diff options
| author | Tom Smeding <tom.smeding@gmail.com> | 2020-06-27 21:37:22 +0200 |
|---|---|---|
| committer | Tom Smeding <tom.smeding@gmail.com> | 2020-06-27 21:37:22 +0200 |
| commit | e86deffd9c387f0912eb392cf23cb08aa3ea4c1e (patch) | |
| tree | 228ba20416bb059cdea37a286dbed3c5bf37a6b8 | |
| parent | 1677af7e078261d52c5a0e83db051eacb2da0038 (diff) | |
websockets: Fix https support
| -rw-r--r-- | websockets/.gitignore | 2 | ||||
| -rwxr-xr-x | websockets/generate_cert.sh | 11 | ||||
| -rwxr-xr-x | websockets/server.js | 19 |
3 files changed, 24 insertions, 8 deletions
diff --git a/websockets/.gitignore b/websockets/.gitignore index 3c3629e..3463975 100644 --- a/websockets/.gitignore +++ b/websockets/.gitignore @@ -1 +1,3 @@ node_modules +key.pem +cert.pem diff --git a/websockets/generate_cert.sh b/websockets/generate_cert.sh new file mode 100755 index 0000000..26315a1 --- /dev/null +++ b/websockets/generate_cert.sh @@ -0,0 +1,11 @@ +#!/usr/bin/env bash +if [[ $# -ne 2 ]]; then + echo >&2 "Usage: $0 <key.pem> <cert.pem>" + echo >&2 "<key.pem> is the filename for the private key; <cert.pem> is the filename for" + echo >&2 "the public certificate." + exit 1 +fi + +keyfile="$1" +certfile="$2" +openssl req -x509 -newkey rsa:4096 -keyout "$keyfile" -out "$certfile" -nodes -subj '/CN=localhost' diff --git a/websockets/server.js b/websockets/server.js index b650ce1..763b343 100755 --- a/websockets/server.js +++ b/websockets/server.js @@ -13,12 +13,18 @@ const upstream={ let httpsConfig=null; -if(process.argv.length>=4){ +if(process.argv.length==4){ console.log("Reading keys for https"); httpsConfig={ - key: fs.readFileSync(process.argv[2]), - cert: fs.readFileSync(process.argv[3]), + key_file_name: process.argv[2], + cert_file_name: process.argv[3], }; +} else if(process.argv.length==2){ + console.log("WARNING: Running without SSL!"); +} else { + console.error("Usage: ./server.js # proxy without SSL"); + console.error(" ./server.js <key.pem> <cert.pem> # proxy with SSL"); + process.exit(1); } if(process.getuid()==0){ @@ -31,10 +37,7 @@ if(process.getuid()==0){ let wsServer; if(httpsConfig){ - wsServer=WebSocket.SSLApp({ - key_file_name: httpsConfig.key, - cert_file_name: httpsConfig.cert, - }); + wsServer=WebSocket.SSLApp(httpsConfig); } else { wsServer=WebSocket.App(); } @@ -87,6 +90,6 @@ wsServer=wsServer.ws("/*",{ wsServer=wsServer.listen(PORT,listenSocket=>{ if(listenSocket){ - console.log(`Websocket server bound on port ${PORT}`); + console.log(`Websocket server${httpsConfig?" (SSL)":""} bound on port ${PORT}`); } }); |