diff --git a/src/client.ts b/src/client.ts index 72980001..201251e5 100644 --- a/src/client.ts +++ b/src/client.ts @@ -743,9 +743,10 @@ export type ClientListenersParams = { } export interface SSLConnectionParams { - key: string - cert: string + key?: string + cert?: string ca?: string + rejectUnauthorized?: boolean } export type AddressResolverParams = @@ -765,7 +766,7 @@ export interface ClientParams { frameMax?: number heartbeat?: number listeners?: ClientListenersParams - ssl?: SSLConnectionParams + ssl?: SSLConnectionParams | boolean bufferSizeSettings?: BufferSizeSettings socketTimeout?: number addressResolver?: AddressResolverParams diff --git a/src/connection.ts b/src/connection.ts index 308e8c4b..5ba90ba8 100644 --- a/src/connection.ts +++ b/src/connection.ts @@ -32,6 +32,7 @@ import { SaslHandshakeResponse } from "./responses/sasl_handshake_response" import { TuneResponse } from "./responses/tune_response" import { DEFAULT_FRAME_MAX, + DEFAULT_SSL_CONFIG, DEFAULT_UNLIMITED_FRAME_MAX, REQUIRED_MANAGEMENT_VERSION, isString, @@ -39,7 +40,14 @@ import { } from "./util" import { Version, checkServerDeclaredVersions, getClientSupportedVersions } from "./versions" import { WaitingResponse } from "./waiting_response" -import { ClientListenersParams, ClientParams, ClosingParams, QueryOffsetParams, StoreOffsetParams } from "./client" +import { + ClientListenersParams, + ClientParams, + ClosingParams, + QueryOffsetParams, + SSLConnectionParams, + StoreOffsetParams, +} from "./client" import { QueryPublisherResponse } from "./responses/query_publisher_response" import { QueryPublisherRequest } from "./requests/query_publisher_request" import { StoreOffsetRequest } from "./requests/store_offset_request" @@ -134,10 +142,7 @@ export class Connection { private createSocket() { const socket = this.params.ssl - ? tls.connect(this.params.port, this.params.hostname, { - ...this.params.ssl, - rejectUnauthorized: false, - }) + ? tls.connect(this.params.port, this.params.hostname, buildSSLParams(this.params.ssl)) : new Socket().connect(this.params.port, this.params.hostname) if (this.params.socketTimeout) socket.setTimeout(this.params.socketTimeout) return socket @@ -634,3 +639,9 @@ export function partition(arr: T[], predicate: (t: T) => boolean): [T[], T[]] function isSameStream({ metadataInfo }: { metadataInfo: MetadataInfo }): (e: ListenerEntry) => boolean { return (e) => e.stream === metadataInfo.stream } + +function buildSSLParams(ssl: SSLConnectionParams | true) { + if (ssl === true) return DEFAULT_SSL_CONFIG + + return ssl +} diff --git a/src/util.ts b/src/util.ts index dfc7e4f7..1a4e8567 100644 --- a/src/util.ts +++ b/src/util.ts @@ -13,6 +13,8 @@ export function range(count: number): number[] { return ret } +export const DEFAULT_SSL_CONFIG = { rejectUnauthorized: false } + export const DEFAULT_FRAME_MAX = 1048576 export const DEFAULT_UNLIMITED_FRAME_MAX = 0 export const REQUIRED_MANAGEMENT_VERSION = "3.13.0"