gearheads
/
mastodon
Archived
2
0
Fork 0

Fix tootctl accounts rotate not updating public keys (#9556)

This allowed you to brick your system when running that command, because the accounts would continue to advertise the old public key, but sign things with the new one
gh/stable
Eugen Rochko 2018-12-18 01:22:29 +01:00 committed by GitHub
parent 12ab15e584
commit 857e8eb312
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions

View File

@ -309,8 +309,8 @@ module Mastodon
end
old_key = account.private_key
new_key = OpenSSL::PKey::RSA.new(2048).to_pem
account.update(private_key: new_key)
new_key = OpenSSL::PKey::RSA.new(2048)
account.update(private_key: new_key.to_pem, public_key: new_key.public_key.to_pem)
ActivityPub::UpdateDistributionWorker.perform_in(delay, account.id, sign_with: old_key)
end
end