Date: Sun, 18 Nov 2018 15:06:41 +0000 (UTC) From: Kyle Evans <kevans@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r485228 - in branches/2018Q4/net/freerdp1: . files Message-ID: <201811181506.wAIF6fOR041802@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: kevans (src committer) Date: Sun Nov 18 15:06:41 2018 New Revision: 485228 URL: https://svnweb.freebsd.org/changeset/ports/485228 Log: MFH: r485226 net/freerdp1: Fix build with OpenSSL 1.1 Patch taken partially from upstream with some minor refactoring because the patch from upstream was fairly far off from where this version of FreeRDP is at. Built with: Poudriere (11.2 and 13.0-CURRENT) Tested with: OpenSSL 1.0.2 (11.2, base) Tested with: OpenSSL 1.1.1 (11.2, security/openssl111) PR: 233014 Approved by: ultima (ports), myself (maintainer) Approved by: ports-secteam (blanket, build fix) Added: branches/2018Q4/net/freerdp1/files/patch-git_1b5f5747 - copied unchanged from r485226, head/net/freerdp1/files/patch-git_1b5f5747 branches/2018Q4/net/freerdp1/files/patch-include_freerdp_crypto_crypto.h - copied unchanged from r485226, head/net/freerdp1/files/patch-include_freerdp_crypto_crypto.h branches/2018Q4/net/freerdp1/files/patch-libfreerdp_common_assistance.c - copied unchanged from r485226, head/net/freerdp1/files/patch-libfreerdp_common_assistance.c branches/2018Q4/net/freerdp1/files/patch-libfreerdp_core_certificate.c - copied unchanged from r485226, head/net/freerdp1/files/patch-libfreerdp_core_certificate.c branches/2018Q4/net/freerdp1/files/patch-libfreerdp_core_tcp.c - copied unchanged from r485226, head/net/freerdp1/files/patch-libfreerdp_core_tcp.c branches/2018Q4/net/freerdp1/files/patch-libfreerdp_core_transport.c - copied unchanged from r485226, head/net/freerdp1/files/patch-libfreerdp_core_transport.c branches/2018Q4/net/freerdp1/files/patch-libfreerdp_crypto_CMakeLists.txt - copied unchanged from r485226, head/net/freerdp1/files/patch-libfreerdp_crypto_CMakeLists.txt branches/2018Q4/net/freerdp1/files/patch-libfreerdp_crypto_crypto.c - copied unchanged from r485226, head/net/freerdp1/files/patch-libfreerdp_crypto_crypto.c branches/2018Q4/net/freerdp1/files/patch-libfreerdp_crypto_opensslcompat.c - copied unchanged from r485226, head/net/freerdp1/files/patch-libfreerdp_crypto_opensslcompat.c branches/2018Q4/net/freerdp1/files/patch-libfreerdp_crypto_opensslcompat.h - copied unchanged from r485226, head/net/freerdp1/files/patch-libfreerdp_crypto_opensslcompat.h branches/2018Q4/net/freerdp1/files/patch-libfreerdp_crypto_tls.c - copied unchanged from r485226, head/net/freerdp1/files/patch-libfreerdp_crypto_tls.c branches/2018Q4/net/freerdp1/files/patch-winpr_libwinpr_crypto_crypto.c - copied unchanged from r485226, head/net/freerdp1/files/patch-winpr_libwinpr_crypto_crypto.c branches/2018Q4/net/freerdp1/files/patch-winpr_libwinpr_crypto_crypto.h - copied unchanged from r485226, head/net/freerdp1/files/patch-winpr_libwinpr_crypto_crypto.h branches/2018Q4/net/freerdp1/files/patch-winpr_libwinpr_sspi_NTLM_ntlm.c - copied unchanged from r485226, head/net/freerdp1/files/patch-winpr_libwinpr_sspi_NTLM_ntlm.c branches/2018Q4/net/freerdp1/files/patch-winpr_libwinpr_sspi_NTLM_ntlm__compute.c - copied unchanged from r485226, head/net/freerdp1/files/patch-winpr_libwinpr_sspi_NTLM_ntlm__compute.c branches/2018Q4/net/freerdp1/files/patch-winpr_tools_makecert_makecert.c - copied unchanged from r485226, head/net/freerdp1/files/patch-winpr_tools_makecert_makecert.c Modified: branches/2018Q4/net/freerdp1/Makefile Directory Properties: branches/2018Q4/ (props changed) Modified: branches/2018Q4/net/freerdp1/Makefile ============================================================================== --- branches/2018Q4/net/freerdp1/Makefile Sun Nov 18 15:02:26 2018 (r485227) +++ branches/2018Q4/net/freerdp1/Makefile Sun Nov 18 15:06:41 2018 (r485228) @@ -3,7 +3,7 @@ PORTNAME= freerdp PORTVERSION= 1.2.0 -PORTREVISION= 12 +PORTREVISION= 13 CATEGORIES= net comms ipv6 PKGNAMESUFFIX= 1 Copied: branches/2018Q4/net/freerdp1/files/patch-git_1b5f5747 (from r485226, head/net/freerdp1/files/patch-git_1b5f5747) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q4/net/freerdp1/files/patch-git_1b5f5747 Sun Nov 18 15:06:41 2018 (r485228, copy of r485226, head/net/freerdp1/files/patch-git_1b5f5747) @@ -0,0 +1,30 @@ +--- winpr/libwinpr/bcrypt/CMakeLists.txt.orig 2014-09-11 22:46:32 UTC ++++ winpr/libwinpr/bcrypt/CMakeLists.txt +@@ -17,8 +17,3 @@ + + winpr_module_add(bcrypt.c) + +-winpr_include_directory_add( +- ${OPENSSL_INCLUDE_DIR} +- ${ZLIB_INCLUDE_DIRS}) +- +-winpr_library_add(${ZLIB_LIBRARIES}) +--- winpr/libwinpr/crypto/CMakeLists.txt.orig 2014-09-11 22:46:32 UTC ++++ winpr/libwinpr/crypto/CMakeLists.txt +@@ -20,6 +20,16 @@ winpr_module_add( + crypto.h + cert.c) + ++if(OPENSSL_FOUND) ++ winpr_include_directory_add(${OPENSSL_INCLUDE_DIR}) ++ winpr_library_add(${OPENSSL_LIBRARIES}) ++endif() ++ ++if(MBEDTLS_FOUND) ++ winpr_include_directory_add(${MBEDTLS_INCLUDE_DIR}) ++ winpr_library_add(${MBEDTLS_LIBRARIES}) ++endif() ++ + if(WIN32) + winpr_library_add(crypt32) + endif() Copied: branches/2018Q4/net/freerdp1/files/patch-include_freerdp_crypto_crypto.h (from r485226, head/net/freerdp1/files/patch-include_freerdp_crypto_crypto.h) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q4/net/freerdp1/files/patch-include_freerdp_crypto_crypto.h Sun Nov 18 15:06:41 2018 (r485228, copy of r485226, head/net/freerdp1/files/patch-include_freerdp_crypto_crypto.h) @@ -0,0 +1,23 @@ +--- include/freerdp/crypto/crypto.h.orig 2018-11-06 02:55:10 UTC ++++ include/freerdp/crypto/crypto.h +@@ -61,12 +61,20 @@ struct crypto_rc4_struct + + struct crypto_des3_struct + { ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ EVP_CIPHER_CTX *des3_ctx; ++#else + EVP_CIPHER_CTX des3_ctx; ++#endif + }; + + struct crypto_hmac_struct + { ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ HMAC_CTX *hmac_ctx; ++#else + HMAC_CTX hmac_ctx; ++#endif + }; + + struct crypto_cert_struct Copied: branches/2018Q4/net/freerdp1/files/patch-libfreerdp_common_assistance.c (from r485226, head/net/freerdp1/files/patch-libfreerdp_common_assistance.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q4/net/freerdp1/files/patch-libfreerdp_common_assistance.c Sun Nov 18 15:06:41 2018 (r485228, copy of r485226, head/net/freerdp1/files/patch-libfreerdp_common_assistance.c) @@ -0,0 +1,156 @@ +--- libfreerdp/common/assistance.c.orig 2018-11-06 05:10:45 UTC ++++ libfreerdp/common/assistance.c +@@ -478,7 +478,11 @@ BYTE* freerdp_assistance_encrypt_pass_stub(const char* + int cbPassStubW; + int EncryptedSize; + BYTE PasswordHash[16]; ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ EVP_CIPHER_CTX *rc4Ctx; ++#else + EVP_CIPHER_CTX rc4Ctx; ++#endif + BYTE *pbIn, *pbOut; + int cbOut, cbIn, cbFinal; + WCHAR* PasswordW = NULL; +@@ -516,9 +520,16 @@ BYTE* freerdp_assistance_encrypt_pass_stub(const char* + *((UINT32*) pbIn) = cbPassStubW; + CopyMemory(&pbIn[4], PassStubW, cbPassStubW); + ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ rc4Ctx = EVP_CIPHER_CTX_new(); ++ EVP_CIPHER_CTX_init(rc4Ctx); ++ ++ status = EVP_EncryptInit_ex(rc4Ctx, EVP_rc4(), NULL, NULL, NULL); ++#else + EVP_CIPHER_CTX_init(&rc4Ctx); + + status = EVP_EncryptInit_ex(&rc4Ctx, EVP_rc4(), NULL, NULL, NULL); ++#endif + + if (!status) + { +@@ -526,7 +537,11 @@ BYTE* freerdp_assistance_encrypt_pass_stub(const char* + return NULL; + } + ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ status = EVP_EncryptInit_ex(rc4Ctx, NULL, NULL, PasswordHash, NULL); ++#else + status = EVP_EncryptInit_ex(&rc4Ctx, NULL, NULL, PasswordHash, NULL); ++#endif + + if (!status) + { +@@ -537,7 +552,11 @@ BYTE* freerdp_assistance_encrypt_pass_stub(const char* + cbOut = cbFinal = 0; + cbIn = EncryptedSize; + ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ status = EVP_EncryptUpdate(rc4Ctx, pbOut, &cbOut, pbIn, cbIn); ++#else + status = EVP_EncryptUpdate(&rc4Ctx, pbOut, &cbOut, pbIn, cbIn); ++#endif + + if (!status) + { +@@ -545,7 +564,11 @@ BYTE* freerdp_assistance_encrypt_pass_stub(const char* + return NULL; + } + ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ status = EVP_EncryptFinal_ex(rc4Ctx, pbOut + cbOut, &cbFinal); ++#else + status = EVP_EncryptFinal_ex(&rc4Ctx, pbOut + cbOut, &cbFinal); ++#endif + + if (!status) + { +@@ -553,7 +576,11 @@ BYTE* freerdp_assistance_encrypt_pass_stub(const char* + return NULL; + } + ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ EVP_CIPHER_CTX_free(rc4Ctx); ++#else + EVP_CIPHER_CTX_cleanup(&rc4Ctx); ++#endif + + free(pbIn); + free(PasswordW); +@@ -571,7 +598,11 @@ int freerdp_assistance_decrypt2(rdpAssistanceFile* fil + int cbPasswordW; + int cchOutW = 0; + WCHAR* pbOutW = NULL; ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ EVP_CIPHER_CTX *aesDec; ++#else + EVP_CIPHER_CTX aesDec; ++#endif + WCHAR* PasswordW = NULL; + BYTE *pbIn, *pbOut; + int cbOut, cbIn, cbFinal; +@@ -598,17 +629,31 @@ int freerdp_assistance_decrypt2(rdpAssistanceFile* fil + + ZeroMemory(InitializationVector, sizeof(InitializationVector)); + ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ aesDec = EVP_CIPHER_CTX_new(); ++ EVP_CIPHER_CTX_init(aesDec); ++ ++ status = EVP_DecryptInit_ex(aesDec, EVP_aes_128_cbc(), NULL, NULL, NULL); ++#else + EVP_CIPHER_CTX_init(&aesDec); + + status = EVP_DecryptInit_ex(&aesDec, EVP_aes_128_cbc(), NULL, NULL, NULL); ++#endif + + if (status != 1) + return -1; + ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ EVP_CIPHER_CTX_set_key_length(aesDec, (128 / 8)); ++ EVP_CIPHER_CTX_set_padding(aesDec, 0); ++ ++ status = EVP_DecryptInit_ex(aesDec, EVP_aes_128_cbc(), NULL, DerivedKey, InitializationVector); ++#else + EVP_CIPHER_CTX_set_key_length(&aesDec, (128 / 8)); + EVP_CIPHER_CTX_set_padding(&aesDec, 0); + + status = EVP_DecryptInit_ex(&aesDec, EVP_aes_128_cbc(), NULL, DerivedKey, InitializationVector); ++#endif + + if (status != 1) + return -1; +@@ -621,12 +666,20 @@ int freerdp_assistance_decrypt2(rdpAssistanceFile* fil + if (!pbOut) + return -1; + ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ status = EVP_DecryptUpdate(aesDec, pbOut, &cbOut, pbIn, cbIn); ++#else + status = EVP_DecryptUpdate(&aesDec, pbOut, &cbOut, pbIn, cbIn); ++#endif + + if (status != 1) + return -1; + ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ status = EVP_DecryptFinal_ex(aesDec, pbOut + cbOut, &cbFinal); ++#else + status = EVP_DecryptFinal_ex(&aesDec, pbOut + cbOut, &cbFinal); ++#endif + + if (status != 1) + { +@@ -634,7 +687,11 @@ int freerdp_assistance_decrypt2(rdpAssistanceFile* fil + return -1; + } + ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ EVP_CIPHER_CTX_free(aesDec); ++#else + EVP_CIPHER_CTX_cleanup(&aesDec); ++#endif + + cbOut += cbFinal; + cbFinal = 0; Copied: branches/2018Q4/net/freerdp1/files/patch-libfreerdp_core_certificate.c (from r485226, head/net/freerdp1/files/patch-libfreerdp_core_certificate.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q4/net/freerdp1/files/patch-libfreerdp_core_certificate.c Sun Nov 18 15:06:41 2018 (r485228, copy of r485226, head/net/freerdp1/files/patch-libfreerdp_core_certificate.c) @@ -0,0 +1,59 @@ +--- libfreerdp/core/certificate.c.orig 2014-09-11 22:46:32 UTC ++++ libfreerdp/core/certificate.c +@@ -32,6 +32,7 @@ + #include <openssl/rsa.h> + + #include "certificate.h" ++#include "../crypto/opensslcompat.h" + + #define TAG "com.freerdp.core" + +@@ -652,6 +653,9 @@ rdpRsaKey* key_new(const char* keyfile) + FILE* fp; + RSA* rsa; + rdpRsaKey* key; ++ const BIGNUM *rsa_e = NULL; ++ const BIGNUM *rsa_n = NULL; ++ const BIGNUM *rsa_d = NULL; + key = (rdpRsaKey*)calloc(1, sizeof(rdpRsaKey)); + + if (!key) +@@ -692,31 +696,31 @@ rdpRsaKey* key_new(const char* keyfile) + ERR_print_errors_fp(stderr); + goto out_free_rsa; + } +- +- if (BN_num_bytes(rsa->e) > 4) ++ RSA_get0_key(rsa, &rsa_n, &rsa_e, &rsa_d); ++ if (BN_num_bytes(rsa_e) > 4) + { + DEBUG_WARN("%s: RSA public exponent too large in %s\n", __FUNCTION__, keyfile); + goto out_free_rsa; + } + +- key->ModulusLength = BN_num_bytes(rsa->n); ++ key->ModulusLength = BN_num_bytes(rsa_n); + key->Modulus = (BYTE*)malloc(key->ModulusLength); + + if (!key->Modulus) + goto out_free_rsa; + +- BN_bn2bin(rsa->n, key->Modulus); ++ BN_bn2bin(rsa_n, key->Modulus); + crypto_reverse(key->Modulus, key->ModulusLength); +- key->PrivateExponentLength = BN_num_bytes(rsa->d); ++ key->PrivateExponentLength = BN_num_bytes(rsa_d); + key->PrivateExponent = (BYTE*)malloc(key->PrivateExponentLength); + + if (!key->PrivateExponent) + goto out_free_modulus; + +- BN_bn2bin(rsa->d, key->PrivateExponent); ++ BN_bn2bin(rsa_d, key->PrivateExponent); + crypto_reverse(key->PrivateExponent, key->PrivateExponentLength); + memset(key->exponent, 0, sizeof(key->exponent)); +- BN_bn2bin(rsa->e, key->exponent + sizeof(key->exponent) - BN_num_bytes(rsa->e)); ++ BN_bn2bin(rsa_e, key->exponent + sizeof(key->exponent) - BN_num_bytes(rsa_e)); + crypto_reverse(key->exponent, sizeof(key->exponent)); + RSA_free(rsa); + return key; Copied: branches/2018Q4/net/freerdp1/files/patch-libfreerdp_core_tcp.c (from r485226, head/net/freerdp1/files/patch-libfreerdp_core_tcp.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q4/net/freerdp1/files/patch-libfreerdp_core_tcp.c Sun Nov 18 15:06:41 2018 (r485228, copy of r485226, head/net/freerdp1/files/patch-libfreerdp_core_tcp.c) @@ -0,0 +1,338 @@ +--- libfreerdp/core/tcp.c.orig 2014-09-11 22:46:32 UTC ++++ libfreerdp/core/tcp.c +@@ -71,6 +71,7 @@ + #include <winpr/stream.h> + + #include "tcp.h" ++#include "../crypto/opensslcompat.h" + + /* Simple Socket BIO */ + +@@ -86,13 +87,14 @@ static int transport_bio_simple_write(BIO* bio, const + { + int error; + int status = 0; ++ int socket = (int)BIO_get_data(bio); + + if (!buf) + return 0; + + BIO_clear_flags(bio, BIO_FLAGS_WRITE); + +- status = _send((SOCKET) bio->num, buf, size, 0); ++ status = _send(socket, buf, size, 0); + + if (status <= 0) + { +@@ -116,13 +118,14 @@ static int transport_bio_simple_read(BIO* bio, char* b + { + int error; + int status = 0; ++ int socket = (int)BIO_get_data(bio); + + if (!buf) + return 0; + + BIO_clear_flags(bio, BIO_FLAGS_READ); + +- status = _recv((SOCKET) bio->num, buf, size, 0); ++ status = _recv(socket, buf, size, 0); + if (status > 0) + return status; + +@@ -160,6 +163,7 @@ static int transport_bio_simple_gets(BIO* bio, char* s + static long transport_bio_simple_ctrl(BIO* bio, int cmd, long arg1, void* arg2) + { + int status = -1; ++ int socket = (int)BIO_get_data(bio); + + switch (cmd) + { +@@ -167,29 +171,29 @@ static long transport_bio_simple_ctrl(BIO* bio, int cm + if (arg2) + { + transport_bio_simple_free(bio); +- bio->flags = BIO_FLAGS_SHOULD_RETRY; +- bio->num = *((int*) arg2); +- bio->shutdown = (int) arg1; +- bio->init = 1; ++ BIO_set_flags(bio, BIO_FLAGS_SHOULD_RETRY); ++ BIO_set_data(bio, *((int *) arg2)); ++ BIO_set_shutdown(bio, (int) arg1); ++ BIO_set_init(bio, 1); + status = 1; + } + break; + + case BIO_C_GET_FD: +- if (bio->init) ++ if (BIO_get_init(bio)) + { + if (arg2) +- *((int*) arg2) = bio->num; +- status = bio->num; ++ *((int*) arg2) = socket; ++ status = socket; + } + break; + + case BIO_CTRL_GET_CLOSE: +- status = bio->shutdown; ++ status = BIO_get_shutdown(bio); + break; + + case BIO_CTRL_SET_CLOSE: +- bio->shutdown = (int) arg1; ++ BIO_set_shutdown(bio, (int) arg1); + status = 1; + break; + +@@ -211,47 +215,49 @@ static long transport_bio_simple_ctrl(BIO* bio, int cm + + static int transport_bio_simple_new(BIO* bio) + { +- bio->init = 0; +- bio->num = 0; +- bio->ptr = NULL; +- bio->flags = BIO_FLAGS_SHOULD_RETRY; ++ ++ BIO_set_init(bio, 0); ++ BIO_set_data(bio, 0); ++ BIO_set_flags(bio, BIO_FLAGS_SHOULD_RETRY); + return 1; + } + + static int transport_bio_simple_free(BIO* bio) + { ++ int socket = (int)BIO_get_data(bio); + if (!bio) + return 0; + +- if (bio->shutdown) ++ if (BIO_get_shutdown(bio)) + { +- if (bio->init) +- closesocket((SOCKET) bio->num); ++ if (BIO_get_init(bio)) ++ closesocket(socket); + +- bio->init = 0; +- bio->flags = 0; ++ BIO_set_init(bio, 0); ++ BIO_set_flags(bio, 0); ++ BIO_set_data(bio, 0); + } + + return 1; + } + +-static BIO_METHOD transport_bio_simple_socket_methods = +-{ +- BIO_TYPE_SIMPLE, +- "SimpleSocket", +- transport_bio_simple_write, +- transport_bio_simple_read, +- transport_bio_simple_puts, +- transport_bio_simple_gets, +- transport_bio_simple_ctrl, +- transport_bio_simple_new, +- transport_bio_simple_free, +- NULL, +-}; +- + BIO_METHOD* BIO_s_simple_socket(void) + { +- return &transport_bio_simple_socket_methods; ++ static BIO_METHOD* bio_methods = NULL; ++ ++ if (bio_methods == NULL) ++ { ++ if (!(bio_methods = BIO_meth_new(BIO_TYPE_SIMPLE, "SimpleSocket"))) ++ return NULL; ++ BIO_meth_set_write(bio_methods, transport_bio_simple_write); ++ BIO_meth_set_read(bio_methods, transport_bio_simple_read); ++ BIO_meth_set_puts(bio_methods, transport_bio_simple_puts); ++ BIO_meth_set_gets(bio_methods, transport_bio_simple_gets); ++ BIO_meth_set_ctrl(bio_methods, transport_bio_simple_ctrl); ++ BIO_meth_set_create(bio_methods, transport_bio_simple_new); ++ BIO_meth_set_destroy(bio_methods, transport_bio_simple_free); ++ } ++ return bio_methods; + } + + /* Buffered Socket BIO */ +@@ -264,7 +270,8 @@ long transport_bio_buffered_callback(BIO* bio, int mod + static int transport_bio_buffered_write(BIO* bio, const char* buf, int num) + { + int status, ret; +- rdpTcp* tcp = (rdpTcp*) bio->ptr; ++ rdpTcp* tcp = (rdpTcp*) BIO_get_data(bio); ++ BIO *next_bio = NULL; + int nchunks, committedBytes, i; + DataChunk chunks[2]; + +@@ -283,23 +290,24 @@ static int transport_bio_buffered_write(BIO* bio, cons + + committedBytes = 0; + nchunks = ringbuffer_peek(&tcp->xmitBuffer, chunks, ringbuffer_used(&tcp->xmitBuffer)); ++ next_bio = BIO_next(bio); + + for (i = 0; i < nchunks; i++) + { + while (chunks[i].size) + { +- status = BIO_write(bio->next_bio, chunks[i].data, chunks[i].size); ++ status = BIO_write(next_bio, chunks[i].data, chunks[i].size); + + if (status <= 0) + { +- if (!BIO_should_retry(bio->next_bio)) ++ if (!BIO_should_retry(next_bio)) + { + BIO_clear_flags(bio, BIO_FLAGS_SHOULD_RETRY); + ret = -1; /* fatal error */ + goto out; + } + +- if (BIO_should_write(bio->next_bio)) ++ if (BIO_should_write(next_bio)) + { + BIO_set_flags(bio, BIO_FLAGS_WRITE); + tcp->writeBlocked = TRUE; +@@ -321,16 +329,17 @@ out: + static int transport_bio_buffered_read(BIO* bio, char* buf, int size) + { + int status; +- rdpTcp* tcp = (rdpTcp*) bio->ptr; ++ rdpTcp* tcp = (rdpTcp*) BIO_get_data(bio); ++ BIO* next_bio = BIO_next(bio); + + tcp->readBlocked = FALSE; + BIO_clear_flags(bio, BIO_FLAGS_READ); + +- status = BIO_read(bio->next_bio, buf, size); ++ status = BIO_read(next_bio, buf, size); + + if (status <= 0) + { +- if (!BIO_should_retry(bio->next_bio)) ++ if (!BIO_should_retry(next_bio)) + { + BIO_clear_flags(bio, BIO_FLAGS_SHOULD_RETRY); + goto out; +@@ -338,7 +347,7 @@ static int transport_bio_buffered_read(BIO* bio, char* + + BIO_set_flags(bio, BIO_FLAGS_SHOULD_RETRY); + +- if (BIO_should_read(bio->next_bio)) ++ if (BIO_should_read(next_bio)) + { + BIO_set_flags(bio, BIO_FLAGS_READ); + tcp->readBlocked = TRUE; +@@ -362,7 +371,7 @@ static int transport_bio_buffered_gets(BIO* bio, char* + + static long transport_bio_buffered_ctrl(BIO* bio, int cmd, long arg1, void* arg2) + { +- rdpTcp* tcp = (rdpTcp*) bio->ptr; ++ rdpTcp* tcp = (rdpTcp*) BIO_get_data(bio); + + switch (cmd) + { +@@ -376,7 +385,7 @@ static long transport_bio_buffered_ctrl(BIO* bio, int + return 0; + + default: +- return BIO_ctrl(bio->next_bio, cmd, arg1, arg2); ++ return BIO_ctrl(BIO_next(bio), cmd, arg1, arg2); + } + + return 0; +@@ -384,10 +393,9 @@ static long transport_bio_buffered_ctrl(BIO* bio, int + + static int transport_bio_buffered_new(BIO* bio) + { +- bio->init = 1; +- bio->num = 0; +- bio->ptr = NULL; +- bio->flags = BIO_FLAGS_SHOULD_RETRY; ++ BIO_set_init(bio, 1); ++ BIO_set_data(bio, 0); ++ BIO_set_flags(bio, BIO_FLAGS_SHOULD_RETRY); + return 1; + } + +@@ -396,29 +404,28 @@ static int transport_bio_buffered_free(BIO* bio) + return 1; + } + +-static BIO_METHOD transport_bio_buffered_socket_methods = +-{ +- BIO_TYPE_BUFFERED, +- "BufferedSocket", +- transport_bio_buffered_write, +- transport_bio_buffered_read, +- transport_bio_buffered_puts, +- transport_bio_buffered_gets, +- transport_bio_buffered_ctrl, +- transport_bio_buffered_new, +- transport_bio_buffered_free, +- NULL, +-}; +- + BIO_METHOD* BIO_s_buffered_socket(void) + { +- return &transport_bio_buffered_socket_methods; ++ static BIO_METHOD* bio_methods = NULL; ++ if (bio_methods == NULL) ++ { ++ if (!(bio_methods = BIO_meth_new(BIO_TYPE_BUFFERED, "BufferedSocket"))) ++ return NULL; ++ BIO_meth_set_write(bio_methods, transport_bio_buffered_write); ++ BIO_meth_set_read(bio_methods, transport_bio_buffered_read); ++ BIO_meth_set_puts(bio_methods, transport_bio_buffered_puts); ++ BIO_meth_set_gets(bio_methods, transport_bio_buffered_gets); ++ BIO_meth_set_ctrl(bio_methods, transport_bio_buffered_ctrl); ++ BIO_meth_set_create(bio_methods, transport_bio_buffered_new); ++ BIO_meth_set_destroy(bio_methods, transport_bio_buffered_free); ++ } ++ return bio_methods; + } + + BOOL transport_bio_buffered_drain(BIO *bio) + { + int status; +- rdpTcp* tcp = (rdpTcp*) bio->ptr; ++ rdpTcp* tcp = (rdpTcp*) BIO_get_data(bio); + + if (!ringbuffer_used(&tcp->xmitBuffer)) + return 1; +@@ -527,7 +534,10 @@ BOOL tcp_connect(rdpTcp* tcp, const char* hostname, in + if (!tcp->socketBio) + return FALSE; + +- if (BIO_set_conn_hostname(tcp->socketBio, hostname) < 0 || BIO_set_conn_int_port(tcp->socketBio, &port) < 0) ++ char strport[10]; ++ /* XXX HACK */ ++ snprintf(strport, 10, "%d", port); ++ if (BIO_set_conn_hostname(tcp->socketBio, hostname) < 0 || BIO_set_conn_port(tcp->socketBio, strport) < 0) + return FALSE; + + BIO_set_nbio(tcp->socketBio, 1); +@@ -620,7 +630,7 @@ BOOL tcp_connect(rdpTcp* tcp, const char* hostname, in + if (!tcp->bufferedBio) + return FALSE; + +- tcp->bufferedBio->ptr = tcp; ++ BIO_set_data(tcp->bufferedBio, tcp); + + tcp->bufferedBio = BIO_push(tcp->bufferedBio, tcp->socketBio); + +@@ -771,7 +781,7 @@ int tcp_attach(rdpTcp* tcp, int sockfd) + if (!tcp->bufferedBio) + return FALSE; + +- tcp->bufferedBio->ptr = tcp; ++ BIO_set_data(tcp->bufferedBio, tcp); + + tcp->bufferedBio = BIO_push(tcp->bufferedBio, tcp->socketBio); + } Copied: branches/2018Q4/net/freerdp1/files/patch-libfreerdp_core_transport.c (from r485226, head/net/freerdp1/files/patch-libfreerdp_core_transport.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q4/net/freerdp1/files/patch-libfreerdp_core_transport.c Sun Nov 18 15:06:41 2018 (r485228, copy of r485226, head/net/freerdp1/files/patch-libfreerdp_core_transport.c) @@ -0,0 +1,92 @@ +--- libfreerdp/core/transport.c.orig 2014-09-11 22:46:32 UTC ++++ libfreerdp/core/transport.c +@@ -54,6 +54,7 @@ + #include "fastpath.h" + #include "transport.h" + #include "rdp.h" ++#include "../crypto/opensslcompat.h" + + #define TAG FREERDP_TAG("core") + +@@ -122,7 +123,7 @@ static int transport_bio_tsg_write(BIO* bio, const cha + { + int status; + rdpTsg* tsg; +- tsg = (rdpTsg*) bio->ptr; ++ tsg = (rdpTsg*) BIO_get_data(bio); + BIO_clear_flags(bio, BIO_FLAGS_WRITE); + status = tsg_write(tsg, (BYTE*) buf, num); + +@@ -142,9 +143,9 @@ static int transport_bio_tsg_read(BIO* bio, char* buf, + { + int status; + rdpTsg* tsg; +- tsg = (rdpTsg*) bio->ptr; ++ tsg = (rdpTsg*) BIO_get_data(bio); + BIO_clear_flags(bio, BIO_FLAGS_READ); +- status = tsg_read(bio->ptr, (BYTE*) buf, size); ++ status = tsg_read(tsg, (BYTE*) buf, size); + + if (status < 0) + { +@@ -180,10 +181,9 @@ static long transport_bio_tsg_ctrl(BIO* bio, int cmd, + + static int transport_bio_tsg_new(BIO* bio) + { +- bio->init = 1; +- bio->num = 0; +- bio->ptr = NULL; +- bio->flags = BIO_FLAGS_SHOULD_RETRY; ++ BIO_set_init(bio, 1); ++ BIO_set_data(bio, 0); ++ BIO_set_flags(bio, BIO_FLAGS_SHOULD_RETRY); + return 1; + } + +@@ -194,23 +194,22 @@ static int transport_bio_tsg_free(BIO* bio) + + #define BIO_TYPE_TSG 65 + +-static BIO_METHOD transport_bio_tsg_methods = +-{ +- BIO_TYPE_TSG, +- "TSGateway", +- transport_bio_tsg_write, +- transport_bio_tsg_read, +- transport_bio_tsg_puts, +- transport_bio_tsg_gets, +- transport_bio_tsg_ctrl, +- transport_bio_tsg_new, +- transport_bio_tsg_free, +- NULL, +-}; +- + BIO_METHOD* BIO_s_tsg(void) + { +- return &transport_bio_tsg_methods; ++ static BIO_METHOD* bio_methods = NULL; ++ if (bio_methods == NULL) ++ { ++ if (!(bio_methods = BIO_meth_new(BIO_TYPE_TSG, "TSGateway"))) ++ return NULL; ++ BIO_meth_set_write(bio_methods, transport_bio_tsg_write); ++ BIO_meth_set_read(bio_methods, transport_bio_tsg_read); ++ BIO_meth_set_puts(bio_methods, transport_bio_tsg_puts); ++ BIO_meth_set_gets(bio_methods, transport_bio_tsg_gets); ++ BIO_meth_set_ctrl(bio_methods, transport_bio_tsg_ctrl); ++ BIO_meth_set_create(bio_methods, transport_bio_tsg_new); ++ BIO_meth_set_destroy(bio_methods, transport_bio_tsg_free); ++ } ++ return bio_methods; + } + + BOOL transport_connect_tls(rdpTransport* transport) +@@ -426,7 +425,7 @@ BOOL transport_tsg_connect(rdpTransport* transport, co + return FALSE; + + transport->frontBio = BIO_new(BIO_s_tsg()); +- transport->frontBio->ptr = tsg; ++ BIO_set_data(transport->frontBio, tsg); + return TRUE; + } + Copied: branches/2018Q4/net/freerdp1/files/patch-libfreerdp_crypto_CMakeLists.txt (from r485226, head/net/freerdp1/files/patch-libfreerdp_crypto_CMakeLists.txt) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q4/net/freerdp1/files/patch-libfreerdp_crypto_CMakeLists.txt Sun Nov 18 15:06:41 2018 (r485228, copy of r485226, head/net/freerdp1/files/patch-libfreerdp_crypto_CMakeLists.txt) @@ -0,0 +1,12 @@ +--- libfreerdp/crypto/CMakeLists.txt.orig 2018-11-15 22:43:06 UTC ++++ libfreerdp/crypto/CMakeLists.txt +@@ -26,7 +26,8 @@ freerdp_module_add( + base64.c + certificate.c + crypto.c +- tls.c) ++ tls.c ++ opensslcompat.c) + + freerdp_include_directory_add(${OPENSSL_INCLUDE_DIR}) + freerdp_include_directory_add(${ZLIB_INCLUDE_DIRS}) Copied: branches/2018Q4/net/freerdp1/files/patch-libfreerdp_crypto_crypto.c (from r485226, head/net/freerdp1/files/patch-libfreerdp_crypto_crypto.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q4/net/freerdp1/files/patch-libfreerdp_crypto_crypto.c Sun Nov 18 15:06:41 2018 (r485228, copy of r485226, head/net/freerdp1/files/patch-libfreerdp_crypto_crypto.c) @@ -0,0 +1,189 @@ +--- libfreerdp/crypto/crypto.c.orig 2018-11-06 02:56:44 UTC ++++ libfreerdp/crypto/crypto.c +@@ -92,9 +92,16 @@ CryptoDes3 crypto_des3_encrypt_init(const BYTE* key, c + if (!des3) + return NULL; + ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ des3->des3_ctx = EVP_CIPHER_CTX_new(); ++ EVP_CIPHER_CTX_init(des3->des3_ctx); ++ EVP_EncryptInit_ex(des3->des3_ctx, EVP_des_ede3_cbc(), NULL, key, ivec); ++ EVP_CIPHER_CTX_set_padding(des3->des3_ctx, 0); ++#else + EVP_CIPHER_CTX_init(&des3->des3_ctx); + EVP_EncryptInit_ex(&des3->des3_ctx, EVP_des_ede3_cbc(), NULL, key, ivec); + EVP_CIPHER_CTX_set_padding(&des3->des3_ctx, 0); ++#endif + return des3; + } + +@@ -103,23 +110,37 @@ CryptoDes3 crypto_des3_decrypt_init(const BYTE* key, c + CryptoDes3 des3 = malloc(sizeof(*des3)); + if (!des3) + return NULL; +- ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ des3->des3_ctx = EVP_CIPHER_CTX_new(); ++ EVP_CIPHER_CTX_init(des3->des3_ctx); ++ EVP_DecryptInit_ex(des3->des3_ctx, EVP_des_ede3_cbc(), NULL, key, ivec); ++ EVP_CIPHER_CTX_set_padding(des3->des3_ctx, 0); ++#else + EVP_CIPHER_CTX_init(&des3->des3_ctx); + EVP_DecryptInit_ex(&des3->des3_ctx, EVP_des_ede3_cbc(), NULL, key, ivec); + EVP_CIPHER_CTX_set_padding(&des3->des3_ctx, 0); ++#endif + return des3; + } + + void crypto_des3_encrypt(CryptoDes3 des3, UINT32 length, const BYTE* in_data, BYTE* out_data) + { + int len; ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ EVP_EncryptUpdate(des3->des3_ctx, out_data, &len, in_data, length); ++#else + EVP_EncryptUpdate(&des3->des3_ctx, out_data, &len, in_data, length); ++#endif + } + + void crypto_des3_decrypt(CryptoDes3 des3, UINT32 length, const BYTE* in_data, BYTE* out_data) + { + int len; ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ EVP_DecryptUpdate(des3->des3_ctx, out_data, &len, in_data, length); ++#else + EVP_DecryptUpdate(&des3->des3_ctx, out_data, &len, in_data, length); ++#endif + + if (length != len) + abort(); /* TODO */ +@@ -129,7 +150,12 @@ void crypto_des3_free(CryptoDes3 des3) + { + if (des3 == NULL) + return; ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ EVP_CIPHER_CTX_cleanup(des3->des3_ctx); ++ EVP_CIPHER_CTX_free(des3->des3_ctx); ++#else + EVP_CIPHER_CTX_cleanup(&des3->des3_ctx); ++#endif + free(des3); + } + +@@ -139,28 +165,48 @@ CryptoHmac crypto_hmac_new(void) + if (!hmac) + return NULL; + ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ hmac->hmac_ctx = HMAC_CTX_new(); ++#else + HMAC_CTX_init(&hmac->hmac_ctx); ++#endif + return hmac; + } + + void crypto_hmac_sha1_init(CryptoHmac hmac, const BYTE* data, UINT32 length) + { ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ HMAC_Init_ex(hmac->hmac_ctx, data, length, EVP_sha1(), NULL); ++#else + HMAC_Init_ex(&hmac->hmac_ctx, data, length, EVP_sha1(), NULL); ++#endif + } + + void crypto_hmac_md5_init(CryptoHmac hmac, const BYTE* data, UINT32 length) + { ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ HMAC_Init_ex(hmac->hmac_ctx, data, length, EVP_md5(), NULL); ++#else + HMAC_Init_ex(&hmac->hmac_ctx, data, length, EVP_md5(), NULL); ++#endif + } + + void crypto_hmac_update(CryptoHmac hmac, const BYTE* data, UINT32 length) + { ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ HMAC_Update(hmac->hmac_ctx, data, length); ++#else + HMAC_Update(&hmac->hmac_ctx, data, length); ++#endif + } + + void crypto_hmac_final(CryptoHmac hmac, BYTE* out_data, UINT32 length) + { ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ HMAC_Final(hmac->hmac_ctx, out_data, &length); ++#else + HMAC_Final(&hmac->hmac_ctx, out_data, &length); ++#endif + } + + void crypto_hmac_free(CryptoHmac hmac) +@@ -168,7 +214,11 @@ void crypto_hmac_free(CryptoHmac hmac) + if (hmac == NULL) + return; + ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ HMAC_CTX_free(hmac->hmac_ctx); ++#else + HMAC_CTX_cleanup(&hmac->hmac_ctx); ++#endif + free(hmac); + } + +@@ -236,7 +286,11 @@ static int crypto_rsa_common(const BYTE* input, int le + BYTE* input_reverse; + BYTE* modulus_reverse; + BYTE* exponent_reverse; ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ BIGNUM *mod, *exp, *x, *y; ++#else + BIGNUM mod, exp, x, y; ++#endif + + input_reverse = (BYTE*) malloc(2 * key_length + exponent_size); + if (!input_reverse) +@@ -254,6 +308,18 @@ static int crypto_rsa_common(const BYTE* input, int le + ctx = BN_CTX_new(); + if (!ctx) + goto out_free_input_reverse; ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ mod = BN_new(); ++ exp = BN_new(); ++ x = BN_new(); ++ y = BN_new(); ++ ++ BN_bin2bn(modulus_reverse, key_length, mod); ++ BN_bin2bn(exponent_reverse, exponent_size, exp); ++ BN_bin2bn(input_reverse, length, x); ++ BN_mod_exp(y, x, exp, mod, ctx); ++ output_length = BN_bn2bin(y, output); ++#else + BN_init(&mod); + BN_init(&exp); + BN_init(&x); +@@ -263,17 +329,24 @@ static int crypto_rsa_common(const BYTE* input, int le + BN_bin2bn(exponent_reverse, exponent_size, &exp); + BN_bin2bn(input_reverse, length, &x); + BN_mod_exp(&y, &x, &exp, &mod, ctx); +- + output_length = BN_bn2bin(&y, output); ++#endif + crypto_reverse(output, output_length); + + if (output_length < (int) key_length) + memset(output + output_length, 0, key_length - output_length); + ++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL ++ BN_free(y); ++ BN_clear_free(x); ++ BN_free(exp); ++ BN_free(mod); ++#else + BN_free(&y); + BN_clear_free(&x); + BN_free(&exp); + BN_free(&mod); ++#endif + BN_CTX_free(ctx); + + out_free_input_reverse: Copied: branches/2018Q4/net/freerdp1/files/patch-libfreerdp_crypto_opensslcompat.c (from r485226, head/net/freerdp1/files/patch-libfreerdp_crypto_opensslcompat.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q4/net/freerdp1/files/patch-libfreerdp_crypto_opensslcompat.c Sun Nov 18 15:06:41 2018 (r485228, copy of r485226, head/net/freerdp1/files/patch-libfreerdp_crypto_opensslcompat.c) @@ -0,0 +1,47 @@ +--- libfreerdp/crypto/opensslcompat.c.orig 2018-11-15 22:42:44 UTC ++++ libfreerdp/crypto/opensslcompat.c +@@ -0,0 +1,44 @@ ++/** ++ * FreeRDP: A Remote Desktop Protocol Implementation ++ * OpenSSL Compatibility ++ * ++ * Copyright (C) 2016 Norbert Federa <norbert.federa@thincast.com> ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#include "opensslcompat.h" ++ ++#if OPENSSL_VERSION_NUMBER < 0x10100000L ++ ++BIO_METHOD* BIO_meth_new(int type, const char* name) ++{ ++ BIO_METHOD* m; ++ if (!(m = calloc(1, sizeof(BIO_METHOD)))) ++ return NULL; ++ m->type = type; ++ m->name = name; ++ return m; ++} ++ ++void RSA_get0_key(const RSA* r, const BIGNUM** n, const BIGNUM** e, const BIGNUM** d) ++{ ++ if (n != NULL) ++ *n = r->n; ++ if (e != NULL) ++ *e = r->e; ++ if (d != NULL) ++ *d = r->d; ++} ++ ++#endif /* OPENSSL < 1.1.0 */ Copied: branches/2018Q4/net/freerdp1/files/patch-libfreerdp_crypto_opensslcompat.h (from r485226, head/net/freerdp1/files/patch-libfreerdp_crypto_opensslcompat.h) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2018Q4/net/freerdp1/files/patch-libfreerdp_crypto_opensslcompat.h Sun Nov 18 15:06:41 2018 (r485228, copy of r485226, head/net/freerdp1/files/patch-libfreerdp_crypto_opensslcompat.h) @@ -0,0 +1,64 @@ +--- libfreerdp/crypto/opensslcompat.h.orig 2018-11-15 22:42:46 UTC ++++ libfreerdp/crypto/opensslcompat.h +@@ -0,0 +1,61 @@ ++/** ++ * FreeRDP: A Remote Desktop Protocol Implementation ++ * OpenSSL Compatibility ++ * ++ * Copyright (C) 2016 Norbert Federa <norbert.federa@thincast.com> ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201811181506.wAIF6fOR041802>