+
+Code coverage report for async-throttle/
++ Statements: 100% (37 / 37) + Branches: 92.86% (13 / 14) + Functions: 100% (7 / 7) + Lines: 100% (37 / 37) + Ignored: none +
+All files » async-throttle/
+
+
+
+
+
+
+
+
diff --git a/express-server/node_modules/async-limiter/coverage/lcov-report/async-throttle/index.js.html b/express-server/node_modules/async-limiter/coverage/lcov-report/async-throttle/index.js.html
new file mode 100644
index 00000000..adc030fd
--- /dev/null
+++ b/express-server/node_modules/async-limiter/coverage/lcov-report/async-throttle/index.js.html
@@ -0,0 +1,246 @@
+
+
+
+
+
+
+
+
+| File | ++ | Statements | ++ | Branches | ++ | Functions | ++ | Lines | ++ |
|---|---|---|---|---|---|---|---|---|---|
| index.js | ++ | 100% | +(37 / 37) | +92.86% | +(13 / 14) | +100% | +(7 / 7) | +100% | +(37 / 37) | +
+
+Code coverage report for async-throttle/index.js
++ Statements: 100% (37 / 37) + Branches: 92.86% (13 / 14) + Functions: 100% (7 / 7) + Lines: 100% (37 / 37) + Ignored: none +
+All files » async-throttle/ » index.js
+
+
+
+
+
+
+
+
+
+
+
diff --git a/express-server/node_modules/async-limiter/coverage/lcov-report/base.css b/express-server/node_modules/async-limiter/coverage/lcov-report/base.css
new file mode 100644
index 00000000..a6a2f328
--- /dev/null
+++ b/express-server/node_modules/async-limiter/coverage/lcov-report/base.css
@@ -0,0 +1,182 @@
+body, html {
+ margin:0; padding: 0;
+}
+body {
+ font-family: Helvetica Neue, Helvetica,Arial;
+ font-size: 10pt;
+}
+div.header, div.footer {
+ background: #eee;
+ padding: 1em;
+}
+div.header {
+ z-index: 100;
+ position: fixed;
+ top: 0;
+ border-bottom: 1px solid #666;
+ width: 100%;
+}
+div.footer {
+ border-top: 1px solid #666;
+}
+div.body {
+ margin-top: 10em;
+}
+div.meta {
+ font-size: 90%;
+ text-align: center;
+}
+h1, h2, h3 {
+ font-weight: normal;
+}
+h1 {
+ font-size: 12pt;
+}
+h2 {
+ font-size: 10pt;
+}
+pre {
+ font-family: Consolas, Menlo, Monaco, monospace;
+ margin: 0;
+ padding: 0;
+ line-height: 1.3;
+ font-size: 14px;
+ -moz-tab-size: 2;
+ -o-tab-size: 2;
+ tab-size: 2;
+}
+
+div.path { font-size: 110%; }
+div.path a:link, div.path a:visited { color: #000; }
+table.coverage { border-collapse: collapse; margin:0; padding: 0 }
+
+table.coverage td {
+ margin: 0;
+ padding: 0;
+ color: #111;
+ vertical-align: top;
+}
+table.coverage td.line-count {
+ width: 50px;
+ text-align: right;
+ padding-right: 5px;
+}
+table.coverage td.line-coverage {
+ color: #777 !important;
+ text-align: right;
+ border-left: 1px solid #666;
+ border-right: 1px solid #666;
+}
+
+table.coverage td.text {
+}
+
+table.coverage td span.cline-any {
+ display: inline-block;
+ padding: 0 5px;
+ width: 40px;
+}
+table.coverage td span.cline-neutral {
+ background: #eee;
+}
+table.coverage td span.cline-yes {
+ background: #b5d592;
+ color: #999;
+}
+table.coverage td span.cline-no {
+ background: #fc8c84;
+}
+
+.cstat-yes { color: #111; }
+.cstat-no { background: #fc8c84; color: #111; }
+.fstat-no { background: #ffc520; color: #111 !important; }
+.cbranch-no { background: yellow !important; color: #111; }
+
+.cstat-skip { background: #ddd; color: #111; }
+.fstat-skip { background: #ddd; color: #111 !important; }
+.cbranch-skip { background: #ddd !important; color: #111; }
+
+.missing-if-branch {
+ display: inline-block;
+ margin-right: 10px;
+ position: relative;
+ padding: 0 4px;
+ background: black;
+ color: yellow;
+}
+
+.skip-if-branch {
+ display: none;
+ margin-right: 10px;
+ position: relative;
+ padding: 0 4px;
+ background: #ccc;
+ color: white;
+}
+
+.missing-if-branch .typ, .skip-if-branch .typ {
+ color: inherit !important;
+}
+
+.entity, .metric { font-weight: bold; }
+.metric { display: inline-block; border: 1px solid #333; padding: 0.3em; background: white; }
+.metric small { font-size: 80%; font-weight: normal; color: #666; }
+
+div.coverage-summary table { border-collapse: collapse; margin: 3em; font-size: 110%; }
+div.coverage-summary td, div.coverage-summary table th { margin: 0; padding: 0.25em 1em; border-top: 1px solid #666; border-bottom: 1px solid #666; }
+div.coverage-summary th { text-align: left; border: 1px solid #666; background: #eee; font-weight: normal; }
+div.coverage-summary th.file { border-right: none !important; }
+div.coverage-summary th.pic { border-left: none !important; text-align: right; }
+div.coverage-summary th.pct { border-right: none !important; }
+div.coverage-summary th.abs { border-left: none !important; text-align: right; }
+div.coverage-summary td.pct { text-align: right; border-left: 1px solid #666; }
+div.coverage-summary td.abs { text-align: right; font-size: 90%; color: #444; border-right: 1px solid #666; }
+div.coverage-summary td.file { border-left: 1px solid #666; white-space: nowrap; }
+div.coverage-summary td.pic { min-width: 120px !important; }
+div.coverage-summary a:link { text-decoration: none; color: #000; }
+div.coverage-summary a:visited { text-decoration: none; color: #777; }
+div.coverage-summary a:hover { text-decoration: underline; }
+div.coverage-summary tfoot td { border-top: 1px solid #666; }
+
+div.coverage-summary .sorter {
+ height: 10px;
+ width: 7px;
+ display: inline-block;
+ margin-left: 0.5em;
+ background: url(sort-arrow-sprite.png) no-repeat scroll 0 0 transparent;
+}
+div.coverage-summary .sorted .sorter {
+ background-position: 0 -20px;
+}
+div.coverage-summary .sorted-desc .sorter {
+ background-position: 0 -10px;
+}
+
+.high { background: #b5d592 !important; }
+.medium { background: #ffe87c !important; }
+.low { background: #fc8c84 !important; }
+
+span.cover-fill, span.cover-empty {
+ display:inline-block;
+ border:1px solid #444;
+ background: white;
+ height: 12px;
+}
+span.cover-fill {
+ background: #ccc;
+ border-right: 1px solid #444;
+}
+span.cover-empty {
+ background: white;
+ border-left: none;
+}
+span.cover-full {
+ border-right: none !important;
+}
+pre.prettyprint {
+ border: none !important;
+ padding: 0 !important;
+ margin: 0 !important;
+}
+.com { color: #999 !important; }
+.ignore-none { color: #999; font-weight: normal; }
diff --git a/express-server/node_modules/async-limiter/coverage/lcov-report/index.html b/express-server/node_modules/async-limiter/coverage/lcov-report/index.html
new file mode 100644
index 00000000..782a1cff
--- /dev/null
+++ b/express-server/node_modules/async-limiter/coverage/lcov-report/index.html
@@ -0,0 +1,73 @@
+
+
+
+ | 1 +2 +3 +4 +5 +6 +7 +8 +9 +10 +11 +12 +13 +14 +15 +16 +17 +18 +19 +20 +21 +22 +23 +24 +25 +26 +27 +28 +29 +30 +31 +32 +33 +34 +35 +36 +37 +38 +39 +40 +41 +42 +43 +44 +45 +46 +47 +48 +49 +50 +51 +52 +53 +54 +55 +56 +57 +58 +59 +60 +61 +62 +63 +64 +65 +66 +67 +68 | + +1 +7 +1 + + +6 +6 +6 +6 +6 +6 + + +1 + + + + + +1 +3 +13 +13 +13 + + + +1 + +19 + + + +1 +45 +6 + +39 +13 +13 +13 +13 + + +39 +18 +6 +6 + + + + +1 +6 +6 +6 + + + +1 +13 +13 + + +1 + | 'use strict';
+
+function Queue(options) {
+ if (!(this instanceof Queue)) {
+ return new Queue(options);
+ }
+
+ options = options || {};
+ this.concurrency = options.concurrency || Infinity;
+ this.pending = 0;
+ this.jobs = [];
+ this.cbs = [];
+ this._done = done.bind(this);
+}
+
+var arrayAddMethods = [
+ 'push',
+ 'unshift',
+ 'splice'
+];
+
+arrayAddMethods.forEach(function(method) {
+ Queue.prototype[method] = function() {
+ var methodResult = Array.prototype[method].apply(this.jobs, arguments);
+ this._run();
+ return methodResult;
+ };
+});
+
+Object.defineProperty(Queue.prototype, 'length', {
+ get: function() {
+ return this.pending + this.jobs.length;
+ }
+});
+
+Queue.prototype._run = function() {
+ if (this.pending === this.concurrency) {
+ return;
+ }
+ if (this.jobs.length) {
+ var job = this.jobs.shift();
+ this.pending++;
+ job(this._done);
+ this._run();
+ }
+
+ if (this.pending === 0) {
+ while (this.cbs.length !== 0) {
+ var cb = this.cbs.pop();
+ process.nextTick(cb);
+ }
+ }
+};
+
+Queue.prototype.onDone = function(cb) {
+ Eif (typeof cb === 'function') {
+ this.cbs.push(cb);
+ this._run();
+ }
+};
+
+function done() {
+ this.pending--;
+ this._run();
+}
+
+module.exports = Queue;
+ |
+
+Code coverage report for All files
++ Statements: 100% (37 / 37) + Branches: 92.86% (13 / 14) + Functions: 100% (7 / 7) + Lines: 100% (37 / 37) + Ignored: none +
+ +
+
+
+
+
+
+
+
diff --git a/express-server/node_modules/async-limiter/coverage/lcov-report/prettify.css b/express-server/node_modules/async-limiter/coverage/lcov-report/prettify.css
new file mode 100644
index 00000000..b317a7cd
--- /dev/null
+++ b/express-server/node_modules/async-limiter/coverage/lcov-report/prettify.css
@@ -0,0 +1 @@
+.pln{color:#000}@media screen{.str{color:#080}.kwd{color:#008}.com{color:#800}.typ{color:#606}.lit{color:#066}.pun,.opn,.clo{color:#660}.tag{color:#008}.atn{color:#606}.atv{color:#080}.dec,.var{color:#606}.fun{color:red}}@media print,projection{.str{color:#060}.kwd{color:#006;font-weight:bold}.com{color:#600;font-style:italic}.typ{color:#404;font-weight:bold}.lit{color:#044}.pun,.opn,.clo{color:#440}.tag{color:#006;font-weight:bold}.atn{color:#404}.atv{color:#060}}pre.prettyprint{padding:2px;border:1px solid #888}ol.linenums{margin-top:0;margin-bottom:0}li.L0,li.L1,li.L2,li.L3,li.L5,li.L6,li.L7,li.L8{list-style-type:none}li.L1,li.L3,li.L5,li.L7,li.L9{background:#eee}
diff --git a/express-server/node_modules/async-limiter/coverage/lcov-report/prettify.js b/express-server/node_modules/async-limiter/coverage/lcov-report/prettify.js
new file mode 100644
index 00000000..ef51e038
--- /dev/null
+++ b/express-server/node_modules/async-limiter/coverage/lcov-report/prettify.js
@@ -0,0 +1 @@
+window.PR_SHOULD_USE_CONTINUATION=true;(function(){var h=["break,continue,do,else,for,if,return,while"];var u=[h,"auto,case,char,const,default,double,enum,extern,float,goto,int,long,register,short,signed,sizeof,static,struct,switch,typedef,union,unsigned,void,volatile"];var p=[u,"catch,class,delete,false,import,new,operator,private,protected,public,this,throw,true,try,typeof"];var l=[p,"alignof,align_union,asm,axiom,bool,concept,concept_map,const_cast,constexpr,decltype,dynamic_cast,explicit,export,friend,inline,late_check,mutable,namespace,nullptr,reinterpret_cast,static_assert,static_cast,template,typeid,typename,using,virtual,where"];var x=[p,"abstract,boolean,byte,extends,final,finally,implements,import,instanceof,null,native,package,strictfp,super,synchronized,throws,transient"];var R=[x,"as,base,by,checked,decimal,delegate,descending,dynamic,event,fixed,foreach,from,group,implicit,in,interface,internal,into,is,lock,object,out,override,orderby,params,partial,readonly,ref,sbyte,sealed,stackalloc,string,select,uint,ulong,unchecked,unsafe,ushort,var"];var r="all,and,by,catch,class,else,extends,false,finally,for,if,in,is,isnt,loop,new,no,not,null,of,off,on,or,return,super,then,true,try,unless,until,when,while,yes";var w=[p,"debugger,eval,export,function,get,null,set,undefined,var,with,Infinity,NaN"];var s="caller,delete,die,do,dump,elsif,eval,exit,foreach,for,goto,if,import,last,local,my,next,no,our,print,package,redo,require,sub,undef,unless,until,use,wantarray,while,BEGIN,END";var I=[h,"and,as,assert,class,def,del,elif,except,exec,finally,from,global,import,in,is,lambda,nonlocal,not,or,pass,print,raise,try,with,yield,False,True,None"];var f=[h,"alias,and,begin,case,class,def,defined,elsif,end,ensure,false,in,module,next,nil,not,or,redo,rescue,retry,self,super,then,true,undef,unless,until,when,yield,BEGIN,END"];var H=[h,"case,done,elif,esac,eval,fi,function,in,local,set,then,until"];var A=[l,R,w,s+I,f,H];var e=/^(DIR|FILE|vector|(de|priority_)?queue|list|stack|(const_)?iterator|(multi)?(set|map)|bitset|u?(int|float)\d*)/;var C="str";var z="kwd";var j="com";var O="typ";var G="lit";var L="pun";var F="pln";var m="tag";var E="dec";var J="src";var P="atn";var n="atv";var N="nocode";var M="(?:^^\\.?|[+-]|\\!|\\!=|\\!==|\\#|\\%|\\%=|&|&&|&&=|&=|\\(|\\*|\\*=|\\+=|\\,|\\-=|\\->|\\/|\\/=|:|::|\\;|<|<<|<<=|<=|=|==|===|>|>=|>>|>>=|>>>|>>>=|\\?|\\@|\\[|\\^|\\^=|\\^\\^|\\^\\^=|\\{|\\||\\|=|\\|\\||\\|\\|=|\\~|break|case|continue|delete|do|else|finally|instanceof|return|throw|try|typeof)\\s*";function k(Z){var ad=0;var S=false;var ac=false;for(var V=0,U=Z.length;V
+
+
+
+
+| File | ++ | Statements | ++ | Branches | ++ | Functions | ++ | Lines | ++ |
|---|---|---|---|---|---|---|---|---|---|
| async-throttle/ | ++ | 100% | +(37 / 37) | +92.86% | +(13 / 14) | +100% | +(7 / 7) | +100% | +(37 / 37) | +
+
+
+
+[](https://travis-ci.org/petkaantonov/bluebird)
+[](http://petkaantonov.github.io/bluebird/coverage/debug/index.html)
+
+**Got a question?** Join us on [stackoverflow](http://stackoverflow.com/questions/tagged/bluebird), the [mailing list](https://groups.google.com/forum/#!forum/bluebird-js) or chat on [IRC](https://webchat.freenode.net/?channels=#promises)
+
+# Introduction
+
+Bluebird is a fully featured promise library with focus on innovative features and performance
+
+See the [**bluebird website**](http://bluebirdjs.com/docs/getting-started.html) for further documentation, references and instructions. See the [**API reference**](http://bluebirdjs.com/docs/api-reference.html) here.
+
+For bluebird 2.x documentation and files, see the [2.x tree](https://github.com/petkaantonov/bluebird/tree/2.x).
+
+### Note
+
+Promises in Node.js 10 are significantly faster than before. Bluebird still includes a lot of features like cancellation, iteration methods and warnings that native promises don't. If you are using Bluebird for performance rather than for those - please consider giving native promises a shot and running the benchmarks yourself.
+
+# Questions and issues
+
+The [github issue tracker](https://github.com/petkaantonov/bluebird/issues) is **_only_** for bug reports and feature requests. Anything else, such as questions for help in using the library, should be posted in [StackOverflow](http://stackoverflow.com/questions/tagged/bluebird) under tags `promise` and `bluebird`.
+
+
+
+## Thanks
+
+Thanks to BrowserStack for providing us with a free account which lets us support old browsers like IE8.
+
+# License
+
+The MIT License (MIT)
+
+Copyright (c) 2013-2017 Petka Antonov
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+
diff --git a/express-server/node_modules/bluebird/changelog.md b/express-server/node_modules/bluebird/changelog.md
new file mode 100644
index 00000000..73b2eb6c
--- /dev/null
+++ b/express-server/node_modules/bluebird/changelog.md
@@ -0,0 +1 @@
+[http://bluebirdjs.com/docs/changelog.html](http://bluebirdjs.com/docs/changelog.html)
diff --git a/express-server/node_modules/bluebird/js/browser/bluebird.core.js b/express-server/node_modules/bluebird/js/browser/bluebird.core.js
new file mode 100644
index 00000000..626406f5
--- /dev/null
+++ b/express-server/node_modules/bluebird/js/browser/bluebird.core.js
@@ -0,0 +1,3805 @@
+/* @preserve
+ * The MIT License (MIT)
+ *
+ * Copyright (c) 2013-2018 Petka Antonov
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ *
+ */
+/**
+ * bluebird build version 3.5.3
+ * Features enabled: core
+ * Features disabled: race, call_get, generators, map, nodeify, promisify, props, reduce, settle, some, using, timers, filter, any, each
+*/
+!function(e){if("object"==typeof exports&&"undefined"!=typeof module)module.exports=e();else if("function"==typeof define&&define.amd)define([],e);else{var f;"undefined"!=typeof window?f=window:"undefined"!=typeof global?f=global:"undefined"!=typeof self&&(f=self),f.Promise=e()}}(function(){var define,module,exports;return (function e(t,n,r){function s(o,u){if(!n[o]){if(!t[o]){var a=typeof _dereq_=="function"&&_dereq_;if(!u&&a)return a(o,!0);if(i)return i(o,!0);var f=new Error("Cannot find module '"+o+"'");throw f.code="MODULE_NOT_FOUND",f}var l=n[o]={exports:{}};t[o][0].call(l.exports,function(e){var n=t[o][1][e];return s(n?n:e)},l,l.exports,e,t,n,r)}return n[o].exports}var i=typeof _dereq_=="function"&&_dereq_;for(var o=0;o+certificates issued by Let's Encrypt v2 via [ACME](https://git.coolaj86.com/coolaj86/acme-v2.js) + + + + + + +| Sponsored by [ppl](https://ppl.family) | +Greenlock works +in the [Commandline](https://git.coolaj86.com/coolaj86/greenlock-cli.js) (cli), +as a [Web Server](https://git.coolaj86.com/coolaj86/greenlock-server.js), +in [Web Browsers](https://git.coolaj86.com/coolaj86/greenlock.html) (WebCrypto), +and with **node.js** ([npm](https://www.npmjs.com/package/greenlock)). + +Features +======== + + - [x] Actively Maintained and Supported + - [x] Automatic HTTPS + - [x] Free SSL + - [x] Free Wildcard SSL + - [x] Multiple domain support (up to 100 altnames per SAN) + - [x] Dynamic Virtual Hosting (vhost) + - [x] Automatical renewal (30 to 21 days before expiration) + - [x] Great ACME support via [acme.js](https://git.coolaj86.com/coolaj86/acme-v2.js) + - [x] "dry run" with self-diagnostics + - [x] ACME draft 12 + - [x] Let's Encrypt v2 + - [x] Let's Encrypt v1 + - [x] [Commandline](https://git.coolaj86.com/coolaj86/greenlock-cli.js) (cli) Utilities + - [x] Works with `bash`, `fish`, `zsh`, `cmd.exe`, `PowerShell`, and more + - [x] [Browser](https://git.coolaj86.com/coolaj86/greenlock.html) Support + - [x] Full node.js support, with modules for + - [x] [http/https](https://git.coolaj86.com/coolaj86/greenlock-express.js/src/branch/master/examples/https-server.js), [Express.js](https://git.coolaj86.com/coolaj86/greenlock-express.js), [cluster](https://git.coolaj86.com/coolaj86/greenlock-cluster.js), [hapi](https://git.coolaj86.com/coolaj86/greenlock-hapi.js), [Koa](https://git.coolaj86.com/coolaj86/greenlock-koa.js), [rill](https://git.coolaj86.com/coolaj86/greenlock-rill.js), [restify](https://git.coolaj86.com/coolaj86/greenlock-restify.js), spdy, etc + - [x] Great for securing your Raspberry Pi + - [x] Extensible Plugin Support + - [x] AWS S3, AWS Route53, Azure, CloudFlare, Consul, Digital Ocean, etcd, Redis + +Greenlock.js for Middleware +------ + +Documentation for using Greenlock with +[http/https](https://git.coolaj86.com/coolaj86/greenlock-express.js/src/branch/master/examples/https-server.js), +[Express.js](https://git.coolaj86.com/coolaj86/greenlock-express.js), +[cluster](https://git.coolaj86.com/coolaj86/greenlock-cluster.js), +[hapi](https://git.coolaj86.com/coolaj86/greenlock-hapi.js), +[Koa](https://git.coolaj86.com/coolaj86/greenlock-koa.js), +[rill](https://git.coolaj86.com/coolaj86/greenlock-rill.js). +[restify](https://git.coolaj86.com/coolaj86/greenlock-restify.js). + +Table of Contents +================= + + * Install + * **QuickStart** + * Simple Examples + * Example with ALL OPTIONS + * API + * Developer API + * Change History + * License + +Install +======= + +```bash +npm install --save greenlock@2.x +``` + +**Optional** dependency for *more efficient* RSA key generation: +(important for those on ARM devices like Raspberry Pi) +```bash +npm install --save ursa +``` + +**Optional** dependency for *Let's Encrypt v01* (pre-draft ACME spec) compatibility: +(important for those on ARM devices like Raspberry Pi) +```bash +npm install --save le-acme-core +``` + + +### Production vs Staging + +If at first you don't succeed, stop and switch to staging. + +I've implemented a "dry run" loopback test with self diagnostics +so it's pretty safe to start off with the production URLs +and be far less likely to hit the bad request rate limits. + +However, if your first attempt to get a certificate fails +I'd recommend switching to the staging acme server to debug - +unless you're very clear on what the failure was and how to fix it. + +``` +{ server: 'https://acme-staging-v02.api.letsencrypt.org/directory' } +``` + +### QuickStart Screencast + +Watch the QuickStart demonstration: [https://youtu.be/e8vaR4CEZ5s](https://youtu.be/e8vaR4CEZ5s&list=PLZaEVINf2Bq_lrS-OOzTUJB4q3HxarlXk) + +
+
+* [0:00](https://www.youtube.com/watch?v=e8vaR4CEZ5s&list=PLZaEVINf2Bq_lrS-OOzTUJB4q3HxarlXk#t=0) - Intro
+* [2:22](https://www.youtube.com/watch?v=e8vaR4CEZ5s&list=PLZaEVINf2Bq_lrS-OOzTUJB4q3HxarlXk#t=142) - Demonstrating QuickStart Example
+* [6:37](https://www.youtube.com/watch?v=e8vaR4CEZ5s&list=PLZaEVINf2Bq_lrS-OOzTUJB4q3HxarlXk?t=397) - Troubleshooting / Gotchas
+
+#### Production Configuration (Part 2)
+
+* [1:00](https://www.youtube.com/watch?v=bTEn93gxY50&index=2&list=PLZaEVINf2Bq_lrS-OOzTUJB4q3HxarlXk&t=60) - Bringing Greenlock into an Existing Express Project
+* [2:26](https://www.youtube.com/watch?v=bTEn93gxY50&index=2&list=PLZaEVINf2Bq_lrS-OOzTUJB4q3HxarlXk&t=146) - The `approveDomains` callback
+
+#### Security Concerns (Part 3)
+
+* [0:00](https://www.youtube.com/watch?v=aZgVqPzoZTY&index=3&list=PLZaEVINf2Bq_lrS-OOzTUJB4q3HxarlXk) - Potential Attacks, and Mitigation
+
+
+Easy as 1, 2, 3... 4
+=====
+
+Greenlock is built to incredibly easy to use, without sacrificing customization or extensibility.
+
+The following examples range from just a few lines of code for getting started,
+to more robust examples that you might start with for an enterprise-grade use of the ACME api.
+
+* Automatic HTTPS (for single sites)
+* Fully Automatic HTTPS (for multi-domain vhosts)
+* Manual HTTPS (for API integration)
+
+Automatic HTTPS
+---------------
+
+**Note**: For (fully) automatic HTTPS you may prefer
+the [Express.js module](https://git.coolaj86.com/coolaj86/greenlock-express.js)
+
+This works for most people, but it's not as fun as some of the other examples.
+
+Great when
+
+ - [x] You only need a limited number of certificates
+ - [x] You want to use the bare node http and https modules without fluff
+
+```js
+////////////////////
+// INIT GREENLOCK //
+////////////////////
+
+var greenlock = require('greenlock').create({
+
+ version: 'draft-12'
+, server: 'https://acme-v02.api.letsencrypt.org/directory'
+, configDir: '~/.config/acme'
+
+, email: 'user@example.com' // IMPORTANT: Change email and domains
+, agreeTos: true // Accept Let's Encrypt v2 Agreement
+, communityMember: true // Get (rare) non-mandatory updates about cool greenlock-related stuff (default false)
+, securityUpdates: true // Important and mandatory notices related to security or breaking API changes (default true)
+
+, approveDomains: approveDomains
+});
+```
+
+```js
+/////////////////////
+// APPROVE DOMAINS //
+/////////////////////
+
+
+function approveDomains(opts, certs, cb) {
+
+ // check for domains you want to receive certificates for
+ if ('example.com' === opts.domain) {
+ cb(null, { options: opts, certs: certs });
+ return;
+ }
+
+ // return error otherwise
+ cb(new Error("bad domain"));
+}
+```
+
+```js
+////////////////////
+// CREATE SERVERS //
+////////////////////
+
+var redir = require('redirect-https')();
+require('http').createServer(greenlock.middleware(redir)).listen(80);
+
+require('spdy').createServer(greenlock.tlsOptions, function (req, res) {
+ res.end('Hello, Secure World!');
+}).listen(443);
+```
+
+Fully Automatic HTTPS
+------------
+
+**Note**: For (fully) automatic HTTPS you may prefer
+the [Express.js module](https://git.coolaj86.com/coolaj86/greenlock-express.js)
+
+Great when
+
+ - [x] You have a growing number of domains
+ - [x] You're integrating into your own hosting solution
+ - [x] Customize ACME http-01 or dns-01 challenge
+
+```js
+////////////////////
+// INIT GREENLOCK //
+////////////////////
+
+var path = require('path');
+var os = require('os')
+var Greenlock = require('greenlock');
+
+var greenlock = Greenlock.create({
+ version: 'draft-12'
+, server: 'https://acme-v02.api.letsencrypt.org/directory'
+
+ // approve a growing list of domains
+, approveDomains: approveDomains
+
+ // If you wish to replace the default account and domain key storage plugin
+, store: require('le-store-certbot').create({
+ configDir: path.join(os.homedir(), 'acme/etc')
+ , webrootPath: '/tmp/acme-challenges'
+ })
+});
+
+
+/////////////////////
+// APPROVE DOMAINS //
+/////////////////////
+
+var http01 = require('le-challenge-fs').create({ webrootPath: '/tmp/acme-challenges' });
+function approveDomains(opts, certs, cb) {
+ // This is where you check your database and associated
+ // email addresses with domains and agreements and such
+
+ // Opt-in to submit stats and get important updates
+ opts.communityMember = true;
+
+ // If you wish to replace the default challenge plugin, you may do so here
+ opts.challenges = { 'http-01': http01 };
+
+ // The domains being approved for the first time are listed in opts.domains
+ // Certs being renewed are listed in certs.altnames
+ if (certs) {
+ opts.domains = certs.altnames;
+ }
+ else {
+ opts.email = 'john.doe@example.com';
+ opts.agreeTos = true;
+ }
+
+ // NOTE: you can also change other options such as `challengeType` and `challenge`
+ // opts.challengeType = 'http-01';
+ // opts.challenge = require('le-challenge-fs').create({});
+
+ cb(null, { options: opts, certs: certs });
+}
+
+
+////////////////////
+// CREATE SERVERS //
+////////////////////
+
+var redir = require('redirect-https')();
+require('http').createServer(greenlock.middleware(redir)).listen(80);
+
+require('https').createServer(greenlock.tlsOptions, function (req, res) {
+ res.end('Hello, Secure World!');
+}).listen(443);
+```
+
+Manual HTTPS
+-------------
+
+Here's a taste of the API that you might use if building a commandline tool or API integration
+that doesn't use node's SNICallback.
+
+```
+
+
+/////////////////////
+// SET USER PARAMS //
+/////////////////////
+
+var opts = {
+ domains: [ 'example.com' // CHANGE EMAIL AND DOMAINS
+ , 'www.example.com' ]
+, email: 'user@example.com'
+, agreeTos: true // Accept Let's Encrypt v2 Agreement
+, communityMember: true // Help make Greenlock better by submitting
+ // stats and getting updates
+};
+
+
+////////////////////
+// INIT GREENLOCK //
+////////////////////
+
+var greenlock = require('greenlock').create({
+ version: 'draft-12'
+, server: 'https://acme-v02.api.letsencrypt.org/directory'
+, configDir: '/tmp/acme/etc'
+});
+
+
+///////////////////
+// GET TLS CERTS //
+///////////////////
+
+greenlock.register(opts).then(function (certs) {
+ console.log(certs);
+ // privkey, cert, chain, expiresAt, issuedAt, subject, altnames
+}, function (err) {
+ console.error(err);
+});
+```
+
+The domain key and ssl certificates you get back can be used in a webserver like this:
+
+```js
+var tlsOptions = { key: certs.privkey, cert: certs.cert + '\r\n' + certs.chain };
+require('https').createServer(tlsOptions, function (req, res) {
+ res.end('Hello, Secure World!');
+}).listen(443);
+```
+
+Example with ALL OPTIONS
+=========
+
+The configuration consists of 3 components:
+
+* Storage Backend (search npm for projects starting with 'le-store-')
+* ACME Challenge Handlers (search npm for projects starting with 'le-challenge-')
+* Letsencryt Config (this is all you)
+
+```javascript
+'use strict';
+
+var Greenlock = require('greenlock');
+var greenlock;
+
+
+// Storage Backend
+var leStore = require('le-store-certbot').create({
+ configDir: '~/acme/etc' // or /etc/letsencrypt or wherever
+, debug: false
+});
+
+
+// ACME Challenge Handlers
+var leHttpChallenge = require('le-challenge-fs').create({
+ webrootPath: '~/acme/var/' // or template string such as
+, debug: false // '/srv/www/:hostname/.well-known/acme-challenge'
+});
+
+
+function leAgree(opts, agreeCb) {
+ // opts = { email, domains, tosUrl }
+ agreeCb(null, opts.tosUrl);
+}
+
+greenlock = Greenlock.create({
+ version: 'draft-12' // 'draft-12' or 'v01'
+ // 'draft-12' is for Let's Encrypt v2 otherwise known as ACME draft 12
+ // 'v02' is an alias for 'draft-12'
+ // 'v01' is for the pre-spec Let's Encrypt v1
+ //
+ // staging API
+ //server: 'https://acme-staging-v02.api.letsencrypt.org/directory'
+
+ //
+ // production API
+ server: 'https://acme-v02.api.letsencrypt.org/directory'
+
+, store: leStore // handles saving of config, accounts, and certificates
+, challenges: {
+ 'http-01': leHttpChallenge // handles /.well-known/acme-challege keys and tokens
+ }
+, challengeType: 'http-01' // default to this challenge type
+, agreeToTerms: leAgree // hook to allow user to view and accept LE TOS
+//, sni: require('le-sni-auto').create({}) // handles sni callback
+
+ // renewals happen at a random time within this window
+, renewWithin: 30 * 24 * 60 * 60 * 1000 // certificate renewal may begin at this time
+, renewBy: 21 * 24 * 60 * 60 * 1000 // certificate renewal should happen by this time
+
+, debug: false
+//, log: function (debug) {console.log.apply(console, args);} // handles debug outputs
+});
+
+
+// If using express you should use the middleware
+// app.use('/', greenlock.middleware());
+//
+// Otherwise you should see the test file for usage of this:
+// greenlock.challenges['http-01'].get(opts.domain, key, val, done)
+
+
+
+// Check in-memory cache of certificates for the named domain
+greenlock.check({ domains: [ 'example.com' ] }).then(function (results) {
+ if (results) {
+ // we already have certificates
+ return;
+ }
+
+
+ // Register Certificate manually
+ greenlock.register({
+
+ domains: ['example.com'] // CHANGE TO YOUR DOMAIN (list for SANS)
+ , email: 'user@email.com' // CHANGE TO YOUR EMAIL
+ , agreeTos: '' // set to tosUrl string (or true) to pre-approve (and skip agreeToTerms)
+ , rsaKeySize: 2048 // 2048 or higher
+ , challengeType: 'http-01' // http-01, tls-sni-01, or dns-01
+
+ }).then(function (results) {
+
+ console.log('success');
+
+ }, function (err) {
+
+ // Note: you must either use greenlock.middleware() with express,
+ // manually use greenlock.challenges['http-01'].get(opts, domain, key, val, done)
+ // or have a webserver running and responding
+ // to /.well-known/acme-challenge at `webrootPath`
+ console.error('[Error]: node-greenlock/examples/standalone');
+ console.error(err.stack);
+
+ });
+
+});
+```
+
+Here's what `results` looks like:
+
+```javascript
+{ privkey: '' // PEM encoded private key
+, cert: '' // PEM encoded cert
+, chain: '' // PEM encoded intermediate cert
+, issuedAt: 0 // notBefore date (in ms) parsed from cert
+, expiresAt: 0 // notAfter date (in ms) parsed from cert
+, subject: '' // example.com
+, altnames: [] // example.com,www.example.com
+}
+```
+
+API
+---
+
+The full end-user API is exposed in the example above and includes all relevant options.
+
+```
+greenlock.register(opts)
+greenlock.check(opts)
+```
+
+### Helper Functions
+
+We do expose a few helper functions:
+
+* Greenlock.validDomain(hostname) // returns '' or the hostname string if it's a valid ascii or punycode domain name
+
+TODO fetch domain tld list
+
+### Template Strings
+
+The following variables will be tempalted in any strings passed to the options object:
+
+* `~/` replaced with `os.homedir()` i.e. `/Users/aj`
+* `:hostname` replaced with the first domain in the list i.e. `example.com`
+
+### Dangerous Options
+
+By default SNI is made to lowercase and is automatically rejected if it contains invalid characters for a domain.
+This behavior can be modified:
+
+ * `__dns_allow_dangerous_names` allow SNI names like "Robert'); DROP TABLE Students;"
+ * `__dns_preserve_case` passes SNI names such as "ExAMpLE.coM" without converting to lower case
+
+Developer API
+-------------
+
+If you are developing an `le-store-*` or `le-challenge-*` plugin you need to be aware of
+additional internal API expectations.
+
+**IMPORTANT**:
+
+Use `v2.0.0` as your initial version - NOT v0.1.0 and NOT v1.0.0 and NOT v3.0.0.
+This is to indicate that your module is compatible with v2.x of node-greenlock.
+
+Since the public API for your module is defined by node-greenlock the major version
+should be kept in sync.
+
+### store implementation
+
+See Domain Fronting Error
" + + "This connection was secured using TLS/SSL for '" + req.socket.servername.toLowerCase() + "'
" + + "The HTTP request specified 'Host: " + safehost + "', which is (obviously) different.
" + + "Because this looks like a domain fronting attack, the connection has been terminated.
" + ); + return; + } + } else if (safehost && !gl.middleware.sanitizeHost._skip_fronting_check) { + // TODO how to handle wrapped sockets, as with telebit? + console.warn("\n\n\n[greenlock] WARN: no string for req.socket.servername," + + " skipping fronting check for '" + safehost + "'\n\n\n"); + gl.middleware.sanitizeHost._skip_fronting_check = true; + } + } + + // carry on + realNext(); + }; + }; + gl.middleware.sanitizeHost._skip_fronting_check = false; + + return gl; +}; diff --git a/express-server/node_modules/greenlock/lib/community.js b/express-server/node_modules/greenlock/lib/community.js new file mode 100644 index 00000000..e3c07c78 --- /dev/null +++ b/express-server/node_modules/greenlock/lib/community.js @@ -0,0 +1,51 @@ +'use strict'; + +function addCommunityMember(opts) { + // { name, version, email, domains, action, communityMember, telemetry } + setTimeout(function () { + var https = require('https'); + var req = https.request({ + hostname: 'api.ppl.family' + , port: 443 + , path: '/api/ppl.family/public/list' + , method: 'POST' + , headers: { + 'Content-Type': 'application/json' + } + }, function (err, resp) { + if (err) { return; } + resp.on('data', function () {}); + }); + var os = require('os'); + var data = { + address: opts.email + // greenlock-security is transactional and security only + , list: opts.communityMember ? (opts.name + '@ppl.family') : 'greenlock-security@ppl.family' + , action: opts.action // reg | renew + , package: opts.name + // hashed for privacy, but so we can still get some telemetry and inform users + // if abnormal things are happening (like several registrations for the same domain each day) + , domain: (opts.domains||[]).map(function (d) { + return require('crypto').createHash('sha1').update(d).digest('base64') + .replace(/\//g, '_').replace(/\+/g, '-').replace(/=/g, ''); + }).join(',') + }; + if (false !== opts.telemetry) { + data.arch = process.arch || os.arch(); + data.platform = process.platform || os.platform(); + data.release = os.release(); + data.version = opts.version; + data.node = process.version; + } + req.write(JSON.stringify(data, 2, null)); + req.end(); + }, 50); +} + +module.exports.add = addCommunityMember; + +if (require.main === module) { + //addCommunityMember('greenlock-express.js', 'reg', 'coolaj86+test42@gmail.com', ['coolaj86.com'], true); + //addCommunityMember('greenlock.js', 'reg', 'coolaj86+test37@gmail.com', ['oneal.im'], false); + //addCommunityMember('greenlock.js', 'reg', 'coolaj86+test11@gmail.com', ['ppl.family'], true); +} diff --git a/express-server/node_modules/greenlock/lib/core.js b/express-server/node_modules/greenlock/lib/core.js new file mode 100644 index 00000000..962cb1ba --- /dev/null +++ b/express-server/node_modules/greenlock/lib/core.js @@ -0,0 +1,459 @@ +'use strict'; + +var PromiseA; +try { + PromiseA = require('bluebird'); +} catch(e) { + PromiseA = global.Promise; +} +var util = require('util'); +function promisifyAll(obj) { + var aobj = {}; + Object.keys(obj).forEach(function (key) { + if ('function' === typeof obj[key]) { + aobj[key] = obj[key]; + aobj[key + 'Async'] = util.promisify(obj[key]); + } + }); + return aobj; +} + +function _log(debug) { + if (debug) { + var args = Array.prototype.slice.call(arguments); + args.shift(); + args.unshift("[greenlock/lib/core.js]"); + console.log.apply(console, args); + } +} + +module.exports.create = function (gl) { + var utils = require('./utils'); + var RSA = promisifyAll(require('rsa-compat').RSA); + var log = gl.log || _log; // allow custom log + var pendingRegistrations = {}; + + var core = { + // + // Helpers + // + getAcmeUrlsAsync: function (args) { + var now = Date.now(); + + // TODO check response header on request for cache time + if ((now - gl._ipc.acmeUrlsUpdatedAt) < 10 * 60 * 1000) { + return PromiseA.resolve(gl._ipc.acmeUrls); + } + + return gl.acme.getAcmeUrlsAsync(args.server).then(function (data) { + gl._ipc.acmeUrlsUpdatedAt = Date.now(); + gl._ipc.acmeUrls = data; + + return gl._ipc.acmeUrls; + }); + } + + + // + // The Main Enchilada + // + + // + // Accounts + // + , accounts: { + // Accounts + registerAsync: function (args) { + var err; + var copy = utils.merge(args, gl); + var disagreeTos; + args = utils.tplCopy(copy); + + disagreeTos = (!args.agreeTos && 'undefined' !== typeof args.agreeTos); + if (!args.email || disagreeTos || (parseInt(args.rsaKeySize, 10) < 2048)) { + err = new Error( + "In order to register an account both 'email' and 'agreeTos' must be present" + + " and 'rsaKeySize' must be 2048 or greater." + ); + err.code = 'E_ARGS'; + return PromiseA.reject(err); + } + + return utils.testEmail(args.email).then(function () { + var promise = gl.store.accounts.checkKeypairAsync(args).then(function (keypair) { + if (keypair) { + return RSA.import(keypair); + } + + if (args.accountKeypair) { + return gl.store.accounts.setKeypairAsync(args, RSA.import(args.accountKeypair)); + } + + var keypairOpts = { bitlen: args.rsaKeySize, exp: 65537, public: true, pem: true }; + return RSA.generateKeypairAsync(keypairOpts).then(function (keypair) { + keypair.privateKeyPem = RSA.exportPrivatePem(keypair); + keypair.publicKeyPem = RSA.exportPublicPem(keypair); + keypair.privateKeyJwk = RSA.exportPrivateJwk(keypair); + return gl.store.accounts.setKeypairAsync(args, keypair); + }); + }); + + return promise.then(function (keypair) { + // Note: the ACME urls are always fetched fresh on purpose + // TODO is this the right place for this? + return core.getAcmeUrlsAsync(args).then(function (urls) { + args._acmeUrls = urls; + + return gl.acme.registerNewAccountAsync({ + email: args.email + , newRegUrl: args._acmeUrls.newReg + , newAuthzUrl: args._acmeUrls.newAuthz + , agreeToTerms: function (tosUrl, agreeCb) { + if (true === args.agreeTos || tosUrl === args.agreeTos || tosUrl === gl.agreeToTerms) { + agreeCb(null, tosUrl); + return; + } + + // args.email = email; // already there + // args.domains = domains // already there + args.tosUrl = tosUrl; + gl.agreeToTerms(args, agreeCb); + } + , accountKeypair: keypair + + , debug: gl.debug || args.debug + }).then(function (receipt) { + var reg = { + keypair: keypair + , receipt: receipt + , email: args.email + , newRegUrl: args._acmeUrls.newReg + , newAuthzUrl: args._acmeUrls.newAuthz + }; + + // TODO move templating of arguments to right here? + return gl.store.accounts.setAsync(args, reg).then(function (account) { + // should now have account.id and account.accountId + args.account = account; + args.accountId = account.id; + return account; + }); + }); + }); + }); + }); + } + + // Accounts + , getAsync: function (args) { + return core.accounts.checkAsync(args).then(function (account) { + if (account) { + return account; + } else { + return core.accounts.registerAsync(args); + } + }); + } + + // Accounts + , checkAsync: function (args) { + var requiredArgs = ['accountId', 'email', 'domains', 'domain']; + if (!requiredArgs.some(function (key) { return -1 !== Object.keys(args).indexOf(key); })) { + return PromiseA.reject(new Error( + "In order to register or retrieve an account one of '" + requiredArgs.join("', '") + "' must be present" + )); + } + + var copy = utils.merge(args, gl); + args = utils.tplCopy(copy); + + return gl.store.accounts.checkAsync(args).then(function (account) { + + if (!account) { + return null; + } + + args.account = account; + args.accountId = account.id; + + return account; + }); + } + } + + , certificates: { + // Certificates + registerAsync: function (args) { + var err; + var challengeDefaults = gl['_challengeOpts_' + (args.challengeType || gl.challengeType)] || {}; + var copy = utils.merge(args, challengeDefaults || {}); + copy = utils.merge(copy, gl); + args = utils.tplCopy(copy); + + if (!Array.isArray(args.domains)) { + return PromiseA.reject(new Error('args.domains should be an array of domains')); + } + + if (!(args.domains.length && args.domains.every(utils.isValidDomain))) { + // NOTE: this library can't assume to handle the http loopback + // (or dns-01 validation may be used) + // so we do not check dns records or attempt a loopback here + err = new Error("invalid domain name(s): '" + args.domains + "'"); + err.code = "INVALID_DOMAIN"; + return PromiseA.reject(err); + } + + // If a previous request to (re)register a certificate is already underway we need + // to return the same promise created before rather than registering things twice. + // I'm not 100% sure how to properly handle the case where someone registers domain + // lists with some but not all elements common, nor am I sure that's even a case that + // is allowed to happen anyway. But for now we act like the list is completely the + // same if any elements are the same. + var promise; + args.domains.some(function (name) { + if (pendingRegistrations.hasOwnProperty(name)) { + promise = pendingRegistrations[name]; + return true; + } + }); + if (promise) { + return promise; + } + + promise = core.certificates._runRegistration(args); + + // Now that the registration is actually underway we need to make sure any subsequent + // registration attempts return the same promise until it is completed (but not after + // it is completed). + args.domains.forEach(function (name) { + pendingRegistrations[name] = promise; + }); + function clearPending() { + args.domains.forEach(function (name) { + delete pendingRegistrations[name]; + }); + } + promise.then(clearPending, clearPending); + + return promise; + } + , _runRegistration: function (args) { + // TODO renewal cb + // accountId and or email + return core.accounts.getAsync(args).then(function (account) { + args.account = account; + + var promise = gl.store.certificates.checkKeypairAsync(args).then(function (keypair) { + if (keypair) { + return RSA.import(keypair); + } + + if (args.domainKeypair) { + return gl.store.certificates.setKeypairAsync(args, RSA.import(args.domainKeypair)); + } + + var keypairOpts = { bitlen: args.rsaKeySize, exp: 65537, public: true, pem: true }; + return RSA.generateKeypairAsync(keypairOpts).then(function (keypair) { + keypair.privateKeyPem = RSA.exportPrivatePem(keypair); + keypair.publicKeyPem = RSA.exportPublicPem(keypair); + keypair.privateKeyJwk = RSA.exportPrivateJwk(keypair); + return gl.store.certificates.setKeypairAsync(args, keypair); + }); + }); + + return promise.then(function (domainKeypair) { + args.domainKeypair = domainKeypair; + //args.registration = domainKey; + + // Note: the ACME urls are always fetched fresh on purpose + // TODO is this the right place for this? + return core.getAcmeUrlsAsync(args).then(function (urls) { + args._acmeUrls = urls; + + var certReq = { + debug: args.debug || gl.debug + + , newAuthzUrl: args._acmeUrls.newAuthz + , newCertUrl: args._acmeUrls.newCert + + , accountKeypair: RSA.import(account.keypair) + , domainKeypair: domainKeypair + , domains: args.domains + , challengeType: args.challengeType + }; + + // + // IMPORTANT + // + // setChallenge and removeChallenge are handed defaults + // instead of args because getChallenge does not have + // access to args + // (args is per-request, defaults is per instance) + // + // Each of these fires individually for each domain, + // even though the certificate on the whole may have many domains + // + certReq.setChallenge = function (domain, key, value, done) { + log(args.debug, "setChallenge called for '" + domain + "'"); + var copy = utils.merge({ domains: [domain] }, args); + copy = utils.merge(copy, gl); + utils.tplCopy(copy); + + // TODO need to save challengeType + gl.challenges[args.challengeType].set(copy, domain, key, value, done); + }; + certReq.removeChallenge = function (domain, key, done) { + log(args.debug, "removeChallenge called for '" + domain + "'"); + var copy = utils.merge({ domains: [domain] }, gl); + utils.tplCopy(copy); + + gl.challenges[args.challengeType].remove(copy, domain, key, done); + }; + + log(args.debug, 'calling greenlock.acme.getCertificateAsync', certReq.domains); + + return gl.acme.getCertificateAsync(certReq).then(utils.attachCertInfo); + }); + }).then(function (results) { + // { cert, chain, privkey /*TODO, subject, altnames, issuedAt, expiresAt */ } + + // args.certs.privkey = RSA.exportPrivatePem(options.domainKeypair); + args.certs = results; + // args.pems is deprecated + args.pems = results; + return gl.store.certificates.setAsync(args).then(function () { + return results; + }); + }); + }); + } + // Certificates + , renewAsync: function (args, certs) { + var renewableAt = core.certificates._getRenewableAt(args, certs); + var err; + //var halfLife = (certs.expiresAt - certs.issuedAt) / 2; + //var renewable = (Date.now() - certs.issuedAt) > halfLife; + + log(args.debug, "(Renew) Expires At", new Date(certs.expiresAt).toISOString()); + log(args.debug, "(Renew) Renewable At", new Date(renewableAt).toISOString()); + + if (!args.duplicate && Date.now() < renewableAt) { + err = new Error( + "[ERROR] Certificate issued at '" + + new Date(certs.issuedAt).toISOString() + "' and expires at '" + + new Date(certs.expiresAt).toISOString() + "'. Ignoring renewal attempt until '" + + new Date(renewableAt).toISOString() + "'. Set { duplicate: true } to force." + ); + err.code = 'E_NOT_RENEWABLE'; + return PromiseA.reject(err); + } + + // Either the cert has entered its renewal period + // or we're forcing a refresh via 'dupliate: true' + log(args.debug, "Renewing!"); + + if (!args.domains || !args.domains.length) { + args.domains = args.servernames || [certs.subject].concat(certs.altnames); + } + + return core.certificates.registerAsync(args); + } + // Certificates + , _isRenewable: function (args, certs) { + var renewableAt = core.certificates._getRenewableAt(args, certs); + + log(args.debug, "Check Expires At", new Date(certs.expiresAt).toISOString()); + log(args.debug, "Check Renewable At", new Date(renewableAt).toISOString()); + + if (args.duplicate || Date.now() >= renewableAt) { + log(args.debug, "certificates are renewable"); + return true; + } + + return false; + } + , _getRenewableAt: function (args, certs) { + return certs.expiresAt - (args.renewWithin || gl.renewWithin); + } + , checkAsync: function (args) { + var copy = utils.merge(args, gl); + utils.tplCopy(copy); + + // returns pems + return gl.store.certificates.checkAsync(copy).then(function (cert) { + if (cert) { + log(args.debug, 'checkAsync found existing certificates'); + return utils.attachCertInfo(cert); + } + + log(args.debug, 'checkAsync failed to find certificates'); + return null; + }); + } + // Certificates + , getAsync: function (args) { + var copy = utils.merge(args, gl); + args = utils.tplCopy(copy); + + return core.certificates.checkAsync(args).then(function (certs) { + if (!certs) { + // There is no cert available + if (false !== args.securityUpdates && !args._communityMemberAdded) { + try { + // We will notify all greenlock users of mandatory and security updates + // We'll keep track of versions and os so we can make sure things work well + // { name, version, email, domains, action, communityMember, telemetry } + require('./community').add({ + name: args._communityPackage + , version: args._communityPackageVersion + , email: args.email + , domains: args.domains || args.servernames + , action: 'reg' + , communityMember: args.communityMember + , telemetry: args.telemetry + }); + } catch(e) { /* ignore */ } + args._communityMemberAdded = true; + } + return core.certificates.registerAsync(args); + } + + if (core.certificates._isRenewable(args, certs)) { + // it's time to renew the available cert + if (false !== args.securityUpdates && !args._communityMemberAdded) { + try { + // We will notify all greenlock users of mandatory and security updates + // We'll keep track of versions and os so we can make sure things work well + // { name, version, email, domains, action, communityMember, telemetry } + require('./community').add({ + name: args._communityPackage + , version: args._communityPackageVersion + , email: args.email + , domains: args.domains || args.servernames + , action: 'renew' + , communityMember: args.communityMember + , telemetry: args.telemetry + }); + } catch(e) { /* ignore */ } + args._communityMemberAdded = true; + } + certs.renewing = core.certificates.renewAsync(args, certs); + if (args.waitForRenewal) { + return certs.renewing; + } + } + + // return existing unexpired (although potentially stale) certificates when available + // there will be an additional .renewing property if the certs are being asynchronously renewed + return certs; + }).then(function (results) { + // returns pems + return results; + }); + } + } + + }; + + return core; +}; diff --git a/express-server/node_modules/greenlock/lib/middleware.js b/express-server/node_modules/greenlock/lib/middleware.js new file mode 100644 index 00000000..4309689e --- /dev/null +++ b/express-server/node_modules/greenlock/lib/middleware.js @@ -0,0 +1,68 @@ +'use strict'; + +var utils = require('./utils'); + +function _log(debug) { + if (debug) { + var args = Array.prototype.slice.call(arguments); + args.shift(); + args.unshift("[greenlock/lib/middleware.js]"); + console.log.apply(console, args); + } +} + +module.exports.create = function (gl) { + if (!gl.challenges['http-01'] || !gl.challenges['http-01'].get) { + throw new Error("middleware requires challenge plugin with get method"); + } + var log = gl.log || _log; + + log(gl.debug, "created middleware"); + return function (_app) { + if (_app && 'function' !== typeof _app) { + throw new Error("use greenlock.middleware() or greenlock.middleware(function (req, res) {})"); + } + var prefix = gl.acmeChallengePrefix || '/.well-known/acme-challenge/'; + + return function (req, res, next) { + if (0 !== req.url.indexOf(prefix)) { + log(gl.debug, "no match, skipping middleware"); + if ('function' === typeof _app) { + _app(req, res, next); + } + else if ('function' === typeof next) { + next(); + } + else { + res.statusCode = 500; + res.end("[500] Developer Error: app.use('/', greenlock.middleware()) or greenlock.middleware(app)"); + } + return; + } + + log(gl.debug, "this must be tinder, 'cuz it's a match!"); + + var token = req.url.slice(prefix.length); + var hostname = req.hostname || (req.headers.host || '').toLowerCase().replace(/:.*/, ''); + + log(gl.debug, "hostname", hostname, "token", token); + + var copy = utils.merge({ domains: [ hostname ] }, gl); + copy = utils.tplCopy(copy); + + // TODO tpl copy? + // TODO need to restore challengeType + gl.challenges['http-01'].get(copy, hostname, token, function (err, secret) { + if (err || !token) { + res.statusCode = 404; + res.setHeader('Content-Type', 'application/json; charset=utf-8'); + res.end('{ "error": { "message": "Error: These aren\'t the tokens you\'re looking for. Move along." } }'); + return; + } + + res.setHeader('Content-Type', 'text/plain; charset=utf-8'); + res.end(secret); + }); + }; + }; +}; diff --git a/express-server/node_modules/greenlock/lib/utils.js b/express-server/node_modules/greenlock/lib/utils.js new file mode 100644 index 00000000..a7223334 --- /dev/null +++ b/express-server/node_modules/greenlock/lib/utils.js @@ -0,0 +1,127 @@ +'use strict'; + +var path = require('path'); +var homeRe = new RegExp("^~(\\/|\\\\|\\" + path.sep + ")"); +// very basic check. Allows *.example.com. +var re = /^(\*\.)?[a-zA-Z0-9\.\-]+$/; +var punycode = require('punycode'); +var promisify = (require('util').promisify || require('bluebird').promisify); +var dnsResolveMxAsync = promisify(require('dns').resolveMx); + +module.exports.attachCertInfo = function (results) { + // XXX Note: Parsing the certificate info comes at a great cost (~500kb) + var getCertInfo = require('certpem').info; + var certInfo = getCertInfo(results.cert); + + // subject, altnames, issuedAt, expiresAt + Object.keys(certInfo).forEach(function (key) { + results[key] = certInfo[key]; + }); + + return results; +}; + +module.exports.isValidDomain = function (domain) { + if (re.test(domain)) { + return domain; + } + + domain = punycode.toASCII(domain); + + if (re.test(domain)) { + return domain; + } + + return ''; +}; + +module.exports.merge = function (/*defaults, args*/) { + var allDefaults = Array.prototype.slice.apply(arguments); + var args = allDefaults.shift(); + var copy = {}; + + allDefaults.forEach(function (defaults) { + Object.keys(defaults).forEach(function (key) { + copy[key] = defaults[key]; + }); + }); + + Object.keys(args).forEach(function (key) { + copy[key] = args[key]; + }); + + return copy; +}; + +module.exports.tplCopy = function (copy) { + var homedir = require('os').homedir(); + var tplKeys; + + copy.hostnameGet = function (copy) { + return (copy.domains || [])[0] || copy.domain; + }; + + Object.keys(copy).forEach(function (key) { + var newName; + if (!/Get$/.test(key)) { + return; + } + + newName = key.replace(/Get$/, ''); + copy[newName] = copy[newName] || copy[key](copy); + }); + + tplKeys = Object.keys(copy); + tplKeys.sort(function (a, b) { + return b.length - a.length; + }); + + tplKeys.forEach(function (key) { + if ('string' !== typeof copy[key]) { + return; + } + + copy[key] = copy[key].replace(homeRe, homedir + path.sep); + }); + + tplKeys.forEach(function (key) { + if ('string' !== typeof copy[key]) { + return; + } + + tplKeys.forEach(function (tplname) { + if (!copy[tplname]) { + // what can't be templated now may be templatable later + return; + } + copy[key] = copy[key].replace(':' + tplname, copy[tplname]); + }); + }); + + return copy; +}; + +module.exports.testEmail = function (email) { + var parts = (email||'').split('@'); + var err; + + if (2 !== parts.length || !parts[0] || !parts[1]) { + err = new Error("malformed email address '" + email + "'"); + err.code = 'E_EMAIL'; + return Promise.reject(err); + } + + return dnsResolveMxAsync(parts[1]).then(function (records) { + // records only returns when there is data + if (!records.length) { + throw new Error("sanity check fail: success, but no MX records returned"); + } + return email; + }, function (err) { + if ('ENODATA' === err.code) { + err = new Error("no MX records found for '" + parts[1] + "'"); + err.code = 'E_EMAIL'; + return Promise.reject(err); + } + }); +}; diff --git a/express-server/node_modules/greenlock/package.json b/express-server/node_modules/greenlock/package.json new file mode 100644 index 00000000..a12e0d21 --- /dev/null +++ b/express-server/node_modules/greenlock/package.json @@ -0,0 +1,124 @@ +{ + "_args": [ + [ + "greenlock@^2.4.9", + "/nodeapps/https-test/greenlock-express.js" + ] + ], + "_from": "greenlock@>=2.4.9 <3.0.0", + "_hasShrinkwrap": false, + "_id": "greenlock@2.4.10", + "_inCache": true, + "_installable": true, + "_location": "/greenlock", + "_nodeVersion": "10.13.0", + "_npmOperationalInternal": { + "host": "s3://npm-registry-packages", + "tmp": "tmp/greenlock_2.4.10_1541843287866_0.5046853213401128" + }, + "_npmUser": { + "email": "coolaj86@gmail.com", + "name": "coolaj86" + }, + "_npmVersion": "6.4.1", + "_phantomChildren": {}, + "_requested": { + "name": "greenlock", + "raw": "greenlock@^2.4.9", + "rawSpec": "^2.4.9", + "scope": null, + "spec": ">=2.4.9 <3.0.0", + "type": "range" + }, + "_requiredBy": [ + "/" + ], + "_resolved": "https://registry.npmjs.org/greenlock/-/greenlock-2.4.10.tgz", + "_shasum": "59a5878d76fba962aeec0b609b2a7a097a102261", + "_shrinkwrap": null, + "_spec": "greenlock@^2.4.9", + "_where": "/nodeapps/https-test/greenlock-express.js", + "author": { + "email": "coolaj86@gmail.com", + "name": "AJ ONeal", + "url": "https://coolaj86.com/" + }, + "bugs": { + "url": "https://git.coolaj86.com/coolaj86/greenlock.js/issues" + }, + "dependencies": { + "acme": "^1.0.6", + "acme-v2": "^1.2.0", + "certpem": "^1.1.0", + "le-challenge-fs": "^2.0.2", + "le-sni-auto": "^2.1.3", + "le-store-certbot": "^2.1.7", + "rsa-compat": "^1.5.0" + }, + "description": "Let's Encrypt for node.js on npm", + "devDependencies": { + "request": "^2.75.0" + }, + "directories": {}, + "dist": { + "fileCount": 8, + "integrity": "sha512-vLJ41rhuzmf/DRqceWKXvhoU6yZ8l1b+o3idExea/RANkPT4hs/2qg7hFzjLRngQEYP4LmgeFPbeqPYQV8m+zQ==", + "npm-signature": "-----BEGIN PGP SIGNATURE-----\r\nVersion: OpenPGP.js v3.0.4\r\nComment: https://openpgpjs.org\r\n\r\nwsFcBAEBCAAQBQJb5qlYCRA9TVsSAnZWagAAtEEP/1y3ugTwK2Zt3+QDZoRG\newZwL5KyOAKMGHSWRj/xTHHqh0pm3abE85AqS6DwykRu1H/dam5Y7ncIadNm\nL1vDGP0gMH4l6fWOh6UlyX+zOv2JTNOom3km17ISpydxQugae37iotkOUnSy\n2YauoiGOERDEQfbuHYb16llz8x6Ged2SIfDQdRNOgvL13gCOyKmGZDEYpfD4\nayU/7ZHZaYIe/92cGZ/xzph1oD60bgIyqboMrdvdRGe3hwgpKfib9FHDPPfF\nL/YGPKg8EEc5H5/raK8K4cMt3yX3QCb2rsVMoNMxO6WQyz3nGgv21jFoFz8W\n5vExddJhSo2781eEpXNSdRgwuuTP+AFofvBeAj7KTOQrVvd9Sf9dbYdwWOZ5\nui3xsNFJurX0UdS+VrWm+elExhjsKiF6CWwZQk14KAKAUBTNypHKmwnNQvn1\nreBybwgHCZV1zx4yCe+96p4h4RPDE6PohBJwXMnVPLkITeCldKrzvzQfZyz0\nqfCjuHG6YKc5ZVwqBfTjlOWIaBFN3SoOKhlIhCTvecjPxmCh+GwUkVoTBgpR\nyl641AjqrFNVkDMKTolJIe6TczZ9zpJi+tr/Da8W09QZKBdIVNGVKkENO1kN\nLIQkwm1jRv739lgwRt2OISWcw+/lED+fKxJyAMlPUZquCjRZ/iRz2fDIHmNi\n4h72\r\n=YRwx\r\n-----END PGP SIGNATURE-----\r\n", + "shasum": "59a5878d76fba962aeec0b609b2a7a097a102261", + "tarball": "https://registry.npmjs.org/greenlock/-/greenlock-2.4.10.tgz", + "unpackedSize": 67800 + }, + "engines": { + "node": ">=4.5" + }, + "gitDependencies": { + "acme": "git+https://git.coolaj86.com/coolaj86/acme-.js.git#v1.0", + "le-acme-core": "git+https://git.coolaj86.com/coolaj86/le-acme-core.js.git#v2.1" + }, + "gitHead": "abe081387d13d49a4db55e83e6f0fedc54a1e2e6", + "homepage": "https://git.coolaj86.com/coolaj86/greenlock.js", + "keywords": [ + "ACME", + "Automated HTTPS", + "Free SSL", + "Greenlock", + "Let's Encrypt", + "auto-sni", + "https", + "letsencrypt", + "tls", + "v2" + ], + "license": "(MIT OR Apache-2.0)", + "main": "index.js", + "maintainers": [ + { + "name": "coolaj86", + "email": "coolaj86@gmail.com" + }, + { + "name": "ppl", + "email": "npm@ppl.family" + }, + { + "name": "thejshaver", + "email": "john@jshaver.net" + } + ], + "name": "greenlock", + "optionalDependencies": {}, + "readme": "ERROR: No README data found!", + "repository": { + "type": "git", + "url": "https://git.coolaj86.com/coolaj86/greenlock.js.git" + }, + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + }, + "trulyOptionalDependencies": { + "bluebird": "^3.5.1", + "le-acme-core": "^2.1.3", + "ursa": "^0.9.4" + }, + "version": "2.4.10" +} diff --git a/express-server/node_modules/ipaddr.js/lib/ipaddr.js.d.ts b/express-server/node_modules/ipaddr.js/lib/ipaddr.js.d.ts new file mode 100644 index 00000000..882fa96d --- /dev/null +++ b/express-server/node_modules/ipaddr.js/lib/ipaddr.js.d.ts @@ -0,0 +1,71 @@ + + +declare module "ipaddr.js" { + + type IPv4Range = 'unspecified' | 'broadcast' | 'multicast' | 'linkLocal' | 'loopback' | 'carrierGradeNat' | 'private' | 'reserved'; + type IPv6Range = 'unspecified' | 'linkLocal' | 'multicast' | 'loopback' | 'uniqueLocal' | 'ipv4Mapped' | 'rfc6145' | 'rfc6052' | '6to4' | 'teredo' | 'reserved'; + + interface RangeListNan::FunctionCallbackInfo
+ - Nan::PropertyCallbackInfo
+ - Nan::ReturnValue
+* **Method declarations**
+ - Method declaration
+ - Getter declaration
+ - Setter declaration
+ - Property getter declaration
+ - Property setter declaration
+ - Property enumerator declaration
+ - Property deleter declaration
+ - Property query declaration
+ - Index getter declaration
+ - Index setter declaration
+ - Index enumerator declaration
+ - Index deleter declaration
+ - Index query declaration
+* Method and template helpers
+ - Nan::SetMethod()
+ - Nan::SetPrototypeMethod()
+ - Nan::SetAccessor()
+ - Nan::SetNamedPropertyHandler()
+ - Nan::SetIndexedPropertyHandler()
+ - Nan::SetTemplate()
+ - Nan::SetPrototypeTemplate()
+ - Nan::SetInstanceTemplate()
+ - Nan::SetCallHandler()
+ - Nan::SetCallAsFunctionHandler()
+
+### Scopes
+
+A _local handle_ is a pointer to an object. All V8 objects are accessed using handles, they are necessary because of the way the V8 garbage collector works.
+
+A handle scope can be thought of as a container for any number of handles. When you've finished with your handles, instead of deleting each one individually you can simply delete their scope.
+
+The creation of `HandleScope` objects is different across the supported versions of V8. Therefore, NAN provides its own implementations that can be used safely across these.
+
+ - Nan::HandleScope
+ - Nan::EscapableHandleScope
+
+Also see the V8 Embedders Guide section on [Handles and Garbage Collection](https://github.com/v8/v8/wiki/Embedder%27s%20Guide#handles-and-garbage-collection).
+
+### Persistent references
+
+An object reference that is independent of any `HandleScope` is a _persistent_ reference. Where a `Local` handle only lives as long as the `HandleScope` in which it was allocated, a `Persistent` handle remains valid until it is explicitly disposed.
+
+Due to the evolution of the V8 API, it is necessary for NAN to provide a wrapper implementation of the `Persistent` classes to supply compatibility across the V8 versions supported.
+
+ - Nan::PersistentBase & v8::PersistentBase
+ - Nan::NonCopyablePersistentTraits & v8::NonCopyablePersistentTraits
+ - Nan::CopyablePersistentTraits & v8::CopyablePersistentTraits
+ - Nan::Persistent
+ - Nan::Global
+ - Nan::WeakCallbackInfo
+ - Nan::WeakCallbackType
+
+Also see the V8 Embedders Guide section on [Handles and Garbage Collection](https://developers.google.com/v8/embed#handles).
+
+### New
+
+NAN provides a `Nan::New()` helper for the creation of new JavaScript objects in a way that's compatible across the supported versions of V8.
+
+ - Nan::New()
+ - Nan::Undefined()
+ - Nan::Null()
+ - Nan::True()
+ - Nan::False()
+ - Nan::EmptyString()
+
+
+### Converters
+
+NAN contains functions that convert `v8::Value`s to other `v8::Value` types and native types. Since type conversion is not guaranteed to succeed, they return `Nan::Maybe` types. These converters can be used in place of `value->ToX()` and `value->XValue()` (where `X` is one of the types, e.g. `Boolean`) in a way that provides a consistent interface across V8 versions. Newer versions of V8 use the new `v8::Maybe` and `v8::MaybeLocal` types for these conversions, older versions don't have this functionality so it is provided by NAN.
+
+ - Nan::To()
+
+### Maybe Types
+
+The `Nan::MaybeLocal` and `Nan::Maybe` types are monads that encapsulate `v8::Local` handles that _may be empty_.
+
+* **Maybe Types**
+ - Nan::MaybeLocal
+ - Nan::Maybe
+ - Nan::Nothing
+ - Nan::Just
+* **Maybe Helpers**
+ - Nan::Call()
+ - Nan::ToDetailString()
+ - Nan::ToArrayIndex()
+ - Nan::Equals()
+ - Nan::NewInstance()
+ - Nan::GetFunction()
+ - Nan::Set()
+ - Nan::DefineOwnProperty()
+ - Nan::ForceSet()Nan::Get()
+ - Nan::GetPropertyAttributes()
+ - Nan::Has()
+ - Nan::Delete()
+ - Nan::GetPropertyNames()
+ - Nan::GetOwnPropertyNames()
+ - Nan::SetPrototype()
+ - Nan::ObjectProtoToString()
+ - Nan::HasOwnProperty()
+ - Nan::HasRealNamedProperty()
+ - Nan::HasRealIndexedProperty()
+ - Nan::HasRealNamedCallbackProperty()
+ - Nan::GetRealNamedPropertyInPrototypeChain()
+ - Nan::GetRealNamedProperty()
+ - Nan::CallAsFunction()
+ - Nan::CallAsConstructor()
+ - Nan::GetSourceLine()
+ - Nan::GetLineNumber()
+ - Nan::GetStartColumn()
+ - Nan::GetEndColumn()
+ - Nan::CloneElementAt()
+ - Nan::HasPrivate()
+ - Nan::GetPrivate()
+ - Nan::SetPrivate()
+ - Nan::DeletePrivate()
+ - Nan::MakeMaybe()
+
+### Script
+
+NAN provides a `v8::Script` helpers as the API has changed over the supported versions of V8.
+
+ - Nan::CompileScript()
+ - Nan::RunScript()
+
+
+### JSON
+
+The _JSON_ object provides the c++ versions of the methods offered by the `JSON` object in javascript. V8 exposes these methods via the `v8::JSON` object.
+
+ - Nan::JSON.Parse
+ - Nan::JSON.Stringify
+
+Refer to the V8 JSON object in the [V8 documentation](https://v8docs.nodesource.com/node-8.11/da/d6f/classv8_1_1_j_s_o_n.html) for more information about these methods and their arguments.
+
+### Errors
+
+NAN includes helpers for creating, throwing and catching Errors as much of this functionality varies across the supported versions of V8 and must be abstracted.
+
+Note that an Error object is simply a specialized form of `v8::Value`.
+
+Also consult the V8 Embedders Guide section on [Exceptions](https://developers.google.com/v8/embed#exceptions) for more information.
+
+ - Nan::Error()
+ - Nan::RangeError()
+ - Nan::ReferenceError()
+ - Nan::SyntaxError()
+ - Nan::TypeError()
+ - Nan::ThrowError()
+ - Nan::ThrowRangeError()
+ - Nan::ThrowReferenceError()
+ - Nan::ThrowSyntaxError()
+ - Nan::ThrowTypeError()
+ - Nan::FatalException()
+ - Nan::ErrnoException()
+ - Nan::TryCatch
+
+
+### Buffers
+
+NAN's `node::Buffer` helpers exist as the API has changed across supported Node versions. Use these methods to ensure compatibility.
+
+ - Nan::NewBuffer()
+ - Nan::CopyBuffer()
+ - Nan::FreeCallback()
+
+### Nan::Callback
+
+`Nan::Callback` makes it easier to use `v8::Function` handles as callbacks. A class that wraps a `v8::Function` handle, protecting it from garbage collection and making it particularly useful for storage and use across asynchronous execution.
+
+ - Nan::Callback
+
+### Asynchronous work helpers
+
+`Nan::AsyncWorker`, `Nan::AsyncProgressWorker` and `Nan::AsyncProgressQueueWorker` are helper classes that make working with asynchronous code easier.
+
+ - Nan::AsyncWorker
+ - Nan::AsyncProgressWorkerBase & Nan::AsyncProgressWorker
+ - Nan::AsyncProgressQueueWorker
+ - Nan::AsyncQueueWorker
+
+### Strings & Bytes
+
+Miscellaneous string & byte encoding and decoding functionality provided for compatibility across supported versions of V8 and Node. Implemented by NAN to ensure that all encoding types are supported, even for older versions of Node where they are missing.
+
+ - Nan::Encoding
+ - Nan::Encode()
+ - Nan::DecodeBytes()
+ - Nan::DecodeWrite()
+
+
+### Object Wrappers
+
+The `ObjectWrap` class can be used to make wrapped C++ objects and a factory of wrapped objects.
+
+ - Nan::ObjectWrap
+
+
+### V8 internals
+
+The hooks to access V8 internals—including GC and statistics—are different across the supported versions of V8, therefore NAN provides its own hooks that call the appropriate V8 methods.
+
+ - NAN_GC_CALLBACK()
+ - Nan::AddGCEpilogueCallback()
+ - Nan::RemoveGCEpilogueCallback()
+ - Nan::AddGCPrologueCallback()
+ - Nan::RemoveGCPrologueCallback()
+ - Nan::GetHeapStatistics()
+ - Nan::SetCounterFunction()
+ - Nan::SetCreateHistogramFunction()
+ - Nan::SetAddHistogramSampleFunction()
+ - Nan::IdleNotification()
+ - Nan::LowMemoryNotification()
+ - Nan::ContextDisposedNotification()
+ - Nan::GetInternalFieldPointer()
+ - Nan::SetInternalFieldPointer()
+ - Nan::AdjustExternalMemory()
+
+
+### Miscellaneous V8 Helpers
+
+ - Nan::Utf8String
+ - Nan::GetCurrentContext()
+ - Nan::SetIsolateData()
+ - Nan::GetIsolateData()
+ - Nan::TypedArrayContents
+
+
+### Miscellaneous Node Helpers
+
+ - Nan::AsyncResource
+ - Nan::MakeCallback()
+ - NAN_MODULE_INIT()
+ - Nan::Export()
+
+
+
+
+
+
+### Tests
+
+To run the NAN tests do:
+
+``` sh
+npm install
+npm run-script rebuild-tests
+npm test
+```
+
+Or just:
+
+``` sh
+npm install
+make test
+```
+
+
+
+## Known issues
+
+### Compiling against Node.js 0.12 on OSX
+
+With new enough compilers available on OSX, the versions of V8 headers corresponding to Node.js 0.12
+do not compile anymore. The error looks something like:
+
+```
+❯ CXX(target) Release/obj.target/accessors/cpp/accessors.o
+In file included from ../cpp/accessors.cpp:9:
+In file included from ../../nan.h:51:
+In file included from /Users/ofrobots/.node-gyp/0.12.18/include/node/node.h:61:
+/Users/ofrobots/.node-gyp/0.12.18/include/node/v8.h:5800:54: error: 'CreateHandle' is a protected member of 'v8::HandleScope'
+ return Handle| Rod Vagg | GitHub/rvagg | Twitter/@rvagg |
|---|---|---|
| Benjamin Byholm | GitHub/kkoopa | - |
| Trevor Norris | GitHub/trevnorris | Twitter/@trevnorris |
| Nathan Rajlich | GitHub/TooTallNate | Twitter/@TooTallNate |
| Brett Lawson | GitHub/brett19 | Twitter/@brett19x |
| Ben Noordhuis | GitHub/bnoordhuis | Twitter/@bnoordhuis |
| David Siegel | GitHub/agnat | Twitter/@agnat |
| Michael Ira Krufky | GitHub/mkrufky | Twitter/@mkrufky |
Nan::AsyncWorker
+ - Nan::AsyncProgressWorkerBase & Nan::AsyncProgressWorker
+ - Nan::AsyncProgressQueueWorker
+ - Nan::AsyncQueueWorker
+
+
+### Nan::AsyncWorker
+
+`Nan::AsyncWorker` is an _abstract_ class that you can subclass to have much of the annoying asynchronous queuing and handling taken care of for you. It can even store arbitrary V8 objects for you and have them persist while the asynchronous work is in progress.
+
+This class internally handles the details of creating an [`AsyncResource`][AsyncResource], and running the callback in the
+correct async context. To be able to identify the async resources created by this class in async-hooks, provide a
+`resource_name` to the constructor. It is recommended that the module name be used as a prefix to the `resource_name` to avoid
+collisions in the names. For more details see [`AsyncResource`][AsyncResource] documentation. The `resource_name` needs to stay valid for the lifetime of the worker instance.
+
+Definition:
+
+```c++
+class AsyncWorker {
+ public:
+ explicit AsyncWorker(Callback *callback_, const char* resource_name = "nan:AsyncWorker");
+
+ virtual ~AsyncWorker();
+
+ virtual void WorkComplete();
+
+ void SaveToPersistent(const char *key, const v8::LocalNan::NewBuffer()
+ - Nan::CopyBuffer()
+ - Nan::FreeCallback()
+
+
+### Nan::NewBuffer()
+
+Allocate a new `node::Buffer` object with the specified size and optional data. Calls `node::Buffer::New()`.
+
+Note that when creating a `Buffer` using `Nan::NewBuffer()` and an existing `char*`, it is assumed that the ownership of the pointer is being transferred to the new `Buffer` for management.
+When a `node::Buffer` instance is garbage collected and a `FreeCallback` has not been specified, `data` will be disposed of via a call to `free()`.
+You _must not_ free the memory space manually once you have created a `Buffer` in this way.
+
+Signature:
+
+```c++
+Nan::MaybeLocalNan::Callback
+
+
+### Nan::Callback
+
+```c++
+class Callback {
+ public:
+ Callback();
+
+ explicit Callback(const v8::LocalNan::To()
+
+
+### Nan::To()
+
+Converts a `v8::LocalNan::Error()
+ - Nan::RangeError()
+ - Nan::ReferenceError()
+ - Nan::SyntaxError()
+ - Nan::TypeError()
+ - Nan::ThrowError()
+ - Nan::ThrowRangeError()
+ - Nan::ThrowReferenceError()
+ - Nan::ThrowSyntaxError()
+ - Nan::ThrowTypeError()
+ - Nan::FatalException()
+ - Nan::ErrnoException()
+ - Nan::TryCatch
+
+
+
+### Nan::Error()
+
+Create a new Error object using the [v8::Exception](https://v8docs.nodesource.com/node-8.11/da/d6a/classv8_1_1_exception.html) class in a way that is compatible across the supported versions of V8.
+
+Note that an Error object is simply a specialized form of `v8::Value`.
+
+Signature:
+
+```c++
+v8::LocalNan::JSON.Parse
+ - Nan::JSON.Stringify
+
+Refer to the V8 JSON object in the [V8 documentation](https://v8docs.nodesource.com/node-8.11/da/d6f/classv8_1_1_j_s_o_n.html) for more information about these methods and their arguments.
+
+
+
+### Nan::JSON.Parse
+
+A simple wrapper around [`v8::JSON::Parse`](https://v8docs.nodesource.com/node-8.11/da/d6f/classv8_1_1_j_s_o_n.html#a936310d2540fb630ed37d3ee3ffe4504).
+
+Definition:
+
+```c++
+Nan::MaybeLocal