summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTim Rice <tim@multitalents.net>2001-11-03 11:09:32 -0800
committerTim Rice <tim@multitalents.net>2001-11-03 11:09:32 -0800
commite589a299a1c1cf26035cddf3996107500242ba1d (patch)
tree9023b8d5300eab10dde2718cd03db0f7620ac536
parent14a5c99b5c84ab86b34baf4b9e8f454118164815 (diff)
[ contrib/caldera/openssh.spec contrib/caldera/sshd.init]V_3_0_P1
Updates from Raymund Will <ray@caldera.de> [acconfig.h configure.in] Clean up login checks. Problem reported by Jim Knoble <jmknoble@pobox.com>
-rw-r--r--ChangeLog10
-rw-r--r--acconfig.h5
-rw-r--r--configure.ac18
-rw-r--r--contrib/caldera/openssh.spec236
-rwxr-xr-xcontrib/caldera/sshd.init4
5 files changed, 92 insertions, 181 deletions
diff --git a/ChangeLog b/ChangeLog
index fcad3ab9..12045a55 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,10 @@
-20011123
+20011103
+ - (tim) [ contrib/caldera/openssh.spec contrib/caldera/sshd.init] Updates
+ from Raymund Will <ray@caldera.de>
+ [acconfig.h configure.in] Clean up login checks.
+ Problem reported by Jim Knoble <jmknoble@pobox.com>
+
+20011101
- (djm) Compat define for OpenSSL < 0.9.6 (No OPENSSL_free)
20011031
@@ -6795,4 +6801,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
-$Id: ChangeLog,v 1.1630 2001/10/31 22:32:34 djm Exp $
+$Id: ChangeLog,v 1.1631 2001/11/03 19:09:32 tim Exp $
diff --git a/acconfig.h b/acconfig.h
index afebfa5d..1e3b80e6 100644
--- a/acconfig.h
+++ b/acconfig.h
@@ -1,4 +1,4 @@
-/* $Id: acconfig.h,v 1.118 2001/10/22 00:53:59 tim Exp $ */
+/* $Id: acconfig.h,v 1.119 2001/11/03 19:09:33 tim Exp $ */
#ifndef _CONFIG_H
#define _CONFIG_H
@@ -178,9 +178,6 @@
/* Define if you want to specify the path to your wtmpx file */
#undef CONF_WTMPX_FILE
-/* Define is libutil has login() function */
-#undef HAVE_LIBUTIL_LOGIN
-
/* Define if you want external askpass support */
#undef USE_EXTERNAL_ASKPASS
diff --git a/configure.ac b/configure.ac
index 39654a27..e1844eb5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
-# $Id: configure.ac,v 1.3 2001/10/27 17:45:37 tim Exp $
+# $Id: configure.ac,v 1.4 2001/11/03 19:09:33 tim Exp $
AC_INIT
AC_CONFIG_SRCDIR([ssh.c])
@@ -370,9 +370,6 @@ fi
AC_CHECK_FUNC(getspnam, ,
AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen"))
-AC_CHECK_FUNC(login, ,
- AC_CHECK_LIB(util, login,
- AC_DEFINE(HAVE_LIBUTIL_LOGIN) LIBS="$LIBS -lutil"))
dnl zlib is required
AC_ARG_WITH(zlib,
@@ -426,6 +423,11 @@ AC_CHECK_FUNC(utimes,
[], [ AC_CHECK_LIB(c89, utimes, LIBS="$LIBS -lc89") ]
)
+dnl Checks for libutil functions
+AC_CHECK_HEADERS(libutil.h)
+AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN)])
+AC_CHECK_FUNCS(logout updwtmp logwtmp)
+
AC_FUNC_STRFTIME
# Checks for header files.
@@ -617,9 +619,6 @@ int main(int argc, char **argv) {
dnl Checks for time functions
AC_CHECK_FUNCS(gettimeofday time)
-dnl Checks for libutil functions
-AC_CHECK_HEADERS(libutil.h)
-AC_CHECK_FUNCS(login logout updwtmp logwtmp)
dnl Checks for utmp functions
AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent)
AC_CHECK_FUNCS(utmpname)
@@ -632,11 +631,6 @@ AC_CHECK_FUNC(getuserattr,
[AC_CHECK_LIB(s, getuserattr, [LIBS="$LIBS -ls"; AC_DEFINE(HAVE_GETUSERATTR)])]
)
-AC_CHECK_FUNC(login,
- [AC_DEFINE(HAVE_LOGIN)],
- [AC_CHECK_LIB(bsd, login, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_LOGIN)])]
-)
-
AC_CHECK_FUNC(daemon,
[AC_DEFINE(HAVE_DAEMON)],
[AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])]
diff --git a/contrib/caldera/openssh.spec b/contrib/caldera/openssh.spec
index d8bea532..c9269953 100644
--- a/contrib/caldera/openssh.spec
+++ b/contrib/caldera/openssh.spec
@@ -1,30 +1,39 @@
-%define askpass 1.2.4.1
+%define use-stable 1
+%if %{use-stable}
+ %define version 3.0p1
+ %define cvs %{nil}
+ %define release 1
+%else
+ %define version 3.0p1
+ %define cvs cvs20011102
+ %define release 0r1
+%endif
+%define xsa x11-ssh-askpass
+%define askpass %{xsa}-1.2.4.1
Name : openssh
-Version : 3.0p1
-Release : 1
+Version : %{version}%{cvs}
+Release : %{release}
Group : System/Network
-Summary : OpenSSH free Secure Shell (SSH) protocol implementation.
-Summary(de) : OpenSSH - freie Implementation der Secure Shell (SSH).
-Summary(es) : OpenSSH implementación libre de Secure Shell (SSH).
-Summary(fr) : Implémentation libre du shell sécurisé OpenSSH (SSH).
-Summary(it) : Implementazione gratuita OpenSSH della Secure Shell.
-Summary(pt) : Implementação livre OpenSSH do protocolo 'Secure Shell' (SSH).
-Summary(pt_BR) : Implementação livre OpenSSH do protocolo Secure Shell (SSH).
+Summary : OpenSSH free Secure Shell (SSH) implementation.
Copyright : BSD
-Packager : Stephan Seyboth <sps@caldera.de>
-#Icon : .
+Packager : Raymund Will <ray@caldera.de>
URL : http://www.openssh.com/
Obsoletes : ssh, ssh-clients, openssh-clients
BuildRoot : /tmp/%{Name}-%{Version}
-Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{Version}.tar.gz
-Source1: http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/x11-ssh-askpass-%{askpass}.tar.gz
-Source2: http://www.openssh.com/faq.html
+# %{use-stable}==1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable
+# %{use-stable}==0: :pserver:cvs@bass.directhit.com:/cvs/openssh_cvs
+Source0: see-above:/.../openssh-%{Version}.tar.gz
+%if %{use-stable}
+Source1: see-above:/.../openssh-%{Version}.tar.gz.sig
+%endif
+Source2: http://www.ntrnet.net/~jmknoble/software/%{xsa}/%{askpass}.tar.gz
+Source3: http://www.openssh.com/faq.html
%Package server
@@ -33,123 +42,23 @@ Requires : openssh = %{Version}
Obsoletes : ssh-server
Summary : OpenSSH Secure Shell protocol server (sshd).
-Summary(de) : OpenSSH Secure Shell Protocol-Server (sshd).
-Summary(es) : Servidor del protocolo OpenSSH Secure Shell (sshd).
-Summary(fr) : Serveur de protocole du shell sécurisé OpenSSH (sshd).
-Summary(it) : Server OpenSSH per il protocollo Secure Shell (sshd).
-Summary(pt) : Servidor do protocolo 'Secure Shell' OpenSSH (sshd).
-Summary(pt_BR) : Servidor do protocolo Secure Shell OpenSSH (sshd).
%Package askpass
Group : System/Network
Requires : openssh = %{Version}
+URL : http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/
Obsoletes : ssh-extras
Summary : OpenSSH X11 pass-phrase dialog.
-Summary(de) : OpenSSH X11 Passwort-Dialog.
-Summary(es) : Aplicación de petición de frase clave OpenSSH X11.
-Summary(fr) : Dialogue pass-phrase X11 d'OpenSSH.
-Summary(it) : Finestra di dialogo X11 per la frase segreta di OpenSSH.
-Summary(pt) : Diálogo de pedido de senha para X11 do OpenSSH.
-Summary(pt_BR) : Diálogo de pedido de senha para X11 do OpenSSH.
-%Description
-OpenSSH (Secure Shell) provides access to a remote system. It replaces
-telnet, rlogin, rexec, and rsh, and provides secure encrypted
-communications between two untrusted hosts over an insecure network.
-X11 connections and arbitrary TCP/IP ports can also be forwarded over
-the secure channel.
-
-%Description -l de
-OpenSSH (Secure Shell) stellt den Zugang zu anderen Rechnern her. Es ersetzt
-telnet, rlogin, rexec und rsh und stellt eine sichere, verschlüsselte
-Verbindung zwischen zwei nicht vertrauenswürdigen Hosts über eine unsicheres
-Netzwerk her. X11 Verbindungen und beliebige andere TCP/IP Ports können ebenso
-über den sicheren Channel weitergeleitet werden.
-
-%Description -l es
-OpenSSH (Secure Shell) proporciona acceso a sistemas remotos. Reemplaza a
-telnet, rlogin, rexec, y rsh, y proporciona comunicaciones seguras encriptadas
-entre dos equipos entre los que no se ha establecido confianza a través de una
-red insegura. Las conexiones X11 y puertos TCP/IP arbitrarios también pueden
-ser canalizadas sobre el canal seguro.
-
-%Description -l fr
-OpenSSH (Secure Shell) fournit un accès à un système distant. Il remplace
-telnet, rlogin, rexec et rsh, tout en assurant des communications cryptées
-securisées entre deux hôtes non fiabilisés sur un réseau non sécurisé. Des
-connexions X11 et des ports TCP/IP arbitraires peuvent également être
-transmis sur le canal sécurisé.
-
-%Description -l it
-OpenSSH (Secure Shell) fornisce l'accesso ad un sistema remoto.
-Sostituisce telnet, rlogin, rexec, e rsh, e fornisce comunicazioni sicure
-e crittate tra due host non fidati su una rete non sicura. Le connessioni
-X11 ad una porta TCP/IP arbitraria possono essere inoltrate attraverso
-un canale sicuro.
-
-%Description -l pt
-OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o
-telnet, rlogin, rexec, e o rsh e fornece comunicações seguras e cifradas
-entre duas máquinas sem confiança mútua sobre uma rede insegura.
-Ligações X11 e portos TCP/IP arbitrários também poder ser reenviados
-pelo canal seguro.
-
-%Description -l pt_BR
-O OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o
-telnet, rlogin, rexec, e o rsh e fornece comunicações seguras e criptografadas
-entre duas máquinas sem confiança mútua sobre uma rede insegura.
-Ligações X11 e portas TCP/IP arbitrárias também podem ser reenviadas
-pelo canal seguro.
-
-%Description server
-This package installs the sshd, the server portion of OpenSSH.
-
-%Description -l de server
-Dieses Paket installiert den sshd, den Server-Teil der OpenSSH.
-
-%Description -l es server
-Este paquete instala sshd, la parte servidor de OpenSSH.
-
-%Description -l fr server
-Ce paquetage installe le 'sshd', partie serveur de OpenSSH.
-
-%Description -l it server
-Questo pacchetto installa sshd, il server di OpenSSH.
-
-%Description -l pt server
-Este pacote intala o sshd, o servidor do OpenSSH.
-
-%Description -l pt_BR server
-Este pacote intala o sshd, o servidor do OpenSSH.
-
-%Description askpass
-This package contains an X11-based passphrase dialog.
-
-%Description -l de askpass
-Dieses Paket enthält einen X11-basierten Passwort Dialog.
-
-%Description -l es askpass
-Este paquete contiene una aplicación para petición de frases-contraseña basada
-en X11.
-
-%Description -l fr askpass
-Ce paquetage contient un dialogue de passphrase basé sur X11.
-
-%Description -l it askpass
-Questo pacchetto contiene una finestra di X11 che chiede la frase segreta.
-
-%Description -l pt askpass
-Este pacote contém um diálogo de senha para o X11.
-
-%Description -l pt_BR askpass
-Este pacote contem um diálogo de frase-senha para o X11.
-
%Prep
-%setup
-%setup -D -T -a1
+%setup %([ -z "%{cvs}" ] || echo "-n %{Name}_cvs") -a2
+
+%if ! %{use-stable}
+ autoreconf
+%endif
%Build
@@ -158,14 +67,13 @@ CFLAGS="$RPM_OPT_FLAGS" \
--prefix=/usr \
--sysconfdir=/etc/ssh \
--libexecdir=/usr/lib/ssh \
- --datadir=/usr/share/openssh \
--with-pam \
--with-tcp-wrappers \
--with-ipv4-default \
make
-cd x11-ssh-askpass-%{askpass}
+cd %{askpass}
./configure
xmkmf
make includes
@@ -177,61 +85,51 @@ make
make DESTDIR="$DESTDIR" install
-make -C x11-ssh-askpass-%{askpass} DESTDIR="$DESTDIR" \
- BINDIR="/usr/lib/ssh" install
-
-%{fixManPages}
-
-# install remaining docs
-NV="$DESTDIR%{_defaultdocdir}/%{Name}-%{Version}"
-mkdir -p $NV
-cp -a CREDITS ChangeLog LICENCE OVERVIEW README* TODO $NV
-cp %{SOURCE2} $NV/faq.html
-mkdir -p $NV/x11-ssh-askpass-%{askpass}
-cp -a x11-ssh-askpass-%{askpass}/{README,ChangeLog,TODO,SshAskpass*.ad} \
- $NV/x11-ssh-askpass-%{askpass}
-
+make -C %{askpass} BINDIR="/usr/lib/ssh" install
# OpenLinux specific configuration
mkdir -p $DESTDIR/{etc/pam.d,%{SVIcdir},%{SVIdir}}
# enabling X11 forwarding on the server is convenient and okay,
-# on the client side it's a potential security risk!
-%{fixUP} -vg $DESTDIR/etc/ssh/sshd_config 'X11Forwarding no' \
- 'X11Forwarding yes'
-
-cat <<-EOF >> $DESTDIR/etc/ssh/ssh_config
-
- # This retains the old behaviour of trying the SSH1 protocol
- # before the more secure SSH2 one. Note that the SSH2 keys are
- # stored in a different format so you will have to generate and
- # distribute a new public/private key pair to migrate. See the
- # ssh(1) man-page for details
- Host *
- Protocol 1,2
-EOF
+# on the client side we consider it a potential security risk!
+%{fixUP} -vT $DESTDIR/etc/ssh/sshd_config -e '
+ s/X11Forwarding no/X11Forwarding yes/i'
install -m644 contrib/caldera/sshd.pam $DESTDIR/etc/pam.d/sshd
-# FIXME: disabled, find out why this doesn't work with nis
-%{fixUP} -vg $DESTDIR/etc/pam.d/sshd '(.*pam_limits.*)' '#$1'
+# FIXME: disabled, find out why this doesn't work with NIS
+%{fixUP} -vT $DESTDIR/etc/pam.d/sshd -e 's/^(.*pam_limits.*)$/#$1/'
install -m 0755 contrib/caldera/sshd.init $DESTDIR%{SVIdir}/sshd
-%{fixUP} -T $DESTDIR/%{SVIdir} -e 's:\@SVIdir\@:%{SVIdir}:'
-%{fixUP} -T $DESTDIR/%{SVIdir} -e 's:\@sysconfdir\@:/etc/ssh:'
+%{fixUP} -vT $DESTDIR/%{SVIdir} -e 's:\@SVIdir\@:%{SVIdir}: +
+ s:\@sysconfdir\@:/etc/ssh:'
cat <<-EoD > $DESTDIR%{SVIcdir}/sshd
IDENT=sshd
DESCRIPTIVE="OpenSSH secure shell daemon"
# This service will be marked as 'skipped' on boot if there
- # is no host key. Use ssh-host-keygen to generate one
+ # is no host key. Use ssh-host-keygen to generate one.
ONBOOT="yes"
OPTIONS=""
EoD
SKG=$DESTDIR/usr/sbin/ssh-host-keygen
install -m 0755 contrib/caldera/ssh-host-keygen $SKG
-%{fixUP} -T $SKG -e 's:\@sysconfdir\@:/etc/ssh:'
-%{fixUP} -T $SKG -e 's:\@sshkeygen\@:/usr/bin/ssh-keygen:'
+%{fixUP} -T $SKG -e 's:\@sysconfdir\@:/etc/ssh: +
+ s:\@sshkeygen\@:/usr/bin/ssh-keygen:'
+
+
+# install remaining docs
+DocD="$DESTDIR%{_defaultdocdir}/%{Name}-%{Version}"; mkdir -p $DocD/00-LEGAL
+cp -a LICENCE $DocD/00-LEGAL
+cp -a CREDITS ChangeLog OVERVIEW README* TODO $DocD
+install -p -m 0444 -o 0 -g 0 %{SOURCE3} $DocD/faq.html
+mkdir -p $DocD/%{askpass}
+cp -a %{askpass}/{README,ChangeLog,TODO,SshAskpass*.ad} $DocD/%{askpass}
+
+cp -p %{askpass}/%{xsa}.man $DESTDIR/usr/man/man1/%{xsa}.1
+ln -s %{xsa}.1 $DESTDIR/usr/man/man1/ssh-askpass.1
+
+%{fixManPages}
# generate file lists
@@ -245,10 +143,12 @@ askpass askpass
EOF
%{mkLists} -a -f %{Name} << 'EOF'
^/etc * prefix(%%config)
-/usr/X11R6/lib/X11/app-defaults IGNORED
+/usr/X11R6/lib/X11/app-defaults IGNORED
+Ssh.bin IGNORED # for now
[Aa]skpass askpass
%{_defaultdocdir}/%{Name}-%{Version}/ base
ssh-keygen base
+moduli server
sshd server
sftp-server server
.* base
@@ -306,8 +206,22 @@ fi
%defattr(-,root,root)
+%Description
+OpenSSH (Secure Shell) provides access to a remote system. It replaces
+telnet, rlogin, rexec, and rsh, and provides secure encrypted
+communications between two untrusted hosts over an insecure network.
+X11 connections and arbitrary TCP/IP ports can also be forwarded over
+the secure channel.
+
+%Description server
+This package installs the sshd, the server portion of OpenSSH.
+
+%Description askpass
+This package contains an X11-based pass-phrase dialog used per
+default by ssh-add(1). It is based on %{askpass}
+by Jim Knoble <jmknoble@pobox.com>.
+
%ChangeLog
* Mon Jan 01 1998 ...
-Template Version: 1.31
-$Id: openssh.spec,v 1.23 2001/10/24 21:06:08 mouring Exp $
+$Id: openssh.spec,v 1.24 2001/11/03 19:09:33 tim Exp $
diff --git a/contrib/caldera/sshd.init b/contrib/caldera/sshd.init
index e60f8afe..90b36379 100755
--- a/contrib/caldera/sshd.init
+++ b/contrib/caldera/sshd.init
@@ -1,6 +1,6 @@
#! /bin/bash
#
-# $Id: sshd.init,v 1.2 2001/04/27 05:50:50 tim Exp $
+# $Id: sshd.init,v 1.3 2001/11/03 19:09:33 tim Exp $
#
### BEGIN INIT INFO
# Provides:
@@ -37,7 +37,7 @@ _status() {
if [ ! -e $SVIlock ]; then
# no lock-file => not started == stopped?
ret=3
- elif { [ -n "$pidf" ] && [ ! -f "$pidf" ] } || [ -z "$pid" ]; then
+ elif [ -n "$pidf" -a ! -f "$pidf" ] || [ -z "$pid" ]; then
# pid-file given but not present or no pid => died, but was not stopped
ret=2
elif [ -r /proc/$pid/cmdline ] &&