crabapples
/
websockify
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

websockify.js: add encrypted HTTPS/WSS support. 

This works a bit differently than python websockify implementation
since the server either runs in HTTP or in HTTPS and both web and
websocket servers only support the same mode. Specifying the --cert
parameter activates encrypted HTTPS/WSS mode.
This commit is contained in:
Joel Martin 2012-10-29 16:59:46 -05:00
parent 16691395e0
commit a670af376e
1 changed files with 29 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
other/websockify.js
View File

@ -20,6 +20,7 @@
var argv = require('optimist').argv, var argv = require('optimist').argv,
net = require('net'), net = require('net'),
http = require('http'), http = require('http'),
https = require('https'),
url = require('url'), url = require('url'),
path = require('path'), path = require('path'),
fs = require('fs'), fs = require('fs'),
@ -29,7 +30,7 @@ var argv = require('optimist').argv,
Buffer = require('buffer').Buffer, Buffer = require('buffer').Buffer,
WebSocketServer = require('ws').Server, WebSocketServer = require('ws').Server,
httpServer, wsServer, webServer, wsServer,
source_host, source_port, target_host, target_port, source_host, source_port, target_host, target_port,
web_path = null; web_path = null;
@ -124,6 +125,20 @@ http_request = function (request, response) {
}); });
}; };
// Select 'binary' or 'base64' subprotocol, preferring 'binary'
selectProtocol = function(protocols, callback) {
var plist = protocols ? protocols.split(',') : "";
var plist = protocols.split(',');
if (plist.indexOf('binary') >= 0) {
callback(true, 'binary');
} else if (plist.indexOf('base64') >= 0) {
callback(true, 'base64');
} else {
console.log("Client must support 'binary' or 'base64' protocol");
callback(false);
}
}
// parse source and target arguments into parts // parse source and target arguments into parts
try { try {
source_arg = argv._[0].toString(); source_arg = argv._[0].toString();
@ -150,7 +165,7 @@ try {
throw("illegal port"); throw("illegal port");
} }
} catch(e) { } catch(e) {
console.error("websockify.js [--web web_dir] [source_addr:]source_port target_addr:target_port"); console.error("websockify.js [--web web_dir] [--cert cert.pem [--key key.pem]] [source_addr:]source_port target_addr:target_port");
process.exit(2); process.exit(2);
} }
@ -161,25 +176,21 @@ if (argv.web) {
console.log(" - Web server active. Serving: " + argv.web); console.log(" - Web server active. Serving: " + argv.web);
} }
function selectProtocol(protocols, callback) { if (argv.cert) {
var plist = protocols ? protocols.split(',') : ""; argv.key = argv.key || argv.cert;
var plist = protocols.split(','); var cert = fs.readFileSync(argv.cert),
if (plist.indexOf('binary') >= 0) { key = fs.readFileSync(argv.key);
callback(true, 'binary'); console.log(" - Running in encrypted HTTPS (wss://) mode using: " + argv.cert + ", " + argv.key);
} else if (plist.indexOf('base64') >= 0) { webServer = https.createServer({cert: cert, key: key}, http_request);
callback(true, 'base64'); } else {
} else { console.log(" - Running in unencrypted HTTP (ws://) mode");
console.log("Client must support 'binary' or 'base64' protocol"); webServer = http.createServer(http_request);
callback(false);
}
} }
webServer.listen(source_port, function() {
httpServer = http.createServer(http_request); wsServer = new WebSocketServer({server: webServer,
httpServer.listen(source_port, function() {
wsServer = new WebSocketServer({server: httpServer,
handleProtocols: selectProtocol}); handleProtocols: selectProtocol});
wsServer.on('connection', new_client); wsServer.on('connection', new_client);
}); });
// Attach Flash policyfile answer service // Attach Flash policyfile answer service
policyfile.createServer().listen(-1, httpServer); policyfile.createServer().listen(-1, webServer);