Merge pull request #147 from AikidoSec/feature/cert-beta

Create INI file for pip to make sure behavior is predictable
2026-05-26 12:10:49 +00:00 · 2025-11-21 13:27:57 -08:00 · 2025-11-21 13:27:57 -08:00 · a0dc6536b1
commit a0dc6536b1
parent 6b208a8730 72bf44cb6d
6 changed files with 345 additions and 12 deletions
--- a/package-lock.json
+++ b/package-lock.json
@ -411,6 +411,13 @@
        "node": ">=14"
      }
    },
+    "node_modules/@types/ini": {
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/@types/ini/-/ini-4.1.1.tgz",
+      "integrity": "sha512-MIyNUZipBTbyUNnhvuXJTY7B6qNI78meck9Jbv3wk0OgNwRyOOVEKDutAkOs1snB/tx0FafyR6/SN4Ps0hZPeg==",
+      "dev": true,
+      "license": "MIT"
+    },
    "node_modules/@types/make-fetch-happen": {
      "version": "10.0.4",
      "resolved": "https://registry.npmjs.org/@types/make-fetch-happen/-/make-fetch-happen-10.0.4.tgz",
@ -1090,6 +1097,15 @@
        "node": ">=0.8.19"
      }
    },
+    "node_modules/ini": {
+      "version": "6.0.0",
+      "resolved": "https://registry.npmjs.org/ini/-/ini-6.0.0.tgz",
+      "integrity": "sha512-IBTdIkzZNOpqm7q3dRqJvMaldXjDHWkEDfrwGEQTs5eaQMWV+djAhR+wahyNNMAa+qpbDUhBMVt4ZKNwpPm7xQ==",
+      "license": "ISC",
+      "engines": {
+        "node": "^20.17.0 || >=22.9.0"
+      }
+    },
    "node_modules/ip-address": {
      "version": "9.0.5",
      "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz",
@ -2083,6 +2099,7 @@
        "certifi": "^14.5.15",
        "chalk": "5.4.1",
        "https-proxy-agent": "7.0.6",
+        "ini": "^6.0.0",
        "make-fetch-happen": "14.0.3",
        "node-forge": "1.3.1",
        "npm-registry-fetch": "18.0.2",
@ -2104,6 +2121,7 @@
        "safe-chain": "bin/safe-chain.js"
      },
      "devDependencies": {
+        "@types/ini": "^4.1.1",
        "@types/make-fetch-happen": "^10.0.4",
        "@types/node": "^18.19.130",
        "@types/node-forge": "^1.3.14",
--- a/packages/safe-chain-bun/package.json
+++ b/packages/safe-chain-bun/package.json
@ -27,4 +27,4 @@
  "peerDependencies": {
    "bun": ">=1.2.21"
  }
-}
+}
--- a/packages/safe-chain/package.json
+++ b/packages/safe-chain/package.json
@ -38,6 +38,7 @@
    "certifi": "^14.5.15",
    "chalk": "5.4.1",
    "https-proxy-agent": "7.0.6",
+    "ini": "^6.0.0",
    "make-fetch-happen": "14.0.3",
    "node-forge": "1.3.1",
    "npm-registry-fetch": "18.0.2",
@ -45,6 +46,7 @@
    "semver": "7.7.2"
  },
  "devDependencies": {
+    "@types/ini": "^4.1.1",
    "@types/make-fetch-happen": "^10.0.4",
    "@types/node": "^18.19.130",
    "@types/npm-registry-fetch": "^8.0.9",
--- a/packages/safe-chain/src/packagemanager/pip/runPipCommand.js
+++ b/packages/safe-chain/src/packagemanager/pip/runPipCommand.js
@ -2,12 +2,53 @@ import { ui } from "../../environment/userInteraction.js";
 import { safeSpawn } from "../../utils/safeSpawn.js";
 import { mergeSafeChainProxyEnvironmentVariables } from "../../registryProxy/registryProxy.js";
 import { getCombinedCaBundlePath } from "../../registryProxy/certBundle.js";
+import fs from "node:fs/promises";
+import fsSync from "node:fs";
+import os from "node:os";
+import path from "node:path";
+import ini from "ini";

 /**
- * @param {string} command
- * @param {string[]} args
- *
- * @returns {Promise<{status: number}>}
+ * Sets fallback CA bundle environment variables used by Python libraries.
+ * These are applied in addition to the PIP_CONFIG_FILE to ensure all Python
+ * network libraries respect the combined CA bundle, even if they don't read pip's config.
+ * 
+ * @param {NodeJS.ProcessEnv} env - Environment object to modify
+ * @param {string} combinedCaPath - Path to the combined CA bundle
+ */
+function setFallbackCaBundleEnvironmentVariables(env, combinedCaPath) {
+  // REQUESTS_CA_BUNDLE: Used by the popular 'requests' library
+  if (env.REQUESTS_CA_BUNDLE) {
+    ui.writeWarning("Safe-chain: User defined REQUESTS_CA_BUNDLE found in environment. It will be overwritten.");
+  }
+  env.REQUESTS_CA_BUNDLE = combinedCaPath;
+
+  // SSL_CERT_FILE: Used by some Python SSL libraries and urllib
+  if (env.SSL_CERT_FILE) {
+    ui.writeWarning("Safe-chain: User defined SSL_CERT_FILE found in environment. It will be overwritten.");
+  }
+  env.SSL_CERT_FILE = combinedCaPath;
+
+  // PIP_CERT: Pip's own environment variable for certificate verification
+  if (env.PIP_CERT) {
+    ui.writeWarning("Safe-chain: User defined PIP_CERT found in environment. It will be overwritten.");
+  }
+  env.PIP_CERT = combinedCaPath;
+}
+
+/**
+ * Runs a pip command with safe-chain's certificate bundle and proxy configuration.
+ * 
+ * Creates a temporary pip config file to configure:
+ * - Cert bundle for HTTPS verification
+ * - Proxy settings
+ * 
+ * If the user has an existing PIP_CONFIG_FILE, a new temporary config is created that merges
+ * their settings with safe-chain's, leaving the original file unchanged.
+ * 
+ * @param {string} command - The pip command to execute (e.g., 'pip3')
+ * @param {string[]} args - Command line arguments to pass to pip
+ * @returns {Promise<{status: number}>} Exit status of the pip command
 */
 export async function runPip(command, args) {
  try {
@ -17,13 +58,85 @@ export async function runPip(command, args) {
    // so that any network request made by pip, including those outside explicit CLI args,
    // validates correctly under both MITM'd and tunneled HTTPS.
    const combinedCaPath = getCombinedCaBundlePath();
-    env.REQUESTS_CA_BUNDLE = combinedCaPath;
-    env.SSL_CERT_FILE = combinedCaPath;
+
+    // https://pip.pypa.io/en/stable/topics/https-certificates/ explains that the 'cert' param (which we're providing via INI file)
+    // will tell pip to use the provided CA bundle for HTTPS verification.
+
+    // Proxy settings: GLOBAL_AGENT_HTTP_PROXY is our safe-chain proxy (if active),
+    // otherwise fall back to user-defined HTTPS_PROXY or HTTP_PROXY environment variables
+    const proxy = env.GLOBAL_AGENT_HTTP_PROXY || env.HTTPS_PROXY || env.HTTP_PROXY || '';
+
+    const tmpDir = os.tmpdir();
+    const pipConfigPath = path.join(tmpDir, `safe-chain-pip-${Date.now()}.ini`);
+    let cleanupConfigPath = null; // Track temp file for cleanup
+
+    // Note: Setting PIP_CONFIG_FILE overrides all pip config levels (Global/User/Site) per pip's loading order
+    if (!env.PIP_CONFIG_FILE) {
+      /** @type {{ global: { cert: string, proxy?: string } }} */
+      const configObj = { global: { cert: combinedCaPath } };
+      if (proxy) {
+        configObj.global.proxy = proxy;
+      }
+      const pipConfig = ini.stringify(configObj);
+      await fs.writeFile(pipConfigPath, pipConfig);
+      env.PIP_CONFIG_FILE = pipConfigPath;
+      cleanupConfigPath = pipConfigPath;
+
+    } else if (fsSync.existsSync(env.PIP_CONFIG_FILE)) {
+      ui.writeVerbose("Safe-chain: Merging user provided PIP_CONFIG_FILE with safe-chain certificate and proxy settings.");
+      const userConfig = env.PIP_CONFIG_FILE;
+
+      // Read the existing config without modifying it
+      let content = await fs.readFile(userConfig, "utf-8");
+      const parsed = ini.parse(content);
+
+      // Ensure [global] section exists
+      parsed.global = parsed.global || {};
+
+      // Cert
+      if (typeof parsed.global.cert !== "undefined") {
+        ui.writeWarning("Safe-chain: User defined cert found in PIP_CONFIG_FILE. It will be overwritten in the temporary config.");
+      }
+      parsed.global.cert = combinedCaPath;
+
+      // Proxy
+      if (typeof parsed.global.proxy !== "undefined") {
+        ui.writeWarning("Safe-chain: User defined proxy found in PIP_CONFIG_FILE. It will be overwritten in the temporary config.");
+      }
+      if (proxy) {
+        parsed.global.proxy = proxy;
+      }
+ 
+      const updated = ini.stringify(parsed);
+
+      // Save to a new temp file to avoid overwriting user's original config
+      await fs.writeFile(pipConfigPath, updated, "utf-8");
+      env.PIP_CONFIG_FILE = pipConfigPath;
+      cleanupConfigPath = pipConfigPath;
+
+    } else {
+      // The user provided PIP_CONFIG_FILE does not exist on disk
+      // PIP will handle this as an error and inform the user
+    }
+
+    // Set fallback CA bundle environment variables for Python libraries that don't read pip config
+    setFallbackCaBundleEnvironmentVariables(env, combinedCaPath);

    const result = await safeSpawn(command, args, {
      stdio: "inherit",
      env,
    });
+
+    // Cleanup temporary config file if we created one
+    if (cleanupConfigPath) {
+      try {
+        await fs.unlink(cleanupConfigPath);
+      } catch {
+        // Ignore cleanup errors - the file may have already been deleted or is inaccessible
+        // Temp files in os.tmpdir() may eventually be cleaned by the OS, but timing varies by platform
+      }
+    }
+
    return { status: result.status };
  } catch (/** @type any */ error) {
    if (error.status) {
--- a/packages/safe-chain/src/packagemanager/pip/runPipCommand.spec.js
+++ b/packages/safe-chain/src/packagemanager/pip/runPipCommand.spec.js
@ -1,29 +1,48 @@
 import { describe, it, beforeEach, afterEach, mock } from "node:test";
 import assert from "node:assert";
+import fs from "node:fs/promises";
+import os from "node:os";
+import path from "node:path";
+import ini from "ini";

 describe("runPipCommand environment variable handling", () => {
  let runPip;
  let capturedArgs = null;
+  let customEnv = null;
+  let capturedConfigContent = null; // Capture config file content before cleanup

  beforeEach(async () => {
    capturedArgs = null;
+    capturedConfigContent = null;

-    // Mock safeSpawn to capture args
+    // Mock safeSpawn to capture args and config file content before cleanup
    mock.module("../../utils/safeSpawn.js", {
      namedExports: {
        safeSpawn: async (command, args, options) => {
          capturedArgs = { command, args, options };
+          // Capture the config file content before the function cleans it up
+          if (options.env.PIP_CONFIG_FILE) {
+            try {
+              capturedConfigContent = await fs.readFile(options.env.PIP_CONFIG_FILE, "utf-8");
+            } catch {
+              // Ignore if file doesn't exist or can't be read
+            }
+          }
          return { status: 0 };
        },
      },
    });

-    // Mock proxy env merge
+    // Mock proxy env merge, allow custom env override
    mock.module("../../registryProxy/registryProxy.js", {
      namedExports: {
        mergeSafeChainProxyEnvironmentVariables: (env) => ({
          ...env,
+          ...customEnv,
+          // Force deterministic proxy for tests regardless of ambient env
+          GLOBAL_AGENT_HTTP_PROXY: "http://localhost:8080",
          HTTPS_PROXY: "http://localhost:8080",
+          HTTP_PROXY: "",
        }),
      },
    });
@ -43,6 +62,23 @@ describe("runPipCommand environment variable handling", () => {
    mock.reset();
  });

+  it("should set PIP_CERT env var and create config file", async () => {
+    const res = await runPip("pip3", ["install", "requests"]);
+    assert.strictEqual(res.status, 0);
+    assert.ok(capturedArgs, "safeSpawn should have been called");
+    // Check PIP_CERT env var
+    assert.strictEqual(
+      capturedArgs.options.env.PIP_CERT,
+      "/tmp/test-combined-ca.pem",
+      "PIP_CERT should be set to combined bundle path"
+    );
+    // Check PIP_CONFIG_FILE env var exists and is a non-empty string
+    const configPath = capturedArgs.options.env.PIP_CONFIG_FILE;
+    assert.ok(configPath, "PIP_CONFIG_FILE should be set");
+    assert.strictEqual(typeof configPath, "string", "PIP_CONFIG_FILE should be a string");
+    assert.ok(configPath.length > 0, "PIP_CONFIG_FILE should be a non-empty path");
+  });
+
  it("should set REQUESTS_CA_BUNDLE and SSL_CERT_FILE for default PyPI (no explicit index)", async () => {
    const res = await runPip("pip3", ["install", "requests"]);
    assert.strictEqual(res.status, 0);
@ -60,9 +96,6 @@ describe("runPipCommand environment variable handling", () => {
      "/tmp/test-combined-ca.pem",
      "SSL_CERT_FILE should be set to combined bundle path"
    );
-    
-    // Args should be unchanged (no arg injection)
-    assert.deepStrictEqual(capturedArgs.args, ["install", "requests"]);
  });

  it("should set CA environment variables even for external/test PyPI mirror (covers non-CLI traffic)", async () => {
@ -110,4 +143,161 @@ describe("runPipCommand environment variable handling", () => {
      "HTTPS_PROXY should be set by proxy merge"
    );
  });
+
+  it("should create a new temp config when existing config exists (original file untouched)", async () => {
+    const tmpDir = os.tmpdir();
+    const userCfgPath = path.join(tmpDir, `safe-chain-test-pip-${Date.now()}.ini`);
+    const initial = "[global]\nindex-url = https://example.com/simple\n";
+    await fs.writeFile(userCfgPath, initial, "utf-8");
+
+    customEnv = { PIP_CONFIG_FILE: userCfgPath };
+    const res = await runPip("pip3", ["install", "requests"]);
+    assert.strictEqual(res.status, 0);
+    const newCfgPath = capturedArgs.options.env.PIP_CONFIG_FILE;
+    assert.notStrictEqual(newCfgPath, userCfgPath, "should point to a new temp config file");
+
+    // Original file unchanged
+    const originalContent = await fs.readFile(userCfgPath, "utf-8");
+    const originalParsed = ini.parse(originalContent);
+    assert.strictEqual(originalParsed.global.cert, undefined, "original file should not gain cert");
+
+    // New file has merged settings (read from captured content before cleanup)
+    assert.ok(capturedConfigContent, "config content should have been captured");
+    const newParsed = ini.parse(capturedConfigContent);
+    assert.strictEqual(newParsed.global.cert, "/tmp/test-combined-ca.pem", "new config should include cert");
+    assert.strictEqual(newParsed.global.proxy, "http://localhost:8080", "new config should include proxy from env");
+    assert.strictEqual(newParsed.global["index-url"], "https://example.com/simple", "index-url should be preserved");
+    customEnv = null;
+  });
+
+  it("should create new config with proxy set from env (ini-validated)", async () => {
+    // No PIP_CONFIG_FILE in env => creation path
+    const res = await runPip("pip3", ["install", "requests"]);
+    assert.strictEqual(res.status, 0);
+
+    assert.ok(capturedConfigContent, "config content should have been captured");
+    const parsed = ini.parse(capturedConfigContent);
+    assert.ok(parsed.global, "[global] should exist after creation");
+    assert.strictEqual(
+      parsed.global.proxy,
+      "http://localhost:8080",
+      "proxy should be set from merged env"
+    );
+    assert.strictEqual(
+      parsed.global.cert,
+      "/tmp/test-combined-ca.pem",
+      "cert should be set during creation"
+    );
+  });
+
+  it("should create new temp config adding cert but preserving existing proxy (original file unchanged)", async () => {
+    const tmpDir = os.tmpdir();
+    const userCfgPath = path.join(tmpDir, `safe-chain-test-pip-${Date.now()}.ini`);
+    const initial = "[global]\nproxy = http://original:9999\n";
+    await fs.writeFile(userCfgPath, initial, "utf-8");
+
+    customEnv = { PIP_CONFIG_FILE: userCfgPath };
+    const res = await runPip("pip3", ["install", "requests"]);
+    assert.strictEqual(res.status, 0);
+    const newCfgPath = capturedArgs.options.env.PIP_CONFIG_FILE;
+    assert.notStrictEqual(newCfgPath, userCfgPath, "should use a new temp config file");
+
+    // Original file unchanged
+    const originalParsed = ini.parse(await fs.readFile(userCfgPath, "utf-8"));
+    assert.strictEqual(originalParsed.global.cert, undefined, "original file should not gain cert");
+    assert.strictEqual(originalParsed.global.proxy, "http://original:9999", "original proxy remains");
+
+    // New file: cert and proxy always overwritten (read from captured content)
+    assert.ok(capturedConfigContent, "config content should have been captured");
+    const newParsed = ini.parse(capturedConfigContent);
+    assert.strictEqual(newParsed.global.cert, "/tmp/test-combined-ca.pem", "cert always overwritten in temp config");
+    assert.strictEqual(newParsed.global.proxy, "http://localhost:8080", "proxy always overwritten in temp config");
+    customEnv = null;
+  });
+
+  it("should create new temp config preserving existing cert and proxy while leaving original file unchanged", async () => {
+    const tmpDir = os.tmpdir();
+    const cfgPath = path.join(tmpDir, `safe-chain-test-pip-${Date.now()}.ini`);
+    const initialIni = [
+      "[global]",
+      "cert = /path/to/existing.pem",
+      "proxy = http://original:9999",
+      ""
+    ].join("\n");
+    await fs.writeFile(cfgPath, initialIni, "utf-8");
+
+    customEnv = { PIP_CONFIG_FILE: cfgPath };
+    const res = await runPip("pip3", ["install", "requests"]);
+    assert.strictEqual(res.status, 0, "execution should succeed");
+    const newCfgPath = capturedArgs.options.env.PIP_CONFIG_FILE;
+    assert.notStrictEqual(newCfgPath, cfgPath, "should use a newly generated temp config file");
+
+    // Original file stays untouched
+    const originalContent = await fs.readFile(cfgPath, "utf-8");
+    const originalParsed = ini.parse(originalContent);
+    assert.strictEqual(originalParsed.global.cert, "/path/to/existing.pem", "original cert preserved");
+    assert.strictEqual(originalParsed.global.proxy, "http://original:9999", "original proxy preserved");
+
+  // New temp config: cert and proxy always overwritten (read from captured content)
+  assert.ok(capturedConfigContent, "config content should have been captured");
+  const newParsed = ini.parse(capturedConfigContent);
+  assert.strictEqual(newParsed.global.cert, "/tmp/test-combined-ca.pem", "cert always overwritten in temp config");
+  assert.strictEqual(newParsed.global.proxy, "http://localhost:8080", "proxy always overwritten in temp config");
+    customEnv = null;
+  });
+
+  it("should create new temp config preserving existing cert and adding missing proxy", async () => {
+    const tmpDir = os.tmpdir();
+    const userCfgPath = path.join(tmpDir, `safe-chain-test-pip-${Date.now()}.ini`);
+    const initial = "[global]\ncert = /path/to/existing.pem\n";
+    await fs.writeFile(userCfgPath, initial, "utf-8");
+
+    customEnv = { PIP_CONFIG_FILE: userCfgPath };
+    const res = await runPip("pip3", ["install", "requests"]);
+    assert.strictEqual(res.status, 0);
+    const newCfgPath = capturedArgs.options.env.PIP_CONFIG_FILE;
+    assert.notStrictEqual(newCfgPath, userCfgPath, "should produce a new temp config file");
+
+    // Original remains unchanged
+    const originalParsed = ini.parse(await fs.readFile(userCfgPath, "utf-8"));
+    assert.strictEqual(originalParsed.global.cert, "/path/to/existing.pem", "original cert unchanged");
+    assert.strictEqual(originalParsed.global.proxy, undefined, "original proxy still missing");
+
+  // New file: cert and proxy always overwritten (read from captured content)
+  assert.ok(capturedConfigContent, "config content should have been captured");
+  const newParsed = ini.parse(capturedConfigContent);
+  assert.strictEqual(newParsed.global.cert, "/tmp/test-combined-ca.pem", "cert always overwritten in temp config");
+  assert.strictEqual(newParsed.global.proxy, "http://localhost:8080", "proxy always overwritten in temp config");
+    customEnv = null;
+  });
+
+  it("should log warnings when cert and proxy are already set in user config file", async () => {
+    const tmpDir = os.tmpdir();
+    const cfgPath = path.join(tmpDir, `safe-chain-test-pip-warn-${Date.now()}.ini`);
+    const initialIni = [
+      "[global]",
+      "cert = /user/cert.pem",
+      "proxy = http://user-proxy:9999",
+      ""
+    ].join("\n");
+    await fs.writeFile(cfgPath, initialIni, "utf-8");
+
+    customEnv = { PIP_CONFIG_FILE: cfgPath };
+    
+    // Capture stdout/stderr
+    let output = "";
+    const originalWrite = process.stdout.write;
+    const originalError = process.stderr.write;
+    process.stdout.write = (chunk, ...args) => { output += chunk; return originalWrite.apply(process.stdout, [chunk, ...args]); };
+    process.stderr.write = (chunk, ...args) => { output += chunk; return originalError.apply(process.stderr, [chunk, ...args]); };
+
+    await runPip("pip3", ["install", "requests"]);
+
+    process.stdout.write = originalWrite;
+    process.stderr.write = originalError;
+
+    assert.ok(output.includes("cert found in PIP_CONFIG_FILE"), "Should warn about cert overwrite in output");
+    assert.ok(output.includes("proxy found in PIP_CONFIG_FILE"), "Should warn about proxy overwrite in output");
+    customEnv = null;
+  });
 });
--- a/packages/safe-chain/src/registryProxy/certUtils.js
+++ b/packages/safe-chain/src/registryProxy/certUtils.js
@ -48,6 +48,16 @@ export function generateCertForHost(hostname) {
      digitalSignature: true,
      keyEncipherment: true,
    },
+    {
+      /*
+        extKeyUsage serverAuth is required for TLS server authentication.
+        This is especially important for Python venv environments, which use their own
+        certificate validation logic and will reject certificates lacking the serverAuth EKU.
+        Adding serverAuth does not impact other usages
+      */
+      name: "extKeyUsage",
+      serverAuth: true,
+    },
  ]);
  cert.sign(ca.privateKey, forge.md.sha256.create());