xref: /openssh-portable/.github/setup_ci.sh (revision 66dd9ddb)
1#!/usr/bin/env bash
2
3case $(./config.guess) in
4*-darwin*)
5	brew install automake
6	exit 0
7	;;
8esac
9
10TARGETS=$@
11
12PACKAGES=""
13INSTALL_FIDO_PPA="no"
14
15#echo "Setting up for '$TARGETS'"
16
17set -ex
18
19lsb_release -a
20
21for TARGET in $TARGETS; do
22    case $TARGET in
23    ""|--without-openssl|--without-zlib|--with-Werror|--with-rpath*)
24        # nothing to do
25        ;;
26    "--with-kerberos5")
27        PACKAGES="$PACKAGES heimdal-dev"
28        #PACKAGES="$PACKAGES libkrb5-dev"
29        ;;
30    "--with-libedit")
31        PACKAGES="$PACKAGES libedit-dev"
32        ;;
33    "--with-pam")
34        PACKAGES="$PACKAGES libpam0g-dev"
35        ;;
36    "--with-security-key-builtin")
37        INSTALL_FIDO_PPA="yes"
38        PACKAGES="$PACKAGES libfido2-dev libu2f-host-dev"
39        ;;
40    "--with-selinux")
41        PACKAGES="$PACKAGES libselinux1-dev selinux-policy-dev"
42        ;;
43    "--with-ldflags=-lhardened_malloc")
44        INSTALL_HARDENED_MALLOC=yes
45       ;;
46    "--with-ssl-dir=/opt/openssl/head")
47        INSTALL_OPENSSL_HEAD=yes
48       ;;
49    "--with-ssl-dir=/opt/libressl/head")
50        INSTALL_LIBRESSL_HEAD=yes
51       ;;
52    *) echo "Invalid option '${TARGET}'"
53        exit 1
54        ;;
55    esac
56done
57
58if [ "yes" == "$INSTALL_FIDO_PPA" ]; then
59    sudo apt update -qq
60    sudo apt install software-properties-common
61    sudo apt-add-repository ppa:yubico/stable
62fi
63
64if [ "x" != "x$PACKAGES" ]; then
65    sudo apt update -qq
66    sudo apt install -qy $PACKAGES
67fi
68
69if [ "${INSTALL_HARDENED_MALLOC}" = "yes" ]; then
70    (cd ${HOME} &&
71     git clone https://github.com/GrapheneOS/hardened_malloc.git &&
72     cd ${HOME}/hardened_malloc &&
73     make && sudo cp libhardened_malloc.so /usr/lib/)
74fi
75
76if [ "${INSTALL_OPENSSL_HEAD}" = "yes" ];then
77    (cd ${HOME} &&
78     git clone https://github.com/openssl/openssl.git &&
79     cd ${HOME}/openssl &&
80     ./config no-threads no-engine no-fips no-shared --prefix=/opt/openssl/head &&
81     make && sudo make install_sw)
82fi
83
84if [ "${INSTALL_LIBRESSL_HEAD}" = "yes" ];then
85    (mkdir -p ${HOME}/libressl && cd ${HOME}/libressl &&
86     git clone https://github.com/libressl-portable/portable.git &&
87     cd ${HOME}/libressl/portable && sh update.sh && sh autogen.sh &&
88     ./configure --prefix=/opt/libressl/head &&
89     make && sudo make install_sw)
90fi
91