3 # This file is part of secnet.
4 # See README for full list of copyright holders.
6 # secnet is free software; you can redistribute it and/or modify it
7 # under the terms of the GNU General Public License as published by
8 # the Free Software Foundation; either version 3 of the License, or
9 # (at your option) any later version.
11 # secnet is distributed in the hope that it will be useful, but
12 # WITHOUT ANY WARRANTY; without even the implied warranty of
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 # General Public License for more details.
16 # You should have received a copy of the GNU General Public License
17 # version 3 along with secnet; if not, see
18 # https://www.gnu.org/licenses/gpl.html.
20 .PHONY: all clean realclean distclean dist install
30 INSTALL_PROGRAM:=@INSTALL_PROGRAM@
31 INSTALL_SCRIPT:=@INSTALL_SCRIPT@
32 INSTALL_DATA:=@INSTALL_DATA@
34 prefix:=$(DESTDIR)@prefix@
35 exec_prefix:=@exec_prefix@
37 sysconfdir:=$(DESTDIR)@sysconfdir@
38 datarootdir:=@datarootdir@
39 transform:=@program_transform_name@
42 ALL_CFLAGS:=@DEFS@ -I$(srcdir) -I. $(CFLAGS) $(EXTRA_CFLAGS)
43 CPPFLAGS:=@CPPFLAGS@ -DDATAROOTDIR='"$(datarootdir)"' $(EXTRA_CPPFLAGS)
44 LDFLAGS:=@LDFLAGS@ $(EXTRA_LDFLAGS)
45 LDLIBS:=@LIBS@ $(EXTRA_LDLIBS)
49 OBJECTS:=secnet.o util.o conffile.yy.o conffile.tab.o conffile.o modules.o \
50 resolver.o random.o udp.o site.o transform-cbcmac.o transform-eax.o \
51 comm-common.o polypath.o \
52 netlink.o rsa.o dh.o serpent.o serpentbe.o \
53 md5.o sha512.o tun.o slip.o sha1.o ipaddr.o log.o \
56 # version.o is handled specially below and in the link rule for secnet.
58 PYMODULES := ipaddrset.py argparseactionnoyes.py
60 TEST_OBJECTS:=eax-aes-test.o eax-serpent-test.o eax-serpentbe-test.o \
63 ifeq (version.o,$(MAKECMDGOALS))
68 STALE_PYTHON_FILES= $(foreach e, py pyc, \
69 $(foreach p, /usr /usr/local, \
70 $(foreach l, ipaddr, \
71 $(DESTDIR)$p/share/secnet/$l.$e \
77 flex --header=$*.yy.h -o$@ $<
82 %.o: %.c conffile.yy.h
83 $(CC) $(CPPFLAGS) $(ALL_CFLAGS) -c $< -o $@
85 all:: $(TARGETS) check
87 ${srcdir}/config.h.in: configure.ac
88 cd ${srcdir} && autoheader
91 MAKEFILE_TEMPLATES += config.h.in
92 CONFIG_STATUS_OUTPUTS += config.h
94 # C and header file dependency rules
95 SOURCES:=$(OBJECTS:.o=.c) $(TEST_OBJECTS:.o=.c)
96 DEPENDS:=$(OBJECTS:.o=.d) $(TEST_OBJECTS:.o=.d)
100 # Manual dependencies section
101 conffile.yy.c: conffile.fl conffile.tab.c
102 conffile.yy.h: conffile.yy.c
103 conffile.tab.c: conffile.y
104 # End of manual dependencies section
106 conffile.yy.o: ALL_CFLAGS += -Wno-sign-compare
109 $(MAKE) version.o # *.o $(filter-out %.o, $^)
110 $(CC) $(LDFLAGS) $(ALL_CFLAGS) -o $@ $(OBJECTS) version.o $(LDLIBS)
111 # We (always) regenerate the version, but only if we regenerate the
112 # binary. (This is necessary as the version string is can depend on
113 # any of the source files, eg to see whether "+" is needed.)
115 ifneq (,$(wildcard .git/HEAD))
116 # If we have (eg) committed, relink and thus regenerate the version
117 # with the new info from git describe.
118 secnet: Makefile .git/HEAD $(shell sed -n 's#^ref: #.git/#p' .git/HEAD)
119 secnet: $(wildcard .git/packed-refs)
124 FAST_CHECKS= eax-aes-test.confirm eax-serpent-test.confirm \
125 eax-serpentbe-test.confirm check-ipaddrset \
126 $(addprefix check-,$(TESTDIRS))
128 CHECKS += $(FAST_CHECKS)
129 CHECKS += msgcode-test.confirm
135 rm -rf $(addsuffix /d-*, $(TESTDIRS))
139 echo "#include \"secnet.h\"" >$@.new
140 @set -ex; if test -e .git && type -p git >/dev/null; then \
141 v=$$(git describe --match 'v*'); v=$${v#v}; \
142 if ! git diff --quiet HEAD; then v="$$v+"; fi; \
146 echo "char version[]=\"secnet $$v\";" >>$@.new
149 eax-%-test: eax-%-test.o eax-test.o %.o
150 $(CC) $(LDFLAGS) $(ALL_CFLAGS) -o $@ $^
152 eax-%-test.confirm: eax-%-test eax-%-test.vectors
153 ./$< <$(srcdir)/eax-$*-test.vectors >$@.new
156 msgcode-test: msgcode-test.o
157 $(CC) $(LDFLAGS) $(ALL_CFLAGS) -o $@ $^
159 msgcode-test.confirm: msgcode-test
163 check-ipaddrset: ipaddrset-test.py ipaddrset.py ipaddrset-test.expected
164 $(srcdir)/ipaddrset-test.py >ipaddrset-test.new
165 diff -u $(srcdir)/ipaddrset-test.expected ipaddrset-test.new
167 check-stest: secnet test-example/sites.conf
168 $(MAKE) -C stest check
170 check-mtest: make-secnet-sites $(PYMODULES)
171 $(MAKE) -C mtest check
173 test-example/sites.conf:
174 $(MAKE) -C test-example
176 .PRECIOUS: eax-%-test
179 $(INSTALL) -d $(prefix)/share/secnet $(sbindir)
180 $(INSTALL) -d $(mandir)/man8
181 $(INSTALL) -d $(datarootdir)/secnet
184 set -e; ok=true; for f in $(STALE_PYTHON_FILES); do \
185 if test -e $$f; then \
186 echo >\&2 "ERROR: $$f still exists "\
187 "- try \`make install-force'"; \
192 $(INSTALL_PROGRAM) secnet $(sbindir)/`echo secnet|sed '$(transform)'`
193 $(INSTALL_PROGRAM) ${srcdir}/make-secnet-sites $(sbindir)/`echo make-secnet-sites|sed '$(transform)'`
194 set -e; for m in $(PYMODULES); do \
195 $(INSTALL_DATA) ${srcdir}/$$m $(prefix)/share/secnet/$$m; \
197 $(INSTALL_SCRIPT) ${srcdir}/polypath-interface-monitor-linux \
198 $(datarootdir)/secnet/.
199 $(INSTALL_DATA) ${srcdir}/secnet.8 $(mandir)/man8/secnet.8
202 rm -f $(STALE_PYTHON_FILES)
205 clean:: $(addprefix clean-,$(TESTDIRS))
206 $(RM) -f *.o *.yy.[ch] *.tab.[ch] $(TARGETS) core version.c
207 $(RM) -f *.d *.pyc *~ eax-*-test.confirm eax-*-test
208 $(RM) -rf __pycache__
209 $(RM) -f msgcode-test.confirm msgcode-test
211 $(addprefix clean-,$(TESTDIRS)): clean-%:
215 $(RM) -f *~ Makefile config.h *.d \
216 config.log config.status config.cache \
217 config.stamp Makefile.bak
219 distclean:: realclean
221 include subdirmk/regen.mk
225 # 0. Use this checklist from Makefile.in
227 # 1. Check that the tree has what you want
229 # 2. Update changelog:
230 # gbp dch --since=<PREVIOUS VERSION>
231 # and then edit debian/changelog.
233 # 3. Update VERSION (in this file, above) and
234 # finalise debian/changelog (removing ~ from version) and commit.
236 # 4. Build source and binaries:
237 # dgit -wgf sbuild -A -c stretch -j8
239 # 5. dpkg -i on zealot just to check
240 # dpkg -i ~ian/things/Fvpn/bpd/secnet_${VERSION}_amd64.deb
242 # 6. run it on chiark
243 # check we can still ping davenant and chiark
245 # 7. Make git tag and source tarball signature:
246 # git-tag -u general -m "secnet $VERSION" -s v${VERSION//\~/_}
247 # gpg -u general --detach-sign ../bpd/secnet_$VERSION.tar.gz
249 # 8. Publish the branch and distriubtion files:
250 # git-push origin v${VERSION//\~/_} v${VERSION//\~/_}~0:master
251 # dcmd rsync -v ../bpd/secnet_${VERSION}_multi.changes chiark:/home/ianmdlvl/public-html/secnet/download/
253 # 9. Sort out html. On chiark as user secnet:
254 # cd ~secnet/public-html/release/
257 # ln -s /home/ianmdlvl/public-html/secnet/download/secnet?$VERSION* .
258 # ln -sfn $VERSION ../current
260 # 10. write and post a release announcement
262 # dcmd sha256sum secnet_${VERSION}_multi.changes
264 # gpg --clearsign ../release-announcement
265 # rsync -vP ../release-announcement.asc c:mail/d/
267 # 11. bump changelog version in master, to new version with ~