projects / feed / routing.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 46f5251)
hnetd: update to latest
authorSteven Barth <steven@midlink.org>
Fri, 10 Apr 2015 16:57:25 +0000 (18:57 +0200)
committerSteven Barth <steven@midlink.org>
Fri, 10 Apr 2015 16:58:05 +0000 (18:58 +0200)
Signed-off-by: Steven Barth <steven@midlink.org>
hnetd/Makefile patch | blob | history
hnetd/files/hnet.config patch | blob | history
hnetd/files/hnetd.init patch | blob | history

diff --git a/hnetd/Makefile b/hnetd/Makefile
index 9f681bddb9b339a630e74697e1d39bbf05a14ede..a456ff191b401446f0bd1ed78171eee318bb92e2 100644 (file)
--- a/hnetd/Makefile
+++ b/hnetd/Makefile
@@ -7,12 +7,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=hnetd
-PKG_SOURCE_VERSION:=10b22c409f2ecadaaec45e068fd01c74ffe5c772
-PKG_VERSION:=2014-11-25-$(PKG_SOURCE_VERSION)
+PKG_SOURCE_VERSION:=faa2b7a42c33f23fac9e08f8e70a8c7ed59ce812
+PKG_VERSION:=2015-04-10-$(PKG_SOURCE_VERSION)
 PKG_RELEASE:=1
 
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=git://github.com/sbyx/hnetd.git
+PKG_SOURCE_URL:=https://github.com/sbyx/hnetd.git
 PKG_MAINTAINER:=Steven Barth <cyrus@openwrt.org>
 PKG_LICENSE:=GPL-2.0
 
@@ -28,21 +28,43 @@ CMAKE_OPTIONS += -DL_LEVEL=7
 # OpenWRT target
 CMAKE_OPTIONS += -DBACKEND=openwrt
 
-define Package/hnetd
+ifeq ($(BUILD_VARIANT),openssl)
+CMAKE_OPTIONS += -DDTLS_OPENSSL=1
+endif
+
+define Package/hnetd/Default
   SECTION:=net
   CATEGORY:=Network
-  TITLE:=HNCP Homenet daemon
+  TITLE:=HNCP Homenet daemon - $(2)
   URL:=https://github.com/sbyx/hnetd
-  DEPENDS:=+odhcpd +odhcp6c +netifd
+  DEPENDS:=+odhcpd +odhcp6c +netifd $(3)
   DEPENDS+=+@IPV6
+  VARIANT:=$1
 endef
 
+Package/hnetd-nossl=$(call Package/hnetd/Default,nossl,no authentication)
+Package/hnetd-openssl=$(call Package/hnetd/Default,openssl,authentication via OpenSSL,+libopenssl)
+
 define Package/hnet-full
   SECTION:=net
   CATEGORY:=Network
   TITLE:=HNCP Homenet metapackage
   URL:=https://github.com/sbyx/hnetd
-  DEPENDS:=+hnetd +luci-app-hnet
+  DEPENDS:=+hnetd-nossl +luci-app-hnet
+  # Routing
+  DEPENDS+=+babels
+  # Service discovery
+  DEPENDS+=+ohybridproxy
+  # Distributed PCP support
+  DEPENDS+=+miniupnpd +minimalist-pcproxy
+endef
+
+define Package/hnet-full-secure
+  SECTION:=net
+  CATEGORY:=Network
+  TITLE:=HNCP Homenet metapackage
+  URL:=https://github.com/sbyx/hnetd
+  DEPENDS:=+hnetd-openssl +luci-app-hnet
   # Routing
   DEPENDS+=+babels
   # Service discovery
@@ -56,22 +78,25 @@ define Package/luci-app-hnet
   CATEGORY:=LuCI
   SUBMENU:=3. Applications
   TITLE:=HNCP Homenet configuration and visualization
-  DEPENDS:=+hnetd
+#  DEPENDS:=+hnetd
+# TBD - how to express dependency on 'some' hnetd?
 endef
 
-define Package/hnetd/description
+define Package/hnetd-$(BUILD_VARIANT)/description
 This package provides a daemon which implementats distributed prefix assignment
 and service discovery for a home network consisting of multiple routers
 connected to multiple service providers. It provides a netifd protocol "hnet"
 for use in /etc/config/network.
 endef
 
-define Package/hnetd/install
+define Package/hnetd-$(BUILD_VARIANT)/install
        $(INSTALL_DIR) $(1)/usr/sbin/
        $(INSTALL_BIN) $(PKG_BUILD_DIR)/hnetd $(1)/usr/sbin/
        $(INSTALL_DIR) $(1)/lib/netifd/proto
        $(INSTALL_BIN) $(PKG_BUILD_DIR)/openwrt/hnet.sh $(1)/lib/netifd/proto
        ln -s hnetd $(1)/usr/sbin/hnet-ifresolve
+       ln -s hnetd $(1)/usr/sbin/hnet-trust
+       ln -s hnetd $(1)/usr/sbin/hnet-dump
        $(INSTALL_DIR) $(1)/etc/init.d
        $(INSTALL_BIN) ./files/hnetd.init $(1)/etc/init.d/hnetd
        $(INSTALL_DIR) $(1)/etc/config
@@ -87,6 +112,10 @@ define Package/hnet-full/install
        true
 endef
 
+define Package/hnet-full-secure/install
+       true
+endef
+
 define Package/luci-app-hnet/install
        $(INSTALL_DIR) $(1)/usr/lib/lua/luci
        $(INSTALL_DIR) $(1)/www
@@ -94,7 +123,7 @@ define Package/luci-app-hnet/install
        $(CP) -R $(PKG_BUILD_DIR)/openwrt/luci/htdocs/* $(1)/www/
 endef
 
-define Package/hnetd/postinst
+define Package/hnetd-$(BUILD_VARIANT)/postinst
 #!/bin/sh
 [ -n "$${IPKG_INSTROOT}" ] || {
        (. /etc/uci-defaults/x-hnetd.defaults) && rm -f /etc/uci-defaults/x-hnetd.defaults
@@ -104,6 +133,8 @@ define Package/hnetd/postinst
 }
 endef
 
-$(eval $(call BuildPackage,hnetd))
+$(eval $(call BuildPackage,hnetd-nossl))
+$(eval $(call BuildPackage,hnetd-openssl))
 $(eval $(call BuildPackage,hnet-full))
+$(eval $(call BuildPackage,hnet-full-secure))
 $(eval $(call BuildPackage,luci-app-hnet))
diff --git a/hnetd/files/hnet.config b/hnetd/files/hnet.config
index 462f0452b87f52948a67efc59ed767bbbb6c0da2..6ac396f769a99922e50e3a2c49369071004a671d 100644 (file)
--- a/hnetd/files/hnet.config
+++ b/hnetd/files/hnet.config
@@ -1,3 +1,14 @@
+config security security
+# Simplest security mode:
+#      option password foo
+# Trust consensus and CA-based share these options:
+#      option certificate_file /etc/hnetd-cert.pem
+#      option private_key_file /etc/hnetd-key.pem
+# Then to enable trust consensus:
+#      option trust_store /etc/hnetd-trust.dat
+# Or CA-based authentication:
+#      option trust_certificate_file /etc/ca-cert.pem
+
 config pa pa
 #      option ip4prefix 10.0.0.0/8
 #      option ulaprefix fd12:3456:789A::/48
diff --git a/hnetd/files/hnetd.init b/hnetd/files/hnetd.init
index 3c5505db1f636f10c8d1957f886c5448b4f3bf6a..6d7d0ec4e77c5e9634831a1154ebdec37b193ef2 100644 (file)
--- a/hnetd/files/hnetd.init
+++ b/hnetd/files/hnetd.init
@@ -51,6 +51,7 @@ start_service() {
     # Routing script
     procd_append_param command -r /usr/sbin/hnetd-routing
 
+    # Prefix assignment (pa)
     config_get val pa ip4prefix
     [ -n "$val" ] && procd_append_param command --ip4prefix $val
 
@@ -60,15 +61,36 @@ start_service() {
     config_get val pa ulamode
     [ -n "$val" ] && procd_append_param command --ulamode $val
 
+    # Service discovery (sd)
     config_get val sd router_name
     [ -n "$val" ] && procd_append_param command -n $val
 
     config_get val sd domain_name
     [ -n "$val" ] && procd_append_param command -m $val
 
+    # Security (needs security-enabled build)
+    config_get val security password
+    [ -n "$val" ] && procd_append_param command --password $val
+
+    config_get val security certificate_file
+    [ -n "$val" ] && procd_append_param command --certificate $val
+
+    config_get val security private_key_file
+    [ -n "$val" ] && procd_append_param command --privatekey $val
+
+    config_get val security trust_store
+    [ -n "$val" ] && procd_append_param command --trust $val
+
+    config_get val security trust_certificate_file
+    [ -n "$val" ] && procd_append_param command --verify-path $val
+
     # For more verbose logging, uncomment this:
     #procd_append_param command --loglevel 7
 
     procd_set_param respawn
     procd_close_instance
 }
+
+service_triggers() {
+    procd_add_reload_trigger "hnet"
+}
Mirror of routing feed