diff --git a/security/ssh2/Makefile b/security/ssh2/Makefile index e4e7126db5bf..e4a27d82f7a5 100644 --- a/security/ssh2/Makefile +++ b/security/ssh2/Makefile @@ -7,7 +7,7 @@ PORTNAME= ssh2 PORTVERSION= 3.2.9.1 -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= security ipv6 # The list of official mirror sites is at: # http://www.ssh.com/support/downloads/secureshellserver/non-commercial.html @@ -45,8 +45,8 @@ CONFLICTS= openssh-* ssh-* ssh2-[0-9]* .endif GNU_CONFIGURE= yes -USE_REINPLACE= yes MANCOMPRESSED= no +USE_RC_SUBR= sshd2.sh MAN1= ssh2.1 ssh-keygen2.1 ssh-add2.1 ssh-agent2.1 scp2.1 sftp2.1 \ sshregex.1 ssh-probe2.1 ssh-dummy-shell.1 @@ -87,7 +87,7 @@ EXTRA_PATCHES+= ${FILESDIR}/kerberos-patch-apps::ssh::ssh2_config \ .if !defined(WITHOUT_X11) BUILD_DEPENDS+= ${X11BASE}/bin/xauth:${X_CLIENTS_PORT} -RUN_DEPENDS+= ${X11BASE}/bin/xauth:${X_CLIENTS_PORT} +RUN_DEPENDS+= ${X11BASE}/bin/xauth:${X_CLIENTS_PORT} USE_XLIB= yes PLIST_SUB+= WITH_X11:="" .else @@ -140,15 +140,14 @@ post-patch: ${WRKSRC}/apps/ssh/ssh_dummy_shell.out @${REINPLACE_CMD} -E -e 's|(^TESTS.+)(t-filecopy)|\1|g' \ ${WRKSRC}/apps/ssh/tests/Makefile.in - @${REINPLACE_CMD} -E -e 's|(^ETCDIR=).+|\1${PREFIX}\/etc\/ssh2|; \ - s|(^SBINDIR=).+|\1${PREFIX}\/sbin|' \ - ${WRKSRC}/startup/solaris/sshd2 @${SED} 's|%%PREFIX%%|${PREFIX}|g' \ ${PKGDIR}/pkg-message > ${WRKDIR}/pkg-message +pre-install: +# Make sure there's no startup script left over from a previous installation. + @${RM} -f ${PREFIX}/etc/rc.d/sshd2.sh + post-install: - @${INSTALL_SCRIPT} ${WRKSRC}/startup/solaris/sshd2 \ - ${PREFIX}/etc/rc.d/sshd2.sh.sample @${MKDIR} ${EXAMPLESDIR} .for i in ${EXAMPLES} @${INSTALL_DATA} ${WRKSRC}/$i ${EXAMPLESDIR} @@ -159,13 +158,6 @@ post-install: @${INSTALL_DATA} ${WRKSRC}/$i ${DOCSDIR} .endfor .endif - @if [ "`${GREP} ssh /etc/inetd.conf | ${GREP} -v ^#ssh`" = "" ]; then \ - if [ ! -f ${PREFIX}/etc/rc.d/sshd2.sh ]; then \ - ${ECHO_CMD} "Installing ${PREFIX}/etc/sshd2.sh startup file."; \ - ${INSTALL_SCRIPT} ${WRKSRC}/startup/solaris/sshd2 \ - ${PREFIX}/etc/rc.d/sshd2.sh; \ - fi; \ - fi @${CAT} ${WRKDIR}/pkg-message test: build diff --git a/security/ssh2/files/patch-apps::ssh::Makefile.in b/security/ssh2/files/patch-apps::ssh::Makefile.in index a5d483be0a60..9b927d7ca9f2 100644 --- a/security/ssh2/files/patch-apps::ssh::Makefile.in +++ b/security/ssh2/files/patch-apps::ssh::Makefile.in @@ -49,4 +49,12 @@ (cd $(DESTDIR)$(mandir)/man8 && $(LN_S) sshd2.8 sshd.8) clean-up-old: - +@@ -1075,7 +1058,7 @@ + -chown root $(DESTDIR)$(bindir)/ssh-signer2 + -chmod $(SSH_SIGNER_INSTALL_MODE) $(DESTDIR)$(bindir)/ssh-signer2 + +-install-data-hook: make-install-dirs generate-host-key install-symlinks ++install-data-hook: make-install-dirs install-symlinks + -@if test '!' -f $(DESTDIR)$(etcdir)/sshd2_config ; then \ + echo Installing $(DESTDIR)$(etcdir)/sshd2_config ; \ + $(INSTALL_DATA) $(srcdir)/sshd2_config \ diff --git a/security/ssh2/files/patch-apps::ssh::sshd2_config b/security/ssh2/files/patch-apps::ssh::sshd2_config index b1db331e2fec..7660d00c7973 100644 --- a/security/ssh2/files/patch-apps::ssh::sshd2_config +++ b/security/ssh2/files/patch-apps::ssh::sshd2_config @@ -1,6 +1,18 @@ --- apps/ssh/sshd2_config.orig Wed Dec 3 14:17:28 2003 +++ apps/ssh/sshd2_config Thu Jan 1 19:33:35 2004 -@@ -188,9 +188,9 @@ +@@ -22,9 +22,8 @@ + + ## Network + +-# Port is not commented out, as it is needed by the example startup +-# scripts. Well, the default won't likely change. +- Port 22 ++# Port is commented out as it is specified by the startup script. ++# Port 22 + # ListenAddress any + # ResolveClientHostName yes + # RequireReverseMapping no +@@ -188,9 +187,9 @@ ## subsystem definitions # Subsystems don't have defaults, so this is needed here (uncommented). diff --git a/security/ssh2/files/patch-apps::ssh::sshfilecopy.c b/security/ssh2/files/patch-apps::ssh::sshfilecopy.c new file mode 100644 index 000000000000..cf13d41c657f --- /dev/null +++ b/security/ssh2/files/patch-apps::ssh::sshfilecopy.c @@ -0,0 +1,10 @@ +--- apps/ssh/sshfilecopy.c.orig Wed Dec 3 14:17:25 2003 ++++ apps/ssh/sshfilecopy.c Sun Feb 19 20:33:18 2006 +@@ -915,6 +915,7 @@ + /* This file is at it's end. */ + fprintf(stdout, "\r\n"); + } ++ fflush(stdout); + } + + diff --git a/security/ssh2/files/patch-startup::solaris::sshd2 b/security/ssh2/files/patch-startup::solaris::sshd2 deleted file mode 100644 index 74752fcbb013..000000000000 --- a/security/ssh2/files/patch-startup::solaris::sshd2 +++ /dev/null @@ -1,58 +0,0 @@ ---- startup/solaris/sshd2.orig Wed Dec 3 14:17:18 2003 -+++ startup/solaris/sshd2 Tue Dec 30 12:38:16 2003 -@@ -22,9 +22,7 @@ - SBINDIR=/usr/local/sbin - - --[ -f ${SBINDIR}/sshd2 ] || exit 0 -- --PORT= -+[ -x ${SBINDIR}/sshd2 ] || exit 0 - - PORT=`grep Port ${ETCDIR}/sshd2_config | awk '{ x = $2 } END {print x}' -` - if [ "X$PORT" = "X" ] -@@ -37,31 +35,19 @@ - case "$1" in - start) - # Start daemons. -- echo "Starting sshd2 on port $PORT... " -- ${SBINDIR}/sshd2 -+ ${SBINDIR}/sshd2 2> /dev/null -+ echo -n ' sshd2' - ;; - stop) - # Stop daemons. - -- if [ -f /var/run/sshd2_$PORT.pid ] -+ if [ -r /var/run/sshd2_$PORT.pid ] - - then - -- echo "1 Shutting down sshd2 on port ${PORT}... " - kill `cat /var/run/sshd2_${PORT}.pid` - rm -f /var/run/sshd2_${PORT}.pid -- -- elif [ -f ${ETCDIR}/sshd2_${PORT}.pid ] -- -- then -- -- echo "Shutting down sshd2 on port ${PORT}... " -- kill `cat ${ETCDIR}/sshd2_${PORT}.pid` -- rm -f ${ETCDIR}/sshd2_${PORT}.pid -- -- else -- -- echo "sshd2 is not running" -+ echo -n ' sshd2' - - fi - -@@ -72,7 +58,7 @@ - $0 start - ;; - *) -- echo "Usage: sshd2 {start|stop|restart}" -+ echo "Usage: `basename $0` {start|stop|restart}" - exit 1 - esac - diff --git a/security/ssh2/files/sshd2.sh.in b/security/ssh2/files/sshd2.sh.in new file mode 100644 index 000000000000..8b634f4fbd97 --- /dev/null +++ b/security/ssh2/files/sshd2.sh.in @@ -0,0 +1,64 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: sshd2 +# REQUIRE: LOGIN +# +# Available configuration variables for sshd2 are: +# +# sshd2_enable (bool): Set to "YES" to enable sshd2. Defaults to "NO". +# sshd2_flags (flags): Extra flags to sshd2 (see sshd2(8)). Defaults to "". +# sshd2_port (port): Listening port of sshd2. Defaults to "22". +# +# Add at least the following line to /etc/rc.conf or /etc/rc.conf.local to +# enable sshd2: +# +# sshd2_enable="YES" +# + +. %%RC_SUBR%% + +name="sshd2" +rcvar=${name}_enable + +command=%%PREFIX%%/sbin/${name} +command_args="2> /dev/null" +required_files=/usr/local/etc/ssh2/${name}_config +keygen_cmd="sshd2_keygen" +start_precmd="sshd2_precmd" +extra_commands="keygen reload" + +sshd2_keygen() +{ + ( + umask 022 + if [ -f %%PREFIX%%/etc/ssh2/hostkey ]; then + echo "You already have a host key in" \ + "%%PREFIX%%/etc/ssh2/hostkey." + echo "Skipping key generation." + else + %%PREFIX%%/bin/ssh-keygen2 -P -t dsa -c "DSA hostkey" \ + %%PREFIX%%/etc/ssh2/hostkey + fi + ) +} + +sshd2_precmd() +{ + if [ ! -f %%PREFIX%%/etc/ssh2/hostkey ]; then + run_rc_command keygen + fi + + rc_flags="${rc_flags} -p ${sshd2_port}" +} + +load_rc_config $name + +: ${sshd2_enable="NO"} +: ${sshd2_port="22"} + +pidfile=/var/run/${name}_${sshd2_port}.pid + +run_rc_command "$1" diff --git a/security/ssh2/pkg-message b/security/ssh2/pkg-message index 092b8d57168d..64d2d8ebab54 100644 --- a/security/ssh2/pkg-message +++ b/security/ssh2/pkg-message @@ -1,23 +1,20 @@ =========================================================================== -Depending on how you would like to start sshd2(8) you have three choices: -1) Copy the sample start-up script %%PREFIX%%/etc/rc.d/sshd2.sh.sample -to %%PREFIX%%/etc/rc.d/sshd2.sh. +Depending on how you would like to start sshd2(8) you have two choices: +1) Add the following line to /etc/rc.conf or /etc/rc.conf.local: + +sshd2_enable="YES" + +For further available configuration variables when using this method see +%%PREFIX%%/etc/rc.d/sshd2{,.sh}. 2) Add the following entries to your /etc/inetd.conf: + ssh stream tcp nowait root %%PREFIX%%/sbin/sshd2 sshd -i ssh stream tcp6 nowait root %%PREFIX%%/sbin/sshd2 sshd -i -3) On FreeBSD 4 only (on FreeBSD 5 with rcNG this currently doesn't work -properly) add the following entries to your /etc/rc.conf: -sshd_enable="YES" -sshd_program="%%PREFIX%%/sbin/sshd2" - -NOTE: This port traditionally sets up 1) automatically unless it detects 2). - If you want to use 2) or 3) you have to manually delete the start-up - script %%PREFIX%%/etc/rc.d/sshd2.sh. This version of the port is the - last one that does 1) automatically. To prevent foot shooting when - updating to the next version this port won't remove an existing - %%PREFIX%%/etc/rc.d/sshd2.sh on deinstallation. +Using this method requires to manually generate a host key by either +executing `%%PREFIX%%/etc/rc.d/sshd2{,.sh} keygen` or by issuing +ssh-keygen2(1) directly. =========================================================================== diff --git a/security/ssh2/pkg-plist b/security/ssh2/pkg-plist index 523c27579984..dd26ef582f34 100644 --- a/security/ssh2/pkg-plist +++ b/security/ssh2/pkg-plist @@ -19,9 +19,6 @@ bin/ssh-probe2 bin/ssh-signer bin/ssh-signer2 bin/ssh2 -etc/rc.d/sshd2.sh.sample -@exec if [ "`grep ssh /etc/inetd.conf | grep -v ^#ssh`" = "" ] & [ ! -f %B/sshd2.sh ]; then cp %B/%f %B/sshd2.sh; fi -@unexec if [ -f %B/sshd2.sh ]; then echo "If permanently deleting this package, %B/sshd2.sh must be removed manually."; fi @unexec if cmp -s %D/etc/ssh2/sshd2_config %D/etc/ssh2/sshd2_config.example; then rm -f %D/etc/ssh2/sshd2_config; fi etc/ssh2/sshd2_config.example @exec [ -f %B/sshd2_config ] || cp %B/%f %B/sshd2_config @@ -35,7 +32,6 @@ etc/ssh2/subconfig/host_int.example etc/ssh2/subconfig/user.example @exec [ -d %D/etc/ssh2/hostkeys ] || mkdir %D/etc/ssh2/hostkeys @exec [ -d %D/etc/ssh2/knownhosts ] || mkdir %D/etc/ssh2/knownhosts -@exec if [ ! -f %D/etc/ssh2/hostkey ]; then umask 022; echo "Generating host key."; %D/bin/ssh-keygen2 -P -t dsa "DSA hostkey" %D/etc/ssh2/hostkey; fi sbin/sshd sbin/sshd-check-conf sbin/sshd2