language-servers/deno
1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2025-08-04 02:48:24 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

feat(tls): Optionally support loading native certs (#11491)

Browse source 
This commit adds "DENO_TLS_CA_STORE" env variable to support 
optionally loading certificates from the users local certificate store. 
This will allow them to successfully connect via tls with corporate 
and self signed certs provided they have them installed in their keystore. 
It also allows them to deal with revoked certs by simply updating 
their keystore without having to upgrade Deno.

Currently supported values are "mozilla", "system" or empty value.
This commit is contained in:
Justin Chase 2021-08-07 07:49:38 -05:00 committed by GitHub
parent fddeb4cea2
commit 02c74fb709
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
25 changed files with 488 additions and 235 deletions
Download patch file Download diff file Expand all files Collapse all files

15
runtime/worker.rs
View file

@ -22,6 +22,7 @@ use deno_core::ModuleLoader;
use deno_core::ModuleSpecifier;
use deno_core::RuntimeOptions;
use deno_core::SharedArrayBufferStore;
use deno_tls::rustls::RootCertStore;
use deno_web::BlobStore;
use log::debug;
use std::env;
@ -49,7 +50,7 @@ pub struct WorkerOptions {
pub args: Vec<String>,
pub debug_flag: bool,
pub unstable: bool,
pub ca_data: Option<Vec<u8>>,
pub root_cert_store: Option<RootCertStore>,
pub user_agent: String,
pub seed: Option<u64>,
pub module_loader: Rc<dyn ModuleLoader>,
@ -99,13 +100,13 @@ impl MainWorker {
deno_web::init(options.blob_store.clone(), options.location.clone()),
deno_fetch::init::<Permissions>(
options.user_agent.clone(),
options.ca_data.clone(),
options.root_cert_store.clone(),
None,
None,
),
deno_websocket::init::<Permissions>(
options.user_agent.clone(),
options.ca_data.clone(),
options.root_cert_store.clone(),
),
deno_webstorage::init(options.origin_storage_dir.clone()),
deno_crypto::init(options.seed),
@ -126,7 +127,11 @@ impl MainWorker {
ops::fs::init(),
ops::io::init(),
ops::io::init_stdio(),
deno_net::init::<Permissions>(options.ca_data.clone(), options.unstable),
deno_tls::init(),
deno_net::init::<Permissions>(
options.root_cert_store.clone(),
options.unstable,
),
ops::os::init(),
ops::permissions::init(),
ops::process::init(),
@ -295,7 +300,7 @@ mod tests {
args: vec![],
debug_flag: false,
unstable: false,
ca_data: None,
root_cert_store: None,
seed: None,
js_error_create_fn: None,
create_web_worker_cb: Arc::new(|_| unreachable!()),