From 6a7b8e1973d49f3aa84272541bfa1ea6a987dcab Mon Sep 17 00:00:00 2001
From: Juan RP <xtraeme@gmail.com>
Date: Tue, 22 Apr 2014 12:55:59 +0200
Subject: [PATCH] openssh: enable PIE, disable kerberos and pam_cracklib.

---
 srcpkgs/openssh/template | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/srcpkgs/openssh/template b/srcpkgs/openssh/template
index f640c16049b..8a9636044a3 100644
--- a/srcpkgs/openssh/template
+++ b/srcpkgs/openssh/template
@@ -3,15 +3,15 @@ _desc="The OpenSSH implementation of SSH protocol"
 
 pkgname=openssh
 version=6.6p1
-revision=2
+revision=3
 build_style=gnu-configure
 configure_args="--without-tcp-wrappers --datadir=/usr/share/openssh
  --sysconfdir=/etc/ssh --without-selinux --with-privsep-user=nobody
  --with-mantype=man --without-rpath --with-xauth=/usr/bin/xauth
  --with-ssl-engine --disable-strip --with-privsep-path=/var/chroot/ssh
- --with-pid-dir=/run --with-pam --with-kerberos5=${XBPS_CROSS_BASE}/usr LD=$CC"
+ --with-pid-dir=/run --with-pam --with-pie --without-kerberos5 LD=$CC"
 hostmakedepends="perl"
-makedepends="zlib-devel openssl-devel pam-devel mit-krb5-devel"
+makedepends="zlib-devel openssl-devel pam-devel"
 short_desc="${_desc} - client"
 replaces="openssh-client<6.1p1"
 conf_files="/etc/ssh/moduli /etc/ssh/ssh_config"
@@ -34,6 +34,8 @@ post_install() {
 		-e 's|^#\(PrintMotd\) yes|\1 no|g' \
 		${DESTDIR}/etc/ssh/sshd_config
 
+	# Disable pam_cracklib
+	sed '/pam_cracklib.*/d' -i ${DESTDIR}/etc/pam.d/sshd
 	# Enable pam_systemd.so by default.
 	printf "session\trequired\tpam_systemd.so\n" >> \
 		${DESTDIR}/etc/pam.d/sshd