Last active
September 26, 2016 10:12
-
-
Save secwang/c096e53d51c590c03c2c5771dc7da381 to your computer and use it in GitHub Desktop.
Homebrew brew formula for openssh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'formula' | |
| class Openssh < Formula | |
| homepage 'http://openssh.com/portable.html' | |
| # url 'http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-6.5p1.tar.gz' | |
| # mirror 'http://openbsd.mirrors.pair.com/OpenSSH/portable/openssh-6.5p1.tar.gz' | |
| # sha256 'a1195ed55db945252d5a1730d4a2a2a5c1c9a6aa01ef2e5af750a962623d9027' | |
| url 'https://github.com/steakknife/openssh.git', :tag => '6.5p1-with-6.2p2-apple-osx-109-changes-and-disable-missing-openssl-ciphers' | |
| version '6.6p1' | |
| option 'without-pam', 'Build without PAM support' | |
| option 'without-bsm', 'Build without BSM support' | |
| option 'without-keychain-support', 'Build without native OS X Keychain and Launch Daemon support to ssh-agent' | |
| option 'without-gssapi-support', 'Build without support to GSSAPI key exchange' | |
| option 'without-xauth', 'Build without xauth support' | |
| # https://gist.github.com/steakknife/8228264/raw/openssl.rb | |
| depends_on 'openssl' => :recommended | |
| # https://gist.github.com/steakknife/8266132/raw/ldns.rb | |
| unless build.without? 'openssl' | |
| depends_on 'ldns' => [:recommended, 'with-brew-openssl'] # customized ldns formula | |
| else | |
| depends_on 'ldns' => :recommended | |
| end | |
| def install | |
| ENV.deparallelize | |
| unless build.without? 'launchd' | |
| ENV.append 'CPPFLAGS', '-D__APPLE_LAUNCHD__' | |
| end | |
| unless build.without? 'gssapi-support' | |
| ENV.append 'CPPFLAGS', '-D_UTMPX_COMPAT -D__APPLE_MEMBERSHIP__ -D__APPLE_XSAN__' | |
| ENV.append 'CPPFLAGS', '-F/System/Library/Frameworks/DirectoryService.framework' | |
| ENV.append 'LDFLAGS', '-framework DirectoryService' | |
| end | |
| args = [] | |
| args << "--prefix=#{prefix}" | |
| args << "--sysconfdir=#{etc}/ssh" | |
| args << '--with-4in6' | |
| args << '--with-kerberos5' | |
| args << '--with-gssapi-support' | |
| args << '--with-libedit' | |
| args << '--with-md5-passwords' | |
| args << '--with-privsep-user=_sshd' << '--with-privsep-path=/var/empty' | |
| args << '--disable-utmp' << '--disable-wtmp' | |
| args << '--with-keychain=apple' unless build.without? 'keychain-support' | |
| args << ((! build.without? 'xauth') ? '--with-xauth' : '--without-xauth') | |
| args << "--with-ssl-dir=#{Formula.factory('openssl').opt_prefix}" unless build.without? 'openssl' | |
| args << "--with-ldns=#{Formula.factory('ldns').opt_prefix}" unless build.without? 'ldns' | |
| args << ((! build.without? 'pam') ? '--with-pam' : '--without-pam') | |
| args << '--with-audit=bsm' unless build.without? 'bsm' | |
| args << ((! build.without?('kerberos5') && build.without?('gssapi-support')) ? '--with-kerberos5' : '--without-kerberos5') | |
| system "./configure", *args | |
| system "make", "install" | |
| end | |
| def caveats | |
| unless build.without? 'keychain-support' | |
| <<-EOS.undent | |
| For complete functionality, please modify: | |
| /System/Library/LaunchAgents/org.openbsd.ssh-agent.plist | |
| and change ProgramArugments from | |
| /usr/bin/ssh-agent | |
| to | |
| #{HOMEBREW_PREFIX}/bin/ssh-agent | |
| After that, you can start storing private key passwords in | |
| your OS X Keychain. | |
| EOS | |
| end | |
| end | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment