Added support for OpenSSH-lpk The OpenSSH LDAP Public Key patch provides an easy way of centralizing strong user authentication by using an LDAP server for retrieving public keys instead of ~/.ssh/authorized_keys.diff -r1.205 -r1.206 pkgsrc/security/openssh/Makefile
(imil)
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | # $NetBSD: Makefile,v 1.205 2012/01/09 05:25:36 manu Exp $ | 1 | # $NetBSD: Makefile,v 1.206 2012/05/31 11:58:37 imil Exp $ | |
2 | 2 | |||
3 | DISTNAME= openssh-5.8p2 | 3 | DISTNAME= openssh-5.8p2 | |
4 | PKGNAME= openssh-5.8.2 | 4 | PKGNAME= openssh-5.8.2 | |
5 | PKGREVISION= 5 | 5 | PKGREVISION= 5 | |
6 | SVR4_PKGNAME= ossh | 6 | SVR4_PKGNAME= ossh | |
7 | CATEGORIES= security | 7 | CATEGORIES= security | |
8 | MASTER_SITES= ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \ | 8 | MASTER_SITES= ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \ | |
9 | ftp://ftp3.usa.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ | 9 | ftp://ftp3.usa.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ | |
10 | ftp://gd.tuwien.ac.at/opsys/OpenBSD/OpenSSH/portable/ \ | 10 | ftp://gd.tuwien.ac.at/opsys/OpenBSD/OpenSSH/portable/ \ | |
11 | ftp://ftp.freenet.de/pub/ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ | 11 | ftp://ftp.freenet.de/pub/ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ | |
12 | ftp://ftp.jaist.ac.jp/pub/OpenBSD/OpenSSH/portable/ \ | 12 | ftp://ftp.jaist.ac.jp/pub/OpenBSD/OpenSSH/portable/ \ | |
13 | ftp://ftp.belnet.be/packages/openbsd/OpenSSH/portable/ | 13 | ftp://ftp.belnet.be/packages/openbsd/OpenSSH/portable/ | |
14 | # Don't delete the last entry -- it's there if the pkgsrc version is not | 14 | # Don't delete the last entry -- it's there if the pkgsrc version is not | |
@@ -167,37 +167,52 @@ RCD_SCRIPT_SRC.sshd= ${WRKDIR}/sshd.sh | @@ -167,37 +167,52 @@ RCD_SCRIPT_SRC.sshd= ${WRKDIR}/sshd.sh | |||
167 | PLIST_SRC+= ${.CURDIR}/PLIST | 167 | PLIST_SRC+= ${.CURDIR}/PLIST | |
168 | FILES_SUBST+= SSH_PID_DIR=${SSH_PID_DIR:Q} | 168 | FILES_SUBST+= SSH_PID_DIR=${SSH_PID_DIR:Q} | |
169 | 169 | |||
170 | SUBST_CLASSES+= patch | 170 | SUBST_CLASSES+= patch | |
171 | SUBST_STAGE.patch= pre-configure | 171 | SUBST_STAGE.patch= pre-configure | |
172 | SUBST_FILES.patch= session.c | 172 | SUBST_FILES.patch= session.c | |
173 | SUBST_SED.patch= -e '/channel_input_port_forward_request/s/0/ROOTUID/' | 173 | SUBST_SED.patch= -e '/channel_input_port_forward_request/s/0/ROOTUID/' | |
174 | SUBST_MESSAGE.patch= More patch a file. | 174 | SUBST_MESSAGE.patch= More patch a file. | |
175 | 175 | |||
176 | .include "../../devel/zlib/buildlink3.mk" | 176 | .include "../../devel/zlib/buildlink3.mk" | |
177 | .include "../../security/openssl/buildlink3.mk" | 177 | .include "../../security/openssl/buildlink3.mk" | |
178 | .include "../../security/tcp_wrappers/buildlink3.mk" | 178 | .include "../../security/tcp_wrappers/buildlink3.mk" | |
179 | 179 | |||
180 | .if !empty(PKG_OPTIONS:Mldap) | |||
181 | DOCDIR= ${PREFIX}/share/doc/openssh | |||
182 | INSTALLATION_DIRS+= ${DOCDIR} | |||
183 | ||||
184 | pre-configure: | |||
185 | cd ${WRKSRC} && autoconf | |||
186 | .endif | |||
187 | ||||
180 | # | 188 | # | |
181 | # type of key "ecdsa" isn't always supported depends on OpenSSL. | 189 | # type of key "ecdsa" isn't always supported depends on OpenSSL. | |
182 | # | 190 | # | |
183 | post-configure: | 191 | post-configure: | |
184 | if ${EGREP} -q '^\#define[ ]+OPENSSL_HAS_ECC' \ | 192 | if ${EGREP} -q '^\#define[ ]+OPENSSL_HAS_ECC' \ | |
185 | ${WRKSRC}/config.h; then \ | 193 | ${WRKSRC}/config.h; then \ | |
186 | ${SED} -e '/HAVE_ECDSA/s/.*//' \ | 194 | ${SED} -e '/HAVE_ECDSA/s/.*//' \ | |
187 | ${FILESDIR}/sshd.sh > ${WRKDIR}/sshd.sh; \ | 195 | ${FILESDIR}/sshd.sh > ${WRKDIR}/sshd.sh; \ | |
188 | else \ | 196 | else \ | |
189 | ${SED} -e '/HAVE_ECDSA_START/,/HAVE_ECDSA_STOP/d' \ | 197 | ${SED} -e '/HAVE_ECDSA_START/,/HAVE_ECDSA_STOP/d' \ | |
190 | ${FILESDIR}/sshd.sh > ${WRKDIR}/sshd.sh; \ | 198 | ${FILESDIR}/sshd.sh > ${WRKDIR}/sshd.sh; \ | |
191 | fi | 199 | fi | |
192 | 200 | |||
193 | post-install: | 201 | post-install: | |
194 | ${INSTALL_DATA_DIR} ${DESTDIR}${EGDIR} | 202 | ${INSTALL_DATA_DIR} ${DESTDIR}${EGDIR} | |
195 | cd ${WRKSRC}; for file in ${CONFS}; do \ | 203 | cd ${WRKSRC}; for file in ${CONFS}; do \ | |
196 | ${INSTALL_DATA} $${file}.out ${DESTDIR}${EGDIR}/$${file}; \ | 204 | ${INSTALL_DATA} $${file}.out ${DESTDIR}${EGDIR}/$${file}; \ | |
197 | done | 205 | done | |
198 | .if !empty(PKG_OPTIONS:Mpam) && ${OPSYS} == "Linux" | 206 | .if !empty(PKG_OPTIONS:Mpam) && ${OPSYS} == "Linux" | |
199 | ${INSTALL_DATA} ${WRKSRC}/contrib/sshd.pam.generic \ | 207 | ${INSTALL_DATA} ${WRKSRC}/contrib/sshd.pam.generic \ | |
200 | ${DESTDIR}${EGDIR}/sshd.pam | 208 | ${DESTDIR}${EGDIR}/sshd.pam | |
201 | .endif | 209 | .endif | |
210 | .if !empty(PKG_OPTIONS:Mldap) | |||
211 | ${INSTALL_DATA} ${WRKSRC}/README.lpk \ | |||
212 | ${DESTDIR}${DOCDIR} | |||
213 | cd ${WRKSRC}; for file in ${LPK_CONFS}; do \ | |||
214 | ${INSTALL_DATA} $${file} ${DESTDIR}${EGDIR}/$${file}; \ | |||
215 | done | |||
216 | .endif | |||
202 | 217 | |||
203 | .include "../../mk/bsd.pkg.mk" | 218 | .include "../../mk/bsd.pkg.mk" |
@comment $NetBSD: PLIST.ldap,v 1.1 2012/05/31 11:58:37 imil Exp $
share/doc/openssh/README.lpk
share/examples/openssh/lpk-user-example.txt
share/examples/openssh/openssh-lpk_openldap.schema
share/examples/openssh/openssh-lpk_sun.schema
@@ -1,21 +1,21 @@ | @@ -1,21 +1,21 @@ | |||
1 | $NetBSD: distinfo,v 1.81 2011/08/18 09:22:02 taca Exp $ | 1 | $NetBSD: distinfo,v 1.82 2012/05/31 11:58:37 imil Exp $ | |
2 | 2 | |||
3 | SHA1 (openssh-5.8p1-hpn13v11.diff.gz) = ea61ab71605ee867eebc1a92875a3ea5369e2d28 | |||
4 | RMD160 (openssh-5.8p1-hpn13v11.diff.gz) = 45fbb8e2db2f829f2749cd745ed6a0542adb1c45 | |||
5 | Size (openssh-5.8p1-hpn13v11.diff.gz) = 22993 bytes | |||
6 | SHA1 (openssh-5.8p2.tar.gz) = 64798328d310e4f06c9f01228107520adbc8b3e5 | 3 | SHA1 (openssh-5.8p2.tar.gz) = 64798328d310e4f06c9f01228107520adbc8b3e5 | |
7 | RMD160 (openssh-5.8p2.tar.gz) = f70cdb10983c389b1d6e52da522b9ff8256f1aff | 4 | RMD160 (openssh-5.8p2.tar.gz) = f70cdb10983c389b1d6e52da522b9ff8256f1aff | |
8 | Size (openssh-5.8p2.tar.gz) = 1115475 bytes | 5 | Size (openssh-5.8p2.tar.gz) = 1115475 bytes | |
6 | SHA1 (openssh-lpk-5.8p2-0.3.14.patch.gz) = 9eab90211363e6ea74e250d072cf14b69516bc0e | |||
7 | RMD160 (openssh-lpk-5.8p2-0.3.14.patch.gz) = ca008e5c8c1f43be334f6e4e598d79d0153e94e5 | |||
8 | Size (openssh-lpk-5.8p2-0.3.14.patch.gz) = 18656 bytes | |||
9 | SHA1 (patch-aa) = 59a39e53367983145e11150018a7f6f185df7bd5 | 9 | SHA1 (patch-aa) = 59a39e53367983145e11150018a7f6f185df7bd5 | |
10 | SHA1 (patch-ab) = 45ae7e91a00fc6d3fdb6cd6b91950d7aae58a55f | 10 | SHA1 (patch-ab) = 45ae7e91a00fc6d3fdb6cd6b91950d7aae58a55f | |
11 | SHA1 (patch-ac) = 7cd1129633649327f4f44cecc10b617c5cd34ec3 | 11 | SHA1 (patch-ac) = 7cd1129633649327f4f44cecc10b617c5cd34ec3 | |
12 | SHA1 (patch-ad) = ce7c34a1810ad4f44be935c5479c53109a306d1d | 12 | SHA1 (patch-ad) = ce7c34a1810ad4f44be935c5479c53109a306d1d | |
13 | SHA1 (patch-ae) = 4ec1007b03d4bf28ddd1dcfdf2ec7c5295a69df5 | 13 | SHA1 (patch-ae) = 4ec1007b03d4bf28ddd1dcfdf2ec7c5295a69df5 | |
14 | SHA1 (patch-af) = ca3224af0b648803404776a8c12ed678db4f8ff6 | 14 | SHA1 (patch-af) = ca3224af0b648803404776a8c12ed678db4f8ff6 | |
15 | SHA1 (patch-ag) = 0cdcc0f235119fb0603bb112492dd5ba66e6ad04 | 15 | SHA1 (patch-ag) = 0cdcc0f235119fb0603bb112492dd5ba66e6ad04 | |
16 | SHA1 (patch-ah) = 0dad388fe5204ee6ca5d90ba1e684e18df38ccf1 | 16 | SHA1 (patch-ah) = 0dad388fe5204ee6ca5d90ba1e684e18df38ccf1 | |
17 | SHA1 (patch-ai) = becad6262e5daeef2a6db14097a8971c40088403 | 17 | SHA1 (patch-ai) = becad6262e5daeef2a6db14097a8971c40088403 | |
18 | SHA1 (patch-aj) = 5c89b4a7da59f05c50c16083aa6dd6e465cd0305 | 18 | SHA1 (patch-aj) = 5c89b4a7da59f05c50c16083aa6dd6e465cd0305 | |
19 | SHA1 (patch-ak) = 00b594fec3c366ed134b7ced5c3bc3fcf7b56357 | 19 | SHA1 (patch-ak) = 00b594fec3c366ed134b7ced5c3bc3fcf7b56357 | |
20 | SHA1 (patch-al) = ffd15b2ef3cb6b57419c0f6f1f4f795e497382d7 | 20 | SHA1 (patch-al) = ffd15b2ef3cb6b57419c0f6f1f4f795e497382d7 | |
21 | SHA1 (patch-am) = 416471d27aedd44dc56007da46805d90f3d9957f | 21 | SHA1 (patch-am) = 416471d27aedd44dc56007da46805d90f3d9957f |
@@ -1,30 +1,46 @@ | @@ -1,30 +1,46 @@ | |||
1 | # $NetBSD: options.mk,v 1.22 2012/01/09 05:25:36 manu Exp $ | 1 | # $NetBSD: options.mk,v 1.23 2012/05/31 11:58:37 imil Exp $ | |
2 | 2 | |||
3 | .include "../../mk/bsd.prefs.mk" | 3 | .include "../../mk/bsd.prefs.mk" | |
4 | 4 | |||
5 | PKG_OPTIONS_VAR= PKG_OPTIONS.openssh | 5 | PKG_OPTIONS_VAR= PKG_OPTIONS.openssh | |
6 | PKG_SUPPORTED_OPTIONS= kerberos hpn-patch pam | 6 | PKG_SUPPORTED_OPTIONS= kerberos hpn-patch ldap pam | |
7 | 7 | |||
8 | .include "../../mk/bsd.options.mk" | 8 | .include "../../mk/bsd.options.mk" | |
9 | 9 | |||
10 | .if !empty(PKG_OPTIONS:Mkerberos) | 10 | .if !empty(PKG_OPTIONS:Mkerberos) | |
11 | . include "../../mk/krb5.buildlink3.mk" | 11 | . include "../../mk/krb5.buildlink3.mk" | |
12 | CONFIGURE_ARGS+= --with-kerberos5=${KRB5BASE:Q} | 12 | CONFIGURE_ARGS+= --with-kerberos5=${KRB5BASE:Q} | |
13 | . if ${KRB5_TYPE} == "mit-krb5" | 13 | . if ${KRB5_TYPE} == "mit-krb5" | |
14 | CONFIGURE_ENV+= ac_cv_search_k_hasafs=no | 14 | CONFIGURE_ENV+= ac_cv_search_k_hasafs=no | |
15 | . endif | 15 | . endif | |
16 | .endif | 16 | .endif | |
17 | 17 | |||
18 | .if !empty(PKG_OPTIONS:Mhpn-patch) | 18 | .if !empty(PKG_OPTIONS:Mhpn-patch) | |
19 | PATCHFILES= openssh-5.8p1-hpn13v11.diff.gz | 19 | PATCHFILES= openssh-5.8p1-hpn13v11.diff.gz | |
20 | PATCH_SITES= http://www.psc.edu/networking/projects/hpn-ssh/ | 20 | PATCH_SITES= http://www.psc.edu/networking/projects/hpn-ssh/ | |
21 | PATCH_DIST_STRIP= -p1 | 21 | PATCH_DIST_STRIP= -p1 | |
22 | .endif | 22 | .endif | |
23 | 23 | |||
24 | .if !empty(PKG_OPTIONS:Mpam) | 24 | .if !empty(PKG_OPTIONS:Mpam) | |
25 | .include "../../mk/pam.buildlink3.mk" | 25 | .include "../../mk/pam.buildlink3.mk" | |
26 | CONFIGURE_ARGS+= --with-pam | 26 | CONFIGURE_ARGS+= --with-pam | |
27 | PLIST_SRC+= ${.CURDIR}/PLIST.pam | 27 | PLIST_SRC+= ${.CURDIR}/PLIST.pam | |
28 | MESSAGE_SRC+= ${.CURDIR}/MESSAGE.pam | 28 | MESSAGE_SRC+= ${.CURDIR}/MESSAGE.pam | |
29 | MESSAGE_SUBST+= EGDIR=${EGDIR} | 29 | MESSAGE_SUBST+= EGDIR=${EGDIR} | |
30 | .endif | 30 | .endif | |
31 | ||||
32 | .if !empty(PKG_OPTIONS:Mldap) | |||
33 | .include "../../databases/openldap-client/buildlink3.mk" | |||
34 | USE_TOOLS+= autoconf | |||
35 | CONFIGURE_ARGS+= --with-ldap | |||
36 | LPK_CONFS+= lpk-user-example.txt \ | |||
37 | openssh-lpk_openldap.schema \ | |||
38 | openssh-lpk_sun.schema | |||
39 | PLIST_SRC+= ${.CURDIR}/PLIST.ldap | |||
40 | ||||
41 | LPK_VERS= 0.3.14 | |||
42 | OPENSSH_VERS= ${DISTNAME:S/openssh-//} | |||
43 | PATCHFILES= openssh-lpk-${OPENSSH_VERS}-${LPK_VERS}.patch.gz | |||
44 | PATCH_SITES= http://gentoo.mirrors.tera-byte.com/distfiles/ | |||
45 | PATCH_DIST_STRIP= -p1 | |||
46 | .endif |