Skip to content

tls: Reset secureConnecting on client socket #33209

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
davedoesdev wants to merge 1 commit into from
Closed

tls: Reset secureConnecting on client socket #33209

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
tls: Reset secureConnecting on client socket 
secureConnecting is never set to false on client TLS sockets.
So if Http2Session constructor (in lib/internal/http2/core.js) is
called after secureConnect is emitted, then it will wrongly wait
for a secureConnect event.

This fix sets secureConnecting to false when a client TLS socket
has connected.
  • Loading branch information
@davedoesdev
davedoesdev committed May 2, 2020
commit 3c4aa3dd2fd29483d4cd90ce5ed600960e5c749d
2 changes: 2 additions & 0 deletions lib/_tls_wrap.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1512,11 +1512,13 @@ function onConnectSecure() {
debug('client emit secureConnect. rejectUnauthorized: %s, ' +
'authorizationError: %s', options.rejectUnauthorized,
this.authorizationError);
this.secureConnecting = false;
this.emit('secureConnect');
}
} else {
this.authorized = true;
debug('client emit secureConnect. authorized:', this.authorized);
this.secureConnecting = false;
this.emit('secureConnect');
}

Expand Down
34 changes: 33 additions & 1 deletion test/parallel/test-http2-connect.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,11 @@ const {
} = require('../common');
if (!hasCrypto)
skip('missing crypto');
const fixtures = require('../common/fixtures');
const assert = require('assert');
const { createServer, connect } = require('http2');
const { createServer, createSecureServer, connect } = require('http2');
const { connect: netConnect } = require('net');
const { connect: tlsConnect } = require('tls');

// Check for session connect callback and event
{
Expand Down Expand Up @@ -70,6 +72,36 @@ const { connect: netConnect } = require('net');
connect(authority).on('error', () => {});
}

// Check for session connect callback on already connected TLS socket
{
const serverOptions = {
key: fixtures.readKey('agent1-key.pem'),
cert: fixtures.readKey('agent1-cert.pem')
};
const server = createSecureServer(serverOptions);
server.listen(0, mustCall(() => {
const { port } = server.address();

const onSocketConnect = () => {
const authority = `https://localhost:${port}`;
const createConnection = mustCall(() => socket);
const options = { createConnection };
connect(authority, options, mustCall(onSessionConnect));
};

const onSessionConnect = (session) => {
session.close();
server.close();
};

const clientOptions = {
port,
rejectUnauthorized: false
};
const socket = tlsConnect(clientOptions, mustCall(onSocketConnect));
}));
}

// Check for error for init settings error
{
createServer(function() {
Expand Down