Archived
1
0
This repository has been archived on 2024-09-09. You can view files and clone it, but cannot push or open issues or pull requests.
code-server/src/node/socket.ts

107 lines
3.4 KiB
TypeScript
Raw Normal View History

import { promises as fs } from "fs"
2020-02-04 13:27:46 -06:00
import * as net from "net"
import * as path from "path"
import * as stream from "stream"
2020-02-04 13:27:46 -06:00
import * as tls from "tls"
import { Emitter } from "../common/emitter"
import { generateUuid } from "../common/util"
import { canConnect, paths } from "./util"
2020-02-04 13:27:46 -06:00
/**
* Provides a way to proxy a TLS socket. Can be used when you need to pass a
* socket to a child process since you can't pass the TLS socket.
*/
export class SocketProxyProvider {
private readonly onProxyConnect = new Emitter<net.Socket>()
private proxyPipe = path.join(paths.runtime, "tls-proxy")
2020-02-04 13:27:46 -06:00
private _proxyServer?: Promise<net.Server>
private readonly proxyTimeout = 5000
/**
* Stop the proxy server.
*/
public stop(): void {
if (this._proxyServer) {
this._proxyServer.then((server) => server.close())
this._proxyServer = undefined
}
}
/**
* Create a socket proxy for TLS sockets. If it is not a TLS socket the
* original socket or stream is returned. This will spawn a proxy server on
* demand.
2020-02-04 13:27:46 -06:00
*/
public async createProxy(socket: tls.TLSSocket | net.Socket): Promise<net.Socket>
public async createProxy(socket: stream.Duplex): Promise<stream.Duplex>
public async createProxy(socket: tls.TLSSocket | net.Socket | stream.Duplex): Promise<net.Socket | stream.Duplex> {
2020-02-04 13:27:46 -06:00
if (!(socket instanceof tls.TLSSocket)) {
return socket
}
await this.startProxyServer()
return new Promise((resolve, reject) => {
const id = generateUuid()
const proxy = net.connect(this.proxyPipe)
proxy.once("connect", () => proxy.write(id))
const timeout = setTimeout(() => {
listener.dispose() // eslint-disable-line @typescript-eslint/no-use-before-define
socket.destroy()
proxy.destroy()
reject(new Error("TLS socket proxy timed out"))
}, this.proxyTimeout)
const listener = this.onProxyConnect.event((connection) => {
connection.once("data", (data) => {
if (!socket.destroyed && !proxy.destroyed && data.toString() === id) {
clearTimeout(timeout)
listener.dispose()
;[
[proxy, socket],
[socket, proxy],
].forEach(([a, b]) => {
a.pipe(b)
a.on("error", () => b.destroy())
a.on("close", () => b.destroy())
a.on("end", () => b.end())
})
resolve(connection)
}
})
})
})
}
private async startProxyServer(): Promise<net.Server> {
if (!this._proxyServer) {
this._proxyServer = this.findFreeSocketPath(this.proxyPipe)
.then((pipe) => {
this.proxyPipe = pipe
return Promise.all([
2021-05-10 16:27:47 -07:00
fs.mkdir(path.dirname(this.proxyPipe), { recursive: true }),
chore: upgrade Code to 1.66 (#5135) * chore: upgrade Code to 1.66 * docs: update docs for Code upgrades * fixup!: docs * chore: update vscode submodule * chore: update integration patch * chore: update node-version patch * chore: update github-auth patch They completely changed how auth is handled for GitHub in https://github.com/microsoft/vscode/pull/145424 so our patch may not work. Will need to test and revisit. * refactor: remove postinstall patch It appears they renamed postinstall.js to postinstall.mjs and removed the use of `rimraf` which means our patch is no longer needed! :tada: https://github.com/microsoft/vscode/commit/b0e8554cced292871a67748a18926cfd02f4e840 * chore: refresh local-storage patch * chore: refresh service-worker patch * chore: bulk refresh patches * fixup!: docs formatting * refactor: remove unused last-opened patch * fixup!: formatting docs * fixup!: formatting docs * refactor: remove rsync postinstall * Revert "refactor: remove rsync postinstall" This reverts commit 8d6b613e9d779ba18d0297710614516cde108bcf. * refactor: update postinstall.js to .mjs * feat(patches): add parent-origin bypass * docs(patches): add notes for testing store-socket * docs(patches): update testing info for node-version * refactor(patches): delete github-auth.diff patch * docs(patches): add notes for testing connection-type * fixup!: delete github-auth patch * fixup!: update connection type testing * docs(patches): add notes to insecure-notification.diff * docs(patches): add nots for update-check.diff * fixup!: remove comma in integration patch * fix(e2e): disable workspace trust * refactor: add --no-default-rc for yarn install * feat(patches): remove yarnrc in presinstall * fixup!: silly mistake * docs: add note about KEEP_MODULES=1 * docs(patches): add testing notes for node-version * refactor(patches): remove node-version It appears this is no longer needed due to the `remote/package.json` now which targets node rather than electron. * fixup!: add cd ../.. to code upgrade instructions * fixup!: add note to yarn --production flag * fixup!: make parent-origin easier to upstream * Revert "refactor(patches): delete github-auth.diff patch" This reverts commit 31a354a34345309fadc475491b392d7601e51a32. * Revert "fixup!: delete github-auth patch" This reverts commit bdeb5212e8c7be6cadd109941b486a4bcdae69fa. * Merge webview origin patch into webview patch * Remove unused post-install patch * Prevent builtin extensions from updating * Refresh sourcemaps patch * Update Node to v16 This matches the version in ./lib/vscode/remote/.yarnrc. I changed the engine to exactly 16 since if you use any different version it will just not work since the modules will have been built for 16 (due to the .yarnrc). * Replace fs.rmdir with fs.rm Node is showing a deprecation warning about it. * Update github-auth patch The local credentials provider is no longer used when there is a remote so this code moved into the backend web credential provider. * Prevent fs.rm from erroring about non-existent files We were using fs.rmdir which presumably did not have the same behavior in v14 (in v16 fs.rmdir also errors). * Install Python 3 in CentOS CI container Co-authored-by: Asher <ash@coder.com>
2022-05-04 14:58:49 -07:00
fs.rm(this.proxyPipe, { force: true, recursive: true }),
])
2020-02-04 13:27:46 -06:00
})
.then(() => {
return new Promise((resolve) => {
const proxyServer = net.createServer((p) => this.onProxyConnect.emit(p))
proxyServer.once("listening", () => resolve(proxyServer))
proxyServer.listen(this.proxyPipe)
})
})
}
return this._proxyServer
}
public async findFreeSocketPath(basePath: string, maxTries = 100): Promise<string> {
let i = 0
let path = basePath
while ((await canConnect(path)) && i < maxTries) {
path = `${basePath}-${++i}`
}
return path
}
}