From 8c95067ec4c727c9ed7d46318af5d4c809deb071 Mon Sep 17 00:00:00 2001 From: Ben Hardill Date: Tue, 18 May 2021 13:13:32 +0100 Subject: [PATCH 1/2] Add ALPN support to TLS node --- .../node_modules/@node-red/nodes/core/network/05-tls.html | 7 ++++++- .../node_modules/@node-red/nodes/core/network/05-tls.js | 3 +++ .../@node-red/nodes/locales/en-US/messages.json | 6 ++++-- 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/packages/node_modules/@node-red/nodes/core/network/05-tls.html b/packages/node_modules/@node-red/nodes/core/network/05-tls.html index 81d1453f9..681486258 100644 --- a/packages/node_modules/@node-red/nodes/core/network/05-tls.html +++ b/packages/node_modules/@node-red/nodes/core/network/05-tls.html @@ -67,6 +67,10 @@ +
+ + +
@@ -98,7 +102,8 @@ keyname: {value:""}, caname: {value:""}, servername: {value:""}, - verifyservercert: {value: true} + verifyservercert: {value: true}, + alpnprotocol: {value: ""} }, credentials: { certdata: {type:"text"}, diff --git a/packages/node_modules/@node-red/nodes/core/network/05-tls.js b/packages/node_modules/@node-red/nodes/core/network/05-tls.js index 078bac2cc..639f03d17 100644 --- a/packages/node_modules/@node-red/nodes/core/network/05-tls.js +++ b/packages/node_modules/@node-red/nodes/core/network/05-tls.js @@ -106,6 +106,9 @@ module.exports = function(RED) { if (this.servername) { opts.servername = this.servername; } + if (this.alpnprotocol) { + opts.ALPNProtocols = [this.alpnprotocol]; + } opts.rejectUnauthorized = this.verifyservercert; } return opts; diff --git a/packages/node_modules/@node-red/nodes/locales/en-US/messages.json b/packages/node_modules/@node-red/nodes/locales/en-US/messages.json index f4766c634..0f2f69dc2 100755 --- a/packages/node_modules/@node-red/nodes/locales/en-US/messages.json +++ b/packages/node_modules/@node-red/nodes/locales/en-US/messages.json @@ -170,14 +170,16 @@ "passphrase": "Passphrase", "ca": "CA Certificate", "verify-server-cert":"Verify server certificate", - "servername": "Server Name" + "servername": "Server Name", + "alpnprotocol": "ALPN Protocol" }, "placeholder": { "cert":"path to certificate (PEM format)", "key":"path to private key (PEM format)", "ca":"path to CA certificate (PEM format)", "passphrase":"private key passphrase (optional)", - "servername":"for use with SNI" + "servername":"for use with SNI", + "alpnprotocol":"for use with ALPN" }, "error": { "missing-file": "No certificate/key file provided" From 0b52cd8b31e36b89cb5dd9c6b4455b4adc664924 Mon Sep 17 00:00:00 2001 From: Ben Hardill Date: Wed, 19 May 2021 10:41:24 +0100 Subject: [PATCH 2/2] Fixes from testing I set up a NGINX instance to test this and found I'd missed some bits. Still can't find a way to test this easily from a nodejs unit test --- packages/node_modules/@node-red/nodes/core/network/05-tls.html | 2 +- packages/node_modules/@node-red/nodes/core/network/05-tls.js | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/packages/node_modules/@node-red/nodes/core/network/05-tls.html b/packages/node_modules/@node-red/nodes/core/network/05-tls.html index 681486258..f970557ef 100644 --- a/packages/node_modules/@node-red/nodes/core/network/05-tls.html +++ b/packages/node_modules/@node-red/nodes/core/network/05-tls.html @@ -68,7 +68,7 @@
- +
diff --git a/packages/node_modules/@node-red/nodes/core/network/05-tls.js b/packages/node_modules/@node-red/nodes/core/network/05-tls.js index 639f03d17..888d749fd 100644 --- a/packages/node_modules/@node-red/nodes/core/network/05-tls.js +++ b/packages/node_modules/@node-red/nodes/core/network/05-tls.js @@ -26,6 +26,7 @@ module.exports = function(RED) { var keyPath = n.key.trim(); var caPath = n.ca.trim(); this.servername = (n.servername||"").trim(); + this.alpnprotocol = (n.alpnprotocol||"").trim(); if ((certPath.length > 0) || (keyPath.length > 0) || (caPath.length > 0)) {