[packages/openssh.git] / openssh.spec

Summary:	OpenSSH free Secure Shell (SSH) implementation
Name:		openssh
Version:	1.2.2p1
Release:	1
License:	BSD
Group:		Applications/Networking
Group(pl):	Aplikacje/Sieciowe
Source0:	http://violet.ibs.com.au/openssh/files/%{name}-%{version}.tar.gz
Source1:	opensshd.conf
Source2:	openssh.conf
Source3:	opensshd.init
Source4:	opensshd.pamd
Source5:	openssh.sysconfig
Source6:	passwd.pamd
Patch0:		openssh-PAM_NEW_AUTHTOK.patch
Patch1:		openssh-libwrap.patch
Patch2:		openssh-linux.patch
BuildRequires:	openssl-devel >= 0.9.4-2
BuildRequires:	zlib-devel
BuildRequires:	pam-devel
BuildRequires:	XFree86-devel
BuildRequires:	gnome-libs-devel
BuildRoot:	/tmp/%{name}-%{version}-root
Obsoletes:	ssh < %{version}, ssh > %{version}

%define		_sysconfdir	/etc/ssh

%description
Ssh (Secure Shell) a program for logging into a remote machine and for
executing commands in a remote machine. It is intended to replace rlogin and
rsh, and provide secure encrypted communications between two untrusted hosts
over an insecure network. X11 connections and arbitrary TCP/IP ports can
also be forwarded over the secure channel.

OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up
to date in terms of security and features, as well as removing all patented
algorithms to seperate libraries (OpenSSL).

This package includes the core files necessary for both the OpenSSH
client and server. To make this package useful, you should also
install openssh-clients, openssh-server, or both.

%package clients
Summary:	OpenSSH Secure Shell protocol clients
Requires:	openssh
Group:		Applications/Networking
Group(pl):	Aplikacje/Sieciowe
Obsoletes:	ssh-clients < %{version}, ssh-clients > %{version}
Requires:	%{name} = %{version}

%description clients
Ssh (Secure Shell) a program for logging into a remote machine and for
executing commands in a remote machine. It is intended to replace rlogin and
rsh, and provide secure encrypted communications between two untrusted hosts
over an insecure network. X11 connections and arbitrary TCP/IP ports can
also be forwarded over the secure channel.

OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up
to date in terms of security and features, as well as removing all patented
algorithms to seperate libraries (OpenSSL).

This package includes the clients necessary to make encrypted connections to
SSH servers.

%package server
Summary:	OpenSSH Secure Shell protocol server (sshd)
Requires:	openssh chkconfig >= 0.9
Group:		Networking/Daemons
Group(pl):	Sieciowe/Serwery
Obsoletes:	ssh-server < %{version}, ssh-server > %{version}
Requires:	rc-scripts
Requires:	/bin/login
Requires:	util-linux
Prereq:		%{name} = %{version}

%description server
Ssh (Secure Shell) a program for logging into a remote machine and for
executing commands in a remote machine. It is intended to replace rlogin and
rsh, and provide secure encrypted communications between two untrusted hosts
over an insecure network. X11 connections and arbitrary TCP/IP ports can
also be forwarded over the secure channel.

OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up
to date in terms of security and features, as well as removing all patented
algorithms to seperate libraries (OpenSSL).

This package contains the secure shell daemon. The sshd is the server part
of the secure shell protocol and allows ssh clients to connect to your host.

%package gnome-askpass
Summary:	OpenSSH GNOME passphrase dialog
Group:		Applications/Networking
Group(pl):	Aplikacje/Sieciowe
Requires:	%{name} = %{version}
Obsoletes:	ssh-extras < %{version}, ssh-extras > %{version}
Obsoletes:	ssh-askpass < %{version}, ssh-askpass > %{version}
Obsoletes:	openssh-askpass < %{version}, openssh-askpass > %{version}

%description gnome-askpass
Ssh (Secure Shell) a program for logging into a remote machine and for
executing commands in a remote machine. It is intended to replace rlogin
and rsh, and provide secure encrypted communications between two untrusted
hosts over an insecure network. X11 connections and arbitrary TCP/IP ports
can also be forwarded over the secure channel.

OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up
to date in terms of security and features, as well as removing all patented
algorithms to seperate libraries (OpenSSL).

This package contains the GNOME passphrase dialog.

%prep
%setup  -q
%patch0 -p1
%patch1 -p1
%patch2 -p1

%build
autoconf
%configure \
	--with-gnome-askpass \
	--with-tcp-wrappers \
	--with-md5-passwords \
	--with-ipaddr-display \
	--enable-ipv6 \
	--enable-log-auth 

# with ipv4-default sshd can't listen on IPv6 and IPv4 sockets
#	--with-ipv4-default \
# broken options
#	--without-kerberos4 \
#	--without-afs \
#	--without-skey 

echo '#define LOGIN_PROGRAM           "/bin/login"' >>config.h

make

%install
rm -rf $RPM_BUILD_ROOT

install -d $RPM_BUILD_ROOT{%{_sysconfdir},/etc/{pam.d,rc.d/init.d,sysconfig,security}}

make install DESTDIR="$RPM_BUILD_ROOT"

install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/sshd
install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/passwdssh
install %{SOURCE5} $RPM_BUILD_ROOT/etc/sysconfig/sshd
install %{SOURCE3} $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
install %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/ssh_config
install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sshd_config

mv -f 	$RPM_BUILD_ROOT%{_libexecdir}/ssh/gnome-ssh-askpass \
	$RPM_BUILD_ROOT%{_libexecdir}/ssh/ssh-askpass

gzip -9fn ChangeLog OVERVIEW COPYING.Ylonen README README.Ylonen UPGRADING \
	$RPM_BUILD_ROOT/%{_mandir}/man*/*

touch $RPM_BUILD_ROOT/etc/security/blacklist.sshd
	
%clean
rm -rf $RPM_BUILD_ROOT

%post server
/sbin/chkconfig --add sshd
if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
	/usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' 1>&2
fi
if [ -f /var/lock/subsys/sshd ]; then
	/etc/rc.d/init.d/sshd restart 1>&2
fi
if ! grep ssh /etc/security/passwd.conf >/dev/null 2>&1 ; then
	echo "ssh" >> /etc/security/passwd.conf
fi

%preun server
if [ "$1" = 0 ]; then
	if [ -f /var/lock/subsys/sshd ]; then
		/etc/rc.d/init.d/sshd stop 1>&2
	fi
	/sbin/chkconfig --del sshd
fi

%files
%defattr(644,root,root,755)
%doc {ChangeLog,OVERVIEW,COPYING.Ylonen,README,README.Ylonen,UPGRADING}.gz
%attr(755,root,root) %{_bindir}/ssh-keygen
%{_mandir}/man1/ssh-keygen.1*
%dir %{_sysconfdir}

%files clients
%defattr(644,root,root,755)
# suid root ?
#%attr(4755,root,root) %{_bindir}/ssh
%attr(0755,root,root) %{_bindir}/ssh
%attr(0755,root,root) %{_bindir}/ssh-agent
%attr(0755,root,root) %{_bindir}/ssh-add
#%attr(0755,root,root) %{_bindir}/slogin
%attr(755,root,root) %{_bindir}/scp
%{_mandir}/man1/scp.1*
%{_mandir}/man1/ssh.1*
%{_mandir}/man1/ssh-agent.1*
%{_mandir}/man1/ssh-add.1*
#%{_mandir}/man1/slogin.1
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/ssh_config

%files server
%defattr(644,root,root,755)
%attr(755,root,root) %{_sbindir}/sshd
%{_mandir}/man8/sshd.8*
%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/sshd_config
%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/pam.d/sshd
%attr(754,root,root) /etc/rc.d/init.d/sshd
%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/sysconfig/sshd
%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/security/blacklist.sshd

%files gnome-askpass
%defattr(644,root,root,755)
%dir %{_libexecdir}/ssh
%attr(755,root,root) %{_libexecdir}/ssh/ssh-askpass
Commit	Line	Data
	1	Summary: OpenSSH free Secure Shell (SSH) implementation
	2	Name: openssh
	3	Version: 1.2.2p1
	4	Release: 1
	5	License: BSD
	6	Group: Applications/Networking
	7	Group(pl): Aplikacje/Sieciowe
	8	Source0: http://violet.ibs.com.au/openssh/files/%{name}-%{version}.tar.gz
	9	Source1: opensshd.conf
	10	Source2: openssh.conf
	11	Source3: opensshd.init
	12	Source4: opensshd.pamd
	13	Source5: openssh.sysconfig
	14	Source6: passwd.pamd
	15	Patch0: openssh-PAM_NEW_AUTHTOK.patch
	16	Patch1: openssh-libwrap.patch
	17	Patch2: openssh-linux.patch
	18	BuildRequires: openssl-devel >= 0.9.4-2
	19	BuildRequires: zlib-devel
	20	BuildRequires: pam-devel
	21	BuildRequires: XFree86-devel
	22	BuildRequires: gnome-libs-devel
	23	BuildRoot: /tmp/%{name}-%{version}-root
	24	Obsoletes: ssh < %{version}, ssh > %{version}
	25
	26	%define _sysconfdir /etc/ssh
	27
	28	%description
	29	Ssh (Secure Shell) a program for logging into a remote machine and for
	30	executing commands in a remote machine. It is intended to replace rlogin and
	31	rsh, and provide secure encrypted communications between two untrusted hosts
	32	over an insecure network. X11 connections and arbitrary TCP/IP ports can
	33	also be forwarded over the secure channel.
	34
	35	OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up
	36	to date in terms of security and features, as well as removing all patented
	37	algorithms to seperate libraries (OpenSSL).
	38
	39	This package includes the core files necessary for both the OpenSSH
	40	client and server. To make this package useful, you should also
	41	install openssh-clients, openssh-server, or both.
	42
	43	%package clients
	44	Summary: OpenSSH Secure Shell protocol clients
	45	Requires: openssh
	46	Group: Applications/Networking
	47	Group(pl): Aplikacje/Sieciowe
	48	Obsoletes: ssh-clients < %{version}, ssh-clients > %{version}
	49	Requires: %{name} = %{version}
	50
	51	%description clients
	52	Ssh (Secure Shell) a program for logging into a remote machine and for
	53	executing commands in a remote machine. It is intended to replace rlogin and
	54	rsh, and provide secure encrypted communications between two untrusted hosts
	55	over an insecure network. X11 connections and arbitrary TCP/IP ports can
	56	also be forwarded over the secure channel.
	57
	58	OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up
	59	to date in terms of security and features, as well as removing all patented
	60	algorithms to seperate libraries (OpenSSL).
	61
	62	This package includes the clients necessary to make encrypted connections to
	63	SSH servers.
	64
	65	%package server
	66	Summary: OpenSSH Secure Shell protocol server (sshd)
	67	Requires: openssh chkconfig >= 0.9
	68	Group: Networking/Daemons
	69	Group(pl): Sieciowe/Serwery
	70	Obsoletes: ssh-server < %{version}, ssh-server > %{version}
	71	Requires: rc-scripts
	72	Requires: /bin/login
	73	Requires: util-linux
	74	Prereq: %{name} = %{version}
	75
	76	%description server
	77	Ssh (Secure Shell) a program for logging into a remote machine and for
	78	executing commands in a remote machine. It is intended to replace rlogin and
	79	rsh, and provide secure encrypted communications between two untrusted hosts
	80	over an insecure network. X11 connections and arbitrary TCP/IP ports can
	81	also be forwarded over the secure channel.
	82
	83	OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up
	84	to date in terms of security and features, as well as removing all patented
	85	algorithms to seperate libraries (OpenSSL).
	86
	87	This package contains the secure shell daemon. The sshd is the server part
	88	of the secure shell protocol and allows ssh clients to connect to your host.
	89
	90	%package gnome-askpass
	91	Summary: OpenSSH GNOME passphrase dialog
	92	Group: Applications/Networking
	93	Group(pl): Aplikacje/Sieciowe
	94	Requires: %{name} = %{version}
	95	Obsoletes: ssh-extras < %{version}, ssh-extras > %{version}
	96	Obsoletes: ssh-askpass < %{version}, ssh-askpass > %{version}
	97	Obsoletes: openssh-askpass < %{version}, openssh-askpass > %{version}
	98
	99	%description gnome-askpass
	100	Ssh (Secure Shell) a program for logging into a remote machine and for
	101	executing commands in a remote machine. It is intended to replace rlogin
	102	and rsh, and provide secure encrypted communications between two untrusted
	103	hosts over an insecure network. X11 connections and arbitrary TCP/IP ports
	104	can also be forwarded over the secure channel.
	105
	106	OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up
	107	to date in terms of security and features, as well as removing all patented
	108	algorithms to seperate libraries (OpenSSL).
	109
	110	This package contains the GNOME passphrase dialog.
	111
	112	%prep
	113	%setup -q
	114	%patch0 -p1
	115	%patch1 -p1
	116	%patch2 -p1
	117
	118	%build
	119	autoconf
	120	%configure \
	121	--with-gnome-askpass \
	122	--with-tcp-wrappers \
	123	--with-md5-passwords \
	124	--with-ipaddr-display \
	125	--enable-ipv6 \
	126	--enable-log-auth
	127
	128	# with ipv4-default sshd can't listen on IPv6 and IPv4 sockets
	129	# --with-ipv4-default \
	130	# broken options
	131	# --without-kerberos4 \
	132	# --without-afs \
	133	# --without-skey
	134
	135	echo '#define LOGIN_PROGRAM "/bin/login"' >>config.h
	136
	137	make
	138
	139	%install
	140	rm -rf $RPM_BUILD_ROOT
	141
	142	install -d $RPM_BUILD_ROOT{%{_sysconfdir},/etc/{pam.d,rc.d/init.d,sysconfig,security}}
	143
	144	make install DESTDIR="$RPM_BUILD_ROOT"
	145
	146	install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/sshd
	147	install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/passwdssh
	148	install %{SOURCE5} $RPM_BUILD_ROOT/etc/sysconfig/sshd
	149	install %{SOURCE3} $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
	150	install %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/ssh_config
	151	install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sshd_config
	152
	153	mv -f $RPM_BUILD_ROOT%{_libexecdir}/ssh/gnome-ssh-askpass \
	154	$RPM_BUILD_ROOT%{_libexecdir}/ssh/ssh-askpass
	155
	156	gzip -9fn ChangeLog OVERVIEW COPYING.Ylonen README README.Ylonen UPGRADING \
	157	$RPM_BUILD_ROOT/%{_mandir}/man/
	158
	159	touch $RPM_BUILD_ROOT/etc/security/blacklist.sshd
	160
	161	%clean
	162	rm -rf $RPM_BUILD_ROOT
	163
	164	%post server
	165	/sbin/chkconfig --add sshd
	166	if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
	167	/usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' 1>&2
	168	fi
	169	if [ -f /var/lock/subsys/sshd ]; then
	170	/etc/rc.d/init.d/sshd restart 1>&2
	171	fi
	172	if ! grep ssh /etc/security/passwd.conf >/dev/null 2>&1 ; then
	173	echo "ssh" >> /etc/security/passwd.conf
	174	fi
	175
	176	%preun server
	177	if [ "$1" = 0 ]; then
	178	if [ -f /var/lock/subsys/sshd ]; then
	179	/etc/rc.d/init.d/sshd stop 1>&2
	180	fi
	181	/sbin/chkconfig --del sshd
	182	fi
	183
	184	%files
	185	%defattr(644,root,root,755)
	186	%doc {ChangeLog,OVERVIEW,COPYING.Ylonen,README,README.Ylonen,UPGRADING}.gz
	187	%attr(755,root,root) %{_bindir}/ssh-keygen
	188	%{_mandir}/man1/ssh-keygen.1*
	189	%dir %{_sysconfdir}
	190
	191	%files clients
	192	%defattr(644,root,root,755)
	193	# suid root ?
	194	#%attr(4755,root,root) %{_bindir}/ssh
	195	%attr(0755,root,root) %{_bindir}/ssh
	196	%attr(0755,root,root) %{_bindir}/ssh-agent
	197	%attr(0755,root,root) %{_bindir}/ssh-add
	198	#%attr(0755,root,root) %{_bindir}/slogin
	199	%attr(755,root,root) %{_bindir}/scp
	200	%{_mandir}/man1/scp.1*
	201	%{_mandir}/man1/ssh.1*
	202	%{_mandir}/man1/ssh-agent.1*
	203	%{_mandir}/man1/ssh-add.1*
	204	#%{_mandir}/man1/slogin.1
	205	%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/ssh_config
	206
	207	%files server
	208	%defattr(644,root,root,755)
	209	%attr(755,root,root) %{_sbindir}/sshd
	210	%{_mandir}/man8/sshd.8*
	211	%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/sshd_config
	212	%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/pam.d/sshd
	213	%attr(754,root,root) /etc/rc.d/init.d/sshd
	214	%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/sysconfig/sshd
	215	%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/security/blacklist.sshd
	216
	217	%files gnome-askpass
	218	%defattr(644,root,root,755)
	219	%dir %{_libexecdir}/ssh
	220	%attr(755,root,root) %{_libexecdir}/ssh/ssh-askpass