1#!/bin/sh 2# 3# $FreeBSD$ 4# 5 6configure_args=" 7 --prefix=/usr 8 --sysconfdir=/etc/ssh 9 --with-pam 10 --with-ssl-dir=/usr 11 --without-tcp-wrappers 12 --with-libedit 13 --with-ssl-engine 14 --without-xauth 15" 16 17set -e 18 19openssh=$(dirname $(realpath $0)) 20cd $openssh 21 22# Run autotools before we drop LOCALBASE out of PATH 23(cd $openssh && libtoolize --copy && autoheader && autoconf) 24 25# Ensure we use the correct toolchain and clean our environment 26export CC=$(echo ".include <bsd.lib.mk>" | make -f /dev/stdin -VCC) 27export CPP=$(echo ".include <bsd.lib.mk>" | make -f /dev/stdin -VCPP) 28unset CFLAGS CPPFLAGS LDFLAGS LD_LIBRARY_PATH LIBS 29export PATH=/bin:/sbin:/usr/bin:/usr/sbin 30 31# Generate config.h with krb5 and stash it 32sh configure $configure_args --with-kerberos5=/usr 33mv config.log config.log.kerberos5 34mv config.h config.h.kerberos5 35 36# Generate config.h with built-in security key support 37# 38# We install libcbor and libfido2 as PRIVATELIB, so the headers are not 39# available for configure - add their paths via CFLAGS as a slight hack. 40# configure.ac is also patched to specify -lprivatecbor and -lprivatefido2 41# rather than -lcbor and -lfido2. 42export CFLAGS="-I$openssh/../../contrib/libcbor/src -I$openssh/../../contrib/libfido2/src" 43sh configure $configure_args --with-security-key-builtin 44unset CFLAGS 45mv config.log config.log.sk-builtin 46mv config.h config.h.sk-builtin 47 48# Generate config.h without krb5 or SK support 49sh configure $configure_args --without-kerberos5 --without-security-key-builtin 50 51# Extract the difference 52echo '/* $Free''BSD$ */' > krb5_config.h 53diff -u config.h.kerberos5 config.h | 54 sed -n '/^-#define/s/^-//p' | 55 grep -Ff /dev/stdin config.h.kerberos5 >> krb5_config.h 56 57# Extract the difference - SK 58diff -u config.h.sk-builtin config.h | 59 sed -n '/^-#define/s/^-//p' | 60 grep -Ff /dev/stdin config.h.sk-builtin > sk_config.h 61