Compare commits

..

2 Commits

Author SHA1 Message Date
Derrick Hammer 714da70209
*refactor ssl support 2023-04-18 20:43:37 -04:00
Derrick Hammer 3b1b6425ae
*make the non-SSL port configurable 2023-04-18 20:28:51 -04:00
4 changed files with 34 additions and 17 deletions

View File

@ -26,6 +26,7 @@ switch (os.platform()) {
config.inject({ config.inject({
"core.confdir": configDir, "core.confdir": configDir,
"core.port": 8080, "core.port": 8080,
"core.apport": 80,
"core.loglevel": "info", "core.loglevel": "info",
"core.plugindir": path.resolve(configDir, "..", "plugins"), "core.plugindir": path.resolve(configDir, "..", "plugins"),
}); });

View File

@ -3,6 +3,7 @@ import log from "../log.js";
import fastify from "fastify"; import fastify from "fastify";
import type { FastifyInstance } from "fastify"; import type { FastifyInstance } from "fastify";
import { getKeyPair } from "../lib/seed.js"; import { getKeyPair } from "../lib/seed.js";
import config from "../config";
let app: FastifyInstance; let app: FastifyInstance;
@ -16,5 +17,5 @@ export async function start() {
res.send(Buffer.from(keyPair.publicKey).toString("hex")); res.send(Buffer.from(keyPair.publicKey).toString("hex"));
}); });
await app.listen({ port: 80, host: "0.0.0.0" }); await app.listen({ port: config.uint("core.appport"), host: "0.0.0.0" });
} }

View File

@ -20,7 +20,7 @@ export async function start() {
const dht = getSwarm(); const dht = getSwarm();
let sslOptions: boolean | http2.SecureServerOptions = false; let sslOptions: boolean | http2.SecureServerOptions = false;
if (getSslManager().enabled) { if (getSslManager().ready) {
sslOptions = { sslOptions = {
SNICallback: () => getSslManager().context, SNICallback: () => getSslManager().context,
} as http2.SecureServerOptions; } as http2.SecureServerOptions;

View File

@ -6,37 +6,47 @@ import config from "../config.js";
export type SSLManagerRenewHandler = (domain: string) => Promise<boolean>; export type SSLManagerRenewHandler = (domain: string) => Promise<boolean>;
export class SSLManager { export class SSLManager {
private _context?: tls.SecureContext;
private _key?: Buffer; private _key?: Buffer;
private _cert?: Buffer;
private _domain: string; private _domain: string;
private _renewHandler?: SSLManagerRenewHandler;
constructor(domain: string) { constructor(domain: string) {
this._domain = domain; this._domain = domain;
} }
private _context?: tls.SecureContext;
get context(): tls.SecureContext { get context(): tls.SecureContext {
return this._context as tls.SecureContext; return this._context as tls.SecureContext;
} }
private _cert?: Buffer;
set cert(cert: Buffer) {
this._cert = cert;
this._maybeUpdateContext();
}
private _renewHandler?: SSLManagerRenewHandler;
get renewHandler(): SSLManagerRenewHandler {
return this._renewHandler as any;
}
set renewHandler(value: SSLManagerRenewHandler) {
this._renewHandler = value;
}
set privateKey(key: Buffer) { set privateKey(key: Buffer) {
this._key = key; this._key = key;
this._maybeUpdateContext(); this._maybeUpdateContext();
} }
set cert(cert: Buffer) { get enabled() {
this._cert = cert; return config.bool("core.ssl");
this._maybeUpdateContext();
} }
private _maybeUpdateContext() { get ready() {
if (b4a.isBuffer(this._cert) && b4a.isBuffer(this._key)) { return this.enabled && this.renewHandler;
this._context = tls.createSecureContext({
cert: this._cert,
key: this._key,
});
}
} }
public async renew(): Promise<boolean> { public async renew(): Promise<boolean> {
@ -50,8 +60,13 @@ export class SSLManager {
return result; return result;
} }
get enabled() { private _maybeUpdateContext() {
return config.bool("core.ssl") && this._renewHandler; if (b4a.isBuffer(this._cert) && b4a.isBuffer(this._key)) {
this._context = tls.createSecureContext({
cert: this._cert,
key: this._key,
});
}
} }
} }