17 openssh=$(dirname $(realpath $0))
20 # Run autotools before we drop LOCALBASE out of PATH
21 (cd $openssh && libtoolize --copy && autoheader && autoconf)
23 # Ensure we use the correct toolchain and clean our environment
24 export CC=$(echo ".include <bsd.lib.mk>" | make -f /dev/stdin -VCC)
25 export CPP=$(echo ".include <bsd.lib.mk>" | make -f /dev/stdin -VCPP)
26 unset CFLAGS CPPFLAGS LDFLAGS LD_LIBRARY_PATH LIBS
27 export PATH=/bin:/sbin:/usr/bin:/usr/sbin
29 # Generate config.h with krb5 and stash it
30 sh configure $configure_args --with-kerberos5=/usr
31 mv config.log config.log.kerberos5
32 mv config.h config.h.kerberos5
34 # Generate config.h with built-in security key support
36 # We install libcbor and libfido2 as PRIVATELIB, so the headers are not
37 # available for configure - add their paths via CFLAGS as a slight hack.
38 # configure.ac is also patched to specify -lprivatecbor and -lprivatefido2
39 # rather than -lcbor and -lfido2.
40 export CFLAGS="-I$openssh/../../contrib/libcbor/src -I$openssh/../../contrib/libfido2/src"
41 sh configure $configure_args --with-security-key-builtin
43 mv config.log config.log.sk-builtin
44 mv config.h config.h.sk-builtin
46 # Generate config.h without krb5 or SK support
47 sh configure $configure_args --without-kerberos5 --without-security-key-builtin
49 # Extract the difference
50 diff -u config.h.kerberos5 config.h |
51 sed -n '/^-#define/s/^-//p' |
52 grep -Ff /dev/stdin config.h.kerberos5 > krb5_config.h
54 # Extract the difference - SK
55 diff -u config.h.sk-builtin config.h |
56 sed -n '/^-#define/s/^-//p' |
57 grep -Ff /dev/stdin config.h.sk-builtin > sk_config.h