netopeer2: change default ssh key handling

Signed-off-by: Mislav Novakovic <mislav.novakovic@sartura.hr>

diff --git a/net/netopeer2/Config_keystored.in b/net/netopeer2/Config_keystored.in
new file mode 100644 (file)
index 0000000..7325250
--- /dev/null
+++ b/net/netopeer2/Config_keystored.in
@@ -0,0 +1,7 @@
+if PACKAGE_netopeer2-keystored
+
+config SSH_KEYS
+       bool "Generate default ssh keys"
+       default y
+
+endif

diff --git a/net/netopeer2/Config_server.in b/net/netopeer2/Config_server.in
new file mode 100644 (file)
index 0000000..112da76
--- /dev/null
+++ b/net/netopeer2/Config_server.in
@@ -0,0 +1,7 @@
+if PACKAGE_netopeer2-server
+
+config SSH_SERVER
+       bool "Install the default ssh server (openssh-server)"
+       default y
+
+endif

diff --git a/net/netopeer2/Makefile b/net/netopeer2/Makefile
index c0a1cdcbed8847cbdc6be866a214797ea64ece29..9f24e123e6e346cafb2e062d617345e53908d62e 100644 (file)
--- a/net/netopeer2/Makefile
+++ b/net/netopeer2/Makefile
@@ -34,12 +34,21 @@ CMAKE_INSTALL:=1
 include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/cmake.mk
 
+define Package/netopeer2-server/config
+  source "$(SOURCE)/Config_server.in"
+endef
+
+define Package/netopeer2-keystored/config
+  source "$(SOURCE)/Config_keystored.in"
+endef
+
 define Package/netopeer2-server
   SECTION:=util
   CATEGORY:=Utilities
   TITLE:=NETCONF server
   URL:=$(PKG_SOURCE_URL)
-  DEPENDS:=+libpthread +libyang +libnetconf2 +netopeer2-keystored +libsysrepo +sysrepocfg +sysrepoctl +sysrepod
+  DEPENDS:=+libpthread +libyang +libnetconf2 +netopeer2-keystored +libsysrepo +sysrepocfg +sysrepoctl +sysrepod +SSH_SERVER:openssh-server
+  MENU:=1
 endef
 
 define Package/netopeer2-cli
@@ -55,7 +64,8 @@ define Package/netopeer2-keystored
   CATEGORY:=Utilities
   TITLE:=Netopeer2 key store management
   URL:=$(PKG_SOURCE_URL)
-  DEPENDS:=+libopenssl +libsysrepo +sysrepo-plugind +sysrepocfg +sysrepoctl
+  DEPENDS:=+libopenssl +libsysrepo +sysrepo-plugind +sysrepocfg +sysrepoctl +SSH_KEYS:openssh-keygen
+  MENU:=1
 endef
 
 define Package/netopeer2/description
@@ -128,15 +138,19 @@ define Package/netopeer2-keystored/install
        $(INSTALL_DATA) $(PKG_BUILD_ROOT)/modules/ietf-keystore.yang $(1)/etc/sysrepo/yang
 
        $(INSTALL_DIR) $(1)/etc/uci-defaults
+
+       $(INSTALL_DIR) $(1)/etc/keystored/keys
+ifeq ($(CONFIG_SSH_KEYS),y)
+       $(INSTALL_BIN) ./files/netopeer2-keystored-keygen.default $(1)/etc/uci-defaults/97_netopeer2-keystored
+else
        $(INSTALL_BIN) ./files/netopeer2-keystored.default $(1)/etc/uci-defaults/97_netopeer2-keystored
+       #ssh key name is specified in ./files/stock_config.xml file, you will need to provide the ssh keys yourself.
+       $(INSTALL_DATA) ./files/ssh_host_rsa_key.pem $(1)/etc/keystored/keys
+       $(INSTALL_DATA) ./files/ssh_host_rsa_key.pub.pem $(1)/etc/keystored/keys
+endif
 
        $(INSTALL_DIR) $(1)/usr/share/netopeer2-keystored
        $(INSTALL_DATA) $(PKG_BUILD_ROOT)/keystored/stock_key_config.xml $(1)/usr/share/netopeer2-keystored
-
-       $(INSTALL_DIR) $(1)/etc/keystored/keys
-       #$(INSTALL_DATA) ./files/ssh_host_rsa_key.pem $(1)/etc/keystored/keys
-       #$(INSTALL_DATA) ./files/ssh_host_rsa_key.pub.pem $(1)/etc/keystored/keys
-       #ssh key name is specified in stock_key_config.xml file, you will need to provide the ssh keys yourself.
 endef
 
 $(eval $(call BuildPackage,netopeer2-server))

diff --git a/net/netopeer2/files/netopeer2-keystored-keygen.default b/net/netopeer2/files/netopeer2-keystored-keygen.default
new file mode 100644 (file)
index 0000000..6c9c105
--- /dev/null
+++ b/net/netopeer2/files/netopeer2-keystored-keygen.default
@@ -0,0 +1,22 @@
+#!/bin/sh
+
+# Warning, problems can occur if the device restarts in the middle of this uci-default script
+
+if [ -x /bin/sysrepoctl ]; then
+       match=$(sysrepoctl -l | grep "ietf-keystore\ ")
+       if [ ! "$match" ]; then
+               sysrepoctl --install --yang=/etc/sysrepo/yang/ietf-keystore.yang -o root:root -p 600
+               if [ -x /bin/sysrepocfg ]; then
+                       sysrepocfg -d startup -i /usr/share/netopeer2-keystored/stock_key_config.xml ietf-keystore
+                       rm /usr/share/netopeer2-keystored/stock_key_config.xml
+               fi
+
+               #generate ssh keys
+               ssh-keygen -t rsa -f /tmp/ssh_host_rsa_key -N ""
+               openssl rsa -in /tmp/ssh_host_rsa_key -outform pem > /etc/keystored/keys/ssh_host_rsa_key.pem
+               openssl rsa -pubout -in /etc/keystored/keys/ssh_host_rsa_key.pem -out /etc/keystored/keys/ssh_host_rsa_key.pub.pem
+               rm /tmp/ssh_host_rsa_key
+       fi
+fi
+
+exit 0