UNPKG

blynk-tools

Version:

Tools for working with Blynk IoT Platform

github.com/vshymanskyy/blynk-tools

vshymanskyy/blynk-tools

119 lines (92 loc) 3.67 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
/** * Copyright 2017 Volodymyr Shymanskyy **/ 'use strict'; const tls = require('tls') const path = require('path') const fs = require('fs') const debug = require('debug')('SSL') const chalk = require('chalk') const certs_path = path.join(__dirname, "../../certs"); function SslClient (opts) { opts.host = opts.hostname || opts.host || 'localhost' opts.port = opts.port || 8443 opts.family = opts.family || 4 //opts.secureOnly = true opts.rejectUnauthorized = false opts.secureProtocol = opts.secureProtocol || "TLSv1_2_method" opts.ciphers = opts.ciphers || "HIGH:!aNULL:!kRSA:!MD5:!RC4:!PSK:!SRP:!DSS:!DSA" // Necessary only if using the client certificate authentication //opts.cert = opts.cert || try_load(certs_path, 'client.crt') //opts.key = opts.key || try_load(certs_path, 'client.pem') //opts.passphrase = opts.passphrase || opts.pass // Necessary only if the server uses the self-signed certificate //opts.ca = opts.ca || [ try_load(certs_path, 'blynk-cloud.com.crt') ] //ca.map((i) => fs.readFileSync(i)) var client = tls.connect(opts) client.on('error', (e) => { debug(e) }) client.on('secureConnect', (e) => { if (e) { debug(e); return } client.syn_endpoint = "ssl:" + client.remoteAddress + ":" + client.remotePort client.syn_direction = "out" if (client.authorized) { debug(client.syn_endpoint, chalk.green('[authorized]')) } else if (!client.authorized && client.authorizationError === null) { debug(client.syn_endpoint, '[no authorization]') } else { debug(client.syn_endpoint, chalk.bgRed.bold('[unauthorized: ' + client.authorizationError + ']')) } if (opts.secureOnly && !client.authorized) { client.removeAllListeners() client.destroy() return } client.setNoDelay(true) client.emit('started', client) }) return client } function SslServer (opts) { var host = opts.hostname || opts.host || '0.0.0.0' var port = opts.port || 8443 opts.family = opts.family || 6 //opts.secureOnly = true //opts.requestCert = true opts.rejectUnauthorized = false opts.secureProtocol = opts.secureProtocol || "TLSv1_2_method" opts.ciphers = opts.ciphers || "HIGH:!aNULL:!kRSA:!MD5:!RC4:!PSK:!SRP:!DSS:!DSA" opts.cert = opts.cert || try_load(certs_path, 'server.crt') opts.key = opts.key || try_load(certs_path, 'server.pem') opts.passphrase = opts.passphrase || opts.pass // Necessary only if using the client certificate authentication //opts.ca = opts.ca || [ try_load(certs_path, 'client.crt') ] //ca.map((i) => fs.readFileSync(i)) /*opts.SNICallback = (servername, cb) => { debug("SNI", servername); cb(); }*/ var server = tls.createServer(opts) server.listen(port, host, () => { debug("server listening on", server.address()); }) server.on("secureConnection", (client) => { client.on('error', (e) => { debug(e) }) client.syn_endpoint = "tcp:" + client.remoteAddress + ":" + client.remotePort client.syn_direction = "in" if (client.authorized) { debug(client.syn_endpoint, chalk.green('[authorized]')) } else if (!client.authorized && client.authorizationError === null) { debug(client.syn_endpoint, '[no authorization]') } else { debug(client.syn_endpoint, chalk.bgRed.bold('[unauthorized: ' + client.authorizationError + ']')) } if (opts.secureOnly && !client.authorized) { client.removeAllListeners() client.destroy() return } client.setNoDelay(true) server.emit('started', client) }) server.on('error', (e) => {}) return server } module.exports = { SslClient, SslServer }