Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Demonstrate existing SNI support #40

Closed
wants to merge 1 commit into from

2 participants

@donpdonp

It turns out bouncy supports SSL SNI with no code modifications!

Not only that, but the same .js file can start a listen on 80, and a listener on 443.

Updated the docs and added an example to do this.

Closes issue #39

@substack
Owner

Merged by hand. Thanks for the docs and example!

@substack substack closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Dec 13, 2012
  1. @donpdonp
This page is out of date. Refresh to see the latest.
Showing with 52 additions and 21 deletions.
  1. +19 −21 README.markdown
  2. +33 −0 example/http-https-sni.js
View
40 README.markdown
@@ -35,7 +35,7 @@ bouncy(function (req, bounce) {
````
command-line
-============
+------------
Just create a `routes.json` file like this:
@@ -56,25 +56,27 @@ Use a colon-separated string to specify a host and port in a route.
Use `""` for the host as a default route.
-bouncy(opts={}, cb)
-===================
+methods
+=======
+
+### bouncy(opts={}, cb)
`bouncy(cb)` returns a new net.Server object that you can `.listen()` on.
If you specify `opts.key` and `opts.cert`, the connection will be set to secure
-mode using tls. Do this if you want to make an https router.
+mode using tls. Do this if you want to make an https router. If you are using more
+than one SSL cert, add `opts.SNICallback`. See the example http-https-sni.js and the
+[nodejs tls page](http://nodejs.org/api/tls.html#tls_tls_createserver_options_secureconnectionlistener) for details.
-Your callback `cb` will get these arguments:
+Your callback `cb` will get the arguments req and bounce.
-req
----
+#### req
The node http module request object.
To catch parse errors, listen for the "error" event.
-bounce(stream, opts={})
------------------------
+#### bounce(stream, opts={})
Call this function when you're ready to bounce the request to a stream.
@@ -100,8 +102,9 @@ don't pass in an `opts.emitter`, the connection will be `.destroy()`ed.
`bounce()` returns the stream object that it's using. This is useful if you pass
in a port so you can `.on('error', fn)` to detect connection errors.
-bounce(port, ...), bounce(host, port, ...), bounce(url)
--------------------------------------------------------
+#### bounce(port, ...)
+#### bounce(host, port, ...)
+#### bounce(url)
These variants of `bounce()` are sugar for
`bounce(net.createConnection(port))`
@@ -113,33 +116,28 @@ Optionally you can pass port and host keys to `opts` and it does the same thing.
Passing `bounce()` a string that looks like a url (with or without `"http://"`)
will set the opts.host, opts.port, and opts.path accordingly.
-bounce.respond()
-----------------
+#### bounce.respond()
Return a new HTTP response object for the request.
This is useful if you need to write an error result.
-bounce.upgrade()
-----------------
+#### bounce.upgrade()
Manually upgrade the connection using
[parsley](https://github.com/substack/node-parsley).
-bounce.reset()
---------------
+#### bounce.reset()
Discard all buffered data. This is sometimes useful for upgraded connections.
attributes
==========
-bounce.parser
--------------
+####bounce.parser
The [parsley](https://github.com/substack/node-parsley) parser being used.
-bounce.stream
--------------
+#### bounce.stream
The [buffered stream](https://github.com/mikeal/morestreams) used to buffer the
headers and body until bounce() is called.
View
33 example/http-https-sni.js
@@ -0,0 +1,33 @@
+var fs = require('fs');
+var crypto = require('crypto');
+var bouncy = require('bouncy');
+
+bouncy(function (req, bounce) {
+ if (req.headers.host === 'beep.example.com') {
+ bounce(8001);
+ }
+ else if (req.headers.host === 'boop.example.com') {
+ bounce(8002);
+ }
+}).listen(8000);
+
+// Listen to an SSL port at the same time.
+// Use SNI to serve different certificates
+// based on the hostname (vhost).
+
+var ssl = {
+ key : fs.readFileSync('/etc/ssl/private/default.key'),
+ cert : fs.readFileSync('/etc/ssl/private/default.crt'),
+ SNICallback: sni_select
+};
+
+bouncy(ssl, function (req, bounce) {
+ bounce(8000)
+}).listen(8043)
+
+function sni_select(hostname) {
+ var creds = {key: fs.readFileSync('/etc/ssl/private/'+hostname+'/private.key'),
+ cert: fs.readFileSync('/etc/ssl/private/'+hostname+'/server.crt')}
+ return crypto.createCredentials(creds).context
+}
+
Something went wrong with that request. Please try again.