#
# Conditional build:
-%bcond_without chroot # without chrooted user environment support
%bcond_with gnome # with gnome-askpass (GNOME 1.x) utility
%bcond_without gtk # without GTK+ (2.x)
%bcond_with ldap # with ldap support
%bcond_without libedit # without libedit (editline/history support in sftp client)
%bcond_without kerberos5 # without kerberos5 support
%bcond_without selinux # build without SELinux support
-%bcond_with sshagentsh # with system-wide script for starting ssh-agent
-%bcond_with hpn # with High Performance SSH/SCP - HPN-SSH (see patch comment)
-%bcond_with hpn_none # with hpn (above) and '-z' none cipher option
-#
-%if %{with hpn_none}
-%undefine with_hpn
-%endif
+%bcond_with hpn # High Performance SSH/SCP - HPN-SSH including Cipher NONE (broken too often)
+
# gtk2-based gnome-askpass means no gnome1-based
%{?with_gtk:%undefine with_gnome}
+#
Summary: OpenSSH free Secure Shell (SSH) implementation
-Summary(de.UTF-8): OpenSSH - freie Implementation der Secure Shell (SSH)
-Summary(es.UTF-8): Implementación libre de SSH
-Summary(fr.UTF-8): Implémentation libre du shell sécurisé OpenSSH (SSH)
-Summary(it.UTF-8): Implementazione gratuita OpenSSH della Secure Shell
-Summary(pl.UTF-8): Publicznie dostępna implementacja bezpiecznego shella (SSH)
-Summary(pt.UTF-8): Implementação livre OpenSSH do protocolo 'Secure Shell' (SSH)
-Summary(pt_BR.UTF-8): Implementação livre do SSH
-Summary(ru.UTF-8): OpenSSH - свободная реализация протокола Secure Shell (SSH)
-Summary(uk.UTF-8): OpenSSH - вільна реалізація протоколу Secure Shell (SSH)
+Summary(de.UTF-8): OpenSSH - freie Implementation der Secure Shell (SSH)
+Summary(es.UTF-8): Implementación libre de SSH
+Summary(fr.UTF-8): Implémentation libre du shell sécurisé OpenSSH (SSH)
+Summary(it.UTF-8): Implementazione gratuita OpenSSH della Secure Shell
+Summary(pl.UTF-8): Publicznie dostępna implementacja bezpiecznego shella (SSH)
+Summary(pt.UTF-8): Implementação livre OpenSSH do protocolo 'Secure Shell' (SSH)
+Summary(pt_BR.UTF-8): Implementação livre do SSH
+Summary(ru.UTF-8): OpenSSH - свободная реализация протокола Secure Shell (SSH)
+Summary(uk.UTF-8): OpenSSH - вільна реалізація протоколу Secure Shell (SSH)
Name: openssh
-Version: 4.5p1
-Release: 3%{?with_hpn:hpn}%{?with_hpn_none:hpn_none}
+Version: 5.1p1
+Release: 3
Epoch: 2
License: BSD
Group: Applications/Networking
-Source0: ftp://ftp.ca.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{name}-%{version}.tar.gz
-# Source0-md5: 6468c339886f78e8a149b88f695839dd
-Source1: %{name}d.conf
-Source2: %{name}.conf
-Source3: %{name}d.init
-Source4: %{name}d.pamd
-Source5: %{name}.sysconfig
-Source6: passwd.pamd
-Source7: http://www.mif.pg.gda.pl/homepages/ankry/man-PLD/%{name}-non-english-man-pages.tar.bz2
-# Source7-md5: 66943d481cc422512b537bcc2c7400d1
-Source11: ssh-agent.sh
-Source12: ssh-agent.conf
+Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{name}-%{version}.tar.gz
+# Source0-md5: 03f2d0c1b5ec60d4ac9997a146d2faec
+Source1: http://www.mif.pg.gda.pl/homepages/ankry/man-PLD/%{name}-non-english-man-pages.tar.bz2
+# Source1-md5: 66943d481cc422512b537bcc2c7400d1
+Source2: %{name}d.init
+Source3: %{name}d.pamd
+Source4: %{name}.sysconfig
+Source5: ssh-agent.sh
+Source6: ssh-agent.conf
Patch0: %{name}-no_libnsl.patch
-Patch2: %{name}-linux-ipv6.patch
-Patch3: %{name}-pam_misc.patch
-Patch4: %{name}-sigpipe.patch
+Patch2: %{name}-pam_misc.patch
+Patch3: %{name}-sigpipe.patch
# http://www.opendarwin.org/projects/openssh-lpk/
-Patch5: %{name}-lpk-4.3p1-0.3.7.patch
-Patch6: %{name}-heimdal.patch
-Patch7: %{name}-pam-conv.patch
-# http://chrootssh.sourceforge.net/download/osshChroot-3.7.1p2.diff
-Patch8: %{name}-chroot.patch
-Patch9: %{name}-selinux.patch
-# HPN patches rediffed due sigpipe patch.
+Patch4: %{name}-lpk-4.3p1-0.3.7.patch
+Patch5: %{name}-config.patch
+Patch7: %{name}-selinux.patch
# High Performance SSH/SCP - HPN-SSH - http://www.psc.edu/networking/projects/hpn-ssh/
-# http://www.psc.edu/networking/projects/hpn-ssh/openssh-4.2p1-hpn11.diff
-Patch10: %{name}-4.3p1-hpn11.patch
-# Adds HPN (see p11) and an undocumented -z none cipher flag
-# http://www.psc.edu/networking/projects/hpn-ssh/openssh-4.2p1-hpn11-none.diff
-Patch11: %{name}-4.3p1-hpn11-none.patch
-Patch12: %{name}-include.patch
+# http://www.psc.edu/networking/projects/hpn-ssh/openssh-4.9p1-hpn13v2.diff.gz
+Patch9: %{name}-5.0p1-hpn13v4.diff
+Patch10: %{name}-include.patch
+Patch11: %{name}-chroot.patch
+Patch12: http://people.debian.org/~cjwatson/%{name}-blacklist.diff
URL: http://www.openssh.com/
BuildRequires: %{__perl}
BuildRequires: autoconf
BuildRequires: automake
%{?with_gnome:BuildRequires: gnome-libs-devel}
%{?with_gtk:BuildRequires: gtk+2-devel}
-%{?with_kerberos5:BuildRequires: heimdal-devel >= 0.7}
+%{?with_kerberos5:BuildRequires: krb5-devel}
%{?with_libedit:BuildRequires: libedit-devel}
%{?with_selinux:BuildRequires: libselinux-devel}
BuildRequires: libwrap-devel
-%{?with_ldap:BuildRequires: openldap-devel}
+%{?with_ldap:BuildRequires: openldap-devel >= 2.4.6}
BuildRequires: openssl-devel >= 0.9.7d
BuildRequires: pam-devel
%{?with_gtk:BuildRequires: pkgconfig}
BuildRequires: zlib-devel
Requires: filesystem >= 3.0-11
Requires: pam >= 0.99.7.1
+Suggests: openssh-blacklist
+Suggests: xorg-app-xauth
Obsoletes: ssh
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%package clients
Summary: OpenSSH Secure Shell protocol clients
-Summary(es.UTF-8): Clientes de OpenSSH
-Summary(pl.UTF-8): Klienci protokołu Secure Shell
-Summary(pt_BR.UTF-8): Clientes do OpenSSH
-Summary(ru.UTF-8): OpenSSH - клиенты протокола Secure Shell
-Summary(uk.UTF-8): OpenSSH - клієнти протоколу Secure Shell
+Summary(es.UTF-8): Clientes de OpenSSH
+Summary(pl.UTF-8): Klienci protokołu Secure Shell
+Summary(pt_BR.UTF-8): Clientes do OpenSSH
+Summary(ru.UTF-8): OpenSSH - клиенты протокола Secure Shell
+Summary(uk.UTF-8): OpenSSH - клієнти протоколу Secure Shell
Group: Applications/Networking
Requires: %{name} = %{epoch}:%{version}-%{release}
-%{?with_sshagentsh:Requires: xinitrc}
Provides: ssh-clients
Obsoletes: ssh-clients
Цей пакет містить програми-клієнти, необхідні для встановлення
зашифрованих з'єднань з серверами SSH.
+%package clients-agent-profile_d
+Summary: OpenSSH Secure Shell agent init script
+Summary(pl.UTF-8): Skrypt startowy agenta OpenSSH
+Group: Applications/Networking
+Requires: %{name}-clients = %{epoch}:%{version}-%{release}
+
+%description clients-agent-profile_d
+profile.d scripts for starting SSH agent.
+
+%description clients-agent-profile_d -l pl.UTF-8
+Skrypty profile.d do uruchamiania agenta SSH.
+
+%package clients-agent-xinitrc
+Summary: OpenSSH Secure Shell agent init script
+Summary(pl.UTF-8): Skrypt inicjujący agenta ssh przez xinitrc
+Group: Applications/Networking
+Requires: %{name}-clients-agent-profile_d = %{epoch}:%{version}-%{release}
+Requires: xinitrc
+
+%description clients-agent-xinitrc
+xinitrc scripts for starting SSH agent.
+
+%description clients-agent-xinitrc -l pl.UTF-8
+Skrypty xinitrc do uruchamiania agenta SSH.
+
%package server
Summary: OpenSSH Secure Shell protocol server (sshd)
-Summary(de.UTF-8): OpenSSH Secure Shell Protocol-Server (sshd)
-Summary(es.UTF-8): Servidor OpenSSH para comunicaciones codificadas
-Summary(fr.UTF-8): Serveur de protocole du shell sécurisé OpenSSH (sshd)
-Summary(it.UTF-8): Server OpenSSH per il protocollo Secure Shell (sshd)
-Summary(pl.UTF-8): Serwer protokołu Secure Shell (sshd)
-Summary(pt.UTF-8): Servidor do protocolo 'Secure Shell' OpenSSH (sshd)
-Summary(pt_BR.UTF-8): Servidor OpenSSH para comunicações encriptadas
-Summary(ru.UTF-8): OpenSSH - сервер протокола Secure Shell (sshd)
-Summary(uk.UTF-8): OpenSSH - сервер протоколу Secure Shell (sshd)
+Summary(de.UTF-8): OpenSSH Secure Shell Protocol-Server (sshd)
+Summary(es.UTF-8): Servidor OpenSSH para comunicaciones codificadas
+Summary(fr.UTF-8): Serveur de protocole du shell sécurisé OpenSSH (sshd)
+Summary(it.UTF-8): Server OpenSSH per il protocollo Secure Shell (sshd)
+Summary(pl.UTF-8): Serwer protokołu Secure Shell (sshd)
+Summary(pt.UTF-8): Servidor do protocolo 'Secure Shell' OpenSSH (sshd)
+Summary(pt_BR.UTF-8): Servidor OpenSSH para comunicações encriptadas
+Summary(ru.UTF-8): OpenSSH - сервер протокола Secure Shell (sshd)
+Summary(uk.UTF-8): OpenSSH - сервер протоколу Secure Shell (sshd)
Group: Networking/Daemons
Requires(post): chkconfig >= 0.9
Requires(post): grep
Requires: %{name} = %{epoch}:%{version}-%{release}
Requires: /bin/login
Requires: pam >= 0.99.7.1
-Requires: rc-scripts >= 0.4.0.18
+Requires: rc-scripts >= 0.4.1.23
Requires: util-linux
Provides: ssh-server
Provides: user(sshd)
%package gnome-askpass
Summary: OpenSSH GNOME passphrase dialog
-Summary(de.UTF-8): OpenSSH GNOME Passwort-Dialog
-Summary(es.UTF-8): Diálogo para introducción de passphrase para GNOME
-Summary(fr.UTF-8): Dialogue pass-phrase GNOME d'OpenSSH
-Summary(it.UTF-8): Finestra di dialogo GNOME per la frase segreta di OpenSSH
-Summary(pl.UTF-8): Odpytywacz hasła OpenSSH dla GNOME
-Summary(pt.UTF-8): Diálogo de pedido de senha para GNOME do OpenSSH
-Summary(pt_BR.UTF-8): Diálogo para entrada de passphrase para GNOME
-Summary(ru.UTF-8): OpenSSH - диалог ввода ключевой фразы (passphrase) для GNOME
-Summary(uk.UTF-8): OpenSSH - діалог вводу ключової фрази (passphrase) для GNOME
+Summary(de.UTF-8): OpenSSH GNOME Passwort-Dialog
+Summary(es.UTF-8): Diálogo para introducción de passphrase para GNOME
+Summary(fr.UTF-8): Dialogue pass-phrase GNOME d'OpenSSH
+Summary(it.UTF-8): Finestra di dialogo GNOME per la frase segreta di OpenSSH
+Summary(pl.UTF-8): Odpytywacz hasła OpenSSH dla GNOME
+Summary(pt.UTF-8): Diálogo de pedido de senha para GNOME do OpenSSH
+Summary(pt_BR.UTF-8): Diálogo para entrada de passphrase para GNOME
+Summary(ru.UTF-8): OpenSSH - диалог ввода ключевой фразы (passphrase) для GNOME
+Summary(uk.UTF-8): OpenSSH - діалог вводу ключової фрази (passphrase) для GNOME
Group: Applications/Networking
Requires: %{name} = %{epoch}:%{version}-%{release}
Obsoletes: openssh-askpass
%patch0 -p1
%patch2 -p1
%patch3 -p1
-%patch4 -p1
-%{?with_ldap:%patch5 -p1}
-%{?with_kerberos5:%patch6 -p1}
-#%patch7 -p1
-%patch8 -p1
-%patch9 -p1
-%{?with_hpn:%patch10 -p1}
-%{?with_hpn_none:%patch11 -p1}
+%{?with_ldap:%patch4 -p1}
+%patch5 -p1
+%patch7 -p1
+%{?with_hpn:%patch9 -p1}
+%patch10 -p1
+%patch11 -p1
%patch12 -p1
%build
cp /usr/share/automake/config.sub .
%{__aclocal}
%{__autoconf}
-%{?with_chroot:CPPFLAGS="-DCHROOT"}
+CPPFLAGS="-DCHROOT"
%configure \
PERL=%{__perl} \
--with-dns \
--with-tcp-wrappers \
%{?with_ldap:--with-libs="-lldap -llber"} \
%{?with_ldap:--with-cppflags="-DWITH_LDAP_PUBKEY"} \
- %{?with_kerberos5:--with-kerberos5} \
+ %{?with_kerberos5:--with-kerberos5=/usr} \
--with-privsep-path=%{_privsepdir} \
--with-pid-dir=%{_localstatedir}/run \
--with-xauth=/usr/bin/xauth \
rm -rf $RPM_BUILD_ROOT
install -d $RPM_BUILD_ROOT{%{_sysconfdir},/etc/{pam.d,rc.d/init.d,sysconfig,security,env.d}} \
$RPM_BUILD_ROOT%{_libexecdir}/ssh
-%{?with_sshagentsh:install -d $RPM_BUILD_ROOT/etc/{profile.d,X11/xinit/xinitrc.d}}
+install -d $RPM_BUILD_ROOT/etc/{profile.d,X11/xinit/xinitrc.d}
%{__make} install \
DESTDIR=$RPM_BUILD_ROOT
-install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/sshd
-install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/passwdssh
-install %{SOURCE5} $RPM_BUILD_ROOT/etc/sysconfig/sshd
-install %{SOURCE3} $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
-install %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/ssh_config
-install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sshd_config
-%if %{with sshagentsh}
-install %{SOURCE11} $RPM_BUILD_ROOT/etc/profile.d
-ln -sf /etc/profile.d/ssh-agent.sh $RPM_BUILD_ROOT/etc/X11/xinit/xinitrc.d/ssh-agent.sh
-install %{SOURCE12} $RPM_BUILD_ROOT%{_sysconfdir}
-%endif
+bzip2 -dc %{SOURCE1} | tar xf - -C $RPM_BUILD_ROOT%{_mandir}
-bzip2 -dc %{SOURCE7} | tar xf - -C $RPM_BUILD_ROOT%{_mandir}
+install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
+install %{SOURCE3} $RPM_BUILD_ROOT/etc/pam.d/sshd
+install %{SOURCE4} $RPM_BUILD_ROOT/etc/sysconfig/sshd
+install %{SOURCE5} $RPM_BUILD_ROOT/etc/profile.d
+ln -sf /etc/profile.d/ssh-agent.sh $RPM_BUILD_ROOT/etc/X11/xinit/xinitrc.d/ssh-agent.sh
+install %{SOURCE6} $RPM_BUILD_ROOT%{_sysconfdir}
%if %{with gnome}
install contrib/gnome-ssh-askpass1 $RPM_BUILD_ROOT%{_libexecdir}/ssh/ssh-askpass
install contrib/gnome-ssh-askpass2 $RPM_BUILD_ROOT%{_libexecdir}/ssh/ssh-askpass
%endif
%if %{with gnome} || %{with gtk}
-cat << EOF >$RPM_BUILD_ROOT/etc/env.d/GNOME_SSH_ASKPASS_GRAB_SERVER
+cat << 'EOF' >$RPM_BUILD_ROOT/etc/env.d/GNOME_SSH_ASKPASS_GRAB_SERVER
#GNOME_SSH_ASKPASS_GRAB_SERVER="true"
EOF
-cat << EOF >$RPM_BUILD_ROOT/etc/env.d/GNOME_SSH_ASKPASS_GRAB_POINTER
+cat << 'EOF' >$RPM_BUILD_ROOT/etc/env.d/GNOME_SSH_ASKPASS_GRAB_POINTER
#GNOME_SSH_ASKPASS_GRAB_POINTER="true"
EOF
ln -s %{_libexecdir}/ssh/ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/ssh-askpass
touch $RPM_BUILD_ROOT/etc/security/blacklist.sshd
-%if "%{_lib}" != "lib"
-find $RPM_BUILD_ROOT%{_sysconfdir} -type f -print0 | xargs -0 sed -i -e 's#%{_prefix}/lib#%{_libdir}#'
-%endif
-
cat << 'EOF' > $RPM_BUILD_ROOT/etc/env.d/SSH_ASKPASS
#SSH_ASKPASS="%{_libexecdir}/ssh-askpass"
EOF
+rm -f $RPM_BUILD_ROOT%{_datadir}/Ssh.bin # ???
+rm -f $RPM_BUILD_ROOT%{_mandir}/README.openssh-non-english-man-pages
+
%clean
rm -rf $RPM_BUILD_ROOT
%defattr(644,root,root,755)
%doc *.RNG TODO README OVERVIEW CREDITS Change*
%attr(755,root,root) %{_bindir}/ssh-key*
+%attr(755,root,root) %{_bindir}/ssh-vulnkey*
%{_mandir}/man1/ssh-key*.1*
+%{_mandir}/man1/ssh-vulnkey*.1*
%dir %{_sysconfdir}
%dir %{_libexecdir}
%attr(755,root,root) %{_bindir}/scp
%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/ssh_config
%config(noreplace,missingok) %verify(not md5 mtime size) /etc/env.d/SSH_ASKPASS
-%if %{with sshagentsh}
-%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/ssh-agent.conf
-%attr(755,root,root) /etc/profile.d/ssh-agent.sh
-%attr(755,root,root) /etc/X11/xinit/xinitrc.d/ssh-agent.sh
-%endif
%{_mandir}/man1/scp.1*
%{_mandir}/man1/ssh.1*
%{_mandir}/man1/slogin.1*
#%attr(4755,root,root) %{_libexecdir}/ssh-keysign
#%{_mandir}/man8/ssh-keysign.8*
+%files clients-agent-profile_d
+%defattr(644,root,root,755)
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/ssh-agent.conf
+%attr(755,root,root) /etc/profile.d/ssh-agent.sh
+
+%files clients-agent-xinitrc
+%defattr(644,root,root,755)
+%attr(755,root,root) /etc/X11/xinit/xinitrc.d/ssh-agent.sh
+
%files server
%defattr(644,root,root,755)
%attr(755,root,root) %{_sbindir}/sshd
%{_mandir}/man8/sftp-server.8*
%{_mandir}/man8/ssh-keysign.8*
%{_mandir}/man5/sshd_config.5*
+%{_mandir}/man5/moduli.5*
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/sshd_config
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/sshd
%attr(640,root,root) %{_sysconfdir}/moduli
projects / packages / openssh.git / blobdiff