# Makefile for secnet
-# Copyright (C) 1995-2001 Stephen Early <steve@greenend.org.uk>
-
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2, or (at your option)
-# any later version.
-
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-
+#
+# This file is part of secnet.
+# See README for full list of copyright holders.
+#
+# secnet is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# secnet is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+# version 3 along with secnet; if not, see
+# https://www.gnu.org/licenses/gpl.html.
-.PHONY: all clean realclean dist install
+.PHONY: all clean realclean distclean dist install
PACKAGE:=secnet
-VERSION:=0.1.8
-
-@SET_MAKE@
+VERSION=0.4.5
-srcdir:=@srcdir@
VPATH:=@srcdir@
+srcdir:=@srcdir@
+include common.make
-SHELL:=/bin/sh
-RM:=@RM@
-CC:=@CC@
INSTALL:=@INSTALL@
INSTALL_PROGRAM:=@INSTALL_PROGRAM@
+INSTALL_SCRIPT:=@INSTALL_SCRIPT@
+INSTALL_DATA:=@INSTALL_DATA@
-CFLAGS:=@CFLAGS@ @DEFS@ -Wall -I$(srcdir) -I.
-LDFLAGS:=@LDFLAGS@
-LDLIBS:=@LIBS@
-
-prefix:=@prefix@
+prefix:=$(DESTDIR)@prefix@
exec_prefix:=@exec_prefix@
sbindir:=@sbindir@
-sysconfdir:=@sysconfdir@
+sysconfdir:=$(DESTDIR)@sysconfdir@
+datarootdir:=@datarootdir@
transform:=@program_transform_name@
+mandir:=@mandir@
+
+ALL_CFLAGS:=@DEFS@ -I$(srcdir) -I. $(CFLAGS) $(EXTRA_CFLAGS)
+CPPFLAGS:=@CPPFLAGS@ -DDATAROOTDIR='"$(datarootdir)"' $(EXTRA_CPPFLAGS)
+LDFLAGS:=@LDFLAGS@ $(EXTRA_LDFLAGS)
+LDLIBS:=@LIBS@ $(EXTRA_LDLIBS)
TARGETS:=secnet
OBJECTS:=secnet.o util.o conffile.yy.o conffile.tab.o conffile.o modules.o \
- resolver.o random.o udp.o site.o transform.o netlink.o rsa.o dh.o \
- serpent.o md5.o version.o tun.o slip.o sha1.o ipaddr.o log.o \
- process.o
-
-DISTFILES:=COPYING CREDITS INSTALL Makefile.in NEWS NOTES README TODO \
- conffile.c conffile.fl conffile.h conffile.y \
- conffile_internal.h config.h.bot \
- config.h.in config.h.top configure \
- configure.in debian dh.c \
- example.conf make-secnet-sites.py \
- install.sh ipaddr.c ipaddr.h ipaddr.py linux log.c md5.c md5.h \
- modules.c netlink.c netlink.h process.c process.h \
- random.c resolver.c rsa.c \
- secnet.c secnet.h serpent.c serpent.h serpentsboxes.h \
- sha1.c site.c slip.c stamp-h.in transform.c tun.c udp.c \
- unaligned.h util.c util.h
+ resolver.o random.o udp.o site.o transform-cbcmac.o transform-eax.o \
+ comm-common.o polypath.o \
+ netlink.o rsa.o dh.o serpent.o serpentbe.o \
+ md5.o sha512.o tun.o slip.o sha1.o ipaddr.o log.o \
+ process.o @LIBOBJS@ \
+ hackypar.o
+# version.o is handled specially below and in the link rule for secnet.
+
+TEST_OBJECTS:=eax-aes-test.o eax-serpent-test.o eax-serpentbe-test.o \
+ eax-test.o aes.o
+
+ifeq (version.o,$(MAKECMDGOALS))
+OBJECTS:=version.o
+TEST_OBJECTS:=
+endif
+
+STALE_PYTHON_FILES= $(foreach e, py pyc, \
+ $(foreach p, /usr /usr/local, \
+ $(foreach l, ipaddr, \
+ $(DESTDIR)$p/share/secnet/$l.$e \
+ )))
%.c: %.y
%.yy.c: %.fl
- flex -o$@ $<
+ flex --header=$*.yy.h -o$@ $<
-%.tab.c: %.y
+%.tab.c %.tab.h: %.y
bison -d -o $@ $<
+%.o: %.c conffile.yy.h
+ $(CC) $(CPPFLAGS) $(ALL_CFLAGS) -c $< -o $@
-all: $(TARGETS)
+all: $(TARGETS) check
# Automatic remaking of configuration files, from autoconf documentation
${srcdir}/configure: configure.in
cd ${srcdir} && autoconf
# autoheader might not change config.h.in, so touch a stamp file.
-${srcdir}/config.h.in: stamp-h.in
-${srcdir}/stamp-h.in: configure.in config.h.top config.h.bot
+${srcdir}/config.h.in: config.stamp.in
+${srcdir}/config.stamp.in: configure.in
cd ${srcdir} && autoheader
- echo timestamp > ${srcdir}/stamp-h.in
+ echo timestamp > ${srcdir}/config.stamp.in
-config.h: stamp-h
-stamp-h: config.h.in config.status
+config.h: config.stamp
+config.stamp: config.h.in config.status
./config.status
Makefile: Makefile.in config.status
./config.status --recheck
# End of config file remaking rules
-# Manual dependencies section - XXX use autodep eventually
-$(OBJECTS): config.h secnet.h util.h
-conffile.o conffile.tab.o conffile.yy.o: conffile.h conffile_internal.h
-secnet.o: conffile.h process.h
-process.o: process.h
-log.o: process.h
-md5.o: md5.h
-serpent.o transform.o: serpent.h
-serpent.o: serpentsboxes.h
-conffile.o: ipaddr.h
-site.c util.c: unaligned.h
+# C and header file dependency rules
+SOURCES:=$(OBJECTS:.o=.c) $(TEST_OBJECTS:.o=.c)
+DEPENDS:=$(OBJECTS:.o=.d) $(TEST_OBJECTS:.o=.d)
+
+-include *.d
+
+# Manual dependencies section
conffile.yy.c: conffile.fl conffile.tab.c
+conffile.yy.h: conffile.yy.c
conffile.tab.c: conffile.y
-netlink.o tun.o slip.o: netlink.h
# End of manual dependencies section
+conffile.yy.o: ALL_CFLAGS += -Wno-sign-compare
+
secnet: $(OBJECTS)
+ $(MAKE) version.o # *.o $(filter-out %.o, $^)
+ $(CC) $(LDFLAGS) $(ALL_CFLAGS) -o $@ $(OBJECTS) version.o $(LDLIBS)
+# We (always) regenerate the version, but only if we regenerate the
+# binary. (This is necessary as the version string is can depend on
+# any of the source files, eg to see whether "+" is needed.)
+
+ifneq (,$(wildcard .git/HEAD))
+# If we have (eg) committed, relink and thus regenerate the version
+# with the new info from git describe.
+secnet: Makefile .git/HEAD $(shell sed -n 's#^ref: #.git/#p' .git/HEAD)
+secnet: $(wildcard .git/packed-refs)
+endif
+
+check: eax-aes-test.confirm eax-serpent-test.confirm \
+ eax-serpentbe-test.confirm check-ipaddrset \
+ msgcode-test.confirm check-stest
version.c: Makefile
- echo "char version[]=\"secnet-$(VERSION)\";" >version.c
+ echo "#include \"secnet.h\"" >$@.new
+ @set -ex; if test -e .git && type -p git >/dev/null; then \
+ v=$$(git describe --match 'v*'); v=$${v#v}; \
+ if ! git diff --quiet HEAD; then v="$$v+"; fi; \
+ else \
+ v="$(VERSION)"; \
+ fi; \
+ echo "char version[]=\"secnet $$v\";" >>$@.new
+ mv -f $@.new $@
+
+eax-%-test: eax-%-test.o eax-test.o %.o
+ $(CC) $(LDFLAGS) $(ALL_CFLAGS) -o $@ $^
+
+eax-%-test.confirm: eax-%-test eax-%-test.vectors
+ ./$< <$(srcdir)/eax-$*-test.vectors >$@.new
+ mv -f $@.new $@
+
+msgcode-test: msgcode-test.o
+ $(CC) $(LDFLAGS) $(ALL_CFLAGS) -o $@ $^
+
+msgcode-test.confirm: msgcode-test
+ ./msgcode-test
+ touch $@
+
+check-ipaddrset: ipaddrset-test.py ipaddrset.py ipaddrset-test.expected
+ $(srcdir)/ipaddrset-test.py >ipaddrset-test.new
+ diff -u $(srcdir)/ipaddrset-test.expected ipaddrset-test.new
-install: all
- $(INSTALL_PROGRAM) -D secnet $(sbindir)/`echo secnet|sed '$(transform)'`
+check-stest: secnet test-example/sites.conf
+ $(MAKE) -C stest check
+
+test-example/sites.conf:
+ $(MAKE) -C test-example
+
+.PRECIOUS: eax-%-test
+
+installdirs:
+ $(INSTALL) -d $(prefix)/share/secnet $(sbindir)
+ $(INSTALL) -d $(mandir)/man8
+ $(INSTALL) -d $(datarootdir)/secnet
+
+install: installdirs
+ set -e; ok=true; for f in $(STALE_PYTHON_FILES); do \
+ if test -e $$f; then \
+ echo >&2 "ERROR: $$f still exists "\
+ "- try \`make install-force'"; \
+ ok=false; \
+ fi; \
+ done; \
+ $$ok
+ $(INSTALL_PROGRAM) secnet $(sbindir)/`echo secnet|sed '$(transform)'`
+ $(INSTALL_PROGRAM) ${srcdir}/make-secnet-sites $(sbindir)/`echo make-secnet-sites|sed '$(transform)'`
+ $(INSTALL_DATA) ${srcdir}/ipaddrset.py $(prefix)/share/secnet/ipaddrset.py
+ $(INSTALL_SCRIPT) ${srcdir}/polypath-interface-monitor-linux \
+ $(datarootdir)/secnet/.
+ $(INSTALL_DATA) ${srcdir}/secnet.8 $(mandir)/man8/secnet.8
+
+install-force:
+ rm -f $(STALE_PYTHON_FILES)
+ $(MAKE) install
clean:
- $(RM) -f *.o *.yy.c *.tab.[ch] $(TARGETS) core version.c
+ $(RM) -f *.o *.yy.[ch] *.tab.[ch] $(TARGETS) core version.c
+ $(RM) -f *.d *.pyc *~ eax-*-test.confirm eax-*-test
+ $(RM) -f msgcode-test.confirm msgcode-test
realclean: clean
- $(RM) -f *~ Makefile config.h \
+ $(RM) -f *~ Makefile config.h *.d \
config.log config.status config.cache \
- stamp-h Makefile.bak
-
-pfname:=$(PACKAGE)-$(VERSION)
-dist:
- $(RM) -rf $(pfname)
- mkdir $(pfname)
- for i in $(DISTFILES) ; do ln -s ../$(srcdir)/$$i $(pfname)/ ; done
- tar hcf ../$(pfname).tar $(pfname)
- gzip -9f ../$(pfname).tar
- $(RM) -rf $(pfname)
+ config.stamp Makefile.bak
+
+distclean: realclean
+
+# Release checklist:
+#
+# 0. Use this checklist from Makefile.in
+#
+# 1. Check that the tree has what you want
+#
+# 2. Update changelog:
+# gbp dch --since=<PREVIOUS VERSION>
+# and then edit debian/changelog.
+#
+# 3. Update VERSION (in this file, above) and
+# finalise debian/changelog (removing ~ from version) and commit.
+#
+# 4. Build source and binaries:
+# dgit -wgf sbuild -A -c stretch
+#
+# 5. dpkg -i on zealot just to check
+# dpkg -i ~ian/things/Fvpn/bpd/secnet_${VERSION}_amd64.deb
+#
+# 6. run it on chiark
+# check we can still ping davenant and chiark
+#
+# 7. Make git tag and source tarball signature:
+# git-tag -u general -m "secnet $VERSION" -s v${VERSION//\~/_}
+# gpg -u general --detach-sign ../bpd/secnet_$VERSION.tar.gz
+#
+# 8. Publish the branch and distriubtion files:
+# git-push origin v${VERSION//\~/_} v${VERSION//\~/_}~0:master
+# dcmd rsync -v ../bpd/secnet_${VERSION}_multi.changes chiark:/home/ianmdlvl/public-html/secnet/download/
+#
+# 9. Sort out html. On chiark as user secnet:
+# cd ~secnet/public-html/release/
+# mkdir $VERSION
+# cd $VERSION
+# ln -s /home/ianmdlvl/public-html/secnet/download/secnet?$VERSION* .
+# ln -sfn $VERSION ../current
+#
+# 10. write and post a release announcement
+# cd ../bpd
+# dcmd sha256sum secnet_${VERSION}_multi.changes
+# ...
+# gpg --clearsign ../release-announcement
+# rsync -vP ../release-announcement.asc c:mail/d/
+#
+# 11. bump changelog version in master, to new version with ~