| 'use strict'; |
| const common = require('../common'); |
| if (!common.hasCrypto) |
| common.skip('missing crypto'); |
| |
| const assert = require('assert'); |
| const tls = require('tls'); |
| |
| // We could get the `tlsSocket.servername` even if the event of "tlsClientError" |
| // is emitted. |
| |
| const serverOptions = { |
| requestCert: true, |
| rejectUnauthorized: false, |
| SNICallback: function(servername, callback) { |
| if (servername === 'c.another.com') { |
| callback(null, {}); |
| } else { |
| callback(new Error('Invalid SNI context'), null); |
| } |
| } |
| }; |
| |
| function test(options) { |
| const server = tls.createServer(serverOptions, common.mustNotCall()); |
| |
| server.on('tlsClientError', common.mustCall((err, socket) => { |
| assert.strictEqual(err.message, 'Invalid SNI context'); |
| // The `servername` should match. |
| assert.strictEqual(socket.servername, options.servername); |
| })); |
| |
| server.listen(0, () => { |
| options.port = server.address().port; |
| const client = tls.connect(options, common.mustNotCall()); |
| |
| client.on('error', common.mustCall((err) => { |
| assert.strictEqual(err.message, 'Client network socket' + |
| ' disconnected before secure TLS connection was established'); |
| })); |
| |
| client.on('close', common.mustCall(() => server.close())); |
| }); |
| } |
| |
| test({ |
| port: undefined, |
| servername: 'c.another.com', |
| rejectUnauthorized: false |
| }); |
| |
| test({ |
| port: undefined, |
| servername: 'c.wrong.com', |
| rejectUnauthorized: false |
| }); |
