Added support for OpenSSH-lpk The OpenSSH LDAP Public Key patch provides an easy way of centralizing strong user authentication by using an LDAP server for retrieving public keys instead of ~/.ssh/authorized_keys.diff -r1.205 -r1.206 pkgsrc/security/openssh/Makefile
(imil)
| @@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
| 1 | # $NetBSD: Makefile,v 1.205 2012/01/09 05:25:36 manu Exp $ | 1 | # $NetBSD: Makefile,v 1.206 2012/05/31 11:58:37 imil Exp $ | |
| 2 | 2 | |||
| 3 | DISTNAME= openssh-5.8p2 | 3 | DISTNAME= openssh-5.8p2 | |
| 4 | PKGNAME= openssh-5.8.2 | 4 | PKGNAME= openssh-5.8.2 | |
| 5 | PKGREVISION= 5 | 5 | PKGREVISION= 5 | |
| 6 | SVR4_PKGNAME= ossh | 6 | SVR4_PKGNAME= ossh | |
| 7 | CATEGORIES= security | 7 | CATEGORIES= security | |
| 8 | MASTER_SITES= ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \ | 8 | MASTER_SITES= ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \ | |
| 9 | ftp://ftp3.usa.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ | 9 | ftp://ftp3.usa.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ | |
| 10 | ftp://gd.tuwien.ac.at/opsys/OpenBSD/OpenSSH/portable/ \ | 10 | ftp://gd.tuwien.ac.at/opsys/OpenBSD/OpenSSH/portable/ \ | |
| 11 | ftp://ftp.freenet.de/pub/ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ | 11 | ftp://ftp.freenet.de/pub/ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ | |
| 12 | ftp://ftp.jaist.ac.jp/pub/OpenBSD/OpenSSH/portable/ \ | 12 | ftp://ftp.jaist.ac.jp/pub/OpenBSD/OpenSSH/portable/ \ | |
| 13 | ftp://ftp.belnet.be/packages/openbsd/OpenSSH/portable/ | 13 | ftp://ftp.belnet.be/packages/openbsd/OpenSSH/portable/ | |
| 14 | # Don't delete the last entry -- it's there if the pkgsrc version is not | 14 | # Don't delete the last entry -- it's there if the pkgsrc version is not | |
| @@ -167,37 +167,52 @@ RCD_SCRIPT_SRC.sshd= ${WRKDIR}/sshd.sh | @@ -167,37 +167,52 @@ RCD_SCRIPT_SRC.sshd= ${WRKDIR}/sshd.sh | |||
| 167 | PLIST_SRC+= ${.CURDIR}/PLIST | 167 | PLIST_SRC+= ${.CURDIR}/PLIST | |
| 168 | FILES_SUBST+= SSH_PID_DIR=${SSH_PID_DIR:Q} | 168 | FILES_SUBST+= SSH_PID_DIR=${SSH_PID_DIR:Q} | |
| 169 | 169 | |||
| 170 | SUBST_CLASSES+= patch | 170 | SUBST_CLASSES+= patch | |
| 171 | SUBST_STAGE.patch= pre-configure | 171 | SUBST_STAGE.patch= pre-configure | |
| 172 | SUBST_FILES.patch= session.c | 172 | SUBST_FILES.patch= session.c | |
| 173 | SUBST_SED.patch= -e '/channel_input_port_forward_request/s/0/ROOTUID/' | 173 | SUBST_SED.patch= -e '/channel_input_port_forward_request/s/0/ROOTUID/' | |
| 174 | SUBST_MESSAGE.patch= More patch a file. | 174 | SUBST_MESSAGE.patch= More patch a file. | |
| 175 | 175 | |||
| 176 | .include "../../devel/zlib/buildlink3.mk" | 176 | .include "../../devel/zlib/buildlink3.mk" | |
| 177 | .include "../../security/openssl/buildlink3.mk" | 177 | .include "../../security/openssl/buildlink3.mk" | |
| 178 | .include "../../security/tcp_wrappers/buildlink3.mk" | 178 | .include "../../security/tcp_wrappers/buildlink3.mk" | |
| 179 | 179 | |||
| 180 | .if !empty(PKG_OPTIONS:Mldap) | |||
| 181 | DOCDIR= ${PREFIX}/share/doc/openssh | |||
| 182 | INSTALLATION_DIRS+= ${DOCDIR} | |||
| 183 | ||||
| 184 | pre-configure: | |||
| 185 | cd ${WRKSRC} && autoconf | |||
| 186 | .endif | |||
| 187 | ||||
| 180 | # | 188 | # | |
| 181 | # type of key "ecdsa" isn't always supported depends on OpenSSL. | 189 | # type of key "ecdsa" isn't always supported depends on OpenSSL. | |
| 182 | # | 190 | # | |
| 183 | post-configure: | 191 | post-configure: | |
| 184 | if ${EGREP} -q '^\#define[ ]+OPENSSL_HAS_ECC' \ | 192 | if ${EGREP} -q '^\#define[ ]+OPENSSL_HAS_ECC' \ | |
| 185 | ${WRKSRC}/config.h; then \ | 193 | ${WRKSRC}/config.h; then \ | |
| 186 | ${SED} -e '/HAVE_ECDSA/s/.*//' \ | 194 | ${SED} -e '/HAVE_ECDSA/s/.*//' \ | |
| 187 | ${FILESDIR}/sshd.sh > ${WRKDIR}/sshd.sh; \ | 195 | ${FILESDIR}/sshd.sh > ${WRKDIR}/sshd.sh; \ | |
| 188 | else \ | 196 | else \ | |
| 189 | ${SED} -e '/HAVE_ECDSA_START/,/HAVE_ECDSA_STOP/d' \ | 197 | ${SED} -e '/HAVE_ECDSA_START/,/HAVE_ECDSA_STOP/d' \ | |
| 190 | ${FILESDIR}/sshd.sh > ${WRKDIR}/sshd.sh; \ | 198 | ${FILESDIR}/sshd.sh > ${WRKDIR}/sshd.sh; \ | |
| 191 | fi | 199 | fi | |
| 192 | 200 | |||
| 193 | post-install: | 201 | post-install: | |
| 194 | ${INSTALL_DATA_DIR} ${DESTDIR}${EGDIR} | 202 | ${INSTALL_DATA_DIR} ${DESTDIR}${EGDIR} | |
| 195 | cd ${WRKSRC}; for file in ${CONFS}; do \ | 203 | cd ${WRKSRC}; for file in ${CONFS}; do \ | |
| 196 | ${INSTALL_DATA} $${file}.out ${DESTDIR}${EGDIR}/$${file}; \ | 204 | ${INSTALL_DATA} $${file}.out ${DESTDIR}${EGDIR}/$${file}; \ | |
| 197 | done | 205 | done | |
| 198 | .if !empty(PKG_OPTIONS:Mpam) && ${OPSYS} == "Linux" | 206 | .if !empty(PKG_OPTIONS:Mpam) && ${OPSYS} == "Linux" | |
| 199 | ${INSTALL_DATA} ${WRKSRC}/contrib/sshd.pam.generic \ | 207 | ${INSTALL_DATA} ${WRKSRC}/contrib/sshd.pam.generic \ | |
| 200 | ${DESTDIR}${EGDIR}/sshd.pam | 208 | ${DESTDIR}${EGDIR}/sshd.pam | |
| 201 | .endif | 209 | .endif | |
| 210 | .if !empty(PKG_OPTIONS:Mldap) | |||
| 211 | ${INSTALL_DATA} ${WRKSRC}/README.lpk \ | |||
| 212 | ${DESTDIR}${DOCDIR} | |||
| 213 | cd ${WRKSRC}; for file in ${LPK_CONFS}; do \ | |||
| 214 | ${INSTALL_DATA} $${file} ${DESTDIR}${EGDIR}/$${file}; \ | |||
| 215 | done | |||
| 216 | .endif | |||
| 202 | 217 | |||
| 203 | .include "../../mk/bsd.pkg.mk" | 218 | .include "../../mk/bsd.pkg.mk" |
@comment $NetBSD: PLIST.ldap,v 1.1 2012/05/31 11:58:37 imil Exp $
share/doc/openssh/README.lpk
share/examples/openssh/lpk-user-example.txt
share/examples/openssh/openssh-lpk_openldap.schema
share/examples/openssh/openssh-lpk_sun.schema
| @@ -1,21 +1,21 @@ | @@ -1,21 +1,21 @@ | |||
| 1 | $NetBSD: distinfo,v 1.81 2011/08/18 09:22:02 taca Exp $ | 1 | $NetBSD: distinfo,v 1.82 2012/05/31 11:58:37 imil Exp $ | |
| 2 | 2 | |||
| 3 | SHA1 (openssh-5.8p1-hpn13v11.diff.gz) = ea61ab71605ee867eebc1a92875a3ea5369e2d28 | |||
| 4 | RMD160 (openssh-5.8p1-hpn13v11.diff.gz) = 45fbb8e2db2f829f2749cd745ed6a0542adb1c45 | |||
| 5 | Size (openssh-5.8p1-hpn13v11.diff.gz) = 22993 bytes | |||
| 6 | SHA1 (openssh-5.8p2.tar.gz) = 64798328d310e4f06c9f01228107520adbc8b3e5 | 3 | SHA1 (openssh-5.8p2.tar.gz) = 64798328d310e4f06c9f01228107520adbc8b3e5 | |
| 7 | RMD160 (openssh-5.8p2.tar.gz) = f70cdb10983c389b1d6e52da522b9ff8256f1aff | 4 | RMD160 (openssh-5.8p2.tar.gz) = f70cdb10983c389b1d6e52da522b9ff8256f1aff | |
| 8 | Size (openssh-5.8p2.tar.gz) = 1115475 bytes | 5 | Size (openssh-5.8p2.tar.gz) = 1115475 bytes | |
| 6 | SHA1 (openssh-lpk-5.8p2-0.3.14.patch.gz) = 9eab90211363e6ea74e250d072cf14b69516bc0e | |||
| 7 | RMD160 (openssh-lpk-5.8p2-0.3.14.patch.gz) = ca008e5c8c1f43be334f6e4e598d79d0153e94e5 | |||
| 8 | Size (openssh-lpk-5.8p2-0.3.14.patch.gz) = 18656 bytes | |||
| 9 | SHA1 (patch-aa) = 59a39e53367983145e11150018a7f6f185df7bd5 | 9 | SHA1 (patch-aa) = 59a39e53367983145e11150018a7f6f185df7bd5 | |
| 10 | SHA1 (patch-ab) = 45ae7e91a00fc6d3fdb6cd6b91950d7aae58a55f | 10 | SHA1 (patch-ab) = 45ae7e91a00fc6d3fdb6cd6b91950d7aae58a55f | |
| 11 | SHA1 (patch-ac) = 7cd1129633649327f4f44cecc10b617c5cd34ec3 | 11 | SHA1 (patch-ac) = 7cd1129633649327f4f44cecc10b617c5cd34ec3 | |
| 12 | SHA1 (patch-ad) = ce7c34a1810ad4f44be935c5479c53109a306d1d | 12 | SHA1 (patch-ad) = ce7c34a1810ad4f44be935c5479c53109a306d1d | |
| 13 | SHA1 (patch-ae) = 4ec1007b03d4bf28ddd1dcfdf2ec7c5295a69df5 | 13 | SHA1 (patch-ae) = 4ec1007b03d4bf28ddd1dcfdf2ec7c5295a69df5 | |
| 14 | SHA1 (patch-af) = ca3224af0b648803404776a8c12ed678db4f8ff6 | 14 | SHA1 (patch-af) = ca3224af0b648803404776a8c12ed678db4f8ff6 | |
| 15 | SHA1 (patch-ag) = 0cdcc0f235119fb0603bb112492dd5ba66e6ad04 | 15 | SHA1 (patch-ag) = 0cdcc0f235119fb0603bb112492dd5ba66e6ad04 | |
| 16 | SHA1 (patch-ah) = 0dad388fe5204ee6ca5d90ba1e684e18df38ccf1 | 16 | SHA1 (patch-ah) = 0dad388fe5204ee6ca5d90ba1e684e18df38ccf1 | |
| 17 | SHA1 (patch-ai) = becad6262e5daeef2a6db14097a8971c40088403 | 17 | SHA1 (patch-ai) = becad6262e5daeef2a6db14097a8971c40088403 | |
| 18 | SHA1 (patch-aj) = 5c89b4a7da59f05c50c16083aa6dd6e465cd0305 | 18 | SHA1 (patch-aj) = 5c89b4a7da59f05c50c16083aa6dd6e465cd0305 | |
| 19 | SHA1 (patch-ak) = 00b594fec3c366ed134b7ced5c3bc3fcf7b56357 | 19 | SHA1 (patch-ak) = 00b594fec3c366ed134b7ced5c3bc3fcf7b56357 | |
| 20 | SHA1 (patch-al) = ffd15b2ef3cb6b57419c0f6f1f4f795e497382d7 | 20 | SHA1 (patch-al) = ffd15b2ef3cb6b57419c0f6f1f4f795e497382d7 | |
| 21 | SHA1 (patch-am) = 416471d27aedd44dc56007da46805d90f3d9957f | 21 | SHA1 (patch-am) = 416471d27aedd44dc56007da46805d90f3d9957f |
| @@ -1,30 +1,46 @@ | @@ -1,30 +1,46 @@ | |||
| 1 | # $NetBSD: options.mk,v 1.22 2012/01/09 05:25:36 manu Exp $ | 1 | # $NetBSD: options.mk,v 1.23 2012/05/31 11:58:37 imil Exp $ | |
| 2 | 2 | |||
| 3 | .include "../../mk/bsd.prefs.mk" | 3 | .include "../../mk/bsd.prefs.mk" | |
| 4 | 4 | |||
| 5 | PKG_OPTIONS_VAR= PKG_OPTIONS.openssh | 5 | PKG_OPTIONS_VAR= PKG_OPTIONS.openssh | |
| 6 | PKG_SUPPORTED_OPTIONS= kerberos hpn-patch pam | 6 | PKG_SUPPORTED_OPTIONS= kerberos hpn-patch ldap pam | |
| 7 | 7 | |||
| 8 | .include "../../mk/bsd.options.mk" | 8 | .include "../../mk/bsd.options.mk" | |
| 9 | 9 | |||
| 10 | .if !empty(PKG_OPTIONS:Mkerberos) | 10 | .if !empty(PKG_OPTIONS:Mkerberos) | |
| 11 | . include "../../mk/krb5.buildlink3.mk" | 11 | . include "../../mk/krb5.buildlink3.mk" | |
| 12 | CONFIGURE_ARGS+= --with-kerberos5=${KRB5BASE:Q} | 12 | CONFIGURE_ARGS+= --with-kerberos5=${KRB5BASE:Q} | |
| 13 | . if ${KRB5_TYPE} == "mit-krb5" | 13 | . if ${KRB5_TYPE} == "mit-krb5" | |
| 14 | CONFIGURE_ENV+= ac_cv_search_k_hasafs=no | 14 | CONFIGURE_ENV+= ac_cv_search_k_hasafs=no | |
| 15 | . endif | 15 | . endif | |
| 16 | .endif | 16 | .endif | |
| 17 | 17 | |||
| 18 | .if !empty(PKG_OPTIONS:Mhpn-patch) | 18 | .if !empty(PKG_OPTIONS:Mhpn-patch) | |
| 19 | PATCHFILES= openssh-5.8p1-hpn13v11.diff.gz | 19 | PATCHFILES= openssh-5.8p1-hpn13v11.diff.gz | |
| 20 | PATCH_SITES= http://www.psc.edu/networking/projects/hpn-ssh/ | 20 | PATCH_SITES= http://www.psc.edu/networking/projects/hpn-ssh/ | |
| 21 | PATCH_DIST_STRIP= -p1 | 21 | PATCH_DIST_STRIP= -p1 | |
| 22 | .endif | 22 | .endif | |
| 23 | 23 | |||
| 24 | .if !empty(PKG_OPTIONS:Mpam) | 24 | .if !empty(PKG_OPTIONS:Mpam) | |
| 25 | .include "../../mk/pam.buildlink3.mk" | 25 | .include "../../mk/pam.buildlink3.mk" | |
| 26 | CONFIGURE_ARGS+= --with-pam | 26 | CONFIGURE_ARGS+= --with-pam | |
| 27 | PLIST_SRC+= ${.CURDIR}/PLIST.pam | 27 | PLIST_SRC+= ${.CURDIR}/PLIST.pam | |
| 28 | MESSAGE_SRC+= ${.CURDIR}/MESSAGE.pam | 28 | MESSAGE_SRC+= ${.CURDIR}/MESSAGE.pam | |
| 29 | MESSAGE_SUBST+= EGDIR=${EGDIR} | 29 | MESSAGE_SUBST+= EGDIR=${EGDIR} | |
| 30 | .endif | 30 | .endif | |
| 31 | ||||
| 32 | .if !empty(PKG_OPTIONS:Mldap) | |||
| 33 | .include "../../databases/openldap-client/buildlink3.mk" | |||
| 34 | USE_TOOLS+= autoconf | |||
| 35 | CONFIGURE_ARGS+= --with-ldap | |||
| 36 | LPK_CONFS+= lpk-user-example.txt \ | |||
| 37 | openssh-lpk_openldap.schema \ | |||
| 38 | openssh-lpk_sun.schema | |||
| 39 | PLIST_SRC+= ${.CURDIR}/PLIST.ldap | |||
| 40 | ||||
| 41 | LPK_VERS= 0.3.14 | |||
| 42 | OPENSSH_VERS= ${DISTNAME:S/openssh-//} | |||
| 43 | PATCHFILES= openssh-lpk-${OPENSSH_VERS}-${LPK_VERS}.patch.gz | |||
| 44 | PATCH_SITES= http://gentoo.mirrors.tera-byte.com/distfiles/ | |||
| 45 | PATCH_DIST_STRIP= -p1 | |||
| 46 | .endif |