diff options
author | Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com> | 2019-09-16 16:19:27 +0800 |
---|---|---|
committer | Khem Raj <raj.khem@gmail.com> | 2019-09-16 18:24:48 -0700 |
commit | d88410ca42b833f4bf31bda70074a15ff47d68d3 (patch) | |
tree | 648f02e1cd059e084dcaf9ee156651570fc39c26 | |
parent | 81a322ff2e32ee0a6f47a282e562494d60ac97ab (diff) | |
download | meta-openembedded-contrib-d88410ca42b833f4bf31bda70074a15ff47d68d3.tar.gz |
xrdp: 0.9.4 -> 0.9.11
1) Upgrade xrdp from 0.9.4 to 0.9.11.
2) Remove patch that is included in 0.9.11.
0001-Fix-of-CVE-2017-16927.patch
3) Remove patch that is not suitable for 0.9.11.
0001-Fix-sesman.ini-and-xrdp.ini.patch
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
-rw-r--r-- | meta-oe/recipes-support/xrdp/xrdp/0001-Fix-of-CVE-2017-16927.patch | 148 | ||||
-rw-r--r-- | meta-oe/recipes-support/xrdp/xrdp/0001-Fix-sesman.ini-and-xrdp.ini.patch | 75 | ||||
-rw-r--r-- | meta-oe/recipes-support/xrdp/xrdp_0.9.11.bb (renamed from meta-oe/recipes-support/xrdp/xrdp_0.9.4.bb) | 10 |
3 files changed, 4 insertions, 229 deletions
diff --git a/meta-oe/recipes-support/xrdp/xrdp/0001-Fix-of-CVE-2017-16927.patch b/meta-oe/recipes-support/xrdp/xrdp/0001-Fix-of-CVE-2017-16927.patch deleted file mode 100644 index 4c93647f67..0000000000 --- a/meta-oe/recipes-support/xrdp/xrdp/0001-Fix-of-CVE-2017-16927.patch +++ /dev/null @@ -1,148 +0,0 @@ -Subject: [PATCH] Fix CVE-2017-16927 - -sesman: scpv0, accept variable length data fields - -Upstream-Status: Backport - ---- - sesman/libscp/libscp_v0.c | 32 +++++++++++++++++++++++++------- - 1 file changed, 25 insertions(+), 7 deletions(-) - -diff --git a/sesman/libscp/libscp_v0.c b/sesman/libscp/libscp_v0.c -index 5a0c8bf..5693407 100644 ---- a/sesman/libscp/libscp_v0.c -+++ b/sesman/libscp/libscp_v0.c -@@ -161,7 +161,7 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk) - struct SCP_SESSION *session = 0; - tui16 sz; - tui32 code = 0; -- char buf[257]; -+ char *buf = 0; - - if (!skipVchk) - { -@@ -226,27 +226,31 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk) - - /* reading username */ - in_uint16_be(c->in_s, sz); -- buf[sz] = '\0'; -+ buf = g_new0(char, sz); - in_uint8a(c->in_s, buf, sz); -- -+ buf[sz] = '\0'; - if (0 != scp_session_set_username(session, buf)) - { - scp_session_destroy(session); - log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: error setting username", __LINE__); -+ g_free(buf); - return SCP_SERVER_STATE_INTERNAL_ERR; - } -+ g_free(buf); - - /* reading password */ - in_uint16_be(c->in_s, sz); -- buf[sz] = '\0'; -+ buf = g_new0(char, sz); - in_uint8a(c->in_s, buf, sz); -- -+ buf[sz] = '\0'; - if (0 != scp_session_set_password(session, buf)) - { - scp_session_destroy(session); - log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: error setting password", __LINE__); -+ g_free(buf); - return SCP_SERVER_STATE_INTERNAL_ERR; - } -+ g_free(buf); - - /* width */ - in_uint16_be(c->in_s, sz); -@@ -272,9 +276,11 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk) - - if (sz > 0) - { -+ buf = g_new0(char, sz); - in_uint8a(c->in_s, buf, sz); - buf[sz] = '\0'; - scp_session_set_domain(session, buf); -+ g_free(buf); - } - } - -@@ -285,9 +291,11 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk) - - if (sz > 0) - { -+ buf = g_new0(char, sz); - in_uint8a(c->in_s, buf, sz); - buf[sz] = '\0'; - scp_session_set_program(session, buf); -+ g_free(buf); - } - } - -@@ -298,9 +306,11 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk) - - if (sz > 0) - { -+ buf = g_new0(char, sz); - in_uint8a(c->in_s, buf, sz); - buf[sz] = '\0'; - scp_session_set_directory(session, buf); -+ g_free(buf); - } - } - -@@ -311,9 +321,11 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk) - - if (sz > 0) - { -+ buf = g_new0(char, sz); - in_uint8a(c->in_s, buf, sz); - buf[sz] = '\0'; - scp_session_set_client_ip(session, buf); -+ g_free(buf); - } - } - } -@@ -332,29 +344,35 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk) - scp_session_set_type(session, SCP_GW_AUTHENTICATION); - /* reading username */ - in_uint16_be(c->in_s, sz); -- buf[sz] = '\0'; -+ buf = g_new0(char, sz); - in_uint8a(c->in_s, buf, sz); -+ buf[sz] = '\0'; - - /* g_writeln("Received user name: %s",buf); */ - if (0 != scp_session_set_username(session, buf)) - { - scp_session_destroy(session); - /* until syslog merge log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: error setting username", __LINE__);*/ -+ g_free(buf); - return SCP_SERVER_STATE_INTERNAL_ERR; - } -+ g_free(buf); - - /* reading password */ - in_uint16_be(c->in_s, sz); -- buf[sz] = '\0'; -+ buf = g_new0(char, sz); - in_uint8a(c->in_s, buf, sz); -+ buf[sz] = '\0'; - - /* g_writeln("Received password: %s",buf); */ - if (0 != scp_session_set_password(session, buf)) - { - scp_session_destroy(session); - /* until syslog merge log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: error setting password", __LINE__); */ -+ g_free(buf); - return SCP_SERVER_STATE_INTERNAL_ERR; - } -+ g_free(buf); - } - else - { --- -2.7.4 - diff --git a/meta-oe/recipes-support/xrdp/xrdp/0001-Fix-sesman.ini-and-xrdp.ini.patch b/meta-oe/recipes-support/xrdp/xrdp/0001-Fix-sesman.ini-and-xrdp.ini.patch deleted file mode 100644 index deaadde8c7..0000000000 --- a/meta-oe/recipes-support/xrdp/xrdp/0001-Fix-sesman.ini-and-xrdp.ini.patch +++ /dev/null @@ -1,75 +0,0 @@ -From a9c460f158d68c1b3de6a31ce853de5379977695 Mon Sep 17 00:00:00 2001 -From: Lei Maohui <leimaohui@cn.fujitsu.com> -Date: Thu, 30 Nov 2017 11:10:04 +0900 -Subject: [PATCH] Fix sesman.ini and xrdp.ini - -Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com> ---- - sesman/sesman.ini | 20 ++++++-------------- - xrdp/xrdp.ini | 10 ---------- - 2 files changed, 6 insertions(+), 24 deletions(-) - -diff --git a/sesman/sesman.ini b/sesman/sesman.ini -index 8225ee4..c09189e 100644 ---- a/sesman/sesman.ini -+++ b/sesman/sesman.ini -@@ -54,12 +54,14 @@ LogLevel=DEBUG - EnableSyslog=1 - SyslogLevel=DEBUG - --[X11rdp] --param=X11rdp --param=-bs -+[Xorg] -+param=Xorg -+param=-config -+param=xrdp/xorg.conf -+param=-noreset - param=-nolisten - param=tcp --param=-uds -+ - - [Xvnc] - param=Xvnc -@@ -70,16 +72,6 @@ param=-localhost - param=-dpi - param=96 - --[Xorg] --param=Xorg --param=-config --param=xrdp/xorg.conf --param=-noreset --param=-nolisten --param=tcp --param=-logfile --param=.xorgxrdp.%s.log -- - [Chansrv] - ; drive redirection, defaults to xrdp_client if not set - FuseMountName=thinclient_drives -diff --git a/xrdp/xrdp.ini b/xrdp/xrdp.ini -index cb6d7c3..9f63a69 100644 ---- a/xrdp/xrdp.ini -+++ b/xrdp/xrdp.ini -@@ -157,16 +157,6 @@ ip=127.0.0.1 - port=-1 - code=20 - --[X11rdp] --name=X11rdp --lib=libxup.so --username=ask --password=ask --ip=127.0.0.1 --port=-1 --xserverbpp=24 --code=10 -- - [Xvnc] - name=Xvnc - lib=libvnc.so --- -1.8.4.2 - diff --git a/meta-oe/recipes-support/xrdp/xrdp_0.9.4.bb b/meta-oe/recipes-support/xrdp/xrdp_0.9.11.bb index 3ef7c9853f..75caf8d6bb 100644 --- a/meta-oe/recipes-support/xrdp/xrdp_0.9.4.bb +++ b/meta-oe/recipes-support/xrdp/xrdp_0.9.11.bb @@ -12,15 +12,13 @@ REQUIRED_DISTRO_FEATURES = "x11 pam" SRC_URI = "git://github.com/neutrinolabs/xrdp.git \ file://xrdp.sysconfig \ - file://0001-Fix-sesman.ini-and-xrdp.ini.patch \ file://0001-Added-req_distinguished_name-in-etc-xrdp-openssl.con.patch \ file://0001-Fix-the-compile-error.patch \ - file://0001-Fix-of-CVE-2017-16927.patch \ " -SRCREV = "c295dd61b882e8b56677cf12791f43634f9190b5" +SRCREV = "1e4b03eb3c9aa7173de251a328c93c073dcc0fca" -PV = "0.9.4+git${SRCPV}" +PV = "0.9.11" S = "${WORKDIR}/git" @@ -68,9 +66,9 @@ do_install_append() { sed -i -e 's,@sbindir@,${sbindir},g' ${D}${systemd_unitdir}/system/xrdp.service ${D}${systemd_unitdir}/system/xrdp-sesman.service install -m 0644 ${S}/instfiles/*.ini ${D}${sysconfdir}/xrdp/ - install -m 0644 ${S}/sesman/sesman.ini ${D}${sysconfdir}/xrdp/ + install -m 0644 ${S}/sesman/sesman.ini.in ${D}${sysconfdir}/xrdp/ install -m 0644 ${S}/sesman/startwm.sh ${D}${sysconfdir}/xrdp/ - install -m 0644 ${S}/xrdp/xrdp.ini ${D}${sysconfdir}/xrdp/ + install -m 0644 ${S}/xrdp/xrdp.ini.in ${D}${sysconfdir}/xrdp/ install -m 0644 ${S}/xrdp/xrdp_keyboard.ini ${D}${sysconfdir}/xrdp/ install -m 0644 ${S}/instfiles/xrdp.sh ${D}${sysconfdir}/xrdp/ install -m 0644 ${S}/keygen/openssl.conf ${D}${sysconfdir}/xrdp/ |