Move Server Token Key into Server Config with the Rest
Also adds a graceful close
This commit is contained in:
parent
deea608da6
commit
23230fad68
2
go.mod
2
go.mod
|
@ -3,7 +3,7 @@ module cwtch.im/cwtch
|
||||||
go 1.14
|
go 1.14
|
||||||
|
|
||||||
require (
|
require (
|
||||||
git.openprivacy.ca/cwtch.im/tapir v0.3.5
|
git.openprivacy.ca/cwtch.im/tapir v0.4.0
|
||||||
git.openprivacy.ca/openprivacy/connectivity v1.4.3
|
git.openprivacy.ca/openprivacy/connectivity v1.4.3
|
||||||
git.openprivacy.ca/openprivacy/log v1.0.2
|
git.openprivacy.ca/openprivacy/log v1.0.2
|
||||||
github.com/gtank/ristretto255 v0.1.2
|
github.com/gtank/ristretto255 v0.1.2
|
||||||
|
|
2
go.sum
2
go.sum
|
@ -8,6 +8,8 @@ git.openprivacy.ca/cwtch.im/tapir v0.3.4 h1:g7yZkfz/vWr/t2tFXa/t0Ebr/w665uIKpxpC
|
||||||
git.openprivacy.ca/cwtch.im/tapir v0.3.4/go.mod h1:+Niy2AHhQC351ZTtfhC0uLjViCICyOxCJZsIlGKKNAU=
|
git.openprivacy.ca/cwtch.im/tapir v0.3.4/go.mod h1:+Niy2AHhQC351ZTtfhC0uLjViCICyOxCJZsIlGKKNAU=
|
||||||
git.openprivacy.ca/cwtch.im/tapir v0.3.5 h1:AlqAhluY4ivznGoHh37Khyxy0u9IbtYskP93wgtmYx8=
|
git.openprivacy.ca/cwtch.im/tapir v0.3.5 h1:AlqAhluY4ivznGoHh37Khyxy0u9IbtYskP93wgtmYx8=
|
||||||
git.openprivacy.ca/cwtch.im/tapir v0.3.5/go.mod h1:eH6dZxXrhW0C4KZX18ksUa6XJCrEvtg8cJJ/Fy6gv+E=
|
git.openprivacy.ca/cwtch.im/tapir v0.3.5/go.mod h1:eH6dZxXrhW0C4KZX18ksUa6XJCrEvtg8cJJ/Fy6gv+E=
|
||||||
|
git.openprivacy.ca/cwtch.im/tapir v0.4.0 h1:clG8uORt0NKEhT4P+Dpw1pzyUuYzYBMevGqn2pciKk8=
|
||||||
|
git.openprivacy.ca/cwtch.im/tapir v0.4.0/go.mod h1:eH6dZxXrhW0C4KZX18ksUa6XJCrEvtg8cJJ/Fy6gv+E=
|
||||||
git.openprivacy.ca/openprivacy/bine v0.0.4 h1:CO7EkGyz+jegZ4ap8g5NWRuDHA/56KKvGySR6OBPW+c=
|
git.openprivacy.ca/openprivacy/bine v0.0.4 h1:CO7EkGyz+jegZ4ap8g5NWRuDHA/56KKvGySR6OBPW+c=
|
||||||
git.openprivacy.ca/openprivacy/bine v0.0.4/go.mod h1:13ZqhKyqakDsN/ZkQkIGNULsmLyqtXc46XBcnuXm/mU=
|
git.openprivacy.ca/openprivacy/bine v0.0.4/go.mod h1:13ZqhKyqakDsN/ZkQkIGNULsmLyqtXc46XBcnuXm/mU=
|
||||||
git.openprivacy.ca/openprivacy/connectivity v1.4.0 h1:c7AANUCrlA4hIqXxIGDOWMtSe8CpDleD1877PShScbM=
|
git.openprivacy.ca/openprivacy/connectivity v1.4.0 h1:c7AANUCrlA4hIqXxIGDOWMtSe8CpDleD1877PShScbM=
|
||||||
|
|
|
@ -5,12 +5,13 @@ import (
|
||||||
"cwtch.im/cwtch/model"
|
"cwtch.im/cwtch/model"
|
||||||
cwtchserver "cwtch.im/cwtch/server"
|
cwtchserver "cwtch.im/cwtch/server"
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
"fmt"
|
|
||||||
"git.openprivacy.ca/cwtch.im/tapir/primitives"
|
"git.openprivacy.ca/cwtch.im/tapir/primitives"
|
||||||
"git.openprivacy.ca/openprivacy/connectivity/tor"
|
"git.openprivacy.ca/openprivacy/connectivity/tor"
|
||||||
"git.openprivacy.ca/openprivacy/log"
|
"git.openprivacy.ca/openprivacy/log"
|
||||||
mrand "math/rand"
|
mrand "math/rand"
|
||||||
"os"
|
"os"
|
||||||
|
"os/signal"
|
||||||
|
"syscall"
|
||||||
"time"
|
"time"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -68,7 +69,6 @@ func main() {
|
||||||
server := new(cwtchserver.Server)
|
server := new(cwtchserver.Server)
|
||||||
log.Infoln("starting cwtch server...")
|
log.Infoln("starting cwtch server...")
|
||||||
|
|
||||||
// TODO: respond to HUP so t.Close is gracefully called
|
|
||||||
server.Setup(serverConfig)
|
server.Setup(serverConfig)
|
||||||
|
|
||||||
// TODO create a random group for testing
|
// TODO create a random group for testing
|
||||||
|
@ -78,13 +78,23 @@ func main() {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
fmt.Printf("Invite: %v", invite)
|
|
||||||
|
|
||||||
bundle := server.KeyBundle().Serialize()
|
bundle := server.KeyBundle().Serialize()
|
||||||
log.Infof("Server Config: server:%s", base64.StdEncoding.EncodeToString(bundle))
|
log.Infof("Server Config: server:%s", base64.StdEncoding.EncodeToString(bundle))
|
||||||
|
|
||||||
log.Infof("Server Tofu Bundle: tofubundle:server:%s||%s", base64.StdEncoding.EncodeToString(bundle), invite)
|
log.Infof("Server Tofu Bundle: tofubundle:server:%s||%s", base64.StdEncoding.EncodeToString(bundle), invite)
|
||||||
|
|
||||||
|
// Graceful Shutdown
|
||||||
|
c := make(chan os.Signal, 1)
|
||||||
|
signal.Notify(c, os.Interrupt, syscall.SIGTERM)
|
||||||
|
go func(){
|
||||||
|
<-c
|
||||||
|
acn.Close()
|
||||||
|
server.Close()
|
||||||
|
os.Exit(1)
|
||||||
|
}()
|
||||||
|
|
||||||
|
|
||||||
server.Run(acn)
|
server.Run(acn)
|
||||||
for {
|
for {
|
||||||
time.Sleep(time.Second)
|
time.Sleep(time.Second)
|
||||||
|
|
|
@ -39,8 +39,9 @@ type Server struct {
|
||||||
func (s *Server) Setup(serverConfig Config) {
|
func (s *Server) Setup(serverConfig Config) {
|
||||||
s.config = serverConfig
|
s.config = serverConfig
|
||||||
bs := new(persistence.BoltPersistence)
|
bs := new(persistence.BoltPersistence)
|
||||||
bs.Open(path.Join(serverConfig.ConfigDir, "tokens1.db"))
|
bs.Open(path.Join(serverConfig.ConfigDir, "tokens.db"))
|
||||||
s.tokenServer = privacypass.NewTokenServerFromStore(bs)
|
s.tokenServer = privacypass.NewTokenServerFromStore(&serverConfig.TokenServiceK, bs)
|
||||||
|
log.Infof("Y: %v", s.tokenServer.Y)
|
||||||
s.tokenService = s.config.TokenServiceIdentity()
|
s.tokenService = s.config.TokenServiceIdentity()
|
||||||
s.tokenServicePrivKey = s.config.TokenServerPrivateKey
|
s.tokenServicePrivKey = s.config.TokenServerPrivateKey
|
||||||
}
|
}
|
||||||
|
@ -149,3 +150,11 @@ func (s *Server) ConfigureAutostart(autostart bool) {
|
||||||
s.config.AutoStart = autostart
|
s.config.AutoStart = autostart
|
||||||
s.config.Save(s.config.ConfigDir, s.config.FilePath)
|
s.config.Save(s.config.ConfigDir, s.config.FilePath)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (s *Server) Close() {
|
||||||
|
log.Infof("Shutting down server")
|
||||||
|
s.lock.Lock()
|
||||||
|
defer s.lock.Unlock()
|
||||||
|
log.Infof("Closing Token Server Database...")
|
||||||
|
s.tokenServer.Close()
|
||||||
|
}
|
||||||
|
|
|
@ -1,9 +1,11 @@
|
||||||
package server
|
package server
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"crypto/rand"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"git.openprivacy.ca/cwtch.im/tapir/primitives"
|
"git.openprivacy.ca/cwtch.im/tapir/primitives"
|
||||||
"git.openprivacy.ca/openprivacy/log"
|
"git.openprivacy.ca/openprivacy/log"
|
||||||
|
"github.com/gtank/ristretto255"
|
||||||
"golang.org/x/crypto/ed25519"
|
"golang.org/x/crypto/ed25519"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"path"
|
"path"
|
||||||
|
@ -21,10 +23,15 @@ type Config struct {
|
||||||
ConfigDir string `json:"-"`
|
ConfigDir string `json:"-"`
|
||||||
FilePath string `json:"-"`
|
FilePath string `json:"-"`
|
||||||
MaxBufferLines int `json:"maxBufferLines"`
|
MaxBufferLines int `json:"maxBufferLines"`
|
||||||
|
|
||||||
PublicKey ed25519.PublicKey `json:"publicKey"`
|
PublicKey ed25519.PublicKey `json:"publicKey"`
|
||||||
PrivateKey ed25519.PrivateKey `json:"privateKey"`
|
PrivateKey ed25519.PrivateKey `json:"privateKey"`
|
||||||
|
|
||||||
TokenServerPublicKey ed25519.PublicKey `json:"tokenServerPublicKey"`
|
TokenServerPublicKey ed25519.PublicKey `json:"tokenServerPublicKey"`
|
||||||
TokenServerPrivateKey ed25519.PrivateKey `json:"tokenServerPrivateKey"`
|
TokenServerPrivateKey ed25519.PrivateKey `json:"tokenServerPrivateKey"`
|
||||||
|
|
||||||
|
TokenServiceK ristretto255.Scalar `json:"tokenServiceK"`
|
||||||
|
|
||||||
ServerReporting Reporting `json:"serverReporting"`
|
ServerReporting Reporting `json:"serverReporting"`
|
||||||
AutoStart bool `json:"autostart"`
|
AutoStart bool `json:"autostart"`
|
||||||
}
|
}
|
||||||
|
@ -67,6 +74,16 @@ func LoadConfig(configDir, filename string) Config {
|
||||||
config.ConfigDir = configDir
|
config.ConfigDir = configDir
|
||||||
config.FilePath = filename
|
config.FilePath = filename
|
||||||
|
|
||||||
|
k := new(ristretto255.Scalar)
|
||||||
|
b := make([]byte, 64)
|
||||||
|
_, err := rand.Read(b)
|
||||||
|
if err != nil {
|
||||||
|
// unable to generate secure random numbers
|
||||||
|
panic("unable to generate secure random numbers")
|
||||||
|
}
|
||||||
|
k.FromUniformBytes(b)
|
||||||
|
config.TokenServiceK = *k
|
||||||
|
|
||||||
raw, err := ioutil.ReadFile(path.Join(configDir, filename))
|
raw, err := ioutil.ReadFile(path.Join(configDir, filename))
|
||||||
if err == nil {
|
if err == nil {
|
||||||
err = json.Unmarshal(raw, &config)
|
err = json.Unmarshal(raw, &config)
|
||||||
|
|
Loading…
Reference in New Issue