OpenSSH LDAP public key authentication patch for security/openssh

To: tech-pkg%NetBSD.org@localhost
Subject: OpenSSH LDAP public key authentication patch for security/openssh
From: iMil <imil%home.imil.net@localhost>
Date: Wed, 30 May 2012 17:15:15 +0200 (CEST)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hi,

we are using the attached patch at ${DAYJOB} in order to use LDAP public
key authentication with OpenSSH. It is based on Eric Augé's work
http://code.google.com/p/openssh-lpk/ and Gentoo's adaptation to latest
OpenSSH versions.
As openssh is a sensitive package, I'd like to have some feedback about
the patch before commiting it.

Thanks,

- -------------------------------------------
Emile "iMil" Heitor .°. <imil%home.imil.net@localhost>                          
     _
                        http://gcu-squad.org        ASCII ribbon campaign ( )
                                                     - against HTML email  X
                                                                 & vCards / \
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (NetBSD)

iD8DBQFPxjmEFG3BlGWyzUIRAiZAAJ4qOXP7kYIZzYs3HUYjJu8V2yEiZQCeKsIP
a+4JAG3ORS43MMKUFyFnY6g=
=vYv2
-----END PGP SIGNATURE-----

@comment $NetBSD$
share/doc/openssh/README.lpk
share/examples/openssh/lpk-user-example.txt
share/examples/openssh/openssh-lpk_openldap.schema
share/examples/openssh/openssh-lpk_sun.schema

Index: Makefile
===================================================================
RCS file: /cvsroot/pkgsrc/security/openssh/Makefile,v
retrieving revision 1.205
diff -u -p -r1.205 Makefile
--- Makefile    9 Jan 2012 05:25:36 -0000       1.205
+++ Makefile    30 May 2012 14:49:14 -0000
@@ -177,6 +177,14 @@ SUBST_MESSAGE.patch=       More patch a file.
 .include "../../security/openssl/buildlink3.mk"
 .include "../../security/tcp_wrappers/buildlink3.mk"
 
+.if !empty(PKG_OPTIONS:Mlpk)
+DOCDIR=                        ${PREFIX}/share/doc/openssh
+INSTALLATION_DIRS+=    ${DOCDIR}
+
+pre-configure:
+       cd ${WRKSRC} && autoconf
+.endif
+
 #
 # type of key "ecdsa" isn't always supported depends on OpenSSL.
 #
@@ -199,5 +207,12 @@ post-install:
        ${INSTALL_DATA} ${WRKSRC}/contrib/sshd.pam.generic \
          ${DESTDIR}${EGDIR}/sshd.pam
 .endif
+.if !empty(PKG_OPTIONS:Mlpk)
+       ${INSTALL_DATA} ${WRKSRC}/README.lpk \
+               ${DESTDIR}${DOCDIR}
+       cd ${WRKSRC}; for file in ${LPK_CONFS}; do                      \
+               ${INSTALL_DATA} $${file} ${DESTDIR}${EGDIR}/$${file};   \
+       done
+.endif
 
 .include "../../mk/bsd.pkg.mk"
Index: distinfo
===================================================================
RCS file: /cvsroot/pkgsrc/security/openssh/distinfo,v
retrieving revision 1.81
diff -u -p -r1.81 distinfo
--- distinfo    18 Aug 2011 09:22:02 -0000      1.81
+++ distinfo    30 May 2012 14:49:14 -0000
@@ -1,11 +1,11 @@
 $NetBSD: distinfo,v 1.81 2011/08/18 09:22:02 taca Exp $
 
-SHA1 (openssh-5.8p1-hpn13v11.diff.gz) = 
ea61ab71605ee867eebc1a92875a3ea5369e2d28
-RMD160 (openssh-5.8p1-hpn13v11.diff.gz) = 
45fbb8e2db2f829f2749cd745ed6a0542adb1c45
-Size (openssh-5.8p1-hpn13v11.diff.gz) = 22993 bytes
 SHA1 (openssh-5.8p2.tar.gz) = 64798328d310e4f06c9f01228107520adbc8b3e5
 RMD160 (openssh-5.8p2.tar.gz) = f70cdb10983c389b1d6e52da522b9ff8256f1aff
 Size (openssh-5.8p2.tar.gz) = 1115475 bytes
+SHA1 (openssh-lpk-5.8p2-0.3.14.patch.gz) = 
9eab90211363e6ea74e250d072cf14b69516bc0e
+RMD160 (openssh-lpk-5.8p2-0.3.14.patch.gz) = 
ca008e5c8c1f43be334f6e4e598d79d0153e94e5
+Size (openssh-lpk-5.8p2-0.3.14.patch.gz) = 18656 bytes
 SHA1 (patch-aa) = 59a39e53367983145e11150018a7f6f185df7bd5
 SHA1 (patch-ab) = 45ae7e91a00fc6d3fdb6cd6b91950d7aae58a55f
 SHA1 (patch-ac) = 7cd1129633649327f4f44cecc10b617c5cd34ec3
Index: options.mk
===================================================================
RCS file: /cvsroot/pkgsrc/security/openssh/options.mk,v
retrieving revision 1.22
diff -u -p -r1.22 options.mk
--- options.mk  9 Jan 2012 05:25:36 -0000       1.22
+++ options.mk  30 May 2012 14:49:14 -0000
@@ -3,7 +3,7 @@
 .include "../../mk/bsd.prefs.mk"
 
 PKG_OPTIONS_VAR=       PKG_OPTIONS.openssh
-PKG_SUPPORTED_OPTIONS= kerberos hpn-patch pam
+PKG_SUPPORTED_OPTIONS= kerberos hpn-patch lpk pam
 
 .include "../../mk/bsd.options.mk"
 
@@ -28,3 +28,19 @@ PLIST_SRC+=          ${.CURDIR}/PLIST.pam
 MESSAGE_SRC+=          ${.CURDIR}/MESSAGE.pam
 MESSAGE_SUBST+=                EGDIR=${EGDIR}
 .endif
+
+.if !empty(PKG_OPTIONS:Mlpk)
+.include "../../databases/openldap-client/buildlink3.mk"
+USE_TOOLS+=            autoconf
+CONFIGURE_ARGS+=       --with-ldap
+LPK_CONFS+=            lpk-user-example.txt            \
+                       openssh-lpk_openldap.schema     \
+                       openssh-lpk_sun.schema
+PLIST_SRC+=            ${.CURDIR}/PLIST.lpk
+
+LPK_VERS=              0.3.14
+OPENSSH_VERS=          ${DISTNAME:S/openssh-//}
+PATCHFILES=            openssh-lpk-${OPENSSH_VERS}-${LPK_VERS}.patch.gz
+PATCH_SITES=           http://gentoo.mirrors.tera-byte.com/distfiles/
+PATCH_DIST_STRIP=      -p1
+.endif

Prev by Date: daily pkgsrc CVS update output
Next by Date: daily pkgsrc CVS update output
Previous by Thread: daily pkgsrc CVS update output
Next by Thread: daily pkgsrc CVS update output
Indexes:

Home | Main Index | Thread Index | Old Index