diff --git a/net/nut/Config.in b/net/nut/Config.in index b7f403b7..cd2f43ec 100644 --- a/net/nut/Config.in +++ b/net/nut/Config.in @@ -29,4 +29,4 @@ bool "Build with suport for serial drivers" help If you have a UPS connected via serial cable, select this. - default n + default y diff --git a/net/nut/Makefile b/net/nut/Makefile index 2a253f8c..68049b5e 100644 --- a/net/nut/Makefile +++ b/net/nut/Makefile @@ -9,24 +9,24 @@ include $(TOPDIR)/rules.mk PKG_NAME:=nut PKG_VERSION:=2.7.4 -PKG_RELEASE:=7 +PKG_RELEASE:=20 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://www.networkupstools.org/source/2.7/ PKG_HASH:=980e82918c52d364605c0703a5dcf01f74ad2ef06e3d365949e43b7d406d25a7 PKG_MAINTAINER:=Daniel Dickinson -PKG_LICENSE:=GPL-2.0 -PKG_LICENSE_FILES:=LICENSE-GPL2 +PKG_LICENSE:=GPL-2.0-or-later GPL-3.0-or-later GPL-1.0-or-later Artistic-1.0-Perl +PKG_LICENSE_FILES:=LICENSE-GPL2 LICENSE-GPL3 COPYING PKG_FIXUP:=autoreconf -PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) PKG_INSTALL:=1 PKG_CONFIG_DEPENDS:= \ CONFIG_NUT_DRIVER_SNMP \ CONFIG_NUT_DRIVER_USB \ CONFIG_NUT_DRIVER_SERIAL \ - CONFIG_NUT_SSL + CONFIG_NUT_SSL \ + CONFIG_PACKAGE_nut-web-cgi include $(INCLUDE_DIR)/package.mk @@ -63,22 +63,34 @@ define Package/nut/install endef define Package/nut-server/install + # Server portion $(INSTALL_DIR) $(1)/etc/nut $(INSTALL_DIR) $(1)/usr/sbin $(INSTALL_DIR) $(1)/etc/init.d $(INSTALL_DIR) $(1)/usr/share/nut - $(INSTALL_DIR) $(1)/etc/init.d $(INSTALL_BIN) ./files/nut-server.init $(1)/etc/init.d/nut-server $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/upsd $(1)/usr/sbin - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/upsdrvctl $(1)/usr/sbin $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/nut/cmdvartab $(1)/usr/share/nut/ - $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/nut/driver.list $(1)/usr/share/nut/ $(INSTALL_DIR) $(1)/etc/config $(INSTALL_CONF) ./files/nut_server $(1)/etc/config/nut_server - ln -sf /var/etc/nut/nut.conf $(1)/etc/nut/nut.conf - ln -sf /var/etc/nut/ups.conf $(1)/etc/nut/ups.conf - ln -sf /var/etc/nut/upsd.users $(1)/etc/nut/upsd.users - ln -sf /var/etc/nut/upsd.conf $(1)/etc/nut/upsd.conf + ln -sf ../../var/etc/nut/upsd.users $(1)/etc/nut/upsd.users + ln -sf ../../var/etc/nut/upsd.conf $(1)/etc/nut/upsd.conf + # Driver common portion + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/upsdrvctl $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/share/nut/driver.list $(1)/usr/share/nut/ + ln -sf ../../var/etc/nut/ups.conf $(1)/etc/nut/ups.conf + # Mangle libhid.usermap into a format (hotplug shell script) useful for OpenWrt + $(INSTALL_DIR) $(1)/etc/hotplug.d/usb + $(INSTALL_DIR) $(1)/etc/hotplug.d/tty + $(INSTALL_BIN) ./files/nut_serial.hotplug $(1)/etc/hotplug.d/tty/40-nut_serial + $(INSTALL_BIN) ./files/30-libhid-ups.head $(1)/etc/hotplug.d/usb/30-libhid-ups + $(CP) $(PKG_INSTALL_DIR)/etc/hotplug/usb/libhid.usermap $(PKG_BUILD_DIR)/30-libhid-ups.middle + $(SED) '/^$$$$/d' \ + -e '/^#/d' \ + -E -e 's:^[^ ][^ ]* *0x0003 *0x0{0,3}([^ ][^ ]*) *0x0{0,3}*([^ ][^ ]*).*:\1/\2/* | \\:' \ + $(PKG_BUILD_DIR)/30-libhid-ups.middle + tail -n+2 $(PKG_BUILD_DIR)/30-libhid-ups.middle >>$(1)/etc/hotplug.d/usb/30-libhid-ups + cat ./files/30-libhid-ups.tail >>$(1)/etc/hotplug.d/usb/30-libhid-ups endef define Package/nut-common @@ -87,8 +99,7 @@ define Package/nut-common DEPENDS:= nut \ +NUT_DRIVER_SNMP:libnetsnmp \ +NUT_DRIVER_USB:libusb-compat \ - +NUT_SSL:libopenssl \ - +PACKAGE_libwrap:libwrap + +NUT_SSL:libopenssl endef define Package/nut-common/description @@ -96,6 +107,10 @@ $(call Package/nut/description/Default) This package contains the common files. endef +define Package/nut-common/conffiles +/etc/nut/nut.conf +endef + define Package/nut-common/install $(INSTALL_DIR) $(1)/etc/nut $(INSTALL_DIR) $(1)/usr/lib @@ -107,6 +122,7 @@ define Package/nut-server $(call Package/nut/Default) TITLE+= (server) DEPENDS:=nut +nut-common + USERID:=nut=113:nut=113 endef define Package/nut-server/description @@ -120,13 +136,16 @@ endef define Package/nut-server/conffiles /etc/config/nut_server +/etc/nut/upsd.conf +/etc/nut/upsd.users +/etc/nut/ups.conf endef define Package/nut-upsmon $(call Package/nut/Default) TITLE+= (monitor) DEPENDS:=nut +nut-common - USERID:=nut=113:nut=113 + USERID:=nutmon=114:nutmon=114 endef define Package/nut-upsmon/description @@ -141,6 +160,7 @@ endef define Package/nut-upsmon/conffiles /etc/config/nut_monitor +/etc/nut/upsmon.conf endef define Package/nut-upsmon/install @@ -149,6 +169,7 @@ define Package/nut-upsmon/install $(INSTALL_DIR) $(1)/etc/init.d $(INSTALL_BIN) ./files/nut-monitor.init $(1)/etc/init.d/nut-monitor $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/upsmon $(1)/usr/sbin/ + $(INSTALL_BIN) ./files/nutshutdown $(1)/usr/sbin/nutshutdown $(INSTALL_DIR) $(1)/etc/config $(INSTALL_CONF) ./files/nut_monitor $(1)/etc/config/nut_monitor ln -sf /var/etc/nut/upsmon.conf $(1)/etc/nut/upsmon.conf @@ -182,7 +203,7 @@ define Package/nut-upsc/description $(call Package/nut/description/Default) upsc is provided as a quick way to poll the status of a UPS server. It can be used inside shell scripts and other programs that need UPS data -but don not want to include the full interface. +but do not want to include the full interface. endef define Package/nut-upsc/install @@ -281,7 +302,7 @@ endef define Package/nut-web-cgi $(call Package/nut/Default) TITLE+= Web CGI interface - DEPENDS:=nut +nut-common +libgd + DEPENDS:=nut +nut-common +PACKAGE_nut-web-cgi:libgd endef define Package/nut-web-cgi/description @@ -308,12 +329,15 @@ define Package/nut-web-cgi/install $(INSTALL_CONF) ./files/add_nut_httpd_conf $(1)/etc/uci-defaults/add_nut_httpd_conf $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/nut/upsstats.html.sample $(1)/etc/nut/upsstats.html $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/nut/upsstats-single.html.sample $(1)/etc/nut/upsstats-single.html - $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/nut/upsset.conf.sample $(1)/etc/nut/upsset.conf + $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/nut/upsset.conf.sample $(1)/etc/nut/upsset.conf.disable + $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/nut/upsset.conf.sample $(1)/etc/nut/upsset.conf.enable + $(SED) 's/### \?//' $(1)/etc/nut/upsset.conf.enable $(INSTALL_DIR) $(1)/etc/config $(INSTALL_CONF) ./files/nut_cgi $(1)/etc/config/nut_cgi $(INSTALL_DIR) $(1)/etc/init.d $(INSTALL_BIN) ./files/nut-cgi.init $(1)/etc/init.d/nut-cgi ln -sf /var/etc/nut/hosts.conf $(1)/etc/nut/hosts.conf + ln -sf /var/etc/nut/upsset.conf $(1)/etc/nut/upsset.conf endef define Package/nut-avahi-service @@ -342,7 +366,7 @@ define DriverPackage define Package/nut-driver-$(2) $(call Package/nut/Default) TITLE:=$(2) (NUT $(1) driver) - DEPENDS:=nut +nut-common + DEPENDS:=nut +nut-server $(if $(filter $(1),snmp),DEPENDS+= @NUT_DRIVER_SNMP) $(if $(filter $(1),usb),DEPENDS+= @NUT_DRIVER_USB) $(if $(filter $(1),serial),DEPENDS+= @NUT_DRIVER_SERIAL) @@ -352,10 +376,10 @@ define DriverPackage # new version of nut we will need to provide descriptions for any new # drivers. define Package/nut-driver-$(2)/description - + endef define Package/nut-driver-$(2)/install - $(INSTALL_DIR) $$(1)/lib/nut + $(INSTALL_DIR) $$(1)/lib/nut $(CP) $$(PKG_INSTALL_DIR)/lib/nut/$(2) $$(1)/lib/nut/ $(if $(filter $(2),clone),$(CP) $$(PKG_INSTALL_DIR)/lib/nut/$(2)-outlet $$(1)/lib/nut/) endef @@ -502,10 +526,12 @@ CONFIGURE_ARGS += \ --without-avahi \ --$(if $(CONFIG_NUT_DRIVER_SNMP),with,without)-snmp \ --$(if $(CONFIG_NUT_DRIVER_SERIAL),with,without)-serial \ + --without-doc \ --without-neon \ --without-powerman \ --without-wrap \ - --with-cgi \ + --with-hotplug-dir=/etc/hotplug \ + --with$(if $(CONFIG_PACKAGE_nut-web-cgi),,out)-cgi \ --without-ipmi \ --without-freeipmi \ --$(if $(CONFIG_NUT_SSL),with,without)-ssl $(if $(CONFIG_NUT_SSL),--with-openssl) \ @@ -513,7 +539,9 @@ CONFIGURE_ARGS += \ --with-statepath=/var/run/nut \ --with-drvpath=/lib/nut \ --with-user=root \ - --with-group=root + --with-group=root \ + $(if $(CONFIG_PACKAGE_nut-web-cgi),--with-gd-includes="`pkg-config --cflags gdlib`") \ + $(if $(CONFIG_PACKAGE_nut-web-cgi),--with-gd-libs="`pkg-config --libs gdlib`") define Build/InstallDev $(INSTALL_DIR) $(1)/usr/include $(1)/usr/lib/pkgconfig diff --git a/net/nut/files/30-libhid-ups.head b/net/nut/files/30-libhid-ups.head new file mode 100755 index 00000000..eebda998 --- /dev/null +++ b/net/nut/files/30-libhid-ups.head @@ -0,0 +1,49 @@ +#!/bin/sh + +nut_driver_config() { + local cfg="$1" + local nomatch="$2" + + config_get runas "$cfg" runas "nut" + config_get vendorid "$cfg" vendorid + config_get productid "$cfg" productid + + [ "$ACTION" = "add" ] && [ -n "$DEVNAME" ] && { + chmod 0660 /dev/"$DEVNAME" + chown "${runas:-root}":"$(id -gn "${runas:-root}")" /dev/"$DEVNAME" + } + + if [ "$nomatch" = "1" ]; then + [ "$ACTION" = "add" ] && { + /etc/init.d/nut-server start "$cfg" + } + elif [ "$(printf "%04x" 0x"$pvendid")" = "$vendorid" ] && \ + [ "$(printf "%04x" 0x"$pprodid")" = "$productid" ]; then + [ "$ACTION" = "add" ] && { + /etc/init.d/nut-server start "$cfg" + } + [ "$ACTION" = "remove" ] && { + /etc/init.d/nut-server stop "$cfg" + } + found=1 + fi +} + +perform_libhid_action() { + . /lib/functions.sh + + local vendorid productid runas + local pvendid pprodid found + + pvendid=${PRODUCT%/*} + pvendid=${pvendid%/*} + pprodid=${PRODUCT%/*} + pprodid=${pprodid##*/} + + config_load nut_server + config_foreach nut_driver_config driver 0 + [ "$found" != "1" ] && config_foreach nut_driver_config driver 1 + /etc/init.d/nut-server start upsd +} + +[ -n "$PRODUCT" ] && case "$PRODUCT" in diff --git a/net/nut/files/30-libhid-ups.tail b/net/nut/files/30-libhid-ups.tail new file mode 100644 index 00000000..3846bc3e --- /dev/null +++ b/net/nut/files/30-libhid-ups.tail @@ -0,0 +1,5 @@ +"") + [ -f /var/run/nut/disable-hotplug ] || \ + /etc/init.d/nut-server enabled && perform_libhid_action + ;; +esac diff --git a/net/nut/files/nut-cgi.init b/net/nut/files/nut-cgi.init index d63d98ba..68d39f66 100755 --- a/net/nut/files/nut-cgi.init +++ b/net/nut/files/nut-cgi.init @@ -4,10 +4,26 @@ # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. # -START=51 +START=87 +STOP=23 +USE_PROCD=1 DEFAULT=/etc/default/nut UPSCGI_C=/var/etc/nut/hosts.conf +UPSCGI_S=/var/etc/nut/upsset.conf + +nut_upscgi_upsset() { + local cfg="$1" + local enable + + config_get_bool enable "$cfg" enable 0 + + if [ "$enable" -eq 1 ]; then + ln -sf /etc/nut/upsset.conf.enable "$UPSCGI_S" + else + ln -sf /etc/nut/upsset.conf.disable "$UPSCGI_S" + fi +} nut_upscgi_add() { local cfg="$1" @@ -25,20 +41,36 @@ nut_upscgi_add() { system="$system:$port"; fi config_get displayname "$cfg" displayname - echo "MONITOR $system \"$displayname\"" >> $UPSCGI_C + echo "MONITOR $system \"$displayname\"" >> "$UPSCGI_C" } -start() { - rm -f $UPSCGI_C +service_reload() { + mkdir -m 0755 -p "$(dirname "$UPSCGI_C")" + rm -f "$UPSCGI_C" + rm -f "$UPSCGI_S" config_load nut_cgi config_foreach nut_upscgi_add host + config_foreach nut_upscgi_upsset upsset - chmod 640 /var/etc/nut/hosts.conf + [ -s "$UPSCGI_C" ] && chmod 640 "$UPSCGI_C" } -stop() { - rm -f $UPSCGI_C +start_service() { + service_reload } +reload_service() { + service_reload +} + +stop_service() { + rm -f "$UPSCGI_C" + rm -f "$UPSCGI_S" + ln -sf /etc/nut/upsset.conf.disable "$UPSCGI_S" +} + +service_triggers() { + procd_add_reload_trigger "nut_cgi" +} diff --git a/net/nut/files/nut-monitor.init b/net/nut/files/nut-monitor.init index af814078..e57a2870 100755 --- a/net/nut/files/nut-monitor.init +++ b/net/nut/files/nut-monitor.init @@ -1,61 +1,63 @@ #!/bin/sh /etc/rc.common -START=60 +START=82 +STOP=28 USE_PROCD=1 UPSMON_C=/var/etc/nut/upsmon.conf nut_upsmon_conf() { local cfg="$1" + local RUNAS val optval - echo "# Config file automatically generated from UCI config" > $UPSMON_C + echo "# Config file automatically generated from UCI config" > "$UPSMON_C" - config_get runas "$cfg" runas "nut" - [ -n "$runas" ] && echo "RUN_AS_USER $runas" >> $UPSMON_C + config_get RUNAS "$cfg" runas "nutmon" + [ -n "$RUNAS" ] && echo "RUN_AS_USER $RUNAS" >> "$UPSMON_C" + runas="$RUNAS" config_get val "$cfg" minsupplies 1 - echo "MINSUPPLIES $val" >> $UPSMON_C + echo "MINSUPPLIES $val" >> "$UPSMON_C" - config_get val "$cfg" shutdowncmd "/sbin/halt" - echo "SHUTDOWNCMD \"$val\"" >> $UPSMON_C + config_get val "$cfg" shutdowncmd "/usr/sbin/nutshutdown" + echo "SHUTDOWNCMD \"$val\"" >> "$UPSMON_C" config_get val "$cfg" notifycmd - [ -n "$val" ] && echo "NOTIFYCMD \"$val\"" >> $UPSMON_C + [ -n "$val" ] && echo "NOTIFYCMD \"$val\"" >> "$UPSMON_C" config_get val "$cfg" pollfreq 5 - echo "POLLFREQ $val" >> $UPSMON_C + echo "POLLFREQ $val" >> "$UPSMON_C" config_get val "$cfg" pollfreqalert 5 - echo "POLLFREQALERT $val" >> $UPSMON_C + echo "POLLFREQALERT $val" >> "$UPSMON_C" config_get val "$cfg" hostsync 15 - echo "HOSTSYNC $val" >> $UPSMON_C + echo "HOSTSYNC $val" >> "$UPSMON_C" config_get val "$cfg" deadtime 15 - echo "DEADTIME $val" >> $UPSMON_C + echo "DEADTIME $val" >> "$UPSMON_C" - config_get val "$cfg" powerdownflag /var/run/killpower - echo "POWERDOWNFLAG $val" >> $UPSMON_C + echo "POWERDOWNFLAG /var/run/killpower" >> "$UPSMON_C" config_get val "$cfg" onlinemsg - [ -n "$val" ] && echo "NOTIFYMSG ONLINE \"$val\"" >> $UPSMON_C + [ -n "$val" ] && echo "NOTIFYMSG ONLINE \"$val\"" >> "$UPSMON_C" config_get val "$cfg" onbattmsg - [ -n "$val" ] && echo "NOTIFYMSG ONBATT \"$val\"" >> $UPSMON_C + [ -n "$val" ] && echo "NOTIFYMSG ONBATT \"$val\"" >> "$UPSMON_C" config_get val "$cfg" lowbattmsg - [ -n "$val" ] && echo "NOTIFYMSG LOWBATT \"$val\"" >> $UPSMON_C + [ -n "$val" ] && echo "NOTIFYMSG LOWBATT \"$val\"" >> "$UPSMON_C" config_get val "$cfg" fsdmsg - [ -n "$val" ] && echo "NOTIFYMSG FSD \"$val\"" >> $UPSMON_C + [ -n "$val" ] && echo "NOTIFYMSG FSD \"$val\"" >> "$UPSMON_C" config_get val "$cfg" commokmsg - [ -n "$val" ] && echo "NOTIFYMSG COMMOK \"$val\"" >> $UPSMON_C + [ -n "$val" ] && echo "NOTIFYMSG COMMOK \"$val\"" >> "$UPSMON_C" config_get val "$cfg" commbadmsg - [ -n "$val" ] && echo "NOTIFYMSG COMMBAD \"$val\"" >> $UPSMON_C + [ -n "$val" ] && echo "NOTIFYMSG COMMBAD \"$val\"" >> "$UPSMON_C" config_get val "$cfg" shutdownmsg - [ -n "$val" ] && echo "NOTIFYMSG SHUTDOWN \"$val\"" >> $UPSMON_C + [ -n "$val" ] && echo "NOTIFYMSG SHUTDOWN \"$val\"" >> "$UPSMON_C" config_get val "$cfg" replbattmsg - [ -n "$val" ] && echo "NOTIFYMSG REPLBATT \"$val\"" >> $UPSMON_C + [ -n "$val" ] && echo "NOTIFYMSG REPLBATT \"$val\"" >> "$UPSMON_C" config_get val "$cfg" nocommmsg - [ -n "$val" ] && echo "NOTIFYMSG NOCOMM \"$val\"" >> $UPSMON_C + [ -n "$val" ] && echo "NOTIFYMSG NOCOMM \"$val\"" >> "$UPSMON_C" config_get val "$cfg" noparentmsg - [ -n "$val" ] && echo "NOTIFYMSG NOPARENT \"$val\"" >> $UPSMON_C + [ -n "$val" ] && echo "NOTIFYMSG NOPARENT \"$val\"" >> "$UPSMON_C" notifylist() { local value="$1" @@ -85,34 +87,38 @@ nut_upsmon_conf() { val="" config_list_foreach "$cfg" defaultnotify notifylist default="$optval" - echo "NOTIFYFLAG ONLINE $(setnotify "$cfg" onlinenotify)" >> $UPSMON_C - echo "NOTIFYFLAG ONBATT $(setnotify "$cfg" onbattnotify)" >> $UPSMON_C - echo "NOTIFYFLAG LOWBATT $(setnotify "$cfg" lowbatnotify)" >> $UPSMON_C - echo "NOTIFYFLAG FSD $(setnotify "$cfg" fsdnotify)" >> $UPSMON_C - echo "NOTIFYFLAG COMMOK $(setnotify "$cfg" commoknotify)" >> $UPSMON_C - echo "NOTIFYFLAG COMMBAD $(setnotify "$cfg" commbadnotify)" >> $UPSMON_C - echo "NOTIFYFLAG SHUTDOWN $(setnotify "$cfg" shutdownnotify)" >> $UPSMON_C - echo "NOTIFYFLAG REPLBATT $(setnotify "$cfg" repolbattnotify)" >> $UPSMON_C - echo "NOTIFYFLAG NOCOMM $(setnotify "$cfg" nocommnotify)" >> $UPSMON_C - echo "NOTIFYFLAG NOPARENT $(setnotify "$cfg" noparentnotify)" >> $UPSMON_C + { + echo "NOTIFYFLAG ONLINE $(setnotify "$cfg" onlinenotify)" ; \ + echo "NOTIFYFLAG ONBATT $(setnotify "$cfg" onbattnotify)" ; \ + echo "NOTIFYFLAG LOWBATT $(setnotify "$cfg" lowbatnotify)" ; \ + echo "NOTIFYFLAG FSD $(setnotify "$cfg" fsdnotify)" ; \ + echo "NOTIFYFLAG COMMOK $(setnotify "$cfg" commoknotify)" ; \ + echo "NOTIFYFLAG COMMBAD $(setnotify "$cfg" commbadnotify)" ; \ + echo "NOTIFYFLAG SHUTDOWN $(setnotify "$cfg" shutdownnotify)" ; \ + echo "NOTIFYFLAG REPLBATT $(setnotify "$cfg" repolbattnotify)" ; \ + echo "NOTIFYFLAG NOCOMM $(setnotify "$cfg" nocommnotify)" ; \ + echo "NOTIFYFLAG NOPARENT $(setnotify "$cfg" noparentnotify)" ; \ + } >> "$UPSMON_C" config_get val "$cfg" rbwarntime 43200 - echo "RBWARNTIME $val" >> $UPSMON_C + echo "RBWARNTIME $val" >> "$UPSMON_C" config_get val "$cfg" nocommwarntime 300 - echo "NOCOMMWARNTIME $val" >> $UPSMON_C + echo "NOCOMMWARNTIME $val" >> "$UPSMON_C" config_get val "$cfg" finaldelay 5 - echo "FINALDELAY $val" >> $UPSMON_C + echo "FINALDELAY $val" >> "$UPSMON_C" config_get val "$cfg" certpath - if [ -n "$val" ]; then echo "CERTPATH $val" >> $UPSMON_C; fi + if [ -n "$val" ]; then echo "CERTPATH $val" >> "$UPSMON_C"; fi config_get_bool val "$cfg" certverify 0 - if [ -n "$val" ]; then echo "CERTVERIFY $val" >> $UPSMON_C; fi + if [ -n "$val" ]; then echo "CERTVERIFY $val" >> "$UPSMON_C"; fi config_get_bool val "$cfg" forcessl 0 - if [ -n "$val" ]; then echo "FORCESSL $val" >> $UPSMON_C; fi + if [ -n "$val" ]; then echo "FORCESSL $val" >> "$UPSMON_C"; fi + + havemon=1 } nut_upsmon_add() { @@ -126,12 +132,6 @@ nut_upsmon_add() { local password local system - # if UPSMON_C is a symlink we're only doing generated config - [ -L $UPSMON_C ] && { - rm -f $UPSMON_C - nut_upsmon_conf "" - } - config_get upsname "$cfg" upsname config_get hostname "$cfg" hostname localhost config_get port "$cfg" port @@ -142,40 +142,90 @@ nut_upsmon_add() { if [ -n "$port" ]; then system="$system:$port"; fi - echo "MONITOR $system $powervalue $username $password $type" >> $UPSMON_C + echo "MONITOR $system $powervalue $username $password $type" >> "$UPSMON_C" + + havems=1 } -start_service() { - mkdir -p "$(dirname "$UPSMON_C")" - chmod 750 "$(dirname "$UPSMON_C")" +build_config() { + mkdir -m 0750 -p "$(dirname "$UPSMON_C")" config_load nut_monitor - config_foreach nut_upsmon_conf upsmon config_foreach nut_upsmon_add master master config_foreach nut_upsmon_add slave slave - [ -z "$(cat /var/etc/nut/nut.conf)" ] && echo "MODE=netclient" >>/var/etc/nut/nut.conf - - chmod 640 $UPSMON_C - chmod 640 /var/etc/nut/nut.conf - - chown ${runas:-root}:$(id -gn ${runas:-root}) /var/etc/nut - chown ${runas:-root}:$(id -gn ${runas:-root}) /var/etc/nut/nut.conf - chown ${runas:-root}:$(id -gn ${runas:-root}) $UPSMON_C - - [ -d /var/run/nut ] || { - mkdir -m 0750 -p /var/run/nut - chown ${runas:-root}:$(id -gn ${runas:-root}) /var/run/nut + [ ! -s /var/etc/nut/nut.conf ] && { + echo "MODE=netclient" >>/var/etc/nut/nut.conf + chmod 640 /var/etc/nut/nut.conf + chgrp "$(id -gn "${runas:-nutmon}")" /var/etc/nut/nut.conf } - exec $DEBUG /usr/sbin/upsmon $UPSMON_OPTIONS + [ -s "$UPSMON_C" ] && chmod 640 "$UPSMON_C" + [ -s "$UPSMON_C" ] && chgrp "$(id -gn "${runas:-nutmon}")" "$UPSMON_C" } -stop_service() { - exec /usr/sbin/upsmon -c stop +interface_triggers() { + local action="$1" + local triggerlist trigger + + config_get triggerlist "upsmon" triggerlist + + . "${IPKG_INSTROOT}"/lib/functions/network.sh + + if [ -n "$triggerlist" ]; then + for trigger in $triggerlist; do + if [ "$action" = "add_trigger" ]; then + procd_add_interface_trigger "interface.*" "$trigger" /etc/init.d/nut-monitor restart + else + network_is_up "$trigger" && return 0 + fi + done + else + if [ "$action" = "add_trigger" ]; then + procd_add_raw_trigger "interface.*.up" 2000 /etc/init.d/nut-monitor restart + else + ubus call network.device status | grep -q '"up": true' && return 0 + fi + fi + [ "$action" = "add_trigger" ] || return 1 +} + +start_service() { + local runas=nutmon + local havemon havems + build_config + + [ "$havemon" != 1 ] && return 1 + [ "$havems" != 1 ] && return 1 + interface_triggers "check_interface_up" || return 0 + + procd_open_instance "upsmon" + procd_set_param respawn 10 20 6 + procd_set_param stderr 1 + procd_set_param stdout 0 + procd_set_param command /usr/sbin/upsmon -D + procd_close_instance + + return 0 } reload_service() { - exec /usr/sbin/upsmon -c reload + if pgrep upsmon >/dev/null 2>/dev/null; then + local runas=nutmon + build_config + /usr/sbin/upsmon -c reload + else + restart + fi +} + +stop_service() { + upsmon -c stop +} + +service_triggers() { + config_load nut_monitor + interface_triggers "add_trigger" + procd_add_reload_trigger "nut_monitor" } diff --git a/net/nut/files/nut-sendmail-notify b/net/nut/files/nut-sendmail-notify index 749aa9bf..f21e41e8 100755 --- a/net/nut/files/nut-sendmail-notify +++ b/net/nut/files/nut-sendmail-notify @@ -1,6 +1,7 @@ #!/bin/sh -/usr/sbin/sendmail root <>"$UPS_C" + } + + [ -n "$flag" ] && { + config_get_bool val "$cfg" "$var" "$def" + [ "$val" = 1 ] && echo "$var" >>"$UPS_C" + } +} + +upsd_statepath() { + local statepath + + config_get statepath upsd statepath /var/run/nut + STATEPATH="$statepath" +} + +upsd_runas() { + local runas + + [ -n "$RUNAS" ] && return 0 + + config_get runas upsd runas nut + RUNAS="$runas" +} + listen_address() { local cfg="$1" config_get address "$cfg" address "::1" config_get port "$cfg" port - echo "LISTEN $address $port" >>$UPSD_C -} - -upsd_statepath() { - local cfg="$1" - config_get statepath "$cfg" statepath + echo "LISTEN $address $port" >>"$UPSD_C" } upsd_config() { local cfg="$1" - local maxage maxconn certfile + local maxage maxconn certfile runas statepath # Note runas support requires you make sure USB device file is readable by # the runas user - config_get runas "$cfg" runas + config_get runas "$cfg" runas nut + RUNAS="$runas" + + config_get statepath "$cfg" statepath /var/run/nut + STATEPATH="$statepath" config_get maxage "$cfg" maxage - [ -n "$maxage" ] && echo "MAXAGE $maxage" >>$UPSD_C + [ -n "$maxage" ] && echo "MAXAGE $maxage" >>"$UPSD_C" - config_get statepath "$cfg" statepath - [ -n "$statepath" ] && echo "STATEPATH $statepath" >>$UPSD_C + [ -n "$statepath" ] && echo "STATEPATH $statepath" >>"$UPSD_C" config_get maxconn "$cfg" maxconn - [ -n "$maxconn" ] && echo "MAXCONN $maxconn" >>$UPSD_C + [ -n "$maxconn" ] && echo "MAXCONN $maxconn" >>"$UPSD_C" #NOTE: certs only apply to SSL-enabled version config_get certfile "$cfg" certfile - [ -n "$certfile" ] && echo "CERTFILE $certfile" >>$UPSD_C + [ -n "$certfile" ] && echo "CERTFILE $certfile" >>"$UPSD_C" } nut_user_add() { @@ -55,104 +86,278 @@ nut_user_add() { local val config_get val "$cfg" username "$1" - echo "[$val]" >> $USERS_C + echo "[$val]" >> "$USERS_C" config_get val "$cfg" password - echo " password = $val" >> $USERS_C + echo " password = $val" >> "$USERS_C" config_get val "$cfg" actions for a in $val; do - echo " actions = $a" >> $USERS_C + echo " actions = $a" >> "$USERS_C" done instcmd() { local val="$1" - echo " instcmds = $val" >> $USERS_C + echo " instcmds = $val" >> "$USERS_C" } config_list_foreach "$cfg" instcmd instcmd config_get val "$cfg" upsmon if [ -n "$val" ]; then - echo " upsmon $val" >> $USERS_C + echo " upsmon $val" >> "$USERS_C" fi } -start_service() { - local runas statepath - - mkdir -p /var/etc/nut - chmod -R 750 /var/etc/nut - - rm -f $UPSD_C - rm -f $USERS_C - rm -f $UPSD_C +build_server_config() { + mkdir -p "$(dirname "$UPSD_C")" + chmod 0640 "$UPS_C" + rm -f "$USERS_C" + rm -f "$UPSD_C" rm -f /var/etc/nut/nut.conf - echo "# Config file automatically generated from UCI config" > $UPS_C - echo "# Config file automatically generated from UCI config" > $USERS_C - echo "# Config file automatically generated from UCI config" > $UPSD_C + echo "# Config file automatically generated from UCI config" > "$USERS_C" + echo "# Config file automatically generated from UCI config" > "$UPSD_C" - local in_driver have_drivers - config_cb() { - if [ "$1" != "driver" ]; then - in_driver= - else - echo "[$2]" >> $UPS_C - in_driver=true - have_drivers=true - fi + config_foreach nut_user_add user + config_foreach listen_address listen_address + config_foreach upsd_config upsd + echo "MODE=netserver" >>/var/etc/nut/nut.conf + + chmod 0640 "$USERS_C" + chmod 0640 "$UPSD_C" + chmod 0644 /var/etc/nut/nut.conf + + [ -d "${STATEPATH}" ] || { + mkdir -p "${STATEPATH}" + chmod 0750 "${STATEPATH}" } - option_cb() { - if [ "$in_driver" = "true" ]; then - echo " $1 = $2" >> $UPS_C - fi + + if [ -n "$RUNAS" ]; then + chown "$RUNAS":"$(id -gn "$RUNAS")" "${STATEPATH}" + chgrp "$(id -gn "$RUNAS")" "$USERS_C" + chgrp "$(id -gn "$RUNAS")" "$UPSD_C" + fi + haveserver=1 +} + +build_driver_config() { + local cfg="$1" + + echo "[$cfg]" >>"$UPS_C" + + get_write_driver_config "$cfg" bus + get_write_driver_config "$cfg" community + get_write_driver_config "$cfg" desc + get_write_driver_config "$cfg" driver "usbhid-ups" + get_write_driver_config "$cfg" ignorelb 0 1 + get_write_driver_config "$cfg" interruptonly 0 1 + get_write_driver_config "$cfg" interruptsize + get_write_driver_config "$cfg" maxreport + get_write_driver_config "$cfg" maxstartdelay + get_write_driver_config "$cfg" mfr + get_write_driver_config "$cfg" model + get_write_driver_config "$cfg" nolock 0 1 + get_write_driver_config "$cfg" notransferoids 0 1 + get_write_driver_config "$cfg" offdelay + get_write_driver_config "$cfg" ondelay + get_write_driver_config "$cfg" pollfreq + get_write_driver_config "$cfg" port "auto" + get_write_driver_config "$cfg" product + get_write_driver_config "$cfg" productid + get_write_driver_config "$cfg" retrydelay + get_write_driver_config "$cfg" sdorder + get_write_driver_config "$cfg" sdtime + get_write_driver_config "$cfg" serial + get_write_driver_config "$cfg" snmp_version + get_write_driver_config "$cfg" snmp_retries + get_write_driver_config "$cfg" snmp_timeout + get_write_driver_config "$cfg" synchronous + get_write_driver_config "$cfg" vendor + get_write_driver_config "$cfg" vendorid + + defoverride() { + local overvar="$1" + local defover="$2" + local overtype="$(echo "$overvar" | tr '.' '_')" + local overval + + config_get overval "${defover}_${overtype}" value + [ -n "$overval" ] && echo "${defover}.${overvar} = $overval" >>"$UPS_C" } + config_list_foreach "$cfg" override defoverride override + config_list_foreach "$cfg" default defoverride default + + other() { + local othervar="$1" + local othervarflag="$2" + local otherval + + if [ "$othervarflag" = "otherflag" ]; then + config_get_bool otherval "${othervarflag}_${othervar}" value + [ "$otherval" = "1" ] && echo "${othervar}" >>"$UPS_C" + else + config_get otherval "${othervarflag}_${othervar}" value + [ -n "$otherval" ] && echo "${othervar} = $otherval" >>"$UPS_C" + fi + } + + config_list_foreach "$cfg" other other other + config_list_foreach "$cfg" otherflag other otherflag + echo "" >>$UPS_C + havedriver=1 +} + +build_global_driver_config() { + local cfg="$1" + + # Global driver config + get_write_driver_config "$cfg" chroot + get_write_driver_config "$cfg" driverpath + get_write_driver_config "$cfg" maxstartdelay + get_write_driver_config "$cfg" maxretry + get_write_driver_config "$cfg" retrydelay + get_write_driver_config "$cfg" pollinterval + get_write_driver_config "$cfg" synchronous + config_get runas "$cfg" user nut + RUNAS="$runas" + + echo "" >>"$UPS_C" +} + +build_config() { + local STATEPATH=/var/run/nut + + mkdir -p "$(dirname "$UPS_C")" + rm -f "$UPS_C" + echo "# Config file automatically generated from UCI config" > "$UPS_C" + chmod 0640 "$UPS_C" + config_load nut_server - config_foreach nut_user_add user - config_foreach upsd_config upsd - config_foreach listen_address listen_address - - echo "MODE=netserver" >>/var/etc/nut/nut.conf - - chmod 0640 $USERS_C - chmod 0640 $UPS_C - chmod 0640 $UPSD_C - chmod 0640 /var/etc/nut/nut.conf - [ -d "${statepath:-/var/run/nut}" ] || { - mkdir -m 0750 -p "${statepath:-/var/run/nut}" - chown $runas:$(id -gn $runas) "${statepath:-/var/run/nut}" - } - - if [ -n "$runas" ]; then - chown -R $runas:$(id -gn $runas) /var/etc/nut - fi - - if [ "$have_drivers" = "true" ]; then - $DEBUG /usr/sbin/upsd ${runas:+-u $runas} $OPTIONS - $DEBUG /usr/sbin/upsdrvctl ${runas:+-u $runas} start - fi + upsd_runas + config_foreach build_global_driver_config driver_global + config_foreach build_driver_config driver + upsd_statepath + build_server_config + [ -n "$RUNAS" ] && chgrp "$(id -gn "$RUNAS")" "$UPS_C" } - -nut_driver_stop() { +start_driver_instance() { local cfg="$1" + local requested="$2" local driver + local STATEPATH=/var/run/nut + local RUNAS=nut - config_get driver "$cfg" driver + [ "$havedriver" != 1 ] && return - [ -r ${statepath:-/var/run/nut}/$driver-$cfg ] && /usr/sbin/upsdrvctl stop $cfg + # If wanting a specific instance, only start it + if [ "$requested" != "$cfg" ] && [ "$request" != "" ]; then + return 0 + fi + + mkdir -p "$(dirname "$UPS_C")" + chmod 0755 "$UPS_C" + + upsd_statepath + build_config + + # Avoid hotplug inadvertenly restarting driver during + # forced shutdown + [ -f /var/run/killpower ] && return 0 + if [ -d /var/run/nut ] && [ -f /var/run/nut/disable-hotplug ]; then + return 0 + fi + + if [ -n "$RUNAS" ]; then + chown "$RUNAS":"$(id -gn "$RUNAS")" "${STATEPATH}" + chgrp "$(id -gn "$RUNAS")" "$UPS_C" + fi + + config_get driver "$cfg" driver "usbhid-ups" + procd_open_instance "$cfg" + procd_set_param respawn + procd_set_param stderr 0 + procd_set_param stdout 1 + procd_set_param command /lib/nut/"${driver}" -D -a "$cfg" ${RUNAS:+-u "$RUNAS"} + procd_close_instance } -stop_service() { - [ -r $PID_F ] && /usr/sbin/upsd -c stop - config_load ups - config_foreach upsd_statepath upsd - config_foreach nut_driver_stop driver +interface_triggers() { + local action="$1" + local triggerlist trigger + + config_get triggerlist upsd triggerlist + + . /lib/functions/network.sh + + if [ -n "$triggerlist" ]; then + for trigger in $triggerlist; do + if [ "$action" = "add_trigger" ]; then + procd_add_interface_trigger "interface.*" "$trigger" /etc/init.d/nut-server reload + else + network_is_up "$trigger" && return 0 + fi + done + else + if [ "$action" = "add_trigger" ]; then + procd_add_raw_trigger "interface.*.up" 2000 /etc/init.d/nut-server reload + else + ubus call network.device status | grep -q '"up": true' && return 0 + fi + fi + [ "$action" = "add_trigger" ] || return 1 +} + +start_server_instance() { + local cfg="$1" + + [ "$haveserver" != 1 ] && return + interface_triggers "check_interface_up" || return + + procd_open_instance "$cfg" + procd_set_param respawn + procd_set_param stderr 0 + procd_set_param stdout 1 + procd_set_param command /usr/sbin/upsd -D ${RUNAS:+-u "$RUNAS"} + procd_close_instance +} + +start_service() { + local STATEPATH=/var/run/nut + + # Avoid hotplug inadvertenly restarting driver during + # forced shutdown + [ -f /var/run/killpower ] && return 0 + + config_load nut_server + build_config + + case $@ in + "") + config_foreach start_driver_instance driver "$@" + start_server_instance upsd + ;; + *upsd*) + start_server_instance upsd + ;; + *) + config_foreach start_driver_instance driver "$@" + ;; + esac } reload_service() { - upsd -c reload + stop_service "$@" + sleep 2 + start_service "$@" +} + +service_triggers() { + config_load nut_server + + interface_triggers "add_trigger" + procd_add_reload_trigger "nut_server" } diff --git a/net/nut/files/nut_cgi b/net/nut/files/nut_cgi index 9f0bed6f..dca5de07 100644 --- a/net/nut/files/nut_cgi +++ b/net/nut/files/nut_cgi @@ -4,3 +4,5 @@ # option port # optional port number # option displayname "Display Name" +config upsset + option enable 0 diff --git a/net/nut/files/nut_monitor b/net/nut/files/nut_monitor index 0b71e95c..59e0f360 100644 --- a/net/nut/files/nut_monitor +++ b/net/nut/files/nut_monitor @@ -1,14 +1,13 @@ #config upsmon 'upsmon' -# option runas run-as-user +# option runas nutmon # option minsupplies 1 -# option shutdowncmd /sbin/halt +# option shutdowncmd '/usr/sbin/nutshutdown' # option notifycmd /path/to/cmd # list defaultnotify SYSLOG # option pollfreq 5 # option pollfreqalert 5 # option hostsync 15 # option deadtime 15 -# option powerdownflags /var/run/killpower # option onlinemsg "online message" # option onbattmsg "on battery message" # option lowbattmsg "low battery message" @@ -51,4 +50,3 @@ # option powervalue 1 # option username upsuser # option password upspassword - diff --git a/net/nut/files/nut_serial.hotplug b/net/nut/files/nut_serial.hotplug new file mode 100644 index 00000000..fa3bafeb --- /dev/null +++ b/net/nut/files/nut_serial.hotplug @@ -0,0 +1,34 @@ +#!/bin/sh + +nut_serial() { + local cfg="$cfg" + local runas enable_usb_serial port + config_get_bool enable_usb_serial "$cfg" enable_usb_serial 0 + config_get port "$cfg" port + config_get runas "$cfg" runas "nut" + + [ -z "$runas" ] && config_get runas upsd runas "nut" + + [ "$enable_usb_serial" -eq 1 ] && { + # If port is specified only change tty's matching port + if [ -n "$port" ] && [ "$port" != /dev/"$DEVNAME" ]; then + return 0 + fi + [ -n "$runas" ] && chgrp "$(id -gn "${runas}")" /dev/"$DEVNAME" + chmod g+rw /dev/"$DEVNAME" + } +} + +nut_on_hotplug_add() { + . "${IPKG_INSTROOT}"/lib/functions.sh + + config load nut_server + config_foreach nut_serial driver +} + +[ "$ACTION" = "add" ] && [ -n "$DEVNAME" ] && { + # On add of a serial port with name ttyUSB* + [ -z "${DEVNAME%ttyUSB*}" ] && nut_on_hutplug_add + # On add of a serial port with name ttyAMA* + [ -z "${DEVNAME%ttyAMA*}" ] && nut_on_hutplug_add +} diff --git a/net/nut/files/nut_server b/net/nut/files/nut_server index bebd169d..cda92497 100644 --- a/net/nut/files/nut_server +++ b/net/nut/files/nut_server @@ -1,8 +1,10 @@ +#config driver_global 'driver_global' +# option user nut + #config driver 'upsname' # option driver usbhid-ups # option port auto -# option other other-value -# option runas root +# option enable_usb_serial 0 #config user # option username upsuser @@ -19,5 +21,6 @@ # option maxage 15 # option statepath /var/run/nut # option maxconn 1024 +# option runas nut # NB: certificates only apply to SSL-enabled version # option certfile /usr/local/etc/upsd.pem diff --git a/net/nut/files/nutshutdown b/net/nut/files/nutshutdown new file mode 100755 index 00000000..86fe01bb --- /dev/null +++ b/net/nut/files/nutshutdown @@ -0,0 +1,51 @@ +#!/bin/sh +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +stop_instance() { + /etc/init.d/nut-server stop "$1" +} + +shutdown_instance() { + local cfg="$1" + config_get driver "$cfg" driver "usbhid-ups" + + # Only FSD if killpower was indicated + if [ -f /var/run/killpower ]; then + /lib/nut/"${driver}" -a "$cfg" -k + fi +} + +do_fsd() { + if [ -f /var/run/killpower ]; then + # Only make FS readonly if we are doing an FSD + mount -o remount,ro /overlay /overlay + mount -o remount,ro / / + + . ${IPKG_INSTOOT}/lib/functions.sh + + if [ -f /etc/config/nut_server ]; then + config_load nut_server + + # Can't FSD unless drivers are stopped + config_foreach stop_instance driver + # Driver will wait 'offdelay' before shutting down + config_foreach shutdown_instance driver + # So this can happen + rm -f /var/run/killpower + poweroff + # And just in case + sleep 120 + # Uh-oh failed to poweroff UPS + reboot -f + else + poweroff + fi + else + poweroff + fi +} + +do_fsd diff --git a/net/nut/patches/0001-Add-compatibility-with-openssl-1.1.0.patch b/net/nut/patches/0001-Add-compatibility-with-openssl-1.1.0.patch index f75f1322..23d10fb3 100644 --- a/net/nut/patches/0001-Add-compatibility-with-openssl-1.1.0.patch +++ b/net/nut/patches/0001-Add-compatibility-with-openssl-1.1.0.patch @@ -1,43 +1,101 @@ -From fcbf18c92918ce5e81d0aab62a7aed5c2245ea4d Mon Sep 17 00:00:00 2001 -From: Eneas U de Queiroz -Date: Fri, 1 Jun 2018 11:17:28 -0300 -Subject: [PATCH 1/2] Add compatibility with openssl 1.1.0 +commit 612c05efb3c3b243da603a3a050993281888b6e3 +Author: Arjen de Korte +Date: Fri Mar 15 10:17:32 2019 +0100 -Minor adjustments were needed: -* Openssl 1.1 libs do not need to be initialized. -* TLSv*_method became TLS_*_method. + Add support for openssl-1.1.0 (#504) + + * Add support for openssl-1.1.0 + + * Allow TLSv1 and higher (not just TLSv1) + + * Fix check for empty string + + * Report TLS handshake in debug mode + + * Update nut_check_libopenssl.m4 + + * Update upsclient.c + + * Update netssl.c -Signed-off-by: Eneas U de Queiroz ---- - clients/upsclient.c | 5 ++++- - m4/nut_check_libopenssl.m4 | 2 +- - server/netssl.c | 7 +++++-- - 3 files changed, 10 insertions(+), 4 deletions(-) - -diff --git a/clients/upsclient.c b/clients/upsclient.c -index b90587b0..053d60fb 100644 --- a/clients/upsclient.c +++ b/clients/upsclient.c -@@ -316,10 +316,13 @@ int upscli_init(int certverify, const char *certpath, +@@ -299,11 +299,6 @@ int upscli_init(int certverify, const ch + { + #ifdef WITH_OPENSSL + int ret, ssl_mode = SSL_VERIFY_NONE; +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L +- const SSL_METHOD *ssl_method; +-#else +- SSL_METHOD *ssl_method; +-#endif + #elif defined(WITH_NSS) /* WITH_OPENSSL */ + SECStatus status; + #endif /* WITH_OPENSSL | WITH_NSS */ +@@ -315,22 +310,32 @@ int upscli_init(int certverify, const ch + } #ifdef WITH_OPENSSL - -+# if OPENSSL_VERSION_NUMBER < 0x10100000L - SSL_library_init(); - SSL_load_error_strings(); -+# define TLS_client_method TLSv1_client_method -+# endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ +- +- SSL_library_init(); +- SSL_load_error_strings(); - ssl_method = TLSv1_client_method(); -+ ssl_method = TLS_client_method(); ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ SSL_load_error_strings(); ++ SSL_library_init(); - if (!ssl_method) { - return 0; -diff --git a/m4/nut_check_libopenssl.m4 b/m4/nut_check_libopenssl.m4 -index 1b875077..7eb401cd 100644 +- if (!ssl_method) { +- return 0; +- } ++ ssl_ctx = SSL_CTX_new(SSLv23_client_method()); ++#else ++ ssl_ctx = SSL_CTX_new(TLS_client_method()); ++#endif + +- ssl_ctx = SSL_CTX_new(ssl_method); + if (!ssl_ctx) { + upslogx(LOG_ERR, "Can not initialize SSL context"); + return -1; + } + ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ /* set minimum protocol TLSv1 */ ++ SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); ++#else ++ ret = SSL_CTX_set_min_proto_version(ssl_ctx, TLS1_VERSION); ++ if (ret != 1) { ++ upslogx(LOG_ERR, "Can not set minimum protocol to TLSv1"); ++ return -1; ++ } ++#endif ++ + if (!certpath) { + if (certverify == 1) { + upslogx(LOG_ERR, "Can not verify certificate if any is specified"); +@@ -737,7 +742,7 @@ static int upscli_sslinit(UPSCONN_t *ups + switch(res) + { + case 1: +- upsdebugx(3, "SSL connected"); ++ upsdebugx(3, "SSL connected (%s)", SSL_get_version(ups->ssl)); + break; + case 0: + upslog_with_errno(1, "SSL_connect do not accept handshake."); +--- a/clients/upssched.c ++++ b/clients/upssched.c +@@ -794,7 +794,7 @@ static void parse_at(const char *ntype, + } + + if (!strcmp(cmd, "EXECUTE")) { +- if (ca1 == '\0') { ++ if (ca1[0] == '\0') { + upslogx(LOG_ERR, "Empty EXECUTE command argument"); + return; + } --- a/m4/nut_check_libopenssl.m4 +++ b/m4/nut_check_libopenssl.m4 -@@ -58,7 +58,7 @@ if test -z "${nut_have_libopenssl_seen}"; then +@@ -58,7 +58,7 @@ if test -z "${nut_have_libopenssl_seen}" dnl check if openssl is usable AC_CHECK_HEADERS(openssl/ssl.h, [nut_have_openssl=yes], [nut_have_openssl=no], [AC_INCLUDES_DEFAULT]) @@ -46,28 +104,63 @@ index 1b875077..7eb401cd 100644 if test "${nut_have_openssl}" = "yes"; then nut_with_ssl="yes" -diff --git a/server/netssl.c b/server/netssl.c -index c2f40989..0289e296 100644 --- a/server/netssl.c +++ b/server/netssl.c -@@ -387,12 +387,15 @@ void ssl_init(void) +@@ -274,7 +274,7 @@ void net_starttls(nut_ctype_t *client, i + { + case 1: + client->ssl_connected = 1; +- upsdebugx(3, "SSL connected"); ++ upsdebugx(3, "SSL connected (%s)", SSL_get_version(client->ssl)); + break; + + case 0: +@@ -370,13 +370,7 @@ void ssl_init(void) + { + #ifdef WITH_NSS + SECStatus status; +-#elif defined(WITH_OPENSSL) +-#if OPENSSL_VERSION_NUMBER >= 0x10000000L +- const SSL_METHOD *ssl_method; +-#else +- SSL_METHOD *ssl_method; +-#endif +-#endif /* WITH_NSS|WITH_OPENSSL */ ++#endif /* WITH_NSS */ + + if (!certfile) { + return; +@@ -386,18 +380,29 @@ void ssl_init(void) #ifdef WITH_OPENSSL -+# if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L SSL_load_error_strings(); SSL_library_init(); -+# define TLS_server_method TLSv1_server_method -+# endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ - if ((ssl_method = TLSv1_server_method()) == NULL) { -+ if ((ssl_method = TLS_server_method()) == NULL) { ++ ssl_ctx = SSL_CTX_new(SSLv23_server_method()); ++#else ++ ssl_ctx = SSL_CTX_new(TLS_server_method()); ++#endif ++ ++ if (!ssl_ctx) { ssl_debug(); - fatalx(EXIT_FAILURE, "TLSv1_server_method failed"); -+ fatalx(EXIT_FAILURE, "TLS_server_method failed"); ++ fatalx(EXIT_FAILURE, "SSL_CTX_new failed"); } - if ((ssl_ctx = SSL_CTX_new(ssl_method)) == NULL) { --- -2.16.1 - +- if ((ssl_ctx = SSL_CTX_new(ssl_method)) == NULL) { ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ /* set minimum protocol TLSv1 */ ++ SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); ++#else ++ if (SSL_CTX_set_min_proto_version(ssl_ctx, TLS1_VERSION) != 1) { + ssl_debug(); +- fatalx(EXIT_FAILURE, "SSL_CTX_new failed"); ++ fatalx(EXIT_FAILURE, "SSL_CTX_set_min_proto_version(TLS1_VERSION)"); + } ++#endif + + if (SSL_CTX_use_certificate_chain_file(ssl_ctx, certfile) != 1) { + ssl_debug(); diff --git a/net/nut/patches/0002-Fix-check-for-empty-string.patch b/net/nut/patches/0002-Fix-check-for-empty-string.patch deleted file mode 100644 index 2f4c7240..00000000 --- a/net/nut/patches/0002-Fix-check-for-empty-string.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 2ef929da38232af63ba53074ca97e95ae4faf912 Mon Sep 17 00:00:00 2001 -From: Arjen de Korte -Date: Tue, 28 Nov 2017 22:01:41 +0100 -Subject: [PATCH 2/2] Fix check for empty string - ---- - clients/upssched.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/clients/upssched.c b/clients/upssched.c -index 97b3ed42..3fdf118e 100644 ---- a/clients/upssched.c -+++ b/clients/upssched.c -@@ -794,7 +794,7 @@ static void parse_at(const char *ntype, const char *un, const char *cmd, - } - - if (!strcmp(cmd, "EXECUTE")) { -- if (ca1 == '\0') { -+ if (ca1[0] == '\0') { - upslogx(LOG_ERR, "Empty EXECUTE command argument"); - return; - } --- -2.16.1 -