From 65daa23a748ecb909d73519ecea86768ea7453b1 Mon Sep 17 00:00:00 2001
From: Julien Fontanet <julien.fontanet@isonoe.net>
Date: Tue, 19 May 2015 12:27:02 +0200
Subject: [PATCH] Do not set rejectUnauthorized by default in wsProxy.

---
 src/index.js    |  4 +++-
 src/ws-proxy.js | 37 ++++++++++++++++---------------------
 2 files changed, 19 insertions(+), 22 deletions(-)

diff --git a/src/index.js b/src/index.js
index 0cb3fe33d..6cd75fc4e 100644
--- a/src/index.js
+++ b/src/index.js
@@ -324,7 +324,9 @@ const setUpConsoleProxy = (webServer, xo) => {
 
     // FIXME: lost connection due to VM restart is not detected.
     webSocketServer.handleUpgrade(req, socket, head, connection => {
-      wsProxy(connection, url)
+      wsProxy(connection, url, {
+        rejectUnauthorized: false
+      })
     })
   })
 }
diff --git a/src/ws-proxy.js b/src/ws-proxy.js
index 046a0cca0..9610830d7 100644
--- a/src/ws-proxy.js
+++ b/src/ws-proxy.js
@@ -6,46 +6,41 @@ const debug = createDebug('xo:wsProxy')
 
 const defaults = {
   // Automatically close the client connection when the remote close.
-  autoClose: true,
-
-  // Reject secure connections to unauthorized remotes (bad CA).
-  rejectUnauthorized: false
+  autoClose: true
 }
 
 // Proxy a WebSocket `client` to a remote server which has `url` as
 // address.
 export default function wsProxy (client, url, opts) {
   opts = assign({}, defaults, opts)
+  const autoClose = !!opts.autoClose
+  delete opts.autoClose
 
-  const remote = new WebSocket(url, {
-    protocol: opts.protocol || client.protocol,
-    rejectUnauthorized: opts.rejectUnauthorized
-  }).once('open', function () {
-    debug('connected to', url)
+  function onClientSendError (error) {
+    debug('client send error', error)
+  }
+  function onRemoteSendError (error) {
+    debug('remote send error', error)
+  }
+
+  const remote = new WebSocket(url, opts).once('open', function () {
+    debug('connected to %s', url)
   }).once('close', function () {
     debug('remote closed')
 
-    if (opts.autoClose) {
+    if (autoClose) {
       client.close()
     }
   }).once('error', function (error) {
-    debug('remote error', error)
+    debug('remote error: %s', error)
   }).on('message', function (message) {
-    client.send(message, function (error) {
-      if (error) {
-        debug('client send error', error)
-      }
-    })
+    client.send(message, onClientSendError)
   })
 
   client.once('close', function () {
     debug('client closed')
     remote.close()
   }).on('message', function (message) {
-    remote.send(message, function (error) {
-      if (error) {
-        debug('remote send error', error)
-      }
-    })
+    remote.send(message, onRemoteSendError)
   })
 }