11cb0ef41Sopenharmony_ci'use strict'; 21cb0ef41Sopenharmony_ci// Flags: --expose-internals 31cb0ef41Sopenharmony_ci 41cb0ef41Sopenharmony_ciconst common = require('../common'); 51cb0ef41Sopenharmony_ci 61cb0ef41Sopenharmony_ciif (!common.hasCrypto) 71cb0ef41Sopenharmony_ci common.skip('missing crypto'); 81cb0ef41Sopenharmony_ci 91cb0ef41Sopenharmony_ciconst assert = require('assert'); 101cb0ef41Sopenharmony_ciconst tls = require('tls'); 111cb0ef41Sopenharmony_ciconst fixtures = require('../common/fixtures'); 121cb0ef41Sopenharmony_ciconst { internalBinding } = require('internal/test/binding'); 131cb0ef41Sopenharmony_ciconst binding = internalBinding('crypto'); 141cb0ef41Sopenharmony_ci 151cb0ef41Sopenharmony_ciconst { fork } = require('child_process'); 161cb0ef41Sopenharmony_ci 171cb0ef41Sopenharmony_ci// This test ensures that extra certificates are loaded at startup. 181cb0ef41Sopenharmony_ciif (process.argv[2] !== 'child') { 191cb0ef41Sopenharmony_ci // Parent 201cb0ef41Sopenharmony_ci const NODE_EXTRA_CA_CERTS = fixtures.path('keys', 'ca1-cert.pem'); 211cb0ef41Sopenharmony_ci const extendsEnv = (obj) => ({ ...process.env, ...obj }); 221cb0ef41Sopenharmony_ci 231cb0ef41Sopenharmony_ci // Remove any pre-existing extra CA certs. 241cb0ef41Sopenharmony_ci delete process.env.NODE_EXTRA_CA_CERTS; 251cb0ef41Sopenharmony_ci [ 261cb0ef41Sopenharmony_ci extendsEnv({ CHILD_USE_EXTRA_CA_CERTS: 'yes', NODE_EXTRA_CA_CERTS }), 271cb0ef41Sopenharmony_ci extendsEnv({ CHILD_USE_EXTRA_CA_CERTS: 'no' }), 281cb0ef41Sopenharmony_ci ].forEach((processEnv) => { 291cb0ef41Sopenharmony_ci fork(__filename, ['child'], { env: processEnv }) 301cb0ef41Sopenharmony_ci .on('exit', common.mustCall((status) => { 311cb0ef41Sopenharmony_ci // Client did not succeed in connecting 321cb0ef41Sopenharmony_ci assert.strictEqual(status, 0); 331cb0ef41Sopenharmony_ci })); 341cb0ef41Sopenharmony_ci }); 351cb0ef41Sopenharmony_ci} else if (process.env.CHILD_USE_EXTRA_CA_CERTS === 'yes') { 361cb0ef41Sopenharmony_ci // Child with extra certificates loaded at startup. 371cb0ef41Sopenharmony_ci assert.strictEqual(binding.isExtraRootCertsFileLoaded(), true); 381cb0ef41Sopenharmony_ci} else { 391cb0ef41Sopenharmony_ci // Child without extra certificates. 401cb0ef41Sopenharmony_ci assert.strictEqual(binding.isExtraRootCertsFileLoaded(), false); 411cb0ef41Sopenharmony_ci tls.createServer({}); 421cb0ef41Sopenharmony_ci assert.strictEqual(binding.isExtraRootCertsFileLoaded(), false); 431cb0ef41Sopenharmony_ci} 44