Implement basic STS reconnection

2020-02-19 12:18:47 +02:00 · 2020-02-19 12:18:47 +02:00 · 9b9db35e3c
commit 9b9db35e3c
parent 77279675ec
2 changed files with 66 additions and 0 deletions
--- a/src/client.js
+++ b/src/client.js
@ -22,6 +22,7 @@ module.exports = Client;

 const events = [
 	"away",
+	"cap",
 	"connection",
 	"unhandled",
 	"ctcp",
--- a/src/plugins/irc-events/cap.js
+++ b/src/plugins/irc-events/cap.js
@ -0,0 +1,65 @@
+"use strict";
+
+const Msg = require("../../models/msg");
+
+module.exports = function(irc, network) {
+	const client = this;
+
+	irc.on("cap ls", (data) => {
+		handleSTS(data);
+	});
+
+	irc.on("cap new", (data) => {
+		handleSTS(data);
+	});
+
+	function handleSTS(data) {
+		if (!Object.prototype.hasOwnProperty.call(data.capabilities, "sts")) {
+			return;
+		}
+
+		const isSecure = irc.connection.transport.socket.encrypted;
+		const values = {};
+
+		data.capabilities.sts.split(",").map((value) => {
+			value = value.split("=", 2);
+			values[value[0]] = value[1];
+		});
+
+		if (isSecure) {
+			// TODO: store and update duration
+		} else {
+			const port = parseInt(values.port, 10);
+
+			if (isNaN(port)) {
+				return;
+			}
+
+			network.channels[0].pushMessage(
+				client,
+				new Msg({
+					text: `Server sent a strict transport security policy, reconnecting to port ${port}…`,
+				}),
+				true
+			);
+
+			// Forcefully end the connection
+			irc.connection.end();
+
+			// Update the port
+			network.port = port;
+			irc.options.port = port;
+
+			// Enable TLS
+			network.tls = true;
+			network.rejectUnauthorized = true;
+			irc.options.tls = true;
+			irc.options.rejectUnauthorized = true;
+
+			// Start a new connection
+			irc.connect();
+
+			client.save();
+		}
+	}
+};