Merge pull request #759 from neuroscr/tls-fix

Move disable TLS rejection to only lokiRpc
2023-12-14 02:12:57 +01:00 · 2020-02-03 18:28:48 -08:00 · 2020-02-03 18:28:48 -08:00 · d0cc5a57f8
commit d0cc5a57f8
parent 5ace897e03 aee63c3eae
3 changed files with 20 additions and 3 deletions
--- a/js/modules/loki_app_dot_net_api.js
+++ b/js/modules/loki_app_dot_net_api.js
@ -4,6 +4,7 @@ dcodeIO, Buffer, lokiSnodeAPI, TextDecoder */
 const nodeFetch = require('node-fetch');
 const { URL, URLSearchParams } = require('url');
 const FormData = require('form-data');
+const https = require('https');

 // Can't be less than 1200 if we have unauth'd requests
 const PUBLICCHAT_MSG_POLL_EVERY = 1.5 * 1000; // 1.5s
@ -19,6 +20,10 @@ const MESSAGE_ATTACHMENT_TYPE = 'net.app.core.oembed';
 const LOKI_ATTACHMENT_TYPE = 'attachment';
 const LOKI_PREVIEW_TYPE = 'preview';

+const snodeHttpsAgent = new https.Agent({
+  rejectUnauthorized: false,
+});
+
 // the core ADN class that handles all communication with a specific server
 class LokiAppDotNetServerAPI {
  constructor(ourKey, url) {
@ -396,6 +401,8 @@ class LokiAppDotNetServerAPI {
        'X-Loki-File-Server-Verb': 'POST',
        'X-Loki-File-Server-Headers': JSON.stringify(finalRequestHeader),
      },
+      // we are talking to a snode...
+      agent: snodeHttpsAgent,
    };
    const result = await nodeFetch(url, firstHopOptions);

@ -455,6 +462,11 @@ class LokiAppDotNetServerAPI {
        fetchOptions.body = rawBody;
      }
      fetchOptions.headers = headers;
+
+      // domain ends in .loki
+      if (url.match(/\.loki\//)) {
+        fetchOptions.agent = snodeHttpsAgent;
+      }
    } catch (e) {
      log.info('serverRequest set up error:', JSON.stringify(e));
      return {
--- a/js/modules/loki_rpc.js
+++ b/js/modules/loki_rpc.js
@ -2,8 +2,13 @@
  libsignal, window, TextDecoder, TextEncoder, dcodeIO */

 const nodeFetch = require('node-fetch');
+const https = require('https');
 const { parse } = require('url');

+const snodeHttpsAgent = new https.Agent({
+  rejectUnauthorized: false,
+});
+
 const LOKI_EPHEMKEY_HEADER = 'X-Loki-EphemKey';
 const endpointBase = '/storage_rpc/v1';

@ -115,6 +120,9 @@ const lokiFetch = async (url, options = {}, targetNode = null) => {
    timeout,
    method,
  };
+  if (url.match(/https:\/\//)) {
+    fetchOptions.agent = snodeHttpsAgent;
+  }

  try {
    if (window.lokiFeatureFlags.useSnodeProxy && targetNode) {
--- a/preload.js
+++ b/preload.js
@ -75,9 +75,6 @@ window.versionInfo = {
  appInstance: window.getAppInstance(),
 };

-// temporary clearnet fix
-process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
-
 window.wrapDeferred = deferredToPromise;

 const ipc = electron.ipcRenderer;