aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares
diff options
context:
space:
mode:
authorChocobozzz <florian.bigard@gmail.com>2016-11-27 18:25:35 +0100
committerChocobozzz <florian.bigard@gmail.com>2016-11-27 18:25:35 +0100
commit38d78e5b82a30d1318e3cc2532b7ea22b8e163fa (patch)
tree3c4cdab683caf1e30c6e76ba78efeb0431fec932 /server/middlewares
parentbf57d5eebf8b0fa2361b7973ce9772abd1bb4828 (diff)
downloadPeerTube-38d78e5b82a30d1318e3cc2532b7ea22b8e163fa.tar.gz
PeerTube-38d78e5b82a30d1318e3cc2532b7ea22b8e163fa.tar.zst
PeerTube-38d78e5b82a30d1318e3cc2532b7ea22b8e163fa.zip
Server: remove encryption when seending requests to other pods
We don't need it anymore since HTTPS is mandatory now
Diffstat (limited to 'server/middlewares')
-rw-r--r--server/middlewares/secure.js28
-rw-r--r--server/middlewares/validators/remote.js10
2 files changed, 4 insertions, 34 deletions
diff --git a/server/middlewares/secure.js b/server/middlewares/secure.js
index fd5bc51d6..ee836beed 100644
--- a/server/middlewares/secure.js
+++ b/server/middlewares/secure.js
@@ -7,15 +7,14 @@ const peertubeCrypto = require('../helpers/peertube-crypto')
7const Pod = mongoose.model('Pod') 7const Pod = mongoose.model('Pod')
8 8
9const secureMiddleware = { 9const secureMiddleware = {
10 checkSignature, 10 checkSignature
11 decryptBody
12} 11}
13 12
14function checkSignature (req, res, next) { 13function checkSignature (req, res, next) {
15 const host = req.body.signature.host 14 const host = req.body.signature.host
16 Pod.loadByHost(host, function (err, pod) { 15 Pod.loadByHost(host, function (err, pod) {
17 if (err) { 16 if (err) {
18 logger.error('Cannot get signed host in decryptBody.', { error: err }) 17 logger.error('Cannot get signed host in body.', { error: err })
19 return res.sendStatus(500) 18 return res.sendStatus(500)
20 } 19 }
21 20
@@ -24,7 +23,7 @@ function checkSignature (req, res, next) {
24 return res.sendStatus(403) 23 return res.sendStatus(403)
25 } 24 }
26 25
27 logger.debug('Decrypting body from %s.', host) 26 logger.debug('Checking signature from %s.', host)
28 27
29 const signatureOk = peertubeCrypto.checkSignature(pod.publicKey, host, req.body.signature.signature) 28 const signatureOk = peertubeCrypto.checkSignature(pod.publicKey, host, req.body.signature.signature)
30 29
@@ -32,30 +31,11 @@ function checkSignature (req, res, next) {
32 return next() 31 return next()
33 } 32 }
34 33
35 logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.host) 34 logger.error('Signature is not okay in body for %s.', req.body.signature.host)
36 return res.sendStatus(403) 35 return res.sendStatus(403)
37 }) 36 })
38} 37}
39 38
40function decryptBody (req, res, next) {
41 peertubeCrypto.decrypt(req.body.key, req.body.data, function (err, decrypted) {
42 if (err) {
43 logger.error('Cannot decrypt data.', { error: err })
44 return res.sendStatus(500)
45 }
46
47 try {
48 req.body.data = JSON.parse(decrypted)
49 delete req.body.key
50 } catch (err) {
51 logger.error('Error in JSON.parse', { error: err })
52 return res.sendStatus(500)
53 }
54
55 next()
56 })
57}
58
59// --------------------------------------------------------------------------- 39// ---------------------------------------------------------------------------
60 40
61module.exports = secureMiddleware 41module.exports = secureMiddleware
diff --git a/server/middlewares/validators/remote.js b/server/middlewares/validators/remote.js
index c6455e678..858d193cc 100644
--- a/server/middlewares/validators/remote.js
+++ b/server/middlewares/validators/remote.js
@@ -4,20 +4,10 @@ const checkErrors = require('./utils').checkErrors
4const logger = require('../../helpers/logger') 4const logger = require('../../helpers/logger')
5 5
6const validatorsRemote = { 6const validatorsRemote = {
7 dataToDecrypt,
8 remoteVideos, 7 remoteVideos,
9 signature 8 signature
10} 9}
11 10
12function dataToDecrypt (req, res, next) {
13 req.checkBody('key', 'Should have a key').notEmpty()
14 req.checkBody('data', 'Should have data').notEmpty()
15
16 logger.debug('Checking dataToDecrypt parameters', { parameters: { keyLength: req.body.key.length, bodyLength: req.body.data.length } })
17
18 checkErrors(req, res, next)
19}
20
21function remoteVideos (req, res, next) { 11function remoteVideos (req, res, next) {
22 req.checkBody('data').isEachRemoteVideosValid() 12 req.checkBody('data').isEachRemoteVideosValid()
23 13