diff options
Diffstat (limited to 'contrib')
-rw-r--r-- | contrib/README | 6 | ||||
-rwxr-xr-x | contrib/aix/buildbff.sh | 50 | ||||
-rwxr-xr-x | contrib/aix/inventory.sh | 4 | ||||
-rwxr-xr-x | contrib/caldera/ssh-host-keygen | 8 | ||||
-rwxr-xr-x | contrib/caldera/sshd.init | 8 | ||||
-rw-r--r-- | contrib/cygwin/README | 4 | ||||
-rw-r--r-- | contrib/cygwin/ssh-host-config | 18 | ||||
-rw-r--r-- | contrib/findssl.sh | 16 | ||||
-rw-r--r-- | contrib/gnome-ssh-askpass1.c | 14 | ||||
-rw-r--r-- | contrib/gnome-ssh-askpass2.c | 14 | ||||
-rw-r--r-- | contrib/redhat/openssh.spec | 6 | ||||
-rw-r--r-- | contrib/solaris/README | 2 | ||||
-rwxr-xr-x | contrib/solaris/buildpkg.sh | 58 | ||||
-rwxr-xr-x | contrib/solaris/opensshd.in | 16 | ||||
-rw-r--r-- | contrib/suse/openssh.spec | 24 |
15 files changed, 124 insertions, 124 deletions
diff --git a/contrib/README b/contrib/README index 67dbbd277..9de3d961d 100644 --- a/contrib/README +++ b/contrib/README @@ -1,4 +1,4 @@ -Other patches and addons for OpenSSH. Please send submissions to +Other patches and addons for OpenSSH. Please send submissions to djm@mindrot.org Externally maintained @@ -7,7 +7,7 @@ Externally maintained SSH Proxy Command -- connect.c Shun-ichi GOTO <gotoh@imasy.or.jp> has written a very useful ProxyCommand -which allows the use of outbound SSH from behind a SOCKS4, SOCKS5 or +which allows the use of outbound SSH from behind a SOCKS4, SOCKS5 or https CONNECT style proxy server. His page for connect.c has extensive documentation on its use as well as compiled versions for Win32. @@ -47,7 +47,7 @@ Dominik Brettnacher <domi@saargate.de> mdoc2man.pl: Converts mdoc formated manpages into normal manpages. This can be used -on Solaris machines to provide manpages that are not preformated. +on Solaris machines to provide manpages that are not preformated. Contributed by Mark D. Roth <roth@feep.net> redhat: diff --git a/contrib/aix/buildbff.sh b/contrib/aix/buildbff.sh index 727ac446d..4a5c32b0e 100755 --- a/contrib/aix/buildbff.sh +++ b/contrib/aix/buildbff.sh @@ -1,12 +1,12 @@ #!/bin/sh # # buildbff.sh: Create AIX SMIT-installable OpenSSH packages -# $Id: buildbff.sh,v 1.6 2003/08/25 05:01:04 dtucker Exp $ +# $Id: buildbff.sh,v 1.7 2003/11/21 12:48:56 djm Exp $ # # Author: Darren Tucker (dtucker at zip dot com dot au) # This file is placed in the public domain and comes with absolutely # no warranty. -# +# # Based originally on Ben Lindstrom's buildpkg.sh for Solaris # @@ -45,7 +45,7 @@ fi if [ ! -f Makefile ] then echo "Makefile not found (did you run configure?)" - exit 1 + exit 1 fi # @@ -96,12 +96,12 @@ then PRIVSEP_PATH=/var/empty fi -# Clean package build directory +# Clean package build directory rm -rf $objdir/$PKGDIR FAKE_ROOT=$objdir/$PKGDIR/root mkdir -p $FAKE_ROOT -# Start by faking root install +# Start by faking root install echo "Faking root install..." cd $objdir make install-nokeys DESTDIR=$FAKE_ROOT @@ -136,15 +136,15 @@ echo "Building BFF for $PKGNAME $VERSION (package version $BFFVERSION)" # # Set ssh and sshd parameters as per config.local # -if [ "${PERMIT_ROOT_LOGIN}" = no ] +if [ "${PERMIT_ROOT_LOGIN}" = no ] then - perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ - $FAKE_ROOT/${sysconfdir}/sshd_config + perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ + $FAKE_ROOT/${sysconfdir}/sshd_config fi if [ "${X11_FORWARDING}" = yes ] then - perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \ - $FAKE_ROOT/${sysconfdir}/sshd_config + perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \ + $FAKE_ROOT/${sysconfdir}/sshd_config fi @@ -190,13 +190,13 @@ cat <<EOF >>../openssh.post_i echo Creating configs from defaults if necessary. for cfgfile in ssh_config sshd_config ssh_prng_cmds do - if [ ! -f $sysconfdir/\$cfgfile ] - then - echo "Creating \$cfgfile from default" - cp $sysconfdir/\$cfgfile.default $sysconfdir/\$cfgfile - else - echo "\$cfgfile already exists." - fi + if [ ! -f $sysconfdir/\$cfgfile ] + then + echo "Creating \$cfgfile from default" + cp $sysconfdir/\$cfgfile.default $sysconfdir/\$cfgfile + else + echo "\$cfgfile already exists." + fi done echo @@ -244,19 +244,19 @@ echo # Generate keys unless they already exist echo Creating host keys if required. if [ -f "$sysconfdir/ssh_host_key" ] ; then - echo "$sysconfdir/ssh_host_key already exists, skipping." + echo "$sysconfdir/ssh_host_key already exists, skipping." else - $bindir/ssh-keygen -t rsa1 -f $sysconfdir/ssh_host_key -N "" + $bindir/ssh-keygen -t rsa1 -f $sysconfdir/ssh_host_key -N "" fi if [ -f $sysconfdir/ssh_host_dsa_key ] ; then - echo "$sysconfdir/ssh_host_dsa_key already exists, skipping." + echo "$sysconfdir/ssh_host_dsa_key already exists, skipping." else - $bindir/ssh-keygen -t dsa -f $sysconfdir/ssh_host_dsa_key -N "" + $bindir/ssh-keygen -t dsa -f $sysconfdir/ssh_host_dsa_key -N "" fi if [ -f $sysconfdir/ssh_host_rsa_key ] ; then - echo "$sysconfdir/ssh_host_rsa_key already exists, skipping." -else - $bindir/ssh-keygen -t rsa -f $sysconfdir/ssh_host_rsa_key -N "" + echo "$sysconfdir/ssh_host_rsa_key already exists, skipping." +else + $bindir/ssh-keygen -t rsa -f $sysconfdir/ssh_host_rsa_key -N "" fi echo @@ -369,7 +369,7 @@ echo Creating $PKGNAME-$VERSION.bff with backup... rm -f $PKGNAME-$VERSION.bff ( echo "./lpp_name" - find . ! -name lpp_name -a ! -name . -print + find . ! -name lpp_name -a ! -name . -print ) | backup -i -q -f ../$PKGNAME-$VERSION.bff $filelist # diff --git a/contrib/aix/inventory.sh b/contrib/aix/inventory.sh index 4f408e678..e2641e79c 100755 --- a/contrib/aix/inventory.sh +++ b/contrib/aix/inventory.sh @@ -1,7 +1,7 @@ #!/bin/sh # # inventory.sh -# $Id: inventory.sh,v 1.5 2003/08/26 03:43:13 dtucker Exp $ +# $Id: inventory.sh,v 1.6 2003/11/21 12:48:56 djm Exp $ # # Originally written by Ben Lindstrom, modified by Darren Tucker to use perl # This file is placed into the public domain. @@ -59,5 +59,5 @@ find . ! -name . -print | perl -ne '{ } elsif ( -d $_ ) { # Entry is Directory print "\ttype=DIRECTORY\n"; - } + } }' diff --git a/contrib/caldera/ssh-host-keygen b/contrib/caldera/ssh-host-keygen index 28a97b9b4..3c5c17182 100755 --- a/contrib/caldera/ssh-host-keygen +++ b/contrib/caldera/ssh-host-keygen @@ -1,6 +1,6 @@ #! /bin/sh # -# $Id: ssh-host-keygen,v 1.1 2001/04/27 05:50:50 tim Exp $ +# $Id: ssh-host-keygen,v 1.2 2003/11/21 12:48:57 djm Exp $ # # This script is normally run only *once* for a given host # (in a given period of time) -- on updates/upgrades/recovery @@ -12,7 +12,7 @@ keydir=@sysconfdir@ keygen=@sshkeygen@ if [ -f $keydir/ssh_host_key -o \ - -f $keydir/ssh_host_key.pub ]; then + -f $keydir/ssh_host_key.pub ]; then echo "You already have an SSH1 RSA host key in $keydir/ssh_host_key." else echo "Generating 1024 bit SSH1 RSA host key." @@ -20,7 +20,7 @@ else fi if [ -f $keydir/ssh_host_rsa_key -o \ - -f $keydir/ssh_host_rsa_key.pub ]; then + -f $keydir/ssh_host_rsa_key.pub ]; then echo "You already have an SSH2 RSA host key in $keydir/ssh_host_rsa_key." else echo "Generating 1024 bit SSH2 RSA host key." @@ -28,7 +28,7 @@ else fi if [ -f $keydir/ssh_host_dsa_key -o \ - -f $keydir/ssh_host_dsa_key.pub ]; then + -f $keydir/ssh_host_dsa_key.pub ]; then echo "You already have an SSH2 DSA host key in $keydir/ssh_host_dsa_key." else echo "Generating SSH2 DSA host key." diff --git a/contrib/caldera/sshd.init b/contrib/caldera/sshd.init index 90b36379a..983146f4f 100755 --- a/contrib/caldera/sshd.init +++ b/contrib/caldera/sshd.init @@ -1,6 +1,6 @@ #! /bin/bash # -# $Id: sshd.init,v 1.3 2001/11/03 19:09:33 tim Exp $ +# $Id: sshd.init,v 1.4 2003/11/21 12:48:57 djm Exp $ # ### BEGIN INIT INFO # Provides: @@ -64,11 +64,11 @@ case "$1" in SVIemptyConfig @sysconfdir@/sshd_config && exit 6 if [ ! \( -f @sysconfdir@/ssh_host_key -a \ - -f @sysconfdir@/ssh_host_key.pub \) -a \ + -f @sysconfdir@/ssh_host_key.pub \) -a \ ! \( -f @sysconfdir@/ssh_host_rsa_key -a \ - -f @sysconfdir@/ssh_host_rsa_key.pub \) -a \ + -f @sysconfdir@/ssh_host_rsa_key.pub \) -a \ ! \( -f @sysconfdir@/ssh_host_dsa_key -a \ - -f @sysconfdir@/ssh_host_dsa_key.pub \) ]; then + -f @sysconfdir@/ssh_host_dsa_key.pub \) ]; then echo "$SVIsubsys: host key not initialized: skipped!" echo "$SVIsubsys: use ssh-host-keygen to generate one!" diff --git a/contrib/cygwin/README b/contrib/cygwin/README index 1cc6ae65c..1ed934307 100644 --- a/contrib/cygwin/README +++ b/contrib/cygwin/README @@ -25,7 +25,7 @@ Important note for Windows 2003 Server users: --------------------------------------------- 2003 Server has a funny new feature. When starting services under SYSTEM -account, these services have nearly all user rights which SYSTEM holds... +account, these services have nearly all user rights which SYSTEM holds... except for the "Create a token object" right, which is needed to allow public key authentication :-( @@ -103,7 +103,7 @@ features of the FAT/FAT32 filesystems. If you are installing OpenSSH the first time, you can generate global config files and server keys by running - + /usr/bin/ssh-host-config Note that this binary archive doesn't contain default config files in /etc. diff --git a/contrib/cygwin/ssh-host-config b/contrib/cygwin/ssh-host-config index 18793ca85..9c0dabf41 100644 --- a/contrib/cygwin/ssh-host-config +++ b/contrib/cygwin/ssh-host-config @@ -263,7 +263,7 @@ then net user sshd >/dev/null 2>&1 && sshd_in_sam=yes if [ "${sshd_in_passwd}" != "yes" ] then - if [ "${sshd_in_sam}" != "yes" ] + if [ "${sshd_in_sam}" != "yes" ] then echo "Warning: The following function requires administrator privileges!" if request "Should this script create a local user 'sshd' on this machine?" @@ -339,13 +339,13 @@ if [ `grep -q 'sshd[ \t][ \t]*22' "${_services}"; echo $?` -eq 0 ] then grep -v 'sshd[ \t][ \t]*22' "${_services}" > "${_serv_tmp}" if [ -f "${_serv_tmp}" ] - then + then if mv "${_serv_tmp}" "${_services}" then echo "Removing sshd from ${_wservices}" else echo "Removing sshd from ${_wservices} failed!" - fi + fi rm -f "${_serv_tmp}" else echo "Removing sshd from ${_wservices} failed!" @@ -388,9 +388,9 @@ then then if mv "${_inetcnf_tmp}" "${_inetcnf}" then - echo "Removed sshd from ${_inetcnf}" + echo "Removed sshd from ${_inetcnf}" else - echo "Removing sshd from ${_inetcnf} failed!" + echo "Removing sshd from ${_inetcnf} failed!" fi rm -f "${_inetcnf_tmp}" else @@ -462,7 +462,7 @@ then do if [ -n "${password_value}" ] then - _password="${password_value}" + _password="${password_value}" # Allow to ask for password if first try fails password_value="" else @@ -541,7 +541,7 @@ then fi if [ -n "${cygwin_value}" ] then - _cygwin="${cygwin_value}" + _cygwin="${cygwin_value}" else echo echo "Which value should the environment variable CYGWIN have when" @@ -574,9 +574,9 @@ then then if [ $_nt2003 -gt 0 -a "${sshd_server_in_sam}" = "yes" ] then - _user="sshd_server" + _user="sshd_server" else - _user="system" + _user="system" fi chown "${_user}" ${SYSCONFDIR}/ssh* chown "${_user}".544 ${LOCALSTATEDIR}/empty diff --git a/contrib/findssl.sh b/contrib/findssl.sh index 87a4abce2..0c08d4a18 100644 --- a/contrib/findssl.sh +++ b/contrib/findssl.sh @@ -9,24 +9,24 @@ # Written by Darren Tucker (dtucker at zip dot com dot au) # This file is placed in the public domain. # -# $Id: findssl.sh,v 1.1 2003/06/24 10:22:10 dtucker Exp $ +# $Id: findssl.sh,v 1.2 2003/11/21 12:48:56 djm Exp $ # 2002-07-27: Initial release. # 2002-08-04: Added public domain notice. # 2003-06-24: Incorporated readme, set library paths. First cvs version. # -# "OpenSSL headers do not match your library" are usually caused by +# "OpenSSL headers do not match your library" are usually caused by # OpenSSH's configure picking up an older version of OpenSSL headers # or libraries. You can use the following # procedure to help identify # the cause. -# +# # The output of configure will tell you the versions of the OpenSSL # headers and libraries that were picked up, for example: -# +# # checking OpenSSL header version... 90604f (OpenSSL 0.9.6d 9 May 2002) # checking OpenSSL library version... 90602f (OpenSSL 0.9.6b [engine] 9 Jul 2001) # checking whether OpenSSL's headers match the library... no # configure: error: Your OpenSSL headers do not match your library -# +# # Now run findssl.sh. This should identify the headers and libraries # present and their versions. You should be able to identify the # libraries and headers used and adjust your CFLAGS or remove incorrect @@ -37,7 +37,7 @@ # Searching for OpenSSL header files. # 0x0090604fL /usr/include/openssl/opensslv.h # 0x0090604fL /usr/local/ssl/include/openssl/opensslv.h -# +# # Searching for OpenSSL shared library files. # 0x0090602fL /lib/libcrypto.so.0.9.6b # 0x0090602fL /lib/libcrypto.so.2 @@ -46,11 +46,11 @@ # 0x0090581fL /usr/lib/libcrypto.so.0.9.5a # 0x0090600fL /usr/lib/libcrypto.so.0.9.6 # 0x0090600fL /usr/lib/libcrypto.so.1 -# +# # Searching for OpenSSL static library files. # 0x0090602fL /usr/lib/libcrypto.a # 0x0090604fL /usr/local/ssl/lib/libcrypto.a -# +# # In this example, I gave configure no extra flags, so it's picking up # the OpenSSL header from /usr/include/openssl (90604f) and the library # from /usr/lib/ (90602f). diff --git a/contrib/gnome-ssh-askpass1.c b/contrib/gnome-ssh-askpass1.c index b6b342b84..4d51032d1 100644 --- a/contrib/gnome-ssh-askpass1.c +++ b/contrib/gnome-ssh-askpass1.c @@ -23,14 +23,14 @@ */ /* - * This is a simple GNOME SSH passphrase grabber. To use it, set the - * environment variable SSH_ASKPASS to point to the location of - * gnome-ssh-askpass before calling "ssh-add < /dev/null". + * This is a simple GNOME SSH passphrase grabber. To use it, set the + * environment variable SSH_ASKPASS to point to the location of + * gnome-ssh-askpass before calling "ssh-add < /dev/null". * * There is only two run-time options: if you set the environment variable * "GNOME_SSH_ASKPASS_GRAB_SERVER=true" then gnome-ssh-askpass will grab - * the X server. If you set "GNOME_SSH_ASKPASS_GRAB_POINTER=true", then the - * pointer will be grabbed too. These may have some benefit to security if + * the X server. If you set "GNOME_SSH_ASKPASS_GRAB_POINTER=true", then the + * pointer will be grabbed too. These may have some benefit to security if * you don't trust your X server. We grab the keyboard always. */ @@ -87,7 +87,7 @@ passphrase_dialog(char *message) } entry = gtk_entry_new(); - gtk_box_pack_start(GTK_BOX(GNOME_DIALOG(dialog)->vbox), entry, FALSE, + gtk_box_pack_start(GTK_BOX(GNOME_DIALOG(dialog)->vbox), entry, FALSE, FALSE, 0); gtk_entry_set_visibility(GTK_ENTRY(entry), FALSE); gtk_widget_grab_focus(entry); @@ -105,7 +105,7 @@ passphrase_dialog(char *message) /* Grab focus */ if (grab_server) XGrabServer(GDK_DISPLAY()); - if (grab_pointer && gdk_pointer_grab(dialog->window, TRUE, 0, + if (grab_pointer && gdk_pointer_grab(dialog->window, TRUE, 0, NULL, NULL, GDK_CURRENT_TIME)) goto nograb; if (gdk_keyboard_grab(dialog->window, FALSE, GDK_CURRENT_TIME)) diff --git a/contrib/gnome-ssh-askpass2.c b/contrib/gnome-ssh-askpass2.c index 9e8eaf920..0ce8daec9 100644 --- a/contrib/gnome-ssh-askpass2.c +++ b/contrib/gnome-ssh-askpass2.c @@ -25,14 +25,14 @@ /* GTK2 support by Nalin Dahyabhai <nalin@redhat.com> */ /* - * This is a simple GNOME SSH passphrase grabber. To use it, set the - * environment variable SSH_ASKPASS to point to the location of - * gnome-ssh-askpass before calling "ssh-add < /dev/null". + * This is a simple GNOME SSH passphrase grabber. To use it, set the + * environment variable SSH_ASKPASS to point to the location of + * gnome-ssh-askpass before calling "ssh-add < /dev/null". * * There is only two run-time options: if you set the environment variable * "GNOME_SSH_ASKPASS_GRAB_SERVER=true" then gnome-ssh-askpass will grab - * the X server. If you set "GNOME_SSH_ASKPASS_GRAB_POINTER=true", then the - * pointer will be grabbed too. These may have some benefit to security if + * the X server. If you set "GNOME_SSH_ASKPASS_GRAB_POINTER=true", then the + * pointer will be grabbed too. These may have some benefit to security if * you don't trust your X server. We grab the keyboard always. */ @@ -103,7 +103,7 @@ passphrase_dialog(char *message) message); entry = gtk_entry_new(); - gtk_box_pack_start(GTK_BOX(GTK_DIALOG(dialog)->vbox), entry, FALSE, + gtk_box_pack_start(GTK_BOX(GTK_DIALOG(dialog)->vbox), entry, FALSE, FALSE, 0); gtk_entry_set_visibility(GTK_ENTRY(entry), FALSE); gtk_widget_grab_focus(entry); @@ -124,7 +124,7 @@ passphrase_dialog(char *message) if (grab_pointer) { for(;;) { status = gdk_pointer_grab( - (GTK_WIDGET(dialog))->window, TRUE, 0, NULL, + (GTK_WIDGET(dialog))->window, TRUE, 0, NULL, NULL, GDK_CURRENT_TIME); if (status == GDK_GRAB_SUCCESS) break; diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index dd00c9fa9..a4d49f61c 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec @@ -200,7 +200,7 @@ CFLAGS="$RPM_OPT_FLAGS -Os"; export CFLAGS --with-pam \ %endif %if %{kerberos5} - --with-kerberos5=/usr/kerberos \ + --with-kerberos5=/usr/kerberos \ %endif @@ -398,7 +398,7 @@ fi %changelog * Mon Jun 2 2003 Damien Miller <djm@mindrot.org> -- Remove noip6 option. This may be controlled at run-time in client config +- Remove noip6 option. This may be controlled at run-time in client config file using new AddressFamily directive * Mon May 12 2003 Damien Miller <djm@mindrot.org> @@ -558,7 +558,7 @@ fi * Sun Apr 8 2001 Preston Brown <pbrown@redhat.com> - remove explicit openssl requirement, fixes builddistro issue -- make initscript stop() function wait until sshd really dead to avoid +- make initscript stop() function wait until sshd really dead to avoid races in condrestart * Mon Apr 2 2001 Nalin Dahyabhai <nalin@redhat.com> diff --git a/contrib/solaris/README b/contrib/solaris/README index 9b0a46e29..eb4c590f4 100644 --- a/contrib/solaris/README +++ b/contrib/solaris/README @@ -17,7 +17,7 @@ Directions: If all goes well you should have a solaris package ready to be installed. -If you have any problems with this script please post them to +If you have any problems with this script please post them to openssh-unix-dev@mindrot.org and I will try to assist you as best as I can. - Ben Lindstrom diff --git a/contrib/solaris/buildpkg.sh b/contrib/solaris/buildpkg.sh index c41b3f963..55203d7d5 100755 --- a/contrib/solaris/buildpkg.sh +++ b/contrib/solaris/buildpkg.sh @@ -5,7 +5,7 @@ # The following code has been provide under Public Domain License. I really # don't care what you use it for. Just as long as you don't complain to me # nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org) -# +# umask 022 # # Options for building the package @@ -13,7 +13,7 @@ umask 022 # # uncommenting TEST_DIR and using # configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty -# and +# and # PKGNAME=tOpenSSH should allow testing a package without interfering # with a real OpenSSH package on a system. This is not needed on systems # that support the -R option to pkgadd. @@ -81,7 +81,7 @@ export PATH # we will look for config.local to override the above options [ -s ./config.local ] && . ./config.local -## Start by faking root install +## Start by faking root install echo "Faking root install..." START=`pwd` OPENSSHD_IN=`dirname $0`/opensshd.in @@ -98,20 +98,20 @@ fi ## Fill in some details, like prefix and sysconfdir for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir do - eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2` + eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2` done ## Collect value of privsep user for confvar in SSH_PRIVSEP_USER do - eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h` + eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h` done ## Set privsep defaults if not defined if [ -z "$SSH_PRIVSEP_USER" ] then - SSH_PRIVSEP_USER=sshd + SSH_PRIVSEP_USER=sshd fi ## Extract common info requires for the 'info' part of the package. @@ -243,16 +243,16 @@ fi if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' \${PKG_INSTALL_ROOT}/$sysconfdir/sshd_config >/dev/null then - echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user" - echo "or group." + echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user" + echo "or group." else - echo "UsePrivilegeSeparation enabled in config (or defaulting to on)." + echo "UsePrivilegeSeparation enabled in config (or defaulting to on)." - # create group if required - if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null - then - echo "PrivSep group $SSH_PRIVSEP_USER already exists." - else + # create group if required + if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null + then + echo "PrivSep group $SSH_PRIVSEP_USER already exists." + else # Use gid of 67 if possible if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null then @@ -260,15 +260,15 @@ else else sshdgid="-g $SSHDGID" fi - echo "Creating PrivSep group $SSH_PRIVSEP_USER." - \$chroot /usr/sbin/groupadd \$sshdgid $SSH_PRIVSEP_USER - fi - - # Create user if required - if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null - then - echo "PrivSep user $SSH_PRIVSEP_USER already exists." - else + echo "Creating PrivSep group $SSH_PRIVSEP_USER." + \$chroot /usr/sbin/groupadd \$sshdgid $SSH_PRIVSEP_USER + fi + + # Create user if required + if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null + then + echo "PrivSep user $SSH_PRIVSEP_USER already exists." + else # Use uid of 67 if possible if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDGID'\$' >/dev/null then @@ -276,10 +276,10 @@ else else sshduid="-u $SSHDUID" fi - echo "Creating PrivSep user $SSH_PRIVSEP_USER." + echo "Creating PrivSep user $SSH_PRIVSEP_USER." \$chroot /usr/sbin/useradd -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER \$chroot /usr/bin/passwd -l $SSH_PRIVSEP_USER - fi + fi fi [ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start @@ -358,12 +358,12 @@ cat >mk-proto.awk << _EOF BEGIN { print "i pkginfo"; print "i preinstall"; \\ print "i postinstall"; print "i preremove"; \\ print "i request"; print "i space"; \\ - split("$SYSTEM_DIR",sys_files); } + split("$SYSTEM_DIR",sys_files); } { for (dir in sys_files) { if ( \$3 != sys_files[dir] ) - { \$5="root"; \$6="sys"; } - else - { \$4="?"; \$5="?"; \$6="?"; break;} + { \$5="root"; \$6="sys"; } + else + { \$4="?"; \$5="?"; \$6="?"; break;} } } { print; } _EOF diff --git a/contrib/solaris/opensshd.in b/contrib/solaris/opensshd.in index 48b6c5702..50e18deea 100755 --- a/contrib/solaris/opensshd.in +++ b/contrib/solaris/opensshd.in @@ -22,24 +22,24 @@ HOST_KEY_RSA=$etcdir/ssh_host_rsa_key checkkeys() { if [ ! -f $HOST_KEY_RSA1 ]; then - ${SSH_KEYGEN} -t rsa1 -f ${HOST_KEY_RSA1} -N "" + ${SSH_KEYGEN} -t rsa1 -f ${HOST_KEY_RSA1} -N "" fi if [ ! -f $HOST_KEY_DSA ]; then - ${SSH_KEYGEN} -t dsa -f ${HOST_KEY_DSA} -N "" + ${SSH_KEYGEN} -t dsa -f ${HOST_KEY_DSA} -N "" fi if [ ! -f $HOST_KEY_RSA ]; then - ${SSH_KEYGEN} -t rsa -f ${HOST_KEY_RSA} -N "" + ${SSH_KEYGEN} -t rsa -f ${HOST_KEY_RSA} -N "" fi } stop_service() { if [ -r $PIDFILE -a ! -z ${PIDFILE} ]; then - PID=`${CAT} ${PIDFILE}` + PID=`${CAT} ${PIDFILE}` fi if [ ${PID:=0} -gt 1 -a ! "X$PID" = "X " ]; then - ${KILL} ${PID} + ${KILL} ${PID} else - echo "Unable to read PID file" + echo "Unable to read PID file" fi } @@ -55,8 +55,8 @@ start_service() { sshd_rc=$? if [ $sshd_rc -ne 0 ]; then - echo "$0: Error ${sshd_rc} starting ${SSHD}... bailing." - exit $sshd_rc + echo "$0: Error ${sshd_rc} starting ${SSHD}... bailing." + exit $sshd_rc fi echo done. } diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index 940bc4ade..d984ff22d 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec @@ -30,7 +30,7 @@ two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it -up to date in terms of security and features, as well as removing all +up to date in terms of security and features, as well as removing all patented algorithms to seperate libraries (OpenSSL). This package includes all files necessary for both the OpenSSH @@ -100,8 +100,8 @@ make cd contrib gcc -O -g `gnome-config --cflags gnome gnomeui` \ - gnome-ssh-askpass.c -o gnome-ssh-askpass \ - `gnome-config --libs gnome gnomeui` + gnome-ssh-askpass.c -o gnome-ssh-askpass \ + `gnome-config --libs gnome gnomeui` cd .. %install @@ -140,34 +140,34 @@ else echo " /var/adm/fillup-templates/rc.config.sshd" fi if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then - echo "Generating SSH host key..." + echo "Generating SSH host key..." /usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' >&2 fi if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then - echo "Generating SSH DSA host key..." + echo "Generating SSH DSA host key..." /usr/bin/ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N '' >&2 fi if test -r /var/run/sshd.pid then - echo "Restarting the running SSH daemon..." + echo "Restarting the running SSH daemon..." /usr/sbin/rcsshd restart >&2 fi %preun if [ "$1" = 0 ] then - echo "Stopping the SSH daemon..." + echo "Stopping the SSH daemon..." /usr/sbin/rcsshd stop >&2 echo "Removing SSH stop/start scripts from the rc directories..." - rm /sbin/init.d/rc2.d/K20sshd - rm /sbin/init.d/rc2.d/S20sshd - rm /sbin/init.d/rc3.d/K20sshd - rm /sbin/init.d/rc3.d/S20sshd + rm /sbin/init.d/rc2.d/K20sshd + rm /sbin/init.d/rc2.d/S20sshd + rm /sbin/init.d/rc3.d/K20sshd + rm /sbin/init.d/rc3.d/S20sshd fi %files %defattr(-,root,root) -%doc ChangeLog OVERVIEW README* +%doc ChangeLog OVERVIEW README* %doc RFC.nroff TODO CREDITS LICENCE %attr(0755,root,root) %dir /etc/ssh %attr(0644,root,root) %config /etc/ssh/ssh_config |