NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/freerdp: Always install key and certificate

Browse Source 
Currently, the keys are only installed if the server is enabled.

However, other packages (e.g. weston) may implement an RDP server,
using the FreeRDP library.

So, we must always install the key and certificate.

Install them world-readable so non-root users may start an RDP server
without requiring to generate their own keys.

Add a comment in the help text about key and certificate management.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit is contained in:
Yann E. MORIN 2015-02-22 18:45:50 +01:00 committed by Thomas Petazzoni
parent b3845ee523
commit 6ab4692407
2 changed files with 20 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
package/freerdp/Config.in
View File

@ -10,6 +10,12 @@ config BR2_PACKAGE_FREERDP
http://www.freerdp.com/
Note: this also installs a key and certificate in
/etc/freerdp/keys/ . These are publicly-known, as they
are present in FreeRDP's source tree. It is strongly
suggested that you overwrite them with your own set,
either in an overlay rootfs or in a post-build script.
if BR2_PACKAGE_FREERDP
config BR2_PACKAGE_FREERDP_SERVER

23
package/freerdp/freerdp.mk
View File

@ -71,15 +71,6 @@ endif
ifeq ($(BR2_PACKAGE_FREERDP_SERVER),y)
FREERDP_CONF_OPTS += -DWITH_SERVER=ON -DWITH_SERVER_INTERFACE=ON
# Install the server key and certificate, so that a client can connect.
# A user can override them with its own in a post-build script, if needed.
define FREERDP_INSTALL_KEYS
$(INSTALL) -D $(@D)/server/X11/server.key \
$(TARGET_DIR)/etc/freerdp/keys/server.key
$(INSTALL) -D $(@D)/server/X11/server.crt \
$(TARGET_DIR)/etc/freerdp/keys/server.crt
endef
FREERDP_POST_INSTALL_TARGET_HOOKS += FREERDP_INSTALL_KEYS
else
FREERDP_CONF_OPTS += -DWITH_SERVER=OFF -DWITH_SERVER_INTERFACE=OFF
endif
@ -178,4 +169,18 @@ FREERDP_CONF_OPTS += -DWITH_X11=OFF
endif # ! SERVER && ! CLIENT
# Install the server key and certificate, so that a client can connect.
# A user can override them with its own in a post-build script, if needed.
# We install them even if the server is not enabled, since another server
# can be built and linked with libfreerdp (e.g. weston with the RDP
# backend). Key and cert are installed world-readable, so non-root users
# can start a server.
define FREERDP_INSTALL_KEYS
$(INSTALL) -m 0644 -D $(@D)/server/X11/server.key \
$(TARGET_DIR)/etc/freerdp/keys/server.key
$(INSTALL) -m 0644 -D $(@D)/server/X11/server.crt \
$(TARGET_DIR)/etc/freerdp/keys/server.crt
endef
FREERDP_POST_INSTALL_TARGET_HOOKS += FREERDP_INSTALL_KEYS
$(eval $(cmake-package))