Initial commit
Change-Id: I6a4444e3c193dae437cd7929f4c39aba7b749efa
diff --git a/contrib/OpenWRT/HOWTO b/contrib/OpenWRT/HOWTO
new file mode 100644
index 0000000..af07b43
--- /dev/null
+++ b/contrib/OpenWRT/HOWTO
@@ -0,0 +1,305 @@
+#####################
+# !! IMPORTANT !! #
+#####################
+
+The uClibc library that is shipped with OpenWRT lacks support for several POSIX thread
+features, such as pthread_cleanup_{push,pop}, that are required by the freeDiameter
+framework.
+
+Until these features are included in the base OpenWRT system, the framework will not
+behave correctly on this platform.
+
+Therefore, the OpenWRT port is NOT usable properly at this moment with uClibc.
+
+A test software is included in test_required for checking if new uClibc distributions
+support the required features. You'll have to adapt the Makefile according to your environment.
+
+An alternative choice if your hardware allows it is to use (e)glibc in your openwrt image.
+
+#####################
+
+
+
+This HOWTO describes how to generate a set of ipkg modules for
+providing support of freeDiameter in an OpenWRT system.
+
+This HOWTO is written for OpenWRT 10.03 (BackFire) and no guarantee is provided
+that it will work for you. Be prepared to eventually brick your routeur...
+
+Table of contents:
+0) Quick HOWTO: optimistic step-by-step instructions.
+1) Prerequisites: get the OpenWRT development environment ready.
+2) Supplied packages: use the existing packages when possible (gnutls, ...)
+3) Other dependencies: provide for additional missing dependencies (sctp ...)
+4) freediameter package: now create the freeDiameter package
+5) Configuration: how to set the configuration on the router.
+
+This HOWTO will NOT cover how to install OpenWRT on your access device, nor
+its basic configuration. Please refer to OpenWRT website for this type of HOWTOs.
+
+
+==============================================
+0) Quick HOWTO
+==============================================
+The following instructions should allow you to put freeDiameter on your OpenWRT-compatible router.
+In case something goes wrong, you should follow the detailed instructions in the remaining of
+this file.
+
+Be warned: playing with the software in your router may brick it, i.e. make it unusable forever.
+Do it at your own risk.
+
+1) Get the OpenWRT environment:
+$ git clone git://nbd.name/openwrt.git
+$ cd openwrt
+
+2) Get the feeds
+$ cp feeds.conf.default feeds.conf
+$ echo "src-hg freediameter http://www.freediameter.net/hg/fD-OWRT-packages" >> feeds.conf
+$ scripts/feeds update
+$ scripts/feeds install freeDiameter
+
+3) Configure your image
+$ make menuconfig
+(set Target System and Target Profile as needed for your equipment)
+
+- Network --->
+ freeDiameter (M)
+ freeDiameter-test (M)
+ wpad (*)
+ wpad-mini ( )
+
+
+4) Set the C library to glibc instead of uClibc (broken support, see #26)
+
+- Advanced configuration options (for developers) --->
+ - Toolchain Options ---->
+ C Library implementation (Use eglibc)
+
+
+5) Build the image and packages, this takes a while
+$ make world
+
+6) Export the bin/* directory through a webserver.
+ We assume it is available at http://192.168.1.25/owrt
+
+7) Flash the router with your new image -- THIS DESTROYS ALL CONFIG ON THE ROUTER!
+$ ssh root@192.168.1.1
+# cd /tmp
+# wget http://192.168.1.25/owrt/openwrt-brcm47xx-squashfs.trx
+ ;; change the file name with yours
+# mtd -r write openwrt-brcm47xx-squashfs.trx linux
+ ;; wait for reboot
+$ telnet 192.168.1.1
+# passwd
+# sync
+# exit
+
+8) Update the opkg router's config to get your new packages
+ssh root@192.168.1.1
+# echo "src/gz localrepo http://192.168.1.25/owrt/packages" >> /etc/opkg.conf
+# opkg update
+
+9) Install freeDiameter, you're done. Optionnaly, install also certtool on the router before, to
+ generate the TLS certificate automatically.
+# opkg install freeDiameter
+
+==============================================
+1) Prerequisites:
+==============================================
+
+We will first need a working OpenWRT toolchain environment. You can retrieve
+pre-compiled binaries of such toolchains ("Image builder") on the OpenWRT website. Anyway,
+in case the architecture you are interested in is not listed, you can build
+the full toolchain from source. This is the path we are following in this HOWTO.
+
+a) Retrieve the latest OpenWRT source, using subversion or git.
+Since I have to go through a proxy, I use the later here, svn being quite annoying with proxies.
+Note, the following commands must not be run as root.
+$ git clone git://nbd.name/openwrt.git
+ (Note: you might instead use "backfire.git" if you want to stick with an OpenWRT release.)
+$ cd openwrt
+$ cp feeds.conf.default feeds.conf
+
+b) If you are using git, you have to edit the feeds.conf file to use git as well for packages.
+Do the following modifications in this case:
+$ vi feeds.conf
+ Comment out this line:
+src-svn packages https://svn.openwrt.org/openwrt/packages
+ Add this line instead:
+src-git packages git://nbd.name/packages.git
+
+ You can leave uncommented the luci (for GNUTLS) and Xwrt (webif) repositories. Since these repositories
+use svn over http, you can use subversion even if you are behind a proxy.
+
+c) Then issue the following command to update the package list:
+$ scripts/feeds update
+
+d) Now, let's already create the toolchain and basic image.
+$ make menuconfig
+
+This will open a menu for you. You must select the target you are building for.
+See http://wiki.openwrt.org/toh/start for the table of hardware and associated information.
+In my case, I am using a Buffalo WZR-HP-G300NH router. I therefore select these options:
+- Target System --->
+ Atheros AR71xx/AR7240/AR913x
+- Target Profile --->
+ Buffalo WZR-HP-G300NH
+
+For many routeurs, the recommended kernel is a 2.4x version. I have NOT tried with such kernel,
+and the SCTP support is likely to be different in this generation of kernels. I strongly recommend
+to go with a 2.6x kernel, whenever possible.
+
+e) As per freeDiameter ticket #26, you also need to change the library to glibc instead of uClibc.
+Change the option as follow:
+
+- Advanced configuration options (for developers) --->
+ - Toolchain Options ---->
+ C Library implementation (Use eglibc)
+
+f) Once configured, create the toolchain and default image (this takes a while):
+$ make world
+
+After this command completes successfully, your build environment is ready.
+The resulting image and packages are stored in the "bin/" subdirectory.
+It is very convenient if you make this repository available in http to your routeur.
+
+You should probably try at this early stage to flash your device with the image you have generated.
+If the default basic image does not work, it is probably not worth adding new problems on top of it.
+
+For troubleshooting, please consult OpenWRT documentation directly.
+"make prereq" may help you building the initial image also.
+See http://downloads.openwrt.org/docs/buildroot-documentation.html for additional information
+concerning this step.
+
+You should now be able to login on your routeur with telnet (first time) or ssh (after setting a password).
+
+==============================================
+2) Supplied packages:
+==============================================
+
+There are some dependencies of freeDiameter already available in the OpenWRT packages repository.
+You can check for the available packages with the script:
+$ ./scripts/feeds search <package>
+
+We will now describe how to install these dependencies. At the time this HOWTO is written,
+the OpenWRT repositories contains packages for sctp, ipv6, gnutls, pthreads and hostapd.
+Follow these instructions to build them.
+
+Alternatively, you can find these packages pre-compiled in the OpenWRT packages repository.
+
+a) Add the packages
+$ scripts/feeds install libgnutls
+$ scripts/feeds install sctp
+
+b) Select the following components in the menu:
+$ make menuconfig
+- Base system --->
+ libpthread (M)
+
+- Network --->
+ sctp (M)
+ hostapd (M)
+ wpad-mini ( )
+
+- Libraries --->
+ SSL --->
+ libgnutls (M)
+
+- Kernel modules --->
+ Network Support --->
+ kmod-ipv6 (M)
+
+Quit and save the new config, then:
+$ make world
+
+This will add a bunch of modules in your bin directory that will be required for freeDiameter.
+Since we are removing the wpad-mini daemon from the base image, this image (trx or bin file) is also recompiled.
+
+Note that if you are setting your device as WPA supplicant also (wireless client), you must select wpad instead of hostapd.
+(in any case, the -mini version is not suitable since we will use the RADIUS authentication).
+
+
+You should now reflash your routeur with the new firmware image. The simplest way to achieve if your routeur has enough
+flash memory is to:
+- copy the new trx image to your routeur's /tmp (using wget or scp)
+- run this command (on the device) -- replace <newfile.trx> with your actual filename:
+ root@OpenWrt:~# mtd -r write <newfile.trx> linux
+
+WARNING: this will erase your existing configuration on the routeur.
+In case you need to save it, you may try the sysupgrade command instead.
+
+This will reboot the device after writing the new image file.
+Afterwards, if you have set up the http server on your development machine properly
+(let's assume it has IP address 192.168.1.25)
+you can run the following command on your router:
+ root@OpenWrt:~# echo "src/gz mydev http://192.168.1.25/packages" >> /etc/opkg.conf
+ root@OpenWrt:~# opkg update
+
+Install the newly compiled packages with:
+ root@OpenWrt:~# opkg install kmod-ipv6 hostapd libpthread sctp
+
+==============================================
+3) Missing packages:
+==============================================
+
+UPDATE: Starting from revision r22917, sctp and kmod-sctp are included in the OpenWRT distribution, and have been removed
+from freeDiameter package. One may consider using a freeDiameter package prior to 2010/09/05 in order to get the sctp
+package, or a more recent OpenWRT environment.
+
+PREVIOUS SITUATION: If you are using components prior to 2010/09/05, the following applies:
+P:
+P: There are other dependencies for freeDiameter that are not provided by OpenWRT packages.
+P: For convenience, we include these meta-packages in the freeDiameter distribution -- but they
+P: might not be up-to-date.
+P:
+P: a) Adding the contributed directory to the feeds
+P: Add the following line in your feeds.conf file:
+P: src-link freediameter /path/to/freediameter/contrib/OpenWRT/packages/
+P:
+P: Then run:
+P: $ scripts/feeds update
+P:
+P: This should allow you to install the missing dependencies as follow:
+P:
+P:
+P: b) SCTP library (note: you might alternatively compile freeDiameter without SCTP support).
+P: $ scripts/feeds install sctp
+P:
+P:
+P: c) Select these components in the menu:
+P: $ make menuconfig
+P: - Libraries --->
+P: sctp (M)
+P:
+P: Quit and save the new config, then:
+P: $ make world
+P:
+P:
+P: d) Install this on the router as well:
+P: root@OpenWrt:~# opkg update
+P: root@OpenWrt:~# opkg install sctp
+
+
+==============================================
+4) freediameter package:
+==============================================
+
+Now, your environment should be ready to compile the freeDiameter ipkg package.
+$ scripts/feeds install freeDiameter
+
+Note that in order to build this package, you need to have cmake & flex on your compilation machine.
+
+$ make menuconfig
+- Network --->
+ freeDiameter (M)
+ freeDiameter-test (M)
+
+Quit and save the new config, then:
+$ make world
+
+On your router, run:
+# opkg update
+# opkg install freeDiameter
+
+
+
diff --git a/contrib/OpenWRT/others/D-Link_DIR-330_netconfig.patch b/contrib/OpenWRT/others/D-Link_DIR-330_netconfig.patch
new file mode 100644
index 0000000..a35556a
--- /dev/null
+++ b/contrib/OpenWRT/others/D-Link_DIR-330_netconfig.patch
@@ -0,0 +1,35 @@
+diff --git a/target/linux/brcm47xx/base-files/etc/init.d/netconfig b/target/linux/brcm47xx/base-files/etc/init.d/netconfig
+index d7839b6..6446483 100755
+--- a/target/linux/brcm47xx/base-files/etc/init.d/netconfig
++++ b/target/linux/brcm47xx/base-files/etc/init.d/netconfig
+@@ -150,6 +150,30 @@ start() {
+ }
+ }
+ }
++ if (model == "D-Link DIR-330") { # boardtype is 0x0472, so we need to reset the parameters
++ # The switch is on eth1, this script defaults to switch on eth0, so we write the values directly instead.
++ print "#### DIR-330: eth1 must be up for configuring the switch "
++ print "config interface switchport"
++ print " option ifname \"eth1\""
++ print " option proto none"
++ print ""
++ print "config switch eth1"
++ print " option enable 1"
++ print ""
++ print "config switch_vlan eth1_0"
++ print " option device \"eth1\""
++ print " option vlan 0"
++ print " option ports \"0 1 2 3 5t\""
++ print ""
++ print "config switch_vlan eth1_1"
++ print " option device \"eth1\""
++ print " option vlan 1"
++ print " option ports \"4 5t\""
++ print ""
++ c["lan_ifname"] = "eth0.0"
++ c["wan_ifname"] = "eth0.1"
++ }
++
+ # Buffalo WBR-B11 and Buffalo WBR-G54
+ if (nvram["boardtype"] == "bcm94710ap") {
+ c["vlan0ports"] = "0 1 2 3 4 5u"
diff --git a/contrib/OpenWRT/packages/freeDiameter/Makefile b/contrib/OpenWRT/packages/freeDiameter/Makefile
new file mode 100644
index 0000000..d06502c
--- /dev/null
+++ b/contrib/OpenWRT/packages/freeDiameter/Makefile
@@ -0,0 +1,241 @@
+#
+# Software License Agreement (BSD License)
+#
+# Copyright (c) 2013, WIDE Project and NICT
+# All rights reserved.
+#
+# See LICENSE file from freeDiameter source package for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=freeDiameter
+PKG_REV:=696
+PKG_VERSION:=r$(PKG_REV)
+PKG_RELEASE:=1
+
+PKG_SOURCE_PROTO:=hg
+PKG_SOURCE_VERSION:=$(PKG_REV)
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=http://www.freediameter.net/hg/freeDiameter
+# PKG_MD5SUM:=
+
+PKG_FIXUP:=libtool
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/freeDiameter
+ SECTION:=freeDiameter
+ CATEGORY:=Network
+ TITLE:=freeDiameter
+ URL:=http://www.freediameter.net
+ DEPENDS:=+sctp +libgnutls +libpthread +kmod-ipv6
+endef
+
+define Package/freeDiameter-test
+ SECTION:=freeDiameter
+ CATEGORY:=Network
+ TITLE:=freeDiameter-test
+ URL:=http://www.freediameter.net
+ DEPENDS:=+freeDiameter
+endef
+
+define Package/freeDiameter/description
+ freeDiameter + RADIUS/Diameter gateway extension package.
+endef
+
+define Package/freeDiameter-test/description
+ The app_test.fdx extension for freeDiameter, useful only to perform some
+tests between freeDiameter peers (ping-like for Diameter).
+endef
+
+define Package/freeDiameter/conffiles
+/etc/freeDiameter/freeDiameter.conf
+/etc/freeDiameter/rgw.conf
+endef
+
+define Build/Configure
+ IN_OPENWRT=1 \
+ AR="$(TARGET_CROSS)ar" \
+ AS="$(TARGET_CC) -c $(TARGET_CFLAGS)" \
+ LD="$(TARGET_CROSS)ld" \
+ NM="$(TARGET_CROSS)nm" \
+ CC="$(TARGET_CC)" \
+ GCC="$(TARGET_CC)" \
+ CXX="$(TARGET_CROSS)g++" \
+ RANLIB="$(TARGET_CROSS)ranlib" \
+ STRIP="$(TARGET_CROSS)strip" \
+ OBJCOPY="$(TARGET_CROSS)objcopy" \
+ OBJDUMP="$(TARGET_CROSS)objdump" \
+ TARGET_CPPFLAGS="$(TARGET_CPPFLAGS)" \
+ TARGET_CFLAGS="$(TARGET_CFLAGS)" \
+ TARGET_LDFLAGS="$(TARGET_LDFLAGS)" \
+ cmake \
+ -DCMAKE_PREFIX_PATH:PATH=$(STAGING_DIR)/usr \
+ -DCMAKE_INSTALL_PREFIX:PATH=/usr \
+ -DDIAMID_IDNA_REJECT:BOOL=ON \
+ -DBUILD_TESTING:BOOL=OFF \
+ -DCMAKE_BUILD_TYPE:STRING=DebianPackage \
+ -DDEFAULT_CONF_PATH:PATH=/etc/freeDiameter \
+ -DBUILD_APP_RADGW:BOOL=ON \
+ -DBUILD_DBG_MONITOR:BOOL=ON \
+ -DBUILD_TEST_APP:BOOL=ON \
+ VERBOSE=1 \
+ $(PKG_BUILD_DIR)/CMakeLists.txt
+endef
+
+TARGET_LDFLAGS := -L$(STAGING_DIR)/usr/lib $(TARGET_LDFLAGS)
+define Package/freeDiameter/install
+ # binaries
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(CP) \
+ $(PKG_INSTALL_DIR)/usr/bin/freeDiameterd* \
+ $(1)/usr/bin/
+ # libraries & extensions
+ $(INSTALL_DIR) $(1)/usr/lib/
+ $(CP) \
+ $(PKG_INSTALL_DIR)/usr/lib/* \
+ $(1)/usr/lib/
+ # Remove the test_app from the main package (see freeDiameter-test)
+ $(RM) $(1)/usr/lib/freeDiameter/test_app*
+
+ # configuration files
+ $(INSTALL_DIR) $(1)/etc/freeDiameter
+ $(INSTALL_CONF) \
+ $(PKG_BUILD_DIR)/doc/freediameter.conf.sample \
+ $(1)/etc/freeDiameter/freeDiameter.conf
+ $(SED) 's,TLS_Cred,#TLS_Cred,g' $(1)/etc/freeDiameter/freeDiameter.conf
+ echo "" >> $(1)/etc/freeDiameter/freeDiameter.conf
+ echo "### OPENWRT specific" >> $(1)/etc/freeDiameter/freeDiameter.conf
+ echo "TLS_Cred = \"/etc/freeDiameter/freeDiameter.pem\", \"/etc/freeDiameter/freeDiameter.key\";" \
+ >> $(1)/etc/freeDiameter/freeDiameter.conf
+ echo "TLS_CA = \"/etc/freeDiameter/freeDiameter.ca.pem\";" \
+ >> $(1)/etc/freeDiameter/freeDiameter.conf
+ echo "TLS_DH_File = \"/etc/freeDiameter/dh.pem\";" \
+ >> $(1)/etc/freeDiameter/freeDiameter.conf
+ echo "SCTP_streams = 3;" >> $(1)/etc/freeDiameter/freeDiameter.conf
+ echo "LoadExtension = \"dict_nasreq.fdx\";" >> $(1)/etc/freeDiameter/freeDiameter.conf
+ echo "LoadExtension = \"dict_eap.fdx\";" >> $(1)/etc/freeDiameter/freeDiameter.conf
+ echo "LoadExtension = \"app_radgw.fdx\":\"rgw.conf\";" \
+ >> $(1)/etc/freeDiameter/freeDiameter.conf
+ echo "# test_app.fdx provided in freeDiameter-test package:" \
+ >> $(1)/etc/freeDiameter/freeDiameter.conf
+ echo "# LoadExtension = \"test_app.fdx\";" >> $(1)/etc/freeDiameter/freeDiameter.conf
+ echo "## Add overrides below this point" >> $(1)/etc/freeDiameter/freeDiameter.conf
+
+
+ $(INSTALL_CONF) \
+ $(PKG_BUILD_DIR)/doc/app_radgw.conf.sample \
+ $(1)/etc/freeDiameter/rgw.conf
+ $(SED) 's,RGWX,#RGWX,g' $(1)/etc/freeDiameter/rgw.conf
+ echo "" >> $(1)/etc/freeDiameter/rgw.conf
+ echo "### OPENWRT specific" >> $(1)/etc/freeDiameter/rgw.conf
+ echo " RGWX = \"auth.rgwx\" : auth;" >> $(1)/etc/freeDiameter/rgw.conf
+ echo " RGWX = \"acct.rgwx\" : acct;" >> $(1)/etc/freeDiameter/rgw.conf
+ echo "" >> $(1)/etc/freeDiameter/rgw.conf
+ echo " cli = 127.0.0.1 / \"secret key\" ;" >> $(1)/etc/freeDiameter/rgw.conf
+ echo " auth_server_ip4 = 127.0.0.1;" >> $(1)/etc/freeDiameter/rgw.conf
+ echo " auth_server_ip6 = ::1 ;" >> $(1)/etc/freeDiameter/rgw.conf
+ echo " acct_server_ip4 = 127.0.0.1;" >> $(1)/etc/freeDiameter/rgw.conf
+ echo " acct_server_ip6 = ::1 ;" >> $(1)/etc/freeDiameter/rgw.conf
+endef
+
+define Package/freeDiameter-test/install
+ # Only the test_app extension
+ $(INSTALL_DIR) $(1)/usr/lib/freeDiameter/
+ $(CP) $(PKG_INSTALL_DIR)/usr/lib/freeDiameter/test_app* \
+ $(1)/usr/lib/freeDiameter/
+endef
+
+define Package/freeDiameter/postinst
+#!/bin/sh
+
+# Test if the configuration file contains the local identity already
+localid=`sed -n -r -e "s/^[[:space:]]*Identity[[:space:]]*=[[:space:]]*\"([^\"]*)\"[[:space:]]*;/\1/p" /etc/freeDiameter/freeDiameter.conf`
+if [ -z "$$localid" ]; then
+ # Ask for the local name
+ echo -n "Full name of your access point? (openwrt.localdomain) : "
+ read localid
+ if [ -z "$$localid" ]; then
+ localid="openwrt.localdomain"
+ fi
+ echo "Identity = \"$$localid\";" >> /etc/freeDiameter/freeDiameter.conf
+fi
+
+# Is there already a ConnectPeer directive?
+grep -q -E -e "^[[:space:]]*ConnectPeer[[:space:]]*=" /etc/freeDiameter/freeDiameter.conf
+if [ "$$?" -eq "1" ]; then
+ echo -n "Diameter Identity of your Diameter server: "
+ read serverid
+ if [ -z "$$serverid" ]; then
+ echo "Skipped. Please add ConnectPeer directive to your /etc/freeDiameter/freeDiameter.conf file later."
+ else
+ echo -n "IP or IPv6 address of your Diameter server? (leave blank for dynamic resolution) "
+ read serverip
+ connstr=""
+ if [ -n "$$serverip" ]; then
+ connstr=" { ConnectTo = \"$$serverip\"; }"
+ fi
+ echo "ConnectPeer = \"$$serverid\"$$connstr;" >> /etc/freeDiameter/freeDiameter.conf
+ fi
+fi
+
+# Certificate configuration
+if [ ! -f "/usr/bin/certtool" ]; then
+ echo "certtool is not installed, skipping creation of default certificate and DH parameters."
+ echo "The following files are expected by freeDiameter:"
+ echo " /etc/freeDiameter/freeDiameter.key"
+ echo " /etc/freeDiameter/freeDiameter.pem"
+ echo " /etc/freeDiameter/freeDiameter.ca.pem"
+ echo " /etc/freeDiameter/dh.pem"
+ exit 0
+fi
+if [ ! -f "/etc/freeDiameter/freeDiameter.key" ]; then
+ echo "Creating a new private key for freeDiameter, please wait"
+ certtool -p --outfile /etc/freeDiameter/freeDiameter.key
+fi
+if [ ! -f "/etc/freeDiameter/freeDiameter.pem" ]; then
+ echo "organization = freeDiameter" > /tmp/template.cnf
+ echo "unit = OpenWRT" >>/tmp/template.cnf
+ echo "state = internet" >>/tmp/template.cnf
+ echo "country = net" >>/tmp/template.cnf
+ echo "cn = $$localid" >>/tmp/template.cnf
+ echo "expiration_days = 3650" >>/tmp/template.cnf
+ echo "signing_key" >>/tmp/template.cnf
+ echo "encryption_key" >>/tmp/template.cnf
+ if [ ! -f "/etc/freeDiameter/freeDiameter.csr" ]; then
+ echo "Creating a new CSR (use if you have a separate CA)"
+ certtool -q --load-privkey /etc/freeDiameter/freeDiameter.key \
+ --outfile /etc/freeDiameter/freeDiameter.csr \
+ --template /tmp/template.cnf
+ fi
+ echo "Creating a new certificate for freeDiameter"
+ certtool -s --load-privkey /etc/freeDiameter/freeDiameter.key \
+ --outfile /etc/freeDiameter/freeDiameter.pem \
+ --template /tmp/template.cnf
+ rm -f /tmp/template.cnf
+ cat /etc/freeDiameter/freeDiameter.pem >> /etc/freeDiameter/freeDiameter.ca.pem
+ echo "Done."
+ echo "========================================================================"
+ echo "To enable TLS communication, you should either:"
+ echo " - use a real certificate signed by your server's CA:"
+ echo " Use the CSR provided in /etc/freeDiameter/freeDiameter.csr"
+ echo " Save the new certificate as /etc/freeDiameter/freeDiameter.pem"
+ echo " Replace the contents of /etc/freeDiameter/freeDiameter.ca.pem with your CA's certificate"
+ echo " - or, declare the certificates as trusted as follow: "
+ echo " Add your server's CA certificate into /etc/freeDiameter/freeDiameter.ca.pem"
+ echo " Add the content of /etc/freeDiameter/freeDiameter.pem into your server's trusted CA file"
+ echo "========================================================================"
+fi
+if [ ! -f "/etc/freeDiameter/dh.pem" ]; then
+ echo "Creating new Diffie-Hellman parameters file. This operation takes a while..."
+ certtool --generate-dh-params --outfile /etc/freeDiameter/dh.pem
+ echo "Done."
+fi
+echo "freeDiameter configuration completed and stored in /etc/freeDiameter/."
+endef
+
+$(eval $(call BuildPackage,freeDiameter))
+$(eval $(call BuildPackage,freeDiameter-test))
diff --git a/contrib/OpenWRT/packages/freeDiameter/patches/01-freeDiameter-OpenWRT.patch b/contrib/OpenWRT/packages/freeDiameter/patches/01-freeDiameter-OpenWRT.patch
new file mode 100644
index 0000000..6f43c8d
--- /dev/null
+++ b/contrib/OpenWRT/packages/freeDiameter/patches/01-freeDiameter-OpenWRT.patch
@@ -0,0 +1,19 @@
+diff -Nur freeDiameter/CMakeLists.txt freeDiameter-OpenWRT/CMakeLists.txt
+--- freeDiameter/CMakeLists.txt 2010-08-13 16:19:35.000000000 +0900
++++ freeDiameter-OpenWRT/CMakeLists.txt 2010-08-13 16:21:32.000000000 +0900
+@@ -51,6 +51,14 @@
+ SET(DEBUG 1)
+ ENDIF (CMAKE_BUILD_TYPE MATCHES "Debug|Profiling|DebugValgrind")
+
++# OpenWRT
++SET(IN_OPENWRT $ENV{IN_OPENWRT})
++IF (IN_OPENWRT)
++ ADD_DEFINITIONS("$ENV{TARGET_LDFLAGS}" "$ENV{TARGET_CPPFLAGS}" "$ENV{TARGET_CFLAGS}")
++ INCLUDE_DIRECTORIES("$ENV{TARGET_LDFLAGS}" "$ENV{TARGET_CPPFLAGS}" "$ENV{TARGET_CFLAGS}")
++ENDIF(IN_OPENWRT)
++
++
+ # some subfolders use yacc and lex parsers
+ SET(BISON_GENERATE_DEFINES TRUE)
+ SET(BISON_PREFIX_OUTPUTS TRUE)
+Binary files freeDiameter/.hg/dirstate and freeDiameter-OpenWRT/.hg/dirstate differ
diff --git a/contrib/OpenWRT/test_required/Makefile b/contrib/OpenWRT/test_required/Makefile
new file mode 100644
index 0000000..d13cc91
--- /dev/null
+++ b/contrib/OpenWRT/test_required/Makefile
@@ -0,0 +1,15 @@
+OWRT_ENV_ROOT=/root/openwrt-env/openwrt
+STAGING_UCLIBC_ROOT=$(OWRT_ENV_ROOT)/staging_dir/target-mipsel_uClibc-0.9.31
+STAGING_GCC_ROOT=$(OWRT_ENV_ROOT)/staging_dir/toolchain-mipsel_gcc-4.3.3+cs_uClibc-0.9.31
+
+CFLAGS=-Os -pipe -mips32 -mtune=mips32 -funit-at-a-time -fhonour-copts -msoft-float -I$(STAGING_UCLIBC_ROOT)/usr/include -I$(STAGING_UCLIBC_ROOT)/include -I$(STAGING_GCC_ROOT)/usr/include -I$(STAGING_GCC_ROOT)/include
+LDFLAGS=-L$(STAGING_UCLIBC_ROOT)/usr/lib -L$(STAGING_UCLIBC_ROOT)/lib -L$(STAGING_GCC_ROOT)/usr/lib -L$(STAGING_GCC_ROOT)/lib
+
+GCC=mipsel-openwrt-linux-uclibc-gcc
+PATH:=$(STAGING_GCC_ROOT)/bin/:$(PATH)
+
+testcase: testcase.o
+ $(GCC) $(LDFLAGS) -lpthread testcase.o -o testcase
+
+testcase.o: testcase.c
+ $(GCC) $(CFLAGS) -o testcase.o -c testcase.c
diff --git a/contrib/OpenWRT/test_required/testcase.c b/contrib/OpenWRT/test_required/testcase.c
new file mode 100644
index 0000000..11d7882
--- /dev/null
+++ b/contrib/OpenWRT/test_required/testcase.c
@@ -0,0 +1,90 @@
+#include <pthread.h>
+#include <stdio.h>
+#include <strings.h>
+#include <assert.h>
+
+static pthread_barrier_t bar;
+static pthread_mutex_t mtx = PTHREAD_MUTEX_INITIALIZER;
+static pthread_cond_t cnd = PTHREAD_COND_INITIALIZER;
+static int called = 0;
+
+#ifndef ASSERT
+#define ASSERT(x) assert(x)
+#endif /* ASSERT */
+
+static void cleanupmutex(void * arg)
+{
+ printf("cancelation cleanup handler called\n");
+ if (arg) {
+ ASSERT( pthread_mutex_unlock((pthread_mutex_t *)arg) == 0 );
+ called++;
+ }
+
+}
+
+static void * mythread(void * a)
+{
+ int ret;
+
+ /* lock mutex */
+ ASSERT( pthread_mutex_lock(&mtx) == 0 );
+
+ /* Push cleanup */
+ pthread_cleanup_push(cleanupmutex, &mtx);
+
+ printf("thread synchronization (mutex acquired)\n");
+
+ /* Wake the other thread */
+ ret = pthread_barrier_wait(&bar);
+ ASSERT( (ret == 0) || (ret == PTHREAD_BARRIER_SERIAL_THREAD) );
+
+ /* Now wait for the condition, this unlocks the mutex */
+ do {
+ printf("thread waiting cond\n");
+ ASSERT( pthread_cond_wait(&cnd, &mtx) == 0);
+ printf("thread woken\n");
+ } while (1);
+
+ /* Cleanup, never reached */
+ pthread_cleanup_pop(1);
+ return NULL;
+}
+
+int main(int argc, char * argv[])
+{
+ int ret;
+ pthread_t thr;
+ void * dummy;
+
+ /* initialize the barrier */
+ ASSERT( pthread_barrier_init(&bar, NULL, 2) == 0 );
+
+ printf("Creating thread\n");
+
+ /* Create the thread */
+ ASSERT( pthread_create(&thr, NULL, mythread, NULL) == 0 );
+
+ printf("main synchronization\n");
+ ret = pthread_barrier_wait(&bar);
+ ASSERT( (ret == 0) || (ret == PTHREAD_BARRIER_SERIAL_THREAD) );
+
+ ASSERT( pthread_mutex_lock(&mtx) == 0 );
+ printf("main: thread is now waiting for condvar\n");
+
+ /* Cancel the thread */
+ ASSERT( pthread_cancel(thr) == 0 );
+
+ /* Now, unlock, so that the thread can actually really exit */
+ ASSERT( pthread_mutex_unlock(&mtx) == 0 );
+
+ /* Release thread resources */
+ ASSERT( pthread_join(thr, &dummy) == 0 );
+
+ if (called == 1)
+ printf("Test successful!\n");
+ else
+ printf("Test failed! Cleanup was not called (& lock not released)\n");
+
+ return 0;
+
+}