/[gentoo-x86]/net-misc/openssh/openssh-4.3_p2.ebuild
Gentoo

Contents of /net-misc/openssh/openssh-4.3_p2.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.3 - (show annotations) (download)
Sun Mar 5 22:17:29 2006 UTC (13 years, 9 months ago) by vapier
Branch: MAIN
CVS Tags: HEAD
Changes since 1.2: +1 -1 lines
FILE REMOVED
old
(Portage version: 2.1_pre5-r4)

1 # Copyright 1999-2006 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-4.3_p2.ebuild,v 1.2 2006/03/05 14:54:55 lcars Exp $
4
5 inherit eutils flag-o-matic ccc pam
6
7 # Make it more portable between straight releases
8 # and _p? releases.
9 PARCH=${P/_/}
10
11 X509_PATCH="${PARCH}+x509-5.3.diff.gz"
12 SECURID_PATCH="${PARCH}+SecurID_v1.3.2.patch"
13 LDAP_PATCH="${PARCH/-4.3p2/-lpk-4.3p1}-0.3.7.patch"
14 HPN_PATCH="${PARCH/p2/p1}-hpn11.diff"
15
16 DESCRIPTION="Port of OpenBSD's free SSH release"
17 HOMEPAGE="http://www.openssh.com/"
18 SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz
19 hpn? ( http://www.psc.edu/networking/projects/hpn-ssh/${HPN_PATCH} )
20 X509? ( http://roumenpetrov.info/openssh/x509-5.3/${X509_PATCH} )
21 smartcard? ( http://www.omniti.com/~jesus/projects/${SECURID_PATCH} )
22 ldap? ( http://www.opendarwin.org/en/projects/openssh-lpk/files/${LDAP_PATCH} )"
23
24 LICENSE="as-is"
25 SLOT="0"
26 KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
27 IUSE="ipv6 static pam tcpd kerberos skey selinux chroot X509 ldap smartcard sftplogging hpn libedit"
28
29 RDEPEND="pam? ( virtual/pam )
30 kerberos? ( virtual/krb5 )
31 selinux? ( sys-libs/libselinux )
32 skey? ( >=app-admin/skey-1.1.5-r1 )
33 ldap? ( net-nds/openldap )
34 libedit? ( dev-libs/libedit )
35 >=dev-libs/openssl-0.9.6d
36 >=sys-libs/zlib-1.2.3
37 smartcard? ( dev-libs/opensc )
38 tcpd? ( >=sys-apps/tcp-wrappers-7.6 )"
39 DEPEND="${RDEPEND}
40 virtual/os-headers
41 sys-devel/autoconf"
42 PROVIDE="virtual/ssh"
43
44 S=${WORKDIR}/${PARCH}
45
46 src_unpack() {
47 unpack ${PARCH}.tar.gz
48 cd "${S}"
49
50 sed -i \
51 -e '/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:/usr/bin/xauth:' \
52 pathnames.h || die
53
54 epatch "${FILESDIR}"/openssh-4.3_p1-krb5-typos.patch #124494
55 use X509 && epatch "${DISTDIR}"/${X509_PATCH}
56 use sftplogging && epatch "${FILESDIR}"/openssh-4.2_p1-sftplogging-1.4-gentoo.patch.bz2
57 use chroot && epatch "${FILESDIR}"/openssh-3.9_p1-chroot.patch
58 epatch "${FILESDIR}"/openssh-4.2_p1-selinux.patch
59 use smartcard && epatch "${FILESDIR}"/openssh-3.9_p1-opensc.patch
60 if ! use X509 ; then
61 if [[ -n ${SECURID_PATCH} ]] && use smartcard ; then
62 epatch "${DISTDIR}"/${SECURID_PATCH}
63 use ldap && epatch "${FILESDIR}"/openssh-4.0_p1-smartcard-ldap-happy.patch
64 fi
65 if use ldap ; then
66 use sftplogging \
67 && ewarn "Sorry, sftplogging and ldap don't get along, disabling ldap" \
68 || epatch "${DISTDIR}"/${LDAP_PATCH}
69 fi
70 elif [[ -n ${SECURID_PATCH} ]] && use smartcard || use ldap ; then
71 ewarn "Sorry, x509 and smartcard/ldap don't get along"
72 fi
73 [[ -n ${HPN_PATCH} ]] && use hpn && epatch "${DISTDIR}"/${HPN_PATCH}
74
75 sed -i '/LD.*ssh-keysign/s:$: '$(bindnow-flags)':' Makefile.in || die "setuid"
76
77 autoconf || die "autoconf failed"
78 }
79
80 src_compile() {
81 addwrite /dev/ptmx
82 addpredict /etc/skey/skeykeys #skey configure code triggers this
83
84 local myconf
85 # make sure .sbss is large enough
86 use skey && use alpha && append-ldflags -mlarge-data
87 if use ldap ; then
88 filter-flags -funroll-loops
89 myconf="${myconf} --with-ldap"
90 fi
91 use selinux && append-flags -DWITH_SELINUX && append-ldflags -lselinux
92
93 if use static ; then
94 append-ldflags -static
95 use pam && ewarn "Disabling pam support becuse of static flag"
96 myconf="${myconf} --without-pam"
97 else
98 myconf="${myconf} $(use_with pam)"
99 fi
100
101 use ipv6 || myconf="${myconf} --with-ipv4-default"
102
103 econf \
104 --with-ldflags="${LDFLAGS}" \
105 --disable-strip \
106 --sysconfdir=/etc/ssh \
107 --libexecdir=/usr/$(get_libdir)/misc \
108 --datadir=/usr/share/openssh \
109 --disable-suid-ssh \
110 --with-privsep-path=/var/empty \
111 --with-privsep-user=sshd \
112 --with-md5-passwords \
113 $(use_with libedit) \
114 $(use_with kerberos kerberos5 /usr) \
115 $(use_with tcpd tcp-wrappers) \
116 $(use_with skey) \
117 $(use_with smartcard opensc) \
118 ${myconf} \
119 || die "bad configure"
120
121 emake || die "compile problem"
122 }
123
124 src_install() {
125 make install-nokeys DESTDIR="${D}" || die
126 fperms 600 /etc/ssh/sshd_config
127 dobin contrib/ssh-copy-id
128 newinitd "${FILESDIR}"/sshd.rc6 sshd
129 newconfd "${FILESDIR}"/sshd.confd sshd
130 keepdir /var/empty
131
132 newpamd "${FILESDIR}"/sshd.pam_include sshd
133 dosed "/^#Protocol /s:.*:Protocol 2:" /etc/ssh/sshd_config
134 use pam \
135 && dosed "/^#UsePAM /s:.*:UsePAM yes:" /etc/ssh/sshd_config \
136 && dosed "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" /etc/ssh/sshd_config
137
138 doman contrib/ssh-copy-id.1
139 dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config
140 }
141
142 pkg_postinst() {
143 enewgroup sshd 22
144 enewuser sshd 22 -1 /var/empty sshd
145
146 ewarn "Remember to merge your config files in /etc/ssh/ and then"
147 ewarn "restart sshd: '/etc/init.d/sshd restart'."
148 ewarn
149 einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation"
150 einfo "functionality, but please ensure that you do not explicitly disable"
151 einfo "this in your configuration as disabling it opens security holes"
152 einfo
153 einfo "This revision has removed your sshd user id and replaced it with a"
154 einfo "new one with UID 22. If you have any scripts or programs that"
155 einfo "that referenced the old UID directly, you will need to update them."
156 einfo
157 if use pam ; then
158 einfo "Please be aware users need a valid shell in /etc/passwd"
159 einfo "in order to be allowed to login."
160 einfo
161 fi
162 }

  ViewVC Help
Powered by ViewVC 1.1.20