1 # Build recipe for openssh.
3 # Copyright (c) 2018-2019, 2021-2022 Matias Fonzo, <selk@dragora.org>.
5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
17 # Exit immediately on any error
24 # Define a category for the output of the package name
25 pkgcategory=networking
27 tarname=${program}-${version}.tar.gz
30 fetch=https://ftp3.usa.openbsd.org/pub/OpenBSD/OpenSSH/portable/$tarname
35 OpenSSH is the premier connectivity tool for remote login with the
36 SSH protocol. It encrypts all traffic to eliminate eavesdropping,
37 connection hijacking, and other attacks. In addition, OpenSSH provides
38 a large suite of secure tunneling capabilities, several authentication
39 methods, and sophisticated configuration options.
42 homepage=https://www.openssh.com
45 # Source documentation
46 docs="CREDITS ChangeLog LICENCE OVERVIEW PROTOCOL* README* TODO"
47 docsdir="${docdir}/${program}-${version}"
51 unpack "${tardir}/$tarname"
55 # Set sane permissions
56 chmod -R u+w,go-w,a+rX-s .
58 # A patch from Dragora to include a missing header at md5crypt.c file
59 patch -p1 < "${worktree}/patches/openssh/openssh-include-stdio.h.patch"
61 ./configure CPPFLAGS="$QICPPFLAGS" \
62 CFLAGS="$QICFLAGS" LDFLAGS="$QILDFLAGS -static" LIBS="-ledit" \
64 --libdir=/usr/lib${libSuffix} \
65 --sysconfdir=/etc/ssh \
69 --with-default-path='/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin' \
70 --with-privsep-path=/var/lib/sshd \
71 --with-privsep-user=sshd \
72 --with-pid-dir=/var/run/sshd \
73 --with-md5-passwords \
75 --without-zlib-version-check \
76 --build="$(gcc -dumpmachine)"
79 make -j${jobs} DESTDIR="$destdir" install
81 # Make empty directories for the package
82 mkdir -p "${destdir}/var/run/sshd" "${destdir}/var/lib/sshd"
84 # Copy additional utilities
86 cp -p contrib/ssh-copy-id "${destdir}/usr/bin"
87 chmod 755 "${destdir}/usr/bin/ssh-copy-id"
89 mkdir -p "${destdir}/${mandir}/man1"
90 cp -p contrib/ssh-copy-id.1 "${destdir}/${mandir}/man1"
92 # Install sshd perp service(s)
94 mkdir -p "${destdir}/etc/perp/sshd"
96 cp -p "${worktree}/archive/openssh/rc.log" \
97 "${worktree}/archive/openssh/rc.main" \
98 "${destdir}/etc/perp/sshd/"
100 chmod 755 "${destdir}"/etc/perp/sshd/rc.*
102 # THIS SERVICE IS DISABLED BY DEFAULT
103 chmod -t "${destdir}/etc/perp/sshd"
105 # Manage (dot) new files via graft(1)
106 touch "${destdir}/etc/ssh/.graft-config" \
107 "${destdir}/etc/perp/sshd/.graft-config"
109 # Compress and link man pages (if needed)
110 if test -d "${destdir}/$mandir"
113 cd "${destdir}/$mandir"
114 find . -type f -exec lzip -9 {} +
115 find . -type l | while read -r file
117 ln -sf "$(readlink -- "$file").lz" "${file}.lz"
124 mkdir -p "${destdir}/$docsdir"
125 cp -p $docs "${destdir}/$docsdir"