forked from davewasmer/devcert
-
-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #7 from RandomByte/update-dependencies
Update dependencies, apply fixes from "upstream"
- Loading branch information
Showing
6 changed files
with
69 additions
and
49 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,26 +1,37 @@ | ||
{ | ||
"name": "devcert-sanscache", | ||
"version": "0.4.7", | ||
"version": "0.4.8", | ||
"description": "Generate trusted local SSL/TLS certificates for local SSL development", | ||
"main": "index.js", | ||
"type": "module", | ||
"exports": { | ||
"./package.json": "./package.json", | ||
".": { | ||
"import": { | ||
"types": "./lib/index.d.ts", | ||
"default": "./lib/index.js" | ||
} | ||
} | ||
}, | ||
"scripts": { | ||
"prepublish": "tsc" | ||
}, | ||
"repository": { | ||
"type": "git", | ||
"url": "git+https://github.com/guybedford/devcert.git" | ||
}, | ||
"engines": { | ||
"node": "^14.13.1 || >=16.0.0" | ||
}, | ||
"author": "Dave Wasmer", | ||
"license": "MIT", | ||
"devDependencies": { | ||
"@types/node": "^8.0.50", | ||
"typescript": "^2.6.1" | ||
"@types/node": "20.11.0", | ||
"typescript": "^5.5.4" | ||
}, | ||
"dependencies": { | ||
"command-exists": "^1.2.2", | ||
"get-port": "^3.0.0", | ||
"glob": "^7.1.1", | ||
"mkdirp": "^0.5.1", | ||
"rimraf": "^2.6.2" | ||
"command-exists": "^1.2.9", | ||
"get-port": "^6.1.2", | ||
"glob": "^10.4.5", | ||
"rimraf": "^5.0.9" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,9 +1,8 @@ | ||
import childProcess = require('child_process'); | ||
import path = require('path'); | ||
import os = require('os'); | ||
import rimraf = require('rimraf'); | ||
import fs = require('fs'); | ||
import mkdirp = require('mkdirp'); | ||
import childProcess from 'node:child_process'; | ||
import path from 'node:path'; | ||
import os from 'node:os'; | ||
import {rimraf} from 'rimraf'; | ||
import fs from 'node:fs'; | ||
|
||
// simple temp file pathing, requires manual removal | ||
let tmpPrefix, tmpFiles; | ||
|
@@ -33,10 +32,10 @@ export function tmpClear () { | |
} | ||
|
||
let rndFile; | ||
function openssl (cmd: string) { | ||
function openssl (args: string[]) { | ||
if (!rndFile) | ||
rndFile = tmpFile('rnd'); | ||
childProcess.execSync(`openssl ${ cmd }`, { | ||
childProcess.execFileSync('openssl', args, { | ||
stdio: 'ignore', | ||
env: Object.assign({ | ||
RANDFILE: rndFile | ||
|
@@ -131,30 +130,31 @@ export function generateOpensslConf (commonName: string) { | |
|
||
export function generateKey (): string { | ||
const keyFile = tmpFile('key'); | ||
openssl(`genrsa -out ${keyFile} 2048`); | ||
openssl(['genrsa', '-out', keyFile, '2048']); | ||
fs.chmodSync(keyFile, 400); | ||
return keyFile; | ||
} | ||
|
||
export function generateRootCertificate (commonName: string, opensslConfPath: string) { | ||
const rootCertPath = tmpFile(`${commonName}.crt`); | ||
const rootKeyPath = generateKey(); | ||
openssl(`req -config ${opensslConfPath} -key ${rootKeyPath} -out ${rootCertPath} -new -subj "/CN=${commonName}" -x509 -days 825 -extensions v3_ca`); | ||
openssl(['req', '-config', opensslConfPath, '-key', rootKeyPath, '-out', rootCertPath, '-new', '-subj', `/CN=${commonName}`, '-x509', '-days', '825', '-extensions', 'v3_ca']); | ||
return { rootKeyPath, rootCertPath }; | ||
} | ||
|
||
export function generateSignedCertificate (commonName: string, opensslConfPath: string, rootKeyPath: string, caPath: string) { | ||
const keyPath = generateKey(); | ||
process.env.SAN = commonName; | ||
const csrFile = tmpFile(`${commonName}.csr`); | ||
openssl(`req -config ${ opensslConfPath } -subj "/CN=${commonName}" -key ${keyPath} -out ${csrFile} -new`); | ||
openssl(['req', '-config', opensslConfPath, '-subj', `/CN=${commonName}`, '-key', keyPath, '-out', csrFile, '-new']); | ||
const certPath = tmpFile(`${commonName}.crt`); | ||
|
||
// needed but not used (see https://www.mail-archive.com/[email protected]/msg81098.html) | ||
const caCertsDir = path.join(os.tmpdir(), Math.round(Math.random() * 36 ** 10).toString(36)); | ||
mkdirp.sync(caCertsDir); | ||
|
||
fs.mkdirSync(caCertsDir, {recursive: true}); | ||
|
||
openssl(`ca -config ${opensslConfPath} -in ${csrFile} -out ${certPath} -outdir ${caCertsDir} -keyfile ${rootKeyPath} -cert ${caPath} -notext -md sha256 -days 825 -batch -extensions server_cert`) | ||
openssl(['ca', '-config', opensslConfPath, '-in', csrFile, '-out', certPath, '-outdir', caCertsDir, '-keyfile', rootKeyPath, '-cert', caPath, '-notext', '-md', 'sha256', '-days', '825', '-batch', '-extensions', 'server_cert']) | ||
|
||
rimraf.sync(caCertsDir); | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters