Skip to content

Commit

Permalink
fix: work with Cloudflare WARP (#963)
Browse files Browse the repository at this point in the history 
Using wrangler with Cloudflare WARP (https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/) requires using the Cloudflare certificate. This patch simply uses the certificate as NODE_EXTRA_CA_CERTS when we start wrangler.

Test plan:

- Turn on Cloudflare WARP/ Gateway with WARP
- `wrangler dev`
- Turn on Cloudflare WARP/ Gateway with DoH
- `wrangler dev`
- Turn off Cloudflare WARP
- `wrangler dev`

Fixes #953, #850
  • Loading branch information
@threepointone
threepointone authored May 11, 2022
1 parent ad1c8ba commit 5b03eb8
Show file tree
Hide file tree
Showing 4 changed files with 59 additions and 2 deletions.
18 changes: 18 additions & 0 deletions .changeset/perfect-drinks-switch.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
---
"wrangler": patch
---

fix: work with Cloudflare WARP

Using wrangler with Cloudflare WARP (https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/) requires using the Cloudflare certificate. This patch simply uses the certificate as NODE_EXTRA_CA_CERTS when we start wrangler.

Test plan:

- Turn on Cloudflare WARP/ Gateway with WARP
- `wrangler dev`
- Turn on Cloudflare WARP/ Gateway with DoH
- `wrangler dev`
- Turn off Cloudflare WARP
- `wrangler dev`

Fixes https://github.com/cloudflare/wrangler2/issues/953, https://github.com/cloudflare/wrangler2/issues/850
18 changes: 18 additions & 0 deletions packages/wrangler/Cloudflare_CA.pem
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
-----BEGIN CERTIFICATE-----
MIIC6zCCAkygAwIBAgIUI7b68p0pPrCBoW4ptlyvVcPItscwCgYIKoZIzj0EAwQw
gY0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1T
YW4gRnJhbmNpc2NvMRgwFgYDVQQKEw9DbG91ZGZsYXJlLCBJbmMxNzA1BgNVBAMT
LkNsb3VkZmxhcmUgZm9yIFRlYW1zIEVDQyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkw
HhcNMjAwMjA0MTYwNTAwWhcNMjUwMjAyMTYwNTAwWjCBjTELMAkGA1UEBhMCVVMx
EzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xGDAW
BgNVBAoTD0Nsb3VkZmxhcmUsIEluYzE3MDUGA1UEAxMuQ2xvdWRmbGFyZSBmb3Ig
VGVhbXMgRUNDIENlcnRpZmljYXRlIEF1dGhvcml0eTCBmzAQBgcqhkjOPQIBBgUr
gQQAIwOBhgAEAVdXsX8tpA9NAQeEQalvUIcVaFNDvGsR69ysZxOraRWNGHLfq1mi
P6o3wtmtx/C2OXG01Cw7UFJbKl5MEDxnT2KoAdFSynSJOF2NDoe5LoZHbUW+yR3X
FDl+MF6JzZ590VLGo6dPBf06UsXbH7PvHH2XKtFt8bBXVNMa5a21RdmpD0Pho0Uw
QzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBAjAdBgNVHQ4EFgQU
YBcQng1AEMMNteuRDAMG0/vgFe0wCgYIKoZIzj0EAwQDgYwAMIGIAkIBQU5OTA2h
YqmFk8paan5ezHVLcmcucsfYw4L/wmeEjCkczRmCVNm6L86LjhWU0v0wER0e+lHO
3efvjbsu8gIGSagCQgEBnyYMP9gwg8l96QnQ1khFA1ljFlnqc2XgJHDSaAJC0gdz
+NV3JMeWaD2Rb32jc9r6/a7xY0u0ByqxBQ1OQ0dt7A==
-----END CERTIFICATE-----
22 changes: 21 additions & 1 deletion packages/wrangler/bin/wrangler.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,20 @@ Consider using a Node.js version manager such as https://volta.sh/ or https://gi
return;
}

let pathToCACerts = process.env.NODE_EXTRA_CA_CERTS;
if (pathToCACerts) {
// TODO:
// - should we log a warning here?
// - maybe we can generate a certificate that concatenates with ours?
// - is there a security concern/should we cleanup after we exit?
//
// I do think it'll be rare that someone wants to add a cert AND
// use cloudflare WARP, but let's wait till the situation actually
// arises before we do anything about it
} else {
pathToCACerts = join(__dirname, "../Cloudflare_CA.pem");
}

wranglerProcess = spawn(
process.execPath,
[
Expand All @@ -32,7 +46,13 @@ Consider using a Node.js version manager such as https://volta.sh/ or https://gi
join(__dirname, "../wrangler-dist/cli.js"),
...process.argv.slice(2),
],
{ stdio: "inherit" }
{
stdio: "inherit",
env: {
...process.env,
NODE_EXTRA_CA_CERTS: pathToCACerts,
},
}
).on("exit", (code) =>
process.exit(code === undefined || code === null ? 0 : code)
);
Expand Down
3 changes: 2 additions & 1 deletion packages/wrangler/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -110,7 +110,8 @@
"wrangler-dist",
"templates",
"vendor",
"import_meta_url.js"
"import_meta_url.js",
"Cloudflare_CA.pem"
],
"scripts": {
"clean": "rm -rf wrangler-dist miniflare-dist",
Expand Down

0 comments on commit 5b03eb8

Please sign in to comment.