Support pass-through proxies with HTTPS_PROXY env var (#1878)

We've simplified; HTTPS_PROXY or https_proxy is used for all requests. We also require that only our self-signed certificates are used for secure traffic. That rules out all SSL-terminating MITM proxies, since we don't trust their root certificate. Once we're sure that this system works for people, we'll improve config on MacOS and Windows.
2017-12-08 10:38:01 -08:00
parent 4f487d208d
commit b17a67ec65
6 changed files with 19 additions and 28 deletions
--- a/libtextsecure/api.js
+++ b/libtextsecure/api.js
@@ -25,12 +25,12 @@ var TextSecureServer = (function() {
    }

    function createSocket(url) {
-      var proxyUrl = window.getProxyForUrl(url);
+      var proxyUrl = window.config.proxyUrl;
      var requestOptions;
      if (proxyUrl) {
-        console.log('createSocket: using proxy url', proxyUrl);
        requestOptions = {
-            agent: ProxyAgent(proxyUrl)
+            ca: window.config.certificateAuthorities,
+            agent: new ProxyAgent(proxyUrl),
        };
      } else {
        requestOptions = {
@@ -51,15 +51,10 @@ var TextSecureServer = (function() {
        console.log(options.type, url);
        var timeout = typeof options.timeout !== 'undefined' ? options.timeout : 10000;

-        var proxyUrl = window.getProxyForUrl(url);
+        var proxyUrl = window.config.proxyUrl;
        var agent;
        if (proxyUrl) {
-            console.log('promixe_ajax: using proxy url', proxyUrl);
            agent = new ProxyAgent(proxyUrl);
-        } else {
-            agent = new httpsAgent({
-                ca: options.certificateAuthorities
-            });
        }

        var fetchOptions = {
@@ -67,6 +62,7 @@ var TextSecureServer = (function() {
          body: options.data || null,
          headers: { 'X-Signal-Agent': 'OWD' },
          agent: agent,
+          ca: options.certificateAuthorities,
          timeout: timeout,
        };