summaryrefslogtreecommitdiff
path: root/staging/openssh
diff options
context:
space:
mode:
authorNicolas Reynolds <fauno@kiwwwi.com.ar>2011-07-20 11:41:05 -0300
committerNicolas Reynolds <fauno@kiwwwi.com.ar>2011-07-20 11:41:05 -0300
commit0d18015803bebeb58911bf791653597291056095 (patch)
treedf21e7972fd9d4555942dbad0bde22066ebf95f3 /staging/openssh
parent2f352ca8b911d96566b10adc049f76a552ab93aa (diff)
parent3da6b13f1eb136d0899bd2e8dd217048bb4d9030 (diff)
Merge branch 'master' of ssh://vparabola/home/parabola/abslibre-pre-mips64el
Conflicts: community/keysafe/PKGBUILD community/lesspipe/PKGBUILD community/xchat-systray-integration/PKGBUILD core/gen-init-cpio/PKGBUILD extra/xarchiver/PKGBUILD
Diffstat (limited to 'staging/openssh')
-rw-r--r--staging/openssh/PKGBUILD70
-rw-r--r--staging/openssh/authfile.c.patch198
-rwxr-xr-xstaging/openssh/sshd48
-rw-r--r--staging/openssh/sshd.confd4
-rw-r--r--staging/openssh/sshd.pam11
5 files changed, 0 insertions, 331 deletions
diff --git a/staging/openssh/PKGBUILD b/staging/openssh/PKGBUILD
deleted file mode 100644
index bf45e6396..000000000
--- a/staging/openssh/PKGBUILD
+++ /dev/null
@@ -1,70 +0,0 @@
-# $Id: PKGBUILD 131644 2011-07-13 07:48:58Z bisson $
-# Maintainer: Gaetan Bisson <bisson@archlinux.org>
-# Contributor: Aaron Griffin <aaron@archlinux.org>
-# Contributor: judd <jvinet@zeroflux.org>
-
-pkgname=openssh
-pkgver=5.8p2
-pkgrel=9
-pkgdesc='Free version of the SSH connectivity tools'
-arch=('i686' 'x86_64')
-license=('custom:BSD')
-url='http://www.openssh.org/portable.html'
-backup=('etc/ssh/ssh_config' 'etc/ssh/sshd_config' 'etc/pam.d/sshd' 'etc/conf.d/sshd')
-depends=('krb5' 'openssl' 'libedit')
-source=("ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname}-${pkgver}.tar.gz"
- 'authfile.c.patch'
- 'sshd.confd'
- 'sshd.pam'
- 'sshd')
-sha1sums=('64798328d310e4f06c9f01228107520adbc8b3e5'
- '3669cb5ca6149f69015df5ce8e60b82c540eb0a4'
- 'ec102deb69cad7d14f406289d2fc11fee6eddbdd'
- '07fecd5880b1c4fdd8c94ddb2e89ddce88effdc1'
- '6b7f8ebf0c1cc37137a7d9a53447ac8a0ee6a2b5')
-
-build() {
- cd "${srcdir}/${pkgname}-${pkgver}"
-
- patch -p1 -i ../authfile.c.patch # fix FS#24693 using http://anoncvs.mindrot.org/index.cgi/openssh/authfile.c?revision=1.95
-
- ./configure \
- --prefix=/usr \
- --libexecdir=/usr/lib/ssh \
- --sysconfdir=/etc/ssh \
- --with-privsep-user=nobody \
- --with-md5-passwords \
- --with-pam \
- --with-mantype=man \
- --mandir=/usr/share/man \
- --with-xauth=/usr/bin/xauth \
- --with-kerberos5=/usr \
- --with-ssl-engine \
- --with-libedit=/usr/lib \
- --disable-strip # stripping is done by makepkg
-
- make
-}
-
-package() {
- cd "${srcdir}/${pkgname}-${pkgver}"
- make DESTDIR="${pkgdir}" install
-
- install -Dm755 ../sshd "${pkgdir}"/etc/rc.d/sshd
- install -Dm644 ../sshd.pam "${pkgdir}"/etc/pam.d/sshd
- install -Dm644 ../sshd.confd "${pkgdir}"/etc/conf.d/sshd
- install -Dm644 LICENCE "${pkgdir}/usr/share/licenses/${pkgname}/LICENCE"
-
- rm "${pkgdir}"/usr/share/man/man1/slogin.1
- ln -sf ssh.1.gz "${pkgdir}"/usr/share/man/man1/slogin.1.gz
-
- # additional contrib scripts that we like
- install -Dm755 contrib/findssl.sh "${pkgdir}"/usr/bin/findssl.sh
- install -Dm755 contrib/ssh-copy-id "${pkgdir}"/usr/bin/ssh-copy-id
- install -Dm644 contrib/ssh-copy-id.1 "${pkgdir}"/usr/share/man/man1/ssh-copy-id.1
-
- # PAM is a common, standard feature to have
- sed -i -e '/^#ChallengeResponseAuthentication yes$/c ChallengeResponseAuthentication no' \
- -e '/^#UsePAM no$/c UsePAM yes' \
- "${pkgdir}"/etc/ssh/sshd_config
-}
diff --git a/staging/openssh/authfile.c.patch b/staging/openssh/authfile.c.patch
deleted file mode 100644
index 6c18fe807..000000000
--- a/staging/openssh/authfile.c.patch
+++ /dev/null
@@ -1,198 +0,0 @@
-diff -aur old/authfile.c new/authfile.c
---- old/authfile.c 2011-06-12 02:21:52.262338254 +0200
-+++ new/authfile.c 2011-06-12 02:13:43.051467269 +0200
-@@ -1,4 +1,4 @@
--/* $OpenBSD: authfile.c,v 1.87 2010/11/29 18:57:04 markus Exp $ */
-+/* $OpenBSD: authfile.c,v 1.95 2011/05/29 11:42:08 djm Exp $ */
- /*
- * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
-@@ -69,6 +69,8 @@
- #include "misc.h"
- #include "atomicio.h"
-
-+#define MAX_KEY_FILE_SIZE (1024 * 1024)
-+
- /* Version identification string for SSH v1 identity files. */
- static const char authfile_id_string[] =
- "SSH PRIVATE KEY FILE FORMAT 1.1\n";
-@@ -312,12 +314,12 @@
- return pub;
- }
-
--/* Load the contents of a key file into a buffer */
--static int
-+/* Load a key from a fd into a buffer */
-+int
- key_load_file(int fd, const char *filename, Buffer *blob)
- {
-+ u_char buf[1024];
- size_t len;
-- u_char *cp;
- struct stat st;
-
- if (fstat(fd, &st) < 0) {
-@@ -325,30 +327,45 @@
- filename == NULL ? "" : filename,
- filename == NULL ? "" : " ",
- strerror(errno));
-- close(fd);
- return 0;
- }
-- if (st.st_size > 1*1024*1024) {
-+ if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 &&
-+ st.st_size > MAX_KEY_FILE_SIZE) {
-+ toobig:
- error("%s: key file %.200s%stoo large", __func__,
- filename == NULL ? "" : filename,
- filename == NULL ? "" : " ");
-- close(fd);
- return 0;
- }
-- len = (size_t)st.st_size; /* truncated */
--
- buffer_init(blob);
-- cp = buffer_append_space(blob, len);
--
-- if (atomicio(read, fd, cp, len) != len) {
-- debug("%s: read from key file %.200s%sfailed: %.100s", __func__,
-- filename == NULL ? "" : filename,
-- filename == NULL ? "" : " ",
-- strerror(errno));
-+ for (;;) {
-+ if ((len = atomicio(read, fd, buf, sizeof(buf))) == 0) {
-+ if (errno == EPIPE)
-+ break;
-+ debug("%s: read from key file %.200s%sfailed: %.100s",
-+ __func__, filename == NULL ? "" : filename,
-+ filename == NULL ? "" : " ", strerror(errno));
-+ buffer_clear(blob);
-+ bzero(buf, sizeof(buf));
-+ return 0;
-+ }
-+ buffer_append(blob, buf, len);
-+ if (buffer_len(blob) > MAX_KEY_FILE_SIZE) {
-+ buffer_clear(blob);
-+ bzero(buf, sizeof(buf));
-+ goto toobig;
-+ }
-+ }
-+ bzero(buf, sizeof(buf));
-+ if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 &&
-+ st.st_size != buffer_len(blob)) {
-+ debug("%s: key file %.200s%schanged size while reading",
-+ __func__, filename == NULL ? "" : filename,
-+ filename == NULL ? "" : " ");
- buffer_clear(blob);
-- close(fd);
- return 0;
- }
-+
- return 1;
- }
-
-@@ -606,7 +623,7 @@
- error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
- error("Permissions 0%3.3o for '%s' are too open.",
- (u_int)st.st_mode & 0777, filename);
-- error("It is recommended that your private key files are NOT accessible by others.");
-+ error("It is required that your private key files are NOT accessible by others.");
- error("This private key will be ignored.");
- return 0;
- }
-@@ -626,6 +643,7 @@
- case KEY_UNSPEC:
- return key_parse_private_pem(blob, type, passphrase, commentp);
- default:
-+ error("%s: cannot parse key type %d", __func__, type);
- break;
- }
- return NULL;
-@@ -670,11 +688,38 @@
- }
-
- Key *
-+key_parse_private(Buffer *buffer, const char *filename,
-+ const char *passphrase, char **commentp)
-+{
-+ Key *pub, *prv;
-+ Buffer pubcopy;
-+
-+ buffer_init(&pubcopy);
-+ buffer_append(&pubcopy, buffer_ptr(buffer), buffer_len(buffer));
-+ /* it's a SSH v1 key if the public key part is readable */
-+ pub = key_parse_public_rsa1(&pubcopy, commentp);
-+ buffer_free(&pubcopy);
-+ if (pub == NULL) {
-+ prv = key_parse_private_type(buffer, KEY_UNSPEC,
-+ passphrase, NULL);
-+ /* use the filename as a comment for PEM */
-+ if (commentp && prv)
-+ *commentp = xstrdup(filename);
-+ } else {
-+ key_free(pub);
-+ /* key_parse_public_rsa1() has already loaded the comment */
-+ prv = key_parse_private_type(buffer, KEY_RSA1, passphrase,
-+ NULL);
-+ }
-+ return prv;
-+}
-+
-+Key *
- key_load_private(const char *filename, const char *passphrase,
- char **commentp)
- {
-- Key *pub, *prv;
-- Buffer buffer, pubcopy;
-+ Key *prv;
-+ Buffer buffer;
- int fd;
-
- fd = open(filename, O_RDONLY);
-@@ -697,23 +742,7 @@
- }
- close(fd);
-
-- buffer_init(&pubcopy);
-- buffer_append(&pubcopy, buffer_ptr(&buffer), buffer_len(&buffer));
-- /* it's a SSH v1 key if the public key part is readable */
-- pub = key_parse_public_rsa1(&pubcopy, commentp);
-- buffer_free(&pubcopy);
-- if (pub == NULL) {
-- prv = key_parse_private_type(&buffer, KEY_UNSPEC,
-- passphrase, NULL);
-- /* use the filename as a comment for PEM */
-- if (commentp && prv)
-- *commentp = xstrdup(filename);
-- } else {
-- key_free(pub);
-- /* key_parse_public_rsa1() has already loaded the comment */
-- prv = key_parse_private_type(&buffer, KEY_RSA1, passphrase,
-- NULL);
-- }
-+ prv = key_parse_private(&buffer, filename, passphrase, commentp);
- buffer_free(&buffer);
- return prv;
- }
-@@ -737,13 +766,19 @@
- case '\0':
- continue;
- }
-+ /* Abort loading if this looks like a private key */
-+ if (strncmp(cp, "-----BEGIN", 10) == 0)
-+ break;
- /* Skip leading whitespace. */
- for (; *cp && (*cp == ' ' || *cp == '\t'); cp++)
- ;
- if (*cp) {
- if (key_read(k, &cp) == 1) {
-- if (commentp)
-- *commentp=xstrdup(filename);
-+ cp[strcspn(cp, "\r\n")] = '\0';
-+ if (commentp) {
-+ *commentp = xstrdup(*cp ?
-+ cp : filename);
-+ }
- fclose(f);
- return 1;
- }
diff --git a/staging/openssh/sshd b/staging/openssh/sshd
deleted file mode 100755
index 2ee1091f0..000000000
--- a/staging/openssh/sshd
+++ /dev/null
@@ -1,48 +0,0 @@
-#!/bin/bash
-
-. /etc/rc.conf
-. /etc/rc.d/functions
-. /etc/conf.d/sshd
-
-PIDFILE=/var/run/sshd.pid
-PID=$(cat $PIDFILE 2>/dev/null)
-if ! readlink -q /proc/$PID/exe | grep -q '^/usr/sbin/sshd'; then
- PID=
- rm $PIDFILE 2>/dev/null
-fi
-
-case "$1" in
- start)
- stat_busy "Starting Secure Shell Daemon"
- [ -f /etc/ssh/ssh_host_key ] || { /usr/bin/ssh-keygen -t rsa1 -N "" -f /etc/ssh/ssh_host_key >/dev/null; }
- [ -f /etc/ssh/ssh_host_rsa_key ] || { /usr/bin/ssh-keygen -t rsa -N "" -f /etc/ssh/ssh_host_rsa_key >/dev/null; }
- [ -f /etc/ssh/ssh_host_dsa_key ] || { /usr/bin/ssh-keygen -t dsa -N "" -f /etc/ssh/ssh_host_dsa_key >/dev/null; }
- [ -f /etc/ssh/ssh_host_ecdsa_key ] || { /usr/bin/ssh-keygen -t ecdsa -N "" -f /etc/ssh/ssh_host_ecdsa_key >/dev/null; }
- [ -d /var/empty ] || mkdir -p /var/empty
- [ -z "$PID" ] && /usr/sbin/sshd $SSHD_ARGS
- if [ $? -gt 0 ]; then
- stat_fail
- else
- add_daemon sshd
- stat_done
- fi
- ;;
- stop)
- stat_busy "Stopping Secure Shell Daemon"
- [ ! -z "$PID" ] && kill $PID &> /dev/null
- if [ $? -gt 0 ]; then
- stat_fail
- else
- rm_daemon sshd
- stat_done
- fi
- ;;
- restart)
- $0 stop
- sleep 1
- $0 start
- ;;
- *)
- echo "usage: $0 {start|stop|restart}"
-esac
-exit 0
diff --git a/staging/openssh/sshd.confd b/staging/openssh/sshd.confd
deleted file mode 100644
index 5ce7c0079..000000000
--- a/staging/openssh/sshd.confd
+++ /dev/null
@@ -1,4 +0,0 @@
-#
-# Parameters to be passed to sshd
-#
-SSHD_ARGS=""
diff --git a/staging/openssh/sshd.pam b/staging/openssh/sshd.pam
deleted file mode 100644
index ff8829fe9..000000000
--- a/staging/openssh/sshd.pam
+++ /dev/null
@@ -1,11 +0,0 @@
-#%PAM-1.0
-#auth required pam_securetty.so #Disable remote root
-auth required pam_unix.so
-auth required pam_env.so
-account required pam_nologin.so
-account required pam_unix.so
-account required pam_time.so
-password required pam_unix.so
-session required pam_unix_session.so
-session required pam_limits.so
--session optional pam_ck_connector.so nox11