Mercurial > hg > freeDiameter

comparison contrib/OpenWRT/packages/freeDiameter/Makefile @ 510:48d306c0db29

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Improved documentation in postinst script
author Sebastien Decugis <sdecugis@nict.go.jp>
date Fri, 20 Aug 2010 14:28:45 +0900
parents f82bf741cd10
children 875fcc02f98b
comparison
equal deleted inserted replaced
509:f82bf741cd10 510:48d306c0db29
92 $(SED) 's,TLS_Cred,#TLS_Cred,g' $(1)/etc/freeDiameter/freeDiameter.conf 92 $(SED) 's,TLS_Cred,#TLS_Cred,g' $(1)/etc/freeDiameter/freeDiameter.conf
93 echo "" >> $(1)/etc/freeDiameter/freeDiameter.conf 93 echo "" >> $(1)/etc/freeDiameter/freeDiameter.conf
94 echo "### OPENWRT specific" >> $(1)/etc/freeDiameter/freeDiameter.conf 94 echo "### OPENWRT specific" >> $(1)/etc/freeDiameter/freeDiameter.conf
95 echo "TLS_Cred = \"/etc/freeDiameter/freeDiameter.pem\", \"/etc/freeDiameter/freeDiameter.key\";" \ 95 echo "TLS_Cred = \"/etc/freeDiameter/freeDiameter.pem\", \"/etc/freeDiameter/freeDiameter.key\";" \
96 >> $(1)/etc/freeDiameter/freeDiameter.conf 96 >> $(1)/etc/freeDiameter/freeDiameter.conf
97 echo "TLS_CA = \"/etc/freeDiameter/freeDiameter.ca.pem\";" \
98 >> $(1)/etc/freeDiameter/freeDiameter.conf
97 echo "TLS_DH_Bits = 768;" >> $(1)/etc/freeDiameter/freeDiameter.conf 99 echo "TLS_DH_Bits = 768;" >> $(1)/etc/freeDiameter/freeDiameter.conf
98 echo "LoadExtension = \"dict_nasreq.fdx\";" >> $(1)/etc/freeDiameter/freeDiameter.conf 100 echo "LoadExtension = \"dict_nasreq.fdx\";" >> $(1)/etc/freeDiameter/freeDiameter.conf
99 echo "LoadExtension = \"dict_eap.fdx\";" >> $(1)/etc/freeDiameter/freeDiameter.conf 101 echo "LoadExtension = \"dict_eap.fdx\";" >> $(1)/etc/freeDiameter/freeDiameter.conf
100 echo "LoadExtension = \"app_radgw.fdx\":\"rgw.conf\";" \ 102 echo "LoadExtension = \"app_radgw.fdx\":\"rgw.conf\";" \
101 >> $(1)/etc/freeDiameter/freeDiameter.conf 103 >> $(1)/etc/freeDiameter/freeDiameter.conf
168 echo "country = net" >>/tmp/template.cnf 170 echo "country = net" >>/tmp/template.cnf
169 echo "cn = $$localid" >>/tmp/template.cnf 171 echo "cn = $$localid" >>/tmp/template.cnf
170 echo "expiration_days = 3650" >>/tmp/template.cnf 172 echo "expiration_days = 3650" >>/tmp/template.cnf
171 echo "signing_key" >>/tmp/template.cnf 173 echo "signing_key" >>/tmp/template.cnf
172 echo "encryption_key" >>/tmp/template.cnf 174 echo "encryption_key" >>/tmp/template.cnf
173 certtool -q --load-privkey /etc/freeDiameter/freeDiameter.key \ 175 if [ ! -f "/etc/freeDiameter/freeDiameter.csr" ]; then
176 echo "Creating a new CSR"
177 certtool -q --load-privkey /etc/freeDiameter/freeDiameter.key \
174 --outfile /etc/freeDiameter/freeDiameter.csr \ 178 --outfile /etc/freeDiameter/freeDiameter.csr \
175 --template /tmp/template.cnf 179 --template /tmp/template.cnf
180 fi
176 certtool -s --load-privkey /etc/freeDiameter/freeDiameter.key \ 181 certtool -s --load-privkey /etc/freeDiameter/freeDiameter.key \
177 --outfile /etc/freeDiameter/freeDiameter.pem \ 182 --outfile /etc/freeDiameter/freeDiameter.pem \
178 --template /tmp/template.cnf 183 --template /tmp/template.cnf
179 rm -f /tmp/template.cnf 184 rm -f /tmp/template.cnf
185 cat /etc/freeDiameter/freeDiameter.pem >> /etc/freeDiameter/freeDiameter.ca.pem
180 echo "Done." 186 echo "Done."
181 echo "========================================================================" 187 echo "========================================================================"
182 echo "To enable TLS communication, you should either:" 188 echo "To enable TLS communication, you should either:"
183 echo " - use a real certificate signed by your server's CA" 189 echo " - use a real certificate signed by your server's CA:"
184 echo " (CSR provided in /etc/freeDiameter/freeDiameter.csr)" 190 echo " Use the CSR provided in /etc/freeDiameter/freeDiameter.csr"
185 echo " - or, copy the two certificates (client & server) in a ca.pem file and " 191 echo " Save the new certificate as /etc/freeDiameter/freeDiameter.pem"
186 echo " add this file in both freeDiameter configurations (as TLS_CA)." 192 echo " Replace the contents of /etc/freeDiameter/freeDiameter.ca.pem with your CA's certificate"
193 echo " - or, declare the certificates as trusted as follow: "
194 echo " Add your server's CA certificate into /etc/freeDiameter/freeDiameter.ca.pem"
195 echo " Add the content of /etc/freeDiameter/freeDiameter.pem into your server's trusted CA file"
187 echo "========================================================================" 196 echo "========================================================================"
188 fi 197 fi
189 endef 198 endef
190 199
191 $(eval $(call BuildPackage,freeDiameter)) 200 $(eval $(call BuildPackage,freeDiameter))
"Welcome to our mercurial repository"