npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

tls-tunnel

v1.0.0

Published

A Server and client for proxying local ports through public interfaces

Downloads

7

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

pghallidaypghalliday

Keywords

Readme

node-tls-tunnel

A Node.js client/server implementation of a secure tunnel over TLS/SSL. Useful for exposing local servers on public hosts. Initially implemented to expose a local server to browsers provided by BrowserStack to integrate their beta API with test scripts.

The idea is simple.

  • A server runs on a public host accepting connections on a public host name, let's say "mytlstunnel.com"
  • Initially only one port will be open and accepting connections, eg. 8080
  • On your local machine you start a client that connects to mytlstunnel.com:8080 using a TLS socket and let it know what local port it should expose, eg. 8000
  • The server assigns another port for use with that client and starts listening on it using an ordinary net socket, notifying the client on which port it will listen, eg 8081
  • When a third party tries to connect to mytlstunnel.com:8081 the server asks the client to make another connection using TLS to handle the traffic going through mytlstunnel.com:8081
  • The client does this and pipes all traffic to and from the third party on mytlstunnel.com:8081 and localhost:8000

Features

  • Server or client can be instantiated within a Node.js context
  • Server can be configured to only accept connections from known clients (using SSL certificates), preventing strangers using your resources
  • Client can be configured to validate against a known list of servers (using SSL certificates), preventing anyone from masquerading as your server
  • Server can be configured to expose a predefined set of ports

Installation

npm install tls-tunnel

CLI

TODO

API

To instantiate and start a server

var Server = require('tls-tunnel').Server;

var server = new Server({
  port: 8080,	// port to listen for client connections
  key: fs.readFileSync('./keys/server-key.pem'), 	// server's private key
  cert: fs.readFileSync('./keys/server-cert.pem'),	// server's SSL certificate
  ca: [fs.readFileSync('./keys/client-cert.pem')],	// list of authorized client SSL certificates
  forwardedPorts: {
    start: 8081,	// Start of port range to assign to connecting clients
    count: 10		// maximum number of ports and hence clients that can be supported
  },
  timeout: 5000	// Timeout in milliseconds to use when waiting for a client to provide a tunnel connection
});

server.start(function() {
  // server should be listening on port 8080 now
  server.stop(function() {
    // server should have ended all connections and stopped
  });
});

To instantiate and connect a client

var http = require('http');
var Client = require('tls-tunnel').Client;

var client = new Client({
  host: 'mytlstunnel.com',	// the host where the server is running
  port: 8080				// the port on which the server is running
  key: fs.readFileSync('./keys/client-key.pem'), 	// client's private key
  cert: fs.readFileSync('./keys/client-cert.pem'),	// client's SSL certificate
  ca: [fs.readFileSync('./keys/server-cert.pem')],	// list of authorized server SSL certificates
  targetPort: 8000,	// the local port to expose through the tunnel
  timeout: 5000	// Timeout in milliseconds to use when waiting for a server to assign a public port
});

client.connect(function(error, port) {
tunnel
  if (error) {
    // errors could include not having enough ports available on
    // the server to support another
  } else {
    // only if no errors were encountered will the <port> parameter
    // contain the public port that was assigned for the tunnel
    http.get('http://mytlstunnel.com:' + port, function(res) {
      // should receive a response from localhost:8000 here
      client.disconnect(function() {
        // client should have ended all connections
      });
    });
  }
});

Hints on generating certs for testing

See the test/keys folder for certificates used by the tests. These can be regenerated at anytime using either keys.sh (OSX, Linux) or keys.bat (Windows). These scripts use OpenSSL. OSX and Linux most likely already ship with OpenSSL. If using Windows you will need to install OpenSSL first.

It should be noted that for the client to authorize server certificates they need to have the correct hosts listed as altnames in the v3 extensions (although this doesn't seem to be required on Windows).

Roadmap

  • Tunnel should be protocol agnostic
    • I thought this would be a given but currently
      • Net connections work
      • HTTP works
      • TLS connections partially work
      • HTTPS does not work
  • Server or client should be runnable from the shell
  • Client should be configurable to only accept a limited number of connections
  • Test keys and certs need to be generated when running tests as they will eventually expire

Contributing

In lieu of a formal styleguide, take care to maintain the existing coding style. Add unit tests for any new or changed functionality. Lint and test your code using ./grunt.sh or .\grunt.bat.

Release History

(Nothing yet)

License

Copyright (c) 2012 Peter Halliday
Licensed under the MIT license.