File xrdp.spec of Package xrdp.29105
#
# spec file for package xrdp
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define _fwdefdir %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services
Name: xrdp
Version: 0.9.0~git.1456906198.f422461
Release: 0
Summary: Open Source remote desktop protocol (RDP) server
License: Apache-2.0 AND GPL-2.0-or-later
Group: System/X11/Utilities
URL: https://github.com/neutrinolabs/xrdp
Source0: xrdp-%{version}.tar.gz
Source1: xrdp.fw
Source2: sysconfig.xrdp
Source3: force_stop
Source4: openSUSE.bmp
Source100: %{name}-rpmlintrc
# PATCH-FIX-OPENSUSE xrdp-pam.patch bnc#441750 - hfiguiere@novell.com
Patch1: xrdp-pam.patch
# PATCH-FIX-UPSTREAM xrdp-fix-buildtime-warnings.patch - fezhang@suse.com -- fix warnings in build time, backported from upstream devel branch
Patch2: xrdp-fix-buildtime-warnings.patch
# PATCH-FIX-OPENSUSE xrdp-default-config.patch - cyberorg@opensuse.org -- Adjust default settings to openSUSE standards
Patch3: xrdp-default-config.patch
# PATCH-FIX-OPENSUSE xrdp-disable-8-bpp-vnc-support.patch bsc#991059 - fezhang@suse.com -- disable 8 bpp support for vnc connections
Patch4: xrdp-disable-8-bpp-vnc-support.patch
# PATCH-FIX-UPSTREAM xrdp-Allow-sessions-with-32-bpp.patch.patch bsc#1022098 - vliaskovitis@suse.com -- Allow sessions with 32 bpp
Patch5: xrdp-Allow-sessions-with-32-bpp.patch.patch
# PATCH-FIX-UPSTREAM xrdp-vnc-enable-32-bpp-support-for-Xvnc-it-actually-works.patch bsc#1022098 - vliaskovitis@suse.com -- vnc: enable 32 bpp support for Xvnc, it actually works
Patch6: xrdp-vnc-enable-32-bpp-support-for-Xvnc-it-actually-works.patch
# PATCH-FIX-UPSTREAM xrdp-Fix-support-for-32-bpp-clients-connecting-to-16-bpp-.patch bsc#1022098 - vliaskovitis@suse.com -- Fix support for 32-bpp clients connecting to 16-bpp VNC
Patch7: xrdp-Fix-support-for-32-bpp-clients-connecting-to-16-bpp-.patch
# PATCH-FIX-UPSTREAM xrdp-dont-set-LANG.patch bsc#1023988 - fezhang@suse.com -- sesman should not set LANG
Patch8: xrdp-dont-set-LANG.patch
# PATCH-FIX-UPSTREAM xrdp-CVE-2017-6967.patch bsc#1029912 CVE-2017-6967 - fezhang@suse.com -- sesman: move auth calls to appropriate locations
Patch9: xrdp-CVE-2017-6967.patch
# PATCH-FIX-UPSTREAM xrdp-boo1060644-read-port-from-config.patch boo#1060644 - fezhang@suse.com -- xrdp: read port number from config file
Patch10: xrdp-boo1060644-read-port-from-config.patch
# PATCH-FIX-UPSTREAM xrdp-CVE-2017-16927.patch boo#1069591 - fezhang@suse.com -- scpv0 accept variable length data fields
Patch12: xrdp-CVE-2017-16927.patch
# PATCH-FIX-UPSTREAM xrdp-CVE-2013-1430.patch boo#1015567 - fezhang@suse.com -- Fix VNC password file that was based on clear text user password
Patch13: xrdp-CVE-2013-1430.patch
# PATCH-FIX-UPSTREAM xrdp-handle-3-byte-PDU.patch boo#1100453 - fezhang@suse.com -- Fix delayed X KeyRelease events in xrdp session
Patch14: xrdp-handle-3-byte-PDU.patch
# PATCH-FIX-OPENSUSE xrdp-support-KillDisconnected-for-Xvnc.patch boo#1101506 - fezhang@suse.com -- Support the KillDisconnected option for TigerVNC Xvnc sessions
Patch15: xrdp-support-KillDisconnected-for-Xvnc.patch
# PATCH-FIX-OPENSUSE xrdp-systemd-services.patch boo#1138954 boo#1144327 - fezhang@suse.com -- Let systemd handle the daemons
Patch16: xrdp-systemd-services.patch
# PATCH-FIX-UPSTREAM 0001-Don-t-try-to-create-.vnc-directory-if-it-exists.patch bsc#1157860 - vliaskovitis@suse.com -- Don't try to create .vnc directory if it exists
Patch17: xrdp-Don-t-try-to-create-.vnc-directory-if-it-exists.patch
Patch18: xrdp-cve-2020-4044-fix-0.patch
Patch19: xrdp-cve-2020-4044-fix-1.patch
# PATCH-FIX-UPSTREAM xrdp-add-stub-implementation-for-s_check_rem_and_log.patch - yu.daike@suse.com -- add stub implementation for s_check_rem_and_log
Patch20: xrdp-add-stub-implementation-for-s_check_rem_and_log.patch
# PATCH-FIX-UPSTREAM xrdp-CVE-2022-23468.patch bsc#1206300 - yu.daike@suse.com -- Buffer overflow in xrdp_login_wnd_create()
Patch21: xrdp-CVE-2022-23468.patch
# PATCH-FIX-UPSTREAM xrdp-CVE-2022-23479.patch bsc#1206303 - yu.daike@suse.com -- Buffer overflow in xrdp_mm_chan_data_in() function
Patch22: xrdp-CVE-2022-23479.patch
# PATCH-FIX-UPSTREAM xrdp-CVE-2022-23480.patch bsc#1206306 - yu.daike@suse.com -- Buffer overflow in devredir_proc_client_devlist_announce_req
Patch23: xrdp-CVE-2022-23480.patch
# PATCH-FIX-UPSTREAM xrdp-CVE-2022-23481.patch bsc#1206307 - yu.daike@suse.com -- Out of Bound Read in xrdp_caps_process_confirm_active()
Patch24: xrdp-CVE-2022-23481.patch
# PATCH-FIX-UPSTREAM xrdp-CVE-2022-23482.patch bsc#1206310 - yu.daike@suse.com -- Out of Bound Read in xrdp_sec_process_mcs_data_CS_CORE()
Patch25: xrdp-CVE-2022-23482.patch
# PATCH-FIX-UPSTREAM xrdp-CVE-2022-23483.patch bsc#1206311 - yu.daike@suse.com -- Out of Bound Read in libxrdp_send_to_channel()
Patch26: xrdp-CVE-2022-23483.patch
# PATCH-FIX-UPSTREAM xrdp-CVE-2022-23484.patch bsc#1206312 - yu.daike@suse.com -- Integer Overflow in xrdp_mm_process_rail_update_window_text()
Patch27: xrdp-CVE-2022-23484.patch
# PATCH-FIX-UPSTREAM xrdp-CVE-2023-40184.patch bsc#1213805 - yu.daike@suse.com -- restriction bypass via improper session handling
Patch28: xrdp-CVE-2023-40184.patch
# PATCH-FEATURE-SLE xrdp-avahi.diff bnc#586785 - hfiguiere@novell.com -- Add Avahi support
Patch101: xrdp-avahi.diff
# PATCH-FIX-SLE xrdp-filter-tab-from-mstsc-on-focus-change.patch bnc#601996 bnc#623534 - dliang@novell.com -- filter the fake tab key which is used to notify the session
Patch102: xrdp-filter-tab-from-mstsc-on-focus-change.patch
# PATCH-FIX-SLE xrdp-bsc965647-allow-admin-choose-desktop.patch bsc#965647 - fezhang@suse.com -- Allow administrator choose the desktop displayed
Patch103: xrdp-bsc965647-allow-admin-choose-desktop.patch
# PATCH-FEATURE-SLE xrdp-fate318398-change-expired-password.patch fate#318398 - fezhang@suse.com -- enable user to update expired password via PAM
Patch104: xrdp-fate318398-change-expired-password.patch
# PATCH-FIX-OPENSUSE xrdp-openSUSE-logo.patch - fezhang@suse.com -- use openSUSE logo in login dialog
Patch201: xrdp-openSUSE-logo.patch
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: fdupes
BuildRequires: libX11-devel
BuildRequires: libXfixes-devel
BuildRequires: libXrandr-devel
BuildRequires: libavahi-devel
BuildRequires: libtool
BuildRequires: openssl-devel
BuildRequires: pam-devel
BuildRequires: pkg-config
BuildRequires: pkgconfig(systemd)
Requires: xorg-x11-Xvnc
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
A full functionnal Linux terminal server, capable of accepting
connection from rdesktop and Microsoft's own terminal server / remote
desktop clients.
%prep
%setup -q
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
%patch17 -p1
%patch18 -p1
%patch19 -p1
%patch20 -p1
%patch21 -p1
%patch22 -p1
%patch23 -p1
%patch24 -p1
%patch25 -p1
%patch26 -p1
%patch27 -p1
%patch28 -p1
%if ! 0%{?is_opensuse}
%patch101 -p1
%patch102 -p1
%patch103 -p1
%patch104 -p1
%else
%patch201 -p1
%endif
%build
sh ./bootstrap
%configure \
--with-systemdsystemunitdir=%{_unitdir}
make %{?_smp_mflags}
%install
make %{?_smp_mflags} DESTDIR=%{buildroot} install
find %{buildroot} -name '*.a' -exec rm {} \;
find %{buildroot} -type f -name "*.la" -delete -print
mkdir -p %{buildroot}/%{_fwdefdir}
install -m 644 %{SOURCE1} %{buildroot}/%{_fwdefdir}/xrdp
mkdir -p %{buildroot}/%{_localstatedir}/adm/fillup-templates
install -m 644 %{SOURCE2} %{buildroot}/%{_localstatedir}/adm/fillup-templates/sysconfig.xrdp
mkdir -p %{buildroot}/%{_prefix}/lib/initscripts/legacy-actions/xrdp
install -m 755 %{SOURCE3} %{buildroot}/%{_prefix}/lib/initscripts/legacy-actions/xrdp/force_stop
%if 0%{?is_opensuse}
install %{SOURCE4} %{buildroot}%{_datadir}/%{name}/
%endif
ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcxrdp
ln -sf %{_sbindir}/service %{buildroot}%{_sbindir}/rcxrdp-sesman
# remove init script that conflicts with systemd service
rm -rf %{buildroot}/%{_initddir}
%fdupes -s %{buildroot}
%pre
%service_add_pre xrdp-sesman.service
%service_add_pre xrdp.service
%post
/sbin/ldconfig
%service_add_post xrdp-sesman.service
%service_add_post xrdp.service
%{fillup_only -n xrdp}
if [ ! -e %{_sysconfdir}/xrdp/rsakeys.ini ]; then
xrdp-keygen xrdp %{_sysconfdir}/xrdp/rsakeys.ini
if [ $? -ne 0 ] || [ ! -e %{_sysconfdir}/xrdp/rsakeys.ini ]; then
echo "Could not generate rsakeys.ini, please check manually!"
fi
fi
exit 0
%preun
%stop_on_removal
%service_del_preun xrdp.service
%service_del_preun xrdp-sesman.service
%postun
/sbin/ldconfig
%service_del_postun xrdp.service
%service_del_postun xrdp-sesman.service
%restart_on_update
%files
%defattr(-,root,root)
%dir %{_datadir}/xrdp
%dir %{_libdir}/xrdp
%dir %{_sysconfdir}/xrdp
%dir %{_sysconfdir}/xrdp/pulse
%config %{_fwdefdir}/xrdp
%config(noreplace) %{_sysconfdir}/default/xrdp
%config(noreplace) %{_sysconfdir}/pam.d/xrdp-sesman
%config(noreplace) %{_sysconfdir}/xrdp/sesman.ini
%config(noreplace) %{_sysconfdir}/xrdp/xrdp.ini
%doc COPYING *.txt
%{_bindir}/xrdp*
%{_datadir}/xrdp/*
%{_libdir}/xrdp/*
%{_mandir}/man1/*
%{_mandir}/man5/*
%{_mandir}/man8/*
%{_prefix}/lib/initscripts/legacy-actions/xrdp
%{_sbindir}/rc*
%{_sbindir}/xrdp*
%{_sysconfdir}/xrdp/km*.ini
%{_sysconfdir}/xrdp/pulse/default.pa
%{_sysconfdir}/xrdp/xrdp_keyboard.ini
%{_unitdir}/xrdp*
%ghost %{_localstatedir}/log/xrdp-sesman.log
%config(noreplace) %{_sysconfdir}/xrdp/
%ghost %config(noreplace) %{_sysconfdir}/xrdp/rsakeys.ini
%config %{_localstatedir}/adm/fillup-templates/sysconfig.xrdp
%changelog
