aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xtesting/scripts/build-umlrootfs351
-rw-r--r--testing/scripts/recipes/strongswan.mk87
-rwxr-xr-xtesting/testing.conf61
3 files changed, 117 insertions, 382 deletions
diff --git a/testing/scripts/build-umlrootfs b/testing/scripts/build-umlrootfs
index 647c929ea..2633f1b28 100755
--- a/testing/scripts/build-umlrootfs
+++ b/testing/scripts/build-umlrootfs
@@ -22,22 +22,10 @@ source $DIR/function.sh
source $DIR/../testing.conf
-STRONGSWANVERSION=`basename $STRONGSWAN .tar.bz2`
-
-cecho-n " * Looking for strongSwan at '$STRONGSWAN'.."
-if [ -f "$STRONGSWAN" ]
-then
- cecho "found it"
- cecho " * strongSwan version is '$STRONGSWANVERSION'"
-else
- cecho "none"
- exit
-fi
-
cecho-n " * Looking for root image at '$ROOTFS'.."
if [ -f "$ROOTFS" ]
then
- cecho "found it"
+ cgecho "found it"
else
cecho "none"
exit
@@ -68,21 +56,10 @@ BASE=$BUILDDIR/base.img
cecho-n " * Mounting base image $BASE.."
cp $ROOTFS $BASE
mount -o loop $BASE $LOOPDIR >> $LOGFILE 2>&1
+mount -t proc none $LOOPDIR/proc >> $LOGFILE 2>&1
cgecho "done"
######################################################
-# remove /etc/resolv.conf
-#
-cecho " * Removing /etc/resolv.conf"
-rm -f $LOOPDIR/etc/resolv.conf
-
-#####################################################
-# extracting strongSwan into the root filesystem
-#
-cecho " * Extracting strongSwan into the root filesystem"
-tar xjf $STRONGSWAN -C $LOOPDIR/root >> $LOGFILE 2>&1
-
-######################################################
# setting up mountpoint for shared source tree
#
if [ "${SHAREDTREE+set}" = "set" ]; then
@@ -93,306 +70,35 @@ if [ "${SHAREDTREE+set}" = "set" ]; then
fi
######################################################
-# installing strongSwan and setting the local timezone
+# install software from source using 'recipes'
#
+mkdir -p $ROOTFSCOMPILEDIR
+cecho " * Mounting $ROOTFSCOMPILEDIR as /root/compile.."
+mkdir -p $LOOPDIR/root/compile
+mount -o bind $ROOTFSCOMPILEDIR $LOOPDIR/root/compile >> $LOGFILE 2>&1
+
+cecho " * Installing software from source.."
+RECPDIR=$UMLTESTDIR/testing/scripts/recipes
+RECIPES=`ls $RECPDIR/*.mk | xargs -n1 basename`
+for r in $RECIPES
+do
+ cecho-n " - $r.."
+ cp $RECPDIR/$r ${LOOPDIR}/root/compile
+ chroot ${LOOPDIR} make -C /root/compile -f $r >>$LOGFILE 2>&1
+ if [ $? != 0 ]; then
+ cecho "failed"
+ else
+ cgecho "done"
+ fi
+done
-INSTALLSHELL=${LOOPDIR}/install.sh
-
-cecho " * Preparing strongSwan installation script"
-echo "ln -sf /usr/share/zoneinfo/${TZUML} /etc/localtime" >> $INSTALLSHELL
-
-echo "cd /root/${STRONGSWANVERSION}" >> $INSTALLSHELL
-echo -n "./configure --sysconfdir=/etc" >> $INSTALLSHELL
-echo -n " --with-random-device=/dev/urandom" >> $INSTALLSHELL
-echo -n " --disable-load-warning" >> $INSTALLSHELL
-
-if [ "$USE_LIBCURL" = "yes" ]
-then
- echo -n " --enable-curl" >> $INSTALLSHELL
-fi
-
-if [ "$USE_LDAP" = "yes" ]
-then
- echo -n " --enable-ldap" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_AKA" = "yes" ]
-then
- echo -n " --enable-eap-aka" >> $INSTALLSHELL
- echo -n " --enable-eap-aka-3gpp2" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_SIM" = "yes" ]
-then
- echo -n " --enable-eap-sim" >> $INSTALLSHELL
- echo -n " --enable-eap-sim-file" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_MD5" = "yes" ]
-then
- echo -n " --enable-eap-md5" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_MSCHAPV2" = "yes" ]
-then
- echo -n " --enable-md4" >> $INSTALLSHELL
- echo -n " --enable-eap-mschapv2" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_IDENTITY" = "yes" ]
-then
- echo -n " --enable-eap-identity" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_RADIUS" = "yes" ]
-then
- echo -n " --enable-eap-radius" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_DYNAMIC" = "yes" ]
-then
- echo -n " --enable-eap-dynamic" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_TLS" = "yes" ]
-then
- echo -n " --enable-eap-tls" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_TTLS" = "yes" ]
-then
- echo -n " --enable-eap-ttls" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_PEAP" = "yes" ]
-then
- echo -n " --enable-eap-peap" >> $INSTALLSHELL
-fi
-
-if [ "$USE_EAP_TNC" = "yes" ]
-then
- echo -n " --enable-eap-tnc" >> $INSTALLSHELL
-fi
-
-if [ "$USE_TNC_PDP" = "yes" ]
-then
- echo -n " --enable-tnc-pdp" >> $INSTALLSHELL
-fi
-
-if [ "$USE_TNC_IMC" = "yes" ]
-then
- echo -n " --enable-tnc-imc" >> $INSTALLSHELL
-fi
-
-if [ "$USE_TNC_IMV" = "yes" ]
-then
- echo -n " --enable-tnc-imv" >> $INSTALLSHELL
-fi
-
-if [ "$USE_TNCCS_11" = "yes" ]
-then
- echo -n " --enable-tnccs-11" >> $INSTALLSHELL
-fi
-
-if [ "$USE_TNCCS_20" = "yes" ]
-then
- echo -n " --enable-tnccs-20" >> $INSTALLSHELL
-fi
-
-if [ "$USE_TNCCS_DYNAMIC" = "yes" ]
-then
- echo -n " --enable-tnccs-dynamic" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMC_TEST" = "yes" ]
-then
- echo -n " --enable-imc-test" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMV_TEST" = "yes" ]
-then
- echo -n " --enable-imv-test" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMC_SCANNER" = "yes" ]
-then
- echo -n " --enable-imc-scanner" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMV_SCANNER" = "yes" ]
-then
- echo -n " --enable-imv-scanner" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMC_OS" = "yes" ]
-then
- echo -n " --enable-imc-os" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMV_OS" = "yes" ]
-then
- echo -n " --enable-imv-os" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMC_ATTESTATION" = "yes" ]
-then
- echo -n " --enable-imc-attestation" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IMV_ATTESTATION" = "yes" ]
-then
- echo -n " --enable-imv-attestation" >> $INSTALLSHELL
-fi
-
-if [ "$USE_SQL" = "yes" ]
-then
- echo -n " --enable-sql --enable-sqlite" >> $INSTALLSHELL
- fi
-
-if [ "$USE_MEDIATION" = "yes" ]
-then
- echo -n " --enable-mediation" >> $INSTALLSHELL
-fi
-
-if [ "$USE_OPENSSL" = "yes" ]
-then
- echo -n " --enable-openssl" >> $INSTALLSHELL
-fi
-
-if [ "$USE_BLOWFISH" = "yes" ]
-then
- echo -n " --enable-blowfish" >> $INSTALLSHELL
-fi
-
-if [ "$USE_KERNEL_PFKEY" = "yes" ]
-then
- echo -n " --enable-kernel-pfkey" >> $INSTALLSHELL
-fi
-
-if [ "$USE_INTEGRITY_TEST" = "yes" ]
-then
- echo -n " --enable-integrity-test" >> $INSTALLSHELL
-fi
-
-if [ "$USE_LEAK_DETECTIVE" = "yes" ]
-then
- echo -n " --enable-leak-detective" >> $INSTALLSHELL
-fi
-
-if [ "$USE_LOAD_TESTER" = "yes" ]
-then
- echo -n " --enable-load-tester" >> $INSTALLSHELL
-fi
-
-if [ "$USE_TEST_VECTORS" = "yes" ]
-then
- echo -n " --enable-test-vectors" >> $INSTALLSHELL
-fi
-
-if [ "$USE_GCRYPT" = "yes" ]
-then
- echo -n " --enable-gcrypt" >> $INSTALLSHELL
-fi
-
-if [ "$USE_SOCKET_DEFAULT" = "yes" ]
-then
- echo -n " --enable-socket-default" >> $INSTALLSHELL
-fi
-
-if [ "$USE_SOCKET_DYNAMIC" = "yes" ]
-then
- echo -n " --enable-socket-dynamic" >> $INSTALLSHELL
-fi
-
-if [ "$USE_DHCP" = "yes" ]
-then
- echo -n " --enable-dhcp" >> $INSTALLSHELL
-fi
-
-if [ "$USE_FARP" = "yes" ]
-then
- echo -n " --enable-farp" >> $INSTALLSHELL
-fi
-
-if [ "$USE_ADDRBLOCK" = "yes" ]
-then
- echo -n " --enable-addrblock" >> $INSTALLSHELL
-fi
-
-if [ "$USE_CTR" = "yes" ]
-then
- echo -n " --enable-ctr" >> $INSTALLSHELL
-fi
-
-if [ "$USE_CCM" = "yes" ]
-then
- echo -n " --enable-ccm" >> $INSTALLSHELL
-fi
-
-if [ "$USE_GCM" = "yes" ]
-then
- echo -n " --enable-gcm" >> $INSTALLSHELL
-fi
-
-if [ "$USE_CMAC" = "yes" ]
-then
- echo -n " --enable-cmac" >> $INSTALLSHELL
-fi
-
-if [ "$USE_HA" = "yes" ]
-then
- echo -n " --enable-ha" >> $INSTALLSHELL
-fi
-
-if [ "$USE_AF_ALG" = "yes" ]
-then
- echo -n " --enable-af-alg" >> $INSTALLSHELL
-fi
-
-if [ "$USE_WHITELIST" = "yes" ]
-then
- echo -n " --enable-whitelist" >> $INSTALLSHELL
-fi
-
-if [ "$USE_XAUTH_GENERIC" = "yes" ]
-then
- echo -n " --enable-xauth-generic" >> $INSTALLSHELL
-fi
-
-if [ "$USE_XAUTH_EAP" = "yes" ]
-then
- echo -n " --enable-xauth-eap" >> $INSTALLSHELL
-fi
-
-if [ "$USE_PKCS8" = "yes" ]
-then
- echo -n " --enable-pkcs8" >> $INSTALLSHELL
-fi
-
-if [ "$USE_IFMAP" = "yes" ]
-then
- echo -n " --enable-tnc-ifmap" >> $INSTALLSHELL
-fi
-
-if [ "$USE_CISCO_QUIRKS" = "yes" ]
-then
- echo -n " --enable-cisco-quirks" >> $INSTALLSHELL
-fi
-
-if [ "$USE_UNITY" = "yes" ]
-then
- echo -n " --enable-unity" >> $INSTALLSHELL
-fi
-
-echo "" >> $INSTALLSHELL
-echo "make -j5" >> $INSTALLSHELL
-echo "make install" >> $INSTALLSHELL
-echo "ldconfig" >> $INSTALLSHELL
+umount $LOOPDIR/root/compile
-cecho-n " * Compiling $STRONGSWANVERSION within the root file system as chroot.."
-chroot $LOOPDIR /bin/bash /install.sh >> $LOGFILE 2>&1
-rm -f $INSTALLSHELL
-cgecho "done"
+######################################################
+# remove /etc/resolv.conf
+#
+cecho " * Removing /etc/resolv.conf"
+rm -f $LOOPDIR/etc/resolv.conf
#####################################
# preparing ssh for PK authentication
@@ -456,4 +162,5 @@ do
echo "`cat $LOOPDIR/etc/ssh/ssh_host_rsa_key.pub` root@$host" >> $LOOPDIR/root/.ssh/authorized_keys
done
+umount $LOOPDIR/proc
umount $LOOPDIR
diff --git a/testing/scripts/recipes/strongswan.mk b/testing/scripts/recipes/strongswan.mk
new file mode 100644
index 000000000..4b8263112
--- /dev/null
+++ b/testing/scripts/recipes/strongswan.mk
@@ -0,0 +1,87 @@
+#!/usr/bin/make
+
+PV = 5.0.1
+PKG = strongswan-$(PV)
+TAR = $(PKG).tar.bz2
+SRC = http://download.strongswan.org/$(TAR)
+
+NUM_CPUS := $(shell getconf _NPROCESSORS_ONLN)
+
+CONFIG_OPTS = \
+ --sysconfdir=/etc \
+ --with-random-device=/dev/urandom \
+ --disable-load-warning \
+ --enable-curl \
+ --enable-ldap \
+ --enable-eap-aka \
+ --enable-eap-aka-3gpp2 \
+ --enable-eap-sim \
+ --enable-eap-sim-file \
+ --enable-eap-md5 \
+ --enable-md4 \
+ --enable-eap-mschapv2 \
+ --enable-eap-identity \
+ --enable-eap-radius \
+ --enable-eap-dynamic \
+ --enable-eap-tls \
+ --enable-eap-ttls \
+ --enable-eap-peap \
+ --enable-eap-tnc \
+ --enable-tnc-pdp \
+ --enable-tnc-imc \
+ --enable-tnc-imv \
+ --enable-tnccs-11 \
+ --enable-tnccs-20 \
+ --enable-tnccs-dynamic \
+ --enable-imc-test \
+ --enable-imv-test \
+ --enable-imc-scanner \
+ --enable-imv-scanner \
+ --enable-imc-os \
+ --enable-imv-os \
+ --enable-imc-attestation \
+ --enable-imv-attestation \
+ --enable-sql \
+ --enable-sqlite \
+ --enable-mediation \
+ --enable-openssl \
+ --enable-blowfish \
+ --enable-kernel-pfkey \
+ --enable-integrity-test \
+ --enable-leak-detective \
+ --enable-load-tester \
+ --enable-test-vectors \
+ --enable-gcrypt \
+ --enable-socket-default \
+ --enable-socket-dynamic \
+ --enable-dhcp \
+ --enable-farp \
+ --enable-addrblock \
+ --enable-ctr \
+ --enable-ccm \
+ --enable-gcm \
+ --enable-cmac \
+ --enable-ha \
+ --enable-af-alg \
+ --enable-whitelist \
+ --enable-xauth-generic \
+ --enable-xauth-eap \
+ --enable-pkcs8 \
+ --enable-unity
+
+all: install
+
+$(TAR):
+ wget $(SRC)
+
+$(PKG): $(TAR)
+ tar xfj $(TAR)
+
+configure: $(PKG)
+ cd $(PKG) && ./configure $(CONFIG_OPTS)
+
+build: configure
+ cd $(PKG) && make -j $(NUM_CPUS)
+
+install: build
+ cd $(PKG) && make install
diff --git a/testing/testing.conf b/testing/testing.conf
index 5cdf7b06e..7a4998bd6 100755
--- a/testing/testing.conf
+++ b/testing/testing.conf
@@ -30,66 +30,6 @@ KERNELCONFIG=$UMLTESTDIR/.config-3.5
# Bzipped uml patch for kernel
UMLPATCH=$UMLTESTDIR/ha-3.0.patch.bz2
-# Bzipped source of strongSwan
-STRONGSWAN=$UMLTESTDIR/strongswan-5.0.1.tar.bz2
-
-# strongSwan compile options (use "yes" or "no")
-USE_LIBCURL="yes"
-USE_LDAP="yes"
-USE_EAP_AKA="yes"
-USE_EAP_SIM="yes"
-USE_EAP_MD5="yes"
-USE_EAP_MSCHAPV2="yes"
-USE_EAP_IDENTITY="yes"
-USE_EAP_RADIUS="yes"
-USE_EAP_DYNAMIC="yes"
-USE_EAP_TLS="yes"
-USE_EAP_TTLS="yes"
-USE_EAP_PEAP="yes"
-USE_EAP_TNC="yes"
-USE_TNC_PDP="yes"
-USE_TNC_IMC="yes"
-USE_TNC_IMV="yes"
-USE_TNCCS_11="yes"
-USE_TNCCS_20="yes"
-USE_TNCCS_DYNAMIC="yes"
-USE_IMC_TEST="yes"
-USE_IMV_TEST="yes"
-USE_IMC_SCANNER="yes"
-USE_IMV_SCANNER="yes"
-USE_IMC_OS="yes"
-USE_IMV_OS="yes"
-USE_IMC_ATTESTATION="yes"
-USE_IMV_ATTESTATION="yes"
-USE_SQL="yes"
-USE_MEDIATION="yes"
-USE_OPENSSL="yes"
-USE_BLOWFISH="yes"
-USE_KERNEL_PFKEY="yes"
-USE_INTEGRITY_TEST="yes"
-USE_LEAK_DETECTIVE="yes"
-USE_LOAD_TESTER="yes"
-USE_TEST_VECTORS="yes"
-USE_GCRYPT="yes"
-USE_SOCKET_DEFAULT="yes"
-USE_SOCKET_DYNAMIC="yes"
-USE_DHCP="yes"
-USE_FARP="yes"
-USE_ADDRBLOCK="yes"
-USE_CTR="yes"
-USE_CCM="yes"
-USE_GCM="yes"
-USE_CMAC="yes"
-USE_HA="yes"
-USE_AF_ALG="yes"
-USE_WHITELIST="yes"
-USE_XAUTH_GENERIC="yes"
-USE_XAUTH_EAP="yes"
-USE_PKCS8="yes"
-USE_IFMAP="no"
-USE_CISCO_QUIRKS="no"
-USE_UNITY="yes"
-
# Amount of Memory to use per UML [MB].
# If "auto" is stated 1/12 of total host ram will be used.
# Examples: MEM=64, MEM="128", MEM="auto"
@@ -111,6 +51,7 @@ ROOTFSARCH=amd64
ROOTFS=$BUILDDIR/debian-$ROOTFSSUITE-$ROOTFSARCH.img
ROOTFSMIRROR=http://cdn.debian.net/debian
ROOTFSPW=root
+ROOTFSCOMPILEDIR=$BUILDDIR/compile
# Filename of the built UML Kernel
UMLKERNEL=$BUILDDIR/linux-uml-$KERNELVERSION
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-20 06:27:55 +0000