From 88fb4cafbcc5cf52d8862f8d21dd6faabbe3341f Mon Sep 17 00:00:00 2001 From: John Crispin Date: Mon, 19 May 2025 06:14:48 +0200 Subject: [PATCH] firstcontact: remove now unused digicert client Fixes: WIFI-14694 Signed-off-by: John Crispin --- feeds/tip/firstcontact/Makefile | 25 ----- .../files/etc/init.d/firstcontact | 12 -- .../files/etc/uci-defaults/zzz-firstcontact | 3 - .../files/usr/share/ucentral/firstcontact.uc | 83 -------------- feeds/tip/firstcontact/src/CMakeLists.txt | 13 --- feeds/tip/firstcontact/src/digicert.c | 104 ------------------ 6 files changed, 240 deletions(-) delete mode 100644 feeds/tip/firstcontact/Makefile delete mode 100755 feeds/tip/firstcontact/files/etc/init.d/firstcontact delete mode 100755 feeds/tip/firstcontact/files/etc/uci-defaults/zzz-firstcontact delete mode 100644 feeds/tip/firstcontact/files/usr/share/ucentral/firstcontact.uc delete mode 100644 feeds/tip/firstcontact/src/CMakeLists.txt delete mode 100644 feeds/tip/firstcontact/src/digicert.c diff --git a/feeds/tip/firstcontact/Makefile b/feeds/tip/firstcontact/Makefile deleted file mode 100644 index 9b936af39..000000000 --- a/feeds/tip/firstcontact/Makefile +++ /dev/null @@ -1,25 +0,0 @@ -include $(TOPDIR)/rules.mk - -PKG_NAME:=firstcontact -PKG_RELEASE:=1 - -PKG_LICENSE:=BSD-3-Clause -PKG_MAINTAINER:=John Crispin - -include $(INCLUDE_DIR)/package.mk -include $(INCLUDE_DIR)/cmake.mk - -define Package/firstcontact - SECTION:=ucentral - CATEGORY:=uCentral - TITLE:=TIP DigiCert firstcontact - DEPENDS:=+libubox +libcurl +libopenssl +certificates -endef - -define Package/firstcontact/install - $(INSTALL_DIR) $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_BUILD_DIR)/digicert $(1)/usr/sbin/ - $(CP) ./files/* $(1) -endef - -$(eval $(call BuildPackage,firstcontact)) diff --git a/feeds/tip/firstcontact/files/etc/init.d/firstcontact b/feeds/tip/firstcontact/files/etc/init.d/firstcontact deleted file mode 100755 index 6d1fb477d..000000000 --- a/feeds/tip/firstcontact/files/etc/init.d/firstcontact +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/sh /etc/rc.common - -START=99 -USE_PROCD=1 -PROG=/usr/bin/ucode - -start_service() { - procd_open_instance - procd_set_param command "$PROG" -l uci -l fs /usr/share/ucentral/firstcontact.uc - procd_set_param respawn 1 10 0 - procd_close_instance -} diff --git a/feeds/tip/firstcontact/files/etc/uci-defaults/zzz-firstcontact b/feeds/tip/firstcontact/files/etc/uci-defaults/zzz-firstcontact deleted file mode 100755 index 83176fa7c..000000000 --- a/feeds/tip/firstcontact/files/etc/uci-defaults/zzz-firstcontact +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/sh -[ -f "/etc/ucentral/gateway.json" ] && /etc/init.d/firstcontact disable -[ -f "/etc/ucentral/gateway.json" ] || /etc/init.d/ucentral disable diff --git a/feeds/tip/firstcontact/files/usr/share/ucentral/firstcontact.uc b/feeds/tip/firstcontact/files/usr/share/ucentral/firstcontact.uc deleted file mode 100644 index 1216c1a11..000000000 --- a/feeds/tip/firstcontact/files/usr/share/ucentral/firstcontact.uc +++ /dev/null @@ -1,83 +0,0 @@ -let config = {}; - -function store_config() { - let redir = split(config.Redirector, ":"); - let gw = { - server: redir[0], - port: redir[1] || 15002 - }; - fs.writefile('/etc/ucentral/gateway.json', gw); -} - -function store_config_uci(path) { - let cursor = uci.cursor(path); - let redir = split(config.Redirector, ":"); - - cursor.load("ucentral"); - cursor.set("ucentral", "config", "server", redir[0]); - cursor.set("ucentral", "config", "port", redir[1] || 15002); - cursor.commit(); -} - -function digicert() { - let devid; - let fd = fs.open("/etc/ucentral/dev-id", "r"); - if (!fd) { - warn("firstcontact: failed to find device id"); - exit(1); - } - devid = fd.read("all"); - fd.close(); - - ret = system(sprintf('/usr/sbin/digicert -i %s', devid)); - if (ret) { - warn("firstcontact failed to contact redirector, check DHCP option\n"); - let fd = fs.open("/tmp/capwap/dhcp_opt.txt", "r"); - if (!fd) { - warn("No redirector found\n"); - exit(1); - } else { - config.Redirector = fd.read("all"); - fd.close(); - } - } else { - let redirector = { }; - let fd = fs.open("/etc/ucentral/redirector.json", "r"); - if (fd) { - let data = fd.read("all"); - fd.close(); - - try { - redirector = json(data); - } - catch (e) { - warn("firstcontact: Unable to parse JSON data in %s: %s", path, e); - - exit(1); - } - } - - for (let r in redirector.fields) - if (r.name && r.value) - config[r.name] = r.value; - if (!config.Redirector) { - warn("Reply is missing Redirector field\n"); - exit(1); - } - - } -} - -if (!fs.stat('/etc/ucentral/gateway.json')) { - digicert(); - store_config(); - store_config_uci(); - store_config_uci("/etc/config-shadow/"); - warn("firstcontact: managed to look up redirector\n"); -} - -system("/etc/init.d/ucentral enable"); -system("/etc/init.d/firstcontact disable"); -system("reload_config"); -system("/etc/init.d/ucentral start"); -system("/etc/init.d/firstcontact stop"); diff --git a/feeds/tip/firstcontact/src/CMakeLists.txt b/feeds/tip/firstcontact/src/CMakeLists.txt deleted file mode 100644 index c854399ee..000000000 --- a/feeds/tip/firstcontact/src/CMakeLists.txt +++ /dev/null @@ -1,13 +0,0 @@ -cmake_minimum_required(VERSION 2.6) - -PROJECT(digicert C) -INCLUDE(GNUInstallDirs) -ADD_DEFINITIONS(-Os -ggdb -Wall -Werror --std=gnu99 -Wmissing-declarations) - -SET(CMAKE_SHARED_LIBRARY_LINK_C_FLAGS "") - -ADD_EXECUTABLE(digicert digicert.c) -TARGET_LINK_LIBRARIES(digicert curl crypto ssl ubox) -INSTALL(TARGETS digicert - RUNTIME DESTINATION ${CMAKE_INSTALL_SBINDIR} -) diff --git a/feeds/tip/firstcontact/src/digicert.c b/feeds/tip/firstcontact/src/digicert.c deleted file mode 100644 index 0f24fb122..000000000 --- a/feeds/tip/firstcontact/src/digicert.c +++ /dev/null @@ -1,104 +0,0 @@ -#define _GNU_SOURCE -#include -#include -#include - -#include - -#include - -static const char *file_cert = "/etc/ucentral/cert.pem"; -static const char *file_key = "/etc/ucentral/key.pem"; -static const char *file_json = "/etc/ucentral/redirector.json"; -static const char *file_dbg = "/tmp/digicert.hdr"; - -int main(int argc, char **argv) -{ - FILE *fp_json; - FILE *fp_dbg; - CURLcode res; - CURL *curl; - char *devid = NULL; - char *url; - - alarm(15); - - while (1) { - int option = getopt(argc, argv, "k:c:o:hi:"); - - if (option == -1) - break; - - switch (option) { - case 'k': - file_key = optarg; - break; - case 'c': - file_cert = optarg; - break; - case 'o': - file_json = optarg; - break; - case 'i': - devid = optarg; - break; - default: - case 'h': - printf("Usage: digicert OPTIONS\n" - " -k \n" - " -c \n" - " -o \n" - " -i \n"); - return -1; - } - } - - if (!devid) { - fprintf(stderr, "missing devid\n"); - return -1; - } - - ulog_open(ULOG_SYSLOG | ULOG_STDIO, LOG_DAEMON, "digicert"); - ULOG_INFO("attempting first contact\n"); - - fp_dbg = fopen(file_dbg, "wb"); - fp_json = fopen(file_json, "wb"); - if (!fp_json) { - ULOG_ERR("failed to create %s\n", file_json); - return -1; - } - - curl_global_init(CURL_GLOBAL_DEFAULT); - curl = curl_easy_init(); - if (!curl) { - ULOG_ERR("curl_easy_init failed\n"); - return -1; - } - - if (asprintf(&url, "https://clientauth.one.digicert.com/iot/api/v2/device/%s", devid) < 0) { - ULOG_ERR("failed to assemble url\n"); - return -1; - } - - curl_easy_setopt(curl, CURLOPT_URL, url); - curl_easy_setopt(curl, CURLOPT_WRITEDATA, fp_json); - curl_easy_setopt(curl, CURLOPT_HEADERDATA, fp_dbg); - curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM"); - curl_easy_setopt(curl, CURLOPT_SSLCERT, file_cert); - curl_easy_setopt(curl, CURLOPT_SSLKEYTYPE, "PEM"); - curl_easy_setopt(curl, CURLOPT_SSLKEY, file_key); - curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1L); - curl_easy_setopt(curl, CURLOPT_CONNECTTIMEOUT, 10L); - - res = curl_easy_perform(curl); - if (res != CURLE_OK) - ULOG_ERR("curl_easy_perform() failed: %s\n", curl_easy_strerror(res)); - else - ULOG_INFO("downloaded first contact data\n"); - curl_easy_cleanup(curl); - curl_global_cleanup(); - - ulog_close(); - - return (res != CURLE_OK); -}