Merge pull request #148 from telefonicaid/target_cert

New header for self-signed certificate. Close #147

Author: xval

.gitignore

@@ -8,3 +8,4 @@ report
 *.key
 *.key.org
 *.rdb
+test/acceptance/config.js

lib/eventWorker.js

@@ -252,9 +252,15 @@ function doJob(task, callback) {
 
     if (options.protocol === 'https:') {
       httpModule = https;
-      options.rejectUnauthorized = !config.trustAllServers;
-      if(!config.trustAllServers){
-        options.ca = cas;
+      //This header takes precedence over config
+      if (task.headers[MG.HEAD_RELAYER_SERVER_CERT]) {
+        options.ca = new Buffer(task.headers[MG.HEAD_RELAYER_SERVER_CERT], 'base64');
+        options.rejectUnathorized = true;
+      } else {
+        options.rejectUnauthorized = !config.trustAllServers;
+        if (!config.trustAllServers) {
+          options.ca = cas;
+        }
       }
     } else { // assume plain http
       httpModule = http;

lib/myGlobals.js

@@ -32,6 +32,7 @@ exports.C = {
   'HEAD_RELAYER_ENCODING':'x-relayer-encoding',
   'HEAD_RELAYER_PROXY':'x-relayer-proxy',
   'HEAD_RELAYER_PROTOCOL':'x-relayer-protocol', //http, https
+  'HEAD_RELAYER_SERVER_CERT':'x-relayer-server-cert', //target certificate
   'ACEPTS_ENCODINGS':['base64'],
   'PARAM_DBHOST':'dbhost',
   'PARAM_DBPORT':'dbport',

test/e2e/advancedServer.js

@@ -6,10 +6,14 @@ var fs = require('fs');
 var config = require('./config.js');
 
 var options = {
-	key: fs.readFileSync(path.resolve(__dirname, '../../utils/server.key')),
-	cert: fs.readFileSync(path.resolve(__dirname, '../../utils/server.crt'))
+	key: fs.readFileSync(path.resolve(__dirname, './serverCert.key')),
+	cert: fs.readFileSync(path.resolve(__dirname, './serverCert.crt')),
+	//rejectUnauthorized: false
 };
 
+// Verbose MODE
+var vm = false;
+
 var serverListener = function(portProtocol, responseParameters, connectedCallback, dataCallback) {
 
 
@@ -19,8 +23,8 @@ var serverListener = function(portProtocol, responseParameters, connectedCallbac
   if(protocol === 'http'){
     srv = http.createServer(requestHandler);
   } else {
-    srv = https.createServer(options, requestHandler);
-  }
+          srv = https.createServer(options, requestHandler);
+         }
 
   srv.listen(portProtocol.port, connectedCallback);
 
@@ -39,6 +43,8 @@ var serverListener = function(portProtocol, responseParameters, connectedCallbac
       response.statusCode = responseParameters.statusCode || 200;
       response.headers = responseParameters.headers || {};
 
+	  if(vm){console.log(response);}
+
     req.on('data', function(chunk) {
       content += chunk;
     });

test/e2e/protocolTest.js

@@ -31,7 +31,7 @@ process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0"; //Accept self signed certs
 
 function _validScenario(data){
 
-	it(data.name, function(done){
+	it(data.name +  ' #FPT', function(done){
 		var agent = superagent.agent();
 		var id;
 

test/e2e/serverCert.crt

@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICKTCCAZICCQD5MEvACMuM0DANBgkqhkiG9w0BAQUFADBZMQswCQYDVQQGEwJB
+VTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0
+cyBQdHkgTHRkMRIwEAYDVQQDDAlsb2NhbGhvc3QwHhcNMTMwODIwMTEwNzQzWhcN
+MTQwODIwMTEwNzQzWjBZMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0
+ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRIwEAYDVQQDDAls
+b2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM40GEaTD/BDqfmv
+OEGZaoRe2ayc69QISXVBtfMSpiz1gMCgkmQwbiZ8/e6X6IilmdhpnJza5E/Gk3lj
+fmaGfxGcKlPre1sII3S0L2G8TjH2gcMcLmrriA8yFx9rSkDughBI6Bh2ELs7TCSH
+aYAhDVCM4DRFttS/1pLJlkBOnxejAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAkqeG
+qbw+V1CK363k7sFaRX3PJlgeg9NbIE10HJsmTqB8juqii91PQFDEZtc9jvTtLUSs
+jGvrwHSBSbGfS6tMv2PtsgG88eosDTKo0d3jZvADUYUgd2OAZif4bBKv1L8kUTOM
+X7QqPQBfe2do8XGNCuzFZFkdlxWuUoNWzcmy0hE=
+-----END CERTIFICATE-----

test/e2e/serverCert.key

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDONBhGkw/wQ6n5rzhBmWqEXtmsnOvUCEl1QbXzEqYs9YDAoJJk
+MG4mfP3ul+iIpZnYaZyc2uRPxpN5Y35mhn8RnCpT63tbCCN0tC9hvE4x9oHDHC5q
+64gPMhcfa0pA7oIQSOgYdhC7O0wkh2mAIQ1QjOA0RbbUv9aSyZZATp8XowIDAQAB
+AoGBAKvQTnXnrb0ltCh+rmJCgbWADuG78ug+a27PbNr3rA0EFt7qLHBcxjs9pJw8
+aR4K1hCzlzI/VUN/k3vuwfCNmqvDtq+OFhx5B3oyegBUTxMojvWNPMH3I3X+eToA
+dxW4cssI9yCr8vtJc6Qjk3im17HUYgC0qaVkZmiX9AOY9PYZAkEA6xf+S+ud7Eg/
+Hn4O8+9VtSnn99tFiipiWxIxxpvXydd/rNFiqV+VDYmz8Ae1TqxOmvymIK415L8F
+zFDioWLrDwJBAOCKZ0P1a3TdHJHOK3jU0GVuYuDrLHNM5WH5/SXpV962q/0w/2pi
+pZCfD6HXxUA8p0JNvmQRRQv4cN+aJ+7f2i0CQAmI5ZVqrvMAUx8Hec/G6zD3zCKv
+T/i0k1yiNkaZ13ymMtVtgJTh/YeZCCU6Cs5wCpgamxpENodaf/+zYB2vh10CQGpJ
+WWRT0Y+58oIaI33IzvSUcf2hlKLnbVUZbnj5oXxs37Cz9tM26sQwZsfnSRmFHG9I
+Oa1Id3SZH2TYpbpu/+kCQQC7qw6xYO0Kg6VK7a02h5zVQ+SeCHv3GU6B3zRr2TSf
+cpkOLE7XdHp4apf2sZse9N5ilLElos2iTv5wrzf6tBUy
+-----END RSA PRIVATE KEY-----