'use strict' var assert = require('assert') var config = require('./lib/config') var fs = require('fs') var helper = require('./helper') var path = require('path') var redis = config.redis var utils = require('../lib/utils') var tlsOptions = { servername: 'redis.js.org', rejectUnauthorized: true, ca: [ String(fs.readFileSync(path.resolve(__dirname, './conf/redis.js.org.cert'))) ] } var tlsPort = 6380 // Use skip instead of returning to indicate what tests really got skipped var skip = false // Wait until stunnel4 is in the travis whitelist // Check: https://github.com/travis-ci/apt-package-whitelist/issues/403 // If this is merged, remove the travis env checks describe.skip('TLS connection tests', function () { before(function (done) { // Print the warning when the tests run instead of while starting mocha if (process.platform === 'win32') { skip = true console.warn('\nStunnel tests do not work on windows atm. If you think you can fix that, it would be warmly welcome.\n') } else if (process.env.TRAVIS === 'true') { skip = true console.warn('\nTravis does not support stunnel right now. Skipping tests.\nCheck: https://github.com/travis-ci/apt-package-whitelist/issues/403\n') } if (skip) return done() helper.stopStunnel(function () { helper.startStunnel(done) }) }) after(function (done) { if (skip) return done() helper.stopStunnel(done) }) var client afterEach(function () { if (skip) return client.end(true) }) describe('on lost connection', function () { it.skip('emit an error after max retry timeout and do not try to reconnect afterwards', function (done) { if (skip) this.skip() var connectTimeout = 500 // in ms client = redis.createClient({ connectTimeout: connectTimeout, port: tlsPort, tls: tlsOptions }) var time = 0 assert.strictEqual(client.address, '127.0.0.1:' + tlsPort) client.once('ready', function () { helper.killConnection(client) }) client.on('reconnecting', function (params) { time += params.delay }) client.on('error', function (err) { if (/Redis connection in broken state: connection timeout.*?exceeded./.test(err.message)) { process.nextTick(function () { assert.strictEqual(time, connectTimeout) assert.strictEqual(client.emittedEnd, true) assert.strictEqual(client.connected, false) assert.strictEqual(client.ready, false) assert.strictEqual(client.closing, true) assert.strictEqual(time, connectTimeout) done() }) } }) }) }) describe('when not connected', function () { it('connect with host and port provided in the tls object', function (done) { if (skip) this.skip() var tls = utils.clone(tlsOptions) tls.port = tlsPort tls.host = 'localhost' client = redis.createClient({ connectTimeout: 1000, tls: tls }) // verify connection is using TCP, not UNIX socket assert.strictEqual(client.connectionOptions.host, 'localhost') assert.strictEqual(client.connectionOptions.port, tlsPort) assert.strictEqual(client.address, 'localhost:' + tlsPort) assert(client.stream.encrypted) client.set('foo', 'bar') client.get('foo', helper.isString('bar', done)) }) it('fails to connect because the cert is not correct', function (done) { if (skip) this.skip() var faultyCert = utils.clone(tlsOptions) faultyCert.ca = [ String(fs.readFileSync(path.resolve(__dirname, './conf/faulty.cert'))) ] client = redis.createClient({ host: 'localhost', connectTimeout: 1000, port: tlsPort, tls: faultyCert }) assert.strictEqual(client.address, 'localhost:' + tlsPort) client.on('error', function (err) { assert(/DEPTH_ZERO_SELF_SIGNED_CERT/.test(err.code || err.message), err) client.end(true) }) client.set('foo', 'bar', helper.isError(done)) }) }) })