diff options
Diffstat (limited to 'debian')
| -rw-r--r-- | debian/changelog | 21 | ||||
| -rw-r--r-- | debian/copyright.head | 10 | ||||
| -rw-r--r-- | debian/openssh-client-udeb.isinstallable | 10 | ||||
| -rw-r--r-- | debian/postinst | 49 | ||||
| -rwxr-xr-x | debian/rules | 4 |
5 files changed, 71 insertions, 23 deletions
diff --git a/debian/changelog b/debian/changelog index a588623bd..2c157e7ad 100644 --- a/debian/changelog +++ b/debian/changelog | |||
| @@ -1,11 +1,28 @@ | |||
| 1 | openssh (1:3.8.1p1-6) UNRELEASED; urgency=low | 1 | openssh (1:3.8.1p1-8) unstable; urgency=high |
| 2 | |||
| 3 | * Matthew Vernon: | ||
| 4 | - Add a GPL exception to the licensing terms of the Debian patch | ||
| 5 | (closes: #211644). | ||
| 6 | |||
| 7 | -- Colin Watson <cjwatson@debian.org> Thu, 29 Jul 2004 13:28:47 +0100 | ||
| 8 | |||
| 9 | openssh (1:3.8.1p1-7) unstable; urgency=low | ||
| 10 | |||
| 11 | * Re-enable shadow password support in openssh-server-udeb, at Bastian | ||
| 12 | Blank's request (closes: #260800). | ||
| 13 | |||
| 14 | -- Colin Watson <cjwatson@debian.org> Thu, 22 Jul 2004 10:56:06 +0100 | ||
| 15 | |||
| 16 | openssh (1:3.8.1p1-6) unstable; urgency=low | ||
| 2 | 17 | ||
| 3 | * Implement hack in | 18 | * Implement hack in |
| 4 | http://lists.debian.org/debian-boot/2004/07/msg01207.html to get | 19 | http://lists.debian.org/debian-boot/2004/07/msg01207.html to get |
| 5 | openssh-client-udeb to show up as a retrievable debian-installer | 20 | openssh-client-udeb to show up as a retrievable debian-installer |
| 6 | component. | 21 | component. |
| 22 | * Generate host keys in postinst only if the relevant HostKey directives | ||
| 23 | are found in sshd_config (closes: #87946). | ||
| 7 | 24 | ||
| 8 | -- Colin Watson <cjwatson@debian.org> Mon, 19 Jul 2004 20:22:39 +0100 | 25 | -- Colin Watson <cjwatson@debian.org> Wed, 21 Jul 2004 15:14:46 +0100 |
| 9 | 26 | ||
| 10 | openssh (1:3.8.1p1-5) unstable; urgency=medium | 27 | openssh (1:3.8.1p1-5) unstable; urgency=medium |
| 11 | 28 | ||
diff --git a/debian/copyright.head b/debian/copyright.head index 6d95c8ae2..31658dbdf 100644 --- a/debian/copyright.head +++ b/debian/copyright.head | |||
| @@ -13,6 +13,16 @@ original ssh package, which has since been renamed as ssh-nonfree. | |||
| 13 | The Debian patch is distributed under the terms of the GPL, which you | 13 | The Debian patch is distributed under the terms of the GPL, which you |
| 14 | can find in /usr/share/common-licenses/GPL. | 14 | can find in /usr/share/common-licenses/GPL. |
| 15 | 15 | ||
| 16 | In addition, as a special exception, Matthew Vernon gives permission | ||
| 17 | to link the code of the Debian patch with any version of the OpenSSH | ||
| 18 | code which is distributed under a license identical to that listed in | ||
| 19 | the included Copyright file, and distribute linked combinations | ||
| 20 | including the two. You must obey the GNU General Public License in | ||
| 21 | all respects for all of the code used other than OpenSSH. If you | ||
| 22 | modify this file, you may extend this exception to your version of the | ||
| 23 | file, but you are not obligated to do so. If you do not wish to do | ||
| 24 | so, delete this exception statement from your version. | ||
| 25 | |||
| 16 | The upstream source for this package is a combination of the ssh | 26 | The upstream source for this package is a combination of the ssh |
| 17 | branch that is being maintained by the OpenBSD team (starting from | 27 | branch that is being maintained by the OpenBSD team (starting from |
| 18 | the last version of SSH that was distributed under a free license), | 28 | the last version of SSH that was distributed under a free license), |
diff --git a/debian/openssh-client-udeb.isinstallable b/debian/openssh-client-udeb.isinstallable deleted file mode 100644 index 7591b6245..000000000 --- a/debian/openssh-client-udeb.isinstallable +++ /dev/null | |||
| @@ -1,10 +0,0 @@ | |||
| 1 | #! /bin/sh | ||
| 2 | |||
| 3 | # This is a hack to arrange for openssh-client-udeb to show up as a | ||
| 4 | # retrievable debian-installer component in expert mode (due to the | ||
| 5 | # Installer-Menu-Item: control field) while not actually appearing on the | ||
| 6 | # d-i main menu. See: | ||
| 7 | # | ||
| 8 | # http://lists.debian.org/debian-boot/2004/07/msg01207.html | ||
| 9 | |||
| 10 | exit 1 | ||
diff --git a/debian/postinst b/debian/postinst index ac5e1c555..1baae1677 100644 --- a/debian/postinst +++ b/debian/postinst | |||
| @@ -27,13 +27,45 @@ check_idea_key() { | |||
| 27 | } | 27 | } |
| 28 | 28 | ||
| 29 | 29 | ||
| 30 | get_config_option() { | ||
| 31 | option="$1" | ||
| 32 | |||
| 33 | # TODO: actually only one '=' allowed after option | ||
| 34 | perl -ne 'print if s/^[[:space:]]*'"$option"'[[:space:]=]+//i' \ | ||
| 35 | /etc/ssh/sshd_config | ||
| 36 | } | ||
| 37 | |||
| 38 | |||
| 39 | host_keys_required() { | ||
| 40 | hostkeys="$(get_config_option HostKey)" | ||
| 41 | if [ "$hostkeys" ]; then | ||
| 42 | echo "$hostkeys" | ||
| 43 | else | ||
| 44 | # No HostKey directives at all, so the server picks some | ||
| 45 | # defaults depending on the setting of Protocol. | ||
| 46 | protocol="$(get_config_option Protocol)" | ||
| 47 | [ "$protocol" ] || protocol=1,2 | ||
| 48 | if echo "$protocol" | grep 1 >/dev/null; then | ||
| 49 | echo /etc/ssh/ssh_host_key | ||
| 50 | fi | ||
| 51 | if echo "$protocol" | grep 2 >/dev/null; then | ||
| 52 | echo /etc/ssh/ssh_host_rsa_key | ||
| 53 | echo /etc/ssh/ssh_host_dsa_key | ||
| 54 | fi | ||
| 55 | fi | ||
| 56 | } | ||
| 57 | |||
| 58 | |||
| 30 | create_key() { | 59 | create_key() { |
| 31 | msg="$1" | 60 | msg="$1" |
| 32 | shift | 61 | shift |
| 62 | hostkeys="$1" | ||
| 63 | shift | ||
| 33 | file="$1" | 64 | file="$1" |
| 34 | shift | 65 | shift |
| 35 | 66 | ||
| 36 | if [ ! -f "$file" ] ; then | 67 | if echo "$hostkeys" | grep -x "$file" >/dev/null && \ |
| 68 | [ ! -f "$file" ] ; then | ||
| 37 | echo -n $msg | 69 | echo -n $msg |
| 38 | ssh-keygen -q -f "$file" -N '' "$@" | 70 | ssh-keygen -q -f "$file" -N '' "$@" |
| 39 | echo | 71 | echo |
| @@ -42,16 +74,15 @@ create_key() { | |||
| 42 | 74 | ||
| 43 | 75 | ||
| 44 | create_keys() { | 76 | create_keys() { |
| 45 | db_get ssh/protocol2_only | 77 | hostkeys="$(host_keys_required)" |
| 46 | if [ "$RET" = "false" ] ; then | 78 | |
| 47 | create_key "Creating SSH1 key; this may take some time ..." \ | 79 | create_key "Creating SSH1 key; this may take some time ..." \ |
| 48 | /etc/ssh/ssh_host_key -t rsa1 | 80 | "$hostkeys" /etc/ssh/ssh_host_key -t rsa1 |
| 49 | fi | ||
| 50 | 81 | ||
| 51 | create_key "Creating SSH2 RSA key; this may take some time ..." \ | 82 | create_key "Creating SSH2 RSA key; this may take some time ..." \ |
| 52 | /etc/ssh/ssh_host_rsa_key -t rsa | 83 | "$hostkeys" /etc/ssh/ssh_host_rsa_key -t rsa |
| 53 | create_key "Creating SSH2 DSA key; this may take some time ..." \ | 84 | create_key "Creating SSH2 DSA key; this may take some time ..." \ |
| 54 | /etc/ssh/ssh_host_dsa_key -t dsa | 85 | "$hostkeys" /etc/ssh/ssh_host_dsa_key -t dsa |
| 55 | } | 86 | } |
| 56 | 87 | ||
| 57 | 88 | ||
| @@ -304,9 +335,9 @@ setup_init() { | |||
| 304 | fi | 335 | fi |
| 305 | } | 336 | } |
| 306 | 337 | ||
| 338 | create_sshdconfig | ||
| 307 | check_idea_key | 339 | check_idea_key |
| 308 | create_keys | 340 | create_keys |
| 309 | create_sshdconfig | ||
| 310 | fix_rsh_diversion | 341 | fix_rsh_diversion |
| 311 | fix_statoverride | 342 | fix_statoverride |
| 312 | create_alternatives | 343 | create_alternatives |
diff --git a/debian/rules b/debian/rules index 6fdfcc494..4960ad921 100755 --- a/debian/rules +++ b/debian/rules | |||
| @@ -75,7 +75,7 @@ build-udeb: build-udeb-stamp | |||
| 75 | build-udeb-stamp: | 75 | build-udeb-stamp: |
| 76 | dh_testdir | 76 | dh_testdir |
| 77 | mkdir -p build-udeb | 77 | mkdir -p build-udeb |
| 78 | cd build-udeb && $(FORCE_LIBS) ../configure --prefix=/usr --sysconfdir=/etc/ssh --without-xauth --with-default-path=/usr/local/bin:/bin:/usr/bin --with-superuser-path=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin --with-4in6 --with-privsep-path=/var/run/sshd --without-rand-helper --without-shadow | 78 | cd build-udeb && $(FORCE_LIBS) ../configure --prefix=/usr --sysconfdir=/etc/ssh --without-xauth --with-default-path=/usr/local/bin:/bin:/usr/bin --with-superuser-path=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin --with-4in6 --with-privsep-path=/var/run/sshd --without-rand-helper |
| 79 | # Avoid libnsl linkage. Ugh. | 79 | # Avoid libnsl linkage. Ugh. |
| 80 | perl -pi -e 's/ +-lnsl//' build-udeb/config.status | 80 | perl -pi -e 's/ +-lnsl//' build-udeb/config.status |
| 81 | cd build-udeb && ./config.status | 81 | cd build-udeb && ./config.status |
| @@ -215,7 +215,7 @@ binary-openssh-client-udeb: build install | |||
| 215 | dh_compress | 215 | dh_compress |
| 216 | dh_fixperms | 216 | dh_fixperms |
| 217 | dh_installdeb | 217 | dh_installdeb |
| 218 | cp -a debian/openssh-client-udeb.isinstallable debian/openssh-client-udeb/DEBIAN/isinstallable | 218 | install -p -o root -g root -m 755 debian/openssh-client-udeb.isinstallable debian/openssh-client-udeb/DEBIAN/isinstallable |
| 219 | dh_shlibdeps | 219 | dh_shlibdeps |
| 220 | dh_gencontrol -- -fdebian/files~ | 220 | dh_gencontrol -- -fdebian/files~ |
| 221 | dpkg-distaddfile $(CLIENT_UDEB) debian-installer optional | 221 | dpkg-distaddfile $(CLIENT_UDEB) debian-installer optional |