milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Use CA bundle when using rama proxy

Browse source
This commit is contained in:
Sander Declerck 2026-02-12 10:18:37 +01:00
parent 9a7c054a3f
commit ba604eaeaa
No known key found for this signature in database
12 changed files with 267 additions and 421 deletions
Download patch file Download diff file Expand all files Collapse all files

14
packages/safe-chain/src/registryProxy/builtInProxy/createBuiltInProxyServer.js
View file

@ -2,11 +2,12 @@ import * as http from "http";
import { tunnelRequest } from "./tunnelRequestHandler.js";
import { mitmConnect } from "./mitmRequestHandler.js";
import { handleHttpProxyRequest } from "./plainHttpProxy.js";
import { getCombinedCaBundlePath } from "./certBundle.js";
import { ui } from "../../environment/userInteraction.js";
import chalk from "chalk";
import { createInterceptorForUrl } from "./interceptors/createInterceptorForEcoSystem.js";
import { getHasSuppressedVersions } from "./interceptors/npm/modifyNpmInfo.js";
import { getCaCertPath } from "./certUtils.js";
import { readFileSync } from "fs";
/** *
* @returns {import("../registryProxy.js").SafeChainProxy} */
@ -36,7 +37,7 @@ export function createBuiltInProxyServer() {
verifyNoMaliciousPackages,
hasSuppressedVersions: getHasSuppressedVersions,
getServerPort: () => state.port,
getCombinedCaBundlePath,
getCaCert,
};
/**
@ -147,4 +148,13 @@ export function createBuiltInProxyServer() {
return false;
}
function getCaCert() {
try {
const safeChainPath = getCaCertPath();
return readFileSync(safeChainPath, "utf8");
} catch {
return null;
}
}
}