From 31932002c9699b6d949cff36da6f5535f194b6c8 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Thu, 14 Jun 2018 09:59:19 +0000 Subject: [PATCH] fix some sni and vhost stuff --- lib/handlers.js | 6 +++--- lib/relay.js | 3 ++- lib/unwrap-tls.js | 19 ++++++++++--------- package.json | 4 ++++ 4 files changed, 19 insertions(+), 13 deletions(-) diff --git a/lib/handlers.js b/lib/handlers.js index 20b30f6..ef1694e 100644 --- a/lib/handlers.js +++ b/lib/handlers.js @@ -44,7 +44,7 @@ module.exports.create = function (state) { // Probably something that needs to be redirected to https function redirectHttpsAndClose(req, res) { - //res.setHeader('Connection', 'close'); + res.setHeader('Connection', 'close'); redirectHttps(req, res); } state.httpInsecureServer = http.createServer( @@ -217,8 +217,8 @@ module.exports.create = function (state) { state.httpVhost.emit('connection', tlsSocket); } ); - state.tlsVhost.on('tlsClientError', function () { - console.error('tlsClientError Vhost'); + state.tlsVhost.on('tlsClientError', function (e) { + console.error('tlsClientError Vhost', e); }); state.httpsVhost = function (servername, socket) { if (state.debug) { console.log('[vhost] httpsVhost (local) for', servername); } diff --git a/lib/relay.js b/lib/relay.js index 3289c18..f31fd7c 100644 --- a/lib/relay.js +++ b/lib/relay.js @@ -52,7 +52,8 @@ module.exports.create = function (state) { conn.once('data', function (firstChunk) { if (state.debug) { console.log("[DynTcp]", serviceport, "examining firstChunk from", Packer.socketToId(conn)); } conn.pause(); - conn.unshift(firstChunk); + //conn.unshift(firstChunk); + conn._handle.onread(firstChunk.length, firstChunk); var servername; var hostname; diff --git a/lib/unwrap-tls.js b/lib/unwrap-tls.js index 84ff236..1a6374a 100644 --- a/lib/unwrap-tls.js +++ b/lib/unwrap-tls.js @@ -62,13 +62,13 @@ module.exports.createTcpConnectionHandler = function (state) { console.log("TODO: use www bare redirect"); } - function run() { - if (!servername) { - if (state.debug) { console.log("No SNI was given, so there's nothing we can do here"); } - deferData('httpsInvalid'); - return; - } + if (!servername) { + if (state.debug) { console.log("No SNI was given, so there's nothing we can do here"); } + deferData('httpsInvalid'); + return; + } + function run() { var nextDevice = Devices.next(state.deviceLists, servername); if (!nextDevice) { if (state.debug) { console.log("No devices match the given servername"); } @@ -84,14 +84,15 @@ module.exports.createTcpConnectionHandler = function (state) { // TODO don't run an fs check if we already know this is working elsewhere //if (!state.validHosts) { state.validHosts = {}; } if (state.config.vhost) { - vhost = state.config.vhost.replace(/:hostname/, (servername||'')); + vhost = state.config.vhost.replace(/:hostname/, (servername||'reallydoesntexist')); if (state.debug) { console.log("[tcp] [vhost]", state.config.vhost, "=>", vhost); } //state.httpsVhost(servername, conn); //return; require('fs').readdir(vhost, function (err, nodes) { if (state.debug && err) { console.log("VHOST error", err); } if (err) { run(); return; } - if (nodes) { deferData('httpsVhost'); } + //if (nodes) { deferData('httpsVhost'); return; } + deferData('httpsVhost'); }); return; } @@ -103,7 +104,7 @@ module.exports.createTcpConnectionHandler = function (state) { if (22 === firstChunk[0]) { // TLS service = 'https'; - servername = (sni(firstChunk)||'').toLowerCase(); + servername = (sni(firstChunk)||'').toLowerCase().trim(); if (state.debug) { console.log("[tcp] tls hello from '" + servername + "'"); } tryTls(); return; diff --git a/package.json b/package.json index 285ae8e..4482a2e 100644 --- a/package.json +++ b/package.json @@ -50,5 +50,9 @@ "serve-static": "^1.13.2", "sni": "^1.0.0", "ws": "^5.1.1" + }, + "engineStrict" : true, + "engines": { + "node": "10.2.1" } }