Alyssa Rosenzweig b49a7b490f Switch to set | %!s(int64=5) %!d(string=hai) anos | |
---|---|---|
accounts | %!s(int64=5) %!d(string=hai) anos | |
.editorconfig | %!s(int64=6) %!d(string=hai) anos | |
.gitignore | %!s(int64=5) %!d(string=hai) anos | |
LICENSE | %!s(int64=5) %!d(string=hai) anos | |
Makefile | %!s(int64=5) %!d(string=hai) anos | |
README.md | %!s(int64=5) %!d(string=hai) anos | |
cert.sh | %!s(int64=5) %!d(string=hai) anos | |
core.c | %!s(int64=5) %!d(string=hai) anos | |
core.h | %!s(int64=5) %!d(string=hai) anos | |
event-loop.c | %!s(int64=6) %!d(string=hai) anos | |
event-loop.h | %!s(int64=6) %!d(string=hai) anos | |
jailed.sh | %!s(int64=5) %!d(string=hai) anos | |
json_compat.h | %!s(int64=6) %!d(string=hai) anos | |
proxy.c | %!s(int64=5) %!d(string=hai) anos | |
push.c | %!s(int64=5) %!d(string=hai) anos | |
push.h | %!s(int64=5) %!d(string=hai) anos | |
sapphire-accounts.json | %!s(int64=5) %!d(string=hai) anos | |
secure-compare-64.h | %!s(int64=5) %!d(string=hai) anos | |
websocket.c | %!s(int64=5) %!d(string=hai) anos | |
websocket.h | %!s(int64=5) %!d(string=hai) anos |
sapphire-backend communicates only over local filesystem-resident sockets, to simplify jailing. To reach the outside world -- in particular, to benefit from websockets -- it must be paired with sapphire-proxy, which implements proxying, authentication, and SSL.
To set this up, use:
$ ./sapphire-backend & ./sapphire-proxy
And if you need to restart, it's probably safest to quit both.
This process might be further streamlined in the future.
Historically, on a local single-user Sapphire instance, the architecture was simple:
Browser <--> Backend
However, this does not work for multi-user, public-facing instances. In these cases, to minimise attack surface, this proxy is publicly facing while the backends only listen to localhost and are sandboxed:
Browser <--> Proxy (<--> Backends)
This package proxies WebSockets and implements authentication. It therefore depends on glib/json-glib/libsoup, but it MUST NOT depend on libpurple due to security isolation concerns.