Mercurial > hg > freeDiameter
comparison contrib/OpenWRT/packages/freeDiameter/Makefile @ 504:170bf61f79d9
Improve postinstall script
| author | Sebastien Decugis <sdecugis@nict.go.jp> |
|---|---|
| date | Thu, 19 Aug 2010 15:47:51 +0900 |
| parents | 2999c874e38f |
| children | c3f1ba2c12d3 |
comparison
equal
deleted
inserted
replaced
| 503:2999c874e38f | 504:170bf61f79d9 |
|---|---|
| 97 echo "TLS_DH_Bits = 768;" >> $(1)/etc/freeDiameter/freeDiameter.conf | 97 echo "TLS_DH_Bits = 768;" >> $(1)/etc/freeDiameter/freeDiameter.conf |
| 98 echo "LoadExtension = \"dict_nasreq.fdx\";" >> $(1)/etc/freeDiameter/freeDiameter.conf | 98 echo "LoadExtension = \"dict_nasreq.fdx\";" >> $(1)/etc/freeDiameter/freeDiameter.conf |
| 99 echo "LoadExtension = \"dict_eap.fdx\";" >> $(1)/etc/freeDiameter/freeDiameter.conf | 99 echo "LoadExtension = \"dict_eap.fdx\";" >> $(1)/etc/freeDiameter/freeDiameter.conf |
| 100 echo "LoadExtension = \"app_radgw.fdx\":\"rgw.conf\";" \ | 100 echo "LoadExtension = \"app_radgw.fdx\":\"rgw.conf\";" \ |
| 101 >> $(1)/etc/freeDiameter/freeDiameter.conf | 101 >> $(1)/etc/freeDiameter/freeDiameter.conf |
| 102 echo "Identity = \"localhost.localdomain\";" >> $(1)/etc/freeDiameter/freeDiameter.conf | 102 echo "## Add overrides bellow this point" >> $(1)/etc/freeDiameter/freeDiameter.conf |
| 103 | 103 |
| 104 | 104 |
| 105 $(INSTALL_CONF) \ | 105 $(INSTALL_CONF) \ |
| 106 $(PKG_BUILD_DIR)/doc/app_radgw.conf.sample \ | 106 $(PKG_BUILD_DIR)/doc/app_radgw.conf.sample \ |
| 107 $(1)/etc/freeDiameter/rgw.conf | 107 $(1)/etc/freeDiameter/rgw.conf |
| 118 echo " acct_server_ip6 = ::1 ;" >> $(1)/etc/freeDiameter/rgw.conf | 118 echo " acct_server_ip6 = ::1 ;" >> $(1)/etc/freeDiameter/rgw.conf |
| 119 endef | 119 endef |
| 120 | 120 |
| 121 define Package/freeDiameter/postinst | 121 define Package/freeDiameter/postinst |
| 122 #!/bin/sh | 122 #!/bin/sh |
| 123 | |
| 124 # Test if the configuration file contains the local identity already | |
| 125 localid = `sed -n -r -e "s/^[[:space:]]*Identity[[:space:]]*=[[:space:]]*\"([^\"]*)\"[[:space:]]*;/\1/p" /etc/freeDiameter/freeDiameter.conf` | |
| 126 if [ -z "$localid" ]; then | |
| 127 # Ask for the local name | |
| 128 echo -n "Full name of your access point? (openwrt.localdomain) : " | |
| 129 read localid | |
| 130 if [ -z "$localid" ]; then | |
| 131 localid="openwrt.localdomain" | |
| 132 fi | |
| 133 echo "Identity = \"$localid\";" >> /etc/freeDiameter/freeDiameter.conf | |
| 134 fi | |
| 135 | |
| 136 # Is there already a ConnectPeer directive? | |
| 137 grep -q -E -e "^[[:space:]]*ConnectPeer[[:space:]]*=" /etc/freeDiameter/freeDiameter.conf | |
| 138 if [ "$?" -eq "1"; then | |
| 139 echo -n "Diameter Identity of your Diameter server: " | |
| 140 read serverid | |
| 141 if [ -z "$serverid" ]; then | |
| 142 echo "Skipped. Please add ConnectPeer directive to your /etc/freeDiameter/freeDiameter.conf file later." | |
| 143 else | |
| 144 echo -n "IP or IPv6 address of your Diameter server? (leave blank for dynamic resolution) " | |
| 145 read serverip | |
| 146 connstr="" | |
| 147 if [ -n "$serverip"] then | |
| 148 connstr=" { ConnectTo = \"$serverip\"; }" | |
| 149 fi | |
| 150 echo "ConnectPeer = \"$serverid\"$connstr;" >> /etc/freeDiameter/freeDiameter.conf | |
| 151 fi | |
| 152 fi | |
| 153 | |
| 154 # Certificate configuration | |
| 123 if [ ! -f "/usr/bin/certtool" ]; then | 155 if [ ! -f "/usr/bin/certtool" ]; then |
| 124 echo "certtool is not installed, skipping creation of default certificate." | 156 echo "certtool is not installed, skipping creation of default certificate." |
| 125 exit 0 | 157 exit 0 |
| 126 fi | 158 fi |
| 127 if [ ! -f "/etc/freeDiameter/freeDiameter.pem" ]; then | 159 if [ ! -f "/etc/freeDiameter/freeDiameter.pem" ]; then |
| 128 if [ ! -f "/etc/freeDiameter/freeDiameter.key" ]; then | 160 if [ ! -f "/etc/freeDiameter/freeDiameter.key" ]; then |
| 129 echo "Creating a new private key for freeDiameter TLS layer, please wait" | 161 echo "Creating a new private key for freeDiameter TLS layer, please wait" |
| 130 certtool -p --outfile /etc/freeDiameter/freeDiameter.key | 162 certtool -p --outfile /etc/freeDiameter/freeDiameter.key |
| 131 fi | 163 fi |
| 132 echo "Creating a new certificate for freeDiameter TLS layer, please enter the appropriate values for your access point" | 164 echo "Creating a new certificate for freeDiameter TLS layer" |
| 133 certtool -s --load-privkey /etc/freeDiameter/freeDiameter.key --outfile /etc/freeDiameter/freeDiameter.pem | 165 echo "organization = freeDiameter" > /tmp/template.cnf |
| 166 echo "unit = OpenWRT" >>/tmp/template.cnf | |
| 167 echo "state = internet" >>/tmp/template.cnf | |
| 168 echo "country = net" >>/tmp/template.cnf | |
| 169 echo "cn = $localid" >>/tmp/template.cnf | |
| 170 echo "expiration_days = 3650 >>/tmp/template.cnf | |
| 171 echo "signing_key >>/tmp/template.cnf | |
| 172 echo "encryption_key >>/tmp/template.cnf | |
| 173 certtool -s --load-privkey /etc/freeDiameter/freeDiameter.key \ | |
| 174 --outfile /etc/freeDiameter/freeDiameter.pem \ | |
| 175 --template /tmp/template.cnf | |
| 176 rm -f /tmp/template.cnf | |
| 177 echo "Done." | |
| 178 echo "To enable TLS communication, you should either:" | |
| 179 echo " - use a real certificate signed by your server's CA" | |
| 180 echo " - or, copy the two peers certificates in a ca.pem file and " | |
| 181 echo " add this file in freeDiameter configuration." | |
| 134 fi | 182 fi |
| 135 endef | 183 endef |
| 136 | 184 |
| 137 $(eval $(call BuildPackage,freeDiameter)) | 185 $(eval $(call BuildPackage,freeDiameter)) |