update

2025-05-29 11:30:42 +00:00
parent f1c012ec30
commit b0beeae19e
18 changed files with 420 additions and 426 deletions
--- a/test/test.connection-forwarding.ts
+++ b/test/test.connection-forwarding.ts
@@ -194,9 +194,12 @@ tap.test('should handle SNI-based forwarding', async () => {
        },
        action: {
          type: 'forward',
+          tls: {
+            mode: 'passthrough',
+          },
          target: {
            host: '127.0.0.1',
-            port: 7001,
+            port: 7002,
          },
        },
      },
@@ -234,36 +237,20 @@ tap.test('should handle SNI-based forwarding', async () => {
    clientA.write('Hello from domain A');
  });

-  // Test domain B (non-TLS forward)
-  const clientB = await new Promise<net.Socket>((resolve, reject) => {
-    const socket = net.connect(8443, '127.0.0.1', () => {
-      // Send TLS ClientHello with SNI for b.example.com
-      const clientHello = Buffer.from([
-        0x16, 0x03, 0x01, 0x00, 0x4e, // TLS Record header
-        0x01, 0x00, 0x00, 0x4a, // Handshake header
-        0x03, 0x03, // TLS version
-        // Random bytes
-        ...Array(32).fill(0),
-        0x00, // Session ID length
-        0x00, 0x02, // Cipher suites length
-        0x00, 0x35, // Cipher suite
-        0x01, 0x00, // Compression methods
-        0x00, 0x1f, // Extensions length
-        0x00, 0x00, // SNI extension
-        0x00, 0x1b, // Extension length
-        0x00, 0x19, // SNI list length
-        0x00, // SNI type (hostname)
-        0x00, 0x16, // SNI length
-        // "b.example.com" in ASCII
-        0x62, 0x2e, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x2e, 0x63, 0x6f, 0x6d,
-      ]);
-      
-      socket.write(clientHello);
-      
-      setTimeout(() => {
+  // Test domain B should also use TLS since it's on port 8443
+  const clientB = await new Promise<tls.TLSSocket>((resolve, reject) => {
+    const socket = tls.connect(
+      {
+        port: 8443,
+        host: '127.0.0.1',
+        servername: 'b.example.com',
+        rejectUnauthorized: false,
+      },
+      () => {
+        console.log('Connected to domain B');
        resolve(socket);
-      }, 100);
-    });
+      }
+    );
    socket.on('error', reject);
  });

@@ -271,16 +258,13 @@ tap.test('should handle SNI-based forwarding', async () => {
    clientB.on('data', (data) => {
      const response = data.toString();
      console.log('Domain B response:', response);
-      // Should be forwarded to TCP server
-      expect(response).toContain('Connected to TCP test server');
+      // Should be forwarded to TLS server
+      expect(response).toContain('Connected to TLS test server');
      clientB.end();
      resolve();
    });

-    // Send regular data after initial handshake
-    setTimeout(() => {
-      clientB.write('Hello from domain B');
-    }, 200);
+    clientB.write('Hello from domain B');
  });

  await smartProxy.stop();