/[gentoo-x86]/net-misc/openssh/openssh-4.2_p1.ebuild
Gentoo

Contents of /net-misc/openssh/openssh-4.2_p1.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.21 - (show annotations) (download)
Sun Mar 5 22:17:29 2006 UTC (13 years, 6 months ago) by vapier
Branch: MAIN
CVS Tags: HEAD
Changes since 1.20: +1 -1 lines
FILE REMOVED
old
(Portage version: 2.1_pre5-r4)

1 # Copyright 1999-2006 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-4.2_p1.ebuild,v 1.20 2006/02/04 17:49:30 vapier Exp $
4
5 inherit eutils flag-o-matic ccc pam
6
7 # Make it more portable between straight releases
8 # and _p? releases.
9 PARCH=${P/_/}
10
11 X509_PATCH="${PARCH}+x509-5.3.diff.gz"
12 SECURID_PATCH="${PARCH}+SecurID_v1.3.2.patch"
13 LDAP_PATCH="${PARCH/-4.2/-lpk-4.1}-0.3.6.patch"
14 HPN_PATCH="${PARCH}-hpn11.diff"
15
16 DESCRIPTION="Port of OpenBSD's free SSH release"
17 HOMEPAGE="http://www.openssh.com/"
18 SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz
19 ldap? ( http://www.opendarwin.org/en/projects/openssh-lpk/files/${LDAP_PATCH} )
20 X509? ( http://roumenpetrov.info/openssh/x509-5.3/${X509_PATCH} )
21 hpn? ( http://www.psc.edu/networking/projects/hpn-ssh/${HPN_PATCH} )
22 smartcard? ( http://www.omniti.com/~jesus/projects/${SECURID_PATCH} )"
23
24 LICENSE="as-is"
25 SLOT="0"
26 KEYWORDS="alpha amd64 arm hppa ia64 m68k mips ppc ppc64 s390 sh sparc x86"
27 IUSE="ipv6 static pam tcpd kerberos skey selinux chroot X509 ldap smartcard sftplogging hpn libedit"
28
29 RDEPEND="pam? ( virtual/pam )
30 kerberos? ( virtual/krb5 )
31 selinux? ( sys-libs/libselinux )
32 skey? ( >=app-admin/skey-1.1.5-r1 )
33 ldap? ( net-nds/openldap )
34 libedit? ( dev-libs/libedit )
35 >=dev-libs/openssl-0.9.6d
36 >=sys-libs/zlib-1.2.3
37 smartcard? ( dev-libs/opensc )
38 tcpd? ( >=sys-apps/tcp-wrappers-7.6 )"
39 DEPEND="${RDEPEND}
40 virtual/os-headers
41 sys-devel/autoconf"
42 PROVIDE="virtual/ssh"
43
44 S=${WORKDIR}/${PARCH}
45
46 src_unpack() {
47 unpack ${PARCH}.tar.gz
48 cd "${S}"
49
50 sed -i \
51 -e '/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:/usr/bin/xauth:' \
52 pathnames.h || die
53
54 epatch "${FILESDIR}"/openssh-4.2_p1-kerberos-detection.patch #80811
55 epatch "${FILESDIR}"/openssh-4.2_p1-cross-compile.patch #120567
56
57 use X509 && epatch "${DISTDIR}"/${X509_PATCH}
58 use sftplogging && epatch "${FILESDIR}"/openssh-4.2_p1-sftplogging-1.4-gentoo.patch.bz2
59 use chroot && epatch "${FILESDIR}"/openssh-3.9_p1-chroot.patch
60 epatch "${FILESDIR}"/openssh-4.2_p1-selinux.patch
61 use smartcard && epatch "${FILESDIR}"/openssh-3.9_p1-opensc.patch
62 if ! use X509 ; then
63 if [[ -n ${SECURID_PATCH} ]] && use smartcard ; then
64 epatch "${DISTDIR}"/${SECURID_PATCH}
65 use ldap && epatch "${FILESDIR}"/openssh-4.0_p1-smartcard-ldap-happy.patch
66 fi
67 if use ldap ; then
68 use sftplogging \
69 && ewarn "Sorry, sftplogging and ldap don't get along, disabling ldap" \
70 || epatch "${DISTDIR}"/${LDAP_PATCH}
71 fi
72 elif [[ -n ${SECURID_PATCH} ]] && use smartcard || use ldap ; then
73 ewarn "Sorry, x509 and smartcard/ldap don't get along"
74 fi
75 [[ -n ${HPN_PATCH} ]] && use hpn && epatch "${DISTDIR}"/${HPN_PATCH}
76
77 sed -i '/LD.*ssh-keysign/s:$: '$(bindnow-flags)':' Makefile.in || die "setuid"
78
79 autoconf || die "autoconf failed"
80 }
81
82 src_compile() {
83 addwrite /dev/ptmx
84 addpredict /etc/skey/skeykeys #skey configure code triggers this
85
86 local myconf
87 # make sure .sbss is large enough
88 use skey && use alpha && append-ldflags -mlarge-data
89 if use ldap ; then
90 filter-flags -funroll-loops
91 myconf="${myconf} --with-ldap"
92 fi
93 use selinux && append-flags -DWITH_SELINUX && append-ldflags -lselinux
94
95 if use static ; then
96 append-ldflags -static
97 use pam && ewarn "Disabling pam support becuse of static flag"
98 myconf="${myconf} --without-pam"
99 else
100 myconf="${myconf} $(use_with pam)"
101 fi
102
103 use ipv6 || myconf="${myconf} --with-ipv4-default"
104
105 econf \
106 --with-ldflags="${LDFLAGS}" \
107 --disable-strip \
108 --sysconfdir=/etc/ssh \
109 --libexecdir=/usr/$(get_libdir)/misc \
110 --datadir=/usr/share/openssh \
111 --disable-suid-ssh \
112 --with-privsep-path=/var/empty \
113 --with-privsep-user=sshd \
114 --with-md5-passwords \
115 $(use_with libedit) \
116 $(use_with kerberos kerberos5 /usr) \
117 $(use_with tcpd tcp-wrappers) \
118 $(use_with skey) \
119 $(use_with smartcard opensc) \
120 ${myconf} \
121 || die "bad configure"
122
123 emake || die "compile problem"
124 }
125
126 src_install() {
127 make install-nokeys DESTDIR="${D}" || die
128 fperms 600 /etc/ssh/sshd_config
129 dobin contrib/ssh-copy-id
130 newinitd "${FILESDIR}"/sshd.rc6 sshd
131 newconfd "${FILESDIR}"/sshd.confd sshd
132 keepdir /var/empty
133
134 newpamd "${FILESDIR}"/sshd.pam_include sshd
135 dosed "/^#Protocol /s:.*:Protocol 2:" /etc/ssh/sshd_config
136 use pam \
137 && dosed "/^#UsePAM /s:.*:UsePAM yes:" /etc/ssh/sshd_config \
138 && dosed "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" /etc/ssh/sshd_config
139
140 doman contrib/ssh-copy-id.1
141 dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config
142 }
143
144 pkg_postinst() {
145 enewgroup sshd 22
146 enewuser sshd 22 -1 /var/empty sshd
147
148 ewarn "Remember to merge your config files in /etc/ssh/ and then"
149 ewarn "restart sshd: '/etc/init.d/sshd restart'."
150 ewarn
151 einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation"
152 einfo "functionality, but please ensure that you do not explicitly disable"
153 einfo "this in your configuration as disabling it opens security holes"
154 einfo
155 einfo "This revision has removed your sshd user id and replaced it with a"
156 einfo "new one with UID 22. If you have any scripts or programs that"
157 einfo "that referenced the old UID directly, you will need to update them."
158 einfo
159 if use pam ; then
160 einfo "Please be aware users need a valid shell in /etc/passwd"
161 einfo "in order to be allowed to login."
162 einfo
163 fi
164 }

  ViewVC Help
Powered by ViewVC 1.1.20