/mandos/trunk : revision 13

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to Makefile

Committer: Björn Påhlsson
Date: 2008-07-20 02:52:20 UTC
Revision ID: belorn@braxen-20080720025220-r5u0388uy9iu23h6

Added following support:
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server

files added:
ca.pem

cert.pem

client-cert.pem

client-key.pem

crl.pem

key.pem

plugins.d/Makefile

files removed:
.bzr-builddeb

.bzr-builddeb/default.conf

.bzrignore

COPYING

INSTALL

NEWS

README

common.ent

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/po

debian/rules

debian/watch

default-mandos

init.d-mandos

initramfs-tools-hook

initramfs-tools-hook-conf

initramfs-tools-script

legalnotice.xml

mandos-clients.conf.xml

mandos-ctl

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.xml

overview.xml

plugin-runner.conf

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.xml

plugins.d/password-prompt.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

files renamed:
clients.conf => mandos-clients.conf

plugin-runner.c => plugbasedclient.c

plugins.d/mandos-client.c => plugins.d/mandosclient.c

plugins.d/password-prompt.c => plugins.d/passprompt.c

mandos => server.py

files modified:
Makefile

TODO

Show diffs side-by-side

added added

removed removed

Makefile

WARN=-O -Wall -Wformat=2 -Winit-self -Wmissing-include-dirs \

-Wswitch-default -Wswitch-enum -Wunused-parameter \

-Wstrict-aliasing=1 -Wextra -Wfloat-equal -Wundef -Wshadow \

-Wunsafe-loop-optimizations -Wpointer-arith \

-Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \

-Wconversion -Wstrict-prototypes -Wold-style-definition \

-Wpacked -Wnested-externs -Winline -Wvolatile-register-var

# -Wunreachable-code

#DEBUG=-ggdb3

# For info about _FORTIFY_SOURCE, see

# <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>

FORTIFY=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC

LINK_FORTIFY_LD=-z relro -z now

LINK_FORTIFY=

ifndef BROKEN_PIE

FORTIFY += -fPIE

LINK_FORTIFY_LD += -fPIE

LINK_FORTIFY += -pie

endif

#COVERAGE=--coverage

OPTIMIZE=-Os

LANGUAGE=-std=gnu99

htmldir=man

version=1.0.14

SED=sed

## Use these settings for a traditional /usr/local install

# PREFIX=$(DESTDIR)/usr/local

# CONFDIR=$(DESTDIR)/etc/mandos

# KEYDIR=$(DESTDIR)/etc/mandos/keys

# MANDIR=$(PREFIX)/man

# INITRAMFSTOOLS=$(DESTDIR)/etc/initramfs-tools

## These settings are for a package-type install

PREFIX=$(DESTDIR)/usr

CONFDIR=$(DESTDIR)/etc/mandos

KEYDIR=$(DESTDIR)/etc/keys/mandos

MANDIR=$(PREFIX)/share/man

INITRAMFSTOOLS=$(DESTDIR)/usr/share/initramfs-tools

GNUTLS_CFLAGS=$(shell pkg-config --cflags-only-I gnutls)

GNUTLS_LIBS=$(shell pkg-config --libs gnutls)

AVAHI_CFLAGS=$(shell pkg-config --cflags-only-I avahi-core)

AVAHI_LIBS=$(shell pkg-config --libs avahi-core)

GPGME_CFLAGS=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)

GPGME_LIBS=$(shell gpgme-config --libs; getconf LFS_LIBS; \

getconf LFS_LDFLAGS)

# Do not change these two

CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \

$(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS) \

-DVERSION='"$(version)"'

LDFLAGS=$(COVERAGE) $(LINK_FORTIFY) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))

# Commands to format a DocBook <refentry> document into a manual page

DOCBOOKTOMAN=cd $(dir $<); xsltproc --nonet --xinclude \

--param man.charmap.use.subset 0 \

--param make.year.ranges 1 \

--param make.single.year.ranges 1 \

--param man.output.quietly 1 \

--param man.authors.section.enabled 0 \

/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \

$(notdir $<); \

$(MANPOST) $(notdir $@)

# DocBook-to-man post-processing to fix a '\n' escape bug

MANPOST=$(SED) --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'

DOCBOOKTOHTML=xsltproc --nonet --xinclude \

--param make.year.ranges 1 \

--param make.single.year.ranges 1 \

--param man.output.quietly 1 \

--param man.authors.section.enabled 0 \

--param citerefentry.link 1 \

--output $@ \

/usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl \

$<; $(HTMLPOST) $@

# Fix citerefentry links

HTMLPOST=$(SED) --in-place \

--expression='s/$<a class="citerefentry" href="$$"><span class="citerefentry"><span class="refentrytitle">$$[^<]*$$<\/span>($$[^)]*$$)<\/span><\/a>$/\1\3.\5\2\3\4\5\6/g'

PLUGINS=plugins.d/password-prompt plugins.d/mandos-client \

plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo

CPROGS=plugin-runner $(PLUGINS)

PROGS=mandos mandos-keygen mandos-ctl $(CPROGS)

DOCS=mandos.8 plugin-runner.8mandos mandos-keygen.8 \

plugins.d/mandos-client.8mandos \

plugins.d/password-prompt.8mandos mandos.conf.5 \

plugins.d/usplash.8mandos plugins.d/splashy.8mandos \

plugins.d/askpass-fifo.8mandos mandos-clients.conf.5

htmldocs=$(addsuffix .xhtml,$(DOCS))

objects=$(addsuffix .o,$(CPROGS))

all: $(PROGS) mandos.lsm

doc: $(DOCS)

100

101

html: $(htmldocs)

102

103

%.5: %.xml common.ent legalnotice.xml

104

$(DOCBOOKTOMAN)

105

%.5.xhtml: %.xml common.ent legalnotice.xml

106

$(DOCBOOKTOHTML)

107

108

%.8: %.xml common.ent legalnotice.xml

109

$(DOCBOOKTOMAN)

110

%.8.xhtml: %.xml common.ent legalnotice.xml

111

$(DOCBOOKTOHTML)

112

113

%.8mandos: %.xml common.ent legalnotice.xml

114

$(DOCBOOKTOMAN)

115

%.8mandos.xhtml: %.xml common.ent legalnotice.xml

116

$(DOCBOOKTOHTML)

117

118

mandos.8: mandos.xml common.ent mandos-options.xml overview.xml \

119

legalnotice.xml

120

$(DOCBOOKTOMAN)

121

mandos.8.xhtml: mandos.xml common.ent mandos-options.xml \

122

overview.xml legalnotice.xml

123

$(DOCBOOKTOHTML)

124

125

mandos-keygen.8: mandos-keygen.xml common.ent overview.xml \

126

legalnotice.xml

127

$(DOCBOOKTOMAN)

128

mandos-keygen.8.xhtml: mandos-keygen.xml common.ent overview.xml \

129

legalnotice.xml

130

$(DOCBOOKTOHTML)

131

132

mandos.conf.5: mandos.conf.xml common.ent mandos-options.xml \

133

legalnotice.xml

134

$(DOCBOOKTOMAN)

135

mandos.conf.5.xhtml: mandos.conf.xml common.ent mandos-options.xml \

136

legalnotice.xml

137

$(DOCBOOKTOHTML)

138

139

plugin-runner.8mandos: plugin-runner.xml common.ent overview.xml \

140

legalnotice.xml

141

$(DOCBOOKTOMAN)

142

plugin-runner.8mandos.xhtml: plugin-runner.xml common.ent \

143

overview.xml legalnotice.xml

144

$(DOCBOOKTOHTML)

145

146

plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \

147

common.ent \

148

mandos-options.xml \

149

overview.xml legalnotice.xml

150

$(DOCBOOKTOMAN)

151

plugins.d/mandos-client.8mandos.xhtml: plugins.d/mandos-client.xml \

152

common.ent \

153

mandos-options.xml \

154

overview.xml legalnotice.xml

155

$(DOCBOOKTOHTML)

156

157

# Update all these files with version number $(version)

158

common.ent: Makefile

159

$(SED) --in-place \

160

--expression='s/^$<!ENTITY version "$[^"]*">$$/\1$(version)">/' \

161

162

163

mandos: Makefile

164

$(SED) --in-place \

165

--expression='s/^$version = "$[^"]*"$$/\1$(version)"/' \

166

167

168

mandos-keygen: Makefile

169

$(SED) --in-place \

170

--expression='s/^$VERSION="$[^"]*"$$/\1$(version)"/' \

171

172

173

mandos-ctl: Makefile

174

$(SED) --in-place \

175

--expression='s/^$version = "$[^"]*"$$/\1$(version)"/' \

176

177

178

mandos.lsm: Makefile

179

$(SED) --in-place \

180

--expression='s/^$Version:$.*/\1\t$(version)/' \

181

182

$(SED) --in-place \

183

--expression='s/^$Entered-date:$.*/\1\t$(shell date --rfc-3339=date --reference=Makefile)/' \

184

185

$(SED) --in-place \

186

--expression='s/$mandos_$[0-9.]\+$\.orig\.tar\.gz$/\1$(version)\2/' \

187

188

189

plugins.d/mandos-client: plugins.d/mandos-client.o

190

$(LINK.o) $(GNUTLS_LIBS) $(AVAHI_LIBS) $(GPGME_LIBS) \

191

$(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@

192

193

.PHONY : all doc html clean distclean run-client run-server install \

194

install-server install-client uninstall uninstall-server \

195

uninstall-client purge purge-server purge-client

CFLAGS="-Wall -std=gnu99"

LDFLAGS=-lgnutls

all: plugbasedclient

196

197

clean:

198

-rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core

199

200

distclean: clean

201

mostlyclean: clean

202

maintainer-clean: clean

203

-rm --force --recursive keydir confdir

204

205

check: all

206

./mandos --check

207

208

# Run the client with a local config and key

209

run-client: all keydir/seckey.txt keydir/pubkey.txt

210

@echo "###################################################################"

211

@echo "# The following error messages are harmless and can be safely #"

212

@echo "# ignored. The messages are caused by not running as root, but #"

213

@echo "# you should NOT run \"make run-client\" as root unless you also #"

214

@echo "# unpacked and compiled Mandos as root, which is NOT recommended. #"

215

@echo "# From plugin-runner: setuid: Operation not permitted #"

216

@echo "# From askpass-fifo: mkfifo: Permission denied #"

217

@echo "# From mandos-client: setuid: Operation not permitted #"

218

@echo "# seteuid: Operation not permitted #"

219

@echo "# klogctl: Operation not permitted #"

220

@echo "###################################################################"

221

./plugin-runner --plugin-dir=plugins.d \

222

--config-file=plugin-runner.conf \

223

--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt \

224

$(CLIENTARGS)

225

226

# Used by run-client

227

keydir/seckey.txt keydir/pubkey.txt: mandos-keygen

228

install --directory keydir

229

./mandos-keygen --dir keydir --force

230

231

# Run the server with a local config

232

run-server: confdir/mandos.conf confdir/clients.conf

233

@echo "#################################################################"

234

@echo "# NOTE: Please IGNORE errors about \"No permission to bind to #"

235

@echo "# interface\" or \"Could not open file u'/var/run/mandos.pid'\" - #"

236

@echo "# they are harmless and are caused by the server not running as #"

237

@echo "# root. Do NOT run \"make run-server\" server as root if you did #"

238

@echo "# not also unpack and compile it as root. #"

239

@echo "#################################################################"

240

./mandos --debug --no-dbus --configdir=confdir $(SERVERARGS)

241

242

# Used by run-server

243

confdir/mandos.conf: mandos.conf

244

install --directory confdir

245

install --mode=u=rw,go=r $^ $@

246

confdir/clients.conf: clients.conf keydir/seckey.txt

247

install --directory confdir

248

install --mode=u=rw $< $@

249

# Add a client password

250

./mandos-keygen --dir keydir --password >> $@

251

252

install: install-server install-client-nokey

253

254

install-html: html

255

install --directory $(htmldir)

256

install --mode=u=rw,go=r --target-directory=$(htmldir) \

257

$(htmldocs)

258

259

install-server: doc

260

install --directory $(CONFDIR)

261

install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos

262

install --mode=u=rw,go=r --target-directory=$(CONFDIR) \

263

mandos.conf

264

install --mode=u=rw --target-directory=$(CONFDIR) \

265

clients.conf

266

install --mode=u=rwx,go=rx init.d-mandos \

267

$(DESTDIR)/etc/init.d/mandos

268

install --mode=u=rw,go=r default-mandos \

269

$(DESTDIR)/etc/default/mandos

270

if [ -z $(DESTDIR) ]; then \

271

update-rc.d mandos defaults 25 15;\

272

273

gzip --best --to-stdout mandos.8 \

274

> $(MANDIR)/man8/mandos.8.gz

275

gzip --best --to-stdout mandos.conf.5 \

276

> $(MANDIR)/man5/mandos.conf.5.gz

277

gzip --best --to-stdout mandos-clients.conf.5 \

278

> $(MANDIR)/man5/mandos-clients.conf.5.gz

279

280

install-client-nokey: all doc

281

install --directory $(PREFIX)/lib/mandos $(CONFDIR)

282

install --directory --mode=u=rwx $(KEYDIR) \

283

$(PREFIX)/lib/mandos/plugins.d

284

if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \

285

install --mode=u=rwx \

286

--directory "$(CONFDIR)/plugins.d"; \

287

288

install --mode=u=rwx,go=rx \

289

--target-directory=$(PREFIX)/lib/mandos plugin-runner

290

install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \

291

mandos-keygen

292

install --mode=u=rwx,go=rx \

293