diff options
Diffstat (limited to 'security/dropbear/Makefile')
| -rw-r--r-- | security/dropbear/Makefile | 107 |
1 files changed, 105 insertions, 2 deletions
diff --git a/security/dropbear/Makefile b/security/dropbear/Makefile index 323dc0b70ed0..6f1774f2af7c 100644 --- a/security/dropbear/Makefile +++ b/security/dropbear/Makefile @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= dropbear -PORTVERSION= 2016.74 +PORTVERSION= 2017.75 CATEGORIES= security ipv6 MASTER_SITES= http://matt.ucc.asn.au/dropbear/releases/ @@ -19,7 +19,38 @@ CPE_PRODUCT= dropbear_ssh_server USE_RC_SUBR= ${PORTNAME} -OPTIONS_DEFINE= STATIC +OPTIONS_DEFINE= DH_GROUP1 SMALL_CODE STATIC +OPTIONS_DEFAULT= AES128 AES256 CTR RSA SHA2_256 SHA2_512 SMALL_CODE TWOFISH128 TWOFISH256 +OPTIONS_MULTI= ENC KEY MAC MODE +OPTIONS_MULTI_ENC= AES128 3DES AES256 BLOWFISH TWOFISH256 TWOFISH128 +OPTIONS_MULTI_MODE= CBC CTR +OPTIONS_MULTI_KEY= ECDSA DSA RSA +OPTIONS_MULTI_MAC= MD5 SHA1 SHA1_96 SHA2_256 SHA2_512 + +3DES_DESC= Enable 3DES-based encryption +3DES_IMPLIES= CTR +AES128_DESC= Enable AES128-based encryption +AES256_DESC= Enable AES256-based encryption +TWOFISH128_DESC= Enable Twofish128-based encryption +TWOFISH256_DESC= Enable Twofish256-based encryption +BLOWFISH_DESC= Enable Blowfish-based encryption + +DH_GROUP1_DESC= Enable Group1 Diffie-Hellman (less secure) + +CBC_DESC= Use CBC mode for ciphers (less secure) +CTR_DESC= Use CTR mode for ciphers (more secure) + +ECDSA_DESC= Enable ECDSA public key support +DSA_DESC= Enable DSA public key support +RSA_DESC= Enable RSA public key support + +MD5_DESC= Enable MD5 MAC (broken) +SHA1_DESC= Enable SHA1 MAC (less secure) +SHA1_96_DESC= Enable SHA1_96 MAC (less secure) +SHA2_256_DESC= Enable SHA2_256 MAC +SHA2_512_DESC= Enable SHA2_512 MAC + +SMALL_CODE_DESC= Make binary smaller in exchange for 50% performance hit STATIC_LDFLAGS= -static @@ -30,6 +61,78 @@ post-patch: @${REINPLACE_CMD} -e "s,make clean,\$${MAKE} clean," \ ${WRKSRC}/libtomcrypt/Makefile.in +post-patch-SMALL_CODE-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_SMALL_CODE/d" \ + ${WRKSRC}/options.h + +post-patch-3DES-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_3DES/d" \ + ${WRKSRC}/options.h + +post-patch-AES128-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_AES128/d" \ + ${WRKSRC}/options.h + +post-patch-AES256-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_AES256/d" \ + ${WRKSRC}/options.h + +post-patch-TWOFISH256-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_TWOFISH256/d" \ + ${WRKSRC}/options.h + +post-patch-TWOFISH128-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_TWOFISH128/d" \ + ${WRKSRC}/options.h + +post-patch-BLOWFISH-on: + @${REINPLACE_CMD} -e "s,/\*#define DROPBEAR_BLOWFISH\*/,#define DROPBEAR_BLOWFISH,g" \ + ${WRKSRC}/options.h + +post-patch-CBC-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_ENABLE_CBC_MODE/d" \ + ${WRKSRC}/options.h + +post-patch-CTR-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_ENABLE_CTR_MODE/d" \ + ${WRKSRC}/options.h + +post-patch-DH_GROUP1-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_DH_GROUP1 1/d" \ + ${WRKSRC}/options.h + +post-patch-DSA-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_DSS/d" \ + ${WRKSRC}/options.h + +post-patch-RSA-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_RSA/d" \ + ${WRKSRC}/options.h + +post-patch-ECDSA-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_ECDSA/d" \ + ${WRKSRC}/options.h + +post-patch-MD5-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_MD5_HMAC/d" \ + ${WRKSRC}/options.h + +post-patch-SHA1-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_SHA1_HMAC/d" \ + ${WRKSRC}/options.h + +post-patch-SHA1_96-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_SHA1_96_HMAC/d" \ + ${WRKSRC}/options.h + +post-patch-SHA2_256-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_SHA2_256_HMAC/d" \ + ${WRKSRC}/options.h + +post-patch-SHA2_512-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_SHA2_512_HMAC/d" \ + ${WRKSRC}/options.h + do-install: @${MKDIR} ${STAGEDIR}${PREFIX}/etc/dropbear ${INSTALL_PROGRAM} ${WRKSRC}/dbclient ${STAGEDIR}${PREFIX}/bin |