From cd9e99d777ddf8ccf789594cc23caf4c250ded08 Mon Sep 17 00:00:00 2001 From: Matthias Andree Date: Sat, 18 Mar 2017 10:24:26 +0000 Subject: MFH: r436313 r436321 r436323 Update to new upstream release 0.68 (security fixes) Additional minor updates on top of cy@'s patch (USE_GNOME, USE_XORG, LDFLAGS). ChangeLog: http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html [436321] Add forgotten patch for Linux -> BSD portability. [436323] Remove leftover files. The reference to these had been removed as of r184036 on 2007-02-03 already. Submitted by: cy@ Security: CVE-2017-6542 Security: 9b973e97-0a99-11e7-ace7-080027ef73ec Differential Revision: https://reviews.freebsd.org/D10023 Approved by: ports-secteam@ (junovitch@) --- security/putty/Makefile | 7 ++- security/putty/distinfo | 5 +- security/putty/files/mbrtowc.c | 79 ------------------------------- security/putty/files/patch-Makefile.gtk | 21 ++++---- security/putty/files/patch-unix__uxpgnt.c | 11 +++++ security/putty/files/wcrtomb.c | 57 ---------------------- 6 files changed, 30 insertions(+), 150 deletions(-) delete mode 100644 security/putty/files/mbrtowc.c create mode 100644 security/putty/files/patch-unix__uxpgnt.c delete mode 100644 security/putty/files/wcrtomb.c diff --git a/security/putty/Makefile b/security/putty/Makefile index caa6fb7ba8f9..3cbe19cb2028 100644 --- a/security/putty/Makefile +++ b/security/putty/Makefile @@ -1,7 +1,7 @@ # $FreeBSD$ PORTNAME= putty -PORTVERSION= 0.67 +PORTVERSION= 0.68 CATEGORIES= security ipv6 MASTER_SITES= http://the.earth.li/~sgtatham/putty/${PORTVERSION}/ \ ftp://ftp.chiark.greenend.org.uk/users/sgtatham/putty-latest/ @@ -31,9 +31,12 @@ CONFLICTS_INSTALL?= pssh-[0-9]* putty-nogtk-[0-9]* .include CFLAGS+= -DBSD_PTYS -DOMIT_UTMP -DIPV6 +LDFLAGS+= -Wl,--as-needed .if ${PORT_OPTIONS:MGTK2} && !defined(WITHOUT_X11) -USE_GNOME= gtk20 +USE_GNOME= cairo gdkpixbuf2 gtk20 +USE_XORG= x11 + PLIST_FILES+= bin/pterm bin/putty bin/puttytel PLIST_FILES+= man/man1/pterm.1.gz man/man1/putty.1.gz man/man1/puttytel.1.gz MAKE_ARGS+= PUTTY_WITH_GTK=yes GTK_CONFIG="pkg-config gtk+-2.0 x11 --cflags" diff --git a/security/putty/distinfo b/security/putty/distinfo index 2c78b62483d0..213a8f1d8701 100644 --- a/security/putty/distinfo +++ b/security/putty/distinfo @@ -1,2 +1,3 @@ -SHA256 (putty-0.67.tar.gz) = 80192458e8a46229de512afeca5c757dd8fce09606b3c992fbaeeee29b994a47 -SIZE (putty-0.67.tar.gz) = 1955547 +TIMESTAMP = 1489606314 +SHA256 (putty-0.68.tar.gz) = 7ba256f46e5a353cafe811ce7914d0e22a52bdfc0e6e2d183ad28b5af44cd09c +SIZE (putty-0.68.tar.gz) = 2114499 diff --git a/security/putty/files/mbrtowc.c b/security/putty/files/mbrtowc.c deleted file mode 100644 index 99233773ef1e..000000000000 --- a/security/putty/files/mbrtowc.c +++ /dev/null @@ -1,79 +0,0 @@ -/*- - * Copyright (c) 2002, 2003 Tim J. Robbins. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD: /tmp/pcvs/ports/security/putty/files/mbrtowc.c,v 1.1 2004-02-13 17:45:38 dinoex Exp $"); - -#include -#include -#include -#include - -/* - * Emulate the ISO C mbrtowc() function in terms of the deprecated - * 4.4BSD sgetrune() function. - */ -size_t -mbrtowc(wchar_t * __restrict pwc, const char * __restrict s, - size_t n, mbstate_t * __restrict ps __unused) -{ - const char *e; - rune_t r; - - if (s == NULL) { - pwc = NULL; - s = ""; - n = 1; - } - - if ((r = sgetrune(s, n, &e)) == _INVALID_RUNE) { - /* - * The design of sgetrune() doesn't give us any way to tell - * between incomplete and invalid multibyte sequences. - */ - - if (n >= (size_t)MB_CUR_MAX) { - /* - * If we have been supplied with at least MB_CUR_MAX - * bytes and still cannot find a valid character, the - * data must be invalid. - */ - errno = EILSEQ; - return ((size_t)-1); - } - - /* - * .. otherwise, it's an incomplete character or an invalid - * character we cannot detect yet. - */ - return ((size_t)-2); - } - - if (pwc != NULL) - *pwc = (wchar_t)r; - - return (r != 0 ? (size_t)(e - s) : 0); -} diff --git a/security/putty/files/patch-Makefile.gtk b/security/putty/files/patch-Makefile.gtk index b3d47c821323..976af7dce204 100644 --- a/security/putty/files/patch-Makefile.gtk +++ b/security/putty/files/patch-Makefile.gtk @@ -1,27 +1,28 @@ ---- Makefile.gtk.orig 2015-02-28 15:33:27 UTC -+++ Makefile.gtk -@@ -110,7 +110,7 @@ GTK_CONFIG = sh -c 'pkg-config gtk+-2.0 +--- Makefile.gtk.orig 2017-03-16 02:47:16.000000000 +0000 ++++ Makefile.gtk 2017-03-16 02:47:16.000000000 +0000 +@@ -111,7 +111,7 @@ unexport CFLAGS # work around a weird issue with krb5-config -CFLAGS = -O2 -Wall -Werror -g -I.././ -I../charset/ -I../windows/ -I../unix/ \ +CFLAGS := $(CFLAGS) -Wall -Werror -I.././ -I../charset/ -I../windows/ -I../unix/ \ - -I../macosx/ $(shell $(GTK_CONFIG) --cflags) -D _FILE_OFFSET_BITS=64 + $(shell $(GTK_CONFIG) --cflags) -D _FILE_OFFSET_BITS=64 XLDFLAGS = $(LDFLAGS) $(shell $(GTK_CONFIG) --libs) ULDFLAGS = $(LDFLAGS) -@@ -137,7 +137,11 @@ man1dir=$(mandir)/man1 +@@ -138,8 +138,12 @@ .SUFFIXES: +ifdef PUTTY_WITH_GTK - all: plink pscp psftp pterm putty puttygen puttytel + all: cgtest fuzzterm osxlaunch pageant plink pscp psftp pterm ptermapp putty \ + puttyapp puttygen puttytel testbn +else +all: plink pscp psftp puttygen +endif - plink: be_all_s.o callback.o cmdline.o conf.o cproxy.o ldisc.o logging.o \ - misc.o noterm.o pgssapi.o pinger.o portfwd.o proxy.o raw.o \ -@@ -920,6 +924,8 @@ install: + cgtest: cgtest.o conf.o import.o misc.o notiming.o sshaes.o sshbcrypt.o \ + sshblowf.o sshbn.o sshdes.o sshdss.o sshdssg.o sshecc.o \ +@@ -1050,6 +1054,8 @@ $(INSTALL_PROGRAM) -m 755 plink $(DESTDIR)$(bindir)/plink $(INSTALL_PROGRAM) -m 755 pscp $(DESTDIR)$(bindir)/pscp $(INSTALL_PROGRAM) -m 755 psftp $(DESTDIR)$(bindir)/psftp @@ -30,7 +31,7 @@ $(INSTALL_PROGRAM) -m 755 pterm $(DESTDIR)$(bindir)/pterm if test -n "$(UTMP_GROUP)"; then \ chgrp $(UTMP_GROUP) $(DESTDIR)$(bindir)/pterm && \ -@@ -929,15 +935,17 @@ install: +@@ -1059,15 +1065,17 @@ chmod 4755 $(DESTDIR)$(bindir)/pterm; \ fi $(INSTALL_PROGRAM) -m 755 putty $(DESTDIR)$(bindir)/putty diff --git a/security/putty/files/patch-unix__uxpgnt.c b/security/putty/files/patch-unix__uxpgnt.c new file mode 100644 index 000000000000..3ef98d5849fa --- /dev/null +++ b/security/putty/files/patch-unix__uxpgnt.c @@ -0,0 +1,11 @@ +--- uxpgnt.c.orig 2017-03-16 03:33:18.000000000 +0000 ++++ uxpgnt.c 2017-03-16 03:33:18.000000000 +0000 +@@ -270,7 +270,7 @@ + /* Get out of our previous process group, to avoid being + * blasted by passing signals. But keep our controlling tty, + * so we can keep checking to see if we still have one. */ +- setpgrp(); ++ setpgrp(0,0); + } else { + /* Do that, but also leave our entire session and detach from + * the controlling tty (if any). */ diff --git a/security/putty/files/wcrtomb.c b/security/putty/files/wcrtomb.c deleted file mode 100644 index f4888a8e72ab..000000000000 --- a/security/putty/files/wcrtomb.c +++ /dev/null @@ -1,57 +0,0 @@ -/*- - * Copyright (c) 2002, 2003 Tim J. Robbins. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD: /tmp/pcvs/ports/security/putty/files/wcrtomb.c,v 1.1 2004-02-13 17:45:39 dinoex Exp $"); - -#include -#include -#include -#include -#include - -/* - * Emulate the ISO C wcrtomb() function in terms of the deprecated - * 4.4BSD sputrune() function. - */ -size_t -wcrtomb(char * __restrict s, wchar_t wc, - mbstate_t * __restrict ps __unused) -{ - char *e; - char buf[MB_LEN_MAX]; - - if (s == NULL) { - s = buf; - wc = L'\0'; - } - sputrune(wc, s, MB_CUR_MAX, &e); - if (e == NULL) { - errno = EILSEQ; - return ((size_t)-1); - } - return ((size_t)(e - s)); -} -- cgit v1.2.3