diff options
author | Arthur Taylor <codders@octomonkey.org.uk> | 2018-10-09 15:59:06 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-10-09 15:59:06 +0200 |
commit | 42972f0db05b4057a8c552cc10abfc8a634338be (patch) | |
tree | c851a320ef20bd4c9801b63b0d9fed7983cc39fe /recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb | |
parent | 61c5d81118acbf97b36112ba21d701f29543524f (diff) | |
parent | ca33a287d8ed9161feb066720314aa7e2f1f6fec (diff) | |
download | meta-updater-42972f0db05b4057a8c552cc10abfc8a634338be.tar.gz |
Merge pull request #396 from advancedtelematic/feat/import-installed-versions-rocko
Feat/import installed versions rocko
Diffstat (limited to 'recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb')
-rw-r--r-- | recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb new file mode 100644 index 0000000..a729e6b --- /dev/null +++ b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb | |||
@@ -0,0 +1,51 @@ | |||
1 | SUMMARY = "Credentials for implicit provisioning with CA certificate" | ||
2 | SECTION = "base" | ||
3 | LICENSE = "MPL-2.0" | ||
4 | LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad" | ||
5 | |||
6 | DEPENDS = "aktualizr aktualizr-native" | ||
7 | ALLOW_EMPTY_${PN} = "1" | ||
8 | |||
9 | SRC_URI = " \ | ||
10 | file://ca.cnf \ | ||
11 | " | ||
12 | |||
13 | require credentials.inc | ||
14 | |||
15 | export SOTA_CACERT_PATH | ||
16 | export SOTA_CAKEY_PATH | ||
17 | |||
18 | do_install() { | ||
19 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | ||
20 | if [ -z ${SOTA_CACERT_PATH} ]; then | ||
21 | SOTA_CACERT_PATH=${DEPLOY_DIR_IMAGE}/CA/cacert.pem | ||
22 | SOTA_CAKEY_PATH=${DEPLOY_DIR_IMAGE}/CA/ca.private.pem | ||
23 | mkdir -p ${DEPLOY_DIR_IMAGE}/CA | ||
24 | bbwarn "SOTA_CACERT_PATH is not specified, use default one at $SOTA_CACERT_PATH" | ||
25 | |||
26 | if [ ! -f ${SOTA_CACERT_PATH} ]; then | ||
27 | bbwarn "${SOTA_CACERT_PATH} does not exist, generate a new CA" | ||
28 | SOTA_CACERT_DIR_PATH="$(dirname "$SOTA_CACERT_PATH")" | ||
29 | openssl genrsa -out ${SOTA_CACERT_DIR_PATH}/ca.private.pem 4096 | ||
30 | openssl req -key ${SOTA_CACERT_DIR_PATH}/ca.private.pem -new -x509 -days 7300 -out ${SOTA_CACERT_PATH} -subj "/C=DE/ST=Berlin/O=Reis und Kichererbsen e.V/commonName=meta-updater" -batch -config ${WORKDIR}/ca.cnf -extensions cacert | ||
31 | bbwarn "${SOTA_CACERT_PATH} has been created, you'll need to upload it to the server" | ||
32 | fi | ||
33 | fi | ||
34 | |||
35 | if [ -z ${SOTA_CAKEY_PATH} ]; then | ||
36 | bberror "SOTA_CAKEY_PATH should be set when using implicit provisioning" | ||
37 | fi | ||
38 | |||
39 | install -m 0700 -d ${D}${localstatedir}/sota | ||
40 | aktualizr_cert_provider --credentials ${SOTA_PACKED_CREDENTIALS} \ | ||
41 | --device-ca ${SOTA_CACERT_PATH} \ | ||
42 | --device-ca-key ${SOTA_CAKEY_PATH} \ | ||
43 | --root-ca \ | ||
44 | --server-url \ | ||
45 | --local ${D} \ | ||
46 | --config ${STAGING_DIR_HOST}${libdir}/sota/sota_implicit_prov_ca.toml | ||
47 | fi | ||
48 | } | ||
49 | |||
50 | FILES_${PN} = " \ | ||
51 | ${localstatedir}/sota/*" | ||