Showing with 73 additions and 11 deletions.
  1. +5 −2 lib/_tls_legacy.js
  2. +5 −2 lib/_tls_wrap.js
  3. +42 −0 test/simple/test-tls-new-session-hang.js
  4. +21 −7 test/simple/test-tls-ocsp-callback.js
7 lib/_tls_legacy.js
View file
@@ -662,14 +662,17 @@ function onnewsession(key, session) {
var self = this;
var once = false;

self.server.emit('newSession', key, session, function() {
if (!self.server.emit('newSession', key, session, done))
done();

function done() {
if (once)
return;
once = true;

if (self.ssl)
self.ssl.newSessionDone();
});
};
}


7 lib/_tls_wrap.js
View file
@@ -201,7 +201,10 @@ function onnewsession(key, session) {
var once = false;

this._newSessionPending = true;
this.server.emit('newSession', key, session, function() {
if (!this.server.emit('newSession', key, session, done))
done();

function done() {
if (once)
return;
once = true;
@@ -212,7 +215,7 @@ function onnewsession(key, session) {
if (self._securePending)
self._finishInit();
self._securePending = false;
});
}
}


42 test/simple/test-tls-new-session-hang.js
View file
@@ -0,0 +1,42 @@
var common = require('../common');

if (!process.features.tls_ocsp) {
console.error('Skipping because node compiled without OpenSSL or ' +
'with old OpenSSL version.');
process.exit(0);
}

var assert = require('assert');
var tls = require('tls');
var constants = require('constants');
var fs = require('fs');
var join = require('path').join;

var keyFile = join(common.fixturesDir, 'keys', 'agent1-key.pem');
var certFile = join(common.fixturesDir, 'keys', 'agent1-cert.pem');
var caFile = join(common.fixturesDir, 'keys', 'ca1-cert.pem');
var key = fs.readFileSync(keyFile);
var cert = fs.readFileSync(certFile);

var server = tls.createServer({
cert: cert,
key: key
}, function (socket) {
socket.destroySoon();
});

server.on('resumeSession', common.mustCall(function() {
// Should not be actually called
}, 0));

server.listen(common.PORT, function() {
var client = tls.connect({
rejectUnauthorized: false,
port: common.PORT,

// Just to make sure that `newSession` is going to be called
secureOptions: constants.SSL_OP_NO_TICKET
}, function() {
server.close();
});
});
28 test/simple/test-tls-ocsp-callback.js
View file
@@ -31,16 +31,19 @@ if (!common.opensslCli) {
process.exit(0);
}

var assert = require('assert');
var tls = require('tls');
var constants = require('constants');
var fs = require('fs');
var join = require('path').join;

test({ response: false }, function() {
test({ response: 'hello world' });
test({ response: 'hello world' }, function() {
test({ ocsp: false });
});
});

function test(testOptions, cb) {
var assert = require('assert');
var tls = require('tls');
var fs = require('fs');
var join = require('path').join;
var spawn = require('child_process').spawn;

var keyFile = join(common.fixturesDir, 'keys', 'agent1-key.pem');
var certFile = join(common.fixturesDir, 'keys', 'agent1-cert.pem');
@@ -54,6 +57,7 @@ function test(testOptions, cb) {
ca: [ca]
};
var requestCount = 0;
var clientSecure = 0;
var ocspCount = 0;
var ocspResponse;
var session;
@@ -83,9 +87,12 @@ function test(testOptions, cb) {
server.listen(common.PORT, function() {
var client = tls.connect({
port: common.PORT,
requestOCSP: true,
requestOCSP: testOptions.ocsp !== false,
secureOptions: testOptions.ocsp === false ?
constants.SSL_OP_NO_TICKET : 0,
rejectUnauthorized: false
}, function() {
clientSecure++;
});
client.on('OCSPResponse', function(resp) {
ocspResponse = resp;
@@ -98,12 +105,19 @@ function test(testOptions, cb) {
});

process.on('exit', function() {
if (testOptions.ocsp === false) {
assert.equal(requestCount, clientSecure);
assert.equal(requestCount, 1);
return;
}

if (testOptions.response) {
assert.equal(ocspResponse.toString(), testOptions.response);
} else {
assert.ok(ocspResponse === null);
}
assert.equal(requestCount, testOptions.response ? 0 : 1);
assert.equal(clientSecure, requestCount);
assert.equal(ocspCount, 1);
});
}