update to PuTTY 0.72, "fixes a small number of further security issues

found by the 2019 EU-funded HackerOne bug bounty, and a variety of other
bugs introduced in 0.71"

net/putty/Makefile

@@ -1,11 +1,9 @@
-# $OpenBSD: Makefile,v 1.32 2019/07/12 20:48:44 sthen Exp $
+# $OpenBSD: Makefile,v 1.33 2019/07/20 11:55:25 sthen Exp $
 
 COMMENT-main=	SSH and telnet client
 COMMENT-gui=	PuTTY GUI clients
 
-# if updating, check if pageant can go back to main
-V=		0.71
-REVISION=	2
+V=		0.72
 DISTNAME=	putty-$V
 PKGNAME-main=	${DISTNAME}
 PKGNAME-gui=	${DISTNAME:S/putty/putty-gui/}

net/putty/distinfo

@@ -1,2 +1,2 @@
-SHA256 (putty-0.71.tar.gz) = L5Mc4viXgMyMp7vtkPzSLERRXSdz9fqVQGniCbSOxrg=
-SIZE (putty-0.71.tar.gz) = 2423752
+SHA256 (putty-0.72.tar.gz) = 8ja1omsJBYCbPNGQFY6Lldgfhq00/dl6QxLBh38s7F8=
+SIZE (putty-0.72.tar.gz) = 2449516

net/putty/patches/patch-Recipe

@@ -1,22 +0,0 @@
-$OpenBSD: patch-Recipe,v 1.1 2019/03/31 10:55:48 sthen Exp $
-
-From f5c1753244d0399764fd68d6ac42ea2f2db47fc9 Mon Sep 17 00:00:00 2001
-From: Simon Tatham <anakin@pobox.com>
-Date: Tue, 26 Mar 2019 19:12:27 +0000
-Subject: [PATCH] Link uxutils.o into Unix PuTTYgen.
-
-On Arm Linux, this is necessary for the functions that check
-availability of hardware crypto acceleration.
-
-Index: Recipe
---- Recipe.orig
-+++ Recipe
-@@ -365,7 +365,7 @@ PUTTYGEN_UNIX = sshrsag sshdssg sshprime sshdes ARITH 
-          + sshrand uxnoise sshsha MISC sshrsa sshdss uxcons uxstore uxmisc
-          + sshpubk sshaes sshsh256 sshsh512 IMPORT puttygen.res time tree234
-          + uxgen notiming CONF sshecc sshecdsag uxnogtk sshauxcrypt sshhmac
--         + uxpoll
-+         + uxpoll uxutils
- puttygen : [U] cmdgen PUTTYGEN_UNIX
- cgtest   : [UT] cgtest PUTTYGEN_UNIX
- 

net/putty/patches/patch-putty_h

@@ -1,9 +1,9 @@
-$OpenBSD: patch-putty_h,v 1.1 2019/03/16 22:09:30 sthen Exp $
+$OpenBSD: patch-putty_h,v 1.2 2019/07/20 11:55:25 sthen Exp $
 
 Index: putty.h
 --- putty.h.orig
 +++ putty.h
-@@ -1564,6 +1564,7 @@ typedef enum NoiseSourceId {
+@@ -1560,6 +1560,7 @@ typedef enum NoiseSourceId {
      NOISE_SOURCE_THREADTIME,
      NOISE_SOURCE_PROCTIME,
      NOISE_SOURCE_PERFCOUNT,

net/putty/patches/patch-unix_uxcons_c

@@ -1,6 +1,8 @@
-$OpenBSD: patch-unix_uxcons_c,v 1.1 2016/09/10 13:03:42 ajacoutot Exp $
---- unix/uxcons.c.orig	Sat Sep 10 12:06:10 2016
-+++ unix/uxcons.c	Sat Sep 10 12:06:24 2016
+$OpenBSD: patch-unix_uxcons_c,v 1.2 2019/07/20 11:55:25 sthen Exp $
+
+Index: unix/uxcons.c
+--- unix/uxcons.c.orig
++++ unix/uxcons.c
 @@ -6,6 +6,7 @@
  #include <stdio.h>
  #include <stdlib.h>

net/putty/patches/patch-unix_uxnoise_c

@@ -1,4 +1,5 @@
-$OpenBSD: patch-unix_uxnoise_c,v 1.4 2019/03/16 22:09:30 sthen Exp $
+$OpenBSD: patch-unix_uxnoise_c,v 1.5 2019/07/20 11:55:25 sthen Exp $
+
 Index: unix/uxnoise.c
 --- unix/uxnoise.c.orig
 +++ unix/uxnoise.c
@@ -71,7 +72,7 @@ Index: unix/uxnoise.c
      read_random_seed(func);
  }
  
-@@ -102,21 +57,12 @@ void random_save_seed(void)
+@@ -90,21 +45,12 @@ void noise_get_heavy(void (*func) (void *, int))
   */
  void noise_regular(void)
  {
@@ -97,7 +98,7 @@ Index: unix/uxnoise.c
      getrusage(RUSAGE_SELF, &rusage);
      random_add_noise(NOISE_SOURCE_RUSAGE, &rusage, sizeof(rusage));
  }
-@@ -129,6 +75,9 @@ void noise_regular(void)
+@@ -117,6 +63,9 @@ void noise_regular(void)
  void noise_ultralight(NoiseSourceId id, unsigned long data)
  {
      struct timeval tv;

net/putty/patches/patch-unix_uxpgnt_c

@@ -1,11 +1,11 @@
-$OpenBSD: patch-unix_uxpgnt_c,v 1.1 2019/03/31 10:55:48 sthen Exp $
+$OpenBSD: patch-unix_uxpgnt_c,v 1.2 2019/07/20 11:55:25 sthen Exp $
 
 https://svnweb.freebsd.org/ports/head/security/putty/files/patch-unix_uxpgnt.c?revision=496064&view=co
 
 Index: unix/uxpgnt.c
 --- unix/uxpgnt.c.orig
 +++ unix/uxpgnt.c
-@@ -241,7 +241,7 @@ void pageant_fork_and_print_env(bool retain_tty)
+@@ -240,7 +240,7 @@ void pageant_fork_and_print_env(bool retain_tty)
          /* Get out of our previous process group, to avoid being
           * blasted by passing signals. But keep our controlling tty,
           * so we can keep checking to see if we still have one. */