#
# Conditional build:
# _without_gnome - without gnome-askpass utility
-
+# _without_gtk - without gtk (2.x)
+#
+# default to gtk2-based gnome-askpass
+%{!?_without_gtk:%define _without_gnome 1}
Summary: OpenSSH free Secure Shell (SSH) implementation
Summary(de): OpenSSH - freie Implementation der Secure Shell (SSH)
Summary(es): Implementación libre de SSH
Summary(ru): OpenSSH - Ó×ÏÂÏÄÎÁÑ ÒÅÁÌÉÚÁÃÉÑ ÐÒÏÔÏËÏÌÁ Secure Shell (SSH)
Summary(uk): OpenSSH - צÌØÎÁ ÒÅÁ̦ÚÁÃ¦Ñ ÐÒÏÔÏËÏÌÕ Secure Shell (SSH)
Name: openssh
-Version: 3.4p1
-Release: 3.1
-Epoch: 1
+Version: 3.6.1p2
+Release: 0.2
+Epoch: 2
License: BSD
Group: Applications/Networking
Source0: ftp://ftp.ca.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{name}-%{version}.tar.gz
Source4: %{name}d.pamd
Source5: %{name}.sysconfig
Source6: passwd.pamd
+Source7: %{name}-askpass.sh
+Source8: %{name}-askpass.csh
Patch0: %{name}-no_libnsl.patch
-Patch1: %{name}-set_12.patch
Patch2: %{name}-linux-ipv6.patch
-Patch3: %{name}-pseudo-mmap.patch
-Patch4: %{name}-3.4p1-owl-always-auth.diff
-Patch5: %{name}-3.4p1-owl-fatal_cleanups.diff
-Patch6: %{name}-3.4p1-owl-hide-unknown.diff
-Patch7: %{name}-3.4p1-owl-logging.diff
-Patch8: %{name}-3.4p1-owl-pam_userpass.diff
-Patch9: %{name}-3.4p1-owl-password-changing.diff
+Patch3: %{name}-pam_misc.patch
+Patch4: %{name}-sigpipe.patch
URL: http://www.openssh.com/
-BuildRequires: XFree86-devel
BuildRequires: autoconf
BuildRequires: automake
%{!?_without_gnome:BuildRequires: gnome-libs-devel}
+%{!?_without_gtk:BuildRequires: gtk+2-devel}
BuildRequires: libwrap-devel
-BuildRequires: openssl-devel >= 0.9.6a
+BuildRequires: openssl-devel >= 0.9.7b
BuildRequires: pam-devel
-BuildRequires: perl
+BuildRequires: %{__perl}
+%{!?_without_gtk:BuildRequires: pkgconfig}
BuildRequires: zlib-devel
-BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
-Prereq: openssl
-Prereq: FHS >= 2.1-24
+PreReq: openssl >= 0.9.7
+PreReq: FHS >= 2.1-24
Obsoletes: ssh
+BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%define _sysconfdir /etc/ssh
%define _libexecdir %{_libdir}/%{name}
Requires(pre): /usr/sbin/useradd
Requires(post): /sbin/chkconfig
Requires(post): chkconfig >= 0.9
+Requires(post): grep
Requires(postun): /usr/sbin/userdel
Requires: /bin/login
Requires: util-linux
%prep
%setup -q
%patch0 -p1
-%patch1 -p1
%patch2 -p1
%patch3 -p1
-%patch4 -p1
-%patch5 -p1
-%patch6 -p1
-%patch7 -p1
-%patch8 -p1
-%patch9 -p1
+#%patch4 -p1
%build
-aclocal
+%{__aclocal}
%{__autoconf}
%configure \
- %{!?_without_gnome:--with-gnome-askpass} \
+ PERL=%{__perl} \
--with-pam \
--with-mantype=man \
--with-md5-passwords \
--disable-suid-ssh \
--with-tcp-wrappers \
--with-privsep-path=%{_privsepdir} \
- --with-pid-dir=%{_localstatedir}/run
+ --with-pid-dir=%{_localstatedir}/run \
+ --with-xauth=/usr/X11R6/bin/xauth
echo '#define LOGIN_PROGRAM "/bin/login"' >>config.h
%{__make}
-%{!?_without_gnome:cd contrib && %{__cc} %{rpmcflags} `gnome-config --cflags gnome gnomeui gtk` } \
-%{!?_without_gnome:gnome-ssh-askpass.c -o gnome-ssh-askpass } \
-%{!?_without_gnome:`gnome-config --libs gnome gnomeui gtk` }
+cd contrib
+%if 0%{!?_without_gnome:1}
+%{__make} gnome-ssh-askpass1 \
+ CC="%{__cc} %{rpmldflags} %{rpmcflags}"
+%endif
+%if 0%{!?_without_gtk:1}
+%{__make} gnome-ssh-askpass2 \
+ CC="%{__cc} %{rpmldflags} %{rpmcflags}"
+%endif
%install
rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT{%{_sysconfdir},/etc/{pam.d,rc.d/init.d,sysconfig,security}}
+install -d $RPM_BUILD_ROOT{%{_sysconfdir},/etc/{pam.d,rc.d/init.d,sysconfig,security,profile.d}}
%{__make} install DESTDIR="$RPM_BUILD_ROOT"
install %{SOURCE3} $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
install %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/ssh_config
install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sshd_config
+
install -d $RPM_BUILD_ROOT%{_libexecdir}/ssh
-%{!?_without_gnome:install contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/ssh/ssh-askpass}
+%if 0%{!?_without_gnome:1}
+install contrib/gnome-ssh-askpass1 $RPM_BUILD_ROOT%{_libexecdir}/ssh/ssh-askpass
+%endif
+%if 0%{!?_without_gtk:1}
+install contrib/gnome-ssh-askpass2 $RPM_BUILD_ROOT%{_libexecdir}/ssh/ssh-askpass
+%endif
+%if 0%{!?_without_gnome:1}%{!?_without_gtk:1}
+install %{SOURCE7} %{SOURCE8} $RPM_BUILD_ROOT/etc/profile.d
+%endif
rm -f $RPM_BUILD_ROOT%{_mandir}/man1/slogin.1
echo ".so ssh.1" > $RPM_BUILD_ROOT%{_mandir}/man1/slogin.1
else
echo "Run \"/etc/rc.d/init.d/sshd start\" to start openssh daemon."
fi
-if ! grep ssh /etc/security/passwd.conf >/dev/null 2>&1 ; then
+if ! grep -qs ssh /etc/security/passwd.conf ; then
+ umask 022
echo "ssh" >> /etc/security/passwd.conf
fi
%{_mandir}/man1/ssh-add.1*
%{_mandir}/man5/ssh_config.5*
+# for host-based auth (suid required for accessing private host key)
+#%attr(4755,root,root) %{_libexecdir}/ssh-keysign
+#%{_mandir}/man8/ssh-keysign.8*
+
%files server
%defattr(644,root,root,755)
%attr(755,root,root) %{_sbindir}/sshd
%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/sysconfig/sshd
%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/security/blacklist.sshd
-%{!?_without_gnome:%files gnome-askpass}
-%{!?_without_gnome:%defattr(644,root,root,755)}
-%{!?_without_gnome:%dir %{_libexecdir}/ssh}
-%{!?_without_gnome:%attr(755,root,root) %{_libexecdir}/ssh/ssh-askpass}
+%if 0%{!?_without_gnome:1}%{!?_without_gtk:1}
+%files gnome-askpass
+%defattr(644,root,root,755)
+%dir %{_libexecdir}/ssh
+%attr(755,root,root) %{_libexecdir}/ssh/ssh-askpass
+%attr(755,root,root) /etc/profile.d/*
+%endif