Skip to content

Commit

Permalink
Fix tootctl accounts rotate not updating public keys (mastodon#9556)
Browse files Browse the repository at this point in the history 
This allowed you to brick your system when running that command, because the accounts would continue to advertise the old public key, but sign things with the new one
  • Loading branch information
@Gargron @hiyuki2578
Gargron authored and hiyuki2578 committed Oct 2, 2019
1 parent 29c91f6 commit 69faeb2
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions lib/mastodon/accounts_cli.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -309,8 +309,8 @@ def rotate_keys_for_account(account, delay = 0)
end

old_key = account.private_key
new_key = OpenSSL::PKey::RSA.new(2048).to_pem
account.update(private_key: new_key)
new_key = OpenSSL::PKey::RSA.new(2048)
account.update(private_key: new_key.to_pem, public_key: new_key.public_key.to_pem)
ActivityPub::UpdateDistributionWorker.perform_in(delay, account.id, sign_with: old_key)
end
end
Expand Down

0 comments on commit 69faeb2

Please sign in to comment.