aboutsummaryrefslogtreecommitdiffstats
path: root/security/hpn-ssh/Makefile
blob: 2640cf594d1c5a9b25990a8d7237b87fe5685aaa (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
# New ports collection makefile for: openssh
# Date created:  18 Mar 1999
# Whom:   dwcjr@inethouston.net
#
# $FreeBSD$
#

PORTNAME=   openssh
PORTVERSION=    3.3p1
PORTREVISION=   1
CATEGORIES= security ipv6
MASTER_SITES=   ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \
        ftp://ftp.op.net/pub/OpenBSD/OpenSSH/portable/ \
        ftp://carroll.cac.psu.edu/pub/OpenBSD/OpenSSH/portable/
PKGNAMESUFFIX=  -portable

MAINTAINER= dinoex@FreeBSD.org

MAN1=   sftp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 scp.1 ssh.1
MLINKS= ssh.1 slogin.1
MAN5=   ssh_config.5 sshd_config.5
MAN8=   sftp-server.8 sshd.8 ssh-keysign.8

CRYPTOLIBS= -L${OPENSSLLIB} -lcrypto
GNU_CONFIGURE=  yes
CONFIGURE_ARGS+=    --prefix=${PREFIX} --with-md5-passwords
CONFIGURE_ARGS+=    --with-privsep-path=${PREFIX}/empty
CLEAN=      etc/ssh_config etc/sshd_config etc/moduli \
        etc/ssh_host_key etc/ssh_host_key.pub \
        etc/ssh_host_dsa_key etc/ssh_host_dsa_key.pub \
        etc/ssh_host_rsa_key etc/ssh_host_rsa_key.pub

.if exists(/usr/include/security/pam_modules.h)
CONFIGURE_ARGS+=    --with-pam
.endif

.if exists(/usr/include/tcpd.h)
CONFIGURE_ARGS+=    --with-tcp-wrappers
.endif

.if !defined(ENABLE_SUID_SSH)
CONFIGURE_ARGS+=    --disable-suid-ssh
.endif

.if defined(OPENSSH_OVERWRITE_BASE)
USE_OPENSSL_BASE=   yes
PKGNAMESUFFIX=  -overwrite-base
PREFIX=     /usr
MANPREFIX=  ${PREFIX}/share
CONFIGURE_ARGS+=    --mandir=${MANPREFIX}/man \
        --sysconfdir=/etc/ssh --localstatedir=/var
.endif

.if defined(BATCH)
EXTRA_PATCHES+=     ${FILESDIR}/batch.patch
.endif

.if defined(KRB5_HOME) && exists(${KRB5_HOME})
GSSAPI_PATCH=   ${PORTNAME}-${PORTVERSION}-gssapi-20020527.diff
GSSAPI_SITE=    http://www.sxw.org.uk/computing/patches/
MASTER_SITES+=  ${GSSAPI_SITE}
DISTFILES=  ${EXTRACT_ONLY} ${GSSAPI_PATCH}
EXTRACT_ONLY=   ${PORTNAME}-${PORTVERSION}${EXTRACT_SUFX}
EXTRA_PATCHES+=     ${FILESDIR}/servconf.c.patch
BUILD_DEPENDS=      autoconf:${PORTSDIR}/devel/autoconf
# USE_AUTOCONF_VER= 252 # broken
CONFIGURE_ARGS+=    --with-kerberos5=${KRB5_HOME}
AUTOCONF=   autoconf
AUTOHEADER= autoheader

post-patch:
    @${ECHO_MSG} Applying extra patch for GSS-API key-exchange...
    @${PATCH} ${PATCH_DIST_ARGS:S/-p0/-p1/} \
        < ${DISTDIR}/${GSSAPI_PATCH}

pre-configure:
    @${ECHO_MSG} !!!! Warning this option uses autoconf/autoheader !!!
    (cd ${CONFIGURE_WRKSRC} && ${SETENV} ${AUTOCONF_ENV} ${AUTOCONF} \
                ${AUTOCONF_ARGS})
    (cd ${CONFIGURE_WRKSRC} && ${SETENV} ${AUTOCONF_ENV} ${AUTOHEADER})
.endif

pre-install:
    if ! pw groupshow sshd; then pw groupadd sshd -g 22; fi
    if ! pw usershow sshd; then pw useradd sshd -g sshd -u 22 \
        -h - -d ${PREFIX}/empty -s /nonexistent -c "sshd privilege separation"; fi
    ${MKDIR} ${PREFIX}/empty

post-install:
    @${CAT} ${PKGMESSAGE}

.include <bsd.port.pre.mk>

.include "${PORTSDIR}/security/openssl/Makefile.ssl"
CONFIGURE_ARGS+=    --with-ssl-dir=${OPENSSLBASE}

.include <bsd.port.post.mk>