From 2ca63c8f79a9ac45e36732bc8f8e9b44179a276c Mon Sep 17 00:00:00 2001
From: Ryan Dahl <ry@tinyclouds.org>
Date: Thu, 9 Dec 2010 00:35:16 -0800
Subject: [PATCH] Initial implementation of tls.connect()

Seems to work checkout test/disabled/tls-client.js
Type "GET /" after connected.
---
 lib/tls.js                  | 71 +++++++++++++++++++++++++++++++++++++
 test/disabled/tls-client.js | 18 ++++++++++
 2 files changed, 89 insertions(+)
 create mode 100644 test/disabled/tls-client.js

diff --git a/lib/tls.js b/lib/tls.js
index dc09dd845..d15f98818 100644
--- a/lib/tls.js
+++ b/lib/tls.js
@@ -547,4 +547,75 @@ Server.prototype.setOptions = function(options) {
 };
 
 
+// Target API:
+//
+//  var s = tls.connect(8000, "google.com", options, function() {
+//    if (!s.authorized) {
+//      s.destroy();
+//      return;
+//    }
+//
+//    // s.socket;
+//
+//    s.end("hello world\n");
+//  });
+//
+exports.connect = function(port /* host, options, cb */) {
+  // parse args
+  var host, options = {}, cb;
+  switch (typeof arguments[1]) {
+    case 'string':
+      host = arguments[1];
+      if (typeof arguments[2] == 'object') {
+        options = arguments[2];
+        if (typeof arguments[3] == 'function') cb = arguments[3];
+      } else if (typeof arguments[2] == 'function') {
+        cb = arguments[2];
+      }
+      break;
 
+    case 'object':
+      options = arguments[1];
+      if (typeof arguments[2] == 'function') cb = arguments[2];
+      break;
+
+    case 'function':
+      cb = arguments[1];
+      break;
+
+    default:
+      break;
+  }
+
+
+  var socket = new net.Stream();
+
+  var sslcontext = crypto.createCredentials(options);
+  sslcontext.context.setCiphers('RC4-SHA:AES128-SHA:AES256-SHA');
+
+  var pair = new SecurePair(sslcontext, false);
+
+  pair.encrypted.pipe(socket);
+  socket.pipe(pair.encrypted);
+
+  var cleartext = pair.cleartext;
+  cleartext.socket = socket;
+  cleartext.encrypted = pair.encrypted;
+  cleartext.authorized = false;
+
+  socket.connect(port, host);
+
+  pair.on('secure', function() {
+    console.log('client: connected+secure!');
+    console.log('client pair.getPeerCertificate(): %j',
+                pair.getPeerCertificate());
+    console.log('client pair.getCipher(): %j',
+                pair.getCipher());
+
+    if (cb) {
+      cb(cleartext);
+    }
+  });
+
+  return cleartext;
+};
diff --git a/test/disabled/tls-client.js b/test/disabled/tls-client.js
new file mode 100644
index 000000000..a323c25ff
--- /dev/null
+++ b/test/disabled/tls-client.js
@@ -0,0 +1,18 @@
+var common = require('../common');
+var tls = require('tls');
+var fs = require('fs');
+
+
+// most servers don't require certificates
+
+var options = {
+  key: fs.readFileSync(common.fixturesDir + '/keys/agent1-key.pem'),
+};
+
+
+var s = tls.connect(443, "google.com", options, function() {
+  console.error("CONNECTED");
+  s.pipe(process.stdout);
+  process.openStdin().pipe(s);
+});
+