Merge branch 'master' into commercial
This commit is contained in:
commit
d8e54c179d
60
lib/relay.js
60
lib/relay.js
|
@ -186,6 +186,9 @@ module.exports.create = function (state) {
|
||||||
function addToken(jwtoken) {
|
function addToken(jwtoken) {
|
||||||
|
|
||||||
function onAuth(token) {
|
function onAuth(token) {
|
||||||
|
if ('string' !== typeof jwtoken) {
|
||||||
|
jwtoken = JSON.stringify(jwtoken);
|
||||||
|
}
|
||||||
var err;
|
var err;
|
||||||
if (!token) {
|
if (!token) {
|
||||||
err = new Error("invalid access token");
|
err = new Error("invalid access token");
|
||||||
|
@ -193,6 +196,20 @@ module.exports.create = function (state) {
|
||||||
return state.Promise.reject(err);
|
return state.Promise.reject(err);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (token.jwt && jwtoken !== token.jwt) {
|
||||||
|
// Access Token
|
||||||
|
sendTunnelMsg(
|
||||||
|
null
|
||||||
|
, [ 3
|
||||||
|
, 'access_token'
|
||||||
|
, { jwt: token.jwt }
|
||||||
|
]
|
||||||
|
, 'control'
|
||||||
|
);
|
||||||
|
// these aren't needed internally once they're sent
|
||||||
|
token.jwt = null;
|
||||||
|
}
|
||||||
|
|
||||||
if (!Array.isArray(token.domains)) {
|
if (!Array.isArray(token.domains)) {
|
||||||
if ('string' === typeof token.name) {
|
if ('string' === typeof token.name) {
|
||||||
token.domains = [ token.name ];
|
token.domains = [ token.name ];
|
||||||
|
@ -241,41 +258,51 @@ module.exports.create = function (state) {
|
||||||
Devices.add(state.deviceLists, domainname, token);
|
Devices.add(state.deviceLists, domainname, token);
|
||||||
});
|
});
|
||||||
|
|
||||||
console.log('[DEBUG] got to firstToken check');
|
|
||||||
|
|
||||||
if (!firstToken || firstToken === jwtoken) {
|
|
||||||
firstToken = jwtoken;
|
|
||||||
token.dynamicPorts = [];
|
|
||||||
token.dynamicNames = [];
|
|
||||||
|
|
||||||
function onDynTcpReady() {
|
function onDynTcpReady() {
|
||||||
var serviceport = this.address().port;
|
var serviceport = this.address().port;
|
||||||
console.info('[DynTcpConn] Port', serviceport, 'now open for', token.deviceId);
|
console.info('[DynTcpConn] Port', serviceport, 'now open for', token.deviceId);
|
||||||
token.dynamicPorts.push(serviceport);
|
//token.dynamicPorts.push(serviceport);
|
||||||
Devices.add(state.deviceLists, serviceport, token);
|
Devices.add(state.deviceLists, serviceport, token);
|
||||||
var hri = require('human-readable-ids').hri;
|
//var hri = require('human-readable-ids').hri;
|
||||||
var hrname = hri.random() + '.telebit.cloud';
|
//var hrname = hri.random() + '.telebit.cloud';
|
||||||
token.dynamicNames.push(hrname);
|
//token.dynamicNames.push(hrname);
|
||||||
// TODO restrict to authenticated device
|
// TODO restrict to authenticated device
|
||||||
// TODO pull servername from config
|
// TODO pull servername from config
|
||||||
// TODO remove hrname on disconnect
|
// TODO remove hrname on disconnect
|
||||||
Devices.add(state.deviceLists, hrname, token);
|
//Devices.add(state.deviceLists, hrname, token);
|
||||||
sendTunnelMsg(
|
sendTunnelMsg(
|
||||||
null
|
null
|
||||||
, [ 2
|
, [ 2
|
||||||
, 'grant'
|
, 'grant'
|
||||||
, [ ['ssh+https', hrname, 443 ]
|
, [ ['ssh+https', token.domains[0], 443 ]
|
||||||
, ['ssh', 'ssh.telebit.cloud', serviceport ]
|
, ['ssh', 'ssh.telebit.cloud', serviceport ]
|
||||||
, ['tcp', 'tcp.telebit.cloud', serviceport]
|
, ['tcp', 'tcp.telebit.cloud', serviceport]
|
||||||
, ['https', hrname ]
|
, ['https', token.domains[0] ]
|
||||||
]
|
]
|
||||||
]
|
]
|
||||||
, 'control'
|
, 'control'
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
console.log('[DEBUG] got to firstToken check');
|
||||||
|
|
||||||
|
if (!token.ports) {
|
||||||
|
token.ports = [];
|
||||||
|
}
|
||||||
|
if (!firstToken || firstToken === jwtoken) {
|
||||||
|
if (!token.ports.length) {
|
||||||
|
token.ports.push( 0 );
|
||||||
|
}
|
||||||
|
firstToken = token.jwt || jwtoken;
|
||||||
|
}
|
||||||
|
|
||||||
|
//token.dynamicPorts = [];
|
||||||
|
//token.dynamicNames = [];
|
||||||
|
|
||||||
|
var onePortForNow = parseInt(token.ports[0], 10) || 0;
|
||||||
|
// TODO try again with random port
|
||||||
try {
|
try {
|
||||||
token.server = require('net').createServer(onDynTcpConn).listen(0, onDynTcpReady);
|
token.server = require('net').createServer(onDynTcpConn).listen(onePortForNow, onDynTcpReady);
|
||||||
token.server.on('error', function (e) {
|
token.server.on('error', function (e) {
|
||||||
console.error("Server Error assigning a dynamic port to a new connection:", e);
|
console.error("Server Error assigning a dynamic port to a new connection:", e);
|
||||||
});
|
});
|
||||||
|
@ -284,7 +311,6 @@ module.exports.create = function (state) {
|
||||||
// (i.e. there are enough users to run out of ports)
|
// (i.e. there are enough users to run out of ports)
|
||||||
console.error("Error assigning a dynamic port to a new connection:", e);
|
console.error("Error assigning a dynamic port to a new connection:", e);
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
remotes[jwtoken] = token;
|
remotes[jwtoken] = token;
|
||||||
console.info("[ws] authorized", socketId, "for", token.deviceId);
|
console.info("[ws] authorized", socketId, "for", token.deviceId);
|
||||||
|
@ -310,7 +336,7 @@ module.exports.create = function (state) {
|
||||||
remote.domains.forEach(function (domainname) {
|
remote.domains.forEach(function (domainname) {
|
||||||
Devices.remove(state.deviceLists, domainname, remote);
|
Devices.remove(state.deviceLists, domainname, remote);
|
||||||
});
|
});
|
||||||
remote.dynamicPorts.forEach(function (portnumber) {
|
remote.ports.forEach(function (portnumber) {
|
||||||
Devices.remove(state.deviceLists, portnumber, remote);
|
Devices.remove(state.deviceLists, portnumber, remote);
|
||||||
});
|
});
|
||||||
remote.ws = null;
|
remote.ws = null;
|
||||||
|
|
Loading…
Reference in New Issue