Generate zkparams, unidentified access and GCP encryption keys correctly

signal server seems to actually start
This commit is contained in:
Finn 2020-08-16 22:40:49 -07:00
parent 84def01d68
commit 340b1722c6
5 changed files with 61 additions and 45 deletions

View file

@ -0,0 +1,48 @@
package main
import (
"bytes"
"os"
"os/exec"
"strings"
)
func TextSecureServer(command ...string) map[string]string {
cmd := exec.Command("java", append([]string{"-jar", os.Getenv("TEXT_SECURE_SERVER_JAR")}, command...)...)
var buf bytes.Buffer
cmd.Stdout = &buf
cmd.Stderr = os.Stderr
err := cmd.Run()
if err != nil {
panic(err)
}
out := make(map[string]string)
for _, line := range strings.Split(buf.String(), "\n") {
if len(line) == 0 {
continue
}
parts := strings.SplitN(line, ":", 2)
if len(parts) < 2 {
continue
}
out[strings.TrimSpace(parts[0])] = strings.TrimSpace(parts[1])
}
return out
}
func GenerateZKConfig() (z ZKConfig) {
params := TextSecureServer("zkparams")
z.ServerPublic = params["Public"]
z.ServerSecret = params["Private"]
z.Enabled = false
return
}
func GenerateUnidentifiedDeliveryConfiguration() (u UnidentifiedDeliveryConfiguration) {
unidentifiedCA := TextSecureServer("certificate", "--ca")
unidentifiedKeyPair := TextSecureServer("certificate", "--key", unidentifiedCA["Private key"], "--id", "0")
u.Certificate = unidentifiedKeyPair["Certificate"]
u.PrivateKey = unidentifiedKeyPair["Private key"]
return
}

View file

@ -94,11 +94,7 @@ func main() {
APIKey: "fake.invalid",
},
APN: GenerateAPNConfiguration(),
UnidentifiedDelivery: UnidentifiedDeliveryConfiguration{
Certificate: "aaaa",
PrivateKey: "YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWE=",
ExpiresDays: 90,
},
UnidentifiedDelivery: GenerateUnidentifiedDeliveryConfiguration(),
VoiceVerification: VoiceVerificationConfiguration{
URL: "https://fake.invalid/voice",
Locales: []string{"en"},

View file

@ -112,5 +112,14 @@ func GenerateGCPSigningKey() string {
if err != nil {
panic(err)
}
return keyToPem(key)
pkcs8, err := x509.MarshalPKCS8PrivateKey(key)
if err != nil {
panic(err)
}
block := &pem.Block{
Type: "PRIVATE KEY",
Bytes: pkcs8,
}
encoded := pem.EncodeToMemory(block)
return string(encoded)
}

View file

@ -1,37 +0,0 @@
package main
import (
"bytes"
"os"
"os/exec"
"strings"
)
func GenerateZKConfig() (z ZKConfig) {
z.Enabled = false
cmd := exec.Command("java", "-jar", "/usr/share/TextSecureServer.jar", "zkparams")
var out bytes.Buffer
cmd.Stdout = &out
cmd.Stderr = os.Stderr
err := cmd.Run()
if err != nil {
panic(err)
}
for _, line := range strings.Split(out.String(), "\n") {
if len(line) == 0 {
continue
}
parts := strings.Split(line, ": ")
if len(parts) != 2 {
continue
} else {
}
if parts[0] == "Public" {
z.ServerPublic = parts[1]
} else if parts[0] == "Private" {
z.ServerSecret = parts[1]
}
}
return
}

View file

@ -4,7 +4,7 @@ set -exu
CONFIG_FILE="/etc/signal-server/config.yaml"
# generate config
/usr/bin/config-generator | tee "${CONFIG_FILE}"
TEXT_SECURE_SERVER_JAR=/usr/share/TextSecureServer.jar /usr/bin/config-generator "${CONFIG_FILE}"
for db in abusedb accountdb messagedb; do
echo "Migrating $db"