Hi,
Over the WE I have been changing a few things on emu...
Three goals here:
1) Make the installation and update process MITM proof
[1]
2) Get rid of the current load-balancer (I wrote it in
php and it sucks...) and limit the number of redirects
to follow to download a file
3) Gradually get rid of all the backward compatibility
stuffs we keep server-side
Hopefully that means less hits on emu and faster downloads.
From now on all the files are downloaded from
https://checksums.freenetproject.org/latest/
... And no, don't ask for it there is no directory listing... We
need to be able to change the URL we use more easily than now;
Hence I've simplified to the minimum the naming scheme: you ask
for the filename and that's it; they are no subdirectories
anymore and latest version of plugins can be accessed directly.
Before I can finish up and move on they are three things which
should be done:
1) update.cmd needs to be updated; imho it could be
rewritten from scratch, using update.sh as model. I can
precisely describe why it sucks if needed. We want all
the scripts to use the Sha1Test class
2) The node should be updated to download plugins from
the new URL and should check the checksums it provides
3) users should be asked to double-check that they have
an up to date updating script and that *it works*; It's
probably something we want to talk about in the next
release-announcement message.
Once those are done I will get rid of two vhosts on emu
(downloads.freenetproject.org and get.freenetproject.org) and
simplify *a lot* the release-building scripts. I'll create a
vhost dedicated to the 0.5 legacy code if someone want it
(complain now or never)... but we can't reasonably keep the
current file hierarchy.
Would anyone object if I force the installer to be downloaded
from emu and disable file-listing in the directory where it will
be ? Lately I heard of weird bugs from some users... and it
turns out they were using a 7 month old installer to set their
nodes up... they used some download-directory (like zdnet.com)
and got their old, deprecated installer from them! Needless to
say there isn't much we can do against that... but checking
referrers and disabling file-listing is something we can do
reasonably easily.
Are Zero3Cool or Juiceman still around and willing to tackle the
update.cmd part or shall I add it to my todo?
Does anyone want to do the plugins part? Bombe? dbkr?
NextGen$
[1] Here is the security model:
The certificate of checksums.freenetproject.org has been signed by a
real CA... We bundle it in the installer and verify the certificates
with it (It is valid 'till 2036); Arguably we should check some CRLs
too...
Files whose extensions are .sig and .sha1 are downloaded directly
from emu, other filetypes lead to a direct redirection to one of the
mirrors. We check the file we got from the mirror against the SHA1
checksum we downloaded securely from emu.
Everything is handled by apache through RewriteRules, no php vodoo is
involved anymore :)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL:
<https://emu.freenetproject.org/pipermail/devl/attachments/20080601/fb5e13ad/attachment.pgp>
