Skip to content

Instantly share code, notes, and snippets.

@egoexpress

egoexpress/openssh.rb

Created April 4, 2018 20:19
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save egoexpress/098938341e15bfe59ac036a3fdd902b4 to your computer and use it in GitHub Desktop.
Save egoexpress/098938341e15bfe59ac036a3fdd902b4 to your computer and use it in GitHub Desktop.
Download ZIP
Linuxbrew OpenSSH 7.7p1 without Kerberos (krb5)
Raw
openssh.rb
class Openssh < Formula
desc "OpenBSD freely-licensed SSH connectivity tools"
homepage "https://www.openssh.com/"
url "https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.7p1.tar.gz"
mirror "https://mirror.vdms.io/pub/OpenBSD/OpenSSH/portable/openssh-7.7p1.tar.gz"
version "7.7p1"
sha256 "d73be7e684e99efcd024be15a30bffcbe41b012b2f7b3c9084aed621775e6b8f"
bottle do
sha256 "d378e6ea62cc33ab02df2c7394c8b9dc90fa7ab7d0a54a2f5f9a1db4c6f69dd4" => :high_sierra
sha256 "f30f9b4163419d95b59e62dc6b55b956ab0612b49a654ace9fae3f67d18d3198" => :sierra
sha256 "8c163dd34c4fbde8de02c58ccca743966b4f755be40049740f604509d2135a3c" => :el_capitan
sha256 "a4dfb3b6cacda3d3fefa50d56db02199ca56c1f316a198e9bf23303bdb8d9c24" => :x86_64_linux
end
# Please don't resubmit the keychain patch option. It will never be accepted.
# https://github.com/Homebrew/homebrew-dupes/pull/482#issuecomment-118994372
depends_on "openssl"
depends_on "ldns" => :optional
depends_on "pkg-config" => :build if build.with? "ldns"
unless OS.mac?
depends_on "libedit"
depends_on "krb5" => :optional
depends_on "zlib"
depends_on "lsof" => :test
end
# Both these patches are applied by Apple.
patch do
url "https://raw.githubusercontent.com/Homebrew/patches/1860b0a74/openssh/patch-sandbox-darwin.c-apple-sandbox-named-external.diff"
sha256 "d886b98f99fd27e3157b02b5b57f3fb49f43fd33806195970d4567f12be66e71"
end if OS.mac?
patch do
url "https://raw.githubusercontent.com/Homebrew/patches/d8b2d8c2/openssh/patch-sshd.c-apple-sandbox-named-external.diff"
sha256 "3505c58bf1e584c8af92d916fe5f3f1899a6b15cc64a00ddece1dc0874b2f78f"
end if OS.mac?
resource "com.openssh.sshd.sb" do
url "https://opensource.apple.com/source/OpenSSH/OpenSSH-209.50.1/com.openssh.sshd.sb"
sha256 "a273f86360ea5da3910cfa4c118be931d10904267605cdd4b2055ced3a829774"
end
def install
ENV.append "CPPFLAGS", "-D__APPLE_SANDBOX_NAMED_EXTERNAL__" if OS.mac?
# Ensure sandbox profile prefix is correct.
# We introduce this issue with patching, it's not an upstream bug.
inreplace "sandbox-darwin.c", "@PREFIX@/share/openssh", etc/"ssh" if OS.mac?
args = %W[
--with-libedit
--prefix=#{prefix}
--sysconfdir=#{etc}/ssh
--with-ssl-dir=#{Formula["openssl"].opt_prefix}
]
args << "--with-pam" if OS.mac?
args << "--with-privsep-path=#{var}/lib/sshd" unless OS.mac?
args << "--with-ldns" if build.with? "ldns"
args << "--with-kerberos5" if build.with? "krb5"
system "./configure", *args
system "make"
ENV.deparallelize
system "make", "install"
# This was removed by upstream with very little announcement and has
# potential to break scripts, so recreate it for now.
# Debian have done the same thing.
bin.install_symlink bin/"ssh" => "slogin"
buildpath.install resource("com.openssh.sshd.sb")
(etc/"ssh").install "com.openssh.sshd.sb" => "org.openssh.sshd.sb"
end
test do
assert_match "OpenSSH_", shell_output("#{bin}/ssh -V 2>&1")
begin
pid = fork { exec sbin/"sshd", "-D", "-p", "8022" }
sleep 2
assert_match "sshd", shell_output("lsof -i :8022")
ensure
Process.kill(9, pid)
Process.wait(pid)
end
end
end
@egoexpress
Copy link
Author

As the stock formula in Linuxbrew (https://github.com/Linuxbrew/homebrew-core/blob/master/Formula/openssh.rb) contains krb5 support which I a) don't need and b) causes issues when building on CentOS 6, I made it an optional argument which can be switched on when using brew install openssh --with-krb5.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment