summaryrefslogtreecommitdiff
path: root/net/uftp
diff options
context:
space:
mode:
authornia <nia@pkgsrc.org>2020-11-24 13:25:14 +0000
committernia <nia@pkgsrc.org>2020-11-24 13:25:14 +0000
commita7ba0a0f054cfa270c9ab9b419c74b0cbbe7bf73 (patch)
treedf6b459bddf302c497949b66f55faeaac6fa3daf /net/uftp
parentb63045c20a07c31f65f75fc7e091941d46cf5b30 (diff)
downloadpkgsrc-a7ba0a0f054cfa270c9ab9b419c74b0cbbe7bf73.tar.gz
uftp: Update to 5.0
Version 5.0 - 4/22/2020 Major security updates. The key exchange and key derivation algorithms were modified and supported algorithms were pruned using TLS 1.3 as a basis. This includes: - HKDF used in multiple stages for key derivation from raw shared secrets. - Included addtional context in key derivation and signatures to protect against replay attacks and downgrade attacks. - Reduced set of supported EC curves to those supported by TLS 1.3 - Removed RSA key exchange which does not provide perfect forward secrecy. All key exchanges now use ECDH. - Removed support for SHA-1 hashes in key exchanges. - Supported symmetric ciphers are AES in AEAD mode (GCM or CCM). - Increased supported RSA key sizes Encrypted sessions are now enabled by default. It can be disabled by specifying "none" for the key type in the server's -Y option. Backward compatibility retained for version 4.x in clients and proxies. When communicating with a 4.x server, only allow algorithms and key exchange modes permitted in the new version. Clients and proxies no longer need to use signature keys that match the type and size used by the server. As a result, the -k and -K options to the client now only accept a single key instead of multiple. The proxy still supports multiple keys for 4.x compatibility, however only the first key listed is used for any version 5.x session. Proxies now send their keys in a separate message instead of injecting them in the ANNOUNCE sent by the server. This allows clients to be fully aware of proixes and allows them to authenticate servers and proxies separately, as well as Format of client's server list modified to specify the proxy that a server communicates through. Fingerprints listed in this file now always specify the server as opposed to having the proxy's key in some cases. Added -R option to client to specify a list of proxies along with their public key fingerprints. The old use of -R to specify a version 4.x response proxy has moved to -r. Previously, using -S in the client or proxy to specify a server list would automatically enable source specific multicast (SSM). The use of SSM is now enabled separately via the -o option on both the client and proxy. Fixed a bug that caused ECDSA signatures created on Linux with curve secp521r1 from being verified successfully on Windows. Fixed cleanup on clients and proxies to prevent occasional crashes on shutdown under Windows. Update timstamps in messages to use 64-bit microseconds since the epoch, addressing Y2038 issues.
Diffstat (limited to 'net/uftp')
-rw-r--r--net/uftp/Makefile5
-rw-r--r--net/uftp/distinfo10
2 files changed, 7 insertions, 8 deletions
diff --git a/net/uftp/Makefile b/net/uftp/Makefile
index 111aea3e96e..413221e6117 100644
--- a/net/uftp/Makefile
+++ b/net/uftp/Makefile
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.9 2020/03/20 11:58:11 nia Exp $
+# $NetBSD: Makefile,v 1.10 2020/11/24 13:25:14 nia Exp $
-DISTNAME= uftp-4.10
-PKGREVISION= 1
+DISTNAME= uftp-5.0
CATEGORIES= net
MASTER_SITES= http://sourceforge.net/projects/uftp-multicast/files/source-tar/
diff --git a/net/uftp/distinfo b/net/uftp/distinfo
index 695ceadc0f4..ceed6040a2e 100644
--- a/net/uftp/distinfo
+++ b/net/uftp/distinfo
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.4 2019/09/13 10:42:05 nia Exp $
+$NetBSD: distinfo,v 1.5 2020/11/24 13:25:14 nia Exp $
-SHA1 (uftp-4.10.tar.gz) = 535617c3c8e9ec87bfe67bf49ee728b70dc0b3e8
-RMD160 (uftp-4.10.tar.gz) = 1f4060bb04e2fcceb3d1d610883f26612aaead26
-SHA512 (uftp-4.10.tar.gz) = 204d1fa6134ca7481d2594cd0353cb53e84c5f25c28541a3b1f079ad86caea5cba056bf2a95a146c79df340bdc9c953c9333f8660991ae452c7fca4d7388bf7a
-Size (uftp-4.10.tar.gz) = 245436 bytes
+SHA1 (uftp-5.0.tar.gz) = a5a38f8654d340d988345a716b808d427ed5816f
+RMD160 (uftp-5.0.tar.gz) = 709cc992b1b0ef2b25bcf41890289936919051cf
+SHA512 (uftp-5.0.tar.gz) = f76e86559971facd806141fae88c6c47ec8361440044e429126391c6ac17f5f6ec0c79950816f9329cbb85a6be31d0700d18f599ef0b56f8df3ebe03fad4e27a
+Size (uftp-5.0.tar.gz) = 239651 bytes
SHA1 (patch-makefile) = 407fe785876d34900e74c29583f0dce241eebcce