diff options
| author | olpc user <olpc@xo-5d-f7-86.localdomain> | 2020-01-07 17:52:10 -0800 |
|---|---|---|
| committer | olpc user <olpc@xo-5d-f7-86.localdomain> | 2020-01-07 17:52:10 -0800 |
| commit | ecd1089e9f529d5c168da85056da1ab576638ad5 (patch) | |
| tree | 8e1ba309bcb09daeda1e3108b963192d7ccbad9d | |
| parent | d2f1d006905b5d7c4bdf9255ae050330a6a7fbaa (diff) | |
| download | standingwithresilience-ecd1089e9f529d5c168da85056da1ab576638ad5.tar.gz standingwithresilience-ecd1089e9f529d5c168da85056da1ab576638ad5.zip | |
realized was not making deterministic files; using -J now, all files differ but should stay
| -rwxr-xr-x | git-maintenance/get.sh | 4 | ||||
| -rwxr-xr-x | git-maintenance/store.sh | 39 |
2 files changed, 29 insertions, 14 deletions
diff --git a/git-maintenance/get.sh b/git-maintenance/get.sh index a655762..7bff0ab 100755 --- a/git-maintenance/get.sh +++ b/git-maintenance/get.sh @@ -37,12 +37,12 @@ mv -f objects/pack/* objects/pack.bak/ # 3. download .git/encrypted with wget curl -sfI "$URLPFX"/refs.aes>/dev/null && wget "$URLPFX"/refs.aes -O encrypted/refs.aes || echo "==== BROKEN REMOTE refs.aes PLEASE RE-STORE OR RECOVER ====" -openssl aes-256-cbc -salt -pbkdf2 -pass "file:$PASS" -d -in encrypted/refs.aes | tar -zxvf - +openssl aes-256-cbc -salt -pbkdf2 -pass "file:$PASS" -d -in encrypted/refs.aes | tar -Jxvf - for encpack in $(<encrypted/list.txt) do wget "$URLPFX"/"$encpack" -O .git/encrypted/"$encpack" - openssl aes-256-cbc -salt -pbkdf2 -pass "file:$PASS" -d -in .git/encrypted/"$encpack" | tar -zxvf - + openssl aes-256-cbc -salt -pbkdf2 -pass "file:$PASS" -d -in .git/encrypted/"$encpack" | tar -Jxvf - done for pack in objects/pack/*.pack diff --git a/git-maintenance/store.sh b/git-maintenance/store.sh index 1361226..e45524b 100755 --- a/git-maintenance/store.sh +++ b/git-maintenance/store.sh @@ -6,8 +6,19 @@ cd "$ROOTDIR" GITDIR="$ROOTDIR/.git" MAINTDIR="$ROOTDIR/git-maintenance" -export GZIP=-9n -TAR="tar -z --owner=0 --group=0 --numeric-owner --mode=go=rX,u+rw,a-s" +# problem: IVs are producing files that do not have the same content each time, +# and a reupload of everything is made each store. + +#export GZIP=-9n +TAR="tar -J --owner=0 --group=0 --numeric-owner --mode=go=rX,u+rw,a-s" + +encrypt() { + openssl aes-256-cbc -salt -pbkdf2 -pass "file:$PASS" -e +} + +decrypt() { + openssl aes-256-cbc -salt -pbkdf2 -pass "file:$PASS" -d +} # this approach makes it easy for karl to look at history. it is not # to be used by other channels yet, can migrate. @@ -25,8 +36,6 @@ then popd fi -# TODO: once key picked, do what? - # prevent recreation of existing data on same medium-part git config gc.auto 0 @@ -40,17 +49,24 @@ cd "$GITDIR" for packfile in objects/pack/*.pack do $TAR -cv "$packfile" > "$tmpfile" - openssl aes-256-cbc -salt -pbkdf2 -pass "file:$PASS" -e -in "$tmpfile" -out "$tmpfile".aes - fn="$({ cat "$tmpfile"; echo -n "$PASS"; } | sha256sum | cut -f 1 -d ' ')".aes + fn="$({ cat "$packfile"; echo -n "$PASS"; } | sha256sum | cut -f 1 -d ' ')".aes if [ -e encrypted/"$fn" ] then echo "$fn ALREADY EXISTS LOCALLY ($packfile)" else echo "$fn IS NEW LOCALLY ($packfile)" fi - mv "$tmpfile".aes encrypted/"$fn" - if [ "$(curl "$URLPFX"/"$fn" | sha256sum)" = "$(cat encrypted/"$fn" | sha256sum)" ]; then - echo "$fn ALREADY EXISTS REMOTELY ($packfile)" + if [ "$(cat "$packfile" | sha256sum)" = "$(decrypt < encrypted/"$fn" | sha256sum) ] + then + echo "$fn MATCHES CONTENT LOCALLY ($packfile)" + else + echo "$fn DOESN'T MATCH LOCAL CONTENT ($packfile)" + encrypt < "$tmpfile" > "$tmpfile".aes + mv "$tmpfile".aes encrypted/"$fn" + fi + # need to decrypt to compare content. + if [ "$(curl "$URLPFX"/"$fn" | decrypt | "$TAR" -xvOf - "$packfile" | sha256sum)" = "$(cat "$packfile" | sha256sum)" ]; then + echo "$fn MATCHES DOWNLOAD CONTENT ($packfile)" mv -v encrypted/"$fn" encrypted.bak else echo "$fn FAILED GET MATCH REMOTELY ($packfile)" @@ -59,7 +75,7 @@ do done rm "$tmpfile" mv "$tmpfile".list encrypted/list.txt -$TAR -cv encrypted/list.txt refs HEAD packed-refs | openssl aes-256-cbc -salt -pbkdf2 -pass "file:$PASS" -e -out encrypted/refs.aes +$TAR -cv encrypted/list.txt refs HEAD packed-refs | encrypt > encrypted/refs.aes rm encrypted/list.txt cp -va "$MAINTDIR"/get.sh encrypted if [ "$(curl -s "$URLPFX"/get.sh | sha256sum)" = "$(cat encrypted/get.sh | sha256sum)" ]; then rm encrypted/get.sh; fi @@ -67,7 +83,6 @@ if [ "$(curl -s "$URLPFX"/get.sh | sha256sum)" = "$(cat encrypted/get.sh | sha25 - # primordia is detectable due to a pattern that emerges from not being industrialized. appears resolvable with industrial history assumption, including academic degrees. name-AI-primordia, keep earth-is-god assumption? the-king? the-king-is-earth. AI works for earth. be any thing you want. silica-computer. # this junk in scriptfile is why private !!!!!!!! @@ -97,7 +112,7 @@ if [ "$(curl -s "$URLPFX"/get.sh | sha256sum)" = "$(cat encrypted/get.sh | sha25 # some imagine anger to process disconnected parts. cd "$MAINTDIR" -node bsvup/cli.js upload -f "$GITDIR"/encrypted -t dir -p "$(<"$PASS")" -vb +node bsvup/cli.js upload -f "$GITDIR"/encrypted -t dir -p "$(<"$PASS")" -v # -b # 'is this a good way to be' <- habit's task for self and others, by living # the best way to be it can. |