MFH: r540716 r540718 r540719

security/putty*: upgrade to 0.74 security fix release

Changelog:
https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html

among them are these two---and more bugfixes beyond not listed here:

  * Security fix: if an SSH server accepted an offer of a public key
    and then rejected the signature, PuTTY could access freed memory,
    if the key had come from an SSH agent.

  * Security feature: new config option to disable PuTTY's dynamic
    host key preference policy, if you prefer to avoid giving away
    to eavesdroppers which hosts you have stored keys for.

Security:       6190c0cd-b945-11ea-9401-2dcf562daa69
Security:       CVE-2020-14002
Security:       FZI-2020-5

security/putty*: rename and update LICENCE from tarball.

Approved by:	ports-secteam (joneum@) [540716]
Approved by:	ports-secteam (blanket, metadata update) [540718, 540719]

4 files changed, 77 insertions, 43 deletions

diff --git a/security/putty/Makefile b/security/putty/Makefile
index aee477d1cd10..b948360eb805 100644
--- a/security/putty/Makefile
+++ b/security/putty/Makefile
@@ -1,7 +1,8 @@
 # $FreeBSD$
 
 PORTNAME=	putty
-PORTVERSION=	0.73
+PORTVERSION=	0.74
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	http://the.earth.li/~sgtatham/putty/${PORTVERSION}/ \
 		ftp://ftp.chiark.greenend.org.uk/users/sgtatham/putty-latest/
@@ -11,30 +12,37 @@ COMMENT=	Secure shell and telnet client
 # test plan: test ALL 4 GSSAPI_* options, ALL 3 GTK options, WITH_DEBUG=yes build.
 
 LICENSE=	MIT
-LICENSE_FILE=	${FILESDIR}/LICENSE
+LICENSE_FILE=	${FILESDIR}/LICENCE
 
 USES=		cpe gmake pkgconfig
+CPE_VENDOR=	simon_tatham
 
-WRKSRC=		${WRKDIR}/${DISTNAME}/unix
-PATCH_WRKSRC=	${WRKDIR}/${DISTNAME}
 MAKEFILE=	Makefile.gtk
 
-CPE_VENDOR=	simon_tatham
-
-PLIST_FILES=	bin/plink bin/pscp bin/psftp bin/puttygen
-PLIST_FILES+=	man/man1/plink.1.gz man/man1/pscp.1.gz man/man1/psftp.1.gz man/man1/puttygen.1.gz
+CONFLICTS_INSTALL?=	pssh-[0-9]* putty-gtk2-[0-9]* putty-nogtk-[0-9]*
 
-OPTIONS_RADIO=		TOOLKIT
-OPTIONS_RADIO_TOOLKIT=	GTK2 GTK3
-OPTIONS_DEFAULT=GSSAPI_BASE GTK3
-OPTIONS_SINGLE=	GSSAPI_SELECT
-OPTIONS_SINGLE_GSSAPI_SELECT=	GSSAPI_NONE GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT
+PATCH_WRKSRC=	${WRKDIR}/${DISTNAME}
+WRKSRC=		${WRKDIR}/${DISTNAME}/unix
 
-CONFLICTS_INSTALL?=	pssh-[0-9]* putty-gtk2-[0-9]* putty-nogtk-[0-9]*
+PLIST_FILES=	bin/plink \
+		bin/pscp \
+		bin/psftp \
+		bin/puttygen \
+		man/man1/plink.1.gz \
+		man/man1/pscp.1.gz \
+		man/man1/psftp.1.gz \
+		man/man1/puttygen.1.gz
+
+OPTIONS_DEFAULT=		GSSAPI_BASE GTK3
+OPTIONS_RADIO=			TOOLKIT
+OPTIONS_RADIO_TOOLKIT=		GTK2 GTK3
+OPTIONS_SINGLE=			GSSAPI_SELECT
+OPTIONS_SINGLE_GSSAPI_SELECT=	GSSAPI_NONE GSSAPI_BASE GSSAPI_HEIMDAL \
+				GSSAPI_MIT
 
 .include <bsd.port.options.mk>
 
-CFLAGS+=	-DBSD_PTYS -DOMIT_UTMP -DIPV6 -DHAVE_FUTIMES
+CFLAGS+=	-DBSD_PTYS -DHAVE_FUTIMES -DIPV6 -DOMIT_UTMP
 LDFLAGS+=	-Wl,--as-needed
 
 .if (${PORT_OPTIONS:MGTK2} || ${PORT_OPTIONS:MGTK3}) && !defined(WITHOUT_X11)
@@ -43,23 +51,31 @@ USE_XORG=	x11
 .if ${PORT_OPTIONS:MGTK2}
 USES+=		gnome
 USE_GNOME=	cairo gdkpixbuf2 gtk20
-MAKE_ARGS+=	PUTTY_WITH_GTK=yes GTK_CONFIG="pkg-config gtk+-2.0 x11 --cflags"
+MAKE_ARGS+=	GTK_CONFIG="pkg-config gtk+-2.0 x11 --cflags" \
+		PUTTY_WITH_GTK=yes
 .endif
 .if ${PORT_OPTIONS:MGTK3}
 USES+=		gnome
 USE_GNOME=	cairo gdkpixbuf2 gtk30
-MAKE_ARGS+=	PUTTY_WITH_GTK=yes GTK_CONFIG="pkg-config gtk+-3.0 x11 --cflags"
+MAKE_ARGS+=	GTK_CONFIG="pkg-config gtk+-3.0 x11 --cflags" \
+		PUTTY_WITH_GTK=yes
 .endif
 
-PLIST_FILES+=	bin/pageant bin/pterm bin/putty bin/puttytel
-PLIST_FILES+=	man/man1/pageant.1.gz man/man1/pterm.1.gz man/man1/putty.1.gz man/man1/puttytel.1.gz
-PLIST_FILES+=	share/pixmaps/putty.ico
-DESKTOP_ENTRIES="PuTTY" \
-		"${COMMENT}" \
-		"${PREFIX}/share/pixmaps/${PORTNAME}.ico" \
-		"${PORTNAME}" \
-		"" \
-		false
+PLIST_FILES+=	bin/pageant \
+		bin/pterm \
+		bin/putty \
+		bin/puttytel \
+		man/man1/pageant.1.gz \
+		man/man1/pterm.1.gz \
+		man/man1/putty.1.gz \
+		man/man1/puttytel.1.gz \
+		share/pixmaps/putty.ico
+DESKTOP_ENTRIES=	"PuTTY" \
+			"${COMMENT}" \
+			"${PREFIX}/share/pixmaps/${PORTNAME}.ico" \
+			"${PORTNAME}" \
+			"" \
+			false
 .else
 MAKE_ARGS+=	GTK_CONFIG=:
 .endif
@@ -74,7 +90,7 @@ MAKE_ARGS+=	KRB5CONFIG=${KRB5CONFIG}
 USES+=		gssapi:mit,flags
 MAKE_ARGS+=	KRB5CONFIG=${KRB5CONFIG}
 .else
-_COMPAT=		-DNO_GSSAPI
+_COMPAT=	-DNO_GSSAPI
 .endif
 
 _COMPAT+=	-DOMIT_UTMP
@@ -89,11 +105,11 @@ _COMPAT+=	-DDEBUG
 # currently, but override it nonetheless.
 XFLAGS+=	-Wno-error
 
-MAKE_ARGS+=	COMPAT="${_COMPAT}" \
-		CC="${CC}" \
-		XFLAGS="${XFLAGS}" \
+MAKE_ARGS+=	CC="${CC}" \
+		COMPAT="${_COMPAT}" \
 		INSTALL_DATA="${INSTALL_DATA}" \
-		INSTALL_PROGRAM="${INSTALL_PROGRAM}"
+		INSTALL_PROGRAM="${INSTALL_PROGRAM}" \
+		XFLAGS="${XFLAGS}"
 
 post-patch:
 	@${REINPLACE_CMD} -e 's,prefix=/usr/local,prefix=${PREFIX},;\
diff --git a/security/putty/distinfo b/security/putty/distinfo
index 633eddf1dd3c..38abd861e222 100644
--- a/security/putty/distinfo
+++ b/security/putty/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1571412224
-SHA256 (putty-0.73.tar.gz) = 3db0b5403fb41aecd3aa506611366650d927650b6eb3d839ad4dcc782519df1c
-SIZE (putty-0.73.tar.gz) = 2459115
+TIMESTAMP = 1593350227
+SHA256 (putty-0.74.tar.gz) = ddd5d388e51dd9e6e294005b30037f6ae802239a44c9dc9808c779e6d11b847d
+SIZE (putty-0.74.tar.gz) = 2476513
diff --git a/security/putty/files/LICENCE b/security/putty/files/LICENCE
new file mode 100644
index 000000000000..148912aebb60
--- /dev/null
+++ b/security/putty/files/LICENCE
@@ -0,0 +1,27 @@
+PuTTY is copyright 1997-2020 Simon Tatham.
+
+Portions copyright Robert de Bath, Joris van Rantwijk, Delian
+Delchev, Andreas Schultz, Jeroen Massar, Wez Furlong, Nicolas Barry,
+Justin Bradford, Ben Harris, Malcolm Smith, Ahmad Khalifa, Markus
+Kuhn, Colin Watson, Christopher Staite, Lorenz Diener, Christian
+Brabandt, Jeff Smith, Pavel Kryukov, Maxim Kuznetsov, Svyatoslav
+Kuzmich, Nico Williams, Viktor Dukhovni, and CORE SDI S.A.
+
+Permission is hereby granted, free of charge, to any person
+obtaining a copy of this software and associated documentation files
+(the "Software"), to deal in the Software without restriction,
+including without limitation the rights to use, copy, modify, merge,
+publish, distribute, sublicense, and/or sell copies of the Software,
+and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT.  IN NO EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE
+FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
+CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/security/putty/files/LICENSE b/security/putty/files/LICENSE
deleted file mode 100644
index e1fa6e9ee71c..000000000000
--- a/security/putty/files/LICENSE
+++ /dev/null
@@ -1,9 +0,0 @@
-PuTTY is copyright 1997-2015 Simon Tatham.
-
-Portions copyright Robert de Bath, Joris van Rantwijk, Delian Delchev, Andreas Schultz, Jeroen Massar, Wez Furlong, Nicolas Barry, Justin Bradford, Ben Harris, Malcolm Smith, Ahmad Khalifa, Markus Kuhn, Colin Watson, Christopher Staite, and CORE SDI S.A.
-
-Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL SIMON TATHAM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.