From afbd19ed9b9661a6648554e635ccdae5cbc0b0a3 Mon Sep 17 00:00:00 2001 From: yonatan ben avraham Date: Sun, 20 Dec 2020 00:13:48 +0200 Subject: feat(unstable): support in memory certificate data for Deno.createHttpClient (#8739) --- op_crates/fetch/lib.rs | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) (limited to 'op_crates') diff --git a/op_crates/fetch/lib.rs b/op_crates/fetch/lib.rs index c2c08d2cf..4bc37b998 100644 --- a/op_crates/fetch/lib.rs +++ b/op_crates/fetch/lib.rs @@ -260,6 +260,7 @@ where #[serde(default)] struct CreateHttpClientOptions { ca_file: Option, + ca_data: Option, } let args: CreateHttpClientOptions = serde_json::from_value(args)?; @@ -269,7 +270,9 @@ where permissions.check_read(&PathBuf::from(ca_file))?; } - let client = create_http_client(args.ca_file.as_deref()).unwrap(); + let client = + create_http_client(args.ca_file.as_deref(), args.ca_data.as_deref()) + .unwrap(); let rid = state.resource_table.add(HttpClientResource::new(client)); Ok(json!(rid)) @@ -277,9 +280,16 @@ where /// Create new instance of async reqwest::Client. This client supports /// proxies and doesn't follow redirects. -fn create_http_client(ca_file: Option<&str>) -> Result { +fn create_http_client( + ca_file: Option<&str>, + ca_data: Option<&str>, +) -> Result { let mut builder = Client::builder().redirect(Policy::none()).use_rustls_tls(); - if let Some(ca_file) = ca_file { + if let Some(ca_data) = ca_data { + let ca_data_vec = ca_data.as_bytes().to_vec(); + let cert = reqwest::Certificate::from_pem(&ca_data_vec)?; + builder = builder.add_root_certificate(cert); + } else if let Some(ca_file) = ca_file { let mut buf = Vec::new(); File::open(ca_file)?.read_to_end(&mut buf)?; let cert = reqwest::Certificate::from_pem(&buf)?; -- cgit v1.2.3