diff options
| author | Tim Rice <tim@multitalents.net> | 2001-11-03 11:09:32 -0800 |
|---|---|---|
| committer | Tim Rice <tim@multitalents.net> | 2001-11-03 11:09:32 -0800 |
| commit | e589a299a1c1cf26035cddf3996107500242ba1d (patch) | |
| tree | 9023b8d5300eab10dde2718cd03db0f7620ac536 | |
| parent | 14a5c99b5c84ab86b34baf4b9e8f454118164815 (diff) | |
[ contrib/caldera/openssh.spec contrib/caldera/sshd.init]V_3_0_P1
Updates from Raymund Will <ray@caldera.de>
[acconfig.h configure.in] Clean up login checks.
Problem reported by Jim Knoble <jmknoble@pobox.com>
| -rw-r--r-- | ChangeLog | 10 | ||||
| -rw-r--r-- | acconfig.h | 5 | ||||
| -rw-r--r-- | configure.ac | 18 | ||||
| -rw-r--r-- | contrib/caldera/openssh.spec | 236 | ||||
| -rwxr-xr-x | contrib/caldera/sshd.init | 4 |
5 files changed, 92 insertions, 181 deletions
@@ -1,4 +1,10 @@ -20011123 +20011103 + - (tim) [ contrib/caldera/openssh.spec contrib/caldera/sshd.init] Updates + from Raymund Will <ray@caldera.de> + [acconfig.h configure.in] Clean up login checks. + Problem reported by Jim Knoble <jmknoble@pobox.com> + +20011101 - (djm) Compat define for OpenSSL < 0.9.6 (No OPENSSL_free) 20011031 @@ -6795,4 +6801,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1630 2001/10/31 22:32:34 djm Exp $ +$Id: ChangeLog,v 1.1631 2001/11/03 19:09:32 tim Exp $ @@ -1,4 +1,4 @@ -/* $Id: acconfig.h,v 1.118 2001/10/22 00:53:59 tim Exp $ */ +/* $Id: acconfig.h,v 1.119 2001/11/03 19:09:33 tim Exp $ */ #ifndef _CONFIG_H #define _CONFIG_H @@ -178,9 +178,6 @@ /* Define if you want to specify the path to your wtmpx file */ #undef CONF_WTMPX_FILE -/* Define is libutil has login() function */ -#undef HAVE_LIBUTIL_LOGIN - /* Define if you want external askpass support */ #undef USE_EXTERNAL_ASKPASS diff --git a/configure.ac b/configure.ac index 39654a27..e1844eb5 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.3 2001/10/27 17:45:37 tim Exp $ +# $Id: configure.ac,v 1.4 2001/11/03 19:09:33 tim Exp $ AC_INIT AC_CONFIG_SRCDIR([ssh.c]) @@ -370,9 +370,6 @@ fi AC_CHECK_FUNC(getspnam, , AC_CHECK_LIB(gen, getspnam, LIBS="$LIBS -lgen")) -AC_CHECK_FUNC(login, , - AC_CHECK_LIB(util, login, - AC_DEFINE(HAVE_LIBUTIL_LOGIN) LIBS="$LIBS -lutil")) dnl zlib is required AC_ARG_WITH(zlib, @@ -426,6 +423,11 @@ AC_CHECK_FUNC(utimes, [], [ AC_CHECK_LIB(c89, utimes, LIBS="$LIBS -lc89") ] ) +dnl Checks for libutil functions +AC_CHECK_HEADERS(libutil.h) +AC_SEARCH_LIBS(login, util bsd, [AC_DEFINE(HAVE_LOGIN)]) +AC_CHECK_FUNCS(logout updwtmp logwtmp) + AC_FUNC_STRFTIME # Checks for header files. @@ -617,9 +619,6 @@ int main(int argc, char **argv) { dnl Checks for time functions AC_CHECK_FUNCS(gettimeofday time) -dnl Checks for libutil functions -AC_CHECK_HEADERS(libutil.h) -AC_CHECK_FUNCS(login logout updwtmp logwtmp) dnl Checks for utmp functions AC_CHECK_FUNCS(endutent getutent getutid getutline pututline setutent) AC_CHECK_FUNCS(utmpname) @@ -632,11 +631,6 @@ AC_CHECK_FUNC(getuserattr, [AC_CHECK_LIB(s, getuserattr, [LIBS="$LIBS -ls"; AC_DEFINE(HAVE_GETUSERATTR)])] ) -AC_CHECK_FUNC(login, - [AC_DEFINE(HAVE_LOGIN)], - [AC_CHECK_LIB(bsd, login, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_LOGIN)])] -) - AC_CHECK_FUNC(daemon, [AC_DEFINE(HAVE_DAEMON)], [AC_CHECK_LIB(bsd, daemon, [LIBS="$LIBS -lbsd"; AC_DEFINE(HAVE_DAEMON)])] diff --git a/contrib/caldera/openssh.spec b/contrib/caldera/openssh.spec index d8bea532..c9269953 100644 --- a/contrib/caldera/openssh.spec +++ b/contrib/caldera/openssh.spec @@ -1,30 +1,39 @@ -%define askpass 1.2.4.1 +%define use-stable 1 +%if %{use-stable} + %define version 3.0p1 + %define cvs %{nil} + %define release 1 +%else + %define version 3.0p1 + %define cvs cvs20011102 + %define release 0r1 +%endif +%define xsa x11-ssh-askpass +%define askpass %{xsa}-1.2.4.1 Name : openssh -Version : 3.0p1 -Release : 1 +Version : %{version}%{cvs} +Release : %{release} Group : System/Network -Summary : OpenSSH free Secure Shell (SSH) protocol implementation. -Summary(de) : OpenSSH - freie Implementation der Secure Shell (SSH). -Summary(es) : OpenSSH implementación libre de Secure Shell (SSH). -Summary(fr) : Implémentation libre du shell sécurisé OpenSSH (SSH). -Summary(it) : Implementazione gratuita OpenSSH della Secure Shell. -Summary(pt) : Implementação livre OpenSSH do protocolo 'Secure Shell' (SSH). -Summary(pt_BR) : Implementação livre OpenSSH do protocolo Secure Shell (SSH). +Summary : OpenSSH free Secure Shell (SSH) implementation. Copyright : BSD -Packager : Stephan Seyboth <sps@caldera.de> -#Icon : . +Packager : Raymund Will <ray@caldera.de> URL : http://www.openssh.com/ Obsoletes : ssh, ssh-clients, openssh-clients BuildRoot : /tmp/%{Name}-%{Version} -Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{Version}.tar.gz -Source1: http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/x11-ssh-askpass-%{askpass}.tar.gz -Source2: http://www.openssh.com/faq.html +# %{use-stable}==1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable +# %{use-stable}==0: :pserver:cvs@bass.directhit.com:/cvs/openssh_cvs +Source0: see-above:/.../openssh-%{Version}.tar.gz +%if %{use-stable} +Source1: see-above:/.../openssh-%{Version}.tar.gz.sig +%endif +Source2: http://www.ntrnet.net/~jmknoble/software/%{xsa}/%{askpass}.tar.gz +Source3: http://www.openssh.com/faq.html %Package server @@ -33,123 +42,23 @@ Requires : openssh = %{Version} Obsoletes : ssh-server Summary : OpenSSH Secure Shell protocol server (sshd). -Summary(de) : OpenSSH Secure Shell Protocol-Server (sshd). -Summary(es) : Servidor del protocolo OpenSSH Secure Shell (sshd). -Summary(fr) : Serveur de protocole du shell sécurisé OpenSSH (sshd). -Summary(it) : Server OpenSSH per il protocollo Secure Shell (sshd). -Summary(pt) : Servidor do protocolo 'Secure Shell' OpenSSH (sshd). -Summary(pt_BR) : Servidor do protocolo Secure Shell OpenSSH (sshd). %Package askpass Group : System/Network Requires : openssh = %{Version} +URL : http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/ Obsoletes : ssh-extras Summary : OpenSSH X11 pass-phrase dialog. -Summary(de) : OpenSSH X11 Passwort-Dialog. -Summary(es) : Aplicación de petición de frase clave OpenSSH X11. -Summary(fr) : Dialogue pass-phrase X11 d'OpenSSH. -Summary(it) : Finestra di dialogo X11 per la frase segreta di OpenSSH. -Summary(pt) : Diálogo de pedido de senha para X11 do OpenSSH. -Summary(pt_BR) : Diálogo de pedido de senha para X11 do OpenSSH. -%Description -OpenSSH (Secure Shell) provides access to a remote system. It replaces -telnet, rlogin, rexec, and rsh, and provides secure encrypted -communications between two untrusted hosts over an insecure network. -X11 connections and arbitrary TCP/IP ports can also be forwarded over -the secure channel. - -%Description -l de -OpenSSH (Secure Shell) stellt den Zugang zu anderen Rechnern her. Es ersetzt -telnet, rlogin, rexec und rsh und stellt eine sichere, verschlüsselte -Verbindung zwischen zwei nicht vertrauenswürdigen Hosts über eine unsicheres -Netzwerk her. X11 Verbindungen und beliebige andere TCP/IP Ports können ebenso -über den sicheren Channel weitergeleitet werden. - -%Description -l es -OpenSSH (Secure Shell) proporciona acceso a sistemas remotos. Reemplaza a -telnet, rlogin, rexec, y rsh, y proporciona comunicaciones seguras encriptadas -entre dos equipos entre los que no se ha establecido confianza a través de una -red insegura. Las conexiones X11 y puertos TCP/IP arbitrarios también pueden -ser canalizadas sobre el canal seguro. - -%Description -l fr -OpenSSH (Secure Shell) fournit un accès à un système distant. Il remplace -telnet, rlogin, rexec et rsh, tout en assurant des communications cryptées -securisées entre deux hôtes non fiabilisés sur un réseau non sécurisé. Des -connexions X11 et des ports TCP/IP arbitraires peuvent également être -transmis sur le canal sécurisé. - -%Description -l it -OpenSSH (Secure Shell) fornisce l'accesso ad un sistema remoto. -Sostituisce telnet, rlogin, rexec, e rsh, e fornisce comunicazioni sicure -e crittate tra due host non fidati su una rete non sicura. Le connessioni -X11 ad una porta TCP/IP arbitraria possono essere inoltrate attraverso -un canale sicuro. - -%Description -l pt -OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o -telnet, rlogin, rexec, e o rsh e fornece comunicações seguras e cifradas -entre duas máquinas sem confiança mútua sobre uma rede insegura. -Ligações X11 e portos TCP/IP arbitrários também poder ser reenviados -pelo canal seguro. - -%Description -l pt_BR -O OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o -telnet, rlogin, rexec, e o rsh e fornece comunicações seguras e criptografadas -entre duas máquinas sem confiança mútua sobre uma rede insegura. -Ligações X11 e portas TCP/IP arbitrárias também podem ser reenviadas -pelo canal seguro. - -%Description server -This package installs the sshd, the server portion of OpenSSH. - -%Description -l de server -Dieses Paket installiert den sshd, den Server-Teil der OpenSSH. - -%Description -l es server -Este paquete instala sshd, la parte servidor de OpenSSH. - -%Description -l fr server -Ce paquetage installe le 'sshd', partie serveur de OpenSSH. - -%Description -l it server -Questo pacchetto installa sshd, il server di OpenSSH. - -%Description -l pt server -Este pacote intala o sshd, o servidor do OpenSSH. - -%Description -l pt_BR server -Este pacote intala o sshd, o servidor do OpenSSH. - -%Description askpass -This package contains an X11-based passphrase dialog. - -%Description -l de askpass -Dieses Paket enthält einen X11-basierten Passwort Dialog. - -%Description -l es askpass -Este paquete contiene una aplicación para petición de frases-contraseña basada -en X11. - -%Description -l fr askpass -Ce paquetage contient un dialogue de passphrase basé sur X11. - -%Description -l it askpass -Questo pacchetto contiene una finestra di X11 che chiede la frase segreta. - -%Description -l pt askpass -Este pacote contém um diálogo de senha para o X11. - -%Description -l pt_BR askpass -Este pacote contem um diálogo de frase-senha para o X11. - %Prep -%setup -%setup -D -T -a1 +%setup %([ -z "%{cvs}" ] || echo "-n %{Name}_cvs") -a2 + +%if ! %{use-stable} + autoreconf +%endif %Build @@ -158,14 +67,13 @@ CFLAGS="$RPM_OPT_FLAGS" \ --prefix=/usr \ --sysconfdir=/etc/ssh \ --libexecdir=/usr/lib/ssh \ - --datadir=/usr/share/openssh \ --with-pam \ --with-tcp-wrappers \ --with-ipv4-default \ make -cd x11-ssh-askpass-%{askpass} +cd %{askpass} ./configure xmkmf make includes @@ -177,61 +85,51 @@ make make DESTDIR="$DESTDIR" install -make -C x11-ssh-askpass-%{askpass} DESTDIR="$DESTDIR" \ - BINDIR="/usr/lib/ssh" install - -%{fixManPages} - -# install remaining docs -NV="$DESTDIR%{_defaultdocdir}/%{Name}-%{Version}" -mkdir -p $NV -cp -a CREDITS ChangeLog LICENCE OVERVIEW README* TODO $NV -cp %{SOURCE2} $NV/faq.html -mkdir -p $NV/x11-ssh-askpass-%{askpass} -cp -a x11-ssh-askpass-%{askpass}/{README,ChangeLog,TODO,SshAskpass*.ad} \ - $NV/x11-ssh-askpass-%{askpass} - +make -C %{askpass} BINDIR="/usr/lib/ssh" install # OpenLinux specific configuration mkdir -p $DESTDIR/{etc/pam.d,%{SVIcdir},%{SVIdir}} # enabling X11 forwarding on the server is convenient and okay, -# on the client side it's a potential security risk! -%{fixUP} -vg $DESTDIR/etc/ssh/sshd_config 'X11Forwarding no' \ - 'X11Forwarding yes' - -cat <<-EOF >> $DESTDIR/etc/ssh/ssh_config - - # This retains the old behaviour of trying the SSH1 protocol - # before the more secure SSH2 one. Note that the SSH2 keys are - # stored in a different format so you will have to generate and - # distribute a new public/private key pair to migrate. See the - # ssh(1) man-page for details - Host * - Protocol 1,2 -EOF +# on the client side we consider it a potential security risk! +%{fixUP} -vT $DESTDIR/etc/ssh/sshd_config -e ' + s/X11Forwarding no/X11Forwarding yes/i' install -m644 contrib/caldera/sshd.pam $DESTDIR/etc/pam.d/sshd -# FIXME: disabled, find out why this doesn't work with nis -%{fixUP} -vg $DESTDIR/etc/pam.d/sshd '(.*pam_limits.*)' '#$1' +# FIXME: disabled, find out why this doesn't work with NIS +%{fixUP} -vT $DESTDIR/etc/pam.d/sshd -e 's/^(.*pam_limits.*)$/#$1/' install -m 0755 contrib/caldera/sshd.init $DESTDIR%{SVIdir}/sshd -%{fixUP} -T $DESTDIR/%{SVIdir} -e 's:\@SVIdir\@:%{SVIdir}:' -%{fixUP} -T $DESTDIR/%{SVIdir} -e 's:\@sysconfdir\@:/etc/ssh:' +%{fixUP} -vT $DESTDIR/%{SVIdir} -e 's:\@SVIdir\@:%{SVIdir}: + + s:\@sysconfdir\@:/etc/ssh:' cat <<-EoD > $DESTDIR%{SVIcdir}/sshd IDENT=sshd DESCRIPTIVE="OpenSSH secure shell daemon" # This service will be marked as 'skipped' on boot if there - # is no host key. Use ssh-host-keygen to generate one + # is no host key. Use ssh-host-keygen to generate one. ONBOOT="yes" OPTIONS="" EoD SKG=$DESTDIR/usr/sbin/ssh-host-keygen install -m 0755 contrib/caldera/ssh-host-keygen $SKG -%{fixUP} -T $SKG -e 's:\@sysconfdir\@:/etc/ssh:' -%{fixUP} -T $SKG -e 's:\@sshkeygen\@:/usr/bin/ssh-keygen:' +%{fixUP} -T $SKG -e 's:\@sysconfdir\@:/etc/ssh: + + s:\@sshkeygen\@:/usr/bin/ssh-keygen:' + + +# install remaining docs +DocD="$DESTDIR%{_defaultdocdir}/%{Name}-%{Version}"; mkdir -p $DocD/00-LEGAL +cp -a LICENCE $DocD/00-LEGAL +cp -a CREDITS ChangeLog OVERVIEW README* TODO $DocD +install -p -m 0444 -o 0 -g 0 %{SOURCE3} $DocD/faq.html +mkdir -p $DocD/%{askpass} +cp -a %{askpass}/{README,ChangeLog,TODO,SshAskpass*.ad} $DocD/%{askpass} + +cp -p %{askpass}/%{xsa}.man $DESTDIR/usr/man/man1/%{xsa}.1 +ln -s %{xsa}.1 $DESTDIR/usr/man/man1/ssh-askpass.1 + +%{fixManPages} # generate file lists @@ -245,10 +143,12 @@ askpass askpass EOF %{mkLists} -a -f %{Name} << 'EOF' ^/etc * prefix(%%config) -/usr/X11R6/lib/X11/app-defaults IGNORED +/usr/X11R6/lib/X11/app-defaults IGNORED +Ssh.bin IGNORED # for now [Aa]skpass askpass %{_defaultdocdir}/%{Name}-%{Version}/ base ssh-keygen base +moduli server sshd server sftp-server server .* base @@ -306,8 +206,22 @@ fi %defattr(-,root,root) +%Description +OpenSSH (Secure Shell) provides access to a remote system. It replaces +telnet, rlogin, rexec, and rsh, and provides secure encrypted +communications between two untrusted hosts over an insecure network. +X11 connections and arbitrary TCP/IP ports can also be forwarded over +the secure channel. + +%Description server +This package installs the sshd, the server portion of OpenSSH. + +%Description askpass +This package contains an X11-based pass-phrase dialog used per +default by ssh-add(1). It is based on %{askpass} +by Jim Knoble <jmknoble@pobox.com>. + %ChangeLog * Mon Jan 01 1998 ... -Template Version: 1.31 -$Id: openssh.spec,v 1.23 2001/10/24 21:06:08 mouring Exp $ +$Id: openssh.spec,v 1.24 2001/11/03 19:09:33 tim Exp $ diff --git a/contrib/caldera/sshd.init b/contrib/caldera/sshd.init index e60f8afe..90b36379 100755 --- a/contrib/caldera/sshd.init +++ b/contrib/caldera/sshd.init @@ -1,6 +1,6 @@ #! /bin/bash # -# $Id: sshd.init,v 1.2 2001/04/27 05:50:50 tim Exp $ +# $Id: sshd.init,v 1.3 2001/11/03 19:09:33 tim Exp $ # ### BEGIN INIT INFO # Provides: @@ -37,7 +37,7 @@ _status() { if [ ! -e $SVIlock ]; then # no lock-file => not started == stopped? ret=3 - elif { [ -n "$pidf" ] && [ ! -f "$pidf" ] } || [ -z "$pid" ]; then + elif [ -n "$pidf" -a ! -f "$pidf" ] || [ -z "$pid" ]; then # pid-file given but not present or no pid => died, but was not stopped ret=2 elif [ -r /proc/$pid/cmdline ] && |