Skip to content

Commit

Permalink
https: support rejectUnauthorized for unix sockets
Browse files Browse the repository at this point in the history
This commit allows self signed certificates to work with
unix sockets by forwarding the rejectUnauthorized option.

Backport-PR-URL: #14415
Fixes: #13470
PR-URL: #13505
Reviewed-By: Refael Ackermann <[email protected]>
Reviewed-By: Sam Roberts <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Daniel Bevenius <[email protected]>
  • Loading branch information
cjihrig authored and MylesBorins committed Jul 31, 2017
1 parent f66f09f commit 0130298
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 1 deletion.
3 changes: 2 additions & 1 deletion lib/_http_client.js
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,8 @@ function ClientRequest(options, cb) {
self.shouldKeepAlive = false;
const optionsPath = {
path: self.socketPath,
timeout: self.timeout
timeout: self.timeout,
rejectUnauthorized: !!options.rejectUnauthorized
};
const newSocket = self.agent.createConnection(optionsPath, oncreate);
if (newSocket && !called) {
Expand Down
28 changes: 28 additions & 0 deletions test/parallel/test-https-unix-socket-self-signed.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
'use strict';
const common = require('../common');

if (!common.hasCrypto) {
common.skip('missing crypto');
return;
}

common.refreshTmpDir();

const fs = require('fs');
const https = require('https');
const options = {
cert: fs.readFileSync(common.fixturesDir + '/test_cert.pem'),
key: fs.readFileSync(common.fixturesDir + '/test_key.pem')
};

const server = https.createServer(options, common.mustCall((req, res) => {
res.end('bye\n');
server.close();
}));

server.listen(common.PIPE, common.mustCall(() => {
https.get({
socketPath: common.PIPE,
rejectUnauthorized: false
});
}));

0 comments on commit 0130298

Please sign in to comment.