Add SSL support
This commit is contained in:
parent
f7e968a13c
commit
4ec1d04247
12
changelog
12
changelog
|
@ -1,3 +1,15 @@
|
|||
Mon Sep 9 17:11 2013 CDT
|
||||
* lib/server.js: If SSL is enabled in config, create an additional
|
||||
server listening with SSL for websockets and HTTPS traffic
|
||||
* lib/config.js: Add config keys for SSL
|
||||
* lib/channel.js: Broadcast messages to both regular and SSL sockets
|
||||
* www/assets/js/iourl.js: Add SSL_URL and automatically set WEB_URL and
|
||||
IO_URL to SSL_URL when the protocol is HTTPS
|
||||
* www/assets/js/callbacks.js: Automatically set the secure option on
|
||||
io.connect()
|
||||
* www/assets/js/ui.js, www/index.html, www/channel.html: Fix links to
|
||||
be dependent on the protocol
|
||||
|
||||
Sun Sep 8 17:41 2013 CDT
|
||||
* lib/server.js: Change behavior of unloadChannel - deletes all object
|
||||
keys in the channel object and then sets channel.dead = true
|
||||
|
|
|
@ -991,6 +991,7 @@ Channel.prototype.sendAll = function(message, data) {
|
|||
if(this.name == "")
|
||||
return;
|
||||
this.server.io.sockets.in(this.name).emit(message, data);
|
||||
this.server.sslio.sockets.in(this.name).emit(message, data);
|
||||
}
|
||||
|
||||
Channel.prototype.sendAllWithPermission = function(perm, msg, data) {
|
||||
|
|
|
@ -20,6 +20,10 @@ var defaults = {
|
|||
"mysql-pw" : "supersecretpass",
|
||||
"express-host" : "0.0.0.0",
|
||||
"io-host" : "0.0.0.0",
|
||||
"enable-ssl" : false,
|
||||
"ssl-keyfile" : "",
|
||||
"ssl-certfile" : "",
|
||||
"ssl-port" : 443,
|
||||
"asset-cache-ttl" : 0,
|
||||
"web-port" : 8080,
|
||||
"io-port" : 1337,
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
var path = require("path");
|
||||
var fs = require("fs");
|
||||
var http = require("http");
|
||||
var https = require("https");
|
||||
var express = require("express");
|
||||
var Config = require("./config");
|
||||
var Logger = require("./logger");
|
||||
|
@ -72,6 +74,8 @@ var Server = {
|
|||
app: null,
|
||||
io: null,
|
||||
httpserv: null,
|
||||
sslserv: null,
|
||||
sslio: null,
|
||||
ioserv: null,
|
||||
db: null,
|
||||
ips: {},
|
||||
|
@ -92,6 +96,41 @@ var Server = {
|
|||
url = url.substring(0, url.lastIndexOf("?"));
|
||||
this.httpaccess.log([ipstr, req.method, url, status, req.headers["user-agent"]].join(" "));
|
||||
},
|
||||
handleIOConnection: function (socket) {
|
||||
var self = this;
|
||||
self.stats.record("socketio", "socket");
|
||||
var ip = getSocketIP(socket);
|
||||
socket._ip = ip;
|
||||
self.db.isGlobalIPBanned(ip, function (err, bant) {
|
||||
if(bant) {
|
||||
Logger.syslog.log("Disconnecting " + ip + " - gbanned");
|
||||
socket.emit("kick", {
|
||||
reason: "You're globally banned."
|
||||
});
|
||||
socket.disconnect(true);
|
||||
}
|
||||
});
|
||||
|
||||
socket.on("disconnect", function () {
|
||||
self.ips[ip]--;
|
||||
}.bind(self));
|
||||
|
||||
if(!(ip in self.ips))
|
||||
self.ips[ip] = 0;
|
||||
self.ips[ip]++;
|
||||
|
||||
if(self.ips[ip] > Server.cfg["ip-connection-limit"]) {
|
||||
socket.emit("kick", {
|
||||
reason: "Too many connections from your IP address"
|
||||
});
|
||||
socket.disconnect(true);
|
||||
return;
|
||||
}
|
||||
|
||||
// finally a valid user
|
||||
Logger.syslog.log("Accepted socket from /" + socket._ip);
|
||||
new User(socket, self);
|
||||
},
|
||||
init: function () {
|
||||
var self = this;
|
||||
// init database
|
||||
|
@ -171,6 +210,25 @@ var Server = {
|
|||
});
|
||||
|
||||
// bind servers
|
||||
if (self.cfg["enable-ssl"]) {
|
||||
var key = fs.readFileSync(path.resolve(__dirname, "..",
|
||||
self.cfg["ssl-keyfile"]));
|
||||
var cert = fs.readFileSync(path.resolve(__dirname, "..",
|
||||
self.cfg["ssl-certfile"]));
|
||||
|
||||
var options = {
|
||||
key: key,
|
||||
cert: cert
|
||||
};
|
||||
|
||||
self.sslserv = https.createServer(options, self.app)
|
||||
.listen(self.cfg["ssl-port"]);
|
||||
self.sslio = require("socket.io").listen(self.sslserv);
|
||||
self.sslio.set("log level", 1);
|
||||
self.sslio.sockets.on("connection", function (socket) {
|
||||
self.handleIOConnection(socket);
|
||||
});
|
||||
}
|
||||
self.httpserv = self.app.listen(Server.cfg["web-port"],
|
||||
Server.cfg["express-host"]);
|
||||
self.ioserv = express().listen(Server.cfg["io-port"],
|
||||
|
@ -180,39 +238,8 @@ var Server = {
|
|||
self.io = require("socket.io").listen(self.ioserv);
|
||||
self.io.set("log level", 1);
|
||||
self.io.sockets.on("connection", function (socket) {
|
||||
self.stats.record("socketio", "socket");
|
||||
var ip = getSocketIP(socket);
|
||||
socket._ip = ip;
|
||||
self.db.isGlobalIPBanned(ip, function (err, bant) {
|
||||
if(bant) {
|
||||
Logger.syslog.log("Disconnecting " + ip + " - gbanned");
|
||||
socket.emit("kick", {
|
||||
reason: "You're globally banned."
|
||||
});
|
||||
socket.disconnect(true);
|
||||
}
|
||||
});
|
||||
|
||||
socket.on("disconnect", function () {
|
||||
self.ips[ip]--;
|
||||
}.bind(self));
|
||||
|
||||
if(!(ip in self.ips))
|
||||
self.ips[ip] = 0;
|
||||
self.ips[ip]++;
|
||||
|
||||
if(self.ips[ip] > Server.cfg["ip-connection-limit"]) {
|
||||
socket.emit("kick", {
|
||||
reason: "Too many connections from your IP address"
|
||||
});
|
||||
socket.disconnect(true);
|
||||
return;
|
||||
}
|
||||
|
||||
// finally a valid user
|
||||
Logger.syslog.log("Accepted socket from /" + socket._ip);
|
||||
new User(socket, self);
|
||||
}.bind(self));
|
||||
self.handleIOConnection(socket);
|
||||
});
|
||||
|
||||
|
||||
// init ACP
|
||||
|
|
|
@ -1148,6 +1148,9 @@ $.getScript(IO_URL+"/socket.io/socket.io.js", function() {
|
|||
if(i >= 0)
|
||||
io.transports.splice(i, 1);
|
||||
}
|
||||
var opts = {};
|
||||
if (location.protocol === "https:")
|
||||
opts.secure = true;
|
||||
socket = io.connect(IO_URL);
|
||||
setupCallbacks();
|
||||
}
|
||||
|
|
|
@ -11,3 +11,8 @@ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLI
|
|||
|
||||
var IO_URL = "http://localhost:1337";
|
||||
var WEB_URL = "http://localhost:8080";
|
||||
var SSL_URL = "https://localhost:443";
|
||||
|
||||
if (location.protocol === "https:") {
|
||||
IO_URL = WEB_URL = SSL_URL;
|
||||
}
|
||||
|
|
|
@ -438,14 +438,9 @@ else {
|
|||
var label = $("<label/>").text("Enter Channel:").appendTo(div);
|
||||
var entry = $("<input/>").attr("type", "text").appendTo(div);
|
||||
entry.keydown(function(ev) {
|
||||
var host = ""+document.location;
|
||||
host = host.replace("http://", "");
|
||||
host = host.substring(0, host.indexOf("/"));
|
||||
var host = document.protocol + "//" + document.host + "/";
|
||||
if(ev.keyCode == 13) {
|
||||
document.location = "http://" + host + "/r/" + entry.val();
|
||||
socket.emit("joinChannel", {
|
||||
name: entry.val()
|
||||
});
|
||||
document.location = host + "r/" + entry.val();
|
||||
container.remove();
|
||||
main.css("display", "");
|
||||
}
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
<link href="./assets/css/bootstrap.css" rel="stylesheet">
|
||||
<link href="./assets/css/bootstrap-responsive.css" rel="stylesheet">
|
||||
<link href="./assets/css/ytsync.css" rel="stylesheet" id="defaultcss">
|
||||
<link href="http://code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.css" rel="stylesheet">
|
||||
<link href="//code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.css" rel="stylesheet">
|
||||
<style>
|
||||
body {
|
||||
padding-top: 60px;
|
||||
|
@ -230,14 +230,14 @@
|
|||
</div>
|
||||
<div id="footer">
|
||||
<p class="muted">
|
||||
CyTube Software Copyright © 2013 Calvin Montgomery · Available for free on <a href="http://github.com/calzoneman/sync">GitHub</a> ·
|
||||
CyTube Software Copyright © 2013 Calvin Montgomery · Available for free on <a href="https://github.com/calzoneman/sync">GitHub</a> ·
|
||||
<a href="https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=5Y7PUVVGVSEWG&lc=US&item_name=CyTube¤cy_code=USD&bn=PP%2dDonationsBF%3abtn_donate_SM%2egif%3aNonHosted">Donate</a>
|
||||
</p>
|
||||
|
||||
</div>
|
||||
|
||||
<script src="./assets/js/jquery.js"></script>
|
||||
<script src="http://code.jquery.com/ui/1.10.3/jquery-ui.js"></script>
|
||||
<script src="//code.jquery.com/ui/1.10.3/jquery-ui.js"></script>
|
||||
<!-- My Javascript -->
|
||||
<script src="./assets/js/data.js"></script>
|
||||
<script src="./assets/js/iourl.js"></script>
|
||||
|
@ -248,8 +248,9 @@
|
|||
<script src="./assets/js/ui.js"></script>
|
||||
<script src="./assets/js/callbacks.js"></script>
|
||||
<!-- APIs -->
|
||||
<script defer src="http://www.youtube.com/iframe_api"></script>
|
||||
<script defer src="http://api.dmcdn.net/all.js"></script>
|
||||
<script defer src="//www.youtube.com/iframe_api"></script>
|
||||
<script defer src="//api.dmcdn.net/all.js"></script>
|
||||
<!-- jwpsrv's SSL cert doesn't match, force http -->
|
||||
<script defer src="http://jwpsrv.com/library/QouFCLBMEeKC+CIACpYGxA.js"></script>
|
||||
<script defer src="./assets/js/sc.js"></script>
|
||||
<script defer src="./assets/js/froogaloop.min.js"></script>
|
||||
|
|
|
@ -91,12 +91,7 @@
|
|||
<!-- Mine -->
|
||||
<script src="./assets/js/iourl.js"></script>
|
||||
<script type="text/javascript">
|
||||
var host = document.location+"";
|
||||
host = host.replace("http://", "");
|
||||
var parts = host.split("/");
|
||||
parts[parts.length - 1] = "";
|
||||
host = parts.join("/");
|
||||
host = "http://" + host;
|
||||
var host = location.protocol + "//" + location.host + "/";
|
||||
setInterval(refresh, 10000);
|
||||
refresh();
|
||||
function idToURL(data) {
|
||||
|
@ -186,10 +181,8 @@
|
|||
}
|
||||
}
|
||||
if(params["channel"] && params["channel"].match(/^[a-zA-Z0-9]+$/)) {
|
||||
var host = ""+document.location;
|
||||
host = host.replace("http://", "");
|
||||
host = host.substring(0, host.indexOf("/"));
|
||||
document.location = "http://" + host + "/r/" + params["channel"];
|
||||
var host = location.protocol + "//" + location.host + "/";
|
||||
document.location = host + "r/" + params["channel"];
|
||||
}
|
||||
</script>
|
||||
</body>
|
||||
|
|
Loading…
Reference in a new issue