# $NetBSD: Makefile,v 1.219 2014/05/22 03:14:01 taca Exp $ DISTNAME= openssh-6.6p1 PKGNAME= openssh-6.6.1 PKGREVISION= 1 SVR4_PKGNAME= ossh CATEGORIES= security MASTER_SITES= ftp://ftp.openssh.com/pub/OpenBSD/OpenSSH/portable/ \ ftp://ftp3.usa.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ ftp://gd.tuwien.ac.at/opsys/OpenBSD/OpenSSH/portable/ \ ftp://ftp.freenet.de/pub/ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ ftp://ftp.jaist.ac.jp/pub/OpenBSD/OpenSSH/portable/ \ ftp://ftp.belnet.be/packages/openbsd/OpenSSH/portable/ # Don't delete the last entry -- it's there if the pkgsrc version is not # up-to-date and the mirrors already removed the old distfile. MAINTAINER= pkgsrc-users@NetBSD.org HOMEPAGE= http://www.openssh.com/ COMMENT= Open Source Secure shell client and server (remote login program) CONFLICTS= sftp-[0-9]* CONFLICTS+= ssh-[0-9]* ssh6-[0-9]* CONFLICTS+= ssh2-[0-9]* ssh2-nox11-[0-9]* CONFLICTS+= openssh+gssapi-[0-9]* CONFLICTS+= lsh>2.0 USE_GCC_RUNTIME= yes USE_TOOLS+= perl CRYPTO= yes # retain the following line, for IPv6-ready pkgsrc webpage BUILD_DEFS+= IPV6_READY PKG_GROUPS_VARS+= OPENSSH_GROUP PKG_USERS_VARS+= OPENSSH_USER BUILD_DEFS+= OPENSSH_CHROOT BUILD_DEFS+= VARBASE INSTALL_TARGET= install-nokeys .include "options.mk" .if ${OPSYS} == "Interix" # OpenSSH on Interix has some important caveats MESSAGE_SRC= ${.CURDIR}/MESSAGE.Interix BUILDLINK_PASSTHRU_DIRS+= /usr/local/lib/bind CONFIGURE_ENV+= ac_cv_func_openpty=no CONFIGURE_ENV+= ac_cv_type_struct_timespec=yes CPPFLAGS+= -DIOV_MAX=16 # default is INT_MAX, way too large .if exists(/usr/local/include/bind/resolv.h) CPPFLAGS+= -I/usr/local/include/bind BUILDLINK_PASSTHRU_DIRS+= /usr/local/include/bind .elif exists(/usr/local/bind/include/resolv.h) CPPFLAGS+= -I/usr/local/bind/include BUILDLINK_PASSTHRU_DIRS+= /usr/local/bind/include .endif LDFLAGS+= -L/usr/local/lib/bind LIBS+= -lbind -ldb -lcrypt .else # not Interix PKG_GROUPS= ${OPENSSH_GROUP} PKG_USERS= ${OPENSSH_USER}:${OPENSSH_GROUP} PKG_GECOS.${OPENSSH_USER}= sshd privsep pseudo-user PKG_HOME.${OPENSSH_USER}= ${OPENSSH_CHROOT} .endif SSH_PID_DIR= ${VARBASE}/run # default directory for PID files PKG_SYSCONFSUBDIR= ssh GNU_CONFIGURE= yes CONFIGURE_ARGS+= --with-mantype=man CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR:Q} CONFIGURE_ARGS+= --with-pid-dir=${SSH_PID_DIR:Q} CONFIGURE_ARGS+= --with-ssl-dir=${SSLBASE:Q} CONFIGURE_ARGS+= --with-tcp-wrappers=${BUILDLINK_PREFIX.tcp_wrappers} .if ${OPSYS} != "Interix" CONFIGURE_ARGS+= --with-privsep-path=${OPENSSH_CHROOT:Q} CONFIGURE_ARGS+= --with-privsep-user=${OPENSSH_USER:Q} .endif # pkgsrc already enforces a "secure" version of zlib via dependencies, # so skip this bogus version check. CONFIGURE_ARGS+= --without-zlib-version-check # the openssh configure script finds and uses ${LD} if defined and # defaults to ${CC} if not. we override LD here, since running the # linker directly results in undefined symbols for obvious reasons. # CONFIGURE_ENV+= LD=${CC:Q} # Enable S/Key support on NetBSD, Darwin, and Solaris. .if (${OPSYS} == "NetBSD") || (${OPSYS} == "Darwin") || (${OPSYS} == "SunOS") . include "../../security/skey/buildlink3.mk" CONFIGURE_ARGS+= --with-skey=${BUILDLINK_PREFIX.skey} .else CONFIGURE_ARGS+= --without-skey .endif .if (${OPSYS} == "NetBSD") . if exists(/usr/include/utmpx.h) # if we have utmpx et al do not try to use login() CONFIGURE_ARGS+= --disable-libutil . endif # # NetBSD current after 2011/03/12 has incompatible strnvis(3) and # prior version don't have it. So, disable use of strnvis(3) now. # CONFIGURE_ENV+= ac_cv_func_strnvis=no .endif .if (${OPSYS} == "SunOS") && (${OS_VERSION} == "5.8" || ${OS_VERSION} == "5.9") CONFIGURE_ARGS+= --disable-utmp --disable-wtmp .endif .if ${OPSYS} == "Linux" CONFIGURE_ARGS+= --enable-md5-password .endif # The ssh-askpass program is in ${X11BASE}/bin or ${X11PREFIX}/bin depending # on if it's part of the X11 distribution, or if it's installed from pkgsrc # (security/ssh-askpass). # .if exists(${X11BASE}/bin/ssh-askpass) ASKPASS_PROGRAM= ${X11BASE}/bin/ssh-askpass .else ASKPASS_PROGRAM= ${X11PREFIX}/bin/ssh-askpass .endif CONFIGURE_ENV+= ASKPASS_PROGRAM=${ASKPASS_PROGRAM:Q} MAKE_ENV+= ASKPASS_PROGRAM=${ASKPASS_PROGRAM:Q} # do the same for xauth .if exists(${X11BASE}/bin/xauth) CONFIGURE_ARGS+= --with-xauth=${X11BASE}/bin/xauth .else CONFIGURE_ARGS+= --with-xauth=${X11PREFIX}/bin/xauth .endif CONFS= ssh_config sshd_config moduli PLIST_VARS+= prng .if exists(/dev/urandom) . if ${OPSYS} == "NetBSD" MESSAGE_SRC+= ${.CURDIR}/MESSAGE.urandom . endif .else CONFIGURE_ARGS+= --without-random CONFS+= ssh_prng_cmds PLIST.prng= yes .endif EGDIR= ${PREFIX}/share/examples/${PKGBASE} CONF_FILES= # empty .for f in ${CONFS} CONF_FILES+= ${EGDIR}/${f} ${PKG_SYSCONFDIR}/${f} .endfor OWN_DIRS= ${OPENSSH_CHROOT} RCD_SCRIPTS= sshd RCD_SCRIPT_SRC.sshd= ${WRKDIR}/sshd.sh SMF_METHODS= sshd FILES_SUBST+= SSH_PID_DIR=${SSH_PID_DIR:Q} SUBST_CLASSES+= patch SUBST_STAGE.patch= pre-configure SUBST_FILES.patch= session.c SUBST_SED.patch= -e '/channel_input_port_forward_request/s/0/ROOTUID/' SUBST_MESSAGE.patch= More patch a file. .include "../../devel/zlib/buildlink3.mk" .include "../../security/openssl/buildlink3.mk" .include "../../security/tcp_wrappers/buildlink3.mk" # # type of key "ecdsa" isn't always supported depends on OpenSSL. # post-configure: if ${EGREP} -q '^\#define[ ]+OPENSSL_HAS_ECC' \ ${WRKSRC}/config.h; then \ ${SED} -e '/HAVE_ECDSA/s/.*//' \ ${FILESDIR}/sshd.sh > ${WRKDIR}/sshd.sh; \ else \ ${SED} -e '/HAVE_ECDSA_START/,/HAVE_ECDSA_STOP/d' \ ${FILESDIR}/sshd.sh > ${WRKDIR}/sshd.sh; \ fi post-install: ${INSTALL_DATA_DIR} ${DESTDIR}${EGDIR} cd ${WRKSRC}; for file in ${CONFS}; do \ ${INSTALL_DATA} $${file}.out ${DESTDIR}${EGDIR}/$${file}; \ done .if !empty(PKG_OPTIONS:Mpam) && ${OPSYS} == "Linux" ${INSTALL_DATA} ${WRKSRC}/contrib/sshd.pam.generic \ ${DESTDIR}${EGDIR}/sshd.pam .endif .include "../../mk/bsd.pkg.mk"