fix: 证书校验

2021-09-11 23:43:20 +08:00 · 2021-09-11 23:43:20 +08:00 · e5e028a0da
parent 6f3013ce8d
commit e5e028a0da
5 changed files with 58 additions and 3 deletions
--- a/packages/core/start/mitmproxy.js
+++ b/packages/core/start/mitmproxy.js
@ -2,7 +2,7 @@
 const server = require('@docmirror/mitmproxy')
 const JSON5 = require('json5')
 const path = require('path')
-const home = process.env.USER_HOME || process.env.HOME || 'C:/Users/xiaoj/'
+const home = process.env.USER_HOME || process.env.HOME || 'C:/Users/Administrator/'
 let configPath = path.join(home, '.dev-sidecar/running.json')
 if (process.argv && process.argv.length > 3) {
  configPath = process.argv[2]
--- a/packages/core/start/user_config.json5
+++ b/packages/core/start/user_config.json5
@ -15,7 +15,9 @@
      enabled: true,
    },
    overwall: {
+      enabled: false,
      targets: {
+        '*gagedigital.com': true,
        '*yonsz.net': true,
        '*bootstrapcdn.com': true,
        '*cloudflare.com': true,
@ -30,6 +32,11 @@
          proxy: 'dev-sidecar-preview.docmirror.cn',
        },
      },
+      'test1111.gagedigital.com': {
+        '.*': {
+          proxy: 'test1.gagedigital.com',
+        },
+      }
    },
  }
-}
+}
--- a/packages/core/test/https.verify.js
+++ b/packages/core/test/https.verify.js
@ -0,0 +1,40 @@
+const expect = require('chai').expect
+const https = require('https')
+process.env.NODE_TLS_REJECT_UNAUTHORIZED = '1'
+function request () {
+  return new Promise((resolve, reject) => {
+    const options = {
+      hostname: 'test1.gagedigital.com',
+      port: 443,
+      path: '/ssltest.php',
+      method: 'GET',
+      rejectUnauthorized: true
+    }
+    console.log('ssl test: gagedigital')
+    const req = https.request(options, (res) => {
+      console.log('statusCode:', res.statusCode)
+      console.log('headers:', res.headers)
+
+      res.on('data', (d) => {
+        process.stdout.write(d)
+        resolve()
+      })
+    })
+
+    req.on('error', (e) => {
+      console.error(e)
+      reject(e)
+    })
+    req.end()
+  })
+}
+// eslint-disable-next-line no-undef
+describe('ssl.verify', function () {
+  // eslint-disable-next-line no-undef
+  it('regex.test.js', async function () {
+  //  https.request('https://test1.gagedigital.com/ssltest.php')
+    await request()
+    // eslint-disable-next-line no-unused-expressions
+    // expect(ret).be.ok
+  })
+})
--- a/packages/mitmproxy/src/lib/proxy/mitmproxy/createRequestHandler.js
+++ b/packages/mitmproxy/src/lib/proxy/mitmproxy/createRequestHandler.js
@ -129,6 +129,10 @@ module.exports = function createRequestHandler (createIntercepts, middlewares, e
          }

          // log.info('开始请求:', process.env.NODE_TLS_REJECT_UNAUTHORIZED, rOptions.rejectUnauthorized, rOptions.agent)
+          if (setting && setting.NODE_TLS_REJECT_UNAUTHORIZED) {
+            rOptions.agent.options.rejectUnauthorized = true
+          }
+
          proxyReq = (rOptions.protocol === 'https:' ? https : http).request(rOptions, (proxyRes) => {
            const end = new Date().getTime()
            const cost = end - start
@ -276,7 +280,10 @@ module.exports = function createRequestHandler (createIntercepts, middlewares, e
      if (!res.writableEnded) {
        const status = e.status || 500
        res.writeHead(status, { 'Content-Type': 'text/html;charset=UTF8' })
-        res.write(`DevSidecar Warning:<br/> ${e.toString()}`)
+        res.write(`DevSidecar Error:<br/>
+目标网站请求错误：【${e.code}】 ${e.message}<br/>
+目标地址：${rOptions.protocol}//${rOptions.hostname}:${rOptions.port}${rOptions.path}`
+        )
        res.end()
        log.error('request error', e.message)
      }
--- a/packages/mitmproxy/src/lib/proxy/mitmproxy/index.js
+++ b/packages/mitmproxy/src/lib/proxy/mitmproxy/index.js
@ -111,6 +111,7 @@ module.exports = {
        callback(server)
      }
    })
+
    return server
  },
  createCA (caPaths) {