2016-04-05 10:17:43 +00:00
;(function () { 'use strict';
const Crypto = require('crypto');
2016-09-16 16:45:40 +00:00
const Nacl = require('tweetnacl');
2016-05-14 10:47:59 +00:00
2016-04-05 10:17:43 +00:00
const LAG_MAX_BEFORE_PING = 15000;
const HISTORY_KEEPER_ID = Crypto.randomBytes(8).toString('hex');
const USE_HISTORY_KEEPER = true;
2016-04-07 09:27:14 +00:00
2016-04-27 13:03:41 +00:00
2016-04-05 10:17:43 +00:00
let dropUser;
2016-09-21 13:02:50 +00:00
let historyKeeperKeys = {};
2016-04-05 10:17:43 +00:00
const now = function () { return (new Date()).getTime(); };
2016-10-03 13:38:42 +00:00
const socketSendable = function (socket) {
return socket && socket.readyState === 1;
2016-04-05 10:17:43 +00:00
const sendMsg = function (ctx, user, msg) {
2016-10-03 13:38:42 +00:00
if (!socketSendable(user.socket)) { return; }
2016-04-05 10:17:43 +00:00
try {
2016-05-14 10:47:59 +00:00
if (ctx.config.logToStdout) { console.log('<' + JSON.stringify(msg)); }
2016-04-05 10:17:43 +00:00
} catch (e) {
dropUser(ctx, user);
2016-09-21 15:24:00 +00:00
const storeMessage = function (ctx, channel, msg) {
ctx.store.message(channel.id, msg, function (err) {
if (err && typeof(err) !== 'function') {
// ignore functions because older datastores
// might pass waitFors into the callback
console.log("Error writing message: " + err);
2016-04-05 10:17:43 +00:00
const sendChannelMessage = function (ctx, channel, msgStruct) {
channel.forEach(function (user) {
if(msgStruct[2] !== 'MSG' || user.id !== msgStruct[1]) { // We don't want to send back a message to its sender, in order to save bandwidth
sendMsg(ctx, user, msgStruct);
if (USE_HISTORY_KEEPER && msgStruct[2] === 'MSG') {
2016-09-21 13:02:50 +00:00
if (historyKeeperKeys[channel.id]) {
let signedMsg = msgStruct[4].replace(/^cp\|/, '');
signedMsg = Nacl.util.decodeBase64(signedMsg);
let validateKey = Nacl.util.decodeBase64(historyKeeperKeys[channel.id]);
let validated = Nacl.sign.open(signedMsg, validateKey);
if (!validated) {
console.log("Signed message rejected");
2016-09-21 15:24:00 +00:00
storeMessage(ctx, channel, JSON.stringify(msgStruct));
2016-04-05 10:17:43 +00:00
dropUser = function (ctx, user) {
if (user.socket.readyState !== 2 /* WebSocket.CLOSING */
&& user.socket.readyState !== 3 /* WebSocket.CLOSED */)
try {
} catch (e) {
console.log("Failed to disconnect ["+user.id+"], attempting to terminate");
try {
} catch (ee) {
console.log("Failed to terminate ["+user.id+"] *shrug*");
delete ctx.users[user.id];
Object.keys(ctx.channels).forEach(function (chanName) {
let chan = ctx.channels[chanName];
let idx = chan.indexOf(user);
if (idx < 0) { return; }
2016-09-30 13:51:23 +00:00
2016-10-12 08:39:46 +00:00
if (ctx.config.verbose) {
2016-09-30 13:51:23 +00:00
console.log("Removing ["+user.id+"] from channel ["+chanName+"]");
2016-04-05 10:17:43 +00:00
chan.splice(idx, 1);
if (chan.length === 0) {
2016-10-12 08:39:46 +00:00
if (ctx.config.verbose) {
2016-09-30 13:51:23 +00:00
console.log("Removing empty channel ["+chanName+"]");
2016-04-05 10:17:43 +00:00
delete ctx.channels[chanName];
2016-09-21 13:02:50 +00:00
delete historyKeeperKeys[chanName];
2016-05-14 11:04:05 +00:00
/* Call removeChannel if it is a function and channel removal is
set to true in the config file */
2016-05-14 11:27:15 +00:00
if (ctx.config.removeChannels) {
if (typeof(ctx.store.removeChannel) === 'function') {
ctx.timeouts[chanName] = setTimeout(function () {
ctx.store.removeChannel(chanName, function (err) {
if (err) { console.error("[removeChannelErr]: %s", err); }
else {
2016-10-12 08:39:46 +00:00
if (ctx.config.verbose) {
2016-09-30 13:51:23 +00:00
console.log("Deleted channel [%s] history from database...", chanName);
2016-05-14 11:27:15 +00:00
}, ctx.config.channelRemovalTimeout);
} else {
console.error("You have configured your server to remove empty channels, " +
"however, the database adaptor you are using has not implemented this behaviour.");
2016-05-14 11:04:05 +00:00
2016-04-05 10:17:43 +00:00
} else {
sendChannelMessage(ctx, chan, [user.id, 'LEAVE', chanName, 'Quit: [ dropUser() ]']);
2017-03-14 10:54:20 +00:00
const getHistory = function (ctx, channelName, lastKnownHash, handler, cb) {
2016-05-26 15:09:02 +00:00
var messageBuf = [];
2016-09-21 15:24:00 +00:00
var messageKey;
2016-05-26 15:09:02 +00:00
ctx.store.getMessages(channelName, function (msgStr) {
2016-09-21 15:24:00 +00:00
var parsed = JSON.parse(msgStr);
if (parsed.validateKey) {
historyKeeperKeys[channelName] = parsed.validateKey;
2016-09-13 15:03:46 +00:00
}, function (err) {
if (err) {
console.log("Error getting messages " + err.stack);
// TODO: handle this better
2016-05-26 15:09:02 +00:00
var startPoint;
var cpCount = 0;
var msgBuff2 = [];
2017-03-14 10:54:20 +00:00
var sendBuff2 = function () {
for (var x = msgBuff2.pop(); x; x = msgBuff2.pop()) { handler(x); }
var hash = function (msg) {
2017-03-15 15:01:00 +00:00
return msg.slice(0,64); //Crypto.createHash('md5').update(msg).digest('hex');
2017-03-14 10:54:20 +00:00
var isSent = false;
2016-05-26 15:09:02 +00:00
for (startPoint = messageBuf.length - 1; startPoint >= 0; startPoint--) {
var msg = messageBuf[startPoint];
2017-03-15 15:01:00 +00:00
if (lastKnownHash) {
if (msg[2] === 'MSG' && hash(msg[4]) === lastKnownHash) {
isSent = true;
2017-03-14 10:54:20 +00:00
} else if (msg[2] === 'MSG' && msg[4].indexOf('cp|') === 0) {
2016-05-26 15:09:02 +00:00
if (cpCount >= 2) {
2017-03-14 10:54:20 +00:00
isSent = true;
2016-05-26 15:09:02 +00:00
2017-03-14 10:54:20 +00:00
if (!isSent) {
2016-05-30 10:29:58 +00:00
// no checkpoints.
2017-03-14 10:54:20 +00:00
2016-05-30 10:29:58 +00:00
2016-09-21 13:02:50 +00:00
2016-05-26 15:09:02 +00:00
2016-04-05 10:17:43 +00:00
const randName = function () { return Crypto.randomBytes(16).toString('hex'); };
const handleMessage = function (ctx, user, msg) {
let json = JSON.parse(msg);
let seq = json.shift();
let cmd = json[0];
let obj = json[1];
user.timeOfLastMessage = now();
user.pingOutstanding = false;
if (cmd === 'JOIN') {
if (obj && obj.length !== 32) {
sendMsg(ctx, user, [seq, 'ERROR', 'ENOENT', obj]);
let chanName = obj || randName();
2016-04-07 09:27:14 +00:00
sendMsg(ctx, user, [seq, 'JACK', chanName]);
2016-04-05 10:17:43 +00:00
let chan = ctx.channels[chanName] = ctx.channels[chanName] || [];
2016-05-14 11:04:05 +00:00
// prevent removal of the channel if there is a pending timeout
if (ctx.config.removeChannels && ctx.timeouts[chanName]) {
2016-04-05 10:17:43 +00:00
chan.id = chanName;
sendMsg(ctx, user, [0, HISTORY_KEEPER_ID, 'JOIN', chanName]);
chan.forEach(function (u) { sendMsg(ctx, user, [0, u.id, 'JOIN', chanName]); });
sendChannelMessage(ctx, chan, [user.id, 'JOIN', chanName]);
if (cmd === 'MSG') {
if (obj === HISTORY_KEEPER_ID) {
let parsed;
2016-04-07 16:48:01 +00:00
try { parsed = JSON.parse(json[2]); } catch (err) { console.error(err); return; }
2016-04-05 10:17:43 +00:00
if (parsed[0] === 'GET_HISTORY') {
2017-03-14 10:54:20 +00:00
// parsed[1] is the channel id
// parsed[2] is a validation key (optionnal)
// parsed[3] is the last known hash (optionnal)
2016-04-27 10:17:39 +00:00
sendMsg(ctx, user, [seq, 'ACK']);
2017-03-14 10:54:20 +00:00
getHistory(ctx, parsed[1], parsed[3], function (msg) {
2016-04-05 10:17:43 +00:00
sendMsg(ctx, user, [0, HISTORY_KEEPER_ID, 'MSG', user.id, JSON.stringify(msg)]);
2016-09-21 13:02:50 +00:00
}, function (messages) {
if (messages.length === 0 && parsed[2] && !historyKeeperKeys[parsed[1]]) {
2016-09-21 15:24:00 +00:00
var key = {channel: parsed[1], validateKey: parsed[2]};
storeMessage(ctx, ctx.channels[parsed[1]], JSON.stringify(key));
2016-09-21 13:02:50 +00:00
historyKeeperKeys[parsed[1]] = parsed[2];
2016-09-23 13:37:12 +00:00
let parsedMsg = {state: 1, channel: parsed[1]};
sendMsg(ctx, user, [0, HISTORY_KEEPER_ID, 'MSG', user.id, JSON.stringify(parsedMsg)]);
2016-04-05 10:17:43 +00:00
2017-03-10 17:03:15 +00:00
} else if (ctx.rpc) {
/* RPC Calls... */
var rpc_call = parsed.slice(1);
// slice off the sequence number and pass in the rest of the message
2017-03-15 14:55:25 +00:00
ctx.rpc(ctx, rpc_call, function (err, output) {
2017-03-10 17:03:15 +00:00
if (err) {
2017-03-16 12:07:01 +00:00
if (!ctx.config.suppressRPCErrors) {
console.error('[' + err + ']', output);
2017-03-10 17:03:15 +00:00
sendMsg(ctx, user, [seq, 'ACK']);
sendMsg(ctx, user, [0, HISTORY_KEEPER_ID, 'MSG', user.id, JSON.stringify([parsed[0], 'ERROR', err])]);
sendMsg(ctx, user, [seq, 'ACK']);
sendMsg(ctx, user, [0, HISTORY_KEEPER_ID, 'MSG', user.id, JSON.stringify([parsed[0]].concat(output))]);
2016-04-05 10:17:43 +00:00
if (obj && !ctx.channels[obj] && !ctx.users[obj]) {
sendMsg(ctx, user, [seq, 'ERROR', 'ENOENT', obj]);
2016-04-05 13:06:38 +00:00
sendMsg(ctx, user, [seq, 'ACK']);
2016-04-05 10:17:43 +00:00
let target;
if ((target = ctx.channels[obj])) {
sendChannelMessage(ctx, target, json);
if ((target = ctx.users[obj])) {
sendMsg(ctx, target, json);
if (cmd === 'LEAVE') {
let err;
let chan;
let idx;
2016-04-07 09:27:14 +00:00
if (!obj) { err = 'EINVAL'; obj = 'undefined';}
2016-04-05 10:17:43 +00:00
if (!err && !(chan = ctx.channels[obj])) { err = 'ENOENT'; }
if (!err && (idx = chan.indexOf(user)) === -1) { err = 'NOT_IN_CHAN'; }
if (err) {
2016-04-07 09:27:14 +00:00
sendMsg(ctx, user, [seq, 'ERROR', err, obj]);
2016-04-05 10:17:43 +00:00
2016-04-05 13:06:38 +00:00
sendMsg(ctx, user, [seq, 'ACK']);
2016-04-05 10:17:43 +00:00
sendChannelMessage(ctx, chan, [user.id, 'LEAVE', chan.id]);
chan.splice(idx, 1);
if (cmd === 'PING') {
2016-04-05 13:06:38 +00:00
sendMsg(ctx, user, [seq, 'ACK']);
2016-04-05 10:17:43 +00:00
2017-03-10 17:03:15 +00:00
let run = module.exports.run = function (storage, socketServer, config, rpc) {
2016-05-14 11:04:05 +00:00
/* Channel removal timeout defaults to 60000ms (one minute) */
config.channelRemovalTimeout =
typeof(config.channelRemovalTimeout) === 'number'?
2016-04-05 10:17:43 +00:00
let ctx = {
users: {},
channels: {},
2016-05-14 11:04:05 +00:00
timeouts: {},
2016-09-30 13:51:23 +00:00
store: storage,
2017-03-10 17:03:15 +00:00
config: config,
rpc: rpc,
2016-04-05 10:17:43 +00:00
setInterval(function () {
Object.keys(ctx.users).forEach(function (userId) {
let u = ctx.users[userId];
if (now() - u.timeOfLastMessage > LAG_MAX_BEFORE_DISCONNECT) {
dropUser(ctx, u);
} else if (!u.pingOutstanding && now() - u.timeOfLastMessage > LAG_MAX_BEFORE_PING) {
2016-04-07 09:27:14 +00:00
sendMsg(ctx, u, [0, '', 'PING', now()]);
2016-04-05 10:17:43 +00:00
u.pingOutstanding = true;
}, 5000);
socketServer.on('connection', function(socket) {
2016-10-03 17:19:38 +00:00
if(socket.upgradeReq.url !== (config.websocketPath || '/cryptpad_websocket')) { return; }
2016-04-05 10:17:43 +00:00
let conn = socket.upgradeReq.connection;
let user = {
addr: conn.remoteAddress + '|' + conn.remotePort,
socket: socket,
id: randName(),
timeOfLastMessage: now(),
pingOutstanding: false
ctx.users[user.id] = user;
sendMsg(ctx, user, [0, '', 'IDENT', user.id]);
socket.on('message', function(message) {
2016-05-14 10:47:59 +00:00
if (ctx.config.logToStdout) { console.log('>'+message); }
2016-04-05 10:17:43 +00:00
try {
handleMessage(ctx, user, message);
} catch (e) {
dropUser(ctx, user);
socket.on('close', function (evt) {
for (let userId in ctx.users) {
if (ctx.users[userId].socket === socket) {
dropUser(ctx, ctx.users[userId]);