From 00d0f05b39e925b794f5a4377ce40f6207a1039e Mon Sep 17 00:00:00 2001
From: Juan RP <xtraeme@gmail.com>
Date: Wed, 11 Mar 2015 14:29:45 +0100
Subject: [PATCH] freerdp: make this work with recent libressl; patches from
 OpenBSD.

---
 .../patches/patch-libfreerdp-core_ntlmssp_c   | 21 +++++++++++++++++++
 .../patches/patch-libfreerdp-core_tls_c       | 17 +++++++++++++++
 srcpkgs/freerdp/template                      |  7 +------
 3 files changed, 39 insertions(+), 6 deletions(-)
 create mode 100644 srcpkgs/freerdp/patches/patch-libfreerdp-core_ntlmssp_c
 create mode 100644 srcpkgs/freerdp/patches/patch-libfreerdp-core_tls_c

diff --git a/srcpkgs/freerdp/patches/patch-libfreerdp-core_ntlmssp_c b/srcpkgs/freerdp/patches/patch-libfreerdp-core_ntlmssp_c
new file mode 100644
index 00000000000..e78670b46f4
--- /dev/null
+++ b/srcpkgs/freerdp/patches/patch-libfreerdp-core_ntlmssp_c
@@ -0,0 +1,21 @@
+$OpenBSD: patch-libfreerdp-core_ntlmssp_c,v 1.1 2014/04/14 17:10:56 naddy Exp $
+--- libfreerdp-core/ntlmssp.c.orig	Wed Jan  2 22:46:59 2013
++++ libfreerdp-core/ntlmssp.c	Mon Apr 14 18:48:37 2014
+@@ -456,7 +456,7 @@ void ntlmssp_compute_lm_hash(char* password, char* has
+ 	char text[14];
+ 	char des_key1[8];
+ 	char des_key2[8];
+-	des_key_schedule ks;
++	DES_key_schedule ks;
+ 
+ 	/* LM("password") = E52CAC67419A9A224A3B108F3FA6CB6D */
+ 
+@@ -530,7 +530,7 @@ void ntlmssp_compute_lm_response(char* password, char*
+ 	char des_key1[8];
+ 	char des_key2[8];
+ 	char des_key3[8];
+-	des_key_schedule ks;
++	DES_key_schedule ks;
+ 
+ 	/* A LM hash is 16-bytes long, but the LM response uses a LM hash null-padded to 21 bytes */
+ 	memset(hash, '\0', 21);
diff --git a/srcpkgs/freerdp/patches/patch-libfreerdp-core_tls_c b/srcpkgs/freerdp/patches/patch-libfreerdp-core_tls_c
new file mode 100644
index 00000000000..edd07e6af8e
--- /dev/null
+++ b/srcpkgs/freerdp/patches/patch-libfreerdp-core_tls_c
@@ -0,0 +1,17 @@
+$OpenBSD: patch-libfreerdp-core_tls_c,v 1.1 2015/02/08 04:55:00 jsing Exp $
+--- libfreerdp-core/tls.c.orig	Sun Feb  8 04:08:05 2015
++++ libfreerdp-core/tls.c	Sun Feb  8 04:12:11 2015
+@@ -44,6 +44,13 @@ boolean tls_connect(rdpTls* tls)
+ 	 */
+ 	SSL_CTX_set_options(tls->ctx, SSL_OP_ALL);
+ 
++	/*
++	 * Disable the SSL 3.0/TLS 1.0 CBC vulnerability workaround since this
++	 * breaks NLA - the remote host will return a TLS alert 50, terminating
++	 * the session.
++	 */
++	SSL_CTX_set_options(tls->ctx, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS);
++
+ 	tls->ssl = SSL_new(tls->ctx);
+ 
+ 	if (tls->ssl == NULL)
diff --git a/srcpkgs/freerdp/template b/srcpkgs/freerdp/template
index c1a6445625d..88f265f427f 100644
--- a/srcpkgs/freerdp/template
+++ b/srcpkgs/freerdp/template
@@ -1,7 +1,7 @@
 # Template file for 'freerdp'
 pkgname=freerdp
 version=1.0.2
-revision=7
+revision=8
 wrksrc="FreeRDP-${version}"
 build_style=cmake
 configure_args="-DWITH_JPEG=ON -DWITH_PULSE=ON -DWITH_XINERAMA=ON
@@ -24,10 +24,6 @@ case "$XBPS_TARGET_MACHINE" in
 	i686*|x86_64*) configure_args+=" -DWITH_SSE2=ON";;
 esac
 
-pre_configure() {
-	sed -e 's,des_,DES_,g' -i libfreerdp-core/ntlmssp.c
-}
-
 libfreerdp_package() {
 	replaces="${sourcepkg}<1.0.2_2"
 	short_desc+=" - runtime libraries"
@@ -35,7 +31,6 @@ libfreerdp_package() {
 		vmove usr/lib/*.so.*
 	}
 }
-
 freerdp-devel_package() {
 	short_desc+=" - development files"
 	depends="lib${sourcepkg}>=${version}_${revision}"