svn commit: r496078 - in branches/2019Q1/security/putty: . files
Matthias Andree
mandree at FreeBSD.org
Sun Mar 17 17:38:52 UTC 2019
Author: mandree
Date: Sun Mar 17 17:38:48 2019
New Revision: 496078
URL: https://svnweb.freebsd.org/changeset/ports/496078
Log:
MFH: r496064
Update security/putty to 0.71 security fix release
Unfortunately, this new release breaks GSSAPI_NONE, which is removed
for now. Bug has been reported upstream.
Changelog: https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
Security: 46e1ece5-48bd-11e9-9c40-080027ac955c
Approved by: ports-secteam (joneum)
Added:
branches/2019Q1/security/putty/files/patch-settings.c
- copied unchanged from r496064, head/security/putty/files/patch-settings.c
branches/2019Q1/security/putty/files/patch-sshgssc.c
- copied unchanged from r496064, head/security/putty/files/patch-sshgssc.c
branches/2019Q1/security/putty/files/patch-unix_Makefile.gtk
- copied unchanged from r496064, head/security/putty/files/patch-unix_Makefile.gtk
branches/2019Q1/security/putty/files/patch-unix_uxnet.c
- copied unchanged from r496064, head/security/putty/files/patch-unix_uxnet.c
branches/2019Q1/security/putty/files/patch-unix_uxpgnt.c
- copied unchanged from r496064, head/security/putty/files/patch-unix_uxpgnt.c
branches/2019Q1/security/putty/files/patch-unix_uxpty.c
- copied unchanged from r496064, head/security/putty/files/patch-unix_uxpty.c
Deleted:
branches/2019Q1/security/putty/files/patch-Makefile.gtk
branches/2019Q1/security/putty/files/patch-unix__uxpgnt.c
branches/2019Q1/security/putty/files/patch-uxnet.c
branches/2019Q1/security/putty/files/patch-uxpty.c
Modified:
branches/2019Q1/security/putty/Makefile
branches/2019Q1/security/putty/distinfo
Directory Properties:
branches/2019Q1/ (props changed)
Modified: branches/2019Q1/security/putty/Makefile
==============================================================================
--- branches/2019Q1/security/putty/Makefile Sun Mar 17 17:35:38 2019 (r496077)
+++ branches/2019Q1/security/putty/Makefile Sun Mar 17 17:38:48 2019 (r496078)
@@ -1,21 +1,22 @@
# $FreeBSD$
PORTNAME= putty
-PORTVERSION= 0.70
+PORTVERSION= 0.71
CATEGORIES= security ipv6
MASTER_SITES= http://the.earth.li/~sgtatham/putty/${PORTVERSION}/ \
ftp://ftp.chiark.greenend.org.uk/users/sgtatham/putty-latest/
-# Beat Gaetzi (beat@) is permitted to take maintainership back
-# or commit to this port without my prior approval.
MAINTAINER= mandree at FreeBSD.org
COMMENT= Secure shell and telnet client
+# test plan: test ALL 4 GSSAPI_* options, ALL 3 GTK options, WITH_DEBUG=yes build.
LICENSE= MIT
LICENSE_FILE= ${FILESDIR}/LICENSE
USES= cpe gmake pkgconfig
+
WRKSRC= ${WRKDIR}/${DISTNAME}/unix
+PATCH_WRKSRC= ${WRKDIR}/${DISTNAME}
MAKEFILE= Makefile.gtk
CPE_VENDOR= simon_tatham
@@ -27,8 +28,10 @@ OPTIONS_RADIO= TOOLKIT
OPTIONS_RADIO_TOOLKIT= GTK2 GTK3
OPTIONS_DEFAULT=GSSAPI_BASE GTK3
OPTIONS_SINGLE= GSSAPI_SELECT
-OPTIONS_SINGLE_GSSAPI_SELECT= GSSAPI_NONE GSSAPI_BASE GSSAPI_HEIMDAL \
- GSSAPI_MIT
+#OPTIONS_SINGLE_GSSAPI_SELECT= GSSAPI_NONE GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT
+# XXX FIXME TODO: GSSAPI_NONE is broken as of PuTTY 0.71 (did work in 0.70).
+# Report has been sent to putty.AT.projects.tartarus.org on 2019-03-17
+OPTIONS_SINGLE_GSSAPI_SELECT= GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT
CONFLICTS_INSTALL?= pssh-[0-9]* putty-gtk2-[0-9]* putty-nogtk-[0-9]*
@@ -40,10 +43,12 @@ LDFLAGS+= -Wl,--as-needed
.if (${PORT_OPTIONS:MGTK2} || ${PORT_OPTIONS:MGTK3}) && !defined(WITHOUT_X11)
USE_XORG= x11
.if ${PORT_OPTIONS:MGTK2}
+USES+= gnome
USE_GNOME= cairo gdkpixbuf2 gtk20
MAKE_ARGS+= PUTTY_WITH_GTK=yes GTK_CONFIG="pkg-config gtk+-2.0 x11 --cflags"
.endif
.if ${PORT_OPTIONS:MGTK3}
+USES+= gnome
USE_GNOME= cairo gdkpixbuf2 gtk30
MAKE_ARGS+= PUTTY_WITH_GTK=yes GTK_CONFIG="pkg-config gtk+-3.0 x11 --cflags"
.endif
@@ -80,7 +85,9 @@ _COMPAT= -DNO_GSSAPI
_COMPAT+= -DOMIT_UTMP
.if defined(WITH_DEBUG)
+CFLAGS+= -DDEBUG
XFLAGS= -DDEBUG
+_COMPAT+= -DDEBUG
.endif
# upstream sets -Werror - there are no issues on 9.1-FreeBSD amd64
Modified: branches/2019Q1/security/putty/distinfo
==============================================================================
--- branches/2019Q1/security/putty/distinfo Sun Mar 17 17:35:38 2019 (r496077)
+++ branches/2019Q1/security/putty/distinfo Sun Mar 17 17:38:48 2019 (r496078)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1500391843
-SHA256 (putty-0.70.tar.gz) = bb8aa49d6e96c5a8e18a057f3150a1695ed99a24eef699e783651d1f24e7b0be
-SIZE (putty-0.70.tar.gz) = 2386108
+TIMESTAMP = 1552820659
+SHA256 (putty-0.71.tar.gz) = 2f931ce2f89780cc8ca7bbed90fcd22c44515d2773f5fa954069e209b48ec6b8
+SIZE (putty-0.71.tar.gz) = 2423752
Copied: branches/2019Q1/security/putty/files/patch-settings.c (from r496064, head/security/putty/files/patch-settings.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2019Q1/security/putty/files/patch-settings.c Sun Mar 17 17:38:48 2019 (r496078, copy of r496064, head/security/putty/files/patch-settings.c)
@@ -0,0 +1,12 @@
+--- settings.c.orig 2019-03-16 12:26:35 UTC
++++ settings.c
+@@ -990,7 +990,9 @@ void load_open_settings(settings_r *sesskey, Conf *con
+ gprefs(sesskey, "HostKey", "ed25519,ecdsa,rsa,dsa,WARN",
+ hknames, HK_MAX, conf, CONF_ssh_hklist);
+ gppi(sesskey, "RekeyTime", 60, conf, CONF_ssh_rekey_time);
++#ifndef NO_GSSAPI
+ gppi(sesskey, "GssapiRekey", GSS_DEF_REKEY_MINS, conf, CONF_gssapirekey);
++#endif
+ gpps(sesskey, "RekeyBytes", "1G", conf, CONF_ssh_rekey_data);
+ {
+ /* SSH-2 only by default */
Copied: branches/2019Q1/security/putty/files/patch-sshgssc.c (from r496064, head/security/putty/files/patch-sshgssc.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2019Q1/security/putty/files/patch-sshgssc.c Sun Mar 17 17:38:48 2019 (r496078, copy of r496064, head/security/putty/files/patch-sshgssc.c)
@@ -0,0 +1,11 @@
+--- sshgssc.c.orig 2019-03-16 12:26:36 UTC
++++ sshgssc.c
+@@ -75,7 +75,7 @@ static Ssh_gss_stat ssh_gssapi_acquire_cred(struct ssh
+ gssctx->maj_stat =
+ gss->inquire_cred_by_mech(&gssctx->min_stat, cred,
+ (gss_OID) GSS_MECH_KRB5,
+- GSS_C_NO_NAME,
++ NULL,
+ &time_rec,
+ NULL,
+ NULL);
Copied: branches/2019Q1/security/putty/files/patch-unix_Makefile.gtk (from r496064, head/security/putty/files/patch-unix_Makefile.gtk)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2019Q1/security/putty/files/patch-unix_Makefile.gtk Sun Mar 17 17:38:48 2019 (r496078, copy of r496064, head/security/putty/files/patch-unix_Makefile.gtk)
@@ -0,0 +1,80 @@
+--- unix/Makefile.gtk.orig 2019-03-16 12:26:40 UTC
++++ unix/Makefile.gtk
+@@ -109,7 +109,7 @@ GTK_CONFIG = sh -c 'pkg-config gtk+-3.0 x11 $$0 2>/dev
+
+ unexport CFLAGS # work around a weird issue with krb5-config
+
+-CFLAGS = -O2 -Wall -Werror -std=gnu99 -Wvla -g -I.././ -I../charset/ \
++CFLAGS := $(CFLAGS) -Wall -Werror -std=gnu99 -Wvla -I.././ -I../charset/ \
+ -I../windows/ -I../unix/ $(shell $(GTK_CONFIG) --cflags) -D _FILE_OFFSET_BITS=64
+ XLDFLAGS = $(LDFLAGS) $(shell $(GTK_CONFIG) --libs)
+ ULDFLAGS = $(LDFLAGS)
+@@ -136,8 +136,13 @@ man1dir=$(mandir)/man1
+ .SUFFIXES:
+
+
++ifdef PUTTY_WITH_GTK
+ all: cgtest fuzzterm osxlaunch pageant plink pscp psftp pterm ptermapp putty \
+ puttyapp puttygen puttytel testcrypt testsc testzlib uppity
++else
++all: cgtest fuzzterm osxlaunch plink pscp psftp \
++ puttygen testcrypt testsc testzlib uppity
++endif
+
+ cgtest: cgtest.o conf.o ecc.o import.o marshal.o memory.o misc.o mpint.o \
+ notiming.o sshaes.o sshauxcrypt.o sshbcrypt.o sshblowf.o \
+@@ -497,15 +502,15 @@ testsc: ecc.o marshal.o memory.o mpint.o sshaes.o ssha
+ sshblowf.o sshccp.o sshcrc.o sshcrcda.o sshdes.o sshdh.o \
+ sshdss.o sshecc.o sshhmac.o sshmac.o sshmd5.o sshrsa.o \
+ sshsh256.o sshsh512.o sshsha.o testsc.o tree234.o utils.o \
+- uxutils.o wildcard.o
++ uxutils.o wildcard.o uxmisc.o
+ $(CC) -o $@ ecc.o marshal.o memory.o mpint.o sshaes.o ssharcf.o \
+ sshauxcrypt.o sshblowf.o sshccp.o sshcrc.o sshcrcda.o \
+ sshdes.o sshdh.o sshdss.o sshecc.o sshhmac.o sshmac.o \
+ sshmd5.o sshrsa.o sshsh256.o sshsh512.o sshsha.o testsc.o \
+- tree234.o utils.o uxutils.o wildcard.o $(ULDFLAGS)
++ tree234.o utils.o uxutils.o wildcard.o uxmisc.o $(ULDFLAGS)
+
+-testzlib: marshal.o memory.o sshzlib.o testzlib.o utils.o
+- $(CC) -o $@ marshal.o memory.o sshzlib.o testzlib.o utils.o \
++testzlib: marshal.o memory.o sshzlib.o testzlib.o utils.o uxmisc.o
++ $(CC) -o $@ marshal.o memory.o sshzlib.o testzlib.o utils.o uxmisc.o \
+ $(ULDFLAGS)
+
+ uppity: be_misc.o be_none.o callback.o conf.o cproxy.o ecc.o errsock.o \
+@@ -1602,10 +1607,12 @@ xpmputty.o: ../unix/xpmputty.c
+
+ install:
+ mkdir -p $(DESTDIR)$(bindir) $(DESTDIR)$(man1dir)
+- $(INSTALL_PROGRAM) -m 755 pageant $(DESTDIR)$(bindir)/pageant
+ $(INSTALL_PROGRAM) -m 755 plink $(DESTDIR)$(bindir)/plink
+ $(INSTALL_PROGRAM) -m 755 pscp $(DESTDIR)$(bindir)/pscp
+ $(INSTALL_PROGRAM) -m 755 psftp $(DESTDIR)$(bindir)/psftp
++ $(INSTALL_PROGRAM) -m 755 puttygen $(DESTDIR)$(bindir)/puttygen
++ifdef PUTTY_WITH_GTK
++ $(INSTALL_PROGRAM) -m 755 pageant $(DESTDIR)$(bindir)/pageant
+ $(INSTALL_PROGRAM) -m 755 pterm $(DESTDIR)$(bindir)/pterm
+ if test -n "$(UTMP_GROUP)"; then \
+ chgrp $(UTMP_GROUP) $(DESTDIR)$(bindir)/pterm && \
+@@ -1615,16 +1622,18 @@ install:
+ chmod 4755 $(DESTDIR)$(bindir)/pterm; \
+ fi
+ $(INSTALL_PROGRAM) -m 755 putty $(DESTDIR)$(bindir)/putty
+- $(INSTALL_PROGRAM) -m 755 puttygen $(DESTDIR)$(bindir)/puttygen
+ $(INSTALL_PROGRAM) -m 755 puttytel $(DESTDIR)$(bindir)/puttytel
+ $(INSTALL_DATA) -m 644 ../doc/pageant.1 $(DESTDIR)$(man1dir)/pageant.1
++endif
+ $(INSTALL_DATA) -m 644 ../doc/plink.1 $(DESTDIR)$(man1dir)/plink.1
+ $(INSTALL_DATA) -m 644 ../doc/pscp.1 $(DESTDIR)$(man1dir)/pscp.1
+ $(INSTALL_DATA) -m 644 ../doc/psftp.1 $(DESTDIR)$(man1dir)/psftp.1
++ $(INSTALL_DATA) -m 644 ../doc/puttygen.1 $(DESTDIR)$(man1dir)/puttygen.1
++ifdef PUTTY_WITH_GTK
+ $(INSTALL_DATA) -m 644 ../doc/pterm.1 $(DESTDIR)$(man1dir)/pterm.1
+ $(INSTALL_DATA) -m 644 ../doc/putty.1 $(DESTDIR)$(man1dir)/putty.1
+- $(INSTALL_DATA) -m 644 ../doc/puttygen.1 $(DESTDIR)$(man1dir)/puttygen.1
+ $(INSTALL_DATA) -m 644 ../doc/puttytel.1 $(DESTDIR)$(man1dir)/puttytel.1
++endif
+
+ install-strip:
+ $(MAKE) install INSTALL_PROGRAM="$(INSTALL_PROGRAM) -s"
Copied: branches/2019Q1/security/putty/files/patch-unix_uxnet.c (from r496064, head/security/putty/files/patch-unix_uxnet.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2019Q1/security/putty/files/patch-unix_uxnet.c Sun Mar 17 17:38:48 2019 (r496078, copy of r496064, head/security/putty/files/patch-unix_uxnet.c)
@@ -0,0 +1,16 @@
+--- unix/uxnet.c.orig 2019-03-16 12:26:37 UTC
++++ unix/uxnet.c
+@@ -11,8 +11,13 @@
+ #include <sys/types.h>
+ #include <sys/socket.h>
+ #include <sys/ioctl.h>
++#ifdef __FreeBSD__
++#include <netinet/in.h>
+ #include <arpa/inet.h>
++#else
++#include <arpa/inet.h>
+ #include <netinet/in.h>
++#endif
+ #include <netinet/tcp.h>
+ #include <netdb.h>
+ #include <sys/un.h>
Copied: branches/2019Q1/security/putty/files/patch-unix_uxpgnt.c (from r496064, head/security/putty/files/patch-unix_uxpgnt.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2019Q1/security/putty/files/patch-unix_uxpgnt.c Sun Mar 17 17:38:48 2019 (r496078, copy of r496064, head/security/putty/files/patch-unix_uxpgnt.c)
@@ -0,0 +1,11 @@
+--- unix/uxpgnt.c.orig 2019-03-16 12:26:38 UTC
++++ unix/uxpgnt.c
+@@ -241,7 +241,7 @@ void pageant_fork_and_print_env(bool retain_tty)
+ /* Get out of our previous process group, to avoid being
+ * blasted by passing signals. But keep our controlling tty,
+ * so we can keep checking to see if we still have one. */
+- setpgrp();
++ setpgrp(0,0);
+ } else {
+ /* Do that, but also leave our entire session and detach from
+ * the controlling tty (if any). */
Copied: branches/2019Q1/security/putty/files/patch-unix_uxpty.c (from r496064, head/security/putty/files/patch-unix_uxpty.c)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2019Q1/security/putty/files/patch-unix_uxpty.c Sun Mar 17 17:38:48 2019 (r496078, copy of r496064, head/security/putty/files/patch-unix_uxpty.c)
@@ -0,0 +1,10 @@
+--- unix/uxpty.c.orig 2019-03-16 12:26:38 UTC
++++ unix/uxpty.c
+@@ -13,7 +13,6 @@
+ #include <fcntl.h>
+ #include <termios.h>
+ #include <grp.h>
+-#include <utmp.h>
+ #include <pwd.h>
+ #include <time.h>
+ #include <sys/types.h>
More information about the svn-ports-branches
mailing list