From c4b99dd1e10676665395039fbc1488bf531f1bda Mon Sep 17 00:00:00 2001 From: memdmp Date: Wed, 22 Jan 2025 19:09:53 +0100 Subject: feat: new canary --- contrib/sig-canaries | 32 ++++++++++++++++++++------------ 1 file changed, 20 insertions(+), 12 deletions(-) (limited to 'contrib/sig-canaries') diff --git a/contrib/sig-canaries b/contrib/sig-canaries index 856a009..5dcadde 100755 --- a/contrib/sig-canaries +++ b/contrib/sig-canaries @@ -12,7 +12,6 @@ confirm() { done } sign() { - clear cat "$1" confirm "Do you wish to sign $1, as shown above?" gpg --default-key "${SIGKEY:-'B546778F06BBCC8EC167DB3CD919706487B8B6DE'}" -o "${2:-"$1.sig"}" --clearsign "$1" @@ -60,13 +59,19 @@ manual_monero_hash_entry() { echo -n "Please enter the current monero block hash: " read MONERO_HASH if [[ "$(wc -m <<< "$MONERO_HASH")" != "65" ]]; then - confirm "This is the incorrect length for a monero block hash. Are you sure?" || get_monero + confirm "This is the incorrect length for a monero block hash. Are you sure?" || manual_monero_hash_entry fi - export MONERO_HASH + MONERO_HASH="\"$MONERO_HASH\"" } get_monero() { IS_MANUAL=false; - export MONERO_HASH="$(([[ "$IS_MANUAL_MONERO_HEIGHT_ENTRY" == "" ]] && localmonero_blockhash_api && [[ "$MONERO_HASH" != "" ]]) || (IS_MANUAL=true; manual_monero_hash_entry 1>&2 && echo -n "$MONERO_HASH"))" + if [[ "$MONERO_HASH" == "" ]] && [[ "$IS_MANUAL_MONERO_HEIGHT_ENTRY" == "" ]]; then + MONERO_HASH="$(localmonero_blockhash_api)" + fi + if [[ "$MONERO_HASH" == "" ]]; then + IS_MANUAL=true + manual_monero_hash_entry + fi statustext echo -e 'Validation Sources:' if [[ "$IS_MANUAL" == "true" ]]; then @@ -80,15 +85,17 @@ get_monero() { get_kernel_commit() { statustext rm -rf /tmp/kernel - echo "Fetching kernel commit..." - git clone --depth 1 --bare --branch master https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git /tmp/kernel - export KERNEL_COMMIT="\"$(git --git-dir=/tmp/kernel rev-parse HEAD)\"" - rm -rf /tmp/kernel + if [[ "$KERNEL_COMMIT" == "" ]]; then + echo "Fetching kernel commit..." + git clone --depth 1 --bare --branch master https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git /tmp/kernel + KERNEL_COMMIT="\"$(git --git-dir=/tmp/kernel rev-parse HEAD)\"" + rm -rf /tmp/kernel + fi statustext confirm "Please validate that $KERNEL_COMMIT is the current latest commit hash of the linux kernel, as per https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/" } -export KERNEL_COMMIT="" -export MONERO_HASH="" +# export KERNEL_COMMIT="$KERNEL_COMMIT" +# export MONERO_HASH="$MONERO_HASH" get_monero get_kernel_commit @@ -97,10 +104,11 @@ process_canary() { replace_template() { sed -i "s/\\[$1\\]/$2/g" "$FILE" } + clear replace_template 'PRESENT_DAY' "$DAY" replace_template 'PRESENT_TIME' "$TIME" - replace_template 'MONERO_HASH' "$(jq -r <<< "$MONERO_HASH")" - replace_template 'LINUX_KERNEL_COMMIT' "$(jq -r <<< "$KERNEL_COMMIT")" + replace_template 'MONERO_HASH' "$( (jq -r <<< "$MONERO_HASH" 2>/dev/null) || echo -n "$MONERO_HASH" )" + replace_template 'LINUX_KERNEL_COMMIT' "$( (jq -r <<< "$KERNEL_COMMIT" 2>/dev/null) || echo -n "$KERNEL_COMMIT" )" rm -f "$FILE.sig" sign "$FILE" "$FILE.sig" mv "$FILE.sig" "$FILE" -- cgit v1.2.3