aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/helpers/requests.js
diff options
context:
space:
mode:
authorChocobozzz <florian.bigard@gmail.com>2017-01-04 22:23:07 +0100
committerChocobozzz <florian.bigard@gmail.com>2017-01-04 22:23:07 +0100
commitbdfbd4f162d66c3a6bd7c312a99e0b692e830792 (patch)
tree30b857f73fe62771a94320e3e78030a1345dc3a8 /server/helpers/requests.js
parentb981a525c37d226b3fa59287a6ce338f54583d0c (diff)
downloadPeerTube-bdfbd4f162d66c3a6bd7c312a99e0b692e830792.tar.gz
PeerTube-bdfbd4f162d66c3a6bd7c312a99e0b692e830792.tar.zst
PeerTube-bdfbd4f162d66c3a6bd7c312a99e0b692e830792.zip
Server: use crypto instead of ursa for pod signature
Diffstat (limited to 'server/helpers/requests.js')
-rw-r--r--server/helpers/requests.js46
1 files changed, 26 insertions, 20 deletions
diff --git a/server/helpers/requests.js b/server/helpers/requests.js
index b0cda09fe..095b95e1c 100644
--- a/server/helpers/requests.js
+++ b/server/helpers/requests.js
@@ -28,31 +28,37 @@ function makeSecureRequest (params, callback) {
28 url: constants.REMOTE_SCHEME.HTTP + '://' + params.toPod.host + params.path 28 url: constants.REMOTE_SCHEME.HTTP + '://' + params.toPod.host + params.path
29 } 29 }
30 30
31 // Add data with POST requst ? 31 if (params.method !== 'POST') {
32 if (params.method === 'POST') { 32 return callback(new Error('Cannot make a secure request with a non POST method.'))
33 requestParams.json = {} 33 }
34 34
35 // Add signature if it is specified in the params 35 requestParams.json = {}
36 if (params.sign === true) {
37 const host = constants.CONFIG.WEBSERVER.HOST
38
39 requestParams.json.signature = {
40 host,
41 signature: peertubeCrypto.sign(host)
42 }
43 }
44 36
45 // If there are data informations 37 // Add signature if it is specified in the params
38 if (params.sign === true) {
39 const host = constants.CONFIG.WEBSERVER.HOST
40
41 let dataToSign
46 if (params.data) { 42 if (params.data) {
47 requestParams.json.data = params.data 43 dataToSign = dataToSign = params.data
48 request.post(requestParams, callback)
49 } else { 44 } else {
50 // No data 45 // We do not have data to sign so we just take our host
51 request.post(requestParams, callback) 46 // It is not ideal but the connection should be in HTTPS
47 dataToSign = host
52 } 48 }
53 } else { 49
54 request.get(requestParams, callback) 50 requestParams.json.signature = {
51 host, // Which host we pretend to be
52 signature: peertubeCrypto.sign(dataToSign)
53 }
54 }
55
56 // If there are data informations
57 if (params.data) {
58 requestParams.json.data = params.data
55 } 59 }
60
61 request.post(requestParams, callback)
56} 62}
57 63
58// --------------------------------------------------------------------------- 64// ---------------------------------------------------------------------------