*Removing ssl support, will delegate it to caddy

2023-04-19 02:29:11 -04:00 · 2023-04-19 02:29:11 -04:00 · 69e613075e
parent 671c7ad6a1
commit 69e613075e
3 changed files with 0 additions and 111 deletions
--- a/src/modules/plugin.ts
+++ b/src/modules/plugin.ts
@ -16,7 +16,6 @@ import {
  getProtocolManager,
  ProtocolManager,
 } from "./swarm.js";
-import { get as getSSl, SSLManager } from "./ssl.js";
 import { get as getApp } from "./app.js";
 import type { HDKey } from "micro-ed25519-hdkey";
 import corePlugins from "../plugins";
@ -88,10 +87,6 @@ class PluginAPI extends EventEmitter2 {
    return getHDKey();
  }

-  get ssl(): SSLManager {
-    return getSSl();
-  }
-
  get protocols(): ProtocolManager {
    return getProtocolManager();
  }
--- a/src/modules/relay.ts
+++ b/src/modules/relay.ts
@ -6,7 +6,6 @@ import { relay } from "@hyperswarm/dht-relay";
 import Stream from "@hyperswarm/dht-relay/ws";
 import config from "../config.js";
 import { get as getSwarm } from "./swarm.js";
-import { get as getSslManager } from "./ssl.js";
 // @ts-ignore
 import log from "../log.js";
 import { AddressInfo } from "net";
@ -18,17 +17,9 @@ import websocket from "@fastify/websocket";

 export async function start() {
  const dht = getSwarm();
-  let sslOptions: boolean | http2.SecureServerOptions = false;
-
-  if (getSslManager().ready) {
-    sslOptions = {
-      SNICallback: () => getSslManager().context,
-    } as http2.SecureServerOptions;
-  }

  let relayServer = fastify({
    http2: true,
-    https: sslOptions as http2.SecureServerOptions,
    logger: log.child({ module: "relay-server" }),
  });

--- a/src/modules/ssl.ts
+++ b/src/modules/ssl.ts
@ -1,97 +0,0 @@
-import * as tls from "tls";
-import b4a from "b4a";
-import log from "../log.js";
-import config from "../config.js";
-
-export type SSLManagerRenewHandler = (domain: string) => Promise<boolean>;
-type SSLCert = string | Buffer | Array<string | Buffer>;
-
-export class SSLManager {
-  private _key?: Buffer;
-
-  constructor(domain: string) {
-    this._domain = domain;
-  }
-
-  private _domain: string;
-
-  get domain(): string {
-    return this._domain;
-  }
-
-  private _context?: tls.SecureContext;
-
-  get context(): tls.SecureContext {
-    return this._context as tls.SecureContext;
-  }
-
-  private _cert?: SSLCert;
-
-  set cert(cert: SSLCert) {
-    this._cert = cert;
-    this._maybeUpdateContext();
-  }
-
-  private _renewHandler?: SSLManagerRenewHandler;
-
-  get renewHandler(): SSLManagerRenewHandler {
-    return this._renewHandler as any;
-  }
-
-  set renewHandler(value: SSLManagerRenewHandler) {
-    this._renewHandler = value;
-  }
-
-  set privateKey(key: Buffer) {
-    this._key = key;
-    this._maybeUpdateContext();
-  }
-
-  get enabled() {
-    return config.bool("core.ssl");
-  }
-
-  get ready() {
-    return this.enabled && this.renewHandler;
-  }
-
-  public async renew(): Promise<boolean> {
-    let result = false;
-
-    try {
-      result = (await this._renewHandler?.(this._domain)) as boolean;
-    } catch (e) {
-      log.error((e as Error).message);
-    }
-    return result;
-  }
-
-  private _maybeUpdateContext() {
-    const valid = (value: any) =>
-      b4a.isBuffer(value) || typeof value === "string" || Array.isArray(value);
-
-    if (valid(this._cert) && valid(this._key)) {
-      const opts: tls.SecureContextOptions = {
-        key: this._key,
-      };
-
-      if (Array.isArray(this._cert)) {
-        opts.ca = this._cert.slice(1);
-        opts.cert = this._cert[0];
-      } else {
-        opts.cert = this._cert;
-      }
-      this._context = tls.createSecureContext(opts);
-    }
-  }
-}
-
-let sslManager: SSLManager;
-
-export function get(): SSLManager {
-  if (!sslManager) {
-    sslManager = new SSLManager(config.get("core.domain"));
-  }
-
-  return sslManager;
-}