From 353f2407b76a2c8081d153b7c83d7b1bef9bb547 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Thu, 10 Jan 2019 12:31:25 +0000 Subject: Fix fallback to signing key for macaroon-secret-key --- synapse/config/key.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'synapse/config/key.py') diff --git a/synapse/config/key.py b/synapse/config/key.py index 279c47bb48..a7998c941d 100644 --- a/synapse/config/key.py +++ b/synapse/config/key.py @@ -57,8 +57,8 @@ class KeyConfig(Config): # Unfortunately, there are people out there that don't have this # set. Lets just be "nice" and derive one from their secret key. logger.warn("Config is missing missing macaroon_secret_key") - seed = self.signing_key[0].seed - self.macaroon_secret_key = hashlib.sha256(seed) + seed = bytes(self.signing_key[0]) + self.macaroon_secret_key = hashlib.sha256(seed).digest() self.expire_access_token = config.get("expire_access_token", False) -- cgit 1.5.1 From efc522c55e996e420271de2d9094835dda52ade4 Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Thu, 10 Jan 2019 12:41:56 +0000 Subject: Fix macaroon_secret_key fallback logic --- synapse/config/key.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'synapse/config/key.py') diff --git a/synapse/config/key.py b/synapse/config/key.py index a7998c941d..c26b7529f2 100644 --- a/synapse/config/key.py +++ b/synapse/config/key.py @@ -71,14 +71,14 @@ class KeyConfig(Config): base_key_name = os.path.join(config_dir_path, server_name) if is_generating_file: - macaroon_secret_key = random_string_with_symbols(50) + macaroon_secret_key = '"%s"' % random_string_with_symbols(50) form_secret = '"%s"' % random_string_with_symbols(50) else: - macaroon_secret_key = None + macaroon_secret_key = 'null' form_secret = 'null' return """\ - macaroon_secret_key: "%(macaroon_secret_key)s" + macaroon_secret_key: %(macaroon_secret_key)s # Used to enable access token expiration. expire_access_token: False -- cgit 1.5.1 From ba41aeed6a6565e3c5348aaa568f5fd30e42e97a Mon Sep 17 00:00:00 2001 From: Richard van der Hoff Date: Thu, 10 Jan 2019 14:09:26 +0000 Subject: Revert "Fix macaroon_secret_key fallback logic" This is already fixed in 0.34.1, by 59f93bb This reverts commit efc522c55e996e420271de2d9094835dda52ade4. --- synapse/config/key.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'synapse/config/key.py') diff --git a/synapse/config/key.py b/synapse/config/key.py index c26b7529f2..a7998c941d 100644 --- a/synapse/config/key.py +++ b/synapse/config/key.py @@ -71,14 +71,14 @@ class KeyConfig(Config): base_key_name = os.path.join(config_dir_path, server_name) if is_generating_file: - macaroon_secret_key = '"%s"' % random_string_with_symbols(50) + macaroon_secret_key = random_string_with_symbols(50) form_secret = '"%s"' % random_string_with_symbols(50) else: - macaroon_secret_key = 'null' + macaroon_secret_key = None form_secret = 'null' return """\ - macaroon_secret_key: %(macaroon_secret_key)s + macaroon_secret_key: "%(macaroon_secret_key)s" # Used to enable access token expiration. expire_access_token: False -- cgit 1.5.1