[Midnightbsd-cvs] src: src/etc: (needs more testing) Create a ssh subdirectory and alter

[laffer1 at midnightbsd.org]

Log Message:
-----------
(needs more testing)

Create a ssh subdirectory and alter the ssh config installation so that it runs in it's own Makefile.  This let's us deal with
the new blacklist files in a easy fashion.

Modified Files:
--------------
    src/etc:
        Makefile (r1.13 -> r1.14)

Added Files:
-----------
    src/etc/ssh:
        Makefile (r1.1)

-------------- next part --------------
Index: Makefile
===================================================================
RCS file: /home/cvs/src/etc/Makefile,v
retrieving revision 1.13
retrieving revision 1.14
diff -L etc/Makefile -L etc/Makefile -u -r1.13 -r1.14
--- etc/Makefile
+++ etc/Makefile
@@ -27,11 +27,6 @@
 .endif
 
 .if !defined(NO_CRYPT) && !defined(NO_OPENSSL)
-.if !defined(NO_OPENSSH)
-SSH=	${.CURDIR}/../crypto/openssh/ssh_config \
-	${.CURDIR}/../crypto/openssh/sshd_config \
-	${.CURDIR}/../crypto/openssh/moduli
-.endif
 SSL=	${.CURDIR}/../crypto/openssl/apps/openssl.cnf
 .endif
 
@@ -126,8 +121,7 @@
 .endif
 .if !defined(NO_CRYPT) && !defined(NO_OPENSSL)
 .if !defined(NO_OPENSSH)
-	cd ${.CURDIR}; ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 644 \
-	    ${SSH} ${DESTDIR}/etc/ssh
+	cd ${.CURDIR}/ssh; ${MAKE} install
 .endif
 	cd ${.CURDIR}; ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 644 \
 	    ${SSL} ${DESTDIR}/etc/ssl
--- /dev/null
+++ etc/ssh/Makefile
@@ -0,0 +1,34 @@
+# $MidnightBSD: src/etc/ssh/Makefile,v 1.1 2008/05/16 21:40:36 laffer1 Exp $
+
+NO_OBJ=	
+
+FILES=	${.CURDIR}/../../crypto/openssh/ssh_config \
+	${.CURDIR}/../../crypto/openssh/sshd_config \
+	${.CURDIR}/../../crypto/openssh/moduli 
+FILESDIR=	/etc/ssh
+FILESOWN=	${BINOWN}
+FILESGRP=	${BINGRP}
+
+BLACKLISTS!=	echo ${.CURDIR}/../../crypto/openssh/blacklist.*
+.for bl in ${BLACKLISTS}
+FILES+=	short.${bl:T}
+CLEANFILES+= short.${bl:T}
+FILESNAME_short.${bl:T}=	${bl:T}
+
+short.${bl:T}: ${bl}
+	@printf "# After these initial comments, all the lines in this file must be\n" > ${.TARGET}
+	@printf "# exactly the same length, and must be in sorted order. Each line must\n" >> ${.TARGET}
+	@printf "# consist of the lower-case key fingerprint (ssh-keygen -l -f\n" >> ${.TARGET}
+	@printf "# /path/to/key), without colons, and with the first 12 characters\n" >> ${.TARGET}
+	@printf "# removed (that is, the lower 80 bits of the fingerprint). Unless these\n" >> ${.TARGET}
+	@printf "# rules are followed, the blacklist will not work properly. See\n" >> ${.TARGET}
+	@printf "# ssh-vulnkey(1).\n" >> ${.TARGET}
+	@printf "#\n" >> ${.TARGET}
+	@printf "# Copyright: (C) 2008 Canonical, Ltd., License: GPL-3.\n" >> ${.TARGET}
+	sed -ne '/^#/!q;p;' ${.ALLSRC} >> ${.TARGET}
+
+	grep -v '^#' ${.ALLSRC} | cut -d ' ' -f 2 | cut -b13- | sort >> ${.TARGET}
+.endfor
+
+.include <bsd.prog.mk>
+