|
|
@@ -23,7 +23,8 @@
|
|
|
## SUCH DAMAGE.
|
|
|
##
|
|
|
|
|
|
-%define with_pcre yes
|
|
|
+%define with_pam yes
|
|
|
+%define with_pcre no
|
|
|
%define with_skey no
|
|
|
|
|
|
# package information
|
|
|
@@ -36,7 +37,7 @@ Distribution: OpenPKG [REL]
|
|
|
Group: Cryptography
|
|
|
License: BSD
|
|
|
Version: 3.1p1
|
|
|
-Release: 20020309
|
|
|
+Release: 20020311
|
|
|
|
|
|
# list of sources
|
|
|
Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
|
|
|
@@ -50,6 +51,9 @@ Source5: ssh-askpass
|
|
|
Prefix: %{l_prefix}
|
|
|
BuildRoot: %{l_buildroot}
|
|
|
BuildPreReq: OpenPKG, openpkg >= 20020206, perl, openssl, zlib
|
|
|
+%if "%{with_pam}" == "yes"
|
|
|
+BuildPreReq: PAM
|
|
|
+%endif
|
|
|
%if "%{with_pcre}" == "yes"
|
|
|
BuildPreReq: pcre
|
|
|
%endif
|
|
|
@@ -71,6 +75,8 @@ AutoReqProv: no
|
|
|
terms of security and features, as well as removing all patented
|
|
|
algorithms to separate libraries (OpenSSL).
|
|
|
|
|
|
+ Options: with_pam=%{with_pam}, with_pcre=%{with_pcre}, with_skey=%{with_skey}
|
|
|
+
|
|
|
%prep
|
|
|
%setup0 -q -c -a 0
|
|
|
%setup1 -q -T -D -a 1
|
|
|
@@ -88,10 +94,16 @@ AutoReqProv: no
|
|
|
|
|
|
# build OpenSSH
|
|
|
( cd openssh-%{version}
|
|
|
+ inc="-I%{l_prefix}/include"
|
|
|
+ lib="-L%{l_prefix}/lib -L$fakesyslogdir"
|
|
|
+%if "%{with_pam}" == "yes"
|
|
|
+ inc="$inc -I`%{l_prefix}/etc/rc --query pam_incdir`"
|
|
|
+ lib="$lib -L`%{l_prefix}/etc/rc --query pam_libdir`"
|
|
|
+%endif
|
|
|
CC="%{l_cc}" \
|
|
|
- CFLAGS="%{l_cflags -O} -I%{l_prefix}/include" \
|
|
|
- CPPFLAGS="-I%{l_prefix}/include" \
|
|
|
- LDFLAGS="-L%{l_prefix}/lib -L$fakesyslogdir" \
|
|
|
+ CFLAGS="%{l_cflags -O} $inc" \
|
|
|
+ CPPFLAGS="$inc" \
|
|
|
+ LDFLAGS="$lib" \
|
|
|
LIBS="-lcrypt -lfakesyslog" \
|
|
|
./configure \
|
|
|
--prefix=%{l_prefix} \
|
|
|
@@ -109,10 +121,14 @@ AutoReqProv: no
|
|
|
%if "%{with_skey}" == "yes"
|
|
|
--with-skey=%{l_prefix} \
|
|
|
%endif
|
|
|
+%if "%{with_pam}" == "yes"
|
|
|
+ --with-pam \
|
|
|
+%else
|
|
|
+ --without-pam \
|
|
|
+%endif
|
|
|
+ --with-md5-passwords \
|
|
|
--with-zlib=%{l_prefix} \
|
|
|
--with-ipv4-default \
|
|
|
- --with-md5-passwords \
|
|
|
- --with-pam \
|
|
|
--without-smartcard \
|
|
|
--without-kerberos4 \
|
|
|
--disable-suid-ssh \
|
|
|
@@ -194,39 +210,9 @@ AutoReqProv: no
|
|
|
fi
|
|
|
|
|
|
# add PAM configuration entry
|
|
|
- if [ -f /etc/pam.conf ]; then
|
|
|
- ( case "%{l_target}" in
|
|
|
- *-freebsd* )
|
|
|
- echo "sshd auth sufficient pam_skey.so"
|
|
|
- echo "sshd auth required pam_unix.so try_first_pass"
|
|
|
- echo "sshd account required pam_unix.so"
|
|
|
- echo "sshd password required pam_permit.so"
|
|
|
- echo "sshd session required pam_permit.so"
|
|
|
- ;;
|
|
|
- *-linux* )
|
|
|
- echo "sshd auth required /lib/security/pam_unix_auth.so shadow nodelay"
|
|
|
- echo "sshd auth required /lib/security/pam_nologin.so"
|
|
|
- echo "sshd account required /lib/security/pam_unix_acct.so"
|
|
|
- echo "sshd password required /lib/security/pam_unix_passwd.so shadow nullok use_authtok"
|
|
|
- echo "sshd session required /lib/security/pam_unix_session.so"
|
|
|
- echo "sshd session required /lib/security/pam_limits.so"
|
|
|
- ;;
|
|
|
- *-solaris* )
|
|
|
- echo "sshd auth required /usr/lib/security/pam_unix.so try_first_pass"
|
|
|
- echo "sshd account required /usr/lib/security/pam_unix.so"
|
|
|
- echo "sshd password required /usr/lib/security/pam_unix.so"
|
|
|
- echo "sshd session required /usr/lib/security/pam_unix.so"
|
|
|
- ;;
|
|
|
- esac
|
|
|
- ) |\
|
|
|
- $RPM_INSTALL_PREFIX/sbin/rpmtool config \
|
|
|
- -a -s -i "$RPM_INSTALL_PREFIX:openssh" /etc/pam.conf
|
|
|
- fi
|
|
|
+ $RPM_INSTALL_PREFIX/sbin/pamtool -a -s -n "openssh"
|
|
|
|
|
|
%preun
|
|
|
# remove PAM configuration entry
|
|
|
- if [ -f /etc/pam.conf ]; then
|
|
|
- $RPM_INSTALL_PREFIX/sbin/rpmtool config \
|
|
|
- -r -s -i "$RPM_INSTALL_PREFIX:openssh" /etc/pam.conf
|
|
|
- fi
|
|
|
+ $RPM_INSTALL_PREFIX/sbin/pamtool -r -s -n "openssh"
|
|
|
|
