2015-06-09 11:41:40 -04:00
|
|
|
;(function () {
|
|
|
|
|
'use strict'
|
|
|
|
|
|
2015-11-24 02:33:59 -05:00
|
|
|
var async = require('async')
|
2015-06-09 11:41:40 -04:00
|
|
|
var config = require('config')
|
2015-11-16 07:54:00 -05:00
|
|
|
var crypto = require('crypto')
|
2015-06-09 11:41:40 -04:00
|
|
|
var fs = require('fs')
|
|
|
|
|
var openssl = require('openssl-wrapper')
|
2015-11-16 07:54:00 -05:00
|
|
|
var request = require('request')
|
|
|
|
|
var replay = require('request-replay')
|
|
|
|
|
var ursa = require('ursa')
|
2015-06-09 11:41:40 -04:00
|
|
|
|
2016-01-30 11:05:22 -05:00
|
|
|
var constants = require('../initializers/constants')
|
2015-06-09 11:41:40 -04:00
|
|
|
var logger = require('./logger')
|
|
|
|
|
|
2016-01-31 05:23:52 -05:00
|
|
|
var certDir = __dirname + '/../' + config.get('storage.certs')
|
2015-06-09 11:41:40 -04:00
|
|
|
var http = config.get('webserver.https') ? 'https' : 'http'
|
|
|
|
|
var host = config.get('webserver.host')
|
|
|
|
|
var port = config.get('webserver.port')
|
|
|
|
|
var algorithm = 'aes-256-ctr'
|
|
|
|
|
|
2016-01-31 05:23:52 -05:00
|
|
|
var utils = {
|
|
|
|
|
getCertDir: getCertDir,
|
|
|
|
|
certsExist: certsExist,
|
|
|
|
|
cleanForExit: cleanForExit,
|
|
|
|
|
createCerts: createCerts,
|
|
|
|
|
createCertsIfNotExist: createCertsIfNotExist,
|
|
|
|
|
generatePassword: generatePassword,
|
|
|
|
|
makeMultipleRetryRequest: makeMultipleRetryRequest,
|
|
|
|
|
symetricEncrypt: symetricEncrypt,
|
|
|
|
|
symetricDecrypt: symetricDecrypt
|
2015-06-09 11:41:40 -04:00
|
|
|
}
|
|
|
|
|
|
2016-01-31 05:23:52 -05:00
|
|
|
function getCertDir () {
|
|
|
|
|
return certDir
|
|
|
|
|
}
|
2015-06-09 11:41:40 -04:00
|
|
|
|
2016-01-31 05:23:52 -05:00
|
|
|
function makeMultipleRetryRequest (all_data, pods, callbackEach, callback) {
|
2015-06-09 11:41:40 -04:00
|
|
|
if (!callback) {
|
|
|
|
|
callback = callbackEach
|
2016-01-23 12:31:58 -05:00
|
|
|
callbackEach = null
|
2015-06-09 11:41:40 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var url = http + '://' + host + ':' + port
|
|
|
|
|
var signature
|
|
|
|
|
|
2015-11-16 07:54:00 -05:00
|
|
|
// Add signature if it is specified in the params
|
|
|
|
|
if (all_data.method === 'POST' && all_data.data && all_data.sign === true) {
|
2016-01-31 05:23:52 -05:00
|
|
|
var myKey = ursa.createPrivateKey(fs.readFileSync(certDir + 'peertube.key.pem'))
|
2015-06-09 11:41:40 -04:00
|
|
|
signature = myKey.hashAndSign('sha256', url, 'utf8', 'hex')
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Make a request for each pod
|
2015-11-24 02:33:59 -05:00
|
|
|
async.each(pods, function (pod, callback_each_async) {
|
2015-12-04 10:13:32 -05:00
|
|
|
function callbackEachRetryRequest (err, response, body, url, pod) {
|
2016-01-23 12:31:58 -05:00
|
|
|
if (callbackEach !== null) {
|
|
|
|
|
callbackEach(err, response, body, url, pod, function () {
|
|
|
|
|
callback_each_async()
|
|
|
|
|
})
|
|
|
|
|
} else {
|
2015-11-24 02:33:59 -05:00
|
|
|
callback_each_async()
|
2016-01-23 12:31:58 -05:00
|
|
|
}
|
2015-11-24 02:33:59 -05:00
|
|
|
}
|
|
|
|
|
|
2015-06-09 11:41:40 -04:00
|
|
|
var params = {
|
2015-11-16 07:54:00 -05:00
|
|
|
url: pod.url + all_data.path,
|
|
|
|
|
method: all_data.method
|
2015-06-09 11:41:40 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Add data with POST requst ?
|
2015-11-16 07:54:00 -05:00
|
|
|
if (all_data.method === 'POST' && all_data.data) {
|
2015-06-09 11:41:40 -04:00
|
|
|
// Encrypt data ?
|
2015-11-16 07:54:00 -05:00
|
|
|
if (all_data.encrypt === true) {
|
2015-06-09 11:41:40 -04:00
|
|
|
var crt = ursa.createPublicKey(pod.publicKey)
|
|
|
|
|
|
|
|
|
|
// TODO: ES6 with let
|
|
|
|
|
;(function (crt_copy, copy_params, copy_url, copy_pod, copy_signature) {
|
2016-01-31 05:23:52 -05:00
|
|
|
symetricEncrypt(JSON.stringify(all_data.data), function (err, dataEncrypted) {
|
2015-06-09 11:41:40 -04:00
|
|
|
if (err) throw err
|
|
|
|
|
|
|
|
|
|
var passwordEncrypted = crt_copy.encrypt(dataEncrypted.password, 'utf8', 'hex')
|
|
|
|
|
copy_params.json = {
|
|
|
|
|
data: dataEncrypted.crypted,
|
|
|
|
|
key: passwordEncrypted
|
|
|
|
|
}
|
|
|
|
|
|
2015-11-24 02:33:59 -05:00
|
|
|
makeRetryRequest(copy_params, copy_url, copy_pod, copy_signature, callbackEachRetryRequest)
|
2015-06-09 11:41:40 -04:00
|
|
|
})
|
|
|
|
|
})(crt, params, url, pod, signature)
|
|
|
|
|
} else {
|
2015-11-16 07:54:00 -05:00
|
|
|
params.json = { data: all_data.data }
|
2015-11-24 02:33:59 -05:00
|
|
|
makeRetryRequest(params, url, pod, signature, callbackEachRetryRequest)
|
2015-06-09 11:41:40 -04:00
|
|
|
}
|
|
|
|
|
} else {
|
2015-11-24 02:33:59 -05:00
|
|
|
makeRetryRequest(params, url, pod, signature, callbackEachRetryRequest)
|
2015-06-09 11:41:40 -04:00
|
|
|
}
|
2015-11-24 02:33:59 -05:00
|
|
|
}, callback)
|
2015-06-09 11:41:40 -04:00
|
|
|
}
|
|
|
|
|
|
2016-01-31 05:23:52 -05:00
|
|
|
function certsExist (callback) {
|
|
|
|
|
fs.exists(certDir + 'peertube.key.pem', function (exists) {
|
2015-06-09 11:41:40 -04:00
|
|
|
return callback(exists)
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-31 05:23:52 -05:00
|
|
|
function createCerts (callback) {
|
|
|
|
|
certsExist(function (exist) {
|
2015-06-09 11:41:40 -04:00
|
|
|
if (exist === true) {
|
|
|
|
|
var string = 'Certs already exist.'
|
|
|
|
|
logger.warning(string)
|
|
|
|
|
return callback(new Error(string))
|
|
|
|
|
}
|
|
|
|
|
|
2015-11-16 07:54:00 -05:00
|
|
|
logger.info('Generating a RSA key...')
|
2016-01-31 05:23:52 -05:00
|
|
|
openssl.exec('genrsa', { 'out': certDir + 'peertube.key.pem', '2048': false }, function (err) {
|
2015-06-09 11:41:40 -04:00
|
|
|
if (err) {
|
|
|
|
|
logger.error('Cannot create private key on this pod.', { error: err })
|
|
|
|
|
return callback(err)
|
|
|
|
|
}
|
2015-11-16 07:54:00 -05:00
|
|
|
logger.info('RSA key generated.')
|
2015-06-09 11:41:40 -04:00
|
|
|
|
2015-11-16 07:54:00 -05:00
|
|
|
logger.info('Manage public key...')
|
2016-01-31 05:23:52 -05:00
|
|
|
openssl.exec('rsa', { 'in': certDir + 'peertube.key.pem', 'pubout': true, 'out': certDir + 'peertube.pub' }, function (err) {
|
2015-06-09 11:41:40 -04:00
|
|
|
if (err) {
|
|
|
|
|
logger.error('Cannot create public key on this pod .', { error: err })
|
|
|
|
|
return callback(err)
|
|
|
|
|
}
|
|
|
|
|
|
2015-11-16 07:54:00 -05:00
|
|
|
logger.info('Public key managed.')
|
2015-06-09 11:41:40 -04:00
|
|
|
return callback(null)
|
|
|
|
|
})
|
|
|
|
|
})
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-31 05:23:52 -05:00
|
|
|
function createCertsIfNotExist (callback) {
|
|
|
|
|
certsExist(function (exist) {
|
2015-06-09 11:41:40 -04:00
|
|
|
if (exist === true) {
|
|
|
|
|
return callback(null)
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-31 05:23:52 -05:00
|
|
|
createCerts(function (err) {
|
2015-06-09 11:41:40 -04:00
|
|
|
return callback(err)
|
|
|
|
|
})
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-31 05:23:52 -05:00
|
|
|
function generatePassword (callback) {
|
2015-06-09 11:41:40 -04:00
|
|
|
crypto.randomBytes(32, function (err, buf) {
|
|
|
|
|
if (err) {
|
|
|
|
|
return callback(err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
callback(null, buf.toString('utf8'))
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-31 05:23:52 -05:00
|
|
|
function symetricEncrypt (text, callback) {
|
|
|
|
|
generatePassword(function (err, password) {
|
2015-06-09 11:41:40 -04:00
|
|
|
if (err) {
|
|
|
|
|
return callback(err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var cipher = crypto.createCipher(algorithm, password)
|
|
|
|
|
var crypted = cipher.update(text, 'utf8', 'hex')
|
|
|
|
|
crypted += cipher.final('hex')
|
|
|
|
|
callback(null, { crypted: crypted, password: password })
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-31 05:23:52 -05:00
|
|
|
function symetricDecrypt (text, password) {
|
2015-06-09 11:41:40 -04:00
|
|
|
var decipher = crypto.createDecipher(algorithm, password)
|
|
|
|
|
var dec = decipher.update(text, 'hex', 'utf8')
|
|
|
|
|
dec += decipher.final('utf8')
|
|
|
|
|
return dec
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-31 05:23:52 -05:00
|
|
|
function cleanForExit (webtorrent_process) {
|
2015-11-02 16:19:39 -05:00
|
|
|
logger.info('Gracefully exiting')
|
|
|
|
|
process.kill(-webtorrent_process.pid)
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-31 05:23:52 -05:00
|
|
|
// ---------------------------------------------------------------------------
|
|
|
|
|
|
2015-06-09 11:41:40 -04:00
|
|
|
module.exports = utils
|
2016-01-31 05:23:52 -05:00
|
|
|
|
|
|
|
|
// ---------------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
function makeRetryRequest (params, from_url, to_pod, signature, callbackEach) {
|
|
|
|
|
// Append the signature
|
|
|
|
|
if (signature) {
|
|
|
|
|
params.json.signature = {
|
|
|
|
|
url: from_url,
|
|
|
|
|
signature: signature
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
logger.debug('Make retry requests to %s.', to_pod.url)
|
|
|
|
|
|
|
|
|
|
replay(
|
|
|
|
|
request.post(params, function (err, response, body) {
|
|
|
|
|
callbackEach(err, response, body, params.url, to_pod)
|
|
|
|
|
}),
|
|
|
|
|
{
|
|
|
|
|
retries: constants.REQUEST_RETRIES,
|
|
|
|
|
factor: 3,
|
|
|
|
|
maxTimeout: Infinity,
|
|
|
|
|
errorCodes: [ 'EADDRINFO', 'ETIMEDOUT', 'ECONNRESET', 'ESOCKETTIMEDOUT', 'ENOTFOUND', 'ECONNREFUSED' ]
|
|
|
|
|
}
|
|
|
|
|
).on('replay', function (replay) {
|
|
|
|
|
logger.info('Replaying request to %s. Request failed: %d %s. Replay number: #%d. Will retry in: %d ms.',
|
|
|
|
|
params.url, replay.error.code, replay.error.message, replay.number, replay.delay)
|
|
|
|
|
})
|
|
|
|
|
}
|
2015-06-09 11:41:40 -04:00
|
|
|
})()
|
