From c9b376ecca61d9284e30ffebf147835727cd7081 Mon Sep 17 00:00:00 2001
From: alxndrsn <alxndrsn>
Date: Tue, 3 Dec 2024 05:52:11 +0000
Subject: [PATCH] rewrite test with TLS

---
 test/test-nginx.js | 32 ++++++++++++++++++++------------
 1 file changed, 20 insertions(+), 12 deletions(-)

diff --git a/test/test-nginx.js b/test/test-nginx.js
index bfdd9a6d..89cd9f04 100644
--- a/test/test-nginx.js
+++ b/test/test-nginx.js
@@ -1,3 +1,4 @@
+const TLS = require('node:tls');
 const { Readable } = require('stream');
 const { assert } = require('chai');
 
@@ -126,18 +127,25 @@ describe('nginx config', () => {
     assert.equal(res.status, 421);
   });
 
-  it('should serve long-lived certificate to HTTPS requests with incorrect host header', async () => {
-    // when
-    const res = await fetchHttps('/', { headers:{ host:'bad.example.com' } });
-
-    // then
-    const validUntilRaw = res.certificate.valid_to;
-    // Dates look like RFC-822 format - probably direct output of `openssl`.  NodeJS Date.parse()
-    // seems to support this format.
-    const validUntil = new Date(validUntilRaw);
-    assert.isFalse(isNaN(validUntil), `Could not parse certificate's valid_to value as a date ('${validUntilRaw}')`);
-    assert.isAbove(validUntil.getFullYear(), 3000, 'The provided certificate expires too soon.');
-  });
+  it('should serve long-lived certificate to HTTPS requests with incorrect host header', () => new Promise((resolve, reject) => {
+    const socket = TLS.connect(9001, { host:'localhost', servername:'bad.example.com', rejectUnauthorized:false }, () => {
+      try {
+        const certificate = socket.getPeerCertificate();
+        const validUntilRaw = certificate.valid_to;
+
+        // Dates look like RFC-822 format - probably direct output of `openssl`.  NodeJS Date.parse()
+        // seems to support this format.
+        const validUntil = new Date(validUntilRaw);
+        assert.isFalse(isNaN(validUntil), `Could not parse certificate's valid_to value as a date ('${validUntilRaw}')`);
+        assert.isAbove(validUntil.getFullYear(), 3000, 'The provided certificate expires too soon.');
+        socket.end();
+      } catch(err) {
+        socket.destroy(err);
+      }
+    });
+    socket.on('end', resolve);
+    socket.on('error', reject);
+  }));
 });
 
 function fetchHttp(path, options) {