@aikidosec/safe-chain 1.1.2 → 1.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/package.json +1 -1
  2. package/src/packagemanager/yarn/runYarnCommand.js +3 -3
  3. package/src/registryProxy/mitmRequestHandler.js +6 -0
  4. package/src/registryProxy/tunnelRequestHandler.js +6 -0
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@aikidosec/safe-chain",
3
- "version": "1.1.2",
3
+ "version": "1.1.4",
4
4
  "scripts": {
5
5
  "test": "node --test --experimental-test-module-mocks 'src/**/*.spec.js'",
6
6
  "test:watch": "node --test --watch --experimental-test-module-mocks 'src/**/*.spec.js'",
package/src/packagemanager/yarn/runYarnCommand.js CHANGED
@@ -23,7 +23,9 @@ export async function runYarnCommand(args) {
23
23
  }
24
24
 
25
25
  async function fixYarnProxyEnvironmentVariables(env) {
26
- // Yarn ignores standard proxy environment variables HTTPS_PROXY and NODE_EXTRA_CA_CERTS
26
+ // Yarn ignores standard proxy environment variable HTTPS_PROXY
27
+ // It does respect NODE_EXTRA_CA_CERTS for custom CA certificates though.
28
+ // Don't use YARN_HTTPS_CA_FILE_PATH though, as it causes to ignore all system CAs
27
29
 
28
30
  // Yarn v2/v3 and v4+ use different environment variables for proxy and CA certs
29
31
  // When setting all variables, yarn returns an error about conflicting variables
@@ -35,10 +37,8 @@ async function fixYarnProxyEnvironmentVariables(env) {
35
37
 
36
38
  if (majorVersion >= 4) {
37
39
  env.YARN_HTTPS_PROXY = env.HTTPS_PROXY;
38
- env.YARN_HTTPS_CA_FILE_PATH = env.NODE_EXTRA_CA_CERTS;
39
40
  } else if (majorVersion === 2 || majorVersion === 3) {
40
41
  env.YARN_HTTPS_PROXY = env.HTTPS_PROXY;
41
- env.YARN_CA_FILE_PATH = env.NODE_EXTRA_CA_CERTS;
42
42
  }
43
43
  }
44
44
 
package/src/registryProxy/mitmRequestHandler.js CHANGED
@@ -5,6 +5,12 @@ import { HttpsProxyAgent } from "https-proxy-agent";
5
5
  export function mitmConnect(req, clientSocket, isAllowed) {
6
6
  const { hostname } = new URL(`http://${req.url}`);
7
7
 
8
+ clientSocket.on("error", () => {
9
+ // NO-OP
10
+ // This can happen if the client TCP socket sends RST instead of FIN.
11
+ // Not subscribing to 'close' event will cause node to throw and crash.
12
+ });
13
+
8
14
  const server = createHttpsServer(hostname, isAllowed);
9
15
 
10
16
  // Establish the connection
package/src/registryProxy/tunnelRequestHandler.js CHANGED
@@ -24,6 +24,12 @@ export function tunnelRequest(req, clientSocket, head) {
24
24
  function tunnelRequestToDestination(req, clientSocket, head) {
25
25
  const { port, hostname } = new URL(`http://${req.url}`);
26
26
 
27
+ clientSocket.on("error", () => {
28
+ // NO-OP
29
+ // This can happen if the client TCP socket sends RST instead of FIN.
30
+ // Not subscribing to 'close' event will cause node to throw and crash.
31
+ });
32
+
27
33
  const serverSocket = net.connect(port || 443, hostname, () => {
28
34
  clientSocket.write("HTTP/1.1 200 Connection Established\r\n\r\n");
29
35
  serverSocket.write(head);