Date: Thu, 6 Jul 2017 01:53:11 +0000 (UTC) From: Jason Unovitch <junovitch@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r445122 - branches/2017Q3/security/dropbear Message-ID: <201707060153.v661rBA7027105@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: junovitch Date: Thu Jul 6 01:53:11 2017 New Revision: 445122 URL: https://svnweb.freebsd.org/changeset/ports/445122 Log: MFH: r444987 Updated to 2017.75 Changelog: https://matt.ucc.asn.au/dropbear/CHANGES PR: 220158 Submitted by: Piotr Kubaj <pkubaj@anongoth.pl> (maintainer) Reviewed by: lifanov (mentor) Approved by: ports-secteam (with hat), lifanov (mentor) Security: http://www.vuxml.org/freebsd/60931f98-55a7-11e7-8514-589cfc0654e1.html Differential Revision: https://reviews.freebsd.org/D11400 Modified: branches/2017Q3/security/dropbear/Makefile branches/2017Q3/security/dropbear/distinfo Directory Properties: branches/2017Q3/ (props changed) Modified: branches/2017Q3/security/dropbear/Makefile ============================================================================== --- branches/2017Q3/security/dropbear/Makefile Thu Jul 6 01:51:32 2017 (r445121) +++ branches/2017Q3/security/dropbear/Makefile Thu Jul 6 01:53:11 2017 (r445122) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= dropbear -PORTVERSION= 2016.74 +PORTVERSION= 2017.75 CATEGORIES= security ipv6 MASTER_SITES= http://matt.ucc.asn.au/dropbear/releases/ @@ -19,8 +19,39 @@ CPE_PRODUCT= dropbear_ssh_server USE_RC_SUBR= ${PORTNAME} -OPTIONS_DEFINE= STATIC +OPTIONS_DEFINE= DH_GROUP1 SMALL_CODE STATIC +OPTIONS_DEFAULT= AES128 AES256 CTR RSA SHA2_256 SHA2_512 SMALL_CODE TWOFISH128 TWOFISH256 +OPTIONS_MULTI= ENC KEY MAC MODE +OPTIONS_MULTI_ENC= AES128 3DES AES256 BLOWFISH TWOFISH256 TWOFISH128 +OPTIONS_MULTI_MODE= CBC CTR +OPTIONS_MULTI_KEY= ECDSA DSA RSA +OPTIONS_MULTI_MAC= MD5 SHA1 SHA1_96 SHA2_256 SHA2_512 +3DES_DESC= Enable 3DES-based encryption +3DES_IMPLIES= CTR +AES128_DESC= Enable AES128-based encryption +AES256_DESC= Enable AES256-based encryption +TWOFISH128_DESC= Enable Twofish128-based encryption +TWOFISH256_DESC= Enable Twofish256-based encryption +BLOWFISH_DESC= Enable Blowfish-based encryption + +DH_GROUP1_DESC= Enable Group1 Diffie-Hellman (less secure) + +CBC_DESC= Use CBC mode for ciphers (less secure) +CTR_DESC= Use CTR mode for ciphers (more secure) + +ECDSA_DESC= Enable ECDSA public key support +DSA_DESC= Enable DSA public key support +RSA_DESC= Enable RSA public key support + +MD5_DESC= Enable MD5 MAC (broken) +SHA1_DESC= Enable SHA1 MAC (less secure) +SHA1_96_DESC= Enable SHA1_96 MAC (less secure) +SHA2_256_DESC= Enable SHA2_256 MAC +SHA2_512_DESC= Enable SHA2_512 MAC + +SMALL_CODE_DESC= Make binary smaller in exchange for 50% performance hit + STATIC_LDFLAGS= -static post-patch: @@ -29,6 +60,78 @@ post-patch: @${REINPLACE_CMD} -e "s,sys/dir.h,dirent.h," ${WRKSRC}/*.[ch] @${REINPLACE_CMD} -e "s,make clean,\$${MAKE} clean," \ ${WRKSRC}/libtomcrypt/Makefile.in + +post-patch-SMALL_CODE-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_SMALL_CODE/d" \ + ${WRKSRC}/options.h + +post-patch-3DES-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_3DES/d" \ + ${WRKSRC}/options.h + +post-patch-AES128-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_AES128/d" \ + ${WRKSRC}/options.h + +post-patch-AES256-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_AES256/d" \ + ${WRKSRC}/options.h + +post-patch-TWOFISH256-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_TWOFISH256/d" \ + ${WRKSRC}/options.h + +post-patch-TWOFISH128-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_TWOFISH128/d" \ + ${WRKSRC}/options.h + +post-patch-BLOWFISH-on: + @${REINPLACE_CMD} -e "s,/\*#define DROPBEAR_BLOWFISH\*/,#define DROPBEAR_BLOWFISH,g" \ + ${WRKSRC}/options.h + +post-patch-CBC-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_ENABLE_CBC_MODE/d" \ + ${WRKSRC}/options.h + +post-patch-CTR-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_ENABLE_CTR_MODE/d" \ + ${WRKSRC}/options.h + +post-patch-DH_GROUP1-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_DH_GROUP1 1/d" \ + ${WRKSRC}/options.h + +post-patch-DSA-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_DSS/d" \ + ${WRKSRC}/options.h + +post-patch-RSA-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_RSA/d" \ + ${WRKSRC}/options.h + +post-patch-ECDSA-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_ECDSA/d" \ + ${WRKSRC}/options.h + +post-patch-MD5-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_MD5_HMAC/d" \ + ${WRKSRC}/options.h + +post-patch-SHA1-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_SHA1_HMAC/d" \ + ${WRKSRC}/options.h + +post-patch-SHA1_96-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_SHA1_96_HMAC/d" \ + ${WRKSRC}/options.h + +post-patch-SHA2_256-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_SHA2_256_HMAC/d" \ + ${WRKSRC}/options.h + +post-patch-SHA2_512-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_SHA2_512_HMAC/d" \ + ${WRKSRC}/options.h do-install: @${MKDIR} ${STAGEDIR}${PREFIX}/etc/dropbear Modified: branches/2017Q3/security/dropbear/distinfo ============================================================================== --- branches/2017Q3/security/dropbear/distinfo Thu Jul 6 01:51:32 2017 (r445121) +++ branches/2017Q3/security/dropbear/distinfo Thu Jul 6 01:53:11 2017 (r445122) @@ -1,3 +1,3 @@ -TIMESTAMP = 1469201269 -SHA256 (dropbear-2016.74.tar.bz2) = 2720ea54ed009af812701bcc290a2a601d5c107d12993e5d92c0f5f81f718891 -SIZE (dropbear-2016.74.tar.bz2) = 1622234 +TIMESTAMP = 1497947793 +SHA256 (dropbear-2017.75.tar.bz2) = 6cbc1dcb1c9709d226dff669e5604172a18cf5dbf9a201474d5618ae4465098c +SIZE (dropbear-2017.75.tar.bz2) = 1623392
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201707060153.v661rBA7027105>