# $Id$
+# uncomment if you run a non bourne compatable shell. Ie. csh
+#SHELL = @SH@
+
+AUTORECONF=autoreconf
+
prefix=@prefix@
exec_prefix=@exec_prefix@
bindir=@bindir@
datadir=@datadir@
mandir=@mandir@
mansubdir=@mansubdir@
-sysconfdir=@sysconfdir@
+sysconfdir=$$GLOBUS_LOCATION/etc/ssh
+docdir=$$GLOBUS_LOCATION/doc/gsi_openssh
piddir=@piddir@
srcdir=@srcdir@
top_srcdir=@top_srcdir@
SSH_PROGRAM=@bindir@/ssh
ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass
SFTP_SERVER=$(libexecdir)/sftp-server
+SSH_KEYSIGN=$(libexecdir)/ssh-keysign
+RAND_HELPER=$(libexecdir)/ssh-rand-helper
+PRIVSEP_PATH=@PRIVSEP_PATH@
+SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
-PATHS= -DSSHDIR=\"$(sysconfdir)\" \
- -D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \
- -D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \
- -D_PATH_SFTP_SERVER=\"$(SFTP_SERVER)\" \
- -D_PATH_SSH_PIDDIR=\"$(piddir)\" \
- -DSSH_RAND_HELPER=\"$(libexecdir)/ssh-rand-helper\"
+PATHS= -D_PATH_SSH_PIDDIR=\"$(piddir)\" \
+ -D_PATH_PRIVSEP_CHROOT_DIR=\"$(PRIVSEP_PATH)\"
CC=@CC@
LD=@LD@
XAUTH_PATH=@XAUTH_PATH@
LDFLAGS=-L. -Lopenbsd-compat/ @LDFLAGS@
EXEEXT=@EXEEXT@
-SSH_MODE= @SSHMODE@
INSTALL_SSH_PRNG_CMDS=@INSTALL_SSH_PRNG_CMDS@
INSTALL_SSH_RAND_HELPER=@INSTALL_SSH_RAND_HELPER@
+INSTALL_GSISSH=@INSTALL_GSISSH@
@NO_SFTP@SFTP_PROGS=sftp-server$(EXEEXT) sftp$(EXEEXT)
-TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} $(SFTP_PROGS)
+TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} $(SFTP_PROGS)
-LIBSSH_OBJS=atomicio.o authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o dh.o dispatch.o fatal.o mac.o hostfile.o key.o kex.o kexdh.o kexgex.o log.o match.o misc.o mpaux.o nchan.o packet.o radix.o rijndael.o entropy.o readpass.o rsa.o scard.o ssh-dss.o ssh-rsa.o tildexpand.o ttymodes.o uidswap.o uuencode.o xmalloc.o kexgss.o gss-genr.o
+LIBSSH_OBJS=atomicio.o authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o dh.o dispatch.o fatal.o mac.o msg.o hostfile.o key.o kex.o kexdh.o kexgex.o log.o match.o misc.o mpaux.o nchan.o packet.o radix.o rijndael.o entropy.o readpass.o rsa.o scard.o scard-opensc.o ssh-dss.o ssh-rsa.o tildexpand.o ttymodes.o uidswap.o uuencode.o xmalloc.o monitor_wrap.o monitor_fdpass.o kexgss.o gss-genr.o pathnames.o
SSHOBJS= ssh.o sshconnect.o sshconnect1.o sshconnect2.o sshtty.o readconf.o clientloop.o
-SSHDOBJS= sshd.o auth.o auth1.o auth2.o auth-chall.o auth2-chall.o auth-rhosts.o auth-options.o auth-krb4.o auth-krb5.o auth-pam.o auth2-pam.o auth-passwd.o auth-rsa.o auth-rh-rsa.o auth-sia.o sshpty.o sshlogin.o loginrec.o servconf.o serverloop.o md5crypt.o session.o groupaccess.o auth-skey.o auth-bsdauth.o gss-serv.o
+SSHDOBJS= sshd.o auth.o auth1.o auth2.o auth2-hostbased.o auth2-kbdint.o auth2-none.o auth2-passwd.o auth2-pubkey.o auth-chall.o auth2-chall.o auth-rhosts.o auth-options.o auth-krb4.o auth-krb5.o auth-pam.o auth2-pam.o auth-passwd.o auth-rsa.o auth-rh-rsa.o auth-sia.o sshpty.o sshlogin.o loginrec.o servconf.o serverloop.o md5crypt.o session.o groupaccess.o auth-skey.o auth-bsdauth.o monitor_mm.o monitor.o auth2-gss.o gss-serv.o
-MANPAGES = scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out
-MANPAGES_IN = scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1
+MANPAGES = scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out sshd_config.5.out ssh_config.5.out
+MANPAGES_IN = scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 ssh-keysign.8 sshd_config.5 ssh_config.5
MANTYPE = @MANTYPE@
CONFIGFILES=sshd_config.out ssh_config.out moduli.out
CONFIGFILES_IN=sshd_config ssh_config moduli
PATHSUBS = \
- -D/etc/ssh/ssh_config=$(sysconfdir)/ssh_config \
- -D/etc/ssh/ssh_known_hosts=$(sysconfdir)/ssh_known_hosts \
- -D/etc/ssh/sshd_config=$(sysconfdir)/sshd_config \
+ -D/etc/ssh/ssh_prng_cmds='$(sysconfdir)'/ssh_prng_cmds \
+ -D/etc/ssh/ssh_config='$(sysconfdir)'/ssh_config \
+ -D/etc/ssh/ssh_known_hosts='$(sysconfdir)'/ssh_known_hosts \
+ -D/etc/ssh/sshd_config='$(sysconfdir)'/sshd_config \
-D/usr/libexec=$(libexecdir) \
- -D/etc/shosts.equiv=$(sysconfdir)/shosts.equiv \
- -D/etc/ssh/ssh_host_key=$(sysconfdir)/ssh_host_key \
- -D/etc/ssh/ssh_host_dsa_key=$(sysconfdir)/ssh_host_dsa_key \
- -D/etc/ssh/ssh_host_rsa_key=$(sysconfdir)/ssh_host_rsa_key \
+ -D/etc/shosts.equiv='$(sysconfdir)'/shosts.equiv \
+ -D/etc/ssh/ssh_host_key='$(sysconfdir)'/ssh_host_key \
+ -D/etc/ssh/ssh_host_dsa_key='$(sysconfdir)'/ssh_host_dsa_key \
+ -D/etc/ssh/ssh_host_rsa_key='$(sysconfdir)'/ssh_host_rsa_key \
-D/var/run/sshd.pid=$(piddir)/sshd.pid \
- -D/etc/ssh/moduli=$(sysconfdir)/moduli \
- -D/etc/ssh/sshrc=$(sysconfdir)/sshrc \
+ -D/etc/ssh/moduli='$(sysconfdir)'/moduli \
+ -D/etc/ssh/sshrc='$(sysconfdir)'/sshrc \
-D/usr/X11R6/bin/xauth=$(XAUTH_PATH) \
+ -D/var/empty=$(PRIVSEP_PATH) \
-D/usr/bin:/bin:/usr/sbin:/sbin=@user_path@
FIXPATHSCMD = $(PERL) $(srcdir)/fixpaths $(PATHSUBS)
all: $(CONFIGFILES) $(MANPAGES) $(TARGETS)
+gpt-all: $(CONFIGFILES) $(MANPAGES) $(TARGETS)
+
$(LIBSSH_OBJS): config.h
$(SSHOBJS): config.h
$(SSHDOBJS): config.h
ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o
$(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o
+ $(LD) -o $@ ssh-keysign.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+
ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o
$(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
done
distprep: catman-do
- autoreconf
+ $(AUTORECONF)
(cd scard && $(MAKE) -f Makefile.in distprep)
-install: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files host-key
+install: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files host-key check-user
install-nokeys: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files
+gpt-install: gpt-all gpt-install-files
+gpt-install-nokeys: gpt-all gpt-install-files
+
+check-user:
+ id $(SSH_PRIVSEP_USER) || \
+ echo "WARNING: Privilege separation user \"$(SSH_PRIVSEP_USER)\" does not exist"
+
scard-install:
(cd scard && $(MAKE) DESTDIR=$(DESTDIR) install)
$(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)
$(srcdir)/mkinstalldirs $(DESTDIR)$(datadir)
$(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)1
+ $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)5
$(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)8
$(srcdir)/mkinstalldirs $(DESTDIR)$(libexecdir)
- $(INSTALL) -m $(SSH_MODE) -s ssh $(DESTDIR)$(bindir)/ssh
+ $(srcdir)/mkinstalldirs $(DESTDIR)$(PRIVSEP_PATH)
+ chmod 0700 $(DESTDIR)$(PRIVSEP_PATH)
+ $(INSTALL) -m 0755 -s ssh $(DESTDIR)$(bindir)/ssh
$(INSTALL) -m 0755 -s scp $(DESTDIR)$(bindir)/scp
$(INSTALL) -m 0755 -s ssh-add $(DESTDIR)$(bindir)/ssh-add
$(INSTALL) -m 0755 -s ssh-agent $(DESTDIR)$(bindir)/ssh-agent
if test ! -z "$(INSTALL_SSH_RAND_HELPER)" ; then \
$(INSTALL) -m 0755 -s ssh-rand-helper $(DESTDIR)$(libexecdir)/ssh-rand-helper ; \
fi
+ $(INSTALL) -m 4711 -s ssh-keysign $(DESTDIR)$(SSH_KEYSIGN)
@NO_SFTP@$(INSTALL) -m 0755 -s sftp $(DESTDIR)$(bindir)/sftp
@NO_SFTP@$(INSTALL) -m 0755 -s sftp-server $(DESTDIR)$(SFTP_SERVER)
$(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
$(INSTALL) -m 644 ssh-agent.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1
$(INSTALL) -m 644 ssh-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
$(INSTALL) -m 644 ssh-keyscan.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
+ $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5
+ $(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5
$(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
+ if [ ! -z "$(INSTALL_SSH_RAND_HELPER)" ]; then \
+ $(INSTALL) -m 644 ssh-rand-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8 ; \
+ fi
@NO_SFTP@$(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
@NO_SFTP@$(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
+ $(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
-rm -f $(DESTDIR)$(bindir)/slogin
ln -s ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
ln -s ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
+ if [ ! -z "$(INSTALL_GSISSH)" ]; then \
+ rm -f $(DESTDIR)$(bindir)/gsissh; \
+ ln -s ssh$(EXEEXT) $(DESTDIR)$(bindir)/gsissh; \
+ rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/gsissh.1; \
+ ln -s ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/gsissh.1; \
+ rm -f $(DESTDIR)$(bindir)/gsiscp; \
+ ln -s scp$(EXEEXT) $(DESTDIR)$(bindir)/gsiscp; \
+ rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/gsiscp.1; \
+ ln -s scp.1 $(DESTDIR)$(mandir)/$(mansubdir)1/gsiscp.1; \
+ fi
if [ ! -d $(DESTDIR)$(sysconfdir) ]; then \
$(srcdir)/mkinstalldirs $(DESTDIR)$(sysconfdir); \
fi
echo "$(DESTDIR)$(sysconfdir)/moduli already exists, install will not overwrite"; \
fi
+#
+# gpt-install-files is install-files minus
+# o copying the configuration files
+# o copying the configuration file man pages
+# o the scard-install target
+# o creating and chmod'ing PRIVSEP_PATH
+# o removing the conditionals around ssh-rand-helper*
+# o install docs into $GL/doc/gsi_openssh
+#
+
+gpt-install-files:
+ $(srcdir)/mkinstalldirs $(DESTDIR)$(bindir)
+ $(srcdir)/mkinstalldirs $(DESTDIR)$(sbindir)
+ $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)
+ $(srcdir)/mkinstalldirs $(DESTDIR)$(datadir)
+ $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)1
+ $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)5
+ $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)8
+ $(srcdir)/mkinstalldirs $(DESTDIR)$(libexecdir)
+ $(INSTALL) -m 0755 -s ssh $(DESTDIR)$(bindir)/ssh
+ $(INSTALL) -m 0755 -s scp $(DESTDIR)$(bindir)/scp
+ $(INSTALL) -m 0755 -s ssh-add $(DESTDIR)$(bindir)/ssh-add
+ $(INSTALL) -m 0755 -s ssh-agent $(DESTDIR)$(bindir)/ssh-agent
+ $(INSTALL) -m 0755 -s ssh-keygen $(DESTDIR)$(bindir)/ssh-keygen
+ $(INSTALL) -m 0755 -s ssh-keyscan $(DESTDIR)$(bindir)/ssh-keyscan
+ $(INSTALL) -m 0755 -s sshd $(DESTDIR)$(sbindir)/sshd
+ $(INSTALL) -m 0755 -s ssh-rand-helper $(DESTDIR)$(libexecdir)/ssh-rand-helper ; \
+ $(INSTALL) -m 4711 -s ssh-keysign $(DESTDIR)$(SSH_KEYSIGN)
+ @NO_SFTP@$(INSTALL) -m 0755 -s sftp $(DESTDIR)$(bindir)/sftp
+ @NO_SFTP@$(INSTALL) -m 0755 -s sftp-server $(DESTDIR)$(SFTP_SERVER)
+ $(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
+ $(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
+ $(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
+ $(INSTALL) -m 644 ssh-agent.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1
+ $(INSTALL) -m 644 ssh-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
+ $(INSTALL) -m 644 ssh-keyscan.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
+ $(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
+ $(INSTALL) -m 644 ssh-rand-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8 ; \
+ @NO_SFTP@$(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
+ @NO_SFTP@$(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
+ $(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
+ if [ ! -d $(DESTDIR)$(docdir) ]; then \
+ $(srcdir)/mkinstalldirs $(DESTDIR)$(docdir); \
+ fi
+ $(INSTALL) -m 644 README $(DESTDIR)$(docdir)/README
+ $(INSTALL) -m 644 README.gpt $(DESTDIR)$(docdir)/README.gpt
+ $(INSTALL) -m 644 README.privsep $(DESTDIR)$(docdir)/README.privsep
+ $(INSTALL) -m 644 INSTALL $(DESTDIR)$(docdir)/INSTALL
+ $(INSTALL) -m 644 WARNING.RNG $(DESTDIR)$(docdir)/WARNING.RNG
+ $(INSTALL) -m 644 LICENCE $(DESTDIR)$(docdir)/LICENSE.OpenSSH
+ $(INSTALL) -m 644 CREDITS $(DESTDIR)$(docdir)/CREDITS
+ -rm -f $(DESTDIR)$(bindir)/slogin
+ ln -s ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin
+ -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
+ ln -s ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
+ -rm -f $(DESTDIR)$(bindir)/gsissh
+ ln -s ssh$(EXEEXT) $(DESTDIR)$(bindir)/gsissh
+ -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/gsissh.1
+ ln -s ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/gsissh.1
+ -rm -f $(DESTDIR)$(bindir)/gsiscp
+ ln -s scp$(EXEEXT) $(DESTDIR)$(bindir)/gsiscp
+ -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/gsiscp.1
+ ln -s scp.1 $(DESTDIR)$(mandir)/$(mansubdir)1/gsiscp.1
+
host-key: ssh-keygen$(EXEEXT)
if [ -z "$(DESTDIR)" ] ; then \
if [ -f "$(DESTDIR)$(sysconfdir)/ssh_host_key" ] ; then \
uninstall:
-rm -f $(DESTDIR)$(bindir)/slogin
+ if [ ! -z "$(INSTALL_GSISSH)" ]; then \
+ rm -f $(DESTDIR)$(bindir)/gsiscp; \
+ rm -f $(DESTDIR)$(bindir)/gsissh; \
+ fi
-rm -f $(DESTDIR)$(bindir)/ssh$(EXEEXT)
-rm -f $(DESTDIR)$(bindir)/scp$(EXEEXT)
-rm -f $(DESTDIR)$(bindir)/ssh-add$(EXEEXT)
-rm -f $(DESTDIR)$(bindir)/sftp$(EXEEXT)
-rm -f $(DESTDIR)$(sbindir)/sshd$(EXEEXT)
-rm -r $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
+ -rm -f $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT)
+ -rm -f $(DESTDIR)$(RAND_HELPER)$(EXEEXT)
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
+ if [ ! -z "$(INSTALL_GSISSH)" ]; then \
+ rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/gsissh.1; \
+ rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/gsiscp.1; \
+ fi
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
+ -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
+ -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1