- (tim) update contrib/caldera files with what Caldera is using.

   <sps@caldera.de>

5 files changed, 422 insertions, 423 deletions

diff --git a/ChangeLog b/ChangeLog
index a6e31672..61f98436 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -10,6 +10,8 @@
  - (bal) Cygwin lacks setgroups() API.  Patch by Corinna Vinschen 
    <vinschen@redhat.com>
  - (bal) version.h synced, RPM specs updated for 2.9
+ - (tim) update contrib/caldera files with what Caldera is using.
+   <sps@caldera.de>
 
 20010425
  - OpenBSD CVS Sync
@@ -5265,4 +5267,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1177 2001/04/27 02:15:00 mouring Exp $
+$Id: ChangeLog,v 1.1178 2001/04/27 05:50:48 tim Exp $
diff --git a/contrib/caldera/openssh.spec b/contrib/caldera/openssh.spec
index defe1c23..f40b22ed 100644
--- a/contrib/caldera/openssh.spec
+++ b/contrib/caldera/openssh.spec
@@ -1,340 +1,281 @@
-# Version of OpenSSH
-%define oversion 2.9p1
-
-# Version of ssh-askpass
-%define aversion 1.2.0
-
-# Do we want to disable building of x11-askpass? (1=yes 0=no)
-%define no_x11_askpass 0
-
-# Do we want to disable building of gnome-askpass? (1=yes 0=no)
-%define no_gnome_askpass 1
-
-# Do we want to include contributed programs? (1=yes 0=no)
-%define contrib_programs 1
-
-Summary: OpenSSH free Secure Shell (SSH) implementation
-Name: openssh
-Version: %{oversion}
-Release: 1
-Packager: Damien Miller <djm@mindrot.org>
-URL: http://www.openssh.com/
-Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{oversion}.tar.gz
-Source1: http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz 
-Copyright: BSD
-Group: Applications/Internet
-BuildRoot: /var/tmp/openssh-%{Version}-buildroot
-#BuildRoot: /tmp/openssh-%{Version}-buildroot
-Obsoletes: ssh
-PreReq: openssl >= 0.9.5a
-Requires: openssl >= 0.9.5a
-BuildPreReq: perl, openssl-devel, tcp_wrappers
-BuildPreReq: /bin/login, /usr/bin/rsh, /usr/include/security/pam_appl.h
-%if ! %{no_gnome_askpass}
-BuildPreReq: gnome-libs-devel
-%endif
-
-%package clients
-Summary: OpenSSH Secure Shell protocol clients
-Requires: openssh = %{Version}-%{release}
-Group: Applications/Internet
-Obsoletes: ssh-clients
-
-%package server
-Summary: OpenSSH Secure Shell protocol server (sshd)
-Group: System Environment/Daemons
-Obsoletes: ssh-server
-#PreReq: openssh chkconfig >= 0.9
-
-%package askpass
-Summary: OpenSSH X11 passphrase dialog
-Group: Applications/Internet
-Requires: openssh = %{Version}-%{release}
-Obsoletes: ssh-extras
-
-%package askpass-gnome
-Summary: OpenSSH GNOME passphrase dialog
-Group: Applications/Internet
-Requires: openssh = %{Version}-%{release}
-Obsoletes: ssh-extras
-
-%description
-Ssh (Secure Shell) a program for logging into a remote machine and for
-executing commands in a remote machine.  It is intended to replace
-rlogin and rsh, and provide secure encrypted communications between
-two untrusted hosts over an insecure network.  X11 connections and
-arbitrary TCP/IP ports can also be forwarded over the secure channel.
-
-OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
-up to date in terms of security and features, as well as removing all 
-patented algorithms to separate libraries (OpenSSL).
-
-This package includes the core files necessary for both the OpenSSH
-client and server.  To make this package useful, you should also
-install openssh-clients, openssh-server, or both.
-
-%description clients
-Ssh (Secure Shell) a program for logging into a remote machine and for
-executing commands in a remote machine.  It is intended to replace
-rlogin and rsh, and provide secure encrypted communications between
-two untrusted hosts over an insecure network.  X11 connections and
-arbitrary TCP/IP ports can also be forwarded over the secure channel.
-
-OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
-up to date in terms of security and features, as well as removing all 
-patented algorithms to separate libraries (OpenSSL).
-
-This package includes the clients necessary to make encrypted connections
-to SSH servers.
-
-%description server
-Ssh (Secure Shell) a program for logging into a remote machine and for
-executing commands in a remote machine.  It is intended to replace
-rlogin and rsh, and provide secure encrypted communications between
-two untrusted hosts over an insecure network.  X11 connections and
-arbitrary TCP/IP ports can also be forwarded over the secure channel.
-
-OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
-up to date in terms of security and features, as well as removing all 
-patented algorithms to separate libraries (OpenSSL).
-
-This package contains the secure shell daemon. The sshd is the server 
-part of the secure shell protocol and allows ssh clients to connect to 
-your host.
-
-%description askpass
-Ssh (Secure Shell) a program for logging into a remote machine and for
-executing commands in a remote machine.  It is intended to replace
-rlogin and rsh, and provide secure encrypted communications between
-two untrusted hosts over an insecure network.  X11 connections and
-arbitrary TCP/IP ports can also be forwarded over the secure channel.
-
-OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
-up to date in terms of security and features, as well as removing all 
-patented algorithms to separate libraries (OpenSSL).
-
-This package contains Jim Knoble's <jmknoble@pobox.com> X11 passphrase 
-dialog.
-
-%description askpass-gnome
-Ssh (Secure Shell) a program for logging into a remote machine and for
-executing commands in a remote machine.  It is intended to replace
-rlogin and rsh, and provide secure encrypted communications between
-two untrusted hosts over an insecure network.  X11 connections and
-arbitrary TCP/IP ports can also be forwarded over the secure channel.
-
-OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
-up to date in terms of security and features, as well as removing all 
-patented algorithms to separate libraries (OpenSSL).
-
-This package contains the GNOME passphrase dialog.
-
-%prep
-
-%setup -a 1
-
-%build
-
-%define _sysconfdir /etc/ssh
-
-CFLAGS="$RPM_OPT_FLAGS"					\
-	./configure					\
-		--prefix=/usr				\
-		--sysconfdir=/etc/ssh			\
-		--libexecdir=%{_libexecdir}/openssh	\
-		--with-pam \
-		--with-tcp-wrappers			\
-		--with-ipv4-default			\
-		--with-rsh=/usr/bin/rsh
+%define askpass		1.2.0
+
+Name        	: openssh
+Version     	: 2.9p1
+Release     	: 1
+Group       	: System/Network
+
+Summary     	: OpenSSH free Secure Shell (SSH) implementation.
+Summary(de) 	: OpenSSH - freie Implementation der Secure Shell (SSH).
+Summary(es) 	: OpenSSH implementación libre de Secure Shell (SSH).
+Summary(fr) 	: Implémentation libre du shell sécurisé OpenSSH (SSH).
+Summary(it) 	: Implementazione gratuita OpenSSH della Secure Shell.
+Summary(pt) 	: Implementação livre OpenSSH do protocolo 'Secure Shell' (SSH).
+
+Copyright   	: BSD
+Packager    	: Stephan Seyboth <sps@caldera.de>
+#Icon        	: .
+URL         	: http://www.openssh.com/
+
+Obsoletes   	: ssh, ssh-clients, openssh-clients
+
+BuildRoot   	: /tmp/%{Name}-%{Version}
+
+Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{Version}.tar.gz
+Source1: http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/x11-ssh-askpass-%{askpass}.tar.gz
+
+
+%Package server
+Group       	: System/Network
+Requires    	: openssh = %{Version}
+Obsoletes   	: ssh-server
+
+Summary     	: OpenSSH Secure Shell protocol server (sshd).
+Summary(de) 	: OpenSSH Secure Shell Protocol Server (sshd).
+Summary(es) 	: Servidor del protocolo OpenSSH Secure Shell (sshd).
+Summary(fr) 	: Serveur de protocole du shell sécurisé OpenSSH (sshd).
+Summary(it) 	: Server OpenSSH per il protocollo Secure Shell (sshd).
+Summary(pt) 	: Servidor do protocolo 'Secure Shell' OpenSSH (sshd).
+
+
+%Package askpass
+Group       	: System/Network
+Requires    	: openssh = %{Version}
+Obsoletes   	: ssh-extras
+
+Summary     	: OpenSSH X11 pass-phrase dialog.
+Summary(de) 	: OpenSSH X11 Passwort-Dialog.
+Summary(es) 	: Aplicación de petición de frase clave OpenSSH X11.
+Summary(fr) 	: Dialogue pass-phrase X11 d'OpenSSH.
+Summary(it) 	: Finestra di dialogo X11 per la frase segreta di OpenSSH.
+Summary(pt) 	: Diálogo de pedido de senha para X11 do OpenSSH.
+
+
+%Description
+OpenSSH (Secure Shell) provides access to a remote system. It replaces
+telnet, rlogin,  rexec, and rsh, and provides secure encrypted 
+communications between two untrusted hosts over an insecure network.  
+X11 connections and arbitrary TCP/IP ports can also be forwarded over 
+the secure channel.
+
+%Description -l de
+OpenSSH (Secure Shell) stellt den Zugang zu anderen Rechnern her. Es ersetzt
+telnet, rlogin, rexec und rsh und stellt eine sichere, verschlüsselte
+Verbindung zwischen zwei nicht vertrauenswürdigen Hosts über eine unsicheres
+Netzwerk her. X11 Verbindungen und beliebige andere TCP/IP Ports können ebenso
+über den sicheren Channel weitergeleitet werden.
+
+%Description -l es
+OpenSSH (Secure Shell) proporciona acceso a sistemas remotos. Reemplaza a
+telnet, rlogin, rexec, y rsh, y proporciona comunicaciones seguras encriptadas
+entre dos equipos entre los que no se ha establecido confianza a través de una
+red insegura. Las conexiones X11 y puertos TCP/IP arbitrarios también pueden
+ser canalizadas sobre el canal seguro.
+
+%Description -l fr
+OpenSSH (Secure Shell) fournit un accès à un système distant. Il remplace
+telnet, rlogin, rexec et rsh, tout en assurant des communications cryptées
+securisées entre deux hôtes non fiabilisés sur un réseau non sécurisé. Des
+connexions X11 et des ports TCP/IP arbitraires peuvent également être
+transmis sur le canal sécurisé.
+
+%Description -l it
+OpenSSH (Secure Shell) fornisce l'accesso ad un sistema remoto.
+Sostituisce telnet, rlogin, rexec, e rsh, e fornisce comunicazioni sicure
+e crittate tra due host non fidati su una rete non sicura. Le connessioni
+X11 ad una porta TCP/IP arbitraria possono essere inoltrate attraverso
+un canale sicuro.
+
+%Description -l pt
+OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o
+telnet, rlogin, rexec, e o rsh e fornece comunicações seguras e cifradas
+entre duas máquinas sem confiança mútua sobre uma rede insegura.
+Ligações X11 e portos TCP/IP arbitrários também poder ser reenviados
+pelos porto seguro.
+
+%Description server
+This package installs the sshd, the server portion of OpenSSH. 
+
+%Description -l de server
+Dieses Paket installiert den sshd, den Server-Teil der OpenSSH.
+
+%Description -l es server
+Este paquete instala sshd, la parte servidor de OpenSSH.
+
+%Description -l fr server
+Ce paquetage installe le 'sshd', partie serveur de OpenSSH.
+
+%Description -l it server
+Questo pacchetto installa sshd, il server di OpenSSH.
+
+%Description -l pt server
+Este pacote intala o sshd, o servidor do OpenSSH.
+
+%Description askpass
+This package contains an X11-based passphrase dialog.
+
+%Description -l de askpass
+Dieses Paket enthält einen X11-basierten Passwort Dialog.
+
+%Description -l es askpass
+Este paquete contiene una aplicación para petición de frases-contraseña basada
+en X11.
+
+%Description -l fr askpass
+Ce paquetage contient un dialogue de passphrase basé sur X11.
+
+%Description -l it askpass
+Questo pacchetto contiene una finestra di X11 che chiede la frase segreta.
+
+%Description -l pt askpass
+Este pacote contém um diálogo de senha para o X11.
+
+%Prep
+%setup
+%setup -D -T -a1
+
+
+%Build
+CFLAGS="$RPM_OPT_FLAGS" \
+./configure \
+            --prefix=/usr \
+            --sysconfdir=/etc/ssh \
+            --libexecdir=/usr/lib/ssh \
+            --with-pam \
+            --with-tcp-wrappers \
+            --with-ipv4-default \
 
 make
 
-%if ! %{no_x11_askpass}
-cd x11-ssh-askpass-%{aversion}
+cd x11-ssh-askpass-%{askpass}
 xmkmf -a
 make
-cd ..
-%endif
-
-%if ! %{no_gnome_askpass}
-cd contrib
-gcc -O -g `gnome-config --cflags gnome gnomeui` \
-        gnome-ssh-askpass.c -o gnome-ssh-askpass \
-        `gnome-config --libs gnome gnomeui`
-cd ..
-%endif
-
-%install
-rm -rf $RPM_BUILD_ROOT
-make install DESTDIR=$RPM_BUILD_ROOT/
-
-# setup the environment we want
-perl -pi -e "s,PermitRootLogin yes,PermitRootLogin no,;" \
-	 -e "s,X11Forwarding no,X11Forwarding yes,;" \
-	 -e "s,CheckMail no,CheckMail yes,;" \
-	 -e "s,^#Subsystem	sftp,Subsystem	sftp,;" \
-	$RPM_BUILD_ROOT/etc/ssh/sshd_config
-
-install -d $RPM_BUILD_ROOT/etc/pam.d/
-install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
-install -d $RPM_BUILD_ROOT/etc/sysconfig/daemons
-install -d $RPM_BUILD_ROOT%{_libexecdir}/openssh
-install -d $RPM_BUILD_ROOT/usr/local/bin
-install -d $RPM_BUILD_ROOT/usr/local/man/man1
-install -m644 contrib/caldera/sshd.pam $RPM_BUILD_ROOT/etc/pam.d/sshd
-install -m755 contrib/caldera/sshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
-install -m755 contrib/caldera/sshd.daemons $RPM_BUILD_ROOT/etc/sysconfig/daemons/sshd
-perl -pi -e "s,\@OPENSSH_VERSION\@,%{Name}-%{Version},g" \
-	$RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
-perl -pi -e "s,\@OPENSSH_VERSION\@,%{Name}-%{Version},g" \
-	$RPM_BUILD_ROOT/etc/sysconfig/daemons/sshd
-%if %{contrib_programs}
-install -m755 contrib/make-ssh-known-hosts.pl $RPM_BUILD_ROOT/usr/local/bin
-install -m644 contrib/make-ssh-known-hosts.1 $RPM_BUILD_ROOT/usr/local/man/man1
-install -m755 contrib/ssh-copy-id $RPM_BUILD_ROOT/usr/local/bin
-install -m644 contrib/ssh-copy-id.1 $RPM_BUILD_ROOT/usr/local/man/man1
-%endif
-
-%if ! %{no_x11_askpass}
-install -s x11-ssh-askpass-%{aversion}/x11-ssh-askpass $RPM_BUILD_ROOT/usr/libexec/openssh/x11-ssh-askpass
-ln -s /usr/libexec/openssh/x11-ssh-askpass $RPM_BUILD_ROOT/usr/libexec/openssh/ssh-askpass
-install -d $RPM_BUILD_ROOT/usr/X11R6/man/man1
-install -c -m 0444 x11-ssh-askpass-%{aversion}/x11-ssh-askpass.man $RPM_BUILD_ROOT/usr/X11R6/man/man1/x11-ssh-askpass.1x
-ln -s /usr/X11R6/man/man1/x11-ssh-askpass.1x $RPM_BUILD_ROOT/usr/X11R6/man/man1/ssh-askpass.1x
-%endif
-
-%if ! %{no_gnome_askpass}
-install -s contrib/gnome-ssh-askpass $RPM_BUILD_ROOT/usr/libexec/openssh/gnome-ssh-askpass
-%endif
-
-%clean
-##rm -rf $RPM_BUILD_ROOT
-
-%post server
-if [ "$1" = 1 ]; then
-	echo "Creating SSH stop/start scripts in the rc directories..."
-#	/sbin/chkconfig --add sshd
-	lisa --SysV-init install sshd S90 2:3:4:5 K05 0:1:6
-fi
-if test -r /var/run/sshd.pid
-then
-        echo "Restarting the running SSH daemon..."
-	/etc/rc.d/init.d/sshd restart >&2
+
+
+%Install
+%{mkDESTDIR}
+
+make DESTDIR="$DESTDIR" install
+
+make -C x11-ssh-askpass-%{askpass} DESTDIR="$DESTDIR" \
+                                   BINDIR="/usr/lib/ssh" install
+
+%{fixManPages}
+
+# install remaining docs
+NV="$DESTDIR%{_defaultdocdir}/%{Name}-%{Version}"
+mkdir -p $NV
+cp -a CREDITS ChangeLog LICENCE OVERVIEW README* TODO $NV
+mkdir -p $NV/x11-ssh-askpass-%{askpass}
+cp -a x11-ssh-askpass-%{askpass}/{README,ChangeLog,SshAskpass*.ad} \
+      $NV/x11-ssh-askpass-%{askpass}
+
+
+# OpenLinux specific configuration
+mkdir -p $DESTDIR/{etc/pam.d,%{SVIcdir},%{SVIdir}}
+
+# enabling X11 forwarding on the server is convenient and okay,
+# on the client side it's a potential security risk!
+%{fixUP} -vg  $DESTDIR/etc/ssh/sshd_config 'X11Forwarding no' \
+                                           'X11Forwarding yes'
+
+install -m644 contrib/caldera/sshd.pam $DESTDIR/etc/pam.d/sshd
+# FIXME: disabled, find out why this doesn't work with nis
+%{fixUP} -vg  $DESTDIR/etc/pam.d/sshd '(.*pam_limits.*)' '#$1'
+
+install -m 0755 contrib/caldera/sshd.init $DESTDIR%{SVIdir}/sshd
+%{fixUP} -T $DESTDIR/%{SVIdir} -e 's:\@SVIdir\@:%{SVIdir}:'
+%{fixUP} -T $DESTDIR/%{SVIdir} -e 's:\@sysconfdir\@:/etc/ssh:'
+
+cat <<-EoD > $DESTDIR%{SVIcdir}/sshd
+	IDENT=sshd
+	DESCRIPTIVE="OpenSSH secure shell daemon"
+	# This service will be marked as 'skipped' on boot if there
+	# is no host key. Use ssh-host-keygen to generate one
+	ONBOOT="yes"
+	OPTIONS=""
+EoD
+
+SKG=$DESTDIR/usr/sbin/ssh-host-keygen
+install -m 0755 contrib/caldera/ssh-host-keygen $SKG
+%{fixUP} -T $SKG -e 's:\@sysconfdir\@:/etc/ssh:'
+%{fixUP} -T $SKG -e 's:\@sshkeygen\@:/usr/bin/ssh-keygen:'
+
+
+# generate file lists
+%{mkLists} -c %{Name}
+%{mkLists} -d %{Name} << 'EOF'
+/etc/ssh				base
+^/etc/					IGNORED
+%{_defaultdocdir}/$			IGNORED
+askpass					askpass
+*					default
+EOF
+%{mkLists} -a -f %{Name} << 'EOF'
+^/etc					*		prefix(%%config)
+/usr/X11R6/lib/X11/app-defaults		IGNORED
+[Aa]skpass				askpass
+%{_defaultdocdir}/%{Name}-%{Version}/	base
+ssh-keygen				base
+sshd					server
+sftp-server				server
+.*					base
+EOF
+
+
+%Clean
+%{rmDESTDIR}
+
+
+%Post
+# Generate host key when none is present to get up and running,
+# both client and server require this for host-based auth!
+# ssh-host-keygen checks for existing keys.
+/usr/sbin/ssh-host-keygen
+: # to protect the rpm database
+
+
+%Post server
+if [ -x %{LSBinit}-install ]; then
+  %{LSBinit}-install sshd
 else
-        echo "Starting the SSH daemon..."
-	/etc/rc.d/init.d/sshd start >&2
+  lisa --SysV-init install sshd S55 3:4:5 K45 0:1:2:6
 fi
 
-%preun server
-if [ "$1" = 0 ] ; then
-        echo "Stopping the SSH daemon..."
-	/etc/rc.d/init.d/sshd stop >&2
-	echo "Removing SSH stop/start scripts from the rc directories..."
-#	/sbin/chkconfig --del sshd
-	lisa --SysV-init remove  sshd $1
+! %{SVIdir}/sshd status || %{SVIdir}/sshd restart
+: # to protect the rpm database
+
+
+%PreUn server
+[ "$1" = 0 ] || exit 0
+
+! %{SVIdir}/sshd status || %{SVIdir}/sshd stop
+: # to protect the rpm database
+
+
+%PostUn server
+if [ -x %{LSBinit}-remove ]; then
+  %{LSBinit}-remove sshd
+else
+  lisa --SysV-init remove sshd $1
 fi
+: # to protect the rpm database
 
-%files
-%defattr(-,root,root)
-%doc ChangeLog OVERVIEW README* INSTALL 
-%doc CREDITS LICENCE
-%attr(0755,root,root) %{_bindir}/ssh-keygen
-%attr(0755,root,root) %{_bindir}/scp
-%attr(0755,root,root) %{_bindir}/ssh-keyscan
-%attr(0644,root,root) %{_mandir}/man1/ssh-keygen.1*
-%attr(0644,root,root) %{_mandir}/man1/ssh-keyscan.1*
-%attr(0644,root,root) %{_mandir}/man1/scp.1*
-%attr(0755,root,root) %dir %{_sysconfdir}
-%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/primes
-%attr(0755,root,root) %dir %{_libexecdir}/openssh
-
-%files clients
-%defattr(-,root,root)
-%attr(4755,root,root) %{_bindir}/ssh
-%attr(0755,root,root) %{_bindir}/ssh-agent
-%attr(0755,root,root) %{_bindir}/ssh-add
-%attr(0755,root,root) %{_bindir}/ssh-keyscan
-%attr(0755,root,root) %{_bindir}/sftp
-%attr(0644,root,root) %{_mandir}/man1/ssh.1*
-%attr(0644,root,root) %{_mandir}/man1/ssh-agent.1*
-%attr(0644,root,root) %{_mandir}/man1/ssh-add.1*
-%attr(0644,root,root) %{_mandir}/man1/ssh-keyscan.1*
-%attr(0644,root,root) %{_mandir}/man1/sftp.1*
-%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh_config
-%attr(-,root,root) %{_bindir}/slogin
-%attr(-,root,root) %{_mandir}/man1/slogin.1*
-%if %{contrib_programs}
-%attr(0755,root,root) /usr/local/bin/make-ssh-known-hosts.pl 
-%attr(0644,root,root) /usr/local/man/man1/make-ssh-known-hosts.1 
-%attr(0755,root,root) /usr/local/bin/ssh-copy-id 
-%attr(0644,root,root) /usr/local/man/man1/ssh-copy-id.1 
-%endif
-
-%files server
+
+%Files -f files-%{Name}-base
 %defattr(-,root,root)
-%attr(0751,root,root) %{_sbindir}/sshd
-%attr(0755,root,root) %{_libexecdir}/openssh/sftp-server
-%attr(0644,root,root) %{_mandir}/man8/sshd.8*
-%attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
-#%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/sshd_config
-%attr(0600,root,root) %config %{_sysconfdir}/sshd_config
-%attr(0600,root,root) %config(noreplace) /etc/pam.d/sshd
-%attr(0755,root,root) %config /etc/rc.d/init.d/sshd
-%attr(0755,root,root) %config /etc/sysconfig/daemons/sshd
-
-%if ! %{no_x11_askpass}
-%files askpass
+
+
+%Files server -f files-%{Name}-server
 %defattr(-,root,root)
-%doc x11-ssh-askpass-%{aversion}/README
-%doc x11-ssh-askpass-%{aversion}/ChangeLog
-%doc x11-ssh-askpass-%{aversion}/SshAskpass*.ad
-%attr(0755,root,root) %{_libexecdir}/openssh/ssh-askpass
-%attr(0755,root,root) %{_libexecdir}/openssh/x11-ssh-askpass
-%attr(0644,root,root) /usr/X11R6/man/man1/x11-ssh-askpass.1x
-%attr(-,root,root) /usr/X11R6/man/man1/ssh-askpass.1x
-%endif
-
-%if ! %{no_gnome_askpass}
-%files askpass-gnome
+
+
+%Files askpass -f files-%{Name}-askpass
 %defattr(-,root,root)
-%attr(0755,root,root) %{_libexecdir}/openssh/gnome-ssh-askpass
-%endif
-
-%changelog
-* Mon Oct 18 2000 Damien Miller <djm@mindrot.org>
-- Merge some of Nalin Dahyabhai <nalin@redhat.com> changes from the 
-  Redhat 7.0 spec file
-* Tue Sep 05 2000 Damien Miller <djm@mindrot.org>
-- Use RPM configure macro
-* Tue Aug 08 2000 Damien Miller <djm@mindrot.org>
-- Some surgery to sshd.init (generate keys at runtime)
-- Cleanup of groups and removal of keygen calls
-* Wed Jul 12 2000 Damien Miller <djm@mindrot.org>
-- Make building of X11-askpass and gnome-askpass optional
-* Mon Jun 12 2000 Damien Miller <djm@mindrot.org>
-- Glob manpages to catch compressed files
-* Wed Mar 15 2000 Damien Miller <djm@ibs.com.au>
-- Updated for new location
-- Updated for new gnome-ssh-askpass build
-* Sun Dec 26 1999 Damien Miller <djm@mindrot.org>
-- Added Jim Knoble's <jmknoble@pobox.com> askpass
-* Mon Nov 15 1999 Damien Miller <djm@mindrot.org>
-- Split subpackages further based on patch from jim knoble <jmknoble@pobox.com>
-* Sat Nov 13 1999 Damien Miller <djm@mindrot.org>
-- Added 'Obsoletes' directives
-* Tue Nov 09 1999 Damien Miller <djm@ibs.com.au>
-- Use make install
-- Subpackages
-* Mon Nov 08 1999 Damien Miller <djm@ibs.com.au>
-- Added links for slogin
-- Fixed perms on manpages
-* Sat Oct 30 1999 Damien Miller <djm@ibs.com.au>
-- Renamed init script
-* Fri Oct 29 1999 Damien Miller <djm@ibs.com.au>
-- Back to old binary names
-* Thu Oct 28 1999 Damien Miller <djm@ibs.com.au>
-- Use autoconf
-- New binary names
-* Wed Oct 27 1999 Damien Miller <djm@ibs.com.au>
-- Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec.
 
+
+%ChangeLog
+* Mon Jan 01 1998 ...
+Template Version: 1.31
+
+$Id: openssh.spec,v 1.15 2001/04/27 05:50:49 tim Exp $
diff --git a/contrib/caldera/ssh-host-keygen b/contrib/caldera/ssh-host-keygen
new file mode 100755
index 00000000..28a97b9b
--- /dev/null
+++ b/contrib/caldera/ssh-host-keygen
@@ -0,0 +1,36 @@
+#! /bin/sh
+#
+# $Id: ssh-host-keygen,v 1.1 2001/04/27 05:50:50 tim Exp $
+#
+# This script is normally run only *once* for a given host
+# (in a given period of time) -- on updates/upgrades/recovery
+# the ssh_host_key* files _should_ be retained! Otherwise false
+# "man-in-the-middle-attack" alerts will frighten unsuspecting
+# clients...
+
+keydir=@sysconfdir@
+keygen=@sshkeygen@
+
+if [ -f $keydir/ssh_host_key -o \
+             -f $keydir/ssh_host_key.pub ]; then
+  echo "You already have an SSH1 RSA host key in $keydir/ssh_host_key."
+else
+  echo "Generating 1024 bit SSH1 RSA host key."
+  $keygen -b 1024 -t rsa1 -f $keydir/ssh_host_key -C '' -N ''
+fi
+
+if [ -f $keydir/ssh_host_rsa_key -o \
+             -f $keydir/ssh_host_rsa_key.pub ]; then
+  echo "You already have an SSH2 RSA host key in $keydir/ssh_host_rsa_key."
+else
+  echo "Generating 1024 bit SSH2 RSA host key."
+  $keygen -b 1024 -t rsa -f $keydir/ssh_host_rsa_key -C '' -N ''
+fi
+
+if [ -f $keydir/ssh_host_dsa_key -o \
+             -f $keydir/ssh_host_dsa_key.pub ]; then
+  echo "You already have an SSH2 DSA host key in $keydir/ssh_host_dsa_key."
+else
+  echo "Generating SSH2 DSA host key."
+  $keygen -t dsa -f $keydir/ssh_host_dsa_key -C '' -N ''
+fi
diff --git a/contrib/caldera/sshd.daemons b/contrib/caldera/sshd.daemons
deleted file mode 100644
index b7515040..00000000
--- a/contrib/caldera/sshd.daemons
+++ /dev/null
@@ -1,6 +0,0 @@
-IDENT=sshd
-SHORT="sshd"
-DESCRIPTIVE="@OPENSSH_VERSION@"
-DAEMON=/usr/sbin/sshd
-# DAEMON_ARGS="-p some_other_port"
-ONBOOT=yes
diff --git a/contrib/caldera/sshd.init b/contrib/caldera/sshd.init
index 17643391..e60f8afe 100755
--- a/contrib/caldera/sshd.init
+++ b/contrib/caldera/sshd.init
@@ -1,99 +1,125 @@
-#! /bin/sh
+#! /bin/bash
 #
-# Generic network daemon RC script. If installed as /etc/rc.d/init.d/foobar,
-# it source /etc/sysconfig/daemons/foobar and looks at the
-# variable definitions (Bourne shell syntax). Variables marked with an
-# asterisk are required.
+# $Id: sshd.init,v 1.2 2001/04/27 05:50:50 tim Exp $
 #
-# * IDENT=sshd
-#   DESCRIPTIVE="@OPENSSH_VERSION@"
-# * DAEMON=/usr/sbin/sshd
-#   DAEMON_ARGS="-p some_other_port"
-#   ONBOOT=yes
+### BEGIN INIT INFO
+# Provides:
+# Required-Start: $network
+# Required-Stop:
+# Default-Start:  3 4 5
+# Default-Stop:   0 1 2 6
+# Description: sshd
+#                Bring up/down the OpenSSH secure shell daemon.
+### END INIT INFO
 #
+# Written by Miquel van Smoorenburg <miquels@drinkel.ow.org>.
+# Modified for Debian GNU/Linux by Ian Murdock <imurdock@gnu.ai.mit.edu>.
+# Modified for OpenLinux by Raymund Will <ray@caldera.de>
 
-# Source networking configuration.
-. /etc/sysconfig/network
-
-# Check that networking is up.
-[ ${NETWORKING} = "no" ] && exit 0
-
-# Source function library, check sysconfig/daemon file and source it.
-. /etc/rc.d/init.d/functions
-
-[ -x $DAEMON ] || exit 0
-
-# Some functions to make the below more readable
-KEYGEN=/usr/bin/ssh-keygen
-RSA1_KEY=/etc/ssh/ssh_host_key
-RSA_KEY=/etc/ssh/ssh_host_rsa_key
-DSA_KEY=/etc/ssh/ssh_host_dsa_key
-PID_FILE=/var/run/sshd.pid
-do_rsa1_keygen() {
-	if ! test -f $RSA1_KEY ; then
-		echo -n "Generating SSH1 RSA host key: "
-		if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
-			echo "RSA1 key generation success"
-		else
-			echo "RSA1 key generation failure"
-			exit 1
-		fi
-	fi
-}
-do_rsa_keygen() {
-	if ! test -f $RSA_KEY ; then
-		echo -n "Generating SSH2 RSA host key: "
-		if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then
-			echo "RSA key generation success"
-		else
-			echo "RSA key generation failure"
-			exit 1
-		fi
-	fi
-}
-do_dsa_keygen() {
-	if ! test -f $DSA_KEY ; then
-		echo -n "Generating SSH2 DSA host key: "
-		if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then
-			echo "DSA key generation success"
-		else
-			echo "DSA key generation failure"
-			exit 1
-		fi
-	fi
+NAME=sshd
+DAEMON=/usr/sbin/$NAME
+# Hack-Alert(TM)!  This is necessary to get around the 'reload'-problem
+# created by recent OpenSSH daemon/ssd combinations. See Caldera internal
+# PR [linux/8278] for details...
+PIDF=/var/run/$NAME.pid
+NAME=$DAEMON
+
+_status() {
+  [ -z "$1" ] || local pidf="$1"
+  local ret=-1
+  local pid
+  if [ -n "$pidf" ] && [  -r "$pidf" ]; then
+    pid=$(head -1 $pidf)
+  else
+    pid=$(pidof $NAME)
+  fi
+
+  if [ ! -e $SVIlock ]; then
+    # no lock-file => not started == stopped?
+    ret=3
+  elif { [ -n "$pidf" ] && [ ! -f "$pidf" ] } || [ -z "$pid" ]; then
+    # pid-file given but not present or no pid => died, but was not stopped
+    ret=2
+  elif [ -r /proc/$pid/cmdline ] &&
+       echo -ne $NAME'\000' | cmp -s - /proc/$pid/cmdline; then
+    # pid-file given and present or pid found => check process...
+    # but don't compare exe, as this will fail after an update!
+    # compares OK => all's well, that ends well...
+    ret=0
+  else
+    # no such process or exe does not match => stale pid-file or process died
+    #   just recently...
+    ret=1
+  fi
+  return $ret
 }
 
-# See how we were called.
+# Source function library (and set vital variables).
+. @SVIdir@/functions
+
 case "$1" in
-  start)
-	# Create keys if necessary
-	do_rsa1_keygen
-	do_rsa_keygen
-	do_dsa_keygen
-
-        # Start daemons.
-	[ ! -e $LOCK ] || exit 1
-	echo -n "Starting $SUBSYS services: "
-	start-stop-daemon -S -n $IDENT -x $DAEMON -- $DAEMON_ARGS
-	sleep 1
-        echo .
-	touch $LOCK
-        ;;
-  stop)
-        # Stop daemons.
-	[ -e $LOCK ] || exit 0
-	echo -n "Stopping $SUBSYS services: "
-	start-stop-daemon -K -n $IDENT -x $DAEMON
-        echo
-	rm -f $LOCK
-        ;;
-	restart)
-		$0 stop
-		$0 start
-		;;
-  *)
-        echo "Usage: $SUBSYS {start|stop|restart}"
-        exit 1
+ start)
+  [ ! -e $SVIlock ] || exit 0
+  [ -x $DAEMON ] || exit 5
+  SVIemptyConfig @sysconfdir@/sshd_config && exit 6
+
+  if [ ! \( -f @sysconfdir@/ssh_host_key -a            \
+            -f @sysconfdir@/ssh_host_key.pub \) -a     \
+       ! \( -f @sysconfdir@/ssh_host_rsa_key -a        \
+            -f @sysconfdir@/ssh_host_rsa_key.pub \) -a \
+       ! \( -f @sysconfdir@/ssh_host_dsa_key -a        \
+            -f @sysconfdir@/ssh_host_dsa_key.pub \) ]; then
+
+    echo "$SVIsubsys: host key not initialized: skipped!"
+    echo "$SVIsubsys: use ssh-host-keygen to generate one!"
+    exit 6
+  fi
+
+  echo -n "Starting $SVIsubsys services: "
+  ssd -S -x $DAEMON -n $NAME -- $OPTIONS
+  ret=$?
+
+  echo  "."
+  touch $SVIlock
+  ;;
+
+ stop)
+  [ -e $SVIlock ] || exit 0
+
+  echo -n "Stopping $SVIsubsys services: "
+  ssd -K -p $PIDF -n $NAME
+  ret=$?
+
+  echo "."
+  rm -f $SVIlock
+  ;;
+
+ force-reload|reload)
+  [ -e $SVIlock ] || exit 0
+
+  echo "Reloading $SVIsubsys configuration files: "
+  ssd -K --signal 1 -q -p $PIDF -n $NAME
+  ret=$?
+  echo "done."
+  ;;
+
+ restart)
+  $0 stop
+  $0 start
+  ret=$?
+  ;;
+
+ status)
+  _status $PIDF
+  ret=$?
+  ;;
+
+ *)
+  echo "Usage: $SVIscript {[re]start|stop|[force-]reload|status}"
+  ret=2
+  ;;
+
 esac
 
-exit 0
+exit $ret
+