keysigner

#!/usr/bin/env node

/* ***** BEGIN LICENSE BLOCK *****
 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
 *
 * The contents of this file are subject to the Mozilla Public License Version
 * 1.1 (the "License"); you may not use this file except in compliance with
 * the License. You may obtain a copy of the License at
 * http://www.mozilla.org/MPL/
 *
 * Software distributed under the License is distributed on an "AS IS" basis,
 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
 * for the specific language governing rights and limitations under the
 * License.
 *
 * The Original Code is Mozilla BrowserID.
 *
 * The Initial Developer of the Original Code is Mozilla.
 * Portions created by the Initial Developer are Copyright (C) 2011
 * the Initial Developer. All Rights Reserved.
 *
 * Contributor(s):
 *
 * Alternatively, the contents of this file may be used under the terms of
 * either the GNU General Public License Version 2 or later (the "GPL"), or
 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
 * in which case the provisions of the GPL or the LGPL are applicable instead
 * of those above. If you wish to allow use of your version of this file only
 * under the terms of either the GPL or the LGPL, and not to allow others to
 * use your version of this file under the terms of the MPL, indicate your
 * decision by deleting the provisions above and replace them with the notice
 * and other provisions required by the GPL or the LGPL. If you do not delete
 * the provisions above, a recipient may use your version of this file under
 * the terms of any one of the MPL, the GPL or the LGPL.
 *
 * ***** END LICENSE BLOCK ***** */

// I sign keys.  That's what I do.

const
path = require('path'),
express = require('express');

const
config = require('../lib/configuration.js'),
httputils = require('../lib/httputils.js'),
validate = require('../lib/validate.js'),
metrics = require('../lib/metrics.js'),
logger = require('../lib/logging.js').logger,
heartbeat = require('../lib/heartbeat'),
shutdown = require('../lib/shutdown'),
computecluster = require('compute-cluster');

// create an express server
var app = express.createServer();

// respond to health checks (before logging)
heartbeat.setup(app);

// our server will log
app.use(express.logger({
  format: config.get('express_log_format'),
  stream: {
    write: function(x) {
      logger.info(typeof x === 'string' ? x.trim() : x);
    }
  }
}));

var statsd_config = config.get('statsd');
if (statsd_config && statsd_config.enabled) {
  logger_statsd = require("connect-logger-statsd");
  app.use(logger_statsd({
    host: statsd_config.hostname || "localhost",
    port: statsd_config.port || 8125,
    prefix: statsd_config.prefix || "browserid.keysigner."
  }));
}

app.use(function(req, resp, next) {
  next();
});

// parse POST bodies
app.use(express.bodyParser());

// allocate a compute cluster
try {
  var cc = new computecluster({
    module: path.join(__dirname, "..", "lib", "keysigner", "subprocess.js"),
    max_processes: config.get('max_compute_processes')
  }).on('error', function(e) {
    logger.error("error detected in keysigning computation process!  fatal: " + e.toString());
    setTimeout(function() { process.exit(1); }, 0);
  }).on('info', function(msg) {
    logger.info("(compute cluster): " + msg);
  }).on('debug', function(msg) {
    logger.debug("(compute cluster): " + msg);
  });
} catch(e) {
  process.stderr.write("can't allocate compute cluster: " + e + "\n");
  process.exit(1);
}

// and our single function
app.post('/wsapi/cert_key', validate(["email", "pubkey"]), function(req, resp) {
  cc.enqueue({
    pubkey: req.body.pubkey,
    email: req.body.email
  }, function (err, r) {
    // consider "application" errors to be the same as harder errors
    if (!err && r && r.error) err = r.error;
    if (!r || !r.success) err = "no certificate returned from child process";
    if (err) {
      logger.error("certification generation error: " + err);
      httputils.serverError(resp, "certification generation error");
    } else {
      resp.writeHead(200, {'Content-Type': 'text/plain'});
      resp.write(r.success);
      resp.end();
    }
  });
});

// shutdown when code_update is invoked
shutdown.installUpdateHandler(app);

// shutdown nicely on signals
shutdown.handleTerminationSignals(app, function() {
  cc.exit();
});

var bindTo = config.get('bind_to');
app.listen(bindTo.port, bindTo.host, function() {
  logger.info("running on http://" + app.address().address + ":" + app.address().port);
});