Skip to content

Update dependencies and add CSR subject check. #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
3alpha wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Update dependencies and add CSR subject check. #8

3alpha wants to merge 2 commits into from

Conversation

@3alpha
Copy link
Member

@3alpha 3alpha commented Oct 11, 2023

No description provided.

@3alpha 3alpha changed the title Update dependecies and add CSR subject check. Update dependencies and add CSR subject check. Oct 11, 2023
dappnodedev
dappnodedev reviewed Oct 11, 2023
View reviewed changes
Dockerfile
@@ -1,4 +1,4 @@
FROM node:12-alpine AS node-builder
FROM node:16-alpine AS node-builder
Copy link

@dappnodedev dappnodedev Oct 11, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why 16? Wouldn't we want to have a more up-to-date version of node?

Copy link
Member Author

@3alpha 3alpha Oct 11, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Because that node is available in certbot image we use as final one.

src/app.ts
const csrDomain = await shell(`openssl req -in ${csrPath} -subject -noout | cut -c 31-`);
if (csrDomain != "dyndns.dappnode.io") {
rimrafSync(certBaseDir);
throw new BadRequestError("CSR Subject invalid.");
Copy link

@dappnodedev dappnodedev Oct 11, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this properly caught? Will it cause the app to exit?

Copy link
Member Author

@3alpha 3alpha Oct 11, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is caught. You can see that request params were validated in the same way.

src/utils/shell.ts
);
return stdout.trim();
} catch (e) {
} catch (e: any) {
Copy link

@dappnodedev dappnodedev Oct 11, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you need to define any here?

Copy link
Member Author

@3alpha 3alpha Oct 11, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IDK, compiler was complaining for some reason, that code worked fine before. 😅

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dappnodedev dappnodedev dappnodedev left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@3alpha @dappnodedev