7 files changed, 83 insertions, 97 deletions
diff --git a/recipes-sota/aktualizr/aktualizr-auto-prov-creds.bb b/recipes-sota/aktualizr/aktualizr-auto-prov-creds.bb
new file mode 100644
index 0000000..34460af
--- /dev/null
+++ b/recipes-sota/aktualizr/aktualizr-auto-prov-creds.bb
@@ -0,0 +1,24 @@
+SUMMARY = "Credentials for autoprovisioning scenario"
+SECTION = "base"
+LICENSE = "MPL-2.0"
+LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad"
+DEPENDS = "aktualizr-native zip-native"
+ALLOW_EMPTY_${PN} = "1"
+require credentials.inc
+do_install() {
+    if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then
+        install -m 0700 -d ${D}${localstatedir}/sota
+        cp ${SOTA_PACKED_CREDENTIALS} ${D}${localstatedir}/sota/sota_provisioning_credentials.zip
+        # Device should not be able to push data to treehub
+        zip -d ${D}${localstatedir}/sota/sota_provisioning_credentials.zip treehub.json
+    fi
+}
+FILES_${PN} = " \
+                ${localstatedir}/sota/sota_provisioning_credentials.zip \
+                "
+# vim:set ts=4 sw=4 sts=4 expandtab:
diff --git a/recipes-sota/aktualizr/aktualizr-auto-prov.bb b/recipes-sota/aktualizr/aktualizr-auto-prov.bb
index 9fa95ed..01f21fa 100644
--- a/recipes-sota/aktualizr/aktualizr-auto-prov.bb
+++ b/recipes-sota/aktualizr/aktualizr-auto-prov.bb
@@ -6,7 +6,7 @@ LICENSE = "MPL-2.0"
 LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad"
 DEPENDS = "aktualizr-native zip-native"
-RDEPENDS_${PN} = "aktualizr"
+RDEPENDS_${PN}_append = "${@' aktualizr-auto-prov-creds' if d.getVar('SOTA_DEPLOY_CREDENTIALS', True) == '1' else ''}"
 PV = "1.0"
 PR = "6"
@@ -31,19 +31,10 @@ do_install() {
    install -m 0700 -d ${D}${libdir}/sota/conf.d
    install -m 0700 -d ${D}${localstatedir}/sota
-    if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then
+    aktualizr_toml=${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'secondary-network', 'sota_autoprov_primary.toml', 'sota_autoprov.toml', d)}
-        aktualizr_toml=${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'secondary-network', 'sota_autoprov_primary.toml', 'sota_autoprov.toml', d)}
+    install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/${aktualizr_toml} \
-        install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/${aktualizr_toml} \
+        ${D}${libdir}/sota/conf.d/20-${aktualizr_toml}
-            ${D}${libdir}/sota/conf.d/20-${aktualizr_toml}
-        # deploy SOTA credentials
-        if [ -e ${SOTA_PACKED_CREDENTIALS} ]; then
-            cp ${SOTA_PACKED_CREDENTIALS} ${D}${localstatedir}/sota/sota_provisioning_credentials.zip
-            # Device should not be able to push data to treehub
-            zip -d ${D}${localstatedir}/sota/sota_provisioning_credentials.zip treehub.json
-        fi
-    fi
 }
 FILES_${PN} = " \
diff --git a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb
new file mode 100644
index 0000000..a729e6b
--- /dev/null
+++ b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb
@@ -0,0 +1,51 @@
+SUMMARY = "Credentials for implicit provisioning with CA certificate"
+SECTION = "base"
+LICENSE = "MPL-2.0"
+LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad"
+DEPENDS = "aktualizr aktualizr-native"
+ALLOW_EMPTY_${PN} = "1"
+SRC_URI = " \
+  file://ca.cnf \
+  "
+require credentials.inc
+export SOTA_CACERT_PATH
+export SOTA_CAKEY_PATH
+do_install() {
+    if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then
+        if [ -z ${SOTA_CACERT_PATH} ]; then
+            SOTA_CACERT_PATH=${DEPLOY_DIR_IMAGE}/CA/cacert.pem
+            SOTA_CAKEY_PATH=${DEPLOY_DIR_IMAGE}/CA/ca.private.pem
+            mkdir -p ${DEPLOY_DIR_IMAGE}/CA
+            bbwarn "SOTA_CACERT_PATH is not specified, use default one at $SOTA_CACERT_PATH"
+            if [ ! -f ${SOTA_CACERT_PATH} ]; then
+                bbwarn "${SOTA_CACERT_PATH} does not exist, generate a new CA"
+                SOTA_CACERT_DIR_PATH="$(dirname "$SOTA_CACERT_PATH")"
+                openssl genrsa -out ${SOTA_CACERT_DIR_PATH}/ca.private.pem 4096
+                openssl req -key ${SOTA_CACERT_DIR_PATH}/ca.private.pem -new -x509 -days 7300 -out ${SOTA_CACERT_PATH} -subj "/C=DE/ST=Berlin/O=Reis und Kichererbsen e.V/commonName=meta-updater" -batch -config ${WORKDIR}/ca.cnf -extensions cacert
+                bbwarn "${SOTA_CACERT_PATH} has been created, you'll need to upload it to the server"
+            fi
+        fi
+        if [ -z ${SOTA_CAKEY_PATH} ]; then
+            bberror "SOTA_CAKEY_PATH should be set when using implicit provisioning"
+        fi
+        install -m 0700 -d ${D}${localstatedir}/sota
+        aktualizr_cert_provider --credentials ${SOTA_PACKED_CREDENTIALS} \
+                                --device-ca ${SOTA_CACERT_PATH} \
+                                --device-ca-key ${SOTA_CAKEY_PATH} \
+                                --root-ca \
+                                --server-url \
+                                --local ${D} \
+                                --config ${STAGING_DIR_HOST}${libdir}/sota/sota_implicit_prov_ca.toml
+    fi
+}
+FILES_${PN} = " \
+                ${localstatedir}/sota/*"
diff --git a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb
index 83504f1..2763185 100644
--- a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb
+++ b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb
@@ -10,62 +10,23 @@ LICENSE = "MPL-2.0"
 LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad"
 DEPENDS = "aktualizr aktualizr-native openssl-native"
+RDEPENDS_${PN}_append = "${@' aktualizr-ca-implicit-prov-creds' if d.getVar('SOTA_DEPLOY_CREDENTIALS', True) == '1' else ''}"
-SRC_URI = " \
-  file://ca.cnf \
-  "
 PV = "1.0"
 PR = "1"
 require environment.inc
 require credentials.inc
-export SOTA_CACERT_PATH
-export SOTA_CAKEY_PATH
 do_install() {
    install -m 0700 -d ${D}${libdir}/sota/conf.d
-    if [ -z "${SOTA_PACKED_CREDENTIALS}" ]; then
-        bberror "SOTA_PACKED_CREDENTIALS are required for implicit provisioning"
-    fi
-    if [ -z ${SOTA_CACERT_PATH} ]; then
-        SOTA_CACERT_PATH=${DEPLOY_DIR_IMAGE}/CA/cacert.pem
-        SOTA_CAKEY_PATH=${DEPLOY_DIR_IMAGE}/CA/ca.private.pem
-        mkdir -p ${DEPLOY_DIR_IMAGE}/CA
-        bbwarn "SOTA_CACERT_PATH is not specified, use default one at $SOTA_CACERT_PATH"
-        if [ ! -f ${SOTA_CACERT_PATH} ]; then
-            bbwarn "${SOTA_CACERT_PATH} does not exist, generate a new CA"
-            SOTA_CACERT_DIR_PATH="$(dirname "$SOTA_CACERT_PATH")"
-            openssl genrsa -out ${SOTA_CACERT_DIR_PATH}/ca.private.pem 4096
-            openssl req -key ${SOTA_CACERT_DIR_PATH}/ca.private.pem -new -x509 -days 7300 -out ${SOTA_CACERT_PATH} -subj "/C=DE/ST=Berlin/O=Reis und Kichererbsen e.V/commonName=meta-updater" -batch -config ${WORKDIR}/ca.cnf -extensions cacert
-            bbwarn "${SOTA_CACERT_PATH} has been created, you'll need to upload it to the server"
-        fi
-    fi
-    if [ -z ${SOTA_CAKEY_PATH} ]; then
-        bberror "SOTA_CAKEY_PATH should be set when using implicit provisioning"
-    fi
-    install -m 0700 -d ${D}${localstatedir}/sota
    install -m 0644 ${STAGING_DIR_HOST}${libdir}/sota/sota_implicit_prov_ca.toml \
        ${D}${libdir}/sota/conf.d/20-sota_implicit_prov_ca.toml
-    aktualizr_cert_provider --credentials ${SOTA_PACKED_CREDENTIALS} \
-                            --device-ca ${SOTA_CACERT_PATH} \
-                            --device-ca-key ${SOTA_CAKEY_PATH} \
-                            --root-ca \
-                            --server-url \
-                            --local ${D}${localstatedir}/sota \
-                            --config ${STAGING_DIR_HOST}${libdir}/sota/sota_implicit_prov_ca.toml
 }
 FILES_${PN} = " \
-                ${libdir}/sota/conf.d \
                ${libdir}/sota/conf.d/20-sota_implicit_prov_ca.toml \
-                ${libdir}/sota/root.crt \
-                ${localstatedir}/sota/* \
                "
 # vim:set ts=4 sw=4 sts=4 expandtab:
diff --git a/recipes-sota/aktualizr/aktualizr-hsm-prov.bb b/recipes-sota/aktualizr/aktualizr-hsm-prov.bb
index 0450138..e915046 100644
--- a/recipes-sota/aktualizr/aktualizr-hsm-prov.bb
+++ b/recipes-sota/aktualizr/aktualizr-hsm-prov.bb
@@ -6,6 +6,7 @@ LICENSE = "MPL-2.0"
 LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad"
 DEPENDS = "aktualizr aktualizr-native"
+RDEPENDS_${PN}_append = "${@' aktualizr-ca-implicit-prov-creds softhsm-testtoken' if d.getVar('SOTA_DEPLOY_CREDENTIALS', True) == '1' else ''}"
 SRC_URI = ""
 PV = "1.0"
@@ -18,16 +19,11 @@ do_install() {
    install -m 0700 -d ${D}${libdir}/sota/conf.d
    install -m 0644 ${STAGING_DIR_HOST}${libdir}/sota/sota_hsm_prov.toml \
        ${D}${libdir}/sota/conf.d/20-sota_hsm_prov.toml
-    if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then
-        aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} --no-root-ca \
-            -o ${D}${libdir}/sota/conf.d/30-implicit_server.toml -p ${D}
-    fi
 }
 FILES_${PN} = " \
                ${libdir}/sota/conf.d \
                ${libdir}/sota/conf.d/20-sota_hsm_prov.toml \
-                ${libdir}/sota/conf.d/30-implicit_server.toml \
                "
 # vim:set ts=4 sw=4 sts=4 expandtab:
diff --git a/recipes-sota/aktualizr/aktualizr-implicit-prov.bb b/recipes-sota/aktualizr/aktualizr-implicit-prov.bb
deleted file mode 100644
index 5c54e8a..0000000
--- a/recipes-sota/aktualizr/aktualizr-implicit-prov.bb
+++ /dev/null
@@ -1,34 +0,0 @@
-SUMMARY = "Aktualizr configuration for implicit provisioning"
-DESCRIPTION = "Configuration for implicitly provisioning Aktualizr, the SOTA Client application written in C++"
-HOMEPAGE = "https://github.com/advancedtelematic/aktualizr"
-SECTION = "base"
-LICENSE = "MPL-2.0"
-LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad"
-DEPENDS = "aktualizr aktualizr-native"
-SRC_URI = ""
-PV = "1.0"
-PR = "1"
-require environment.inc
-require credentials.inc
-do_install() {
-    install -m 0700 -d ${D}${libdir}/sota/conf.d
-    install -m 0644 ${STAGING_DIR_HOST}${libdir}/sota/sota_implicit_prov.toml \
-        ${D}${libdir}/sota/conf.d/20-sota_implicit_prov.toml
-    if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then
-        aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} \
-            -o ${D}${libdir}/sota/conf.d/30-implicit_server.toml -p ${D}
-    fi
-}
-FILES_${PN} = " \
-                ${libdir}/sota/conf.d \
-                ${libdir}/sota/conf.d/20-implicit_prov.toml \
-                ${libdir}/sota/conf.d/30-implicit_server.toml \
-                ${libdir}/sota/root.crt \
-                "
-# vim:set ts=4 sw=4 sts=4 expandtab:
diff --git a/recipes-sota/aktualizr/aktualizr_git.bb b/recipes-sota/aktualizr/aktualizr_git.bb
index 7a0641d..ccaf475 100755
--- a/recipes-sota/aktualizr/aktualizr_git.bb
+++ b/recipes-sota/aktualizr/aktualizr_git.bb
@@ -11,7 +11,6 @@ DEPENDS_append_class-native = "glib-2.0-native "
 RDEPENDS_${PN}_class-target = "lshw "
 RDEPENDS_${PN}_append_class-target = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'serialcan', ' slcand-start', '', d)} "
-RDEPENDS_${PN}_append_class-target = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm', ' softhsm softhsm-testtoken', '', d)}"
 RDEPENDS_${PN}_append_class-target = " ${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'ubootenv', ' u-boot-fw-utils aktualizr-uboot-env-rollback', '', d)} "
 RDEPENDS_${PN}_append_class-target = " ${PN}-tools "
@@ -27,7 +26,7 @@ SRC_URI = " \
  file://aktualizr-secondary.socket \
  file://aktualizr-serialcan.service \
  "
-SRCREV = "090c463c6f1ec7a7ceae963cd7b4ba99aa74e1f5"
+SRCREV = "803fa9f75ed96993775dc0aa5e65e71920125157"
 BRANCH ?= "master"
 S = "${WORKDIR}/git"
@@ -64,7 +63,6 @@ do_install_append () {
    install -m 0644 ${S}/config/sota_autoprov.toml ${D}/${libdir}/sota/sota_autoprov.toml
    install -m 0644 ${S}/config/sota_autoprov_primary.toml ${D}/${libdir}/sota/sota_autoprov_primary.toml
    install -m 0644 ${S}/config/sota_hsm_prov.toml ${D}/${libdir}/sota/sota_hsm_prov.toml
-    install -m 0644 ${S}/config/sota_implicit_prov.toml ${D}/${libdir}/sota/sota_implicit_prov.toml
    install -m 0644 ${S}/config/sota_implicit_prov_ca.toml ${D}/${libdir}/sota/sota_implicit_prov_ca.toml
    install -m 0644 ${S}/config/sota_secondary.toml ${D}/${libdir}/sota/sota_secondary.toml
    install -m 0644 ${S}/config/sota_uboot_env.toml ${D}/${libdir}/sota/sota_uboot_env.toml
@@ -113,7 +111,6 @@ FILES_${PN}-host-tools = " \
                ${libdir}/sota/sota_autoprov.toml \
                ${libdir}/sota/sota_autoprov_primary.toml \
                ${libdir}/sota/sota_hsm_prov.toml \
-                ${libdir}/sota/sota_implicit_prov.toml \
                ${libdir}/sota/sota_implicit_prov_ca.toml \
                ${libdir}/sota/sota_uboot_env.toml \
                "

diff --git a/recipes-sota/aktualizr/aktualizr-auto-prov-creds.bb b/recipes-sota/aktualizr/aktualizr-auto-prov-creds.bb new file mode 100644 index 0000000..34460af --- /dev/null +++ b/recipes-sota/aktualizr/aktualizr-auto-prov-creds.bb
@@ -0,0 +1,24 @@
		1	SUMMARY = "Credentials for autoprovisioning scenario"
		2	SECTION = "base"
		3	LICENSE = "MPL-2.0"
		4	LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad"
		5
		6	DEPENDS = "aktualizr-native zip-native"
		7	ALLOW_EMPTY_${PN} = "1"
		8
		9	require credentials.inc
		10
		11	do_install() {
		12	if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then
		13	install -m 0700 -d ${D}${localstatedir}/sota
		14	cp ${SOTA_PACKED_CREDENTIALS} ${D}${localstatedir}/sota/sota_provisioning_credentials.zip
		15	# Device should not be able to push data to treehub
		16	zip -d ${D}${localstatedir}/sota/sota_provisioning_credentials.zip treehub.json
		17	fi
		18	}
		19
		20	FILES_${PN} = " \
		21	${localstatedir}/sota/sota_provisioning_credentials.zip \
		22	"
		23
		24	# vim:set ts=4 sw=4 sts=4 expandtab:


diff --git a/recipes-sota/aktualizr/aktualizr-auto-prov.bb b/recipes-sota/aktualizr/aktualizr-auto-prov.bb index 9fa95ed..01f21fa 100644 --- a/recipes-sota/aktualizr/aktualizr-auto-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-auto-prov.bb
@@ -6,7 +6,7 @@ LICENSE = "MPL-2.0"
6	LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad"	6	LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad"
7		7
8	DEPENDS = "aktualizr-native zip-native"	8	DEPENDS = "aktualizr-native zip-native"
9	RDEPENDS_${PN} = "aktualizr"	9	RDEPENDS_${PN}_append = "${@' aktualizr-auto-prov-creds' if d.getVar('SOTA_DEPLOY_CREDENTIALS', True) == '1' else ''}"
10	PV = "1.0"	10	PV = "1.0"
11	PR = "6"	11	PR = "6"
12		12
@@ -31,19 +31,10 @@ do_install() {
31		31
32	install -m 0700 -d ${D}${libdir}/sota/conf.d	32	install -m 0700 -d ${D}${libdir}/sota/conf.d
33	install -m 0700 -d ${D}${localstatedir}/sota	33	install -m 0700 -d ${D}${localstatedir}/sota
34	if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then	34	aktualizr_toml=${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'secondary-network', 'sota_autoprov_primary.toml', 'sota_autoprov.toml', d)}
35	aktualizr_toml=${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'secondary-network', 'sota_autoprov_primary.toml', 'sota_autoprov.toml', d)}	35
36		36	install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/${aktualizr_toml} \
37	install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/${aktualizr_toml} \	37	${D}${libdir}/sota/conf.d/20-${aktualizr_toml}
38	${D}${libdir}/sota/conf.d/20-${aktualizr_toml}
39
40	# deploy SOTA credentials
41	if [ -e ${SOTA_PACKED_CREDENTIALS} ]; then
42	cp ${SOTA_PACKED_CREDENTIALS} ${D}${localstatedir}/sota/sota_provisioning_credentials.zip
43	# Device should not be able to push data to treehub
44	zip -d ${D}${localstatedir}/sota/sota_provisioning_credentials.zip treehub.json
45	fi
46	fi
47	}	38	}
48		39
49	FILES_${PN} = " \	40	FILES_${PN} = " \


diff --git a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb new file mode 100644 index 0000000..a729e6b --- /dev/null +++ b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov-creds.bb
@@ -0,0 +1,51 @@
		1	SUMMARY = "Credentials for implicit provisioning with CA certificate"
		2	SECTION = "base"
		3	LICENSE = "MPL-2.0"
		4	LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad"
		5
		6	DEPENDS = "aktualizr aktualizr-native"
		7	ALLOW_EMPTY_${PN} = "1"
		8
		9	SRC_URI = " \
		10	file://ca.cnf \
		11	"
		12
		13	require credentials.inc
		14
		15	export SOTA_CACERT_PATH
		16	export SOTA_CAKEY_PATH
		17
		18	do_install() {
		19	if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then
		20	if [ -z ${SOTA_CACERT_PATH} ]; then
		21	SOTA_CACERT_PATH=${DEPLOY_DIR_IMAGE}/CA/cacert.pem
		22	SOTA_CAKEY_PATH=${DEPLOY_DIR_IMAGE}/CA/ca.private.pem
		23	mkdir -p ${DEPLOY_DIR_IMAGE}/CA
		24	bbwarn "SOTA_CACERT_PATH is not specified, use default one at $SOTA_CACERT_PATH"
		25
		26	if [ ! -f ${SOTA_CACERT_PATH} ]; then
		27	bbwarn "${SOTA_CACERT_PATH} does not exist, generate a new CA"
		28	SOTA_CACERT_DIR_PATH="$(dirname "$SOTA_CACERT_PATH")"
		29	openssl genrsa -out ${SOTA_CACERT_DIR_PATH}/ca.private.pem 4096
		30	openssl req -key ${SOTA_CACERT_DIR_PATH}/ca.private.pem -new -x509 -days 7300 -out ${SOTA_CACERT_PATH} -subj "/C=DE/ST=Berlin/O=Reis und Kichererbsen e.V/commonName=meta-updater" -batch -config ${WORKDIR}/ca.cnf -extensions cacert
		31	bbwarn "${SOTA_CACERT_PATH} has been created, you'll need to upload it to the server"
		32	fi
		33	fi
		34
		35	if [ -z ${SOTA_CAKEY_PATH} ]; then
		36	bberror "SOTA_CAKEY_PATH should be set when using implicit provisioning"
		37	fi
		38
		39	install -m 0700 -d ${D}${localstatedir}/sota
		40	aktualizr_cert_provider --credentials ${SOTA_PACKED_CREDENTIALS} \
		41	--device-ca ${SOTA_CACERT_PATH} \
		42	--device-ca-key ${SOTA_CAKEY_PATH} \
		43	--root-ca \
		44	--server-url \
		45	--local ${D} \
		46	--config ${STAGING_DIR_HOST}${libdir}/sota/sota_implicit_prov_ca.toml
		47	fi
		48	}
		49
		50	FILES_${PN} = " \
		51	${localstatedir}/sota/*"


diff --git a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb index 83504f1..2763185 100644 --- a/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-ca-implicit-prov.bb
@@ -10,62 +10,23 @@ LICENSE = "MPL-2.0"
10	LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad"	10	LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad"
11		11
12	DEPENDS = "aktualizr aktualizr-native openssl-native"	12	DEPENDS = "aktualizr aktualizr-native openssl-native"
		13	RDEPENDS_${PN}_append = "${@' aktualizr-ca-implicit-prov-creds' if d.getVar('SOTA_DEPLOY_CREDENTIALS', True) == '1' else ''}"
13		14
14	SRC_URI = " \
15	file://ca.cnf \
16	"
17	PV = "1.0"	15	PV = "1.0"
18	PR = "1"	16	PR = "1"
19		17
20	require environment.inc	18	require environment.inc
21	require credentials.inc	19	require credentials.inc
22		20
23	export SOTA_CACERT_PATH
24	export SOTA_CAKEY_PATH
25
26	do_install() {	21	do_install() {
27	install -m 0700 -d ${D}${libdir}/sota/conf.d	22	install -m 0700 -d ${D}${libdir}/sota/conf.d
28		23
29	if [ -z "${SOTA_PACKED_CREDENTIALS}" ]; then
30	bberror "SOTA_PACKED_CREDENTIALS are required for implicit provisioning"
31	fi
32
33	if [ -z ${SOTA_CACERT_PATH} ]; then
34	SOTA_CACERT_PATH=${DEPLOY_DIR_IMAGE}/CA/cacert.pem
35	SOTA_CAKEY_PATH=${DEPLOY_DIR_IMAGE}/CA/ca.private.pem
36	mkdir -p ${DEPLOY_DIR_IMAGE}/CA
37	bbwarn "SOTA_CACERT_PATH is not specified, use default one at $SOTA_CACERT_PATH"
38
39	if [ ! -f ${SOTA_CACERT_PATH} ]; then
40	bbwarn "${SOTA_CACERT_PATH} does not exist, generate a new CA"
41	SOTA_CACERT_DIR_PATH="$(dirname "$SOTA_CACERT_PATH")"
42	openssl genrsa -out ${SOTA_CACERT_DIR_PATH}/ca.private.pem 4096
43	openssl req -key ${SOTA_CACERT_DIR_PATH}/ca.private.pem -new -x509 -days 7300 -out ${SOTA_CACERT_PATH} -subj "/C=DE/ST=Berlin/O=Reis und Kichererbsen e.V/commonName=meta-updater" -batch -config ${WORKDIR}/ca.cnf -extensions cacert
44	bbwarn "${SOTA_CACERT_PATH} has been created, you'll need to upload it to the server"
45	fi
46	fi
47
48	if [ -z ${SOTA_CAKEY_PATH} ]; then
49	bberror "SOTA_CAKEY_PATH should be set when using implicit provisioning"
50	fi
51
52	install -m 0700 -d ${D}${localstatedir}/sota
53	install -m 0644 ${STAGING_DIR_HOST}${libdir}/sota/sota_implicit_prov_ca.toml \	24	install -m 0644 ${STAGING_DIR_HOST}${libdir}/sota/sota_implicit_prov_ca.toml \
54	${D}${libdir}/sota/conf.d/20-sota_implicit_prov_ca.toml	25	${D}${libdir}/sota/conf.d/20-sota_implicit_prov_ca.toml
55	aktualizr_cert_provider --credentials ${SOTA_PACKED_CREDENTIALS} \
56	--device-ca ${SOTA_CACERT_PATH} \
57	--device-ca-key ${SOTA_CAKEY_PATH} \
58	--root-ca \
59	--server-url \
60	--local ${D}${localstatedir}/sota \
61	--config ${STAGING_DIR_HOST}${libdir}/sota/sota_implicit_prov_ca.toml
62	}	26	}
63		27
64	FILES_${PN} = " \	28	FILES_${PN} = " \
65	${libdir}/sota/conf.d \
66	${libdir}/sota/conf.d/20-sota_implicit_prov_ca.toml \	29	${libdir}/sota/conf.d/20-sota_implicit_prov_ca.toml \
67	${libdir}/sota/root.crt \
68	${localstatedir}/sota/* \
69	"	30	"
70		31
71	# vim:set ts=4 sw=4 sts=4 expandtab:	32	# vim:set ts=4 sw=4 sts=4 expandtab:


diff --git a/recipes-sota/aktualizr/aktualizr-hsm-prov.bb b/recipes-sota/aktualizr/aktualizr-hsm-prov.bb index 0450138..e915046 100644 --- a/recipes-sota/aktualizr/aktualizr-hsm-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-hsm-prov.bb
@@ -6,6 +6,7 @@ LICENSE = "MPL-2.0"
6	LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad"	6	LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad"
7		7
8	DEPENDS = "aktualizr aktualizr-native"	8	DEPENDS = "aktualizr aktualizr-native"
		9	RDEPENDS_${PN}_append = "${@' aktualizr-ca-implicit-prov-creds softhsm-testtoken' if d.getVar('SOTA_DEPLOY_CREDENTIALS', True) == '1' else ''}"
9		10
10	SRC_URI = ""	11	SRC_URI = ""
11	PV = "1.0"	12	PV = "1.0"
@@ -18,16 +19,11 @@ do_install() {
18	install -m 0700 -d ${D}${libdir}/sota/conf.d	19	install -m 0700 -d ${D}${libdir}/sota/conf.d
19	install -m 0644 ${STAGING_DIR_HOST}${libdir}/sota/sota_hsm_prov.toml \	20	install -m 0644 ${STAGING_DIR_HOST}${libdir}/sota/sota_hsm_prov.toml \
20	${D}${libdir}/sota/conf.d/20-sota_hsm_prov.toml	21	${D}${libdir}/sota/conf.d/20-sota_hsm_prov.toml
21	if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then
22	aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} --no-root-ca \
23	-o ${D}${libdir}/sota/conf.d/30-implicit_server.toml -p ${D}
24	fi
25	}	22	}
26		23
27	FILES_${PN} = " \	24	FILES_${PN} = " \
28	${libdir}/sota/conf.d \	25	${libdir}/sota/conf.d \
29	${libdir}/sota/conf.d/20-sota_hsm_prov.toml \	26	${libdir}/sota/conf.d/20-sota_hsm_prov.toml \
30	${libdir}/sota/conf.d/30-implicit_server.toml \
31	"	27	"
32		28
33	# vim:set ts=4 sw=4 sts=4 expandtab:	29	# vim:set ts=4 sw=4 sts=4 expandtab:


diff --git a/recipes-sota/aktualizr/aktualizr-implicit-prov.bb b/recipes-sota/aktualizr/aktualizr-implicit-prov.bb deleted file mode 100644 index 5c54e8a..0000000 --- a/recipes-sota/aktualizr/aktualizr-implicit-prov.bb +++ /dev/null
@@ -1,34 +0,0 @@
1	SUMMARY = "Aktualizr configuration for implicit provisioning"
2	DESCRIPTION = "Configuration for implicitly provisioning Aktualizr, the SOTA Client application written in C++"
3	HOMEPAGE = "https://github.com/advancedtelematic/aktualizr"
4	SECTION = "base"
5	LICENSE = "MPL-2.0"
6	LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MPL-2.0;md5=815ca599c9df247a0c7f619bab123dad"
7
8	DEPENDS = "aktualizr aktualizr-native"
9
10	SRC_URI = ""
11	PV = "1.0"
12	PR = "1"
13
14	require environment.inc
15	require credentials.inc
16
17	do_install() {
18	install -m 0700 -d ${D}${libdir}/sota/conf.d
19	install -m 0644 ${STAGING_DIR_HOST}${libdir}/sota/sota_implicit_prov.toml \
20	${D}${libdir}/sota/conf.d/20-sota_implicit_prov.toml
21	if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then
22	aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} \
23	-o ${D}${libdir}/sota/conf.d/30-implicit_server.toml -p ${D}
24	fi
25	}
26
27	FILES_${PN} = " \
28	${libdir}/sota/conf.d \
29	${libdir}/sota/conf.d/20-implicit_prov.toml \
30	${libdir}/sota/conf.d/30-implicit_server.toml \
31	${libdir}/sota/root.crt \
32	"
33
34	# vim:set ts=4 sw=4 sts=4 expandtab:


diff --git a/recipes-sota/aktualizr/aktualizr_git.bb b/recipes-sota/aktualizr/aktualizr_git.bb index 7a0641d..ccaf475 100755 --- a/recipes-sota/aktualizr/aktualizr_git.bb +++ b/recipes-sota/aktualizr/aktualizr_git.bb
@@ -11,7 +11,6 @@ DEPENDS_append_class-native = "glib-2.0-native "
11		11
12	RDEPENDS_${PN}_class-target = "lshw "	12	RDEPENDS_${PN}_class-target = "lshw "
13	RDEPENDS_${PN}_append_class-target = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'serialcan', ' slcand-start', '', d)} "	13	RDEPENDS_${PN}_append_class-target = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'serialcan', ' slcand-start', '', d)} "
14	RDEPENDS_${PN}_append_class-target = "${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'hsm', ' softhsm softhsm-testtoken', '', d)}"
15	RDEPENDS_${PN}_append_class-target = " ${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'ubootenv', ' u-boot-fw-utils aktualizr-uboot-env-rollback', '', d)} "	14	RDEPENDS_${PN}_append_class-target = " ${@bb.utils.contains('SOTA_CLIENT_FEATURES', 'ubootenv', ' u-boot-fw-utils aktualizr-uboot-env-rollback', '', d)} "
16		15
17	RDEPENDS_${PN}_append_class-target = " ${PN}-tools "	16	RDEPENDS_${PN}_append_class-target = " ${PN}-tools "
@@ -27,7 +26,7 @@ SRC_URI = " \
27	file://aktualizr-secondary.socket \	26	file://aktualizr-secondary.socket \
28	file://aktualizr-serialcan.service \	27	file://aktualizr-serialcan.service \
29	"	28	"
30	SRCREV = "090c463c6f1ec7a7ceae963cd7b4ba99aa74e1f5"	29	SRCREV = "803fa9f75ed96993775dc0aa5e65e71920125157"
31	BRANCH ?= "master"	30	BRANCH ?= "master"
32		31
33	S = "${WORKDIR}/git"	32	S = "${WORKDIR}/git"
@@ -64,7 +63,6 @@ do_install_append () {
64	install -m 0644 ${S}/config/sota_autoprov.toml ${D}/${libdir}/sota/sota_autoprov.toml	63	install -m 0644 ${S}/config/sota_autoprov.toml ${D}/${libdir}/sota/sota_autoprov.toml
65	install -m 0644 ${S}/config/sota_autoprov_primary.toml ${D}/${libdir}/sota/sota_autoprov_primary.toml	64	install -m 0644 ${S}/config/sota_autoprov_primary.toml ${D}/${libdir}/sota/sota_autoprov_primary.toml
66	install -m 0644 ${S}/config/sota_hsm_prov.toml ${D}/${libdir}/sota/sota_hsm_prov.toml	65	install -m 0644 ${S}/config/sota_hsm_prov.toml ${D}/${libdir}/sota/sota_hsm_prov.toml
67	install -m 0644 ${S}/config/sota_implicit_prov.toml ${D}/${libdir}/sota/sota_implicit_prov.toml
68	install -m 0644 ${S}/config/sota_implicit_prov_ca.toml ${D}/${libdir}/sota/sota_implicit_prov_ca.toml	66	install -m 0644 ${S}/config/sota_implicit_prov_ca.toml ${D}/${libdir}/sota/sota_implicit_prov_ca.toml
69	install -m 0644 ${S}/config/sota_secondary.toml ${D}/${libdir}/sota/sota_secondary.toml	67	install -m 0644 ${S}/config/sota_secondary.toml ${D}/${libdir}/sota/sota_secondary.toml
70	install -m 0644 ${S}/config/sota_uboot_env.toml ${D}/${libdir}/sota/sota_uboot_env.toml	68	install -m 0644 ${S}/config/sota_uboot_env.toml ${D}/${libdir}/sota/sota_uboot_env.toml
@@ -113,7 +111,6 @@ FILES_${PN}-host-tools = " \
113	${libdir}/sota/sota_autoprov.toml \	111	${libdir}/sota/sota_autoprov.toml \
114	${libdir}/sota/sota_autoprov_primary.toml \	112	${libdir}/sota/sota_autoprov_primary.toml \
115	${libdir}/sota/sota_hsm_prov.toml \	113	${libdir}/sota/sota_hsm_prov.toml \
116	${libdir}/sota/sota_implicit_prov.toml \
117	${libdir}/sota/sota_implicit_prov_ca.toml \	114	${libdir}/sota/sota_implicit_prov_ca.toml \
118	${libdir}/sota/sota_uboot_env.toml \	115	${libdir}/sota/sota_uboot_env.toml \
119	"	116	"