diff options
Diffstat (limited to 'src/js/out/modules/node')
| -rw-r--r-- | src/js/out/modules/node/net.js | 54 | ||||
| -rw-r--r-- | src/js/out/modules/node/tls.js | 111 |
2 files changed, 122 insertions, 43 deletions
diff --git a/src/js/out/modules/node/net.js b/src/js/out/modules/node/net.js index 7f3102648..06b2ef6ef 100644 --- a/src/js/out/modules/node/net.js +++ b/src/js/out/modules/node/net.js @@ -26,7 +26,7 @@ var isIPv4 = function(s) { self.emit("listening"); }, createServer = function(options, connectionListener) { return new Server(options, connectionListener); -}, v4Seg = "(?:[0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])", v4Str = `(${v4Seg}[.]){3}${v4Seg}`, IPv4Reg = new RegExp(`^${v4Str}$`), v6Seg = "(?:[0-9a-fA-F]{1,4})", IPv6Reg = new RegExp("^(" + `(?:${v6Seg}:){7}(?:${v6Seg}|:)|` + `(?:${v6Seg}:){6}(?:${v4Str}|:${v6Seg}|:)|` + `(?:${v6Seg}:){5}(?::${v4Str}|(:${v6Seg}){1,2}|:)|` + `(?:${v6Seg}:){4}(?:(:${v6Seg}){0,1}:${v4Str}|(:${v6Seg}){1,3}|:)|` + `(?:${v6Seg}:){3}(?:(:${v6Seg}){0,2}:${v4Str}|(:${v6Seg}){1,4}|:)|` + `(?:${v6Seg}:){2}(?:(:${v6Seg}){0,3}:${v4Str}|(:${v6Seg}){1,5}|:)|` + `(?:${v6Seg}:){1}(?:(:${v6Seg}){0,4}:${v4Str}|(:${v6Seg}){1,6}|:)|` + `(?::((?::${v6Seg}){0,5}:${v4Str}|(?::${v6Seg}){1,7}|:))` + ")(%[0-9a-zA-Z-.:]{1,})?$"), { Bun, createFIFO, Object } = globalThis[Symbol.for("Bun.lazy")]("primordials"), { connect: bunConnect } = Bun, { setTimeout } = globalThis, bunTlsSymbol = Symbol.for("::buntls::"), bunSocketServerHandlers = Symbol.for("::bunsocket_serverhandlers::"), bunSocketServerConnections = Symbol.for("::bunnetserverconnections::"), bunSocketServerOptions = Symbol.for("::bunnetserveroptions::"), bunSocketInternal = Symbol.for("::bunnetsocketinternal::"), SocketClass, Socket = function(InternalSocket) { +}, v4Seg = "(?:[0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])", v4Str = `(${v4Seg}[.]){3}${v4Seg}`, IPv4Reg = new RegExp(`^${v4Str}$`), v6Seg = "(?:[0-9a-fA-F]{1,4})", IPv6Reg = new RegExp("^(" + `(?:${v6Seg}:){7}(?:${v6Seg}|:)|` + `(?:${v6Seg}:){6}(?:${v4Str}|:${v6Seg}|:)|` + `(?:${v6Seg}:){5}(?::${v4Str}|(:${v6Seg}){1,2}|:)|` + `(?:${v6Seg}:){4}(?:(:${v6Seg}){0,1}:${v4Str}|(:${v6Seg}){1,3}|:)|` + `(?:${v6Seg}:){3}(?:(:${v6Seg}){0,2}:${v4Str}|(:${v6Seg}){1,4}|:)|` + `(?:${v6Seg}:){2}(?:(:${v6Seg}){0,3}:${v4Str}|(:${v6Seg}){1,5}|:)|` + `(?:${v6Seg}:){1}(?:(:${v6Seg}){0,4}:${v4Str}|(:${v6Seg}){1,6}|:)|` + `(?::((?::${v6Seg}){0,5}:${v4Str}|(?::${v6Seg}){1,7}|:))` + ")(%[0-9a-zA-Z-.:]{1,})?$"), { Bun, createFIFO, Object } = globalThis[Symbol.for("Bun.lazy")]("primordials"), { connect: bunConnect } = Bun, { setTimeout } = globalThis, bunTlsSymbol = Symbol.for("::buntls::"), bunSocketServerHandlers = Symbol.for("::bunsocket_serverhandlers::"), bunSocketServerConnections = Symbol.for("::bunnetserverconnections::"), bunSocketServerOptions = Symbol.for("::bunnetserveroptions::"), bunSocketInternal = Symbol.for("::bunnetsocketinternal::"), bunTLSConnectOptions = Symbol.for("::buntlsconnectoptions::"), SocketClass, Socket = function(InternalSocket) { return SocketClass = InternalSocket, Object.defineProperty(SocketClass.prototype, Symbol.toStringTag, { value: "Socket", enumerable: !1 @@ -62,13 +62,26 @@ var isIPv4 = function(s) { }, open(socket) { const self = socket.data; - if (socket.timeout(self.timeout), socket.ref(), self[bunSocketInternal] = socket, self.connecting = !1, !self.#upgraded) + socket.timeout(self.timeout), socket.ref(), self[bunSocketInternal] = socket, self.connecting = !1; + const options = self[bunTLSConnectOptions]; + if (options) { + const { session } = options; + if (session) + self.setSession(session); + } + if (!self.#upgraded) self.emit("connect", self); Socket2.#Drain(socket); }, handshake(socket, success, verifyError) { const { data: self } = socket; - if (self._securePending = !1, self.secureConnecting = !1, self._secureEstablished = !!success, self._requestCert || self._rejectUnauthorized) { + self._securePending = !1, self.secureConnecting = !1, self._secureEstablished = !!success, self.emit("secure", self); + const { checkServerIdentity } = self[bunTLSConnectOptions]; + if (!verifyError && typeof checkServerIdentity === "function" && self.servername) { + const cert = self.getPeerCertificate(!0); + verifyError = checkServerIdentity(self.servername, cert); + } + if (self._requestCert || self._rejectUnauthorized) { if (verifyError) { if (self.authorized = !1, self.authorizationError = verifyError.code || verifyError.message, self._rejectUnauthorized) { self.destroy(verifyError); @@ -138,8 +151,9 @@ var isIPv4 = function(s) { connectionListener(_socket); self.emit("connection", _socket); }, - handshake({ data: self }, success, verifyError) { - if (self._securePending = !1, self.secureConnecting = !1, self._secureEstablished = !!success, self._requestCert || self._rejectUnauthorized) { + handshake(socket, success, verifyError) { + const { data: self } = socket; + if (self.emit("secure", self), self._securePending = !1, self.secureConnecting = !1, self._secureEstablished = !!success, self._requestCert || self._rejectUnauthorized) { if (verifyError) { if (self.authorized = !1, self.authorizationError = verifyError.code || verifyError.message, self._rejectUnauthorized) { self.destroy(verifyError); @@ -148,7 +162,7 @@ var isIPv4 = function(s) { } } else self.authorized = !0; - self.emit("secureConnect", verifyError); + self.emit("secureConnection", verifyError); }, error(socket, error) { Socket2.#Handlers.error(socket, error), this.data.emit("error", error); @@ -166,6 +180,7 @@ var isIPv4 = function(s) { #readQueue = createFIFO(); remotePort; [bunSocketInternal] = null; + [bunTLSConnectOptions] = null; timeout = 0; #writeCallback; #writeChunk; @@ -199,10 +214,12 @@ var isIPv4 = function(s) { return this.writableLength; } #attach(port, socket) { - this.remotePort = port, socket.data = this, socket.timeout(this.timeout), socket.ref(), this[bunSocketInternal] = socket, this.connecting = !1, this.emit("connect", this), Socket2.#Drain(socket); + if (this.remotePort = port, socket.data = this, socket.timeout(this.timeout), socket.ref(), this[bunSocketInternal] = socket, this.connecting = !1, !this.#upgraded) + this.emit("connect", this); + Socket2.#Drain(socket); } connect(port, host, connectListener) { - var path, connection = this.#socket; + var path, connection = this.#socket, _checkServerIdentity = void 0; if (typeof port === "string") { if (path = port, port = void 0, typeof host === "function") connectListener = host, host = void 0; @@ -228,9 +245,11 @@ var isIPv4 = function(s) { requestCert, rejectUnauthorized, pauseOnConnect, - servername + servername, + checkServerIdentity, + session } = port; - if (this.servername = servername, socket) + if (_checkServerIdentity = checkServerIdentity, this.servername = servername, socket) connection = socket; } if (!pauseOnConnect) @@ -240,12 +259,7 @@ var isIPv4 = function(s) { var tls = void 0; if (typeof bunTLS === "function") { if (tls = bunTLS.call(this, port, host, !0), this._requestCert = !0, this._rejectUnauthorized = rejectUnauthorized, tls) { - if (typeof tls !== "object") - tls = { - rejectUnauthorized, - requestCert: !0 - }; - else if (tls.rejectUnauthorized = rejectUnauthorized, tls.requestCert = !0, !connection && tls.socket) + if (tls.rejectUnauthorized = rejectUnauthorized, tls.requestCert = !0, tls.session = session || tls.session, this.servername = tls.servername, tls.checkServerIdentity = _checkServerIdentity || tls.checkServerIdentity, this[bunTLSConnectOptions] = tls, !connection && tls.socket) connection = tls.socket; } if (connection) { @@ -491,10 +505,12 @@ class Server extends EventEmitter { } try { var tls = void 0, TLSSocketClass = void 0; - const bunTLS = this[bunTlsSymbol]; + const bunTLS = this[bunTlsSymbol], options = this[bunSocketServerOptions]; if (typeof bunTLS === "function") - [tls, TLSSocketClass] = bunTLS.call(this, port, hostname, !1); - this[bunSocketServerOptions].InternalSocketClass = TLSSocketClass || SocketClass, this.#server = Bun.listen(path ? { + [tls, TLSSocketClass] = bunTLS.call(this, port, hostname, !1), options.servername = tls.serverName, options.InternalSocketClass = TLSSocketClass; + else + options.InternalSocketClass = SocketClass; + this.#server = Bun.listen(path ? { exclusive, unix: path, tls, diff --git a/src/js/out/modules/node/tls.js b/src/js/out/modules/node/tls.js index ca8a13270..3c9626cce 100644 --- a/src/js/out/modules/node/tls.js +++ b/src/js/out/modules/node/tls.js @@ -12,9 +12,11 @@ var parseCertString = function() { return !0; } }, unfqdn = function(host2) { - return RegExpPrototypeSymbolReplace(/[.]$/, host2, ""); + return RegExpPrototypeSymbolReplace.call(/[.]$/, host2, ""); +}, toLowerCase = function(c) { + return StringFromCharCode.call(32 + StringPrototypeCharCodeAt.call(c, 0)); }, splitHost = function(host2) { - return StringPrototypeSplit.call(RegExpPrototypeSymbolReplace(/[A-Z]/g, unfqdn(host2), toLowerCase), "."); + return StringPrototypeSplit.call(RegExpPrototypeSymbolReplace.call(/[A-Z]/g, unfqdn(host2), toLowerCase), "."); }, check = function(hostParts, pattern, wildcards) { if (!pattern) return !1; @@ -87,7 +89,7 @@ var parseCertString = function() { reason = `Host: ${hostname}. is not in the cert's altnames: ${altNames}`; } else { const cn = subject.CN; - if (ArrayIsArray(cn)) + if (Array.isArray(cn)) valid = ArrayPrototypeSome.call(cn, wildcard); else if (cn) valid = wildcard(cn); @@ -104,8 +106,24 @@ var parseCertString = function() { return new InternalSecureContext(options); }, createSecureContext = function(options) { return new SecureContext(options); -}; -var createServer = function(options, connectionListener) { +}, translatePeerCertificate = function(c) { + if (!c) + return null; + if (c.issuerCertificate != null && c.issuerCertificate !== c) + c.issuerCertificate = translatePeerCertificate(c.issuerCertificate); + if (c.infoAccess != null) { + const info = c.infoAccess; + c.infoAccess = { __proto__: null }, RegExpPrototypeSymbolReplace.call(/([^\n:]*):([^\n]*)(?:\n|$)/g, info, (all, key, val) => { + if (val.charCodeAt(0) === 34) + val = JSONParse(val); + if (key in c.infoAccess) + ArrayPrototypePush.call(c.infoAccess[key], val); + else + c.infoAccess[key] = [val]; + }); + } + return c; +}, createServer = function(options, connectionListener) { return new Server(options, connectionListener); }, getCiphers = function() { return DEFAULT_CIPHERS.split(":"); @@ -131,7 +149,7 @@ var createServer = function(options, connectionListener) { out.ALPNProtocols = Buffer.from(protocols.buffer.slice(protocols.byteOffset, protocols.byteOffset + protocols.byteLength)); else if (Buffer.isBuffer(protocols)) out.ALPNProtocols = protocols; -}, InternalTCPSocket = net[Symbol.for("::bunternal::")], bunSocketInternal = Symbol.for("::bunnetsocketinternal::"), { RegExp, Array, String } = globalThis[Symbol.for("Bun.lazy")]("primordials"), SymbolReplace = Symbol.replace, RegExpPrototypeSymbolReplace = RegExp.prototype[SymbolReplace], RegExpPrototypeExec = RegExp.prototype.exec, StringPrototypeStartsWith = String.prototype.startsWith, StringPrototypeSlice = String.prototype.slice, StringPrototypeIncludes = String.prototype.includes, StringPrototypeSplit = String.prototype.split, StringPrototypeIndexOf = String.prototype.indexOf, StringPrototypeSubstring = String.prototype.substring, StringPrototypeEndsWith = String.prototype.endsWith, ArrayPrototypeIncludes = Array.prototype.includes, ArrayPrototypeJoin = Array.prototype.join, ArrayPrototypeForEach = Array.prototype.forEach, ArrayPrototypePush = Array.prototype.push, ArrayPrototypeSome = Array.prototype.some, ArrayPrototypeReduce = Array.prototype.reduce, jsonStringPattern = /^"(?:[^"\\\u0000-\u001f]|\\(?:["\\/bfnrt]|u[0-9a-fA-F]{4}))*"/, InternalSecureContext = class SecureContext2 { +}, InternalTCPSocket = net[Symbol.for("::bunternal::")], bunSocketInternal = Symbol.for("::bunnetsocketinternal::"), { RegExp, Array, String } = globalThis[Symbol.for("Bun.lazy")]("primordials"), SymbolReplace = Symbol.replace, RegExpPrototypeSymbolReplace = RegExp.prototype[SymbolReplace], RegExpPrototypeExec = RegExp.prototype.exec, StringPrototypeStartsWith = String.prototype.startsWith, StringPrototypeSlice = String.prototype.slice, StringPrototypeIncludes = String.prototype.includes, StringPrototypeSplit = String.prototype.split, StringPrototypeIndexOf = String.prototype.indexOf, StringPrototypeSubstring = String.prototype.substring, StringPrototypeEndsWith = String.prototype.endsWith, StringFromCharCode = String.fromCharCode, StringPrototypeCharCodeAt = String.prototype.charCodeAt, ArrayPrototypeIncludes = Array.prototype.includes, ArrayPrototypeJoin = Array.prototype.join, ArrayPrototypeForEach = Array.prototype.forEach, ArrayPrototypePush = Array.prototype.push, ArrayPrototypeSome = Array.prototype.some, ArrayPrototypeReduce = Array.prototype.reduce, jsonStringPattern = /^"(?:[^"\\\u0000-\u001f]|\\(?:["\\/bfnrt]|u[0-9a-fA-F]{4}))*"/, InternalSecureContext = class SecureContext2 { context; constructor(options) { const context = {}; @@ -184,6 +202,8 @@ var createServer = function(options, connectionListener) { #secureContext; ALPNProtocols; #socket; + #checkServerIdentity; + #session; constructor(socket, options) { super(socket instanceof InternalTCPSocket ? options : options || socket); if (options = options || socket || {}, typeof options === "object") { @@ -193,7 +213,7 @@ var createServer = function(options, connectionListener) { if (socket instanceof InternalTCPSocket) this.#socket = socket; } - this.#secureContext = options.secureContext || createSecureContext(options), this.authorized = !1, this.secureConnecting = !0, this._secureEstablished = !1, this._securePending = !0; + this.#secureContext = options.secureContext || createSecureContext(options), this.authorized = !1, this.secureConnecting = !0, this._secureEstablished = !1, this._securePending = !0, this.#checkServerIdentity = options.checkServerIdentity || checkServerIdentity, this.#session = options.session || null; } _secureEstablished = !1; _securePending = !0; @@ -204,14 +224,57 @@ var createServer = function(options, connectionListener) { servername; authorized = !1; authorizationError; + #renegotiationDisabled = !1; encrypted = !0; _start() { + this.connect(); } - exportKeyingMaterial(length, label, context) { + getSession() { + return this[bunSocketInternal]?.getSession(); + } + getEphemeralKeyInfo() { + return this[bunSocketInternal]?.getEphemeralKeyInfo(); + } + getCipher() { + return this[bunSocketInternal]?.getCipher(); + } + getSharedSigalgs() { + return this[bunSocketInternal]?.getSharedSigalgs(); + } + getProtocol() { + return this[bunSocketInternal]?.getTLSVersion(); + } + getFinished() { + return this[bunSocketInternal]?.getTLSFinishedMessage() || void 0; + } + getPeerFinished() { + return this[bunSocketInternal]?.getTLSPeerFinishedMessage() || void 0; + } + isSessionReused() { + return !!this.#session; + } + renegotiate() { + if (this.#renegotiationDisabled) { + const error = new Error("ERR_TLS_RENEGOTIATION_DISABLED: TLS session renegotiation disabled for this socket"); + throw error.name = "ERR_TLS_RENEGOTIATION_DISABLED", error; + } throw Error("Not implented in Bun yet"); } + disableRenegotiation() { + this.#renegotiationDisabled = !0; + } + getTLSTicket() { + return this[bunSocketInternal]?.getTLSTicket(); + } + exportKeyingMaterial(length, label, context) { + if (context) + return this[bunSocketInternal]?.exportKeyingMaterial(length, label, context); + return this[bunSocketInternal]?.exportKeyingMaterial(length, label); + } setMaxSendFragment(size) { - throw Error("Not implented in Bun yet"); + return this[bunSocketInternal]?.setMaxSendFragment(size) || !1; + } + enableTrace() { } setServername(name) { if (this.isServer) { @@ -220,14 +283,20 @@ var createServer = function(options, connectionListener) { } this.servername = name, this[bunSocketInternal]?.setServername(name); } - setSession() { - throw Error("Not implented in Bun yet"); + setSession(session) { + if (this.#session = session, typeof session === "string") + session = Buffer.from(session, "latin1"); + return this[bunSocketInternal]?.setSession(session); } - getPeerCertificate() { - throw Error("Not implented in Bun yet"); + getPeerCertificate(abbreviated) { + const cert = arguments.length < 1 ? this[bunSocketInternal]?.getPeerCertificate() : this[bunSocketInternal]?.getPeerCertificate(abbreviated); + if (cert) + return translatePeerCertificate(cert); } getCertificate() { - throw Error("Not implented in Bun yet"); + const cert = this[bunSocketInternal]?.getCertificate(); + if (cert) + return translatePeerCertificate(cert); } getPeerX509Certificate() { throw Error("Not implented in Bun yet"); @@ -243,6 +312,8 @@ var createServer = function(options, connectionListener) { socket: this.#socket, ALPNProtocols: this.ALPNProtocols, serverName: this.servername || host2 || "localhost", + checkServerIdentity: this.#checkServerIdentity, + session: this.#session, ...this.#secureContext }; } @@ -258,16 +329,9 @@ class Server extends NetServer { _requestCert; servername; ALPNProtocols; - #checkServerIdentity; constructor(options, secureConnectionListener) { super(options, secureConnectionListener); - this.#checkServerIdentity = options?.checkServerIdentity || checkServerIdentity, this.setSecureContext(options); - } - emit(event, args) { - if (super.emit(event, args), event === "connection") - args.once("secureConnect", () => { - super.emit("secureConnection", args); - }); + this.setSecureContext(options); } setSecureContext(options) { if (options instanceof InternalSecureContext) @@ -335,8 +399,7 @@ class Server extends NetServer { secureOptions: this.secureOptions, rejectUnauthorized: isClient ? !1 : this._rejectUnauthorized, requestCert: isClient ? !1 : this._requestCert, - ALPNProtocols: this.ALPNProtocols, - checkServerIdentity: this.#checkServerIdentity + ALPNProtocols: this.ALPNProtocols }, SocketClass ]; |