nixio: Fix axTLS configuration, prepare px5g integration

libs/nixio/axTLS/config/.config

@@ -30,16 +30,16 @@ CONFIG_SSL_FULL_MODE=y
 # CONFIG_SSL_PROT_LOW is not set
 CONFIG_SSL_PROT_MEDIUM=y
 # CONFIG_SSL_PROT_HIGH is not set
-CONFIG_SSL_USE_DEFAULT_KEY=y
-CONFIG_SSL_PRIVATE_KEY_LOCATION=""
+# CONFIG_SSL_USE_DEFAULT_KEY is not set
+CONFIG_SSL_PRIVATE_KEY_LOCATION="/etc/nixio/rsa_main.der"
 CONFIG_SSL_PRIVATE_KEY_PASSWORD=""
 CONFIG_SSL_X509_CERT_LOCATION=""
-CONFIG_SSL_GENERATE_X509_CERT=y
+# CONFIG_SSL_GENERATE_X509_CERT is not set
 CONFIG_SSL_X509_COMMON_NAME=""
 CONFIG_SSL_X509_ORGANIZATION_NAME=""
 CONFIG_SSL_X509_ORGANIZATION_UNIT_NAME=""
-CONFIG_SSL_ENABLE_V23_HANDSHAKE=y
-CONFIG_SSL_HAS_PEM=y
+# CONFIG_SSL_ENABLE_V23_HANDSHAKE is not set
+# CONFIG_SSL_HAS_PEM is not set
 # CONFIG_SSL_USE_PKCS12 is not set
 CONFIG_SSL_EXPIRY_TIME=24
 CONFIG_X509_MAX_CA_CERTS=4

libs/nixio/axTLS/config/config.h

@@ -31,16 +31,16 @@
 #undef CONFIG_SSL_PROT_LOW
 #define CONFIG_SSL_PROT_MEDIUM 1
 #undef CONFIG_SSL_PROT_HIGH
-#define CONFIG_SSL_USE_DEFAULT_KEY 1
-#define CONFIG_SSL_PRIVATE_KEY_LOCATION ""
+#undef CONFIG_SSL_USE_DEFAULT_KEY
+#define CONFIG_SSL_PRIVATE_KEY_LOCATION "/etc/nixio/rsa_main.der"
 #define CONFIG_SSL_PRIVATE_KEY_PASSWORD ""
 #define CONFIG_SSL_X509_CERT_LOCATION ""
-#define CONFIG_SSL_GENERATE_X509_CERT 1
+#undef CONFIG_SSL_GENERATE_X509_CERT
 #define CONFIG_SSL_X509_COMMON_NAME ""
 #define CONFIG_SSL_X509_ORGANIZATION_NAME ""
 #define CONFIG_SSL_X509_ORGANIZATION_UNIT_NAME ""
-#define CONFIG_SSL_ENABLE_V23_HANDSHAKE 1
-#define CONFIG_SSL_HAS_PEM 1
+#undef CONFIG_SSL_ENABLE_V23_HANDSHAKE
+#undef CONFIG_SSL_HAS_PEM
 #undef CONFIG_SSL_USE_PKCS12
 #define CONFIG_SSL_EXPIRY_TIME 24
 #define CONFIG_X509_MAX_CA_CERTS 4

libs/nixio/axtls-config/.config

@@ -31,15 +31,15 @@ CONFIG_SSL_FULL_MODE=y
 CONFIG_SSL_PROT_MEDIUM=y
 # CONFIG_SSL_PROT_HIGH is not set
 # CONFIG_SSL_USE_DEFAULT_KEY is not set
-CONFIG_SSL_PRIVATE_KEY_LOCATION="/etc/axtls.key"
+CONFIG_SSL_PRIVATE_KEY_LOCATION="/etc/nixio/rsa_main.der"
 CONFIG_SSL_PRIVATE_KEY_PASSWORD=""
 CONFIG_SSL_X509_CERT_LOCATION=""
-CONFIG_SSL_GENERATE_X509_CERT=y
+# CONFIG_SSL_GENERATE_X509_CERT is not set
 CONFIG_SSL_X509_COMMON_NAME=""
 CONFIG_SSL_X509_ORGANIZATION_NAME=""
 CONFIG_SSL_X509_ORGANIZATION_UNIT_NAME=""
 # CONFIG_SSL_ENABLE_V23_HANDSHAKE is not set
-CONFIG_SSL_HAS_PEM=y
+# CONFIG_SSL_HAS_PEM is not set
 # CONFIG_SSL_USE_PKCS12 is not set
 CONFIG_SSL_EXPIRY_TIME=24
 CONFIG_X509_MAX_CA_CERTS=4

libs/nixio/axtls-config/config.h

@@ -32,15 +32,15 @@
 #define CONFIG_SSL_PROT_MEDIUM 1
 #undef CONFIG_SSL_PROT_HIGH
 #undef CONFIG_SSL_USE_DEFAULT_KEY
-#define CONFIG_SSL_PRIVATE_KEY_LOCATION "/etc/axtls.key"
+#define CONFIG_SSL_PRIVATE_KEY_LOCATION "/etc/nixio/rsa_main.der"
 #define CONFIG_SSL_PRIVATE_KEY_PASSWORD ""
 #define CONFIG_SSL_X509_CERT_LOCATION ""
-#define CONFIG_SSL_GENERATE_X509_CERT 1
+#undef CONFIG_SSL_GENERATE_X509_CERT
 #define CONFIG_SSL_X509_COMMON_NAME ""
 #define CONFIG_SSL_X509_ORGANIZATION_NAME ""
 #define CONFIG_SSL_X509_ORGANIZATION_UNIT_NAME ""
 #undef CONFIG_SSL_ENABLE_V23_HANDSHAKE
-#define CONFIG_SSL_HAS_PEM 1
+#undef CONFIG_SSL_HAS_PEM
 #undef CONFIG_SSL_USE_PKCS12
 #define CONFIG_SSL_EXPIRY_TIME 24
 #define CONFIG_X509_MAX_CA_CERTS 4

libs/nixio/axtls-root/etc/axtls.key

@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQDEQfiRQgRD6BzI3iBa/ugdUmiqU8TvIMgzd7PT7bEnTk3stVEM
-lSKkKpQlyf7F25DL2VnIEG7y592466XyZL3rwPT5/urvae3n6cmO7egOxdLO02Wz
-74fMka2BHsFbTXzI8FHakatabnMlsB05+5NpsbfwWj0BDbrq8ZQ6kX0s8wIDAQAB
-AoGAd8T259bM+ZAeeOst/bpQdwyCuWeT6IcuBlLH2M7W7PDZl1pz0uT0lhEyBfnG
-1IKRVAYZx4FX5D9iTWbqCAo46COwDrqQHoxXwQ89O2FgXrHoi1ZGjrQyPLJLvz3w
-HLzP4WjnOkr4Fy6v1UwCJetj/cdWByrAjWhYkDR6taxTxJECQQDxPqPCR80IOiMk
-Dh0pmYgmfACYa/FNi5LwWVRs09KKe51PNWck8aZa0qhxX+dOR7ptw3SIaQQ5pow1
-7zZ/lhjLAkEA0ELvJePIG7N9pzR12mDYMUNTjcVJYkw0LF04zQu49C8yeSJRtDuR
-e1UjnZ2iEAdPaU+ywLHm/vcR75gSj6S/eQJBANJBA7xpk5qeAM6FtojxFKZl4Kb3
-POGWycPMNzZ6Dr8/KUVFh9W8/n2dp8zYBuJExYiwlrnkvRf5va2sBNWB3a0CQANt
-xrAyAt5p4xy4oWQaChUtjZec8utaY9WDJ2dA1Se4CzWxWfUEsg18xlxW9w8af7U1
-KbVAeJQkDziJoWyaAskCQQCxnGi/AepzNrozpJdlrAgwWjGOlSo16QBLpfrrqBc5
-iI50AWsTtqThcS6gRgE6/jo/Iat0kKhRLAcALVAOmJfd
------END RSA PRIVATE KEY-----

libs/nixio/axtls-root/etc/uci-defaults/nixio

@@ -1,2 +0,0 @@
-#!/bin/sh
-nixio-axtls-checkkey

libs/nixio/axtls-root/usr/sbin/nixio-axtls-checkkey

@@ -1,26 +0,0 @@
-#!/usr/bin/lua
-os.exit(0)	--ToDo
-
-local nixio = require "nixio"
-local fs = require "nixio.fs"
-local posix
-local defkey = nixio.meta_tls_context.tls_defaultkey
-local okey = "646e6b90d1ad02719cb1b221b7ce447a"
-
-if not defkey or (io.open(defkey) and
-(nixio.crypto.hash("md5"):update(fs.readfile(defkey)):final()) ~= okey) then
-	os.exit(0)
-end
-
-if os.execute("which openssl >/dev/null") == 0 then
-	io.stderr:write("Warning: OpenSSL detected "..
-	"but it looks like nixio was linked against axtls\n")
-	os.execute("umask 0077;openssl genrsa -out '" .. defkey .. "' 2048")
-elseif os.execute("which dropbearkey >/dev/null && which dropbearconvert >/dev/null") == 0 then
-	os.execute("dropbearkey -t rsa -s 2048 -f /tmp/dbkey.rsa")
-	os.execute("umask 0077;dropbearconvert dropbear openssh /tmp/dbkey.rsa '"..defkey.."'")
-	os.remove("/tmp/dbkey.rsa")
-else
-	io.stderr:write("No key generators available! Giving up.")
-	os.exit(1)
-end

libs/nixio/ipkg/postinst

@@ -1,6 +0,0 @@
-#!/bin/sh
-[ -z "${IPKG_INSTROOT}" -a -f "/etc/uci-defaults/nixio" ] && {
-	( . /etc/uci-defaults/nixio ) && rm -f /etc/uci-defaults/nixio
-	exit
-}
-exit 0