blob: b603f3f578b34c4c7356c488ff985d18342639aa (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
#!/bin/sh
. .github/configs $@
case "`./config.guess`" in
*-darwin*)
brew install automake
exit 0
;;
esac
TARGETS=$@
PACKAGES=""
INSTALL_FIDO_PPA="no"
export DEBIAN_FRONTEND=noninteractive
#echo "Setting up for '$TARGETS'"
set -ex
lsb_release -a
if [ "${TARGETS}" = "kitchensink" ]; then
TARGETS="krb5 libedit pam sk selinux"
fi
for flag in $CONFIGFLAGS; do
case "$flag" in
--with-pam) PACKAGES="${PACKAGES} libpam0g-dev" ;;
--with-libedit) PACKAGES="${PACKAGES} libedit-dev" ;;
esac
done
for TARGET in $TARGETS; do
case $TARGET in
default|without-openssl|without-zlib|c89|libedit|*pam)
# nothing to do
;;
clang-*|gcc-*)
compiler=$(echo $TARGET | sed 's/-Werror//')
PACKAGES="$PACKAGES $compiler"
;;
krb5)
PACKAGES="$PACKAGES libkrb5-dev"
;;
heimdal)
PACKAGES="$PACKAGES heimdal-dev"
;;
sk)
INSTALL_FIDO_PPA="yes"
PACKAGES="$PACKAGES libfido2-dev libu2f-host-dev libcbor-dev"
;;
selinux)
PACKAGES="$PACKAGES libselinux1-dev selinux-policy-dev"
;;
hardenedmalloc)
INSTALL_HARDENED_MALLOC=yes
;;
tcmalloc)
PACKAGES="$PACKAGES libgoogle-perftools-dev"
;;
openssl-noec)
INSTALL_OPENSSL=OpenSSL_1_1_1k
SSLCONFOPTS="no-ec"
;;
openssl-*)
INSTALL_OPENSSL=$(echo ${TARGET} | cut -f2 -d-)
case ${INSTALL_OPENSSL} in
1.1.1_stable) INSTALL_OPENSSL="OpenSSL_1_1_1-stable" ;;
1.*) INSTALL_OPENSSL="OpenSSL_$(echo ${INSTALL_OPENSSL} | tr . _)" ;;
3.*) INSTALL_OPENSSL="openssl-${INSTALL_OPENSSL}" ;;
esac
PACKAGES="${PACKAGES} putty-tools"
;;
libressl-*)
INSTALL_LIBRESSL=$(echo ${TARGET} | cut -f2 -d-)
case ${INSTALL_LIBRESSL} in
master) ;;
*) INSTALL_LIBRESSL="v$(echo ${TARGET} | cut -f2 -d-)" ;;
esac
PACKAGES="${PACKAGES} putty-tools"
;;
valgrind*)
PACKAGES="$PACKAGES valgrind"
;;
*) echo "Invalid option '${TARGET}'"
exit 1
;;
esac
done
if [ "yes" = "$INSTALL_FIDO_PPA" ]; then
sudo apt update -qq
sudo apt install -qy software-properties-common
sudo apt-add-repository -y ppa:yubico/stable
fi
if [ "x" != "x$PACKAGES" ]; then
sudo apt update -qq
sudo apt install -qy $PACKAGES
fi
if [ "${INSTALL_HARDENED_MALLOC}" = "yes" ]; then
(cd ${HOME} &&
git clone https://github.com/GrapheneOS/hardened_malloc.git &&
cd ${HOME}/hardened_malloc &&
make -j2 && sudo cp libhardened_malloc.so /usr/lib/)
fi
if [ ! -z "${INSTALL_OPENSSL}" ]; then
(cd ${HOME} &&
git clone https://github.com/openssl/openssl.git &&
cd ${HOME}/openssl &&
git checkout ${INSTALL_OPENSSL} &&
./config no-threads shared ${SSLCONFOPTS} \
--prefix=/opt/openssl &&
make && sudo make install_sw)
fi
if [ ! -z "${INSTALL_LIBRESSL}" ]; then
(mkdir -p ${HOME}/libressl && cd ${HOME}/libressl &&
git clone https://github.com/libressl-portable/portable.git &&
cd ${HOME}/libressl/portable &&
git checkout ${INSTALL_LIBRESSL} &&
sh update.sh && sh autogen.sh &&
./configure --prefix=/opt/libressl &&
make -j2 && sudo make install)
fi
|
