Compare commits
3 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
6fd3e531c3 | ||
|
|
c1c05991cf | ||
|
|
ab378e14d1 |
@@ -27,7 +27,7 @@
|
||||
## Critical Integration Issues
|
||||
|
||||
### Event-Based Configuration System
|
||||
- **No traditional config files** - all configuration stored as kind 33334 Nostr events
|
||||
- **No traditional config files** - all configuration stored in config table
|
||||
- Admin private key shown **only once** on first startup
|
||||
- Configuration changes require cryptographically signed events
|
||||
- Database path determined by generated relay pubkey
|
||||
@@ -35,7 +35,7 @@
|
||||
### First-Time Startup Sequence
|
||||
1. Relay generates admin keypair and relay keypair
|
||||
2. Creates database file with relay pubkey as filename
|
||||
3. Stores default configuration as kind 33334 event
|
||||
3. Stores default configuration in config table
|
||||
4. **CRITICAL**: Admin private key displayed once and never stored on disk
|
||||
|
||||
### Port Management
|
||||
@@ -51,7 +51,7 @@
|
||||
### Configuration Event Structure
|
||||
```json
|
||||
{
|
||||
"kind": 33334,
|
||||
"kind": 23455,
|
||||
"content": "C Nostr Relay Configuration",
|
||||
"tags": [
|
||||
["d", "<relay_pubkey>"],
|
||||
|
||||
@@ -76,6 +76,7 @@ All commands are sent as nip44 encrypted content. The following table lists all
|
||||
| **Auth Rules Management** |
|
||||
| `auth_add_blacklist` | `["blacklist", "pubkey", "abc123..."]` | Add pubkey to blacklist |
|
||||
| `auth_add_whitelist` | `["whitelist", "pubkey", "def456..."]` | Add pubkey to whitelist |
|
||||
| `auth_delete_rule` | `["delete_auth_rule", "blacklist", "pubkey", "abc123..."]` | Delete specific auth rule |
|
||||
| `auth_query_all` | `["auth_query", "all"]` | Query all auth rules |
|
||||
| `auth_query_type` | `["auth_query", "whitelist"]` | Query specific rule type |
|
||||
| `auth_query_pattern` | `["auth_query", "pattern", "abc123..."]` | Query specific pattern |
|
||||
|
||||
1350
api/index.html
1350
api/index.html
File diff suppressed because it is too large
Load Diff
@@ -282,14 +282,14 @@ cd build
|
||||
# Start relay in background and capture its PID
|
||||
if [ "$USE_TEST_KEYS" = true ]; then
|
||||
echo "Using deterministic test keys for development..."
|
||||
./$(basename $BINARY_PATH) -a aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -r 1111111111111111111111111111111111111111111111111111111111111111 > ../relay.log 2>&1 &
|
||||
./$(basename $BINARY_PATH) -a aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -r 1111111111111111111111111111111111111111111111111111111111111111 --strict-port > ../relay.log 2>&1 &
|
||||
elif [ -n "$RELAY_ARGS" ]; then
|
||||
echo "Starting relay with custom configuration..."
|
||||
./$(basename $BINARY_PATH) $RELAY_ARGS > ../relay.log 2>&1 &
|
||||
./$(basename $BINARY_PATH) $RELAY_ARGS --strict-port > ../relay.log 2>&1 &
|
||||
else
|
||||
# No command line arguments needed for random key generation
|
||||
echo "Starting relay with random key generation..."
|
||||
./$(basename $BINARY_PATH) > ../relay.log 2>&1 &
|
||||
./$(basename $BINARY_PATH) --strict-port > ../relay.log 2>&1 &
|
||||
fi
|
||||
RELAY_PID=$!
|
||||
# Change back to original directory
|
||||
|
||||
671
src/config.c
671
src/config.c
File diff suppressed because it is too large
Load Diff
@@ -98,6 +98,7 @@ typedef struct {
|
||||
int port_override; // -1 = not set, >0 = port value
|
||||
char admin_privkey_override[65]; // Empty string = not set, 64-char hex = override
|
||||
char relay_privkey_override[65]; // Empty string = not set, 64-char hex = override
|
||||
int strict_port; // 0 = allow port increment, 1 = fail if exact port unavailable
|
||||
} cli_options_t;
|
||||
|
||||
// Global unified configuration cache
|
||||
@@ -172,10 +173,10 @@ int process_admin_auth_event(cJSON* event, char* error_message, size_t error_siz
|
||||
int handle_kind_23456_unified(cJSON* event, char* error_message, size_t error_size, struct lws* wsi);
|
||||
int handle_auth_query_unified(cJSON* event, const char* query_type, char* error_message, size_t error_size, struct lws* wsi);
|
||||
int handle_system_command_unified(cJSON* event, const char* command, char* error_message, size_t error_size, struct lws* wsi);
|
||||
int handle_auth_rule_modification_unified(cJSON* event, char* error_message, size_t error_size);
|
||||
int handle_auth_rule_modification_unified(cJSON* event, char* error_message, size_t error_size, struct lws* wsi);
|
||||
|
||||
// WebSocket response functions
|
||||
int send_websocket_response_data(cJSON* event, cJSON* response_data, struct lws* wsi);
|
||||
// Admin response functions
|
||||
int send_admin_response_event(const cJSON* response_data, const char* recipient_pubkey, struct lws* wsi);
|
||||
cJSON* build_query_response(const char* query_type, cJSON* results_array, int total_count);
|
||||
|
||||
// Auth rules management functions
|
||||
|
||||
@@ -8,8 +8,7 @@
|
||||
* Default Configuration Event Template
|
||||
*
|
||||
* This header contains the default configuration values for the C Nostr Relay.
|
||||
* These values are used to create the initial kind 33334 configuration event
|
||||
* during first-time startup.
|
||||
* These values are used to populate the config table during first-time startup.
|
||||
*
|
||||
* IMPORTANT: These values should never be accessed directly by other parts
|
||||
* of the program. They are only used during initial configuration event creation.
|
||||
|
||||
64
src/main.c
64
src/main.c
@@ -224,10 +224,7 @@ int handle_event_message(cJSON* event, char* error_message, size_t error_size);
|
||||
// Forward declaration for unified validation
|
||||
int nostr_validate_unified_request(const char* json_string, size_t json_length);
|
||||
|
||||
// Forward declaration for configuration event handling (kind 33334)
|
||||
int handle_configuration_event(cJSON* event, char* error_message, size_t error_size);
|
||||
|
||||
// Forward declaration for admin event processing (kinds 33334 and 33335)
|
||||
// Forward declaration for admin event processing (kinds 23455 and 23456)
|
||||
int process_admin_event_in_config(cJSON* event, char* error_message, size_t error_size, struct lws* wsi);
|
||||
|
||||
// Forward declaration for enhanced admin event authorization
|
||||
@@ -3035,7 +3032,7 @@ int is_authorized_admin_event(cJSON* event, char* error_buffer, size_t error_buf
|
||||
}
|
||||
|
||||
int event_kind = kind_json->valueint;
|
||||
if (event_kind != 33334 && event_kind != 33335 && event_kind != 23455 && event_kind != 23456) {
|
||||
if (event_kind != 23455 && event_kind != 23456) {
|
||||
snprintf(error_buffer, error_buffer_size, "Event kind %d is not an admin event type", event_kind);
|
||||
return -1;
|
||||
}
|
||||
@@ -3203,11 +3200,18 @@ static int nostr_relay_callback(struct lws *wsi, enum lws_callback_reasons reaso
|
||||
memcpy(message, in, len);
|
||||
message[len] = '\0';
|
||||
|
||||
log_info("Received WebSocket message");
|
||||
|
||||
// Parse JSON message
|
||||
// Parse JSON message (this is the normal program flow)
|
||||
cJSON* json = cJSON_Parse(message);
|
||||
if (json && cJSON_IsArray(json)) {
|
||||
// Log the complete parsed JSON message once
|
||||
char* complete_message = cJSON_Print(json);
|
||||
if (complete_message) {
|
||||
char debug_msg[2048];
|
||||
snprintf(debug_msg, sizeof(debug_msg),
|
||||
"Received complete WebSocket message: %s", complete_message);
|
||||
log_info(debug_msg);
|
||||
free(complete_message);
|
||||
}
|
||||
// Get message type
|
||||
cJSON* type = cJSON_GetArrayItem(json, 0);
|
||||
if (type && cJSON_IsString(type)) {
|
||||
@@ -3349,7 +3353,7 @@ static int nostr_relay_callback(struct lws *wsi, enum lws_callback_reasons reaso
|
||||
// Cleanup event JSON string
|
||||
free(event_json_str);
|
||||
|
||||
// Check for admin events (kinds 33334, 33335, 23455, and 23456) and intercept them
|
||||
// Check for admin events (kinds 23455 and 23456) and intercept them
|
||||
if (result == 0) {
|
||||
cJSON* kind_obj = cJSON_GetObjectItem(event, "kind");
|
||||
if (kind_obj && cJSON_IsNumber(kind_obj)) {
|
||||
@@ -3371,7 +3375,7 @@ static int nostr_relay_callback(struct lws *wsi, enum lws_callback_reasons reaso
|
||||
}
|
||||
}
|
||||
|
||||
if (event_kind == 33334 || event_kind == 33335 || event_kind == 23455 || event_kind == 23456) {
|
||||
if (event_kind == 23455 || event_kind == 23456) {
|
||||
// Enhanced admin event security - check authorization first
|
||||
log_info("DEBUG ADMIN: Admin event detected, checking authorization");
|
||||
|
||||
@@ -3690,7 +3694,7 @@ int check_port_available(int port) {
|
||||
}
|
||||
|
||||
// Start libwebsockets-based WebSocket Nostr relay server
|
||||
int start_websocket_relay(int port_override) {
|
||||
int start_websocket_relay(int port_override, int strict_port) {
|
||||
struct lws_context_creation_info info;
|
||||
|
||||
log_info("Starting libwebsockets-based Nostr relay server...");
|
||||
@@ -3700,7 +3704,7 @@ int start_websocket_relay(int port_override) {
|
||||
int configured_port = (port_override > 0) ? port_override : get_config_int("relay_port", DEFAULT_PORT);
|
||||
int actual_port = configured_port;
|
||||
int port_attempts = 0;
|
||||
const int max_port_attempts = 5;
|
||||
const int max_port_attempts = 10; // Increased from 5 to 10
|
||||
|
||||
// Minimal libwebsockets configuration
|
||||
info.protocols = protocols;
|
||||
@@ -3719,8 +3723,8 @@ int start_websocket_relay(int port_override) {
|
||||
// Max payload size for Nostr events
|
||||
info.max_http_header_data = 4096;
|
||||
|
||||
// Find an available port with pre-checking
|
||||
while (port_attempts < max_port_attempts) {
|
||||
// Find an available port with pre-checking (or fail immediately in strict mode)
|
||||
while (port_attempts < (strict_port ? 1 : max_port_attempts)) {
|
||||
char attempt_msg[256];
|
||||
snprintf(attempt_msg, sizeof(attempt_msg), "Checking port availability: %d", actual_port);
|
||||
log_info(attempt_msg);
|
||||
@@ -3728,7 +3732,13 @@ int start_websocket_relay(int port_override) {
|
||||
// Pre-check if port is available
|
||||
if (!check_port_available(actual_port)) {
|
||||
port_attempts++;
|
||||
if (port_attempts < max_port_attempts) {
|
||||
if (strict_port) {
|
||||
char error_msg[256];
|
||||
snprintf(error_msg, sizeof(error_msg),
|
||||
"Strict port mode: port %d is not available", actual_port);
|
||||
log_error(error_msg);
|
||||
return -1;
|
||||
} else if (port_attempts < max_port_attempts) {
|
||||
char retry_msg[256];
|
||||
snprintf(retry_msg, sizeof(retry_msg), "Port %d is in use, trying port %d (attempt %d/%d)",
|
||||
actual_port, actual_port + 1, port_attempts + 1, max_port_attempts);
|
||||
@@ -3767,7 +3777,13 @@ int start_websocket_relay(int port_override) {
|
||||
log_warning(lws_error_msg);
|
||||
|
||||
port_attempts++;
|
||||
if (port_attempts < max_port_attempts) {
|
||||
if (strict_port) {
|
||||
char error_msg[256];
|
||||
snprintf(error_msg, sizeof(error_msg),
|
||||
"Strict port mode: failed to bind to port %d", actual_port);
|
||||
log_error(error_msg);
|
||||
break;
|
||||
} else if (port_attempts < max_port_attempts) {
|
||||
actual_port++;
|
||||
continue;
|
||||
}
|
||||
@@ -3833,6 +3849,7 @@ void print_usage(const char* program_name) {
|
||||
printf(" -p, --port PORT Override relay port (first-time startup only)\n");
|
||||
printf(" -a, --admin-privkey HEX Override admin private key (64-char hex)\n");
|
||||
printf(" -r, --relay-privkey HEX Override relay private key (64-char hex)\n");
|
||||
printf(" --strict-port Fail if exact port is unavailable (no port increment)\n");
|
||||
printf("\n");
|
||||
printf("Configuration:\n");
|
||||
printf(" This relay uses event-based configuration stored in the database.\n");
|
||||
@@ -3841,10 +3858,16 @@ void print_usage(const char* program_name) {
|
||||
printf(" After initial setup, all configuration is managed via database events.\n");
|
||||
printf(" Database file: <relay_pubkey>.db (created automatically)\n");
|
||||
printf("\n");
|
||||
printf("Port Binding:\n");
|
||||
printf(" Default: Try up to 10 consecutive ports if requested port is busy\n");
|
||||
printf(" --strict-port: Fail immediately if exact requested port is unavailable\n");
|
||||
printf("\n");
|
||||
printf("Examples:\n");
|
||||
printf(" %s # Start relay (auto-configure on first run)\n", program_name);
|
||||
printf(" %s -p 8080 # First-time setup with port 8080\n", program_name);
|
||||
printf(" %s --port 9000 # First-time setup with port 9000\n", program_name);
|
||||
printf(" %s --strict-port # Fail if default port 8888 is unavailable\n", program_name);
|
||||
printf(" %s -p 8080 --strict-port # Fail if port 8080 is unavailable\n", program_name);
|
||||
printf(" %s --help # Show this help\n", program_name);
|
||||
printf(" %s --version # Show version info\n", program_name);
|
||||
printf("\n");
|
||||
@@ -3863,7 +3886,8 @@ int main(int argc, char* argv[]) {
|
||||
cli_options_t cli_options = {
|
||||
.port_override = -1, // -1 = not set
|
||||
.admin_privkey_override = {0}, // Empty string = not set
|
||||
.relay_privkey_override = {0} // Empty string = not set
|
||||
.relay_privkey_override = {0}, // Empty string = not set
|
||||
.strict_port = 0 // 0 = allow port increment (default)
|
||||
};
|
||||
|
||||
// Parse command line arguments
|
||||
@@ -3958,6 +3982,10 @@ int main(int argc, char* argv[]) {
|
||||
i++; // Skip the key argument
|
||||
|
||||
log_info("Relay private key override specified");
|
||||
} else if (strcmp(argv[i], "--strict-port") == 0) {
|
||||
// Strict port mode option
|
||||
cli_options.strict_port = 1;
|
||||
log_info("Strict port mode enabled - will fail if exact port is unavailable");
|
||||
} else {
|
||||
log_error("Unknown argument. Use --help for usage information.");
|
||||
print_usage(argv[0]);
|
||||
@@ -4179,7 +4207,7 @@ int main(int argc, char* argv[]) {
|
||||
log_info("Starting relay server...");
|
||||
|
||||
// Start WebSocket Nostr relay server (port from configuration)
|
||||
int result = start_websocket_relay(-1); // Let config system determine port
|
||||
int result = start_websocket_relay(-1, cli_options.strict_port); // Let config system determine port, pass strict_port flag
|
||||
|
||||
// Cleanup
|
||||
cleanup_relay_info();
|
||||
|
||||
@@ -12,7 +12,7 @@
|
||||
static const char* const EMBEDDED_SCHEMA_SQL =
|
||||
"-- C Nostr Relay Database Schema\n\
|
||||
-- SQLite schema for storing Nostr events with JSON tags support\n\
|
||||
-- Event-based configuration system using kind 33334 Nostr events\n\
|
||||
-- Configuration system using config table\n\
|
||||
\n\
|
||||
-- Schema version tracking\n\
|
||||
PRAGMA user_version = 7;\n\
|
||||
|
||||
@@ -117,7 +117,7 @@ generate_test_keypair() {
|
||||
|
||||
echo "$pubkey" > "$pubkey_file"
|
||||
|
||||
log_info "Generated keypair for $name: pubkey=${pubkey:0:16}..."
|
||||
log_info "Generated keypair for $name: pubkey=$pubkey"
|
||||
|
||||
# Export for use in calling functions
|
||||
eval "${name}_PRIVKEY=\"$privkey\""
|
||||
@@ -135,7 +135,9 @@ encrypt_nip44_content() {
|
||||
return 1
|
||||
fi
|
||||
|
||||
# log_info "DEBUG: Encrypting content: $content"
|
||||
log_info "DEBUG: About to encrypt content: '$content'" >&2
|
||||
log_info "DEBUG: Sender privkey: $sender_privkey" >&2
|
||||
log_info "DEBUG: Receiver pubkey: $receiver_pubkey" >&2
|
||||
|
||||
# Use nak to perform NIP-44 encryption with correct syntax:
|
||||
# nak encrypt --recipient-pubkey <pubkey> --sec <private_key> [plaintext]
|
||||
@@ -145,13 +147,24 @@ encrypt_nip44_content() {
|
||||
if [ $? -ne 0 ] || [ -z "$encrypted_content" ]; then
|
||||
log_error "Failed to encrypt content with NIP-44"
|
||||
log_error "Content: $content"
|
||||
log_error "Sender privkey: ${sender_privkey:0:16}..."
|
||||
log_error "Receiver pubkey: ${receiver_pubkey:0:16}..."
|
||||
log_error "Sender privkey: $sender_privkey"
|
||||
log_error "Receiver pubkey: $receiver_pubkey"
|
||||
return 1
|
||||
fi
|
||||
|
||||
# log_info "DEBUG: Encrypted content: $encrypted_content"
|
||||
# log_info "Successfully encrypted content with NIP-44"
|
||||
# Validate that encrypted content is valid base64 and doesn't contain problematic characters
|
||||
if ! echo "$encrypted_content" | grep -q '^[A-Za-z0-9+/]*=*$'; then
|
||||
log_error "Encrypted content contains invalid characters for JSON: $encrypted_content"
|
||||
return 1
|
||||
fi
|
||||
|
||||
# Check if encrypted content is valid UTF-8/base64
|
||||
if ! echo "$encrypted_content" | base64 -d >/dev/null 2>&1; then
|
||||
log_warning "Encrypted content may not be valid base64: $encrypted_content"
|
||||
fi
|
||||
|
||||
log_info "DEBUG: Encrypted content: $encrypted_content" >&2
|
||||
log_info "Successfully encrypted content with NIP-44" >&2
|
||||
echo "$encrypted_content"
|
||||
return 0
|
||||
}
|
||||
@@ -167,7 +180,7 @@ decrypt_nip44_content() {
|
||||
return 1
|
||||
fi
|
||||
|
||||
log_info "DEBUG: Decrypting content: ${encrypted_content:0:32}..."
|
||||
log_info "DEBUG: Decrypting content: $encrypted_content"
|
||||
|
||||
# Use nak to perform NIP-44 decryption with correct syntax:
|
||||
# nak decrypt --sender-pubkey <pubkey> --sec <private_key> [encrypted_content]
|
||||
@@ -176,9 +189,9 @@ decrypt_nip44_content() {
|
||||
|
||||
if [ $? -ne 0 ] || [ -z "$decrypted_content" ]; then
|
||||
log_error "Failed to decrypt content with NIP-44"
|
||||
log_error "Encrypted content: ${encrypted_content:0:32}..."
|
||||
log_error "Receiver privkey: ${receiver_privkey:0:16}..."
|
||||
log_error "Sender pubkey: ${sender_pubkey:0:16}..."
|
||||
log_error "Encrypted content: $encrypted_content"
|
||||
log_error "Receiver privkey: $receiver_privkey"
|
||||
log_error "Sender pubkey: $sender_pubkey"
|
||||
return 1
|
||||
fi
|
||||
|
||||
@@ -196,7 +209,7 @@ send_websocket_message() {
|
||||
# Use websocat to send message and capture response (following pattern from tests/1_nip_test.sh)
|
||||
local response=""
|
||||
if command -v websocat &> /dev/null; then
|
||||
response=$(echo "$message" | timeout "$timeout" websocat "$RELAY_URL" 2>&1 || echo "Connection failed")
|
||||
response=$(printf '%s\n' "$message" | timeout "$timeout" websocat "$RELAY_URL" 2>&1 || echo "Connection failed")
|
||||
|
||||
# Check if connection failed
|
||||
if [[ "$response" == *"Connection failed"* ]]; then
|
||||
@@ -220,22 +233,54 @@ send_admin_event() {
|
||||
local timeout_seconds="${3:-10}"
|
||||
|
||||
log_info "Sending admin event: $description"
|
||||
log_info "DEBUG: Full event JSON: $event_json"
|
||||
|
||||
# Create EVENT message
|
||||
local event_message="[\"EVENT\",$event_json]"
|
||||
log_info "DEBUG: Full EVENT message: $event_message"
|
||||
# Create EVENT message using jq to properly handle special characters
|
||||
local event_message
|
||||
event_message=$(jq -n --argjson event "$event_json" '["EVENT", $event]')
|
||||
|
||||
# Send event using websocat (following 1_nip_test.sh pattern)
|
||||
# Validate that the event message is valid UTF-8 (temporarily disabled for debugging)
|
||||
# if ! echo "$event_message" | iconv -f utf-8 -t utf-8 >/dev/null 2>&1; then
|
||||
# log_error "Event message contains invalid UTF-8 characters"
|
||||
# return 1
|
||||
# fi
|
||||
|
||||
# Use websocat to send event and capture OK response
|
||||
local response=""
|
||||
if command -v websocat &> /dev/null; then
|
||||
log_info "DEBUG: About to send to relay: $event_message"
|
||||
response=$(echo "$event_message" | timeout "$timeout_seconds" websocat "$RELAY_URL" 2>&1 || echo "Connection failed")
|
||||
log_info "Sending event using websocat..."
|
||||
|
||||
# Check if connection failed
|
||||
if [[ "$response" == *"Connection failed"* ]]; then
|
||||
# Debug: Show what we're sending
|
||||
log_info "DEBUG: Event message being sent: $event_message"
|
||||
|
||||
# Write to temporary file to avoid shell interpretation issues
|
||||
local temp_file="${TEMP_DIR}/event_message_$$"
|
||||
printf '%s\n' "$event_message" > "$temp_file"
|
||||
|
||||
# Send via websocat using file input with delay to receive response
|
||||
response=$(timeout "$timeout_seconds" sh -c "cat '$temp_file'; sleep 0.5" | websocat "$RELAY_URL" 2>&1)
|
||||
local websocat_exit_code=$?
|
||||
|
||||
# Clean up temp file
|
||||
rm -f "$temp_file"
|
||||
|
||||
log_info "DEBUG: Websocat exit code: $websocat_exit_code"
|
||||
log_info "DEBUG: Websocat response: $response"
|
||||
|
||||
# Check for specific websocat errors
|
||||
if [[ "$response" == *"UTF-8 failure"* ]]; then
|
||||
log_error "UTF-8 encoding error in event data for $description"
|
||||
log_error "Event message: $event_message"
|
||||
return 1
|
||||
elif [[ "$response" == *"Connection failed"* ]] || [[ "$response" == *"Connection refused"* ]] || [[ "$response" == *"timeout"* ]]; then
|
||||
log_error "Failed to connect to relay for $description"
|
||||
return 1
|
||||
elif [[ "$response" == *"error running"* ]]; then
|
||||
log_error "Websocat error for $description: $response"
|
||||
return 1
|
||||
elif [ $websocat_exit_code -eq 0 ]; then
|
||||
log_info "Event sent successfully via websocat"
|
||||
else
|
||||
log_warning "Websocat returned exit code $websocat_exit_code"
|
||||
fi
|
||||
|
||||
else
|
||||
@@ -254,8 +299,9 @@ send_admin_query() {
|
||||
|
||||
log_info "Sending admin query: $description"
|
||||
|
||||
# Create EVENT message
|
||||
local event_message="[\"EVENT\",$event_json]"
|
||||
# Create EVENT message using jq to properly handle special characters
|
||||
local event_message
|
||||
event_message=$(jq -n --argjson event "$event_json" '["EVENT", $event]')
|
||||
|
||||
# For queries, we need to also send a REQ to get the response
|
||||
local sub_id="admin_query_$(date +%s)"
|
||||
@@ -265,7 +311,7 @@ send_admin_query() {
|
||||
# Send query event and subscription in sequence
|
||||
local response=""
|
||||
if command -v websocat &> /dev/null; then
|
||||
response=$(echo -e "$event_message\n$req_message\n$close_message" | timeout "$timeout_seconds" websocat "$RELAY_URL" 2>&1 || echo "Connection failed")
|
||||
response=$(printf '%s\n%s\n%s\n' "$event_message" "$req_message" "$close_message" | timeout "$timeout_seconds" websocat "$RELAY_URL" 2>&1 || echo "Connection failed")
|
||||
|
||||
# Check if connection failed
|
||||
if [[ "$response" == *"Connection failed"* ]]; then
|
||||
@@ -321,7 +367,7 @@ send_auth_rule_event() {
|
||||
local pattern_value="$4" # actual pubkey or hash value
|
||||
local description="$5" # optional description
|
||||
|
||||
log_info "Creating auth rule event: $action $rule_type $pattern_type ${pattern_value:0:16}..."
|
||||
log_info "Creating auth rule event: $action $rule_type $pattern_type $pattern_value"
|
||||
|
||||
# Create command array according to README.md API specification
|
||||
# Format: ["blacklist", "pubkey", "abc123..."] or ["whitelist", "pubkey", "def456..."]
|
||||
@@ -430,7 +476,7 @@ test_event_publishing() {
|
||||
log_info "Testing event publishing: $description"
|
||||
|
||||
# Create a simple test event (kind 1 - text note) using nak like NIP-42 test
|
||||
local test_content="Test message from ${test_pubkey:0:16}... at $(date)"
|
||||
local test_content="Test message from $test_pubkey at $(date)"
|
||||
local test_event
|
||||
test_event=$(nak event -k 1 --content "$test_content" --sec "$test_privkey" 2>/dev/null)
|
||||
|
||||
@@ -442,7 +488,7 @@ test_event_publishing() {
|
||||
# Send the event using nak directly (more reliable than websocat)
|
||||
log_info "Publishing test event to relay..."
|
||||
local result
|
||||
result=$(echo "$test_event" | timeout 10s nak event "$RELAY_URL" 2>&1)
|
||||
result=$(printf '%s\n' "$test_event" | timeout 10s nak event "$RELAY_URL" 2>&1)
|
||||
local exit_code=$?
|
||||
|
||||
log_info "Event publishing result: $result"
|
||||
@@ -545,15 +591,17 @@ test_admin_authentication() {
|
||||
return
|
||||
fi
|
||||
|
||||
# Send admin event
|
||||
local message="[\"EVENT\",$config_event]"
|
||||
# Send admin event using the proper admin event function
|
||||
local response
|
||||
response=$(send_websocket_message "$message" 10)
|
||||
response=$(send_admin_event "$config_event" "admin authentication test")
|
||||
local exit_code=$?
|
||||
|
||||
if echo "$response" | grep -q '"OK".*true'; then
|
||||
log_info "Admin authentication result: $response"
|
||||
|
||||
if [ $exit_code -eq 0 ] && echo "$response" | grep -q '"OK".*true'; then
|
||||
pass_test "Admin authentication successful"
|
||||
else
|
||||
fail_test "Admin authentication failed: $response"
|
||||
fail_test "Admin authentication failed: $response (exit code: $exit_code)"
|
||||
fi
|
||||
}
|
||||
|
||||
@@ -786,14 +834,14 @@ test_hash_blacklist() {
|
||||
return
|
||||
fi
|
||||
|
||||
log_info "Testing hash blacklist with event ID: ${event_id:0:16}..."
|
||||
log_info "Testing hash blacklist with event ID: $event_id"
|
||||
|
||||
# Add the event ID to hash blacklist
|
||||
if send_auth_rule_event "add" "blacklist" "hash" "$event_id" "Test hash blacklist"; then
|
||||
# Try to publish the same event using nak - should be blocked
|
||||
log_info "Attempting to publish blacklisted event..."
|
||||
local result
|
||||
result=$(echo "$test_event" | timeout 10s nak event "$RELAY_URL" 2>&1)
|
||||
result=$(printf '%s\n' "$test_event" | timeout 10s nak event "$RELAY_URL" 2>&1)
|
||||
local exit_code=$?
|
||||
|
||||
if [ $exit_code -ne 0 ] || echo "$result" | grep -q -i "blocked\|denied\|rejected\|blacklist"; then
|
||||
@@ -922,7 +970,7 @@ run_all_tests() {
|
||||
|
||||
clear_all_auth_rules
|
||||
|
||||
# test_admin_authentication
|
||||
test_admin_authentication
|
||||
# test_auth_rules_storage_query
|
||||
# test_basic_whitelist
|
||||
# test_basic_blacklist
|
||||
@@ -980,7 +1028,7 @@ main() {
|
||||
echo ""
|
||||
|
||||
# Check if relay is running - using websocat like the working tests
|
||||
if ! echo '["REQ","connection_test",{}]' | timeout 5 websocat "$RELAY_URL" >/dev/null 2>&1; then
|
||||
if ! printf '%s\n' '["REQ","connection_test",{}]' | timeout 5 websocat "$RELAY_URL" >/dev/null 2>&1; then
|
||||
log_error "Cannot connect to relay at $RELAY_URL"
|
||||
log_error "Please ensure the C-Relay server is running in test mode"
|
||||
exit 1
|
||||
|
||||
Reference in New Issue
Block a user