Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pass proxy certificates to TLS query #2

Closed
wants to merge 4 commits into from
Closed

Pass proxy certificates to TLS query #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
1da292e
Add certificates to tls connection
ArturAralin Sep 10, 2020
a6dcbff
Generate new keys signed with CA
ArturAralin Sep 10, 2020
a883eba
Add tests
ArturAralin Sep 10, 2020
c19e9fb
Fix tests syntax
ArturAralin Sep 10, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 6 additions & 1 deletion src/agent.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -142,7 +142,12 @@ export default class HttpsProxyAgent extends Agent {
return tls.connect({
...omit(opts, 'host', 'hostname', 'path', 'port'),
socket,
servername
servername,
ca: proxy.ca,
key: proxy.key,
cert: proxy.cert,
pfx: proxy.pfx,
passphrase: proxy.passphrase,
});
}

Expand Down
17 changes: 17 additions & 0 deletions test/cacert.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
-----BEGIN CERTIFICATE-----
MIICqDCCAZACCQD/tHroutpJxDANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDDAtl
eGFtcGxlLmNvbTAeFw0yMDA5MTAxNDI4MDFaFw0yMTA5MTAxNDI4MDFaMBYxFDAS
BgNVBAMMC2V4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4jMI09tt4qrXTrq52JA5usuNtxwgbmhRlHU2+bjc0Vn8tO6wfS2gzs1eDVxS
R9zFHSHP91u2cbQ7yauAedwHMDg/3I8zF9zVoFITq1CZogFSV3ld1oQKIHiU2EGb
8Yp/KXr8LAaxBDiywpheFUIPdtldmaRz7XE6FFNLFhQ/RD0IFr3VSmvNmgR9pTo8
IOw5qAhvBfr0hA83AagTHKaHG1h2v24m4oOdl5kHeC7UmDwyU62J6nfDiAViJua/
N2QhuhZrQp8YXhwViGUSqaJh1UxgNgKwPXLPK26n36zbSJ9dsLisvxPFiePdnVTi
OvqWpVKNB4BBoKBwbIX97/zRSQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCMR0hv
4jKBOsLiGmwtLLuROimVWXptEbvj9u1Rnf5UX8G/b0JwbkKFAcPYh08AoBeAGVxY
8rFzFMzYUPrODpbUDhDnvUdTLWky/MAIEkr4WfffpjFdLbJy1Y8i7Y5vy3+d+SOu
8QtBi/nDlxeXnyNVDVrsIu9t3/A0rqb7WnMSCBy8WHFrM71xdwNT6cF4CHUznyNh
v0/VyUpJ7SFQoiD7vjcJjyqP6bmyfZ0gn78WkjZ9XGd/KT9Ld43FSuzN/sFtRbvq
yco0bFkaG019jSDqSKSMuVsn/BeQCckPwVHo07Wt0FoTm+Sh1YrYTTgB6kmgPZb/
VMfPp+CaE5zNKh1o
-----END CERTIFICATE-----
27 changes: 27 additions & 0 deletions test/server.key
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEArDLOvCbNLzNPjaKl95Nr5cE99MN6i7GGbq/xkNRxIPNfNJbl
KhoZjwazvzfgBLW2cMIC4tgU0+Ueln8bJ3D9zGdWAO6MWPJYyFAL6XEom/ALj3C0
KxYkx68OYn2yL2wwgikLem8RQKfCw9rNtQU77JZ8gJjuFAzll5MO8CbQyTb2IfOv
HAVdA3nnRifI3oPsNLfPnXN2p6H3J4Uk6Hgxs//qTo3ZKa/dHcA8OIiMi2zkjMSH
+K5CRtAxkPCQw+X2+XxF5Iv6lFaoGrc3aivSBEhWWaoW8LGbSoWSUEB2d2YVmRLi
uIkfzt4pA2fcC+fJO19bWcUpL0gmrwDs+IbEPwIDAQABAoIBAADrbIs4sdPUtFIP
Uk+WK/dYJtqNyLPCSPOCYQni+I+yfQms3KBy7zwCTydwRvP/fG/xuU441TOkf5tS
JnT5d4GF88GhhIJdGPhI5SdkAVGD4KvtcCjiv2OJncwM28zBCSlIytTmjvMHclTV
cE/NLVrAGv4c0viscPV0RZomuuq4LC4iUr1FzrKLdvOL3j3L4JBpWCyrFMYBGRdb
imTcofsZpxptgA0vJ2lRImnU1SoyFsMdByQkBbIoGAkz6XKO2M+RmD+J0umojwcr
r0AcakwLG69WwrSi9L9bXucU5fK13HUR/SptYlfqq8uMYlJ4YSrBxhAcAImK0fg3
HzOVkdECgYEA1dVpk9gKgnbuNjT/OWM9yOhHj6xadTk/Y6cbMUyCFMyxezgq/IZu
0IEjPcKOJCisETSOl3CbeWXWzGxKVkyKGjEkxD0oLJMy15KrFNc55K7MVxCg6J6L
5JuNjyXlNo1N6UXExVzAg0qYNfPYTxF8LXPNvZaNEpN7tuAD25lcQd0CgYEAzieZ
jyB4rmfbDfNNSYKAY3QApN6f/yymh3cssXx9itArLTMzsy1YBPP8RuW07MDsAr1N
KLpsI3HzZx7WBuwsDMC7HVnOQ2ljrZ7ukeaSivyvZVu6J3KT4OCelpVKZ7KlN1jU
hmE7nQcwN6eRG7adnGlCBbYBfVeDpqPEcWdhEssCgYEAzJSSnxUp8OoyPAB2UoRl
P0sj9AxUuyRbRk9BT+g/6AByqU3yqok/ihKTEeqKrYOQJCHhbngY94t8dzX/5RLz
ad2srGdKgWMPWHoFXjoQNH8cFwxctlHBy6UbSWJbKtcEPHM4sA5uTO5YM/4o7HTx
Fldd9s4MCEK8MRmf90CBqK0CgYEAh1peqydhtPjBTV6CTxJc429lgNoeaHbTe7vW
X03iS4Kz5oBooGrUEKR07cOhz5Q3IPFTOLt1hqwpaHpJgdAMd+8Oq42sLHyEkpj4
AFlHu/N94WmhRocm6o3v8eRhLsaPTVCIcRZkAoyWruPZFT4IK4q8a219euM7r+x0
bRS4GpMCgYEArzgQPBySX+xXEAAKBJ/kKgw7OEKy0fh5tjfMxdqxJ/jZtCYb8jdc
opKMSOXO1AQCDE+Is+GuQozwQBlQBK/3vYa7ysiQUXSf9BlEYwTkwvn0q3eT2rl4
o/IBuqNjRjhRqPe6YVSbKWATh46mNgnyO38zMSLyxKBAaQGm/5F04sc=
-----END RSA PRIVATE KEY-----
17 changes: 17 additions & 0 deletions test/server.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
-----BEGIN CERTIFICATE-----
MIICnjCCAYYCAQQwDQYJKoZIhvcNAQEFBQAwFjEUMBIGA1UEAwwLZXhhbXBsZS5j
b20wHhcNMjAwOTEwMTQyODEzWhcNMjEwOTEwMTQyODEzWjAUMRIwEAYDVQQDDAls
b2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsMs68Js0v
M0+NoqX3k2vlwT30w3qLsYZur/GQ1HEg8180luUqGhmPBrO/N+AEtbZwwgLi2BTT
5R6WfxsncP3MZ1YA7oxY8ljIUAvpcSib8AuPcLQrFiTHrw5ifbIvbDCCKQt6bxFA
p8LD2s21BTvslnyAmO4UDOWXkw7wJtDJNvYh868cBV0DeedGJ8jeg+w0t8+dc3an
ofcnhSToeDGz/+pOjdkpr90dwDw4iIyLbOSMxIf4rkJG0DGQ8JDD5fb5fEXki/qU
VqgatzdqK9IESFZZqhbwsZtKhZJQQHZ3ZhWZEuK4iR/O3ikDZ9wL58k7X1tZxSkv
SCavAOz4hsQ/AgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAGTwmuUEW9b1i3WGVSuS
GR09FIla5HkTbowsAxauMDF8TAghZJg7hihEVuH0QkpTXvYmK0gTpbMaX7rsCfQV
VBYJ9zkhiJCMOv14X9PFcwzIFY8mCMX6NKfsu5XDto8P1lTgLkjQfhZF6/0aiB35
3cc4sPM6q1Um1rv/TQn9ixIFc3tiA8n7ThW3IJwTgMeZiS+zGBdaHLq9zdb3bhW5
8KxK5tNw1vn++FSh5H1O8GwhvqjfM+vTwKBu9Y4p2cpJB1Hl1zGCMLDNECJH3ve4
C+okf25zKoCppwdQ5Z/3ZYweCXg2sguHY/4heYbT2oTAB+YEV3FXyJL9IlGS9a5+
WmQ=
-----END CERTIFICATE-----
15 changes: 0 additions & 15 deletions test/ssl-cert-snakeoil.key
View file
Open in desktop

This file was deleted.

12 changes: 0 additions & 12 deletions test/ssl-cert-snakeoil.pem
View file
Open in desktop

This file was deleted.

40 changes: 36 additions & 4 deletions test/test.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,8 +44,8 @@ describe('HttpsProxyAgent', function() {
before(function(done) {
// setup target HTTPS server
let options = {
key: fs.readFileSync(`${__dirname}/ssl-cert-snakeoil.key`),
cert: fs.readFileSync(`${__dirname}/ssl-cert-snakeoil.pem`)
key: fs.readFileSync(`${__dirname}/server.key`),
cert: fs.readFileSync(`${__dirname}/server.pem`),
};
sslServer = https.createServer(options);
sslServer.listen(function() {
Expand All @@ -57,8 +57,8 @@ describe('HttpsProxyAgent', function() {
before(function(done) {
// setup SSL HTTP proxy server
let options = {
key: fs.readFileSync(`${__dirname}/ssl-cert-snakeoil.key`),
cert: fs.readFileSync(`${__dirname}/ssl-cert-snakeoil.pem`)
key: fs.readFileSync(`${__dirname}/server.key`),
cert: fs.readFileSync(`${__dirname}/server.pem`)
};
sslProxy = Proxy(https.createServer(options));
sslProxy.listen(function() {
Expand Down Expand Up @@ -175,6 +175,38 @@ describe('HttpsProxyAgent', function() {
});
req.once('error', done);
});
it('should work over an HTTP proxy with certs', function(done) {
sslServer.once('request', function(req, res) {
res.end(JSON.stringify(req.headers));
});

let proxy =
process.env.HTTPS_PROXY ||
process.env.https_proxy ||
`http://localhost:${proxyPort}`;
proxy = url.parse(proxy);
proxy.rejectUnauthorized = false;

let agent = new HttpsProxyAgent(Object.assign({}, proxy, {
ca: fs.readFileSync(`${__dirname}/cacert.pem`)
}));

let opts = url.parse(`https://localhost:${sslServerPort}`);
opts.agent = agent;

https.get(opts, function(res) {
let data = '';
res.setEncoding('utf8');
res.on('data', function(b) {
data += b;
});
res.on('end', function() {
data = JSON.parse(data);
assert.equal(`localhost:${sslServerPort}`, data.host);
done();
});
});
});
it('should work over an HTTPS proxy', function(done) {
server.once('request', function(req, res) {
res.end(JSON.stringify(req.headers));
Expand Down