1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
// Flags: --expose-internals
'use strict';
const common = require('../common');
if (!common.hasCrypto) common.skip('missing crypto');
const fixtures = require('../common/fixtures');
// Test --trace-tls CLI flag.
const assert = require('assert');
const { fork } = require('child_process');
if (process.argv[2] === 'test')
return test();
const binding = require('internal/test/binding').internalBinding;
if (!binding('tls_wrap').HAVE_SSL_TRACE)
return common.skip('no SSL_trace() compiled into openssl');
const child = fork(__filename, ['test'], {
silent: true,
execArgv: ['--trace-tls']
});
let stdout = '';
let stderr = '';
child.stdout.setEncoding('utf8');
child.stderr.setEncoding('utf8');
child.stdout.on('data', (data) => stdout += data);
child.stderr.on('data', (data) => stderr += data);
child.on('close', common.mustCall((code, signal) => {
// For debugging and observation of actual trace output.
console.log(stderr);
assert.strictEqual(code, 0);
assert.strictEqual(signal, null);
assert.strictEqual(stdout.trim(), '');
assert(/Warning: Enabling --trace-tls can expose sensitive/.test(stderr));
assert(/Sent Record/.test(stderr));
}));
function test() {
const {
connect, keys
} = require(fixtures.path('tls-connect'));
connect({
client: {
checkServerIdentity: (servername, cert) => { },
ca: `${keys.agent1.cert}\n${keys.agent6.ca}`,
},
server: {
cert: keys.agent6.cert,
key: keys.agent6.key
},
}, common.mustCall((err, pair, cleanup) => {
if (pair.server.err) {
console.trace('server', pair.server.err);
}
if (pair.client.err) {
console.trace('client', pair.client.err);
}
assert.ifError(pair.server.err);
assert.ifError(pair.client.err);
return cleanup();
}));
}
|
