3 # This file is part of secnet.
4 # See README for full list of copyright holders.
6 # secnet is free software; you can redistribute it and/or modify it
7 # under the terms of the GNU General Public License as published by
8 # the Free Software Foundation; either version 3 of the License, or
9 # (at your option) any later version.
11 # secnet is distributed in the hope that it will be useful, but
12 # WITHOUT ANY WARRANTY; without even the implied warranty of
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 # General Public License for more details.
16 # You should have received a copy of the GNU General Public License
17 # version 3 along with secnet; if not, see
18 # https://www.gnu.org/licenses/gpl.html.
20 .PHONY: all clean realclean distclean dist install
30 INSTALL_PROGRAM:=@INSTALL_PROGRAM@
31 INSTALL_SCRIPT:=@INSTALL_SCRIPT@
32 INSTALL_DATA:=@INSTALL_DATA@
34 prefix:=$(DESTDIR)@prefix@
35 exec_prefix:=@exec_prefix@
37 sysconfdir:=$(DESTDIR)@sysconfdir@
38 datarootdir:=@datarootdir@
39 transform:=@program_transform_name@
42 ALL_CFLAGS:=@DEFS@ -I$(srcdir) -I. $(CFLAGS) $(EXTRA_CFLAGS)
43 CPPFLAGS:=@CPPFLAGS@ -DDATAROOTDIR='"$(datarootdir)"' $(EXTRA_CPPFLAGS)
44 LDFLAGS:=@LDFLAGS@ $(EXTRA_LDFLAGS)
45 LDLIBS:=@LIBS@ $(EXTRA_LDLIBS)
47 &:local+global OBJECTS TARGETS
51 OBJECTS:=secnet.o util.o conffile.yy.o conffile.tab.o conffile.o modules.o \
52 resolver.o random.o udp.o site.o transform-cbcmac.o transform-eax.o \
53 comm-common.o polypath.o privcache.o pubkeys.o pubkeys.yy.o \
54 netlink.o rsa.o dh.o serpent.o serpentbe.o \
55 md5.o sha512.o tun.o slip.o sha1.o ipaddr.o log.o \
56 process.o osdep.o @LIBOBJS@ \
57 hackypar.o base91s/base91.o
58 # version.o is handled specially below and in the link rule for secnet.
60 PYMODULES := ipaddrset.py argparseactionnoyes.py base91.py
62 TEST_OBJECTS:=eax-aes-test.o eax-serpent-test.o eax-serpentbe-test.o \
65 ifeq (version.o,$(MAKECMDGOALS))
70 &OBJECTS += $(OBJECTS) $(TEST_OBJECTS)
72 STALE_PYTHON_FILES= $(foreach e, py pyc, \
73 $(foreach p, /usr /usr/local, \
74 $(foreach l, ipaddr, \
75 $(DESTDIR)$p/share/secnet/$l.$e \
79 flex --header=$*.yy.h -o$*.yy.c $<
82 # make has a builtin rule to run yacc, but we don't want that because
83 # our conffile.c is handwritten, and we use conffile.yy.c for the
84 # bison output. There is no need to do likewise for flex because
85 # our flex input files are end in .fl, not .l.
91 $(CC) $(CPPFLAGS) $(ALL_CFLAGS) $(CDEPS_CFLAGS) -c $< -o $@
93 $(OBJECTS): conffile.yy.h pubkeys.yy.h base91s/base91.h
94 # ^ we can't write this as a dependency on the %.o %.c rule
95 # because (say) conffile.yy.c isn't mentioned so doesn't "ought
96 # to exist" in make's mind. But specifying it explicitly like this
101 ${srcdir}/config.h.in: configure.ac
102 cd ${srcdir} && autoheader
105 MAKEFILE_TEMPLATES += config.h.in
106 CONFIG_STATUS_OUTPUTS += config.h
108 # Manual dependencies section
109 conffile.yy.c: conffile.tab.c
111 # End of manual dependencies section
113 %.yy.o: ALL_CFLAGS += -Wno-sign-compare -Wno-unused-function
116 $(MAKE) -f main.mk version.o # *.o $(filter-out %.o, $^)
117 $(CC) $(LDFLAGS) $(ALL_CFLAGS) -o $@ $(OBJECTS) version.o $(LDLIBS)
118 # We (always) regenerate the version, but only if we regenerate the
119 # binary. (This is necessary as the version string is can depend on
120 # any of the source files, eg to see whether "+" is needed.)
122 ifneq (,$(wildcard .git/HEAD))
123 # If we have (eg) committed, relink and thus regenerate the version
124 # with the new info from git describe.
125 secnet: Makefile .git/HEAD $(wildcard $(shell sed -n 's#^ref: #.git/#p' .git/HEAD))
126 secnet: $(wildcard .git/packed-refs)
131 &TARGETS_check = eax-aes-test.confirm eax-serpent-test.confirm \
132 eax-serpentbe-test.confirm ipaddrset.confirm
134 &TARGETS_fullcheck += $(&TARGETS_check)
135 &TARGETS_fullcheck += msgcode-test.confirm
137 RECHECK_RM += $(&TARGETS_check)
143 echo "#include \"secnet.h\"" >$@.new
144 @set -ex; if test -e .git && type -p git >/dev/null; then \
145 v=$$(git describe --match 'v*'); v=$${v#v}; \
146 if ! git diff --quiet HEAD; then v="$$v+"; fi; \
150 echo "char version[]=\"secnet $$v\";" >>$@.new
153 eax-%-test: eax-%-test.o eax-test.o %.o
154 $(CC) $(LDFLAGS) $(ALL_CFLAGS) -o $@ $^
156 eax-%-test.confirm: eax-%-test eax-%-test.vectors
157 ./$< <$(srcdir)/eax-$*-test.vectors >$@.new
160 &CDEPS_OBJECTS += msgcode-test.o
162 msgcode-test: msgcode-test.o
163 $(CC) $(LDFLAGS) $(ALL_CFLAGS) -o $@ $^
165 msgcode-test.confirm: msgcode-test
169 ipaddrset.confirm: ipaddrset-test.py ipaddrset.py ipaddrset-test.expected
170 $(srcdir)/ipaddrset-test.py >ipaddrset-test.new
171 diff -u $(srcdir)/ipaddrset-test.expected ipaddrset-test.new
174 &CLEAN += & pubkeys.fl
176 pubkeys.fl: ${srcdir}/pubkeys.fl.pl
177 ${srcdir}/pubkeys.fl.pl >$@.tmp && mv -f $@.tmp $@
179 .PRECIOUS: eax-%-test
182 $(INSTALL) -d $(prefix)/share/secnet $(sbindir)
183 $(INSTALL) -d $(mandir)/man8
184 $(INSTALL) -d $(datarootdir)/secnet
187 set -e; ok=true; for f in $(STALE_PYTHON_FILES); do \
188 if test -e $$f; then \
189 echo >&\&2 "ERROR: $$f still exists "\
190 "- try \`make install-force'"; \
195 $(INSTALL_PROGRAM) secnet $(sbindir)/`echo secnet|sed '$(transform)'`
196 $(INSTALL_PROGRAM) ${srcdir}/make-secnet-sites $(sbindir)/`echo make-secnet-sites|sed '$(transform)'`
197 set -e; for m in $(PYMODULES); do \
198 $(INSTALL_DATA) ${srcdir}/$$m $(prefix)/share/secnet/$$m; \
200 $(INSTALL_SCRIPT) ${srcdir}/polypath-interface-monitor-linux \
201 $(datarootdir)/secnet/.
202 $(INSTALL_DATA) ${srcdir}/secnet.8 $(mandir)/man8/secnet.8
205 rm -f $(STALE_PYTHON_FILES)
206 $(MAKE) -f main.mk install
209 &CLEAN += $(TARGETS) $(&TARGETS_check) $(&TARGETS_fullcheck)
212 $(RM) -f *.o *.yy.[ch] *.tab.[ch] core version.c
213 $(RM) -f *.pyc *~ eax-*-test.confirm eax-*-test
214 $(RM) -rf __pycache__
215 $(RM) -f msgcode-test.confirm msgcode-test
218 $(RM) -f *~ Makefile config.h \
219 config.log config.status config.cache \
220 config.stamp Makefile.bak
222 distclean:: realclean
224 include subdirmk/regen.mk
226 &:warn !single-char-var
229 # 0. Use this checklist from Dir.sd.mk
231 # 1. Check that the tree has what you want
233 # 2. Update changelog:
234 # gbp dch --since=<PREVIOUS VERSION>
235 # and then edit debian/changelog.
237 # 3. Update VERSION (in this file, above) and
238 # finalise debian/changelog (removing ~ from version) and commit.
240 # 4. Build source and binaries:
241 # dgit -wgf sbuild -A -c stretch -j8
243 # 5. dpkg -i on zealot just to check
244 # dpkg -i ~ian/things/Fvpn/bpd/secnet_${VERSION}_amd64.deb
246 # 6. run it on chiark
247 # check we can still ping davenant and chiark
249 # 7. Make git tag and source tarball signature:
250 # git-tag -u general -m "secnet $VERSION" -s v${VERSION//\~/_}
251 # gpg -u general --detach-sign ../bpd/secnet_$VERSION.tar.gz
253 # 8. Publish the branch and distriubtion files:
254 # git-push origin v${VERSION//\~/_} v${VERSION//\~/_}~0:master
255 # dcmd rsync -v ../bpd/secnet_${VERSION}_multi.changes chiark:/home/ianmdlvl/public-html/secnet/download/
257 # 8a. Upload to Debian:
260 # 9. Sort out html. On chiark as user secnet:
261 # cd ~secnet/public-html/release/
264 # ln -s /home/ianmdlvl/public-html/secnet/download/secnet?$VERSION* .
265 # ln -sfn $VERSION ../current
267 # 10. write and post a release announcement
269 # dcmd sha256sum secnet_${VERSION}_multi.changes
271 # gpg --clearsign ../release-announcement
272 # rsync -vP ../release-announcement.asc c:mail/d/
274 # 11. bump changelog version in master, to new version with ~