Generate random UUID

Generate a random UUID when the device bootstraps instead of
deterministically calculating one from the CPU serial number. This means
that a specific device can be used with many applications and users
without problem.

src/app.coffee

@@ -1,28 +1,23 @@
 Promise = require 'bluebird'
 fs = Promise.promisifyAll(require('fs'))
 os = require 'os'
-api = require './api'
 knex = require './db'
 utils = require './utils'
 {spawn} = require 'child_process'
 bootstrap = require './bootstrap'
-application = require './application'
 
 console.log('Supervisor started..')
 
-newUuid = utils.getDeviceUuid()
-oldUuid = knex('config').select('value').where(key: 'uuid')
 version = utils.getSupervisorVersion()
 
-Promise.all([newUuid, oldUuid, version])
+knex('config').select('value').where(key: 'uuid').then ([uuid]) ->
-.then ([newUuid, [oldUuid], version]) ->
+	if not uuid?.value
-	oldUuid = oldUuid?.value
+		console.log('New device detected. Bootstrapping..')
-	if newUuid is oldUuid
+		bootstrap()
-		return true
-
-	console.log('New device detected. Bootstrapping..')
-	return bootstrap(newUuid, version)
 .then ->
+	api = require './api'
+	application = require './application'
+
 	console.log('Starting OpenVPN..')
 	openvpn = spawn('openvpn', ['client.conf'], cwd: '/data')
 
@@ -51,3 +46,4 @@ Promise.all([newUuid, oldUuid, version])
 			application.update()
 		, 5 * 60 * 1000) # Every 5 mins
 		application.update()
+

src/bootstrap.coffee

@@ -3,14 +3,25 @@ _ = require 'lodash'
 fs = Promise.promisifyAll require 'fs'
 url = require 'url'
 knex = require './db'
+utils = require './utils'
 crypto = require 'crypto'
 csrgen = Promise.promisify require 'csr-gen'
 request = Promise.promisify require 'request'
 
-module.exports = (uuid, version) ->
+module.exports = ->
 	# Load config file
 	config = fs.readFileAsync('/boot/config.json', 'utf8').then(JSON.parse)
 
+	version = utils.getSupervisorVersion()
+
+	# I'd be nice if the UUID matched the output of a SHA-256 function, but
+	# although the length limit of the CN attribute in a X.509 certificate is
+	# 64 chars, a 32 byte UUID (64 chars in hex) doesn't pass the certificate
+	# validation in OpenVPN This either means that the RFC counts a final NULL
+	# byte as part of the CN or that the OpenVPN/OpenSSL implementation has a
+	# bug.
+	uuid = crypto.pseudoRandomBytes(31).toString('hex')
+
 	# Generate SSL certificate
 	keys = csrgen(uuid,
 		company: 'Rulemotion Ltd'
@@ -25,8 +36,8 @@ module.exports = (uuid, version) ->
 		division: ''
 	)
 
-	Promise.all([config, keys])
+	Promise.all([config, keys, version])
-	.then ([config, keys]) ->
+	.then ([config, keys, version]) ->
 		console.log('UUID:', uuid)
 		console.log('User ID:', config.userId)
 		console.log('User:', config.username)

src/utils.coffee

@@ -1,21 +1,5 @@
 Promise = require 'bluebird'
 fs = Promise.promisifyAll require 'fs'
-os = require 'os'
-crypto = require 'crypto'
-
-# Parses the output of /proc/cpuinfo to find the "Serial : 710abf21" line
-# or the hostname if there isn't a serial number (when run in dev mode)
-# The uuid is the SHA1 hash of that value.
-exports.getDeviceUuid = ->
-	fs.readFileAsync('/proc/cpuinfo', 'utf8')
-	.then (cpuinfo) ->
-		serial = cpuinfo
-			.split('\n')
-			.filter((line) -> line.indexOf('Serial') isnt -1)[0]
-			?.split(':')[1]
-			.trim() or os.hostname()
-
-		return crypto.createHash('sha1').update(serial, 'utf8').digest('hex')
 
 # Parses package.json and returns resin-supervisor's version
 exports.getSupervisorVersion = ->