AC_PREREQ(2.63)
-AC_INIT([trust_router],[2.1.1],
+AC_INIT([trust_router],[3.0.0],
[bugs@project-moonshot.org])
AC_CONFIG_MACRO_DIR(m4)
AC_CONFIG_AUX_DIR(build-aux)
--- /dev/null
+# see git-dpm(1) from git-dpm package
+f159988592bd2db0f7ef6662a9117af6b82b23ff
+f159988592bd2db0f7ef6662a9117af6b82b23ff
+bbf497cdf42f068cae597f3a38e2d2400470119b
+bbf497cdf42f068cae597f3a38e2d2400470119b
+moonshot-trust-router_1.4.1.orig.tar.gz
+a8c6fb6b6f9cfd2bcec95a9433723147d24a48ba
+371621
--- /dev/null
+The Debian Package moonshot-trust-router
+----------------------------
+
+Comments regarding the Package
+
+ -- Sam Hartman <hartmans@debian.org> Wed, 05 Dec 2012 14:24:54 -0500
--- /dev/null
+* Service files and possibly init scripts for trust_router and tids (tids already has service file)
+
+Sadly, the code in its current state really works a lot better with
+journald than another logging approach, so there's a huge advantage to
+using systemd.
+
+* Include pointers to what we have for current documentation.
--- /dev/null
+moonshot-trust-router (3.0.0-1) unstable; urgency=medium
+
+ * New upstream release
+ * Support full TID and TRP filtering
+ * Add --version option
+
+ -- Jennifer Richards <jennifer@painless-security.com> Thu, 06 Jun 2017 12:22:37 -0400
+
+moonshot-trust-router (2.1.1-1) unstable; urgency=medium
+
+ * New upstream release
+ * Support community information flooding
+ * Support support multiple AAA servers for an IdP
+ * Support IPv6 addressing
+
+ -- Jennifer Richards <jennifer@painless-security.com> Thu, 26 Jan 2017 18:00:00 -0400
+
+moonshot-trust-router (2.0-1) UNRELEASED; urgency=low
+
+ * New upstream release
+ * Support dynamic trust route peering, flooding, and discovery
+ * Support TID request routing
+ * New configuration file format
+
+ -- Jennifer Richards <jennifer@painless-security.com> Tue, 20 Sep 2016 14:57:24 -0400
+
+moonshot-trust-router (1.5.1~2) unstable; urgency=medium
+
+ * Fix insert statement
+
+ -- Sam Hartman <hartmans@debian.org> Wed, 25 Mar 2015 21:20:54 -0400
+
+moonshot-trust-router (1.5.1~1) unstable; urgency=medium
+
+ * New Upstream version to fix key expiration schema/view
+
+ -- Sam Hartman <hartmans@debian.org> Wed, 25 Mar 2015 14:30:01 -0400
+
+moonshot-trust-router (1.5~4) unstable; urgency=medium
+
+ * Fix versioning because we want to fix the gss_delete_sec_context for wheezy
+ * Move logging section to tr_internal
+
+ -- Sam Hartman <hartmans@debian.org> Tue, 17 Mar 2015 15:20:21 -0400
+
+moonshot-trust-router (1.5~3) unstable; urgency=medium
+
+ * Pull in expiration fix
+ * Depend on sufficiently new moonshot-gss-eap to avoid
+ delete_sec_context problem
+
+ -- Sam Hartman <hartmans@debian.org> Tue, 17 Mar 2015 12:27:57 -0400
+
+moonshot-trust-router (1.5~2) UNRELEASED; urgency=medium
+
+ * Fix comparison operator
+
+ -- Sam Hartman <hartmans@debian.org> Fri, 13 Mar 2015 16:23:37 -0400
+
+moonshot-trust-router (1.5~1) unstable; urgency=medium
+
+ * New Upstream Release
+ * Support Key expiration and logging
+
+ -- Sam Hartman <hartmans@debian.org> Wed, 11 Mar 2015 10:52:39 -0400
+
+moonshot-trust-router (1.4.1-2) unstable; urgency=medium
+
+ * Print default realm from Config (LP: #1386654)
+
+ -- Sam Hartman <hartmans@debian.org> Tue, 04 Nov 2014 15:50:04 -0500
+
+moonshot-trust-router (1.4.1-1) unstable; urgency=medium
+
+ * New upstream version
+ * Fix major bug in handling of community lookups when defaulting is
+ not used.
+
+ -- Sam Hartman <hartmans@debian.org> Tue, 07 Oct 2014 07:19:13 -0400
+
+moonshot-trust-router (1.4-9) unstable; urgency=medium
+
+ * Fix lintian errors:
+ - Update LSB header for tids init script
+ - Make tids wrapper executable
+ - Override things lintian gets wrong
+
+ -- Sam Hartman <hartmans@debian.org> Fri, 03 Oct 2014 16:22:31 -0400
+
+moonshot-trust-router (1.4-8) unstable; urgency=medium
+
+ * Fix umask of database
+
+ -- Sam Hartman <hartmans@debian.org> Fri, 03 Oct 2014 11:15:57 -0400
+
+moonshot-trust-router (1.4-7) unstable; urgency=medium
+
+ * Remove debugging and fix postinst script to work when SHELL is not set.
+
+ -- Sam Hartman <hartmans@debian.org> Fri, 03 Oct 2014 10:20:15 -0400
+
+moonshot-trust-router (1.4-6) unstable; urgency=medium
+
+ * Even more debugging
+
+ -- Sam Hartman <hartmans@debian.org> Thu, 02 Oct 2014 16:44:20 -0400
+
+moonshot-trust-router (1.4-5) unstable; urgency=medium
+
+ * Even more debugging
+
+ -- Sam Hartman <hartmans@debian.org> Thu, 02 Oct 2014 16:01:30 -0400
+
+moonshot-trust-router (1.4-4) unstable; urgency=medium
+
+ * postinst quiet about user creation
+ * tids.init:fix run levels
+ * Add debugging to postinst to try and understand dvd creation bug
+
+ -- Sam Hartman <hartmans@debian.org> Wed, 01 Oct 2014 22:37:46 -0400
+
+moonshot-trust-router (1.4-3) unstable; urgency=medium
+
+ * Create a schema on upgrade or install
+
+ -- Sam Hartman <hartmans@debian.org> Tue, 30 Sep 2014 15:21:43 -0400
+
+moonshot-trust-router (1.4-2) unstable; urgency=medium
+
+ * Update to fix bug in init script, Thanks Stefan
+
+ -- Sam Hartman <hartmans@debian.org> Tue, 30 Sep 2014 14:53:39 -0400
+
+moonshot-trust-router (1.4-1) unstable; urgency=medium
+
+ * New Upstream version
+ * Install tids init script, thanks Stefan Paetow
+
+ -- Sam Hartman <hartmans@debian.org> Fri, 26 Sep 2014 10:45:18 -0400
+
+moonshot-trust-router (1.3.1-1) unstable; urgency=medium
+
+ * New Upstream Version
+ * Initial Debian release, Closes: #759398
+ * Use git dpm and 3.0 quilt source format
+
+ -- Sam Hartman <hartmans@debian.org> Wed, 27 Aug 2014 19:13:23 -0400
+
+moonshot-trust-router (1.3-1) unstable; urgency=medium
+
+ * New upstream version
+
+ -- Sam Hartman <hartmans@debian.org> Tue, 22 Jul 2014 12:05:27 -0400
+
+moonshot-trust-router (1.2-4) unstable; urgency=medium
+
+ * Fix another bug in tids.service
+
+ -- Sam Hartman <hartmans@debian.org> Mon, 26 May 2014 15:43:46 -0400
+
+moonshot-trust-router (1.2-3) unstable; urgency=medium
+
+ * trust_router not trustrouter in tids.service
+
+ -- Sam Hartman <hartmans@debian.org> Wed, 21 May 2014 16:02:15 -0400
+
+moonshot-trust-router (1.2-2) unstable; urgency=medium
+
+ * Include systemd service and schema file
+ * Create trustrouter user on install
+
+ -- Sam Hartman <hartmans@debian.org> Mon, 19 May 2014 20:48:12 -0400
+
+moonshot-trust-router (1.2-1) unstable; urgency=low
+
+ * New upstream version.
+ * Includes constraints, gss-name change and settable port number.
+
+ -- Margaret Wasserman <mrw@painless-security.com> Tue, 18 Mar 2014 18:00:19 -0400
+
+moonshot-trust-router (1.0.1-1) unstable; urgency=low
+
+ * New upstream version
+
+ -- Sam Hartman <hartmans@debian.org> Fri, 20 Dec 2013 15:17:17 -0500
+
+moonshot-trust-router (1.0-2) unstable; urgency=low
+
+ * New release including trustidentity for acceptor
+
+ -- Sam Hartman <hartmans@debian.org> Wed, 20 Nov 2013 08:26:16 -0500
+
+moonshot-trust-router (1.0-1) unstable; urgency=low
+
+ * New upstream version, 1.0 release
+
+ -- Mark Donnelly <mark@mark-VirtualBox.painless-security.com> Thu, 18 Jul 2013 11:00:32 -0400
+
+moonshot-trust-router (0.2+20130506-1) unstable; urgency=low
+
+ * New upstream version, beta release
+
+ -- Margaret Wasserman <mrw@painless-security.com> Mon, 06 May 2013 15:40:43 -0400
+
+moonshot-trust-router (0.1+20130418-1) unstable; urgency=low
+
+ * New upstream version
+ * Includes trust router and working tids
+
+ -- Sam Hartman <hartmans@debian.org> Thu, 18 Apr 2013 11:47:21 -0400
+
+moonshot-trust-router (0.0+20121205) unstable; urgency=low
+
+ * Initial Release.
+
+ -- Sam Hartman <hartmans@debian.org> Wed, 05 Dec 2012 14:24:54 -0500
--- /dev/null
+Source: moonshot-trust-router
+Section: net
+Priority: extra
+Maintainer: Sam Hartman <hartmans@debian.org>
+Build-Depends: debhelper (>= 9), autotools-dev, automake, autoconf, libtool, libjansson-dev, libkrb5-dev (>= 1.10~), dh-autoreconf, libssl-dev, libsqlite3-dev, libtalloc-dev, libglib2.0-dev, libevent-dev
+Standards-Version: 3.9.5
+Homepage: http://www.project-moonshot.org/
+Vcs-Git: git://git.project-moonshot.org/trust_router.git
+
+Package: moonshot-trust-router
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}, moonshot-gss-eap (>= 0.9.2-3+deb8u1), adduser, sqlite3
+Description: Moonshot Trust Router
+ Moonshot allows services using GSS-API applications to gain federated
+ access to identities provided by other organizations. Moonshot uses
+ EAP and RADIUS over TLS for authentication and federation and SAML
+ for enhanced attribute exchange.
+ .
+ This package provides the trust router and associated commands. The
+ trust router provides authenticated key exchange so that RADIUS
+ proxies in one organization can connect to RADIUS servers (providing
+ identities) in another organization.
+
+Package: moonshot-trust-router-dev
+Section: libdevel
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}, libtr-tid2 (= ${binary:Version})
+Description: Development environment for the Trust Router
+ Moonshot allows services using GSS-API applications to gain federated
+ access to identities provided by other organizations. Moonshot uses
+ EAP and RADIUS over TLS for authentication and federation and SAML
+ for enhanced attribute exchange.
+ .
+ This package provides the trust router development environment. The
+ trust router provides authenticated key exchange so that RADIUS
+ proxies in one organization can connect to RADIUS servers (providing
+ identities) in another organization.
+
+
+Package: libtr-tid2
+Section: libs
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Breaks: moonshot-gss-eap (<< 0.9.2-3+deb8u1)
+Pre-Depends: ${misc:Pre-Depends}
+Multi-Arch: same
+Description: Moonshot Temporary Identity Shared Libraries
+ Moonshot allows services using GSS-API applications to gain federated
+ access to identities provided by other organizations. Moonshot uses
+ EAP and RADIUS over TLS for authentication and federation and SAML
+ for enhanced attribute exchange.
+ .
+ This package provides the trust router's Temporary Identity Protocol
+ client and server library. The trust router provides authenticated
+ key exchange so that RADIUS proxies in one organization can connect
+ to RADIUS servers (providing identities) in another organization.
+
+
+Package: moonshot-trust-router-dbg
+Section: debug
+Architecture: any
+Depends: ${shlibs:Depends}, ${misc:Depends}, moonshot-trust-router (= ${binary:Version}) |libtr-tid2 (= ${binary:Version})
+Description: Trust Router Debugging Symbols
+ This package includes debugging symbols for trust router libraries
+ and binaries.
--- /dev/null
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Source: git://git.project-moonshot.org/trust_router.git
+
+Files: *
+Copyright: 2009-2014 JANET(UK)
+License: BSD-3-clause
+
+Files: gsscon/*
+Copyright: 2012-2014 JANET(UK)
+ 2004-2006 Massachusetts Institute of Technology.
+License: BSD-3-clause and OLD-MIT-KERBEROS
+ Copyright (c) 2012, JANET(UK)
+ All rights reserved.
+ .
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ .
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ .
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ .
+ 3. Neither the name of JANET(UK) nor the names of its contributors
+ may be used to endorse or promote products derived from this software
+ without specific prior written permission.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ OF THE POSSIBILITY OF SUCH DAMAGE.
+ .
+ This code was adapted from the MIT Kerberos Consortium's
+ GSS example code, which was distributed under the following
+ license:
+ Copyright 2004-2006 Massachusetts Institute of Technology.
+ All Rights Reserved.
+ .
+ WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ distribute this software and its documentation for any purpose and
+ without fee is hereby granted, provided that the above copyright
+ notice appear in all copies and that both that copyright notice and
+ this permission notice appear in supporting documentation, and that
+ the name of M.I.T. not be used in advertising or publicity pertaining
+ to distribution of the software without specific, written prior
+ permission. Furthermore if you modify this software you must label
+ your software as modified software and not distribute it in such a
+ fashion that it might be confused with the original M.I.T. software.
+ M.I.T. makes no representations about the suitability of
+ this software for any purpose. It is provided "as is" without express
+ or implied warranty.
+
+
+Files: common/jansson_iterators.h
+Copyright: 2009-2013 Petri Lehtinen <petri@digip.org>
+License: JANSSON
+ Jansson is free software; you can redistribute it and/or modify
+ it under the terms of the MIT license. See LICENSE for details.
+ Copyright (c) 2009-2013 Petri Lehtinen <petri@digip.org>
+ .
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of this software and associated documentation files (the "Software"), to deal
+ in the Software without restriction, including without limitation the rights
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the Software is
+ furnished to do so, subject to the following conditions:
+ .
+ The above copyright notice and this permission notice shall be included in
+ all copies or substantial portions of the Software.
+ .
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ THE SOFTWARE.
+
+
+Files: debian/*
+Copyright: 2012-2014 Sam Hartman <hartmans@debian.org>
+License: BSD-3-clause
+
+License: BSD-3-Clause
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ .
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ .
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ .
+ 3. Neither the name of JANET(UK) nor the names of its contributors
+ may be used to endorse or promote products derived from this software
+ without specific prior written permission.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ OF THE POSSIBILITY OF SUCH DAMAGE.
--- /dev/null
+[DEFAULT]
+pristine-tar=True
+pristine-tar-commit=True
+debian-branch=debian
+debian-tag=debian/%(version)s
+upstream-branch=master
+upstream-tag=v%(version)s
--- /dev/null
+usr/lib/*/*.so.*
--- /dev/null
+libtr_tid.so.2 libtr-tid2 #MINVER#
+ tid_dup_req@Base 1.3
+ tid_req_free@Base 1.3
+ tid_req_get_comm@Base 1.3
+ tid_req_get_conn@Base 1.3
+ tid_req_get_cookie@Base 1.3
+ tid_req_get_gssctx@Base 1.3
+ tid_req_get_next_req@Base 1.3
+ tid_req_get_orig_coi@Base 1.3
+ tid_req_get_realm@Base 1.3
+ tid_req_get_resp_func@Base 1.3
+ tid_req_get_resp_rcvd@Base 1.3
+ tid_req_get_resp_sent@Base 1.3
+ tid_req_get_rp_realm@Base 1.3
+ tid_req_new@Base 1.3
+ tid_resp_get_comm@Base 1.3
+ tid_resp_get_err_msg@Base 1.3
+ tid_resp_get_num_servers@Base 1.3
+ tid_resp_get_orig_coi@Base 1.3
+ tid_resp_get_realm@Base 1.3
+ tid_resp_get_result@Base 1.3
+ tid_resp_get_rp_realm@Base 1.3
+ tid_resp_get_server@Base 1.3
+ tid_srvr_get_address@Base 1.3
+ tid_srvr_get_dh@Base 1.3
+ tid_srvr_get_key_name@Base 1.3
+ tidc_create@Base 1.3
+ tidc_destroy@Base 1.3
+ tidc_fwd_request@Base 1.3
+ tidc_get_dh@Base 1.3
+ tidc_open_connection@Base 1.3
+ tidc_send_request@Base 1.3
+ tidc_set_dh@Base 1.3
+ tids_create@Base 1.3
+ tids_destroy@Base 1.3
+ tids_send_err_response@Base 1.3
+ tids_send_response@Base 1.3
+ tids_start@Base 1.3
+ tr_bin_to_hex@Base 1.3
+ tr_compute_dh_key@Base 1.3
+ tr_constraint_add_to_set@Base 1.3
+ tr_constraint_set_filter@Base 1.3
+ tr_constraint_set_get_match_strings@Base 1.3
+ tr_constraint_set_intersect@Base 1.3
+ tr_constraint_set_validate@Base 1.3
+ tr_create_dh_params@Base 1.3
+ tr_create_matching_dh@Base 1.3
+ tr_destroy_dh_params@Base 1.3
+ tr_dh_free@Base 1.3
+ tr_dh_pub_hash@Base 1.3
+ tr_dup_name@Base 1.3
+ tr_free_name@Base 1.3
+ tr_name_cmp@Base 1.3
+ tr_name_strdup@Base 1.3
+ tr_name_strlcat@Base 1.3
+ tr_new_name@Base 1.3
+ tr_prefix_wildcard_match@Base 1.3
--- /dev/null
+usr/lib/*/*so
+usr/lib/*/*.a
+usr/include
--- /dev/null
+usr/lib/trust_router
--- /dev/null
+usr/bin/tidc
+usr/bin/tids
+usr/bin/trpc
+usr/bin/trust_router
+usr/share/trust_router/*
+lib/systemd/system/*
+
+debian/tids-wrapper usr/lib/trust_router
--- /dev/null
+moonshot-trust-router: binary-without-manpage usr/bin/tidc
+moonshot-trust-router: binary-without-manpage usr/bin/trust_router
+moonshot-trust-router: binary-without-manpage usr/bin/tids
+moonshot-trust-router: script-not-executable usr/share/trust_router/redhat/*
+# No, actually we do test earlier and exit if the default file is not present
+moonshot-trust-router: init.d-script-sourcing-without-test
--- /dev/null
+#!/bin/sh
+
+set -e
+
+# summary of how this script can be called:
+# * <postinst> `configure' <most-recently-configured-version>
+# * <old-postinst> `abort-upgrade' <new version>
+# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
+# <new-version>
+# * <postinst> `abort-remove'
+# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
+# <failed-install-package> <version> `removing'
+# <conflicting-package> <version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+
+case "$1" in
+ configure)
+ if dpkg --compare-versions "$2" lt 1.2-2; then
+ adduser --quiet --system --home /var/lib/trust_router --group --disabled-login trustrouter
+ fi
+ if dpkg --compare-versions "$2" lt-nl 1.5.1 ; then
+ # Schema updated
+ rm -f /var/lib/trust_router/keys
+ fi
+ su -s /bin/sh -c "umask 027&&sqlite3 </usr/share/trust_router/schema.sql /var/lib/trust_router/keys" trustrouter ||true
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
--- /dev/null
+#!/bin/bash
+### BEGIN INIT INFO
+# Provides: tids
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Required-Start: $local_fs $remote_fs $network
+# Required-Stop:local_fs $remote_fs $network
+# Should-Start: freeradius
+# Short-Description: Starts Moonshot TIDS
+# Description: Starts the Moonshot Temporary ID Service
+### END INIT INFO
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+
+. /lib/lsb/init-functions
+
+[ -z "$HOME" ] && export HOME=/
+
+usage() {
+ echo "Usage: $0 {start|stop|status}"
+}
+
+# Load the configuration
+[ -f /etc/default/trust_router ] || exit 0
+. /etc/default/trust_router
+TIDS_PIDDIR=/var/run/trust_router
+TIDS_LOGDIR=/var/log/trust_router
+
+# Create the PID and LOG directories
+[ -d "$TIDS_PIDDIR" ] || mkdir -p $TIDS_PIDDIR && chown $TIDS_USER:$TIDS_GROUP $TIDS_PIDDIR
+[ -d "$TIDS_LOGDIR" ] || mkdir -p $TIDS_LOGDIR && chown $TIDS_USER:$TIDS_GROUP $TIDS_LOGDIR
+
+# Some variables
+prog=/usr/lib/trust_router/tids-wrapper
+PIDFILE="$TIDS_PIDDIR/tids.pid"
+LOGFILE="$TIDS_LOGDIR/tids.log"
+
+# Does the trust router and wrapper exist
+[ -x /usr/bin/tids ] || exit 5
+[ -x $prog ] || exit 5
+
+[ -f "$LOGFILE" ] || touch $LOGFILE && chown $TIDS_USER:$TIDS_GROUP $LOGFILE
+
+OPTIONS="$PIDFILE $LOGFILE $ipaddr $gssname $hostname /var/lib/trust_router/keys"
+
+case $1 in
+ start)
+ if [ -f ${PIDFILE} ] ;
+ then
+ OLD_PID=$(cat "$PIDFILE")
+
+ if [ -d "/proc/$OLD_PID" ] ;
+ then
+ echo "Error: TIDS already running" ; exit 1
+ else
+ rm $PIDFILE
+ fi
+ fi
+
+ timestamp=$(date)
+ echo "$timestamp Starting TIDS..." >> $LOGFILE
+ log_daemon_msg "Starting TIDS" "tids"
+ start-stop-daemon --start --chuid $TIDS_USER --pidfile $PIDFILE --oknodo --startas $prog $OPTIONS
+ status=$?
+ log_end_msg $status
+ ;;
+ stop)
+ timestamp=$(date)
+ echo "$timestamp Stopping TIDS..." >> $LOGFILE
+ log_daemon_msg "Stopping TIDS" "tids"
+ start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE
+ status=$?
+ log_end_msg $status
+ rm -f $PIDFILE
+ ;;
+ status)
+ if [ -f $PIDFILE ] ;
+ then
+ PID=$(cat "$PIDFILE")
+
+ if [ -d "/proc/$PID" ] ;
+ then
+ echo "TIDS is running (pid $PID)"
+ else
+ if [ -e $PIDFILE ] ; then
+ echo "TIDS appears to be dead but its PID file exists"
+ else
+ echo "TIDS appears to be stopped"
+ fi
+ fi
+ else
+ echo "TIDS appears to be stopped"
+ fi
+ exit 0
+ ;;
+ reload | force-reload | condrestart | try-restart)
+ usage
+ exit 3
+ ;;
+ *)
+ usage
+ exit 2
+ ;;
+esac
--- /dev/null
+#!/usr/bin/make -f
+# -*- makefile -*-
+# Sample debian/rules that uses debhelper.
+# This file was originally written by Joey Hess and Craig Small.
+# As a special exception, when this file is copied by dh-make into a
+# dh-make output file, you may use that output file without restriction.
+# This special exception was added by Craig Small in version 0.37 of dh-make.
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+%:
+ dh $@ --with autoreconf --parallel
+
+override_dh_auto_configure:
+ dh_auto_configure -- --with-systemdsystemunitdir=/lib/systemd/system
+
+override_dh_install:
+ chmod a+x debian/tids-wrapper
+ dh_install
+
+override_dh_strip:
+ dh_strip --dbg-package=moonshot-trust-router-dbg
+
+override_dh_installinit:
+ dh_installinit --name tids
--- /dev/null
+3.0 (quilt)
--- /dev/null
+#! /usr/bin/env bash
+
+PIDFILE=$1
+LOGFILE=$2
+shift 2
+
+unset DISPLAY
+/usr/bin/tids $@ >> $LOGFILE 2>&1 &
+BGPID=$!
+RET=$?
+
+echo $BGPID > $PIDFILE
+
+exit $RET
%global optflags %{optflags} -Wno-parentheses
Name: trust_router
-Version: 2.1.1
+Version: 3.0.0
Release: 1%{?dist}
Summary: Moonshot Trust Router