From 6bbb9ebf8d8da927fc71f648af4739f2d574014f Mon Sep 17 00:00:00 2001 From: Sam Roberts Date: Mon, 22 Apr 2019 16:21:26 -0700 Subject: [PATCH] test: rework to remove flakiness, and be parallel Let .end() propogate from client, to server, and back, before considering the test complete. Also, remove the test vector and exit handling in favour of running all the tests in parallel and using common.must/mustNotCall(). PR-URL: https://github.com/nodejs/node/pull/27300 Reviewed-By: Luigi Pinca Reviewed-By: Gireesh Punathil --- test/parallel/test-tls-sni-option.js | 142 +++++++++++++-------------- 1 file changed, 67 insertions(+), 75 deletions(-) diff --git a/test/parallel/test-tls-sni-option.js b/test/parallel/test-tls-sni-option.js index 3a6a231b477..f4bc7dc1b2b 100644 --- a/test/parallel/test-tls-sni-option.js +++ b/test/parallel/test-tls-sni-option.js @@ -69,114 +69,106 @@ const SNIContexts = { } }; -const clientsOptions = [{ +test({ port: undefined, key: loadPEM('agent1-key'), cert: loadPEM('agent1-cert'), ca: [loadPEM('ca1-cert')], servername: 'a.example.com', rejectUnauthorized: false -}, { +}, + true, + { sni: 'a.example.com', authorized: false }, + null, + null); + +test({ port: undefined, key: loadPEM('agent4-key'), cert: loadPEM('agent4-cert'), ca: [loadPEM('ca1-cert')], servername: 'a.example.com', rejectUnauthorized: false -}, { +}, + true, + { sni: 'a.example.com', authorized: true }, + null, + null); + +test({ port: undefined, key: loadPEM('agent2-key'), cert: loadPEM('agent2-cert'), ca: [loadPEM('ca2-cert')], servername: 'b.example.com', rejectUnauthorized: false -}, { +}, + true, + { sni: 'b.example.com', authorized: false }, + null, + null); + +test({ port: undefined, key: loadPEM('agent3-key'), cert: loadPEM('agent3-cert'), ca: [loadPEM('ca1-cert')], servername: 'c.wrong.com', rejectUnauthorized: false -}, { +}, + false, + { sni: 'c.wrong.com', authorized: false }, + null, + null); + +test({ port: undefined, key: loadPEM('agent3-key'), cert: loadPEM('agent3-cert'), ca: [loadPEM('ca1-cert')], servername: 'c.another.com', rejectUnauthorized: false -}]; +}, + false, + null, + 'Client network socket disconnected before secure TLS ' + + 'connection was established', + 'Invalid SNI context'); -const serverResults = []; -const clientResults = []; -const serverErrors = []; -const clientErrors = []; -let serverError; -let clientError; +function test(options, clientResult, serverResult, clientError, serverError) { + const server = tls.createServer(serverOptions, (c) => { + assert.deepStrictEqual( + { sni: c.servername, authorized: c.authorized }, + serverResult + ); + }); -const server = tls.createServer(serverOptions, function(c) { - serverResults.push({ sni: c.servername, authorized: c.authorized }); - c.end(); -}); - -server.on('tlsClientError', function(err) { - serverResults.push(null); - serverError = err.message; -}); - -server.listen(0, startTest); - -function startTest() { - function connectClient(i, callback) { - const options = clientsOptions[i]; - clientError = null; - serverError = null; - - options.port = server.address().port; - const client = tls.connect(options, function() { - clientResults.push( - client.authorizationError && - (client.authorizationError === 'ERR_TLS_CERT_ALTNAME_INVALID')); - - next(); - }); - - client.on('error', function(err) { - clientResults.push(false); - clientError = err.message; - next(); - }); - - function next() { - clientErrors.push(clientError); - serverErrors.push(serverError); - - if (i === clientsOptions.length - 1) - callback(); - else - connectClient(i + 1, callback); - } + if (serverResult) { + assert(!serverError); + server.on('tlsClientError', common.mustNotCall()); + } else { + assert(serverError); + server.on('tlsClientError', common.mustCall((err) => { + assert.strictEqual(err.message, serverError); + })); } - connectClient(0, function() { - server.close(); + server.listen(0, () => { + options.port = server.address().port; + const client = tls.connect(options, () => { + const result = client.authorizationError && + (client.authorizationError === 'ERR_TLS_CERT_ALTNAME_INVALID'); + assert.strictEqual(result, clientResult); + client.end(); + }); + + client.on('close', common.mustCall(() => server.close())); + + if (clientError) + client.on('error', common.mustCall((err) => { + assert.strictEqual(err.message, clientError); + })); + else + client.on('error', common.mustNotCall()); }); } - -process.on('exit', function() { - assert.deepStrictEqual(serverResults, [ - { sni: 'a.example.com', authorized: false }, - { sni: 'a.example.com', authorized: true }, - { sni: 'b.example.com', authorized: false }, - { sni: 'c.wrong.com', authorized: false }, - null - ]); - assert.deepStrictEqual(clientResults, [true, true, true, false, false]); - assert.deepStrictEqual(clientErrors, [ - null, null, null, null, - 'Client network socket disconnected before secure TLS ' + - 'connection was established' - ]); - assert.deepStrictEqual(serverErrors, [ - null, null, null, null, 'Invalid SNI context' - ]); -});