From ba18406402f0dadd3f375037a7c883a83326c4f5 Mon Sep 17 00:00:00 2001
From: Matteo Collina <hello@matteocollina.com>
Date: Tue, 1 Oct 2019 18:06:22 +0200
Subject: [PATCH] tls: implement capture rejections for 'secureConnection'
 event
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/27867
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
---
 lib/_tls_wrap.js                              | 14 ++++++++
 .../test-tls-server-capture-rejection.js      | 34 +++++++++++++++++++
 2 files changed, 48 insertions(+)
 create mode 100644 test/parallel/test-tls-server-capture-rejection.js

diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js
index 2ce748cb56540a..f8c462ddd281c1 100644
--- a/lib/_tls_wrap.js
+++ b/lib/_tls_wrap.js
@@ -38,6 +38,7 @@ assertCrypto();
 const { setImmediate } = require('timers');
 const assert = require('internal/assert');
 const crypto = require('crypto');
+const EE = require('events');
 const net = require('net');
 const tls = require('tls');
 const common = require('_tls_common');
@@ -1395,6 +1396,19 @@ Server.prototype.addContext = function(servername, context) {
   this._contexts.push([re, tls.createSecureContext(context).context]);
 };
 
+Server.prototype[EE.captureRejectionSymbol] = function(
+  err, event, sock) {
+
+  switch (event) {
+    case 'secureConnection':
+      sock.destroy(err);
+      break;
+    default:
+      net.Server.prototype[Symbol.for('nodejs.rejection')]
+        .call(this, err, event, sock);
+  }
+};
+
 function SNICallback(servername, callback) {
   const contexts = this.server._contexts;
 
diff --git a/test/parallel/test-tls-server-capture-rejection.js b/test/parallel/test-tls-server-capture-rejection.js
new file mode 100644
index 00000000000000..f9bd3320e101f0
--- /dev/null
+++ b/test/parallel/test-tls-server-capture-rejection.js
@@ -0,0 +1,34 @@
+'use strict';
+
+const common = require('../common');
+if (!common.hasCrypto)
+  common.skip('missing crypto');
+
+const assert = require('assert');
+const events = require('events');
+const fixtures = require('../common/fixtures');
+const { createServer, connect } = require('tls');
+const cert = fixtures.readKey('rsa_cert.crt');
+const key = fixtures.readKey('rsa_private.pem');
+
+events.captureRejections = true;
+
+const server = createServer({ cert, key }, common.mustCall(async (sock) => {
+  server.close();
+
+  const _err = new Error('kaboom');
+  sock.on('error', common.mustCall((err) => {
+    assert.strictEqual(err, _err);
+  }));
+  throw _err;
+}));
+
+server.listen(0, common.mustCall(() => {
+  const sock = connect({
+    port: server.address().port,
+    host: server.address().host,
+    rejectUnauthorized: false
+  });
+
+  sock.on('close', common.mustCall());
+}));