mockttp
Advanced tools
Comparing version 3.9.3 to 3.9.4
@@ -8,3 +8,3 @@ /// <reference types="node" /> | ||
import { PassThroughLookupOptions } from './passthrough-handling-definitions'; | ||
export declare const UPSTREAM_TLS_OPTIONS: tls.SecureContextOptions; | ||
export declare const getUpstreamTlsOptions: (strictChecks: boolean) => tls.SecureContextOptions; | ||
/** | ||
@@ -11,0 +11,0 @@ * Takes a callback result and some headers, and returns a ready to send body, using the headers |
"use strict"; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
exports.getClientRelativeHostname = exports.getDnsLookupFunction = exports.shouldUseStrictHttps = exports.getContentLengthAfterModification = exports.getH2HeadersAfterModification = exports.OVERRIDABLE_REQUEST_PSEUDOHEADERS = exports.getHostAfterModification = exports.buildOverriddenBody = exports.UPSTREAM_TLS_OPTIONS = void 0; | ||
exports.getClientRelativeHostname = exports.getDnsLookupFunction = exports.shouldUseStrictHttps = exports.getContentLengthAfterModification = exports.getH2HeadersAfterModification = exports.OVERRIDABLE_REQUEST_PSEUDOHEADERS = exports.getHostAfterModification = exports.buildOverriddenBody = exports.getUpstreamTlsOptions = void 0; | ||
const _ = require("lodash"); | ||
const tls = require("tls"); | ||
const url = require("url"); | ||
@@ -17,2 +18,3 @@ const common_tags_1 = require("common-tags"); | ||
const NEW_CURVES_SUPPORTED = (0, openssl_compat_1.areFFDHECurvesSupported)(process.versions.openssl); | ||
const SSL_OP_LEGACY_SERVER_CONNECT = 1 << 2; | ||
const SSL_OP_TLSEXT_PADDING = 1 << 4; | ||
@@ -22,3 +24,3 @@ const SSL_OP_NO_ENCRYPT_THEN_MAC = 1 << 19; | ||
// that seems to be widely accepted and is easy to emulate from Node.js. | ||
exports.UPSTREAM_TLS_OPTIONS = { | ||
const getUpstreamTlsOptions = (strictChecks) => ({ | ||
ecdhCurve: [ | ||
@@ -67,8 +69,15 @@ 'X25519', | ||
].join(':'), | ||
secureOptions: SSL_OP_TLSEXT_PADDING | SSL_OP_NO_ENCRYPT_THEN_MAC, | ||
secureOptions: strictChecks | ||
? SSL_OP_TLSEXT_PADDING | SSL_OP_NO_ENCRYPT_THEN_MAC | ||
: SSL_OP_TLSEXT_PADDING | SSL_OP_NO_ENCRYPT_THEN_MAC | SSL_OP_LEGACY_SERVER_CONNECT, | ||
...{ | ||
// Valid, but not included in Node.js TLS module types: | ||
requestOSCP: true | ||
} | ||
}; | ||
}, | ||
// Allow TLSv1, if !strict: | ||
minVersion: strictChecks ? tls.DEFAULT_MIN_VERSION : 'TLSv1', | ||
// Skip certificate validation entirely, if not strict: | ||
rejectUnauthorized: strictChecks, | ||
}); | ||
exports.getUpstreamTlsOptions = getUpstreamTlsOptions; | ||
// --- Various helpers for deriving parts of request/response data given partial overrides: --- | ||
@@ -75,0 +84,0 @@ /** |
@@ -490,6 +490,3 @@ "use strict"; | ||
// TLS options: | ||
...passthrough_handling_1.UPSTREAM_TLS_OPTIONS, | ||
// Allow TLSv1, if !strict | ||
minVersion: strictHttpsChecks ? tls.DEFAULT_MIN_VERSION : 'TLSv1', | ||
rejectUnauthorized: strictHttpsChecks, | ||
...(0, passthrough_handling_1.getUpstreamTlsOptions)(strictHttpsChecks), | ||
...clientCert, | ||
@@ -496,0 +493,0 @@ ...caConfig |
@@ -256,6 +256,3 @@ "use strict"; | ||
// TLS options: | ||
...passthrough_handling_1.UPSTREAM_TLS_OPTIONS, | ||
// Allow TLSv1, if !strict: | ||
minVersion: strictHttpsChecks ? tls.DEFAULT_MIN_VERSION : 'TLSv1', | ||
rejectUnauthorized: strictHttpsChecks, | ||
...(0, passthrough_handling_1.getUpstreamTlsOptions)(strictHttpsChecks), | ||
...clientCert, | ||
@@ -262,0 +259,0 @@ ...caConfig |
{ | ||
"name": "mockttp", | ||
"version": "3.9.3", | ||
"version": "3.9.4", | ||
"description": "Mock HTTP server for testing HTTP clients and stubbing webservices", | ||
@@ -5,0 +5,0 @@ "exports": { |
@@ -27,2 +27,3 @@ import * as _ from 'lodash'; | ||
const SSL_OP_LEGACY_SERVER_CONNECT = 1 << 2; | ||
const SSL_OP_TLSEXT_PADDING = 1 << 4; | ||
@@ -33,3 +34,3 @@ const SSL_OP_NO_ENCRYPT_THEN_MAC = 1 << 19; | ||
// that seems to be widely accepted and is easy to emulate from Node.js. | ||
export const UPSTREAM_TLS_OPTIONS: tls.SecureContextOptions = { | ||
export const getUpstreamTlsOptions = (strictChecks: boolean): tls.SecureContextOptions => ({ | ||
ecdhCurve: [ | ||
@@ -79,9 +80,17 @@ 'X25519', | ||
].join(':'), | ||
secureOptions: SSL_OP_TLSEXT_PADDING | SSL_OP_NO_ENCRYPT_THEN_MAC, | ||
secureOptions: strictChecks | ||
? SSL_OP_TLSEXT_PADDING | SSL_OP_NO_ENCRYPT_THEN_MAC | ||
: SSL_OP_TLSEXT_PADDING | SSL_OP_NO_ENCRYPT_THEN_MAC | SSL_OP_LEGACY_SERVER_CONNECT, | ||
...({ | ||
// Valid, but not included in Node.js TLS module types: | ||
requestOSCP: true | ||
} as any) | ||
}; | ||
} as any), | ||
// Allow TLSv1, if !strict: | ||
minVersion: strictChecks ? tls.DEFAULT_MIN_VERSION : 'TLSv1', | ||
// Skip certificate validation entirely, if not strict: | ||
rejectUnauthorized: strictChecks, | ||
}); | ||
// --- Various helpers for deriving parts of request/response data given partial overrides: --- | ||
@@ -88,0 +97,0 @@ |
@@ -78,3 +78,3 @@ import _ = require('lodash'); | ||
buildOverriddenBody, | ||
UPSTREAM_TLS_OPTIONS, | ||
getUpstreamTlsOptions, | ||
shouldUseStrictHttps, | ||
@@ -750,6 +750,3 @@ getClientRelativeHostname, | ||
// TLS options: | ||
...UPSTREAM_TLS_OPTIONS, | ||
// Allow TLSv1, if !strict | ||
minVersion: strictHttpsChecks ? tls.DEFAULT_MIN_VERSION : 'TLSv1', | ||
rejectUnauthorized: strictHttpsChecks, | ||
...getUpstreamTlsOptions(strictHttpsChecks), | ||
...clientCert, | ||
@@ -756,0 +753,0 @@ ...caConfig |
@@ -40,3 +40,3 @@ import * as _ from 'lodash'; | ||
import { | ||
UPSTREAM_TLS_OPTIONS, | ||
getUpstreamTlsOptions, | ||
getClientRelativeHostname, | ||
@@ -379,6 +379,3 @@ getDnsLookupFunction, | ||
// TLS options: | ||
...UPSTREAM_TLS_OPTIONS, | ||
// Allow TLSv1, if !strict: | ||
minVersion: strictHttpsChecks ? tls.DEFAULT_MIN_VERSION : 'TLSv1', | ||
rejectUnauthorized: strictHttpsChecks, | ||
...getUpstreamTlsOptions(strictHttpsChecks), | ||
...clientCert, | ||
@@ -385,0 +382,0 @@ ...caConfig |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
1495989
25555
25