From 96ecb5e70d7d36c529940c61b2a542857e0e956f Mon Sep 17 00:00:00 2001 From: Darren Date: Thu, 23 Jan 2014 22:05:01 +0000 Subject: [PATCH] TLS connection fixes --- server/irc/connection.js | 7 ++++++- server/kiwi.js | 2 +- server/proxy.js | 20 +++++++++++++++++++- 3 files changed, 26 insertions(+), 3 deletions(-) diff --git a/server/irc/connection.js b/server/irc/connection.js index 16c99f6..8f823ce 100644 --- a/server/irc/connection.js +++ b/server/irc/connection.js @@ -221,7 +221,12 @@ IrcConnection.prototype.connect = function () { that.socket = new Proxy.ProxySocket(that.proxy.port, host, { username: that.username, }); - that.socket.connect(that.irc_host.port, that.irc_host.hostname); + + if (that.ssl) { + that.socket.connectTls(that.irc_host.port, that.irc_host.hostname); + } else { + that.socket.connect(that.irc_host.port, that.irc_host.hostname); + } } else { // No socks connection, connect directly to the IRCd diff --git a/server/kiwi.js b/server/kiwi.js index 2323a5f..81dac34 100755 --- a/server/kiwi.js +++ b/server/kiwi.js @@ -239,7 +239,7 @@ _.each(global.config.servers, function (server) { console.log('Kiwi proxy listening on %s:%s %s SSL', server.address, server.port, (server.ssl ? 'with' : 'without')); }); - serv.on('connection_open', function(pipe) { + serv.on('socket_connected', function(pipe) { pipe.identd_pair = pipe.irc_socket.localPort.toString() + '_' + pipe.irc_socket.remotePort.toString(); console.log('[IDENTD] opened ' + pipe.identd_pair); global.clients.port_pairs[pipe.identd_pair] = pipe.meta; diff --git a/server/proxy.js b/server/proxy.js index 5950dcf..6f9d29f 100644 --- a/server/proxy.js +++ b/server/proxy.js @@ -169,6 +169,18 @@ ProxyPipe.prototype.makeIrcConnection = function() { this.irc_socket.setTimeout(10000); this.irc_socket.on('error', this._onSocketError.bind(this)); this.irc_socket.on('timeout', this._onSocketTimeout.bind(this)); + + // We need the raw socket connect event, not after any SSL handshakes or anything + if (this.irc_socket.socket) { + this.irc_socket.socket.on('connect', this._onRawSocketConnect.bind(this)); + } else { + this.irc_socket.on('connect', this._onRawSocketConnect.bind(this)); + } +}; + + +ProxyPipe.prototype._onRawSocketConnect = function() { + this.proxy_server.emit('socket_connected', this); }; @@ -253,6 +265,12 @@ ProxySocket.prototype.setMeta = function(meta) { }; +ProxySocket.prototype.connectTls = function() { + this.meta.ssl = true; + return this.connect.apply(this, arguments); +}; + + ProxySocket.prototype.connect = function(dest_port, dest_addr, connected_fn) { this.meta.host = dest_addr; this.meta.port = dest_port; @@ -267,8 +285,8 @@ ProxySocket.prototype.connect = function(dest_port, dest_addr, connected_fn) { this.socket = this.proxy_opts.ssl ? tls.connect(this.proxy_port, this.proxy_addr, this._onSocketConnect.bind(this)) : net.connect(this.proxy_port, this.proxy_addr, this._onSocketConnect.bind(this)); - this.socket.setTimeout(10000); + this.socket.setTimeout(10000); this.socket.on('data', this._onSocketData.bind(this)); this.socket.on('close', this._onSocketClose.bind(this)); this.socket.on('error', this._onSocketError.bind(this)); -- 2.25.1