Initial support for TLS.
RLGWebD now serves via encrypted connections on port 8081. The client-side script now uses secure WebSockets if the page is being accessed via HTTPS.
This commit is contained in:
John "Elwin" Edwards
parent
2baaad79dd
commit
37bd2e8c28
2 changed files with 31 additions and 4 deletions
15
rlgterm.js
15
rlgterm.js
|
|
@ -396,7 +396,10 @@ function wsCurrent() {
|
||||||
}
|
}
|
||||||
if (statsock)
|
if (statsock)
|
||||||
return;
|
return;
|
||||||
statsock = new WebSocket("ws://" + window.location.host + "/status");
|
var wsproto = "ws://";
|
||||||
|
if (window.location.protocol == "https:")
|
||||||
|
wsproto = "wss://";
|
||||||
|
statsock = new WebSocket(wsproto + window.location.host + "/status");
|
||||||
statsock.onmessage = function (ev) {
|
statsock.onmessage = function (ev) {
|
||||||
var msg;
|
var msg;
|
||||||
try {
|
try {
|
||||||
|
|
@ -618,7 +621,10 @@ function startgame(game) {
|
||||||
if (!window.WebSocket) {
|
if (!window.WebSocket) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
var sockurl = "ws://" + window.location.host + "/play/" + game.uname;
|
var wsproto = "ws://";
|
||||||
|
if (window.location.protocol == "https:")
|
||||||
|
wsproto = "wss://";
|
||||||
|
var sockurl = wsproto + window.location.host + "/play/" + game.uname;
|
||||||
sockurl += "?key=" + sessionStorage.getItem("lcred") + "&w=80&h=24";
|
sockurl += "?key=" + sessionStorage.getItem("lcred") + "&w=80&h=24";
|
||||||
ws = new WebSocket(sockurl);
|
ws = new WebSocket(sockurl);
|
||||||
ws.onopen = function (event) {
|
ws.onopen = function (event) {
|
||||||
|
|
@ -653,7 +659,10 @@ function makeWatcher(t) {
|
||||||
function startwatching(tag) {
|
function startwatching(tag) {
|
||||||
if (session.connect)
|
if (session.connect)
|
||||||
return;
|
return;
|
||||||
var sockurl = "ws://" + window.location.host + "/watch/" + tag;
|
var wsproto = "ws://";
|
||||||
|
if (window.location.protocol == "https:")
|
||||||
|
wsproto = "wss://";
|
||||||
|
var sockurl = wsproto + window.location.host + "/watch/" + tag;
|
||||||
var ws = new WebSocket(sockurl);
|
var ws = new WebSocket(sockurl);
|
||||||
ws.onopen = function (event) {
|
ws.onopen = function (event) {
|
||||||
session.connect = true;
|
session.connect = true;
|
||||||
|
|
|
||||||
20
rlgwebd
20
rlgwebd
|
|
@ -1,6 +1,7 @@
|
||||||
#!/usr/bin/env node
|
#!/usr/bin/env node
|
||||||
|
|
||||||
var http = require('http');
|
var http = require('http');
|
||||||
|
var https = require('https');
|
||||||
var net = require('net');
|
var net = require('net');
|
||||||
var url = require('url');
|
var url = require('url');
|
||||||
var path = require('path');
|
var path = require('path');
|
||||||
|
|
@ -13,9 +14,14 @@ var pty = require("pty.js");
|
||||||
var WebSocketServer = require("websocket").server;
|
var WebSocketServer = require("websocket").server;
|
||||||
|
|
||||||
/* Configuration variables */
|
/* Configuration variables */
|
||||||
// The first file is NOT in the chroot.
|
// These first files are NOT in the chroot.
|
||||||
|
var domain_name = "rlgallery.org";
|
||||||
var ctlsocket = "/var/run/rlgwebd.sock";
|
var ctlsocket = "/var/run/rlgwebd.sock";
|
||||||
|
var keyfile = "/etc/letsencrypt/live/" + domain_name + "/privkey.pem";
|
||||||
|
var certfile = "/etc/letsencrypt/live/" + domain_name + "/cert.pem";
|
||||||
|
var cafile = "/etc/letsencrypt/live/" + domain_name + "/chain.pem";
|
||||||
var httpPort = 8080;
|
var httpPort = 8080;
|
||||||
|
var httpsPort = 8081;
|
||||||
var chrootDir = "/var/dgl/";
|
var chrootDir = "/var/dgl/";
|
||||||
var dropToUser = "rodney";
|
var dropToUser = "rodney";
|
||||||
var serveStaticRoot = "/var/www/"; // inside the chroot
|
var serveStaticRoot = "/var/www/"; // inside the chroot
|
||||||
|
|
@ -1212,6 +1218,12 @@ if (fs.existsSync(ctlsocket)) {
|
||||||
fs.unlinkSync(ctlsocket);
|
fs.unlinkSync(ctlsocket);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var tls_options = {
|
||||||
|
key: fs.readFileSync(keyfile),
|
||||||
|
cert: fs.readFileSync(certfile),
|
||||||
|
ca: fs.readFileSync(cafile)
|
||||||
|
};
|
||||||
|
|
||||||
/* Open the control socket before chrooting where it can't be found */
|
/* Open the control socket before chrooting where it can't be found */
|
||||||
var ctlServer = net.createServer(function (sock) {
|
var ctlServer = net.createServer(function (sock) {
|
||||||
sock.on('data', consoleHandler);
|
sock.on('data', consoleHandler);
|
||||||
|
|
@ -1242,6 +1254,12 @@ ctlServer.listen(ctlsocket, function () {
|
||||||
wsServer = new WebSocketServer({"httpServer": httpServer});
|
wsServer = new WebSocketServer({"httpServer": httpServer});
|
||||||
wsServer.on("request", wsHandler);
|
wsServer.on("request", wsHandler);
|
||||||
tslog('WebSockets are online');
|
tslog('WebSockets are online');
|
||||||
|
var httpsServer = https.createServer(tls_options, webHandler);
|
||||||
|
httpsServer.listen(httpsPort);
|
||||||
|
tslog('TLS running on port %d', httpsPort);
|
||||||
|
wssServer = new WebSocketServer({"httpServer": httpsServer});
|
||||||
|
wssServer.on("request", wsHandler);
|
||||||
|
tslog('Secure WebSockets are online');
|
||||||
progressWatcher = startProgressWatcher();
|
progressWatcher = startProgressWatcher();
|
||||||
setInterval(pushStatus, 40000);
|
setInterval(pushStatus, 40000);
|
||||||
});
|
});
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue