Attachment #203823 for bug #237412

View | Details | Raw Unified | Return to bug 237412
Collapse All | Expand All





PORTNAME=	ssvnc
PORTVERSION=	1.0.29
PORTREVISION=	4
CATEGORIES=	net security
MASTER_SITES=	SF
EXTRACT_SUFX=	.src.tar.gz


.include <bsd.port.pre.mk>

.if ${SSL_DEFAULT} == base
BROKEN_FreeBSD_12=	variable has incomplete type 'EVP_CIPHER_CTX' (aka 'struct evp_cipher_ctx_st')
BROKEN_FreeBSD_13=	variable has incomplete type 'EVP_CIPHER_CTX' (aka 'struct evp_cipher_ctx_st')
.endif

post-patch:
	@${REINPLACE_CMD} -e 's|netstat -ant|netstat -an|' \
		${WRKSRC}/scripts/util/ss_vncviewer




--- vncstorepw/ultravnc_dsm_helper.c
+++ vncstorepw/ultravnc_dsm_helper.c
@@ -414,7 +414,9 @@ void enc_do(char *ciph, char *keyfile, c
 		p++;
 		if (strstr(p, "md5+") == p) {
 			Digest = EVP_md5();        p += strlen("md5+");
+#ifndef OPENSSL_NO_SHA0
 		} else if (strstr(p, "sha+") == p) {
-			Digest = EVP_sha();        p += strlen("sha+");
+			fprintf(stderr, "%s: obsolete hash algorithm: SHA-0\n",
+			    prog, s);
+			exit(1);
 		} else if (strstr(p, "sha1+") == p) {
 			Digest = EVP_sha1();       p += strlen("sha1+");
 		} else if (strstr(p, "ripe+") == p) {
@@ -655,8 +657,10 @@ static void enc_xfer(int sock_fr, int so
 	 */
 	unsigned char E_keystr[EVP_MAX_KEY_LENGTH];
 	unsigned char D_keystr[EVP_MAX_KEY_LENGTH];
-	EVP_CIPHER_CTX E_ctx, D_ctx;
-	EVP_CIPHER_CTX *ctx = NULL;
+	//openssl1.1.patch - Do NOT create two context and only use one
+	// - that's silly.
+	//EVP_CIPHER_CTX *E_ctx, *D_ctx;
+	EVP_CIPHER_CTX *ctx;
 
 	unsigned char buf[BSIZE], out[BSIZE];
 	unsigned char *psrc = NULL, *keystr;
@@ -698,11 +702,14 @@ static void enc_xfer(int sock_fr, int so
 	encsym = encrypt ? "+" : "-";
 
 	/* use the encryption/decryption context variables below */
+	ctx = EVP_CIPHER_CTX_new();
+	if (!ctx) {
+	    fprintf(stderr, "Failed to create encryption/decryption context.\n");
+	    goto finished;
+	}
 	if (encrypt) {
-		ctx = &E_ctx;
 		keystr = E_keystr;
 	} else {
-		ctx = &D_ctx;
 		keystr = D_keystr;
 	}
 
@@ -797,7 +804,6 @@ static void enc_xfer(int sock_fr, int so
 		if (whoops) {
 			fprintf(stderr, "%s: %s - WARNING: MSRC4 mode and IGNORING random salt\n", prog, encstr);
 			fprintf(stderr, "%s: %s - WARNING: and initialization vector!!\n", prog, encstr);
-			EVP_CIPHER_CTX_init(ctx);
 			if (pw_in) {
 			    /* for pw=xxxx a md5 hash is used */
 			    EVP_BytesToKey(Cipher, Digest, NULL, (unsigned char *) keydata,
@@ -816,7 +822,6 @@ static void enc_xfer(int sock_fr, int so
 
 			EVP_BytesToKey(Cipher, Digest, NULL, (unsigned char *) keydata,
 			    keydata_len, 1, keystr, ivec); 
-			EVP_CIPHER_CTX_init(ctx);
 			EVP_CipherInit_ex(ctx, Cipher, NULL, keystr, ivec,
 			    encrypt);
 		}
@@ -836,9 +841,9 @@ static void enc_xfer(int sock_fr, int so
 			in_salt = salt;
 		}
 
-		if (ivec_size < Cipher->iv_len && !securevnc) {
+		if (ivec_size < EVP_CIPHER_iv_length(Cipher) && !securevnc) {
 			fprintf(stderr, "%s: %s - WARNING: short IV %d < %d\n",
-			    prog, encstr, ivec_size, Cipher->iv_len);
+			    prog, encstr, ivec_size, EVP_CIPHER_iv_length(Cipher));
 		}
 
 		/* make the hashed value and place in keystr */
@@ -877,9 +882,6 @@ static void enc_xfer(int sock_fr, int so
 		}
 
 
-		/* initialize the context */
-		EVP_CIPHER_CTX_init(ctx);
-
 
 		/* set the cipher & initialize */
 
@@ -986,6 +988,7 @@ static void enc_xfer(int sock_fr, int so
 	/* transfer done (viewer exited or some error) */
 	finished:
 
+	if (ctx) EVP_CIPHER_CTX_free(ctx);
 	fprintf(stderr, "\n%s: %s - close sock_to\n", prog, encstr);
 	close(sock_to);
 
@@ -1060,14 +1063,14 @@ static int securevnc_server_rsa_save_dia
 }
 
 static char *rsa_md5_sum(unsigned char* rsabuf) {
-	EVP_MD_CTX md;
+	EVP_MD_CTX *md = EVP_MD_CTX_create();
 	char digest[EVP_MAX_MD_SIZE], tmp[16];
 	char md5str[EVP_MAX_MD_SIZE * 8];
 	unsigned int i, size = 0;
 
-	EVP_DigestInit(&md, EVP_md5());
-	EVP_DigestUpdate(&md, rsabuf, SECUREVNC_RSA_PUBKEY_SIZE);
-	EVP_DigestFinal(&md, (unsigned char *)digest, &size);
+	EVP_DigestInit(md, EVP_md5());
+	EVP_DigestUpdate(md, rsabuf, SECUREVNC_RSA_PUBKEY_SIZE);
+	EVP_DigestFinal(md, (unsigned char *)digest, &size);
 
 	memset(md5str, 0, sizeof(md5str));
 	for (i=0; i < size; i++) {
@@ -1075,6 +1078,7 @@ static char *rsa_md5_sum(unsigned char*
 		sprintf(tmp, "%02x", (int) uc);
 		strcat(md5str, tmp);
 	}
+	EVP_MD_CTX_destroy(md);
 	return strdup(md5str);
 }
 
@@ -1184,7 +1188,7 @@ static void sslexit(char *msg) {
 
 static void securevnc_setup(int conn1, int conn2) {
 	RSA *rsa = NULL;
-	EVP_CIPHER_CTX init_ctx;
+	EVP_CIPHER_CTX *init_ctx = EVP_CIPHER_CTX_new();
 	unsigned char keystr[EVP_MAX_KEY_LENGTH];
 	unsigned char *rsabuf, *rsasav;
 	unsigned char *encrypted_keybuf;
@@ -1203,6 +1207,8 @@ static void securevnc_setup(int conn1, i
 
 	ERR_load_crypto_strings();
 
+	if (!init_ctx) sslexit("securevnc_setup: EVP_CIPHER_CTX_new() failed");
+	
 	/* alloc and read from server the 270 comprising the rsa public key: */
 	rsabuf = (unsigned char *) calloc(SECUREVNC_RSA_PUBKEY_SIZE, 1);
 	rsasav = (unsigned char *) calloc(SECUREVNC_RSA_PUBKEY_SIZE, 1);
@@ -1323,8 +1329,7 @@ static void securevnc_setup(int conn1, i
 	/*
 	 * Back to the work involving the tmp obscuring key:
 	 */
-	EVP_CIPHER_CTX_init(&init_ctx);
-	rc = EVP_CipherInit_ex(&init_ctx, EVP_rc4(), NULL, initkey, NULL, 1);
+	rc = EVP_CipherInit_ex(init_ctx, EVP_rc4(), NULL, initkey, NULL, 1);
 	if (rc == 0) {
 		sslexit("securevnc_setup: EVP_CipherInit_ex(init_ctx) failed");
 	}
@@ -1340,13 +1345,13 @@ static void securevnc_setup(int conn1, i
 	/* decode with the tmp key */
 	if (n > 0) {
 		memset(to_viewer, 0, sizeof(to_viewer));
-		if (EVP_CipherUpdate(&init_ctx, to_viewer, &len, buf, n) == 0) {
+		if (EVP_CipherUpdate(init_ctx, to_viewer, &len, buf, n) == 0) {
 			sslexit("securevnc_setup: EVP_CipherUpdate(init_ctx) failed");
 			exit(1);
 		}
 		to_viewer_len = len;
 	}
-	EVP_CIPHER_CTX_cleanup(&init_ctx);
+	EVP_CIPHER_CTX_free(init_ctx);
 	free(initkey);
 
 	/* print what we would send to the viewer (sent below): */
@@ -1407,7 +1412,7 @@ static void securevnc_setup(int conn1, i
 
 	if (client_auth_req && client_auth) {
 		RSA *client_rsa = load_client_auth(client_auth);
-		EVP_MD_CTX dctx;
+		EVP_MD_CTX *dctx = EVP_MD_CTX_create();
 		unsigned char digest[EVP_MAX_MD_SIZE], *signature;
 		unsigned int ndig = 0, nsig = 0;
 
@@ -1421,8 +1426,8 @@ static void securevnc_setup(int conn1, i
 			exit(1);
 		}
 
-		EVP_DigestInit(&dctx, EVP_sha1());
-		EVP_DigestUpdate(&dctx, keystr, SECUREVNC_KEY_SIZE);
+		EVP_DigestInit(dctx, EVP_sha1());
+		EVP_DigestUpdate(dctx, keystr, SECUREVNC_KEY_SIZE);
 		/*
 		 * Without something like the following MITM is still possible.
 		 * This is because the MITM knows keystr and can use it with
@@ -1433,7 +1438,7 @@ static void securevnc_setup(int conn1, i
 		 * he doesn't have Viewer_ClientAuth.pkey.
 		 */
 		if (0) {
-			EVP_DigestUpdate(&dctx, rsasav, SECUREVNC_RSA_PUBKEY_SIZE);
+			EVP_DigestUpdate(dctx, rsasav, SECUREVNC_RSA_PUBKEY_SIZE);
 			if (!keystore_verified) {
 				fprintf(stderr, "securevnc_setup:\n");
 				fprintf(stderr, "securevnc_setup: Warning: even *WITH* Client Authentication in SecureVNC,\n");
@@ -1456,7 +1461,8 @@ static void securevnc_setup(int conn1, i
 				fprintf(stderr, "securevnc_setup:\n");
 			}
 		}
-		EVP_DigestFinal(&dctx, (unsigned char *)digest, &ndig);
+		EVP_DigestFinal(dctx, (unsigned char *)digest, &ndig);
+		EVP_MD_CTX_destroy(dctx);
 
 		signature = (unsigned char *) calloc(RSA_size(client_rsa), 1);
 		RSA_sign(NID_sha1, digest, ndig, signature, &nsig, client_rsa);

Return to bug 237412

Lines 3-9 Link Here

(-)Makefile (-6 / +1 lines)
3		3
4	PORTNAME= ssvnc	4	PORTNAME= ssvnc
5	PORTVERSION= 1.0.29	5	PORTVERSION= 1.0.29
6	PORTREVISION= 3	6	PORTREVISION= 4
7	CATEGORIES= net security	7	CATEGORIES= net security
8	MASTER_SITES= SF	8	MASTER_SITES= SF
9	EXTRACT_SUFX= .src.tar.gz	9	EXTRACT_SUFX= .src.tar.gz
Lines 36-46 Link Here
36		36
37	.include <bsd.port.pre.mk>	37	.include <bsd.port.pre.mk>
38		38
39	.if ${SSL_DEFAULT} == base
40	BROKEN_FreeBSD_12= variable has incomplete type 'EVP_CIPHER_CTX' (aka 'struct evp_cipher_ctx_st')
41	BROKEN_FreeBSD_13= variable has incomplete type 'EVP_CIPHER_CTX' (aka 'struct evp_cipher_ctx_st')
42	.endif
43
44	post-patch:	39	post-patch:
45	@${REINPLACE_CMD} -e 's\|netstat -ant\|netstat -an\|' \	40	@${REINPLACE_CMD} -e 's\|netstat -ant\|netstat -an\|' \
46	${WRKSRC}/scripts/util/ss_vncviewer	41	${WRKSRC}/scripts/util/ss_vncviewer

Lines 1-13 Link Here

(-)files/patch-vncstorepw_ultravnc__dsm__helper.c (-6 / +192 lines)
1	--- vncstorepw/ultravnc_dsm_helper.c.orig 2010-04-23 04:29:43 UTC	1	--- vncstorepw/ultravnc_dsm_helper.c
2	+++ vncstorepw/ultravnc_dsm_helper.c	2	+++ vncstorepw/ultravnc_dsm_helper.c
3	@@ -413,8 +413,10 @@ void enc_do(char ciph, char keyfile, c	3	@@ -414,7 +414,9 @@ void enc_do(char ciph, char keyfile, c
4	p++;
5	if (strstr(p, "md5+") == p) {	4	if (strstr(p, "md5+") == p) {
6	Digest = EVP_md5(); p += strlen("md5+");	5	Digest = EVP_md5(); p += strlen("md5+");
7	+#ifndef OPENSSL_NO_SHA0
8	} else if (strstr(p, "sha+") == p) {	6	} else if (strstr(p, "sha+") == p) {
9	Digest = EVP_sha(); p += strlen("sha+");	7	- Digest = EVP_sha(); p += strlen("sha+");
10	+#endif	8	+ fprintf(stderr, "%s: obsolete hash algorithm: SHA-0\n",
		9	+ prog, s);
		10	+ exit(1);
11	} else if (strstr(p, "sha1+") == p) {	11	} else if (strstr(p, "sha1+") == p) {
12	Digest = EVP_sha1(); p += strlen("sha1+");	12	Digest = EVP_sha1(); p += strlen("sha1+");
13	} else if (strstr(p, "ripe+") == p) {	13	} else if (strstr(p, "ripe+") == p) {
		14	@@ -655,8 +657,10 @@ static void enc_xfer(int sock_fr, int so
		15	*/
		16	unsigned char E_keystr[EVP_MAX_KEY_LENGTH];
		17	unsigned char D_keystr[EVP_MAX_KEY_LENGTH];
		18	- EVP_CIPHER_CTX E_ctx, D_ctx;
		19	- EVP_CIPHER_CTX *ctx = NULL;
		20	+ //openssl1.1.patch - Do NOT create two context and only use one
		21	+ // - that's silly.
		22	+ //EVP_CIPHER_CTX E_ctx, D_ctx;
		23	+ EVP_CIPHER_CTX *ctx;
		24
		25	unsigned char buf[BSIZE], out[BSIZE];
		26	unsigned char psrc = NULL, keystr;
		27	@@ -698,11 +702,14 @@ static void enc_xfer(int sock_fr, int so
		28	encsym = encrypt ? "+" : "-";
		29
		30	/* use the encryption/decryption context variables below */
		31	+ ctx = EVP_CIPHER_CTX_new();
		32	+ if (!ctx) {
		33	+ fprintf(stderr, "Failed to create encryption/decryption context.\n");
		34	+ goto finished;
		35	+ }
		36	if (encrypt) {
		37	- ctx = &E_ctx;
		38	keystr = E_keystr;
		39	} else {
		40	- ctx = &D_ctx;
		41	keystr = D_keystr;
		42	}
		43
		44	@@ -797,7 +804,6 @@ static void enc_xfer(int sock_fr, int so
		45	if (whoops) {
		46	fprintf(stderr, "%s: %s - WARNING: MSRC4 mode and IGNORING random salt\n", prog, encstr);
		47	fprintf(stderr, "%s: %s - WARNING: and initialization vector!!\n", prog, encstr);
		48	- EVP_CIPHER_CTX_init(ctx);
		49	if (pw_in) {
		50	/* for pw=xxxx a md5 hash is used */
		51	EVP_BytesToKey(Cipher, Digest, NULL, (unsigned char *) keydata,
		52	@@ -816,7 +822,6 @@ static void enc_xfer(int sock_fr, int so
		53
		54	EVP_BytesToKey(Cipher, Digest, NULL, (unsigned char *) keydata,
		55	keydata_len, 1, keystr, ivec);
		56	- EVP_CIPHER_CTX_init(ctx);
		57	EVP_CipherInit_ex(ctx, Cipher, NULL, keystr, ivec,
		58	encrypt);
		59	}
		60	@@ -836,9 +841,9 @@ static void enc_xfer(int sock_fr, int so
		61	in_salt = salt;
		62	}
		63
		64	- if (ivec_size < Cipher->iv_len && !securevnc) {
		65	+ if (ivec_size < EVP_CIPHER_iv_length(Cipher) && !securevnc) {
		66	fprintf(stderr, "%s: %s - WARNING: short IV %d < %d\n",
		67	- prog, encstr, ivec_size, Cipher->iv_len);
		68	+ prog, encstr, ivec_size, EVP_CIPHER_iv_length(Cipher));
		69	}
		70
		71	/* make the hashed value and place in keystr */
		72	@@ -877,9 +882,6 @@ static void enc_xfer(int sock_fr, int so
		73	}
		74
		75
		76	- /* initialize the context */
		77	- EVP_CIPHER_CTX_init(ctx);
78	-
79
80	/* set the cipher & initialize */
81
82	@@ -986,6 +988,7 @@ static void enc_xfer(int sock_fr, int so
83	/* transfer done (viewer exited or some error) */
84	finished:
85
86	+ if (ctx) EVP_CIPHER_CTX_free(ctx);
87	fprintf(stderr, "\n%s: %s - close sock_to\n", prog, encstr);
88	close(sock_to);
89
90	@@ -1060,14 +1063,14 @@ static int securevnc_server_rsa_save_dia
91	}
92
93	static char rsa_md5_sum(unsigned char rsabuf) {
94	- EVP_MD_CTX md;
95	+ EVP_MD_CTX *md = EVP_MD_CTX_create();
96	char digest[EVP_MAX_MD_SIZE], tmp[16];
97	char md5str[EVP_MAX_MD_SIZE * 8];
98	unsigned int i, size = 0;
99
100	- EVP_DigestInit(&md, EVP_md5());
101	- EVP_DigestUpdate(&md, rsabuf, SECUREVNC_RSA_PUBKEY_SIZE);
102	- EVP_DigestFinal(&md, (unsigned char *)digest, &size);
103	+ EVP_DigestInit(md, EVP_md5());
104	+ EVP_DigestUpdate(md, rsabuf, SECUREVNC_RSA_PUBKEY_SIZE);
105	+ EVP_DigestFinal(md, (unsigned char *)digest, &size);
106
107	memset(md5str, 0, sizeof(md5str));
108	for (i=0; i < size; i++) {
109	@@ -1075,6 +1078,7 @@ static char rsa_md5_sum(unsigned char
110	sprintf(tmp, "%02x", (int) uc);
111	strcat(md5str, tmp);
112	}
113	+ EVP_MD_CTX_destroy(md);
114	return strdup(md5str);
115	}
116
117	@@ -1184,7 +1188,7 @@ static void sslexit(char *msg) {
118
119	static void securevnc_setup(int conn1, int conn2) {
120	RSA *rsa = NULL;
121	- EVP_CIPHER_CTX init_ctx;
122	+ EVP_CIPHER_CTX *init_ctx = EVP_CIPHER_CTX_new();
123	unsigned char keystr[EVP_MAX_KEY_LENGTH];
124	unsigned char rsabuf, rsasav;
125	unsigned char *encrypted_keybuf;
126	@@ -1203,6 +1207,8 @@ static void securevnc_setup(int conn1, i
127
128	ERR_load_crypto_strings();
129
130	+ if (!init_ctx) sslexit("securevnc_setup: EVP_CIPHER_CTX_new() failed");
131	+
132	/* alloc and read from server the 270 comprising the rsa public key: */
133	rsabuf = (unsigned char *) calloc(SECUREVNC_RSA_PUBKEY_SIZE, 1);
134	rsasav = (unsigned char *) calloc(SECUREVNC_RSA_PUBKEY_SIZE, 1);
135	@@ -1323,8 +1329,7 @@ static void securevnc_setup(int conn1, i
136	/*
137	* Back to the work involving the tmp obscuring key:
138	*/
139	- EVP_CIPHER_CTX_init(&init_ctx);
140	- rc = EVP_CipherInit_ex(&init_ctx, EVP_rc4(), NULL, initkey, NULL, 1);
141	+ rc = EVP_CipherInit_ex(init_ctx, EVP_rc4(), NULL, initkey, NULL, 1);
142	if (rc == 0) {
143	sslexit("securevnc_setup: EVP_CipherInit_ex(init_ctx) failed");
144	}
145	@@ -1340,13 +1345,13 @@ static void securevnc_setup(int conn1, i
146	/* decode with the tmp key */
147	if (n > 0) {
148	memset(to_viewer, 0, sizeof(to_viewer));
149	- if (EVP_CipherUpdate(&init_ctx, to_viewer, &len, buf, n) == 0) {
150	+ if (EVP_CipherUpdate(init_ctx, to_viewer, &len, buf, n) == 0) {
151	sslexit("securevnc_setup: EVP_CipherUpdate(init_ctx) failed");
152	exit(1);
153	}
154	to_viewer_len = len;
155	}
156	- EVP_CIPHER_CTX_cleanup(&init_ctx);
157	+ EVP_CIPHER_CTX_free(init_ctx);
158	free(initkey);
159
160	/* print what we would send to the viewer (sent below): */
161	@@ -1407,7 +1412,7 @@ static void securevnc_setup(int conn1, i
162
163	if (client_auth_req && client_auth) {
164	RSA *client_rsa = load_client_auth(client_auth);
165	- EVP_MD_CTX dctx;
166	+ EVP_MD_CTX *dctx = EVP_MD_CTX_create();
167	unsigned char digest[EVP_MAX_MD_SIZE], *signature;
168	unsigned int ndig = 0, nsig = 0;
169
170	@@ -1421,8 +1426,8 @@ static void securevnc_setup(int conn1, i
171	exit(1);
172	}
173
174	- EVP_DigestInit(&dctx, EVP_sha1());
175	- EVP_DigestUpdate(&dctx, keystr, SECUREVNC_KEY_SIZE);
176	+ EVP_DigestInit(dctx, EVP_sha1());
177	+ EVP_DigestUpdate(dctx, keystr, SECUREVNC_KEY_SIZE);
178	/*
179	* Without something like the following MITM is still possible.
180	* This is because the MITM knows keystr and can use it with
181	@@ -1433,7 +1438,7 @@ static void securevnc_setup(int conn1, i
182	* he doesn't have Viewer_ClientAuth.pkey.
183	*/
184	if (0) {
185	- EVP_DigestUpdate(&dctx, rsasav, SECUREVNC_RSA_PUBKEY_SIZE);
186	+ EVP_DigestUpdate(dctx, rsasav, SECUREVNC_RSA_PUBKEY_SIZE);
187	if (!keystore_verified) {
188	fprintf(stderr, "securevnc_setup:\n");
189	fprintf(stderr, "securevnc_setup: Warning: even WITH Client Authentication in SecureVNC,\n");
190	@@ -1456,7 +1461,8 @@ static void securevnc_setup(int conn1, i
191	fprintf(stderr, "securevnc_setup:\n");
192	}
193	}
194	- EVP_DigestFinal(&dctx, (unsigned char *)digest, &ndig);
195	+ EVP_DigestFinal(dctx, (unsigned char *)digest, &ndig);
196	+ EVP_MD_CTX_destroy(dctx);
197
198	signature = (unsigned char *) calloc(RSA_size(client_rsa), 1);
199	RSA_sign(NID_sha1, digest, ndig, signature, &nsig, client_rsa);