Daily certificate updates

Forum about the Toon firmware, and its extensions

Moderators: marcelr, Toonz, TheHogNL, TerrorSource

Re: Daily certificate updates

Postby hvxl » Tue Oct 13, 2020 4:41 pm

I read horror stories about the Toon 1 getting much slower than it already is with firmware versions after 5.0.4. That's why I didn't upgrade. I wasn't aware that it was still updating certain stuff behind my back.
Schelte
hvxl
Senior Member
Senior Member
 
Posts: 1333
Joined: June 2010

Re: Daily certificate updates

Postby TheHogNL » Wed Oct 14, 2020 7:46 am

hvxl wrote:I read horror stories about the Toon 1 getting much slower than it already is with firmware versions after 5.0.4. That's why I didn't upgrade. I wasn't aware that it was still updating certain stuff behind my back.


It is true that the toon gets slower and slower, but from 5.30.4 (or something there) it got an update which speeds it up again. But then again, nothing new in the toon1, so really no good reason to update indeed. But we tend to change resource files only for new firmwares because it is hard to keep up the changes with older firmwares also. For example, the animations are hard to port back to older firmwares.

The only updates we push are support scripts which are sometimes necessary for custom apps to keep working, like the nlalert app this time. We can not make them per app dependent.
Member of the Toon Software Collective
User avatar
TheHogNL
Forum Moderator
Forum Moderator
 
Posts: 1685
Joined: August 2017

Re: Daily certificate updates

Postby TerrorSource » Wed Oct 14, 2020 8:15 am

hvxl wrote:I read horror stories about the Toon 1 getting much slower than it already is with firmware versions after 5.0.4. That's why I didn't upgrade. I wasn't aware that it was still updating certain stuff behind my back.


It still has the tsc-support script running on it which makes sure that it stays activated, that you can install apps and that you can update whenever you want.
That also downloaded a new certificate for a specific app.

You can update towards 5.33.9 if you want to, makes the Toon1 a lot faster!
TerrorSource
Member
Member
 
Posts: 457
Joined: May 2017

Re: Daily certificate updates

Postby TheHogNL » Wed Oct 14, 2020 2:23 pm

And just today a new mozilla root certificate file :)
Member of the Toon Software Collective
User avatar
TheHogNL
Forum Moderator
Forum Moderator
 
Posts: 1685
Joined: August 2017

Re: Daily certificate updates

Postby RomMon » Thu Oct 15, 2020 10:48 pm

@hvxl Running also into the same issue, you are not alone...
Think this started on 2-Oct.

Code: Select all
# cat /var/log/tsc
<snip>
Starting TSC support script (version 2.17)
Running 5.0.6 on a qb2
Allowing SSH in firewall rules INPUT table
Checking for updates
Running 5.0.6 on a qb2
There is a new version of the Mozilla CA pem file. Downloading it!
Download ok! Replacing Mozilla CA pem file!
mv: can't rename '/tmp/mozilla.crt': No such file or directory
Adding intermediate Staat der Nederlanden Domein Server CA 2020 - for NLalert API
/usr/local/share/ca-certificates/DomeinServerCA2020.crt: No such file or directory
Openssl DER to PEM failed for intermediate certificate. Trying next time.
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.


I'm also missing /usr/local/..
Code: Select all
# ls -la /usr
drwxr-xr-x    9 root     root           608 Nov 28  2018 .
drwxr-xr-x   16 root     root          1520 Aug  6 22:46 ..
drwxr-xr-x    2 root     root         16400 Oct 10 12:30 bin
drwxr-xr-x    2 root     root           160 Aug 29  2011 games
drwxr-xr-x   14 root     root         11632 Nov 14  2018 lib
drwxr-xr-x    4 root     root           288 Aug  6 22:38 libexec
drwxrwxr-x    2 root     root          4064 Mar 11  2018 sbin
drwxr-xr-x   18 root     root          1288 Aug  6 22:45 share
drwxr-sr-x    2 root     root           160 Aug 29  2011 src


Just created the directory you found missing, and executed killall tsc:

Code: Select all
Starting TSC support script (version 2.17)
Running 5.0.6 on a qb2
Allowing SSH in firewall rules INPUT table
Checking for updates
Running 5.0.6 on a qb2
There is a new version of the Mozilla CA pem file. Downloading it!
Download ok! Replacing Mozilla CA pem file!
Adding intermediate Staat der Nederlanden Domein Server CA 2020 - for NLalert API
Updating certificates in /etc/ssl/certs...
2 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.


Looks solved, thanks!!
RomMon
Starting Member
Starting Member
 
Posts: 43
Joined: August 2016

Re: Daily certificate updates

Postby TheHogNL » Fri Oct 16, 2020 7:05 am

Yes solved. But that 5.0.6 version expects the certificates in another directory.
I look into it today to change the script to check the directory depending on the toon version.
Member of the Toon Software Collective
User avatar
TheHogNL
Forum Moderator
Forum Moderator
 
Posts: 1685
Joined: August 2017

Re: Daily certificate updates

Postby TheHogNL » Fri Oct 16, 2020 8:24 am

Just checked the certificate settings on older firmwares. It seems that they also look in /usr/local/share/ca-certificates if that directory exists. So you fix was good!
I'll add to the script to create that directory if it doesn't exist yet. That should be enough.
Member of the Toon Software Collective
User avatar
TheHogNL
Forum Moderator
Forum Moderator
 
Posts: 1685
Joined: August 2017

Re: Daily certificate updates

Postby hvxl » Fri Oct 16, 2020 3:46 pm

TheHogNL wrote:And just today a new mozilla root certificate file :)

I didn't get that one yet. Reason: My toon wasn't allowed to access curl.haxx.se. :oops: But I think I have allowed all necessary sites now.
Schelte
hvxl
Senior Member
Senior Member
 
Posts: 1333
Joined: June 2010

Previous

Return to Toon Firmware

Who is online

Users browsing this forum: No registered users and 1 guest