/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to Makefile

  • Committer: Teddy Hogeborn
  • Date: 2011-11-26 20:59:56 UTC
  • mto: (518.1.8 mandos-persistent)
  • mto: This revision was merged to the branch mainline in revision 524.
  • Revision ID: teddy@recompile.se-20111126205956-vft6g0z2i6my0165
Use GPG to encrypt instead of AES.

* Makefile (run-server): Use "--no-restore" option.
* debian/control (mandos/Depends): Added "python-gnupginterface".
* mandos: (CryptoError, Crypto): New; uses GPG.
  (Client.encrypt_secret, Client.decrypt_secret): Removed.
  (ClientHandler.fingerprint): Use binascii.hexlify().
  (main): Use Crypto class to decrypt.
  (main/cleanup): Use Crypto class to encrypt.  Handle EACCES.

Show diffs side-by-side

added added

removed removed

Lines of Context:
26
26
version=1.4.1
27
27
SED=sed
28
28
 
29
 
USER=$(firstword $(subst :, ,$(shell getent passwd _mandos || getent passwd nobody || echo 65534)))
30
 
GROUP=$(firstword $(subst :, ,$(shell getent group _mandos || getent group nobody || echo 65534)))
31
 
 
32
29
## Use these settings for a traditional /usr/local install
33
30
# PREFIX=$(DESTDIR)/usr/local
34
31
# CONFDIR=$(DESTDIR)/etc/mandos
35
32
# KEYDIR=$(DESTDIR)/etc/mandos/keys
36
33
# MANDIR=$(PREFIX)/man
37
34
# INITRAMFSTOOLS=$(DESTDIR)/etc/initramfs-tools
38
 
# STATEDIR=$(DESTDIR)/var/lib/mandos
39
35
##
40
36
 
41
37
## These settings are for a package-type install
44
40
KEYDIR=$(DESTDIR)/etc/keys/mandos
45
41
MANDIR=$(PREFIX)/share/man
46
42
INITRAMFSTOOLS=$(DESTDIR)/usr/share/initramfs-tools
47
 
STATEDIR=$(DESTDIR)/var/lib/mandos
48
43
##
49
44
 
50
45
GNUTLS_CFLAGS=$(shell pkg-config --cflags-only-I gnutls)
235
230
distclean: clean
236
231
mostlyclean: clean
237
232
maintainer-clean: clean
238
 
        -rm --force --recursive keydir confdir statedir
 
233
        -rm --force --recursive keydir confdir
239
234
 
240
235
check:  all
241
236
        ./mandos --check
255
250
        @echo "###################################################################"
256
251
        ./plugin-runner --plugin-dir=plugins.d \
257
252
                --config-file=plugin-runner.conf \
258
 
                --options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--network-hook-dir=network-hooks.d \
 
253
                --options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt \
259
254
                $(CLIENTARGS)
260
255
 
261
256
# Used by run-client
265
260
 
266
261
# Run the server with a local config
267
262
run-server: confdir/mandos.conf confdir/clients.conf
268
 
        ./mandos --debug --no-dbus --configdir=confdir \
269
 
                --statedir=statedir $(SERVERARGS)
 
263
        ./mandos --debug --no-dbus --configdir=confdir --no-restore \
 
264
        $(SERVERARGS)
270
265
 
271
266
# Used by run-server
272
267
confdir/mandos.conf: mandos.conf
277
272
        install --mode=u=rw $< $@
278
273
# Add a client password
279
274
        ./mandos-keygen --dir keydir --password >> $@
280
 
statedir:
281
 
        install --directory statedir
282
275
 
283
276
install: install-server install-client-nokey
284
277
 
289
282
 
290
283
install-server: doc
291
284
        install --directory $(CONFDIR)
292
 
        install --directory --mode=u=rwx --owner=$(USER) \
293
 
                --group=$(GROUP) $(STATEDIR)
294
285
        install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
295
286
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
296
287
                mandos-ctl
328
319
                install --mode=u=rwx \
329
320
                        --directory "$(CONFDIR)/plugins.d"; \
330
321
        fi
331
 
        install --mode=u=rwx,go=rx --directory \
332
 
                "$(CONFDIR)/network-hooks.d"
333
322
        install --mode=u=rwx,go=rx \
334
323
                --target-directory=$(PREFIX)/lib/mandos plugin-runner
335
324
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \