Skip to content

Commit 44f4f08

Browse files
corybcoryb
authored
feat: add coder.tlsAltHost option (#398)
1 parent d4ccfa7 commit 44f4f08

File tree

2 files changed

+9
-1
lines changed

2 files changed

+9
-1
lines changed

package.json

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -88,6 +88,11 @@
8888
"type": "string",
8989
"default": ""
9090
},
91+
"coder.tlsAltHost": {
92+
"markdownDescription": "Alternative hostname to use for TLS verification. This is useful when the hostname in the certificate does not match the hostname used to connect.",
93+
"type": "string",
94+
"default": ""
95+
},
9196
"coder.proxyLogDirectory": {
9297
"markdownDescription": "If set, the Coder CLI will output extra SSH information into this directory, which can be helpful for debugging connectivity issues.",
9398
"type": "string",

src/api.ts

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,7 @@ async function createHttpAgent(): Promise<ProxyAgent> {
3131
const certFile = expandPath(String(cfg.get("coder.tlsCertFile") ?? "").trim())
3232
const keyFile = expandPath(String(cfg.get("coder.tlsKeyFile") ?? "").trim())
3333
const caFile = expandPath(String(cfg.get("coder.tlsCaFile") ?? "").trim())
34+
const altHost = expandPath(String(cfg.get("coder.tlsAltHost") ?? "").trim())
3435

3536
return new ProxyAgent({
3637
// Called each time a request is made.
@@ -41,6 +42,7 @@ async function createHttpAgent(): Promise<ProxyAgent> {
4142
cert: certFile === "" ? undefined : await fs.readFile(certFile),
4243
key: keyFile === "" ? undefined : await fs.readFile(keyFile),
4344
ca: caFile === "" ? undefined : await fs.readFile(caFile),
45+
servername: altHost === "" ? undefined : altHost,
4446
// rejectUnauthorized defaults to true, so we need to explicitly set it to
4547
// false if we want to allow self-signed certificates.
4648
rejectUnauthorized: !insecure,
@@ -66,7 +68,8 @@ async function getHttpAgent(): Promise<ProxyAgent> {
6668
e.affectsConfiguration("coder.insecure") ||
6769
e.affectsConfiguration("coder.tlsCertFile") ||
6870
e.affectsConfiguration("coder.tlsKeyFile") ||
69-
e.affectsConfiguration("coder.tlsCaFile")
71+
e.affectsConfiguration("coder.tlsCaFile") ||
72+
e.affectsConfiguration("coder.tlsAltHost")
7073
) {
7174
agent = createHttpAgent()
7275
}

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy