oxen-io
/
session-desktop
mirror of https://github.com/oxen-io/session-desktop.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Support pass-through proxies with HTTPS_PROXY env var (#1878) 

We've simplified; HTTPS_PROXY or https_proxy is used for all requests.

We also require that only our self-signed certificates are used for
secure traffic. That rules out all SSL-terminating MITM proxies, since
we don't trust their root certificate.

Once we're sure that this system works for people, we'll improve config
on MacOS and Windows.
This commit is contained in:
Scott Nonnenberg 2017-12-08 10:38:01 -08:00 committed by GitHub
parent 4f487d208d
commit b17a67ec65
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 19 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
js/libtextsecure.js
View File

@ -37461,12 +37461,12 @@ var TextSecureServer = (function() {
}
function createSocket(url) {
var proxyUrl = window.getProxyForUrl(url);
var proxyUrl = window.config.proxyUrl;
var requestOptions;
if (proxyUrl) {
console.log('createSocket: using proxy url', proxyUrl);
requestOptions = {
agent: ProxyAgent(proxyUrl)
ca: window.config.certificateAuthorities,
agent: new ProxyAgent(proxyUrl),
};
} else {
requestOptions = {
@ -37487,15 +37487,10 @@ var TextSecureServer = (function() {
console.log(options.type, url);
var timeout = typeof options.timeout !== 'undefined' ? options.timeout : 10000;
var proxyUrl = window.getProxyForUrl(url);
var proxyUrl = window.config.proxyUrl;
var agent;
if (proxyUrl) {
console.log('promixe_ajax: using proxy url', proxyUrl);
agent = new ProxyAgent(proxyUrl);
} else {
agent = new httpsAgent({
ca: options.certificateAuthorities
});
}
var fetchOptions = {
@ -37503,6 +37498,7 @@ var TextSecureServer = (function() {
body: options.data || null,
headers: { 'X-Signal-Agent': 'OWD' },
agent: agent,
ca: options.certificateAuthorities,
timeout: timeout,
};

14
libtextsecure/api.js
View File

@ -25,12 +25,12 @@ var TextSecureServer = (function() {
}
function createSocket(url) {
var proxyUrl = window.getProxyForUrl(url);
var proxyUrl = window.config.proxyUrl;
var requestOptions;
if (proxyUrl) {
console.log('createSocket: using proxy url', proxyUrl);
requestOptions = {
agent: ProxyAgent(proxyUrl)
ca: window.config.certificateAuthorities,
agent: new ProxyAgent(proxyUrl),
};
} else {
requestOptions = {
@ -51,15 +51,10 @@ var TextSecureServer = (function() {
console.log(options.type, url);
var timeout = typeof options.timeout !== 'undefined' ? options.timeout : 10000;
var proxyUrl = window.getProxyForUrl(url);
var proxyUrl = window.config.proxyUrl;
var agent;
if (proxyUrl) {
console.log('promixe_ajax: using proxy url', proxyUrl);
agent = new ProxyAgent(proxyUrl);
} else {
agent = new httpsAgent({
ca: options.certificateAuthorities
});
}
var fetchOptions = {
@ -67,6 +62,7 @@ var TextSecureServer = (function() {
body: options.data || null,
headers: { 'X-Signal-Agent': 'OWD' },
agent: agent,
ca: options.certificateAuthorities,
timeout: timeout,
};

1
main.js
View File

@ -93,6 +93,7 @@ function prepareURL(pathSegments) {
hostname: os.hostname(),
appInstance: process.env.NODE_APP_INSTANCE,
polyfillNotifications: polyfillNotifications ? true : undefined, // for stringify()
proxyUrl: process.env.HTTPS_PROXY || process.env.https_proxy,
}
})
}

3
package.json
View File

@ -170,11 +170,10 @@
"google-libphonenumber": "^3.0.7",
"lodash": "^4.17.4",
"mkdirp": "^0.5.1",
"node-fetch": "^1.7.3",
"node-fetch": "https://github.com/scottnonnenberg/node-fetch.git#3e5f51e08c647ee5f20c43b15cf2d352d61c36b4",
"node-notifier": "^5.1.2",
"os-locale": "^2.1.0",
"proxy-agent": "^2.1.0",
"proxy-from-env": "^1.0.0",
"rimraf": "^2.6.2",
"semver": "^5.4.1",
"spellchecker": "^3.4.3",

7
preload.js
View File

@ -42,6 +42,11 @@
// We pull these dependencies in now, from here, because they have Node.js dependencies
require('./js/logging');
if (window.config.proxyUrl) {
console.log('using proxy url', window.config.proxyUrl);
}
require('./js/backup');
window.nodeSetImmediate = setImmediate;
@ -52,12 +57,10 @@
window.nodeSetImmediate(function() {});
}, 1000);
window.getProxyForUrl = require('proxy-from-env').getProxyForUrl;
window.ProxyAgent = require('proxy-agent');
window.EmojiConvertor = require('emoji-js');
window.emojiData = require('emoji-datasource');
window.nodeFetch = require('node-fetch');
window.httpsAgent = require('https').Agent;
window.nodeBuffer = Buffer;
window.EmojiPanel = require('emoji-panel');
window.libphonenumber = require('google-libphonenumber').PhoneNumberUtil.getInstance();

8
yarn.lock
View File

@ -2689,9 +2689,9 @@ node-emoji@^1.8.1:
dependencies:
lodash.toarray "^4.4.0"
node-fetch@^1.7.3:
"node-fetch@https://github.com/scottnonnenberg/node-fetch.git#3e5f51e08c647ee5f20c43b15cf2d352d61c36b4":
version "1.7.3"
resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-1.7.3.tgz#980f6f72d85211a5347c6b2bc18c5b84c3eb47ef"
resolved "https://github.com/scottnonnenberg/node-fetch.git#3e5f51e08c647ee5f20c43b15cf2d352d61c36b4"
dependencies:
encoding "^0.1.11"
is-stream "^1.0.1"
@ -3181,10 +3181,6 @@ proxy-agent@^2.1.0:
pac-proxy-agent "^2.0.0"
socks-proxy-agent "2"
proxy-from-env@^1.0.0:
version "1.0.0"
resolved "https://registry.yarnpkg.com/proxy-from-env/-/proxy-from-env-1.0.0.tgz#33c50398f70ea7eb96d21f7b817630a55791c7ee"
pseudomap@^1.0.1:
version "1.0.2"
resolved "https://registry.yarnpkg.com/pseudomap/-/pseudomap-1.0.2.tgz#f052a28da70e618917ef0a8ac34c1ae5a68286b3"