ports/96625: [Update] security/openssh

Peter Thoenen eol1 at yahoo.com
Mon May 1 20:10:07 UTC 2006 

>Number:         96625
>Category:       ports
>Synopsis:       security/openssh
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Mon May 01 20:10:06 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator:     Peter Thoenen <peter.thoenen at yahoo.com>
>Release:        FreeBSD anglachel 6.1-RC FreeBSD 6.1-RC
>Organization:
>Environment:
>Description:
  Included rc.d script never works for me.  For some reason the port
installs the old style rc.local script and ignore the newer rc.subr one
(both are included though in the files subdir).  Attached is a fix for this.
--0-1460702059-1146513787=:16375
Content-Type: text/plain; name="openssh.diff.txt"
Content-Description: 844809025-openssh.diff.txt
Content-Disposition: inline; filename="openssh.diff.txt"

diff -ruN openssh.orig/Makefile openssh/Makefile
--- openssh.orig/Makefile	Thu Apr 27 17:14:32 2006
+++ openssh/Makefile	Thu Apr 27 17:42:57 2006
@@ -7,7 +7,7 @@
 
 PORTNAME=	openssh
 PORTVERSION=	3.6.1
-PORTREVISION=	5
+PORTREVISION=	6
 CATEGORIES=	security
 MASTER_SITES=	ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/ \
 		ftp://ftp.usa.openbsd.org/pub/OpenBSD/OpenSSH/ \
@@ -26,13 +26,19 @@
 USE_OPENSSL=	yes
 WRKSRC=		${WRKDIR}/ssh
 
+USE_RC_SUBR=	sshd
+
+OPTIONS=	AFS "With AFC Support" off \
+		KERBEROS "With Kerberos Support" off \
+		SKEY "With SKEY Support" off
+
 MAN1=		scp.1 slogin.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 \
 		ssh-keyscan.1 sftp.1
 MAN5=		ssh_config.5 sshd_config.5
 MAN8=		sshd.8 sftp-server.8 ssh-keysign.8
 MANCOMPRESSED=	yes
 
-MODIFY=		ssh.h sshd_config sshd.sh pathnames.h
+MODIFY=		ssh.h sshd_config pathnames.h
 FIXME=		lib/Makefile scp/Makefile sftp/Makefile sftp-server/Makefile \
 		ssh/Makefile ssh-add/Makefile ssh-agent/Makefile \
 		ssh-keygen/Makefile ssh-keyscan/Makefile sshd/Makefile
@@ -63,11 +69,11 @@
 MAKE_ENV+=	TCP_WRAPPERS=no
 .endif
 
-.if defined(AFS) && ${AFS} == YES
+.ifdef(WITH_AFS) && ${AFS} == YES
 MAKE_ENV+=	AFS=yes
 .endif
 
-.if defined(KERBEROS) && ${KERBEROS} == YES
+.ifdef(WITH_KERBEROS) && ${KERBEROS} == YES
 MAKE_ENV+=	KERBEROS=yes
 .endif
 
@@ -78,7 +84,7 @@
 .endif
 MAKE_ENV+=	PAM=${PAM}
 
-.if defined(SKEY) && ${SKEY} == YES
+.ifdef(WITH_SKEY) && ${SKEY} == YES
 SKEY_SUFFIX=	-skey
 MAKE_ENV+=	SKEY=yes
 .endif
@@ -89,7 +95,6 @@
 PLIST_SUB+=	EMPTYDIR=${EMPTYDIR}
 
 post-extract:
-	@${CP} ${FILESDIR}/sshd.sh ${WRKSRC}/
 .for i in ${ADDLIB}
 	@${CP} ${FILESDIR}/${i} ${WRKSRC}/lib/
 .endfor
@@ -157,7 +162,6 @@
 	@${ECHO_MSG} ">> Installing moduli."
 	${INSTALL_DATA} -c ${FILESDIR}/moduli ${ETCSSH}/moduli
 .endif
-	${INSTALL_SCRIPT} ${WRKSRC}/sshd.sh ${PREFIX}/etc/rc.d/sshd.sh.sample
 	${INSTALL_DATA} -c ${WRKSRC}/ssh_config ${ETCSSH}/ssh_config-dist
 	${INSTALL_DATA} -c ${WRKSRC}/sshd_config ${ETCSSH}/sshd_config-dist
 .if !exists(${ETCSSH}/ssh_config) && !exists(${ETCSSH}/sshd_config) \
diff -ruN openssh.orig/files/sshd.in openssh/files/sshd.in
--- openssh.orig/files/sshd.in	Thu Jan  1 01:00:00 1970
+++ openssh/files/sshd.in	Thu Apr 27 17:14:59 2006
@@ -0,0 +1,27 @@
+#!/bin/sh
+#
+# $FreeBSD:$
+#
+# PROVIDE: sshd
+# REQUIRE: NETWORKING SERVERS USR
+# BEFORE: LOGIN
+#
+# Add the following lines to /etc/rc.conf to enable sshd
+#
+# sshd_enable (bool):	Set to "NO" by default
+#			Set it to "YES" to enable sshd
+
+. /etc/rc.subr
+
+name="sshd"
+rcvar=${name}_enable
+
+load_rc_config ${name}
+
+: ${sshd_enable="NO"}
+: ${sshd_pidfile="/var/run/sshd.pid"}
+
+command="/usr/local/sbin/${name}"
+
+run_rc_command "$1"
+
diff -ruN openssh.orig/files/sshd.sh openssh/files/sshd.sh
--- openssh.orig/files/sshd.sh	Thu Apr 27 17:14:32 2006
+++ openssh/files/sshd.sh	Thu Jan  1 01:00:00 1970
@@ -1,24 +0,0 @@
-#!/bin/sh
-case "$1" in
-start)
-	__PREFIX__/sbin/sshd
-	echo -n ' sshd'
-	;;
-stop)
-	if [ -f /var/run/sshd.pid ]; then
-		kill -TERM `cat /var/run/sshd.pid`
-		rm -f /var/run/sshd.pid
-		echo -n ' sshd'
-	fi
-	;;
-restart)
-	if [ -f /var/run/sshd.pid ]; then
-		kill -HUP `cat /var/run/sshd.pid`
-		echo 'sshd restarted'
-	fi
-	;;
-*)
-	echo "Usage: ${0##*/}: { start | stop | restart }" >&2
-	exit 64
-	;;
-esac
diff -ruN openssh.orig/files/sshd.sh.in openssh/files/sshd.sh.in
--- openssh.orig/files/sshd.sh.in	Thu Apr 27 17:14:31 2006
+++ openssh/files/sshd.sh.in	Thu Jan  1 01:00:00 1970
@@ -1,61 +0,0 @@
-#!/bin/sh
-#
-# $FreeBSD: ports/security/openssh/files/nagios.sh.in,v 1.2 2006/01/17 10:39:58 tdb Exp $
-#
-
-#
-# Add the following lines to /etc/rc.conf to enable openssh:
-# sshd_enable (bool):    Set to "NO" by default.
-#                          Set it to "YES" to enable openssh.
-# sshd_flags (str):      Set to "" by default.
-# sshd_configfile (str): Set to "%%PREFIX%%/etc/ssh/sshd_config" by default.
-#
-
-. %%RC_SUBR%%
-
-name="sshd"
-rcvar=`set_rcvar`
-
-if [ -z "${sshd_program}" ]; then
-  command=${sshd_program}
-elif [ -x %%PREFIX%%/bin/sshd ]; then
-  command="%%PREFIX%%/bin/sshd"
-else 
-  command="/usr/sbin/sshd"
-fi
-
-pidfile="/var/run/sshd.pid"
-
-start_precmd="start_precmd"
-stop_postcmd="stop_postcmd"
-restart_precmd="nagios_checkconfig"
-sig_reload=HUP
-
-[ -z "${sshd_enable}" ]       && sshd_enable="NO"
-[ -z "${sshd_flags}" ]        && sshd_flags=""
-[ -z "${sshd_configfile}" ]   && sshd_configfile="%%PREFIX%%/etc/ssh/sshd_config"
-
-load_rc_config "${name}"
-
-required_files="${sshd_configfile}"
-command_args="${command_args} -f ${sshd_configfile}"
-
-sshd_checkconfig() {
-  echo -n "Performing sanity check of sshd configuration: "
-  ${command} -t -f ${sshd_configfile} 2>&1 >/dev/null
-  if [ $? != 0 ]; then
-    echo "FAILED"
-    ${command} -t -f ${sshd_configfile}
-    return 1
-  else
-    echo "OK"
-  fi
-}
-
-start_precmd() {
-  if ! sshd_checkconfig; then
-    return 1
-  fi
-}
-
-run_rc_command "$1"
diff -ruN openssh.orig/pkg-plist openssh/pkg-plist
--- openssh.orig/pkg-plist	Thu Apr 27 17:14:32 2006
+++ openssh/pkg-plist	Thu Apr 27 17:27:22 2006
@@ -6,7 +6,7 @@
 bin/ssh-agent
 bin/ssh-keygen
 bin/ssh-keyscan
-etc/rc.d/sshd.sh.sample
+etc/rc.d/sshd
 etc/ssh/moduli
 @exec [ -f %D/etc/ssh_config ] && [ ! -f %D/etc/ssh/ssh_config ] && ln %D/etc/ssh_config %D/etc/ssh/ssh_config
 @exec [ -f %D/etc/sshd_config ] && [ ! -f %D/etc/ssh/sshd_config ] && ln %D/etc/sshd_config %D/etc/ssh/sshd_config

--0-1460702059-1146513787=:16375--
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
 --0-1460702059-1146513787=:16375
 Content-Type: text/plain; charset=iso-8859-1
 Content-Transfer-Encoding: 8bit
 Content-Id: 
 Content-Disposition: inline

More information about the freebsd-ports-bugs mailing list