aboutsummaryrefslogtreecommitdiffstats
path: root/main/openssh
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2015-05-21 12:37:16 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2015-05-21 12:45:34 +0000
commita439ca13411b044211fcb9a8137647ce4033b448 (patch)
tree917e161ce9be7de721420fc24b1b2bb2c5ae3bca /main/openssh
parentc8ee1cb2287617b540656b4352052fec0e382132 (diff)
downloadaports-a439ca13411b044211fcb9a8137647ce4033b448.tar.bz2
aports-a439ca13411b044211fcb9a8137647ce4033b448.tar.xz
main/openssh: add support for disable keygen
Add support for SSHD_DISABLE_KEYGEN in /etc/conf.d/sshd to make it possible disable host key generation at startup. Also sync with gentoo's init.d script fixes #4171
Diffstat (limited to 'main/openssh')
-rw-r--r--main/openssh/APKBUILD8
-rwxr-xr-xmain/openssh/sshd.initd67
2 files changed, 38 insertions, 37 deletions
diff --git a/main/openssh/APKBUILD b/main/openssh/APKBUILD
index c69d72d91c..e1b8291f92 100644
--- a/main/openssh/APKBUILD
+++ b/main/openssh/APKBUILD
@@ -2,7 +2,7 @@
pkgname=openssh
pkgver=6.8_p1
_myver=${pkgver%_*}${pkgver#*_}
-pkgrel=1
+pkgrel=2
pkgdesc="Port of OpenBSD's free SSH release"
url="http://www.openssh.org/portable.html"
arch="all"
@@ -110,20 +110,20 @@ md5sums="08f72de6751acfbd0892b5f003922701 openssh-6.8p1.tar.gz
cd52fe99cb4b7d0d847bf5d710d93564 openssh6.5-peaktput.diff
c6e29d7d88529a66d857657753f39694 openssh6.8-dynwindows.diff
37fbfe9cfb9a5e2454382ea8c79ed2e1 openssh-fix-utmp.diff
-dbc330ab8b8f310567742bd24cde171d sshd.initd
+e3fd4d42e2664b6c37f0c636f5e7a5d8 sshd.initd
b35e9f3829f4cfca07168fcba98749c7 sshd.confd
2dd7e366607e95f9762273067309fd6e openssh-sftp-interactive.diff"
sha256sums="3ff64ce73ee124480b5bf767b9830d7d3c03bbcb6abe716b78f0192c37ce160e openssh-6.8p1.tar.gz
bf49212e47a86d10650f739532cea514a310925e6445b4f8011031b6b55f3249 openssh6.5-peaktput.diff
bf0f00bd88a7224ea0618f6e347a6a805c4e5acd869196725a3923d711ff1246 openssh6.8-dynwindows.diff
1c85437fd94aa4fc269e6297e4eb790baa98c39949ec0410792c09ee31ba9782 openssh-fix-utmp.diff
-0a1c12843786c6be50c02292e41b23b2eadb54b9a2da1161f2a4306860a09636 sshd.initd
+cf053bee46c7037bdab3b3575c7080f4b514d8623c023a4dcfccb4cdcff179cf sshd.initd
29c6d57ac3ec6018cadc6ba6cd9b90c9ed46e20049b970fdcc68ee2481a2ee41 sshd.confd
4ce1ad5f767c0f4e854a0cfeef0e2e400f333c649e552df1ecc317e6a6557376 openssh-sftp-interactive.diff"
sha512sums="7c4457e4525a56cdabb1164ffaf6bed1c094294ae7d06dd3484dcffcd87738fcffe7019b6cae0032c254b0389832644522d5a9f2603b50637ffeb9999b5fcede openssh-6.8p1.tar.gz
e041398e177674f698480e23be037160bd07b751c754956a3ddf1b964da24c85e826fb75e7c23c9826d36761da73d08db9583c047d58a08dc7b2149a949075b1 openssh6.5-peaktput.diff
307ca56d2bae53f2f2852a695de440843a457c4000524d1b7dbcf2f46f70ae4f8ba7309273b62287ad5eef2005e2911dd737a0f55605352397b8f557d78e18df openssh6.8-dynwindows.diff
f35fffcd26635249ce5d820e7b3e406e586f2d2d7f6a045f221e2f9fb53aebc1ab1dd1e603b3389462296ed77921a1d08456e7aaa3825cbed08f405b381a58e1 openssh-fix-utmp.diff
-9617fc0bf0e25014422b2cda5b7edfa207fd7a05a22c93d237411c4d041f714141c81290b8a0441a8a277263a1ea8f8000ae89e955eb1a3c999c0c1217b93a2e sshd.initd
+4c24dd9c3cc9ca97bc77bbabb4128e9e043d71523a4bfb93dae65882db1b397f80dc432a9dd013a0aafba1bc0864700d0c8613d444de244d540ff026ffc57e80 sshd.initd
b9ae816af54a55e134a9307e376f05367b815f1b3fd545c2a2c312d18aedcf907f413e8bad8db980cdd9aad4011a72a79e1e94594f69500939a9cb46287f2f81 sshd.confd
c1d09c65dbc347f0904edc30f91aa9a24b0baee50309536182455b544f1e3f85a8cecfa959e32be8b101d8282ef06dde3febbbc3f315489339dcf04155c859a9 openssh-sftp-interactive.diff"
diff --git a/main/openssh/sshd.initd b/main/openssh/sshd.initd
index 9edeb06cba..ae116f0e18 100755
--- a/main/openssh/sshd.initd
+++ b/main/openssh/sshd.initd
@@ -1,61 +1,62 @@
#!/sbin/openrc-run
-# Copyright 1999-2011 Gentoo Foundation
+# Copyright 1999-2015 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/files/sshd.rc6.3,v 1.2 2011/09/14 21:46:19 polynomial-c Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/files/sshd.rc6.4,v 1.5 2015/05/04 02:56:25 vapier Exp $
-extra_commands="checkconfig gen_keys"
+extra_commands="checkconfig"
extra_started_commands="reload"
+: ${SSHD_CONFDIR:=/etc/ssh}
+: ${SSHD_CONFIG:=${SSHD_CONFDIR}/sshd_config}
+: ${SSHD_PIDFILE:=/var/run/${SVCNAME}.pid}
+: ${SSHD_BINARY:=/usr/sbin/sshd}
+
depend() {
use logger dns
- need net
- after firewall
+ if [ "${rc_need+set}" = "set" ] ; then
+ : # Do nothing, the user has explicitly set rc_need
+ else
+ local x warn_addr
+ for x in $(awk '/^ListenAddress/{ print $2 }' "$SSHD_CONFIG" 2>/dev/null) ; do
+ case "${x}" in
+ 0.0.0.0|0.0.0.0:*) ;;
+ ::|\[::\]*) ;;
+ *) warn_addr="${warn_addr} ${x}" ;;
+ esac
+ done
+ if [ -n "${warn_addr}" ] ; then
+ need net
+ ewarn "You are binding an interface in ListenAddress statement in your sshd_config!"
+ ewarn "You must add rc_need=\"net.FOO\" to your /etc/conf.d/sshd"
+ ewarn "where FOO is the interface(s) providing the following address(es):"
+ ewarn "${warn_addr}"
+ fi
+ fi
}
-SSHD_CONFDIR=${SSHD_CONFDIR:-/etc/ssh}
-SSHD_PIDFILE=${SSHD_PIDFILE:-/var/run/${SVCNAME}.pid}
-SSHD_BINARY=${SSHD_BINARY:-/usr/sbin/sshd}
-
checkconfig() {
if [ ! -d /var/empty ] ; then
mkdir -p /var/empty || return 1
fi
- if [ ! -e "${SSHD_CONFDIR}"/sshd_config ] ; then
- eerror "You need an ${SSHD_CONFDIR}/sshd_config file to run sshd"
+ if [ ! -e "${SSHD_CONFIG}" ] ; then
+ eerror "You need an ${SSHD_CONFIG} file to run sshd"
eerror "There is a sample file in /usr/share/doc/openssh"
return 1
fi
- gen_keys || return 1
+ if ! yesno "${SSHD_DISABLE_KEYGEN}"; then
+ ssh-keygen -A || return 1
+ fi
[ "${SSHD_PIDFILE}" != "/var/run/sshd.pid" ] \
&& SSHD_OPTS="${SSHD_OPTS} -o PidFile=${SSHD_PIDFILE}"
- [ "${SSHD_CONFDIR}" != "/etc/ssh" ] \
- && SSHD_OPTS="${SSHD_OPTS} -f ${SSHD_CONFDIR}/sshd_config"
+ [ "${SSHD_CONFIG}" != "/etc/ssh/sshd_config" ] \
+ && SSHD_OPTS="${SSHD_OPTS} -f ${SSHD_CONFIG}"
"${SSHD_BINARY}" -t ${SSHD_OPTS} || return 1
}
-gen_key() {
- local type=$1 key ks
- [ $# -eq 1 ] && ks="${type}_"
- key="${SSHD_CONFDIR}/ssh_host_${ks}key"
- if [ ! -e "${key}" ] ; then
- ebegin "Generating ${type} host key"
- ssh-keygen -t ${type} -f "${key}" -N ''
- eend $? || return $?
- fi
-}
-
-gen_keys() {
- if egrep -q '^[[:space:]]*Protocol[[:space:]]+.*1' "${SSHD_CONFDIR}"/sshd_config ; then
- gen_key rsa1 "" || return 1
- fi
- gen_key dsa && gen_key rsa && gen_key ecdsa && gen_key ed25519
- return $?
-}
-
start() {
checkconfig || return 1