Created
April 4, 2018 20:19
-
-
Save egoexpress/098938341e15bfe59ac036a3fdd902b4 to your computer and use it in GitHub Desktop.
Linuxbrew OpenSSH 7.7p1 without Kerberos (krb5)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class Openssh < Formula | |
desc "OpenBSD freely-licensed SSH connectivity tools" | |
homepage "https://www.openssh.com/" | |
url "https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.7p1.tar.gz" | |
mirror "https://mirror.vdms.io/pub/OpenBSD/OpenSSH/portable/openssh-7.7p1.tar.gz" | |
version "7.7p1" | |
sha256 "d73be7e684e99efcd024be15a30bffcbe41b012b2f7b3c9084aed621775e6b8f" | |
bottle do | |
sha256 "d378e6ea62cc33ab02df2c7394c8b9dc90fa7ab7d0a54a2f5f9a1db4c6f69dd4" => :high_sierra | |
sha256 "f30f9b4163419d95b59e62dc6b55b956ab0612b49a654ace9fae3f67d18d3198" => :sierra | |
sha256 "8c163dd34c4fbde8de02c58ccca743966b4f755be40049740f604509d2135a3c" => :el_capitan | |
sha256 "a4dfb3b6cacda3d3fefa50d56db02199ca56c1f316a198e9bf23303bdb8d9c24" => :x86_64_linux | |
end | |
# Please don't resubmit the keychain patch option. It will never be accepted. | |
# https://github.com/Homebrew/homebrew-dupes/pull/482#issuecomment-118994372 | |
depends_on "openssl" | |
depends_on "ldns" => :optional | |
depends_on "pkg-config" => :build if build.with? "ldns" | |
unless OS.mac? | |
depends_on "libedit" | |
depends_on "krb5" => :optional | |
depends_on "zlib" | |
depends_on "lsof" => :test | |
end | |
# Both these patches are applied by Apple. | |
patch do | |
url "https://raw.githubusercontent.com/Homebrew/patches/1860b0a74/openssh/patch-sandbox-darwin.c-apple-sandbox-named-external.diff" | |
sha256 "d886b98f99fd27e3157b02b5b57f3fb49f43fd33806195970d4567f12be66e71" | |
end if OS.mac? | |
patch do | |
url "https://raw.githubusercontent.com/Homebrew/patches/d8b2d8c2/openssh/patch-sshd.c-apple-sandbox-named-external.diff" | |
sha256 "3505c58bf1e584c8af92d916fe5f3f1899a6b15cc64a00ddece1dc0874b2f78f" | |
end if OS.mac? | |
resource "com.openssh.sshd.sb" do | |
url "https://opensource.apple.com/source/OpenSSH/OpenSSH-209.50.1/com.openssh.sshd.sb" | |
sha256 "a273f86360ea5da3910cfa4c118be931d10904267605cdd4b2055ced3a829774" | |
end | |
def install | |
ENV.append "CPPFLAGS", "-D__APPLE_SANDBOX_NAMED_EXTERNAL__" if OS.mac? | |
# Ensure sandbox profile prefix is correct. | |
# We introduce this issue with patching, it's not an upstream bug. | |
inreplace "sandbox-darwin.c", "@PREFIX@/share/openssh", etc/"ssh" if OS.mac? | |
args = %W[ | |
--with-libedit | |
--prefix=#{prefix} | |
--sysconfdir=#{etc}/ssh | |
--with-ssl-dir=#{Formula["openssl"].opt_prefix} | |
] | |
args << "--with-pam" if OS.mac? | |
args << "--with-privsep-path=#{var}/lib/sshd" unless OS.mac? | |
args << "--with-ldns" if build.with? "ldns" | |
args << "--with-kerberos5" if build.with? "krb5" | |
system "./configure", *args | |
system "make" | |
ENV.deparallelize | |
system "make", "install" | |
# This was removed by upstream with very little announcement and has | |
# potential to break scripts, so recreate it for now. | |
# Debian have done the same thing. | |
bin.install_symlink bin/"ssh" => "slogin" | |
buildpath.install resource("com.openssh.sshd.sb") | |
(etc/"ssh").install "com.openssh.sshd.sb" => "org.openssh.sshd.sb" | |
end | |
test do | |
assert_match "OpenSSH_", shell_output("#{bin}/ssh -V 2>&1") | |
begin | |
pid = fork { exec sbin/"sshd", "-D", "-p", "8022" } | |
sleep 2 | |
assert_match "sshd", shell_output("lsof -i :8022") | |
ensure | |
Process.kill(9, pid) | |
Process.wait(pid) | |
end | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As the stock formula in Linuxbrew (https://github.com/Linuxbrew/homebrew-core/blob/master/Formula/openssh.rb) contains krb5 support which I a) don't need and b) causes issues when building on CentOS 6, I made it an optional argument which can be switched on when using
brew install openssh --with-krb5
.