Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix #25: propagate tls.connect options from the origin request to the proxy #26

Merged
merged 2 commits into from
May 29, 2020
Merged

fix #25: propagate tls.connect options from the origin request to the proxy #26

merged 2 commits into from
May 29, 2020

Conversation

ballinette
Copy link

@ballinette ballinette commented May 29, 2020
edited
Loading

fix #25
This adds, when creating SSL connnection, any tls.connect() option that may have been set within the original request.
see:

NB : I tried to make some unit tests for this feature, but did not find a mean to intercept tls.connect() call with the dummy proxy 😞
Any help is welcome for that

ballinette
ballinette commented May 29, 2020
View reviewed changes
src/classes/HttpsProxyAgent.js
@@ -29,8 +29,7 @@ class HttpsProxyAgent extends Agent {

socket.once('data', () => {
const secureSocket = tls.connect({
rejectUnauthorized: false,
Copy link
Author

@ballinette ballinette May 29, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note: I wonder why rejectUnauthorized was hardcoded here with false as default value.
This is quite insecure and should be true by default, and could be overridden with custom request's option if needed

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well, unfortunately there are no test cases for it & I cannot remember. Will merge it as is and see if anything breaks.

@gajus gajus merged commit aa4b60c into gajus:master May 29, 2020
gajus added a commit that referenced this pull request May 29, 2020
@gajus
docs: document presence of tls options (#26)
72795c9
@gajus
Copy link
Owner

gajus commented May 29, 2020

🎉 This PR is included in version 2.1.9 🎉

The release is available on:

Your semantic-release bot 📦🚀

@gajus gajus added the released label May 29, 2020
@ballinette ballinette deleted the ssl-client-cert branch May 31, 2020 17:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gajus gajus gajus left review comments

Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

cannot send client certificate to the endpoint while using the proxy
2 participants
@ballinette @gajus