3 # This file is part of secnet.
4 # See README for full list of copyright holders.
6 # secnet is free software; you can redistribute it and/or modify it
7 # under the terms of the GNU General Public License as published by
8 # the Free Software Foundation; either version 3 of the License, or
9 # (at your option) any later version.
11 # secnet is distributed in the hope that it will be useful, but
12 # WITHOUT ANY WARRANTY; without even the implied warranty of
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 # General Public License for more details.
16 # You should have received a copy of the GNU General Public License
17 # version 3 along with secnet; if not, see
18 # https://www.gnu.org/licenses/gpl.html.
20 .PHONY
: all clean realclean distclean dist install
34 INSTALL_PROGRAM
:=@INSTALL_PROGRAM@
35 INSTALL_SCRIPT
:=@INSTALL_SCRIPT@
36 INSTALL_DATA
:=@INSTALL_DATA@
38 prefix:=$(DESTDIR
)@
prefix@
39 exec_prefix:=@
exec_prefix@
41 sysconfdir
:=$(DESTDIR
)@sysconfdir@
42 datarootdir
:=@datarootdir@
43 transform
:=@program_transform_name@
46 CFLAGS
:=-Wall @WRITESTRINGS@ @CFLAGS@
-Werror \
47 -W
-Wno-unused
-Wno-unused-parameter \
48 -Wno-pointer-sign
-Wstrict-prototypes
-Wmissing-prototypes \
49 -Wmissing-declarations
-Wnested-externs
-Wredundant-decls \
50 -Wpointer-arith
-Wformat
=2 -Winit-self \
51 -Wswitch-enum
-Wunused-variable
-Wunused-function
-Wbad-function-cast \
52 -Wno-strict-aliasing
-fno-strict-aliasing \
54 ALL_CFLAGS
:=@DEFS@
-I
$(srcdir) -I.
$(CFLAGS
) $(EXTRA_CFLAGS
)
55 CPPFLAGS
:=@CPPFLAGS@
-DDATAROOTDIR
='"$(datarootdir)"' $(EXTRA_CPPFLAGS
)
56 LDFLAGS
:=@LDFLAGS@
$(EXTRA_LDFLAGS
)
57 LDLIBS
:=@LIBS@
$(EXTRA_LDLIBS
)
61 OBJECTS
:=secnet.o util.o conffile.yy.o conffile.tab.o conffile.o modules.o \
62 resolver.o random.o udp.o site.o transform-cbcmac.o transform-eax.o \
63 comm-common.o polypath.o \
64 netlink.o rsa.o dh.o xdh.o serpent.o serpentbe.o \
65 scaf.o f25519.o x25519.o ed25519.o fgoldi.o x448.o ed448.o \
66 md5.o sha512.o keccak1600.o sha3.o \
67 tun.o slip.o sha1.o ipaddr.o log.o \
70 # version.o is handled specially below and in the link rule for secnet.
72 TEST_OBJECTS
:=eax-aes-test.o eax-serpent-test.o eax-serpentbe-test.o \
73 eax-test.o aes.o x25519-test.o x448-test.o
75 ifeq (version.o
,$(MAKECMDGOALS
))
80 STALE_PYTHON_FILES
= $(foreach e
, py pyc
, \
81 $(foreach p
, /usr
/usr
/local
, \
82 $(foreach l
, ipaddr
, \
83 $(DESTDIR
)$p/share
/secnet
/$l.
$e \
89 flex
--header
=$*.yy.h
-o
$@
$<
94 %.o
: %.c conffile.yy.h
95 $(CC
) $(CPPFLAGS
) $(ALL_CFLAGS
) -c
$< -o
$@
99 # Automatic remaking of configuration files, from autoconf documentation
100 ${srcdir}/configure
: configure.in
101 cd
${srcdir} && autoconf
103 # autoheader might not change config.h.in, so touch a stamp file.
104 ${srcdir}/config.h.in
: stamp-h.in
105 ${srcdir}/stamp-h.in
: configure.in
106 cd
${srcdir} && autoheader
107 echo timestamp
> ${srcdir}/stamp-h.in
110 stamp-h
: config.h.in config.status
113 Makefile
: Makefile.in config.status
116 config.status
: configure
117 .
/config.status
--recheck
118 # End of config file remaking rules
120 # C and header file dependency rules
121 SOURCES
:=$(OBJECTS
:.o
=.c
) $(TEST_OBJECTS
:.o
=.c
)
122 DEPENDS
:=$(OBJECTS
:.o
=.d
) $(TEST_OBJECTS
:.o
=.d
)
126 # Manual dependencies section
127 conffile.yy.c
: conffile.fl conffile.tab.c
128 conffile.yy.h
: conffile.yy.c
129 conffile.tab.c
: conffile.y
130 # End of manual dependencies section
132 conffile.yy.o
: ALL_CFLAGS
+= -Wno-sign-compare
135 $(MAKE
) version.o
# *.o $(filter-out %.o, $^)
136 $(CC
) $(LDFLAGS
) $(ALL_CFLAGS
) -o
$@
$(OBJECTS
) version.o
$(LDLIBS
)
137 # We (always) regenerate the version, but only if we regenerate the
138 # binary. (This is necessary as the version string is can depend on
139 # any of the source files, eg to see whether "+" is needed.)
141 ifneq (,$(wildcard .git
/HEAD
))
142 # If we have (eg) committed, relink and thus regenerate the version
143 # with the new info from git describe.
144 secnet
: Makefile .git
/HEAD
$(shell sed
-n
's#^ref: #.git/#p' .git
/HEAD
)
145 secnet
: $(wildcard .git
/packed-refs
)
148 CRYPTO_TESTS
= keccak1600 sha3 f25519 x25519 ed25519 fgoldi x448 ed448
150 check: eax-aes-test.confirm eax-serpent-test.confirm \
151 eax-serpentbe-test.confirm check-ipaddrset \
152 msgcode-test.confirm \
153 $(foreach c
,$(CRYPTO_TESTS
),$c-test.confirm
)
156 echo
"#include \"secnet.h\"" >$@.new
157 @set
-ex
; if
test -e .git
&& type
-p git
>/dev
/null
; then \
158 v
=$$(git describe
--match
'v*'); v
=$${v
#v}; \
159 if
! git diff
--quiet HEAD
; then v
="$$v+"; fi
; \
163 echo
"char version[]=\"secnet $$v\";" >>$@.new
166 eax-
%-test: eax-
%-test.o eax-test.o
%.o
167 $(CC
) $(LDFLAGS
) $(ALL_CFLAGS
) -o
$@
$^
169 eax-
%-test.confirm
: eax-
%-test eax-
%-test.vectors
170 .
/$< <$(srcdir)/eax-
$*-test.vectors
>$@.new
173 msgcode-test
: msgcode-test.o
174 $(CC
) $(LDFLAGS
) $(ALL_CFLAGS
) -o
$@
$^
176 msgcode-test.confirm
: msgcode-test
180 $(foreach c
,$(CRYPTO_TESTS
),$c-test
): %-test: %-test.o crypto-test.o
181 $(CC
) $(LDFLAGS
) $(ALL_CFLAGS
) -o
$@
$^
183 $(foreach c
,$(CRYPTO_TESTS
),$c-test.confirm
): \
184 %-test.confirm
: %-test %-tests.in
185 .
/$*-test <$(srcdir)/$*-tests.in
188 keccak1600-test
: keccak1600.o
189 sha3-test
: sha3.o keccak1600.o
190 f25519-test
: f25519.o
191 x25519-test
: x25519.o f25519.o
192 ed25519-test
: sha512.o f25519.o scaf.o ed25519.o
193 fgoldi-test
: fgoldi.o
194 x448-test
: x448.o fgoldi.o
195 ed448-test
: keccak1600.o sha3.o fgoldi.o scaf.o ed448.o
197 f25519-test.o
: ec-field-test.c
198 $(CC
) $(CPPFLAGS
) $(ALL_CFLAGS
) -c
-DFIELD
=f25519
$< -o
$@
199 fgoldi-test.o
: ec-field-test.c
200 $(CC
) $(CPPFLAGS
) $(ALL_CFLAGS
) -c
-DFIELD
=fgoldi
$< -o
$@
201 x25519-test.o
: xdh-test.c
202 $(CC
) $(CPPFLAGS
) $(ALL_CFLAGS
) -c
-DXDH
=x25519
-DFIELD
=f25519
$< -o
$@
203 x448-test.o
: xdh-test.c
204 $(CC
) $(CPPFLAGS
) $(ALL_CFLAGS
) -c
-DXDH
=x448
-DFIELD
=fgoldi
$< -o
$@
206 check-ipaddrset
: ipaddrset-test.py ipaddrset.py ipaddrset-test.expected
207 $(srcdir)/ipaddrset-test.py
>ipaddrset-test.new
208 diff
-u
$(srcdir)/ipaddrset-test.expected ipaddrset-test.new
210 .PRECIOUS
: eax-
%-test
213 $(INSTALL
) -d
$(prefix)/share
/secnet
$(sbindir
)
214 $(INSTALL
) -d
$(mandir)/man8
215 $(INSTALL
) -d
$(datarootdir
)/secnet
218 set
-e
; ok
=true
; for f in
$(STALE_PYTHON_FILES
); do \
219 if
test -e
$$f; then \
220 echo
>&2 "ERROR: $$f still exists "\
221 "- try \`make install-force'"; \
226 $(INSTALL_PROGRAM
) secnet
$(sbindir
)/`echo secnet|sed '$(transform)'`
227 $(INSTALL_PROGRAM
) ${srcdir}/make-secnet-sites
$(sbindir
)/`echo make-secnet-sites|sed '$(transform)'`
228 $(INSTALL_DATA
) ${srcdir}/ipaddrset.py
$(prefix)/share
/secnet
/ipaddrset.py
229 $(INSTALL_SCRIPT
) ${srcdir}/polypath-interface-monitor-linux \
230 $(datarootdir
)/secnet
/.
231 $(INSTALL_DATA
) ${srcdir}/secnet
.8 $(mandir)/man8
/secnet
.8
234 rm -f
$(STALE_PYTHON_FILES
)
238 $(RM
) -f
*.o
*.yy.
[ch
] *.tab.
[ch
] $(TARGETS
) core version.c
239 $(RM
) -f
*.d
*.pyc
*~ eax-
*-test.confirm eax-
*-test
240 $(RM
) -f msgcode-test.confirm msgcode-test
241 $(RM
) -f
$(addsuffix -test, $(CRYPTO_TESTS
))
242 $(RM
) -f
$(addsuffix -test.confirm
, $(CRYPTO_TESTS
))
245 $(RM
) -f
*~ Makefile config.h
*.d \
246 config.log config.status config.cache \
253 # 0. Use this checklist from Makefile.in
255 # 1. Check that the tree has what you want
257 # 2. Update changelog:
258 # gbp dch --since=<PREVIOUS VERSION>
259 # and then edit debian/changelog.
261 # 3. Update VERSION (in this file, above) and
262 # finalise debian/changelog (removing ~ from version) and commit.
264 # 4. Build source and binaries:
265 # dgit -wgf sbuild -A -c stretch
267 # 5. dpkg -i on zealot just to check
268 # dpkg -i ~ian/things/Fvpn/bpd/secnet_${VERSION}_amd64.deb
270 # 6. run it on chiark
271 # check we can still ping davenant and chiark
273 # 7. Make git tag and source tarball signature:
274 # git-tag -u general -m "secnet $VERSION" -s v${VERSION//\~/_}
275 # gpg -u general --detach-sign ../bpd/secnet_$VERSION.tar.gz
277 # 8. Publish the branch and distriubtion files:
278 # git-push origin v${VERSION//\~/_} v${VERSION//\~/_}~0:master
279 # dcmd rsync -v ../bpd/secnet_${VERSION}_multi.changes chiark:/home/ianmdlvl/public-html/secnet/download/
281 # 9. Sort out html. On chiark as user secnet:
282 # cd ~secnet/public-html/release/
285 # ln -s /home/ianmdlvl/public-html/secnet/download/secnet?$VERSION* .
286 # ln -sfn $VERSION ../current
288 # 10. write and post a release announcement
290 # dcmd sha256sum secnet_${VERSION}_multi.changes
292 # gpg --clearsign ../release-announcement
293 # rsync -vP ../release-announcement.asc c:mail/d/
295 # 11. bump changelog version in master, to new version with ~