blob: 7fa5ffa1795131da43dff5610c1bf448b3c0b130 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
|
#!/usr/bin/make -f
# Sample debian/rules that uses debhelper.
# GNU copyright 1997 to 1999 by Joey Hess.
# Uncomment this to turn on verbose mode.
#export DH_VERBOSE=1
# This is the debhelper compatability version to use.
export DH_COMPAT=4
export DH_OPTIONS
ifeq (,$(wildcard /usr/bin/po2debconf))
PO2DEBCONF := no
MINDEBCONFVER := 0.5
else
PO2DEBCONF := yes
MINDEBCONFVER := 1.2.0
endif
configure: configure-stamp
configure-stamp:
dh_testdir
# Add here commands to configure the package.
touch configure-stamp
patch:
dh_testdir
dpatch apply-all
unpatch:
dpatch deapply-all
#rm -f patch-stamp
build: build-stamp
build-stamp: patch
# create a dummy ipsec.secrets file before building the package so
# that no RSA keys are created during the build process
# (a package should not include a RSA key, it should produce the key
# on demand, e.g. in the postinst script)
touch $(CURDIR)/debian/ipsec.secrets
$(MAKE) programs INC_USRLOCAL=/usr \
FINALBINDIR=/usr/lib/ipsec \
FINALLIBEXECDIR=/usr/lib/ipsec \
PUBDIR=/usr/sbin \
MANTREE=/usr/share/man \
CONFDIR=$(CURDIR)/debian \
USE_LDAP=true USE_LIBCURL=true HAVE_THREADS=true \
USE_XAUTH=true USE_XAUTHPAM=true
# remove the temporary file, it will be created during install
rm -f $(CURDIR)/debian/ipsec.secrets
# also generate the fswcert tool
#$(MAKE) -C programs/fswcert/
# ugly hack....
#$(MAKE) -C programs/fswcert/ programs WERROR='-lcrypto'
touch build-stamp
clean: unpatch
dh_testdir
dh_testroot
rm -f build-stamp configure-stamp
-$(MAKE) clean
#-$(MAKE) -C programs/fswcert/ clean
# after a make clean, no binaries _should_ be left, but ....
-find $(CURDIR) -name "*.o" | xargs --no-run-if-empty rm
-find $(CURDIR)/lib/libcrypto -name "*.a" | xargs --no-run-if-empty rm
# Really clean (#356716)
# This is a hack: should be better implemented
rm -f lib/libstrongswan/libstrongswan.a || true
rm -f lib/libstrongswan/liboswlog.a || true
# just in case something went wrong
rm -f $(CURDIR)/debian/ipsec.secrets
# and make sure that template are up-to-date
debconf-updatepo
dh_clean
ifeq ($(PO2DEBCONF),yes)
# Hack for woody compatibility. This makes sure that the
# debian/templates file shipped in the source package doesn't
# specify encodings, which woody's debconf can't handle. If building
# on a system with po-debconf installed (conveniently debhelper (>=
# 4.1.16) depends on it), the binary-arch target will generate a
# better version for sarge.
echo 1 > debian/po/output
po2debconf debian/strongswan.templates.master > debian/strongswan.templates
rm -f debian/po/output
endif
install-strongswan: DH_OPTIONS=-a
install-strongswan: build
dh_testdir
dh_testroot
dh_clean -k
dh_installdirs
# Add here commands to install the package into debian/tmp.
$(MAKE) install INC_USRLOCAL=/usr \
FINALBINDIR=/usr/lib/ipsec \
FINALLIBEXECDIR=/usr/lib/ipsec \
PUBDIR=$(CURDIR)/debian/strongswan/usr/sbin \
MANTREE=$(CURDIR)/debian/strongswan/usr/share/man \
DESTDIR=$(CURDIR)/debian/strongswan
rm -rf $(CURDIR)/debian/strongswan/usr/local
install --mode=0600 $(CURDIR)/debian/ipsec.secrets.proto $(CURDIR)/debian/strongswan/etc/ipsec.secrets
# use bash for init.d and _plutorun
patch $(CURDIR)/debian/strongswan/etc/init.d/ipsec < debian/use-bash1.diff
patch $(CURDIR)/debian/strongswan/usr/lib/ipsec/_plutorun < debian/use-bash2.diff
# install the fswcert tool
#install $(CURDIR)/programs/fswcert/fswcert $(CURDIR)/debian/strongswan/usr/bin
#install $(CURDIR)/programs/fswcert/fswcert.8 $(CURDIR)/debian/strongswan/usr/share/man/man8
rm -f $(CURDIR)/debian/strongswan/etc/init.d/ipsec?*
rm -f $(CURDIR)/debian/strongswan/usr/lib/ipsec/_plutorun?*
# this is handled by update-rc.d
rm -rf $(CURDIR)/debian/strongswan/etc/rc?.d
dh_installdocs -pstrongswan -n
# change the paths in the installed doc files (but only in regular
# files, not in links to the outside of the build tree !)
( cd $(CURDIR)/debian/strongswan/; \
for f in `grep "/usr/local/" --recursive --files-with-match *`; \
do \
if [ -f $$f -a ! -L $$f ]; then \
cp $$f $$f.old; \
sed 's/\/usr\/local\//\/usr\//' $$f.old > $$f; \
rm $$f.old; \
fi; \
done )
# but remove the doc/src dir, which just duplicates the HTML files
rm -rf $(CURDIR)/debian/strongswan/usr/share/doc/strongswan/doc/src
# and the index file in the main doc directory - it's replicated under
# doc/
rm -f $(CURDIR)/debian/strongswan/usr/share/doc/strongswan/index.html
# the logcheck ignore files
install -D --mode=0600 $(CURDIR)/debian/logcheck.ignore.paranoid $(CURDIR)/debian/strongswan/etc/logcheck/ignore.d.paranoid/strongswan
install -D --mode=0600 $(CURDIR)/debian/logcheck.ignore.server $(CURDIR)/debian/strongswan/etc/logcheck/ignore.d.server/strongswan
install -D --mode=0600 $(CURDIR)/debian/logcheck.ignore.server $(CURDIR)/debian/strongswan/etc/logcheck/ignore.d.workstation/strongswan
install -D --mode=0600 $(CURDIR)/debian/logcheck.violations.ignore $(CURDIR)/debian/strongswan/etc/logcheck/violations.ignore.d/strongswan
# set permissions on ipsec.secrets
chmod 600 $(CURDIR)/debian/strongswan/etc/ipsec.secrets
chmod 644 $(CURDIR)/debian/strongswan/etc/ipsec.conf
chmod 700 -R $(CURDIR)/debian/strongswan/etc/ipsec.d/private/
# don't know why they come with +x set by default...
chmod 644 $(CURDIR)/debian/strongswan/etc/ipsec.d/policies/*
chmod 644 $(CURDIR)/debian/strongswan/etc/ipsec.d/examples/*
# or why these are copied to the directory...
rm -f $(CURDIR)/debian/strongswan/usr/lib/ipsec/ipsec_pr.template
rm -f $(CURDIR)/debian/strongswan/usr/lib/ipsec/distro.txt
# more lintian cleanups
find $(CURDIR)/debian/strongswan -name ".cvsignore" | xargs --no-run-if-empty rm -f
find $(CURDIR)/debian/strongswan -name "/.svn/" | xargs --no-run-if-empty rm -rf
# and lintian overrides
install --mode=0644 $(CURDIR)/debian/strongswan.lintian-overrides $(CURDIR)/debian/strongswan/usr/share/lintian/overrides/strongswan
binary-common:
#dh_testversion 2
dh_testdir
dh_testroot
dh_installdebconf
dh_installchangelogs CHANGES
dh_link
dh_strip
dh_compress
dh_fixperms -X etc/ipsec.conf -X etc/ipsec.secrets -X etc/ipsec.d
# dh_makeshlibs
dh_installdeb
# dh_perl
dh_shlibdeps
dh_gencontrol
dh_md5sums
dh_builddeb
# Build architecture-independent files here.
binary-indep:
$(MAKE) -f debian/rules DH_OPTIONS=-i binary-common
# Build architecture-dependent files here.
binary-arch: install-strongswan
$(MAKE) -f debian/rules DH_OPTIONS=-a binary-common
# Any other binary targets build just one binary package at a time.
#binary-%: build install
# make -f debian/rules binary-common DH_OPTIONS=-p$*
binary: binary-indep binary-arch
.PHONY: clean binary-indep binary-arch
|