Wed Jul 20 14:43:57 UTC 2011

author: Parabola <dev@list.parabolagnulinux.org> 2011-07-20 14:44:01 +0000
committer: Parabola <dev@list.parabolagnulinux.org> 2011-07-20 14:44:01 +0000
commit: 3da6b13f1eb136d0899bd2e8dd217048bb4d9030 (patch)
tree: 78f3c7f0776ff0be3c22bb7744a82c47d9f62cfc /staging/openssh
parent: 94e3eb45cd3402cbc5efd70ae725e8d48ed696af (diff)
5 files changed, 0 insertions, 331 deletions
diff --git a/staging/openssh/PKGBUILD b/staging/openssh/PKGBUILD
deleted file mode 100644
index bf45e6396..000000000
--- a/staging/openssh/PKGBUILD
+++ /dev/null
@@ -1,70 +0,0 @@
-# $Id: PKGBUILD 131644 2011-07-13 07:48:58Z bisson $
-# Maintainer: Gaetan Bisson <bisson@archlinux.org>
-# Contributor: Aaron Griffin <aaron@archlinux.org>
-# Contributor: judd <jvinet@zeroflux.org>
-
-pkgname=openssh
-pkgver=5.8p2
-pkgrel=9
-pkgdesc='Free version of the SSH connectivity tools'
-arch=('i686' 'x86_64')
-license=('custom:BSD')
-url='http://www.openssh.org/portable.html'
-backup=('etc/ssh/ssh_config' 'etc/ssh/sshd_config' 'etc/pam.d/sshd' 'etc/conf.d/sshd')
-depends=('krb5' 'openssl' 'libedit')
-source=("ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname}-${pkgver}.tar.gz"
-        'authfile.c.patch'
-        'sshd.confd'
-        'sshd.pam'
-        'sshd')
-sha1sums=('64798328d310e4f06c9f01228107520adbc8b3e5'
-          '3669cb5ca6149f69015df5ce8e60b82c540eb0a4'
-          'ec102deb69cad7d14f406289d2fc11fee6eddbdd'
-          '07fecd5880b1c4fdd8c94ddb2e89ddce88effdc1'
-          '6b7f8ebf0c1cc37137a7d9a53447ac8a0ee6a2b5')
-
-build() {
-	cd "${srcdir}/${pkgname}-${pkgver}"
-
-	patch -p1 -i ../authfile.c.patch # fix FS#24693 using http://anoncvs.mindrot.org/index.cgi/openssh/authfile.c?revision=1.95
-
-	./configure \
-		--prefix=/usr \
-		--libexecdir=/usr/lib/ssh \
-		--sysconfdir=/etc/ssh \
-		--with-privsep-user=nobody \
-		--with-md5-passwords \
-		--with-pam \
-		--with-mantype=man \
-		--mandir=/usr/share/man \
-		--with-xauth=/usr/bin/xauth \
-		--with-kerberos5=/usr \
-		--with-ssl-engine \
-		--with-libedit=/usr/lib \
-		--disable-strip # stripping is done by makepkg
-
-	make
-}
-
-package() {
-	cd "${srcdir}/${pkgname}-${pkgver}"
-	make DESTDIR="${pkgdir}" install
-
-	install -Dm755 ../sshd "${pkgdir}"/etc/rc.d/sshd
-	install -Dm644 ../sshd.pam "${pkgdir}"/etc/pam.d/sshd
-	install -Dm644 ../sshd.confd "${pkgdir}"/etc/conf.d/sshd
-	install -Dm644 LICENCE "${pkgdir}/usr/share/licenses/${pkgname}/LICENCE"
-
-	rm "${pkgdir}"/usr/share/man/man1/slogin.1
-	ln -sf ssh.1.gz "${pkgdir}"/usr/share/man/man1/slogin.1.gz
-
-	# additional contrib scripts that we like
-	install -Dm755 contrib/findssl.sh "${pkgdir}"/usr/bin/findssl.sh
-	install -Dm755 contrib/ssh-copy-id "${pkgdir}"/usr/bin/ssh-copy-id
-	install -Dm644 contrib/ssh-copy-id.1 "${pkgdir}"/usr/share/man/man1/ssh-copy-id.1
-
-	# PAM is a common, standard feature to have
-	sed -i	-e '/^#ChallengeResponseAuthentication yes$/c ChallengeResponseAuthentication no' \
-		-e '/^#UsePAM no$/c UsePAM yes' \
-		"${pkgdir}"/etc/ssh/sshd_config
-}
diff --git a/staging/openssh/authfile.c.patch b/staging/openssh/authfile.c.patch
deleted file mode 100644
index 6c18fe807..000000000
--- a/staging/openssh/authfile.c.patch
+++ /dev/null
@@ -1,198 +0,0 @@
-diff -aur old/authfile.c new/authfile.c
---- old/authfile.c	2011-06-12 02:21:52.262338254 +0200
-+++ new/authfile.c	2011-06-12 02:13:43.051467269 +0200
-@@ -1,4 +1,4 @@
--/* $OpenBSD: authfile.c,v 1.87 2010/11/29 18:57:04 markus Exp $ */
-+/* $OpenBSD: authfile.c,v 1.95 2011/05/29 11:42:08 djm Exp $ */
- /*
-  * Author: Tatu Ylonen <ylo@cs.hut.fi>
-  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
-@@ -69,6 +69,8 @@
- #include "misc.h"
- #include "atomicio.h"
- 
-+#define MAX_KEY_FILE_SIZE	(1024 * 1024)
-+
- /* Version identification string for SSH v1 identity files. */
- static const char authfile_id_string[] =
-     "SSH PRIVATE KEY FILE FORMAT 1.1\n";
-@@ -312,12 +314,12 @@
- 	return pub;
- }
- 
--/* Load the contents of a key file into a buffer */
--static int
-+/* Load a key from a fd into a buffer */
-+int
- key_load_file(int fd, const char *filename, Buffer *blob)
- {
-+	u_char buf[1024];
- 	size_t len;
--	u_char *cp;
- 	struct stat st;
- 
- 	if (fstat(fd, &st) < 0) {
-@@ -325,30 +327,45 @@
- 		    filename == NULL ? "" : filename,
- 		    filename == NULL ? "" : " ",
- 		    strerror(errno));
--		close(fd);
- 		return 0;
- 	}
--	if (st.st_size > 1*1024*1024) {
-+	if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 &&
-+	    st.st_size > MAX_KEY_FILE_SIZE) {
-+ toobig:
- 		error("%s: key file %.200s%stoo large", __func__,
- 		    filename == NULL ? "" : filename,
- 		    filename == NULL ? "" : " ");
--		close(fd);
- 		return 0;
- 	}
--	len = (size_t)st.st_size;		/* truncated */
--
- 	buffer_init(blob);
--	cp = buffer_append_space(blob, len);
--
--	if (atomicio(read, fd, cp, len) != len) {
--		debug("%s: read from key file %.200s%sfailed: %.100s", __func__,
--		    filename == NULL ? "" : filename,
--		    filename == NULL ? "" : " ",
--		    strerror(errno));
-+	for (;;) {
-+		if ((len = atomicio(read, fd, buf, sizeof(buf))) == 0) {
-+			if (errno == EPIPE)
-+				break;
-+			debug("%s: read from key file %.200s%sfailed: %.100s",
-+			    __func__, filename == NULL ? "" : filename,
-+			    filename == NULL ? "" : " ", strerror(errno));
-+			buffer_clear(blob);
-+			bzero(buf, sizeof(buf));
-+			return 0;
-+		}
-+		buffer_append(blob, buf, len);
-+		if (buffer_len(blob) > MAX_KEY_FILE_SIZE) {
-+			buffer_clear(blob);
-+			bzero(buf, sizeof(buf));
-+			goto toobig;
-+		}
-+	}
-+	bzero(buf, sizeof(buf));
-+	if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 &&
-+	    st.st_size != buffer_len(blob)) {
-+		debug("%s: key file %.200s%schanged size while reading",
-+		    __func__, filename == NULL ? "" : filename,
-+		    filename == NULL ? "" : " ");
- 		buffer_clear(blob);
--		close(fd);
- 		return 0;
- 	}
-+
- 	return 1;
- }
- 
-@@ -606,7 +623,7 @@
- 		error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
- 		error("Permissions 0%3.3o for '%s' are too open.",
- 		    (u_int)st.st_mode & 0777, filename);
--		error("It is recommended that your private key files are NOT accessible by others.");
-+		error("It is required that your private key files are NOT accessible by others.");
- 		error("This private key will be ignored.");
- 		return 0;
- 	}
-@@ -626,6 +643,7 @@
- 	case KEY_UNSPEC:
- 		return key_parse_private_pem(blob, type, passphrase, commentp);
- 	default:
-+		error("%s: cannot parse key type %d", __func__, type);
- 		break;
- 	}
- 	return NULL;
-@@ -670,11 +688,38 @@
- }
- 
- Key *
-+key_parse_private(Buffer *buffer, const char *filename,
-+    const char *passphrase, char **commentp)
-+{
-+	Key *pub, *prv;
-+	Buffer pubcopy;
-+
-+	buffer_init(&pubcopy);
-+	buffer_append(&pubcopy, buffer_ptr(buffer), buffer_len(buffer));
-+	/* it's a SSH v1 key if the public key part is readable */
-+	pub = key_parse_public_rsa1(&pubcopy, commentp);
-+	buffer_free(&pubcopy);
-+	if (pub == NULL) {
-+		prv = key_parse_private_type(buffer, KEY_UNSPEC,
-+		    passphrase, NULL);
-+		/* use the filename as a comment for PEM */
-+		if (commentp && prv)
-+			*commentp = xstrdup(filename);
-+	} else {
-+		key_free(pub);
-+		/* key_parse_public_rsa1() has already loaded the comment */
-+		prv = key_parse_private_type(buffer, KEY_RSA1, passphrase,
-+		    NULL);
-+	}
-+	return prv;
-+}
-+
-+Key *
- key_load_private(const char *filename, const char *passphrase,
-     char **commentp)
- {
--	Key *pub, *prv;
--	Buffer buffer, pubcopy;
-+	Key *prv;
-+	Buffer buffer;
- 	int fd;
- 
- 	fd = open(filename, O_RDONLY);
-@@ -697,23 +742,7 @@
- 	}
- 	close(fd);
- 
--	buffer_init(&pubcopy);
--	buffer_append(&pubcopy, buffer_ptr(&buffer), buffer_len(&buffer));
--	/* it's a SSH v1 key if the public key part is readable */
--	pub = key_parse_public_rsa1(&pubcopy, commentp);
--	buffer_free(&pubcopy);
--	if (pub == NULL) {
--		prv = key_parse_private_type(&buffer, KEY_UNSPEC,
--		    passphrase, NULL);
--		/* use the filename as a comment for PEM */
--		if (commentp && prv)
--			*commentp = xstrdup(filename);
--	} else {
--		key_free(pub);
--		/* key_parse_public_rsa1() has already loaded the comment */
--		prv = key_parse_private_type(&buffer, KEY_RSA1, passphrase,
--		    NULL);
--	}
-+	prv = key_parse_private(&buffer, filename, passphrase, commentp);
- 	buffer_free(&buffer);
- 	return prv;
- }
-@@ -737,13 +766,19 @@
- 			case '\0':
- 				continue;
- 			}
-+			/* Abort loading if this looks like a private key */
-+			if (strncmp(cp, "-----BEGIN", 10) == 0)
-+				break;
- 			/* Skip leading whitespace. */
- 			for (; *cp && (*cp == ' ' || *cp == '\t'); cp++)
- 				;
- 			if (*cp) {
- 				if (key_read(k, &cp) == 1) {
--					if (commentp)
--						*commentp=xstrdup(filename);
-+					cp[strcspn(cp, "\r\n")] = '\0';
-+					if (commentp) {
-+						*commentp = xstrdup(*cp ?
-+						    cp : filename);
-+					}
- 					fclose(f);
- 					return 1;
- 				}
diff --git a/staging/openssh/sshd b/staging/openssh/sshd
deleted file mode 100755
index 2ee1091f0..000000000
--- a/staging/openssh/sshd
+++ /dev/null
@@ -1,48 +0,0 @@
-#!/bin/bash
-
-. /etc/rc.conf
-. /etc/rc.d/functions
-. /etc/conf.d/sshd
-
-PIDFILE=/var/run/sshd.pid
-PID=$(cat $PIDFILE 2>/dev/null)
-if ! readlink -q /proc/$PID/exe | grep -q '^/usr/sbin/sshd'; then
-  PID=
-  rm $PIDFILE 2>/dev/null
-fi
-
-case "$1" in
-  start)
-    stat_busy "Starting Secure Shell Daemon"
-    [ -f /etc/ssh/ssh_host_key ] || { /usr/bin/ssh-keygen -t rsa1 -N "" -f /etc/ssh/ssh_host_key >/dev/null; }
-    [ -f /etc/ssh/ssh_host_rsa_key ] || { /usr/bin/ssh-keygen -t rsa -N "" -f /etc/ssh/ssh_host_rsa_key >/dev/null; }
-    [ -f /etc/ssh/ssh_host_dsa_key ] || { /usr/bin/ssh-keygen -t dsa -N "" -f /etc/ssh/ssh_host_dsa_key >/dev/null; }
-    [ -f /etc/ssh/ssh_host_ecdsa_key ] || { /usr/bin/ssh-keygen -t ecdsa -N "" -f /etc/ssh/ssh_host_ecdsa_key >/dev/null; }
-    [ -d /var/empty ] || mkdir -p /var/empty
-    [ -z "$PID" ] && /usr/sbin/sshd $SSHD_ARGS
-    if [ $? -gt 0 ]; then
-      stat_fail
-    else
-      add_daemon sshd
-      stat_done
-    fi
-    ;;
-  stop)
-    stat_busy "Stopping Secure Shell Daemon"
-    [ ! -z "$PID" ]  && kill $PID &> /dev/null
-    if [ $? -gt 0 ]; then
-      stat_fail
-    else
-      rm_daemon sshd
-      stat_done
-    fi
-    ;;
-  restart)
-    $0 stop
-    sleep 1
-    $0 start
-    ;;
-  *)
-    echo "usage: $0 {start|stop|restart}"  
-esac
-exit 0
diff --git a/staging/openssh/sshd.confd b/staging/openssh/sshd.confd
deleted file mode 100644
index 5ce7c0079..000000000
--- a/staging/openssh/sshd.confd
+++ /dev/null
@@ -1,4 +0,0 @@
-#
-# Parameters to be passed to sshd
-#
-SSHD_ARGS=""
diff --git a/staging/openssh/sshd.pam b/staging/openssh/sshd.pam
deleted file mode 100644
index ff8829fe9..000000000
--- a/staging/openssh/sshd.pam
+++ /dev/null
@@ -1,11 +0,0 @@
-#%PAM-1.0
-#auth		required	pam_securetty.so	#Disable remote root
-auth		required	pam_unix.so
-auth		required	pam_env.so
-account		required	pam_nologin.so
-account		required	pam_unix.so
-account		required	pam_time.so
-password	required	pam_unix.so
-session		required	pam_unix_session.so
-session		required	pam_limits.so
--session	optional	pam_ck_connector.so nox11
author	Parabola <dev@list.parabolagnulinux.org>	2011-07-20 14:44:01 +0000
committer	Parabola <dev@list.parabolagnulinux.org>	2011-07-20 14:44:01 +0000
commit	3da6b13f1eb136d0899bd2e8dd217048bb4d9030 (patch)
tree	78f3c7f0776ff0be3c22bb7744a82c47d9f62cfc /staging/openssh
parent	94e3eb45cd3402cbc5efd70ae725e8d48ed696af (diff)