bcollet/static-toolbox
1
0
Fork 0
Code Issues Pull requests Releases Packages Activity Actions

Added GitHub Actions and updated build framework

Browse source
This commit is contained in:
takeshix 2020-07-15 22:13:51 +02:00
parent 1f9bc44c60
commit 2e95cb4f0f
23 changed files with 1065 additions and 31 deletions

267
build/lib.sh Executable file
View file

@ -0,0 +1,267 @@
#!/bin/bash
GIT_OPENSSL="https://github.com/drwetter/openssl-pm-snapshot.git"
GIT_BINUTILS_GDB="https://github.com/bminor/binutils-gdb.git"
GIT_READLINE="https://git.savannah.gnu.org/git/readline.git"
GIT_NCURSES="https://github.com/ThomasDickey/ncurses-snapshots.git"
BUILD_DIRECTORY="/build"
OUTPUT_DIRECTORY="/output"
GCC_OPTS="-static -fPIC"
GXX_OPTS="-static -static-libstdc++ -fPIC"
TMP_DIR=$(mktemp -dt building_lib.XXXXXX)
trap "rm -rf ${TMP_DIR}" EXIT TERM
# The init function that has to
# be called before running any
# other function. Should be used
# to configure the building env.
init_lib(){
CURRENT_ARCH="$1"
if [ ! -d "$BUILD_DIRECTORY" ];then
mkdir -p $BUILD_DIRECTORY
fi
if [ ! -d "$OUTPUT_DIRECTORY" ];then
mkdir -p $OUTPUT_DIRECTORY
fi
}
# Set a HTTP proxy for fetching
# software via HTTP and Git.
set_http_proxy(){
proxy=$1
export http_proxy="$proxy"
export https_proxy="$proxy"
git config --global http.proxy "$proxy"
}
# Return a host triple for the
# selected architecture.
get_host_triple(){
local host
if [ "$CURRENT_ARCH" == "x86" ];then
host="i486-linux-musl"
elif [ "$CURRENT_ARCH" == "x86_64" ];then
host="x86_64-unknown-linux-musl"
elif [ "$CURRENT_ARCH" == "armhf" ];then
host="arm-linux-musleabihf"
elif [ "$CURRENT_ARCH" == "aarch64" ];then
host="aarch64-linux-musleabi"
fi
echo $host
}
# Fetch and extract a resource via
# HTTP or clone a Git repository.
fetch(){
if [ "$#" -ne 3 ];then
echo "fetch() requires a source, destination and method."
echo "Example: fetch http://github.com/test.git /build/test git"
exit 1
fi
source=$1
shift
destination=$1
shift
method=$@
# TODO: check if $source is a valid URL
if [ -d "$destination" ] || [ -f "$destination" ];then
echo "Destination ${destination} already exists, skipping."
return
fi
if [ "${method,,}" == "http" ];then
cd /tmp || { echo "Could not cd to /tmp"; exit 1; }
headers=$(mktemp headers.XXXXXX)
curl -L -D "$headers" -sOJ "$source"
filename=$(cat "$headers" | grep -o -E 'filename=.*$' | sed -e 's/filename=//')
filename=$(trim "$filename")
extract "$filename" "$destination"
trap "rm -rf ${headers} /tmp/'${filename}'" EXIT TERM
elif [ "${method,,}" == "git" ];then
git clone "$source" "$destination"
else
echo "Invalid method ${method}"
exit 1
fi
}
# Extract an archive to a
# destination directory.
extract(){
if [ "$#" -ne 2 ];then
echo "extract() requires a source and destination."
exit 1
fi
source=$1
destination=$2
if [ ! -d "$destination" ];then
mkdir -p "$destination"
fi
if [ -f "$source" ] ; then
case $source in
*.tar.bz2) tar xjf "$source" -C "$destination" --strip-components 1 ;;
*.tar.gz) tar xzf "$source" -C "$destination" --strip-components 1 ;;
*.tar.xz) tar xvfJ "$source" -C "$destination" --strip-components 1 ;;
*.tar) tar xf "$source" -C "$destination" --strip-components 1 ;;
*.tbz2) tar xjf "$source" -C "$destination" --strip-components 1 ;;
*.tgz) tar xzf "$source" -C "$destination" --strip-components 1 ;;
*) echo "'${source}' cannot be extracted via extract()" ;;
esac
else
echo "'${source}' is not a valid file"
fi
}
# Remove leading and
# trailing whitespaces.
trim(){
local var="$*"
var="${var#"${var%%[![:space:]]*}"}"
var="${var%"${var##*[![:space:]]}"}"
echo -n "$var"
}
# Determine the version of
# a binary after building.
get_version(){
local cmd="$1"
if [ -z "$cmd" ];then
echo "Please provide a command to determine the version" >&2
echo "Example: /build/test --version | awk '{print \$2}'" >&2
exit 1
fi
local version="-"
if [ "$CURRENT_ARCH" == "armhf" ];then
if which qemu-arm 1>&2 2>/dev/null;then
cmd="qemu-arm ${cmd}"
version+=$(eval "$cmd")
else
echo "qemu-arm not found, skipping ARMHF version checks." >&2
fi
elif [ "$CURRENT_ARCH" == "aarch64" ];then
if which qemu-aarch64 1>&2 2>/dev/null;then
cmd="qemu-aarch64 ${cmd}"
version+=$(eval "$cmd")
else
echo "qemu-aarch64 not found, skipping AARCH64 version checks." >&2
fi
else
version+=$(eval "$cmd")
fi
if [ "$version" == "-" ];then
version+="${CURRENT_ARCH}"
else
version+="-${CURRENT_ARCH}"
fi
echo "$version"
}
lib_create_tmp_dir(){
local tmp_dir=$(mktemp -dt -p ${TMP_DIR} tmpdir.XXXXXX)
echo "$tmp_dir"
}
lib_check_lib_arch(){
lib=$1
if [ ! -f "$lib" ];then
echo ""
return
fi
local tmp_dir=$(lib_create_tmp_dir)
cp "$lib" "$tmp_dir"
bash -c "cd ${tmp_dir}; ar x $(basename ${lib})"
local output=$(find "${tmp_dir}" -name "*.o" -exec file {} \;)
if echo "$output" | grep -q "Intel 80386";then
echo "Arch of ${lib} is x86" >&2
echo "x86"
elif echo "$output" | grep -q "x86-64";then
echo "Arch of ${lib} is x86_64" >&2
echo "x86_64"
elif echo "$output" | grep -q "ARM aarch64";then
echo "Arch of ${lib} is armhf" >&2
echo "armhf"
elif echo "$output" | grep -q "ARM,";then
echo "Arch of ${lib} is aarch64" >&2
echo "aarch64"
else
echo "Could not determine arch of library ${lib}" >&2
echo ""
fi
}
lib_build_openssl(){
local version=$1
fetch "$GIT_OPENSSL" "${BUILD_DIRECTORY}/openssl" git
cd "${BUILD_DIRECTORY}/openssl" || { echo "Cannot cd to ${BUILD_DIRECTORY}/openssl"; exit 1; }
if [ -n "$version" ];then
git checkout "$version" || echo "Version ${version} not found, continuing with master."
fi
if [ -f "${BUILD_DIRECTORY}/openssl/libssl.a" ];then
lib_arch=$(lib_check_lib_arch "${BUILD_DIRECTORY}/openssl/libssl.a")
if [ "$lib_arch" != "$CURRENT_ARCH" ];then
echo "Rebuild for current arch"
git clean -fdx || true
else
echo "[+] OpenSSL already available for current arch, skipping building"
return
fi
fi
local openssl_arch
if [ "${CURRENT_ARCH}" == "x86" ] ||
[ "${CURRENT_ARCH}" == "armhf" ];then
openssl_arch="linux-generic32"
elif [ "${CURRENT_ARCH}" == "x86_64" ];then
openssl_arch="linux-x86_64"
elif [ "${CURRENT_ARCH}" == "aarch64" ];then
openssl_arch="linux-generic64"
fi
CFLAGS="${GCC_OPTS}" \
./Configure \
no-shared \
"$openssl_arch"
make -j4
echo "[+] Finished building OpenSSL ${CURRENT_ARCH}"
}
lib_build_zlib(){
fetch "$GIT_BINUTILS_GDB" "${BUILD_DIRECTORY}/binutils-gdb" git
cd "${BUILD_DIRECTORY}/binutils-gdb/zlib" || { echo "Cannot cd to ${BUILD_DIRECTORY}/binutils-gdb/zlib"; exit 1; }
git clean -fdx
CC="gcc ${GCC_OPTS}" \
CXX="g++ ${GXX_OPTS}" \
/bin/bash ./configure \
--host="$(get_host_triple)" \
--enable-static
make -j4
echo "[+] Finished building zlib ${CURRENT_ARCH}"
}
lib_build_readline(){
fetch "$GIT_READLINE" "${BUILD_DIRECTORY}/readline" git
cd "${BUILD_DIRECTORY}/readline" || { echo "Cannot cd to ${BUILD_DIRECTORY}/readline"; exit 1; }
git clean -fdx
CFLAGS="${GCC_OPTS}" \
CXXFLAGS="${GXX_OPTS}" \
./configure \
--host="$(get_host_triple)" \
--disable-shared \
--enable-static
make -j4
echo "[+] Finished building readline ${CURRENT_ARCH}"
}
lib_build_ncurses(){
fetch "$GIT_NCURSES" "${BUILD_DIRECTORY}/ncurses" git
cd "${BUILD_DIRECTORY}/ncurses" || { echo "Cannot cd to ${BUILD_DIRECTORY}/ncurses"; exit 1; }
git clean -fdx
git checkout v6_2
CMD="CFLAGS=\"${GCC_OPTS}\" "
CMD+="CXXFLAGS=\"${GXX_OPTS}\" "
CMD+="./configure --host=$(get_host_triple) --disable-shared --enable-static"
if [ "$CURRENT_ARCH"!="x86" -a "$CURRENT_ARCH"!="x86_64" ];then
CMD+=" --with-build-cc=/x86_64-linux-musl-cross/bin/x86_64-linux-musl-gcc"
fi
eval "$CMD"
make -j4
echo "[+] Finished building ncurses ${CURRENT_ARCH}"
}

110
build/targets/build_gdb.sh Executable file
View file

@ -0,0 +1,110 @@
#!/bin/bash
set -e
set -o pipefail
set -x
if [ "$#" -ne 1 ];then
echo "Usage: ${0} [x86|x86_64|armhf|aarch64]"
echo "Example: ${0} x86_64"
exit 1
fi
source $GITHUB_WORKSPACE/build/lib.sh
init_lib $1
build_gdb() {
fetch "$GIT_BINUTILS_GDB" "${BUILD_DIRECTORY}/binutils-gdb" git
cd "${BUILD_DIRECTORY}/binutils-gdb/" || { echo "Cannot cd to ${BUILD_DIRECTORY}/binutils-gdb/"; exit 1; }
git checkout binutils-2_35-branch
#git clean -fdx
cd "${BUILD_DIRECTORY}/binutils-gdb/bfd"
CC="gcc ${GCC_OPTS}" \
CXX="g++ ${GXX_OPTS}" \
./configure \
--host="$(get_host_triple)" \
--disable-shared \
--enable-static
make -j4
cd "${BUILD_DIRECTORY}/binutils-gdb/readline"
CC="gcc ${GCC_OPTS}" \
CXX="g++ ${GXX_OPTS}" \
./configure \
--host="$(get_host_triple)" \
--disable-shared \
--enable-static
make -j4
cd "${BUILD_DIRECTORY}/binutils-gdb/opcodes"
CC="gcc ${GCC_OPTS}" \
CXX="g++ ${GXX_OPTS}" \
./configure \
--host="$(get_host_triple)" \
--disable-shared \
--enable-static
make -j4
cd "${BUILD_DIRECTORY}/binutils-gdb/libiberty"
CC="gcc ${GCC_OPTS}" \
CXX="g++ ${GXX_OPTS}" \
./configure \
--host="$(get_host_triple)" \
--disable-shared \
--enable-static
make -j4
cd "${BUILD_DIRECTORY}/binutils-gdb/libdecnumber"
CC="gcc ${GCC_OPTS}" \
CXX="g++ ${GXX_OPTS}" \
./configure \
--host="$(get_host_triple)" \
--disable-shared \
--enable-static
make -j4
cd "${BUILD_DIRECTORY}/binutils-gdb/zlib"
CC="gcc ${GCC_OPTS}" \
CXX="g++ ${GXX_OPTS}" \
/bin/bash ./configure \
--host="$(get_host_triple)" \
--enable-static
make -j4
cd "${BUILD_DIRECTORY}/binutils-gdb/gdb"
CC="gcc ${GCC_OPTS}" \
CXX="g++ ${GXX_OPTS}" \
./configure \
--enable-static=yes \
--host="$(get_host_triple)" \
--disable-interprocess-agent
make -j4
cd "${BUILD_DIRECTORY}/binutils-gdb/gdb/gdbserver"
CC="gcc ${GCC_OPTS}" \
CXX="g++ ${GXX_OPTS}" \
./configure \
--enable-static=yes \
--host="$(get_host_triple)" \
--disable-interprocess-agent
make -j4
strip "${BUILD_DIRECTORY}/binutils-gdb/gdb/gdb" "${BUILD_DIRECTORY}/binutils-gdb/gdb/gdbserver/gdbserver"
}
main() {
build_gdb
if [ ! -f "${BUILD_DIRECTORY}/binutils-gdb/gdb/gdb" -o \
! -f "${BUILD_DIRECTORY}/binutils-gdb/gdb/gdbserver/gdbserver" ];then
echo "[-] Building GDB ${CURRENT_ARCH} failed!"
exit 1
fi
GDB_VERSION=$(get_version "${BUILD_DIRECTORY}/binutils-gdb/gdb/gdb --version |head -n1 |awk '{print \$4}'")
GDBSERVER_VERSION=$(get_version "${BUILD_DIRECTORY}/binutils-gdb/gdb/gdbserver/gdbserver --version |head -n1 |awk '{print \$4}'")
cp "${BUILD_DIRECTORY}/binutils-gdb/gdb/gdb" "${OUTPUT_DIRECTORY}/gdb${GDB_VERSION}"
cp "${BUILD_DIRECTORY}/binutils-gdb/gdb/gdbserver/gdbserver" "${OUTPUT_DIRECTORY}/gdbserver${GDBSERVER_VERSION}"
echo "[+] Finished building GDB ${CURRENT_ARCH}"
echo ::set-output name=PACKAGED_NAME::"gdb${GDB_VERSION}"
echo ::set-output name=PACKAGED_NAME_PATH::"/output/*"
}
main

70
build/targets/build_nmap.sh Executable file
View file

@ -0,0 +1,70 @@
#!/bin/bash
set -e
set -x
set -o pipefail
if [ "$#" -ne 1 ];then
echo "Usage: ${0} [x86|x86_64|armhf|aarch64]"
echo "Example: ${0} x86_64"
exit 1
fi
source $GITHUB_WORKSPACE/build/lib.sh
init_lib $1
build_nmap() {
fetch "https://github.com/nmap/nmap.git" "${BUILD_DIRECTORY}/nmap" git
cd "${BUILD_DIRECTORY}/nmap"
git clean -fdx || true
# make sure we only build the static libraries
sed -i '/build-zlib: $(ZLIBDIR)\/Makefile/!b;n;c\\t@echo Compiling zlib; cd $(ZLIBDIR) && $(MAKE) static;' "${BUILD_DIRECTORY}/nmap/Makefile.in"
CC='gcc -static -fPIC' \
CXX='g++ -static -static-libstdc++ -fPIC' \
LD=ld \
LDFLAGS="-L/build/openssl" \
./configure \
--host="$(get_host_triple)" \
--without-ndiff \
--without-zenmap \
--without-nmap-update \
--without-libssh2 \
--with-pcap=linux \
--with-openssl="${BUILD_DIRECTORY}/openssl"
sed -i -e "s/shared\: /shared\: #/" "${BUILD_DIRECTORY}/nmap/libpcap/Makefile"
make
strip nmap ncat/ncat nping/nping
}
main() {
lib_build_openssl
build_nmap
if [ ! -f "${BUILD_DIRECTORY}/nmap/nmap" -o \
! -f "${BUILD_DIRECTORY}/nmap/ncat/ncat" -o \
! -f "${BUILD_DIRECTORY}/nmap/nping/nping" ];then
echo "[-] Building Nmap ${CURRENT_ARCH} failed!"
exit 1
fi
VERSION_CMD=$(get_version "${BUILD_DIRECTORY}/nmap/nmap --version")
NMAP_VERSION=$(echo "$VERSION_CMD" | grep "Nmap version" | awk '{print $3}')
if [ -n "$NMAP_VERSION" ];then
NMAP_VERSION="-${NMAP_VERSION}"
fi
cp "${BUILD_DIRECTORY}/nmap/nmap" "${OUTPUT_DIRECTORY}/nmap${NMAP_VERSION}"
cp "${BUILD_DIRECTORY}/nmap/ncat/ncat" "${OUTPUT_DIRECTORY}/ncat${NMAP_VERSION}"
cp "${BUILD_DIRECTORY}/nmap/nping/nping" "${OUTPUT_DIRECTORY}/nping${NMAP_VERSION}"
echo "[+] Finished building Nmap ${CURRENT_ARCH}"
NMAP_COMMIT=$(cd "${BUILD_DIRECTORY}/nmap/" && git rev-parse --short HEAD)
NMAP_DIR="${OUTPUT_DIRECTORY}/nmap-data${NMAP_VERSION}-${NMAP_COMMIT}"
if [ ! -d "$NMAP_DIR" ];then
echo "[-] ${NMAP_DIR} does not exist, creating it"
mkdir -p "${NMAP_DIR}"
fi
if [ -n "$(ls $NMAP_DIR)" ];then
echo "[+] Data directory is not empty"
exit
fi
cd "${BUILD_DIRECTORY}/nmap"
make install
cp -r /usr/local/share/nmap/* $NMAP_DIR
echo "[+] Copied data to Nmap data dir"
}
main

51
build/targets/build_openssh.sh Executable file
View file

@ -0,0 +1,51 @@
#!/bin/bash
set -e
set -x
set -o pipefail
if [ "$#" -ne 1 ];then
echo "Usage: ${0} [x86|x86_64|armhf|aarch64]"
echo "Example: ${0} x86_64"
exit 1
fi
source $GITHUB_WORKSPACE/build/lib.sh
init_lib $1
build_openssh() {
fetch "https://github.com/openssh/openssh-portable.git" "${BUILD_DIRECTORY}/openssh-portable" git
cd "${BUILD_DIRECTORY}/openssh-portable"
git checkout V_7_9
git clean -fdx
autoreconf -i
CC="gcc ${GCC_OPTS}" \
CXX="g++ ${GXX_OPTS}" \
CXXFLAGS="-I${BUILD_DIRECTORY}/openssl -I${BUILD_DIRECTORY}/binutils-gdb/zlib" \
./configure \
--with-ssl-engine \
--with-ssl-dir="${BUILD_DIRECTORY}/openssl" \
--with-zlib="${BUILD_DIRECTORY}/binutils-gdb/zlib" \
--with-ldflags=-static \
--host="$(get_host_triple)"
make -j4
strip ssh sshd
}
main() {
lib_build_openssl
lib_build_zlib
build_openssh
if [ ! -f "${BUILD_DIRECTORY}/openssh-portable/ssh" -o \
! -f "${BUILD_DIRECTORY}/openssh-portable/sshd" ];then
echo "[-] Building OpenSSH ${CURRENT_ARCH} failed!"
exit 1
fi
OPENSSH_VERSION=$(get_version "${BUILD_DIRECTORY}/openssh-portable/ssh -V 2>&1 | awk '{print \$1}' | sed 's/,//g'")
cp "${BUILD_DIRECTORY}/openssh-portable/ssh" "${OUTPUT_DIRECTORY}/ssh${OPENSSH_VERSION}"
cp "${BUILD_DIRECTORY}/openssh-portable/sshd" "${OUTPUT_DIRECTORY}/sshd${OPENSSH_VERSION}"
echo "[+] Finished building OpenSSH ${CURRENT_ARCH}"
OPENSSH_VERSION=$(echo $OPENSSH_VERSION | sed 's/-//')
echo ::set-output name=PACKAGED_NAME::"${OPENSSH_VERSION}"
echo ::set-output name=PACKAGED_NAME_PATH::"/output/*"
}
main

43
build/targets/build_socat.sh Executable file
View file

@ -0,0 +1,43 @@
#!/bin/bash
set -e
set -x
set -o pipefail
if [ "$#" -ne 1 ];then
echo "Usage: ${0} [x86|x86_64|armhf|aarch64]"
echo "Example: ${0} x86_64"
exit 1
fi
source $GITHUB_WORKSPACE/build/lib.sh
init_lib "$1"
build_socat() {
fetch "http://repo.or.cz/socat.git" "${BUILD_DIRECTORY}/socat" git
cd "${BUILD_DIRECTORY}/socat"
git clean -fdx
autoconf
CFLAGS="${GCC_OPTS}" \
CXXFLAGS="${GXX_OPTS}" \
CPPFLAGS="-I${BUILD_DIRECTORY} -I${BUILD_DIRECTORY}/openssl/include -DNETDB_INTERNAL=-1" \
LDFLAGS="-L${BUILD_DIRECTORY}/readline -L${BUILD_DIRECTORY}/ncurses/lib -L${BUILD_DIRECTORY}/openssl" \
./configure \
--host="$(get_host_triple)"
make -j4
strip socat
}
main() {
#sudo apt install yodl
lib_build_openssl
lib_build_ncurses
lib_build_readline
build_socat
local version
version=$(get_version "${BUILD_DIRECTORY}/socat/socat -V | grep 'socat version' | awk '{print \$3}'")
cp "${BUILD_DIRECTORY}/socat/socat" "${OUTPUT_DIRECTORY}/socat${version}"
echo "[+] Finished building socat ${CURRENT_ARCH}"
echo ::set-output name=PACKAGED_NAME::"socat${version}"
echo ::set-output name=PACKAGED_NAME_PATH::"${OUTPUT_DIRECTORY}/*"
}
main