/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to Makefile

  • Committer: Björn Påhlsson
  • Date: 2008-07-20 02:52:20 UTC
  • Revision ID: belorn@braxen-20080720025220-r5u0388uy9iu23h6
Added following support:
Pluginbased client handler
rewritten Mandos client
       Avahi instead of udp server discovery
       openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
WARN=-O -Wall -Wformat=2 -Winit-self -Wmissing-include-dirs \
2
 
        -Wswitch-default -Wswitch-enum -Wunused-parameter \
3
 
        -Wstrict-aliasing=1 -Wextra -Wfloat-equal -Wundef -Wshadow \
4
 
        -Wunsafe-loop-optimizations -Wpointer-arith \
5
 
        -Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
6
 
        -Wconversion -Wstrict-prototypes -Wold-style-definition \
7
 
        -Wpacked -Wnested-externs -Winline -Wvolatile-register-var
8
 
#       -Wunreachable-code 
9
 
#DEBUG=-ggdb3
10
 
# For info about _FORTIFY_SOURCE, see
11
 
# <http://www.kernel.org/doc/man-pages/online/pages/man7/feature_test_macros.7.html>
12
 
# and <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
13
 
FORTIFY=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC
14
 
LINK_FORTIFY_LD=-z relro -z now
15
 
LINK_FORTIFY=
16
 
 
17
 
# If BROKEN_PIE is set, do not build with -pie
18
 
ifndef BROKEN_PIE
19
 
FORTIFY += -fPIE
20
 
LINK_FORTIFY += -pie
21
 
endif
22
 
#COVERAGE=--coverage
23
 
OPTIMIZE=-Os
24
 
LANGUAGE=-std=gnu99
25
 
htmldir=man
26
 
version=1.0.14
27
 
SED=sed
28
 
 
29
 
## Use these settings for a traditional /usr/local install
30
 
# PREFIX=$(DESTDIR)/usr/local
31
 
# CONFDIR=$(DESTDIR)/etc/mandos
32
 
# KEYDIR=$(DESTDIR)/etc/mandos/keys
33
 
# MANDIR=$(PREFIX)/man
34
 
# INITRAMFSTOOLS=$(DESTDIR)/etc/initramfs-tools
35
 
##
36
 
 
37
 
## These settings are for a package-type install
38
 
PREFIX=$(DESTDIR)/usr
39
 
CONFDIR=$(DESTDIR)/etc/mandos
40
 
KEYDIR=$(DESTDIR)/etc/keys/mandos
41
 
MANDIR=$(PREFIX)/share/man
42
 
INITRAMFSTOOLS=$(DESTDIR)/usr/share/initramfs-tools
43
 
##
44
 
 
45
 
GNUTLS_CFLAGS=$(shell pkg-config --cflags-only-I gnutls)
46
 
GNUTLS_LIBS=$(shell pkg-config --libs gnutls)
47
 
AVAHI_CFLAGS=$(shell pkg-config --cflags-only-I avahi-core)
48
 
AVAHI_LIBS=$(shell pkg-config --libs avahi-core)
49
 
GPGME_CFLAGS=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)
50
 
GPGME_LIBS=$(shell gpgme-config --libs; getconf LFS_LIBS; \
51
 
        getconf LFS_LDFLAGS)
52
 
 
53
 
# Do not change these two
54
 
CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
55
 
        $(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS) \
56
 
        -DVERSION='"$(version)"'
57
 
LDFLAGS=$(COVERAGE) $(LINK_FORTIFY) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
58
 
 
59
 
# Commands to format a DocBook <refentry> document into a manual page
60
 
DOCBOOKTOMAN=$(strip cd $(dir $<); xsltproc --nonet --xinclude \
61
 
        --param man.charmap.use.subset          0 \
62
 
        --param make.year.ranges                1 \
63
 
        --param make.single.year.ranges         1 \
64
 
        --param man.output.quietly              1 \
65
 
        --param man.authors.section.enabled     0 \
66
 
         /usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
67
 
        $(notdir $<); \
68
 
        $(MANPOST) $(notdir $@))
69
 
# DocBook-to-man post-processing to fix a '\n' escape bug
70
 
MANPOST=$(SED) --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'
71
 
 
72
 
DOCBOOKTOHTML=$(strip xsltproc --nonet --xinclude \
73
 
        --param make.year.ranges                1 \
74
 
        --param make.single.year.ranges         1 \
75
 
        --param man.output.quietly              1 \
76
 
        --param man.authors.section.enabled     0 \
77
 
        --param citerefentry.link               1 \
78
 
        --output $@ \
79
 
        /usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl \
80
 
        $<; $(HTMLPOST) $@)
81
 
# Fix citerefentry links
82
 
HTMLPOST=$(SED) --in-place \
83
 
        --expression='s/\(<a class="citerefentry" href="\)\("><span class="citerefentry"><span class="refentrytitle">\)\([^<]*\)\(<\/span>(\)\([^)]*\)\()<\/span><\/a>\)/\1\3.\5\2\3\4\5\6/g'
84
 
 
85
 
PLUGINS=plugins.d/password-prompt plugins.d/mandos-client \
86
 
        plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo
87
 
CPROGS=plugin-runner $(PLUGINS)
88
 
PROGS=mandos mandos-keygen mandos-ctl $(CPROGS)
89
 
DOCS=mandos.8 plugin-runner.8mandos mandos-keygen.8 \
90
 
        plugins.d/mandos-client.8mandos \
91
 
        plugins.d/password-prompt.8mandos mandos.conf.5 \
92
 
        plugins.d/usplash.8mandos plugins.d/splashy.8mandos \
93
 
        plugins.d/askpass-fifo.8mandos mandos-clients.conf.5
94
 
 
95
 
htmldocs=$(addsuffix .xhtml,$(DOCS))
96
 
 
97
 
objects=$(addsuffix .o,$(CPROGS))
98
 
 
99
 
all: $(PROGS) mandos.lsm
100
 
 
101
 
doc: $(DOCS)
102
 
 
103
 
html: $(htmldocs)
104
 
 
105
 
%.5: %.xml common.ent legalnotice.xml
106
 
        $(DOCBOOKTOMAN)
107
 
%.5.xhtml: %.xml common.ent legalnotice.xml
108
 
        $(DOCBOOKTOHTML)
109
 
 
110
 
%.8: %.xml common.ent legalnotice.xml
111
 
        $(DOCBOOKTOMAN)
112
 
%.8.xhtml: %.xml common.ent legalnotice.xml
113
 
        $(DOCBOOKTOHTML)
114
 
 
115
 
%.8mandos: %.xml common.ent legalnotice.xml
116
 
        $(DOCBOOKTOMAN)
117
 
%.8mandos.xhtml: %.xml common.ent legalnotice.xml
118
 
        $(DOCBOOKTOHTML)
119
 
 
120
 
mandos.8: mandos.xml common.ent mandos-options.xml overview.xml \
121
 
                legalnotice.xml
122
 
        $(DOCBOOKTOMAN)
123
 
mandos.8.xhtml: mandos.xml common.ent mandos-options.xml \
124
 
                overview.xml legalnotice.xml
125
 
        $(DOCBOOKTOHTML)
126
 
 
127
 
mandos-keygen.8: mandos-keygen.xml common.ent overview.xml \
128
 
                legalnotice.xml
129
 
        $(DOCBOOKTOMAN)
130
 
mandos-keygen.8.xhtml: mandos-keygen.xml common.ent overview.xml \
131
 
                 legalnotice.xml
132
 
        $(DOCBOOKTOHTML)
133
 
 
134
 
mandos.conf.5: mandos.conf.xml common.ent mandos-options.xml \
135
 
                legalnotice.xml
136
 
        $(DOCBOOKTOMAN)
137
 
mandos.conf.5.xhtml: mandos.conf.xml common.ent mandos-options.xml \
138
 
                legalnotice.xml
139
 
        $(DOCBOOKTOHTML)
140
 
 
141
 
plugin-runner.8mandos: plugin-runner.xml common.ent overview.xml \
142
 
                legalnotice.xml
143
 
        $(DOCBOOKTOMAN)
144
 
plugin-runner.8mandos.xhtml: plugin-runner.xml common.ent \
145
 
                overview.xml legalnotice.xml
146
 
        $(DOCBOOKTOHTML)
147
 
 
148
 
plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \
149
 
                                        common.ent \
150
 
                                        mandos-options.xml \
151
 
                                        overview.xml legalnotice.xml
152
 
        $(DOCBOOKTOMAN)
153
 
plugins.d/mandos-client.8mandos.xhtml: plugins.d/mandos-client.xml \
154
 
                                        common.ent \
155
 
                                        mandos-options.xml \
156
 
                                        overview.xml legalnotice.xml
157
 
        $(DOCBOOKTOHTML)
158
 
 
159
 
# Update all these files with version number $(version)
160
 
common.ent: Makefile
161
 
        $(strip $(SED) --in-place \
162
 
                --expression='s/^\(<!ENTITY version "\)[^"]*">$$/\1$(version)">/' \
163
 
                $@)
164
 
 
165
 
mandos: Makefile
166
 
        $(strip $(SED) --in-place \
167
 
                --expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
168
 
                $@)
169
 
 
170
 
mandos-keygen: Makefile
171
 
        $(strip $(SED) --in-place \
172
 
                --expression='s/^\(VERSION="\)[^"]*"$$/\1$(version)"/' \
173
 
                $@)
174
 
 
175
 
mandos-ctl: Makefile
176
 
        $(strip $(SED) --in-place \
177
 
                --expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
178
 
                $@)
179
 
 
180
 
mandos.lsm: Makefile
181
 
        $(strip $(SED) --in-place \
182
 
                --expression='s/^\(Version:\).*/\1\t$(version)/' \
183
 
                $@)
184
 
        $(strip $(SED) --in-place \
185
 
                --expression='s/^\(Entered-date:\).*/\1\t$(shell date --rfc-3339=date --reference=Makefile)/' \
186
 
                $@)
187
 
        $(strip $(SED) --in-place \
188
 
                --expression='s/\(mandos_\)[0-9.]\+\(\.orig\.tar\.gz\)/\1$(version)\2/' \
189
 
                $@)
190
 
 
191
 
plugins.d/mandos-client: plugins.d/mandos-client.c
192
 
        $(LINK.c) $(GNUTLS_LIBS) $(AVAHI_LIBS) $(GPGME_LIBS) $(strip\
193
 
                ) $(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@
194
 
 
195
 
.PHONY : all doc html clean distclean run-client run-server install \
196
 
        install-server install-client uninstall uninstall-server \
197
 
        uninstall-client purge purge-server purge-client
 
1
CFLAGS="-Wall -std=gnu99"
 
2
LDFLAGS=-lgnutls
 
3
 
 
4
all: plugbasedclient
198
5
 
199
6
clean:
200
 
        -rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
201
 
 
202
 
distclean: clean
203
 
mostlyclean: clean
204
 
maintainer-clean: clean
205
 
        -rm --force --recursive keydir confdir
206
 
 
207
 
check:  all
208
 
        ./mandos --check
209
 
 
210
 
# Run the client with a local config and key
211
 
run-client: all keydir/seckey.txt keydir/pubkey.txt
212
 
        ./plugin-runner --plugin-dir=plugins.d \
213
 
                --config-file=plugin-runner.conf \
214
 
                --options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt \
215
 
                $(CLIENTARGS)
216
 
 
217
 
# Used by run-client
218
 
keydir/seckey.txt keydir/pubkey.txt: mandos-keygen
219
 
        install --directory keydir
220
 
        ./mandos-keygen --dir keydir --force
221
 
 
222
 
# Run the server with a local config
223
 
run-server: confdir/mandos.conf confdir/clients.conf
224
 
        ./mandos --debug --no-dbus --configdir=confdir $(SERVERARGS)
225
 
 
226
 
# Used by run-server
227
 
confdir/mandos.conf: mandos.conf
228
 
        install --directory confdir
229
 
        install --mode=u=rw,go=r $^ $@
230
 
confdir/clients.conf: clients.conf keydir/seckey.txt
231
 
        install --directory confdir
232
 
        install --mode=u=rw $< $@
233
 
# Add a client password
234
 
        ./mandos-keygen --dir keydir --password >> $@
235
 
 
236
 
install: install-server install-client-nokey
237
 
 
238
 
install-html: html
239
 
        install --directory $(htmldir)
240
 
        install --mode=u=rw,go=r --target-directory=$(htmldir) \
241
 
                $(htmldocs)
242
 
 
243
 
install-server: doc
244
 
        install --directory $(CONFDIR)
245
 
        install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
246
 
        install --mode=u=rw,go=r --target-directory=$(CONFDIR) \
247
 
                mandos.conf
248
 
        install --mode=u=rw --target-directory=$(CONFDIR) \
249
 
                clients.conf
250
 
        install --mode=u=rwx,go=rx init.d-mandos \
251
 
                $(DESTDIR)/etc/init.d/mandos
252
 
        install --mode=u=rw,go=r default-mandos \
253
 
                $(DESTDIR)/etc/default/mandos
254
 
        if [ -z $(DESTDIR) ]; then \
255
 
                update-rc.d mandos defaults 25 15;\
256
 
        fi
257
 
        gzip --best --to-stdout mandos.8 \
258
 
                > $(MANDIR)/man8/mandos.8.gz
259
 
        gzip --best --to-stdout mandos.conf.5 \
260
 
                > $(MANDIR)/man5/mandos.conf.5.gz
261
 
        gzip --best --to-stdout mandos-clients.conf.5 \
262
 
                > $(MANDIR)/man5/mandos-clients.conf.5.gz
263
 
 
264
 
install-client-nokey: all doc
265
 
        install --directory $(PREFIX)/lib/mandos $(CONFDIR)
266
 
        install --directory --mode=u=rwx $(KEYDIR) \
267
 
                $(PREFIX)/lib/mandos/plugins.d
268
 
        if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \
269
 
                install --mode=u=rwx \
270
 
                        --directory "$(CONFDIR)/plugins.d"; \
271
 
        fi
272
 
        install --mode=u=rwx,go=rx \
273
 
                --target-directory=$(PREFIX)/lib/mandos plugin-runner
274
 
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
275
 
                mandos-keygen
276
 
        install --mode=u=rwx,go=rx \
277
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
278
 
                plugins.d/password-prompt
279
 
        install --mode=u=rwxs,go=rx \
280
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
281
 
                plugins.d/mandos-client
282
 
        install --mode=u=rwxs,go=rx \
283
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
284
 
                plugins.d/usplash
285
 
        install --mode=u=rwxs,go=rx \
286
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
287
 
                plugins.d/splashy
288
 
        install --mode=u=rwxs,go=rx \
289
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
290
 
                plugins.d/askpass-fifo
291
 
        install initramfs-tools-hook \
292
 
                $(INITRAMFSTOOLS)/hooks/mandos
293
 
        install --mode=u=rw,go=r initramfs-tools-hook-conf \
294
 
                $(INITRAMFSTOOLS)/conf-hooks.d/mandos
295
 
        install initramfs-tools-script \
296
 
                $(INITRAMFSTOOLS)/scripts/init-premount/mandos
297
 
        install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
298
 
        gzip --best --to-stdout mandos-keygen.8 \
299
 
                > $(MANDIR)/man8/mandos-keygen.8.gz
300
 
        gzip --best --to-stdout plugin-runner.8mandos \
301
 
                > $(MANDIR)/man8/plugin-runner.8mandos.gz
302
 
        gzip --best --to-stdout plugins.d/password-prompt.8mandos \
303
 
                > $(MANDIR)/man8/password-prompt.8mandos.gz
304
 
        gzip --best --to-stdout plugins.d/mandos-client.8mandos \
305
 
                > $(MANDIR)/man8/mandos-client.8mandos.gz
306
 
        gzip --best --to-stdout plugins.d/usplash.8mandos \
307
 
                > $(MANDIR)/man8/usplash.8mandos.gz
308
 
        gzip --best --to-stdout plugins.d/splashy.8mandos \
309
 
                > $(MANDIR)/man8/splashy.8mandos.gz
310
 
        gzip --best --to-stdout plugins.d/askpass-fifo.8mandos \
311
 
                > $(MANDIR)/man8/askpass-fifo.8mandos.gz
312
 
 
313
 
install-client: install-client-nokey
314
 
# Post-installation stuff
315
 
        -$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"
316
 
        update-initramfs -k all -u
317
 
        echo "Now run mandos-keygen --password --dir $(KEYDIR)"
318
 
 
319
 
uninstall: uninstall-server uninstall-client
320
 
 
321
 
uninstall-server:
322
 
        -rm --force $(PREFIX)/sbin/mandos \
323
 
                $(MANDIR)/man8/mandos.8.gz \
324
 
                $(MANDIR)/man5/mandos.conf.5.gz \
325
 
                $(MANDIR)/man5/mandos-clients.conf.5.gz
326
 
        update-rc.d -f mandos remove
327
 
        -rmdir $(CONFDIR)
328
 
 
329
 
uninstall-client:
330
 
# Refuse to uninstall client if /etc/crypttab is explicitly configured
331
 
# to use it.
332
 
        ! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
333
 
                $(DESTDIR)/etc/crypttab
334
 
        -rm --force $(PREFIX)/sbin/mandos-keygen \
335
 
                $(PREFIX)/lib/mandos/plugin-runner \
336
 
                $(PREFIX)/lib/mandos/plugins.d/password-prompt \
337
 
                $(PREFIX)/lib/mandos/plugins.d/mandos-client \
338
 
                $(PREFIX)/lib/mandos/plugins.d/usplash \
339
 
                $(PREFIX)/lib/mandos/plugins.d/splashy \
340
 
                $(PREFIX)/lib/mandos/plugins.d/askpass-fifo \
341
 
                $(INITRAMFSTOOLS)/hooks/mandos \
342
 
                $(INITRAMFSTOOLS)/conf-hooks.d/mandos \
343
 
                $(INITRAMFSTOOLS)/scripts/init-premount/mandos \
344
 
                $(MANDIR)/man8/plugin-runner.8mandos.gz \
345
 
                $(MANDIR)/man8/mandos-keygen.8.gz \
346
 
                $(MANDIR)/man8/password-prompt.8mandos.gz \
347
 
                $(MANDIR)/man8/usplash.8mandos.gz \
348
 
                $(MANDIR)/man8/splashy.8mandos.gz \
349
 
                $(MANDIR)/man8/askpass-fifo.8mandos.gz \
350
 
                $(MANDIR)/man8/mandos-client.8mandos.gz
351
 
        -rmdir $(PREFIX)/lib/mandos/plugins.d $(CONFDIR)/plugins.d \
352
 
                 $(PREFIX)/lib/mandos $(CONFDIR) $(KEYDIR)
353
 
        update-initramfs -k all -u
354
 
 
355
 
purge: purge-server purge-client
356
 
 
357
 
purge-server: uninstall-server
358
 
        -rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \
359
 
                $(DESTDIR)/etc/default/mandos \
360
 
                $(DESTDIR)/etc/init.d/mandos \
361
 
                $(DESTDIR)/var/run/mandos.pid
362
 
        -rmdir $(CONFDIR)
363
 
 
364
 
purge-client: uninstall-client
365
 
        -shred --remove $(KEYDIR)/seckey.txt
366
 
        -rm --force $(CONFDIR)/plugin-runner.conf \
367
 
                $(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt
368
 
        -rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)
 
7
        rm -f plugbasedclient
 
8
 
 
9
client_debug: client
 
10
        mv -f client client.tmp
 
11
        $(MAKE) client CXXFLAGS="$(CXXFLAGS) -DDEBUG -DCERT_ROOT=\\\"./\\\""
 
12
        mv client client_debug
 
13
        mv client.tmp client