209 lines
6.2 KiB
Makefile
209 lines
6.2 KiB
Makefile
# $NetBSD: Makefile,v 1.84 2000/09/26 19:59:54 fredb Exp $
|
|
# FreeBSD Id: Makefile,v 1.47 1997/11/10 22:04:42 dima Exp
|
|
#
|
|
|
|
# We do not upgrade to 1.2.28 and beyond, intentionally. There was license
|
|
# change between 1.2.27 and 1.2.28, and the new license prohibits us from
|
|
# modifying/redistributing it.
|
|
#
|
|
DISTNAME= ssh-1.2.27
|
|
CATEGORIES= security net
|
|
MASTER_SITES= ftp://ftp.cs.hut.fi/pub/ssh/ \
|
|
ftp://ftp.funet.fi/pub/unix/security/login/ssh/ \
|
|
ftp://ftp.cert.dfn.de/pub/tools/net/ssh/
|
|
DISTFILES= ${DISTNAME}${EXTRACT_SUFX}
|
|
|
|
MAINTAINER= packages@netbsd.org
|
|
HOMEPAGE= http://www.cs.hut.fi/ssh/
|
|
|
|
CONFLICTS= openssh-[0-9]* ssh6-[0-9]*
|
|
|
|
CRYPTO= YES
|
|
LICENSE= no-commercial-use
|
|
USE_RSAREF2= NO
|
|
|
|
EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX}
|
|
CFLAGS= -O2
|
|
GNU_CONFIGURE= YES
|
|
|
|
.include "../../mk/bsd.prefs.mk"
|
|
|
|
# Use SSH_CONF_DIR from /etc/mk.conf, if defined; otherwise default to /etc
|
|
SSH_CONF_DIR?= /etc
|
|
|
|
CONFIGURE_ARGS+= --with-etcdir=${SSH_CONF_DIR}
|
|
|
|
.if ${OPSYS} == "NetBSD"
|
|
CONFIGURE_ARGS+= --with-libwrap
|
|
.endif
|
|
|
|
.if ${OPSYS} == "SunOS"
|
|
DEPENDS+= zlib-*:../../devel/zlib
|
|
CONFIGURE_ENV+= X_CFLAGS="-I${LOCALBASE}/include"
|
|
.endif
|
|
|
|
#Uncomment if all your users are in their own group and their homedir
|
|
#is writeable by that group. Beware the security implications!
|
|
#CONFIGURE_ARGS+= --enable-group-writeability
|
|
|
|
#Uncomment if you want to allow ssh to emulate an unencrypted rsh connection
|
|
#over a secure medium. This is normally dangerous since it can lead to the
|
|
#disclosure keys and passwords.
|
|
#CONFIGURE_ARGS+= --with-none
|
|
|
|
.if defined(USE_RSAREF2) && ${USE_RSAREF2} == YES
|
|
DEPENDS+= rsaref-2.0p3:../../security/rsaref
|
|
CONFIGURE_ARGS+= --with-rsaref="${LOCALBASE}/lib"
|
|
CONFIGURE_ENV+= LDFLAGS="-Wl,-R${LOCALBASE}/lib"
|
|
CFLAGS+= -I${LOCALBASE}/include
|
|
.endif
|
|
|
|
# Include support for the SecureID card
|
|
# Warning: untested !
|
|
.if defined(USE_SECUREID) && ${USE_SECUREID} == YES
|
|
CONFIGURE_ARGS+= --with-secureid
|
|
.endif
|
|
|
|
# If rsh is elsewhere to /usr/bin/rsh
|
|
.if defined(SSH_RSHPATH)
|
|
CONFIGURE_ARGS+= --with-rsh=${SSH_RSHPATH}
|
|
.endif
|
|
|
|
# By default, use IDEA. IDEA can be freely used for non-commercial use.
|
|
# However, commercial use may require a license in a number of countries.
|
|
#
|
|
USE_IDEA?= YES
|
|
|
|
# Handle deprecated option SSH_DONT_USE_IDEA.
|
|
#
|
|
.if defined(SSH_DONT_USE_IDEA) && ${SSH_DONT_USE_IDEA} == YES
|
|
USE_IDEA= NO
|
|
.endif
|
|
|
|
.if ${USE_IDEA} != "YES"
|
|
CONFIGURE_ARGS+= --without-idea
|
|
.endif
|
|
|
|
# Include SOCKS firewall support
|
|
.if defined(USE_SOCKS) && (${USE_SOCKS} == 4 || ${USE_SOCKS} == 5)
|
|
CONFIGURE_ARGS+= --with-socks${USE_SOCKS}="-L${LOCALBASE}/lib -lsocks${USE_SOCKS}"
|
|
CFLAGS+= -I${LOCALBASE}/include
|
|
.if ${USE_SOCKS} == 4
|
|
DEPENDS+= socks4-2.2:../../net/socks4
|
|
.else
|
|
DEPENDS+= socks5-1.0.2:../../net/socks5
|
|
.endif
|
|
.endif
|
|
|
|
# The original Kerberos v4 patches were fetched from
|
|
# http://www.monkey.org/~dugsong/ssh-afs/
|
|
# PATCH_SITES+= ftp://ftp.monkey.org/pub/users/dugsong/
|
|
# PATCHFILES+= ssh-1.2.27-afs-kerberos.patch-1
|
|
# MD5 (ssh-1.2.27-afs-kerberos.patch-1) = d440f74958d9c3805b76dbc13e97e87d
|
|
|
|
.if defined(KERBEROS) && ${KERBEROS} == 4
|
|
USE_KERBEROS= yes
|
|
CONFIGURE_ARGS+= --with-krb4=/usr
|
|
.endif
|
|
|
|
# XXX KERBEROS 5 SUPPORT BROKEN WITH HEIMDAL
|
|
#.if defined(KERBEROS) && ${KERBEROS} == 5
|
|
#USE_KERBEROS= yes
|
|
#CONFIGURE_ARGS+=--with-krb5=/usr
|
|
#.else
|
|
#CONFIGURE_ARGS+=--without-krb5
|
|
#.endif
|
|
|
|
# Find X11 libraries with xpkgwedge
|
|
.if defined(USE_LOCALBASE_FOR_X11)
|
|
CONFIGURE_ARGS+= --x-libraries=${X11BASE}/lib --x-includes=${X11BASE}/include
|
|
.endif
|
|
|
|
# Enable support for TIS authentication server
|
|
.if defined(USE_TIS) && ${USE_TIS} == YES
|
|
CONFIGURE_ARGS+= --with-tis=${LOCALBASE}
|
|
.endif
|
|
|
|
# Don't install "ssh" setuid
|
|
.if !defined(SSH_SUID) || ${SSH_SUID} != YES
|
|
CONFIGURE_ARGS+= --disable-suid-ssh
|
|
.endif
|
|
|
|
# Make libwrap also compare against forwards (off by default)
|
|
.if defined(LIBWRAP_FWD) && ${LIBWRAP_FWD} == YES
|
|
CFLAGS+= -DLIBWRAP_FWD
|
|
.endif
|
|
|
|
# be more effective on M68060 machines
|
|
.if defined(M68060)
|
|
CONFIGURE_ARGS+= --disable-asm
|
|
CFLAGS+= -m68060
|
|
.endif
|
|
|
|
.if ${OPSYS} == "SunOS"
|
|
ROOT_GROUP?= root
|
|
.else
|
|
ROOT_GROUP?= wheel
|
|
.endif
|
|
|
|
DEINSTALL_FILE= ${WRKDIR}/DEINSTALL
|
|
MESSAGE_FILE= ${WRKDIR}/MESSAGE
|
|
PLIST_SRC= ${WRKDIR}/PLIST
|
|
PLIST_SUBST+= INSTALL="${INSTALL}" ROOT_GROUP="${ROOT_GROUP}"
|
|
|
|
pre-patch:
|
|
@${MV} -f ${WRKSRC}/make-ssh-known-hosts.pl \
|
|
${WRKSRC}/make-ssh-known-hosts.pl.in
|
|
@# SSH DES and AFS/Kerberos DES conflict.
|
|
@${MV} -f ${WRKSRC}/des.h ${WRKSRC}/ssh-des.h
|
|
|
|
fetch-depends:
|
|
.if !defined(USE_RSAREF2) || ${USE_RSAREF2} != YES && ${USE_RSAREF2} != NO
|
|
@${ECHO}
|
|
@${ECHO} The variable USE_RSAREF2 must be set to either YES or NO
|
|
@${ECHO} in order to build this package. USA residents that are
|
|
@${ECHO} not licensees of the RSA algorithm MUST set this variable
|
|
@${ECHO} to YES. Users outside the USA MUST set this variable to
|
|
@${ECHO} NO. Licensees may choose -- NO is faster.
|
|
@${ECHO}
|
|
@${ECHO} You may also want to set USE_IDEA to NO if this program
|
|
@${ECHO} will be used for a commercial purpose. There are other
|
|
@${ECHO} configure options\; look at the pkg Makefile for more info.
|
|
@${FALSE}
|
|
.endif
|
|
|
|
post-patch:
|
|
@# Make sure that "automake" is never run.
|
|
@${FIND} ${WRKSRC} -name Makefile.in -print | xargs ${TOUCH} ${TOUCH_FLAGS}
|
|
|
|
post-build:
|
|
@cd ${PKGDIR}; \
|
|
for FILE in DEINSTALL MESSAGE PLIST ${FILESDIR}/sshd.sh; do \
|
|
${SED} -e 's#@SSH_CONF_DIR@#${SSH_CONF_DIR}#g' \
|
|
-e 's#@PREFIX@#${PREFIX}#g' \
|
|
<$${FILE} >${WRKDIR}/`basename $${FILE}`; \
|
|
done
|
|
@if [ -x ${WRKSRC}/ssh-askpass ]; then \
|
|
${ECHO} bin/ssh-askpass >>${PLIST_SRC}; \
|
|
${ECHO} bin/ssh-askpass1 >>${PLIST_SRC}; \
|
|
fi
|
|
|
|
post-install:
|
|
@${MKDIR} ${PREFIX}/share/examples/ssh
|
|
@${MKDIR} ${WRKDIR}${SSH_CONF_DIR}
|
|
(cd ${WRKSRC}; ${SETENV} ${MAKE_ENV} ${MAKE_PROGRAM} ${MAKE_FLAGS} \
|
|
-f ${MAKEFILE} install_prefix=${WRKDIR} install-configs)
|
|
${INSTALL_DATA} ${WRKDIR}${SSH_CONF_DIR}/ssh_config \
|
|
${WRKDIR}${SSH_CONF_DIR}/sshd_config ${PREFIX}/share/examples/ssh
|
|
@${RM} -rf ${WRKDIR}${SSH_CONF_DIR}
|
|
@if [ ! -f ${SSH_CONF_DIR}/ssh_host_key ]; then \
|
|
${ECHO} "Generating a secret host key..."; \
|
|
${PREFIX}/bin/ssh-keygen \
|
|
-f ${SSH_CONF_DIR}/ssh_host_key -N ""; \
|
|
fi
|
|
${INSTALL_SCRIPT} ${WRKDIR}/sshd.sh ${PREFIX}/etc/rc.d/sshd
|
|
|
|
BUILD_DEFS+= USE_IDEA SSH_CONF_DIR SSH_SUID USE_RSAREF2
|
|
BUILD_DEFS+= LIBWRAP_FWD M68060 USE_SOCKS
|
|
|
|
.include "../../mk/bsd.pkg.mk"
|