TLS connection fixes

diff --git a/server/irc/connection.js b/server/irc/connection.js
index 16c99f600d00ab140f4a0aa7cd3d053a2e2cc4e5..8f823ce649a5855bddf326413af88675483f4898 100644 (file)
--- a/server/irc/connection.js
+++ b/server/irc/connection.js
@@ -221,7 +221,12 @@ IrcConnection.prototype.connect = function () {
             that.socket = new Proxy.ProxySocket(that.proxy.port, host, {
                 username: that.username,
             });
-            that.socket.connect(that.irc_host.port, that.irc_host.hostname);
+
+            if (that.ssl) {
+                that.socket.connectTls(that.irc_host.port, that.irc_host.hostname);
+            } else {
+                that.socket.connect(that.irc_host.port, that.irc_host.hostname);
+            }
 
         } else {
             // No socks connection, connect directly to the IRCd

diff --git a/server/kiwi.js b/server/kiwi.js
index 2323a5f2a272feecb3b40205391edcd5926810d6..81dac34c4d1a3072175dbff11d54f1b34ea36fdf 100755 (executable)
--- a/server/kiwi.js
+++ b/server/kiwi.js
@@ -239,7 +239,7 @@ _.each(global.config.servers, function (server) {
             console.log('Kiwi proxy listening on %s:%s %s SSL', server.address, server.port, (server.ssl ? 'with' : 'without'));
         });
 
-        serv.on('connection_open', function(pipe) {
+        serv.on('socket_connected', function(pipe) {
             pipe.identd_pair = pipe.irc_socket.localPort.toString() + '_' + pipe.irc_socket.remotePort.toString();
             console.log('[IDENTD] opened ' + pipe.identd_pair);
             global.clients.port_pairs[pipe.identd_pair] = pipe.meta;

diff --git a/server/proxy.js b/server/proxy.js
index 5950dcf6a16921d6334141475b4366f25c0c9550..6f9d29f23764b844ad2f700c11dea47e3772e3a7 100644 (file)
--- a/server/proxy.js
+++ b/server/proxy.js
@@ -169,6 +169,18 @@ ProxyPipe.prototype.makeIrcConnection = function() {
     this.irc_socket.setTimeout(10000);
     this.irc_socket.on('error', this._onSocketError.bind(this));
     this.irc_socket.on('timeout', this._onSocketTimeout.bind(this));
+
+    // We need the raw socket connect event, not after any SSL handshakes or anything
+    if (this.irc_socket.socket) {
+        this.irc_socket.socket.on('connect', this._onRawSocketConnect.bind(this));
+    } else {
+        this.irc_socket.on('connect', this._onRawSocketConnect.bind(this));
+    }
+};
+
+
+ProxyPipe.prototype._onRawSocketConnect = function() {
+    this.proxy_server.emit('socket_connected', this);
 };
 
 
@@ -253,6 +265,12 @@ ProxySocket.prototype.setMeta = function(meta) {
 };
 
 
+ProxySocket.prototype.connectTls = function() {
+    this.meta.ssl = true;
+    return this.connect.apply(this, arguments);
+};
+
+
 ProxySocket.prototype.connect = function(dest_port, dest_addr, connected_fn) {
     this.meta.host = dest_addr;
     this.meta.port = dest_port;
@@ -267,8 +285,8 @@ ProxySocket.prototype.connect = function(dest_port, dest_addr, connected_fn) {
     this.socket = this.proxy_opts.ssl ?
         tls.connect(this.proxy_port, this.proxy_addr, this._onSocketConnect.bind(this)) :
         net.connect(this.proxy_port, this.proxy_addr, this._onSocketConnect.bind(this));
-    this.socket.setTimeout(10000);
 
+    this.socket.setTimeout(10000);
     this.socket.on('data', this._onSocketData.bind(this));
     this.socket.on('close', this._onSocketClose.bind(this));
     this.socket.on('error', this._onSocketError.bind(this));