openssh: moved to github
authorSteven Barth <cyrus@openwrt.org>
Mon, 16 Jun 2014 15:11:01 +0000 (15:11 +0000)
committerSteven Barth <cyrus@openwrt.org>
Mon, 16 Jun 2014 15:11:01 +0000 (15:11 +0000)
SVN-Revision: 41204

net/openssh/Makefile [deleted file]
net/openssh/files/sshd.init [deleted file]
net/openssh/files/sshd.pam [deleted file]
net/openssh/files/sshd.pam-access [deleted file]
net/openssh/patches/100-no_cast_fix.patch [deleted file]
net/openssh/patches/130-implicit_memset_decl_fix.patch [deleted file]
net/openssh/patches/140-pam_uclibc_pthreads_fix.patch [deleted file]
net/openssh/patches/200-dscp-qos.patch [deleted file]

diff --git a/net/openssh/Makefile b/net/openssh/Makefile
deleted file mode 100644 (file)
index 459b7d7..0000000
+++ /dev/null
@@ -1,265 +0,0 @@
-#
-# Copyright (C) 2006-2011 OpenWrt.org
-#
-# This is free software, licensed under the GNU General Public License v2.
-# See /LICENSE for more information.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=openssh
-PKG_VERSION:=6.6p1
-PKG_RELEASE:=1
-
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \
-               ftp://openbsd.wiretapped.net/pub/OpenBSD/OpenSSH/portable/ \
-               ftp://ftp.belnet.be/packages/openbsd/OpenSSH/portable/ \
-               ftp://ftp.de.openbsd.org/pub/unix/OpenBSD/OpenSSH/portable/
-PKG_MD5SUM:=3e9800e6bca1fbac0eea4d41baa7f239
-
-
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
-
-PKG_BUILD_DEPENDS:=libopenssl
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/openssh/Default
-       SECTION:=net
-       CATEGORY:=Network
-       DEPENDS:=+libopenssl +zlib +SSP_SUPPORT:libssp
-       TITLE:=OpenSSH
-       MAINTAINER:=Peter Wagner <tripolar@gmx.at>
-       URL:=http://www.openssh.com/
-       SUBMENU:=SSH
-       VARIANT:=without-pam
-endef
-
-define Package/openssh-moduli
-       $(call Package/openssh/Default)
-       DEPENDS+= +openssh-keygen
-       TITLE+= moduli file
-endef
-
-define Package/openssh-moduli/description
-OpenSSH server moduli file.
-endef
-
-define Package/openssh-client
-       $(call Package/openssh/Default)
-       TITLE+= client
-endef
-
-define Package/openssh-client/description
-OpenSSH client.
-endef
-
-define Package/openssh-client/conffiles
-/etc/ssh/ssh_config
-endef
-
-define Package/openssh-client-utils
-       $(call Package/openssh/Default)
-       DEPENDS+= +openssh-client +openssh-keygen
-       TITLE+= client utilities
-endef
-
-define Package/openssh-client-utils/description
-OpenSSH client utilities.
-endef
-
-define Package/openssh-keygen
-       $(call Package/openssh/Default)
-       TITLE+= keygen
-endef
-
-define Package/openssh-keygen/description
-OpenSSH keygen.
-endef
-
-define Package/openssh-server
-       $(call Package/openssh/Default)
-       DEPENDS+= +openssh-keygen
-       TITLE+= server
-endef
-
-define Package/openssh-server/description
-OpenSSH server.
-endef
-
-define Package/openssh-server/conffiles
-/etc/ssh/sshd_config
-endef
-
-define Package/openssh-server-pam
-       $(call Package/openssh/Default)
-       DEPENDS+= +libpthread +openssh-keygen +libpam
-       TITLE+= server (with PAM support)
-       VARIANT:=with-pam
-endef
-
-define Package/openssh-server-pam/description
-OpenSSH server (with PAM support).
-endef
-
-define Package/openssh-server-pam/conffiles
-/etc/pam.d/sshd
-/etc/security/access-sshd-local.conf
-/etc/ssh/sshd_config
-endef
-
-define Package/openssh-sftp-client
-       $(call Package/openssh/Default)
-       TITLE+= SFTP client
-endef
-
-define Package/openssh-sftp-client/description
-OpenSSH SFTP client.
-endef
-
-define Package/openssh-sftp-server
-       $(call Package/openssh/Default)
-       TITLE+= SFTP server
-endef
-
-define Package/openssh-sftp-server/description
-OpenSSH SFTP server.
-endef
-
-CONFIGURE_ARGS+= \
-       $(DISABLE_NLS) \
-       --sysconfdir=/etc/ssh \
-       --with-privsep-user=sshd \
-       --with-privsep-path=/var/empty \
-       --enable-shared \
-       --disable-static \
-       --disable-debug \
-       --disable-strip \
-       --disable-etc-default-login \
-       --disable-lastlog \
-       --disable-utmp \
-       --disable-utmpx \
-       --disable-wtmp \
-       --disable-wtmpx \
-       --without-bsd-auth \
-       --without-kerberos5 \
-       --without-x
-
-ifeq ($(BUILD_VARIANT),with-pam)
-CONFIGURE_ARGS += \
-       --with-pam
-else
-CONFIGURE_ARGS += \
-       --without-pam
-endif
-
-ifeq ($(CONFIG_OPENSSL_ENGINE),y)
-CONFIGURE_ARGS+= \
-       --with-ssl-engine
-endif
-
-ifneq ($(CONFIG_SSP_SUPPORT),y)
-CONFIGURE_ARGS += \
-       --without-stackprotect
-endif
-
-CONFIGURE_VARS += LD="$(TARGET_CC)"
-
-ifeq ($(BUILD_VARIANT),with-pam)
-TARGET_LDFLAGS += -lpthread
-endif
-
-define Build/Compile
-       $(MAKE) -C $(PKG_BUILD_DIR) \
-               DESTDIR="$(PKG_INSTALL_DIR)" \
-               LIBS="" \
-               sftp-server
-       $(MAKE) -C $(PKG_BUILD_DIR) \
-               DESTDIR="$(PKG_INSTALL_DIR)" \
-               STRIP_OPT="" \
-               all install
-endef
-
-define Package/openssh-client/preinst
-#!/bin/sh
-if [ -L $${IPKG_INSTROOT}/usr/bin/ssh ] && [ -L $${IPKG_INSTROOT}/usr/bin/scp ]; then
-       rm -f $${IPKG_INSTROOT}/usr/bin/ssh $${IPKG_INSTROOT}/usr/bin/scp;
-fi
-exit 0
-endef
-
-define Package/openssh-client/postrm
-#!/bin/sh
-rm -f $${IPKG_INSTROOT}/usr/bin/ssh $${IPKG_INSTROOT}/usr/bin/scp;
-if [ -x $${IPKG_INSTROOT}/usr/sbin/dropbear ] ; then
-       ln -s /usr/sbin/dropbear $${IPKG_INSTROOT}/usr/bin/ssh;
-       ln -s /usr/sbin/dropbear $${IPKG_INSTROOT}/usr/bin/scp;
-fi
-exit 0
-endef
-
-define Package/openssh-moduli/install
-       $(INSTALL_DIR) $(1)/etc/ssh
-       $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/ssh/moduli $(1)/etc/ssh/
-endef
-
-define Package/openssh-client/install
-       $(INSTALL_DIR) $(1)/etc/ssh
-       chmod 0700 $(1)/etc/ssh
-       $(CP) $(PKG_INSTALL_DIR)/etc/ssh/ssh_config $(1)/etc/ssh/
-       $(INSTALL_DIR) $(1)/usr/bin
-       $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/ssh $(1)/usr/bin/
-       $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/scp $(1)/usr/bin/
-endef
-
-define Package/openssh-client-utils/install
-       $(INSTALL_DIR) $(1)/usr/bin
-       $(INSTALL_BIN) $(foreach bin,add agent keyscan keysign,$(PKG_BUILD_DIR)/ssh-$(bin)) $(1)/usr/bin/
-endef
-
-define Package/openssh-keygen/install
-       $(INSTALL_DIR) $(1)/usr/bin
-       $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/ssh-keygen $(1)/usr/bin/
-endef
-
-define Package/openssh-server/install
-       $(INSTALL_DIR) $(1)/etc/ssh
-       chmod 0700 $(1)/etc/ssh
-       $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/ssh/sshd_config $(1)/etc/ssh/
-       $(INSTALL_DIR) $(1)/etc/init.d
-       $(INSTALL_BIN) ./files/sshd.init $(1)/etc/init.d/sshd
-       $(INSTALL_DIR) $(1)/usr/sbin
-       $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/sshd $(1)/usr/sbin/
-endef
-
-define Package/openssh-server-pam/install
-       $(call Package/openssh-server/install,$(1))
-       sed -i 's,#PasswordAuthentication yes,PasswordAuthentication no,g' $(1)/etc/ssh/sshd_config
-       sed -i 's,#UsePAM no,UsePAM yes,g' $(1)/etc/ssh/sshd_config
-       $(INSTALL_DIR) $(1)/etc/pam.d
-       $(INSTALL_DATA) ./files/sshd.pam $(1)/etc/pam.d/sshd
-       $(INSTALL_DIR) $(1)/etc/security
-       $(INSTALL_DATA) ./files/sshd.pam-access $(1)/etc/security/access-sshd-local.conf
-endef
-
-define Package/openssh-sftp-client/install
-       $(INSTALL_DIR) $(1)/usr/bin
-       $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sftp $(1)/usr/bin/
-endef
-
-define Package/openssh-sftp-server/install
-       $(INSTALL_DIR) $(1)/usr/lib
-       $(CP) $(PKG_INSTALL_DIR)/usr/lib/sftp-server $(1)/usr/lib/
-       $(INSTALL_DIR) $(1)/usr/libexec
-       ln -sf ../lib/sftp-server $(1)/usr/libexec/sftp-server
-endef
-
-$(eval $(call BuildPackage,openssh-client))
-$(eval $(call BuildPackage,openssh-moduli))
-$(eval $(call BuildPackage,openssh-client-utils))
-$(eval $(call BuildPackage,openssh-keygen))
-$(eval $(call BuildPackage,openssh-server))
-$(eval $(call BuildPackage,openssh-server-pam))
-$(eval $(call BuildPackage,openssh-sftp-client))
-$(eval $(call BuildPackage,openssh-sftp-server))
diff --git a/net/openssh/files/sshd.init b/net/openssh/files/sshd.init
deleted file mode 100644 (file)
index 879df12..0000000
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/bin/sh /etc/rc.common
-# Copyright (C) 2006-2011 OpenWrt.org
-
-START=50
-STOP=50
-
-USE_PROCD=1
-PROG=/usr/sbin/sshd
-
-start_service() {
-       for type in rsa dsa; do {
-               # check for keys
-               key=/etc/ssh/ssh_host_${type}_key
-               [ ! -f $key ] && {
-                       # generate missing keys
-                       [ -x /usr/bin/ssh-keygen ] && {
-                               /usr/bin/ssh-keygen -N '' -t $type -f $key 2>&- >&-
-                       }
-               }
-       }; done
-       user_exists sshd 22 || user_add sshd 22 22 sshd /var/empty
-       group_exists sshd 22 || group_add sshd 22 
-       mkdir -m 0700 -p /var/empty
-
-       procd_open_instance
-       procd_set_param command $PROG -D
-       procd_close_instance
-}
-
-shutdown() {
-       local pid
-       local pids
-       local pid_mine
-
-       stop
-
-       # kill active clients
-       pid_mine="$$"
-       pids="$(pidof sshd)"
-       for pid in $pids; do
-               [ "$pid" = "$pid_mine" ] && continue
-               [ -e "/proc/$pid/stat" ] && kill $pid
-       done
-}
diff --git a/net/openssh/files/sshd.pam b/net/openssh/files/sshd.pam
deleted file mode 100644 (file)
index 387ff2e..0000000
+++ /dev/null
@@ -1,41 +0,0 @@
-# PAM configuration for the Secure Shell service
-
-# Read environment variables from /etc/environment and
-# /etc/security/pam_env.conf.
-auth       required     pam_env.so
-
-# Skip Google Authenticator if logging in from the local network.
-# auth [success=1 default=ignore] pam_access.so accessfile=/etc/security/access-sshd-local.conf
-# Google Authenticator 2-step verification.
-# auth       requisite    pam_google_authenticator.so
-
-# Standard Un*x authentication.
-auth       include      common-auth
-
-# Disallow non-root logins when /etc/nologin exists.
-account    required     pam_nologin.so
-
-# Uncomment and edit /etc/security/access.conf if you need to set complex
-# access limits that are hard to express in sshd_config.
-# account    required     pam_access.so
-
-# Standard Un*x authorization.
-account    include      common-account
-
-# Standard Un*x session setup and teardown.
-session    include      common-session
-
-# Print the message of the day upon successful login.
-session    optional     pam_motd.so
-
-# Print the status of the user's mailbox upon successful login.
-session    optional     pam_mail.so standard noenv
-
-# Set up user limits from /etc/security/limits.conf.
-session    required     pam_limits.so
-
-# Set up SELinux capabilities (need modified pam)
-# session    required     pam_selinux.so multiple
-
-# Standard Un*x password updating.
-password   include      common-password
diff --git a/net/openssh/files/sshd.pam-access b/net/openssh/files/sshd.pam-access
deleted file mode 100644 (file)
index 425ff11..0000000
+++ /dev/null
@@ -1,4 +0,0 @@
-# Skip Google Authenticator for local network
-#+ : ALL : 192.168.1.0/24
-+ : ALL : LOCAL
-- : ALL : ALL
diff --git a/net/openssh/patches/100-no_cast_fix.patch b/net/openssh/patches/100-no_cast_fix.patch
deleted file mode 100644 (file)
index 751e589..0000000
+++ /dev/null
@@ -1,13 +0,0 @@
---- a/cipher.c
-+++ b/cipher.c
-@@ -80,8 +80,10 @@ static const struct Cipher ciphers[] = {
-       { "3des-cbc",   SSH_CIPHER_SSH2, 8, 24, 0, 0, 0, 1, EVP_des_ede3_cbc },
-       { "blowfish-cbc",
-                       SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_bf_cbc },
-+#ifndef OPENSSL_NO_CAST
-       { "cast128-cbc",
-                       SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_cast5_cbc },
-+#endif
-       { "arcfour",    SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 0, EVP_rc4 },
-       { "arcfour128", SSH_CIPHER_SSH2, 8, 16, 0, 0, 1536, 0, EVP_rc4 },
-       { "arcfour256", SSH_CIPHER_SSH2, 8, 32, 0, 0, 1536, 0, EVP_rc4 },
diff --git a/net/openssh/patches/130-implicit_memset_decl_fix.patch b/net/openssh/patches/130-implicit_memset_decl_fix.patch
deleted file mode 100644 (file)
index be8bbcf..0000000
+++ /dev/null
@@ -1,12 +0,0 @@
---- a/includes.h
-+++ b/includes.h
-@@ -59,6 +59,9 @@
- /*
-  *-*-nto-qnx needs these headers for strcasecmp and LASTLOG_FILE respectively
-  */
-+#ifdef HAVE_STRING_H
-+# include <string.h>
-+#endif
- #ifdef HAVE_STRINGS_H
- # include <strings.h>
- #endif
diff --git a/net/openssh/patches/140-pam_uclibc_pthreads_fix.patch b/net/openssh/patches/140-pam_uclibc_pthreads_fix.patch
deleted file mode 100644 (file)
index 1319b52..0000000
+++ /dev/null
@@ -1,84 +0,0 @@
---- a/auth-pam.c
-+++ b/auth-pam.c
-@@ -159,7 +159,7 @@ sshpam_sigchld_handler(int sig)
-       }
-       if (WIFSIGNALED(sshpam_thread_status) &&
-           WTERMSIG(sshpam_thread_status) == SIGTERM)
--              return; /* terminated by pthread_cancel */
-+              return; /* terminated by pthread2_cancel */
-       if (!WIFEXITED(sshpam_thread_status))
-               sigdie("PAM: authentication thread exited unexpectedly");
-       if (WEXITSTATUS(sshpam_thread_status) != 0)
-@@ -168,14 +168,14 @@ sshpam_sigchld_handler(int sig)
- /* ARGSUSED */
- static void
--pthread_exit(void *value)
-+pthread2_exit(void *value)
- {
-       _exit(0);
- }
- /* ARGSUSED */
- static int
--pthread_create(sp_pthread_t *thread, const void *attr,
-+pthread2_create(sp_pthread_t *thread, const void *attr,
-     void *(*thread_start)(void *), void *arg)
- {
-       pid_t pid;
-@@ -201,7 +201,7 @@ pthread_create(sp_pthread_t *thread, con
- }
- static int
--pthread_cancel(sp_pthread_t thread)
-+pthread2_cancel(sp_pthread_t thread)
- {
-       signal(SIGCHLD, sshpam_oldsig);
-       return (kill(thread, SIGTERM));
-@@ -209,7 +209,7 @@ pthread_cancel(sp_pthread_t thread)
- /* ARGSUSED */
- static int
--pthread_join(sp_pthread_t thread, void **value)
-+pthread2_join(sp_pthread_t thread, void **value)
- {
-       int status;
-@@ -510,7 +510,7 @@ sshpam_thread(void *ctxtp)
-       /* XXX - can't do much about an error here */
-       ssh_msg_send(ctxt->pam_csock, sshpam_err, &buffer);
-       buffer_free(&buffer);
--      pthread_exit(NULL);
-+      pthread2_exit(NULL);
-  auth_fail:
-       buffer_put_cstring(&buffer,
-@@ -521,7 +521,7 @@ sshpam_thread(void *ctxtp)
-       else
-               ssh_msg_send(ctxt->pam_csock, PAM_AUTH_ERR, &buffer);
-       buffer_free(&buffer);
--      pthread_exit(NULL);
-+      pthread2_exit(NULL);
-       return (NULL); /* Avoid warning for non-pthread case */
- }
-@@ -533,8 +533,8 @@ sshpam_thread_cleanup(void)
-       debug3("PAM: %s entering", __func__);
-       if (ctxt != NULL && ctxt->pam_thread != 0) {
--              pthread_cancel(ctxt->pam_thread);
--              pthread_join(ctxt->pam_thread, NULL);
-+              pthread2_cancel(ctxt->pam_thread);
-+              pthread2_join(ctxt->pam_thread, NULL);
-               close(ctxt->pam_psock);
-               close(ctxt->pam_csock);
-               memset(ctxt, 0, sizeof(*ctxt));
-@@ -698,7 +698,7 @@ sshpam_init_ctx(Authctxt *authctxt)
-       }
-       ctxt->pam_psock = socks[0];
-       ctxt->pam_csock = socks[1];
--      if (pthread_create(&ctxt->pam_thread, NULL, sshpam_thread, ctxt) == -1) {
-+      if (pthread2_create(&ctxt->pam_thread, NULL, sshpam_thread, ctxt) == -1) {
-               error("PAM: failed to start authentication thread: %s",
-                   strerror(errno));
-               close(socks[0]);
diff --git a/net/openssh/patches/200-dscp-qos.patch b/net/openssh/patches/200-dscp-qos.patch
deleted file mode 100644 (file)
index 827a668..0000000
+++ /dev/null
@@ -1,21 +0,0 @@
---- a/ssh_config
-+++ b/ssh_config
-@@ -46,3 +46,6 @@
- #   VisualHostKey no
- #   ProxyCommand ssh -q -W %h:%p gateway.example.com
- #   RekeyLimit 1G 1h
-+
-+# enable DSCP QoS values (per RFC-4594)
-+#IPQoS AF21 AF11
---- a/sshd_config
-+++ b/sshd_config
-@@ -122,6 +122,9 @@ UsePrivilegeSeparation sandbox             # Defaul
- # no default banner path
- #Banner none
-+# enable DSCP QoS values (per RFC-4594)
-+#IPQoS AF21 AF11
-+
- # override default of no subsystems
- Subsystem     sftp    /usr/libexec/sftp-server