# Contributor: Leonardo Arena # Contributor: Valery Kartel # Maintainer: Horst Burkhardt pkgname=openssh pkgver=9.9_p2 _myver=${pkgver%_*}${pkgver#*_} pkgrel=1 pkgdesc="Remote login tool using encrypted SSH protocol" url="https://www.openssh.com/portable.html" arch="all" options="suid !check" license="BSD-1-Clause AND BSD-2-Clause AND BSD-3-Clause" depends="openssh-client openssh-sftp-server openssh-server" makedepends_build="autoconf automake linux-pam-dev gettext-tiny" makedepends_host="openssl-dev zlib-dev linux-headers linux-pam-dev gettext-tiny-dev utmps-dev" makedepends="$makedepends_build $makedepends_host" subpackages="$pkgname-doc $pkgname-keygen $pkgname-client $pkgname-keysign $pkgname-sftp-server:sftp $pkgname-server $pkgname-openrc " source="https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$pkgname-$_myver.tar.gz disable-forwarding-by-default.patch utmpx.patch sshd.initd sshd.confd " # secfixes: # 9.0_p1-r0: # - CVE-2021-41617 # - CVE-2021-28041 # - CVE-2020-14145 # 7.9_p1-r2: # - CVE-2018-20685 # 7.9_p1: # - CVE-2018-15473 # 7.7_p1: # - CVE-2017-15906 # 7.4_p1: # - CVE-2016-10009 # - CVE-2016-10010 # - CVE-2016-10011 # - CVE-2016-10012 builddir="$srcdir"/$pkgname-$_myver build() { autoreconf -vif export LD="$CC" LIBS="-lutmps -lskarnet" ./configure --build=$CBUILD \ --host=$CHOST \ --prefix=/usr \ --sysconfdir=/etc/ssh \ --libexecdir=/usr/lib/ssh \ --mandir=/usr/share/man \ --with-pid-dir=/run \ --with-mantype=man \ --with-ldflags="${LDFLAGS}" \ --enable-lastlog \ --disable-strip \ --enable-wtmpx \ --with-privsep-path=/var/empty \ --with-xauth=/usr/bin/xauth \ --with-privsep-user=sshd \ --with-ssl-engine \ --with-pam \ --without-zlib-version-check make } package() { make DESTDIR="$pkgdir" install mkdir -p "$pkgdir"/var/empty install -D -m755 "$srcdir"/sshd.initd \ "$pkgdir"/etc/init.d/sshd install -D -m644 "$srcdir"/sshd.confd \ "$pkgdir"/etc/conf.d/sshd install -Dm644 "$builddir"/contrib/ssh-copy-id.1 \ "$pkgdir"/usr/share/man/man1/ssh-copy-id.1 } keygen() { pkgdesc="Helper program for generating SSH keys" depends="" install -d "$subpkgdir"/usr/bin mv "$pkgdir"/usr/bin/ssh-keygen \ "$subpkgdir"/usr/bin/ } client() { pkgdesc="OpenBSD's SSH client" depends="openssh-keygen" install -d "$subpkgdir"/usr/bin \ "$subpkgdir"/usr/lib/ssh \ "$subpkgdir"/etc/ssh \ "$subpkgdir"/var/empty mv "$pkgdir"/usr/bin/* \ "$subpkgdir"/usr/bin/ mv "$pkgdir"/etc/ssh/ssh_config \ "$pkgdir"/etc/ssh/moduli \ "$subpkgdir"/etc/ssh/ install -Dm755 "$builddir"/contrib/findssl.sh \ "$subpkgdir"/usr/bin/findssl.sh install -Dm755 "$builddir"/contrib/ssh-copy-id \ "$subpkgdir"/usr/bin/ssh-copy-id install -Dm755 "$builddir"/ssh-pkcs11-helper \ "$subpkgdir"/usr/bin/ssh-pkcs11-helper } keysign() { pkgdesc="Helper program for SSH host-based authentication" depends="openssh-client" install -d "$subpkgdir"/usr/lib/ssh mv "$pkgdir"/usr/lib/ssh/ssh-keysign \ "$subpkgdir"/usr/lib/ssh/ } sftp() { pkgdesc="SFTP server module for OpenSSH" depends="" install -d "$subpkgdir"/usr/lib/ssh mv "$pkgdir"/usr/lib/ssh/sftp-server \ "$subpkgdir"/usr/lib/ssh/ } server() { pkgdesc="OpenSSH server" depends="openssh-client openssh-keygen" replaces="openssh-server-common" install -d "$subpkgdir"/usr/sbin mv "$pkgdir"/usr/sbin/sshd "$subpkgdir"/usr/sbin/ install -d "$subpkgdir"/usr/lib/ssh mv "$pkgdir"/usr/lib/ssh/sshd-session "$subpkgdir"/usr/lib/ssh/ install -d "$subpkgdir"/etc/ssh mv "$pkgdir"/etc/ssh/sshd_config "$subpkgdir"/etc/ssh/ } openrc() { default_openrc depends="openssh-server" install_if="openssh-server=$pkgver-r$pkgrel openrc" } sha512sums="4c6d839aa3189cd5254c745f2bd51cd3f468b02f8e427b8d7a16b9ad017888a41178d2746dc51fb2d3fec5be00e54b9ab7c32c472ca7dec57a1dea4fc9840278 openssh-9.9p2.tar.gz f3d5960572ddf49635d4edbdff45835df1b538a81840db169c36b39862e6fa8b0393ca90626000b758f59567ff6810b2537304098652483b3b31fb438a061de6 disable-forwarding-by-default.patch 56543469db242699d8a04d0ba133b9ab0d980224035de57f70f773ca1593828cf4e41d3306f72b5ac95423f1e512bd6b92f69f86b847e05abfbd48737431104b utmpx.patch 964c0f8538ba25bdc9cdbd1467bbdfb2090e38492ff0ef7c64473785713fe26d752ea6a7b0ee7a0b34e08f4d3b4bccf6a69e6c456f0c57d0d0c581aa8a046936 sshd.initd ce0abddbd2004891f88efd8522c4b37a4989290269fab339c0fa9aacc051f7fd3b20813e192e92e0e64315750041cb74012d4321260f4865ff69d7a935b259d4 sshd.confd"