Annotation of pkgsrc/security/openssh/Makefile, Revision 1.248
1.248 ! rillig 1: # $NetBSD: Makefile,v 1.247 2016/07/10 10:40:23 rillig Exp $
1.1 christos 2:
1.243 bsiegert 3: DISTNAME= openssh-7.2p2
4: PKGNAME= ${DISTNAME:S/p2/.2/}
1.246 wiz 5: PKGREVISION= 3
1.1 christos 6: CATEGORIES= security
1.227 jperkin 7: MASTER_SITES= ${MASTER_SITE_OPENBSD:=OpenSSH/portable/}
1.1 christos 8:
1.165 jlam 9: MAINTAINER= pkgsrc-users@NetBSD.org
1.6 wiz 10: HOMEPAGE= http://www.openssh.com/
1.39 wiz 11: COMMENT= Open Source Secure shell client and server (remote login program)
1.46 wennmach 12:
1.56 jlam 13: CONFLICTS= sftp-[0-9]*
1.140 grant 14: CONFLICTS+= ssh-[0-9]* ssh6-[0-9]*
15: CONFLICTS+= ssh2-[0-9]* ssh2-nox11-[0-9]*
1.103 jwise 16: CONFLICTS+= openssh+gssapi-[0-9]*
1.149 wiz 17: CONFLICTS+= lsh>2.0
1.247 rillig 18: BROKEN_ON_PLATFORM+= OpenBSD-*-*
1.1 christos 19:
1.217 jperkin 20: USE_GCC_RUNTIME= yes
1.233 taca 21: USE_TOOLS+= autoconf perl
1.8 fredb 22:
1.28 fredb 23: CRYPTO= yes
24:
1.99 jmmv 25: # retain the following line, for IPv6-ready pkgsrc webpage
1.183 jlam 26: BUILD_DEFS+= IPV6_READY
1.1 christos 27:
1.180 jlam 28: PKG_GROUPS_VARS+= OPENSSH_GROUP
29: PKG_USERS_VARS+= OPENSSH_USER
30: BUILD_DEFS+= OPENSSH_CHROOT
1.172 taca 31: BUILD_DEFS+= VARBASE
32:
1.61 jlam 33: INSTALL_TARGET= install-nokeys
1.147 tv 34:
1.150 reed 35: .include "options.mk"
36:
1.231 wiz 37: # fixes: dyld: Symbol not found: _allow_severity
1.240 jperkin 38: CONFIGURE_ARGS.Darwin+= --disable-strip
1.231 wiz 39:
1.240 jperkin 40: # OpenSSH on Interix has some important caveats
1.147 tv 41: .if ${OPSYS} == "Interix"
42: MESSAGE_SRC= ${.CURDIR}/MESSAGE.Interix
1.198 obache 43: BUILDLINK_PASSTHRU_DIRS+= /usr/local/lib/bind
1.147 tv 44: CONFIGURE_ENV+= ac_cv_func_openpty=no
45: CONFIGURE_ENV+= ac_cv_type_struct_timespec=yes
1.175 tv 46: CPPFLAGS+= -DIOV_MAX=16 # default is INT_MAX, way too large
1.248 ! rillig 47: . if exists(/usr/local/include/bind/resolv.h)
1.147 tv 48: CPPFLAGS+= -I/usr/local/include/bind
1.198 obache 49: BUILDLINK_PASSTHRU_DIRS+= /usr/local/include/bind
1.248 ! rillig 50: . elif exists(/usr/local/bind/include/resolv.h)
1.198 obache 51: CPPFLAGS+= -I/usr/local/bind/include
52: BUILDLINK_PASSTHRU_DIRS+= /usr/local/bind/include
1.248 ! rillig 53: . endif
1.147 tv 54: LDFLAGS+= -L/usr/local/lib/bind
55: LIBS+= -lbind -ldb -lcrypt
56:
57: .else # not Interix
58:
1.177 wiz 59: PKG_GROUPS= ${OPENSSH_GROUP}
1.167 jlam 60: PKG_USERS= ${OPENSSH_USER}:${OPENSSH_GROUP}
61:
62: PKG_GECOS.${OPENSSH_USER}= sshd privsep pseudo-user
63: PKG_HOME.${OPENSSH_USER}= ${OPENSSH_CHROOT}
1.89 grant 64:
1.147 tv 65: .endif
66:
1.145 xtraeme 67: SSH_PID_DIR= ${VARBASE}/run # default directory for PID files
1.35 wiz 68:
1.76 jlam 69: PKG_SYSCONFSUBDIR= ssh
1.82 jlam 70:
1.18 jlam 71: GNU_CONFIGURE= yes
1.122 xtraeme 72: CONFIGURE_ARGS+= --with-mantype=man
1.248 ! rillig 73: CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR}
! 74: CONFIGURE_ARGS+= --with-pid-dir=${SSH_PID_DIR}
1.88 jlam 75: CONFIGURE_ARGS+= --with-tcp-wrappers=${BUILDLINK_PREFIX.tcp_wrappers}
1.147 tv 76:
77: .if ${OPSYS} != "Interix"
1.162 rillig 78: CONFIGURE_ARGS+= --with-privsep-path=${OPENSSH_CHROOT:Q}
1.248 ! rillig 79: CONFIGURE_ARGS+= --with-privsep-user=${OPENSSH_USER}
1.147 tv 80: .endif
1.112 jschauma 81:
1.160 grant 82: # pkgsrc already enforces a "secure" version of zlib via dependencies,
83: # so skip this bogus version check.
84: CONFIGURE_ARGS+= --without-zlib-version-check
85:
1.245 alnsn 86: .if ${_PKGSRC_MKPIE} != "no"
87: CONFIGURE_ARGS+= --with-pie
88: .endif
89:
1.119 grant 90: # the openssh configure script finds and uses ${LD} if defined and
91: # defaults to ${CC} if not. we override LD here, since running the
92: # linker directly results in undefined symbols for obvious reasons.
93: #
1.121 jlam 94: CONFIGURE_ENV+= LD=${CC:Q}
1.114 grant 95:
1.133 jlam 96: # Enable S/Key support on NetBSD, Darwin, and Solaris.
97: .if (${OPSYS} == "NetBSD") || (${OPSYS} == "Darwin") || (${OPSYS} == "SunOS")
1.126 wiz 98: . include "../../security/skey/buildlink3.mk"
1.88 jlam 99: CONFIGURE_ARGS+= --with-skey=${BUILDLINK_PREFIX.skey}
100: .else
101: CONFIGURE_ARGS+= --without-skey
1.85 grant 102: .endif
1.54 kim 103:
1.201 taca 104: .if (${OPSYS} == "NetBSD")
105: . if exists(/usr/include/utmpx.h)
1.129 markd 106: # if we have utmpx et al do not try to use login()
107: CONFIGURE_ARGS+= --disable-libutil
1.201 taca 108: . endif
109: #
110: # NetBSD current after 2011/03/12 has incompatible strnvis(3) and
111: # prior version don't have it. So, disable use of strnvis(3) now.
112: #
113: CONFIGURE_ENV+= ac_cv_func_strnvis=no
1.245 alnsn 114: #
115: # workaround for ./configure problem, pkg/50936
116: #
117: CONFIGURE_ENV+= ac_cv_func_reallocarray=no
1.129 markd 118: .endif
1.201 taca 119:
1.132 jlam 120: .if (${OPSYS} == "SunOS") && (${OS_VERSION} == "5.8" || ${OS_VERSION} == "5.9")
1.128 markd 121: CONFIGURE_ARGS+= --disable-utmp --disable-wtmp
122: .endif
1.240 jperkin 123:
124: CONFIGURE_ARGS.Linux+= --enable-md5-password
1.128 markd 125:
1.232 joerg 126: # The ssh-askpass program is in ${X11BASE}/bin or ${PREFIX}/bin depending
1.27 jlam 127: # on if it's part of the X11 distribution, or if it's installed from pkgsrc
1.61 jlam 128: # (security/ssh-askpass).
1.21 jlam 129: #
1.27 jlam 130: .if exists(${X11BASE}/bin/ssh-askpass)
1.61 jlam 131: ASKPASS_PROGRAM= ${X11BASE}/bin/ssh-askpass
1.27 jlam 132: .else
1.232 joerg 133: ASKPASS_PROGRAM= ${PREFIX}/bin/ssh-askpass
1.27 jlam 134: .endif
1.161 rillig 135: CONFIGURE_ENV+= ASKPASS_PROGRAM=${ASKPASS_PROGRAM:Q}
136: MAKE_ENV+= ASKPASS_PROGRAM=${ASKPASS_PROGRAM:Q}
1.12 itojun 137:
1.144 grant 138: # do the same for xauth
139: .if exists(${X11BASE}/bin/xauth)
140: CONFIGURE_ARGS+= --with-xauth=${X11BASE}/bin/xauth
141: .else
1.232 joerg 142: CONFIGURE_ARGS+= --with-xauth=${PREFIX}/bin/xauth
1.144 grant 143: .endif
144:
1.155 jlam 145: CONFS= ssh_config sshd_config moduli
1.52 tron 146:
1.235 jperkin 147: PLIST_VARS+= darwin prng
1.218 taca 148:
1.61 jlam 149: .if exists(/dev/urandom)
1.139 reed 150: . if ${OPSYS} == "NetBSD"
1.61 jlam 151: MESSAGE_SRC+= ${.CURDIR}/MESSAGE.urandom
1.139 reed 152: . endif
1.61 jlam 153: .else
154: CONFIGURE_ARGS+= --without-random
155: CONFS+= ssh_prng_cmds
1.218 taca 156: PLIST.prng= yes
1.34 tron 157: .endif
1.54 kim 158:
1.61 jlam 159: EGDIR= ${PREFIX}/share/examples/${PKGBASE}
1.235 jperkin 160:
161: # enable privsep patches
162: .if ${OPSYS} == "Darwin"
163: CONF_FILES+= ${EGDIR}/org.openssh.sshd.sb ${PKG_SYSCONFDIR}/org.openssh.sshd.sb
164: CPPFLAGS+= -D__APPLE_SANDBOX_NAMED_EXTERNAL__
165: PLIST.darwin= yes
166: .endif
167:
1.172 taca 168: .for f in ${CONFS}
169: CONF_FILES+= ${EGDIR}/${f} ${PKG_SYSCONFDIR}/${f}
1.61 jlam 170: .endfor
1.89 grant 171: OWN_DIRS= ${OPENSSH_CHROOT}
1.61 jlam 172: RCD_SCRIPTS= sshd
1.202 taca 173: RCD_SCRIPT_SRC.sshd= ${WRKDIR}/sshd.sh
1.216 jperkin 174: SMF_METHODS= sshd
1.61 jlam 175:
1.248 ! rillig 176: FILES_SUBST+= SSH_PID_DIR=${SSH_PID_DIR}
1.107 jlam 177:
1.172 taca 178: SUBST_CLASSES+= patch
179: SUBST_STAGE.patch= pre-configure
1.235 jperkin 180: SUBST_FILES.patch= session.c sandbox-darwin.c
1.172 taca 181: SUBST_SED.patch= -e '/channel_input_port_forward_request/s/0/ROOTUID/'
1.235 jperkin 182: SUBST_VARS.patch= PKG_SYSCONFDIR
1.172 taca 183:
1.132 jlam 184: .include "../../devel/zlib/buildlink3.mk"
185: .include "../../security/tcp_wrappers/buildlink3.mk"
186:
1.202 taca 187: #
188: # type of key "ecdsa" isn't always supported depends on OpenSSL.
189: #
1.233 taca 190: pre-configure:
191: cd ${WRKSRC} && autoconf -i
192:
1.202 taca 193: post-configure:
194: if ${EGREP} -q '^\#define[ ]+OPENSSL_HAS_ECC' \
195: ${WRKSRC}/config.h; then \
196: ${SED} -e '/HAVE_ECDSA/s/.*//' \
197: ${FILESDIR}/sshd.sh > ${WRKDIR}/sshd.sh; \
198: else \
199: ${SED} -e '/HAVE_ECDSA_START/,/HAVE_ECDSA_STOP/d' \
200: ${FILESDIR}/sshd.sh > ${WRKDIR}/sshd.sh; \
201: fi
1.248 ! rillig 202: ${SED} -e 's,@VARBASE@,${VARBASE},g' \
1.235 jperkin 203: < ${FILESDIR}/org.openssh.sshd.sb.in \
204: > ${WRKDIR}/org.openssh.sshd.sb
1.202 taca 205:
1.5 hubertf 206: post-install:
1.188 tnn 207: ${INSTALL_DATA_DIR} ${DESTDIR}${EGDIR}
1.155 jlam 208: cd ${WRKSRC}; for file in ${CONFS}; do \
1.188 tnn 209: ${INSTALL_DATA} $${file}.out ${DESTDIR}${EGDIR}/$${file}; \
1.52 tron 210: done
1.157 reed 211: .if !empty(PKG_OPTIONS:Mpam) && ${OPSYS} == "Linux"
1.188 tnn 212: ${INSTALL_DATA} ${WRKSRC}/contrib/sshd.pam.generic \
213: ${DESTDIR}${EGDIR}/sshd.pam
1.138 reed 214: .endif
1.235 jperkin 215: .if ${OPSYS} == "Darwin"
216: ${INSTALL_DATA} ${WRKDIR}/org.openssh.sshd.sb \
217: ${DESTDIR}${EGDIR}/org.openssh.sshd.sb
218: .endif
1.1 christos 219:
220: .include "../../mk/bsd.pkg.mk"
CVSweb <webmaster@jp.NetBSD.org>