checking in... working on ipxe still

2016-11-29 03:16:44 -05:00 · 2016-11-29 03:16:44 -05:00 · 7381cc3d39
commit 7381cc3d39
parent dcceafc979
9 changed files with 165 additions and 10 deletions
--- a/.gitignore
+++ b/.gitignore
@ -31,11 +31,11 @@
 # You should really generate local copies of these, as they're pretty private.
 extra/pre-build.d/etc/openvpn/client.conf
 overlay/etc/ssh/*
-overlay/home/bdisk
+overlay/home/*
 overlay/etc/systemd/system/multi-user.target.wants/openvpn@client.service
-src/ipxe_local/ssl/keys
+ssl/
-src/ipxe_local/ssl/crts
+!ssl/.keepme
-src/ipxe_local/ssl/txt
+!ssl/openssl.cnf
 # and we DEFINITELY don't need these.
 __pycache__/
--- a/bdisk/ipxe.py
+++ b/bdisk/ipxe.py
@ -1,9 +1,13 @@
 import os
 import shutil
 import jinja2
-import gitpython
+import git
 import patch
 def sslIPXE():
    pass
 def buildIPXE(conf):
    build = conf['build']
    bdisk = conf['bdisk']
@ -13,5 +17,27 @@ def buildIPXE(conf):
    patches_dir = ipxe_tpl + '/patches'
    srcdir = build['srcdir']
    ipxe_src = srcdir + '/ipxe'
-    ipxe_git_uri = 
+    ipxe_git_uri = 'git://git.ipxe.org/ipxe.git'
    patches_git_uri = 'https://github.com/eworm-de/ipxe.git'
    print('Now building iPXE in {0}. Please wait...'.format(ipxe_src))
    # Get the source and apply some cherrypicks
    if os.path.isdir(ipxe_src):
        shutil.rmtree(ipxe_src)
    ipxe_repo = git.Repo.clone_from(ipxe_git_uri, ipxe_src)
    patches = ipxe_repo.create_remote('eworm', patches_git_uri)
    patches.fetch()
    eiso_commit = '189652b03032305a2db860e76fb58e81e3420c4d'
    nopie_commit = '58557055e51b2587ad3843af58075de916e5399b'
    # patch files
    #cwd = os.getcwd()
    #os.chdir(ipxe_src + '/src')
    for p in ('01.git-version.patch.j2', '02.banner.patch.j2'):
        try:
            patch = fromfile(p)
            patch.apply(strip = 2, root = ipxe_src + '/src')
        except:
            pass
    #os.chdir(cwd)
    # Patch using the files before applying the cherrypicks
    ipxe_repo.git.cherry_pick('-n', eiso_commit)
    ipxe_repo.git.cherry_pick('-n', nopie_commit)
--- a/extra/dist.build.ini
+++ b/extra/dist.build.ini
@ -57,6 +57,11 @@ dev = r00t^2
 ; 2.) ASCII *only*
 desc = j00 got 0wnz0r3d lulz.
 ; What is your livedistro's URL?
 ; 0.) Should be a valid URI understood by minimal versions
 ;	of curl.
 uri = https://bdisk.square-r00t.net
 ; Should the root user have a password? IF THIS IS NOT SET,
 ;	PASSWORD LOGIN WILL BE DISABLED!
 ; If you wish to have a blank password, use the string:
@ -363,16 +368,21 @@ group = root
 ;	yes|no
 ;	true|false
 ;	1|0
 ; 1.) Requires actual git to be installed.
 ; If it is undefined, it is assumed to be no.
 iso = yes
 ; Build a "mini-USB" image? Same concept as the ISO file but
 ; this can be dd'd onto a USB thumbdrive for the same effect.
 ; 0.) Only accepts (case-insensitive):
 ;	yes|no
 ;	true|false
 ;	1|0
 ; 1.) Requires actual git to be installed.
 ; If it is undefined, it is assumed to be no.
 usb = yes
-; What URI should iPXE's EMBED script use? DO NOT USE A
+; What URI should iPXE's EMBED script use?
 ; ',' (comma); instead, replace it with:
 ;	%%COMMA%%
 ; If you require HTTP BASIC Authentication or HTTP Digest
 ; Authentication (untested), you can format it via:
 ;
--- a/extra/pre-build.d/root/packages.both
+++ b/extra/pre-build.d/root/packages.both
@ -130,6 +130,7 @@ iperf
 iperf3
 ipsec-tools
 iptraf-ng
 ipython
 irssi
 iso-codes
 isomaster
--- a/extra/templates/iPXE/patches/00-general.sed
+++ b/extra/templates/iPXE/patches/00-general.sed
@ -0,0 +1,10 @@
 ## Enable IPv6 support
 s/^#undef([[:space:]]*NET_PROTO_IPV6)/#define\1/g
 ## Enable HTTPS
 s/^#undef([[:space:]]*DOWNLOAD_PROTO_HTTPS)/#define\1/g
 s@^//(#define[[:space:]]*IMAGE_TRUST_CMD@\1@g
 ## Enable FTP
 s/^#undef([[:space:]]*DOWNLOAD_PROTO_FTP)/#define\1/g
 ## Currently broken for EFI building
 #s@^//(#define[[:space:]]*CONSOLE_CMD)@\1@g
 #s@^//(#define[[:space:]]*IMAGE_PNG@\1@g
--- a/extra/templates/iPXE/patches/01-console.sed
+++ b/extra/templates/iPXE/patches/01-console.sed
@ -0,0 +1,2 @@
 ## Currently broken on EFI systems
 #s@^//(#define[[:space:]]*CONSOLE_VESAFB)@\1@g
--- a/extra/templates/iPXE/patches/01.git-version.patch.j2
+++ b/extra/templates/iPXE/patches/01.git-version.patch.j2
@ -0,0 +1,32 @@
 {# we can probably honestly not include this. regardless, it's handy. #}From 4c139ece028b5dd6c4e5f46ce2bf8134c390de90 Mon Sep 17 00:00:00 2001
 From: Christian Hesse <mail@eworm.de>
 Date: Thu, 12 Feb 2015 08:59:37 +0100
 Subject: [PATCH] git version
 Signed-off-by: Christian Hesse <mail@eworm.de>
 ---
 src/Makefile | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)
 diff --git a/src/Makefile b/src/Makefile
 index cf9cfd2..38ebb3d 100644
 --- a/src/Makefile
 +++ b/src/Makefile
@@ -194,10 +194,11 @@ VERSION_MINOR	= 0
 VERSION_PATCH	= 0
 EXTRAVERSION	= +
 MM_VERSION	= $(VERSION_MAJOR).$(VERSION_MINOR)
 -VERSION		= $(MM_VERSION).$(VERSION_PATCH)$(EXTRAVERSION)
 ifneq ($(wildcard ../.git),)
 -GITVERSION := $(shell git describe --always --abbrev=1 --match "" 2>/dev/null)
 -VERSION		+= ($(GITVERSION))
 +GITVERSION	:= $(shell git describe --tags --long 2>/dev/null)
 +VERSION		= $(GITVERSION)
 +else
 +VERSION		= $(MM_VERSION).$(VERSION_PATCH)$(EXTRAVERSION)
 endif
 version :
 	@$(ECHO) "$(VERSION)"
 -- 
 2.3.0
--- a/extra/templates/iPXE/patches/02.banner.patch.j2
+++ b/extra/templates/iPXE/patches/02.banner.patch.j2
@ -0,0 +1,41 @@
 From 4ec31ece6757e19be455faa383886562b8793db9 Mon Sep 17 00:00:00 2001
 From: Christian Hesse <mail@eworm.de>
 Date: Thu, 12 Feb 2015 09:06:41 +0100
 Subject: [PATCH] banner
 Signed-off-by: Christian Hesse <mail@eworm.de>
 ---
 src/usr/autoboot.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)
 diff --git a/src/usr/autoboot.c b/src/usr/autoboot.c
 index 4bcb64d..74b5b77 100644
 --- a/src/usr/autoboot.c
 +++ b/src/usr/autoboot.c
@@ -67,6 +67,7 @@ static int ( * is_autoboot_device ) ( struct net_device *netdev );
 #define NORMAL	"\033[0m"
 #define BOLD	"\033[1m"
 #define CYAN	"\033[36m"
 +#define BLUE	"\033[34m"
 /** The "scriptlet" setting */
 const struct setting scriptlet_setting __setting ( SETTING_MISC, scriptlet ) = {
@@ -551,9 +552,13 @@ void ipxe ( struct net_device *netdev ) {
 	 * do so.
 	 *
 	 */
 -	printf ( NORMAL "\n\n" PRODUCT_NAME "\n" BOLD PRODUCT_SHORT_NAME " %s"
 +	printf ( NORMAL "\n\n" PRODUCT_NAME "\n" BOLD PRODUCT_SHORT_NAME
 		 NORMAL " -- " PRODUCT_TAG_LINE " -- "
 -		 CYAN PRODUCT_URI NORMAL "\nFeatures:", product_version );
 +		 CYAN PRODUCT_URI NORMAL "\n"
 +		 BOLD "{{ bdisk['pname'] }}" BLUE "LiveDistro" NORMAL " -- {{ bdisk['desc'] }} -- "
 +		 BOLD BLUE "{{ bdisk['uri'] }}" NORMAL "\n"
 +		 "Version %s compiled on " __DATE__ ", " __TIME__ "\n"
 +		 "Features:", product_version );
 	for_each_table_entry ( feature, FEATURES )
 		printf ( " %s", feature->name );
 	printf ( "\n" );
 -- 
 2.3.0
--- a/extra/templates/iPXE/ssl/openssl.cnf
+++ b/extra/templates/iPXE/ssl/openssl.cnf
@ -0,0 +1,33 @@
 [ ca ]
 default_ca             = ca_default
 [ ca_default ]
 certificate            = crts/ca.crt
 private_key            = keys/ca.key
 serial                 = txt/ca.srl
 database               = txt/ca.idx
 #new_certs_dir          = signed
 new_certs_dir          = crts
 #default_md             = default
 default_md             = sha512
 policy                 = policy_anything
 preserve               = yes
 default_days           = 90
 unique_subject         = no
 [ policy_anything ]
 countryName            = optional
 stateOrProvinceName    = optional
 localityName           = optional
 organizationName       = optional
 organizationalUnitName = optional
 commonName             = optional
 emailAddress           = optional
 [ cross ]
 basicConstraints       = critical,CA:true
 keyUsage               = critical,cRLSign,keyCertSign
 [ codesigning ]
 keyUsage                = digitalSignature
 extendedKeyUsage        = codeSigning
		`@ -0,0 +1,2 @@`
							`## Currently broken on EFI systems`
							`#s@^//(#define[[:space:]]*CONSOLE_VESAFB)@\1@g`