xref: /openssh-portable/.github/setup_ci.sh (revision 41d232e2)
1#!/usr/bin/env bash
2
3case $(./config.guess) in
4*-darwin*)
5	brew install automake
6	exit 0
7	;;
8esac
9
10TARGETS=$@
11
12PACKAGES=""
13INSTALL_FIDO_PPA="no"
14
15#echo "Setting up for '$TARGETS'"
16
17set -ex
18
19lsb_release -a
20
21if [ "${TARGETS}" = "kitchensink" ]; then
22	TARGETS="kerberos5 libedit pam sk selinux"
23fi
24
25for TARGET in $TARGETS; do
26    case $TARGET in
27    default|without-openssl|without-zlib)
28        # nothing to do
29        ;;
30    kerberos5)
31        PACKAGES="$PACKAGES heimdal-dev"
32        #PACKAGES="$PACKAGES libkrb5-dev"
33        ;;
34    libedit)
35        PACKAGES="$PACKAGES libedit-dev"
36        ;;
37    *pam)
38        PACKAGES="$PACKAGES libpam0g-dev"
39        ;;
40    sk)
41        INSTALL_FIDO_PPA="yes"
42        PACKAGES="$PACKAGES libfido2-dev libu2f-host-dev"
43        ;;
44    selinux)
45        PACKAGES="$PACKAGES libselinux1-dev selinux-policy-dev"
46        ;;
47    hardenedmalloc)
48        INSTALL_HARDENED_MALLOC=yes
49       ;;
50    openssl-head)
51        INSTALL_OPENSSL_HEAD=yes
52       ;;
53    libressl-head)
54        INSTALL_LIBRESSL_HEAD=yes
55       ;;
56    valgrind)
57       PACKAGES="$PACKAGES valgrind"
58       ;;
59    *) echo "Invalid option '${TARGET}'"
60        exit 1
61        ;;
62    esac
63done
64
65if [ "yes" == "$INSTALL_FIDO_PPA" ]; then
66    sudo apt update -qq
67    sudo apt install software-properties-common
68    sudo apt-add-repository ppa:yubico/stable
69fi
70
71if [ "x" != "x$PACKAGES" ]; then
72    sudo apt update -qq
73    sudo apt install -qy $PACKAGES
74fi
75
76if [ "${INSTALL_HARDENED_MALLOC}" = "yes" ]; then
77    (cd ${HOME} &&
78     git clone https://github.com/GrapheneOS/hardened_malloc.git &&
79     cd ${HOME}/hardened_malloc &&
80     make -j2 && sudo cp libhardened_malloc.so /usr/lib/)
81fi
82
83if [ "${INSTALL_OPENSSL_HEAD}" = "yes" ];then
84    (cd ${HOME} &&
85     git clone https://github.com/openssl/openssl.git &&
86     cd ${HOME}/openssl &&
87     ./config no-threads no-engine no-fips no-shared --prefix=/opt/openssl/head &&
88     make -j2 && sudo make install_sw)
89fi
90
91if [ "${INSTALL_LIBRESSL_HEAD}" = "yes" ];then
92    (mkdir -p ${HOME}/libressl && cd ${HOME}/libressl &&
93     git clone https://github.com/libressl-portable/portable.git &&
94     cd ${HOME}/libressl/portable && sh update.sh && sh autogen.sh &&
95     ./configure --prefix=/opt/libressl/head &&
96     make -j2 && sudo make install_sw)
97fi
98