/[gentoo-x86]/net-misc/openssh/openssh-3.9_p1-r2.ebuild
Gentoo

Contents of /net-misc/openssh/openssh-3.9_p1-r2.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.14 - (show annotations) (download)
Tue Sep 6 22:16:05 2005 UTC (14 years, 3 months ago) by vapier
Branch: MAIN
CVS Tags: HEAD
Changes since 1.13: +1 -1 lines
FILE REMOVED
old

1 # Copyright 1999-2005 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-3.9_p1-r2.ebuild,v 1.13 2005/09/06 01:38:55 vapier Exp $
4
5 inherit eutils flag-o-matic ccc pam
6
7 # Make it more portable between straight releases
8 # and _p? releases.
9 PARCH=${P/_/}
10
11 SFTPLOG_PATCH_VER="1.2"
12 X509_PATCH="${PARCH}+x509h.diff.gz"
13 SELINUX_PATCH="openssh-3.9_p1-selinux.diff"
14 LDAP_PATCH="${PARCH/-/-lpk-}-0.3.4.patch"
15 HPN_PATCH="${PARCH}-hpn11.diff"
16
17 DESCRIPTION="Port of OpenBSD's free SSH release"
18 HOMEPAGE="http://www.openssh.com/"
19 SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz
20 ldap? ( http://www.opendarwin.org/en/projects/openssh-lpk/files/${LDAP_PATCH} )
21 X509? ( http://roumenpetrov.info/openssh/x509h/${X509_PATCH} )
22 hpn? ( http://www.psc.edu/networking/projects/hpn-ssh/${HPN_PATCH} )"
23
24 LICENSE="as-is"
25 SLOT="0"
26 KEYWORDS="alpha amd64 arm hppa ia64 mips ppc ppc64 s390 sh sparc x86"
27 IUSE="ipv6 static pam tcpd kerberos skey selinux chroot X509 ldap smartcard sftplogging hpn"
28
29 RDEPEND="pam? ( >=sys-libs/pam-0.73 >=sys-apps/shadow-4.0.2-r2 )
30 kerberos? ( virtual/krb5 )
31 selinux? ( sys-libs/libselinux )
32 skey? ( >=app-admin/skey-1.1.5-r1 )
33 ldap? ( net-nds/openldap )
34 >=dev-libs/openssl-0.9.6d
35 >=sys-libs/zlib-1.1.4
36 smartcard? ( dev-libs/opensc )
37 tcpd? ( >=sys-apps/tcp-wrappers-7.6 )"
38 DEPEND="${RDEPEND}
39 virtual/os-headers
40 sys-devel/autoconf"
41 PROVIDE="virtual/ssh"
42
43 S=${WORKDIR}/${PARCH}
44
45 src_unpack() {
46 unpack ${PARCH}.tar.gz
47 cd "${S}"
48
49 epatch "${FILESDIR}"/${P}-pamfix.patch.bz2
50 #epatch "${FILESDIR}"/${P}-largekey.patch.bz2
51 epatch "${FILESDIR}"/${P}-fix_suid.patch.bz2
52 epatch "${FILESDIR}"/${P}-infoleak.patch #59361
53 epatch "${FILESDIR}"/${P}-terminal_restore.patch.bz2
54 epatch "${FILESDIR}"/${P}-configure-openct.patch #78730
55 epatch "${FILESDIR}"/${P}-kerberos-detection.patch #80811
56
57 use sftplogging && epatch ${FILESDIR}/${P}-sftplogging-1.2-gentoo.patch.bz2
58 use skey && epatch ${FILESDIR}/${P}-skey.patch.bz2
59 use chroot && epatch ${FILESDIR}/${P}-chroot.patch
60 use X509 && epatch ${DISTDIR}/${X509_PATCH}
61 use selinux && epatch ${FILESDIR}/${SELINUX_PATCH}.bz2
62 use smartcard && epatch ${FILESDIR}/${P}-opensc.patch.bz2
63 if use ldap ; then
64 if use X509 || use sftplogging ; then
65 ewarn "Sorry, x509/sftplogging and ldap don't get along"
66 else
67 epatch ${DISTDIR}/${LDAP_PATCH}
68 fi
69 fi
70 use hpn && epatch ${DISTDIR}/${HPN_PATCH}
71
72 autoconf || die "autoconf failed"
73 }
74
75 src_compile() {
76 local myconf
77
78 addwrite /dev/ptmx
79
80 # make sure .sbss is large enough
81 use skey && use alpha && append-ldflags -mlarge-data
82 if use ldap ; then
83 filter-flags -funroll-loops
84 append-ldflags -lldap
85 append-flags -DWITH_LDAP_PUBKEY
86 fi
87 use selinux && append-flags "-DWITH_SELINUX"
88
89 if use static ; then
90 append-ldflags -static
91 use pam && ewarn "Disabling pam support becuse of static flag"
92 myconf="${myconf} --without-pam"
93 else
94 myconf="${myconf} $(use_with pam)"
95 fi
96
97 use ipv6 || myconf="${myconf} --with-ipv4-default"
98
99 econf \
100 --with-ldflags="${LDFLAGS}" \
101 --disable-strip \
102 --sysconfdir=/etc/ssh \
103 --libexecdir=/usr/$(get_libdir)/misc \
104 --datadir=/usr/share/openssh \
105 --disable-suid-ssh \
106 --with-privsep-path=/var/empty \
107 --with-privsep-user=sshd \
108 --with-md5-passwords \
109 $(use_with kerberos kerberos5 /usr) \
110 $(use_with tcpd tcp-wrappers) \
111 $(use_with skey) \
112 $(use_with smartcard opensc) \
113 ${myconf} \
114 || die "bad configure"
115
116 emake || die "compile problem"
117 }
118
119 src_install() {
120 make install-files DESTDIR="${D}" || die
121 fperms 600 /etc/ssh/sshd_config
122 dobin contrib/ssh-copy-id
123 newinitd "${FILESDIR}"/sshd.rc6 sshd
124 keepdir /var/empty
125
126 newpamd "${FILESDIR}"/sshd.pam sshd
127 dosed "/^#Protocol /s:.*:Protocol 2:" /etc/ssh/sshd_config
128 use pam \
129 && dosed "/^#UsePAM /s:.*:UsePAM yes:" /etc/ssh/sshd_config \
130 && dosed "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" /etc/ssh/sshd_config
131
132 doman contrib/ssh-copy-id.1
133 dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config
134 }
135
136 pkg_postinst() {
137 enewgroup sshd 22
138 enewuser sshd 22 -1 /var/empty sshd
139
140 ewarn "Remember to merge your config files in /etc/ssh/ and then"
141 ewarn "restart sshd: '/etc/init.d/sshd restart'."
142 ewarn
143 einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation"
144 einfo "functionality, but please ensure that you do not explicitly disable"
145 einfo "this in your configuration as disabling it opens security holes"
146 einfo
147 einfo "This revision has removed your sshd user id and replaced it with a"
148 einfo "new one with UID 22. If you have any scripts or programs that"
149 einfo "that referenced the old UID directly, you will need to update them."
150 einfo
151 if use pam ; then
152 einfo "Please be aware users need a valid shell in /etc/passwd"
153 einfo "in order to be allowed to login."
154 einfo
155 fi
156 }

  ViewVC Help
Powered by ViewVC 1.1.20