20190613_jeffrey - silenceuncrio/diary GitHub Wiki
0915
早上一來就看到 ariel 被 jessy 用辦公室椅子推著走
說腳痛到被法走路
繼續 M300 - feature/lighttpd
經過昨天的回顧以及思考怎麼來改 icos web module
- 不能另外寫一個新的 web module
- 需要考慮 firmware upgrade 之後要接受原本的 web module configuration
- 新的 module 肯定是有自己的預設值 可能跟使用者的設定不一樣
- 目前的 web module daemon control 數量為 2 - gWebCtrl.dmn_ctrl[2]
- 改成一個的話工程比較大
- 注意到 daemon_restart()
- 如果 daemon id 是 DID_HTTPD 就不要做事
- 如果 daemon id 是 DID_HTTPS 的話就依據 module configuration 準備好 lighttpd 所需要的 configuration
- 注意到 lighttpd 對於 IPv6 的 support
1000
先作以下修改
diff --git a/proscend/prosrc/icos/icoslib/entry.c b/proscend/prosrc/icos/icoslib/entry.c
index b2e41f7..1804073 100644
--- a/proscend/prosrc/icos/icoslib/entry.c
+++ b/proscend/prosrc/icos/icoslib/entry.c
@@ -86,7 +86,7 @@ sAttStringSet moduleInitAry[] =
{ "MODULE_CWMP", MODULE_CWMP },
#endif
-// { "MODULE_WEB", MODULE_WEB },
+ { "MODULE_WEB", MODULE_WEB },
{ "MODULE_DNAT", MODULE_DNAT },
{ "MODULE_SNAT", MODULE_SNAT },
@@ -1131,7 +1131,7 @@ int ICOS_Bootinit(void)
//ICOS_broadcast(0, NULL, 0, ICOS_BOOTINIT_DONE); // Ariel
led_on(LED_SYSTEM_STATUS);
ICOS_msg_sendto(0, MODULE_NETMON,NULL, 0,ICOS_BOOTINIT_DONE);
- //ICOS_msg_sendto(0, MODULE_WEB,NULL, 0,ICOS_BOOTINIT_DONE);
+ ICOS_msg_sendto(0, MODULE_WEB,NULL, 0,ICOS_BOOTINIT_DONE);
return ICOS_SUCCESS;
}
diff --git a/proscend/prosrc/icos/icoslib/web/webcfg.c b/proscend/prosrc/icos/icoslib/web/webcfg.c
index b0fbd3a..687ed00 100644
--- a/proscend/prosrc/icos/icoslib/web/webcfg.c
+++ b/proscend/prosrc/icos/icoslib/web/webcfg.c
@@ -80,7 +80,6 @@ typedef struct daemon_ctrl_s
int retry_cnt; //Stop when count down to zero or negative.
//int ip_ver; //Specific the ip version for this daemon, 4 for ipv4,6 for ipv6,and 0 for dual.
int did; //Daemon ID,DID_HTTPD/DID_HTTPS
- int starting_once; // successful starting once or not
} DAEMON_CTRL_T;
typedef struct runtime_info_s
@@ -677,7 +676,9 @@ static void daemon_restart(DAEMON_CTRL_T *dmn_ctrl)
}
else
{
- snprintf(argv,sizeof(argv)," -p %d -d %s", cfg->httpdPort, WEB_DAEMON_HTML_DIR);
+ WEB_DBG("[DMN]Do not start when did = DID_HTTPD\n");
+ return;
+ //snprintf(argv,sizeof(argv)," -p %d -d %s", cfg->httpdPort, WEB_DAEMON_HTML_DIR);
}
WEB_DBG("[DMN]Lanch=>%s %s\n",WEB_DAEMON_BIN_FILE,argv);
@@ -721,7 +722,6 @@ static int controller_init(sWebConfig *cfgp)
gWebCtrl.dmn_ctrl[i].flag=0;
gWebCtrl.dmn_ctrl[i].pid=BAD_PID;
gWebCtrl.dmn_ctrl[i].retry_cnt=MAX_DAEMON_RETRY_NUM; //-1 for forever
- gWebCtrl.dmn_ctrl[i].starting_once = 0;
gWebCtrl.dmn_ctrl[i].is_keyfile_ready=0;
if (keyfile && certfile)
@@ -1103,35 +1103,8 @@ static int _termcb(char *msg, pid_t pid)
{
gWebCtrl.dmn_ctrl[i].status=DAEMON_STATUS_OFF;
gWebCtrl.dmn_ctrl[i].pid=BAD_PID;
-
-#if 0
- if(0<(--gWebCtrl.dmn_ctrl[i].retry_cnt))
- {
- daemon_restart(&gWebCtrl.dmn_ctrl[i]);
- web_dump(DUMP_DMN,"Daemon killed restart");
- }
- else
- {
- WEB_INFO("###[DID%d]Daemon stopped due to reach max retry(%d).###\n",gWebCtrl.dmn_ctrl[i].did,MAX_DAEMON_RETRY_NUM);
- }
-#else // do not care the max retry
-
- if (gWebCtrl.dmn_ctrl[i].did == DID_HTTPS)
- {
- if (gWebCtrl.dmn_ctrl[i].starting_once == 0)
- {
- remove(WEB_DAEMON_KEY_FILE);
- remove(WEB_DAEMON_CERT_FILE);
- gWebCtrl.dmn_ctrl[i].is_keyfile_ready = 0;
- WEB_INFO("HTTPS terminate and never starting successful yet, remove key and cert and restart the daemon\n");
- }
- }
-
daemon_restart(&gWebCtrl.dmn_ctrl[i]);
web_dump(DUMP_DMN,"Daemon killed restart");
-#endif
-
-
}
}
@@ -1172,28 +1145,28 @@ static int _termcb(char *msg, pid_t pid)
static void daemon_event(DAEMON_CTRL_T *dmn_ctrl,char *msg)
{
-
+#if 0
#define WEB_DAEMON_STARTING_HTTP_ON_PORT_XXX "Starting HTTP on port"
#define WEB_DAEMON_STARTING_HTTPS_ON_PORT_XXX "Starting HTTPS on port"
-
- char *line;
- char *saveptr;
- char *ptr;
-
- if(strstr(msg, WEB_DAEMON_STARTING_HTTP_ON_PORT_XXX))
- {
- WEB_INFO("Starting HTTP success\n");
- dmn_ctrl->starting_once = 1;
- return;
- }
-
- if(strstr(msg, WEB_DAEMON_STARTING_HTTPS_ON_PORT_XXX))
- {
- WEB_INFO("Starting HTTPS success\n");
- dmn_ctrl->starting_once = 1;
- return;
- }
-
+
+ char *line;
+ char *saveptr;
+ char *ptr;
+
+ if(strstr(msg, WEB_DAEMON_STARTING_HTTP_ON_PORT_XXX))
+ {
+ WEB_INFO("Starting HTTP success\n");
+ dmn_ctrl->starting_once = 1;
+ return;
+ }
+
+ if(strstr(msg, WEB_DAEMON_STARTING_HTTPS_ON_PORT_XXX))
+ {
+ WEB_INFO("Starting HTTPS success\n");
+ dmn_ctrl->starting_once = 1;
+ return;
+ }
+#endif
}
@@ -1219,12 +1192,12 @@ static int _msgcb(char *msg, pid_t pid, int rc)
if(msg)
{
-#if 1 //debug
+#if 0 //debug
WEB_DAEMON("<--\n");
WEB_DAEMON("%s",msg);
WEB_DAEMON("-->\n");
#endif
- daemon_event(dmn_ctrl,msg);
+ //daemon_event(dmn_ctrl,msg);
}
return ICOS_SUCCESS;
}
確認是否只有 HTTPS 起來
為了節省時間只置換 libicos.so
1015
root@Cellular Router:~# cat /home/log/web.log
[20190613 01:59:45] [_notify:853]Recv bcast evt 14 before module init done.Ignore it.
[20190613 01:59:47] [_notify:865]ICOS_UCAST_MODULE_APPLY
[20190613 02:00:00] [_notify:896]ICOS_BOOTINIT_DONE
[20190613 02:00:00] [web_dump:524]===init config===
[20190613 02:00:00] [web_dump:534][COM]conn_mgr=1,mod_init_done:1.
[20190613 02:00:00] [web_dump:562][CFG]mode=both,httpd_port=80,https_port=443,refreshperiod=2,sport=80,intf=lan,secure=all,clienip=0.0.0.0,httpd_access=lan,https_access=lan
[20190613 02:00:00] [web_dump:570][DMN0]active=1,pid=-1,status=0,flag=0x0,DID0
[20190613 02:00:00] [web_dump:570][DMN1]active=1,pid=-1,status=0,flag=0x0,DID1
[20190613 02:00:00] [web_dump:575][RTI]wan4_ifname=,wan6_ifname=.
[20190613 02:00:00] [reset_firewall:775]Allow all ips.
[20190613 02:00:00] [daemon_restart:640][DID0] remain IP server retry for 6 times.
[20190613 02:00:00] [daemon_restart:679][DMN]Do not start when did = DID_HTTPD
[20190613 02:00:00] [daemon_restart:640][DID1] remain IP server retry for 6 times.
[20190613 02:00:00] [gen_key_files:586]IN
[20190613 02:00:00] [gen_key_files:598]iweb genkey pid = 1357
[20190613 02:00:00] [gen_key_files:601]OUT
[20190613 02:00:00] [is_request_start:629][DMN]disabled cause key not ready.
[20190613 02:00:00] [web_dump:570][DMN0]active=1,pid=-1,status=0,flag=0x0,DID0
[20190613 02:00:00] [web_dump:570][DMN1]active=1,pid=-1,status=0,flag=0x1,DID1
[20190613 02:00:00] [web_dump:524]===After daemon restart===
[20190613 02:00:00] [web_dump:534][COM]conn_mgr=1,mod_init_done:1.
[20190613 02:00:00] [web_dump:562][CFG]mode=both,httpd_port=80,https_port=443,refreshperiod=2,sport=80,intf=lan,secure=all,clienip=0.0.0.0,httpd_access=lan,https_access=lan
[20190613 02:00:00] [web_dump:570][DMN0]active=1,pid=-1,status=0,flag=0x0,DID0
[20190613 02:00:00] [web_dump:570][DMN1]active=1,pid=-1,status=0,flag=0x0,DID1
[20190613 02:00:00] [web_dump:575][RTI]wan4_ifname=,wan6_ifname=.
[20190613 02:00:34] [_termcb:1099]IN(1357)
[20190613 02:00:34] [_termcb:1123]HTTPS key and cert generated done.
[20190613 02:00:34] [web_dump:524]===Key file generated done, daemon restart===
[20190613 02:00:34] [web_dump:570][DMN0]active=1,pid=-1,status=0,flag=0x0,DID0
[20190613 02:00:34] [web_dump:570][DMN1]active=1,pid=-1,status=0,flag=0x0,DID1
[20190613 02:00:34] [daemon_restart:640][DID1] remain IP server retry for 6 times.
[20190613 02:00:34] [gen_key_files:586]IN
[20190613 02:00:34] [gen_key_files:601]OUT
[20190613 02:00:34] [daemon_restart:684][DMN]Lanch=>/usr/sbin/iweb -p 443 -d /www -s
[20190613 02:00:34] [_msgcb:1183]IN(DID1,pid 3572)
[20190613 02:01:24] [_notify:896]ICOS_BOOTINIT_DONE
[20190613 02:01:24] [_notify:900]ICOS_BOOTINIT_DONE is received already, break!
[20190613 02:01:47] [_notify:945]ICOS_WAN6_IP_UPDATE
[20190613 02:01:47] [_notify:952]Ignore due to conn_mgr is on.
[20190613 02:01:48] [_notify:943]ICOS_WAN6_GATEWAY_UPDATE
[20190613 02:01:48] [_notify:945]ICOS_WAN6_IP_UPDATE
[20190613 02:01:48] [_notify:955]WAN6 IP UPDATE
[20190613 02:01:52] [_notify:917]ICOS_WAN_IP_UPDATE
[20190613 02:01:52] [_notify:924]Ignore due to conn_mgr is on.
[20190613 02:01:59] [_notify:915]ICOS_WAN_GATEWAY_UPDATE
[20190613 02:01:59] [_notify:917]ICOS_WAN_IP_UPDATE
[20190613 02:01:59] [_notify:927]WAN IP UPDATE
root@Cellular Router:~#
log 看起來不錯
root@Cellular Router:~# ps aux | grep iweb
root 3572 0.1 0.6 10636 3148 pts/4 Ss+ 02:00 0:00 iweb -p 443 -d /www -s
root 17482 0.0 0.0 1768 320 ttymxc0 S+ 02:06 0:00 grep iweb
root@Cellular Router:~#
process 也正常
把 process kill 掉看看
root@Cellular Router:~# cat /home/log/web.log
...
[20190613 02:08:26] [_termcb:1099]IN(3572)
[20190613 02:08:26] [daemon_restart:640][DID1] remain IP server retry for 6 times.
[20190613 02:08:26] [gen_key_files:586]IN
[20190613 02:08:26] [gen_key_files:601]OUT
[20190613 02:08:26] [daemon_restart:684][DMN]Lanch=>/usr/sbin/iweb -p 443 -d /www -s
[20190613 02:08:26] [web_dump:524]===Daemon killed restart===
[20190613 02:08:26] [web_dump:570][DMN0]active=1,pid=-1,status=0,flag=0x0,DID0
[20190613 02:08:26] [web_dump:570][DMN1]active=1,pid=22747,status=1,flag=0x0,DID1
[20190613 02:08:27] [_msgcb:1183]IN(DID1,pid 22747)
root@Cellular Router:~#
看看 ps
root@Cellular Router:~# ps aux | grep iweb
root 22747 0.2 0.6 10636 3248 pts/14 Ss+ 02:08 0:00 iweb -p 443 -d /www -s
root 26507 0.0 0.0 1768 320 ttymxc0 S+ 02:10 0:00 grep iweb
root@Cellular Router:~#
很好
來把 iweb 換成 lighttpd 吧
1305
把 iweb 換成 lighttpd 之前先 commit
commit 7eca1c99e0b1cdfb93281c8fe9c9b1d2e1f54da2
Refs: [feature/lighttpd], {origin/feature/lighttpd}
Author: jeffrey <[email protected]>
Date: Thu Jun 13 13:08:38 2019 +0800
ready for replace the iweb with lighttpd
- init MODULE_WEB at moduleInitAry[]
- send ICOS_BOOTINIT_DONE to MODULE_WEB
- Do not start the iweb when did = DID_HTTPD
- remove starting_once related logic
- no more invoke daemon_event()
proscend/prosrc/icos/icoslib/entry.c | 4 +--
proscend/prosrc/icos/icoslib/web/webcfg.c | 41 ++++++-------------------------
2 files changed, 9 insertions(+), 36 deletions(-)
啟動 lighttpd 之前要先依據 module configuration 準備好 configuration
1530
lighttpd 的 HTTPS 不能使用之前 iweb 透過 web_x509.sh 所產生的 key
root@Cellular Router:/etc/icos/web# lighttpd -f /home/factory/icos/lighttpd/li>
2019-06-13 07:17:09: (/home/user/build_small/tmp/work/cortexa7hf-vfp-neon-poky-linux-gnueabi/lighttpd/1.4.53-r0/lighttpd-1.4.53/src/mod_openssl.c.452) SSL: couldn't read X509 certificate from '/etc/icos/web/iweb_key.pem'
2019-06-13 07:17:09: (/home/user/build_small/tmp/work/cortexa7hf-vfp-neon-poky-linux-gnueabi/lighttpd/1.4.53-r0/lighttpd-1.4.53/src/server.c.1183) Initialization of plugins failed. Going down.
</home/factory/icos/lighttpd/lighttpd.conf
</web# lighttpd -f /home/factory/icos/lighttpd/lighttpd.conf
2019-06-13 07:17:34: (/home/user/build_small/tmp/work/cortexa7hf-vfp-neon-poky-linux-gnueabi/lighttpd/1.4.53-r0/lighttpd-1.4.53/src/mod_openssl.c.487) SSL: couldn't read private key from '/etc/icos/web/iweb_cert.pem'
2019-06-13 07:17:34: (/home/user/build_small/tmp/work/cortexa7hf-vfp-neon-poky-linux-gnueabi/lighttpd/1.4.53-r0/lighttpd-1.4.53/src/server.c.1183) Initialization of plugins failed. Going down.
目前 web_x509.sh
#!/bin/bash
openssl req -x509 -newkey rsa:2048 -keyout /etc/icos/web/iweb_key.pem -out /etc/icos/web/iweb_cert.pem -days 3650 -nodes -subj '/CN=localhost'
參考 Setting up a simple SSL configuration
產生 certificate 的方法跟 web_x509.sh 不同
openssl req -new -x509 -keyout lighttpd.pem -out lighttpd.pem -days 365 -nodes
keyout 與 out 都是 lighttpd.pem
看來需要為了 lighttpd 多寫一隻 web_x509_lighttpd.sh
1715
已經把 iweb 換成 lighttpd 了
遇到了一些坑
先 build 個 image 來試試在來整理一下方便 commit
1735
測試的過程發現網頁的 Management > Web 還沒修改
先整理一下這一次的修改
diff --git a/proscend/prosrc/icos/icoslib/web/webcfg.c b/proscend/prosrc/icos/icoslib/web/webcfg.c
index 380ef89..0549279 100644
--- a/proscend/prosrc/icos/icoslib/web/webcfg.c
+++ b/proscend/prosrc/icos/icoslib/web/webcfg.c
@@ -34,6 +34,65 @@
+#define WEB_DAEMON_LIGHTTPD_BIN_FILE "/usr/sbin/lighttpd"
+#define WEB_DAEMON_LIGHTTPD_KEY WEB_ETC_DIR"/lighttpd.pem"
+#define WEB_CONFIG__FILE WEB_TMP_DIR"/lighttpd.conf"
+#define WEB_DAEMON_LIGHTTPD_ARGV "-D -f %s"
+
+
+
+#define WEB_CONFIG_SERVER_DOCUMENT_ROOT \
+ "server.document-root = \"/www/\"\n" \
+ "\n"
+
+#define WEB_CONFIG_SERVER_PORT \
+ "server.port = %d\n" \
+ "\n"
+
+#define WEB_CONFIG_SERVER_MODULES \
+ "server.modules = ( \"mod_rewrite\", \"mod_access\", \"mod_cgi\", \"mod_openssl\", \"mod_accesslog\" )\n" \
+ "\n"
+
+#define WEB_CONFIG_INDEX_FILE_NAMES \
+ "index-file.names = ( \"index.html\" )\n" \
+ "\n"
+
+#define WEB_CONFIG_MINETYPE_ASSIGN \
+ "mimetype.assign = ( \n" \
+ " \".gif\" => \"image/gif\",\n" \
+ " \".jpg\" => \"image/jpeg\",\n" \
+ " \".jpeg\" => \"image/jpeg\",\n" \
+ " \".png\" => \"image/png\",\n" \
+ " \".css\" => \"text/css\",\n" \
+ " \".html\" => \"text/html\",\n" \
+ " \".htm\" => \"text/html\",\n" \
+ " \".txt\" => \"text/plain\",\n" \
+ ")\n" \
+ "\n"
+
+#define WEB_CONFIG_CGI_ASSIGN \
+ "cgi.assign = ( \".cgi\" => \"\" )\n" \
+ "\n"
+
+#define WEB_CONFIG_URL_REWRITE \
+ "url.rewrite = ( \n" \
+ " \"^/api/([a-zA-Z]+)[0-9a-zA-Z=.?]*$\" => \"/cgi-bin/api.cgi?act=$1\",\n" \
+ " \"^/(DO_ON|DO_OFF|DO_PULSE|RESTORE_DO_ALARM)$\" => \"/cgi-bin/api.cgi?act=$1\",\n" \
+ ")\n" \
+ "\n"
+
+#define WEB_CONFIG_SERVER_SOCKET \
+ "$SERVER[\"socket\"] == \":%d\" {\n" \
+ " ssl.engine = \"enable\" \n" \
+ " ssl.pemfile = \"/etc/icos/web/lighttpd.pem\" \n" \
+ "}\n" \
+ "\n"
+
+
+
+
+
+
enum
{
DAEMON_STATUS_OFF=0,
@@ -170,6 +229,10 @@ int Is_icos_bootinit_done_received = 0;
+static void _make_configuration_file(sWebConfig *setting);
+
+
+
static int LocalString2Value(int attID, char *pAttValue, int *pValue)
{
int res = ICOS_FAILURE;
@@ -317,6 +380,31 @@ static int LocSaveConfigTxt(char *szFileName, sWebConfig *pCfg)
+static void _make_configuration_file(sWebConfig *setting)
+{
+ WEB_INFO("");
+
+ FILE *fp = fopen(WEB_CONFIG__FILE, "w");
+ if (fp == 0)
+ {
+ WEB_DBG("Failed to open file: '%s'", WEB_CONFIG__FILE);
+ return ICOS_FAILURE;
+ }
+
+ fprintf(fp, WEB_CONFIG_SERVER_DOCUMENT_ROOT);
+ fprintf(fp, WEB_CONFIG_SERVER_PORT, setting->httpdPort);
+ fprintf(fp, WEB_CONFIG_SERVER_MODULES);
+ fprintf(fp, WEB_CONFIG_INDEX_FILE_NAMES);
+ fprintf(fp, WEB_CONFIG_MINETYPE_ASSIGN);
+ fprintf(fp, WEB_CONFIG_CGI_ASSIGN);
+ fprintf(fp, WEB_CONFIG_URL_REWRITE);
+ fprintf(fp, WEB_CONFIG_SERVER_SOCKET, setting->httpsPort);
+
+ fclose(fp);
+}
+
+
+
static int ApplyWebSetting(int flag, int index, void* pStruct, int structSize)
{
sWebConfig *pCfg = (sWebConfig *)pStruct;
@@ -344,6 +432,7 @@ static int ApplyWebSetting(int flag, int index, void* pStruct, int structSize)
switch (flag)
{
case OPFLAG_APPLY_WEB_WWW:
+ _make_configuration_file(pCfg);
ICOS_msg_sendto(MODULE_WEB,MODULE_WEB,pCfg,sizeof(sWebConfig),ICOS_UCAST_MODULE_APPLY);
return ICOS_SUCCESS;
default:
@@ -584,19 +673,10 @@ static void gen_key_files(void)
char cmd[256];
WEB_INFO("IN\n");
- if (-1 == access(WEB_DAEMON_KEY_FILE, F_OK))
+ if (-1 == access(WEB_DAEMON_LIGHTTPD_KEY, F_OK))
{
-#if 0
- snprintf(cmd, sizeof(cmd),
- "req -x509 -newkey rsa:1024 -keyout %s -out %s -days 365 -nodes -subj '/CN=localhost'",
- WEB_DAEMON_KEY_FILE, WEB_DAEMON_CERT_FILE);
- pid = ICOS_ProcLaunch(MODULE_WEB, WEB_DAEMON_KEYGEN_FILE, cmd, NULL);
- WEB_INFO("iweb genkey cmd = %s\n", cmd);
+ pid = ICOS_ProcLaunch(MODULE_WEB, "web_x509_lighttpd.sh", NULL, NULL);
WEB_INFO("iweb genkey pid = %d\n", pid);
-#else
- pid = ICOS_ProcLaunch(MODULE_WEB, "web_x509.sh", NULL, NULL);
- WEB_INFO("iweb genkey pid = %d\n", pid);
-#endif
}
WEB_INFO("OUT\n");
}
@@ -672,7 +752,7 @@ static void daemon_restart(DAEMON_CTRL_T *dmn_ctrl)
if (DID_HTTPS == dmn_ctrl->did)
{
- snprintf(argv,sizeof(argv)," -p %d -d %s -s", cfg->httpsPort, WEB_DAEMON_HTML_DIR);
+ snprintf(argv, sizeof(argv), WEB_DAEMON_LIGHTTPD_ARGV, WEB_CONFIG__FILE);
}
else
{
@@ -681,8 +761,8 @@ static void daemon_restart(DAEMON_CTRL_T *dmn_ctrl)
//snprintf(argv,sizeof(argv)," -p %d -d %s", cfg->httpdPort, WEB_DAEMON_HTML_DIR);
}
- WEB_DBG("[DMN]Lanch=>%s %s\n",WEB_DAEMON_BIN_FILE,argv);
- dmn_ctrl->pid=ICOS_ProcLaunch(MODULE_WEB,WEB_DAEMON_BIN_FILE,argv,NULL);
+ WEB_DBG("[DMN]Lanch=>%s %s\n", WEB_DAEMON_LIGHTTPD_BIN_FILE, argv);
+ dmn_ctrl->pid=ICOS_ProcLaunch(MODULE_WEB, WEB_DAEMON_LIGHTTPD_BIN_FILE, argv, NULL);
if (dmn_ctrl->pid == BAD_PID)
{
@@ -710,8 +790,7 @@ static int controller_init(sWebConfig *cfgp)
gWebCtrl.mod_init_done=0;
gWebCtrl.conn_mgr=GetIcosModule(MODULE_CONNMGR)?1:0;
- int keyfile = (0 == access(WEB_DAEMON_KEY_FILE, F_OK));
- int certfile = (0 == access(WEB_DAEMON_CERT_FILE, F_OK));
+ int keyfile = (0 == access(WEB_DAEMON_LIGHTTPD_KEY, F_OK));
//Daemon
for(i=0; MAX_DAEMON_NUM>i; i++)
@@ -724,7 +803,7 @@ static int controller_init(sWebConfig *cfgp)
gWebCtrl.dmn_ctrl[i].retry_cnt=MAX_DAEMON_RETRY_NUM; //-1 for forever
gWebCtrl.dmn_ctrl[i].is_keyfile_ready=0;
- if (keyfile && certfile)
+ if (keyfile)
{
WEB_INFO("[DID%d] Key file generated done.\n", gWebCtrl.dmn_ctrl[i].did);
gWebCtrl.dmn_ctrl[i].is_keyfile_ready=1;
@@ -1114,10 +1193,9 @@ static int _termcb(char *msg, pid_t pid)
{
if ( DID_HTTPS == gWebCtrl.dmn_ctrl[i].did && 0 == gWebCtrl.dmn_ctrl[i].is_keyfile_ready )
{
- int keyfile = (0 == access(WEB_DAEMON_KEY_FILE, F_OK));
- int certfile = (0 == access(WEB_DAEMON_CERT_FILE, F_OK));
+ int keyfile = (0 == access(WEB_DAEMON_LIGHTTPD_KEY, F_OK));
- if (keyfile && certfile)
+ if (keyfile)
{
char cmd[256]= {0};
WEB_INFO("HTTPS key and cert generated done.\n");
另外新增的有 proscend/prosrc/icos/script/web_x509_lighttpd.sh
#!/bin/bash
openssl req -x509 -newkey rsa:2048 -keyout /tmp/icos/web/lighttpd.pem -out /tmp/icos/web/lighttpd.pem -days 3650 -nodes -subj '/CN=localhost'
mv /tmp/icos/web/lighttpd.pem /etc/icos/web/lighttpd.pem
sync