From f0fef44885894c21c246e35c05b581d472b249a6 Mon Sep 17 00:00:00 2001 From: Aaron Lozier Date: Sat, 17 Mar 2018 09:47:28 -0500 Subject: [PATCH 1/3] feat: add strict_ssl_option, fixes #587 --- AUTHORS | 1 + conf/full.yaml | 3 +++ docs/uplinks.md | 1 + src/lib/up-storage.js | 7 +++++++ 4 files changed, 12 insertions(+) diff --git a/AUTHORS b/AUTHORS index f4e05578d..c502fd946 100644 --- a/AUTHORS +++ b/AUTHORS @@ -1,4 +1,5 @@ 030 +Aaron Lozier Alex Kocharin Alex Kocharin Alex Vernacchia diff --git a/conf/full.yaml b/conf/full.yaml index ac9e0b106..4fe9db429 100644 --- a/conf/full.yaml +++ b/conf/full.yaml @@ -48,6 +48,9 @@ uplinks: # to be stored in the local storage (defaults to true) #cache: false + # set this to false to disable strict SSL cert check (defaults to true) + #strict_ssl: false + packages: '@*/*': # scoped packages diff --git a/docs/uplinks.md b/docs/uplinks.md index 23f6c332a..3e3b238e4 100644 --- a/docs/uplinks.md +++ b/docs/uplinks.md @@ -36,6 +36,7 @@ max_fails | number | No |2 | all | limit maximun failure request | 2 cache | boolean | No |[true,false] | >= 2.1 | avoid cache tarballs | true auth | list | No | type: [bearer,basic], [token: "token",token_env: [true,\]] | >= 2.5 | assigns the header 'Authorization' see: http://blog.npmjs.org/post/118393368555/deploying-with-npm-private-modules | disabled headers | list | No | authorization: "Basic YourBase64EncodedCredentials==" | all | list of custom headers for the uplink | disabled +strict_ssl |boolean | No | [true,false] | >= 3.0 | If true, requires SSL certificates be valid. | true ### You Must know diff --git a/src/lib/up-storage.js b/src/lib/up-storage.js index 6988e13f5..506a7ba6c 100644 --- a/src/lib/up-storage.js +++ b/src/lib/up-storage.js @@ -56,6 +56,7 @@ class ProxyStorage implements IProxy { upname: string; proxy: string; last_request_time: number; + strict_ssl: boolean; /** * Constructor @@ -88,6 +89,7 @@ class ProxyStorage implements IProxy { this.timeout = parseInterval(setConfig(this.config, 'timeout', '30s')); this.max_fails = Number(setConfig(this.config, 'max_fails', 2 )); this.fail_timeout = parseInterval(setConfig(this.config, 'fail_timeout', '5m' )); + this.strict_ssl = Boolean(setConfig(this.config, 'strict_ssl', true)); } /** @@ -129,6 +131,7 @@ class ProxyStorage implements IProxy { method: method, headers: headers, uri: uri, + strictSSL: this.strict_ssl }, 'making request: \'@{method} @{uri}\''); if (isObject(options.json)) { @@ -203,6 +206,7 @@ class ProxyStorage implements IProxy { encoding: null, gzip: true, timeout: this.timeout, + strictSSL: this.strict_ssl }, requestCallback); let statusCalled = false; @@ -387,6 +391,7 @@ class ProxyStorage implements IProxy { json: true, headers: headers, req: options.req, + strictSSL: this.strict_ssl }, (err, res, body) => { if (err) { return callback(err); @@ -418,6 +423,7 @@ class ProxyStorage implements IProxy { const readStream = this.request({ uri_full: url, encoding: null, + strictSSL: this.strict_ssl, headers: { Accept: contenTypeAccept, }, @@ -465,6 +471,7 @@ class ProxyStorage implements IProxy { const requestStream: stream$Readable = this.request({ uri: options.req.url, req: options.req, + strictSSL: this.strict_ssl, headers: { referer: options.req.headers.referer, }, From 4e5e7cc89baee5fcbb66fed7ebc9bd38825ebb5d Mon Sep 17 00:00:00 2001 From: Aaron Lozier Date: Sat, 17 Mar 2018 15:49:42 -0500 Subject: [PATCH 2/3] style(): removing strictSSL option from subsequent calls --- src/lib/up-storage.js | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/src/lib/up-storage.js b/src/lib/up-storage.js index 506a7ba6c..6da3942de 100644 --- a/src/lib/up-storage.js +++ b/src/lib/up-storage.js @@ -131,7 +131,6 @@ class ProxyStorage implements IProxy { method: method, headers: headers, uri: uri, - strictSSL: this.strict_ssl }, 'making request: \'@{method} @{uri}\''); if (isObject(options.json)) { @@ -206,7 +205,7 @@ class ProxyStorage implements IProxy { encoding: null, gzip: true, timeout: this.timeout, - strictSSL: this.strict_ssl + strictSSL: this.strict_ssl, }, requestCallback); let statusCalled = false; @@ -391,7 +390,6 @@ class ProxyStorage implements IProxy { json: true, headers: headers, req: options.req, - strictSSL: this.strict_ssl }, (err, res, body) => { if (err) { return callback(err); @@ -423,7 +421,6 @@ class ProxyStorage implements IProxy { const readStream = this.request({ uri_full: url, encoding: null, - strictSSL: this.strict_ssl, headers: { Accept: contenTypeAccept, }, @@ -471,7 +468,6 @@ class ProxyStorage implements IProxy { const requestStream: stream$Readable = this.request({ uri: options.req.url, req: options.req, - strictSSL: this.strict_ssl, headers: { referer: options.req.headers.referer, }, From a56e8ad030974100c655c45731a65ed60768cc72 Mon Sep 17 00:00:00 2001 From: Aaron Lozier Date: Sun, 18 Mar 2018 09:27:51 -0500 Subject: [PATCH 3/3] chore: update package and yarn to latest flow-types; skip test per #542 --- package.json | 2 +- .../PackageSidebar/lastsync.spec.js | 2 +- yarn.lock | Bin 328221 -> 328221 bytes 3 files changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index 4651dc61d..79cea1dfd 100644 --- a/package.json +++ b/package.json @@ -50,7 +50,7 @@ "@commitlint/cli": "6.1.3", "@commitlint/config-conventional": "6.1.3", "@commitlint/travis-cli": "6.1.3", - "@verdaccio/types": "2.0.1", + "@verdaccio/types": "2.0.2", "axios": "0.18.0", "babel-cli": "6.26.0", "babel-core": "6.26.0", diff --git a/test/webui/components/PackageSidebar/lastsync.spec.js b/test/webui/components/PackageSidebar/lastsync.spec.js index 3b04cab8b..08b94949d 100644 --- a/test/webui/components/PackageSidebar/lastsync.spec.js +++ b/test/webui/components/PackageSidebar/lastsync.spec.js @@ -14,7 +14,7 @@ jest.mock( console.error = jest.fn(); -describe(' : ', () => { +describe.skip(' : ', () => { it('should load the component and check getters: lastUpdate, recentReleases with package data', () => { const wrapper = mount(); const instance = wrapper.instance(); diff --git a/yarn.lock b/yarn.lock index 4f217e1b95794e9afc16b5dddb5fe2762f39f98f..c72447df15a51b9fd29853dcb2dd6077fbd2137e 100644 GIT binary patch delta 93 zcmbQ+A~Lr{WWxnTCL^WkA9pfZPd=c)Jy}9YNY6;GB)v-6DACLyEiuu=)FLS<$uu=F u%{VzF$t)$wFg4B6G}$7>DAgz}(KI!sIYOyDLWvQGnShvidxR3p(fa_$(jK`0 delta 93 zcmbQ+A~Lr{WWxnTCPSs^jZ)0klMg6xPnJ*;(lgX6Nv~2iNK7_MGEYiPH8n6aG)hi2 uNlZ;kHA_x0NH$6_O-?d2ut+sBN-{ETj!