From 01302989a7b1f4803dd04e800c8cf156ca1ec45a Mon Sep 17 00:00:00 2001
From: cjihrig <cjihrig@gmail.com>
Date: Tue, 6 Jun 2017 15:06:45 -0400
Subject: [PATCH] https: support rejectUnauthorized for unix sockets

This commit allows self signed certificates to work with
unix sockets by forwarding the rejectUnauthorized option.

Backport-PR-URL: https://github.com/nodejs/node/pull/14415
Fixes: https://github.com/nodejs/node/issues/13470
PR-URL: https://github.com/nodejs/node/pull/13505
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
---
 lib/_http_client.js                           |  3 +-
 .../test-https-unix-socket-self-signed.js     | 28 +++++++++++++++++++
 2 files changed, 30 insertions(+), 1 deletion(-)
 create mode 100644 test/parallel/test-https-unix-socket-self-signed.js

diff --git a/lib/_http_client.js b/lib/_http_client.js
index 22eadfb5584676..4d71ec594743f4 100644
--- a/lib/_http_client.js
+++ b/lib/_http_client.js
@@ -135,7 +135,8 @@ function ClientRequest(options, cb) {
     self.shouldKeepAlive = false;
     const optionsPath = {
       path: self.socketPath,
-      timeout: self.timeout
+      timeout: self.timeout,
+      rejectUnauthorized: !!options.rejectUnauthorized
     };
     const newSocket = self.agent.createConnection(optionsPath, oncreate);
     if (newSocket && !called) {
diff --git a/test/parallel/test-https-unix-socket-self-signed.js b/test/parallel/test-https-unix-socket-self-signed.js
new file mode 100644
index 00000000000000..f503b84591cad7
--- /dev/null
+++ b/test/parallel/test-https-unix-socket-self-signed.js
@@ -0,0 +1,28 @@
+'use strict';
+const common = require('../common');
+
+if (!common.hasCrypto) {
+  common.skip('missing crypto');
+  return;
+}
+
+common.refreshTmpDir();
+
+const fs = require('fs');
+const https = require('https');
+const options = {
+  cert: fs.readFileSync(common.fixturesDir + '/test_cert.pem'),
+  key: fs.readFileSync(common.fixturesDir + '/test_key.pem')
+};
+
+const server = https.createServer(options, common.mustCall((req, res) => {
+  res.end('bye\n');
+  server.close();
+}));
+
+server.listen(common.PIPE, common.mustCall(() => {
+  https.get({
+    socketPath: common.PIPE,
+    rejectUnauthorized: false
+  });
+}));