From 94cba5e31735b2f3517bbb5ed0cc27b19ec9e74f Mon Sep 17 00:00:00 2001
From: Joe Portner <5295965+jportner@users.noreply.github.com>
Date: Mon, 14 Sep 2020 15:43:01 -0400
Subject: [PATCH] Fix `downgradeIfHTTPWhenHTTPS` log interceptor for HAPI
 connections

RegEx no longer matches the error message correctly, needed to
update it since we are indirectly using a newer version of OpenSSL.
---
 src/legacy/server/logging/log_interceptor.js      | 8 ++++++--
 src/legacy/server/logging/log_interceptor.test.js | 2 +-
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/legacy/server/logging/log_interceptor.js b/src/legacy/server/logging/log_interceptor.js
index 0754557044583..2298d83aa2857 100644
--- a/src/legacy/server/logging/log_interceptor.js
+++ b/src/legacy/server/logging/log_interceptor.js
@@ -20,7 +20,11 @@
 import Stream from 'stream';
 import { get, isEqual } from 'lodash';
 
-const GET_CLIENT_HELLO = /GET_CLIENT_HELLO:http/;
+/**
+ * Matches error messages when clients connect via HTTP instead of HTTPS; see unit test for full message. Warning: this can change when Node
+ * and its bundled OpenSSL binary are upgraded.
+ */
+const OPENSSL_GET_RECORD_REGEX = /ssl3_get_record:http/;
 
 function doTagsMatch(event, tags) {
   return isEqual(get(event, 'tags'), tags);
@@ -124,7 +128,7 @@ export class LogInterceptor extends Stream.Transform {
   }
 
   downgradeIfHTTPWhenHTTPS(event) {
-    return downgradeIfErrorMessage(GET_CLIENT_HELLO, event);
+    return downgradeIfErrorMessage(OPENSSL_GET_RECORD_REGEX, event);
   }
 
   _transform(event, enc, next) {
diff --git a/src/legacy/server/logging/log_interceptor.test.js b/src/legacy/server/logging/log_interceptor.test.js
index c99373ebe0a63..492d1ffc8d167 100644
--- a/src/legacy/server/logging/log_interceptor.test.js
+++ b/src/legacy/server/logging/log_interceptor.test.js
@@ -147,7 +147,7 @@ describe('server logging LogInterceptor', () => {
   describe('#downgradeIfHTTPWhenHTTPS', () => {
     it('transforms http requests when serving https errors', () => {
       const message =
-        '40735139278848:error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request:../deps/openssl/openssl/ssl/s23_srvr.c:394';
+        '4584650176:error:1408F09C:SSL routines:ssl3_get_record:http request:../deps/openssl/openssl/ssl/record/ssl3_record.c:322:\n';
       const interceptor = new LogInterceptor();
       const event = stubClientErrorEvent({ message });
       assertDowngraded(interceptor.downgradeIfHTTPWhenHTTPS(event));