main/openssh/APKBUILD


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151

# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=openssh
pkgver=6.4_p1
_myver=${pkgver%_*}${pkgver#*_}
pkgrel=4
pkgdesc="Port of OpenBSD's free SSH release"
url="http://www.openssh.org/portable.html"
arch="all"
license="as-is"
depends="openssh-client"
makedepends="openssl-dev zlib-dev"
subpackages="$pkgname-doc $pkgname-client"
source="ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$pkgname-$_myver.tar.gz
	openssh6.2-dynwindows.diff
	openssh-peaktput.diff
	openssh-hmac-accel.diff
	openssh-fix-includes.diff
	openssh-fix-utmp.diff
	sshd.initd
	sshd.confd
	CVE-2014-2532.patch
	CVE-2014-2653.patch
	CVE-2015-5600.patch
	CVE-2015-6563.patch
	CVE-2015-6564.patch
	CVE-2015-6565.patch
	"
# HPN patches are from: http://www.psc.edu/index.php/hpn-ssh

_builddir="$srcdir"/$pkgname-$_myver
prepare() {
	cd "$_builddir"
	for i in $source; do
		case "$i" in
		*.diff.gz)
			msg "Applying $i"
			gunzip -c "$srcdir"/"${i##*/}" | patch -p1 -N || return 1
			;;
		*.diff|*.patch)
			msg "Applying $i"
			patch -p1 -N -i "$srcdir"/${i##*/} || return 1
			;;
		esac
	done
	sed -i -e '/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:/usr/bin/xauth:' \
		pathnames.h || return 1

}

build () {
	cd "$_builddir"
	./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--prefix=/usr \
		--sysconfdir=/etc/ssh \
		--datadir=/usr/share/openssh \
		--libexecdir=/usr/lib/ssh \
		--mandir=/usr/share/man \
		--with-mantype=man \
		--with-ldflags="${LDFLAGS}" \
		--disable-strip \
		--disable-lastlog \
		--with-privsep-path=/var/empty \
		--with-privsep-user=sshd \
		--with-md5-passwords \
		--with-ssl-engine \
		--without-tcp-wrappers \
		--without-pam \
		|| return 1
	make || return 1
}

package() {
	cd "$_builddir"
	make DESTDIR="$pkgdir" install || return 1
	mkdir -p "$pkgdir"/var/empty
	install -D -m755 "$srcdir"/sshd.initd \
		"$pkgdir"/etc/init.d/sshd || return 1
	install -D -m644 "$srcdir"/sshd.confd \
		"$pkgdir"/etc/conf.d/sshd || return 1
        install -Dm644 "$_builddir"/contrib/ssh-copy-id.1 \
		"$pkgdir"/usr/share/man/man1/ssh-copy-id.1 || return 1
	sed -i 's/#UseDNS yes/UseDNS no/' "$pkgdir"/etc/ssh/sshd_config
}

client() {
	pkgdesc="OpenBSD's SSH client"
	replaces="openssh"
	depends=
	install -d "$subpkgdir"/usr/bin \
		"$subpkgdir"/usr/lib/ssh \
		"$subpkgdir"/etc/ssh \
		"$subpkgdir"/var/run \
		"$subpkgdir"/var/empty

	mv "$pkgdir"/usr/bin/* \
		"$subpkgdir"/usr/bin/ || return 1
	mv "$pkgdir"/usr/lib/ssh/ssh-keysign \
		"$subpkgdir"/usr/lib/ssh/ || return 1
	mv "$pkgdir"/etc/ssh/ssh_config \
		"$pkgdir"/etc/ssh/moduli \
		"$subpkgdir"/etc/ssh/ || return 1
	install -Dm755 "$_builddir"/contrib/findssl.sh \
		"$subpkgdir"/usr/bin/findssl.sh || return 1
	install -Dm755 "$_builddir"/contrib/ssh-copy-id \
		"$subpkgdir"/usr/bin/ssh-copy-id || return 1
}

md5sums="a62b88b884df0b09b8a8c5789ac9e51b  openssh-6.4p1.tar.gz
2306a0f6ba8915c02c533e7bf6e64fe8  openssh6.2-dynwindows.diff
77da1e0dd9bfe98a9c84747e7e3dc7b3  openssh-peaktput.diff
c65d454dc5b149647273485fc184636d  openssh-hmac-accel.diff
7c86680602f7ad71b0773d9e98a30d73  openssh-fix-includes.diff
f7d9d6f96940ef66bd3c3a0aa27e57a7  openssh-fix-utmp.diff
cb0dd08c413fad346f0c594107b4a2e0  sshd.initd
b35e9f3829f4cfca07168fcba98749c7  sshd.confd
e4cf579145106ce3d4465453b70ea50d  CVE-2014-2532.patch
02a7de5652d9769576e3b252d768cd0f  CVE-2014-2653.patch
188d255048996a0f2dce35031a9fdb07  CVE-2015-5600.patch
ae3ac6c890f3172327118f3b793e7f05  CVE-2015-6563.patch
9e107e2636250f33199ba47550ceca1e  CVE-2015-6564.patch
48b16c12877d665d9701809fdc6f4bc6  CVE-2015-6565.patch"
sha256sums="5530f616513b14aea3662c4c373bafd6a97a269938674c006377e381f68975d2  openssh-6.4p1.tar.gz
4f78f16807c6b6a3a3773c000b85df0c56ea8a93dc35eaa6bbdffe6e30328e58  openssh6.2-dynwindows.diff
6e803be3b3569eedfe69d9e9aeabef2e3fec2ed28f75bc456dfd69c2ef2c8198  openssh-peaktput.diff
902ea83a9ef726f32b096280da0f1b722f4372886c65c4e28985ee57e725d95c  openssh-hmac-accel.diff
c3189ba0e17e60e83851ac2d6f18ad5b08cb90cccfce31d61cccb9fd76d44d59  openssh-fix-includes.diff
f2748da45d0bc31055727f8c80d93e1872cc043ced3202e2f6d150aca3c08dde  openssh-fix-utmp.diff
3fa062fd4bfac64abf21f3c1d0548f1dfcf3c6e56e84ece14c848f53a293024e  sshd.initd
29c6d57ac3ec6018cadc6ba6cd9b90c9ed46e20049b970fdcc68ee2481a2ee41  sshd.confd
323d1a7a0ff72143580ac1b0ce2a28b9640f956368bc6629890c22c79af28aaa  CVE-2014-2532.patch
03826427d72f86c68f079acab6c9c86e8f27f7514b66428f404c2f235fd0c0bd  CVE-2014-2653.patch
d7bc0d62a9741775ab618725c63c9bdda915e5c6d2e8a4c6995ebe1fa8b3224f  CVE-2015-5600.patch
044c3ceeb69c4812414bc605d3fd1f49e48623fe75b958f130420c9a3a3d3914  CVE-2015-6563.patch
0f4db4d65edbbef21862ac10714bdd4f8911cf9f9b6eb220f94663be0c4872c8  CVE-2015-6564.patch
e42adee1f712850efcce272b556909fd3daf688c1f6059d86bfcc064cea09e87  CVE-2015-6565.patch"
sha512sums="f87b3e1d3110b87c1dfff729459ff26024863480c8eb4449b9e3b0b750d187acdfedb199ca4ea133b5dfa436bed0e2eea7607392d451b18c626c4dc1d38bb52a  openssh-6.4p1.tar.gz
773cc0629e17a8f78e82be56e579855ea9b3ca8fd26360964aee854d717a7cfc2c9d4d654cf0fda5723c3aabe96e48ee2cfe6d1fd64b5717f0ef5eb997d00293  openssh6.2-dynwindows.diff
64f5aff3fc1a0d2f7c65ea875d1c2c4d98a3d305ff2677d9d4ca82f20778df9e317b1bfc428cee2b0df1bfa01a65dfcf83b68435a227a23a2cf3400fef35d656  openssh-peaktput.diff
aaa128126400171d0755038a846672aa7b1e87340edf73a672962d403abf404ef1821466b17da51dde25f04ec7533ae4a653399ccc912ea9c4a7b1a14032e76f  openssh-hmac-accel.diff
70e2c6613ab77ec379e03ddf029c1c38e5d852bb225db40ceaa63e642d58b0261fa7c954b288710736bb1dc71f8057f2598ea0d1f5b1214135fa5e9541d5f05a  openssh-fix-includes.diff
cc909f68d9da1b264926973b96d36162b5c588299c98d62f526faf2ef1273d98bb8d8dea4d482770a2aef88bcbf15fa61144401aef9ab916c15e1623bcf449b5  openssh-fix-utmp.diff
1483e2bcd700da9b02f04508d490b472c816344787bf1675fef2f7e27f72b91e4323e4e8c1db701e47d81d37d6d4b0623eaeac46b2cf589ae5ad69f363baa594  sshd.initd
b9ae816af54a55e134a9307e376f05367b815f1b3fd545c2a2c312d18aedcf907f413e8bad8db980cdd9aad4011a72a79e1e94594f69500939a9cb46287f2f81  sshd.confd
4521052ef55b77a2932484fa52f4a7688e8dbd4e6aa1e210ce24a59b8501775ca7e844108e36c06a9e3a47b70cd8d59007c12ca7a7bb8af27ae1e31e7b0de34d  CVE-2014-2532.patch
be48059ae1715669f970a19acde14f262588172c5a8d8d1c84159bc69a60c5750b21c98f39f65df72ae071f7f918046000a2499b9ef16ba2cb4bcd8399bc8e40  CVE-2014-2653.patch
c53410eb119fdba313661bdffbbbc0e19970c2321fdf24cb086d1946d0f99c8fb06c65b7edc52a746024caa1c6cf87dfc19758e28ff2935a555ac04c9437827a  CVE-2015-5600.patch
7ab16c39dc02d38c2b8498a187c43637f6e8a06dc9786d1746010d2d416d979c34103bd6f95365664a143641d85d6985f73bcf055f5eb481ec34ad2a7ee2e939  CVE-2015-6563.patch
e5a7d536837aefb07260b01c2863f96d0db2521d7739ded69f92490fad4c8537c853320458cdbc3a86cd90805d54fc87e081ece1dd4cb19392599888f9078e26  CVE-2015-6564.patch
2f74906d7bfc2ca48f001470606a055ade36b44c17d386ed89e44507c8821f1c7b48eed022be729459185d5b6f848fd5763f7b711e106fbc20fb18c10bb688bd  CVE-2015-6565.patch"