Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
vpnkit w/ yubikey tools and opensc
#!/bin/bash
#########################################################
#### Prereqs. I think this will get all of them.
if [[ ! -d "/Library/OpenSC" ]]; then
echo "You should have OpenSC installed - grab that from https://github.com/OpenSC/OpenSC/wiki"
exit 1
fi
if [[ ! -a "/usr/local/bin/brew" ]]; then
echo "You'll need homebrew - grab that from https://brew.sh"
exit 1
fi
FILES=$(ls -al | wc -l)
if [[ $FILES -gt 4 ]]; then
echo "You'll want to run this script from an empty folder - it kind of makes a mess"
exit 1
fi
brew install check cmake gengetopt help2man libtool pkg-config asciidoc libxml2 gsed
echo "Making /usr/local/vpnkit, which will require sudo..."
sudo mkdir /usr/local/vpnkit
sudo chown ${USER}:staff /usr/local/vpnkit
export MAINDIR=$(pwd)
#########################################################
#### Build the things
#### OpenSSL
curl -L https://www.openssl.org/source/openssl-1.1.1h.tar.gz -o openssl-1.1.1h.tar.gz
tar -zxvf openssl-1.1.1h.tar.gz
cd openssl-1.1.1h
./Configure --prefix=/usr/local/vpnkit darwin64-x86_64-cc
make -j4
make install
export PKG_CONFIG_PATH=/usr/local/vpnkit/lib/pkgconfig
cd ..
#### libyubikey
curl -L https://github.com/Yubico/yubico-c/archive/libyubikey-1.13.tar.gz -o libyubikey-1.13.tar.gz
tar -zxvf libyubikey-1.13.tar.gz
cd yubico-c-libyubikey-1.13
autoreconf --install
./configure --prefix=/usr/local/vpnkit
gsed -i '/^A2X/ s/$/ --no-xmllint/' Makefile
make
make install
cd $MAINDIR
#### json-c 0.13.1 (later doesnt work w/ ykpers)
curl -L https://github.com/json-c/json-c/archive/json-c-0.13.1-20180305.tar.gz -o json-c-0.13.1-20180305.tar.gz
tar -zxvf json-c-0.13.1-20180305.tar.gz
cd json-c-json-c-0.13.1-20180305
./configure --prefix=/usr/local/vpnkit
make
make install
cd $MAINDIR
#### yubikey-personalization (for managing OTP app on the card)
curl -L https://github.com/Yubico/yubikey-personalization/archive/v1.20.0.tar.gz -o yubikey-personalization-1.20.0.tar.gz
tar -zxvf yubikey-personalization-1.20.0.tar.gz
cd yubikey-personalization-1.20.0
cat > xsltproc.patch <<__EOF
--- Makefile.am 2019-07-03 08:04:17.000000000 -0400
+++ Makefile.am.good 2020-10-08 13:35:47.000000000 -0400
@@ -95,7 +95,7 @@
MANSOURCES = ykpersonalize.1.adoc ykchalresp.1.adoc ykinfo.1.adoc
SUFFIXES = .1.adoc .1
.1.adoc.1:
- \$(A2X) -L --format=manpage -a revdate="Version \$(VERSION)" --xsltproc-opts="--nonet" $<
+ \$(A2X) -L --format=manpage -a revdate="Version \$(VERSION)" $<
# Dist docs
EXTRA_DIST = doc/Compatibility.asciidoc doc/USB-Hid-Issue.asciidoc
__EOF
patch -p0 < xsltproc.patch
autoreconf --install
./configure --prefix=/usr/local/vpnkit
make
make install
cd $MAINDIR
#### piv-tool (manages the certificates on the card)
curl -L https://github.com/Yubico/yubico-piv-tool/archive/yubico-piv-tool-2.1.1.tar.gz -o yubico-piv-tool-2.1.1.tar.gz
tar -zxvf yubico-piv-tool-2.1.1.tar.gz
cd yubico-piv-tool-yubico-piv-tool-2.1.1
mkdir build
cd build
cmake -DCMAKE_INSTALL_PREFIX=/usr/local/vpnkit ..
make install
cd $MAINDIR
#########################################################
#### Build package
mkdir pkgroot
cd pkgroot
mkdir -p Library usr/local
cp -a /Library/OpenSC Library
cp -a /usr/local/vpnkit usr/local
cd $MAINDIR
pkgbuild --root ${MAINDIR}/pkgroot --identifier net.pcable.vpnkit --version 1.0.0 --install-location / vpnkit-1.0.0.pkg
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.