Merge branch 'ca_helper' into typescript

# Conflicts:
#	bin/anyproxy
#	lib/log.js
#	lib/util.js

lib/certMgr.js

@@ -1,11 +1,16 @@
 'use strict'
 
-const util = require('./util');
 const EasyCert = require('node-easy-cert');
 const co = require('co');
+const os = require('os');
+const inquirer = require('inquirer');
+
+const util = require('./util');
+const logUtil = require('./log');
 
 const options = {
   rootDirPath: util.getAnyProxyPath('certificates'),
+  inMemory: false,
   defaultCertAttrs: [
     { name: 'countryName', value: 'CN' },
     { name: 'organizationName', value: 'AnyProxy' },
@@ -54,4 +59,45 @@ crtMgr.getCAStatus = function *() {
   });
 }
 
+/**
+ * trust the root ca by command
+ */
+crtMgr.trustRootCA = function *() {
+  const platform = os.platform();
+  const rootCAPath = crtMgr.getRootCAFilePath();
+  const trustInquiry = [
+    {
+      type: 'list',
+      name: 'trustCA',
+      message: 'The rootCA is not trusted yet, install it to the trust store now?',
+      choices: ['Yes', "No, I'll do it myself"]
+    }
+  ];
+
+  if (platform === 'darwin') {
+    const answer = yield inquirer.prompt(trustInquiry);
+    if (answer.trustCA === 'Yes') {
+      logUtil.info('About to trust the root CA, this may requires your password');
+      // https://ss64.com/osx/security-cert.html
+      const result = util.execScriptSync(`sudo security add-trusted-cert -d -k /Library/Keychains/System.keychain ${rootCAPath}`);
+      if (result.status === 0) {
+        logUtil.info('Root CA install, you are ready to intercept the https now');
+      } else {
+        console.error(result);
+        logUtil.info('Failed to trust the root CA, please trust it manually');
+        util.guideToHomePage();
+      }
+    } else {
+      logUtil.info('Please trust the root CA manually so https interception works');
+      util.guideToHomePage();
+    }
+  }
+
+
+  if (/^win/.test(process.platform)) {
+    logUtil.info('You can install the root CA manually.');
+  }
+  logUtil.info('The root CA file path is: ' + crtMgr.getRootCAFilePath());
+}
+
 module.exports = crtMgr;

lib/util.ts

@@ -12,11 +12,10 @@ import * as fs from 'fs';
 import * as path from 'path';
 import * as mime from 'mime-types';
 import * as color from 'colorful';
-import {Buffer} from 'buffer';
-import * as crypto from 'crypto';
-// import buffer from 'buffer';
+import { Buffer } from 'buffer';
+import { execSync } from 'child_process';
 import logUtil from './log';
-// const Buffer = buffer.Buffer;
+
 
   const networkInterfaces = require('os').networkInterfaces();
 
@@ -113,7 +112,7 @@ import logUtil from './log';
   * 比如在useLocalResponse的时候会使用到
   */
   function contentType (filepath: string): string {
-    return mime.contentType(path.extname(filepath));
+    return mime.contentType(path.extname(filepath)) || '';
   };
 
   /*
@@ -323,20 +322,26 @@ import logUtil from './log';
     return ipReg.test(domain);
   };
 
-  /**
-  * To generic a Sec-WebSocket-Accept value
-  * 1. append the `Sec-WebSocket-Key` request header with `matic string`
-  * 2. get sha1 hash of the string
-  * 3. get base64 of the sha1 hash
-  */
-  function genericWsSecAccept (wsSecKey) {
-    // the string to generate the Sec-WebSocket-Accept
-    const magicString = '258EAFA5-E914-47DA-95CA-C5AB0DC85B11';
-    const targetString = `${wsSecKey}${magicString}`;
-    const shasum = crypto.createHash('sha1');
-    shasum.update(targetString);
-    return shasum.digest('base64');
-  }
+  function execScriptSync (cmd: string): object {
+    let stdout,
+      status = 0;
+    try {
+      stdout = execSync(cmd);
+    } catch (err) {
+      stdout = err.stdout;
+      status = err.status;
+    }
+
+    return {
+      stdout: stdout.toString(),
+      status
+    };
+  };
+
+  function guideToHomePage (): void {
+    logUtil.info('Refer to http://anyproxy.io for more detail');
+  };
+
 
 const Util = {
   lower_keys,
@@ -357,7 +362,8 @@ const Util = {
   isIpDomain,
   getByteSize,
   deleteFolderContentsRecursive,
-  genericWsSecAccept,
+  execScriptSync,
+  guideToHomePage,
   formatDate
 }