Skip to content

Commit

Permalink
Skip expired certificates (microsoft/vscode#184271)
Browse files Browse the repository at this point in the history
  • Loading branch information
@chrmarti
chrmarti committed Jun 20, 2023
1 parent dcef26c commit b636553
Show file tree
Hide file tree
Showing 7 changed files with 1,060 additions and 22 deletions.
18 changes: 9 additions & 9 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@
},
"devDependencies": {
"@types/debug": "^4.1.5",
"@types/node": "^12.18.3",
"@types/node": "^16.17.1",
"typescript": "^4.2.2"
},
"scripts": {
Expand Down
20 changes: 16 additions & 4 deletions src/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,10 +11,9 @@ import * as nodeurl from 'url';
import * as os from 'os';
import * as fs from 'fs';
import * as cp from 'child_process';
import * as crypto from 'crypto';

import debug from 'debug';
import createPacProxyAgent, { PacProxyAgent } from './agent';
const SocksProxyAgent = require('socks-proxy-agent');

export enum LogLevel {
Trace,
Expand Down Expand Up @@ -495,8 +494,21 @@ async function getCaCertificates(params: ProxyAgentParams) {
if (!_caCertificates) {
_caCertificates = readCaCertificates()
.then(res => {
params.log(LogLevel.Debug, 'ProxyResolver#getCaCertificates count', res && res.certs.length);
_caCertificateValues = (res?.certs || []).concat(params.addCertificates);
const certs = (res?.certs || []).concat(params.addCertificates);
params.log(LogLevel.Debug, 'ProxyResolver#getCaCertificates count', certs.length);
const now = Date.now();
_caCertificateValues = certs
.filter(cert => {
try {
const parsedCert = new crypto.X509Certificate(cert);
const parsedDate = Date.parse(parsedCert.validTo);
return isNaN(parsedDate) || parsedDate > now;
} catch (err) {
params.log(LogLevel.Debug, 'ProxyResolver#getCaCertificates parse error', (err as any)?.message || err );
return false;
}
});
params.log(LogLevel.Debug, 'ProxyResolver#getCaCertificates count filtered', _caCertificateValues.length);
return _caCertificateValues.length > 0 ? {
certs: _caCertificateValues,
append: res?.append !== false,
Expand Down
4 changes: 2 additions & 2 deletions tests/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ services:
working_dir: /repo/tests/test-client
environment:
- MOCHA_TESTS=src/direct.test.ts src/tls.test.ts
command: npm run test:watch
command: /bin/sh -c 'rm -rf /root/.npm && npm run test:watch'
test-proxy-client:
image: node:16
links:
Expand All @@ -24,7 +24,7 @@ services:
working_dir: /repo/tests/test-client
environment:
- MOCHA_TESTS=src/proxy.test.ts
command: npm run test:watch
command: /bin/sh -c 'rm -rf /root/.npm && npm run test:watch'
test-http-proxy:
image: minimum2scp/squid:latest
links:
Expand Down
Loading

0 comments on commit b636553

Please sign in to comment.