Bug 265590
| Summary: | ftp/proftpd: add libsodium support | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Alexander Pücker <alexander.puecker> | ||||||
| Component: | Individual Port(s) | Assignee: | Martin Matuska <mm> | ||||||
| Status: | Closed FIXED | ||||||||
| Severity: | Affects Some People | CC: | 000.fbsd | ||||||
| Priority: | --- | Flags: | bugzilla:
maintainer-feedback?
(mm) |
||||||
| Version: | Latest | ||||||||
| Hardware: | Any | ||||||||
| OS: | Any | ||||||||
| Attachments: |
|
||||||||
|
Description
Alexander Pücker
2022-08-03 07:41:36 UTC
Created attachment 235651 [details]
Makefile patch
Created attachment 247173 [details]
Makefile patch for libsodium
libsodium support for Scrypt and Argon2 passwords plus additional public key format ed25519
I ran into this exact problem with the ed25519 key for mod_sftp so I found I need libsodium at build time, I patched Makefile, built, tested and right now I see there is this PR with patch already made. Libsodium provides additional strong algorithms for passwords too (namely Scrypt and Argon2 http://www.proftpd.org/docs/contrib/mod_sql_passwd.html) Can somebody commit the patch? (I don't care which one) A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=fc281da4dc2af0f1aaac1fc3ca29fa6f04dcdcc9 commit fc281da4dc2af0f1aaac1fc3ca29fa6f04dcdcc9 Author: Martin Matuska <mm@FreeBSD.org> AuthorDate: 2024-01-08 00:00:42 +0000 Commit: Martin Matuska <mm@FreeBSD.org> CommitDate: 2024-01-08 00:08:05 +0000 ftp/proftpd: update to 1.3.8b and add libsodium support Provides mitigation for "Terrapin" SSH attack. Support stronger key algorithms using libsodium by default. PR: 265590, 276168 Security: CVE-2023-48795 databases/proftpd-mod_sql_tds/distinfo | 6 +++--- ftp/proftpd-mod_vroot/distinfo | 6 +++--- ftp/proftpd/Makefile | 13 +++++++++---- ftp/proftpd/distinfo | 6 +++--- security/proftpd-mod_clamav/distinfo | 6 +++--- 5 files changed, 21 insertions(+), 16 deletions(-) |
