https: support rejectUnauthorized for unix sockets

This commit allows self signed certificates to work with unix sockets by forwarding the rejectUnauthorized option. Backport-PR-URL: nodejs#14415 Fixes: nodejs#13470 PR-URL: nodejs#13505 Reviewed-By: Refael Ackermann <[email protected]> Reviewed-By: Sam Roberts <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Daniel Bevenius <[email protected]>
sclarson · Jul 31, 2017 · 0130298 · 0130298
1 parent f66f09f
commit 0130298
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 1 deletion.
diff --git a/lib/_http_client.js b/lib/_http_client.js
@@ -135,7 +135,8 @@ function ClientRequest(options, cb) {
     self.shouldKeepAlive = false;
     const optionsPath = {
       path: self.socketPath,
-      timeout: self.timeout
+      timeout: self.timeout,
+      rejectUnauthorized: !!options.rejectUnauthorized
     };
     const newSocket = self.agent.createConnection(optionsPath, oncreate);
     if (newSocket && !called) {

diff --git a/test/parallel/test-https-unix-socket-self-signed.js b/test/parallel/test-https-unix-socket-self-signed.js
@@ -0,0 +1,28 @@
+'use strict';
+const common = require('../common');
+
+if (!common.hasCrypto) {
+  common.skip('missing crypto');
+  return;
+}
+
+common.refreshTmpDir();
+
+const fs = require('fs');
+const https = require('https');
+const options = {
+  cert: fs.readFileSync(common.fixturesDir + '/test_cert.pem'),
+  key: fs.readFileSync(common.fixturesDir + '/test_key.pem')
+};
+
+const server = https.createServer(options, common.mustCall((req, res) => {
+  res.end('bye\n');
+  server.close();
+}));
+
+server.listen(common.PIPE, common.mustCall(() => {
+  https.get({
+    socketPath: common.PIPE,
+    rejectUnauthorized: false
+  });
+}));