diff --git a/test/js/node/test/parallel/test-tls-clientcertengine-invalid-arg-type.js b/test/js/node/test/parallel/test-tls-clientcertengine-invalid-arg-type.js new file mode 100644 index 0000000000..811e320b07 --- /dev/null +++ b/test/js/node/test/parallel/test-tls-clientcertengine-invalid-arg-type.js @@ -0,0 +1,15 @@ +'use strict'; +const common = require('../common'); + +if (!common.hasCrypto) + common.skip('missing crypto'); + +const assert = require('assert'); +const tls = require('tls'); + +{ + assert.throws( + () => { tls.createSecureContext({ clientCertEngine: 0 }); }, + { code: 'ERR_INVALID_ARG_TYPE', + message: / Received type number \(0\)/ }); +} diff --git a/test/js/node/test/parallel/test-tls-no-sslv23.js b/test/js/node/test/parallel/test-tls-no-sslv23.js new file mode 100644 index 0000000000..f1ba670ff0 --- /dev/null +++ b/test/js/node/test/parallel/test-tls-no-sslv23.js @@ -0,0 +1,58 @@ +'use strict'; +const common = require('../common'); +if (!common.hasCrypto) + common.skip('missing crypto'); + +const assert = require('assert'); +const tls = require('tls'); + +assert.throws(function() { + tls.createSecureContext({ secureProtocol: 'blargh' }); +}, { + code: 'ERR_TLS_INVALID_PROTOCOL_METHOD', + message: 'Unknown method: blargh', +}); + +const errMessageSSLv2 = /SSLv2 methods disabled/; + +assert.throws(function() { + tls.createSecureContext({ secureProtocol: 'SSLv2_method' }); +}, errMessageSSLv2); + +assert.throws(function() { + tls.createSecureContext({ secureProtocol: 'SSLv2_client_method' }); +}, errMessageSSLv2); + +assert.throws(function() { + tls.createSecureContext({ secureProtocol: 'SSLv2_server_method' }); +}, errMessageSSLv2); + +const errMessageSSLv3 = /SSLv3 methods disabled/; + +assert.throws(function() { + tls.createSecureContext({ secureProtocol: 'SSLv3_method' }); +}, errMessageSSLv3); + +assert.throws(function() { + tls.createSecureContext({ secureProtocol: 'SSLv3_client_method' }); +}, errMessageSSLv3); + +assert.throws(function() { + tls.createSecureContext({ secureProtocol: 'SSLv3_server_method' }); +}, errMessageSSLv3); + +// Note that SSLv2 and SSLv3 are disallowed but SSLv2_method and friends are +// still accepted. They are OpenSSL's way of saying that all known protocols +// are supported unless explicitly disabled (which we do for SSLv2 and SSLv3.) +tls.createSecureContext({ secureProtocol: 'SSLv23_method' }); +tls.createSecureContext({ secureProtocol: 'SSLv23_client_method' }); +tls.createSecureContext({ secureProtocol: 'SSLv23_server_method' }); +tls.createSecureContext({ secureProtocol: 'TLSv1_method' }); +tls.createSecureContext({ secureProtocol: 'TLSv1_client_method' }); +tls.createSecureContext({ secureProtocol: 'TLSv1_server_method' }); +tls.createSecureContext({ secureProtocol: 'TLSv1_1_method' }); +tls.createSecureContext({ secureProtocol: 'TLSv1_1_client_method' }); +tls.createSecureContext({ secureProtocol: 'TLSv1_1_server_method' }); +tls.createSecureContext({ secureProtocol: 'TLSv1_2_method' }); +tls.createSecureContext({ secureProtocol: 'TLSv1_2_client_method' }); +tls.createSecureContext({ secureProtocol: 'TLSv1_2_server_method' }); diff --git a/test/js/node/test/parallel/test-tls-retain-handle-no-abort.js b/test/js/node/test/parallel/test-tls-retain-handle-no-abort.js new file mode 100644 index 0000000000..6571aab3a9 --- /dev/null +++ b/test/js/node/test/parallel/test-tls-retain-handle-no-abort.js @@ -0,0 +1,40 @@ +'use strict'; + +const common = require('../common'); +if (!common.hasCrypto) + common.skip('missing crypto'); + +const assert = require('assert'); +const tls = require('tls'); +const util = require('util'); +const fixtures = require('../common/fixtures'); + +const sent = 'hello world'; +const serverOptions = { + isServer: true, + key: fixtures.readKey('agent1-key.pem'), + cert: fixtures.readKey('agent1-cert.pem') +}; + +let ssl = null; + +process.on('exit', function() { + assert.ok(ssl !== null); + // If the internal pointer to stream_ isn't cleared properly then this + // will abort. + util.inspect(ssl); +}); + +const server = tls.createServer(serverOptions, function(s) { + s.on('data', function() { }); + s.on('end', function() { + server.close(); + s.destroy(); + }); +}).listen(0, function() { + const c = new tls.TLSSocket(); + ssl = c.ssl; + c.connect(this.address().port, function() { + c.end(sent); + }); +}); diff --git a/test/js/node/test/parallel/test-tls-snicallback-error.js b/test/js/node/test/parallel/test-tls-snicallback-error.js new file mode 100644 index 0000000000..aac7cb9f96 --- /dev/null +++ b/test/js/node/test/parallel/test-tls-snicallback-error.js @@ -0,0 +1,24 @@ +'use strict'; +const common = require('../common'); +if (!common.hasCrypto) + common.skip('missing crypto'); + +const assert = require('assert'); +const net = require('net'); +const tls = require('tls'); + +for (const SNICallback of ['fhqwhgads', 42, {}, []]) { + assert.throws(() => { + tls.createServer({ SNICallback }); + }, { + code: 'ERR_INVALID_ARG_TYPE', + name: 'TypeError', + }); + + assert.throws(() => { + new tls.TLSSocket(new net.Socket(), { isServer: true, SNICallback }); + }, { + code: 'ERR_INVALID_ARG_TYPE', + name: 'TypeError', + }); +}