Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Add strict-ssl config, pass to request

  • Loading branch information...
commit cce89fb0a35e628e2924044889eba3d9a902bf96 1 parent 0596d31
@isaacs isaacs authored
View
12 doc/config.md
@@ -185,6 +185,8 @@ connections to the registry.
Set to `null` to only allow "known" registrars, or to a specific CA cert
to trust only that specific signing authority.
+See also the `strict-ssl` config.
+
### cache
* Default: Windows: `~/npm-cache`, Posix: `~/.npm`
@@ -506,6 +508,16 @@ Space-separated options that limit the results from search.
The shell to run for the `npm explore` command.
+### strict-ssl
+
+* Default: true
+* Type: Boolean
+
+Whether or not to do SSL key validation when making requests to the
+registry via https.
+
+See also the `ca` config.
+
### tag
* Default: latest
View
11 html/doc/config.html
@@ -166,6 +166,8 @@ <h3 id="ca">ca</h3>
<p>Set to <code>null</code> to only allow "known" registrars, or to a specific CA cert
to trust only that specific signing authority.</p>
+<p>See also the <code>strict-ssl</code> config.</p>
+
<h3 id="cache">cache</h3>
<ul><li>Default: Windows: <code>~/npm-cache</code>, Posix: <code>~/.npm</code></li><li>Type: path</li></ul>
@@ -440,6 +442,15 @@ <h3 id="shell">shell</h3>
<p>The shell to run for the <code>npm explore</code> command.</p>
+<h3 id="strict-ssl">strict-ssl</h3>
+
+<ul><li>Default: true</li><li>Type: Boolean</li></ul>
+
+<p>Whether or not to do SSL key validation when making requests to the
+registry via https.</p>
+
+<p>See also the <code>ca</code> config.</p>
+
<h3 id="tag">tag</h3>
<ul><li>Default: latest</li><li>Type: String</li></ul>
View
11 html/doc/get.html
@@ -166,6 +166,8 @@ <h3 id="ca">ca</h3>
<p>Set to <code>null</code> to only allow "known" registrars, or to a specific CA cert
to trust only that specific signing authority.</p>
+<p>See also the <code>strict-ssl</code> config.</p>
+
<h3 id="cache">cache</h3>
<ul><li>Default: Windows: <code>~/npm-cache</code>, Posix: <code>~/.npm</code></li><li>Type: path</li></ul>
@@ -440,6 +442,15 @@ <h3 id="shell">shell</h3>
<p>The shell to run for the <code>npm explore</code> command.</p>
+<h3 id="strict-ssl">strict-ssl</h3>
+
+<ul><li>Default: true</li><li>Type: Boolean</li></ul>
+
+<p>Whether or not to do SSL key validation when making requests to the
+registry via https.</p>
+
+<p>See also the <code>ca</code> config.</p>
+
<h3 id="tag">tag</h3>
<ul><li>Default: latest</li><li>Type: String</li></ul>
View
11 html/doc/set.html
@@ -166,6 +166,8 @@ <h3 id="ca">ca</h3>
<p>Set to <code>null</code> to only allow "known" registrars, or to a specific CA cert
to trust only that specific signing authority.</p>
+<p>See also the <code>strict-ssl</code> config.</p>
+
<h3 id="cache">cache</h3>
<ul><li>Default: Windows: <code>~/npm-cache</code>, Posix: <code>~/.npm</code></li><li>Type: path</li></ul>
@@ -440,6 +442,15 @@ <h3 id="shell">shell</h3>
<p>The shell to run for the <code>npm explore</code> command.</p>
+<h3 id="strict-ssl">strict-ssl</h3>
+
+<ul><li>Default: true</li><li>Type: Boolean</li></ul>
+
+<p>Whether or not to do SSL key validation when making requests to the
+registry via https.</p>
+
+<p>See also the <code>ca</code> config.</p>
+
<h3 id="tag">tag</h3>
<ul><li>Default: latest</li><li>Type: String</li></ul>
View
2  lib/utils/config-defs.js
@@ -139,6 +139,7 @@ Object.defineProperty(exports, "defaults", {get: function () {
, searchopts: ""
, searchexclude: null
, shell : process.env.SHELL || "bash"
+ , "strict-ssl": true
, tag : "latest"
, tar : process.env.TAR || "tar"
, tmp : temp
@@ -208,6 +209,7 @@ exports.types =
, searchopts : String
, searchexclude: [null, String]
, shell : path
+ , "strict-ssl": Boolean
, tag : String
, tar : String
, tmp : path
View
4 lib/utils/fetch.js
@@ -54,5 +54,7 @@ function makeRequest (remote, fstr, headers) {
? "https-proxy"
: "proxy")
- request({ url: remote, proxy: proxy }).pipe(fstr)
+ request({ url: remote
+ , proxy: proxy
+ , strictSSL: npm.config.get("strict-ssl") }).pipe(fstr)
}
View
4 lib/utils/npm-registry-client/request.js
@@ -86,7 +86,9 @@ function regRequest (method, where, what, etag, nofollow, cb_) {
}
function makeRequest (method, remote, where, what, etag, nofollow, cb) {
- var opts = { url: remote, method: method }
+ var opts = { url: remote
+ , method: method
+ , strictSSL: npm.config.get("strict-ssl") }
, headers = opts.headers = {}
if (etag) {
log.verbose(etag, "etag")
View
20 man1/config.1
@@ -328,6 +328,9 @@ connections to the registry\.
Set to \fBnull\fR to only allow "known" registrars, or to a specific CA cert
to trust only that specific signing authority\.
.
+.P
+See also the \fBstrict\-ssl\fR config\.
+.
.SS "cache"
.
.IP "\(bu" 4
@@ -909,6 +912,23 @@ Type: path
.P
The shell to run for the \fBnpm explore\fR command\.
.
+.SS "strict\-ssl"
+.
+.IP "\(bu" 4
+Default: true
+.
+.IP "\(bu" 4
+Type: Boolean
+.
+.IP "" 0
+.
+.P
+Whether or not to do SSL key validation when making requests to the
+registry via https\.
+.
+.P
+See also the \fBca\fR config\.
+.
.SS "tag"
.
.IP "\(bu" 4
View
20 man1/get.1
@@ -328,6 +328,9 @@ connections to the registry\.
Set to \fBnull\fR to only allow "known" registrars, or to a specific CA cert
to trust only that specific signing authority\.
.
+.P
+See also the \fBstrict\-ssl\fR config\.
+.
.SS "cache"
.
.IP "\(bu" 4
@@ -909,6 +912,23 @@ Type: path
.P
The shell to run for the \fBnpm explore\fR command\.
.
+.SS "strict\-ssl"
+.
+.IP "\(bu" 4
+Default: true
+.
+.IP "\(bu" 4
+Type: Boolean
+.
+.IP "" 0
+.
+.P
+Whether or not to do SSL key validation when making requests to the
+registry via https\.
+.
+.P
+See also the \fBca\fR config\.
+.
.SS "tag"
.
.IP "\(bu" 4
View
20 man1/set.1
@@ -328,6 +328,9 @@ connections to the registry\.
Set to \fBnull\fR to only allow "known" registrars, or to a specific CA cert
to trust only that specific signing authority\.
.
+.P
+See also the \fBstrict\-ssl\fR config\.
+.
.SS "cache"
.
.IP "\(bu" 4
@@ -909,6 +912,23 @@ Type: path
.P
The shell to run for the \fBnpm explore\fR command\.
.
+.SS "strict\-ssl"
+.
+.IP "\(bu" 4
+Default: true
+.
+.IP "\(bu" 4
+Type: Boolean
+.
+.IP "" 0
+.
+.P
+Whether or not to do SSL key validation when making requests to the
+registry via https\.
+.
+.P
+See also the \fBca\fR config\.
+.
.SS "tag"
.
.IP "\(bu" 4
Please sign in to comment.
Something went wrong with that request. Please try again.