Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 18 Nov 2018 14:53:00 +0000 (UTC)
From:      Kyle Evans <kevans@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r485226 - in head/net/freerdp1: . files
Message-ID:  <201811181453.wAIEr0W5035701@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: kevans (src committer)
Date: Sun Nov 18 14:53:00 2018
New Revision: 485226
URL: https://svnweb.freebsd.org/changeset/ports/485226

Log:
  net/freerdp1: Fix build with OpenSSL 1.1
  
  Patch taken partially from upstream with some minor refactoring because
  the patch from upstream was fairly far off from where this version of
  FreeRDP is at.
  
  Built with:	Poudriere (11.2 and 13.0-CURRENT)
  Tested with:	OpenSSL 1.0.2 (11.2, base)
  Tested with:	OpenSSL 1.1.1 (11.2, security/openssl111)
  
  PR:		233014
  Approved by:	ultima (ports), myself (maintainer)
  MFH:		2018Q4 (OpenSSL build fix)

Added:
  head/net/freerdp1/files/patch-git_1b5f5747   (contents, props changed)
  head/net/freerdp1/files/patch-include_freerdp_crypto_crypto.h   (contents, props changed)
  head/net/freerdp1/files/patch-libfreerdp_common_assistance.c   (contents, props changed)
  head/net/freerdp1/files/patch-libfreerdp_core_certificate.c   (contents, props changed)
  head/net/freerdp1/files/patch-libfreerdp_core_tcp.c   (contents, props changed)
  head/net/freerdp1/files/patch-libfreerdp_core_transport.c   (contents, props changed)
  head/net/freerdp1/files/patch-libfreerdp_crypto_CMakeLists.txt   (contents, props changed)
  head/net/freerdp1/files/patch-libfreerdp_crypto_crypto.c   (contents, props changed)
  head/net/freerdp1/files/patch-libfreerdp_crypto_opensslcompat.c   (contents, props changed)
  head/net/freerdp1/files/patch-libfreerdp_crypto_opensslcompat.h   (contents, props changed)
  head/net/freerdp1/files/patch-libfreerdp_crypto_tls.c   (contents, props changed)
  head/net/freerdp1/files/patch-winpr_libwinpr_crypto_crypto.c   (contents, props changed)
  head/net/freerdp1/files/patch-winpr_libwinpr_crypto_crypto.h   (contents, props changed)
  head/net/freerdp1/files/patch-winpr_libwinpr_sspi_NTLM_ntlm.c   (contents, props changed)
  head/net/freerdp1/files/patch-winpr_libwinpr_sspi_NTLM_ntlm__compute.c   (contents, props changed)
  head/net/freerdp1/files/patch-winpr_tools_makecert_makecert.c   (contents, props changed)
Modified:
  head/net/freerdp1/Makefile

Modified: head/net/freerdp1/Makefile
==============================================================================
--- head/net/freerdp1/Makefile	Sun Nov 18 14:14:15 2018	(r485225)
+++ head/net/freerdp1/Makefile	Sun Nov 18 14:53:00 2018	(r485226)
@@ -3,7 +3,7 @@
 
 PORTNAME=	freerdp
 PORTVERSION=	1.2.0
-PORTREVISION=	13
+PORTREVISION=	14
 CATEGORIES=	net comms ipv6
 PKGNAMESUFFIX=	1
 

Added: head/net/freerdp1/files/patch-git_1b5f5747
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/freerdp1/files/patch-git_1b5f5747	Sun Nov 18 14:53:00 2018	(r485226)
@@ -0,0 +1,30 @@
+--- winpr/libwinpr/bcrypt/CMakeLists.txt.orig	2014-09-11 22:46:32 UTC
++++ winpr/libwinpr/bcrypt/CMakeLists.txt
+@@ -17,8 +17,3 @@
+ 
+ winpr_module_add(bcrypt.c)
+ 
+-winpr_include_directory_add(
+-	${OPENSSL_INCLUDE_DIR}
+-	${ZLIB_INCLUDE_DIRS})
+-
+-winpr_library_add(${ZLIB_LIBRARIES})
+--- winpr/libwinpr/crypto/CMakeLists.txt.orig	2014-09-11 22:46:32 UTC
++++ winpr/libwinpr/crypto/CMakeLists.txt
+@@ -20,6 +20,16 @@ winpr_module_add(
+ 	crypto.h
+ 	cert.c)
+ 
++if(OPENSSL_FOUND)
++	winpr_include_directory_add(${OPENSSL_INCLUDE_DIR})
++	winpr_library_add(${OPENSSL_LIBRARIES})
++endif()
++
++if(MBEDTLS_FOUND)
++	winpr_include_directory_add(${MBEDTLS_INCLUDE_DIR})
++	winpr_library_add(${MBEDTLS_LIBRARIES})
++endif()
++
+ if(WIN32)
+ 	winpr_library_add(crypt32)
+ endif()

Added: head/net/freerdp1/files/patch-include_freerdp_crypto_crypto.h
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/freerdp1/files/patch-include_freerdp_crypto_crypto.h	Sun Nov 18 14:53:00 2018	(r485226)
@@ -0,0 +1,23 @@
+--- include/freerdp/crypto/crypto.h.orig	2018-11-06 02:55:10 UTC
++++ include/freerdp/crypto/crypto.h
+@@ -61,12 +61,20 @@ struct crypto_rc4_struct
+ 
+ struct crypto_des3_struct
+ {
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	EVP_CIPHER_CTX *des3_ctx;
++#else
+ 	EVP_CIPHER_CTX des3_ctx;
++#endif
+ };
+ 
+ struct crypto_hmac_struct
+ {
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	HMAC_CTX *hmac_ctx;
++#else
+ 	HMAC_CTX hmac_ctx;
++#endif
+ };
+ 
+ struct crypto_cert_struct

Added: head/net/freerdp1/files/patch-libfreerdp_common_assistance.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/freerdp1/files/patch-libfreerdp_common_assistance.c	Sun Nov 18 14:53:00 2018	(r485226)
@@ -0,0 +1,156 @@
+--- libfreerdp/common/assistance.c.orig	2018-11-06 05:10:45 UTC
++++ libfreerdp/common/assistance.c
+@@ -478,7 +478,11 @@ BYTE* freerdp_assistance_encrypt_pass_stub(const char*
+ 	int cbPassStubW;
+ 	int EncryptedSize;
+ 	BYTE PasswordHash[16];
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	EVP_CIPHER_CTX *rc4Ctx;
++#else
+ 	EVP_CIPHER_CTX rc4Ctx;
++#endif
+ 	BYTE *pbIn, *pbOut;
+ 	int cbOut, cbIn, cbFinal;
+ 	WCHAR* PasswordW = NULL;
+@@ -516,9 +520,16 @@ BYTE* freerdp_assistance_encrypt_pass_stub(const char*
+ 	*((UINT32*) pbIn) = cbPassStubW;
+ 	CopyMemory(&pbIn[4], PassStubW, cbPassStubW);
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	rc4Ctx = EVP_CIPHER_CTX_new();
++	EVP_CIPHER_CTX_init(rc4Ctx);
++
++	status = EVP_EncryptInit_ex(rc4Ctx, EVP_rc4(), NULL, NULL, NULL);
++#else
+ 	EVP_CIPHER_CTX_init(&rc4Ctx);
+ 
+ 	status = EVP_EncryptInit_ex(&rc4Ctx, EVP_rc4(), NULL, NULL, NULL);
++#endif
+ 
+ 	if (!status)
+ 	{
+@@ -526,7 +537,11 @@ BYTE* freerdp_assistance_encrypt_pass_stub(const char*
+ 		return NULL;
+ 	}
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	status = EVP_EncryptInit_ex(rc4Ctx, NULL, NULL, PasswordHash, NULL);
++#else
+ 	status = EVP_EncryptInit_ex(&rc4Ctx, NULL, NULL, PasswordHash, NULL);
++#endif
+ 
+ 	if (!status)
+ 	{
+@@ -537,7 +552,11 @@ BYTE* freerdp_assistance_encrypt_pass_stub(const char*
+ 	cbOut = cbFinal = 0;
+ 	cbIn = EncryptedSize;
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	status = EVP_EncryptUpdate(rc4Ctx, pbOut, &cbOut, pbIn, cbIn);
++#else
+ 	status = EVP_EncryptUpdate(&rc4Ctx, pbOut, &cbOut, pbIn, cbIn);
++#endif
+ 
+ 	if (!status)
+ 	{
+@@ -545,7 +564,11 @@ BYTE* freerdp_assistance_encrypt_pass_stub(const char*
+ 		return NULL;
+ 	}
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	status = EVP_EncryptFinal_ex(rc4Ctx, pbOut + cbOut, &cbFinal);
++#else
+ 	status = EVP_EncryptFinal_ex(&rc4Ctx, pbOut + cbOut, &cbFinal);
++#endif
+ 
+ 	if (!status)
+ 	{
+@@ -553,7 +576,11 @@ BYTE* freerdp_assistance_encrypt_pass_stub(const char*
+ 		return NULL;
+ 	}
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	EVP_CIPHER_CTX_free(rc4Ctx);
++#else
+ 	EVP_CIPHER_CTX_cleanup(&rc4Ctx);
++#endif
+ 
+ 	free(pbIn);
+ 	free(PasswordW);
+@@ -571,7 +598,11 @@ int freerdp_assistance_decrypt2(rdpAssistanceFile* fil
+ 	int cbPasswordW;
+ 	int cchOutW = 0;
+ 	WCHAR* pbOutW = NULL;
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	EVP_CIPHER_CTX *aesDec;
++#else
+ 	EVP_CIPHER_CTX aesDec;
++#endif
+ 	WCHAR* PasswordW = NULL;
+ 	BYTE *pbIn, *pbOut;
+ 	int cbOut, cbIn, cbFinal;
+@@ -598,17 +629,31 @@ int freerdp_assistance_decrypt2(rdpAssistanceFile* fil
+ 
+ 	ZeroMemory(InitializationVector, sizeof(InitializationVector));
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	aesDec = EVP_CIPHER_CTX_new();
++	EVP_CIPHER_CTX_init(aesDec);
++
++	status = EVP_DecryptInit_ex(aesDec, EVP_aes_128_cbc(), NULL, NULL, NULL);
++#else
+ 	EVP_CIPHER_CTX_init(&aesDec);
+ 
+ 	status = EVP_DecryptInit_ex(&aesDec, EVP_aes_128_cbc(), NULL, NULL, NULL);
++#endif
+ 
+ 	if (status != 1)
+ 		return -1;
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	EVP_CIPHER_CTX_set_key_length(aesDec, (128 / 8));
++	EVP_CIPHER_CTX_set_padding(aesDec, 0);
++
++	status = EVP_DecryptInit_ex(aesDec, EVP_aes_128_cbc(), NULL, DerivedKey, InitializationVector);
++#else
+ 	EVP_CIPHER_CTX_set_key_length(&aesDec, (128 / 8));
+ 	EVP_CIPHER_CTX_set_padding(&aesDec, 0);
+ 
+ 	status = EVP_DecryptInit_ex(&aesDec, EVP_aes_128_cbc(), NULL, DerivedKey, InitializationVector);
++#endif
+ 
+ 	if (status != 1)
+ 		return -1;
+@@ -621,12 +666,20 @@ int freerdp_assistance_decrypt2(rdpAssistanceFile* fil
+ 	if (!pbOut)
+ 		return -1;
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	status = EVP_DecryptUpdate(aesDec, pbOut, &cbOut, pbIn, cbIn);
++#else
+ 	status = EVP_DecryptUpdate(&aesDec, pbOut, &cbOut, pbIn, cbIn);
++#endif
+ 
+ 	if (status != 1)
+ 		return -1;
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	status = EVP_DecryptFinal_ex(aesDec, pbOut + cbOut, &cbFinal);
++#else
+ 	status = EVP_DecryptFinal_ex(&aesDec, pbOut + cbOut, &cbFinal);
++#endif
+ 
+ 	if (status != 1)
+ 	{
+@@ -634,7 +687,11 @@ int freerdp_assistance_decrypt2(rdpAssistanceFile* fil
+ 		return -1;
+ 	}
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	EVP_CIPHER_CTX_free(aesDec);
++#else
+ 	EVP_CIPHER_CTX_cleanup(&aesDec);
++#endif
+ 
+ 	cbOut += cbFinal;
+ 	cbFinal = 0;

Added: head/net/freerdp1/files/patch-libfreerdp_core_certificate.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/freerdp1/files/patch-libfreerdp_core_certificate.c	Sun Nov 18 14:53:00 2018	(r485226)
@@ -0,0 +1,59 @@
+--- libfreerdp/core/certificate.c.orig	2014-09-11 22:46:32 UTC
++++ libfreerdp/core/certificate.c
+@@ -32,6 +32,7 @@
+ #include <openssl/rsa.h>
+ 
+ #include "certificate.h"
++#include "../crypto/opensslcompat.h"
+ 
+ #define TAG "com.freerdp.core"
+ 
+@@ -652,6 +653,9 @@ rdpRsaKey* key_new(const char* keyfile)
+ 	FILE* fp;
+ 	RSA* rsa;
+ 	rdpRsaKey* key;
++	const BIGNUM *rsa_e = NULL;
++	const BIGNUM *rsa_n = NULL;
++	const BIGNUM *rsa_d = NULL;
+ 	key = (rdpRsaKey*)calloc(1, sizeof(rdpRsaKey));
+ 
+ 	if (!key)
+@@ -692,31 +696,31 @@ rdpRsaKey* key_new(const char* keyfile)
+ 			ERR_print_errors_fp(stderr);
+ 			goto out_free_rsa;
+ 	}
+-
+-	if (BN_num_bytes(rsa->e) > 4)
++	RSA_get0_key(rsa, &rsa_n, &rsa_e, &rsa_d);
++	if (BN_num_bytes(rsa_e) > 4)
+ 	{
+ 		DEBUG_WARN("%s: RSA public exponent too large in %s\n", __FUNCTION__, keyfile);
+ 		goto out_free_rsa;
+ 	}
+ 
+-	key->ModulusLength = BN_num_bytes(rsa->n);
++	key->ModulusLength = BN_num_bytes(rsa_n);
+ 	key->Modulus = (BYTE*)malloc(key->ModulusLength);
+ 
+ 	if (!key->Modulus)
+ 		goto out_free_rsa;
+ 
+-	BN_bn2bin(rsa->n, key->Modulus);
++	BN_bn2bin(rsa_n, key->Modulus);
+ 	crypto_reverse(key->Modulus, key->ModulusLength);
+-	key->PrivateExponentLength = BN_num_bytes(rsa->d);
++	key->PrivateExponentLength = BN_num_bytes(rsa_d);
+ 	key->PrivateExponent = (BYTE*)malloc(key->PrivateExponentLength);
+ 
+ 	if (!key->PrivateExponent)
+ 		goto out_free_modulus;
+ 
+-	BN_bn2bin(rsa->d, key->PrivateExponent);
++	BN_bn2bin(rsa_d, key->PrivateExponent);
+ 	crypto_reverse(key->PrivateExponent, key->PrivateExponentLength);
+ 	memset(key->exponent, 0, sizeof(key->exponent));
+-	BN_bn2bin(rsa->e, key->exponent + sizeof(key->exponent) - BN_num_bytes(rsa->e));
++	BN_bn2bin(rsa_e, key->exponent + sizeof(key->exponent) - BN_num_bytes(rsa_e));
+ 	crypto_reverse(key->exponent, sizeof(key->exponent));
+ 	RSA_free(rsa);
+ 	return key;

Added: head/net/freerdp1/files/patch-libfreerdp_core_tcp.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/freerdp1/files/patch-libfreerdp_core_tcp.c	Sun Nov 18 14:53:00 2018	(r485226)
@@ -0,0 +1,338 @@
+--- libfreerdp/core/tcp.c.orig	2014-09-11 22:46:32 UTC
++++ libfreerdp/core/tcp.c
+@@ -71,6 +71,7 @@
+ #include <winpr/stream.h>
+ 
+ #include "tcp.h"
++#include "../crypto/opensslcompat.h"
+ 
+ /* Simple Socket BIO */
+ 
+@@ -86,13 +87,14 @@ static int transport_bio_simple_write(BIO* bio, const 
+ {
+ 	int error;
+ 	int status = 0;
++	int socket = (int)BIO_get_data(bio);
+ 
+ 	if (!buf)
+ 		return 0;
+ 
+ 	BIO_clear_flags(bio, BIO_FLAGS_WRITE);
+ 
+-	status = _send((SOCKET) bio->num, buf, size, 0);
++	status = _send(socket, buf, size, 0);
+ 
+ 	if (status <= 0)
+ 	{
+@@ -116,13 +118,14 @@ static int transport_bio_simple_read(BIO* bio, char* b
+ {
+ 	int error;
+ 	int status = 0;
++	int socket = (int)BIO_get_data(bio);
+ 
+ 	if (!buf)
+ 		return 0;
+ 
+ 	BIO_clear_flags(bio, BIO_FLAGS_READ);
+ 
+-	status = _recv((SOCKET) bio->num, buf, size, 0);
++	status = _recv(socket, buf, size, 0);
+ 	if (status > 0)
+ 		return status;
+ 
+@@ -160,6 +163,7 @@ static int transport_bio_simple_gets(BIO* bio, char* s
+ static long transport_bio_simple_ctrl(BIO* bio, int cmd, long arg1, void* arg2)
+ {
+ 	int status = -1;
++	int socket = (int)BIO_get_data(bio);
+ 
+ 	switch (cmd)
+ 	{
+@@ -167,29 +171,29 @@ static long transport_bio_simple_ctrl(BIO* bio, int cm
+ 			if (arg2)
+ 			{
+ 				transport_bio_simple_free(bio);
+-				bio->flags = BIO_FLAGS_SHOULD_RETRY;
+-				bio->num = *((int*) arg2);
+-				bio->shutdown = (int) arg1;
+-				bio->init = 1;
++				BIO_set_flags(bio, BIO_FLAGS_SHOULD_RETRY);
++				BIO_set_data(bio, *((int *) arg2));
++				BIO_set_shutdown(bio, (int) arg1);
++				BIO_set_init(bio, 1);
+ 				status = 1;
+ 			}
+ 			break;
+ 
+ 		case BIO_C_GET_FD:
+-			if (bio->init)
++			if (BIO_get_init(bio))
+ 			{
+ 				if (arg2)
+-					*((int*) arg2) = bio->num;
+-				status = bio->num;
++					*((int*) arg2) = socket;
++				status = socket;
+ 			}
+ 			break;
+ 
+ 		case BIO_CTRL_GET_CLOSE:
+-			status = bio->shutdown;
++			status = BIO_get_shutdown(bio);
+ 			break;
+ 
+ 		case BIO_CTRL_SET_CLOSE:
+-			bio->shutdown = (int) arg1;
++			BIO_set_shutdown(bio, (int) arg1);
+ 			status = 1;
+ 			break;
+ 
+@@ -211,47 +215,49 @@ static long transport_bio_simple_ctrl(BIO* bio, int cm
+ 
+ static int transport_bio_simple_new(BIO* bio)
+ {
+-	bio->init = 0;
+-	bio->num = 0;
+-	bio->ptr = NULL;
+-	bio->flags = BIO_FLAGS_SHOULD_RETRY;
++
++	BIO_set_init(bio, 0);
++	BIO_set_data(bio, 0);
++	BIO_set_flags(bio, BIO_FLAGS_SHOULD_RETRY);
+ 	return 1;
+ }
+ 
+ static int transport_bio_simple_free(BIO* bio)
+ {
++	int socket = (int)BIO_get_data(bio);
+ 	if (!bio)
+ 		return 0;
+ 
+-	if (bio->shutdown)
++	if (BIO_get_shutdown(bio))
+ 	{
+-		if (bio->init)
+-			closesocket((SOCKET) bio->num);
++		if (BIO_get_init(bio))
++			closesocket(socket);
+ 
+-		bio->init = 0;
+-		bio->flags = 0;
++		BIO_set_init(bio, 0);
++		BIO_set_flags(bio, 0);
++		BIO_set_data(bio, 0);
+ 	}
+ 
+ 	return 1;
+ }
+ 
+-static BIO_METHOD transport_bio_simple_socket_methods =
+-{
+-	BIO_TYPE_SIMPLE,
+-	"SimpleSocket",
+-	transport_bio_simple_write,
+-	transport_bio_simple_read,
+-	transport_bio_simple_puts,
+-	transport_bio_simple_gets,
+-	transport_bio_simple_ctrl,
+-	transport_bio_simple_new,
+-	transport_bio_simple_free,
+-	NULL,
+-};
+-
+ BIO_METHOD* BIO_s_simple_socket(void)
+ {
+-	return &transport_bio_simple_socket_methods;
++	static BIO_METHOD* bio_methods = NULL;
++
++	if (bio_methods == NULL)
++	{
++		if (!(bio_methods = BIO_meth_new(BIO_TYPE_SIMPLE, "SimpleSocket")))
++			return NULL;
++		BIO_meth_set_write(bio_methods, transport_bio_simple_write);
++		BIO_meth_set_read(bio_methods, transport_bio_simple_read);
++		BIO_meth_set_puts(bio_methods, transport_bio_simple_puts);
++		BIO_meth_set_gets(bio_methods, transport_bio_simple_gets);
++		BIO_meth_set_ctrl(bio_methods, transport_bio_simple_ctrl);
++		BIO_meth_set_create(bio_methods, transport_bio_simple_new);
++		BIO_meth_set_destroy(bio_methods, transport_bio_simple_free);
++	}
++	return bio_methods;
+ }
+ 
+ /* Buffered Socket BIO */
+@@ -264,7 +270,8 @@ long transport_bio_buffered_callback(BIO* bio, int mod
+ static int transport_bio_buffered_write(BIO* bio, const char* buf, int num)
+ {
+ 	int status, ret;
+-	rdpTcp* tcp = (rdpTcp*) bio->ptr;
++	rdpTcp* tcp = (rdpTcp*) BIO_get_data(bio);
++	BIO *next_bio = NULL;
+ 	int nchunks, committedBytes, i;
+ 	DataChunk chunks[2];
+ 
+@@ -283,23 +290,24 @@ static int transport_bio_buffered_write(BIO* bio, cons
+ 
+ 	committedBytes = 0;
+ 	nchunks = ringbuffer_peek(&tcp->xmitBuffer, chunks, ringbuffer_used(&tcp->xmitBuffer));
++	next_bio = BIO_next(bio);
+ 
+ 	for (i = 0; i < nchunks; i++)
+ 	{
+ 		while (chunks[i].size)
+ 		{
+-			status = BIO_write(bio->next_bio, chunks[i].data, chunks[i].size);
++			status = BIO_write(next_bio, chunks[i].data, chunks[i].size);
+ 
+ 			if (status <= 0)
+ 			{
+-				if (!BIO_should_retry(bio->next_bio))
++				if (!BIO_should_retry(next_bio))
+ 				{
+ 					BIO_clear_flags(bio, BIO_FLAGS_SHOULD_RETRY);
+ 					ret = -1; /* fatal error */
+ 					goto out;
+ 				}
+ 
+-				if (BIO_should_write(bio->next_bio))
++				if (BIO_should_write(next_bio))
+ 				{
+ 					BIO_set_flags(bio, BIO_FLAGS_WRITE);
+ 					tcp->writeBlocked = TRUE;
+@@ -321,16 +329,17 @@ out:
+ static int transport_bio_buffered_read(BIO* bio, char* buf, int size)
+ {
+ 	int status;
+-	rdpTcp* tcp = (rdpTcp*) bio->ptr;
++	rdpTcp* tcp = (rdpTcp*) BIO_get_data(bio);
++	BIO* next_bio = BIO_next(bio);
+ 
+ 	tcp->readBlocked = FALSE;
+ 	BIO_clear_flags(bio, BIO_FLAGS_READ);
+ 
+-	status = BIO_read(bio->next_bio, buf, size);
++	status = BIO_read(next_bio, buf, size);
+ 
+ 	if (status <= 0)
+ 	{
+-		if (!BIO_should_retry(bio->next_bio))
++		if (!BIO_should_retry(next_bio))
+ 		{
+ 			BIO_clear_flags(bio, BIO_FLAGS_SHOULD_RETRY);
+ 			goto out;
+@@ -338,7 +347,7 @@ static int transport_bio_buffered_read(BIO* bio, char*
+ 
+ 		BIO_set_flags(bio, BIO_FLAGS_SHOULD_RETRY);
+ 
+-		if (BIO_should_read(bio->next_bio))
++		if (BIO_should_read(next_bio))
+ 		{
+ 			BIO_set_flags(bio, BIO_FLAGS_READ);
+ 			tcp->readBlocked = TRUE;
+@@ -362,7 +371,7 @@ static int transport_bio_buffered_gets(BIO* bio, char*
+ 
+ static long transport_bio_buffered_ctrl(BIO* bio, int cmd, long arg1, void* arg2)
+ {
+-	rdpTcp* tcp = (rdpTcp*) bio->ptr;
++	rdpTcp* tcp = (rdpTcp*) BIO_get_data(bio);
+ 
+ 	switch (cmd)
+ 	{
+@@ -376,7 +385,7 @@ static long transport_bio_buffered_ctrl(BIO* bio, int 
+ 			return 0;
+ 
+ 		default:
+-			return BIO_ctrl(bio->next_bio, cmd, arg1, arg2);
++			return BIO_ctrl(BIO_next(bio), cmd, arg1, arg2);
+ 	}
+ 
+ 	return 0;
+@@ -384,10 +393,9 @@ static long transport_bio_buffered_ctrl(BIO* bio, int 
+ 
+ static int transport_bio_buffered_new(BIO* bio)
+ {
+-	bio->init = 1;
+-	bio->num = 0;
+-	bio->ptr = NULL;
+-	bio->flags = BIO_FLAGS_SHOULD_RETRY;
++	BIO_set_init(bio, 1);
++	BIO_set_data(bio, 0);
++	BIO_set_flags(bio, BIO_FLAGS_SHOULD_RETRY);
+ 	return 1;
+ }
+ 
+@@ -396,29 +404,28 @@ static int transport_bio_buffered_free(BIO* bio)
+ 	return 1;
+ }
+ 
+-static BIO_METHOD transport_bio_buffered_socket_methods =
+-{
+-	BIO_TYPE_BUFFERED,
+-	"BufferedSocket",
+-	transport_bio_buffered_write,
+-	transport_bio_buffered_read,
+-	transport_bio_buffered_puts,
+-	transport_bio_buffered_gets,
+-	transport_bio_buffered_ctrl,
+-	transport_bio_buffered_new,
+-	transport_bio_buffered_free,
+-	NULL,
+-};
+-
+ BIO_METHOD* BIO_s_buffered_socket(void)
+ {
+-	return &transport_bio_buffered_socket_methods;
++	static BIO_METHOD* bio_methods = NULL;
++	if (bio_methods == NULL)
++	{
++		if (!(bio_methods = BIO_meth_new(BIO_TYPE_BUFFERED, "BufferedSocket")))
++			return NULL;
++		BIO_meth_set_write(bio_methods, transport_bio_buffered_write);
++		BIO_meth_set_read(bio_methods, transport_bio_buffered_read);
++		BIO_meth_set_puts(bio_methods, transport_bio_buffered_puts);
++		BIO_meth_set_gets(bio_methods, transport_bio_buffered_gets);
++		BIO_meth_set_ctrl(bio_methods, transport_bio_buffered_ctrl);
++		BIO_meth_set_create(bio_methods, transport_bio_buffered_new);
++		BIO_meth_set_destroy(bio_methods, transport_bio_buffered_free);
++	}
++	return bio_methods;
+ }
+ 
+ BOOL transport_bio_buffered_drain(BIO *bio)
+ {
+ 	int status;
+-	rdpTcp* tcp = (rdpTcp*) bio->ptr;
++	rdpTcp* tcp = (rdpTcp*) BIO_get_data(bio);
+ 
+ 	if (!ringbuffer_used(&tcp->xmitBuffer))
+ 		return 1;
+@@ -527,7 +534,10 @@ BOOL tcp_connect(rdpTcp* tcp, const char* hostname, in
+ 		if (!tcp->socketBio)
+ 			return FALSE;
+ 
+-		if (BIO_set_conn_hostname(tcp->socketBio, hostname) < 0 || BIO_set_conn_int_port(tcp->socketBio, &port) < 0)
++		char strport[10];
++		/* XXX HACK */
++		snprintf(strport, 10, "%d", port);
++		if (BIO_set_conn_hostname(tcp->socketBio, hostname) < 0 || BIO_set_conn_port(tcp->socketBio, strport) < 0)
+ 			return FALSE;
+ 
+ 		BIO_set_nbio(tcp->socketBio, 1);
+@@ -620,7 +630,7 @@ BOOL tcp_connect(rdpTcp* tcp, const char* hostname, in
+ 	if (!tcp->bufferedBio)
+ 		return FALSE;
+ 
+-	tcp->bufferedBio->ptr = tcp;
++	BIO_set_data(tcp->bufferedBio, tcp);
+ 
+ 	tcp->bufferedBio = BIO_push(tcp->bufferedBio, tcp->socketBio);
+ 
+@@ -771,7 +781,7 @@ int tcp_attach(rdpTcp* tcp, int sockfd)
+ 		if (!tcp->bufferedBio)
+ 			return FALSE;
+ 
+-		tcp->bufferedBio->ptr = tcp;
++		BIO_set_data(tcp->bufferedBio, tcp);
+ 
+ 		tcp->bufferedBio = BIO_push(tcp->bufferedBio, tcp->socketBio);
+ 	}

Added: head/net/freerdp1/files/patch-libfreerdp_core_transport.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/freerdp1/files/patch-libfreerdp_core_transport.c	Sun Nov 18 14:53:00 2018	(r485226)
@@ -0,0 +1,92 @@
+--- libfreerdp/core/transport.c.orig	2014-09-11 22:46:32 UTC
++++ libfreerdp/core/transport.c
+@@ -54,6 +54,7 @@
+ #include "fastpath.h"
+ #include "transport.h"
+ #include "rdp.h"
++#include "../crypto/opensslcompat.h"
+ 
+ #define TAG FREERDP_TAG("core")
+ 
+@@ -122,7 +123,7 @@ static int transport_bio_tsg_write(BIO* bio, const cha
+ {
+ 	int status;
+ 	rdpTsg* tsg;
+-	tsg = (rdpTsg*) bio->ptr;
++	tsg = (rdpTsg*) BIO_get_data(bio);
+ 	BIO_clear_flags(bio, BIO_FLAGS_WRITE);
+ 	status = tsg_write(tsg, (BYTE*) buf, num);
+ 
+@@ -142,9 +143,9 @@ static int transport_bio_tsg_read(BIO* bio, char* buf,
+ {
+ 	int status;
+ 	rdpTsg* tsg;
+-	tsg = (rdpTsg*) bio->ptr;
++	tsg = (rdpTsg*) BIO_get_data(bio);
+ 	BIO_clear_flags(bio, BIO_FLAGS_READ);
+-	status = tsg_read(bio->ptr, (BYTE*) buf, size);
++	status = tsg_read(tsg, (BYTE*) buf, size);
+ 
+ 	if (status < 0)
+ 	{
+@@ -180,10 +181,9 @@ static long transport_bio_tsg_ctrl(BIO* bio, int cmd, 
+ 
+ static int transport_bio_tsg_new(BIO* bio)
+ {
+-	bio->init = 1;
+-	bio->num = 0;
+-	bio->ptr = NULL;
+-	bio->flags = BIO_FLAGS_SHOULD_RETRY;
++	BIO_set_init(bio, 1);
++	BIO_set_data(bio, 0);
++	BIO_set_flags(bio, BIO_FLAGS_SHOULD_RETRY);
+ 	return 1;
+ }
+ 
+@@ -194,23 +194,22 @@ static int transport_bio_tsg_free(BIO* bio)
+ 
+ #define BIO_TYPE_TSG	65
+ 
+-static BIO_METHOD transport_bio_tsg_methods =
+-{
+-	BIO_TYPE_TSG,
+-	"TSGateway",
+-	transport_bio_tsg_write,
+-	transport_bio_tsg_read,
+-	transport_bio_tsg_puts,
+-	transport_bio_tsg_gets,
+-	transport_bio_tsg_ctrl,
+-	transport_bio_tsg_new,
+-	transport_bio_tsg_free,
+-	NULL,
+-};
+-
+ BIO_METHOD* BIO_s_tsg(void)
+ {
+-	return &transport_bio_tsg_methods;
++	static BIO_METHOD* bio_methods = NULL;
++	if (bio_methods == NULL)
++	{
++		if (!(bio_methods = BIO_meth_new(BIO_TYPE_TSG, "TSGateway")))
++			return NULL;
++		BIO_meth_set_write(bio_methods, transport_bio_tsg_write);
++		BIO_meth_set_read(bio_methods, transport_bio_tsg_read);
++		BIO_meth_set_puts(bio_methods, transport_bio_tsg_puts);
++		BIO_meth_set_gets(bio_methods, transport_bio_tsg_gets);
++		BIO_meth_set_ctrl(bio_methods, transport_bio_tsg_ctrl);
++		BIO_meth_set_create(bio_methods, transport_bio_tsg_new);
++		BIO_meth_set_destroy(bio_methods, transport_bio_tsg_free);
++	}
++	return bio_methods;
+ }
+ 
+ BOOL transport_connect_tls(rdpTransport* transport)
+@@ -426,7 +425,7 @@ BOOL transport_tsg_connect(rdpTransport* transport, co
+ 		return FALSE;
+ 
+ 	transport->frontBio = BIO_new(BIO_s_tsg());
+-	transport->frontBio->ptr = tsg;
++	BIO_set_data(transport->frontBio, tsg);
+ 	return TRUE;
+ }
+ 

Added: head/net/freerdp1/files/patch-libfreerdp_crypto_CMakeLists.txt
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/freerdp1/files/patch-libfreerdp_crypto_CMakeLists.txt	Sun Nov 18 14:53:00 2018	(r485226)
@@ -0,0 +1,12 @@
+--- libfreerdp/crypto/CMakeLists.txt.orig	2018-11-15 22:43:06 UTC
++++ libfreerdp/crypto/CMakeLists.txt
+@@ -26,7 +26,8 @@ freerdp_module_add(
+ 	base64.c
+ 	certificate.c
+ 	crypto.c
+-	tls.c)
++	tls.c
++	opensslcompat.c)
+ 
+ freerdp_include_directory_add(${OPENSSL_INCLUDE_DIR})
+ freerdp_include_directory_add(${ZLIB_INCLUDE_DIRS})

Added: head/net/freerdp1/files/patch-libfreerdp_crypto_crypto.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/freerdp1/files/patch-libfreerdp_crypto_crypto.c	Sun Nov 18 14:53:00 2018	(r485226)
@@ -0,0 +1,189 @@
+--- libfreerdp/crypto/crypto.c.orig	2018-11-06 02:56:44 UTC
++++ libfreerdp/crypto/crypto.c
+@@ -92,9 +92,16 @@ CryptoDes3 crypto_des3_encrypt_init(const BYTE* key, c
+ 	if (!des3)
+ 		return NULL;
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	des3->des3_ctx = EVP_CIPHER_CTX_new();
++	EVP_CIPHER_CTX_init(des3->des3_ctx);
++	EVP_EncryptInit_ex(des3->des3_ctx, EVP_des_ede3_cbc(), NULL, key, ivec);
++	EVP_CIPHER_CTX_set_padding(des3->des3_ctx, 0);
++#else
+ 	EVP_CIPHER_CTX_init(&des3->des3_ctx);
+ 	EVP_EncryptInit_ex(&des3->des3_ctx, EVP_des_ede3_cbc(), NULL, key, ivec);
+ 	EVP_CIPHER_CTX_set_padding(&des3->des3_ctx, 0);
++#endif
+ 	return des3;
+ }
+ 
+@@ -103,23 +110,37 @@ CryptoDes3 crypto_des3_decrypt_init(const BYTE* key, c
+ 	CryptoDes3 des3 = malloc(sizeof(*des3));
+ 	if (!des3)
+ 		return NULL;
+-
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	des3->des3_ctx = EVP_CIPHER_CTX_new();
++	EVP_CIPHER_CTX_init(des3->des3_ctx);
++	EVP_DecryptInit_ex(des3->des3_ctx, EVP_des_ede3_cbc(), NULL, key, ivec);
++	EVP_CIPHER_CTX_set_padding(des3->des3_ctx, 0);
++#else
+ 	EVP_CIPHER_CTX_init(&des3->des3_ctx);
+ 	EVP_DecryptInit_ex(&des3->des3_ctx, EVP_des_ede3_cbc(), NULL, key, ivec);
+ 	EVP_CIPHER_CTX_set_padding(&des3->des3_ctx, 0);
++#endif
+ 	return des3;
+ }
+ 
+ void crypto_des3_encrypt(CryptoDes3 des3, UINT32 length, const BYTE* in_data, BYTE* out_data)
+ {
+ 	int len;
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	EVP_EncryptUpdate(des3->des3_ctx, out_data, &len, in_data, length);
++#else
+ 	EVP_EncryptUpdate(&des3->des3_ctx, out_data, &len, in_data, length);
++#endif
+ }
+ 
+ void crypto_des3_decrypt(CryptoDes3 des3, UINT32 length, const BYTE* in_data, BYTE* out_data)
+ {
+ 	int len;
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	EVP_DecryptUpdate(des3->des3_ctx, out_data, &len, in_data, length);
++#else
+ 	EVP_DecryptUpdate(&des3->des3_ctx, out_data, &len, in_data, length);
++#endif
+ 
+ 	if (length != len)
+ 		abort(); /* TODO */
+@@ -129,7 +150,12 @@ void crypto_des3_free(CryptoDes3 des3)
+ {
+ 	if (des3 == NULL)
+ 		return;
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	EVP_CIPHER_CTX_cleanup(des3->des3_ctx);
++	EVP_CIPHER_CTX_free(des3->des3_ctx);
++#else
+ 	EVP_CIPHER_CTX_cleanup(&des3->des3_ctx);
++#endif
+ 	free(des3);
+ }
+ 
+@@ -139,28 +165,48 @@ CryptoHmac crypto_hmac_new(void)
+ 	if (!hmac)
+ 		return NULL;
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	hmac->hmac_ctx = HMAC_CTX_new();
++#else
+ 	HMAC_CTX_init(&hmac->hmac_ctx);
++#endif
+ 	return hmac;
+ }
+ 
+ void crypto_hmac_sha1_init(CryptoHmac hmac, const BYTE* data, UINT32 length)
+ {
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	HMAC_Init_ex(hmac->hmac_ctx, data, length, EVP_sha1(), NULL);
++#else
+ 	HMAC_Init_ex(&hmac->hmac_ctx, data, length, EVP_sha1(), NULL);
++#endif
+ }
+ 
+ void crypto_hmac_md5_init(CryptoHmac hmac, const BYTE* data, UINT32 length)
+ {
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	HMAC_Init_ex(hmac->hmac_ctx, data, length, EVP_md5(), NULL);
++#else
+ 	HMAC_Init_ex(&hmac->hmac_ctx, data, length, EVP_md5(), NULL);
++#endif
+ }
+ 
+ void crypto_hmac_update(CryptoHmac hmac, const BYTE* data, UINT32 length)
+ {
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	HMAC_Update(hmac->hmac_ctx, data, length);
++#else
+ 	HMAC_Update(&hmac->hmac_ctx, data, length);
++#endif
+ }
+ 
+ void crypto_hmac_final(CryptoHmac hmac, BYTE* out_data, UINT32 length)
+ {
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	HMAC_Final(hmac->hmac_ctx, out_data, &length);
++#else
+ 	HMAC_Final(&hmac->hmac_ctx, out_data, &length);
++#endif
+ }
+ 
+ void crypto_hmac_free(CryptoHmac hmac)
+@@ -168,7 +214,11 @@ void crypto_hmac_free(CryptoHmac hmac)
+ 	if (hmac == NULL)
+ 		return;
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	HMAC_CTX_free(hmac->hmac_ctx);
++#else
+ 	HMAC_CTX_cleanup(&hmac->hmac_ctx);
++#endif
+ 	free(hmac);
+ }
+ 
+@@ -236,7 +286,11 @@ static int crypto_rsa_common(const BYTE* input, int le
+ 	BYTE* input_reverse;
+ 	BYTE* modulus_reverse;
+ 	BYTE* exponent_reverse;
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	BIGNUM *mod, *exp, *x, *y;
++#else
+ 	BIGNUM mod, exp, x, y;
++#endif
+ 
+ 	input_reverse = (BYTE*) malloc(2 * key_length + exponent_size);
+ 	if (!input_reverse)
+@@ -254,6 +308,18 @@ static int crypto_rsa_common(const BYTE* input, int le
+ 	ctx = BN_CTX_new();
+ 	if (!ctx)
+ 		goto out_free_input_reverse;
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	mod = BN_new();
++	exp = BN_new();
++	x = BN_new();
++	y = BN_new();
++
++	BN_bin2bn(modulus_reverse, key_length, mod);
++	BN_bin2bn(exponent_reverse, exponent_size, exp);
++	BN_bin2bn(input_reverse, length, x);
++	BN_mod_exp(y, x, exp, mod, ctx);
++	output_length = BN_bn2bin(y, output);
++#else
+ 	BN_init(&mod);
+ 	BN_init(&exp);
+ 	BN_init(&x);
+@@ -263,17 +329,24 @@ static int crypto_rsa_common(const BYTE* input, int le
+ 	BN_bin2bn(exponent_reverse, exponent_size, &exp);
+ 	BN_bin2bn(input_reverse, length, &x);
+ 	BN_mod_exp(&y, &x, &exp, &mod, ctx);
+-
+ 	output_length = BN_bn2bin(&y, output);
++#endif
+ 	crypto_reverse(output, output_length);
+ 
+ 	if (output_length < (int) key_length)
+ 		memset(output + output_length, 0, key_length - output_length);
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x1010000fL
++	BN_free(y);
++	BN_clear_free(x);
++	BN_free(exp);
++	BN_free(mod);
++#else
+ 	BN_free(&y);
+ 	BN_clear_free(&x);
+ 	BN_free(&exp);
+ 	BN_free(&mod);
++#endif
+ 	BN_CTX_free(ctx);
+ 
+ out_free_input_reverse:

Added: head/net/freerdp1/files/patch-libfreerdp_crypto_opensslcompat.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/freerdp1/files/patch-libfreerdp_crypto_opensslcompat.c	Sun Nov 18 14:53:00 2018	(r485226)
@@ -0,0 +1,47 @@
+--- libfreerdp/crypto/opensslcompat.c.orig	2018-11-15 22:42:44 UTC
++++ libfreerdp/crypto/opensslcompat.c
+@@ -0,0 +1,44 @@
++/**
++ * FreeRDP: A Remote Desktop Protocol Implementation
++ * OpenSSL Compatibility
++ *
++ * Copyright (C) 2016 Norbert Federa <norbert.federa@thincast.com>
++ *
++ * Licensed under the Apache License, Version 2.0 (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ *
++ *		 http://www.apache.org/licenses/LICENSE-2.0
++ *
++ * Unless required by applicable law or agreed to in writing, software
++ * distributed under the License is distributed on an "AS IS" BASIS,
++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
++ * See the License for the specific language governing permissions and
++ * limitations under the License.
++ */
++
++#include "opensslcompat.h"
++
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++
++BIO_METHOD* BIO_meth_new(int type, const char* name)
++{
++	BIO_METHOD* m;
++	if (!(m = calloc(1, sizeof(BIO_METHOD))))
++		return NULL;
++	m->type = type;
++	m->name = name;
++	return m;
++}
++
++void RSA_get0_key(const RSA* r, const BIGNUM** n, const BIGNUM** e, const BIGNUM** d)
++{
++	if (n != NULL)
++		*n = r->n;
++	if (e != NULL)
++		*e = r->e;
++	if (d != NULL)
++		*d = r->d;
++}
++
++#endif /* OPENSSL < 1.1.0 */

Added: head/net/freerdp1/files/patch-libfreerdp_crypto_opensslcompat.h
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/net/freerdp1/files/patch-libfreerdp_crypto_opensslcompat.h	Sun Nov 18 14:53:00 2018	(r485226)
@@ -0,0 +1,64 @@
+--- libfreerdp/crypto/opensslcompat.h.orig	2018-11-15 22:42:46 UTC
++++ libfreerdp/crypto/opensslcompat.h
+@@ -0,0 +1,61 @@
++/**
++ * FreeRDP: A Remote Desktop Protocol Implementation
++ * OpenSSL Compatibility
++ *
++ * Copyright (C) 2016 Norbert Federa <norbert.federa@thincast.com>
++ *
++ * Licensed under the Apache License, Version 2.0 (the "License");
++ * you may not use this file except in compliance with the License.
++ * You may obtain a copy of the License at
++ *

*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201811181453.wAIEr0W5035701>