Skip to content

Commit 13c253d

Browse files
committed
test: add coverage for multiple SSL_CERT_DIR entries
Signed-off-by: Archkon <180910180+Archkon@users.noreply.github.com>
1 parent bf1d0d4 commit 13c253d

2 files changed

Lines changed: 29 additions & 5 deletions

File tree

test/fixtures/tls-check-openssl-ca-certificates.js

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,9 +5,13 @@ const fs = require('fs');
55
const tls = require('tls');
66
const { includesCert } = require('../common/tls');
77

8-
const expected = fs.readFileSync(process.env.SSL_CERT_FILE, 'utf8');
8+
const expectedCertFiles = process.env.EXPECTED_CERT_FILES ?
9+
JSON.parse(process.env.EXPECTED_CERT_FILES) : [process.env.SSL_CERT_FILE];
910
const defaultCerts = tls.getCACertificates('default');
1011

11-
assert(includesCert(defaultCerts, expected));
12+
for (const certFile of expectedCertFiles) {
13+
const expected = fs.readFileSync(certFile, 'utf8');
14+
assert(includesCert(defaultCerts, expected));
15+
}
1216
assert.strictEqual(defaultCerts, tls.getCACertificates());
1317
assert.strictEqual(defaultCerts, tls.getCACertificates('default'));
Lines changed: 23 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,23 +1,43 @@
11
'use strict';
22

33
// This tests that tls.getCACertificates('default') includes certificates from
4-
// OpenSSL's default certificate file when --use-openssl-ca is enabled.
4+
// OpenSSL's default certificate file and directories when --use-openssl-ca is
5+
// enabled.
56

67
const common = require('../common');
78
if (!common.hasCrypto) common.skip('missing crypto');
89

10+
const fs = require('fs');
11+
const path = require('path');
912
const { spawnSyncAndExitWithoutError } = require('../common/child_process');
1013
const fixtures = require('../common/fixtures');
14+
const tmpdir = require('../common/tmpdir');
15+
16+
tmpdir.refresh();
17+
18+
const firstCertDir = tmpdir.resolve('openssl-certs-1');
19+
const secondCertDir = tmpdir.resolve('openssl-certs-2');
20+
fs.mkdirSync(firstCertDir);
21+
fs.mkdirSync(secondCertDir);
22+
23+
const expectedCertFiles = [
24+
fixtures.path('keys', 'ca1-cert.pem'),
25+
fixtures.path('keys', 'ca2-cert.pem'),
26+
fixtures.path('keys', 'ca3-cert.pem'),
27+
];
28+
fs.copyFileSync(expectedCertFiles[1], path.join(firstCertDir, 'ca2-cert.pem'));
29+
fs.copyFileSync(expectedCertFiles[2], path.join(secondCertDir, 'ca3-cert.pem'));
1130

1231
spawnSyncAndExitWithoutError(
1332
process.execPath,
1433
['--use-openssl-ca', fixtures.path('tls-check-openssl-ca-certificates.js')],
1534
{
1635
env: {
1736
...process.env,
37+
EXPECTED_CERT_FILES: JSON.stringify(expectedCertFiles),
1838
NODE_EXTRA_CA_CERTS: undefined,
19-
SSL_CERT_FILE: fixtures.path('keys', 'ca1-cert.pem'),
20-
SSL_CERT_DIR: '',
39+
SSL_CERT_FILE: expectedCertFiles[0],
40+
SSL_CERT_DIR: [firstCertDir, secondCertDir].join(path.delimiter),
2141
},
2242
},
2343
);

0 commit comments

Comments
 (0)