This repository has been archived by the owner on Apr 22, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 7.3k
TLS connection over existing TLS socket causes assertion failure #6204
Comments
ghost
assigned indutny
Sep 11, 2013
Additionally, if you modify the test to wait until after the "secureConnect" event to upgrade the socket to TLS, then I get a "segmentation fault": var fs = require('fs');
var net = require('net');
var tls = require('tls');
var assert = require('assert');
var options, a, b, portA, portB;
var gotHello = false;
options = {
key: fs.readFileSync(__dirname + '/test/server.key'),
cert: fs.readFileSync(__dirname + '/test/server.crt')
};
// the "proxy" server
a = tls.createServer(options, function (socket) {
var options = {
host: '127.0.0.1',
port: b.address().port
};
var dest = net.connect(options);
dest.pipe(socket);
socket.pipe(dest);
});
options = {
key: fs.readFileSync(__dirname + '/test/proxy.key'),
cert: fs.readFileSync(__dirname + '/test/proxy.crt')
};
// the "target" server
b = tls.createServer(options, function (socket) {
socket.end('hello');
});
process.on('exit', function () {
assert(gotHello);
});
a.listen(function () {
b.listen(function () {
options = {
host: '127.0.0.1',
port: a.address().port,
rejectUnauthorized: false
};
var socket = tls.connect(options);
var ssl;
socket.on('secureConnect', function () {
ssl = tls.connect({
socket: socket,
rejectUnauthorized: false
});
ssl.setEncoding('utf8');
ssl.once('data', function (data) {
assert.equal('hello', data);
gotHello = true;
});
ssl.on('end', function () {
ssl.end();
a.close();
b.close();
});
});
});
});
|
gdb gives me:
|
indutny
added a commit
to indutny/node
that referenced
this issue
Sep 24, 2013
Allow wrapping TLSSocket inside another TLSSocket, emulate it using SecurePair in legacy APIs. fix nodejs#6204
Fixed in 42acbf8. |
richardlau
pushed a commit
to ibmruntimes/node
that referenced
this issue
Nov 5, 2015
Helps in implementation of nodejs#6204, where some options passed to `createSecurePair()` are ignored before this patch. These options are very helpful if someone wants to pass `options.servername` or `options.SNICallback` to securepair. PR-URL: nodejs/node#2441 Reviewed-By: Fedor Indutny <[email protected]>
richardlau
pushed a commit
to ibmruntimes/node
that referenced
this issue
Feb 18, 2016
Helps in implementation of nodejs#6204, where some options passed to `createSecurePair()` are ignored before this patch. These options are very helpful if someone wants to pass `options.servername` or `options.SNICallback` to securepair. PR-URL: nodejs/node#2441 Reviewed-By: Fedor Indutny <[email protected]>
richardlau
pushed a commit
to ibmruntimes/node
that referenced
this issue
Feb 18, 2016
Helps in implementation of nodejs#6204, where some options passed to `createSecurePair()` are ignored before this patch. These options are very helpful if someone wants to pass `options.servername` or `options.SNICallback` to securepair. PR-URL: nodejs/node#2441 Reviewed-By: Fedor Indutny <[email protected]>
richardlau
pushed a commit
to ibmruntimes/node
that referenced
this issue
Mar 9, 2016
Helps in implementation of nodejs#6204, where some options passed to `createSecurePair()` are ignored before this patch. These options are very helpful if someone wants to pass `options.servername` or `options.SNICallback` to securepair. PR-URL: nodejs/node#2441 Reviewed-By: Fedor Indutny <[email protected]>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
This script works up until node v0.11.3. I can bisect the exact commit a bit later...
Causes:
The text was updated successfully, but these errors were encountered: