Replace HMAC_MD5, SHA1, RC4, MD5 with Nettle's counterparts
This commit is contained in:
Alexander Zakharov
Henrik Andersson
parent
673b267e66
commit
00d9e0c4c8
@ -22,7 +22,7 @@ before_install:
|
||||
- if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew update ; fi
|
||||
- if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew install openssl ; fi
|
||||
- if [[ "$TRAVIS_OS_NAME" == "linux" ]]; then sudo apt-get -qq update ; fi
|
||||
- if [[ "$TRAVIS_OS_NAME" == "linux" ]]; then sudo apt-get install -y libpcsclite-dev libxcursor-dev libao-dev libasound2-dev libtasn1-dev; fi
|
||||
- if [[ "$TRAVIS_OS_NAME" == "linux" ]]; then sudo apt-get install -y libpcsclite-dev libxcursor-dev libao-dev libasound2-dev libtasn1-dev nettle-dev ; fi
|
||||
|
||||
script:
|
||||
- ./bootstrap
|
||||
|
||||
14
configure.ac
14
configure.ac
@ -215,6 +215,20 @@ else
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# nettle
|
||||
if test -n "$PKG_CONFIG"; then
|
||||
PKG_CHECK_MODULES(NETTLE, nettle, [HAVE_NETTLE=1], [HAVE_NETTLE=0])
|
||||
fi
|
||||
if test x"$HAVE_NETTLE" = "x1"; then
|
||||
CFLAGS="$CFLAGS $NETTLE_CFLAGS"
|
||||
LIBS="$LIBS $NETTLE_LIBS"
|
||||
else
|
||||
echo
|
||||
echo "rdesktop requires Nettle. Please install the dependency"
|
||||
echo
|
||||
exit 1
|
||||
fi
|
||||
|
||||
dnl Smartcard support
|
||||
AC_ARG_ENABLE(smartcard, AS_HELP_STRING([--disable-smartcard], [disable support for smartcard]))
|
||||
AS_IF([test "x$enable_smartcard" != "xno"], [
|
||||
|
||||
24
ssl.c
24
ssl.c
@ -4,6 +4,7 @@
|
||||
Copyright (C) Matthew Chapman <matthewc.unsw.edu.au> 1999-2008
|
||||
Copyright (C) Jay Sorg <j@american-data.com> 2006-2008
|
||||
Copyright 2016-2017 Henrik Andersson <hean01@cendio.se> for Cendio AB
|
||||
Copyright 2017 Alexander Zakharov <uglym8@gmail.com>
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
@ -21,6 +22,7 @@
|
||||
|
||||
#include "rdesktop.h"
|
||||
#include "ssl.h"
|
||||
#include "asn.h"
|
||||
|
||||
/* Helper function to log internal SSL errors using logger */
|
||||
void
|
||||
@ -43,49 +45,49 @@ rdssl_log_ssl_errors(const char *prefix)
|
||||
void
|
||||
rdssl_sha1_init(RDSSL_SHA1 * sha1)
|
||||
{
|
||||
SHA1_Init(sha1);
|
||||
sha1_init(sha1);
|
||||
}
|
||||
|
||||
void
|
||||
rdssl_sha1_update(RDSSL_SHA1 * sha1, uint8 * data, uint32 len)
|
||||
{
|
||||
SHA1_Update(sha1, data, len);
|
||||
sha1_update(sha1, len, data);
|
||||
}
|
||||
|
||||
void
|
||||
rdssl_sha1_final(RDSSL_SHA1 * sha1, uint8 * out_data)
|
||||
{
|
||||
SHA1_Final(out_data, sha1);
|
||||
sha1_digest(sha1, SHA1_DIGEST_SIZE, out_data);
|
||||
}
|
||||
|
||||
void
|
||||
rdssl_md5_init(RDSSL_MD5 * md5)
|
||||
{
|
||||
MD5_Init(md5);
|
||||
md5_init(md5);
|
||||
}
|
||||
|
||||
void
|
||||
rdssl_md5_update(RDSSL_MD5 * md5, uint8 * data, uint32 len)
|
||||
{
|
||||
MD5_Update(md5, data, len);
|
||||
md5_update(md5, len, data);
|
||||
}
|
||||
|
||||
void
|
||||
rdssl_md5_final(RDSSL_MD5 * md5, uint8 * out_data)
|
||||
{
|
||||
MD5_Final(out_data, md5);
|
||||
md5_digest(md5, MD5_DIGEST_SIZE, out_data);
|
||||
}
|
||||
|
||||
void
|
||||
rdssl_rc4_set_key(RDSSL_RC4 * rc4, uint8 * key, uint32 len)
|
||||
{
|
||||
RC4_set_key(rc4, len, key);
|
||||
arcfour_set_key(rc4, len, key);
|
||||
}
|
||||
|
||||
void
|
||||
rdssl_rc4_crypt(RDSSL_RC4 * rc4, uint8 * in_data, uint8 * out_data, uint32 len)
|
||||
{
|
||||
RC4(rc4, len, in_data, out_data);
|
||||
arcfour_crypt(rc4, len, out_data, in_data);
|
||||
}
|
||||
|
||||
static void
|
||||
@ -327,5 +329,9 @@ void
|
||||
rdssl_hmac_md5(const void *key, int key_len, const unsigned char *msg, int msg_len,
|
||||
unsigned char *md)
|
||||
{
|
||||
HMAC(EVP_md5(), key, key_len, msg, msg_len, md, NULL);
|
||||
struct hmac_md5_ctx ctx;
|
||||
|
||||
hmac_md5_set_key(&ctx, key_len, key);
|
||||
hmac_md5_update(&ctx, msg_len, msg);
|
||||
hmac_md5_digest(&ctx, MD5_DIGEST_SIZE, md);
|
||||
}
|
||||
|
||||
17
ssl.h
17
ssl.h
@ -4,6 +4,7 @@
|
||||
Copyright (C) Matthew Chapman 1999-2008
|
||||
Copyright (C) Jay Sorg 2006-2008
|
||||
Copyright 2017 Henrik Andersson <hean01@cendio.se> for Cendio AB
|
||||
Copyright 2017 Alexander Zakharov <uglym8@gmail.com>
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
@ -22,13 +23,9 @@
|
||||
#ifndef _RDSSL_H
|
||||
#define _RDSSL_H
|
||||
|
||||
#include <openssl/rc4.h>
|
||||
#include <openssl/md5.h>
|
||||
#include <openssl/sha.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/x509v3.h>
|
||||
#include <openssl/hmac.h>
|
||||
|
||||
#if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x0090800f)
|
||||
#define D2I_X509_CONST const
|
||||
@ -36,9 +33,14 @@
|
||||
#define D2I_X509_CONST
|
||||
#endif
|
||||
|
||||
#define RDSSL_RC4 RC4_KEY
|
||||
#define RDSSL_SHA1 SHA_CTX
|
||||
#define RDSSL_MD5 MD5_CTX
|
||||
#include <nettle/md5.h>
|
||||
#include <nettle/sha1.h>
|
||||
#include <nettle/arcfour.h>
|
||||
#include <nettle/hmac.h>
|
||||
|
||||
#define RDSSL_RC4 struct arcfour_ctx
|
||||
#define RDSSL_SHA1 struct sha1_ctx
|
||||
#define RDSSL_MD5 struct md5_ctx
|
||||
#define RDSSL_CERT X509
|
||||
#define RDSSL_RKEY RSA
|
||||
|
||||
@ -65,5 +67,4 @@ RD_BOOL rdssl_sig_ok(uint8 * exponent, uint32 exp_len, uint8 * modulus, uint32 m
|
||||
|
||||
void rdssl_hmac_md5(const void *key, int key_len,
|
||||
const unsigned char *msg, int msg_len, unsigned char *md);
|
||||
void rdssl_log_ssl_errors(const char *prefix);
|
||||
#endif
|
||||
|
||||
Loading…
Reference in New Issue
Block a user