Skip to content

Commit

Permalink
https: support rejectUnauthorized for unix sockets
Browse files Browse the repository at this point in the history
This commit allows self signed certificates to work with
unix sockets by forwarding the rejectUnauthorized option.

Fixes: #13470
PR-URL: #13505
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
  • Loading branch information
cjihrig authored and addaleax committed Jun 10, 2017
1 parent 4d27930 commit c4cbd99
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 1 deletion.
3 changes: 2 additions & 1 deletion lib/_http_client.js
Original file line number Diff line number Diff line change
Expand Up @@ -247,7 +247,8 @@ function ClientRequest(options, cb) {
this.shouldKeepAlive = false;
var optionsPath = {
path: this.socketPath,
timeout: this.timeout
timeout: this.timeout,
rejectUnauthorized: !!options.rejectUnauthorized
};
newSocket = this.agent.createConnection(optionsPath, oncreate);
if (newSocket && !called) {
Expand Down
28 changes: 28 additions & 0 deletions test/parallel/test-https-unix-socket-self-signed.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
'use strict';
const common = require('../common');

if (!common.hasCrypto) {
common.skip('missing crypto');
return;
}

common.refreshTmpDir();

const fs = require('fs');
const https = require('https');
const options = {
cert: fs.readFileSync(common.fixturesDir + '/test_cert.pem'),
key: fs.readFileSync(common.fixturesDir + '/test_key.pem')
};

const server = https.createServer(options, common.mustCall((req, res) => {
res.end('bye\n');
server.close();
}));

server.listen(common.PIPE, common.mustCall(() => {
https.get({
socketPath: common.PIPE,
rejectUnauthorized: false
});
}));

0 comments on commit c4cbd99

Please sign in to comment.