Added support for OpenSSH-lpk

The OpenSSH LDAP Public Key patch provides an easy way of centralizing strong
user authentication by using an LDAP server for retrieving public keys instead
of ~/.ssh/authorized_keys.

4 files changed, 43 insertions, 7 deletions

diff --git a/security/openssh/Makefile b/security/openssh/Makefile
index f79f2751383..6c1a5c14655 100644
--- a/security/openssh/Makefile
+++ b/security/openssh/Makefile
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.205 2012/01/09 05:25:36 manu Exp $
+# $NetBSD: Makefile,v 1.206 2012/05/31 11:58:37 imil Exp $
 
 DISTNAME=		openssh-5.8p2
 PKGNAME=		openssh-5.8.2
@@ -177,6 +177,14 @@ SUBST_MESSAGE.patch=	More patch a file.
 .include "../../security/openssl/buildlink3.mk"
 .include "../../security/tcp_wrappers/buildlink3.mk"
 
+.if !empty(PKG_OPTIONS:Mldap)
+DOCDIR=			${PREFIX}/share/doc/openssh
+INSTALLATION_DIRS+=	${DOCDIR}
+
+pre-configure:
+	cd ${WRKSRC} && autoconf
+.endif
+
 #
 # type of key "ecdsa" isn't always supported depends on OpenSSL.
 #
@@ -199,5 +207,12 @@ post-install:
 	${INSTALL_DATA} ${WRKSRC}/contrib/sshd.pam.generic \
 	  ${DESTDIR}${EGDIR}/sshd.pam
 .endif
+.if !empty(PKG_OPTIONS:Mldap)
+	${INSTALL_DATA} ${WRKSRC}/README.lpk \
+		${DESTDIR}${DOCDIR}
+	cd ${WRKSRC}; for file in ${LPK_CONFS}; do			\
+		${INSTALL_DATA} $${file} ${DESTDIR}${EGDIR}/$${file};	\
+	done
+.endif
 
 .include "../../mk/bsd.pkg.mk"
diff --git a/security/openssh/PLIST.ldap b/security/openssh/PLIST.ldap
new file mode 100644
index 00000000000..f73e500acc5
--- /dev/null
+++ b/security/openssh/PLIST.ldap
@@ -0,0 +1,5 @@
+@comment $NetBSD: PLIST.ldap,v 1.1 2012/05/31 11:58:37 imil Exp $
+share/doc/openssh/README.lpk
+share/examples/openssh/lpk-user-example.txt
+share/examples/openssh/openssh-lpk_openldap.schema
+share/examples/openssh/openssh-lpk_sun.schema
diff --git a/security/openssh/distinfo b/security/openssh/distinfo
index 11eadac448d..144dc4f1dba 100644
--- a/security/openssh/distinfo
+++ b/security/openssh/distinfo
@@ -1,11 +1,11 @@
-$NetBSD: distinfo,v 1.81 2011/08/18 09:22:02 taca Exp $
+$NetBSD: distinfo,v 1.82 2012/05/31 11:58:37 imil Exp $
 
-SHA1 (openssh-5.8p1-hpn13v11.diff.gz) = ea61ab71605ee867eebc1a92875a3ea5369e2d28
-RMD160 (openssh-5.8p1-hpn13v11.diff.gz) = 45fbb8e2db2f829f2749cd745ed6a0542adb1c45
-Size (openssh-5.8p1-hpn13v11.diff.gz) = 22993 bytes
 SHA1 (openssh-5.8p2.tar.gz) = 64798328d310e4f06c9f01228107520adbc8b3e5
 RMD160 (openssh-5.8p2.tar.gz) = f70cdb10983c389b1d6e52da522b9ff8256f1aff
 Size (openssh-5.8p2.tar.gz) = 1115475 bytes
+SHA1 (openssh-lpk-5.8p2-0.3.14.patch.gz) = 9eab90211363e6ea74e250d072cf14b69516bc0e
+RMD160 (openssh-lpk-5.8p2-0.3.14.patch.gz) = ca008e5c8c1f43be334f6e4e598d79d0153e94e5
+Size (openssh-lpk-5.8p2-0.3.14.patch.gz) = 18656 bytes
 SHA1 (patch-aa) = 59a39e53367983145e11150018a7f6f185df7bd5
 SHA1 (patch-ab) = 45ae7e91a00fc6d3fdb6cd6b91950d7aae58a55f
 SHA1 (patch-ac) = 7cd1129633649327f4f44cecc10b617c5cd34ec3
diff --git a/security/openssh/options.mk b/security/openssh/options.mk
index 057e23a15a0..2893eeec940 100644
--- a/security/openssh/options.mk
+++ b/security/openssh/options.mk
@@ -1,9 +1,9 @@
-# $NetBSD: options.mk,v 1.22 2012/01/09 05:25:36 manu Exp $
+# $NetBSD: options.mk,v 1.23 2012/05/31 11:58:37 imil Exp $
 
 .include "../../mk/bsd.prefs.mk"
 
 PKG_OPTIONS_VAR=	PKG_OPTIONS.openssh
-PKG_SUPPORTED_OPTIONS=	kerberos hpn-patch pam
+PKG_SUPPORTED_OPTIONS=	kerberos hpn-patch ldap pam
 
 .include "../../mk/bsd.options.mk"
 
@@ -28,3 +28,19 @@ PLIST_SRC+=		${.CURDIR}/PLIST.pam
 MESSAGE_SRC+=		${.CURDIR}/MESSAGE.pam
 MESSAGE_SUBST+=		EGDIR=${EGDIR}
 .endif
+
+.if !empty(PKG_OPTIONS:Mldap)
+.include "../../databases/openldap-client/buildlink3.mk"
+USE_TOOLS+=		autoconf
+CONFIGURE_ARGS+=	--with-ldap
+LPK_CONFS+=		lpk-user-example.txt		\
+			openssh-lpk_openldap.schema	\
+			openssh-lpk_sun.schema
+PLIST_SRC+=		${.CURDIR}/PLIST.ldap
+
+LPK_VERS=		0.3.14
+OPENSSH_VERS=		${DISTNAME:S/openssh-//}
+PATCHFILES=		openssh-lpk-${OPENSSH_VERS}-${LPK_VERS}.patch.gz
+PATCH_SITES=		http://gentoo.mirrors.tera-byte.com/distfiles/
+PATCH_DIST_STRIP=	-p1
+.endif