1'use strict'; 2const common = require('../common'); 3const fixtures = require('../common/fixtures'); 4 5// This test starts an https server and tries 6// to connect to it using a self-signed certificate. 7// This certificate´s keyUsage does not include the keyCertSign 8// bit, which used to crash node. The test ensures node 9// will not crash. Key and certificate are from #37889. 10// Note: This test assumes that the connection will succeed. 11 12if (!common.hasCrypto) 13 common.skip('missing crypto'); 14 15const crypto = require('crypto'); 16 17// See #37990 for details on why this is problematic with FIPS. 18if (process.config.variables.openssl_is_fips) 19 common.skip('Skipping as test uses non-fips compliant EC curve'); 20 21// This test will fail for OpenSSL < 1.1.1h 22const minOpenSSL = 269488271; 23 24if (crypto.constants.OPENSSL_VERSION_NUMBER < minOpenSSL) 25 common.skip('OpenSSL < 1.1.1h'); 26 27const https = require('https'); 28const path = require('path'); 29 30const key = 31 fixtures.readKey(path.join('selfsigned-no-keycertsign', 'key.pem')); 32 33const cert = 34 fixtures.readKey(path.join('selfsigned-no-keycertsign', 'cert.pem')); 35 36const serverOptions = { 37 key: key, 38 cert: cert 39}; 40 41// Start the server 42const httpsServer = https.createServer(serverOptions, (req, res) => { 43 res.writeHead(200); 44 res.end('hello world\n'); 45}); 46httpsServer.listen(0); 47 48httpsServer.on('listening', () => { 49 // Once the server started listening, built the client config 50 // with the server´s used port 51 const clientOptions = { 52 hostname: '127.0.0.1', 53 port: httpsServer.address().port, 54 ca: cert 55 }; 56 // Try to connect 57 const req = https.request(clientOptions, common.mustCall((res) => { 58 httpsServer.close(); 59 })); 60 61 req.on('error', common.mustNotCall()); 62 req.end(); 63}); 64