diff --git a/configs/ath79/generic/uap-ac-lr/extended b/configs/ath79/generic/uap-ac-lr/extended index af72e63..d34983b 100644 --- a/configs/ath79/generic/uap-ac-lr/extended +++ b/configs/ath79/generic/uap-ac-lr/extended @@ -48,7 +48,6 @@ CONFIG_PACKAGE_luci-mod-status=y CONFIG_PACKAGE_luci-mod-system=y CONFIG_PACKAGE_luci-proto-ipv6=y CONFIG_PACKAGE_luci-proto-ppp=y -CONFIG_PACKAGE_luci-ssl=y CONFIG_PACKAGE_luci-theme-bootstrap=y # additional packages @@ -132,3 +131,21 @@ CONFIG_PACKAGE_luci-app-vnstat2=y # language CONFIG_LUCI_LANG_pl=y + +##### REPLACE CRYPTOLIB ##### +# mbedtls - comment it when openssl or wolfssl enabled! +CONFIG_PACKAGE_luci-ssl=y + +## replace mbedtls with openssl - remember to leave commented "is not set" ! +#CONFIG_PACKAGE_luci-ssl-openssl=y +#CONFIG_PACKAGE_wpad-openssl=y +## CONFIG_PACKAGE_wpad-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-openssl is not set + +## replace mbedtls with wolfssl - remember to leave commented "is not set" ! +# CONFIG_PACKAGE_luci-ssl-wolfssl=y +# CONFIG_PACKAGE_wpad-wolfssl=y +## CONFIG_PACKAGE_wpad-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-openssl is not set diff --git a/configs/ath79/mikrotik/extended b/configs/ath79/mikrotik/extended index d4f18bc..cefe2a6 100644 --- a/configs/ath79/mikrotik/extended +++ b/configs/ath79/mikrotik/extended @@ -30,7 +30,6 @@ CONFIG_PACKAGE_luci-mod-status=y CONFIG_PACKAGE_luci-mod-system=y CONFIG_PACKAGE_luci-proto-ipv6=y CONFIG_PACKAGE_luci-proto-ppp=y -CONFIG_PACKAGE_luci-ssl=y CONFIG_PACKAGE_luci-theme-bootstrap=y # additional packages @@ -113,3 +112,21 @@ CONFIG_PACKAGE_luci-app-vnstat2=y # language CONFIG_LUCI_LANG_pl=y + +##### REPLACE CRYPTOLIB ##### +# mbedtls - comment it when openssl or wolfssl enabled! +CONFIG_PACKAGE_luci-ssl=y + +## replace mbedtls with openssl - remember to leave commented "is not set" ! +#CONFIG_PACKAGE_luci-ssl-openssl=y +#CONFIG_PACKAGE_wpad-openssl=y +## CONFIG_PACKAGE_wpad-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-openssl is not set + +## replace mbedtls with wolfssl - remember to leave commented "is not set" ! +# CONFIG_PACKAGE_luci-ssl-wolfssl=y +# CONFIG_PACKAGE_wpad-wolfssl=y +## CONFIG_PACKAGE_wpad-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-openssl is not set diff --git a/configs/mediatek/mt7622/dumb_ap b/configs/mediatek/mt7622/dumb_ap index cdb87e1..609c176 100644 --- a/configs/mediatek/mt7622/dumb_ap +++ b/configs/mediatek/mt7622/dumb_ap @@ -31,7 +31,6 @@ CONFIG_PACKAGE_luci-mod-status=y CONFIG_PACKAGE_luci-mod-system=y CONFIG_PACKAGE_luci-proto-ipv6=y CONFIG_PACKAGE_luci-proto-ppp=y -CONFIG_PACKAGE_luci-ssl=y CONFIG_PACKAGE_luci-theme-bootstrap=y # additional packages @@ -86,13 +85,31 @@ CONFIG_PACKAGE_collectd-mod-dns=y #CONFIG_PACKAGE_dawn=y #CONFIG_PACKAGE_luci-app-dawn=y -### usteer -CONFIG_PACKAGE_usteer=y -CONFIG_PACKAGE_luci-app-usteer=y +#### usteer +#CONFIG_PACKAGE_usteer=y +#CONFIG_PACKAGE_luci-app-usteer=y # language CONFIG_LUCI_LANG_pl=y +##### REPLACE CRYPTOLIB ##### +# mbedtls - comment it when openssl or wolfssl enabled! +CONFIG_PACKAGE_luci-ssl=y + +## replace mbedtls with openssl - remember to leave commented "is not set" ! +#CONFIG_PACKAGE_luci-ssl-openssl=y +#CONFIG_PACKAGE_wpad-openssl=y +## CONFIG_PACKAGE_wpad-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-openssl is not set + +## replace mbedtls with wolfssl - remember to leave commented "is not set" ! +# CONFIG_PACKAGE_luci-ssl-wolfssl=y +# CONFIG_PACKAGE_wpad-wolfssl=y +## CONFIG_PACKAGE_wpad-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-openssl is not set +# # Disable CONFIG_ALL_KMODS # More: https://github.com/openwrt/openwrt/commit/dadad6bb731ff1025125c619da7ccc196ad6ea01 CONFIG_ALL_KMODS=n diff --git a/configs/mediatek/mt7622/extended b/configs/mediatek/mt7622/extended index f9383ae..d5348b7 100644 --- a/configs/mediatek/mt7622/extended +++ b/configs/mediatek/mt7622/extended @@ -31,7 +31,6 @@ CONFIG_PACKAGE_luci-mod-status=y CONFIG_PACKAGE_luci-mod-system=y CONFIG_PACKAGE_luci-proto-ipv6=y CONFIG_PACKAGE_luci-proto-ppp=y -CONFIG_PACKAGE_luci-ssl=y CONFIG_PACKAGE_luci-theme-bootstrap=y # additional packages @@ -93,10 +92,10 @@ CONFIG_PACKAGE_collectd-mod-dns=y # some other network stats CONFIG_PACKAGE_luci-app-vnstat2=y -## Better roaming: dawn vs usteer => choose one -## dawn -CONFIG_PACKAGE_dawn=y -CONFIG_PACKAGE_luci-app-dawn=y +### Better roaming: dawn vs usteer => choose one +### dawn +#CONFIG_PACKAGE_dawn=y +#CONFIG_PACKAGE_luci-app-dawn=y ### usteer #CONFIG_PACKAGE_usteer=y @@ -115,6 +114,24 @@ CONFIG_PACKAGE_bind-host=y # language CONFIG_LUCI_LANG_pl=y +##### REPLACE CRYPTOLIB ##### +# mbedtls - comment it when openssl or wolfssl enabled! +CONFIG_PACKAGE_luci-ssl=y + +## replace mbedtls with openssl - remember to leave commented "is not set" ! +#CONFIG_PACKAGE_luci-ssl-openssl=y +#CONFIG_PACKAGE_wpad-openssl=y +## CONFIG_PACKAGE_wpad-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-openssl is not set + +## replace mbedtls with wolfssl - remember to leave commented "is not set" ! +# CONFIG_PACKAGE_luci-ssl-wolfssl=y +# CONFIG_PACKAGE_wpad-wolfssl=y +## CONFIG_PACKAGE_wpad-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-openssl is not set + # Disable CONFIG_ALL_KMODS # More: https://github.com/openwrt/openwrt/commit/dadad6bb731ff1025125c619da7ccc196ad6ea01 CONFIG_ALL_KMODS=n diff --git a/configs/mediatek/mt7988a/extended b/configs/mediatek/mt7988a/extended index 44e924e..ac709a2 100644 --- a/configs/mediatek/mt7988a/extended +++ b/configs/mediatek/mt7988a/extended @@ -34,7 +34,6 @@ CONFIG_PACKAGE_luci-mod-status=y CONFIG_PACKAGE_luci-mod-system=y CONFIG_PACKAGE_luci-proto-ipv6=y CONFIG_PACKAGE_luci-proto-ppp=y -CONFIG_PACKAGE_luci-ssl=y CONFIG_PACKAGE_luci-theme-bootstrap=y # additional packages @@ -101,9 +100,9 @@ CONFIG_PACKAGE_luci-app-vnstat2=y #CONFIG_PACKAGE_dawn=y #CONFIG_PACKAGE_luci-app-dawn=y -### usteer -CONFIG_PACKAGE_usteer=y -CONFIG_PACKAGE_luci-app-usteer=y +#### usteer +#CONFIG_PACKAGE_usteer=y +#CONFIG_PACKAGE_luci-app-usteer=y # sqm CONFIG_PACKAGE_luci-app-sqm=y @@ -118,6 +117,24 @@ CONFIG_PACKAGE_bind-host=y # language CONFIG_LUCI_LANG_pl=y +##### REPLACE CRYPTOLIB ##### +# mbedtls - comment it when openssl or wolfssl enabled! +CONFIG_PACKAGE_luci-ssl=y + +## replace mbedtls with openssl - remember to leave commented "is not set" ! +#CONFIG_PACKAGE_luci-ssl-openssl=y +#CONFIG_PACKAGE_wpad-openssl=y +## CONFIG_PACKAGE_wpad-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-openssl is not set + +## replace mbedtls with wolfssl - remember to leave commented "is not set" ! +# CONFIG_PACKAGE_luci-ssl-wolfssl=y +# CONFIG_PACKAGE_wpad-wolfssl=y +## CONFIG_PACKAGE_wpad-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-openssl is not set + # MT7921 CONFIG_PACKAGE_kmod-mt7921-common=y CONFIG_PACKAGE_kmod-mt7921-firmware=y diff --git a/configs/qualcommax/ax3600/extended b/configs/qualcommax/ax3600/extended index 853628d..50b24b3 100644 --- a/configs/qualcommax/ax3600/extended +++ b/configs/qualcommax/ax3600/extended @@ -31,7 +31,6 @@ CONFIG_PACKAGE_luci-mod-status=y CONFIG_PACKAGE_luci-mod-system=y CONFIG_PACKAGE_luci-proto-ipv6=y CONFIG_PACKAGE_luci-proto-ppp=y -CONFIG_PACKAGE_luci-ssl=y CONFIG_PACKAGE_luci-theme-bootstrap=y # additional packages @@ -114,3 +113,21 @@ CONFIG_PACKAGE_bind-host=y # language CONFIG_LUCI_LANG_pl=y + +##### REPLACE CRYPTOLIB ##### +# mbedtls - comment it when openssl or wolfssl enabled! +CONFIG_PACKAGE_luci-ssl=y + +## replace mbedtls with openssl - remember to leave commented "is not set" ! +#CONFIG_PACKAGE_luci-ssl-openssl=y +#CONFIG_PACKAGE_wpad-openssl=y +## CONFIG_PACKAGE_wpad-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-openssl is not set + +## replace mbedtls with wolfssl - remember to leave commented "is not set" ! +# CONFIG_PACKAGE_luci-ssl-wolfssl=y +# CONFIG_PACKAGE_wpad-wolfssl=y +## CONFIG_PACKAGE_wpad-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-openssl is not set diff --git a/configs/ramips/mt7621/extended b/configs/ramips/mt7621/extended index d7b1840..eb3ce87 100644 --- a/configs/ramips/mt7621/extended +++ b/configs/ramips/mt7621/extended @@ -33,7 +33,6 @@ CONFIG_PACKAGE_luci-mod-status=y CONFIG_PACKAGE_luci-mod-system=y CONFIG_PACKAGE_luci-proto-ipv6=y CONFIG_PACKAGE_luci-proto-ppp=y -CONFIG_PACKAGE_luci-ssl=y CONFIG_PACKAGE_luci-theme-bootstrap=y # additional packages @@ -117,3 +116,21 @@ CONFIG_PACKAGE_bind-host=y # language CONFIG_LUCI_LANG_pl=y + +##### REPLACE CRYPTOLIB ##### +# mbedtls - comment it when openssl or wolfssl enabled! +CONFIG_PACKAGE_luci-ssl=y + +## replace mbedtls with openssl - remember to leave commented "is not set" ! +#CONFIG_PACKAGE_luci-ssl-openssl=y +#CONFIG_PACKAGE_wpad-openssl=y +## CONFIG_PACKAGE_wpad-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-openssl is not set + +## replace mbedtls with wolfssl - remember to leave commented "is not set" ! +# CONFIG_PACKAGE_luci-ssl-wolfssl=y +# CONFIG_PACKAGE_wpad-wolfssl=y +## CONFIG_PACKAGE_wpad-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-mbedtls is not set +## CONFIG_PACKAGE_wpad-basic-openssl is not set diff --git a/openwrt-configure.sh b/openwrt-configure.sh index 0cfc2e2..b0ba828 100755 --- a/openwrt-configure.sh +++ b/openwrt-configure.sh @@ -10,7 +10,13 @@ DEVICE="${DEVICE:-$2}" FULL_WPAD="${FULL_WPAD:-'yes'}" INSTALL_BRIDGER=${INSTALL_BRIDGER:-'true'} INSTALL_DAWN=${INSTALL_DAWN:-'false'} -CRYPTO_LIB=${CRYPTO_LIB:-'openssl'} +CRYPTO_LIB=${CRYPTO_LIB:-''} # wolfssl or openssl + +# To replace mbedtls with openssl via firmware-selector, just add: +# -wpad-basic-mbedtls -libustream-mbedtls -libmbedtls libustream-openssl wpad-openssl luci-ssl-openssl +# +# To replace mbedtls with wolfssl via firmware-selector, just add: +# -wpad-basic-mbedtls -libustream-mbedtls -libmbedtls libustream-wolfssl wpad-wolfssl luci-ssl-wolfssl if [ -z "$ROUTER_IP" ]; then echo "Please provide router ip like: 192.168.1.1" @@ -18,9 +24,10 @@ if [ -z "$ROUTER_IP" ]; then fi COMMAND="opkg update" -#if [[ "$FULL_WPAD" =~ yes|Yes ]]; then -# COMMAND="$COMMAND; opkg remove wpad-basic-mbedtls; opkg install wpad-$CRYPTO_LIB" -#fi + +if [ -n "$CRYPTO_LIB" ]; then + COMMAND="$COMMAND; opkg install --force-depends wpad-$CRYPTO_LIB luci-ssl-$CRYPTO_LIB" +fi # basic packages COMMAND="$COMMAND; opkg install collectd collectd-mod-sensors \