Message ID | 1465733847-2307-5-git-send-email-mayosemmel@gmail.com |
---|---|
State | Superseded, archived |
Headers | show |
diff --git a/src/packages/fff/fff-fastd/files/usr/lib/micron.d/fff-fastd b/src/packages/fff/fff-fastd/files/usr/lib/micron.d/fff-fastd index b0022e8..9399c4f 100644 --- a/src/packages/fff/fff-fastd/files/usr/lib/micron.d/fff-fastd +++ b/src/packages/fff/fff-fastd/files/usr/lib/micron.d/fff-fastd @@ -1 +1 @@ -*/5 * * * * sleep $(/usr/bin/random 0 29); sh /usr/sbin/fastdstart +*/10 * * * * sleep $(/usr/bin/random 0 29); sh /usr/sbin/fastdstart diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood b/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood index fd5c9ea..c3bfc37 100644 --- a/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood +++ b/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood @@ -2,17 +2,29 @@ "version": 1, "hood": { "name": "fuerth", - "bssid": "ca:ff:ee:ba:be:02", - "protocol": "batman-adv-v14", + "essid": "fuerth.franken.freifunk.net", + "mesh_bssid": "ca:ff:ee:ba:be:02", + "mesh_essid": "mesh.fue.franken.freifunk.net", + "protocol": "batman-adv-2016.1", "channel2": 1, "mode2": "ht20", "type2": "adhoc", "channel5": 40, "mode5": "ht40+", "type5": "adhoc", - "location": { "lat": 49.478330, "lon": 10.990270 }, + "location": { "lat": 49.47732, "lon": 10.98881 }, + "timestamp": "1464601259" }, "network": { "ula_prefix": "fdff:2::/64" - } + }, + "vpn": [ + { + "name": "fff-gw-cd1.fff.community", + "protocol": "fastd", + "address": "144.76.70.189", + "port": "10004", + "key": "0b1eb2ab3f75092f6a851b7e8834543d9a43bab94d073b2dc1a18b3d3ce7d5aa" + } + ] } diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood.sig b/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood.sig new file mode 100644 index 0000000..e91b2b9 --- /dev/null +++ b/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood.sig @@ -0,0 +1,13 @@ +{ + "Sigs": + [ + { + "PubKey": "e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4", + "Sig": "972fd07045892c2418d9bbf2be63e48ce3cc547fd5623e68a0e815be008db90da8c6ef05f53a588d6a7c8d03711c3d9eb2a78cd53fa4086376fc4556b0f0e101" + }, + { + "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", + "Sig": "721b8192114cdda99c3954c013a0d26453dbd522e27d19379278bd384cea2d0b715593d0bbb9876c6af84b4ebdab91a6d58ef2a80d01a25a7f1a62c51db7c703" + } + ] +} diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood b/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood index e017a2f..048d492 100644 --- a/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood +++ b/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood @@ -5,16 +5,26 @@ "essid": "nbg.franken.freifunk.net", "mesh_bssid": "ca:ff:ee:ba:be:03", "mesh_essid": "mesh.nbg.franken.freifunk.net", - "protocol": "batman-adv-v14", + "protocol": "batman-adv-2016.1", "channel2": 1, "mode2": "HT20", - "type": "adhoc", + "type2": "adhoc", "channel5": 40, "mode5": "HT40+", - "type": "adhoc", - "location": { "lat": 49.448856, "lon": 11.082108 }, + "type5": "adhoc", + "location": { "lat": 49.45401, "lon": 11.07733 }, + "timestamp": "1463514352" }, "network": { "ula_prefix": "fdff:3::/64" - } + }, + "vpn": [ + { + "name": "FFF-GW-M2.fff.community", + "protocol": "fastd", + "address": "91.134.133.6", + "port": "10004", + "key": "a50533e664ec6e08074d0fcaa77eea09d13f9e8c18e5880ce6f73673110e0b19" + } + ] } diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood.sig b/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood.sig index 6cd1f3d..467c3c3 100644 --- a/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood.sig +++ b/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood.sig @@ -3,11 +3,11 @@ [ { "PubKey": "e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4", - "Sig": "bd3b658cacc4896edccc4c111fe63b1d579c1ea569352c7ac62a2ba5221a2d01364b5e683469ce987946148bafbfd37913566e2dbf481a6f959f9b771483df09" + "Sig": "daba53db7d9948e9e8fdc3d3da9c3206d3ada2aa3164df54396e6d99fce5080d9d2ff03fa327dd15b2904077c1d4e51d1f10241b7ff3d9129479ad00c1a9f102" }, { "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", - "Sig": "d13af6ada2ad1d0f3900ab2c53d1f5c5223f2bb38e826e9d7cf06198cc60da055b235e9a013e1c40ba56bb6e22efab168802e41d8d434b2c6e8931f4a4128400" + "Sig": "8c5088b0ad06949674d2ae9c96c5da4d140df377e95924f1456c0ef803ec7609f755b5d3bd1616bfded2abfc4f9bb5660d60f0bc26070d2c3683e5d5f268da07" } ] } diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/test.hood b/src/packages/fff/fff-hoods/files/etc/hoods/test.hood deleted file mode 100644 index 18a93f1..0000000 --- a/src/packages/fff/fff-hoods/files/etc/hoods/test.hood +++ /dev/null @@ -1,18 +0,0 @@ -{ - "version": 0, - "hood": { - "name": "test", - "bssid": "ca:ff:ee:ba:be:ff", - "protocol": "batman-adv-v14", - "channel2": 13, - "mode2": "ht20", - "type2": "adhoc", - "channel5": 40, - "mode5": "ht40+", - "type5": "adhoc", - "location": { "lat": 49.46654, "lon": 10.992 }, - }, - "network": { - "ula_prefix": "fdff:ff::/64" - } -} diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood b/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood index 41ac75e..c6522e6 100644 --- a/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood +++ b/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood @@ -2,16 +2,28 @@ "version": 1, "hood": { "name": "trainstation", - "bssid": "ca:ff:ee:ba:be:00", - "protocol": "batman-adv-v14", + "essid": "franken.freifunk.net", + "mesh_bssid": "ca:ff:ee:ba:be:00", + "mesh_essid": "mesh.franken.freifunk.net", + "protocol": "batman-adv-2016.1", "channel2": 1, - "mode2": "ht20", + "mode2": "HT20", "type2": "adhoc", "channel5": 40, - "mode5": "ht40+", + "mode5": "HT40+", "type5": "adhoc", + "timestamp": "1464785911", }, "network": { "ula_prefix": "fdff:0::/64" - } + }, + "vpn": [ + { + "name": "fff-nue2-gw2.fff.community", + "protocol": "fastd", + "address": "31.172.112.34", + "port": "10004", + "key": "invalid" + } + ] } diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood.sig b/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood.sig new file mode 100644 index 0000000..0adda1d --- /dev/null +++ b/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood.sig @@ -0,0 +1,13 @@ +{ + "Sigs": + [ + { + "PubKey": "e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4", + "Sig": "e83099ff7e1a529b136a916e2af95d08d8794eae62d71c0c858d1a9c6fd1ee09a127fd225637188f257c612138efc0808ef3a613afd181ee059cfb74c3087906" + }, + { + "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", + "Sig": "8f664d6a3a318131426e8d83dc30518aeeb01de04b47cd1e0bd4869eed14b1098a521a125d6209a40ae8ef247053a14ac32466b81c041c26be15b36b8ee0ab0d" + } + ] +} diff --git a/src/packages/fff/fff-hoods/files/usr/sbin/configurehood b/src/packages/fff/fff-hoods/files/usr/sbin/configurehood index dacb2fd..f401a94 100755 --- a/src/packages/fff/fff-hoods/files/usr/sbin/configurehood +++ b/src/packages/fff/fff-hoods/files/usr/sbin/configurehood @@ -132,10 +132,3 @@ uci -q batch <<-EOF >/dev/null set network.mesh.ip6addr="$addr" commit network EOF - -. /usr/sbin/configurenetwork - -# ==TODO== -#echo "Finding fastd Gateways, if online. Configure fastd." -# ======= -echo "Done" diff --git a/src/packages/fff/fff-hoodsync/Makefile b/src/packages/fff/fff-hoodsync/Makefile new file mode 100644 index 0000000..ccfc6ee --- /dev/null +++ b/src/packages/fff/fff-hoodsync/Makefile @@ -0,0 +1,39 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=fff-hoodsync +PKG_VERSION:=0.0.1 +PKG_RELEASE:=1 + +PKG_BUILD_DIR:=$(BUILD_DIR)/fff-hoodsync + +include $(INCLUDE_DIR)/package.mk + +define Package/fff-hoodsync + SECTION:=base + CATEGORY:=Freifunk + TITLE:= Freifunk-Franken hoodfile synchronisation + URL:=http://www.freifunk-franken.de + DEPENDS:=+fff-hoods +libubox +ecdsautils +endef + +define Package/fff-hoodsync/description + This package synchronises and verifys hoodfiles and keyfiles +endef + +define Build/Prepare + echo "all: " > $(PKG_BUILD_DIR)/Makefile +endef + +define Build/Configure + # nothing +endef + +define Build/Compile + # nothing +endef + +define Package/fff-hoodsync/install + $(CP) ./files/* $(1)/ +endef + +$(eval $(call BuildPackage,fff-hoodsync)) diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key new file mode 100644 index 0000000..d17ef95 --- /dev/null +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key @@ -0,0 +1,9 @@ +{ + "version": 1, + "key": { + "PubKey": "120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb", + "Owner": "TestUser0.2", + "timestamp": "1463431456", + "valid": true + } +} diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key.sig b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key.sig new file mode 100644 index 0000000..b151b39 --- /dev/null +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key.sig @@ -0,0 +1,13 @@ +{ + "Sigs": + [ + { + "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", + "Sig": "22807de1d12e590f23cbcd1cebf09b46eaa07c76220fd46826deca18fde9b804126fbe3980229e991b6851fb5b0e66869560dceaab40cb45240e6e7800d68a07" + }, + { + "PubKey": "2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e", + "Sig": "1409445db2b14e2c018819590d2d1ae7749fc58544ded894a44f82a0f3754d0230bff244c2df85bccd7ff632b3616df164a7761de7cabd80570cbade3f54ef0b" + } + ] +} diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key new file mode 100644 index 0000000..fd8942b --- /dev/null +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key @@ -0,0 +1,9 @@ +{ + "version": 1, + "key": { + "PubKey": "2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e", + "Owner": "TestUser3", + "timestamp": "1463431573", + "valid": true, + } +} diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key.sig b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key.sig new file mode 100644 index 0000000..ea9aff0 --- /dev/null +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key.sig @@ -0,0 +1,13 @@ +{ + "Sigs": + [ + { + "PubKey": "e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4", + "Sig": "77d0b2c73767f2c9ea676e91175c6679eefcb3eedb5bf8adceaad2c98b10b20cb8ef61b5a43f066def9d0bbd49aea7956fccbc694de804bd3a14c22717cc2201" + }, + { + "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", + "Sig": "688fa207e03de4c443b4785520a499760dccbf12dea34fda30a4ecade979f00813fb38b16d4464050742fa03a5dd3e58cfd70a7624ac187371cc354c493af102" + } + ] +} diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key new file mode 100644 index 0000000..368e847 --- /dev/null +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key @@ -0,0 +1,9 @@ +{ + "version": 1, + "key": { + "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", + "Owner": "TestUser2", + "timestamp": "1463431700", + "valid": true, + } +} diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key.sig b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key.sig new file mode 100644 index 0000000..e3e246c --- /dev/null +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key.sig @@ -0,0 +1,13 @@ +{ + "Sigs": + [ + { + "PubKey": "e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4", + "Sig": "1fea15e91c65a173fe13ffeea264f2fcc6f6d76365f24329122b0d38bbb00f0c174ccffd8a58ebf4e701e61143bcae10c20b72c7a335bd242afb8fd0fbe2910a" + }, + { + "PubKey": "2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e", + "Sig": "18e687a11cf2fdf02bc3341bf68925f06a8b8a9b66a382d9d2b00f04c4e7c60c29c65aade4c850314dc453921e5de934c5fdf4be67d15e22aa007a75ae51a80b" + } + ] +} diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key new file mode 100644 index 0000000..a7ae672 --- /dev/null +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key @@ -0,0 +1,9 @@ +{ + "version": 1, + "key": { + "PubKey": "c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021", + "Owner": "TestUser0.1", + "timestamp": "1463431841", + "valid": true, + } +} diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key.sig b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key.sig new file mode 100644 index 0000000..035da2a --- /dev/null +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key.sig @@ -0,0 +1,13 @@ +{ + "Sigs": + [ + { + "PubKey": "e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4", + "Sig": "13972d9b6885d7a47d4feb05e0e5007ba846606f28f22e8e701b680cc375fc04c094d0fe5db67f1e0edb48f8ab9a9fe3adb03b89c4b409e80638fc9bbeb23b09" + }, + { + "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", + "Sig": "025d9737012881af46cd503b9b6b484dd21f044cd3c109aa5151d53bbd8a2b0800371f1f664eeb9804d265ebc25dafe900b7d6d541d66d79c4aa944e85c2aa0c" + } + ] +} diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key new file mode 100644 index 0000000..89ebeff --- /dev/null +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key @@ -0,0 +1,9 @@ +{ + "version": 1, + "key": { + "PubKey": "e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4", + "Owner": "TestUser1", + "timestamp": "1463431975", + "valid": true, + } +} diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key.sig b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key.sig new file mode 100644 index 0000000..10dd2c4 --- /dev/null +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key.sig @@ -0,0 +1,13 @@ +{ + "Sigs": + [ + { + "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", + "Sig": "a47a3e99c481df35af839e4a1becaf66d2f38f48f79ccb003cb3bb22d511cc0561780edc2130ce3c15bd27f640e4a9b3dd38dbe7ffcd3b61cbf9e794abd72a0e" + }, + { + "PubKey": "2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e", + "Sig": "dc6277a27bb9d227f1b246501882d0eb85b905b5591e3e768e6e943c6f5d0d003722e2104b2bd0d1933297f66fcc61e308bcadcfa571de8544c35711fe65a302" + } + ] +} diff --git a/src/packages/fff/fff-hoodsync/files/usr/lib/verifysigs b/src/packages/fff/fff-hoodsync/files/usr/lib/verifysigs new file mode 100644 index 0000000..24d86b2 --- /dev/null +++ b/src/packages/fff/fff-hoodsync/files/usr/lib/verifysigs @@ -0,0 +1,62 @@ +#!/bin/sh + +. /usr/share/libubox/jshn.sh + +if [ -z "$TRUSTEDKEYDIR" ]; then + TRUSTEDKEYDIR=/etc/hoods/keys +fi + +gettrustedkeys() +{ + local trustedkeys="" + for keyfile in $TRUSTEDKEYDIR/*.key + do + json_load "$(cat $keyfile)" + json_get_var valid valid + if $valid + then + json_get_var PubKey PubKey + trustedkeys="$trustedkeys,$PubKey" + fi + done + echo "$trustedkeys" +} + +verifysigs() +{ + local file="$1" + local sigfile="$2" + local sigsneeded="$3" + local trustedkeys="$(gettrustedkeys)" + echo "Check if signatures for $file are valid" + echo "Parsing $sigfile" + json_load "$(cat $sigfile)" + json_select Sigs + local Sigs="" + local Keys="" + local Index="1" + while json_select $Index > /dev/null + do + json_get_var SigPubKey PubKey + if echo "$Keys"|grep "$SigPubKey" > /dev/null + then + echo "$SigPubKey is duplicate" + elif echo "$trustedkeys"|grep "$SigPubKey" > /dev/null + then + Keys="$Keys -p $SigPubKey" + json_get_var Sig Sig + Sigs="$Sigs -s $Sig" + else + echo "$SigPubKey is not trusted" + fi + json_select ".." + Index=$((Index+1)) + done + if ecdsaverify -n $sigsneeded $Sigs $Keys $file;then + echo "Valid Signatures" + return 0 + else + echo "Invalid Signatures" + return 1 + fi +} diff --git a/src/packages/fff/fff-hoodsync/files/usr/sbin/synchronize b/src/packages/fff/fff-hoodsync/files/usr/sbin/synchronize new file mode 100755 index 0000000..f32d2a1 --- /dev/null +++ b/src/packages/fff/fff-hoodsync/files/usr/sbin/synchronize @@ -0,0 +1,25 @@ +#!/bin/sh + +UPDATELINK="http://[fdff:3::e418:c9ff:fec6:9d7d]/foo/hoods" +HOODDIR=/tmp/syncedhoods +KEYDIR=/tmp/syncedkeys + +rm -rf "$HOODDIR" +rm -rf "$KEYDIR" +mkdir -p "$HOODDIR" +mkdir -p "$KEYDIR" +rm -f /tmp/hoods.list +rm -f /tmp/keys.list +wget "$UPDATELINK/hoods.list" -O /tmp/hoods.list +wget "$UPDATELINK/keys/keys.list" -O /tmp/keys.list + +while read filename +do + wget "$UPDATELINK/$filename" -O "$HOODDIR/$filename" +done < /tmp/hoods.list + +while read filename +do + wget "$UPDATELINK/keys/$filename" -O "$KEYDIR/$filename" +done < /tmp/keys.list + diff --git a/src/packages/fff/fff-hoodsync/files/usr/sbin/verifyhoods b/src/packages/fff/fff-hoodsync/files/usr/sbin/verifyhoods new file mode 100755 index 0000000..faeedec --- /dev/null +++ b/src/packages/fff/fff-hoodsync/files/usr/sbin/verifyhoods @@ -0,0 +1,47 @@ +#!/bin/sh + +. /usr/share/libubox/jshn.sh +. /usr/lib/verifysigs + +TRUSTEDHOODDIR=/etc/hoods + +if [ -z "$HOODDIR" ]; then + HOODDIR="$TRUSTEDHOODDIR" +fi + +for hoodfile in $HOODDIR/*.hood +do + echo "Check if hood-files are valid" + echo "Parsing $(basename $hoodfile)" + json_load "$(cat $hoodfile)" + json_select hood + json_get_var newHoodName name + json_get_var newTimestamp timestamp + if [ -f "$TRUSTEDHOODDIR/$newHoodName.hood" ] + then + json_load "$(cat $TRUSTEDHOODDIR/$newHoodName.hood)" + json_select hood + json_get_var oldHoodName name + json_get_var oldTimestamp timestamp + if [ "$newHoodName" != "$oldHoodName" ] + then + echo "Hoodnames are not matching" + continue + fi + if [ "$newTimestamp" -le "$oldTimestamp" ] + then + echo "the synchronized file is older than current" + continue + fi + fi + if verifysigs "$hoodfile" "$hoodfile.sig" "2" + then + echo "There are enough valid Signatures, so hoodfile is now trusted." + cp "$hoodfile"* "$TRUSTEDHOODDIR/." + else + echo "There aren't enough valid Signatures" + echo "$hoodfile will be removed now" + rm -f "$hoodfile"* + fi + echo +done diff --git a/src/packages/fff/fff-hoodsync/files/usr/sbin/verifykeys b/src/packages/fff/fff-hoodsync/files/usr/sbin/verifykeys new file mode 100755 index 0000000..472567a --- /dev/null +++ b/src/packages/fff/fff-hoodsync/files/usr/sbin/verifykeys @@ -0,0 +1,48 @@ +#!/bin/sh + +. /usr/share/libubox/jshn.sh +. /usr/lib/verifysigs + +TRUSTEDKEYDIR=/etc/hoods/keys + +if [ -z "$KEYDIR" ]; then + KEYDIR="$TRUSTEDKEYDIR" +fi + +for keyfile in $KEYDIR/*.key +do + echo "Check if key-signatures are valid" + echo "Parsing $(basename $keyfile)" + json_load "$(cat $keyfile)" + json_select key + json_get_var newTimestamp timestamp + if [ -f "$TRUSTEDKEYDIR/$(basename $keyfile)" ] + then + json_load "$(cat $TRUSTEDKEYDIR/$(basename $keyfile))" + json_select key + json_get_var oldTimestamp timestamp + if [ "$newTimestamp" -le "$oldTimestamp" ] + then + echo "the synchronized file is older than current" + continue + fi + fi + if verifysigs "$keyfile" "$keyfile.sig" "2" + then + cp "$keyfile"* "$TRUSTEDKEYDIR/." + json_load "$(cat $TRUSTEDKEYDIR/$(basename $keyfile))" + json_select key + json_get_var valid valid + if $valid + then + echo "There are enough valid Signatures, so key is now trusted." + else + echo "There are enough valid Signatures. The key was revoked." + fi + else + echo "There aren't enough valid Signatures" + echo "$keyfile will be removed" + rm -f "$keyfile"* + fi +done + diff --git a/src/packages/fff/fff/Makefile b/src/packages/fff/fff/Makefile index e8dfb67..eef122b 100644 --- a/src/packages/fff/fff/Makefile +++ b/src/packages/fff/fff/Makefile @@ -26,7 +26,8 @@ define Package/fff-base +fff-sysupgrade \ +fff-wireless \ +fff-timeserver \ - +fff-hoods + +fff-hoods \ + +fff-hoodsync endef define Package/fff-base/description
Es wird übersichtlicher, wenn die hood und keyfiles in Patch 1 integrieren werden. Nein, ich hab mir das überlegt. Die Hood Files sollten eigentlich gar nicht im Patchset auftauchen (höchstens die Trainsstation). Die Aufteilung mit der "shell-lib" gefällt mir richtig gut. Unten habe ich noch ein paar Kleinigkeiten. Am Sonntag, den 12.06.2016, 14:17 +0200 schrieb Jan Kraus: > the package will synchronize and verify hood- and keyfiles > > Signed-off-by: Jan Kraus <mayosemmel@gmail.com> > --- > .../fff/fff-fastd/files/usr/lib/micron.d/fff-fastd | 2 +- > .../fff/fff-hoods/files/etc/hoods/fuerth.hood | 20 +++++-- > .../fff/fff-hoods/files/etc/hoods/fuerth.hood.sig | 13 +++++ > .../fff/fff-hoods/files/etc/hoods/nuernberg.hood | 20 +++++-- > .../fff-hoods/files/etc/hoods/nuernberg.hood.sig | 4 +- > .../fff/fff-hoods/files/etc/hoods/test.hood | 18 ------- > .../fff-hoods/files/etc/hoods/trainstation.hood | 22 ++++++-- > .../files/etc/hoods/trainstation.hood.sig | 13 +++++ > .../fff/fff-hoods/files/usr/sbin/configurehood | 7 --- > src/packages/fff/fff-hoodsync/Makefile | 39 ++++++++++++++ > ...0fd7c342494754949d338f77a84ac1a74a6c56077fb.key | 9 ++++ > ...c342494754949d338f77a84ac1a74a6c56077fb.key.sig | 13 +++++ > ...e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key | 9 ++++ > ...5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key.sig | 13 +++++ > ...e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key | 9 ++++ > ...2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key.sig | 13 +++++ > ...06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key | 9 ++++ > ...f7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key.sig | 13 +++++ > ...834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key | 9 ++++ > ...08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key.sig | 13 +++++ > .../fff/fff-hoodsync/files/usr/lib/verifysigs | 62 ++++++++++++++++++++++ > .../fff/fff-hoodsync/files/usr/sbin/synchronize | 25 +++++++++ > .../fff/fff-hoodsync/files/usr/sbin/verifyhoods | 47 ++++++++++++++++ > .../fff/fff-hoodsync/files/usr/sbin/verifykeys | 48 +++++++++++++++++ > src/packages/fff/fff/Makefile | 3 +- > 25 files changed, 410 insertions(+), 43 deletions(-) > create mode 100644 src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood.sig > delete mode 100644 src/packages/fff/fff-hoods/files/etc/hoods/test.hood > create mode 100644 src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood.sig > create mode 100644 src/packages/fff/fff-hoodsync/Makefile > create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key > create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key.sig > create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key > create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key.sig > create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key > create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key.sig > create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key > create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key.sig > create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key > create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key.sig > create mode 100644 src/packages/fff/fff-hoodsync/files/usr/lib/verifysigs > create mode 100755 src/packages/fff/fff-hoodsync/files/usr/sbin/synchronize > create mode 100755 src/packages/fff/fff-hoodsync/files/usr/sbin/verifyhoods > create mode 100755 src/packages/fff/fff-hoodsync/files/usr/sbin/verifykeys > > diff --git a/src/packages/fff/fff-fastd/files/usr/lib/micron.d/fff-fastd b/src/packages/fff/fff-fastd/files/usr/lib/micron.d/fff-fastd > index b0022e8..9399c4f 100644 > --- a/src/packages/fff/fff-fastd/files/usr/lib/micron.d/fff-fastd > +++ b/src/packages/fff/fff-fastd/files/usr/lib/micron.d/fff-fastd > @@ -1 +1 @@ > -*/5 * * * * sleep $(/usr/bin/random 0 29); sh /usr/sbin/fastdstart > +*/10 * * * * sleep $(/usr/bin/random 0 29); sh /usr/sbin/fastdstart > diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood b/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood > index fd5c9ea..c3bfc37 100644 > --- a/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood > +++ b/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood > @@ -2,17 +2,29 @@ > "version": 1, > "hood": { > "name": "fuerth", > - "bssid": "ca:ff:ee:ba:be:02", > - "protocol": "batman-adv-v14", > + "essid": "fuerth.franken.freifunk.net", > + "mesh_bssid": "ca:ff:ee:ba:be:02", > + "mesh_essid": "mesh.fue.franken.freifunk.net", > + "protocol": "batman-adv-2016.1", > "channel2": 1, > "mode2": "ht20", > "type2": "adhoc", > "channel5": 40, > "mode5": "ht40+", > "type5": "adhoc", > - "location": { "lat": 49.478330, "lon": 10.990270 }, > + "location": { "lat": 49.47732, "lon": 10.98881 }, > + "timestamp": "1464601259" > }, > "network": { > "ula_prefix": "fdff:2::/64" > - } > + }, > + "vpn": [ > + { > + "name": "fff-gw-cd1.fff.community", > + "protocol": "fastd", > + "address": "144.76.70.189", > + "port": "10004", > + "key": "0b1eb2ab3f75092f6a851b7e8834543d9a43bab94d073b2dc1a18b3d3ce7d5aa" > + } > + ] > } > diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood.sig b/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood.sig > new file mode 100644 > index 0000000..e91b2b9 > --- /dev/null > +++ b/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood.sig > @@ -0,0 +1,13 @@ > +{ > + "Sigs": > + [ > + { > + "PubKey": "e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4", > + "Sig": "972fd07045892c2418d9bbf2be63e48ce3cc547fd5623e68a0e815be008db90da8c6ef05f53a588d6a7c8d03711c3d9eb2a78cd53fa4086376fc4556b0f0e101" > + }, > + { > + "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", > + "Sig": "721b8192114cdda99c3954c013a0d26453dbd522e27d19379278bd384cea2d0b715593d0bbb9876c6af84b4ebdab91a6d58ef2a80d01a25a7f1a62c51db7c703" > + } > + ] > +} > diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood b/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood > index e017a2f..048d492 100644 > --- a/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood > +++ b/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood > @@ -5,16 +5,26 @@ > "essid": "nbg.franken.freifunk.net", > "mesh_bssid": "ca:ff:ee:ba:be:03", > "mesh_essid": "mesh.nbg.franken.freifunk.net", > - "protocol": "batman-adv-v14", > + "protocol": "batman-adv-2016.1", > "channel2": 1, > "mode2": "HT20", > - "type": "adhoc", > + "type2": "adhoc", > "channel5": 40, > "mode5": "HT40+", > - "type": "adhoc", > - "location": { "lat": 49.448856, "lon": 11.082108 }, > + "type5": "adhoc", > + "location": { "lat": 49.45401, "lon": 11.07733 }, > + "timestamp": "1463514352" > }, > "network": { > "ula_prefix": "fdff:3::/64" > - } > + }, > + "vpn": [ > + { > + "name": "FFF-GW-M2.fff.community", > + "protocol": "fastd", > + "address": "91.134.133.6", > + "port": "10004", > + "key": "a50533e664ec6e08074d0fcaa77eea09d13f9e8c18e5880ce6f73673110e0b19" > + } > + ] > } > diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood.sig b/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood.sig > index 6cd1f3d..467c3c3 100644 > --- a/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood.sig > +++ b/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood.sig > @@ -3,11 +3,11 @@ > [ > { > "PubKey": "e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4", > - "Sig": "bd3b658cacc4896edccc4c111fe63b1d579c1ea569352c7ac62a2ba5221a2d01364b5e683469ce987946148bafbfd37913566e2dbf481a6f959f9b771483df09" > + "Sig": "daba53db7d9948e9e8fdc3d3da9c3206d3ada2aa3164df54396e6d99fce5080d9d2ff03fa327dd15b2904077c1d4e51d1f10241b7ff3d9129479ad00c1a9f102" > }, > { > "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", > - "Sig": "d13af6ada2ad1d0f3900ab2c53d1f5c5223f2bb38e826e9d7cf06198cc60da055b235e9a013e1c40ba56bb6e22efab168802e41d8d434b2c6e8931f4a4128400" > + "Sig": "8c5088b0ad06949674d2ae9c96c5da4d140df377e95924f1456c0ef803ec7609f755b5d3bd1616bfded2abfc4f9bb5660d60f0bc26070d2c3683e5d5f268da07" > } > ] > } > diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/test.hood b/src/packages/fff/fff-hoods/files/etc/hoods/test.hood > deleted file mode 100644 > index 18a93f1..0000000 > --- a/src/packages/fff/fff-hoods/files/etc/hoods/test.hood > +++ /dev/null > @@ -1,18 +0,0 @@ > -{ > - "version": 0, > - "hood": { > - "name": "test", > - "bssid": "ca:ff:ee:ba:be:ff", > - "protocol": "batman-adv-v14", > - "channel2": 13, > - "mode2": "ht20", > - "type2": "adhoc", > - "channel5": 40, > - "mode5": "ht40+", > - "type5": "adhoc", > - "location": { "lat": 49.46654, "lon": 10.992 }, > - }, > - "network": { > - "ula_prefix": "fdff:ff::/64" > - } > -} > diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood b/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood > index 41ac75e..c6522e6 100644 > --- a/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood > +++ b/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood > @@ -2,16 +2,28 @@ > "version": 1, > "hood": { > "name": "trainstation", > - "bssid": "ca:ff:ee:ba:be:00", > - "protocol": "batman-adv-v14", > + "essid": "franken.freifunk.net", > + "mesh_bssid": "ca:ff:ee:ba:be:00", > + "mesh_essid": "mesh.franken.freifunk.net", > + "protocol": "batman-adv-2016.1", > "channel2": 1, > - "mode2": "ht20", > + "mode2": "HT20", > "type2": "adhoc", > "channel5": 40, > - "mode5": "ht40+", > + "mode5": "HT40+", > "type5": "adhoc", > + "timestamp": "1464785911", > }, > "network": { > "ula_prefix": "fdff:0::/64" > - } > + }, > + "vpn": [ > + { > + "name": "fff-nue2-gw2.fff.community", > + "protocol": "fastd", > + "address": "31.172.112.34", > + "port": "10004", > + "key": "invalid" > + } > + ] > } > diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood.sig b/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood.sig > new file mode 100644 > index 0000000..0adda1d > --- /dev/null > +++ b/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood.sig > @@ -0,0 +1,13 @@ > +{ > + "Sigs": > + [ > + { > + "PubKey": "e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4", > + "Sig": "e83099ff7e1a529b136a916e2af95d08d8794eae62d71c0c858d1a9c6fd1ee09a127fd225637188f257c612138efc0808ef3a613afd181ee059cfb74c3087906" > + }, > + { > + "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", > + "Sig": "8f664d6a3a318131426e8d83dc30518aeeb01de04b47cd1e0bd4869eed14b1098a521a125d6209a40ae8ef247053a14ac32466b81c041c26be15b36b8ee0ab0d" > + } > + ] > +} > diff --git a/src/packages/fff/fff-hoods/files/usr/sbin/configurehood b/src/packages/fff/fff-hoods/files/usr/sbin/configurehood > index dacb2fd..f401a94 100755 > --- a/src/packages/fff/fff-hoods/files/usr/sbin/configurehood > +++ b/src/packages/fff/fff-hoods/files/usr/sbin/configurehood > @@ -132,10 +132,3 @@ uci -q batch <<-EOF >/dev/null > set network.mesh.ip6addr="$addr" > commit network > EOF > - > -. /usr/sbin/configurenetwork > - > -# ==TODO== > -#echo "Finding fastd Gateways, if online. Configure fastd." > -# ======= > -echo "Done" Sollte mMn in Patch 1/8. > diff --git a/src/packages/fff/fff-hoodsync/Makefile b/src/packages/fff/fff-hoodsync/Makefile > new file mode 100644 > index 0000000..ccfc6ee > --- /dev/null > +++ b/src/packages/fff/fff-hoodsync/Makefile > @@ -0,0 +1,39 @@ > +include $(TOPDIR)/rules.mk > + > +PKG_NAME:=fff-hoodsync > +PKG_VERSION:=0.0.1 > +PKG_RELEASE:=1 > + > +PKG_BUILD_DIR:=$(BUILD_DIR)/fff-hoodsync > + > +include $(INCLUDE_DIR)/package.mk > + > +define Package/fff-hoodsync > + SECTION:=base > + CATEGORY:=Freifunk > + TITLE:= Freifunk-Franken hoodfile synchronisation > + URL:=http://www.freifunk-franken.de > + DEPENDS:=+fff-hoods +libubox +ecdsautils > +endef > + > +define Package/fff-hoodsync/description > + This package synchronises and verifys hoodfiles and keyfiles > +endef > + > +define Build/Prepare > + echo "all: " > $(PKG_BUILD_DIR)/Makefile > +endef > + > +define Build/Configure > + # nothing > +endef > + > +define Build/Compile > + # nothing > +endef > + > +define Package/fff-hoodsync/install > + $(CP) ./files/* $(1)/ > +endef > + > +$(eval $(call BuildPackage,fff-hoodsync)) > diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key > new file mode 100644 > index 0000000..d17ef95 > --- /dev/null > +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key > @@ -0,0 +1,9 @@ > +{ > + "version": 1, > + "key": { > + "PubKey": "120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb", > + "Owner": "TestUser0.2", > + "timestamp": "1463431456", > + "valid": true > + } > +} > diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key.sig b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key.sig > new file mode 100644 > index 0000000..b151b39 > --- /dev/null > +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key.sig > @@ -0,0 +1,13 @@ > +{ > + "Sigs": > + [ > + { > + "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", > + "Sig": "22807de1d12e590f23cbcd1cebf09b46eaa07c76220fd46826deca18fde9b804126fbe3980229e991b6851fb5b0e66869560dceaab40cb45240e6e7800d68a07" > + }, > + { > + "PubKey": "2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e", > + "Sig": "1409445db2b14e2c018819590d2d1ae7749fc58544ded894a44f82a0f3754d0230bff244c2df85bccd7ff632b3616df164a7761de7cabd80570cbade3f54ef0b" > + } > + ] > +} > diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key > new file mode 100644 > index 0000000..fd8942b > --- /dev/null > +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key > @@ -0,0 +1,9 @@ > +{ > + "version": 1, > + "key": { > + "PubKey": "2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e", > + "Owner": "TestUser3", > + "timestamp": "1463431573", > + "valid": true, > + } > +} > diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key.sig b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key.sig > new file mode 100644 > index 0000000..ea9aff0 > --- /dev/null > +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key.sig > @@ -0,0 +1,13 @@ > +{ > + "Sigs": > + [ > + { > + "PubKey": "e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4", > + "Sig": "77d0b2c73767f2c9ea676e91175c6679eefcb3eedb5bf8adceaad2c98b10b20cb8ef61b5a43f066def9d0bbd49aea7956fccbc694de804bd3a14c22717cc2201" > + }, > + { > + "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", > + "Sig": "688fa207e03de4c443b4785520a499760dccbf12dea34fda30a4ecade979f00813fb38b16d4464050742fa03a5dd3e58cfd70a7624ac187371cc354c493af102" > + } > + ] > +} > diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key > new file mode 100644 > index 0000000..368e847 > --- /dev/null > +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key > @@ -0,0 +1,9 @@ > +{ > + "version": 1, > + "key": { > + "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", > + "Owner": "TestUser2", > + "timestamp": "1463431700", > + "valid": true, > + } > +} > diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key.sig b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key.sig > new file mode 100644 > index 0000000..e3e246c > --- /dev/null > +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key.sig > @@ -0,0 +1,13 @@ > +{ > + "Sigs": > + [ > + { > + "PubKey": "e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4", > + "Sig": "1fea15e91c65a173fe13ffeea264f2fcc6f6d76365f24329122b0d38bbb00f0c174ccffd8a58ebf4e701e61143bcae10c20b72c7a335bd242afb8fd0fbe2910a" > + }, > + { > + "PubKey": "2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e", > + "Sig": "18e687a11cf2fdf02bc3341bf68925f06a8b8a9b66a382d9d2b00f04c4e7c60c29c65aade4c850314dc453921e5de934c5fdf4be67d15e22aa007a75ae51a80b" > + } > + ] > +} > diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key > new file mode 100644 > index 0000000..a7ae672 > --- /dev/null > +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key > @@ -0,0 +1,9 @@ > +{ > + "version": 1, > + "key": { > + "PubKey": "c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021", > + "Owner": "TestUser0.1", > + "timestamp": "1463431841", > + "valid": true, > + } > +} > diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key.sig b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key.sig > new file mode 100644 > index 0000000..035da2a > --- /dev/null > +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key.sig > @@ -0,0 +1,13 @@ > +{ > + "Sigs": > + [ > + { > + "PubKey": "e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4", > + "Sig": "13972d9b6885d7a47d4feb05e0e5007ba846606f28f22e8e701b680cc375fc04c094d0fe5db67f1e0edb48f8ab9a9fe3adb03b89c4b409e80638fc9bbeb23b09" > + }, > + { > + "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", > + "Sig": "025d9737012881af46cd503b9b6b484dd21f044cd3c109aa5151d53bbd8a2b0800371f1f664eeb9804d265ebc25dafe900b7d6d541d66d79c4aa944e85c2aa0c" > + } > + ] > +} > diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key > new file mode 100644 > index 0000000..89ebeff > --- /dev/null > +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key > @@ -0,0 +1,9 @@ > +{ > + "version": 1, > + "key": { > + "PubKey": "e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4", > + "Owner": "TestUser1", > + "timestamp": "1463431975", > + "valid": true, > + } > +} > diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key.sig b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key.sig > new file mode 100644 > index 0000000..10dd2c4 > --- /dev/null > +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key.sig > @@ -0,0 +1,13 @@ > +{ > + "Sigs": > + [ > + { > + "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", > + "Sig": "a47a3e99c481df35af839e4a1becaf66d2f38f48f79ccb003cb3bb22d511cc0561780edc2130ce3c15bd27f640e4a9b3dd38dbe7ffcd3b61cbf9e794abd72a0e" > + }, > + { > + "PubKey": "2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e", > + "Sig": "dc6277a27bb9d227f1b246501882d0eb85b905b5591e3e768e6e943c6f5d0d003722e2104b2bd0d1933297f66fcc61e308bcadcfa571de8544c35711fe65a302" > + } > + ] > +} > diff --git a/src/packages/fff/fff-hoodsync/files/usr/lib/verifysigs b/src/packages/fff/fff-hoodsync/files/usr/lib/verifysigs > new file mode 100644 > index 0000000..24d86b2 > --- /dev/null > +++ b/src/packages/fff/fff-hoodsync/files/usr/lib/verifysigs > @@ -0,0 +1,62 @@ > +#!/bin/sh > + > +. /usr/share/libubox/jshn.sh > + > +if [ -z "$TRUSTEDKEYDIR" ]; then > + TRUSTEDKEYDIR=/etc/hoods/keys > +fi > + > +gettrustedkeys() > +{ > + local trustedkeys="" > + for keyfile in $TRUSTEDKEYDIR/*.key > + do > + json_load "$(cat $keyfile)" > + json_get_var valid valid > + if $valid Hier würde ich ein richtigen Test machen. Zum einen ist bool bei der shell komisch, zum anderen könnte da auch einfach Mist drin stehen. > + then > + json_get_var PubKey PubKey > + trustedkeys="$trustedkeys,$PubKey" > + fi > + done > + echo "$trustedkeys" > +} > + > +verifysigs() > +{ > + local file="$1" > + local sigfile="$2" > + local sigsneeded="$3" > + local trustedkeys="$(gettrustedkeys)" > + echo "Check if signatures for $file are valid" > + echo "Parsing $sigfile" > + json_load "$(cat $sigfile)" > + json_select Sigs > + local Sigs="" > + local Keys="" > + local Index="1" > + while json_select $Index > /dev/null > + do > + json_get_var SigPubKey PubKey > + if echo "$Keys"|grep "$SigPubKey" > /dev/null > + then > + echo "$SigPubKey is duplicate" > + elif echo "$trustedkeys"|grep "$SigPubKey" > /dev/null > + then > + Keys="$Keys -p $SigPubKey" > + json_get_var Sig Sig > + Sigs="$Sigs -s $Sig" > + else > + echo "$SigPubKey is not trusted" > + fi > + json_select ".." > + Index=$((Index+1)) > + done > + if ecdsaverify -n $sigsneeded $Sigs $Keys $file;then > + echo "Valid Signatures" > + return 0 > + else > + echo "Invalid Signatures" > + return 1 > + fi > +} > diff --git a/src/packages/fff/fff-hoodsync/files/usr/sbin/synchronize b/src/packages/fff/fff-hoodsync/files/usr/sbin/synchronize > new file mode 100755 > index 0000000..f32d2a1 > --- /dev/null > +++ b/src/packages/fff/fff-hoodsync/files/usr/sbin/synchronize Der Name ist für mich etwas zu allgemein. Hier besteht Verwechselungsgefahr. -> Vorschlag: syncHoods > @@ -0,0 +1,25 @@ > +#!/bin/sh > + > +UPDATELINK="http://[fdff:3::e418:c9ff:fec6:9d7d]/foo/hoods" > +HOODDIR=/tmp/syncedhoods > +KEYDIR=/tmp/syncedkeys > + > +rm -rf "$HOODDIR" > +rm -rf "$KEYDIR" > +mkdir -p "$HOODDIR" > +mkdir -p "$KEYDIR" > +rm -f /tmp/hoods.list > +rm -f /tmp/keys.list > +wget "$UPDATELINK/hoods.list" -O /tmp/hoods.list > +wget "$UPDATELINK/keys/keys.list" -O /tmp/keys.list > + > +while read filename > +do > + wget "$UPDATELINK/$filename" -O "$HOODDIR/$filename" > +done < /tmp/hoods.list > + > +while read filename > +do > + wget "$UPDATELINK/keys/$filename" -O "$KEYDIR/$filename" > +done < /tmp/keys.list > + > diff --git a/src/packages/fff/fff-hoodsync/files/usr/sbin/verifyhoods b/src/packages/fff/fff-hoodsync/files/usr/sbin/verifyhoods > new file mode 100755 > index 0000000..faeedec > --- /dev/null > +++ b/src/packages/fff/fff-hoodsync/files/usr/sbin/verifyhoods > @@ -0,0 +1,47 @@ > +#!/bin/sh > + > +. /usr/share/libubox/jshn.sh > +. /usr/lib/verifysigs > + > +TRUSTEDHOODDIR=/etc/hoods > + > +if [ -z "$HOODDIR" ]; then > + HOODDIR="$TRUSTEDHOODDIR" > +fi > + Wirklich? Sollte doch "HOODDIR=/tmp/syncedhoods" sein, oder? > > +for hoodfile in $HOODDIR/*.hood > +do > + echo "Check if hood-files are valid" > + echo "Parsing $(basename $hoodfile)" > + json_load "$(cat $hoodfile)" > + json_select hood > + json_get_var newHoodName name > + json_get_var newTimestamp timestamp > + if [ -f "$TRUSTEDHOODDIR/$newHoodName.hood" ] > + then > + json_load "$(cat $TRUSTEDHOODDIR/$newHoodName.hood)" > + json_select hood > + json_get_var oldHoodName name > + json_get_var oldTimestamp timestamp > + if [ "$newHoodName" != "$oldHoodName" ] > + then > + echo "Hoodnames are not matching" > + continue Hier wird nur übersprungen.. > + fi > + if [ "$newTimestamp" -le "$oldTimestamp" ] > + then > + echo "the synchronized file is older than current" > + continue Hier wird nur übersprungen.. > + fi > + fi > + if verifysigs "$hoodfile" "$hoodfile.sig" "2" > + then > + echo "There are enough valid Signatures, so hoodfile is now trusted." > + cp "$hoodfile"* "$TRUSTEDHOODDIR/." Hier würde ich nicht mit * arbeiten sondern den einfach die zweite Datei (.sig) auch kopieren. Es könnte sonst eine datei geben, die "$hoodfile".xxx.hood heißt, welcher dann ebenfalls trusted wird, nur weil der einen hier getrusted wird. > + else > + echo "There aren't enough valid Signatures" > + echo "$hoodfile will be removed now" > + rm -f "$hoodfile"* Hier wird gelöscht, wohingegen oben nur übersprungen wurde. > + fi > + echo > +done > diff --git a/src/packages/fff/fff-hoodsync/files/usr/sbin/verifykeys b/src/packages/fff/fff-hoodsync/files/usr/sbin/verifykeys > new file mode 100755 > index 0000000..472567a > --- /dev/null > +++ b/src/packages/fff/fff-hoodsync/files/usr/sbin/verifykeys > @@ -0,0 +1,48 @@ > +#!/bin/sh > + > +. /usr/share/libubox/jshn.sh > +. /usr/lib/verifysigs > + > +TRUSTEDKEYDIR=/etc/hoods/keys > + > +if [ -z "$KEYDIR" ]; then > + KEYDIR="$TRUSTEDKEYDIR" > +fi Sollte das nicht "KEYDIR=/tmp/syncedkeys" sein? > + > +for keyfile in $KEYDIR/*.key > +do > + echo "Check if key-signatures are valid" > + echo "Parsing $(basename $keyfile)" > + json_load "$(cat $keyfile)" > + json_select key > + json_get_var newTimestamp timestamp > + if [ -f "$TRUSTEDKEYDIR/$(basename $keyfile)" ] > + then > + json_load "$(cat $TRUSTEDKEYDIR/$(basename $keyfile))" > + json_select key > + json_get_var oldTimestamp timestamp > + if [ "$newTimestamp" -le "$oldTimestamp" ] > + then > + echo "the synchronized file is older than current" > + continue Wie oben.. > + fi > + fi > + if verifysigs "$keyfile" "$keyfile.sig" "2" > + then > + cp "$keyfile"* "$TRUSTEDKEYDIR/." Wie oben.. > + json_load "$(cat $TRUSTEDKEYDIR/$(basename $keyfile))" > + json_select key > + json_get_var valid valid > + if $valid > + then > + echo "There are enough valid Signatures, so key is now trusted." > + else > + echo "There are enough valid Signatures. The key was revoked." > + fi > + else > + echo "There aren't enough valid Signatures" > + echo "$keyfile will be removed" > + rm -f "$keyfile"* Wie oben.. Tim > + fi > +done > + > diff --git a/src/packages/fff/fff/Makefile b/src/packages/fff/fff/Makefile > index e8dfb67..eef122b 100644 > --- a/src/packages/fff/fff/Makefile > +++ b/src/packages/fff/fff/Makefile > @@ -26,7 +26,8 @@ define Package/fff-base > +fff-sysupgrade \ > +fff-wireless \ > +fff-timeserver \ > - +fff-hoods > + +fff-hoods \ > + +fff-hoodsync > endef > > define Package/fff-base/description > -- > 2.1.4 >
Hi Tim, Am Sonntag, den 12.06.2016, 22:37 +0200 schrieb Tim Niemeyer: > Es wird übersichtlicher, wenn die hood und keyfiles in Patch 1 > integrieren werden. Ich hab das gleich mal eingearbeitet. In den zukünftigen RFCs wird es einen "Patch2" geben, in dem die Hood-Files mitkommen. Später sollte natürlich nur die Trainstation in der Firmware sein. Zum testen ist es mit allen etwas angenehmer... Ebenfalls habe ich die Test-Keys in einen eigenen Patch ausgelagert, den man später dann mergen kann. > > Nein, ich hab mir das überlegt. Die Hood Files sollten eigentlich gar > nicht im Patchset auftauchen (höchstens die Trainsstation). > > Die Aufteilung mit der "shell-lib" gefällt mir richtig gut. Unten habe > ich noch ein paar Kleinigkeiten. Danke. Freut mich > > Am Sonntag, den 12.06.2016, 14:17 +0200 schrieb Jan Kraus: > > the package will synchronize and verify hood- and keyfiles > > > > Signed-off-by: Jan Kraus <mayosemmel@gmail.com> > > --- > > .../fff/fff-fastd/files/usr/lib/micron.d/fff-fastd | 2 +- > > .../fff/fff-hoods/files/etc/hoods/fuerth.hood | 20 +++++-- > > .../fff/fff-hoods/files/etc/hoods/fuerth.hood.sig | 13 +++++ > > .../fff/fff-hoods/files/etc/hoods/nuernberg.hood | 20 +++++-- > > .../fff-hoods/files/etc/hoods/nuernberg.hood.sig | 4 +- > > .../fff/fff-hoods/files/etc/hoods/test.hood | 18 ------- > > .../fff-hoods/files/etc/hoods/trainstation.hood | 22 ++++++-- > > .../files/etc/hoods/trainstation.hood.sig | 13 +++++ > > .../fff/fff-hoods/files/usr/sbin/configurehood | 7 --- > > src/packages/fff/fff-hoodsync/Makefile | 39 ++++++++++++++ > > ...0fd7c342494754949d338f77a84ac1a74a6c56077fb.key | 9 ++++ > > ...c342494754949d338f77a84ac1a74a6c56077fb.key.sig | 13 +++++ > > ...e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key | 9 ++++ > > ...5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key.sig | 13 +++++ > > ...e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key | 9 ++++ > > ...2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key.sig | 13 +++++ > > ...06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key | 9 ++++ > > ...f7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key.sig | 13 +++++ > > ...834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key | 9 ++++ > > ...08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key.sig | 13 +++++ > > .../fff/fff-hoodsync/files/usr/lib/verifysigs | 62 ++++++++++++++++++++++ > > .../fff/fff-hoodsync/files/usr/sbin/synchronize | 25 +++++++++ > > .../fff/fff-hoodsync/files/usr/sbin/verifyhoods | 47 ++++++++++++++++ > > .../fff/fff-hoodsync/files/usr/sbin/verifykeys | 48 +++++++++++++++++ > > src/packages/fff/fff/Makefile | 3 +- > > 25 files changed, 410 insertions(+), 43 deletions(-) > > create mode 100644 src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood.sig > > delete mode 100644 src/packages/fff/fff-hoods/files/etc/hoods/test.hood > > create mode 100644 src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood.sig > > create mode 100644 src/packages/fff/fff-hoodsync/Makefile > > create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key > > create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key.sig > > create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key > > create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key.sig > > create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key > > create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key.sig > > create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key > > create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key.sig > > create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key > > create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key.sig > > create mode 100644 src/packages/fff/fff-hoodsync/files/usr/lib/verifysigs > > create mode 100755 src/packages/fff/fff-hoodsync/files/usr/sbin/synchronize > > create mode 100755 src/packages/fff/fff-hoodsync/files/usr/sbin/verifyhoods > > create mode 100755 src/packages/fff/fff-hoodsync/files/usr/sbin/verifykeys > > > > diff --git a/src/packages/fff/fff-fastd/files/usr/lib/micron.d/fff-fastd b/src/packages/fff/fff-fastd/files/usr/lib/micron.d/fff-fastd > > index b0022e8..9399c4f 100644 > > --- a/src/packages/fff/fff-fastd/files/usr/lib/micron.d/fff-fastd > > +++ b/src/packages/fff/fff-fastd/files/usr/lib/micron.d/fff-fastd > > @@ -1 +1 @@ > > -*/5 * * * * sleep $(/usr/bin/random 0 29); sh /usr/sbin/fastdstart > > +*/10 * * * * sleep $(/usr/bin/random 0 29); sh /usr/sbin/fastdstart > > diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood b/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood > > index fd5c9ea..c3bfc37 100644 > > --- a/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood > > +++ b/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood > > @@ -2,17 +2,29 @@ > > "version": 1, > > "hood": { > > "name": "fuerth", > > - "bssid": "ca:ff:ee:ba:be:02", > > - "protocol": "batman-adv-v14", > > + "essid": "fuerth.franken.freifunk.net", > > + "mesh_bssid": "ca:ff:ee:ba:be:02", > > + "mesh_essid": "mesh.fue.franken.freifunk.net", > > + "protocol": "batman-adv-2016.1", > > "channel2": 1, > > "mode2": "ht20", > > "type2": "adhoc", > > "channel5": 40, > > "mode5": "ht40+", > > "type5": "adhoc", > > - "location": { "lat": 49.478330, "lon": 10.990270 }, > > + "location": { "lat": 49.47732, "lon": 10.98881 }, > > + "timestamp": "1464601259" > > }, > > "network": { > > "ula_prefix": "fdff:2::/64" > > - } > > + }, > > + "vpn": [ > > + { > > + "name": "fff-gw-cd1.fff.community", > > + "protocol": "fastd", > > + "address": "144.76.70.189", > > + "port": "10004", > > + "key": "0b1eb2ab3f75092f6a851b7e8834543d9a43bab94d073b2dc1a18b3d3ce7d5aa" > > + } > > + ] > > } > > diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood.sig b/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood.sig > > new file mode 100644 > > index 0000000..e91b2b9 > > --- /dev/null > > +++ b/src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood.sig > > @@ -0,0 +1,13 @@ > > +{ > > + "Sigs": > > + [ > > + { > > + "PubKey": "e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4", > > + "Sig": "972fd07045892c2418d9bbf2be63e48ce3cc547fd5623e68a0e815be008db90da8c6ef05f53a588d6a7c8d03711c3d9eb2a78cd53fa4086376fc4556b0f0e101" > > + }, > > + { > > + "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", > > + "Sig": "721b8192114cdda99c3954c013a0d26453dbd522e27d19379278bd384cea2d0b715593d0bbb9876c6af84b4ebdab91a6d58ef2a80d01a25a7f1a62c51db7c703" > > + } > > + ] > > +} > > diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood b/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood > > index e017a2f..048d492 100644 > > --- a/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood > > +++ b/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood > > @@ -5,16 +5,26 @@ > > "essid": "nbg.franken.freifunk.net", > > "mesh_bssid": "ca:ff:ee:ba:be:03", > > "mesh_essid": "mesh.nbg.franken.freifunk.net", > > - "protocol": "batman-adv-v14", > > + "protocol": "batman-adv-2016.1", > > "channel2": 1, > > "mode2": "HT20", > > - "type": "adhoc", > > + "type2": "adhoc", > > "channel5": 40, > > "mode5": "HT40+", > > - "type": "adhoc", > > - "location": { "lat": 49.448856, "lon": 11.082108 }, > > + "type5": "adhoc", > > + "location": { "lat": 49.45401, "lon": 11.07733 }, > > + "timestamp": "1463514352" > > }, > > "network": { > > "ula_prefix": "fdff:3::/64" > > - } > > + }, > > + "vpn": [ > > + { > > + "name": "FFF-GW-M2.fff.community", > > + "protocol": "fastd", > > + "address": "91.134.133.6", > > + "port": "10004", > > + "key": "a50533e664ec6e08074d0fcaa77eea09d13f9e8c18e5880ce6f73673110e0b19" > > + } > > + ] > > } > > diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood.sig b/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood.sig > > index 6cd1f3d..467c3c3 100644 > > --- a/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood.sig > > +++ b/src/packages/fff/fff-hoods/files/etc/hoods/nuernberg.hood.sig > > @@ -3,11 +3,11 @@ > > [ > > { > > "PubKey": "e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4", > > - "Sig": "bd3b658cacc4896edccc4c111fe63b1d579c1ea569352c7ac62a2ba5221a2d01364b5e683469ce987946148bafbfd37913566e2dbf481a6f959f9b771483df09" > > + "Sig": "daba53db7d9948e9e8fdc3d3da9c3206d3ada2aa3164df54396e6d99fce5080d9d2ff03fa327dd15b2904077c1d4e51d1f10241b7ff3d9129479ad00c1a9f102" > > }, > > { > > "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", > > - "Sig": "d13af6ada2ad1d0f3900ab2c53d1f5c5223f2bb38e826e9d7cf06198cc60da055b235e9a013e1c40ba56bb6e22efab168802e41d8d434b2c6e8931f4a4128400" > > + "Sig": "8c5088b0ad06949674d2ae9c96c5da4d140df377e95924f1456c0ef803ec7609f755b5d3bd1616bfded2abfc4f9bb5660d60f0bc26070d2c3683e5d5f268da07" > > } > > ] > > } > > diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/test.hood b/src/packages/fff/fff-hoods/files/etc/hoods/test.hood > > deleted file mode 100644 > > index 18a93f1..0000000 > > --- a/src/packages/fff/fff-hoods/files/etc/hoods/test.hood > > +++ /dev/null > > @@ -1,18 +0,0 @@ > > -{ > > - "version": 0, > > - "hood": { > > - "name": "test", > > - "bssid": "ca:ff:ee:ba:be:ff", > > - "protocol": "batman-adv-v14", > > - "channel2": 13, > > - "mode2": "ht20", > > - "type2": "adhoc", > > - "channel5": 40, > > - "mode5": "ht40+", > > - "type5": "adhoc", > > - "location": { "lat": 49.46654, "lon": 10.992 }, > > - }, > > - "network": { > > - "ula_prefix": "fdff:ff::/64" > > - } > > -} > > diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood b/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood > > index 41ac75e..c6522e6 100644 > > --- a/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood > > +++ b/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood > > @@ -2,16 +2,28 @@ > > "version": 1, > > "hood": { > > "name": "trainstation", > > - "bssid": "ca:ff:ee:ba:be:00", > > - "protocol": "batman-adv-v14", > > + "essid": "franken.freifunk.net", > > + "mesh_bssid": "ca:ff:ee:ba:be:00", > > + "mesh_essid": "mesh.franken.freifunk.net", > > + "protocol": "batman-adv-2016.1", > > "channel2": 1, > > - "mode2": "ht20", > > + "mode2": "HT20", > > "type2": "adhoc", > > "channel5": 40, > > - "mode5": "ht40+", > > + "mode5": "HT40+", > > "type5": "adhoc", > > + "timestamp": "1464785911", > > }, > > "network": { > > "ula_prefix": "fdff:0::/64" > > - } > > + }, > > + "vpn": [ > > + { > > + "name": "fff-nue2-gw2.fff.community", > > + "protocol": "fastd", > > + "address": "31.172.112.34", > > + "port": "10004", > > + "key": "invalid" > > + } > > + ] > > } > > diff --git a/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood.sig b/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood.sig > > new file mode 100644 > > index 0000000..0adda1d > > --- /dev/null > > +++ b/src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood.sig > > @@ -0,0 +1,13 @@ > > +{ > > + "Sigs": > > + [ > > + { > > + "PubKey": "e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4", > > + "Sig": "e83099ff7e1a529b136a916e2af95d08d8794eae62d71c0c858d1a9c6fd1ee09a127fd225637188f257c612138efc0808ef3a613afd181ee059cfb74c3087906" > > + }, > > + { > > + "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", > > + "Sig": "8f664d6a3a318131426e8d83dc30518aeeb01de04b47cd1e0bd4869eed14b1098a521a125d6209a40ae8ef247053a14ac32466b81c041c26be15b36b8ee0ab0d" > > + } > > + ] > > +} > > diff --git a/src/packages/fff/fff-hoods/files/usr/sbin/configurehood b/src/packages/fff/fff-hoods/files/usr/sbin/configurehood > > index dacb2fd..f401a94 100755 > > --- a/src/packages/fff/fff-hoods/files/usr/sbin/configurehood > > +++ b/src/packages/fff/fff-hoods/files/usr/sbin/configurehood > > @@ -132,10 +132,3 @@ uci -q batch <<-EOF >/dev/null > > set network.mesh.ip6addr="$addr" > > commit network > > EOF > > - > > -. /usr/sbin/configurenetwork > > - > > -# ==TODO== > > -#echo "Finding fastd Gateways, if online. Configure fastd." > > -# ======= > > -echo "Done" > Sollte mMn in Patch 1/8. erledigt... > > > > diff --git a/src/packages/fff/fff-hoodsync/Makefile b/src/packages/fff/fff-hoodsync/Makefile > > new file mode 100644 > > index 0000000..ccfc6ee > > --- /dev/null > > +++ b/src/packages/fff/fff-hoodsync/Makefile > > @@ -0,0 +1,39 @@ > > +include $(TOPDIR)/rules.mk > > + > > +PKG_NAME:=fff-hoodsync > > +PKG_VERSION:=0.0.1 > > +PKG_RELEASE:=1 > > + > > +PKG_BUILD_DIR:=$(BUILD_DIR)/fff-hoodsync > > + > > +include $(INCLUDE_DIR)/package.mk > > + > > +define Package/fff-hoodsync > > + SECTION:=base > > + CATEGORY:=Freifunk > > + TITLE:= Freifunk-Franken hoodfile synchronisation > > + URL:=http://www.freifunk-franken.de > > + DEPENDS:=+fff-hoods +libubox +ecdsautils > > +endef > > + > > +define Package/fff-hoodsync/description > > + This package synchronises and verifys hoodfiles and keyfiles > > +endef > > + > > +define Build/Prepare > > + echo "all: " > $(PKG_BUILD_DIR)/Makefile > > +endef > > + > > +define Build/Configure > > + # nothing > > +endef > > + > > +define Build/Compile > > + # nothing > > +endef > > + > > +define Package/fff-hoodsync/install > > + $(CP) ./files/* $(1)/ > > +endef > > + > > +$(eval $(call BuildPackage,fff-hoodsync)) > > diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key > > new file mode 100644 > > index 0000000..d17ef95 > > --- /dev/null > > +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key > > @@ -0,0 +1,9 @@ > > +{ > > + "version": 1, > > + "key": { > > + "PubKey": "120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb", > > + "Owner": "TestUser0.2", > > + "timestamp": "1463431456", > > + "valid": true > > + } > > +} > > diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key.sig b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key.sig > > new file mode 100644 > > index 0000000..b151b39 > > --- /dev/null > > +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key.sig > > @@ -0,0 +1,13 @@ > > +{ > > + "Sigs": > > + [ > > + { > > + "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", > > + "Sig": "22807de1d12e590f23cbcd1cebf09b46eaa07c76220fd46826deca18fde9b804126fbe3980229e991b6851fb5b0e66869560dceaab40cb45240e6e7800d68a07" > > + }, > > + { > > + "PubKey": "2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e", > > + "Sig": "1409445db2b14e2c018819590d2d1ae7749fc58544ded894a44f82a0f3754d0230bff244c2df85bccd7ff632b3616df164a7761de7cabd80570cbade3f54ef0b" > > + } > > + ] > > +} > > diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key > > new file mode 100644 > > index 0000000..fd8942b > > --- /dev/null > > +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key > > @@ -0,0 +1,9 @@ > > +{ > > + "version": 1, > > + "key": { > > + "PubKey": "2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e", > > + "Owner": "TestUser3", > > + "timestamp": "1463431573", > > + "valid": true, > > + } > > +} > > diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key.sig b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key.sig > > new file mode 100644 > > index 0000000..ea9aff0 > > --- /dev/null > > +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key.sig > > @@ -0,0 +1,13 @@ > > +{ > > + "Sigs": > > + [ > > + { > > + "PubKey": "e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4", > > + "Sig": "77d0b2c73767f2c9ea676e91175c6679eefcb3eedb5bf8adceaad2c98b10b20cb8ef61b5a43f066def9d0bbd49aea7956fccbc694de804bd3a14c22717cc2201" > > + }, > > + { > > + "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", > > + "Sig": "688fa207e03de4c443b4785520a499760dccbf12dea34fda30a4ecade979f00813fb38b16d4464050742fa03a5dd3e58cfd70a7624ac187371cc354c493af102" > > + } > > + ] > > +} > > diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key > > new file mode 100644 > > index 0000000..368e847 > > --- /dev/null > > +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key > > @@ -0,0 +1,9 @@ > > +{ > > + "version": 1, > > + "key": { > > + "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", > > + "Owner": "TestUser2", > > + "timestamp": "1463431700", > > + "valid": true, > > + } > > +} > > diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key.sig b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key.sig > > new file mode 100644 > > index 0000000..e3e246c > > --- /dev/null > > +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key.sig > > @@ -0,0 +1,13 @@ > > +{ > > + "Sigs": > > + [ > > + { > > + "PubKey": "e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4", > > + "Sig": "1fea15e91c65a173fe13ffeea264f2fcc6f6d76365f24329122b0d38bbb00f0c174ccffd8a58ebf4e701e61143bcae10c20b72c7a335bd242afb8fd0fbe2910a" > > + }, > > + { > > + "PubKey": "2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e", > > + "Sig": "18e687a11cf2fdf02bc3341bf68925f06a8b8a9b66a382d9d2b00f04c4e7c60c29c65aade4c850314dc453921e5de934c5fdf4be67d15e22aa007a75ae51a80b" > > + } > > + ] > > +} > > diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key > > new file mode 100644 > > index 0000000..a7ae672 > > --- /dev/null > > +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key > > @@ -0,0 +1,9 @@ > > +{ > > + "version": 1, > > + "key": { > > + "PubKey": "c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021", > > + "Owner": "TestUser0.1", > > + "timestamp": "1463431841", > > + "valid": true, > > + } > > +} > > diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key.sig b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key.sig > > new file mode 100644 > > index 0000000..035da2a > > --- /dev/null > > +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key.sig > > @@ -0,0 +1,13 @@ > > +{ > > + "Sigs": > > + [ > > + { > > + "PubKey": "e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4", > > + "Sig": "13972d9b6885d7a47d4feb05e0e5007ba846606f28f22e8e701b680cc375fc04c094d0fe5db67f1e0edb48f8ab9a9fe3adb03b89c4b409e80638fc9bbeb23b09" > > + }, > > + { > > + "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", > > + "Sig": "025d9737012881af46cd503b9b6b484dd21f044cd3c109aa5151d53bbd8a2b0800371f1f664eeb9804d265ebc25dafe900b7d6d541d66d79c4aa944e85c2aa0c" > > + } > > + ] > > +} > > diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key > > new file mode 100644 > > index 0000000..89ebeff > > --- /dev/null > > +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key > > @@ -0,0 +1,9 @@ > > +{ > > + "version": 1, > > + "key": { > > + "PubKey": "e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4", > > + "Owner": "TestUser1", > > + "timestamp": "1463431975", > > + "valid": true, > > + } > > +} > > diff --git a/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key.sig b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key.sig > > new file mode 100644 > > index 0000000..10dd2c4 > > --- /dev/null > > +++ b/src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key.sig > > @@ -0,0 +1,13 @@ > > +{ > > + "Sigs": > > + [ > > + { > > + "PubKey": "8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e", > > + "Sig": "a47a3e99c481df35af839e4a1becaf66d2f38f48f79ccb003cb3bb22d511cc0561780edc2130ce3c15bd27f640e4a9b3dd38dbe7ffcd3b61cbf9e794abd72a0e" > > + }, > > + { > > + "PubKey": "2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e", > > + "Sig": "dc6277a27bb9d227f1b246501882d0eb85b905b5591e3e768e6e943c6f5d0d003722e2104b2bd0d1933297f66fcc61e308bcadcfa571de8544c35711fe65a302" > > + } > > + ] > > +} > > diff --git a/src/packages/fff/fff-hoodsync/files/usr/lib/verifysigs b/src/packages/fff/fff-hoodsync/files/usr/lib/verifysigs > > new file mode 100644 > > index 0000000..24d86b2 > > --- /dev/null > > +++ b/src/packages/fff/fff-hoodsync/files/usr/lib/verifysigs > > @@ -0,0 +1,62 @@ > > +#!/bin/sh > > + > > +. /usr/share/libubox/jshn.sh > > + > > +if [ -z "$TRUSTEDKEYDIR" ]; then > > + TRUSTEDKEYDIR=/etc/hoods/keys > > +fi > > + > > +gettrustedkeys() > > +{ > > + local trustedkeys="" > > + for keyfile in $TRUSTEDKEYDIR/*.key > > + do > > + json_load "$(cat $keyfile)" > > + json_get_var valid valid > > + if $valid > Hier würde ich ein richtigen Test machen. Zum einen ist bool bei der > shell komisch, zum anderen könnte da auch einfach Mist drin stehen. > > > + then > > + json_get_var PubKey PubKey > > + trustedkeys="$trustedkeys,$PubKey" > > + fi > > + done > > + echo "$trustedkeys" > > +} > > + > > +verifysigs() > > +{ > > + local file="$1" > > + local sigfile="$2" > > + local sigsneeded="$3" > > + local trustedkeys="$(gettrustedkeys)" > > + echo "Check if signatures for $file are valid" > > + echo "Parsing $sigfile" > > + json_load "$(cat $sigfile)" > > + json_select Sigs > > + local Sigs="" > > + local Keys="" > > + local Index="1" > > + while json_select $Index > /dev/null > > + do > > + json_get_var SigPubKey PubKey > > + if echo "$Keys"|grep "$SigPubKey" > /dev/null > > + then > > + echo "$SigPubKey is duplicate" > > + elif echo "$trustedkeys"|grep "$SigPubKey" > /dev/null > > + then > > + Keys="$Keys -p $SigPubKey" > > + json_get_var Sig Sig > > + Sigs="$Sigs -s $Sig" > > + else > > + echo "$SigPubKey is not trusted" > > + fi > > + json_select ".." > > + Index=$((Index+1)) > > + done > > + if ecdsaverify -n $sigsneeded $Sigs $Keys $file;then > > + echo "Valid Signatures" > > + return 0 > > + else > > + echo "Invalid Signatures" > > + return 1 > > + fi > > +} > > diff --git a/src/packages/fff/fff-hoodsync/files/usr/sbin/synchronize b/src/packages/fff/fff-hoodsync/files/usr/sbin/synchronize > > new file mode 100755 > > index 0000000..f32d2a1 > > --- /dev/null > > +++ b/src/packages/fff/fff-hoodsync/files/usr/sbin/synchronize > > Der Name ist für mich etwas zu allgemein. Hier besteht > Verwechselungsgefahr. -> Vorschlag: syncHoods Ich hatte mir den Namen im Kontext von "hoodsync" ausgedacht. Da das dann später einfach in dem Verzeichnis rumliegt, hast du recht. > > > @@ -0,0 +1,25 @@ > > +#!/bin/sh > > + > > +UPDATELINK="http://[fdff:3::e418:c9ff:fec6:9d7d]/foo/hoods" > > +HOODDIR=/tmp/syncedhoods > > +KEYDIR=/tmp/syncedkeys > > + > > +rm -rf "$HOODDIR" > > +rm -rf "$KEYDIR" > > +mkdir -p "$HOODDIR" > > +mkdir -p "$KEYDIR" > > +rm -f /tmp/hoods.list > > +rm -f /tmp/keys.list > > +wget "$UPDATELINK/hoods.list" -O /tmp/hoods.list > > +wget "$UPDATELINK/keys/keys.list" -O /tmp/keys.list > > + > > +while read filename > > +do > > + wget "$UPDATELINK/$filename" -O "$HOODDIR/$filename" > > +done < /tmp/hoods.list > > + > > +while read filename > > +do > > + wget "$UPDATELINK/keys/$filename" -O "$KEYDIR/$filename" > > +done < /tmp/keys.list > > + > > diff --git a/src/packages/fff/fff-hoodsync/files/usr/sbin/verifyhoods b/src/packages/fff/fff-hoodsync/files/usr/sbin/verifyhoods > > new file mode 100755 > > index 0000000..faeedec > > --- /dev/null > > +++ b/src/packages/fff/fff-hoodsync/files/usr/sbin/verifyhoods > > @@ -0,0 +1,47 @@ > > +#!/bin/sh > > + > > +. /usr/share/libubox/jshn.sh > > +. /usr/lib/verifysigs > > + > > +TRUSTEDHOODDIR=/etc/hoods > > + > > +if [ -z "$HOODDIR" ]; then > > + HOODDIR="$TRUSTEDHOODDIR" > > +fi > > + > Wirklich? Sollte doch "HOODDIR=/tmp/syncedhoods" sein, oder? Ich hatte dies mit Absicht wie es hier ist. Allerdings war da das Konzept noch etwas anders und ich hatte vergessen das anzupassen: Ich wollte gern die Möglichkeit, die bereits als "trusted" gekennzeichneten Hoods erneut zu verifizieren. Das "sollte" immer perfekt durchlaufen. Eigentlich war das nur der absolute Failover, wenn $HOODDIR nicht gesetzt ist. Die Scripte bekommen noch einen Übergabeparameter für den Aufruf. > > > > +for hoodfile in $HOODDIR/*.hood > > +do > > + echo "Check if hood-files are valid" > > + echo "Parsing $(basename $hoodfile)" > > + json_load "$(cat $hoodfile)" > > + json_select hood > > + json_get_var newHoodName name > > + json_get_var newTimestamp timestamp > > + if [ -f "$TRUSTEDHOODDIR/$newHoodName.hood" ] > > + then > > + json_load "$(cat $TRUSTEDHOODDIR/$newHoodName.hood)" > > + json_select hood > > + json_get_var oldHoodName name > > + json_get_var oldTimestamp timestamp > > + if [ "$newHoodName" != "$oldHoodName" ] > > + then > > + echo "Hoodnames are not matching" > > + continue > Hier wird nur übersprungen.. siehe unten > > > + fi > > + if [ "$newTimestamp" -le "$oldTimestamp" ] > > + then > > + echo "the synchronized file is older than current" > > + continue > Hier wird nur übersprungen.. siehe unten > > > + fi > > + fi > > + if verifysigs "$hoodfile" "$hoodfile.sig" "2" > > + then > > + echo "There are enough valid Signatures, so hoodfile is now trusted." > > + cp "$hoodfile"* "$TRUSTEDHOODDIR/." > Hier würde ich nicht mit * arbeiten sondern den einfach die zweite Datei > (.sig) auch kopieren. Es könnte sonst eine datei geben, die > "$hoodfile".xxx.hood heißt, welcher dann ebenfalls trusted wird, nur > weil der einen hier getrusted wird. Stimmt! > > > + else > > + echo "There aren't enough valid Signatures" > > + echo "$hoodfile will be removed now" > > + rm -f "$hoodfile"* > Hier wird gelöscht, wohingegen oben nur übersprungen wurde. Hier hatte ich einen Gedankenknoten. Da sollte sinnvollerweise überall gelöscht werden. > > > + fi > > + echo > > +done > > diff --git a/src/packages/fff/fff-hoodsync/files/usr/sbin/verifykeys b/src/packages/fff/fff-hoodsync/files/usr/sbin/verifykeys > > new file mode 100755 > > index 0000000..472567a > > --- /dev/null > > +++ b/src/packages/fff/fff-hoodsync/files/usr/sbin/verifykeys > > @@ -0,0 +1,48 @@ > > +#!/bin/sh > > + > > +. /usr/share/libubox/jshn.sh > > +. /usr/lib/verifysigs > > + > > +TRUSTEDKEYDIR=/etc/hoods/keys > > + > > +if [ -z "$KEYDIR" ]; then > > + KEYDIR="$TRUSTEDKEYDIR" > > +fi > Sollte das nicht "KEYDIR=/tmp/syncedkeys" sein? Hier selbiges wie oben. Bekommt einen Übergabeparameter. > > > + > > +for keyfile in $KEYDIR/*.key > > +do > > + echo "Check if key-signatures are valid" > > + echo "Parsing $(basename $keyfile)" > > + json_load "$(cat $keyfile)" > > + json_select key > > + json_get_var newTimestamp timestamp > > + if [ -f "$TRUSTEDKEYDIR/$(basename $keyfile)" ] > > + then > > + json_load "$(cat $TRUSTEDKEYDIR/$(basename $keyfile))" > > + json_select key > > + json_get_var oldTimestamp timestamp > > + if [ "$newTimestamp" -le "$oldTimestamp" ] > > + then > > + echo "the synchronized file is older than current" > > + continue > Wie oben.. Antwort auch wie oben > > > + fi > > + fi > > + if verifysigs "$keyfile" "$keyfile.sig" "2" > > + then > > + cp "$keyfile"* "$TRUSTEDKEYDIR/." > Wie oben.. Antwort auch wie oben > > > + json_load "$(cat $TRUSTEDKEYDIR/$(basename $keyfile))" > > + json_select key > > + json_get_var valid valid > > + if $valid > > + then > > + echo "There are enough valid Signatures, so key is now trusted." > > + else > > + echo "There are enough valid Signatures. The key was revoked." > > + fi > > + else > > + echo "There aren't enough valid Signatures" > > + echo "$keyfile will be removed" > > + rm -f "$keyfile"* > Wie oben.. Antwort auch wie oben Grüße Jan > > Tim > > > + fi > > +done > > + > > diff --git a/src/packages/fff/fff/Makefile b/src/packages/fff/fff/Makefile > > index e8dfb67..eef122b 100644 > > --- a/src/packages/fff/fff/Makefile > > +++ b/src/packages/fff/fff/Makefile > > @@ -26,7 +26,8 @@ define Package/fff-base > > +fff-sysupgrade \ > > +fff-wireless \ > > +fff-timeserver \ > > - +fff-hoods > > + +fff-hoods \ > > + +fff-hoodsync > > endef > > > > define Package/fff-base/description > > -- > > 2.1.4 > > >
the package will synchronize and verify hood- and keyfiles Signed-off-by: Jan Kraus <mayosemmel@gmail.com> --- .../fff/fff-fastd/files/usr/lib/micron.d/fff-fastd | 2 +- .../fff/fff-hoods/files/etc/hoods/fuerth.hood | 20 +++++-- .../fff/fff-hoods/files/etc/hoods/fuerth.hood.sig | 13 +++++ .../fff/fff-hoods/files/etc/hoods/nuernberg.hood | 20 +++++-- .../fff-hoods/files/etc/hoods/nuernberg.hood.sig | 4 +- .../fff/fff-hoods/files/etc/hoods/test.hood | 18 ------- .../fff-hoods/files/etc/hoods/trainstation.hood | 22 ++++++-- .../files/etc/hoods/trainstation.hood.sig | 13 +++++ .../fff/fff-hoods/files/usr/sbin/configurehood | 7 --- src/packages/fff/fff-hoodsync/Makefile | 39 ++++++++++++++ ...0fd7c342494754949d338f77a84ac1a74a6c56077fb.key | 9 ++++ ...c342494754949d338f77a84ac1a74a6c56077fb.key.sig | 13 +++++ ...e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key | 9 ++++ ...5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key.sig | 13 +++++ ...e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key | 9 ++++ ...2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key.sig | 13 +++++ ...06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key | 9 ++++ ...f7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key.sig | 13 +++++ ...834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key | 9 ++++ ...08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key.sig | 13 +++++ .../fff/fff-hoodsync/files/usr/lib/verifysigs | 62 ++++++++++++++++++++++ .../fff/fff-hoodsync/files/usr/sbin/synchronize | 25 +++++++++ .../fff/fff-hoodsync/files/usr/sbin/verifyhoods | 47 ++++++++++++++++ .../fff/fff-hoodsync/files/usr/sbin/verifykeys | 48 +++++++++++++++++ src/packages/fff/fff/Makefile | 3 +- 25 files changed, 410 insertions(+), 43 deletions(-) create mode 100644 src/packages/fff/fff-hoods/files/etc/hoods/fuerth.hood.sig delete mode 100644 src/packages/fff/fff-hoods/files/etc/hoods/test.hood create mode 100644 src/packages/fff/fff-hoods/files/etc/hoods/trainstation.hood.sig create mode 100644 src/packages/fff/fff-hoodsync/Makefile create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/120e50e60f05b80f5e6900fd7c342494754949d338f77a84ac1a74a6c56077fb.key.sig create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/2ec61ddc4d3b6c9d0b479e81b5bd76ab7888240b26fed03f7f0b4a0b74ad4b6e.key.sig create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/8366b366904c41e5c1839e3ae2cbb7fb5253ce7664fe9c67aabaa5549d44c79e.key.sig create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/c572b7e4908f1cbf9786c06ddf7b03a79fccfd8f0edf4ac07bff72f0f33bc021.key.sig create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key create mode 100644 src/packages/fff/fff-hoodsync/files/etc/hoods/keys/e96e53f782aa4bb432773834a08c759fd7c0d70fdd124c432d9ec5c2c3826fd4.key.sig create mode 100644 src/packages/fff/fff-hoodsync/files/usr/lib/verifysigs create mode 100755 src/packages/fff/fff-hoodsync/files/usr/sbin/synchronize create mode 100755 src/packages/fff/fff-hoodsync/files/usr/sbin/verifyhoods create mode 100755 src/packages/fff/fff-hoodsync/files/usr/sbin/verifykeys