From 7c0accb8c309952905769973999538f429c7ae04 Mon Sep 17 00:00:00 2001
From: CallMeLaNN <git@lann.me>
Date: Fri, 10 Dec 2021 20:52:41 +0800
Subject: [PATCH] tls: permit null as a pfx value

Allow null along with undefined for pfx value.

This is to avoid breaking change when upgrading v14 to v16 and
3rd party library passing null to pfx

Fixes: https://github.com/nodejs/node/issues/36292
---
 lib/internal/tls/secure-context.js              |  2 +-
 .../parallel/test-tls-connect-secure-context.js | 17 +++++++++++++++++
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/lib/internal/tls/secure-context.js b/lib/internal/tls/secure-context.js
index 50a68df092c981..05329417ea51a8 100644
--- a/lib/internal/tls/secure-context.js
+++ b/lib/internal/tls/secure-context.js
@@ -261,7 +261,7 @@ function configSecureContext(context, options = {}, name = 'options') {
     context.setSessionIdContext(sessionIdContext);
   }
 
-  if (pfx !== undefined) {
+  if (pfx != null) {
     if (ArrayIsArray(pfx)) {
       ArrayPrototypeForEach(pfx, (val) => {
         const raw = val.buf ? val.buf : val;
diff --git a/test/parallel/test-tls-connect-secure-context.js b/test/parallel/test-tls-connect-secure-context.js
index afa98cf3313b6f..78f7e1685beb1d 100644
--- a/test/parallel/test-tls-connect-secure-context.js
+++ b/test/parallel/test-tls-connect-secure-context.js
@@ -23,3 +23,20 @@ connect({
   assert.ifError(err);
   return cleanup();
 });
+
+connect({
+  client: {
+    servername: 'agent1',
+    secureContext: tls.createSecureContext({
+      ca: keys.agent1.ca,
+      pfx: null,
+    }),
+  },
+  server: {
+    cert: keys.agent1.cert,
+    key: keys.agent1.key,
+  },
+}, function(err, pair, cleanup) {
+  assert.ifError(err);
+  return cleanup();
+});