Factor out building of strongswan into own Makefile

Small Makefiles (recipes) are used to install software from source into
the root UML image.

diff --git a/testing/scripts/build-umlrootfs b/testing/scripts/build-umlrootfs
index 647c929..2633f1b 100755 (executable)
--- a/testing/scripts/build-umlrootfs
+++ b/testing/scripts/build-umlrootfs
@@ -22,22 +22,10 @@ source $DIR/function.sh
 
 source $DIR/../testing.conf
 
-STRONGSWANVERSION=`basename $STRONGSWAN .tar.bz2`
-
-cecho-n " * Looking for strongSwan at '$STRONGSWAN'.."
-if [ -f "$STRONGSWAN" ]
-then
-    cecho "found it"
-    cecho " * strongSwan version is '$STRONGSWANVERSION'"
-else
-    cecho "none"
-    exit
-fi
-
 cecho-n " * Looking for root image at '$ROOTFS'.."
 if [ -f "$ROOTFS" ]
 then
-    cecho "found it"
+    cgecho "found it"
 else
     cecho "none"
     exit
@@ -68,21 +56,10 @@ BASE=$BUILDDIR/base.img
 cecho-n " * Mounting base image $BASE.."
 cp $ROOTFS $BASE
 mount -o loop $BASE $LOOPDIR >> $LOGFILE 2>&1
+mount -t proc none $LOOPDIR/proc >> $LOGFILE 2>&1
 cgecho "done"
 
 ######################################################
-# remove /etc/resolv.conf
-#
-cecho " * Removing /etc/resolv.conf"
-rm -f $LOOPDIR/etc/resolv.conf
-
-#####################################################
-# extracting strongSwan into the root filesystem
-#
-cecho " * Extracting strongSwan into the root filesystem"
-tar xjf $STRONGSWAN -C $LOOPDIR/root >> $LOGFILE 2>&1
-
-######################################################
 # setting up mountpoint for shared source tree
 #
 if [ "${SHAREDTREE+set}" = "set" ]; then
@@ -93,306 +70,35 @@ if [ "${SHAREDTREE+set}" = "set" ]; then
 fi
 
 ######################################################
-# installing strongSwan and setting the local timezone
+# install software from source using 'recipes'
 #
+mkdir -p $ROOTFSCOMPILEDIR
+cecho " * Mounting $ROOTFSCOMPILEDIR as /root/compile.."
+mkdir -p $LOOPDIR/root/compile
+mount -o bind $ROOTFSCOMPILEDIR $LOOPDIR/root/compile >> $LOGFILE 2>&1
+
+cecho " * Installing software from source.."
+RECPDIR=$UMLTESTDIR/testing/scripts/recipes
+RECIPES=`ls $RECPDIR/*.mk | xargs -n1 basename`
+for r in $RECIPES
+do
+       cecho-n "   - $r.."
+       cp $RECPDIR/$r ${LOOPDIR}/root/compile
+       chroot ${LOOPDIR} make -C /root/compile -f $r >>$LOGFILE 2>&1
+       if [ $? != 0 ]; then
+               cecho "failed"
+       else
+               cgecho "done"
+       fi
+done
 
-INSTALLSHELL=${LOOPDIR}/install.sh
-
-cecho " * Preparing strongSwan installation script"
-echo "ln -sf /usr/share/zoneinfo/${TZUML} /etc/localtime" >> $INSTALLSHELL
-
-echo "cd /root/${STRONGSWANVERSION}" >> $INSTALLSHELL
-echo -n "./configure --sysconfdir=/etc" >> $INSTALLSHELL
-echo -n " --with-random-device=/dev/urandom" >> $INSTALLSHELL
-echo -n " --disable-load-warning" >> $INSTALLSHELL
-
-if [ "$USE_LIBCURL" = "yes" ]
-then
-    echo -n " --enable-curl" >> $INSTALLSHELL
-fi
-
-if [ "$USE_LDAP" = "yes" ]
-then
-    echo -n " --enable-ldap" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_AKA" = "yes" ]
-then
-    echo -n " --enable-eap-aka" >> $INSTALLSHELL
-    echo -n " --enable-eap-aka-3gpp2" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_SIM" = "yes" ]
-then
-    echo -n " --enable-eap-sim" >> $INSTALLSHELL
-    echo -n " --enable-eap-sim-file" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_MD5" = "yes" ]
-then
-    echo -n " --enable-eap-md5" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_MSCHAPV2" = "yes" ]
-then
-    echo -n " --enable-md4" >> $INSTALLSHELL
-    echo -n " --enable-eap-mschapv2" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_IDENTITY" = "yes" ]
-then
-    echo -n " --enable-eap-identity" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_RADIUS" = "yes" ]
-then
-    echo -n " --enable-eap-radius" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_DYNAMIC" = "yes" ]
-then
-    echo -n " --enable-eap-dynamic" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_TLS" = "yes" ]
-then
-    echo -n " --enable-eap-tls" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_TTLS" = "yes" ]
-then
-    echo -n " --enable-eap-ttls" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_PEAP" = "yes" ]
-then
-    echo -n " --enable-eap-peap" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_TNC" = "yes" ]
-then
-    echo -n " --enable-eap-tnc" >> $INSTALLSHELL
-fi
-
-if [ "$USE_TNC_PDP" = "yes" ]
-then
-    echo -n " --enable-tnc-pdp" >> $INSTALLSHELL
-fi
-
-if [ "$USE_TNC_IMC" = "yes" ]
-then
-    echo -n " --enable-tnc-imc" >> $INSTALLSHELL
-fi
-
-if [ "$USE_TNC_IMV" = "yes" ]
-then
-    echo -n " --enable-tnc-imv" >> $INSTALLSHELL
-fi
-
-if [ "$USE_TNCCS_11" = "yes" ]
-then
-    echo -n " --enable-tnccs-11" >> $INSTALLSHELL
-fi
-
-if [ "$USE_TNCCS_20" = "yes" ]
-then
-    echo -n " --enable-tnccs-20" >> $INSTALLSHELL
-fi
-
-if [ "$USE_TNCCS_DYNAMIC" = "yes" ]
-then
-    echo -n " --enable-tnccs-dynamic" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMC_TEST" = "yes" ]
-then
-    echo -n " --enable-imc-test" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMV_TEST" = "yes" ]
-then
-    echo -n " --enable-imv-test" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMC_SCANNER" = "yes" ]
-then
-    echo -n " --enable-imc-scanner" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMV_SCANNER" = "yes" ]
-then
-    echo -n " --enable-imv-scanner" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMC_OS" = "yes" ]
-then
-    echo -n " --enable-imc-os" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMV_OS" = "yes" ]
-then
-    echo -n " --enable-imv-os" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMC_ATTESTATION" = "yes" ]
-then
-    echo -n " --enable-imc-attestation" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMV_ATTESTATION" = "yes" ]
-then
-    echo -n " --enable-imv-attestation" >> $INSTALLSHELL
-fi
-
-if [ "$USE_SQL" = "yes" ]
-then
-    echo -n " --enable-sql --enable-sqlite" >> $INSTALLSHELL
-    fi
-
-if [ "$USE_MEDIATION" = "yes" ]
-then
-    echo -n " --enable-mediation" >> $INSTALLSHELL
-fi
-
-if [ "$USE_OPENSSL" = "yes" ]
-then
-    echo -n " --enable-openssl" >> $INSTALLSHELL
-fi
-
-if [ "$USE_BLOWFISH" = "yes" ]
-then
-    echo -n " --enable-blowfish" >> $INSTALLSHELL
-fi
-
-if [ "$USE_KERNEL_PFKEY" = "yes" ]
-then
-    echo -n " --enable-kernel-pfkey" >> $INSTALLSHELL
-fi
-
-if [ "$USE_INTEGRITY_TEST" = "yes" ]
-then
-    echo -n " --enable-integrity-test" >> $INSTALLSHELL
-fi
-
-if [ "$USE_LEAK_DETECTIVE" = "yes" ]
-then
-    echo -n " --enable-leak-detective" >> $INSTALLSHELL
-fi
-
-if [ "$USE_LOAD_TESTER" = "yes" ]
-then
-    echo -n " --enable-load-tester" >> $INSTALLSHELL
-fi
-
-if [ "$USE_TEST_VECTORS" = "yes" ]
-then
-    echo -n " --enable-test-vectors" >> $INSTALLSHELL
-fi
-
-if [ "$USE_GCRYPT" = "yes" ]
-then
-    echo -n " --enable-gcrypt" >> $INSTALLSHELL
-fi
-
-if [ "$USE_SOCKET_DEFAULT" = "yes" ]
-then
-    echo -n " --enable-socket-default" >> $INSTALLSHELL
-fi
-
-if [ "$USE_SOCKET_DYNAMIC" = "yes" ]
-then
-    echo -n " --enable-socket-dynamic" >> $INSTALLSHELL
-fi
-
-if [ "$USE_DHCP" = "yes" ]
-then
-    echo -n " --enable-dhcp" >> $INSTALLSHELL
-fi
-
-if [ "$USE_FARP" = "yes" ]
-then
-    echo -n " --enable-farp" >> $INSTALLSHELL
-fi
-
-if [ "$USE_ADDRBLOCK" = "yes" ]
-then
-    echo -n " --enable-addrblock" >> $INSTALLSHELL
-fi
-
-if [ "$USE_CTR" = "yes" ]
-then
-    echo -n " --enable-ctr" >> $INSTALLSHELL
-fi
-
-if [ "$USE_CCM" = "yes" ]
-then
-    echo -n " --enable-ccm" >> $INSTALLSHELL
-fi
-
-if [ "$USE_GCM" = "yes" ]
-then
-    echo -n " --enable-gcm" >> $INSTALLSHELL
-fi
-
-if [ "$USE_CMAC" = "yes" ]
-then
-    echo -n " --enable-cmac" >> $INSTALLSHELL
-fi
-
-if [ "$USE_HA" = "yes" ]
-then
-    echo -n " --enable-ha" >> $INSTALLSHELL
-fi
-
-if [ "$USE_AF_ALG" = "yes" ]
-then
-    echo -n " --enable-af-alg" >> $INSTALLSHELL
-fi
-
-if [ "$USE_WHITELIST" = "yes" ]
-then
-    echo -n " --enable-whitelist" >> $INSTALLSHELL
-fi
-
-if [ "$USE_XAUTH_GENERIC" = "yes" ]
-then
-    echo -n " --enable-xauth-generic" >> $INSTALLSHELL
-fi
-
-if [ "$USE_XAUTH_EAP" = "yes" ]
-then
-    echo -n " --enable-xauth-eap" >> $INSTALLSHELL
-fi
-
-if [ "$USE_PKCS8" = "yes" ]
-then
-    echo -n " --enable-pkcs8" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IFMAP" = "yes" ]
-then
-    echo -n " --enable-tnc-ifmap" >> $INSTALLSHELL
-fi
-
-if [ "$USE_CISCO_QUIRKS" = "yes" ]
-then
-    echo -n " --enable-cisco-quirks" >> $INSTALLSHELL
-fi
-
-if [ "$USE_UNITY" = "yes" ]
-then
-    echo -n " --enable-unity" >> $INSTALLSHELL
-fi
-
-echo "" >> $INSTALLSHELL
-echo "make -j5" >> $INSTALLSHELL
-echo "make install" >> $INSTALLSHELL
-echo "ldconfig" >> $INSTALLSHELL
+umount $LOOPDIR/root/compile
 
-cecho-n " * Compiling $STRONGSWANVERSION within the root file system as chroot.."
-chroot $LOOPDIR /bin/bash /install.sh >> $LOGFILE 2>&1
-rm -f $INSTALLSHELL
-cgecho "done"
+######################################################
+# remove /etc/resolv.conf
+#
+cecho " * Removing /etc/resolv.conf"
+rm -f $LOOPDIR/etc/resolv.conf
 
 #####################################
 # preparing ssh for PK authentication
@@ -456,4 +162,5 @@ do
     echo "`cat $LOOPDIR/etc/ssh/ssh_host_rsa_key.pub` root@$host" >> $LOOPDIR/root/.ssh/authorized_keys
 done
 
+umount $LOOPDIR/proc
 umount $LOOPDIR

diff --git a/testing/scripts/recipes/strongswan.mk b/testing/scripts/recipes/strongswan.mk
new file mode 100644 (file)
index 0000000..4b82631
--- /dev/null
+++ b/testing/scripts/recipes/strongswan.mk
@@ -0,0 +1,87 @@
+#!/usr/bin/make
+
+PV  = 5.0.1
+PKG = strongswan-$(PV)
+TAR = $(PKG).tar.bz2
+SRC = http://download.strongswan.org/$(TAR)
+
+NUM_CPUS := $(shell getconf _NPROCESSORS_ONLN)
+
+CONFIG_OPTS = \
+       --sysconfdir=/etc \
+       --with-random-device=/dev/urandom \
+       --disable-load-warning \
+       --enable-curl \
+       --enable-ldap \
+       --enable-eap-aka \
+       --enable-eap-aka-3gpp2 \
+       --enable-eap-sim \
+       --enable-eap-sim-file \
+       --enable-eap-md5 \
+       --enable-md4 \
+       --enable-eap-mschapv2 \
+       --enable-eap-identity \
+       --enable-eap-radius \
+       --enable-eap-dynamic \
+       --enable-eap-tls \
+       --enable-eap-ttls \
+       --enable-eap-peap \
+       --enable-eap-tnc \
+       --enable-tnc-pdp \
+       --enable-tnc-imc \
+       --enable-tnc-imv \
+       --enable-tnccs-11 \
+       --enable-tnccs-20 \
+       --enable-tnccs-dynamic \
+       --enable-imc-test \
+       --enable-imv-test \
+       --enable-imc-scanner \
+       --enable-imv-scanner \
+       --enable-imc-os \
+       --enable-imv-os \
+       --enable-imc-attestation \
+       --enable-imv-attestation \
+       --enable-sql \
+       --enable-sqlite \
+       --enable-mediation \
+       --enable-openssl \
+       --enable-blowfish \
+       --enable-kernel-pfkey \
+       --enable-integrity-test \
+       --enable-leak-detective \
+       --enable-load-tester \
+       --enable-test-vectors \
+       --enable-gcrypt \
+       --enable-socket-default \
+       --enable-socket-dynamic \
+       --enable-dhcp \
+       --enable-farp \
+       --enable-addrblock \
+       --enable-ctr \
+       --enable-ccm \
+       --enable-gcm \
+       --enable-cmac \
+       --enable-ha \
+       --enable-af-alg \
+       --enable-whitelist \
+       --enable-xauth-generic \
+       --enable-xauth-eap \
+       --enable-pkcs8 \
+       --enable-unity
+
+all: install
+
+$(TAR):
+       wget $(SRC)
+
+$(PKG): $(TAR)
+       tar xfj $(TAR)
+
+configure: $(PKG)
+       cd $(PKG) && ./configure $(CONFIG_OPTS)
+
+build: configure
+       cd $(PKG) && make -j $(NUM_CPUS)
+
+install: build
+       cd $(PKG) && make install

diff --git a/testing/testing.conf b/testing/testing.conf
index 5cdf7b0..7a4998b 100755 (executable)
--- a/testing/testing.conf
+++ b/testing/testing.conf
@@ -30,66 +30,6 @@ KERNELCONFIG=$UMLTESTDIR/.config-3.5
 # Bzipped uml patch for kernel
 UMLPATCH=$UMLTESTDIR/ha-3.0.patch.bz2
 
-# Bzipped source of strongSwan
-STRONGSWAN=$UMLTESTDIR/strongswan-5.0.1.tar.bz2
-
-# strongSwan compile options (use "yes" or "no")
-USE_LIBCURL="yes"
-USE_LDAP="yes"
-USE_EAP_AKA="yes"
-USE_EAP_SIM="yes"
-USE_EAP_MD5="yes"
-USE_EAP_MSCHAPV2="yes"
-USE_EAP_IDENTITY="yes"
-USE_EAP_RADIUS="yes"
-USE_EAP_DYNAMIC="yes"
-USE_EAP_TLS="yes"
-USE_EAP_TTLS="yes"
-USE_EAP_PEAP="yes"
-USE_EAP_TNC="yes"
-USE_TNC_PDP="yes"
-USE_TNC_IMC="yes"
-USE_TNC_IMV="yes"
-USE_TNCCS_11="yes"
-USE_TNCCS_20="yes"
-USE_TNCCS_DYNAMIC="yes"
-USE_IMC_TEST="yes"
-USE_IMV_TEST="yes"
-USE_IMC_SCANNER="yes"
-USE_IMV_SCANNER="yes"
-USE_IMC_OS="yes"
-USE_IMV_OS="yes"
-USE_IMC_ATTESTATION="yes"
-USE_IMV_ATTESTATION="yes"
-USE_SQL="yes"
-USE_MEDIATION="yes"
-USE_OPENSSL="yes"
-USE_BLOWFISH="yes"
-USE_KERNEL_PFKEY="yes"
-USE_INTEGRITY_TEST="yes"
-USE_LEAK_DETECTIVE="yes"
-USE_LOAD_TESTER="yes"
-USE_TEST_VECTORS="yes"
-USE_GCRYPT="yes"
-USE_SOCKET_DEFAULT="yes"
-USE_SOCKET_DYNAMIC="yes"
-USE_DHCP="yes"
-USE_FARP="yes"
-USE_ADDRBLOCK="yes"
-USE_CTR="yes"
-USE_CCM="yes"
-USE_GCM="yes"
-USE_CMAC="yes"
-USE_HA="yes"
-USE_AF_ALG="yes"
-USE_WHITELIST="yes"
-USE_XAUTH_GENERIC="yes"
-USE_XAUTH_EAP="yes"
-USE_PKCS8="yes"
-USE_IFMAP="no"
-USE_CISCO_QUIRKS="no"
-USE_UNITY="yes"
-
 # Amount of Memory to use per UML [MB].
 # If "auto" is stated 1/12 of total host ram will be used.
 # Examples: MEM=64, MEM="128", MEM="auto"
@@ -111,6 +51,7 @@ ROOTFSARCH=amd64
 ROOTFS=$BUILDDIR/debian-$ROOTFSSUITE-$ROOTFSARCH.img
 ROOTFSMIRROR=http://cdn.debian.net/debian
 ROOTFSPW=root
+ROOTFSCOMPILEDIR=$BUILDDIR/compile
 
 # Filename of the built UML Kernel
 UMLKERNEL=$BUILDDIR/linux-uml-$KERNELVERSION