tls: reset secureConnecting on client socket

secureConnecting is never set to false on client TLS sockets. So if Http2Session constructor (in lib/internal/http2/core.js) is called after secureConnect is emitted, then it will wrongly wait for a secureConnect event. This fix sets secureConnecting to false when a client TLS socket has connected. Backport-PR-URL: #34859 PR-URL: #33209 Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Sam Roberts <[email protected]>
nodejs · Nov 16, 2020 · 12d76b8 · 12d76b8
1 parent 70768ce
commit 12d76b8
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 1 deletion.
diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js
@@ -1523,10 +1523,12 @@ function onConnectSecure() {
     debug('client emit secureConnect. rejectUnauthorized: %s, ' +
           'authorizationError: %s', options.rejectUnauthorized,
           this.authorizationError);
+    this.secureConnecting = false;
     this.emit('secureConnect');
   } else {
     this.authorized = true;
     debug('client emit secureConnect. authorized:', this.authorized);
+    this.secureConnecting = false;
     this.emit('secureConnect');
   }
 

diff --git a/test/parallel/test-http2-connect.js b/test/parallel/test-http2-connect.js
@@ -9,9 +9,11 @@ const {
 } = require('../common');
 if (!hasCrypto)
   skip('missing crypto');
+const fixtures = require('../common/fixtures');
 const assert = require('assert');
-const { createServer, connect } = require('http2');
+const { createServer, createSecureServer, connect } = require('http2');
 const { connect: netConnect } = require('net');
+const { connect: tlsConnect } = require('tls');
 
 // Check for session connect callback and event
 {
@@ -70,6 +72,36 @@ const { connect: netConnect } = require('net');
   connect(authority).on('error', () => {});
 }
 
+// Check for session connect callback on already connected TLS socket
+{
+  const serverOptions = {
+    key: fixtures.readKey('agent1-key.pem'),
+    cert: fixtures.readKey('agent1-cert.pem')
+  };
+  const server = createSecureServer(serverOptions);
+  server.listen(0, mustCall(() => {
+    const { port } = server.address();
+
+    const onSocketConnect = () => {
+      const authority = `https://localhost:${port}`;
+      const createConnection = mustCall(() => socket);
+      const options = { createConnection };
+      connect(authority, options, mustCall(onSessionConnect));
+    };
+
+    const onSessionConnect = (session) => {
+      session.close();
+      server.close();
+    };
+
+    const clientOptions = {
+      port,
+      rejectUnauthorized: false
+    };
+    const socket = tlsConnect(clientOptions, mustCall(onSocketConnect));
+  }));
+}
+
 // Check for error for init settings error
 {
   createServer(function() {