X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=lfs%2Fopenssh;h=0e6acc2278555b26f39e5077ae0887d0d9fadc80;hb=924b48c7890ef573c1400474ef92951fb9cf3ded;hp=3d4ef2f960431b69d529ec4d27626af66137b9cd;hpb=97f0fdd5f3a9fc93c01be9e48b16090bc4559191;p=people%2Fpmueller%2Fipfire-2.x.git diff --git a/lfs/openssh b/lfs/openssh index 3d4ef2f960..0e6acc2278 100644 --- a/lfs/openssh +++ b/lfs/openssh @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2013 IPFire Team # +# Copyright (C) 2007-2018 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 6.2p2 +VER = 7.7p1 THISAPP = openssh-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = be46174dcbb77ebb4ea88ef140685de1 +$(DL_FILE)_MD5 = 68ba883aff6958297432e5877e9a0fe2 install : $(TARGET) @@ -70,29 +70,40 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) -ifeq "$(PADLOCK)" "1" - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssh-4.7p1-padlock.patch -endif + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/openssh-7.7p1-openssl-1.1.0-1.patch cd $(DIR_APP) && sed -i "s/lkrb5 -ldes/lkrb5/" configure - cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/etc/ssh \ - --libexecdir=/usr/lib/openssh --with-md5-passwords \ - --with-privsep-path=/var/empty --disable-nls \ - --with-superuser-path=/sbin:/usr/sbin:/bin:/usr/bin + cd $(DIR_APP) && ./configure \ + --prefix=/usr \ + --sysconfdir=/etc/ssh \ + --libexecdir=/usr/lib/openssh \ + --with-md5-passwords \ + --with-privsep-path=/var/empty \ + --with-superuser-path=/sbin:/usr/sbin:/bin:/usr/bin + cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install - sed -i -e 's/^#\?Port .*$$/Port 222/' \ - -e 's/^#\?Protocol .*$$/Protocol 2/' \ - -e 's/^#\?LoginGraceTime .*$$/LoginGraceTime 30s/' \ - -e 's/^#\?RSAAuthentication .*$$/RSAAuthentication yes/' \ - -e 's/^#\?PubkeyAuthentication .*$$/PubkeyAuthentication yes/' \ - -e 's/^#\?PasswordAuthentication .*$$/PasswordAuthentication yes/' \ - -e 's/^#\?MaxStartups .*$$/MaxStartups 5/' \ - -e 's/^#\?IgnoreUserKnownHosts .*$$/IgnoreUserKnownHosts yes/' \ - -e 's/^#\?UsePAM .*$$//' \ - -e 's/^#\?X11Forwarding .*$$/X11Forwarding no/' \ - -e 's/^#\?SyslogFacility AUTH .*$$/SyslogFacility AUTH/' \ - -e 's/^#\?LogLevel INFO .*$$/LogLevel INFO/' \ - -e 's/^#\?AllowTcpForwarding .*$$/AllowTcpForwarding no/' \ - /etc/ssh/sshd_config + sed -i -e 's/^#\?Port .*$$/Port 22/' \ + -e 's/^#\?Protocol .*$$/Protocol 2/' \ + -e 's/^#\?LoginGraceTime .*$$/LoginGraceTime 30s/' \ + -e 's/^#\?PubkeyAuthentication .*$$/PubkeyAuthentication yes/' \ + -e 's/^#\?PasswordAuthentication .*$$/PasswordAuthentication no/' \ + -e 's/^#\?MaxStartups .*$$/MaxStartups 5/' \ + -e 's/^#\?IgnoreUserKnownHosts .*$$/IgnoreUserKnownHosts yes/' \ + -e 's/^#\?UsePAM .*$$//' \ + -e 's/^#\?X11Forwarding .*$$/X11Forwarding no/' \ + -e 's/^#\?SyslogFacility AUTH .*$$/SyslogFacility AUTH/' \ + -e 's/^#\?LogLevel INFO .*$$/LogLevel INFO/' \ + -e 's/^#\?AllowTcpForwarding .*$$/AllowTcpForwarding no/' \ + -e 's/^#\?PermitRootLogin .*$$/PermitRootLogin yes/' \ + -e 's|^#\?HostKey /etc/ssh/ssh_host_dsa_key$$||' \ + -e 's|^#\?HostKey /etc/ssh/ssh_host_ecdsa_key$$||' \ + -e 's|^#\?HostKey /etc/ssh/ssh_host_ed25519_key$$||' \ + -e 's|^#\?HostKey /etc/ssh/ssh_host_rsa_key$$|HostKey /etc/ssh/ssh_host_ecdsa_key\nHostKey /etc/ssh/ssh_host_ed25519_key\nHostKey /etc/ssh/ssh_host_rsa_key|' \ + /etc/ssh/sshd_config + + # install custom OpenSSH client configuration + install -v -m 644 $(DIR_SRC)/config/ssh/ssh_config \ + /etc/ssh/ssh_config + @rm -rf $(DIR_APP) @$(POSTBUILD)