# ChangeLog for net-misc/openssh
# Copyright 1999-2006 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/ChangeLog,v 1.172 2006/06/07 19:15:40 kumba Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/ChangeLog,v 1.173 2006/06/08 11:23:45 vapier Exp $
+
+*openssh-4.3_p2-r2 (08 Jun 2006)
+
+ 08 Jun 2006; Mike Frysinger <vapier@gentoo.org>
+ +files/openssh-4.3_p2-securid-hpn-glue.patch,
+ +files/openssh-4.3_p2-x509-hpn-glue.patch, openssh-4.2_p1-r1.ebuild,
+ +openssh-4.3_p2-r2.ebuild:
+ Update hpn and x509 patches #135691 by Scott Jones.
07 Jun 2006; Joshua Kinard <kumba@gentoo.org> openssh-4.3_p2-r1.ebuild:
Add sys-apps/shadow to RDEPEND/DEPEND so group/useradd is available. Fixes
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
AUX openssh-3.9_p1-chroot.patch 3026 RMD160 23b2a1c819580b0f2fcb927c13c63e4f16387333 SHA1 78f85bc81c0034e03d06dd3c7ab91b9210fc18fb SHA256 014158a32c707b2a79ac606aeefb6bc09f24c3f07ce5df353ddad96095518597
MD5 c4edd6a7aa1418ce5bf74aeb46627dbf files/openssh-3.9_p1-chroot.patch 3026
RMD160 23b2a1c819580b0f2fcb927c13c63e4f16387333 files/openssh-3.9_p1-chroot.patch 3026
MD5 50f8706c29e6d5c509c64cfba22a78b1 files/openssh-4.3_p1-krb5-typos.patch 301
RMD160 3b1a82e230c870269f9aa25cd73e9c5be03db3f6 files/openssh-4.3_p1-krb5-typos.patch 301
SHA256 98310c487625b5dbd86f4a2c1acd00c223911b6a7e505455bc4196063fa38b9c files/openssh-4.3_p1-krb5-typos.patch 301
+AUX openssh-4.3_p2-securid-hpn-glue.patch 1731 RMD160 47eb05afaf9e0f27d4d838dd32ad36ca13ae494f SHA1 9bb463592299564c8bf6064acb15693cb6486cbf SHA256 7cafbe9c840878561e5692a810a9f503a3f5a02f39f674801c8d7858166fdc4d
+MD5 aa56fc6ed586b9c51b652e39dc034986 files/openssh-4.3_p2-securid-hpn-glue.patch 1731
+RMD160 47eb05afaf9e0f27d4d838dd32ad36ca13ae494f files/openssh-4.3_p2-securid-hpn-glue.patch 1731
+SHA256 7cafbe9c840878561e5692a810a9f503a3f5a02f39f674801c8d7858166fdc4d files/openssh-4.3_p2-securid-hpn-glue.patch 1731
AUX openssh-4.3_p2-selinux.patch 10737 RMD160 c13bcff14f1d4a1be489506f6145181c7d19dcc4 SHA1 913d73429699ffea1083cd96065d0e5b241ca2b5 SHA256 f93d2a040471aba4a7c762f106d9648e915f73878809c72fb36dabf5dd96ba8f
MD5 fcf22ed16aeea1c099349391208c061c files/openssh-4.3_p2-selinux.patch 10737
RMD160 c13bcff14f1d4a1be489506f6145181c7d19dcc4 files/openssh-4.3_p2-selinux.patch 10737
MD5 b1a753373208c815d11a7dabd7f7b45d files/openssh-4.3_p2-selinux.patch.glue 1057
RMD160 3bd4e77ceffafaa88505641393210f5366575c7e files/openssh-4.3_p2-selinux.patch.glue 1057
SHA256 174524b2c5168bd4c3724753c359152c22148587ddbd59198262755fcc1d1c71 files/openssh-4.3_p2-selinux.patch.glue 1057
+AUX openssh-4.3_p2-x509-hpn-glue.patch 1090 RMD160 a514ce75950a19b0e3b86b2e5a372442e9f20b6f SHA1 28adcf69a550ce61e5b066fa9077aa2f0a85b060 SHA256 eaf2555076893645c3ea9c5a70e2f80aa1c59dd23ce48f4080e3ac0fd1741a93
+MD5 4cc66bcc75744747914a227352a6bd29 files/openssh-4.3_p2-x509-hpn-glue.patch 1090
+RMD160 a514ce75950a19b0e3b86b2e5a372442e9f20b6f files/openssh-4.3_p2-x509-hpn-glue.patch 1090
+SHA256 eaf2555076893645c3ea9c5a70e2f80aa1c59dd23ce48f4080e3ac0fd1741a93 files/openssh-4.3_p2-x509-hpn-glue.patch 1090
AUX openssh-securid-1.3.1-updates.patch 445 RMD160 b1db3dfa75f7e03d0dff41e85e285f8b749f27f0 SHA1 757a8b0c1586fdcbff0762b39a52f1b315d4b110 SHA256 11c95cc508d20c8eb1e8faa0d2b5e68346cbb93db8fb560cfa8b4d2c0d1104b3
MD5 eca7ba0b23754a710b42a79c1fb5e248 files/openssh-securid-1.3.1-updates.patch 445
RMD160 b1db3dfa75f7e03d0dff41e85e285f8b749f27f0 files/openssh-securid-1.3.1-updates.patch 445
DIST openssh-4.1p1-hpn11.diff 14223
DIST openssh-4.1p1.tar.gz 894234
DIST openssh-4.2p1+SecurID_v1.3.2.patch 616248
-DIST openssh-4.2p1+x509-5.3.diff.gz 128507
+DIST openssh-4.2p1+x509-5.5.diff.gz 133405 RMD160 fba6bc99857d890cda0e5a88bf195b7e327f0aff SHA1 f1a71d8ed9e3a769d559faedce88ec1c72f86961 SHA256 42509cdd9edce6e6f2cb635cb480bfc0e3c0f26a0747760559742355a8b1ddce
DIST openssh-4.2p1-hpn11.diff 14765
DIST openssh-4.2p1.tar.gz 914165
DIST openssh-4.3p1+x509-5.3.diff.gz 131152
DIST openssh-4.3p1.tar.gz 940777 RMD160 c1d69873ecc453b40d825a2f1b3a0909da815f5e SHA1 b1f379127829e7e820955b2825130edd1601ba59 SHA256 7a4e356742190901e458b7526f91dfa24c66babbcd24d55cf7eac282266f5254
DIST openssh-4.3p2+SecurID_v1.3.2.patch 47650
DIST openssh-4.3p2+x509-5.3.diff.gz 131147
+DIST openssh-4.3p2+x509-5.5.diff.gz 136017 RMD160 21069550bbb05ea22870da853f68ee9910b2b71e SHA1 a529280d38b9161c862f6a2f40886ab457477872 SHA256 b62ee8afd927d9c97367ac738be55464327deacabf803a610159a98c569e72ad
+DIST openssh-4.3p2-hpn12.diff.gz 14806 RMD160 38ca2a73a3ff9aae8c6b9eba6c07eb962b4beb71 SHA256 d98d8a016d6b7a83c9c821339e6d01b8d67a7607ec7ace11a72b347689411a74
DIST openssh-4.3p2.tar.gz 941455 RMD160 ccd5967e3296347e6dd2be43c3d6caacde2b6833 SHA1 2b5b0751fd578283ba7b106025c0ba391fd72f1f SHA256 4ba757d6c933e7d075b6424124d92d197eb5d91e4a58794596b67f5f0ca21d4f
DIST openssh-lpk-3.9p1-0.3.6.patch 60920
DIST openssh-lpk-4.0p1-0.3.6.patch 60557
MD5 2c888cf3a4cf4a20bf8b399f0e41dd0b openssh-4.1_p1-r1.ebuild 5381
RMD160 fe412d4d8fc9640b59446a80291fce64e5dd5d95 openssh-4.1_p1-r1.ebuild 5381
SHA256 b2d45cf55c08e2030ef74b28f8439d3e4e5aae749e1a12e862a4c86e90f46315 openssh-4.1_p1-r1.ebuild 5381
-EBUILD openssh-4.2_p1-r1.ebuild 5416 RMD160 bf795a39a239ed3bb00deed091a4ab1fbe383c81 SHA1 1cf20096eb97ca58468639051b55adf3d2d319c8 SHA256 36869f415923667f3f0d68c708ed0a8b6f65ee8e1a8520630bc8e018c31883c2
-MD5 a9d7923f3909976222c24efd31c147f5 openssh-4.2_p1-r1.ebuild 5416
-RMD160 bf795a39a239ed3bb00deed091a4ab1fbe383c81 openssh-4.2_p1-r1.ebuild 5416
-SHA256 36869f415923667f3f0d68c708ed0a8b6f65ee8e1a8520630bc8e018c31883c2 openssh-4.2_p1-r1.ebuild 5416
+EBUILD openssh-4.2_p1-r1.ebuild 5417 RMD160 9972e84e89cbc4eeb570a4eb808102d8a092685a SHA1 354b7775d725d332de10c5be341016b3c225f5fe SHA256 e1c867a0e83ad120a574dcc3f07a00fbdf22bea359500ed41b71be5db373eed9
+MD5 cb561ae050e1b3b24870c2315004a47a openssh-4.2_p1-r1.ebuild 5417
+RMD160 9972e84e89cbc4eeb570a4eb808102d8a092685a openssh-4.2_p1-r1.ebuild 5417
+SHA256 e1c867a0e83ad120a574dcc3f07a00fbdf22bea359500ed41b71be5db373eed9 openssh-4.2_p1-r1.ebuild 5417
EBUILD openssh-4.3_p1.ebuild 5226 RMD160 f2f54fc190fff18600c591c24bc115dad2fcdc4c SHA1 29a8850db9ceb37cc2f424b3aa6ba5f29111aa6b SHA256 ecf8a0f82ee86474f4adfd184956be96220e48b3fcea6c869d1805ff95bae11e
MD5 504919dbb3dc5015f6e2ddb648ca6c2b openssh-4.3_p1.ebuild 5226
RMD160 f2f54fc190fff18600c591c24bc115dad2fcdc4c openssh-4.3_p1.ebuild 5226
MD5 255f80bcfff56f6dc3dfbe0b888592af openssh-4.3_p2-r1.ebuild 5522
RMD160 9ff16f546b8b1ad0b39bcaecf7cf21073fa8151a openssh-4.3_p2-r1.ebuild 5522
SHA256 7b5951678cea3f473d62eb4c391f8fad271e744c9576cbbaaa0ca7aa3ea038cb openssh-4.3_p2-r1.ebuild 5522
-MISC ChangeLog 27848 RMD160 e852cbe332543400bdf546966c6bec6774f78564 SHA1 b7520d8df242e9694e1f9f36a428869f26805a95 SHA256 4837d230b58b1e21f8ef82055e3115a0989095fbee991927cd762c11fd0c00d4
-MD5 9a9d084caa5cc1f568043d1e8c30a51c ChangeLog 27848
-RMD160 e852cbe332543400bdf546966c6bec6774f78564 ChangeLog 27848
-SHA256 4837d230b58b1e21f8ef82055e3115a0989095fbee991927cd762c11fd0c00d4 ChangeLog 27848
+EBUILD openssh-4.3_p2-r2.ebuild 5593 RMD160 78672169e13f68b6b464d8659e3908f6cbebaef1 SHA1 5f893b28b33dbc4fea39407f4426d060b0acc3f0 SHA256 e74d6503575c1db42d754f38d0a6844bcb2e0296df8f1af08576b3ece7c5e25c
+MD5 3b0a96916c1cb5bb6643684a4483c018 openssh-4.3_p2-r2.ebuild 5593
+RMD160 78672169e13f68b6b464d8659e3908f6cbebaef1 openssh-4.3_p2-r2.ebuild 5593
+SHA256 e74d6503575c1db42d754f38d0a6844bcb2e0296df8f1af08576b3ece7c5e25c openssh-4.3_p2-r2.ebuild 5593
+MISC ChangeLog 28136 RMD160 35ddc794ca787a2c187dc8f93f1bcf19983abc6b SHA1 cdb9c4a9f03e059005aa65be161054f8320891ed SHA256 1ddda218f51a2d61a5694b007977370568d3332dadb5226b817414d6fc446e20
+MD5 e01eec5a9ac3ed430953cdf41d3ac4b7 ChangeLog 28136
+RMD160 35ddc794ca787a2c187dc8f93f1bcf19983abc6b ChangeLog 28136
+SHA256 1ddda218f51a2d61a5694b007977370568d3332dadb5226b817414d6fc446e20 ChangeLog 28136
MISC metadata.xml 1251 RMD160 6cc73434a9ddba10013961600493ede02841b514 SHA1 83a4855be3de75289d068e827ca7e8d41b2683f9 SHA256 bc756cbd9737146f4aef4b1cf329f9c6fb2dc580fe4230b866c1101d9637c63b
MD5 02a1e50ab3fa841edec86694bd71c8d1 metadata.xml 1251
RMD160 6cc73434a9ddba10013961600493ede02841b514 metadata.xml 1251
MD5 3d538f75b8b386529f10a907192ad1bc files/digest-openssh-4.1_p1-r1 360
RMD160 fa8157b6e679723e64dc79387863ed6e39b55ba6 files/digest-openssh-4.1_p1-r1 360
SHA256 bca8197243f56eb4b38578772ccdc7b9bdbcb03456f72b03c05f00bb074edda2 files/digest-openssh-4.1_p1-r1 360
-MD5 594aa58909853e6c3f0be598f8928ae5 files/digest-openssh-4.2_p1-r1 360
-RMD160 e3ff0fde2596b692959dcefb62650d60aa8266e6 files/digest-openssh-4.2_p1-r1 360
-SHA256 627d1524ba20e4714611168bb567b29afd621e7b1fe7c8b4f2f29ad73adef6dc files/digest-openssh-4.2_p1-r1 360
+MD5 21c59320a4e4911f1d47e8177a156091 files/digest-openssh-4.2_p1-r1 556
+RMD160 3dd3264fa84134bac18084b6b7082572f59e4b21 files/digest-openssh-4.2_p1-r1 556
+SHA256 e312f8a9563dbed73d5df17246319f97386ec023551dc44f12275f9a6cb303cb files/digest-openssh-4.2_p1-r1 556
MD5 deb86eca3c05f237264f0f36d6c02d13 files/digest-openssh-4.3_p1 457
RMD160 e8308eb8ba3df5026bb25d83e2c48c2a20bd51f9 files/digest-openssh-4.3_p1 457
SHA256 6fd2ab24c717be47b550a22bf49f92a5a52f3a2450bb15b7ed975c7586e4859d files/digest-openssh-4.3_p1 457
MD5 5d56892f6ebf47cdff443f1ee86e2b40 files/digest-openssh-4.3_p2-r1 535
RMD160 860adbb73062e029b2488e0728a07510581deebd files/digest-openssh-4.3_p2-r1 535
SHA256 84d687de4bd56fcc250c2c3708c87c03dfe8bb0c7269d7e2923170bc3b01c5ba files/digest-openssh-4.3_p2-r1 535
+MD5 5d85af2761ff85fc089eac15e7c773a5 files/digest-openssh-4.3_p2-r2 922
+RMD160 fd362e87c37c1c77e258abc1608b90abc117aab6 files/digest-openssh-4.3_p2-r2 922
+SHA256 73e81f8ca9f772d6ffe2cbefd8c838942124416f199c3533844263f1aff80e1d files/digest-openssh-4.3_p2-r2 922
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.3 (GNU/Linux)
+
+iD8DBQFEiAm22+ySkm8kpY0RAiR3AJ9l0pb7AdBR9FzmphDew6ZpFLz5twCfeYrv
+fnuhdmxTeR1KtA0wkWyuvuE=
+=Vkp5
+-----END PGP SIGNATURE-----
MD5 6c89525f43b93fb2671af345dd85783b openssh-4.2p1+SecurID_v1.3.2.patch 616248
-MD5 bd234f201844fac2c4c44ffadd396741 openssh-4.2p1+x509-5.3.diff.gz 128507
+MD5 f2317f7a413f1d132a37e036166975b1 openssh-4.2p1+x509-5.5.diff.gz 133405
+RMD160 fba6bc99857d890cda0e5a88bf195b7e327f0aff openssh-4.2p1+x509-5.5.diff.gz 133405
+SHA256 42509cdd9edce6e6f2cb635cb480bfc0e3c0f26a0747760559742355a8b1ddce openssh-4.2p1+x509-5.5.diff.gz 133405
MD5 4b8f0befa09f234d6e7f1a5849b86197 openssh-4.2p1-hpn11.diff 14765
MD5 df899194a340c933944b193477c628fa openssh-4.2p1.tar.gz 914165
MD5 b779906d657d63794144cabe2bf978b8 openssh-lpk-4.1p1-0.3.6.patch 60312
--- /dev/null
+MD5 3611a21a0098c32416d4b8f75232c796 openssh-4.3p2+SecurID_v1.3.2.patch 47650
+MD5 bc93a31436941ae32e7f9d20c592eca7 openssh-4.3p2+x509-5.5.diff.gz 136017
+RMD160 21069550bbb05ea22870da853f68ee9910b2b71e openssh-4.3p2+x509-5.5.diff.gz 136017
+SHA256 b62ee8afd927d9c97367ac738be55464327deacabf803a610159a98c569e72ad openssh-4.3p2+x509-5.5.diff.gz 136017
+MD5 5ade4be51e0d49c18f4107013c60ac14 openssh-4.3p2-hpn12.diff.gz 14806
+RMD160 38ca2a73a3ff9aae8c6b9eba6c07eb962b4beb71 openssh-4.3p2-hpn12.diff.gz 14806
+SHA256 d98d8a016d6b7a83c9c821339e6d01b8d67a7607ec7ace11a72b347689411a74 openssh-4.3p2-hpn12.diff.gz 14806
+MD5 7e9880ac20a9b9db0d3fea30a9ff3d46 openssh-4.3p2.tar.gz 941455
+RMD160 ccd5967e3296347e6dd2be43c3d6caacde2b6833 openssh-4.3p2.tar.gz 941455
+SHA256 4ba757d6c933e7d075b6424124d92d197eb5d91e4a58794596b67f5f0ca21d4f openssh-4.3p2.tar.gz 941455
+MD5 d9eacb819a73daddb3d21ca7aa8e5c25 openssh-lpk-4.3p1-0.3.7.patch 60451
--- /dev/null
+tweak the secure id code a little so hpn patches cleanly
+
+--- servconf.c
++++ servconf.c
+@@ -643,6 +643,32 @@
+ *intptr = value;
+ break;
+
++#ifdef SECURID
++ case sSecurIDAuthentication:
++ intptr = &options->securid_authentication;
++ goto parse_flag;
++
++ case sSecurIDFallBack:
++ intptr = &options->securid_fallback;
++ goto parse_flag;
++
++ case sAllowNonSecurID:
++ intptr = &options->allow_nonsecurid;
++ goto parse_flag;
++
++ case sNegateSecurIDUsers:
++ intptr = &options->negate_securid_users;
++ goto parse_flag;
++
++ case sSecurIDUsersFile:
++ charptr = &options->securid_usersfile;
++ goto parse_filename;
++
++ case sSecurIDIgnoreShell:
++ intptr = &options->securid_ignore_shell;
++ goto parse_flag;
++#endif
++
+ case sIgnoreRhosts:
+ intptr = &options->ignore_rhosts;
+ parse_flag:
+@@ -662,31 +688,6 @@
+ *intptr = value;
+ break;
+
+-#ifdef SECURID
+- case sSecurIDAuthentication:
+- intptr = &options->securid_authentication;
+- goto parse_flag;
+-
+- case sSecurIDFallBack:
+- intptr = &options->securid_fallback;
+- goto parse_flag;
+-
+- case sAllowNonSecurID:
+- intptr = &options->allow_nonsecurid;
+- goto parse_flag;
+-
+- case sNegateSecurIDUsers:
+- intptr = &options->negate_securid_users;
+- goto parse_flag;
+-
+- case sSecurIDUsersFile:
+- charptr = &options->securid_usersfile;
+- goto parse_filename;
+-
+- case sSecurIDIgnoreShell:
+- intptr = &options->securid_ignore_shell;
+- goto parse_flag;
+-#endif
+ case sIgnoreUserKnownHosts:
+ intptr = &options->ignore_user_known_hosts;
+ goto parse_flag;
--- /dev/null
+tweak the x509 code a little so hpn patches cleanly
+
+--- servconf.c
++++ servconf.c
+@@ -335,6 +335,7 @@
+ sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
+ sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
+ sUsePrivilegeSeparation,
++ sDeprecated, sUnsupported
+ sHostbasedAlgorithms,
+ sPubkeyAlgorithms,
+ sX509KeyAlgorithm,
+@@ -345,7 +346,6 @@
+ sCAldapVersion, sCAldapURL,
+ sVAType, sVACertificateFile,
+ sVAOCSPResponderURL,
+- sDeprecated, sUnsupported
+ } ServerOpCodes;
+
+ /* Textual representation of the tokens. */
+@@ -446,6 +446,7 @@
+ { "authorizedkeysfile2", sAuthorizedKeysFile2 },
+ { "useprivilegeseparation", sUsePrivilegeSeparation},
+ { "acceptenv", sAcceptEnv },
++ { "permittunnel", sPermitTunnel },
+ { "hostbasedalgorithms", sHostbasedAlgorithms },
+ { "pubkeyalgorithms", sPubkeyAlgorithms },
+ { "x509rsasigtype", sDeprecated },
+@@ -462,7 +463,6 @@
+ { "vatype", sVAType },
+ { "vacertificatefile", sVACertificateFile },
+ { "vaocspresponderurl", sVAOCSPResponderURL },
+- { "permittunnel", sPermitTunnel },
+ { NULL, sBadOption }
+ };
+
# Copyright 1999-2006 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-4.2_p1-r1.ebuild,v 1.13 2006/02/19 18:22:20 kumba Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-4.2_p1-r1.ebuild,v 1.14 2006/06/08 11:23:45 vapier Exp $
inherit eutils flag-o-matic ccc pam
# and _p? releases.
PARCH=${P/_/}
-X509_PATCH="${PARCH}+x509-5.3.diff.gz"
+X509_PATCH="${PARCH}+x509-5.5.diff.gz"
SECURID_PATCH="${PARCH}+SecurID_v1.3.2.patch"
LDAP_PATCH="${PARCH/-4.2/-lpk-4.1}-0.3.6.patch"
HPN_PATCH="${PARCH}-hpn11.diff"
HOMEPAGE="http://www.openssh.com/"
SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz
ldap? ( http://www.opendarwin.org/en/projects/openssh-lpk/files/${LDAP_PATCH} )
- X509? ( http://roumenpetrov.info/openssh/x509-5.3/${X509_PATCH} )
+ X509? ( http://roumenpetrov.info/openssh/x509-5.5/${X509_PATCH} )
hpn? ( http://www.psc.edu/networking/projects/hpn-ssh/${HPN_PATCH} )
smartcard? ( http://www.omniti.com/~jesus/projects/${SECURID_PATCH} )"
--- /dev/null
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-4.3_p2-r2.ebuild,v 1.1 2006/06/08 11:23:45 vapier Exp $
+
+inherit eutils flag-o-matic ccc pam
+
+# Make it more portable between straight releases
+# and _p? releases.
+PARCH=${P/_/}
+
+X509_PATCH="${PARCH}+x509-5.5.diff.gz"
+SECURID_PATCH="${PARCH}+SecurID_v1.3.2.patch"
+LDAP_PATCH="${PARCH/-4.3p2/-lpk-4.3p1}-0.3.7.patch"
+HPN_PATCH="${PARCH}-hpn12.diff.gz"
+
+DESCRIPTION="Port of OpenBSD's free SSH release"
+HOMEPAGE="http://www.openssh.com/"
+SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz
+ hpn? ( http://www.psc.edu/networking/projects/hpn-ssh/${HPN_PATCH} )
+ X509? ( http://roumenpetrov.info/openssh/x509-5.5/${X509_PATCH} )
+ smartcard? ( http://www.omniti.com/~jesus/projects/${SECURID_PATCH} )
+ ldap? ( http://www.opendarwin.org/projects/openssh-lpk/files/${LDAP_PATCH} )"
+
+LICENSE="as-is"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd"
+IUSE="ipv6 static pam tcpd kerberos skey selinux chroot X509 ldap smartcard sftplogging hpn libedit"
+
+RDEPEND="pam? ( virtual/pam )
+ kerberos? ( virtual/krb5 )
+ selinux? ( >=sys-libs/libselinux-1.28 )
+ skey? ( >=app-admin/skey-1.1.5-r1 )
+ ldap? ( net-nds/openldap )
+ libedit? ( || ( dev-libs/libedit sys-freebsd/freebsd-lib ) )
+ >=dev-libs/openssl-0.9.6d
+ >=sys-libs/zlib-1.2.3
+ smartcard? ( dev-libs/opensc )
+ tcpd? ( >=sys-apps/tcp-wrappers-7.6 )"
+DEPEND="${RDEPEND}
+ virtual/os-headers
+ sys-devel/autoconf"
+PROVIDE="virtual/ssh"
+
+S=${WORKDIR}/${PARCH}
+
+src_unpack() {
+ unpack ${PARCH}.tar.gz
+ cd "${S}"
+
+ sed -i \
+ -e '/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:/usr/bin/xauth:' \
+ pathnames.h || die
+
+ epatch "${FILESDIR}"/openssh-4.3_p1-krb5-typos.patch #124494
+ use X509 && epatch "${DISTDIR}"/${X509_PATCH} "${FILESDIR}"/${P}-x509-hpn-glue.patch
+ use sftplogging && epatch "${FILESDIR}"/openssh-4.2_p1-sftplogging-1.4-gentoo.patch.bz2
+ use chroot && epatch "${FILESDIR}"/openssh-3.9_p1-chroot.patch
+ if use X509 ; then
+ cp "${FILESDIR}"/openssh-4.3_p2-selinux.patch .
+ epatch "${FILESDIR}"/openssh-4.3_p2-selinux.patch.glue ./openssh-4.3_p2-selinux.patch
+ else
+ epatch "${FILESDIR}"/openssh-4.3_p2-selinux.patch
+ fi
+ use smartcard && epatch "${FILESDIR}"/openssh-3.9_p1-opensc.patch
+ if ! use X509 ; then
+ if [[ -n ${SECURID_PATCH} ]] && use smartcard ; then
+ epatch "${DISTDIR}"/${SECURID_PATCH} "${FILESDIR}"/${P}-securid-hpn-glue.patch
+ use ldap && epatch "${FILESDIR}"/openssh-4.0_p1-smartcard-ldap-happy.patch
+ fi
+ if use ldap ; then
+ use sftplogging \
+ && ewarn "Sorry, sftplogging and ldap don't get along, disabling ldap" \
+ || epatch "${DISTDIR}"/${LDAP_PATCH}
+ fi
+ elif [[ -n ${SECURID_PATCH} ]] && use smartcard || use ldap ; then
+ ewarn "Sorry, x509 and smartcard/ldap don't get along"
+ fi
+ [[ -n ${HPN_PATCH} ]] && use hpn && epatch "${DISTDIR}"/${HPN_PATCH}
+
+ sed -i '/LD.*ssh-keysign/s:$: '$(bindnow-flags)':' Makefile.in || die "setuid"
+
+ autoconf || die "autoconf failed"
+}
+
+src_compile() {
+ addwrite /dev/ptmx
+ addpredict /etc/skey/skeykeys #skey configure code triggers this
+
+ local myconf
+ # make sure .sbss is large enough
+ use skey && use alpha && append-ldflags -mlarge-data
+ if use ldap ; then
+ filter-flags -funroll-loops
+ myconf="${myconf} --with-ldap"
+ fi
+ use selinux && append-flags -DWITH_SELINUX && append-ldflags -lselinux
+
+ if use static ; then
+ append-ldflags -static
+ use pam && ewarn "Disabling pam support becuse of static flag"
+ myconf="${myconf} --without-pam"
+ else
+ myconf="${myconf} $(use_with pam)"
+ fi
+
+ use ipv6 || myconf="${myconf} --with-ipv4-default"
+
+ econf \
+ --with-ldflags="${LDFLAGS}" \
+ --disable-strip \
+ --sysconfdir=/etc/ssh \
+ --libexecdir=/usr/$(get_libdir)/misc \
+ --datadir=/usr/share/openssh \
+ --disable-suid-ssh \
+ --with-privsep-path=/var/empty \
+ --with-privsep-user=sshd \
+ --with-md5-passwords \
+ $(use_with libedit) \
+ $(use_with kerberos kerberos5 /usr) \
+ $(use_with tcpd tcp-wrappers) \
+ $(use_with skey) \
+ $(use_with smartcard opensc) \
+ ${myconf} \
+ || die "bad configure"
+
+ emake || die "compile problem"
+}
+
+src_install() {
+ make install-nokeys DESTDIR="${D}" || die
+ fperms 600 /etc/ssh/sshd_config
+ dobin contrib/ssh-copy-id
+ newinitd "${FILESDIR}"/sshd.rc6 sshd
+ newconfd "${FILESDIR}"/sshd.confd sshd
+ keepdir /var/empty
+
+ newpamd "${FILESDIR}"/sshd.pam_include sshd
+ dosed "/^#Protocol /s:.*:Protocol 2:" /etc/ssh/sshd_config
+ use pam \
+ && dosed "/^#UsePAM /s:.*:UsePAM yes:" /etc/ssh/sshd_config \
+ && dosed "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" /etc/ssh/sshd_config
+
+ doman contrib/ssh-copy-id.1
+ dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config
+}
+
+pkg_postinst() {
+ enewgroup sshd 22
+ enewuser sshd 22 -1 /var/empty sshd
+
+ ewarn "Remember to merge your config files in /etc/ssh/ and then"
+ ewarn "restart sshd: '/etc/init.d/sshd restart'."
+ ewarn
+ einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation"
+ einfo "functionality, but please ensure that you do not explicitly disable"
+ einfo "this in your configuration as disabling it opens security holes"
+ einfo
+ einfo "This revision has removed your sshd user id and replaced it with a"
+ einfo "new one with UID 22. If you have any scripts or programs that"
+ einfo "that referenced the old UID directly, you will need to update them."
+ einfo
+ if use pam ; then
+ einfo "Please be aware users need a valid shell in /etc/passwd"
+ einfo "in order to be allowed to login."
+ einfo
+ fi
+}
projects / gentoo.git / commitdiff