save wip

httpd.go

@@ -12,7 +12,6 @@ import (
 	"log"
 	"net/http"
 	"os"
-	"strings"
 )
 
 type jsonInput struct {
@@ -79,16 +78,17 @@ func (h *HttpServer) helpHandler(w http.ResponseWriter, r *http.Request) {
 }
 
 func (h *HttpServer) ajaxHandler(w http.ResponseWriter, r *http.Request) {
-	var sslUsage = []x509.ExtKeyUsage{x509.ExtKeyUsageAny}
+	//var sslUsage = []x509.ExtKeyUsage{x509.ExtKeyUsageAny}
 
 	w.Header().Set("Content-type", "application/json")
 
 	// deactivate if there is no https auth
-	if h.key == "" || h.cert == "" || h.certPool == nil {
-		http.Error(w, "No security, deactivated", 403)
-		return
-	}
-
+	/*
+		if h.key == "" || h.cert == "" || h.certPool == nil {
+			http.Error(w, "No security, deactivated", 403)
+			return
+		}
+	*/
 	// add CORS headers
 	w.Header().Set("Access-Control-Allow-Origin", r.Header.Get("Origin"))
 	w.Header().Set("Access-Control-Allow-Methods", "POST")
@@ -107,21 +107,24 @@ func (h *HttpServer) ajaxHandler(w http.ResponseWriter, r *http.Request) {
 	}
 
 	// ssl auth
-	if len(r.TLS.PeerCertificates) == 0 {
-		log.Println(len(r.TLS.PeerCertificates))
-		http.Error(w, "Need certificate", 403)
-		return
-	}
-	opts := x509.VerifyOptions{Roots: h.certPool, KeyUsages: sslUsage}
-	if _, err := r.TLS.PeerCertificates[0].Verify(opts); err != nil {
-		http.Error(w, "Bad certificate", 403)
-		return
-	}
-
-	webuser := strings.Replace(r.TLS.PeerCertificates[0].Subject.CommonName, " ", "", -1)
+	/*
+		if len(r.TLS.PeerCertificates) == 0 {
+			log.Println(len(r.TLS.PeerCertificates))
+			http.Error(w, "Need certificate", 403)
+			return
+		}
+		opts := x509.VerifyOptions{Roots: h.certPool, KeyUsages: sslUsage}
+		if _, err := r.TLS.PeerCertificates[0].Verify(opts); err != nil {
+			http.Error(w, "Bad certificate", 403)
+			return
+		}
 
+		webuser := strings.Replace(r.TLS.PeerCertificates[0].Subject.CommonName, " ", "", -1)
+	*/
 	//TODO security
 
+	webuser := "xavier"
+
 	log.Printf("%s is connected via the web interfaces\n", webuser)
 
 	req, err := parseJsonQuery(r)