# utilities build and install
# Copyright (C) 1998, 1999, 2000  Henry Spencer.
# 
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation; either version 2 of the License, or (at your
# option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
# 
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
# for more details.
#
# RCSID $Id: Makefile,v 1.69 2000/04/19 21:37:20 henry Exp $

# pathnames, subject to overrides from main Makefile
PUBDIR=/usr/local/sbin
PRIVDIR=/usr/local/lib/ipsec
REALPRIVDIR=/usr/local/lib/ipsec
RCDIR=/etc/rc.d/init.d
REALRCDIR=/etc/rc.d/init.d
CONFDIR=/etc
MANTREE=/usr/local/man

FMANDIR=$(MANTREE)/man5
CMANDIR=$(MANTREE)/man8
PUBS=ipsec
BINS=ranbits rsasigkey
SCRIPTS=barf manual auto look showdefaults showhostkey
INTERNALS=_include _confread _keycensor _secretcensor _updown
PRIVS=$(PUBS) $(SCRIPTS) $(INTERNALS) $(BINS)
GENDFILES=secrets.eg conf.eg
PERMINDEX=html2four four2perm
LOCALS=man_xref $(PERMINDEX)
PLAIN_MANS=ipsec.8
IPSEC_CMANS=barf.8 manual.8 auto.8 setup.8 ranbits.8 rsasigkey.8
MANS=$(PLAIN_MANS) $(IPSEC_CMANS)
CFLAGS=-I../lib
LIB=../lib/libfreeswan.a
INSTALL=install
PUB=--mode=644
PRIV=--mode=600
SECRETBITS=256
RSAKEYBITS=2048

SHELL=/bin/sh

all:	$(PUBS) $(PRIVS) $(GENDFILES) $(LOCALS)

permindex:	$(PERMINDEX)

ranbits:	ranbits.o
	$(CC) $(CFLAGS) ranbits.o $(LIB) -o $@

rsasigkey:	rsasigkey.o
	$(CC) $(CFLAGS) rsasigkey.o $(LIB) ../lib/libgmp.a -o $@

man_xref:	man_xref.o
	$(CC) $(CFLAGS) man_xref.o $(LIB) -o $@

html2four:	html2four.o
	$(CC) $(CFLAGS) html2four.o $(LIB) -o $@

four2perm:	four2perm.o
	$(CC) $(CFLAGS) four2perm.o $(LIB) -o $@

ipsec:	ipsec.in
	VER=`sed -n '/"/s/^[^"]*"//p' ../version.c | sed 's/".*//'` ; \
	sed "s/xxx/$$VER/" ipsec.in | sed "s:@IPSECDIR@:$(REALPRIVDIR):" >$@
	chmod +x $@

# generate sample secret (obfuscating it so that people don't get confused
# about whether it is a string or a hex number) and RSA private key... if,
# and only if, /etc/ipsec.secrets does not already exist
BLURB=do   make newsecrets   if you want this filled in
secrets.eg:	secrets.proto ranbits rsasigkey
	rm -f $@
	umask 077 ; ( \
		sed '/yyy/,$$d' secrets.proto | \
			sed "s/xxx/` \
				if test ! -f $(CONFDIR)/ipsec.secrets ; \
				then ./ranbits $(SECRETBITS) | \
					tr '0-9a-f_' 'j-n1-5R-Wu' ; \
				else echo '$(BLURB)' ; \
				fi `/" ; \
		if test ! -f $(CONFDIR)/ipsec.secrets ; \
		then ./rsasigkey --verbose $(RSAKEYBITS) ; \
		else echo "	# $(BLURB)" ; \
		fi ; \
		sed '1,/yyy/d' secrets.proto ; \
	) | egrep -v RCSID >$@

# force full secrets-file build
newsecrets:
	rm -f secrets.eg
	$(MAKE) secrets.eg CONFDIR=.

conf.eg:	conf.proto ranbits randomize
	rm -f $@
	./randomize conf.proto | egrep -v RCSI >$@

install:	$(PUBS) $(PRIVS) $(MANS) $(GENDFILES)
	mkdir -p $(PUBDIR) $(PRIVDIR) $(FMANDIR) $(CMANDIR)
	$(INSTALL) $(PUBS) $(PUBDIR)
	$(INSTALL) $(PRIVS) $(PRIVDIR)
	$(INSTALL) $(PUB) ipsec.conf.5 $(FMANDIR)
	$(INSTALL) $(PUB) $(PLAIN_MANS) $(CMANDIR)
	for f in $(IPSEC_CMANS) ; \
	do \
		$(INSTALL) $(PUB) $$f $(CMANDIR)/ipsec_$$f || exit 1 ; \
		./manlink $(CMANDIR) ipsec_$$f ; \
	done
	test -f $(CONFDIR)/ipsec.secrets || \
		$(INSTALL) $(PRIV) secrets.eg $(CONFDIR)/ipsec.secrets
	test -f $(CONFDIR)/ipsec.conf || \
		$(INSTALL) $(PUB) conf.eg $(CONFDIR)/ipsec.conf
	# main copy must go in RCDIR, PRIVDIR may not be mounted at boot time
	mkdir -p $(RCDIR)
	$(INSTALL) setup $(RCDIR)/ipsec
	rm -f $(PRIVDIR)/setup
	ln -s $(REALRCDIR)/ipsec $(PRIVDIR)/setup
	if test " $(DESTDIR)" != " " ; \
	then : do nothing ; \
	elif which chkconfig >/dev/null 2>&1 ; \
	then chkconfig --add ipsec ; \
	else $(MAKE) setup4 ; \
	fi

setup4:	$(RCDIR)/ipsec
	# fallback rc install -- on in run states 2345, off in 016
	-cd $(RCDIR)/../rc0.d ; ln -s ../init.d/ipsec K35ipsec
	-cd $(RCDIR)/../rc1.d ; ln -s ../init.d/ipsec K35ipsec
	-cd $(RCDIR)/../rc2.d ; ln -s ../init.d/ipsec S35ipsec
	-cd $(RCDIR)/../rc3.d ; ln -s ../init.d/ipsec S35ipsec
	-cd $(RCDIR)/../rc4.d ; ln -s ../init.d/ipsec S35ipsec
	-cd $(RCDIR)/../rc5.d ; ln -s ../init.d/ipsec S35ipsec
	-cd $(RCDIR)/../rc6.d ; ln -s ../init.d/ipsec K35ipsec

clean:
	rm -f *.o $(BINS) $(GENDFILES) $(LOCALS)
