From cffb0da833b87eade74d3aa47f5747605cec04e7 Mon Sep 17 00:00:00 2001 From: ansuz Date: Mon, 23 Dec 2019 17:05:08 -0500 Subject: [PATCH] remove ssl support in node server. Use a reverse proxy for this. --- config/config.example.js | 9 --------- server.js | 28 +--------------------------- 2 files changed, 1 insertion(+), 36 deletions(-) diff --git a/config/config.example.js b/config/config.example.js index 779843f44..7dd49c54c 100644 --- a/config/config.example.js +++ b/config/config.example.js @@ -124,15 +124,6 @@ module.exports = { padContentSecurity: baseCSP.join('; ') + "script-src 'self' 'unsafe-eval' 'unsafe-inline'" + domain, - /* it is recommended that you serve CryptPad over https - * the filepaths below are used to configure your certificates - */ - //privKeyAndCertFiles: [ - // '/etc/apache2/ssl/my_secret.key', - // '/etc/apache2/ssl/my_public_cert.crt', - // '/etc/apache2/ssl/my_certificate_authorities_cert_chain.ca' - //], - /* Main pages * add exceptions to the router so that we can access /privacy.html * and other odd pages diff --git a/server.js b/server.js index acee1c499..1a619e63c 100644 --- a/server.js +++ b/server.js @@ -3,7 +3,6 @@ */ var Express = require('express'); var Http = require('http'); -var Https = require('https'); var Fs = require('fs'); var WebSocketServer = require('ws').Server; var NetfluxSrv = require('./node_modules/chainpad-server/NetfluxWebsocketSrv'); @@ -33,8 +32,6 @@ var Storage = require(config.storage||'./storage/file'); var app = debuggable('app', Express()); -var httpsOpts; - // mode can be FRESH (default), DEV, or PACKAGE var FRESH_KEY = ''; @@ -162,29 +159,6 @@ app.use("/customize.dist", Express.static(__dirname + '/customize.dist')); app.use(/^\/[^\/]*$/, Express.static('customize')); app.use(/^\/[^\/]*$/, Express.static('customize.dist')); -if (config.privKeyAndCertFiles) { - var privKeyAndCerts = ''; - config.privKeyAndCertFiles.forEach(function (file) { - privKeyAndCerts = privKeyAndCerts + Fs.readFileSync(file); - }); - var array = privKeyAndCerts.split('\n-----BEGIN '); - for (var i = 1; i < array.length; i++) { array[i] = '-----BEGIN ' + array[i]; } - var privKey; - for (var i = 0; i < array.length; i++) { - if (array[i].indexOf('PRIVATE KEY-----\n') !== -1) { - privKey = array[i]; - array.splice(i, 1); - break; - } - } - if (!privKey) { throw new Error("cannot find private key"); } - httpsOpts = { - cert: array.shift(), - key: privKey, - ca: array - }; -} - var admins = []; try { admins = (config.adminKeys || []).map(function (k) { @@ -244,7 +218,7 @@ app.use(function (req, res, next) { send404(res, custom_four04_path); }); -var httpServer = httpsOpts ? Https.createServer(httpsOpts, app) : Http.createServer(app); +var httpServer = Http.createServer(app); httpServer.listen(config.httpPort,config.httpAddress,function(){ var host = config.httpAddress;