mirror of
https://github.com/openwrt/openwrt.git
synced 2025-01-19 19:27:27 +00:00
ee2014e680
With this change it is now possible to switch off single instances of the uhttpd config. Until now it was only possible to switch all instances of uhttpd on or off. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
214 lines
5.4 KiB
Bash
Executable File
214 lines
5.4 KiB
Bash
Executable File
#!/bin/sh /etc/rc.common
|
|
# Copyright (C) 2010 Jo-Philipp Wich
|
|
|
|
START=50
|
|
|
|
USE_PROCD=1
|
|
|
|
UHTTPD_BIN="/usr/sbin/uhttpd"
|
|
PX5G_BIN="/usr/sbin/px5g"
|
|
OPENSSL_BIN="/usr/bin/openssl"
|
|
|
|
append_arg() {
|
|
local cfg="$1"
|
|
local var="$2"
|
|
local opt="$3"
|
|
local def="$4"
|
|
local val
|
|
|
|
config_get val "$cfg" "$var"
|
|
[ -n "$val" -o -n "$def" ] && procd_append_param command "$opt" "${val:-$def}"
|
|
}
|
|
|
|
append_bool() {
|
|
local cfg="$1"
|
|
local var="$2"
|
|
local opt="$3"
|
|
local def="$4"
|
|
local val
|
|
|
|
config_get_bool val "$cfg" "$var" "$def"
|
|
[ "$val" = 1 ] && procd_append_param command "$opt"
|
|
}
|
|
|
|
generate_keys() {
|
|
local cfg="$1"
|
|
local key="$2"
|
|
local crt="$3"
|
|
local days bits country state location commonname
|
|
|
|
config_get days "$cfg" days
|
|
config_get bits "$cfg" bits
|
|
config_get country "$cfg" country
|
|
config_get state "$cfg" state
|
|
config_get location "$cfg" location
|
|
config_get commonname "$cfg" commonname
|
|
config_get key_type "$cfg" key_type
|
|
config_get ec_curve "$cfg" ec_curve
|
|
|
|
# Prefer px5g for certificate generation (existence evaluated last)
|
|
local GENKEY_CMD=""
|
|
local KEY_OPTS="rsa:${bits:-2048}"
|
|
local UNIQUEID=$(dd if=/dev/urandom bs=1 count=4 | hexdump -e '1/1 "%02x"')
|
|
[ "$key_type" = "ec" ] && KEY_OPTS="ec -pkeyopt ec_paramgen_curve:${ec_curve:-P-256}"
|
|
[ -x "$OPENSSL_BIN" ] && GENKEY_CMD="$OPENSSL_BIN req -x509 -sha256 -outform der -nodes"
|
|
[ -x "$PX5G_BIN" ] && GENKEY_CMD="$PX5G_BIN selfsigned -der"
|
|
[ -n "$GENKEY_CMD" ] && {
|
|
$GENKEY_CMD \
|
|
-days ${days:-730} -newkey ${KEY_OPTS} -keyout "${UHTTPD_KEY}.new" -out "${UHTTPD_CERT}.new" \
|
|
-subj /C="${country:-ZZ}"/ST="${state:-Somewhere}"/L="${location:-Unknown}"/O="${commonname:-OpenWrt}$UNIQUEID"/CN="${commonname:-OpenWrt}"
|
|
sync
|
|
mv "${UHTTPD_KEY}.new" "${UHTTPD_KEY}"
|
|
mv "${UHTTPD_CERT}.new" "${UHTTPD_CERT}"
|
|
}
|
|
}
|
|
|
|
create_httpauth() {
|
|
local cfg="$1"
|
|
local prefix username password
|
|
|
|
config_get prefix "$cfg" prefix
|
|
config_get username "$cfg" username
|
|
config_get password "$cfg" password
|
|
|
|
if [ -z "$prefix" ] || [ -z "$username" ] || [ -z "$password" ]; then
|
|
return
|
|
fi
|
|
echo "${prefix}:${username}:${password}" >>$httpdconf
|
|
haveauth=1
|
|
}
|
|
|
|
append_lua_prefix() {
|
|
local v="$1"
|
|
local prefix="${v%%=*}"
|
|
local handler="${v#*=}"
|
|
|
|
if [ "$prefix" != "$handler" ] && [ -n "$prefix" ] && [ -f "$handler" ]; then
|
|
procd_append_param command -l "$prefix" -L "$handler"
|
|
else
|
|
echo "Skipping invalid Lua prefix \"$v\"" >&2
|
|
fi
|
|
}
|
|
|
|
start_instance()
|
|
{
|
|
UHTTPD_CERT=""
|
|
UHTTPD_KEY=""
|
|
|
|
local cfg="$1"
|
|
local realm="$(uci_get system.@system[0].hostname)"
|
|
local listen http https interpreter indexes path handler httpdconf haveauth
|
|
local enabled
|
|
|
|
config_get_bool enabled "$cfg" 'enabled' 1
|
|
[ $enabled -gt 0 ] || return
|
|
|
|
procd_open_instance
|
|
procd_set_param respawn
|
|
procd_set_param stderr 1
|
|
procd_set_param command "$UHTTPD_BIN" -f
|
|
|
|
config_get config "$cfg" config
|
|
if [ -z "$config" ]; then
|
|
mkdir -p /var/etc/uhttpd
|
|
httpdconf="/var/etc/uhttpd/httpd.${cfg}.conf"
|
|
rm -f ${httpdconf}
|
|
config_list_foreach "$cfg" httpauth create_httpauth
|
|
if [ "$haveauth" = "1" ]; then
|
|
procd_append_param command -c ${httpdconf}
|
|
[ -r /etc/httpd.conf ] && cat /etc/httpd.conf >>/var/etc/uhttpd/httpd.${cfg}.conf
|
|
fi
|
|
fi
|
|
|
|
append_arg "$cfg" home "-h"
|
|
append_arg "$cfg" realm "-r" "${realm:-OpenWrt}"
|
|
append_arg "$cfg" config "-c"
|
|
append_arg "$cfg" cgi_prefix "-x"
|
|
[ -f /usr/lib/uhttpd_lua.so ] && {
|
|
local len
|
|
config_get len "$cfg" lua_prefix_LENGTH
|
|
|
|
if [ -n "$len" ]; then
|
|
config_list_foreach "$cfg" lua_prefix append_lua_prefix
|
|
else
|
|
config_get prefix "$cfg" lua_prefix
|
|
config_get handler "$cfg" lua_handler
|
|
append_lua_prefix "$prefix=$handler"
|
|
fi
|
|
}
|
|
[ -f /usr/lib/uhttpd_ubus.so ] && {
|
|
append_arg "$cfg" ubus_prefix "-u"
|
|
append_arg "$cfg" ubus_socket "-U"
|
|
append_bool "$cfg" ubus_cors "-X" 0
|
|
}
|
|
append_arg "$cfg" script_timeout "-t"
|
|
append_arg "$cfg" network_timeout "-T"
|
|
append_arg "$cfg" http_keepalive "-k"
|
|
append_arg "$cfg" tcp_keepalive "-A"
|
|
append_arg "$cfg" error_page "-E"
|
|
append_arg "$cfg" max_requests "-n" 3
|
|
append_arg "$cfg" max_connections "-N"
|
|
|
|
append_bool "$cfg" no_ubusauth "-a" 0
|
|
append_bool "$cfg" no_symlinks "-S" 0
|
|
append_bool "$cfg" no_dirlists "-D" 0
|
|
append_bool "$cfg" rfc1918_filter "-R" 0
|
|
|
|
config_get alias_list "$cfg" alias
|
|
for alias in $alias_list; do
|
|
procd_append_param command -y "$alias"
|
|
done
|
|
|
|
config_get http "$cfg" listen_http
|
|
for listen in $http; do
|
|
procd_append_param command -p "$listen"
|
|
done
|
|
|
|
config_get interpreter "$cfg" interpreter
|
|
for path in $interpreter; do
|
|
procd_append_param command -i "$path"
|
|
done
|
|
|
|
config_get indexes "$cfg" index_page
|
|
for path in $indexes; do
|
|
procd_append_param command -I "$path"
|
|
done
|
|
|
|
config_get https "$cfg" listen_https
|
|
config_get UHTTPD_KEY "$cfg" key /etc/uhttpd.key
|
|
config_get UHTTPD_CERT "$cfg" cert /etc/uhttpd.crt
|
|
|
|
[ -f /lib/libustream-ssl.so ] && [ -n "$https" ] && {
|
|
[ -s "$UHTTPD_CERT" -a -s "$UHTTPD_KEY" ] || {
|
|
config_foreach generate_keys cert
|
|
}
|
|
|
|
[ -f "$UHTTPD_CERT" -a -f "$UHTTPD_KEY" ] && {
|
|
append_arg "$cfg" cert "-C"
|
|
append_arg "$cfg" key "-K"
|
|
|
|
for listen in $https; do
|
|
procd_append_param command -s "$listen"
|
|
done
|
|
}
|
|
|
|
append_bool "$cfg" redirect_https "-q" 0
|
|
}
|
|
|
|
for file in /etc/uhttpd/*.json; do
|
|
[ -s "$file" ] && procd_append_param command -H "$file"
|
|
done
|
|
|
|
procd_close_instance
|
|
}
|
|
|
|
service_triggers()
|
|
{
|
|
procd_add_reload_trigger "uhttpd"
|
|
}
|
|
|
|
start_service() {
|
|
config_load uhttpd
|
|
config_foreach start_instance uhttpd
|
|
}
|