11cb0ef41Sopenharmony_ci// Flags: --tls-min-v1.0 21cb0ef41Sopenharmony_ci'use strict'; 31cb0ef41Sopenharmony_ci 41cb0ef41Sopenharmony_ciconst common = require('../common'); 51cb0ef41Sopenharmony_ciconst { readKey } = require('../common/fixtures'); 61cb0ef41Sopenharmony_ci 71cb0ef41Sopenharmony_ciif (!common.hasCrypto) 81cb0ef41Sopenharmony_ci common.skip('missing crypto'); 91cb0ef41Sopenharmony_ci 101cb0ef41Sopenharmony_ciconst https = require('https'); 111cb0ef41Sopenharmony_ciconst { SSL_OP_NO_TICKET } = require('crypto').constants; 121cb0ef41Sopenharmony_ci 131cb0ef41Sopenharmony_ciconst options = { 141cb0ef41Sopenharmony_ci key: readKey('agent1-key.pem'), 151cb0ef41Sopenharmony_ci cert: readKey('agent1-cert.pem'), 161cb0ef41Sopenharmony_ci secureOptions: SSL_OP_NO_TICKET, 171cb0ef41Sopenharmony_ci ciphers: 'RSA@SECLEVEL=0' 181cb0ef41Sopenharmony_ci}; 191cb0ef41Sopenharmony_ci 201cb0ef41Sopenharmony_ci// Create TLS1.2 server 211cb0ef41Sopenharmony_cihttps.createServer(options, function(req, res) { 221cb0ef41Sopenharmony_ci res.end('ohai'); 231cb0ef41Sopenharmony_ci}).listen(0, function() { 241cb0ef41Sopenharmony_ci first(this); 251cb0ef41Sopenharmony_ci}); 261cb0ef41Sopenharmony_ci 271cb0ef41Sopenharmony_ci// Do request and let agent cache the session 281cb0ef41Sopenharmony_cifunction first(server) { 291cb0ef41Sopenharmony_ci const port = server.address().port; 301cb0ef41Sopenharmony_ci const req = https.request({ 311cb0ef41Sopenharmony_ci port: port, 321cb0ef41Sopenharmony_ci rejectUnauthorized: false 331cb0ef41Sopenharmony_ci }, function(res) { 341cb0ef41Sopenharmony_ci res.resume(); 351cb0ef41Sopenharmony_ci 361cb0ef41Sopenharmony_ci server.close(function() { 371cb0ef41Sopenharmony_ci faultyServer(port); 381cb0ef41Sopenharmony_ci }); 391cb0ef41Sopenharmony_ci }); 401cb0ef41Sopenharmony_ci req.end(); 411cb0ef41Sopenharmony_ci} 421cb0ef41Sopenharmony_ci 431cb0ef41Sopenharmony_ci// Create TLS1 server 441cb0ef41Sopenharmony_cifunction faultyServer(port) { 451cb0ef41Sopenharmony_ci options.secureProtocol = 'TLSv1_method'; 461cb0ef41Sopenharmony_ci https.createServer(options, function(req, res) { 471cb0ef41Sopenharmony_ci res.end('hello faulty'); 481cb0ef41Sopenharmony_ci }).listen(port, function() { 491cb0ef41Sopenharmony_ci second(this); 501cb0ef41Sopenharmony_ci }); 511cb0ef41Sopenharmony_ci} 521cb0ef41Sopenharmony_ci 531cb0ef41Sopenharmony_ci// Attempt to request using cached session 541cb0ef41Sopenharmony_cifunction second(server, session) { 551cb0ef41Sopenharmony_ci const req = https.request({ 561cb0ef41Sopenharmony_ci port: server.address().port, 571cb0ef41Sopenharmony_ci ciphers: (common.hasOpenSSL31 ? 'DEFAULT:@SECLEVEL=0' : 'DEFAULT'), 581cb0ef41Sopenharmony_ci rejectUnauthorized: false 591cb0ef41Sopenharmony_ci }, function(res) { 601cb0ef41Sopenharmony_ci res.resume(); 611cb0ef41Sopenharmony_ci }); 621cb0ef41Sopenharmony_ci 631cb0ef41Sopenharmony_ci // Although we have a TLS 1.2 session to offer to the TLS 1.0 server, 641cb0ef41Sopenharmony_ci // connection to the TLS 1.0 server should work. 651cb0ef41Sopenharmony_ci req.on('response', common.mustCall(function(res) { 661cb0ef41Sopenharmony_ci // The test is now complete for OpenSSL 1.1.0. 671cb0ef41Sopenharmony_ci server.close(); 681cb0ef41Sopenharmony_ci })); 691cb0ef41Sopenharmony_ci 701cb0ef41Sopenharmony_ci req.end(); 711cb0ef41Sopenharmony_ci} 72