From 42994f897710ba4b732b063d367a77d518f0b9f9 Mon Sep 17 00:00:00 2001 From: Cory McWilliams Date: Sat, 2 Mar 2024 15:01:09 -0500 Subject: [PATCH] Make the SSB network key configurable by command-line argument. --- src/main.c | 12 ++++-- src/ssb.c | 101 ++++++++++++++++++++++++++---------------------- src/ssb.h | 2 +- src/ssb.tests.c | 20 +++++----- src/task.c | 8 +++- src/task.h | 7 ++++ 6 files changed, 88 insertions(+), 62 deletions(-) diff --git a/src/main.c b/src/main.c index f17852e9..da1cedb4 100644 --- a/src/main.c +++ b/src/main.c @@ -166,7 +166,7 @@ static int _tf_command_import(const char* file, int argc, char* argv[]) return EXIT_FAILURE; } - tf_ssb_t* ssb = tf_ssb_create(NULL, NULL, db_path); + tf_ssb_t* ssb = tf_ssb_create(NULL, NULL, db_path, NULL); if (optind < argc) { for (int i = optind; i < argc; i++) @@ -232,7 +232,7 @@ static int _tf_command_export(const char* file, int argc, char* argv[]) return EXIT_FAILURE; } - tf_ssb_t* ssb = tf_ssb_create(NULL, NULL, db_path); + tf_ssb_t* ssb = tf_ssb_create(NULL, NULL, db_path, NULL); if (optind < argc) { for (int i = optind; i < argc; i++) @@ -270,6 +270,7 @@ static int _tf_command_export(const char* file, int argc, char* argv[]) typedef struct tf_run_args_t { const char* script; + const char* network_key; int ssb_port; int http_port; int https_port; @@ -296,6 +297,7 @@ static int _tf_run_task(const tf_run_args_t* args, int index) tf_task_set_trusted(task, true); tf_printf("setting zip path to %s\n", args->zip); tf_task_set_zip_path(task, args->zip); + tf_task_set_ssb_network_key(task, args->network_key); tf_task_set_ssb_port(task, args->ssb_port ? args->ssb_port + index : 0); tf_task_set_http_port(task, args->http_port ? args->http_port + index : 0); tf_task_set_https_port(task, args->https_port ? args->https_port + index : 0); @@ -419,6 +421,7 @@ static int _tf_command_run(const char* file, int argc, char* argv[]) static const struct option k_options[] = { { "script", required_argument, NULL, 's' }, { "ssb-port", required_argument, NULL, 'b' }, + { "ssb-network-key", required_argument, NULL, 'k' }, { "http-port", required_argument, NULL, 'p' }, { "https-port", required_argument, NULL, 'q' }, { "db-path", required_argument, NULL, 'd' }, @@ -429,7 +432,7 @@ static int _tf_command_run(const char* file, int argc, char* argv[]) { "verbose", no_argument, NULL, 'v' }, { "help", no_argument, NULL, 'h' }, }; - int c = getopt_long(argc, argv, "s:b:p:q:d:n:a:oz:vh", k_options, NULL); + int c = getopt_long(argc, argv, "s:b:k:p:q:d:n:a:oz:vh", k_options, NULL); if (c == -1) { break; @@ -445,6 +448,9 @@ static int _tf_command_run(const char* file, int argc, char* argv[]) case 's': args.script = optarg; break; + case 'k': + args.network_key = optarg; + break; case 'b': args.ssb_port = atoi(optarg); break; diff --git a/src/ssb.c b/src/ssb.c index 36bbb799..cc2ac0de 100644 --- a/src/ssb.c +++ b/src/ssb.c @@ -42,8 +42,7 @@ static_assert(k_id_base64_len == sodium_base64_ENCODED_LEN(9 + crypto_box_PUBLIC static_assert(k_id_bin_len == crypto_box_PUBLICKEYBYTES, "k_id_bin_len"); static_assert(k_blob_id_len == (sodium_base64_ENCODED_LEN(crypto_hash_sha256_BYTES, sodium_base64_VARIANT_ORIGINAL) + 8), "k_blob_id_len"); -const uint8_t k_ssb_network[] = { 0xd4, 0xa1, 0xcb, 0x88, 0xa6, 0x6f, 0x02, 0xf8, 0xdb, 0x63, 0x5c, 0xe2, 0x64, 0x41, 0xcc, 0x5d, 0xac, 0x1b, 0x08, 0x42, 0x0c, 0xea, 0xac, 0x23, - 0x08, 0x39, 0xb7, 0x55, 0x84, 0x5a, 0x9f, 0xfb }; +const char* k_ssb_network_string = "d4a1cb88a66f02f8db635ce26441cc5dac1b08420ceaac230839b755845a9ffb"; const char* k_ssb_type_names[] = { "binary", @@ -203,6 +202,8 @@ typedef struct _tf_ssb_t uv_timer_t trace_timer; uv_tcp_t server; + uint8_t network_key[32]; + uint8_t pub[crypto_sign_PUBLICKEYBYTES]; uint8_t priv[crypto_sign_SECRETKEYBYTES]; @@ -489,7 +490,7 @@ static void _tf_ssb_write(tf_ssb_connection_t* connection, void* data, size_t si static void _tf_ssb_connection_send_identity(tf_ssb_connection_t* connection, uint8_t* hmac, uint8_t* pubkey) { memcpy(connection->serverepub, pubkey, sizeof(connection->serverepub)); - if (crypto_auth_hmacsha512256_verify(hmac, connection->serverepub, 32, k_ssb_network) != 0) + if (crypto_auth_hmacsha512256_verify(hmac, connection->serverepub, 32, connection->ssb->network_key) != 0) { _tf_ssb_connection_close(connection, "invalid server hello"); return; @@ -519,10 +520,10 @@ static void _tf_ssb_connection_send_identity(tf_ssb_connection_t* connection, ui uint8_t hash[crypto_hash_sha256_BYTES]; crypto_hash_sha256(hash, shared_secret_ab, sizeof(shared_secret_ab)); - uint8_t msg[sizeof(k_ssb_network) + sizeof(connection->serverpub) + crypto_hash_sha256_BYTES]; - memcpy(msg, k_ssb_network, sizeof(k_ssb_network)); - memcpy(msg + sizeof(k_ssb_network), connection->serverpub, sizeof(connection->serverpub)); - memcpy(msg + sizeof(k_ssb_network) + sizeof(connection->serverpub), hash, sizeof(hash)); + uint8_t msg[sizeof(connection->ssb->network_key) + sizeof(connection->serverpub) + crypto_hash_sha256_BYTES]; + memcpy(msg, connection->ssb->network_key, sizeof(connection->ssb->network_key)); + memcpy(msg + sizeof(connection->ssb->network_key), connection->serverpub, sizeof(connection->serverpub)); + memcpy(msg + sizeof(connection->ssb->network_key) + sizeof(connection->serverpub), hash, sizeof(hash)); unsigned long long siglen; if (crypto_sign_detached(connection->detached_signature_A, &siglen, msg, sizeof(msg), connection->ssb->priv) != 0) @@ -536,10 +537,10 @@ static void _tf_ssb_connection_send_identity(tf_ssb_connection_t* connection, ui memcpy(tosend + sizeof(connection->detached_signature_A), connection->ssb->pub, sizeof(connection->ssb->pub)); uint8_t nonce[crypto_secretbox_NONCEBYTES] = { 0 }; - uint8_t tohash[sizeof(k_ssb_network) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB)]; - memcpy(tohash, k_ssb_network, sizeof(k_ssb_network)); - memcpy(tohash + sizeof(k_ssb_network), shared_secret_ab, sizeof(shared_secret_ab)); - memcpy(tohash + sizeof(k_ssb_network) + sizeof(shared_secret_ab), shared_secret_aB, sizeof(shared_secret_aB)); + uint8_t tohash[sizeof(connection->ssb->network_key) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB)]; + memcpy(tohash, connection->ssb->network_key, sizeof(connection->ssb->network_key)); + memcpy(tohash + sizeof(connection->ssb->network_key), shared_secret_ab, sizeof(shared_secret_ab)); + memcpy(tohash + sizeof(connection->ssb->network_key) + sizeof(shared_secret_ab), shared_secret_aB, sizeof(shared_secret_aB)); uint8_t hash2[crypto_hash_sha256_BYTES]; crypto_hash_sha256(hash2, tohash, sizeof(tohash)); @@ -1136,11 +1137,11 @@ static void _tf_ssb_connection_verify_identity(tf_ssb_connection_t* connection, return; } - uint8_t tohash[sizeof(k_ssb_network) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB) + sizeof(shared_secret_Ab)]; - memcpy(tohash, k_ssb_network, sizeof(k_ssb_network)); - memcpy(tohash + sizeof(k_ssb_network), shared_secret_ab, sizeof(shared_secret_ab)); - memcpy(tohash + sizeof(k_ssb_network) + sizeof(shared_secret_ab), shared_secret_aB, sizeof(shared_secret_aB)); - memcpy(tohash + sizeof(k_ssb_network) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB), shared_secret_Ab, sizeof(shared_secret_Ab)); + uint8_t tohash[sizeof(connection->ssb->network_key) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB) + sizeof(shared_secret_Ab)]; + memcpy(tohash, connection->ssb->network_key, sizeof(connection->ssb->network_key)); + memcpy(tohash + sizeof(connection->ssb->network_key), shared_secret_ab, sizeof(shared_secret_ab)); + memcpy(tohash + sizeof(connection->ssb->network_key) + sizeof(shared_secret_ab), shared_secret_aB, sizeof(shared_secret_aB)); + memcpy(tohash + sizeof(connection->ssb->network_key) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB), shared_secret_Ab, sizeof(shared_secret_Ab)); uint8_t hash2[crypto_hash_sha256_BYTES]; crypto_hash_sha256(hash2, tohash, sizeof(tohash)); @@ -1164,11 +1165,11 @@ static void _tf_ssb_connection_verify_identity(tf_ssb_connection_t* connection, uint8_t hash3[crypto_hash_sha256_BYTES]; crypto_hash_sha256(hash3, shared_secret_ab, sizeof(shared_secret_ab)); - uint8_t msg[sizeof(k_ssb_network) + sizeof(connection->detached_signature_A) + sizeof(connection->ssb->pub) + sizeof(hash3)]; - memcpy(msg, k_ssb_network, sizeof(k_ssb_network)); - memcpy(msg + sizeof(k_ssb_network), connection->detached_signature_A, sizeof(connection->detached_signature_A)); - memcpy(msg + sizeof(k_ssb_network) + sizeof(connection->detached_signature_A), connection->ssb->pub, sizeof(connection->ssb->pub)); - memcpy(msg + sizeof(k_ssb_network) + sizeof(connection->detached_signature_A) + sizeof(connection->ssb->pub), hash3, sizeof(hash3)); + uint8_t msg[sizeof(connection->ssb->network_key) + sizeof(connection->detached_signature_A) + sizeof(connection->ssb->pub) + sizeof(hash3)]; + memcpy(msg, connection->ssb->network_key, sizeof(connection->ssb->network_key)); + memcpy(msg + sizeof(connection->ssb->network_key), connection->detached_signature_A, sizeof(connection->detached_signature_A)); + memcpy(msg + sizeof(connection->ssb->network_key) + sizeof(connection->detached_signature_A), connection->ssb->pub, sizeof(connection->ssb->pub)); + memcpy(msg + sizeof(connection->ssb->network_key) + sizeof(connection->detached_signature_A) + sizeof(connection->ssb->pub), hash3, sizeof(hash3)); if (crypto_sign_verify_detached(m, msg, sizeof(msg), connection->serverpub) != 0) { _tf_ssb_connection_close(connection, "unable to verify server identity"); @@ -1176,7 +1177,7 @@ static void _tf_ssb_connection_verify_identity(tf_ssb_connection_t* connection, } uint8_t nonce2[crypto_auth_hmacsha512256_BYTES]; - if (crypto_auth_hmacsha512256(nonce2, connection->epub, sizeof(connection->epub), k_ssb_network) != 0) + if (crypto_auth_hmacsha512256(nonce2, connection->epub, sizeof(connection->epub), connection->ssb->network_key) != 0) { _tf_ssb_connection_close(connection, "unable to compute client recv nonce"); return; @@ -1184,7 +1185,7 @@ static void _tf_ssb_connection_verify_identity(tf_ssb_connection_t* connection, memcpy(connection->nonce, nonce2, sizeof(connection->nonce)); uint8_t nonce3[crypto_auth_hmacsha512256_BYTES]; - if (crypto_auth_hmacsha512256(nonce3, connection->serverepub, sizeof(connection->serverepub), k_ssb_network) != 0) + if (crypto_auth_hmacsha512256(nonce3, connection->serverepub, sizeof(connection->serverepub), connection->ssb->network_key) != 0) { _tf_ssb_connection_close(connection, "unable to compute client send nonce"); return; @@ -1290,11 +1291,11 @@ static void _tf_ssb_connection_verify_client_identity(tf_ssb_connection_t* conne return; } - static_assert(sizeof(k_ssb_network) == crypto_auth_KEYBYTES, "network key size"); - uint8_t tohash[sizeof(k_ssb_network) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB)]; - memcpy(tohash, k_ssb_network, sizeof(k_ssb_network)); - memcpy(tohash + sizeof(k_ssb_network), shared_secret_ab, sizeof(shared_secret_ab)); - memcpy(tohash + sizeof(k_ssb_network) + sizeof(shared_secret_ab), shared_secret_aB, sizeof(shared_secret_aB)); + static_assert(sizeof(connection->ssb->network_key) == crypto_auth_KEYBYTES, "network key size"); + uint8_t tohash[sizeof(connection->ssb->network_key) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB)]; + memcpy(tohash, connection->ssb->network_key, sizeof(connection->ssb->network_key)); + memcpy(tohash + sizeof(connection->ssb->network_key), shared_secret_ab, sizeof(shared_secret_ab)); + memcpy(tohash + sizeof(connection->ssb->network_key) + sizeof(shared_secret_ab), shared_secret_aB, sizeof(shared_secret_aB)); uint8_t hash2[crypto_hash_sha256_BYTES]; crypto_hash_sha256(hash2, tohash, sizeof(tohash)); @@ -1335,10 +1336,10 @@ static void _tf_ssb_connection_verify_client_identity(tf_ssb_connection_t* conne uint8_t hash3[crypto_hash_sha256_BYTES]; crypto_hash_sha256(hash3, shared_secret_ab, sizeof(shared_secret_ab)); - uint8_t msg[sizeof(k_ssb_network) + sizeof(connection->ssb->pub) + sizeof(hash3)]; - memcpy(msg, k_ssb_network, sizeof(k_ssb_network)); - memcpy(msg + sizeof(k_ssb_network), connection->ssb->pub, sizeof(connection->ssb->pub)); - memcpy(msg + sizeof(k_ssb_network) + sizeof(connection->ssb->pub), hash3, sizeof(hash3)); + uint8_t msg[sizeof(connection->ssb->network_key) + sizeof(connection->ssb->pub) + sizeof(hash3)]; + memcpy(msg, connection->ssb->network_key, sizeof(connection->ssb->network_key)); + memcpy(msg + sizeof(connection->ssb->network_key), connection->ssb->pub, sizeof(connection->ssb->pub)); + memcpy(msg + sizeof(connection->ssb->network_key) + sizeof(connection->ssb->pub), hash3, sizeof(hash3)); if (crypto_sign_verify_detached(detached_signature_A, msg, sizeof(msg), connection->serverpub) != 0) { _tf_ssb_connection_close(connection, "unable to verify client identity"); @@ -1346,7 +1347,7 @@ static void _tf_ssb_connection_verify_client_identity(tf_ssb_connection_t* conne } uint8_t nonce2[crypto_auth_hmacsha512256_BYTES]; - if (crypto_auth_hmacsha512256(nonce2, connection->epub, sizeof(connection->epub), k_ssb_network) != 0) + if (crypto_auth_hmacsha512256(nonce2, connection->epub, sizeof(connection->epub), connection->ssb->network_key) != 0) { _tf_ssb_connection_close(connection, "unable to compute initial recv nonce as server"); return; @@ -1354,7 +1355,7 @@ static void _tf_ssb_connection_verify_client_identity(tf_ssb_connection_t* conne memcpy(connection->nonce, nonce2, sizeof(connection->nonce)); uint8_t nonce3[crypto_auth_hmacsha512256_BYTES]; - if (crypto_auth_hmacsha512256(nonce3, connection->serverepub, sizeof(connection->serverepub), k_ssb_network) != 0) + if (crypto_auth_hmacsha512256(nonce3, connection->serverepub, sizeof(connection->serverepub), connection->ssb->network_key) != 0) { _tf_ssb_connection_close(connection, "unable to compute initial send nonce as server"); return; @@ -1362,11 +1363,11 @@ static void _tf_ssb_connection_verify_client_identity(tf_ssb_connection_t* conne memcpy(connection->send_nonce, nonce3, sizeof(connection->send_nonce)); int detached_signature_A_size = 64; - uint8_t sign_b[sizeof(k_ssb_network) + detached_signature_A_size + sizeof(connection->serverpub) + sizeof(hash3)]; - memcpy(sign_b, k_ssb_network, sizeof(k_ssb_network)); - memcpy(sign_b + sizeof(k_ssb_network), detached_signature_A, detached_signature_A_size); - memcpy(sign_b + sizeof(k_ssb_network) + detached_signature_A_size, connection->serverpub, sizeof(connection->serverpub)); - memcpy(sign_b + sizeof(k_ssb_network) + detached_signature_A_size + sizeof(connection->serverpub), hash3, sizeof(hash3)); + uint8_t sign_b[sizeof(connection->ssb->network_key) + detached_signature_A_size + sizeof(connection->serverpub) + sizeof(hash3)]; + memcpy(sign_b, connection->ssb->network_key, sizeof(connection->ssb->network_key)); + memcpy(sign_b + sizeof(connection->ssb->network_key), detached_signature_A, detached_signature_A_size); + memcpy(sign_b + sizeof(connection->ssb->network_key) + detached_signature_A_size, connection->serverpub, sizeof(connection->serverpub)); + memcpy(sign_b + sizeof(connection->ssb->network_key) + detached_signature_A_size + sizeof(connection->serverpub), hash3, sizeof(hash3)); uint8_t detached_signature_B[crypto_sign_BYTES]; unsigned long long siglen; @@ -1390,11 +1391,11 @@ static void _tf_ssb_connection_verify_client_identity(tf_ssb_connection_t* conne return; } - uint8_t key_buf[sizeof(k_ssb_network) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB) + sizeof(shared_secret_Ab)]; - memcpy(key_buf, k_ssb_network, sizeof(k_ssb_network)); - memcpy(key_buf + sizeof(k_ssb_network), shared_secret_ab, sizeof(shared_secret_ab)); - memcpy(key_buf + sizeof(k_ssb_network) + sizeof(shared_secret_ab), shared_secret_aB, sizeof(shared_secret_aB)); - memcpy(key_buf + sizeof(k_ssb_network) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB), shared_secret_Ab, sizeof(shared_secret_Ab)); + uint8_t key_buf[sizeof(connection->ssb->network_key) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB) + sizeof(shared_secret_Ab)]; + memcpy(key_buf, connection->ssb->network_key, sizeof(connection->ssb->network_key)); + memcpy(key_buf + sizeof(connection->ssb->network_key), shared_secret_ab, sizeof(shared_secret_ab)); + memcpy(key_buf + sizeof(connection->ssb->network_key) + sizeof(shared_secret_ab), shared_secret_aB, sizeof(shared_secret_aB)); + memcpy(key_buf + sizeof(connection->ssb->network_key) + sizeof(shared_secret_ab) + sizeof(shared_secret_aB), shared_secret_Ab, sizeof(shared_secret_Ab)); uint8_t key_hash[crypto_hash_sha256_BYTES]; crypto_hash_sha256(key_hash, key_buf, sizeof(key_buf)); @@ -1941,7 +1942,7 @@ static void _tf_ssb_connection_on_tcp_recv_internal(tf_ssb_connection_t* connect uint8_t* hmac = hello; memcpy(connection->serverepub, hello + crypto_box_PUBLICKEYBYTES, crypto_box_PUBLICKEYBYTES); static_assert(sizeof(connection->serverepub) == crypto_box_PUBLICKEYBYTES, "serverepub size"); - if (crypto_auth_hmacsha512256_verify(hmac, connection->serverepub, 32, k_ssb_network) != 0) + if (crypto_auth_hmacsha512256_verify(hmac, connection->serverepub, 32, connection->ssb->network_key) != 0) { _tf_ssb_connection_close(connection, "crypto_auth_hmacsha512256_verify failed"); } @@ -1998,7 +1999,7 @@ static void _tf_ssb_connection_client_send_hello(tf_ssb_connection_t* connection } uint8_t a[crypto_auth_hmacsha512256_BYTES]; - if (crypto_auth_hmacsha512256(a, connection->epub, sizeof(connection->epub), k_ssb_network) != 0) + if (crypto_auth_hmacsha512256(a, connection->epub, sizeof(connection->epub), connection->ssb->network_key) != 0) { _tf_ssb_connection_close(connection, "failed to create hello message"); return; @@ -2106,11 +2107,17 @@ void tf_ssb_get_stats(tf_ssb_t* ssb, tf_ssb_stats_t* out_stats) ssb->rpc_out = 0; } -tf_ssb_t* tf_ssb_create(uv_loop_t* loop, JSContext* context, const char* db_path) +tf_ssb_t* tf_ssb_create(uv_loop_t* loop, JSContext* context, const char* db_path, const char* network_key) { tf_ssb_t* ssb = tf_malloc(sizeof(tf_ssb_t)); memset(ssb, 0, sizeof(*ssb)); + const char* actual_key = network_key ? network_key : k_ssb_network_string; + if (sodium_hex2bin(ssb->network_key, sizeof(ssb->network_key), actual_key, strlen(actual_key), ": ", NULL, NULL)) + { + tf_printf("Error parsing network key: %s.", actual_key); + } + char buffer[8] = { 0 }; size_t buffer_size = sizeof(buffer); ssb->store_debug_messages = uv_os_getenv("TF_DEBUG_CLOSE", buffer, &buffer_size) == 0 && strcmp(buffer, "1") == 0; diff --git a/src/ssb.h b/src/ssb.h index d15fafc0..d37fe057 100644 --- a/src/ssb.h +++ b/src/ssb.h @@ -85,7 +85,7 @@ typedef struct _tf_ssb_store_queue_t bool running; } tf_ssb_store_queue_t; -tf_ssb_t* tf_ssb_create(uv_loop_t* loop, JSContext* context, const char* db_path); +tf_ssb_t* tf_ssb_create(uv_loop_t* loop, JSContext* context, const char* db_path, const char* network_key); void tf_ssb_destroy(tf_ssb_t* ssb); void tf_ssb_start_periodic(tf_ssb_t* ssb); diff --git a/src/ssb.tests.c b/src/ssb.tests.c index 1934d25e..387caa23 100644 --- a/src/ssb.tests.c +++ b/src/ssb.tests.c @@ -143,10 +143,10 @@ void tf_ssb_test_ssb(const tf_test_options_t* options) uv_loop_init(&loop); unlink("out/test_db0.sqlite"); - tf_ssb_t* ssb0 = tf_ssb_create(&loop, NULL, "file:out/test_db0.sqlite"); + tf_ssb_t* ssb0 = tf_ssb_create(&loop, NULL, "file:out/test_db0.sqlite", NULL); tf_ssb_register(tf_ssb_get_context(ssb0), ssb0); unlink("out/test_db1.sqlite"); - tf_ssb_t* ssb1 = tf_ssb_create(&loop, NULL, "file:out/test_db1.sqlite"); + tf_ssb_t* ssb1 = tf_ssb_create(&loop, NULL, "file:out/test_db1.sqlite", NULL); tf_ssb_register(tf_ssb_get_context(ssb1), ssb1); uv_idle_t idle0 = { .data = ssb0 }; @@ -352,13 +352,13 @@ void tf_ssb_test_rooms(const tf_test_options_t* options) uv_loop_init(&loop); unlink("out/test_db0.sqlite"); - tf_ssb_t* ssb0 = tf_ssb_create(&loop, NULL, "file:out/test_db0.sqlite"); + tf_ssb_t* ssb0 = tf_ssb_create(&loop, NULL, "file:out/test_db0.sqlite", NULL); tf_ssb_register(tf_ssb_get_context(ssb0), ssb0); unlink("out/test_db1.sqlite"); - tf_ssb_t* ssb1 = tf_ssb_create(&loop, NULL, "file:out/test_db1.sqlite"); + tf_ssb_t* ssb1 = tf_ssb_create(&loop, NULL, "file:out/test_db1.sqlite", NULL); tf_ssb_register(tf_ssb_get_context(ssb1), ssb1); unlink("out/test_db2.sqlite"); - tf_ssb_t* ssb2 = tf_ssb_create(&loop, NULL, "file:out/test_db2.sqlite"); + tf_ssb_t* ssb2 = tf_ssb_create(&loop, NULL, "file:out/test_db2.sqlite", NULL); tf_ssb_register(tf_ssb_get_context(ssb2), ssb2); uv_idle_t idle0 = { .data = ssb0 }; @@ -513,7 +513,7 @@ void tf_ssb_test_following(const tf_test_options_t* options) uv_loop_init(&loop); unlink("out/test_db0.sqlite"); - tf_ssb_t* ssb0 = tf_ssb_create(&loop, NULL, "file:out/test_db0.sqlite"); + tf_ssb_t* ssb0 = tf_ssb_create(&loop, NULL, "file:out/test_db0.sqlite", NULL); tf_ssb_generate_keys(ssb0); char id0[k_id_base64_len] = { "@" }; @@ -588,7 +588,7 @@ void tf_ssb_test_bench(const tf_test_options_t* options) tf_trace_t* trace = tf_trace_create(); unlink("out/test_db0.sqlite"); - tf_ssb_t* ssb0 = tf_ssb_create(&loop, NULL, "file:out/test_db0.sqlite"); + tf_ssb_t* ssb0 = tf_ssb_create(&loop, NULL, "file:out/test_db0.sqlite", NULL); tf_ssb_set_trace(ssb0, trace); tf_ssb_generate_keys(ssb0); @@ -618,7 +618,7 @@ void tf_ssb_test_bench(const tf_test_options_t* options) tf_printf("insert = %f seconds\n", (end_time.tv_sec - start_time.tv_sec) + (end_time.tv_nsec - start_time.tv_nsec) / 1e9); unlink("out/test_db1.sqlite"); - tf_ssb_t* ssb1 = tf_ssb_create(&loop, NULL, "file:out/test_db1.sqlite"); + tf_ssb_t* ssb1 = tf_ssb_create(&loop, NULL, "file:out/test_db1.sqlite", NULL); tf_ssb_set_trace(ssb1, trace); tf_ssb_generate_keys(ssb1); uint8_t id0bin[k_id_bin_len]; @@ -793,12 +793,12 @@ void tf_ssb_test_go_ssb_room(const tf_test_options_t* options) tf_trace_t* trace = tf_trace_create(); unlink("out/test_db0.sqlite"); - tf_ssb_t* ssb0 = tf_ssb_create(&loop, NULL, "file:out/test_db0.sqlite"); + tf_ssb_t* ssb0 = tf_ssb_create(&loop, NULL, "file:out/test_db0.sqlite", NULL); tf_ssb_set_trace(ssb0, trace); tf_ssb_generate_keys(ssb0); unlink("out/test_db1.sqlite"); - tf_ssb_t* ssb1 = tf_ssb_create(&loop, NULL, "file:out/test_db1.sqlite"); + tf_ssb_t* ssb1 = tf_ssb_create(&loop, NULL, "file:out/test_db1.sqlite", NULL); tf_ssb_set_trace(ssb1, trace); tf_ssb_generate_keys(ssb1); diff --git a/src/task.c b/src/task.c index 62519c9d..4eeaf37b 100644 --- a/src/task.c +++ b/src/task.c @@ -150,6 +150,7 @@ typedef struct _tf_task_t int _import_count; JSValue _loadedFiles; + const char* _network_key; int _ssb_port; int _http_port; int _https_port; @@ -1743,7 +1744,7 @@ void tf_task_activate(tf_task_t* task) tf_database_register(context); tf_httpd_register(context); - task->_ssb = tf_ssb_create(&task->_loop, task->_context, task->_db_path); + task->_ssb = tf_ssb_create(&task->_loop, task->_context, task->_db_path, task->_network_key); tf_ssb_set_trace(task->_ssb, task->_trace); tf_ssb_register(context, task->_ssb); tf_ssb_set_hitch_callback(task->_ssb, _tf_task_record_hitch, task); @@ -1997,6 +1998,11 @@ tf_task_t* tf_task_get(JSContext* context) return JS_GetContextOpaque(context); } +void tf_task_set_ssb_network_key(tf_task_t* task, const char* network_key) +{ + task->_network_key = network_key; +} + void tf_task_set_ssb_port(tf_task_t* task, int port) { task->_ssb_port = port; diff --git a/src/task.h b/src/task.h index 234ceb1e..61a2eb09 100644 --- a/src/task.h +++ b/src/task.h @@ -69,6 +69,13 @@ tf_task_t* tf_task_create(); */ void tf_task_configure_from_fd(tf_task_t* task, int fd); +/** +** Set the SSB network key. +** @param task The task. +** @param network_key The network key. +*/ +void tf_task_set_ssb_network_key(tf_task_t* task, const char* network_key); + /** ** Set the port number on which to run an SSB secure handshake server. ** @param task The task.