mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-23 07:22:33 +00:00
6fd16b0d27
Store the private key with read and write permission for the user only
and not with read permissions for everyone. This converts the
write_file() function from fopen() to open() because open allows to
specify the permission mask of the newly created file. It also adds and
fixes some existing error handling.
OpenSSL does this in the same way already.
With this change it looks like this:
root@OpenWrt:/# ls -al /etc/uhttpd.crt /etc/uhttpd.key
-rw-r--r-- 1 root root 519 Nov 6 22:58 /etc/uhttpd.crt
-rw------- 1 root root 121 Nov 6 22:58 /etc/uhttpd.key
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 929c9a58c9
)
70 lines
1.7 KiB
Makefile
70 lines
1.7 KiB
Makefile
#
|
|
# Copyright (C) 2010-2015 Jo-Philipp Wich <jo@mein.io>
|
|
#
|
|
# This is free software, licensed under the GNU General Public License v2.
|
|
# See /LICENSE for more information.
|
|
#
|
|
|
|
include $(TOPDIR)/rules.mk
|
|
|
|
PKG_NAME:=px5g-mbedtls
|
|
PKG_RELEASE:=10
|
|
PKG_LICENSE:=LGPL-2.1
|
|
|
|
PKG_BUILD_FLAGS:=no-mips16
|
|
|
|
PKG_MAINTAINER:=Jo-Philipp Wich <jo@mein.io>
|
|
|
|
include $(INCLUDE_DIR)/package.mk
|
|
|
|
define Package/px5g-mbedtls
|
|
SECTION:=utils
|
|
CATEGORY:=Utilities
|
|
SUBMENU:=Encryption
|
|
TITLE:=X.509 certificate generator (using mbedtls)
|
|
DEPENDS:=+libmbedtls
|
|
PROVIDES:=px5g
|
|
VARIANT:=mbedtls
|
|
endef
|
|
|
|
define Package/px5g-mbedtls/description
|
|
Px5g is a tiny standalone X.509 certificate generator.
|
|
It suitable to create key files and certificates in DER
|
|
and PEM format for use with stunnel, uhttpd and others.
|
|
endef
|
|
|
|
define Package/px5g-standalone
|
|
SECTION:=utils
|
|
CATEGORY:=Utilities
|
|
SUBMENU:=Encryption
|
|
TITLE:=X.509 certificate generator (standalone)
|
|
VARIANT:=standalone
|
|
endef
|
|
Package/px5g-standalone/description = $(Package/px5g-mbedtls/description)
|
|
|
|
define Build/Prepare
|
|
mkdir -p $(PKG_BUILD_DIR)
|
|
endef
|
|
|
|
TARGET_LDFLAGS += -lmbedtls -lmbedx509 -lmbedcrypto
|
|
|
|
ifeq ($(BUILD_VARIANT),standalone)
|
|
TARGET_LDFLAGS := -Wl,-Bstatic $(TARGET_LDFLAGS) -Wl,-Bdynamic
|
|
endif
|
|
|
|
TARGET_CFLAGS += -Wl,--gc-sections -Wall -Werror
|
|
|
|
define Build/Compile
|
|
$(TARGET_CC) $(TARGET_CPPFLAGS) $(TARGET_CFLAGS) -o $(PKG_BUILD_DIR)/px5g px5g-mbedtls.c $(TARGET_LDFLAGS)
|
|
endef
|
|
|
|
define Package/px5g-mbedtls/install
|
|
$(INSTALL_DIR) $(1)/usr/sbin
|
|
$(INSTALL_BIN) $(PKG_BUILD_DIR)/px5g $(1)/usr/sbin/px5g
|
|
endef
|
|
|
|
Package/px5g-standalone/install = $(Package/px5g-mbedtls/install)
|
|
|
|
$(eval $(call BuildPackage,px5g-mbedtls))
|
|
$(eval $(call BuildPackage,px5g-standalone))
|