https: support rejectUnauthorized for unix sockets

This commit allows self signed certificates to work with unix sockets by forwarding the rejectUnauthorized option. Fixes: #13470 PR-URL: #13505 Reviewed-By: Refael Ackermann <[email protected]> Reviewed-By: Sam Roberts <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Daniel Bevenius <[email protected]>
nodejs · Jun 10, 2017 · c4cbd99 · c4cbd99
1 parent 4d27930
commit c4cbd99
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 1 deletion.
diff --git a/lib/_http_client.js b/lib/_http_client.js
@@ -247,7 +247,8 @@ function ClientRequest(options, cb) {
     this.shouldKeepAlive = false;
     var optionsPath = {
       path: this.socketPath,
-      timeout: this.timeout
+      timeout: this.timeout,
+      rejectUnauthorized: !!options.rejectUnauthorized
     };
     newSocket = this.agent.createConnection(optionsPath, oncreate);
     if (newSocket && !called) {

diff --git a/test/parallel/test-https-unix-socket-self-signed.js b/test/parallel/test-https-unix-socket-self-signed.js
@@ -0,0 +1,28 @@
+'use strict';
+const common = require('../common');
+
+if (!common.hasCrypto) {
+  common.skip('missing crypto');
+  return;
+}
+
+common.refreshTmpDir();
+
+const fs = require('fs');
+const https = require('https');
+const options = {
+  cert: fs.readFileSync(common.fixturesDir + '/test_cert.pem'),
+  key: fs.readFileSync(common.fixturesDir + '/test_key.pem')
+};
+
+const server = https.createServer(options, common.mustCall((req, res) => {
+  res.end('bye\n');
+  server.close();
+}));
+
+server.listen(common.PIPE, common.mustCall(() => {
+  https.get({
+    socketPath: common.PIPE,
+    rejectUnauthorized: false
+  });
+}));