Replace HMAC_MD5, SHA1, RC4, MD5 with Nettle's counterparts
This commit is contained in:
parent
673b267e66
commit
00d9e0c4c8
@ -22,7 +22,7 @@ before_install:
|
|||||||
- if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew update ; fi
|
- if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew update ; fi
|
||||||
- if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew install openssl ; fi
|
- if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew install openssl ; fi
|
||||||
- if [[ "$TRAVIS_OS_NAME" == "linux" ]]; then sudo apt-get -qq update ; fi
|
- if [[ "$TRAVIS_OS_NAME" == "linux" ]]; then sudo apt-get -qq update ; fi
|
||||||
- if [[ "$TRAVIS_OS_NAME" == "linux" ]]; then sudo apt-get install -y libpcsclite-dev libxcursor-dev libao-dev libasound2-dev libtasn1-dev; fi
|
- if [[ "$TRAVIS_OS_NAME" == "linux" ]]; then sudo apt-get install -y libpcsclite-dev libxcursor-dev libao-dev libasound2-dev libtasn1-dev nettle-dev ; fi
|
||||||
|
|
||||||
script:
|
script:
|
||||||
- ./bootstrap
|
- ./bootstrap
|
||||||
|
14
configure.ac
14
configure.ac
@ -215,6 +215,20 @@ else
|
|||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# nettle
|
||||||
|
if test -n "$PKG_CONFIG"; then
|
||||||
|
PKG_CHECK_MODULES(NETTLE, nettle, [HAVE_NETTLE=1], [HAVE_NETTLE=0])
|
||||||
|
fi
|
||||||
|
if test x"$HAVE_NETTLE" = "x1"; then
|
||||||
|
CFLAGS="$CFLAGS $NETTLE_CFLAGS"
|
||||||
|
LIBS="$LIBS $NETTLE_LIBS"
|
||||||
|
else
|
||||||
|
echo
|
||||||
|
echo "rdesktop requires Nettle. Please install the dependency"
|
||||||
|
echo
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
dnl Smartcard support
|
dnl Smartcard support
|
||||||
AC_ARG_ENABLE(smartcard, AS_HELP_STRING([--disable-smartcard], [disable support for smartcard]))
|
AC_ARG_ENABLE(smartcard, AS_HELP_STRING([--disable-smartcard], [disable support for smartcard]))
|
||||||
AS_IF([test "x$enable_smartcard" != "xno"], [
|
AS_IF([test "x$enable_smartcard" != "xno"], [
|
||||||
|
24
ssl.c
24
ssl.c
@ -4,6 +4,7 @@
|
|||||||
Copyright (C) Matthew Chapman <matthewc.unsw.edu.au> 1999-2008
|
Copyright (C) Matthew Chapman <matthewc.unsw.edu.au> 1999-2008
|
||||||
Copyright (C) Jay Sorg <j@american-data.com> 2006-2008
|
Copyright (C) Jay Sorg <j@american-data.com> 2006-2008
|
||||||
Copyright 2016-2017 Henrik Andersson <hean01@cendio.se> for Cendio AB
|
Copyright 2016-2017 Henrik Andersson <hean01@cendio.se> for Cendio AB
|
||||||
|
Copyright 2017 Alexander Zakharov <uglym8@gmail.com>
|
||||||
|
|
||||||
This program is free software: you can redistribute it and/or modify
|
This program is free software: you can redistribute it and/or modify
|
||||||
it under the terms of the GNU General Public License as published by
|
it under the terms of the GNU General Public License as published by
|
||||||
@ -21,6 +22,7 @@
|
|||||||
|
|
||||||
#include "rdesktop.h"
|
#include "rdesktop.h"
|
||||||
#include "ssl.h"
|
#include "ssl.h"
|
||||||
|
#include "asn.h"
|
||||||
|
|
||||||
/* Helper function to log internal SSL errors using logger */
|
/* Helper function to log internal SSL errors using logger */
|
||||||
void
|
void
|
||||||
@ -43,49 +45,49 @@ rdssl_log_ssl_errors(const char *prefix)
|
|||||||
void
|
void
|
||||||
rdssl_sha1_init(RDSSL_SHA1 * sha1)
|
rdssl_sha1_init(RDSSL_SHA1 * sha1)
|
||||||
{
|
{
|
||||||
SHA1_Init(sha1);
|
sha1_init(sha1);
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
rdssl_sha1_update(RDSSL_SHA1 * sha1, uint8 * data, uint32 len)
|
rdssl_sha1_update(RDSSL_SHA1 * sha1, uint8 * data, uint32 len)
|
||||||
{
|
{
|
||||||
SHA1_Update(sha1, data, len);
|
sha1_update(sha1, len, data);
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
rdssl_sha1_final(RDSSL_SHA1 * sha1, uint8 * out_data)
|
rdssl_sha1_final(RDSSL_SHA1 * sha1, uint8 * out_data)
|
||||||
{
|
{
|
||||||
SHA1_Final(out_data, sha1);
|
sha1_digest(sha1, SHA1_DIGEST_SIZE, out_data);
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
rdssl_md5_init(RDSSL_MD5 * md5)
|
rdssl_md5_init(RDSSL_MD5 * md5)
|
||||||
{
|
{
|
||||||
MD5_Init(md5);
|
md5_init(md5);
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
rdssl_md5_update(RDSSL_MD5 * md5, uint8 * data, uint32 len)
|
rdssl_md5_update(RDSSL_MD5 * md5, uint8 * data, uint32 len)
|
||||||
{
|
{
|
||||||
MD5_Update(md5, data, len);
|
md5_update(md5, len, data);
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
rdssl_md5_final(RDSSL_MD5 * md5, uint8 * out_data)
|
rdssl_md5_final(RDSSL_MD5 * md5, uint8 * out_data)
|
||||||
{
|
{
|
||||||
MD5_Final(out_data, md5);
|
md5_digest(md5, MD5_DIGEST_SIZE, out_data);
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
rdssl_rc4_set_key(RDSSL_RC4 * rc4, uint8 * key, uint32 len)
|
rdssl_rc4_set_key(RDSSL_RC4 * rc4, uint8 * key, uint32 len)
|
||||||
{
|
{
|
||||||
RC4_set_key(rc4, len, key);
|
arcfour_set_key(rc4, len, key);
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
rdssl_rc4_crypt(RDSSL_RC4 * rc4, uint8 * in_data, uint8 * out_data, uint32 len)
|
rdssl_rc4_crypt(RDSSL_RC4 * rc4, uint8 * in_data, uint8 * out_data, uint32 len)
|
||||||
{
|
{
|
||||||
RC4(rc4, len, in_data, out_data);
|
arcfour_crypt(rc4, len, out_data, in_data);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
@ -327,5 +329,9 @@ void
|
|||||||
rdssl_hmac_md5(const void *key, int key_len, const unsigned char *msg, int msg_len,
|
rdssl_hmac_md5(const void *key, int key_len, const unsigned char *msg, int msg_len,
|
||||||
unsigned char *md)
|
unsigned char *md)
|
||||||
{
|
{
|
||||||
HMAC(EVP_md5(), key, key_len, msg, msg_len, md, NULL);
|
struct hmac_md5_ctx ctx;
|
||||||
|
|
||||||
|
hmac_md5_set_key(&ctx, key_len, key);
|
||||||
|
hmac_md5_update(&ctx, msg_len, msg);
|
||||||
|
hmac_md5_digest(&ctx, MD5_DIGEST_SIZE, md);
|
||||||
}
|
}
|
||||||
|
17
ssl.h
17
ssl.h
@ -4,6 +4,7 @@
|
|||||||
Copyright (C) Matthew Chapman 1999-2008
|
Copyright (C) Matthew Chapman 1999-2008
|
||||||
Copyright (C) Jay Sorg 2006-2008
|
Copyright (C) Jay Sorg 2006-2008
|
||||||
Copyright 2017 Henrik Andersson <hean01@cendio.se> for Cendio AB
|
Copyright 2017 Henrik Andersson <hean01@cendio.se> for Cendio AB
|
||||||
|
Copyright 2017 Alexander Zakharov <uglym8@gmail.com>
|
||||||
|
|
||||||
This program is free software: you can redistribute it and/or modify
|
This program is free software: you can redistribute it and/or modify
|
||||||
it under the terms of the GNU General Public License as published by
|
it under the terms of the GNU General Public License as published by
|
||||||
@ -22,13 +23,9 @@
|
|||||||
#ifndef _RDSSL_H
|
#ifndef _RDSSL_H
|
||||||
#define _RDSSL_H
|
#define _RDSSL_H
|
||||||
|
|
||||||
#include <openssl/rc4.h>
|
|
||||||
#include <openssl/md5.h>
|
|
||||||
#include <openssl/sha.h>
|
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
#include <openssl/x509v3.h>
|
#include <openssl/x509v3.h>
|
||||||
#include <openssl/hmac.h>
|
|
||||||
|
|
||||||
#if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x0090800f)
|
#if defined(OPENSSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >= 0x0090800f)
|
||||||
#define D2I_X509_CONST const
|
#define D2I_X509_CONST const
|
||||||
@ -36,9 +33,14 @@
|
|||||||
#define D2I_X509_CONST
|
#define D2I_X509_CONST
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#define RDSSL_RC4 RC4_KEY
|
#include <nettle/md5.h>
|
||||||
#define RDSSL_SHA1 SHA_CTX
|
#include <nettle/sha1.h>
|
||||||
#define RDSSL_MD5 MD5_CTX
|
#include <nettle/arcfour.h>
|
||||||
|
#include <nettle/hmac.h>
|
||||||
|
|
||||||
|
#define RDSSL_RC4 struct arcfour_ctx
|
||||||
|
#define RDSSL_SHA1 struct sha1_ctx
|
||||||
|
#define RDSSL_MD5 struct md5_ctx
|
||||||
#define RDSSL_CERT X509
|
#define RDSSL_CERT X509
|
||||||
#define RDSSL_RKEY RSA
|
#define RDSSL_RKEY RSA
|
||||||
|
|
||||||
@ -65,5 +67,4 @@ RD_BOOL rdssl_sig_ok(uint8 * exponent, uint32 exp_len, uint8 * modulus, uint32 m
|
|||||||
|
|
||||||
void rdssl_hmac_md5(const void *key, int key_len,
|
void rdssl_hmac_md5(const void *key, int key_len,
|
||||||
const unsigned char *msg, int msg_len, unsigned char *md);
|
const unsigned char *msg, int msg_len, unsigned char *md);
|
||||||
void rdssl_log_ssl_errors(const char *prefix);
|
|
||||||
#endif
|
#endif
|
||||||
|
Loading…
Reference in New Issue
Block a user