#
# Conditional build:
-# _without_gnome - without gnome-askpass utility
+# _without_gnome - without gnome-askpass utility
+# _without_gtk - without gtk (2.x)
+# _with_ldap - with ldap support
+# _with_kerberos5 - with kerberos5 support
+#
+# default to gtk2-based gnome-askpass
+
+%define orig_ver 3.7p1
+%{!?_without_gtk:%define _without_gnome 1}
Summary: OpenSSH free Secure Shell (SSH) implementation
+Summary(de): OpenSSH - freie Implementation der Secure Shell (SSH)
Summary(es): Implementación libre de SSH
+Summary(fr): Implémentation libre du shell sécurisé OpenSSH (SSH)
+Summary(it): Implementazione gratuita OpenSSH della Secure Shell
Summary(pl): Publicznie dostêpna implementacja bezpiecznego shella (SSH)
+Summary(pt): Implementação livre OpenSSH do protocolo 'Secure Shell' (SSH)
Summary(pt_BR): Implementação livre do SSH
Summary(ru): OpenSSH - Ó×ÏÂÏÄÎÁÑ ÒÅÁÌÉÚÁÃÉÑ ÐÒÏÔÏËÏÌÁ Secure Shell (SSH)
Summary(uk): OpenSSH - צÌØÎÁ ÒÅÁ̦ÚÁÃ¦Ñ ÐÒÏÔÏËÏÌÕ Secure Shell (SSH)
Name: openssh
-Version: 3.4p1
-Release: 2
+Version: 3.7p1
+Release: 1%{?_with_ldap:ldap}
+Epoch: 2
License: BSD
Group: Applications/Networking
-Source0: ftp://ftp.ca.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{name}-%{version}.tar.gz
+Source0: ftp://ftp.ca.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{name}-%{orig_ver}.tar.gz
+# Source0-md5: 77662801ba2a9cadc0ac10054bc6cb37
Source1: %{name}d.conf
Source2: %{name}.conf
Source3: %{name}d.init
Source4: %{name}d.pamd
Source5: %{name}.sysconfig
Source6: passwd.pamd
+Source7: %{name}-askpass.sh
+Source8: %{name}-askpass.csh
+Source9: http://www.imasy.or.jp/~gotoh/ssh/connect.c
+# NoSource9-md5: c78de727e1208799072be78c05d64398
+Source10: http://www.imasy.or.jp/~gotoh/ssh/connect.html
+# NoSource10-md5: f14cb61fafd067a3f5ce4eaa9643bf05
Patch0: %{name}-no_libnsl.patch
-Patch1: %{name}-set_12.patch
Patch2: %{name}-linux-ipv6.patch
-Patch3: %{name}-pseudo-mmap.patch
+Patch3: %{name}-pam_misc.patch
+Patch4: %{name}-sigpipe.patch
+# http://ldappubkey.gcu-squad.org/
+Patch5: ldappubkey-ossh3.6-v2.patch
+Patch6: %{name}-heimdal.patch
URL: http://www.openssh.com/
-BuildRequires: XFree86-devel
BuildRequires: autoconf
BuildRequires: automake
%{!?_without_gnome:BuildRequires: gnome-libs-devel}
+%{!?_without_gtk:BuildRequires: gtk+2-devel}
BuildRequires: libwrap-devel
-BuildRequires: openssl-devel >= 0.9.6a
+BuildRequires: openssl-devel >= 0.9.7b
+%{?_with_ldap:BuildRequires: openldap-devel}
+%{?_with_kerberos5:BuildRequires: heimdal-devel}
BuildRequires: pam-devel
-BuildRequires: perl
+BuildRequires: %{__perl}
+%{!?_without_gtk:BuildRequires: pkgconfig}
BuildRequires: zlib-devel
-BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
-Prereq: openssl
-Requires: FHS >= 2.1-24
+PreReq: FHS >= 2.1-24
+PreReq: openssl >= 0.9.7
Obsoletes: ssh
+BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%define _sysconfdir /etc/ssh
%define _libexecdir %{_libdir}/%{name}
client and server. To make this package useful, you should also
install openssh-clients, openssh-server, or both.
+%description -l de
+OpenSSH (Secure Shell) stellt den Zugang zu anderen Rechnern her. Es
+ersetzt telnet, rlogin, rexec und rsh und stellt eine sichere,
+verschlüsselte Verbindung zwischen zwei nicht vertrauenswürdigen Hosts
+über eine unsicheres Netzwerk her. X11 Verbindungen und beliebige
+andere TCP/IP Ports können ebenso über den sicheren Channel
+weitergeleitet werden.
+
%description -l es
SSH es un programa para accesar y ejecutar órdenes en computadores
remotos. Sustituye rlogin y rsh, y suministra un canal de comunicación
Este paquete contiene "port" para Linux de OpenSSH. Se debe instalar
también el paquete openssh-clients u openssh-server o ambos.
+%description -l fr
+OpenSSH (Secure Shell) fournit un accès à un système distant. Il
+remplace telnet, rlogin, rexec et rsh, tout en assurant des
+communications cryptées securisées entre deux hôtes non fiabilisés sur
+un réseau non sécurisé. Des connexions X11 et des ports TCP/IP
+arbitraires peuvent également être transmis sur le canal sécurisé.
+
+%description -l it
+OpenSSH (Secure Shell) fornisce l'accesso ad un sistema remoto.
+Sostituisce telnet, rlogin, rexec, e rsh, e fornisce comunicazioni
+sicure e crittate tra due host non fidati su una rete non sicura. Le
+connessioni X11 ad una porta TCP/IP arbitraria possono essere
+inoltrate attraverso un canale sicuro.
+
%description -l pl
Ssh (Secure Shell) to program s³u¿±cy do logowania siê na zdaln±
maszynê i uruchamiania na niej aplikacji. W zamierzeniu openssh ma
zast±piæ rlogin, rsh i dostarczyæ bezpieczne, szyfrowane po³±czenie
pomiedzy dwoma hostami.
+Ten pakiet zawiera podstawowe pliki potrzebne zarówno po stronie
+klienta jak i serwera OpenSSH. Aby by³ u¿yteczny, trzeba zainstalowaæ
+co najmniej jeden z pakietów: openssh-clients lub openssh-server.
+
+%description -l pt
+OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o
+telnet, rlogin, rexec, e o rsh e fornece comunicações seguras e
+cifradas entre duas máquinas sem confiança mútua sobre uma rede
+insegura. Ligações X11 e portos TCP/IP arbitrários também poder ser
+reenviados pelo canal seguro.
+
%description -l pt_BR
SSH é um programa para acessar e executar comandos em máquinas
remotas. Ele substitui rlogin e rsh, e provem um canal de comunicação
Summary(ru): OpenSSH - ËÌÉÅÎÔÙ ÐÒÏÔÏËÏÌÁ Secure Shell
Summary(uk): OpenSSH - Ë̦¤ÎÔÉ ÐÒÏÔÏËÏÌÕ Secure Shell
Group: Applications/Networking
-Requires: %{name} = %{version}
+Requires: %{name} = %{epoch}:%{version}
Obsoletes: ssh-clients
%description clients
%package server
Summary: OpenSSH Secure Shell protocol server (sshd)
+Summary(de): OpenSSH Secure Shell Protocol-Server (sshd)
Summary(es): Servidor OpenSSH para comunicaciones codificadas
+Summary(fr): Serveur de protocole du shell sécurisé OpenSSH (sshd)
+Summary(it): Server OpenSSH per il protocollo Secure Shell (sshd)
Summary(pl): Serwer protoko³u Secure Shell (sshd)
+Summary(pt): Servidor do protocolo 'Secure Shell' OpenSSH (sshd)
Summary(pt_BR): Servidor OpenSSH para comunicações encriptadas
Summary(ru): OpenSSH - ÓÅÒ×ÅÒ ÐÒÏÔÏËÏÌÁ Secure Shell (sshd)
Summary(uk): OpenSSH - ÓÅÒ×ÅÒ ÐÒÏÔÏËÏÌÕ Secure Shell (sshd)
Group: Networking/Daemons
-PreReq: %{name} = %{version}
-PreReq: rc-scripts >= 0.3.1-3
+PreReq: %{name} = %{epoch}:%{version}
+PreReq: rc-scripts >= 0.3.1-15
Requires(pre): /bin/id
Requires(pre): /usr/sbin/useradd
-Requires(post): /sbin/chkconfig
+Requires(post,preun): /sbin/chkconfig
Requires(post): chkconfig >= 0.9
+Requires(post): grep
Requires(postun): /usr/sbin/userdel
Requires: /bin/login
Requires: util-linux
part of the secure shell protocol and allows ssh clients to connect to
your host.
+%description server -l de
+Dieses Paket installiert den sshd, den Server-Teil der OpenSSH.
+
%description server -l es
Este paquete contiene el servidor SSH. sshd es la parte servidor del
protocolo secure shell y permite que clientes ssh se conecten a su
servidor.
+%description server -l fr
+Ce paquetage installe le 'sshd', partie serveur de OpenSSH.
+
+%description server -l it
+Questo pacchetto installa sshd, il server di OpenSSH.
+
%description server -l pl
Ssh (Secure Shell) to program s³u¿±cy do logowania siê na zdaln±
maszynê i uruchamiania na niej aplikacji. W zamierzeniu openssh ma
Ten pakiet zawiera serwer sshd (do którego mog± ³±czyæ siê klienci
ssh).
+%description server -l pt
+Este pacote intala o sshd, o servidor do OpenSSH.
+
%description server -l pt_BR
Esse pacote contém o servidor SSH. O sshd é a parte servidor do
protocolo secure shell e permite que clientes ssh se conectem ao seu
%package gnome-askpass
Summary: OpenSSH GNOME passphrase dialog
+Summary(de): OpenSSH GNOME Passwort-Dialog
Summary(es): Diálogo para introducción de passphrase para GNOME
+Summary(fr): Dialogue pass-phrase GNOME d'OpenSSH
+Summary(it): Finestra di dialogo GNOME per la frase segreta di OpenSSH
Summary(pl): Odpytywacz has³a OpenSSH dla GNOME
+Summary(pt): Diálogo de pedido de senha para GNOME do OpenSSH
Summary(pt_BR): Diálogo para entrada de passphrase para GNOME
Summary(ru): OpenSSH - ÄÉÁÌÏÇ ××ÏÄÁ ËÌÀÞÅ×ÏÊ ÆÒÁÚÙ (passphrase) ÄÌÑ GNOME
Summary(uk): OpenSSH - ĦÁÌÏÇ ××ÏÄÕ ËÌÀÞÏ×ϧ ÆÒÁÚÉ (passphrase) ÄÌÑ GNOME
Group: Applications/Networking
-Requires: %{name} = %{version}
+Requires: %{name} = %{epoch}:%{version}
Obsoletes: ssh-extras
Obsoletes: ssh-askpass
Obsoletes: openssh-askpass
GNOME.
%prep
-%setup -q
+%setup -q -n %{name}-%{orig_ver}
%patch0 -p1
-%patch1 -p1
%patch2 -p1
%patch3 -p1
+#%patch4 -p1
+%{?_with_ldap:%patch5 -p1}
+%{?_with_kerberos5:%patch6 -p1}
%build
-aclocal
+%{__aclocal}
%{__autoconf}
%configure \
- %{!?_without_gnome:--with-gnome-askpass} \
+ PERL=%{__perl} \
--with-pam \
--with-mantype=man \
--with-md5-passwords \
--with-4in6 \
--disable-suid-ssh \
--with-tcp-wrappers \
+ %{?_with_ldap:--with-libs="-lldap -llber"} \
+ %{?_with_ldap:--with-cppflags="-DWITH_LDAP_PUBKEY"} \
+ %{?_with_kerberos5:--with-kerberos5} \
--with-privsep-path=%{_privsepdir} \
- --with-pid-dir=%{_localstatedir}/run
+ --with-pid-dir=%{_localstatedir}/run \
+ --with-xauth=/usr/X11R6/bin/xauth
echo '#define LOGIN_PROGRAM "/bin/login"' >>config.h
%{__make}
-%{!?_without_gnome:cd contrib && %{__cc} %{rpmcflags} `gnome-config --cflags gnome gnomeui gtk` } \
-%{!?_without_gnome:gnome-ssh-askpass.c -o gnome-ssh-askpass } \
-%{!?_without_gnome:`gnome-config --libs gnome gnomeui gtk` }
+cp -f %{SOURCE9} .
+cp -f %{SOURCE10} .
+%{__cc} %{rpmcflags} %{rpmldflags} connect.c -o connect
+
+cd contrib
+%if 0%{!?_without_gnome:1}
+%{__make} gnome-ssh-askpass1 \
+ CC="%{__cc} %{rpmldflags} %{rpmcflags}"
+%endif
+%if 0%{!?_without_gtk:1}
+%{__make} gnome-ssh-askpass2 \
+ CC="%{__cc} %{rpmldflags} %{rpmcflags}"
+%endif
%install
rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT{%{_sysconfdir},/etc/{pam.d,rc.d/init.d,sysconfig,security}}
+install -d $RPM_BUILD_ROOT{%{_sysconfdir},/etc/{pam.d,rc.d/init.d,sysconfig,security,profile.d}}
%{__make} install DESTDIR="$RPM_BUILD_ROOT"
+install connect $RPM_BUILD_ROOT%{_bindir}
install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/sshd
install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/passwdssh
install %{SOURCE5} $RPM_BUILD_ROOT/etc/sysconfig/sshd
install %{SOURCE3} $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
install %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/ssh_config
install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sshd_config
+
install -d $RPM_BUILD_ROOT%{_libexecdir}/ssh
-%{!?_without_gnome:install contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/ssh/ssh-askpass}
+%if 0%{!?_without_gnome:1}
+install contrib/gnome-ssh-askpass1 $RPM_BUILD_ROOT%{_libexecdir}/ssh/ssh-askpass
+%endif
+%if 0%{!?_without_gtk:1}
+install contrib/gnome-ssh-askpass2 $RPM_BUILD_ROOT%{_libexecdir}/ssh/ssh-askpass
+%endif
+%if 0%{!?_without_gnome:1}%{!?_without_gtk:1}
+install %{SOURCE7} %{SOURCE8} $RPM_BUILD_ROOT/etc/profile.d
+%endif
rm -f $RPM_BUILD_ROOT%{_mandir}/man1/slogin.1
echo ".so ssh.1" > $RPM_BUILD_ROOT%{_mandir}/man1/slogin.1
else
/usr/sbin/useradd -u 40 -d %{_privsepdir} -s /bin/false -M -r -c "OpenSSH PrivSep User" -g nobody sshd 1>&2
fi
-
+
%post server
/sbin/chkconfig --add sshd
if [ -f /var/lock/subsys/sshd ]; then
else
echo "Run \"/etc/rc.d/init.d/sshd start\" to start openssh daemon."
fi
-if ! grep ssh /etc/security/passwd.conf >/dev/null 2>&1 ; then
+if ! grep -qs ssh /etc/security/passwd.conf ; then
+ umask 022
echo "ssh" >> /etc/security/passwd.conf
fi
%files clients
%defattr(644,root,root,755)
+%doc connect.html
+%attr(0755,root,root) %{_bindir}/connect
%attr(0755,root,root) %{_bindir}/ssh
%attr(0755,root,root) %{_bindir}/slogin
%attr(0755,root,root) %{_bindir}/sftp
%{_mandir}/man1/ssh-add.1*
%{_mandir}/man5/ssh_config.5*
+# for host-based auth (suid required for accessing private host key)
+#%attr(4755,root,root) %{_libexecdir}/ssh-keysign
+#%{_mandir}/man8/ssh-keysign.8*
+
%files server
%defattr(644,root,root,755)
%attr(755,root,root) %{_sbindir}/sshd
%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/sysconfig/sshd
%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/security/blacklist.sshd
-%{!?_without_gnome:%files gnome-askpass}
-%{!?_without_gnome:%defattr(644,root,root,755)}
-%{!?_without_gnome:%dir %{_libexecdir}/ssh}
-%{!?_without_gnome:%attr(755,root,root) %{_libexecdir}/ssh/ssh-askpass}
+%if 0%{!?_without_gnome:1}%{!?_without_gtk:1}
+%files gnome-askpass
+%defattr(644,root,root,755)
+%dir %{_libexecdir}/ssh
+%attr(755,root,root) %{_libexecdir}/ssh/ssh-askpass
+%attr(755,root,root) /etc/profile.d/*
+%endif
projects / packages / openssh.git / blobdiff