From 1fde98932cdeed58a9507fcff8fb8b08a5132de1 Mon Sep 17 00:00:00 2001
From: Craig Everett <zxq9@zxq9.com>
Date: Mon, 16 Dec 2019 22:00:32 +0900
Subject: [PATCH] WIP: Grand shakeout awaits!

---
 zomp/etc/otpr/realm.conf                      |  11 +++--
 ...M07ASKYCYJ35NLFQ5Z4DMGKSB5NCZRPVY2.pub.der | Bin 0 -> 2062 bytes
 zomp/key/otpr/zxq9-root.pub.der               | Bin 2062 -> 0 bytes
 zomp/lib/otpr/zx/0.3.0/src/zx_daemon.erl      |  42 +++++++++---------
 zomp/lib/otpr/zx/0.3.0/src/zx_key.erl         |  12 ++---
 5 files changed, 33 insertions(+), 32 deletions(-)
 create mode 100644 zomp/key/otpr/63VIEETCEAZCB51XFX0F6XWN110OH4RXR5207BM6E09LCVOFM2OW5AZSTRV4ZN1F1M07ASKYCYJ35NLFQ5Z4DMGKSB5NCZRPVY2.pub.der
 delete mode 100644 zomp/key/otpr/zxq9-root.pub.der

diff --git a/zomp/etc/otpr/realm.conf b/zomp/etc/otpr/realm.conf
index 7e30e52..f97ccab 100644
--- a/zomp/etc/otpr/realm.conf
+++ b/zomp/etc/otpr/realm.conf
@@ -1,4 +1,7 @@
-{realm, "otpr"}.
-{prime, {"zomp.psychobitch.party",11311}}.
-{sysop, "zxq9"}.
-{key,   "zxq9-root"}.
+{realm,     "otpr"}.
+{prime,     {"zomp.psychobitch.party",11311}}.
+{sysop,     {"zxq9", "Craig Everett", [{"email", "zxq9@zxq9.com"}]}}.
+{key,       <<38,103,252,11,212,145,139,235,72,17,254,18,49,212,225,154,251,31,136,0,11,
+              230,252,220,118,33,116,200,63,200,8,166,213,29,94,176,113,70,228,47,37,54,90,
+              124,151,66,121,221,136,7,5,112,114,74,165,205,88,29,138,226,27,104,84,250>>}.
+{timestamp, {{2019, 12, 16}, {13, 01, 21}}}.
diff --git a/zomp/key/otpr/63VIEETCEAZCB51XFX0F6XWN110OH4RXR5207BM6E09LCVOFM2OW5AZSTRV4ZN1F1M07ASKYCYJ35NLFQ5Z4DMGKSB5NCZRPVY2.pub.der b/zomp/key/otpr/63VIEETCEAZCB51XFX0F6XWN110OH4RXR5207BM6E09LCVOFM2OW5AZSTRV4ZN1F1M07ASKYCYJ35NLFQ5Z4DMGKSB5NCZRPVY2.pub.der
new file mode 100644
index 0000000000000000000000000000000000000000..776e5c54bc8ca4a1b62f467577771b00e7a46801
GIT binary patch
literal 2062
zcmV+p2=VtYf(Qx%f(QWsq)Ug8iv^VNi3|0gzl>pDZMT_ucuxeKoREExAfS>Y_Fy`D
zbq+6zZrwY0N&5n)aQhUqahb-mI#$5n?41FDIVX;<8G%PXTWfsGoXcsVYF;Dth|L)r
zTTFG^U0FPnwWWTza&j|L%Imt>3McA8QZkZCPoE%ZAyW)Co?VI}pWJr7$OH)+CW;&3
zt4Im&^`T~HrH}Z_jM3OirIkj3O9qV#qv!4*U&({ZXg#PO&CyByIBD9~{ETicP$Ueo
zNwPHO<7T^JcEgEJq5&clE(!hC<!O%*AjY5OU4rq$@u^@7S<8{Ez4*b6YKN@^T84EW
zt%rxMd(WQagM1H|h0XurM0ZYTaC>_bk~ri|Qh|f7NL^qsgxngh%GDp6JKB>8mN8%U
znfL<X01=LZKCe<80&vr(3z)-+gvFWbv*Ox&3^W$w%hd<<2mFO{Zw!&MC!fXa26vUR
zqE^qJY@vZfr8wMiWnX@Nc{;d(0W<pZl>-6@7wzMxr56LY35CGo7MHB<ih)-$4PT0L
zwgX<rkIyLJ(h*-~9iwzCmp9Q=51L^DP(EPZ9nm=oo%Po;*Xy&2;LD?jUx~4th8Lm<
z_ZlBTKFk;Vf*_m>(HX0$ERwm$QAZJ`?Ig8ihGU1hWb2^v7ms8E$BqXA3(%K&!bg|u
z=|>A|ZW@1DlOT$!<|b|l^&vTN4N&0%*^7^Hrc%8VGwd8bd-dc%)=C`b2t!^=;83D|
zn40R-?KqPbgnrqJK|#ZD;w754i#2$O@x>~1JbQn18N?0ri?XpyeY#&!#i_k{pi+ob
zHu=wk5<d>5gT0fGk3l2(2|dI!SmCk<c{qO(hx8m_b-uvNRX=h~0=H!74@ChQbzFA7
zAhQpp#1X3Ex1t6Gkxf>uY`a-RrvJ#vdWm0V0wk@BIpTV-Dr)=5k<g*tEt81FNM-dm
zdvz$?&$Cz!K#_f19Fpu;t@ZfmMe~;ac76?ti`nR$r$e^l1h)+5Z$1KmOlVv%x;FHl
zB>XjxRZN}$-eS0k)fL%F!W>eO)bo(<@V#MY(-UmY5T{8U`AUkbib*IigY)R75!MaT
zE%nxKb4f-(ebmSW6EKrU>x^1sUJvK5CgM88rNm~<n+P~GkeNXA1YB-;fy_$D=8ztL
zdZ4N16y+`i90?}p9eW#O%D7@+GZK6nlnec%Rnq|k=?2_tzbtis1UX_>`3@XPpw$(8
zMCh8BbT95_bP+JLplj#sWrKci$~LVc#sosL#<rOPk+)$?C)sUM<Fg7QxJ2y-KEN{d
zWPoNF+E$wWucJstfF3UXDaCA*HEm>PG=2vqOk;9n_3ahjzG}2;jMw*JY|eu*gi7Zc
zhQXUTYKelIUfldtk9_Qrx91*yB{p(mH7ni$=&xO2YI71cHchoNwBOZWg}7r9+2US{
zojz%fO%{8N9K;=;A9Z&);|B#_#4^5V`YV1OPS*GY<)7ni)%;wnLLlBJR_jNWXZ=e*
zbSA>dg?rl8Onyn+I|s!Ag{6LXH#l)e6WDmFfVkNzSstLD<x-(6a8MeRH-b%(#5SPC
zt~ad#fD`+93QaGi_#Jc4OQ{tTI!`7BcO)rkcq8}cT^Oo~;l7E^2^ZP+=4)Gg1CSIP
zJuX}j9%kGR#7YX=<w=gBPE*VGPn^c{Gzo~{*614>R@Fh(R|ec1A-KK=6LY&Sx2C4d
z1UfLZ<gClz?7#*?|L&f-gGY0ISoqbh-9%p3N&T=)8xENrzV3sNN($%m2B(S{UV4)W
zhjCp3mO?7B$ebE(ef#$V9?+!*ca5~O#!jG3o*1oZ_z&<9-T_&fF4Jn)ikcZEGl3Sp
z_3O7w#sCH!n_U*2#cdmCRKbL`ppQC}m}aE`Nsj1@vaiIU#~tw-S;YWWaJB3_m24~g
z?ap~BG%au%JhP&kdvrobecEFp6>+6<qeUAkQ5=HORz%9qa>r`Gi1}jRT6je4Ma;7}
zN4c=tZMQ_>8L<&Fgs6>)ek^ykgBSA+Q7=zy7yWC|8Tk;9SJYX=bgGOQ1&wfFQq)e!
z$b+jmUS4P&<Dyh3GC8?CKDe!M1wmu0KmhJeg^~mza_NgivI@rn%M=n6RBn*hl&&s2
z4<Vnup!gJKf+98FDPA!4t`G;GDyayplluXM(b&H`_=!UPwUMxTkvd;Z&^m9wnu9!X
z2fQa4c+QU}w3-nGHH&8<g937ip1-W0<)7=kYT-}Itw=zB&I-90hYCJLnCt63c9{L+
zZo3h({3Fl_T81vGw`zp6IpTZs8l4tDq+M9@=|F}$gxIz;6{jyo*jk7SttkdoL9deU
z$9|9C!MAdV^jAAf<k+`dl^_umE;UK0+F)`y!0*fySiByu9skkv#1~RhCPZPP9UyKL
zFTaF`g{^V?2J#Urk{~$!b+j{*zI+IKug&J+a6JwIFSj{;Nh!_Ir69u{-ZZnv7JM$`
z4hsb9AP}Z@2K#a@_aY}ysA?%uH%cX^dL70MWtk4rdrrN|rE-y@g3<5I17;s)$ysDG
z^2RDY!r}5gaC#1gZkq&2y29q+@5kwR+dv}^d;bxl6U~k;_XT<t&gcsRHZ8b}2$_XY
zII43^bo3;Pt@7K|E<kSx3eObt&g>WQF_4k?r{=6f@)K;%daHN@4rxJ_3jD|WI!0B4
sg@NHJFsws}YyZW2Vzyy8{Z@)9kEOBy84VL^4fpjkRwvSH0s{d60sl|gjQ{`u

literal 0
HcmV?d00001

diff --git a/zomp/key/otpr/zxq9-root.pub.der b/zomp/key/otpr/zxq9-root.pub.der
deleted file mode 100644
index 636a48fc54587f3e2b39fc8583551222d65c4273..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2062
zcmV+p2=VtYf(Qx%f(QWsxZLY!V`g5p2Z+aP#L8*lZ?N1W$iTRn8H&COfTX5xos0J?
zzsYqq3^qwjy3B`LQfE}=6OXZp&kSBo02=8AonWiY<q{^#$phMsYbNIh`LW1R;DQcA
zR03_XXyT$|oTcZt7GP*6?4Q-WmF`B0n_bguIlvhEcH28}TdHM)aOEj0ni_kvevpz`
z9NGHHNZoVHtU!vRZB21_?jfG-0<{9#I58qR8uF~e{{bQe5-x*yKjA?56rvKxP1_%E
z791Hs4h*rikM%VctA&exRLN^vRJK>eH#&aX#6!02S0KJk8h1iUp-tF73$i$P;^pe{
zkE93u_%jO<1oNw*+_XM_121K1u69ns02o!gOCM7;MK3Ws;8=2}co{Jux6{A-jH>$h
zk)s&Lq5eIHO$1`)IA4QlttGWHBz7vwT+ffiVH(AOpOoXkK**LZc9Wd7U6JLhDN{`=
zS*#BRKulxY#4%Lyl$iLj;xqYJp(~V-aM%|&$;1`9D+frA%3_p&$5P$3Cpl595Oz8)
zBSE!(6qMdS6VieY(|jOLb1UTJjwgHwHK{J1z16DTLydR{b!X29APn-DS3MZYln-L8
zeU>GWCmI8~5iCw^R!0`Ut~fN0l+r29y9BxgiVx!M|EBKD7p6Z+?GS&0IMm6C*2h5z
zEeI2lf~#6DWE)^~lSb2WlpTB*Oz$od%6roL`st}rq;i;5-OVhtfq_`gFFUHEC2mLf
zKdMQ@Xz(FVularHyv3|~An2xdz*J|!X)jfRo@4F;nKnkSA2X6;{~s^bJg{ydlXU3j
zS>~jZ(}UQXA4>CjtyDdi>x-DX$JdH#k=&5^YOEAMBmT4>Z#2Yu+uYq1CqvRWFP?%|
zBO4b^I{5W3fQA^S>OJLEjFnlE3Ls2t7Fu9^I%T-dl36;K_MSjTDd0Raft#5BQM<6=
zvu69#a^Jw~Bm{j|8yx23ed-*k+W>C~>jfuu#RDWPkZ*Aq!vUAH2Z(<lAUqmDi_A9g
z3uTm%O&Dt}t)jO<fpjX9&_a22sn1Xz*K0dV%&Az|+7Yz?#f+wBnRNP&*SI<d@@*0R
zT?6Q9=o1@lAawL{-&arg%(*Edw8@UuzPLLX6~%R=NUKl$wVk7d<p8cwSf*gwng<q=
zlKk6fs>V<DAQ0Rv&Y23R)#(@k?mVxBcH<)yOci6My;(?g-TNf1%jp#`7pyr)@ufM!
zTqhF@acDkGbI+V9i<g~fdCv+-HIxiu6&A$*=Ug&KeciLC)GR=hQf9s=v!8cU1DN77
z=tcT;!>HDmI^E1*d%g}CJaO=GVWc;!RE9+NR8E0{0FwN0sZpuIE`WFvh5(I-<T)Aq
z(XeY;An1ipL-&^cI<tfcp^ngNvFcW^M~O13jj)nRabC<ts4zvk;i3Bhb#m!Zms(#j
zfGLkvMy-u%p>^|+5&B4LuP0&}hGiVs3b9re`!2HneIj5v($*`Y_E*OdeY8UG27p<B
zkfPTSYcZ8A8}?suW{pm(=i1926T+itFeI2Ss<treuTeO2J@wZHZ8uyc0u&h3T+kxB
zk32|5C<Zm3v7?_tmgh&2hwS#X^c|Fx&?jn4fUb$KBheIUU*1a-tRz#mH~>Lh4^=EX
zg8Vp9S-Cu`$_lra?q3Je{6N1-{4t0NdkdxB`Ueb4G`uuW&)f6@AvkSOo}|U%igv;z
zbcam15U|w&M-&$#yAa8~$d)vLioAp5bTh_?=`M6(b)Xx?EI59#qhUTX>ur;upUv@1
z5gZ)j!||4M<mj>?b3BO@fdd;W%MBmMdqJ8k(7yp5J?zabD$GT;l@D=xf6!MS`&m+i
z$8u*ZjGr;NZ}xZ-Q`KiCIrJC**;&qm^OT!oJf-P|(=58W6*afl5Dm`R5Y@LooeEbc
zke?zu+Zxo39SV7-a;;(rdla8>^2Q9J|BwT|(paWbiK?g&^JV@q&J+Xna0~pLzkwE3
zN;o{59kA23Y3G8Q4De$L!NgCcpf()5I-QQFda#Cf3)+tuY~j%mT&}J+JM<82l3_om
z>Bk_u$)g7JS4wC~GmI3@wcs0~MXTEM^)h|lDQ<KP<KXJWquu;|s^ac?eUI_jLZs*`
z;%xtADMZ~9{BVgBo;l!%E<?RIn)Q$-^gZY6R}DLS{_kS#Q}OY2Wb*6)doZowQ6(JX
zP~=UV!p@T7VR?9;m-;@aS+|Xip>^IpKP^ASAt!6=ome$6haNX!qJ8{Il2Jc=EeY%K
ztT@^ZOz9HPy}C%d9^^SP*s%trjHHK^H282XODxu5;U-QXcOP`|)1+fHI`cDd@wdy)
z_p_4;Rc1r1TD#Zea7n~@FHkEz{bYoP=Ps>lFwWo=eC^Qi`d|~~|JxW}-&>$Rr%;Eq
zM)C6C3;xwv6ATu;QD!2`-NJlG=F@p&D&qQ_f*QPJv$U|D^Zbq7UO@KnizNsH3(@F`
zF*?R&Ru`5Xxop&dhHkxv0#_gg)OHd1n>yRuF~q|1aAaS&5al)QJ0Pm{!qX|2RkR|B
zl$j6f0D(WDml2VTQaM>2e<+_ipl-f@pH8!N*iWW_$+<k+7r5Dxh_gVT$dsHpO-Q><
z#_7)qITNJLj-HsRZN(-K^$E$#5Ue%fR-+Fg{WohSe}Z<JPF(M&-(fE>@R3Ln4KQql
sRdp>M(2%ki%p0K)%tT#GhZ%uSQhE^rl;rv(C96lz;ei_g0s{d60Ra=~`v3p{

diff --git a/zomp/lib/otpr/zx/0.3.0/src/zx_daemon.erl b/zomp/lib/otpr/zx/0.3.0/src/zx_daemon.erl
index bf97dc4..d9108e7 100644
--- a/zomp/lib/otpr/zx/0.3.0/src/zx_daemon.erl
+++ b/zomp/lib/otpr/zx/0.3.0/src/zx_daemon.erl
@@ -842,10 +842,10 @@ handle_call({takeover, Realm}, _, State = #s{conf = Conf}) ->
     {Result, NewConf} = do_takeover(Realm, Conf),
     NewState = eval_queue(State#s{conf = NewConf}),
     {reply, Result, NewState};
-handle_call({drop_realm, Realm}, _, State = #s{conf = Conf}) ->
-    {Result, NewConf} = do_drop_realm(Realm, Conf),
-    NewState = eval_queue(State#s{conf = NewConf}),
-    {reply, Result, NewState};
+handle_call({drop_realm, Realm}, _, State) ->
+    NextState = do_drop_realm(Realm, State),
+    NewState = eval_queue(NextState),
+    {reply, ok, NewState};
 handle_call(hosts, _, State = #s{cx = CX}) ->
     Result = cx_mirrors(CX),
     {reply, Result, State};
@@ -1868,24 +1868,24 @@ do_takeover(Realm, C = #conf{realms = Realms, managed = Managed}) ->
     end.
 
 
--spec do_abdicate(Realm, Conf) -> {Result, NewConf}
-    when Realm   :: zx:realm(),
-         Conf    :: conf(),
-         Result  :: ok
-                  | {error, unmanaged},
-         NewConf :: conf().
+-spec do_abdicate(Realm, State) -> {Result, NewState}
+    when Realm    :: zx:realm(),
+         State    :: state(),
+         Result   :: ok
+                   | {error, unmanaged},
+         NewState :: state().
 
-do_abdicate(Realm, C = #conf{managed = Managed}) ->
+do_abdicate(Realm, State = #s{conf = C = #conf{managed = Managed}}) ->
     case sets:is_element(Realm, Managed) of
         true ->
             NewManaged = sets:del_element(Realm, Managed),
             NewC = C#conf{managed = NewManaged},
             ok = save_conf(NewC),
             ok = log(info, "No longer managing realm: ~160tp", [Realm]),
-            {ok, NewC};
+            {ok, State#s{conf = NewC}};
         false ->
-            ok = log(error, "Cannot abdicate an unmanaged realm."),
-            {{error, unmanaged}, C}
+            ok = tell(error, "Cannot abdicate an unmanaged realm."),
+            {{error, unmanaged}, State}
     end.
 
 
@@ -2121,25 +2121,27 @@ do_list_keys(private, Realm, {RK, _, _}) ->
     end.
 
 
--spec do_drop_realm(Realm, State) -> {ok, NewState}
+-spec do_drop_realm(Realm, State) -> NewState
     when Realm    :: zx:realm(),
          State    :: state(),
          NewState :: state().
 
-do_drop_realm(Realm, State = #s{kx = {RealmIndex, Pairs}}) ->
+do_drop_realm(Realm, State = #s{kx = {RealmIndex, Pairs, Owners}}) ->
     NewKX =
         case maps:take(Realm, RealmIndex) of
             {KeyIndex, NextRealmIndex} ->
                 NewPairs = scrub_pairs(maps:values(KeyIndex), Pairs),
-                {NextRealmIndex, NewPairs};
+                Screen = fun({{R, _}, _}) -> R == Realm end,
+                NewOwners = maps:filter(Screen, Owners),
+                {NextRealmIndex, NewPairs, NewOwners};
             error ->
-                {RealmIndex, Pairs}
+                {RealmIndex, Pairs, Owners}
         end,
     Dirs = [etc, var, tmp, log, key, zsp, lib],
     RM = fun(D) -> ok = zx_lib:rm_rf(zx_lib:path(D, Realm)) end,
     ok = lists:foreach(RM, Dirs),
-    NewState = do_abdicate(Realm, State),
-    {ok, NewState#s{kx = NewKX}}.
+    {_, NewState} = do_abdicate(Realm, State),
+    NewState#s{kx = NewKX}.
 
 scrub_pairs([#key{pubhash = PubHash, keyhash = KeyHash} | Rest], Pairs) ->
     scrub_pairs(Rest, maps:without([PubHash, KeyHash], Pairs));
diff --git a/zomp/lib/otpr/zx/0.3.0/src/zx_key.erl b/zomp/lib/otpr/zx/0.3.0/src/zx_key.erl
index 999da29..bcd4998 100644
--- a/zomp/lib/otpr/zx/0.3.0/src/zx_key.erl
+++ b/zomp/lib/otpr/zx/0.3.0/src/zx_key.erl
@@ -24,7 +24,7 @@
 
 -spec path(public | private, zx:key_id()) -> file:filename().
 
-path(Type, {Realm, KeyHash}) when is_binary(KeyHash) ->
+path(Type, {Realm, KeyHash}) ->
     Size = byte_size(KeyHash) * 8,
     <<N:Size>> = KeyHash,
     String = integer_to_list(N, 36),
@@ -33,9 +33,7 @@ path(Type, {Realm, KeyHash}) when is_binary(KeyHash) ->
             public  -> String ++ ".pub.der";
             private -> String ++ ".key.der"
         end,
-    zx_lib:path(key, Realm, Name);
-path(Type, {Realm, KeyName}) ->
-    zx_lib:path(key, Realm, KeyName).
+    zx_lib:path(key, Realm, Name).
 
 
 
@@ -82,12 +80,10 @@ generate_rsa2(Owner, PemFile, KeyFile, PubFile) ->
         true ->
             ok = tell(info, "~ts and ~ts agree", [KeyFile, PubFile]),
             PubHash = crypto:hash(sha512, PubBin),
-            KeyHash = crypto:hash(sha512, KeyBin),
-            PairHash = crypto:hash(sha512, <<PubHash/binary, KeyHash/binary>>),
-            KeyData = {PairHash, {none, PubBin}, {none, KeyBin}},
+            KeyData = {PubHash, {none, PubBin}, {none, KeyBin}},
             ok = zx_daemon:register_key(Owner, KeyData),
             ok = zx_lib:rm_rf(filename:dirname(KeyFile)),
-            {ok, PairHash};
+            {ok, PubHash};
         false ->
             ok = lists:foreach(fun file:delete/1, [PemFile, KeyFile, PubFile]),
             ok = tell(error, "Something has gone wrong."),