diff options
author | Sam Roberts <vieuxtech@gmail.com> | 2019-02-13 14:54:07 -0800 |
---|---|---|
committer | Sam Roberts <vieuxtech@gmail.com> | 2019-04-29 10:57:55 -0700 |
commit | adedbb12e52d6ae2f256c3e796490d2424ca0ef9 (patch) | |
tree | 8788b00641cc4c79f56df1881269d444bf518072 /test/parallel/test-tls-enable-trace.js | |
parent | 439bc6ee0ee84ddb93767d5b6d96ce1bc9ded3e8 (diff) | |
download | android-node-v8-adedbb12e52d6ae2f256c3e796490d2424ca0ef9.tar.gz android-node-v8-adedbb12e52d6ae2f256c3e796490d2424ca0ef9.tar.bz2 android-node-v8-adedbb12e52d6ae2f256c3e796490d2424ca0ef9.zip |
tls: allow enabling the TLS debug trace
Enable the same trace output that the OpenSSL s_client and s_server
support with their `-trace` option. This is invaluable when debugging
reports of TLS bugs as well as when debugging the internal TLS
implementation.
See:
- https://github.com/nodejs/node/issues/25383
- https://github.com/nodejs/node/issues/17936
- https://github.com/postmanlabs/postman-app-support/issues/5918#issuecomment-465311423
PR-URL: https://github.com/nodejs/node/pull/27376
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Diffstat (limited to 'test/parallel/test-tls-enable-trace.js')
-rw-r--r-- | test/parallel/test-tls-enable-trace.js | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/test/parallel/test-tls-enable-trace.js b/test/parallel/test-tls-enable-trace.js new file mode 100644 index 0000000000..a3b1721ade --- /dev/null +++ b/test/parallel/test-tls-enable-trace.js @@ -0,0 +1,58 @@ +// Flags: --expose-internals +'use strict'; +const common = require('../common'); +if (!common.hasCrypto) common.skip('missing crypto'); +const fixtures = require('../common/fixtures'); + +// Test enableTrace: option for TLS. + +const assert = require('assert'); +const { fork } = require('child_process'); + +if (process.argv[2] === 'test') + return test(); + +const binding = require('internal/test/binding').internalBinding; + +if (!binding('tls_wrap').HAVE_SSL_TRACE) + return common.skip('no SSL_trace() compiled into openssl'); + +const child = fork(__filename, ['test'], { silent: true }); + +let stderr = ''; +child.stderr.setEncoding('utf8'); +child.stderr.on('data', (data) => stderr += data); +child.on('close', common.mustCall(() => { + assert(/Received Record/.test(stderr)); + assert(/ClientHello/.test(stderr)); +})); + +// For debugging and observation of actual trace output. +child.stderr.pipe(process.stderr); +child.stdout.pipe(process.stdout); + +child.on('exit', common.mustCall((code) => { + assert.strictEqual(code, 0); +})); + +function test() { + const { + connect, keys + } = require(fixtures.path('tls-connect')); + + connect({ + client: { + checkServerIdentity: (servername, cert) => { }, + ca: `${keys.agent1.cert}\n${keys.agent6.ca}`, + }, + server: { + cert: keys.agent6.cert, + key: keys.agent6.key, + enableTrace: true, + }, + }, common.mustCall((err, pair, cleanup) => { + pair.client.conn.enableTrace(); + + return cleanup(); + })); +} |