# $Id: Portfile 32433 2007-12-31 14:19:58Z ram@macports.org $

PortSystem 1.0

name            openssh
version         4.7p1
revision	1
categories      net 
maintainers     nomaintainer
description     OpenSSH secure login server
long_description  OpenSSH is a FREE version of the SSH protocol suite of \
          network connectivity tools that increasing numbers of people on the \
          Internet are coming to rely on. Many users of telnet, rlogin, ftp, \
          and other such programs might not realize that their password is \
          transmitted across the Internet unencrypted, but it is. OpenSSH \
          encrypts all traffic (including passwords) to effectively eliminate \
          eavesdropping, connection hijacking, and other network-level \
          attacks. Additionally, OpenSSH provides a myriad of secure \
          tunneling capabilities, as well as a variety of authentication \
          methods. 
homepage        http://www.openssh.com/
platforms       darwin
checksums       ${distfiles} md5 50a800fd2c6def9e9a53068837e87b91 \
	${distfiles} sha1 58357db9e64ba6382bef3d73d1d386fcdc0508f4 \
	${distfiles} rmd160 b828e79d3d1a931cb77651ec7d7276cf3ba22d90
master_sites    openbsd:OpenSSH/portable \
	ftp://carroll.cac.psu.edu/pub/OpenBSD/OpenSSH/portable/ \
        ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \
	http://mirror.mcs.anl.gov/openssh/portable/ \
	http://openssh.hostingzero.com/portable/ \
	ftp://ftp5.usa.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \
	ftp://ftp3.usa.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \
	ftp://ftp.cise.ufl.edu/pub/mirrors/openssh/portable/ \
	ftp://reflection.ncsa.uiuc.edu/pub/OpenBSD/OpenSSH/portable/ \
	ftp://mirror.sg.depaul.edu/pub/OpenBSD/OpenSSH/portable/ \
	ftp://mirror.mcs.anl.gov/pub/openssh/portable/ \
	ftp://rt.fm/pub/OpenBSD/OpenSSH/portable/ \
	ftp://ftp.cse.buffalo.edu/pub/OpenBSD/OpenSSH/portable/ \
	ftp://openbsd.mirrors.pair.com/OpenSSH/portable/ \
	ftp://openbsd.secsup.org/pub/openbsd/OpenSSH/portable/ \
	ftp://ftp.tux.org/bsd/openbsd/OpenSSH/portable/
depends_lib     port:openssl port:zlib

# Specified -fno-builtin because GCC 3.3 has log() as a builtin
# (from math.h) while OpenSSH has its own log() function
# -- from fink.
configure.cppflags-append "-fno-builtin"
configure.args --with-ssl-dir=${prefix} --sysconfdir=${prefix}/etc/ssh \
  --with-privsep-path=${prefix}/var/empty --with-md5-passwords \
  --with-pid-dir=${prefix}/var/run --with-tcp-wrappers \
  --with-pam --disable-suid-ssh --with-random=/dev/urandom \
  --mandir=${prefix}/share/man --with-zlib=${prefix}

destroot.target install-nokeys

post-destroot {
  destroot.keepdirs ${destroot}${prefix}/var/run ${destroot}${prefix}/var/empty
  reinplace "s|#Port 22|Port 2222|g" ${destroot}${prefix}/etc/ssh/sshd_config
}

# For X11 Forwarding
variant  apple-x11 { # set for X11 forwarding
  configure.args-append --with-xauth=/usr/X11R6/bin/xauth
 }

variant kerberos {
  configure.args-append --with-kerberos5=/usr
}

# For high-performance patch
variant hpn {
  patch_sites-append    http://www.psc.edu/networking/projects/hpn-ssh/
  patchfiles-append     ${distname}-hpn12v20.diff.gz
  checksums-append      ${distname}-hpn12v20.diff.gz \
  			md5 7a75e87b03e4d713973c5a3330a68ab5 \
                        sha1 4eaf906494f4d71422775f8c0c817f4373978055 \
			rmd160 d491c864f1be1228a275189865dc4873ca891849
  patch.pre_args
  post-patch {
    reinplace "s|TMP_SSH_VERSION SSH_PORTABLE|TMP_SSH_VERSION SSH_PORTABLE SSH_HPN|" ${worksrcpath}/version.h
  }
}

platform darwin {
  # create link to /usr/include/pam because 'security' was renamed to 'pam'
  # in OS X.
  pre-configure {
    xinstall -d ${workpath}/include
    file delete ${workpath}/include/security
    ln -s /usr/include/pam ${workpath}/include/security
  }
}

platform darwin 8 {
  configure.compiler	gcc-4.0
}

platform darwin 9 {
  patch_sites-append   http://www.opensource.apple.com/darwinsource/10.5/OpenSSH-87/patches/
  patchfiles-append    DVG-5142987_launchd_DISPLAY_for_X11.patch \
                       patch-pwdup.diff
  checksums-append     DVG-5142987_launchd_DISPLAY_for_X11.patch md5 e188ebbba95c4cde61e0e1b2edc9f992 \
                           sha1 62735c5bfbbe1fa41433993435ded7767cc5f1f9 \
                           rmd160 eb5262f554583f4925f6f91f6a6d0034c70098ad
}

startupitem.create  yes
startupitem.name    OpenSSH
startupitem.start \
    "if \[ -x ${prefix}/sbin/sshd ]; then
        if \[ ! -f ${prefix}/etc/ssh/ssh_host_key \]; then
            ${prefix}/bin/ssh-keygen -t rsa1 -f \\
            ${prefix}/etc/ssh/ssh_host_key -N \"\" -C `hostname`
        fi
        if \[ ! -f ${prefix}/etc/ssh/ssh_host_dsa_key \]; then
            ${prefix}/bin/ssh-keygen -t dsa -f \\
            ${prefix}/etc/ssh/ssh_host_dsa_key -N \"\" -C `hostname`
        fi
        if \[ ! -f ${prefix}/etc/ssh/ssh_host_rsa_key \]; then
            ${prefix}/bin/ssh-keygen -t rsa -f \\
            ${prefix}/etc/ssh/ssh_host_rsa_key -N \"\" -C `hostname`
        fi
        ${prefix}/sbin/sshd
        fi"
startupitem.stop \
    "if \[ -r ${prefix}/var/run/sshd.pid \]; then
        kill `cat ${prefix}/var/run/sshd.pid`
        fi"