helpers/utils.js

   1 ;(function () {
   2   'use strict'
   3
   4   var async = require('async')
   5   var config = require('config')
   6   var crypto = require('crypto')
   7   var fs = require('fs')
   8   var openssl = require('openssl-wrapper')
   9   var request = require('request')
  10   var replay = require('request-replay')
  11   var ursa = require('ursa')
  12
  13   var constants = require('../initializers/constants')
  14   var logger = require('./logger')
  15
  16   var certDir = __dirname + '/../' + config.get('storage.certs')
  17   var http = config.get('webserver.https') ? 'https' : 'http'
  18   var host = config.get('webserver.host')
  19   var port = config.get('webserver.port')
  20   var algorithm = 'aes-256-ctr'
  21
  22   var utils = {
  23     getCertDir: getCertDir,
  24     certsExist: certsExist,
  25     cleanForExit: cleanForExit,
  26     createCerts: createCerts,
  27     createCertsIfNotExist: createCertsIfNotExist,
  28     generatePassword: generatePassword,
  29     makeMultipleRetryRequest: makeMultipleRetryRequest,
  30     symetricEncrypt: symetricEncrypt,
  31     symetricDecrypt: symetricDecrypt
  32   }
  33
  34   function getCertDir () {
  35     return certDir
  36   }
  37
  38   function makeMultipleRetryRequest (all_data, pods, callbackEach, callback) {
  39     if (!callback) {
  40       callback = callbackEach
  41       callbackEach = null
  42     }
  43
  44     var url = http + '://' + host + ':' + port
  45     var signature
  46
  47     // Add signature if it is specified in the params
  48     if (all_data.method === 'POST' && all_data.data && all_data.sign === true) {
  49       var myKey = ursa.createPrivateKey(fs.readFileSync(certDir + 'peertube.key.pem'))
  50       signature = myKey.hashAndSign('sha256', url, 'utf8', 'hex')
  51     }
  52
  53     // Make a request for each pod
  54     async.each(pods, function (pod, callback_each_async) {
  55       function callbackEachRetryRequest (err, response, body, url, pod) {
  56         if (callbackEach !== null) {
  57           callbackEach(err, response, body, url, pod, function () {
  58             callback_each_async()
  59           })
  60         } else {
  61           callback_each_async()
  62         }
  63       }
  64
  65       var params = {
  66         url: pod.url + all_data.path,
  67         method: all_data.method
  68       }
  69
  70       // Add data with POST requst ?
  71       if (all_data.method === 'POST' && all_data.data) {
  72         // Encrypt data ?
  73         if (all_data.encrypt === true) {
  74           var crt = ursa.createPublicKey(pod.publicKey)
  75
  76           // TODO: ES6 with let
  77           ;(function (crt_copy, copy_params, copy_url, copy_pod, copy_signature) {
  78             symetricEncrypt(JSON.stringify(all_data.data), function (err, dataEncrypted) {
  79               if (err) throw err
  80
  81               var passwordEncrypted = crt_copy.encrypt(dataEncrypted.password, 'utf8', 'hex')
  82               copy_params.json = {
  83                 data: dataEncrypted.crypted,
  84                 key: passwordEncrypted
  85               }
  86
  87               makeRetryRequest(copy_params, copy_url, copy_pod, copy_signature, callbackEachRetryRequest)
  88             })
  89           })(crt, params, url, pod, signature)
  90         } else {
  91           params.json = { data: all_data.data }
  92           makeRetryRequest(params, url, pod, signature, callbackEachRetryRequest)
  93         }
  94       } else {
  95         makeRetryRequest(params, url, pod, signature, callbackEachRetryRequest)
  96       }
  97     }, callback)
  98   }
  99
 100   function certsExist (callback) {
 101     fs.exists(certDir + 'peertube.key.pem', function (exists) {
 102       return callback(exists)
 103     })
 104   }
 105
 106   function createCerts (callback) {
 107     certsExist(function (exist) {
 108       if (exist === true) {
 109         var string = 'Certs already exist.'
 110         logger.warning(string)
 111         return callback(new Error(string))
 112       }
 113
 114       logger.info('Generating a RSA key...')
 115       openssl.exec('genrsa', { 'out': certDir + 'peertube.key.pem', '2048': false }, function (err) {
 116         if (err) {
 117           logger.error('Cannot create private key on this pod.', { error: err })
 118           return callback(err)
 119         }
 120         logger.info('RSA key generated.')
 121
 122         logger.info('Manage public key...')
 123         openssl.exec('rsa', { 'in': certDir + 'peertube.key.pem', 'pubout': true, 'out': certDir + 'peertube.pub' }, function (err) {
 124           if (err) {
 125             logger.error('Cannot create public key on this pod .', { error: err })
 126             return callback(err)
 127           }
 128
 129           logger.info('Public key managed.')
 130           return callback(null)
 131         })
 132       })
 133     })
 134   }
 135
 136   function createCertsIfNotExist (callback) {
 137     certsExist(function (exist) {
 138       if (exist === true) {
 139         return callback(null)
 140       }
 141
 142       createCerts(function (err) {
 143         return callback(err)
 144       })
 145     })
 146   }
 147
 148   function generatePassword (callback) {
 149     crypto.randomBytes(32, function (err, buf) {
 150       if (err) {
 151         return callback(err)
 152       }
 153
 154       callback(null, buf.toString('utf8'))
 155     })
 156   }
 157
 158   function symetricEncrypt (text, callback) {
 159     generatePassword(function (err, password) {
 160       if (err) {
 161         return callback(err)
 162       }
 163
 164       var cipher = crypto.createCipher(algorithm, password)
 165       var crypted = cipher.update(text, 'utf8', 'hex')
 166       crypted += cipher.final('hex')
 167       callback(null, { crypted: crypted, password: password })
 168     })
 169   }
 170
 171   function symetricDecrypt (text, password) {
 172     var decipher = crypto.createDecipher(algorithm, password)
 173     var dec = decipher.update(text, 'hex', 'utf8')
 174     dec += decipher.final('utf8')
 175     return dec
 176   }
 177
 178   function cleanForExit (webtorrent_process) {
 179     logger.info('Gracefully exiting')
 180     process.kill(-webtorrent_process.pid)
 181   }
 182
 183   // ---------------------------------------------------------------------------
 184
 185   module.exports = utils
 186
 187   // ---------------------------------------------------------------------------
 188
 189   function makeRetryRequest (params, from_url, to_pod, signature, callbackEach) {
 190     // Append the signature
 191     if (signature) {
 192       params.json.signature = {
 193         url: from_url,
 194         signature: signature
 195       }
 196     }
 197
 198     logger.debug('Make retry requests to %s.', to_pod.url)
 199
 200     replay(
 201       request.post(params, function (err, response, body) {
 202         callbackEach(err, response, body, params.url, to_pod)
 203       }),
 204       {
 205         retries: constants.REQUEST_RETRIES,
 206         factor: 3,
 207         maxTimeout: Infinity,
 208         errorCodes: [ 'EADDRINFO', 'ETIMEDOUT', 'ECONNRESET', 'ESOCKETTIMEDOUT', 'ENOTFOUND', 'ECONNREFUSED' ]
 209       }
 210     ).on('replay', function (replay) {
 211       logger.info('Replaying request to %s. Request failed: %d %s. Replay number: #%d. Will retry in: %d ms.',
 212         params.url, replay.error.code, replay.error.message, replay.number, replay.delay)
 213     })
 214   }
 215 })()