1
0
mirror of https://github.com/node-red/node-red.git synced 2023-10-10 13:36:53 +02:00

Merge pull request #3092 from hardillb/http-req-ca-fix

Copy tls.cert to tls.certificate for GOT
This commit is contained in:
Nick O'Leary 2021-07-28 10:05:19 +01:00 committed by GitHub
commit 6364e00202
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 69 additions and 3 deletions

View File

@ -475,6 +475,10 @@ in your Node-RED user directory (${RED.settings.userDir}).
opts.https.certificateAuthority = opts.https.ca; opts.https.certificateAuthority = opts.https.ca;
delete opts.https.ca; delete opts.https.ca;
} }
if (opts.https.cert) {
opts.https.certificate = opts.https.cert;
delete opts.https.cert;
}
} else { } else {
if (msg.hasOwnProperty('rejectUnauthorized')) { if (msg.hasOwnProperty('rejectUnauthorized')) {
opts.https = { rejectUnauthorized: msg.rejectUnauthorized }; opts.https = { rejectUnauthorized: msg.rejectUnauthorized };

View File

@ -42,6 +42,8 @@ describe('HTTP Request Node', function() {
var testProxyPort = 10444; var testProxyPort = 10444;
var testProxyServerAuth; var testProxyServerAuth;
var testProxyAuthPort = 10554; var testProxyAuthPort = 10554;
var testSslClientServer;
var testSslClientPort = 10664;
//save environment variables //save environment variables
var preEnvHttpProxyLowerCase; var preEnvHttpProxyLowerCase;
@ -57,6 +59,7 @@ describe('HTTP Request Node', function() {
testServer = stoppable(http.createServer(testApp)); testServer = stoppable(http.createServer(testApp));
testServer.listen(testPort,function(err) { testServer.listen(testPort,function(err) {
testSslPort += 1; testSslPort += 1;
console.log("ssl port", testSslPort);
var sslOptions = { var sslOptions = {
key: fs.readFileSync('test/resources/ssl/server.key'), key: fs.readFileSync('test/resources/ssl/server.key'),
cert: fs.readFileSync('test/resources/ssl/server.crt') cert: fs.readFileSync('test/resources/ssl/server.crt')
@ -75,7 +78,25 @@ describe('HTTP Request Node', function() {
*/ */
}; };
testSslServer = stoppable(https.createServer(sslOptions,testApp)); testSslServer = stoppable(https.createServer(sslOptions,testApp));
testSslServer.listen(testSslPort); testSslServer.listen(testSslPort, function(err){
if (err) {
console.log(err);
} else {
console.log("started testSslServer");
}
});
testSslClientPort += 1;
var sslClientOptions = {
key: fs.readFileSync('test/resources/ssl/server.key'),
cert: fs.readFileSync('test/resources/ssl/server.crt'),
ca: fs.readFileSync('test/resources/ssl/server.crt'),
requestCert: true
};
testSslClientServer = stoppable(https.createServer(sslClientOptions, testApp));
testSslClientServer.listen(testSslClientPort, function(err){
console.log("ssl-client", err)
});
testProxyPort += 1; testProxyPort += 1;
testProxyServer = stoppable(httpProxy(http.createServer())) testProxyServer = stoppable(httpProxy(http.createServer()))
@ -121,6 +142,10 @@ describe('HTTP Request Node', function() {
return "https://localhost:"+testSslPort+url; return "https://localhost:"+testSslPort+url;
} }
function getSslClientTestURL(url) {
return "https://localhost:"+testSslClientPort+url;
}
function getDifferentTestURL(url) { function getDifferentTestURL(url) {
return "http://127.0.0.1:"+testPort+url; return "http://127.0.0.1:"+testPort+url;
} }
@ -280,6 +305,14 @@ describe('HTTP Request Node', function() {
headers:result headers:result
}); });
}) })
testApp.get('/getClientCert', function(req,res) {
if (req.client.authorized) {
res.send('hello');
} else {
res.status(401).send();
}
})
startServer(function(err) { startServer(function(err) {
if (err) { if (err) {
done(err); done(err);
@ -293,7 +326,9 @@ describe('HTTP Request Node', function() {
testProxyServer.stop(() => { testProxyServer.stop(() => {
testProxyServerAuth.stop(() => { testProxyServerAuth.stop(() => {
testSslServer.stop(() => { testSslServer.stop(() => {
helper.stopServer(done); testSslClientServer.stop(() => {
helper.stopServer(done);
})
}); });
}); });
}); });
@ -1520,7 +1555,7 @@ describe('HTTP Request Node', function() {
it('should use tls-config and verify serverCert', function(done) { it('should use tls-config and verify serverCert', function(done) {
var flow = [ var flow = [
{id:"n1",type:"http request",wires:[["n2"]],method:"GET",ret:"txt",url:getSslTestURLWithoutProtocol('/text'),tls:"n3"}, {id:"n1",type:"http request",wires:[["n2"]],method:"GET",ret:"txt",url:getSslTestURL('/text'),tls:"n3"},
{id:"n2", type:"helper"}, {id:"n2", type:"helper"},
{id:"n3", type:"tls-config", cert:"test/resources/ssl/server.crt", key:"test/resources/ssl/server.key", ca:"test/resources/ssl/server.crt", verifyservercert:true}]; {id:"n3", type:"tls-config", cert:"test/resources/ssl/server.crt", key:"test/resources/ssl/server.key", ca:"test/resources/ssl/server.crt", verifyservercert:true}];
var testNodes = [httpRequestNode, tlsNode]; var testNodes = [httpRequestNode, tlsNode];
@ -1545,6 +1580,33 @@ describe('HTTP Request Node', function() {
}); });
}); });
it('should use tls-config and send client cert', function(done) {
var flow = [
{id:"n1",type:"http request",wires:[["n2"]],method:"GET",ret:"txt",url:getSslClientTestURL('/getClientCert'),tls:"n3"},
{id:"n2", type:"helper"},
{id:"n3", type:"tls-config", cert:"test/resources/ssl/server.crt", key:"test/resources/ssl/server.key", ca:"test/resources/ssl/server.crt", verifyservercert:false}];
var testNodes = [httpRequestNode,tlsNode];
helper.load(testNodes, flow, function() {
var n3 = helper.getNode("n3");
var n2 = helper.getNode("n2");
var n1 = helper.getNode("n1");
n2.on("input", function(msg) {
try {
msg.should.have.property('payload','hello');
msg.should.have.property('statusCode',200);
msg.should.have.property('headers');
msg.headers.should.have.property('content-length',''+('hello'.length));
msg.headers.should.have.property('content-type').which.startWith('text/html');
msg.should.have.property('responseUrl').which.startWith('https://');
done();
} catch(err) {
done(err);
}
});
n1.receive({payload:"foo"});
})
});
//Removing HTTP Proxy testcases as GOT + Proxy_Agent doesn't work with mock'd proxy //Removing HTTP Proxy testcases as GOT + Proxy_Agent doesn't work with mock'd proxy
/* */ /* */
it('should use http_proxy', function(done) { it('should use http_proxy', function(done) {