diff options
author | Arthur Taylor <codders@octomonkey.org.uk> | 2018-10-09 15:59:06 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-10-09 15:59:06 +0200 |
commit | 42972f0db05b4057a8c552cc10abfc8a634338be (patch) | |
tree | c851a320ef20bd4c9801b63b0d9fed7983cc39fe | |
parent | 61c5d81118acbf97b36112ba21d701f29543524f (diff) | |
parent | ca33a287d8ed9161feb066720314aa7e2f1f6fec (diff) | |
download | meta-updater-42972f0db05b4057a8c552cc10abfc8a634338be.tar.gz |
Merge pull request #396 from advancedtelematic/feat/import-installed-versions-rocko
Feat/import installed versions rocko
20 files changed, 151 insertions, 904 deletions
diff --git a/README.adoc b/README.adoc index d2bd4b5..8b761b6 100644 --- a/README.adoc +++ b/README.adoc | |||
@@ -80,7 +80,8 @@ Although we have used U-Boot so far, other boot loaders can be configured work w | |||
80 | * `OSTREE_OSNAME` - OS deployment name on your target device. For more information about deployments and osnames see the https://ostree.readthedocs.io/en/latest/manual/deployment/[OSTree documentation]. Defaults to "poky". | 80 | * `OSTREE_OSNAME` - OS deployment name on your target device. For more information about deployments and osnames see the https://ostree.readthedocs.io/en/latest/manual/deployment/[OSTree documentation]. Defaults to "poky". |
81 | * `OSTREE_INITRAMFS_IMAGE` - initramfs/initrd image that is used as a proxy while booting into OSTree deployment. Do not change this setting unless you are sure that your initramfs can serve as such a proxy. | 81 | * `OSTREE_INITRAMFS_IMAGE` - initramfs/initrd image that is used as a proxy while booting into OSTree deployment. Do not change this setting unless you are sure that your initramfs can serve as such a proxy. |
82 | * `SOTA_PACKED_CREDENTIALS` - when set, your ostree commit will be pushed to a remote repo as a bitbake step. This should be the path to a zipped credentials file in https://github.com/advancedtelematic/aktualizr/blob/master/docs/credentials.adoc[the format accepted by garage-push]. | 82 | * `SOTA_PACKED_CREDENTIALS` - when set, your ostree commit will be pushed to a remote repo as a bitbake step. This should be the path to a zipped credentials file in https://github.com/advancedtelematic/aktualizr/blob/master/docs/credentials.adoc[the format accepted by garage-push]. |
83 | * `SOTA_CLIENT_PROV` - which provisioning method to use. Valid options are https://github.com/advancedtelematic/aktualizr/blob/master/docs/automatic-provisioning.adoc[`aktualizr-auto-prov`], https://github.com/advancedtelematic/aktualizr/blob/master/docs/implicit-provisioning.adoc[`aktualizr-implicit-prov`], and https://github.com/advancedtelematic/aktualizr/blob/master/docs/hsm-provisioning.adoc[`aktualizr-hsm-prov`]. The default is `aktualizr-auto-prov`. This can also be set to an empty string to avoid using a provisioning recipe. | 83 | * `SOTA_DEPLOY_CREDENTIALS` - when set to '1' (default value), deploys credentials to the built image. Override it in `local.conf` to built a generic image that can be provisioned manually after the build. |
84 | * `SOTA_CLIENT_PROV` - which provisioning method to use. Valid options are https://github.com/advancedtelematic/aktualizr/blob/master/docs/automatic-provisioning.adoc[`aktualizr-auto-prov`], https://github.com/advancedtelematic/aktualizr/blob/master/docs/implicit-provisioning.adoc[`aktualizr-ca-implicit-prov`], and https://github.com/advancedtelematic/aktualizr/blob/master/docs/hsm-provisioning.adoc[`aktualizr-hsm-prov`]. The default is `aktualizr-auto-prov`. This can also be set to an empty string to avoid using a provisioning recipe. | ||
84 | * `SOTA_CLIENT_FEATURES` - extensions to aktualizr. The only valid options are `hsm` (to build with HSM support) and `secondary-network` (to set up a simulated 'in-vehicle' network with support for a primary node with a DHCP server and a secondary node with a DHCP client). | 85 | * `SOTA_CLIENT_FEATURES` - extensions to aktualizr. The only valid options are `hsm` (to build with HSM support) and `secondary-network` (to set up a simulated 'in-vehicle' network with support for a primary node with a DHCP server and a secondary node with a DHCP client). |
85 | * `SOTA_SECONDARY_ECUS` - a list of paths separated by spaces of JSON configuration files for virtual secondaries on the host. These will be installed into `/var/sota/ecus` on the device. | 86 | * `SOTA_SECONDARY_ECUS` - a list of paths separated by spaces of JSON configuration files for virtual secondaries on the host. These will be installed into `/var/sota/ecus` on the device. |
86 | * `SOTA_VIRTUAL_SECONDARIES` - a list of paths separated by spaces of JSON configuration files for virtual secondaries installed on the device. If `SOTA_SECONDARY_ECUS` is used to install them, then you can expect them to be installed in `/var/sota/ecus`. | 87 | * `SOTA_VIRTUAL_SECONDARIES` - a list of paths separated by spaces of JSON configuration files for virtual secondaries installed on the device. If `SOTA_SECONDARY_ECUS` is used to install them, then you can expect them to be installed in `/var/sota/ecus`. |
@@ -197,3 +198,16 @@ oe-selftest --run-tests updater | |||
197 | ``` | 198 | ``` |
198 | 199 | ||
199 | For more information about oe-selftest, including details about how to run individual test modules or classes, please refer to the https://wiki.yoctoproject.org/wiki/Oe-selftest[Yocto Project wiki]. | 200 | For more information about oe-selftest, including details about how to run individual test modules or classes, please refer to the https://wiki.yoctoproject.org/wiki/Oe-selftest[Yocto Project wiki]. |
201 | |||
202 | == Manual provisoning | ||
203 | As described in <<sota-related-variables-in-localconf,SOTA-related variables in local.conf>> section you can set `SOTA_DEPLOY_CREDENTIALS` to `0` to prevent deploying credentials to the built `wic` image. In this case you get a generic image that you can use e.g. on a production line to flash a series of devices. The cost of this approach is that this image is half-baked and should be provisioned before it can connect to the backend. | ||
204 | |||
205 | Provisioning procedure depends on your provisioning recipe, i.e. the value of `SOTA_CLIENT_PROV` (equal to `aktualizr-auto-prov` by default). | ||
206 | * For `aktualizr-auto-prov` put your `credentials.zip` to `/var/sota/sota_provisioning_credentials.zip` on the filesystem of a running device. If you have the filesystem of our device mounted to your build machine, prefix all paths with `/ostree/deploy/poky` as in `/ostree/deploy/poky/var/sota/sota_provisioning_credentials.zip`. | ||
207 | * For `aktualizr-ca-implicit-prov` | ||
208 | ** put URL to the used backend (together with protocol prefix and port number) to `/var/sota/gateway.url`. If you're using HERE OTA Connect, you can find the URL in `autoprov.url` file in your credentials archive. | ||
209 | ** put client certificate, private key and root CA certificate (for the *server*, not for the *device*) to `/var/sota/import/client.pem`, `/var/sota/import/pkey.pem` and `/var/sota/import/root.crt` respectively. | ||
210 | * For `aktualizr-hsm-prov` | ||
211 | ** put URL to the used backend (together with protocol prefix and port number) to `/var/sota/gateway.url`. If you're using HERE OTA Connect, you can find the URL in `autoprov.url` file in your credentials archive. | ||
212 | ** put root CA certificate (for the *server*, not for the *device*) to `/var/sota/import/root.crt`. | ||
213 | ** put client certificate and private key to slots 1 and 2 of the PKCS#11-compatible device. | ||
diff --git a/classes/image_types_ota.bbclass b/classes/image_types_ota.bbclass index 360b746..4a51f24 100644 --- a/classes/image_types_ota.bbclass +++ b/classes/image_types_ota.bbclass | |||
@@ -99,7 +99,7 @@ IMAGE_CMD_otaimg () { | |||
99 | 99 | ||
100 | cp -a ${IMAGE_ROOTFS}/var/sota ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/ || true | 100 | cp -a ${IMAGE_ROOTFS}/var/sota ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/ || true |
101 | # Create /var/sota if it doesn't exist yet | 101 | # Create /var/sota if it doesn't exist yet |
102 | mkdir -p ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota || true | 102 | mkdir -p ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota |
103 | # Ensure the permissions are correctly set | 103 | # Ensure the permissions are correctly set |
104 | chmod 700 ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota | 104 | chmod 700 ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota |
105 | 105 | ||
@@ -112,7 +112,9 @@ IMAGE_CMD_otaimg () { | |||
112 | if [ -n "${GARAGE_TARGET_VERSION}" ]; then | 112 | if [ -n "${GARAGE_TARGET_VERSION}" ]; then |
113 | target_version=${GARAGE_TARGET_VERSION} | 113 | target_version=${GARAGE_TARGET_VERSION} |
114 | fi | 114 | fi |
115 | echo "{\"${ostree_target_hash}\":\"${GARAGE_TARGET_NAME}-${target_version}\"}" > ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota/installed_versions | 115 | mkdir -p ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota/import |
116 | echo "{\"${ostree_target_hash}\":\"${GARAGE_TARGET_NAME}-${target_version}\"}" > ${PHYS_SYSROOT}/ostree/deploy/${OSTREE_OSNAME}/var/sota/import/installed_versions | ||
117 | |||
116 | rm -rf ${HOME_TMP} | 118 | rm -rf ${HOME_TMP} |
117 | 119 | ||
118 | # Calculate image type | 120 | # Calculate image type |
diff --git a/classes/sota.bbclass b/classes/sota.bbclass index fbd8534..657fbc2 100644 --- a/classes/sota.bbclass +++ b/classes/sota.bbclass | |||
@@ -9,6 +9,8 @@ HOSTTOOLS_NONFATAL += "java" | |||
9 | 9 | ||
10 | SOTA_CLIENT ??= "aktualizr" | 10 | SOTA_CLIENT ??= "aktualizr" |
11 | SOTA_CLIENT_PROV ??= "aktualizr-auto-prov" | 11 | SOTA_CLIENT_PROV ??= "aktualizr-auto-prov" |
12 | SOTA_DEPLOY_CREDENTIALS ?= "1" | ||
13 | |||
12 | IMAGE_INSTALL_append_sota = " ostree os-release ${SOTA_CLIENT} ${SOTA_CLIENT_PROV}" | 14 | IMAGE_INSTALL_append_sota = " ostree os-release ${SOTA_CLIENT} ${SOTA_CLIENT_PROV}" |
13 | IMAGE_CLASSES += " image_types_ostree image_types_ota" | 15 | IMAGE_CLASSES += " image_types_ostree image_types_ota" |
14 | IMAGE_FSTYPES += "${@bb.utils.contains('DISTRO_FEATURES', 'sota', 'ostreepush garagesign garagecheck otaimg wic', ' ', d)}" | 16 | IMAGE_FSTYPES += "${@bb.utils.contains('DISTRO_FEATURES', 'sota', 'ostreepush garagesign garagecheck otaimg wic', ' ', d)}" |
diff --git a/lib/oeqa/selftest/cases/updater.py b/lib/oeqa/selftest/cases/updater.py index 8686033..7ef834e 100644 --- a/lib/oeqa/selftest/cases/updater.py +++ b/lib/oeqa/selftest/cases/updater.py | |||
@@ -110,25 +110,25 @@ class AktualizrToolsTests(OESelftestTestCase): | |||
110 | 110 | ||
111 | def test_cert_provider_local_output(self): | 111 | def test_cert_provider_local_output(self): |
112 | logger = logging.getLogger("selftest") | 112 | logger = logging.getLogger("selftest") |
113 | logger.info('Running bitbake to build aktualizr-implicit-prov') | 113 | logger.info('Running bitbake to build aktualizr-ca-implicit-prov') |
114 | bitbake('aktualizr-implicit-prov') | 114 | bitbake('aktualizr-ca-implicit-prov') |
115 | bb_vars = get_bb_vars(['SOTA_PACKED_CREDENTIALS', 'T'], 'aktualizr-native') | 115 | bb_vars = get_bb_vars(['SOTA_PACKED_CREDENTIALS', 'T'], 'aktualizr-native') |
116 | creds = bb_vars['SOTA_PACKED_CREDENTIALS'] | 116 | creds = bb_vars['SOTA_PACKED_CREDENTIALS'] |
117 | temp_dir = bb_vars['T'] | 117 | temp_dir = bb_vars['T'] |
118 | bb_vars_prov = get_bb_vars(['STAGING_DIR_NATIVE', 'libdir'], 'aktualizr-implicit-prov') | 118 | bb_vars_prov = get_bb_vars(['STAGING_DIR_HOST', 'libdir'], 'aktualizr-ca-implicit-prov') |
119 | config = bb_vars_prov['STAGING_DIR_NATIVE'] + bb_vars_prov['libdir'] + '/sota/sota_implicit_prov.toml' | 119 | config = bb_vars_prov['STAGING_DIR_HOST'] + bb_vars_prov['libdir'] + '/sota/sota_implicit_prov_ca.toml' |
120 | 120 | ||
121 | akt_native_run(self, 'aktualizr_cert_provider -c {creds} -r -l {temp} -g {config}' | 121 | akt_native_run(self, 'aktualizr_cert_provider -c {creds} -r -l {temp} -g {config}' |
122 | .format(creds=creds, temp=temp_dir, config=config)) | 122 | .format(creds=creds, temp=temp_dir, config=config)) |
123 | 123 | ||
124 | # Might be nice if these names weren't hardcoded. | 124 | # Might be nice if these names weren't hardcoded. |
125 | cert_path = temp_dir + '/client.pem' | 125 | cert_path = temp_dir + '/var/sota/import/client.pem' |
126 | self.assertTrue(os.path.isfile(cert_path), "Client certificate not found at %s." % cert_path) | 126 | self.assertTrue(os.path.isfile(cert_path), "Client certificate not found at %s." % cert_path) |
127 | self.assertTrue(os.path.getsize(cert_path) > 0, "Client certificate at %s is empty." % cert_path) | 127 | self.assertTrue(os.path.getsize(cert_path) > 0, "Client certificate at %s is empty." % cert_path) |
128 | pkey_path = temp_dir + '/pkey.pem' | 128 | pkey_path = temp_dir + '/var/sota/import/pkey.pem' |
129 | self.assertTrue(os.path.isfile(pkey_path), "Private key not found at %s." % pkey_path) | 129 | self.assertTrue(os.path.isfile(pkey_path), "Private key not found at %s." % pkey_path) |
130 | self.assertTrue(os.path.getsize(pkey_path) > 0, "Private key at %s is empty." % pkey_path) | 130 | self.assertTrue(os.path.getsize(pkey_path) > 0, "Private key at %s is empty." % pkey_path) |
131 | ca_path = temp_dir + '/root.crt' | 131 | ca_path = temp_dir + '/var/sota/import/root.crt' |
132 | self.assertTrue(os.path.isfile(ca_path), "Client certificate not found at %s." % ca_path) | 132 | self.assertTrue(os.path.isfile(ca_path), "Client certificate not found at %s." % ca_path) |
133 | self.assertTrue(os.path.getsize(ca_path) > 0, "Client certificate at %s is empty." % ca_path) | 133 | self.assertTrue(os.path.getsize(ca_path) > 0, "Client certificate at %s is empty." % ca_path) |
134 | 134 | ||
@@ -226,8 +226,8 @@ class ManualControlTests(OESelftestTestCase): | |||
226 | Disable the systemd service then run aktualizr manually | 226 | Disable the systemd service then run aktualizr manually |
227 | """ | 227 | """ |
228 | sleep(20) | 228 | sleep(20) |
229 | stdout, stderr, retcode = self.qemu_command('aktualizr-info --allow-migrate') | 229 | stdout, stderr, retcode = self.qemu_command('aktualizr-info') |
230 | self.assertIn(b'Fetched metadata: no', stdout, | 230 | self.assertIn(b'Can\'t open database', stdout, |
231 | 'Aktualizr should not have run yet' + stderr.decode() + stdout.decode()) | 231 | 'Aktualizr should not have run yet' + stderr.decode() + stdout.decode()) |
232 | 232 | ||
233 | stdout, stderr, retcode = self.qemu_command('aktualizr --running-mode=once') | 233 | stdout, stderr, retcode = self.qemu_command('aktualizr --running-mode=once') |
@@ -390,7 +390,9 @@ class ImplProvTests(OESelftestTestCase): | |||
390 | else: | 390 | else: |
391 | self.meta_qemu = None | 391 | self.meta_qemu = None |
392 | self.append_config('MACHINE = "qemux86-64"') | 392 | self.append_config('MACHINE = "qemux86-64"') |
393 | self.append_config('SOTA_CLIENT_PROV = " aktualizr-implicit-prov "') | 393 | self.append_config('SOTA_CLIENT_PROV = " aktualizr-ca-implicit-prov "') |
394 | self.append_config('SOTA_DEPLOY_CREDENTIALS = "0"') | ||
395 | runCmd('bitbake -c cleanall aktualizr aktualizr-ca-implicit-prov') | ||
394 | self.qemu, self.s = qemu_launch(machine='qemux86-64') | 396 | self.qemu, self.s = qemu_launch(machine='qemux86-64') |
395 | 397 | ||
396 | def tearDownLocal(self): | 398 | def tearDownLocal(self): |
@@ -435,10 +437,11 @@ class ImplProvTests(OESelftestTestCase): | |||
435 | # Run cert_provider. | 437 | # Run cert_provider. |
436 | bb_vars = get_bb_vars(['SOTA_PACKED_CREDENTIALS'], 'aktualizr-native') | 438 | bb_vars = get_bb_vars(['SOTA_PACKED_CREDENTIALS'], 'aktualizr-native') |
437 | creds = bb_vars['SOTA_PACKED_CREDENTIALS'] | 439 | creds = bb_vars['SOTA_PACKED_CREDENTIALS'] |
438 | bb_vars_prov = get_bb_vars(['STAGING_DIR_NATIVE', 'libdir'], 'aktualizr-implicit-prov') | 440 | bb_vars_prov = get_bb_vars(['STAGING_DIR_HOST', 'libdir'], 'aktualizr-ca-implicit-prov') |
439 | config = bb_vars_prov['STAGING_DIR_NATIVE'] + bb_vars_prov['libdir'] + '/sota/sota_implicit_prov.toml' | 441 | config = bb_vars_prov['STAGING_DIR_HOST'] + bb_vars_prov['libdir'] + '/sota/sota_implicit_prov_ca.toml' |
440 | 442 | ||
441 | akt_native_run(self, 'aktualizr_cert_provider -c {creds} -t root@localhost -p {port} -s -g {config}' | 443 | print('Provisining at root@localhost:%d' % self.qemu.ssh_port) |
444 | akt_native_run(self, 'aktualizr_cert_provider -c {creds} -t root@localhost -p {port} -s -u -r -g {config}' | ||
442 | .format(creds=creds, port=self.qemu.ssh_port, config=config)) | 445 | .format(creds=creds, port=self.qemu.ssh_port, config=config)) |
443 | 446 | ||
444 | verifyProvisioned(self, machine) | 447 | verifyProvisioned(self, machine) |
@@ -461,7 +464,10 @@ class HsmTests(OESelftestTestCase): | |||
461 | self.meta_qemu = None | 464 | self.meta_qemu = None |
462 | self.append_config('MACHINE = "qemux86-64"') | 465 | self.append_config('MACHINE = "qemux86-64"') |
463 | self.append_config('SOTA_CLIENT_PROV = "aktualizr-hsm-prov"') | 466 | self.append_config('SOTA_CLIENT_PROV = "aktualizr-hsm-prov"') |
467 | self.append_config('SOTA_DEPLOY_CREDENTIALS = "0"') | ||
464 | self.append_config('SOTA_CLIENT_FEATURES = "hsm"') | 468 | self.append_config('SOTA_CLIENT_FEATURES = "hsm"') |
469 | self.append_config('IMAGE_INSTALL_append = " softhsm-testtoken"') | ||
470 | runCmd('bitbake -c cleanall aktualizr aktualizr-hsm-prov') | ||
465 | self.qemu, self.s = qemu_launch(machine='qemux86-64') | 471 | self.qemu, self.s = qemu_launch(machine='qemux86-64') |
466 | 472 | ||
467 | def tearDownLocal(self): | 473 | def tearDownLocal(self): |
@@ -519,7 +525,7 @@ class HsmTests(OESelftestTestCase): | |||
519 | bb_vars_prov = get_bb_vars(['STAGING_DIR_NATIVE', 'libdir'], 'aktualizr-hsm-prov') | 525 | bb_vars_prov = get_bb_vars(['STAGING_DIR_NATIVE', 'libdir'], 'aktualizr-hsm-prov') |
520 | config = bb_vars_prov['STAGING_DIR_NATIVE'] + bb_vars_prov['libdir'] + '/sota/sota_hsm_prov.toml' | 526 | config = bb_vars_prov['STAGING_DIR_NATIVE'] + bb_vars_prov['libdir'] + '/sota/sota_hsm_prov.toml' |
521 | 527 | ||
522 | akt_native_run(self, 'aktualizr_cert_provider -c {creds} -t root@localhost -p {port} -r -s -g {config}' | 528 | akt_native_run(self, 'aktualizr_cert_provider -c {creds} -t root@localhost -p {port} -r -s -u -g {config}' |
523 | .format(creds=creds, port=self.qemu.ssh_port, config=config)) | 529 | .format(creds=creds, port=self.qemu.ssh_port, config=config)) |
524 | 530 | ||
525 | # Verify that HSM is able to initialize. | 531 | # Verify that HSM is able to initialize. |
diff --git a/recipes-sota/aktualizr/aktualizr-auto-prov-creds.bb b/recipes-sota/aktualizr/aktualizr-auto-prov-creds.bb new file mode 100644 index 0000000..34460af --- /dev/null +++ b/recipes-sota/aktualizr/aktualizr-auto-prov-creds.bb | |||
@@ -0,0 +1,24 @@ | |||
1 | SUMMARY = "Credentials for autoprovisioning scenario" | ||
2 | SECTION = "base" | ||
3 | LICENSE = "MPL-2.0" | ||
4 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" | ||
5 | |||
6 | DEPENDS = "aktualizr-native zip-native" | ||
7 | ALLOW_EMPTY_${PN} = "1" | ||
8 | |||
9 | require credentials.inc | ||
10 | |||
11 | do_install() { | ||
12 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | ||
13 | install -m 0700 -d ${D}${localstatedir}/sota | ||
14 | cp ${SOTA_PACKED_CREDENTIALS} ${D}${localstatedir}/sota/sota_provisioning_credentials.zip | ||
15 | # Device should not be able to push data to treehub | ||
16 | zip -d ${D}${localstatedir}/sota/sota_provisioning_credentials.zip treehub.json | ||
17 | fi | ||
18 | } | ||
19 | |||
20 | FILES_${PN} = " \ | ||
21 | ${localstatedir}/sota/sota_provisioning_credentials.zip \ | ||
22 | " | ||
23 | |||
24 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||
diff --git a/recipes-sota/aktualizr/aktualizr-auto-prov.bb b/recipes-sota/aktualizr/aktualizr-auto-prov.bb index 77f8f22..01f21fa 100644 --- a/recipes-sota/aktualizr/aktualizr-auto-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-auto-prov.bb | |||
@@ -3,15 +3,14 @@ DESCRIPTION = "Configuration for automatically provisioning Aktualizr, the SOTA | |||
3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | 3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" |
4 | SECTION = "base" | 4 | SECTION = "base" |
5 | LICENSE = "MPL-2.0" | 5 | LICENSE = "MPL-2.0" |
6 | LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" | 6 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" |
7 | |||
7 | DEPENDS = "aktualizr-native zip-native" | 8 | DEPENDS = "aktualizr-native zip-native" |
8 | RDEPENDS_${PN} = "aktualizr" | 9 | RDEPENDS_${PN}_append = "${@' aktualizr-auto-prov-creds' if d.getVar('SOTA_DEPLOY_CREDENTIALS', True) == '1' else ''}" |
9 | PV = "1.0" | 10 | PV = "1.0" |
10 | PR = "6" | 11 | PR = "6" |
11 | 12 | ||
12 | SRC_URI = " \ | 13 | SRC_URI = "" |
13 | file://LICENSE \ | ||
14 | " | ||
15 | 14 | ||
16 | require environment.inc | 15 | require environment.inc |
17 | require credentials.inc | 16 | require credentials.inc |
@@ -32,19 +31,10 @@ do_install() { | |||
32 | 31 | ||
33 | install -m 0700 -d ${D}${libdir}/sota/conf.d | 32 | install -m 0700 -d ${D}${libdir}/sota/conf.d |
34 | install -m 0700 -d ${D}${localstatedir}/sota | 33 | install -m 0700 -d ${D}${localstatedir}/sota |
35 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | 34 | aktualizr_toml=${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'secondary-network', 'sota_autoprov_primary.toml', 'sota_autoprov.toml', d)} |
36 | aktualizr_toml=${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'secondary-network', 'sota_autoprov_primary.toml', 'sota_autoprov.toml', d)} | 35 | |
37 | 36 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/${aktualizr_toml} \ | |
38 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/${aktualizr_toml} \ | 37 | ${D}${libdir}/sota/conf.d/20-${aktualizr_toml} |
39 | ${D}${libdir}/sota/conf.d/20-${aktualizr_toml} | ||
40 | |||
41 | # deploy SOTA credentials | ||
42 | if [ -e ${SOTA_PACKED_CREDENTIALS} ]; then | ||
43 | cp ${SOTA_PACKED_CREDENTIALS} ${D}${localstatedir}/sota/sota_provisioning_credentials.zip | ||
44 | # Device should not be able to push data to treehub | ||
45 | zip -d ${D}${localstatedir}/sota/sota_provisioning_credentials.zip treehub.json | ||
46 | fi | ||
47 | fi | ||
48 | } | 38 | } |
49 | 39 | ||
50 | FILES_${PN} = " \ | 40 | FILES_${PN} = " \ |
diff --git a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb new file mode 100644 index 0000000..a729e6b --- /dev/null +++ b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb | |||
@@ -0,0 +1,51 @@ | |||
1 | SUMMARY = "Credentials for implicit provisioning with CA certificate" | ||
2 | SECTION = "base" | ||
3 | LICENSE = "MPL-2.0" | ||
4 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" | ||
5 | |||
6 | DEPENDS = "aktualizr aktualizr-native" | ||
7 | ALLOW_EMPTY_${PN} = "1" | ||
8 | |||
9 | SRC_URI = " \ | ||
10 | file://ca.cnf \ | ||
11 | " | ||
12 | |||
13 | require credentials.inc | ||
14 | |||
15 | export SOTA_CACERT_PATH | ||
16 | export SOTA_CAKEY_PATH | ||
17 | |||
18 | do_install() { | ||
19 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | ||
20 | if [ -z ${SOTA_CACERT_PATH} ]; then | ||
21 | SOTA_CACERT_PATH=${DEPLOY_DIR_IMAGE}/CA/cacert.pem | ||
22 | SOTA_CAKEY_PATH=${DEPLOY_DIR_IMAGE}/CA/ca.private.pem | ||
23 | mkdir -p ${DEPLOY_DIR_IMAGE}/CA | ||
24 | bbwarn "SOTA_CACERT_PATH is not specified, use default one at $SOTA_CACERT_PATH" | ||
25 | |||
26 | if [ ! -f ${SOTA_CACERT_PATH} ]; then | ||
27 | bbwarn "${SOTA_CACERT_PATH} does not exist, generate a new CA" | ||
28 | SOTA_CACERT_DIR_PATH="$(dirname "$SOTA_CACERT_PATH")" | ||
29 | openssl genrsa -out ${SOTA_CACERT_DIR_PATH}/ca.private.pem 4096 | ||
30 | openssl req -key ${SOTA_CACERT_DIR_PATH}/ca.private.pem -new -x509 -days 7300 -out ${SOTA_CACERT_PATH} -subj "/C=DE/ST=Berlin/O=Reis und Kichererbsen e.V/commonName=meta-updater" -batch -config ${WORKDIR}/ca.cnf -extensions cacert | ||
31 | bbwarn "${SOTA_CACERT_PATH} has been created, you'll need to upload it to the server" | ||
32 | fi | ||
33 | fi | ||
34 | |||
35 | if [ -z ${SOTA_CAKEY_PATH} ]; then | ||
36 | bberror "SOTA_CAKEY_PATH should be set when using implicit provisioning" | ||
37 | fi | ||
38 | |||
39 | install -m 0700 -d ${D}${localstatedir}/sota | ||
40 | aktualizr_cert_provider --credentials ${SOTA_PACKED_CREDENTIALS} \ | ||
41 | --device-ca ${SOTA_CACERT_PATH} \ | ||
42 | --device-ca-key ${SOTA_CAKEY_PATH} \ | ||
43 | --root-ca \ | ||
44 | --server-url \ | ||
45 | --local ${D} \ | ||
46 | --config ${STAGING_DIR_HOST}${libdir}/sota/sota_implicit_prov_ca.toml | ||
47 | fi | ||
48 | } | ||
49 | |||
50 | FILES_${PN} = " \ | ||
51 | ${localstatedir}/sota/*" | ||
diff --git a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb index 4d5ff79..2763185 100644 --- a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb | |||
@@ -7,67 +7,26 @@ DESCRIPTION = "Configuration for implicitly provisioning Aktualizr using externa | |||
7 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | 7 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" |
8 | SECTION = "base" | 8 | SECTION = "base" |
9 | LICENSE = "MPL-2.0" | 9 | LICENSE = "MPL-2.0" |
10 | LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" | 10 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" |
11 | 11 | ||
12 | DEPENDS = "aktualizr-native openssl-native" | 12 | DEPENDS = "aktualizr aktualizr-native openssl-native" |
13 | RDEPENDS_${PN} = "aktualizr" | 13 | RDEPENDS_${PN}_append = "${@' aktualizr-ca-implicit-prov-creds' if d.getVar('SOTA_DEPLOY_CREDENTIALS', True) == '1' else ''}" |
14 | 14 | ||
15 | SRC_URI = " \ | ||
16 | file://LICENSE \ | ||
17 | file://ca.cnf \ | ||
18 | " | ||
19 | PV = "1.0" | 15 | PV = "1.0" |
20 | PR = "1" | 16 | PR = "1" |
21 | 17 | ||
22 | require environment.inc | 18 | require environment.inc |
23 | require credentials.inc | 19 | require credentials.inc |
24 | 20 | ||
25 | export SOTA_CACERT_PATH | ||
26 | export SOTA_CAKEY_PATH | ||
27 | |||
28 | do_install() { | 21 | do_install() { |
29 | install -m 0700 -d ${D}${libdir}/sota/conf.d | 22 | install -m 0700 -d ${D}${libdir}/sota/conf.d |
30 | 23 | ||
31 | if [ -z "${SOTA_PACKED_CREDENTIALS}" ]; then | 24 | install -m 0644 ${STAGING_DIR_HOST}${libdir}/sota/sota_implicit_prov_ca.toml \ |
32 | bberror "SOTA_PACKED_CREDENTIALS are required for implicit provisioning" | ||
33 | fi | ||
34 | |||
35 | if [ -z ${SOTA_CACERT_PATH} ]; then | ||
36 | SOTA_CACERT_PATH=${DEPLOY_DIR_IMAGE}/CA/cacert.pem | ||
37 | SOTA_CAKEY_PATH=${DEPLOY_DIR_IMAGE}/CA/ca.private.pem | ||
38 | mkdir -p ${DEPLOY_DIR_IMAGE}/CA | ||
39 | bbwarn "SOTA_CACERT_PATH is not specified, use default one at $SOTA_CACERT_PATH" | ||
40 | |||
41 | if [ ! -f ${SOTA_CACERT_PATH} ]; then | ||
42 | bbwarn "${SOTA_CACERT_PATH} does not exist, generate a new CA" | ||
43 | SOTA_CACERT_DIR_PATH="$(dirname "$SOTA_CACERT_PATH")" | ||
44 | openssl genrsa -out ${SOTA_CACERT_DIR_PATH}/ca.private.pem 4096 | ||
45 | openssl req -key ${SOTA_CACERT_DIR_PATH}/ca.private.pem -new -x509 -days 7300 -out ${SOTA_CACERT_PATH} -subj "/C=DE/ST=Berlin/O=Reis und Kichererbsen e.V/commonName=meta-updater" -batch -config ${WORKDIR}/ca.cnf -extensions cacert | ||
46 | bbwarn "${SOTA_CACERT_PATH} has been created, you'll need to upload it to the server" | ||
47 | fi | ||
48 | fi | ||
49 | |||
50 | if [ -z ${SOTA_CAKEY_PATH} ]; then | ||
51 | bberror "SOTA_CAKEY_PATH should be set when using implicit provisioning" | ||
52 | fi | ||
53 | |||
54 | install -m 0700 -d ${D}${localstatedir}/sota | ||
55 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/sota_implicit_prov_ca.toml \ | ||
56 | ${D}${libdir}/sota/conf.d/20-sota_implicit_prov_ca.toml | 25 | ${D}${libdir}/sota/conf.d/20-sota_implicit_prov_ca.toml |
57 | aktualizr_cert_provider --credentials ${SOTA_PACKED_CREDENTIALS} \ | ||
58 | --device-ca ${SOTA_CACERT_PATH} \ | ||
59 | --device-ca-key ${SOTA_CAKEY_PATH} \ | ||
60 | --root-ca \ | ||
61 | --server-url \ | ||
62 | --local ${D}${localstatedir}/sota \ | ||
63 | --config ${STAGING_DIR_NATIVE}${libdir}/sota/sota_implicit_prov_ca.toml | ||
64 | } | 26 | } |
65 | 27 | ||
66 | FILES_${PN} = " \ | 28 | FILES_${PN} = " \ |
67 | ${libdir}/sota/conf.d \ | ||
68 | ${libdir}/sota/conf.d/20-sota_implicit_prov_ca.toml \ | 29 | ${libdir}/sota/conf.d/20-sota_implicit_prov_ca.toml \ |
69 | ${libdir}/sota/root.crt \ | ||
70 | ${localstatedir}/sota/* \ | ||
71 | " | 30 | " |
72 | 31 | ||
73 | # vim:set ts=4 sw=4 sts=4 expandtab: | 32 | # vim:set ts=4 sw=4 sts=4 expandtab: |
diff --git a/recipes-sota/aktualizr/aktualizr-hsm-prov.bb b/recipes-sota/aktualizr/aktualizr-hsm-prov.bb index a5ce3b0..151b543 100644 --- a/recipes-sota/aktualizr/aktualizr-hsm-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-hsm-prov.bb | |||
@@ -3,14 +3,12 @@ DESCRIPTION = "Configuration for HSM provisioning with Aktualizr, the SOTA Clien | |||
3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | 3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" |
4 | SECTION = "base" | 4 | SECTION = "base" |
5 | LICENSE = "MPL-2.0" | 5 | LICENSE = "MPL-2.0" |
6 | LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" | 6 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" |
7 | 7 | ||
8 | DEPENDS = "aktualizr-native" | 8 | DEPENDS = "aktualizr aktualizr-native" |
9 | RDEPENDS_${PN} = "aktualizr" | 9 | RDEPENDS_${PN}_append = "${@' aktualizr-ca-implicit-prov-creds softhsm-testtoken' if d.getVar('SOTA_DEPLOY_CREDENTIALS', True) == '1' else ''}" |
10 | 10 | ||
11 | SRC_URI = " \ | 11 | SRC_URI = "" |
12 | file://LICENSE \ | ||
13 | " | ||
14 | PV = "1.0" | 12 | PV = "1.0" |
15 | PR = "6" | 13 | PR = "6" |
16 | 14 | ||
@@ -21,16 +19,11 @@ do_install() { | |||
21 | install -m 0700 -d ${D}${libdir}/sota/conf.d | 19 | install -m 0700 -d ${D}${libdir}/sota/conf.d |
22 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/sota_hsm_prov.toml \ | 20 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/sota_hsm_prov.toml \ |
23 | ${D}${libdir}/sota/conf.d/20-sota_hsm_prov.toml | 21 | ${D}${libdir}/sota/conf.d/20-sota_hsm_prov.toml |
24 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | ||
25 | aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} --no-root-ca \ | ||
26 | -o ${D}${libdir}/sota/conf.d/30-implicit_server.toml -p ${D} | ||
27 | fi | ||
28 | } | 22 | } |
29 | 23 | ||
30 | FILES_${PN} = " \ | 24 | FILES_${PN} = " \ |
31 | ${libdir}/sota/conf.d \ | 25 | ${libdir}/sota/conf.d \ |
32 | ${libdir}/sota/conf.d/20-sota_hsm_prov.toml \ | 26 | ${libdir}/sota/conf.d/20-sota_hsm_prov.toml \ |
33 | ${libdir}/sota/conf.d/30-implicit_server.toml \ | ||
34 | " | 27 | " |
35 | 28 | ||
36 | # vim:set ts=4 sw=4 sts=4 expandtab: | 29 | # vim:set ts=4 sw=4 sts=4 expandtab: |
diff --git a/recipes-sota/aktualizr/aktualizr-implicit-prov.bb b/recipes-sota/aktualizr/aktualizr-implicit-prov.bb deleted file mode 100644 index 544e83d..0000000 --- a/recipes-sota/aktualizr/aktualizr-implicit-prov.bb +++ /dev/null | |||
@@ -1,37 +0,0 @@ | |||
1 | SUMMARY = "Aktualizr configuration for implicit provisioning" | ||
2 | DESCRIPTION = "Configuration for implicitly provisioning Aktualizr, the SOTA Client application written in C++" | ||
3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | ||
4 | SECTION = "base" | ||
5 | LICENSE = "MPL-2.0" | ||
6 | LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" | ||
7 | |||
8 | DEPENDS = "aktualizr-native" | ||
9 | RDEPENDS_${PN} = "aktualizr" | ||
10 | |||
11 | SRC_URI = " \ | ||
12 | file://LICENSE \ | ||
13 | " | ||
14 | PV = "1.0" | ||
15 | PR = "1" | ||
16 | |||
17 | require environment.inc | ||
18 | require credentials.inc | ||
19 | |||
20 | do_install() { | ||
21 | install -m 0700 -d ${D}${libdir}/sota/conf.d | ||
22 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/sota_implicit_prov.toml \ | ||
23 | ${D}${libdir}/sota/conf.d/20-sota_implicit_prov.toml | ||
24 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | ||
25 | aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} \ | ||
26 | -o ${D}${libdir}/sota/conf.d/30-implicit_server.toml -p ${D} | ||
27 | fi | ||
28 | } | ||
29 | |||
30 | FILES_${PN} = " \ | ||
31 | ${libdir}/sota/conf.d \ | ||
32 | ${libdir}/sota/conf.d/20-implicit_prov.toml \ | ||
33 | ${libdir}/sota/conf.d/30-implicit_server.toml \ | ||
34 | ${libdir}/sota/root.crt \ | ||
35 | " | ||
36 | |||
37 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||
diff --git a/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb b/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb index c9753e4..cf75e79 100644 --- a/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb +++ b/recipes-sota/aktualizr/aktualizr-uboot-env-rollback.bb | |||
@@ -2,14 +2,10 @@ SUMMARY = "Aktualizr configuration snippet to enable uboot bootcount function" | |||
2 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | 2 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" |
3 | SECTION = "base" | 3 | SECTION = "base" |
4 | LICENSE = "MPL-2.0" | 4 | LICENSE = "MPL-2.0" |
5 | LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" | 5 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" |
6 | DEPENDS = "aktualizr-native" | 6 | DEPENDS = "aktualizr-native" |
7 | RDEPENDS_${PN} = "aktualizr" | 7 | RDEPENDS_${PN} = "aktualizr" |
8 | 8 | ||
9 | SRC_URI = " \ | ||
10 | file://LICENSE \ | ||
11 | " | ||
12 | |||
13 | do_install() { | 9 | do_install() { |
14 | install -m 0700 -d ${D}${libdir}/sota/conf.d | 10 | install -m 0700 -d ${D}${libdir}/sota/conf.d |
15 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/sota_uboot_env.toml ${D}${libdir}/sota/conf.d/30-rollback.toml | 11 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/sota_uboot_env.toml ${D}${libdir}/sota/conf.d/30-rollback.toml |
diff --git a/recipes-sota/aktualizr/aktualizr_git.bb b/recipes-sota/aktualizr/aktualizr_git.bb index 9369cbe..8e4b8f5 100755 --- a/recipes-sota/aktualizr/aktualizr_git.bb +++ b/recipes-sota/aktualizr/aktualizr_git.bb | |||
@@ -11,7 +11,6 @@ DEPENDS_append_class-native = "glib-2.0-native " | |||
11 | 11 | ||
12 | RDEPENDS_${PN}_class-target = "lshw " | 12 | RDEPENDS_${PN}_class-target = "lshw " |
13 | RDEPENDS_${PN}_append_class-target = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'serialcan', ' slcand-start', '', d)} " | 13 | RDEPENDS_${PN}_append_class-target = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'serialcan', ' slcand-start', '', d)} " |
14 | RDEPENDS_${PN}_append_class-target = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm', ' softhsm softhsm-testtoken', '', d)}" | ||
15 | RDEPENDS_${PN}_append_class-target = " ${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'ubootenv', ' u-boot-fw-utils aktualizr-uboot-env-rollback', '', d)} " | 14 | RDEPENDS_${PN}_append_class-target = " ${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'ubootenv', ' u-boot-fw-utils aktualizr-uboot-env-rollback', '', d)} " |
16 | 15 | ||
17 | RDEPENDS_${PN}_append_class-target = " ${PN}-tools " | 16 | RDEPENDS_${PN}_append_class-target = " ${PN}-tools " |
@@ -27,7 +26,7 @@ SRC_URI = " \ | |||
27 | file://aktualizr-secondary.socket \ | 26 | file://aktualizr-secondary.socket \ |
28 | file://aktualizr-serialcan.service \ | 27 | file://aktualizr-serialcan.service \ |
29 | " | 28 | " |
30 | SRCREV = "062ab7756c375ee2c913d3197cafe4ee2f97ef2a" | 29 | SRCREV = "512ad74c0b5339ca7775d8c9461b565a9e6ff5b3" |
31 | BRANCH ?= "master" | 30 | BRANCH ?= "master" |
32 | 31 | ||
33 | S = "${WORKDIR}/git" | 32 | S = "${WORKDIR}/git" |
@@ -65,7 +64,6 @@ do_install_append () { | |||
65 | install -m 0644 ${S}/config/sota_autoprov.toml ${D}/${libdir}/sota/sota_autoprov.toml | 64 | install -m 0644 ${S}/config/sota_autoprov.toml ${D}/${libdir}/sota/sota_autoprov.toml |
66 | install -m 0644 ${S}/config/sota_autoprov_primary.toml ${D}/${libdir}/sota/sota_autoprov_primary.toml | 65 | install -m 0644 ${S}/config/sota_autoprov_primary.toml ${D}/${libdir}/sota/sota_autoprov_primary.toml |
67 | install -m 0644 ${S}/config/sota_hsm_prov.toml ${D}/${libdir}/sota/sota_hsm_prov.toml | 66 | install -m 0644 ${S}/config/sota_hsm_prov.toml ${D}/${libdir}/sota/sota_hsm_prov.toml |
68 | install -m 0644 ${S}/config/sota_implicit_prov.toml ${D}/${libdir}/sota/sota_implicit_prov.toml | ||
69 | install -m 0644 ${S}/config/sota_implicit_prov_ca.toml ${D}/${libdir}/sota/sota_implicit_prov_ca.toml | 67 | install -m 0644 ${S}/config/sota_implicit_prov_ca.toml ${D}/${libdir}/sota/sota_implicit_prov_ca.toml |
70 | install -m 0644 ${S}/config/sota_secondary.toml ${D}/${libdir}/sota/sota_secondary.toml | 68 | install -m 0644 ${S}/config/sota_secondary.toml ${D}/${libdir}/sota/sota_secondary.toml |
71 | install -m 0644 ${S}/config/sota_uboot_env.toml ${D}/${libdir}/sota/sota_uboot_env.toml | 69 | install -m 0644 ${S}/config/sota_uboot_env.toml ${D}/${libdir}/sota/sota_uboot_env.toml |
@@ -114,7 +112,6 @@ FILES_${PN}-host-tools = " \ | |||
114 | ${libdir}/sota/sota_autoprov.toml \ | 112 | ${libdir}/sota/sota_autoprov.toml \ |
115 | ${libdir}/sota/sota_autoprov_primary.toml \ | 113 | ${libdir}/sota/sota_autoprov_primary.toml \ |
116 | ${libdir}/sota/sota_hsm_prov.toml \ | 114 | ${libdir}/sota/sota_hsm_prov.toml \ |
117 | ${libdir}/sota/sota_implicit_prov.toml \ | ||
118 | ${libdir}/sota/sota_implicit_prov_ca.toml \ | 115 | ${libdir}/sota/sota_implicit_prov_ca.toml \ |
119 | ${libdir}/sota/sota_uboot_env.toml \ | 116 | ${libdir}/sota/sota_uboot_env.toml \ |
120 | " | 117 | " |
diff --git a/recipes-sota/aktualizr/files/LICENSE b/recipes-sota/aktualizr/files/LICENSE deleted file mode 100644 index a612ad9..0000000 --- a/recipes-sota/aktualizr/files/LICENSE +++ /dev/null | |||
@@ -1,373 +0,0 @@ | |||
1 | Mozilla Public License Version 2.0 | ||
2 | ================================== | ||
3 | |||
4 | 1. Definitions | ||
5 | -------------- | ||
6 | |||
7 | 1.1. "Contributor" | ||
8 | means each individual or legal entity that creates, contributes to | ||
9 | the creation of, or owns Covered Software. | ||
10 | |||
11 | 1.2. "Contributor Version" | ||
12 | means the combination of the Contributions of others (if any) used | ||
13 | by a Contributor and that particular Contributor's Contribution. | ||
14 | |||
15 | 1.3. "Contribution" | ||
16 | means Covered Software of a particular Contributor. | ||
17 | |||
18 | 1.4. "Covered Software" | ||
19 | means Source Code Form to which the initial Contributor has attached | ||
20 | the notice in Exhibit A, the Executable Form of such Source Code | ||
21 | Form, and Modifications of such Source Code Form, in each case | ||
22 | including portions thereof. | ||
23 | |||
24 | 1.5. "Incompatible With Secondary Licenses" | ||
25 | means | ||
26 | |||
27 | (a) that the initial Contributor has attached the notice described | ||
28 | in Exhibit B to the Covered Software; or | ||
29 | |||
30 | (b) that the Covered Software was made available under the terms of | ||
31 | version 1.1 or earlier of the License, but not also under the | ||
32 | terms of a Secondary License. | ||
33 | |||
34 | 1.6. "Executable Form" | ||
35 | means any form of the work other than Source Code Form. | ||
36 | |||
37 | 1.7. "Larger Work" | ||
38 | means a work that combines Covered Software with other material, in | ||
39 | a separate file or files, that is not Covered Software. | ||
40 | |||
41 | 1.8. "License" | ||
42 | means this document. | ||
43 | |||
44 | 1.9. "Licensable" | ||
45 | means having the right to grant, to the maximum extent possible, | ||
46 | whether at the time of the initial grant or subsequently, any and | ||
47 | all of the rights conveyed by this License. | ||
48 | |||
49 | 1.10. "Modifications" | ||
50 | means any of the following: | ||
51 | |||
52 | (a) any file in Source Code Form that results from an addition to, | ||
53 | deletion from, or modification of the contents of Covered | ||
54 | Software; or | ||
55 | |||
56 | (b) any new file in Source Code Form that contains any Covered | ||
57 | Software. | ||
58 | |||
59 | 1.11. "Patent Claims" of a Contributor | ||
60 | means any patent claim(s), including without limitation, method, | ||
61 | process, and apparatus claims, in any patent Licensable by such | ||
62 | Contributor that would be infringed, but for the grant of the | ||
63 | License, by the making, using, selling, offering for sale, having | ||
64 | made, import, or transfer of either its Contributions or its | ||
65 | Contributor Version. | ||
66 | |||
67 | 1.12. "Secondary License" | ||
68 | means either the GNU General Public License, Version 2.0, the GNU | ||
69 | Lesser General Public License, Version 2.1, the GNU Affero General | ||
70 | Public License, Version 3.0, or any later versions of those | ||
71 | licenses. | ||
72 | |||
73 | 1.13. "Source Code Form" | ||
74 | means the form of the work preferred for making modifications. | ||
75 | |||
76 | 1.14. "You" (or "Your") | ||
77 | means an individual or a legal entity exercising rights under this | ||
78 | License. For legal entities, "You" includes any entity that | ||
79 | controls, is controlled by, or is under common control with You. For | ||
80 | purposes of this definition, "control" means (a) the power, direct | ||
81 | or indirect, to cause the direction or management of such entity, | ||
82 | whether by contract or otherwise, or (b) ownership of more than | ||
83 | fifty percent (50%) of the outstanding shares or beneficial | ||
84 | ownership of such entity. | ||
85 | |||
86 | 2. License Grants and Conditions | ||
87 | -------------------------------- | ||
88 | |||
89 | 2.1. Grants | ||
90 | |||
91 | Each Contributor hereby grants You a world-wide, royalty-free, | ||
92 | non-exclusive license: | ||
93 | |||
94 | (a) under intellectual property rights (other than patent or trademark) | ||
95 | Licensable by such Contributor to use, reproduce, make available, | ||
96 | modify, display, perform, distribute, and otherwise exploit its | ||
97 | Contributions, either on an unmodified basis, with Modifications, or | ||
98 | as part of a Larger Work; and | ||
99 | |||
100 | (b) under Patent Claims of such Contributor to make, use, sell, offer | ||
101 | for sale, have made, import, and otherwise transfer either its | ||
102 | Contributions or its Contributor Version. | ||
103 | |||
104 | 2.2. Effective Date | ||
105 | |||
106 | The licenses granted in Section 2.1 with respect to any Contribution | ||
107 | become effective for each Contribution on the date the Contributor first | ||
108 | distributes such Contribution. | ||
109 | |||
110 | 2.3. Limitations on Grant Scope | ||
111 | |||
112 | The licenses granted in this Section 2 are the only rights granted under | ||
113 | this License. No additional rights or licenses will be implied from the | ||
114 | distribution or licensing of Covered Software under this License. | ||
115 | Notwithstanding Section 2.1(b) above, no patent license is granted by a | ||
116 | Contributor: | ||
117 | |||
118 | (a) for any code that a Contributor has removed from Covered Software; | ||
119 | or | ||
120 | |||
121 | (b) for infringements caused by: (i) Your and any other third party's | ||
122 | modifications of Covered Software, or (ii) the combination of its | ||
123 | Contributions with other software (except as part of its Contributor | ||
124 | Version); or | ||
125 | |||
126 | (c) under Patent Claims infringed by Covered Software in the absence of | ||
127 | its Contributions. | ||
128 | |||
129 | This License does not grant any rights in the trademarks, service marks, | ||
130 | or logos of any Contributor (except as may be necessary to comply with | ||
131 | the notice requirements in Section 3.4). | ||
132 | |||
133 | 2.4. Subsequent Licenses | ||
134 | |||
135 | No Contributor makes additional grants as a result of Your choice to | ||
136 | distribute the Covered Software under a subsequent version of this | ||
137 | License (see Section 10.2) or under the terms of a Secondary License (if | ||
138 | permitted under the terms of Section 3.3). | ||
139 | |||
140 | 2.5. Representation | ||
141 | |||
142 | Each Contributor represents that the Contributor believes its | ||
143 | Contributions are its original creation(s) or it has sufficient rights | ||
144 | to grant the rights to its Contributions conveyed by this License. | ||
145 | |||
146 | 2.6. Fair Use | ||
147 | |||
148 | This License is not intended to limit any rights You have under | ||
149 | applicable copyright doctrines of fair use, fair dealing, or other | ||
150 | equivalents. | ||
151 | |||
152 | 2.7. Conditions | ||
153 | |||
154 | Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted | ||
155 | in Section 2.1. | ||
156 | |||
157 | 3. Responsibilities | ||
158 | ------------------- | ||
159 | |||
160 | 3.1. Distribution of Source Form | ||
161 | |||
162 | All distribution of Covered Software in Source Code Form, including any | ||
163 | Modifications that You create or to which You contribute, must be under | ||
164 | the terms of this License. You must inform recipients that the Source | ||
165 | Code Form of the Covered Software is governed by the terms of this | ||
166 | License, and how they can obtain a copy of this License. You may not | ||
167 | attempt to alter or restrict the recipients' rights in the Source Code | ||
168 | Form. | ||
169 | |||
170 | 3.2. Distribution of Executable Form | ||
171 | |||
172 | If You distribute Covered Software in Executable Form then: | ||
173 | |||
174 | (a) such Covered Software must also be made available in Source Code | ||
175 | Form, as described in Section 3.1, and You must inform recipients of | ||
176 | the Executable Form how they can obtain a copy of such Source Code | ||
177 | Form by reasonable means in a timely manner, at a charge no more | ||
178 | than the cost of distribution to the recipient; and | ||
179 | |||
180 | (b) You may distribute such Executable Form under the terms of this | ||
181 | License, or sublicense it under different terms, provided that the | ||
182 | license for the Executable Form does not attempt to limit or alter | ||
183 | the recipients' rights in the Source Code Form under this License. | ||
184 | |||
185 | 3.3. Distribution of a Larger Work | ||
186 | |||
187 | You may create and distribute a Larger Work under terms of Your choice, | ||
188 | provided that You also comply with the requirements of this License for | ||
189 | the Covered Software. If the Larger Work is a combination of Covered | ||
190 | Software with a work governed by one or more Secondary Licenses, and the | ||
191 | Covered Software is not Incompatible With Secondary Licenses, this | ||
192 | License permits You to additionally distribute such Covered Software | ||
193 | under the terms of such Secondary License(s), so that the recipient of | ||
194 | the Larger Work may, at their option, further distribute the Covered | ||
195 | Software under the terms of either this License or such Secondary | ||
196 | License(s). | ||
197 | |||
198 | 3.4. Notices | ||
199 | |||
200 | You may not remove or alter the substance of any license notices | ||
201 | (including copyright notices, patent notices, disclaimers of warranty, | ||
202 | or limitations of liability) contained within the Source Code Form of | ||
203 | the Covered Software, except that You may alter any license notices to | ||
204 | the extent required to remedy known factual inaccuracies. | ||
205 | |||
206 | 3.5. Application of Additional Terms | ||
207 | |||
208 | You may choose to offer, and to charge a fee for, warranty, support, | ||
209 | indemnity or liability obligations to one or more recipients of Covered | ||
210 | Software. However, You may do so only on Your own behalf, and not on | ||
211 | behalf of any Contributor. You must make it absolutely clear that any | ||
212 | such warranty, support, indemnity, or liability obligation is offered by | ||
213 | You alone, and You hereby agree to indemnify every Contributor for any | ||
214 | liability incurred by such Contributor as a result of warranty, support, | ||
215 | indemnity or liability terms You offer. You may include additional | ||
216 | disclaimers of warranty and limitations of liability specific to any | ||
217 | jurisdiction. | ||
218 | |||
219 | 4. Inability to Comply Due to Statute or Regulation | ||
220 | --------------------------------------------------- | ||
221 | |||
222 | If it is impossible for You to comply with any of the terms of this | ||
223 | License with respect to some or all of the Covered Software due to | ||
224 | statute, judicial order, or regulation then You must: (a) comply with | ||
225 | the terms of this License to the maximum extent possible; and (b) | ||
226 | describe the limitations and the code they affect. Such description must | ||
227 | be placed in a text file included with all distributions of the Covered | ||
228 | Software under this License. Except to the extent prohibited by statute | ||
229 | or regulation, such description must be sufficiently detailed for a | ||
230 | recipient of ordinary skill to be able to understand it. | ||
231 | |||
232 | 5. Termination | ||
233 | -------------- | ||
234 | |||
235 | 5.1. The rights granted under this License will terminate automatically | ||
236 | if You fail to comply with any of its terms. However, if You become | ||
237 | compliant, then the rights granted under this License from a particular | ||
238 | Contributor are reinstated (a) provisionally, unless and until such | ||
239 | Contributor explicitly and finally terminates Your grants, and (b) on an | ||
240 | ongoing basis, if such Contributor fails to notify You of the | ||
241 | non-compliance by some reasonable means prior to 60 days after You have | ||
242 | come back into compliance. Moreover, Your grants from a particular | ||
243 | Contributor are reinstated on an ongoing basis if such Contributor | ||
244 | notifies You of the non-compliance by some reasonable means, this is the | ||
245 | first time You have received notice of non-compliance with this License | ||
246 | from such Contributor, and You become compliant prior to 30 days after | ||
247 | Your receipt of the notice. | ||
248 | |||
249 | 5.2. If You initiate litigation against any entity by asserting a patent | ||
250 | infringement claim (excluding declaratory judgment actions, | ||
251 | counter-claims, and cross-claims) alleging that a Contributor Version | ||
252 | directly or indirectly infringes any patent, then the rights granted to | ||
253 | You by any and all Contributors for the Covered Software under Section | ||
254 | 2.1 of this License shall terminate. | ||
255 | |||
256 | 5.3. In the event of termination under Sections 5.1 or 5.2 above, all | ||
257 | end user license agreements (excluding distributors and resellers) which | ||
258 | have been validly granted by You or Your distributors under this License | ||
259 | prior to termination shall survive termination. | ||
260 | |||
261 | ************************************************************************ | ||
262 | * * | ||
263 | * 6. Disclaimer of Warranty * | ||
264 | * ------------------------- * | ||
265 | * * | ||
266 | * Covered Software is provided under this License on an "as is" * | ||
267 | * basis, without warranty of any kind, either expressed, implied, or * | ||
268 | * statutory, including, without limitation, warranties that the * | ||
269 | * Covered Software is free of defects, merchantable, fit for a * | ||
270 | * particular purpose or non-infringing. The entire risk as to the * | ||
271 | * quality and performance of the Covered Software is with You. * | ||
272 | * Should any Covered Software prove defective in any respect, You * | ||
273 | * (not any Contributor) assume the cost of any necessary servicing, * | ||
274 | * repair, or correction. This disclaimer of warranty constitutes an * | ||
275 | * essential part of this License. No use of any Covered Software is * | ||
276 | * authorized under this License except under this disclaimer. * | ||
277 | * * | ||
278 | ************************************************************************ | ||
279 | |||
280 | ************************************************************************ | ||
281 | * * | ||
282 | * 7. Limitation of Liability * | ||
283 | * -------------------------- * | ||
284 | * * | ||
285 | * Under no circumstances and under no legal theory, whether tort * | ||
286 | * (including negligence), contract, or otherwise, shall any * | ||
287 | * Contributor, or anyone who distributes Covered Software as * | ||
288 | * permitted above, be liable to You for any direct, indirect, * | ||
289 | * special, incidental, or consequential damages of any character * | ||
290 | * including, without limitation, damages for lost profits, loss of * | ||
291 | * goodwill, work stoppage, computer failure or malfunction, or any * | ||
292 | * and all other commercial damages or losses, even if such party * | ||
293 | * shall have been informed of the possibility of such damages. This * | ||
294 | * limitation of liability shall not apply to liability for death or * | ||
295 | * personal injury resulting from such party's negligence to the * | ||
296 | * extent applicable law prohibits such limitation. Some * | ||
297 | * jurisdictions do not allow the exclusion or limitation of * | ||
298 | * incidental or consequential damages, so this exclusion and * | ||
299 | * limitation may not apply to You. * | ||
300 | * * | ||
301 | ************************************************************************ | ||
302 | |||
303 | 8. Litigation | ||
304 | ------------- | ||
305 | |||
306 | Any litigation relating to this License may be brought only in the | ||
307 | courts of a jurisdiction where the defendant maintains its principal | ||
308 | place of business and such litigation shall be governed by laws of that | ||
309 | jurisdiction, without reference to its conflict-of-law provisions. | ||
310 | Nothing in this Section shall prevent a party's ability to bring | ||
311 | cross-claims or counter-claims. | ||
312 | |||
313 | 9. Miscellaneous | ||
314 | ---------------- | ||
315 | |||
316 | This License represents the complete agreement concerning the subject | ||
317 | matter hereof. If any provision of this License is held to be | ||
318 | unenforceable, such provision shall be reformed only to the extent | ||
319 | necessary to make it enforceable. Any law or regulation which provides | ||
320 | that the language of a contract shall be construed against the drafter | ||
321 | shall not be used to construe this License against a Contributor. | ||
322 | |||
323 | 10. Versions of the License | ||
324 | --------------------------- | ||
325 | |||
326 | 10.1. New Versions | ||
327 | |||
328 | Mozilla Foundation is the license steward. Except as provided in Section | ||
329 | 10.3, no one other than the license steward has the right to modify or | ||
330 | publish new versions of this License. Each version will be given a | ||
331 | distinguishing version number. | ||
332 | |||
333 | 10.2. Effect of New Versions | ||
334 | |||
335 | You may distribute the Covered Software under the terms of the version | ||
336 | of the License under which You originally received the Covered Software, | ||
337 | or under the terms of any subsequent version published by the license | ||
338 | steward. | ||
339 | |||
340 | 10.3. Modified Versions | ||
341 | |||
342 | If you create software not governed by this License, and you want to | ||
343 | create a new license for such software, you may create and use a | ||
344 | modified version of this License if you rename the license and remove | ||
345 | any references to the name of the license steward (except to note that | ||
346 | such modified license differs from this License). | ||
347 | |||
348 | 10.4. Distributing Source Code Form that is Incompatible With Secondary | ||
349 | Licenses | ||
350 | |||
351 | If You choose to distribute Source Code Form that is Incompatible With | ||
352 | Secondary Licenses under the terms of this version of the License, the | ||
353 | notice described in Exhibit B of this License must be attached. | ||
354 | |||
355 | Exhibit A - Source Code Form License Notice | ||
356 | ------------------------------------------- | ||
357 | |||
358 | This Source Code Form is subject to the terms of the Mozilla Public | ||
359 | License, v. 2.0. If a copy of the MPL was not distributed with this | ||
360 | file, You can obtain one at http://mozilla.org/MPL/2.0/. | ||
361 | |||
362 | If it is not possible or desirable to put the notice in a particular | ||
363 | file, then You may include the notice in a location (such as a LICENSE | ||
364 | file in a relevant directory) where a recipient would be likely to look | ||
365 | for such a notice. | ||
366 | |||
367 | You may add additional accurate notices of copyright ownership. | ||
368 | |||
369 | Exhibit B - "Incompatible With Secondary Licenses" Notice | ||
370 | --------------------------------------------------------- | ||
371 | |||
372 | This Source Code Form is "Incompatible With Secondary Licenses", as | ||
373 | defined by the Mozilla Public License, v. 2.0. | ||
diff --git a/recipes-sota/config/aktualizr-disable-send-ip.bb b/recipes-sota/config/aktualizr-disable-send-ip.bb index cab7696..8dd2647 100644 --- a/recipes-sota/config/aktualizr-disable-send-ip.bb +++ b/recipes-sota/config/aktualizr-disable-send-ip.bb | |||
@@ -3,10 +3,9 @@ DESCRIPTION = "Configures aktualizr to disable IP reporting to the server" | |||
3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | 3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" |
4 | SECTION = "base" | 4 | SECTION = "base" |
5 | LICENSE = "MPL-2.0" | 5 | LICENSE = "MPL-2.0" |
6 | LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" | 6 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" |
7 | 7 | ||
8 | SRC_URI = " \ | 8 | SRC_URI = " \ |
9 | file://LICENSE \ | ||
10 | file://30-disable-send-ip.toml \ | 9 | file://30-disable-send-ip.toml \ |
11 | " | 10 | " |
12 | 11 | ||
diff --git a/recipes-sota/config/aktualizr-example-interface.bb b/recipes-sota/config/aktualizr-example-interface.bb index 37a9184..ac75352 100644 --- a/recipes-sota/config/aktualizr-example-interface.bb +++ b/recipes-sota/config/aktualizr-example-interface.bb | |||
@@ -3,10 +3,9 @@ DESCRIPTION = "Aktualizr example interface for legacy secondaries" | |||
3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | 3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" |
4 | SECTION = "base" | 4 | SECTION = "base" |
5 | LICENSE = "MPL-2.0" | 5 | LICENSE = "MPL-2.0" |
6 | LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" | 6 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" |
7 | 7 | ||
8 | SRC_URI = " \ | 8 | SRC_URI = " \ |
9 | file://LICENSE \ | ||
10 | file://30-example-interface.toml \ | 9 | file://30-example-interface.toml \ |
11 | " | 10 | " |
12 | 11 | ||
diff --git a/recipes-sota/config/aktualizr-log-debug.bb b/recipes-sota/config/aktualizr-log-debug.bb index e628616..098faf4 100644 --- a/recipes-sota/config/aktualizr-log-debug.bb +++ b/recipes-sota/config/aktualizr-log-debug.bb | |||
@@ -3,10 +3,9 @@ DESCRIPTION = "Configures aktualizr to log at a debugging level" | |||
3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | 3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" |
4 | SECTION = "base" | 4 | SECTION = "base" |
5 | LICENSE = "MPL-2.0" | 5 | LICENSE = "MPL-2.0" |
6 | LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" | 6 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" |
7 | 7 | ||
8 | SRC_URI = " \ | 8 | SRC_URI = " \ |
9 | file://LICENSE \ | ||
10 | file://05-log-debug.toml \ | 9 | file://05-log-debug.toml \ |
11 | " | 10 | " |
12 | 11 | ||
diff --git a/recipes-sota/config/files/LICENSE b/recipes-sota/config/files/LICENSE deleted file mode 100644 index a612ad9..0000000 --- a/recipes-sota/config/files/LICENSE +++ /dev/null | |||
@@ -1,373 +0,0 @@ | |||
1 | Mozilla Public License Version 2.0 | ||
2 | ================================== | ||
3 | |||
4 | 1. Definitions | ||
5 | -------------- | ||
6 | |||
7 | 1.1. "Contributor" | ||
8 | means each individual or legal entity that creates, contributes to | ||
9 | the creation of, or owns Covered Software. | ||
10 | |||
11 | 1.2. "Contributor Version" | ||
12 | means the combination of the Contributions of others (if any) used | ||
13 | by a Contributor and that particular Contributor's Contribution. | ||
14 | |||
15 | 1.3. "Contribution" | ||
16 | means Covered Software of a particular Contributor. | ||
17 | |||
18 | 1.4. "Covered Software" | ||
19 | means Source Code Form to which the initial Contributor has attached | ||
20 | the notice in Exhibit A, the Executable Form of such Source Code | ||
21 | Form, and Modifications of such Source Code Form, in each case | ||
22 | including portions thereof. | ||
23 | |||
24 | 1.5. "Incompatible With Secondary Licenses" | ||
25 | means | ||
26 | |||
27 | (a) that the initial Contributor has attached the notice described | ||
28 | in Exhibit B to the Covered Software; or | ||
29 | |||
30 | (b) that the Covered Software was made available under the terms of | ||
31 | version 1.1 or earlier of the License, but not also under the | ||
32 | terms of a Secondary License. | ||
33 | |||
34 | 1.6. "Executable Form" | ||
35 | means any form of the work other than Source Code Form. | ||
36 | |||
37 | 1.7. "Larger Work" | ||
38 | means a work that combines Covered Software with other material, in | ||
39 | a separate file or files, that is not Covered Software. | ||
40 | |||
41 | 1.8. "License" | ||
42 | means this document. | ||
43 | |||
44 | 1.9. "Licensable" | ||
45 | means having the right to grant, to the maximum extent possible, | ||
46 | whether at the time of the initial grant or subsequently, any and | ||
47 | all of the rights conveyed by this License. | ||
48 | |||
49 | 1.10. "Modifications" | ||
50 | means any of the following: | ||
51 | |||
52 | (a) any file in Source Code Form that results from an addition to, | ||
53 | deletion from, or modification of the contents of Covered | ||
54 | Software; or | ||
55 | |||
56 | (b) any new file in Source Code Form that contains any Covered | ||
57 | Software. | ||
58 | |||
59 | 1.11. "Patent Claims" of a Contributor | ||
60 | means any patent claim(s), including without limitation, method, | ||
61 | process, and apparatus claims, in any patent Licensable by such | ||
62 | Contributor that would be infringed, but for the grant of the | ||
63 | License, by the making, using, selling, offering for sale, having | ||
64 | made, import, or transfer of either its Contributions or its | ||
65 | Contributor Version. | ||
66 | |||
67 | 1.12. "Secondary License" | ||
68 | means either the GNU General Public License, Version 2.0, the GNU | ||
69 | Lesser General Public License, Version 2.1, the GNU Affero General | ||
70 | Public License, Version 3.0, or any later versions of those | ||
71 | licenses. | ||
72 | |||
73 | 1.13. "Source Code Form" | ||
74 | means the form of the work preferred for making modifications. | ||
75 | |||
76 | 1.14. "You" (or "Your") | ||
77 | means an individual or a legal entity exercising rights under this | ||
78 | License. For legal entities, "You" includes any entity that | ||
79 | controls, is controlled by, or is under common control with You. For | ||
80 | purposes of this definition, "control" means (a) the power, direct | ||
81 | or indirect, to cause the direction or management of such entity, | ||
82 | whether by contract or otherwise, or (b) ownership of more than | ||
83 | fifty percent (50%) of the outstanding shares or beneficial | ||
84 | ownership of such entity. | ||
85 | |||
86 | 2. License Grants and Conditions | ||
87 | -------------------------------- | ||
88 | |||
89 | 2.1. Grants | ||
90 | |||
91 | Each Contributor hereby grants You a world-wide, royalty-free, | ||
92 | non-exclusive license: | ||
93 | |||
94 | (a) under intellectual property rights (other than patent or trademark) | ||
95 | Licensable by such Contributor to use, reproduce, make available, | ||
96 | modify, display, perform, distribute, and otherwise exploit its | ||
97 | Contributions, either on an unmodified basis, with Modifications, or | ||
98 | as part of a Larger Work; and | ||
99 | |||
100 | (b) under Patent Claims of such Contributor to make, use, sell, offer | ||
101 | for sale, have made, import, and otherwise transfer either its | ||
102 | Contributions or its Contributor Version. | ||
103 | |||
104 | 2.2. Effective Date | ||
105 | |||
106 | The licenses granted in Section 2.1 with respect to any Contribution | ||
107 | become effective for each Contribution on the date the Contributor first | ||
108 | distributes such Contribution. | ||
109 | |||
110 | 2.3. Limitations on Grant Scope | ||
111 | |||
112 | The licenses granted in this Section 2 are the only rights granted under | ||
113 | this License. No additional rights or licenses will be implied from the | ||
114 | distribution or licensing of Covered Software under this License. | ||
115 | Notwithstanding Section 2.1(b) above, no patent license is granted by a | ||
116 | Contributor: | ||
117 | |||
118 | (a) for any code that a Contributor has removed from Covered Software; | ||
119 | or | ||
120 | |||
121 | (b) for infringements caused by: (i) Your and any other third party's | ||
122 | modifications of Covered Software, or (ii) the combination of its | ||
123 | Contributions with other software (except as part of its Contributor | ||
124 | Version); or | ||
125 | |||
126 | (c) under Patent Claims infringed by Covered Software in the absence of | ||
127 | its Contributions. | ||
128 | |||
129 | This License does not grant any rights in the trademarks, service marks, | ||
130 | or logos of any Contributor (except as may be necessary to comply with | ||
131 | the notice requirements in Section 3.4). | ||
132 | |||
133 | 2.4. Subsequent Licenses | ||
134 | |||
135 | No Contributor makes additional grants as a result of Your choice to | ||
136 | distribute the Covered Software under a subsequent version of this | ||
137 | License (see Section 10.2) or under the terms of a Secondary License (if | ||
138 | permitted under the terms of Section 3.3). | ||
139 | |||
140 | 2.5. Representation | ||
141 | |||
142 | Each Contributor represents that the Contributor believes its | ||
143 | Contributions are its original creation(s) or it has sufficient rights | ||
144 | to grant the rights to its Contributions conveyed by this License. | ||
145 | |||
146 | 2.6. Fair Use | ||
147 | |||
148 | This License is not intended to limit any rights You have under | ||
149 | applicable copyright doctrines of fair use, fair dealing, or other | ||
150 | equivalents. | ||
151 | |||
152 | 2.7. Conditions | ||
153 | |||
154 | Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted | ||
155 | in Section 2.1. | ||
156 | |||
157 | 3. Responsibilities | ||
158 | ------------------- | ||
159 | |||
160 | 3.1. Distribution of Source Form | ||
161 | |||
162 | All distribution of Covered Software in Source Code Form, including any | ||
163 | Modifications that You create or to which You contribute, must be under | ||
164 | the terms of this License. You must inform recipients that the Source | ||
165 | Code Form of the Covered Software is governed by the terms of this | ||
166 | License, and how they can obtain a copy of this License. You may not | ||
167 | attempt to alter or restrict the recipients' rights in the Source Code | ||
168 | Form. | ||
169 | |||
170 | 3.2. Distribution of Executable Form | ||
171 | |||
172 | If You distribute Covered Software in Executable Form then: | ||
173 | |||
174 | (a) such Covered Software must also be made available in Source Code | ||
175 | Form, as described in Section 3.1, and You must inform recipients of | ||
176 | the Executable Form how they can obtain a copy of such Source Code | ||
177 | Form by reasonable means in a timely manner, at a charge no more | ||
178 | than the cost of distribution to the recipient; and | ||
179 | |||
180 | (b) You may distribute such Executable Form under the terms of this | ||
181 | License, or sublicense it under different terms, provided that the | ||
182 | license for the Executable Form does not attempt to limit or alter | ||
183 | the recipients' rights in the Source Code Form under this License. | ||
184 | |||
185 | 3.3. Distribution of a Larger Work | ||
186 | |||
187 | You may create and distribute a Larger Work under terms of Your choice, | ||
188 | provided that You also comply with the requirements of this License for | ||
189 | the Covered Software. If the Larger Work is a combination of Covered | ||
190 | Software with a work governed by one or more Secondary Licenses, and the | ||
191 | Covered Software is not Incompatible With Secondary Licenses, this | ||
192 | License permits You to additionally distribute such Covered Software | ||
193 | under the terms of such Secondary License(s), so that the recipient of | ||
194 | the Larger Work may, at their option, further distribute the Covered | ||
195 | Software under the terms of either this License or such Secondary | ||
196 | License(s). | ||
197 | |||
198 | 3.4. Notices | ||
199 | |||
200 | You may not remove or alter the substance of any license notices | ||
201 | (including copyright notices, patent notices, disclaimers of warranty, | ||
202 | or limitations of liability) contained within the Source Code Form of | ||
203 | the Covered Software, except that You may alter any license notices to | ||
204 | the extent required to remedy known factual inaccuracies. | ||
205 | |||
206 | 3.5. Application of Additional Terms | ||
207 | |||
208 | You may choose to offer, and to charge a fee for, warranty, support, | ||
209 | indemnity or liability obligations to one or more recipients of Covered | ||
210 | Software. However, You may do so only on Your own behalf, and not on | ||
211 | behalf of any Contributor. You must make it absolutely clear that any | ||
212 | such warranty, support, indemnity, or liability obligation is offered by | ||
213 | You alone, and You hereby agree to indemnify every Contributor for any | ||
214 | liability incurred by such Contributor as a result of warranty, support, | ||
215 | indemnity or liability terms You offer. You may include additional | ||
216 | disclaimers of warranty and limitations of liability specific to any | ||
217 | jurisdiction. | ||
218 | |||
219 | 4. Inability to Comply Due to Statute or Regulation | ||
220 | --------------------------------------------------- | ||
221 | |||
222 | If it is impossible for You to comply with any of the terms of this | ||
223 | License with respect to some or all of the Covered Software due to | ||
224 | statute, judicial order, or regulation then You must: (a) comply with | ||
225 | the terms of this License to the maximum extent possible; and (b) | ||
226 | describe the limitations and the code they affect. Such description must | ||
227 | be placed in a text file included with all distributions of the Covered | ||
228 | Software under this License. Except to the extent prohibited by statute | ||
229 | or regulation, such description must be sufficiently detailed for a | ||
230 | recipient of ordinary skill to be able to understand it. | ||
231 | |||
232 | 5. Termination | ||
233 | -------------- | ||
234 | |||
235 | 5.1. The rights granted under this License will terminate automatically | ||
236 | if You fail to comply with any of its terms. However, if You become | ||
237 | compliant, then the rights granted under this License from a particular | ||
238 | Contributor are reinstated (a) provisionally, unless and until such | ||
239 | Contributor explicitly and finally terminates Your grants, and (b) on an | ||
240 | ongoing basis, if such Contributor fails to notify You of the | ||
241 | non-compliance by some reasonable means prior to 60 days after You have | ||
242 | come back into compliance. Moreover, Your grants from a particular | ||
243 | Contributor are reinstated on an ongoing basis if such Contributor | ||
244 | notifies You of the non-compliance by some reasonable means, this is the | ||
245 | first time You have received notice of non-compliance with this License | ||
246 | from such Contributor, and You become compliant prior to 30 days after | ||
247 | Your receipt of the notice. | ||
248 | |||
249 | 5.2. If You initiate litigation against any entity by asserting a patent | ||
250 | infringement claim (excluding declaratory judgment actions, | ||
251 | counter-claims, and cross-claims) alleging that a Contributor Version | ||
252 | directly or indirectly infringes any patent, then the rights granted to | ||
253 | You by any and all Contributors for the Covered Software under Section | ||
254 | 2.1 of this License shall terminate. | ||
255 | |||
256 | 5.3. In the event of termination under Sections 5.1 or 5.2 above, all | ||
257 | end user license agreements (excluding distributors and resellers) which | ||
258 | have been validly granted by You or Your distributors under this License | ||
259 | prior to termination shall survive termination. | ||
260 | |||
261 | ************************************************************************ | ||
262 | * * | ||
263 | * 6. Disclaimer of Warranty * | ||
264 | * ------------------------- * | ||
265 | * * | ||
266 | * Covered Software is provided under this License on an "as is" * | ||
267 | * basis, without warranty of any kind, either expressed, implied, or * | ||
268 | * statutory, including, without limitation, warranties that the * | ||
269 | * Covered Software is free of defects, merchantable, fit for a * | ||
270 | * particular purpose or non-infringing. The entire risk as to the * | ||
271 | * quality and performance of the Covered Software is with You. * | ||
272 | * Should any Covered Software prove defective in any respect, You * | ||
273 | * (not any Contributor) assume the cost of any necessary servicing, * | ||
274 | * repair, or correction. This disclaimer of warranty constitutes an * | ||
275 | * essential part of this License. No use of any Covered Software is * | ||
276 | * authorized under this License except under this disclaimer. * | ||
277 | * * | ||
278 | ************************************************************************ | ||
279 | |||
280 | ************************************************************************ | ||
281 | * * | ||
282 | * 7. Limitation of Liability * | ||
283 | * -------------------------- * | ||
284 | * * | ||
285 | * Under no circumstances and under no legal theory, whether tort * | ||
286 | * (including negligence), contract, or otherwise, shall any * | ||
287 | * Contributor, or anyone who distributes Covered Software as * | ||
288 | * permitted above, be liable to You for any direct, indirect, * | ||
289 | * special, incidental, or consequential damages of any character * | ||
290 | * including, without limitation, damages for lost profits, loss of * | ||
291 | * goodwill, work stoppage, computer failure or malfunction, or any * | ||
292 | * and all other commercial damages or losses, even if such party * | ||
293 | * shall have been informed of the possibility of such damages. This * | ||
294 | * limitation of liability shall not apply to liability for death or * | ||
295 | * personal injury resulting from such party's negligence to the * | ||
296 | * extent applicable law prohibits such limitation. Some * | ||
297 | * jurisdictions do not allow the exclusion or limitation of * | ||
298 | * incidental or consequential damages, so this exclusion and * | ||
299 | * limitation may not apply to You. * | ||
300 | * * | ||
301 | ************************************************************************ | ||
302 | |||
303 | 8. Litigation | ||
304 | ------------- | ||
305 | |||
306 | Any litigation relating to this License may be brought only in the | ||
307 | courts of a jurisdiction where the defendant maintains its principal | ||
308 | place of business and such litigation shall be governed by laws of that | ||
309 | jurisdiction, without reference to its conflict-of-law provisions. | ||
310 | Nothing in this Section shall prevent a party's ability to bring | ||
311 | cross-claims or counter-claims. | ||
312 | |||
313 | 9. Miscellaneous | ||
314 | ---------------- | ||
315 | |||
316 | This License represents the complete agreement concerning the subject | ||
317 | matter hereof. If any provision of this License is held to be | ||
318 | unenforceable, such provision shall be reformed only to the extent | ||
319 | necessary to make it enforceable. Any law or regulation which provides | ||
320 | that the language of a contract shall be construed against the drafter | ||
321 | shall not be used to construe this License against a Contributor. | ||
322 | |||
323 | 10. Versions of the License | ||
324 | --------------------------- | ||
325 | |||
326 | 10.1. New Versions | ||
327 | |||
328 | Mozilla Foundation is the license steward. Except as provided in Section | ||
329 | 10.3, no one other than the license steward has the right to modify or | ||
330 | publish new versions of this License. Each version will be given a | ||
331 | distinguishing version number. | ||
332 | |||
333 | 10.2. Effect of New Versions | ||
334 | |||
335 | You may distribute the Covered Software under the terms of the version | ||
336 | of the License under which You originally received the Covered Software, | ||
337 | or under the terms of any subsequent version published by the license | ||
338 | steward. | ||
339 | |||
340 | 10.3. Modified Versions | ||
341 | |||
342 | If you create software not governed by this License, and you want to | ||
343 | create a new license for such software, you may create and use a | ||
344 | modified version of this License if you rename the license and remove | ||
345 | any references to the name of the license steward (except to note that | ||
346 | such modified license differs from this License). | ||
347 | |||
348 | 10.4. Distributing Source Code Form that is Incompatible With Secondary | ||
349 | Licenses | ||
350 | |||
351 | If You choose to distribute Source Code Form that is Incompatible With | ||
352 | Secondary Licenses under the terms of this version of the License, the | ||
353 | notice described in Exhibit B of this License must be attached. | ||
354 | |||
355 | Exhibit A - Source Code Form License Notice | ||
356 | ------------------------------------------- | ||
357 | |||
358 | This Source Code Form is subject to the terms of the Mozilla Public | ||
359 | License, v. 2.0. If a copy of the MPL was not distributed with this | ||
360 | file, You can obtain one at http://mozilla.org/MPL/2.0/. | ||
361 | |||
362 | If it is not possible or desirable to put the notice in a particular | ||
363 | file, then You may include the notice in a location (such as a LICENSE | ||
364 | file in a relevant directory) where a recipient would be likely to look | ||
365 | for such a notice. | ||
366 | |||
367 | You may add additional accurate notices of copyright ownership. | ||
368 | |||
369 | Exhibit B - "Incompatible With Secondary Licenses" Notice | ||
370 | --------------------------------------------------------- | ||
371 | |||
372 | This Source Code Form is "Incompatible With Secondary Licenses", as | ||
373 | defined by the Mozilla Public License, v. 2.0. | ||
diff --git a/recipes-support/libp11/libp11_0.4.7.bb b/recipes-support/libp11/libp11_0.4.9.bb index 02d9e50..6d0165f 100644 --- a/recipes-support/libp11/libp11_0.4.7.bb +++ b/recipes-support/libp11/libp11_0.4.9.bb | |||
@@ -11,14 +11,14 @@ RDEPENDS_${PN} += " opensc" | |||
11 | 11 | ||
12 | SRC_URI = "git://github.com/OpenSC/libp11.git \ | 12 | SRC_URI = "git://github.com/OpenSC/libp11.git \ |
13 | file://0001-Workaround-for-a-buggy-version-of-openssl-1.0.2m.patch" | 13 | file://0001-Workaround-for-a-buggy-version-of-openssl-1.0.2m.patch" |
14 | SRCREV = "da725ab727342083478150a203a3c80c4551feb4" | 14 | SRCREV = "e1210903291b1de9eabcad26e740a4b2fbcca692" |
15 | 15 | ||
16 | S = "${WORKDIR}/git" | 16 | S = "${WORKDIR}/git" |
17 | 17 | ||
18 | inherit autotools pkgconfig | 18 | inherit autotools pkgconfig |
19 | 19 | ||
20 | # Currently, Makefile dependencies are incorrectly defined which causes build errors | 20 | # Currently, Makefile dependencies are incorrectly defined which causes build errors |
21 | # The number of jobs is high | 21 | # if the number of jobs is high |
22 | # See https://github.com/OpenSC/libp11/issues/94 | 22 | # See https://github.com/OpenSC/libp11/issues/94 |
23 | PARALLEL_MAKE = "" | 23 | PARALLEL_MAKE = "" |
24 | EXTRA_OECONF = "--disable-static" | 24 | EXTRA_OECONF = "--disable-static" |
@@ -28,12 +28,12 @@ do_install_append () { | |||
28 | rm -rf ${D}${docdir}/${BPN} | 28 | rm -rf ${D}${docdir}/${BPN} |
29 | } | 29 | } |
30 | 30 | ||
31 | FILES_${PN} = "${libdir}/engines/pkcs11.so \ | 31 | FILES_${PN} = "${libdir}/engines*/pkcs11.so \ |
32 | ${libdir}/engines/libpkcs11${SOLIBS} \ | 32 | ${libdir}/engines*/libpkcs11${SOLIBS} \ |
33 | ${libdir}/libp11${SOLIBS}" | 33 | ${libdir}/libp11${SOLIBS}" |
34 | 34 | ||
35 | FILES_${PN}-dev = " \ | 35 | FILES_${PN}-dev = " \ |
36 | ${libdir}/engines/libpkcs11${SOLIBSDEV} \ | 36 | ${libdir}/engines*/libpkcs11${SOLIBSDEV} \ |
37 | ${libdir}/libp11${SOLIBSDEV} \ | 37 | ${libdir}/libp11${SOLIBSDEV} \ |
38 | ${libdir}/pkgconfig/libp11.pc \ | 38 | ${libdir}/pkgconfig/libp11.pc \ |
39 | /usr/include" | 39 | /usr/include" |
diff --git a/recipes-support/softhsm-testtoken/files/createtoken.sh b/recipes-support/softhsm-testtoken/files/createtoken.sh index b01db47..fa4569d 100644 --- a/recipes-support/softhsm-testtoken/files/createtoken.sh +++ b/recipes-support/softhsm-testtoken/files/createtoken.sh | |||
@@ -5,7 +5,7 @@ if pkcs11-tool --module=/usr/lib/softhsm/libsofthsm2.so -O; then | |||
5 | exit 0 | 5 | exit 0 |
6 | fi | 6 | fi |
7 | 7 | ||
8 | if ! ls /var/sota/token/pkey.pem /var/sota/token/client.pem /var/sota/token/pkey.pem; then | 8 | if ! ls /var/sota/import/pkey.pem /var/sota/import/client.pem; then |
9 | # Key/certificate pair is not present, repeat | 9 | # Key/certificate pair is not present, repeat |
10 | exit 1 | 10 | exit 1 |
11 | fi | 11 | fi |
@@ -13,14 +13,15 @@ fi | |||
13 | mkdir -p /var/lib/softhsm/tokens | 13 | mkdir -p /var/lib/softhsm/tokens |
14 | softhsm2-util --init-token --slot 0 --label "Virtual token" --pin 1234 --so-pin 1234 | 14 | softhsm2-util --init-token --slot 0 --label "Virtual token" --pin 1234 --so-pin 1234 |
15 | 15 | ||
16 | softhsm2-util --import /var/sota/token/pkey.pem --label "pkey" --id 02 --token 'Virtual token' --pin 1234 | 16 | openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in /var/sota/import/pkey.pem -out /var/sota/import/pkey.p8 |
17 | openssl x509 -outform der -in /var/sota/token/client.pem -out /var/sota/token/client.der | 17 | softhsm2-util --import /var/sota/import/pkey.p8 --label "pkey" --id 02 --token 'Virtual token' --pin 1234 |
18 | pkcs11-tool --module=/usr/lib/softhsm/libsofthsm2.so --id 1 --write-object /var/sota/token/client.der --type cert --login --pin 1234 | 18 | openssl x509 -outform der -in /var/sota/import/client.pem -out /var/sota/import/client.der |
19 | pkcs11-tool --module=/usr/lib/softhsm/libsofthsm2.so --id 1 --write-object /var/sota/import/client.der --type cert --login --pin 1234 | ||
19 | 20 | ||
20 | # Import UPTANE keypair if it exists | 21 | # Import UPTANE keypair if it exists |
21 | if [ -f /var/sota/token/ecukey.pem ]; then | 22 | if [ -f /var/sota/import/ecukey.pem ]; then |
22 | openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in /var/sota/token/ecukey.pem -out /var/sota/token/ecukey.p8 | 23 | openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in /var/sota/import/ecukey.pem -out /var/sota/import/ecukey.p8 |
23 | softhsm2-util --import /var/sota/token/ecukey.p8 --label "uptanekey" --id 03 --token 'Virtual token' --pin 1234 | 24 | softhsm2-util --import /var/sota/import/ecukey.p8 --label "uptanekey" --id 03 --token 'Virtual token' --pin 1234 |
24 | fi | 25 | fi |
25 | 26 | ||
26 | exit 0 | 27 | exit 0 |
diff --git a/recipes-support/softhsm-testtoken/softhsm-testtoken.bb b/recipes-support/softhsm-testtoken/softhsm-testtoken.bb index c5691db..029fe1c 100644 --- a/recipes-support/softhsm-testtoken/softhsm-testtoken.bb +++ b/recipes-support/softhsm-testtoken/softhsm-testtoken.bb | |||
@@ -1,8 +1,6 @@ | |||
1 | SUMMARY = "Mock smartcard for aktualizr" | 1 | SUMMARY = "Mock smartcard for aktualizr" |
2 | LICENSE = "MIT" | 2 | LICENSE = "MIT" |
3 | LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690 \ | 3 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" |
4 | file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420" | ||
5 | |||
6 | 4 | ||
7 | inherit systemd | 5 | inherit systemd |
8 | 6 | ||