Start9/start-os
2
0
Fork 0
mirror of https://github.com/Start9Labs/start-os.git synced 2026-04-04 14:29:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

load os tor key from db

Browse Source
This commit is contained in:
Aiden McClelland
2021-08-31 11:44:08 -06:00
parent 18df3c77b4
commit 33dba5853f
7 changed files with 58 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
appmgr/Cargo.lock generated
View File

@@ -3270,7 +3270,7 @@ dependencies = [
"either", "either",
"futures-util", "futures-util",
"thiserror", "thiserror",
"tokio 1.9.0", "tokio 1.10.1",
] ]
[[package]] [[package]]

6
appmgr/migrations/20210629193146_Init.sql
View File

@@ -15,9 +15,11 @@ CREATE TABLE IF NOT EXISTS session
user_agent TEXT, user_agent TEXT,
metadata TEXT NOT NULL DEFAULT 'null' metadata TEXT NOT NULL DEFAULT 'null'
); );
CREATE TABLE IF NOT EXISTS password CREATE TABLE IF NOT EXISTS account
( (
hash TEXT NOT NULL PRIMARY KEY id INTEGER PRIMARY KEY CHECK (id = 0),
password TEXT NOT NULL,
tor_key BLOB NOT NULL
); );
CREATE TABLE IF NOT EXISTS ssh_keys CREATE TABLE IF NOT EXISTS ssh_keys
( (

26
appmgr/sqlx-data.json
View File

@@ -20,14 +20,14 @@
"nullable": [] "nullable": []
} }
}, },
"3efd0daa61f4f8bead1adbe78a8225bc31fb940406d0415b578d3adc03a5e414": { "3502e58f2ab48fb4566d21c920c096f81acfa3ff0d02f970626a4dcd67bac71d": {
"query": "SELECT hash FROM password", "query": "SELECT tor_key FROM account",
"describe": { "describe": {
"columns": [ "columns": [
{ {
"name": "hash", "name": "tor_key",
"ordinal": 0, "ordinal": 0,
"type_info": "Text" "type_info": "Blob"
} }
], ],
"parameters": { "parameters": {
@@ -86,6 +86,24 @@
] ]
} }
}, },
"629be61c3c341c131ddbbff0293a83dbc6afd07cae69d246987f62cf0cc35c2a": {
"query": "SELECT password FROM account",
"describe": {
"columns": [
{
"name": "password",
"ordinal": 0,
"type_info": "Text"
}
],
"parameters": {
"Right": 0
},
"nullable": [
false
]
}
},
"63785dc5f193ea31e6f641a910c75857ccd288a3f6e9c4f704331531e4f0689f": { "63785dc5f193ea31e6f641a910c75857ccd288a3f6e9c4f704331531e4f0689f": {
"query": "UPDATE session SET last_active = CURRENT_TIMESTAMP WHERE id = ? AND logged_out IS NULL OR logged_out > CURRENT_TIMESTAMP", "query": "UPDATE session SET last_active = CURRENT_TIMESTAMP WHERE id = ? AND logged_out IS NULL OR logged_out > CURRENT_TIMESTAMP",
"describe": { "describe": {

4
appmgr/src/auth.rs
View File

@@ -55,10 +55,10 @@ pub async fn login(
) -> Result<(), Error> { ) -> Result<(), Error> {
let rpc_ctx = ctx.as_rpc().unwrap(); let rpc_ctx = ctx.as_rpc().unwrap();
let mut handle = rpc_ctx.secret_store.acquire().await?; let mut handle = rpc_ctx.secret_store.acquire().await?;
let pw_hash = sqlx::query!("SELECT hash FROM password") let pw_hash = sqlx::query!("SELECT password FROM account")
.fetch_one(&mut handle) .fetch_one(&mut handle)
.await? .await?
.hash; .password;
ensure_code!( ensure_code!(
argon2::verify_encoded(&pw_hash, password.as_bytes()).map_err(|_| { argon2::verify_encoded(&pw_hash, password.as_bytes()).map_err(|_| {
Error::new( Error::new(

2
appmgr/src/context/rpc.rs
View File

@@ -83,7 +83,7 @@ impl RpcContext {
let net_controller = Arc::new( let net_controller = Arc::new(
NetController::init( NetController::init(
([127, 0, 0, 1], 80).into(), ([127, 0, 0, 1], 80).into(),
todo!("Grab Key from Database, Generate if it doesn't exist"), crate::net::tor::os_key(&mut secret_store.acquire().await?).await?,
base.tor_control base.tor_control
.unwrap_or(SocketAddr::from(([127, 0, 0, 1], 9051))), .unwrap_or(SocketAddr::from(([127, 0, 0, 1], 9051))),
) )

1
appmgr/src/hostname.rs
View File

@@ -26,6 +26,7 @@ pub async fn get_product_key() -> Result<String, Error> {
Ok(out.trim().to_owned()) Ok(out.trim().to_owned())
} }
// cat /boot/product_key.txt | shasum -a 256 | head -c 8 | awk '{print "start9-"$1}' | xargs hostnamectl set-hostname
pub async fn sync_hostname() -> Result<(), Error> { pub async fn sync_hostname() -> Result<(), Error> {
let key = get_product_key().await?; let key = get_product_key().await?;
let mut hasher = sha2::Sha256::new(); let mut hasher = sha2::Sha256::new();

29
appmgr/src/net/tor.rs
View File

@@ -5,16 +5,41 @@ use std::time::Duration;
use anyhow::anyhow; use anyhow::anyhow;
use futures::future::BoxFuture; use futures::future::BoxFuture;
use futures::FutureExt; use futures::FutureExt;
use sqlx::{Executor, Sqlite};
use tokio::net::TcpStream; use tokio::net::TcpStream;
use tokio::sync::Mutex; use tokio::sync::Mutex;
use torut::control::{AsyncEvent, AuthenticatedConn, ConnError}; use torut::control::{AsyncEvent, AuthenticatedConn, ConnError};
use torut::onion::{OnionAddressV3, TorSecretKey, TorSecretKeyV3}; use torut::onion::{OnionAddressV3, TorSecretKeyV3};
use super::interface::{InterfaceId, TorConfig}; use super::interface::{InterfaceId, TorConfig};
use crate::s9pk::manifest::PackageId; use crate::s9pk::manifest::PackageId;
use crate::{Error, ErrorKind, ResultExt as _}; use crate::{Error, ErrorKind, ResultExt as _};
fn event_handler(event: AsyncEvent<'static>) -> BoxFuture<'static, Result<(), ConnError>> { #[test]
fn random_key() {
println!("'0x{}'", hex::encode(TorSecretKeyV3::generate().as_bytes()));
}
pub async fn os_key<Ex>(secrets: &mut Ex) -> Result<TorSecretKeyV3, Error>
where
for<'a> &'a mut Ex: Executor<'a, Database = Sqlite>,
{
let key = sqlx::query!("SELECT tor_key FROM account")
.fetch_one(secrets)
.await?
.tor_key;
let mut buf = [0; 64];
buf.clone_from_slice(key.get(0..64).ok_or_else(|| {
Error::new(
anyhow!("Invalid Tor Key Length"),
crate::ErrorKind::Database,
)
})?);
Ok(buf.into())
}
fn event_handler(_event: AsyncEvent<'static>) -> BoxFuture<'static, Result<(), ConnError>> {
async move { Ok(()) }.boxed() async move { Ok(()) }.boxed()
} }