nodejs/test/parallel/test-tls-ocsp-callback.js

'use strict';
var common = require('../common');

if (!process.features.tls_ocsp) {
  console.log('1..0 # Skipped: node compiled without OpenSSL or ' +
              'with old OpenSSL version.');
  process.exit(0);
}
if (!common.opensslCli) {
  console.log('1..0 # Skipped: node compiled without OpenSSL CLI.');
  process.exit(0);
}

if (!common.hasCrypto) {
  console.log('1..0 # Skipped: missing crypto');
  process.exit();
}
var tls = require('tls');

var assert = require('assert');
var constants = require('constants');
var fs = require('fs');
var join = require('path').join;

test({ response: false }, function() {
  test({ response: 'hello world' }, function() {
    test({ ocsp: false });
  });
});

function test(testOptions, cb) {

  var keyFile = join(common.fixturesDir, 'keys', 'agent1-key.pem');
  var certFile = join(common.fixturesDir, 'keys', 'agent1-cert.pem');
  var caFile = join(common.fixturesDir, 'keys', 'ca1-cert.pem');
  var key = fs.readFileSync(keyFile);
  var cert = fs.readFileSync(certFile);
  var ca = fs.readFileSync(caFile);
  var options = {
    key: key,
    cert: cert,
    ca: [ca]
  };
  var requestCount = 0;
  var clientSecure = 0;
  var ocspCount = 0;
  var ocspResponse;
  var session;

  var server = tls.createServer(options, function(cleartext) {
    cleartext.on('error', function(er) {
      // We're ok with getting ECONNRESET in this test, but it's
      // timing-dependent, and thus unreliable. Any other errors
      // are just failures, though.
      if (er.code !== 'ECONNRESET')
        throw er;
    });
    ++requestCount;
    cleartext.end();
  });
  server.on('OCSPRequest', function(cert, issuer, callback) {
    ++ocspCount;
    assert.ok(Buffer.isBuffer(cert));
    assert.ok(Buffer.isBuffer(issuer));

    // Just to check that async really works there
    setTimeout(function() {
      callback(null,
               testOptions.response ? new Buffer(testOptions.response) : null);
    }, 100);
  });
  server.listen(common.PORT, function() {
    var client = tls.connect({
      port: common.PORT,
      requestOCSP: testOptions.ocsp !== false,
      secureOptions: testOptions.ocsp === false ?
          constants.SSL_OP_NO_TICKET : 0,
      rejectUnauthorized: false
    }, function() {
      clientSecure++;
    });
    client.on('OCSPResponse', function(resp) {
      ocspResponse = resp;
      if (resp)
        client.destroy();
    });
    client.on('close', function() {
      server.close(cb);
    });
  });

  process.on('exit', function() {
    if (testOptions.ocsp === false) {
      assert.equal(requestCount, clientSecure);
      assert.equal(requestCount, 1);
      return;
    }

    if (testOptions.response) {
      assert.equal(ocspResponse.toString(), testOptions.response);
    } else {
      assert.ok(ocspResponse === null);
    }
    assert.equal(requestCount, testOptions.response ? 0 : 1);
    assert.equal(clientSecure, requestCount);
    assert.equal(ocspCount, 1);
  });
}
test: enable linting for tests Enable linting for the test directory. A number of changes was made so all tests conform the current rules used by lib and src directories. The only exception for tests is that unreachable (dead) code is allowed. test-fs-non-number-arguments-throw had to be excluded from the changes because of a weird issue on Windows CI. PR-URL: https://github.com/nodejs/io.js/pull/1721 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> 2015-05-19 13:00:06 +02:00			`'use strict';`
tls: support OCSP on client and server 2014-04-14 19:15:57 +02:00			`var common = require('../common');`

			`if (!process.features.tls_ocsp) {`
test: formatting skip messages for TAP parsing This patch makes the skip messages consistent so that the TAP plugin in CI can parse the messages properly. The format will be 1..0 # Skipped: [Actual reason why the test is skipped] PR-URL: https://github.com/nodejs/io.js/pull/2109 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Johan Bergström <bugs@bergstroem.nu> 2015-07-06 05:24:12 +02:00			`console.log('1..0 # Skipped: node compiled without OpenSSL or ' +`
			`'with old OpenSSL version.');`
tls: support OCSP on client and server 2014-04-14 19:15:57 +02:00			`process.exit(0);`
			`}`
			`if (!common.opensslCli) {`
test: formatting skip messages for TAP parsing This patch makes the skip messages consistent so that the TAP plugin in CI can parse the messages properly. The format will be 1..0 # Skipped: [Actual reason why the test is skipped] PR-URL: https://github.com/nodejs/io.js/pull/2109 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Johan Bergström <bugs@bergstroem.nu> 2015-07-06 05:24:12 +02:00			`console.log('1..0 # Skipped: node compiled without OpenSSL CLI.');`
tls: support OCSP on client and server 2014-04-14 19:15:57 +02:00			`process.exit(0);`
			`}`

test: refactor all tests that depends on crypto we had a few ways versions of looking for support before executing a test. this commit unifies them as well as add the check for all tests that previously lacked them. found by running `./configure --without-ssl && make test`. also, produce tap skip output if the test is skipped. PR-URL: https://github.com/iojs/io.js/pull/1049 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp> 2015-03-04 02:11:21 +01:00			`if (!common.hasCrypto) {`
			`console.log('1..0 # Skipped: missing crypto');`
			`process.exit();`
			`}`
tls: do not hang without `newSession` handler When listening for client hello parser events (like OCSP requests), do not hang if `newSession` event handler is not present. fix joyent/node#8660 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> PR-URL: https://github.com/node-forward/node/pull/47 2014-11-04 17:14:55 +01:00			`var tls = require('tls');`
test: refactor all tests that depends on crypto we had a few ways versions of looking for support before executing a test. this commit unifies them as well as add the check for all tests that previously lacked them. found by running `./configure --without-ssl && make test`. also, produce tap skip output if the test is skipped. PR-URL: https://github.com/iojs/io.js/pull/1049 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp> 2015-03-04 02:11:21 +01:00
			`var assert = require('assert');`
tls: do not hang without `newSession` handler When listening for client hello parser events (like OCSP requests), do not hang if `newSession` event handler is not present. fix joyent/node#8660 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> PR-URL: https://github.com/node-forward/node/pull/47 2014-11-04 17:14:55 +01:00			`var constants = require('constants');`
			`var fs = require('fs');`
			`var join = require('path').join;`

tls: support OCSP on client and server 2014-04-14 19:15:57 +02:00			`test({ response: false }, function() {`
tls: do not hang without `newSession` handler When listening for client hello parser events (like OCSP requests), do not hang if `newSession` event handler is not present. fix joyent/node#8660 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> PR-URL: https://github.com/node-forward/node/pull/47 2014-11-04 17:14:55 +01:00			`test({ response: 'hello world' }, function() {`
			`test({ ocsp: false });`
			`});`
tls: support OCSP on client and server 2014-04-14 19:15:57 +02:00			`});`

			`function test(testOptions, cb) {`

			`var keyFile = join(common.fixturesDir, 'keys', 'agent1-key.pem');`
			`var certFile = join(common.fixturesDir, 'keys', 'agent1-cert.pem');`
			`var caFile = join(common.fixturesDir, 'keys', 'ca1-cert.pem');`
			`var key = fs.readFileSync(keyFile);`
			`var cert = fs.readFileSync(certFile);`
			`var ca = fs.readFileSync(caFile);`
			`var options = {`
			`key: key,`
			`cert: cert,`
			`ca: [ca]`
			`};`
			`var requestCount = 0;`
tls: do not hang without `newSession` handler When listening for client hello parser events (like OCSP requests), do not hang if `newSession` event handler is not present. fix joyent/node#8660 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> PR-URL: https://github.com/node-forward/node/pull/47 2014-11-04 17:14:55 +01:00			`var clientSecure = 0;`
tls: support OCSP on client and server 2014-04-14 19:15:57 +02:00			`var ocspCount = 0;`
			`var ocspResponse;`
			`var session;`

			`var server = tls.createServer(options, function(cleartext) {`
			`cleartext.on('error', function(er) {`
			`// We're ok with getting ECONNRESET in this test, but it's`
			`// timing-dependent, and thus unreliable. Any other errors`
			`// are just failures, though.`
			`if (er.code !== 'ECONNRESET')`
			`throw er;`
			`});`
			`++requestCount;`
			`cleartext.end();`
			`});`
			`server.on('OCSPRequest', function(cert, issuer, callback) {`
			`++ocspCount;`
			`assert.ok(Buffer.isBuffer(cert));`
			`assert.ok(Buffer.isBuffer(issuer));`

			`// Just to check that async really works there`
			`setTimeout(function() {`
			`callback(null,`
			`testOptions.response ? new Buffer(testOptions.response) : null);`
			`}, 100);`
			`});`
			`server.listen(common.PORT, function() {`
			`var client = tls.connect({`
			`port: common.PORT,`
tls: do not hang without `newSession` handler When listening for client hello parser events (like OCSP requests), do not hang if `newSession` event handler is not present. fix joyent/node#8660 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> PR-URL: https://github.com/node-forward/node/pull/47 2014-11-04 17:14:55 +01:00			`requestOCSP: testOptions.ocsp !== false,`
			`secureOptions: testOptions.ocsp === false ?`
			`constants.SSL_OP_NO_TICKET : 0,`
tls: support OCSP on client and server 2014-04-14 19:15:57 +02:00			`rejectUnauthorized: false`
			`}, function() {`
tls: do not hang without `newSession` handler When listening for client hello parser events (like OCSP requests), do not hang if `newSession` event handler is not present. fix joyent/node#8660 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> PR-URL: https://github.com/node-forward/node/pull/47 2014-11-04 17:14:55 +01:00			`clientSecure++;`
tls: support OCSP on client and server 2014-04-14 19:15:57 +02:00			`});`
			`client.on('OCSPResponse', function(resp) {`
			`ocspResponse = resp;`
			`if (resp)`
			`client.destroy();`
			`});`
			`client.on('close', function() {`
			`server.close(cb);`
			`});`
			`});`

			`process.on('exit', function() {`
tls: do not hang without `newSession` handler When listening for client hello parser events (like OCSP requests), do not hang if `newSession` event handler is not present. fix joyent/node#8660 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> PR-URL: https://github.com/node-forward/node/pull/47 2014-11-04 17:14:55 +01:00			`if (testOptions.ocsp === false) {`
			`assert.equal(requestCount, clientSecure);`
			`assert.equal(requestCount, 1);`
			`return;`
			`}`

tls: support OCSP on client and server 2014-04-14 19:15:57 +02:00			`if (testOptions.response) {`
			`assert.equal(ocspResponse.toString(), testOptions.response);`
			`} else {`
			`assert.ok(ocspResponse === null);`
			`}`
			`assert.equal(requestCount, testOptions.response ? 0 : 1);`
tls: do not hang without `newSession` handler When listening for client hello parser events (like OCSP requests), do not hang if `newSession` event handler is not present. fix joyent/node#8660 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> PR-URL: https://github.com/node-forward/node/pull/47 2014-11-04 17:14:55 +01:00			`assert.equal(clientSecure, requestCount);`
tls: support OCSP on client and server 2014-04-14 19:15:57 +02:00			`assert.equal(ocspCount, 1);`
			`});`
			`}`