v0.72 Release Bug Fix

- fix bad hash algorithm implementation in the CLI functions - fix schema migration issues on `dsip_settings` table - fix edge cases where bootstrapping failed # Please enter the commit message for your changes. Lines starting # with '#' will be ignored, and an empty message aborts the commit. # # On branch v0.72 # Your branch is up to date with 'origin/v0.72'. # # Changes to be committed: # modified: dsiprouter/dsip_lib.sh # modified: resources/upgrade/v0.72/scripts/bootstrap.sh # modified: resources/upgrade/v0.72/scripts/migrate.sh #
dOpensource · Apr 3, 2023 · 1f87450 · 1f87450
1 parent e0bbbfa
commit 1f87450
Show file tree

Hide file tree

Showing 4 changed files with 64 additions and 310 deletions.
diff --git a/dsiprouter.sh b/dsiprouter.sh
@@ -2841,7 +2841,7 @@ function upgrade() {
 
     # check if the new function definitions need bootstrapped prior to upgrade
     if (( $BOOTSTRAPPING_UPGRADE == 0 )) && curl -sf -I "$BS_SCRIPT_URL" -o /dev/null; then
-        curl -s "$BS_SCRIPT_URL" | bash -s upgrade -rel ${UPGRADE_RELEASE}
+        curl -s "$BS_SCRIPT_URL" | bash
         return $?
     fi
 

diff --git a/dsiprouter/dsip_lib.sh b/dsiprouter/dsip_lib.sh
@@ -1230,7 +1230,13 @@ function hashCreds() {
 
 	# python native version
 	# no external dependencies other than vanilla python3
-	${PYTHON} -c "import hashlib,binascii; print(binascii.hexlify(hashlib.pbkdf2_hmac('sha512', '$CREDS'.encode('utf-8'), '$SALT'.encode('utf-8'), iterations=$HASH_ITERATIONS, dklen=$DK_LEN)).decode('utf-8'));"
+	${PYTHON} <<EOPYTHON
+import hashlib,binascii
+creds='$CREDS'.encode('utf-8')
+salt='$SALT'.encode('utf-8')
+hash=hashlib.pbkdf2_hmac('sha512', creds, salt, iterations=$HASH_ITERATIONS, dklen=$DK_LEN) + salt
+print(binascii.hexlify(hash).decode('utf-8'))
+EOPYTHON
 	# bash native version
 	# currently too slow for production usage
 	#${DSIP_PROJECT_DIR}/dsiprouter/pbkdf2.sh 'sha512' "$CREDS" "$SALT" "$HASH_ITERATIONS" 4

diff --git a/resources/upgrade/v0.72/scripts/bootstrap.sh b/resources/upgrade/v0.72/scripts/bootstrap.sh
@@ -1,17 +1,10 @@
 #!/usr/bin/env bash
 
 export BOOTSTRAPPING_UPGRADE=1
-export SALT_LEN='16'
-export DK_LEN_DEFAULT='48'
-export CREDS_MAX_LEN='64'
-export HASH_ITERATIONS='10000'
-export HASHED_CREDS_ENCODED_MAX_LEN='128'
-export AESCTR_CREDS_ENCODED_MAX_LEN='160'
+export DSIP_PROJECT_DIR='/tmp/dsiprouter'
 TAG_NAME='v0.72-rel'
 REPO_URL='https://github.com/dOpensource/dsiprouter.git'
 rm -f /etc/dsiprouter/.requirementsinstalled
-rm -rf /tmp/dsiprouter 2>/dev/null
-git clone --depth 1 -b "$TAG_NAME" "$REPO_URL" /tmp/dsiprouter
-ln -sf /tmp/dsiprouter/resources/upgrade /opt/dsiprouter/resources/upgrade
-. /tmp/dsiprouter/dsiprouter/dsip_lib.sh
-. /tmp/dsiprouter/dsiprouter.sh upgrade -rel v0.72
+rm -rf "$DSIP_PROJECT_DIR" 2>/dev/null
+git clone --depth 1 -b "$TAG_NAME" "$REPO_URL" "$DSIP_PROJECT_DIR"
+${DSIP_PROJECT_DIR}/dsiprouter.sh upgrade -rel v0.72