2002-09-20 04:01:54 +02:00
|
|
|
#!@RCD_SCRIPTS_SHELL@
|
Clean this up, sync with the ssh package, and update to
1.2.2 (fixing PR 9304 by David Rankin <drankin@bohemians.lexington.ky.us>.
Changes:
20000125
- Fix NULL pointer dereference in login.c. Fix from Andre Lucas
<andre.lucas@dial.pipex.com>
- Reorder PAM initialisation so it does not mess up lastlog. Reported
by Andre Lucas <andre.lucas@dial.pipex.com>
- Use preformatted manpages on SCO, report from Gary E. Miller
<gem@rellim.com>
- New URL for x11-ssh-askpass.
- Fixpaths was missing /etc/ssh_known_hosts. Report from Jim Knoble
<jmknoble@pobox.com>
- Added 'DESTDIR' option to Makefile to ease package building. Patch from
Jim Knoble <jmknoble@pobox.com>
- Updated RPM spec files to use DESTDIR
20000124
- Pick up version 1.2.2 from OpenBSD CVS (no changes, just version number
increment)
20000123
- OpenBSD CVS:
- [packet.c]
getsockname() requires initialized tolen; andy@guildsoftware.com
- AIX patch from Matt Richards <v2matt@btv.ibm.com> and David Rankin
<drankin@bohemians.lexington.ky.us>
- Fix lastlog support, patch from Andre Lucas <andre.lucas@dial.pipex.com>
20000122
- Fix compilation of bsd-snprintf.c on Solaris, fix from Ben Taylor
<bent@clark.net>
- Merge preformatted manpage patch from Andre Lucas
<andre.lucas@dial.pipex.com>
- Make IPv4 use the default in RPM packages
- Irix uses preformatted manpages
- Missing htons() in bsd-bindresvport.c, fix from Holger Trapp
<Holger.Trapp@Informatik.TU-Chemnitz.DE>
- OpenBSD CVS updates:
- [packet.c]
use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
from Holger.Trapp@Informatik.TU-Chemnitz.DE
- [sshd.c]
log with level log() not fatal() if peer behaves badly.
- [readpass.c]
instead of blocking SIGINT, catch it ourselves, so that we can clean
the tty modes up and kill ourselves -- instead of our process group
leader (scp, cvs, ...) going away and leaving us in noecho mode.
people with cbreak shells never even noticed..
- [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
ie. -> i.e.,
20000120
- Don't use getaddrinfo on AIX
- Update to latest OpenBSD CVS:
- [auth-rsa.c]
- fix user/1056, sshd keeps restrictions; dbt@meat.net
- [sshconnect.c]
- disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
- destroy keys earlier
- split key exchange (kex) and user authentication (user-auth),
ok: provos@
- [sshd.c]
- no need for poll.h; from bright@wintelcom.net
- disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
- split key exchange (kex) and user authentication (user-auth),
ok: provos@
- [sshd.c]
- no need for poll.h; from bright@wintelcom.net
- disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
- split key exchange (kex) and user authentication (user-auth),
ok: provos@
- Big manpage and config file cleanup from Andre Lucas
<andre.lucas@dial.pipex.com>
- Re-added latest (unmodified) OpenBSD manpages
- Doc updates
- NetBSD patch from David Rankin <drankin@bohemians.lexington.ky.us> and
Christos Zoulas <christos@netbsd.org>
20000119
- SCO compile fixes from Gary E. Miller <gem@rellim.com>
- Compile fix from Darren_Hall@progressive.com
- Linux/glibc-2.1.2 takes a *long* time to look up names for AF_UNSPEC
addresses using getaddrinfo(). Added a configure switch to make the
default lookup mode AF_INET
20000118
- Fixed --with-pid-dir option
- Makefile fix from Gary E. Miller <gem@rellim.com>
- Compile fix for HPUX and Solaris from Andre Lucas
<andre.lucas@dial.pipex.com>
2000-01-27 18:37:19 +01:00
|
|
|
#
|
2003-05-22 11:05:38 +02:00
|
|
|
# $NetBSD: sshd.sh,v 1.11 2003/05/22 09:05:38 wiz Exp $
|
Clean this up, sync with the ssh package, and update to
1.2.2 (fixing PR 9304 by David Rankin <drankin@bohemians.lexington.ky.us>.
Changes:
20000125
- Fix NULL pointer dereference in login.c. Fix from Andre Lucas
<andre.lucas@dial.pipex.com>
- Reorder PAM initialisation so it does not mess up lastlog. Reported
by Andre Lucas <andre.lucas@dial.pipex.com>
- Use preformatted manpages on SCO, report from Gary E. Miller
<gem@rellim.com>
- New URL for x11-ssh-askpass.
- Fixpaths was missing /etc/ssh_known_hosts. Report from Jim Knoble
<jmknoble@pobox.com>
- Added 'DESTDIR' option to Makefile to ease package building. Patch from
Jim Knoble <jmknoble@pobox.com>
- Updated RPM spec files to use DESTDIR
20000124
- Pick up version 1.2.2 from OpenBSD CVS (no changes, just version number
increment)
20000123
- OpenBSD CVS:
- [packet.c]
getsockname() requires initialized tolen; andy@guildsoftware.com
- AIX patch from Matt Richards <v2matt@btv.ibm.com> and David Rankin
<drankin@bohemians.lexington.ky.us>
- Fix lastlog support, patch from Andre Lucas <andre.lucas@dial.pipex.com>
20000122
- Fix compilation of bsd-snprintf.c on Solaris, fix from Ben Taylor
<bent@clark.net>
- Merge preformatted manpage patch from Andre Lucas
<andre.lucas@dial.pipex.com>
- Make IPv4 use the default in RPM packages
- Irix uses preformatted manpages
- Missing htons() in bsd-bindresvport.c, fix from Holger Trapp
<Holger.Trapp@Informatik.TU-Chemnitz.DE>
- OpenBSD CVS updates:
- [packet.c]
use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
from Holger.Trapp@Informatik.TU-Chemnitz.DE
- [sshd.c]
log with level log() not fatal() if peer behaves badly.
- [readpass.c]
instead of blocking SIGINT, catch it ourselves, so that we can clean
the tty modes up and kill ourselves -- instead of our process group
leader (scp, cvs, ...) going away and leaving us in noecho mode.
people with cbreak shells never even noticed..
- [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
ie. -> i.e.,
20000120
- Don't use getaddrinfo on AIX
- Update to latest OpenBSD CVS:
- [auth-rsa.c]
- fix user/1056, sshd keeps restrictions; dbt@meat.net
- [sshconnect.c]
- disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
- destroy keys earlier
- split key exchange (kex) and user authentication (user-auth),
ok: provos@
- [sshd.c]
- no need for poll.h; from bright@wintelcom.net
- disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
- split key exchange (kex) and user authentication (user-auth),
ok: provos@
- [sshd.c]
- no need for poll.h; from bright@wintelcom.net
- disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
- split key exchange (kex) and user authentication (user-auth),
ok: provos@
- Big manpage and config file cleanup from Andre Lucas
<andre.lucas@dial.pipex.com>
- Re-added latest (unmodified) OpenBSD manpages
- Doc updates
- NetBSD patch from David Rankin <drankin@bohemians.lexington.ky.us> and
Christos Zoulas <christos@netbsd.org>
20000119
- SCO compile fixes from Gary E. Miller <gem@rellim.com>
- Compile fix from Darren_Hall@progressive.com
- Linux/glibc-2.1.2 takes a *long* time to look up names for AF_UNSPEC
addresses using getaddrinfo(). Added a configure switch to make the
default lookup mode AF_INET
20000118
- Fixed --with-pid-dir option
- Makefile fix from Gary E. Miller <gem@rellim.com>
- Compile fix for HPUX and Solaris from Andre Lucas
<andre.lucas@dial.pipex.com>
2000-01-27 18:37:19 +01:00
|
|
|
#
|
2000-09-20 06:49:19 +02:00
|
|
|
# PROVIDE: sshd
|
|
|
|
|
# REQUIRE: DAEMON LOGIN
|
2000-07-22 10:21:59 +02:00
|
|
|
|
2002-02-05 05:17:31 +01:00
|
|
|
if [ -f /etc/rc.subr ]
|
|
|
|
|
then
|
|
|
|
|
. /etc/rc.subr
|
|
|
|
|
fi
|
|
|
|
|
|
2000-07-22 10:21:59 +02:00
|
|
|
name="sshd"
|
2002-02-05 05:17:31 +01:00
|
|
|
rcvar=$name
|
|
|
|
|
command="@PREFIX@/sbin/${name}"
|
|
|
|
|
keygen_command="@PREFIX@/bin/ssh-keygen"
|
2001-10-19 11:42:08 +02:00
|
|
|
pidfile="@SSH_PID_DIR@/${name}.pid"
|
2002-02-05 05:17:31 +01:00
|
|
|
required_files="@PKG_SYSCONFDIR@/sshd_config"
|
|
|
|
|
extra_commands="keygen reload"
|
2000-07-22 10:21:59 +02:00
|
|
|
|
2002-02-05 05:17:31 +01:00
|
|
|
sshd_keygen()
|
|
|
|
|
{
|
|
|
|
|
(
|
|
|
|
|
umask 022
|
|
|
|
|
if [ -f @PKG_SYSCONFDIR@/ssh_host_key ]; then
|
|
|
|
|
@ECHO@ "You already have an RSA host key in @PKG_SYSCONFDIR@/ssh_host_key"
|
|
|
|
|
@ECHO@ "Skipping protocol version 1 RSA Key Generation"
|
|
|
|
|
else
|
|
|
|
|
${keygen_command} -t rsa1 -b 1024 -f @PKG_SYSCONFDIR@/ssh_host_key -N ''
|
2000-07-22 10:21:59 +02:00
|
|
|
fi
|
2002-02-05 05:17:31 +01:00
|
|
|
|
|
|
|
|
if [ -f @PKG_SYSCONFDIR@/ssh_host_dsa_key ]; then
|
|
|
|
|
@ECHO@ "You already have a DSA host key in @PKG_SYSCONFDIR@/ssh_host_dsa_key"
|
|
|
|
|
@ECHO@ "Skipping protocol version 2 DSA Key Generation"
|
2000-07-22 10:21:59 +02:00
|
|
|
else
|
2002-02-05 05:17:31 +01:00
|
|
|
${keygen_command} -t dsa -f @PKG_SYSCONFDIR@/ssh_host_dsa_key -N ''
|
2000-07-22 10:21:59 +02:00
|
|
|
fi
|
2002-02-05 05:17:31 +01:00
|
|
|
|
|
|
|
|
if [ -f @PKG_SYSCONFDIR@/ssh_host_rsa_key ]; then
|
|
|
|
|
@ECHO@ "You already have a RSA host key in @PKG_SYSCONFDIR@/ssh_host_rsa_key"
|
|
|
|
|
@ECHO@ "Skipping protocol version 2 RSA Key Generation"
|
2000-07-22 10:21:59 +02:00
|
|
|
else
|
2002-02-05 05:17:31 +01:00
|
|
|
${keygen_command} -t rsa -f @PKG_SYSCONFDIR@/ssh_host_rsa_key -N ''
|
|
|
|
|
fi
|
|
|
|
|
)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sshd_precmd()
|
|
|
|
|
{
|
|
|
|
|
if [ ! -f @PKG_SYSCONFDIR@/ssh_host_key -o \
|
|
|
|
|
! -f @PKG_SYSCONFDIR@/ssh_host_dsa_key -o \
|
|
|
|
|
! -f @PKG_SYSCONFDIR@/ssh_host_rsa_key ]; then
|
2003-05-22 11:05:38 +02:00
|
|
|
if [ -f /etc/rc.subr -a -f /etc/rc.conf -a -f /etc/rc.d/DAEMON ]
|
|
|
|
|
then
|
|
|
|
|
run_rc_command keygen
|
|
|
|
|
else
|
|
|
|
|
eval ${keygen_cmd}
|
|
|
|
|
fi
|
2000-07-22 10:21:59 +02:00
|
|
|
fi
|
2002-02-05 05:17:31 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
keygen_cmd=sshd_keygen
|
|
|
|
|
start_precmd=sshd_precmd
|
|
|
|
|
|
2003-05-22 11:05:38 +02:00
|
|
|
if [ -f /etc/rc.subr -a -f /etc/rc.conf -a -f /etc/rc.d/DAEMON ]
|
2002-02-05 05:17:31 +01:00
|
|
|
then
|
|
|
|
|
load_rc_config $name
|
|
|
|
|
run_rc_command "$1"
|
|
|
|
|
else
|
|
|
|
|
case ${1:-start} in
|
|
|
|
|
start)
|
|
|
|
|
if [ -x ${command} -a -f ${required_files} ]
|
|
|
|
|
then
|
|
|
|
|
@ECHO@ "Starting ${name}."
|
|
|
|
|
eval ${start_precmd}
|
|
|
|
|
eval ${command} ${sshd_flags} ${command_args}
|
|
|
|
|
fi
|
|
|
|
|
;;
|
|
|
|
|
stop)
|
|
|
|
|
if [ -f ${pidfile} ]; then
|
|
|
|
|
pid=`@HEAD@ -1 ${pidfile}`
|
|
|
|
|
@ECHO@ "Stopping ${name}."
|
|
|
|
|
kill -TERM ${pid}
|
|
|
|
|
else
|
|
|
|
|
@ECHO@ "${name} not running?"
|
|
|
|
|
fi
|
|
|
|
|
;;
|
|
|
|
|
restart)
|
|
|
|
|
( $0 stop )
|
|
|
|
|
sleep 1
|
|
|
|
|
$0 start
|
|
|
|
|
;;
|
|
|
|
|
status)
|
|
|
|
|
if [ -f ${pidfile} ]; then
|
|
|
|
|
pid=`@HEAD@ -1 ${pidfile}`
|
|
|
|
|
@ECHO@ "${name} is running as pid ${pid}."
|
|
|
|
|
else
|
|
|
|
|
@ECHO@ "${name} is not running."
|
|
|
|
|
fi
|
|
|
|
|
;;
|
2002-04-02 12:14:42 +02:00
|
|
|
keygen)
|
|
|
|
|
eval ${keygen_cmd}
|
|
|
|
|
;;
|
2002-02-05 05:17:31 +01:00
|
|
|
esac
|
|
|
|
|
fi
|
