119261079SEd Maste#!/bin/sh 219261079SEd Maste 338a52bd3SEd MastePACKAGES="" 438a52bd3SEd Maste 51323ec57SEd Maste . .github/configs $@ 61323ec57SEd Maste 7535af610SEd Mastehost=`./config.guess` 8535af610SEd Masteecho "config.guess: $host" 9535af610SEd Mastecase "$host" in 1038a52bd3SEd Maste*cygwin) 1138a52bd3SEd Maste PACKAGER=setup 124d3fc8b0SEd Maste echo Setting CYGWIN system environment variable. 1338a52bd3SEd Maste setx CYGWIN "binmode" 144d3fc8b0SEd Maste echo Removing extended ACLs so umask works as expected. 154d3fc8b0SEd Maste setfacl -b . regress 1638a52bd3SEd Maste PACKAGES="$PACKAGES,autoconf,automake,cygwin-devel,gcc-core" 1738a52bd3SEd Maste PACKAGES="$PACKAGES,make,openssl-devel,zlib-devel" 1838a52bd3SEd Maste ;; 1919261079SEd Maste*-darwin*) 2038a52bd3SEd Maste PACKAGER=brew 21069ac184SEd Maste PACKAGES="automake" 2219261079SEd Maste ;; 2338a52bd3SEd Maste*) 2438a52bd3SEd Maste PACKAGER=apt 2519261079SEd Masteesac 2619261079SEd Maste 2719261079SEd MasteTARGETS=$@ 2819261079SEd Maste 2919261079SEd MasteINSTALL_FIDO_PPA="no" 30e9e8876aSEd Masteexport DEBIAN_FRONTEND=noninteractive 3119261079SEd Maste 32069ac184SEd Masteset -e 3319261079SEd Maste 3438a52bd3SEd Masteif [ -x "`which lsb_release 2>&1`" ]; then 3519261079SEd Maste lsb_release -a 3638a52bd3SEd Mastefi 3738a52bd3SEd Maste 38069ac184SEd Masteif [ ! -z "$SUDO" ]; then 3938a52bd3SEd Maste # Ubuntu 22.04 defaults to private home dirs which prevent the 4038a52bd3SEd Maste # agent-getpeerid test from running ssh-add as nobody. See 4138a52bd3SEd Maste # https://github.com/actions/runner-images/issues/6106 42069ac184SEd Maste if ! "$SUDO" -u nobody test -x ~; then 4338a52bd3SEd Maste echo ~ is not executable by nobody, adding perms. 4438a52bd3SEd Maste chmod go+x ~ 4538a52bd3SEd Maste fi 46069ac184SEd Maste # Some of the Mac OS X runners don't have a nopasswd sudo rule. Regular 47069ac184SEd Maste # sudo still works, but sudo -u doesn't. Restore the sudo rule. 48069ac184SEd Maste if ! "$SUDO" grep -E 'runner.*NOPASSWD' /etc/passwd >/dev/null; then 49069ac184SEd Maste echo "Restoring runner nopasswd rule to sudoers." 50069ac184SEd Maste echo 'runner ALL=(ALL) NOPASSWD: ALL' |$SUDO tee -a /etc/sudoers 51069ac184SEd Maste fi 52069ac184SEd Maste if ! "$SUDO" -u nobody -S test -x ~ </dev/null; then 53069ac184SEd Maste echo "Still can't sudo to nobody." 54069ac184SEd Maste exit 1 55069ac184SEd Maste fi 56069ac184SEd Mastefi 5719261079SEd Maste 5819261079SEd Masteif [ "${TARGETS}" = "kitchensink" ]; then 591323ec57SEd Maste TARGETS="krb5 libedit pam sk selinux" 6019261079SEd Mastefi 6119261079SEd Maste 621323ec57SEd Mastefor flag in $CONFIGFLAGS; do 631323ec57SEd Maste case "$flag" in 6438a52bd3SEd Maste --with-pam) TARGETS="${TARGETS} pam" ;; 6538a52bd3SEd Maste --with-libedit) TARGETS="${TARGETS} libedit" ;; 661323ec57SEd Maste esac 671323ec57SEd Mastedone 681323ec57SEd Maste 69069ac184SEd Masteecho "Setting up for '$TARGETS'" 7019261079SEd Mastefor TARGET in $TARGETS; do 7119261079SEd Maste case $TARGET in 7238a52bd3SEd Maste default|without-openssl|without-zlib|c89) 7319261079SEd Maste # nothing to do 7419261079SEd Maste ;; 7538a52bd3SEd Maste clang-sanitize*) 7638a52bd3SEd Maste PACKAGES="$PACKAGES clang-12" 7738a52bd3SEd Maste ;; 7838a52bd3SEd Maste cygwin-release) 7938a52bd3SEd Maste PACKAGES="$PACKAGES libcrypt-devel libfido2-devel libkrb5-devel" 8038a52bd3SEd Maste ;; 8138a52bd3SEd Maste gcc-sanitize*) 8238a52bd3SEd Maste ;; 831323ec57SEd Maste clang-*|gcc-*) 841323ec57SEd Maste compiler=$(echo $TARGET | sed 's/-Werror//') 851323ec57SEd Maste PACKAGES="$PACKAGES $compiler" 861323ec57SEd Maste ;; 871323ec57SEd Maste krb5) 881323ec57SEd Maste PACKAGES="$PACKAGES libkrb5-dev" 891323ec57SEd Maste ;; 901323ec57SEd Maste heimdal) 9119261079SEd Maste PACKAGES="$PACKAGES heimdal-dev" 9219261079SEd Maste ;; 9338a52bd3SEd Maste libedit) 9438a52bd3SEd Maste case "$PACKAGER" in 9538a52bd3SEd Maste setup) PACKAGES="$PACKAGES libedit-devel" ;; 9638a52bd3SEd Maste apt) PACKAGES="$PACKAGES libedit-dev" ;; 9738a52bd3SEd Maste esac 9838a52bd3SEd Maste ;; 9938a52bd3SEd Maste *pam) 100069ac184SEd Maste case "$PACKAGER" in 101069ac184SEd Maste apt) PACKAGES="$PACKAGES libpam0g-dev" ;; 102069ac184SEd Maste esac 10338a52bd3SEd Maste ;; 10419261079SEd Maste sk) 10519261079SEd Maste INSTALL_FIDO_PPA="yes" 10619261079SEd Maste PACKAGES="$PACKAGES libfido2-dev libu2f-host-dev libcbor-dev" 10719261079SEd Maste ;; 10819261079SEd Maste selinux) 10919261079SEd Maste PACKAGES="$PACKAGES libselinux1-dev selinux-policy-dev" 11019261079SEd Maste ;; 11119261079SEd Maste hardenedmalloc) 11219261079SEd Maste INSTALL_HARDENED_MALLOC=yes 11319261079SEd Maste ;; 1141323ec57SEd Maste musl) 1151323ec57SEd Maste PACKAGES="$PACKAGES musl-tools" 1161323ec57SEd Maste ;; 1171323ec57SEd Maste tcmalloc) 1181323ec57SEd Maste PACKAGES="$PACKAGES libgoogle-perftools-dev" 1191323ec57SEd Maste ;; 12019261079SEd Maste openssl-noec) 12119261079SEd Maste INSTALL_OPENSSL=OpenSSL_1_1_1k 12219261079SEd Maste SSLCONFOPTS="no-ec" 12319261079SEd Maste ;; 12419261079SEd Maste openssl-*) 12519261079SEd Maste INSTALL_OPENSSL=$(echo ${TARGET} | cut -f2 -d-) 12619261079SEd Maste case ${INSTALL_OPENSSL} in 127e9e8876aSEd Maste 1.1.1_stable) INSTALL_OPENSSL="OpenSSL_1_1_1-stable" ;; 12819261079SEd Maste 1.*) INSTALL_OPENSSL="OpenSSL_$(echo ${INSTALL_OPENSSL} | tr . _)" ;; 12919261079SEd Maste 3.*) INSTALL_OPENSSL="openssl-${INSTALL_OPENSSL}" ;; 13019261079SEd Maste esac 131069ac184SEd Maste PACKAGES="${PACKAGES} putty-tools dropbear-bin" 13219261079SEd Maste ;; 13319261079SEd Maste libressl-*) 13419261079SEd Maste INSTALL_LIBRESSL=$(echo ${TARGET} | cut -f2 -d-) 13519261079SEd Maste case ${INSTALL_LIBRESSL} in 13619261079SEd Maste master) ;; 13787c1498dSEd Maste *) INSTALL_LIBRESSL="$(echo ${TARGET} | cut -f2 -d-)" ;; 13819261079SEd Maste esac 139069ac184SEd Maste PACKAGES="${PACKAGES} putty-tools dropbear-bin" 14019261079SEd Maste ;; 141535af610SEd Maste boringssl) 142535af610SEd Maste INSTALL_BORINGSSL=1 143535af610SEd Maste PACKAGES="${PACKAGES} cmake ninja-build" 144535af610SEd Maste ;; 145*a91a2465SEd Maste putty-*) 146*a91a2465SEd Maste INSTALL_PUTTY=$(echo "${TARGET}" | cut -f2 -d-) 147*a91a2465SEd Maste PACKAGES="${PACKAGES} cmake" 148*a91a2465SEd Maste ;; 14919261079SEd Maste valgrind*) 15019261079SEd Maste PACKAGES="$PACKAGES valgrind" 15119261079SEd Maste ;; 152edf85781SEd Maste zlib-*) 153edf85781SEd Maste ;; 15419261079SEd Maste *) echo "Invalid option '${TARGET}'" 15519261079SEd Maste exit 1 15619261079SEd Maste ;; 15719261079SEd Maste esac 15819261079SEd Mastedone 15919261079SEd Maste 16019261079SEd Masteif [ "yes" = "$INSTALL_FIDO_PPA" ]; then 16119261079SEd Maste sudo apt update -qq 162e9e8876aSEd Maste sudo apt install -qy software-properties-common 163e9e8876aSEd Maste sudo apt-add-repository -y ppa:yubico/stable 16419261079SEd Mastefi 16519261079SEd Maste 166f374ba41SEd Mastetries=3 167f374ba41SEd Mastewhile [ ! -z "$PACKAGES" ] && [ "$tries" -gt "0" ]; do 16838a52bd3SEd Maste case "$PACKAGER" in 16938a52bd3SEd Maste apt) 17019261079SEd Maste sudo apt update -qq 171f374ba41SEd Maste if sudo apt install -qy $PACKAGES; then 172f374ba41SEd Maste PACKAGES="" 173f374ba41SEd Maste fi 17438a52bd3SEd Maste ;; 175069ac184SEd Maste brew) 176069ac184SEd Maste if [ ! -z "PACKAGES" ]; then 177069ac184SEd Maste if brew install $PACKAGES; then 178069ac184SEd Maste PACKAGES="" 179069ac184SEd Maste fi 180069ac184SEd Maste fi 181069ac184SEd Maste ;; 18238a52bd3SEd Maste setup) 183f374ba41SEd Maste if /cygdrive/c/setup.exe -q -P `echo "$PACKAGES" | tr ' ' ,`; then 184f374ba41SEd Maste PACKAGES="" 185f374ba41SEd Maste fi 18638a52bd3SEd Maste ;; 18738a52bd3SEd Maste esac 188f374ba41SEd Maste if [ ! -z "$PACKAGES" ]; then 189f374ba41SEd Maste sleep 90 190f374ba41SEd Maste fi 191f374ba41SEd Maste tries=$(($tries - 1)) 192f374ba41SEd Mastedone 193f374ba41SEd Masteif [ ! -z "$PACKAGES" ]; then 194f374ba41SEd Maste echo "Package installation failed." 195f374ba41SEd Maste exit 1 19619261079SEd Mastefi 19719261079SEd Maste 19819261079SEd Masteif [ "${INSTALL_HARDENED_MALLOC}" = "yes" ]; then 19919261079SEd Maste (cd ${HOME} && 20019261079SEd Maste git clone https://github.com/GrapheneOS/hardened_malloc.git && 20119261079SEd Maste cd ${HOME}/hardened_malloc && 202069ac184SEd Maste make && sudo cp out/libhardened_malloc.so /usr/lib/) 20319261079SEd Mastefi 20419261079SEd Maste 20519261079SEd Masteif [ ! -z "${INSTALL_OPENSSL}" ]; then 20619261079SEd Maste (cd ${HOME} && 20719261079SEd Maste git clone https://github.com/openssl/openssl.git && 20819261079SEd Maste cd ${HOME}/openssl && 20919261079SEd Maste git checkout ${INSTALL_OPENSSL} && 21019261079SEd Maste ./config no-threads shared ${SSLCONFOPTS} \ 21119261079SEd Maste --prefix=/opt/openssl && 21219261079SEd Maste make && sudo make install_sw) 21319261079SEd Mastefi 21419261079SEd Maste 21519261079SEd Masteif [ ! -z "${INSTALL_LIBRESSL}" ]; then 21687c1498dSEd Maste if [ "${INSTALL_LIBRESSL}" = "master" ]; then 21719261079SEd Maste (mkdir -p ${HOME}/libressl && cd ${HOME}/libressl && 21819261079SEd Maste git clone https://github.com/libressl-portable/portable.git && 21919261079SEd Maste cd ${HOME}/libressl/portable && 22019261079SEd Maste git checkout ${INSTALL_LIBRESSL} && 22119261079SEd Maste sh update.sh && sh autogen.sh && 22219261079SEd Maste ./configure --prefix=/opt/libressl && 223069ac184SEd Maste make && sudo make install) 22487c1498dSEd Maste else 22587c1498dSEd Maste LIBRESSL_URLBASE=https://cdn.openbsd.org/pub/OpenBSD/LibreSSL 22687c1498dSEd Maste (cd ${HOME} && 22787c1498dSEd Maste wget ${LIBRESSL_URLBASE}/libressl-${INSTALL_LIBRESSL}.tar.gz && 22887c1498dSEd Maste tar xfz libressl-${INSTALL_LIBRESSL}.tar.gz && 22987c1498dSEd Maste cd libressl-${INSTALL_LIBRESSL} && 230069ac184SEd Maste ./configure --prefix=/opt/libressl && make && sudo make install) 23187c1498dSEd Maste fi 23219261079SEd Mastefi 233535af610SEd Maste 234535af610SEd Masteif [ ! -z "${INSTALL_BORINGSSL}" ]; then 235535af610SEd Maste (cd ${HOME} && git clone https://boringssl.googlesource.com/boringssl && 236535af610SEd Maste cd ${HOME}/boringssl && mkdir build && cd build && 237535af610SEd Maste cmake -GNinja -DCMAKE_POSITION_INDEPENDENT_CODE=ON .. && ninja && 238535af610SEd Maste mkdir -p /opt/boringssl/lib && 239535af610SEd Maste cp ${HOME}/boringssl/build/crypto/libcrypto.a /opt/boringssl/lib && 240535af610SEd Maste cp -r ${HOME}/boringssl/include /opt/boringssl) 241535af610SEd Mastefi 242edf85781SEd Maste 243edf85781SEd Masteif [ ! -z "${INSTALL_ZLIB}" ]; then 244edf85781SEd Maste (cd ${HOME} && git clone https://github.com/madler/zlib.git && 245edf85781SEd Maste cd ${HOME}/zlib && ./configure && make && 246edf85781SEd Maste sudo make install prefix=/opt/zlib) 247edf85781SEd Mastefi 248*a91a2465SEd Maste 249*a91a2465SEd Masteif [ ! -z "${INSTALL_PUTTY}" ]; then 250*a91a2465SEd Maste ver="${INSTALL_PUTTY}" 251*a91a2465SEd Maste case "${INSTALL_PUTTY}" in 252*a91a2465SEd Maste snapshot) 253*a91a2465SEd Maste tarball=putty.tar.gz 254*a91a2465SEd Maste (cd /tmp && wget https://tartarus.org/~simon/putty-snapshots/${tarball}) 255*a91a2465SEd Maste ;; 256*a91a2465SEd Maste *) 257*a91a2465SEd Maste tarball=putty-${ver}.tar.gz 258*a91a2465SEd Maste (cd /tmp && wget https://the.earth.li/~sgtatham/putty/${ver}/${tarball}) 259*a91a2465SEd Maste ;; 260*a91a2465SEd Maste esac 261*a91a2465SEd Maste (cd ${HOME} && tar xfz /tmp/${tarball} && cd putty-* 262*a91a2465SEd Maste if [ -f CMakeLists.txt ]; then 263*a91a2465SEd Maste cmake . && cmake --build . && sudo cmake --build . --target install 264*a91a2465SEd Maste else 265*a91a2465SEd Maste ./configure && make && sudo make install 266*a91a2465SEd Maste fi 267*a91a2465SEd Maste ) 268*a91a2465SEd Maste /usr/local/bin/plink -V 269*a91a2465SEd Mastefi 270