929c9a58c9
Store the private key with read and write permission for the user only and not with read permissions for everyone. This converts the write_file() function from fopen() to open() because open allows to specify the permission mask of the newly created file. It also adds and fixes some existing error handling. OpenSSL does this in the same way already. With this change it looks like this: root@OpenWrt:/# ls -al /etc/uhttpd.crt /etc/uhttpd.key -rw-r--r-- 1 root root 519 Nov 6 22:58 /etc/uhttpd.crt -rw------- 1 root root 121 Nov 6 22:58 /etc/uhttpd.key Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
70 lines
1.7 KiB
Makefile
70 lines
1.7 KiB
Makefile
#
|
|
# Copyright (C) 2010-2015 Jo-Philipp Wich <jo@mein.io>
|
|
#
|
|
# This is free software, licensed under the GNU General Public License v2.
|
|
# See /LICENSE for more information.
|
|
#
|
|
|
|
include $(TOPDIR)/rules.mk
|
|
|
|
PKG_NAME:=px5g-mbedtls
|
|
PKG_RELEASE:=10
|
|
PKG_LICENSE:=LGPL-2.1
|
|
|
|
PKG_BUILD_FLAGS:=no-mips16
|
|
|
|
PKG_MAINTAINER:=Jo-Philipp Wich <jo@mein.io>
|
|
|
|
include $(INCLUDE_DIR)/package.mk
|
|
|
|
define Package/px5g-mbedtls
|
|
SECTION:=utils
|
|
CATEGORY:=Utilities
|
|
SUBMENU:=Encryption
|
|
TITLE:=X.509 certificate generator (using mbedtls)
|
|
DEPENDS:=+libmbedtls
|
|
PROVIDES:=px5g
|
|
VARIANT:=mbedtls
|
|
endef
|
|
|
|
define Package/px5g-mbedtls/description
|
|
Px5g is a tiny standalone X.509 certificate generator.
|
|
It suitable to create key files and certificates in DER
|
|
and PEM format for use with stunnel, uhttpd and others.
|
|
endef
|
|
|
|
define Package/px5g-standalone
|
|
SECTION:=utils
|
|
CATEGORY:=Utilities
|
|
SUBMENU:=Encryption
|
|
TITLE:=X.509 certificate generator (standalone)
|
|
VARIANT:=standalone
|
|
endef
|
|
Package/px5g-standalone/description = $(Package/px5g-mbedtls/description)
|
|
|
|
define Build/Prepare
|
|
mkdir -p $(PKG_BUILD_DIR)
|
|
endef
|
|
|
|
TARGET_LDFLAGS += -lmbedtls -lmbedx509 -lmbedcrypto
|
|
|
|
ifeq ($(BUILD_VARIANT),standalone)
|
|
TARGET_LDFLAGS := -Wl,-Bstatic $(TARGET_LDFLAGS) -Wl,-Bdynamic
|
|
endif
|
|
|
|
TARGET_CFLAGS += -Wl,--gc-sections -Wall -Werror
|
|
|
|
define Build/Compile
|
|
$(TARGET_CC) $(TARGET_CPPFLAGS) $(TARGET_CFLAGS) -o $(PKG_BUILD_DIR)/px5g px5g-mbedtls.c $(TARGET_LDFLAGS)
|
|
endef
|
|
|
|
define Package/px5g-mbedtls/install
|
|
$(INSTALL_DIR) $(1)/usr/sbin
|
|
$(INSTALL_BIN) $(PKG_BUILD_DIR)/px5g $(1)/usr/sbin/px5g
|
|
endef
|
|
|
|
Package/px5g-standalone/install = $(Package/px5g-mbedtls/install)
|
|
|
|
$(eval $(call BuildPackage,px5g-mbedtls))
|
|
$(eval $(call BuildPackage,px5g-standalone))
|