/[gentoo-x86]/net-misc/openssh/openssh-4.3_p2-r4.ebuild
Gentoo

Contents of /net-misc/openssh/openssh-4.3_p2-r4.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.5 - (show annotations) (download)
Mon Nov 6 15:06:38 2006 UTC (12 years, 11 months ago) by vapier
Branch: MAIN
CVS Tags: HEAD
Changes since 1.4: +1 -1 lines
FILE REMOVED
old
(Portage version: 2.1.2_rc1-r3)

1 # Copyright 1999-2006 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-4.3_p2-r4.ebuild,v 1.4 2006/09/24 03:38:40 vapier Exp $
4
5 WANT_AUTOCONF="latest"
6 WANT_AUTOMAKE="latest"
7 inherit eutils flag-o-matic ccc pam multilib autotools
8
9 # Make it more portable between straight releases
10 # and _p? releases.
11 PARCH=${P/_/}
12
13 X509_PATCH="${PARCH}+x509-5.5.diff.gz"
14 SECURID_PATCH="${PARCH}+SecurID_v1.3.2.patch"
15 LDAP_PATCH="${PARCH/-4.3p2/-lpk-4.3p1}-0.3.7.patch"
16 HPN_PATCH="${PARCH}-hpn12-gentoo.patch.bz2"
17
18 DESCRIPTION="Port of OpenBSD's free SSH release"
19 HOMEPAGE="http://www.openssh.com/"
20 SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz
21 hpn? ( mirror://gentoo/${HPN_PATCH} http://www.psc.edu/networking/projects/hpn-ssh/${HPN_PATCH} )
22 X509? ( http://roumenpetrov.info/openssh/x509-5.5/${X509_PATCH} )
23 smartcard? ( http://www.omniti.com/~jesus/projects/${SECURID_PATCH} )
24 ldap? ( http://www.opendarwin.org/projects/openssh-lpk/files/${LDAP_PATCH} )"
25
26 LICENSE="as-is"
27 SLOT="0"
28 KEYWORDS="~alpha amd64 ~arm hppa ~ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh sparc x86 ~x86-fbsd"
29 IUSE="ipv6 static pam tcpd kerberos skey selinux chroot X509 ldap smartcard sftplogging hpn libedit X"
30
31 RDEPEND="pam? ( virtual/pam )
32 kerberos? ( virtual/krb5 )
33 selinux? ( >=sys-libs/libselinux-1.28 )
34 skey? ( >=app-admin/skey-1.1.5-r1 )
35 ldap? ( net-nds/openldap )
36 libedit? ( || ( dev-libs/libedit sys-freebsd/freebsd-lib ) )
37 >=dev-libs/openssl-0.9.6d
38 >=sys-libs/zlib-1.2.3
39 smartcard? ( dev-libs/opensc )
40 tcpd? ( >=sys-apps/tcp-wrappers-7.6 )
41 X? ( || ( x11-apps/xauth virtual/x11 ) )
42 userland_GNU? ( sys-apps/shadow )"
43 DEPEND="${RDEPEND}
44 dev-util/pkgconfig
45 virtual/os-headers
46 sys-devel/autoconf"
47
48 PROVIDE="virtual/ssh"
49
50 S=${WORKDIR}/${PARCH}
51
52 src_unpack() {
53 unpack ${PARCH}.tar.gz
54 cd "${S}"
55
56 sed -i \
57 -e '/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:/usr/bin/xauth:' \
58 pathnames.h || die
59
60 epatch "${FILESDIR}"/openssh-4.3_p2-identical-simple-dos.patch #148228
61 epatch "${FILESDIR}"/openssh-4.3_p2-configure.patch #137921
62 epatch "${FILESDIR}"/openssh-4.3_p1-krb5-typos.patch #124494
63 epatch "${FILESDIR}"/openssh-4.3_p2-opensc-libs.patch #148538
64 use X509 && epatch "${DISTDIR}"/${X509_PATCH} "${FILESDIR}"/${P}-x509-hpn-glue.patch
65 use sftplogging && epatch "${FILESDIR}"/openssh-4.2_p1-sftplogging-1.4-gentoo.patch.bz2
66 use chroot && epatch "${FILESDIR}"/openssh-4.3_p1-chroot.patch
67 if use X509 ; then
68 cp "${FILESDIR}"/openssh-4.3_p2-selinux.patch .
69 epatch "${FILESDIR}"/openssh-4.3_p2-selinux.patch.glue ./openssh-4.3_p2-selinux.patch
70 else
71 epatch "${FILESDIR}"/openssh-4.3_p2-selinux.patch
72 fi
73 use smartcard && epatch "${FILESDIR}"/openssh-3.9_p1-opensc.patch
74 if ! use X509 ; then
75 if [[ -n ${SECURID_PATCH} ]] && use smartcard ; then
76 epatch \
77 "${DISTDIR}"/${SECURID_PATCH} \
78 "${FILESDIR}"/${P}-securid-updates.patch \
79 "${FILESDIR}"/${P}-securid-hpn-glue.patch
80 use ldap && epatch "${FILESDIR}"/openssh-4.0_p1-smartcard-ldap-happy.patch
81 fi
82 if use ldap ; then
83 use sftplogging \
84 && ewarn "Sorry, sftplogging and ldap don't get along, disabling ldap" \
85 || epatch "${DISTDIR}"/${LDAP_PATCH} "${FILESDIR}"/${P}-ldap-updates.patch
86 fi
87 elif [[ -n ${SECURID_PATCH} ]] && use smartcard || use ldap ; then
88 ewarn "Sorry, x509 and smartcard/ldap don't get along, disabling smartcard/ldap"
89 fi
90 [[ -n ${HPN_PATCH} ]] && use hpn && epatch "${DISTDIR}"/${HPN_PATCH}
91
92 sed -i '/LD.*ssh-keysign/s:$: '$(bindnow-flags)':' Makefile.in || die "setuid"
93
94 sed -i "s:-lcrypto:$(pkg-config --libs openssl):" configure{,.ac} || die
95
96 eautoreconf
97 }
98
99 src_compile() {
100 addwrite /dev/ptmx
101 addpredict /etc/skey/skeykeys #skey configure code triggers this
102
103 local myconf=""
104 if use static ; then
105 append-ldflags -static
106 use pam && ewarn "Disabling pam support becuse of static flag"
107 myconf="${myconf} --without-pam"
108 else
109 myconf="${myconf} $(use_with pam)"
110 fi
111
112 use ipv6 || myconf="${myconf} --with-ipv4-default"
113
114 econf \
115 --with-ldflags="${LDFLAGS}" \
116 --disable-strip \
117 --sysconfdir=/etc/ssh \
118 --libexecdir=/usr/$(get_libdir)/misc \
119 --datadir=/usr/share/openssh \
120 --disable-suid-ssh \
121 --with-privsep-path=/var/empty \
122 --with-privsep-user=sshd \
123 --with-md5-passwords \
124 $(use_with ldap) \
125 $(use_with libedit) \
126 $(use_with kerberos kerberos5 /usr) \
127 $(use_with tcpd tcp-wrappers) \
128 $(use_with selinux) \
129 $(use_with skey) \
130 $(use_with smartcard opensc) \
131 ${myconf} \
132 || die "bad configure"
133 emake || die "compile problem"
134 }
135
136 src_install() {
137 make install-nokeys DESTDIR="${D}" || die
138 fperms 600 /etc/ssh/sshd_config
139 dobin contrib/ssh-copy-id
140 newinitd "${FILESDIR}"/sshd.rc6 sshd
141 newconfd "${FILESDIR}"/sshd.confd sshd
142 keepdir /var/empty
143
144 newpamd "${FILESDIR}"/sshd.pam_include sshd
145 dosed "/^#Protocol /s:.*:Protocol 2:" /etc/ssh/sshd_config
146 use pam \
147 && dosed "/^#UsePAM /s:.*:UsePAM yes:" /etc/ssh/sshd_config \
148 && dosed "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" /etc/ssh/sshd_config
149
150 doman contrib/ssh-copy-id.1
151 dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config
152 }
153
154 pkg_postinst() {
155 enewgroup sshd 22
156 enewuser sshd 22 -1 /var/empty sshd
157
158 ewarn "Remember to merge your config files in /etc/ssh/ and then"
159 ewarn "restart sshd: '/etc/init.d/sshd restart'."
160 ewarn
161 einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation"
162 einfo "functionality, but please ensure that you do not explicitly disable"
163 einfo "this in your configuration as disabling it opens security holes"
164 einfo
165 einfo "This revision has removed your sshd user id and replaced it with a"
166 einfo "new one with UID 22. If you have any scripts or programs that"
167 einfo "that referenced the old UID directly, you will need to update them."
168 einfo
169 if use pam ; then
170 einfo "Please be aware users need a valid shell in /etc/passwd"
171 einfo "in order to be allowed to login."
172 einfo
173 fi
174 }

  ViewVC Help
Powered by ViewVC 1.1.20