Backend for Sapphire (C)

Alyssa Rosenzweig b49a7b490f Switch to set %!s(int64=6) %!d(string=hai) anos
accounts 05e8dde29c Accounts/README %!s(int64=6) %!d(string=hai) anos
.editorconfig 3ef6ef2b3b Add .editorconfig %!s(int64=6) %!d(string=hai) anos
.gitignore 960b1c4ba5 Ignore the proxy %!s(int64=6) %!d(string=hai) anos
LICENSE 7559951990 LICENSE file %!s(int64=6) %!d(string=hai) anos
Makefile 8d4970e3e8 Strip out all message processing %!s(int64=6) %!d(string=hai) anos
README.md 888e8faec5 .. %!s(int64=6) %!d(string=hai) anos
cert.sh 05f4aff5c2 Opt-in HTTPS %!s(int64=6) %!d(string=hai) anos
core.c b49a7b490f Switch to set %!s(int64=6) %!d(string=hai) anos
core.h 6465665df5 Strip some old code %!s(int64=6) %!d(string=hai) anos
event-loop.c 60d14a6af1 Refactor event loop %!s(int64=6) %!d(string=hai) anos
event-loop.h 60d14a6af1 Refactor event loop %!s(int64=6) %!d(string=hai) anos
jailed.sh 39ceb00ee7 jailed.sh update %!s(int64=6) %!d(string=hai) anos
json_compat.h 1d439ad47a Broadcast write_conv as JSON %!s(int64=6) %!d(string=hai) anos
proxy.c 9b1479ce4a Ignore writes to closed websockets %!s(int64=6) %!d(string=hai) anos
push.c 8a12c50102 Implement suuuper tenative mailx-based SMS push notifications %!s(int64=6) %!d(string=hai) anos
push.h 8a12c50102 Implement suuuper tenative mailx-based SMS push notifications %!s(int64=6) %!d(string=hai) anos
sapphire-accounts.json d1ad08ddcc Add new files %!s(int64=6) %!d(string=hai) anos
secure-compare-64.h d1ad08ddcc Add new files %!s(int64=6) %!d(string=hai) anos
websocket.c b534232e77 Print gerror I guess %!s(int64=6) %!d(string=hai) anos
websocket.h 79d99f94e5 Beep beep %!s(int64=6) %!d(string=hai) anos

README.md

Backend

sapphire-backend communicates only over local filesystem-resident sockets, to simplify jailing. To reach the outside world -- in particular, to benefit from websockets -- it must be paired with sapphire-proxy, which implements proxying, authentication, and SSL.

To set this up, use:

$ ./sapphire-backend & ./sapphire-proxy

And if you need to restart, it's probably safest to quit both.

This process might be further streamlined in the future.

Proxy

Historically, on a local single-user Sapphire instance, the architecture was simple:

Browser <--> Backend

However, this does not work for multi-user, public-facing instances. In these cases, to minimise attack surface, this proxy is publicly facing while the backends only listen to localhost and are sandboxed:

Browser <--> Proxy (<--> Backends)

This package proxies WebSockets and implements authentication. It therefore depends on glib/json-glib/libsoup, but it MUST NOT depend on libpurple due to security isolation concerns.