# Maintainer: Natanael Copa pkgname=openssh pkgver=6.9_p1 _myver=${pkgver%_*}${pkgver#*_} pkgrel=4 pkgdesc="Port of OpenBSD's free SSH release" url="http://www.openssh.org/portable.html" arch="all" license="as-is" options="suid" depends="openssh-client openssh-sftp-server" makedepends="openssl-dev zlib-dev" subpackages="$pkgname-doc $pkgname-client $pkgname-keysign $pkgname-sftp-server:sftp" source="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$pkgname-$_myver.tar.gz CVE-2015-5600.patch CVE-2015-6563.patch CVE-2015-6564.patch CVE-2015-6565.patch openssh6.5-peaktput.diff openssh6.9-dynwindows.diff openssh-fix-utmp.diff sshd.initd sshd.confd openssh-sftp-interactive.diff " # HPN patches are from: http://www.psc.edu/index.php/hpn-ssh _builddir="$srcdir"/$pkgname-$_myver prepare() { cd "$_builddir" for i in $source; do case "$i" in *.diff.gz) msg "Applying $i" gunzip -c "$srcdir"/"${i##*/}" | patch -p1 -N || return 1 ;; *.diff|*.patch) msg "Applying $i" patch -p1 -N -i "$srcdir"/${i##*/} || return 1 ;; esac done sed -i -e '/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:/usr/bin/xauth:' \ pathnames.h || return 1 } build () { cd "$_builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ --prefix=/usr \ --sysconfdir=/etc/ssh \ --datadir=/usr/share/openssh \ --libexecdir=/usr/lib/ssh \ --mandir=/usr/share/man \ --with-mantype=man \ --with-ldflags="${LDFLAGS}" \ --disable-strip \ --disable-lastlog \ --disable-wtmp \ --with-privsep-path=/var/empty \ --with-privsep-user=sshd \ --with-md5-passwords \ --with-ssl-engine \ --without-pam \ || return 1 make || return 1 } package() { cd "$_builddir" make DESTDIR="$pkgdir" install || return 1 mkdir -p "$pkgdir"/var/empty install -D -m755 "$srcdir"/sshd.initd \ "$pkgdir"/etc/init.d/sshd || return 1 install -D -m644 "$srcdir"/sshd.confd \ "$pkgdir"/etc/conf.d/sshd || return 1 install -Dm644 "$_builddir"/contrib/ssh-copy-id.1 \ "$pkgdir"/usr/share/man/man1/ssh-copy-id.1 || return 1 sed -i 's/#UseDNS yes/UseDNS no/' "$pkgdir"/etc/ssh/sshd_config } client() { pkgdesc="OpenBSD's SSH client" replaces="openssh" depends= install -d "$subpkgdir"/usr/bin \ "$subpkgdir"/usr/lib/ssh \ "$subpkgdir"/etc/ssh \ "$subpkgdir"/var/run \ "$subpkgdir"/var/empty mv "$pkgdir"/usr/bin/* \ "$subpkgdir"/usr/bin/ || return 1 mv "$pkgdir"/etc/ssh/ssh_config \ "$pkgdir"/etc/ssh/moduli \ "$subpkgdir"/etc/ssh/ || return 1 install -Dm755 "$_builddir"/contrib/findssl.sh \ "$subpkgdir"/usr/bin/findssl.sh || return 1 install -Dm755 "$_builddir"/contrib/ssh-copy-id \ "$subpkgdir"/usr/bin/ssh-copy-id || return 1 } keysign() { pkgdesc="ssh helper program for host-based authentication" depends="openssh-client" install -d "$subpkgdir"/usr/lib/ssh || return 1 mv "$pkgdir"/usr/lib/ssh/ssh-keysign \ "$subpkgdir"/usr/lib/ssh/ || return 1 } sftp() { pkgdesc="ssh sftp server module" depends="" install -d "$subpkgdir"/usr/lib/ssh || return 1 mv "$pkgdir"/usr/lib/ssh/sftp-server \ "$subpkgdir"/usr/lib/ssh/ || return 1 } md5sums="0b161c44fc31fbc6b76a6f8ae639f16f openssh-6.9p1.tar.gz f3e17e9514d246d415fb6388609bc0f8 CVE-2015-5600.patch ae3ac6c890f3172327118f3b793e7f05 CVE-2015-6563.patch 9e107e2636250f33199ba47550ceca1e CVE-2015-6564.patch 449775b5ce63d85331f78784eeb70f78 CVE-2015-6565.patch cd52fe99cb4b7d0d847bf5d710d93564 openssh6.5-peaktput.diff 3880d0b657ed1c58f8747c17e6be4483 openssh6.9-dynwindows.diff 37fbfe9cfb9a5e2454382ea8c79ed2e1 openssh-fix-utmp.diff e3fd4d42e2664b6c37f0c636f5e7a5d8 sshd.initd b35e9f3829f4cfca07168fcba98749c7 sshd.confd 2dd7e366607e95f9762273067309fd6e openssh-sftp-interactive.diff" sha256sums="6e074df538f357d440be6cf93dc581a21f22d39e236f217fcd8eacbb6c896cfe openssh-6.9p1.tar.gz 8ce7fa061a4d3a0ac94f07ac694551ac1c5c1e5f82daf04a6434b69761c2fb6e CVE-2015-5600.patch 044c3ceeb69c4812414bc605d3fd1f49e48623fe75b958f130420c9a3a3d3914 CVE-2015-6563.patch 0f4db4d65edbbef21862ac10714bdd4f8911cf9f9b6eb220f94663be0c4872c8 CVE-2015-6564.patch cd30c1f083f810d71d91eb03ad08e2cb46652cb80dc40560729e308d4fab8a81 CVE-2015-6565.patch bf49212e47a86d10650f739532cea514a310925e6445b4f8011031b6b55f3249 openssh6.5-peaktput.diff 6340934b3178fda8ce9f70a2349389fcd2d17c156209f7d08ba38076bee73560 openssh6.9-dynwindows.diff 1c85437fd94aa4fc269e6297e4eb790baa98c39949ec0410792c09ee31ba9782 openssh-fix-utmp.diff cf053bee46c7037bdab3b3575c7080f4b514d8623c023a4dcfccb4cdcff179cf sshd.initd 29c6d57ac3ec6018cadc6ba6cd9b90c9ed46e20049b970fdcc68ee2481a2ee41 sshd.confd 4ce1ad5f767c0f4e854a0cfeef0e2e400f333c649e552df1ecc317e6a6557376 openssh-sftp-interactive.diff" sha512sums="68fec9b4e512fe126a5d35b01e2cc656d810b75052ed8a36bc85cd0a05de7318b15ed287bc95cf9bcb3fa2f385029151d85aced55e07fbcc79e6c779bee6751d openssh-6.9p1.tar.gz 30decd1e2f66e9a772389b190e3576722d554015c2ee2418b83bc77ed692c3e3d8ec0a8caf389b054c7db23571742d9eadd0017e8f95441759401867ceaf1fd1 CVE-2015-5600.patch 7ab16c39dc02d38c2b8498a187c43637f6e8a06dc9786d1746010d2d416d979c34103bd6f95365664a143641d85d6985f73bcf055f5eb481ec34ad2a7ee2e939 CVE-2015-6563.patch e5a7d536837aefb07260b01c2863f96d0db2521d7739ded69f92490fad4c8537c853320458cdbc3a86cd90805d54fc87e081ece1dd4cb19392599888f9078e26 CVE-2015-6564.patch 1199d18e14dcd9d296894c87b26288ac17744497f2aca0a0c9eae2f0e13e45b193160895cad5334ca282aece3a337831549debea22b98852fc221aec7dbc34eb CVE-2015-6565.patch e041398e177674f698480e23be037160bd07b751c754956a3ddf1b964da24c85e826fb75e7c23c9826d36761da73d08db9583c047d58a08dc7b2149a949075b1 openssh6.5-peaktput.diff b86f78d7de20c957f58a228a5a1385e6ccf9608c280630524cdbdd1300b04d8382fb86cf42852354f24f0a7d7132520a7c7edb4f2227ce70a99bec269ff33438 openssh6.9-dynwindows.diff f35fffcd26635249ce5d820e7b3e406e586f2d2d7f6a045f221e2f9fb53aebc1ab1dd1e603b3389462296ed77921a1d08456e7aaa3825cbed08f405b381a58e1 openssh-fix-utmp.diff 4c24dd9c3cc9ca97bc77bbabb4128e9e043d71523a4bfb93dae65882db1b397f80dc432a9dd013a0aafba1bc0864700d0c8613d444de244d540ff026ffc57e80 sshd.initd b9ae816af54a55e134a9307e376f05367b815f1b3fd545c2a2c312d18aedcf907f413e8bad8db980cdd9aad4011a72a79e1e94594f69500939a9cb46287f2f81 sshd.confd c1d09c65dbc347f0904edc30f91aa9a24b0baee50309536182455b544f1e3f85a8cecfa959e32be8b101d8282ef06dde3febbbc3f315489339dcf04155c859a9 openssh-sftp-interactive.diff"