Server: remove encryption when seending requests to other pods

We don't need it anymore since HTTPS is mandatory now
author: Chocobozzz <florian.bigard@gmail.com> 2016-11-27 18:25:35 +0100
committer: Chocobozzz <florian.bigard@gmail.com> 2016-11-27 18:25:35 +0100
commit: 38d78e5b82a30d1318e3cc2532b7ea22b8e163fa (patch)
tree: 3c4cdab683caf1e30c6e76ba78efeb0431fec932 /server/middlewares
parent: bf57d5eebf8b0fa2361b7973ce9772abd1bb4828 (diff)
download: PeerTube-38d78e5b82a30d1318e3cc2532b7ea22b8e163fa.tar.gz
PeerTube-38d78e5b82a30d1318e3cc2532b7ea22b8e163fa.tar.zst
PeerTube-38d78e5b82a30d1318e3cc2532b7ea22b8e163fa.zip
2 files changed, 4 insertions, 34 deletions
diff --git a/server/middlewares/secure.js b/server/middlewares/secure.js
index fd5bc51d6..ee836beed 100644
--- a/server/middlewares/secure.js
+++ b/server/middlewares/secure.js
@@ -7,15 +7,14 @@ const peertubeCrypto = require('../helpers/peertube-crypto')
 const Pod = mongoose.model('Pod')
 const secureMiddleware = {
-  checkSignature,
+  checkSignature
-  decryptBody
 }
 function checkSignature (req, res, next) {
  const host = req.body.signature.host
  Pod.loadByHost(host, function (err, pod) {
    if (err) {
-      logger.error('Cannot get signed host in decryptBody.', { error: err })
+      logger.error('Cannot get signed host in body.', { error: err })
      return res.sendStatus(500)
    }
@@ -24,7 +23,7 @@ function checkSignature (req, res, next) {
      return res.sendStatus(403)
    }
-    logger.debug('Decrypting body from %s.', host)
+    logger.debug('Checking signature from %s.', host)
    const signatureOk = peertubeCrypto.checkSignature(pod.publicKey, host, req.body.signature.signature)
@@ -32,30 +31,11 @@ function checkSignature (req, res, next) {
      return next()
    }
-    logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.host)
+    logger.error('Signature is not okay in body for %s.', req.body.signature.host)
    return res.sendStatus(403)
  })
 }
-function decryptBody (req, res, next) {
-  peertubeCrypto.decrypt(req.body.key, req.body.data, function (err, decrypted) {
-    if (err) {
-      logger.error('Cannot decrypt data.', { error: err })
-      return res.sendStatus(500)
-    }
-    try {
-      req.body.data = JSON.parse(decrypted)
-      delete req.body.key
-    } catch (err) {
-      logger.error('Error in JSON.parse', { error: err })
-      return res.sendStatus(500)
-    }
-    next()
-  })
-}
 // ---------------------------------------------------------------------------
 module.exports = secureMiddleware
diff --git a/server/middlewares/validators/remote.js b/server/middlewares/validators/remote.js
index c6455e678..858d193cc 100644
--- a/server/middlewares/validators/remote.js
+++ b/server/middlewares/validators/remote.js
@@ -4,20 +4,10 @@ const checkErrors = require('./utils').checkErrors
 const logger = require('../../helpers/logger')
 const validatorsRemote = {
-  dataToDecrypt,
  remoteVideos,
  signature
 }
-function dataToDecrypt (req, res, next) {
-  req.checkBody('key', 'Should have a key').notEmpty()
-  req.checkBody('data', 'Should have data').notEmpty()
-  logger.debug('Checking dataToDecrypt parameters', { parameters: { keyLength: req.body.key.length, bodyLength: req.body.data.length } })
-  checkErrors(req, res, next)
-}
 function remoteVideos (req, res, next) {
  req.checkBody('data').isEachRemoteVideosValid()
author	Chocobozzz <florian.bigard@gmail.com>	2016-11-27 18:25:35 +0100
committer	Chocobozzz <florian.bigard@gmail.com>	2016-11-27 18:25:35 +0100
commit	38d78e5b82a30d1318e3cc2532b7ea22b8e163fa (patch)
tree	3c4cdab683caf1e30c6e76ba78efeb0431fec932 /server/middlewares
parent	bf57d5eebf8b0fa2361b7973ce9772abd1bb4828 (diff)
download	PeerTube-38d78e5b82a30d1318e3cc2532b7ea22b8e163fa.tar.gz PeerTube-38d78e5b82a30d1318e3cc2532b7ea22b8e163fa.tar.zst PeerTube-38d78e5b82a30d1318e3cc2532b7ea22b8e163fa.zip