]>
Commit | Line | Data |
---|---|---|
3c0ef626 | 1 | # Version of OpenSSH |
e9a17296 | 2 | %define oversion 3.1p1 |
3c0ef626 | 3 | |
4 | # Version of ssh-askpass | |
5 | %define aversion 1.2.4.1 | |
6 | ||
7 | # Do we want to disable building of x11-askpass? (1=yes 0=no) | |
8 | %define no_x11_askpass 0 | |
9 | ||
10 | # Do we want to disable building of gnome-askpass? (1=yes 0=no) | |
11 | %define no_gnome_askpass 0 | |
12 | ||
13 | # Do we want to link against a static libcrypto? (1=yes 0=no) | |
14 | %define static_libcrypto 0 | |
15 | ||
16 | # Do we want smartcard support (1=yes 0=no) | |
17 | %define scard 0 | |
18 | ||
19 | # Use Redhat 7.0 pam control file | |
20 | %define redhat7 0 | |
21 | ||
22 | # Disable IPv6 (avoids DNS hangs on some glibc versions) | |
23 | %define noip6 0 | |
24 | ||
25 | # Reserve options to override askpass settings with: | |
26 | # rpm -ba|--rebuild --define 'skip_xxx 1' | |
27 | %{?skip_x11_askpass:%define no_x11_askpass 1} | |
28 | %{?skip_gnome_askpass:%define no_gnome_askpass 1} | |
29 | ||
30 | # Options for Redhat version: | |
31 | # rpm -ba|--rebuild --define "rh7 1" | |
32 | %{?rh7:%define redhat7 1} | |
33 | ||
34 | # Options for static OpenSSL link: | |
35 | # rpm -ba|--rebuild --define "static_openssl 1" | |
36 | %{?static_openssl:%define static_libcrypto 1} | |
37 | ||
38 | # Options for Smartcard support: (needs libsectok and openssl-engine) | |
39 | # rpm -ba|--rebuild --define "smartcard 1" | |
40 | %{?smartcard:%define scard 1} | |
41 | ||
42 | # Option to disable ipv6 | |
43 | # rpm -ba|--rebuild --define "noipv6 1" | |
44 | %{?noipv6:%define noip6 1} | |
45 | ||
46 | %define exact_openssl_version %(rpm -q openssl | cut -d - -f 2) | |
47 | ||
48 | Summary: The OpenSSH implementation of SSH protocol versions 1 and 2 | |
49 | Name: openssh | |
50 | Version: %{oversion} | |
51 | Release: 1 | |
52 | Packager: Damien Miller <djm@mindrot.org> | |
53 | URL: http://www.openssh.com/portable.html | |
54 | Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{oversion}.tar.gz | |
55 | %if ! %{no_x11_askpass} | |
56 | Source1: http://www.pobox.com/~jmknoble/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz | |
57 | %endif | |
58 | License: BSD | |
59 | Group: Applications/Internet | |
60 | BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot | |
61 | Obsoletes: ssh | |
62 | BuildPreReq: perl, openssl-devel, tcp_wrappers | |
63 | BuildPreReq: /bin/login, /usr/include/security/pam_appl.h | |
64 | BuildPreReq: rpm >= 3.0.5 | |
65 | %if ! %{no_x11_askpass} | |
66 | BuildPreReq: XFree86-devel | |
67 | %endif | |
68 | %if ! %{no_gnome_askpass} | |
69 | BuildPreReq: gnome-libs-devel | |
70 | %endif | |
71 | %if ! %{static_libcrypto} | |
72 | PreReq: openssl >= 0.9.5a | |
73 | PreReq: openssl = %{exact_openssl_version} | |
74 | Requires: openssl >= 0.9.5a | |
75 | %endif | |
76 | Requires: rpm >= 3.0.5 | |
77 | ||
78 | %package clients | |
79 | Summary: OpenSSH clients. | |
80 | Requires: openssh = %{version}-%{release} | |
81 | Group: Applications/Internet | |
82 | Obsoletes: ssh-clients | |
83 | ||
84 | %package server | |
85 | Summary: The OpenSSH server daemon. | |
86 | Group: System Environment/Daemons | |
87 | Obsoletes: ssh-server | |
88 | PreReq: openssh = %{version}-%{release}, chkconfig >= 0.9 | |
89 | %if %{redhat7} | |
90 | Requires: /etc/pam.d/system-auth | |
91 | %endif | |
92 | ||
93 | %package askpass | |
94 | Summary: A passphrase dialog for OpenSSH and X. | |
95 | Group: Applications/Internet | |
96 | Requires: openssh = %{version}-%{release} | |
97 | Obsoletes: ssh-extras | |
98 | ||
99 | %package askpass-gnome | |
100 | Summary: A passphrase dialog for OpenSSH, X, and GNOME. | |
101 | Group: Applications/Internet | |
102 | Requires: openssh = %{version}-%{release} | |
103 | Obsoletes: ssh-extras | |
104 | ||
105 | %description | |
106 | OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. SSH | |
107 | replaces rlogin and rsh, to provide secure encrypted communications | |
108 | between two untrusted hosts over an insecure network. X11 connections | |
109 | and arbitrary TCP/IP ports can also be forwarded over the secure | |
110 | channel. Public key authentication may be used for "passwordless" | |
111 | access to servers. | |
112 | ||
113 | This package includes the core files necessary for both the OpenSSH | |
114 | client and server. To make this package useful, you should also | |
115 | install openssh-clients, openssh-server, or both. | |
116 | ||
117 | %description clients | |
118 | OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. | |
119 | ||
120 | This package includes the clients necessary to make encrypted | |
121 | connections to SSH protocol servers. You'll also need to install the | |
122 | openssh package on OpenSSH clients. | |
123 | ||
124 | %description server | |
125 | OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. | |
126 | ||
127 | This package contains the secure shell daemon (sshd). The sshd daemon | |
128 | allows SSH clients to securely connect to your SSH server. You also | |
129 | need to have the openssh package installed. | |
130 | ||
131 | %description askpass | |
132 | OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. | |
133 | ||
134 | This package contains an X11 passphrase dialog for OpenSSH. | |
135 | ||
136 | %description askpass-gnome | |
137 | OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. | |
138 | ||
139 | This package contains an X11 passphrase dialog for OpenSSH and the | |
140 | GNOME GUI desktop environment. | |
141 | ||
142 | %prep | |
143 | ||
144 | %if ! %{no_x11_askpass} | |
145 | %setup -q -a 1 | |
146 | %else | |
147 | %setup -q | |
148 | %endif | |
149 | ||
150 | %build | |
151 | ||
152 | %define _sysconfdir /etc/ssh | |
153 | ||
154 | EXTRA_OPTS="" | |
155 | ||
156 | %if %{scard} | |
157 | EXTRA_OPTS="$EXTRA_OPTS --with-smartcard" | |
158 | %endif | |
159 | ||
160 | %if %{noip6} | |
161 | EXTRA_OPTS="$EXTRA_OPTS --with-ipv4-default " | |
162 | %endif | |
163 | ||
164 | %configure \ | |
165 | --libexecdir=%{_libexecdir}/openssh \ | |
166 | --datadir=%{_datadir}/openssh \ | |
167 | --with-pam \ | |
168 | --with-tcp-wrappers \ | |
169 | --with-rsh=/usr/bin/rsh \ | |
170 | --with-default-path=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin \ | |
171 | $EXTRA_OPTS | |
172 | ||
173 | %if %{static_libcrypto} | |
174 | perl -pi -e "s|-lcrypto|/usr/lib/libcrypto.a|g" Makefile | |
175 | %endif | |
176 | ||
177 | make | |
178 | ||
179 | %if ! %{no_x11_askpass} | |
180 | pushd x11-ssh-askpass-%{aversion} | |
181 | %configure \ | |
182 | --libexecdir=%{_libexecdir}/openssh | |
183 | xmkmf -a | |
184 | make | |
185 | popd | |
186 | %endif | |
187 | ||
188 | %if ! %{no_gnome_askpass} | |
189 | pushd contrib | |
190 | gcc -O -g `gnome-config --cflags gnome gnomeui` \ | |
191 | gnome-ssh-askpass.c -o gnome-ssh-askpass \ | |
192 | `gnome-config --libs gnome gnomeui` | |
193 | popd | |
194 | %endif | |
195 | ||
196 | %install | |
197 | rm -rf $RPM_BUILD_ROOT | |
198 | %{makeinstall} \ | |
199 | libexecdir=$RPM_BUILD_ROOT%{_libexecdir}/openssh \ | |
200 | datadir=$RPM_BUILD_ROOT%{_datadir}/openssh \ | |
201 | DESTDIR=/ # Hack to disable key generation | |
202 | ||
203 | ||
204 | install -d $RPM_BUILD_ROOT/etc/pam.d/ | |
205 | install -d $RPM_BUILD_ROOT/etc/rc.d/init.d | |
206 | install -d $RPM_BUILD_ROOT%{_libexecdir}/openssh | |
207 | %if %{redhat7} | |
208 | install -m644 contrib/redhat/sshd.pam-7.x $RPM_BUILD_ROOT/etc/pam.d/sshd | |
209 | %else | |
210 | install -m644 contrib/redhat/sshd.pam $RPM_BUILD_ROOT/etc/pam.d/sshd | |
211 | %endif | |
212 | install -m755 contrib/redhat/sshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd | |
213 | ||
214 | %if ! %{no_x11_askpass} | |
215 | install -s x11-ssh-askpass-%{aversion}/x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/x11-ssh-askpass | |
216 | ln -s /usr/libexec/openssh/x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/ssh-askpass | |
217 | %endif | |
218 | ||
219 | %if ! %{no_gnome_askpass} | |
220 | install -s contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/gnome-ssh-askpass | |
221 | %endif | |
222 | ||
223 | perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/* | |
224 | ||
225 | %clean | |
226 | rm -rf $RPM_BUILD_ROOT | |
227 | ||
228 | %post server | |
229 | /sbin/chkconfig --add sshd | |
230 | if test -r /var/run/sshd.pid ; then | |
231 | /etc/rc.d/init.d/sshd restart >&2 | |
232 | fi | |
233 | ||
234 | %preun server | |
235 | if [ "$1" = 0 ] ; then | |
236 | /etc/rc.d/init.d/sshd stop >&2 | |
237 | /sbin/chkconfig --del sshd | |
238 | fi | |
239 | ||
240 | %files | |
241 | %defattr(-,root,root) | |
242 | %doc CREDITS ChangeLog INSTALL LICENCE OVERVIEW README* RFC* TODO WARNING* | |
243 | %attr(0755,root,root) %{_bindir}/ssh-keygen | |
244 | %attr(0755,root,root) %{_bindir}/scp | |
245 | %attr(0644,root,root) %{_mandir}/man1/ssh-keygen.1* | |
246 | %attr(0644,root,root) %{_mandir}/man1/scp.1* | |
247 | %attr(0755,root,root) %dir %{_sysconfdir} | |
248 | %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/moduli | |
249 | %attr(0755,root,root) %dir %{_libexecdir}/openssh | |
250 | %if %{scard} | |
251 | %attr(0755,root,root) %dir %{_datadir}/openssh | |
252 | %attr(0644,root,root) %{_datadir}/openssh/Ssh.bin | |
253 | %endif | |
254 | ||
255 | %files clients | |
256 | %defattr(-,root,root) | |
257 | %attr(4755,root,root) %{_bindir}/ssh | |
258 | %attr(0755,root,root) %{_bindir}/ssh-agent | |
259 | %attr(0755,root,root) %{_bindir}/ssh-add | |
260 | %attr(0755,root,root) %{_bindir}/ssh-keyscan | |
261 | %attr(0755,root,root) %{_bindir}/sftp | |
262 | %attr(0644,root,root) %{_mandir}/man1/ssh.1* | |
263 | %attr(0644,root,root) %{_mandir}/man1/ssh-agent.1* | |
264 | %attr(0644,root,root) %{_mandir}/man1/ssh-add.1* | |
265 | %attr(0644,root,root) %{_mandir}/man1/ssh-keyscan.1* | |
266 | %attr(0644,root,root) %{_mandir}/man1/sftp.1* | |
267 | %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh_config | |
268 | %attr(-,root,root) %{_bindir}/slogin | |
269 | %attr(-,root,root) %{_mandir}/man1/slogin.1* | |
270 | ||
271 | %files server | |
272 | %defattr(-,root,root) | |
273 | %attr(0755,root,root) %{_sbindir}/sshd | |
274 | %attr(0755,root,root) %{_libexecdir}/openssh/sftp-server | |
275 | %attr(0644,root,root) %{_mandir}/man8/sshd.8* | |
276 | %attr(0644,root,root) %{_mandir}/man8/sftp-server.8* | |
277 | #%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/sshd_config | |
278 | %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/sshd_config | |
279 | %attr(0600,root,root) %config(noreplace) /etc/pam.d/sshd | |
280 | %attr(0755,root,root) %config /etc/rc.d/init.d/sshd | |
281 | ||
282 | %if ! %{no_x11_askpass} | |
283 | %files askpass | |
284 | %defattr(-,root,root) | |
285 | %doc x11-ssh-askpass-%{aversion}/README | |
286 | %doc x11-ssh-askpass-%{aversion}/ChangeLog | |
287 | %doc x11-ssh-askpass-%{aversion}/SshAskpass*.ad | |
288 | %attr(0755,root,root) %{_libexecdir}/openssh/ssh-askpass | |
289 | %attr(0755,root,root) %{_libexecdir}/openssh/x11-ssh-askpass | |
290 | %endif | |
291 | ||
292 | %if ! %{no_gnome_askpass} | |
293 | %files askpass-gnome | |
294 | %defattr(-,root,root) | |
295 | %attr(0755,root,root) %{_libexecdir}/openssh/gnome-ssh-askpass | |
296 | %endif | |
297 | ||
298 | %changelog | |
299 | * Mon Oct 18 2000 Damien Miller <djm@mindrot.org> | |
300 | - Merge some of Nalin Dahyabhai <nalin@redhat.com> changes from the | |
301 | Redhat 7.0 spec file | |
302 | * Tue Sep 05 2000 Damien Miller <djm@mindrot.org> | |
303 | - Use RPM configure macro | |
304 | * Tue Aug 08 2000 Damien Miller <djm@mindrot.org> | |
305 | - Some surgery to sshd.init (generate keys at runtime) | |
306 | - Cleanup of groups and removal of keygen calls | |
307 | * Wed Jul 12 2000 Damien Miller <djm@mindrot.org> | |
308 | - Make building of X11-askpass and gnome-askpass optional | |
309 | * Mon Jun 12 2000 Damien Miller <djm@mindrot.org> | |
310 | - Glob manpages to catch compressed files | |
311 | * Wed Mar 15 2000 Damien Miller <djm@ibs.com.au> | |
312 | - Updated for new location | |
313 | - Updated for new gnome-ssh-askpass build | |
314 | * Sun Dec 26 1999 Damien Miller <djm@mindrot.org> | |
315 | - Added Jim Knoble's <jmknoble@pobox.com> askpass | |
316 | * Mon Nov 15 1999 Damien Miller <djm@mindrot.org> | |
317 | - Split subpackages further based on patch from jim knoble <jmknoble@pobox.com> | |
318 | * Sat Nov 13 1999 Damien Miller <djm@mindrot.org> | |
319 | - Added 'Obsoletes' directives | |
320 | * Tue Nov 09 1999 Damien Miller <djm@ibs.com.au> | |
321 | - Use make install | |
322 | - Subpackages | |
323 | * Mon Nov 08 1999 Damien Miller <djm@ibs.com.au> | |
324 | - Added links for slogin | |
325 | - Fixed perms on manpages | |
326 | * Sat Oct 30 1999 Damien Miller <djm@ibs.com.au> | |
327 | - Renamed init script | |
328 | * Fri Oct 29 1999 Damien Miller <djm@ibs.com.au> | |
329 | - Back to old binary names | |
330 | * Thu Oct 28 1999 Damien Miller <djm@ibs.com.au> | |
331 | - Use autoconf | |
332 | - New binary names | |
333 | * Wed Oct 27 1999 Damien Miller <djm@ibs.com.au> | |
334 | - Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec. | |
335 |