From e09f8061b78ba4276de1b5f07825b44ac70fda3f Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Mon, 11 Dec 2006 03:24:35 +0000
Subject: [PATCH] * OpenSSH: optionally use PAM. * Some purity fixes in
 OpenSSH: it needs Perl, and we now specify a   location for the empty privsep
 directory.

svn path=/nixpkgs/trunk/; revision=7310
---
 pkgs/tools/networking/openssh/builder.sh  | 13 ------------
 pkgs/tools/networking/openssh/default.nix | 25 +++++++++++++++++++----
 pkgs/top-level/all-packages.nix           |  3 ++-
 3 files changed, 23 insertions(+), 18 deletions(-)
 delete mode 100644 pkgs/tools/networking/openssh/builder.sh

diff --git a/pkgs/tools/networking/openssh/builder.sh b/pkgs/tools/networking/openssh/builder.sh
deleted file mode 100644
index e89334f1c5a..00000000000
--- a/pkgs/tools/networking/openssh/builder.sh
+++ /dev/null
@@ -1,13 +0,0 @@
-source $stdenv/setup
-
-
-if test -n "$xauth"; then
-   configureFlags="--with-xauth=$xauth"
-fi
-
-installPhase() {
-   make install-nokeys
-}
-installPhase=installPhase
-
-genericBuild
diff --git a/pkgs/tools/networking/openssh/default.nix b/pkgs/tools/networking/openssh/default.nix
index 5f53b793afd..7fddc289940 100644
--- a/pkgs/tools/networking/openssh/default.nix
+++ b/pkgs/tools/networking/openssh/default.nix
@@ -1,17 +1,34 @@
-{stdenv, fetchurl, zlib, openssl, xforwarding ? false, xauth ? null}:
+{ stdenv, fetchurl, zlib, openssl, perl
+, pamSupport ? false, pam ? null
+, xforwarding ? false, xauth ? null
+}:
 
+assert pamSupport -> pam != null;
 assert xforwarding -> xauth != null;
  
 stdenv.mkDerivation {
   name = "openssh-3.8.1p1";
  
-  builder = ./builder.sh;
+  #builder = ./builder.sh;
   src = fetchurl {
     url = http://nix.cs.uu.nl/dist/tarballs/openssh-3.8.1p1.tar.gz;
     md5 = "1dbfd40ae683f822ae917eebf171ca42";
   };
  
-  buildInputs = [zlib openssl
-  (if xforwarding then xauth else null)
+  buildInputs = [zlib openssl perl
+    (if pamSupport then pam else null)
+    (if xforwarding then xauth else null)
   ];
+
+  configureFlags = "
+    ${if xforwarding then "--with-xauth=${xauth}/bin/xauth" else ""}
+    ${if pamSupport then "--with-pam" else ""}
+  ";
+
+  preConfigure = "
+    configureFlags=\"$configureFlags --with-privsep-path=$out/empty\"
+    ensureDir $out/empty
+  ";
+
+  installPhase = "make install-nokeys"; # !!! patchelf etc.
 }
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 52c4434fc3a..f28920efe09 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -421,8 +421,9 @@ rec {
   };
 
   openssh = import ../tools/networking/openssh {
-    inherit fetchurl stdenv zlib openssl;
+    inherit fetchurl stdenv zlib openssl pam perl;
     inherit (xlibs) xauth;
+    pamSupport = true;
     xforwarding = true;
   };