Split openssh and make listeners

50 files changed, 134 insertions, 0 deletions

diff --git a/data/openssh/_metadata/depiction b/data/_openssh/_metadata/depiction
index 6d11dd20b..6d11dd20b 100644
--- a/data/openssh/_metadata/depiction
+++ b/data/_openssh/_metadata/depiction
diff --git a/data/openssh/_metadata/description b/data/_openssh/_metadata/description
index 8112506c5..8112506c5 100644
--- a/data/openssh/_metadata/description
+++ b/data/_openssh/_metadata/description
diff --git a/data/openssh/_metadata/in.1200.00 b/data/_openssh/_metadata/in.1200.00
index e69de29bb..e69de29bb 100644
--- a/data/openssh/_metadata/in.1200.00
+++ b/data/_openssh/_metadata/in.1200.00
diff --git a/data/openssh/_metadata/in.1443.00 b/data/_openssh/_metadata/in.1443.00
index e69de29bb..e69de29bb 100644
--- a/data/openssh/_metadata/in.1443.00
+++ b/data/_openssh/_metadata/in.1443.00
diff --git a/data/openssh/_metadata/in.550.58 b/data/_openssh/_metadata/in.550.58
index e69de29bb..e69de29bb 100644
--- a/data/openssh/_metadata/in.550.58
+++ b/data/_openssh/_metadata/in.550.58
diff --git a/data/openssh/_metadata/libssl1.1.1.dep b/data/_openssh/_metadata/libssl1.1.1.dep
index 254747b12..254747b12 120000
--- a/data/openssh/_metadata/libssl1.1.1.dep
+++ b/data/_openssh/_metadata/libssl1.1.1.dep
diff --git a/data/openssh/_metadata/license b/data/_openssh/_metadata/license
index 3964b1d77..3964b1d77 100644
--- a/data/openssh/_metadata/license
+++ b/data/_openssh/_metadata/license
diff --git a/data/openssh/_metadata/maintainer b/data/_openssh/_metadata/maintainer
index 573d7ebef..573d7ebef 120000
--- a/data/openssh/_metadata/maintainer
+++ b/data/_openssh/_metadata/maintainer
diff --git a/data/openssh/_metadata/name b/data/_openssh/_metadata/name
index 721aee556..721aee556 100644
--- a/data/openssh/_metadata/name
+++ b/data/_openssh/_metadata/name
diff --git a/data/_openssh/_metadata/openssh-client/breaks b/data/_openssh/_metadata/openssh-client/breaks
new file mode 100644
index 000000000..7437a6f3d
--- /dev/null
+++ b/data/_openssh/_metadata/openssh-client/breaks
@@ -0,0 +1 @@
+openssh (<= 8.4-1)
diff --git a/data/_openssh/_metadata/openssh-client/description b/data/_openssh/_metadata/openssh-client/description
new file mode 100644
index 000000000..025130bda
--- /dev/null
+++ b/data/_openssh/_metadata/openssh-client/description
@@ -0,0 +1,8 @@
+secure shell (SSH) client, for secure access to remote machines
+This is the portable version of OpenSSH, a free implementation of the Secure Shell protocol as specified by the IETF secsh working group.
+.
+Ssh (Secure Shell) is a program for logging into a remote machine and for executing commands on a remote machine.  It provides secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel.  It can be used to provide applications with a secure communication channel.
+.
+This package provides the client binaries.
+.
+In some countries it may be illegal to use any encryption at all without a special permit.
diff --git a/data/_openssh/_metadata/openssh-client/name b/data/_openssh/_metadata/openssh-client/name
new file mode 100644
index 000000000..6d03a7b74
--- /dev/null
+++ b/data/_openssh/_metadata/openssh-client/name
@@ -0,0 +1 @@
+OpenSSH Clients
diff --git a/data/_openssh/_metadata/openssh-global-listener/breaks b/data/_openssh/_metadata/openssh-global-listener/breaks
new file mode 100644
index 000000000..7437a6f3d
--- /dev/null
+++ b/data/_openssh/_metadata/openssh-global-listener/breaks
@@ -0,0 +1 @@
+openssh (<= 8.4-1)
diff --git a/data/_openssh/_metadata/openssh-global-listener/depends b/data/_openssh/_metadata/openssh-global-listener/depends
new file mode 100644
index 000000000..9ceb541c6
--- /dev/null
+++ b/data/_openssh/_metadata/openssh-global-listener/depends
@@ -0,0 +1 @@
+openssh-server (>= %MYVERSION%)
diff --git a/data/_openssh/_metadata/openssh-global-listener/description b/data/_openssh/_metadata/openssh-global-listener/description
new file mode 100644
index 000000000..833ed8f3c
--- /dev/null
+++ b/data/_openssh/_metadata/openssh-global-listener/description
@@ -0,0 +1,8 @@
+secure shell (SSH) server, for secure access from remote machines
+This is the portable version of OpenSSH, a free implementation of the Secure Shell protocol as specified by the IETF secsh working group.
+.
+Ssh (Secure Shell) is a program for logging into a remote machine and for executing commands on a remote machine.  It provides secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel.  It can be used to provide applications with a secure communication channel.
+.
+This package provides a global listener on port 22.
+.
+In some countries it may be illegal to use any encryption at all without a special permit.
diff --git a/data/openssh/_metadata/extrainst_ b/data/_openssh/_metadata/openssh-global-listener/extrainst_
index 007af8999..007af8999 100755
--- a/data/openssh/_metadata/extrainst_
+++ b/data/_openssh/_metadata/openssh-global-listener/extrainst_
diff --git a/data/_openssh/_metadata/openssh-global-listener/name b/data/_openssh/_metadata/openssh-global-listener/name
new file mode 100644
index 000000000..3deddc21f
--- /dev/null
+++ b/data/_openssh/_metadata/openssh-global-listener/name
@@ -0,0 +1 @@
+OpenSSH Global Listener
diff --git a/data/openssh/_metadata/prerm b/data/_openssh/_metadata/openssh-global-listener/prerm
index 71be0c498..71be0c498 100755
--- a/data/openssh/_metadata/prerm
+++ b/data/_openssh/_metadata/openssh-global-listener/prerm
diff --git a/data/_openssh/_metadata/openssh-local-listener/depends b/data/_openssh/_metadata/openssh-local-listener/depends
new file mode 100644
index 000000000..9ceb541c6
--- /dev/null
+++ b/data/_openssh/_metadata/openssh-local-listener/depends
@@ -0,0 +1 @@
+openssh-server (>= %MYVERSION%)
diff --git a/data/_openssh/_metadata/openssh-local-listener/description b/data/_openssh/_metadata/openssh-local-listener/description
new file mode 100644
index 000000000..555730edf
--- /dev/null
+++ b/data/_openssh/_metadata/openssh-local-listener/description
@@ -0,0 +1,8 @@
+secure shell (SSH) server, for secure access from remote machines
+This is the portable version of OpenSSH, a free implementation of the Secure Shell protocol as specified by the IETF secsh working group.
+.
+Ssh (Secure Shell) is a program for logging into a remote machine and for executing commands on a remote machine.  It provides secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel.  It can be used to provide applications with a secure communication channel.
+.
+This package provides a listener for only localhost on port 22.
+.
+In some countries it may be illegal to use any encryption at all without a special permit.
diff --git a/data/_openssh/_metadata/openssh-local-listener/extrainst_ b/data/_openssh/_metadata/openssh-local-listener/extrainst_
new file mode 100755
index 000000000..a90ba8854
--- /dev/null
+++ b/data/_openssh/_metadata/openssh-local-listener/extrainst_
@@ -0,0 +1,12 @@
+#!/bin/sh
+
+if [[ $1 == upgrade ]]; then
+    /bin/launchctl unload /Library/LaunchDaemons/com.openssh.sshd-localhost.plist
+    /bin/launchctl load /Library/LaunchDaemons/com.openssh.sshd-localhost.plist
+fi
+
+if [[ $1 == install ]]; then
+    /bin/launchctl load -w /Library/LaunchDaemons/com.openssh.sshd-localhost.plist
+fi
+
+exit 0
diff --git a/data/_openssh/_metadata/openssh-local-listener/name b/data/_openssh/_metadata/openssh-local-listener/name
new file mode 100644
index 000000000..23d81c442
--- /dev/null
+++ b/data/_openssh/_metadata/openssh-local-listener/name
@@ -0,0 +1 @@
+OpenSSH Localhost Listener
diff --git a/data/_openssh/_metadata/openssh-local-listener/prerm b/data/_openssh/_metadata/openssh-local-listener/prerm
new file mode 100755
index 000000000..7d5a11e55
--- /dev/null
+++ b/data/_openssh/_metadata/openssh-local-listener/prerm
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+if [[ $1 == remove || $1 == purge ]]; then
+    /bin/launchctl unload /Library/LaunchDaemons/com.openssh.sshd-localhost.plist
+fi
+
+exit 0
diff --git a/data/_openssh/_metadata/openssh-server/breaks b/data/_openssh/_metadata/openssh-server/breaks
new file mode 100644
index 000000000..7437a6f3d
--- /dev/null
+++ b/data/_openssh/_metadata/openssh-server/breaks
@@ -0,0 +1 @@
+openssh (<= 8.4-1)
diff --git a/data/_openssh/_metadata/openssh-server/depends b/data/_openssh/_metadata/openssh-server/depends
new file mode 100644
index 000000000..22aeda7ea
--- /dev/null
+++ b/data/_openssh/_metadata/openssh-server/depends
@@ -0,0 +1 @@
+openssh-client (>= %MYVERSION%)
diff --git a/data/_openssh/_metadata/openssh-server/description b/data/_openssh/_metadata/openssh-server/description
new file mode 100644
index 000000000..3f610cca2
--- /dev/null
+++ b/data/_openssh/_metadata/openssh-server/description
@@ -0,0 +1,8 @@
+secure shell (SSH) server, for secure access from remote machines
+This is the portable version of OpenSSH, a free implementation of the Secure Shell protocol as specified by the IETF secsh working group.
+.
+Ssh (Secure Shell) is a program for logging into a remote machine and for executing commands on a remote machine.  It provides secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel.  It can be used to provide applications with a secure communication channel.
+.
+This package provides the sshd server.
+.
+In some countries it may be illegal to use any encryption at all without a special permit.
diff --git a/data/_openssh/_metadata/openssh-server/name b/data/_openssh/_metadata/openssh-server/name
new file mode 100644
index 000000000..1f0d9f0e6
--- /dev/null
+++ b/data/_openssh/_metadata/openssh-server/name
@@ -0,0 +1 @@
+OpenSSH Server Binaries
diff --git a/data/_openssh/_metadata/openssh/depends b/data/_openssh/_metadata/openssh/depends
new file mode 100644
index 000000000..eca877aaa
--- /dev/null
+++ b/data/_openssh/_metadata/openssh/depends
@@ -0,0 +1 @@
+openssh-server, openssh-client, openssh-global-listener
diff --git a/data/_openssh/_metadata/openssh/description b/data/_openssh/_metadata/openssh/description
new file mode 100644
index 000000000..3f610cca2
--- /dev/null
+++ b/data/_openssh/_metadata/openssh/description
@@ -0,0 +1,8 @@
+secure shell (SSH) server, for secure access from remote machines
+This is the portable version of OpenSSH, a free implementation of the Secure Shell protocol as specified by the IETF secsh working group.
+.
+Ssh (Secure Shell) is a program for logging into a remote machine and for executing commands on a remote machine.  It provides secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel.  It can be used to provide applications with a secure communication channel.
+.
+This package provides the sshd server.
+.
+In some countries it may be illegal to use any encryption at all without a special permit.
diff --git a/data/openssh/_metadata/priority b/data/_openssh/_metadata/priority
index ea5b3d7ee..ea5b3d7ee 100644
--- a/data/openssh/_metadata/priority
+++ b/data/_openssh/_metadata/priority
diff --git a/data/openssh/_metadata/role b/data/_openssh/_metadata/role
index 762113e87..762113e87 100644
--- a/data/openssh/_metadata/role
+++ b/data/_openssh/_metadata/role
diff --git a/data/openssh/_metadata/section b/data/_openssh/_metadata/section
index 8708e4b54..8708e4b54 100644
--- a/data/openssh/_metadata/section
+++ b/data/_openssh/_metadata/section
diff --git a/data/openssh/_metadata/tags b/data/_openssh/_metadata/tags
index 6297beb06..6297beb06 100644
--- a/data/openssh/_metadata/tags
+++ b/data/_openssh/_metadata/tags
diff --git a/data/openssh/_metadata/version b/data/_openssh/_metadata/version
index c9dc04908..c9dc04908 100644
--- a/data/openssh/_metadata/version
+++ b/data/_openssh/_metadata/version
diff --git a/data/_openssh/com.openssh.sshd-localhost.plist b/data/_openssh/com.openssh.sshd-localhost.plist
new file mode 100644
index 000000000..a4aa4ab94
--- /dev/null
+++ b/data/_openssh/com.openssh.sshd-localhost.plist
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+	<dict>
+		<key>Label</key>
+		<string>com.openssh.sshd-localhost</string>
+
+		<key>Program</key>
+		<string>/bin/sh</string>
+
+		<key>ProgramArguments</key>
+		<array>
+			<string>/bin/sh</string>
+			<string>/usr/libexec/sshd-keygen-wrapper</string>
+			<string>-i</string>
+		</array>
+
+		<key>SessionCreate</key>
+		<true/>
+
+		<key>Sockets</key>
+		<dict>
+			<key>SSHV6Listener</key>
+			<dict>
+				<key>SockNodeName</key>
+				<string>::1</string>
+				<key>SockServiceName</key>
+				<string>ssh</string>
+			</dict>
+			<key>SSHV4Listener</key>
+			<dict>
+				<key>SockNodeName</key>
+				<string>127.0.0.1</string>
+				<key>SockServiceName</key>
+				<string>ssh</string>
+			</dict>
+		</dict>
+
+		<key>StandardErrorPath</key>
+		<string>/dev/null</string>
+
+		<key>inetdCompatibility</key>
+		<dict>
+			<key>Wait</key>
+			<false/>
+		</dict>
+		<key>ExecuteAllowed</key>
+		<true/>
+	</dict>
+
+</plist>
diff --git a/data/openssh/com.openssh.sshd.plist b/data/_openssh/com.openssh.sshd.plist
index 450056bd6..450056bd6 100644
--- a/data/openssh/com.openssh.sshd.plist
+++ b/data/_openssh/com.openssh.sshd.plist
diff --git a/data/openssh/dirent.diff b/data/_openssh/dirent.diff
index 2d5238250..2d5238250 100644
--- a/data/openssh/dirent.diff
+++ b/data/_openssh/dirent.diff
diff --git a/data/openssh/install.diff b/data/_openssh/install.diff
index 88866e26b..88866e26b 100644
--- a/data/openssh/install.diff
+++ b/data/_openssh/install.diff
diff --git a/data/openssh/make.sh b/data/_openssh/make.sh
index 4896d9037..cef4f65e0 100644
--- a/data/openssh/make.sh
+++ b/data/_openssh/make.sh
@@ -6,4 +6,6 @@ pkg:install INSTALL_SSH_RAND_HELPER=yes
 pkg: cp -a %/sshd-keygen-wrapper /usr/libexec
 pkg: mkdir -p /Library/LaunchDaemons
 pkg: cp -a %/com.openssh.sshd.plist /Library/LaunchDaemons
+pkg: cp -a %/com.openssh.sshd-localhost.plist /Library/LaunchDaemons
 pkg: cp -af %/ssh{d,}_config /etc/ssh
+subpkg:stage
diff --git a/data/openssh/openssh-8.4p1.tar.gz b/data/_openssh/openssh-8.4p1.tar.gz
index ec913a33a..ec913a33a 100644
--- a/data/openssh/openssh-8.4p1.tar.gz
+++ b/data/_openssh/openssh-8.4p1.tar.gz
diff --git a/data/_openssh/openssh-client.install b/data/_openssh/openssh-client.install
new file mode 100644
index 000000000..9ded1dd17
--- /dev/null
+++ b/data/_openssh/openssh-client.install
@@ -0,0 +1,5 @@
+/etc/ssh/moduli
+/etc/ssh/ssh_config
+/usr/bin/*
+/usr/libexec/ssh-*
+/var/empty
diff --git a/data/_openssh/openssh-global-listener.install b/data/_openssh/openssh-global-listener.install
new file mode 100644
index 000000000..e592d2999
--- /dev/null
+++ b/data/_openssh/openssh-global-listener.install
@@ -0,0 +1 @@
+/Library/LaunchDaemons/com.openssh.sshd.plist
diff --git a/data/_openssh/openssh-local-listener.install b/data/_openssh/openssh-local-listener.install
new file mode 100644
index 000000000..2d7c6e206
--- /dev/null
+++ b/data/_openssh/openssh-local-listener.install
@@ -0,0 +1 @@
+/Library/LaunchDaemons/com.openssh.sshd-localhost.plist
diff --git a/data/_openssh/openssh-server.install b/data/_openssh/openssh-server.install
new file mode 100644
index 000000000..af73dc21f
--- /dev/null
+++ b/data/_openssh/openssh-server.install
@@ -0,0 +1,4 @@
+/etc/ssh/sshd_config
+/usr/libexec/sftp-server
+/usr/libexec/sshd-keygen-wrapper
+/usr/sbin/sshd
diff --git a/data/_openssh/openssh.install b/data/_openssh/openssh.install
new file mode 100644
index 000000000..e69de29bb
--- /dev/null
+++ b/data/_openssh/openssh.install
diff --git a/data/openssh/privsep.diff b/data/_openssh/privsep.diff
index 1ded9e741..1ded9e741 100644
--- a/data/openssh/privsep.diff
+++ b/data/_openssh/privsep.diff
diff --git a/data/openssh/ssh_config b/data/_openssh/ssh_config
index 2f22fc980..2f22fc980 100644
--- a/data/openssh/ssh_config
+++ b/data/_openssh/ssh_config
diff --git a/data/openssh/sshd-keygen-wrapper b/data/_openssh/sshd-keygen-wrapper
index 07f2631e3..07f2631e3 100755
--- a/data/openssh/sshd-keygen-wrapper
+++ b/data/_openssh/sshd-keygen-wrapper
diff --git a/data/openssh/sshd_config b/data/_openssh/sshd_config
index 7276adf09..7276adf09 100644
--- a/data/openssh/sshd_config
+++ b/data/_openssh/sshd_config
diff --git a/data/openssh/utmp.diff b/data/_openssh/utmp.diff
index 6a5cf8617..6a5cf8617 100644
--- a/data/openssh/utmp.diff
+++ b/data/_openssh/utmp.diff