1#!/bin/sh 2 3PACKAGES="" 4 5 . .github/configs $@ 6 7case "`./config.guess`" in 8*cygwin) 9 PACKAGER=setup 10 echo Setting CYGWIN sustem environment variable. 11 setx CYGWIN "binmode" 12 chmod -R go-rw /cygdrive/d/a 13 umask 077 14 PACKAGES="$PACKAGES,autoconf,automake,cygwin-devel,gcc-core" 15 PACKAGES="$PACKAGES,make,openssl-devel,zlib-devel" 16 ;; 17*-darwin*) 18 PACKAGER=brew 19 brew install automake 20 exit 0 21 ;; 22*) 23 PACKAGER=apt 24esac 25 26TARGETS=$@ 27 28INSTALL_FIDO_PPA="no" 29export DEBIAN_FRONTEND=noninteractive 30 31#echo "Setting up for '$TARGETS'" 32 33set -ex 34 35if [ -x "`which lsb_release 2>&1`" ]; then 36 lsb_release -a 37fi 38 39# Ubuntu 22.04 defaults to private home dirs which prevent the 40# agent-getpeerid test from running ssh-add as nobody. See 41# https://github.com/actions/runner-images/issues/6106 42if [ ! -z "$SUDO" ] && ! "$SUDO" -u nobody test -x ~; then 43 echo ~ is not executable by nobody, adding perms. 44 chmod go+x ~ 45fi 46 47if [ "${TARGETS}" = "kitchensink" ]; then 48 TARGETS="krb5 libedit pam sk selinux" 49fi 50 51for flag in $CONFIGFLAGS; do 52 case "$flag" in 53 --with-pam) TARGETS="${TARGETS} pam" ;; 54 --with-libedit) TARGETS="${TARGETS} libedit" ;; 55 esac 56done 57 58for TARGET in $TARGETS; do 59 case $TARGET in 60 default|without-openssl|without-zlib|c89) 61 # nothing to do 62 ;; 63 clang-sanitize*) 64 PACKAGES="$PACKAGES clang-12" 65 ;; 66 cygwin-release) 67 PACKAGES="$PACKAGES libcrypt-devel libfido2-devel libkrb5-devel" 68 ;; 69 gcc-sanitize*) 70 ;; 71 clang-*|gcc-*) 72 compiler=$(echo $TARGET | sed 's/-Werror//') 73 PACKAGES="$PACKAGES $compiler" 74 ;; 75 krb5) 76 PACKAGES="$PACKAGES libkrb5-dev" 77 ;; 78 heimdal) 79 PACKAGES="$PACKAGES heimdal-dev" 80 ;; 81 libedit) 82 case "$PACKAGER" in 83 setup) PACKAGES="$PACKAGES libedit-devel" ;; 84 apt) PACKAGES="$PACKAGES libedit-dev" ;; 85 esac 86 ;; 87 *pam) 88 PACKAGES="$PACKAGES libpam0g-dev" 89 ;; 90 sk) 91 INSTALL_FIDO_PPA="yes" 92 PACKAGES="$PACKAGES libfido2-dev libu2f-host-dev libcbor-dev" 93 ;; 94 selinux) 95 PACKAGES="$PACKAGES libselinux1-dev selinux-policy-dev" 96 ;; 97 hardenedmalloc) 98 INSTALL_HARDENED_MALLOC=yes 99 ;; 100 musl) 101 PACKAGES="$PACKAGES musl-tools" 102 ;; 103 tcmalloc) 104 PACKAGES="$PACKAGES libgoogle-perftools-dev" 105 ;; 106 openssl-noec) 107 INSTALL_OPENSSL=OpenSSL_1_1_1k 108 SSLCONFOPTS="no-ec" 109 ;; 110 openssl-*) 111 INSTALL_OPENSSL=$(echo ${TARGET} | cut -f2 -d-) 112 case ${INSTALL_OPENSSL} in 113 1.1.1_stable) INSTALL_OPENSSL="OpenSSL_1_1_1-stable" ;; 114 1.*) INSTALL_OPENSSL="OpenSSL_$(echo ${INSTALL_OPENSSL} | tr . _)" ;; 115 3.*) INSTALL_OPENSSL="openssl-${INSTALL_OPENSSL}" ;; 116 esac 117 PACKAGES="${PACKAGES} putty-tools" 118 ;; 119 libressl-*) 120 INSTALL_LIBRESSL=$(echo ${TARGET} | cut -f2 -d-) 121 case ${INSTALL_LIBRESSL} in 122 master) ;; 123 *) INSTALL_LIBRESSL="$(echo ${TARGET} | cut -f2 -d-)" ;; 124 esac 125 PACKAGES="${PACKAGES} putty-tools" 126 ;; 127 valgrind*) 128 PACKAGES="$PACKAGES valgrind" 129 ;; 130 *) echo "Invalid option '${TARGET}'" 131 exit 1 132 ;; 133 esac 134done 135 136if [ "yes" = "$INSTALL_FIDO_PPA" ]; then 137 sudo apt update -qq 138 sudo apt install -qy software-properties-common 139 sudo apt-add-repository -y ppa:yubico/stable 140fi 141 142if [ "x" != "x$PACKAGES" ]; then 143 case "$PACKAGER" in 144 apt) 145 sudo apt update -qq 146 sudo apt install -qy $PACKAGES 147 ;; 148 setup) 149 /cygdrive/c/setup.exe -q -P `echo "$PACKAGES" | tr ' ' ,` 150 ;; 151 esac 152fi 153 154if [ "${INSTALL_HARDENED_MALLOC}" = "yes" ]; then 155 (cd ${HOME} && 156 git clone https://github.com/GrapheneOS/hardened_malloc.git && 157 cd ${HOME}/hardened_malloc && 158 make -j2 && sudo cp out/libhardened_malloc.so /usr/lib/) 159fi 160 161if [ ! -z "${INSTALL_OPENSSL}" ]; then 162 (cd ${HOME} && 163 git clone https://github.com/openssl/openssl.git && 164 cd ${HOME}/openssl && 165 git checkout ${INSTALL_OPENSSL} && 166 ./config no-threads shared ${SSLCONFOPTS} \ 167 --prefix=/opt/openssl && 168 make && sudo make install_sw) 169fi 170 171if [ ! -z "${INSTALL_LIBRESSL}" ]; then 172 if [ "${INSTALL_LIBRESSL}" = "master" ]; then 173 (mkdir -p ${HOME}/libressl && cd ${HOME}/libressl && 174 git clone https://github.com/libressl-portable/portable.git && 175 cd ${HOME}/libressl/portable && 176 git checkout ${INSTALL_LIBRESSL} && 177 sh update.sh && sh autogen.sh && 178 ./configure --prefix=/opt/libressl && 179 make -j2 && sudo make install) 180 else 181 LIBRESSL_URLBASE=https://cdn.openbsd.org/pub/OpenBSD/LibreSSL 182 (cd ${HOME} && 183 wget ${LIBRESSL_URLBASE}/libressl-${INSTALL_LIBRESSL}.tar.gz && 184 tar xfz libressl-${INSTALL_LIBRESSL}.tar.gz && 185 cd libressl-${INSTALL_LIBRESSL} && 186 ./configure --prefix=/opt/libressl && make -j2 && sudo make install) 187 fi 188fi 189