(next)
| 57 | } |
| 58 | |
| 59 | function test(next) { |
| 60 | const options = { |
| 61 | cert: fixtures.readKey('rsa_cert.crt'), |
| 62 | key: fixtures.readKey('rsa_private.pem'), |
| 63 | }; |
| 64 | |
| 65 | const server = tls.createServer(options, common.mustCall((conn) => { |
| 66 | conn.on('error', common.mustCall((err) => { |
| 67 | console.error(`Caught exception: ${err}`); |
| 68 | assert.match(err.message, /TLS session renegotiation attack/); |
| 69 | conn.destroy(); |
| 70 | })); |
| 71 | conn.pipe(conn); |
| 72 | })); |
| 73 | |
| 74 | server.listen(0, common.mustCall(() => { |
| 75 | const options = { |
| 76 | host: server.address().host, |
| 77 | port: server.address().port, |
| 78 | rejectUnauthorized: false, |
| 79 | }; |
| 80 | const client = tls.connect(options, spam); |
| 81 | |
| 82 | let renegs = 0; |
| 83 | |
| 84 | client.on('close', common.mustCall(() => { |
| 85 | assert.strictEqual(renegs, tls.CLIENT_RENEG_LIMIT + 1); |
| 86 | server.close(); |
| 87 | process.nextTick(next); |
| 88 | })); |
| 89 | |
| 90 | client.on('error', common.mustNotCall('CLIENT ERR')); |
| 91 | |
| 92 | client.on('close', common.mustCall((hadErr) => { |
| 93 | assert.strictEqual(hadErr, false); |
| 94 | })); |
| 95 | |
| 96 | // Simulate renegotiation attack |
| 97 | function spam() { |
| 98 | client.write(''); |
| 99 | client.renegotiate({}, common.mustCallAtLeast((err) => { |
| 100 | assert.ifError(err); |
| 101 | assert.ok(renegs <= tls.CLIENT_RENEG_LIMIT); |
| 102 | spam(); |
| 103 | }, 0)); |
| 104 | renegs++; |
| 105 | } |
| 106 | })); |
| 107 | } |
no test coverage detected
searching dependent graphs…