mirror of https://gitee.com/openkylin/nodejs.git
94 lines
2.9 KiB
JavaScript
94 lines
2.9 KiB
JavaScript
|
// Flags: --expose-internals
|
||
|
|
|
||
|
|
'use strict';
|
||
|
|
|
||
|
|
const common = require('../common');
|
||
|
|
|
||
|
|
if (!common.hasCrypto)
|
||
|
|
common.skip('missing crypto');
|
||
|
|
|
||
|
|
const assert = require('assert');
|
||
|
|
const fixtures = require('../common/fixtures');
|
||
|
|
const h2 = require('http2');
|
||
|
|
const { kSocket } = require('internal/http2/util');
|
||
|
|
const tls = require('tls');
|
||
|
|
|
||
|
|
function loadKey(keyname) {
|
||
|
|
return fixtures.readKey(keyname, 'binary');
|
||
|
|
}
|
||
|
|
|
||
|
|
function onStream(stream, headers) {
|
||
|
|
const socket = stream.session[kSocket];
|
||
|
|
|
||
|
|
assert(stream.session.encrypted);
|
||
|
|
assert.strictEqual(stream.session.alpnProtocol, 'h2');
|
||
|
|
const originSet = stream.session.originSet;
|
||
|
|
assert(Array.isArray(originSet));
|
||
|
|
assert.strictEqual(originSet[0],
|
||
|
|
`https://${socket.servername}:${socket.remotePort}`);
|
||
|
|
|
||
|
|
assert(headers[':authority'].startsWith(socket.servername));
|
||
|
|
stream.respond({ 'content-type': 'application/json' });
|
||
|
|
stream.end(JSON.stringify({
|
||
|
|
servername: socket.servername,
|
||
|
|
alpnProtocol: socket.alpnProtocol
|
||
|
|
}));
|
||
|
|
}
|
||
|
|
|
||
|
|
function verifySecureSession(key, cert, ca, opts) {
|
||
|
|
const server = h2.createSecureServer({ cert, key });
|
||
|
|
server.on('stream', common.mustCall(onStream));
|
||
|
|
server.on('close', common.mustCall());
|
||
|
|
server.listen(0, common.mustCall(() => {
|
||
|
|
opts = opts || { };
|
||
|
|
opts.secureContext = tls.createSecureContext({ ca });
|
||
|
|
const client = h2.connect(`https://localhost:${server.address().port}`,
|
||
|
|
opts);
|
||
|
|
// Verify that a 'secureConnect' listener is attached
|
||
|
|
assert.strictEqual(client.socket.listenerCount('secureConnect'), 1);
|
||
|
|
const req = client.request();
|
||
|
|
|
||
|
|
client.on('connect', common.mustCall(() => {
|
||
|
|
assert(client.encrypted);
|
||
|
|
assert.strictEqual(client.alpnProtocol, 'h2');
|
||
|
|
const originSet = client.originSet;
|
||
|
|
assert(Array.isArray(originSet));
|
||
|
|
assert.strictEqual(originSet.length, 1);
|
||
|
|
assert.strictEqual(
|
||
|
|
originSet[0],
|
||
|
|
`https://${opts.servername || 'localhost'}:${server.address().port}`);
|
||
|
|
}));
|
||
|
|
|
||
|
|
req.on('response', common.mustCall((headers) => {
|
||
|
|
assert.strictEqual(headers[':status'], 200);
|
||
|
|
assert.strictEqual(headers['content-type'], 'application/json');
|
||
|
|
assert(headers.date);
|
||
|
|
}));
|
||
|
|
|
||
|
|
let data = '';
|
||
|
|
req.setEncoding('utf8');
|
||
|
|
req.on('data', (d) => data += d);
|
||
|
|
req.on('end', common.mustCall(() => {
|
||
|
|
const jsonData = JSON.parse(data);
|
||
|
|
assert.strictEqual(jsonData.servername,
|
||
|
|
opts.servername || 'localhost');
|
||
|
|
assert.strictEqual(jsonData.alpnProtocol, 'h2');
|
||
|
|
server.close(common.mustCall());
|
||
|
|
client[kSocket].destroy();
|
||
|
|
}));
|
||
|
|
}));
|
||
|
|
}
|
||
|
|
|
||
|
|
// The server can be connected as 'localhost'.
|
||
|
|
verifySecureSession(
|
||
|
|
loadKey('agent8-key.pem'),
|
||
|
|
loadKey('agent8-cert.pem'),
|
||
|
|
loadKey('fake-startcom-root-cert.pem'));
|
||
|
|
|
||
|
|
// Custom servername is specified.
|
||
|
|
verifySecureSession(
|
||
|
|
loadKey('agent1-key.pem'),
|
||
|
|
loadKey('agent1-cert.pem'),
|
||
|
|
loadKey('ca1-cert.pem'),
|
||
|
|
{ servername: 'agent1' });
|