diff options
| author |   Andrea Barisani <lcars@gentoo.org> | 2005-07-15 12:30:14 +0000 |
|---|---|---|
| committer | Andrea Barisani <lcars@gentoo.org> | 2005-07-15 12:30:14 +0000 |
| commit | f78c2cfaf0536506e177ca77a544d3c20d9450a2 (patch) | |
| tree | a6aa9f6e43bc7aa5be33148f5258f6dd22fb4446 /net-misc/openssh | |
| parent | Stabling on arm, m68k, s390, sh and sparc. (diff) | |
| download | gentoo-2-f78c2cfaf0536506e177ca77a544d3c20d9450a2.tar.gz gentoo-2-f78c2cfaf0536506e177ca77a544d3c20d9450a2.tar.bz2 gentoo-2-f78c2cfaf0536506e177ca77a544d3c20d9450a2.zip | |
new revisions with updated ldap patch
(Portage version: 2.0.51.22-r1)
Diffstat (limited to 'net-misc/openssh')
| -rw-r--r-- | net-misc/openssh/ChangeLog | 23 | ||||
| -rw-r--r-- | net-misc/openssh/Manifest | 74 | ||||
| -rw-r--r-- | net-misc/openssh/files/digest-openssh-3.9_p1-r3 | 4 | ||||
| -rw-r--r-- | net-misc/openssh/files/digest-openssh-4.0_p1-r2 | 5 | ||||
| -rw-r--r-- | net-misc/openssh/files/digest-openssh-4.1_p1-r1 | 4 | ||||
| -rw-r--r-- | net-misc/openssh/metadata.xml | 4 | ||||
| -rw-r--r-- | net-misc/openssh/openssh-3.9_p1-r3.ebuild | 157 | ||||
| -rw-r--r-- | net-misc/openssh/openssh-4.0_p1-r2.ebuild | 163 | ||||
| -rw-r--r-- | net-misc/openssh/openssh-4.1_p1-r1.ebuild | 163 |
9 files changed, 551 insertions, 46 deletions
diff --git a/net-misc/openssh/ChangeLog b/net-misc/openssh/ChangeLog index e78f58283a30..9d4762c1b9b7 100644 --- a/net-misc/openssh/ChangeLog +++ b/net-misc/openssh/ChangeLog @@ -1,6 +1,15 @@ # ChangeLog for net-misc/openssh # Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/ChangeLog,v 1.124 2005/06/26 07:54:20 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/ChangeLog,v 1.125 2005/07/15 12:30:13 lcars Exp $ + +*openssh-4.1_p1-r1 (15 Jul 2005) +*openssh-4.0_p1-r2 (15 Jul 2005) +*openssh-3.9_p1-r3 (15 Jul 2005) + + 15 Jul 2005; Andrea Barisani <lcars@gentoo.org> metadata.xml, + +openssh-3.9_p1-r3.ebuild, +openssh-4.0_p1-r2.ebuild, + +openssh-4.1_p1-r1.ebuild: + Updating openssh-lpk ldap patches to version 0.3.6. 26 Jun 2005; Mike Frysinger <vapier@gentoo.org> openssh-3.9_p1-r2.ebuild, openssh-4.0_p1-r1.ebuild, openssh-4.1_p1.ebuild: @@ -23,15 +32,15 @@ conflict #58579. 22 May 2005; Mike Frysinger <vapier@gentoo.org> openssh-4.0_p1-r1.ebuild: - Add support for RSA SecurID tokens #92233 by Antti Mäkelä. + Add support for RSA SecurID tokens #92233 by Antti Mäkelä. - 20 May 2005; Diego Pettenò <flameeyes@gentoo.org> + 20 May 2005; Diego Pettenò <flameeyes@gentoo.org> openssh-3.9_p1-r2.ebuild, openssh-4.0_p1.ebuild, openssh-4.0_p1-r1.ebuild: Inherit pam eclass for newpamd. *openssh-4.0_p1-r1 (29 Apr 2005) - 29 Apr 2005; Diego Pettenò <flameeyes@gentoo.org> + 29 Apr 2005; Diego Pettenò <flameeyes@gentoo.org> +files/sshd.pam_include, +openssh-4.0_p1-r1.ebuild: Added a new revision depending on virtual/pam (>=pam-0.78) and uses the include syntax instead of pam_stack.so. @@ -72,7 +81,7 @@ openssh-3.9_p1-r1.ebuild: Fix terminal restoration after breaking out from sftp and scp, closing #63544. - 30 Dec 2004; Bryan Østergaard <kloeri@gentoo.org> + 30 Dec 2004; Bryan Østergaard <kloeri@gentoo.org> openssh-3.9_p1-r1.ebuild: Stable on alpha, bug 59361. @@ -176,7 +185,7 @@ + Added sftp-logging patch, closing #52168. + Added patch for large keys, closing #55013. - 08 Jul 2004; Bryan Østergaard <kloeri@gentoo.org> + 08 Jul 2004; Bryan Østergaard <kloeri@gentoo.org> openssh-3.8.1_p1-r1.ebuild: Stable on alpha. @@ -197,7 +206,7 @@ 15 Jun 2004; <solar@gentoo.org> openssh-3.8.1_p1-r1.ebuild: pam & uclibc updates - 07 Jun 2004; Bryan Østergaard <kloeri@gentoo.org> openssh-3.8.1_p1.ebuild: + 07 Jun 2004; Bryan Østergaard <kloeri@gentoo.org> openssh-3.8.1_p1.ebuild: Stable on alpha. 05 Jun 2004; Hanselmann Michael <hansmi@gentoo.org> diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest index 71683046a20c..220c39cd8d63 100644 --- a/net-misc/openssh/Manifest +++ b/net-misc/openssh/Manifest @@ -1,49 +1,45 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - +MD5 9d85b67d5ff66a6125a6dbf440f11c47 ChangeLog 20973 +MD5 ff0dccf17d2b2b58a8a52554860be9a6 metadata.xml 1430 +MD5 a0b1458592ae618360b280bf9e15e1c4 openssh-3.8.1_p1-r1.ebuild 4545 +MD5 29e475571f65f429e5506f8c4fc4d951 openssh-3.9_p1-r2.ebuild 4978 MD5 db2b441d2a9eaaf2e90abebe15a8b978 openssh-4.0_p1-r1.ebuild 5268 MD5 cff4886efb9b17ac0d3a5ea26204ed55 openssh-4.1_p1.ebuild 5258 -MD5 0feff9b09e482567359625301bddce1c metadata.xml 1329 -MD5 29e475571f65f429e5506f8c4fc4d951 openssh-3.9_p1-r2.ebuild 4978 -MD5 a0b1458592ae618360b280bf9e15e1c4 openssh-3.8.1_p1-r1.ebuild 4545 -MD5 9d85b67d5ff66a6125a6dbf440f11c47 ChangeLog 20973 -MD5 2b66f75047edfac5d5e6cdbffa35383e files/sshd.pam_include 205 -MD5 a26faff36f0ec463cb4ef7366bfdc1e1 files/openssh-3.8_p1-resolv_functions.patch.bz2 315 -MD5 857f14fd111169d8838d07fb46769938 files/openssh-3.8_p1-kerberos.patch.bz2 465 -MD5 7205b89215b9dc72e3958c662065b529 files/openssh-3.9_p1-largekey.patch.bz2 1262 -MD5 7937a17eb31fc6139ef42fa04521de27 files/openssh-3.9_p1-configure-openct.patch 995 -MD5 87593c73e26e1a3825fcb51f2270b694 files/openssh-3.9_p1-chroot.patch 3027 +MD5 907f2f1236fab5357c1a10004654e795 openssh-3.9_p1-r3.ebuild 4965 +MD5 05d1c935f4a799d8fd37e4f8eb783b3e openssh-4.0_p1-r2.ebuild 5243 +MD5 6f6d4b1faa5d75acf20f8b7b683f2bc7 openssh-4.1_p1-r1.ebuild 5202 MD5 a838d5092e4bce1a4e1d1b976cce347e files/digest-openssh-3.8.1_p1-r1 216 -MD5 328a5f063659ddb400d21201feb92170 files/openssh-3.9_p1-opensc.patch.bz2 1381 -MD5 b86ae0c43a704c4ee2abd2ce5c955f8f files/sshd.pam 294 -MD5 4bee5c8ce11f30487154c3742e004f7d files/openssh-4.0_p1-smartcard-ldap-happy.patch 545 -MD5 a700af683ef42fb682fa2f313a6946c3 files/sshd.rc6 1203 -MD5 73f3b46d27bd413eb79350a2ce412bf6 files/openssh-3.9_p1-pamfix.patch.bz2 1125 -MD5 7880e18b2a91e5927810dddc7bda270f files/openssh-3.7.1_p1-selinux.diff.bz2 1353 -MD5 f68837d6568b1c98ef01db0ab629a171 files/openssh-3.9_p1-sftplogging-1.2-gentoo.patch.bz2 5935 -MD5 93d19c0ef91091a730510c46ab8e811e files/openssh-3.9_p1-selinux.diff.bz2 1307 -MD5 465aab818202ddb010f0bfca738e902a files/openssh-3.9_p1-skey.patch.bz2 270 -MD5 c326cd447fb5f86124295ef943d3bf35 files/openssh-3.9_p1-kerberos-detection.patch 593 MD5 0558277d49d667925774731e5e4e989a files/digest-openssh-3.9_p1-r2 277 -MD5 f58807d5d75bc9929883e6876c7ddd46 files/openssh-3.9_p1-terminal_restore.patch.bz2 332 -MD5 857f14fd111169d8838d07fb46769938 files/openssh-3.8.1_p1-kerberos.patch.bz2 465 -MD5 6d3c9b201c2e89b7156b2fc37ade9721 files/openssh-3.8_p1-chroot.patch.bz2 1119 -MD5 6d3c9b201c2e89b7156b2fc37ade9721 files/openssh-3.8.1_p1-chroot.patch.bz2 1119 -MD5 5b057f6a1a7c2c0f94f83bc19c4d6a9b files/openssh-3.5_p1-gentoo-sshd-gcc3.patch.bz2 253 -MD5 4400ddd29bc14480210f6005a6d28fa9 files/digest-openssh-4.1_p1 281 -MD5 a26faff36f0ec463cb4ef7366bfdc1e1 files/openssh-3.8.1_p1-resolv_functions.patch.bz2 315 -MD5 465aab818202ddb010f0bfca738e902a files/openssh-3.8_p1-skey.patch.bz2 270 MD5 6ef2226131d95667f8cf5be1eead658a files/digest-openssh-4.0_p1-r1 360 +MD5 4400ddd29bc14480210f6005a6d28fa9 files/digest-openssh-4.1_p1 281 +MD5 5b057f6a1a7c2c0f94f83bc19c4d6a9b files/openssh-3.5_p1-gentoo-sshd-gcc3.patch.bz2 253 +MD5 7880e18b2a91e5927810dddc7bda270f files/openssh-3.7.1_p1-selinux.diff.bz2 1353 +MD5 6d3c9b201c2e89b7156b2fc37ade9721 files/openssh-3.8.1_p1-chroot.patch.bz2 1119 +MD5 857f14fd111169d8838d07fb46769938 files/openssh-3.8.1_p1-kerberos.patch.bz2 465 MD5 6905aafd16d110e8e8b74cad4914ceb7 files/openssh-3.8.1_p1-largekey.patch.bz2 1304 -MD5 265e0566d8f9408f1f89cfa2bf2a5105 files/openssh-3.9_p1-fix_suid.patch.bz2 304 MD5 328a5f063659ddb400d21201feb92170 files/openssh-3.8.1_p1-opensc.patch.bz2 1381 +MD5 a26faff36f0ec463cb4ef7366bfdc1e1 files/openssh-3.8.1_p1-resolv_functions.patch.bz2 315 MD5 465aab818202ddb010f0bfca738e902a files/openssh-3.8.1_p1-skey.patch.bz2 270 +MD5 6d3c9b201c2e89b7156b2fc37ade9721 files/openssh-3.8_p1-chroot.patch.bz2 1119 +MD5 857f14fd111169d8838d07fb46769938 files/openssh-3.8_p1-kerberos.patch.bz2 465 +MD5 a26faff36f0ec463cb4ef7366bfdc1e1 files/openssh-3.8_p1-resolv_functions.patch.bz2 315 +MD5 465aab818202ddb010f0bfca738e902a files/openssh-3.8_p1-skey.patch.bz2 270 +MD5 87593c73e26e1a3825fcb51f2270b694 files/openssh-3.9_p1-chroot.patch 3027 +MD5 7937a17eb31fc6139ef42fa04521de27 files/openssh-3.9_p1-configure-openct.patch 995 +MD5 265e0566d8f9408f1f89cfa2bf2a5105 files/openssh-3.9_p1-fix_suid.patch.bz2 304 MD5 ba87dbfc3be0ab9d70fe24278d9deb02 files/openssh-3.9_p1-infoleak.patch 2496 +MD5 c326cd447fb5f86124295ef943d3bf35 files/openssh-3.9_p1-kerberos-detection.patch 593 +MD5 7205b89215b9dc72e3958c662065b529 files/openssh-3.9_p1-largekey.patch.bz2 1262 +MD5 328a5f063659ddb400d21201feb92170 files/openssh-3.9_p1-opensc.patch.bz2 1381 +MD5 73f3b46d27bd413eb79350a2ce412bf6 files/openssh-3.9_p1-pamfix.patch.bz2 1125 +MD5 93d19c0ef91091a730510c46ab8e811e files/openssh-3.9_p1-selinux.diff.bz2 1307 +MD5 f68837d6568b1c98ef01db0ab629a171 files/openssh-3.9_p1-sftplogging-1.2-gentoo.patch.bz2 5935 +MD5 465aab818202ddb010f0bfca738e902a files/openssh-3.9_p1-skey.patch.bz2 270 +MD5 f58807d5d75bc9929883e6876c7ddd46 files/openssh-3.9_p1-terminal_restore.patch.bz2 332 MD5 f5e33d1831f95c821a08893bcf3e3f5f files/openssh-4.0_p1-sftplogging-1.2-gentoo.patch.bz2 5745 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.1 (GNU/Linux) - -iD8DBQFCvl8+gIKl8Uu19MoRAjXFAJ45zRGWgKMPkpSlYAoNtU8lHH8x8gCeLc9m -N23zUTOdy0wvj20hGqzGOB0= -=SCfn ------END PGP SIGNATURE----- +MD5 4bee5c8ce11f30487154c3742e004f7d files/openssh-4.0_p1-smartcard-ldap-happy.patch 545 +MD5 b86ae0c43a704c4ee2abd2ce5c955f8f files/sshd.pam 294 +MD5 2b66f75047edfac5d5e6cdbffa35383e files/sshd.pam_include 205 +MD5 a700af683ef42fb682fa2f313a6946c3 files/sshd.rc6 1203 +MD5 0d2120ac28128f68efe07d1da49a39cd files/digest-openssh-3.9_p1-r3 277 +MD5 85aadb893604467d9fbce08e15c1d445 files/digest-openssh-4.0_p1-r2 360 +MD5 e655dc94e12d1f00104bc8254ac00361 files/digest-openssh-4.1_p1-r1 281 diff --git a/net-misc/openssh/files/digest-openssh-3.9_p1-r3 b/net-misc/openssh/files/digest-openssh-3.9_p1-r3 new file mode 100644 index 000000000000..32d24bfd09a8 --- /dev/null +++ b/net-misc/openssh/files/digest-openssh-3.9_p1-r3 @@ -0,0 +1,4 @@ +MD5 8e1774d0b52aff08f817f3987442a16e openssh-3.9p1.tar.gz 854027 +MD5 e6b4c237887d76819e4c626016077907 openssh-lpk-3.9p1-0.3.6.patch 60920 +MD5 eedb263c96a1d7bf208eb2ba70c2e238 openssh-3.9p1+x509h.diff.gz 98011 +MD5 b91d73e58e2b72aecb3025ee550411fb openssh-3.9p1-hpn11.diff 13237 diff --git a/net-misc/openssh/files/digest-openssh-4.0_p1-r2 b/net-misc/openssh/files/digest-openssh-4.0_p1-r2 new file mode 100644 index 000000000000..790840e807eb --- /dev/null +++ b/net-misc/openssh/files/digest-openssh-4.0_p1-r2 @@ -0,0 +1,5 @@ +MD5 7b36f28fc16e1b7f4ba3c1dca191ac92 openssh-4.0p1.tar.gz 889880 +MD5 28ffb4f9c62e73f2e0f436f88ee1d718 openssh-lpk-4.0p1-0.3.6.patch 60557 +MD5 a47391f0b77ad10264950c56363d4317 openssh-4.0p1+x509-5.1.diff.gz 117420 +MD5 997c4f320c171d7dce1e00fba481ccf2 openssh-4.0p1-hpn11.diff 14225 +MD5 79f5648305c8b8a1bc1414e8f6c6134c openssh-4.0p1+SecurID_v1.3.1.patch 610662 diff --git a/net-misc/openssh/files/digest-openssh-4.1_p1-r1 b/net-misc/openssh/files/digest-openssh-4.1_p1-r1 new file mode 100644 index 000000000000..7b2085b1ddb0 --- /dev/null +++ b/net-misc/openssh/files/digest-openssh-4.1_p1-r1 @@ -0,0 +1,4 @@ +MD5 959c663e709c981f07a3315bfd64f3d0 openssh-4.1p1.tar.gz 894234 +MD5 b779906d657d63794144cabe2bf978b8 openssh-lpk-4.1p1-0.3.6.patch 60312 +MD5 8d4ef926ec329c8ae551fd0133ba91e6 openssh-4.1p1+x509-5.1.diff.gz 117293 +MD5 7a9abefaf7078da86ac2e70bf154127f openssh-4.1p1-hpn11.diff 14223 diff --git a/net-misc/openssh/metadata.xml b/net-misc/openssh/metadata.xml index 03b52aba778a..dc07eace568a 100644 --- a/net-misc/openssh/metadata.xml +++ b/net-misc/openssh/metadata.xml @@ -11,6 +11,10 @@ <maintainer> <email>vapier@gentoo.org</email> </maintainer> +<maintainer> + <email>lcars@gentoo.org</email> + <description>ldap support</description> +</maintainer> <longdescription> OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools that increasing numbers of people on the Internet are coming to rely on. Many users of telnet, diff --git a/net-misc/openssh/openssh-3.9_p1-r3.ebuild b/net-misc/openssh/openssh-3.9_p1-r3.ebuild new file mode 100644 index 000000000000..55f94a720a0d --- /dev/null +++ b/net-misc/openssh/openssh-3.9_p1-r3.ebuild @@ -0,0 +1,157 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-3.9_p1-r3.ebuild,v 1.1 2005/07/15 12:30:14 lcars Exp $ + +inherit eutils flag-o-matic ccc pam + +# Make it more portable between straight releases +# and _p? releases. +PARCH=${P/_/} + +SFTPLOG_PATCH_VER="1.2" +X509_PATCH="${PARCH}+x509h.diff.gz" +SELINUX_PATCH="openssh-3.9_p1-selinux.diff" +LDAP_PATCH="${PARCH/-/-lpk-}-0.3.6.patch" +HPN_PATCH="${PARCH}-hpn11.diff" + +DESCRIPTION="Port of OpenBSD's free SSH release" +HOMEPAGE="http://www.openssh.com/" +SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz + ldap? ( http://www.opendarwin.org/en/projects/openssh-lpk/files/${LDAP_PATCH} ) + X509? ( http://roumenpetrov.info/openssh/x509h/${X509_PATCH} ) + hpn? ( http://www.psc.edu/networking/projects/hpn-ssh/${HPN_PATCH} )" + +LICENSE="as-is" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="ipv6 static pam tcpd kerberos skey selinux chroot X509 ldap smartcard nocxx sftplogging hpn" + +RDEPEND="pam? ( >=sys-libs/pam-0.73 >=sys-apps/shadow-4.0.2-r2 ) + kerberos? ( virtual/krb5 ) + selinux? ( sys-libs/libselinux ) + skey? ( >=app-admin/skey-1.1.5-r1 ) + ldap? ( net-nds/openldap ) + >=dev-libs/openssl-0.9.6d + >=sys-libs/zlib-1.1.4 + smartcard? ( dev-libs/opensc ) + tcpd? ( >=sys-apps/tcp-wrappers-7.6 )" +DEPEND="${RDEPEND} + virtual/os-headers + !nocxx? ( sys-apps/groff ) + sys-devel/autoconf" +PROVIDE="virtual/ssh" + +S=${WORKDIR}/${PARCH} + +src_unpack() { + unpack ${PARCH}.tar.gz + cd "${S}" + + epatch "${FILESDIR}"/${P}-pamfix.patch.bz2 + #epatch "${FILESDIR}"/${P}-largekey.patch.bz2 + epatch "${FILESDIR}"/${P}-fix_suid.patch.bz2 + epatch "${FILESDIR}"/${P}-infoleak.patch #59361 + epatch "${FILESDIR}"/${P}-terminal_restore.patch.bz2 + epatch "${FILESDIR}"/${P}-configure-openct.patch #78730 + epatch "${FILESDIR}"/${P}-kerberos-detection.patch #80811 + + use sftplogging && epatch ${FILESDIR}/${P}-sftplogging-1.2-gentoo.patch.bz2 + use alpha && epatch ${FILESDIR}/${PN}-3.5_p1-gentoo-sshd-gcc3.patch.bz2 + use skey && epatch ${FILESDIR}/${P}-skey.patch.bz2 + use chroot && epatch ${FILESDIR}/${P}-chroot.patch + use X509 && epatch ${DISTDIR}/${X509_PATCH} + use selinux && epatch ${FILESDIR}/${SELINUX_PATCH}.bz2 + use smartcard && epatch ${FILESDIR}/${P}-opensc.patch.bz2 + if use ldap ; then + if use X509 || use sftplogging ; then + ewarn "Sorry, x509/sftplogging and ldap don't get along" + else + epatch ${DISTDIR}/${LDAP_PATCH} + fi + fi + use hpn && epatch ${DISTDIR}/${HPN_PATCH} + + autoconf || die "autoconf failed" +} + +src_compile() { + local myconf + + addwrite /dev/ptmx + + # make sure .sbss is large enough + use skey && use alpha && append-ldflags -mlarge-data + if use ldap ; then + filter-flags -funroll-loops + myconf="${myconf} --with-ldap" + fi + use selinux && append-flags "-DWITH_SELINUX" + + if use static ; then + append-ldflags -static + use pam && ewarn "Disabling pam support becuse of static flag" + myconf="${myconf} --without-pam" + else + myconf="${myconf} $(use_with pam)" + fi + + use ipv6 || myconf="${myconf} --with-ipv4-default" + + econf \ + --with-ldflags="${LDFLAGS}" \ + --disable-strip \ + --sysconfdir=/etc/ssh \ + --libexecdir=/usr/$(get_libdir)/misc \ + --datadir=/usr/share/openssh \ + --disable-suid-ssh \ + --with-privsep-path=/var/empty \ + --with-privsep-user=sshd \ + --with-md5-passwords \ + $(use_with kerberos kerberos5 /usr) \ + $(use_with tcpd tcp-wrappers) \ + $(use_with skey) \ + $(use_with smartcard opensc) \ + ${myconf} \ + || die "bad configure" + + emake || die "compile problem" +} + +src_install() { + make install-files DESTDIR="${D}" || die + fperms 600 /etc/ssh/sshd_config + dobin contrib/ssh-copy-id + newinitd "${FILESDIR}"/sshd.rc6 sshd + keepdir /var/empty + + newpamd "${FILESDIR}"/sshd.pam sshd + dosed "/^#Protocol /s:.*:Protocol 2:" /etc/ssh/sshd_config + use pam \ + && dosed "/^#UsePAM /s:.*:UsePAM yes:" /etc/ssh/sshd_config \ + && dosed "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" /etc/ssh/sshd_config + + doman contrib/ssh-copy-id.1 + dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config +} + +pkg_postinst() { + enewgroup sshd 22 + enewuser sshd 22 /bin/false /var/empty sshd + + ewarn "Remember to merge your config files in /etc/ssh/ and then" + ewarn "restart sshd: '/etc/init.d/sshd restart'." + ewarn + einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation" + einfo "functionality, but please ensure that you do not explicitly disable" + einfo "this in your configuration as disabling it opens security holes" + einfo + einfo "This revision has removed your sshd user id and replaced it with a" + einfo "new one with UID 22. If you have any scripts or programs that" + einfo "that referenced the old UID directly, you will need to update them." + einfo + if use pam ; then + einfo "Please be aware users need a valid shell in /etc/passwd" + einfo "in order to be allowed to login." + einfo + fi +} diff --git a/net-misc/openssh/openssh-4.0_p1-r2.ebuild b/net-misc/openssh/openssh-4.0_p1-r2.ebuild new file mode 100644 index 000000000000..07af6bc2aebc --- /dev/null +++ b/net-misc/openssh/openssh-4.0_p1-r2.ebuild @@ -0,0 +1,163 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-4.0_p1-r2.ebuild,v 1.1 2005/07/15 12:30:14 lcars Exp $ + +inherit eutils flag-o-matic ccc pam + +# Make it more portable between straight releases +# and _p? releases. +PARCH=${P/_/} + +SFTPLOG_PATCH_VER="1.2" +X509_PATCH="${PARCH}+x509-5.1.diff.gz" +SELINUX_PATCH="openssh-3.9_p1-selinux.diff" +SECURID_PATCH="${PARCH}+SecurID_v1.3.1.patch" +LDAP_PATCH="${PARCH/-/-lpk-}-0.3.6.patch" +HPN_PATCH="${PARCH}-hpn11.diff" + +DESCRIPTION="Port of OpenBSD's free SSH release" +HOMEPAGE="http://www.openssh.com/" +SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz + ldap? ( http://www.opendarwin.org/en/projects/openssh-lpk/files/${LDAP_PATCH} ) + X509? ( http://roumenpetrov.info/openssh/x509-5.1/${X509_PATCH} ) + hpn? ( http://www.psc.edu/networking/projects/hpn-ssh/${HPN_PATCH} ) + smartcard? ( http://www.omniti.com/~jesus/projects/${SECURID_PATCH} )" + + +LICENSE="as-is" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="ipv6 static pam tcpd kerberos skey selinux chroot X509 ldap smartcard nocxx sftplogging hpn libedit" + +RDEPEND="pam? ( virtual/pam ) + kerberos? ( virtual/krb5 ) + selinux? ( sys-libs/libselinux ) + skey? ( >=app-admin/skey-1.1.5-r1 ) + ldap? ( net-nds/openldap ) + libedit? ( dev-libs/libedit ) + >=dev-libs/openssl-0.9.6d + >=sys-libs/zlib-1.1.4 + smartcard? ( dev-libs/opensc ) + tcpd? ( >=sys-apps/tcp-wrappers-7.6 )" +DEPEND="${RDEPEND} + virtual/os-headers + !nocxx? ( sys-apps/groff ) + sys-devel/autoconf" +PROVIDE="virtual/ssh" + +S=${WORKDIR}/${PARCH} + +src_unpack() { + unpack ${PARCH}.tar.gz + cd "${S}" + + #epatch "${FILESDIR}"/openssh-3.9_p1-largekey.patch.bz2 + epatch "${FILESDIR}"/openssh-3.9_p1-configure-openct.patch #78730 + epatch "${FILESDIR}"/openssh-3.9_p1-kerberos-detection.patch #80811 + + use X509 && epatch ${DISTDIR}/${X509_PATCH} + use sftplogging && epatch ${FILESDIR}/openssh-4.0_p1-sftplogging-1.2-gentoo.patch.bz2 + use skey && epatch ${FILESDIR}/openssh-3.9_p1-skey.patch.bz2 + use chroot && epatch ${FILESDIR}/openssh-3.9_p1-chroot.patch + use selinux && epatch ${FILESDIR}/${SELINUX_PATCH}.bz2 + use smartcard && epatch ${FILESDIR}/openssh-3.9_p1-opensc.patch.bz2 + if ! use X509 ; then + use smartcard && epatch ${DISTDIR}/${SECURID_PATCH} + use smartcard && use ldap && epatch ${FILESDIR}/openssh-4.0_p1-smartcard-ldap-happy.patch + if use sftplogging ; then + ewarn "Sorry, sftplogging and ldap don't get along" + else + use ldap && epatch ${DISTDIR}/${LDAP_PATCH} + fi + elif use smartcard || use ldap ; then + ewarn "Sorry, x509 and smartcard/ldap don't get along" + fi + use hpn && epatch ${DISTDIR}/${HPN_PATCH} + + sed -i '/LD.*ssh-keysign/s:$: -Wl,-z,now:' Makefile.in || die "setuid" + + autoconf || die "autoconf failed" +} + +src_compile() { + local myconf + + addwrite /dev/ptmx + + # make sure .sbss is large enough + use skey && use alpha && append-ldflags -mlarge-data + if use ldap ; then + filter-flags -funroll-loops + myconf="${myconf} --with-ldap" + fi + use selinux && append-flags "-DWITH_SELINUX" + + if use static ; then + append-ldflags -static + use pam && ewarn "Disabling pam support becuse of static flag" + myconf="${myconf} --without-pam" + else + myconf="${myconf} $(use_with pam)" + fi + + use ipv6 || myconf="${myconf} --with-ipv4-default" + + econf \ + --with-ldflags="${LDFLAGS}" \ + --disable-strip \ + --sysconfdir=/etc/ssh \ + --libexecdir=/usr/$(get_libdir)/misc \ + --datadir=/usr/share/openssh \ + --disable-suid-ssh \ + --with-privsep-path=/var/empty \ + --with-privsep-user=sshd \ + --with-md5-passwords \ + $(use_with libedit) \ + $(use_with kerberos kerberos5 /usr) \ + $(use_with tcpd tcp-wrappers) \ + $(use_with skey) \ + $(use_with smartcard opensc) \ + ${myconf} \ + || die "bad configure" + + emake || die "compile problem" +} + +src_install() { + make install-nokeys DESTDIR="${D}" || die + fperms 600 /etc/ssh/sshd_config + dobin contrib/ssh-copy-id + newinitd "${FILESDIR}"/sshd.rc6 sshd + keepdir /var/empty + + newpamd "${FILESDIR}"/sshd.pam_include sshd + dosed "/^#Protocol /s:.*:Protocol 2:" /etc/ssh/sshd_config + use pam \ + && dosed "/^#UsePAM /s:.*:UsePAM yes:" /etc/ssh/sshd_config \ + && dosed "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" /etc/ssh/sshd_config + + doman contrib/ssh-copy-id.1 + dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config +} + +pkg_postinst() { + enewgroup sshd 22 + enewuser sshd 22 /bin/false /var/empty sshd + + ewarn "Remember to merge your config files in /etc/ssh/ and then" + ewarn "restart sshd: '/etc/init.d/sshd restart'." + ewarn + einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation" + einfo "functionality, but please ensure that you do not explicitly disable" + einfo "this in your configuration as disabling it opens security holes" + einfo + einfo "This revision has removed your sshd user id and replaced it with a" + einfo "new one with UID 22. If you have any scripts or programs that" + einfo "that referenced the old UID directly, you will need to update them." + einfo + if use pam ; then + einfo "Please be aware users need a valid shell in /etc/passwd" + einfo "in order to be allowed to login." + einfo + fi +} diff --git a/net-misc/openssh/openssh-4.1_p1-r1.ebuild b/net-misc/openssh/openssh-4.1_p1-r1.ebuild new file mode 100644 index 000000000000..99e1a81d5880 --- /dev/null +++ b/net-misc/openssh/openssh-4.1_p1-r1.ebuild @@ -0,0 +1,163 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-4.1_p1-r1.ebuild,v 1.1 2005/07/15 12:30:14 lcars Exp $ + +inherit eutils flag-o-matic ccc pam + +# Make it more portable between straight releases +# and _p? releases. +PARCH=${P/_/} + +SFTPLOG_PATCH_VER="1.2" +X509_PATCH="${PARCH}+x509-5.1.diff.gz" +SELINUX_PATCH="openssh-3.9_p1-selinux.diff" +SECURID_PATCH="" #${PARCH}+SecurID_v1.3.1.patch +LDAP_PATCH="${PARCH/-/-lpk-}-0.3.6.patch" +HPN_PATCH="${PARCH}-hpn11.diff" + +DESCRIPTION="Port of OpenBSD's free SSH release" +HOMEPAGE="http://www.openssh.com/" +SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz + ldap? ( http://www.opendarwin.org/en/projects/openssh-lpk/files/${LDAP_PATCH} ) + X509? ( http://roumenpetrov.info/openssh/x509-5.1/${X509_PATCH} ) + hpn? ( http://www.psc.edu/networking/projects/hpn-ssh/${HPN_PATCH} )" +# smartcard? ( http://www.omniti.com/~jesus/projects/${SECURID_PATCH} ) + +LICENSE="as-is" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="ipv6 static pam tcpd kerberos skey selinux chroot X509 ldap smartcard nocxx sftplogging hpn libedit" + +RDEPEND="pam? ( virtual/pam ) + kerberos? ( virtual/krb5 ) + selinux? ( sys-libs/libselinux ) + skey? ( >=app-admin/skey-1.1.5-r1 ) + ldap? ( net-nds/openldap ) + libedit? ( dev-libs/libedit ) + >=dev-libs/openssl-0.9.6d + >=sys-libs/zlib-1.1.4 + smartcard? ( dev-libs/opensc ) + tcpd? ( >=sys-apps/tcp-wrappers-7.6 )" +DEPEND="${RDEPEND} + virtual/os-headers + !nocxx? ( sys-apps/groff ) + sys-devel/autoconf" +PROVIDE="virtual/ssh" + +S=${WORKDIR}/${PARCH} + +src_unpack() { + unpack ${PARCH}.tar.gz + cd "${S}" + + #epatch "${FILESDIR}"/openssh-3.9_p1-largekey.patch.bz2 + epatch "${FILESDIR}"/openssh-3.9_p1-kerberos-detection.patch #80811 + + use X509 && epatch ${DISTDIR}/${X509_PATCH} + use sftplogging && epatch ${FILESDIR}/openssh-4.0_p1-sftplogging-1.2-gentoo.patch.bz2 + use skey && epatch ${FILESDIR}/openssh-3.9_p1-skey.patch.bz2 + use chroot && epatch ${FILESDIR}/openssh-3.9_p1-chroot.patch + use selinux && epatch ${FILESDIR}/${SELINUX_PATCH}.bz2 + use smartcard && epatch ${FILESDIR}/openssh-3.9_p1-opensc.patch.bz2 + if ! use X509 ; then + if [[ -n ${SECURID_PATCH} ]] && use smartcard ; then + epatch ${DISTDIR}/${SECURID_PATCH} + use ldap && epatch ${FILESDIR}/openssh-4.0_p1-smartcard-ldap-happy.patch + fi + if use sftplogging ; then + ewarn "Sorry, sftplogging and ldap don't get along" + else + use ldap && epatch ${DISTDIR}/${LDAP_PATCH} + fi + elif use smartcard || use ldap ; then + ewarn "Sorry, x509 and smartcard/ldap don't get along" + fi + use hpn && epatch ${DISTDIR}/${HPN_PATCH} + + sed -i '/LD.*ssh-keysign/s:$: -Wl,-z,now:' Makefile.in || die "setuid" + + autoconf || die "autoconf failed" +} + +src_compile() { + local myconf + + addwrite /dev/ptmx + + # make sure .sbss is large enough + use skey && use alpha && append-ldflags -mlarge-data + if use ldap ; then + filter-flags -funroll-loops + myconf="${myconf} --with-ldap" + fi + use selinux && append-flags "-DWITH_SELINUX" + + if use static ; then + append-ldflags -static + use pam && ewarn "Disabling pam support becuse of static flag" + myconf="${myconf} --without-pam" + else + myconf="${myconf} $(use_with pam)" + fi + + use ipv6 || myconf="${myconf} --with-ipv4-default" + + econf \ + --with-ldflags="${LDFLAGS}" \ + --disable-strip \ + --sysconfdir=/etc/ssh \ + --libexecdir=/usr/$(get_libdir)/misc \ + --datadir=/usr/share/openssh \ + --disable-suid-ssh \ + --with-privsep-path=/var/empty \ + --with-privsep-user=sshd \ + --with-md5-passwords \ + $(use_with libedit) \ + $(use_with kerberos kerberos5 /usr) \ + $(use_with tcpd tcp-wrappers) \ + $(use_with skey) \ + $(use_with smartcard opensc) \ + ${myconf} \ + || die "bad configure" + + emake || die "compile problem" +} + +src_install() { + make install-nokeys DESTDIR="${D}" || die + fperms 600 /etc/ssh/sshd_config + dobin contrib/ssh-copy-id + newinitd "${FILESDIR}"/sshd.rc6 sshd + keepdir /var/empty + + newpamd "${FILESDIR}"/sshd.pam_include sshd + dosed "/^#Protocol /s:.*:Protocol 2:" /etc/ssh/sshd_config + use pam \ + && dosed "/^#UsePAM /s:.*:UsePAM yes:" /etc/ssh/sshd_config \ + && dosed "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" /etc/ssh/sshd_config + + doman contrib/ssh-copy-id.1 + dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config +} + +pkg_postinst() { + enewgroup sshd 22 + enewuser sshd 22 /bin/false /var/empty sshd + + ewarn "Remember to merge your config files in /etc/ssh/ and then" + ewarn "restart sshd: '/etc/init.d/sshd restart'." + ewarn + einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation" + einfo "functionality, but please ensure that you do not explicitly disable" + einfo "this in your configuration as disabling it opens security holes" + einfo + einfo "This revision has removed your sshd user id and replaced it with a" + einfo "new one with UID 22. If you have any scripts or programs that" + einfo "that referenced the old UID directly, you will need to update them." + einfo + if use pam ; then + einfo "Please be aware users need a valid shell in /etc/passwd" + einfo "in order to be allowed to login." + einfo + fi +} |