unetd: cli: split generating network key from signing

author Felix Fietkau <[email protected]>

Fri, 6 Jun 2025 08:44:02 +0000 (10:44 +0200)

committer Felix Fietkau <[email protected]>

Wed, 22 Oct 2025 09:06:36 +0000 (11:06 +0200)
author Felix Fietkau <[email protected]>
Fri, 6 Jun 2025 08:44:02 +0000 (10:44 +0200)
committer Felix Fietkau <[email protected]>
Wed, 22 Oct 2025 09:06:36 +0000 (11:06 +0200)
diff --git a/package/network/services/unetd/files/unet.uc b/package/network/services/unetd/files/unet.uc

index 453c58adb0ff0a2b7c07ea0275fbeeac29430c4f..eb2c450cb632010785b880a609e991b8a0eaee30 100644 (file)
--- a/package/network/services/unetd/files/unet.uc
+++ b/package/network/services/unetd/files/unet.uc
@@ -166,14 +166,24 @@ function network_sign_data(ctx, name, network, pw_file, upload)
                 bin_file += "." + time();
  
         writefile(json_file, sprintf("%.J\n", network));
-       let ret = network_keygen(pw_file, '-S', network.config, bin_file, json_file);
-       unlink(json_file);
+
+       let key_file = mkstemp();
+       let ret = network_keygen(pw_file, '-G', network.config, "/dev/fd/" + key_file.fileno());
         if (!ret) {
+               if (ctx.command_failed)
+                       ctx.command_failed("Failed to generate network key");
+               return false;
+       }
+
+       ret = system([ "unet-tool", "-S", "-K", "/dev/fd/" + key_file.fileno(), "-o", bin_file, json_file ]);
+       unlink(json_file);
+       if (ret != 0) {
                 if (ctx.command_failed)
                         ctx.command_failed("Failed to sign network configuration");
                 return false;
         }
  
+       key_file.close();
         if (!upload)
                 return true;
author	Felix Fietkau <[email protected]>
	Fri, 6 Jun 2025 08:44:02 +0000 (10:44 +0200)
committer	Felix Fietkau <[email protected]>
	Wed, 22 Oct 2025 09:06:36 +0000 (11:06 +0200)