@httptoolkit/httpolyglot 0.2.0 → 2.0.1

package/README.md

@@ -1,18 +1,21 @@
-Description
-===========
+# Httpolyglot [![Build Status](https://github.com/httptoolkit/httpolyglot/workflows/CI/badge.svg)](https://github.com/httptoolkit/httpolyglot/actions) [![Available on NPM](https://img.shields.io/npm/v/@httptoolkit/httpolyglot.svg)](https://npmjs.com/package/@httptoolkit/httpolyglot)
+
+> _Part of [HTTP Toolkit](https://httptoolkit.tech): powerful tools for building, testing & debugging HTTP(S)_
 
 A module for serving http and https connections over the same port.
 
 Forked from the original [`httpolyglot`](https://github.com/mscdex/httpolyglot) to fix various issues required for [HTTP Toolkit](https://httptoolkit.tech), including:
 
+* Support for HTTP/2
 * Fixing `tlsClientError`: https://github.com/mscdex/httpolyglot/pull/11.
 * Exposing the lost bytes from https://github.com/mscdex/httpolyglot/issues/13 on the socket, as `__httpPeekedData`.
 * Dropping support for old versions of Node (and thereby simplifying the code somewhat)
+* Converting to TypeScript
 
 Requirements
 ============
 
-* [node.js](http://nodejs.org/) -- v8.0.0 or newer
+* [node.js](http://nodejs.org/) -- v12.0.0 or newer
 
 
 Install

package/dist/index.d.ts

@@ -0,0 +1,20 @@
+/// <reference types="node" />
+import * as net from 'net';
+import * as http from 'http';
+import * as https from 'https';
+declare module 'net' {
+    interface Socket {
+        __httpPeekedData?: Buffer;
+    }
+}
+export declare class Server extends net.Server {
+    private _httpServer;
+    private _http2Server;
+    private _tlsServer;
+    constructor(requestListener: http.RequestListener);
+    constructor(tlsConfig: https.ServerOptions, requestListener: http.RequestListener);
+    private connectionListener;
+    private http2Listener;
+}
+export declare function createServer(requestListener: http.RequestListener): Server;
+export declare function createServer(tlsConfig: https.ServerOptions, requestListener: http.RequestListener): Server;

package/dist/index.js

@@ -0,0 +1,153 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createServer = exports.Server = void 0;
+const net = require("net");
+const tls = require("tls");
+const http = require("http");
+const http2 = require("http2");
+const events_1 = require("events");
+function onError(err) { }
+const TLS_HANDSHAKE_BYTE = 0x16; // SSLv3+ or TLS handshake
+const HTTP2_PREFACE = 'PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n';
+const HTTP2_PREFACE_BUFFER = Buffer.from(HTTP2_PREFACE);
+const NODE_MAJOR_VERSION = parseInt(process.version.slice(1).split('.')[0], 10);
+class Server extends net.Server {
+    constructor(configOrListener, listener) {
+        // We just act as a plain TCP server, accepting and examing
+        // each connection, then passing it to the right subserver.
+        super((socket) => this.connectionListener(socket));
+        let tlsConfig;
+        let requestListener;
+        if (typeof configOrListener === 'function') {
+            requestListener = configOrListener;
+            tlsConfig = undefined;
+        }
+        else {
+            tlsConfig = configOrListener;
+            requestListener = listener;
+        }
+        // We bind the request listener, so 'this' always refers to us, not each subserver.
+        // This means 'this' is consistent (and this.close() works).
+        const boundListener = requestListener.bind(this);
+        // Create subservers for each supported protocol:
+        this._httpServer = new http.Server(boundListener);
+        this._http2Server = http2.createServer({}, boundListener);
+        if (typeof tlsConfig === 'object') {
+            // If we have TLS config, create a TLS server, which will pass sockets to
+            // the relevant subserver once the TLS connection is set up.
+            this._tlsServer = new tls.Server(tlsConfig, (tlsSocket) => {
+                if (tlsSocket.alpnProtocol === false || tlsSocket.alpnProtocol === 'http/1.1') {
+                    this._httpServer.emit('connection', tlsSocket);
+                }
+                else {
+                    this._http2Server.emit('connection', tlsSocket);
+                }
+            });
+        }
+        else {
+            // Fake server that rejects all connections:
+            this._tlsServer = new events_1.EventEmitter();
+            this._tlsServer.on('connection', (socket) => socket.destroy());
+        }
+        const subServers = [this._httpServer, this._http2Server, this._tlsServer];
+        // Proxy all event listeners setup onto the subservers, so any
+        // subscriptions on this server are fed from all the subservers
+        this.on('newListener', function (eventName, listener) {
+            subServers.forEach(function (subServer) {
+                subServer.addListener(eventName, listener);
+            });
+        });
+        this.on('removeListener', function (eventName, listener) {
+            subServers.forEach(function (subServer) {
+                subServer.removeListener(eventName, listener);
+            });
+        });
+    }
+    connectionListener(socket) {
+        const data = socket.read(1);
+        if (data === null) {
+            socket.removeListener('error', onError);
+            socket.on('error', onError);
+            socket.once('readable', () => {
+                this.connectionListener(socket);
+            });
+        }
+        else {
+            socket.removeListener('error', onError);
+            // Put the peeked data back into the socket
+            const firstByte = data[0];
+            socket.unshift(data);
+            // Pass the socket to the correct subserver:
+            if (firstByte === TLS_HANDSHAKE_BYTE) {
+                // TLS sockets don't allow half open
+                socket.allowHalfOpen = false;
+                this._tlsServer.emit('connection', socket);
+            }
+            else {
+                if (firstByte === HTTP2_PREFACE_BUFFER[0]) {
+                    // The connection _might_ be HTTP/2. To confirm, we need to keep
+                    // reading until we get the whole stream:
+                    this.http2Listener(socket);
+                }
+                else {
+                    // The above unshift isn't always sufficient to invisibly replace the
+                    // read data. The rawPacket property on errors in the clientError event
+                    // for plain HTTP servers loses this data - this prop makes it available.
+                    // Bit of a hacky fix, but sufficient to allow for manual workarounds.
+                    socket.__httpPeekedData = data;
+                    this._httpServer.emit('connection', socket);
+                }
+            }
+        }
+    }
+    http2Listener(socket, pastData) {
+        const h1Server = this._httpServer;
+        const h2Server = this._http2Server;
+        const newData = socket.read() || Buffer.from([]);
+        const data = pastData ? Buffer.concat([pastData, newData]) : newData;
+        if (data.length >= HTTP2_PREFACE_BUFFER.length) {
+            socket.unshift(data);
+            if (data.slice(0, HTTP2_PREFACE_BUFFER.length).equals(HTTP2_PREFACE_BUFFER)) {
+                // We have a full match for the preface - it's definitely HTTP/2.
+                // For HTTP/2 we hit issues when passing non-socket streams (like H2 streams for proxying H2-over-H2).
+                if (NODE_MAJOR_VERSION <= 12) {
+                    // For Node 12 and older, we need a (later deprecated) stream wrapper:
+                    const StreamWrapper = require('_stream_wrap');
+                    socket = new StreamWrapper(socket);
+                }
+                else {
+                    // For newer node, we can fix this with a quick patch here:
+                    const socketWithInternals = socket;
+                    if (socketWithInternals._handle) {
+                        socketWithInternals._handle.isStreamBase = false;
+                    }
+                }
+                h2Server.emit('connection', socket);
+                return;
+            }
+            else {
+                h1Server.emit('connection', socket);
+                return;
+            }
+        }
+        else if (!data.equals(HTTP2_PREFACE_BUFFER.slice(0, data.length))) {
+            socket.unshift(data);
+            // Haven't finished the preface length, but something doesn't match already
+            h1Server.emit('connection', socket);
+            return;
+        }
+        // Not enough data to know either way - try again, waiting for more:
+        socket.removeListener('error', onError);
+        socket.on('error', onError);
+        socket.once('readable', () => {
+            this.http2Listener.call(this, socket, data);
+        });
+    }
+}
+exports.Server = Server;
+function createServer(configOrListener, listener) {
+    return new Server(configOrListener, listener);
+}
+exports.createServer = createServer;
+;
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;AAAA,2BAA2B;AAC3B,2BAA2B;AAC3B,6BAA6B;AAE7B,+BAA+B;AAE/B,mCAAsC;AAQtC,SAAS,OAAO,CAAC,GAAQ,IAAG,CAAC;AAE7B,MAAM,kBAAkB,GAAG,IAAI,CAAC,CAAC,0BAA0B;AAC3D,MAAM,aAAa,GAAG,kCAAkC,CAAC;AACzD,MAAM,oBAAoB,GAAG,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;AAExD,MAAM,kBAAkB,GAAG,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AAIhF,MAAa,MAAO,SAAQ,GAAG,CAAC,MAAM;IAQpC,YAAY,gBAA4D,EAAE,QAA+B;QACvG,2DAA2D;QAC3D,2DAA2D;QAC3D,KAAK,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC;QAEnD,IAAI,SAA0C,CAAC;QAC/C,IAAI,eAAqC,CAAC;QAE1C,IAAI,OAAO,gBAAgB,KAAK,UAAU,EAAE;YAC1C,eAAe,GAAG,gBAAgB,CAAC;YACnC,SAAS,GAAG,SAAS,CAAC;SACvB;aAAM;YACL,SAAS,GAAG,gBAAgB,CAAC;YAC7B,eAAe,GAAG,QAAS,CAAC;SAC7B;QAED,mFAAmF;QACnF,4DAA4D;QAC5D,MAAM,aAAa,GAAG,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEjD,iDAAiD;QACjD,IAAI,CAAC,WAAW,GAAG,IAAI,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;QAClD,IAAI,CAAC,YAAY,GAAG,KAAK,CAAC,YAAY,CAAC,EAAE,EAAE,aAAqC,CAAC,CAAC;QAElF,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE;YACjC,yEAAyE;YACzE,4DAA4D;YAC5D,IAAI,CAAC,UAAU,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC,SAAS,EAAE,EAAE;gBACxD,IAAI,SAAS,CAAC,YAAY,KAAK,KAAK,IAAI,SAAS,CAAC,YAAY,KAAK,UAAU,EAAE;oBAC7E,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;iBAChD;qBAAM;oBACL,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;iBACjD;YACH,CAAC,CAAC,CAAC;SACJ;aAAM;YACL,4CAA4C;YAC5C,IAAI,CAAC,UAAU,GAAG,IAAI,qBAAY,EAAE,CAAC;YACrC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,YAAY,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;SAChE;QAED,MAAM,UAAU,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;QAE1E,8DAA8D;QAC9D,+DAA+D;QAC/D,IAAI,CAAC,EAAE,CAAC,aAAa,EAAE,UAAU,SAAS,EAAE,QAAQ;YAClD,UAAU,CAAC,OAAO,CAAC,UAAU,SAAS;gBACpC,SAAS,CAAC,WAAW,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;YAC7C,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,EAAE,CAAC,gBAAgB,EAAE,UAAU,SAAS,EAAE,QAAQ;YACrD,UAAU,CAAC,OAAO,CAAC,UAAU,SAAS;gBACpC,SAAS,CAAC,cAAc,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;YAChD,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,kBAAkB,CAAC,MAAkB;QAC3C,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAE5B,IAAI,IAAI,KAAK,IAAI,EAAE;YACjB,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YACxC,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAE5B,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,GAAG,EAAE;gBAC3B,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC;YAClC,CAAC,CAAC,CAAC;SACJ;aAAM;YACL,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAExC,2CAA2C;YAC3C,MAAM,SAAS,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YAC1B,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YAErB,4CAA4C;YAC5C,IAAI,SAAS,KAAK,kBAAkB,EAAE;gBACpC,oCAAoC;gBACpC,MAAM,CAAC,aAAa,GAAG,KAAK,CAAC;gBAC7B,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;aAC5C;iBAAM;gBACL,IAAI,SAAS,KAAK,oBAAoB,CAAC,CAAC,CAAC,EAAE;oBACzC,gEAAgE;oBAChE,yCAAyC;oBACzC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;iBAC5B;qBAAM;oBACL,qEAAqE;oBACrE,uEAAuE;oBACvE,yEAAyE;oBACzE,sEAAsE;oBACtE,MAAM,CAAC,gBAAgB,GAAG,IAAI,CAAC;oBAC/B,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;iBAC7C;aACF;SACF;IACH,CAAC;IAEO,aAAa,CAAC,MAAkB,EAAE,QAAiB;QACzD,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC;QAClC,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,CAAC;QAEnC,MAAM,OAAO,GAAW,MAAM,CAAC,IAAI,EAAE,IAAI,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACzD,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;QAErE,IAAI,IAAI,CAAC,MAAM,IAAI,oBAAoB,CAAC,MAAM,EAAE;YAC9C,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YACrB,IAAI,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,oBAAoB,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,oBAAoB,CAAC,EAAE;gBAC3E,iEAAiE;gBAEjE,sGAAsG;gBACtG,IAAI,kBAAkB,IAAI,EAAE,EAAE;oBAC5B,sEAAsE;oBACtE,MAAM,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;oBAC9C,MAAM,GAAG,IAAI,aAAa,CAAC,MAAM,CAAC,CAAC;iBACpC;qBAAM;oBACL,2DAA2D;oBAC3D,MAAM,mBAAmB,GAAG,MAAkD,CAAC;oBAC/E,IAAI,mBAAmB,CAAC,OAAO,EAAE;wBAC/B,mBAAmB,CAAC,OAAO,CAAC,YAAY,GAAG,KAAK,CAAC;qBAClD;iBACF;gBAED,QAAQ,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;gBACpC,OAAO;aACR;iBAAM;gBACL,QAAQ,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;gBACpC,OAAO;aACR;SACF;aAAM,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE;YACnE,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YACrB,2EAA2E;YAC3E,QAAQ,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;YACpC,OAAO;SACR;QAED,oEAAoE;QACpE,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACxC,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAC5B,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,GAAG,EAAE;YAC3B,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC;QAC9C,CAAC,CAAC,CAAC;IACL,CAAC;CACF;AArJD,wBAqJC;AAID,SAAgB,YAAY,CAAC,gBAA4D,EAAE,QAA+B;IACxH,OAAO,IAAI,MAAM,CAAC,gBAAuB,EAAE,QAAe,CAAC,CAAC;AAC9D,CAAC;AAFD,oCAEC;AAAA,CAAC"}

package/package.json

@@ -1,18 +1,28 @@
 {
   "name": "@httptoolkit/httpolyglot",
-  "version": "0.2.0",
+  "version": "2.0.1",
   "author": "Tim Perry <pimterry@gmail.com>",
   "description": "Serve http and https connections over the same port with node.js",
-  "main": "./lib/index.js",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "files": [
+    "dist/",
+    "src/"
+  ],
   "scripts": {
-    "test": "node test/test.js"
+    "prebuild": "rimraf dist/*",
+    "build": "tsc",
+    "prepack": "npm run build",
+    "pretest": "npm run build",
+    "test": "mocha -r ts-node/register 'test/**/*.spec.ts'"
   },
   "engines": {
-    "node": ">=8.0.0"
+    "node": ">=12.0.0"
   },
   "keywords": [
     "http",
     "https",
+    "http2",
     "multiplex",
     "polyglot"
   ],
@@ -25,5 +35,17 @@
   "repository": {
     "type": "git",
     "url": "http://github.com/httptoolkit/httpolyglot.git"
+  },
+  "dependencies": {
+    "@types/node": "^16.7.10"
+  },
+  "devDependencies": {
+    "@types/chai": "^4.2.21",
+    "@types/mocha": "^9.0.0",
+    "chai": "^4.3.4",
+    "mocha": "^9.1.1",
+    "rimraf": "^3.0.2",
+    "ts-node": "^10.2.1",
+    "typescript": "^4.4.2"
   }
 }

package/src/index.ts

@@ -0,0 +1,180 @@
+import * as net from 'net';
+import * as tls from 'tls';
+import * as http from 'http';
+import * as https from 'https';
+import * as http2 from 'http2';
+
+import { EventEmitter } from 'events';
+
+declare module 'net' {
+  interface Socket {
+    __httpPeekedData?: Buffer;
+  }
+}
+
+function onError(err: any) {}
+
+const TLS_HANDSHAKE_BYTE = 0x16; // SSLv3+ or TLS handshake
+const HTTP2_PREFACE = 'PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n';
+const HTTP2_PREFACE_BUFFER = Buffer.from(HTTP2_PREFACE);
+
+const NODE_MAJOR_VERSION = parseInt(process.version.slice(1).split('.')[0], 10);
+
+type Http2Listener = (request: http2.Http2ServerRequest, response: http2.Http2ServerResponse) => void;
+
+export class Server extends net.Server {
+
+  private _httpServer: http.Server;
+  private _http2Server: http2.Http2Server;
+  private _tlsServer: EventEmitter;
+
+  constructor(requestListener: http.RequestListener);
+  constructor(tlsConfig: https.ServerOptions, requestListener: http.RequestListener);
+  constructor(configOrListener: https.ServerOptions | http.RequestListener, listener?: http.RequestListener) {
+    // We just act as a plain TCP server, accepting and examing
+    // each connection, then passing it to the right subserver.
+    super((socket) => this.connectionListener(socket));
+
+    let tlsConfig: https.ServerOptions | undefined;
+    let requestListener: http.RequestListener;
+
+    if (typeof configOrListener === 'function') {
+      requestListener = configOrListener;
+      tlsConfig = undefined;
+    } else {
+      tlsConfig = configOrListener;
+      requestListener = listener!;
+    }
+
+    // We bind the request listener, so 'this' always refers to us, not each subserver.
+    // This means 'this' is consistent (and this.close() works).
+    const boundListener = requestListener.bind(this);
+
+    // Create subservers for each supported protocol:
+    this._httpServer = new http.Server(boundListener);
+    this._http2Server = http2.createServer({}, boundListener as any as Http2Listener);
+
+    if (typeof tlsConfig === 'object') {
+      // If we have TLS config, create a TLS server, which will pass sockets to
+      // the relevant subserver once the TLS connection is set up.
+      this._tlsServer = new tls.Server(tlsConfig, (tlsSocket) => {
+        if (tlsSocket.alpnProtocol === false || tlsSocket.alpnProtocol === 'http/1.1') {
+          this._httpServer.emit('connection', tlsSocket);
+        } else {
+          this._http2Server.emit('connection', tlsSocket);
+        }
+      });
+    } else {
+      // Fake server that rejects all connections:
+      this._tlsServer = new EventEmitter();
+      this._tlsServer.on('connection', (socket) => socket.destroy());
+    }
+
+    const subServers = [this._httpServer, this._http2Server, this._tlsServer];
+
+    // Proxy all event listeners setup onto the subservers, so any
+    // subscriptions on this server are fed from all the subservers
+    this.on('newListener', function (eventName, listener) {
+      subServers.forEach(function (subServer) {
+        subServer.addListener(eventName, listener);
+      })
+    });
+
+    this.on('removeListener', function (eventName, listener) {
+      subServers.forEach(function (subServer) {
+        subServer.removeListener(eventName, listener);
+      })
+    });
+  }
+
+  private connectionListener(socket: net.Socket) {
+    const data = socket.read(1);
+
+    if (data === null) {
+      socket.removeListener('error', onError);
+      socket.on('error', onError);
+
+      socket.once('readable', () => {
+        this.connectionListener(socket);
+      });
+    } else {
+      socket.removeListener('error', onError);
+
+      // Put the peeked data back into the socket
+      const firstByte = data[0];
+      socket.unshift(data);
+
+      // Pass the socket to the correct subserver:
+      if (firstByte === TLS_HANDSHAKE_BYTE) {
+        // TLS sockets don't allow half open
+        socket.allowHalfOpen = false;
+        this._tlsServer.emit('connection', socket);
+      } else {
+        if (firstByte === HTTP2_PREFACE_BUFFER[0]) {
+          // The connection _might_ be HTTP/2. To confirm, we need to keep
+          // reading until we get the whole stream:
+          this.http2Listener(socket);
+        } else {
+          // The above unshift isn't always sufficient to invisibly replace the
+          // read data. The rawPacket property on errors in the clientError event
+          // for plain HTTP servers loses this data - this prop makes it available.
+          // Bit of a hacky fix, but sufficient to allow for manual workarounds.
+          socket.__httpPeekedData = data;
+          this._httpServer.emit('connection', socket);
+        }
+      }
+    }
+  }
+
+  private http2Listener(socket: net.Socket, pastData?: Buffer) {
+    const h1Server = this._httpServer;
+    const h2Server = this._http2Server;
+
+    const newData: Buffer = socket.read() || Buffer.from([]);
+    const data = pastData ? Buffer.concat([pastData, newData]) : newData;
+
+    if (data.length >= HTTP2_PREFACE_BUFFER.length) {
+      socket.unshift(data);
+      if (data.slice(0, HTTP2_PREFACE_BUFFER.length).equals(HTTP2_PREFACE_BUFFER)) {
+        // We have a full match for the preface - it's definitely HTTP/2.
+
+        // For HTTP/2 we hit issues when passing non-socket streams (like H2 streams for proxying H2-over-H2).
+        if (NODE_MAJOR_VERSION <= 12) {
+          // For Node 12 and older, we need a (later deprecated) stream wrapper:
+          const StreamWrapper = require('_stream_wrap');
+          socket = new StreamWrapper(socket);
+        } else {
+          // For newer node, we can fix this with a quick patch here:
+          const socketWithInternals = socket as { _handle?: { isStreamBase?: boolean } };
+          if (socketWithInternals._handle) {
+            socketWithInternals._handle.isStreamBase = false;
+          }
+        }
+
+        h2Server.emit('connection', socket);
+        return;
+      } else {
+        h1Server.emit('connection', socket);
+        return;
+      }
+    } else if (!data.equals(HTTP2_PREFACE_BUFFER.slice(0, data.length))) {
+      socket.unshift(data);
+      // Haven't finished the preface length, but something doesn't match already
+      h1Server.emit('connection', socket);
+      return;
+    }
+
+    // Not enough data to know either way - try again, waiting for more:
+    socket.removeListener('error', onError);
+    socket.on('error', onError);
+    socket.once('readable', () => {
+      this.http2Listener.call(this, socket, data);
+    });
+  }
+}
+
+export function createServer(requestListener: http.RequestListener): Server;
+export function createServer(tlsConfig: https.ServerOptions, requestListener: http.RequestListener): Server;
+export function createServer(configOrListener: https.ServerOptions | http.RequestListener, listener?: http.RequestListener) {
+  return new Server(configOrListener as any, listener as any);
+};

package/lib/index.js

@@ -1,87 +0,0 @@
-const http = require('http');
-const https = require('https');
-const inherits = require('util').inherits;
-const httpSocketHandler = http._connectionListener;
-
-function Server(tlsconfig, requestListener) {
-  if (!(this instanceof Server)) return new Server(tlsconfig, requestListener);
-
-  if (typeof tlsconfig === 'function') {
-    requestListener = tlsconfig;
-    tlsconfig = undefined;
-  }
-
-  if (typeof tlsconfig === 'object') {
-    this.removeAllListeners('connection');
-
-    https.Server.call(this, tlsconfig, requestListener);
-
-    // capture https socket handler, it's not exported like http's socket
-    // handler
-    const connev = this._events.connection;
-    if (typeof connev === 'function') {
-      this._tlsHandler = connev;
-    } else {
-      this._tlsHandler = connev[connev.length - 1];
-    }
-    this.removeListener('connection', this._tlsHandler);
-
-    this._connListener = connectionListener;
-    this.on('connection', connectionListener);
-
-    // copy from http.Server
-    this.timeout = 2 * 60 * 1000;
-    this.allowHalfOpen = true;
-    this.httpAllowHalfOpen = false;
-  } else {
-    http.Server.call(this, requestListener);
-  }
-}
-inherits(Server, https.Server);
-
-Server.prototype.setTimeout = function (msecs, callback) {
-  this.timeout = msecs;
-  if (callback) this.on('timeout', callback);
-};
-
-Server.prototype.__httpSocketHandler = httpSocketHandler;
-
-function onError(err) {}
-
-const connectionListener = function (socket) {
-  const data = socket.read(1);
-
-  if (data === null) {
-    socket.removeListener('error', onError);
-    socket.on('error', onError);
-
-    socket.once('readable', () => {
-      this._connListener(socket);
-    });
-  } else {
-    socket.removeListener('error', onError);
-
-    const firstByte = data[0];
-    socket.unshift(data);
-    if (firstByte < 32 || firstByte >= 127) {
-      // tls/ssl
-      // TLS sockets don't allow half open
-      socket.allowHalfOpen = false;
-      this._tlsHandler(socket);
-    } else {
-      // The above unshift isn't always sufficient to invisibly replace the
-      // read data. The rawPacket property on errors in the clientError event
-      // specifically is missing this data - this prop makes it available.
-      // Bit of a hacky fix, but sufficient to allow for manual workarounds.
-      socket.__httpPeekedData = data;
-
-      this.__httpSocketHandler(socket);
-    }
-  }
-};
-
-exports.Server = Server;
-
-exports.createServer = function (tlsconfig, requestListener) {
-  return new Server(tlsconfig, requestListener);
-};

package/q

@@ -1,22 +0,0 @@
-*-.   1d3593f (refs/stash) WIP on master: 2ddda12 Update docs & details to fork the package for httptoolkit use
-|\ \  
-| | * cd20755 untracked files on master: 2ddda12 Update docs & details to fork the package for httptoolkit use
-| * 0caa43e index on master: 2ddda12 Update docs & details to fork the package for httptoolkit use
-|/  
-* 2ddda12 (HEAD -> master) Update docs & details to fork the package for httptoolkit use
-* ac0a75f Expose peeked HTTP data as __httpPeekedData
-* 247cd34 Drop support for Node < 8, and simplify
-* f2652ea (origin/no-half-open-tls, no-half-open-tls) Don't allow half-open TLS connections
-* 1c6c4af (tag: v0.1.2) bump version
-* 475e6f4 lib: ignore pre-detection errors
-* ef54b90 readme: add section about how the module works
-* f78eb12 (tag: v0.1.1) bump version
-* f98b92a fix for node 0.11+ again
-* 1af5506 (tag: v0.1.0) bump version
-* 1f20a4a fix node v0.11+ compatibility
-* bc43948 (tag: v0.0.2) bump version
-* 2b06da2 avoid .call()
-* a6f4e7e be more strict about byte check
-* 2c33984 readme: add http->https redirect example
-* 153cbdf (tag: v0.0.1) bump version
-* b62bc44 Initial commit

package/test/common.js

@@ -1,43 +0,0 @@
-exports.mustCall = mustCall;
-function mustCall(fn, expected) {
-  if (typeof expected !== 'number')
-    expected = 1;
-
-  var context = {
-    expected: expected,
-    actual: 0,
-    stack: (new Error()).stack,
-    name: fn.name || '<anonymous>'
-  };
-
-  // add the exit listener only once to avoid listener leak warnings
-  if (mustCall.checks.length === 0)
-    process.on('exit', mustCall.runChecks);
-
-  mustCall.checks.push(context);
-
-  return function() {
-    context.actual++;
-    return fn.apply(this, arguments);
-  };
-}
-mustCall.checks = [];
-mustCall.runChecks = function(exitCode) {
-  if (exitCode !== 0)
-    return;
-
-  var failed = mustCall.checks.filter(function(context) {
-    return context.actual !== context.expected;
-  });
-
-  failed.forEach(function(context) {
-    console.log('Mismatched %s function calls. Expected %d, actual %d.',
-                context.name,
-                context.expected,
-                context.actual);
-    console.log(context.stack.split('\n').slice(2).join('\n'));
-  });
-
-  if (failed.length)
-    process.exit(1);
-};

package/test/fixtures/server.crt

@@ -1,22 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDjzCCAnegAwIBAgIJANiEfJkuqhEaMA0GCSqGSIb3DQEBCwUAMF4xCzAJBgNV
-BAYTAlVTMQ0wCwYDVQQIDARPaGlvMQ8wDQYDVQQHDAZEYXl0b24xEjAQBgNVBAoM
-CUZvbywgSW5jLjEbMBkGA1UEAwwSbXlob3N0LmxvY2FsZG9tYWluMB4XDTE2MTEy
-NjE3MTUxNFoXDTE2MTIyNjE3MTUxNFowXjELMAkGA1UEBhMCVVMxDTALBgNVBAgM
-BE9oaW8xDzANBgNVBAcMBkRheXRvbjESMBAGA1UECgwJRm9vLCBJbmMuMRswGQYD
-VQQDDBJteWhvc3QubG9jYWxkb21haW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
-ggEKAoIBAQDi8OEKkQogjasE908B/yBHqYFtbYfYJJpq3qsxV7oWWLuygEvVTM/O
-edAt0CrXppgh1VxKIbyxkQtf+2TyoUlWxUK/9iYzXolTMQ82X+WeeClPdemoNIYV
-wCKrZObJ1TtBM8v2mL8NfQZumr9NahOfK6pWWuLosKtXviJuzAVKQCm3r0scbzi/
-avSP63LfY/ua7m29PZI4wflLAghAUbNAaefp9UAxgYQigXuIj+lMDhIdfuGEndS+
-xkcW/tqeRr42r4xh1C7lb/FagFqMXA5+wDMn1Tj0JBzQLZMR4Ea2vj24BXuPuA8P
-Kq6wvbpZ4B3k+3jrWNL2i3mPUFFXriP3AgMBAAGjUDBOMB0GA1UdDgQWBBSuHVhn
-CAGxnAE81k3uq1oC+TIRsTAfBgNVHSMEGDAWgBSuHVhnCAGxnAE81k3uq1oC+TIR
-sTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCTk27sW0x9CRPC9ZQs
-FuhhcJQb7KXxhUikctkQC101+xZHE0VZeBLgkHCr8Q1tRzqJuvQO6Q5CRB8b5DIX
-ZHOEtzjNnm8yoMDCWVb/4G8repGacpHDkZv3jZguHxpTYVJlwvdDCr0SGqfpcF4e
-5MY8DgfsmXo2hqKp/FozTA1MKs3esuxdrZBxhvoQpRsvX0mxfiBNoTWVu2BgjeqP
-11vSPK1z2YCxHkt1SvwrpycfGV8x7qNvEIn+zzxPitYJHro0w0WX8aelT7Xtj2mD
-pkLsYhM1dHZkIc+uXVSv+EUUkfLJ1FDJ5D+yyKifyYtBVEOvrDpfUFNKy+bZRYsy
-Lcdy
------END CERTIFICATE-----

package/test/fixtures/server.key

@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDi8OEKkQogjasE
-908B/yBHqYFtbYfYJJpq3qsxV7oWWLuygEvVTM/OedAt0CrXppgh1VxKIbyxkQtf
-+2TyoUlWxUK/9iYzXolTMQ82X+WeeClPdemoNIYVwCKrZObJ1TtBM8v2mL8NfQZu
-mr9NahOfK6pWWuLosKtXviJuzAVKQCm3r0scbzi/avSP63LfY/ua7m29PZI4wflL
-AghAUbNAaefp9UAxgYQigXuIj+lMDhIdfuGEndS+xkcW/tqeRr42r4xh1C7lb/Fa
-gFqMXA5+wDMn1Tj0JBzQLZMR4Ea2vj24BXuPuA8PKq6wvbpZ4B3k+3jrWNL2i3mP
-UFFXriP3AgMBAAECggEARjVFOdKjMm0Bkpi8DZ8TKnhrPSJcm2a/iv52Md61CELN
-VqzQSR3pUDRpTjMPfgXhHN54HcsQKFL6FOieU13IZZrDSsXpDY1aqK0NysGiNQNx
-rE6LSelt7f6x+xpNN/XKziIrIJAi0xZxzff75QRDK8QDf5HAj0JQz+VXm7VskYpw
-90YdekO5S/7V8UlLDDQFcKVdsmiPoDogPz6C2CnzD/yVzduJhmoM9PqccRyA/WVD
-YHejPs+LGhM5SLQaMmMWXX5oQ21Gc/t1xvrHokiqcBpxz1djT8I4amRg7D+3bsNG
-d/cRLTKLj1joxJl2VQi+cXT45P5VF5inLwXvraJomQKBgQD0F9FcwhbINjtHFSsr
-gexUjwynvAZyNkI+rROku37wBtT4EwMkRgq9FN6aHZZ8wi6kxRVH7KbmGKXmPkIw
-H/t2lHsae7GZ207H9LZa+VLfDMYCSXa40SvGRBrSPOrTOMCc3HgmP0s/00xfALzs
-T4IHJbOYwhzArZhwC6YLn9byFQKBgQDuAt6QxiJneUM/1JW5P7TEzGLi9bwUmSKH
-EkLbsDKRmqH1EvEoQaG9js9FBLBKaSRYRnub3FbRb7Ckk1MpQY67rOb8L2ypp7uy
-+Bv2Cmbm4mD+/Aapw5Is/6UqNCqTChjI58437eEtZx7X4cYBLwiaKPvPUWI6L2wJ
-4nMsr3fc2wKBgQCpaqqelfvYBIQKJzAqZ2fPnOXsub1DolNCS0CaEqTdFfDVKeUB
-VTf42rZSA31CpEhZhozpueBxTeQ/tTCdVGVlfVMgI4A2SJgagsfaxrf1Jll8lt63
-Ej8uwnBXQX6/EeHmPcOK0F17ND4Kpml6HwkhytInkXsBZLur8PnTkaJPrQKBgQCN
-kF9YtMBZ0yJQoNy85ktakkZuv8IybjK/K/lgOZiaSeLypWWSkBbnbD2Ty4ofeBIJ
-/0IeHhv1Tf0+pfHcpAWFUv3AGWUEM6PMew4GdYFm6lbO0pAUASK8aQGP7J81/ddo
-B5f8ZBx+qMsLlFn08kiniKDdWoaWHQahinL+rQ8Z6QKBgQDN1SpQnFHYy3uugmN0
-KZjDjVs9gBo0lhNVE/HUbf91TiY/ITpjUCHmv+N3VxKyCII4O7+jjFhzK+5NKLV2
-WsYLN9ttR/2FQ4JnTUocXple3DxmaA7rCRZj8ZQ/jrGwbEj5nLyOIDblWgaaADMB
-W2YC7grwofz3HqqSUCHySDHvUA==
------END PRIVATE KEY-----

package/test/test-early-disconnect.js

@@ -1,21 +0,0 @@
-var fs = require('fs');
-var exec = require('child_process').exec;
-var assert = require('assert');
-
-var common = require(__dirname + '/common');
-var httpolyglot = require(__dirname + '/../lib/index');
-
-var srv = httpolyglot.createServer({
-  key: fs.readFileSync(__dirname + '/fixtures/server.key'),
-  cert: fs.readFileSync(__dirname + '/fixtures/server.crt')
-}, function(req, res) {
-  assert(false, 'Request handler should not be called');
-});
-srv.listen(0, '127.0.0.1', common.mustCall(function() {
-  var port = this.address().port;
-
-  exec('nmap 127.0.0.1 -p' + port,
-       common.mustCall(function(err, stdout, stderr) {
-    srv.close();
-  }));
-}));

package/test/test-normal.js

@@ -1,45 +0,0 @@
-var fs = require('fs');
-var http = require('http');
-var https = require('https');
-var assert = require('assert');
-
-var common = require(__dirname + '/common');
-var httpolyglot = require(__dirname + '/../lib/index');
-
-var srv = httpolyglot.createServer({
-  key: fs.readFileSync(__dirname + '/fixtures/server.key'),
-  cert: fs.readFileSync(__dirname + '/fixtures/server.crt')
-}, common.mustCall(function(req, res) {
-  this.count || (this.count = 0);
-  res.end(req.socket.encrypted ? 'https' : 'http');
-  if (++this.count === 2)
-    this.close();
-}, 2));
-srv.listen(0, '127.0.0.1', common.mustCall(function() {
-  var port = this.address().port;
-
-  http.get({
-    host: '127.0.0.1',
-    port: port
-  }, common.mustCall(function(res) {
-    var body = '';
-    res.on('data', function(data) {
-      body += data;
-    }).on('end', common.mustCall(function() {
-      assert.strictEqual(body, 'http');
-    }));
-  }));
-
-  https.get({
-    host: '127.0.0.1',
-    port: port,
-    rejectUnauthorized: false
-  }, common.mustCall(function(res) {
-    var body = '';
-    res.on('data', function(data) {
-      body += data;
-    }).on('end', common.mustCall(function() {
-      assert.strictEqual(body, 'https');
-    }));
-  }));
-}));

package/test/test.js

@@ -1,4 +0,0 @@
-require('fs').readdirSync(__dirname).forEach(function(f) {
-  if (f.substr(0, 5) === 'test-')
-    require('./' + f);
-});