Index: head/security/putty/Makefile
===================================================================
--- head/security/putty/Makefile	(revision 496929)
+++ head/security/putty/Makefile	(revision 496930)
@@ -1,115 +1,112 @@
 # $FreeBSD$
 
 PORTNAME=	putty
 PORTVERSION=	0.71
 CATEGORIES=	security ipv6
 MASTER_SITES=	http://the.earth.li/~sgtatham/putty/${PORTVERSION}/ \
 		ftp://ftp.chiark.greenend.org.uk/users/sgtatham/putty-latest/
 
 MAINTAINER=	mandree@FreeBSD.org
 COMMENT=	Secure shell and telnet client
 # test plan: test ALL 4 GSSAPI_* options, ALL 3 GTK options, WITH_DEBUG=yes build.
 
 LICENSE=	MIT
 LICENSE_FILE=	${FILESDIR}/LICENSE
 
 USES=		cpe gmake pkgconfig
 
 WRKSRC=		${WRKDIR}/${DISTNAME}/unix
 PATCH_WRKSRC=	${WRKDIR}/${DISTNAME}
 MAKEFILE=	Makefile.gtk
 
 CPE_VENDOR=	simon_tatham
 
 PLIST_FILES=	bin/plink bin/pscp bin/psftp bin/puttygen
 PLIST_FILES+=	man/man1/plink.1.gz man/man1/pscp.1.gz man/man1/psftp.1.gz man/man1/puttygen.1.gz
 
 OPTIONS_RADIO=		TOOLKIT
 OPTIONS_RADIO_TOOLKIT=	GTK2 GTK3
 OPTIONS_DEFAULT=GSSAPI_BASE GTK3
 OPTIONS_SINGLE=	GSSAPI_SELECT
-#OPTIONS_SINGLE_GSSAPI_SELECT=	GSSAPI_NONE GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT
-# XXX FIXME TODO: GSSAPI_NONE is broken as of PuTTY 0.71 (did work in 0.70).
-# Report has been sent to putty.AT.projects.tartarus.org on 2019-03-17
-OPTIONS_SINGLE_GSSAPI_SELECT=	GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT
+OPTIONS_SINGLE_GSSAPI_SELECT=	GSSAPI_NONE GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT
 
 CONFLICTS_INSTALL?=	pssh-[0-9]* putty-gtk2-[0-9]* putty-nogtk-[0-9]*
 
 .include <bsd.port.options.mk>
 
 CFLAGS+=	-DBSD_PTYS -DOMIT_UTMP -DIPV6
 LDFLAGS+=	-Wl,--as-needed
 
 .if (${PORT_OPTIONS:MGTK2} || ${PORT_OPTIONS:MGTK3}) && !defined(WITHOUT_X11)
 USE_XORG=	x11
 .if ${PORT_OPTIONS:MGTK2}
 USES+=		gnome
 USE_GNOME=	cairo gdkpixbuf2 gtk20
 MAKE_ARGS+=	PUTTY_WITH_GTK=yes GTK_CONFIG="pkg-config gtk+-2.0 x11 --cflags"
 .endif
 .if ${PORT_OPTIONS:MGTK3}
 USES+=		gnome
 USE_GNOME=	cairo gdkpixbuf2 gtk30
 MAKE_ARGS+=	PUTTY_WITH_GTK=yes GTK_CONFIG="pkg-config gtk+-3.0 x11 --cflags"
 .endif
 
 PLIST_FILES+=	bin/pageant bin/pterm bin/putty bin/puttytel
 PLIST_FILES+=	man/man1/pageant.1.gz man/man1/pterm.1.gz man/man1/putty.1.gz man/man1/puttytel.1.gz
 PLIST_FILES+=	share/pixmaps/putty.ico
 DESKTOP_ENTRIES="PuTTY" \
 		"${COMMENT}" \
 		"${PREFIX}/share/pixmaps/${PORTNAME}.ico" \
 		"${PORTNAME}" \
 		"" \
 		false
 .else
 MAKE_ARGS+=	GTK_CONFIG=:
 .endif
 
 .if ${PORT_OPTIONS:MGSSAPI_BASE}
 _COMPAT=		-DSTATIC_GSSAPI
 USES+=		gssapi:base,flags
 MAKE_ARGS+=	KRB5CONFIG=${KRB5CONFIG}
 .elif ${PORT_OPTIONS:MGSSAPI_HEIMDAL}
 _COMPAT=		-DSTATIC_GSSAPI
 USES+=		gssapi:heimdal,flags
 MAKE_ARGS+=	KRB5CONFIG=${KRB5CONFIG}
 .elif ${PORT_OPTIONS:MGSSAPI_MIT}
 _COMPAT=		-DSTATIC_GSSAPI
 USES+=		gssapi:mit,flags
 MAKE_ARGS+=	KRB5CONFIG=${KRB5CONFIG}
 .else
 _COMPAT=		-DNO_GSSAPI
 .endif
 
 _COMPAT+=	-DOMIT_UTMP
 
 .if defined(WITH_DEBUG)
 CFLAGS+=	-DDEBUG
 XFLAGS=		-DDEBUG
 _COMPAT+=	-DDEBUG
 .endif
 
 # upstream sets -Werror - there are no issues on 9.1-FreeBSD amd64
 # currently, but override it nonetheless.
 XFLAGS+=	-Wno-error
 
 MAKE_ARGS+=	COMPAT="${_COMPAT}" \
 		CC="${CC}" \
 		XFLAGS="${XFLAGS}" \
 		INSTALL_DATA="${INSTALL_DATA}" \
 		INSTALL_PROGRAM="${INSTALL_PROGRAM}"
 
 post-patch:
 	@${REINPLACE_CMD} -e 's,prefix=/usr/local,prefix=${PREFIX},;\
 			      s,make,${MAKE_CMD},'\
 		${WRKSRC}/${MAKEFILE}
 
 post-install:
 .if ${PORT_OPTIONS:MGTK2} || ${PORT_OPTIONS:MGTK3}
 	@${MKDIR} ${STAGEDIR}${PREFIX}/share/pixmaps
 	${INSTALL_DATA} ${WRKSRC}/../windows/putty.ico \
 		${STAGEDIR}${PREFIX}/share/pixmaps/
 .endif
 
 .include <bsd.port.mk>
Index: head/security/putty/files/patch-config.c
===================================================================
--- head/security/putty/files/patch-config.c	(nonexistent)
+++ head/security/putty/files/patch-config.c	(revision 496930)
@@ -0,0 +1,29 @@
+--- config.c.orig	2019-03-16 12:26:32 UTC
++++ config.c
+@@ -2442,10 +2442,12 @@ void setup_config_box(struct controlbox *b, bool midse
+ 			      HELPCTX(ssh_kexlist),
+ 			      kexlist_handler, P(NULL));
+             c->listbox.height = KEX_MAX;
++#ifndef NO_GSSAPI
+ 	    ctrl_checkbox(s, "Attempt GSSAPI key exchange",
+ 			  'k', HELPCTX(ssh_gssapi),
+ 			  conf_checkbox_handler,
+ 			  I(CONF_try_gssapi_kex));
++#endif
+ 
+ 	    s = ctrl_getset(b, "Connection/SSH/Kex", "repeat",
+ 			    "Options controlling key re-exchange");
+@@ -2455,11 +2457,13 @@ void setup_config_box(struct controlbox *b, bool midse
+ 			 conf_editbox_handler,
+ 			 I(CONF_ssh_rekey_time),
+ 			 I(-1));
++#ifndef NO_GSSAPI
+             ctrl_editbox(s, "Minutes between GSS checks (0 for never)", NO_SHORTCUT, 20,
+                          HELPCTX(ssh_kex_repeat),
+                          conf_editbox_handler,
+                          I(CONF_gssapirekey),
+                          I(-1));
++#endif
+ 	    ctrl_editbox(s, "Max data before rekey (0 for no limit)", 'x', 20,
+ 			 HELPCTX(ssh_kex_repeat),
+ 			 conf_editbox_handler,

Property changes on: head/security/putty/files/patch-config.c
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/security/putty/files/patch-settings.c
===================================================================
--- head/security/putty/files/patch-settings.c	(revision 496929)
+++ head/security/putty/files/patch-settings.c	(revision 496930)
@@ -1,12 +1,60 @@
 --- settings.c.orig	2019-03-16 12:26:35 UTC
 +++ settings.c
-@@ -990,7 +990,9 @@ void load_open_settings(settings_r *sesskey, Conf *con
+@@ -592,21 +592,25 @@ void save_open_settings(settings_w *sesskey, Conf *con
+     write_setting_b(sesskey, "Compression", conf_get_bool(conf, CONF_compression));
+     write_setting_b(sesskey, "TryAgent", conf_get_bool(conf, CONF_tryagent));
+     write_setting_b(sesskey, "AgentFwd", conf_get_bool(conf, CONF_agentfwd));
++#ifndef NO_GSSAPI
+     write_setting_b(sesskey, "GssapiFwd", conf_get_bool(conf, CONF_gssapifwd));
++#endif
+     write_setting_b(sesskey, "ChangeUsername", conf_get_bool(conf, CONF_change_username));
+     wprefs(sesskey, "Cipher", ciphernames, CIPHER_MAX, conf, CONF_ssh_cipherlist);
+     wprefs(sesskey, "KEX", kexnames, KEX_MAX, conf, CONF_ssh_kexlist);
+     wprefs(sesskey, "HostKey", hknames, HK_MAX, conf, CONF_ssh_hklist);
+     write_setting_i(sesskey, "RekeyTime", conf_get_int(conf, CONF_ssh_rekey_time));
++#ifndef NO_GSSAPI
+     write_setting_i(sesskey, "GssapiRekey", conf_get_int(conf, CONF_gssapirekey));
++#endif
+     write_setting_s(sesskey, "RekeyBytes", conf_get_str(conf, CONF_ssh_rekey_data));
+     write_setting_b(sesskey, "SshNoAuth", conf_get_bool(conf, CONF_ssh_no_userauth));
+     write_setting_b(sesskey, "SshBanner", conf_get_bool(conf, CONF_ssh_show_banner));
+     write_setting_b(sesskey, "AuthTIS", conf_get_bool(conf, CONF_try_tis_auth));
+     write_setting_b(sesskey, "AuthKI", conf_get_bool(conf, CONF_try_ki_auth));
++#ifndef NO_GSSAPI
+     write_setting_b(sesskey, "AuthGSSAPI", conf_get_bool(conf, CONF_try_gssapi_auth));
+     write_setting_b(sesskey, "AuthGSSAPIKEX", conf_get_bool(conf, CONF_try_gssapi_kex));
+-#ifndef NO_GSSAPI
+     wprefs(sesskey, "GSSLibs", gsslibkeywords, ngsslibs, conf, CONF_ssh_gsslist);
+     write_setting_filename(sesskey, "GSSCustom", conf_get_filename(conf, CONF_ssh_gss_custom));
+ #endif
+@@ -937,7 +941,9 @@ void load_open_settings(settings_r *sesskey, Conf *con
+     gppb(sesskey, "TryAgent", true, conf, CONF_tryagent);
+     gppb(sesskey, "AgentFwd", false, conf, CONF_agentfwd);
+     gppb(sesskey, "ChangeUsername", false, conf, CONF_change_username);
++#ifndef NO_GSSAPI
+     gppb(sesskey, "GssapiFwd", false, conf, CONF_gssapifwd);
++#endif
+     gprefs(sesskey, "Cipher", "\0",
+ 	   ciphernames, CIPHER_MAX, conf, CONF_ssh_cipherlist);
+     {
+@@ -990,7 +996,9 @@ void load_open_settings(settings_r *sesskey, Conf *con
      gprefs(sesskey, "HostKey", "ed25519,ecdsa,rsa,dsa,WARN",
             hknames, HK_MAX, conf, CONF_ssh_hklist);
      gppi(sesskey, "RekeyTime", 60, conf, CONF_ssh_rekey_time);
 +#ifndef NO_GSSAPI
      gppi(sesskey, "GssapiRekey", GSS_DEF_REKEY_MINS, conf, CONF_gssapirekey);
 +#endif
      gpps(sesskey, "RekeyBytes", "1G", conf, CONF_ssh_rekey_data);
      {
  	/* SSH-2 only by default */
+@@ -1007,9 +1015,9 @@ void load_open_settings(settings_r *sesskey, Conf *con
+     gppb(sesskey, "SshBanner", true, conf, CONF_ssh_show_banner);
+     gppb(sesskey, "AuthTIS", false, conf, CONF_try_tis_auth);
+     gppb(sesskey, "AuthKI", true, conf, CONF_try_ki_auth);
++#ifndef NO_GSSAPI
+     gppb(sesskey, "AuthGSSAPI", true, conf, CONF_try_gssapi_auth);
+     gppb(sesskey, "AuthGSSAPIKEX", true, conf, CONF_try_gssapi_kex);
+-#ifndef NO_GSSAPI
+     gprefs(sesskey, "GSSLibs", "\0",
+ 	   gsslibkeywords, ngsslibs, conf, CONF_ssh_gsslist);
+     gppfile(sesskey, "GSSCustom", conf, CONF_ssh_gss_custom);
Index: head/security/putty/files/patch-ssh.c
===================================================================
--- head/security/putty/files/patch-ssh.c	(nonexistent)
+++ head/security/putty/files/patch-ssh.c	(revision 496930)
@@ -0,0 +1,44 @@
+--- ssh.c.orig	2019-03-16 12:26:35 UTC
++++ ssh.c
+@@ -50,7 +50,9 @@ struct Ssh {
+     ssh_sharing_state *connshare;
+     bool attempting_connshare;
+ 
++#ifndef NO_GSSAPI
+     struct ssh_connection_shared_gss_state gss_state;
++#endif
+ 
+     char *savedhost;
+     int savedport;
+@@ -252,10 +254,18 @@ static void ssh_got_ssh_version(struct ssh_version_rec
+                     conf_get_bool(ssh->conf, CONF_tryagent), username,
+                     conf_get_bool(ssh->conf, CONF_change_username),
+                     conf_get_bool(ssh->conf, CONF_try_ki_auth),
++#ifndef NO_GSSAPI
+                     conf_get_bool(ssh->conf, CONF_try_gssapi_auth),
+                     conf_get_bool(ssh->conf, CONF_try_gssapi_kex),
+                     conf_get_bool(ssh->conf, CONF_gssapifwd),
+-                    &ssh->gss_state);
++                    &ssh->gss_state
++#else
++                    false,
++                    false,
++                    false,
++                    NULL
++#endif
++                    );
+                 ssh_connect_ppl(ssh, userauth_layer);
+                 transport_child_layer = userauth_layer;
+ 
+@@ -267,7 +277,11 @@ static void ssh_got_ssh_version(struct ssh_version_rec
+                 ssh->fullhostname,
+                 ssh_verstring_get_local(old_bpp),
+                 ssh_verstring_get_remote(old_bpp),
++#ifndef NO_GSSAPI
+                 &ssh->gss_state,
++#else
++                NULL,
++#endif
+                 &ssh->stats, transport_child_layer, false);
+             ssh_connect_ppl(ssh, ssh->base_layer);
+ 

Property changes on: head/security/putty/files/patch-ssh.c
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/security/putty/files/patch-ssh2transport.c
===================================================================
--- head/security/putty/files/patch-ssh2transport.c	(nonexistent)
+++ head/security/putty/files/patch-ssh2transport.c	(revision 496930)
@@ -0,0 +1,19 @@
+--- ssh2transport.c.orig	2019-03-16 12:26:35 UTC
++++ ssh2transport.c
+@@ -1781,6 +1781,7 @@ static void ssh2_transport_gss_update(struct ssh2_tran
+     if (mins > 0 && s->gss_ctxt_lifetime <= mins * 60)
+         s->gss_status |= GSS_CTXT_EXPIRES;
+ }
++#endif /* NO_GSSAPI */
+ 
+ ptrlen ssh2_transport_get_session_id(PacketProtocolLayer *ppl)
+ {
+@@ -1804,8 +1805,6 @@ void ssh2_transport_notify_auth_done(PacketProtocolLay
+     s->rekey_class = RK_POST_USERAUTH;
+     queue_idempotent_callback(&s->ppl.ic_process_queue);
+ }
+-
+-#endif /* NO_GSSAPI */
+ 
+ static bool ssh2_transport_get_specials(
+     PacketProtocolLayer *ppl, add_special_fn_t add_special, void *ctx)

Property changes on: head/security/putty/files/patch-ssh2transport.c
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/security/putty/files/patch-ssh2userauth.c
===================================================================
--- head/security/putty/files/patch-ssh2userauth.c	(nonexistent)
+++ head/security/putty/files/patch-ssh2userauth.c	(revision 496930)
@@ -0,0 +1,28 @@
+--- ssh2userauth.c.orig	2019-03-16 12:26:35 UTC
++++ ssh2userauth.c
+@@ -613,8 +613,10 @@ static void ssh2_userauth_process_queue(PacketProtocol
+                  * Scan it for method identifiers we know about.
+                  */
+                 bool srv_pubkey = false, srv_passwd = false;
+-                bool srv_keyb_inter = false, srv_gssapi = false;
+-                bool srv_gssapi_keyex_auth = false;
++                bool srv_keyb_inter = false;
++#ifndef NO_GSSAPI
++                bool srv_gssapi = false, srv_gssapi_keyex_auth = false;
++#endif
+ 
+                 for (ptrlen method; get_commasep_word(&methods, &method) ;) {
+                     if (ptrlen_eq_string(method, "publickey"))
+@@ -623,10 +625,12 @@ static void ssh2_userauth_process_queue(PacketProtocol
+                         srv_passwd = true;
+                     else if (ptrlen_eq_string(method, "keyboard-interactive"))
+                         srv_keyb_inter = true;
++#ifndef NO_GSSAPI
+                     else if (ptrlen_eq_string(method, "gssapi-with-mic"))
+                         srv_gssapi = true;
+                     else if (ptrlen_eq_string(method, "gssapi-keyex"))
+                         srv_gssapi_keyex_auth = true;
++#endif
+                 }
+ 
+                 /*

Property changes on: head/security/putty/files/patch-ssh2userauth.c
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Index: head/security/putty/files/patch-sshserver.c
===================================================================
--- head/security/putty/files/patch-sshserver.c	(nonexistent)
+++ head/security/putty/files/patch-sshserver.c	(revision 496930)
@@ -0,0 +1,48 @@
+--- sshserver.c.orig	2019-03-16 12:26:36 UTC
++++ sshserver.c
+@@ -50,7 +50,9 @@ struct server {
+     PacketProtocolLayer *base_layer;
+     ConnectionLayer *cl;
+ 
++#ifndef NO_GSSAPI
+     struct ssh_connection_shared_gss_state gss_state;
++#endif
+ };
+ 
+ static void ssh_server_free_callback(void *vsrv);
+@@ -245,9 +247,11 @@ Plug *ssh_server_plug(
+     bufchain_init(&srv->out_raw);
+     bufchain_init(&srv->dummy_user_input);
+ 
++#ifndef NO_GSSAPI
+     /* FIXME: replace with sensible */
+     srv->gss_state.libs = snew(struct ssh_gss_liblist);
+     srv->gss_state.libs->nlibraries = 0;
++#endif
+ 
+     return &srv->plug;
+ }
+@@ -297,7 +301,9 @@ static void ssh_server_free_callback(void *vsrv)
+     conf_free(srv->conf);
+     log_free(srv->logctx);
+ 
++#ifndef NO_GSSAPI
+     sfree(srv->gss_state.libs);        /* FIXME: replace with sensible */
++#endif
+ 
+     sfree(srv);
+ 
+@@ -442,7 +448,12 @@ static void server_got_ssh_version(struct ssh_version_
+             srv->conf, NULL, 0, NULL,
+             ssh_verstring_get_remote(old_bpp),
+             ssh_verstring_get_local(old_bpp),
+-            &srv->gss_state, &srv->stats, transport_child_layer, true);
++#ifndef NO_GSSAPI
++            &srv->gss_state,
++#else
++            NULL,
++#endif
++            &srv->stats, transport_child_layer, true);
+         ssh2_transport_provide_hostkeys(
+             srv->base_layer, srv->hostkeys, srv->nhostkeys);
+         if (userauth_layer)

Property changes on: head/security/putty/files/patch-sshserver.c
___________________________________________________________________
Added: fbsd:nokeywords
## -0,0 +1 ##
+yes
\ No newline at end of property
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property