Skip to content

Commit

Permalink
chore(#586): allow self signed certs by default for localhost-like hosts
Browse files Browse the repository at this point in the history
  • Loading branch information
dianabarsan authored Nov 15, 2023
1 parent cc56b48 commit 0a10a41
Show file tree
Hide file tree
Showing 4 changed files with 63 additions and 24 deletions.
2 changes: 1 addition & 1 deletion src/lib/environment.js
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ const initialize = (
}

Object.assign(state, {
apiUrl,
apiUrl: apiUrl.toString(),
archiveDestination,
extraArgs,
initialized: true,
Expand Down
16 changes: 14 additions & 2 deletions src/lib/get-api-url.js
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,16 @@ const getApiUrl = (cmdArgs, env = {}) => {
instanceUrl = new url.URL(cmdArgs.url);
}

return `${instanceUrl.href}medic`;
instanceUrl.pathname = `${instanceUrl.pathname}medic`;
return instanceUrl;
};

const isLocalhost = (apiUrl) => {
if (!apiUrl) {
return false;
}
const localhosts = [/^localhost$/, /^127\.0\.0\.\d+$/];
return !!localhosts.find(localhost => localhost.test(apiUrl.hostname));
};

const parseLocalUrl = (couchUrl) => {
Expand All @@ -56,4 +65,7 @@ const parseLocalUrl = (couchUrl) => {
return new url.URL('http://admin:pass@localhost:5988');
};

module.exports = getApiUrl;
module.exports = {
getApiUrl,
isLocalhost,
};
10 changes: 5 additions & 5 deletions src/lib/main.js
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ const checkForUpdates = require('../lib/check-for-updates');
const checkChtConfDependencyVersion = require('../lib/check-cht-conf-dependency-version');
const environment = require('./environment');
const fs = require('../lib/sync-fs');
const getApiUrl = require('../lib/get-api-url');
const { getApiUrl, isLocalhost } = require('../lib/get-api-url');
const log = require('../lib/log');
const userPrompt = require('../lib/user-prompt');
const redactBasicAuth = require('redact-basic-auth');
Expand Down Expand Up @@ -110,10 +110,6 @@ module.exports = async (argv, env) => {
throw new Error('--destination=<path to save files> is required with --archive.');
}

if (cmdArgs['accept-self-signed-certs']) {
process.env.NODE_TLS_REJECT_UNAUTHORIZED = 0;
}

//
// Logging
//
Expand Down Expand Up @@ -147,6 +143,10 @@ module.exports = async (argv, env) => {
const requiresInstance = actions.some(action => action.requiresInstance);
const apiUrl = requiresInstance && getApiUrl(cmdArgs, env);

if (cmdArgs['accept-self-signed-certs'] || isLocalhost(apiUrl)) {
process.env.NODE_TLS_REJECT_UNAUTHORIZED = 0;
}

let extraArgs = cmdArgs['--'];
if (!extraArgs.length) {
extraArgs = undefined;
Expand Down
59 changes: 43 additions & 16 deletions test/lib/get-api-url.spec.js
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
const sinon = require('sinon');
const rewire = require('rewire');
const { expect } = require('chai');
const url = require('url');

const getApiUrl = rewire('../../src/lib/get-api-url');
const apiUrlLib = rewire('../../src/lib/get-api-url');
const userPrompt = rewire('../../src/lib/user-prompt');

describe('get-api-url', () => {
Expand All @@ -13,59 +14,59 @@ describe('get-api-url', () => {
keyInYN: sinon.stub().throws('unexpected'),
};
userPrompt.__set__('readline', readline);
getApiUrl.__set__('userPrompt', userPrompt);
apiUrlLib.__set__('userPrompt', userPrompt);
});

it('multiple destinations yields error', () => {
const actual = () => getApiUrl({ local: true, instance: 'demo' });
const actual = () => apiUrlLib.getApiUrl({ local: true, instance: 'demo' });
expect(actual).to.throw('One of these');
});

it('no destination yields error', () => {
const actual = () => getApiUrl({});
const actual = () => apiUrlLib.getApiUrl({});
expect(actual).to.throw('One of these');
});

describe('--local', () => {
it('no environment variable has a default', () => {
const actual = getApiUrl({ local: true });
expect(actual).to.eq('http://admin:pass@localhost:5988/medic');
const actual = apiUrlLib.getApiUrl({ local: true });
expect(actual).to.deep.equal(new url.URL('http://admin:pass@localhost:5988/medic'));
});

it('use environment variable', () => {
const actual = getApiUrl({ local: true }, { COUCH_URL: 'http://user:pwd@localhost:5984/db' });
expect(actual).to.eq('http://user:pwd@localhost:5988/medic');
const actual = apiUrlLib.getApiUrl({ local: true }, { COUCH_URL: 'http://user:pwd@localhost:5984/db' });
expect(actual).to.deep.equal(new url.URL('http://user:pwd@localhost:5988/medic'));
});

it('warn if environment variable targets remote', () => {
const actual = () => getApiUrl({ local: true }, { COUCH_URL: 'http://user:pwd@remote:5984/db' });
const actual = () => apiUrlLib.getApiUrl({ local: true }, { COUCH_URL: 'http://user:pwd@remote:5984/db' });
expect(actual).to.throw('remote');
});
});

describe('--instance', () => {
it('with default user', () => {
readline.question.returns('entered');
const actual = getApiUrl({ instance: 'inst' });
expect(actual).to.eq('https://admin:[email protected]/medic');
const actual = apiUrlLib.getApiUrl({ instance: 'inst' });
expect(actual).to.deep.equal(new url.URL('https://admin:[email protected]/medic'));
});

it('with --user', () => {
readline.question.returns('entered');
const actual = getApiUrl({ instance: 'inst', user: 'user' });
expect(actual).to.eq('https://user:[email protected]/medic');
const actual = apiUrlLib.getApiUrl({ instance: 'inst', user: 'user' });
expect(actual).to.deep.equal(new url.URL('https://user:[email protected]/medic'));
});
});

describe('--url', () => {
it('basic', () => {
const actual = getApiUrl({ url: 'https://admin:[email protected]/' });
expect(actual).to.eq('https://admin:[email protected]/medic');
const actual = apiUrlLib.getApiUrl({ url: 'https://admin:[email protected]/' });
expect(actual).to.deep.equal(new url.URL('https://admin:[email protected]/medic'));
});
});

describe('parseLocalUrl', () => {
const parseLocalUrl = getApiUrl.__get__('parseLocalUrl');
const parseLocalUrl = apiUrlLib.__get__('parseLocalUrl');
it('basic', () =>
expect(parseLocalUrl('http://admin:pass@localhost:5988/medic').href).to.eq('http://admin:pass@localhost:5988/'));

Expand All @@ -75,4 +76,30 @@ describe('get-api-url', () => {
it('ignores path', () =>
expect(parseLocalUrl('http://admin:pass@localhost:5984/foo').href).to.eq('http://admin:pass@localhost:5988/'));
});

describe('isLocalhost', () => {
it('should return true for localhost', () => {
expect(apiUrlLib.isLocalhost(new url.URL('http://admin:pass@localhost/medic'))).to.be.true;
expect(apiUrlLib.isLocalhost(new url.URL('http://admin:pass@localhost:5988/medic'))).to.be.true;
expect(apiUrlLib.isLocalhost(new url.URL('https://admin:pass@localhost/medic'))).to.be.true;
expect(apiUrlLib.isLocalhost(new url.URL('https://admin:pass@localhost/whatever'))).to.be.true;
});

it('should return true for 127.0.0.x', () => {
expect(apiUrlLib.isLocalhost(new url.URL('http://admin:[email protected]/medic'))).to.be.true;
expect(apiUrlLib.isLocalhost(new url.URL('http://admin:[email protected]/medic'))).to.be.true;
expect(apiUrlLib.isLocalhost(new url.URL('http://admin:[email protected]:5988/medic'))).to.be.true;
expect(apiUrlLib.isLocalhost(new url.URL('http://admin:[email protected]:5988/medic'))).to.be.true;
expect(apiUrlLib.isLocalhost(new url.URL('https://admin:[email protected]/medic'))).to.be.true;
expect(apiUrlLib.isLocalhost(new url.URL('https://admin:[email protected]/medic'))).to.be.true;
expect(apiUrlLib.isLocalhost(new url.URL('https://admin:[email protected]/whatever'))).to.be.true;
});

it('should return false for anything else', () => {
expect(apiUrlLib.isLocalhost(new url.URL('http://admin:pass@host/medic'))).to.be.false;
expect(apiUrlLib.isLocalhost(new url.URL('http://admin:pass@notlocalhost/medic'))).to.be.false;
expect(apiUrlLib.isLocalhost(new url.URL('http://admin:[email protected]/medic'))).to.be.false;
expect(apiUrlLib.isLocalhost(new url.URL('http://admin:[email protected]/medic'))).to.be.false;
});
});
});

0 comments on commit 0a10a41

Please sign in to comment.