config and peer managment, masters WIP

Restored XLXPEER Functionality. Not actually cruft after all.

Dockerfile

@@ -1,32 +0,0 @@
-FROM python:3.7-slim-stretch
-
-RUN apt update && \
-    apt install -y git && \
-    cd /usr/src/ && \
-    git clone https://github.com/n0mjs710/dmr_utils3 && \
-    cd /usr/src/dmr_utils3 && \
-    ./install.sh && \
-    rm -rf /var/lib/apt/lists/* && \
-    cd /opt && \
-    rm -rf /usr/src/dmr_utils3 && \
-    git clone https://github.com/n0mjs710/hblink3
-
-RUN cd /opt/hblink3/ && \
-    sed -i s/.*python.*//g  requirements.txt && \
-    pip install --no-cache-dir -r requirements.txt
-
-
-ADD entrypoint /entrypoint
-
-RUN adduser -u 54000 radio && \
-    adduser radio radio && \
-    chmod 755 /entrypoint && \
-    chown radio:radio /entrypoint && \
-    chown radio /opt/hblink3
-
-RUN chmod 755 /entrypoint
-
-USER radio 
-EXPOSE 54000
-
-ENTRYPOINT [ "/entrypoint" ]

HBlink.svg

@@ -0,0 +1,245 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   inkscape:version="1.0beta1 (d565813, 2019-09-28)"
+   sodipodi:docname="HBlink.svg"
+   id="svg877"
+   height="411.17413"
+   width="1042.9242"
+   viewBox="49.656 217.125 1042.9242 411.17414"
+   version="1.1">
+  <sodipodi:namedview
+     inkscape:current-layer="svg877"
+     inkscape:window-maximized="0"
+     inkscape:window-y="23"
+     inkscape:window-x="583"
+     inkscape:cy="48.366866"
+     inkscape:cx="574.39926"
+     inkscape:zoom="1"
+     fit-margin-left="5"
+     fit-margin-bottom="5"
+     fit-margin-right="5"
+     fit-margin-top="5"
+     units="px"
+     inkscape:pagecheckerboard="true"
+     showgrid="false"
+     id="namedview879"
+     inkscape:window-height="1348"
+     inkscape:window-width="1943"
+     inkscape:pageshadow="2"
+     inkscape:pageopacity="0"
+     guidetolerance="10"
+     gridtolerance="10"
+     objecttolerance="10"
+     borderopacity="1"
+     inkscape:document-rotation="0"
+     bordercolor="#666666"
+     pagecolor="#ffffff" />
+  <defs
+     id="defs837">
+    <font-face
+       overline-thickness="0"
+       overline-position="0"
+       strikethrough-thickness="0"
+       strikethrough-position="0"
+       v-hanging="0"
+       v-mathematical="0"
+       v-alphabetic="0"
+       v-ideographic="0"
+       hanging="0"
+       mathematical="0"
+       alphabetic="0"
+       ideographic="0"
+       accent-height="0"
+       stemh="0"
+       stemv="0"
+       id="font-face833"
+       font-weight="400"
+       descent="-255.00488"
+       ascent="945.0073"
+       cap-height="669"
+       x-height="669"
+       slope="0"
+       underline-thickness="20"
+       underline-position="-133"
+       units-per-em="1000"
+       panose-1="2 0 6 0 0 0 0 0 0 0"
+       font-size="96"
+       font-family="Ethnocentric">
+      <font-face-src>
+        <font-face-name
+           name="EthnocentricRg-Regular" />
+      </font-face-src>
+    </font-face>
+    <font-face
+       overline-thickness="0"
+       overline-position="0"
+       strikethrough-thickness="0"
+       strikethrough-position="0"
+       v-hanging="0"
+       v-mathematical="0"
+       v-alphabetic="0"
+       v-ideographic="0"
+       hanging="0"
+       mathematical="0"
+       alphabetic="0"
+       ideographic="0"
+       accent-height="0"
+       stemh="0"
+       stemv="0"
+       id="font-face835"
+       font-weight="400"
+       descent="-255.00488"
+       ascent="945.0073"
+       cap-height="669"
+       x-height="669"
+       slope="0"
+       underline-thickness="20"
+       underline-position="-133"
+       units-per-em="1000"
+       panose-1="2 0 6 0 0 0 0 0 0 0"
+       font-size="48"
+       font-family="Ethnocentric">
+      <font-face-src>
+        <font-face-name
+           name="EthnocentricRg-Regular" />
+      </font-face-src>
+    </font-face>
+  </defs>
+  <metadata
+     id="metadata839"> Produced by OmniGraffle 7.12.1 
+    <dc:date>2018-03-14 13:37:44 +0000</dc:date>
+<rdf:RDF>
+  <cc:Work
+     rdf:about="">
+    <dc:format>image/svg+xml</dc:format>
+    <dc:type
+       rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+    <dc:title></dc:title>
+  </cc:Work>
+</rdf:RDF>
+</metadata>
+  <g
+     transform="matrix(3.5262508,0,0,3.5262508,-159.40153,-655.56235)"
+     stroke-opacity="1"
+     stroke="none"
+     stroke-dasharray="none"
+     fill-opacity="1"
+     fill="none"
+     id="Canvas_2">
+    <title
+       id="title841">Canvas 2</title>
+    <g
+       id="Canvas_2: Layer 1">
+      <title
+         id="title843">Layer 1</title>
+      <g
+         id="Group_40">
+        <g
+           id="Graphic_39">
+          <title
+             id="title845">path6007</title>
+          <path
+             inkscape:connector-curvature="0"
+             id="path847"
+             stroke-width="3"
+             stroke-linejoin="round"
+             stroke-linecap="round"
+             stroke="#009051"
+             d="m 72.52062,328.5 h 225.5218 c 6.17355,0 11.1782,5.00465 11.1782,11.1782 v 0 c 0,6.17355 -5.00465,11.1782 -11.1782,11.1782 H 72.52062 c -6.17355,0 -11.1782,-5.00465 -11.1782,-11.1782 v 0 c 0,-6.17355 5.00465,-11.1782 11.1782,-11.1782 z" />
+        </g>
+        <g
+           id="Graphic_38">
+          <g
+             style="fill:#009051"
+             id="text852"
+             transform="translate(54.656,222.125)"
+             aria-label="HB">
+            <path
+               inkscape:connector-curvature="0"
+               id="path881"
+               style="font-weight:400;font-size:96px;font-family:Ethnocentric;fill:#009051"
+               d="M 84,91 H 64.224 V 66.232 H 26.016 V 91 H 6.048 V 26.776 H 26.016 V 49.528 H 64.224 V 26.776 H 84 Z" />
+            <path
+               inkscape:connector-curvature="0"
+               id="path883"
+               style="font-weight:400;font-size:96px;font-family:Ethnocentric;fill:#009051"
+               d="m 168.7155,57.976 q 4.224,1.248 7.104,4.896 2.976,3.648 2.976,9.408 0,4.032 -1.248,7.488 -1.248,3.36 -4.224,5.856 -2.976,2.496 -8.064,3.936 -4.992,1.44 -12.576,1.44 H 96.2355 V 51.928 h 56.832 q 2.208,0 3.84,-0.864 1.728,-0.96 1.728,-3.456 0,-2.4 -1.728,-3.264 -1.728,-0.864 -3.84,-0.864 h -56.832 l 13.44,-16.704 h 42.528 q 5.76,0 10.368,1.152 4.704,1.056 7.968,3.36 3.36,2.208 5.088,5.568 1.824,3.264 1.824,7.68 0,2.88 -0.768,5.088 -0.768,2.208 -2.016,3.936 -1.152,1.632 -2.784,2.784 -1.536,1.056 -3.168,1.632 z m -52.512,7.68 v 8.832 h 36.576 q 3.264,0 4.704,-1.152 1.44,-1.152 1.44,-3.36 0,-2.112 -1.44,-3.168 -1.44,-1.152 -4.704,-1.152 z" />
+          </g>
+        </g>
+        <g
+           id="Graphic_37">
+          <g
+             style="fill:#ff9300"
+             id="text857"
+             transform="translate(209.109,275)"
+             aria-label="link">
+            <path
+               inkscape:connector-curvature="0"
+               id="path886"
+               style="font-weight:400;font-size:48px;font-family:Ethnocentric;fill:#ff9300"
+               d="M 3.024,45 Z M 37.824,36.744 31.392,45 H 3.024 V 12.888 h 9.936 v 23.856 z" />
+            <path
+               inkscape:connector-curvature="0"
+               id="path888"
+               style="font-weight:400;font-size:48px;font-family:Ethnocentric;fill:#ff9300"
+               d="m 41.32425,45 z m 9.936,0 h -9.936 V 12.888 h 9.936 z" />
+            <path
+               inkscape:connector-curvature="0"
+               id="path890"
+               style="font-weight:400;font-size:48px;font-family:Ethnocentric;fill:#ff9300"
+               d="m 57.34875,45 z m 32.688,0.528 q -0.96,0 -1.92,-0.336 -0.912,-0.288 -2.064,-1.392 l -19.68,-17.664 V 45 h -9.024 V 18.36 q 0,-1.584 0.432,-2.736 0.48,-1.152 1.2,-1.872 0.768,-0.72 1.728,-1.056 1.008,-0.336 2.064,-0.336 0.912,0 1.824,0.336 0.96,0.288 2.16,1.392 l 19.68,17.664 V 12.888 h 9.072 V 39.48 q 0,1.584 -0.48,2.736 -0.432,1.152 -1.2,1.92 -0.72,0.72 -1.728,1.056 -1.008,0.336 -2.064,0.336 z" />
+            <path
+               inkscape:connector-curvature="0"
+               id="path892"
+               style="font-weight:400;font-size:48px;font-family:Ethnocentric;fill:#ff9300"
+               d="m 101.36775,45 z m 40.512,0 h -15.024 l -9.696,-8.448 q -2.496,-2.16 -3.84,-3.36 -1.296,-1.2 -2.112,-2.016 0.048,1.104 0.096,2.304 0.048,1.152 0.048,2.304 V 45 h -9.984 V 12.888 h 9.984 v 7.44 q 0,1.488 -0.048,2.928 -0.048,1.44 -0.144,2.688 0.96,-0.864 2.304,-2.112 1.392,-1.296 3.6,-3.12 l 9.264,-7.824 h 14.4 l -12.288,9.216 q -1.584,1.2 -2.832,2.112 -1.2,0.912 -2.16,1.584 -0.96,0.672 -1.776,1.2 -0.768,0.528 -1.536,1.008 1.392,0.96 3.36,2.4 1.968,1.44 5.088,3.984 z" />
+          </g>
+        </g>
+        <g
+           id="Graphic_36">
+          <path
+             inkscape:connector-curvature="0"
+             d="m 302.0625,336.9375 h 14.5771 v 6.1875 h -14.5771 z"
+             style="fill:#ffffff"
+             id="rect860" />
+        </g>
+        <g
+           id="Graphic_35">
+          <title
+             id="title863">path6381</title>
+          <path
+             inkscape:connector-curvature="0"
+             id="path865"
+             stroke-width="3"
+             stroke-linejoin="round"
+             stroke-linecap="round"
+             stroke="#ff9300"
+             d="M 116.9282,340.3125 H 342.45 c 6.17355,0 11.1782,5.00465 11.1782,11.1782 v 0 c 0,6.17355 -5.00465,11.1782 -11.1782,11.1782 H 116.9282 c -6.17355,0 -11.1782,-5.00465 -11.1782,-11.1782 v 0 c 0,-6.17355 5.00465,-11.1782 11.1782,-11.1782 z" />
+        </g>
+        <g
+           id="Graphic_34">
+          <path
+             inkscape:connector-curvature="0"
+             d="m 99,347.625 h 14.5771 v 6.1875 H 99 Z"
+             style="fill:#ffffff"
+             id="rect868" />
+        </g>
+        <g
+           id="Line_33">
+          <path
+             inkscape:connector-curvature="0"
+             d="M 93.9375,350.85641 H 120.375"
+             style="stroke:#009051;stroke-width:3;stroke-linecap:round;stroke-linejoin:round"
+             id="line871" />
+        </g>
+      </g>
+    </g>
+  </g>
+</svg>

README.md

@@ -1,3 +1,5 @@
+
+### This is a branch of HBLink3 for development of a user authentication system for hotspots for PNW Digital.
 ---
 ### FOR SUPPORT, DISCUSSION, GETTING INVOLVED ###
 
@@ -5,6 +7,8 @@ Please join the DVSwitch group at groups.io for online forum support, discussion
 
 DVSwitch@groups.io 
 
+A voluntary registrty for HBlink systems with public access has been created at http://hblink-register.com.es Please consider listing your system if you allow open access.
+
 ---
 
 ## PROJECT: Open Source HomeBrew Repeater Proctol Client/Master. ##
@@ -13,7 +17,7 @@ DVSwitch@groups.io
 
 **PURPOSE:** Thanks to the work of Jonathan Naylor, G4KLX; Hans Barthen, DL5DI; Torsten Shultze, DG1HT we have an open protocol for internetworking DMR repeaters. Unfortunately, there's no generic client and/or master stacks. This project is to build an open-source, python-based implementation. You are free to use this software however you want, however we ask that you provide attribution in some public venue (such as project, club, organization web site). This helps us see where the software is in use and track how it is used.
 
-For those who will ask: This is a piece of software that implements an open-source, amateur radio networking protocol. It is not a network. It is not indended to be a network. It is not intended to replace or circumvent a network. People do those things, code doesn't.
+For those who will ask: This is a piece of software that implements an open-source, amateur radio networking protocol. It is not a network. It is not intended to be a network. It is not intended to replace or circumvent a network. People do those things, code doesn't.
   
 **PROPERTY:**  
 This work represents the author's interpretation of the HomeBrew Repeater Protocol, based on the 2015-07-26 documents from DMRplus, "IPSC Protocol Specs for homebrew DMR repeater" as written by Jonathan Naylor, G4KLX; Hans Barthen, DL5DI; Torsten Shultze, DG1HT, also licenced under Creative Commons BY-NC-SA license.
@@ -54,7 +58,7 @@ chown 65000  /var/log/hblink.log
 
 ***0x49 DE N0MJS***
 
-Copyright (C) 2016-2019 Cortney T. Buffington, N0MJS n0mjs@me.com
+Copyright (C) 2016-2020 Cortney T. Buffington, N0MJS n0mjs@me.com
 
 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version.
 

app_template.py

@@ -1,150 +0,0 @@
-#!/usr/bin/env python
-#
-###############################################################################
-#   Copyright (C) 2016-2019 Cortney T. Buffington, N0MJS <n0mjs@me.com>
-#
-#   This program is free software; you can redistribute it and/or modify
-#   it under the terms of the GNU General Public License as published by
-#   the Free Software Foundation; either version 3 of the License, or
-#   (at your option) any later version.
-#
-#   This program is distributed in the hope that it will be useful,
-#   but WITHOUT ANY WARRANTY; without even the implied warranty of
-#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-#   GNU General Public License for more details.
-#
-#   You should have received a copy of the GNU General Public License
-#   along with this program; if not, write to the Free Software Foundation,
-#   Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301  USA
-###############################################################################
-
-# Python modules we need
-import sys
-from bitarray import bitarray
-from time import time
-from importlib import import_module
-
-# Twisted is pretty important, so I keep it separate
-from twisted.internet.protocol import Factory, Protocol
-from twisted.protocols.basic import NetstringReceiver
-from twisted.internet import reactor, task
-
-# Things we import from the main hblink module
-from hblink import HBSYSTEM, OPENBRIDGE, systems, hblink_handler, reportFactory, REPORT_OPCODES, mk_aliases
-from dmr_utils3.utils import bytes_3, int_id, get_alias
-from dmr_utils3 import decode, bptc, const
-import config
-import log
-from const import *
-
-# Stuff for socket reporting
-import pickle
-# REMOVE LATER from datetime import datetime
-# The module needs logging, but handlers, etc. are controlled by the parent
-import logging
-logger = logging.getLogger(__name__)
-
-
-# Does anybody read this stuff? There's a PEP somewhere that says I should do this.
-__author__     = 'Cortney T. Buffington, N0MJS'
-__copyright__  = 'Copyright (c) 2016-2018 Cortney T. Buffington, N0MJS and the K0USY Group'
-__credits__    = 'Colin Durbridge, G4EML, Steve Zingman, N4IRS; Mike Zingman, N4IRR; Jonathan Naylor, G4KLX; Hans Barthen, DL5DI; Torsten Shultze, DG1HT'
-__license__    = 'GNU GPLv3'
-__maintainer__ = 'Cort Buffington, N0MJS'
-__email__      = 'n0mjs@me.com'
-
-# Module gobal varaibles
-
-
-class OBP(OPENBRIDGE):
-
-    def __init__(self, _name, _config, _report):
-        OPENBRIDGE.__init__(self, _name, _config, _report)
-
-
-    def dmrd_received(self, _peer_id, _rf_src, _dst_id, _seq, _slot, _call_type, _frame_type, _dtype_vseq, _stream_id, _data):
-        pass
-
-
-class HBP(HBSYSTEM):
-
-    def __init__(self, _name, _config, _report):
-        HBSYSTEM.__init__(self, _name, _config, _report)
-
-    def dmrd_received(self, _peer_id, _rf_src, _dst_id, _seq, _slot, _call_type, _frame_type, _dtype_vseq, _stream_id, _data):
-        pass
-
-
-
-#************************************************
-#      MAIN PROGRAM LOOP STARTS HERE
-#************************************************
-
-if __name__ == '__main__':
-
-    import argparse
-    import sys
-    import os
-    import signal
-
-    # Change the current directory to the location of the application
-    os.chdir(os.path.dirname(os.path.realpath(sys.argv[0])))
-
-    # CLI argument parser - handles picking up the config file from the command line, and sending a "help" message
-    parser = argparse.ArgumentParser()
-    parser.add_argument('-c', '--config', action='store', dest='CONFIG_FILE', help='/full/path/to/config.file (usually hblink.cfg)')
-    parser.add_argument('-l', '--logging', action='store', dest='LOG_LEVEL', help='Override config file logging level.')
-    cli_args = parser.parse_args()
-
-    # Ensure we have a path for the config file, if one wasn't specified, then use the default (top of file)
-    if not cli_args.CONFIG_FILE:
-        cli_args.CONFIG_FILE = os.path.dirname(os.path.abspath(__file__))+'/hblink.cfg'
-
-    # Call the external routine to build the configuration dictionary
-    CONFIG = config.build_config(cli_args.CONFIG_FILE)
-
-    # Start the system logger
-    if cli_args.LOG_LEVEL:
-        CONFIG['LOGGER']['LOG_LEVEL'] = cli_args.LOG_LEVEL
-    logger = log.config_logging(CONFIG['LOGGER'])
-    logger.info('\n\nCopyright (c) 2013, 2014, 2015, 2016, 2018\n\tThe Regents of the K0USY Group. All rights reserved.\n')
-    logger.debug('(GLOBAL) Logging system started, anything from here on gets logged')
-
-    # Set up the signal handler
-    def sig_handler(_signal, _frame):
-        logger.info('(GLOBAL) SHUTDOWN: CONFBRIDGE IS TERMINATING WITH SIGNAL %s', str(_signal))
-        hblink_handler(_signal, _frame)
-        logger.info('(GLOBAL) SHUTDOWN: ALL SYSTEM HANDLERS EXECUTED - STOPPING REACTOR')
-        reactor.stop()
-
-    # Set signal handers so that we can gracefully exit if need be
-    for sig in [signal.SIGINT, signal.SIGTERM]:
-        signal.signal(sig, sig_handler)
-
-    # Create the name-number mapping dictionaries
-    peer_ids, subscriber_ids, talkgroup_ids = mk_aliases(CONFIG)
-
-    # INITIALIZE THE REPORTING LOOP
-    if CONFIG['REPORTS']['REPORT']:
-        report_server = config_reports(CONFIG, bridgeReportFactory)
-    else:
-        report_server = None
-        logger.info('(REPORT) TCP Socket reporting not configured')
-
-    # HBlink instance creation
-    logger.info('(GLOBAL) HBlink \'bridge.py\' -- SYSTEM STARTING...')
-    for system in CONFIG['SYSTEMS']:
-        if CONFIG['SYSTEMS'][system]['ENABLED']:
-            if CONFIG['SYSTEMS'][system]['MODE'] == 'OPENBRIDGE':
-                systems[system] = OBP(system, CONFIG, report_server)
-            else:
-                systems[system] = HBP(system, CONFIG, report_server)
-            reactor.listenUDP(CONFIG['SYSTEMS'][system]['PORT'], systems[system], interface=CONFIG['SYSTEMS'][system]['IP'])
-            logger.debug('(GLOBAL) %s instance created: %s, %s', CONFIG['SYSTEMS'][system]['MODE'], system, systems[system])
-
-    def loopingErrHandle(failure):
-        logger.error('(GLOBAL) STOPPING REACTOR TO AVOID MEMORY LEAK: Unhandled error in timed loop.\n %s', failure)
-        reactor.stop()
-
-
-    reactor.run()

bridge_all.py

@@ -0,0 +1,295 @@
+#!/usr/bin/env python
+#
+###############################################################################
+#   Copyright (C) 2016-2019 Cortney T. Buffington, N0MJS <n0mjs@me.com>
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 3 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program; if not, write to the Free Software Foundation,
+#   Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301  USA
+###############################################################################
+
+'''
+This is a very simple call/packet router for Homebrew Repeater Protocol. It
+will forward traffic from any system to all other systems configured in the
+hblink.py configuration file. It does not check for call contentions or
+filter TS/TGID combinations. It should really only be used as a proxy to
+hide multiple Homebrew repater protocol systems behind what appears as a single
+repeater, hotspot, etc.
+
+As is, this program only works with group voice packets. It could work for all
+of them by removing a few things.
+
+IT ONLY WORKS FOR HBP SYSTEMS!!! Using it with OpenBridge or XLX wouldn't make
+a lot of sense, and has the potential to do bad things.
+'''
+
+# Python modules we need
+import sys
+from bitarray import bitarray
+from time import time
+from importlib import import_module
+from types import ModuleType
+
+# Twisted is pretty important, so I keep it separate
+from twisted.internet.protocol import Factory, Protocol
+from twisted.protocols.basic import NetstringReceiver
+from twisted.internet import reactor, task
+
+# Things we import from the main hblink module
+from hblink import HBSYSTEM, OPENBRIDGE, systems, hblink_handler, reportFactory, REPORT_OPCODES, config_reports, mk_aliases, acl_check
+from dmr_utils3.utils import bytes_3, int_id, get_alias
+from dmr_utils3 import decode, bptc, const
+import config
+import log
+import const
+
+# The module needs logging logging, but handlers, etc. are controlled by the parent
+import logging
+logger = logging.getLogger(__name__)
+
+
+# Does anybody read this stuff? There's a PEP somewhere that says I should do this.
+__author__     = 'Cortney T. Buffington, N0MJS'
+__copyright__  = 'Copyright (c) 2016-2018 Cortney T. Buffington, N0MJS and the K0USY Group'
+__credits__    = 'Colin Durbridge, G4EML, Steve Zingman, N4IRS; Mike Zingman, N4IRR; Jonathan Naylor, G4KLX; Hans Barthen, DL5DI; Torsten Shultze, DG1HT'
+__license__    = 'GNU GPLv3'
+__maintainer__ = 'Cort Buffington, N0MJS'
+__email__      = 'n0mjs@me.com'
+__status__     = 'pre-alpha'
+
+# Module gobal varaibles
+
+
+class bridgeallSYSTEM(HBSYSTEM):
+
+    def __init__(self, _name, _config, _report):
+        HBSYSTEM.__init__(self, _name, _config, _report)
+        self._laststrid = ''
+
+        # Status information for the system, TS1 & TS2
+        # 1 & 2 are "timeslot"
+        self.STATUS = {
+            1: {
+                'RX_START':     time(),
+                'RX_LOSS':      0,
+                'RX_SEQ':       0,
+                'RX_RFS':       b'\x00',
+                'TX_RFS':       b'\x00',
+                'RX_STREAM_ID': b'\x00',
+                'TX_STREAM_ID': b'\x00',
+                'RX_TGID':      b'\x00\x00\x00',
+                'TX_TGID':      b'\x00\x00\x00',
+                'RX_TIME':      time(),
+                'TX_TIME':      time(),
+                'RX_TYPE':      const.HBPF_SLT_VTERM,
+                },
+            2: {
+                'RX_START':     time(),
+                'RX:LOSS':      0,
+                'RX_SEQ':       0,
+                'RX_RFS':       b'\x00',
+                'TX_RFS':       b'\x00',
+                'RX_STREAM_ID': b'\x00',
+                'TX_STREAM_ID': b'\x00',
+                'RX_TGID':      b'\x00\x00\x00',
+                'TX_TGID':      b'\x00\x00\x00',
+                'RX_TIME':      time(),
+                'TX_TIME':      time(),
+                'RX_TYPE':      const.HBPF_SLT_VTERM,
+                }
+            }
+
+    def dmrd_received(self, _peer_id, _rf_src, _dst_id, _seq, _slot, _call_type, _frame_type, _dtype_vseq, _stream_id, _data):
+        pkt_time = time()
+        dmrpkt = _data[20:53]
+        _bits = _data[15]
+
+        if _call_type == 'group':
+
+            # Is this is a new call stream?
+            new_stream = (_stream_id != self.STATUS[_slot]['RX_STREAM_ID'])
+
+            if new_stream:
+                self.STATUS[_slot]['RX_START'] = pkt_time
+                self.STATUS[_slot]['RX_LOSS'] = 0
+                self.STATUS[_slot]['RX_SEQ'] = _seq
+                logger.info('(%s) *CALL START* STREAM ID: %s SUB: %s (%s) PEER: %s (%s) TGID %s (%s), TS %s', \
+                        self._system, int_id(_stream_id), get_alias(_rf_src, subscriber_ids), int_id(_rf_src), get_alias(_peer_id, peer_ids), int_id(_peer_id), get_alias(_dst_id, talkgroup_ids), int_id(_dst_id), _slot)
+            else:
+                # This could be much better, it will have errors during roll-over
+                if _seq > (self.STATUS[_slot]['RX_SEQ'] + 1):
+                    #print(_seq, self.STATUS[_slot]['RX_SEQ'])
+                    self.STATUS[_slot]['RX_LOSS'] += _seq - (self.STATUS[_slot]['RX_SEQ'] + 1)
+
+            # Final actions - Is this a voice terminator?
+            if (_frame_type == const.HBPF_DATA_SYNC) and (_dtype_vseq == const.HBPF_SLT_VTERM) and (self.STATUS[_slot]['RX_TYPE'] != const.HBPF_SLT_VTERM):
+                call_duration = pkt_time - self.STATUS[_slot]['RX_START']
+                logger.info('(%s) *CALL END*   STREAM ID: %s SUB: %s (%s) PEER: %s (%s) TGID %s (%s), TS %s, Loss: %s, Duration: %s', \
+                        self._system, int_id(_stream_id), get_alias(_rf_src, subscriber_ids), int_id(_rf_src), get_alias(_peer_id, peer_ids), int_id(_peer_id), get_alias(_dst_id, talkgroup_ids), int_id(_dst_id), _slot, self.STATUS[_slot]['RX_LOSS'], call_duration)
+
+
+            for _target in self._CONFIG['SYSTEMS']: 
+                if _target != self._system:
+
+                    _target_status = systems[_target].STATUS
+                    _target_system = self._CONFIG['SYSTEMS'][_target]
+
+                    # BEGIN STANDARD CONTENTION HANDLING
+                    #
+                    # The rules for each of the 4 "ifs" below are listed here for readability. The Frame To Send is:
+                    #   From a different group than last RX from this HBSystem, but it has been less than Group Hangtime
+                    #   From a different group than last TX to this HBSystem, but it has been less than Group Hangtime
+                    #   From the same group as the last RX from this HBSystem, but from a different subscriber, and it has been less than stream timeout
+                    #   From the same group as the last TX to this HBSystem, but from a different subscriber, and it has been less than stream timeout
+                    # The "continue" at the end of each means the next iteration of the for loop that tests for matching rules
+                    #
+                    if ((_dst_id != _target_status[_slot]['RX_TGID']) and ((pkt_time - _target_status[_slot]['RX_TIME']) < _target_system['GROUP_HANGTIME'])):
+                        if _frame_type == const.HBPF_DATA_SYNC and _dtype_vseq == const.HBPF_SLT_VHEAD and self.STATUS[_slot]['RX_STREAM_ID'] != _stream_id:
+                            logger.info('(%s) Call not routed to TGID %s, target active or in group hangtime: HBSystem: %s, TS: %s, TGID: %s', self._system, int_id(_dst_id), _target, _slot, int_id(_target_status[_slot]['RX_TGID']))
+                        continue
+                    if ((_dst_id != _target_status[_slot]['TX_TGID']) and ((pkt_time - _target_status[_slot]['TX_TIME']) < _target_system['GROUP_HANGTIME'])):
+                        if _frame_type == const.HBPF_DATA_SYNC and _dtype_vseq == const.HBPF_SLT_VHEAD and self.STATUS[_slot]['RX_STREAM_ID'] != _stream_id:
+                            logger.info('(%s) Call not routed to TGID%s, target in group hangtime: HBSystem: %s, TS: %s, TGID: %s', self._system, int_id(_dst_id), _target, _slot, int_id(_target_status[_slot]['TX_TGID']))
+                        continue
+                    if (_dst_id == _target_status[_slot]['RX_TGID']) and ((pkt_time - _target_status[_slot]['RX_TIME']) < const.STREAM_TO):
+                        if _frame_type == const.HBPF_DATA_SYNC and _dtype_vseq == const.HBPF_SLT_VHEAD and self.STATUS[_slot]['RX_STREAM_ID'] != _stream_id:
+                            logger.info('(%s) Call not routed to TGID%s, matching call already active on target: HBSystem: %s, TS: %s, TGID: %s', self._system, int_id(_dst_id), _target, _slot, int_id(_target_status[_slot]['RX_TGID']))
+                        continue
+                    if (_dst_id == _target_status[_slot]['TX_TGID']) and (_rf_src != _target_status[_slot]['TX_RFS']) and ((pkt_time - _target_status[_slot]['TX_TIME']) < const.STREAM_TO):
+                        if _frame_type == const.HBPF_DATA_SYNC and _dtype_vseq == const.HBPF_SLT_VHEAD and self.STATUS[_slot]['RX_STREAM_ID'] != _stream_id:
+                            logger.info('(%s) Call not routed for subscriber %s, call route in progress on target: HBSystem: %s, TS: %s, TGID: %s, SUB: %s', self._system, int_id(_rf_src), _target, _slot, int_id(_target_status[_slot]['TX_TGID']), int_id(_target_status[_slot]['TX_RFS']))
+                        continue
+
+
+                    # ACL Processing
+                    if self._CONFIG['GLOBAL']['USE_ACL']:
+                        if not acl_check(_rf_src, self._CONFIG['GLOBAL']['SUB_ACL']):
+                            if _stream_id != _target_status[_slot]['TX_STREAM_ID']:
+                                logger.info('(%s) CALL DROPPED ON EGRESS WITH STREAM ID %s FROM SUBSCRIBER %s BY GLOBAL ACL', _target, int_id(_stream_id), int_id(_rf_src))
+                                _target_status[_slot]['TX_STREAM_ID'] = _stream_id
+                            continue
+                        if _slot == 1 and not acl_check(_dst_id, self._CONFIG['GLOBAL']['TG1_ACL']):
+                            if _stream_id != _target_status[_slot]['TX_STREAM_ID']:
+                                logger.info('(%s) CALL DROPPED ON EGRESS WITH STREAM ID %s ON TGID %s BY GLOBAL TS1 ACL', _target, int_id(_stream_id), int_id(_dst_id))
+                                _target_status[_slot]['TX_STREAM_ID'] = _stream_id
+                            continue
+                        if _slot == 2 and not acl_check(_dst_id, self._CONFIG['GLOBAL']['TG2_ACL']):
+                            if _stream_id != _target_status[_slot]['TX_STREAM_ID']:
+                                logger.info('(%s) CALL DROPPED ON EGRESS WITH STREAM ID %s ON TGID %s BY GLOBAL TS2 ACL', _target, int_id(_stream_id), int_id(_dst_id))
+                                _target_status[_slot]['TX_STREAM_ID'] = _stream_id
+                            continue
+                    if _target_system['USE_ACL']:
+                        if not acl_check(_rf_src, _target_system['SUB_ACL']):
+                            if _stream_id != _target_status[_slot]['TX_STREAM_ID']:
+                                logger.info('(%s) CALL DROPPED ON EGRESS WITH STREAM ID %s FROM SUBSCRIBER %s BY SYSTEM ACL', _target, int_id(_stream_id), int_id(_rf_src))
+                                _target_status[_slot]['TX_STREAM_ID'] = _stream_id
+                            continue
+                        if _slot == 1 and not acl_check(_dst_id, _target_system['TG1_ACL']):
+                            if _stream_id != _target_status[_slot]['TX_STREAM_ID']:
+                                logger.info('(%s) CALL DROPPED ON EGRESS WITH STREAM ID %s ON TGID %s BY SYSTEM TS1 ACL', _target, int_id(_stream_id), int_id(_dst_id))
+                                _target_status[_slot]['TX_STREAM_ID'] = _stream_id
+                            continue
+                        if _slot == 2 and not acl_check(_dst_id, _target_system['TG2_ACL']):
+                            if _stream_id != _target_status[_slot]['TX_STREAM_ID']:
+                                logger.info('(%s) CALL DROPPED ON EGRESS WITH STREAM ID %s ON TGID %s BY SYSTEM TS2 ACL', _target, int_id(_stream_id), int_id(_dst_id))
+                                _target_status[_slot]['TX_STREAM_ID'] = _stream_id
+                            continue
+
+                    # Record this stuff for later
+                    # Is this a new call stream?
+                    if new_stream:
+                         # Record the DST TGID and Stream ID
+                         _target_status[_slot]['TX_START'] = pkt_time
+                         _target_status[_slot]['TX_TGID'] = _dst_id
+                         _target_status[_slot]['TX_RFS'] = _rf_src
+                         _target_status[_slot]['TX_PEER'] = _peer_id
+                         _target_status[_slot]['TX_STREAM_ID'] = _stream_id
+
+                    _target_status[_slot]['TX_TIME'] = pkt_time
+
+                    systems[_target].send_system(_data)
+                    #logger.debug('(%s) Packet routed to system: %s', self._system, _target)
+
+            # Mark status variables for use later
+            self.STATUS[_slot]['RX_RFS']       = _rf_src
+            self.STATUS[_slot]['RX_SEQ']       = _seq
+            self.STATUS[_slot]['RX_TYPE']      = _dtype_vseq
+            self.STATUS[_slot]['RX_TGID']      = _dst_id
+            self.STATUS[_slot]['RX_TIME']      = pkt_time
+            self.STATUS[_slot]['RX_STREAM_ID'] = _stream_id
+
+
+#************************************************
+#      MAIN PROGRAM LOOP STARTS HERE
+#************************************************
+
+if __name__ == '__main__':
+    import argparse
+    import sys
+    import os
+    import signal
+    from dmr_utils3.utils import try_download, mk_id_dict
+
+    # Change the current directory to the location of the application
+    os.chdir(os.path.dirname(os.path.realpath(sys.argv[0])))
+
+    # CLI argument parser - handles picking up the config file from the command line, and sending a "help" message
+    parser = argparse.ArgumentParser()
+    parser.add_argument('-c', '--config', action='store', dest='CONFIG_FILE', help='/full/path/to/config.file (usually hblink.cfg)')
+    parser.add_argument('-l', '--logging', action='store', dest='LOG_LEVEL', help='Override config file logging level.')
+    cli_args = parser.parse_args()
+
+    # Ensure we have a path for the config file, if one wasn't specified, then use the default (top of file)
+    if not cli_args.CONFIG_FILE:
+        cli_args.CONFIG_FILE = os.path.dirname(os.path.abspath(__file__))+'/hblink.cfg'
+
+    # Call the external routine to build the configuration dictionary
+    CONFIG = config.build_config(cli_args.CONFIG_FILE)
+
+    # Start the system logger
+    if cli_args.LOG_LEVEL:
+        CONFIG['LOGGER']['LOG_LEVEL'] = cli_args.LOG_LEVEL
+    logger = log.config_logging(CONFIG['LOGGER'])
+    logger.info('\n\nCopyright (c) 2013, 2014, 2015, 2016, 2018, 2019\n\tThe Regents of the K0USY Group. All rights reserved.\n')
+    logger.debug('Logging system started, anything from here on gets logged')
+
+    # Set up the signal handler
+    def sig_handler(_signal, _frame):
+        logger.info('SHUTDOWN: BRIDGE_ALL IS TERMINATING WITH SIGNAL %s', str(_signal))
+        hblink_handler(_signal, _frame)
+        logger.info('SHUTDOWN: ALL SYSTEM HANDLERS EXECUTED - STOPPING REACTOR')
+        reactor.stop()
+
+    # Set signal handers so that we can gracefully exit if need be
+    for sig in [signal.SIGTERM, signal.SIGINT]:
+        signal.signal(sig, sig_handler)
+
+    # Create the name-number mapping dictionaries
+    peer_ids, subscriber_ids, talkgroup_ids = mk_aliases(CONFIG)
+
+    # INITIALIZE THE REPORTING LOOP
+    report_server = config_reports(CONFIG, reportFactory)
+
+    # HBlink instance creation
+    logger.info('HBlink \'bridge_all.py\' -- SYSTEM STARTING...')
+    for system in CONFIG['SYSTEMS']:
+        if CONFIG['SYSTEMS'][system]['ENABLED']:
+            if CONFIG['SYSTEMS'][system]['MODE'] == 'OPENBRIDGE':
+                logger.critical('%s FATAL: Instance is mode \'OPENBRIDGE\', \n\t\t...Which would be tragic for Bridge All, since it carries multiple call\n\t\tstreams simultaneously. bridge_all.py onlyl works with MMDVM-based systems', system)
+                sys.exit('bridge_all.py cannot function with systems that are not MMDVM devices. System {} is configured as an OPENBRIDGE'.format(system))
+            else:
+                systems[system] = bridgeallSYSTEM(system, CONFIG, report_server)
+            reactor.listenUDP(CONFIG['SYSTEMS'][system]['PORT'], systems[system], interface=CONFIG['SYSTEMS'][system]['IP'])
+            logger.debug('%s instance created: %s, %s', CONFIG['SYSTEMS'][system]['MODE'], system, systems[system])
+
+    reactor.run()

config.py

@@ -86,7 +86,7 @@ def acl_build(_acl, _max):
             if (const.ID_MIN <= start <= _max) or (const.ID_MIN <= end <= _max):
                 acl.append((start, end))
             else:
-                sys.exit('ACL CREATION ERROR, VALUE OUT OF RANGE (} - {})IN RANGE-BASED ENTRY: {}'.format(const.ID_MIN, _max, entry))
+                sys.exit('ACL CREATION ERROR, VALUE OUT OF RANGE ({} - {})IN RANGE-BASED ENTRY: {}'.format(const.ID_MIN, _max, entry))
         else:
             id = int(entry)
             if (const.ID_MIN <= id <= _max):
@@ -107,6 +107,7 @@ def build_config(_config_file):
     CONFIG['REPORTS'] = {}
     CONFIG['LOGGER'] = {}
     CONFIG['ALIASES'] = {}
+    CONFIG['USER_MANAGER'] = {}
     CONFIG['SYSTEMS'] = {}
 
     try:
@@ -153,6 +154,19 @@ def build_config(_config_file):
                     'STALE_TIME': config.getint(section, 'STALE_DAYS') * 86400,
                 })
 
+            elif section == 'USER_MANAGER':
+                CONFIG['USER_MANAGER'].update({
+                    'THIS_SERVER_NAME': config.get(section, 'THIS_SERVER_NAME'),
+                    'URL': config.get(section, 'URL'),
+                    'APPEND_INT': config.getint(section, 'APPEND_INT'),
+                    'SHARED_SECRET': config.get(section, 'SHARED_SECRET'),
+                    'SHORTEN_PASSPHRASE': config.getboolean(section, 'SHORTEN_PASSPHRASE'),
+                    'BURN_FILE': config.get(section, 'BURN_FILE'),
+                    'BURN_INT': config.getint(section, 'BURN_INT'),
+
+
+                })
+
             elif config.getboolean(section, 'ENABLED'):
                 if config.get(section, 'MODE') == 'PEER':
                     CONFIG['SYSTEMS'].update({section: {
@@ -182,7 +196,7 @@ def build_config(_config_file):
                         'SOFTWARE_ID': bytes(config.get(section, 'SOFTWARE_ID').ljust(40)[:40], 'utf-8'),
                         'PACKAGE_ID': bytes(config.get(section, 'PACKAGE_ID').ljust(40)[:40], 'utf-8'),
                         'GROUP_HANGTIME': config.getint(section, 'GROUP_HANGTIME'),
-                        'OPTIONS': bytes(config.get(section, 'OPTIONS'), 'utf-8'),
+                        'OPTIONS': b''.join([b'Type=HBlink;', bytes(config.get(section, 'OPTIONS'), 'utf-8')]),
                         'USE_ACL': config.getboolean(section, 'USE_ACL'),
                         'SUB_ACL': config.get(section, 'SUB_ACL'),
                         'TG1_ACL': config.get(section, 'TGID_TS1_ACL'),
@@ -249,6 +263,7 @@ def build_config(_config_file):
                     CONFIG['SYSTEMS'].update({section: {
                         'MODE': config.get(section, 'MODE'),
                         'ENABLED': config.getboolean(section, 'ENABLED'),
+                        'USE_USER_MAN': config.getboolean(section, 'USE_USER_MAN'),
                         'REPEAT': config.getboolean(section, 'REPEAT'),
                         'MAX_PEERS': config.getint(section, 'MAX_PEERS'),
                         'IP': gethostbyname(config.get(section, 'IP')),
@@ -274,6 +289,7 @@ def build_config(_config_file):
                         'TARGET_SOCK': (gethostbyname(config.get(section, 'TARGET_IP')), config.getint(section, 'TARGET_PORT')),
                         'TARGET_IP': gethostbyname(config.get(section, 'TARGET_IP')),
                         'TARGET_PORT': config.getint(section, 'TARGET_PORT'),
+                        'BOTH_SLOTS': config.getboolean(section, 'BOTH_SLOTS'),
                         'USE_ACL': config.getboolean(section, 'USE_ACL'),
                         'SUB_ACL': config.get(section, 'SUB_ACL'),
                         'TG1_ACL': config.get(section, 'TGID_ACL'),

const.py

@@ -50,6 +50,7 @@ HBPF_SLT_VHEAD  = 0x1
 HBPF_SLT_VTERM  = 0x2
 
 # HomeBrew Protocol Commands
+DMRA    = b'DMRA'
 DMRD    = b'DMRD'
 MSTCL   = b'MSTCL'
 MSTNAK  = b'MSTNAK'

db.txt

@@ -0,0 +1,4 @@
+{
+    3153597:b'passw0rd',
+    1234567:b'password'
+}

entrypoint

@@ -1,10 +0,0 @@
-#!/bin/sh
-
-mkdir -p /var/tmp/config 
-cd /var/tmp/config
-git clone https://${GIT_USER}:${GIT_PASSWORD}@${GIT_REPO}
-
-DIR=$(echo ${GIT_REPO}| sed s/.git$//g | sed s#^.*/##g)
-
-cp -a /var/tmp/config/${DIR}/*cfg /opt/hblink3/
-python /opt/hblink3/hblink.py

hblink-SAMPLE.cfg

@@ -120,21 +120,41 @@ STALE_DAYS: 7
 #
 # ACLs:
 # OpenBridge does not 'register', so registration ACL is meaningless.
-# OpenBridge passes all traffic on TS1, so there is only 1 TGID ACL.
+# Proper OpenBridge passes all traffic on TS1.
+# HBlink can extend OPB to use both slots for unit calls only.
+# Setting "BOTH_SLOTS" True ONLY affects unit traffic!
 # Otherwise ACLs work as described in the global stanza
 [OBP-1]
 MODE: OPENBRIDGE
-ENABLED: True
+ENABLED: False
 IP:
 PORT: 62035
 NETWORK_ID: 3129100
 PASSPHRASE: password
 TARGET_IP: 1.2.3.4
 TARGET_PORT: 62035
+BOTH_SLOTS: True
 USE_ACL: True
 SUB_ACL: DENY:1
 TGID_ACL: PERMIT:ALL
 
+# USER MANAGER
+# This is where to configure the details for use with a user managment script
+[USER_MANAGER]
+THIS_SERVER_NAME: My MMDVM Server
+USE_USER_MAN: True
+# URL of the user managment server
+URL: http://localhost:8080/auth
+# Integer appended to DMR ID during the generation of a passphrase
+APPEND_INT: 1
+# Secret used to authenticate with user managment server, before checking if user login is approved
+SHARED_SECRET: test
+# Shorten passphrases to 8 characters
+SHORTEN_PASSPHRASE: False
+BURN_FILE: ./burn_ids.txt
+BURN_INT: 5
+
+
 # MASTER INSTANCES - DUPLICATE SECTION FOR MULTIPLE MASTERS
 # HomeBrew Protocol Master instances go here.
 # IP may be left blank if there's one interface on your system.
@@ -151,6 +171,10 @@ TGID_ACL: PERMIT:ALL
 [MASTER-1]
 MODE: MASTER
 ENABLED: True
+
+# Use the user manager? If False, MASTER instance will operate as normal.
+USE_USER_MAN: False
+
 REPEAT: True
 MAX_PEERS: 10
 EXPORT_AMBE: False
@@ -178,7 +202,7 @@ TGID_TS2_ACL: PERMIT:ALL
 # See comments in the GLOBAL stanza
 [REPEATER-1]
 MODE: PEER
-ENABLED: True
+ENABLED: False
 LOOSE: False
 EXPORT_AMBE: False
 IP: 
@@ -210,7 +234,7 @@ TGID_TS2_ACL: PERMIT:ALL
 
 [XLX-1]
 MODE: XLXPEER
-ENABLED: True
+ENABLED: False
 LOOSE: True
 EXPORT_AMBE: False
 IP: 

hblink.py

@@ -55,6 +55,13 @@ from reporting_const import *
 import logging
 logger = logging.getLogger(__name__)
 
+# Used for user auth
+import os, ast
+import requests, json
+import base64
+import libscrc
+
+
 # Does anybody read this stuff? There's a PEP somewhere that says I should do this.
 __author__     = 'Cortney T. Buffington, N0MJS'
 __copyright__  = 'Copyright (c) 2016-2019 Cortney T. Buffington, N0MJS and the K0USY Group'
@@ -100,6 +107,23 @@ def acl_check(_id, _acl):
     return not _acl[0]
 
 
+def download_burnlist(_CONFIG):
+    user_man_url = _CONFIG['USER_MANAGER']['URL']
+    shared_secret = str(sha256(_CONFIG['USER_MANAGER']['SHARED_SECRET'].encode()).hexdigest())
+    burn_check = {
+    'burn_list':True,
+    'secret':shared_secret
+    }
+    json_object = json.dumps(burn_check, indent = 4)
+    try:
+        req = requests.post(user_man_url, data=json_object, headers={'Content-Type': 'application/json'})
+        resp = json.loads(req.text)
+        return resp['burn_list']
+    # For exception, write blank dict
+    except requests.ConnectionError:
+        return {}
+
+   
 #************************************************
 #    OPENBRIDGE CLASS
 #************************************************
@@ -160,8 +184,8 @@ class OPENBRIDGE(DatagramProtocol):
                 _stream_id = _data[16:20]
                 #logger.debug('(%s) DMRD - Seqence: %s, RF Source: %s, Destination ID: %s', self._system, int_id(_seq), int_id(_rf_src), int_id(_dst_id))
 
-                # Sanity check for OpenBridge -- all calls must be on Slot 1
-                if _slot != 1:
+                # Sanity check for OpenBridge -- all calls must be on Slot 1 for Brandmeister or DMR+. Other HBlinks can process timeslot on OPB if the flag is set
+                if _slot != 1 and not self._config['BOTH_SLOTS'] and not _call_type == 'unit':
                     logger.error('(%s) OpenBridge packet discarded because it was not received on slot 1. SID: %s, TGID %s', self._system, int_id(_rf_src), int_id(_dst_id))
                     return
 
@@ -206,8 +230,7 @@ class HBSYSTEM(DatagramProtocol):
         self._system = _name
         self._report = _report
         self._config = self._CONFIG['SYSTEMS'][self._system]
-        self._laststrid1 = ''
-        self._laststrid2 = ''
+        self._laststrid = {1: b'', 2: b''}
 
         # Define shortcuts and generic function names based on the type of system we are
         if self._config['MODE'] == 'MASTER':
@@ -230,6 +253,91 @@ class HBSYSTEM(DatagramProtocol):
             self.maintenance_loop = self.peer_maintenance_loop
             self.datagramReceived = self.peer_datagramReceived
             self.dereg = self.peer_dereg
+            
+    def check_user_man(self, _id, server_name, peer_ip):
+        #Change this to a config value
+        user_man_url = self._CONFIG['USER_MANAGER']['URL']
+        shared_secret = str(sha256(self._CONFIG['USER_MANAGER']['SHARED_SECRET'].encode()).hexdigest())
+        #print(int(str(int_id(_id))[:7]))
+        auth_check = {
+        'secret':shared_secret,
+        'login_id':int(str(int_id(_id))[:7]),
+        'login_ip': peer_ip,
+        'login_server': server_name
+        }
+        json_object = json.dumps(auth_check, indent = 4)
+        try:
+            req = requests.post(user_man_url, data=json_object, headers={'Content-Type': 'application/json'})
+            resp = json.loads(req.text)
+            return resp
+        except requests.ConnectionError:
+            return {'allow':True}
+
+    def send_login_conf(self, _id, server_name, peer_ip, old_auth):
+        #Change this to a config value
+        user_man_url = self._CONFIG['USER_MANAGER']['URL']
+        shared_secret = str(sha256(self._CONFIG['USER_MANAGER']['SHARED_SECRET'].encode()).hexdigest())
+        #print(int(str(int_id(_id))[:7]))
+        auth_conf = {
+        'secret':shared_secret,
+        'login_id':int(str(int_id(_id))[:7]),
+        'login_ip': peer_ip,
+        'login_server': server_name,
+        'login_confirmed': True,
+        'old_auth': old_auth
+        }
+        json_object = json.dumps(auth_conf, indent = 4)
+        try:
+            req = requests.post(user_man_url, data=json_object, headers={'Content-Type': 'application/json'})
+        #    resp = json.loads(req.text)
+        #return resp
+        except Exception as e:
+            logger.info(e)
+
+    def calc_passphrase(self, peer_id, _salt_str):
+        burn_id = ast.literal_eval(os.popen('cat ' + self._CONFIG['USER_MANAGER']['BURN_FILE']).read())
+        peer_id_trimmed = int(str(int_id(peer_id))[:7])
+        try:
+            print(self.ums_response)
+            if self.ums_response['mode'] == 'legacy':
+                _calc_hash = bhex(sha256(_salt_str+self._config['PASSPHRASE']).hexdigest())
+                calc_passphrase = self._config['PASSPHRASE']
+            if self.ums_response['mode'] == 'override':
+                _calc_hash = bhex(sha256(_salt_str+str.encode(self.ums_response['value'])).hexdigest())
+            if self.ums_response['mode'] == 'normal':
+                _new_peer_id = bytes_4(int(str(int_id(peer_id))[:7]))
+                peer_id_trimmed = str(peer_id_trimmed)
+                try:
+                    if burn_id[peer_id_trimmed]:
+                        logger.info('User ID has been burned. Requiring passphrase version: ' + str(burn_id[peer_id_trimmed]))
+                        calc_passphrase = base64.b64encode(bytes.fromhex(str(hex(libscrc.ccitt((_new_peer_id) + burn_id[peer_id_trimmed].to_bytes(2, 'big') + self._CONFIG['USER_MANAGER']['BURN_INT'].to_bytes(2, 'big') + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + burn_id[peer_id_trimmed].to_bytes(2, 'big') + self._CONFIG['USER_MANAGER']['BURN_INT'].to_bytes(2, 'big') + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))))[2:].zfill(8)))))[2:].zfill(4)) + (_new_peer_id) + burn_id[peer_id_trimmed].to_bytes(2, 'big') + self._CONFIG['USER_MANAGER']['BURN_INT'].to_bytes(2, 'big') + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + burn_id[peer_id_trimmed].to_bytes(2, 'big') + self._CONFIG['USER_MANAGER']['BURN_INT'].to_bytes(2, 'big') + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))))[2:].zfill(8)))
+                except:
+                    calc_passphrase = base64.b64encode(bytes.fromhex(str(hex(libscrc.ccitt((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))))[2:].zfill(8)))))[2:].zfill(4)) + (_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))))[2:].zfill(8)))
+                if self._CONFIG['USER_MANAGER']['SHORTEN_PASSPHRASE'] == True:
+                    calc_passphrase = calc_passphrase[-8:]
+                if self._CONFIG['USER_MANAGER']['SHORTEN_PASSPHRASE'] == False:
+                    pass
+                _calc_hash = bhex(sha256(_salt_str+calc_passphrase).hexdigest())
+        #If exception, assume UMS down and default to calculated passphrase
+        except Exception as e:
+            logger.info('Execption, UMS possibly down')
+            _new_peer_id = bytes_4(int(str(int_id(peer_id))[:7]))
+            if peer_id_trimmed in burn_id:
+                logger.info('User ID has been burned. Requiring passphrase version: ' + str(burn_id[peer_id_trimmed]))
+                calc_passphrase = base64.b64encode(bytes.fromhex(str(hex(libscrc.ccitt((_new_peer_id) + burn_id[peer_id_trimmed].to_bytes(2, 'big') + self._CONFIG['USER_MANAGER']['BURN_INT'].to_bytes(2, 'big') + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + burn_id[peer_id_trimmed].to_bytes(2, 'big') + self._CONFIG['USER_MANAGER']['BURN_INT'].to_bytes(2, 'big') + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))))[2:].zfill(8)))))[2:].zfill(4)) + (_new_peer_id) + burn_id[peer_id_trimmed].to_bytes(2, 'big') + self._CONFIG['USER_MANAGER']['BURN_INT'].to_bytes(2, 'big') + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + burn_id[peer_id_trimmed].to_bytes(2, 'big') + self._CONFIG['USER_MANAGER']['BURN_INT'].to_bytes(2, 'big') + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))))[2:].zfill(8)))
+            else:
+                calc_passphrase = base64.b64encode(bytes.fromhex(str(hex(libscrc.ccitt((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))))[2:].zfill(8)))))[2:].zfill(4)) + (_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))))[2:].zfill(8)))
+
+            #calc_passphrase = base64.b64encode(bytes.fromhex(str(hex(libscrc.ccitt((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))))[2:].zfill(8)))))[2:].zfill(4)) + (_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big') + bytes.fromhex(str(hex(libscrc.posix((_new_peer_id) + self._CONFIG['USER_MANAGER']['APPEND_INT'].to_bytes(2, 'big'))))[2:].zfill(8)))
+            if self._CONFIG['USER_MANAGER']['SHORTEN_PASSPHRASE'] == True:
+                calc_passphrase = calc_passphrase[-8:]
+            if self._CONFIG['USER_MANAGER']['SHORTEN_PASSPHRASE'] == False:
+                pass
+            _calc_hash = bhex(sha256(_salt_str+calc_passphrase).hexdigest())
+        print(calc_passphrase)
+        #    print(_calc_hash)
+        return _calc_hash
+
 
     def startProtocol(self):
         # Set up periodic loop for tracking pings from peers. Run every 'PING_TIME' seconds
@@ -327,6 +435,7 @@ class HBSYSTEM(DatagramProtocol):
 
     # Aliased in __init__ to datagramReceived if system is a master
     def master_datagramReceived(self, _data, _sockaddr):
+        global user_db
         # Keep This Line Commented Unless HEAVILY Debugging!
         # logger.debug('(%s) RX packet from %s -- %s', self._system, _sockaddr, ahex(_data))
 
@@ -353,45 +462,39 @@ class HBSYSTEM(DatagramProtocol):
                 _frame_type = (_bits & 0x30) >> 4
                 _dtype_vseq = (_bits & 0xF) # data, 1=voice header, 2=voice terminator; voice, 0=burst A ... 5=burst F
                 _stream_id = _data[16:20]
-                #logger.debug('(%s) DMRD - Seqence: %s, RF Source: %s, Destination ID: %s', self._system, int_id(_seq), int_id(_rf_src), int_id(_dst_id))
+                #logger.debug('(%s) DMRD - Seqence: %s, RF Source: %s, Destination ID: %s', self._system, _seq, int_id(_rf_src), int_id(_dst_id))
                 # ACL Processing
                 if self._CONFIG['GLOBAL']['USE_ACL']:
                     if not acl_check(_rf_src, self._CONFIG['GLOBAL']['SUB_ACL']):
-                        if self._laststrid != _stream_id:
+                        if self._laststrid[_slot] != _stream_id:
                             logger.info('(%s) CALL DROPPED WITH STREAM ID %s FROM SUBSCRIBER %s BY GLOBAL ACL', self._system, int_id(_stream_id), int_id(_rf_src))
-                            if _slot == 1:
-                                self._laststrid1 = _stream_id
-                            else:
-                                self._laststrid2 = _stream_id
+                            self._laststrid[_slot] = _stream_id
                         return
                     if _slot == 1 and not acl_check(_dst_id, self._CONFIG['GLOBAL']['TG1_ACL']):
-                        if self._laststrid1 != _stream_id:
+                        if self._laststrid[_slot] != _stream_id:
                             logger.info('(%s) CALL DROPPED WITH STREAM ID %s ON TGID %s BY GLOBAL TS1 ACL', self._system, int_id(_stream_id), int_id(_dst_id))
-                            self._laststrid1 = _stream_id
+                            self._laststrid[_slot] = _stream_id
                         return
                     if _slot == 2 and not acl_check(_dst_id, self._CONFIG['GLOBAL']['TG2_ACL']):
-                        if self._laststrid2 != _stream_id:
+                        if self._laststrid[_slot] != _stream_id:
                             logger.info('(%s) CALL DROPPED WITH STREAM ID %s ON TGID %s BY GLOBAL TS2 ACL', self._system, int_id(_stream_id), int_id(_dst_id))
-                            self._laststrid2 = _stream_id
+                            self._laststrid[_slot] = _stream_id
                         return
                 if self._config['USE_ACL']:
                     if not acl_check(_rf_src, self._config['SUB_ACL']):
-                        if self._laststrid != _stream_id:
+                        if self._laststrid[_slot] != _stream_id:
                             logger.info('(%s) CALL DROPPED WITH STREAM ID %s FROM SUBSCRIBER %s BY SYSTEM ACL', self._system, int_id(_stream_id), int_id(_rf_src))
-                            if _slot == 1:
-                                self._laststrid1 = _stream_id
-                            else:
-                                self._laststrid2 = _stream_id
+                            self._laststrid[_slot] = _stream_id
                         return
                     if _slot == 1 and not acl_check(_dst_id, self._config['TG1_ACL']):
-                        if self._laststrid1 != _stream_id:
+                        if self._laststrid[_slot] != _stream_id:
                             logger.info('(%s) CALL DROPPED WITH STREAM ID %s ON TGID %s BY SYSTEM TS1 ACL', self._system, int_id(_stream_id), int_id(_dst_id))
-                            self._laststrid1 = _stream_id
+                            self._laststrid[_slot] = _stream_id
                         return
                     if _slot == 2 and not acl_check(_dst_id, self._config['TG2_ACL']):
-                        if self._laststrid2 != _stream_id:
+                        if self._laststrid[_slot]!= _stream_id:
                             logger.info('(%s) CALL DROPPED WITH STREAM ID %s ON TGID %s BY SYSTEM TS2 ACL', self._system, int_id(_stream_id), int_id(_dst_id))
-                            self._laststrid2 = _stream_id
+                            self._laststrid[_slot] = _stream_id
                         return
 
                 # The basic purpose of a master is to repeat to the peers
@@ -412,8 +515,23 @@ class HBSYSTEM(DatagramProtocol):
             # Check to see if we've reached the maximum number of allowed peers
             if len(self._peers) < self._config['MAX_PEERS']:
                 # Check for valid Radio ID
-                if acl_check(_peer_id, self._CONFIG['GLOBAL']['REG_ACL']) and acl_check(_peer_id, self._config['REG_ACL']):
-                    # Build the configuration data strcuture for the peer
+                #print(self.check_user_man(_peer_id))
+                if self._config['USE_USER_MAN'] == True:
+                    self.ums_response = self.check_user_man(_peer_id, self._CONFIG['USER_MANAGER']['THIS_SERVER_NAME'], _sockaddr[0])
+##                    print(self.ums_response)
+                    #Will allow anyone to attempt authentication, used for a transition period
+##                    if acl_check(_peer_id, self._CONFIG['GLOBAL']['REG_ACL']) and self.ums_response['allow'] or acl_check(_peer_id, self._CONFIG['GLOBAL']['REG_ACL']) and acl_check(_peer_id, self._config['REG_ACL']):
+                    if acl_check(_peer_id, self._CONFIG['GLOBAL']['REG_ACL']) and self.ums_response['allow']:
+                        user_auth = self.ums_response['allow']
+                    else:
+                        user_auth = False
+                    print(user_auth)
+                if self._config['USE_USER_MAN'] == False:
+                   # print('False')
+                    if acl_check(_peer_id, self._CONFIG['GLOBAL']['REG_ACL']) and acl_check(_peer_id, self._config['REG_ACL']):
+                        user_auth = True
+                if user_auth == True:
+                # Build the configuration data strcuture for the peer
                     self._peers.update({_peer_id: {
                         'CONNECTION': 'RPTL-RECEIVED',
                         'CONNECTED': time(),
@@ -444,9 +562,10 @@ class HBSYSTEM(DatagramProtocol):
                     self.send_peer(_peer_id, b''.join([RPTACK, _salt_str]))
                     self._peers[_peer_id]['CONNECTION'] = 'CHALLENGE_SENT'
                     logger.info('(%s) Sent Challenge Response to %s for login: %s', self._system, int_id(_peer_id), self._peers[_peer_id]['SALT'])
+##                    print(self._peers)
                 else:
                     self.transport.write(b''.join([MSTNAK, _peer_id]), _sockaddr)
-                    logger.warning('(%s) Invalid Login from Radio ID: %s Denied by Registation ACL', self._system, int_id(_peer_id))
+                    logger.warning('(%s) Invalid Login from %s Radio ID: %s Denied by Registation ACL', self._system, _sockaddr[0], int_id(_peer_id))
             else:
                 self.transport.write(b''.join([MSTNAK, _peer_id]), _sockaddr)
                 logger.warning('(%s) Registration denied from Radio ID: %s Maximum number of peers exceeded', self._system, int_id(_peer_id))
@@ -460,11 +579,27 @@ class HBSYSTEM(DatagramProtocol):
                 _this_peer['LAST_PING'] = time()
                 _sent_hash = _data[8:]
                 _salt_str = bytes_4(_this_peer['SALT'])
-                _calc_hash = bhex(sha256(_salt_str+self._config['PASSPHRASE']).hexdigest())
-                if _sent_hash == _calc_hash:
+                # Used to allow config passphrase AND calculated.
+                _ocalc_hash = bhex(sha256(_salt_str+self._config['PASSPHRASE']).hexdigest())
+                
+                #print(self.ums_response)
+                if self._config['USE_USER_MAN'] == True:
+                   # print(self.calc_passphrase(_peer_id, _salt_str))
+                    _calc_hash = self.calc_passphrase(_peer_id, _salt_str)
+                if self._config['USE_USER_MAN'] == False:
+                    _calc_hash = bhex(sha256(_salt_str+self._config['PASSPHRASE']).hexdigest())
+                # Uncomment below to only accept calculated passphrase
+#                if _sent_hash == _calc_hash:
+                # Condition below accepts either calculated passphrase or config passphrase
+                if _sent_hash == _calc_hash or _sent_hash == _ocalc_hash:
                     _this_peer['CONNECTION'] = 'WAITING_CONFIG'
                     self.send_peer(_peer_id, b''.join([RPTACK, _peer_id]))
                     logger.info('(%s) Peer %s has completed the login exchange successfully', self._system, _this_peer['RADIO_ID'])
+                    #self.send_login_conf(_peer_id, self._CONFIG['USER_MANAGER']['THIS_SERVER_NAME'], _sockaddr[0], False)
+                    if _sent_hash == _ocalc_hash:
+                        self.send_login_conf(_peer_id, self._CONFIG['USER_MANAGER']['THIS_SERVER_NAME'], _sockaddr[0], True)
+                    else:
+                        self.send_login_conf(_peer_id, self._CONFIG['USER_MANAGER']['THIS_SERVER_NAME'], _sockaddr[0], False)
                 else:
                     logger.info('(%s) Peer %s has FAILED the login exchange successfully', self._system, _this_peer['RADIO_ID'])
                     self.transport.write(b''.join([MSTNAK, _peer_id]), _sockaddr)
@@ -526,6 +661,18 @@ class HBSYSTEM(DatagramProtocol):
                     self.transport.write(b''.join([MSTNAK, _peer_id]), _sockaddr)
                     logger.warning('(%s) Ping from Radio ID that is not logged in: %s', self._system, int_id(_peer_id))
 
+        elif _command == RPTO:
+            _peer_id = _data[4:8]
+            if _peer_id in self._peers \
+                        and self._peers[_peer_id]['CONNECTION'] == 'YES' \
+                        and self._peers[_peer_id]['SOCKADDR'] == _sockaddr:
+                logger.info('(%s) Peer %s (%s) has send options: %s', self._system, self._peers[_peer_id]['CALLSIGN'], int_id(_peer_id), _data[8:])
+                self.transport.write(b''.join([RPTACK, _peer_id]), _sockaddr)
+
+        elif _command == DMRA:
+            _peer_id = _data[4:8]
+            logger.info('(%s) Recieved DMR Talker Alias from peer %s, subscriber %s', self._system, self._peers[_peer_id]['CALLSIGN'], int_id(_rf_src))
+
         else:
             logger.error('(%s) Unrecognized command. Raw HBP PDU: %s', self._system, ahex(_data))
 
@@ -562,41 +709,35 @@ class HBSYSTEM(DatagramProtocol):
                     # ACL Processing
                     if self._CONFIG['GLOBAL']['USE_ACL']:
                         if not acl_check(_rf_src, self._CONFIG['GLOBAL']['SUB_ACL']):
-                            if self._laststrid != _stream_id:
-                                logger.debug('(%s) CALL DROPPED WITH STREAM ID %s FROM SUBSCRIBER %s BY GLOBAL ACL', self._system, int_id(_stream_id), int_id(_rf_src))
-                                if _slot == 1:
-                                    self._laststrid1 = _stream_id
-                                else:
-                                    self._laststrid2 = _stream_id
+                            if self._laststrid[_slot] != _stream_id:
+                                logger.info('(%s) CALL DROPPED WITH STREAM ID %s FROM SUBSCRIBER %s BY GLOBAL ACL', self._system, int_id(_stream_id), int_id(_rf_src))
+                                self._laststrid[_slot] = _stream_id
                             return
                         if _slot == 1 and not acl_check(_dst_id, self._CONFIG['GLOBAL']['TG1_ACL']):
-                            if self._laststrid1 != _stream_id:
-                                logger.debug('(%s) CALL DROPPED WITH STREAM ID %s ON TGID %s BY GLOBAL TS1 ACL', self._system, int_id(_stream_id), int_id(_dst_id))
-                                self._laststrid1 = _stream_id
+                            if self._laststrid[_slot] != _stream_id:
+                                logger.info('(%s) CALL DROPPED WITH STREAM ID %s ON TGID %s BY GLOBAL TS1 ACL', self._system, int_id(_stream_id), int_id(_dst_id))
+                                self._laststrid[_slot] = _stream_id
                             return
                         if _slot == 2 and not acl_check(_dst_id, self._CONFIG['GLOBAL']['TG2_ACL']):
-                            if self._laststrid2 != _stream_id:
-                                logger.debug('(%s) CALL DROPPED WITH STREAM ID %s ON TGID %s BY GLOBAL TS2 ACL', self._system, int_id(_stream_id), int_id(_dst_id))
-                                self._laststrid2 = _stream_id
+                            if self._laststrid[_slot] != _stream_id:
+                                logger.info('(%s) CALL DROPPED WITH STREAM ID %s ON TGID %s BY GLOBAL TS2 ACL', self._system, int_id(_stream_id), int_id(_dst_id))
+                                self._laststrid[_slot] = _stream_id
                             return
                     if self._config['USE_ACL']:
                         if not acl_check(_rf_src, self._config['SUB_ACL']):
-                            if self._laststrid != _stream_id:
-                                logger.debug('(%s) CALL DROPPED WITH STREAM ID %s FROM SUBSCRIBER %s BY SYSTEM ACL', self._system, int_id(_stream_id), int_id(_rf_src))
-                                if _slot == 1:
-                                    self._laststrid1 = _stream_id
-                                else:
-                                    self._laststrid2 = _stream_id
+                            if self._laststrid[_slot] != _stream_id:
+                                logger.info('(%s) CALL DROPPED WITH STREAM ID %s FROM SUBSCRIBER %s BY SYSTEM ACL', self._system, int_id(_stream_id), int_id(_rf_src))
+                                self._laststrid[_slot] = _stream_id
                             return
                         if _slot == 1 and not acl_check(_dst_id, self._config['TG1_ACL']):
-                            if self._laststrid1 != _stream_id:
-                                logger.debug('(%s) CALL DROPPED WITH STREAM ID %s ON TGID %s BY SYSTEM TS1 ACL', self._system, int_id(_stream_id), int_id(_dst_id))
-                                self._laststrid1 = _stream_id
+                            if self._laststrid[_slot] != _stream_id:
+                                logger.info('(%s) CALL DROPPED WITH STREAM ID %s ON TGID %s BY SYSTEM TS1 ACL', self._system, int_id(_stream_id), int_id(_dst_id))
+                                self._laststrid[_slot] = _stream_id
                             return
                         if _slot == 2 and not acl_check(_dst_id, self._config['TG2_ACL']):
-                            if self._laststrid2 != _stream_id:
-                                logger.debug('(%s) CALL DROPPED WITH STREAM ID %s ON TGID %s BY SYSTEM TS2 ACL', self._system, int_id(_stream_id), int_id(_dst_id))
-                                self._laststrid2 = _stream_id
+                            if self._laststrid[_slot] != _stream_id:
+                                logger.info('(%s) CALL DROPPED WITH STREAM ID %s ON TGID %s BY SYSTEM TS2 ACL', self._system, int_id(_stream_id), int_id(_dst_id))
+                                self._laststrid[_slot] = _stream_id
                             return
 
 
@@ -661,6 +802,7 @@ class HBSYSTEM(DatagramProtocol):
                             self._stats['CONNECTION'] = 'YES'
                             self._stats['CONNECTED'] = time()
                             logger.info('(%s) Connection to Master Completed', self._system)
+
                             # If we are an XLX, send the XLX module request here.
                             if self._config['MODE'] == 'XLXPEER':
                                 self.send_xlxmaster(self._config['RADIO_ID'], int(4000), self._config['MASTER_SOCKADDR'])
@@ -802,7 +944,7 @@ if __name__ == '__main__':
     if cli_args.LOG_LEVEL:
         CONFIG['LOGGER']['LOG_LEVEL'] = cli_args.LOG_LEVEL
     logger = log.config_logging(CONFIG['LOGGER'])
-    logger.info('\n\nCopyright (c) 2013, 2014, 2015, 2016, 2018, 2019\n\tThe Regents of the K0USY Group. All rights reserved.\n')
+    logger.info('\n\nCopyright (c) 2013, 2014, 2015, 2016, 2018, 2019, 2020\n\tThe Regents of the K0USY Group. All rights reserved.\n')
     logger.debug('(GLOBAL) Logging system started, anything from here on gets logged')
 
     # Set up the signal handler
@@ -818,6 +960,7 @@ if __name__ == '__main__':
 
     peer_ids, subscriber_ids, talkgroup_ids = mk_aliases(CONFIG)
 
+
     # INITIALIZE THE REPORTING LOOP
     if CONFIG['REPORTS']['REPORT']:
         report_server = config_reports(CONFIG, reportFactory)
@@ -836,4 +979,8 @@ if __name__ == '__main__':
             reactor.listenUDP(CONFIG['SYSTEMS'][system]['PORT'], systems[system], interface=CONFIG['SYSTEMS'][system]['IP'])
             logger.debug('(GLOBAL) %s instance created: %s, %s', CONFIG['SYSTEMS'][system]['MODE'], system, systems[system])
 
+    # Download burn list
+    with open(CONFIG['USER_MANAGER']['BURN_FILE'], 'w') as f:
+        f.write(str(download_burnlist(CONFIG)))
+
     reactor.run()

install.sh

@@ -1,6 +0,0 @@
-#! /bin/bash
-
-# Install the required support programs
-apt-get install python3 python3-pip -y
-pip3 install -r requirements.txt
-

playback.py

@@ -0,0 +1,229 @@
+#!/usr/bin/env python
+#
+###############################################################################
+#   Copyright (C) 2016-2019  Cortney T. Buffington, N0MJS <n0mjs@me.com> (and Mike Zingman N4IRR)
+#
+#   This program is free software; you can redistribute it and/or modify
+#   it under the terms of the GNU General Public License as published by
+#   the Free Software Foundation; either version 3 of the License, or
+#   (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be useful,
+#   but WITHOUT ANY WARRANTY; without even the implied warranty of
+#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#   GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program; if not, write to the Free Software Foundation,
+#   Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301  USA
+###############################################################################
+
+
+# Python modules we need
+import sys
+from bitarray import bitarray
+from time import time, sleep
+from importlib import import_module
+
+# Twisted is pretty important, so I keep it separate
+from twisted.internet.protocol import Factory, Protocol
+from twisted.protocols.basic import NetstringReceiver
+from twisted.internet import reactor, task
+
+# Things we import from the main hblink module
+from hblink import HBSYSTEM, systems, hblink_handler, reportFactory, REPORT_OPCODES, config_reports, mk_aliases
+from dmr_utils3.utils import bytes_3, int_id, get_alias
+from dmr_utils3 import decode, bptc, const
+import config
+import log
+import const
+
+# The module needs logging logging, but handlers, etc. are controlled by the parent
+import logging
+logger = logging.getLogger(__name__)
+
+
+# Does anybody read this stuff? There's a PEP somewhere that says I should do this.
+__author__     = 'Cortney T. Buffington, N0MJS and Mike Zingman, N4IRR'
+__copyright__  = 'Copyright (c) 2016-2019 Cortney T. Buffington, N0MJS and the K0USY Group'
+__license__    = 'GNU GPLv3'
+__maintainer__ = 'Cort Buffington, N0MJS'
+__email__      = 'n0mjs@me.com'
+__status__     = 'pre-alpha'
+
+# Module gobal varaibles
+
+class playback(HBSYSTEM):
+
+    def __init__(self, _name, _config, _report):
+        HBSYSTEM.__init__(self, _name, _config, _report)
+
+        # Status information for the system, TS1 & TS2
+        # 1 & 2 are "timeslot"
+        # In TX_EMB_LC, 2-5 are burst B-E
+        self.STATUS = {
+            1: {
+                'RX_START':     time(),
+                'RX_SEQ':       '\x00',
+                'RX_RFS':       '\x00',
+                'TX_RFS':       '\x00',
+                'RX_STREAM_ID': '\x00',
+                'TX_STREAM_ID': '\x00',
+                'RX_TGID':      '\x00\x00\x00',
+                'TX_TGID':      '\x00\x00\x00',
+                'RX_TIME':      time(),
+                'TX_TIME':      time(),
+                'RX_TYPE':      const.HBPF_SLT_VTERM,
+                'RX_LC':        '\x00',
+                'TX_H_LC':      '\x00',
+                'TX_T_LC':      '\x00',
+                'TX_EMB_LC': {
+                    1: '\x00',
+                    2: '\x00',
+                    3: '\x00',
+                    4: '\x00',
+                }
+                },
+            2: {
+                'RX_START':     time(),
+                'RX_SEQ':       '\x00',
+                'RX_RFS':       '\x00',
+                'TX_RFS':       '\x00',
+                'RX_STREAM_ID': '\x00',
+                'TX_STREAM_ID': '\x00',
+                'RX_TGID':      '\x00\x00\x00',
+                'TX_TGID':      '\x00\x00\x00',
+                'RX_TIME':      time(),
+                'TX_TIME':      time(),
+                'RX_TYPE':      const.HBPF_SLT_VTERM,
+                'RX_LC':        '\x00',
+                'TX_H_LC':      '\x00',
+                'TX_T_LC':      '\x00',
+                'TX_EMB_LC': {
+                    1: '\x00',
+                    2: '\x00',
+                    3: '\x00',
+                    4: '\x00',
+                }
+            }
+        }
+        self.CALL_DATA = []
+
+    def dmrd_received(self, _peer_id, _rf_src, _dst_id, _seq, _slot, _call_type, _frame_type, _dtype_vseq, _stream_id, _data):
+        pkt_time = time()
+        dmrpkt = _data[20:53]
+        _bits = _data[15]
+        if _call_type == 'group':
+            
+            # Is this is a new call stream?
+            if (_stream_id != self.STATUS[_slot]['RX_STREAM_ID']):
+                self.STATUS['RX_START'] = pkt_time
+                logger.info('(%s) *START RECORDING* STREAM ID: %s SUB: %s (%s) REPEATER: %s (%s) TGID %s (%s), TS %s', \
+                                  self._system, int_id(_stream_id), get_alias(_rf_src, subscriber_ids), int_id(_rf_src), get_alias(_peer_id, peer_ids), int_id(_peer_id), get_alias(_dst_id, talkgroup_ids), int_id(_dst_id), _slot)
+                self.CALL_DATA.append(_data)
+                self.STATUS[_slot]['RX_STREAM_ID'] = _stream_id
+                return
+
+            # Final actions - Is this a voice terminator?
+            if (_frame_type == const.HBPF_DATA_SYNC) and (_dtype_vseq == const.HBPF_SLT_VTERM) and (self.STATUS[_slot]['RX_TYPE'] != const.HBPF_SLT_VTERM) and (self.CALL_DATA):
+                call_duration = pkt_time - self.STATUS['RX_START']
+                self.CALL_DATA.append(_data)
+                logger.info('(%s) *END   RECORDING* STREAM ID: %s', self._system, int_id(_stream_id))
+                sleep(2)
+                logger.info('(%s) *START  PLAYBACK* STREAM ID: %s SUB: %s (%s) REPEATER: %s (%s) TGID %s (%s), TS %s, Duration: %s', \
+                                  self._system, int_id(_stream_id), get_alias(_rf_src, subscriber_ids), int_id(_rf_src), get_alias(_peer_id, peer_ids), int_id(_peer_id), get_alias(_dst_id, talkgroup_ids), int_id(_dst_id), _slot, call_duration)
+                for i in self.CALL_DATA:
+                    self.send_system(i)
+                    #print(i)
+                    sleep(0.06)
+                self.CALL_DATA = []
+                logger.info('(%s) *END    PLAYBACK* STREAM ID: %s', self._system, int_id(_stream_id))
+
+            else:
+                if self.CALL_DATA:
+                    self.CALL_DATA.append(_data)
+
+
+            # Mark status variables for use later
+            self.STATUS[_slot]['RX_RFS']       = _rf_src
+            self.STATUS[_slot]['RX_TYPE']      = _dtype_vseq
+            self.STATUS[_slot]['RX_TGID']      = _dst_id
+            self.STATUS[_slot]['RX_TIME']      = pkt_time
+            self.STATUS[_slot]['RX_STREAM_ID'] = _stream_id
+
+
+#************************************************
+#      MAIN PROGRAM LOOP STARTS HERE
+#************************************************
+
+if __name__ == '__main__':
+    
+    import argparse
+    import sys
+    import os
+    import signal
+    from dmr_utils3.utils import try_download, mk_id_dict
+    
+    # Change the current directory to the location of the application
+    os.chdir(os.path.dirname(os.path.realpath(sys.argv[0])))
+
+    # CLI argument parser - handles picking up the config file from the command line, and sending a "help" message
+    parser = argparse.ArgumentParser()
+    parser.add_argument('-c', '--config', action='store', dest='CONFIG_FILE', help='/full/path/to/config.file (usually hblink.cfg)')
+    parser.add_argument('-l', '--logging', action='store', dest='LOG_LEVEL', help='Override config file logging level.')
+    cli_args = parser.parse_args()
+
+    # Ensure we have a path for the config file, if one wasn't specified, then use the default (top of file)
+    if not cli_args.CONFIG_FILE:
+        cli_args.CONFIG_FILE = os.path.dirname(os.path.abspath(__file__))+'/hblink.cfg'
+
+    # Call the external routine to build the configuration dictionary
+    CONFIG = config.build_config(cli_args.CONFIG_FILE)
+    
+    # Start the system logger
+    if cli_args.LOG_LEVEL:
+        CONFIG['LOGGER']['LOG_LEVEL'] = cli_args.LOG_LEVEL
+    logger = log.config_logging(CONFIG['LOGGER'])
+    logger.info('\n\nCopyright (c) 2013, 2014, 2015, 2016, 2018, 2019\n\tThe Founding Members of the K0USY Group. All rights reserved.\n')
+    logger.debug('Logging system started, anything from here on gets logged')
+    
+    # Set up the signal handler
+    def sig_handler(_signal, _frame):
+        logger.info('SHUTDOWN: HBROUTER IS TERMINATING WITH SIGNAL %s', str(_signal))
+        hblink_handler(_signal, _frame)
+        logger.info('SHUTDOWN: ALL SYSTEM HANDLERS EXECUTED - STOPPING REACTOR')
+        reactor.stop()
+        
+    # Set signal handers so that we can gracefully exit if need be
+    for sig in [signal.SIGTERM, signal.SIGINT]:
+        signal.signal(sig, sig_handler)
+    
+    # ID ALIAS CREATION
+    # Download
+    if CONFIG['ALIASES']['TRY_DOWNLOAD'] == True:
+        # Try updating peer aliases file
+        result = try_download(CONFIG['ALIASES']['PATH'], CONFIG['ALIASES']['PEER_FILE'], CONFIG['ALIASES']['PEER_URL'], CONFIG['ALIASES']['STALE_TIME'])
+        logger.info(result)
+        # Try updating subscriber aliases file
+        result = try_download(CONFIG['ALIASES']['PATH'], CONFIG['ALIASES']['SUBSCRIBER_FILE'], CONFIG['ALIASES']['SUBSCRIBER_URL'], CONFIG['ALIASES']['STALE_TIME'])
+        logger.info(result)
+        
+    # Create the name-number mapping dictionaries
+    peer_ids, subscriber_ids, talkgroup_ids = mk_aliases(CONFIG)
+        
+    # INITIALIZE THE REPORTING LOOP
+    report_server = config_reports(CONFIG, reportFactory)    
+    
+    # HBlink instance creation
+    logger.info('HBlink \'playback.py\' (c) 2017-2019 Cort Buffington, N0MJS & Mike Zingman, N4IRR -- SYSTEM STARTING...')
+    for system in CONFIG['SYSTEMS']:
+        if CONFIG['SYSTEMS'][system]['ENABLED']:
+            if CONFIG['SYSTEMS'][system]['MODE'] == 'OPENBRIDGE':
+                logger.critical('%s FATAL: Instance is mode \'OPENBRIDGE\', \n\t\t...Which would be tragic for playback, since it carries multiple call\n\t\tstreams simultaneously. playback.py onlyl works with MMDVM-based systems', system)
+                sys.exit('playback.py cannot function with systems that are not MMDVM devices. System {} is configured as an OPENBRIDGE'.format(system))
+            else:
+                systems[system] = playback(system, CONFIG, report_server)
+            reactor.listenUDP(CONFIG['SYSTEMS'][system]['PORT'], systems[system], interface=CONFIG['SYSTEMS'][system]['IP'])
+            logger.debug('%s instance created: %s, %s', CONFIG['SYSTEMS'][system]['MODE'], system, systems[system])
+
+    reactor.run()

rules_SAMPLE.py

@@ -47,6 +47,18 @@ BRIDGES = {
         ]
 }
 
+'''
+list the names of each system that should bridge unit to unit (individual) calls.
+'''
+
+UNIT = ['ONE', 'TWO']
+
+'''
+This is for testing the syntax of the file. It won't eliminate all errors, but running this file
+like it were a Python program itself will tell you if the syntax is correct!
+'''
+
 if __name__ == '__main__':
     from pprint import pprint
     pprint(BRIDGES)
+    print(UNIT)

user_managment/config-SAMPLE.py

@@ -0,0 +1,62 @@
+
+'''
+Settings for user management portal.
+'''
+# Database location
+db_location = 'sqlite:///./users.db'
+
+# Legacy passphrase used in hblink.cfg
+legacy_passphrase = 'passw0rd'
+
+# Trim passphrases to 8 characters
+use_short_passphrase = False
+
+# Title of the Dashboard
+title = 'MMDVM User Portal'
+# Port to run server
+ums_port = 8080
+# IP to run server on
+ums_host = '127.0.0.1'
+
+url = 'http://localhost:8080'
+
+append_int = 1
+
+shared_secrets = ['test']
+
+
+burn_int = 5
+
+legacy_passphrase = 'passw0rd'
+
+# Email settings
+MAIL_SERVER = 'smtp.gmail.com'
+MAIL_PORT = 465
+MAIL_USE_SSL = True
+MAIL_USE_TLS = False
+MAIL_USERNAME = 'app@gmail.com'
+MAIL_PASSWORD = 'password'
+MAIL_DEFAULT_SENDER = '"' + title + '" <app@gmail.com>'
+
+# UMS settings
+secret_key = 'SUPER SECRET LONG KEY'
+
+USER_ENABLE_EMAIL = True
+USER_ENABLE_USERNAME = True    # Enable username authentication
+USER_REQUIRE_RETYPE_PASSWORD = True    # Simplify register form
+USER_ENABLE_CHANGE_USERNAME = False
+USER_ENABLE_MULTIPLE_EMAILS = True
+USER_ENABLE_CONFIRM_EMAIL = True
+USER_ENABLE_REGISTER = True
+USER_AUTO_LOGIN_AFTER_CONFIRM = False
+USER_SHOW_USERNAME_DOES_NOT_EXIST = True
+
+# Gateway contact info displayed on about page.
+contact_name = 'your name'
+contact_call = 'N0CALL'
+contact_email = 'email@example.org'
+contact_website = 'https://hbl.ink'
+
+# Time format for display
+time_format = '%H:%M:%S - %m/%d/%y'
+

user_managment/gen_script_template-SAMPLE.py

@@ -0,0 +1,5 @@
+def gen_script(dmr_id, passphrase):
+    script = '''
+DMR ID: ''' + str(dmr_id) + ''' \n Passphrase: ''' + str(passphrase) + '''
+'''
+    return script

user_managment/templates/flask_user/edit_user_profile.html

@@ -0,0 +1,30 @@
+{% extends 'flask_user/_authorized_base.html' %}
+
+{% block content %}
+{% from "flask_user/_macros.html" import render_field, render_checkbox_field, render_submit_field %}
+<h1>{%trans%}User profile{%endtrans%}</h1>
+
+<form action="" method="POST" class="form" role="form">
+    {{ form.hidden_tag() }}
+    {% for field in form %}
+        {% if not field.flags.hidden %}
+            {% if field.type=='SubmitField' %}
+                {{ render_submit_field(field, tabindex=loop.index*10) }}
+            {% else %}
+                {{ render_field(field, tabindex=loop.index*10) }}
+            {% endif %}
+        {% endif %}
+    {% endfor %}
+</form>
+<br/>
+<p><a href="../update_ids"><strong>Update your information from RadioID.net</strong></a></p>
+{% if not user_manager.USER_ENABLE_AUTH0 %}
+    {% if user_manager.USER_ENABLE_CHANGE_USERNAME %}
+        <p><a href="{{ url_for('user.change_username') }}">{%trans%}Change username{%endtrans%}</a></p>
+    {% endif %}
+    {% if user_manager.USER_ENABLE_CHANGE_PASSWORD %}
+        <p><a href="{{ url_for('user.change_password') }}">{%trans%}Change password{%endtrans%}</a></p>
+    {% endif %}
+{% endif %}
+
+{% endblock %}

user_managment/templates/flask_user/emails/base_message.html

@@ -0,0 +1,8 @@
+<p>Dear {{ user.email }} - {{ user.username }},</p>
+
+{% block message %}
+{% endblock %}
+
+<p>Sincerely,<br/>
+{{ app_name }}
+</p>

user_managment/templates/flask_user/login.html

@@ -0,0 +1,69 @@
+{% extends 'flask_user/_public_base.html' %}
+
+{% block content %}
+{% from "flask_user/_macros.html" import render_field, render_checkbox_field, render_submit_field %}
+<h1>{%trans%}Sign in{%endtrans%}</h1>
+<p>&nbsp;</p>
+
+<strong>Your username MUST be your callsign or email address.</strong>
+<p>&nbsp;</p>
+
+<form action="" method="POST" class="form" role="form">
+    {{ form.hidden_tag() }}
+
+    {# Username or Email field #}
+    {% set field = form.username if user_manager.USER_ENABLE_USERNAME else form.email %}
+    <div class="form-group {% if field.errors %}has-error{% endif %}">
+        {# Label on left, "New here? Register." on right #}
+        <div class="row">
+            <div class="col-xs-6">
+                <label for="{{ field.id }}" class="control-label">{{ field.label.text }}</label>
+            </div>
+            <div class="col-xs-6 text-right">
+                {% if user_manager.USER_ENABLE_REGISTER and not user_manager.USER_REQUIRE_INVITATION %}
+                    <a href="{{ url_for('user.register') }}" tabindex='190'>
+                        {%trans%}New here? Register.{%endtrans%}</a>
+                {% endif %}
+            </div>
+        </div>
+        {{ field(class_='form-control', tabindex=110) }}
+        {% if field.errors %}
+            {% for e in field.errors %}
+                <p class="help-block">{{ e }}</p>
+            {% endfor %}
+        {% endif %}
+    </div>
+
+    {# Password field #}
+    {% set field = form.password %}
+    <div class="form-group {% if field.errors %}has-error{% endif %}">
+        {# Label on left, "Forgot your Password?" on right #}
+        <div class="row">
+            <div class="col-xs-6">
+                <label for="{{ field.id }}" class="control-label">{{ field.label.text }}</label>
+            </div>
+            <div class="col-xs-6 text-right">
+                {% if user_manager.USER_ENABLE_FORGOT_PASSWORD %}
+                    <a href="{{ url_for('user.forgot_password') }}" tabindex='195'>
+                        {%trans%}Forgot your Password?{%endtrans%}</a>
+                {% endif %}
+            </div>
+        </div>
+        {{ field(class_='form-control', tabindex=120) }}
+        {% if field.errors %}
+            {% for e in field.errors %}
+                <p class="help-block">{{ e }}</p>
+            {% endfor %}
+        {% endif %}
+    </div>
+
+    {# Remember me #}
+    {% if user_manager.USER_ENABLE_REMEMBER_ME %}
+    {{ render_checkbox_field(login_form.remember_me, tabindex=130) }}
+    {% endif %}
+
+    {# Submit button #}
+    {{ render_submit_field(form.submit, tabindex=180) }}
+</form>
+
+{% endblock %}

user_managment/templates/flask_user/register.html

@@ -0,0 +1,50 @@
+{% extends 'flask_user/_public_base.html' %}
+
+{% block content %}
+{% from "flask_user/_macros.html" import render_field, render_submit_field %}
+<h1>{%trans%}Register{%endtrans%}</h1>
+<p>&nbsp;</p>
+
+<strong>Your username MUST be your callsign.</strong> After filling out the fields, a confirmation link will be emailed to you.
+<p>&nbsp;</p>
+
+<form action="" method="POST" novalidate formnovalidate class="form" role="form">
+    {{ form.hidden_tag() }}
+
+    {# Username or Email #}
+    {% set field = form.username if user_manager.USER_ENABLE_USERNAME else form.email %}
+    <div class="form-group {% if field.errors %}has-error{% endif %}">
+        {# Label on left, "Already registered? Sign in." on right #}
+        <div class="row">
+            <div class="col-xs-6">
+                <label for="{{ field.id }}" class="control-label">{{ field.label.text }}</label>
+            </div>
+            <div class="col-xs-6 text-right">
+                {% if user_manager.USER_ENABLE_REGISTER %}
+                    <a href="{{ url_for('user.login') }}" tabindex='290'>
+                        {%trans%}Already registered? Sign in.{%endtrans%}</a>
+                {% endif %}
+            </div>
+        </div>
+        {{ field(class_='form-control', tabindex=210) }}
+        {% if field.errors %}
+            {% for e in field.errors %}
+                <p class="help-block">{{ e }}</p>
+            {% endfor %}
+        {% endif %}
+    </div>
+
+    {% if user_manager.USER_ENABLE_EMAIL and user_manager.USER_ENABLE_USERNAME %}
+        {{ render_field(form.email, tabindex=220) }}
+    {% endif %}
+
+    {{ render_field(form.password, tabindex=230) }}
+
+    {% if user_manager.USER_REQUIRE_RETYPE_PASSWORD %}
+        {{ render_field(form.retype_password, tabindex=240) }}
+    {% endif %}
+
+    {{ render_submit_field(form.submit, tabindex=280) }}
+</form>
+
+{% endblock %}

user_managment/templates/flask_user_layout.html

@@ -0,0 +1,147 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <title>{{ user_manager.USER_APP_NAME }}</title>
+
+    <!-- Bootstrap -->
+    <link href="//netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css" rel="stylesheet">
+
+    <!-- In-lining styles to avoid needing a separate .css file -->
+    <style>
+        hr { border-color: #cccccc; margin: 0; }
+        .no-margins { margin: 0px; }
+        .with-margins { margin: 10px; }
+        .col-centered { float: none; margin: 0 auto; }
+    </style>
+
+    <!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
+    <!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
+    <!--[if lt IE 9]>
+      <script src="//cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7/html5shiv.js"></script>
+      <script src="//cdnjs.cloudflare.com/ajax/libs/respond.js/1.4.2/respond.js"></script>
+    <![endif]-->
+
+    {# *** Allow sub-templates to insert extra html to the head section *** #}
+    {% block extra_css %}{% endblock %}
+  </head>
+
+
+<body>
+<h1 style="text-align: center;">{{ user_manager.USER_APP_NAME }}</h1>
+    <p><img style="display: block; margin-left: auto; margin-right: auto;" src="{{ url_for('static', filename='HBlink.png') }}" alt="Logo" width="300" height="144" /></p>
+<h1 style="text-align: center;">{{title}}</h1>
+<hr />
+<table style="width: 700px; margin-left: auto; margin-right: auto;" border="black" cellspacing="3" cellpadding="3">
+<tbody>
+<tr>
+    
+<td style="text-align: center;"><a href={{url}}/>Home</a></td>
+        {% if not call_or_get(current_user.is_authenticated) %}
+<td style="text-align: center;"><a href={{ url_for('user.register') }}>Register</a></td>
+<td style="text-align: center;"><a href={{ url_for('user.login') }}>Sign in</a></td>
+    {% endif %}
+    {% if call_or_get(current_user.is_authenticated) %}
+            {% if call_or_get(current_user.has_roles('Admin')) %}
+    <td style="text-align: center;"><a href={{url}}/add_user><strong>Add a User</strong></a></td>
+    <td style="text-align: center;"><a href={{url}}/list_users><strong>Edit Users</strong></a></td>
+    <td style="text-align: center;"><a href={{url}}/approve_users><strong>Waiting Approval</strong></a></td>
+    <td style="text-align: center;"><a href={{url}}/auth_log><strong>Auth Log</strong></a></td>
+
+            {% endif %}
+<td style="text-align: center;"><a href={{url}}/help>Help</a></td>
+<td style="text-align: center;"><a href={{url}}/generate_passphrase>View Passphrase(s)</a></td>
+<td style="text-align: center;"><a href="{{ url_for('user.edit_user_profile') }}">Edit {{ current_user.username or current_user.email }}</a></td>
+<td style="text-align: center;"><a href={{ url_for('user.logout') }}>Sign out</a></td>
+            {% endif %}
+</tr>
+</tbody>
+</table>
+
+{% if call_or_get(current_user.is_authenticated) %}
+            {% if call_or_get(current_user.has_roles('Admin')) %}
+<table style="width: 700px; margin-left: auto; margin-right: auto;" border="black" cellspacing="3" cellpadding="3">
+<tbody>
+<tr>
+<td style="text-align: center;"><a href={{url}}/edit_server>Manage Server Configs</a></td>
+<td style="text-align: center;"><a href={{url}}/edit_peer>Manage Peers</a></td>
+<td style="text-align: center;"><a href={{url}}/edit_peer>Manage Masters Configs</a></td>
+</tr>
+</tbody>
+</table>
+        {% endif %}
+        {% endif %}
+
+<hr />
+    {% block body %}
+<!--
+    <div id="header-div" class="clearfix with-margins">
+        <div class="pull-left"><a href="/"><h1 class="no-margins">{{ user_manager.USER_APP_NAME }}</h1></a></div>
+        <div class="pull-right">
+            {% if call_or_get(current_user.is_authenticated) %}
+                <a href="{{ url_for('user.edit_user_profile') }}">{{ current_user.username or current_user.email }}</a>
+                &nbsp; | &nbsp;
+                <a href="{{ url_for('user.logout') }}">{%trans%}Sign out{%endtrans%}</a>
+            {% else %}
+                <a href="{{ url_for('user.login') }}">{%trans%}Sign in{%endtrans%}</a>
+            {% endif %}
+        </div>
+
+    </div>
+    {% block menu %}
+    <div id="menu-div" class="with-margins">
+        <a href="/">{%trans%}Home page{%endtrans%}</a>
+    </div>
+    {% endblock %}
+-->
+    <hr class="no-margins"/>
+
+    <div id="main-div" class="with-margins">
+    {# One-time system messages called Flash messages #}
+    {% block flash_messages %}
+        {%- with messages = get_flashed_messages(with_categories=true) -%}
+            {% if messages %}
+                {% for category, message in messages %}
+                    {% if category=='error' %}
+                        {% set category='danger' %}
+                    {% endif %}
+                    <div class="alert alert-{{category}}">{{ message|safe }}</div>
+                {% endfor %}
+            {% endif %}
+        {%- endwith %}
+    {% endblock %}
+    {% block main %}
+        {% block content %}
+
+                {{markup_content}}
+
+
+    {% endblock %}
+    {% endblock %}
+    </div>
+
+    <br/>
+    <hr class="no-margins"/>
+    <div id="footer-div" class="clearfix with-margins">
+    <p style="text-align: center;"><strong>{{ user_manager.USER_APP_NAME }}<br /></strong><a href="https://github.com/kf7eel/hblink3">HBNet DMR Server</a><br />Created by KF7EEL<br />Contributors:&nbsp; W7NCX, N9VW, KC7AAD, NO7RF</p>
+<!--
+
+        <div class="pull-left">{{ user_manager.USER_APP_NAME }}</div>
+        <div class="pull-right">Credits: KF7EEL, W7NCX, N9VW, KC7AAD, NO7RF</div>
+    -->
+
+    </div>
+    {% endblock %}
+
+    <!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
+    <script src="//code.jquery.com/jquery-1.11.0.min.js"></script>
+    <!-- Bootstrap -->
+    <script src="//netdna.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js"></script>
+
+    {# *** Allow sub-templates to insert extra html to the bottom of the body *** #}
+    {% block extra_js %}{% endblock %}
+
+  </body>
+</html>

user_managment/templates/help.html

@@ -0,0 +1,4 @@
+{% extends 'flask_user/_public_base.html' %}
+{% block content %}
+This is a help page.</p>
+{% endblock %}

user_managment/templates/index.html

@@ -0,0 +1,4 @@
+{% extends 'flask_user/_public_base.html' %}
+{% block content %}
+<p>Welcome to the <strong>{{ user_manager.USER_APP_NAME }}</strong>. This tool is used to manage your access.</p>
+{% endblock %}

user_managment/templates/view_passphrase.html

@@ -0,0 +1,34 @@
+{% extends 'flask_user/_public_base.html' %}
+{% block content %}
+<p>&nbsp;</p><h4 style="text-align: center;"><a href="/generate_passphrase/pi-star">Click here</a> for automated Pi-Star script.</h4><p>&nbsp;</p>
+<table style="width: 900px; margin-left: auto; margin-right: auto;">
+<tbody>
+<tr>
+<td>
+
+<table style="width: 218px;" border="1">
+<tbody>
+<tr>
+<td style="width: 53.8333px;">Name:</td>
+<td style="width: 147.167px; text-align: center;"><strong>My Server</strong></td>
+</tr>
+<tr>
+<td style="width: 53.8333px;">Host/IP:</td>
+<td style="width: 147.167px; text-align: center;"><strong>127.0.0.1</strong></td>
+</tr>
+<tr>
+<td style="width: 53.8333px;">Port:</td>
+<td style="width: 147.167px; text-align: center;"><strong>62030</strong></td>
+</tr>
+</tbody>
+</table>
+
+</td>
+<td>{{markup_content}}
+</td>
+
+</tr>
+</tbody>
+</table>
+<p>&nbsp;</p>
+{% endblock %}