From 04e1d58a5078fca42caaf149c2a8d80109b17f6f Mon Sep 17 00:00:00 2001 From: Ryan Tharp Date: Wed, 29 Jan 2020 03:16:07 -0800 Subject: [PATCH 1/5] remove ugly TLS hack --- preload.js | 1 - 1 file changed, 1 deletion(-) diff --git a/preload.js b/preload.js index f2ac8ea28..8d81a8565 100644 --- a/preload.js +++ b/preload.js @@ -73,7 +73,6 @@ window.versionInfo = { }; // temporary clearnet fix -process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; window.getSelfSignedCert = () => { let pems = window.storage.get('self-signed-certificate', null); if (!pems) { From 646c3b2f265c26de0c2993ebd3b4873435dd1f35 Mon Sep 17 00:00:00 2001 From: Ryan Tharp Date: Wed, 29 Jan 2020 03:17:21 -0800 Subject: [PATCH 2/5] disable unauthorization rejection when making https requests limited to lokiRpc --- js/modules/loki_rpc.js | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/js/modules/loki_rpc.js b/js/modules/loki_rpc.js index 5f78ec07a..8b257edd6 100644 --- a/js/modules/loki_rpc.js +++ b/js/modules/loki_rpc.js @@ -2,8 +2,13 @@ libsignal, window, TextDecoder, TextEncoder, dcodeIO */ const nodeFetch = require('node-fetch'); +const https = require('https'); const { parse } = require('url'); +const snodeHttpsAgent = new https.Agent({ + rejectUnauthorized: false +}); + const LOKI_EPHEMKEY_HEADER = 'X-Loki-EphemKey'; const endpointBase = '/storage_rpc/v1'; @@ -115,6 +120,9 @@ const lokiFetch = async (url, options = {}, targetNode = null) => { timeout, method, }; + if (url.match(/https:\/\//)) { + fetchOptions.agent = snodeHttpsAgent; + } try { if (window.lokiFeatureFlags.useSnodeProxy && targetNode) { From 19b007696c42c7a0495ddd3f2b0fa89eecd020a5 Mon Sep 17 00:00:00 2001 From: Ryan Tharp Date: Wed, 29 Jan 2020 15:36:18 -0800 Subject: [PATCH 3/5] address missing comma for lint --- js/modules/loki_rpc.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/js/modules/loki_rpc.js b/js/modules/loki_rpc.js index 8b257edd6..7433fc4be 100644 --- a/js/modules/loki_rpc.js +++ b/js/modules/loki_rpc.js @@ -6,7 +6,7 @@ const https = require('https'); const { parse } = require('url'); const snodeHttpsAgent = new https.Agent({ - rejectUnauthorized: false + rejectUnauthorized: false, }); const LOKI_EPHEMKEY_HEADER = 'X-Loki-EphemKey'; From 24b37b93c6c4b30d3382d36defb58427db38de99 Mon Sep 17 00:00:00 2001 From: Ryan Tharp Date: Thu, 30 Jan 2020 14:25:15 -0800 Subject: [PATCH 4/5] add .loki to have a self-signed cert --- js/modules/loki_app_dot_net_api.js | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/js/modules/loki_app_dot_net_api.js b/js/modules/loki_app_dot_net_api.js index 0831a4028..cda65554e 100644 --- a/js/modules/loki_app_dot_net_api.js +++ b/js/modules/loki_app_dot_net_api.js @@ -4,6 +4,7 @@ dcodeIO, Buffer, lokiSnodeAPI, TextDecoder */ const nodeFetch = require('node-fetch'); const { URL, URLSearchParams } = require('url'); const FormData = require('form-data'); +const https = require('https'); // Can't be less than 1200 if we have unauth'd requests const PUBLICCHAT_MSG_POLL_EVERY = 1.5 * 1000; // 1.5s @@ -19,6 +20,10 @@ const MESSAGE_ATTACHMENT_TYPE = 'net.app.core.oembed'; const LOKI_ATTACHMENT_TYPE = 'attachment'; const LOKI_PREVIEW_TYPE = 'preview'; +const lokiHttpsAgent = new https.Agent({ + rejectUnauthorized: false, +}); + // the core ADN class that handles all communication with a specific server class LokiAppDotNetServerAPI { constructor(ourKey, url) { @@ -420,6 +425,11 @@ class LokiAppDotNetServerAPI { fetchOptions.body = rawBody; } fetchOptions.headers = new Headers(headers); + + // domain ends in .loki + if (url.match(/\.loki\//)) { + fetchOptions.agent = lokiHttpsAgent; + } } catch (e) { log.info('serverRequest set up error:', JSON.stringify(e)); return { From aee63c3eaea3f52f2f33ba03d2d8fcd46ca60603 Mon Sep 17 00:00:00 2001 From: Ryan Tharp Date: Mon, 3 Feb 2020 17:46:04 -0800 Subject: [PATCH 5/5] file proxy needs to be able to talk to snode - disable TLS check for fileProxy - lokiHttpsAgent => snodeHttpsAgent (since we use for two different things now) --- js/modules/loki_app_dot_net_api.js | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/js/modules/loki_app_dot_net_api.js b/js/modules/loki_app_dot_net_api.js index d21216a44..9e4a8299d 100644 --- a/js/modules/loki_app_dot_net_api.js +++ b/js/modules/loki_app_dot_net_api.js @@ -20,7 +20,7 @@ const MESSAGE_ATTACHMENT_TYPE = 'net.app.core.oembed'; const LOKI_ATTACHMENT_TYPE = 'attachment'; const LOKI_PREVIEW_TYPE = 'preview'; -const lokiHttpsAgent = new https.Agent({ +const snodeHttpsAgent = new https.Agent({ rejectUnauthorized: false, }); @@ -401,6 +401,8 @@ class LokiAppDotNetServerAPI { 'X-Loki-File-Server-Verb': 'POST', 'X-Loki-File-Server-Headers': JSON.stringify(finalRequestHeader), }, + // we are talking to a snode... + agent: snodeHttpsAgent, }; const result = await nodeFetch(url, firstHopOptions); @@ -463,7 +465,7 @@ class LokiAppDotNetServerAPI { // domain ends in .loki if (url.match(/\.loki\//)) { - fetchOptions.agent = lokiHttpsAgent; + fetchOptions.agent = snodeHttpsAgent; } } catch (e) { log.info('serverRequest set up error:', JSON.stringify(e));