.1.0 using SSL_CTX_sess_set_new_cb(), for all versions of TLS. Using
the async API is optional for TLS1.2 and below, but for TLS1.3 it will
be mandatory. Future-proof applications should start to use async
notification immediately. In the future, for TLS1.3, applications that
don't use the async API will silently, but gracefully, fail to resume
sessions and instead do a full handshake.

See: https://wiki.openssl.org/index.php/TLS1.3#Sessions

PR-URL: https://github.com/nodejs/node/pull/25831
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2019-02-01 19:06:58 -08:00

74 lines
1.9 KiB
JavaScript
Raw Blame History

'use strict';
const common = require('../common');
if (!common.hasCrypto)
common.skip('missing crypto');
const fixtures = require('../common/fixtures');
const SSL_OP_NO_TICKET = require('crypto').constants.SSL_OP_NO_TICKET;
const tls = require('tls');
// Check that TLS1.2 session resumption callbacks don't explode when made after
// the tls socket is destroyed. Disable TLS ticket support to force the legacy
// session resumption mechanism to be used.
// TLS1.2 is the last protocol version to support TLS sessions, after that the
// new and resume session events will never be emitted on the server.
const options = {
maxVersion: 'TLSv1.2',
secureOptions: SSL_OP_NO_TICKET,
key: fixtures.readSync('test_key.pem'),
cert: fixtures.readSync('test_cert.pem')
};
const server = tls.createServer(options, common.mustCall());
let sessionCb = null;
let client = null;
server.on('newSession', common.mustCall((key, session, done) => {
done();
}));
server.on('resumeSession', common.mustCall((id, cb) => {
sessionCb = cb;
// Destroy the client and then call the session cb, to check that the cb
// doesn't explode when called after the handle has been destroyed.
next();
}));
server.listen(0, common.mustCall(() => {
const clientOpts = {
port: server.address().port,
rejectUnauthorized: false,
session: false
};
const s1 = tls.connect(clientOpts, common.mustCall(() => {
clientOpts.session = s1.getSession();
console.log('1st secure');
s1.destroy();
const s2 = tls.connect(clientOpts, (s) => {
console.log('2nd secure');
s2.destroy();
}).on('connect', common.mustCall(() => {
console.log('2nd connected');
client = s2;
next();
}));
}));
}));
function next() {
if (!client || !sessionCb)
return;
client.destroy();
setTimeout(common.mustCall(() => {
sessionCb();
server.close();
}), 100);
}
Reference in New Issue View Git Blame Copy Permalink