pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/security Remove openssh+gssapi.
details: https://anonhg.NetBSD.org/pkgsrc/rev/12b90aa542c1
branches: trunk
changeset: 540066:12b90aa542c1
user: wiz <wiz%pkgsrc.org@localhost>
date: Tue Mar 25 13:44:00 2008 +0000
description:
Remove openssh+gssapi.
It has security problems for a long time now.
Removal was announced on pkgsrc-users on March 13.
diffstat:
security/Makefile | 3 +-
security/openssh+gssapi/DESCR | 8 -
security/openssh+gssapi/INSTALL | 36 ------
security/openssh+gssapi/MESSAGE | 17 ---
security/openssh+gssapi/MESSAGE.pam | 9 -
security/openssh+gssapi/MESSAGE.urandom | 8 -
security/openssh+gssapi/Makefile | 160 -------------------------------
security/openssh+gssapi/PLIST | 30 -----
security/openssh+gssapi/PLIST.pam | 2 -
security/openssh+gssapi/PLIST.prng | 3 -
security/openssh+gssapi/distinfo | 13 --
security/openssh+gssapi/files/sshd.sh | 105 --------------------
security/openssh+gssapi/patches/patch-aa | 34 ------
security/openssh+gssapi/patches/patch-ab | 34 ------
security/openssh+gssapi/patches/patch-ah | 60 -----------
security/openssh+gssapi/patches/patch-ai | 62 ------------
security/openssh+gssapi/patches/patch-aj | 26 -----
17 files changed, 1 insertions(+), 609 deletions(-)
diffs (truncated from 688 to 300 lines):
diff -r 35cf40c4a348 -r 12b90aa542c1 security/Makefile
--- a/security/Makefile Tue Mar 25 13:43:14 2008 +0000
+++ b/security/Makefile Tue Mar 25 13:44:00 2008 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.314 2008/03/16 00:15:11 wiz Exp $
+# $NetBSD: Makefile,v 1.315 2008/03/25 13:44:00 wiz Exp $
#
COMMENT= Security tools
@@ -134,7 +134,6 @@
SUBDIR+= opencdk
SUBDIR+= openpam
SUBDIR+= openssh
-SUBDIR+= openssh+gssapi
SUBDIR+= openssl
SUBDIR+= otpCalc
SUBDIR+= p0f
diff -r 35cf40c4a348 -r 12b90aa542c1 security/openssh+gssapi/DESCR
--- a/security/openssh+gssapi/DESCR Tue Mar 25 13:43:14 2008 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,8 +0,0 @@
-OpenSSH is based on the last free version of Tatu Ylonen's SSH with
-all patent-encumbered algorithms removed (to external libraries), all
-known security bugs fixed, new features reintroduced and many other
-clean-ups. More information about SSH itself can be found in the file
-README.Ylonen. OpenSSH has been created by Aaron Campbell, Bob Beck,
-Markus Friedl, Niels Provos, Theo de Raadt, and Dug Song.
-
-This package adds enhanced support for GSSAPI, provided by sxw.org.uk.
diff -r 35cf40c4a348 -r 12b90aa542c1 security/openssh+gssapi/INSTALL
--- a/security/openssh+gssapi/INSTALL Tue Mar 25 13:43:14 2008 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,36 +0,0 @@
-# $NetBSD: INSTALL,v 1.4 2004/06/15 18:44:57 kristerw Exp $
-
-DIRS="/etc /etc/ssh ${PKG_PREFIX}/etc ${PKG_PREFIX}/etc/ssh"
-FILES="sshd.conf sshd_config"
-
-case ${STAGE} in
-POST-INSTALL)
- for dir in $DIRS; do
- if [ "@PKG_SYSCONFDIR@" != "$dir" ]; then
- for file in $FILES; do
- path=$dir/$file
- if [ -f $path ]; then
- ${CAT} <<EOF
-===========================================================================
-
- *===* NOTICE *===*
-
-WARNING: previous configuration file $path found.
-
-The config files for ${PKGNAME} must be located in:
-
- @PKG_SYSCONFDIR@
-
-You will need to ensure your configuration files and/or keys are
-placed in the correct directory before using ${PKGNAME}.
-
-===========================================================================
-EOF
-
- exit
- fi
- done
- fi
- done
- ;;
-esac
diff -r 35cf40c4a348 -r 12b90aa542c1 security/openssh+gssapi/MESSAGE
--- a/security/openssh+gssapi/MESSAGE Tue Mar 25 13:43:14 2008 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,17 +0,0 @@
-===========================================================================
-$NetBSD: MESSAGE,v 1.3 2004/06/15 18:44:57 kristerw Exp $
-
- *===* NOTICE *===*
-
-If you have existing config files for OpenSSH located at /etc/ssh.conf
-and /etc/sshd.conf, then you will have to copy them:
-
- /etc/ssh.conf --> ${PKG_SYSCONFDIR}/ssh_config
- /etc/sshd.conf --> ${PKG_SYSCONFDIR}/sshd_config
-
-The `${OPENSSH_USER}' user and `${OPENSSH_GROUP}' group used for
-privilege separation have been created if they did not already exist.
-For security reasons, UsePrivilegeSeparation has to be yes
-(the default value).
-
-===========================================================================
diff -r 35cf40c4a348 -r 12b90aa542c1 security/openssh+gssapi/MESSAGE.pam
--- a/security/openssh+gssapi/MESSAGE.pam Tue Mar 25 13:43:14 2008 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,9 +0,0 @@
-===========================================================================
-$NetBSD: MESSAGE.pam,v 1.3 2004/06/15 18:44:57 kristerw Exp $
-
-To authenticate for SSH using PAM, add the contents of the file:
-
- ${EGDIR}/sshd.pam
-
-to your PAM configuration file.
-===========================================================================
diff -r 35cf40c4a348 -r 12b90aa542c1 security/openssh+gssapi/MESSAGE.urandom
--- a/security/openssh+gssapi/MESSAGE.urandom Tue Mar 25 13:43:14 2008 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,8 +0,0 @@
-===========================================================================
-$NetBSD: MESSAGE.urandom,v 1.3 2004/06/15 18:44:57 kristerw Exp $
-
-You will need a working /dev/urandom. Please make sure you have a kernel
-compiled from a config file containing the line:
-
- pseudo-device rnd
-===========================================================================
diff -r 35cf40c4a348 -r 12b90aa542c1 security/openssh+gssapi/Makefile
--- a/security/openssh+gssapi/Makefile Tue Mar 25 13:43:14 2008 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,160 +0,0 @@
-# $NetBSD: Makefile,v 1.42 2008/01/18 05:09:39 tnn Exp $
-
-# NOTE: This package is modeled on ../openssh, but does not share
-# files with it as that package may update faster than the gssapi
-# patches do.
-
-DISTNAME= openssh-3.6.1p2
-PKGNAME= openssh+gssapi-3.6.1.2.20030430
-PKGREVISION= 8
-SVR4_PKGNAME= osshgss
-CATEGORIES= security
-MASTER_SITES= ftp://ftp.stealth.net/pub/mirrors/ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \
- http://public.planetmirror.com.au/pub/OpenBSD/OpenSSH/portable/ \
- ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \
- ftp://gd.tuwien.ac.at/opsys/OpenBSD/OpenSSH/portable/ \
- ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/old/
-PATCH_SITES= http://www.sxw.org.uk/computing/patches/
-PATCHFILES= openssh-3.6.1p2-gssapi-20030430.diff
-PATCH_DIST_STRIP= -p1
-
-# Don't delete the last entry -- it's there if the pkgsrc version is not
-# up-to-date and the mirrors already removed the old distfile.
-
-MAINTAINER= jwise%NetBSD.org@localhost
-HOMEPAGE= http://www.openssh.com/
-COMMENT= Open Source Secure shell client and server with enhanced GSSAPI support
-
-CONFLICTS= sftp-[0-9]*
-CONFLICTS+= ssh-[0-9]* ssh6-[0-9]* ssh2-[0-9]*
-CONFLICTS+= openssh-[0-9]*
-CONFLICTS+= lsh>2.0
-
-CRYPTO= yes
-KERBEROS= yes
-
-# retain the following line, for IPv6-ready pkgsrc webpage
-BUILD_DEFS+= IPV6_READY
-#BUILD_DEFS+= KERBEROS
-
-.include "../../mk/bsd.prefs.mk"
-
-INSTALL_TARGET= install-nokeys
-PLIST_SRC= # empty
-MESSAGE_SRC= ${.CURDIR}/MESSAGE
-
-PKG_GROUPS_VARS+= OPENSSH_GROUP
-PKG_USERS_VARS+= OPENSSH_USER
-
-PKG_GROUPS= ${OPENSSH_GROUP}
-PKG_USERS= ${OPENSSH_USER}:${OPENSSH_GROUP}
-
-PKG_GECOS.${OPENSSH_USER}= sshd privsep pseudo-user
-PKG_HOME.${OPENSSH_USER}= ${OPENSSH_CHROOT}
-
-SSH_PID_DIR= /var/run # default directory for PID files
-
-PKG_SYSCONFSUBDIR= ssh
-
-USE_TOOLS+= autoconf perl
-GNU_CONFIGURE= yes
-CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR:Q}
-CONFIGURE_ARGS+= --with-pid-dir=${SSH_PID_DIR:Q}
-CONFIGURE_ARGS+= --with-ssl-dir=${SSLBASE:Q}
-CONFIGURE_ARGS+= --with-tcp-wrappers=${BUILDLINK_PREFIX.tcp_wrappers}
-CONFIGURE_ARGS+= --with-privsep-path=${OPENSSH_CHROOT:Q}
-CONFIGURE_ARGS+= --with-privsep-user=${OPENSSH_USER:Q}
-CONFIGURE_ARGS+= --with-kerberos5=/usr
-
-CPPFLAGS+= -I/usr/include/krb5
-
-# XXX: PAM authentication causes memory faults, and I haven't tracked down
-# XXX: why yet. For the moment, disable PAM authentication.
-#
-#PKG_OPTIONS_VAR= PKG_OPTIONS.openssh+gssapi
-#PKG_SUPPORTED_OPTIONS= pam
-#.include "../../mk/bsd.options.mk"
-#
-#.if !empty(PKG_OPTIONS:Mpam)
-#. include "../../mk/pam.buildlink3.mk"
-#CONFIGURE_ARGS+= --with-pam
-#PLIST_SRC+= ${.CURDIR}/PLIST.pam
-#MESSAGE_SRC+= ${.CURDIR}/MESSAGE.pam
-#.endif
-
-.if (${OPSYS} == "Darwin") || (${OPSYS} == "SunOS")
-. include "../../security/skey/buildlink3.mk"
-CONFIGURE_ARGS+= --with-skey=${BUILDLINK_PREFIX.skey}
-.elif ${OPSYS} == "NetBSD"
-# XXX: NetBSD has 4 args (4: sslen) to skeychallenge instead of 3
-#CONFIGURE_ARGS+= --with-skey=/usr
-CONFIGURE_ARGS+= --without-skey
-.else
-CONFIGURE_ARGS+= --without-skey
-.endif
-
-.if defined(KERBEROS)
-.include "../../security/kth-krb4/buildlink3.mk"
-PKG_USE_KERBEROS= yes
-CONFIGURE_ARGS+= --with-kerberos4=${BUILDLINK_PREFIX.kth-krb4}
-CPPFLAGS+= -I${BUILDLINK_PREFIX.kth-krb4}/include/kerberosIV
-LDFLAGS+= -L${BUILDLINK_PREFIX.kth-krb4}/lib
-LDFLAGS+= -Wl,-R${BUILDLINK_PREFIX.kth-krb4}/lib
-LDFLAGS+= -lkrb -lcom_err -lroken -ldes -lcrypto
-.endif
-
-CONFIGURE_ENV+= LD=${CC:Q}
-
-# The ssh-askpass program is in ${X11BASE}/bin or ${X11PREFIX}/bin depending
-# on if it's part of the X11 distribution, or if it's installed from pkgsrc
-# (security/ssh-askpass).
-#
-.if exists(${X11BASE}/bin/ssh-askpass)
-ASKPASS_PROGRAM= ${X11BASE}/bin/ssh-askpass
-.else
-ASKPASS_PROGRAM= ${X11PREFIX}/bin/ssh-askpass
-.endif
-CONFIGURE_ENV+= ASKPASS_PROGRAM=${ASKPASS_PROGRAM:Q}
-MAKE_ENV+= ASKPASS_PROGRAM=${ASKPASS_PROGRAM:Q}
-
-CONFS= ssh_config sshd_config moduli
-
-.if exists(/dev/urandom)
-MESSAGE_SRC+= ${.CURDIR}/MESSAGE.urandom
-.else
-CONFIGURE_ARGS+= --without-random
-CONFS+= ssh_prng_cmds
-PLIST_SRC+= ${.CURDIR}/PLIST.prng
-.endif
-
-EGDIR= ${PREFIX}/share/examples/openssh
-CONF_FILES= # empty
-.for FILE in ${CONFS}
-CONF_FILES+= ${EGDIR}/${FILE} ${PKG_SYSCONFDIR}/${FILE}
-.endfor
-OWN_DIRS= ${OPENSSH_CHROOT}
-RCD_SCRIPTS= sshd
-
-PLIST_SRC+= ${.CURDIR}/PLIST
-FILES_SUBST+= SSH_PID_DIR=${SSH_PID_DIR:Q}
-MESSAGE_SUBST+= EGDIR=${EGDIR}
-MESSAGE_SUBST+= OPENSSH_USER=${OPENSSH_USER}
-MESSAGE_SUBST+= OPENSSH_GROUP=${OPENSSH_GROUP}
-
-pre-configure:
- cd ${WRKSRC} && autoreconf
-
-post-install:
- ${INSTALL_DATA_DIR} ${EGDIR}
- cd ${WRKSRC}; for file in ${CONFS}; do \
- ${INSTALL_DATA} $${file}.out ${EGDIR}/$${file}; \
- done
-#.if !empty(PKT_OPTIONS:Mpam)
-# ${INSTALL_DATA} ${WRKSRC}/contrib/sshd.pam.freebsd ${EGDIR}/sshd.pam
-#.endif
-
-.include "../../devel/zlib/buildlink3.mk"
-.include "../../security/openssl/buildlink3.mk"
-.include "../../security/tcp_wrappers/buildlink3.mk"
-
-.include "../../mk/bsd.pkg.mk"
diff -r 35cf40c4a348 -r 12b90aa542c1 security/openssh+gssapi/PLIST
--- a/security/openssh+gssapi/PLIST Tue Mar 25 13:43:14 2008 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,30 +0,0 @@
-@comment $NetBSD: PLIST,v 1.6 2005/10/07 17:43:30 reed Exp $
-bin/scp
-bin/sftp
-bin/slogin
-bin/ssh
-bin/ssh-add
-bin/ssh-agent
-bin/ssh-keygen
-bin/ssh-keyscan
-libexec/sftp-server
-libexec/ssh-keysign
-man/man1/scp.1
-man/man1/sftp.1
-man/man1/slogin.1
-man/man1/ssh-add.1
-man/man1/ssh-agent.1
-man/man1/ssh-keygen.1
Home |
Main Index |
Thread Index |
Old Index