On 7/31/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Author: nextgens Date: 2006-07-31 10:30:14 +0000 (Mon, 31 Jul 2006) New Revision: 9830Modified: trunk/apps/installer/installclasspath/linux/update.sh trunk/apps/installer/installclasspath/windows/update.cmd Log: update the updating scripts : new urls Modified: trunk/apps/installer/installclasspath/linux/update.sh =================================================================== --- trunk/apps/installer/installclasspath/linux/update.sh 2006-07-30 19:31:03 UTC (rev 9829) +++ trunk/apps/installer/installclasspath/linux/update.sh 2006-07-31 10:30:14 UTC (rev 9830) @@ -37,9 +37,9 @@ echo Downloading sha1test.jar utility jar which will download the actual update. if [[ $WGET -eq 1 ]] then - $DOWNLOADER $NOCERT https://emu.freenetproject.org/sha1test.jar + $DOWNLOADER $NOCERT http://downloads.freenetproject.org/installer/sha1test.jar else - $DOWNLOADER https://emu.freenetproject.org/sha1test.jar + $DOWNLOADER http://downloads.freenetproject.org/installer/sha1test.jar fi if [[ -s sha1test.jar ]] @@ -105,7 +105,7 @@ sed 's/freenet-cvs-snapshot.jar.new/freenet-cvs-snapshot.jar/g' wrapper.conf >wrapper2.conf mv wrapper2.conf wrapper.conf -$DOWNLOADER3 https://emu.freenetproject.org/svn/trunk/apps/installer/installclasspath/linux/update.sh +$DOWNLOADER3 http://downloads.freenetproject.org/alpha/update/update.sh touch update.sh update2.sh diff --brief update.sh update2.sh 2>&1 >/dev/null if [[ $? -ne 0 ]] Modified: trunk/apps/installer/installclasspath/windows/update.cmd =================================================================== --- trunk/apps/installer/installclasspath/windows/update.cmd 2006-07-30 19:31:03 UTC (rev 9829) +++ trunk/apps/installer/installclasspath/windows/update.cmd 2006-07-31 10:30:14 UTC (rev 9830) @@ -36,7 +36,7 @@ ::Download latest updater and verify it if exist update.new.cmd del update.new.cmd echo - Checking for updater updates... -bin\wget.exe -o NUL https://emu.freenetproject.org/svn/trunk/apps/installer/installclasspath/windows/update.cmd -O update.new.cmd +bin\wget.exe -o NUL http://downloads.freenetproject.org/alpha/update/update.cmd -O update.new.cmd if not exist update.new.cmd goto error1 find "FREENET W%MAGICSTRING%WS UPDATE SCRIPT" update.new.cmd > NUL if errorlevel 1 goto error1 @@ -54,7 +54,7 @@ ::Updater is up to date, check Freenet :updaterok ::Check for sha1test and download if needed. -if not exist lib\sha1test.jar bin\wget.exe -o NUL https://emu.freenetproject.org/sha1test.jar -O lib\sha1test.jar +if not exist lib\sha1test.jar bin\wget.exe -o NUL http://downloads.freenetproject.org/alpha/installer/sha1test.jar -O lib\sha1test.jar if not errorlevel 0 goto error3 echo - Updater is up to date. echo ----- _______________________________________________ cvs mailing list [email protected] http://emu.freenetproject.org/cgi-bin/mailman/listinfo/cvs
I think this makes sense from a scalablity view, but is this a good idea to have our scripts and the sha1test.jar come from unsecure servers? What if one of the mirrors are hacked to put an evil version of update.cmd that redirects to a different server/with an evil version of the node.jar? Users might never know. These are both tiny files and imho should be left on the secure URL. -- I may disagree with what you have to say, but I shall defend, to the death, your right to say it. - Voltaire _______________________________________________ Devl mailing list [email protected] http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
