Index: head/security/dropbear/Makefile =================================================================== --- head/security/dropbear/Makefile +++ head/security/dropbear/Makefile @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= dropbear -PORTVERSION= 2016.74 +PORTVERSION= 2017.75 CATEGORIES= security ipv6 MASTER_SITES= http://matt.ucc.asn.au/dropbear/releases/ @@ -19,8 +19,39 @@ USE_RC_SUBR= ${PORTNAME} -OPTIONS_DEFINE= STATIC +OPTIONS_DEFINE= DH_GROUP1 SMALL_CODE STATIC +OPTIONS_DEFAULT= AES128 AES256 CTR RSA SHA2_256 SHA2_512 SMALL_CODE TWOFISH128 TWOFISH256 +OPTIONS_MULTI= ENC KEY MAC MODE +OPTIONS_MULTI_ENC= AES128 3DES AES256 BLOWFISH TWOFISH256 TWOFISH128 +OPTIONS_MULTI_MODE= CBC CTR +OPTIONS_MULTI_KEY= ECDSA DSA RSA +OPTIONS_MULTI_MAC= MD5 SHA1 SHA1_96 SHA2_256 SHA2_512 +3DES_DESC= Enable 3DES-based encryption +3DES_IMPLIES= CTR +AES128_DESC= Enable AES128-based encryption +AES256_DESC= Enable AES256-based encryption +TWOFISH128_DESC= Enable Twofish128-based encryption +TWOFISH256_DESC= Enable Twofish256-based encryption +BLOWFISH_DESC= Enable Blowfish-based encryption + +DH_GROUP1_DESC= Enable Group1 Diffie-Hellman (less secure) + +CBC_DESC= Use CBC mode for ciphers (less secure) +CTR_DESC= Use CTR mode for ciphers (more secure) + +ECDSA_DESC= Enable ECDSA public key support +DSA_DESC= Enable DSA public key support +RSA_DESC= Enable RSA public key support + +MD5_DESC= Enable MD5 MAC (broken) +SHA1_DESC= Enable SHA1 MAC (less secure) +SHA1_96_DESC= Enable SHA1_96 MAC (less secure) +SHA2_256_DESC= Enable SHA2_256 MAC +SHA2_512_DESC= Enable SHA2_512 MAC + +SMALL_CODE_DESC= Make binary smaller in exchange for 50% performance hit + STATIC_LDFLAGS= -static post-patch: @@ -29,6 +60,78 @@ @${REINPLACE_CMD} -e "s,sys/dir.h,dirent.h," ${WRKSRC}/*.[ch] @${REINPLACE_CMD} -e "s,make clean,\$${MAKE} clean," \ ${WRKSRC}/libtomcrypt/Makefile.in + +post-patch-SMALL_CODE-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_SMALL_CODE/d" \ + ${WRKSRC}/options.h + +post-patch-3DES-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_3DES/d" \ + ${WRKSRC}/options.h + +post-patch-AES128-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_AES128/d" \ + ${WRKSRC}/options.h + +post-patch-AES256-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_AES256/d" \ + ${WRKSRC}/options.h + +post-patch-TWOFISH256-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_TWOFISH256/d" \ + ${WRKSRC}/options.h + +post-patch-TWOFISH128-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_TWOFISH128/d" \ + ${WRKSRC}/options.h + +post-patch-BLOWFISH-on: + @${REINPLACE_CMD} -e "s,/\*#define DROPBEAR_BLOWFISH\*/,#define DROPBEAR_BLOWFISH,g" \ + ${WRKSRC}/options.h + +post-patch-CBC-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_ENABLE_CBC_MODE/d" \ + ${WRKSRC}/options.h + +post-patch-CTR-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_ENABLE_CTR_MODE/d" \ + ${WRKSRC}/options.h + +post-patch-DH_GROUP1-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_DH_GROUP1 1/d" \ + ${WRKSRC}/options.h + +post-patch-DSA-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_DSS/d" \ + ${WRKSRC}/options.h + +post-patch-RSA-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_RSA/d" \ + ${WRKSRC}/options.h + +post-patch-ECDSA-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_ECDSA/d" \ + ${WRKSRC}/options.h + +post-patch-MD5-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_MD5_HMAC/d" \ + ${WRKSRC}/options.h + +post-patch-SHA1-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_SHA1_HMAC/d" \ + ${WRKSRC}/options.h + +post-patch-SHA1_96-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_SHA1_96_HMAC/d" \ + ${WRKSRC}/options.h + +post-patch-SHA2_256-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_SHA2_256_HMAC/d" \ + ${WRKSRC}/options.h + +post-patch-SHA2_512-off: + @${REINPLACE_CMD} -e "/#define DROPBEAR_SHA2_512_HMAC/d" \ + ${WRKSRC}/options.h do-install: @${MKDIR} ${STAGEDIR}${PREFIX}/etc/dropbear Index: head/security/dropbear/distinfo =================================================================== --- head/security/dropbear/distinfo +++ head/security/dropbear/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1469201269 -SHA256 (dropbear-2016.74.tar.bz2) = 2720ea54ed009af812701bcc290a2a601d5c107d12993e5d92c0f5f81f718891 -SIZE (dropbear-2016.74.tar.bz2) = 1622234 +TIMESTAMP = 1497947793 +SHA256 (dropbear-2017.75.tar.bz2) = 6cbc1dcb1c9709d226dff669e5604172a18cf5dbf9a201474d5618ae4465098c +SIZE (dropbear-2017.75.tar.bz2) = 1623392