Opened 5 years ago

Closed 5 years ago

#1227 closed enhancement (fixed)

su3 for plugins

Reported by: zzz Owned by: zzz
Priority: minor Milestone: 0.9.15
Component: apps/plugins Version: 0.9.11
Keywords: Cc:
Parent Tickets: Sensitive: no

Description

Requires:

  • Changes to makeplugin.sh
  • Check magic number in PluginUpdateRunner?, process if su3
  • Additions in SU3File to extract without verification, get signer without verification, add keys to keyring, check in configdir/certificates also
  • Raw key in plugin.config or full X.509 key in a separate file?
  • Document changes for specification of sig (and type?) in plugin.config
  • Plugin devs generate new keys, pre-add them to install?
  • Any way to improve new key acceptance handling?

Subtickets

Change History (2)

comment:1 Changed 5 years ago by zzz

Owner: set to zzz
Status: newassigned

Initial support in PluginUpdateRunner? in i2p.i2p.zzz.test2 to be propped for 0.9.15. Untested. Also includes new option to skip signature verification, although we will now whitelist by default.

Initial creation support in makeplugin.sh in i2p.scripts and i2p.plugin.zzzot

Since whitelist is now default, bundling X.509 may not be necessary. Would anybody besides a plugin dev change the option? probably not.

comment:2 Changed 5 years ago by zzz

Resolution: fixed
Status: assignedclosed
Note: See TracTickets for help on using tickets.