Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 314334 Details for
Bug 459140
[RFE] update rdesktop from 1.4.1 to 1.6, for Vista and Server 2008 support
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
Patch to support fifferent key length in rdesktop 1.4.1 (backported from 1.5.0)
rdesktop-1.4.1-variable-public-key-len-vista.patch (text/plain), 5.23 KB, created by
Olivier Fourdan
on 2008-08-14 17:22:29 UTC
(
hide
)
Description:
Patch to support fifferent key length in rdesktop 1.4.1 (backported from 1.5.0)
Filename:
MIME Type:
Creator:
Olivier Fourdan
Created:
2008-08-14 17:22:29 UTC
Size:
5.23 KB
patch
obsolete
>--- rdesktop-1.4.1/constants.h.vista 2008-08-14 09:20:13.000000000 +0100 >+++ rdesktop-1.4.1/constants.h 2008-08-14 10:37:42.000000000 +0100 >@@ -62,6 +62,7 @@ > /* RDP secure transport constants */ > #define SEC_RANDOM_SIZE 32 > #define SEC_MODULUS_SIZE 64 >+#define SEC_MAX_MODULUS_SIZE 256 > #define SEC_PADDING_SIZE 8 > #define SEC_EXPONENT_SIZE 4 > >--- rdesktop-1.4.1/secure.c.vista 2008-08-14 09:18:53.000000000 +0100 >+++ rdesktop-1.4.1/secure.c 2008-08-14 10:43:07.000000000 +0100 >@@ -43,13 +43,14 @@ > static RC4_KEY rc4_decrypt_key; > static RC4_KEY rc4_encrypt_key; > static RSA *server_public_key; >+static uint32 server_public_key_len; > > static uint8 sec_sign_key[16]; > static uint8 sec_decrypt_key[16]; > static uint8 sec_encrypt_key[16]; > static uint8 sec_decrypt_update_key[16]; > static uint8 sec_encrypt_update_key[16]; >-static uint8 sec_crypted_random[SEC_MODULUS_SIZE]; >+static uint8 sec_crypted_random[SEC_MAX_MODULUS_SIZE]; > > uint16 g_server_rdp_version = 0; > >@@ -294,14 +295,15 @@ > > /* Perform an RSA public key encryption operation */ > static void >-sec_rsa_encrypt(uint8 * out, uint8 * in, int len, uint8 * modulus, uint8 * exponent) >+sec_rsa_encrypt(uint8 * out, uint8 * in, int len, uint32 modulus_size, uint8 * modulus, >+ uint8 * exponent) > { > BN_CTX *ctx; > BIGNUM mod, exp, x, y; >- uint8 inr[SEC_MODULUS_SIZE]; >+ uint8 inr[SEC_MAX_MODULUS_SIZE]; > int outlen; > >- reverse(modulus, SEC_MODULUS_SIZE); >+ reverse(modulus, modulus_size); > reverse(exponent, SEC_EXPONENT_SIZE); > memcpy(inr, in, len); > reverse(inr, len); >@@ -312,14 +314,14 @@ > BN_init(&x); > BN_init(&y); > >- BN_bin2bn(modulus, SEC_MODULUS_SIZE, &mod); >+ BN_bin2bn(modulus, modulus_size, &mod); > BN_bin2bn(exponent, SEC_EXPONENT_SIZE, &exp); > BN_bin2bn(inr, len, &x); > BN_mod_exp(&y, &x, &exp, &mod, ctx); > outlen = BN_bn2bin(&y, out); > reverse(out, outlen); >- if (outlen < SEC_MODULUS_SIZE) >- memset(out + outlen, 0, SEC_MODULUS_SIZE - outlen); >+ if (outlen < modulus_size) >+ memset(out + outlen, 0, modulus_size - outlen); > > BN_free(&y); > BN_clear_free(&x); >@@ -385,14 +387,14 @@ > static void > sec_establish_key(void) > { >- uint32 length = SEC_MODULUS_SIZE + SEC_PADDING_SIZE; >+ uint32 length = server_public_key_len + SEC_PADDING_SIZE; > uint32 flags = SEC_CLIENT_RANDOM; > STREAM s; > >- s = sec_init(flags, 76); >+ s = sec_init(flags, length + 4); > > out_uint32_le(s, length); >- out_uint8p(s, sec_crypted_random, SEC_MODULUS_SIZE); >+ out_uint8p(s, sec_crypted_random, server_public_key_len); > out_uint8s(s, SEC_PADDING_SIZE); > > s_mark_end(s); >@@ -502,7 +504,8 @@ > } > > in_uint32_le(s, modulus_len); >- if (modulus_len != SEC_MODULUS_SIZE + SEC_PADDING_SIZE) >+ modulus_len -= SEC_PADDING_SIZE; >+ if ((modulus_len < 64) || (modulus_len > SEC_MAX_MODULUS_SIZE)) > { > error("modulus len 0x%x\n", modulus_len); > return False; >@@ -510,8 +513,9 @@ > > in_uint8s(s, 8); /* modulus_bits, unknown */ > in_uint8p(s, *exponent, SEC_EXPONENT_SIZE); >- in_uint8p(s, *modulus, SEC_MODULUS_SIZE); >+ in_uint8p(s, *modulus, modulus_len); > in_uint8s(s, SEC_PADDING_SIZE); >+ server_public_key_len = modulus_len; > > return s_check(s); > } >@@ -704,10 +710,9 @@ > static void > sec_process_crypt_info(STREAM s) > { >- uint8 *server_random, *modulus, *exponent; >+ uint8 *server_random, *modulus = NULL, *exponent = NULL; > uint8 client_random[SEC_RANDOM_SIZE]; > uint32 rc4_key_size; >- uint8 inr[SEC_MODULUS_SIZE]; > > if (!sec_parse_crypt_info(s, &rc4_key_size, &server_random, &modulus, &exponent)) > { >@@ -716,35 +721,37 @@ > } > > DEBUG(("Generating client random\n")); >- /* Generate a client random, and hence determine encryption keys */ >- /* This is what the MS client do: */ >- memset(inr, 0, SEC_RANDOM_SIZE); >- /* *ARIGL!* Plaintext attack, anyone? >- I tried doing: >- generate_random(inr); >- ..but that generates connection errors now and then (yes, >- "now and then". Something like 0 to 3 attempts needed before a >- successful connection. Nice. Not! >- */ >- > generate_random(client_random); >+ > if (NULL != server_public_key) > { /* Which means we should use > RDP5-style encryption */ >+ uint8 inr[SEC_MAX_MODULUS_SIZE]; >+ uint32 padding_len = server_public_key_len - SEC_RANDOM_SIZE; > >- memcpy(inr + SEC_RANDOM_SIZE, client_random, SEC_RANDOM_SIZE); >- reverse(inr + SEC_RANDOM_SIZE, SEC_RANDOM_SIZE); >+ /* This is what the MS client do: */ >+ memset(inr, 0, padding_len); >+ /* *ARIGL!* Plaintext attack, anyone? >+ I tried doing: >+ generate_random(inr); >+ ..but that generates connection errors now and then (yes, >+ "now and then". Something like 0 to 3 attempts needed before a >+ successful connection. Nice. Not! >+ */ >+ memcpy(inr + padding_len, client_random, SEC_RANDOM_SIZE); >+ reverse(inr + padding_len, SEC_RANDOM_SIZE); > >- RSA_public_encrypt(SEC_MODULUS_SIZE, >+ RSA_public_encrypt(server_public_key_len, > inr, sec_crypted_random, server_public_key, RSA_NO_PADDING); > >- reverse(sec_crypted_random, SEC_MODULUS_SIZE); >+ reverse(sec_crypted_random, server_public_key_len); > > } > else > { /* RDP4-style encryption */ > sec_rsa_encrypt(sec_crypted_random, >- client_random, SEC_RANDOM_SIZE, modulus, exponent); >+ client_random, SEC_RANDOM_SIZE, server_public_key_len, modulus, >+ exponent); > } > sec_generate_keys(client_random, server_random, rc4_key_size); > }
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 459140
: 314334