Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 751fbd8

Browse filesBrowse files
indutnyMyles Borins
indutny
authored and
Myles Borins
committed
https: use servername in agent key
https requests with different SNI values should not be sent over the same connection, even if the `host` is the same. Server may want to present different certificate or route the incoming TLS connection differently, depending on the received servername extension. Fix: #3940 PR-URL: #4389 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
1 parent 44ee33f commit 751fbd8
Copy full SHA for 751fbd8

File tree

Expand file treeCollapse file tree

2 files changed

+56
-0
lines changed
Open diff view settings
Filter options
Expand file treeCollapse file tree

2 files changed

+56
-0
lines changed
Open diff view settings
Collapse file

‎lib/https.js‎

Copy file name to clipboardExpand all lines: lib/https.js
+4Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -123,6 +123,10 @@ Agent.prototype.getName = function(options) {
123123
if (options.rejectUnauthorized !== undefined)
124124
name += options.rejectUnauthorized;
125125

126+
name += ':';
127+
if (options.servername && options.servername !== options.host)
128+
name += options.servername;
129+
126130
return name;
127131
};
128132

Collapse file

‎test/parallel/test-https-agent-sni.js‎

Copy file name to clipboard
+52Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
'use strict';
2+
const common = require('../common');
3+
const assert = require('assert');
4+
5+
if (!common.hasCrypto) {
6+
console.log('1..0 # Skipped: missing crypto');
7+
return;
8+
}
9+
const https = require('https');
10+
11+
const fs = require('fs');
12+
13+
const options = {
14+
key: fs.readFileSync(common.fixturesDir + '/keys/agent1-key.pem'),
15+
cert: fs.readFileSync(common.fixturesDir + '/keys/agent1-cert.pem')
16+
};
17+
18+
const TOTAL = 4;
19+
var waiting = TOTAL;
20+
21+
const server = https.Server(options, function(req, res) {
22+
if (--waiting === 0) server.close();
23+
24+
res.writeHead(200, {
25+
'x-sni': req.socket.servername
26+
});
27+
res.end('hello world');
28+
});
29+
30+
server.listen(common.PORT, function() {
31+
function expectResponse(id) {
32+
return common.mustCall(function(res) {
33+
res.resume();
34+
assert.equal(res.headers['x-sni'], 'sni.' + id);
35+
});
36+
}
37+
38+
var agent = new https.Agent({
39+
maxSockets: 1
40+
});
41+
for (var j = 0; j < TOTAL; j++) {
42+
https.get({
43+
agent: agent,
44+
45+
path: '/',
46+
port: common.PORT,
47+
host: '127.0.0.1',
48+
servername: 'sni.' + j,
49+
rejectUnauthorized: false
50+
}, expectResponse(j));
51+
}
52+
});

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.