From 2c40e403c41f633b40e017d9cbf5f330edd4d44e Mon Sep 17 00:00:00 2001
From: Matt Hill <MattDHill@users.noreply.github.com>
Date: Thu, 9 Mar 2023 12:34:48 -0700
Subject: [PATCH] misc 0.3.4 bugfixes (#2193)

* display message not object on login page

* more release notes

* fix firefox ssl issue

* fix no pubkey error

* Fix/missing main (#2194)

fix: Main during migration

---------

Co-authored-by: Aiden McClelland <me@drbonez.dev>
Co-authored-by: J H <2364004+Blu-J@users.noreply.github.com>
---
 backend/src/auth.rs                           |  6 ++-
 backend/src/net/ssl.rs                        | 40 ++++++++++++++-----
 backend/src/version/v0_3_4.rs                 |  2 +
 .../modals/os-welcome/os-welcome.page.html    |  2 +
 .../ui/src/app/pages/login/login.page.ts      |  2 +-
 5 files changed, 41 insertions(+), 11 deletions(-)

diff --git a/backend/src/auth.rs b/backend/src/auth.rs
index 75ed13b4c..b53190af5 100644
--- a/backend/src/auth.rs
+++ b/backend/src/auth.rs
@@ -398,7 +398,11 @@ pub async fn reset_password(
     Ok(())
 }
 
-#[command(rename = "get-pubkey", display(display_none))]
+#[command(
+    rename = "get-pubkey",
+    display(display_none),
+    metadata(authenticated = false)
+)]
 #[instrument(skip(ctx))]
 pub async fn get_pubkey(#[context] ctx: RpcContext) -> Result<Jwk, RpcError> {
     let secret = ctx.as_ref().clone();
diff --git a/backend/src/net/ssl.rs b/backend/src/net/ssl.rs
index 258adec1b..63d6f378f 100644
--- a/backend/src/net/ssl.rs
+++ b/backend/src/net/ssl.rs
@@ -269,24 +269,46 @@ pub fn make_int_cert(
     Ok(cert)
 }
 
+#[derive(Debug, PartialEq, Eq, PartialOrd, Ord)]
+pub enum MaybeWildcard {
+    WithWildcard(String),
+    WithoutWildcard(String),
+}
+impl MaybeWildcard {
+    pub fn as_str(&self) -> &str {
+        match self {
+            MaybeWildcard::WithWildcard(s) => s.as_str(),
+            MaybeWildcard::WithoutWildcard(s) => s.as_str(),
+        }
+    }
+}
+impl std::fmt::Display for MaybeWildcard {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        match self {
+            MaybeWildcard::WithWildcard(dns) => write!(f, "DNS:{dns},DNS:*.{dns}"),
+            MaybeWildcard::WithoutWildcard(dns) => write!(f, "DNS:{dns}"),
+        }
+    }
+}
+
 #[derive(Debug)]
 pub struct SANInfo {
-    pub dns: BTreeSet<String>,
+    pub dns: BTreeSet<MaybeWildcard>,
     pub ips: BTreeSet<IpAddr>,
 }
 impl SANInfo {
     pub fn new(key: &Key, hostname: &Hostname, ips: BTreeSet<IpAddr>) -> Self {
         let mut dns = BTreeSet::new();
         if let Some((id, _)) = key.interface() {
-            dns.insert(format!("{id}.embassy"));
-            dns.insert(key.local_address().to_string());
+            dns.insert(MaybeWildcard::WithWildcard(format!("{id}.embassy")));
+            dns.insert(MaybeWildcard::WithWildcard(key.local_address().to_string()));
         } else {
-            dns.insert("embassy".to_owned());
-            dns.insert(hostname.local_domain_name());
-            dns.insert(hostname.no_dot_host_name());
-            dns.insert("localhost".to_owned());
+            dns.insert(MaybeWildcard::WithoutWildcard("embassy".to_owned()));
+            dns.insert(MaybeWildcard::WithWildcard(hostname.local_domain_name()));
+            dns.insert(MaybeWildcard::WithoutWildcard(hostname.no_dot_host_name()));
+            dns.insert(MaybeWildcard::WithoutWildcard("localhost".to_owned()));
         }
-        dns.insert(key.tor_address().to_string());
+        dns.insert(MaybeWildcard::WithWildcard(key.tor_address().to_string()));
         Self { dns, ips }
     }
 }
@@ -336,7 +358,7 @@ pub fn make_leaf_cert(
             .1
             .dns
             .first()
-            .map(String::as_str)
+            .map(MaybeWildcard::as_str)
             .unwrap_or("localhost"),
     )?;
     subject_name_builder.append_entry_by_text("O", "Start9")?;
diff --git a/backend/src/version/v0_3_4.rs b/backend/src/version/v0_3_4.rs
index 78faab3e6..4cff1b01f 100644
--- a/backend/src/version/v0_3_4.rs
+++ b/backend/src/version/v0_3_4.rs
@@ -84,6 +84,7 @@ impl VersionT for Version {
         let parsed_url = Some(COMMUNITY_URL.parse().unwrap());
         let mut ui = crate::db::DatabaseModel::new().ui().get_mut(db).await?;
         ui["marketplace"]["known-hosts"][COMMUNITY_URL] = json!({});
+        ui["marketplace"]["known-hosts"][MAIN_REGISTRY] = json!({});
         for package_id in crate::db::DatabaseModel::new()
             .package_data()
             .keys(db)
@@ -139,6 +140,7 @@ impl VersionT for Version {
         }
 
         ui["marketplace"]["known-hosts"][COMMUNITY_URL].take();
+        ui["marketplace"]["known-hosts"][MAIN_REGISTRY].take();
         ui.save(db).await?;
         Ok(())
     }
diff --git a/frontend/projects/ui/src/app/modals/os-welcome/os-welcome.page.html b/frontend/projects/ui/src/app/modals/os-welcome/os-welcome.page.html
index 88e49f36e..e7da7ab27 100644
--- a/frontend/projects/ui/src/app/modals/os-welcome/os-welcome.page.html
+++ b/frontend/projects/ui/src/app/modals/os-welcome/os-welcome.page.html
@@ -28,9 +28,11 @@
     <li>Security patches</li>
     <li>Bug fixes</li>
     <li>Breakout services to Community Registry</li>
+    <li>SSL support for IP access</li>
     <li>UI display improvements</li>
     <li>Better logs</li>
     <li>New system metrics</li>
+    <li>EFI support</li>
   </ul>
   <div class="ion-text-center ion-padding">
     <ion-button
diff --git a/frontend/projects/ui/src/app/pages/login/login.page.ts b/frontend/projects/ui/src/app/pages/login/login.page.ts
index 3532d9aa9..c86f6057e 100644
--- a/frontend/projects/ui/src/app/pages/login/login.page.ts
+++ b/frontend/projects/ui/src/app/pages/login/login.page.ts
@@ -30,7 +30,7 @@ export class LoginPage {
       try {
         await this.api.getPubKey()
       } catch (e: any) {
-        this.error = e
+        this.error = e.message
       }
     }
   }