follow-ups
This commit is contained in:
Max Schmitt
parent
c3fdaf9907
commit
3571538e58
|
|
@ -30,20 +30,18 @@ import { debugLogger } from '../utils/debugLogger';
|
|||
class ALPNCache {
|
||||
private _cache = new Map<string, ManualPromise<string>>();
|
||||
|
||||
get(host: string, port: number, success: (protocol: string) => void, error: (error: Error) => void): void {
|
||||
get(host: string, port: number, success: (protocol: string) => void) {
|
||||
const cacheKey = `${host}:${port}`;
|
||||
{
|
||||
const result = this._cache.get(cacheKey);
|
||||
if (result) {
|
||||
result.then(success);
|
||||
result.catch(error);
|
||||
return;
|
||||
}
|
||||
}
|
||||
const result = new ManualPromise<string>();
|
||||
this._cache.set(cacheKey, result);
|
||||
result.then(success);
|
||||
result.catch(error);
|
||||
const socket = tls.connect({
|
||||
host,
|
||||
port,
|
||||
|
|
@ -57,14 +55,13 @@ class ALPNCache {
|
|||
socket.end();
|
||||
});
|
||||
socket.on('error', error => {
|
||||
result.reject(error);
|
||||
debugLogger.log('client-certificates', `ALPN error: ${error.message}`);
|
||||
result.resolve('http/1.1');
|
||||
socket.end();
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
const alpnCache = new ALPNCache();
|
||||
|
||||
class SocksProxyConnection {
|
||||
private readonly socksProxy: ClientCertificatesProxy;
|
||||
private readonly uid: string;
|
||||
|
|
@ -123,16 +120,17 @@ class SocksProxyConnection {
|
|||
callback();
|
||||
}
|
||||
});
|
||||
alpnCache.get(rewriteToLocalhostIfNeeded(this.host), this.port, serverRequestedAlpnProtocol => {
|
||||
debugLogger.log('socks', `Proxy->Target ${this.host}:${this.port} chooses ALPN ${serverRequestedAlpnProtocol}`);
|
||||
this.socksProxy.alpnCache.get(rewriteToLocalhostIfNeeded(this.host), this.port, alpnProtocolChosenByServer => {
|
||||
debugLogger.log('client-certificates', `Proxy->Target ${this.host}:${this.port} chooses ALPN ${alpnProtocolChosenByServer}`);
|
||||
const dummyServer = tls.createServer({
|
||||
key: fs.readFileSync(path.join(__dirname, '../../bin/socks-certs/key.pem')),
|
||||
cert: fs.readFileSync(path.join(__dirname, '../../bin/socks-certs/cert.pem')),
|
||||
ALPNProtocols: serverRequestedAlpnProtocol === 'h2' ? ['h2', 'http/1.1'] : ['http/1.1'],
|
||||
ALPNProtocols: alpnProtocolChosenByServer === 'h2' ? ['h2', 'http/1.1'] : ['http/1.1'],
|
||||
});
|
||||
this.internal?.on('close', () => dummyServer.close());
|
||||
dummyServer.emit('connection', this.internal);
|
||||
dummyServer.on('secureConnection', internalTLS => {
|
||||
debugLogger.log('socks', `Browser->Proxy ${this.host}:${this.port} chooses ALPN ${internalTLS.alpnProtocol}`);
|
||||
debugLogger.log('client-certificates', `Browser->Proxy ${this.host}:${this.port} chooses ALPN ${internalTLS.alpnProtocol}`);
|
||||
internalTLS.on('close', () => this.socksProxy._socksProxy.sendSocketEnd({ uid: this.uid }));
|
||||
const tlsOptions: tls.ConnectionOptions = {
|
||||
socket: this.target,
|
||||
|
|
@ -162,7 +160,7 @@ class SocksProxyConnection {
|
|||
|
||||
internalTLS.on('error', () => closeBothSockets());
|
||||
targetTLS.on('error', error => {
|
||||
debugLogger.log('socks', `error when connecting to target: ${error.message}`);
|
||||
debugLogger.log('client-certificates', `error when connecting to target: ${error.message}`);
|
||||
if (internalTLS?.alpnProtocol === 'h2') {
|
||||
// https://github.com/nodejs/node/issues/46152
|
||||
// TODO: http2.performServerHandshake does not work here for some reason.
|
||||
|
|
@ -179,9 +177,6 @@ class SocksProxyConnection {
|
|||
closeBothSockets();
|
||||
});
|
||||
});
|
||||
|
||||
}, error => {
|
||||
this.socksProxy._socksProxy.sendSocketError({ uid: this.uid, error: error.message });
|
||||
});
|
||||
}
|
||||
}
|
||||
|
|
@ -191,10 +186,12 @@ export class ClientCertificatesProxy {
|
|||
private _connections: Map<string, SocksProxyConnection> = new Map();
|
||||
ignoreHTTPSErrors: boolean | undefined;
|
||||
clientCertificates: channels.BrowserNewContextOptions['clientCertificates'];
|
||||
alpnCache: ALPNCache;
|
||||
|
||||
constructor(
|
||||
contextOptions: Pick<channels.BrowserNewContextOptions, 'clientCertificates' | 'ignoreHTTPSErrors'>
|
||||
) {
|
||||
this.alpnCache = new ALPNCache();
|
||||
this.ignoreHTTPSErrors = contextOptions.ignoreHTTPSErrors;
|
||||
this.clientCertificates = contextOptions.clientCertificates;
|
||||
this._socksProxy = new SocksProxy();
|
||||
|
|
@ -263,10 +260,3 @@ export function clientCertificatesToTLSOptions(
|
|||
function rewriteToLocalhostIfNeeded(host: string): string {
|
||||
return host === 'local.playwright' ? 'localhost' : host;
|
||||
}
|
||||
|
||||
// For testing.
|
||||
if (require.main === module) {
|
||||
const proxy = new ClientCertificatesProxy({ clientCertificates: [], ignoreHTTPSErrors: false });
|
||||
// eslint-disable-next-line no-console
|
||||
proxy.listen().then(url => console.log('Listening on', url));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@ const debugLoggerColorMap = {
|
|||
'download': 34, // green
|
||||
'browser': 0, // reset
|
||||
'socks': 92, // purple
|
||||
'client-certificates': 92, // purple
|
||||
'error': 160, // red,
|
||||
'channel': 33, // blue
|
||||
'server': 45, // cyan
|
||||
|
|
|
|||
Loading…
Reference in a new issue