From eed6b752d4acd68b902030e216f38e744a3b8fd2 Mon Sep 17 00:00:00 2001
From: Wikinaut <mail@tgries.de>
Date: Thu, 22 Nov 2012 10:12:58 +0100
Subject: [PATCH] initial https version fix #1148

---
 .gitignore                 |  2 ++
 settings.json.template     | 13 ++++++++++++-
 src/node/hooks/express.js  | 24 ++++++++++++++++++++++--
 src/node/utils/Settings.js |  7 +++++++
 4 files changed, 43 insertions(+), 3 deletions(-)

diff --git a/.gitignore b/.gitignore
index 4f3152245..b93678674 100644
--- a/.gitignore
+++ b/.gitignore
@@ -12,3 +12,5 @@ src/static/js/jquery.js
 npm-debug.log
 *.DS_Store
 .ep_initialized
+*.crt
+*.key
diff --git a/settings.json.template b/settings.json.template
index 66192e4b9..901ff812c 100644
--- a/settings.json.template
+++ b/settings.json.template
@@ -14,7 +14,18 @@
   //Ip and port which etherpad should bind at
   "ip": "0.0.0.0",
   "port" : 9001,
-  
+
+  /*  
+  // Node native SSL support
+  // make sure to have the correct file access permissions set
+
+  "ssl" : {
+            "key"  : "/path-to-your/server.key",
+            "cert" : "/path-to-your/server.crt"
+          },
+
+  */
+
   //The Type of the database. You can choose between dirty, postgres, sqlite and mysql
   //You shouldn't use "dirty" for for anything else than testing or development
   "dbType" : "dirty",
diff --git a/src/node/hooks/express.js b/src/node/hooks/express.js
index 1900a86a8..2bbb5eec8 100644
--- a/src/node/hooks/express.js
+++ b/src/node/hooks/express.js
@@ -1,5 +1,4 @@
 var hooks = require("ep_etherpad-lite/static/js/pluginfw/hooks");
-var http = require('http');
 var express = require('express');
 var settings = require('../utils/Settings');
 var fs = require('fs');
@@ -50,7 +49,28 @@ exports.restartServer = function () {
   }
 
   var app = express(); // New syntax for express v3
-  server = http.createServer(app);
+
+  if (settings.ssl) {
+
+    console.log( "SSL -- enabled");
+    console.log( "SSL -- server key file: " + settings.ssl.key );
+    console.log( "SSL -- Certificate Authority's certificate file: " + settings.ssl.cert );
+    
+    options = {
+      key: fs.readFileSync( settings.ssl.key ),
+      cert: fs.readFileSync( settings.ssl.cert )
+    };
+    
+    var https = require('https');
+    server = https.createServer(options, app);
+
+  } else {
+
+    console.log( "SSL -- not enabled!" );
+
+    var http = require('http');
+    server = http.createServer(app);
+  }
 
   app.use(function (req, res, next) {
     res.header("Server", serverName);
diff --git a/src/node/utils/Settings.js b/src/node/utils/Settings.js
index 2ed76d0bd..9caa2b0be 100644
--- a/src/node/utils/Settings.js
+++ b/src/node/utils/Settings.js
@@ -48,6 +48,13 @@ exports.ip = "0.0.0.0";
  * The Port ep-lite should listen to
  */
 exports.port = process.env.PORT || 9001;
+
+/**
+ * The SSL signed server key and the Certificate Authority's own certificate
+ * default case: ep-lite does *not* use SSL. A signed server key is not required in this case.
+ */
+exports.ssl = false;
+
 /*
  * The Type of the database
  */