Mercurial > hg > freeDiameter
comparison contrib/OpenWRT/packages/freeDiameter/Makefile @ 504:170bf61f79d9
Improve postinstall script
author | Sebastien Decugis <sdecugis@nict.go.jp> |
---|---|
date | Thu, 19 Aug 2010 15:47:51 +0900 |
parents | 2999c874e38f |
children | c3f1ba2c12d3 |
comparison
equal
deleted
inserted
replaced
503:2999c874e38f | 504:170bf61f79d9 |
---|---|
97 echo "TLS_DH_Bits = 768;" >> $(1)/etc/freeDiameter/freeDiameter.conf | 97 echo "TLS_DH_Bits = 768;" >> $(1)/etc/freeDiameter/freeDiameter.conf |
98 echo "LoadExtension = \"dict_nasreq.fdx\";" >> $(1)/etc/freeDiameter/freeDiameter.conf | 98 echo "LoadExtension = \"dict_nasreq.fdx\";" >> $(1)/etc/freeDiameter/freeDiameter.conf |
99 echo "LoadExtension = \"dict_eap.fdx\";" >> $(1)/etc/freeDiameter/freeDiameter.conf | 99 echo "LoadExtension = \"dict_eap.fdx\";" >> $(1)/etc/freeDiameter/freeDiameter.conf |
100 echo "LoadExtension = \"app_radgw.fdx\":\"rgw.conf\";" \ | 100 echo "LoadExtension = \"app_radgw.fdx\":\"rgw.conf\";" \ |
101 >> $(1)/etc/freeDiameter/freeDiameter.conf | 101 >> $(1)/etc/freeDiameter/freeDiameter.conf |
102 echo "Identity = \"localhost.localdomain\";" >> $(1)/etc/freeDiameter/freeDiameter.conf | 102 echo "## Add overrides bellow this point" >> $(1)/etc/freeDiameter/freeDiameter.conf |
103 | 103 |
104 | 104 |
105 $(INSTALL_CONF) \ | 105 $(INSTALL_CONF) \ |
106 $(PKG_BUILD_DIR)/doc/app_radgw.conf.sample \ | 106 $(PKG_BUILD_DIR)/doc/app_radgw.conf.sample \ |
107 $(1)/etc/freeDiameter/rgw.conf | 107 $(1)/etc/freeDiameter/rgw.conf |
118 echo " acct_server_ip6 = ::1 ;" >> $(1)/etc/freeDiameter/rgw.conf | 118 echo " acct_server_ip6 = ::1 ;" >> $(1)/etc/freeDiameter/rgw.conf |
119 endef | 119 endef |
120 | 120 |
121 define Package/freeDiameter/postinst | 121 define Package/freeDiameter/postinst |
122 #!/bin/sh | 122 #!/bin/sh |
123 | |
124 # Test if the configuration file contains the local identity already | |
125 localid = `sed -n -r -e "s/^[[:space:]]*Identity[[:space:]]*=[[:space:]]*\"([^\"]*)\"[[:space:]]*;/\1/p" /etc/freeDiameter/freeDiameter.conf` | |
126 if [ -z "$localid" ]; then | |
127 # Ask for the local name | |
128 echo -n "Full name of your access point? (openwrt.localdomain) : " | |
129 read localid | |
130 if [ -z "$localid" ]; then | |
131 localid="openwrt.localdomain" | |
132 fi | |
133 echo "Identity = \"$localid\";" >> /etc/freeDiameter/freeDiameter.conf | |
134 fi | |
135 | |
136 # Is there already a ConnectPeer directive? | |
137 grep -q -E -e "^[[:space:]]*ConnectPeer[[:space:]]*=" /etc/freeDiameter/freeDiameter.conf | |
138 if [ "$?" -eq "1"; then | |
139 echo -n "Diameter Identity of your Diameter server: " | |
140 read serverid | |
141 if [ -z "$serverid" ]; then | |
142 echo "Skipped. Please add ConnectPeer directive to your /etc/freeDiameter/freeDiameter.conf file later." | |
143 else | |
144 echo -n "IP or IPv6 address of your Diameter server? (leave blank for dynamic resolution) " | |
145 read serverip | |
146 connstr="" | |
147 if [ -n "$serverip"] then | |
148 connstr=" { ConnectTo = \"$serverip\"; }" | |
149 fi | |
150 echo "ConnectPeer = \"$serverid\"$connstr;" >> /etc/freeDiameter/freeDiameter.conf | |
151 fi | |
152 fi | |
153 | |
154 # Certificate configuration | |
123 if [ ! -f "/usr/bin/certtool" ]; then | 155 if [ ! -f "/usr/bin/certtool" ]; then |
124 echo "certtool is not installed, skipping creation of default certificate." | 156 echo "certtool is not installed, skipping creation of default certificate." |
125 exit 0 | 157 exit 0 |
126 fi | 158 fi |
127 if [ ! -f "/etc/freeDiameter/freeDiameter.pem" ]; then | 159 if [ ! -f "/etc/freeDiameter/freeDiameter.pem" ]; then |
128 if [ ! -f "/etc/freeDiameter/freeDiameter.key" ]; then | 160 if [ ! -f "/etc/freeDiameter/freeDiameter.key" ]; then |
129 echo "Creating a new private key for freeDiameter TLS layer, please wait" | 161 echo "Creating a new private key for freeDiameter TLS layer, please wait" |
130 certtool -p --outfile /etc/freeDiameter/freeDiameter.key | 162 certtool -p --outfile /etc/freeDiameter/freeDiameter.key |
131 fi | 163 fi |
132 echo "Creating a new certificate for freeDiameter TLS layer, please enter the appropriate values for your access point" | 164 echo "Creating a new certificate for freeDiameter TLS layer" |
133 certtool -s --load-privkey /etc/freeDiameter/freeDiameter.key --outfile /etc/freeDiameter/freeDiameter.pem | 165 echo "organization = freeDiameter" > /tmp/template.cnf |
166 echo "unit = OpenWRT" >>/tmp/template.cnf | |
167 echo "state = internet" >>/tmp/template.cnf | |
168 echo "country = net" >>/tmp/template.cnf | |
169 echo "cn = $localid" >>/tmp/template.cnf | |
170 echo "expiration_days = 3650 >>/tmp/template.cnf | |
171 echo "signing_key >>/tmp/template.cnf | |
172 echo "encryption_key >>/tmp/template.cnf | |
173 certtool -s --load-privkey /etc/freeDiameter/freeDiameter.key \ | |
174 --outfile /etc/freeDiameter/freeDiameter.pem \ | |
175 --template /tmp/template.cnf | |
176 rm -f /tmp/template.cnf | |
177 echo "Done." | |
178 echo "To enable TLS communication, you should either:" | |
179 echo " - use a real certificate signed by your server's CA" | |
180 echo " - or, copy the two peers certificates in a ca.pem file and " | |
181 echo " add this file in freeDiameter configuration." | |
134 fi | 182 fi |
135 endef | 183 endef |
136 | 184 |
137 $(eval $(call BuildPackage,freeDiameter)) | 185 $(eval $(call BuildPackage,freeDiameter)) |