Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

haraka-net-utils

Package Overview
Dependencies
Maintainers
4
Versions
40
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

haraka-net-utils - npm Package Compare versions

Comparing version 1.0.10 to 1.0.13

test/config/dhparams.pem
test/config/tls_cert.pem
test/config/tls_key.pem
test/config/tls/mail.theartfarm.com.pem

13

Changes.md
1.0.13 - 2018-01-19
- get_public_ip: assign timer before calling connect #29
- avoid race where timeout isn't cleared because stun connect errors immediately
- remove TLS functions that have been subsumed into Haraka/tls_socket: tls_ini_section_with_defaults, parse_x509_names, parse_x509_expire, parse_x509, load_tls_dir
- convert concatenated strings to template literals #28
- eslint updates #25, #27
- improved x509 parser #22
1.0.10 - 2017-07-27
- added vs-stun as optional dep (from Haraka)
- added vs-stun as optional dep (from Haraka) #21
1.0.9 - 2017-06-16
- lint fixes for compat with eslint 4
- lint fixes for compat with eslint 4 #18

@@ -10,0 +19,0 @@ 1.0.8 - 2017-03-08

241

index.js

@@ -6,3 +6,2 @@ 'use strict';

const net = require('net');
const path = require('path');

@@ -12,3 +11,2 @@ // npm modules

const ipaddr = require('ipaddr.js');
const openssl = require('openssl-wrapper').exec;
const sprintf = require('sprintf-js').sprintf;

@@ -21,6 +19,6 @@ const tlds = require('haraka-tld');

exports.long_to_ip = function (n) {
var d = n%256;
for (var i=3; i>0; i--) {
let d = n%256;
for (let i=3; i>0; i--) {
n = Math.floor(n/256);
d = n%256 + '.' + d;
d = `${n%256}.${d}`;
}

@@ -41,3 +39,3 @@ return d;

var d = ip.split('.');
const d = ip.split('.');
return ((((((+d[0])*256)+(+d[1]))*256)+(+d[2]))*256)+(+d[3]);

@@ -47,4 +45,4 @@ };

exports.octets_in_string = function (str, oct1, oct2) {
var oct1_idx;
var oct2_idx;
let oct1_idx;
let oct2_idx;

@@ -78,4 +76,4 @@ // test the largest of the two octets first

var host_part = (tlds.split_hostname(str,1))[0].toString();
var octets = ip.split('.');
const host_part = (tlds.split_hostname(str,1))[0].toString();
const octets = ip.split('.');

@@ -92,6 +90,6 @@ // See if the 3rd and 4th octets appear in the string

// Whole IP in hex
var host_part_copy = host_part;
var ip_hex = this.dec_to_hex(this.ip_to_long(ip));
let host_part_copy = host_part;
const ip_hex = this.dec_to_hex(this.ip_to_long(ip));
for (let i=0; i<4; i++) {
var part = host_part_copy.indexOf(ip_hex.substring(i*2, (i*2)+2));
const part = host_part_copy.indexOf(ip_hex.substring(i*2, (i*2)+2));
if (part === -1) break;

@@ -105,3 +103,3 @@ if (i === 3) return true;

var re_ipv4 = {
const re_ipv4 = {
loopback: /^127\./,

@@ -136,3 +134,3 @@ link_local: /^169\.254\./,

var re_ipv6 = {
const re_ipv6 = {
loopback: /^(0{1,4}:){7}0{0,3}1$/,

@@ -171,3 +169,3 @@ link_local: /^fe80::/i,

console.error('invalid IP address: ' + ip);
console.error(`invalid IP address: ${ip}`);
return false;

@@ -197,5 +195,5 @@ };

var first3 = ip.split('.').slice(0,3).join('.');
const first3 = ip.split('.').slice(0,3).join('.');
for (var i=0; i < ipList.length; i++) {
for (let i=0; i < ipList.length; i++) {
if (!net.isIPv4(ipList[i])) {

@@ -212,9 +210,7 @@ console.error('same_ipv4_network, IP in list is not IPv4!');

exports.get_public_ip = function (cb) {
var nu = this;
if (nu.public_ip !== undefined) {
return cb(null, nu.public_ip); // cache
}
const nu = this;
if (nu.public_ip !== undefined) return cb(null, nu.public_ip); // cache
// manual config override, for the cases where we can't figure it out
var smtpIni = exports.config.get('smtp.ini').main;
const smtpIni = exports.config.get('smtp.ini').main;
if (smtpIni.public_ip) {

@@ -234,40 +230,35 @@ nu.public_ip = smtpIni.public_ip;

e.install = 'Please install stun: "npm install -g vs-stun"';
console.error(e.msg + "\n" + e.install);
console.error(`${e.msg}\n${e.install}`);
return cb(e);
}
var timeout = 10;
var timer;
const timeout = 10;
const timer = setTimeout(() => {
return cb(new Error('STUN timeout'));
}, timeout * 1000);
var st_cb = function (error, socket) {
// Connect to STUN Server
nu.stun.connect({ host: get_stun_server(), port: 19302 }, (error, socket) => {
if (timer) clearTimeout(timer);
if (error) {
return cb(error);
}
if (error) return cb(error);
socket.close();
/* sample socket.stun response
*
* { local: { host: '127.0.0.30', port: 26163 },
* public: { host: '50.115.0.94', port: 57345, family: 'IPv4' },
* type: 'Full Cone NAT'
* }
*/
if (!socket.stun.public) {
return cb(new Error('invalid STUN result'));
}
*
* { local: { host: '127.0.0.30', port: 26163 },
* public: { host: '50.115.0.94', port: 57345, family: 'IPv4' },
* type: 'Full Cone NAT'
* }
*/
if (!socket.stun.public) return cb(new Error('invalid STUN result'));
nu.public_ip = socket.stun.public.host;
return cb(null, socket.stun.public.host);
};
cb(null, socket.stun.public.host);
})
}
// Connect to STUN Server
nu.stun.connect({ host: get_stun_server(), port: 19302 }, st_cb);
timer = setTimeout(function () {
return cb(new Error('STUN timeout'));
}, (timeout || 10) * 1000);
};
function get_stun_server () {
// STUN servers by Google
var servers = [
const servers = [
'stun.l.google.com',

@@ -289,6 +280,6 @@ 'stun1.l.google.com',

prefix +
'(' + // capture group
'(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))|(?:(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){6})(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:::(?:(?:(?:[0-9a-fA-F]{1,4})):){5})(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})))?::(?:(?:(?:[0-9a-fA-F]{1,4})):){4})(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,1}(?:(?:[0-9a-fA-F]{1,4})))?::(?:(?:(?:[0-9a-fA-F]{1,4})):){3})(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,2}(?:(?:[0-9a-fA-F]{1,4})))?::(?:(?:(?:[0-9a-fA-F]{1,4})):){2})(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,3}(?:(?:[0-9a-fA-F]{1,4})))?::(?:(?:[0-9a-fA-F]{1,4})):)(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,4}(?:(?:[0-9a-fA-F]{1,4})))?::)(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,5}(?:(?:[0-9a-fA-F]{1,4})))?::)(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,6}(?:(?:[0-9a-fA-F]{1,4})))?::))))' + // complex ipv4 + ipv6
')' + // end capture
suffix,
`(` + // capture group
`(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))|(?:(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){6})(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:::(?:(?:(?:[0-9a-fA-F]{1,4})):){5})(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})))?::(?:(?:(?:[0-9a-fA-F]{1,4})):){4})(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,1}(?:(?:[0-9a-fA-F]{1,4})))?::(?:(?:(?:[0-9a-fA-F]{1,4})):){3})(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,2}(?:(?:[0-9a-fA-F]{1,4})))?::(?:(?:(?:[0-9a-fA-F]{1,4})):){2})(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,3}(?:(?:[0-9a-fA-F]{1,4})))?::(?:(?:[0-9a-fA-F]{1,4})):)(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,4}(?:(?:[0-9a-fA-F]{1,4})))?::)(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9]))\\.){3}(?:(?:25[0-5]|(?:[1-9]|1[0-9]|2[0-4])?[0-9])))))))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,5}(?:(?:[0-9a-fA-F]{1,4})))?::)(?:(?:[0-9a-fA-F]{1,4})))|(?:(?:(?:(?:(?:(?:[0-9a-fA-F]{1,4})):){0,6}(?:(?:[0-9a-fA-F]{1,4})))?::))))` + // complex ipv4 + ipv6
`)` + // end capture
`${suffix}`,
modifier

@@ -299,4 +290,4 @@ );

exports.get_ips_by_host = function (hostname, done) {
var ips = [];
var errors = [];
const ips = [];
const errors = [];

@@ -339,3 +330,3 @@ async.parallel(

exports.ipv6_reverse = function (ipv6){
exports.ipv6_reverse = function (ipv6) {
ipv6 = ipaddr.parse(ipv6);

@@ -354,3 +345,3 @@ return ipv6.toNormalizedString()

exports.ipv6_bogus = function (ipv6){
var ipCheck = ipaddr.parse(ipv6);
const ipCheck = ipaddr.parse(ipv6);
if (ipCheck.range() !== 'unicast') { return true; }

@@ -363,7 +354,7 @@ return false;

for (var string in list) {
for (const string in list) {
if (string === ip) return true; // exact match
var cidr = string.split('/');
var c_net = cidr[0];
const cidr = string.split('/');
const c_net = cidr[0];

@@ -374,3 +365,3 @@ if (!net.isIP(c_net)) continue; // bad config entry

var c_mask = parseInt(cidr[1], 10) || (net.isIPv6(c_net) ? 128 : 32);
const c_mask = parseInt(cidr[1], 10) || (net.isIPv6(c_net) ? 128 : 32);

@@ -385,5 +376,7 @@ if (ipaddr.parse(ip).match(ipaddr.parse(c_net), c_mask)) {

// deprecated, moved to Haraka/tls_socket, but
// Haraka versions < 2.8.17 require this to be here.
exports.load_tls_ini = function (cb) {
exports.tlsCfg = exports.config.get('tls.ini', {
const cfg = exports.config.get('tls.ini', {
booleans: [

@@ -408,125 +401,7 @@ '-redis.disable_for_failed_hosts',

if (!exports.tlsCfg.no_tls_hosts) {
exports.tlsCfg.no_tls_hosts = {};
}
if (!cfg.no_tls_hosts) cfg.no_tls_hosts = {};
return exports.tlsCfg;
}
exports.tls_ini_section_with_defaults = function (section) {
if (!exports.tlsCfg) exports.load_tls_ini();
var inheritable_opts = [
'key', 'cert', 'ciphers', 'dhparam',
'requestCert', 'honorCipherOrder', 'rejectUnauthorized'
];
if (exports.tlsCfg[section] === undefined) exports.tlsCfg[section] = {};
var cfg = JSON.parse(JSON.stringify(exports.tlsCfg[section]));
for (let opt of inheritable_opts) {
if (cfg[opt] === undefined) {
// not declared in tls.ini[section]
if (exports.tlsCfg.main[opt] !== undefined) {
// use value from [main] section
cfg[opt] = exports.tlsCfg.main[opt];
}
}
}
exports.tlsCfg = cfg;
return cfg;
}
exports.parse_x509_names = function (string) {
// receives the text value of a x509 certificate and returns are array of
// of names extracted from the Subject CN and the v3 Subject Alternate Names
let names_found = [];
// console.log(string);
let match = /Subject:.*?CN=([^\/\s]+)/.exec(string);
if (match) {
// console.log(match[0]);
if (match[1]) {
// console.log(match[1]);
names_found.push(match[1]);
}
}
match = /X509v3 Subject Alternative Name:[^]*X509/.exec(string);
if (match) {
let dns_name;
let re = /DNS:([^,]+)[,\n]/g;
while ((dns_name = re.exec(match[0])) !== null) {
// console.log(dns_name);
if (names_found.indexOf(dns_name[1]) !== -1) continue; // ignore dupes
names_found.push(dns_name[1]);
}
}
return names_found;
}
exports.parse_x509_expire = function (file, string) {
let dateMatch = /Not After : (.*)/.exec(string);
if (!dateMatch) return;
// console.log(dateMatch[1]);
return new Date(dateMatch[1]);
}
exports.load_tls_dir = function (tlsDir, done) {
var plugin = this;
plugin.config.getDir(tlsDir, {}, (err, files) => {
if (err) return done(err);
async.map(files, (file, iter_done) => {
// console.log(file.path);
// console.log(file.data.toString());
let match = /^([^\-]*)?([\-]+BEGIN PRIVATE KEY[\-]+[^\-]+[\-]+END PRIVATE KEY[\-]+\n)([^]*)$/.exec(file.data.toString());
if (!match) {
// console.log(file.data.toString());
// console.error('no PEM in ' + file.path);
return iter_done('no PEM in ' + file.path);
}
if (match[1] && match[1].length) {
console.error('leading garbage');
console.error(match[1]);
}
if (!match[2] || !match[2].length) {
console.error('no PRIVATE key in ' + file.path);
// console.log(match[2]);
return iter_done('no PRIVATE key in ' + file.path);
}
if (!match[3] || !match[3].length) {
console.error('no CERT in ' + file.path);
return iter_done('no CERT in ' + file.path);
}
let cert = Buffer.from(match[3]);
// console.log(cert);
let x509args = { noout: true, text: true };
openssl('x509', cert, x509args, function (e, as_str) {
let expire = plugin.parse_x509_expire(file, as_str);
if (expire && expire < new Date()) {
console.error(file.path + ' expired on ' + expire);
return iter_done(new Error(file.path + ' expired on ' + expire));
}
iter_done(e, {
file: path.basename(file.path),
key: Buffer.from(match[2]),
cert: cert,
names: plugin.parse_x509_names(as_str),
expires: expire,
})
})
},
done);
})
}

8

package.json
{
"name": "haraka-net-utils",
"version": "1.0.10",
"version": "1.0.13",
"description": "haraka network utilities",

@@ -22,3 +22,3 @@ "main": "index.js",

],
"author": "matt simerson <matt@tnpi.net>",
"author": "Matt Simerson <matt@tnpi.net>",
"license": "MIT",

@@ -35,3 +35,3 @@ "bugs": {

"dependencies": {
"async": "^2.0.1",
"async": "^2.3.0",
"haraka-config": ">=1.0.11",

@@ -44,4 +44,4 @@ "haraka-tld": "*",

"optionalDependencies": {
"vs-stun" : "~0.0.7"
"vs-stun" : "~0.0.7"
}
}

221

test/net_utils.js
var net = require('net');
var path = require('path');
const net = require('net');
const path = require('path');
require('haraka-config').watch_files = false;
var net_utils = require('../index');
const net_utils = require('../index');

@@ -14,2 +14,9 @@ function _check (test, ip, host, res) {

function setUp (done) {
this.net_utils = require('../index');
this.net_utils.config =
this.net_utils.config.module_config(path.resolve('test'));
done();
}
exports.long_to_ip = {

@@ -129,10 +136,7 @@ '185999660': function (test) {

exports.get_public_ip = {
setUp: function (callback) {
this.net_utils = require('../index');
callback();
},
setUp: setUp,
'cached': function (test) {
test.expect(2);
this.net_utils.public_ip='1.1.1.1';
var cb = function (err, ip) {
const cb = function (err, ip) {
test.equal(null, err);

@@ -146,5 +150,5 @@ test.equal('1.1.1.1', ip);

this.net_utils.public_ip=undefined;
var cb = function (err, ip) {
// console.log('ip: ' + ip);
// console.log('err: ' + err);
const cb = function (err, ip) {
// console.log(`ip: ${ip}`);
// console.log(`err: ${err}`);
if (has_stun()) {

@@ -156,3 +160,3 @@ if (err) {

else {
console.log("stun success: " + ip);
console.log(`stun success: ${ip}`);
test.expect(2);

@@ -185,3 +189,3 @@ test.equal(null, err);

'c-24-18-98-14.hsd1.wa.comcast.net': function (test) {
var str = 'c-24-18-98-14.hsd1.wa.comcast.net';
const str = 'c-24-18-98-14.hsd1.wa.comcast.net';
test.expect(3);

@@ -194,3 +198,3 @@ test.equal(net_utils.octets_in_string(str, 98, 14), true );

'149.213.210.203.in-addr.arpa': function (test) {
var str = '149.213.210.203.in-addr.arpa';
const str = '149.213.210.203.in-addr.arpa';
test.expect(3);

@@ -314,3 +318,3 @@ test.equal(net_utils.octets_in_string(str, 149, 213), true );

var ip_fixtures = [
const ip_fixtures = [
[false , " 2001:0000:1234:0000:0000:C1C0:ABCD:0876 "],

@@ -808,3 +812,2 @@ [false , " 2001:0000:1234:0000:0000:C1C0:ABCD:0876 0"],

exports.get_ipany_re = {
/* jshint maxlen: false */
'IPv6, Prefix': function (test) {

@@ -821,6 +824,6 @@ /* for x-*-ip headers */

test.expect(ip_fixtures.length);
for (var i in ip_fixtures) {
var match = net_utils.get_ipany_re('^','$').test(ip_fixtures[i][1]);
// console.log('IP:', "'"+ip_fixtures[i][1]+"'" , 'Expected:', ip_fixtures[i][0] , 'Match:' , match);
test.ok((match===ip_fixtures[i][0]), ip_fixtures[i][1] + ' - Expected: ' + ip_fixtures[i][0] + ' - Match: ' + match);
for (const i in ip_fixtures) {
const match = net_utils.get_ipany_re('^','$').test(ip_fixtures[i][1]);
// console.log('IP:', `'${ip_fixtures[i][1]}'` , 'Expected:', ip_fixtures[i][0] , 'Match:' , match);
test.ok((match===ip_fixtures[i][0]), `${ip_fixtures[i][1]} - Expected: ${ip_fixtures[i][0]} - Match: ${match}`);
}

@@ -832,3 +835,3 @@ test.done();

test.expect(2);
var match = net_utils.get_ipany_re().exec('127.0.0.1');
const match = net_utils.get_ipany_re().exec('127.0.0.1');
test.equal(match[1], '127.0.0.1');

@@ -840,4 +843,4 @@ test.equal(match.length, 2);

test.expect(2);
var received_re = net_utils.get_ipany_re('^Received:.*?[\\[\\(]', '[\\]\\)]');
var match = received_re.exec('Received: from unknown (HELO mail.theartfarm.com) (127.0.0.30) by mail.theartfarm.com with SMTP; 5 Sep 2015 14:29:00 -0000');
const received_re = net_utils.get_ipany_re('^Received:.*?[\\[\\(]', '[\\]\\)]');
const match = received_re.exec('Received: from unknown (HELO mail.theartfarm.com) (127.0.0.30) by mail.theartfarm.com with SMTP; 5 Sep 2015 14:29:00 -0000');
test.equal(match[1], '127.0.0.30');

@@ -849,5 +852,5 @@ test.equal(match.length, 2);

test.expect(2);
var received_header = 'Received: from mta2.expediamail.com (mta2.expediamail.com [66.231.89.19]) by mail.theartfarm.com (Haraka/2.6.2-toaster) with ESMTPS id C669CF18-1C1C-484C-8A5B-A89088B048CB.1 envelope-from <bounce-857_HTML-202764435-1098240-260085-60@bounce.global.expediamail.com> (version=TLSv1/SSLv3 cipher=AES256-SHA verify=NO); Sat, 05 Sep 2015 07:28:57 -0700';
var received_re = net_utils.get_ipany_re('^Received:.*?[\\[\\(]', '[\\]\\)]');
var match = received_re.exec(received_header);
const received_header = 'Received: from mta2.expediamail.com (mta2.expediamail.com [66.231.89.19]) by mail.theartfarm.com (Haraka/2.6.2-toaster) with ESMTPS id C669CF18-1C1C-484C-8A5B-A89088B048CB.1 envelope-from <bounce-857_HTML-202764435-1098240-260085-60@bounce.global.expediamail.com> (version=TLSv1/SSLv3 cipher=AES256-SHA verify=NO); Sat, 05 Sep 2015 07:28:57 -0700';
const received_re = net_utils.get_ipany_re('^Received:.*?[\\[\\(]', '[\\]\\)]');
const match = received_re.exec(received_header);
test.equal(match[1], '66.231.89.19');

@@ -859,4 +862,4 @@ test.equal(match.length, 2);

test.expect(2);
var received_re = net_utils.get_ipany_re('^Received:.*?[\\[\\(]', '[\\]\\)]');
var match = received_re.exec('Received: from github-smtp2a-ext-cp1-prd.iad.github.net (github-smtp2-ext5.iad.github.net [192.30.252.196])');
const received_re = net_utils.get_ipany_re('^Received:.*?[\\[\\(]', '[\\]\\)]');
const match = received_re.exec('Received: from github-smtp2a-ext-cp1-prd.iad.github.net (github-smtp2-ext5.iad.github.net [192.30.252.196])');
test.equal(match[1], '192.30.252.196');

@@ -868,5 +871,5 @@ test.equal(match.length, 2);

test.expect(2);
var received_header = 'Received: from ?IPv6:2601:184:c001:5cf7:a53f:baf7:aaf3:bce7? ([2601:184:c001:5cf7:a53f:baf7:aaf3:bce7])';
var received_re = net_utils.get_ipany_re('^Received:.*?[\\[\\(]', '[\\]\\)]');
var match = received_re.exec(received_header);
const received_header = 'Received: from ?IPv6:2601:184:c001:5cf7:a53f:baf7:aaf3:bce7? ([2601:184:c001:5cf7:a53f:baf7:aaf3:bce7])';
const received_re = net_utils.get_ipany_re('^Received:.*?[\\[\\(]', '[\\]\\)]');
const match = received_re.exec(received_header);
test.equal(match[1], '2601:184:c001:5cf7:a53f:baf7:aaf3:bce7');

@@ -878,4 +881,4 @@ test.equal(match.length, 2);

test.expect(2);
var received_re = net_utils.get_ipany_re('^Received:.*?[\\[\\(](?:IPv6:)?', '[\\]\\)]');
var match = received_re.exec('Received: from hub.freebsd.org (hub.freebsd.org [IPv6:2001:1900:2254:206c::16:88])');
const received_re = net_utils.get_ipany_re('^Received:.*?[\\[\\(](?:IPv6:)?', '[\\]\\)]');
const match = received_re.exec('Received: from hub.freebsd.org (hub.freebsd.org [IPv6:2001:1900:2254:206c::16:88])');
test.equal(match[1], '2001:1900:2254:206c::16:88');

@@ -888,4 +891,4 @@ test.equal(match.length, 2);

/* note the use of [\s\S], '.' doesn't match newlines in JS regexp */
var received_re = net_utils.get_ipany_re('^Received:[\\s\\S]*?[\\[\\(](?:IPv6:)?', '[\\]\\)]');
var match = received_re.exec('Received: from freefall.freebsd.org (freefall.freebsd.org\r\n [IPv6:2001:1900:2254:206c::16:87])');
const received_re = net_utils.get_ipany_re('^Received:[\\s\\S]*?[\\[\\(](?:IPv6:)?', '[\\]\\)]');
const match = received_re.exec('Received: from freefall.freebsd.org (freefall.freebsd.org\r\n [IPv6:2001:1900:2254:206c::16:87])');
if (match) {

@@ -899,4 +902,4 @@ test.equal(match[1], '2001:1900:2254:206c::16:87');

test.expect(2);
var received_re = net_utils.get_ipany_re('^Received:.*?[\\[\\(](?:IPv6:)?', '[\\]\\)]');
var match = received_re.exec('Received: from ietfa.amsl.com (localhost [IPv6:::1])');
const received_re = net_utils.get_ipany_re('^Received:.*?[\\[\\(](?:IPv6:)?', '[\\]\\)]');
const match = received_re.exec('Received: from ietfa.amsl.com (localhost [IPv6:::1])');
test.equal(match[1], '::1');

@@ -973,145 +976,1 @@ test.equal(match.length, 2);

};
exports.load_tls_ini = {
setUp : function (done) {
this.net_utils = require('../index');
done();
},
'loads missing tls.ini default config': function (test) {
test.expect(1);
this.net_utils.config = this.net_utils.config.module_config(path.resolve('non-exist'));
test.deepEqual(net_utils.load_tls_ini(),
{ main:
{ requestCert: true,
rejectUnauthorized: false,
honorCipherOrder: false,
enableOCSPStapling: false,
enableSNI: false,
},
redis: { disable_for_failed_hosts: false },
no_tls_hosts: {}
});
test.done();
},
'loads tls.ini from test dir': function (test) {
test.expect(1);
this.net_utils.config = this.net_utils.config.module_config(path.resolve('test'));
test.deepEqual(net_utils.load_tls_ini(),
{ main:
{ requestCert: true,
rejectUnauthorized: true,
honorCipherOrder: true,
enableOCSPStapling: true,
enableSNI: true,
key: 'tls_key.pem',
cert: 'tls_cert.pem',
dhparam: 'dhparams.pem',
ciphers: 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384',
},
redis: { disable_for_failed_hosts: false },
no_tls_hosts: {},
outbound: {
ciphers: 'ECDHE-RSA-AES256-GCM-SHA384',
rejectUnauthorized: false,
requestCert: false,
honorCipherOrder: false,
enableOCSPStapling: false,
enableSNI: false,
}
});
test.done();
},
}
exports.tls_ini_section_with_defaults = {
setUp : function (done) {
this.net_utils = require('../index');
done();
},
'gets tls.ini outbound with main defaults': function (test) {
test.expect(1);
this.net_utils.config = this.net_utils.config.module_config(path.resolve('test'));
test.deepEqual(
net_utils.tls_ini_section_with_defaults('outbound'),
{
ciphers: 'ECDHE-RSA-AES256-GCM-SHA384',
rejectUnauthorized: false,
requestCert: false,
honorCipherOrder: false,
enableOCSPStapling: false,
enableSNI: false,
// inherited from [main]
key: 'tls_key.pem',
cert: 'tls_cert.pem',
dhparam: 'dhparams.pem'
});
test.done();
},
}
exports.parse_x509_names = {
setUp : function (done) {
this.net_utils = require('../index');
done();
},
'extracts nictool.com from x509 Subject CN': function (test) {
test.expect(1);
var r = this.net_utils.parse_x509_names(' Validity\n Not Before: Jan 15 22:47:00 2017 GMT\n Not After : Apr 15 22:47:00 2017 GMT\n Subject: CN=nictool.com\n Subject Public Key Info:\n');
test.deepEqual(r, ['nictool.com']);
test.done();
},
'extracts haraka.local from x509 Subject CN': function (test) {
test.expect(1);
var r = this.net_utils.parse_x509_names(' Validity\n Not Before: Mar 4 23:28:49 2017 GMT\n Not After : Mar 3 23:28:49 2023 GMT\n Subject: C=US, ST=Washington, L=Seattle, O=Haraka, CN=haraka.local/emailAddress=matt@haraka.local\n Subject Public Key Info:\n Public Key Algorithm: rsaEncryption\n');
test.deepEqual(r, ['haraka.local']);
test.done();
},
'extracts host names from X509v3 Subject Alternative Name': function (test) {
test.expect(1);
var r = this.net_utils.parse_x509_names(' CA Issuers - URI:http://cert.int-x3.letsencrypt.org/\n\n X509v3 Subject Alternative Name: \n DNS:nictool.com, DNS:nictool.org, DNS:www.nictool.com, DNS:www.nictool.org\n X509v3 Certificate Policies: \n Policy: 2.23.140.1.2.1\n');
test.deepEqual(r, ['nictool.com', 'nictool.org', 'www.nictool.com', 'www.nictool.org']);
test.done();
},
'extracts host names from both': function (test) {
test.expect(2);
var r = this.net_utils.parse_x509_names(' Validity\n Not Before: Jan 15 22:47:00 2017 GMT\n Not After : Apr 15 22:47:00 2017 GMT\n Subject: CN=nictool.com\n Subject Public Key Info:\n CA Issuers - URI:http://cert.int-x3.letsencrypt.org/\n\n X509v3 Subject Alternative Name: \n DNS:nictool.com, DNS:nictool.org, DNS:www.nictool.com, DNS:www.nictool.org\n X509v3 Certificate Policies: \n Policy: 2.23.140.1.2.1\n');
test.deepEqual(r, ['nictool.com', 'nictool.org', 'www.nictool.com', 'www.nictool.org']);
r = this.net_utils.parse_x509_names(' Validity\n Not Before: Jan 15 22:47:00 2017 GMT\n Not After : Apr 15 22:47:00 2017 GMT\n Subject: CN=foo.nictool.com\n Subject Public Key Info:\n CA Issuers - URI:http://cert.int-x3.letsencrypt.org/\n\n X509v3 Subject Alternative Name: \n DNS:nictool.com, DNS:nictool.org, DNS:www.nictool.com, DNS:www.nictool.org\n X509v3 Certificate Policies: \n Policy: 2.23.140.1.2.1\n');
test.deepEqual(r, ['foo.nictool.com', 'nictool.com', 'nictool.org', 'www.nictool.com', 'www.nictool.org']);
test.done();
},
'extracts expiration date': function (test) {
test.expect(1);
var r = this.net_utils.parse_x509_expire('foo', 'Validity\n Not Before: Mar 4 23:28:49 2017 GMT\n Not After : Mar 3 23:28:49 2023 GMT\n Subject');
test.deepEqual(r, new Date('2023-03-03T23:28:49.000Z'));
test.done();
},
}
exports.load_tls_dir = {
setUp : function (done) {
this.net_utils = require('../index');
this.net_utils.config =
this.net_utils.config.module_config(path.resolve('test'));
done();
},
'loads tls files from config/tls': function (test) {
test.expect(5);
this.net_utils.load_tls_dir('tls', function (err, res) {
test.equal(err, null);
// console.log(res);
// console.log(res[0]);
if (res && res[0]) {
test.equal(res[0].file, 'haraka.local.pem');
test.ok(res[0].key.length);
test.ok(res[0].names.length);
// console.log(res[0].key);
test.ok(res[0].cert.length);
}
test.done();
})
},
}
run_tests

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc