diff options
author | Javier S. Pedro <maemo@javispedro.com> | 2012-09-30 16:48:52 +0200 |
---|---|---|
committer | Javier S. Pedro <maemo@javispedro.com> | 2012-09-30 16:48:52 +0200 |
commit | 630923d0de4a5cab558531e943370f00a64b316d (patch) | |
tree | 144e29d4785de0bfd46c65cd7977bd59e8d5ab09 /distfoldd | |
parent | 0a174260c5dd04d516da7a6021e681d49c312547 (diff) | |
download | distfold-630923d0de4a5cab558531e943370f00a64b316d.tar.gz distfold-630923d0de4a5cab558531e943370f00a64b316d.zip |
autogenerate keys and autostartup daemon
Diffstat (limited to 'distfoldd')
-rw-r--r-- | distfoldd/distfoldd.conf | 12 | ||||
-rw-r--r-- | distfoldd/distfoldd.pro | 17 | ||||
-rwxr-xr-x | distfoldd/keygen.sh | 7 | ||||
-rw-r--r-- | distfoldd/localkey.cc | 50 | ||||
-rw-r--r-- | distfoldd/localkey.h | 19 | ||||
-rw-r--r-- | distfoldd/main.cc | 8 | ||||
-rw-r--r-- | distfoldd/server.cc | 7 |
7 files changed, 102 insertions, 18 deletions
diff --git a/distfoldd/distfoldd.conf b/distfoldd/distfoldd.conf new file mode 100644 index 0000000..0d85416 --- /dev/null +++ b/distfoldd/distfoldd.conf @@ -0,0 +1,12 @@ +description "Distfold daemon" +author "maemo@javispedro.com" + +stop on stopping xsession + +console none +respawn +respawn limit 3 10 +normal exit 0 TERM +nice 1 + +exec /usr/bin/aegis-exec -s -u user -l "exec /opt/distfold/bin/distfoldd" diff --git a/distfoldd/distfoldd.pro b/distfoldd/distfoldd.pro index 3076068..2d62e8f 100644 --- a/distfoldd/distfoldd.pro +++ b/distfoldd/distfoldd.pro @@ -9,6 +9,8 @@ QT -= gui CONFIG += mobility MOBILITY += systeminfo +CONFIG += crypto + SOURCES += main.cc \ distfolder.cc \ server.cc \ @@ -17,7 +19,8 @@ SOURCES += main.cc \ serveragent.cc \ agent.cc \ discoverer.cc \ - compressor.cc + compressor.cc \ + localkey.cc HEADERS += \ distfolder.h \ @@ -27,13 +30,13 @@ HEADERS += \ serveragent.h \ agent.h \ discoverer.h \ - compressor.h + compressor.h \ + localkey.h contains(MEEGO_EDITION,harmattan) { target.path = /opt/distfold/bin - - scripts.files = keygen.sh - scripts.path = /opt/distfold/bin - - INSTALLS += target scripts + INSTALLS += target } + +OTHER_FILES += \ + distfoldd.conf diff --git a/distfoldd/keygen.sh b/distfoldd/keygen.sh deleted file mode 100755 index d271b57..0000000 --- a/distfoldd/keygen.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -# Simple script to generate required SSL cert & private key. -# Place server.* files in ~/.config/distfold/ - -openssl req -x509 -batch -newkey rsa:2048 -keyout server.key -nodes -days 365 -out server.crt -chmod 0400 server.key server.crt diff --git a/distfoldd/localkey.cc b/distfoldd/localkey.cc new file mode 100644 index 0000000..9855ff4 --- /dev/null +++ b/distfoldd/localkey.cc @@ -0,0 +1,50 @@ +#include <QtCore/QDir> +#include <QtCore/QDebug> +#include <QtCrypto> + +#include "localkey.h" + +LocalKey::LocalKey() +{ +} + +QString LocalKey::localKeyDir() +{ + return QDir::home().absoluteFilePath(".config/distfold"); +} + +bool LocalKey::setupLocalKey() +{ + QDir local_key_dir(localKeyDir()); + if (local_key_dir.exists("server.crt") && local_key_dir.exists("server.key")) { + return true; + } + + QCA::Initializer qca; + + QCA::KeyGenerator keygen; + keygen.setBlockingEnabled(true); + + qDebug() << "Generating private key..."; + QCA::PrivateKey private_key = keygen.createRSA(2048); + if (!private_key.toPEMFile(local_key_dir.absoluteFilePath("server.key"))) { + qWarning() << "Failed to save private key"; + return false; + } + + qDebug() << "Generating server certificate..."; + QCA::CertificateInfo cert_info; + cert_info.insert(QCA::CommonName, "Distfold Private Generic Cert"); + QCA::CertificateOptions cert_options; + cert_options.setAsCA(1); + cert_options.setInfo(cert_info); + cert_options.setValidityPeriod(QDateTime::currentDateTime(), + QDateTime::currentDateTime().addYears(2)); + QCA::Certificate cert(cert_options, private_key); + if (!cert.toPEMFile(local_key_dir.absoluteFilePath("server.crt"))) { + qWarning() << "Failed to save server certificate"; + return false; + } + + return true; +} diff --git a/distfoldd/localkey.h b/distfoldd/localkey.h new file mode 100644 index 0000000..ad23091 --- /dev/null +++ b/distfoldd/localkey.h @@ -0,0 +1,19 @@ +#ifndef LOCALKEY_H +#define LOCALKEY_H + +#include <QtCore/QString> + +class LocalKey +{ +private: + LocalKey(); + +public: + static QString localKeyDir(); + static QString localCertPath(); + static QString localPrivateKeyPath(); + + static bool setupLocalKey(); +}; + +#endif // LOCALKEY_H diff --git a/distfoldd/main.cc b/distfoldd/main.cc index fbecf5a..48d52a5 100644 --- a/distfoldd/main.cc +++ b/distfoldd/main.cc @@ -3,6 +3,7 @@ #include <QtCore/QDebug> #include "distfolder.h" +#include "localkey.h" int main(int argc, char *argv[]) { @@ -10,7 +11,12 @@ int main(int argc, char *argv[]) a.setOrganizationName("distfold"); a.setOrganizationDomain("com.javispedro.distfold"); a.setApplicationName("distfoldd"); - a.setApplicationVersion("0.1"); + a.setApplicationVersion("0.2"); + + if (!LocalKey::setupLocalKey()) { + qWarning() << "Failed to setup local private key"; + return EXIT_FAILURE; + } QSettings settings; foreach (const QString& group, settings.childGroups()) { diff --git a/distfoldd/server.cc b/distfoldd/server.cc index 0361466..4c7c222 100644 --- a/distfoldd/server.cc +++ b/distfoldd/server.cc @@ -2,6 +2,7 @@ #include <QtCore/QDir> #include <QtNetwork/QSslSocket> +#include "localkey.h" #include "server.h" Server::Server(QObject *parent) : @@ -15,8 +16,8 @@ Server::Server(QObject *parent) : void Server::loadKeys() { - QDir config_dir(QDir::home().absoluteFilePath(".config/distfold")); - QFile cert_file(config_dir.absoluteFilePath("server.crt")); + QDir local_key_dir(LocalKey::localKeyDir()); + QFile cert_file(local_key_dir.absoluteFilePath("server.crt")); if (cert_file.open(QIODevice::ReadOnly)) { _cert = QSslCertificate(&cert_file, QSsl::Pem); cert_file.close(); @@ -24,7 +25,7 @@ void Server::loadKeys() if (_cert.isNull()) { qWarning() << "Could not load server certificate"; } - QFile key_file(config_dir.absoluteFilePath("server.key")); + QFile key_file(local_key_dir.absoluteFilePath("server.key")); if (key_file.open(QIODevice::ReadOnly)) { _key = QSslKey(&key_file, QSsl::Rsa, QSsl::Pem); key_file.close(); |