From 4d4f8f4d79577d0962e0b76db98d67865b69e6a0 Mon Sep 17 00:00:00 2001
From: Steven Barth <steven@midlink.org>
Date: Sat, 6 Jun 2009 20:34:33 +0000
Subject: [PATCH] nixio: Fix axTLS configuration, prepare px5g integration

---
 libs/nixio/axTLS/config/.config                    |  10 ++++----
 libs/nixio/axTLS/config/config.h                   |  10 ++++----
 libs/nixio/axtls-config/.config                    |   6 ++---
 libs/nixio/axtls-config/config.h                   |   6 ++---
 libs/nixio/axtls-root/etc/axtls.key                |  15 ------------
 libs/nixio/axtls-root/etc/nixio/rsa_main.der       | Bin 0 -> 609 bytes
 libs/nixio/axtls-root/etc/uci-defaults/nixio       |   2 --
 .../nixio/axtls-root/usr/sbin/nixio-axtls-checkkey |  26 ---------------------
 libs/nixio/ipkg/postinst                           |   6 -----
 9 files changed, 16 insertions(+), 65 deletions(-)
 delete mode 100644 libs/nixio/axtls-root/etc/axtls.key
 create mode 100644 libs/nixio/axtls-root/etc/nixio/rsa_main.der
 delete mode 100755 libs/nixio/axtls-root/etc/uci-defaults/nixio
 delete mode 100755 libs/nixio/axtls-root/usr/sbin/nixio-axtls-checkkey
 delete mode 100755 libs/nixio/ipkg/postinst

diff --git a/libs/nixio/axTLS/config/.config b/libs/nixio/axTLS/config/.config
index ccb745dfc..46cd061b4 100644
--- a/libs/nixio/axTLS/config/.config
+++ b/libs/nixio/axTLS/config/.config
@@ -30,16 +30,16 @@ CONFIG_SSL_FULL_MODE=y
 # CONFIG_SSL_PROT_LOW is not set
 CONFIG_SSL_PROT_MEDIUM=y
 # CONFIG_SSL_PROT_HIGH is not set
-CONFIG_SSL_USE_DEFAULT_KEY=y
-CONFIG_SSL_PRIVATE_KEY_LOCATION=""
+# CONFIG_SSL_USE_DEFAULT_KEY is not set
+CONFIG_SSL_PRIVATE_KEY_LOCATION="/etc/nixio/rsa_main.der"
 CONFIG_SSL_PRIVATE_KEY_PASSWORD=""
 CONFIG_SSL_X509_CERT_LOCATION=""
-CONFIG_SSL_GENERATE_X509_CERT=y
+# CONFIG_SSL_GENERATE_X509_CERT is not set
 CONFIG_SSL_X509_COMMON_NAME=""
 CONFIG_SSL_X509_ORGANIZATION_NAME=""
 CONFIG_SSL_X509_ORGANIZATION_UNIT_NAME=""
-CONFIG_SSL_ENABLE_V23_HANDSHAKE=y
-CONFIG_SSL_HAS_PEM=y
+# CONFIG_SSL_ENABLE_V23_HANDSHAKE is not set
+# CONFIG_SSL_HAS_PEM is not set
 # CONFIG_SSL_USE_PKCS12 is not set
 CONFIG_SSL_EXPIRY_TIME=24
 CONFIG_X509_MAX_CA_CERTS=4
diff --git a/libs/nixio/axTLS/config/config.h b/libs/nixio/axTLS/config/config.h
index 61303c485..0f861f34b 100644
--- a/libs/nixio/axTLS/config/config.h
+++ b/libs/nixio/axTLS/config/config.h
@@ -31,16 +31,16 @@
 #undef CONFIG_SSL_PROT_LOW
 #define CONFIG_SSL_PROT_MEDIUM 1
 #undef CONFIG_SSL_PROT_HIGH
-#define CONFIG_SSL_USE_DEFAULT_KEY 1
-#define CONFIG_SSL_PRIVATE_KEY_LOCATION ""
+#undef CONFIG_SSL_USE_DEFAULT_KEY
+#define CONFIG_SSL_PRIVATE_KEY_LOCATION "/etc/nixio/rsa_main.der"
 #define CONFIG_SSL_PRIVATE_KEY_PASSWORD ""
 #define CONFIG_SSL_X509_CERT_LOCATION ""
-#define CONFIG_SSL_GENERATE_X509_CERT 1
+#undef CONFIG_SSL_GENERATE_X509_CERT
 #define CONFIG_SSL_X509_COMMON_NAME ""
 #define CONFIG_SSL_X509_ORGANIZATION_NAME ""
 #define CONFIG_SSL_X509_ORGANIZATION_UNIT_NAME ""
-#define CONFIG_SSL_ENABLE_V23_HANDSHAKE 1
-#define CONFIG_SSL_HAS_PEM 1
+#undef CONFIG_SSL_ENABLE_V23_HANDSHAKE
+#undef CONFIG_SSL_HAS_PEM
 #undef CONFIG_SSL_USE_PKCS12
 #define CONFIG_SSL_EXPIRY_TIME 24
 #define CONFIG_X509_MAX_CA_CERTS 4
diff --git a/libs/nixio/axtls-config/.config b/libs/nixio/axtls-config/.config
index c0af7c78a..46cd061b4 100644
--- a/libs/nixio/axtls-config/.config
+++ b/libs/nixio/axtls-config/.config
@@ -31,15 +31,15 @@ CONFIG_SSL_FULL_MODE=y
 CONFIG_SSL_PROT_MEDIUM=y
 # CONFIG_SSL_PROT_HIGH is not set
 # CONFIG_SSL_USE_DEFAULT_KEY is not set
-CONFIG_SSL_PRIVATE_KEY_LOCATION="/etc/axtls.key"
+CONFIG_SSL_PRIVATE_KEY_LOCATION="/etc/nixio/rsa_main.der"
 CONFIG_SSL_PRIVATE_KEY_PASSWORD=""
 CONFIG_SSL_X509_CERT_LOCATION=""
-CONFIG_SSL_GENERATE_X509_CERT=y
+# CONFIG_SSL_GENERATE_X509_CERT is not set
 CONFIG_SSL_X509_COMMON_NAME=""
 CONFIG_SSL_X509_ORGANIZATION_NAME=""
 CONFIG_SSL_X509_ORGANIZATION_UNIT_NAME=""
 # CONFIG_SSL_ENABLE_V23_HANDSHAKE is not set
-CONFIG_SSL_HAS_PEM=y
+# CONFIG_SSL_HAS_PEM is not set
 # CONFIG_SSL_USE_PKCS12 is not set
 CONFIG_SSL_EXPIRY_TIME=24
 CONFIG_X509_MAX_CA_CERTS=4
diff --git a/libs/nixio/axtls-config/config.h b/libs/nixio/axtls-config/config.h
index 1ced87dd5..0f861f34b 100644
--- a/libs/nixio/axtls-config/config.h
+++ b/libs/nixio/axtls-config/config.h
@@ -32,15 +32,15 @@
 #define CONFIG_SSL_PROT_MEDIUM 1
 #undef CONFIG_SSL_PROT_HIGH
 #undef CONFIG_SSL_USE_DEFAULT_KEY
-#define CONFIG_SSL_PRIVATE_KEY_LOCATION "/etc/axtls.key"
+#define CONFIG_SSL_PRIVATE_KEY_LOCATION "/etc/nixio/rsa_main.der"
 #define CONFIG_SSL_PRIVATE_KEY_PASSWORD ""
 #define CONFIG_SSL_X509_CERT_LOCATION ""
-#define CONFIG_SSL_GENERATE_X509_CERT 1
+#undef CONFIG_SSL_GENERATE_X509_CERT
 #define CONFIG_SSL_X509_COMMON_NAME ""
 #define CONFIG_SSL_X509_ORGANIZATION_NAME ""
 #define CONFIG_SSL_X509_ORGANIZATION_UNIT_NAME ""
 #undef CONFIG_SSL_ENABLE_V23_HANDSHAKE
-#define CONFIG_SSL_HAS_PEM 1
+#undef CONFIG_SSL_HAS_PEM
 #undef CONFIG_SSL_USE_PKCS12
 #define CONFIG_SSL_EXPIRY_TIME 24
 #define CONFIG_X509_MAX_CA_CERTS 4
diff --git a/libs/nixio/axtls-root/etc/axtls.key b/libs/nixio/axtls-root/etc/axtls.key
deleted file mode 100644
index 9bef6c043..000000000
--- a/libs/nixio/axtls-root/etc/axtls.key
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQDEQfiRQgRD6BzI3iBa/ugdUmiqU8TvIMgzd7PT7bEnTk3stVEM
-lSKkKpQlyf7F25DL2VnIEG7y592466XyZL3rwPT5/urvae3n6cmO7egOxdLO02Wz
-74fMka2BHsFbTXzI8FHakatabnMlsB05+5NpsbfwWj0BDbrq8ZQ6kX0s8wIDAQAB
-AoGAd8T259bM+ZAeeOst/bpQdwyCuWeT6IcuBlLH2M7W7PDZl1pz0uT0lhEyBfnG
-1IKRVAYZx4FX5D9iTWbqCAo46COwDrqQHoxXwQ89O2FgXrHoi1ZGjrQyPLJLvz3w
-HLzP4WjnOkr4Fy6v1UwCJetj/cdWByrAjWhYkDR6taxTxJECQQDxPqPCR80IOiMk
-Dh0pmYgmfACYa/FNi5LwWVRs09KKe51PNWck8aZa0qhxX+dOR7ptw3SIaQQ5pow1
-7zZ/lhjLAkEA0ELvJePIG7N9pzR12mDYMUNTjcVJYkw0LF04zQu49C8yeSJRtDuR
-e1UjnZ2iEAdPaU+ywLHm/vcR75gSj6S/eQJBANJBA7xpk5qeAM6FtojxFKZl4Kb3
-POGWycPMNzZ6Dr8/KUVFh9W8/n2dp8zYBuJExYiwlrnkvRf5va2sBNWB3a0CQANt
-xrAyAt5p4xy4oWQaChUtjZec8utaY9WDJ2dA1Se4CzWxWfUEsg18xlxW9w8af7U1
-KbVAeJQkDziJoWyaAskCQQCxnGi/AepzNrozpJdlrAgwWjGOlSo16QBLpfrrqBc5
-iI50AWsTtqThcS6gRgE6/jo/Iat0kKhRLAcALVAOmJfd
------END RSA PRIVATE KEY-----
diff --git a/libs/nixio/axtls-root/etc/nixio/rsa_main.der b/libs/nixio/axtls-root/etc/nixio/rsa_main.der
new file mode 100644
index 0000000000000000000000000000000000000000..e17fdc0a0c70ea2783896858d75539f404048eb5
GIT binary patch
literal 609
zcmV-n0-pUaf&yIv0RRGlfdJOj{f-NB6s=ZkK6xsdxjSkca%)`@KJMk(U>WOiS|#Eb
zoAWdEN;`Dk9cL|zgXLJx;E>AL(m2eAPKsA&nS6t2IO9Qqj~%MAO&FPJU<Ys3FK9gt
zJp%~}T0=FY+E8D;<Wwq&l&t2rzqc$tn~ktI8CR^6?7dyXQ8(LWAQ=J!0RRC4fq)Y_
znLl5W`()60Wb7Y)9okKkB0{a-_BI#j#q~?~r(^)C$2zNt=M4{5+BW0@y4i|rY5Gge
zz;j6pOJZV_X-;dk1a%Ziq#H`F)jvB5^Lt+Q{sFPigwQre*fN(r@TkA#dYd;*7*yXD
z47DQ*hQg53<$lO?c54tiV;`)vFaZKV0Q@Jcup_@+PU=CYs`p+IaDy$hrP^sZP^s|w
z<Pt+ZR5f#|`>ne3v)6C7X8x$f3Ls#j((1AIKfm6r=>2r<0Rlk)+8ds;3PW2BHX@!+
z+hK(B+-P4V<v;cpsI3XEQ~7*Fbyv}H@GfN5EDK^vDwen+vNieHY<EKLTa^)h_nZ3}
z0zm+Qp>yf!w#%h*Q09HYMjiPTw>^`#K{_${>*UNAhjLe-QzEC>oUjDg(3zP*dP*_&
zi#Mt6_9p@(1-mBPhHL=>Km>PKQkFe7+8AfC5;cv}sUoyUZh$#O63X*%B~P~IB8~c#
zVPqw*4(qG<0Z7UDPfU{PVAo~A%Nw}+xVzm)(E>pL>Dj&<G6v#6Sj|vdNkx&6fQR7@
vxOgs2N%a4^3Tut0$H0_&bN(y>i5m%8UI~~REC*EW9J5XLU*A84D;RtmF~=XW

literal 0
HcmV?d00001

diff --git a/libs/nixio/axtls-root/etc/uci-defaults/nixio b/libs/nixio/axtls-root/etc/uci-defaults/nixio
deleted file mode 100755
index 4f342628a..000000000
--- a/libs/nixio/axtls-root/etc/uci-defaults/nixio
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-nixio-axtls-checkkey
diff --git a/libs/nixio/axtls-root/usr/sbin/nixio-axtls-checkkey b/libs/nixio/axtls-root/usr/sbin/nixio-axtls-checkkey
deleted file mode 100755
index 981c66744..000000000
--- a/libs/nixio/axtls-root/usr/sbin/nixio-axtls-checkkey
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/usr/bin/lua
-os.exit(0)	--ToDo
-
-local nixio = require "nixio"
-local fs = require "nixio.fs"
-local posix
-local defkey = nixio.meta_tls_context.tls_defaultkey
-local okey = "646e6b90d1ad02719cb1b221b7ce447a"
-
-if not defkey or (io.open(defkey) and
-(nixio.crypto.hash("md5"):update(fs.readfile(defkey)):final()) ~= okey) then
-	os.exit(0)
-end
-
-if os.execute("which openssl >/dev/null") == 0 then
-	io.stderr:write("Warning: OpenSSL detected "..
-	"but it looks like nixio was linked against axtls\n")
-	os.execute("umask 0077;openssl genrsa -out '" .. defkey .. "' 2048")
-elseif os.execute("which dropbearkey >/dev/null && which dropbearconvert >/dev/null") == 0 then
-	os.execute("dropbearkey -t rsa -s 2048 -f /tmp/dbkey.rsa")
-	os.execute("umask 0077;dropbearconvert dropbear openssh /tmp/dbkey.rsa '"..defkey.."'")
-	os.remove("/tmp/dbkey.rsa")
-else
-	io.stderr:write("No key generators available! Giving up.")
-	os.exit(1)
-end
diff --git a/libs/nixio/ipkg/postinst b/libs/nixio/ipkg/postinst
deleted file mode 100755
index edc8741da..000000000
--- a/libs/nixio/ipkg/postinst
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/sh
-[ -z "${IPKG_INSTROOT}" -a -f "/etc/uci-defaults/nixio" ] && {
-	( . /etc/uci-defaults/nixio ) && rm -f /etc/uci-defaults/nixio
-	exit
-}
-exit 0
-- 
2.11.0