+#
+# Conditional build:
+# bcond_off_gnome - without gnome-askpass utility
Summary: OpenSSH free Secure Shell (SSH) implementation
-Summary(pl): ,,wolna'' implementacja bezpiecznego shella (SSH)
+Summary(pl): Publicznie dostêpna implementacja bezpiecznego shella (SSH)
Name: openssh
-Version: 2.1.1p2
-Release: 1
+Version: 2.3.0p1
+Release: 8
License: BSD
Group: Applications/Networking
+Group(de): Applikationen/Netzwerkwesen
Group(pl): Aplikacje/Sieciowe
-URL: http://www.openssh.com/
Source0: ftp://ftp.ca.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{name}-%{version}.tar.gz
-Source1: opensshd.conf
-Source2: openssh.conf
-Source3: opensshd.init
-Source4: opensshd.pamd
-Source5: openssh.sysconfig
+Source1: %{name}d.conf
+Source2: %{name}.conf
+Source3: %{name}d.init
+Source4: %{name}d.pamd
+Source5: %{name}.sysconfig
Source6: passwd.pamd
-Patch0: openssh-PAM_NEW_AUTHTOK.patch
-Patch1: openssh-libwrap.patch
-Patch2: openssh-LIBS.patch
-BuildRequires: openssl-devel >= 0.9.5a
-BuildRequires: rpm >= 3.0.4
-BuildRequires: zlib-devel
-BuildRequires: pam-devel
+Patch0: %{name}-libwrap.patch
+Patch1: %{name}-LIBS.patch
+Patch2: %{name}-no_libnsl.patch
+Patch3: %{name}-securityfix.patch
+Patch4: %{name}-pam-session.patch
+URL: http://www.openssh.com/
BuildRequires: XFree86-devel
-BuildRequires: gnome-libs-devel
+BuildRequires: autoconf
+%{!?bcond_off_gnome:BuildRequires: gnome-libs-devel}
BuildRequires: gtk+-devel
+BuildRequires: openssl-devel >= 0.9.5a
+BuildRequires: pam-devel
+BuildRequires: zlib-devel
+BuildRequires: libwrap-devel
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
Prereq: openssl >= 0.9.5a
Obsoletes: ssh < %{version}, ssh > %{version}
Summary(pl): Klienci protoko³u Secure Shell
Requires: openssh
Group: Applications/Networking
+Group(de): Applikationen/Netzwerkwesen
Group(pl): Aplikacje/Sieciowe
Obsoletes: ssh-clients < %{version}, ssh-clients > %{version}
Requires: %{name} = %{version}
Summary(pl): Serwer protoko³u Secure Shell (sshd)
Requires: openssh chkconfig >= 0.9
Group: Networking/Daemons
+Group(de): Netzwerkwesen/Server
Group(pl): Sieciowe/Serwery
Obsoletes: ssh-server < %{version}, ssh-server > %{version}
-Requires: rc-scripts
Requires: /bin/login
Requires: util-linux
-Prereq: pam
+Prereq: rc-scripts
+Prereq: chkconfig
Prereq: %{name} = %{version}
%description server
Summary: OpenSSH GNOME passphrase dialog
Summary(pl): Odpytywacz has³a OpenSSH dla GNOME
Group: Applications/Networking
+Group(de): Applikationen/Netzwerkwesen
Group(pl): Aplikacje/Sieciowe
Requires: %{name} = %{version}
Obsoletes: ssh-extras < %{version}, ssh-extras > %{version}
%patch0 -p1
%patch1 -p1
%patch2 -p1
+%patch3 -p1
+%patch4 -p1
%build
autoconf
-LDFLAGS="-s"; export LDFLAGS
%configure \
- --with-gnome-askpass \
+ %{!?bcond_off_gnome:--with-gnome-askpass} \
--with-tcp-wrappers \
--with-md5-passwords \
--with-ipaddr-display \
echo '#define LOGIN_PROGRAM "/bin/login"' >>config.h
%{__make}
-cd contrib && gcc $RPM_OPT_FLAGS `gnome-config --cflags gnome gnomeui` \
- gnome-ssh-askpass.c -o gnome-ssh-askpass \
- `gnome-config --libs gnome gnomeui`
+
+%{!?bcond_off_gnome: cd contrib && gcc $RPM_OPT_FLAGS `gnome-config --cflags gnome gnomeui` } \
+%{!?bcond_off_gnome: gnome-ssh-askpass.c -o gnome-ssh-askpass } \
+%{!?bcond_off_gnome: `gnome-config --libs gnome gnomeui` }
%install
rm -rf $RPM_BUILD_ROOT
install %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/ssh_config
install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sshd_config
install -d $RPM_BUILD_ROOT%{_libexecdir}/ssh
-install contrib/gnome-ssh-askpass \
- $RPM_BUILD_ROOT%{_libexecdir}/ssh/ssh-askpass
+%{!?bcond_off_gnome:install contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/ssh/ssh-askpass}
-gzip -9nf ChangeLog OVERVIEW COPYING.Ylonen README README.Ylonen UPGRADING \
- $RPM_BUILD_ROOT/%{_mandir}/man*/*
+gzip -9nf ChangeLog OVERVIEW COPYING.Ylonen README README.Ylonen
touch $RPM_BUILD_ROOT/etc/security/blacklist.sshd
/sbin/chkconfig --add sshd
if [ ! -f %{_sysconfdir}/ssh_host_key -o ! -s %{_sysconfdir}/ssh_host_key ]; then
%{_bindir}/ssh-keygen -b 1024 -f %{_sysconfdir}/ssh_host_key -N '' 1>&2
+ chmod 600 %{_sysconfdir}/ssh_host_key
fi
if [ ! -f %{_sysconfdir}/ssh_host_dsa_key -o ! -s %{_sysconfdir}/ssh_host_dsa_key ]; then
%{_bindir}/ssh-keygen -d -f %{_sysconfdir}/ssh_host_dsa_key -N '' 1>&2
+ chmod 600 %{_sysconfdir}/ssh_host_dsa_key
fi
if [ -f /var/lock/subsys/sshd ]; then
/etc/rc.d/init.d/sshd restart 1>&2
fi
%preun server
-if [ "$1" = 0 ]; then
+if [ "$1" = "0" ]; then
if [ -f /var/lock/subsys/sshd ]; then
/etc/rc.d/init.d/sshd stop 1>&2
fi
%files
%defattr(644,root,root,755)
-%doc {ChangeLog,OVERVIEW,COPYING.Ylonen,README,README.Ylonen,UPGRADING}.gz
+%doc {ChangeLog,OVERVIEW,COPYING.Ylonen,README,README.Ylonen}.gz
%attr(755,root,root) %{_bindir}/ssh-keygen
%{_mandir}/man1/ssh-keygen.1*
%dir %{_sysconfdir}
%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/sysconfig/sshd
%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/security/blacklist.sshd
-%files gnome-askpass
-%defattr(644,root,root,755)
-%dir %{_libexecdir}/ssh
-%attr(755,root,root) %{_libexecdir}/ssh/ssh-askpass
+%{!?bcond_off_gnome:%files gnome-askpass}
+%{!?bcond_off_gnome:%defattr(644,root,root,755)}
+%{!?bcond_off_gnome:%dir %{_libexecdir}/ssh}
+%{!?bcond_off_gnome:%attr(755,root,root) %{_libexecdir}/ssh/ssh-askpass}