| 1 | var ws = require('socket.io'), |
| 2 | events = require('events'), |
| 3 | http = require('http'), |
| 4 | https = require('https'), |
| 5 | util = require('util'), |
| 6 | fs = require('fs'), |
| 7 | dns = require('dns'), |
| 8 | url = require('url'), |
| 9 | _ = require('lodash'), |
| 10 | Client = require('./client.js').Client, |
| 11 | HttpHandler = require('./httphandler.js').HttpHandler, |
| 12 | rehash = require('./rehash.js'), |
| 13 | range_check = require('range_check'); |
| 14 | |
| 15 | |
| 16 | |
| 17 | rehash.on('rehashed', function (files) { |
| 18 | Client = require('./client.js').Client; |
| 19 | HttpHandler = require('./httphandler.js').HttpHandler; |
| 20 | }); |
| 21 | |
| 22 | |
| 23 | // Instance of HttpHandler |
| 24 | var http_handler; |
| 25 | |
| 26 | |
| 27 | var WebListener = function (web_config, transports) { |
| 28 | var hs, opts, ws_opts, |
| 29 | that = this; |
| 30 | |
| 31 | |
| 32 | events.EventEmitter.call(this); |
| 33 | |
| 34 | http_handler = new HttpHandler(web_config); |
| 35 | |
| 36 | // Standard options for the socket.io connections |
| 37 | ws_opts = { |
| 38 | 'log level': 0, |
| 39 | 'log colors': 0 |
| 40 | }; |
| 41 | |
| 42 | |
| 43 | if (web_config.ssl) { |
| 44 | opts = { |
| 45 | key: fs.readFileSync(__dirname + '/' + web_config.ssl_key), |
| 46 | cert: fs.readFileSync(__dirname + '/' + web_config.ssl_cert) |
| 47 | }; |
| 48 | |
| 49 | // Do we have an intermediate certificate? |
| 50 | if (typeof web_config.ssl_ca !== 'undefined') { |
| 51 | opts.ca = fs.readFileSync(__dirname + '/' + web_config.ssl_ca); |
| 52 | } |
| 53 | |
| 54 | |
| 55 | hs = https.createServer(opts, handleHttpRequest); |
| 56 | |
| 57 | // Start socket.io listening on this weblistener |
| 58 | this.ws = ws.listen(hs, _.extend({ssl: true}, ws_opts)); |
| 59 | hs.listen(web_config.port, web_config.address, function () { |
| 60 | that.emit('listening'); |
| 61 | }); |
| 62 | |
| 63 | console.log('Listening on ' + web_config.address + ':' + web_config.port.toString() + ' with SSL'); |
| 64 | } else { |
| 65 | |
| 66 | // Start some plain-text server up |
| 67 | hs = http.createServer(handleHttpRequest); |
| 68 | |
| 69 | // Start socket.io listening on this weblistener |
| 70 | this.ws = ws.listen(hs, _.extend({ssl: false}, ws_opts)); |
| 71 | hs.listen(web_config.port, web_config.address, function () { |
| 72 | that.emit('listening'); |
| 73 | }); |
| 74 | |
| 75 | console.log('Listening on ' + web_config.address + ':' + web_config.port.toString() + ' without SSL'); |
| 76 | } |
| 77 | |
| 78 | this.ws.enable('browser client minification'); |
| 79 | this.ws.enable('browser client etag'); |
| 80 | this.ws.set('transports', transports); |
| 81 | this.ws.set('resource', (global.config.http_base_path || '') + '/transport'); |
| 82 | |
| 83 | this.ws.of('/kiwi').authorization(authoriseConnection) |
| 84 | .on('connection', function () { |
| 85 | newConnection.apply(that, arguments); |
| 86 | } |
| 87 | ); |
| 88 | this.ws.of('/kiwi').on('error', console.log); |
| 89 | }; |
| 90 | util.inherits(WebListener, events.EventEmitter); |
| 91 | |
| 92 | |
| 93 | |
| 94 | function handleHttpRequest(request, response) { |
| 95 | var uri = url.parse(request.url, true); |
| 96 | |
| 97 | // If this isn't a socket.io request, pass it onto the http handler |
| 98 | if (uri.pathname.substr(0, 10) !== '/socket.io') { |
| 99 | http_handler.serve(request, response); |
| 100 | } |
| 101 | } |
| 102 | |
| 103 | |
| 104 | /** |
| 105 | * Get the reverse DNS entry for this connection. |
| 106 | * Used later on for webirc, etc functionality |
| 107 | */ |
| 108 | function authoriseConnection(handshakeData, callback) { |
| 109 | var address = handshakeData.address.address; |
| 110 | |
| 111 | // If a forwarded-for header is found, switch the source address |
| 112 | if (handshakeData.headers[global.config.http_proxy_ip_header || 'x-forwarded-for']) { |
| 113 | // Check we're connecting from a whitelisted proxy |
| 114 | if (!global.config.http_proxies || !range_check.in_range(address, global.config.http_proxies)) { |
| 115 | console.log('Unlisted proxy:', address); |
| 116 | callback(null, false); |
| 117 | return; |
| 118 | } |
| 119 | |
| 120 | // We're sent from a whitelisted proxy, replace the hosts |
| 121 | address = handshakeData.headers['x-forwarded-for']; |
| 122 | } |
| 123 | |
| 124 | handshakeData.real_address = address; |
| 125 | |
| 126 | // If enabled, don't go over the connection limit |
| 127 | if (global.config.max_client_conns && global.config.max_client_conns > 0) { |
| 128 | if (global.clients.numOnAddress(address) + 1 > global.config.max_client_conns) { |
| 129 | return callback(null, false); |
| 130 | } |
| 131 | } |
| 132 | |
| 133 | dns.reverse(address, function (err, domains) { |
| 134 | if (err || domains.length === 0) { |
| 135 | handshakeData.revdns = address; |
| 136 | } else { |
| 137 | handshakeData.revdns = _.first(domains) || address; |
| 138 | } |
| 139 | |
| 140 | // All is well, authorise the connection |
| 141 | callback(null, true); |
| 142 | }); |
| 143 | } |
| 144 | |
| 145 | function newConnection(websocket) { |
| 146 | var client, that = this; |
| 147 | client = new Client(websocket); |
| 148 | client.on('destroy', function () { |
| 149 | that.emit('destroy', this); |
| 150 | }); |
| 151 | this.emit('connection', client); |
| 152 | } |
| 153 | |
| 154 | |
| 155 | |
| 156 | |
| 157 | |
| 158 | module.exports = WebListener; |