From 40fdc2a94331116cdfcd517d355958bf168634d2 Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Thu, 3 Apr 2014 16:42:04 -0400 Subject: [PATCH 01/12] improved error messages related to missing/non-functional SDK paths --- fdroidserver/common.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/fdroidserver/common.py b/fdroidserver/common.py index 205beccf..4aafc522 100644 --- a/fdroidserver/common.py +++ b/fdroidserver/common.py @@ -66,8 +66,7 @@ def read_config(opts, config_file='config.py'): 'stats_to_carbon': False, 'repo_maxage': 0, 'build_server_always': False, - 'keystore': os.path.join(os.getenv('HOME'), - '.local', 'share', 'fdroidserver', 'keystore.jks'), + 'keystore': '$HOME/.local/share/fdroidserver/keystore.jks', 'char_limits': { 'Summary' : 50, 'Description' : 1500 @@ -86,10 +85,13 @@ def read_config(opts, config_file='config.py'): config[k] = os.path.expandvars(v) if not config['sdk_path']: - logging.critical("$ANDROID_HOME is not set!") + logging.critical("Neither $ANDROID_HOME nor sdk_path is set, no Android SDK found!") + sys.exit(3) + if not os.path.exists(config['sdk_path']): + logging.critical('Android SDK path "' + config['sdk_path'] + '" does not exist!') sys.exit(3) if not os.path.isdir(config['sdk_path']): - logging.critical("$ANDROID_HOME points to a non-existing directory!") + logging.critical('Android SDK path "' + config['sdk_path'] + '" is not a directory!') sys.exit(3) if any(k in config for k in ["keystore", "keystorepass", "keypass"]): From 0736367675404bc6d918835002d7b6ef43cb2f3d Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Thu, 3 Apr 2014 21:02:18 -0400 Subject: [PATCH 02/12] when generating config.py during init, uncomment changed options The defaults are set in config.py and are often commented out. Before, the regex would only change the value, but leave it commented out. Now, it will also uncomment it. --- fdroidserver/init.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fdroidserver/init.py b/fdroidserver/init.py index 5cd126c1..4ecc3910 100644 --- a/fdroidserver/init.py +++ b/fdroidserver/init.py @@ -38,8 +38,8 @@ def write_to_config(key, value): '''write a key/value to the local config.py''' with open('config.py', 'r') as f: data = f.read() - pattern = key + '\s*=.*' - repl = key + ' = "' + value + '"' + pattern = '\n[\s#]*' + key + '\s*=\s*"[^"]*"' + repl = '\n' + key + ' = "' + value + '"' data = re.sub(pattern, repl, data) with open('config.py', 'w') as f: f.writelines(data) From f1ae3d3fd0ce9701280e3089cf614d7b624bfc2c Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Thu, 3 Apr 2014 21:42:23 -0400 Subject: [PATCH 03/12] use default keystore path when generating a new setup with init Before, the path to the keystore was also hardcoded in init.py, this makes init now get it from the defaults set in common.py. --- fdroidserver/init.py | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/fdroidserver/init.py b/fdroidserver/init.py index 4ecc3910..85da8ffc 100644 --- a/fdroidserver/init.py +++ b/fdroidserver/init.py @@ -192,11 +192,9 @@ def main(): write_to_config('keydname', keydname) if not os.path.isfile(keystore): # no existing or specified keystore, generate the whole thing - keystoredir = os.path.join(os.getenv('HOME'), - '.local', 'share', 'fdroidserver') + keystoredir = os.path.dirname(keystore) if not os.path.exists(keystoredir): os.makedirs(keystoredir, mode=0o700) - keystore = os.path.join(keystoredir, 'keystore.jks') write_to_config('keystore', keystore) password = genpassword() write_to_config('keystorepass', password) From 0950cdac0969105c3ddcf4b2db6ee1a76a41b065 Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Thu, 3 Apr 2014 21:44:40 -0400 Subject: [PATCH 04/12] make repo_keyalias like a config option: leave it commented out Before, the code relies on repo_keyalias being None, which does not feel conffile-like. Now, its commented out if its not set. --- examples/config.py | 7 ++++--- fdroidserver/update.py | 4 ++-- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/examples/config.py b/examples/config.py index 8eb1f266..3aa837f9 100644 --- a/examples/config.py +++ b/examples/config.py @@ -54,9 +54,10 @@ of applications from the main repository. """ -#The key (from the keystore defined below) to be used for signing the -#repository itself. Can be None for an unsigned repository. -repo_keyalias = None +# The key (from the keystore defined below) to be used for signing the +# repository itself. This is the same name you would give to keytool or +# jarsigner using -alias. (Not needed in an unsigned repository). +#repo_keyalias = "fdroidrepo" #The keystore to use for release keys when building. This needs to be #somewhere safe and secure, and backed up! diff --git a/fdroidserver/update.py b/fdroidserver/update.py index 6e54bbc0..fb90c504 100644 --- a/fdroidserver/update.py +++ b/fdroidserver/update.py @@ -627,7 +627,7 @@ def make_index(apps, apks, repodir, archive, categories): repoel.setAttribute("version", "12") repoel.setAttribute("timestamp", str(int(time.time()))) - if config['repo_keyalias']: + if 'repo_keyalias' in config: # Generate a certificate fingerprint the same way keytool does it # (but with slightly different formatting) @@ -783,7 +783,7 @@ def make_index(apps, apks, repodir, archive, categories): of.write(output) of.close() - if config['repo_keyalias'] is not None: + if 'repo_keyalias' in config: logging.info("Creating signed index.") logging.info("Key fingerprint: %s" % repo_pubkey_fingerprint) From 2bd62239f71687d5c1b2c96833d4260df3f471b6 Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Thu, 3 Apr 2014 22:07:45 -0400 Subject: [PATCH 05/12] 'smartcardoptions' config item for setting up HSMs with fdroid These options are needed to configure Java's keytool and jarsigner to use a Hardware Security Module aka HSM aka smartcard. The defaults provided are meant to make things work as easily as possible. --- examples/config.py | 16 +++++++++++++--- fdroidserver/common.py | 11 +++++++++++ fdroidserver/update.py | 6 ++++-- 3 files changed, 28 insertions(+), 5 deletions(-) diff --git a/examples/config.py b/examples/config.py index 3aa837f9..4556233e 100644 --- a/examples/config.py +++ b/examples/config.py @@ -59,9 +59,19 @@ of applications from the main repository. # jarsigner using -alias. (Not needed in an unsigned repository). #repo_keyalias = "fdroidrepo" -#The keystore to use for release keys when building. This needs to be -#somewhere safe and secure, and backed up! -#keystore = "/home/me/.local/share/fdroidserver/keystore.jks" +# The keystore to use for release keys when building. This needs to be +# somewhere safe and secure, and backed up! The best way to manage these +# sensitive keys is to use a "smartcard" (aka Hardware Security Module). To +# configure FDroid to use a smartcard, set the keystore file using the keyword +# "NONE" (i.e. keystore = "NONE"). That makes Java find the keystore on the +# smartcard based on 'smartcardoptions' below. +#keystore = "~/.local/share/fdroidserver/keystore.jks" + +# You should not need to change these at all, unless you have a very +# customized setup for using smartcards in Java with keytool/jarsigner +#smartcardoptions = "-storetype PKCS11 -providerName SunPKCS11-OpenSC \ +# -providerClass sun.security.pkcs11.SunPKCS11 \ +# -providerArg opensc-fdroid.cfg" # The password for the keystore (at least 6 characters). If this password is # different than the keypass below, it can be OK to store the password in this diff --git a/fdroidserver/common.py b/fdroidserver/common.py index 4aafc522..ef36deb6 100644 --- a/fdroidserver/common.py +++ b/fdroidserver/common.py @@ -54,6 +54,16 @@ def read_config(opts, config_file='config.py'): logging.debug("Reading %s" % config_file) execfile(config_file, config) + # smartcardoptions must be a list since its command line args for Popen + if 'smartcardoptions' in config: + config['smartcardoptions'] = config['smartcardoptions'].split(' ') + elif 'keystore' in config and config['keystore'] == 'NONE': + # keystore='NONE' means use smartcard, these are required defaults + config['smartcardoptions'] = ['-storetype', 'PKCS11', '-providerName', + 'SunPKCS11-OpenSC', '-providerClass', + 'sun.security.pkcs11.SunPKCS11', + '-providerArg', 'opensc-fdroid.cfg'] + defconfig = { 'sdk_path': "$ANDROID_HOME", 'ndk_path': "$ANDROID_NDK", @@ -67,6 +77,7 @@ def read_config(opts, config_file='config.py'): 'repo_maxage': 0, 'build_server_always': False, 'keystore': '$HOME/.local/share/fdroidserver/keystore.jks', + 'smartcardoptions': [], 'char_limits': { 'Summary' : 50, 'Description' : 1500 diff --git a/fdroidserver/update.py b/fdroidserver/update.py index fb90c504..c386499a 100644 --- a/fdroidserver/update.py +++ b/fdroidserver/update.py @@ -642,7 +642,8 @@ def make_index(apps, apks, repodir, archive, categories): p = FDroidPopen(['keytool', '-exportcert', '-alias', config['repo_keyalias'], '-keystore', config['keystore'], - '-storepass:file', config['keystorepassfile']]) + '-storepass:file', config['keystorepassfile']] + + config['smartcardoptions']) if p.returncode != 0: logging.critical("Failed to get repo pubkey") sys.exit(1) @@ -799,7 +800,8 @@ def make_index(apps, apks, repodir, archive, categories): '-storepass:file', config['keystorepassfile'], '-keypass:file', config['keypassfile'], '-digestalg', 'SHA1', '-sigalg', 'MD5withRSA', - os.path.join(repodir, 'index.jar') , config['repo_keyalias']]) + os.path.join(repodir, 'index.jar') , config['repo_keyalias']] + + config['smartcardoptions']) # TODO keypass should be sent via stdin if p.returncode != 0: logging.info("Failed to sign index") From b41f9e67a9570337b43733291e962dc7b06135c1 Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Thu, 3 Apr 2014 22:30:43 -0400 Subject: [PATCH 06/12] if keystore is given as arg to init, create keystore if it does not exist Previously, `fdroid init --keystore /tmp/foo` expected the keystore to exist, or it quit with an error. But I've changed my mind, I think it is useful to have it generate a new keystore at that location if it does not exist. For example, in tests/run-tests.sh. It still will not clobber an existing file at that location. --- fdroidserver/init.py | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/fdroidserver/init.py b/fdroidserver/init.py index 85da8ffc..36e38e52 100644 --- a/fdroidserver/init.py +++ b/fdroidserver/init.py @@ -175,15 +175,20 @@ def main(): # find or generate the keystore for the repo signing key. First try the # path written in the default config.py. Then check if the user has # specified a path from the command line, which will trump all others. - # Otherwise, create ~/.local/share/fdroidserver and stick it in there. + # Otherwise, create ~/.local/share/fdroidserver and stick it in there. If + # keystore is set to NONE, that means that Java will look for keys in a + # Hardware Security Module aka Smartcard. keystore = config['keystore'] if options.keystore: - if os.path.isfile(options.keystore): + keystore = os.path.abspath(options.keystore) + if options.keystore == 'NONE': keystore = options.keystore - write_to_config('keystore', keystore) else: - logging.info('"' + options.keystore + '" does not exist or is not a file!') - sys.exit(1) + keystore = os.path.abspath(options.keystore) + if not os.path.exists(keystore): + logging.info('"' + keystore + + '" does not exist, creating a new keystore there.') + write_to_config('keystore', keystore) if options.repo_keyalias: repo_keyalias = options.repo_keyalias write_to_config('repo_keyalias', repo_keyalias) @@ -195,7 +200,6 @@ def main(): keystoredir = os.path.dirname(keystore) if not os.path.exists(keystoredir): os.makedirs(keystoredir, mode=0o700) - write_to_config('keystore', keystore) password = genpassword() write_to_config('keystorepass', password) write_to_config('keypass', password) From faf0c4381f632527e79f3c6a35333e0986cd1469 Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Thu, 3 Apr 2014 22:17:52 -0400 Subject: [PATCH 07/12] add test case were init generates a keystore and uses it --- tests/run-tests.sh | 39 ++++++++++++++++++++++++++++----------- 1 file changed, 28 insertions(+), 11 deletions(-) diff --git a/tests/run-tests.sh b/tests/run-tests.sh index 5c5c31d0..dbe62eed 100755 --- a/tests/run-tests.sh +++ b/tests/run-tests.sh @@ -3,6 +3,18 @@ set -e set -x +copy_apks_into_repo() { + for f in `ls -1 ../../*/bin/*.apk`; do + name=$(basename $(dirname `dirname $f`)) + echo "name $name" + apk=${name}_`basename $f` + echo "apk $apk" + cp $f $1/repo/$apk + done + # delete any 'unaligned' duplicates + rm -f $1/repo/*unaligned*.apk +} + if [ -z $WORKSPACE ]; then WORKSPACE=`dirname $(pwd)` echo "Setting Workspace to $WORKSPACE" @@ -19,16 +31,21 @@ fi REPOROOT=`mktemp --directory --tmpdir=$WORKSPACE` cd $REPOROOT $fdroid init -for f in `ls -1 ../../*/bin/*.apk`; do - name=$(basename $(dirname `dirname $f`)) - echo "name $name" - apk=${name}_`basename $f` - echo "apk $apk" - cp $f $REPOROOT/repo/$apk -done -# delete any 'unaligned' duplicates -rm -f $REPOROOT/repo/*unaligned*.apk - - +copy_apks_into_repo $REPOROOT $fdroid update -c $fdroid update + + +#------------------------------------------------------------------------------# +# setup a new repo from scratch and generate a keystore + +REPOROOT=`mktemp --directory --tmpdir=$WORKSPACE` +KEYSTORE=$REPOROOT/keystore.jks +cd $REPOROOT +$fdroid init --keystore $KEYSTORE +test -e $KEYSTORE +copy_apks_into_repo $REPOROOT +$fdroid update -c +$fdroid update +test -e repo/index.xml +test -e repo/index.jar From f582cd7a9eb7e5a4ffa8bc194ce8bd61194717af Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Thu, 3 Apr 2014 23:00:36 -0400 Subject: [PATCH 08/12] fix bug listing new key created in init Oops, a typo with a ] in e53092cffa993031cdd6f3269ca792e42b41a9a6 --- fdroidserver/init.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fdroidserver/init.py b/fdroidserver/init.py index 36e38e52..4d9bc845 100644 --- a/fdroidserver/init.py +++ b/fdroidserver/init.py @@ -71,8 +71,8 @@ def genkey(keystore, repo_keyalias, password, keydname): raise BuildException("Failed to generate key", p.stdout) # now show the lovely key that was just generated p = FDroidPopen(['keytool', '-list', '-v', - '-keystore', keystore, '-alias', repo_keyalias], - '-storepass:file', config['keystorepassfile']) + '-keystore', keystore, '-alias', repo_keyalias, + '-storepass:file', config['keystorepassfile']]) logging.info(p.stdout.strip() + '\n\n') From 9945045f1bb1b6ffccb2bbcb50df35f155d60bd0 Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Thu, 3 Apr 2014 23:05:27 -0400 Subject: [PATCH 09/12] fix bug setting repo_keyalias in init --- fdroidserver/init.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/fdroidserver/init.py b/fdroidserver/init.py index 4d9bc845..14d9434d 100644 --- a/fdroidserver/init.py +++ b/fdroidserver/init.py @@ -189,6 +189,7 @@ def main(): logging.info('"' + keystore + '" does not exist, creating a new keystore there.') write_to_config('keystore', keystore) + repo_keyalias = None if options.repo_keyalias: repo_keyalias = options.repo_keyalias write_to_config('repo_keyalias', repo_keyalias) @@ -203,7 +204,7 @@ def main(): password = genpassword() write_to_config('keystorepass', password) write_to_config('keypass', password) - if not options.repo_keyalias: + if options.repo_keyalias == None: repo_keyalias = socket.getfqdn() write_to_config('repo_keyalias', repo_keyalias) if not options.distinguished_name: @@ -217,6 +218,8 @@ def main(): logging.info(' Android SDK Build Tools:\t' + os.path.dirname(aapt)) logging.info(' Android NDK (optional):\t' + ndk_path) logging.info(' Keystore for signing key:\t' + keystore) + if repo_keyalias != None: + logging.info(' Alias for key in store:\t' + repo_keyalias) logging.info('\nTo complete the setup, add your APKs to "' + os.path.join(fdroiddir, 'repo') + '"' + ''' From 3829d37d341433c9e30c9069928e3fe6b4d824c1 Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Fri, 4 Apr 2014 00:05:22 -0400 Subject: [PATCH 10/12] support repo signing with a key on a smartcard This assumes that the smartcard is already setup with a signing key. init does not generate a key on the smartcard, and skips genkey() if things are configured to use a smartcard. This also does not touch APK signing because that is a much more elaborate question, since each app is signed by its own key. --- examples/opensc-fdroid.cfg | 4 ++++ fdroidserver/init.py | 36 +++++++++++++++++++++++++++++++++++- fdroidserver/update.py | 15 +++++++++------ setup.py | 1 + tests/run-tests.sh | 10 ++++++++++ 5 files changed, 59 insertions(+), 7 deletions(-) create mode 100644 examples/opensc-fdroid.cfg diff --git a/examples/opensc-fdroid.cfg b/examples/opensc-fdroid.cfg new file mode 100644 index 00000000..bf3ef2fd --- /dev/null +++ b/examples/opensc-fdroid.cfg @@ -0,0 +1,4 @@ +name = OpenSC +description = SunPKCS11 w/ OpenSC Smart card Framework +library = /usr/lib/opensc-pkcs11.so +slotListIndex = 1 diff --git a/fdroidserver/init.py b/fdroidserver/init.py index 14d9434d..9571d401 100644 --- a/fdroidserver/init.py +++ b/fdroidserver/init.py @@ -19,6 +19,7 @@ # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . +import glob import hashlib import os import re @@ -44,6 +45,16 @@ def write_to_config(key, value): with open('config.py', 'w') as f: f.writelines(data) +def disable_in_config(key, value): + '''write a key/value to the local config.py, then comment it out''' + with open('config.py', 'r') as f: + data = f.read() + pattern = '\n[\s#]*' + key + '\s*=\s*"[^"]*"' + repl = '\n#' + key + ' = "' + value + '"' + data = re.sub(pattern, repl, data) + with open('config.py', 'w') as f: + f.writelines(data) + def genpassword(): '''generate a random password for when generating keys''' @@ -196,7 +207,30 @@ def main(): if options.distinguished_name: keydname = options.distinguished_name write_to_config('keydname', keydname) - if not os.path.isfile(keystore): + if keystore == 'NONE': # we're using a smartcard + write_to_config('repo_keyalias', '1') # seems to be the default + disable_in_config('keypass', 'never used with smartcard') + write_to_config('smartcardoptions', + ('-storetype PKCS11 -providerName SunPKCS11-OpenSC ' + + '-providerClass sun.security.pkcs11.SunPKCS11 ' + + '-providerArg opensc-fdroid.cfg')) + # find opensc-pkcs11.so + if not os.path.exists('opensc-fdroid.cfg'): + if os.path.exists('/usr/lib/opensc-pkcs11.so'): + opensc_so = '/usr/lib/opensc-pkcs11.so' + elif os.path.exists('/usr/lib64/opensc-pkcs11.so'): + opensc_so = '/usr/lib64/opensc-pkcs11.so' + else: + files = glob.glob('/usr/lib/' + os.uname()[4] + '-*-gnu/opensc-pkcs11.so') + if len(files) > 0: + opensc_so = files[0] + with open(os.path.join(examplesdir, 'opensc-fdroid.cfg'), 'r') as f: + opensc_fdroid = f.read() + opensc_fdroid = re.sub('^library.*', 'library = ' + opensc_so, opensc_fdroid, + flags=re.MULTILINE) + with open('opensc-fdroid.cfg', 'w') as f: + f.write(opensc_fdroid) + elif not os.path.exists(keystore): # no existing or specified keystore, generate the whole thing keystoredir = os.path.dirname(keystore) if not os.path.exists(keystoredir): diff --git a/fdroidserver/update.py b/fdroidserver/update.py index c386499a..f9d42486 100644 --- a/fdroidserver/update.py +++ b/fdroidserver/update.py @@ -796,12 +796,15 @@ def make_index(apps, apks, repodir, archive, categories): sys.exit(1) # Sign the index... - p = FDroidPopen(['jarsigner', '-keystore', config['keystore'], - '-storepass:file', config['keystorepassfile'], - '-keypass:file', config['keypassfile'], - '-digestalg', 'SHA1', '-sigalg', 'MD5withRSA', - os.path.join(repodir, 'index.jar') , config['repo_keyalias']] - + config['smartcardoptions']) + args = ['jarsigner', '-keystore', config['keystore'], + '-storepass:file', config['keystorepassfile'], + '-digestalg', 'SHA1', '-sigalg', 'MD5withRSA', + os.path.join(repodir, 'index.jar'), config['repo_keyalias']] + if config['keystore'] == 'NONE': + args += config['smartcardoptions'] + else: # smardcards never use -keypass + args += ['-keypass:file', config['keypassfile']] + p = FDroidPopen(args) # TODO keypass should be sent via stdin if p.returncode != 0: logging.info("Failed to sign index") diff --git a/setup.py b/setup.py index 3bfea041..35ecc8e5 100644 --- a/setup.py +++ b/setup.py @@ -23,6 +23,7 @@ setup(name='fdroidserver', [ 'buildserver/config.buildserver.py', 'examples/config.py', 'examples/makebs.config.py', + 'examples/opensc-fdroid.cfg', 'examples/fdroid-icon.png']), ('fdroidserver/getsig', ['fdroidserver/getsig/getsig.class']) ], diff --git a/tests/run-tests.sh b/tests/run-tests.sh index dbe62eed..c75a2f02 100755 --- a/tests/run-tests.sh +++ b/tests/run-tests.sh @@ -49,3 +49,13 @@ $fdroid update -c $fdroid update test -e repo/index.xml test -e repo/index.jar + + +#------------------------------------------------------------------------------# +# setup a new repo from scratch with a HSM/smartcard + +REPOROOT=`mktemp --directory --tmpdir=$WORKSPACE` +cd $REPOROOT +$fdroid init --keystore NONE +test -e opensc-fdroid.cfg +test ! -e NONE From 00b89c05c548d19e9786cde2b5356ef7c8bb84ef Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Fri, 4 Apr 2014 00:15:47 -0400 Subject: [PATCH 11/12] warn user if smartcard keystore is set but opensc is not installed --- fdroidserver/init.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/fdroidserver/init.py b/fdroidserver/init.py index 9571d401..0d2d847e 100644 --- a/fdroidserver/init.py +++ b/fdroidserver/init.py @@ -224,6 +224,10 @@ def main(): files = glob.glob('/usr/lib/' + os.uname()[4] + '-*-gnu/opensc-pkcs11.so') if len(files) > 0: opensc_so = files[0] + else: + opensc_so = '/usr/lib/opensc-pkcs11.so' + logging.warn('No OpenSC PKCS#11 module found, ' + + 'install OpenSC then edit "opensc-fdroid.cfg"!') with open(os.path.join(examplesdir, 'opensc-fdroid.cfg'), 'r') as f: opensc_fdroid = f.read() opensc_fdroid = re.sub('^library.*', 'library = ' + opensc_so, opensc_fdroid, From 0dd811605944ea2cd7f71366592bd95fc9149345 Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Fri, 4 Apr 2014 00:20:34 -0400 Subject: [PATCH 12/12] add note about automatically generated signing key after init --- fdroidserver/init.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fdroidserver/init.py b/fdroidserver/init.py index 0d2d847e..1b11bcd4 100644 --- a/fdroidserver/init.py +++ b/fdroidserver/init.py @@ -263,7 +263,7 @@ def main(): ''' then run "fdroid update -c; fdroid update". You might also want to edit "config.py" to set the URL, repo name, and more. You should also set up -a signing key. +a signing key (a temporary one might have been automatically generated). For more info: https://f-droid.org/manual/fdroid.html#Simple-Binary-Repository and https://f-droid.org/manual/fdroid.html#Signing