diff options
| author | Justin Chase <justin.m.chase@gmail.com> | 2021-08-07 07:49:38 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-08-07 14:49:38 +0200 |
| commit | 02c74fb70970fcadb7d1e6dab857eeb2cea20e09 (patch) | |
| tree | 03a1490e063bca34be660eee73bccc8342b0bff2 /runtime/web_worker.rs | |
| parent | fddeb4cea2687b32a32f7829f336b7cf5092c714 (diff) | |
feat(tls): Optionally support loading native certs (#11491)
This commit adds "DENO_TLS_CA_STORE" env variable to support
optionally loading certificates from the users local certificate store.
This will allow them to successfully connect via tls with corporate
and self signed certs provided they have them installed in their keystore.
It also allows them to deal with revoked certs by simply updating
their keystore without having to upgrade Deno.
Currently supported values are "mozilla", "system" or empty value.
Diffstat (limited to 'runtime/web_worker.rs')
| -rw-r--r-- | runtime/web_worker.rs | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/runtime/web_worker.rs b/runtime/web_worker.rs index 74e5fbafe..3f68fc4e6 100644 --- a/runtime/web_worker.rs +++ b/runtime/web_worker.rs @@ -29,6 +29,7 @@ use deno_core::ModuleLoader; use deno_core::ModuleSpecifier; use deno_core::RuntimeOptions; use deno_core::SharedArrayBufferStore; +use deno_tls::rustls::RootCertStore; use deno_web::create_entangled_message_port; use deno_web::BlobStore; use deno_web::MessagePort; @@ -252,7 +253,7 @@ pub struct WebWorkerOptions { pub args: Vec<String>, pub debug_flag: bool, pub unstable: bool, - pub ca_data: Option<Vec<u8>>, + pub root_cert_store: Option<RootCertStore>, pub user_agent: String, pub seed: Option<u64>, pub module_loader: Rc<dyn ModuleLoader>, @@ -300,13 +301,13 @@ impl WebWorker { deno_web::init(options.blob_store.clone(), Some(main_module.clone())), deno_fetch::init::<Permissions>( options.user_agent.clone(), - options.ca_data.clone(), + options.root_cert_store.clone(), None, None, ), deno_websocket::init::<Permissions>( options.user_agent.clone(), - options.ca_data.clone(), + options.root_cert_store.clone(), ), deno_broadcast_channel::init( options.broadcast_channel.clone(), @@ -336,8 +337,9 @@ impl WebWorker { vec![ ops::fs_events::init(), ops::fs::init(), + deno_tls::init(), deno_net::init::<Permissions>( - options.ca_data.clone(), + options.root_cert_store.clone(), options.unstable, ), ops::os::init(), |