diff options
author | Chocobozzz <florian.bigard@gmail.com> | 2017-01-04 22:23:07 +0100 |
---|---|---|
committer | Chocobozzz <florian.bigard@gmail.com> | 2017-01-04 22:23:07 +0100 |
commit | bdfbd4f162d66c3a6bd7c312a99e0b692e830792 (patch) | |
tree | 30b857f73fe62771a94320e3e78030a1345dc3a8 /server/helpers/requests.js | |
parent | b981a525c37d226b3fa59287a6ce338f54583d0c (diff) | |
download | PeerTube-bdfbd4f162d66c3a6bd7c312a99e0b692e830792.tar.gz PeerTube-bdfbd4f162d66c3a6bd7c312a99e0b692e830792.tar.zst PeerTube-bdfbd4f162d66c3a6bd7c312a99e0b692e830792.zip |
Server: use crypto instead of ursa for pod signature
Diffstat (limited to 'server/helpers/requests.js')
-rw-r--r-- | server/helpers/requests.js | 46 |
1 files changed, 26 insertions, 20 deletions
diff --git a/server/helpers/requests.js b/server/helpers/requests.js index b0cda09fe..095b95e1c 100644 --- a/server/helpers/requests.js +++ b/server/helpers/requests.js | |||
@@ -28,31 +28,37 @@ function makeSecureRequest (params, callback) { | |||
28 | url: constants.REMOTE_SCHEME.HTTP + '://' + params.toPod.host + params.path | 28 | url: constants.REMOTE_SCHEME.HTTP + '://' + params.toPod.host + params.path |
29 | } | 29 | } |
30 | 30 | ||
31 | // Add data with POST requst ? | 31 | if (params.method !== 'POST') { |
32 | if (params.method === 'POST') { | 32 | return callback(new Error('Cannot make a secure request with a non POST method.')) |
33 | requestParams.json = {} | 33 | } |
34 | 34 | ||
35 | // Add signature if it is specified in the params | 35 | requestParams.json = {} |
36 | if (params.sign === true) { | ||
37 | const host = constants.CONFIG.WEBSERVER.HOST | ||
38 | |||
39 | requestParams.json.signature = { | ||
40 | host, | ||
41 | signature: peertubeCrypto.sign(host) | ||
42 | } | ||
43 | } | ||
44 | 36 | ||
45 | // If there are data informations | 37 | // Add signature if it is specified in the params |
38 | if (params.sign === true) { | ||
39 | const host = constants.CONFIG.WEBSERVER.HOST | ||
40 | |||
41 | let dataToSign | ||
46 | if (params.data) { | 42 | if (params.data) { |
47 | requestParams.json.data = params.data | 43 | dataToSign = dataToSign = params.data |
48 | request.post(requestParams, callback) | ||
49 | } else { | 44 | } else { |
50 | // No data | 45 | // We do not have data to sign so we just take our host |
51 | request.post(requestParams, callback) | 46 | // It is not ideal but the connection should be in HTTPS |
47 | dataToSign = host | ||
52 | } | 48 | } |
53 | } else { | 49 | |
54 | request.get(requestParams, callback) | 50 | requestParams.json.signature = { |
51 | host, // Which host we pretend to be | ||
52 | signature: peertubeCrypto.sign(dataToSign) | ||
53 | } | ||
54 | } | ||
55 | |||
56 | // If there are data informations | ||
57 | if (params.data) { | ||
58 | requestParams.json.data = params.data | ||
55 | } | 59 | } |
60 | |||
61 | request.post(requestParams, callback) | ||
56 | } | 62 | } |
57 | 63 | ||
58 | // --------------------------------------------------------------------------- | 64 | // --------------------------------------------------------------------------- |