pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security/openssh+gssapi Resurrect openssh+gssapi per r...
details: https://anonhg.NetBSD.org/pkgsrc/rev/2562c931c8c5
branches: trunk
changeset: 476620:2562c931c8c5
user: kristerw <kristerw%pkgsrc.org@localhost>
date: Tue Jun 15 18:44:57 2004 +0000
description:
Resurrect openssh+gssapi per request of jwise@.
diffstat:
security/openssh+gssapi/DESCR | 8 +
security/openssh+gssapi/INSTALL | 36 ++++++
security/openssh+gssapi/MESSAGE | 17 +++
security/openssh+gssapi/MESSAGE.pam | 9 +
security/openssh+gssapi/MESSAGE.urandom | 8 +
security/openssh+gssapi/Makefile | 162 +++++++++++++++++++++++++++++++
security/openssh+gssapi/PLIST | 29 +++++
security/openssh+gssapi/PLIST.pam | 2 +
security/openssh+gssapi/PLIST.prng | 3 +
security/openssh+gssapi/distinfo | 11 ++
security/openssh+gssapi/files/sshd.sh | 105 ++++++++++++++++++++
security/openssh+gssapi/patches/patch-aa | 34 ++++++
security/openssh+gssapi/patches/patch-ab | 34 ++++++
security/openssh+gssapi/patches/patch-ah | 22 ++++
security/openssh+gssapi/patches/patch-ai | 62 +++++++++++
security/openssh+gssapi/patches/patch-aj | 26 ++++
16 files changed, 568 insertions(+), 0 deletions(-)
diffs (truncated from 632 to 300 lines):
diff -r bdd5f9edc267 -r 2562c931c8c5 security/openssh+gssapi/DESCR
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/openssh+gssapi/DESCR Tue Jun 15 18:44:57 2004 +0000
@@ -0,0 +1,8 @@
+OpenSSH is based on the last free version of Tatu Ylonen's SSH with
+all patent-encumbered algorithms removed (to external libraries), all
+known security bugs fixed, new features reintroduced and many other
+clean-ups. More information about SSH itself can be found in the file
+README.Ylonen. OpenSSH has been created by Aaron Campbell, Bob Beck,
+Markus Friedl, Niels Provos, Theo de Raadt, and Dug Song.
+
+This package adds enhanced support for GSSAPI, provided by sxw.org.uk.
diff -r bdd5f9edc267 -r 2562c931c8c5 security/openssh+gssapi/INSTALL
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/openssh+gssapi/INSTALL Tue Jun 15 18:44:57 2004 +0000
@@ -0,0 +1,36 @@
+# $NetBSD: INSTALL,v 1.4 2004/06/15 18:44:57 kristerw Exp $
+
+DIRS="/etc /etc/ssh ${PKG_PREFIX}/etc ${PKG_PREFIX}/etc/ssh"
+FILES="sshd.conf sshd_config"
+
+case ${STAGE} in
+POST-INSTALL)
+ for dir in $DIRS; do
+ if [ "@PKG_SYSCONFDIR@" != "$dir" ]; then
+ for file in $FILES; do
+ path=$dir/$file
+ if [ -f $path ]; then
+ ${CAT} <<EOF
+===========================================================================
+
+ *===* NOTICE *===*
+
+WARNING: previous configuration file $path found.
+
+The config files for ${PKGNAME} must be located in:
+
+ @PKG_SYSCONFDIR@
+
+You will need to ensure your configuration files and/or keys are
+placed in the correct directory before using ${PKGNAME}.
+
+===========================================================================
+EOF
+
+ exit
+ fi
+ done
+ fi
+ done
+ ;;
+esac
diff -r bdd5f9edc267 -r 2562c931c8c5 security/openssh+gssapi/MESSAGE
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/openssh+gssapi/MESSAGE Tue Jun 15 18:44:57 2004 +0000
@@ -0,0 +1,17 @@
+===========================================================================
+$NetBSD: MESSAGE,v 1.3 2004/06/15 18:44:57 kristerw Exp $
+
+ *===* NOTICE *===*
+
+If you have existing config files for OpenSSH located at /etc/ssh.conf
+and /etc/sshd.conf, then you will have to copy them:
+
+ /etc/ssh.conf --> ${PKG_SYSCONFDIR}/ssh_config
+ /etc/sshd.conf --> ${PKG_SYSCONFDIR}/sshd_config
+
+The `${OPENSSH_USER}' user and `${OPENSSH_GROUP}' group used for
+privilege separation have been created if they did not already exist.
+For security reasons, UsePrivilegeSeparation has to be yes
+(the default value).
+
+===========================================================================
diff -r bdd5f9edc267 -r 2562c931c8c5 security/openssh+gssapi/MESSAGE.pam
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/openssh+gssapi/MESSAGE.pam Tue Jun 15 18:44:57 2004 +0000
@@ -0,0 +1,9 @@
+===========================================================================
+$NetBSD: MESSAGE.pam,v 1.3 2004/06/15 18:44:57 kristerw Exp $
+
+To authenticate for SSH using PAM, add the contents of the file:
+
+ ${EGDIR}/sshd.pam
+
+to your PAM configuration file.
+===========================================================================
diff -r bdd5f9edc267 -r 2562c931c8c5 security/openssh+gssapi/MESSAGE.urandom
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/openssh+gssapi/MESSAGE.urandom Tue Jun 15 18:44:57 2004 +0000
@@ -0,0 +1,8 @@
+===========================================================================
+$NetBSD: MESSAGE.urandom,v 1.3 2004/06/15 18:44:57 kristerw Exp $
+
+You will need a working /dev/urandom. Please make sure you have a kernel
+compiled from a config file containing the line:
+
+ pseudo-device rnd
+===========================================================================
diff -r bdd5f9edc267 -r 2562c931c8c5 security/openssh+gssapi/Makefile
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/openssh+gssapi/Makefile Tue Jun 15 18:44:57 2004 +0000
@@ -0,0 +1,162 @@
+# $NetBSD: Makefile,v 1.16 2004/06/15 18:44:57 kristerw Exp $
+
+# NOTE: This package is modeled on ../openssh, but does not share
+# files with it as that package may update faster than the gssapi
+# patches do.
+
+DISTNAME= openssh-3.6.1p2
+PKGNAME= openssh+gssapi-3.6.1.2.20030430
+PKGREVISION= 3
+SVR4_PKGNAME= osshgss
+CATEGORIES= security
+MASTER_SITES= ftp://ftp7.usa.openbsd.org/pub/os/OpenBSD/OpenSSH/portable/ \
+ ftp://ftp.stealth.net/pub/mirrors/ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \
+ http://public.planetmirror.com.au/pub/OpenBSD/OpenSSH/portable/ \
+ ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \
+ ftp://gd.tuwien.ac.at/opsys/OpenBSD/OpenSSH/portable/ \
+ ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/old/
+PATCH_SITES= http://www.sxw.org.uk/computing/patches/
+PATCHFILES= openssh-3.6.1p2-gssapi-20030430.diff
+PATCH_DIST_STRIP= -p1
+
+# Don't delete the last entry -- it's there if the pkgsrc version is not
+# up-to-date and the mirrors already removed the old distfile.
+
+MAINTAINER= jwise%NetBSD.org@localhost
+HOMEPAGE= http://www.openssh.com/
+COMMENT= Open Source Secure shell client and server with enhanced GSSAPI support
+
+CONFLICTS= sftp-[0-9]*
+CONFLICTS+= ssh-[0-9]* ssh6-[0-9]* ssh2-[0-9]*
+CONFLICTS+= openssh-[0-9]*
+
+USE_PERL5= build
+
+CRYPTO= yes
+KERBEROS= yes
+
+# retain the following line, for IPv6-ready pkgsrc webpage
+BUILD_DEFS+= USE_INET6
+#BUILD_DEFS+= KERBEROS
+
+.include "../../mk/bsd.prefs.mk"
+
+INSTALL_TARGET= install-nokeys
+PLIST_SRC= # empty
+MESSAGE_SRC= ${.CURDIR}/MESSAGE
+
+PKG_USERS= ${OPENSSH_USER}:${OPENSSH_GROUP}:${OPENSSH_UID}:sshd\\ privsep:${OPENSSH_CHROOT}:${NOLOGIN}
+PKG_GROUPS= ${OPENSSH_GROUP}:${OPENSSH_GID}
+
+SSH_PID_DIR= /var/run # default directory for PID files
+
+PKG_SYSCONFSUBDIR= ssh
+MANDIR= man
+
+PLIST_SUBST+= MANDIR=${MANDIR}
+
+USE_BUILDLINK3= yes
+USE_PKGINSTALL= yes
+GNU_CONFIGURE= yes
+CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR}
+CONFIGURE_ARGS+= --mandir=${PREFIX}/${MANDIR}
+CONFIGURE_ARGS+= --with-pid-dir=${SSH_PID_DIR}
+CONFIGURE_ARGS+= --with-ssl-dir=${SSLBASE}
+CONFIGURE_ARGS+= --with-tcp-wrappers=${BUILDLINK_PREFIX.tcp_wrappers}
+CONFIGURE_ARGS+= --with-privsep-path=${OPENSSH_CHROOT}
+CONFIGURE_ARGS+= --with-privsep-user=${OPENSSH_USER}
+CONFIGURE_ARGS+= --with-kerberos5=/usr
+CONFIGURE_ARGS+= --with-kerberos4=/usr
+
+CPPFLAGS+= -I/usr/include/krb5 -I/usr/include/kerberosIV
+
+# XXX: PAM authentication causes memory faults, and I haven't tracked down
+# XXX: why yet. For the moment, disable PAM authentication.
+#
+#.if defined(USE_PAM)
+#.include "../../security/PAM/buildlink3.mk"
+#CONFIGURE_ARGS+= --with-pam
+#PLIST_SRC+= ${.CURDIR}/PLIST.pam
+#MESSAGE_SRC+= ${.CURDIR}/MESSAGE.pam
+#.endif
+
+.if (${OPSYS} == "Darwin") || (${OPSYS} == "SunOS")
+. include "../../security/skey/buildlink3.mk"
+CONFIGURE_ARGS+= --with-skey=${BUILDLINK_PREFIX.skey}
+.elif ${OPSYS} == "NetBSD"
+# XXX: NetBSD has 4 args (4: sslen) to skeychallenge instead of 3
+#CONFIGURE_ARGS+= --with-skey=/usr
+CONFIGURE_ARGS+= --without-skey
+.else
+CONFIGURE_ARGS+= --without-skey
+.endif
+
+.if defined(KERBEROS)
+PKG_USE_KERBEROS= yes
+CONFIGURE_ARGS+= --with-kerberos4=/usr
+LDFLAGS+= -lkrb -lcom_err -lroken -ldes -lcrypto
+.endif
+
+CONFIGURE_ENV+= LD=${CC:Q}
+
+# The ssh-askpass program is in ${X11BASE}/bin or ${X11PREFIX}/bin depending
+# on if it's part of the X11 distribution, or if it's installed from pkgsrc
+# (security/ssh-askpass).
+#
+.if exists(${X11BASE}/bin/ssh-askpass)
+ASKPASS_PROGRAM= ${X11BASE}/bin/ssh-askpass
+.else
+ASKPASS_PROGRAM= ${X11PREFIX}/bin/ssh-askpass
+.endif
+CONFIGURE_ENV+= ASKPASS_PROGRAM=${ASKPASS_PROGRAM}
+MAKE_ENV+= ASKPASS_PROGRAM=${ASKPASS_PROGRAM}
+
+CONFS= ssh_config sshd_config
+SUPPS= moduli
+
+.if exists(/dev/urandom)
+MESSAGE_SRC+= ${.CURDIR}/MESSAGE.urandom
+.else
+CONFIGURE_ARGS+= --without-random
+CONFS+= ssh_prng_cmds
+PLIST_SRC+= ${.CURDIR}/PLIST.prng
+.endif
+
+EGDIR= ${PREFIX}/share/examples/openssh
+CONF_FILES= # empty
+.for FILE in ${CONFS}
+CONF_FILES+= ${EGDIR}/${FILE} ${PKG_SYSCONFDIR}/${FILE}
+.endfor
+SUPPORT_FILES= # empty
+.for FILE in ${SUPPS}
+SUPPORT_FILES+= ${EGDIR}/${FILE} ${PKG_SYSCONFDIR}/${FILE}
+.endfor
+OWN_DIRS= ${OPENSSH_CHROOT}
+RCD_SCRIPTS= sshd
+
+PLIST_SRC+= ${.CURDIR}/PLIST
+FILES_SUBST+= SSH_PID_DIR=${SSH_PID_DIR}
+MESSAGE_SUBST+= EGDIR=${EGDIR}
+MESSAGE_SUBST+= OPENSSH_USER=${OPENSSH_USER}
+MESSAGE_SUBST+= OPENSSH_GROUP=${OPENSSH_GROUP}
+
+INSTALL_EXTRA_TMPL+= ${.CURDIR}/INSTALL
+
+pre-configure:
+ cd ${WRKSRC} && ${AUTORECONF}
+
+post-install:
+ ${INSTALL_DATA_DIR} ${EGDIR}
+ cd ${WRKSRC}; for file in ${CONFS} ${SUPPS}; do \
+ ${INSTALL_DATA} $${file}.out ${EGDIR}/$${file}; \
+ done
+#.if defined(USE_PAM)
+# ${INSTALL_DATA} ${WRKSRC}/contrib/sshd.pam.freebsd ${EGDIR}/sshd.pam
+#.endif
+
+.include "../../devel/zlib/buildlink3.mk"
+.include "../../security/openssl/buildlink3.mk"
+.include "../../security/tcp_wrappers/buildlink3.mk"
+.include "../../mk/autoconf.mk"
+
+.include "../../mk/bsd.pkg.mk"
diff -r bdd5f9edc267 -r 2562c931c8c5 security/openssh+gssapi/PLIST
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/openssh+gssapi/PLIST Tue Jun 15 18:44:57 2004 +0000
@@ -0,0 +1,29 @@
+@comment $NetBSD: PLIST,v 1.4 2004/06/15 18:44:57 kristerw Exp $
+bin/scp
+bin/sftp
+bin/slogin
+bin/ssh
+bin/ssh-add
+bin/ssh-agent
+bin/ssh-keygen
+bin/ssh-keyscan
+libexec/sftp-server
+libexec/ssh-keysign
+${MANDIR}/man1/scp.1
+${MANDIR}/man1/sftp.1
+${MANDIR}/man1/slogin.1
+${MANDIR}/man1/ssh-add.1
+${MANDIR}/man1/ssh-agent.1
+${MANDIR}/man1/ssh-keygen.1
+${MANDIR}/man1/ssh-keyscan.1
+${MANDIR}/man1/ssh.1
+${MANDIR}/man5/ssh_config.5
+${MANDIR}/man5/sshd_config.5
+${MANDIR}/man8/sftp-server.8
+${MANDIR}/man8/ssh-keysign.8
+${MANDIR}/man8/sshd.8
+sbin/sshd
+share/examples/openssh/moduli
+share/examples/openssh/ssh_config
+share/examples/openssh/sshd_config
+@dirrm share/examples/openssh
diff -r bdd5f9edc267 -r 2562c931c8c5 security/openssh+gssapi/PLIST.pam
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/security/openssh+gssapi/PLIST.pam Tue Jun 15 18:44:57 2004 +0000
Home |
Main Index |
Thread Index |
Old Index