Builds OpenConnect server (http://www.infradead.org/ocserv/) into a portable, static Linux binary

build-static-ocserv.sh

#!/bin/bash -e

triple=x86_64-unknown-linux-musl
CC=/tmp/tc/bin/x86_64-unknown-linux-musl-gcc

v_nettle=3.4.1
v_gnutls=3.6.6
v_libev=4.25
v_ocserv=0.12.3

#################
#################
#################

cores=$(grep -c '^processor' /proc/cpuinfo)
instprefix=$PWD/_inst

mkdir -p $instprefix
ln -s . $instprefix/usr
ln -s . $instprefix/local

export CC
export PKG_CONFIG_SYSROOT_DIR="$instprefix"
export PKG_CONFIG_LIBDIR="$instprefix/lib/pkgconfig"

# Nettle
[ -f nettle.tar.gz ] || \
	wget https://ftp.gnu.org/gnu/nettle/nettle-$v_nettle.tar.gz -O nettle.tar.gz
[ -d nettle ] || \
	{ mkdir nettle; tar -xz -f nettle.tar.gz -C nettle --strip-components=1; }
cd nettle
cat >>mini-gmp.c <<"HEREDOC"
void mpz_div_2exp(mpz_t quotient, mpz_t dividend, unsigned long int exponent_of_2)
{
	mpz_tdiv_q_2exp(quotient, dividend, exponent_of_2);
}
void mpz_mod_2exp(mpz_t remainder, mpz_t dividend, unsigned long int exponent_of_2)
{
	mpz_tdiv_r_2exp(remainder, dividend, exponent_of_2);
}
HEREDOC
./configure --host=$triple \
	--enable-mini-gmp --enable-x86-aesni \
	--disable-{documentation,shared}
sed 's|cnd-copy\.c |&cnd-memcpy.c |' Makefile -i
make -j$cores
make DESTDIR=$instprefix install
cd ..

# GnuTLS
[ -f gnutls.tar.xz ] || \
	wget ftp://ftp.gnutls.org/gcrypt/gnutls/v${v_gnutls%.*}/gnutls-$v_gnutls.tar.xz -O gnutls.tar.xz
[ -d gnutls ] || \
	{ mkdir gnutls; tar -xJ -f gnutls.tar.xz -C gnutls --strip-components=1; }
cd gnutls
CFLAGS=-I$instprefix/include LDFLAGS=-L$instprefix/lib \
./configure --host=$triple \
	--with-nettle-mini --with-included-{libtasn1,unistring} \
	--without-p11-kit --disable-shared \
	--disable-{doc,tools,cxx,tests,nls,guile}
make -j$cores
make DESTDIR=$instprefix install
cd ..

# libev
[ -f libev.tar.gz ] || \
	wget http://dist.schmorp.de/libev/libev-$v_libev.tar.gz -O libev.tar.gz
[ -d libev ] || \
	{ mkdir libev; tar -xz -f libev.tar.gz -C libev --strip-components=1; }
cd libev
./configure --host=$triple \
	--disable-shared
make -j$cores
make DESTDIR=$instprefix install
cd ..

# Readline stub
cat >$instprefix/include/readline.h <<"HEREDOC"
#ifndef READLINE_H
#define READLINE_H
typedef char *rl_compentry_func_t(const char*, int);
typedef char **rl_completion_func_t(const char*, int, int);
extern char *rl_line_buffer;
extern char *rl_readline_name;
extern rl_completion_func_t *rl_attempted_completion_function;
extern rl_compentry_func_t *rl_completion_entry_function;
extern int rl_completion_query_items;
char *readline(const char *prompt);
void add_history(const char *string);
int rl_reset_terminal(const char *terminal_name);
char **rl_completion_matches(const char *text, void *entry_func);
void rl_redisplay(void);
#endif
HEREDOC
$CC -xc - -c -o tmp.o -O2 <<"HEREDOC"
#include <stdio.h>
#include <string.h>
char *rl_line_buffer = NULL;
char *rl_readline_name;
void *rl_attempted_completion_function;
void *rl_completion_entry_function;
int rl_completion_query_items;
char *readline(const char *prompt) {
	char buf[512], *ptr;
	if(prompt) printf("%s", prompt);
	fflush(stdout); ptr = buf;
	while((*ptr = getchar()) != '\n') ptr++;
	*ptr = '\0';
	return strdup(buf);
}
void add_history(const char *string) {}
int rl_reset_terminal(const char *terminal_name) {return 0;}
char **rl_completion_matches(const char *text, void *entry_func) {return NULL;}
void rl_redisplay(void) {}
HEREDOC
ar rcs $instprefix/lib/libreadline.a tmp.o
rm tmp.o

# OpenConnect server
[ -f ocserv.tar.xz ] || \
	wget ftp://ftp.infradead.org/pub/ocserv/ocserv-$v_ocserv.tar.xz -O ocserv.tar.xz
[ -d ocserv ] || \
	{ mkdir ocserv; tar -xJ -f ocserv.tar.xz -C ocserv --strip-components=1; }
cd ocserv
CFLAGS=-I$instprefix/include LDFLAGS="-L$instprefix/lib -static -s" \
LIBNETTLE_LIBS="-lnettle -lhogweed" LIBREADLINE_LIBS=-lreadline \
./configure --host=$triple --prefix=/ \
	--without-{protobuf,pam,radius,http-parser,lz4,gssapi,pcl-lib}
make -j$cores
make DESTDIR=$PWD/../output install
cd ..