mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-04 14:39:54 +00:00
Code Issues Projects Releases Wiki Activity

xrdp: 0.9.4 -> 0.9.11

Browse Source 
1) Upgrade xrdp from 0.9.4 to 0.9.11.
2) Remove patch that is included in 0.9.11.
   0001-Fix-of-CVE-2017-16927.patch
3) Remove patch that is not suitable for 0.9.11.
   0001-Fix-sesman.ini-and-xrdp.ini.patch

Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Zheng Ruoqin
2019-09-16 16:19:27 +08:00
committed by Khem Raj
parent 81a322ff2e
commit d88410ca42
3 changed files with 4 additions and 229 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-oe/recipes-support/xrdp/xrdp/0001-Fix-of-CVE-2017-16927.patch
-148
View File
@@ -1,148 +0,0 @@
Subject: [PATCH] Fix CVE-2017-16927
sesman: scpv0, accept variable length data fields
Upstream-Status: Backport
---
sesman/libscp/libscp_v0.c | 32 +++++++++++++++++++++++++-------
1 file changed, 25 insertions(+), 7 deletions(-)
diff --git a/sesman/libscp/libscp_v0.c b/sesman/libscp/libscp_v0.c
index 5a0c8bf..5693407 100644
--- a/sesman/libscp/libscp_v0.c
+++ b/sesman/libscp/libscp_v0.c
@@ -161,7 +161,7 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk)
struct SCP_SESSION *session = 0;
tui16 sz;
tui32 code = 0;
- char buf[257];
+ char *buf = 0;
if (!skipVchk)
{
@@ -226,27 +226,31 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk)
/* reading username */
in_uint16_be(c->in_s, sz);
- buf[sz] = '\0';
+ buf = g_new0(char, sz);
in_uint8a(c->in_s, buf, sz);
-
+ buf[sz] = '\0';
if (0 != scp_session_set_username(session, buf))
{
scp_session_destroy(session);
log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: error setting username", __LINE__);
+ g_free(buf);
return SCP_SERVER_STATE_INTERNAL_ERR;
}
+ g_free(buf);
/* reading password */
in_uint16_be(c->in_s, sz);
- buf[sz] = '\0';
+ buf = g_new0(char, sz);
in_uint8a(c->in_s, buf, sz);
-
+ buf[sz] = '\0';
if (0 != scp_session_set_password(session, buf))
{
scp_session_destroy(session);
log_message(LOG_LEVEL_WARNING, "[v0:%d] connection aborted: error setting password", __LINE__);
+ g_free(buf);
return SCP_SERVER_STATE_INTERNAL_ERR;
}
+ g_free(buf);
/* width */
in_uint16_be(c->in_s, sz);
@@ -272,9 +276,11 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk)
if (sz > 0)
{
+ buf = g_new0(char, sz);
in_uint8a(c->in_s, buf, sz);
buf[sz] = '\0';
scp_session_set_domain(session, buf);
+ g_free(buf);
}
}
@@ -285,9 +291,11 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk)
if (sz > 0)
{
+ buf = g_new0(char, sz);
in_uint8a(c->in_s, buf, sz);
buf[sz] = '\0';
scp_session_set_program(session, buf);
+ g_free(buf);
}
}
@@ -298,9 +306,11 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk)
if (sz > 0)
{
+ buf = g_new0(char, sz);
in_uint8a(c->in_s, buf, sz);
buf[sz] = '\0';
scp_session_set_directory(session, buf);
+ g_free(buf);
}
}
@@ -311,9 +321,11 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk)
if (sz > 0)
{
+ buf = g_new0(char, sz);
in_uint8a(c->in_s, buf, sz);
buf[sz] = '\0';
scp_session_set_client_ip(session, buf);
+ g_free(buf);
}
}
}
@@ -332,29 +344,35 @@ scp_v0s_accept(struct SCP_CONNECTION *c, struct SCP_SESSION **s, int skipVchk)
scp_session_set_type(session, SCP_GW_AUTHENTICATION);
/* reading username */
in_uint16_be(c->in_s, sz);
- buf[sz] = '\0';
+ buf = g_new0(char, sz);
in_uint8a(c->in_s, buf, sz);
+ buf[sz] = '\0';
/* g_writeln("Received user name: %s",buf); */
if (0 != scp_session_set_username(session, buf))
{
scp_session_destroy(session);
/* until syslog merge log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: error setting username", __LINE__);*/
+ g_free(buf);
return SCP_SERVER_STATE_INTERNAL_ERR;
}
+ g_free(buf);
/* reading password */
in_uint16_be(c->in_s, sz);
- buf[sz] = '\0';
+ buf = g_new0(char, sz);
in_uint8a(c->in_s, buf, sz);
+ buf[sz] = '\0';
/* g_writeln("Received password: %s",buf); */
if (0 != scp_session_set_password(session, buf))
{
scp_session_destroy(session);
/* until syslog merge log_message(s_log, LOG_LEVEL_WARNING, "[v0:%d] connection aborted: error setting password", __LINE__); */
+ g_free(buf);
return SCP_SERVER_STATE_INTERNAL_ERR;
}
+ g_free(buf);
}
else
{
--
2.7.4
meta-oe/recipes-support/xrdp/xrdp/0001-Fix-sesman.ini-and-xrdp.ini.patch
-75
View File
@@ -1,75 +0,0 @@
From a9c460f158d68c1b3de6a31ce853de5379977695 Mon Sep 17 00:00:00 2001
From: Lei Maohui <leimaohui@cn.fujitsu.com>
Date: Thu, 30 Nov 2017 11:10:04 +0900
Subject: [PATCH] Fix sesman.ini and xrdp.ini
Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
---
sesman/sesman.ini | 20 ++++++--------------
xrdp/xrdp.ini | 10 ----------
2 files changed, 6 insertions(+), 24 deletions(-)
diff --git a/sesman/sesman.ini b/sesman/sesman.ini
index 8225ee4..c09189e 100644
--- a/sesman/sesman.ini
+++ b/sesman/sesman.ini
@@ -54,12 +54,14 @@ LogLevel=DEBUG
EnableSyslog=1
SyslogLevel=DEBUG
-[X11rdp]
-param=X11rdp
-param=-bs
+[Xorg]
+param=Xorg
+param=-config
+param=xrdp/xorg.conf
+param=-noreset
param=-nolisten
param=tcp
-param=-uds
+
[Xvnc]
param=Xvnc
@@ -70,16 +72,6 @@ param=-localhost
param=-dpi
param=96
-[Xorg]
-param=Xorg
-param=-config
-param=xrdp/xorg.conf
-param=-noreset
-param=-nolisten
-param=tcp
-param=-logfile
-param=.xorgxrdp.%s.log
-
[Chansrv]
; drive redirection, defaults to xrdp_client if not set
FuseMountName=thinclient_drives
diff --git a/xrdp/xrdp.ini b/xrdp/xrdp.ini
index cb6d7c3..9f63a69 100644
--- a/xrdp/xrdp.ini
+++ b/xrdp/xrdp.ini
@@ -157,16 +157,6 @@ ip=127.0.0.1
port=-1
code=20
-[X11rdp]
-name=X11rdp
-lib=libxup.so
-username=ask
-password=ask
-ip=127.0.0.1
-port=-1
-xserverbpp=24
-code=10
-
[Xvnc]
name=Xvnc
lib=libvnc.so
--
1.8.4.2
meta-oe/recipes-support/xrdp/xrdp_0.9.4.bb → meta-oe/recipes-support/xrdp/xrdp_0.9.11.bb
+4 -6
View File
@@ -12,15 +12,13 @@ REQUIRED_DISTRO_FEATURES = "x11 pam"
SRC_URI = "git://github.com/neutrinolabs/xrdp.git \
file://xrdp.sysconfig \
file://0001-Fix-sesman.ini-and-xrdp.ini.patch \
file://0001-Added-req_distinguished_name-in-etc-xrdp-openssl.con.patch \
file://0001-Fix-the-compile-error.patch \
file://0001-Fix-of-CVE-2017-16927.patch \
"
SRCREV = "c295dd61b882e8b56677cf12791f43634f9190b5"
SRCREV = "1e4b03eb3c9aa7173de251a328c93c073dcc0fca"
PV = "0.9.4+git${SRCPV}"
PV = "0.9.11"
S = "${WORKDIR}/git"
@@ -68,9 +66,9 @@ do_install_append() {
sed -i -e 's,@sbindir@,${sbindir},g' ${D}${systemd_unitdir}/system/xrdp.service ${D}${systemd_unitdir}/system/xrdp-sesman.service
install -m 0644 ${S}/instfiles/*.ini ${D}${sysconfdir}/xrdp/
install -m 0644 ${S}/sesman/sesman.ini ${D}${sysconfdir}/xrdp/
install -m 0644 ${S}/sesman/sesman.ini.in ${D}${sysconfdir}/xrdp/
install -m 0644 ${S}/sesman/startwm.sh ${D}${sysconfdir}/xrdp/
install -m 0644 ${S}/xrdp/xrdp.ini ${D}${sysconfdir}/xrdp/
install -m 0644 ${S}/xrdp/xrdp.ini.in ${D}${sysconfdir}/xrdp/
install -m 0644 ${S}/xrdp/xrdp_keyboard.ini ${D}${sysconfdir}/xrdp/
install -m 0644 ${S}/instfiles/xrdp.sh ${D}${sysconfdir}/xrdp/
install -m 0644 ${S}/keygen/openssl.conf ${D}${sysconfdir}/xrdp/