MCPcopy Index your code
hub / github.com/nodejs/node / createServer

Function createServer

test/parallel/test-tls-ticket.js:46–97  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

44
45let serverCount = 0;
46function createServer() {
47 const id = serverCount++;
48
49 let counter = 0;
50 let previousKey = null;
51
52 const server = tls.createServer({
53 key: fixtures.readKey('agent1-key.pem'),
54 cert: fixtures.readKey('agent1-cert.pem'),
55 ticketKeys: keys
56 }, common.mustCallAtLeast(function(c) {
57 serverLog.push(id);
58 // TODO(@sam-github) Triggers close_notify before NewSessionTicket bug.
59 // c.end();
60 c.end('x');
61
62 counter++;
63
64 // Rotate ticket keys
65 //
66 // Take especial care to account for TLS1.2 and TLS1.3 differences around
67 // when ticket keys are encrypted. In TLS1.2, they are encrypted before the
68 // handshake complete callback, but in TLS1.3, they are encrypted after.
69 // There is no callback or way for us to know when they were sent, so hook
70 // the client's reception of the keys, and use it as proof that the current
71 // keys were used, and its safe to rotate them.
72 //
73 // Rotation can occur right away if the session was reused, the keys were
74 // already decrypted or we wouldn't have a reused session.
75 function setTicketKeys(keys) {
76 if (c.isSessionReused())
77 server.setTicketKeys(keys);
78 else
79 s.once('session', () => {
80 server.setTicketKeys(keys);
81 });
82 }
83 if (counter === 1) {
84 previousKey = server.getTicketKeys();
85 assert.strictEqual(previousKey.compare(keys), 0);
86 setTicketKeys(crypto.randomBytes(48));
87 } else if (counter === 2) {
88 setTicketKeys(previousKey);
89 } else if (counter === 3) {
90 // Use keys from counter=2
91 } else {
92 throw new Error('UNREACHABLE');
93 }
94 }));
95
96 return server;
97}
98
99const naturalServers = [ createServer(), createServer(), createServer() ];
100

Calls 4

setTicketKeysFunction · 0.85
compareMethod · 0.65
pushMethod · 0.45
endMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…