auto-import changelog data from openssh-2.5.2p2-1.7.2.src.rpm
Fri Mar 30 2001 Nalin Dahyabhai <nalin@redhat.com> - add pam_limits back to the PAM configuration Wed Mar 28 2001 Nalin Dahyabhai <nalin@redhat.com> - tweak the init script because 7.0's initscripts daemon() function isn't as smart as it should be Mon Mar 26 2001 Nalin Dahyabhai <nalin@redhat.com> - build for a 7.0 errata Fri Mar 23 2001 Nalin Dahyabhai <nalin@redhat.com> - make do_pam_setcred() smart enough to know when to establish creds and when to reinitialize them - add in a couple of other fixes from Damien for inclusion in the errata Thu Mar 22 2001 Nalin Dahyabhai <nalin@redhat.com> - update to 2.5.2p2 - call setcred() again after initgroups, because the "creds" could actually be group memberships Tue Mar 20 2001 Nalin Dahyabhai <nalin@redhat.com> - update to 2.5.2p1 (includes endianness fixes in the rijndael implementation) - don't enable challenge-response by default until we find a way to not have too many userauth requests (we may make up to six pubkey and up to three password attempts as it is) - remove build dependency on rsh to match openssh.com's packages more closely Sat Mar 03 2001 Nalin Dahyabhai <nalin@redhat.com> - remove dependency on openssl -- would need to be too precise Fri Mar 02 2001 Nalin Dahyabhai <nalin@redhat.com> - rebuild in new environment Mon Feb 26 2001 Nalin Dahyabhai <nalin@redhat.com> - Revert the patch to move pam_open_session. - Init script and spec file changes from Pekka Savola. (#28750) - Patch sftp to recognize '-o protocol' arguments. (#29540) Thu Feb 22 2001 Nalin Dahyabhai <nalin@redhat.com> - Chuck the closing patch. - Add a trigger to add host keys for protocol 2 to the config file, now that configuration file syntax requires us to specify it with HostKey if we specify any other HostKey values, which we do. Tue Feb 20 2001 Nalin Dahyabhai <nalin@redhat.com> - Redo patch to move pam_open_session after the server setuid()s to the user. - Rework the nopam patch to use be picked up by autoconf. Mon Feb 19 2001 Nalin Dahyabhai <nalin@redhat.com> - Update for 2.5.1p1. - Add init script mods from Pekka Savola. - Tweak the init script to match the CVS contrib script more closely. - Redo patch to ssh-add to try to adding both identity and id_dsa to also try adding id_rsa. Fri Feb 16 2001 Nalin Dahyabhai <nalin@redhat.com> - Update for 2.5.0p1. - Use $RPM_OPT_FLAGS instead of -O when building gnome-ssh-askpass - Resync with parts of Damien Miller's openssh.spec from CVS, including update of x11 askpass to 1.2.0. - Only require openssl (don't prereq) because we generate keys in the init script now. Tue Feb 13 2001 Nalin Dahyabhai <nalin@redhat.com> - Don't open a PAM session until we've forked and become the user (#25690). - Apply Andrew Bartlett's patch for letting pam_authenticate() know which host the user is attempting a login from. - Resync with parts of Damien Miller's openssh.spec from CVS. - Don't expose KbdInt responses in debug messages (from CVS). - Detect and handle errors in rsa_{public,private}_decrypt (from CVS). Wed Feb 07 2001 Trond Eivind Glomsr)Bd <teg@redhat.com> - i18n-tweak to initscript. Tue Jan 23 2001 Nalin Dahyabhai <nalin@redhat.com> - More gettextizing. - Close all files after going into daemon mode (needs more testing). - Extract patch from CVS to handle auth banners (in the client). - Extract patch from CVS to handle compat weirdness. Fri Jan 19 2001 Nalin Dahyabhai <nalin@redhat.com> - Finish with the gettextizing. Thu Jan 18 2001 Nalin Dahyabhai <nalin@redhat.com> - Fix a bug in auth2-pam.c (#23877) - Gettextize the init script. Wed Dec 20 2000 Nalin Dahyabhai <nalin@redhat.com> - Incorporate a switch for using PAM configs for 6.x, just in case. Tue Dec 05 2000 Nalin Dahyabhai <nalin@redhat.com> - Incorporate Bero's changes for a build specifically for rescue CDs. Wed Nov 29 2000 Nalin Dahyabhai <nalin@redhat.com> - Don't treat pam_setcred() failure as fatal unless pam_authenticate() has succeeded, to allow public-key authentication after a failure with "none" authentication. (#21268) Tue Nov 28 2000 Nalin Dahyabhai <nalin@redhat.com> - Update to x11-askpass 1.1.1. (#21301) - Don't second-guess fixpaths, which causes paths to get fixed twice. (#21290) Mon Nov 27 2000 Nalin Dahyabhai <nalin@redhat.com> - Merge multiple PAM text messages into subsequent prompts when possible when doing keyboard-interactive authentication. Sun Nov 26 2000 Nalin Dahyabhai <nalin@redhat.com> - Disable the built-in MD5 password support. We're using PAM. - Take a crack at doing keyboard-interactive authentication with PAM, and enable use of it in the default client configuration so that the client will try it when the server disallows password authentication. - Build with debugging flags. Build root policies strip all binaries anyway.
This commit is contained in:
parent
f28bf6e8bb
commit
43f95f0f77
@ -1,2 +1,2 @@
|
||||
openssh-2.3.0p1.tar.gz
|
||||
x11-ssh-askpass-1.1.0.tar.gz
|
||||
openssh-2.5.2p2.tar.gz
|
||||
x11-ssh-askpass-1.2.0.tar.gz
|
||||
|
496
openssh.spec
496
openssh.spec
@ -1,5 +1,5 @@
|
||||
# Version of ssh-askpass
|
||||
%define aversion 1.1.0
|
||||
%define aversion 1.2.0
|
||||
|
||||
# Do we want to disable building of x11-askpass? (1=yes 0=no)
|
||||
%define no_x11_askpass 0
|
||||
@ -7,38 +7,59 @@
|
||||
# Do we want to disable building of gnome-askpass? (1=yes 0=no)
|
||||
%define no_gnome_askpass 0
|
||||
|
||||
# Reserve options to override askpass settings with:
|
||||
# rpm -ba|--rebuild --define 'skip_xxx 1'
|
||||
%{?skip_x11_askpass:%define no_x11_askpass 1}
|
||||
%{?skip_gnome_askpass:%define no_gnome_askpass 1}
|
||||
|
||||
# Is this a build for the rescue CD (without PAM)? (1=yes 0=no)
|
||||
%define rescue 0
|
||||
%{?build_rescue:%define rescue 1}
|
||||
|
||||
# Is this a build for 6.x or earlier?
|
||||
%define build6x 0
|
||||
%{?build_6x:%define build6x 1}
|
||||
|
||||
# If this is 6.x, the default configuration has sysconfdir in /usr/etc.
|
||||
%if %{build6x}
|
||||
%define _sysconfdir /etc
|
||||
%endif
|
||||
|
||||
Summary: OpenSSH free Secure Shell (SSH) implementation
|
||||
Name: openssh
|
||||
Version: 2.3.0p1
|
||||
Release: 4
|
||||
Version: 2.5.2p2
|
||||
Release: 1.7.2
|
||||
URL: http://www.openssh.com/portable.html
|
||||
Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
|
||||
%if ! %{no_x11_askpass}
|
||||
Source1: http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz
|
||||
Source1: http://www.jmknoble.cx/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz
|
||||
%endif
|
||||
Source2: openssh.init
|
||||
Source3: gnome-ssh-askpass.sh
|
||||
Source4: gnome-ssh-askpass.csh
|
||||
Source5: openssh.primes
|
||||
Patch0: openssh-2.3.0p1-redhat.patch
|
||||
Patch1: openssh-2.2.0p1-agent.patch
|
||||
Patch2: openssh-2.2.0p1-keygen-dsa.patch
|
||||
Patch3: openssh-2.2.0p1-authpriv.patch
|
||||
Patch4: openssh-2.3.0p1-path.patch
|
||||
Source5: openssh-closing.txt
|
||||
Patch0: openssh-2.5.2p2-redhat.patch
|
||||
Patch1: openssh-2.3.0p1-path.patch
|
||||
Patch2: openssh-2.5.1p1-crypt.patch
|
||||
Patch3: openssh-2.5.1p1-all.patch
|
||||
Patch4: openssh-2.5.2p2-setcred.patch
|
||||
Patch5: reinit.patch
|
||||
Patch6: aes-compat.diff
|
||||
Patch7: sftp-globfix.diff
|
||||
Copyright: BSD
|
||||
Group: Applications/Internet
|
||||
BuildRoot: %{_tmppath}/openssh-%{version}-buildroot
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot
|
||||
Obsoletes: ssh
|
||||
PreReq: dev, openssl >= 0.9.5a, initscripts >= 5.20
|
||||
Requires: openssl >= 0.9.5a
|
||||
PreReq: initscripts >= 5.20
|
||||
BuildPreReq: perl, openssl-devel, tcp_wrappers
|
||||
BuildPreReq: /bin/login, /usr/bin/rsh, /usr/include/security/pam_appl.h
|
||||
BuildPreReq: /bin/login, /usr/include/security/pam_appl.h
|
||||
%if ! %{no_x11_askpass}
|
||||
BuildPreReq: XFree86-devel
|
||||
%endif
|
||||
%if ! %{no_gnome_askpass}
|
||||
BuildPreReq: gnome-libs-devel
|
||||
%endif
|
||||
Requires: openssl
|
||||
|
||||
%package clients
|
||||
Summary: OpenSSH Secure Shell protocol clients
|
||||
@ -51,7 +72,9 @@ Summary: OpenSSH Secure Shell protocol server (sshd)
|
||||
Group: System Environment/Daemons
|
||||
Obsoletes: ssh-server
|
||||
PreReq: openssh = %{version}-%{release}, chkconfig >= 0.9
|
||||
%if ! %{build6x}
|
||||
Requires: /etc/pam.d/system-auth
|
||||
%endif
|
||||
|
||||
%package askpass
|
||||
Summary: OpenSSH X11 passphrase dialog
|
||||
@ -120,7 +143,7 @@ OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
|
||||
up to date in terms of security and features, as well as removing all
|
||||
patented algorithms to separate libraries (OpenSSL).
|
||||
|
||||
This package contains Jim Knoble's <jmknoble@pobox.com> X11 passphrase
|
||||
This package contains Jim Knoble's <jmknoble@jmknoble.cx> X11 passphrase
|
||||
dialog.
|
||||
|
||||
%description askpass-gnome
|
||||
@ -136,7 +159,303 @@ patented algorithms to separate libraries (OpenSSL).
|
||||
|
||||
This package contains the GNOME passphrase dialog.
|
||||
|
||||
%prep
|
||||
|
||||
%if ! %{no_x11_askpass}
|
||||
%setup -q -a 1
|
||||
%else
|
||||
%setup -q
|
||||
%endif
|
||||
%patch0 -p1 -b .redhat
|
||||
%patch1 -p1 -b .path
|
||||
%patch2 -p1 -b .crypt
|
||||
%patch3 -p1 -b .all
|
||||
%patch4 -p1 -b .setcred
|
||||
%patch5 -p0 -b .reinit
|
||||
%patch6 -p0 -b .aes-compat
|
||||
%patch7 -p0 -b .sftp-globfix
|
||||
autoheader
|
||||
autoconf
|
||||
|
||||
%build
|
||||
%configure \
|
||||
--sysconfdir=%{_sysconfdir}/ssh \
|
||||
--libexecdir=%{_libexecdir}/openssh \
|
||||
--with-tcp-wrappers \
|
||||
--with-ipv4-default \
|
||||
--with-rsh=/usr/bin/rsh \
|
||||
%if %{rescue}
|
||||
--without-pam --with-md5-passwords
|
||||
%else
|
||||
--with-pam
|
||||
%endif
|
||||
|
||||
make
|
||||
|
||||
%if ! %{no_x11_askpass}
|
||||
pushd x11-ssh-askpass-%{aversion}
|
||||
xmkmf -a
|
||||
make
|
||||
popd
|
||||
%endif
|
||||
|
||||
%if ! %{no_gnome_askpass}
|
||||
pushd contrib
|
||||
gcc $RPM_OPT_FLAGS `gnome-config --cflags gnome gnomeui` \
|
||||
gnome-ssh-askpass.c -o gnome-ssh-askpass \
|
||||
`gnome-config --libs gnome gnomeui`
|
||||
popd
|
||||
%endif
|
||||
|
||||
%install
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
mkdir -p -m755 $RPM_BUILD_ROOT%{_sysconfdir}/ssh
|
||||
mkdir -p -m755 $RPM_BUILD_ROOT%{_libexecdir}/openssh
|
||||
make install DESTDIR=$RPM_BUILD_ROOT
|
||||
|
||||
install -d $RPM_BUILD_ROOT/etc/pam.d/
|
||||
install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
|
||||
install -d $RPM_BUILD_ROOT%{_libexecdir}/openssh
|
||||
%if ! %{build6x}
|
||||
install -m644 contrib/redhat/sshd.pam-7.x $RPM_BUILD_ROOT/etc/pam.d/sshd
|
||||
%else
|
||||
install -m644 contrib/redhat/sshd.pam $RPM_BUILD_ROOT/etc/pam.d/sshd
|
||||
%endif
|
||||
install -m755 $RPM_SOURCE_DIR/openssh.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
|
||||
|
||||
%if ! %{no_x11_askpass}
|
||||
install -s x11-ssh-askpass-%{aversion}/x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/x11-ssh-askpass
|
||||
ln -s x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/ssh-askpass
|
||||
%endif
|
||||
|
||||
%if ! %{no_gnome_askpass}
|
||||
install -s contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/gnome-ssh-askpass
|
||||
%endif
|
||||
|
||||
install -d $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
|
||||
install -m 755 %{SOURCE3} %{SOURCE4} $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
|
||||
|
||||
perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/*
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%triggerun server -- ssh-server
|
||||
if [ "$1" != 0 -a -r /var/run/sshd.pid ] ; then
|
||||
touch /var/run/sshd.restart
|
||||
fi
|
||||
|
||||
%triggerun server -- openssh-server < 2.5.0p1
|
||||
# Count the number of HostKey and HostDsaKey statements we have.
|
||||
gawk 'BEGIN {IGNORECASE=1}
|
||||
/^hostkey/ || /^hostdsakey/ {sawhostkey = sawhostkey + 1}
|
||||
END {exit sawhostkey}' /etc/ssh/sshd_config
|
||||
# And if we only found one, we know the client was relying on the old default
|
||||
# behavior, which loaded the the SSH2 DSA host key when HostDsaKey wasn't
|
||||
# specified. Now that HostKey is used for both SSH1 and SSH2 keys, specifying
|
||||
# one nullifies the default, which would have loaded both.
|
||||
if [ $? -eq 1 ] ; then
|
||||
echo HostKey /etc/ssh/ssh_host_rsa_key >> /etc/ssh/sshd_config
|
||||
echo HostKey /etc/ssh/ssh_host_dsa_key >> /etc/ssh/sshd_config
|
||||
fi
|
||||
|
||||
%triggerpostun server -- ssh-server
|
||||
if [ "$1" != 0 ] ; then
|
||||
/sbin/chkconfig --add sshd
|
||||
if test -f /var/run/sshd.restart ; then
|
||||
rm -f /var/run/sshd.restart
|
||||
/sbin/service sshd start > /dev/null 2>&1 || :
|
||||
fi
|
||||
fi
|
||||
|
||||
%post server
|
||||
/sbin/chkconfig --add sshd
|
||||
|
||||
%postun server
|
||||
/sbin/service sshd condrestart > /dev/null 2>&1 || :
|
||||
|
||||
%preun server
|
||||
if [ "$1" = 0 ]
|
||||
then
|
||||
/sbin/service sshd stop > /dev/null 2>&1 || :
|
||||
/sbin/chkconfig --del sshd
|
||||
fi
|
||||
|
||||
%files
|
||||
%defattr(-,root,root)
|
||||
%doc CREDITS ChangeLog INSTALL LICENCE OVERVIEW README* RFC* TODO WARNING*
|
||||
%attr(0755,root,root) %{_bindir}/scp
|
||||
%attr(0644,root,root) %{_mandir}/man1/scp.1*
|
||||
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
|
||||
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/primes
|
||||
%if ! %{rescue}
|
||||
%attr(0755,root,root) %{_bindir}/ssh-keygen
|
||||
%attr(0644,root,root) %{_mandir}/man1/ssh-keygen.1*
|
||||
%attr(0755,root,root) %dir %{_libexecdir}/openssh
|
||||
%endif
|
||||
|
||||
%files clients
|
||||
%defattr(-,root,root)
|
||||
%attr(4755,root,root) %{_bindir}/ssh
|
||||
%attr(0644,root,root) %{_mandir}/man1/ssh.1*
|
||||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
|
||||
%attr(-,root,root) %{_bindir}/slogin
|
||||
%attr(-,root,root) %{_mandir}/man1/slogin.1*
|
||||
%if ! %{rescue}
|
||||
%attr(0755,root,root) %{_bindir}/ssh-agent
|
||||
%attr(0755,root,root) %{_bindir}/ssh-add
|
||||
%attr(0755,root,root) %{_bindir}/ssh-keyscan
|
||||
%attr(0755,root,root) %{_bindir}/sftp
|
||||
%attr(0644,root,root) %{_mandir}/man1/ssh-agent.1*
|
||||
%attr(0644,root,root) %{_mandir}/man1/ssh-add.1*
|
||||
%attr(0644,root,root) %{_mandir}/man1/ssh-keyscan.1*
|
||||
%attr(0644,root,root) %{_mandir}/man1/sftp.1*
|
||||
%endif
|
||||
|
||||
%if ! %{rescue}
|
||||
%files server
|
||||
%defattr(-,root,root)
|
||||
%attr(0755,root,root) %{_sbindir}/sshd
|
||||
%attr(0755,root,root) %{_libexecdir}/openssh/sftp-server
|
||||
%attr(0644,root,root) %{_mandir}/man8/sshd.8*
|
||||
%attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
|
||||
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
|
||||
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
|
||||
%attr(0600,root,root) %config(noreplace) /etc/pam.d/sshd
|
||||
%attr(0755,root,root) %config /etc/rc.d/init.d/sshd
|
||||
%endif
|
||||
|
||||
%if ! %{no_x11_askpass}
|
||||
%files askpass
|
||||
%defattr(-,root,root)
|
||||
%doc x11-ssh-askpass-%{aversion}/README
|
||||
%doc x11-ssh-askpass-%{aversion}/ChangeLog
|
||||
%doc x11-ssh-askpass-%{aversion}/SshAskpass*.ad
|
||||
%attr(0755,root,root) %{_libexecdir}/openssh/ssh-askpass
|
||||
%attr(0755,root,root) %{_libexecdir}/openssh/x11-ssh-askpass
|
||||
%endif
|
||||
|
||||
%if ! %{no_gnome_askpass}
|
||||
%files askpass-gnome
|
||||
%defattr(-,root,root)
|
||||
%attr(0755,root,root) %{_sysconfdir}/profile.d/gnome-ssh-askpass.*
|
||||
%attr(0755,root,root) %{_libexecdir}/openssh/gnome-ssh-askpass
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Fri Mar 30 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- add pam_limits back to the PAM configuration
|
||||
|
||||
* Wed Mar 28 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- tweak the init script because 7.0's initscripts daemon() function
|
||||
isn't as smart as it should be
|
||||
|
||||
* Mon Mar 26 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- build for a 7.0 errata
|
||||
|
||||
* Fri Mar 23 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- make do_pam_setcred() smart enough to know when to establish creds and
|
||||
when to reinitialize them
|
||||
- add in a couple of other fixes from Damien for inclusion in the errata
|
||||
|
||||
* Thu Mar 22 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- update to 2.5.2p2
|
||||
- call setcred() again after initgroups, because the "creds" could actually
|
||||
be group memberships
|
||||
|
||||
* Tue Mar 20 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- update to 2.5.2p1 (includes endianness fixes in the rijndael implementation)
|
||||
- don't enable challenge-response by default until we find a way to not
|
||||
have too many userauth requests (we may make up to six pubkey and up to
|
||||
three password attempts as it is)
|
||||
- remove build dependency on rsh to match openssh.com's packages more closely
|
||||
|
||||
* Sat Mar 3 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- remove dependency on openssl -- would need to be too precise
|
||||
|
||||
* Fri Mar 2 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- rebuild in new environment
|
||||
|
||||
* Mon Feb 26 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Revert the patch to move pam_open_session.
|
||||
- Init script and spec file changes from Pekka Savola. (#28750)
|
||||
- Patch sftp to recognize '-o protocol' arguments. (#29540)
|
||||
|
||||
* Thu Feb 22 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Chuck the closing patch.
|
||||
- Add a trigger to add host keys for protocol 2 to the config file, now that
|
||||
configuration file syntax requires us to specify it with HostKey if we
|
||||
specify any other HostKey values, which we do.
|
||||
|
||||
* Tue Feb 20 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Redo patch to move pam_open_session after the server setuid()s to the user.
|
||||
- Rework the nopam patch to use be picked up by autoconf.
|
||||
|
||||
* Mon Feb 19 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Update for 2.5.1p1.
|
||||
- Add init script mods from Pekka Savola.
|
||||
- Tweak the init script to match the CVS contrib script more closely.
|
||||
- Redo patch to ssh-add to try to adding both identity and id_dsa to also try
|
||||
adding id_rsa.
|
||||
|
||||
* Fri Feb 16 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Update for 2.5.0p1.
|
||||
- Use $RPM_OPT_FLAGS instead of -O when building gnome-ssh-askpass
|
||||
- Resync with parts of Damien Miller's openssh.spec from CVS, including
|
||||
update of x11 askpass to 1.2.0.
|
||||
- Only require openssl (don't prereq) because we generate keys in the init
|
||||
script now.
|
||||
|
||||
* Tue Feb 13 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Don't open a PAM session until we've forked and become the user (#25690).
|
||||
- Apply Andrew Bartlett's patch for letting pam_authenticate() know which
|
||||
host the user is attempting a login from.
|
||||
- Resync with parts of Damien Miller's openssh.spec from CVS.
|
||||
- Don't expose KbdInt responses in debug messages (from CVS).
|
||||
- Detect and handle errors in rsa_{public,private}_decrypt (from CVS).
|
||||
|
||||
* Wed Feb 7 2001 Trond Eivind Glomsr)Bød <teg@redhat.com>
|
||||
- i18n-tweak to initscript.
|
||||
|
||||
* Tue Jan 23 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- More gettextizing.
|
||||
- Close all files after going into daemon mode (needs more testing).
|
||||
- Extract patch from CVS to handle auth banners (in the client).
|
||||
- Extract patch from CVS to handle compat weirdness.
|
||||
|
||||
* Fri Jan 19 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Finish with the gettextizing.
|
||||
|
||||
* Thu Jan 18 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Fix a bug in auth2-pam.c (#23877)
|
||||
- Gettextize the init script.
|
||||
|
||||
* Wed Dec 20 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Incorporate a switch for using PAM configs for 6.x, just in case.
|
||||
|
||||
* Tue Dec 5 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Incorporate Bero's changes for a build specifically for rescue CDs.
|
||||
|
||||
* Wed Nov 29 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Don't treat pam_setcred() failure as fatal unless pam_authenticate() has
|
||||
succeeded, to allow public-key authentication after a failure with "none"
|
||||
authentication. (#21268)
|
||||
|
||||
* Tue Nov 28 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Update to x11-askpass 1.1.1. (#21301)
|
||||
- Don't second-guess fixpaths, which causes paths to get fixed twice. (#21290)
|
||||
|
||||
* Mon Nov 27 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Merge multiple PAM text messages into subsequent prompts when possible when
|
||||
doing keyboard-interactive authentication.
|
||||
|
||||
* Sun Nov 26 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Disable the built-in MD5 password support. We're using PAM.
|
||||
- Take a crack at doing keyboard-interactive authentication with PAM, and
|
||||
enable use of it in the default client configuration so that the client
|
||||
will try it when the server disallows password authentication.
|
||||
- Build with debugging flags. Build root policies strip all binaries anyway.
|
||||
|
||||
* Tue Nov 21 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Use DESTDIR instead of %%makeinstall.
|
||||
- Remove /usr/X11R6/bin from the path-fixing patch.
|
||||
@ -262,150 +581,3 @@ This package contains the GNOME passphrase dialog.
|
||||
|
||||
* Wed Oct 27 1999 Damien Miller <djm@ibs.com.au>
|
||||
- Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec.
|
||||
|
||||
%prep
|
||||
%if ! %{no_x11_askpass}
|
||||
%setup -q -a 1
|
||||
%else
|
||||
%setup -q
|
||||
%endif
|
||||
%patch0 -p1 -b .redhat
|
||||
%patch1 -p1 -b .agent
|
||||
%patch2 -p1 -b .keygen-dsa
|
||||
%patch3 -p1 -b .authpriv
|
||||
%patch4 -p1 -b .path
|
||||
autoconf
|
||||
|
||||
%build
|
||||
|
||||
%configure \
|
||||
--sysconfdir=%{_sysconfdir}/ssh \
|
||||
--libexecdir=%{_libexecdir}/openssh \
|
||||
--with-tcp-wrappers \
|
||||
--with-ipv4-default \
|
||||
--with-md5-passwords \
|
||||
--with-rsh=/usr/bin/rsh
|
||||
make
|
||||
|
||||
%if ! %{no_x11_askpass}
|
||||
pushd x11-ssh-askpass-%{aversion}
|
||||
xmkmf -a
|
||||
make
|
||||
popd
|
||||
%endif
|
||||
|
||||
%if ! %{no_gnome_askpass}
|
||||
pushd contrib
|
||||
gcc -O -g `gnome-config --cflags gnome gnomeui` \
|
||||
gnome-ssh-askpass.c -o gnome-ssh-askpass \
|
||||
`gnome-config --libs gnome gnomeui`
|
||||
popd
|
||||
%endif
|
||||
|
||||
%install
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
mkdir -p -m755 sysconfdir=$RPM_BUILD_ROOT%{_sysconfdir}/ssh
|
||||
mkdir -p -m755 sysconfdir=$RPM_BUILD_ROOT%{_libexecdir}/openssh
|
||||
make install DESTDIR=$RPM_BUILD_ROOT
|
||||
|
||||
install -d $RPM_BUILD_ROOT/etc/pam.d/
|
||||
install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
|
||||
install -d $RPM_BUILD_ROOT%{_libexecdir}/openssh
|
||||
install -m644 contrib/redhat/sshd.pam $RPM_BUILD_ROOT/etc/pam.d/sshd
|
||||
install -m755 $RPM_SOURCE_DIR/openssh.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
|
||||
install -m600 $RPM_SOURCE_DIR/openssh.primes $RPM_BUILD_ROOT%{_sysconfdir}/ssh/primes
|
||||
|
||||
%if ! %{no_x11_askpass}
|
||||
install -s x11-ssh-askpass-%{aversion}/x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/x11-ssh-askpass
|
||||
ln -s x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/ssh-askpass
|
||||
%endif
|
||||
|
||||
%if ! %{no_gnome_askpass}
|
||||
install -s contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/gnome-ssh-askpass
|
||||
%endif
|
||||
|
||||
install -d $RPM_BUILD_ROOT/etc/profile.d/
|
||||
install -m 755 %{SOURCE3} %{SOURCE4} $RPM_BUILD_ROOT/etc/profile.d/
|
||||
|
||||
perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/*
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%triggerun server -- ssh-server
|
||||
if [ "$1" != 0 -a -r /var/run/sshd.pid ] ; then
|
||||
touch /var/run/sshd.restart
|
||||
fi
|
||||
|
||||
%triggerpostun server -- ssh-server
|
||||
if [ "$1" != 0 ] ; then
|
||||
/sbin/chkconfig --add sshd
|
||||
if test -f /var/run/sshd.restart ; then
|
||||
rm -f /var/run/sshd.restart
|
||||
/sbin/service sshd start > /dev/null 2>&1 || :
|
||||
fi
|
||||
fi
|
||||
|
||||
%post server
|
||||
/sbin/chkconfig --add sshd
|
||||
|
||||
%postun server
|
||||
/sbin/service sshd condrestart > /dev/null 2>&1 || :
|
||||
|
||||
%preun server
|
||||
if [ "$1" = 0 ]
|
||||
then
|
||||
/sbin/service sshd stop > /dev/null 2>&1 || :
|
||||
/sbin/chkconfig --del sshd
|
||||
fi
|
||||
|
||||
%files
|
||||
%defattr(-,root,root)
|
||||
%doc COPYING* CREDITS ChangeLog INSTALL LICENCE OVERVIEW RFC* TODO WARNING*
|
||||
|
||||
%attr(0755,root,root) %{_bindir}/ssh-keygen
|
||||
%attr(0755,root,root) %{_bindir}/scp
|
||||
%attr(0644,root,root) %{_mandir}/man1/ssh-keygen.1*
|
||||
%attr(0644,root,root) %{_mandir}/man1/scp.1*
|
||||
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
|
||||
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/primes
|
||||
%attr(0755,root,root) %dir %{_libexecdir}/openssh
|
||||
|
||||
%files clients
|
||||
%defattr(-,root,root)
|
||||
%attr(4755,root,root) %{_bindir}/ssh
|
||||
%attr(0755,root,root) %{_bindir}/ssh-agent
|
||||
%attr(0755,root,root) %{_bindir}/ssh-add
|
||||
%attr(0644,root,root) %{_mandir}/man1/ssh.1*
|
||||
%attr(0644,root,root) %{_mandir}/man1/ssh-agent.1*
|
||||
%attr(0644,root,root) %{_mandir}/man1/ssh-add.1*
|
||||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
|
||||
%attr(-,root,root) %{_bindir}/slogin
|
||||
%attr(-,root,root) %{_mandir}/man1/slogin.1*
|
||||
|
||||
%files server
|
||||
%defattr(-,root,root)
|
||||
%attr(0755,root,root) %{_sbindir}/sshd
|
||||
%attr(0755,root,root) %{_libexecdir}/openssh/sftp-server
|
||||
%attr(0644,root,root) %{_mandir}/man8/sshd.8*
|
||||
%attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
|
||||
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
|
||||
%attr(0600,root,root) %config(noreplace) /etc/pam.d/sshd
|
||||
%attr(0755,root,root) %config /etc/rc.d/init.d/sshd
|
||||
|
||||
%if ! %{no_x11_askpass}
|
||||
%files askpass
|
||||
%defattr(-,root,root)
|
||||
%doc x11-ssh-askpass-%{aversion}/README
|
||||
%doc x11-ssh-askpass-%{aversion}/ChangeLog
|
||||
%doc x11-ssh-askpass-%{aversion}/SshAskpass*.ad
|
||||
%attr(0755,root,root) %{_libexecdir}/openssh/ssh-askpass
|
||||
%attr(0755,root,root) %{_libexecdir}/openssh/x11-ssh-askpass
|
||||
%endif
|
||||
|
||||
%if ! %{no_gnome_askpass}
|
||||
%files askpass-gnome
|
||||
%defattr(-,root,root)
|
||||
%attr(0755,root,root) %{_sysconfdir}/profile.d/gnome-ssh-askpass.*
|
||||
%attr(0755,root,root) %{_libexecdir}/openssh/gnome-ssh-askpass
|
||||
%endif
|
||||
|
Loading…
Reference in New Issue
Block a user