diff options
| author | taca <taca@pkgsrc.org> | 2011-05-16 05:06:48 +0000 |
|---|---|---|
| committer | taca <taca@pkgsrc.org> | 2011-05-16 05:06:48 +0000 |
| commit | 0c29a4f649d4be3b6dbfe5ebbe141ec862f2ce32 (patch) | |
| tree | 649a6e66bcede798ed52f428d6ea154272bddd4e /security/openssh | |
| parent | 1a87a234a811c24cf1fed2faeadb7ba80ad85b0a (diff) | |
| download | pkgsrc-0c29a4f649d4be3b6dbfe5ebbe141ec862f2ce32.tar.gz | |
Maintenance of openssh pacakge:
1. Add support for check and create ECDSA host key for SSH protocol
version 2.
2. Disable use of strnvis(3) on NetBSD. NetBSD current after 2011/03/12
has strnvis(3), but it has different argument from OpenBSD (and other
system).
Bump PKGREVISION.
Diffstat (limited to 'security/openssh')
| -rw-r--r-- | security/openssh/Makefile | 13 | ||||
| -rw-r--r-- | security/openssh/files/sshd.sh | 12 |
2 files changed, 21 insertions, 4 deletions
diff --git a/security/openssh/Makefile b/security/openssh/Makefile index 83c67aad91a..ccb9510b2ba 100644 --- a/security/openssh/Makefile +++ b/security/openssh/Makefile @@ -1,7 +1,8 @@ -# $NetBSD: Makefile,v 1.200 2011/05/15 04:17:15 taca Exp $ +# $NetBSD: Makefile,v 1.201 2011/05/16 05:06:48 taca Exp $ DISTNAME= openssh-5.8p2 PKGNAME= openssh-5.8.2 +PKGREVISION= 1 SVR4_PKGNAME= ossh CATEGORIES= security MASTER_SITES= ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \ @@ -104,10 +105,18 @@ CONFIGURE_ARGS+= --with-skey=${BUILDLINK_PREFIX.skey} CONFIGURE_ARGS+= --without-skey .endif -.if (${OPSYS} == "NetBSD") && exists(/usr/include/utmpx.h) +.if (${OPSYS} == "NetBSD") +. if exists(/usr/include/utmpx.h) # if we have utmpx et al do not try to use login() CONFIGURE_ARGS+= --disable-libutil +. endif +# +# NetBSD current after 2011/03/12 has incompatible strnvis(3) and +# prior version don't have it. So, disable use of strnvis(3) now. +# +CONFIGURE_ENV+= ac_cv_func_strnvis=no .endif + .if (${OPSYS} == "SunOS") && (${OS_VERSION} == "5.8" || ${OS_VERSION} == "5.9") CONFIGURE_ARGS+= --disable-utmp --disable-wtmp .endif diff --git a/security/openssh/files/sshd.sh b/security/openssh/files/sshd.sh index f28b5f6473c..dae0fd1455f 100644 --- a/security/openssh/files/sshd.sh +++ b/security/openssh/files/sshd.sh @@ -1,6 +1,6 @@ #!@RCD_SCRIPTS_SHELL@ # -# $NetBSD: sshd.sh,v 1.11 2003/05/22 09:05:38 wiz Exp $ +# $NetBSD: sshd.sh,v 1.12 2011/05/16 05:06:49 taca Exp $ # # PROVIDE: sshd # REQUIRE: DAEMON LOGIN @@ -42,6 +42,13 @@ sshd_keygen() else ${keygen_command} -t rsa -f @PKG_SYSCONFDIR@/ssh_host_rsa_key -N '' fi + + if [ -f @PKG_SYSCONFDIR@/ssh_host_ecdsa_key ]; then + @ECHO@ "You already have a ECDSA host key in @PKG_SYSCONFDIR@/ssh_host_ecdsa_key" + @ECHO@ "Skipping protocol version 2 ECDSA Key Generation" + else + ${keygen_command} -t ecdsa -f @PKG_SYSCONFDIR@/ssh_host_ecdsa_key -N '' + fi ) } @@ -49,7 +56,8 @@ sshd_precmd() { if [ ! -f @PKG_SYSCONFDIR@/ssh_host_key -o \ ! -f @PKG_SYSCONFDIR@/ssh_host_dsa_key -o \ - ! -f @PKG_SYSCONFDIR@/ssh_host_rsa_key ]; then + ! -f @PKG_SYSCONFDIR@/ssh_host_rsa_key -o \ + ! -f @PKG_SYSCONFDIR@/ssh_host_ecdsa_key ]; then if [ -f /etc/rc.subr -a -f /etc/rc.conf -a -f /etc/rc.d/DAEMON ] then run_rc_command keygen |