From ef1159e3a318ebf5c21f2d5cc5a9b15d1795c05f Mon Sep 17 00:00:00 2001
From: Max Schmitt <max@schmitt.mx>
Date: Thu, 15 Aug 2024 09:04:58 +0200
Subject: [PATCH] review feedback

---
 .../server/socksClientCertificatesInterceptor.ts | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/packages/playwright-core/src/server/socksClientCertificatesInterceptor.ts b/packages/playwright-core/src/server/socksClientCertificatesInterceptor.ts
index 3176d6d239..0bd0a585fe 100644
--- a/packages/playwright-core/src/server/socksClientCertificatesInterceptor.ts
+++ b/packages/playwright-core/src/server/socksClientCertificatesInterceptor.ts
@@ -82,6 +82,7 @@ class SocksProxyConnection {
   internalTLS: tls.TLSSocket | undefined;
   private _targetCloseEventListener: () => void;
   private _dummyServer: tls.Server | undefined;
+  private _closed = false;
 
   constructor(socksProxy: ClientCertificatesProxy, uid: string, host: string, port: number) {
     this.socksProxy = socksProxy;
@@ -100,6 +101,10 @@ class SocksProxyConnection {
     this.target = await createSocket(rewriteToLocalhostIfNeeded(this.host), this.port);
     this.target.once('close', this._targetCloseEventListener);
     this.target.once('error', error => this.socksProxy._socksProxy.sendSocketError({ uid: this.uid, error: error.message }));
+    if (this._closed) {
+      this.target.destroy();
+      return;
+    }
     this.socksProxy._socksProxy.socketConnected({
       uid: this.uid,
       host: this.target.localAddress!,
@@ -112,6 +117,7 @@ class SocksProxyConnection {
     this.target.destroy();
     this.internalTLS?.destroy();
     this._dummyServer?.close();
+    this._closed = true;
   }
 
   public onData(data: Buffer) {
@@ -141,6 +147,8 @@ class SocksProxyConnection {
     });
     this.socksProxy.alpnCache.get(rewriteToLocalhostIfNeeded(this.host), this.port, alpnProtocolChosenByServer => {
       debugLogger.log('client-certificates', `Proxy->Target ${this.host}:${this.port} chooses ALPN ${alpnProtocolChosenByServer}`);
+      if (this._closed)
+        return;
       this._dummyServer = tls.createServer({
         ...dummyServerTlsOptions,
         ALPNProtocols: alpnProtocolChosenByServer === 'h2' ? ['h2', 'http/1.1'] : ['http/1.1'],
@@ -202,7 +210,9 @@ class SocksProxyConnection {
           return;
         }
 
-        const tlsOptions: tls.ConnectionOptions = {
+        if (this._closed)
+          return;
+        targetTLS = tls.connect({
           socket: this.target,
           host: this.host,
           port: this.port,
@@ -210,9 +220,7 @@ class SocksProxyConnection {
           ALPNProtocols: [internalTLS.alpnProtocol || 'http/1.1'],
           servername: !net.isIP(this.host) ? this.host : undefined,
           secureContext,
-        };
-
-        targetTLS = tls.connect(tlsOptions);
+        });
 
         targetTLS.once('secureConnect', () => {
           internalTLS.pipe(targetTLS);