# $Id: Portfile,v 1.17 2006/02/17 07:39:34 yeled Exp $

PortSystem 1.0

name            openssh
version         4.3p2
categories      net 
maintainers     yeled@opendarwin.org
description     OpenSSH secure login server
long_description  OpenSSH is a FREE version of the SSH protocol suite of \
          network connectivity tools that increasing numbers of people on the \
          Internet are coming to rely on. Many users of telnet, rlogin, ftp, \
          and other such programs might not realize that their password is \
          transmitted across the Internet unencrypted, but it is. OpenSSH \
          encrypts all traffic (including passwords) to effectively eliminate \
          eavesdropping, connection hijacking, and other network-level \
          attacks. Additionally, OpenSSH provides a myriad of secure \
          tunneling capabilities, as well as a variety of authentication \
          methods. 
homepage        http://www.openssh.com/
platforms       darwin
checksums       sha1 2b5b0751fd578283ba7b106025c0ba391fd72f1f
master_sites    openbsd:OpenSSH/portable \
		ftp://carroll.cac.psu.edu/pub/OpenBSD/OpenSSH/portable/
depends_lib     port:openssl port:zlib

# Specified -fno-builtin because GCC 3.3 has log() as a builtin
# (from math.h) while OpenSSH has its own log() function
# -- from fink.
configure.env CPPFLAGS="-fno-builtin -I${workpath}/include"
configure.args --with-ssl-dir=${prefix} --sysconfdir=${prefix}/etc/ssh \
  --with-privsep-path=${prefix}/var/empty --with-md5-passwords \
  --with-pid-dir=${prefix}/var/run --with-tcp-wrappers \
  --with-pam --disable-suid-ssh --with-random=/dev/urandom \
  --mandir=${prefix}/share/man -with-zlib=${prefix}

destroot.target install-nokeys

post-destroot {
  destroot.keepdirs ${destroot}${prefix}/var/run ${destroot}${prefix}/var/empty
  reinplace "s|#Port 22|Port 2222|g" ${destroot}${prefix}/etc/ssh/sshd_config
}

# For X11 Forwarding
variant  apple-x11 { # set for X11 forwarding
  configure.args-append --with-xauth=/usr/X11R6/bin/xauth
 }

variant kerberos {
  configure.args-append --with-kerberos5=/usr
}

platform darwin {
  # ln -s /usr/include/pam to work/include/security because 'security' was 
  # renamed to 'pam' in OS X.
  pre-configure {
    file mkdir ${workpath}/include
    system "ln -s /usr/include/pam ${workpath}/include/security"
  }
}

platform darwin 8 {
  configure.env-append CC=/usr/bin/gcc-4.0 CPP=/usr/bin/cpp-4.0
}

startupitem.create	yes
startupitem.name	OpenSSH
startupitem.start \
	"if \[ -x ${prefix}/sbin/sshd ]; then
		if \[ ! -f ${prefix}/etc/ssh/ssh_host_key \]; then
			${prefix}/bin/ssh-keygen -t rsa1 -f \\
			${prefix}/etc/ssh/ssh_host_key -N \"\" -C `hostname`
		fi
		if \[ ! -f ${prefix}/etc/ssh/ssh_host_dsa_key \]; then
			${prefix}/bin/ssh-keygen -t dsa -f \\
			${prefix}/etc/ssh/ssh_host_dsa_key -N \"\" -C `hostname`
		fi
		if \[ ! -f ${prefix}/etc/ssh/ssh_host_rsa_key \]; then
			${prefix}/bin/ssh-keygen -t rsa -f \\
			${prefix}/etc/ssh/ssh_host_rsa_key -N \"\" -C `hostname`
		fi
		${prefix}/sbin/sshd
		fi"
startupitem.stop \
	"if \[ -r ${prefix}/var/run/sshd.pid \]; then
		kill `cat ${prefix}/var/run/sshd.pid` && rm ${prefix}/var/run/sshd.pid
		fi"