casa-mp-base
Public
Source
xxxxxxxxxx# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4PortSystem 1.0PortGroup compiler_blacklist_versions 1.0name opensshversion 8.1p1revision 7categories netplatforms darwinmaintainers nomaintainerlicense BSDinstalls_libs noconflicts lshdescription OpenSSH secure login serverlong_description OpenSSH is a FREE version of the SSH protocol suite of \ network connectivity tools that increasing numbers of people on the \ Internet are coming to rely on. Many users of telnet, rlogin, ftp, \ and other such programs might not realize that their password is \ transmitted across the Internet unencrypted, but it is. OpenSSH \ encrypts all traffic (including passwords) to effectively eliminate \ eavesdropping, connection hijacking, and other network-level \ attacks. Additionally, OpenSSH provides a myriad of secure \ tunneling capabilities, as well as a variety of authentication \ methods.homepage https://www.openbsd.org/openssh/checksums rmd160 0d9bcaa22b77a8e26fbe4804ea4ae017e45b1568 \ sha256 02f5dbef3835d0753556f973cd57b4c19b6b1f6cd24c03445e23ac77ca1b93ff \ size 1625894master_sites openbsd:OpenSSH/portable \ ftp://ftp.cise.ufl.edu/pub/mirrors/openssh/portable/ \ http://openbsd.mirrors.pair.com/OpenSSH/portableif {${name} eq ${subport}} { depends_lib path:lib/libssl.dylib:openssl \ port:libedit \ port:ncurses \ port:zlib depends_run port:ssh-copy-id # the HPN patch needs this, so rewrite all other patches to support it, too patch.args -p1 patchfiles launchd.patch \ pam.patch \ patch-sandbox-darwin.c-apple-sandbox-named-external.diff \ patch-sshd.c-apple-sandbox-named-external.diff \ 0002-Apple-keychain-integration-other-changes.patch \ macports-config.patch \ patch-openbsd_compat-memmem-bug.diff # We need a couple of patches # - pam.patch # getpwnam(3) on OS X always returns "*********" in the pw_passwd field even # when run as root, so it can't be used for authentication. This patch just # forces the use of PAM regardless of the configuration. # - patch-*-apple-sandbox-named-external.diff # Use Apple's sandbox_init(3) in addition to standard privilege separation. # This requires a sandbox profile (which we provide) and the sandbox_init(3) # call before the chroot(2) to privsep-path (${prefix}/var/empty), or it will # fail to load the sandbox description and libsandbox.1.dylib. # - 0002-Apple-keychain-integration-other-changes.patch # Adds Apple Keychain integration and ssh-agent's launchd mode # - macports-config.patch # Changes the default configuration from the upstream-provided one by popular # request. post-patch { # reinplace prefix in path to sandbox definition added by # patch-sandbox-darwin.c-apple-sandbox-named-external.diff reinplace "s|@PREFIX@|${prefix}|g" ${worksrcpath}/sandbox-darwin.c } use_autoreconf yes # strnvis(3) isn't actually "broken". OpenBSD decided to be special and flip # the order of arguments to strnvis and considers everyone else to be broken. configure.cppflags-append -DBROKEN_STRNVIS=1 # Use Apple's sandboxing feature configure.cppflags-append -D__APPLE_SANDBOX_NAMED_EXTERNAL__ \ -D__APPLE_API_STRICT_CONFORMANCE configure.ldflags-append -Wl,-search_paths_first configure.args --with-ssl-dir=${prefix} \ --sysconfdir=${prefix}/etc/ssh \ --with-privsep-path=/var/empty \