diff --git a/src/blobs.js b/src/blobs.js index 1a883fd55..056ca40bc 100644 --- a/src/blobs.js +++ b/src/blobs.js @@ -23,7 +23,6 @@ exports = module.exports = { const assert = require('assert'), BoxError = require('./boxerror.js'), - crypto = require('crypto'), database = require('./database.js'), debug = require('debug')('box:blobs'), paths = require('./paths.js'), @@ -59,9 +58,6 @@ async function generateSecrets() { if (!acmeAccountKey) throw new BoxError(BoxError.OPENSSL_ERROR, `Could not generate acme account key: ${safe.error.message}`); await set(exports.ACME_ACCOUNT_KEY, acmeAccountKey); - const turnSecret = 'a' + crypto.randomBytes(15).toString('hex'); // prefix with a to ensure string starts with a letter - await set(exports.ADDON_TURN_SECRET, Buffer.from(turnSecret)); - debug('generateSecrets: generating dhparams.pem'); // https://security.stackexchange.com/questions/95178/diffie-hellman-parameters-still-calculating-after-24-hours const dhparams = safe.child_process.execSync('openssl dhparam -dsaparam 2048'); diff --git a/src/services.js b/src/services.js index f239ec0f5..07b35372e 100644 --- a/src/services.js +++ b/src/services.js @@ -919,8 +919,12 @@ async function startTurn(existingInfra) { const memory = system.getMemoryAllocation(memoryLimit); const realm = settings.dashboardFqdn(); - const turnSecret = await blobs.get(blobs.ADDON_TURN_SECRET); - if (!turnSecret) throw new BoxError(BoxError.ADDONS_ERROR, 'Turn secret is missing'); + let turnSecret = await blobs.get(blobs.ADDON_TURN_SECRET); + if (!turnSecret) { + debug('startTurn: generting turn secret'); + turnSecret = 'a' + crypto.randomBytes(15).toString('hex'); // prefix with a to ensure string starts with a letter + await blobs.set(blobs.ADDON_TURN_SECRET, Buffer.from(turnSecret)); + } const readOnly = !serviceConfig.recoveryMode ? '--read-only' : ''; const cmd = serviceConfig.recoveryMode ? '/bin/bash -c \'echo "Debug mode. Sleeping" && sleep infinity\'' : '';