[RFC PATCH 7/8] Added package fff-hoodsync
Tim Niemeyer
tim at tn-x.org
Sa Mai 7 23:21:33 CEST 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi
Ich weiss noch nicht, ob die Aufteilung zwischen fff-hoods und fff-hoodsync so gut ist. Vllt muss da nochmal genauer diskutieren, was wo rein sollte.
Am 3. Mai 2016 23:20:56 MESZ, schrieb Jan Kraus <mayosemmel at googlemail.com>:
>the package will synchronize and verify hood- and keyfiles
>
>Signed-off-by: Jan Kraus <mayosemmel at gmail.com>
>---
> .../fff/fff-hoods/files/etc/hoods/fuerth.hood | 1 +
> .../fff/fff-hoods/files/etc/hoods/fuerth.hood.sig | 13 ++++
> .../fff/fff-hoods/files/etc/hoods/nuernberg.hood | 23 ++++++-
> .../fff-hoods/files/etc/hoods/nuernberg.hood.sig | 13 ++++
> .../fff/fff-hoods/files/etc/hoods/test.hood | 1 +
> .../fff/fff-hoods/files/etc/hoods/test.hood.sig | 13 ++++
> .../fff-hoods/files/etc/hoods/trainstation.hood | 1 +
> .../files/etc/hoods/trainstation.hood.sig | 13 ++++
> src/packages/fff/fff-hoodsync/Makefile | 39 ++++++++++++
> ...0fd7c342494754949d338f77a84ac1a74a6c56077fb.key | 16 +++++
> ...e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key | 16 +++++
> ...e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key | 16 +++++
> ...06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key | 16 +++++
> ...834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key | 16 +++++
> .../fff/fff-hoodsync/files/usr/sbin/synchronize | 27 +++++++++
>.../fff/fff-hoodsync/files/usr/sbin/verifyhoods | 70
>++++++++++++++++++++++
>.../fff/fff-hoodsync/files/usr/sbin/verifykeys | 59
>++++++++++++++++++
> src/packages/fff/fff/Makefile | 3 +-
> 18 files changed, 352 insertions(+), 4 deletions(-)
>create mode 100644
>src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood.sig
>create mode 100644
>src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood.sig
>create mode 100644
>src/packages/fff/fff-hoods/files/etc/hoods/test.hood.sig
>create mode 100644
>src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood.sig
> create mode 100644 src/packages/fff/fff-hoodsync/Makefile
>create mode 100644
>src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key
>create mode 100644
>src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key
>create mode 100644
>src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key
>create mode 100644
>src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key
>create mode 100644
>src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key
>create mode 100755
>src/packages/fff/fff-hoodsync/files/usr/sbin/synchronize
>create mode 100755
>src/packages/fff/fff-hoodsync/files/usr/sbin/verifyhoods
>create mode 100755
>src/packages/fff/fff-hoodsync/files/usr/sbin/verifykeys
>
>diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood
>b/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood
>index fd5c9ea..2f2a75f 100644
>--- a/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood
>+++ b/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood
>@@ -11,6 +11,7 @@
> "mode5": "ht40+",
> "type5": "adhoc",
> "location": { "lat": 49.478330, "lon": 10.990270 },
>+ "timestamp": "1462211188",
> },
> "network": {
> "ula_prefix": "fdff:2::/64"
>diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood.sig
>b/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood.sig
>new file mode 100644
>index 0000000..92caa68
>--- /dev/null
>+++ b/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood.sig
>@@ -0,0 +1,13 @@
>+{
>+ "Sigs":
>+ [
>+ {
>+ "PubKey":
>"e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4",
ich nehme an das ist hier nur wie ein Name zu sehen.
>+ "Sig":
>"a5955fb8ab054b60b8084cae0a6d8d7393a079955c2272acd80bd4b702ae2e0cd40535a3580a23b158b4bbb6dcebc117e0102e65dce586cbde981729f8073b03"
>+ },
>+ {
>+ "PubKey":
>"8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e",
>+ "Sig":
>"9f91af084c06ace9e4722fac09b6cbfc6822cdc6f5b7a1502237b3f75589c002a053f0a8625005d9ff6c2ce83d3d7be5c277e65c7bef789e721a60049eacb802"
>+ }
>+ ]
>+}
>diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood
>b/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood
>index 6c26ab3..91c82c3 100644
>--- a/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood
>+++ b/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood
>@@ -6,13 +6,30 @@
> "protocol": "batman-adv-v14",
> "channel2": 1,
> "mode2": "HT20",
>- "type": "adhoc",
>+ "type2": "adhoc",
> "channel5": 40,
> "mode5": "HT40+",
>- "type": "adhoc",
>+ "type5": "adhoc",
> "location": { "lat": 49.448856, "lon": 11.082108 },
>+ "timestamp": "1462205682"
> },
> "network": {
> "ula_prefix": "fdff:3::/64"
>- }
>+ },
>+ "vpn": [
>+ {
>+ "name": "FFF-GW-M1.nuernberg",
>+ "protocol": "fastd",
>+ "address": "37.120.190.92",
>+ "port": "10004",
>+ "key":
>"b68f96ff2e1c5866494432ddee960ec61ec6832ade06a0d05890c7802d7c14b7"
>+ },
>+ {
>+ "name": "fff-bbg.nuernberg",
>+ "protocol": "fastd",
>+ "address": "78.46.181.112",
>+ "port": "10004",
>+ "key":
>"2686395242eb871fec1103abead2893d21b0b54a078f0246747eb3b03859f67a"
>+ }
>+ ]
> }
>diff --git
>a/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood.sig
>b/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood.sig
>new file mode 100644
>index 0000000..8d292d7
>--- /dev/null
>+++ b/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood.sig
>@@ -0,0 +1,13 @@
>+{
>+ "Sigs":
>+ [
>+ {
>+ "PubKey":
>"e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4",
>+ "Sig":
>"0ca1a62ba4a5ae7a49f9451eae721ab4a37fbaf89073ff00651e87f03df72d0dc8f1def364f609727e9080d87bda742b5e0ffd25bd75aa678fc13204b7c3ac01"
>+ },
>+ {
>+ "PubKey":
>"8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e",
>+ "Sig":
>"1a2443056ef5768ffcade7c63676fe6b3103a2c2703610b35390fdf200004e044402fe4cc1da2493e5429a0a90e89310d18ec524585804e5376a77652f9f630a"
>+ }
>+ ]
>+}
>diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/test.hood
>b/src/packages/fff/fff-hoods/files/etc/hoods/test.hood
>index 18a93f1..aee0e7e 100644
>--- a/src/packages/fff/fff-hoods/files/etc/hoods/test.hood
>+++ b/src/packages/fff/fff-hoods/files/etc/hoods/test.hood
>@@ -11,6 +11,7 @@
> "mode5": "ht40+",
> "type5": "adhoc",
> "location": { "lat": 49.46654, "lon": 10.992 },
>+ "timestamp": "1462211188",
> },
> "network": {
> "ula_prefix": "fdff:ff::/64"
>diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/test.hood.sig
>b/src/packages/fff/fff-hoods/files/etc/hoods/test.hood.sig
>new file mode 100644
>index 0000000..33b64a8
>--- /dev/null
>+++ b/src/packages/fff/fff-hoods/files/etc/hoods/test.hood.sig
>@@ -0,0 +1,13 @@
>+{
>+ "Sigs":
>+ [
>+ {
>+ "PubKey":
>"e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4",
>+ "Sig":
>"5085e78610c1d51e9f5677a1ab1f0219155ea6b2e2029cfddc99dd65898d1c099e1bd6c193265d6a760e244d060bbb464539e449bd4193b07706c270b53f3c01"
>+ },
>+ {
>+ "PubKey":
>"8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e",
>+ "Sig":
>"2da699c0487bb7cb9063f96e826a7d10f9bc1f29dbc82c66dc19080b36445b058b3a661006f4d39de49d604a1f6deb2f12471d40b537210fab87896b5d271303"
>+ }
>+ ]
>+}
>diff --git
>a/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood
>b/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood
>index 41ac75e..cc1fcc4 100644
>--- a/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood
>+++ b/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood
>@@ -10,6 +10,7 @@
> "channel5": 40,
> "mode5": "ht40+",
> "type5": "adhoc",
>+ "timestamp": "1462211188",
> },
> "network": {
> "ula_prefix": "fdff:0::/64"
>diff --git
>a/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood.sig
>b/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood.sig
>new file mode 100644
>index 0000000..0adda1d
>--- /dev/null
>+++ b/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood.sig
>@@ -0,0 +1,13 @@
>+{
>+ "Sigs":
>+ [
>+ {
>+ "PubKey":
>"e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4",
>+ "Sig":
>"e83099ff7e1a529b136a916e2af95d08d8794eae62d71c0c858d1a9c6fd1ee09a127fd225637188f257c612138efc0808ef3a613afd181ee059cfb74c3087906"
>+ },
>+ {
>+ "PubKey":
>"8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e",
>+ "Sig":
>"8f664d6a3a318131426e8d83dc30518aeeb01de04b47cd1e0bd4869eed14b1098a521a125d6209a40ae8ef247053a14ac32466b81c041c26be15b36b8ee0ab0d"
>+ }
>+ ]
>+}
>diff --git a/src/packages/fff/fff-hoodsync/Makefile
>b/src/packages/fff/fff-hoodsync/Makefile
>new file mode 100644
>index 0000000..6242f54
>--- /dev/null
>+++ b/src/packages/fff/fff-hoodsync/Makefile
>@@ -0,0 +1,39 @@
>+include $(TOPDIR)/rules.mk
>+
>+PKG_NAME:=fff-hoodsync
>+PKG_VERSION:=0.0.1
>+PKG_RELEASE:=1
>+
>+PKG_BUILD_DIR:=$(BUILD_DIR)/fff-hoodsync
>+
>+include $(INCLUDE_DIR)/package.mk
>+
>+define Package/fff-hoodsync
>+ SECTION:=base
>+ CATEGORY:=Freifunk
>+ TITLE:= Freifunk-Franken hoodfile synchronisation
>+ URL:=http://www.freifunk-franken.de
>+ DEPENDS:=+fff-hoods +libubox
>+endef
>+
>+define Package/fff-hoodsync/description
>+ This package synchronises and verifys hoodfiles and keyfiles
>+endef
>+
>+define Build/Prepare
>+ echo "all: " > $(PKG_BUILD_DIR)/Makefile
>+endef
>+
>+define Build/Configure
>+ # nothing
>+endef
>+
>+define Build/Compile
>+ # nothing
>+endef
>+
>+define Package/fff-hoodsync/install
>+ $(CP) ./files/* $(1)/
>+endef
>+
>+$(eval $(call BuildPackage,fff-hoodsync))
>diff --git
>a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key
>b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key
>new file mode 100644
>index 0000000..0cce1ca
>--- /dev/null
>+++
>b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key
>@@ -0,0 +1,16 @@
>+{
>+ "PubKey":
>"120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb",
>+ "Owner": "TestUser0.2",
>+ "IsMaster": false,
was soll ismaster sein?
>+ "Sigs":
>+ [
>+ {
>+ "PubKey":
>"8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e",
>+ "Sig":
>"3033dd3d91645bf063dc74b30020d18d208ceb14beafcb8872843ce6cff58f0f9b61fbc64d6a307c98da560f60aff590c62617ab39a89215c0383dbf9b99a20c"
>+ },
>+ {
>+ "PubKey":
>"2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e",
>+ "Sig":
>"56dfb602887d1db913200470d90256fb1935742f226ee84575df1e03cfab2e0611a0f353dbb6cec1291bc8098a61940510aef2c8fca44c375824c24059feea0a"
>+ }
>+ ]
>+}
>diff --git
>a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key
>b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key
>new file mode 100644
>index 0000000..f3e20e4
>--- /dev/null
>+++
>b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key
>@@ -0,0 +1,16 @@
>+{
>+ "PubKey":
>"2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e",
>+ "Owner": "TestUser3",
>+ "IsMaster": true,
>+ "Sigs":
>+ [
>+ {
>+ "PubKey":
>"e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4",
>+ "Sig":
>"760e1e9f36b543842d32c8f85fa7df64f993a25da3ad3d0e868fe20d18a93b0b364cc675991e8934a5368c3e22c3bf4f5376dae89188c59fdb3937c50f28ca08"
>+ },
>+ {
>+ "PubKey":
>"8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e",
>+ "Sig":
>"07f6aad96f3eb6373244f7a8f6dbf25f8c630d8e4d1c53eb75dd0615ad4e000c4f50580413b1cad89eafb6a0c70e672d8a10a066cd28d21d7ed8dee84d897209"
>+ }
>+ ]
>+}
>diff --git
>a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key
>b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key
>new file mode 100644
>index 0000000..aeb480f
>--- /dev/null
>+++
>b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key
>@@ -0,0 +1,16 @@
>+{
>+ "PubKey":
>"8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e",
>+ "Owner": "TestUser2",
>+ "IsMaster": true,
>+ "Sigs":
>+ [
>+ {
>+ "PubKey":
>"e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4",
>+ "Sig":
>"00aa58032c1fd014401eb1a5bc730904c1ed91fde13c05ff29d203b82a88fe0f8aa9698c662dc21b8e4f8b24d3a0e6f9d123f0be4607b642b3f670cbe37b8607"
>+ },
>+ {
>+ "PubKey":
>"2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e",
>+ "Sig":
>"1337c7f4106aa79d5f5d8f76256d76155137536da35048c7e49608cbf1699e0e1527f52cba4342428772124cff00980e7354cdf495dccdae26e8ccd7c15bb606"
>+ }
>+ ]
>+}
>diff --git
>a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key
>b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key
>new file mode 100644
>index 0000000..17f0333
>--- /dev/null
>+++
>b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key
>@@ -0,0 +1,16 @@
>+{
>+ "PubKey":
>"c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021",
>+ "Owner": "TestUser0.1",
>+ "IsMaster": false,
>+ "Sigs":
>+ [
>+ {
>+ "PubKey":
>"e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4",
>+ "Sig":
>"6356b1984020b4d6fd9ce425dc9a454d0b52be0cd0db418d662df4bfa5211f00565a36c019553e7d4982509b0e0a8d245ed232b0c6b5d97fd6df1648dce8f30f"
>+ },
>+ {
>+ "PubKey":
>"8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e",
>+ "Sig":
>"c6d5c9f68e89063a235ec80a81d6b825d6b75f0e635218f52d921c7cfee00e0794097391feaf1d2a7f4b32cd8c784fe7fe3b5e6b420506be20ed7aa4a4db6d04"
>+ }
>+ ]
>+}
>diff --git
>a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key
>b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key
>new file mode 100644
>index 0000000..3211b30
>--- /dev/null
>+++
>b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key
>@@ -0,0 +1,16 @@
>+{
>+ "PubKey":
>"e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4",
>+ "Owner": "TestUser1",
>+ "IsMaster": true,
>+ "Sigs":
>+ [
>+ {
>+ "PubKey":
>"8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e",
>+ "Sig":
>"ad8f982ebb9e26676fd717787dcb42ab3093b5b1a3b37dc98b89cfb0eed24e0b286399287506a694a8731c05087be943eec97e6ebe9955905d5346d240042703"
>+ },
>+ {
>+ "PubKey":
>"2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e",
>+ "Sig":
>"f441100c255f784a8a448d0108eebce42c44a1b5ec5eaea819704e6b020c1c0b55b4a50147900ae63073c97d42ea547d95b42074c6ecfd99a4582f9e1bc8a90a"
>+ }
>+ ]
>+}
>diff --git a/src/packages/fff/fff-hoodsync/files/usr/sbin/synchronize
>b/src/packages/fff/fff-hoodsync/files/usr/sbin/synchronize
>new file mode 100755
>index 0000000..b5a9250
>--- /dev/null
>+++ b/src/packages/fff/fff-hoodsync/files/usr/sbin/synchronize
>@@ -0,0 +1,27 @@
>+#!/bin/sh
>+
>+UPDATELINK="http://[fdff:3::e418:c9ff:fec6:9d7d]/foo/hoods"
Das wird erst erreichbar, wenn wir ipv6 routen. Vorschlag: wir nehmen _erstmal_ dir IP vom netmon..
Oder vllt sogar mehrere sourcen? HM..
>+HOODDIR=/tmp/syncedhoods
>+KEYDIR=/tmp/syncedkeys
>+
>+rm -rf "$HOODDIR"
>+rm -rf "$KEYDIR"
>+mkdir -p "$HOODDIR"
>+mkdir -p "$KEYDIR"
>+rm -f /tmp/hoods.list
>+rm -f /tmp/keys.list
>+wget "$UPDATELINK/hoods.list" -O /tmp/hoods.list
>+wget "$UPDATELINK/keys/keys.list" -O /tmp/keys.list
>+
>+while read filename
>+do
>+ wget "$UPDATELINK/$filename" -O "$HOODDIR/$filename"
>+done < /tmp/hoods.list
>+
>+while read filename
>+do
>+ wget "$UPDATELINK/keys/$filename" -O "$KEYDIR/$filename"
>+done < /tmp/keys.list
>+
>+. /usr/sbin/verifyhoods
Eigentlich ist verifyhoods kein sbin file, wenn man es als dot script sourcen muss. Allgemein halte ich das sourcen von dot files hier für ungeschickt, weil eine nicht leicht zu erkennende Abhängigkeit (durch das environment) entsteht.
>+
>diff --git a/src/packages/fff/fff-hoodsync/files/usr/sbin/verifyhoods
>b/src/packages/fff/fff-hoodsync/files/usr/sbin/verifyhoods
>new file mode 100755
>index 0000000..cdc5b43
>--- /dev/null
>+++ b/src/packages/fff/fff-hoodsync/files/usr/sbin/verifyhoods
>@@ -0,0 +1,70 @@
>+#!/bin/sh
>+
>+. /usr/share/libubox/jshn.sh
>+
>+TRUSTEDHOODDIR=/etc/hoods
>+
>+if [ -z "$HOODDIR" ]; then
>+ HOODDIR="$TRUSTEDHOODDIR"
>+fi
>+
>+. /usr/sbin/verifykeys
Siehe oben.
Weitere Anmerkung: warum wird verifykeys in verifyhoods gesourced? Hängt das wirklich zusammen?
Wäre das nicht als unabhängiges script nicht besser?
>+
>+for hoodfile in $HOODDIR/*.hood
>+do
>+ echo -e "Check if hood-files are valid"
>+ echo "Parsing $hoodfile"
>+ json_load "$(cat $hoodfile)"
>+ json_select hood
>+ json_get_var newHoodName name
>+ json_get_var newTimestamp timestamp
>+ if [ -f "$TRUSTEDHOODDIR/$newHoodName.hood" ]
>+ then
>+ json_load "$(cat $TRUSTEDHOODDIR/$newHoodName.hood)"
>+ json_select hood
>+ json_get_var oldHoodName name
>+ json_get_var oldTimestamp timestamp
>+ if [ "$newHoodName" != "$oldHoodName" ]
>+ then
>+ echo "Hoodnames are not matching"
>+ continue
>+ fi
>+ if [ "$newTimestamp" -le "$oldTimestamp" ]
>+ then
>+ echo "the synchronized file is older than current"
>+ continue
>+ fi
>+ fi
>+ json_load "$(cat $hoodfile.sig)"
>+ json_select Sigs
>+ SigCount="0"
>+ local Index="1"
>+ while json_select $Index > /dev/null
>+ do
>+ json_get_var SigPubKey PubKey
>+ json_get_var Sig Sig
>+ if grep "$SigPubKey" "/tmp/trustedkeys" ; then
>+ if ecdsaverify -s "$Sig" -p "$SigPubKey" "$hoodfile" ;then
>+ echo "Valid Signature of $SigPubKey"
>+ SigCount=$((SigCount+1))
>+ else
>+ echo "Invalid Signature of $SigPubKey"
>+ fi
>+ else
>+ echo "$SigPubKey is not trusted. So signature is
>worthless."
>+ fi
>+ json_select ".."
>+ Index=$((Index+1))
>+ done
>+ if [ "$SigCount" -gt 1 ];then
>+ echo "There are enough valid Signatures, so hoodfile is now
>trusted."
>+ cp "$hoodfile"* "$TRUSTEDHOODDIR/."
>+ else
>+ echo "There aren't enough valid Signatures"
>+ echo "$hoodfile will be removed"
>+ rm -f "$hoodfile"*
>+ fi
>+ echo
>+done
>+
>+. /usr/sbin/configurehood
Kann man das synchronisieren, validieren, auswählen und konfigurieren nicht entkoppeln?
Zu letzt noch die Frage: wie löscht man eine hood oder ein key file?
Tim
>diff --git a/src/packages/fff/fff-hoodsync/files/usr/sbin/verifykeys
>b/src/packages/fff/fff-hoodsync/files/usr/sbin/verifykeys
>new file mode 100755
>index 0000000..57f9446
>--- /dev/null
>+++ b/src/packages/fff/fff-hoodsync/files/usr/sbin/verifykeys
>@@ -0,0 +1,59 @@
>+#!/bin/sh
>+
>+. /usr/share/libubox/jshn.sh
>+
>+TRUSTEDKEYDIR=/etc/hoods/keys
>+
>+if [ -z "$KEYDIR" ]; then
>+ KEYDIR="$TRUSTEDKEYDIR"
>+fi
>+
>+rm -f /tmp/trustedkeys
>+for keyfile in $TRUSTEDKEYDIR/*.key
>+do
>+ echo "Parsing trusted $keyfile"
>+ json_load "$(cat $keyfile)"
>+ json_get_var PubKey PubKey
>+ echo "$PubKey" >> /tmp/trustedkeys
>+done
>+
>+for keyfile in $KEYDIR/*.key
>+do
>+ echo "Check if key-signatures are valid"
>+ echo "Parsing $keyfile"
>+ json_load "$(cat $keyfile)"
>+ json_get_var PubKey PubKey
>+ echo "$PubKey" > "/tmp/$PubKey"
>+ SigCount="0"
>+ json_select Sigs
>+ local Index="1"
>+ while json_select $Index > /dev/null
>+ do
>+ json_get_var SigPubKey PubKey
>+ json_get_var Sig Sig
>+ if grep "$SigPubKey" "/tmp/trustedkeys" ; then
>+ if ecdsaverify -s "$Sig" -p "$SigPubKey" "/tmp/$PubKey"
>;then
>+ echo "Valid Signature of $SigPubKey"
>+ SigCount=$((SigCount+1))
>+ else
>+ echo "Invalid Signature of $SigPubKey"
>+ fi
>+ else
>+ echo "$SigPubKey is not trusted. So signature is
>worthless."
>+ fi
>+ json_select ".."
>+ Index=$((Index+1))
>+ done
>+ json_select ".."
>+ if [ "$SigCount" -gt 1 ];then
>+ echo "There are enough valid Signatures, so key is now
>trusted."
>+ cp "$keyfile" "$TRUSTEDKEYDIR/$PubKey.key"
>+ else
>+ echo "There aren't enough valid Signatures"
>+ echo "$keyfile will be removed"
>+ rm -f "$keyfile"
>+ fi
>+ rm -f "/tmp/$PubKey"
>+ echo
>+done
>+
>diff --git a/src/packages/fff/fff/Makefile
>b/src/packages/fff/fff/Makefile
>index 45f034e..14d2af5 100644
>--- a/src/packages/fff/fff/Makefile
>+++ b/src/packages/fff/fff/Makefile
>@@ -22,7 +22,8 @@ define Package/fff-base
> +fff-fastd \
> +fff-firewall \
> +fff-network \
>- +fff-hoods
>+ +fff-hoods \
>+ +fff-hoodsync
> endef
>
> define Package/fff-base/description
-----BEGIN PGP SIGNATURE-----
iQE5BAEBCgAjHBxUaW0gTmllbWV5ZXIgPHRpbUB0bi14Lm9yZz4FAlcuXE0ACgkQ
ELiw0DPkKM/Pgwf9G4jGu5vLaVgi3gRNPqICthJS1Yj8upXsGw5Ct9qqVhiJ7jxm
frmw/SlkHgvXIOd3ATFt33jFdcDn2sph6X7oZ2DNuctZj/3HfOmdMCj+vC7GXU+h
lnrmBF3FeWUD06tsk3Y7jRblitn8ccr/wnVZWdM9u2BHdoZ1xv7Sk5zS3pwnPMhj
34Ovm9etDgTq0A4iVki8+/H9Z5dHOeh6Hy9NW9MVXDC1dll4vCsRORXgSLy56cJ5
KeBFKhXBUZDKPUoTOCukm8iqaFknv1oHaSQVVubEThYvMAZ0Z8w3VO/0ZUuTXN1z
Ipc1X9OR/jw3hZiMHjX268CJApy8mYWsbXmXbg==
=olKj
-----END PGP SIGNATURE-----
Mehr Informationen über die Mailingliste franken-dev