security/dropbear: update to 2024.86

Also strip binaries.

MAN?PREFIX: eleminate its usage  and move man to share/man

security/dropbear: Unbundle libtom* libs by default

Add option to use libtom* libraries from ports tree and set as default

PR:		274351
Reviewed by:	pkubaj (maintainer)

security/dropbear: update to 2022.83

Features and Changes:
  Note >> for compatibility/configuration changes

- >> Disable DROPBEAR_DSS by default
  It is only 1024 bit and uses sha1, most distros disable it by default already.

- Added DROPBEAR_RSA_SHA1 option to allow disabling sha1 rsa signatures.
  >> RSA with sha1 will be disabled in a future release (rsa keys will continue
  to work OK, with sha256 signatures used instead).

- Add option for requiring both password and pubkey (-t)
  Patch from Jackkal

Remove WWW entries moved into port Makefiles

Commit b7f05445c00f has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.

This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.

Approved by:		portmgr (tcberner)

Add WWW entries to port Makefiles

It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.

Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.

There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.

security: remove 'Created by' lines

A big Thank You to the original contributors of these ports:

  *  <ports@c0decafe.net>
  *  Aaron Dalton <aaron@FreeBSD.org>
  *  Adam Weinberger <adamw@FreeBSD.org>
  *  Ade Lovett <ade@FreeBSD.org>
  *  Aldis Berjoza <aldis@bsdroot.lv>
  *  Alex Dupre <ale@FreeBSD.org>
  *  Alex Kapranoff <kappa@rambler-co.ru>
  *  Alex Samorukov <samm@freebsd.org>
  *  Alexander Botero-Lowry <alex@foxybanana.com>
  *  Alexander Kriventsov <avk@vl.ru>
  *  Alexander Leidinger <netchild@FreeBSD.org>

security/dropbear: update to 2022.82

Remove the not supported TWOFISH options.

Changelog:	https://matt.ucc.asn.au/dropbear/CHANGES

security/dropbear: Fix CPE information because current one is deprecated

Approved by:    portmgr (blanket)

Remove # $FreeBSD$ from Makefiles.

security/dropbear: update to 2020.81

Changelog:
- Fix regression in 2020.79 which prevented connecting with some SSH
  implementations. Increase MAX_PROPOSED_ALGO to 50, and print a log
  message if the limit is hit. This fixes interoperability with sshj
  library (used by PyCharm), and GoAnywhere.
  Reported by Pirmin Walthert and Piotr Jurkiewicz

- Fix building with non-GCC compilers, reported by Kazuo Kuroi

- Fix potential long delay in dbclient, found by OSS Fuzz

- Fix null pointer dereference crash, found by OSS Fuzz

- libtommath now uses the same random source as Dropbear (in 2020.79
  and 2020.80 used getrandom() separately)

- Some fuzzing improvements, start of a dbclient fuzzer

security/dropbear: change in rc DSS to ed25519

dropbear no longer supports DSS keys, use ed25519 instead. rc file needs to be
updated.
currently starting dropbear fails with error:
% service dropbear start
...
Unknown key type 'dss'
...

Submitted by:	waitman@waitman.net
PR:		250192
MFH:		2020Q4 (runtime fix)

security/dropbear: Fix typo and unbreak SHA2_512 option

Reported by:	portscan

security/dropbear: update to 2020.80

security/dropbear: update to 2020.79

Add some new options, remove needless patching, move to Dropbear's system for
non-default options.

security/dropbear: add scp

Build and install the scp binary with the dropbear package. To avoid a name
colision with openssh-portable, call binary dbscp.

PR:		242551
Submitted by:	mm

Drop the ipv6 virtual category for s* category as it is not relevant anymore

security/dropbear: update to 2019.78, change maintainer

Update the port to 2019.78 and change maintainer to my FreeBSD address.

Approved by:	mat (mentor)
Differential Revision:	https://reviews.freebsd.org/D20601

security/dropbear: fix CBC option

PR:		232143
Reported by:	dewayne@heuristicsystems.com.au
Approved by:	Piotr Kubaj <pkubaj@anongoth.pl> (maintainer)

security/dropbear: mark CBC option broken

PR:		226339
Approved by:	Piotr Kubaj <pkubaj@anongoth.pl> (maintainer)

security/dropbear: Update to version 2018.76

PR:		226339
Submitted by:	pkubaj@anongoth.pl (maintainer)
Differential Revision:	https://reviews.freebsd.org/D14829

Updated to 2017.75

Changelog:	https://matt.ucc.asn.au/dropbear/CHANGES

PR:		220158
Submitted by:	Piotr Kubaj <pkubaj@anongoth.pl> (maintainer)
Reviewed by:	lifanov (mentor)
Approved by:	lifanov (mentor)
MFH:		2017Q3
Security:	http://www.vuxml.org/freebsd/60931f98-55a7-11e7-8514-589cfc0654e1.html
Differential Revision:	https://reviews.freebsd.org/D11400

- Update to version 2016.74
- Add license information

Changelog:
- Security: Message printout was vulnerable to format string injection.

  If specific usernames including "%" symbols can be created on a system
  (validated by getpwnam()) then an attacker could run arbitrary code as root
  when connecting to Dropbear server.

  A dbclient user who can control username or host arguments could potentially
  run arbitrary code as the dbclient user. This could be a problem if scripts
  or webpages pass untrusted input to the dbclient program.

- Security: dropbearconvert import of OpenSSH keys could run arbitrary code as

Update to 2016.73

PR:		208962
Submitted by:	maintainer
Sponsored by:	Essen Linuxhotel Hackathon 2016

- Add CPE information

PR:		208327
Submitted by:	shun.fbsd.pr@dropcut.net
Approved by:	portmgr blanket

security/dropbear: Update to 2016.72

PR:		207903
MFH:		2016Q1
Security:	CVE-2016-3116

security/dropbear: support extra arguments in rc.conf

PR:		206211
Submitted by:	gahr
Approved by:	pkubaj@anongoth.pl (maintainer)

- Update to 2015.71
- Update maintainer mail

PR:		206000
Submitted by:	maintainer

- Pass maintainership to submitter

Submitted by:	Piotr Kubaj <pkubaj@riseup.net>

- Update to 2015.68 [1]
- Drop maintainership

PR:	203694 [1]
Submitted by:	pkubaj@riseup.net

- Update to 2015.67

- Convert to pkg-plist

Put back empty dir in plist

cleanup plist

- Update to 2014.66

- Remove obsolete @dirrm(try)
- Convert PLIST_DIRSTRY to PLIST_DIRS

- Update to 2014.65

- Update to 2014.63

- Add/update license when possible
- Modernize ports Makefiles
- Update MASTER_SITES/distfile for converters/chmview

- Update to 2013.62

- Update to 2013.60

- Update to 2013.59

- Support STAGEDIR
- Convert to USES=gmake
- Convert to options helpers
- Reformat pkg-descr

Add NO_STAGE all over the place in preparation for the staging support (cat:
security)

- Update to 2013.58

Feature safe:	yes

- Update to 2013.57

Feature safe: yes

- Install manpages [1]
- Convert Makefile headers to new style
- Remove indefinite article from COMMENT

PR:	ports/176198 (based on) [1]
Submitted by:	Brett Wynkoop <bsdbugs@wynn.com>

- Convert to optionsNG
- Pet portlint
- Remove pkg-plist from security/dropbear

Approved by:    eadler (mentor)

Update to 2012.55
- fix arbitrary code execution (CVE-2012-0920)

Approved by:    eadler (mentor)

Update maintainer email in my ports

Approved by:    eadler (mentor)

In the rc.d scripts, change assignments to rcvar to use the
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().

In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.

- Fix compile if WITH_STATIC is enabled [1]
- Also pr ports/163593, which is a duplicate of this one. root@42.org [2]

PR:             ports/163217
Submitted by:   Mattia Rossi <mrossi@swin.edu.au> [1], root@42.org [2]
Approved by:    spam@rm-rf.kiev.ua (maintainer), gabor (mentor)

- Add LDFLAGS to CONFIGURE_ENV and MAKE_ENV (as it was done with LDFLAGS)
- Fix all ports that add {CPP,LD}FLAGS to *_ENV to modify flags instead

PR:             157936
Submitted by:   myself
Exp-runs by:    pav
Approved by:    pav

- Update to 0.53.1

PR:             ports/158027
Submitted by:   Alex Kozlov <spam@rm-rf.kiev.ua> (maintainer)

Begin the process of deprecating sysutils/rc_subr by
s#. %%RC_SUBR%%#. /etc/rc.subr#

Remove an unneeded inclusion of <utmp.h>.

Submitted by:   Alex Kozlov <spam rm-rf kiev ua>

- Update to 0.52

PR:             129961
Submitted by:   Alex Kozlov <spam@rm-rf.kiev.ua> (maintainer)

- Update to 0.51
- Use @dirrmtry

PR:             ports/123355
Submitted by:   Alex Kozlov <spam at rm-rf.kiev.ua> (maintainer)

- Remove unneeded dependency from gtk12/gtk20 [1]
- Remove USE_XLIB/USE_X_PREFIX/USE_XPM in favor of USE_XORG
- Remove X11BASE support in favor of LOCALBASE or PREFIX
- Use USE_LDCONFIG instead of INSTALLS_SHLIB
- Remove unneeded USE_GCC 3.4+

Thanks to all Helpers:
        Dmitry Marakasov, Chess Griffin, beech@, dinoex, rafan, gahr,
        ehaupt, nox, itetcu, flz, pav

PR:             116263
Tested on:      pointyhat
Approved by:    portmgr (pav)

- Update security/dropbear to 0.50.
-Drop deprecated WANT_* knob.

PR:             ports/115475
Submitted by:   Alex Kozlov (maintainer)

- Use new world rc script

PR:             ports/111361
Approved by:    Alex Kozlov (maintainer)
Tested by:      Alex Kozlov, rafan

- Pass maintainership to Alex Kozlov.

- Update to 0.49
- OPTIONify
- Fix some documentation
- drop maintainership

PR:             ports/108785
Submitted by:   Alex Kozlov<spam@rm-rf.kiev.ua>

- Update to 0.48.1

Remove USE_REINPLACE from all categories starting with S

- Update to 0.47
- SECURITY: fix for buffer allocation error in server code, could potentially
  allow authenticated users to gain elevated privileges.

PR:             ports/90531
Submitted by:   Gea-Suan Lin <gslin@gslin.org>

- Update to 0.46

- Update to 0.44

Security fix.
- Update to 0.43
  This release fixes a DSS verification vulnerability.
  See:
 
http://www.freebsd.org/ports/portaudit/0316f983-dfb6-11d8-9b0a-000347a4fa7d.html

- SIZEify distinfo

Bump PORTREVISION on all ports that depend on gettext to aid with upgrading.

(Part 1)

- Update to 0.41

- Update to 0.40

Approved by:        erwin (mentor) (implicitly)

- Update my email address

Approved and reviewed by:    erwin (mentor)

- Update to version 0.39

PR:             60296
Submitted by:   maintainer

Update to 0.38

PR:             57866
Submitted by:   maintainer

[maintainer patch] security/dropbear: Change fetch location

        I'm rearranging the files a bit on the Dropbear site to
        avoid problems with links going away for previous versions,
        would you be able to change the source url for Dropbear to
        be the package in the http://matt.ucc.asn.au/dropbear/releases/
        directory, rather than just the /dropbear/ dir?

PR:             ports/57643
Submitted by:   Clement Laforet <sheepkiller@cultdeadsheep.org>

- Update to version 0.37

PR:             57188
Submitted by:   maintainer

[new port] security/dropbear: a lightweight SSH2 server

        Dropbear is an SSH 2 server, designed to be usable in small
        memory environments.

        It supports:
                * Main features of SSH 2 protocol
                * Implements X11 forwarding, and authentication-agent forwarding
                for OpenSSH clients
                * Compatible with OpenSSH ~/.ssh/authorized_keys public key
                authentication

        WWW: http://matt.ucc.asn.au/dropbear/dropbear.html

PR:             ports/55795
Submitted by:   Clement Laforet <sheepkiller@cultdeadsheep.org>