jiangcuo/node
1
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2025-05-07 04:41:47 +00:00
Code Issues Actions 12 Packages Projects Releases Wiki Activity
dcccbfdc79
node/test/parallel/test-tls-ocsp-callback.js
James M Snell dcccbfdc79 src: refactor require('constants') 
The require('constants') module is currently undocumented and mashes
together unrelated constants. This refactors the require('constants')
in favor of distinct os.constants, fs.constants, and crypto.constants
that are specific to the modules for which they are relevant. The
next step is to document those within the specific modules.

PR-URL: https://github.com/nodejs/node/pull/6534
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Robert Lindstaedt <robert.lindstaedt@gmail.com>
2016-05-17 11:05:18 -07:00

132 lines
3.3 KiB
JavaScript
Raw Blame History

'use strict';
var common = require('../common');
if (!process.features.tls_ocsp) {
common.skip('node compiled without OpenSSL or ' +
'with old OpenSSL version.');
return;
}
if (!common.opensslCli) {
common.skip('node compiled without OpenSSL CLI.');
return;
}
if (!common.hasCrypto) {
common.skip('missing crypto');
return;
}
var tls = require('tls');
var assert = require('assert');
var fs = require('fs');
var join = require('path').join;
const SSL_OP_NO_TICKET = require('crypto').constants.SSL_OP_NO_TICKET;
var pfx = fs.readFileSync(join(common.fixturesDir, 'keys', 'agent1-pfx.pem'));
function test(testOptions, cb) {
var keyFile = join(common.fixturesDir, 'keys', 'agent1-key.pem');
var certFile = join(common.fixturesDir, 'keys', 'agent1-cert.pem');
var caFile = join(common.fixturesDir, 'keys', 'ca1-cert.pem');
var key = fs.readFileSync(keyFile);
var cert = fs.readFileSync(certFile);
var ca = fs.readFileSync(caFile);
var options = {
key: key,
cert: cert,
ca: [ca]
};
var requestCount = 0;
var clientSecure = 0;
var ocspCount = 0;
var ocspResponse;
if (testOptions.pfx) {
delete options.key;
delete options.cert;
options.pfx = testOptions.pfx;
options.passphrase = testOptions.passphrase;
}
var server = tls.createServer(options, function(cleartext) {
cleartext.on('error', function(er) {
// We're ok with getting ECONNRESET in this test, but it's
// timing-dependent, and thus unreliable. Any other errors
// are just failures, though.
if (er.code !== 'ECONNRESET')
throw er;
});
++requestCount;
cleartext.end();
});
server.on('OCSPRequest', function(cert, issuer, callback) {
++ocspCount;
assert.ok(Buffer.isBuffer(cert));
assert.ok(Buffer.isBuffer(issuer));
// Just to check that async really works there
setTimeout(function() {
callback(null,
testOptions.response ? Buffer.from(testOptions.response) : null);
}, 100);
});
server.listen(common.PORT, function() {
var client = tls.connect({
port: common.PORT,
requestOCSP: testOptions.ocsp !== false,
secureOptions: testOptions.ocsp === false ?
SSL_OP_NO_TICKET : 0,
rejectUnauthorized: false
}, function() {
clientSecure++;
});
client.on('OCSPResponse', function(resp) {
ocspResponse = resp;
if (resp)
client.destroy();
});
client.on('close', function() {
server.close(cb);
});
});
process.on('exit', function() {
if (testOptions.ocsp === false) {
assert.equal(requestCount, clientSecure);
assert.equal(requestCount, 1);
return;
}
if (testOptions.response) {
assert.equal(ocspResponse.toString(), testOptions.response);
} else {
assert.ok(ocspResponse === null);
}
assert.equal(requestCount, testOptions.response ? 0 : 1);
assert.equal(clientSecure, requestCount);
assert.equal(ocspCount, 1);
});
}
var tests = [
{ response: false },
{ response: 'hello world' },
{ ocsp: false }
];
if (!common.hasFipsCrypto) {
tests.push({ pfx: pfx, passphrase: 'sample', response: 'hello pfx' });
}
function runTests(i) {
if (i === tests.length) return;
test(tests[i], common.mustCall(function() {
runTests(i + 1);
}));
}
runTests(0);
Reference in New Issue View Git Blame Copy Permalink