wok view openssh/receipt @ rev 25673

Fix tcpdump path
author Pascal Bellard <pascal.bellard@slitaz.org>
date Mon Feb 26 14:52:00 2024 +0000 (8 months ago)
parents d88295c12cfc
children
line source
1 # SliTaz package receipt.
3 PACKAGE="openssh"
4 VERSION="9.3p1"
5 CATEGORY="security"
6 TAGS="ssh security"
7 SHORT_DESC="Openbsd Secure Shell."
8 MAINTAINER="pascal.bellard@slitaz.org"
9 LICENSE="BSD"
10 WEB_SITE="https://www.openssh.com/"
12 TARBALL="$PACKAGE-$VERSION.tar.gz"
13 WGET_URL="https://ftp.fr.openbsd.org/pub/OpenBSD/OpenSSH/portable/$TARBALL"
15 PROVIDE="ssh"
16 SUGGESTED="gtk+"
17 DEPENDS="libcrypto sftp-server zlib"
18 BUILD_DEPENDS="gtk+-dev libcrypto-dev openssl-dev zlib-dev"
19 SPLIT="sftp-server"
20 TAZPANEL_DAEMON="man::sshd|edit::/etc/ssh/sshd_config|options|web::$WEB_SITE"
22 CONFIG_FILES="/etc/ssh/*config /etc/ssh/moduli"
23 SECRET_FILES="/etc/ssh/*key*"
25 HOST_ARCH="i486 arm"
27 # @maintainer: Please update also sftp-server
29 # What is the latest version available today?
30 current_version()
31 {
32 wget -O - ${WGET_URL%/*}/ 2>/dev/null | \
33 sed '/tar..z"/!d;s|.*ssh-\(.*\).tar..z".*|\1|' | tail -n1
34 }
36 # Rules to configure and make the package.
37 compile_rules()
38 {
39 unset LD # for cross compiling with --disable-strip
40 ./configure \
41 --prefix=/usr \
42 --sysconfdir=/etc/ssh \
43 --libexecdir=/usr/sbin \
44 --with-privsep-user=nobody \
45 --with-xauth=/usr/bin/xauth \
46 --with-privsep-path=/var/run/sshd \
47 --without-pam \
48 --disable-strip \
49 $CONFIGURE_ARGS &&
50 make STRIP_OPT="" &&
51 make install -j 1 DESTDIR=$DESTDIR
52 install -d -m 755 $DESTDIR/usr/share/doc &&
53 install -m 644 $src/[A-Z][A-Z]* $DESTDIR/usr/share/doc
54 cd contrib &&
55 cc -Wall $(pkg-config --cflags gtk+-2.0) gnome-ssh-askpass2.c \
56 -o gnome-ssh-askpass $(pkg-config --libs gtk+-2.0) -lX11 &&
57 cp gnome-ssh-askpass $DESTDIR/usr/bin/ssh-askpass
58 }
60 # Rules to gen a SliTaz package suitable for Tazpkg.
61 genpkg_rules()
62 {
63 mkdir -p $fs/usr
64 mkdir -p $fs/etc/init.d
65 mkdir -p $fs/etc/ssh
67 cp -a $install/usr/sbin $fs/usr
68 cp -a $install/usr/bin $fs/usr
69 rm -f $fs/usr/sbin/sftp-server
70 install -m 755 -oroot -groot $src/contrib/ssh-copy-id \
71 $fs/usr/bin
72 cp $src/contrib/ssh-copy-id.1 $install/usr/share/man/cat1
73 cp -a $install/etc $fs
74 cp $stuff/openssh $fs/etc/init.d
75 sed -i 's|/usr/libexec/sftp-server|/usr/sbin/sftp-server|' \
76 $fs/etc/ssh/sshd_config
78 cat >> $fs/etc/ssh/ssh_config <<EOT
80 # client bug CVE-2016-0777 and CVE-2016-0778
81 Host *
82 UseRoaming no
84 # From https://wiki.gentoo.org/wiki/SSH_jump_host
85 Host *+*
86 ProxyCommand ssh \$(echo %h | sed 's/+[^+]*$//;s/\\([^+%%]*\\)%%\\([^+]*\\)\$/\\2 -l \\1/;s/:/ -p /') exec nc -w1 \$(echo %h | sed 's/^.*+//;/:/!s/\$/ %p/;s/:/ /')
88 EOT
89 }
91 post_install()
92 {
93 grep -q ssh "$1/etc/inetd.conf" ||
94 cat >> "$1/etc/inetd.conf" <<EOT
95 #ssh stream tcp nowait root sshd sshd -i
96 EOT
97 while read dropbear openssh
98 do
99 [ -s "$1$dropbear" ] || continue
100 [ -s "$1$openssh" ] && continue
101 chroot "$1/" dropbearconvert dropbear openssh $dropbear $openssh
102 chroot "$1/" dropbearkey -y -f $dropbear | grep ssh > "$1$openssh.pub"
103 chroot "$1/" dropbearkey -y -f $dropbear | grep Fingerprint
104 done <<EOT
105 /etc/dropbear/dropbear_rsa_host_key /etc/ssh/ssh_host_rsa_key
106 /etc/dropbear/dropbear_dss_host_key /etc/ssh/ssh_host_dsa_key
107 /etc/dropbear/dropbear_ecdsa_host_key /etc/ssh/ssh_host_ecdsa_key
108 /etc/dropbear/dropbear_ed25519_host_key /etc/ssh/ssh_host_ed25519_key
109 EOT
111 chroot "$1/" ssh-keygen -A
112 }
114 post_remove()
115 {
116 grep -q sshd "$1/etc/inetd.conf" &&
117 sed -i '/sshd/d' "$1/etc/inetd.conf"
118 }