http2: specify default TLS options for http2 client connection.

fixes: nodejs#59 Also, add a testcase for http2/TLS secure connection. This verifies to send the server name and ALPN protocols by default. PR-URL: nodejs#61 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
jasnell · Jul 10, 2017 · 1b5c792 · 1b5c792
1 parent 99c3999
commit 1b5c792
Show file tree

Hide file tree

Showing 2 changed files with 71 additions and 2 deletions.
diff --git a/lib/internal/http2/core.js b/lib/internal/http2/core.js
@@ -1091,10 +1091,13 @@ function initializeOptions(options) {
   return options;
 }
 
-function initializeTLSOptions(options) {
+function initializeTLSOptions(options, servername) {
   options = initializeOptions(options);
   options.ALPNProtocols = ['hc', 'h2'];
   options.NPNProtocols = ['hc', 'h2'];
+  if (servername !== undefined) {
+    options.servername = servername;
+  }
   return options;
 }
 
@@ -1242,7 +1245,7 @@ function connect(authority, options, listener) {
       socket = net.connect(port, host);
       break;
     case 'https:':
-      socket = tls.connect(port, host, options);
+      socket = tls.connect(port, host, initializeTLSOptions(options, host));
       break;
     default:
       throw new TypeError(`protocol "${protocol}" in unsupported.`);

diff --git a/test/parallel/test-http2-create-client-secure-session.js b/test/parallel/test-http2-create-client-secure-session.js
@@ -0,0 +1,66 @@
+'use strict';
+
+const common = require('../common');
+const assert = require('assert');
+const path = require('path');
+const fs = require('fs');
+const tls = require('tls');
+const h2 = require('http2');
+const body =
+  '<html><head></head><body><h1>this is some data</h2></body></html>';
+
+const key = loadKey('agent8-key.pem');
+const cert = loadKey('agent8-cert.pem');
+const ca = loadKey('fake-startcom-root-cert.pem');
+
+function loadKey(keyname) {
+  return fs.readFileSync(path.join(common.fixturesDir, 'keys', keyname), 'binary');
+}
+
+const server = h2.createSecureServer({cert, key});
+
+// we use the lower-level API here
+server.on('stream', common.mustCall(onStream));
+
+function onStream(stream) {
+  stream.respond({
+    'content-type': 'text/html',
+    ':status': 200
+  });
+  const socket = stream.session.socket;
+  stream.end(JSON.stringify({
+    servername: socket.servername,
+    alpnProtocol: socket.alpnProtocol
+  }));
+}
+
+server.listen(0);
+
+server.on('listening', common.mustCall(function() {
+
+  const headers = { ':path': '/' };
+
+  const clientOptions = {secureContext: tls.createSecureContext({ca})};
+  const client = h2.connect(`https://localhost:${this.address().port}`, clientOptions, function() {
+    const req = client.request(headers);
+
+    req.on('response', common.mustCall(function(headers) {
+      assert.strictEqual(headers[':status'], '200', 'status code is set');
+      assert.strictEqual(headers['content-type'], 'text/html',
+                        'content type is set');
+      assert(headers['date'], 'there is a date');
+    }));
+
+    let data = '';
+    req.setEncoding('utf8');
+    req.on('data', (d) => data += d);
+    req.on('end', common.mustCall(() => {
+      const jsonData = JSON.parse(data);
+      assert.strictEqual(jsonData.servername, 'localhost');
+      assert(jsonData.alpnProtocol === 'h2' || jsonData.alpnProtocol === 'hc');
+      server.close();
+      client.socket.destroy();
+    }));
+    req.end();
+  });
+}));