update to putty-0.84

net/putty/Makefile

@@ -1,8 +1,7 @@
 COMMENT-main=	SSH and telnet client
 COMMENT-gui=	PuTTY GUI clients
 
-V=		0.83
-REVISION=	1
+V=		0.84
 DISTNAME=	putty-$V
 PKGNAME-main=	${DISTNAME}
 PKGNAME-gui=	${DISTNAME:S/putty/putty-gui/}
@@ -17,9 +16,9 @@ PERMIT_PACKAGE=	Yes
 WANTLIB += c m
 
 WANTLIB-gui += ${WANTLIB}
-WANTLIB-gui += ICE SM X11 Xext atk-1.0 cairo cairo-gobject gdk-3
-WANTLIB-gui += gdk_pixbuf-2.0 gio-2.0 glib-2.0 gobject-2.0 gtk-3
-WANTLIB-gui += harfbuzz intl pango-1.0 pangocairo-1.0
+WANTLIB-gui += ICE SM X11 Xext Xrender atk-1.0 cairo cairo-gobject
+WANTLIB-gui += gdk_pixbuf-2.0 gdk-3 gio-2.0 glib-2.0 gobject-2.0
+WANTLIB-gui += gtk-3 harfbuzz intl pango-1.0 pangocairo-1.0
 
 MODULES=		devel/cmake
 

net/putty/distinfo

@@ -1,2 +1,2 @@
-SHA256 (putty-0.83.tar.gz) = cYd3wT1j0N/5H+AxYrwqBbTfyLCCdjTNYLUc79/2McY=
-SIZE (putty-0.83.tar.gz) = 3007178
+SHA256 (putty-0.84.tar.gz) = BgV4Yq4Zjx29IZ0MdJMIDVn2BhlLtQVsVJ40KqAbaf4=
+SIZE (putty-0.84.tar.gz) = 3005843

net/putty/patches/patch-arm-enable_dit-sigill

@@ -1,83 +0,0 @@
-From 965057d6d6c9de9fcf506c75b0a2fad22988c72b Mon Sep 17 00:00:00 2001
-From: Simon Tatham <anakin@pobox.com>
-Date: Sat, 15 Feb 2025 15:57:53 +0000
-Subject: [PATCH] Change strategy for the Arm instruction setting DIT.
-
-Colin Watson reported that a build failure occurred in the AArch64
-Debian build of PuTTY 0.83:
-
-gcc now defaults to enabling branch protection using AArch64 pointer
-authentication, if the target architecture version supports it.
-Debian's base supported architecture does not, but Armv8.4-A does. So
-when I changed the compile flags for enable_dit.c to add
--march=armv8.4-a, it didn't _just_ allow me to write the 'msr dit, %0'
-instruction in my asm statement; it also unexpectedly turned on
-pointer authentication in the containing function, which caused a
-SIGILL when running on a pre-Armv8.4-A CPU, because although the code
-correctly skipped the instruction that set DIT, it was already inside
-enable_dit() at that point and couldn't avoid going through the
-unsupported 'retaa' instruction which tries to check an auth code on
-the return address.
-
-An obvious approach would be to add -mbranch-protection=none to the
-compile flags for enable_dit.c. Another approach is to leave the
-_compiler_ flags alone, and change the architecture in the assembler,
-either via a fiddly -Wa,... option or by putting a .arch directive
-inside the asm statement. But both have downsides. Turning off branch
-protection is fine for the Debian build, but has the unwanted side
-effect of turning it off (in that one function) even in builds
-targeting a later architecture which _did_ want branch protection. And
-changing the assembler's architecture risks changing it _down_ instead
-of up, again perhaps invalidating other instructions generated by the
-compiler (like if some later security feature is introduced that gcc
-also wants to turn on by default).
-
-So instead I've taken the much simpler approach of not bothering to
-change the target architecture at all, and instead generating the move
-into DIT by hardcoding its actual instruction encoding. This meant I
-also had to force the input value into a specific register, but I
-don't think that does any harm (not _even_ wasting an extra
-instruction in codegen). Now we should avoid interfering with any
-security features the compiler wants to turn on or off: all of that
-should be independent of the instruction I really wanted.
----
- crypto/CMakeLists.txt | 11 +++++++++--
- crypto/enable_dit.c   |  6 +++++-
- 2 files changed, 14 insertions(+), 3 deletions(-)
-
-diff -ru ../putty-0.83.orig/crypto/CMakeLists.txt ./crypto/CMakeLists.txt
---- ../putty-0.83.orig/crypto/CMakeLists.txt	Sat Feb  1 22:20:18 2025
-+++ ./crypto/CMakeLists.txt	Mon Mar 17 09:41:58 2025
-@@ -237,9 +237,16 @@
- endif()
- 
- test_compile_with_flags(HAVE_ARM_DIT
--  GNU_FLAGS -march=armv8.4-a
-   TEST_SOURCE "
--    int main(void) { asm volatile(\"msr dit, %0\" :: \"r\"(1)); }"
-+    #ifndef __aarch64__
-+    #error make sure this only even tries to work on AArch64
-+    #endif
-+    #include <stdint.h>
-+    int main(void) {
-+      register uint64_t one asm(\"x8\");
-+      one = 1;
-+      asm volatile(\".inst 0xd51b42a8\" :: \"r\"(one));
-+    }"
-   ADD_SOURCES_IF_SUCCESSFUL enable_dit.c)
- 
- set(HAVE_AES_NI ${HAVE_AES_NI} PARENT_SCOPE)
-diff -ru ../putty-0.83.orig/crypto/enable_dit.c ./crypto/enable_dit.c
---- ../putty-0.83.orig/crypto/enable_dit.c	Sat Feb  1 22:20:18 2025
-+++ ./crypto/enable_dit.c	Mon Mar 17 09:41:58 2025
-@@ -20,5 +20,9 @@
- {
-     if (!platform_dit_available())
-         return;
--    asm volatile("msr dit, %0" :: "r"(1));
-+    register uint64_t one asm("x8");
-+    one = 1;
-+    // This is the binary encoding of "msr dit, x8". You can check via, e.g.,
-+    // echo "msr dit,x8" | llvm-mc -triple aarch64 -mattr=+dit -show-encoding
-+    asm volatile(".inst 0xd51b42a8" :: "r"(one));
- }

net/putty/patches/patch-putty_h

@@ -1,7 +1,7 @@
 Index: putty.h
 --- putty.h.orig
 +++ putty.h
-@@ -1987,6 +1987,7 @@ typedef enum NoiseSourceId {
+@@ -1954,6 +1954,7 @@ typedef enum NoiseSourceId {
      NOISE_SOURCE_THREADTIME,
      NOISE_SOURCE_PROCTIME,
      NOISE_SOURCE_PERFCOUNT,

net/putty/patches/patch-unix_utils_subprocess_waiter_c

@@ -0,0 +1,14 @@
+Index: unix/utils/subprocess_waiter.c
+--- unix/utils/subprocess_waiter.c.orig
++++ unix/utils/subprocess_waiter.c
+@@ -8,8 +8,9 @@
+ #include "putty.h"
+ #include "tree234.h"
+ 
+-#include <unistd.h>
+ #include <sys/wait.h>
++#include <unistd.h>
++#include <signal.h>
+ 
+ struct SubprocessWaiter {
+     pid_t pid;