fix(proxy): add lowercase proxy vars and NODE_EXTRA_CA_CERTS (#1234)

* fix(proxy): add lowercase proxy vars and NODE_EXTRA_CA_CERTS

Yarn 4 (undici), Corepack, and some Node.js HTTP clients only check
lowercase http_proxy/https_proxy environment variables. This caused
EPROTO SSL errors when these tools tried to make HTTPS connections
through the Squid proxy.

- Add lowercase http_proxy/https_proxy alongside uppercase variants
- Set NODE_EXTRA_CA_CERTS when SSL Bump is enabled so Node.js trusts
  the AWF session CA certificate
- Export NODE_EXTRA_CA_CERTS in entrypoint.sh for container context
- Add tests for lowercase proxy vars and NODE_EXTRA_CA_CERTS

Fixes #949

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix(proxy): add NO_PROXY to api-proxy container for health check

The api-proxy container's curl health check was routing through Squid
because of the newly-added lowercase http_proxy/https_proxy env vars.
curl respects lowercase proxy vars, causing localhost health checks to
fail. Add NO_PROXY/no_proxy with localhost entries to prevent this.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* fix: remove lowercase http_proxy to prevent HTTP forward-proxy bypass

Some curl builds (Ubuntu 22.04) ignore uppercase HTTP_PROXY for HTTP
URLs as an httpoxy mitigation. This means HTTP traffic correctly falls
through to iptables DNAT interception where Squid blocks at the
connection level. Setting lowercase http_proxy causes curl to use the
forward proxy, where Squid's 403 error page returns exit code 0 —
breaking security expectations.

Only https_proxy (lowercase) is needed for Yarn 4/undici/Corepack
compatibility since these tools connect to registries via HTTPS.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: Mossaka

containers/agent/entrypoint.sh

@@ -104,7 +104,11 @@ if [ "${AWF_SSL_BUMP_ENABLED}" = "true" ]; then
   echo "[entrypoint] SSL Bump mode detected - updating CA certificates..."
   if [ -f /usr/local/share/ca-certificates/awf-ca.crt ]; then
     update-ca-certificates 2>/dev/null
+    # Set NODE_EXTRA_CA_CERTS so Node.js tools (Yarn 4, Corepack, npm) trust the AWF CA.
+    # Node.js uses its own CA bundle, not the system CA store updated by update-ca-certificates.
+    export NODE_EXTRA_CA_CERTS="/usr/local/share/ca-certificates/awf-ca.crt"
     echo "[entrypoint] CA certificates updated for SSL Bump"
+    echo "[entrypoint] NODE_EXTRA_CA_CERTS set to $NODE_EXTRA_CA_CERTS"
     echo "[entrypoint] ⚠️  WARNING: HTTPS traffic will be intercepted for URL inspection"
   else
     echo "[entrypoint][WARN] SSL Bump enabled but CA certificate not found"

src/docker-manager.test.ts

@@ -507,10 +507,49 @@ describe('docker-manager', () => {
 
       expect(env.HTTP_PROXY).toBe('http://172.30.0.10:3128');
       expect(env.HTTPS_PROXY).toBe('http://172.30.0.10:3128');
+      expect(env.https_proxy).toBe('http://172.30.0.10:3128');
       expect(env.SQUID_PROXY_HOST).toBe('squid-proxy');
       expect(env.SQUID_PROXY_PORT).toBe('3128');
     });
 
+    it('should set lowercase https_proxy for Yarn 4 and Corepack compatibility', () => {
+      const result = generateDockerCompose(mockConfig, mockNetworkConfig);
+      const agent = result.services.agent;
+      const env = agent.environment as Record<string, string>;
+
+      // Yarn 4 (undici), Corepack, and some Node.js HTTP clients only check lowercase
+      expect(env.https_proxy).toBe(env.HTTPS_PROXY);
+      // http_proxy is intentionally NOT set - see comment in docker-manager.ts
+      expect(env.http_proxy).toBeUndefined();
+    });
+
+    it('should set NODE_EXTRA_CA_CERTS when SSL Bump is enabled', () => {
+      const sslBumpConfig = { ...mockConfig, sslBump: true };
+      const ssl = {
+        caFiles: {
+          certPath: '/tmp/awf-test/ssl/ca-cert.pem',
+          keyPath: '/tmp/awf-test/ssl/ca-key.pem',
+          derPath: '/tmp/awf-test/ssl/ca-cert.der',
+        },
+        sslDbPath: '/tmp/awf-test/ssl_db',
+      };
+      const result = generateDockerCompose(sslBumpConfig, mockNetworkConfig, ssl);
+      const agent = result.services.agent;
+      const env = agent.environment as Record<string, string>;
+
+      expect(env.NODE_EXTRA_CA_CERTS).toBe('/usr/local/share/ca-certificates/awf-ca.crt');
+      expect(env.AWF_SSL_BUMP_ENABLED).toBe('true');
+    });
+
+    it('should not set NODE_EXTRA_CA_CERTS when SSL Bump is disabled', () => {
+      const result = generateDockerCompose(mockConfig, mockNetworkConfig);
+      const agent = result.services.agent;
+      const env = agent.environment as Record<string, string>;
+
+      expect(env.NODE_EXTRA_CA_CERTS).toBeUndefined();
+      expect(env.AWF_SSL_BUMP_ENABLED).toBeUndefined();
+    });
+
     it('should set NO_COLOR=1 to disable ANSI color output from CLI tools', () => {
       const result = generateDockerCompose(mockConfig, mockNetworkConfig);
       const agent = result.services.agent;

src/docker-manager.ts

@@ -371,6 +371,13 @@ export function generateDockerCompose(
   const environment: Record<string, string> = {
     HTTP_PROXY: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
     HTTPS_PROXY: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
+    // Lowercase https_proxy for tools that only check lowercase (e.g., Yarn 4/undici, Corepack).
+    // NOTE: We intentionally do NOT set lowercase http_proxy. Some curl builds (Ubuntu 22.04)
+    // ignore uppercase HTTP_PROXY for HTTP URLs (httpoxy mitigation), which means HTTP traffic
+    // falls through to iptables DNAT interception — the correct behavior for connection-level
+    // blocking. Setting http_proxy would route HTTP through the forward proxy where Squid's
+    // 403 error page returns exit code 0, breaking security expectations.
+    https_proxy: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
     SQUID_PROXY_HOST: 'squid-proxy',
     SQUID_PROXY_PORT: SQUID_PORT.toString(),
     HOME: homeDir,
@@ -727,6 +734,10 @@ export function generateDockerCompose(
     agentVolumes.push(`${sslConfig.caFiles.certPath}:/usr/local/share/ca-certificates/awf-ca.crt:ro`);
     // Set environment variable to indicate SSL Bump is enabled
     environment.AWF_SSL_BUMP_ENABLED = 'true';
+    // Tell Node.js to trust the AWF session CA certificate.
+    // Without this, Node.js tools (Yarn 4, Corepack, npm) fail with EPROTO
+    // because Node.js uses its own CA bundle, not the system CA store.
+    environment.NODE_EXTRA_CA_CERTS = '/usr/local/share/ca-certificates/awf-ca.crt';
   }
 
   // SECURITY: Selective mounting to prevent credential exfiltration
@@ -1043,6 +1054,10 @@ export function generateDockerCompose(
         // Route through Squid to respect domain whitelisting
         HTTP_PROXY: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
         HTTPS_PROXY: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
+        https_proxy: `http://${networkConfig.squidIp}:${SQUID_PORT}`,
+        // Prevent curl health check from routing localhost through Squid
+        NO_PROXY: `localhost,127.0.0.1,::1`,
+        no_proxy: `localhost,127.0.0.1,::1`,
         // Rate limiting configuration
         ...(config.rateLimitConfig && {
           AWF_RATE_LIMIT_ENABLED: String(config.rateLimitConfig.enabled),