wok view openssh/receipt @ rev 24099

Up openssh (8.7p1)
author Pascal Bellard <pascal.bellard@slitaz.org>
date Thu Sep 16 08:39:38 2021 +0000 (2021-09-16)
parents 7bea68e23e6b
children 980adf6bb9e7
line source
1 # SliTaz package receipt.
2
3 PACKAGE="openssh"
4 VERSION="8.7p1"
5 CATEGORY="security"
6 SHORT_DESC="Openbsd Secure Shell."
7 MAINTAINER="pascal.bellard@slitaz.org"
8 LICENSE="BSD"
9 TARBALL="$PACKAGE-$VERSION.tar.gz"
10 WEB_SITE="http://www.openssh.org/"
11 WGET_URL="https://ftp.fr.openbsd.org/pub/OpenBSD/OpenSSH/portable/$TARBALL"
12 CONFIG_FILES="/etc/ssh/*config /etc/ssh/moduli"
13 SECRET_FILES="/etc/ssh/*key*"
14 TAGS="ssh security"
15 HOST_ARCH="i486 arm"
16
17 SPLIT="sftp-server"
18 PROVIDE="ssh"
19 DEPENDS="sftp-server libcrypto zlib"
20 BUILD_DEPENDS="libcrypto-dev zlib-dev openssl-dev gtk+-dev"
21 SUGGESTED="gtk+"
22 TAZPANEL_DAEMON="man::sshd|edit::/etc/ssh/sshd_config|options|web::$WEB_SITE"
23
24 current_version()
25 {
26 wget -O - ${WGET_URL%/*}/ 2>/dev/null | \
27 sed '/tar..z"/!d;s|.*ssh-\(.*\).tar..z".*|\1|' | tail -n1
28 }
29
30 # Rules to configure and make the package.
31 compile_rules()
32 {
33 unset LD # for cross compiling with --disable-strip
34 ./configure \
35 --prefix=/usr \
36 --sysconfdir=/etc/ssh \
37 --libexecdir=/usr/sbin \
38 --with-privsep-user=nobody \
39 --with-xauth=/usr/bin/xauth \
40 --with-privsep-path=/var/run/sshd \
41 --without-pam \
42 --disable-strip \
43 $CONFIGURE_ARGS &&
44 make STRIP_OPT="" &&
45 make -j 1 DESTDIR=$DESTDIR install
46 install -d -m 755 $DESTDIR/usr/share/doc &&
47 install -m 644 $src/[A-Z][A-Z]* $DESTDIR/usr/share/doc
48 cd contrib &&
49 cc -Wall $(pkg-config --cflags gtk+-2.0) gnome-ssh-askpass2.c \
50 -o gnome-ssh-askpass $(pkg-config --libs gtk+-2.0) -lX11 &&
51 cp gnome-ssh-askpass $DESTDIR/usr/bin/ssh-askpass
52 }
53
54 # Rules to gen a SliTaz package suitable for Tazpkg.
55 genpkg_rules()
56 {
57 mkdir -p $fs/usr $fs/etc/init.d $fs/etc/ssh
58 cp -a $install/usr/sbin $install/usr/bin $fs/usr
59 rm -f $fs/usr/sbin/sftp-server
60 install -m 755 -oroot -groot $src/contrib/ssh-copy-id $fs/usr/bin
61 cp $src/contrib/ssh-copy-id.1 $install/usr/share/man/cat1
62 cp -a $install/etc $fs
63 cp $stuff/openssh $fs/etc/init.d
64 sed -i 's|/usr/libexec/sftp-server|/usr/sbin/sftp-server|' \
65 $fs/etc/ssh/sshd_config
66
67 cat >> $fs/etc/ssh/ssh_config <<EOT
68
69 # client bug CVE-2016-0777 and CVE-2016-0778
70 Host *
71 UseRoaming no
72
73 # From https://wiki.gentoo.org/wiki/SSH_jump_host
74 Host *+*
75 ProxyCommand ssh \$(echo %h | sed 's/+[^+]*$//;s/\\([^+%%]*\\)%%\\([^+]*\\)\$/\\2 -l \\1/;s/:/ -p /') exec nc -w1 \$(echo %h | sed 's/^.*+//;/:/!s/\$/ %p/;s/:/ /')
76
77 EOT
78 }
79
80 post_install()
81 {
82 grep -q ssh "$1/etc/inetd.conf" || cat >> "$1/etc/inetd.conf" <<EOT
83 #ssh stream tcp nowait root sshd sshd -i
84 EOT
85 while read dropbear openssh ; do
86 [ -s "$1$dropbear" ] || continue
87 [ -s "$1$openssh" ] && continue
88 chroot "$1/" dropbearconvert dropbear openssh $dropbear $openssh
89 chroot "$1/" dropbearkey -y -f $dropbear | grep ssh > "$1$openssh.pub"
90 chroot "$1/" dropbearkey -y -f $dropbear | grep Fingerprint
91 done <<EOT
92 /etc/dropbear/dropbear_rsa_host_key /etc/ssh/ssh_host_rsa_key
93 /etc/dropbear/dropbear_dss_host_key /etc/ssh/ssh_host_dsa_key
94 /etc/dropbear/dropbear_ecdsa_host_key /etc/ssh/ssh_host_ecdsa_key
95 /etc/dropbear/dropbear_ed25519_host_key /etc/ssh/ssh_host_ed25519_key
96 EOT
97
98 chroot "$1/" ssh-keygen -A
99 }
100
101 post_remove()
102 {
103 grep -q sshd "$1/etc/inetd.conf" && sed -i '/sshd/d' "$1/etc/inetd.conf"
104 }