-
Notifications
You must be signed in to change notification settings - Fork 29.8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
tls,https: respect address family when connecting
Respect the `{ family: 6 }` address family property when connecting to a remote peer over TLS. Fixes: #4139 Fixes: #6440 PR-URL: #6654 Reviewed-By: Colin Ihrig <[email protected]>
- Loading branch information
1 parent
271927f
commit c807287
Showing
6 changed files
with
74 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
'use strict'; | ||
const common = require('../common'); | ||
const assert = require('assert'); | ||
const https = require('https'); | ||
|
||
if (!common.hasIPv6) { | ||
common.skip('no IPv6 support'); | ||
return; | ||
} | ||
|
||
const ciphers = 'AECDH-NULL-SHA'; | ||
https.createServer({ ciphers }, function(req, res) { | ||
this.close(); | ||
res.end(); | ||
}).listen(common.PORT, '::1', function() { | ||
const options = { | ||
host: 'localhost', | ||
port: common.PORT, | ||
family: 6, | ||
ciphers: ciphers, | ||
rejectUnauthorized: false, | ||
}; | ||
// Will fail with ECONNREFUSED if the address family is not honored. | ||
https.get(options, common.mustCall(function() { | ||
assert.strictEqual('::1', this.socket.remoteAddress); | ||
this.destroy(); | ||
})); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
'use strict'; | ||
const common = require('../common'); | ||
const assert = require('assert'); | ||
const tls = require('tls'); | ||
|
||
if (!common.hasIPv6) { | ||
common.skip('no IPv6 support'); | ||
return; | ||
} | ||
|
||
const ciphers = 'AECDH-NULL-SHA'; | ||
tls.createServer({ ciphers }, function() { | ||
this.close(); | ||
}).listen(common.PORT, '::1', function() { | ||
const options = { | ||
host: 'localhost', | ||
port: common.PORT, | ||
family: 6, | ||
ciphers: ciphers, | ||
rejectUnauthorized: false, | ||
}; | ||
// Will fail with ECONNREFUSED if the address family is not honored. | ||
tls.connect(options).once('secureConnect', common.mustCall(function() { | ||
assert.strictEqual('::1', this.remoteAddress); | ||
this.destroy(); | ||
})); | ||
}); |