hfs 0.49.0 → 0.49.2

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "hfs",
-  "version": "0.49.0",
+  "version": "0.49.2",
   "description": "HTTP File Server",
   "keywords": [
     "file server",

package/src/acme.js

@@ -21,7 +21,7 @@ const acmeListener = (req, res) => {
     var _a;
     const BASE = '/.well-known/acme-challenge/';
     if (!((_a = req.url) === null || _a === void 0 ? void 0 : _a.startsWith(BASE)))
-        return;
+        return res.end('HFS'); // to satisfy self-check with the temporary server
     const token = req.url.slice(BASE.length);
     console.debug("got http challenge", token);
     res.statusCode = cross_1.HTTP_OK;
@@ -35,23 +35,23 @@ const acmeMiddleware = (ctx, next) => {
 exports.acmeMiddleware = acmeMiddleware;
 async function generateSSLCert(domain, email) {
     // will answer challenge through our koa app (if on port 80) or must we spawn a dedicated server?
-    const { upnp, externalPort } = await (0, nat_1.getNatInfo)();
+    const nat = await (0, nat_1.getNatInfo)();
     const { http } = await (0, listen_1.getServerStatus)();
-    const tempSrv = externalPort === 80 || http.listening && http.port === 80 ? undefined : (0, http_1.createServer)(acmeListener);
+    const tempSrv = nat.externalPort === 80 || http.listening && http.port === 80 ? undefined : (0, http_1.createServer)(acmeListener);
     if (tempSrv)
-        await new Promise((resolve) => tempSrv.listen(80, resolve).on('error', (e) => {
+        await new Promise(resolve => tempSrv.listen(80, resolve).on('error', (e) => {
             console.debug("cannot listen on 80", e.code || e);
             resolve(); // go on anyway
         }));
     acmeMiddlewareEnabled = true;
     console.debug('acme challenge server ready');
+    let tempMap;
     try {
         const checkUrl = `http://${domain}`;
         let check = await (0, selfCheck_1.selfCheck)(checkUrl); // some check services may not consider the domain, but we already verified that
-        if (check && !check.success && upnp && externalPort !== 80) { // consider a short-lived mapping
+        if (check && !check.success && nat.upnp && !nat.mapped80) {
             console.debug("setting temporary port forward");
-            // @ts-ignore
-            await nat_1.upnpClient.createMapping({ private: 80, public: { host: '', port: 80 }, description: 'hfs temporary', ttl: 30 }).catch(() => { });
+            tempMap = await nat_1.upnpClient.createMapping({ private: 80, public: { host: '', port: 80 }, description: 'hfs temporary', ttl: 0 }).catch(() => { });
             check = await (0, selfCheck_1.selfCheck)(checkUrl); // repeat test
         }
         //if (!check) throw new ApiError(HTTP_FAILED_DEPENDENCY, "couldn't test port 80")
@@ -61,6 +61,7 @@ async function generateSSLCert(domain, email) {
             accountKey: await acme_client_1.default.crypto.createPrivateKey(),
             directoryUrl: acme_client_1.default.directory.letsencrypt.production
         });
+        acme_client_1.default.setLogger(console.debug);
         const [key, csr] = await acme_client_1.default.crypto.createCsr({ commonName: domain });
         const cert = await acmeClient.auto({
             csr,
@@ -68,17 +69,16 @@ async function generateSSLCert(domain, email) {
             challengePriority: ['http-01'],
             skipChallengeVerification: true,
             termsOfServiceAgreed: true,
-            async challengeCreateFn(_, c, ka) {
-                console.debug("producing challenge");
-                acmeTokens[c.token] = ka;
-            },
-            async challengeRemoveFn(_, c) {
-                delete acmeTokens[c.token];
-            },
+            async challengeCreateFn(_, c, ka) { acmeTokens[c.token] = ka; },
+            async challengeRemoveFn(_, c) { delete acmeTokens[c.token]; },
         });
         return { key, cert };
     }
     finally {
+        if (tempMap) {
+            console.debug("removing temporary port forward");
+            nat_1.upnpClient.removeMapping({ public: { host: '', port: 80 } }).catch(() => { });
+        }
         acmeMiddlewareEnabled = false;
         if (tempSrv)
             await new Promise(res => tempSrv.close(res));

package/src/adminApis.js

@@ -113,7 +113,7 @@ exports.adminApis = {
             version: const_1.VERSION,
             apiVersion: const_1.API_VERSION,
             compatibleApiVersion: const_1.COMPATIBLE_API_VERSION,
-            ...await (0, listen_1.getServerStatus)(),
+            ...await (0, listen_1.getServerStatus)(false),
             platform: process.platform,
             urls: await (0, listen_1.getUrls)(),
             ips: await (0, listen_1.getIps)(false),

package/src/block.js

@@ -10,7 +10,7 @@ const block = (0, config_1.defineConfig)('block', [], rules => {
     const ret = !Array.isArray(rules) ? []
         : (0, misc_1.onlyTruthy)(rules.map(rule => {
             rule.expire && (rule.expire = new Date(rule.expire));
-            return !(rule.expire > now) && (0, misc_1.makeNetMatcher)(rule.ip, true);
+            return !(rule.expire > now) && (0, misc_1.makeNetMatcher)(rule.ip);
         }));
     // reapply new block to existing connections
     for (const { socket, ip } of (0, connections_1.getConnections)())

package/src/const.js

@@ -42,7 +42,7 @@ exports.DEV = process.env.DEV || exports.argv.dev ? 'DEV' : '';
 exports.ORIGINAL_CWD = process.cwd();
 exports.HFS_STARTED = new Date();
 const PKG_PATH = (0, path_1.join)(__dirname, '..', 'package.json');
-exports.BUILD_TIMESTAMP = "2023-11-01T11:03:50.804Z";
+exports.BUILD_TIMESTAMP = "2023-11-06T09:23:00.007Z";
 const pkg = JSON.parse(fs.readFileSync(PKG_PATH, 'utf8'));
 exports.VERSION = pkg.version;
 exports.RUNNING_BETA = exports.VERSION.includes('-');

package/src/cross.js

@@ -18,7 +18,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.isWindowsDrive = exports.isIP = exports.isPrimitive = exports.formatTimestamp = exports.repeat = exports.asyncGeneratorToArray = exports.filterMapGenerator = exports.throw_ = exports.hasProp = exports.typedEntries = exports.typedKeys = exports.objRenameKey = exports.randomId = exports.getOrSet = exports.waitFor = exports.newObj = exports.removeStarting = exports.findDefined = exports.isOrderedEqual = exports.swap = exports.tryJson = exports.basename = exports.pendingPromise = exports._dbg = exports._log = exports.wantArray = exports.formatPerc = exports.with_ = exports.try_ = exports.setHidden = exports.onlyTruthy = exports.truthy = exports.enforceFinal = exports.objSameKeys = exports.haveTimeout = exports.wait = exports.prefix = exports.formatBytes = exports.isWhoObject = exports.PERM_KEYS = exports.defaultPerms = exports.WHO_ANY_ACCOUNT = exports.WHO_NO_ONE = exports.WHO_ANYONE = exports.MAX_TILES_SIZE = exports.DAY = exports.HOUR = exports.MINUTE = exports.WIKI_URL = exports.REPO_URL = void 0;
-exports.promiseBestEffort = exports.escapeHTML = exports.ipForUrl = exports.ipLocalHost = exports.xlate = exports.isEqualLax = void 0;
+exports.runAt = exports.promiseBestEffort = exports.escapeHTML = exports.ipForUrl = exports.ipLocalHost = exports.xlate = exports.isEqualLax = void 0;
 // This file is part of HFS - Copyright 2021-2023, Massimo Melina <a@rejetto.com> - License https://www.gnu.org/licenses/gpl-3.0.txt
 // all content here is shared between client and server
 const lodash_1 = __importDefault(require("lodash"));
@@ -312,3 +312,25 @@ async function promiseBestEffort(promises) {
     return res.filter(x => x.status === 'fulfilled').map((x) => x.value);
 }
 exports.promiseBestEffort = promiseBestEffort;
+function runAt(ts, cb) {
+    let cancel = false;
+    let t;
+    setTimeout(async () => {
+        if (missing() < 0)
+            return;
+        const max = 0x7FFFFFFF;
+        while (!cancel && missing() > max)
+            await wait(max);
+        if (cancel)
+            return;
+        t = setTimeout(cb, missing());
+        function missing() {
+            return ts - Date.now();
+        }
+    });
+    return () => {
+        cancel = true;
+        clearTimeout(t);
+    };
+}
+exports.runAt = runAt;

package/src/listen.js

@@ -118,9 +118,20 @@ const considerHttps = (0, misc_1.debounceAsync)(async () => {
             if (cn)
                 console.log("certificate loaded for", cn);
             const now = new Date();
-            httpsSrv.error = new Date(cert.validFrom) > now ? "certificate not valid yet"
-                : new Date(cert.validTo) < now ? "certificate expired"
-                    : undefined;
+            const from = new Date(cert.validFrom);
+            const to = new Date(cert.validTo);
+            updateError(); // error will change at from and to dates of the certificate
+            const cancelTo = (0, misc_1.runAt)(to.getTime(), updateError);
+            const cancelFrom = (0, misc_1.runAt)(from.getTime(), updateError);
+            httpsSrv.on('close', () => {
+                cancelTo();
+                cancelFrom();
+            });
+            function updateError() {
+                if (!httpsSrv)
+                    return;
+                httpsSrv.error = from > now ? "certificate not valid yet" : to < now ? "certificate expired" : undefined;
+            }
             const namesForOutput = { cert: 'certificate', private_key: 'private key' };
             const missing = (_c = httpsNeeds.find(x => !x.get())) === null || _c === void 0 ? void 0 : _c.key();
             if (missing)
@@ -247,7 +258,7 @@ function getCurrentPort(srv) {
     var _a;
     return (_a = srv === null || srv === void 0 ? void 0 : srv.address()) === null || _a === void 0 ? void 0 : _a.port;
 }
-async function getServerStatus() {
+async function getServerStatus(includeSrv = true) {
     return {
         http: await serverStatus(httpSrv, exports.portCfg.get()),
         https: await serverStatus(httpsSrv, exports.httpsPortCfg.get()),
@@ -260,7 +271,7 @@ async function getServerStatus() {
             busy,
             port: getCurrentPort(srv) || configuredPort,
             configuredPort,
-            srv,
+            srv: includeSrv ? srv : undefined,
         };
     }
 }

package/src/nat.js

@@ -85,6 +85,7 @@ exports.getNatInfo = (0, debounceAsync_1.debounceAsync)(async () => {
         publicIps: exports.defaultBaseUrl.publicIps = await gettingIps,
         externalIp: exports.defaultBaseUrl.externalIp,
         mapped,
+        mapped80: lodash_1.default.find(mappings, x => x.private.host === localIp && x.private.port === 80 && x.public.port === 80),
         internalPort,
         externalPort,
         proto: ((_c = status === null || status === void 0 ? void 0 : status.https) === null || _c === void 0 ? void 0 : _c.listening) ? 'https' : ((_d = status === null || status === void 0 ? void 0 : status.http) === null || _d === void 0 ? void 0 : _d.listening) ? 'http' : '',

package/src/selfCheck.js

@@ -10,51 +10,41 @@ const net_1 = require("net");
 const lodash_1 = __importDefault(require("lodash"));
 const cross_1 = require("./cross");
 const util_http_1 = require("./util-http");
-let selfCheckMiddlewareEnabled = false;
 const CHECK_URL = cross_const_1.SPECIAL_URI + 'self-check';
-const selfCheckMiddleware = (ctx, next) => {
-    if (!selfCheckMiddlewareEnabled || !ctx.url.startsWith(CHECK_URL))
-        return next();
-    ctx.body = 'HFS';
-};
+const selfCheckMiddleware = (ctx, next) => // koa format
+ ctx.url.startsWith(CHECK_URL) ? ctx.body = 'HFS' : next();
 exports.selfCheckMiddleware = selfCheckMiddleware;
 async function selfCheck(url) {
     var _a;
     const prjInfo = await (0, github_1.getProjectInfo)();
     console.log(`checking server ${url}`);
-    selfCheckMiddlewareEnabled = true;
-    try {
-        const parsed = new URL(url);
-        const family = !(0, net_1.isIP)(parsed.hostname) ? undefined : (0, net_1.isIPv6)(parsed.hostname) ? 6 : 4;
-        for (const services of lodash_1.default.chunk(lodash_1.default.shuffle(prjInfo.selfCheckServices), 2)) {
-            try {
-                return await Promise.any(services.map(async (svc) => {
-                    if (!svc.url || svc.type)
-                        throw 'unsupported ' + svc.type; // only default type supported for now
-                    let { url: serviceUrl, body, regexpSuccess, regexpFailure, ...rest } = svc;
-                    const service = new URL(serviceUrl).hostname;
-                    console.log('trying external service', service);
-                    body = applySymbols(body);
-                    serviceUrl = applySymbols(serviceUrl);
-                    const res = await (0, cross_1.haveTimeout)(10000, (0, util_http_1.httpString)(serviceUrl, { family, ...rest, body }));
-                    const success = new RegExp(regexpSuccess).test(res);
-                    const failure = new RegExp(regexpFailure).test(res);
-                    if (success === failure)
-                        throw 'inconsistent: ' + service + ': ' + res; // this result cannot be trusted
-                    console.debug(service, 'responded', success);
-                    return { success, service, url };
-                }));
-            }
-            catch (e) {
-                console.debug(((_a = e === null || e === void 0 ? void 0 : e.errors) === null || _a === void 0 ? void 0 : _a.map(String)) || (e === null || e === void 0 ? void 0 : e.cause) || String(e));
-            }
+    const parsed = new URL(url);
+    const family = !(0, net_1.isIP)(parsed.hostname) ? undefined : (0, net_1.isIPv6)(parsed.hostname) ? 6 : 4;
+    for (const services of lodash_1.default.chunk(lodash_1.default.shuffle(prjInfo.selfCheckServices), 2)) {
+        try {
+            return await Promise.any(services.map(async (svc) => {
+                if (!svc.url || svc.type)
+                    throw 'unsupported ' + svc.type; // only default type supported for now
+                let { url: serviceUrl, body, regexpSuccess, regexpFailure, ...rest } = svc;
+                const service = new URL(serviceUrl).hostname;
+                console.log('trying external service', service);
+                body = applySymbols(body);
+                serviceUrl = applySymbols(serviceUrl);
+                const res = await (0, cross_1.haveTimeout)(6000, (0, util_http_1.httpString)(serviceUrl, { family, ...rest, body }));
+                const success = new RegExp(regexpSuccess).test(res);
+                const failure = new RegExp(regexpFailure).test(res);
+                if (success === failure)
+                    throw 'inconsistent: ' + service + ': ' + res; // this result cannot be trusted
+                console.debug(service, 'responded', success);
+                return { success, service, url };
+            }));
         }
-        function applySymbols(s) {
-            return s === null || s === void 0 ? void 0 : s.replace('$IP', parsed.hostname).replace('$PORT', parsed.port || (parsed.protocol === 'https:' ? '443' : '80')).replace('$URL', url.replace(/\/$/, '') + CHECK_URL);
+        catch (e) {
+            console.debug(((_a = e === null || e === void 0 ? void 0 : e.errors) === null || _a === void 0 ? void 0 : _a.map(String)) || (e === null || e === void 0 ? void 0 : e.cause) || String(e));
         }
     }
-    finally {
-        selfCheckMiddlewareEnabled = false;
+    function applySymbols(s) {
+        return s === null || s === void 0 ? void 0 : s.replace('$IP', parsed.hostname).replace('$PORT', parsed.port || (parsed.protocol === 'https:' ? '443' : '80')).replace('$URL', url.replace(/\/$/, '') + CHECK_URL);
     }
 }
 exports.selfCheck = selfCheck;