Fix gateway functionality with OpenSSL 3.0

Resolves: #2023262
This commit is contained in:
Ondrej Holy 2022-06-22 09:41:36 +02:00
parent 7a6f5d6855
commit 6e02d7e8a6
2 changed files with 74 additions and 1 deletions

View File

@ -0,0 +1,67 @@
From 1a0f68d2058f361fc23ed9babcd618a838744bf8 Mon Sep 17 00:00:00 2001
From: akarl <mike@mwsys.mine.bz>
Date: Sun, 24 Apr 2022 21:16:52 +0200
Subject: [PATCH] Implement BIO_CTRL_GET_KTLS_SEND and BIO_CTRL_GET_KTLS_SEND
Openssl 3.0 requires to respond to this controls. According to there
documentation it should not need them, but in practice openssl's own source
is full of places where negative return values are not checked.
(cherry picked from commit 9d7c20ce8fe50bd6de54e7480b5096761a510daf)
---
libfreerdp/core/gateway/rdg.c | 18 +++++++++++++++++-
libfreerdp/core/gateway/tsg.c | 9 ++++++++-
2 files changed, 25 insertions(+), 2 deletions(-)
diff --git a/libfreerdp/core/gateway/rdg.c b/libfreerdp/core/gateway/rdg.c
index 72019ede8..5d970f39e 100644
--- a/libfreerdp/core/gateway/rdg.c
+++ b/libfreerdp/core/gateway/rdg.c
@@ -2483,7 +2483,23 @@ static long rdg_bio_ctrl(BIO* in_bio, int cmd, long arg1, void* arg2)
*/
status = BIO_ctrl(tlsOut->bio, cmd, arg1, arg2);
}
-
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ else if (cmd == BIO_CTRL_GET_KTLS_SEND)
+ {
+ /* Even though BIO_get_ktls_send says that returning negative values is valid
+ * openssl internal sources are full of if(!BIO_get_ktls_send && ) stuff. This has some
+ * nasty sideeffects. return 0 as proper no KTLS offloading flag
+ */
+ status = 0;
+ }
+ else if (cmd == BIO_CTRL_GET_KTLS_RECV)
+ {
+ /* Even though BIO_get_ktls_recv says that returning negative values is valid
+ * there is no reason to trust trust negative values are implemented right everywhere
+ */
+ status = 0;
+ }
+#endif
return status;
}
diff --git a/libfreerdp/core/gateway/tsg.c b/libfreerdp/core/gateway/tsg.c
index c03f266f2..70fdf9e27 100644
--- a/libfreerdp/core/gateway/tsg.c
+++ b/libfreerdp/core/gateway/tsg.c
@@ -2716,7 +2716,14 @@ static long transport_bio_tsg_ctrl(BIO* bio, int cmd, long arg1, void* arg2)
status = 1;
}
break;
-
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+ case BIO_CTRL_GET_KTLS_SEND:
+ status = 0;
+ break;
+ case BIO_CTRL_GET_KTLS_RECV:
+ status = 0;
+ break;
+#endif
default:
break;
}
--
2.36.1

View File

@ -22,7 +22,7 @@
Name: freerdp Name: freerdp
Version: 2.4.1 Version: 2.4.1
Release: 2%{?dist} Release: 3%{?dist}
Epoch: 2 Epoch: 2
Summary: Free implementation of the Remote Desktop Protocol (RDP) Summary: Free implementation of the Remote Desktop Protocol (RDP)
License: ASL 2.0 License: ASL 2.0
@ -37,6 +37,9 @@ Patch1: Fixed-7436-Datatype-mismatch.patch
# https://github.com/FreeRDP/FreeRDP/pull/7448 # https://github.com/FreeRDP/FreeRDP/pull/7448
Patch2: winpr-ssl-Load-legacy-provider-when-initializing-Ope.patch Patch2: winpr-ssl-Load-legacy-provider-when-initializing-Ope.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2023262
Patch3: Implement-BIO_CTRL_GET_KTLS_SEND-and-BIO_CTRL_GET_KT.patch
BuildRequires: gcc BuildRequires: gcc
BuildRequires: gcc-c++ BuildRequires: gcc-c++
BuildRequires: alsa-lib-devel BuildRequires: alsa-lib-devel
@ -302,6 +305,9 @@ find %{buildroot} -name "*.a" -delete
%{_libdir}/pkgconfig/winpr-tools2.pc %{_libdir}/pkgconfig/winpr-tools2.pc
%changelog %changelog
* Wed Jun 22 2022 Ondrej Holy <oholy@redhat.com> - - 2:2.4.1-3
- Fix gateway functionality with OpenSSL 3.0 (#2023262)
* Fri Nov 26 2021 Ondrej Holy <oholy@redhat.com> - 2:2.4.1-2 * Fri Nov 26 2021 Ondrej Holy <oholy@redhat.com> - 2:2.4.1-2
- Fix datatype mismatch / big-endian breakage - Fix datatype mismatch / big-endian breakage
- Load legacy provider when initializing OpenSSL 3.0 - Load legacy provider when initializing OpenSSL 3.0