diff --git a/src/modules/plugin.ts b/src/modules/plugin.ts index 1aa8c7e..9a60e0c 100644 --- a/src/modules/plugin.ts +++ b/src/modules/plugin.ts @@ -16,7 +16,6 @@ import { getProtocolManager, ProtocolManager, } from "./swarm.js"; -import { get as getSSl, SSLManager } from "./ssl.js"; import { get as getApp } from "./app.js"; import type { HDKey } from "micro-ed25519-hdkey"; import corePlugins from "../plugins"; @@ -88,10 +87,6 @@ class PluginAPI extends EventEmitter2 { return getHDKey(); } - get ssl(): SSLManager { - return getSSl(); - } - get protocols(): ProtocolManager { return getProtocolManager(); } diff --git a/src/modules/relay.ts b/src/modules/relay.ts index a0f26fd..a0d82fa 100644 --- a/src/modules/relay.ts +++ b/src/modules/relay.ts @@ -6,7 +6,6 @@ import { relay } from "@hyperswarm/dht-relay"; import Stream from "@hyperswarm/dht-relay/ws"; import config from "../config.js"; import { get as getSwarm } from "./swarm.js"; -import { get as getSslManager } from "./ssl.js"; // @ts-ignore import log from "../log.js"; import { AddressInfo } from "net"; @@ -18,17 +17,9 @@ import websocket from "@fastify/websocket"; export async function start() { const dht = getSwarm(); - let sslOptions: boolean | http2.SecureServerOptions = false; - - if (getSslManager().ready) { - sslOptions = { - SNICallback: () => getSslManager().context, - } as http2.SecureServerOptions; - } let relayServer = fastify({ http2: true, - https: sslOptions as http2.SecureServerOptions, logger: log.child({ module: "relay-server" }), }); diff --git a/src/modules/ssl.ts b/src/modules/ssl.ts deleted file mode 100644 index ced669d..0000000 --- a/src/modules/ssl.ts +++ /dev/null @@ -1,97 +0,0 @@ -import * as tls from "tls"; -import b4a from "b4a"; -import log from "../log.js"; -import config from "../config.js"; - -export type SSLManagerRenewHandler = (domain: string) => Promise; -type SSLCert = string | Buffer | Array; - -export class SSLManager { - private _key?: Buffer; - - constructor(domain: string) { - this._domain = domain; - } - - private _domain: string; - - get domain(): string { - return this._domain; - } - - private _context?: tls.SecureContext; - - get context(): tls.SecureContext { - return this._context as tls.SecureContext; - } - - private _cert?: SSLCert; - - set cert(cert: SSLCert) { - this._cert = cert; - this._maybeUpdateContext(); - } - - private _renewHandler?: SSLManagerRenewHandler; - - get renewHandler(): SSLManagerRenewHandler { - return this._renewHandler as any; - } - - set renewHandler(value: SSLManagerRenewHandler) { - this._renewHandler = value; - } - - set privateKey(key: Buffer) { - this._key = key; - this._maybeUpdateContext(); - } - - get enabled() { - return config.bool("core.ssl"); - } - - get ready() { - return this.enabled && this.renewHandler; - } - - public async renew(): Promise { - let result = false; - - try { - result = (await this._renewHandler?.(this._domain)) as boolean; - } catch (e) { - log.error((e as Error).message); - } - return result; - } - - private _maybeUpdateContext() { - const valid = (value: any) => - b4a.isBuffer(value) || typeof value === "string" || Array.isArray(value); - - if (valid(this._cert) && valid(this._key)) { - const opts: tls.SecureContextOptions = { - key: this._key, - }; - - if (Array.isArray(this._cert)) { - opts.ca = this._cert.slice(1); - opts.cert = this._cert[0]; - } else { - opts.cert = this._cert; - } - this._context = tls.createSecureContext(opts); - } - } -} - -let sslManager: SSLManager; - -export function get(): SSLManager { - if (!sslManager) { - sslManager = new SSLManager(config.get("core.domain")); - } - - return sslManager; -}