Added test for prefer tls mode and made it default

vertica · Sep 17, 2024 · dc1bded · dc1bded
1 parent 2af7448
commit dc1bded
Showing 1 changed file with 31 additions and 2 deletions.
diff --git a/packages/vertica-nodejs/test/integration/connection/tls-tests.js b/packages/vertica-nodejs/test/integration/connection/tls-tests.js
@@ -37,8 +37,8 @@ const client_key_path     =  __dirname + '/../../tls/client_key.pem'
 // all connections from the client, the caveat being that for try_verify and verify_ca it's possible
 // for the connection to be plaintext if the client doesn't present valid credentials. 
 suite.test('vertica tls - disable mode - all', function () {
-  var client = new vertica.Client() // 'disable' by default, so no need to pass in that option
-  assert.equal(client.tls_mode, vertica.defaults.tls_mode)
+  var client = new vertica.Client({tls_mode: 'disable'})
+  assert.equal(client.tls_mode, 'disable')
   client.connect(err => {
     if (err) {
       // shouldn't fail to connect
@@ -58,6 +58,35 @@ suite.test('vertica tls - disable mode - all', function () {
   })
 })
 
+// Test case for tls_mode = 'prefer' as default
+// The client will attempt to establish a TLS connection if the server supports it.
+// If the server does not support TLS, the client will still connect using a plaintext connection.
+// This test verifies that in 'prefer' mode, the client connects successfully.
+suite.test('vertica tls - prefer mode', function () {
+  var client = new vertica.Client() // 'prefer' by default, so no need to pass in that option
+  assert.equal(client.tls_mode, vertica.defaults.tls_mode)
+  client.connect(err => {
+    if (err) {
+      console.log(err)
+      assert(false)
+    }
+    //Verify is client is using a TLS connection
+    client.query("SELECT mode FROM tls_configurations where name = 'server' LIMIT 1", (err, res) => {
+      if (err) {
+        console.log(err)
+        assert(false)
+      }
+      if (['ENABLE', 'TRY_VERIFY', 'VERIFY_CA', 'VERIFY_FULL'].includes(res.rows[0].mode)) {
+        assert.equal(client.connection.stream.constructor.name.toString(), "TLSSocket")
+      }
+      else {
+      assert.notEqual(client.connection.stream.constructor.name.toString(), "TLSSocket")
+      }
+      client.end()
+    })
+  })
+})
+
 // Test case for tls_mode = 'require'
 // The server will not accept all connections from the client with the client in 'require' mode. The server
 // will reject a connection in DISABLE mode for obvious reasons (client requiring TLS + server disallowing TLS)