diff options
author | Scott Garman <scott.a.garman@intel.com> | 2011-06-05 16:39:32 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2011-06-07 21:38:34 +0100 |
commit | 4555c2bd7bcb721b7bba9e2f752896f54bf9a7f3 (patch) | |
tree | cc15ac6a84289848b4096509771111afbd54119a /meta/recipes-connectivity/openssh/openssh-5.8p2 | |
parent | 9c425c3590cb5e8bcbc24c2b6c54bceba74fe2f1 (diff) | |
download | poky-4555c2bd7bcb721b7bba9e2f752896f54bf9a7f3.tar.gz |
openssh: upgrade to v5.8p2
LICENCE checksum updated due to a one-line change in the file (RedHat
was added as a copyright holder).
(From OE-Core rev: 969cdde4541819ef5123a77391d870843aff0b55)
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/openssh/openssh-5.8p2')
4 files changed, 273 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh-5.8p2/init b/meta/recipes-connectivity/openssh/openssh-5.8p2/init new file mode 100644 index 0000000000..b16cbd61a6 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh-5.8p2/init | |||
@@ -0,0 +1,88 @@ | |||
1 | #! /bin/sh | ||
2 | set -e | ||
3 | |||
4 | # /etc/init.d/ssh: start and stop the OpenBSD "secure shell" daemon | ||
5 | |||
6 | test -x /usr/sbin/sshd || exit 0 | ||
7 | ( /usr/sbin/sshd -\? 2>&1 | grep -q OpenSSH ) 2>/dev/null || exit 0 | ||
8 | |||
9 | if test -f /etc/default/ssh; then | ||
10 | . /etc/default/ssh | ||
11 | fi | ||
12 | |||
13 | check_for_no_start() { | ||
14 | # forget it if we're trying to start, and /etc/ssh/sshd_not_to_be_run exists | ||
15 | if [ -e /etc/ssh/sshd_not_to_be_run ]; then | ||
16 | echo "OpenBSD Secure Shell server not in use (/etc/ssh/sshd_not_to_be_run)" | ||
17 | exit 0 | ||
18 | fi | ||
19 | } | ||
20 | |||
21 | check_privsep_dir() { | ||
22 | # Create the PrivSep empty dir if necessary | ||
23 | if [ ! -d /var/run/sshd ]; then | ||
24 | mkdir /var/run/sshd | ||
25 | chmod 0755 /var/run/sshd | ||
26 | fi | ||
27 | } | ||
28 | |||
29 | check_config() { | ||
30 | /usr/sbin/sshd -t || exit 1 | ||
31 | } | ||
32 | |||
33 | check_keys() { | ||
34 | # create keys if necessary | ||
35 | if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then | ||
36 | echo " generating ssh RSA key..." | ||
37 | ssh-keygen -q -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa | ||
38 | fi | ||
39 | if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then | ||
40 | echo " generating ssh DSA key..." | ||
41 | ssh-keygen -q -f /etc/ssh/ssh_host_dsa_key -N '' -t dsa | ||
42 | fi | ||
43 | } | ||
44 | |||
45 | export PATH="${PATH:+$PATH:}/usr/sbin:/sbin" | ||
46 | |||
47 | case "$1" in | ||
48 | start) | ||
49 | check_for_no_start | ||
50 | echo "Starting OpenBSD Secure Shell server: sshd" | ||
51 | check_keys | ||
52 | check_privsep_dir | ||
53 | start-stop-daemon -S -x /usr/sbin/sshd -- $SSHD_OPTS | ||
54 | echo "done." | ||
55 | ;; | ||
56 | stop) | ||
57 | echo -n "Stopping OpenBSD Secure Shell server: sshd" | ||
58 | start-stop-daemon -K -x /usr/sbin/sshd | ||
59 | echo "." | ||
60 | ;; | ||
61 | |||
62 | reload|force-reload) | ||
63 | check_for_no_start | ||
64 | check_keys | ||
65 | check_config | ||
66 | echo -n "Reloading OpenBSD Secure Shell server's configuration" | ||
67 | start-stop-daemon -K -s 1 -x /usr/sbin/sshd | ||
68 | echo "." | ||
69 | ;; | ||
70 | |||
71 | restart) | ||
72 | check_keys | ||
73 | check_config | ||
74 | echo -n "Restarting OpenBSD Secure Shell server: sshd" | ||
75 | start-stop-daemon -K -x /usr/sbin/sshd | ||
76 | check_for_no_start | ||
77 | check_privsep_dir | ||
78 | sleep 2 | ||
79 | start-stop-daemon -S -x /usr/sbin/sshd -- $SSHD_OPTS | ||
80 | echo "." | ||
81 | ;; | ||
82 | |||
83 | *) | ||
84 | echo "Usage: /etc/init.d/ssh {start|stop|reload|force-reload|restart}" | ||
85 | exit 1 | ||
86 | esac | ||
87 | |||
88 | exit 0 | ||
diff --git a/meta/recipes-connectivity/openssh/openssh-5.8p2/nostrip.patch b/meta/recipes-connectivity/openssh/openssh-5.8p2/nostrip.patch new file mode 100644 index 0000000000..33111f5494 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh-5.8p2/nostrip.patch | |||
@@ -0,0 +1,20 @@ | |||
1 | Disable stripping binaries during make install. | ||
2 | |||
3 | Upstream-Status: Inappropriate [configuration] | ||
4 | |||
5 | Build system specific. | ||
6 | |||
7 | Signed-off-by: Scott Garman <scott.a.garman@intel.com> | ||
8 | |||
9 | diff -ur openssh-5.6p1.orig/Makefile.in openssh-5.6p1/Makefile.in | ||
10 | --- openssh-5.6p1.orig/Makefile.in 2010-05-11 23:51:39.000000000 -0700 | ||
11 | +++ openssh-5.6p1/Makefile.in 2010-08-30 16:49:54.000000000 -0700 | ||
12 | @@ -29,7 +29,7 @@ | ||
13 | RAND_HELPER=$(libexecdir)/ssh-rand-helper | ||
14 | PRIVSEP_PATH=@PRIVSEP_PATH@ | ||
15 | SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@ | ||
16 | -STRIP_OPT=@STRIP_OPT@ | ||
17 | +STRIP_OPT= | ||
18 | |||
19 | PATHS= -DSSHDIR=\"$(sysconfdir)\" \ | ||
20 | -D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \ | ||
diff --git a/meta/recipes-connectivity/openssh/openssh-5.8p2/ssh_config b/meta/recipes-connectivity/openssh/openssh-5.8p2/ssh_config new file mode 100644 index 0000000000..4a4a649ba8 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh-5.8p2/ssh_config | |||
@@ -0,0 +1,46 @@ | |||
1 | # $OpenBSD: ssh_config,v 1.25 2009/02/17 01:28:32 djm Exp $ | ||
2 | |||
3 | # This is the ssh client system-wide configuration file. See | ||
4 | # ssh_config(5) for more information. This file provides defaults for | ||
5 | # users, and the values can be changed in per-user configuration files | ||
6 | # or on the command line. | ||
7 | |||
8 | # Configuration data is parsed as follows: | ||
9 | # 1. command line options | ||
10 | # 2. user-specific file | ||
11 | # 3. system-wide file | ||
12 | # Any configuration value is only changed the first time it is set. | ||
13 | # Thus, host-specific definitions should be at the beginning of the | ||
14 | # configuration file, and defaults at the end. | ||
15 | |||
16 | # Site-wide defaults for some commonly used options. For a comprehensive | ||
17 | # list of available options, their meanings and defaults, please see the | ||
18 | # ssh_config(5) man page. | ||
19 | |||
20 | Host * | ||
21 | ForwardAgent yes | ||
22 | ForwardX11 yes | ||
23 | # RhostsRSAAuthentication no | ||
24 | # RSAAuthentication yes | ||
25 | # PasswordAuthentication yes | ||
26 | # HostbasedAuthentication no | ||
27 | # GSSAPIAuthentication no | ||
28 | # GSSAPIDelegateCredentials no | ||
29 | # BatchMode no | ||
30 | # CheckHostIP yes | ||
31 | # AddressFamily any | ||
32 | # ConnectTimeout 0 | ||
33 | # StrictHostKeyChecking ask | ||
34 | # IdentityFile ~/.ssh/identity | ||
35 | # IdentityFile ~/.ssh/id_rsa | ||
36 | # IdentityFile ~/.ssh/id_dsa | ||
37 | # Port 22 | ||
38 | # Protocol 2,1 | ||
39 | # Cipher 3des | ||
40 | # Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc | ||
41 | # MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160 | ||
42 | # EscapeChar ~ | ||
43 | # Tunnel no | ||
44 | # TunnelDevice any:any | ||
45 | # PermitLocalCommand no | ||
46 | # VisualHostKey no | ||
diff --git a/meta/recipes-connectivity/openssh/openssh-5.8p2/sshd_config b/meta/recipes-connectivity/openssh/openssh-5.8p2/sshd_config new file mode 100644 index 0000000000..4f9b626fbd --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh-5.8p2/sshd_config | |||
@@ -0,0 +1,119 @@ | |||
1 | # $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $ | ||
2 | |||
3 | # This is the sshd server system-wide configuration file. See | ||
4 | # sshd_config(5) for more information. | ||
5 | |||
6 | # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin | ||
7 | |||
8 | # The strategy used for options in the default sshd_config shipped with | ||
9 | # OpenSSH is to specify options with their default value where | ||
10 | # possible, but leave them commented. Uncommented options change a | ||
11 | # default value. | ||
12 | |||
13 | #Port 22 | ||
14 | #AddressFamily any | ||
15 | #ListenAddress 0.0.0.0 | ||
16 | #ListenAddress :: | ||
17 | |||
18 | # Disable legacy (protocol version 1) support in the server for new | ||
19 | # installations. In future the default will change to require explicit | ||
20 | # activation of protocol 1 | ||
21 | Protocol 2 | ||
22 | |||
23 | # HostKey for protocol version 1 | ||
24 | #HostKey /etc/ssh/ssh_host_key | ||
25 | # HostKeys for protocol version 2 | ||
26 | #HostKey /etc/ssh/ssh_host_rsa_key | ||
27 | #HostKey /etc/ssh/ssh_host_dsa_key | ||
28 | |||
29 | # Lifetime and size of ephemeral version 1 server key | ||
30 | #KeyRegenerationInterval 1h | ||
31 | #ServerKeyBits 1024 | ||
32 | |||
33 | # Logging | ||
34 | # obsoletes QuietMode and FascistLogging | ||
35 | #SyslogFacility AUTH | ||
36 | #LogLevel INFO | ||
37 | |||
38 | # Authentication: | ||
39 | |||
40 | #LoginGraceTime 2m | ||
41 | #PermitRootLogin yes | ||
42 | #StrictModes yes | ||
43 | #MaxAuthTries 6 | ||
44 | #MaxSessions 10 | ||
45 | |||
46 | #RSAAuthentication yes | ||
47 | #PubkeyAuthentication yes | ||
48 | #AuthorizedKeysFile .ssh/authorized_keys | ||
49 | |||
50 | # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts | ||
51 | #RhostsRSAAuthentication no | ||
52 | # similar for protocol version 2 | ||
53 | #HostbasedAuthentication no | ||
54 | # Change to yes if you don't trust ~/.ssh/known_hosts for | ||
55 | # RhostsRSAAuthentication and HostbasedAuthentication | ||
56 | #IgnoreUserKnownHosts no | ||
57 | # Don't read the user's ~/.rhosts and ~/.shosts files | ||
58 | #IgnoreRhosts yes | ||
59 | |||
60 | # To disable tunneled clear text passwords, change to no here! | ||
61 | #PasswordAuthentication yes | ||
62 | #PermitEmptyPasswords no | ||
63 | |||
64 | # Change to no to disable s/key passwords | ||
65 | #ChallengeResponseAuthentication yes | ||
66 | |||
67 | # Kerberos options | ||
68 | #KerberosAuthentication no | ||
69 | #KerberosOrLocalPasswd yes | ||
70 | #KerberosTicketCleanup yes | ||
71 | #KerberosGetAFSToken no | ||
72 | |||
73 | # GSSAPI options | ||
74 | #GSSAPIAuthentication no | ||
75 | #GSSAPICleanupCredentials yes | ||
76 | |||
77 | # Set this to 'yes' to enable PAM authentication, account processing, | ||
78 | # and session processing. If this is enabled, PAM authentication will | ||
79 | # be allowed through the ChallengeResponseAuthentication and | ||
80 | # PasswordAuthentication. Depending on your PAM configuration, | ||
81 | # PAM authentication via ChallengeResponseAuthentication may bypass | ||
82 | # the setting of "PermitRootLogin without-password". | ||
83 | # If you just want the PAM account and session checks to run without | ||
84 | # PAM authentication, then enable this but set PasswordAuthentication | ||
85 | # and ChallengeResponseAuthentication to 'no'. | ||
86 | #UsePAM no | ||
87 | |||
88 | #AllowAgentForwarding yes | ||
89 | #AllowTcpForwarding yes | ||
90 | #GatewayPorts no | ||
91 | #X11Forwarding no | ||
92 | #X11DisplayOffset 10 | ||
93 | #X11UseLocalhost yes | ||
94 | #PrintMotd yes | ||
95 | #PrintLastLog yes | ||
96 | #TCPKeepAlive yes | ||
97 | #UseLogin no | ||
98 | UsePrivilegeSeparation yes | ||
99 | #PermitUserEnvironment no | ||
100 | Compression no | ||
101 | ClientAliveInterval 15 | ||
102 | ClientAliveCountMax 4 | ||
103 | #UseDNS yes | ||
104 | #PidFile /var/run/sshd.pid | ||
105 | #MaxStartups 10 | ||
106 | #PermitTunnel no | ||
107 | #ChrootDirectory none | ||
108 | |||
109 | # no default banner path | ||
110 | #Banner none | ||
111 | |||
112 | # override default of no subsystems | ||
113 | Subsystem sftp /usr/libexec/sftp-server | ||
114 | |||
115 | # Example of overriding settings on a per-user basis | ||
116 | #Match User anoncvs | ||
117 | # X11Forwarding no | ||
118 | # AllowTcpForwarding no | ||
119 | # ForceCommand cvs server | ||