test: rework to remove flakiness, and be parallel

Let .end() propogate from client, to server, and back, before
considering the test complete. Also, remove the test vector and exit
handling in favour of running all the tests in parallel and using
common.must/mustNotCall().

PR-URL: https://github.com/nodejs/node/pull/27300
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
This commit is contained in:
Sam Roberts 2019-04-22 16:21:26 -07:00
parent f0df222e82
commit 6bbb9ebf8d

View File

@ -69,114 +69,106 @@ const SNIContexts = {
}
};
const clientsOptions = [{
test({
port: undefined,
key: loadPEM('agent1-key'),
cert: loadPEM('agent1-cert'),
ca: [loadPEM('ca1-cert')],
servername: 'a.example.com',
rejectUnauthorized: false
}, {
},
true,
{ sni: 'a.example.com', authorized: false },
null,
null);
test({
port: undefined,
key: loadPEM('agent4-key'),
cert: loadPEM('agent4-cert'),
ca: [loadPEM('ca1-cert')],
servername: 'a.example.com',
rejectUnauthorized: false
}, {
},
true,
{ sni: 'a.example.com', authorized: true },
null,
null);
test({
port: undefined,
key: loadPEM('agent2-key'),
cert: loadPEM('agent2-cert'),
ca: [loadPEM('ca2-cert')],
servername: 'b.example.com',
rejectUnauthorized: false
}, {
},
true,
{ sni: 'b.example.com', authorized: false },
null,
null);
test({
port: undefined,
key: loadPEM('agent3-key'),
cert: loadPEM('agent3-cert'),
ca: [loadPEM('ca1-cert')],
servername: 'c.wrong.com',
rejectUnauthorized: false
}, {
},
false,
{ sni: 'c.wrong.com', authorized: false },
null,
null);
test({
port: undefined,
key: loadPEM('agent3-key'),
cert: loadPEM('agent3-cert'),
ca: [loadPEM('ca1-cert')],
servername: 'c.another.com',
rejectUnauthorized: false
}];
},
false,
null,
'Client network socket disconnected before secure TLS ' +
'connection was established',
'Invalid SNI context');
const serverResults = [];
const clientResults = [];
const serverErrors = [];
const clientErrors = [];
let serverError;
let clientError;
function test(options, clientResult, serverResult, clientError, serverError) {
const server = tls.createServer(serverOptions, (c) => {
assert.deepStrictEqual(
{ sni: c.servername, authorized: c.authorized },
serverResult
);
});
const server = tls.createServer(serverOptions, function(c) {
serverResults.push({ sni: c.servername, authorized: c.authorized });
c.end();
});
server.on('tlsClientError', function(err) {
serverResults.push(null);
serverError = err.message;
});
server.listen(0, startTest);
function startTest() {
function connectClient(i, callback) {
const options = clientsOptions[i];
clientError = null;
serverError = null;
options.port = server.address().port;
const client = tls.connect(options, function() {
clientResults.push(
client.authorizationError &&
(client.authorizationError === 'ERR_TLS_CERT_ALTNAME_INVALID'));
next();
});
client.on('error', function(err) {
clientResults.push(false);
clientError = err.message;
next();
});
function next() {
clientErrors.push(clientError);
serverErrors.push(serverError);
if (i === clientsOptions.length - 1)
callback();
else
connectClient(i + 1, callback);
}
if (serverResult) {
assert(!serverError);
server.on('tlsClientError', common.mustNotCall());
} else {
assert(serverError);
server.on('tlsClientError', common.mustCall((err) => {
assert.strictEqual(err.message, serverError);
}));
}
connectClient(0, function() {
server.close();
server.listen(0, () => {
options.port = server.address().port;
const client = tls.connect(options, () => {
const result = client.authorizationError &&
(client.authorizationError === 'ERR_TLS_CERT_ALTNAME_INVALID');
assert.strictEqual(result, clientResult);
client.end();
});
client.on('close', common.mustCall(() => server.close()));
if (clientError)
client.on('error', common.mustCall((err) => {
assert.strictEqual(err.message, clientError);
}));
else
client.on('error', common.mustNotCall());
});
}
process.on('exit', function() {
assert.deepStrictEqual(serverResults, [
{ sni: 'a.example.com', authorized: false },
{ sni: 'a.example.com', authorized: true },
{ sni: 'b.example.com', authorized: false },
{ sni: 'c.wrong.com', authorized: false },
null
]);
assert.deepStrictEqual(clientResults, [true, true, true, false, false]);
assert.deepStrictEqual(clientErrors, [
null, null, null, null,
'Client network socket disconnected before secure TLS ' +
'connection was established'
]);
assert.deepStrictEqual(serverErrors, [
null, null, null, null, 'Invalid SNI context'
]);
});