+#
+# Conditional build:
+# bcond_off_gnome - without gnome-askpass utility
Summary: OpenSSH free Secure Shell (SSH) implementation
+Summary(pl): Publicznie dostêpna implementacja bezpiecznego shella (SSH)
Name: openssh
-Version: 1.2pre17
-Release: 2
-Source0: http://violet.ibs.com.au/openssh/files/%{name}-%{version}.tar.gz
-Source1: opensshd.conf
-Source2: openssh.conf
-Source3: opensshd.init
-Source4: opensshd.pamd
-Source5: openssh.sysconfig
-Source6: passwd.pamd
-Patch1: openssh-DESTDIR.patch
-Patch2: openssh-PAM_NEW_AUTHTOK.patch
-Patch3: http://www.misiek.eu.org/ipv6/openssh-1.2pre17-ipv6-21121999.patch.gz
+Version: 2.3.0p1
+Release: 8
License: BSD
Group: Applications/Networking
+Group(de): Applikationen/Netzwerkwesen
Group(pl): Aplikacje/Sieciowe
-BuildRequires: openssl-devel >= 0.9.4-2
-BuildRequires: zlib-devel
-BuildRequires: pam-devel
+Source0: ftp://ftp.ca.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{name}-%{version}.tar.gz
+Source1: %{name}d.conf
+Source2: %{name}.conf
+Source3: %{name}d.init
+Source4: %{name}d.pamd
+Source5: %{name}.sysconfig
+Source6: passwd.pamd
+Patch0: %{name}-libwrap.patch
+Patch1: %{name}-LIBS.patch
+Patch2: %{name}-no_libnsl.patch
+Patch3: %{name}-securityfix.patch
+Patch4: %{name}-pam-session.patch
+URL: http://www.openssh.com/
BuildRequires: XFree86-devel
-BuildRequires: gnome-libs-devel
-BuildRoot: /tmp/%{name}-%{version}-root
-Obsoletes: ssh
+BuildRequires: autoconf
+%{!?bcond_off_gnome:BuildRequires: gnome-libs-devel}
+BuildRequires: gtk+-devel
+BuildRequires: openssl-devel >= 0.9.5a
+BuildRequires: pam-devel
+BuildRequires: zlib-devel
+BuildRequires: libwrap-devel
+BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+Prereq: openssl >= 0.9.5a
+Obsoletes: ssh < %{version}, ssh > %{version}
%define _sysconfdir /etc/ssh
%description
Ssh (Secure Shell) a program for logging into a remote machine and for
-executing commands in a remote machine. It is intended to replace
+executing commands in a remote machine. It is intended to replace
rlogin and rsh, and provide secure encrypted communications between
-two untrusted hosts over an insecure network. X11 connections and
+two untrusted hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over the secure channel.
-OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
-up to date in terms of security and features, as well as removing all
-patented algorithms to seperate libraries (OpenSSL).
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing
+it up to date in terms of security and features, as well as removing
+all patented algorithms to seperate libraries (OpenSSL).
This package includes the core files necessary for both the OpenSSH
-client and server. To make this package useful, you should also
+client and server. To make this package useful, you should also
install openssh-clients, openssh-server, or both.
+%description -l pl
+Ssh (Secure Shell) to program s³u¿±cy do logowania siê na zdaln±
+maszynê i uruchamiania na niej aplikacji. W zamierzeniu openssh ma
+zast±piæ rlogin, rsh i dostarczyæ bezpieczne, szyfrowane po³±czenie
+pomiedzy dwoma hostami.
+
%package clients
Summary: OpenSSH Secure Shell protocol clients
+Summary(pl): Klienci protoko³u Secure Shell
Requires: openssh
Group: Applications/Networking
+Group(de): Applikationen/Netzwerkwesen
Group(pl): Aplikacje/Sieciowe
-Obsoletes: ssh-clients
+Obsoletes: ssh-clients < %{version}, ssh-clients > %{version}
Requires: %{name} = %{version}
%description clients
Ssh (Secure Shell) a program for logging into a remote machine and for
-executing commands in a remote machine. It is intended to replace
+executing commands in a remote machine. It is intended to replace
rlogin and rsh, and provide secure encrypted communications between
-two untrusted hosts over an insecure network. X11 connections and
+two untrusted hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over the secure channel.
-OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
-up to date in terms of security and features, as well as removing all
-patented algorithms to seperate libraries (OpenSSL).
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing
+it up to date in terms of security and features, as well as removing
+all patented algorithms to seperate libraries (OpenSSL).
+
+This package includes the clients necessary to make encrypted
+connections to SSH servers.
+
+%description -l pl clients
+Ssh (Secure Shell) to program s³u¿±cy do logowania siê na zdaln±
+maszynê i uruchamiania na niej aplikacji. W zamierzeniu openssh ma
+zast±piæ rlogin, rsh i dostarczyæ bezpieczne, szyfrowane po³±czenie
+pomiedzy dwoma hostami.
-This package includes the clients necessary to make encrypted connections
-to SSH servers.
+Ten pakiet zawiera klientów s³u¿±cych do ³±czenia siê z serwerami SSH.
%package server
Summary: OpenSSH Secure Shell protocol server (sshd)
+Summary(pl): Serwer protoko³u Secure Shell (sshd)
Requires: openssh chkconfig >= 0.9
Group: Networking/Daemons
+Group(de): Netzwerkwesen/Server
Group(pl): Sieciowe/Serwery
-Obsoletes: ssh-server
-Requires: rc-scripts
+Obsoletes: ssh-server < %{version}, ssh-server > %{version}
+Requires: /bin/login
+Requires: util-linux
+Prereq: rc-scripts
+Prereq: chkconfig
Prereq: %{name} = %{version}
%description server
Ssh (Secure Shell) a program for logging into a remote machine and for
-executing commands in a remote machine. It is intended to replace
+executing commands in a remote machine. It is intended to replace
rlogin and rsh, and provide secure encrypted communications between
-two untrusted hosts over an insecure network. X11 connections and
+two untrusted hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over the secure channel.
-OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
-up to date in terms of security and features, as well as removing all
-patented algorithms to seperate libraries (OpenSSL).
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing
+it up to date in terms of security and features, as well as removing
+all patented algorithms to seperate libraries (OpenSSL).
-This package contains the secure shell daemon. The sshd is the server
-part of the secure shell protocol and allows ssh clients to connect to
+This package contains the secure shell daemon. The sshd is the server
+part of the secure shell protocol and allows ssh clients to connect to
your host.
-%package askpass
+%description -l pl server
+Ssh (Secure Shell) to program s³u¿±cy do logowania siê na zdaln±
+maszynê i uruchamiania na niej aplikacji. W zamierzeniu openssh ma
+zast±piæ rlogin, rsh i dostarczyæ bezpieczne, szyfrowane po³±czenie
+pomiedzy dwoma hostami.
+
+Ten pakiet zawiera serwer sshd (do którego mog± ³±czyæ siê klienci
+ssh).
+
+%package gnome-askpass
Summary: OpenSSH GNOME passphrase dialog
+Summary(pl): Odpytywacz has³a OpenSSH dla GNOME
Group: Applications/Networking
+Group(de): Applikationen/Netzwerkwesen
Group(pl): Aplikacje/Sieciowe
Requires: %{name} = %{version}
-Obsoletes: ssh-extras
-Obsoletes: ssh-askpass
+Obsoletes: ssh-extras < %{version}, ssh-extras > %{version}
+Obsoletes: ssh-askpass < %{version}, ssh-askpass > %{version}
+Obsoletes: openssh-askpass < %{version}, openssh-askpass > %{version}
-%description askpass
+%description gnome-askpass
Ssh (Secure Shell) a program for logging into a remote machine and for
-executing commands in a remote machine. It is intended to replace
+executing commands in a remote machine. It is intended to replace
rlogin and rsh, and provide secure encrypted communications between
-two untrusted hosts over an insecure network. X11 connections and
+two untrusted hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over the secure channel.
-OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
-up to date in terms of security and features, as well as removing all
-patented algorithms to seperate libraries (OpenSSL).
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing
+it up to date in terms of security and features, as well as removing
+all patented algorithms to seperate libraries (OpenSSL).
This package contains the GNOME passphrase dialog.
+%description -l pl gnome-askpass
+Ssh (Secure Shell) to program s³u¿±cy do logowania siê na zdaln±
+maszynê i uruchamiania na niej aplikacji. W zamierzeniu openssh ma
+zast±piæ rlogin, rsh i dostarczyæ bezpieczne, szyfrowane po³±czenie
+pomiedzy dwoma hostami.
+
+Ten pakiet zawiera ,,odpytywacz has³a'' dla GNOME.
%prep
%setup -q
-%patch1 -p1
+%patch0 -p1
+%patch1 -p1
%patch2 -p1
%patch3 -p1
+%patch4 -p1
%build
autoconf
%configure \
- --with-gnome-askpass \
+ %{!?bcond_off_gnome:--with-gnome-askpass} \
--with-tcp-wrappers \
--with-md5-passwords \
+ --with-ipaddr-display \
--enable-ipv6 \
+ --with-4in6 \
--enable-log-auth
-
-# --without-kerberos4 \
-# --without-afs \
-# --without-skey
echo '#define LOGIN_PROGRAM "/bin/login"' >>config.h
-make
+%{__make}
+
+%{!?bcond_off_gnome: cd contrib && gcc $RPM_OPT_FLAGS `gnome-config --cflags gnome gnomeui` } \
+%{!?bcond_off_gnome: gnome-ssh-askpass.c -o gnome-ssh-askpass } \
+%{!?bcond_off_gnome: `gnome-config --libs gnome gnomeui` }
%install
rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT{%{_sysconfdir},/etc/{pam.d,rc.d/init.d,sysconfig}}
+install -d $RPM_BUILD_ROOT{%{_sysconfdir},/etc/{pam.d,rc.d/init.d,sysconfig,security}}
-make install \
- DESTDIR="$RPM_BUILD_ROOT"
+%{__make} install DESTDIR="$RPM_BUILD_ROOT"
install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/sshd
install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/passwdssh
install %{SOURCE3} $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
install %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/ssh_config
install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sshd_config
+install -d $RPM_BUILD_ROOT%{_libexecdir}/ssh
+%{!?bcond_off_gnome:install contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/ssh/ssh-askpass}
+
+gzip -9nf ChangeLog OVERVIEW COPYING.Ylonen README README.Ylonen
-gzip -9fn ChangeLog OVERVIEW COPYING.Ylonen README README.Ylonen UPGRADING \
- $RPM_BUILD_ROOT/%{_mandir}/man*/*
+touch $RPM_BUILD_ROOT/etc/security/blacklist.sshd
%clean
rm -rf $RPM_BUILD_ROOT
%post server
/sbin/chkconfig --add sshd
-if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
- /usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' >&2
+if [ ! -f %{_sysconfdir}/ssh_host_key -o ! -s %{_sysconfdir}/ssh_host_key ]; then
+ %{_bindir}/ssh-keygen -b 1024 -f %{_sysconfdir}/ssh_host_key -N '' 1>&2
+ chmod 600 %{_sysconfdir}/ssh_host_key
fi
-if test -r /var/run/sshd.pid
-then
- /etc/rc.d/init.d/sshd restart >&2
+if [ ! -f %{_sysconfdir}/ssh_host_dsa_key -o ! -s %{_sysconfdir}/ssh_host_dsa_key ]; then
+ %{_bindir}/ssh-keygen -d -f %{_sysconfdir}/ssh_host_dsa_key -N '' 1>&2
+ chmod 600 %{_sysconfdir}/ssh_host_dsa_key
+fi
+if [ -f /var/lock/subsys/sshd ]; then
+ /etc/rc.d/init.d/sshd restart 1>&2
+else
+ echo "Run \"/etc/rc.d/init.d/sshd start\" to start openssh daemon."
fi
if ! grep ssh /etc/security/passwd.conf >/dev/null 2>&1 ; then
echo "ssh" >> /etc/security/passwd.conf
fi
%preun server
-if [ "$1" = 0 ]
-then
- /etc/rc.d/init.d/sshd stop >&2
+if [ "$1" = "0" ]; then
+ if [ -f /var/lock/subsys/sshd ]; then
+ /etc/rc.d/init.d/sshd stop 1>&2
+ fi
/sbin/chkconfig --del sshd
fi
%files
%defattr(644,root,root,755)
-%doc {ChangeLog,OVERVIEW,COPYING.Ylonen,README,README.Ylonen,UPGRADING}.gz
+%doc {ChangeLog,OVERVIEW,COPYING.Ylonen,README,README.Ylonen}.gz
%attr(755,root,root) %{_bindir}/ssh-keygen
%{_mandir}/man1/ssh-keygen.1*
%dir %{_sysconfdir}
%files clients
%defattr(644,root,root,755)
-# suid root ?
-#%attr(4755,root,root) %{_bindir}/ssh
%attr(0755,root,root) %{_bindir}/ssh
%attr(0755,root,root) %{_bindir}/ssh-agent
%attr(0755,root,root) %{_bindir}/ssh-add
-#%attr(0755,root,root) %{_bindir}/slogin
%attr(755,root,root) %{_bindir}/scp
%{_mandir}/man1/scp.1*
%{_mandir}/man1/ssh.1*
%{_mandir}/man1/ssh-agent.1*
%{_mandir}/man1/ssh-add.1*
-#%{_mandir}/man1/slogin.1
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/ssh_config
%files server
%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/pam.d/sshd
%attr(754,root,root) /etc/rc.d/init.d/sshd
%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/sysconfig/sshd
+%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/security/blacklist.sshd
-%files askpass
-%defattr(644,root,root,755)
-%dir %{_libexecdir}/ssh
-%attr(755,root,root) %{_libexecdir}/ssh/ssh-askpass
+%{!?bcond_off_gnome:%files gnome-askpass}
+%{!?bcond_off_gnome:%defattr(644,root,root,755)}
+%{!?bcond_off_gnome:%dir %{_libexecdir}/ssh}
+%{!?bcond_off_gnome:%attr(755,root,root) %{_libexecdir}/ssh/ssh-askpass}
projects / packages / openssh.git / blobdiff