]>
Commit | Line | Data |
---|---|---|
8c308c2b C |
1 | ;(function () { |
2 | 'use strict' | |
3 | ||
3bcb78b3 | 4 | var async = require('async') |
8c308c2b | 5 | var config = require('config') |
a1860380 | 6 | var crypto = require('crypto') |
8c308c2b C |
7 | var fs = require('fs') |
8 | var openssl = require('openssl-wrapper') | |
a1860380 C |
9 | var request = require('request') |
10 | var replay = require('request-replay') | |
11 | var ursa = require('ursa') | |
8c308c2b | 12 | |
cda02107 | 13 | var constants = require('../initializers/constants') |
8c308c2b C |
14 | var logger = require('./logger') |
15 | ||
c45f7f84 | 16 | var certDir = __dirname + '/../' + config.get('storage.certs') |
8c308c2b C |
17 | var http = config.get('webserver.https') ? 'https' : 'http' |
18 | var host = config.get('webserver.host') | |
19 | var port = config.get('webserver.port') | |
20 | var algorithm = 'aes-256-ctr' | |
21 | ||
c45f7f84 C |
22 | var utils = { |
23 | getCertDir: getCertDir, | |
24 | certsExist: certsExist, | |
25 | cleanForExit: cleanForExit, | |
26 | createCerts: createCerts, | |
27 | createCertsIfNotExist: createCertsIfNotExist, | |
28 | generatePassword: generatePassword, | |
29 | makeMultipleRetryRequest: makeMultipleRetryRequest, | |
30 | symetricEncrypt: symetricEncrypt, | |
31 | symetricDecrypt: symetricDecrypt | |
8c308c2b C |
32 | } |
33 | ||
c45f7f84 C |
34 | function getCertDir () { |
35 | return certDir | |
36 | } | |
8c308c2b | 37 | |
c45f7f84 | 38 | function makeMultipleRetryRequest (all_data, pods, callbackEach, callback) { |
8c308c2b C |
39 | if (!callback) { |
40 | callback = callbackEach | |
45239549 | 41 | callbackEach = null |
8c308c2b C |
42 | } |
43 | ||
44 | var url = http + '://' + host + ':' + port | |
45 | var signature | |
46 | ||
a1860380 C |
47 | // Add signature if it is specified in the params |
48 | if (all_data.method === 'POST' && all_data.data && all_data.sign === true) { | |
c45f7f84 | 49 | var myKey = ursa.createPrivateKey(fs.readFileSync(certDir + 'peertube.key.pem')) |
8c308c2b C |
50 | signature = myKey.hashAndSign('sha256', url, 'utf8', 'hex') |
51 | } | |
52 | ||
53 | // Make a request for each pod | |
3bcb78b3 | 54 | async.each(pods, function (pod, callback_each_async) { |
0b697522 | 55 | function callbackEachRetryRequest (err, response, body, url, pod) { |
45239549 C |
56 | if (callbackEach !== null) { |
57 | callbackEach(err, response, body, url, pod, function () { | |
58 | callback_each_async() | |
59 | }) | |
60 | } else { | |
3bcb78b3 | 61 | callback_each_async() |
45239549 | 62 | } |
3bcb78b3 C |
63 | } |
64 | ||
8c308c2b | 65 | var params = { |
a1860380 C |
66 | url: pod.url + all_data.path, |
67 | method: all_data.method | |
8c308c2b C |
68 | } |
69 | ||
70 | // Add data with POST requst ? | |
a1860380 | 71 | if (all_data.method === 'POST' && all_data.data) { |
8c308c2b | 72 | // Encrypt data ? |
a1860380 | 73 | if (all_data.encrypt === true) { |
8c308c2b C |
74 | var crt = ursa.createPublicKey(pod.publicKey) |
75 | ||
76 | // TODO: ES6 with let | |
77 | ;(function (crt_copy, copy_params, copy_url, copy_pod, copy_signature) { | |
c45f7f84 | 78 | symetricEncrypt(JSON.stringify(all_data.data), function (err, dataEncrypted) { |
8c308c2b C |
79 | if (err) throw err |
80 | ||
81 | var passwordEncrypted = crt_copy.encrypt(dataEncrypted.password, 'utf8', 'hex') | |
82 | copy_params.json = { | |
83 | data: dataEncrypted.crypted, | |
84 | key: passwordEncrypted | |
85 | } | |
86 | ||
3bcb78b3 | 87 | makeRetryRequest(copy_params, copy_url, copy_pod, copy_signature, callbackEachRetryRequest) |
8c308c2b C |
88 | }) |
89 | })(crt, params, url, pod, signature) | |
90 | } else { | |
a1860380 | 91 | params.json = { data: all_data.data } |
3bcb78b3 | 92 | makeRetryRequest(params, url, pod, signature, callbackEachRetryRequest) |
8c308c2b C |
93 | } |
94 | } else { | |
3bcb78b3 | 95 | makeRetryRequest(params, url, pod, signature, callbackEachRetryRequest) |
8c308c2b | 96 | } |
3bcb78b3 | 97 | }, callback) |
8c308c2b C |
98 | } |
99 | ||
c45f7f84 C |
100 | function certsExist (callback) { |
101 | fs.exists(certDir + 'peertube.key.pem', function (exists) { | |
8c308c2b C |
102 | return callback(exists) |
103 | }) | |
104 | } | |
105 | ||
c45f7f84 C |
106 | function createCerts (callback) { |
107 | certsExist(function (exist) { | |
8c308c2b C |
108 | if (exist === true) { |
109 | var string = 'Certs already exist.' | |
110 | logger.warning(string) | |
111 | return callback(new Error(string)) | |
112 | } | |
113 | ||
a1860380 | 114 | logger.info('Generating a RSA key...') |
c45f7f84 | 115 | openssl.exec('genrsa', { 'out': certDir + 'peertube.key.pem', '2048': false }, function (err) { |
8c308c2b C |
116 | if (err) { |
117 | logger.error('Cannot create private key on this pod.', { error: err }) | |
118 | return callback(err) | |
119 | } | |
a1860380 | 120 | logger.info('RSA key generated.') |
8c308c2b | 121 | |
a1860380 | 122 | logger.info('Manage public key...') |
c45f7f84 | 123 | openssl.exec('rsa', { 'in': certDir + 'peertube.key.pem', 'pubout': true, 'out': certDir + 'peertube.pub' }, function (err) { |
8c308c2b C |
124 | if (err) { |
125 | logger.error('Cannot create public key on this pod .', { error: err }) | |
126 | return callback(err) | |
127 | } | |
128 | ||
a1860380 | 129 | logger.info('Public key managed.') |
8c308c2b C |
130 | return callback(null) |
131 | }) | |
132 | }) | |
133 | }) | |
134 | } | |
135 | ||
c45f7f84 C |
136 | function createCertsIfNotExist (callback) { |
137 | certsExist(function (exist) { | |
8c308c2b C |
138 | if (exist === true) { |
139 | return callback(null) | |
140 | } | |
141 | ||
c45f7f84 | 142 | createCerts(function (err) { |
8c308c2b C |
143 | return callback(err) |
144 | }) | |
145 | }) | |
146 | } | |
147 | ||
c45f7f84 | 148 | function generatePassword (callback) { |
8c308c2b C |
149 | crypto.randomBytes(32, function (err, buf) { |
150 | if (err) { | |
151 | return callback(err) | |
152 | } | |
153 | ||
154 | callback(null, buf.toString('utf8')) | |
155 | }) | |
156 | } | |
157 | ||
c45f7f84 C |
158 | function symetricEncrypt (text, callback) { |
159 | generatePassword(function (err, password) { | |
8c308c2b C |
160 | if (err) { |
161 | return callback(err) | |
162 | } | |
163 | ||
164 | var cipher = crypto.createCipher(algorithm, password) | |
165 | var crypted = cipher.update(text, 'utf8', 'hex') | |
166 | crypted += cipher.final('hex') | |
167 | callback(null, { crypted: crypted, password: password }) | |
168 | }) | |
169 | } | |
170 | ||
c45f7f84 | 171 | function symetricDecrypt (text, password) { |
8c308c2b C |
172 | var decipher = crypto.createDecipher(algorithm, password) |
173 | var dec = decipher.update(text, 'hex', 'utf8') | |
174 | dec += decipher.final('utf8') | |
175 | return dec | |
176 | } | |
177 | ||
c45f7f84 | 178 | function cleanForExit (webtorrent_process) { |
0ae2e7f7 C |
179 | logger.info('Gracefully exiting') |
180 | process.kill(-webtorrent_process.pid) | |
181 | } | |
182 | ||
c45f7f84 C |
183 | // --------------------------------------------------------------------------- |
184 | ||
8c308c2b | 185 | module.exports = utils |
c45f7f84 C |
186 | |
187 | // --------------------------------------------------------------------------- | |
188 | ||
189 | function makeRetryRequest (params, from_url, to_pod, signature, callbackEach) { | |
190 | // Append the signature | |
191 | if (signature) { | |
192 | params.json.signature = { | |
193 | url: from_url, | |
194 | signature: signature | |
195 | } | |
196 | } | |
197 | ||
198 | logger.debug('Make retry requests to %s.', to_pod.url) | |
199 | ||
200 | replay( | |
201 | request.post(params, function (err, response, body) { | |
202 | callbackEach(err, response, body, params.url, to_pod) | |
203 | }), | |
204 | { | |
205 | retries: constants.REQUEST_RETRIES, | |
206 | factor: 3, | |
207 | maxTimeout: Infinity, | |
208 | errorCodes: [ 'EADDRINFO', 'ETIMEDOUT', 'ECONNRESET', 'ESOCKETTIMEDOUT', 'ENOTFOUND', 'ECONNREFUSED' ] | |
209 | } | |
210 | ).on('replay', function (replay) { | |
211 | logger.info('Replaying request to %s. Request failed: %d %s. Replay number: #%d. Will retry in: %d ms.', | |
212 | params.url, replay.error.code, replay.error.message, replay.number, replay.delay) | |
213 | }) | |
214 | } | |
8c308c2b | 215 | })() |