name: freeradius-alt-deps
-inputs:
- openssl_version:
- description: 'The version of OpenSSL to build'
- required: true
- default: '3.0.1'
- openssl_args:
- description: 'Arguments to pass to OpenSSL configure'
- required: true
- default: |
- --prefix=/opt/openssl \
- --openssldir=/usr/lib/ssl \
- --debug
runs:
using: composite
steps:
#
# PCRE 2 -> PCRE 1
# MIT Kerberos -> HEIMDAL Kerberos
- # OpenSSL 1.0 -> OpenSSL 3.0
#
- - name: 'Fetch OpenSSL SHA'
- id: opensslshasum
- shell: bash
- run: |
- wget -qO- http://www.openssl.org/source/openssl-${{ inputs.openssl_version }}.tar.gz.sha256 | sed -ne 's/^\s\+/shasum=/p' >> $GITHUB_OUTPUT
-
- - name: 'Restore OpenSSL from the cache'
- uses: actions/cache@v4
- id: openssl-cache
- with:
- path: /opt/openssl/
- key: openssl3-${{ steps.opensslshasum.outputs.shasum }}-${{ inputs.openssl_args }}
-
- #
- # Build OpenSSL from source
- #
- # We specify the system's normal home directory for OpenSSL
- # so that the normal root certificates are available.
- #
- # If this causes problems in future, the system openssl.cnf
- # can be overwritten with a custom one.
- #
- - name: 'Build OpenSSL (if cache stale)'
- if: ${{ steps.openssl-cache.outputs.cache-hit != 'true' }}
- shell: bash
- run: |
- cd ~
- wget https://www.openssl.org/source/openssl-${{inputs.openssl_version}}.tar.gz
- tar xzf openssl-${{inputs.openssl_version}}.tar.gz
- cd openssl-${{inputs.openssl_version}}
- ./Configure ${{ inputs.openssl_args }}
- make -j `nproc`
- make install_sw
- name: Use alternative libraries
shell: bash
run: |
- echo /opt/openssl/lib64 | sudo tee /etc/ld.so.conf.d/openssl3.conf >/dev/null
- sudo ldconfig
sudo apt-get install -y --no-install-recommends libpcre3-dev # "PCRE 1"
sudo apt-get purge -y libpcre2-dev # Remove default PCRE 2, leaving only PCRE 1
sudo apt-get install -y --no-install-recommends heimdal-dev
projects / thirdparty / freeradius-server.git / commitdiff
