test: add test for servername preservation on resumed TLS sessions

jorgitin02 · claude · jorgitin02 · commit a9cecb60aacd · 2026-03-01T19:23:15.000-05:00
Adds a test that verifies socket.servername is correctly returned on the
server side when a TLS session is resumed via a session ticket, covering
the regression fixed in this PR.

Co-Authored-By: Claude Sonnet 4.6 &lt;noreply@anthropic.com&gt;
diff --git a/test/parallel/test-tls-servername-session-resumption.js b/test/parallel/test-tls-servername-session-resumption.js
@@ -0,0 +1,60 @@
+'use strict';
+
+// Verify that servername (SNI) is preserved on resumed TLS sessions.
+// Regression test for https://github.com/nodejs/node/issues/59202
+
+const common = require('../common');
+if (!common.hasCrypto)
+  common.skip('missing crypto');
+
+// The fix only applies to OpenSSL (not BoringSSL).
+if (process.features.openssl_is_boringssl)
+  common.skip('BoringSSL does not support SSL_SESSION_set1_hostname');
+
+const assert = require('assert');
+const tls = require('tls');
+const fixtures = require('../common/fixtures');
+
+const SERVERNAME = 'agent1.example.com';
+
+const serverOptions = {
+  key: fixtures.readKey('agent1-key.pem'),
+  cert: fixtures.readKey('agent1-cert.pem'),
+};
+
+const server = tls.createServer(serverOptions, common.mustCall((socket) => {
+  // servername must be the SNI value sent by the client on both the initial
+  // and the resumed handshake.
+  assert.strictEqual(socket.servername, SERVERNAME);
+  socket.end();
+}, 2));
+
+server.listen(0, common.mustCall(function() {
+  const port = server.address().port;
+
+  // First connection: establish a session with an SNI servername.
+  const client1 = tls.connect({
+    port,
+    servername: SERVERNAME,
+    rejectUnauthorized: false,
+  }, common.mustCall());
+
+  client1.once('session', common.mustCall((session) => {
+    // Second connection: resume the session and verify the servername is
+    // preserved on the server side.
+    const client2 = tls.connect({
+      port,
+      servername: SERVERNAME,
+      rejectUnauthorized: false,
+      session,
+    }, common.mustCall(() => {
+      assert.strictEqual(client2.isSessionReused(), true,
+                         'expected session to be reused');
+      client2.end();
+    }));
+
+    client2.on('close', common.mustCall(() => server.close()));
+  }));
+
+  client1.resume();
+}));
