0
0
mirror of https://github.com/nodejs/node.git synced 2024-11-21 21:19:50 +01:00
nodejs/test/parallel/test-http2-server-unknown-protocol.js
Richard Lau 14863e8058
test: update tests for OpenSSL 3.0.14
Starting from OpenSSL 3.0.14, 3.1.6, 3.2.2, and 3.3.1, OpenSSL was fixed
to return an error reason string for bad/unknown application protocols.

Update tests to handle both the old `ECONNRESET` error on older versions
of OpenSSL and the new `ERR_SSL_TLSV1_ALERT_NO_APPLICATION_PROTOCOL` on
newer versions of OpenSSL.

Refs: https://github.com/openssl/openssl/pull/24338
PR-URL: https://github.com/nodejs/node/pull/53373
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
2024-06-10 17:43:36 +00:00

49 lines
1.5 KiB
JavaScript

'use strict';
const common = require('../common');
const fixtures = require('../common/fixtures');
// This test verifies that when a server receives an unknownProtocol it will
// not leave the socket open if the client does not close it.
if (!common.hasCrypto)
common.skip('missing crypto');
const assert = require('assert');
const h2 = require('http2');
const tls = require('tls');
const server = h2.createSecureServer({
key: fixtures.readKey('rsa_private.pem'),
cert: fixtures.readKey('rsa_cert.crt'),
unknownProtocolTimeout: 500,
allowHalfOpen: true
});
server.on('secureConnection', common.mustCall((socket) => {
socket.on('close', common.mustCall(() => {
server.close();
}));
}));
server.listen(0, function() {
// If the client does not send an ALPN connection, and the server has not been
// configured with allowHTTP1, then the server should destroy the socket
// after unknownProtocolTimeout.
tls.connect({
port: server.address().port,
rejectUnauthorized: false,
});
// If the client sends an ALPN extension that does not contain 'h2', the
// server should send a fatal alert to the client before a secure connection
// is established at all.
tls.connect({
port: server.address().port,
rejectUnauthorized: false,
ALPNProtocols: ['bogus']
}).on('error', common.mustCall((err) => {
const allowedErrors = ['ECONNRESET', 'ERR_SSL_TLSV1_ALERT_NO_APPLICATION_PROTOCOL'];
assert.ok(allowedErrors.includes(err.code), `'${err.code}' was not one of ${allowedErrors}.`);
}));
});