/mandos/trunk : revision 777

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to Makefile

Committer: Teddy Hogeborn
Date: 2015-07-20 03:03:33 UTC
Revision ID: teddy@recompile.se-20150720030333-203m2aeblypcsfte

Bug fix for GnuTLS 3: be compatible with old 2048-bit DSA keys.

The mandos-keygen program in Mandos version 1.6.0 and older generated
2048-bit DSA keys, and when GnuTLS uses these it has trouble
connecting using the Mandos default priority string.  This was
previously fixed in Mandos 1.6.2, but the bug reappeared when using
GnuTLS 3, so the default priority string has to change again; this
time also the Mandos client has to change its default, so now the
server and the client should use the same default priority string:

SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:!RSA:+SIGN-DSA-SHA256

* mandos (main/server_defaults): Changed default priority string.
* mandos-options.xml (/section/para[id="priority_compat"]): Removed.
  (/section/para[id="priority"]): Changed default priority string.
* mandos.conf ([DEFAULT]/priority): - '' -
* mandos.conf.xml (OPTIONS/priority): Refer to the id "priority"
                                      instead of "priority_compat".
* mandos.xml (OPTIONS/--priority): - '' -
* plugins.d/mandos-client.c (main): Changed default priority string.

Show diffs side-by-side

added added

removed removed

Makefile

endif

#COVERAGE=--coverage

OPTIMIZE=-Os -fno-strict-aliasing

LANGUAGE=-std=gnu99

LANGUAGE=-std=gnu11

htmldir=man

version=1.6.9

SED=sed

GPGME_CFLAGS=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)

GPGME_LIBS=$(shell gpgme-config --libs; getconf LFS_LIBS; \

getconf LFS_LDFLAGS)

LIBNL3_CFLAGS=$(shell pkg-config --cflags-only-I libnl-route-3.0)

LIBNL3_LIBS=$(shell pkg-config --libs libnl-route-3.0)

# Do not change these two

CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \

106

108

PLUGINS=plugins.d/password-prompt plugins.d/mandos-client \

107

109

plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo \

108

110

plugins.d/plymouth

109

PLUGIN_HELPERS=

111

PLUGIN_HELPERS=plugin-helpers/mandos-client-iprouteadddel

110

112

CPROGS=plugin-runner $(PLUGINS) $(PLUGIN_HELPERS)

111

113

PROGS=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS)

112

114

DOCS=mandos.8 mandos-keygen.8 mandos-monitor.8 mandos-ctl.8 \

240

242

$(LINK.c) $^ -lrt $(GNUTLS_LIBS) $(AVAHI_LIBS) $(strip\

241

243

) $(GPGME_LIBS) $(LOADLIBES) $(LDLIBS) -o $@

242

244

245

plugin-helpers/mandos-client-iprouteadddel: plugin-helpers/mandos-client-iprouteadddel.c

246

$(LINK.c) $(LIBNL3_CFLAGS) $^ $(LIBNL3_LIBS) $(strip\

247

) $(LOADLIBES) $(LDLIBS) -o $@

248

243

249

.PHONY : all doc html clean distclean mostlyclean maintainer-clean \

244

250

check run-client run-server install install-html \

245

251

install-server install-client-nokey install-client uninstall \

354

360

install-client-nokey: all doc

355

361

install --directory $(LIBDIR)/mandos $(CONFDIR)

356

362

install --directory --mode=u=rwx $(KEYDIR) \

357

$(LIBDIR)/mandos/plugins.d

363

$(LIBDIR)/mandos/plugins.d \

364

$(LIBDIR)/mandos/plugin-helpers

358

365

if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \

359

366

install --mode=u=rwx \

360

367

--directory "$(CONFDIR)/plugins.d"; \

384

391

install --mode=u=rwxs,go=rx \

385

392

--target-directory=$(LIBDIR)/mandos/plugins.d \

386

393

plugins.d/plymouth

394

install --mode=u=rwxs,go=rx \

395

--target-directory=$(LIBDIR)/mandos/plugin-helpers \

396

plugin-helpers/mandos-client-iprouteadddel

387

397

install initramfs-tools-hook \

388

398

$(INITRAMFSTOOLS)/hooks/mandos

389

399

install --mode=u=rw,go=r initramfs-tools-hook-conf \

Older »