1// Flags: --tls-min-v1.0 2'use strict'; 3 4const common = require('../common'); 5const { readKey } = require('../common/fixtures'); 6 7if (!common.hasCrypto) 8 common.skip('missing crypto'); 9 10const https = require('https'); 11const { SSL_OP_NO_TICKET } = require('crypto').constants; 12 13const options = { 14 key: readKey('agent1-key.pem'), 15 cert: readKey('agent1-cert.pem'), 16 secureOptions: SSL_OP_NO_TICKET, 17 ciphers: 'RSA@SECLEVEL=0' 18}; 19 20// Create TLS1.2 server 21https.createServer(options, function(req, res) { 22 res.end('ohai'); 23}).listen(0, function() { 24 first(this); 25}); 26 27// Do request and let agent cache the session 28function first(server) { 29 const port = server.address().port; 30 const req = https.request({ 31 port: port, 32 rejectUnauthorized: false 33 }, function(res) { 34 res.resume(); 35 36 server.close(function() { 37 faultyServer(port); 38 }); 39 }); 40 req.end(); 41} 42 43// Create TLS1 server 44function faultyServer(port) { 45 options.secureProtocol = 'TLSv1_method'; 46 https.createServer(options, function(req, res) { 47 res.end('hello faulty'); 48 }).listen(port, function() { 49 second(this); 50 }); 51} 52 53// Attempt to request using cached session 54function second(server, session) { 55 const req = https.request({ 56 port: server.address().port, 57 ciphers: (common.hasOpenSSL31 ? 'DEFAULT:@SECLEVEL=0' : 'DEFAULT'), 58 rejectUnauthorized: false 59 }, function(res) { 60 res.resume(); 61 }); 62 63 // Although we have a TLS 1.2 session to offer to the TLS 1.0 server, 64 // connection to the TLS 1.0 server should work. 65 req.on('response', common.mustCall(function(res) { 66 // The test is now complete for OpenSSL 1.1.0. 67 server.close(); 68 })); 69 70 req.end(); 71} 72