summaryrefslogtreecommitdiffhomepage
path: root/contrib/package
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/package')
-rw-r--r--contrib/package/uhttpd/files/uhttpd.config29
-rwxr-xr-xcontrib/package/uhttpd/files/uhttpd.init45
2 files changed, 65 insertions, 9 deletions
diff --git a/contrib/package/uhttpd/files/uhttpd.config b/contrib/package/uhttpd/files/uhttpd.config
index 9c4cd305b3..0bca4f516b 100644
--- a/contrib/package/uhttpd/files/uhttpd.config
+++ b/contrib/package/uhttpd/files/uhttpd.config
@@ -1,12 +1,14 @@
+# Server configuration
config uhttpd main
+
# Server document root
option home /www
# Certificate and private key for HTTPS.
# If no listen_https addresses are given,
# the key options are ignored.
- option cert /etc/nixio/cert_main.der
- option key /etc/nixio/rsa_main.der
+ option cert /etc/uhttpd.crt
+ option key /etc/uhttpd.key
# CGI url prefix, will be searched in docroot.
# Default is /cgi-bin
@@ -14,8 +16,8 @@ config uhttpd main
# Lua url prefix and handler script.
# Lua support is disabled if no prefix given.
-# option lua_prefix /lua
-# option lua_handler /www/lua/handler.lua
+# option lua_prefix /luci
+# option lua_handler /usr/lib/lua/luci/sgi/uhttpd.lua
# HTTP listen addresses, multiple allowed
list listen_http 0.0.0.0:80
@@ -30,3 +32,22 @@ config uhttpd main
# Configuration file in busybox httpd format
# option config /etc/httpd.conf
+
+
+# Certificate defaults for px5g key generator
+config cert px5g
+
+ # Validity time
+ option days 730
+
+ # RSA key size
+ option bits 1024
+
+ # Location
+ option country DE
+ option state Berlin
+ option location Berlin
+
+ # Common name
+ option commonname OpenWrt
+
diff --git a/contrib/package/uhttpd/files/uhttpd.init b/contrib/package/uhttpd/files/uhttpd.init
index b13cd60f3d..16320a7307 100755
--- a/contrib/package/uhttpd/files/uhttpd.init
+++ b/contrib/package/uhttpd/files/uhttpd.init
@@ -3,7 +3,7 @@
START=50
UHTTPD_BIN="/usr/sbin/uhttpd"
-UHTTPD_ARGS=""
+PX5G_BIN="/usr/sbin/px5g"
append_listen_http() {
@@ -25,9 +25,35 @@ append_arg() {
[ -n "$val" -o -n "$def" ] && append UHTTPD_ARGS "$opt ${val:-$def}"
}
+generate_keys() {
+ local cfg="$1"
+ local key="$2"
+ local crt="$3"
+ local days bits country state location commonname
+
+ config_get days "$cfg" days
+ config_get bits "$cfg" bits
+ config_get country "$cfg" country
+ config_get state "$cfg" state
+ config_get location "$cfg" location
+ config_get commonname "$cfg" commonname
+
+ [ -x "$PX5G_BIN" ] && {
+ $PX5G_BIN selfsigned -der \
+ -days ${days:-730} -newkey rsa:${bits:-1024} -keyout "$UHTTPD_KEY" -out "$UHTTPD_CERT" \
+ -subj /C=${country:-DE}/ST=${state:-Saxony}/L=${location:-Leipzig}/CN=${commonname:-OpenWrt}
+ } || {
+ echo "WARNING: the specified certificate and key" \
+ "files do not exist and the px5g generator" \
+ "is not available, skipping SSL setup."
+ }
+}
+
start_instance()
{
UHTTPD_ARGS=""
+ UHTTPD_CERT=""
+ UHTTPD_KEY=""
local cfg="$1"
local realm="$(uci get system.@system[0].hostname 2>/dev/null)"
@@ -44,12 +70,21 @@ start_instance()
append_listen_http
config_get ssl "$cfg" listen_https
+ config_get UHTTPD_KEY "$cfg" key /etc/httpd.key
+ config_get UHTTPD_CERT "$cfg" cert /etc/httpd.cert
+
[ -n "$ssl" ] && {
- append_arg "$cfg" cert "-C"
- append_arg "$cfg" key "-K"
+ [ -f "$UHTTPD_CERT" -a -f "$UHTTPD_KEY" ] || {
+ config_foreach generate_keys cert
+ }
+
+ [ -f "$UHTTPD_CERT" -a -f "$UHTTPD_KEY" ] && {
+ append_arg "$cfg" cert "-C"
+ append_arg "$cfg" key "-K"
- config_list_foreach "$cfg" listen_https \
- append_listen_https
+ config_list_foreach "$cfg" listen_https \
+ append_listen_https
+ }
}
start-stop-daemon -S -x $UHTTPD_BIN \