#
-# Copyright (C) 2006,2008-2011 OpenWrt.org
+# Copyright (C) 2006-2011 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
include $(TOPDIR)/rules.mk
PKG_NAME:=openssh
-PKG_VERSION:=5.8p2
-PKG_RELEASE:=2
+PKG_VERSION:=5.9p1
+PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \
ftp://openbsd.wiretapped.net/pub/OpenBSD/OpenSSH/portable/ \
ftp://ftp.belnet.be/packages/openbsd/OpenSSH/portable/ \
ftp://ftp.de.openbsd.org/pub/unix/OpenBSD/OpenSSH/portable/
-PKG_MD5SUM:=0541579adf9d55abb15ef927048d372e
+PKG_MD5SUM:=afe17eee7e98d3b8550cc349834a85d0
PKG_BUILD_DEPENDS:=libopenssl
define Package/openssh/Default
SECTION:=net
CATEGORY:=Network
- DEPENDS:=+libopenssl +zlib +libgcc
+ DEPENDS:=+libopenssl +zlib
TITLE:=OpenSSH
MAINTAINER:=Peter Wagner <tripolar@gmx.at>
URL:=http://www.openssh.com/
SUBMENU:=SSH
endef
+define Package/openssh-moduli
+ $(call Package/openssh/Default)
+ DEPENDS+= +openssh-server
+ TITLE+= moduli file
+endef
+
+define Package/openssh-moduli/description
+OpenSSH server moduli file.
+endef
+
+
define Package/openssh-client
$(call Package/openssh/Default)
TITLE+= client
define Package/openssh-sftp-server
$(call Package/openssh/Default)
- DEPENDS:=+libgcc
TITLE+= SFTP server
endef
CONFIGURE_ARGS+= \
$(DISABLE_NLS) \
--sysconfdir=/etc/ssh \
+ --with-privsep-user=sshd \
+ --with-privsep-path=/var/empty \
--enable-shared \
--disable-static \
--disable-debug \
--without-pam \
--without-x
+ifeq ($(CONFIG_OPENSSL_ENGINE),y)
+CONFIGURE_ARGS+= \
+ --with-ssl-engine
+endif
+
ifneq ($(CONFIG_SSP_SUPPORT),y)
CONFIGURE_ARGS += \
--without-stackprotect
all install
endef
+define Package/openssh-moduli/install
+ $(INSTALL_DIR) $(1)/etc/ssh
+ $(CP) $(PKG_INSTALL_DIR)/etc/ssh/moduli $(1)/etc/ssh/
+endef
+
define Package/openssh-client/install
$(INSTALL_DIR) $(1)/etc/ssh
chmod 0700 $(1)/etc/ssh
$(INSTALL_DIR) $(1)/etc/ssh
chmod 0700 $(1)/etc/ssh
$(CP) $(PKG_INSTALL_DIR)/etc/ssh/sshd_config $(1)/etc/ssh/
- $(CP) $(PKG_INSTALL_DIR)/etc/ssh/moduli $(1)/etc/ssh/
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/sshd.init $(1)/etc/init.d/sshd
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/sshd $(1)/usr/sbin/
endef
-define Package/openssh-server/postinst
-#!/bin/sh
-
-name=sshd
-id=22
-
-if [ -z "$$(grep ^\\$${name}: $${IPKG_INSTROOT}/etc/group)" ]; then
- echo "adding group $$name to /etc/group"
- echo "$${name}:x:$${id}:" >> $${IPKG_INSTROOT}/etc/group
-fi
-
-if [ -z "$$(grep ^\\$${name}: $${IPKG_INSTROOT}/etc/passwd)" ]; then
- echo "adding user $$name to /etc/passwd"
- echo "$${name}:x:$${id}:$${id}:$${name}:/var/empty/.$${name}:/bin/false" >> $${IPKG_INSTROOT}/etc/passwd
-fi
-endef
-
define Package/openssh-sftp-client/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sftp $(1)/usr/bin/
endef
$(eval $(call BuildPackage,openssh-client))
+$(eval $(call BuildPackage,openssh-moduli))
$(eval $(call BuildPackage,openssh-client-utils))
$(eval $(call BuildPackage,openssh-keygen))
$(eval $(call BuildPackage,openssh-server))
#!/bin/sh /etc/rc.common
-# Copyright (C) 2006 OpenWrt.org
+# Copyright (C) 2006-2011 OpenWrt.org
+
START=50
STOP=50
+SERVICE_USE_PID=1
+
start() {
for type in rsa dsa; do {
# check for keys
exit 0
}
}; done
- mkdir -p /var/empty
- chmod 0700 /var/empty
- /usr/sbin/sshd
+ user_exists sshd 22 || user_add sshd 22 22 sshd /var/empty
+ group_exists sshd 22 || group_add sshd 22
+ mkdir -m 0700 -p /var/empty
+ service_start /usr/sbin/sshd
}
stop() {
- kill $(cat /var/run/sshd.pid)
+ service_stop /usr/sbin/sshd
}
shutdown() {
- killall sshd
+ local pid
+ local pids
+ local pid_mine
+
+ stop
+
+ # kill active clients
+ pid_mine="$$"
+ pids="$(pidof sshd)"
+ for pid in $pids; do
+ [ "$pid" = "$pid_mine" ] && continue
+ [ -e "/proc/$pid/stat" ] && kill $pid
+ done
}
--- /dev/null
+--- a/auth-pam.c
++++ b/auth-pam.c
+@@ -159,7 +159,7 @@ sshpam_sigchld_handler(int sig)
+ }
+ if (WIFSIGNALED(sshpam_thread_status) &&
+ WTERMSIG(sshpam_thread_status) == SIGTERM)
+- return; /* terminated by pthread_cancel */
++ return; /* terminated by pthread2_cancel */
+ if (!WIFEXITED(sshpam_thread_status))
+ sigdie("PAM: authentication thread exited unexpectedly");
+ if (WEXITSTATUS(sshpam_thread_status) != 0)
+@@ -168,14 +168,14 @@ sshpam_sigchld_handler(int sig)
+
+ /* ARGSUSED */
+ static void
+-pthread_exit(void *value)
++pthread2_exit(void *value)
+ {
+ _exit(0);
+ }
+
+ /* ARGSUSED */
+ static int
+-pthread_create(sp_pthread_t *thread, const void *attr,
++pthread2_create(sp_pthread_t *thread, const void *attr,
+ void *(*thread_start)(void *), void *arg)
+ {
+ pid_t pid;
+@@ -201,7 +201,7 @@ pthread_create(sp_pthread_t *thread, con
+ }
+
+ static int
+-pthread_cancel(sp_pthread_t thread)
++pthread2_cancel(sp_pthread_t thread)
+ {
+ signal(SIGCHLD, sshpam_oldsig);
+ return (kill(thread, SIGTERM));
+@@ -209,7 +209,7 @@ pthread_cancel(sp_pthread_t thread)
+
+ /* ARGSUSED */
+ static int
+-pthread_join(sp_pthread_t thread, void **value)
++pthread2_join(sp_pthread_t thread, void **value)
+ {
+ int status;
+
+@@ -509,7 +509,7 @@ sshpam_thread(void *ctxtp)
+ /* XXX - can't do much about an error here */
+ ssh_msg_send(ctxt->pam_csock, sshpam_err, &buffer);
+ buffer_free(&buffer);
+- pthread_exit(NULL);
++ pthread2_exit(NULL);
+
+ auth_fail:
+ buffer_put_cstring(&buffer,
+@@ -520,7 +520,7 @@ sshpam_thread(void *ctxtp)
+ else
+ ssh_msg_send(ctxt->pam_csock, PAM_AUTH_ERR, &buffer);
+ buffer_free(&buffer);
+- pthread_exit(NULL);
++ pthread2_exit(NULL);
+
+ return (NULL); /* Avoid warning for non-pthread case */
+ }
+@@ -532,8 +532,8 @@ sshpam_thread_cleanup(void)
+
+ debug3("PAM: %s entering", __func__);
+ if (ctxt != NULL && ctxt->pam_thread != 0) {
+- pthread_cancel(ctxt->pam_thread);
+- pthread_join(ctxt->pam_thread, NULL);
++ pthread2_cancel(ctxt->pam_thread);
++ pthread2_join(ctxt->pam_thread, NULL);
+ close(ctxt->pam_psock);
+ close(ctxt->pam_csock);
+ memset(ctxt, 0, sizeof(*ctxt));
+@@ -698,7 +698,7 @@ sshpam_init_ctx(Authctxt *authctxt)
+ }
+ ctxt->pam_psock = socks[0];
+ ctxt->pam_csock = socks[1];
+- if (pthread_create(&ctxt->pam_thread, NULL, sshpam_thread, ctxt) == -1) {
++ if (pthread2_create(&ctxt->pam_thread, NULL, sshpam_thread, ctxt) == -1) {
+ error("PAM: failed to start authentication thread: %s",
+ strerror(errno));
+ close(socks[0]);