The attached patch would add a new option to configure Proftpd with libsodium support. With libsodium will the usage of ED25519 SSH keys be supported: http://bugs.proftpd.org/show_bug.cgi?id=4221 http://www.proftpd.org/docs/contrib/mod_sftp.html#:~:text=Ed25519%20algorithm%20requires%20the%20libsodium Patch was tested with FreeBSD 13.
Created attachment 235651 [details] Makefile patch
Created attachment 247173 [details] Makefile patch for libsodium libsodium support for Scrypt and Argon2 passwords plus additional public key format ed25519
I ran into this exact problem with the ed25519 key for mod_sftp so I found I need libsodium at build time, I patched Makefile, built, tested and right now I see there is this PR with patch already made. Libsodium provides additional strong algorithms for passwords too (namely Scrypt and Argon2 http://www.proftpd.org/docs/contrib/mod_sql_passwd.html) Can somebody commit the patch? (I don't care which one)
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=fc281da4dc2af0f1aaac1fc3ca29fa6f04dcdcc9 commit fc281da4dc2af0f1aaac1fc3ca29fa6f04dcdcc9 Author: Martin Matuska <mm@FreeBSD.org> AuthorDate: 2024-01-08 00:00:42 +0000 Commit: Martin Matuska <mm@FreeBSD.org> CommitDate: 2024-01-08 00:08:05 +0000 ftp/proftpd: update to 1.3.8b and add libsodium support Provides mitigation for "Terrapin" SSH attack. Support stronger key algorithms using libsodium by default. PR: 265590, 276168 Security: CVE-2023-48795 databases/proftpd-mod_sql_tds/distinfo | 6 +++--- ftp/proftpd-mod_vroot/distinfo | 6 +++--- ftp/proftpd/Makefile | 13 +++++++++---- ftp/proftpd/distinfo | 6 +++--- security/proftpd-mod_clamav/distinfo | 6 +++--- 5 files changed, 21 insertions(+), 16 deletions(-)