commit: 80ed7e534b05809a0ab3dc4a6d69bec4b98f02d0 Author: Mike Gilbert <floppym <AT> gentoo <DOT> org> AuthorDate: Wed Mar 14 21:06:52 2018 +0000 Commit: Mike Gilbert <floppym <AT> gentoo <DOT> org> CommitDate: Wed Mar 14 21:08:02 2018 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=80ed7e53
net-misc/freerdp: backport CredSSP protocol version fix Package-Manager: Portage-2.3.24, Repoman-2.3.6_p81 .../files/2.0.0-rc1-CredSSP-protocol-version.patch | 49 ++++++++++++++++++++++ ....0.0_rc1.ebuild => freerdp-2.0.0_rc1-r1.ebuild} | 3 +- 2 files changed, 51 insertions(+), 1 deletion(-) diff --git a/net-misc/freerdp/files/2.0.0-rc1-CredSSP-protocol-version.patch b/net-misc/freerdp/files/2.0.0-rc1-CredSSP-protocol-version.patch new file mode 100644 index 00000000000..59887f698ec --- /dev/null +++ b/net-misc/freerdp/files/2.0.0-rc1-CredSSP-protocol-version.patch @@ -0,0 +1,49 @@ +From 088c3940d9b488e8a83b9cefaa7271f955d1971c Mon Sep 17 00:00:00 2001 +From: Bernhard Miklautz <[email protected]> +Date: Wed, 14 Mar 2018 13:39:23 +0100 +Subject: [PATCH] fix nla: don't use server version + +FreeRDP currently only supports CredSSP protocol version 3. However the +current implementation always sent back the version received by the +server indicating that this version was supported. +With recent windows updates applied the protocol changed and this approach +doesn't work anymore (see +https://msdn.microsoft.com/en-us/library/mt752485.aspx for protocol changes). + +With this fix FreeRDP always sends version 3 as supported version. + +Credit goes to @mfleisz. + +Fixes #4449 +--- + libfreerdp/core/nla.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/libfreerdp/core/nla.c b/libfreerdp/core/nla.c +index 47e087062..8a69f2f6e 100644 +--- a/libfreerdp/core/nla.c ++++ b/libfreerdp/core/nla.c +@@ -1663,15 +1663,19 @@ BOOL nla_send(rdpNla* nla) + static int nla_decode_ts_request(rdpNla* nla, wStream* s) + { + int length; ++ UINT32 version = 0; + + /* TSRequest */ + if (!ber_read_sequence_tag(s, &length) || + !ber_read_contextual_tag(s, 0, &length, TRUE) || +- !ber_read_integer(s, &nla->version)) ++ !ber_read_integer(s, &version)) + { + return -1; + } + ++ if (version < nla->version) ++ nla->version = version; ++ + /* [1] negoTokens (NegoData) */ + if (ber_read_contextual_tag(s, 1, &length, TRUE) != FALSE) + { +-- +2.16.2 + diff --git a/net-misc/freerdp/freerdp-2.0.0_rc1.ebuild b/net-misc/freerdp/freerdp-2.0.0_rc1-r1.ebuild similarity index 96% rename from net-misc/freerdp/freerdp-2.0.0_rc1.ebuild rename to net-misc/freerdp/freerdp-2.0.0_rc1-r1.ebuild index c8a6ae3b610..6a24709e340 100644 --- a/net-misc/freerdp/freerdp-2.0.0_rc1.ebuild +++ b/net-misc/freerdp/freerdp-2.0.0_rc1-r1.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2017 Gentoo Foundation +# Copyright 1999-2018 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 EAPI="6" @@ -90,6 +90,7 @@ DEPEND="${RDEPEND} PATCHES=( "${FILESDIR}/2.0.0-rc1-libressl.patch" + "${FILESDIR}/2.0.0-rc1-CredSSP-protocol-version.patch" ) src_configure() {
