summaryrefslogtreecommitdiff
path: root/system/openssh/APKBUILD
diff options
context:
space:
mode:
Diffstat (limited to 'system/openssh/APKBUILD')
-rw-r--r--system/openssh/APKBUILD181
1 files changed, 181 insertions, 0 deletions
diff --git a/system/openssh/APKBUILD b/system/openssh/APKBUILD
new file mode 100644
index 000000000..90a628d27
--- /dev/null
+++ b/system/openssh/APKBUILD
@@ -0,0 +1,181 @@
+# Contributor: Leonardo Arena <rnalrd@alpinelinux.org>
+# Contributor: Valery Kartel <valery.kartel@gmail.com>
+# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
+pkgname=openssh
+pkgver=7.5_p1
+_myver=${pkgver%_*}${pkgver#*_}
+pkgrel=5
+pkgdesc="Port of OpenBSD's free SSH release"
+url="http://www.openssh.org/portable.html"
+arch="all"
+license="as-is"
+options="suid !check"
+depends="openssh-client openssh-sftp-server openssh-server"
+makedepends_build="linux-pam-dev"
+makedepends_host="openssl-dev zlib-dev linux-headers linux-pam-dev"
+makedepends="$makedepends_build $makedepends_host"
+subpackages="$pkgname-doc
+ $pkgname-keygen
+ $pkgname-client
+ $pkgname-keysign
+ $pkgname-sftp-server:sftp
+ $pkgname-server-common:server_common:noarch
+ $pkgname-server
+ "
+
+source="http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$pkgname-$_myver.tar.gz
+ openssh7.4-peaktput.patch
+ openssh7.4-dynwindows.patch
+ fix-utmp.patch
+ bsd-compatible-realpath.patch
+ sshd.initd
+ sshd.confd
+ sftp-interactive.patch
+ openssh-7.5p1-sandbox.patch
+ "
+# secfixes:
+# 7.4_p1:
+# - CVE-2016-10009
+# - CVE-2016-10010
+# - CVE-2016-10011
+# - CVE-2016-10012
+
+# HPN patches are from: http://hpnssh.sourceforge.net/
+
+builddir="$srcdir"/$pkgname-$_myver
+
+prepare() {
+ cd "$builddir"
+ default_prepare
+ for _flavour in $_pkgsupport; do
+ cp -R "$srcdir"/$pkgname-$_myver "$srcdir"/$pkgname-${_myver}-$_flavour
+ done
+}
+
+build() {
+ cd "$builddir"
+ export LD="$CC"
+ ./configure --build=$CBUILD \
+ --host=$CHOST \
+ --prefix=/usr \
+ --sysconfdir=/etc/ssh \
+ --libexecdir=/usr/lib/ssh \
+ --mandir=/usr/share/man \
+ --with-pid-dir=/run \
+ --with-mantype=man \
+ --with-ldflags="${LDFLAGS}" \
+ --disable-lastlog \
+ --disable-strip \
+ --disable-wtmp \
+ --with-privsep-path=/var/empty \
+ --with-xauth=/usr/bin/xauth \
+ --with-privsep-user=sshd \
+ --with-md5-passwords \
+ --with-ssl-engine \
+ --with-pam
+ make
+}
+
+package() {
+ cd "$builddir"
+ make DESTDIR="$pkgdir" install
+ mkdir -p "$pkgdir"/var/empty
+ install -D -m755 "$srcdir"/sshd.initd \
+ "$pkgdir"/etc/init.d/sshd
+ install -D -m644 "$srcdir"/sshd.confd \
+ "$pkgdir"/etc/conf.d/sshd
+ install -Dm644 "$builddir"/contrib/ssh-copy-id.1 \
+ "$pkgdir"/usr/share/man/man1/ssh-copy-id.1
+}
+
+keygen() {
+ pkgdesc="ssh helper program for generating keys"
+ depends=
+ install -d "$subpkgdir"/usr/bin
+ mv "$pkgdir"/usr/bin/ssh-keygen \
+ "$subpkgdir"/usr/bin/
+}
+
+client() {
+ pkgdesc="OpenBSD's SSH client"
+ depends="openssh-keygen"
+ install -d "$subpkgdir"/usr/bin \
+ "$subpkgdir"/usr/lib/ssh \
+ "$subpkgdir"/etc/ssh \
+ "$subpkgdir"/var/empty
+
+ mv "$pkgdir"/usr/bin/* \
+ "$subpkgdir"/usr/bin/
+ mv "$pkgdir"/etc/ssh/ssh_config \
+ "$pkgdir"/etc/ssh/moduli \
+ "$subpkgdir"/etc/ssh/
+ install -Dm755 "$builddir"/contrib/findssl.sh \
+ "$subpkgdir"/usr/bin/findssl.sh
+ install -Dm755 "$builddir"/contrib/ssh-copy-id \
+ "$subpkgdir"/usr/bin/ssh-copy-id
+ install -Dm755 "$builddir"/ssh-pkcs11-helper \
+ "$subpkgdir"/usr/bin/ssh-pkcs11-helper
+}
+
+keysign() {
+ pkgdesc="ssh helper program for host-based authentication"
+ depends="openssh-client"
+ install -d "$subpkgdir"/usr/lib/ssh
+ mv "$pkgdir"/usr/lib/ssh/ssh-keysign \
+ "$subpkgdir"/usr/lib/ssh/
+}
+
+sftp() {
+ pkgdesc="ssh sftp server module"
+ depends=""
+ install -d "$subpkgdir"/usr/lib/ssh
+ mv "$pkgdir"/usr/lib/ssh/sftp-server \
+ "$subpkgdir"/usr/lib/ssh/
+}
+
+server_common() {
+ pkgdesc="OpenSSH server configuration files"
+ depends=""
+ for i in etc/ssh/sshd_config \
+ etc/init.d/sshd \
+ etc/conf.d/sshd; do
+
+ install -d "$subpkgdir"/${i%/*}
+ mv "$pkgdir"/$i \
+ "$subpkgdir"/${i%/*}/
+
+ done
+}
+
+server() {
+ pkgdesc="OpenSSH server"
+ depends="openssh-keygen openssh-server-common"
+ cd "$builddir"
+ install -d "$subpkgdir"/usr/sbin
+ mv "$pkgdir"/usr/sbin/sshd "$subpkgdir"/usr/sbin/
+}
+
+_server() {
+ cd "$builddir"
+ install -d "$subpkgdir"/usr/sbin
+ mv "$1"/sshd "$subpkgdir"/usr/sbin/
+}
+
+_pkg_flavour() {
+ pkgdesc="OpenSSH server with $_flavour support"
+ depends="openssh-keygen openssh-server-common"
+ for _flavour in $_pkgsupport; do
+ cd "${builddir}"-$_flavour
+ _server "${builddir}"-$_flavour
+ done
+}
+
+sha512sums="58c542e8a110fb4316a68db94abb663fa1c810becd0638d45281df8aeca62c1f705090437a80e788e6c29121769b72a505feced537d3118c933fde01b5285c81 openssh-7.5p1.tar.gz
+398096a89aa104abeff31aa043ac406a6348e0fdd4d313b7888ee0b931d38fd71fc21bceee46145e88f03bc27e00890e068442faee2d33f86cfbc04d58ffa4b6 openssh7.4-peaktput.patch
+b9d736eae9b43de91fa3eb277ba8abc6290a8436b0fb00ae3b0f1b2eabba9983e4d2a1e3c68f5514247d0a3f120037f0795fd88fbf302aabd2d1b54a325a04ee openssh7.4-dynwindows.patch
+f35fffcd26635249ce5d820e7b3e406e586f2d2d7f6a045f221e2f9fb53aebc1ab1dd1e603b3389462296ed77921a1d08456e7aaa3825cbed08f405b381a58e1 fix-utmp.patch
+f2b8daa537ea3f32754a4485492cc6eb3f40133ed46c0a5a29a89e4bcf8583d82d891d94bf2e5eb1c916fa68ec094abf4e6cd641e9737a6c05053808012b3a73 bsd-compatible-realpath.patch
+394a420a36880bb0dd37dfd8727cea91fd9de6534050169e21212a46513ef3aaafe2752c338699b3d4ccd14871b26cf01a152df8060cd37f86ce0665fd53c63f sshd.initd
+ce0abddbd2004891f88efd8522c4b37a4989290269fab339c0fa9aacc051f7fd3b20813e192e92e0e64315750041cb74012d4321260f4865ff69d7a935b259d4 sshd.confd
+c1d09c65dbc347f0904edc30f91aa9a24b0baee50309536182455b544f1e3f85a8cecfa959e32be8b101d8282ef06dde3febbbc3f315489339dcf04155c859a9 sftp-interactive.patch
+15c5478bcae56c019a2fbd82ec04808537fd4ba1f1ba4a0a88c0343c16c698c45dbfac59eebc3fcfd3c15b302ebec43e60ffa02442a6c77673b14818ad3f7b60 openssh-7.5p1-sandbox.patch"