Skip to content

Commit cc6b30f

Browse files
sam-githubaddaleax
authored andcommitted
test: do not assume server gets secure connection
Test assumed that server got the the connection before the client destroys it, but that is not guaranteed. Also, the test was closing the TCP connection 3 times, effectively: 1. on the server side, right after TLS connection occurs (if it does) 2. on the client side, internal to tls, when the cert is rejected 3. again on the client side, in the error event which is emitted by the internal tls destroy from 2 This is too often, and the dependency on 1 occurring is fragile. PR-URL: #25508 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com>
1 parent c17a37d commit cc6b30f

File tree

1 file changed

+4
-3
lines changed

1 file changed

+4
-3
lines changed

test/parallel/test-tls-friendly-error-message.js

+4-3
Original file line numberDiff line numberDiff line change
@@ -31,14 +31,15 @@ const tls = require('tls');
3131
const key = fixtures.readKey('agent1-key.pem');
3232
const cert = fixtures.readKey('agent1-cert.pem');
3333

34-
tls.createServer({ key, cert }, common.mustCall(function(conn) {
35-
conn.end();
34+
tls.createServer({ key, cert }).on('connection', common.mustCall(function() {
35+
// Server only receives one TCP connection, stop listening when that
36+
// connection is destroyed by the client, which it should do after the cert is
37+
// rejected as unauthorized.
3638
this.close();
3739
})).listen(0, common.mustCall(function() {
3840
const options = { port: this.address().port, rejectUnauthorized: true };
3941
tls.connect(options).on('error', common.mustCall(function(err) {
4042
assert.strictEqual(err.code, 'UNABLE_TO_VERIFY_LEAF_SIGNATURE');
4143
assert.strictEqual(err.message, 'unable to verify the first certificate');
42-
this.destroy();
4344
}));
4445
}));

0 commit comments

Comments
 (0)