/[gentoo-x86]/net-misc/openssh/openssh-4.3_p2-r3.ebuild
Gentoo

Contents of /net-misc/openssh/openssh-4.3_p2-r3.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.8 - (show annotations) (download)
Mon Nov 6 15:06:38 2006 UTC (12 years, 11 months ago) by vapier
Branch: MAIN
CVS Tags: HEAD
Changes since 1.7: +1 -1 lines
FILE REMOVED
old
(Portage version: 2.1.2_rc1-r3)

1 # Copyright 1999-2006 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-4.3_p2-r3.ebuild,v 1.7 2006/09/22 22:11:20 dertobi123 Exp $
4
5 inherit eutils flag-o-matic ccc pam multilib
6
7 # Make it more portable between straight releases
8 # and _p? releases.
9 PARCH=${P/_/}
10
11 X509_PATCH="${PARCH}+x509-5.5.diff.gz"
12 SECURID_PATCH="${PARCH}+SecurID_v1.3.2.patch"
13 LDAP_PATCH="${PARCH/-4.3p2/-lpk-4.3p1}-0.3.7.patch"
14 HPN_PATCH="${PARCH}-hpn12-gentoo.patch.bz2"
15
16 DESCRIPTION="Port of OpenBSD's free SSH release"
17 HOMEPAGE="http://www.openssh.com/"
18 SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz
19 hpn? ( mirror://gentoo/${HPN_PATCH} http://www.psc.edu/networking/projects/hpn-ssh/${HPN_PATCH} )
20 X509? ( http://roumenpetrov.info/openssh/x509-5.5/${X509_PATCH} )
21 smartcard? ( http://www.omniti.com/~jesus/projects/${SECURID_PATCH} )
22 ldap? ( http://www.opendarwin.org/projects/openssh-lpk/files/${LDAP_PATCH} )"
23
24 LICENSE="as-is"
25 SLOT="0"
26 KEYWORDS="~alpha amd64 ~arm hppa ~ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~x86-fbsd"
27 IUSE="ipv6 static pam tcpd kerberos skey selinux chroot X509 ldap smartcard sftplogging hpn libedit X"
28
29 RDEPEND="pam? ( virtual/pam )
30 kerberos? ( virtual/krb5 )
31 selinux? ( >=sys-libs/libselinux-1.28 )
32 skey? ( >=app-admin/skey-1.1.5-r1 )
33 ldap? ( net-nds/openldap )
34 libedit? ( || ( dev-libs/libedit sys-freebsd/freebsd-lib ) )
35 >=dev-libs/openssl-0.9.6d
36 >=sys-libs/zlib-1.2.3
37 smartcard? ( dev-libs/opensc )
38 tcpd? ( >=sys-apps/tcp-wrappers-7.6 )
39 X? ( || ( x11-apps/xauth virtual/x11 ) )
40 userland_GNU? ( sys-apps/shadow )"
41 DEPEND="${RDEPEND}
42 dev-util/pkgconfig
43 virtual/os-headers
44 sys-devel/autoconf"
45
46 PROVIDE="virtual/ssh"
47
48 S=${WORKDIR}/${PARCH}
49
50 src_unpack() {
51 unpack ${PARCH}.tar.gz
52 cd "${S}"
53
54 sed -i \
55 -e '/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:/usr/bin/xauth:' \
56 pathnames.h || die
57
58 epatch "${FILESDIR}"/openssh-4.3_p2-identical-simple-dos.patch #148228
59 epatch "${FILESDIR}"/openssh-4.3_p2-configure.patch #137921
60 epatch "${FILESDIR}"/openssh-4.3_p1-krb5-typos.patch #124494
61 use X509 && epatch "${DISTDIR}"/${X509_PATCH} "${FILESDIR}"/${P}-x509-hpn-glue.patch
62 use sftplogging && epatch "${FILESDIR}"/openssh-4.2_p1-sftplogging-1.4-gentoo.patch.bz2
63 use chroot && epatch "${FILESDIR}"/openssh-4.3_p1-chroot.patch
64 if use X509 ; then
65 cp "${FILESDIR}"/openssh-4.3_p2-selinux.patch .
66 epatch "${FILESDIR}"/openssh-4.3_p2-selinux.patch.glue ./openssh-4.3_p2-selinux.patch
67 else
68 epatch "${FILESDIR}"/openssh-4.3_p2-selinux.patch
69 fi
70 use smartcard && epatch "${FILESDIR}"/openssh-3.9_p1-opensc.patch
71 if ! use X509 ; then
72 if [[ -n ${SECURID_PATCH} ]] && use smartcard ; then
73 epatch "${DISTDIR}"/${SECURID_PATCH} "${FILESDIR}"/${P}-securid-hpn-glue.patch
74 use ldap && epatch "${FILESDIR}"/openssh-4.0_p1-smartcard-ldap-happy.patch
75 fi
76 if use ldap ; then
77 use sftplogging \
78 && ewarn "Sorry, sftplogging and ldap don't get along, disabling ldap" \
79 || epatch "${DISTDIR}"/${LDAP_PATCH}
80 fi
81 elif [[ -n ${SECURID_PATCH} ]] && use smartcard || use ldap ; then
82 ewarn "Sorry, x509 and smartcard/ldap don't get along"
83 fi
84 [[ -n ${HPN_PATCH} ]] && use hpn && epatch "${DISTDIR}"/${HPN_PATCH}
85
86 sed -i '/LD.*ssh-keysign/s:$: '$(bindnow-flags)':' Makefile.in || die "setuid"
87
88 sed -i "s:-lcrypto:$(pkg-config --libs openssl):" configure{,.ac} || die
89
90 autoconf || die "autoconf failed"
91 }
92
93 src_compile() {
94 addwrite /dev/ptmx
95 addpredict /etc/skey/skeykeys #skey configure code triggers this
96
97 local myconf=""
98 if use static ; then
99 append-ldflags -static
100 use pam && ewarn "Disabling pam support becuse of static flag"
101 myconf="${myconf} --without-pam"
102 else
103 myconf="${myconf} $(use_with pam)"
104 fi
105
106 use ipv6 || myconf="${myconf} --with-ipv4-default"
107
108 econf \
109 --with-ldflags="${LDFLAGS}" \
110 --disable-strip \
111 --sysconfdir=/etc/ssh \
112 --libexecdir=/usr/$(get_libdir)/misc \
113 --datadir=/usr/share/openssh \
114 --disable-suid-ssh \
115 --with-privsep-path=/var/empty \
116 --with-privsep-user=sshd \
117 --with-md5-passwords \
118 $(use_with ldap) \
119 $(use_with libedit) \
120 $(use_with kerberos kerberos5 /usr) \
121 $(use_with tcpd tcp-wrappers) \
122 $(use_with selinux) \
123 $(use_with skey) \
124 $(use_with smartcard opensc) \
125 ${myconf} \
126 || die "bad configure"
127 emake || die "compile problem"
128 }
129
130 src_install() {
131 make install-nokeys DESTDIR="${D}" || die
132 fperms 600 /etc/ssh/sshd_config
133 dobin contrib/ssh-copy-id
134 newinitd "${FILESDIR}"/sshd.rc6 sshd
135 newconfd "${FILESDIR}"/sshd.confd sshd
136 keepdir /var/empty
137
138 newpamd "${FILESDIR}"/sshd.pam_include sshd
139 dosed "/^#Protocol /s:.*:Protocol 2:" /etc/ssh/sshd_config
140 use pam \
141 && dosed "/^#UsePAM /s:.*:UsePAM yes:" /etc/ssh/sshd_config \
142 && dosed "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" /etc/ssh/sshd_config
143
144 doman contrib/ssh-copy-id.1
145 dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config
146 }
147
148 pkg_postinst() {
149 enewgroup sshd 22
150 enewuser sshd 22 -1 /var/empty sshd
151
152 ewarn "Remember to merge your config files in /etc/ssh/ and then"
153 ewarn "restart sshd: '/etc/init.d/sshd restart'."
154 ewarn
155 einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation"
156 einfo "functionality, but please ensure that you do not explicitly disable"
157 einfo "this in your configuration as disabling it opens security holes"
158 einfo
159 einfo "This revision has removed your sshd user id and replaced it with a"
160 einfo "new one with UID 22. If you have any scripts or programs that"
161 einfo "that referenced the old UID directly, you will need to update them."
162 einfo
163 if use pam ; then
164 einfo "Please be aware users need a valid shell in /etc/passwd"
165 einfo "in order to be allowed to login."
166 einfo
167 fi
168 }

  ViewVC Help
Powered by ViewVC 1.1.20