From c6a8e7d9b96b1a5302a82cc29ca57a97ce74b652 Mon Sep 17 00:00:00 2001 From: Mark Haines Date: Tue, 23 Sep 2014 16:18:21 +0100 Subject: Read signing keys using methods from syutil. convert keys that are in the wrong format --- synapse/config/server.py | 39 ++++++++++++++++++++++++++++++--------- 1 file changed, 30 insertions(+), 9 deletions(-) (limited to 'synapse/config') diff --git a/synapse/config/server.py b/synapse/config/server.py index 516e4cf882..d9d8d0e14e 100644 --- a/synapse/config/server.py +++ b/synapse/config/server.py @@ -13,10 +13,9 @@ # See the License for the specific language governing permissions and # limitations under the License. -import nacl.signing import os -from ._base import Config -from syutil.base64util import encode_base64, decode_base64 +from ._base import Config, ConfigError +import syutil.crypto.signing_key class ServerConfig(Config): @@ -70,9 +69,16 @@ class ServerConfig(Config): "content repository") def read_signing_key(self, signing_key_path): - signing_key_base64 = self.read_file(signing_key_path, "signing_key") - signing_key_bytes = decode_base64(signing_key_base64) - return nacl.signing.SigningKey(signing_key_bytes) + signing_keys = self.read_file(signing_key_path, "signing_key") + try: + return syutil.crypto.signing_key.read_signing_keys( + signing_keys.splitlines(True) + ) + except Exception as e: + raise ConfigError( + "Error reading signing_key." + " Try running again with --generate-config" + ) @classmethod def generate_config(cls, args, config_dir_path): @@ -86,6 +92,21 @@ class ServerConfig(Config): if not os.path.exists(args.signing_key_path): with open(args.signing_key_path, "w") as signing_key_file: - key = nacl.signing.SigningKey.generate() - signing_key_file.write(encode_base64(key.encode())) - + syutil.crypto.signing_key.write_signing_keys( + signing_key_file, + (syutil.crypto.SigningKey.generate("auto"),), + ) + else: + signing_keys = cls.read_file(args.signing_key_path, "signing_key") + if len(signing_keys.split("\n")[0].split()) == 1: + # handle keys in the old format. + key = syutil.crypto.signing_key.decode_signing_key_base64( + syutil.crypto.signing_key.NACL_ED25519, + "auto", + signing_keys.split("\n")[0] + ) + with open(args.signing_key_path, "w") as signing_key_file: + syutil.crypto.signing_key.write_signing_keys( + signing_key_file, + (key,), + ) -- cgit 1.4.1 From fbf6320614e23f7181e9b7d2a2ba6df0791343bb Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Tue, 30 Sep 2014 12:38:38 +0100 Subject: pyflakes cleanup --- synapse/config/repository.py | 1 - synapse/storage/__init__.py | 2 +- synapse/storage/roommember.py | 1 - 3 files changed, 1 insertion(+), 3 deletions(-) (limited to 'synapse/config') diff --git a/synapse/config/repository.py b/synapse/config/repository.py index 407c8d6c24..b71d30227c 100644 --- a/synapse/config/repository.py +++ b/synapse/config/repository.py @@ -14,7 +14,6 @@ # limitations under the License. from ._base import Config -import os class ContentRepositoryConfig(Config): def __init__(self, args): diff --git a/synapse/storage/__init__.py b/synapse/storage/__init__.py index 1ebbeab2e7..32d9c1392b 100644 --- a/synapse/storage/__init__.py +++ b/synapse/storage/__init__.py @@ -105,7 +105,7 @@ class DataStore(RoomMemberStore, RoomStore, stream_ordering=stream_ordering, is_new_state=is_new_state, ) - except _RollbackButIsFineException as e: + except _RollbackButIsFineException: pass @defer.inlineCallbacks diff --git a/synapse/storage/roommember.py b/synapse/storage/roommember.py index 958e730591..ceeef5880e 100644 --- a/synapse/storage/roommember.py +++ b/synapse/storage/roommember.py @@ -18,7 +18,6 @@ from twisted.internet import defer from ._base import SQLBaseStore from synapse.api.constants import Membership -from synapse.util.logutils import log_function import logging -- cgit 1.4.1 From 7a322b63264acbef7e60b511ad8d39ae4718386b Mon Sep 17 00:00:00 2001 From: David Baker Date: Thu, 2 Oct 2014 10:43:22 +0100 Subject: Update README setup instructions to be correct. Make synapse spit out explanatory note when generating config to tell people to look at it and customise it. --- README.rst | 12 +++++++----- synapse/config/_base.py | 1 + 2 files changed, 8 insertions(+), 5 deletions(-) (limited to 'synapse/config') diff --git a/README.rst b/README.rst index 6f7940e742..1530e5caac 100644 --- a/README.rst +++ b/README.rst @@ -46,11 +46,13 @@ To get up and running: - To simply play with an **existing** homeserver you can just go straight to http://matrix.org/alpha. - - To run your own **private** homeserver on localhost:8008, install synapse with - ``python setup.py develop --user`` and then run ``./synctl start`` twice (once to - generate a config; once to actually run) - you will find a webclient running at - http://localhost:8008. Please use a recent Chrome, Safari or Firefox for now... - + - To run your own **private** homeserver on localhost:8008, generate a basic + config file: ``./synctl start`` will give you instructions on how to do this. + Once you've done so, running ``./synctl start`` again will start your private + home sserver. You will find a webclient running at http://localhost:8008. + Please use a recent Chrome or Firefox for now (or Safari if you don't need + VoIP support). + - To run a **public** homeserver and let it exchange messages with other homeservers and participate in the global Matrix federation, you must expose port 8448 to the internet and edit homeserver.yaml to specify server_name (the public DNS entry for diff --git a/synapse/config/_base.py b/synapse/config/_base.py index 35bcece2c0..809f9c922b 100644 --- a/synapse/config/_base.py +++ b/synapse/config/_base.py @@ -123,6 +123,7 @@ class Config(object): # style mode markers into the file, to hint to people that # this is a YAML file. yaml.dump(config, config_file, default_flow_style=False) + print "A config file has been generated in %s (your server name is '%s'). Please review this file and customise it to your needs." % (config_args.config_path, config['server_name']) sys.exit(0) return cls(args) -- cgit 1.4.1 From d694619a953adf6254e3960d2a4ec973d31dfcae Mon Sep 17 00:00:00 2001 From: David Baker Date: Thu, 2 Oct 2014 14:09:27 +0100 Subject: Fix ncorrect ports in documentation and add notes on how generate-config also generates certs bound to whatever hostname you give with --generate-config. SYN-87 #resolved --- README.rst | 5 +++-- synapse/config/_base.py | 3 ++- synctl | 2 +- 3 files changed, 6 insertions(+), 4 deletions(-) (limited to 'synapse/config') diff --git a/README.rst b/README.rst index 0459d54634..f40492b8a0 100644 --- a/README.rst +++ b/README.rst @@ -51,6 +51,7 @@ To get up and running: - To run your own **private** homeserver on localhost:8008, generate a basic config file: ``./synctl start`` will give you instructions on how to do this. + For this purpose, you can use 'localhost' or your hostname as a server name. Once you've done so, running ``./synctl start`` again will start your private home sserver. You will find a webclient running at http://localhost:8008. Please use a recent Chrome or Firefox for now (or Safari if you don't need @@ -253,7 +254,7 @@ http://localhost:8080. Simply run:: Running The Demo Web Client =========================== -The homeserver runs a web client by default at http://localhost:8080. +The homeserver runs a web client by default at https://localhost:8448/. If this is the first time you have used the client from that browser (it uses HTML5 local storage to remember its config), you will need to log in to your @@ -273,7 +274,7 @@ account. Your name will take the form of:: Specify your desired localpart in the topmost box of the "Register for an account" form, and click the "Register" button. Hostnames can contain ports if -required due to lack of SRV records (e.g. @matthew:localhost:8080 on an +required due to lack of SRV records (e.g. @matthew:localhost:8448 on an internal synapse sandbox running on localhost) diff --git a/synapse/config/_base.py b/synapse/config/_base.py index 809f9c922b..b3aeff327c 100644 --- a/synapse/config/_base.py +++ b/synapse/config/_base.py @@ -123,7 +123,8 @@ class Config(object): # style mode markers into the file, to hint to people that # this is a YAML file. yaml.dump(config, config_file, default_flow_style=False) - print "A config file has been generated in %s (your server name is '%s'). Please review this file and customise it to your needs." % (config_args.config_path, config['server_name']) + print "A config file has been generated in %s for server name '%s') with corresponding SSL keys and self-signed certificates. Please review this file and customise it to your needs." % (config_args.config_path, config['server_name']) + print "If this server name is incorrect, you will need to regenerate the SSL certificates" sys.exit(0) return cls(args) diff --git a/synctl b/synctl index 7523fd3dbc..c227a9e1e4 100755 --- a/synctl +++ b/synctl @@ -14,7 +14,7 @@ case "$1" in start) if [ ! -f "$CONFIGFILE" ]; then echo "No config file found" - echo "To generate a config file, run '$SYNAPSE -c $CONFIGFILE --generate-config'" + echo "To generate a config file, run '$SYNAPSE -c $CONFIGFILE --generate-config --server-name='" exit 1 fi -- cgit 1.4.1