From c2fbb287f24a85c3ad72681040963b2fff732ae1 Mon Sep 17 00:00:00 2001
From: jc_gargma <jc_gargma@iserlohn-fortress.net>
Date: Sun, 25 Feb 2024 20:59:04 -0800
Subject: Rebuild with license fixes and ldns removed

---
 PKGBUILD         | 57 +++++++++++++++++++++++++++++++++++++++++++-------------
 openssh.tmpfiles |  9 +++++++++
 sshd.conf        |  1 -
 3 files changed, 53 insertions(+), 14 deletions(-)
 create mode 100644 openssh.tmpfiles
 delete mode 100644 sshd.conf

diff --git a/PKGBUILD b/PKGBUILD
index 06f4e6e..391d01a 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -1,4 +1,5 @@
 # Maintainer: jc_gargma <jc_gargma@iserlohn-fortress.net>
+# Maintainer: David Runge <dvzrv@archlinux.org>
 # Maintainer (Arch): Levente Polyak <anthraxx[at]archlinux[dot]org>
 # Maintainer (Arch): Giancarlo Razzolini <grazzolini@archlinux.org>
 # Contributor (Arch): Gaetan Bisson <bisson@archlinux.org>
@@ -11,7 +12,7 @@
 
 pkgname=openssh
 pkgver=9.6p1
-pkgrel=1
+pkgrel=3
 pkgdesc="SSH protocol implementation for remote login, command execution and file transfer"
 arch=(x86_64)
 url='https://www.openssh.com/portable.html'
@@ -19,21 +20,21 @@ license=(
   BSD-2-Clause
   BSD-3-Clause
   ISC
+  LicenseRef-Public-Domain
   MIT
 )
 depends=(
   glibc
-  krb5 libkrb5.so libgssapi_krb5.so
-  ldns
-  libedit
-  libxcrypt libcrypt.so
-  openssl
-  pam libpam.so
-  zlib
 )
 makedepends=(
+  krb5
+  libedit
   libfido2
+  libxcrypt
   linux-headers
+  openssl
+  pam
+  zlib
 )
 optdepends=(
   'libfido2: FIDO/U2F support'
@@ -53,18 +54,18 @@ backup=(
 source=(
   https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$pkgname-$pkgver.tar.gz{,.asc}
   99-archlinux.conf
-  sshd.conf
+  openssh.tmpfiles
   sshd.pam
 )
 sha256sums=('910211c07255a8c5ad654391b40ee59800710dd8119dd5362de09385aa7a777c'
             'SKIP'
             '78b806c38bc1e246daaa941bfe7880e6eb6f53f093bea5d5868525ae6d223d30'
-            '4effac1186cc62617f44385415103021f72f674f8b8e26447fc1139c670090f6'
+            '975904668c3c98fff5dbf840717ae959593fa05e90e215e67bf7ee24369d6369'
             'a979e236681c6a06906937cf0f012e976347af5d6d7e7ae04a11acb01cc2689d')
 b2sums=('dd7f6747fe89f7b386be4faaf7fc43398a9bf439e45608ae61c2126cf8743c64ef7b5af45c75e9007b0bda525f8809261ca0f2fc47ce60177ba769a5324719dd'
         'SKIP'
         '1ff8cd4ae22efed2b4260f1e518de919c4b290be4e0b5edbc8e2225ffe63788678d1961e6f863b85974c4697428ee827bcbabad371cfc91cc8b36eae9402eb97'
-        '27571f728c3c10834a81652f3917188436474b588f8b047462e44b6c7a424f60d06ce8cb74839b691870177d7261592207d7f35d4ae6c79af87d6a7ea156d395'
+        '43bf32158d6b14cf298e5e92a54d93577d6a45b32b3c0fad7a3722e55a53e446fd30df10002bc945c71528904bb397aaadc4f439dd81e5a87263a31b1daa7fc2'
         'a61b50849a4efe66b3341fd312531dde54917cf138ddb458973632de7ff815dddeeff432ff84fb0d63d94a46a331b6bb736ae0e260f8cc7f82beb3c0a9c0d602')
 validpgpkeys=('7168B983815A5EEF59A4ADFD2A3F414E736060BA')  # Damien Miller <djm@mindrot.org>
 # https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc
@@ -80,6 +81,18 @@ prepare() {
   # prepend configuration option to include drop-in configuration files for ssh_config
   printf "# Include drop-in configurations\nInclude /etc/ssh/ssh_config.d/*.conf\n" | cat - ssh_config > ssh_config.tmp
   mv -v ssh_config.tmp ssh_config
+
+  # extract separate licenses
+  sed -n '89,113p' LICENCE > ../rijndael.Public-Domain.txt
+  sed -n '116,145p' LICENCE > ../ssh.BSD-3-Clause.txt
+  sed -n '148,209p' LICENCE > ../BSD-2-Clause.txt
+  sed -n '213,218p' LICENCE > ../snprintf.Public-Domain.txt
+  sed -n '222,258p' LICENCE > ../openbsd-compat.BSD-3-Clause.txt
+  sed -n '260,278p' LICENCE > ../openbsd-compat.ISC.txt
+  sed -n '280,308p' LICENCE > ../openbsd-compat.MIT.txt
+  sed -n '280,308p' LICENCE > ../openbsd-compat.MIT.txt
+  sed -n '310,338p' LICENCE > ../blowfish.BSD-3-Clause.txt
+  sed -n '340,368p' LICENCE > ../replacement.BSD-2-Clause.txt
 }
 
 build() {
@@ -89,7 +102,6 @@ build() {
     --libexecdir=/usr/lib/ssh
     --sysconfdir=/etc/ssh
     --disable-strip
-    --with-ldns
     --with-libedit
     --with-security-key-builtin
     --with-ssl-engine
@@ -121,6 +133,15 @@ check() {
 }
 
 package() {
+  depends+=(
+    krb5 libkrb5.so libgssapi_krb5.so
+    libedit libedit.so
+    libxcrypt libcrypt.so
+    openssl libcrypto.so
+    pam libpam.so
+    zlib libz.so
+  )
+
   cd $pkgname-$pkgver
 
   make DESTDIR="$pkgdir" install
@@ -128,12 +149,22 @@ package() {
   install -vDm 644 ../99-archlinux.conf -t "$pkgdir/etc/ssh/sshd_config.d/"
   install -vdm 755 "$pkgdir/etc/ssh/ssh_config.d"
 
-  ln -sf ssh.1.gz "$pkgdir"/usr/share/man/man1/slogin.1.gz
   install -Dm644 LICENCE -t "$pkgdir/usr/share/licenses/$pkgname/"
+  install -Dm644 ../*.txt -t "$pkgdir/usr/share/licenses/$pkgname/"
 
   install -Dm644 ../sshd.conf -t "$pkgdir"/usr/lib/tmpfiles.d/
   install -Dm644 ../sshd.pam "$pkgdir"/etc/pam.d/sshd
 
+  # factory files
+  install -Dm644 ../sshd.pam "$pkgdir"/usr/share/factory/etc/pam.d/sshd
+  install -Dm644 "$pkgdir/etc/ssh/moduli" -t "$pkgdir"/usr/share/factory/etc/ssh/
+  install -Dm644 "$pkgdir/etc/ssh/ssh_config" -t "$pkgdir"/usr/share/factory/etc/ssh/
+  install -Dm644 "$pkgdir/etc/ssh/sshd_config" -t "$pkgdir"/usr/share/factory/etc/ssh/
+  install -vDm 644 ../99-archlinux.conf -t "$pkgdir/usr/share/factory/etc/ssh/sshd_config.d/"
+
+  install -vDm 644 ../$pkgname.tmpfiles "$pkgdir/usr/lib/tmpfiles.d/$pkgname.conf"
+
+
   install -Dm755 contrib/findssl.sh -t "$pkgdir"/usr/bin/
   install -Dm755 contrib/ssh-copy-id -t "$pkgdir"/usr/bin/
   install -Dm644 contrib/ssh-copy-id.1 -t "$pkgdir"/usr/share/man/man1/
diff --git a/openssh.tmpfiles b/openssh.tmpfiles
new file mode 100644
index 0000000..0bf3870
--- /dev/null
+++ b/openssh.tmpfiles
@@ -0,0 +1,9 @@
+C /etc/pam.d/sshd
+C /etc/ssh/moduli
+C /etc/ssh/ssh_config
+C /etc/ssh/sshd_config
+C /etc/ssh/sshd_config.d/99-archlinux.conf
+
+d /etc/ssh/ssh_config.d
+d /etc/ssh/sshd_config.d
+d /var/empty
diff --git a/sshd.conf b/sshd.conf
deleted file mode 100644
index ca2a393..0000000
--- a/sshd.conf
+++ /dev/null
@@ -1 +0,0 @@
-d /var/empty 0755 root root
-- 
cgit v1.2.1