Chimo @ Chromic

To fix the "ImportError" from the last post: in /opt/mozilla-key-exchange-server/keyexchange/run.py, I commented out: ini_file = os.path.join('/etc', 'keyexchange', 'production.ini') and added:

_CURDIR = os.path.dirname(os.path.abspath(__file__))
ini_file = os.path.join(_CURDIR, '../etc', 'production.ini')

In /opt/mozilla-key-exchange-server/etc/keyexchange.wsgi, before from keyexchange.run import application, I added:

import site
site.addsitedir('/opt/mozilla-key-exchange-server/lib/python2.7/site-packages')

Finally, I realized that "memcached" isn't optional so I installed it, started it and my key-exchange server finally gave me a "Pair a device" key.

Here's the updated PKGBUILD which contains the patches above so all of this is automatic.

To fix the "ImportError" from the last post: in /opt/mozilla-key-exchange-server/keyexchange/run.py, I commented out: ini_file = os.path.join('/etc', 'keyexchange', 'production.ini') and added: _CURDIR = os.path.dirname(os.path.abspath(__file__)) ini_file = os.path.join(_CURDIR, '../etc', 'production.ini') In /opt/mozilla-key-exchange-server/etc/keyexchange.wsgi,...

Making progress, but not quite there yet.

I've moved my Key Exchange Server behind Apache to be able to use it on port 80 (and be able to view the logs). Here's the relevant portion of my /etc/httpd/conf/extra/httpd-vhosts.conf file:

<VirtualHost *:80>
    ServerName keyex.chromic.org
    DocumentRoot /opt/mozilla-key-exchange-server/
    WSGIDaemonProcess keyex user=http group=http processes=2 threads=25
    WSGIPassAuthorization On
    WSGIScriptAlias / /opt/mozilla-key-exchange-server/etc/keyexchange.wsgi
    CustomLog "/srv/http/keyex.chromic.org/logs/access_log" combined
    ErrorLog  "/srv/http/keyex.chromic.org/logs/error_log"

    <Directory /opt/mozilla-key-exchange-server>
      Order deny,allow
      Allow from all
    </Directory>
</VirtualHost>

I'm still getting Error 503s, but now at least I can see why:

mod_wsgi: Target WSGI script '/opt/mozilla-key-exchange-server/etc/keyexchange.wsgi' cannot be loaded as Python module.
mod_wsgi: Exception occurred processing WSGI script '/opt/mozilla-key-exchange-server/etc/keyexchange.wsgi'.
Traceback (most recent call last):
File "/opt/mozilla-key-exchange-server/etc/keyexchange.wsgi", line 38, in <module>
from keyexchange.run import application
ImportError: No module named keyexchange.run

Note: I don't need to start the server with the "paster" command from the last post anymore either.

Making progress, but not quite there yet. I've moved my Key Exchange Server behind Apache to be able to use it on port 80 (and be able to view the...

Quick follow up on the last post. I managed to build the server and have it running. Changing services.sync.jpake.serverURL in about:config indeed does direct Firefox to the custom key exchange server. The bad news is that I've only managed to get Error 503 responses when trying to re-setup sync in the browser.

I ended up creating a PKGBUILD for it. Unpack that tarball, run makepkg -si in the folder and you should end up with /opt/mozilla-key-exchange-server. In there, just run ./bin/paster serve ./etc/development.ini and the server should start listening for requests on port 5000.

I'll have a closer look at it soon.

Follow-up posts:

• 2012-07-14: Local Key Exchange Server Behind Apache
• 2012-07-21: Working! Local Key Exchange Server

Quick follow up on the last post. I managed to build the server and have it running. Changing services.sync.jpake.serverURL in about:config indeed does direct Firefox to the custom key exchange...

Ever since I setup my own "Firefox Sync Server" (a.k.a.: Weave) I've been puzzled by how a new device figures out the location of the Sync Server. A short reminder of the steps involved:

1. Setup your 1st device by creating an account.
   You need to provide:
   1. email
   2. password
   3. server URL
   Pretty standard stuff.
2. Connect a 2nd device (this is where magic happens):
   1. Select "Pair a device" on the 2nd device
   2. Firefox tells you to enter a code on your 1st device
   3. Enter the code
   4. ???
   5. Your 2nd device is now sync'ing!

Notice how the 2nd device was never told the URL of the custom sync server? Wtf!

I just assumed that there was a "dispatch" server URL from Mozilla hardcoded in Firefox that routes new devices to current ones somehow, and I (reluctantly) moved on.

I tend to obsess over things I don't fully understand, however, and finally looked into it in more details today. I launched Wireshark and re-setup one of my machine. This is where I found that a connection to http://auth.services.mozilla.com/ is made during setup. A quick search for this address on the Interwebs revealed that it's a "Sync Key Exchange Server".

I then searched for that URL in about:config and found that there is a preference in there called services.sync.jpake.serverURL which points to it.

Now, of course, my plan is to setup my own Sync Key Exchange Server and change services.sync.jpake.serverURL so that it points to it.

Stay tuned to know how that went!

Ever since I setup my own "Firefox Sync Server" (a.k.a.: Weave) I've been puzzled by how a new device figures out the location of the Sync Server. A short reminder...