Hauke Mehrtens 6aad5ab099 px5g-wolfssl: Fix permission of private key
Store the private key with read and write permission for the user only
and not with read permissions for everyone. This converts the
write_file() function from fopen() to open() because open allows to
specify the permission mask of the newly created file. It also adds and
fixes some existing error handling.

OpenSSL does this in the same way already.

With this change it looks like this:
root@OpenWrt:/# ls -al /etc/uhttpd.*
-rw-r--r--    1 root     root           749 Nov  6 23:14 /etc/uhttpd.crt
-rw-------    1 root     root           121 Nov  6 23:14 /etc/uhttpd.key

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-11-07 21:55:55 +01:00

51 lines
1.1 KiB
Makefile

# Copyright (C) 2020 Paul Spooren <mail@aparcar.org>
#
# SPDX-License-Identifier: GPL-2.0-or-later
include $(TOPDIR)/rules.mk
PKG_NAME:=px5g-wolfssl
PKG_RELEASE:=9
PKG_LICENSE:=GPL-2.0-or-later
PKG_BUILD_FLAGS:=no-mips16
PKG_MAINTAINER:=Paul Spooren <mail@aparcar.org>
PKG_CONFIG_DEPENDS:=CONFIG_WOLFSSL_ALT_NAMES
include $(INCLUDE_DIR)/package.mk
define Package/px5g-wolfssl
SECTION:=utils
CATEGORY:=Utilities
SUBMENU:=Encryption
TITLE:=X.509 certificate generator (using WolfSSL)
DEPENDS:=+libwolfssl
PROVIDES:=px5g
VARIANT:=wolfssl
endef
define Package/px5g-wolfssl/description
Px5g is a tiny X.509 certificate generator.
It suitable to create key files and certificates in DER
and PEM format for use with stunnel, uhttpd and others.
endef
TARGET_LDFLAGS += -lwolfssl
TARGET_CFLAGS += -Wl,--gc-sections
define Build/Compile
$(TARGET_CC) $(TARGET_CPPFLAGS) $(TARGET_CFLAGS) \
-o $(PKG_BUILD_DIR)/px5g px5g-wolfssl.c $(TARGET_LDFLAGS)
endef
define Package/px5g-wolfssl/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/px5g $(1)/usr/sbin/px5g
endef
$(eval $(call BuildPackage,px5g-wolfssl))