git: 765de7a6ce54 - main - security/putty: update to snapshot 20221023
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 23 Oct 2022 10:27:40 UTC
The branch main has been updated by mandree:
URL: https://cgit.FreeBSD.org/ports/commit/?id=765de7a6ce543a53566a43544c07db2e2686e0df
commit 765de7a6ce543a53566a43544c07db2e2686e0df
Author: Matthias Andree <mandree@FreeBSD.org>
AuthorDate: 2022-10-23 10:25:24 +0000
Commit: Matthias Andree <mandree@FreeBSD.org>
CommitDate: 2022-10-23 10:25:24 +0000
security/putty: update to snapshot 20221023
FreeBSD-relevant changes since previous snapshot:
* 75ac4443 2022-10-22 | Document subdomain matching of cert expr wildcards. [Jacob Nevins]
* 500568d2 2022-10-22 | Docs: fix trivial typo from 6472f7fc77. [Jacob Nevins]
* 5f3b743e 2022-10-21 | Tweak certified-host-key prompt. [Jacob Nevins]
* bb1ebc9b 2022-10-21 | Docs: tweak certified-host-key warning responses. [Jacob Nevins]
* 5716c638 2022-10-21 | Docs: cross-reference host-key warning sections. [Jacob Nevins]
* 8c534c26 2022-10-21 | Docs: note "wrong host key" warning is stronger. [Jacob Nevins]
* 1d1d81d6 2022-10-21 | Fix regressions in Gtk host key "More info". [Jacob Nevins]
* dc9ab5e0 2022-10-21 | Rename NTRU Prime / Curve25519 kex in UI. [Jacob Nevins]
* 6472f7fc 2022-10-21 | Docs: update Pageant key list description. [Jacob Nevins]
* 5d5a6a8f 2022-10-21 | Docs: MD5 is forced for SSH-1 key fingerprints. [Jacob Nevins]
* d4298308 2022-10-21 | Docs: prime generation defaults are usually fine. [Jacob Nevins]
* 2b5b7b5c 2022-10-21 | Docs: note warning about <2048-bit RSA/DSA keys. [Jacob Nevins]
* 617bf732 2022-10-21 | Docs: PuTTYgen: fix gratuitous exclusion of PSFTP. [Jacob Nevins]
* 11950739 2022-10-21 | Docs: add index alias for "ECDSA". [Jacob Nevins]
* 4af8a585 2022-10-20 | cmdgen: Fix docs and usage messages. [Jacob Nevins]
* 68c97fb2 2022-10-19 | Fix installing man pages from our tarballs. [Jacob Nevins]
* 2222cd10 2022-10-12 | AES-GCM NEON: cope with missing vaddq_p128. [Simon Tatham]
While here, fix PORTVERSION->DISTVERSION to get rid of the tilde
that confuses pkg(8).
And while it may not fix the issue, I still want this commit log
to appear in
PR: 267253
---
security/putty/Makefile | 28 +++++++--------
security/putty/distinfo | 6 ++--
security/putty/files/patch-vaddq_p128 | 65 -----------------------------------
3 files changed, 17 insertions(+), 82 deletions(-)
diff --git a/security/putty/Makefile b/security/putty/Makefile
index 2819f4bccfc3..3ba2b193d719 100644
--- a/security/putty/Makefile
+++ b/security/putty/Makefile
@@ -1,7 +1,6 @@
PORTNAME= putty
-PORTVERSION= 0.78~pre20220922
-DISTVERSIONSUFFIX= .9fcfd67
-PORTREVISION= 1
+DISTVERSION= 0.78~pre20221023
+DISTVERSIONSUFFIX= .0c59d49
CATEGORIES= security
#MASTER_SITES= http://the.earth.li/~sgtatham/putty/${PORTVERSION}/ \
# ftp://ftp.chiark.greenend.org.uk/users/sgtatham/putty-latest/
@@ -37,9 +36,7 @@ PLIST_FILES= bin/pageant \
OPTIONS_DEFINE= GTK3
OPTIONS_DEFAULT= GSSAPI_BASE GTK3
OPTIONS_SINGLE= GSSAPI_SELECT
-OPTIONS_SINGLE_GSSAPI_SELECT= GSSAPI_BASE \
- GSSAPI_HEIMDAL \
- GSSAPI_MIT \
+OPTIONS_SINGLE_GSSAPI_SELECT= GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT \
GSSAPI_NONE
.include <bsd.port.options.mk>
@@ -74,26 +71,29 @@ CMAKE_ARGS+= -DPUTTY_GTK_VERSION:STRING=NONE
.if ${PORT_OPTIONS:MGSSAPI_BASE} # Heimdal-like in base system
USES+= gssapi:base,flags
-CMAKE_ARGS+= -DPUTTY_GSSAPI:STRING=STATIC -DKRB5_CONFIG:PATH=${KRB5CONFIG}
+CMAKE_ARGS+= -DKRB5_CONFIG:PATH=${KRB5CONFIG} \
+ -DPUTTY_GSSAPI:STRING=STATIC
.elif ${PORT_OPTIONS:MGSSAPI_HEIMDAL}
USES+= gssapi:heimdal,flags
-CMAKE_ARGS+= -DPUTTY_GSSAPI:STRING=STATIC -DKRB5_CONFIG:PATH=${KRB5CONFIG}
+CMAKE_ARGS+= -DKRB5_CONFIG:PATH=${KRB5CONFIG} \
+ -DPUTTY_GSSAPI:STRING=STATIC
.elif ${PORT_OPTIONS:MGSSAPI_MIT}
USES+= gssapi:mit,flags
-CMAKE_ARGS+= -DPUTTY_GSSAPI:STRING=STATIC -DKRB5_CONFIG:PATH=${KRB5CONFIG}
+CMAKE_ARGS+= -DKRB5_CONFIG:PATH=${KRB5CONFIG} \
+ -DPUTTY_GSSAPI:STRING=STATIC
.else
CMAKE_ARGS+= -DPUTTY_GSSAPI:STRING=OFF
.endif
post-patch:
- # we don't want to inherit FreeBSD commits
- # as PUTTY Git commit revisions,
- # so pretend we do not have Git:
+# we don't want to inherit FreeBSD commits
+# as PUTTY Git commit revisions,
+# so pretend we do not have Git:
${REINPLACE_CMD} '/FindGit/d' \
${WRKSRC}/cmake/setup.cmake \
${WRKSRC}/doc/CMakeLists.txt
- # nuke pkg-config detection of GSSAPI/Kerberos libs,
- # it interferes with FreeBSD's krb5-config approach
+# nuke pkg-config detection of GSSAPI/Kerberos libs,
+# it interferes with FreeBSD's krb5-config approach
${REINPLACE_CMD} '/pkg_check_modules(KRB5 krb5-gssapi)/d' \
${WRKSRC}/cmake/platforms/unix.cmake
diff --git a/security/putty/distinfo b/security/putty/distinfo
index da5942e14783..cef36ae06d2c 100644
--- a/security/putty/distinfo
+++ b/security/putty/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1663867740
-SHA256 (putty-0.78~pre20220922.9fcfd67.tar.gz) = 6ec5ed3c341cd4c815f7233fbc51bc925accf433fe58e233aa3eb67078994f5c
-SIZE (putty-0.78~pre20220922.9fcfd67.tar.gz) = 2811211
+TIMESTAMP = 1666518096
+SHA256 (putty-0.78~pre20221023.0c59d49.tar.gz) = 205c9a7462d4e4ef8808cf7b2c485d3c30dfb6783625323e3b39b047c867f8aa
+SIZE (putty-0.78~pre20221023.0c59d49.tar.gz) = 2814676
diff --git a/security/putty/files/patch-vaddq_p128 b/security/putty/files/patch-vaddq_p128
deleted file mode 100644
index ed5e0ca0cca4..000000000000
--- a/security/putty/files/patch-vaddq_p128
+++ /dev/null
@@ -1,65 +0,0 @@
-commit 2222cd104dc5bd424fe025b98c133c91195cf9f3
-Author: Simon Tatham <anakin@pobox.com>
-Date: Wed Oct 12 12:54:36 2022 +0100
-
- AES-GCM NEON: cope with missing vaddq_p128.
-
- In some compilers (I'm told clang 10, in particular), the NEON
- intrinsic vaddq_p128 is missing, even though its input type poly128_t
- is provided.
-
- vaddq_p128 is just an XOR of two vector registers, so that's easy to
- work around by casting to a more mundane type and back. Added a
- configure-time test for that intrinsic, and a workaround to be used in
- its absence.
-
-diff --git a/cmake/cmake.h.in b/cmake/cmake.h.in
-index 91d52d78..5ad32515 100644
---- ./cmake/cmake.h.in
-+++ b/cmake/cmake.h.in
-@@ -54,6 +54,7 @@
- #cmakedefine01 HAVE_CLMUL
- #cmakedefine01 HAVE_NEON_CRYPTO
- #cmakedefine01 HAVE_NEON_PMULL
-+#cmakedefine01 HAVE_NEON_VADDQ_P128
- #cmakedefine01 HAVE_NEON_SHA512
- #cmakedefine01 HAVE_NEON_SHA512_INTRINSICS
- #cmakedefine01 USE_ARM64_NEON_H
-diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt
-index ff04efb5..4b0aa907 100644
---- ./crypto/CMakeLists.txt
-+++ b/crypto/CMakeLists.txt
-@@ -195,6 +195,14 @@ if(neon)
- int main(void) { r = vmull_p64(a, b); r = vmull_high_p64(u, v); }"
- ADD_SOURCES_IF_SUCCESSFUL aesgcm-neon.c)
-
-+ test_compile_with_flags(HAVE_NEON_VADDQ_P128
-+ GNU_FLAGS -march=armv8-a+crypto
-+ MSVC_FLAGS -D_ARM_USE_NEW_NEON_INTRINSICS
-+ TEST_SOURCE "
-+ #include <${neon_header}>
-+ volatile poly128_t r;
-+ int main(void) { r = vaddq_p128(r, r); }")
-+
- # The 'sha3' architecture extension, despite the name, includes
- # support for SHA-512 (from the SHA-2 standard) as well as SHA-3
- # proper.
-diff --git a/crypto/aesgcm-neon.c b/crypto/aesgcm-neon.c
-index dd7b83cc..64bc8349 100644
---- ./crypto/aesgcm-neon.c
-+++ b/crypto/aesgcm-neon.c
-@@ -87,6 +87,14 @@ static inline void store_p128_be(void *p, poly128_t v)
- vst1q_u8(p, vrev64q_u8(vreinterpretq_u8_p128(swapped)));
- }
-
-+#if !HAVE_NEON_VADDQ_P128
-+static inline poly128_t vaddq_p128(poly128_t a, poly128_t b)
-+{
-+ return vreinterpretq_p128_u32(veorq_u32(
-+ vreinterpretq_u32_p128(a), vreinterpretq_u32_p128(b)));
-+}
-+#endif
-+
- /*
- * Key setup is just like in aesgcm-ref-poly.c. There's no point using
- * vector registers to accelerate this, because it happens rarely.