From 37c72c70c4e6b7a980843ba2fbc37d2bb40d7b23 Mon Sep 17 00:00:00 2001 From: Corey Butler Date: Wed, 22 Feb 2017 15:32:54 -0600 Subject: [PATCH] Added support for ignoring SSL validation. Fixed availability list. --- build.bat | 2 +- src/nvm.go | 39 +++++++++++++++++++++++++++++---------- src/nvm/node/node.go | 2 +- src/nvm/web/web.go | 9 +++++---- 4 files changed, 36 insertions(+), 16 deletions(-) diff --git a/build.bat b/build.bat index bd5edf4..3979be9 100644 --- a/build.bat +++ b/build.bat @@ -4,7 +4,7 @@ SET ORIG=%CD% REM SET GOPATH=%CD%\src SET GOBIN=%CD%\bin SET GOARCH=386 -SET version=1.1.1 +SET version=1.1.2 REM Get the version number from the setup file REM for /f "tokens=*" %%i in ('findstr /n . %INNOSETUP% ^| findstr ^4:#define') do set L=%%i diff --git a/src/nvm.go b/src/nvm.go index f8efecc..cb0a4cc 100644 --- a/src/nvm.go +++ b/src/nvm.go @@ -16,7 +16,7 @@ import ( ) const ( - NvmVersion = "1.1.1" + NvmVersion = "1.1.2" ) type Environment struct { @@ -29,6 +29,7 @@ type Environment struct { proxy string originalpath string originalversion string + verifyssl bool } var env = &Environment{ @@ -41,6 +42,7 @@ var env = &Environment{ proxy: "none", originalpath: "", originalversion: "", + verifyssl: true, } func main() { @@ -55,7 +57,9 @@ func main() { detail = args[2] } if len(args) > 3 { - procarch = args[3] + if (args[3] == "32" || args[3] == "64") { + procarch = args[3] + } } if len(args) < 2 { help() @@ -122,11 +126,11 @@ func update() { } func CheckVersionExceedsLatest(version string) bool{ - //content := web.GetRemoteTextFile("http://nodejs.org/dist/latest/SHASUMS256.txt") - url := web.GetFullNodeUrl("latest/SHASUMS256.txt"); - content := web.GetRemoteTextFile(url) - re := regexp.MustCompile("node-v(.+)+msi") - reg := regexp.MustCompile("node-v|-x.+") + //content := web.GetRemoteTextFile("http://nodejs.org/dist/latest/SHASUMS256.txt") + url := web.GetFullNodeUrl("latest/SHASUMS256.txt"); + content := web.GetRemoteTextFile(url) + re := regexp.MustCompile("node-v(.+)+msi") + reg := regexp.MustCompile("node-v|-x.+") latest := reg.ReplaceAllString(re.FindString(content),"") if version <= latest { @@ -137,6 +141,13 @@ func CheckVersionExceedsLatest(version string) bool{ } func install(version string, cpuarch string) { + args := os.Args + lastarg := args[len(args) - 1] + + if lastarg == "--insecure" { + env.verifyssl = false + } + if version == "" { fmt.Println("\nInvalid version.") fmt.Println(" ") @@ -194,6 +205,11 @@ func install(version string, cpuarch string) { os.Mkdir(env.root+"\\v"+version,os.ModeDir) os.Mkdir(env.root+"\\v"+version+"\\node_modules",os.ModeDir) + // Warn the user if they're attempting to install without verifying the remote SSL cert + if !env.verifyssl { + fmt.Println("\nWARNING: The remote SSL certificate will not be validated during the download process.\n") + } + // Download node if (cpuarch == "32" || cpuarch == "all") && !node.IsVersionInstalled(env.root,version,"32") { success := web.GetNodeJS(env.root,version,"32"); @@ -244,9 +260,11 @@ func install(version string, cpuarch string) { fmt.Println("It should be extracted to "+env.root+"\\v"+version) } + // Reset the SSL verification + env.verifyssl = true + // If this is ever shipped for Mac, it should use homebrew. // If this ever ships on Linux, it should be on bintray so it can use yum, apt-get, etc. - return } else { fmt.Println("Version "+version+" is already installed.") @@ -517,7 +535,8 @@ func help() { fmt.Println(" nvm install [arch] : The version can be a node.js version or \"latest\" for the latest stable version.") fmt.Println(" Optionally specify whether to install the 32 or 64 bit version (defaults to system arch).") fmt.Println(" Set [arch] to \"all\" to install 32 AND 64 bit versions.") - fmt.Println(" nvm list [available] : List the node.js installations. Type \"available\" at the end to see what can be installed. Aliased as ls.") + fmt.Println(" Add --insecure to the end of this command to bypass SSL validation of the remote download server.") + fmt.Println(" nvm list [available] : List the node.js installations. Type \"available\" at the end to see what can be installed. Aliased as ls.") fmt.Println(" nvm on : Enable node.js version management.") fmt.Println(" nvm off : Disable node.js version management.") fmt.Println(" nvm proxy [url] : Set a proxy to use for downloads. Leave [url] blank to see the current proxy.") @@ -588,7 +607,7 @@ func Setup() { if strings.ToLower(env.proxy[0:4]) != "http" { env.proxy = "http://"+env.proxy } - web.SetProxy(env.proxy) + web.SetProxy(env.proxy, env.verifyssl) } } } diff --git a/src/nvm/node/node.go b/src/nvm/node/node.go index d7268b2..55a3064 100644 --- a/src/nvm/node/node.go +++ b/src/nvm/node/node.go @@ -131,7 +131,7 @@ func isCurrent(element map[string]interface{}) bool { return false } - return version.Major%2 == 0 + return version.Major%2 == 1 } // Identifies a stable old version. diff --git a/src/nvm/web/web.go b/src/nvm/web/web.go index fb2f49b..84df4fc 100644 --- a/src/nvm/web/web.go +++ b/src/nvm/web/web.go @@ -7,6 +7,7 @@ import( "os" "io" "io/ioutil" + "crypto/tls" "strings" "strconv" "../arch" @@ -17,12 +18,12 @@ var client = &http.Client{} var nodeBaseAddress = "https://nodejs.org/dist/" var npmBaseAddress = "https://github.com/npm/npm/archive/" -func SetProxy(p string){ +func SetProxy(p string, verifyssl bool){ if p != "" && p != "none" { proxyUrl, _ := url.Parse(p) - client = &http.Client{Transport: &http.Transport{Proxy: http.ProxyURL(proxyUrl)}} + client = &http.Client{Transport: &http.Transport{Proxy: http.ProxyURL(proxyUrl), TLSClientConfig: &tls.Config{InsecureSkipVerify: verifyssl}}} } else { - client = &http.Client{} + client = &http.Client{Transport: &http.Transport{TLSClientConfig: &tls.Config{InsecureSkipVerify: verifyssl}}} } } @@ -101,7 +102,7 @@ func GetNodeJS(root string, v string, a string) bool { vpre = "x64/" } } - + url := getNodeUrl ( v, vpre ); if url == "" { -- GitLab