/[gentoo-x86]/net-misc/openssh/openssh-4.3_p2-r2.ebuild
Gentoo

Contents of /net-misc/openssh/openssh-4.3_p2-r2.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.10 - (show annotations) (download)
Mon Nov 6 15:06:38 2006 UTC (12 years, 11 months ago) by vapier
Branch: MAIN
CVS Tags: HEAD
Changes since 1.9: +1 -1 lines
FILE REMOVED
old
(Portage version: 2.1.2_rc1-r3)

1 # Copyright 1999-2006 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-4.3_p2-r2.ebuild,v 1.9 2006/09/08 04:37:14 vapier Exp $
4
5 inherit eutils flag-o-matic ccc pam
6
7 # Make it more portable between straight releases
8 # and _p? releases.
9 PARCH=${P/_/}
10
11 X509_PATCH="${PARCH}+x509-5.5.diff.gz"
12 SECURID_PATCH="${PARCH}+SecurID_v1.3.2.patch"
13 LDAP_PATCH="${PARCH/-4.3p2/-lpk-4.3p1}-0.3.7.patch"
14 HPN_PATCH="${PARCH}-hpn12-gentoo.patch.bz2"
15
16 DESCRIPTION="Port of OpenBSD's free SSH release"
17 HOMEPAGE="http://www.openssh.com/"
18 SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz
19 hpn? ( http://www.psc.edu/networking/projects/hpn-ssh/${HPN_PATCH} )
20 X509? ( http://roumenpetrov.info/openssh/x509-5.5/${X509_PATCH} )
21 smartcard? ( http://www.omniti.com/~jesus/projects/${SECURID_PATCH} )
22 ldap? ( http://www.opendarwin.org/projects/openssh-lpk/files/${LDAP_PATCH} )"
23
24 LICENSE="as-is"
25 SLOT="0"
26 KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd"
27 IUSE="ipv6 static pam tcpd kerberos skey selinux chroot X509 ldap smartcard sftplogging hpn libedit X"
28
29 RDEPEND="pam? ( virtual/pam )
30 kerberos? ( virtual/krb5 )
31 selinux? ( >=sys-libs/libselinux-1.28 )
32 skey? ( >=app-admin/skey-1.1.5-r1 )
33 ldap? ( net-nds/openldap )
34 libedit? ( || ( dev-libs/libedit sys-freebsd/freebsd-lib ) )
35 >=dev-libs/openssl-0.9.6d
36 >=sys-libs/zlib-1.2.3
37 smartcard? ( dev-libs/opensc )
38 tcpd? ( >=sys-apps/tcp-wrappers-7.6 )
39 X? ( || ( x11-apps/xauth virtual/x11 ) )
40 userland_GNU? ( sys-apps/shadow )"
41 DEPEND="${RDEPEND}
42 dev-util/pkgconfig
43 virtual/os-headers
44 sys-devel/autoconf"
45
46 PROVIDE="virtual/ssh"
47
48 S=${WORKDIR}/${PARCH}
49
50 src_unpack() {
51 unpack ${PARCH}.tar.gz
52 cd "${S}"
53
54 sed -i \
55 -e '/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:/usr/bin/xauth:' \
56 pathnames.h || die
57
58 epatch "${FILESDIR}"/openssh-4.3_p2-configure.patch #137921
59 epatch "${FILESDIR}"/openssh-4.3_p1-krb5-typos.patch #124494
60 use X509 && epatch "${DISTDIR}"/${X509_PATCH} "${FILESDIR}"/${P}-x509-hpn-glue.patch
61 use sftplogging && epatch "${FILESDIR}"/openssh-4.2_p1-sftplogging-1.4-gentoo.patch.bz2
62 use chroot && epatch "${FILESDIR}"/openssh-3.9_p1-chroot.patch
63 if use X509 ; then
64 cp "${FILESDIR}"/openssh-4.3_p2-selinux.patch .
65 epatch "${FILESDIR}"/openssh-4.3_p2-selinux.patch.glue ./openssh-4.3_p2-selinux.patch
66 else
67 epatch "${FILESDIR}"/openssh-4.3_p2-selinux.patch
68 fi
69 use smartcard && epatch "${FILESDIR}"/openssh-3.9_p1-opensc.patch
70 if ! use X509 ; then
71 if [[ -n ${SECURID_PATCH} ]] && use smartcard ; then
72 epatch "${DISTDIR}"/${SECURID_PATCH} "${FILESDIR}"/${P}-securid-hpn-glue.patch
73 use ldap && epatch "${FILESDIR}"/openssh-4.0_p1-smartcard-ldap-happy.patch
74 fi
75 if use ldap ; then
76 use sftplogging \
77 && ewarn "Sorry, sftplogging and ldap don't get along, disabling ldap" \
78 || epatch "${DISTDIR}"/${LDAP_PATCH}
79 fi
80 elif [[ -n ${SECURID_PATCH} ]] && use smartcard || use ldap ; then
81 ewarn "Sorry, x509 and smartcard/ldap don't get along"
82 fi
83 [[ -n ${HPN_PATCH} ]] && use hpn && epatch "${DISTDIR}"/${HPN_PATCH}
84
85 sed -i '/LD.*ssh-keysign/s:$: '$(bindnow-flags)':' Makefile.in || die "setuid"
86
87 sed -i "s:-lcrypto:$(pkg-config --libs openssl):" configure{,.ac} || die
88
89 autoconf || die "autoconf failed"
90 }
91
92 src_compile() {
93 addwrite /dev/ptmx
94 addpredict /etc/skey/skeykeys #skey configure code triggers this
95
96 local myconf=""
97 if use static ; then
98 append-ldflags -static
99 use pam && ewarn "Disabling pam support becuse of static flag"
100 myconf="${myconf} --without-pam"
101 else
102 myconf="${myconf} $(use_with pam)"
103 fi
104
105 use ipv6 || myconf="${myconf} --with-ipv4-default"
106
107 econf \
108 --with-ldflags="${LDFLAGS}" \
109 --disable-strip \
110 --sysconfdir=/etc/ssh \
111 --libexecdir=/usr/$(get_libdir)/misc \
112 --datadir=/usr/share/openssh \
113 --disable-suid-ssh \
114 --with-privsep-path=/var/empty \
115 --with-privsep-user=sshd \
116 --with-md5-passwords \
117 $(use_with ldap) \
118 $(use_with libedit) \
119 $(use_with kerberos kerberos5 /usr) \
120 $(use_with tcpd tcp-wrappers) \
121 $(use_with selinux) \
122 $(use_with skey) \
123 $(use_with smartcard opensc) \
124 ${myconf} \
125 || die "bad configure"
126 emake || die "compile problem"
127 }
128
129 src_install() {
130 make install-nokeys DESTDIR="${D}" || die
131 fperms 600 /etc/ssh/sshd_config
132 dobin contrib/ssh-copy-id
133 newinitd "${FILESDIR}"/sshd.rc6 sshd
134 newconfd "${FILESDIR}"/sshd.confd sshd
135 keepdir /var/empty
136
137 newpamd "${FILESDIR}"/sshd.pam_include sshd
138 dosed "/^#Protocol /s:.*:Protocol 2:" /etc/ssh/sshd_config
139 use pam \
140 && dosed "/^#UsePAM /s:.*:UsePAM yes:" /etc/ssh/sshd_config \
141 && dosed "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" /etc/ssh/sshd_config
142
143 doman contrib/ssh-copy-id.1
144 dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config
145 }
146
147 pkg_postinst() {
148 enewgroup sshd 22
149 enewuser sshd 22 -1 /var/empty sshd
150
151 ewarn "Remember to merge your config files in /etc/ssh/ and then"
152 ewarn "restart sshd: '/etc/init.d/sshd restart'."
153 ewarn
154 einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation"
155 einfo "functionality, but please ensure that you do not explicitly disable"
156 einfo "this in your configuration as disabling it opens security holes"
157 einfo
158 einfo "This revision has removed your sshd user id and replaced it with a"
159 einfo "new one with UID 22. If you have any scripts or programs that"
160 einfo "that referenced the old UID directly, you will need to update them."
161 einfo
162 if use pam ; then
163 einfo "Please be aware users need a valid shell in /etc/passwd"
164 einfo "in order to be allowed to login."
165 einfo
166 fi
167 }

  ViewVC Help
Powered by ViewVC 1.1.20