Skip to content

Commit

Permalink
http2: specify default TLS options for http2 client connection.
Browse files Browse the repository at this point in the history
fixes: nodejs#59

Also, add a testcase for http2/TLS secure connection.
This verifies to send the server name and ALPN protocols
by default.

PR-URL: nodejs#61
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
  • Loading branch information
jmuk authored and jasnell committed Jun 22, 2017
1 parent 1109733 commit d4ec6d4
Show file tree
Hide file tree
Showing 2 changed files with 71 additions and 2 deletions.
7 changes: 5 additions & 2 deletions lib/internal/http2/core.js
Original file line number Diff line number Diff line change
Expand Up @@ -1091,10 +1091,13 @@ function initializeOptions(options) {
return options;
}

function initializeTLSOptions(options) {
function initializeTLSOptions(options, servername) {
options = initializeOptions(options);
options.ALPNProtocols = ['hc', 'h2'];
options.NPNProtocols = ['hc', 'h2'];
if (servername !== undefined) {
options.servername = servername;
}
return options;
}

Expand Down Expand Up @@ -1242,7 +1245,7 @@ function connect(authority, options, listener) {
socket = net.connect(port, host);
break;
case 'https:':
socket = tls.connect(port, host, options);
socket = tls.connect(port, host, initializeTLSOptions(options, host));
break;
default:
throw new TypeError(`protocol "${protocol}" in unsupported.`);
Expand Down
66 changes: 66 additions & 0 deletions test/parallel/test-http2-create-client-secure-session.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
'use strict';

const common = require('../common');
const assert = require('assert');
const path = require('path');
const fs = require('fs');
const tls = require('tls');
const h2 = require('http2');
const body =
'<html><head></head><body><h1>this is some data</h2></body></html>';

const key = loadKey('agent8-key.pem');
const cert = loadKey('agent8-cert.pem');
const ca = loadKey('fake-startcom-root-cert.pem');

function loadKey(keyname) {
return fs.readFileSync(path.join(common.fixturesDir, 'keys', keyname), 'binary');
}

const server = h2.createSecureServer({cert, key});

// we use the lower-level API here
server.on('stream', common.mustCall(onStream));

function onStream(stream) {
stream.respond({
'content-type': 'text/html',
':status': 200
});
const socket = stream.session.socket;
stream.end(JSON.stringify({
servername: socket.servername,
alpnProtocol: socket.alpnProtocol
}));
}

server.listen(0);

server.on('listening', common.mustCall(function() {

const headers = { ':path': '/' };

const clientOptions = {secureContext: tls.createSecureContext({ca})};
const client = h2.connect(`https://localhost:${this.address().port}`, clientOptions, function() {
const req = client.request(headers);

req.on('response', common.mustCall(function(headers) {
assert.strictEqual(headers[':status'], '200', 'status code is set');
assert.strictEqual(headers['content-type'], 'text/html',
'content type is set');
assert(headers['date'], 'there is a date');
}));

let data = '';
req.setEncoding('utf8');
req.on('data', (d) => data += d);
req.on('end', common.mustCall(() => {
const jsonData = JSON.parse(data);
assert.strictEqual(jsonData.servername, 'localhost');
assert(jsonData.alpnProtocol === 'h2' || jsonData.alpnProtocol === 'hc');
server.close();
client.socket.destroy();
}));
req.end();
});
}));

0 comments on commit d4ec6d4

Please sign in to comment.