[RFC PATCH 7/8] Added package fff-hoodsync
mayosemmel
mayosemmel at googlemail.com
So Mai 8 21:44:44 CEST 2016
Hi
Am Samstag, den 07.05.2016, 23:21 +0200 schrieb Tim Niemeyer:
> Hi
>
> Ich weiss noch nicht, ob die Aufteilung zwischen fff-hoods und fff-hoodsync so gut ist. Vllt muss da nochmal genauer diskutieren, was wo rein sollte.
>
Im Nachhinein hatte ich das auch schon überlegt. Das zu mergen wäre
jetzt kein sonderlich großer Aufwand. Hätte da gern noch 1-2 andere
Meinungen.
>
> Am 3. Mai 2016 23:20:56 MESZ, schrieb Jan Kraus <mayosemmel at googlemail.com>:
> >the package will synchronize and verify hood- and keyfiles
> >
> >Signed-off-by: Jan Kraus <mayosemmel at gmail.com>
> >---
> > .../fff/fff-hoods/files/etc/hoods/fuerth.hood | 1 +
> > .../fff/fff-hoods/files/etc/hoods/fuerth.hood.sig | 13 ++++
> > .../fff/fff-hoods/files/etc/hoods/nuernberg.hood | 23 ++++++-
> > .../fff-hoods/files/etc/hoods/nuernberg.hood.sig | 13 ++++
> > .../fff/fff-hoods/files/etc/hoods/test.hood | 1 +
> > .../fff/fff-hoods/files/etc/hoods/test.hood.sig | 13 ++++
> > .../fff-hoods/files/etc/hoods/trainstation.hood | 1 +
> > .../files/etc/hoods/trainstation.hood.sig | 13 ++++
> > src/packages/fff/fff-hoodsync/Makefile | 39 ++++++++++++
> > ...0fd7c342494754949d338f77a84ac1a74a6c56077fb.key | 16 +++++
> > ...e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key | 16 +++++
> > ...e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key | 16 +++++
> > ...06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key | 16 +++++
> > ...834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key | 16 +++++
> > .../fff/fff-hoodsync/files/usr/sbin/synchronize | 27 +++++++++
> >.../fff/fff-hoodsync/files/usr/sbin/verifyhoods | 70
> >++++++++++++++++++++++
> >.../fff/fff-hoodsync/files/usr/sbin/verifykeys | 59
> >++++++++++++++++++
> > src/packages/fff/fff/Makefile | 3 +-
> > 18 files changed, 352 insertions(+), 4 deletions(-)
> >create mode 100644
> >src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood.sig
> >create mode 100644
> >src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood.sig
> >create mode 100644
> >src/packages/fff/fff-hoods/files/etc/hoods/test.hood.sig
> >create mode 100644
> >src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood.sig
> > create mode 100644 src/packages/fff/fff-hoodsync/Makefile
> >create mode 100644
> >src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key
> >create mode 100644
> >src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key
> >create mode 100644
> >src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key
> >create mode 100644
> >src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key
> >create mode 100644
> >src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key
> >create mode 100755
> >src/packages/fff/fff-hoodsync/files/usr/sbin/synchronize
> >create mode 100755
> >src/packages/fff/fff-hoodsync/files/usr/sbin/verifyhoods
> >create mode 100755
> >src/packages/fff/fff-hoodsync/files/usr/sbin/verifykeys
> >
> >diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood
> >b/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood
> >index fd5c9ea..2f2a75f 100644
> >--- a/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood
> >+++ b/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood
> >@@ -11,6 +11,7 @@
> > "mode5": "ht40+",
> > "type5": "adhoc",
> > "location": { "lat": 49.478330, "lon": 10.990270 },
> >+ "timestamp": "1462211188",
> > },
> > "network": {
> > "ula_prefix": "fdff:2::/64"
> >diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood.sig
> >b/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood.sig
> >new file mode 100644
> >index 0000000..92caa68
> >--- /dev/null
> >+++ b/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood.sig
> >@@ -0,0 +1,13 @@
> >+{
> >+ "Sigs":
> >+ [
> >+ {
> >+ "PubKey":
> >"e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4",
>
> ich nehme an das ist hier nur wie ein Name zu sehen.
>
Nein, aktuell wird dieser String wirklich als PubKey zum verifizieren
genutzt. Du willst vermutlich darauf hinaus, das man sich den key anhand
eines Namens aus dem Key file holt.
Wäre eine Überlegung Wert. Muss ich mal schauen wie viel Zusatzaufwand
das wäre.
> >+ "Sig":
> >"a5955fb8ab054b60b8084cae0a6d8d7393a079955c2272acd80bd4b702ae2e0cd40535a3580a23b158b4bbb6dcebc117e0102e65dce586cbde981729f8073b03"
> >+ },
> >+ {
> >+ "PubKey":
> >"8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e",
> >+ "Sig":
> >"9f91af084c06ace9e4722fac09b6cbfc6822cdc6f5b7a1502237b3f75589c002a053f0a8625005d9ff6c2ce83d3d7be5c277e65c7bef789e721a60049eacb802"
> >+ }
> >+ ]
> >+}
> >diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood
> >b/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood
> >index 6c26ab3..91c82c3 100644
> >--- a/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood
> >+++ b/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood
> >@@ -6,13 +6,30 @@
> > "protocol": "batman-adv-v14",
> > "channel2": 1,
> > "mode2": "HT20",
> >- "type": "adhoc",
> >+ "type2": "adhoc",
> > "channel5": 40,
> > "mode5": "HT40+",
> >- "type": "adhoc",
> >+ "type5": "adhoc",
> > "location": { "lat": 49.448856, "lon": 11.082108 },
> >+ "timestamp": "1462205682"
> > },
> > "network": {
> > "ula_prefix": "fdff:3::/64"
> >- }
> >+ },
> >+ "vpn": [
> >+ {
> >+ "name": "FFF-GW-M1.nuernberg",
> >+ "protocol": "fastd",
> >+ "address": "37.120.190.92",
> >+ "port": "10004",
> >+ "key":
> >"b68f96ff2e1c5866494432ddee960ec61ec6832ade06a0d05890c7802d7c14b7"
> >+ },
> >+ {
> >+ "name": "fff-bbg.nuernberg",
> >+ "protocol": "fastd",
> >+ "address": "78.46.181.112",
> >+ "port": "10004",
> >+ "key":
> >"2686395242eb871fec1103abead2893d21b0b54a078f0246747eb3b03859f67a"
> >+ }
> >+ ]
> > }
> >diff --git
> >a/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood.sig
> >b/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood.sig
> >new file mode 100644
> >index 0000000..8d292d7
> >--- /dev/null
> >+++ b/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood.sig
> >@@ -0,0 +1,13 @@
> >+{
> >+ "Sigs":
> >+ [
> >+ {
> >+ "PubKey":
> >"e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4",
> >+ "Sig":
> >"0ca1a62ba4a5ae7a49f9451eae721ab4a37fbaf89073ff00651e87f03df72d0dc8f1def364f609727e9080d87bda742b5e0ffd25bd75aa678fc13204b7c3ac01"
> >+ },
> >+ {
> >+ "PubKey":
> >"8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e",
> >+ "Sig":
> >"1a2443056ef5768ffcade7c63676fe6b3103a2c2703610b35390fdf200004e044402fe4cc1da2493e5429a0a90e89310d18ec524585804e5376a77652f9f630a"
> >+ }
> >+ ]
> >+}
> >diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/test.hood
> >b/src/packages/fff/fff-hoods/files/etc/hoods/test.hood
> >index 18a93f1..aee0e7e 100644
> >--- a/src/packages/fff/fff-hoods/files/etc/hoods/test.hood
> >+++ b/src/packages/fff/fff-hoods/files/etc/hoods/test.hood
> >@@ -11,6 +11,7 @@
> > "mode5": "ht40+",
> > "type5": "adhoc",
> > "location": { "lat": 49.46654, "lon": 10.992 },
> >+ "timestamp": "1462211188",
> > },
> > "network": {
> > "ula_prefix": "fdff:ff::/64"
> >diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/test.hood.sig
> >b/src/packages/fff/fff-hoods/files/etc/hoods/test.hood.sig
> >new file mode 100644
> >index 0000000..33b64a8
> >--- /dev/null
> >+++ b/src/packages/fff/fff-hoods/files/etc/hoods/test.hood.sig
> >@@ -0,0 +1,13 @@
> >+{
> >+ "Sigs":
> >+ [
> >+ {
> >+ "PubKey":
> >"e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4",
> >+ "Sig":
> >"5085e78610c1d51e9f5677a1ab1f0219155ea6b2e2029cfddc99dd65898d1c099e1bd6c193265d6a760e244d060bbb464539e449bd4193b07706c270b53f3c01"
> >+ },
> >+ {
> >+ "PubKey":
> >"8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e",
> >+ "Sig":
> >"2da699c0487bb7cb9063f96e826a7d10f9bc1f29dbc82c66dc19080b36445b058b3a661006f4d39de49d604a1f6deb2f12471d40b537210fab87896b5d271303"
> >+ }
> >+ ]
> >+}
> >diff --git
> >a/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood
> >b/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood
> >index 41ac75e..cc1fcc4 100644
> >--- a/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood
> >+++ b/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood
> >@@ -10,6 +10,7 @@
> > "channel5": 40,
> > "mode5": "ht40+",
> > "type5": "adhoc",
> >+ "timestamp": "1462211188",
> > },
> > "network": {
> > "ula_prefix": "fdff:0::/64"
> >diff --git
> >a/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood.sig
> >b/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood.sig
> >new file mode 100644
> >index 0000000..0adda1d
> >--- /dev/null
> >+++ b/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood.sig
> >@@ -0,0 +1,13 @@
> >+{
> >+ "Sigs":
> >+ [
> >+ {
> >+ "PubKey":
> >"e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4",
> >+ "Sig":
> >"e83099ff7e1a529b136a916e2af95d08d8794eae62d71c0c858d1a9c6fd1ee09a127fd225637188f257c612138efc0808ef3a613afd181ee059cfb74c3087906"
> >+ },
> >+ {
> >+ "PubKey":
> >"8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e",
> >+ "Sig":
> >"8f664d6a3a318131426e8d83dc30518aeeb01de04b47cd1e0bd4869eed14b1098a521a125d6209a40ae8ef247053a14ac32466b81c041c26be15b36b8ee0ab0d"
> >+ }
> >+ ]
> >+}
> >diff --git a/src/packages/fff/fff-hoodsync/Makefile
> >b/src/packages/fff/fff-hoodsync/Makefile
> >new file mode 100644
> >index 0000000..6242f54
> >--- /dev/null
> >+++ b/src/packages/fff/fff-hoodsync/Makefile
> >@@ -0,0 +1,39 @@
> >+include $(TOPDIR)/rules.mk
> >+
> >+PKG_NAME:=fff-hoodsync
> >+PKG_VERSION:=0.0.1
> >+PKG_RELEASE:=1
> >+
> >+PKG_BUILD_DIR:=$(BUILD_DIR)/fff-hoodsync
> >+
> >+include $(INCLUDE_DIR)/package.mk
> >+
> >+define Package/fff-hoodsync
> >+ SECTION:=base
> >+ CATEGORY:=Freifunk
> >+ TITLE:= Freifunk-Franken hoodfile synchronisation
> >+ URL:=http://www.freifunk-franken.de
> >+ DEPENDS:=+fff-hoods +libubox
> >+endef
> >+
> >+define Package/fff-hoodsync/description
> >+ This package synchronises and verifys hoodfiles and keyfiles
> >+endef
> >+
> >+define Build/Prepare
> >+ echo "all: " > $(PKG_BUILD_DIR)/Makefile
> >+endef
> >+
> >+define Build/Configure
> >+ # nothing
> >+endef
> >+
> >+define Build/Compile
> >+ # nothing
> >+endef
> >+
> >+define Package/fff-hoodsync/install
> >+ $(CP) ./files/* $(1)/
> >+endef
> >+
> >+$(eval $(call BuildPackage,fff-hoodsync))
> >diff --git
> >a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key
> >b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key
> >new file mode 100644
> >index 0000000..0cce1ca
> >--- /dev/null
> >+++
> >b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key
> >@@ -0,0 +1,16 @@
> >+{
> >+ "PubKey":
> >"120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb",
> >+ "Owner": "TestUser0.2",
> >+ "IsMaster": false,
>
> was soll ismaster sein?
Ein Parameter, den ich nutzen wollte. Beim schreiben vom Script ist mir
aufgefallen, das man den nicht braucht.
Hatte nur vergessen den Parameter entsprechend wieder wegzuwerfen. Wird
in v2 weg sein.
>
> >+ "Sigs":
> >+ [
> >+ {
> >+ "PubKey":
> >"8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e",
> >+ "Sig":
> >"3033dd3d91645bf063dc74b30020d18d208ceb14beafcb8872843ce6cff58f0f9b61fbc64d6a307c98da560f60aff590c62617ab39a89215c0383dbf9b99a20c"
> >+ },
> >+ {
> >+ "PubKey":
> >"2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e",
> >+ "Sig":
> >"56dfb602887d1db913200470d90256fb1935742f226ee84575df1e03cfab2e0611a0f353dbb6cec1291bc8098a61940510aef2c8fca44c375824c24059feea0a"
> >+ }
> >+ ]
> >+}
> >diff --git
> >a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key
> >b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key
> >new file mode 100644
> >index 0000000..f3e20e4
> >--- /dev/null
> >+++
> >b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key
> >@@ -0,0 +1,16 @@
> >+{
> >+ "PubKey":
> >"2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e",
> >+ "Owner": "TestUser3",
> >+ "IsMaster": true,
> >+ "Sigs":
> >+ [
> >+ {
> >+ "PubKey":
> >"e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4",
> >+ "Sig":
> >"760e1e9f36b543842d32c8f85fa7df64f993a25da3ad3d0e868fe20d18a93b0b364cc675991e8934a5368c3e22c3bf4f5376dae89188c59fdb3937c50f28ca08"
> >+ },
> >+ {
> >+ "PubKey":
> >"8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e",
> >+ "Sig":
> >"07f6aad96f3eb6373244f7a8f6dbf25f8c630d8e4d1c53eb75dd0615ad4e000c4f50580413b1cad89eafb6a0c70e672d8a10a066cd28d21d7ed8dee84d897209"
> >+ }
> >+ ]
> >+}
> >diff --git
> >a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key
> >b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key
> >new file mode 100644
> >index 0000000..aeb480f
> >--- /dev/null
> >+++
> >b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key
> >@@ -0,0 +1,16 @@
> >+{
> >+ "PubKey":
> >"8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e",
> >+ "Owner": "TestUser2",
> >+ "IsMaster": true,
> >+ "Sigs":
> >+ [
> >+ {
> >+ "PubKey":
> >"e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4",
> >+ "Sig":
> >"00aa58032c1fd014401eb1a5bc730904c1ed91fde13c05ff29d203b82a88fe0f8aa9698c662dc21b8e4f8b24d3a0e6f9d123f0be4607b642b3f670cbe37b8607"
> >+ },
> >+ {
> >+ "PubKey":
> >"2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e",
> >+ "Sig":
> >"1337c7f4106aa79d5f5d8f76256d76155137536da35048c7e49608cbf1699e0e1527f52cba4342428772124cff00980e7354cdf495dccdae26e8ccd7c15bb606"
> >+ }
> >+ ]
> >+}
> >diff --git
> >a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key
> >b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key
> >new file mode 100644
> >index 0000000..17f0333
> >--- /dev/null
> >+++
> >b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key
> >@@ -0,0 +1,16 @@
> >+{
> >+ "PubKey":
> >"c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021",
> >+ "Owner": "TestUser0.1",
> >+ "IsMaster": false,
> >+ "Sigs":
> >+ [
> >+ {
> >+ "PubKey":
> >"e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4",
> >+ "Sig":
> >"6356b1984020b4d6fd9ce425dc9a454d0b52be0cd0db418d662df4bfa5211f00565a36c019553e7d4982509b0e0a8d245ed232b0c6b5d97fd6df1648dce8f30f"
> >+ },
> >+ {
> >+ "PubKey":
> >"8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e",
> >+ "Sig":
> >"c6d5c9f68e89063a235ec80a81d6b825d6b75f0e635218f52d921c7cfee00e0794097391feaf1d2a7f4b32cd8c784fe7fe3b5e6b420506be20ed7aa4a4db6d04"
> >+ }
> >+ ]
> >+}
> >diff --git
> >a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key
> >b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key
> >new file mode 100644
> >index 0000000..3211b30
> >--- /dev/null
> >+++
> >b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key
> >@@ -0,0 +1,16 @@
> >+{
> >+ "PubKey":
> >"e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4",
> >+ "Owner": "TestUser1",
> >+ "IsMaster": true,
> >+ "Sigs":
> >+ [
> >+ {
> >+ "PubKey":
> >"8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e",
> >+ "Sig":
> >"ad8f982ebb9e26676fd717787dcb42ab3093b5b1a3b37dc98b89cfb0eed24e0b286399287506a694a8731c05087be943eec97e6ebe9955905d5346d240042703"
> >+ },
> >+ {
> >+ "PubKey":
> >"2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e",
> >+ "Sig":
> >"f441100c255f784a8a448d0108eebce42c44a1b5ec5eaea819704e6b020c1c0b55b4a50147900ae63073c97d42ea547d95b42074c6ecfd99a4582f9e1bc8a90a"
> >+ }
> >+ ]
> >+}
> >diff --git a/src/packages/fff/fff-hoodsync/files/usr/sbin/synchronize
> >b/src/packages/fff/fff-hoodsync/files/usr/sbin/synchronize
> >new file mode 100755
> >index 0000000..b5a9250
> >--- /dev/null
> >+++ b/src/packages/fff/fff-hoodsync/files/usr/sbin/synchronize
> >@@ -0,0 +1,27 @@
> >+#!/bin/sh
> >+
> >+UPDATELINK="http://[fdff:3::e418:c9ff:fec6:9d7d]/foo/hoods"
>
> Das wird erst erreichbar, wenn wir ipv6 routen. Vorschlag: wir nehmen _erstmal_ dir IP vom netmon..
> Oder vllt sogar mehrere sourcen? HM..
>
> >+HOODDIR=/tmp/syncedhoods
> >+KEYDIR=/tmp/syncedkeys
> >+
> >+rm -rf "$HOODDIR"
> >+rm -rf "$KEYDIR"
> >+mkdir -p "$HOODDIR"
> >+mkdir -p "$KEYDIR"
> >+rm -f /tmp/hoods.list
> >+rm -f /tmp/keys.list
> >+wget "$UPDATELINK/hoods.list" -O /tmp/hoods.list
> >+wget "$UPDATELINK/keys/keys.list" -O /tmp/keys.list
> >+
> >+while read filename
> >+do
> >+ wget "$UPDATELINK/$filename" -O "$HOODDIR/$filename"
> >+done < /tmp/hoods.list
> >+
> >+while read filename
> >+do
> >+ wget "$UPDATELINK/keys/$filename" -O "$KEYDIR/$filename"
> >+done < /tmp/keys.list
> >+
> >+. /usr/sbin/verifyhoods
>
> Eigentlich ist verifyhoods kein sbin file, wenn man es als dot script sourcen muss. Allgemein halte ich das sourcen von dot files hier für ungeschickt, weil eine nicht leicht zu erkennende Abhängigkeit (durch das environment) entsteht.
>
An ein oder 2 Stellen, werden hier Variablen benötigt. Ein
Übergabeparameter wäre vermutlich besser.
>
> >+
> >diff --git a/src/packages/fff/fff-hoodsync/files/usr/sbin/verifyhoods
> >b/src/packages/fff/fff-hoodsync/files/usr/sbin/verifyhoods
> >new file mode 100755
> >index 0000000..cdc5b43
> >--- /dev/null
> >+++ b/src/packages/fff/fff-hoodsync/files/usr/sbin/verifyhoods
> >@@ -0,0 +1,70 @@
> >+#!/bin/sh
> >+
> >+. /usr/share/libubox/jshn.sh
> >+
> >+TRUSTEDHOODDIR=/etc/hoods
> >+
> >+if [ -z "$HOODDIR" ]; then
> >+ HOODDIR="$TRUSTEDHOODDIR"
> >+fi
> >+
> >+. /usr/sbin/verifykeys
> Siehe oben.
>
> Weitere Anmerkung: warum wird verifykeys in verifyhoods gesourced? Hängt das wirklich zusammen?
>
> Wäre das nicht als unabhängiges script nicht besser?
>
Weil ich vor dem Verifizieren der Hoods sicher gehen wollte, das die
Keys auch valide sind.
> >+
> >+for hoodfile in $HOODDIR/*.hood
> >+do
> >+ echo -e "Check if hood-files are valid"
> >+ echo "Parsing $hoodfile"
> >+ json_load "$(cat $hoodfile)"
> >+ json_select hood
> >+ json_get_var newHoodName name
> >+ json_get_var newTimestamp timestamp
> >+ if [ -f "$TRUSTEDHOODDIR/$newHoodName.hood" ]
> >+ then
> >+ json_load "$(cat $TRUSTEDHOODDIR/$newHoodName.hood)"
> >+ json_select hood
> >+ json_get_var oldHoodName name
> >+ json_get_var oldTimestamp timestamp
> >+ if [ "$newHoodName" != "$oldHoodName" ]
> >+ then
> >+ echo "Hoodnames are not matching"
> >+ continue
> >+ fi
> >+ if [ "$newTimestamp" -le "$oldTimestamp" ]
> >+ then
> >+ echo "the synchronized file is older than current"
> >+ continue
> >+ fi
> >+ fi
> >+ json_load "$(cat $hoodfile.sig)"
> >+ json_select Sigs
> >+ SigCount="0"
> >+ local Index="1"
> >+ while json_select $Index > /dev/null
> >+ do
> >+ json_get_var SigPubKey PubKey
> >+ json_get_var Sig Sig
> >+ if grep "$SigPubKey" "/tmp/trustedkeys" ; then
> >+ if ecdsaverify -s "$Sig" -p "$SigPubKey" "$hoodfile" ;then
> >+ echo "Valid Signature of $SigPubKey"
> >+ SigCount=$((SigCount+1))
> >+ else
> >+ echo "Invalid Signature of $SigPubKey"
> >+ fi
> >+ else
> >+ echo "$SigPubKey is not trusted. So signature is
> >worthless."
> >+ fi
> >+ json_select ".."
> >+ Index=$((Index+1))
> >+ done
> >+ if [ "$SigCount" -gt 1 ];then
> >+ echo "There are enough valid Signatures, so hoodfile is now
> >trusted."
> >+ cp "$hoodfile"* "$TRUSTEDHOODDIR/."
> >+ else
> >+ echo "There aren't enough valid Signatures"
> >+ echo "$hoodfile will be removed"
> >+ rm -f "$hoodfile"*
> >+ fi
> >+ echo
> >+done
> >+
> >+. /usr/sbin/configurehood
>
> Kann man das synchronisieren, validieren, auswählen und konfigurieren nicht entkoppeln?
>
Kann man machen. Sollte man vermutlich auch machen. Die Funktionen sind
vom Prinzip her ja schon eigenständig und ich habe sie nur verzahnt.
>
> Zu letzt noch die Frage: wie löscht man eine hood oder ein key file?
>
Bisher noch garnicht. Mir fehlt grad noch die Idee dafür.
Eventuell noch sowas wie *.revoke files oder sowas. Ich versuche da in
v2 noch was mit einzubauen.
Grüße Jan
> Tim
>
> >diff --git a/src/packages/fff/fff-hoodsync/files/usr/sbin/verifykeys
> >b/src/packages/fff/fff-hoodsync/files/usr/sbin/verifykeys
> >new file mode 100755
> >index 0000000..57f9446
> >--- /dev/null
> >+++ b/src/packages/fff/fff-hoodsync/files/usr/sbin/verifykeys
> >@@ -0,0 +1,59 @@
> >+#!/bin/sh
> >+
> >+. /usr/share/libubox/jshn.sh
> >+
> >+TRUSTEDKEYDIR=/etc/hoods/keys
> >+
> >+if [ -z "$KEYDIR" ]; then
> >+ KEYDIR="$TRUSTEDKEYDIR"
> >+fi
> >+
> >+rm -f /tmp/trustedkeys
> >+for keyfile in $TRUSTEDKEYDIR/*.key
> >+do
> >+ echo "Parsing trusted $keyfile"
> >+ json_load "$(cat $keyfile)"
> >+ json_get_var PubKey PubKey
> >+ echo "$PubKey" >> /tmp/trustedkeys
> >+done
> >+
> >+for keyfile in $KEYDIR/*.key
> >+do
> >+ echo "Check if key-signatures are valid"
> >+ echo "Parsing $keyfile"
> >+ json_load "$(cat $keyfile)"
> >+ json_get_var PubKey PubKey
> >+ echo "$PubKey" > "/tmp/$PubKey"
> >+ SigCount="0"
> >+ json_select Sigs
> >+ local Index="1"
> >+ while json_select $Index > /dev/null
> >+ do
> >+ json_get_var SigPubKey PubKey
> >+ json_get_var Sig Sig
> >+ if grep "$SigPubKey" "/tmp/trustedkeys" ; then
> >+ if ecdsaverify -s "$Sig" -p "$SigPubKey" "/tmp/$PubKey"
> >;then
> >+ echo "Valid Signature of $SigPubKey"
> >+ SigCount=$((SigCount+1))
> >+ else
> >+ echo "Invalid Signature of $SigPubKey"
> >+ fi
> >+ else
> >+ echo "$SigPubKey is not trusted. So signature is
> >worthless."
> >+ fi
> >+ json_select ".."
> >+ Index=$((Index+1))
> >+ done
> >+ json_select ".."
> >+ if [ "$SigCount" -gt 1 ];then
> >+ echo "There are enough valid Signatures, so key is now
> >trusted."
> >+ cp "$keyfile" "$TRUSTEDKEYDIR/$PubKey.key"
> >+ else
> >+ echo "There aren't enough valid Signatures"
> >+ echo "$keyfile will be removed"
> >+ rm -f "$keyfile"
> >+ fi
> >+ rm -f "/tmp/$PubKey"
> >+ echo
> >+done
> >+
> >diff --git a/src/packages/fff/fff/Makefile
> >b/src/packages/fff/fff/Makefile
> >index 45f034e..14d2af5 100644
> >--- a/src/packages/fff/fff/Makefile
> >+++ b/src/packages/fff/fff/Makefile
> >@@ -22,7 +22,8 @@ define Package/fff-base
> > +fff-fastd \
> > +fff-firewall \
> > +fff-network \
> >- +fff-hoods
> >+ +fff-hoods \
> >+ +fff-hoodsync
> > endef
> >
> > define Package/fff-base/description
-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname : signature.asc
Dateityp : application/pgp-signature
Dateigröße : 473 bytes
Beschreibung: This is a digitally signed message part
URL : <http://lists.freifunk.net/pipermail/franken-dev-freifunk.net/attachments/20160508/65671781/attachment-0002.sig>
Mehr Informationen über die Mailingliste franken-dev