From 49abbbbedca83b9031d3e2eb3ae9ad9b6a7d96ed Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Mon, 14 Nov 2016 20:03:04 +0100 Subject: Pod URL -> pod host. HTTPS is required to make friends. Reason: in a network with mix http/https pods, https pods won't be able to play videos from http pod (insecure requests). --- server/middlewares/pods.js | 50 +++++++++++++++------------------ server/middlewares/secure.js | 14 ++++----- server/middlewares/validators/pods.js | 4 +-- server/middlewares/validators/remote.js | 4 +-- 4 files changed, 33 insertions(+), 39 deletions(-) (limited to 'server/middlewares') diff --git a/server/middlewares/pods.js b/server/middlewares/pods.js index 6e0874a76..487ea1259 100644 --- a/server/middlewares/pods.js +++ b/server/middlewares/pods.js @@ -1,38 +1,36 @@ 'use strict' -const urlModule = require('url') - -const logger = require('../helpers/logger') +const constants = require('../initializers/constants') const podsMiddleware = { - setBodyUrlsPort, - setBodyUrlPort + setBodyHostsPort, + setBodyHostPort } -function setBodyUrlsPort (req, res, next) { - for (let i = 0; i < req.body.urls.length; i++) { - const urlWithPort = getUrlWithPort(req.body.urls[i]) +function setBodyHostsPort (req, res, next) { + for (let i = 0; i < req.body.hosts.length; i++) { + const hostWithPort = getHostWithPort(req.body.hosts[i]) // Problem with the url parsing? - if (urlWithPort === null) { + if (hostWithPort === null) { return res.sendStatus(500) } - req.body.urls[i] = urlWithPort + req.body.hosts[i] = hostWithPort } return next() } -function setBodyUrlPort (req, res, next) { - const urlWithPort = getUrlWithPort(req.body.url) +function setBodyHostPort (req, res, next) { + const hostWithPort = getHostWithPort(req.body.host) // Problem with the url parsing? - if (urlWithPort === null) { + if (hostWithPort === null) { return res.sendStatus(500) } - req.body.url = urlWithPort + req.body.host = hostWithPort return next() } @@ -43,20 +41,16 @@ module.exports = podsMiddleware // --------------------------------------------------------------------------- -function getUrlWithPort (url) { - const urlObj = urlModule.parse(url) - - // Add the port if it is not specified - if (urlObj.port === null) { - if (urlObj.protocol === 'http:') { - return url + ':80' - } else if (urlObj.protocol === 'https:') { - return url + ':443' - } else { - logger.error('Unknown url protocol: ' + urlObj.protocol) - return null - } +function getHostWithPort (host) { + const splitted = host.split(':') + + console.log(splitted) + // The port was not specified + if (splitted.length === 1) { + if (constants.REMOTE_SCHEME.HTTP === 'https') return host + ':443' + + return host + ':80' } - return url + return host } diff --git a/server/middlewares/secure.js b/server/middlewares/secure.js index 58f824d14..fd5bc51d6 100644 --- a/server/middlewares/secure.js +++ b/server/middlewares/secure.js @@ -12,27 +12,27 @@ const secureMiddleware = { } function checkSignature (req, res, next) { - const url = req.body.signature.url - Pod.loadByUrl(url, function (err, pod) { + const host = req.body.signature.host + Pod.loadByHost(host, function (err, pod) { if (err) { - logger.error('Cannot get signed url in decryptBody.', { error: err }) + logger.error('Cannot get signed host in decryptBody.', { error: err }) return res.sendStatus(500) } if (pod === null) { - logger.error('Unknown pod %s.', url) + logger.error('Unknown pod %s.', host) return res.sendStatus(403) } - logger.debug('Decrypting body from %s.', url) + logger.debug('Decrypting body from %s.', host) - const signatureOk = peertubeCrypto.checkSignature(pod.publicKey, url, req.body.signature.signature) + const signatureOk = peertubeCrypto.checkSignature(pod.publicKey, host, req.body.signature.signature) if (signatureOk === true) { return next() } - logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.url) + logger.error('Signature is not okay in decryptBody for %s.', req.body.signature.host) return res.sendStatus(403) }) } diff --git a/server/middlewares/validators/pods.js b/server/middlewares/validators/pods.js index fd3d1e2f2..4f8bad2f9 100644 --- a/server/middlewares/validators/pods.js +++ b/server/middlewares/validators/pods.js @@ -10,7 +10,7 @@ const validatorsPod = { } function makeFriends (req, res, next) { - req.checkBody('urls', 'Should have an array of unique urls').isEachUniqueUrlValid() + req.checkBody('hosts', 'Should have an array of unique hosts').isEachUniqueHostValid() logger.debug('Checking makeFriends parameters', { parameters: req.body }) @@ -32,7 +32,7 @@ function makeFriends (req, res, next) { } function podsAdd (req, res, next) { - req.checkBody('url', 'Should have an url').notEmpty().isURL({ require_protocol: true }) + req.checkBody('host', 'Should have an host').notEmpty().isURL() req.checkBody('publicKey', 'Should have a public key').notEmpty() // TODO: check we don't have it already diff --git a/server/middlewares/validators/remote.js b/server/middlewares/validators/remote.js index 8c29ef8ca..c6455e678 100644 --- a/server/middlewares/validators/remote.js +++ b/server/middlewares/validators/remote.js @@ -27,10 +27,10 @@ function remoteVideos (req, res, next) { } function signature (req, res, next) { - req.checkBody('signature.url', 'Should have a signature url').isURL() + req.checkBody('signature.host', 'Should have a signature host').isURL() req.checkBody('signature.signature', 'Should have a signature').notEmpty() - logger.debug('Checking signature parameters', { parameters: { signatureUrl: req.body.signature.url } }) + logger.debug('Checking signature parameters', { parameters: { signatureHost: req.body.signature.host } }) checkErrors(req, res, next) } -- cgit v1.2.3