Skip to content

Commit 6e3dbc8

Browse files
cjnickelcjnickel
authored
feat: read strict-ssl from npm config (#306)
Closes #162
1 parent 7c0d3de commit 6e3dbc8

File tree

2 files changed

+30
-0
lines changed

2 files changed

+30
-0
lines changed

packages/mongodb-memory-server-core/src/util/MongoBinaryDownload.ts

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,7 @@ interface HttpDownloadOptions {
3131
port: string;
3232
path: string;
3333
method: 'GET' | 'POST';
34+
rejectUnauthorized?: boolean;
3435
agent: HttpsProxyAgent | undefined;
3536
}
3637

@@ -145,6 +146,8 @@ export default class MongoBinaryDownload {
145146
process.env.HTTPS_PROXY ||
146147
process.env.HTTP_PROXY;
147148

149+
const strictSsl = process.env['npm_config_strict-ssl'] === 'false' ? false : true;
150+
148151
const urlObject = url.parse(downloadUrl);
149152

150153
if (!urlObject.hostname || !urlObject.path) {
@@ -156,6 +159,7 @@ export default class MongoBinaryDownload {
156159
port: urlObject.port || '443',
157160
path: urlObject.path,
158161
method: 'GET',
162+
rejectUnauthorized: strictSsl,
159163
agent: proxy ? new HttpsProxyAgent(proxy) : undefined,
160164
};
161165

packages/mongodb-memory-server-core/src/util/__tests__/MongoBinaryDownload-test.ts

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -53,6 +53,32 @@ MONGOMS_MD5_CHECK environment variable`, () => {
5353
expect(callArg1.agent.proxy.href).toBe('http://user:pass@proxy:8080/');
5454
});
5555

56+
it('should not reject unauthorized when strict-ssl is false in env vars', async () => {
57+
process.env['npm_config_strict-ssl'] = 'false';
58+
59+
const du = new MongoBinaryDownload({});
60+
du.httpDownload = jest.fn();
61+
62+
await du.download('https://fastdl.mongodb.org/osx/mongodb-osx-ssl-x86_64-3.6.3.tgz');
63+
expect(du.httpDownload).toHaveBeenCalledTimes(1);
64+
const callArg1 = (du.httpDownload as jest.Mock).mock.calls[0][0];
65+
expect(callArg1.rejectUnauthorized).toBeDefined();
66+
expect(callArg1.rejectUnauthorized).toBe(false);
67+
});
68+
69+
it('should reject unauthorized when strict-ssl is not in env vars', async () => {
70+
delete process.env['npm_config_strict-ssl'];
71+
72+
const du = new MongoBinaryDownload({});
73+
du.httpDownload = jest.fn();
74+
75+
await du.download('https://fastdl.mongodb.org/osx/mongodb-osx-ssl-x86_64-3.6.3.tgz');
76+
expect(du.httpDownload).toHaveBeenCalledTimes(1);
77+
const callArg1 = (du.httpDownload as jest.Mock).mock.calls[0][0];
78+
expect(callArg1.rejectUnauthorized).toBeDefined();
79+
expect(callArg1.rejectUnauthorized).toBe(true);
80+
});
81+
5682
it(`makeMD5check returns true if md5 of downloaded mongoDBArchive is
5783
the same as in the reference result`, () => {
5884
const someMd5 = 'md5';

0 commit comments

Comments
 (0)