86 lines
3.0 KiB
Ruby
86 lines
3.0 KiB
Ruby
class Openssh < Formula
|
|
desc "OpenBSD freely-licensed SSH connectivity tools"
|
|
homepage "https://www.openssh.com/"
|
|
url "https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.3p1.tar.gz"
|
|
mirror "https://mirror.vdms.io/pub/OpenBSD/OpenSSH/portable/openssh-8.3p1.tar.gz"
|
|
version "8.3p1"
|
|
sha256 "f2befbe0472fe7eb75d23340eb17531cb6b3aac24075e2066b41f814e12387b2"
|
|
license "SSH-OpenSSH"
|
|
|
|
livecheck do
|
|
url "https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/"
|
|
regex(/href=.*?openssh[._-]v?(\d+(?:\.\d+)+(?:p\d+)?)\.t/i)
|
|
end
|
|
|
|
bottle do
|
|
sha256 "3f5a9e5b5bbf82235fb47f893b71f514b10adc344c7d3c0f57b3837cfa50458f" => :catalina
|
|
sha256 "d7b58684502abed77b364c5742ea4a1682e29e2df08d86a1ff6f249409e4b085" => :mojave
|
|
sha256 "a096eab677ff45aa7e4e1b7da4f2a0f7ebf34ff579d6bc679858cda8d482b6c8" => :high_sierra
|
|
end
|
|
|
|
# Please don't resubmit the keychain patch option. It will never be accepted.
|
|
# https://archive.is/hSB6d#10%25
|
|
|
|
depends_on "pkg-config" => :build
|
|
depends_on "ldns"
|
|
depends_on "libfido2"
|
|
depends_on "openssl@1.1"
|
|
|
|
resource "com.openssh.sshd.sb" do
|
|
url "https://opensource.apple.com/source/OpenSSH/OpenSSH-209.50.1/com.openssh.sshd.sb"
|
|
sha256 "a273f86360ea5da3910cfa4c118be931d10904267605cdd4b2055ced3a829774"
|
|
end
|
|
|
|
# Both these patches are applied by Apple.
|
|
patch do
|
|
url "https://raw.githubusercontent.com/Homebrew/patches/1860b0a745f1fe726900974845d1b0dd3c3398d6/openssh/patch-sandbox-darwin.c-apple-sandbox-named-external.diff"
|
|
sha256 "d886b98f99fd27e3157b02b5b57f3fb49f43fd33806195970d4567f12be66e71"
|
|
end
|
|
|
|
patch do
|
|
url "https://raw.githubusercontent.com/Homebrew/patches/d8b2d8c2612fd251ac6de17bf0cc5174c3aab94c/openssh/patch-sshd.c-apple-sandbox-named-external.diff"
|
|
sha256 "3505c58bf1e584c8af92d916fe5f3f1899a6b15cc64a00ddece1dc0874b2f78f"
|
|
end
|
|
|
|
def install
|
|
ENV.append "CPPFLAGS", "-D__APPLE_SANDBOX_NAMED_EXTERNAL__"
|
|
|
|
# Ensure sandbox profile prefix is correct.
|
|
# We introduce this issue with patching, it's not an upstream bug.
|
|
inreplace "sandbox-darwin.c", "@PREFIX@/share/openssh", etc/"ssh"
|
|
|
|
args = %W[
|
|
--prefix=#{prefix}
|
|
--sysconfdir=#{etc}/ssh
|
|
--with-ldns
|
|
--with-libedit
|
|
--with-kerberos5
|
|
--with-pam
|
|
--with-ssl-dir=#{Formula["openssl@1.1"].opt_prefix}
|
|
--with-security-key-builtin
|
|
]
|
|
|
|
system "./configure", *args
|
|
system "make"
|
|
ENV.deparallelize
|
|
system "make", "install"
|
|
|
|
# This was removed by upstream with very little announcement and has
|
|
# potential to break scripts, so recreate it for now.
|
|
# Debian have done the same thing.
|
|
bin.install_symlink bin/"ssh" => "slogin"
|
|
|
|
buildpath.install resource("com.openssh.sshd.sb")
|
|
(etc/"ssh").install "com.openssh.sshd.sb" => "org.openssh.sshd.sb"
|
|
end
|
|
|
|
test do
|
|
assert_match "OpenSSH_", shell_output("#{bin}/ssh -V 2>&1")
|
|
|
|
port = free_port
|
|
fork { exec sbin/"sshd", "-D", "-p", port.to_s }
|
|
sleep 2
|
|
assert_match "sshd", shell_output("lsof -i :#{port}")
|
|
end
|
|
end
|