Skip to content

Commit

Permalink
https: support rejectUnauthorized for unix sockets
Browse files Browse the repository at this point in the history
This commit allows self signed certificates to work with
unix sockets by forwarding the rejectUnauthorized option.

Fixes: nodejs#13470
PR-URL: nodejs#13505
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
  • Loading branch information
cjihrig committed Jun 8, 2017
1 parent d958bf8 commit d0571a9
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 1 deletion.
3 changes: 2 additions & 1 deletion lib/_http_client.js
Original file line number Diff line number Diff line change
Expand Up @@ -247,7 +247,8 @@ function ClientRequest(options, cb) {
this.shouldKeepAlive = false;
var optionsPath = {
path: this.socketPath,
timeout: this.timeout
timeout: this.timeout,
rejectUnauthorized: !!options.rejectUnauthorized
};
newSocket = this.agent.createConnection(optionsPath, oncreate);
if (newSocket && !called) {
Expand Down
28 changes: 28 additions & 0 deletions test/parallel/test-https-unix-socket-self-signed.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
'use strict';
const common = require('../common');

if (!common.hasCrypto) {
common.skip('missing crypto');
return;
}

common.refreshTmpDir();

const fs = require('fs');
const https = require('https');
const options = {
cert: fs.readFileSync(common.fixturesDir + '/test_cert.pem'),
key: fs.readFileSync(common.fixturesDir + '/test_key.pem')
};

const server = https.createServer(options, common.mustCall((req, res) => {
res.end('bye\n');
server.close();
}));

server.listen(common.PIPE, common.mustCall(() => {
https.get({
socketPath: common.PIPE,
rejectUnauthorized: false
});
}));

0 comments on commit d0571a9

Please sign in to comment.