node/test/parallel/test-tls-over-http-tunnel.js

'use strict';
var common = require('../common');
var assert = require('assert');

if (!common.hasCrypto) {
  common.skip('missing crypto');
  return;
}
var https = require('https');

var fs = require('fs');
var net = require('net');
var http = require('http');

var gotRequest = false;

var key = fs.readFileSync(common.fixturesDir + '/keys/agent1-key.pem');
var cert = fs.readFileSync(common.fixturesDir + '/keys/agent1-cert.pem');

var options = {
  key: key,
  cert: cert
};

var server = https.createServer(options, function(req, res) {
  console.log('SERVER: got request');
  res.writeHead(200, {
    'content-type': 'text/plain'
  });
  console.log('SERVER: sending response');
  res.end('hello world\n');
});

var proxy = net.createServer(function(clientSocket) {
  console.log('PROXY: got a client connection');

  var serverSocket = null;

  clientSocket.on('data', function(chunk) {
    if (!serverSocket) {
      // Verify the CONNECT request
      assert.equal(`CONNECT localhost:${server.address().port} HTTP/1.1\r\n` +
                   'Proxy-Connections: keep-alive\r\n' +
                   `Host: localhost:${proxy.address().port}\r\n` +
                   'Connection: close\r\n\r\n',
                   chunk);

      console.log('PROXY: got CONNECT request');
      console.log('PROXY: creating a tunnel');

      // create the tunnel
      serverSocket = net.connect(server.address().port, function() {
        console.log('PROXY: replying to client CONNECT request');

        // Send the response
        clientSocket.write('HTTP/1.1 200 OK\r\nProxy-Connections: keep' +
                           '-alive\r\nConnections: keep-alive\r\nVia: ' +
                           `localhost:${proxy.address().port}\r\n\r\n`);
      });

      serverSocket.on('data', function(chunk) {
        clientSocket.write(chunk);
      });

      serverSocket.on('end', function() {
        clientSocket.destroy();
      });
    } else {
      serverSocket.write(chunk);
    }
  });

  clientSocket.on('end', function() {
    serverSocket.destroy();
  });
});

server.listen(0);

proxy.listen(0, function() {
  console.log('CLIENT: Making CONNECT request');

  var req = http.request({
    port: this.address().port,
    method: 'CONNECT',
    path: `localhost:${server.address().port}`,
    headers: {
      'Proxy-Connections': 'keep-alive'
    }
  });
  req.useChunkedEncodingByDefault = false; // for v0.6
  req.on('response', onResponse); // for v0.6
  req.on('upgrade', onUpgrade);   // for v0.6
  req.on('connect', onConnect);   // for v0.7 or later
  req.end();

  function onResponse(res) {
    // Very hacky. This is necessary to avoid http-parser leaks.
    res.upgrade = true;
  }

  function onUpgrade(res, socket, head) {
    // Hacky.
    process.nextTick(function() {
      onConnect(res, socket, head);
    });
  }

  function onConnect(res, socket, header) {
    assert.equal(200, res.statusCode);
    console.log('CLIENT: got CONNECT response');

    // detach the socket
    socket.removeAllListeners('data');
    socket.removeAllListeners('close');
    socket.removeAllListeners('error');
    socket.removeAllListeners('drain');
    socket.removeAllListeners('end');
    socket.ondata = null;
    socket.onend = null;
    socket.ondrain = null;

    console.log('CLIENT: Making HTTPS request');

    https.get({
      path: '/foo',
      key: key,
      cert: cert,
      socket: socket,  // reuse the socket
      agent: false,
      rejectUnauthorized: false
    }, function(res) {
      assert.equal(200, res.statusCode);

      res.on('data', function(chunk) {
        assert.equal('hello world\n', chunk);
        console.log('CLIENT: got HTTPS response');
        gotRequest = true;
      });

      res.on('end', function() {
        proxy.close();
        server.close();
      });
    }).on('error', function(er) {
      // We're ok with getting ECONNRESET in this test, but it's
      // timing-dependent, and thus unreliable. Any other errors
      // are just failures, though.
      if (er.code !== 'ECONNRESET')
        throw er;
    }).end();
  }
});

process.on('exit', function() {
  assert.ok(gotRequest);
});
test: enable linting for tests Enable linting for the test directory. A number of changes was made so all tests conform the current rules used by lib and src directories. The only exception for tests is that unreachable (dead) code is allowed. test-fs-non-number-arguments-throw had to be excluded from the changes because of a weird issue on Windows CI. PR-URL: https://github.com/nodejs/io.js/pull/1721 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> 10 years ago			`'use strict';`
add tls-over-http-tunnel test 13 years ago			`var common = require('../common');`
			`var assert = require('assert');`

test: refactor all tests that depends on crypto we had a few ways versions of looking for support before executing a test. this commit unifies them as well as add the check for all tests that previously lacked them. found by running `./configure --without-ssl && make test`. also, produce tap skip output if the test is skipped. PR-URL: https://github.com/iojs/io.js/pull/1049 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp> 10 years ago			`if (!common.hasCrypto) {`
test: abstract skip functionality to common The tap skipping output is so prevalent yet obscure in nature that we ought to move it into it's own function in test/common.js PR-URL: https://github.com/nodejs/node/pull/6697 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> 9 years ago			`common.skip('missing crypto');`
test: changing process.exit to return while skipping tests This patch uses `return` statement to skip the test instead of using `process.exit` call. PR-URL: https://github.com/nodejs/io.js/pull/2109 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Johan Bergström <bugs@bergstroem.nu> 9 years ago			`return;`
test: refactor all tests that depends on crypto we had a few ways versions of looking for support before executing a test. this commit unifies them as well as add the check for all tests that previously lacked them. found by running `./configure --without-ssl && make test`. also, produce tap skip output if the test is skipped. PR-URL: https://github.com/iojs/io.js/pull/1049 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp> 10 years ago			`}`
			`var https = require('https');`

add tls-over-http-tunnel test 13 years ago			`var fs = require('fs');`
			`var net = require('net');`
			`var http = require('http');`

			`var gotRequest = false;`

			`var key = fs.readFileSync(common.fixturesDir + '/keys/agent1-key.pem');`
			`var cert = fs.readFileSync(common.fixturesDir + '/keys/agent1-cert.pem');`

			`var options = {`
			`key: key,`
			`cert: cert`
			`};`

			`var server = https.createServer(options, function(req, res) {`
			`console.log('SERVER: got request');`
			`res.writeHead(200, {`
Lint all the JavaScripts. 13 years ago			`'content-type': 'text/plain'`
			`});`
add tls-over-http-tunnel test 13 years ago			`console.log('SERVER: sending response');`
			`res.end('hello world\n');`
			`});`

			`var proxy = net.createServer(function(clientSocket) {`
			`console.log('PROXY: got a client connection');`

			`var serverSocket = null;`

			`clientSocket.on('data', function(chunk) {`
			`if (!serverSocket) {`
			`// Verify the CONNECT request`
test: use random ports where possible This helps to prevent issues where a failed test can keep a bound socket open long enough to cause other tests to fail with EADDRINUSE because the same port number is used. PR-URL: https://github.com/nodejs/node/pull/7045 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> 9 years ago			assert.equal(`CONNECT localhost:${server.address().port} HTTP/1.1\r\n` +
test: fix test-tls-over-http-tunnel with v0.7 13 years ago			`'Proxy-Connections: keep-alive\r\n' +`
test: use random ports where possible This helps to prevent issues where a failed test can keep a bound socket open long enough to cause other tests to fail with EADDRINUSE because the same port number is used. PR-URL: https://github.com/nodejs/node/pull/7045 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> 9 years ago			`Host: localhost:${proxy.address().port}\r\n` +
http: don't confuse automatic headers for others If you set a custom http header which includes eg. the string `Date`, then http will not automatically send the `Date` header. This is also true for other automatic http headers. PR-URL: https://github.com/iojs/io.js/pull/828 Reviewed-By: Brendan Ashworth <brendan.ashworth@me.com> Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com> 10 years ago			`'Connection: close\r\n\r\n',`
add tls-over-http-tunnel test 13 years ago			`chunk);`

			`console.log('PROXY: got CONNECT request');`
			`console.log('PROXY: creating a tunnel');`

			`// create the tunnel`
test: use random ports where possible This helps to prevent issues where a failed test can keep a bound socket open long enough to cause other tests to fail with EADDRINUSE because the same port number is used. PR-URL: https://github.com/nodejs/node/pull/7045 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> 9 years ago			`serverSocket = net.connect(server.address().port, function() {`
add tls-over-http-tunnel test 13 years ago			`console.log('PROXY: replying to client CONNECT request');`

			`// Send the response`
			`clientSocket.write('HTTP/1.1 200 OK\r\nProxy-Connections: keep' +`
			`'-alive\r\nConnections: keep-alive\r\nVia: ' +`
test: use random ports where possible This helps to prevent issues where a failed test can keep a bound socket open long enough to cause other tests to fail with EADDRINUSE because the same port number is used. PR-URL: https://github.com/nodejs/node/pull/7045 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> 9 years ago			`localhost:${proxy.address().port}\r\n\r\n`);
add tls-over-http-tunnel test 13 years ago			`});`

			`serverSocket.on('data', function(chunk) {`
			`clientSocket.write(chunk);`
			`});`

			`serverSocket.on('end', function() {`
			`clientSocket.destroy();`
			`});`
			`} else {`
			`serverSocket.write(chunk);`
			`}`
			`});`

			`clientSocket.on('end', function() {`
			`serverSocket.destroy();`
			`});`
			`});`

test: use random ports where possible This helps to prevent issues where a failed test can keep a bound socket open long enough to cause other tests to fail with EADDRINUSE because the same port number is used. PR-URL: https://github.com/nodejs/node/pull/7045 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> 9 years ago			`server.listen(0);`
add tls-over-http-tunnel test 13 years ago
test: use random ports where possible This helps to prevent issues where a failed test can keep a bound socket open long enough to cause other tests to fail with EADDRINUSE because the same port number is used. PR-URL: https://github.com/nodejs/node/pull/7045 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> 9 years ago			`proxy.listen(0, function() {`
add tls-over-http-tunnel test 13 years ago			`console.log('CLIENT: Making CONNECT request');`

test: fix test-tls-over-http-tunnel with v0.7 13 years ago			`var req = http.request({`
test: use random ports where possible This helps to prevent issues where a failed test can keep a bound socket open long enough to cause other tests to fail with EADDRINUSE because the same port number is used. PR-URL: https://github.com/nodejs/node/pull/7045 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> 9 years ago			`port: this.address().port,`
add tls-over-http-tunnel test 13 years ago			`method: 'CONNECT',`
test: use random ports where possible This helps to prevent issues where a failed test can keep a bound socket open long enough to cause other tests to fail with EADDRINUSE because the same port number is used. PR-URL: https://github.com/nodejs/node/pull/7045 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org> 9 years ago			path: `localhost:${server.address().port}`,
add tls-over-http-tunnel test 13 years ago			`headers: {`
test: fix test-tls-over-http-tunnel with v0.7 13 years ago			`'Proxy-Connections': 'keep-alive'`
add tls-over-http-tunnel test 13 years ago			`}`
test: fix test-tls-over-http-tunnel with v0.7 13 years ago			`});`
			`req.useChunkedEncodingByDefault = false; // for v0.6`
			`req.on('response', onResponse); // for v0.6`
			`req.on('upgrade', onUpgrade); // for v0.6`
			`req.on('connect', onConnect); // for v0.7 or later`
			`req.end();`

			`function onResponse(res) {`
			`// Very hacky. This is necessary to avoid http-parser leaks.`
			`res.upgrade = true;`
			`}`

			`function onUpgrade(res, socket, head) {`
			`// Hacky.`
			`process.nextTick(function() {`
			`onConnect(res, socket, head);`
			`});`
			`}`

			`function onConnect(res, socket, header) {`
add tls-over-http-tunnel test 13 years ago			`assert.equal(200, res.statusCode);`
			`console.log('CLIENT: got CONNECT response');`

			`// detach the socket`
test: fix test-tls-over-http-tunnel with v0.7 13 years ago			`socket.removeAllListeners('data');`
			`socket.removeAllListeners('close');`
			`socket.removeAllListeners('error');`
			`socket.removeAllListeners('drain');`
			`socket.removeAllListeners('end');`
			`socket.ondata = null;`
			`socket.onend = null;`
			`socket.ondrain = null;`
add tls-over-http-tunnel test 13 years ago
			`console.log('CLIENT: Making HTTPS request');`

			`https.get({`
			`path: '/foo',`
			`key: key,`
			`cert: cert,`
test: fix test-tls-over-http-tunnel with v0.7 13 years ago			`socket: socket, // reuse the socket`
test: set rejectUnauthorized in tls/https tests Update the tls and https tests to explicitly set rejectUnauthorized instead of relying on the NODE_TLS_REJECT_UNAUTHORIZED environment variable getting set. 12 years ago			`agent: false,`
			`rejectUnauthorized: false`
add tls-over-http-tunnel test 13 years ago			`}, function(res) {`
			`assert.equal(200, res.statusCode);`

			`res.on('data', function(chunk) {`
			`assert.equal('hello world\n', chunk);`
			`console.log('CLIENT: got HTTPS response');`
			`gotRequest = true;`
			`});`

			`res.on('end', function() {`
			`proxy.close();`
			`server.close();`
			`});`
test: Fix regression in tls test Undefined reference, introduced by a77c29a. 12 years ago			`}).on('error', function(er) {`
test: Fix tls tests which fail sporadically The count of ECONNRESETs is dependent on timing, and thus unreliable, especially on Linux machines. 12 years ago			`// We're ok with getting ECONNRESET in this test, but it's`
			`// timing-dependent, and thus unreliable. Any other errors`
			`// are just failures, though.`
			`if (er.code !== 'ECONNRESET')`
			`throw er;`
add tls-over-http-tunnel test 13 years ago			`}).end();`
test: fix test-tls-over-http-tunnel with v0.7 13 years ago			`}`
add tls-over-http-tunnel test 13 years ago			`});`

			`process.on('exit', function() {`
			`assert.ok(gotRequest);`
			`});`