Skip to content

Commit

Permalink
tls,https: respect address family when connecting
Browse files Browse the repository at this point in the history
Respect the `{ family: 6 }` address family property when connecting to
a remote peer over TLS.

Fixes: #4139
Fixes: #6440
PR-URL: #6654
Reviewed-By: Colin Ihrig <[email protected]>
  • Loading branch information
bnoordhuis authored and Myles Borins committed Jul 12, 2016
1 parent 271927f commit c807287
Show file tree
Hide file tree
Showing 6 changed files with 74 additions and 0 deletions.
5 changes: 5 additions & 0 deletions lib/_http_agent.js
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,11 @@ Agent.prototype.getName = function(options) {
if (options.localAddress)
name += options.localAddress;

// Pacify parallel/test-http-agent-getname by only appending
// the ':' when options.family is set.
if (options.family === 4 || options.family === 6)
name += ':' + options.family;

return name;
};

Expand Down
1 change: 1 addition & 0 deletions lib/_tls_wrap.js
Original file line number Diff line number Diff line change
Expand Up @@ -994,6 +994,7 @@ exports.connect = function(/* [port, host], options, cb */) {
connect_opt = {
port: options.port,
host: options.host,
family: options.family,
localAddress: options.localAddress
};
}
Expand Down
7 changes: 7 additions & 0 deletions test/parallel/parallel.status
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,13 @@ test-tick-processor : PASS,FLAKY
[$system==linux]
test-tick-processor : PASS,FLAKY

# Flaky until https://github.com/nodejs/build/issues/415 is resolved.
# On some of the buildbots, AAAA queries for localhost don't resolve
# to an address and neither do any of the alternatives from the
# localIPv6Hosts list from test/common.js.
test-https-connect-address-family : PASS,FLAKY
test-tls-connect-address-family : PASS,FLAKY

[$system==macos]

[$system==solaris] # Also applies to SmartOS
Expand Down
6 changes: 6 additions & 0 deletions test/parallel/test-http-agent-getname.js
Original file line number Diff line number Diff line change
Expand Up @@ -30,3 +30,9 @@ assert.equal(
}),
'0.0.0.0:80:192.168.1.1'
);

for (const family of [0, null, undefined, 'bogus'])
assert.strictEqual(agent.getName({ family }), 'localhost::');

for (const family of [4, 6])
assert.strictEqual(agent.getName({ family }), 'localhost:::' + family);
28 changes: 28 additions & 0 deletions test/parallel/test-https-connect-address-family.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
'use strict';
const common = require('../common');
const assert = require('assert');
const https = require('https');

if (!common.hasIPv6) {
common.skip('no IPv6 support');
return;
}

const ciphers = 'AECDH-NULL-SHA';
https.createServer({ ciphers }, function(req, res) {
this.close();
res.end();
}).listen(common.PORT, '::1', function() {
const options = {
host: 'localhost',
port: common.PORT,
family: 6,
ciphers: ciphers,
rejectUnauthorized: false,
};
// Will fail with ECONNREFUSED if the address family is not honored.
https.get(options, common.mustCall(function() {
assert.strictEqual('::1', this.socket.remoteAddress);
this.destroy();
}));
});
27 changes: 27 additions & 0 deletions test/parallel/test-tls-connect-address-family.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
'use strict';
const common = require('../common');
const assert = require('assert');
const tls = require('tls');

if (!common.hasIPv6) {
common.skip('no IPv6 support');
return;
}

const ciphers = 'AECDH-NULL-SHA';
tls.createServer({ ciphers }, function() {
this.close();
}).listen(common.PORT, '::1', function() {
const options = {
host: 'localhost',
port: common.PORT,
family: 6,
ciphers: ciphers,
rejectUnauthorized: false,
};
// Will fail with ECONNREFUSED if the address family is not honored.
tls.connect(options).once('secureConnect', common.mustCall(function() {
assert.strictEqual('::1', this.remoteAddress);
this.destroy();
}));
});

0 comments on commit c807287

Please sign in to comment.