Last push before major bug fixes

2025-10-01 14:53:20 -04:00
parent 4658ede9d6
commit 524f9bd84f
7 changed files with 211 additions and 115 deletions
--- a/src/config.c
+++ b/src/config.c
@@ -921,40 +921,46 @@ int first_time_startup_sequence(const cli_options_t* cli_options) {
    // 1. Generate or use provided admin keypair
    unsigned char admin_privkey_bytes[32];
    char admin_privkey[65], admin_pubkey[65];
-    
-    if (cli_options && strlen(cli_options->admin_privkey_override) == 64) {
-        // Use provided admin private key
-        log_info("Using provided admin private key override");
-        strncpy(admin_privkey, cli_options->admin_privkey_override, sizeof(admin_privkey) - 1);
-        admin_privkey[sizeof(admin_privkey) - 1] = '\0';
-        
-        // Convert hex string to bytes
-        if (nostr_hex_to_bytes(admin_privkey, admin_privkey_bytes, 32) != NOSTR_SUCCESS) {
-            log_error("Failed to convert admin private key hex to bytes");
-            return -1;
-        }
-        
-        // Validate the private key
-        if (nostr_ec_private_key_verify(admin_privkey_bytes) != NOSTR_SUCCESS) {
-            log_error("Provided admin private key is invalid");
-            return -1;
+
+    if (cli_options && strlen(cli_options->admin_pubkey_override) == 64) {
+        // Use provided admin public key directly - skip private key generation entirely
+        log_info("Using provided admin public key override - skipping private key generation");
+        strncpy(admin_pubkey, cli_options->admin_pubkey_override, sizeof(admin_pubkey) - 1);
+        admin_pubkey[sizeof(admin_pubkey) - 1] = '\0';
+
+        // Validate the public key format (must be 64 hex characters)
+        for (int i = 0; i < 64; i++) {
+            char c = admin_pubkey[i];
+            if (!((c >= '0' && c <= '9') ||
+                  (c >= 'a' && c <= 'f') ||
+                  (c >= 'A' && c <= 'F'))) {
+                log_error("Invalid admin public key format - must contain only hex characters");
+                return -1;
+            }
        }
+
+        // Skip private key generation - we only need the pubkey for admin verification
+        // Set a dummy private key that will never be used (not displayed or stored)
+        memset(admin_privkey_bytes, 0, 32);  // Zero out for security
+        memset(admin_privkey, 0, sizeof(admin_privkey));  // Zero out the hex string
    } else {
        // Generate random admin keypair using /dev/urandom + nostr_core_lib
+        log_info("Generating random admin keypair");
        if (generate_random_private_key_bytes(admin_privkey_bytes) != 0) {
            log_error("Failed to generate admin private key");
            return -1;
        }
        nostr_bytes_to_hex(admin_privkey_bytes, 32, admin_privkey);
+
+        // Derive public key from private key
+        unsigned char admin_pubkey_bytes[32];
+        if (nostr_ec_public_key_from_private_key(admin_privkey_bytes, admin_pubkey_bytes) != NOSTR_SUCCESS) {
+            log_error("Failed to derive admin public key");
+            return -1;
+        }
+        nostr_bytes_to_hex(admin_pubkey_bytes, 32, admin_pubkey);
    }
    
-    unsigned char admin_pubkey_bytes[32];
-    if (nostr_ec_public_key_from_private_key(admin_privkey_bytes, admin_pubkey_bytes) != NOSTR_SUCCESS) {
-        log_error("Failed to derive admin public key");
-        return -1;
-    }
-    nostr_bytes_to_hex(admin_pubkey_bytes, 32, admin_pubkey);
-    
    // 2. Generate or use provided relay keypair
    unsigned char relay_privkey_bytes[32];
    char relay_privkey[65], relay_pubkey[65];
@@ -1011,34 +1017,43 @@ int first_time_startup_sequence(const cli_options_t* cli_options) {
    g_temp_relay_privkey[sizeof(g_temp_relay_privkey) - 1] = '\0';
    log_info("Relay private key cached for secure storage after database initialization");
    
-    // 6. Create initial configuration event using defaults (without private key)
-    cJSON* config_event = create_default_config_event(admin_privkey_bytes, relay_privkey, relay_pubkey, cli_options);
-    if (!config_event) {
-        log_error("Failed to create default configuration event");
-        return -1;
-    }
-    
-    // 7. Process configuration through admin API instead of storing in events table
-    if (process_startup_config_event_with_fallback(config_event) == 0) {
-        log_success("Initial configuration processed successfully through admin API");
+    // 6. Handle configuration setup based on admin key availability
+    if (cli_options && strlen(cli_options->admin_pubkey_override) == 64) {
+        // Admin pubkey provided - will populate config table after database initialization
+        log_info("Admin pubkey provided - config table will be populated after database initialization");
    } else {
-        log_warning("Failed to process initial configuration - will retry after database init");
-        // Cache the event for later processing
-        if (g_pending_config_event) {
-            cJSON_Delete(g_pending_config_event);
+        // Admin private key available - create signed configuration event
+        log_info("Admin private key available - creating signed configuration event");
+
+        // Create initial configuration event using defaults
+        cJSON* config_event = create_default_config_event(admin_privkey_bytes, relay_privkey, relay_pubkey, cli_options);
+        if (!config_event) {
+            log_error("Failed to create default configuration event");
+            return -1;
        }
-        g_pending_config_event = cJSON_Duplicate(config_event, 1);
+
+        // Process configuration through admin API instead of storing in events table
+        if (process_startup_config_event_with_fallback(config_event) == 0) {
+            log_success("Initial configuration processed successfully through admin API");
+        } else {
+            log_warning("Failed to process initial configuration - will retry after database init");
+            // Cache the event for later processing
+            if (g_pending_config_event) {
+                cJSON_Delete(g_pending_config_event);
+            }
+            g_pending_config_event = cJSON_Duplicate(config_event, 1);
+        }
+
+        // Cache the current config
+        if (g_current_config) {
+            cJSON_Delete(g_current_config);
+        }
+        g_current_config = cJSON_Duplicate(config_event, 1);
+
+        // Clean up
+        cJSON_Delete(config_event);
    }
    
-    // 8. Cache the current config
-    if (g_current_config) {
-        cJSON_Delete(g_current_config);
-    }
-    g_current_config = cJSON_Duplicate(config_event, 1);
-    
-    // 9. Clean up
-    cJSON_Delete(config_event);
-    
    // 10. Print admin private key for user to save
    printf("\n");
    printf("=================================================================\n");