Mercurial Mercurial > upstream > oracle > userland-gate / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openssh/Makefile
author Jan Parcel <jan.parcel@oracle.com>
Tue, 25 Apr 2017 15:08:28 -0700
branchs11u3-sru
changeset 7946 165bf092aa9c
parent 7621 c11a68c3a63d
permissions -rw-r--r--
PSARC/2017/022 OpenSSH 7.4 25295722 upgrade OpenSSH to 7.4p1 25295787 problem in UTILITY/OPENSSH 25295804 problem in UTILITY/OPENSSH 25295822 problem in UTILITY/OPENSSH 25295840 problem in UTILITY/OPENSSH 25809379 Openssh 7.4p1 has 3 regressions, fixed in 7.5 25795760 openssh drops connection when GSSAPIAuthentication set to no

#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#

#
# Copyright (c) 2013, 2017, Oracle and/or its affiliates. All rights reserved.
#
COMPILER= gcc
include ../../make-rules/shared-macros.mk

COMPONENT_NAME=		openssh
COMPONENT_VERSION=      7.4p1
HUMAN_VERSION=		$(COMPONENT_VERSION)
COMPONENT_SRC=		$(COMPONENT_NAME)-$(COMPONENT_VERSION)

# Version for IPS.  The encoding rules are:
#   OpenSSH <x>.<y>p<n>     => IPS <x>.<y>.0.<n>
#   OpenSSH <x>.<y>.<z>p<n> => IPS <x>.<y>.<z>.<n>
IPS_COMPONENT_VERSION=	  7.4.0.1

COMPONENT_PROJECT_URL=	http://www.openssh.org/
COMPONENT_ARCHIVE=	$(COMPONENT_SRC).tar.gz
COMPONENT_ARCHIVE_HASH= sha256:1b1fc4a14e2024293181924ed24872e6f2e06293f3e8926a376b8aec481f19d1
COMPONENT_ARCHIVE_URL=	http://mirrors.sonic.net/pub/OpenBSD/OpenSSH/portable/$(COMPONENT_ARCHIVE)
COMPONENT_BUGDB=utility/openssh

TPNO_OPENSSH=           33237
TPNO_GSSKEX=		20377

include $(WS_MAKE_RULES)/prep.mk
include $(WS_MAKE_RULES)/configure.mk
include $(WS_MAKE_RULES)/ips.mk

# Enable ASLR for this component
ASLR_MODE = $(ASLR_ENABLE)

CFLAGS += -DSET_USE_PAM
CFLAGS += -DDEPRECATE_SUNSSH_OPT
CFLAGS += -DKRB5_BUILD_FIX
CFLAGS += -DDTRACE_SFTP
CFLAGS += -DDISABLE_BANNER
CFLAGS += -DPAM_ENHANCEMENT
CFLAGS += -DPAM_BUGFIX
CFLAGS += -DOPTION_DEFAULT_VALUE
CFLAGS += -DPER_SESSION_XAUTHFILE
CFLAGS += -DOPENSSL_NO_CAST
CFLAGS += -DENABLE_OPENSSL_FIPS
CFLAGS += -DDEFAULT_PKCS11_WHITELIST='\"/usr/lib*,/lib/*,/usr/lib/sparcv9/*,/lib/sparcv9/*,/usr/lib/amd64/*,/lib/amd64/*\"'


CONFIGURE_OPTIONS += CFLAGS="$(CFLAGS)"

# We need to disable lazyloading of dynamic dependent libraries. During the
# pre-authentication phase, sshd will chroot to /var/empty which doesn't
# contain any files. If we use lazyloading, sshd will fail to find any
# libraries that it needs.
LDFLAGS += $(LD_B_DIRECT) -z nolazyload

# Enable nxheap and nxstack security extensions
LDFLAGS += -z nxheap=enable -z nxstack=enable

CONFIGURE_OPTIONS += LDFLAGS="$(LDFLAGS)"

CONFIGURE_OPTIONS += --with-audit=solaris
CONFIGURE_OPTIONS += --with-libedit
CONFIGURE_OPTIONS += --with-kerberos5
CONFIGURE_OPTIONS += --with-pam
CONFIGURE_OPTIONS += --with-sandbox=no
CONFIGURE_OPTIONS += --with-solaris-contracts
CONFIGURE_OPTIONS += --with-4in6
CONFIGURE_OPTIONS += --with-xauth=$(USRBINDIR)/xauth
CONFIGURE_OPTIONS += --disable-strip
CONFIGURE_OPTIONS += --without-rpath
CONFIGURE_OPTIONS += --libexecdir=$(USRLIBDIR)/ssh
CONFIGURE_OPTIONS += --sbindir=$(USRLIBDIR)/ssh
CONFIGURE_OPTIONS += --sysconfdir=$(ETCDIR)/ssh
CONFIGURE_OPTIONS += --bindir=$(USRBINDIR)
CONFIGURE_OPTIONS += --disable-lastlog

# Copy the sftp dtrace provider file and the header file to source directory
#
# To avoid complexity with updates, after patching for specific code-related
# issues, auto-edit the man pages to meet Solaris legacy standards for
# man page organization.

MANLIST= moduli.5 scp.1 sftp-server.8 sftp.1 ssh-add.1 ssh-agent.1 \
	ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8 ssh-pkcs11-helper.8 \
	ssh.1 ssh_config.5 sshd.8 sshd_config.5

COMPONENT_PRE_BUILD_ACTION = \
    ( echo "Copying dtrace sftp files..."; \
      $(LN) -fs $(COMPONENT_DIR)/dtrace_sftp/*.[dh] $(SOURCE_DIR); \
      echo "Adjusting man page sections...." ; \
      files/convert-man $(SOURCE_DIR) $(MANLIST); \
    )

# Copy Solaris specific source files and generate configuration script
COMPONENT_PREP_ACTION =  (					\
	        $(CP) sources/*.c $(@D)/; 				\
	        cd $(@D); autoconf; 					\
	)

# common targets
configure:	$(CONFIGURE_32)

build:		$(BUILD_32)

install:	$(INSTALL_32)

# Because of certain set up requirement, the regress test suite is ported to
# the STC gate.
test:		$(NO_TESTS)

REQUIRED_PACKAGES += library/libedit
REQUIRED_PACKAGES += library/security/openssl
REQUIRED_PACKAGES += library/zlib
REQUIRED_PACKAGES += service/security/kerberos-5
REQUIRED_PACKAGES += system/library
REQUIRED_PACKAGES += system/library/gcc/gcc-c-runtime
REQUIRED_PACKAGES += system/library/security/gss
REQUIRED_PACKAGES += system/linker
REQUIRED_PACKAGES += text/groff/groff-core
upstream/oracle/userland-gate