+# TODO:
+# - add trigger to enable this:
+# * sshd(8): This release turns on pre-auth sandboxing sshd by default for
+# new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config.
#
# Conditional build:
%bcond_without audit # sshd audit support
Summary(ru.UTF-8): OpenSSH - свободная реализация протокола Secure Shell (SSH)
Summary(uk.UTF-8): OpenSSH - вільна реалізація протоколу Secure Shell (SSH)
Name: openssh
-Version: 6.0p1
+Version: 6.1p1
Release: 1
Epoch: 2
License: BSD
Group: Applications/Networking
Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{name}-%{version}.tar.gz
-# Source0-md5: 3c9347aa67862881c5da3f3b1c08da7b
+# Source0-md5: 3345cbf4efe90ffb06a78670ab2d05d5
Source1: http://www.mif.pg.gda.pl/homepages/ankry/man-PLD/%{name}-non-english-man-pages.tar.bz2
# Source1-md5: 66943d481cc422512b537bcc2c7400d1
Source2: %{name}d.init
Source8: %{name}d.upstart
Source9: sshd.service
Source10: sshd-keygen
+Source11: sshd.socket
+Source12: sshd@.service
Patch100: %{name}-heimdal.patch
Patch0: %{name}-no_libnsl.patch
Patch2: %{name}-pam_misc.patch
Patch14: %{name}-bind.patch
URL: http://www.openssh.com/portable.html
BuildRequires: %{__perl}
+%{?with_tests:BuildRequires: %{name}-server}
%{?with_audit:BuildRequires: audit-libs-devel}
BuildRequires: autoconf >= 2.50
BuildRequires: automake
%{__sed} -e 's|@@LIBEXECDIR@@|%{_libexecdir}|g' %{SOURCE9} >$RPM_BUILD_ROOT%{systemdunitdir}/sshd.service
cp -p %{SOURCE10} $RPM_BUILD_ROOT%{_libexecdir}/sshd-keygen
+cp -p %{SOURCE11} $RPM_BUILD_ROOT%{systemdunitdir}
+cp -p %{SOURCE12} $RPM_BUILD_ROOT%{systemdunitdir}
+
%if %{with gnome}
install -p contrib/gnome-ssh-askpass1 $RPM_BUILD_ROOT%{_libexecdir}/ssh/ssh-askpass
%endif
%{__sed} -i -e '
# disable old configs
# just UseLPK/LkpLdapConf supported for now
- s/^UseLPK/## Obsolete &/
- s/^Lpk/## Obsolete &/
+ s/^\s*UseLPK/## Obsolete &/
+ s/^\s*Lpk/## Obsolete &/
# Enable new ones, assumes /etc/ldap.conf defaults, see HOWTO.ldap-keys
/UseLPK/iAuthorizedKeysCommand %{_libexecdir}/ssh-ldap-wrapper
' %{_sysconfdir}/sshd_config
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/sshd
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/security/blacklist.sshd
%{systemdunitdir}/sshd.service
+%{systemdunitdir}/sshd.socket
+%{systemdunitdir}/sshd@.service
%if %{with ldap}
%files server-ldap