From 8cca36c97b57b8d0a7e5521647c02409eb94ade4 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 8 Sep 2011 16:35:25 +0000 Subject: Thu Sep 8 16:35:25 UTC 2011 --- core/openssh/PKGBUILD | 20 +++++++--------- core/openssh/sshd | 65 ++++++++++++++++++++++++--------------------------- core/openssl/PKGBUILD | 28 +++++++++++++++------- 3 files changed, 59 insertions(+), 54 deletions(-) (limited to 'core') diff --git a/core/openssh/PKGBUILD b/core/openssh/PKGBUILD index bf45e6396..484488d4a 100644 --- a/core/openssh/PKGBUILD +++ b/core/openssh/PKGBUILD @@ -1,11 +1,11 @@ -# $Id: PKGBUILD 131644 2011-07-13 07:48:58Z bisson $ +# $Id: PKGBUILD 137502 2011-09-08 02:26:19Z bisson $ # Maintainer: Gaetan Bisson # Contributor: Aaron Griffin # Contributor: judd pkgname=openssh -pkgver=5.8p2 -pkgrel=9 +pkgver=5.9p1 +pkgrel=3 pkgdesc='Free version of the SSH connectivity tools' arch=('i686' 'x86_64') license=('custom:BSD') @@ -13,21 +13,17 @@ url='http://www.openssh.org/portable.html' backup=('etc/ssh/ssh_config' 'etc/ssh/sshd_config' 'etc/pam.d/sshd' 'etc/conf.d/sshd') depends=('krb5' 'openssl' 'libedit') source=("ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname}-${pkgver}.tar.gz" - 'authfile.c.patch' 'sshd.confd' 'sshd.pam' 'sshd') -sha1sums=('64798328d310e4f06c9f01228107520adbc8b3e5' - '3669cb5ca6149f69015df5ce8e60b82c540eb0a4' +sha1sums=('ac4e0055421e9543f0af5da607a72cf5922dcc56' 'ec102deb69cad7d14f406289d2fc11fee6eddbdd' '07fecd5880b1c4fdd8c94ddb2e89ddce88effdc1' - '6b7f8ebf0c1cc37137a7d9a53447ac8a0ee6a2b5') + '21fa88de6cc1c7912e71655f50896ba17991a1c2') build() { cd "${srcdir}/${pkgname}-${pkgver}" - patch -p1 -i ../authfile.c.patch # fix FS#24693 using http://anoncvs.mindrot.org/index.cgi/openssh/authfile.c?revision=1.95 - ./configure \ --prefix=/usr \ --libexecdir=/usr/lib/ssh \ @@ -36,7 +32,6 @@ build() { --with-md5-passwords \ --with-pam \ --with-mantype=man \ - --mandir=/usr/share/man \ --with-xauth=/usr/bin/xauth \ --with-kerberos5=/usr \ --with-ssl-engine \ @@ -64,7 +59,8 @@ package() { install -Dm644 contrib/ssh-copy-id.1 "${pkgdir}"/usr/share/man/man1/ssh-copy-id.1 # PAM is a common, standard feature to have - sed -i -e '/^#ChallengeResponseAuthentication yes$/c ChallengeResponseAuthentication no' \ + sed \ + -e '/^#ChallengeResponseAuthentication yes$/c ChallengeResponseAuthentication no' \ -e '/^#UsePAM no$/c UsePAM yes' \ - "${pkgdir}"/etc/ssh/sshd_config + -i "${pkgdir}"/etc/ssh/sshd_config } diff --git a/core/openssh/sshd b/core/openssh/sshd index 2ee1091f0..1d68fb877 100755 --- a/core/openssh/sshd +++ b/core/openssh/sshd @@ -7,42 +7,39 @@ PIDFILE=/var/run/sshd.pid PID=$(cat $PIDFILE 2>/dev/null) if ! readlink -q /proc/$PID/exe | grep -q '^/usr/sbin/sshd'; then - PID= - rm $PIDFILE 2>/dev/null + PID= + rm $PIDFILE 2>/dev/null fi case "$1" in - start) - stat_busy "Starting Secure Shell Daemon" - [ -f /etc/ssh/ssh_host_key ] || { /usr/bin/ssh-keygen -t rsa1 -N "" -f /etc/ssh/ssh_host_key >/dev/null; } - [ -f /etc/ssh/ssh_host_rsa_key ] || { /usr/bin/ssh-keygen -t rsa -N "" -f /etc/ssh/ssh_host_rsa_key >/dev/null; } - [ -f /etc/ssh/ssh_host_dsa_key ] || { /usr/bin/ssh-keygen -t dsa -N "" -f /etc/ssh/ssh_host_dsa_key >/dev/null; } - [ -f /etc/ssh/ssh_host_ecdsa_key ] || { /usr/bin/ssh-keygen -t ecdsa -N "" -f /etc/ssh/ssh_host_ecdsa_key >/dev/null; } - [ -d /var/empty ] || mkdir -p /var/empty - [ -z "$PID" ] && /usr/sbin/sshd $SSHD_ARGS - if [ $? -gt 0 ]; then - stat_fail - else - add_daemon sshd - stat_done - fi - ;; - stop) - stat_busy "Stopping Secure Shell Daemon" - [ ! -z "$PID" ] && kill $PID &> /dev/null - if [ $? -gt 0 ]; then - stat_fail - else - rm_daemon sshd - stat_done - fi - ;; - restart) - $0 stop - sleep 1 - $0 start - ;; - *) - echo "usage: $0 {start|stop|restart}" + start) + stat_busy 'Starting Secure Shell Daemon' + /usr/bin/ssh-keygen -A + [[ -d /var/empty ]] || mkdir -p /var/empty + [[ -z $PID ]] && /usr/sbin/sshd $SSHD_ARGS + if [[ $? -gt 0 ]]; then + stat_fail + else + add_daemon sshd + stat_done + fi + ;; + stop) + stat_busy 'Stopping Secure Shell Daemon' + [[ ! -z $PID ]] && kill $PID &> /dev/null + if [[ $? -gt 0 ]]; then + stat_fail + else + rm_daemon sshd + stat_done + fi + ;; + restart) + $0 stop + sleep 1 + $0 start + ;; + *) + echo "usage: $0 {start|stop|restart}" esac exit 0 diff --git a/core/openssl/PKGBUILD b/core/openssl/PKGBUILD index 756338040..f3ddf3b87 100644 --- a/core/openssl/PKGBUILD +++ b/core/openssl/PKGBUILD @@ -1,8 +1,8 @@ -# $Id: PKGBUILD 109351 2011-02-08 19:05:04Z pierre $ +# $Id: PKGBUILD 137334 2011-09-07 08:58:53Z pierre $ # Maintainer: Pierre Schmitz pkgname=openssl -_ver=1.0.0d +_ver=1.0.0e # use a pacman compatible version scheme pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}} pkgrel=1 @@ -18,7 +18,7 @@ source=("https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz" 'fix-manpages.patch' 'no-rpath.patch' 'ca-dir.patch') -md5sums=('40b6ea380cc8a5bf9734c2f8bf7e701e' +md5sums=('7040b89c4c58c7a1016c0dfa6e821c86' '5bbc0655bda2af95bc8eb568963ce8ba' 'dc78d3d06baffc16217519242ce92478' '3bf51be3a1bbd262be46dc619f92aa90') @@ -29,6 +29,12 @@ PKGEXT='.pkg.tar.gz' build() { cd $srcdir/$pkgname-$_ver + if [ "${CARCH}" == 'x86_64' ]; then + openssltarget='linux-x86_64' + elif [ "${CARCH}" == 'i686' ]; then + openssltarget='linux-elf' + fi + # avoid conflicts with other man pages # see http://www.linuxfromscratch.org/patches/downloads/openssl/ patch -p1 -i $srcdir/fix-manpages.patch @@ -37,16 +43,22 @@ build() { # set ca dir to /etc/ssl by default patch -p0 -i $srcdir/ca-dir.patch # mark stack as non-executable: http://bugs.archlinux.org/task/12434 - ./config --prefix=/usr --openssldir=/etc/ssl --libdir=lib \ - shared zlib enable-md2 -Wa,--noexecstack + ./Configure --prefix=/usr --openssldir=/etc/ssl --libdir=lib \ + shared zlib enable-md2 \ + "${openssltarget}" \ + -Wa,--noexecstack "${CFLAGS}" "${LDFLAGS}" + make depend make +} +check() { + cd $srcdir/$pkgname-$_ver # the test fails due to missing write permissions in /etc/ssl # revert this patch for make test - #patch -p0 -R -i $srcdir/ca-dir.patch - #make test - #patch -p0 -i $srcdir/ca-dir.patch + patch -p0 -R -i $srcdir/ca-dir.patch + make test + patch -p0 -i $srcdir/ca-dir.patch } package() { -- cgit v1.2.3-54-g00ecf