From c07bdd60e551b21b2559df76f4ad51b0d7dc9e32 Mon Sep 17 00:00:00 2001 From: Ryo Nakamura Date: Thu, 9 Mar 2023 22:32:42 +0900 Subject: [PATCH 1/4] fix cmake: remove modification to libssh CMake --- CMakeLists.txt | 14 +++++------- patch/libssh-0.10.4.patch | 45 --------------------------------------- 2 files changed, 5 insertions(+), 54 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 17837d0..04ad856 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -11,6 +11,11 @@ list(APPEND CMAKE_MODULE_PATH ${CMAKE_SOURCE_DIR}/cmake/modules) # add libssh static library +set(CMAKE_POLICY_DEFAULT_CMP0077 NEW) +set(WITH_SERVER OFF) +set(BUILD_SHARED_LIBS OFF) +set(WITH_EXAMPLES OFF) +set(BUILD_STATIC_LIB ON) add_subdirectory(libssh EXCLUDE_FROM_ALL) if(APPLE) @@ -31,15 +36,6 @@ list(APPEND MSCP_COMPILE_OPTS -iquote ${CMAKE_CURRENT_BINARY_DIR}/libssh/include list(APPEND MSCP_INCLUDE_DIRS ${CMAKE_CURRENT_BINARY_DIR}/libssh/include) list(APPEND MSCP_LINK_LIBS ssh-static) -find_package(GSSAPI) -list(APPEND MSCP_LINK_LIBS ${GSSAPI_LIBRARIES}) - -find_package(OpenSSL) -list(APPEND MSCP_LINK_LIBS ${OPENSSL_LIBRARIES}) - -find_package(ZLIB) -list(APPEND MSCP_LINK_LIBS ${ZLIB_LIBRARIES}) - target_include_directories(mscp PRIVATE ${MSCP_INCLUDE_DIRS}) target_link_directories(mscp PRIVATE ${MSCP_LINK_DIRS}) target_link_libraries(mscp PRIVATE ${MSCP_LINK_LIBS}) diff --git a/patch/libssh-0.10.4.patch b/patch/libssh-0.10.4.patch index d90b647..a8a9628 100644 --- a/patch/libssh-0.10.4.patch +++ b/patch/libssh-0.10.4.patch @@ -1,48 +1,3 @@ -diff --git a/DefineOptions.cmake b/DefineOptions.cmake -index 068db988..5fc3c8fc 100644 ---- a/DefineOptions.cmake -+++ b/DefineOptions.cmake -@@ -1,7 +1,7 @@ - option(WITH_GSSAPI "Build with GSSAPI support" ON) - option(WITH_ZLIB "Build with ZLIB support" ON) - option(WITH_SFTP "Build with SFTP support" ON) --option(WITH_SERVER "Build with SSH server support" ON) -+option(WITH_SERVER "Build with SSH server support" OFF) - option(WITH_DEBUG_CRYPTO "Build with cryto debug output" OFF) - option(WITH_DEBUG_PACKET "Build with packet debug output" OFF) - option(WITH_DEBUG_CALLTRACE "Build with calltrace debug output" ON) -@@ -11,13 +11,13 @@ option(WITH_MBEDTLS "Compile against libmbedtls" OFF) - option(WITH_BLOWFISH_CIPHER "Compile with blowfish support" OFF) - option(WITH_PCAP "Compile with Pcap generation support" ON) - option(WITH_INTERNAL_DOC "Compile doxygen internal documentation" OFF) --option(BUILD_SHARED_LIBS "Build shared libraries" ON) -+option(BUILD_SHARED_LIBS "Build shared libraries" OFF) - option(WITH_PKCS11_URI "Build with PKCS#11 URI support" OFF) - option(UNIT_TESTING "Build with unit tests" OFF) - option(CLIENT_TESTING "Build with client tests; requires openssh" OFF) - option(SERVER_TESTING "Build with server tests; requires openssh and dropbear" OFF) - option(WITH_BENCHMARKS "Build benchmarks tools" OFF) --option(WITH_EXAMPLES "Build examples" ON) -+option(WITH_EXAMPLES "Build examples" OFF) - option(WITH_NACL "Build with libnacl (curve25519)" ON) - option(WITH_SYMBOL_VERSIONING "Build with symbol versioning" ON) - option(WITH_ABI_BREAK "Allow ABI break" OFF) -@@ -25,6 +25,7 @@ option(WITH_GEX "Enable DH Group exchange mechanisms" ON) - option(WITH_INSECURE_NONE "Enable insecure none cipher and MAC algorithms (not suitable for production!)" OFF) - option(FUZZ_TESTING "Build with fuzzer for the server and client (automatically enables none cipher!)" OFF) - option(PICKY_DEVELOPER "Build with picky developer flags" OFF) -+option(WITH_STATIC_LIB "Build static library" ON) - - if (WITH_ZLIB) - set(WITH_LIBZ ON) -@@ -60,3 +61,7 @@ endif (NOT GLOBAL_CLIENT_CONFIG) - if (FUZZ_TESTING) - set(WITH_INSECURE_NONE ON) - endif (FUZZ_TESTING) -+ -+if (WITH_STATIC_LIB) -+ set(BUILD_STATIC_LIB ON) -+endif() diff --git a/include/libssh/buffer.h b/include/libssh/buffer.h index a55a1b40..e34e075c 100644 --- a/include/libssh/buffer.h From c39ab7ce62c309abfdee3cc276c9a524b777e588 Mon Sep 17 00:00:00 2001 From: Ryo Nakamura Date: Thu, 9 Mar 2023 23:21:58 +0900 Subject: [PATCH 2/4] add conanfile.txt to compile mscp as a single binary conan cmake build with -DBUILD_CONAN=ON and -DBUILD_STATIC=ON in alpine make mscp as a single binary with statically linked musl. --- .gitignore | 1 + CMakeLists.txt | 39 +++++++++++++++++++++++++++++++++++---- conanfile.txt | 7 +++++++ 3 files changed, 43 insertions(+), 4 deletions(-) create mode 100644 conanfile.txt diff --git a/.gitignore b/.gitignore index 34a91cc..b6e4c7d 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ build compile_commands.json +CMakeUserPresets.json .*.swp diff --git a/CMakeLists.txt b/CMakeLists.txt index 04ad856..8a3a950 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -9,6 +9,26 @@ project(mscp set(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -DDEBUG") list(APPEND CMAKE_MODULE_PATH ${CMAKE_SOURCE_DIR}/cmake/modules) +if(APPLE) + list(APPEND CMAKE_PREFIX_PATH /usr/local) # intel mac homebrew prefix + list(APPEND CMAKE_PREFIX_PATH /opt/homebrew) # arm mac homebrew prefix +endif() # APPLE + + +option(BUILD_CONAN OFF) # Build mscp with conan +if(BUILD_CONAN) + message(STATUS "Build mscp with conan") +endif() + +option(BUILD_STATIC OFF) # Build mscp with -static LD flag +if (BUILD_STATIC) + message(STATUS "Build mscp with -static LD optiong") + if (NOT BUILD_CONAN) + message(WARNING + "BUILD_STATIC strongly recommended with BUILD_CONAN option") + endif() +endif() + # add libssh static library set(CMAKE_POLICY_DEFAULT_CMP0077 NEW) @@ -16,12 +36,13 @@ set(WITH_SERVER OFF) set(BUILD_SHARED_LIBS OFF) set(WITH_EXAMPLES OFF) set(BUILD_STATIC_LIB ON) +if(BUILD_CONAN) + message(STATUS + "Disable libssh GSSAPI support beucase libkrb5 doesn't exist on conan") + set(WITH_GSSAPI OFF) +endif() add_subdirectory(libssh EXCLUDE_FROM_ALL) -if(APPLE) - list(APPEND CMAKE_PREFIX_PATH /usr/local) # intel mac homebrew prefix - list(APPEND CMAKE_PREFIX_PATH /opt/homebrew) # arm mac homebrew prefix -endif() # APPLE # mscp executable @@ -36,9 +57,19 @@ list(APPEND MSCP_COMPILE_OPTS -iquote ${CMAKE_CURRENT_BINARY_DIR}/libssh/include list(APPEND MSCP_INCLUDE_DIRS ${CMAKE_CURRENT_BINARY_DIR}/libssh/include) list(APPEND MSCP_LINK_LIBS ssh-static) +if(BUILD_CONAN) + find_package(ZLIB REQUIRED) + find_package(OpenSSL REQUIRED) + list(APPEND MSCP_LINK_LIBS ZLIB::ZLIB) + list(APPEND MSCP_LINK_LIBS OpenSSL::Crypto) +endif() + target_include_directories(mscp PRIVATE ${MSCP_INCLUDE_DIRS}) target_link_directories(mscp PRIVATE ${MSCP_LINK_DIRS}) target_link_libraries(mscp PRIVATE ${MSCP_LINK_LIBS}) +if (BUILD_STATIC) + target_link_options(mscp PRIVATE -static) +endif() target_compile_options(mscp PRIVATE ${MSCP_COMPILE_OPTS}) target_compile_definitions(mscp PUBLIC _VERSION="${PROJECT_VERSION}") diff --git a/conanfile.txt b/conanfile.txt new file mode 100644 index 0000000..427c345 --- /dev/null +++ b/conanfile.txt @@ -0,0 +1,7 @@ +[requires] +zlib/1.2.11 +openssl/1.1.1t + +[generators] +CMakeDeps +CMakeToolchain From 34a0e0c8911dc1c556c51737428a9824aee11a94 Mon Sep 17 00:00:00 2001 From: Ryo Nakamura Date: Fri, 10 Mar 2023 00:37:06 +0900 Subject: [PATCH 3/4] add alpine docker to build mscp as a single binary The build recipe in docker/alpine-3.17.Dockerfile uses conan to build mscp as a single binary (with statically linked musl). Now the mscp binary is portable! --- .github/workflows/release.yml | 1 + CMakeLists.txt | 6 +++--- docker/alpine-3.17.Dockerfile | 35 +++++++++++++++++++++++++++++++++++ 3 files changed, 39 insertions(+), 3 deletions(-) create mode 100644 docker/alpine-3.17.Dockerfile diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index eecca55..ad1f66f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -49,6 +49,7 @@ jobs: ${{github.workspace}}/build/mscp_${{env.VERSION}}-ubuntu-22.04-x86_64.deb ${{github.workspace}}/build/mscp_${{env.VERSION}}-centos-8-x86_64.rpm ${{github.workspace}}/build/mscp_${{env.VERSION}}-rocky-8.6-x86_64.rpm + ${{github.workspace}}/build/mscp_${{env.VERSION}}-apline-3.17-x86_64.static source-release: runs-on: ubuntu-latest diff --git a/CMakeLists.txt b/CMakeLists.txt index 8a3a950..f6ab756 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -129,9 +129,9 @@ include(CPack) # Custom targets to build and test mscp in docker containers. # foreach(IN ZIP_LISTS) (cmake >= 3.17) can shorten the following lists. # However, ubuntu 20.04 has cmake 3.16.3. So this is a roundabout trick. -list(APPEND DIST_NAMES ubuntu ubuntu centos rocky) -list(APPEND DIST_VERS 20.04 22.04 8 8.6) -list(APPEND DIST_PKGS deb deb rpm rpm) +list(APPEND DIST_NAMES ubuntu ubuntu centos rocky alpine) +list(APPEND DIST_VERS 20.04 22.04 8 8.6 3.17) +list(APPEND DIST_PKGS deb deb rpm rpm static) list(LENGTH DIST_NAMES _DIST_LISTLEN) math(EXPR DIST_LISTLEN "${_DIST_LISTLEN} - 1") diff --git a/docker/alpine-3.17.Dockerfile b/docker/alpine-3.17.Dockerfile new file mode 100644 index 0000000..56c7ba9 --- /dev/null +++ b/docker/alpine-3.17.Dockerfile @@ -0,0 +1,35 @@ +FROM alpine:3.17 + +# Build mscp with conan to create single binary mscp + +ARG mscpdir="/mscp" + +COPY . ${mscpdir} + +RUN apk add --no-cache \ + gcc make cmake python3 py3-pip perl linux-headers libc-dev \ + openssh bash python3-dev g++ + +RUN pip3 install conan pytest numpy + +# Build mscp as a single binary +RUN conan profile detect --force +RUN cd ${mscpdir} \ + && rm -rf build \ + && conan install . --output-folder=build --build=missing \ + && cd ${mscpdir}/build \ + && cmake .. \ + -DCMAKE_BUILD_TYPE=Release \ + -DCMAKE_TOOLCHAIN_FILE=conan_toolchain.cmake \ + -DBUILD_STATIC=ON -DBUILD_CONAN=ON \ + && make \ + && cp mscp /usr/bin/ \ + && cp mscp /mscp/build/mscp_0.0.6-alpine-3.17-x86_64.static + +# copy mscp to PKG FILE NAME because this build doesn't use CPACK + +# preparation for sshd +RUN ssh-keygen -A +RUN mkdir /var/run/sshd \ + && ssh-keygen -f /root/.ssh/id_rsa -N "" \ + && mv /root/.ssh/id_rsa.pub /root/.ssh/authorized_keys From ca94d77e4544862e4c43cfddde69050bdc08fd35 Mon Sep 17 00:00:00 2001 From: Ryo Nakamura Date: Fri, 10 Mar 2023 02:09:04 +0900 Subject: [PATCH 4/4] fix typo --- CMakeLists.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index f6ab756..19e50b1 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -22,7 +22,7 @@ endif() option(BUILD_STATIC OFF) # Build mscp with -static LD flag if (BUILD_STATIC) - message(STATUS "Build mscp with -static LD optiong") + message(STATUS "Build mscp with -static LD option") if (NOT BUILD_CONAN) message(WARNING "BUILD_STATIC strongly recommended with BUILD_CONAN option") @@ -38,7 +38,7 @@ set(WITH_EXAMPLES OFF) set(BUILD_STATIC_LIB ON) if(BUILD_CONAN) message(STATUS - "Disable libssh GSSAPI support beucase libkrb5 doesn't exist on conan") + "Disable libssh GSSAPI support because libkrb5 doesn't exist in conan") set(WITH_GSSAPI OFF) endif() add_subdirectory(libssh EXCLUDE_FROM_ALL)