Merge branch master into code-asher/ch1385

2020-11-12 11:52:02 -06:00
parent 5499a3d125 da6000b96f
commit e1702a1d21
21 changed files with 317 additions and 184 deletions
--- a/src/node/cli.ts
+++ b/src/node/cli.ts
@ -30,6 +30,7 @@ export interface Args extends VsArgs {
  auth?: AuthType
  password?: string
  cert?: OptionalString
+  "cert-host"?: string
  "cert-key"?: string
  "disable-telemetry"?: boolean
  help?: boolean
@ -105,7 +106,11 @@ const options: Options<Required<Args>> = {
  cert: {
    type: OptionalString,
    path: true,
-    description: "Path to certificate. Generated if no path is provided.",
+    description: "Path to certificate. A self signed certificate is generated if none is provided.",
+  },
+  "cert-host": {
+    type: "string",
+    description: "Hostname to use when generating a self signed certificate.",
  },
  "cert-key": { type: "string", path: true, description: "Path to certificate key when using non-generated cert." },
  "disable-telemetry": { type: "boolean", description: "Disable telemetry." },
@ -429,7 +434,7 @@ export async function setDefaults(cliArgs: Args, configArgs?: ConfigArgs): Promi
  }

  if (args.cert && !args.cert.value) {
-    const { cert, certKey } = await generateCertificate()
+    const { cert, certKey } = await generateCertificate(args["cert-host"] || "localhost")
    args.cert = {
      value: cert,
    }
--- a/src/node/entry.ts
+++ b/src/node/entry.ts
@ -121,11 +121,7 @@ const main = async (args: DefaultedArgs): Promise<void> => {
  }

  if (args.cert) {
-    logger.info(
-      args.cert && args.cert.value
-        ? `  - Using provided certificate and key for HTTPS`
-        : `  - Using generated certificate and key for HTTPS`,
-    )
+    logger.info("  - Using certificate for HTTPS: ${humanPath(args.cert.value)}")
  } else {
    logger.info("  - Not serving HTTPS")
  }
--- a/src/node/util.ts
+++ b/src/node/util.ts
@ -54,25 +54,45 @@ export function humanPath(p?: string): string {
  return p.replace(os.homedir(), "~")
 }

-export const generateCertificate = async (): Promise<{ cert: string; certKey: string }> => {
-  const paths = {
-    cert: path.join(tmpdir, "self-signed.cert"),
-    certKey: path.join(tmpdir, "self-signed.key"),
-  }
-  const checks = await Promise.all([fs.pathExists(paths.cert), fs.pathExists(paths.certKey)])
+export const generateCertificate = async (hostname: string): Promise<{ cert: string; certKey: string }> => {
+  const certPath = path.join(paths.data, `${hostname.replace(/\./g, "_")}.crt`)
+  const certKeyPath = path.join(paths.data, `${hostname.replace(/\./g, "_")}.key`)
+
+  const checks = await Promise.all([fs.pathExists(certPath), fs.pathExists(certKeyPath)])
  if (!checks[0] || !checks[1]) {
    // Require on demand so openssl isn't required if you aren't going to
    // generate certificates.
    const pem = require("pem") as typeof import("pem")
    const certs = await new Promise<import("pem").CertificateCreationResult>((resolve, reject): void => {
-      pem.createCertificate({ selfSigned: true }, (error, result) => {
-        return error ? reject(error) : resolve(result)
-      })
+      pem.createCertificate(
+        {
+          selfSigned: true,
+          commonName: hostname,
+          config: `
+[req]
+req_extensions = v3_req
+
+[ v3_req ]
+basicConstraints = CA:true
+extendedKeyUsage = serverAuth
+subjectAltName = @alt_names
+
+[alt_names]
+DNS.1 = ${hostname}
+`,
+        },
+        (error, result) => {
+          return error ? reject(error) : resolve(result)
+        },
+      )
    })
-    await fs.mkdirp(tmpdir)
-    await Promise.all([fs.writeFile(paths.cert, certs.certificate), fs.writeFile(paths.certKey, certs.serviceKey)])
+    await fs.mkdirp(paths.data)
+    await Promise.all([fs.writeFile(certPath, certs.certificate), fs.writeFile(certKeyPath, certs.serviceKey)])
+  }
+  return {
+    cert: certPath,
+    certKey: certKeyPath,
  }
-  return paths
 }

 export const generatePassword = async (length = 24): Promise<string> => {
--- a/src/node/vscode.ts
+++ b/src/node/vscode.ts
@ -144,7 +144,7 @@ export class VscodeProvider {
      }

      proc.on("message", (message: ipc.VscodeMessage) => {
-        logger.debug("got message from vscode", field("message", message))
+        logger.trace("got message from vscode", field("message", message))
        if (fn(message)) {
          cleanup()
          resolve(message)
--- a/src/node/wsRouter.ts
+++ b/src/node/wsRouter.ts
@ -5,6 +5,8 @@ import * as net from "net"

 export const handleUpgrade = (app: express.Express, server: http.Server): void => {
  server.on("upgrade", (req, socket, head) => {
+    socket.pause()
+
    req.ws = socket
    req.head = head
    req._ws_handled = false