tls: implement capture rejections for 'secureConnection' event

lib/_tls_wrap.js

@@ -37,6 +37,7 @@ assertCrypto();
 const { setImmediate } = require('timers');
 const assert = require('internal/assert');
 const crypto = require('crypto');
+const EE = require('events');
 const net = require('net');
 const tls = require('tls');
 const common = require('_tls_common');
@@ -1282,6 +1283,19 @@ Server.prototype.addContext = function(servername, context) {
   this._contexts.push([re, tls.createSecureContext(context).context]);
 };
 
+Server.prototype[EE.captureRejectionSymbol] = function(
+  err, event, sock) {
+
+  switch (event) {
+    case 'secureConnection':
+      sock.destroy(err);
+      break;
+    default:
+      net.Server.prototype[Symbol.for('nodejs.rejection')]
+        .call(this, err, event, sock);
+  }
+};
+
 function SNICallback(servername, callback) {
   const contexts = this.server._contexts;
 

test/parallel/test-tls-server-capture-rejection.js

@@ -0,0 +1,34 @@
+'use strict';
+
+const common = require('../common');
+if (!common.hasCrypto)
+  common.skip('missing crypto');
+
+const assert = require('assert');
+const events = require('events');
+const fixtures = require('../common/fixtures');
+const { createServer, connect } = require('tls');
+const cert = fixtures.readKey('rsa_cert.crt');
+const key = fixtures.readKey('rsa_private.pem');
+
+events.captureRejections = true;
+
+const server = createServer({ cert, key }, common.mustCall(async (sock) => {
+  server.close();
+
+  const _err = new Error('kaboom');
+  sock.on('error', common.mustCall((err) => {
+    assert.strictEqual(err, _err);
+  }));
+  throw _err;
+}));
+
+server.listen(0, common.mustCall(() => {
+  const sock = connect({
+    port: server.address().port,
+    host: server.address().host,
+    rejectUnauthorized: false
+  });
+
+  sock.on('close', common.mustCall());
+}));