move keys to config

2022-12-01 06:51:35 -05:00
parent 3dbb258b8f
commit bf4d8d2f7d
3 changed files with 9 additions and 4 deletions
--- a/zefie_wtvp_minisrv/includes/classes/WTVClientSessionData.js
+++ b/zefie_wtvp_minisrv/includes/classes/WTVClientSessionData.js
@@ -27,13 +27,14 @@ class WTVClientSessionData {
    baddisk = false;
    clientAddress = null;
    user_id = 0;
-    cryptoKey = "PNa$WN7gz}!T=t6X7^=|Ii##CEB~p\EP";
+    cryptoKey = null;

    constructor(minisrv_config, ssid) {
        if (!minisrv_config) throw ("minisrv_config required");
        var WTVShared = require("./WTVShared.js")['WTVShared'];
        var WTVMime = require("./WTVMime.js");
        this.minisrv_config = minisrv_config;
+        this.cryptoKey = this.minisrv_config.config.keys.userdata;
        this.wtvshared = new WTVShared(minisrv_config);
        this.wtvmime = new WTVMime(minisrv_config);
        this.lockdown = false;
--- a/zefie_wtvp_minisrv/includes/classes/WTVSec.js
+++ b/zefie_wtvp_minisrv/includes/classes/WTVSec.js
@@ -45,7 +45,7 @@ class WTVSec {
     */
    constructor(minisrv_config, wtv_incarnation = 1) {
        this.minisrv_config = minisrv_config;
-        this.initial_shared_key = CryptoJS.enc.Base64.parse(this.initial_shared_key_b64);
+        this.initial_shared_key = CryptoJS.enc.Base64.parse(this.minisrv_config.config.keys.initial_shared_key);

        if (this.initial_shared_key.sigBytes === 8) {
            this.incarnation = wtv_incarnation;
--- a/zefie_wtvp_minisrv/includes/config.json
+++ b/zefie_wtvp_minisrv/includes/config.json
@@ -45,7 +45,7 @@
    "unauthorized_url": "wtv-1800:/unauthorized?", // Where to send unauthorized users
    "enable_port_isolation": true, // Only respond to services on their correct ports
    "allow_guests": true, // Allow users to experience the server without registering
-    "domain_name": "wtv.zefie.com", // For usenet and future stuff, no need to change just yet
+    "domain_name": "wtv.zefie.com", // For usenet and future stuff, no need to change just yet,
    "user_accounts": { // user account settings
      "max_users_per_account": 6, // Max total users (including primary) per account
      "min_username_length": 5, // minimum username length
@@ -60,6 +60,10 @@
        "null"
      ]
    },
+    "keys": {
+      "initial_shared_key": "CC5rWmRUE0o=", // Used for the initial RC4 rolling key. Changing this is untested and unsupported.
+      "user_data_key": "PNa$WN7gz}!T=t6X7^=|Ii##CEB~p\\EP" // Currently used to cipher user passwords in configs. Changing this while there are registered accounts will make it impossible to decrypt existing account passwords
+    },
    "passwords": {
      // password configuration
      "enabled": true, // allow users to password protect their account
@@ -68,7 +72,7 @@
      "form_size": 16 // width of the form on the password prompt screen
    },
    "errorMessages": {
-      // define custom error messages here
+      // custom error messages
      "400": "${service_name} ran into a technical problem. Please try again.",
      "401": "Authorization Required.",
      "403": "The publisher of that page has not authorized you to view it.",