@make-u-free/migi 0.2.2 → 0.2.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/tls.js +31 -11
package/package.json
CHANGED
package/src/tls.js
CHANGED
|
@@ -2,13 +2,14 @@ import { existsSync, readFileSync } from 'fs'
|
|
|
2
2
|
import { join } from 'path'
|
|
3
3
|
import { homedir } from 'os'
|
|
4
4
|
import https from 'https'
|
|
5
|
+
import tls from 'tls'
|
|
5
6
|
|
|
6
7
|
// CA ファイルの検索順(単体 .crt / bundle.pem どちらでも可)
|
|
7
8
|
const CA_CANDIDATES = [
|
|
8
|
-
process.env.NODE_EXTRA_CA_CERTS,
|
|
9
|
-
join(homedir(), '.migi', 'zscaler-ca.pem'),
|
|
10
|
-
join(homedir(), '.migi', 'zscaler-ca.crt'),
|
|
11
|
-
join(homedir(), '.migi', 'ca-bundle.pem'),
|
|
9
|
+
process.env.NODE_EXTRA_CA_CERTS,
|
|
10
|
+
join(homedir(), '.migi', 'zscaler-ca.pem'),
|
|
11
|
+
join(homedir(), '.migi', 'zscaler-ca.crt'),
|
|
12
|
+
join(homedir(), '.migi', 'ca-bundle.pem'),
|
|
12
13
|
].filter(Boolean)
|
|
13
14
|
|
|
14
15
|
function findCA() {
|
|
@@ -20,12 +21,31 @@ function findCA() {
|
|
|
20
21
|
|
|
21
22
|
export const caPath = findCA()
|
|
22
23
|
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
24
|
+
let _httpsAgent = null
|
|
25
|
+
|
|
26
|
+
if (caPath) {
|
|
27
|
+
const caCert = readFileSync(caPath)
|
|
28
|
+
|
|
29
|
+
// ① tls.createSecureContext パッチ
|
|
30
|
+
// Node 18+ built-in fetch (undici) を含む全TLS接続に効く
|
|
31
|
+
const _origCreate = tls.createSecureContext
|
|
32
|
+
tls.createSecureContext = (options = {}) => {
|
|
33
|
+
const extra = [caCert]
|
|
34
|
+
const existing = options.ca
|
|
35
|
+
? (Array.isArray(options.ca) ? options.ca : [options.ca])
|
|
36
|
+
: []
|
|
37
|
+
return _origCreate({ ...options, ca: [...existing, ...extra] })
|
|
38
|
+
}
|
|
39
|
+
|
|
40
|
+
// ② NODE_EXTRA_CA_CERTS(環境変数で起動する場合のフォールバック)
|
|
41
|
+
if (!process.env.NODE_EXTRA_CA_CERTS) {
|
|
42
|
+
process.env.NODE_EXTRA_CA_CERTS = caPath
|
|
43
|
+
}
|
|
44
|
+
|
|
45
|
+
// ③ https.Agent(node-fetch 系フォールバック)
|
|
46
|
+
_httpsAgent = new https.Agent({ ca: caCert })
|
|
47
|
+
|
|
48
|
+
console.error(` [TLS] CA loaded: ${caPath}`)
|
|
26
49
|
}
|
|
27
50
|
|
|
28
|
-
|
|
29
|
-
export const httpsAgent = caPath
|
|
30
|
-
? new https.Agent({ ca: readFileSync(caPath) })
|
|
31
|
-
: null
|
|
51
|
+
export const httpsAgent = _httpsAgent
|