diff options
| author | Robert Newson <rnewson@apache.org> | 2010-07-26 17:21:30 +0000 |
|---|---|---|
| committer | Robert Newson <rnewson@apache.org> | 2010-07-26 17:21:30 +0000 |
| commit | 4b0948ddb3a428f8a5330e05745b2fbd4ccf9375 (patch) | |
| tree | 5ab1dde286028653d5569ceae6dfc883fa365b7a /share/www | |
| parent | cd214b23e8129868d4a7020ddafd55a16e496652 (diff) | |
Add SSL support to CouchDB.
To enable SSL you need to do three things;
1) enable the httpsd daemon in local.ini (you can just uncomment the line).
2) supply your PEM-encoded cert and key files in the [ssl] section.
3) start CouchDB.
CouchDB will now, in addition to handling HTTP on port 5984, accept SSL connections on port 6984.
The patch itself adds SSL support by updating the local version of Mochiweb to the latest. The upstream release includes our local tweak to support large numbers and to handle Accept-Encoding headers. Our local Mochiweb fork changed the default idle timeout from 10 seconds to 5 minutes, and it was agreed on #irc to revert this change.
The only tweaks to Mochiweb were in mochiweb.app.src (to record the git commit I built from) and the removal of Makefile (replaced by Makefile.am).
Futon received many tweaks as we have 'http://' hardcoded all over. All such instances now use window.location.protocol + '//'.
CouchDB received a tweak to use the right scheme in couch_httpd:absolute_uri (it now gets it from the Mochireq and not mochiweb_socket_server).
git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@979368 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'share/www')
| -rw-r--r-- | share/www/script/couch.js | 3 | ||||
| -rw-r--r-- | share/www/script/jspec/jspec.js | 2 | ||||
| -rw-r--r-- | share/www/script/test/basics.js | 12 | ||||
| -rw-r--r-- | share/www/script/test/config.js | 11 | ||||
| -rw-r--r-- | share/www/script/test/http.js | 6 | ||||
| -rw-r--r-- | share/www/script/test/oauth.js | 28 | ||||
| -rw-r--r-- | share/www/script/test/replication.js | 26 | ||||
| -rw-r--r-- | share/www/script/test/security_validation.js | 8 |
8 files changed, 52 insertions, 44 deletions
diff --git a/share/www/script/couch.js b/share/www/script/couch.js index 33fd82ba..9c81605a 100644 --- a/share/www/script/couch.js +++ b/share/www/script/couch.js @@ -402,7 +402,8 @@ CouchDB.request = function(method, uri, options) { options.headers["Content-Type"] = options.headers["Content-Type"] || options.headers["content-type"] || "application/json"; options.headers["Accept"] = options.headers["Accept"] || options.headers["accept"] || "application/json"; var req = CouchDB.newXhr(); - if(uri.substr(0, "http://".length) != "http://") { + var proto = window.location.protocol + "//"; + if(uri.substr(0, proto.length) != proto) { uri = CouchDB.urlPrefix + uri } req.open(method, uri, false); diff --git a/share/www/script/jspec/jspec.js b/share/www/script/jspec/jspec.js index d6daf5ef..b2ea4768 100644 --- a/share/www/script/jspec/jspec.js +++ b/share/www/script/jspec/jspec.js @@ -87,7 +87,7 @@ */ Server : function(results, options) { - var uri = options.uri || 'http://' + window.location.host + '/results' + var uri = options.uri || window.location.protocol + "//" + window.location.host + '/results' JSpec.post(uri, { stats: JSpec.stats, options: options, diff --git a/share/www/script/test/basics.js b/share/www/script/test/basics.js index 6a3ae471..5b608b84 100644 --- a/share/www/script/test/basics.js +++ b/share/www/script/test/basics.js @@ -37,9 +37,9 @@ couchTests.basics = function(debug) { TEquals(dbname, xhr.getResponseHeader("Location").substr(-dbname.length), "should return Location header to newly created document"); - - TEquals("http://", - xhr.getResponseHeader("Location").substr(0, 7), + var expected = window.location.protocol + "//"; + TEquals(expected, + xhr.getResponseHeader("Location").substr(0, expected.length), "should return absolute Location header to newly created document"); }); @@ -181,9 +181,9 @@ couchTests.basics = function(debug) { TEquals("/test_suite_db/newdoc", xhr.getResponseHeader("Location").substr(-21), "should return Location header to newly created document"); - - TEquals("http://", - xhr.getResponseHeader("Location").substr(0, 7), + var expected = window.location.protocol + "//"; + TEquals(expected, + xhr.getResponseHeader("Location").substr(0, expected.length), "should return absolute Location header to newly created document"); // deleting a non-existent doc should be 404 diff --git a/share/www/script/test/config.js b/share/www/script/test/config.js index 58e32776..3cba360d 100644 --- a/share/www/script/test/config.js +++ b/share/www/script/test/config.js @@ -28,8 +28,8 @@ couchTests.config = function(debug) { Overengineering FTW. */ var server_port = CouchDB.host.split(':'); + var proto = window.location.protocol; if(server_port.length == 1 && CouchDB.inBrowser) { - var proto = window.location.protocol; if(proto == "http:") { port = 80; } @@ -40,8 +40,15 @@ couchTests.config = function(debug) { port = server_port.pop(); } + if(proto == "http:") { + config_port = config.httpd.port; + } + if(proto == "https:") { + config_port = config.ssl.port; + } + if(port) { - T(config.httpd.port == port); + TEquals(config_port, port, "ports should match"); } T(config.couchdb.database_dir); diff --git a/share/www/script/test/http.js b/share/www/script/test/http.js index 8a2e09b8..39f58491 100644 --- a/share/www/script/test/http.js +++ b/share/www/script/test/http.js @@ -25,7 +25,7 @@ couchTests.http = function(debug) { var xhr = CouchDB.request("PUT", "/test_suite_db/test", {body: "{}"}); var host = CouchDB.host; - TEquals("http://" + host + "/test_suite_db/test", + TEquals(window.location.protocol + "//" + host + "/test_suite_db/test", xhr.getResponseHeader("Location"), "should include ip address"); @@ -34,7 +34,7 @@ couchTests.http = function(debug) { headers: {"X-Forwarded-Host": "mysite.com"} }); - TEquals("http://mysite.com/test_suite_db/test2", + TEquals(window.location.protocol + "//" + "mysite.com/test_suite_db/test2", xhr.getResponseHeader("Location"), "should include X-Forwarded-Host"); @@ -47,7 +47,7 @@ couchTests.http = function(debug) { body: "{}", headers: {"X-Host": "mysite2.com"} }); - TEquals("http://mysite2.com/test_suite_db/test3", + TEquals(window.location.protocol + "//" + "mysite2.com/test_suite_db/test3", xhr.getResponseHeader("Location"), "should include X-Host"); }); diff --git a/share/www/script/test/oauth.js b/share/www/script/test/oauth.js index b439b4db..e5a6e1fc 100644 --- a/share/www/script/test/oauth.js +++ b/share/www/script/test/oauth.js @@ -71,7 +71,7 @@ couchTests.oauth = function(debug) { var host = CouchDB.host; var dbPair = { source: { - url: "http://" + host + "/test_suite_db_a", + url: window.location.protocol + "//" + host + "/test_suite_db_a", auth: { oauth: { consumer_key: "key", @@ -82,7 +82,7 @@ couchTests.oauth = function(debug) { } }, target: { - url: "http://" + host + "/test_suite_db_b", + url: window.location.protocol + "//" + host + "/test_suite_db_b", headers: {"Authorization": adminBasicAuthHeaderValue()} } }; @@ -90,7 +90,7 @@ couchTests.oauth = function(debug) { // this function will be called on the modified server var testFun = function () { try { - CouchDB.request("PUT", "http://" + host + "/_config/admins/testadmin", { + CouchDB.request("PUT", window.location.protocol + "//" + host + "/_config/admins/testadmin", { headers: {"X-Couch-Persist": "false"}, body: JSON.stringify(testadminPassword) }); @@ -98,7 +98,7 @@ couchTests.oauth = function(debug) { waitForSuccess(function() { //loop until the couch server has processed the password i += 1; - var xhr = CouchDB.request("GET", "http://" + host + "/_config/admins/testadmin?foo="+i,{ + var xhr = CouchDB.request("GET", window.location.protocol + "//" + host + "/_config/admins/testadmin?foo="+i,{ headers: { "Authorization": adminBasicAuthHeaderValue() }}); @@ -109,7 +109,7 @@ couchTests.oauth = function(debug) { CouchDB.newUuids(2); // so we have one to make the salt - CouchDB.request("PUT", "http://" + host + "/_config/couch_httpd_auth/require_valid_user", { + CouchDB.request("PUT", window.location.protocol + "//" + host + "/_config/couch_httpd_auth/require_valid_user", { headers: { "X-Couch-Persist": "false", "Authorization": adminBasicAuthHeaderValue() @@ -157,11 +157,11 @@ couchTests.oauth = function(debug) { }; // Get request token via Authorization header - xhr = oauthRequest("GET", "http://" + host + "/_oauth/request_token", message, accessor); + xhr = oauthRequest("GET", window.location.protocol + "//" + host + "/_oauth/request_token", message, accessor); T(xhr.status == expectedCode); // GET request token via query parameters - xhr = oauthRequest("GET", "http://" + host + "/_oauth/request_token", message, accessor); + xhr = oauthRequest("GET", window.location.protocol + "//" + host + "/_oauth/request_token", message, accessor); T(xhr.status == expectedCode); responseMessage = OAuth.decodeForm(xhr.responseText); @@ -171,7 +171,7 @@ couchTests.oauth = function(debug) { //xhr = CouchDB.request("GET", authorization_url + '?oauth_token=' + responseMessage.oauth_token); //T(xhr.status == expectedCode); - xhr = oauthRequest("GET", "http://" + host + "/_session", message, accessor); + xhr = oauthRequest("GET", window.location.protocol + "//" + host + "/_session", message, accessor); T(xhr.status == expectedCode); if (xhr.status == expectedCode == 200) { data = JSON.parse(xhr.responseText); @@ -179,11 +179,11 @@ couchTests.oauth = function(debug) { T(data.roles[0] == "test"); } - xhr = oauthRequest("GET", "http://" + host + "/_session?foo=bar", message, accessor); + xhr = oauthRequest("GET", window.location.protocol + "//" + host + "/_session?foo=bar", message, accessor); T(xhr.status == expectedCode); // Test HEAD method - xhr = oauthRequest("HEAD", "http://" + host + "/_session?foo=bar", message, accessor); + xhr = oauthRequest("HEAD", window.location.protocol + "//" + host + "/_session?foo=bar", message, accessor); T(xhr.status == expectedCode); // Replication @@ -207,7 +207,7 @@ couchTests.oauth = function(debug) { oauth_version: "1.0" } }; - xhr = oauthRequest("GET", "http://" + host + "/_session?foo=bar", message, adminAccessor); + xhr = oauthRequest("GET", window.location.protocol + "//" + host + "/_session?foo=bar", message, adminAccessor); if (xhr.status == expectedCode == 200) { data = JSON.parse(xhr.responseText); T(data.name == "testadmin"); @@ -216,13 +216,13 @@ couchTests.oauth = function(debug) { // Test when the user's token doesn't exist. message.parameters.oauth_token = "not a token!"; - xhr = oauthRequest("GET", "http://" + host + "/_session?foo=bar", + xhr = oauthRequest("GET", window.location.protocol + "//" + host + "/_session?foo=bar", message, adminAccessor); T(xhr.status == 400, "Request should be invalid."); } } } finally { - var xhr = CouchDB.request("PUT", "http://" + host + "/_config/couch_httpd_auth/require_valid_user", { + var xhr = CouchDB.request("PUT", window.location.protocol + "//" + host + "/_config/couch_httpd_auth/require_valid_user", { headers: { "Authorization": adminBasicAuthHeaderValue(), "X-Couch-Persist": "false" @@ -231,7 +231,7 @@ couchTests.oauth = function(debug) { }); T(xhr.status == 200); - var xhr = CouchDB.request("DELETE", "http://" + host + "/_config/admins/testadmin", { + var xhr = CouchDB.request("DELETE", window.location.protocol + "//" + host + "/_config/admins/testadmin", { headers: { "Authorization": adminBasicAuthHeaderValue(), "X-Couch-Persist": "false" diff --git a/share/www/script/test/replication.js b/share/www/script/test/replication.js index d2b3164b..7a23e7d3 100644 --- a/share/www/script/test/replication.js +++ b/share/www/script/test/replication.js @@ -17,11 +17,11 @@ couchTests.replication = function(debug) { {source:"test_suite_db_a", target:"test_suite_db_b"}, {source:"test_suite_db_a", - target:"http://" + host + "/test_suite_db_b"}, - {source:"http://" + host + "/test_suite_db_a", + target:window.location.protocol + "//" + host + "/test_suite_db_b"}, + {source:window.location.protocol + "//" + host + "/test_suite_db_a", target:"test_suite_db_b"}, - {source:"http://" + host + "/test_suite_db_a", - target:"http://" + host + "/test_suite_db_b"} + {source:window.location.protocol + "//" + host + "/test_suite_db_a", + target:window.location.protocol + "//" + host + "/test_suite_db_b"} ] var dbA = new CouchDB("test_suite_db_a", {"X-Couch-Full-Commit":"false"}); var dbB = new CouchDB("test_suite_db_b", {"X-Couch-Full-Commit":"false"}); @@ -296,7 +296,7 @@ couchTests.replication = function(debug) { // remote dbB.deleteDb(); - CouchDB.replicate(dbA.name, "http://" + CouchDB.host + "/test_suite_db_b", { + CouchDB.replicate(dbA.name, window.location.protocol + "//" + CouchDB.host + "/test_suite_db_b", { body: {"create_target": true} }); TEquals("test_suite_db_b", dbB.info().db_name, @@ -372,11 +372,11 @@ couchTests.replication = function(debug) { {source:"test_suite_rep_docs_db_a", target:"test_suite_rep_docs_db_b"}, {source:"test_suite_rep_docs_db_a", - target:"http://" + host + "/test_suite_rep_docs_db_b"}, - {source:"http://" + host + "/test_suite_rep_docs_db_a", + target:window.location.protocol + "//" + host + "/test_suite_rep_docs_db_b"}, + {source:window.location.protocol + "//" + host + "/test_suite_rep_docs_db_a", target:"test_suite_rep_docs_db_b"}, - {source:"http://" + host + "/test_suite_rep_docs_db_a", - target:"http://" + host + "/test_suite_rep_docs_db_b"} + {source:window.location.protocol + "//" + host + "/test_suite_rep_docs_db_a", + target:window.location.protocol + "//" + host + "/test_suite_rep_docs_db_b"} ]; var target_doc_ids = [ @@ -481,11 +481,11 @@ couchTests.replication = function(debug) { {source:"test_suite_filtered_rep_db_a", target:"test_suite_filtered_rep_db_b"}, {source:"test_suite_filtered_rep_db_a", - target:"http://" + host + "/test_suite_filtered_rep_db_b"}, - {source:"http://" + host + "/test_suite_filtered_rep_db_a", + target:window.location.protocol + "//" + host + "/test_suite_filtered_rep_db_b"}, + {source:window.location.protocol + "//" + host + "/test_suite_filtered_rep_db_a", target:"test_suite_filtered_rep_db_b"}, - {source:"http://" + host + "/test_suite_filtered_rep_db_a", - target:"http://" + host + "/test_suite_filtered_rep_db_b"} + {source:window.location.protocol + "//" + host + "/test_suite_filtered_rep_db_a", + target:window.location.protocol + "//" + host + "/test_suite_filtered_rep_db_b"} ]; for (var i = 0; i < dbPairs.length; i++) { diff --git a/share/www/script/test/security_validation.js b/share/www/script/test/security_validation.js index 67b04f3c..d5f8ff3f 100644 --- a/share/www/script/test/security_validation.js +++ b/share/www/script/test/security_validation.js @@ -235,16 +235,16 @@ couchTests.security_validation = function(debug) { target:"test_suite_db_b"}, {source:"test_suite_db_a", - target:{url: "http://" + host + "/test_suite_db_b", + target:{url: window.location.protocol + "//" + host + "/test_suite_db_b", headers: AuthHeaders}}, - {source:{url:"http://" + host + "/test_suite_db_a", + {source:{url:window.location.protocol + "//" + host + "/test_suite_db_a", headers: AuthHeaders}, target:"test_suite_db_b"}, - {source:{url:"http://" + host + "/test_suite_db_a", + {source:{url:window.location.protocol + "//" + host + "/test_suite_db_a", headers: AuthHeaders}, - target:{url:"http://" + host + "/test_suite_db_b", + target:{url:window.location.protocol + "//" + host + "/test_suite_db_b", headers: AuthHeaders}}, ] var adminDbA = new CouchDB("test_suite_db_a", {"X-Couch-Full-Commit":"false"}); |