From: Reto Buerki <reet@codelabs.ch>
Date: Wed, 21 Nov 2012 17:08:24 +0000 (+0100)
Subject: Factor out building of strongswan into own Makefile
X-Git-Tag: 5.0.2rc1~1^2~104
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e61ce6ee022bf1517e79e2d29a9b2e93ae3342b0;p=thirdparty%2Fstrongswan.git

Factor out building of strongswan into own Makefile

Small Makefiles (recipes) are used to install software from source into
the root UML image.
---

diff --git a/testing/scripts/build-umlrootfs b/testing/scripts/build-umlrootfs
index 647c929ea8..2633f1b28e 100755
--- a/testing/scripts/build-umlrootfs
+++ b/testing/scripts/build-umlrootfs
@@ -22,22 +22,10 @@ source $DIR/function.sh
 
 source $DIR/../testing.conf
 
-STRONGSWANVERSION=`basename $STRONGSWAN .tar.bz2`
-
-cecho-n " * Looking for strongSwan at '$STRONGSWAN'.."
-if [ -f "$STRONGSWAN" ]
-then
-    cecho "found it"
-    cecho " * strongSwan version is '$STRONGSWANVERSION'"
-else
-    cecho "none"
-    exit
-fi
-
 cecho-n " * Looking for root image at '$ROOTFS'.."
 if [ -f "$ROOTFS" ]
 then
-    cecho "found it"
+    cgecho "found it"
 else
     cecho "none"
     exit
@@ -68,20 +56,9 @@ BASE=$BUILDDIR/base.img
 cecho-n " * Mounting base image $BASE.."
 cp $ROOTFS $BASE
 mount -o loop $BASE $LOOPDIR >> $LOGFILE 2>&1
+mount -t proc none $LOOPDIR/proc >> $LOGFILE 2>&1
 cgecho "done"
 
-######################################################
-# remove /etc/resolv.conf
-#
-cecho " * Removing /etc/resolv.conf"
-rm -f $LOOPDIR/etc/resolv.conf
-
-#####################################################
-# extracting strongSwan into the root filesystem
-#
-cecho " * Extracting strongSwan into the root filesystem"
-tar xjf $STRONGSWAN -C $LOOPDIR/root >> $LOGFILE 2>&1
-
 ######################################################
 # setting up mountpoint for shared source tree
 #
@@ -93,306 +70,35 @@ if [ "${SHAREDTREE+set}" = "set" ]; then
 fi
 
 ######################################################
-# installing strongSwan and setting the local timezone
+# install software from source using 'recipes'
 #
+mkdir -p $ROOTFSCOMPILEDIR
+cecho " * Mounting $ROOTFSCOMPILEDIR as /root/compile.."
+mkdir -p $LOOPDIR/root/compile
+mount -o bind $ROOTFSCOMPILEDIR $LOOPDIR/root/compile >> $LOGFILE 2>&1
+
+cecho " * Installing software from source.."
+RECPDIR=$UMLTESTDIR/testing/scripts/recipes
+RECIPES=`ls $RECPDIR/*.mk | xargs -n1 basename`
+for r in $RECIPES
+do
+	cecho-n "   - $r.."
+	cp $RECPDIR/$r ${LOOPDIR}/root/compile
+	chroot ${LOOPDIR} make -C /root/compile -f $r >>$LOGFILE 2>&1
+	if [ $? != 0 ]; then
+		cecho "failed"
+	else
+		cgecho "done"
+	fi
+done
 
-INSTALLSHELL=${LOOPDIR}/install.sh
-
-cecho " * Preparing strongSwan installation script"
-echo "ln -sf /usr/share/zoneinfo/${TZUML} /etc/localtime" >> $INSTALLSHELL
-
-echo "cd /root/${STRONGSWANVERSION}" >> $INSTALLSHELL
-echo -n "./configure --sysconfdir=/etc" >> $INSTALLSHELL
-echo -n " --with-random-device=/dev/urandom" >> $INSTALLSHELL
-echo -n " --disable-load-warning" >> $INSTALLSHELL
-
-if [ "$USE_LIBCURL" = "yes" ]
-then
-    echo -n " --enable-curl" >> $INSTALLSHELL
-fi
-
-if [ "$USE_LDAP" = "yes" ]
-then
-    echo -n " --enable-ldap" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_AKA" = "yes" ]
-then
-    echo -n " --enable-eap-aka" >> $INSTALLSHELL
-    echo -n " --enable-eap-aka-3gpp2" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_SIM" = "yes" ]
-then
-    echo -n " --enable-eap-sim" >> $INSTALLSHELL
-    echo -n " --enable-eap-sim-file" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_MD5" = "yes" ]
-then
-    echo -n " --enable-eap-md5" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_MSCHAPV2" = "yes" ]
-then
-    echo -n " --enable-md4" >> $INSTALLSHELL
-    echo -n " --enable-eap-mschapv2" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_IDENTITY" = "yes" ]
-then
-    echo -n " --enable-eap-identity" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_RADIUS" = "yes" ]
-then
-    echo -n " --enable-eap-radius" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_DYNAMIC" = "yes" ]
-then
-    echo -n " --enable-eap-dynamic" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_TLS" = "yes" ]
-then
-    echo -n " --enable-eap-tls" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_TTLS" = "yes" ]
-then
-    echo -n " --enable-eap-ttls" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_PEAP" = "yes" ]
-then
-    echo -n " --enable-eap-peap" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_TNC" = "yes" ]
-then
-    echo -n " --enable-eap-tnc" >> $INSTALLSHELL
-fi
-
-if [ "$USE_TNC_PDP" = "yes" ]
-then
-    echo -n " --enable-tnc-pdp" >> $INSTALLSHELL
-fi
-
-if [ "$USE_TNC_IMC" = "yes" ]
-then
-    echo -n " --enable-tnc-imc" >> $INSTALLSHELL
-fi
-
-if [ "$USE_TNC_IMV" = "yes" ]
-then
-    echo -n " --enable-tnc-imv" >> $INSTALLSHELL
-fi
-
-if [ "$USE_TNCCS_11" = "yes" ]
-then
-    echo -n " --enable-tnccs-11" >> $INSTALLSHELL
-fi
-
-if [ "$USE_TNCCS_20" = "yes" ]
-then
-    echo -n " --enable-tnccs-20" >> $INSTALLSHELL
-fi
-
-if [ "$USE_TNCCS_DYNAMIC" = "yes" ]
-then
-    echo -n " --enable-tnccs-dynamic" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMC_TEST" = "yes" ]
-then
-    echo -n " --enable-imc-test" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMV_TEST" = "yes" ]
-then
-    echo -n " --enable-imv-test" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMC_SCANNER" = "yes" ]
-then
-    echo -n " --enable-imc-scanner" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMV_SCANNER" = "yes" ]
-then
-    echo -n " --enable-imv-scanner" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMC_OS" = "yes" ]
-then
-    echo -n " --enable-imc-os" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMV_OS" = "yes" ]
-then
-    echo -n " --enable-imv-os" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMC_ATTESTATION" = "yes" ]
-then
-    echo -n " --enable-imc-attestation" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMV_ATTESTATION" = "yes" ]
-then
-    echo -n " --enable-imv-attestation" >> $INSTALLSHELL
-fi
-
-if [ "$USE_SQL" = "yes" ]
-then
-    echo -n " --enable-sql --enable-sqlite" >> $INSTALLSHELL
-    fi
-
-if [ "$USE_MEDIATION" = "yes" ]
-then
-    echo -n " --enable-mediation" >> $INSTALLSHELL
-fi
-
-if [ "$USE_OPENSSL" = "yes" ]
-then
-    echo -n " --enable-openssl" >> $INSTALLSHELL
-fi
-
-if [ "$USE_BLOWFISH" = "yes" ]
-then
-    echo -n " --enable-blowfish" >> $INSTALLSHELL
-fi
-
-if [ "$USE_KERNEL_PFKEY" = "yes" ]
-then
-    echo -n " --enable-kernel-pfkey" >> $INSTALLSHELL
-fi
-
-if [ "$USE_INTEGRITY_TEST" = "yes" ]
-then
-    echo -n " --enable-integrity-test" >> $INSTALLSHELL
-fi
-
-if [ "$USE_LEAK_DETECTIVE" = "yes" ]
-then
-    echo -n " --enable-leak-detective" >> $INSTALLSHELL
-fi
-
-if [ "$USE_LOAD_TESTER" = "yes" ]
-then
-    echo -n " --enable-load-tester" >> $INSTALLSHELL
-fi
-
-if [ "$USE_TEST_VECTORS" = "yes" ]
-then
-    echo -n " --enable-test-vectors" >> $INSTALLSHELL
-fi
-
-if [ "$USE_GCRYPT" = "yes" ]
-then
-    echo -n " --enable-gcrypt" >> $INSTALLSHELL
-fi
-
-if [ "$USE_SOCKET_DEFAULT" = "yes" ]
-then
-    echo -n " --enable-socket-default" >> $INSTALLSHELL
-fi
-
-if [ "$USE_SOCKET_DYNAMIC" = "yes" ]
-then
-    echo -n " --enable-socket-dynamic" >> $INSTALLSHELL
-fi
-
-if [ "$USE_DHCP" = "yes" ]
-then
-    echo -n " --enable-dhcp" >> $INSTALLSHELL
-fi
-
-if [ "$USE_FARP" = "yes" ]
-then
-    echo -n " --enable-farp" >> $INSTALLSHELL
-fi
-
-if [ "$USE_ADDRBLOCK" = "yes" ]
-then
-    echo -n " --enable-addrblock" >> $INSTALLSHELL
-fi
-
-if [ "$USE_CTR" = "yes" ]
-then
-    echo -n " --enable-ctr" >> $INSTALLSHELL
-fi
-
-if [ "$USE_CCM" = "yes" ]
-then
-    echo -n " --enable-ccm" >> $INSTALLSHELL
-fi
-
-if [ "$USE_GCM" = "yes" ]
-then
-    echo -n " --enable-gcm" >> $INSTALLSHELL
-fi
-
-if [ "$USE_CMAC" = "yes" ]
-then
-    echo -n " --enable-cmac" >> $INSTALLSHELL
-fi
-
-if [ "$USE_HA" = "yes" ]
-then
-    echo -n " --enable-ha" >> $INSTALLSHELL
-fi
-
-if [ "$USE_AF_ALG" = "yes" ]
-then
-    echo -n " --enable-af-alg" >> $INSTALLSHELL
-fi
-
-if [ "$USE_WHITELIST" = "yes" ]
-then
-    echo -n " --enable-whitelist" >> $INSTALLSHELL
-fi
-
-if [ "$USE_XAUTH_GENERIC" = "yes" ]
-then
-    echo -n " --enable-xauth-generic" >> $INSTALLSHELL
-fi
-
-if [ "$USE_XAUTH_EAP" = "yes" ]
-then
-    echo -n " --enable-xauth-eap" >> $INSTALLSHELL
-fi
-
-if [ "$USE_PKCS8" = "yes" ]
-then
-    echo -n " --enable-pkcs8" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IFMAP" = "yes" ]
-then
-    echo -n " --enable-tnc-ifmap" >> $INSTALLSHELL
-fi
-
-if [ "$USE_CISCO_QUIRKS" = "yes" ]
-then
-    echo -n " --enable-cisco-quirks" >> $INSTALLSHELL
-fi
-
-if [ "$USE_UNITY" = "yes" ]
-then
-    echo -n " --enable-unity" >> $INSTALLSHELL
-fi
-
-echo "" >> $INSTALLSHELL
-echo "make -j5" >> $INSTALLSHELL
-echo "make install" >> $INSTALLSHELL
-echo "ldconfig" >> $INSTALLSHELL
+umount $LOOPDIR/root/compile
 
-cecho-n " * Compiling $STRONGSWANVERSION within the root file system as chroot.."
-chroot $LOOPDIR /bin/bash /install.sh >> $LOGFILE 2>&1
-rm -f $INSTALLSHELL
-cgecho "done"
+######################################################
+# remove /etc/resolv.conf
+#
+cecho " * Removing /etc/resolv.conf"
+rm -f $LOOPDIR/etc/resolv.conf
 
 #####################################
 # preparing ssh for PK authentication
@@ -456,4 +162,5 @@ do
     echo "`cat $LOOPDIR/etc/ssh/ssh_host_rsa_key.pub` root@$host" >> $LOOPDIR/root/.ssh/authorized_keys
 done
 
+umount $LOOPDIR/proc
 umount $LOOPDIR
diff --git a/testing/scripts/recipes/strongswan.mk b/testing/scripts/recipes/strongswan.mk
new file mode 100644
index 0000000000..4b82631126
--- /dev/null
+++ b/testing/scripts/recipes/strongswan.mk
@@ -0,0 +1,87 @@
+#!/usr/bin/make
+
+PV  = 5.0.1
+PKG = strongswan-$(PV)
+TAR = $(PKG).tar.bz2
+SRC = http://download.strongswan.org/$(TAR)
+
+NUM_CPUS := $(shell getconf _NPROCESSORS_ONLN)
+
+CONFIG_OPTS = \
+	--sysconfdir=/etc \
+	--with-random-device=/dev/urandom \
+	--disable-load-warning \
+	--enable-curl \
+	--enable-ldap \
+	--enable-eap-aka \
+	--enable-eap-aka-3gpp2 \
+	--enable-eap-sim \
+	--enable-eap-sim-file \
+	--enable-eap-md5 \
+	--enable-md4 \
+	--enable-eap-mschapv2 \
+	--enable-eap-identity \
+	--enable-eap-radius \
+	--enable-eap-dynamic \
+	--enable-eap-tls \
+	--enable-eap-ttls \
+	--enable-eap-peap \
+	--enable-eap-tnc \
+	--enable-tnc-pdp \
+	--enable-tnc-imc \
+	--enable-tnc-imv \
+	--enable-tnccs-11 \
+	--enable-tnccs-20 \
+	--enable-tnccs-dynamic \
+	--enable-imc-test \
+	--enable-imv-test \
+	--enable-imc-scanner \
+	--enable-imv-scanner \
+	--enable-imc-os \
+	--enable-imv-os \
+	--enable-imc-attestation \
+	--enable-imv-attestation \
+	--enable-sql \
+	--enable-sqlite \
+	--enable-mediation \
+	--enable-openssl \
+	--enable-blowfish \
+	--enable-kernel-pfkey \
+	--enable-integrity-test \
+	--enable-leak-detective \
+	--enable-load-tester \
+	--enable-test-vectors \
+	--enable-gcrypt \
+	--enable-socket-default \
+	--enable-socket-dynamic \
+	--enable-dhcp \
+	--enable-farp \
+	--enable-addrblock \
+	--enable-ctr \
+	--enable-ccm \
+	--enable-gcm \
+	--enable-cmac \
+	--enable-ha \
+	--enable-af-alg \
+	--enable-whitelist \
+	--enable-xauth-generic \
+	--enable-xauth-eap \
+	--enable-pkcs8 \
+	--enable-unity
+
+all: install
+
+$(TAR):
+	wget $(SRC)
+
+$(PKG): $(TAR)
+	tar xfj $(TAR)
+
+configure: $(PKG)
+	cd $(PKG) && ./configure $(CONFIG_OPTS)
+
+build: configure
+	cd $(PKG) && make -j $(NUM_CPUS)
+
+install: build
+	cd $(PKG) && make install
diff --git a/testing/testing.conf b/testing/testing.conf
index 5cdf7b06e9..7a4998bd60 100755
--- a/testing/testing.conf
+++ b/testing/testing.conf
@@ -30,66 +30,6 @@ KERNELCONFIG=$UMLTESTDIR/.config-3.5
 # Bzipped uml patch for kernel
 UMLPATCH=$UMLTESTDIR/ha-3.0.patch.bz2
 
-# Bzipped source of strongSwan
-STRONGSWAN=$UMLTESTDIR/strongswan-5.0.1.tar.bz2
-
-# strongSwan compile options (use "yes" or "no")
-USE_LIBCURL="yes"
-USE_LDAP="yes"
-USE_EAP_AKA="yes"
-USE_EAP_SIM="yes"
-USE_EAP_MD5="yes"
-USE_EAP_MSCHAPV2="yes"
-USE_EAP_IDENTITY="yes"
-USE_EAP_RADIUS="yes"
-USE_EAP_DYNAMIC="yes"
-USE_EAP_TLS="yes"
-USE_EAP_TTLS="yes"
-USE_EAP_PEAP="yes"
-USE_EAP_TNC="yes"
-USE_TNC_PDP="yes"
-USE_TNC_IMC="yes"
-USE_TNC_IMV="yes"
-USE_TNCCS_11="yes"
-USE_TNCCS_20="yes"
-USE_TNCCS_DYNAMIC="yes"
-USE_IMC_TEST="yes"
-USE_IMV_TEST="yes"
-USE_IMC_SCANNER="yes"
-USE_IMV_SCANNER="yes"
-USE_IMC_OS="yes"
-USE_IMV_OS="yes"
-USE_IMC_ATTESTATION="yes"
-USE_IMV_ATTESTATION="yes"
-USE_SQL="yes"
-USE_MEDIATION="yes"
-USE_OPENSSL="yes"
-USE_BLOWFISH="yes"
-USE_KERNEL_PFKEY="yes"
-USE_INTEGRITY_TEST="yes"
-USE_LEAK_DETECTIVE="yes"
-USE_LOAD_TESTER="yes"
-USE_TEST_VECTORS="yes"
-USE_GCRYPT="yes"
-USE_SOCKET_DEFAULT="yes"
-USE_SOCKET_DYNAMIC="yes"
-USE_DHCP="yes"
-USE_FARP="yes"
-USE_ADDRBLOCK="yes"
-USE_CTR="yes"
-USE_CCM="yes"
-USE_GCM="yes"
-USE_CMAC="yes"
-USE_HA="yes"
-USE_AF_ALG="yes"
-USE_WHITELIST="yes"
-USE_XAUTH_GENERIC="yes"
-USE_XAUTH_EAP="yes"
-USE_PKCS8="yes"
-USE_IFMAP="no"
-USE_CISCO_QUIRKS="no"
-USE_UNITY="yes"
-
 # Amount of Memory to use per UML [MB].
 # If "auto" is stated 1/12 of total host ram will be used.
 # Examples: MEM=64, MEM="128", MEM="auto"
@@ -111,6 +51,7 @@ ROOTFSARCH=amd64
 ROOTFS=$BUILDDIR/debian-$ROOTFSSUITE-$ROOTFSARCH.img
 ROOTFSMIRROR=http://cdn.debian.net/debian
 ROOTFSPW=root
+ROOTFSCOMPILEDIR=$BUILDDIR/compile
 
 # Filename of the built UML Kernel
 UMLKERNEL=$BUILDDIR/linux-uml-$KERNELVERSION