[arch-commits] Commit in rdesktop/repos (10 files)
Jelle van der Waa
jelle at archlinux.org
Mon Feb 13 20:13:19 UTC 2017
Date: Monday, February 13, 2017 @ 20:13:18
Author: jelle
Revision: 212173
archrelease: copy trunk to community-staging-i686, community-staging-x86_64
Added:
rdesktop/repos/community-staging-i686/
rdesktop/repos/community-staging-i686/PKGBUILD
(from rev 212172, rdesktop/trunk/PKGBUILD)
rdesktop/repos/community-staging-i686/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch
(from rev 212172, rdesktop/trunk/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch)
rdesktop/repos/community-staging-i686/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch
(from rev 212172, rdesktop/trunk/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch)
rdesktop/repos/community-staging-i686/rdesktop-send_physical_buttons.diff
(from rev 212172, rdesktop/trunk/rdesktop-send_physical_buttons.diff)
rdesktop/repos/community-staging-x86_64/
rdesktop/repos/community-staging-x86_64/PKGBUILD
(from rev 212172, rdesktop/trunk/PKGBUILD)
rdesktop/repos/community-staging-x86_64/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch
(from rev 212172, rdesktop/trunk/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch)
rdesktop/repos/community-staging-x86_64/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch
(from rev 212172, rdesktop/trunk/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch)
rdesktop/repos/community-staging-x86_64/rdesktop-send_physical_buttons.diff
(from rev 212172, rdesktop/trunk/rdesktop-send_physical_buttons.diff)
-------------------------------------------------------------------------+
community-staging-i686/PKGBUILD | 43 +++
community-staging-i686/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch | 125 ++++++++++
community-staging-i686/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch | 55 ++++
community-staging-i686/rdesktop-send_physical_buttons.diff | 70 +++++
community-staging-x86_64/PKGBUILD | 43 +++
community-staging-x86_64/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch | 125 ++++++++++
community-staging-x86_64/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch | 55 ++++
community-staging-x86_64/rdesktop-send_physical_buttons.diff | 70 +++++
8 files changed, 586 insertions(+)
Copied: rdesktop/repos/community-staging-i686/PKGBUILD (from rev 212172, rdesktop/trunk/PKGBUILD)
===================================================================
--- community-staging-i686/PKGBUILD (rev 0)
+++ community-staging-i686/PKGBUILD 2017-02-13 20:13:18 UTC (rev 212173)
@@ -0,0 +1,43 @@
+# $Id$
+# Maintainer:
+# Contributor: Andrea Scarpino <andrea at archlinux.org>
+# Contributor: Dan McGee <dan at archlinux.org>
+
+pkgname=rdesktop
+pkgver=1.8.3
+pkgrel=3
+pkgdesc="An open source client for Windows Remote Desktop Services"
+arch=('i686' 'x86_64')
+url="http://www.rdesktop.org/"
+license=('GPL3')
+depends=('libao' 'libsamplerate' 'xorg-xrandr' 'pcsclite' 'libgssglue')
+source=("http://downloads.sourceforge.net/${pkgname}/${pkgname}-${pkgver}.tar.gz"
+ rdesktop-send_physical_buttons.diff
+ bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch
+ c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch
+ )
+md5sums=('86e8b368a7c715e74ded92e0d7912dc5'
+ 'cbfb12729e7f28e497afb883cc42022b'
+ '5682991379199228a296b34ba51942a4'
+ '940db07a63df082fbbf3cb509a7c42aa')
+
+prepare() {
+ cd ${pkgname}-${pkgver}
+ # FS#15113
+ patch -i "${srcdir}/rdesktop-send_physical_buttons.diff"
+ patch -Np1 -i ${srcdir}/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch
+ patch -Np1 -i ${srcdir}/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch
+}
+
+build() {
+ cd ${pkgname}-${pkgver}
+ ./configure --prefix=/usr \
+ --enable-smartcard \
+ --with-ipv6
+ make
+}
+
+package() {
+ cd ${pkgname}-${pkgver}
+ make DESTDIR="${pkgdir}" install
+}
Copied: rdesktop/repos/community-staging-i686/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch (from rev 212172, rdesktop/trunk/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch)
===================================================================
--- community-staging-i686/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch (rev 0)
+++ community-staging-i686/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch 2017-02-13 20:13:18 UTC (rev 212173)
@@ -0,0 +1,125 @@
+From bd6aa6acddf0ba640a49834807872f4cc0d0a773 Mon Sep 17 00:00:00 2001
+From: Jani Hakala <jjhakala at gmail.com>
+Date: Thu, 16 Jun 2016 14:28:15 +0300
+Subject: [PATCH] Fix OpenSSL 1.1 compability issues
+
+Some data types have been made opaque in OpenSSL version 1.1 so
+stack allocation and accessing struct fields directly does not work.
+---
+ ssl.c | 65 ++++++++++++++++++++++++++++++++++++++++-------------------------
+ 1 file changed, 40 insertions(+), 25 deletions(-)
+
+diff --git a/ssl.c b/ssl.c
+index 4875125..032e9b9 100644
+--- a/ssl.c
++++ b/ssl.c
+@@ -88,7 +88,7 @@ rdssl_rsa_encrypt(uint8 * out, uint8 * in, int len, uint32 modulus_size, uint8 *
+ uint8 * exponent)
+ {
+ BN_CTX *ctx;
+- BIGNUM mod, exp, x, y;
++ BIGNUM *mod, *exp, *x, *y;
+ uint8 inr[SEC_MAX_MODULUS_SIZE];
+ int outlen;
+
+@@ -98,24 +98,24 @@ rdssl_rsa_encrypt(uint8 * out, uint8 * in, int len, uint32 modulus_size, uint8 *
+ reverse(inr, len);
+
+ ctx = BN_CTX_new();
+- BN_init(&mod);
+- BN_init(&exp);
+- BN_init(&x);
+- BN_init(&y);
+-
+- BN_bin2bn(modulus, modulus_size, &mod);
+- BN_bin2bn(exponent, SEC_EXPONENT_SIZE, &exp);
+- BN_bin2bn(inr, len, &x);
+- BN_mod_exp(&y, &x, &exp, &mod, ctx);
+- outlen = BN_bn2bin(&y, out);
++ mod = BN_new();
++ exp = BN_new();
++ x = BN_new();
++ y = BN_new();
++
++ BN_bin2bn(modulus, modulus_size, mod);
++ BN_bin2bn(exponent, SEC_EXPONENT_SIZE, exp);
++ BN_bin2bn(inr, len, x);
++ BN_mod_exp(y, x, exp, mod, ctx);
++ outlen = BN_bn2bin(y, out);
+ reverse(out, outlen);
+ if (outlen < (int) modulus_size)
+ memset(out + outlen, 0, modulus_size - outlen);
+
+- BN_free(&y);
+- BN_clear_free(&x);
+- BN_free(&exp);
+- BN_free(&mod);
++ BN_free(y);
++ BN_clear_free(x);
++ BN_free(exp);
++ BN_free(mod);
+ BN_CTX_free(ctx);
+ }
+
+@@ -146,12 +146,20 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len)
+
+ Kudos to Richard Levitte for the following (. intiutive .)
+ lines of code that resets the OID and let's us extract the key. */
+- nid = OBJ_obj2nid(cert->cert_info->key->algor->algorithm);
++
++ X509_PUBKEY *key = NULL;
++ X509_ALGOR *algor = NULL;
++
++ key = X509_get_X509_PUBKEY(cert);
++ algor = X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key);
++
++ nid = OBJ_obj2nid(algor->algorithm);
++
+ if ((nid == NID_md5WithRSAEncryption) || (nid == NID_shaWithRSAEncryption))
+ {
+ DEBUG_RDP5(("Re-setting algorithm type to RSA in server certificate\n"));
+- ASN1_OBJECT_free(cert->cert_info->key->algor->algorithm);
+- cert->cert_info->key->algor->algorithm = OBJ_nid2obj(NID_rsaEncryption);
++ X509_PUBKEY_set0_param(key, OBJ_nid2obj(NID_rsaEncryption),
++ 0, NULL, NULL, 0);
+ }
+ epk = X509_get_pubkey(cert);
+ if (NULL == epk)
+@@ -201,14 +209,24 @@ rdssl_rkey_get_exp_mod(RDSSL_RKEY * rkey, uint8 * exponent, uint32 max_exp_len,
+ {
+ int len;
+
+- if ((BN_num_bytes(rkey->e) > (int) max_exp_len) ||
+- (BN_num_bytes(rkey->n) > (int) max_mod_len))
++ BIGNUM *e = NULL;
++ BIGNUM *n = NULL;
++
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ e = rkey->e;
++ n = rkey->n;
++#else
++ RSA_get0_key(rkey, &e, &n, NULL);
++#endif
++
++ if ((BN_num_bytes(e) > (int) max_exp_len) ||
++ (BN_num_bytes(n) > (int) max_mod_len))
+ {
+ return 1;
+ }
+- len = BN_bn2bin(rkey->e, exponent);
++ len = BN_bn2bin(e, exponent);
+ reverse(exponent, len);
+- len = BN_bn2bin(rkey->n, modulus);
++ len = BN_bn2bin(n, modulus);
+ reverse(modulus, len);
+ return 0;
+ }
+@@ -229,8 +247,5 @@ void
+ rdssl_hmac_md5(const void *key, int key_len, const unsigned char *msg, int msg_len,
+ unsigned char *md)
+ {
+- HMAC_CTX ctx;
+- HMAC_CTX_init(&ctx);
+ HMAC(EVP_md5(), key, key_len, msg, msg_len, md, NULL);
+- HMAC_CTX_cleanup(&ctx);
+ }
Copied: rdesktop/repos/community-staging-i686/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch (from rev 212172, rdesktop/trunk/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch)
===================================================================
--- community-staging-i686/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch (rev 0)
+++ community-staging-i686/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch 2017-02-13 20:13:18 UTC (rev 212173)
@@ -0,0 +1,55 @@
+From c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1 Mon Sep 17 00:00:00 2001
+From: Henrik Andersson <hean01 at cendio.com>
+Date: Mon, 24 Oct 2016 10:24:35 +0200
+Subject: [PATCH] Fix crash in rdssl_cert_to_rkey.
+
+This crash was introduced by merging OpenSSL 1.1 PR done on
+commit 50b39d11. Where algor was overwritten with return value
+of X509_PUBKEY_get0_param(). I also added additional error
+handling for X509_get_X509_PUBKEY.
+
+Thanks to TingPing that found this error in PR.
+---
+ ssl.c | 15 ++++++++++++++-
+ 1 file changed, 14 insertions(+), 1 deletion(-)
+
+diff --git a/ssl.c b/ssl.c
+index 032e9b9..07d7aa5 100644
+--- a/ssl.c
++++ b/ssl.c
+@@ -3,6 +3,7 @@
+ Secure sockets abstraction layer
+ Copyright (C) Matthew Chapman <matthewc.unsw.edu.au> 1999-2008
+ Copyright (C) Jay Sorg <j at american-data.com> 2006-2008
++ Copyright (C) Henrik Andersson <hean01 at cendio.com> 2016
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+@@ -140,6 +141,7 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len)
+ EVP_PKEY *epk = NULL;
+ RDSSL_RKEY *lkey;
+ int nid;
++ int ret;
+
+ /* By some reason, Microsoft sets the OID of the Public RSA key to
+ the oid for "MD5 with RSA Encryption" instead of "RSA Encryption"
+@@ -151,7 +153,18 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len)
+ X509_ALGOR *algor = NULL;
+
+ key = X509_get_X509_PUBKEY(cert);
+- algor = X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key);
++ if (key == NULL)
++ {
++ error("Failed to get public key from certificate.\n");
++ return NULL;
++ }
++
++ ret = X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key);
++ if (ret != 1)
++ {
++ error("Faild to get algorithm used for public key.\n");
++ return NULL;
++ }
+
+ nid = OBJ_obj2nid(algor->algorithm);
+
Copied: rdesktop/repos/community-staging-i686/rdesktop-send_physical_buttons.diff (from rev 212172, rdesktop/trunk/rdesktop-send_physical_buttons.diff)
===================================================================
--- community-staging-i686/rdesktop-send_physical_buttons.diff (rev 0)
+++ community-staging-i686/rdesktop-send_physical_buttons.diff 2017-02-13 20:13:18 UTC (rev 212173)
@@ -0,0 +1,70 @@
+? aclocal.m4
+Index: rdesktop.c
+===================================================================
+RCS file: /cvsroot/rdesktop/rdesktop/rdesktop.c,v
+retrieving revision 1.163
+diff -u -r1.163 rdesktop.c
+--- rdesktop.c 5 Apr 2008 06:15:45 -0000 1.163
++++ rdesktop.c 5 Aug 2008 11:46:04 -0000
+@@ -73,6 +73,7 @@
+ int g_win_button_size = 0; /* If zero, disable single app mode */
+ RD_BOOL g_bitmap_compression = True;
+ RD_BOOL g_sendmotion = True;
++RD_BOOL g_send_physical_buttons = True;
+ RD_BOOL g_bitmap_cache = True;
+ RD_BOOL g_bitmap_cache_persist_enable = False;
+ RD_BOOL g_bitmap_cache_precache = True;
+@@ -152,6 +153,7 @@
+ fprintf(stderr, " -B: use BackingStore of X-server (if available)\n");
+ fprintf(stderr, " -e: disable encryption (French TS)\n");
+ fprintf(stderr, " -E: disable encryption from client to server\n");
++ fprintf(stderr, " -M: do not map logical mouse buttons to physical\n");
+ fprintf(stderr, " -m: do not send motion events\n");
+ fprintf(stderr, " -C: use private colour map\n");
+ fprintf(stderr, " -D: hide window manager decorations\n");
+@@ -450,7 +452,7 @@
+ #endif
+
+ while ((c = getopt(argc, argv,
+- VNCOPT "A:u:L:d:s:c:p:n:k:g:o:fbBeEitmzCDKS:T:NX:a:x:Pr:045h?")) != -1)
++ VNCOPT "A:u:L:d:s:c:p:n:k:g:o:fbBeEitMmzCDKS:T:NX:a:x:Pr:045h?")) != -1)
+ {
+ switch (c)
+ {
+@@ -584,6 +586,9 @@
+ case 'E':
+ g_packet_encryption = False;
+ break;
++ case 'M':
++ g_send_physical_buttons = False;
++ break;
+ case 'm':
+ g_sendmotion = False;
+ break;
+Index: xwin.c
+===================================================================
+RCS file: /cvsroot/rdesktop/rdesktop/xwin.c,v
+retrieving revision 1.235
+diff -u -r1.235 xwin.c
+--- xwin.c 11 Jul 2008 03:51:23 -0000 1.235
++++ xwin.c 5 Aug 2008 11:46:06 -0000
+@@ -36,6 +36,7 @@
+ extern int g_ypos;
+ extern int g_pos;
+ extern RD_BOOL g_sendmotion;
++extern RD_BOOL g_send_physical_buttons;
+ extern RD_BOOL g_fullscreen;
+ extern RD_BOOL g_grab_keyboard;
+ extern RD_BOOL g_hide_decorations;
+@@ -2190,7 +2191,8 @@
+ receive physical buttons (true in mstsc as well) and
+ logical button behavior depends on the remote desktop's own
+ mouse settings */
+- xevent.xbutton.button = g_pointer_log_to_phys_map[xevent.xbutton.button - 1];
++ if (g_send_physical_buttons)
++ xevent.xbutton.button = g_pointer_log_to_phys_map[xevent.xbutton.button - 1];
+ button = xkeymap_translate_button(xevent.xbutton.button);
+ if (button == 0)
+ return;
+
+
Copied: rdesktop/repos/community-staging-x86_64/PKGBUILD (from rev 212172, rdesktop/trunk/PKGBUILD)
===================================================================
--- community-staging-x86_64/PKGBUILD (rev 0)
+++ community-staging-x86_64/PKGBUILD 2017-02-13 20:13:18 UTC (rev 212173)
@@ -0,0 +1,43 @@
+# $Id$
+# Maintainer:
+# Contributor: Andrea Scarpino <andrea at archlinux.org>
+# Contributor: Dan McGee <dan at archlinux.org>
+
+pkgname=rdesktop
+pkgver=1.8.3
+pkgrel=3
+pkgdesc="An open source client for Windows Remote Desktop Services"
+arch=('i686' 'x86_64')
+url="http://www.rdesktop.org/"
+license=('GPL3')
+depends=('libao' 'libsamplerate' 'xorg-xrandr' 'pcsclite' 'libgssglue')
+source=("http://downloads.sourceforge.net/${pkgname}/${pkgname}-${pkgver}.tar.gz"
+ rdesktop-send_physical_buttons.diff
+ bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch
+ c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch
+ )
+md5sums=('86e8b368a7c715e74ded92e0d7912dc5'
+ 'cbfb12729e7f28e497afb883cc42022b'
+ '5682991379199228a296b34ba51942a4'
+ '940db07a63df082fbbf3cb509a7c42aa')
+
+prepare() {
+ cd ${pkgname}-${pkgver}
+ # FS#15113
+ patch -i "${srcdir}/rdesktop-send_physical_buttons.diff"
+ patch -Np1 -i ${srcdir}/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch
+ patch -Np1 -i ${srcdir}/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch
+}
+
+build() {
+ cd ${pkgname}-${pkgver}
+ ./configure --prefix=/usr \
+ --enable-smartcard \
+ --with-ipv6
+ make
+}
+
+package() {
+ cd ${pkgname}-${pkgver}
+ make DESTDIR="${pkgdir}" install
+}
Copied: rdesktop/repos/community-staging-x86_64/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch (from rev 212172, rdesktop/trunk/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch)
===================================================================
--- community-staging-x86_64/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch (rev 0)
+++ community-staging-x86_64/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch 2017-02-13 20:13:18 UTC (rev 212173)
@@ -0,0 +1,125 @@
+From bd6aa6acddf0ba640a49834807872f4cc0d0a773 Mon Sep 17 00:00:00 2001
+From: Jani Hakala <jjhakala at gmail.com>
+Date: Thu, 16 Jun 2016 14:28:15 +0300
+Subject: [PATCH] Fix OpenSSL 1.1 compability issues
+
+Some data types have been made opaque in OpenSSL version 1.1 so
+stack allocation and accessing struct fields directly does not work.
+---
+ ssl.c | 65 ++++++++++++++++++++++++++++++++++++++++-------------------------
+ 1 file changed, 40 insertions(+), 25 deletions(-)
+
+diff --git a/ssl.c b/ssl.c
+index 4875125..032e9b9 100644
+--- a/ssl.c
++++ b/ssl.c
+@@ -88,7 +88,7 @@ rdssl_rsa_encrypt(uint8 * out, uint8 * in, int len, uint32 modulus_size, uint8 *
+ uint8 * exponent)
+ {
+ BN_CTX *ctx;
+- BIGNUM mod, exp, x, y;
++ BIGNUM *mod, *exp, *x, *y;
+ uint8 inr[SEC_MAX_MODULUS_SIZE];
+ int outlen;
+
+@@ -98,24 +98,24 @@ rdssl_rsa_encrypt(uint8 * out, uint8 * in, int len, uint32 modulus_size, uint8 *
+ reverse(inr, len);
+
+ ctx = BN_CTX_new();
+- BN_init(&mod);
+- BN_init(&exp);
+- BN_init(&x);
+- BN_init(&y);
+-
+- BN_bin2bn(modulus, modulus_size, &mod);
+- BN_bin2bn(exponent, SEC_EXPONENT_SIZE, &exp);
+- BN_bin2bn(inr, len, &x);
+- BN_mod_exp(&y, &x, &exp, &mod, ctx);
+- outlen = BN_bn2bin(&y, out);
++ mod = BN_new();
++ exp = BN_new();
++ x = BN_new();
++ y = BN_new();
++
++ BN_bin2bn(modulus, modulus_size, mod);
++ BN_bin2bn(exponent, SEC_EXPONENT_SIZE, exp);
++ BN_bin2bn(inr, len, x);
++ BN_mod_exp(y, x, exp, mod, ctx);
++ outlen = BN_bn2bin(y, out);
+ reverse(out, outlen);
+ if (outlen < (int) modulus_size)
+ memset(out + outlen, 0, modulus_size - outlen);
+
+- BN_free(&y);
+- BN_clear_free(&x);
+- BN_free(&exp);
+- BN_free(&mod);
++ BN_free(y);
++ BN_clear_free(x);
++ BN_free(exp);
++ BN_free(mod);
+ BN_CTX_free(ctx);
+ }
+
+@@ -146,12 +146,20 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len)
+
+ Kudos to Richard Levitte for the following (. intiutive .)
+ lines of code that resets the OID and let's us extract the key. */
+- nid = OBJ_obj2nid(cert->cert_info->key->algor->algorithm);
++
++ X509_PUBKEY *key = NULL;
++ X509_ALGOR *algor = NULL;
++
++ key = X509_get_X509_PUBKEY(cert);
++ algor = X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key);
++
++ nid = OBJ_obj2nid(algor->algorithm);
++
+ if ((nid == NID_md5WithRSAEncryption) || (nid == NID_shaWithRSAEncryption))
+ {
+ DEBUG_RDP5(("Re-setting algorithm type to RSA in server certificate\n"));
+- ASN1_OBJECT_free(cert->cert_info->key->algor->algorithm);
+- cert->cert_info->key->algor->algorithm = OBJ_nid2obj(NID_rsaEncryption);
++ X509_PUBKEY_set0_param(key, OBJ_nid2obj(NID_rsaEncryption),
++ 0, NULL, NULL, 0);
+ }
+ epk = X509_get_pubkey(cert);
+ if (NULL == epk)
+@@ -201,14 +209,24 @@ rdssl_rkey_get_exp_mod(RDSSL_RKEY * rkey, uint8 * exponent, uint32 max_exp_len,
+ {
+ int len;
+
+- if ((BN_num_bytes(rkey->e) > (int) max_exp_len) ||
+- (BN_num_bytes(rkey->n) > (int) max_mod_len))
++ BIGNUM *e = NULL;
++ BIGNUM *n = NULL;
++
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ e = rkey->e;
++ n = rkey->n;
++#else
++ RSA_get0_key(rkey, &e, &n, NULL);
++#endif
++
++ if ((BN_num_bytes(e) > (int) max_exp_len) ||
++ (BN_num_bytes(n) > (int) max_mod_len))
+ {
+ return 1;
+ }
+- len = BN_bn2bin(rkey->e, exponent);
++ len = BN_bn2bin(e, exponent);
+ reverse(exponent, len);
+- len = BN_bn2bin(rkey->n, modulus);
++ len = BN_bn2bin(n, modulus);
+ reverse(modulus, len);
+ return 0;
+ }
+@@ -229,8 +247,5 @@ void
+ rdssl_hmac_md5(const void *key, int key_len, const unsigned char *msg, int msg_len,
+ unsigned char *md)
+ {
+- HMAC_CTX ctx;
+- HMAC_CTX_init(&ctx);
+ HMAC(EVP_md5(), key, key_len, msg, msg_len, md, NULL);
+- HMAC_CTX_cleanup(&ctx);
+ }
Copied: rdesktop/repos/community-staging-x86_64/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch (from rev 212172, rdesktop/trunk/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch)
===================================================================
--- community-staging-x86_64/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch (rev 0)
+++ community-staging-x86_64/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch 2017-02-13 20:13:18 UTC (rev 212173)
@@ -0,0 +1,55 @@
+From c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1 Mon Sep 17 00:00:00 2001
+From: Henrik Andersson <hean01 at cendio.com>
+Date: Mon, 24 Oct 2016 10:24:35 +0200
+Subject: [PATCH] Fix crash in rdssl_cert_to_rkey.
+
+This crash was introduced by merging OpenSSL 1.1 PR done on
+commit 50b39d11. Where algor was overwritten with return value
+of X509_PUBKEY_get0_param(). I also added additional error
+handling for X509_get_X509_PUBKEY.
+
+Thanks to TingPing that found this error in PR.
+---
+ ssl.c | 15 ++++++++++++++-
+ 1 file changed, 14 insertions(+), 1 deletion(-)
+
+diff --git a/ssl.c b/ssl.c
+index 032e9b9..07d7aa5 100644
+--- a/ssl.c
++++ b/ssl.c
+@@ -3,6 +3,7 @@
+ Secure sockets abstraction layer
+ Copyright (C) Matthew Chapman <matthewc.unsw.edu.au> 1999-2008
+ Copyright (C) Jay Sorg <j at american-data.com> 2006-2008
++ Copyright (C) Henrik Andersson <hean01 at cendio.com> 2016
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+@@ -140,6 +141,7 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len)
+ EVP_PKEY *epk = NULL;
+ RDSSL_RKEY *lkey;
+ int nid;
++ int ret;
+
+ /* By some reason, Microsoft sets the OID of the Public RSA key to
+ the oid for "MD5 with RSA Encryption" instead of "RSA Encryption"
+@@ -151,7 +153,18 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len)
+ X509_ALGOR *algor = NULL;
+
+ key = X509_get_X509_PUBKEY(cert);
+- algor = X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key);
++ if (key == NULL)
++ {
++ error("Failed to get public key from certificate.\n");
++ return NULL;
++ }
++
++ ret = X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key);
++ if (ret != 1)
++ {
++ error("Faild to get algorithm used for public key.\n");
++ return NULL;
++ }
+
+ nid = OBJ_obj2nid(algor->algorithm);
+
Copied: rdesktop/repos/community-staging-x86_64/rdesktop-send_physical_buttons.diff (from rev 212172, rdesktop/trunk/rdesktop-send_physical_buttons.diff)
===================================================================
--- community-staging-x86_64/rdesktop-send_physical_buttons.diff (rev 0)
+++ community-staging-x86_64/rdesktop-send_physical_buttons.diff 2017-02-13 20:13:18 UTC (rev 212173)
@@ -0,0 +1,70 @@
+? aclocal.m4
+Index: rdesktop.c
+===================================================================
+RCS file: /cvsroot/rdesktop/rdesktop/rdesktop.c,v
+retrieving revision 1.163
+diff -u -r1.163 rdesktop.c
+--- rdesktop.c 5 Apr 2008 06:15:45 -0000 1.163
++++ rdesktop.c 5 Aug 2008 11:46:04 -0000
+@@ -73,6 +73,7 @@
+ int g_win_button_size = 0; /* If zero, disable single app mode */
+ RD_BOOL g_bitmap_compression = True;
+ RD_BOOL g_sendmotion = True;
++RD_BOOL g_send_physical_buttons = True;
+ RD_BOOL g_bitmap_cache = True;
+ RD_BOOL g_bitmap_cache_persist_enable = False;
+ RD_BOOL g_bitmap_cache_precache = True;
+@@ -152,6 +153,7 @@
+ fprintf(stderr, " -B: use BackingStore of X-server (if available)\n");
+ fprintf(stderr, " -e: disable encryption (French TS)\n");
+ fprintf(stderr, " -E: disable encryption from client to server\n");
++ fprintf(stderr, " -M: do not map logical mouse buttons to physical\n");
+ fprintf(stderr, " -m: do not send motion events\n");
+ fprintf(stderr, " -C: use private colour map\n");
+ fprintf(stderr, " -D: hide window manager decorations\n");
+@@ -450,7 +452,7 @@
+ #endif
+
+ while ((c = getopt(argc, argv,
+- VNCOPT "A:u:L:d:s:c:p:n:k:g:o:fbBeEitmzCDKS:T:NX:a:x:Pr:045h?")) != -1)
++ VNCOPT "A:u:L:d:s:c:p:n:k:g:o:fbBeEitMmzCDKS:T:NX:a:x:Pr:045h?")) != -1)
+ {
+ switch (c)
+ {
+@@ -584,6 +586,9 @@
+ case 'E':
+ g_packet_encryption = False;
+ break;
++ case 'M':
++ g_send_physical_buttons = False;
++ break;
+ case 'm':
+ g_sendmotion = False;
+ break;
+Index: xwin.c
+===================================================================
+RCS file: /cvsroot/rdesktop/rdesktop/xwin.c,v
+retrieving revision 1.235
+diff -u -r1.235 xwin.c
+--- xwin.c 11 Jul 2008 03:51:23 -0000 1.235
++++ xwin.c 5 Aug 2008 11:46:06 -0000
+@@ -36,6 +36,7 @@
+ extern int g_ypos;
+ extern int g_pos;
+ extern RD_BOOL g_sendmotion;
++extern RD_BOOL g_send_physical_buttons;
+ extern RD_BOOL g_fullscreen;
+ extern RD_BOOL g_grab_keyboard;
+ extern RD_BOOL g_hide_decorations;
+@@ -2190,7 +2191,8 @@
+ receive physical buttons (true in mstsc as well) and
+ logical button behavior depends on the remote desktop's own
+ mouse settings */
+- xevent.xbutton.button = g_pointer_log_to_phys_map[xevent.xbutton.button - 1];
++ if (g_send_physical_buttons)
++ xevent.xbutton.button = g_pointer_log_to_phys_map[xevent.xbutton.button - 1];
+ button = xkeymap_translate_button(xevent.xbutton.button);
+ if (button == 0)
+ return;
+
+
More information about the arch-commits
mailing list