Skip to content

Commit

Permalink
fix: do not reject unauthorized by default (#25)
Browse files Browse the repository at this point in the history
  • Loading branch information
gajus committed Jun 1, 2020
1 parent 9e51756 commit 11e2de5
Showing 1 changed file with 13 additions and 1 deletion.
14 changes: 13 additions & 1 deletion src/classes/Agent.js
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,9 @@
import {
serializeError,
} from 'serialize-error';
import {
boolean,
} from 'boolean';
import Logger from '../Logger';
import type {
AgentType,
Expand Down Expand Up @@ -143,12 +146,21 @@ class Agent {
key: configuration.key,
passphrase: configuration.passphrase,
pfx: configuration.pfx,
rejectUnauthorized: configuration.rejectUnauthorized || false,
rejectUnauthorized: configuration.rejectUnauthorized,
secureOptions: configuration.secureOptions,
secureProtocol: configuration.secureProtocol,
servername: configuration.servername || connectionConfiguration.host,
sessionIdContext: configuration.sessionIdContext,
};

// This is not ideal because there is no way to override this setting using `tls` configuration if `NODE_TLS_REJECT_UNAUTHORIZED=0`.
// However, popular HTTP clients (such as https://github.com/sindresorhus/got) come with pre-configured value for `rejectUnauthorized`,
// which makes it impossible to override that value globally and respect `rejectUnauthorized` for specific requests only.
//
// eslint-disable-next-line no-process-env
if (typeof process.env.NODE_TLS_REJECT_UNAUTHORIZED === 'string' && boolean(process.env.NODE_TLS_REJECT_UNAUTHORIZED) === false) {
connectionConfiguration.tls = false;
}
}

// $FlowFixMe It appears that Flow is missing the method description.
Expand Down

0 comments on commit 11e2de5

Please sign in to comment.