Support IPv6 for bolt addresses

This commit makes driver use previously introduced parser that supports
host names, IPv4 and IPv6 addresses. Previously used regex-based parsing
is now removed. Driver is now able to connect to IPv6 addresses and
supports resolution of host names to IPv6 addresses. Routing procedure
responses can now safely contain IPv6 as well.

Bolt URL with IPv6 always requires address in square brackets like:
`bolt://[ff02::2:ff00:0]` or `bolt+routing://[ff02::2:ff00:0]:8080`.

Renamed `url.js` to `url-util.js` and it's functions to better
represent what they do.

Author: lutovich

src/v1/index.js

@@ -26,7 +26,8 @@ import Record from './record';
 import {Driver, READ, WRITE} from './driver';
 import RoutingDriver from './routing-driver';
 import VERSION from '../version';
-import {assertString, isEmptyObjectOrNull, parseRoutingContext, parseScheme, parseUrl} from './internal/util';
+import {assertString, isEmptyObjectOrNull} from './internal/util';
+import urlUtil from './internal/url-util';
 
 /**
  * @property {function(username: string, password: string, realm: ?string)} basic the function to create a
@@ -165,17 +166,16 @@ const USER_AGENT = "neo4j-javascript/" + VERSION;
  */
 function driver(url, authToken, config = {}) {
   assertString(url, 'Bolt URL');
-  const scheme = parseScheme(url);
-  const routingContext = parseRoutingContext(url);
-  if (scheme === 'bolt+routing://') {
-    return new RoutingDriver(parseUrl(url), routingContext, USER_AGENT, authToken, config);
-  } else if (scheme === 'bolt://') {
-    if (!isEmptyObjectOrNull(routingContext)) {
+  const parsedUrl = urlUtil.parseBoltUrl(url);
+  if (parsedUrl.scheme === 'bolt+routing') {
+    return new RoutingDriver(parsedUrl.hostAndPort, parsedUrl.query, USER_AGENT, authToken, config);
+  } else if (parsedUrl.scheme === 'bolt') {
+    if (!isEmptyObjectOrNull(parsedUrl.query)) {
       throw new Error(`Parameters are not supported with scheme 'bolt'. Given URL: '${url}'`);
     }
-    return new Driver(parseUrl(url), USER_AGENT, authToken, config);
+    return new Driver(parsedUrl.hostAndPort, USER_AGENT, authToken, config);
   } else {
-    throw new Error(`Unknown scheme: ${scheme}`);
+    throw new Error(`Unknown scheme: ${parsedUrl.scheme}`);
   }
 }
 

src/v1/internal/ch-config.js

@@ -22,11 +22,18 @@ import {SERVICE_UNAVAILABLE} from '../error';
 
 const DEFAULT_CONNECTION_TIMEOUT_MILLIS = 5000; // 5 seconds by default
 
+export const DEFAULT_PORT = 7687;
+
 export default class ChannelConfig {
 
-  constructor(host, port, driverConfig, connectionErrorCode) {
-    this.host = host;
-    this.port = port;
+  /**
+   * @constructor
+   * @param {Url} url the URL for the channel to connect to.
+   * @param {object} driverConfig the driver config provided by the user when driver is created.
+   * @param {string} connectionErrorCode the default error code to use on connection errors.
+   */
+  constructor(url, driverConfig, connectionErrorCode) {
+    this.url = url;
     this.encrypted = extractEncrypted(driverConfig);
     this.trust = extractTrust(driverConfig);
     this.trustedCertificates = extractTrustedCertificates(driverConfig);

src/v1/internal/ch-node.js

@@ -130,7 +130,7 @@ const TrustStrategy = {
       rejectUnauthorized: false
     };
 
-    let socket = tls.connect(config.port, config.host, tlsOpts, function () {
+    let socket = tls.connect(config.url.port, config.url.host, tlsOpts, function () {
       if (!socket.authorized) {
         onFailure(newError("Server certificate is not trusted. If you trust the database you are connecting to, add" +
           " the signing certificate, or the server certificate, to the list of certificates trusted by this driver" +
@@ -152,7 +152,7 @@ const TrustStrategy = {
       // a more helpful error to the user
       rejectUnauthorized: false
     };
-    let socket = tls.connect(config.port, config.host, tlsOpts, function () {
+    let socket = tls.connect(config.url.port, config.url.host, tlsOpts, function () {
       if (!socket.authorized) {
         onFailure(newError("Server certificate is not trusted. If you trust the database you are connecting to, use " +
           "TRUST_CUSTOM_CA_SIGNED_CERTIFICATES and add" +
@@ -180,7 +180,7 @@ const TrustStrategy = {
       rejectUnauthorized: false
     };
 
-    let socket = tls.connect(config.port, config.host, tlsOpts, function () {
+    let socket = tls.connect(config.url.port, config.url.host, tlsOpts, function () {
       var serverCert = socket.getPeerCertificate(/*raw=*/true);
 
       if( !serverCert.raw ) {
@@ -197,7 +197,7 @@ const TrustStrategy = {
 
       const serverFingerprint = require('crypto').createHash('sha512').update(serverCert.raw).digest("hex");
       const knownHostsPath = config.knownHostsPath || path.join(userHome(), ".neo4j", "known_hosts");
-      const serverId = config.host + ":" + config.port;
+      const serverId = config.url.hostAndPort;
 
       loadFingerprint(serverId, knownHostsPath, (knownFingerprint) => {
         if( knownFingerprint === serverFingerprint ) {
@@ -232,7 +232,7 @@ const TrustStrategy = {
     const tlsOpts = {
       rejectUnauthorized: false
     };
-    const socket = tls.connect(config.port, config.host, tlsOpts, function () {
+    const socket = tls.connect(config.url.port, config.url.host, tlsOpts, function () {
       const certificate = socket.getPeerCertificate();
       if (isEmptyObjectOrNull(certificate)) {
         onFailure(newError("Secure connection was successful but server did not return any valid " +
@@ -259,7 +259,7 @@ const TrustStrategy = {
 function connect( config, onSuccess, onFailure=(()=>null) ) {
   //still allow boolean for backwards compatibility
   if (config.encrypted === false || config.encrypted === ENCRYPTION_OFF) {
-    var conn = net.connect(config.port, config.host, onSuccess);
+    var conn = net.connect(config.url.port, config.url.host, onSuccess);
     conn.on('error', onFailure);
     return conn;
   } else if( TrustStrategy[config.trust]) {

src/v1/internal/ch-websocket.js

@@ -52,7 +52,7 @@ class WebSocketChannel {
         return;
       }
     }
-    this._url = scheme + '://' + config.host + ':' + config.port;
+    this._url = scheme + '://' + config.url.hostAndPort;
     this._ws = new WebSocket(this._url);
     this._ws.binaryType = "arraybuffer";
 

src/v1/internal/connector.js

@@ -25,7 +25,7 @@ import {alloc} from './buf';
 import {Node, Path, PathSegment, Relationship, UnboundRelationship} from '../graph-types';
 import {newError} from './../error';
 import ChannelConfig from './ch-config';
-import {parseHost, parsePort} from './util';
+import urlUtil from './url-util';
 import StreamObserver from './stream-observer';
 import {ServerVersion, VERSION_3_2_0} from './server-version';
 
@@ -586,12 +586,9 @@ class ConnectionState {
  */
 function connect(url, config = {}, connectionErrorCode = null) {
   const Ch = config.channel || Channel;
-  const host = parseHost(url);
-  const port = parsePort(url) || 7687;
-  const completeUrl = host + ':' + port;
-  const channelConfig = new ChannelConfig(host, port, config, connectionErrorCode);
-
-  return new Connection( new Ch(channelConfig), completeUrl);
+  const parsedUrl = urlUtil.parseBoltUrl(url);
+  const channelConfig = new ChannelConfig(parsedUrl, config, connectionErrorCode);
+  return new Connection(new Ch(channelConfig), parsedUrl.hostAndPort);
 }
 
 export {

src/v1/internal/host-name-resolvers.js

@@ -17,7 +17,7 @@
  * limitations under the License.
  */
 
-import {parseHost, parsePort} from './util';
+import urlUtil from './url-util';
 
 class HostNameResolver {
 
@@ -41,15 +41,14 @@ export class DnsHostNameResolver extends HostNameResolver {
   }
 
   resolve(seedRouter) {
-    const seedRouterHost = parseHost(seedRouter);
-    const seedRouterPort = parsePort(seedRouter);
+    const parsedAddress = urlUtil.parseBoltUrl(seedRouter);
 
     return new Promise((resolve) => {
-      this._dns.lookup(seedRouterHost, {all: true}, (error, addresses) => {
+      this._dns.lookup(parsedAddress.host, {all: true}, (error, addresses) => {
         if (error) {
           resolve(resolveToItself(seedRouter));
         } else {
-          const addressesWithPorts = addresses.map(address => addressWithPort(address, seedRouterPort));
+          const addressesWithPorts = addresses.map(address => addressWithPort(address, parsedAddress.port));
           resolve(addressesWithPorts);
         }
       });
@@ -63,8 +62,11 @@ function resolveToItself(address) {
 
 function addressWithPort(addressObject, port) {
   const address = addressObject.address;
-  if (port) {
-    return address + ':' + port;
+  const addressFamily = addressObject.family;
+
+  if (!port) {
+    return address;
   }
-  return address;
+
+  return addressFamily === 6 ? urlUtil.formatIPv6Address(address, port) : urlUtil.formatIPv4Address(address, port);
 }

src/v1/internal/routing-util.js

@@ -47,8 +47,9 @@ export default class RoutingUtil {
     }).catch(error => {
       if (error.code === PROCEDURE_NOT_FOUND_CODE) {
         // throw when getServers procedure not found because this is clearly a configuration issue
-        throw newError('Server ' + routerAddress + ' could not perform routing. ' +
-          'Make sure you are connecting to a causal cluster', SERVICE_UNAVAILABLE);
+        throw newError(
+          `Server at ${routerAddress} can't perform routing. Make sure you are connecting to a causal cluster`,
+          SERVICE_UNAVAILABLE);
       } else if (error.code === UNAUTHORIZED_CODE) {
         // auth error is a sign of a configuration issue, rediscovery should not proceed
         throw error;

src/v1/internal/url.js renamed to src/v1/internal/url-util.js

@@ -18,52 +18,64 @@
  */
 
 import ParsedUrl from 'url-parse';
+import {assertString} from './util';
+import {DEFAULT_PORT} from './ch-config';
 
-class Url {
+export class Url {
 
-  constructor(scheme, host, port, query) {
+  constructor(scheme, host, port, hostAndPort, query) {
     /**
      * Nullable scheme (protocol) of the URL.
+     * Example: 'bolt', 'bolt+routing', 'http', 'https', etc.
      * @type {string}
      */
     this.scheme = scheme;
 
     /**
-     * Nonnull host name or IP address. IPv6 always wrapped in square brackets.
+     * Nonnull host name or IP address. IPv6 not wrapped in square brackets.
+     * Example: 'neo4j.com', 'localhost', '127.0.0.1', '192.168.10.15', '::1', '2001:4860:4860::8844', etc.
      * @type {string}
      */
     this.host = host;
 
     /**
-     * Nullable number representing port.
+     * Nonnull number representing port. Default port {@link DEFAULT_PORT} value is used if given URL string
+     * does not contain port. Example: 7687, 12000, etc.
      * @type {number}
      */
     this.port = port;
 
     /**
-     * Nonnull host name or IP address plus port, separated by ':'.
+     * Nonnull host name or IP address plus port, separated by ':'. IPv6 wrapped in square brackets.
+     * Example: 'neo4j.com', 'neo4j.com:7687', '127.0.0.1', '127.0.0.1:8080', '[2001:4860:4860::8844]',
+     * '[2001:4860:4860::8844]:9090', etc.
      * @type {string}
      */
-    this.hostAndPort = port ? `${host}:${port}` : host;
+    this.hostAndPort = hostAndPort;
 
     /**
      * Nonnull object representing parsed query string key-value pairs. Duplicated keys not supported.
+     * Example: '{}', '{'key1': 'value1', 'key2': 'value2'}', etc.
      * @type {object}
      */
     this.query = query;
   }
 }
 
-function parse(url) {
+function parseBoltUrl(url) {
+  assertString(url, 'URL');
+
   const sanitized = sanitizeUrl(url);
   const parsedUrl = new ParsedUrl(sanitized.url, {}, query => extractQuery(query, url));
 
   const scheme = sanitized.schemeMissing ? null : extractScheme(parsedUrl.protocol);
-  const host = extractHost(parsedUrl.hostname);
+  const rawHost = extractHost(parsedUrl.hostname); // has square brackets for IPv6
+  const host = unescapeIPv6Address(rawHost); // no square brackets for IPv6
   const port = extractPort(parsedUrl.port);
+  const hostAndPort = port ? `${rawHost}:${port}` : rawHost;
   const query = parsedUrl.query;
 
-  return new Url(scheme, host, port, query);
+  return new Url(scheme, host, port, hostAndPort, query);
 }
 
 function sanitizeUrl(url) {
@@ -97,7 +109,7 @@ function extractHost(host, url) {
 
 function extractPort(portString) {
   const port = parseInt(portString, 10);
-  return port ? port : null;
+  return (port === 0 || port) ? port : DEFAULT_PORT;
 }
 
 function extractQuery(queryString, url) {
@@ -141,6 +153,43 @@ function trimAndVerifyQueryElement(element, name, url) {
   return element;
 }
 
+function escapeIPv6Address(address) {
+  const startsWithSquareBracket = address.charAt(0) === '[';
+  const endsWithSquareBracket = address.charAt(address.length - 1) === ']';
+
+  if (!startsWithSquareBracket && !endsWithSquareBracket) {
+    return `[${address}]`;
+  } else if (startsWithSquareBracket && endsWithSquareBracket) {
+    return address;
+  } else {
+    throw new Error(`Illegal IPv6 address ${address}`);
+  }
+}
+
+function unescapeIPv6Address(address) {
+  const startsWithSquareBracket = address.charAt(0) === '[';
+  const endsWithSquareBracket = address.charAt(address.length - 1) === ']';
+
+  if (!startsWithSquareBracket && !endsWithSquareBracket) {
+    return address;
+  } else if (startsWithSquareBracket && endsWithSquareBracket) {
+    return address.substring(1, address.length - 1);
+  } else {
+    throw new Error(`Illegal IPv6 address ${address}`);
+  }
+}
+
+function formatIPv4Address(address, port) {
+  return `${address}:${port}`;
+}
+
+function formatIPv6Address(address, port) {
+  const escapedAddress = escapeIPv6Address(address);
+  return `${escapedAddress}:${port}`;
+}
+
 export default {
-  parse: parse
+  parseBoltUrl: parseBoltUrl,
+  formatIPv4Address: formatIPv4Address,
+  formatIPv6Address: formatIPv6Address
 };