Index: Makefile =================================================================== --- Makefile (revision 443944) +++ Makefile (working copy) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= dropbear -PORTVERSION= 2016.74 +PORTVERSION= 2017.75 CATEGORIES= security ipv6 MASTER_SITES= http://matt.ucc.asn.au/dropbear/releases/ @@ -19,8 +19,38 @@ USE_RC_SUBR= ${PORTNAME} -OPTIONS_DEFINE= STATIC +OPTIONS_DEFINE= DH_GROUP1 SMALL_CODE STATIC +OPTIONS_DEFAULT= AES128 AES256 CTR RSA SHA2_256 SHA2_512 SMALL_CODE TWOFISH128 TWOFISH256 +OPTIONS_MULTI= ENC KEY MAC MODE +OPTIONS_MULTI_ENC= AES128 3DES AES256 BLOWFISH TWOFISH256 TWOFISH128 +OPTIONS_MULTI_MODE= CBC CTR +OPTIONS_MULTI_KEY= ECDSA DSA RSA +OPTIONS_MULTI_MAC= MD5 SHA1 SHA1_96 SHA2_256 SHA2_512 +3DES_DESC= Enable 3DES-based encryption +AES128_DESC= Enable AES128-based encryption +AES256_DESC= Enable AES256-based encryption +TWOFISH128_DESC= Enable Twofish128-based encryption +TWOFISH256_DESC= Enable Twofish256-based encryption +BLOWFISH_DESC= Enable Blowfish-based encryption + +DH_GROUP1_DESC= Enable Group1 Diffie-Hellman (less secure) + +CBC_DESC= Use CBC mode for ciphers (less secure) +CTR_DESC= Use CTR mode for ciphers (more secure) + +ECDSA_DESC= Enable ECDSA public key support +DSA_DESC= Enable DSA public key support +RSA_DESC= Enable RSA public key support + +MD5_DESC= Enable MD5 MAC (broken) +SHA1_DESC= Enable SHA1 MAC (less secure) +SHA1_96_DESC= Enable SHA1_96 MAC (less secure) +SHA2_256_DESC= Enable SHA2_256 MAC +SHA2_512_DESC= Enable SHA2_512 MAC + +SMALL_CODE_DESC= Make binary smaller in exchange for 50% performance hit + STATIC_LDFLAGS= -static post-patch: @@ -30,6 +60,78 @@ @${REINPLACE_CMD} -e "s,make clean,\$${MAKE} clean," \ ${WRKSRC}/libtomcrypt/Makefile.in +post-patch-SMALL_CODE-off: + @${REINPLACE_CMD} -e "s,#define DROPBEAR_SMALL_CODE,/*#define DROPBEAR_SMALL_CODE*/,g" \ + ${WRKSRC}/options.h + +post-patch-3DES-off: + @${REINPLACE_CMD} -e "s,#define DROPBEAR_3DES,/*#define DROPBEAR_3DES*/,g" \ + ${WRKSRC}/options.h + +post-patch-AES128-off: + @${REINPLACE_CMD} -e "s,#define DROPBEAR_AES128,/*#define DROPBEAR_AES128*/,g" \ + ${WRKSRC}/options.h + +post-patch-AES256-off: + @${REINPLACE_CMD} -e "s,#define DROPBEAR_AES256,/*#define DROPBEAR_AES256*/,g" \ + ${WRKSRC}/options.h + +post-patch-TWOFISH256-off: + @${REINPLACE_CMD} -e "s,#define DROPBEAR_TWOFISH256,/*#define DROPBEAR_TWOFISH256*/,g" \ + ${WRKSRC}/options.h + +post-patch-TWOFISH128-off: + @${REINPLACE_CMD} -e "s,#define DROPBEAR_TWOFISH128,/*#define DROPBEAR_TWOFISH128*/,g" \ + ${WRKSRC}/options.h + +post-patch-BLOWFISH-on: + @${REINPLACE_CMD} -e "s,/\*#define DROPBEAR_BLOWFISH\*/,#define DROPBEAR_BLOWFISH,g" \ + ${WRKSRC}/options.h + +post-patch-CBC-off: + @${REINPLACE_CMD} -e "s,#define DROPBEAR_ENABLE_CBC_MODE,/*#define DROPBEAR_ENABLE_CBC_MODE*/,g" \ + ${WRKSRC}/options.h + +post-patch-CTR-off: + @${REINPLACE_CMD} -e "s,#define DROPBEAR_ENABLE_CTR_MODE,/*#define DROPBEAR_ENABLE_CTR_MODE*/,g" \ + ${WRKSRC}/options.h + +post-patch-DH_GROUP1-off: + @${REINPLACE_CMD} -e "s,#define DROPBEAR_DH_GROUP1 1,/*#define DROPBEAR_DH_GROUP1 1*/,g" \ + ${WRKSRC}/options.h + +post-patch-DSA-off: + @${REINPLACE_CMD} -e "s,#define DROPBEAR_DSS,/*#define DROPBEAR_DSS*/,g" \ + ${WRKSRC}/options.h + +post-patch-RSA-off: + @${REINPLACE_CMD} -e "s,#define DROPBEAR_RSA,/*#define DROPBEAR_RSA*/,g" \ + ${WRKSRC}/options.h + +post-patch-ECDSA-off: + @${REINPLACE_CMD} -e "s,#define DROPBEAR_ECDSA,/*#define DROPBEAR_ECDSA*/,g" \ + ${WRKSRC}/options.h + +post-patch-MD5-off: + @${REINPLACE_CMD} -e "s,#define DROPBEAR_MD5_HMAC,/*#define DROPBEAR_MD5_HMAC*/,g" \ + ${WRKSRC}/options.h + +post-patch-SHA1-off: + @${REINPLACE_CMD} -e "s,#define DROPBEAR_SHA1_HMAC,/*#define DROPBEAR_SHA1_HMAC*/,g" \ + ${WRKSRC}/options.h + +post-patch-SHA1_96-off: + @${REINPLACE_CMD} -e "s,#define DROPBEAR_SHA1_96_HMAC,/*#define DROPBEAR_SHA1_96_HMAC*/,g" \ + ${WRKSRC}/options.h + +post-patch-SHA2_256-off: + @${REINPLACE_CMD} -e "s,#define DROPBEAR_SHA2_256_HMAC,/*#define DROPBEAR_SHA2_256_HMAC*/,g" \ + ${WRKSRC}/options.h + +post-patch-SHA2_512-off: + @${REINPLACE_CMD} -e "s,#define DROPBEAR_SHA2_512_HMAC,/*#define DROPBEAR_SHA2_512_HMAC*/,g" \ + ${WRKSRC}/options.h + do-install: @${MKDIR} ${STAGEDIR}${PREFIX}/etc/dropbear ${INSTALL_PROGRAM} ${WRKSRC}/dbclient ${STAGEDIR}${PREFIX}/bin Index: distinfo =================================================================== --- distinfo (revision 443944) +++ distinfo (working copy) @@ -1,3 +1,3 @@ -TIMESTAMP = 1469201269 -SHA256 (dropbear-2016.74.tar.bz2) = 2720ea54ed009af812701bcc290a2a601d5c107d12993e5d92c0f5f81f718891 -SIZE (dropbear-2016.74.tar.bz2) = 1622234 +TIMESTAMP = 1497947793 +SHA256 (dropbear-2017.75.tar.bz2) = 6cbc1dcb1c9709d226dff669e5604172a18cf5dbf9a201474d5618ae4465098c +SIZE (dropbear-2017.75.tar.bz2) = 1623392