diff options
| author | Jason Unovitch <junovitch@FreeBSD.org> | 2017-07-06 01:53:11 +0000 |
|---|---|---|
| committer | Jason Unovitch <junovitch@FreeBSD.org> | 2017-07-06 01:53:11 +0000 |
| commit | f587a7cdf7f7b245a3dea4767a3721313f7929c5 (patch) | |
| tree | 855aa7ea3a485d3550d4f5012033a632a074c352 | |
| parent | 59a8dcb938bfe79b22b6e8fe0ca6d8d7cf81be90 (diff) | |
| download | ports-f587a7cdf7f7b245a3dea4767a3721313f7929c5.tar.gz ports-f587a7cdf7f7b245a3dea4767a3721313f7929c5.zip | |
MFH: r444987
Updated to 2017.75
Changelog: https://matt.ucc.asn.au/dropbear/CHANGES
PR: 220158
Submitted by: Piotr Kubaj <pkubaj@anongoth.pl> (maintainer)
Reviewed by: lifanov (mentor)
Approved by: ports-secteam (with hat), lifanov (mentor)
Security: http://www.vuxml.org/freebsd/60931f98-55a7-11e7-8514-589cfc0654e1.html
Differential Revision: https://reviews.freebsd.org/D11400
Notes
Notes:
svn path=/branches/2017Q3/; revision=445122
| -rw-r--r-- | security/dropbear/Makefile | 107 | ||||
| -rw-r--r-- | security/dropbear/distinfo | 6 |
2 files changed, 108 insertions, 5 deletions
diff --git a/security/dropbear/Makefile b/security/dropbear/Makefile index 323dc0b70ed0..6f1774f2af7c 100644 --- a/security/dropbear/Makefile +++ b/security/dropbear/Makefile @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= dropbear -PORTVERSION= 2016.74 +PORTVERSION= 2017.75 CATEGORIES= security ipv6 MASTER_SITES= http://matt.ucc.asn.au/dropbear/releases/ @@ -19,7 +19,38 @@ CPE_PRODUCT= dropbear_ssh_server USE_RC_SUBR= ${PORTNAME} -OPTIONS_DEFINE= STATIC +OPTIONS_DEFINE= DH_GROUP1 SMALL_CODE STATIC +OPTIONS_DEFAULT= AES128 AES256 CTR RSA SHA2_256 SHA2_512 SMALL_CODE TWOFISH128 TWOFISH256 +OPTIONS_MULTI= ENC KEY MAC MODE +OPTIONS_MULTI_ENC= AES128 3DES AES256 BLOWFISH TWOFISH256 TWOFISH128 +OPTIONS_MULTI_MODE= CBC CTR +OPTIONS_MULTI_KEY= ECDSA DSA RSA +OPTIONS_MULTI_MAC= MD5 SHA1 SHA1_96 SHA2_256 SHA2_512 + +3DES_DESC= Enable 3DES-based encryption +3DES_IMPLIES= CTR +AES128_DESC= Enable AES128-based encryption +AES256_DESC= Enable AES256-based encryption +TWOFISH128_DESC= Enable Twofish128-based encryption +TWOFISH256_DESC= Enable Twofish256-based encryption +BLOWFISH_DESC= Enable Blowfish-based encryption + +DH_GROUP1_DESC= Enable Group1 Diffie-Hellman (less secure) + +CBC_DESC= Use CBC mode for ciphers (less secure) +CTR_DESC= Use CTR mode for ciphers (more secure) + +ECDSA_DESC= Enable ECDSA public key support +DSA_DESC= Enable DSA public key support +RSA_DESC= Enable RSA public key support + +MD5_DESC= Enable MD5 MAC (broken) +SHA1_DESC= Enable SHA1 MAC (less secure) +SHA1_96_DESC= Enable SHA1_96 MAC (less secure) +SHA2_256_DESC= Enable SHA2_256 MAC +SHA2_512_DESC= Enable SHA2_512 MAC + +SMALL_CODE_DESC= Make binary smaller in exchange for 50% performance hit STATIC_LDFLAGS= -static @@ -30,6 +61,78 @@ post-patch: @${REINPLACE_CMD} -e "s,make clean,\$${MAKE} clean," \ ${WRKSRC}/libtomcrypt/Makefile.in +post-patch-SMALL_CODE-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_SMALL_CODE/d" \ + ${WRKSRC}/options.h + +post-patch-3DES-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_3DES/d" \ + ${WRKSRC}/options.h + +post-patch-AES128-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_AES128/d" \ + ${WRKSRC}/options.h + +post-patch-AES256-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_AES256/d" \ + ${WRKSRC}/options.h + +post-patch-TWOFISH256-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_TWOFISH256/d" \ + ${WRKSRC}/options.h + +post-patch-TWOFISH128-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_TWOFISH128/d" \ + ${WRKSRC}/options.h + +post-patch-BLOWFISH-on: + @${REINPLACE_CMD} -e "s,/\*#define DROPBEAR_BLOWFISH\*/,#define DROPBEAR_BLOWFISH,g" \ + ${WRKSRC}/options.h + +post-patch-CBC-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_ENABLE_CBC_MODE/d" \ + ${WRKSRC}/options.h + +post-patch-CTR-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_ENABLE_CTR_MODE/d" \ + ${WRKSRC}/options.h + +post-patch-DH_GROUP1-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_DH_GROUP1 1/d" \ + ${WRKSRC}/options.h + +post-patch-DSA-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_DSS/d" \ + ${WRKSRC}/options.h + +post-patch-RSA-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_RSA/d" \ + ${WRKSRC}/options.h + +post-patch-ECDSA-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_ECDSA/d" \ + ${WRKSRC}/options.h + +post-patch-MD5-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_MD5_HMAC/d" \ + ${WRKSRC}/options.h + +post-patch-SHA1-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_SHA1_HMAC/d" \ + ${WRKSRC}/options.h + +post-patch-SHA1_96-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_SHA1_96_HMAC/d" \ + ${WRKSRC}/options.h + +post-patch-SHA2_256-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_SHA2_256_HMAC/d" \ + ${WRKSRC}/options.h + +post-patch-SHA2_512-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_SHA2_512_HMAC/d" \ + ${WRKSRC}/options.h + do-install: @${MKDIR} ${STAGEDIR}${PREFIX}/etc/dropbear ${INSTALL_PROGRAM} ${WRKSRC}/dbclient ${STAGEDIR}${PREFIX}/bin diff --git a/security/dropbear/distinfo b/security/dropbear/distinfo index 422b513fd65d..2dabbc7f135b 100644 --- a/security/dropbear/distinfo +++ b/security/dropbear/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1469201269 -SHA256 (dropbear-2016.74.tar.bz2) = 2720ea54ed009af812701bcc290a2a601d5c107d12993e5d92c0f5f81f718891 -SIZE (dropbear-2016.74.tar.bz2) = 1622234 +TIMESTAMP = 1497947793 +SHA256 (dropbear-2017.75.tar.bz2) = 6cbc1dcb1c9709d226dff669e5604172a18cf5dbf9a201474d5618ae4465098c +SIZE (dropbear-2017.75.tar.bz2) = 1623392 |