From 13e13349bd961fcb85b79bd25a642fe85001178f Mon Sep 17 00:00:00 2001
From: Michael Weiss <dev.primeos@gmail.com>
Date: Sun, 23 May 2021 11:37:15 +0200
Subject: [PATCH] Revert "signal-desktop: Add a Python wrapper to re-encrypt
 DBs"

This reverts commit 45bd7b39a444c904986324b5f7c46ba867612575.

The database for users on NixOS 20.09 is still encrypted so we don't
need this wrapper for users that upgrade from NixOS 20.09 to 21.05.
---
 .../signal-desktop/db-reencryption-wrapper.py | 92 -------------------
 .../signal-desktop/default.nix                | 15 +--
 2 files changed, 1 insertion(+), 106 deletions(-)
 delete mode 100755 pkgs/applications/networking/instant-messengers/signal-desktop/db-reencryption-wrapper.py

diff --git a/pkgs/applications/networking/instant-messengers/signal-desktop/db-reencryption-wrapper.py b/pkgs/applications/networking/instant-messengers/signal-desktop/db-reencryption-wrapper.py
deleted file mode 100755
index 8556ee1e4d7..00000000000
--- a/pkgs/applications/networking/instant-messengers/signal-desktop/db-reencryption-wrapper.py
+++ /dev/null
@@ -1,92 +0,0 @@
-#!@PYTHON@
-
-import json
-import os
-import re
-import shlex
-import sqlite3
-import subprocess
-import sys
-
-
-DB_PATH = os.path.join(os.environ['HOME'], '.config/Signal/sql/db.sqlite')
-DB_COPY = os.path.join(os.environ['HOME'], '.config/Signal/sql/db.tmp')
-CONFIG_PATH = os.path.join(os.environ['HOME'], '.config/Signal/config.json')
-
-
-def zenity_askyesno(title, text):
-    args = [
-        '@ZENITY@',
-        '--question',
-        '--title',
-        shlex.quote(title),
-        '--text',
-        shlex.quote(text)
-    ]
-    return subprocess.run(args).returncode == 0
-
-
-def start_signal():
-    os.execvp('@SIGNAL-DESKTOP@', ['@SIGNAL-DESKTOP@'] + sys.argv[1:])
-
-
-def copy_pragma(name):
-    result = subprocess.run([
-        '@SQLCIPHER@',
-        DB_PATH,
-        f"PRAGMA {name};"
-    ], check=True, capture_output=True).stdout
-    result = re.search(r'[0-9]+', result.decode()).group(0)
-    subprocess.run([
-        '@SQLCIPHER@',
-        DB_COPY,
-        f"PRAGMA key = \"x'{key}'\"; PRAGMA {name} = {result};"
-    ], check=True, capture_output=True)
-
-
-try:
-    # Test if DB is encrypted:
-    con = sqlite3.connect(f'file:{DB_PATH}?mode=ro', uri=True)
-    cursor = con.cursor()
-    cursor.execute("SELECT name FROM sqlite_master WHERE type='table';")
-    con.close()
-except:
-    # DB is encrypted, everything ok:
-    start_signal()
-
-
-# DB is unencrypted!
-answer = zenity_askyesno(
-        "Error: Signal-Desktop database is not encrypted",
-        "Should we try to fix this automatically?"
-        + "You likely want to backup ~/.config/Signal/ first."
-)
-if not answer:
-    answer = zenity_askyesno(
-            "Launch Signal-Desktop",
-            "DB is unencrypted, should we still launch Signal-Desktop?"
-            + "Warning: This could result in data loss!"
-    )
-    if not answer:
-        print('Aborted')
-        sys.exit(0)
-    start_signal()
-
-# Re-encrypt the DB:
-with open(CONFIG_PATH) as json_file:
-    key = json.load(json_file)['key']
-result = subprocess.run([
-    '@SQLCIPHER@',
-    DB_PATH,
-    f" ATTACH DATABASE '{DB_COPY}' AS signal_db KEY \"x'{key}'\";"
-    + " SELECT sqlcipher_export('signal_db');"
-    + " DETACH DATABASE signal_db;"
-]).returncode
-if result != 0:
-    print('DB encryption failed')
-    sys.exit(1)
-# Need to copy user_version and schema_version manually:
-copy_pragma('user_version')
-copy_pragma('schema_version')
-os.rename(DB_COPY, DB_PATH)
-start_signal()
diff --git a/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix b/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix
index 0f95d1639e1..ac035335b24 100644
--- a/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix
+++ b/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix
@@ -10,9 +10,6 @@
 , hunspellDicts, spellcheckerLanguage ? null # E.g. "de_DE"
 # For a full list of available languages:
 # $ cat pkgs/development/libraries/hunspell/dictionaries.nix | grep "dictFileName =" | awk '{ print $3 }'
-, python3
-, gnome
-, sqlcipher
 }:
 
 let
@@ -115,7 +112,7 @@ in stdenv.mkDerivation rec {
 
     # Symlink to bin
     mkdir -p $out/bin
-    ln -s $out/lib/Signal/signal-desktop $out/bin/signal-desktop-unwrapped
+    ln -s $out/lib/Signal/signal-desktop $out/bin/signal-desktop
 
     runHook postInstall
   '';
@@ -140,16 +137,6 @@ in stdenv.mkDerivation rec {
     patchelf --add-needed ${libpulseaudio}/lib/libpulse.so $out/lib/Signal/resources/app.asar.unpacked/node_modules/ringrtc/build/linux/libringrtc.node
   '';
 
-  postFixup = ''
-    # This hack is temporarily required to avoid data-loss for users:
-    cp ${./db-reencryption-wrapper.py} $out/bin/signal-desktop
-    substituteInPlace $out/bin/signal-desktop \
-      --replace '@PYTHON@' '${python3}/bin/python3' \
-      --replace '@ZENITY@' '${gnome.zenity}/bin/zenity' \
-      --replace '@SQLCIPHER@' '${sqlcipher}/bin/sqlcipher' \
-      --replace '@SIGNAL-DESKTOP@' "$out/bin/signal-desktop-unwrapped"
-  '';
-
   # Tests if the application launches and waits for "Link your phone to Signal Desktop":
   passthru.tests.application-launch = nixosTests.signal-desktop;