[Midnightbsd-cvs] src: src/etc: (needs more testing) Create a ssh subdirectory and alter
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Fri May 16 17:40:38 EDT 2008
Log Message:
-----------
(needs more testing)
Create a ssh subdirectory and alter the ssh config installation so that it runs in it's own Makefile. This let's us deal with
the new blacklist files in a easy fashion.
Modified Files:
--------------
src/etc:
Makefile (r1.13 -> r1.14)
Added Files:
-----------
src/etc/ssh:
Makefile (r1.1)
-------------- next part --------------
Index: Makefile
===================================================================
RCS file: /home/cvs/src/etc/Makefile,v
retrieving revision 1.13
retrieving revision 1.14
diff -L etc/Makefile -L etc/Makefile -u -r1.13 -r1.14
--- etc/Makefile
+++ etc/Makefile
@@ -27,11 +27,6 @@
.endif
.if !defined(NO_CRYPT) && !defined(NO_OPENSSL)
-.if !defined(NO_OPENSSH)
-SSH= ${.CURDIR}/../crypto/openssh/ssh_config \
- ${.CURDIR}/../crypto/openssh/sshd_config \
- ${.CURDIR}/../crypto/openssh/moduli
-.endif
SSL= ${.CURDIR}/../crypto/openssl/apps/openssl.cnf
.endif
@@ -126,8 +121,7 @@
.endif
.if !defined(NO_CRYPT) && !defined(NO_OPENSSL)
.if !defined(NO_OPENSSH)
- cd ${.CURDIR}; ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 644 \
- ${SSH} ${DESTDIR}/etc/ssh
+ cd ${.CURDIR}/ssh; ${MAKE} install
.endif
cd ${.CURDIR}; ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 644 \
${SSL} ${DESTDIR}/etc/ssl
--- /dev/null
+++ etc/ssh/Makefile
@@ -0,0 +1,34 @@
+# $MidnightBSD: src/etc/ssh/Makefile,v 1.1 2008/05/16 21:40:36 laffer1 Exp $
+
+NO_OBJ=
+
+FILES= ${.CURDIR}/../../crypto/openssh/ssh_config \
+ ${.CURDIR}/../../crypto/openssh/sshd_config \
+ ${.CURDIR}/../../crypto/openssh/moduli
+FILESDIR= /etc/ssh
+FILESOWN= ${BINOWN}
+FILESGRP= ${BINGRP}
+
+BLACKLISTS!= echo ${.CURDIR}/../../crypto/openssh/blacklist.*
+.for bl in ${BLACKLISTS}
+FILES+= short.${bl:T}
+CLEANFILES+= short.${bl:T}
+FILESNAME_short.${bl:T}= ${bl:T}
+
+short.${bl:T}: ${bl}
+ @printf "# After these initial comments, all the lines in this file must be\n" > ${.TARGET}
+ @printf "# exactly the same length, and must be in sorted order. Each line must\n" >> ${.TARGET}
+ @printf "# consist of the lower-case key fingerprint (ssh-keygen -l -f\n" >> ${.TARGET}
+ @printf "# /path/to/key), without colons, and with the first 12 characters\n" >> ${.TARGET}
+ @printf "# removed (that is, the lower 80 bits of the fingerprint). Unless these\n" >> ${.TARGET}
+ @printf "# rules are followed, the blacklist will not work properly. See\n" >> ${.TARGET}
+ @printf "# ssh-vulnkey(1).\n" >> ${.TARGET}
+ @printf "#\n" >> ${.TARGET}
+ @printf "# Copyright: (C) 2008 Canonical, Ltd., License: GPL-3.\n" >> ${.TARGET}
+ sed -ne '/^#/!q;p;' ${.ALLSRC} >> ${.TARGET}
+
+ grep -v '^#' ${.ALLSRC} | cut -d ' ' -f 2 | cut -b13- | sort >> ${.TARGET}
+.endfor
+
+.include <bsd.prog.mk>
+
More information about the Midnightbsd-cvs
mailing list