summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'net-misc')
-rw-r--r--net-misc/xrdp/Manifest1
-rw-r--r--net-misc/xrdp/files/startwm.sh8
-rw-r--r--net-misc/xrdp/files/xrdp-0.8.0-crypt-null-return.patch36
-rw-r--r--net-misc/xrdp/files/xrdp-initd28
-rw-r--r--net-misc/xrdp/files/xrdp-sesman.pamd4
-rw-r--r--net-misc/xrdp/metadata.xml8
-rw-r--r--net-misc/xrdp/xrdp-0.8.0-r1.ebuild152
7 files changed, 237 insertions, 0 deletions
diff --git a/net-misc/xrdp/Manifest b/net-misc/xrdp/Manifest
new file mode 100644
index 0000000..acd8c0e
--- /dev/null
+++ b/net-misc/xrdp/Manifest
@@ -0,0 +1 @@
+DIST xrdp-0.8.0.tar.xz 1671376 SHA256 433535039f8b8766d9c22f62de9599afa94dd553e72d9791cec85a5e2f436a60 SHA512 bb2afefce7f53b6c3bca30cb6913171211df63a700f7d70325c1722348d5d31981e1d417727e48fd14aad500d0454e4126e6e1f81f8c09da4928b02f4acff26b WHIRLPOOL 39c1d4852f6f927fd348d345a8d4f4a79824eca0d5682340908d28f3b6b497ae33bfed944294b061b118e4154ed7c5dce15878302145ffabc2ca6b3a2eb07818
diff --git a/net-misc/xrdp/files/startwm.sh b/net-misc/xrdp/files/startwm.sh
new file mode 100644
index 0000000..df3dd78
--- /dev/null
+++ b/net-misc/xrdp/files/startwm.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+# try hard to respect Gentoo's wm choice
+. /etc/profile
+[ -f /etc/rc.conf ] && . /etc/rc.conf
+export XSESSION
+
+. /etc/X11/xinit/xinitrc
diff --git a/net-misc/xrdp/files/xrdp-0.8.0-crypt-null-return.patch b/net-misc/xrdp/files/xrdp-0.8.0-crypt-null-return.patch
new file mode 100644
index 0000000..4454390
--- /dev/null
+++ b/net-misc/xrdp/files/xrdp-0.8.0-crypt-null-return.patch
@@ -0,0 +1,36 @@
+From 851c762ee722a84d15348b2512b3b578282e590b Mon Sep 17 00:00:00 2001
+From: Jay Sorg <jay.sorg@gmail.com>
+Date: Wed, 29 Oct 2014 17:54:11 -0700
+Subject: [PATCH] sesman: check for null from crypt()
+
+---
+ sesman/verify_user.c | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/sesman/verify_user.c b/sesman/verify_user.c
+index 98d3dd3..49c475c 100644
+--- a/sesman/verify_user.c
++++ b/sesman/verify_user.c
+@@ -51,6 +51,7 @@ long DEFAULT_CC
+ auth_userpass(char *user, char *pass, int *errorcode)
+ {
+ const char *encr;
++ const char *epass;
+ struct passwd *spw;
+ struct spwd *stp;
+
+@@ -84,8 +85,12 @@ auth_userpass(char *user, char *pass, int *errorcode)
+ /* old system with only passwd */
+ encr = spw->pw_passwd;
+ }
+-
+- return (strcmp(encr, crypt(pass, encr)) == 0);
++ epass = crypt(pass, encr);
++ if (epass == 0)
++ {
++ return 0;
++ }
++ return (strcmp(encr, epass) == 0);
+ }
+
+ /******************************************************************************/
diff --git a/net-misc/xrdp/files/xrdp-initd b/net-misc/xrdp/files/xrdp-initd
new file mode 100644
index 0000000..8f943e1
--- /dev/null
+++ b/net-misc/xrdp/files/xrdp-initd
@@ -0,0 +1,28 @@
+#!/sbin/openrc-run
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+depend() {
+ use net logger
+}
+
+start() {
+ ebegin "Starting X remote desktop daemon"
+ start-stop-daemon --start --pidfile /var/run/xrdp.pid --exec /usr/sbin/xrdp > /dev/null
+ eend $? || return $?
+
+ ebegin "Starting remote desktop session manager"
+ start-stop-daemon --start --pidfile /var/run/xrdp-sesman.pid --exec /usr/sbin/xrdp-sesman > /dev/null
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping X remote desktop daemon"
+ start-stop-daemon --stop --pidfile /var/run/xrdp.pid
+ eend $?
+
+ ebegin "Stopping remote desktop session manager"
+ start-stop-daemon --stop --pidfile /var/run/xrdp-sesman.pid
+ eend $?
+}
diff --git a/net-misc/xrdp/files/xrdp-sesman.pamd b/net-misc/xrdp/files/xrdp-sesman.pamd
new file mode 100644
index 0000000..4712aa8
--- /dev/null
+++ b/net-misc/xrdp/files/xrdp-sesman.pamd
@@ -0,0 +1,4 @@
+auth include system-remote-login
+account include system-remote-login
+password include system-remote-login
+session include system-remote-login
diff --git a/net-misc/xrdp/metadata.xml b/net-misc/xrdp/metadata.xml
new file mode 100644
index 0000000..064e361
--- /dev/null
+++ b/net-misc/xrdp/metadata.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<!-- maintainer-needed -->
+ <use>
+ <flag name="fuse">Enable clipboard file / device redirection via <pkg>sys-fs/fuse</pkg></flag>
+ </use>
+</pkgmetadata>
diff --git a/net-misc/xrdp/xrdp-0.8.0-r1.ebuild b/net-misc/xrdp/xrdp-0.8.0-r1.ebuild
new file mode 100644
index 0000000..0d94dcb
--- /dev/null
+++ b/net-misc/xrdp/xrdp-0.8.0-r1.ebuild
@@ -0,0 +1,152 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit autotools eutils pam systemd
+
+DESCRIPTION="An open source Remote Desktop Protocol server"
+HOMEPAGE="http://www.xrdp.org/"
+# mirrored from https://github.com/neutrinolabs/xrdp/releases
+SRC_URI="https://dev.gentoo.org/~mgorny/dist/${P}.tar.xz"
+
+LICENSE="Apache-2.0"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="debug fuse kerberos jpeg pam pulseaudio"
+
+RDEPEND="dev-libs/openssl:0=
+ x11-libs/libX11:0=
+ x11-libs/libXfixes:0=
+ x11-libs/libXrandr:0=
+ fuse? ( sys-fs/fuse:0= )
+ jpeg? ( virtual/jpeg:0= )
+ kerberos? ( virtual/krb5:0= )
+ pam? ( virtual/pam:0= )
+ pulseaudio? ( media-sound/pulseaudio:0= )"
+DEPEND="${RDEPEND}
+ app-arch/xz-utils"
+RDEPEND="${RDEPEND}
+ || (
+ net-misc/tigervnc:0[server,xorgmodule]
+ net-misc/x11rdp:0
+ )"
+
+# does not work with gentoo version of freerdp
+# neutrinordp? ( net-misc/freerdp:0= )
+# incompatible with current ffmpeg/libav (surprising, isn't it?)
+# xrdpvr? ( virtual/ffmpeg:0= )
+
+src_prepare() {
+ epatch_user
+
+ # #540630: crypt() unchecked for NULL return
+ epatch "${FILESDIR}"/${P}-crypt-null-return.patch
+
+ # don't let USE=debug adjust CFLAGS
+ sed -i -e 's:-g -O0::' configure.ac || die
+ # disallow root login by default
+ sed -i -e '/^AllowRootLogin/s/1/0/' sesman/sesman.ini || die
+ # Fedora files, not included here
+ sed -i -e '/EnvironmentFile=/d' instfiles/*.service || die
+ # reorder so that X11rdp comes last again since it's not supported
+ sed -i -e '/^\[xrdp1\]$/,/^$/{wxrdp.ini.tmp
+ ;d}' xrdp/xrdp.ini || die
+ # move newline to the beginning
+ sed -i -e 'x' xrdp.ini.tmp || die
+ cat xrdp.ini.tmp >> xrdp/xrdp.ini || die
+ rm -f xrdp.ini.tmp || die
+
+ eautoreconf
+ # part of ./bootstrap
+ ln -s ../config.c sesman/tools/config.c || die
+}
+
+src_configure() {
+ use kerberos && use pam \
+ && ewarn "Both kerberos & pam auth enabled, kerberos will take precedence."
+
+ local myconf=(
+ # warning: configure.ac is completed flawed
+
+ --localstatedir="${EPREFIX}"/var
+
+ # -- authentication backends --
+ # kerberos is inside !SESMAN_NOPAM conditional for no reason
+ $(use pam || use kerberos || echo --enable-nopam)
+ $(usex kerberos --enable-kerberos '')
+ # pam_userpass is not in Gentoo at the moment
+ #--disable-pamuserpass
+
+ # -- jpeg support --
+ $(usex jpeg --enable-jpeg '')
+ # the package supports explicit linking against libjpeg-turbo
+ # (no need for -ljpeg compat)
+ $(use jpeg && has_version 'media-libs/libjpeg-turbo:0' && echo --enable-tjpeg)
+
+ # -- sound support --
+ $(usex pulseaudio '--enable-simplesound --enable-loadpulsemodules' '')
+
+ # -- others --
+ $(usex debug --enable-xrdpdebug '')
+ $(usex fuse --enable-fuse '')
+ # $(usex neutrinordp --enable-neutrinordp '')
+ # $(usex xrdpvr --enable-xrdpvr '')
+
+ "$(systemd_with_unitdir)"
+ )
+
+ econf "${myconf[@]}"
+}
+
+src_install() {
+ default
+ prune_libtool_files --all
+
+ # use our pam.d file since upstream's incompatible with Gentoo
+ use pam && newpamd "${FILESDIR}"/xrdp-sesman.pamd xrdp-sesman
+ # and our startwm.sh
+ exeinto /etc/xrdp
+ doexe "${FILESDIR}"/startwm.sh
+
+ # Fedora stuff
+ rm -r "${ED}"/etc/default || die
+
+ # own /etc/xrdp/rsakeys.ini
+ : > rsakeys.ini
+ insinto /etc/xrdp
+ doins rsakeys.ini
+
+ # contributed by Jan Psota <jasiupsota@gmail.com>
+ newinitd "${FILESDIR}/${PN}-initd" ${PN}
+}
+
+pkg_preinst() {
+ # either copy existing keys over to avoid CONFIG_PROTECT whining
+ # or generate new keys (but don't include them in binpkg!)
+ if [[ -f ${EROOT}/etc/xrdp/rsakeys.ini ]]; then
+ cp {"${EROOT}","${ED}"}/etc/xrdp/rsakeys.ini || die
+ else
+ einfo "Running xrdp-keygen to generate new rsakeys.ini ..."
+ "${S}"/keygen/xrdp-keygen xrdp "${ED}"/etc/xrdp/rsakeys.ini \
+ || die "xrdp-keygen failed to generate RSA keys"
+ fi
+}
+
+pkg_postinst() {
+ # check for use of bundled rsakeys.ini (installed by default upstream)
+ if [[ $(cksum "${EROOT}"/etc/xrdp/rsakeys.ini) == '2935297193 1019 '* ]]
+ then
+ ewarn "You seem to be using upstream bundled rsakeys.ini. This means that"
+ ewarn "your communications are encrypted using a well-known key. Please"
+ ewarn "consider regenerating rsakeys.ini using the following command:"
+ ewarn
+ ewarn " ${EROOT}/usr/bin/xrdp-keygen xrdp ${EROOT}/etc/xrdp/rsakeys.ini"
+ ewarn
+ fi
+
+ elog "Various session types require different backend implementations:"
+ elog "- sesman-Xvnc requires net-misc/tigervnc[server,xorgmodule]"
+ elog "- sesman-X11rdp requires net-misc/x11rdp"
+}