diff --git a/src/common/certificate-authorities/request-system-cas.injectable.darwin.ts b/src/common/certificate-authorities/request-system-cas.injectable.darwin.ts index 7b0425bbe1..2692a3fbce 100644 --- a/src/common/certificate-authorities/request-system-cas.injectable.darwin.ts +++ b/src/common/certificate-authorities/request-system-cas.injectable.darwin.ts @@ -5,6 +5,7 @@ import { getInjectable } from "@ogre-tools/injectable"; import execFileInjectable from "../fs/exec-file.injectable"; import loggerInjectable from "../logger.injectable"; +import type { AsyncResult } from "../utils/async-result"; import { requestSystemCAsInjectionToken } from "./request-system-cas-token"; // https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions/Cheatsheet#other_assertions @@ -16,22 +17,34 @@ const requestSystemCAsInjectable = getInjectable({ const execFile = di.inject(execFileInjectable); const logger = di.inject(loggerInjectable); - const execSecurity = async (...args: string[]) => { - const output = await execFile("/usr/bin/security", args); + const execSecurity = async (...args: string[]): Promise> => { + const result = await execFile("/usr/bin/security", args); - return output.split(certSplitPattern); + if (!result.callWasSuccessful) { + return { + callWasSuccessful: false, + error: result.error.stderr || result.error.error.message, + }; + } + + return { + callWasSuccessful: true, + response: result.response.split(certSplitPattern), + }; }; return async () => { - try { - const [trusted, rootCA] = await Promise.all([ - execSecurity("find-certificate", "-a", "-p"), - execSecurity("find-certificate", "-a", "-p", "/System/Library/Keychains/SystemRootCertificates.keychain"), - ]); + const [trustedResult, rootCAResult] = await Promise.all([ + execSecurity("find-certificate", "-a", "-p"), + execSecurity("find-certificate", "-a", "-p", "/System/Library/Keychains/SystemRootCertificates.keychain"), + ]); - return [...new Set([...trusted, ...rootCA])]; - } catch (error) { - logger.warn(`[INJECT-CAS]: Error injecting root CAs from MacOSX: ${error}`); + if (!trustedResult.callWasSuccessful) { + logger.warn(`[INJECT-CAS]: Error retreiving trusted CAs: ${trustedResult.error}`); + } else if (!rootCAResult.callWasSuccessful) { + logger.warn(`[INJECT-CAS]: Error retreiving root CAs: ${rootCAResult.error}`); + } else { + return [...new Set([...trustedResult.response, ...rootCAResult.response])]; } return []; diff --git a/src/common/certificate-authorities/request-system-cas.injectable.win32.ts b/src/common/certificate-authorities/request-system-cas.injectable.win32.ts index af9366970d..11d0c310df 100644 --- a/src/common/certificate-authorities/request-system-cas.injectable.win32.ts +++ b/src/common/certificate-authorities/request-system-cas.injectable.win32.ts @@ -4,6 +4,7 @@ */ import { getInjectable } from "@ogre-tools/injectable"; import execFileInjectable from "../fs/exec-file.injectable"; +import loggerInjectable from "../logger.injectable"; import { requestSystemCAsInjectionToken } from "./request-system-cas-token"; const pemEncoding = (hexEncodedCert: String) => { @@ -24,15 +25,23 @@ const requestSystemCAsInjectable = getInjectable({ instantiate: (di) => { const wincaRootsExePath: string = __non_webpack_require__.resolve("win-ca/lib/roots.exe"); const execFile = di.inject(execFileInjectable); + const logger = di.inject(loggerInjectable); return async () => { /** * This needs to be done manually because for some reason calling the api from "win-ca" * directly fails to load "child_process" correctly on renderer */ - const output = await execFile(wincaRootsExePath); + const result = await execFile(wincaRootsExePath); - return output + if (!result.callWasSuccessful) { + logger.warn(`[INJECT-CAS]: Error retreiving CAs: ${result.error}`); + + return []; + } + + return result + .response .split("\r\n") .filter(Boolean) .map(pemEncoding);