8 years ago · b18ceae7fa
--- a/manifest.py
+++ b/manifest.py
@@ -0,0 +1,32 @@
 
				+#!/usr/bin/env python3
			
 
				+
			
 
				+import argparse
			
 
				+import time
			
 
				+
			
 
				+parser = argparse.ArgumentParser(description='Combine multiple manifests into a new manifest')
			
 
				+parser.add_argument('-b', '--branch', default='stable', help='Branch name to set')
			
 
				+parser.add_argument('-p', '--priority', type=int, default=0, help='Priority to set')
			
 
				+parser.add_argument('manifest', nargs='+', help='Manifest files to include in output manifest')
			
 
				+
			
 
				+def main():
			
 
				+    args = parser.parse_args()
			
 
				+    print('BRANCH=%s' % args.branch)
			
 
				+    offset = time.strftime('%z')
			
 
				+    print('DATE=%s' % time.strftime('%Y-%m-%d %H:%M:%S') + '%s:%s' % (offset[:-2], offset[3:]))
			
 
				+    print('PRIORITY=%d' % args.priority)
			
 
				+    print()
			
 
				+
			
 
				+    for manifest in args.manifest:
			
 
				+        with open(manifest) as mfile:
			
 
				+            for line in mfile:
			
 
				+                if '=' in line:
			
 
				+                    continue
			
 
				+                l = line.strip()
			
 
				+                if l != '':
			
 
				+                    print(l)
			
 
				+
			
 
				+
			
 
				+
			
 
				+if __name__ == '__main__':
			
 
				+    main()
			
 
				+
			
--- a/sign.sh
+++ b/sign.sh
@@ -0,0 +1,44 @@
 
				+#!/bin/sh
			
 
				+
			
 
				+set -e
			
 
				+
			
 
				+if [ $# -ne 2 -o "-h" = "$1" -o "--help" = "$1" -o ! -r "$1" -o ! -r "$2" ]; then
			
 
				+	cat <<EOHELP
			
 
				+Usage: $0 <secret> <manifest>
			
 
				+
			
 
				+sign.sh adds lines to a manifest to indicate the approval
			
 
				+of the integrity of the firmware as required for automated
			
 
				+updates. The first argument <secret> references a file harboring
			
 
				+the private key of a public-private key pair of a developer
			
 
				+that referenced by its public key in the site configuration.
			
 
				+The script may be performed multiple times to the same document
			
 
				+to indicate an approval by multiple developers.
			
 
				+
			
 
				+See also
			
 
				+ * edcsautils on https://github.com/tcatm/ecdsautils
			
 
				+
			
 
				+EOHELP
			
 
				+	exit 1
			
 
				+fi
			
 
				+
			
 
				+SECRET="$1"
			
 
				+
			
 
				+manifest="$2"
			
 
				+upper="$(mktemp)"
			
 
				+lower="$(mktemp)"
			
 
				+
			
 
				+trap 'rm -f "$upper" "$lower"' EXIT
			
 
				+
			
 
				+awk 'BEGIN    { sep=0 }
			
 
				+     /^---$/ { sep=1; next }
			
 
				+              { if(sep==0) print > "'"$upper"'";
			
 
				+                else       print > "'"$lower"'"}' \
			
 
				+    "$manifest"
			
 
				+
			
 
				+ecdsasign "$upper" < "$SECRET" >> "$lower"
			
 
				+
			
 
				+(
			
 
				+	cat  "$upper"
			
 
				+	echo ---
			
 
				+	cat  "$lower"
			
 
				+) > "$manifest"
			
--- a/site.conf
+++ b/site.conf
--- a/site.mk
+++ b/site.mk