move certs dir to /etc/ecutools. update instal-bbb.sh

jeremyhahn · Jun 2, 2016 · ebd1350 · ebd1350
1 parent 197aa50
commit ebd1350
Show file tree

Hide file tree

Showing 13 changed files with 59 additions and 32 deletions.
diff --git a/.gitignore b/.gitignore
@@ -3,3 +3,4 @@ certs/*
 logs/*
 *.gem
 Gemfile.lock
+src/aws_iot_src/external_libs/mbedTLS/*
diff --git a/Makefile.am b/Makefile.am
@@ -80,7 +80,7 @@ check_j2534_SOURCES = $(ECUTOOLS_TEST_FILES)
 check_j2534_LDFLAGS = $(LD_FLAG) -lcheck -lj2534
 
 mbedtls:
-	cd src/aws_iot_src/external_libs/mbedTLS && cmake . && make && cd -y
+	cd src/aws_iot_src/external_libs/mbedTLS && cmake . && make && cd -
 
 ecutune: mbedtls
 	make

diff --git a/bindings/ruby/certs b/bindings/ruby/certs
diff --git a/cli/certs b/cli/certs
diff --git a/cli/lib/ecutools/awsiot/service.rb b/cli/lib/ecutools/awsiot/service.rb
@@ -129,7 +129,7 @@ def config_h_file
     end
 
     def certs_dir
-      @certs_dir ||= "#{path}/certs"
+      @certs_dir ||= "/etc/ecutools/certs"
     end
 
     def save_certificates(keys_and_cert)

diff --git a/install-bbb.sh b/install-bbb.sh
@@ -3,6 +3,7 @@
 # BeagleBone Black / Debian Installer
 
 sudo apt-get update
+apt-get remove lightdm xserver-* apache2* --purge
 sudo apt-get install -y cmake libssl-dev libjansson-dev libcurl4-openssl-dev can-utils
 sudo apt-get autoremove -y
 
@@ -11,23 +12,30 @@ cd ecutools
 
 ./autogen.sh && ./configure && make mbedtls && make && sudo make install
 
-THING_NAME=myj2534
-UID=ecutune
-GID=ecutools
+MYUID=ecutune
+MYGID=ecutools
 LOGDIR=/var/log/ecutools
-groupadd $GID
-useradd -r ecutune -s /bin/false -G $GID
+CERTDIR=/etc/ecutools/certs
+
+groupadd $MYGID
+useradd -G $MYGID -r $MYUID -s /bin/false
+
 mkdir $LOGDIR
-chown $UID.$GID $LOGDIR
-chmod 664 $UID.$GID $LOGDIR
+chown root.$MYGID $LOGDIR
+chmod 775 $LOGDIR
+
+mkdir -p $CERTDIR
+chown root.$MYGID $CERTDIR
+chmod 775 $CERTDIR
 
 echo '
 #!/bin/sh
 
 set -e
 
-UID=ecutune
-GID=ecutools
+THING_NAME=myj2534
+MYUID=ecutune
+MYGID=ecutools
 LOGDIR=/var/log/ecutools
 
 NAME=ecutuned
@@ -40,7 +48,7 @@ export PATH="${PATH:+$PATH:}/usr/sbin:/sbin"
 case "$1" in
   start)
         echo -n "Starting daemon: "$NAME
-	start-stop-daemon --chuid $UID:$GID --start --quiet --pidfile $PIDFILE --exec $DAEMON -- $DAEMON_OPTS
+	start-stop-daemon --chuid $MYUID:$MYGID --start --quiet --pidfile $PIDFILE --exec $DAEMON -- $DAEMON_OPTS
         echo "."
 	;;
   stop)
@@ -51,7 +59,7 @@ case "$1" in
   restart)
         echo -n "Restarting daemon: "$NAME
 	start-stop-daemon --stop --quiet --oknodo --retry 30 --pidfile $PIDFILE
-	start-stop-daemon --chuid $UID:$GID --start --quiet --pidfile $PIDFILE --exec $DAEMON -- $DAEMON_OPTS
+	start-stop-daemon --chuid $MYUID:$MYGID --start --quiet --pidfile $PIDFILE --exec $DAEMON -- $DAEMON_OPTS
 	echo "."
 	;;
   *)
@@ -65,5 +73,3 @@ exit 0
 chmod 755 /etc/init.d/ecutuned
 update-rc.d ecutuned defaults
 
-/etc/init.d/ecutuned start
-
diff --git a/src/awsiot_client.c b/src/awsiot_client.c
@@ -24,17 +24,22 @@ unsigned int awsiot_client_connect(awsiot_client *awsiot) {
   char rootCA[255];
   char clientCRT[255];
   char clientKey[255];
-  char CurrentWD[255];
-  char certDirectory[10] = "certs";
+  char etcEcutools[255] = "/etc/ecutools/certs";
   char cafileName[] = AWS_IOT_ROOT_CA_FILENAME;
   char clientCRTName[] = AWS_IOT_CERTIFICATE_FILENAME;
   char clientKeyName[] = AWS_IOT_PRIVATE_KEY_FILENAME;
   awsiot->rc = SUCCESS;
 
-  getcwd(CurrentWD, sizeof(CurrentWD));
-  sprintf(rootCA, "%s/%s/%s", CurrentWD, certDirectory, cafileName);
-  sprintf(clientCRT, "%s/%s/%s", CurrentWD, certDirectory, clientCRTName);
-  sprintf(clientKey, "%s/%s/%s", CurrentWD, certDirectory, clientKeyName);
+  if(awsiot->certDir == NULL) {
+    sprintf(rootCA, "%s/%s", etcEcutools, cafileName);
+    sprintf(clientCRT, "%s/%s", etcEcutools, clientCRTName);
+    sprintf(clientKey, "%s/%s", etcEcutools, clientKeyName);
+  }
+  else {
+    sprintf(rootCA, "%s/%s", awsiot->certDir, cafileName);
+    sprintf(clientCRT, "%s/%s", awsiot->certDir, clientCRTName);
+    sprintf(clientKey, "%s/%s", awsiot->certDir, clientKeyName); 
+  }
 
   syslog(LOG_DEBUG, "rootCA %s", rootCA);
   syslog(LOG_DEBUG, "clientCRT %s", clientCRT);
@@ -131,4 +136,3 @@ void awsiot_client_close(awsiot_client *awsiot) {
   awsiot->rc = aws_iot_mqtt_disconnect(&awsiot->client);
   if(awsiot->onclose) awsiot->onclose(awsiot);
 }
-
diff --git a/src/awsiot_client.h b/src/awsiot_client.h
@@ -31,6 +31,7 @@
 
 typedef struct _awsiot_client {
   char *clientId;
+  char *certDir;
   AWS_IoT_Client *client;
   IoT_Error_t rc;
   pthread_t publish_thread;

diff --git a/src/ecutuned.c b/src/ecutuned.c
@@ -98,7 +98,7 @@ void print_program_header() {
 
 void parse_args(int argc, char** argv, passthru_thing_params *params) {
   int opt;
-  while((opt = getopt(argc, argv, "n:i:l:d")) != -1) {
+  while((opt = getopt(argc, argv, "n:i:l:d:c")) != -1) {
     switch(opt) {
       case 'n':
         if(strlen(optarg) > 80) {
@@ -116,11 +116,18 @@ void parse_args(int argc, char** argv, passthru_thing_params *params) {
         break;
       case 'l':
         if(strlen(optarg) > 255) {
-          printf("ERROR: log directory value must not exceed 255 chars");
+          printf("ERROR: log directory must not exceed 255 chars");
           main_exit(1, params);
         }
         params->logdir = MYSTRING_COPY(optarg, strlen(optarg));
         break;
+      case 'c':
+        if(strlen(optarg) > 255) {
+          printf("ERROR: cert directory must not exceed 255 chars");
+          main_exit(1, params);
+        }
+        params->certDir = MYSTRING_COPY(optarg, strlen(optarg));
+        break;
       case 'd':
         daemonize = 1;
         break;
@@ -149,6 +156,7 @@ int main(int argc, char **argv) {
   params->thingName = NULL;
   params->logdir = NULL;
   params->iface = NULL;
+  params->certDir = NULL;
   parse_args(argc, argv, params);
   if(params->thingName == NULL) {
     params->thingName = malloc(sizeof(char) * 8);

diff --git a/src/passthru_shadow.c b/src/passthru_shadow.c
@@ -29,16 +29,21 @@ int passthru_shadow_connect(passthru_shadow *shadow) {
   char rootCA[255];
   char clientCRT[255];
   char clientKey[255];
-  char CurrentWD[255];
-  char certDirectory[10] = "certs";
+  char etcEcutools[255] = "/etc/ecutools/certs";
   char cafileName[] = AWS_IOT_ROOT_CA_FILENAME;
   char clientCRTName[] = AWS_IOT_CERTIFICATE_FILENAME;
   char clientKeyName[] = AWS_IOT_PRIVATE_KEY_FILENAME;
 
-  getcwd(CurrentWD, sizeof(CurrentWD));
-  sprintf(rootCA, "%s/%s/%s", CurrentWD, certDirectory, cafileName);
-  sprintf(clientCRT, "%s/%s/%s", CurrentWD, certDirectory, clientCRTName);
-  sprintf(clientKey, "%s/%s/%s", CurrentWD, certDirectory, clientKeyName);
+  if(shadow->certDir == NULL) {
+    sprintf(rootCA, "%s/%s", etcEcutools, cafileName);
+    sprintf(clientCRT, "%s/%s", etcEcutools, clientCRTName);
+    sprintf(clientKey, "%s/%s", etcEcutools, clientKeyName);
+  }
+  else {
+    sprintf(rootCA, "%s/%s", shadow->certDir, cafileName);
+    sprintf(clientCRT, "%s/%s", shadow->certDir, clientCRTName);
+    sprintf(clientKey, "%s/%s", shadow->certDir, clientKeyName); 
+  }
 
   syslog(LOG_DEBUG, "rootCA %s", rootCA);
   syslog(LOG_DEBUG, "clientCRT %s", clientCRT);

diff --git a/src/passthru_shadow.h b/src/passthru_shadow.h
@@ -79,6 +79,7 @@ typedef struct {
 
 typedef struct _passthru_shadow {
   char *thingName;
+  char *certDir;
   IoT_Error_t rc;
   AWS_IoT_Client *mqttClient;
   pthread_t yield_thread;

diff --git a/src/passthru_thing.c b/src/passthru_thing.c
@@ -50,6 +50,7 @@ unsigned int passthru_thing_sync_initial_state() {
   thing->awsiot->onerror = NULL;
   thing->awsiot->onclose = NULL;
   thing->awsiot->ondisconnect = NULL;
+  thing->awsiot->certDir = thing->params->certDir;
   awsiot_client_connect(thing->awsiot);
   awsiot_client_subscribe(thing->awsiot, thing->shadow->get_accepted_topic);
   awsiot_client_publish(thing->awsiot, thing->shadow->update_topic, "{\"state\":{\"desired\":{\"j2534\":null},\"reported\":{\"j2534\":null}}}");
@@ -208,6 +209,7 @@ void passthru_thing_init(passthru_thing_params *params) {
   memset(thing->shadow, 0, sizeof(passthru_shadow));
   thing->shadow->mqttClient = malloc(sizeof(AWS_IoT_Client));
   thing->shadow->thingName = thing->name;
+  thing->shadow->certDir = thing->params->certDir;
 
   thing->shadow->onopen = &passthru_thing_shadow_onopen;
   thing->shadow->ondelta = &passthru_thing_shadow_ondelta;

diff --git a/src/passthru_thing.h b/src/passthru_thing.h
@@ -53,6 +53,7 @@ typedef struct {
   char *thingName;
   char *iface;
   char *logdir;
+  char *certDir;
 } passthru_thing_params;
 
 typedef struct {
-Original file line number
+Diff line change
@@ Expand Up / @@ -3,3 +3,4 @@ certs/* @@
     logs/*
     *.gem
     Gemfile.lock
+    src/aws_iot_src/external_libs/mbedTLS/*