1berry/nodejs
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

tls,https: respect address family when connecting

Browse Source 
Respect the `{ family: 6 }` address family property when connecting to
a remote peer over TLS.

Fixes: https://github.com/nodejs/node/issues/4139
Fixes: https://github.com/nodejs/node/issues/6440
PR-URL: https://github.com/nodejs/node/pull/6654
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
This commit is contained in:
Ben Noordhuis 2016-05-09 16:35:20 +02:00
parent 313ef54417
commit fb19b800b8
6 changed files with 74 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/_http_agent.js
View File

@ -102,6 +102,11 @@ Agent.prototype.getName = function(options) {
if (options.localAddress) if (options.localAddress)
name += options.localAddress; name += options.localAddress;
// Pacify parallel/test-http-agent-getname by only appending
// the ':' when options.family is set.
if (options.family === 4 || options.family === 6)
name += ':' + options.family;
return name; return name;
}; };

1
lib/_tls_wrap.js
View File

@ -1025,6 +1025,7 @@ exports.connect = function(/* [port, host], options, cb */) {
connect_opt = { connect_opt = {
port: options.port, port: options.port,
host: options.host, host: options.host,
family: options.family,
localAddress: options.localAddress localAddress: options.localAddress
}; };
} }

7
test/parallel/parallel.status
View File

@ -12,6 +12,13 @@ test-tick-processor : PASS,FLAKY
[$system==linux] [$system==linux]
test-tick-processor : PASS,FLAKY test-tick-processor : PASS,FLAKY
# Flaky until https://github.com/nodejs/build/issues/415 is resolved.
# On some of the buildbots, AAAA queries for localhost don't resolve
# to an address and neither do any of the alternatives from the
# localIPv6Hosts list from test/common.js.
test-https-connect-address-family : PASS,FLAKY
test-tls-connect-address-family : PASS,FLAKY
[$system==macos] [$system==macos]
[$system==solaris] # Also applies to SmartOS [$system==solaris] # Also applies to SmartOS

6
test/parallel/test-http-agent-getname.js
View File

@ -30,3 +30,9 @@ assert.equal(
}), }),
'0.0.0.0:80:192.168.1.1' '0.0.0.0:80:192.168.1.1'
); );
for (const family of [0, null, undefined, 'bogus'])
assert.strictEqual(agent.getName({ family }), 'localhost::');
for (const family of [4, 6])
assert.strictEqual(agent.getName({ family }), 'localhost:::' + family);

28
test/parallel/test-https-connect-address-family.js Normal file
View File

@ -0,0 +1,28 @@
'use strict';
const common = require('../common');
const assert = require('assert');
const https = require('https');
if (!common.hasIPv6) {
common.skip('no IPv6 support');
return;
}
const ciphers = 'AECDH-NULL-SHA';
https.createServer({ ciphers }, function(req, res) {
this.close();
res.end();
}).listen(common.PORT, '::1', function() {
const options = {
host: 'localhost',
port: common.PORT,
family: 6,
ciphers: ciphers,
rejectUnauthorized: false,
};
// Will fail with ECONNREFUSED if the address family is not honored.
https.get(options, common.mustCall(function() {
assert.strictEqual('::1', this.socket.remoteAddress);
this.destroy();
}));
});

27
test/parallel/test-tls-connect-address-family.js Normal file
View File

@ -0,0 +1,27 @@
'use strict';
const common = require('../common');
const assert = require('assert');
const tls = require('tls');
if (!common.hasIPv6) {
common.skip('no IPv6 support');
return;
}
const ciphers = 'AECDH-NULL-SHA';
tls.createServer({ ciphers }, function() {
this.close();
}).listen(common.PORT, '::1', function() {
const options = {
host: 'localhost',
port: common.PORT,
family: 6,
ciphers: ciphers,
rejectUnauthorized: false,
};
// Will fail with ECONNREFUSED if the address family is not honored.
tls.connect(options).once('secureConnect', common.mustCall(function() {
assert.strictEqual('::1', this.remoteAddress);
this.destroy();
}));
});