CVS_SITE is now MASTER_SITES, and each is tried if the previous fails
Include a :pserver: as one of the CVS repositories, so those inside firewalls
should be able to fetch SSH. If this doesn't work for everyone, I've still
got a trick up my sleeve.
Fix rlimit-related warnings people are seeing by moving the setclasscontext()
to before the switching of uids. Let me know if this does not work, as I
never got the warnings in the first place.
Don't clobber sshd_config, etc. Instead, if they're there, just warn of
their existance.
Take the config files and sshd.sh out of the pkg/PLIST, mainly so you don't
lose your configuration files by doing a "make deinstall reinstall clean"
update.
Parts submitted by: Robert Muir <rmuir@gibralter.net>, Travis Mikalson <bofh@terranova.net>
Update to to the current time for OpenSSH. The notable commit given to me
for this new date is:
(provos@cvs.openbsd.org)
usr.bin/ssh : hostfile.c
in known_hosts key lookup the entry for the bits does not need to match, all
the information is contained in n and e. This solves the problem with buggy
servers announcing the wrong modulus length. markus and me.
files. Also, CVS_RSH can now be specified (to override the ignored
environmental CVS_RSH) as PORTS_CVS_RSH. For instance, you can use ssh
to check out ssh ( :] ) with "PORTS_CVS_RSH=ssh make fetch".
1. Makefile cleanups, pkg/DESCR original comment (obrien)
2. sshd.sh and automatic host key generation when installed
(Christian Weisgerber <naddy@unix-ag.uni-kl.de>)
3. Completely redone downloading procedure:
* CVS is used to download the source (${CVS_CMD} defaults to
cvs -z3)
* MD5 checksums and a specific ${CVS_DATE} are used to get
a specific source tree and verify it; ${CVS_DATE} and
checksums can easily be rolled forward once tested.
* Source is checked out to distfiles like other ports,
and is only updated when ${CVS_DATE} changes.
Rebuilding the port doesn't require another cvs co.
Enjoy!
Reviewed mostly by: obrien
Add "/usr/local/bin" to _PATH_STDPATH (makes scp work inbound, for instance.)
Fetch OpenSSH from OpenBSD's src tree. This uses a script and ftp(1).
Add strlcpy.c to ssh/lib, so this port should build on 3.X now.
Make TCP_WRAPPERS conditional on /usr/include/tcpd.h like the PR, so it
should build on older RELEASEs without TCP Wrappers.
The PR is still open because I am taking more from it.
PR: ports/14653
in no way cryptographically encumbered code. The fact that it's
redistributed by me from freefall is completely coincidental.
Submitted by: obrien, Christian Weisgerber <naddy@unix-ag.uni-kl.de>
