Better error handling

- Fix issue where errors reading certs are not surfacing to promise results
- Use more idiomatic patterns for Promises
- Stop using sync fs operations
- Fix npm audit errors
- Add `.nvmrc` so test using weak cipher can run
- Fix publishing of extraneous files
- Fix duplicate test name

Author: jpage-godaddy

.nvmrc

@@ -0,0 +1 @@
+16

index.js

@@ -7,17 +7,18 @@
  *
  */
 
-var fs = require('fs'),
+const
+  fs = require('fs').promises,
   tls = require('tls'),
   path = require('path'),
   constants = require('constants'),
   connected = require('connected'),
   errs = require('errs'),
   assign = require('object-assign');
 
-var pemFormat = /-----BEGIN/;
+const pemFormat = /-----BEGIN/;
 
-var CIPHERS = [
+const CIPHERS = [
   'ECDHE-RSA-AES256-SHA384',
   'DHE-RSA-AES256-SHA384',
   'ECDHE-RSA-AES256-SHA256',
@@ -36,7 +37,7 @@ var CIPHERS = [
   '!CAMELLIA'
 ].join(':');
 
-var secureOptions = constants.SSL_OP_NO_SSLv3;
+const secureOptions = constants.SSL_OP_NO_SSLv3;
 
 /**
  * function createServers (dispatch, options, callback)
@@ -49,31 +50,28 @@ module.exports = async function createServers(options, listening) {
     return listening(err);
   }
 
-  const [
-    [httpErr, http],
-    [httpsErr, https],
-    [http2Err, http2]] = await Promise.all([
+  const [httpResult, httpsResult, http2Result] = await Promise.allSettled([
     createHttp(options.http, options.log),
     createHttps(options.https, options.log),
     createHttps(options.http2, options.log, true)
-  ]);
+  ])
 
   const servers = {};
-  if (http) servers.http = http;
-  if (https) servers.https = https;
-  if (http2) servers.http2 = http2;
+  if (httpResult.value) servers.http = httpResult.value;
+  if (httpsResult.value) servers.https = httpsResult.value;
+  if (http2Result.value) servers.http2 = http2Result.value;
 
-  if (httpErr || httpsErr || http2Err) {
-    let errorSource = http2Err || httpsErr || httpErr;
+  const errorSource = httpResult.reason || httpsResult.reason || http2Result.reason;
+  if (errorSource) {
     if (Array.isArray(errorSource)) {
       errorSource = errorSource[0];
     }
     return listening(
       errs.create({
         message: errorSource && errorSource.message,
-        http2: http2Err,
-        https: httpsErr,
-        http: httpErr
+        http2: http2Result.reason,
+        https: httpsResult.reason,
+        http: httpResult.reason
       }),
       servers
     );
@@ -172,25 +170,25 @@ function normalizeCertChainList(root, data) {
   // If this is an array, treat like an array of bundles, otherwise a single
   // bundle
   return Array.isArray(data)
-    ? data.map(function(item) {
+    ? Promise.all(data.map(function(item) {
         return normalizeCertChain(root, item);
-      })
+      }))
     : normalizePEMContent(root, data);
 }
 
-function normalizeCertChain(root, data) {
+async function normalizeCertChain(root, data) {
   // A chain can be an array, which we concatenate together into one PEM,
   // an already-concatenated chain, or a single PEM
 
-  const content = normalizePEMContent(root, data);
+  const content = await normalizePEMContent(root, data);
   return Array.isArray(content) ? content.join('\n') : content;
 }
 
 function normalizeCA(root, ca) {
   if (ca && !Array.isArray(ca)) {
     ca = [ca];
   }
-  return ca && ca.map(normalizePEMContent.bind(null, root));
+  return ca && Promise.all(ca.map(normalizePEMContent.bind(null, root)));
 }
 
 /**
@@ -201,9 +199,9 @@ function normalizeCA(root, ca) {
  */
 function normalizePEMContent(root, file) {
   if (Array.isArray(file))
-    return file.map(function map(item) {
+    return Promise.all(file.map(function map(item) {
       return normalizePEMContent(root, item);
-    });
+    }));
 
   //
   // Assumption that this is a Buffer, a PEM file, or something broken
@@ -212,7 +210,7 @@ function normalizePEMContent(root, file) {
     return file;
   }
 
-  return fs.readFileSync(path.resolve(root, file));
+  return fs.readFile(path.resolve(root, file));
 }
 
 function normalizeCiphers(ciphers) {
@@ -226,11 +224,11 @@ function normalizeCiphers(ciphers) {
   return ciphers;
 }
 
-function getSNIHandler(sslOpts) {
-  var sniHosts = Object.keys(sslOpts.sni);
+async function getSNIHandler(sslOpts) {
+  const sniHosts = Object.keys(sslOpts.sni);
 
   // Pre-compile regexps for the hostname
-  var hostRegexps = sniHosts.map(function(host) {
+  const hostRegexps = sniHosts.map(function(host) {
     return host === '*' ? /.*/ : new RegExp(
       '^' +
       host
@@ -242,16 +240,22 @@ function getSNIHandler(sslOpts) {
   });
 
   // Prepare secure contexts ahead-of-time
-  var hostSecureContexts = sniHosts.map(function(host) {
+  const hostSecureContexts = await Promise.all(sniHosts.map(async function(host) {
     var hostOpts = sslOpts.sni[host];
 
     var root = hostOpts.root || sslOpts.root;
 
+    const [key, cert, ca] = await Promise.all([
+      normalizePEMContent(root, hostOpts.key),
+      normalizeCertContent(root, hostOpts.cert),
+      normalizeCA(root, hostOpts.ca || sslOpts.ca)
+    ])
+
     return tls.createSecureContext(
       assign({}, sslOpts, hostOpts, {
-        key: normalizePEMContent(root, hostOpts.key),
-        cert: normalizeCertContent(root, hostOpts.cert),
-        ca: normalizeCA(root, hostOpts.ca || sslOpts.ca),
+        key,
+        cert,
+        ca,
         ciphers: normalizeCiphers(hostOpts.ciphers || sslOpts.ciphers),
         honorCipherOrder: !!(
           hostOpts.honorCipherOrder || sslOpts.honorCipherOrder
@@ -260,7 +264,7 @@ function getSNIHandler(sslOpts) {
         secureOptions: secureOptions
       })
     );
-  });
+  }));
 
   return function(hostname, cb) {
     var matchingHostIdx = sniHosts.findIndex(function(candidate, i) {
@@ -282,14 +286,14 @@ function getSNIHandler(sslOpts) {
 async function createHttp(httpConfig, log) {
   if (typeof httpConfig === 'undefined') {
     log('http | no options.http; no server');
-    return [null, null];
+    return null;
   }
 
   if (Array.isArray(httpConfig)) {
     return await createMultiple(createHttp, httpConfig, log);
   }
 
-  return await new Promise(resolve => {
+  return await new Promise((resolve, reject) => {
     var server = require('http').createServer(httpConfig.handler),
       timeout = httpConfig.timeout,
       port = httpConfig.port,
@@ -304,7 +308,7 @@ async function createHttp(httpConfig, log) {
 
     log('http | try listen ' + port);
     args.push(function listener(err) {
-      resolve([err, server]);
+      err ? reject(err) : resolve(server);
     });
     connected.apply(null, args);
   });
@@ -317,26 +321,30 @@ async function createHttp(httpConfig, log) {
 async function createHttps(ssl, log, h2) {
   if (typeof ssl === 'undefined') {
     log('https | no options.https; no server');
-    return [null, null];
+    return null;
   }
 
   if (Array.isArray(ssl)) {
     return await createMultiple(createHttps, ssl, log, h2);
   }
 
-  return await new Promise(resolve => {
-    var port = ssl.port,
-      timeout = ssl.timeout,
-      server,
-      args;
+  let
+    port = ssl.port,
+    timeout = ssl.timeout,
+    server,
+    args;
 
-    var finalHttpsOptions = assign({}, ssl, {
-      //
-      // Load default SSL key, cert and ca(s).
-      //
-      key: normalizePEMContent(ssl.root, ssl.key),
-      cert: normalizeCertContent(ssl.root, ssl.cert, ssl.key),
-      ca: normalizeCA(ssl.root, ssl.ca),
+  const [key, cert, ca] = await Promise.all([
+    normalizePEMContent(ssl.root, ssl.key),
+    normalizeCertContent(ssl.root, ssl.cert, ssl.key),
+    normalizeCA(ssl.root, ssl.ca)
+  ]);
+
+  return await new Promise(async (resolve, reject) => {
+    const finalHttpsOptions = assign({}, ssl, {
+      key,
+      cert,
+      ca,
       //
       // Properly expose ciphers for an A+ SSL rating:
       // https://certsimple.com/blog/a-plus-node-js-ssl
@@ -352,7 +360,7 @@ async function createHttps(ssl, log, h2) {
     });
 
     if (ssl.sni && !finalHttpsOptions.SNICallback) {
-      finalHttpsOptions.SNICallback = getSNIHandler(ssl);
+      finalHttpsOptions.SNICallback = await getSNIHandler(ssl);
     }
 
     log('https | listening on %d', port);
@@ -369,21 +377,26 @@ async function createHttps(ssl, log, h2) {
     }
 
     args.push(function listener(err) {
-      resolve([err, server]);
+      err ? reject(err) : resolve(server);
     });
     connected.apply(null, args);
   });
 }
 
 async function createMultiple(createFn, configArray, log) {
-  const errorsOrServers = await Promise.all(
+  const errorsOrServers = await Promise.allSettled(
     configArray.map(cfg => createFn(cfg, log))
   );
-  const errors = [],
-    servers = [];
-  for (const [error, server] of errorsOrServers) {
-    error && errors.push(error);
-    server && servers.push(server);
+
+  const errors = [], servers = [];
+  for (const result of errorsOrServers) {
+    result.reason && errors.push(result.reason);
+    result.value && servers.push(result.value);
+  }
+
+  if (errors.length) {
+    throw errors;
+  } else {
+    return servers;
   }
-  return [errors.length ? errors : null, servers];
 }