diff options
-rw-r--r-- | security/ssh2/Makefile | 58 | ||||
-rw-r--r-- | security/ssh2/pkg-plist | 13 |
2 files changed, 46 insertions, 25 deletions
diff --git a/security/ssh2/Makefile b/security/ssh2/Makefile index 73c6126417b6..753891c85c6d 100644 --- a/security/ssh2/Makefile +++ b/security/ssh2/Makefile @@ -7,7 +7,8 @@ PORTNAME= ssh2 PORTVERSION= 3.1.0 -CATEGORIES= security +PORTREVISION= 1 +CATEGORIES= security ipv6 MASTER_SITES= ftp://ftp.ssh.com/pub/ssh/ \ ftp://sunsite.unc.edu/pub/packages/security/ssh/ \ ftp://ftp.kyoto.wide.ad.jp/pub/security/ssh/ \ @@ -24,20 +25,31 @@ MAINTAINER= larse@ISI.EDU GNU_CONFIGURE= YES -CONFIGURE_ARGS= --with-etcdir=${PREFIX}/etc/ssh2 -#Uncomment if all your users are in their own group and their homedir -#is writeable by that group. Beware the security implications! -#CONFIGURE_ARGS+= --enable-group-writeability +CONFIGURE_ARGS= --with-etcdir=${SSH2_ETC} --disable-debug -.include <bsd.port.pre.mk> +SSH2_ETC= ${PREFIX}/etc/ssh2 +SSH2_RCD= ${PREFIX}/etc/rc.d +CONFIG_FILES= ssh2_config sshd2_config -# Include tcp_wrappers support (automaticlly YES if /usr/include/tcpd.h exists) -#WITH_TCPWRAP= yes +# Uncomment if all your users are in their own group and their homedir +# is writeable by that group. Beware the security implications! +# +#CONFIGURE_ARGS+= --enable-group-writeability -.if exists(/usr/include/tcpd.h) && !defined(WITHOUT_TCPWRAP) +# Kerberos support is untested. +# +#.if defined(KRB5_HOME) && exists(${KRB5_HOME}) +#CONFIGURE_ARGS+=--with-kerberos5=${KRB5_HOME} --disable-suid-ssh-signer +#.endif + +# Auto-configure tcp_wrappers support. +# +.if exists(/usr/include/tcpd.h) && !defined(WITHOUT_TCPWRAP) && \ + !defined(WITHOUT_TCPWRAP) CONFIGURE_ARGS+= --with-libwrap .elif defined(WITH_TCPWRAP) CONFIGURE_ARGS+= --with-libwrap="-L${LOCALBASE}/lib -lwrap" + LIB_DEPENDS+= wrap.7:${PORTSDIR}/security/tcp_wrapper .endif @@ -46,9 +58,12 @@ LIB_DEPENDS+= wrap.7:${PORTSDIR}/security/tcp_wrapper USE_XLIB= yes PLIST_SUB= WITH_X11:="" .else +CONFIGURE_ARGS+= --without-x PLIST_SUB= WITH_X11:="@comment " .endif +.include <bsd.port.pre.mk> + MAN1= ssh2.1 ssh-keygen2.1 ssh-add2.1 ssh-agent2.1 scp2.1 sftp2.1 \ sshregex.1 ssh-probe2.1 ssh-dummy-shell.1 ssh-pubkeymgr.1 \ ssh-chrootmgr.1 @@ -62,21 +77,32 @@ MANCOMPRESSED= no PORTDOCS= BUG.REPORT CHANGES FAQ INSTALL LICENSE MANIFEST NEWS README \ REGEX-SYNTAX SSH2.QUICKSTART -post-install: +post-install: install-config-files .if !defined(NOPORTDOCS) ${MKDIR} ${DOCSDIR} .for i in ${PORTDOCS} ${INSTALL_DATA} ${WRKSRC}/$i ${DOCSDIR} .endfor .endif -# - @if [ "`grep ssh /etc/inetd.conf|grep -v ^#ssh`" = "" ]; then \ - if [ ! -f ${PREFIX}/etc/rc.d/sshd.sh ]; then \ - ${ECHO} "Installing ${PREFIX}/etc/rc.d/sshd.sh startup file."; \ + @if [ ! -f ${SSH2_ETC}/hostkey ]; then \ + ${ECHO} "Generating a secret host key..."; \ + ${PREFIX}/bin/ssh-keygen2 -P -b 1024 -t dsa ${SSH2_ETC}/hostkey; \ + fi; \ + if [ "`grep ssh /etc/inetd.conf|grep -v ^#ssh`" = "" ]; then \ + if [ ! -f ${SSH2_RCD}/sshd.sh ]; then \ + ${ECHO} "Installing ${SSH2_RCD}/sshd.sh startup file."; \ ${SED} -e 's+!!PREFIX!!+${PREFIX}+' < ${FILESDIR}/sshd.sh \ - > ${PREFIX}/etc/rc.d/sshd.sh; \ - ${CHMOD} 751 ${PREFIX}/etc/rc.d/sshd.sh; \ + > ${SSH2_RCD}/sshd.sh; \ + ${CHMOD} 751 ${SSH2_RCD}/sshd.sh; \ fi; \ fi +install-config-files: +.for file in ${CONFIG_FILES} + ${INSTALL_DATA} ${WRKSRC}/apps/ssh/${file} ${SSH2_ETC}/${file}.sample +.if !exists(${SSH2_ETC}/${file}) + ${INSTALL_DATA} ${WRKSRC}/apps/ssh/${file} ${SSH2_ETC} +.endif +.endfor + .include <bsd.port.post.mk> diff --git a/security/ssh2/pkg-plist b/security/ssh2/pkg-plist index 9352c29c4bcc..89995cd5d503 100644 --- a/security/ssh2/pkg-plist +++ b/security/ssh2/pkg-plist @@ -2,11 +2,11 @@ bin/ssh2 bin/scp2 bin/sftp2 bin/ssh-agent2 +%%WITH_X11:%%bin/ssh-askpass2 bin/ssh-keygen2 bin/ssh-add2 bin/ssh-signer2 bin/ssh-probe2 -%%WITH_X11:%%bin/ssh-askpass2 bin/ssh-pam-client bin/sftp-server2 bin/ssh-dummy-shell @@ -23,18 +23,13 @@ bin/sftp-server bin/ssh-signer bin/ssh-probe etc/rc.d/sshd.sh -etc/ssh2/hostkey -etc/ssh2/hostkey.pub -etc/ssh2/sshd2_config -etc/ssh2/ssh2_config +etc/ssh2/sshd2_config.sample +etc/ssh2/ssh2_config.sample etc/ssh2/ssh_dummy_shell.out sbin/sshd2 sbin/sshd-check-conf sbin/sshd -@dirrm etc/ssh2/knownhosts -@dirrm etc/ssh2/hostkeys -@dirrm etc/ssh2 -@exec if [ ! -f %D/etc/ssh2/hostkey ]; then umask 022; echo "Generating 1024 bit host key."; %D/bin/ssh-keygen2 -P -b 1024 -t dsa -c "1024-bit dsa hostkey" -o %D/etc/ssh2/hostkey; fi +@exec if [ ! -f %D/etc/ssh2/hostkey ]; then umask 022; echo "Generating 1024 bit host key."; %D/bin/ssh-keygen2 -P -b 1024 -t dsa %D/etc/ssh2/hostkey; fi %%PORTDOCS%%share/doc/ssh2/BUG.REPORT %%PORTDOCS%%share/doc/ssh2/CHANGES %%PORTDOCS%%share/doc/ssh2/FAQ |