]>
Commit | Line | Data |
---|---|---|
8c308c2b C |
1 | ;(function () { |
2 | 'use strict' | |
3 | ||
3bcb78b3 | 4 | var async = require('async') |
8c308c2b | 5 | var config = require('config') |
a1860380 | 6 | var crypto = require('crypto') |
8c308c2b C |
7 | var fs = require('fs') |
8 | var openssl = require('openssl-wrapper') | |
a1860380 C |
9 | var request = require('request') |
10 | var replay = require('request-replay') | |
11 | var ursa = require('ursa') | |
8c308c2b C |
12 | |
13 | var logger = require('./logger') | |
14 | ||
a1860380 C |
15 | var utils = {} |
16 | ||
8c308c2b C |
17 | var http = config.get('webserver.https') ? 'https' : 'http' |
18 | var host = config.get('webserver.host') | |
19 | var port = config.get('webserver.port') | |
20 | var algorithm = 'aes-256-ctr' | |
21 | ||
8c308c2b C |
22 | // ----------- Private functions ---------- |
23 | ||
24 | function makeRetryRequest (params, from_url, to_pod, signature, callbackEach) { | |
25 | // Append the signature | |
26 | if (signature) { | |
27 | params.json.signature = { | |
28 | url: from_url, | |
29 | signature: signature | |
30 | } | |
31 | } | |
32 | ||
a1860380 | 33 | logger.debug('Sending informations to %s.', to_pod.url, { params: params }) |
3bcb78b3 C |
34 | // Default 10 but in tests we want to be faster |
35 | var retries = utils.isTestInstance() ? 2 : 10 | |
8c308c2b | 36 | |
8c308c2b C |
37 | replay( |
38 | request.post(params, function (err, response, body) { | |
0b697522 | 39 | callbackEach(err, response, body, params.url, to_pod) |
8c308c2b C |
40 | }), |
41 | { | |
3bcb78b3 | 42 | retries: retries, |
8c308c2b C |
43 | factor: 3, |
44 | maxTimeout: Infinity, | |
45 | errorCodes: [ 'EADDRINFO', 'ETIMEDOUT', 'ECONNRESET', 'ESOCKETTIMEDOUT', 'ENOTFOUND', 'ECONNREFUSED' ] | |
46 | } | |
47 | ).on('replay', function (replay) { | |
48 | logger.info('Replaying request to %s. Request failed: %d %s. Replay number: #%d. Will retry in: %d ms.', | |
49 | params.url, replay.error.code, replay.error.message, replay.number, replay.delay) | |
50 | }) | |
51 | } | |
52 | ||
53 | // ----------- Public attributes ---------- | |
54 | utils.certDir = __dirname + '/../' + config.get('storage.certs') | |
55 | ||
56 | // { path, data } | |
a1860380 | 57 | utils.makeMultipleRetryRequest = function (all_data, pods, callbackEach, callback) { |
8c308c2b C |
58 | if (!callback) { |
59 | callback = callbackEach | |
60 | callbackEach = function () {} | |
61 | } | |
62 | ||
63 | var url = http + '://' + host + ':' + port | |
64 | var signature | |
65 | ||
a1860380 C |
66 | // Add signature if it is specified in the params |
67 | if (all_data.method === 'POST' && all_data.data && all_data.sign === true) { | |
d148f3b9 | 68 | var myKey = ursa.createPrivateKey(fs.readFileSync(utils.certDir + 'peertube.key.pem')) |
8c308c2b C |
69 | signature = myKey.hashAndSign('sha256', url, 'utf8', 'hex') |
70 | } | |
71 | ||
72 | // Make a request for each pod | |
3bcb78b3 | 73 | async.each(pods, function (pod, callback_each_async) { |
0b697522 C |
74 | function callbackEachRetryRequest (err, response, body, url, pod) { |
75 | callbackEach(err, response, body, url, pod, function () { | |
3bcb78b3 C |
76 | callback_each_async() |
77 | }) | |
78 | } | |
79 | ||
8c308c2b | 80 | var params = { |
a1860380 C |
81 | url: pod.url + all_data.path, |
82 | method: all_data.method | |
8c308c2b C |
83 | } |
84 | ||
85 | // Add data with POST requst ? | |
a1860380 | 86 | if (all_data.method === 'POST' && all_data.data) { |
8c308c2b C |
87 | logger.debug('Make a POST request.') |
88 | ||
89 | // Encrypt data ? | |
a1860380 | 90 | if (all_data.encrypt === true) { |
8c308c2b C |
91 | var crt = ursa.createPublicKey(pod.publicKey) |
92 | ||
93 | // TODO: ES6 with let | |
94 | ;(function (crt_copy, copy_params, copy_url, copy_pod, copy_signature) { | |
a1860380 | 95 | utils.symetricEncrypt(JSON.stringify(all_data.data), function (err, dataEncrypted) { |
8c308c2b C |
96 | if (err) throw err |
97 | ||
98 | var passwordEncrypted = crt_copy.encrypt(dataEncrypted.password, 'utf8', 'hex') | |
99 | copy_params.json = { | |
100 | data: dataEncrypted.crypted, | |
101 | key: passwordEncrypted | |
102 | } | |
103 | ||
3bcb78b3 | 104 | makeRetryRequest(copy_params, copy_url, copy_pod, copy_signature, callbackEachRetryRequest) |
8c308c2b C |
105 | }) |
106 | })(crt, params, url, pod, signature) | |
107 | } else { | |
a1860380 | 108 | params.json = { data: all_data.data } |
3bcb78b3 | 109 | makeRetryRequest(params, url, pod, signature, callbackEachRetryRequest) |
8c308c2b C |
110 | } |
111 | } else { | |
112 | logger.debug('Make a GET/DELETE request') | |
3bcb78b3 | 113 | makeRetryRequest(params, url, pod, signature, callbackEachRetryRequest) |
8c308c2b | 114 | } |
3bcb78b3 | 115 | }, callback) |
8c308c2b C |
116 | } |
117 | ||
118 | utils.certsExist = function (callback) { | |
d148f3b9 | 119 | fs.exists(utils.certDir + 'peertube.key.pem', function (exists) { |
8c308c2b C |
120 | return callback(exists) |
121 | }) | |
122 | } | |
123 | ||
124 | utils.createCerts = function (callback) { | |
125 | utils.certsExist(function (exist) { | |
126 | if (exist === true) { | |
127 | var string = 'Certs already exist.' | |
128 | logger.warning(string) | |
129 | return callback(new Error(string)) | |
130 | } | |
131 | ||
a1860380 | 132 | logger.info('Generating a RSA key...') |
2696b9af | 133 | openssl.exec('genrsa', { 'out': utils.certDir + 'peertube.key.pem', '2048': false }, function (err) { |
8c308c2b C |
134 | if (err) { |
135 | logger.error('Cannot create private key on this pod.', { error: err }) | |
136 | return callback(err) | |
137 | } | |
a1860380 | 138 | logger.info('RSA key generated.') |
8c308c2b | 139 | |
a1860380 | 140 | logger.info('Manage public key...') |
d148f3b9 | 141 | openssl.exec('rsa', { 'in': utils.certDir + 'peertube.key.pem', 'pubout': true, 'out': utils.certDir + 'peertube.pub' }, function (err) { |
8c308c2b C |
142 | if (err) { |
143 | logger.error('Cannot create public key on this pod .', { error: err }) | |
144 | return callback(err) | |
145 | } | |
146 | ||
a1860380 | 147 | logger.info('Public key managed.') |
8c308c2b C |
148 | return callback(null) |
149 | }) | |
150 | }) | |
151 | }) | |
152 | } | |
153 | ||
154 | utils.createCertsIfNotExist = function (callback) { | |
155 | utils.certsExist(function (exist) { | |
156 | if (exist === true) { | |
157 | return callback(null) | |
158 | } | |
159 | ||
160 | utils.createCerts(function (err) { | |
161 | return callback(err) | |
162 | }) | |
163 | }) | |
164 | } | |
165 | ||
166 | utils.generatePassword = function (callback) { | |
167 | crypto.randomBytes(32, function (err, buf) { | |
168 | if (err) { | |
169 | return callback(err) | |
170 | } | |
171 | ||
172 | callback(null, buf.toString('utf8')) | |
173 | }) | |
174 | } | |
175 | ||
176 | utils.symetricEncrypt = function (text, callback) { | |
177 | utils.generatePassword(function (err, password) { | |
178 | if (err) { | |
179 | return callback(err) | |
180 | } | |
181 | ||
182 | var cipher = crypto.createCipher(algorithm, password) | |
183 | var crypted = cipher.update(text, 'utf8', 'hex') | |
184 | crypted += cipher.final('hex') | |
185 | callback(null, { crypted: crypted, password: password }) | |
186 | }) | |
187 | } | |
188 | ||
189 | utils.symetricDecrypt = function (text, password) { | |
190 | var decipher = crypto.createDecipher(algorithm, password) | |
191 | var dec = decipher.update(text, 'hex', 'utf8') | |
192 | dec += decipher.final('utf8') | |
193 | return dec | |
194 | } | |
195 | ||
0ae2e7f7 C |
196 | utils.cleanForExit = function (webtorrent_process) { |
197 | logger.info('Gracefully exiting') | |
198 | process.kill(-webtorrent_process.pid) | |
199 | } | |
200 | ||
3bcb78b3 C |
201 | utils.isTestInstance = function () { |
202 | return (process.env.NODE_ENV === 'test') | |
203 | } | |
204 | ||
8c308c2b C |
205 | module.exports = utils |
206 | })() |