# Conptributor: Valery Kartel # Maintainer: Natanael Copa pkgname=openssh pkgver=7.4_p1 _myver=${pkgver%_*}${pkgver#*_} pkgrel=1 pkgdesc="Port of OpenBSD's free SSH release" url="http://www.openssh.org/portable.html" arch="all" license="as-is" options="suid" depends="openssh-client openssh-sftp-server openssh-server" makedepends_build="" makedepends_host="libressl-dev zlib-dev linux-headers" makedepends="$makedepends_build $makedepends_host" subpackages="$pkgname-doc $pkgname-keygen $pkgname-client $pkgname-keysign $pkgname-sftp-server:sftp $pkgname-server " source="http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$pkgname-$_myver.tar.gz openssh6.5-peaktput.diff openssh7.1-dynwindows.diff openssh-fix-utmp.diff bsd-compatible-realpath.patch sshd.initd sshd.confd openssh-sftp-interactive.diff " # secfixes: # 7.4_p1: # - CVE-2016-10009 # - CVE-2016-10010 # - CVE-2016-10011 # - CVE-2016-10012 # https://bugs.alpinelinux.org/issues/6583 # HPN patches are from: http://www.psc.edu/index.php/hpn-ssh builddir="$srcdir"/$pkgname-$_myver prepare() { cd "$builddir" default_prepare sed -i -e '/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:/usr/bin/xauth:' \ pathnames.h || return 1 } build() { cd "$builddir" export LD="$CC" ./configure \ --build=$CBUILD \ --host=$CHOST \ --prefix=/usr \ --sysconfdir=/etc/ssh \ --datadir=/usr/share/openssh \ --libexecdir=/usr/lib/ssh \ --mandir=/usr/share/man \ --with-pid-dir=/run \ --with-mantype=man \ --with-ldflags="${LDFLAGS}" \ --disable-strip \ --disable-lastlog \ --disable-wtmp \ --with-privsep-path=/var/empty \ --with-privsep-user=sshd \ --with-md5-passwords \ --with-ssl-engine \ --without-pam \ || return 1 make || return 1 } package() { cd "$builddir" make DESTDIR="$pkgdir" install || return 1 mkdir -p "$pkgdir"/var/empty install -D -m755 "$srcdir"/sshd.initd \ "$pkgdir"/etc/init.d/sshd || return 1 install -D -m644 "$srcdir"/sshd.confd \ "$pkgdir"/etc/conf.d/sshd || return 1 install -Dm644 "$builddir"/contrib/ssh-copy-id.1 \ "$pkgdir"/usr/share/man/man1/ssh-copy-id.1 || return 1 sed -i 's/#UseDNS yes/UseDNS no/' "$pkgdir"/etc/ssh/sshd_config } keygen() { pkgdesc="ssh helper program for generating keys" depends= install -d "$subpkgdir"/usr/bin || return 1 mv "$pkgdir"/usr/bin/ssh-keygen \ "$subpkgdir"/usr/bin/ || return 1 } client() { pkgdesc="OpenBSD's SSH client" depends="openssh-keygen" install -d "$subpkgdir"/usr/bin \ "$subpkgdir"/usr/lib/ssh \ "$subpkgdir"/etc/ssh \ "$subpkgdir"/var/empty mv "$pkgdir"/usr/bin/* \ "$subpkgdir"/usr/bin/ || return 1 mv "$pkgdir"/etc/ssh/ssh_config \ "$pkgdir"/etc/ssh/moduli \ "$subpkgdir"/etc/ssh/ || return 1 install -Dm755 "$builddir"/contrib/findssl.sh \ "$subpkgdir"/usr/bin/findssl.sh || return 1 install -Dm755 "$builddir"/contrib/ssh-copy-id \ "$subpkgdir"/usr/bin/ssh-copy-id || return 1 } keysign() { pkgdesc="ssh helper program for host-based authentication" depends="openssh-client" install -d "$subpkgdir"/usr/lib/ssh || return 1 mv "$pkgdir"/usr/lib/ssh/ssh-keysign \ "$subpkgdir"/usr/lib/ssh/ || return 1 } sftp() { pkgdesc="ssh sftp server module" depends="" install -d "$subpkgdir"/usr/lib/ssh || return 1 mv "$pkgdir"/usr/lib/ssh/sftp-server \ "$subpkgdir"/usr/lib/ssh/ || return 1 } server() { pkgdesc="OpenSSH server" depends="openssh-keygen" for i in etc/ssh/sshd_config \ etc/init.d/sshd \ etc/conf.d/sshd \ usr/sbin/sshd \ usr/lib/ssh/ssh-pkcs11-helper; do install -d "$subpkgdir"/${i%/*} || return 1 mv "$pkgdir"/$i \ "$subpkgdir"/${i%/*}/ || return 1 done } md5sums="b2db2a83caf66a208bb78d6d287cdaa3 openssh-7.4p1.tar.gz cd52fe99cb4b7d0d847bf5d710d93564 openssh6.5-peaktput.diff 6337ad8a38783c8f1285cf4f97fc451f openssh7.1-dynwindows.diff 37fbfe9cfb9a5e2454382ea8c79ed2e1 openssh-fix-utmp.diff e21243d6ddff1bb929eed3676b4b9a2a bsd-compatible-realpath.patch 8ae02e304db5d42790b7269b03a8985f sshd.initd ccff4ede2075bcdaa070940cb4eadba2 sshd.confd 2dd7e366607e95f9762273067309fd6e openssh-sftp-interactive.diff" sha256sums="1b1fc4a14e2024293181924ed24872e6f2e06293f3e8926a376b8aec481f19d1 openssh-7.4p1.tar.gz bf49212e47a86d10650f739532cea514a310925e6445b4f8011031b6b55f3249 openssh6.5-peaktput.diff 861132af07c18f5e0ac7b64f389a929e61a051887bf44bda770a97e3afd9bfb6 openssh7.1-dynwindows.diff 1c85437fd94aa4fc269e6297e4eb790baa98c39949ec0410792c09ee31ba9782 openssh-fix-utmp.diff a843cacd7002a68e9d09b5d8ea1466c9980fa35fa3ccd8d9357ac793017de2a6 bsd-compatible-realpath.patch 18521d52f5e38d5820732356d210fb45922f7b848b7c9ca0bb3823de9e088e1d sshd.initd 3342d2fc9b174f898f887237002f04fa9bc01c31e9a851e063ca7de8825ad0eb sshd.confd 4ce1ad5f767c0f4e854a0cfeef0e2e400f333c649e552df1ecc317e6a6557376 openssh-sftp-interactive.diff" sha512sums="4f3256f461f01366c5d5e0e45285eec65016e2643b3284b407f48f53d81087bf2c1caf7d5f7530d307a15c91c64de91446e1cba948e8fc68f82098290fe3b292 openssh-7.4p1.tar.gz e041398e177674f698480e23be037160bd07b751c754956a3ddf1b964da24c85e826fb75e7c23c9826d36761da73d08db9583c047d58a08dc7b2149a949075b1 openssh6.5-peaktput.diff 72a7dc21d18388c635d14dda762ac50caeefd38f0153d8ea36d18e9d7c982e104f7b7a3af8c18fd479c31201fbdee1639f3a1ec60d035d4ca8721a8563fa11a0 openssh7.1-dynwindows.diff f35fffcd26635249ce5d820e7b3e406e586f2d2d7f6a045f221e2f9fb53aebc1ab1dd1e603b3389462296ed77921a1d08456e7aaa3825cbed08f405b381a58e1 openssh-fix-utmp.diff f2b8daa537ea3f32754a4485492cc6eb3f40133ed46c0a5a29a89e4bcf8583d82d891d94bf2e5eb1c916fa68ec094abf4e6cd641e9737a6c05053808012b3a73 bsd-compatible-realpath.patch 394a420a36880bb0dd37dfd8727cea91fd9de6534050169e21212a46513ef3aaafe2752c338699b3d4ccd14871b26cf01a152df8060cd37f86ce0665fd53c63f sshd.initd ce0abddbd2004891f88efd8522c4b37a4989290269fab339c0fa9aacc051f7fd3b20813e192e92e0e64315750041cb74012d4321260f4865ff69d7a935b259d4 sshd.confd c1d09c65dbc347f0904edc30f91aa9a24b0baee50309536182455b544f1e3f85a8cecfa959e32be8b101d8282ef06dde3febbbc3f315489339dcf04155c859a9 openssh-sftp-interactive.diff"