diff --git a/test/fixtures/GH-892-request.js b/test/fixtures/GH-892-request.js index db8186bfc00..e0cf6f73b61 100644 --- a/test/fixtures/GH-892-request.js +++ b/test/fixtures/GH-892-request.js @@ -21,9 +21,6 @@ // Called by test/pummel/test-regress-GH-892.js -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var https = require('https'); var fs = require('fs'); var assert = require('assert'); @@ -35,7 +32,8 @@ var gotResponse = false; var options = { method: 'POST', - port: PORT + port: PORT, + rejectUnauthorized: false }; var req = https.request(options, function(res) { diff --git a/test/pummel/test-https-large-response.js b/test/pummel/test-https-large-response.js index 23a836081c0..370415dcb78 100644 --- a/test/pummel/test-https-large-response.js +++ b/test/pummel/test-https-large-response.js @@ -19,9 +19,6 @@ // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE // USE OR OTHER DEALINGS IN THE SOFTWARE. -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); @@ -53,7 +50,10 @@ var count = 0; var gotResEnd = false; server.listen(common.PORT, function() { - https.get({ port: common.PORT }, function(res) { + https.get({ + port: common.PORT, + rejectUnauthorized: false + }, function(res) { console.log('response!'); res.on('data', function(d) { diff --git a/test/pummel/test-tls-throttle.js b/test/pummel/test-tls-throttle.js index cfe7d737f9d..a7119944ad3 100644 --- a/test/pummel/test-tls-throttle.js +++ b/test/pummel/test-tls-throttle.js @@ -22,9 +22,6 @@ // Server sends a large string. Client counts bytes and pauses every few // seconds. Makes sure that pause and resume work properly. -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); var tls = require('tls'); @@ -56,7 +53,10 @@ var server = tls.Server(options, function(socket) { var recvCount = 0; server.listen(common.PORT, function() { - var client = tls.connect(common.PORT); + var client = tls.connect({ + port: common.PORT, + rejectUnauthorized: false + }); client.on('data', function(d) { process.stdout.write('.'); diff --git a/test/simple/test-http-host-headers.js b/test/simple/test-http-host-headers.js index a0c4abf6c6d..85f07a56852 100644 --- a/test/simple/test-http-host-headers.js +++ b/test/simple/test-http-host-headers.js @@ -19,9 +19,6 @@ // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE // USE OR OTHER DEALINGS IN THE SOFTWARE. -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var http = require('http'), https = require('https'), fs = require('fs'), @@ -74,35 +71,50 @@ function testHttp() { if (er) throw er; - http.get({ method: 'GET', + http.get({ + method: 'GET', path: '/' + (counter++), host: 'localhost', //agent: false, - port: common.PORT }, cb).on('error', thrower); + port: common.PORT, + rejectUnauthorized: false + }, cb).on('error', thrower); - http.request({ method: 'GET', + http.request({ + method: 'GET', path: '/' + (counter++), host: 'localhost', //agent: false, - port: common.PORT }, cb).on('error', thrower).end(); + port: common.PORT, + rejectUnauthorized: false + }, cb).on('error', thrower).end(); - http.request({ method: 'POST', + http.request({ + method: 'POST', path: '/' + (counter++), host: 'localhost', //agent: false, - port: common.PORT }, cb).on('error', thrower).end(); + port: common.PORT, + rejectUnauthorized: false + }, cb).on('error', thrower).end(); - http.request({ method: 'PUT', + http.request({ + method: 'PUT', path: '/' + (counter++), host: 'localhost', //agent: false, - port: common.PORT }, cb).on('error', thrower).end(); + port: common.PORT, + rejectUnauthorized: false + }, cb).on('error', thrower).end(); - http.request({ method: 'DELETE', + http.request({ + method: 'DELETE', path: '/' + (counter++), host: 'localhost', //agent: false, - port: common.PORT }, cb).on('error', thrower).end(); + port: common.PORT, + rejectUnauthorized: false + }, cb).on('error', thrower).end(); }); } @@ -124,40 +136,58 @@ function testHttps() { httpsServer.listen(common.PORT, function(er) { if (er) throw er; - https.get({ method: 'GET', + https.get({ + method: 'GET', path: '/' + (counter++), host: 'localhost', //agent: false, - port: common.PORT }, cb).on('error', thrower); + port: common.PORT, + rejectUnauthorized: false + }, cb).on('error', thrower); - https.request({ method: 'GET', + https.request({ + method: 'GET', path: '/' + (counter++), host: 'localhost', //agent: false, - port: common.PORT }, cb).on('error', thrower).end(); + port: common.PORT, + rejectUnauthorized: false + }, cb).on('error', thrower).end(); - https.request({ method: 'POST', + https.request({ + method: 'POST', path: '/' + (counter++), host: 'localhost', //agent: false, - port: common.PORT }, cb).on('error', thrower).end(); + port: common.PORT, + rejectUnauthorized: false + }, cb).on('error', thrower).end(); - https.request({ method: 'PUT', + https.request({ + method: 'PUT', path: '/' + (counter++), host: 'localhost', //agent: false, - port: common.PORT }, cb).on('error', thrower).end(); + port: common.PORT, + rejectUnauthorized: false + }, cb).on('error', thrower).end(); - https.request({ method: 'DELETE', + https.request({ + method: 'DELETE', path: '/' + (counter++), host: 'localhost', //agent: false, - port: common.PORT }, cb).on('error', thrower).end(); + port: common.PORT, + rejectUnauthorized: false + }, cb).on('error', thrower).end(); - https.get({ method: 'GET', + https.get({ + method: 'GET', path: '/setHostFalse' + (counter++), host: 'localhost', setHost: false, - port: common.PORT }, cb).on('error', thrower).end(); + port: common.PORT, + rejectUnauthorized: false + }, cb).on('error', thrower).end(); }); } diff --git a/test/simple/test-http-url.parse-https.request.js b/test/simple/test-http-url.parse-https.request.js index 9e42cbdd460..bcf37526a85 100644 --- a/test/simple/test-http-url.parse-https.request.js +++ b/test/simple/test-http-url.parse-https.request.js @@ -19,9 +19,6 @@ // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE // USE OR OTHER DEALINGS IN THE SOFTWARE. -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); var https = require('https'); @@ -36,6 +33,7 @@ var httpsOptions = { }; var testURL = url.parse('https://localhost:' + common.PORT); +testURL.rejectUnauthorized = false; function check(request) { // assert that I'm https diff --git a/test/simple/test-https-agent.js b/test/simple/test-https-agent.js index ded7f4dd4ba..b54d5c38aec 100644 --- a/test/simple/test-https-agent.js +++ b/test/simple/test-https-agent.js @@ -19,17 +19,11 @@ // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE // USE OR OTHER DEALINGS IN THE SOFTWARE. - - - if (!process.versions.openssl) { console.error('Skipping because node compiled without OpenSSL.'); process.exit(0); } -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); var https = require('https'); @@ -55,7 +49,11 @@ server.listen(common.PORT, function() { for (var i = 0; i < N; i++) { setTimeout(function() { for (var j = 0; j < M; j++) { - https.get({ port: common.PORT, path: '/' }, function(res) { + https.get({ + path: '/', + port: common.PORT, + rejectUnauthorized: false + }, function(res) { console.log(res.statusCode); if (++responses == N * M) server.close(); }).on('error', function(e) { diff --git a/test/simple/test-https-drain.js b/test/simple/test-https-drain.js index 04a6bb2be19..5509a247449 100644 --- a/test/simple/test-https-drain.js +++ b/test/simple/test-https-drain.js @@ -24,9 +24,6 @@ if (!process.versions.openssl) { process.exit(0); } -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); var https = require('https'); @@ -50,8 +47,9 @@ var server = https.createServer(options, function(req, res) { server.listen(common.PORT, function() { var resumed = false; var req = https.request({ + method: 'POST', port: common.PORT, - method: 'POST' + rejectUnauthorized: false }, function(res) { var timer; res.pause(); diff --git a/test/simple/test-https-eof-for-eom.js b/test/simple/test-https-eof-for-eom.js index c8552999182..2b35835e901 100644 --- a/test/simple/test-https-eof-for-eom.js +++ b/test/simple/test-https-eof-for-eom.js @@ -19,9 +19,6 @@ // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE // USE OR OTHER DEALINGS IN THE SOFTWARE. - - - // I hate HTTP. One way of terminating an HTTP response is to not send // a content-length header, not send a transfer-encoding: chunked header, // and simply terminate the TCP connection. That is identity @@ -34,9 +31,6 @@ if (!process.versions.openssl) { process.exit(0); } -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); var tls = require('tls'); @@ -77,7 +71,10 @@ var bodyBuffer = ''; server.listen(common.PORT, function() { console.log('1) Making Request'); - var req = https.get({ port: common.PORT }, function(res) { + var req = https.get({ + port: common.PORT, + rejectUnauthorized: false + }, function(res) { server.close(); console.log('3) Client got response headers.'); diff --git a/test/simple/test-https-localaddress.js b/test/simple/test-https-localaddress.js index 26386c44cc8..b6381b6c0fb 100644 --- a/test/simple/test-https-localaddress.js +++ b/test/simple/test-https-localaddress.js @@ -19,9 +19,6 @@ // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE // USE OR OTHER DEALINGS IN THE SOFTWARE. -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var https = require('https'), fs = require('fs'), @@ -48,11 +45,14 @@ var server = https.createServer(options, function (req, res) { }); server.listen(common.PORT, "127.0.0.1", function() { - var options = { host: 'localhost', + var options = { + host: 'localhost', port: common.PORT, path: '/', method: 'GET', - localAddress: '127.0.0.2' }; + localAddress: '127.0.0.2', + rejectUnauthorized: false + }; var req = https.request(options, function(res) { res.on('end', function() { diff --git a/test/simple/test-https-pfx.js b/test/simple/test-https-pfx.js index 3d84aa5fedb..9da1ff8ee98 100644 --- a/test/simple/test-https-pfx.js +++ b/test/simple/test-https-pfx.js @@ -19,9 +19,6 @@ // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE // USE OR OTHER DEALINGS IN THE SOFTWARE. -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); var https = require('https'); @@ -35,12 +32,13 @@ var options = { path: '/', pfx: pfx, passphrase: 'sample', - requestCert: true + requestCert: true, + rejectUnauthorized: false }; var server = https.createServer(options, function(req, res) { assert.equal(req.socket.authorized, false); // not a client cert - assert.equal(req.socket.authorizationError, 'UNABLE_TO_GET_ISSUER_CERT'); + assert.equal(req.socket.authorizationError, 'DEPTH_ZERO_SELF_SIGNED_CERT'); res.writeHead(200); res.end('OK'); }); diff --git a/test/simple/test-https-socket-options.js b/test/simple/test-https-socket-options.js index 8aa1da8fc5c..4487cf8fa49 100644 --- a/test/simple/test-https-socket-options.js +++ b/test/simple/test-https-socket-options.js @@ -19,17 +19,11 @@ // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE // USE OR OTHER DEALINGS IN THE SOFTWARE. - - - if (!process.versions.openssl) { console.error('Skipping because node compiled without OpenSSL.'); process.exit(0); } -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); @@ -56,7 +50,10 @@ var server_http = http.createServer(function(req, res) { server_http.listen(common.PORT, function() { - var req = http.request({ port: common.PORT }, function(res) { + var req = http.request({ + port: common.PORT, + rejectUnauthorized: false + }, function(res) { server_http.close(); }); // These methods should exist on the request and get passed down to the socket @@ -75,7 +72,10 @@ var server_https = https.createServer(options, function(req, res) { }); server_https.listen(common.PORT+1, function() { - var req = https.request({ port: common.PORT+1 }, function(res) { + var req = https.request({ + port: common.PORT + 1, + rejectUnauthorized: false + }, function(res) { server_https.close(); }); // These methods should exist on the request and get passed down to the socket diff --git a/test/simple/test-https-timeout.js b/test/simple/test-https-timeout.js index fc32fb9ebf1..8b79204d461 100644 --- a/test/simple/test-https-timeout.js +++ b/test/simple/test-https-timeout.js @@ -24,9 +24,6 @@ if (!process.versions.openssl) { process.exit(0); } -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); var fs = require('fs'); @@ -46,7 +43,8 @@ var server = https.createServer(options, function() { host: 'localhost', port: common.PORT, path: '/', - method: 'GET' + method: 'GET', + rejectUnauthorized: false }); req.setTimeout(10); req.end(); diff --git a/test/simple/test-regress-GH-1531.js b/test/simple/test-regress-GH-1531.js index 8d5f8b826b1..60cd9498d39 100644 --- a/test/simple/test-regress-GH-1531.js +++ b/test/simple/test-regress-GH-1531.js @@ -27,9 +27,6 @@ if (!process.versions.openssl) { var https = require('https'); var assert = require('assert'); var fs = require('fs'); -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var options = { @@ -46,9 +43,10 @@ var server = https.createServer(options, function(req, res) { server.listen(common.PORT, function() { https.get({ + agent: false, path: '/', port: common.PORT, - agent: false + rejectUnauthorized: false }, function(res) { console.error(res.statusCode); gotCallback = true; diff --git a/test/simple/test-tls-client-resume.js b/test/simple/test-tls-client-resume.js index 5af6c7935be..7271134df1c 100644 --- a/test/simple/test-tls-client-resume.js +++ b/test/simple/test-tls-client-resume.js @@ -28,9 +28,6 @@ if (!process.versions.openssl) { process.exit(0); } -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); var tls = require('tls'); @@ -53,7 +50,10 @@ var server = tls.Server(options, function(socket) { server.listen(common.PORT, function() { var session1 = null; - var client1 = tls.connect({port: common.PORT}, function() { + var client1 = tls.connect({ + port: common.PORT, + rejectUnauthorized: false + }, function() { console.log('connect1'); assert.ok(!client1.isSessionReused(), 'Session *should not* be reused.'); session1 = client1.getSession(); @@ -62,7 +62,12 @@ server.listen(common.PORT, function() { client1.on('close', function() { console.log('close1'); - var opts = { 'session': session1, port: common.PORT }; + var opts = { + port: common.PORT, + rejectUnauthorized: false, + session: session1 + }; + var client2 = tls.connect(opts, function() { console.log('connect2'); assert.ok(client2.isSessionReused(), 'Session *should* be reused.'); diff --git a/test/simple/test-tls-client-verify.js b/test/simple/test-tls-client-verify.js index f071e3407cd..cc4e21572e8 100644 --- a/test/simple/test-tls-client-verify.js +++ b/test/simple/test-tls-client-verify.js @@ -59,9 +59,6 @@ var testCases = ]; -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); var fs = require('fs'); @@ -137,7 +134,8 @@ function runTest(testIndex) { port: common.PORT, ca: tcase.ca.map(loadPEM), key: loadPEM(tcase.key), - cert: loadPEM(tcase.cert) + cert: loadPEM(tcase.cert), + rejectUnauthorized: false }; diff --git a/test/simple/test-tls-connect-given-socket.js b/test/simple/test-tls-connect-given-socket.js index 262966b56a4..5cb62992fb5 100644 --- a/test/simple/test-tls-connect-given-socket.js +++ b/test/simple/test-tls-connect-given-socket.js @@ -19,9 +19,6 @@ // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE // USE OR OTHER DEALINGS IN THE SOFTWARE. -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); var tls = require('tls'); @@ -41,8 +38,14 @@ var server = tls.createServer(options, function(socket) { serverConnected = true; socket.end('Hello'); }).listen(common.PORT, function() { - var socket = net.connect(common.PORT, function() { - var client = tls.connect({socket: socket}, function() { + var socket = net.connect({ + port: common.PORT, + rejectUnauthorized: false + }, function() { + var client = tls.connect({ + rejectUnauthorized: false, + socket: socket + }, function() { clientConnected = true; var data = ''; client.on('data', function(chunk) { diff --git a/test/simple/test-tls-connect-pipe.js b/test/simple/test-tls-connect-pipe.js index f58aaabcfe8..98031c0ad18 100644 --- a/test/simple/test-tls-connect-pipe.js +++ b/test/simple/test-tls-connect-pipe.js @@ -37,7 +37,8 @@ var server = tls.Server(options, function(socket) { server.close(); }); server.listen(common.PIPE, function() { - var client = tls.connect(common.PIPE, function() { + var options = { rejectUnauthorized: false }; + var client = tls.connect(common.PIPE, options, function() { ++clientConnected; client.end(); }); diff --git a/test/simple/test-tls-connect-simple.js b/test/simple/test-tls-connect-simple.js index b1c68a4a89f..e896dd9e22a 100644 --- a/test/simple/test-tls-connect-simple.js +++ b/test/simple/test-tls-connect-simple.js @@ -19,9 +19,6 @@ // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE // USE OR OTHER DEALINGS IN THE SOFTWARE. -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); var tls = require('tls'); @@ -42,12 +39,18 @@ var server = tls.Server(options, function(socket) { }); server.listen(common.PORT, function() { - var client1 = tls.connect({port: common.PORT}, function() { + var client1 = tls.connect({ + port: common.PORT, + rejectUnauthorized: false + }, function() { ++clientConnected; client1.end(); }); - var client2 = tls.connect({port: common.PORT}); + var client2 = tls.connect({ + port: common.PORT, + rejectUnauthorized: false + }); client2.on('secureConnect', function() { ++clientConnected; client2.end(); diff --git a/test/simple/test-tls-getcipher.js b/test/simple/test-tls-getcipher.js index d101ad84410..22a280e5874 100644 --- a/test/simple/test-tls-getcipher.js +++ b/test/simple/test-tls-getcipher.js @@ -19,9 +19,6 @@ // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE // USE OR OTHER DEALINGS IN THE SOFTWARE. -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); var tls = require('tls'); @@ -46,7 +43,11 @@ var server = tls.createServer(options, function(cleartextStream) { }); server.listen(common.PORT, '127.0.0.1', function() { - var client = tls.connect(common.PORT, '127.0.0.1', function() { + var client = tls.connect({ + host: '127.0.0.1', + port: common.PORT, + rejectUnauthorized: false + }, function() { var cipher = client.getCipher(); assert.equal(cipher.name, cipher_list[0]); assert(cipher_version_pattern.test(cipher.version)); diff --git a/test/simple/test-tls-honorcipherorder.js b/test/simple/test-tls-honorcipherorder.js index fbbfb64a13f..539a12abf4e 100644 --- a/test/simple/test-tls-honorcipherorder.js +++ b/test/simple/test-tls-honorcipherorder.js @@ -19,9 +19,6 @@ // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE // USE OR OTHER DEALINGS IN THE SOFTWARE. -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); var tls = require('tls'); @@ -49,7 +46,10 @@ function test(honorCipherOrder, clientCipher, expectedCipher, cb) { nconns++; }); server.listen(common.PORT, localhost, function() { - var coptions = {secureProtocol: SSL_Method}; + var coptions = { + rejectUnauthorized: false, + secureProtocol: SSL_Method + }; if (clientCipher) { coptions.ciphers = clientCipher; } diff --git a/test/simple/test-tls-npn-server-client.js b/test/simple/test-tls-npn-server-client.js index 09c5c4b1317..86e10bedc6a 100644 --- a/test/simple/test-tls-npn-server-client.js +++ b/test/simple/test-tls-npn-server-client.js @@ -25,9 +25,6 @@ if (!process.features.tls_npn) { process.exit(0); } -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'), assert = require('assert'), fs = require('fs'), @@ -55,19 +52,22 @@ var clientsOptions = [{ key: serverOptions.key, cert: serverOptions.cert, crl: serverOptions.crl, - NPNProtocols: ['a', 'b', 'c'] + NPNProtocols: ['a', 'b', 'c'], + rejectUnauthorized: false },{ port: serverPort, key: serverOptions.key, cert: serverOptions.cert, crl: serverOptions.crl, - NPNProtocols: ['c', 'b', 'e'] + NPNProtocols: ['c', 'b', 'e'], + rejectUnauthorized: false },{ port: serverPort, key: serverOptions.key, cert: serverOptions.cert, crl: serverOptions.crl, - NPNProtocols: ['first-priority-unsupported', 'x', 'y'] + NPNProtocols: ['first-priority-unsupported', 'x', 'y'], + rejectUnauthorized: false }]; var serverResults = [], diff --git a/test/simple/test-tls-over-http-tunnel.js b/test/simple/test-tls-over-http-tunnel.js index 2cae29d42e1..0920a35d642 100644 --- a/test/simple/test-tls-over-http-tunnel.js +++ b/test/simple/test-tls-over-http-tunnel.js @@ -19,17 +19,11 @@ // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE // USE OR OTHER DEALINGS IN THE SOFTWARE. - - - if (!process.versions.openssl) { console.error('Skipping because node compiled without OpenSSL.'); process.exit(0); } -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); @@ -153,7 +147,8 @@ proxy.listen(proxyPort, function() { key: key, cert: cert, socket: socket, // reuse the socket - agent: false + agent: false, + rejectUnauthorized: false }, function(res) { assert.equal(200, res.statusCode); diff --git a/test/simple/test-tls-passphrase.js b/test/simple/test-tls-passphrase.js index 983af863a0e..e9a5c5a5df0 100644 --- a/test/simple/test-tls-passphrase.js +++ b/test/simple/test-tls-passphrase.js @@ -24,9 +24,6 @@ if (!process.versions.openssl) { process.exit(0); } -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); var tls = require('tls'); @@ -53,7 +50,8 @@ server.listen(common.PORT, function() { port: common.PORT, key: key, passphrase: 'passphrase', - cert: cert + cert: cert, + rejectUnauthorized: false }, function() { ++connectCount; }); @@ -67,7 +65,8 @@ assert.throws(function() { port: common.PORT, key: key, passphrase: 'invalid', - cert: cert + cert: cert, + rejectUnauthorized: false }); }); diff --git a/test/simple/test-tls-pause-close.js b/test/simple/test-tls-pause-close.js index 26e267d86a1..8e5d897d170 100644 --- a/test/simple/test-tls-pause-close.js +++ b/test/simple/test-tls-pause-close.js @@ -24,9 +24,6 @@ if (!process.versions.openssl) { process.exit(0); } -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); var tls = require('tls'); @@ -69,7 +66,10 @@ var server = tls.createServer(options, function(s) { }); server.listen(common.PORT, function() { - var c = tls.connect({port: common.PORT}, function() { + var c = tls.connect({ + port: common.PORT, + rejectUnauthorized: false + }, function() { console.log('client connected'); c.socket.on('end', function() { console.log('client socket ended'); diff --git a/test/simple/test-tls-pause.js b/test/simple/test-tls-pause.js index 11cfb3a4fae..0b29ae20d37 100644 --- a/test/simple/test-tls-pause.js +++ b/test/simple/test-tls-pause.js @@ -24,9 +24,6 @@ if (!process.versions.openssl) { process.exit(0); } -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); var tls = require('tls'); @@ -48,7 +45,10 @@ var server = tls.Server(options, function(socket) { server.listen(common.PORT, function() { var resumed = false; - var client = tls.connect({port: common.PORT}, function() { + var client = tls.connect({ + port: common.PORT, + rejectUnauthorized: false + }, function() { client.pause(); common.debug('paused'); send(); diff --git a/test/simple/test-tls-peer-certificate-multi-keys.js b/test/simple/test-tls-peer-certificate-multi-keys.js index e967b495560..a321d2cbaa3 100644 --- a/test/simple/test-tls-peer-certificate-multi-keys.js +++ b/test/simple/test-tls-peer-certificate-multi-keys.js @@ -24,9 +24,6 @@ if (!process.versions.openssl) { process.exit(0); } -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); var tls = require('tls'); @@ -45,7 +42,10 @@ var server = tls.createServer(options, function(cleartext) { cleartext.end('World'); }); server.listen(common.PORT, function() { - var socket = tls.connect({port: common.PORT}, function() { + var socket = tls.connect({ + port: common.PORT, + rejectUnauthorized: false + }, function() { var peerCert = socket.getPeerCertificate(); common.debug(util.inspect(peerCert)); assert.deepEqual(peerCert.subject.OU, diff --git a/test/simple/test-tls-peer-certificate.js b/test/simple/test-tls-peer-certificate.js index abe1291389d..2f0b7279730 100644 --- a/test/simple/test-tls-peer-certificate.js +++ b/test/simple/test-tls-peer-certificate.js @@ -24,9 +24,6 @@ if (!process.versions.openssl) { process.exit(0); } -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); var tls = require('tls'); @@ -45,7 +42,10 @@ var server = tls.createServer(options, function(cleartext) { cleartext.end('World'); }); server.listen(common.PORT, function() { - var socket = tls.connect({port: common.PORT}, function() { + var socket = tls.connect({ + port: common.PORT, + rejectUnauthorized: false + }, function() { var peerCert = socket.getPeerCertificate(); common.debug(util.inspect(peerCert)); assert.equal(peerCert.subject.subjectAltName, diff --git a/test/simple/test-tls-remote.js b/test/simple/test-tls-remote.js index 3753ab7460d..c711a294a54 100644 --- a/test/simple/test-tls-remote.js +++ b/test/simple/test-tls-remote.js @@ -24,9 +24,6 @@ if (!process.versions.openssl) { process.exit(0); } -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); var tls = require('tls'); @@ -51,7 +48,11 @@ server.listen(common.PORT, '127.0.0.1', function() { assert.equal(server.address().address, '127.0.0.1'); assert.equal(server.address().port, common.PORT); - var c = tls.connect({port: common.PORT, host: '127.0.0.1'}, function() { + var c = tls.connect({ + host: '127.0.0.1', + port: common.PORT, + rejectUnauthorized: false + }, function() { assert.equal(c.address().address, c.socket.address().address); assert.equal(c.address().port, c.socket.address().port); diff --git a/test/simple/test-tls-request-timeout.js b/test/simple/test-tls-request-timeout.js index d9fd5e72edc..7f46bd21303 100644 --- a/test/simple/test-tls-request-timeout.js +++ b/test/simple/test-tls-request-timeout.js @@ -19,9 +19,6 @@ // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE // USE OR OTHER DEALINGS IN THE SOFTWARE. -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); var tls = require('tls'); @@ -45,7 +42,10 @@ var server = tls.Server(options, function(socket) { }); server.listen(common.PORT, function() { - var socket = tls.connect({port: common.PORT}); + var socket = tls.connect({ + port: common.PORT, + rejectUnauthorized: false + }); }); process.on('exit', function() { diff --git a/test/simple/test-tls-set-encoding.js b/test/simple/test-tls-set-encoding.js index a404a361086..0f6beafd1dd 100644 --- a/test/simple/test-tls-set-encoding.js +++ b/test/simple/test-tls-set-encoding.js @@ -19,9 +19,6 @@ // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE // USE OR OTHER DEALINGS IN THE SOFTWARE. -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'); var assert = require('assert'); var tls = require('tls'); @@ -44,7 +41,10 @@ var server = tls.Server(options, function(socket) { server.listen(common.PORT, function() { - var client = tls.connect({port: common.PORT}); + var client = tls.connect({ + port: common.PORT, + rejectUnauthorized: false + }); var buffer = ''; diff --git a/test/simple/test-tls-sni-server-client.js b/test/simple/test-tls-sni-server-client.js index 2af06be2657..8de57e2d4c3 100644 --- a/test/simple/test-tls-sni-server-client.js +++ b/test/simple/test-tls-sni-server-client.js @@ -28,9 +28,6 @@ if (!process.features.tls_sni) { process.exit(0); } -// disable strict server certificate validation by the client -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; - var common = require('../common'), assert = require('assert'), fs = require('fs'), @@ -67,19 +64,22 @@ var clientsOptions = [{ key: loadPEM('agent1-key'), cert: loadPEM('agent1-cert'), ca: [loadPEM('ca1-cert')], - servername: 'a.example.com' + servername: 'a.example.com', + rejectUnauthorized: false },{ port: serverPort, key: loadPEM('agent2-key'), cert: loadPEM('agent2-cert'), ca: [loadPEM('ca2-cert')], - servername: 'b.test.com' + servername: 'b.test.com', + rejectUnauthorized: false },{ port: serverPort, key: loadPEM('agent3-key'), cert: loadPEM('agent3-cert'), ca: [loadPEM('ca1-cert')], - servername: 'c.wrong.com' + servername: 'c.wrong.com', + rejectUnauthorized: false }]; var serverResults = [],