diff options
author | Mike Hammill <mike@kth.se> | 2011-02-16 00:08:17 +0100 |
---|---|---|
committer | Mike Hammill <mike@kth.se> | 2011-02-16 00:08:17 +0100 |
commit | e635c7be32644e21562dd06f0148d3d047c68c8b (patch) | |
tree | d77db7637d06a22a5d6fd49c7efa9e21a92b6912 | |
parent | Apply Simon Wilkinson's patch to 5.6_p1-r2 openssh. (diff) | |
download | mhammill-e635c7be32644e21562dd06f0148d3d047c68c8b.tar.gz mhammill-e635c7be32644e21562dd06f0148d3d047c68c8b.tar.bz2 mhammill-e635c7be32644e21562dd06f0148d3d047c68c8b.zip |
Apply Simon Wilkinson's kext patch and remove incompatibilities.
-rw-r--r-- | net-misc/openssh/Manifest | 26 | ||||
-rw-r--r-- | net-misc/openssh/metadata.xml | 10 | ||||
-rw-r--r-- | net-misc/openssh/openssh-5.7_p1-r1.ebuild | 258 |
3 files changed, 286 insertions, 8 deletions
diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest index f568ab5..c18c110 100644 --- a/net-misc/openssh/Manifest +++ b/net-misc/openssh/Manifest @@ -1,27 +1,39 @@ -AUX openssh-3.9_p1-opensc.patch 3242 RMD160 9c382109f0a64c30d6404f6c6ecdd274b8114fd3 SHA1 1020a213c5acb479003bebe6e4bed0f5b1e56a9f SHA256 36f27a6cd277cf08fadbc23cd4d019def69f40a601d75e63ead7bdc7cdf0539b AUX openssh-4.7_p1-GSSAPI-dns.patch 4494 RMD160 4e02e0a85c0e33c917ec8c22b4e1c173a9d7d79e SHA1 d8a81eb92a49763106cfa5b319c22c6f188508ef SHA256 88a08f349258d4be5b2faa838a89fe1aa0196502990b745ac0e3a70dda30a0d7 -AUX openssh-4.7p1-selinux.diff 541 RMD160 bcb8f1fef2ae8378e7000732223c6116e06e0d6f SHA1 395b4dcff3eb7b92582a4364e612fff87278e7bc SHA256 ef8d71c46059bdcc8487cad06914639a8237197561cc030d8eed3baf418cc810 AUX openssh-5.2_p1-autoconf.patch 386 RMD160 8e57ae97df0b2483f826a7aba00bc0622b9a28f8 SHA1 22c4e40f54f97f866b460fe8987eb16363410caf SHA256 42bb5f23f02241186abd6158ac15cd1fba0fadb4bd79e6b051fbd05605419ebb AUX openssh-5.2_p1-gsskex-fix.patch 408 RMD160 6a6296cd1c8acc52af4e0d8b6238b326d5d41e77 SHA1 b31e5294c68e6af9a75987a1c3ece5e52f56e9a5 SHA256 8190db31ed2e8dc6ce79030e5c648d04610b06dd8366df5948ef6e990314ee96 AUX openssh-5.2_p1-x509-hpn-glue.patch 2851 RMD160 2c3fbb549976f9004e89bcfb58dadf2186f64517 SHA1 ff666fb2a0ef3fc7d703f99438ca4c39ee2eafdf SHA256 a21336a892b61e29a556d16e9f0a67ee08ad04dd61e3963a201fdf032ce55f75 AUX openssh-5.2p1-ldap-stdargs.diff 252 RMD160 7bf89a0946446b43ce3026b7b01a9a4c637f388a SHA1 7b62038dc3060b1e77df213c85874ba80acd8f64 SHA256 97281375efa33e9ce70a55bfa95b6b426208175e7e3ff493012bc25d9b012f45 -AUX openssh-5.3_p1-pkcs11-hpn-glue.patch 765 RMD160 9c865591eed26cadb34b0a4f35b574cda13a7da1 SHA1 4203cc42e801b5c598a4d7fd021bf965d64c1391 SHA256 0f85b457061fee06f053945ed1a37a962e41cd1c49c616fb9d5e4ad776fda6a4 AUX openssh-5.3p1-gsskex-all-20100124.patch 90320 RMD160 fbd0437fa89720756f55c164c2c1dffc3a618000 SHA1 0e49443fc3c005465275b8052f326500f7f0b45c SHA256 8f75e1e84a569cb200a8fcc81c35cde722e57efde147c875c966c01381be818a AUX openssh-5.4_p1-openssl.patch 255 RMD160 6d495664c5d94058cb4aa8a0011a070cb27a8fb9 SHA1 9e78702afc936a478f64c73bada9e85f7dbd8081 SHA256 f83627039491e9969f1ed5d77fe816465ce75809e8c2f2bfb07012bc21384347 -AUX openssh-5.4_p1-pkcs11.patch 1099 RMD160 d94041f2448ecc6e9d6add0301979abeaf47fd4c SHA1 371b2cd92ff915a8efc4377de60c7626e0371453 SHA256 5603b9f4cb99990404f7953d2524190ef50e6b0f5434a2465c6dea21720be4b6 -AUX openssh-5.4_p1-relative-AuthorizedKeysFile.patch 1501 RMD160 5f73b12112e52278561923e72d706a575d68d9f1 SHA1 9be8ba4a6d0b748d69596e111eddaa70a69fd645 SHA256 9c06be753927eaecec8eaae401f6890c4ab7a8cf91dc7a35bb95228ed1c0d362 AUX openssh-5.6_p1-hpn-progressmeter.patch 334 RMD160 024480c0f7ccac80905ae4b4ae6adfa21428cf97 SHA1 446cfaa4be26fefbabd8f8933d91b5d5783f196c SHA256 eaa98f954934364a1994111f5a422d0730b6e224822cef03efe6d6fc0c7f056f AUX openssh-5.6_p1-x509-hpn-glue.patch 1974 RMD160 bccefdc9ee8e923968c6dac5d470466b1b7e78b9 SHA1 8f882f22d2c85967d3d54c250a11077b67f9a1a9 SHA256 164db7af08e0565821d6d609b1beadab39777521bfff143a83acc1e097ad60f1 +AUX openssh-5.6p1-gsskex-all-20110101.patch 91929 RMD160 bdf9d194aeb2c37f19e1b8f2ef7dced8a00674ff SHA1 1daacdeaaba55a95faad12c41a56f8dc8fe59ad7 SHA256 93a3a4b3935919cff8e8216fc8026069dceca0aa840c84e1fe74a2da24d6d632 +AUX openssh-5.7_p1-x509-hpn-glue.patch 1888 RMD160 d0af977ecc3b89fc6efbd554f8bb3680acd88c32 SHA1 185e0f56db550cdc0f76d359296681bef55920f3 SHA256 30f63dea0e810d92790ddaf9813f0b8dec1e827a39e1752faff6bb41382f3c1b +AUX openssh-5.7p1-gsskex-all-20110125.patch 91889 RMD160 ffd77d9c7e1d4c2692728973c1683f5debc37093 SHA1 8aefb2e1ac4ba60dfc513694d75f10be88590f52 SHA256 bfdc72c3d7d5d4f9f8a78b649988dff8fad780cfa72bad4a69eb94c54de9a359 +AUX openssh-5.8_p1-selinux.patch 433 RMD160 ec21b74785b475264d8dece2f10102d730684f21 SHA1 db97948d0e54194ad5a00b7d08982b05c2b502b2 SHA256 0de250c75f4dae78406e5151f563bd104b8e7792a825515510e095fb47462cfd +AUX openssh-5.8_p1-x509-hpn-glue.patch 1907 RMD160 954bfc141bf780e0c36712ee2f0f211bb7147e59 SHA1 a332690d47c18b2ae88a7381a177cc28a098d984 SHA256 7ab452c02b141645b764d404aa3de0754ab240a64601a6bb587919673f957682 AUX sshd.confd 396 RMD160 029680b2281961130a815ef599750c4fc4e84987 SHA1 23c283d0967944b6125be26ed4628f49abf586b2 SHA256 29c6d57ac3ec6018cadc6ba6cd9b90c9ed46e20049b970fdcc68ee2481a2ee41 AUX sshd.pam 294 RMD160 1d4499a7de54188e51e87a240ec7a1b3b1af583d SHA1 4cd17fb40793fa9ca77ac93698129f2c8cafd7b8 SHA256 f01cc51c624b21a815fb6c0be35edc590e2e6f8a5ffbdcabc220a9630517972f AUX sshd.pam_include.2 156 RMD160 c4f6ba6e3a705eef63e571189e28de71e7d61178 SHA1 1223f7a43a5e124521d48852b2d23bb8ba0a788f SHA256 166136e27d653e0bf481a6ca79fecb7d9fa2fc3d597d041f97df595f65a8193c AUX sshd.rc6 2159 RMD160 961c7222fe809d81dc04c1f62e14c8292c0e3452 SHA1 d9853a50ff89d4359cc813a0f5ec936659941646 SHA256 83b94fed859ab3a00861969f97c166bd3b2fdd217f26468153e17005dfd55828 AUX sshd.rc6.1 2244 RMD160 112f62244a4654d706fa3892da514df8130dabf3 SHA1 4a561034f7376bf10dc4601f2b847f247b83bf53 SHA256 09b7f29890fd0c28e364637236518c7ee4fea018af94dd72b8682a548678cd73 +AUX sshd.rc6.2 2051 RMD160 026c92ef4c0926ca1d5ab91a55b4d12028ba800d SHA1 246ffa14a9636f843c9314a32f11dacdc67cd52f SHA256 c8f8fd4789188c43259c7351cb3d666b24b1703e45129ba09e1b849192967d08 DIST openssh-5.2pkcs11-0.26.tar.bz2 18642 RMD160 07093fb2ad47247b2f028fae4fe1b80edf4ddaf8 SHA1 755793398e1b04ee6c15458a69ce4ad68d2abee0 SHA256 9655f118c614f76cfdd3164b5c0e3e430f20a4ce16c65df0dc1b594648cf1c07 DIST openssh-5.3p1+x509-6.2.1.diff.gz 154130 RMD160 d16e9d4fd7f6e64091c7b421df7bbd7c21b40c4e SHA1 52182f3a3f84b5ce5e9fada5669776abb851a3fd SHA256 e7e122e74498a0db4253e4a2a43b55688685381066fbad69ad1beafd27b62523 DIST openssh-5.3p1-hpn13v6-gentoo.diff.gz 23262 RMD160 f4a99017f658d5b803b966cb3711f246be6344f9 SHA1 a30568339458976933e770900a933f013e8ce2c2 SHA256 3f3861ca5e58134dc3f3f7a042d53b9d652b7e4232fcadd45c7fba2d98f5bf63 DIST openssh-5.3p1.tar.gz 1027130 RMD160 f8c98b4b91b7e0e02b33837ef6978e8b7570cf9e SHA1 d411fde2584ef6022187f565360b2c63a05602b5 SHA256 d0c917462896974480b14454a8e1cb8b809291f67e5b9779c9b4dc4156c5ef12 +DIST openssh-5.6p1+x509-6.2.3.diff.gz 168109 RMD160 d2a0bb07ede384a7fd752d0a1a2b7750101c5fe3 SHA1 319992226b8109c3f6ce9bbe5884635edb2349cf SHA256 90977eded2ae5e71bc3b84aad8597442074742d78d471087d020e58dd58342ad +DIST openssh-5.6p1-hpn13v10.diff.gz 22988 RMD160 9c62cd1520a69f10b85496450130a9fd0a5f5954 SHA1 71f5a346b297330c50b324cdc19e361070a31776 SHA256 6a9ee815e8ffcc9068c3dce4ad4f2898fc0db6b768a3152280aceb8c06c8b450 +DIST openssh-5.6p1.tar.gz 1117952 RMD160 e3e1229cc0efa7cb534c83e61fade8371fc24a23 SHA1 347dd39c91c3529f41dae63714d452fb95efea1e SHA256 538af53b2b8162c21a293bb004ae2bdb141abd250f61b4cea55244749f3c6c2b +DIST openssh-5.7p1+x509-6.2.4.diff.gz 170001 RMD160 7fa25e7a28f0277b68dbda57584449dc42bb08f3 SHA1 9b4bf151bca8e96cec5773ba23c55b9a36c47b94 SHA256 86af445d27be112318e95c4a188593b171a34b100e2187ef12a116c95e36c51d +DIST openssh-5.7p1-hpn13v10.diff.bz2 20132 RMD160 2c34ca34fbe19468254fe0d4fa6344f23f5da4cd SHA1 d743cc499e0e9ccfbc518bfb1718e1611603983c SHA256 fc6518ea065841cec96a503207bd6f927c65234862ec13a44c3c13cb978bfa57 +DIST openssh-5.7p1.tar.gz 1113345 RMD160 7f2ee186d5b99e1b40b90669b681b49da962b8f8 SHA1 423e27475f06e1055847dfff7f61e1ac632b5372 SHA256 59057d727d902d8b04b2ce0ba8f288c6e02cb65aca183cc8d559a4a66426581b DIST openssh-lpk-5.3p1-0.3.11.patch.gz 18137 RMD160 3e316722d521e163a82d661465abef7f128d736b SHA1 870a703e2cafa744681733766e48faf3229e3b7e SHA256 34d8dbccde3b1fedb6b75d7a725ade8b37389c46f5b13a2e5a80d8cd8e6ffaaa +DIST openssh-lpk-5.6p1-0.3.13.patch.gz 18376 RMD160 c928a22d890de17c43ac8a71ac0a551fbe38a831 SHA1 477ef82043278ba9e314e14e7a487f1541fbc48b SHA256 42a76b67c390c3ed28efd6e1734ca5a7edfefc635c35086dbd610999130678e9 +DIST openssh-lpk-5.7p1-0.3.13.patch.gz 18392 RMD160 9ca299e2c05c97528ecbea5cc30fe604904daa2c SHA1 5581a12eee5d5e739b77927ce7ddb00625ab03c4 SHA256 739fa32e267f2c30362bb953d597bcbb55b58d76e13f644004fa63ded81522f7 EBUILD openssh-5.3_p1-r1.ebuild 8666 RMD160 6edf7608fe3085af2e6355ab48401891ab677b8c SHA1 f770b419dd2f43a8dbb4aa1c1543c0562a40279e SHA256 f1ee06ef18cea7703e8771d9bf9df55655f835a1dbe904afb5ce2aa9d7ed070c -MISC ChangeLog 62274 RMD160 ed44cebf98d1fb4f83e9e83cdf555c9e46df3da9 SHA1 47ad52d88052c7c6dbf012cfe420821f66895ddd SHA256 e4a7d9becca316afa5bf2673933f378828465c1366848413a4c453fb95fe0257 -MISC metadata.xml 1641 RMD160 b5ae0d7b86c8dcb36414bc31da6fd22a807ced0b SHA1 31923a9db53fcad2b9cca72c39e733376bf6c501 SHA256 d34bb27c9f775ce973246c2a6b32ccd17d300de562920afbdd47312056cd8946 +EBUILD openssh-5.6_p1-r2.ebuild 8467 RMD160 cd1e0a8f49594845d7d7dae6c1ac5a371b414b85 SHA1 32e47857889600d55ce94a72368dd493645758d5 SHA256 a3539cec23105f17b1f8dbb419aa1ce61fd31b1419721584b4f103827ebafec3 +EBUILD openssh-5.7_p1-r1.ebuild 8317 RMD160 63426be0d5499834538e1884df5e79be5efead8b SHA1 6716f7bd8b72fc99ece9ff07bce791443d523c5b SHA256 a49c1a38ccc478d6b00cce3050203ccc23cd920dc3c18629007461431e27ec93 +MISC ChangeLog 62362 RMD160 01250419a933c4cc39d427eb50d52c96f1453366 SHA1 b883f590066a9e85a44fef6b2653d544ebd48107 SHA256 edafdd990dce05eceea08413999be4e528e5ac14a27c6ef644a2084d99db1dcc +MISC metadata.xml 2060 RMD160 5210e6965ed72944c6a3e5ee88994497915c6f25 SHA1 89f42abb4b7ac69bccd0c5cc3fb933563dcd8689 SHA256 293c43174c14d1ba03818492004a844d4418df3b67fc9633bcee04f19ba255e3 +MISC openssh-5.7_p1-r1.ebuild~ 8257 RMD160 6126ed9ef31f3ba2fe8d5bab996d71164160fbd5 SHA1 8d2e76cedc2b05cf6ba73aa1191a735fcd337a21 SHA256 42ffdb6f51664911af79106c9d83da64cb495fc353bc2c8fc805430401c22753 diff --git a/net-misc/openssh/metadata.xml b/net-misc/openssh/metadata.xml index 6bf483a..494737c 100644 --- a/net-misc/openssh/metadata.xml +++ b/net-misc/openssh/metadata.xml @@ -3,7 +3,7 @@ <pkgmetadata> <herd>base-system</herd> <maintainer restrict="LPK"> - <email>robbat2@gentoo.org</email> + <email>michael@hammill.name</email> <description>LPK issues. Only assign if it's a direct LPK issue. Do not directly assign for anything else.</description> </maintainer> <longdescription> @@ -19,6 +19,14 @@ The OpenSSH suite includes the ssh program which replaces rlogin and telnet, scp replaces rcp, and sftp which replaces ftp. Also included is sshd which is the server side of the package, and the other basic utilities like ssh-add, ssh-agent, ssh-keysign, ssh-keyscan, ssh-keygen and sftp-server. OpenSSH supports SSH protocol versions 1.3, 1.5, and 2.0. + +This version of OpenSSH modifies the standard Gentoo version by adding +the Simon Wilkinson GSSAPI key exchange patch. This is required for +working in certain environments, for example, at the Royal Institute +of Technology (KTH) in Stockholm, Sweden. This version is not +supported in any way by KTH. It is only supported by the maintainer +so that he can use KTH facilities. In particular, this openssh + +heimdal. </longdescription> <use> <flag name="hpn">Enable high performance ssh</flag> diff --git a/net-misc/openssh/openssh-5.7_p1-r1.ebuild b/net-misc/openssh/openssh-5.7_p1-r1.ebuild new file mode 100644 index 0000000..90462e5 --- /dev/null +++ b/net-misc/openssh/openssh-5.7_p1-r1.ebuild @@ -0,0 +1,258 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="2" +inherit eutils flag-o-matic multilib autotools pam + +# Make it more portable between straight releases +# and _p? releases. +PARCH=${P/_/} + +HPN_PATCH="${PARCH}-hpn13v10.diff.bz2" +LDAP_PATCH="${PARCH/-/-lpk-}-0.3.13.patch.gz" +X509_VER="6.2.4" X509_PATCH="${PARCH}+x509-${X509_VER}.diff.gz" + +DESCRIPTION="Port of OpenBSD's free SSH release" +HOMEPAGE="http://www.openssh.org/" +SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz + ${HPN_PATCH:+hpn? ( http://www.psc.edu/networking/projects/hpn-ssh/${HPN_PATCH} mirror://gentoo/${HPN_PATCH} )} + ${LDAP_PATCH:+ldap? ( mirror://gentoo/${LDAP_PATCH} )} + ${X509_PATCH:+X509? ( http://roumenpetrov.info/openssh/x509-${X509_VER}/${X509_PATCH} )} + " + +LICENSE="as-is" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~sparc-fbsd ~x86-fbsd" +IUSE="hpn kerberos ldap libedit pam selinux skey static tcpd X X509" + +RDEPEND="pam? ( virtual/pam ) + kerberos? ( virtual/krb5 ) + selinux? ( >=sys-libs/libselinux-1.28 ) + skey? ( >=sys-auth/skey-1.1.5-r1 ) + ldap? ( net-nds/openldap ) + libedit? ( dev-libs/libedit ) + >=dev-libs/openssl-0.9.6d + >=sys-libs/zlib-1.2.3 + tcpd? ( >=sys-apps/tcp-wrappers-7.6 ) + X? ( x11-apps/xauth ) + userland_GNU? ( sys-apps/shadow )" +DEPEND="${RDEPEND} + dev-util/pkgconfig + virtual/os-headers + sys-devel/autoconf" +RDEPEND="${RDEPEND} + pam? ( >=sys-auth/pambase-20081028 )" +PROVIDE="virtual/ssh" + +S=${WORKDIR}/${PARCH} + +pkg_setup() { + # this sucks, but i'd rather have people unable to `emerge -u openssh` + # than not be able to log in to their server any more + maybe_fail() { [[ -z ${!2} ]] && echo ${1} ; } + local fail=" + $(use X509 && maybe_fail X509 X509_PATCH) + $(use ldap && maybe_fail ldap LDAP_PATCH) + $(use hpn && maybe_fail hpn HPN_PATCH) + " + fail=$(echo ${fail}) + if [[ -n ${fail} ]] ; then + eerror "Sorry, but this version does not yet support features" + eerror "that you requested: ${fail}" + eerror "Please mask ${PF} for now and check back later:" + eerror " # echo '=${CATEGORY}/${PF}' >> /etc/portage/package.mask" + die "booooo" + fi +} + +src_prepare() { + sed -i \ + -e '/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:/usr/bin/xauth:' \ + pathnames.h || die + # keep this as we need it to avoid the conflict between LPK and HPN changing + # this file. + cp version.h version.h.pristine + + # Apply Simon Wilkinson's kext patch + patch -p1 < ${FILESDIR}/${PN}-5.7p1-gsskex-all-20110125.patch + + if use X509 ; then + epatch "${DISTDIR}"/${X509_PATCH} + epatch "${FILESDIR}"/${PN}-5.7_p1-x509-hpn-glue.patch + fi + if ! use X509 ; then + if [[ -n ${LDAP_PATCH} ]] && use ldap ; then + epatch "${DISTDIR}"/${LDAP_PATCH} + epatch "${FILESDIR}"/${PN}-5.2p1-ldap-stdargs.diff #266654 + # version.h patch conflict avoidence + mv version.h version.h.lpk + cp -f version.h.pristine version.h + fi + else + use ldap && ewarn "Sorry, X509 and LDAP conflict internally, disabling LDAP" + fi + epatch "${FILESDIR}"/${PN}-5.4_p1-openssl.patch + # comment out dns.patch since incompatible with Simon Wilkonson's patch + # epatch "${FILESDIR}"/${PN}-4.7_p1-GSSAPI-dns.patch #165444 integrated into gsskex + if [[ -n ${HPN_PATCH} ]] && use hpn; then + epatch "${DISTDIR}"/${HPN_PATCH} + epatch "${FILESDIR}"/${PN}-5.6_p1-hpn-progressmeter.patch + # version.h patch conflict avoidence + mv version.h version.h.hpn + cp -f version.h.pristine version.h + # The AES-CTR multithreaded variant is broken, and causes random hangs + # when combined background threading and control sockets. To avoid + # this, we change the internal table to use the non-multithread version + # for the meantime. Do NOT remove this in new versions. See bug #354113 + # comment #6 for testcase. + # Upstream reference: http://www.psc.edu/networking/projects/hpn-ssh/ + ## Additionally, the MT-AES-CTR mode cipher replaces the default ST-AES-CTR mode + ## cipher. Be aware that if the client process is forked using the -f command line + ## option the process will hang as the parent thread gets 'divorced' from the key + ## generation threads. This issue will be resolved as soon as possible + sed -i \ + -e '/aes...-ctr.*SSH_CIPHER_SSH2/s,evp_aes_ctr_mt,evp_aes_128_ctr,' \ + cipher.c || die + fi + epatch "${FILESDIR}"/${PN}-5.2_p1-autoconf.patch + + sed -i "s:-lcrypto:$(pkg-config --libs openssl):" configure{,.ac} || die + + # Disable PATH reset, trust what portage gives us. bug 254615 + sed -i -e 's:^PATH=/:#PATH=/:' configure || die + + # Now we can build a sane merged version.h + ( + sed '/^#define SSH_RELEASE/d' version.h.* | sort -u + printf '#define SSH_RELEASE SSH_VERSION SSH_PORTABLE %s %s\n' \ + "$([ -e version.h.hpn ] && echo SSH_HPN)" \ + "$([ -e version.h.lpk ] && echo SSH_LPK)" + ) > version.h + + eautoreconf +} + +static_use_with() { + local flag=$1 + if use static && use ${flag} ; then + ewarn "Disabling '${flag}' support because of USE='static'" + # rebuild args so that we invert the first one (USE flag) + # but otherwise leave everything else working so we can + # just leverage use_with + shift + [[ -z $1 ]] && flag="${flag} ${flag}" + set -- !${flag} "$@" + fi + use_with "$@" +} + +src_configure() { + addwrite /dev/ptmx + addpredict /etc/skey/skeykeys #skey configure code triggers this + + use static && append-ldflags -static + + econf \ + --with-ldflags="${LDFLAGS}" \ + --disable-strip \ + --sysconfdir=/etc/ssh \ + --libexecdir=/usr/$(get_libdir)/misc \ + --datadir=/usr/share/openssh \ + --with-privsep-path=/var/empty \ + --with-privsep-user=sshd \ + --with-md5-passwords \ + --with-ssl-engine \ + $(static_use_with pam) \ + $(static_use_with kerberos kerberos5 /usr) \ + ${LDAP_PATCH:+$(use X509 || ( use ldap && use_with ldap ))} \ + $(use_with libedit) \ + $(use_with selinux) \ + $(use_with skey) \ + $(use_with tcpd tcp-wrappers) +} + +src_install() { + emake install-nokeys DESTDIR="${D}" || die + fperms 600 /etc/ssh/sshd_config + dobin contrib/ssh-copy-id || die + newinitd "${FILESDIR}"/sshd.rc6.2 sshd + newconfd "${FILESDIR}"/sshd.confd sshd + keepdir /var/empty + + # not all openssl installs support ecc, or are functional #352645 + if ! grep -q '#define OPENSSL_HAS_ECC 1' config.h ; then + dosed 's:&& gen_key ecdsa::' /etc/init.d/sshd || die + fi + + newpamd "${FILESDIR}"/sshd.pam_include.2 sshd + if use pam ; then + sed -i \ + -e "/^#UsePAM /s:.*:UsePAM yes:" \ + -e "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" \ + -e "/^#PrintMotd /s:.*:PrintMotd no:" \ + -e "/^#PrintLastLog /s:.*:PrintLastLog no:" \ + "${D}"/etc/ssh/sshd_config || die "sed of configuration file failed" + fi + + # This instruction is from the HPN webpage, + # Used for the server logging functionality + if [[ -n ${HPN_PATCH} ]] && use hpn ; then + keepdir /var/empty/dev + fi + + doman contrib/ssh-copy-id.1 + dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config + + diropts -m 0700 + dodir /etc/skel/.ssh +} + +src_test() { + local t tests skipped failed passed shell + tests="interop-tests compat-tests" + skipped="" + shell=$(getent passwd ${UID} | cut -d: -f7) + if [[ ${shell} == */nologin ]] || [[ ${shell} == */false ]] ; then + elog "Running the full OpenSSH testsuite" + elog "requires a usable shell for the 'portage'" + elog "user, so we will run a subset only." + skipped="${skipped} tests" + else + tests="${tests} tests" + fi + for t in ${tests} ; do + # Some tests read from stdin ... + emake -k -j1 ${t} </dev/null \ + && passed="${passed}${t} " \ + || failed="${failed}${t} " + done + einfo "Passed tests: ${passed}" + ewarn "Skipped tests: ${skipped}" + if [[ -n ${failed} ]] ; then + ewarn "Failed tests: ${failed}" + die "Some tests failed: ${failed}" + else + einfo "Failed tests: ${failed}" + return 0 + fi +} + +pkg_postinst() { + enewgroup sshd 22 + enewuser sshd 22 -1 /var/empty sshd + + ewarn "Remember to merge your config files in /etc/ssh/ and then" + ewarn "reload sshd: '/etc/init.d/sshd reload'." + if use pam ; then + echo + ewarn "Please be aware users need a valid shell in /etc/passwd" + ewarn "in order to be allowed to login." + fi + # This instruction is from the HPN webpage, + # Used for the server logging functionality + if [[ -n ${HPN_PATCH} ]] && use hpn ; then + echo + einfo "For the HPN server logging patch, you must ensure that" + einfo "your syslog application also listens at /var/empty/dev/log." + fi +} |