summaryrefslogtreecommitdiff
path: root/source/xap/rdesktop
diff options
context:
space:
mode:
Diffstat (limited to 'source/xap/rdesktop')
-rw-r--r--source/xap/rdesktop/02-Fix-OpenSSL-1.1-compability-issues.patch125
-rwxr-xr-xsource/xap/rdesktop/rdesktop.SlackBuild26
-rw-r--r--source/xap/rdesktop/slack-desc8
3 files changed, 147 insertions, 12 deletions
diff --git a/source/xap/rdesktop/02-Fix-OpenSSL-1.1-compability-issues.patch b/source/xap/rdesktop/02-Fix-OpenSSL-1.1-compability-issues.patch
new file mode 100644
index 00000000..17c41eef
--- /dev/null
+++ b/source/xap/rdesktop/02-Fix-OpenSSL-1.1-compability-issues.patch
@@ -0,0 +1,125 @@
+From bd6aa6acddf0ba640a49834807872f4cc0d0a773 Mon Sep 17 00:00:00 2001
+From: Jani Hakala <jjhakala@gmail.com>
+Date: Thu, 16 Jun 2016 14:28:15 +0300
+Subject: [PATCH] Fix OpenSSL 1.1 compability issues
+
+Some data types have been made opaque in OpenSSL version 1.1 so
+stack allocation and accessing struct fields directly does not work.
+---
+ ssl.c | 65 ++++++++++++++++++++++++++++++++++++++++-------------------------
+ 1 file changed, 40 insertions(+), 25 deletions(-)
+
+diff --git a/ssl.c b/ssl.c
+index 4875125..032e9b9 100644
+--- a/ssl.c
++++ b/ssl.c
+@@ -88,7 +88,7 @@ rdssl_rsa_encrypt(uint8 * out, uint8 * in, int len, uint32 modulus_size, uint8 *
+ uint8 * exponent)
+ {
+ BN_CTX *ctx;
+- BIGNUM mod, exp, x, y;
++ BIGNUM *mod, *exp, *x, *y;
+ uint8 inr[SEC_MAX_MODULUS_SIZE];
+ int outlen;
+
+@@ -98,24 +98,24 @@ rdssl_rsa_encrypt(uint8 * out, uint8 * in, int len, uint32 modulus_size, uint8 *
+ reverse(inr, len);
+
+ ctx = BN_CTX_new();
+- BN_init(&mod);
+- BN_init(&exp);
+- BN_init(&x);
+- BN_init(&y);
+-
+- BN_bin2bn(modulus, modulus_size, &mod);
+- BN_bin2bn(exponent, SEC_EXPONENT_SIZE, &exp);
+- BN_bin2bn(inr, len, &x);
+- BN_mod_exp(&y, &x, &exp, &mod, ctx);
+- outlen = BN_bn2bin(&y, out);
++ mod = BN_new();
++ exp = BN_new();
++ x = BN_new();
++ y = BN_new();
++
++ BN_bin2bn(modulus, modulus_size, mod);
++ BN_bin2bn(exponent, SEC_EXPONENT_SIZE, exp);
++ BN_bin2bn(inr, len, x);
++ BN_mod_exp(y, x, exp, mod, ctx);
++ outlen = BN_bn2bin(y, out);
+ reverse(out, outlen);
+ if (outlen < (int) modulus_size)
+ memset(out + outlen, 0, modulus_size - outlen);
+
+- BN_free(&y);
+- BN_clear_free(&x);
+- BN_free(&exp);
+- BN_free(&mod);
++ BN_free(y);
++ BN_clear_free(x);
++ BN_free(exp);
++ BN_free(mod);
+ BN_CTX_free(ctx);
+ }
+
+@@ -146,12 +146,20 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len)
+
+ Kudos to Richard Levitte for the following (. intiutive .)
+ lines of code that resets the OID and let's us extract the key. */
+- nid = OBJ_obj2nid(cert->cert_info->key->algor->algorithm);
++
++ X509_PUBKEY *key = NULL;
++ X509_ALGOR *algor = NULL;
++
++ key = X509_get_X509_PUBKEY(cert);
++ algor = X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key);
++
++ nid = OBJ_obj2nid(algor->algorithm);
++
+ if ((nid == NID_md5WithRSAEncryption) || (nid == NID_shaWithRSAEncryption))
+ {
+ DEBUG_RDP5(("Re-setting algorithm type to RSA in server certificate\n"));
+- ASN1_OBJECT_free(cert->cert_info->key->algor->algorithm);
+- cert->cert_info->key->algor->algorithm = OBJ_nid2obj(NID_rsaEncryption);
++ X509_PUBKEY_set0_param(key, OBJ_nid2obj(NID_rsaEncryption),
++ 0, NULL, NULL, 0);
+ }
+ epk = X509_get_pubkey(cert);
+ if (NULL == epk)
+@@ -201,14 +209,24 @@ rdssl_rkey_get_exp_mod(RDSSL_RKEY * rkey, uint8 * exponent, uint32 max_exp_len,
+ {
+ int len;
+
+- if ((BN_num_bytes(rkey->e) > (int) max_exp_len) ||
+- (BN_num_bytes(rkey->n) > (int) max_mod_len))
++ BIGNUM *e = NULL;
++ BIGNUM *n = NULL;
++
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ e = rkey->e;
++ n = rkey->n;
++#else
++ RSA_get0_key(rkey, &e, &n, NULL);
++#endif
++
++ if ((BN_num_bytes(e) > (int) max_exp_len) ||
++ (BN_num_bytes(n) > (int) max_mod_len))
+ {
+ return 1;
+ }
+- len = BN_bn2bin(rkey->e, exponent);
++ len = BN_bn2bin(e, exponent);
+ reverse(exponent, len);
+- len = BN_bn2bin(rkey->n, modulus);
++ len = BN_bn2bin(n, modulus);
+ reverse(modulus, len);
+ return 0;
+ }
+@@ -229,8 +247,5 @@ void
+ rdssl_hmac_md5(const void *key, int key_len, const unsigned char *msg, int msg_len,
+ unsigned char *md)
+ {
+- HMAC_CTX ctx;
+- HMAC_CTX_init(&ctx);
+ HMAC(EVP_md5(), key, key_len, msg, msg_len, md, NULL);
+- HMAC_CTX_cleanup(&ctx);
+ }
diff --git a/source/xap/rdesktop/rdesktop.SlackBuild b/source/xap/rdesktop/rdesktop.SlackBuild
index 068573dd..1b3fed84 100755
--- a/source/xap/rdesktop/rdesktop.SlackBuild
+++ b/source/xap/rdesktop/rdesktop.SlackBuild
@@ -1,6 +1,6 @@
-#!/bin/sh
+#!/bin/bash
-# Copyright 2006, 2008, 2009, 2011, 2012, 2013, 2014 Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2006, 2008, 2009, 2011, 2012, 2013, 2014, 2018 Patrick J. Volkerding, Sebeka, MN, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
@@ -20,23 +20,32 @@
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=rdesktop
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-3}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
case "$( uname -m )" in
- i?86) export ARCH=i486 ;;
+ i?86) export ARCH=i586 ;;
arm*) export ARCH=arm ;;
# Unless $ARCH is already set, use uname -m for all other archs:
*) export ARCH=$( uname -m ) ;;
esac
fi
-if [ "$ARCH" = "i486" ]; then
- SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
+# the name of the created package would be, and then exit. This information
+# could be useful to other scripts.
+if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
+ echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz"
+ exit 0
+fi
+
+if [ "$ARCH" = "i586" ]; then
+ SLKCFLAGS="-O2 -march=i586 -mtune=i686"
LIBDIRSUFFIX=""
elif [ "$ARCH" = "s390" ]; then
SLKCFLAGS="-O2"
@@ -48,7 +57,6 @@ fi
NUMJOBS=${NUMJOBS:-" -j7 "}
-CWD=$(pwd)
TMP=${TMP:-/tmp}
PKG=$TMP/package-${PKGNAM}
rm -rf $PKG
@@ -59,6 +67,8 @@ rm -rf ${PKGNAM}-${VERSION}
tar xvf $CWD/${PKGNAM}-$VERSION.tar.?z* || exit 1
cd ${PKGNAM}-$VERSION || exit 1
+zcat $CWD/02-Fix-OpenSSL-1.1-compability-issues.patch.gz | patch -p1 --verbose || exit 1
+
# Make sure ownerships and permissions are sane:
chown -R root:root .
find . \
@@ -77,7 +87,7 @@ CFLAGS="$SLKCFLAGS" \
--disable-credssp \
--with-ipv6 \
--mandir=/usr/man \
- --build=$ARCH-slackware-linux
+ --build=$ARCH-slackware-linux || exit 1
# Build and install:
make $NUMJOBS || make || exit 1
diff --git a/source/xap/rdesktop/slack-desc b/source/xap/rdesktop/slack-desc
index 283da1cd..aa2660c4 100644
--- a/source/xap/rdesktop/slack-desc
+++ b/source/xap/rdesktop/slack-desc
@@ -1,8 +1,8 @@
# HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description. Line
+# The "handy ruler" below makes it easier to edit a package description. Line
# up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in. You must
-# make exactly 11 lines for the formatting to be correct. It's also
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
# customary to leave one space after the ':'.
|-----handy-ruler------------------------------------------------------|
@@ -12,7 +12,7 @@ rdesktop: rdesktop is a client for Remote Desktop Protocol (RDP), used in a
rdesktop: number of Microsoft products including Windows NT Terminal Server,
rdesktop: Windows 2000 Server, Windows XP, and Windows 2003 Server.
rdesktop:
-rdesktop: For more information, see: http://www.rdesktop.org
+rdesktop: For more information, see: http://www.rdesktop.org
rdesktop:
rdesktop:
rdesktop: