13 var cluster = require(
'cluster');
14 var numCPUs = require(
"os").cpus().length;
15 var fs = require(
'fs');
16 var path_module = require(
'path');
17 var child_process = require(
'child_process');
19 var util = require(
'util');
20 var log_file = fs.createWriteStream(
'/tmp/xdaqproxy.' + process.env[
"USER"] +
'.log', { flags:
'a' });
21 var log_stdout = process.stdout;
23 var getversion =
function () {
24 console.log(
"Getting Server Version");
25 if (fs.existsSync(
"./version.txt")) {
26 console.log(
"Reading Server Version from File");
27 return "" + fs.readFileSync(
"./version.txt");
30 child_process.exec(
"git describe --tags",
function (error, stdout, stderr) {
31 version = stdout.trim() +
"-Git";
32 child_process.exec(
"git status --porcelain",
function (error, stdout) {
33 if (stdout.length > 0) {
40 var version = getversion();
43 listenhost:
"localhost",
45 xdaqhost:
"localhost",
48 function loadConfig() {
49 if (fs.existsSync(
"xdaq_config.json")) {
50 config = JSON.parse(fs.readFileSync(
"xdaq_config.json"));
52 fs.writeFileSync(
"xdaq_config.json", JSON.stringify(config));
55 if (config.hostname ===
"localhost" && cluster.isMaster) {
56 console.log(
"Listening only on localhost. To listen on a different address, set \"hostname\" in config.json.\nUse \"0.0.0.0\" to listen on all interfaces.");
62 console.log =
function (d) {
63 log_file.write(util.format(d) +
'\n');
64 log_stdout.write(util.format(d) +
'\n');
67 function LoadCerts(path) {
69 var files = fs.readdirSync(path);
70 for (var i = 0; i < files.length; i++) {
71 if (files[i].search(
".pem") > 0 || files[i].search(
".crt") > 0) {
72 output.push(fs.readFileSync(path +
"/" + files[i]));
78 function GetCILogonCRL(path) {
80 var file = fs.createWriteStream(path_module.join(path,
"cilogon-basic.r0"));
81 http.get(
"http://crl-cilogon.ncsa-security.net/cilogon-basic.r0",
function (res) { res.pipe(file); });
82 var file2 = fs.createWriteStream(path_module.join(path,
"cilogon-basic.crl"));
83 http.get(
"http://crl-cilogon.ncsa-security.net/cilogon-basic.crl",
function (res) { res.pipe(file2); });
86 function LoadCRLs(path) {
89 var files = fs.readdirSync(path);
90 for (var i = 0; i < files.length; i++) {
91 if (files[i].search(
".r0") > 0 || files[i].search(
".crl") > 0) {
92 output.push(fs.readFileSync(path +
"/" + files[i]));
100 if (cluster.isMaster) {
103 for (var i = 0; i < numCPUs; i++) {
105 var worker = cluster.fork();
109 cluster.on(
"exit",
function () {
110 var newWorker = cluster.fork();
114 var https = require(
'https');
115 var http = require(
'http');
116 var url = require(
'url');
118 console.log(
"Setting up options");
120 key: fs.readFileSync(
'./certs/server.key'),
121 cert: fs.readFileSync(
'./certs/server.crt'),
122 ca: LoadCerts(
"./certs/certificates"),
123 crl: LoadCRLs(
"./certs/certificates"),
125 rejectUnauthorized:
false
127 var authlist =
" " + fs.readFileSync(
"./certs/authorized_users");
128 console.log(
"Done setting up options");
131 var server = https.createServer(options,
function (req, res) {
132 var clientCertificate = req.connection.getPeerCertificate();
134 if (req.client.authorized) {
140 var username = clientCertificate.subject.CN[0];
141 useremail = clientCertificate.subjectaltname.substr(6);
142 if (authlist.search(username) > 0 || authlist.search(useremail) > 0) {
143 console.log(
"User: " + username +
" (" + useremail +
")");
147 if (req.url.search(/lid=\d+$/) > 0) {
148 req.url = req.url +
"/";
151 var thisurl = url.parse(req.url,
true);
152 console.log(
"Request path: " + thisurl.pathname);
153 if (useremail.length > 0 && thisurl.pathname !==
"/") {
154 thisurl.query.httpsUser = useremail;
156 var pathname = url.format(thisurl);
157 console.log(
"Adjusted path: " + pathname);
160 host: config.xdaqhost,
161 port: config.xdaqport,
163 headers: req.headers,
166 console.log(
"Request options: " + JSON.stringify(reqOptions));
167 var xreq = http.request(reqOptions,
function (xres) {
168 if (xres.statusCode >= 300 && xres.statusCode < 400 && xres.headers.location) {
169 console.log(
"Redirect detected. Going to " + xres.headers.location);
170 var redirUri = url.parse(xres.headers.location +
"/");
171 redirUri.hostname = config.listenhost;
172 redirUri.port = config.listenport;
173 redirUri.host = config.listenhost +
":" + config.listenport;
174 redirUri.protocol =
"https:";
175 var redirUrl = url.format(redirUri);
176 console.log(
"Redirect url adjusted to " + redirUrl);
177 res.writeHead(xres.statusCode, {
'location': redirUrl });
189 console.log(
"Listening on https://" + config.listenhost +
":" + config.listenport);
190 server.listen(config.listenport, config.listenhost);