Doesn't seem to pass options to tls.connect #89
Comments
|
I see this problem too - need to be able to pass the rejectUnauthorized option. |
|
See #94. Those options will be passed through by If you were using Node's For now, I'd recommend downgrading to |
|
I am having the same problem too : I am stuck on 2.2.4 because I need to pass options to tls.connect. I would be willing to try fixing it, if you would accept a PR @TooTallNate ? |
|
Same here. Please support Edit: I have to add that unlike others here I can't use v2.2.4 because the agent-base version v4.3.0 that it depends on patches https.request in an incompatible way. But I can't use anything later either as I need the checkServerIdentity option. |
|
The hotfix works also for version 5.0.0 if I remove the "fn"-Paramter of the callback. Would be great to have this fixed, since this is a common setting to have mutual tls combined with the requirement of a (corporate) proxy. |
|
Hotfix works for me as well. import { HttpsProxyAgent, HttpsProxyAgentOptions } from 'https-proxy-agent';
import { ClientRequest, RequestOptions } from 'agent-base';
import { Socket } from 'net';
export class PatchedHttpsProxyAgent extends HttpsProxyAgent {
private ca: any;
constructor(opts: HttpsProxyAgentOptions) {
super(opts);
this.ca = opts.ca;
}
async callback(req: ClientRequest, opts: RequestOptions): Promise<Socket> {
return super.callback(req, Object.assign(opts, { ca: this.ca }));
}
}Usage: import axios from 'axios';
import crtfile from '../cert/intern.certificat.net.crt';
import { PatchedHttpsProxyAgent } from '../modules/proxy';
const agent = new PatchedHttpsProxyAgent({ ...url.parse(PROXY), ...{ca: crtfile} });
const axiosProxyConfig = {
proxy: false,
httpsAgent: agent
}
const client = axios.create(axiosProxyConfig); |
|
@maslakov did you create a pull request for this? |
This worked for me, thanks. Shame this library doesnt just support setting any of the Agent options out of the box. Extremely frustrating. |
This adds support for use the system proxy configuration (by asking the embedded Chrome to resolve the proxy configuration). The idea to ask Chrome was from the electron-proxy-agent package; however, it had significant issues on supporting system CA certificates, and the result ended up being a complete rewrite. We need the wrapper classes for HttpsProxyAgent and SocksProxyAgent so that we can pass the CA options down to the eventual tls.connect() call. This is due to TooTallNate/proxy-agents#89 Signed-off-by: Mark Yen <[email protected]>
This adds support for use the system proxy configuration (by asking the embedded Chrome to resolve the proxy configuration). The idea to ask Chrome was from the electron-proxy-agent package; however, it had significant issues on supporting system CA certificates, and the result ended up being a complete rewrite. We need the wrapper classes for HttpsProxyAgent and SocksProxyAgent so that we can pass the CA options down to the eventual tls.connect() call. This is due to TooTallNate/proxy-agents#89 Signed-off-by: Mark Yen <[email protected]>
This adds support for use the system proxy configuration (by asking the embedded Chrome to resolve the proxy configuration). The idea to ask Chrome was from the electron-proxy-agent package; however, it had significant issues on supporting system CA certificates, and the result ended up being a complete rewrite. We need the wrapper classes for HttpsProxyAgent and SocksProxyAgent so that we can pass the CA options down to the eventual tls.connect() call. This is due to TooTallNate/proxy-agents#89 Signed-off-by: Mark Yen <[email protected]>
|
I am trying to use the hotfix with the callback. node-fetch and pfx file. but the hotfix is not working... can some one please help me out? |
|
I found out that it doesn't work anymore since v5 because The workaround I found is to import the class directly from The following workaround works on my end with v5.0.1: import url from 'url'
import HttpsProxyAgent from 'https-proxy-agent/dist/agent'
const extraOpts = Symbol('extra agent opts')
export class PatchedHttpsProxyAgent extends HttpsProxyAgent {
constructor (opts) {
super(opts)
this[extraOpts] = opts
}
callback (req, opts) {
return super.callback(req, { ...this[extraOpts], ...opts })
}
}
const proxyOptions = url.parse('localhost:9090')
const agent = new PatchedHttpsProxyAgent({ checkServerIdentity: (host, cert) => { /* my tls pinning */ }, ...proxyOptions }) |
|
@tex0l I would recommend using https://github.com/delvedor/hpagent over relying on a non reliable hack with this one. |
|
This module has gone through a large refactor and modernization. I am closing this issue as a bit of house cleaning. If you feel that this issue still exists in the latest release, feel free to open a new issue. |
|
Anyone trying @maslakov 's solution in v6+ (6.1.0 as of this writing), you need to rename @TooTallNate , my use case for this is using Postman's built in proxy feature https://learning.postman.com/docs/getting-started/proxy/. It uses a self-signed cert and I need to include the contents of |
|
The constructor changed a little bit with leter versions (7.0.2 as of writing) and this issue still exists. Building upon the great answers before, here's an updated version: import { HttpsProxyAgent, HttpsProxyAgentOptions } from 'https-proxy-agent';
type PatchedHttpsProxyAgentOptions<T> = HttpsProxyAgentOptions<T> & {
ca: string;
};
export class PatchedHttpsProxyAgent<Uri extends string> extends HttpsProxyAgent<Uri> {
private readonly ca: any;
constructor(proxy: Uri | URL, opts?: PatchedHttpsProxyAgentOptions<Uri>) {
super(proxy, opts);
this.ca = opts.ca;
}
async connect(req, opts) {
return super.connect(req, Object.assign(opts, { ca: this.ca }));
}
}Note: |
|
This is still an issue with const { HttpsProxyAgent } = require('https-proxy-agent')
class PatchedHttpsProxyAgent extends HttpsProxyAgent {
constructor (proxyUrl, opts) {
super(proxyUrl, opts)
this.savedOpts = opts
}
async connect (req, opts) {
return super.connect(req, { ...this.savedOpts, ...opts })
}
} |
as per documentation https://www.npmjs.com/package/https-proxy-agent#new-httpsproxyagentobject-options
But when I try this, it doesn't seem to pass
caorrejectUnauthorizedwhen upgrading connection. I can get around it by monkey patching the agentcallback:I feel like this could be solved by changing this line https://github.com/TooTallNate/node-https-proxy-agent/blob/176d4b4fb20e229cf6cd1008f06bf97833fd725f/index.js#L151
to
so that all input options are passed when upgrading.
What do you think?
The text was updated successfully, but these errors were encountered: