From bae28727bd00e02601b618fe3efe720a675a3e3a Mon Sep 17 00:00:00 2001 From: Anmol Sethi Date: Fri, 30 Oct 2020 05:26:40 -0400 Subject: [PATCH] src/node/cli.ts: Add --cert-host to configure generated certificate hostname --- src/node/cli.ts | 7 ++++++- src/node/entry.ts | 2 +- src/node/util.ts | 9 +++++---- test/socket.test.ts | 2 +- 4 files changed, 13 insertions(+), 7 deletions(-) diff --git a/src/node/cli.ts b/src/node/cli.ts index 1403d8920..4ff35b445 100644 --- a/src/node/cli.ts +++ b/src/node/cli.ts @@ -26,6 +26,7 @@ export interface Args extends VsArgs { readonly auth?: AuthType readonly password?: string readonly cert?: OptionalString + readonly "cert-host"?: string readonly "cert-key"?: string readonly "disable-telemetry"?: boolean readonly help?: boolean @@ -101,7 +102,11 @@ const options: Options> = { cert: { type: OptionalString, path: true, - description: "Path to certificate. Generated if no path is provided.", + description: "Path to certificate. A self signed certificate is generated if none is provided.", + }, + "cert-host": { + type: "string", + description: "Hostname to use when generating a self signed certificate.", }, "cert-key": { type: "string", path: true, description: "Path to certificate key when using non-generated cert." }, "disable-telemetry": { type: "boolean", description: "Disable telemetry." }, diff --git a/src/node/entry.ts b/src/node/entry.ts index 3fbbb4cf1..5184c4344 100644 --- a/src/node/entry.ts +++ b/src/node/entry.ts @@ -160,7 +160,7 @@ const main = async (args: Args, configArgs: Args): Promise => { proxyDomains: args["proxy-domain"], socket: args.socket, ...(args.cert && !args.cert.value - ? await generateCertificate() + ? await generateCertificate(args["cert-host"] || "localhost") : { cert: args.cert && args.cert.value, certKey: args["cert-key"], diff --git a/src/node/util.ts b/src/node/util.ts index 20880913b..b4e175a3e 100644 --- a/src/node/util.ts +++ b/src/node/util.ts @@ -54,9 +54,9 @@ export function humanPath(p?: string): string { return p.replace(os.homedir(), "~") } -export const generateCertificate = async (): Promise<{ cert: string; certKey: string }> => { - const certPath = path.join(paths.data, "self-signed.crt") - const certKeyPath = path.join(paths.data, "self-signed.key") +export const generateCertificate = async (hostname: string): Promise<{ cert: string; certKey: string }> => { + const certPath = path.join(paths.data, `${hostname.replace(/\./g, "_")}.crt`) + const certKeyPath = path.join(paths.data, `${hostname.replace(/\./g, "_")}.key`) const checks = await Promise.all([fs.pathExists(certPath), fs.pathExists(certKeyPath)]) if (!checks[0] || !checks[1]) { @@ -67,6 +67,7 @@ export const generateCertificate = async (): Promise<{ cert: string; certKey: st pem.createCertificate( { selfSigned: true, + commonName: hostname, config: ` [req] req_extensions = v3_req @@ -76,7 +77,7 @@ extendedKeyUsage = serverAuth subjectAltName = @alt_names [alt_names] -DNS.1 = localhost +DNS.1 = ${hostname} `, }, (error, result) => { diff --git a/test/socket.test.ts b/test/socket.test.ts index 7d4de985f..b1e974ad0 100644 --- a/test/socket.test.ts +++ b/test/socket.test.ts @@ -45,7 +45,7 @@ describe("SocketProxyProvider", () => { } before(async () => { - const cert = await generateCertificate() + const cert = await generateCertificate("localhost") const options = { cert: fs.readFileSync(cert.cert), key: fs.readFileSync(cert.certKey),