Date: Monday, February 13, 2017 @ 20:13:18 Author: jelle Revision: 212173
archrelease: copy trunk to community-staging-i686, community-staging-x86_64 Added: rdesktop/repos/community-staging-i686/ rdesktop/repos/community-staging-i686/PKGBUILD (from rev 212172, rdesktop/trunk/PKGBUILD) rdesktop/repos/community-staging-i686/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch (from rev 212172, rdesktop/trunk/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch) rdesktop/repos/community-staging-i686/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch (from rev 212172, rdesktop/trunk/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch) rdesktop/repos/community-staging-i686/rdesktop-send_physical_buttons.diff (from rev 212172, rdesktop/trunk/rdesktop-send_physical_buttons.diff) rdesktop/repos/community-staging-x86_64/ rdesktop/repos/community-staging-x86_64/PKGBUILD (from rev 212172, rdesktop/trunk/PKGBUILD) rdesktop/repos/community-staging-x86_64/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch (from rev 212172, rdesktop/trunk/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch) rdesktop/repos/community-staging-x86_64/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch (from rev 212172, rdesktop/trunk/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch) rdesktop/repos/community-staging-x86_64/rdesktop-send_physical_buttons.diff (from rev 212172, rdesktop/trunk/rdesktop-send_physical_buttons.diff) -------------------------------------------------------------------------+ community-staging-i686/PKGBUILD | 43 +++ community-staging-i686/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch | 125 ++++++++++ community-staging-i686/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch | 55 ++++ community-staging-i686/rdesktop-send_physical_buttons.diff | 70 +++++ community-staging-x86_64/PKGBUILD | 43 +++ community-staging-x86_64/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch | 125 ++++++++++ community-staging-x86_64/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch | 55 ++++ community-staging-x86_64/rdesktop-send_physical_buttons.diff | 70 +++++ 8 files changed, 586 insertions(+) Copied: rdesktop/repos/community-staging-i686/PKGBUILD (from rev 212172, rdesktop/trunk/PKGBUILD) =================================================================== --- community-staging-i686/PKGBUILD (rev 0) +++ community-staging-i686/PKGBUILD 2017-02-13 20:13:18 UTC (rev 212173) @@ -0,0 +1,43 @@ +# $Id$ +# Maintainer: +# Contributor: Andrea Scarpino <and...@archlinux.org> +# Contributor: Dan McGee <d...@archlinux.org> + +pkgname=rdesktop +pkgver=1.8.3 +pkgrel=3 +pkgdesc="An open source client for Windows Remote Desktop Services" +arch=('i686' 'x86_64') +url="http://www.rdesktop.org/" +license=('GPL3') +depends=('libao' 'libsamplerate' 'xorg-xrandr' 'pcsclite' 'libgssglue') +source=("http://downloads.sourceforge.net/${pkgname}/${pkgname}-${pkgver}.tar.gz" + rdesktop-send_physical_buttons.diff + bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch + c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch + ) +md5sums=('86e8b368a7c715e74ded92e0d7912dc5' + 'cbfb12729e7f28e497afb883cc42022b' + '5682991379199228a296b34ba51942a4' + '940db07a63df082fbbf3cb509a7c42aa') + +prepare() { + cd ${pkgname}-${pkgver} + # FS#15113 + patch -i "${srcdir}/rdesktop-send_physical_buttons.diff" + patch -Np1 -i ${srcdir}/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch + patch -Np1 -i ${srcdir}/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch +} + +build() { + cd ${pkgname}-${pkgver} + ./configure --prefix=/usr \ + --enable-smartcard \ + --with-ipv6 + make +} + +package() { + cd ${pkgname}-${pkgver} + make DESTDIR="${pkgdir}" install +} Copied: rdesktop/repos/community-staging-i686/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch (from rev 212172, rdesktop/trunk/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch) =================================================================== --- community-staging-i686/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch (rev 0) +++ community-staging-i686/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch 2017-02-13 20:13:18 UTC (rev 212173) @@ -0,0 +1,125 @@ +From bd6aa6acddf0ba640a49834807872f4cc0d0a773 Mon Sep 17 00:00:00 2001 +From: Jani Hakala <jjhak...@gmail.com> +Date: Thu, 16 Jun 2016 14:28:15 +0300 +Subject: [PATCH] Fix OpenSSL 1.1 compability issues + +Some data types have been made opaque in OpenSSL version 1.1 so +stack allocation and accessing struct fields directly does not work. +--- + ssl.c | 65 ++++++++++++++++++++++++++++++++++++++++------------------------- + 1 file changed, 40 insertions(+), 25 deletions(-) + +diff --git a/ssl.c b/ssl.c +index 4875125..032e9b9 100644 +--- a/ssl.c ++++ b/ssl.c +@@ -88,7 +88,7 @@ rdssl_rsa_encrypt(uint8 * out, uint8 * in, int len, uint32 modulus_size, uint8 * + uint8 * exponent) + { + BN_CTX *ctx; +- BIGNUM mod, exp, x, y; ++ BIGNUM *mod, *exp, *x, *y; + uint8 inr[SEC_MAX_MODULUS_SIZE]; + int outlen; + +@@ -98,24 +98,24 @@ rdssl_rsa_encrypt(uint8 * out, uint8 * in, int len, uint32 modulus_size, uint8 * + reverse(inr, len); + + ctx = BN_CTX_new(); +- BN_init(&mod); +- BN_init(&exp); +- BN_init(&x); +- BN_init(&y); +- +- BN_bin2bn(modulus, modulus_size, &mod); +- BN_bin2bn(exponent, SEC_EXPONENT_SIZE, &exp); +- BN_bin2bn(inr, len, &x); +- BN_mod_exp(&y, &x, &exp, &mod, ctx); +- outlen = BN_bn2bin(&y, out); ++ mod = BN_new(); ++ exp = BN_new(); ++ x = BN_new(); ++ y = BN_new(); ++ ++ BN_bin2bn(modulus, modulus_size, mod); ++ BN_bin2bn(exponent, SEC_EXPONENT_SIZE, exp); ++ BN_bin2bn(inr, len, x); ++ BN_mod_exp(y, x, exp, mod, ctx); ++ outlen = BN_bn2bin(y, out); + reverse(out, outlen); + if (outlen < (int) modulus_size) + memset(out + outlen, 0, modulus_size - outlen); + +- BN_free(&y); +- BN_clear_free(&x); +- BN_free(&exp); +- BN_free(&mod); ++ BN_free(y); ++ BN_clear_free(x); ++ BN_free(exp); ++ BN_free(mod); + BN_CTX_free(ctx); + } + +@@ -146,12 +146,20 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len) + + Kudos to Richard Levitte for the following (. intiutive .) + lines of code that resets the OID and let's us extract the key. */ +- nid = OBJ_obj2nid(cert->cert_info->key->algor->algorithm); ++ ++ X509_PUBKEY *key = NULL; ++ X509_ALGOR *algor = NULL; ++ ++ key = X509_get_X509_PUBKEY(cert); ++ algor = X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key); ++ ++ nid = OBJ_obj2nid(algor->algorithm); ++ + if ((nid == NID_md5WithRSAEncryption) || (nid == NID_shaWithRSAEncryption)) + { + DEBUG_RDP5(("Re-setting algorithm type to RSA in server certificate\n")); +- ASN1_OBJECT_free(cert->cert_info->key->algor->algorithm); +- cert->cert_info->key->algor->algorithm = OBJ_nid2obj(NID_rsaEncryption); ++ X509_PUBKEY_set0_param(key, OBJ_nid2obj(NID_rsaEncryption), ++ 0, NULL, NULL, 0); + } + epk = X509_get_pubkey(cert); + if (NULL == epk) +@@ -201,14 +209,24 @@ rdssl_rkey_get_exp_mod(RDSSL_RKEY * rkey, uint8 * exponent, uint32 max_exp_len, + { + int len; + +- if ((BN_num_bytes(rkey->e) > (int) max_exp_len) || +- (BN_num_bytes(rkey->n) > (int) max_mod_len)) ++ BIGNUM *e = NULL; ++ BIGNUM *n = NULL; ++ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ e = rkey->e; ++ n = rkey->n; ++#else ++ RSA_get0_key(rkey, &e, &n, NULL); ++#endif ++ ++ if ((BN_num_bytes(e) > (int) max_exp_len) || ++ (BN_num_bytes(n) > (int) max_mod_len)) + { + return 1; + } +- len = BN_bn2bin(rkey->e, exponent); ++ len = BN_bn2bin(e, exponent); + reverse(exponent, len); +- len = BN_bn2bin(rkey->n, modulus); ++ len = BN_bn2bin(n, modulus); + reverse(modulus, len); + return 0; + } +@@ -229,8 +247,5 @@ void + rdssl_hmac_md5(const void *key, int key_len, const unsigned char *msg, int msg_len, + unsigned char *md) + { +- HMAC_CTX ctx; +- HMAC_CTX_init(&ctx); + HMAC(EVP_md5(), key, key_len, msg, msg_len, md, NULL); +- HMAC_CTX_cleanup(&ctx); + } Copied: rdesktop/repos/community-staging-i686/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch (from rev 212172, rdesktop/trunk/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch) =================================================================== --- community-staging-i686/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch (rev 0) +++ community-staging-i686/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch 2017-02-13 20:13:18 UTC (rev 212173) @@ -0,0 +1,55 @@ +From c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1 Mon Sep 17 00:00:00 2001 +From: Henrik Andersson <hea...@cendio.com> +Date: Mon, 24 Oct 2016 10:24:35 +0200 +Subject: [PATCH] Fix crash in rdssl_cert_to_rkey. + +This crash was introduced by merging OpenSSL 1.1 PR done on +commit 50b39d11. Where algor was overwritten with return value +of X509_PUBKEY_get0_param(). I also added additional error +handling for X509_get_X509_PUBKEY. + +Thanks to TingPing that found this error in PR. +--- + ssl.c | 15 ++++++++++++++- + 1 file changed, 14 insertions(+), 1 deletion(-) + +diff --git a/ssl.c b/ssl.c +index 032e9b9..07d7aa5 100644 +--- a/ssl.c ++++ b/ssl.c +@@ -3,6 +3,7 @@ + Secure sockets abstraction layer + Copyright (C) Matthew Chapman <matthewc.unsw.edu.au> 1999-2008 + Copyright (C) Jay Sorg <j...@american-data.com> 2006-2008 ++ Copyright (C) Henrik Andersson <hea...@cendio.com> 2016 + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by +@@ -140,6 +141,7 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len) + EVP_PKEY *epk = NULL; + RDSSL_RKEY *lkey; + int nid; ++ int ret; + + /* By some reason, Microsoft sets the OID of the Public RSA key to + the oid for "MD5 with RSA Encryption" instead of "RSA Encryption" +@@ -151,7 +153,18 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len) + X509_ALGOR *algor = NULL; + + key = X509_get_X509_PUBKEY(cert); +- algor = X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key); ++ if (key == NULL) ++ { ++ error("Failed to get public key from certificate.\n"); ++ return NULL; ++ } ++ ++ ret = X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key); ++ if (ret != 1) ++ { ++ error("Faild to get algorithm used for public key.\n"); ++ return NULL; ++ } + + nid = OBJ_obj2nid(algor->algorithm); + Copied: rdesktop/repos/community-staging-i686/rdesktop-send_physical_buttons.diff (from rev 212172, rdesktop/trunk/rdesktop-send_physical_buttons.diff) =================================================================== --- community-staging-i686/rdesktop-send_physical_buttons.diff (rev 0) +++ community-staging-i686/rdesktop-send_physical_buttons.diff 2017-02-13 20:13:18 UTC (rev 212173) @@ -0,0 +1,70 @@ +? aclocal.m4 +Index: rdesktop.c +=================================================================== +RCS file: /cvsroot/rdesktop/rdesktop/rdesktop.c,v +retrieving revision 1.163 +diff -u -r1.163 rdesktop.c +--- rdesktop.c 5 Apr 2008 06:15:45 -0000 1.163 ++++ rdesktop.c 5 Aug 2008 11:46:04 -0000 +@@ -73,6 +73,7 @@ + int g_win_button_size = 0; /* If zero, disable single app mode */ + RD_BOOL g_bitmap_compression = True; + RD_BOOL g_sendmotion = True; ++RD_BOOL g_send_physical_buttons = True; + RD_BOOL g_bitmap_cache = True; + RD_BOOL g_bitmap_cache_persist_enable = False; + RD_BOOL g_bitmap_cache_precache = True; +@@ -152,6 +153,7 @@ + fprintf(stderr, " -B: use BackingStore of X-server (if available)\n"); + fprintf(stderr, " -e: disable encryption (French TS)\n"); + fprintf(stderr, " -E: disable encryption from client to server\n"); ++ fprintf(stderr, " -M: do not map logical mouse buttons to physical\n"); + fprintf(stderr, " -m: do not send motion events\n"); + fprintf(stderr, " -C: use private colour map\n"); + fprintf(stderr, " -D: hide window manager decorations\n"); +@@ -450,7 +452,7 @@ + #endif + + while ((c = getopt(argc, argv, +- VNCOPT "A:u:L:d:s:c:p:n:k:g:o:fbBeEitmzCDKS:T:NX:a:x:Pr:045h?")) != -1) ++ VNCOPT "A:u:L:d:s:c:p:n:k:g:o:fbBeEitMmzCDKS:T:NX:a:x:Pr:045h?")) != -1) + { + switch (c) + { +@@ -584,6 +586,9 @@ + case 'E': + g_packet_encryption = False; + break; ++ case 'M': ++ g_send_physical_buttons = False; ++ break; + case 'm': + g_sendmotion = False; + break; +Index: xwin.c +=================================================================== +RCS file: /cvsroot/rdesktop/rdesktop/xwin.c,v +retrieving revision 1.235 +diff -u -r1.235 xwin.c +--- xwin.c 11 Jul 2008 03:51:23 -0000 1.235 ++++ xwin.c 5 Aug 2008 11:46:06 -0000 +@@ -36,6 +36,7 @@ + extern int g_ypos; + extern int g_pos; + extern RD_BOOL g_sendmotion; ++extern RD_BOOL g_send_physical_buttons; + extern RD_BOOL g_fullscreen; + extern RD_BOOL g_grab_keyboard; + extern RD_BOOL g_hide_decorations; +@@ -2190,7 +2191,8 @@ + receive physical buttons (true in mstsc as well) and + logical button behavior depends on the remote desktop's own + mouse settings */ +- xevent.xbutton.button = g_pointer_log_to_phys_map[xevent.xbutton.button - 1]; ++ if (g_send_physical_buttons) ++ xevent.xbutton.button = g_pointer_log_to_phys_map[xevent.xbutton.button - 1]; + button = xkeymap_translate_button(xevent.xbutton.button); + if (button == 0) + return; + + Copied: rdesktop/repos/community-staging-x86_64/PKGBUILD (from rev 212172, rdesktop/trunk/PKGBUILD) =================================================================== --- community-staging-x86_64/PKGBUILD (rev 0) +++ community-staging-x86_64/PKGBUILD 2017-02-13 20:13:18 UTC (rev 212173) @@ -0,0 +1,43 @@ +# $Id$ +# Maintainer: +# Contributor: Andrea Scarpino <and...@archlinux.org> +# Contributor: Dan McGee <d...@archlinux.org> + +pkgname=rdesktop +pkgver=1.8.3 +pkgrel=3 +pkgdesc="An open source client for Windows Remote Desktop Services" +arch=('i686' 'x86_64') +url="http://www.rdesktop.org/" +license=('GPL3') +depends=('libao' 'libsamplerate' 'xorg-xrandr' 'pcsclite' 'libgssglue') +source=("http://downloads.sourceforge.net/${pkgname}/${pkgname}-${pkgver}.tar.gz" + rdesktop-send_physical_buttons.diff + bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch + c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch + ) +md5sums=('86e8b368a7c715e74ded92e0d7912dc5' + 'cbfb12729e7f28e497afb883cc42022b' + '5682991379199228a296b34ba51942a4' + '940db07a63df082fbbf3cb509a7c42aa') + +prepare() { + cd ${pkgname}-${pkgver} + # FS#15113 + patch -i "${srcdir}/rdesktop-send_physical_buttons.diff" + patch -Np1 -i ${srcdir}/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch + patch -Np1 -i ${srcdir}/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch +} + +build() { + cd ${pkgname}-${pkgver} + ./configure --prefix=/usr \ + --enable-smartcard \ + --with-ipv6 + make +} + +package() { + cd ${pkgname}-${pkgver} + make DESTDIR="${pkgdir}" install +} Copied: rdesktop/repos/community-staging-x86_64/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch (from rev 212172, rdesktop/trunk/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch) =================================================================== --- community-staging-x86_64/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch (rev 0) +++ community-staging-x86_64/bd6aa6acddf0ba640a49834807872f4cc0d0a773.patch 2017-02-13 20:13:18 UTC (rev 212173) @@ -0,0 +1,125 @@ +From bd6aa6acddf0ba640a49834807872f4cc0d0a773 Mon Sep 17 00:00:00 2001 +From: Jani Hakala <jjhak...@gmail.com> +Date: Thu, 16 Jun 2016 14:28:15 +0300 +Subject: [PATCH] Fix OpenSSL 1.1 compability issues + +Some data types have been made opaque in OpenSSL version 1.1 so +stack allocation and accessing struct fields directly does not work. +--- + ssl.c | 65 ++++++++++++++++++++++++++++++++++++++++------------------------- + 1 file changed, 40 insertions(+), 25 deletions(-) + +diff --git a/ssl.c b/ssl.c +index 4875125..032e9b9 100644 +--- a/ssl.c ++++ b/ssl.c +@@ -88,7 +88,7 @@ rdssl_rsa_encrypt(uint8 * out, uint8 * in, int len, uint32 modulus_size, uint8 * + uint8 * exponent) + { + BN_CTX *ctx; +- BIGNUM mod, exp, x, y; ++ BIGNUM *mod, *exp, *x, *y; + uint8 inr[SEC_MAX_MODULUS_SIZE]; + int outlen; + +@@ -98,24 +98,24 @@ rdssl_rsa_encrypt(uint8 * out, uint8 * in, int len, uint32 modulus_size, uint8 * + reverse(inr, len); + + ctx = BN_CTX_new(); +- BN_init(&mod); +- BN_init(&exp); +- BN_init(&x); +- BN_init(&y); +- +- BN_bin2bn(modulus, modulus_size, &mod); +- BN_bin2bn(exponent, SEC_EXPONENT_SIZE, &exp); +- BN_bin2bn(inr, len, &x); +- BN_mod_exp(&y, &x, &exp, &mod, ctx); +- outlen = BN_bn2bin(&y, out); ++ mod = BN_new(); ++ exp = BN_new(); ++ x = BN_new(); ++ y = BN_new(); ++ ++ BN_bin2bn(modulus, modulus_size, mod); ++ BN_bin2bn(exponent, SEC_EXPONENT_SIZE, exp); ++ BN_bin2bn(inr, len, x); ++ BN_mod_exp(y, x, exp, mod, ctx); ++ outlen = BN_bn2bin(y, out); + reverse(out, outlen); + if (outlen < (int) modulus_size) + memset(out + outlen, 0, modulus_size - outlen); + +- BN_free(&y); +- BN_clear_free(&x); +- BN_free(&exp); +- BN_free(&mod); ++ BN_free(y); ++ BN_clear_free(x); ++ BN_free(exp); ++ BN_free(mod); + BN_CTX_free(ctx); + } + +@@ -146,12 +146,20 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len) + + Kudos to Richard Levitte for the following (. intiutive .) + lines of code that resets the OID and let's us extract the key. */ +- nid = OBJ_obj2nid(cert->cert_info->key->algor->algorithm); ++ ++ X509_PUBKEY *key = NULL; ++ X509_ALGOR *algor = NULL; ++ ++ key = X509_get_X509_PUBKEY(cert); ++ algor = X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key); ++ ++ nid = OBJ_obj2nid(algor->algorithm); ++ + if ((nid == NID_md5WithRSAEncryption) || (nid == NID_shaWithRSAEncryption)) + { + DEBUG_RDP5(("Re-setting algorithm type to RSA in server certificate\n")); +- ASN1_OBJECT_free(cert->cert_info->key->algor->algorithm); +- cert->cert_info->key->algor->algorithm = OBJ_nid2obj(NID_rsaEncryption); ++ X509_PUBKEY_set0_param(key, OBJ_nid2obj(NID_rsaEncryption), ++ 0, NULL, NULL, 0); + } + epk = X509_get_pubkey(cert); + if (NULL == epk) +@@ -201,14 +209,24 @@ rdssl_rkey_get_exp_mod(RDSSL_RKEY * rkey, uint8 * exponent, uint32 max_exp_len, + { + int len; + +- if ((BN_num_bytes(rkey->e) > (int) max_exp_len) || +- (BN_num_bytes(rkey->n) > (int) max_mod_len)) ++ BIGNUM *e = NULL; ++ BIGNUM *n = NULL; ++ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ e = rkey->e; ++ n = rkey->n; ++#else ++ RSA_get0_key(rkey, &e, &n, NULL); ++#endif ++ ++ if ((BN_num_bytes(e) > (int) max_exp_len) || ++ (BN_num_bytes(n) > (int) max_mod_len)) + { + return 1; + } +- len = BN_bn2bin(rkey->e, exponent); ++ len = BN_bn2bin(e, exponent); + reverse(exponent, len); +- len = BN_bn2bin(rkey->n, modulus); ++ len = BN_bn2bin(n, modulus); + reverse(modulus, len); + return 0; + } +@@ -229,8 +247,5 @@ void + rdssl_hmac_md5(const void *key, int key_len, const unsigned char *msg, int msg_len, + unsigned char *md) + { +- HMAC_CTX ctx; +- HMAC_CTX_init(&ctx); + HMAC(EVP_md5(), key, key_len, msg, msg_len, md, NULL); +- HMAC_CTX_cleanup(&ctx); + } Copied: rdesktop/repos/community-staging-x86_64/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch (from rev 212172, rdesktop/trunk/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch) =================================================================== --- community-staging-x86_64/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch (rev 0) +++ community-staging-x86_64/c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1.patch 2017-02-13 20:13:18 UTC (rev 212173) @@ -0,0 +1,55 @@ +From c6e8e1074b8ac57de6c80c4e3ed38e105b4d94f1 Mon Sep 17 00:00:00 2001 +From: Henrik Andersson <hea...@cendio.com> +Date: Mon, 24 Oct 2016 10:24:35 +0200 +Subject: [PATCH] Fix crash in rdssl_cert_to_rkey. + +This crash was introduced by merging OpenSSL 1.1 PR done on +commit 50b39d11. Where algor was overwritten with return value +of X509_PUBKEY_get0_param(). I also added additional error +handling for X509_get_X509_PUBKEY. + +Thanks to TingPing that found this error in PR. +--- + ssl.c | 15 ++++++++++++++- + 1 file changed, 14 insertions(+), 1 deletion(-) + +diff --git a/ssl.c b/ssl.c +index 032e9b9..07d7aa5 100644 +--- a/ssl.c ++++ b/ssl.c +@@ -3,6 +3,7 @@ + Secure sockets abstraction layer + Copyright (C) Matthew Chapman <matthewc.unsw.edu.au> 1999-2008 + Copyright (C) Jay Sorg <j...@american-data.com> 2006-2008 ++ Copyright (C) Henrik Andersson <hea...@cendio.com> 2016 + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by +@@ -140,6 +141,7 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len) + EVP_PKEY *epk = NULL; + RDSSL_RKEY *lkey; + int nid; ++ int ret; + + /* By some reason, Microsoft sets the OID of the Public RSA key to + the oid for "MD5 with RSA Encryption" instead of "RSA Encryption" +@@ -151,7 +153,18 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len) + X509_ALGOR *algor = NULL; + + key = X509_get_X509_PUBKEY(cert); +- algor = X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key); ++ if (key == NULL) ++ { ++ error("Failed to get public key from certificate.\n"); ++ return NULL; ++ } ++ ++ ret = X509_PUBKEY_get0_param(NULL, NULL, 0, &algor, key); ++ if (ret != 1) ++ { ++ error("Faild to get algorithm used for public key.\n"); ++ return NULL; ++ } + + nid = OBJ_obj2nid(algor->algorithm); + Copied: rdesktop/repos/community-staging-x86_64/rdesktop-send_physical_buttons.diff (from rev 212172, rdesktop/trunk/rdesktop-send_physical_buttons.diff) =================================================================== --- community-staging-x86_64/rdesktop-send_physical_buttons.diff (rev 0) +++ community-staging-x86_64/rdesktop-send_physical_buttons.diff 2017-02-13 20:13:18 UTC (rev 212173) @@ -0,0 +1,70 @@ +? aclocal.m4 +Index: rdesktop.c +=================================================================== +RCS file: /cvsroot/rdesktop/rdesktop/rdesktop.c,v +retrieving revision 1.163 +diff -u -r1.163 rdesktop.c +--- rdesktop.c 5 Apr 2008 06:15:45 -0000 1.163 ++++ rdesktop.c 5 Aug 2008 11:46:04 -0000 +@@ -73,6 +73,7 @@ + int g_win_button_size = 0; /* If zero, disable single app mode */ + RD_BOOL g_bitmap_compression = True; + RD_BOOL g_sendmotion = True; ++RD_BOOL g_send_physical_buttons = True; + RD_BOOL g_bitmap_cache = True; + RD_BOOL g_bitmap_cache_persist_enable = False; + RD_BOOL g_bitmap_cache_precache = True; +@@ -152,6 +153,7 @@ + fprintf(stderr, " -B: use BackingStore of X-server (if available)\n"); + fprintf(stderr, " -e: disable encryption (French TS)\n"); + fprintf(stderr, " -E: disable encryption from client to server\n"); ++ fprintf(stderr, " -M: do not map logical mouse buttons to physical\n"); + fprintf(stderr, " -m: do not send motion events\n"); + fprintf(stderr, " -C: use private colour map\n"); + fprintf(stderr, " -D: hide window manager decorations\n"); +@@ -450,7 +452,7 @@ + #endif + + while ((c = getopt(argc, argv, +- VNCOPT "A:u:L:d:s:c:p:n:k:g:o:fbBeEitmzCDKS:T:NX:a:x:Pr:045h?")) != -1) ++ VNCOPT "A:u:L:d:s:c:p:n:k:g:o:fbBeEitMmzCDKS:T:NX:a:x:Pr:045h?")) != -1) + { + switch (c) + { +@@ -584,6 +586,9 @@ + case 'E': + g_packet_encryption = False; + break; ++ case 'M': ++ g_send_physical_buttons = False; ++ break; + case 'm': + g_sendmotion = False; + break; +Index: xwin.c +=================================================================== +RCS file: /cvsroot/rdesktop/rdesktop/xwin.c,v +retrieving revision 1.235 +diff -u -r1.235 xwin.c +--- xwin.c 11 Jul 2008 03:51:23 -0000 1.235 ++++ xwin.c 5 Aug 2008 11:46:06 -0000 +@@ -36,6 +36,7 @@ + extern int g_ypos; + extern int g_pos; + extern RD_BOOL g_sendmotion; ++extern RD_BOOL g_send_physical_buttons; + extern RD_BOOL g_fullscreen; + extern RD_BOOL g_grab_keyboard; + extern RD_BOOL g_hide_decorations; +@@ -2190,7 +2191,8 @@ + receive physical buttons (true in mstsc as well) and + logical button behavior depends on the remote desktop's own + mouse settings */ +- xevent.xbutton.button = g_pointer_log_to_phys_map[xevent.xbutton.button - 1]; ++ if (g_send_physical_buttons) ++ xevent.xbutton.button = g_pointer_log_to_phys_map[xevent.xbutton.button - 1]; + button = xkeymap_translate_button(xevent.xbutton.button); + if (button == 0) + return; + +