Fix the following build failure with libressl raised since bump to
version 2.10.0 in commit 03bab7117d:
/home/thomas/autobuild/instance-3/output-1/build/freerdp-2.10.0/libfreerdp/crypto/crypto.c: In function 'crypto_cert_get_signature_alg':
/home/thomas/autobuild/instance-3/output-1/build/freerdp-2.10.0/libfreerdp/crypto/crypto.c:980:8: error: 'NID_sha3_224' undeclared (first use in this function)
case NID_sha3_224:
^~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/e96848576ac292799636abe7485c37aa54196a2c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop fourth patch (already in version)
https://github.com/FreeRDP/FreeRDP/releases/tag/2.8.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix CVE-2022-24882: FreeRDP is a free implementation of the Remote
Desktop Protocol (RDP). In versions prior to 2.7.0, NT LAN Manager
(NTLM) authentication does not properly abort when someone provides and
empty password value. This issue affects FreeRDP based RDP Server
implementations. RDP clients are not affected. The vulnerability is
patched in FreeRDP 2.7.0. There are currently no known workarounds.
Fix CVE-2022-24883: FreeRDP is a free implementation of the Remote
Desktop Protocol (RDP). Prior to version 2.7.0, server side
authentication against a `SAM` file might be successful for invalid
credentials if the server has configured an invalid `SAM` file path.
FreeRDP based clients are not affected. RDP server implementations using
FreeRDP to authenticate against a `SAM` file are affected. Version 2.7.0
contains a fix for this issue. As a workaround, use custom
authentication via `HashCallback` and/or ensure the `SAM` database path
configured is valid and the application has file handles left.
https://github.com/FreeRDP/FreeRDP/releases/tag/2.7.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure raised on uclibc and musl since the
addition of libexecinfo package in commit
eea8ba446c:
/home/buildroot/autobuild/instance-0/output-1/host/lib/gcc/riscv64-buildroot-linux-uclibc/10.3.0/../../../../riscv64-buildroot-linux-uclibc/bin/ld: ../../libwinpr/libwinpr2.so.2.5.0: undefined reference to `backtrace_symbols_fd'
Fixes:
- http://autobuild.buildroot.org/results/095c33098a6e59ff664080e03baf1a3c92b4265f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2021-41159: Improper client input validation for gateway
connections allows to overwrite memory
- Fix CVE-2021-41160: Improper region checks in all clients allow out of
bound write to memory
https://github.com/FreeRDP/FreeRDP/releases/tag/2.4.1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Fix CVE-2020-4030: In FreeRDP before version 2.1.2, there is an out of
bounds read in TrioParse. Logging might bypass string length checks
due to an integer overflow.
- Fix CVE-2020-4031: In FreeRDP before version 2.1.2, there is a
use-after-free in gdi_SelectObject. All FreeRDP clients using
compatibility mode with /relax-order-checks are affected.
- Fix CVE-2020-4032: In FreeRDP before version 2.1.2, there is an
integer casting vulnerability in update_recv_secondary_order. All
clients with +glyph-cache /relax-order-checks are affected.
- Fix CVE-2020-4033: In FreeRDP before version 2.1.2, there is an out of
bounds read in RLEDECOMPRESS. All FreeRDP based clients with sessions
with color depth < 32 are affected.
- Fix CVE-2020-11095: In FreeRDP before version 2.1.2, an out of bound
reads occurs resulting in accessing a memory location that is outside
of the boundaries of the static array
PRIMARY_DRAWING_ORDER_FIELD_BYTES.
- Fix CVE-2020-11096: In FreeRDP before version 2.1.2, there is a global
OOB read in update_read_cache_bitmap_v3_order. As a workaround, one
can disable bitmap cache with -bitmap-cache (default).
- Fix CVE-2020-11097: In FreeRDP before version 2.1.2, an out of bounds
read occurs resulting in accessing a memory location that is outside
of the boundaries of the static array
PRIMARY_DRAWING_ORDER_FIELD_BYTES.
- Fix CVE-2020-11098: In FreeRDP before version 2.1.2, there is an
out-of-bound read in glyph_cache_put. This affects all FreeRDP clients
with `+glyph-cache` option enabled.
- Fix CVE-2020-11099: In FreeRDP before version 2.1.2, there is an out
of bounds read in license_read_new_or_upgrade_license_packet. A
manipulated license packet can lead to out of bound reads to an
internal buffer.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With the upcoming removal of gstreamer 0.10, the logic for building freerdp
with support for it must go as well.
As there is now a single option for gstreamer (1.x) support, convert the
gstreamer support choice to a normal option for simplicity.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The name of the option to enable/disable support for pulseaudio has been
in flux in FreeRDP, soemtimes being WITH_PULSE, sometimes being the
erroneous WITH_PULSEAUDIO. Eventually, FreeRDP came to their feet, and
fixed it to WITH_PULSE everywhere.
Signed-off-by: Alexey Lukyanchuk <skif@skif-web.ru>
[yann.morin.1998@free.fr:
- remove useless (obsolete) WITH_PULSEAUDIO
- fix the else clause too
- enhance commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add support to set tls security level (for openssl >= 1.1.0), for RDP
protocol version 10 (needed for windows 10 and windows server
2016). Also have some fix and features, see
e21b72c95f
Signed-off-by: Alexey Lukyanchuk <skif@skif-web.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The BR2_GCC_TARGET_* configuration variables are copied to
corresponding GCC_TARGET_* variables which may then be optionally
modified or overwritten by architecture specific makefiles.
All makefiles must use the new GCC_TARGET_* variables instead
of the BR2_GCC_TARGET_* versions.
Signed-off-by: Mark Corbin <mark.corbin@embecosm.com>
[Thomas: simplify include of arch/arch.mk]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, wayland support is enabled when the wayland package is
enabled, not when the FreeRDP wayland client is enabled.
But the dependency on libxkbcomon is only enforced from Config.in
when the FreeRDP wayland client is enabled., but is added to build
dependencies when the wayland package is enabled.
As such, we can end up in a situation where the FreeRDP wayland
client is disabled, the wayland package is enabled, and the
libxkbcommon package is also disabled, which casues the build to
fail with:
Makefile:539: *** libxkbcommon is in the dependency chain of
freerdp that has added it to its _DEPENDENCIES variable without
selecting it or depending on it from Config.in. Stop.
Change the build dependency to actually be on the FreeRDP client
being enabled.
Fixes;
http://autobuild.buildroot.net/results/dc3e11f7076a8355f3d2f9cb49c6325dcf7084bd
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Tested-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Currently, FreeRDP uses pkg-config to find whether wayland is available.
When it is, it gets the CFLAGS and LDFLAGS and so on from pkg-config,
which is OK.
But I also gets the path to the wayland scanner from pkg-config. And
this points to the target one, when we really need the host one.
So we force-feed the correct path as a configure option.
Furthermore, wayland support needs libxkbcommon, so add this missing
dependency as well.
Fixes:
http://autobuild.buildroot.org/results/bdfe233ade36a56d0f65ef3c3d1698fca548beed/
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reviewed-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Backport a patch from upstream.
Partially fixes:
http://autobuild.buildroot.org/results/81aa66ddd88919295ccb5f34b527b737627263a7/
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reviewed-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
FreeRDP now has support for writing to the journal, so we must ensure
proper dependency and correct options.
Partially fixes:
http://autobuild.buildroot.org/results/81aa66ddd88919295ccb5f34b527b737627263a7/
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Reviewed-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently, we only depend on host-pkgconf for gstreamer-0.x
However, we also need it at least for gstreamer-1.x and waylabnd, too.
But since FreeRDP is a cmake package, host-pkgconf is always pulled in
as a dependency by the cmake-package infrastructure.
So, drop the gstreamer-conditional host-pkgconf dependency.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Samuel Martin <s.martin49@gmail.com>
Reviewed-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Acked-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Remove patches that has been merged/updated upstream
0001-fix-building-shared-libs.patch:
CmakeLists packages are rewritten.
0002-add-support-for-tz-package:
dd93fd2b3d
0003-add-missing-define.patch:
656b3be02d
0004-ffmpeg30.patch:
b7b66968f9
Also add sha256sum for license file.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
FreeRDP does not have a single C++ source file, however it insists on
having a C++ compiler. Removing that requirement is a bit too much
involving, so we just depend on it...
Fixes:
http://autobuild.buildroot.org/results/e5b/e5bee760d52e5ee433dcb6c8a7296f99312cfcf4/
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
FreeRDP uses CMSPAR, which is defined by glibc in bits/termios.h .
glibc has two flavours of bits/termios.h: a genmeric one and an
architecture-specific one. When installing, glibc will install the
architecture-specific file if it exists, otherwise it installs the
generic file. Only Alpha, MIPS, PPC and Sparc have their own
bits/termios.h.
The generic bits/termios.h, as well as the Alpha, PPC and Sparc flavours
do define CMSPAR. However, the MIPS flavour does not define it.
We add a patch to FreeRDP that defines CMSPAR to the value from the
generic value, which is also the value known to the Linux kernel for
MIPS.
Fixes:
http://autobuild.buildroot.org/results/0b4/0b4793f0bf9f4c57933897f3480054a4e06528ad/http://autobuild.buildroot.org/results/7a2/7a2284d0a2987158fa2e78f789b07c8c6fcdb974/http://autobuild.buildroot.org/results/387/3874088c3ccd4bbf76ea0c911ca1ef64c7dc9d1c/
...
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <jacmet@uclibc.org>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Peter: use 'depends on' for wayland to match X11 client]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently, the only client we can build is the X11 client.
FreeRDP now has support for building a wayland client.
However, that means we need to rethink the way we build FreeRDP, because
of some "inconsistencies" in its build system. This is because FreeRDP's
buildsystem does not have orthogonal options; some of the options can be
used for different components.
For example, the set of X11 libraries needed to build the server is a
superset of the X11 libraries needed to build the X11 client. So,
whenever the server is enabled, it means the X11 libraries required to
build the X11 client are available.
Now, if the user also wants to build the waland client (but not the X11
client), there is no way to tell FreeRDP not to build the X11 client,
because there is a single option, WITH_CLIENT, to drive whether any of
the clients is built. The decision is made on the availability of the
required libraries. And since the server is enabled, the X11 libs
required to build the X11 client are available. So, we end up with the
X11 client, even though it is not wanted.
And conversely with wayland...
So, we redesign the way we build FreeRDP. WE do not care what is
actually built; we just build whatever is buildable with the current
set of enabled libraries. But at install time (both in staging/ and
target/) we remove whatever the user does not want.
We also take the opportunity to rename the X11 client option, so it is
coherent with the soon-to-be-introduced wayland client.
Note: since FreeRDP has gained new dependencies, we can not just
introduce the legacy option as-is, otherwise we run the risk that it
selects the new option even though the new FreeRDP dependencies are not
enabled, spitting out the infamous 'unmet direct dependencies" kconfig
error.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Previously, we expected the user to select gstreamer-0.x on his own,
to enable gstreamer support in FreeRDP. This could have been a bit
confusing to the user, as he may have enabled gst-1.x but FreeRDP did
only support gst-0.x.
Also, gstreamer support needs xlib-libxrandr, which was missing in
FreeRDP's dependencies, so it was never enabled (AFAICS).
(Re-)introduce support for gstreamer-0.x and gstreamer-1.x, since both
are supported.
We're doing it in a choice, and select whichever version the user chooses,
rather than automatically detect it as previosuly done. We can select the
gstreamer packages, as their dependencies are anyway already covered by the
ones of FreeRDP.
This also now requires xlib-libxrandr, so hide the choice if X.org is
not enabled, still offer the option of not using gstreamer if it is.
[Peter: Hide option if gstreamer{,1} aren't enabled,
Default to gstreamer{,1} support enabled
GStreamer 0.10 support needs host-pkgconf and libxml2]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently, we're packaging FreeRDP from the stable-1.1 branch, which has
not evolved since march 2015 and hasn't seen any release (not even a
tag) since July 2013. It is by all purpose and means, dead.
Other packages that may use FreeRDP (like weston) are now migrating to,
or have already migrated to using the API from master, which has changed
a bit from what was available on the stable-1.1 branch. So, those
packages now FTBFS.
However, FreeRDP still has not done a release from their master branch;
the last tag dates back to September 2014 and there are 1850+ changes on
top of that tag.
So, switch to using the currently-latest commit from master.
This version can also use gstreamer-1.x (in addition to gst-0.x), which
needs quite some rework on how we handle the dependency on gstreamer.
Drop gstreamer support entirely, support for gst-0.x and gst-1.x will be
re-added in a followup patch.
Similarly, a wayland client can now be built, support for which will
be added in a subsequent path; it is currently forcibly disabled.
The way the libraries are built has changed: the previous single library
has been split in multiple libraries, each implementing parts of the RDP
protocol.
Slight rewording of the prompts:
- drop the 'install' for client and server.
- drop 'freerdp' from the client and server comment
The location of the server keys has changed, so copy them from the new
location.
Finally, drop patches 1 and 3, applied upstrem; rename remaining
patches.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes error message while freerdp connected the remote desktop:
Unable to detect time zone
Signed-off-by: Scott Fan <fancp2007@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
