Skip to content

Commit

Permalink
tls: reset secureConnecting on client socket
Browse files Browse the repository at this point in the history
secureConnecting is never set to false on client TLS sockets.
So if Http2Session constructor (in lib/internal/http2/core.js) is
called after secureConnect is emitted, then it will wrongly wait
for a secureConnect event.

This fix sets secureConnecting to false when a client TLS socket
has connected.

Backport-PR-URL: #34859
PR-URL: #33209
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
  • Loading branch information
davedoesdev authored and MylesBorins committed Nov 16, 2020
1 parent 70768ce commit 12d76b8
Show file tree
Hide file tree
Showing 2 changed files with 35 additions and 1 deletion.
2 changes: 2 additions & 0 deletions lib/_tls_wrap.js
Original file line number Diff line number Diff line change
Expand Up @@ -1523,10 +1523,12 @@ function onConnectSecure() {
debug('client emit secureConnect. rejectUnauthorized: %s, ' +
'authorizationError: %s', options.rejectUnauthorized,
this.authorizationError);
this.secureConnecting = false;
this.emit('secureConnect');
} else {
this.authorized = true;
debug('client emit secureConnect. authorized:', this.authorized);
this.secureConnecting = false;
this.emit('secureConnect');
}

Expand Down
34 changes: 33 additions & 1 deletion test/parallel/test-http2-connect.js
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,11 @@ const {
} = require('../common');
if (!hasCrypto)
skip('missing crypto');
const fixtures = require('../common/fixtures');
const assert = require('assert');
const { createServer, connect } = require('http2');
const { createServer, createSecureServer, connect } = require('http2');
const { connect: netConnect } = require('net');
const { connect: tlsConnect } = require('tls');

// Check for session connect callback and event
{
Expand Down Expand Up @@ -70,6 +72,36 @@ const { connect: netConnect } = require('net');
connect(authority).on('error', () => {});
}

// Check for session connect callback on already connected TLS socket
{
const serverOptions = {
key: fixtures.readKey('agent1-key.pem'),
cert: fixtures.readKey('agent1-cert.pem')
};
const server = createSecureServer(serverOptions);
server.listen(0, mustCall(() => {
const { port } = server.address();

const onSocketConnect = () => {
const authority = `https://localhost:${port}`;
const createConnection = mustCall(() => socket);
const options = { createConnection };
connect(authority, options, mustCall(onSessionConnect));
};

const onSessionConnect = (session) => {
session.close();
server.close();
};

const clientOptions = {
port,
rejectUnauthorized: false
};
const socket = tlsConnect(clientOptions, mustCall(onSocketConnect));
}));
}

// Check for error for init settings error
{
createServer(function() {
Expand Down

0 comments on commit 12d76b8

Please sign in to comment.