@elastic/transport - npm Package Compare versions

Comparing version 8.7.0 to 8.7.1

lib/connection/BaseConnection.d.ts

@@ -88,1 +88,2 @@ /// <reference types="node" />
 export declare function getIssuerCertificate(socket: TLSSocket): DetailedPeerCertificate | null;
+export declare function isCaFingerprintMatch(cert1: string | null, cert2: string | null): boolean;

lib/connection/BaseConnection.js

@@ -22,3 +22,3 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getIssuerCertificate = exports.prepareHeaders = void 0;
+exports.isCaFingerprintMatch = exports.getIssuerCertificate = exports.prepareHeaders = void 0;
 const tslib_1 = require("tslib");
@@ -232,2 +232,11 @@ const util_1 = require("util");
 exports.getIssuerCertificate = getIssuerCertificate;
+function isCaFingerprintMatch(cert1, cert2) {
+    if (typeof cert1 === 'string' && typeof cert2 === 'string') {
+        const c1 = cert1.toLowerCase().replace(/:/g, '');
+        const c2 = cert2.toLowerCase().replace(/:/g, '');
+        return c1 === c2;
+    }
+    return cert1 === cert2;
+}
+exports.isCaFingerprintMatch = isCaFingerprintMatch;
 //# sourceMappingURL=BaseConnection.js.map

lib/connection/HttpConnection.js

@@ -229,3 +229,3 @@ "use strict";
                         /* istanbul ignore else */
-                        if (this[symbols_1.kCaFingerprint] !== issuerCertificate.fingerprint256) {
+                        if (!(0, BaseConnection_1.isCaFingerprintMatch)(this[symbols_1.kCaFingerprint], issuerCertificate.fingerprint256)) {
                             onError(new Error('Server certificate CA fingerprint does not match the value configured in caFingerprint'));
@@ -232,0 +232,0 @@ request.once('error', () => { }); // we need to catch the request aborted error

lib/connection/UndiciConnection.js

@@ -80,3 +80,3 @@ "use strict";
                         /* istanbul ignore else */
-                        if (caFingerprint !== issuerCertificate.fingerprint256) {
+                        if (!(0, BaseConnection_1.isCaFingerprintMatch)(caFingerprint, issuerCertificate.fingerprint256)) {
                             socket.destroy();
@@ -83,0 +83,0 @@ return cb(new Error('Server certificate CA fingerprint does not match the value configured in caFingerprint'), null);

package.json

 {
   "name": "@elastic/transport",
-  "version": "8.7.0",
+  "version": "8.7.1",
   "description": "Transport classes and utilities shared among Node.js Elastic client libraries",
@@ -5,0 +5,0 @@ "main": "index.js",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

658987

increased by0.15%

Lines of code

9094

increased by0.11%

No dependency changes