openpkg
/
openpkg-packages


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221
							##
##  openssh.spec -- OpenPKG RPM Specification 
##  Copyright (c) 2000-2001 Cable & Wireless Deutschland GmbH
##  Copyright (c) 2000-2001 Ralf S. Engelschall <rse@engelschall.com>
##
##  Permission to use, copy, modify, and distribute this software for
##  any purpose with or without fee is hereby granted, provided that
##  the above copyright notice and this permission notice appear in all
##  copies.
##
##  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
##  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
##  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
##  IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
##  CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
##  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
##  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
##  USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
##  ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
##  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
##  OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
##  SUCH DAMAGE.
##

%define       V_openssh  2.9.9p2
%define       V_scanssh  1.55

#   package information
Name:         openssh
Summary:      Secure Shell (SSH)
URL:          http://www.openssh.com/
Vendor:       The OpenBSD Project
Packager:     The OpenPKG Project
Distribution: OpenPKG [EXP]
Group:        Cryptography
License:      BSD
Version:      %{V_openssh}
Release:      10

#   list of sources
Source0:      ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{V_openssh}.tar.gz
Source1:      http://www.monkey.org/~provos/scanssh-%{V_scanssh}.tar.gz
Source2:      rc.openssh
Source3:      sshd_config
Source4:      ssh_config

#   build information
Prefix:       %{l_prefix}
BuildRoot:    %{l_buildroot}
BuildPreReq:  OpenPKG, openpkg >= 0.9-33, perl, openssl, zlib, skey, libpcap
PreReq:       OpenPKG, openpkg >= 0.9-33
AutoReq:      no
AutoReqProv:  no

%description
    Secure Shell (SSH) is a facility for logging into a remote machine
    and for remotely executing commands on a remote machine. It is
    intended to replace rlogin(1) and rsh(1), and provide secure
    encrypted communications between two untrusted hosts over an
    insecure network. X11 connections and arbitrary TCP/IP ports can
    also be forwarded over the secure channel. OpenSSH is OpenBSD's
    rework of the last free version of SSH, bringing it up to date in
    terms of security and features, as well as removing all patented
    algorithms to separate libraries (OpenSSL).

%prep
    %setup0 -q -c -n openssh-%{version}
    %setup1 -q -T -D -a 1

%build
    ( cd openssh-%{V_openssh}
      #   configure source tree
      CC="%{l_cc}" \
      CFLAGS="%{l_cflags -O} -I%{l_prefix}/include" \
      LDFLAGS="-L%{l_prefix}/lib" \
      LIBS="-lcrypt" \
      ./configure \
          --prefix=%{l_prefix} \
          --sbindir=%{l_prefix}/bin \
          --mandir=%{l_prefix}/man \
          --infodir=%{l_prefix}/info \
          --sysconfdir=%{l_prefix}/etc/openssh \
          --libexecdir=%{l_prefix}/libexec/openssh \
          --localstatedir=%{l_prefix}/var/openssh \
          --with-pid-dir=%{l_prefix}/var/openssh \
          --with-ssl-dir=%{l_prefix} \
          --with-skey=%{l_prefix} \
          --with-ipv4-default \
          --with-md5-passwords \
          --with-pam \
          --without-kerberos4 \
          --disable-suid-ssh \
          --without-rsh \
          --with-default-path=%{l_prefix}/bin:/bin:/usr/bin:/usr/local/bin
  
      #   build package
      %{l_make} %{l_mflags -O}
    )
    ( cd scanssh
      CC="%{l_cc}" \
      CFLAGS="%{l_cflags -O} -I%{l_prefix}/include/openssl -I%{l_prefix}/include" \
      LDFLAGS="-L%{l_prefix}/lib" \
      ./configure \
          --prefix=%{l_prefix}
      %{l_make} %{l_mflags -O}
    )

%install
    rm -rf $RPM_BUILD_ROOT

    ( cd openssh-%{V_openssh}
      #   perform standard installation procedure of OpenSSH
      %{l_make} %{l_mflags} install DESTDIR=$RPM_BUILD_ROOT
    )
    ( cd scanssh
      #   perform standard installation procedure of ScanSSH
      %{l_make} %{l_mflags} install DESTDIR=$RPM_BUILD_ROOT
    )

    #   strip down installation tree
    rm -f $RPM_BUILD_ROOT%{l_prefix}/bin/slogin
    rm -f $RPM_BUILD_ROOT%{l_prefix}/man/man1/slogin.1
    strip $RPM_BUILD_ROOT%{l_prefix}/bin/* 2> /dev/null || true
    strip $RPM_BUILD_ROOT%{l_prefix}/libexec/openssh/* 2> /dev/null || true

    #   make sure the state directory exists
    %{l_shtool} mkdir -f -p -m 755 $RPM_BUILD_ROOT%{l_prefix}/var/openssh

    #   install run-command script
    %{l_shtool} mkdir -f -p -m 755 $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d
    %{l_shtool} install -c -m 755 -e "s;@l_prefix@;%{l_prefix};g" \
        %{SOURCE rc.openssh} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/

    #   install reasonable ssh server and client configuration files
    case "%{l_target}" in
        *-freebsd* ) uselogin=yes; printmotd=no  ;;
        *-linux*   ) uselogin=yes; printmotd=no  ;;
        *-solaris* ) uselogin=no;  printmotd=yes ;; # "uselogin" does not work on Solaris!
    esac
    %{l_shtool} install -c -m 644 \
        -e "s;@l_prefix@;%{l_prefix};g" \
        -e "s;@uselogin@;$uselogin;" \
        -e "s;@printmotd@;$printmotd;" \
        %{SOURCE sshd_config} $RPM_BUILD_ROOT%{l_prefix}/etc/openssh/
    %{l_shtool} install -c -m 644 -e "s;@l_prefix@;%{l_prefix};g" \
        %{SOURCE ssh_config} $RPM_BUILD_ROOT%{l_prefix}/etc/openssh/

    #   determine installation files
    %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
        %{l_files_std} \
        '%config %{l_prefix}/etc/openssh/*'

%files -f files

%clean
    rm -rf $RPM_BUILD_ROOT

%post
    #   generate server RSA key
    if [ ! -f "$RPM_INSTALL_PREFIX/etc/openssh/ssh_host_key" -o \
         ! -s "$RPM_INSTALL_PREFIX/etc/openssh/ssh_host_key" ] ; then
        $RPM_INSTALL_PREFIX/bin/ssh-keygen -b 1024 \
            -f $RPM_INSTALL_PREFIX/etc/openssh/ssh_host_key \
            -N '' -C `hostname` 1>&2
    fi

    #   generate server DSA key
    if [ ! -f "$RPM_INSTALL_PREFIX/etc/openssh/ssh_host_dsa_key" -o \
         ! -s "$RPM_INSTALL_PREFIX/etc/openssh/ssh_host_dsa_key" ] ; then
        $RPM_INSTALL_PREFIX/bin/ssh-keygen -d \
            -f $RPM_INSTALL_PREFIX/etc/openssh/ssh_host_dsa_key \
            -N '' -C `hostname` 1>&2
    fi

    #   add PAM configuration entry
    if [ -f /etc/pam.conf ]; then
        check=`grep "^#<OpenPKG prefix=$RPM_INSTALL_PREFIX pkg=openssh>" /etc/pam.conf`
        if [ ".$check" = . ]; then
            ( echo "#<OpenPKG prefix=$RPM_INSTALL_PREFIX pkg=openssh>"
              case "%{l_target}" in
                  *-freebsd* ) 
                      echo "sshd auth     sufficient pam_skey.so"
                      echo "sshd auth     required   pam_unix.so   try_first_pass"
                      echo "sshd account  required   pam_unix.so"
                      echo "sshd password required   pam_permit.so"
                      echo "sshd session  required   pam_permit.so"
                      ;;
                  *-linux* ) 
                      echo "sshd auth     required /lib/security/pam_unix_auth.so shadow nodelay"
                      echo "sshd auth     required /lib/security/pam_nologin.so"
                      echo "sshd account  required /lib/security/pam_unix_acct.so"
                      echo "sshd password required /lib/security/pam_unix_passwd.so shadow nullok use_authtok" 
                      echo "sshd session  required /lib/security/pam_unix_session.so" 
                      echo "sshd session  required /lib/security/pam_limits.so"
                      ;;
                  *-solaris* ) 
                      echo "sshd auth     required /usr/lib/security/pam_unix.so try_first_pass"
                      echo "sshd account  required /usr/lib/security/pam_unix.so"
                      echo "sshd password required /usr/lib/security/pam_unix.so" 
                      echo "sshd session  required /usr/lib/security/pam_unix.so" 
                      ;;
              esac
              echo "#</OpenPKG>"
            ) >>/etc/pam.conf
        fi
    fi

%preun
    #   remove PAM configuration entry
    if [ -f /etc/pam.conf ]; then
        check=`grep "^#<OpenPKG prefix=$RPM_INSTALL_PREFIX pkg=openssh>" /etc/pam.conf`
        if [ ".$check" != . ]; then
            prefix=`echo $RPM_INSTALL_PREFIX | sed -e 's;/;\\/;g'`
            cp /etc/pam.conf /etc/pam.conf.tmp && \
            sed -e "/^#<OpenPKG prefix=$prefix pkg=openssh>/,/^#<\\/OpenPKG>/d" \
            </etc/pam.conf.tmp >/etc/pam.conf && \
            rm -f /etc/pam.conf.tmp
        fi
    fi