Skip to content

Commit 9669935

Browse files
FrancYescOFrancYescO
committed
implement https support for acs
1 parent 3f9c61f commit 9669935

File tree

7 files changed

+728
-46
lines changed

7 files changed

+728
-46
lines changed

dist/http/index.js

Lines changed: 123 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,17 @@
1-
var Duplex, args, createServer, cwmp, existsSync, file, path, readFileSync, ref, route, statSync;
1+
var ACME, Duplex, args, createHttpsServer, createServer, cwmp, duckdns, existsSync, file, path, readFileSync, ref, route, statSync;
22

33
Duplex = require('stream').Duplex;
44

55
createServer = require('http').createServer;
66

7+
createHttpsServer = require('https').createServer;
8+
79
ref = require('fs'), readFileSync = ref.readFileSync, existsSync = ref.existsSync, statSync = ref.statSync;
810

11+
ACME = require('@root/acme');
12+
13+
duckdns = require('acme-dns-01-duckdns');
14+
915
path = require('path');
1016

1117
file = require('./file');
@@ -17,7 +23,7 @@ args = require('../args');
1723
cwmp = require('./cwmp');
1824

1925
module.exports = function(ip, port, url) {
20-
var e, srv;
26+
var acme, dns01, domain, e, srv;
2127
if (args.file) {
2228
file.name = path.basename(args.file);
2329
try {
@@ -43,30 +49,128 @@ module.exports = function(ip, port, url) {
4349
stream = new Duplex();
4450
stream.push(file.data);
4551
stream.push(null);
46-
return stream.pipe(res);
47-
}).get('/done', function(req, res) {
52+
stream.pipe(res).get('/done', function(req, res) {});
4853
console.log('>>> WPS CALLBACK');
4954
console.log("\n\nAll done,\n\n- change network card settings back to dhcp and move the cable back to a lan port\n- try ssh connection to the gateways ip (usually 192.168.0.1) with username root and password root (change password immediately with passwd!)\n\nssh root@192.168.0.1");
5055
setTimeout(function() {
5156
return process.exit(1);
5257
}, 20000);
5358
res.writeHead(200);
54-
return res.end();
55-
}).post('/', cwmp(url));
56-
srv = createServer(route);
57-
srv.keepAliveTimeout = 30000;
58-
srv.on('error', function(e) {
59-
var ref1;
60-
if ((ref1 = e.code) === 'EADDRINUSE' || ref1 === 'EADDRNOTAVAIL') {
61-
console.log(e.code + ', retrying...');
62-
return setTimeout(function() {
63-
srv.close();
64-
return srv.listen(port);
65-
}, 1000);
59+
return res.end().post('/', cwmp(url));
60+
});
61+
if (url.indexOf("https://") !== -1) {
62+
domain = new URL(url).hostname;
63+
if (args.duckdnstoken) {
64+
dns01 = duckdns.create({
65+
baseUrl: 'https://www.duckdns.org/update',
66+
token: args.duckdnstoken
67+
});
68+
console.log("Requesting HTTPS certificate to LE via duckdns...");
69+
require('http-request').get('https://www.duckdns.org/update?domains=' + domain + '&token=' + args.duckdnstoken + '&ip=' + ip, function(err, res) {
70+
if (err) {
71+
return console.log("Error updating duckdns domain IP!!!");
72+
}
73+
});
6674
} else {
67-
return console.error(e);
75+
console.log("No duckdns token!!");
6876
}
69-
});
70-
srv.listen(port);
77+
acme = ACME.create({
78+
maintainerEmail: 'test@gmail.com',
79+
packageAgent: 'tch-exploit/v1.0'
80+
});
81+
acme.init('https://acme-v02.api.letsencrypt.org/directory').then(function(r) {
82+
var Keypairs;
83+
Keypairs = require('@root/keypairs');
84+
return Keypairs.generate({
85+
kty: 'EC',
86+
format: 'jwk'
87+
}).then(function(accountKeypair) {
88+
return acme.accounts.create({
89+
subscriberEmail: 'test1@gmail.com',
90+
agreeToTerm: true,
91+
accountKey: accountKeypair["private"]
92+
}).then(function(account) {
93+
return Keypairs.generate({
94+
kty: 'RSA',
95+
format: 'jwk'
96+
}).then(function(serverKeypair) {
97+
return Keypairs["export"]({
98+
jwk: serverKeypair["private"]
99+
}).then(function(privateKey) {
100+
var CSR, PEM, punycode;
101+
CSR = require('@root/csr');
102+
PEM = require('@root/pem');
103+
punycode = require('punycode');
104+
return CSR.csr({
105+
jwk: serverKeypair["private"],
106+
domains: [punycode.toASCII(domain)],
107+
encoding: 'der'
108+
}).then(function(csrDer) {
109+
var csr;
110+
csr = PEM.packBlock({
111+
type: 'CERTIFICATE REQUEST',
112+
bytes: csrDer
113+
});
114+
return acme.certificates.create({
115+
account: account,
116+
accountKey: accountKeypair["private"],
117+
csr: csr,
118+
domains: [domain],
119+
challenges: {
120+
'dns-01': dns01
121+
}
122+
}).then(function(pems) {
123+
var srv;
124+
console.log("HTTPS certificate received!");
125+
console.log(privateKey);
126+
console.log("Cert:");
127+
console.log(pems.chain);
128+
srv = createHttpsServer(route);
129+
srv.options = {
130+
key: privateKey,
131+
cert: pems.chain
132+
};
133+
if (port === 80) {
134+
port = 443;
135+
}
136+
srv.keepAliveTimeout = 30000;
137+
srv.on('error', function(e) {
138+
var ref1;
139+
if ((ref1 = e.code) === 'EADDRINUSE' || ref1 === 'EADDRNOTAVAIL') {
140+
console.log(e.code + ', retrying...');
141+
return setTimeout(function() {
142+
srv.close();
143+
return srv.listen(port);
144+
}, 1000);
145+
} else {
146+
return console.error(e);
147+
}
148+
});
149+
srv.listen(port);
150+
return console.log("Started HTTPS server...");
151+
});
152+
});
153+
});
154+
});
155+
});
156+
});
157+
});
158+
} else {
159+
srv = createServer(route);
160+
srv.keepAliveTimeout = 30000;
161+
srv.on('error', function(e) {
162+
var ref1;
163+
if ((ref1 = e.code) === 'EADDRINUSE' || ref1 === 'EADDRNOTAVAIL') {
164+
console.log(e.code + ', retrying...');
165+
return setTimeout(function() {
166+
srv.close();
167+
return srv.listen(port);
168+
}, 1000);
169+
} else {
170+
return console.error(e);
171+
}
172+
});
173+
srv.listen(port);
174+
}
71175
return srv;
72176
};

0 commit comments

Comments
 (0)