From f05ff4d6e0d49590bd167851418a45f7105dd875 Mon Sep 17 00:00:00 2001 From: kj Date: Mon, 10 Feb 2020 11:34:23 -0400 Subject: [PATCH 1/3] Add SSL Certificates support. --- server.js | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/server.js b/server.js index 80f5cf52..67b2d9e0 100644 --- a/server.js +++ b/server.js @@ -3,6 +3,7 @@ const debug = require('debug')('bittorrent-tracker:server') const dgram = require('dgram') const EventEmitter = require('events') const http = require('http') +const https = require('https') const peerid = require('bittorrent-peerid') const series = require('run-series') const string2compact = require('string2compact') @@ -59,7 +60,12 @@ class Server extends EventEmitter { // start an http tracker unless the user explictly says no if (opts.http !== false) { - this.http = http.createServer() + // Use (ot not) SSL Certificate + if (typeof(opts.ssl)!="undefined"){ + this.http = https.createServer(opts.ssl) + } else { + this.http = http.createServer() + } this.http.on('error', err => { this._onError(err) }) this.http.on('listening', onListening) @@ -95,7 +101,12 @@ class Server extends EventEmitter { // start a websocket tracker (for WebTorrent) unless the user explicitly says no if (opts.ws !== false) { if (!this.http) { - this.http = http.createServer() + // Use (ot not) SSL Certificate + if (typeof(opts.ssl)!="undefined"){ + this.http = https.createServer(opts.ssl) + } else { + this.http = http.createServer() + } this.http.on('error', err => { this._onError(err) }) this.http.on('listening', onListening) @@ -130,7 +141,12 @@ class Server extends EventEmitter { if (opts.stats !== false) { if (!this.http) { - this.http = http.createServer() + // Use (ot not) SSL Certificate + if (typeof(opts.ssl)!="undefined"){ + this.http = https.createServer(opts.ssl) + } else { + this.http = http.createServer() + } this.http.on('error', err => { this._onError(err) }) this.http.on('listening', onListening) } From 8f3e08fb7c29575230e6489e2966a150206ddb04 Mon Sep 17 00:00:00 2001 From: kj Date: Mon, 10 Feb 2020 11:46:38 -0400 Subject: [PATCH 2/3] Update readme.md with SSL usage example. --- README.md | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) diff --git a/README.md b/README.md index 3e48a535..c04ff4c1 100644 --- a/README.md +++ b/README.md @@ -223,6 +223,57 @@ server.torrents[infoHash].peers The http server will handle requests for the following paths: `/announce`, `/scrape`. Requests for other paths will not be handled. +## Using HTTPS and WSS + +``` +var Server = require('bittorrent-tracker').Server +var fs = require('fs') + +var privateKey = fs.readFileSync('ssl-cert/privkey.pem'); +var certificate = fs.readFileSync('ssl-cert/fullchain.pem'); + +var server = new Server({ + udp: true, // enable udp server? [default=true] + http: true, // enable http server? [default=true] + ws: true, // enable websocket server? [default=true] + ssl: { + key: privateKey, + cert: certificate + }, + stats: true, // enable web-based statistics? [default=true] + filter: function (infoHash, params, cb) { + // Blacklist/whitelist function for allowing/disallowing torrents. If this option is + // omitted, all torrents are allowed. It is possible to interface with a database or + // external system before deciding to allow/deny, because this function is async. + + // It is possible to block by peer id (whitelisting torrent clients) or by secret + // key (private trackers). Full access to the original HTTP/UDP request parameters + // are available in `params`. + + // This example only allows one torrent. + + var allowed = (infoHash === 'aaa67059ed6bd08362da625b3ae77f6f4a075aaa') + if (allowed) { + // If the callback is passed `null`, the torrent will be allowed. + cb(null) + } else { + // If the callback is passed an `Error` object, the torrent will be disallowed + // and the error's `message` property will be given as the reason. + cb(new Error('disallowed torrent')) + } + } +}) + +server.on('listening', function () { + // fired when all requested servers are listening + console.log('listening on https port:' + server.http.address().port) + console.log('listening on wss port:' + server.ws.address().port) + console.log('listening on udp port:' + server.udp.address().port) +}) +``` + +The tracker will load with https:// and wss://, but no with http:// and ws://. + ## multi scrape Scraping multiple torrent info is possible with a static `Client.scrape` method: From f516e88d45c55963c6ab6d7f97d553bf50c82fd6 Mon Sep 17 00:00:00 2001 From: kj Date: Tue, 11 Feb 2020 09:12:24 -0400 Subject: [PATCH 3/3] Fix errors marked by The Travis CI. --- server.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/server.js b/server.js index 67b2d9e0..879ef6d6 100644 --- a/server.js +++ b/server.js @@ -61,7 +61,7 @@ class Server extends EventEmitter { // start an http tracker unless the user explictly says no if (opts.http !== false) { // Use (ot not) SSL Certificate - if (typeof(opts.ssl)!="undefined"){ + if (typeof opts.ssl !== 'undefined') { this.http = https.createServer(opts.ssl) } else { this.http = http.createServer() @@ -102,7 +102,7 @@ class Server extends EventEmitter { if (opts.ws !== false) { if (!this.http) { // Use (ot not) SSL Certificate - if (typeof(opts.ssl)!="undefined"){ + if (typeof opts.ssl !== 'undefined') { this.http = https.createServer(opts.ssl) } else { this.http = http.createServer() @@ -142,7 +142,7 @@ class Server extends EventEmitter { if (opts.stats !== false) { if (!this.http) { // Use (ot not) SSL Certificate - if (typeof(opts.ssl)!="undefined"){ + if (typeof opts.ssl !== 'undefined') { this.http = https.createServer(opts.ssl) } else { this.http = http.createServer()