diff options
Diffstat (limited to 'debian')
-rw-r--r-- | debian/changelog | 21 | ||||
-rw-r--r-- | debian/copyright.head | 10 | ||||
-rw-r--r-- | debian/openssh-client-udeb.isinstallable | 10 | ||||
-rw-r--r-- | debian/postinst | 49 | ||||
-rwxr-xr-x | debian/rules | 4 |
5 files changed, 71 insertions, 23 deletions
diff --git a/debian/changelog b/debian/changelog index a588623bd..2c157e7ad 100644 --- a/debian/changelog +++ b/debian/changelog | |||
@@ -1,11 +1,28 @@ | |||
1 | openssh (1:3.8.1p1-6) UNRELEASED; urgency=low | 1 | openssh (1:3.8.1p1-8) unstable; urgency=high |
2 | |||
3 | * Matthew Vernon: | ||
4 | - Add a GPL exception to the licensing terms of the Debian patch | ||
5 | (closes: #211644). | ||
6 | |||
7 | -- Colin Watson <cjwatson@debian.org> Thu, 29 Jul 2004 13:28:47 +0100 | ||
8 | |||
9 | openssh (1:3.8.1p1-7) unstable; urgency=low | ||
10 | |||
11 | * Re-enable shadow password support in openssh-server-udeb, at Bastian | ||
12 | Blank's request (closes: #260800). | ||
13 | |||
14 | -- Colin Watson <cjwatson@debian.org> Thu, 22 Jul 2004 10:56:06 +0100 | ||
15 | |||
16 | openssh (1:3.8.1p1-6) unstable; urgency=low | ||
2 | 17 | ||
3 | * Implement hack in | 18 | * Implement hack in |
4 | http://lists.debian.org/debian-boot/2004/07/msg01207.html to get | 19 | http://lists.debian.org/debian-boot/2004/07/msg01207.html to get |
5 | openssh-client-udeb to show up as a retrievable debian-installer | 20 | openssh-client-udeb to show up as a retrievable debian-installer |
6 | component. | 21 | component. |
22 | * Generate host keys in postinst only if the relevant HostKey directives | ||
23 | are found in sshd_config (closes: #87946). | ||
7 | 24 | ||
8 | -- Colin Watson <cjwatson@debian.org> Mon, 19 Jul 2004 20:22:39 +0100 | 25 | -- Colin Watson <cjwatson@debian.org> Wed, 21 Jul 2004 15:14:46 +0100 |
9 | 26 | ||
10 | openssh (1:3.8.1p1-5) unstable; urgency=medium | 27 | openssh (1:3.8.1p1-5) unstable; urgency=medium |
11 | 28 | ||
diff --git a/debian/copyright.head b/debian/copyright.head index 6d95c8ae2..31658dbdf 100644 --- a/debian/copyright.head +++ b/debian/copyright.head | |||
@@ -13,6 +13,16 @@ original ssh package, which has since been renamed as ssh-nonfree. | |||
13 | The Debian patch is distributed under the terms of the GPL, which you | 13 | The Debian patch is distributed under the terms of the GPL, which you |
14 | can find in /usr/share/common-licenses/GPL. | 14 | can find in /usr/share/common-licenses/GPL. |
15 | 15 | ||
16 | In addition, as a special exception, Matthew Vernon gives permission | ||
17 | to link the code of the Debian patch with any version of the OpenSSH | ||
18 | code which is distributed under a license identical to that listed in | ||
19 | the included Copyright file, and distribute linked combinations | ||
20 | including the two. You must obey the GNU General Public License in | ||
21 | all respects for all of the code used other than OpenSSH. If you | ||
22 | modify this file, you may extend this exception to your version of the | ||
23 | file, but you are not obligated to do so. If you do not wish to do | ||
24 | so, delete this exception statement from your version. | ||
25 | |||
16 | The upstream source for this package is a combination of the ssh | 26 | The upstream source for this package is a combination of the ssh |
17 | branch that is being maintained by the OpenBSD team (starting from | 27 | branch that is being maintained by the OpenBSD team (starting from |
18 | the last version of SSH that was distributed under a free license), | 28 | the last version of SSH that was distributed under a free license), |
diff --git a/debian/openssh-client-udeb.isinstallable b/debian/openssh-client-udeb.isinstallable deleted file mode 100644 index 7591b6245..000000000 --- a/debian/openssh-client-udeb.isinstallable +++ /dev/null | |||
@@ -1,10 +0,0 @@ | |||
1 | #! /bin/sh | ||
2 | |||
3 | # This is a hack to arrange for openssh-client-udeb to show up as a | ||
4 | # retrievable debian-installer component in expert mode (due to the | ||
5 | # Installer-Menu-Item: control field) while not actually appearing on the | ||
6 | # d-i main menu. See: | ||
7 | # | ||
8 | # http://lists.debian.org/debian-boot/2004/07/msg01207.html | ||
9 | |||
10 | exit 1 | ||
diff --git a/debian/postinst b/debian/postinst index ac5e1c555..1baae1677 100644 --- a/debian/postinst +++ b/debian/postinst | |||
@@ -27,13 +27,45 @@ check_idea_key() { | |||
27 | } | 27 | } |
28 | 28 | ||
29 | 29 | ||
30 | get_config_option() { | ||
31 | option="$1" | ||
32 | |||
33 | # TODO: actually only one '=' allowed after option | ||
34 | perl -ne 'print if s/^[[:space:]]*'"$option"'[[:space:]=]+//i' \ | ||
35 | /etc/ssh/sshd_config | ||
36 | } | ||
37 | |||
38 | |||
39 | host_keys_required() { | ||
40 | hostkeys="$(get_config_option HostKey)" | ||
41 | if [ "$hostkeys" ]; then | ||
42 | echo "$hostkeys" | ||
43 | else | ||
44 | # No HostKey directives at all, so the server picks some | ||
45 | # defaults depending on the setting of Protocol. | ||
46 | protocol="$(get_config_option Protocol)" | ||
47 | [ "$protocol" ] || protocol=1,2 | ||
48 | if echo "$protocol" | grep 1 >/dev/null; then | ||
49 | echo /etc/ssh/ssh_host_key | ||
50 | fi | ||
51 | if echo "$protocol" | grep 2 >/dev/null; then | ||
52 | echo /etc/ssh/ssh_host_rsa_key | ||
53 | echo /etc/ssh/ssh_host_dsa_key | ||
54 | fi | ||
55 | fi | ||
56 | } | ||
57 | |||
58 | |||
30 | create_key() { | 59 | create_key() { |
31 | msg="$1" | 60 | msg="$1" |
32 | shift | 61 | shift |
62 | hostkeys="$1" | ||
63 | shift | ||
33 | file="$1" | 64 | file="$1" |
34 | shift | 65 | shift |
35 | 66 | ||
36 | if [ ! -f "$file" ] ; then | 67 | if echo "$hostkeys" | grep -x "$file" >/dev/null && \ |
68 | [ ! -f "$file" ] ; then | ||
37 | echo -n $msg | 69 | echo -n $msg |
38 | ssh-keygen -q -f "$file" -N '' "$@" | 70 | ssh-keygen -q -f "$file" -N '' "$@" |
39 | echo | 71 | echo |
@@ -42,16 +74,15 @@ create_key() { | |||
42 | 74 | ||
43 | 75 | ||
44 | create_keys() { | 76 | create_keys() { |
45 | db_get ssh/protocol2_only | 77 | hostkeys="$(host_keys_required)" |
46 | if [ "$RET" = "false" ] ; then | 78 | |
47 | create_key "Creating SSH1 key; this may take some time ..." \ | 79 | create_key "Creating SSH1 key; this may take some time ..." \ |
48 | /etc/ssh/ssh_host_key -t rsa1 | 80 | "$hostkeys" /etc/ssh/ssh_host_key -t rsa1 |
49 | fi | ||
50 | 81 | ||
51 | create_key "Creating SSH2 RSA key; this may take some time ..." \ | 82 | create_key "Creating SSH2 RSA key; this may take some time ..." \ |
52 | /etc/ssh/ssh_host_rsa_key -t rsa | 83 | "$hostkeys" /etc/ssh/ssh_host_rsa_key -t rsa |
53 | create_key "Creating SSH2 DSA key; this may take some time ..." \ | 84 | create_key "Creating SSH2 DSA key; this may take some time ..." \ |
54 | /etc/ssh/ssh_host_dsa_key -t dsa | 85 | "$hostkeys" /etc/ssh/ssh_host_dsa_key -t dsa |
55 | } | 86 | } |
56 | 87 | ||
57 | 88 | ||
@@ -304,9 +335,9 @@ setup_init() { | |||
304 | fi | 335 | fi |
305 | } | 336 | } |
306 | 337 | ||
338 | create_sshdconfig | ||
307 | check_idea_key | 339 | check_idea_key |
308 | create_keys | 340 | create_keys |
309 | create_sshdconfig | ||
310 | fix_rsh_diversion | 341 | fix_rsh_diversion |
311 | fix_statoverride | 342 | fix_statoverride |
312 | create_alternatives | 343 | create_alternatives |
diff --git a/debian/rules b/debian/rules index 6fdfcc494..4960ad921 100755 --- a/debian/rules +++ b/debian/rules | |||
@@ -75,7 +75,7 @@ build-udeb: build-udeb-stamp | |||
75 | build-udeb-stamp: | 75 | build-udeb-stamp: |
76 | dh_testdir | 76 | dh_testdir |
77 | mkdir -p build-udeb | 77 | mkdir -p build-udeb |
78 | cd build-udeb && $(FORCE_LIBS) ../configure --prefix=/usr --sysconfdir=/etc/ssh --without-xauth --with-default-path=/usr/local/bin:/bin:/usr/bin --with-superuser-path=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin --with-4in6 --with-privsep-path=/var/run/sshd --without-rand-helper --without-shadow | 78 | cd build-udeb && $(FORCE_LIBS) ../configure --prefix=/usr --sysconfdir=/etc/ssh --without-xauth --with-default-path=/usr/local/bin:/bin:/usr/bin --with-superuser-path=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin --with-4in6 --with-privsep-path=/var/run/sshd --without-rand-helper |
79 | # Avoid libnsl linkage. Ugh. | 79 | # Avoid libnsl linkage. Ugh. |
80 | perl -pi -e 's/ +-lnsl//' build-udeb/config.status | 80 | perl -pi -e 's/ +-lnsl//' build-udeb/config.status |
81 | cd build-udeb && ./config.status | 81 | cd build-udeb && ./config.status |
@@ -215,7 +215,7 @@ binary-openssh-client-udeb: build install | |||
215 | dh_compress | 215 | dh_compress |
216 | dh_fixperms | 216 | dh_fixperms |
217 | dh_installdeb | 217 | dh_installdeb |
218 | cp -a debian/openssh-client-udeb.isinstallable debian/openssh-client-udeb/DEBIAN/isinstallable | 218 | install -p -o root -g root -m 755 debian/openssh-client-udeb.isinstallable debian/openssh-client-udeb/DEBIAN/isinstallable |
219 | dh_shlibdeps | 219 | dh_shlibdeps |
220 | dh_gencontrol -- -fdebian/files~ | 220 | dh_gencontrol -- -fdebian/files~ |
221 | dpkg-distaddfile $(CLIENT_UDEB) debian-installer optional | 221 | dpkg-distaddfile $(CLIENT_UDEB) debian-installer optional |