[packages/openssh.git] / openssh.spec

Summary:	OpenSSH free Secure Shell (SSH) implementation
Name:		openssh
Version:	2.1.0
Release:	1
License:	BSD
Group:		Applications/Networking
Group(pl):	Aplikacje/Sieciowe
Source0:	ftp://ftp.ca.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{name}-%{version}.tar.gz
Source1:	opensshd.conf
Source2:	openssh.conf
Source3:	opensshd.init
Source4:	opensshd.pamd
Source5:	openssh.sysconfig
Source6:	passwd.pamd
Patch0:		openssh-PAM_NEW_AUTHTOK.patch
Patch1:		openssh-libwrap.patch
BuildRequires:	openssl-devel >= 0.9.4-2
BuildRequires:	rpm >= 3.0.4
BuildRequires:	zlib-devel
BuildRequires:	pam-devel
BuildRequires:	XFree86-devel
BuildRequires:	gnome-libs-devel
BuildRequires:	gtk+-devel
BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
Prereq:		openssl >= 0.9.4-2
Obsoletes:	ssh < %{version}, ssh > %{version}

%define		_sysconfdir	/etc/ssh

%description
Ssh (Secure Shell) a program for logging into a remote machine and for
executing commands in a remote machine. It is intended to replace rlogin
and rsh, and provide secure encrypted communications between two untrusted
hosts over an insecure network. X11 connections and arbitrary TCP/IP ports
can also be forwarded over the secure channel.

OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up
to date in terms of security and features, as well as removing all patented
algorithms to seperate libraries (OpenSSL).

This package includes the core files necessary for both the OpenSSH client
and server. To make this package useful, you should also install
openssh-clients, openssh-server, or both.

%package clients
Summary:	OpenSSH Secure Shell protocol clients
Requires:	openssh
Group:		Applications/Networking
Group(pl):	Aplikacje/Sieciowe
Obsoletes:	ssh-clients < %{version}, ssh-clients > %{version}
Requires:	%{name} = %{version}

%description clients
Ssh (Secure Shell) a program for logging into a remote machine and for
executing commands in a remote machine. It is intended to replace rlogin
and rsh, and provide secure encrypted communications between two untrusted
hosts over an insecure network. X11 connections and arbitrary TCP/IP ports
can also be forwarded over the secure channel.

OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up
to date in terms of security and features, as well as removing all patented
algorithms to seperate libraries (OpenSSL).

This package includes the clients necessary to make encrypted connections
to SSH servers.

%package server
Summary:	OpenSSH Secure Shell protocol server (sshd)
Requires:	openssh chkconfig >= 0.9
Group:		Networking/Daemons
Group(pl):	Sieciowe/Serwery
Obsoletes:	ssh-server < %{version}, ssh-server > %{version}
Requires:	rc-scripts
Requires:	/bin/login
Requires:	util-linux
Prereq:		%{name} = %{version}

%description server
Ssh (Secure Shell) a program for logging into a remote machine and for
executing commands in a remote machine. It is intended to replace rlogin
and rsh, and provide secure encrypted communications between two untrusted
hosts over an insecure network. X11 connections and arbitrary TCP/IP ports
can also be forwarded over the secure channel.

OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up
to date in terms of security and features, as well as removing all patented
algorithms to seperate libraries (OpenSSL).

This package contains the secure shell daemon. The sshd is the server part
of the secure shell protocol and allows ssh clients to connect to your
host.

%package gnome-askpass
Summary:	OpenSSH GNOME passphrase dialog
Group:		Applications/Networking
Group(pl):	Aplikacje/Sieciowe
Requires:	%{name} = %{version}
Obsoletes:	ssh-extras < %{version}, ssh-extras > %{version}
Obsoletes:	ssh-askpass < %{version}, ssh-askpass > %{version}
Obsoletes:	openssh-askpass < %{version}, openssh-askpass > %{version}

%description gnome-askpass
Ssh (Secure Shell) a program for logging into a remote machine and for
executing commands in a remote machine. It is intended to replace rlogin
and rsh, and provide secure encrypted communications between two untrusted
hosts over an insecure network. X11 connections and arbitrary TCP/IP ports
can also be forwarded over the secure channel.

OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up
to date in terms of security and features, as well as removing all patented
algorithms to seperate libraries (OpenSSL).

This package contains the GNOME passphrase dialog.

%prep
%setup  -q
%patch0 -p1
%patch1 -p1

%build
autoconf
%configure \
	--with-gnome-askpass \
	--with-tcp-wrappers \
	--with-md5-passwords \
	--with-ipaddr-display \
	--enable-ipv6 \
	--enable-log-auth 

# with ipv4-default sshd can't listen on IPv6 and IPv4 sockets
#	--with-ipv4-default \
# broken options
#	--without-kerberos4 \
#	--without-afs \
#	--without-skey 

echo '#define LOGIN_PROGRAM           "/bin/login"' >>config.h

make
cd contrib && gcc `gnome-config --cflags gnome gnomeui` \
	gnome-ssh-askpass.c -o gnome-ssh-askpass \
	`gnome-config --libs gnome gnomeui`

%install
rm -rf $RPM_BUILD_ROOT

install -d $RPM_BUILD_ROOT{%{_sysconfdir},/etc/{pam.d,rc.d/init.d,sysconfig,security}}

make install DESTDIR="$RPM_BUILD_ROOT"

install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/sshd
install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/passwdssh
install %{SOURCE5} $RPM_BUILD_ROOT/etc/sysconfig/sshd
install %{SOURCE3} $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
install %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/ssh_config
install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sshd_config
install -d $RPM_BUILD_ROOT%{_libexecdir}/ssh
install contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/ssh/ssh-askpass

gzip -9nf ChangeLog OVERVIEW COPYING.Ylonen README README.Ylonen UPGRADING \
	$RPM_BUILD_ROOT/%{_mandir}/man*/*

touch $RPM_BUILD_ROOT/etc/security/blacklist.sshd
	
%clean
rm -rf $RPM_BUILD_ROOT

%post server
/sbin/chkconfig --add sshd
if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
	/usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' 1>&2
fi
if [ -f /var/lock/subsys/sshd ]; then
	/etc/rc.d/init.d/sshd restart 1>&2
else
	echo "Run \"/etc/rc.d/init.d/sshd start\" to start openssh daemon."
fi
if ! grep ssh /etc/security/passwd.conf >/dev/null 2>&1 ; then
	echo "ssh" >> /etc/security/passwd.conf
fi

%preun server
if [ "$1" = 0 ]; then
	if [ -f /var/lock/subsys/sshd ]; then
		/etc/rc.d/init.d/sshd stop 1>&2
	fi
	/sbin/chkconfig --del sshd
fi

%files
%defattr(644,root,root,755)
%doc {ChangeLog,OVERVIEW,COPYING.Ylonen,README,README.Ylonen,UPGRADING}.gz
%attr(755,root,root) %{_bindir}/ssh-keygen
%{_mandir}/man1/ssh-keygen.1*
%dir %{_sysconfdir}

%files clients
%defattr(644,root,root,755)
# suid root ?
#%attr(4755,root,root) %{_bindir}/ssh
%attr(0755,root,root) %{_bindir}/ssh
%attr(0755,root,root) %{_bindir}/ssh-agent
%attr(0755,root,root) %{_bindir}/ssh-add
#%attr(0755,root,root) %{_bindir}/slogin
%attr(755,root,root) %{_bindir}/scp
%{_mandir}/man1/scp.1*
%{_mandir}/man1/ssh.1*
%{_mandir}/man1/ssh-agent.1*
%{_mandir}/man1/ssh-add.1*
#%{_mandir}/man1/slogin.1
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/ssh_config

%files server
%defattr(644,root,root,755)
%attr(755,root,root) %{_sbindir}/sshd
%{_mandir}/man8/sshd.8*
%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/sshd_config
%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/pam.d/sshd
%attr(754,root,root) /etc/rc.d/init.d/sshd
%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/sysconfig/sshd
%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/security/blacklist.sshd

%files gnome-askpass
%defattr(644,root,root,755)
%dir %{_libexecdir}/ssh
%attr(755,root,root) %{_libexecdir}/ssh/ssh-askpass
Commit	Line	Data
52000378 AF	1	Summary: OpenSSH free Secure Shell (SSH) implementation
52000378 AF	2	Name: openssh
cd27668b	3	Version: 2.1.0
cd27668b	4	Release: 1
5d1c7089	5	License: BSD
	6	Group: Applications/Networking
	7	Group(pl): Aplikacje/Sieciowe
cd27668b	8	Source0: ftp://ftp.ca.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{name}-%{version}.tar.gz
52000378 AF	9	Source1: opensshd.conf
	10	Source2: openssh.conf
	11	Source3: opensshd.init
	12	Source4: opensshd.pamd
	13	Source5: openssh.sysconfig
ec00afd0	14	Source6: passwd.pamd
4946f6e5 JR	15	Patch0: openssh-PAM_NEW_AUTHTOK.patch
4946f6e5 JR	16	Patch1: openssh-libwrap.patch
4bb0eece	17	BuildRequires: openssl-devel >= 0.9.4-2
8d5c96ce	18	BuildRequires: rpm >= 3.0.4
52000378 AF	19	BuildRequires: zlib-devel
	20	BuildRequires: pam-devel
	21	BuildRequires: XFree86-devel
	22	BuildRequires: gnome-libs-devel
8d5c96ce	23	BuildRequires: gtk+-devel
88c1aa50	24	BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
85a2fa1d	25	Prereq: openssl >= 0.9.4-2
a8f907dc	26	Obsoletes: ssh < %{version}, ssh > %{version}
52000378	27
b7b47957	28	%define _sysconfdir /etc/ssh
6fe24471 AF	29
	30	%description
	31	Ssh (Secure Shell) a program for logging into a remote machine and for
8d5c96ce	32	executing commands in a remote machine. It is intended to replace rlogin
	33	and rsh, and provide secure encrypted communications between two untrusted
	34	hosts over an insecure network. X11 connections and arbitrary TCP/IP ports
	35	can also be forwarded over the secure channel.
6fe24471	36
b5529f6f	37	OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up
	38	to date in terms of security and features, as well as removing all patented
	39	algorithms to seperate libraries (OpenSSL).
6fe24471	40
8d5c96ce	41	This package includes the core files necessary for both the OpenSSH client
	42	and server. To make this package useful, you should also install
	43	openssh-clients, openssh-server, or both.
6fe24471	44
52000378 AF	45	%package clients
	46	Summary: OpenSSH Secure Shell protocol clients
	47	Requires: openssh
	48	Group: Applications/Networking
	49	Group(pl): Aplikacje/Sieciowe
a8f907dc	50	Obsoletes: ssh-clients < %{version}, ssh-clients > %{version}
52000378	51	Requires: %{name} = %{version}
6fe24471	52
52000378 AF	53	%description clients
52000378 AF	54	Ssh (Secure Shell) a program for logging into a remote machine and for
8d5c96ce	55	executing commands in a remote machine. It is intended to replace rlogin
	56	and rsh, and provide secure encrypted communications between two untrusted
	57	hosts over an insecure network. X11 connections and arbitrary TCP/IP ports
	58	can also be forwarded over the secure channel.
6fe24471	59
b5529f6f	60	OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up
	61	to date in terms of security and features, as well as removing all patented
	62	algorithms to seperate libraries (OpenSSL).
52000378	63
8d5c96ce	64	This package includes the clients necessary to make encrypted connections
8d5c96ce	65	to SSH servers.
52000378 AF	66
	67	%package server
	68	Summary: OpenSSH Secure Shell protocol server (sshd)
	69	Requires: openssh chkconfig >= 0.9
	70	Group: Networking/Daemons
	71	Group(pl): Sieciowe/Serwery
a8f907dc	72	Obsoletes: ssh-server < %{version}, ssh-server > %{version}
52000378	73	Requires: rc-scripts
b5529f6f	74	Requires: /bin/login
b5529f6f	75	Requires: util-linux
52000378 AF	76	Prereq: %{name} = %{version}
	77
	78	%description server
	79	Ssh (Secure Shell) a program for logging into a remote machine and for
8d5c96ce	80	executing commands in a remote machine. It is intended to replace rlogin
	81	and rsh, and provide secure encrypted communications between two untrusted
	82	hosts over an insecure network. X11 connections and arbitrary TCP/IP ports
	83	can also be forwarded over the secure channel.
52000378	84
b5529f6f	85	OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up
	86	to date in terms of security and features, as well as removing all patented
	87	algorithms to seperate libraries (OpenSSL).
52000378	88
b5529f6f	89	This package contains the secure shell daemon. The sshd is the server part
8d5c96ce	90	of the secure shell protocol and allows ssh clients to connect to your
8d5c96ce	91	host.
6fe24471	92
6e70f4f7	93	%package gnome-askpass
52000378 AF	94	Summary: OpenSSH GNOME passphrase dialog
	95	Group: Applications/Networking
	96	Group(pl): Aplikacje/Sieciowe
	97	Requires: %{name} = %{version}
a8f907dc	98	Obsoletes: ssh-extras < %{version}, ssh-extras > %{version}
	99	Obsoletes: ssh-askpass < %{version}, ssh-askpass > %{version}
	100	Obsoletes: openssh-askpass < %{version}, openssh-askpass > %{version}
52000378	101
6e70f4f7	102	%description gnome-askpass
52000378	103	Ssh (Secure Shell) a program for logging into a remote machine and for
b5529f6f	104	executing commands in a remote machine. It is intended to replace rlogin
	105	and rsh, and provide secure encrypted communications between two untrusted
	106	hosts over an insecure network. X11 connections and arbitrary TCP/IP ports
	107	can also be forwarded over the secure channel.
52000378	108
b5529f6f	109	OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up
	110	to date in terms of security and features, as well as removing all patented
	111	algorithms to seperate libraries (OpenSSL).
52000378 AF	112
	113	This package contains the GNOME passphrase dialog.
	114
52000378 AF	115	%prep
52000378 AF	116	%setup -q
4946f6e5	117	%patch0 -p1
82f989ae	118	%patch1 -p1
52000378 AF	119
	120	%build
	121	autoconf
	122	%configure \
f9bf943b AF	123	--with-gnome-askpass \
	124	--with-tcp-wrappers \
	125	--with-md5-passwords \
4946f6e5	126	--with-ipaddr-display \
82f989ae	127	--enable-ipv6 \
f9bf943b	128	--enable-log-auth
82f989ae AF	129
	130	# with ipv4-default sshd can't listen on IPv6 and IPv4 sockets
	131	# --with-ipv4-default \
	132	# broken options
f9bf943b AF	133	# --without-kerberos4 \
	134	# --without-afs \
	135	# --without-skey
	136
	137	echo '#define LOGIN_PROGRAM "/bin/login"' >>config.h
	138
52000378	139	make
a15b61d8	140	cd contrib && gcc `gnome-config --cflags gnome gnomeui` \
8d5c96ce	141	gnome-ssh-askpass.c -o gnome-ssh-askpass \
8d5c96ce	142	`gnome-config --libs gnome gnomeui`
6fe24471 AF	143
	144	%install
	145	rm -rf $RPM_BUILD_ROOT
6fe24471	146
ffbc041f	147	install -d $RPM_BUILD_ROOT{%{_sysconfdir},/etc/{pam.d,rc.d/init.d,sysconfig,security}}
52000378	148
b5529f6f	149	make install DESTDIR="$RPM_BUILD_ROOT"
52000378 AF	150
52000378 AF	151	install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/sshd
ec00afd0	152	install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/passwdssh
52000378	153	install %{SOURCE5} $RPM_BUILD_ROOT/etc/sysconfig/sshd
b7b47957	154	install %{SOURCE3} $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
52000378 AF	155	install %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/ssh_config
52000378 AF	156	install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sshd_config
9dd848a7	157	install -d $RPM_BUILD_ROOT%{_libexecdir}/ssh
8d5c96ce	158	install contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/ssh/ssh-askpass
6e70f4f7	159
8d5c96ce	160	gzip -9nf ChangeLog OVERVIEW COPYING.Ylonen README README.Ylonen UPGRADING \
52000378	161	$RPM_BUILD_ROOT/%{_mandir}/man/
ffbc041f	162
ffbc041f	163	touch $RPM_BUILD_ROOT/etc/security/blacklist.sshd
52000378	164
6fe24471 AF	165	%clean
	166	rm -rf $RPM_BUILD_ROOT
	167
52000378 AF	168	%post server
	169	/sbin/chkconfig --add sshd
	170	if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
8b6ffaee	171	/usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' 1>&2
6fe24471	172	fi
8b6ffaee AF	173	if [ -f /var/lock/subsys/sshd ]; then
8b6ffaee AF	174	/etc/rc.d/init.d/sshd restart 1>&2
1e990a01	175	else
1e990a01	176	echo "Run \"/etc/rc.d/init.d/sshd start\" to start openssh daemon."
6fe24471	177	fi
ec00afd0 JR	178	if ! grep ssh /etc/security/passwd.conf >/dev/null 2>&1 ; then
	179	echo "ssh" >> /etc/security/passwd.conf
	180	fi
6fe24471	181
52000378	182	%preun server
b5529f6f	183	if [ "$1" = 0 ]; then
8b6ffaee AF	184	if [ -f /var/lock/subsys/sshd ]; then
8b6ffaee AF	185	/etc/rc.d/init.d/sshd stop 1>&2
b5529f6f	186	fi
52000378	187	/sbin/chkconfig --del sshd
6fe24471 AF	188	fi
	189
	190	%files
52000378 AF	191	%defattr(644,root,root,755)
	192	%doc {ChangeLog,OVERVIEW,COPYING.Ylonen,README,README.Ylonen,UPGRADING}.gz
	193	%attr(755,root,root) %{_bindir}/ssh-keygen
	194	%{_mandir}/man1/ssh-keygen.1*
	195	%dir %{_sysconfdir}
	196
	197	%files clients
	198	%defattr(644,root,root,755)
	199	# suid root ?
	200	#%attr(4755,root,root) %{_bindir}/ssh
	201	%attr(0755,root,root) %{_bindir}/ssh
	202	%attr(0755,root,root) %{_bindir}/ssh-agent
	203	%attr(0755,root,root) %{_bindir}/ssh-add
	204	#%attr(0755,root,root) %{_bindir}/slogin
	205	%attr(755,root,root) %{_bindir}/scp
	206	%{_mandir}/man1/scp.1*
	207	%{_mandir}/man1/ssh.1*
	208	%{_mandir}/man1/ssh-agent.1*
	209	%{_mandir}/man1/ssh-add.1*
	210	#%{_mandir}/man1/slogin.1
	211	%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/ssh_config
	212
	213	%files server
	214	%defattr(644,root,root,755)
	215	%attr(755,root,root) %{_sbindir}/sshd
	216	%{_mandir}/man8/sshd.8*
	217	%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/sshd_config
	218	%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/pam.d/sshd
	219	%attr(754,root,root) /etc/rc.d/init.d/sshd
	220	%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/sysconfig/sshd
ffbc041f	221	%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/security/blacklist.sshd
52000378	222
6e70f4f7	223	%files gnome-askpass
52000378 AF	224	%defattr(644,root,root,755)
	225	%dir %{_libexecdir}/ssh
	226	%attr(755,root,root) %{_libexecdir}/ssh/ssh-askpass