rpms
/
libvncserver
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

tls patches rebased

Browse Source
epel9
Rex Dieter 5 years ago
parent ef2f30c801
commit 3995c25270
3 changed files with 99 additions and 45 deletions
Show Stats Download Patch File Download Diff File

101
0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch
Unescape View File

@ -1,4 +1,4 @@
From 0a98d629447964f1d5d922d5012ee0c2cbf10694 Mon Sep 17 00:00:00 2001 From 450f4a50771fd36cdd170356f83ebab5ff0dea51 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com> From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
Date: Mon, 11 Jun 2018 23:47:02 +0200 Date: Mon, 11 Jun 2018 23:47:02 +0200
Subject: [PATCH 1/2] libvncserver: Add API to add custom I/O entry points Subject: [PATCH 1/2] libvncserver: Add API to add custom I/O entry points
@ -7,16 +7,16 @@ Add API to make it possible to channel RFB input and output through
another layer, for example TLS. This is done by making it possible to another layer, for example TLS. This is done by making it possible to
override the default read/write/peek functions. override the default read/write/peek functions.
--- ---
libvncserver/rfbserver.c | 4 +++ libvncserver/rfbserver.c | 4 ++
libvncserver/sockets.c | 64 +++++++++++++++++++++++++++++++++++++--- libvncserver/sockets.c | 79 ++++++++++++++++++++++++++++++++++++----
rfb/rfb.h | 17 +++++++++++ rfb/rfb.h | 17 +++++++++
3 files changed, 81 insertions(+), 4 deletions(-) 3 files changed, 93 insertions(+), 7 deletions(-)
diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
index 7af6aed..fbedd9f 100644 index 44ca2153..cee87dbb 100644
--- a/libvncserver/rfbserver.c --- a/libvncserver/rfbserver.c
+++ b/libvncserver/rfbserver.c +++ b/libvncserver/rfbserver.c
@@ -322,6 +322,10 @@ rfbNewTCPOrUDPClient(rfbScreenInfoPtr rfbScreen, @@ -319,6 +319,10 @@ rfbNewTCPOrUDPClient(rfbScreenInfoPtr rfbScreen,
cl->screen = rfbScreen; cl->screen = rfbScreen;
cl->sock = sock; cl->sock = sock;
@ -28,10 +28,56 @@ index 7af6aed..fbedd9f 100644
/* setup pseudo scaling */ /* setup pseudo scaling */
cl->scaledScreen = rfbScreen; cl->scaledScreen = rfbScreen;
diff --git a/libvncserver/sockets.c b/libvncserver/sockets.c diff --git a/libvncserver/sockets.c b/libvncserver/sockets.c
index bbc3d90..27515f2 100644 index 2c87376b..4bb881ec 100644
--- a/libvncserver/sockets.c --- a/libvncserver/sockets.c
+++ b/libvncserver/sockets.c +++ b/libvncserver/sockets.c
@@ -589,6 +589,30 @@ rfbConnect(rfbScreenInfoPtr rfbScreen, @@ -101,6 +101,9 @@ int deny_severity=LOG_WARNING;
int rfbMaxClientWait = 20000; /* time (ms) after which we decide client has
gone away - needed to stop us hanging */
+static rfbBool
+rfbHasPendingOnSocket(rfbClientPtr cl);
+
static rfbBool
rfbNewConnectionFromSock(rfbScreenInfoPtr rfbScreen, rfbSocket sock)
{
@@ -364,16 +367,20 @@ rfbCheckFds(rfbScreenInfoPtr rfbScreen,long usec)
tv.tv_usec = usec;
nfds = select(rfbScreen->maxFd + 1, &fds, NULL, NULL /* &fds */, &tv);
if (nfds == 0) {
+ rfbBool hasPendingData = FALSE;
+
/* timed out, check for async events */
i = rfbGetClientIterator(rfbScreen);
while((cl = rfbClientIteratorNext(i))) {
if (cl->onHold)
continue;
+ hasPendingData |= rfbHasPendingOnSocket(cl);
if (FD_ISSET(cl->sock, &(rfbScreen->allFds)))
rfbSendFileTransferChunk(cl);
}
rfbReleaseClientIterator(i);
- return result;
+ if (!hasPendingData)
+ return result;
}
if (nfds < 0) {
@@ -449,9 +456,11 @@ rfbCheckFds(rfbScreenInfoPtr rfbScreen,long usec)
if (cl->onHold)
continue;
- if (FD_ISSET(cl->sock, &(rfbScreen->allFds)))
+ if (rfbHasPendingOnSocket (cl) ||
+ FD_ISSET(cl->sock, &(rfbScreen->allFds)))
{
- if (FD_ISSET(cl->sock, &fds))
+ if (rfbHasPendingOnSocket (cl) ||
+ FD_ISSET(cl->sock, &fds))
{
#ifdef LIBVNCSERVER_WITH_WEBSOCKETS
do {
@@ -614,6 +623,30 @@ rfbConnect(rfbScreenInfoPtr rfbScreen,
return sock; return sock;
} }
@ -56,13 +102,13 @@ index bbc3d90..27515f2 100644
+static rfbBool +static rfbBool
+rfbHasPendingOnSocket(rfbClientPtr cl) +rfbHasPendingOnSocket(rfbClientPtr cl)
+{ +{
+ cl->hasPendingOnSocket(cl); + return cl->hasPendingOnSocket(cl);
+} +}
+ +
/* /*
* ReadExact reads an exact number of bytes from a client. Returns 1 if * ReadExact reads an exact number of bytes from a client. Returns 1 if
* those bytes have been read, 0 if the other end has closed, or -1 if an error * those bytes have been read, 0 if the other end has closed, or -1 if an error
@@ -610,10 +634,10 @@ rfbReadExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout) @@ -635,10 +668,10 @@ rfbReadExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout)
} else if (cl->sslctx) { } else if (cl->sslctx) {
n = rfbssl_read(cl, buf, len); n = rfbssl_read(cl, buf, len);
} else { } else {
@ -75,7 +121,7 @@ index bbc3d90..27515f2 100644
#endif #endif
if (n > 0) { if (n > 0) {
@@ -645,6 +669,10 @@ rfbReadExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout) @@ -670,6 +703,10 @@ rfbReadExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout)
continue; continue;
} }
#endif #endif
@ -86,7 +132,7 @@ index bbc3d90..27515f2 100644
FD_ZERO(&fds); FD_ZERO(&fds);
FD_SET(sock, &fds); FD_SET(sock, &fds);
tv.tv_sec = timeout / 1000; tv.tv_sec = timeout / 1000;
@@ -681,6 +709,18 @@ int rfbReadExact(rfbClientPtr cl,char* buf,int len) @@ -706,6 +743,18 @@ int rfbReadExact(rfbClientPtr cl,char* buf,int len)
return(rfbReadExactTimeout(cl,buf,len,rfbMaxClientWait)); return(rfbReadExactTimeout(cl,buf,len,rfbMaxClientWait));
} }
@ -105,7 +151,7 @@ index bbc3d90..27515f2 100644
/* /*
* PeekExact peeks at an exact number of bytes from a client. Returns 1 if * PeekExact peeks at an exact number of bytes from a client. Returns 1 if
* those bytes have been read, 0 if the other end has closed, or -1 if an * those bytes have been read, 0 if the other end has closed, or -1 if an
@@ -701,7 +741,7 @@ rfbPeekExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout) @@ -726,7 +775,7 @@ rfbPeekExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout)
n = rfbssl_peek(cl, buf, len); n = rfbssl_peek(cl, buf, len);
else else
#endif #endif
@ -114,7 +160,7 @@ index bbc3d90..27515f2 100644
if (n == len) { if (n == len) {
@@ -757,6 +797,22 @@ rfbPeekExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout) @@ -782,6 +831,22 @@ rfbPeekExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout)
return 1; return 1;
} }
@ -137,7 +183,7 @@ index bbc3d90..27515f2 100644
/* /*
* WriteExact writes an exact number of bytes to a client. Returns 1 if * WriteExact writes an exact number of bytes to a client. Returns 1 if
* those bytes have been written, or -1 if an error occurred (errno is set to * those bytes have been written, or -1 if an error occurred (errno is set to
@@ -801,7 +857,7 @@ rfbWriteExact(rfbClientPtr cl, @@ -826,7 +891,7 @@ rfbWriteExact(rfbClientPtr cl,
n = rfbssl_write(cl, buf, len); n = rfbssl_write(cl, buf, len);
else else
#endif #endif
@ -147,12 +193,12 @@ index bbc3d90..27515f2 100644
if (n > 0) { if (n > 0) {
diff --git a/rfb/rfb.h b/rfb/rfb.h diff --git a/rfb/rfb.h b/rfb/rfb.h
index f982b40..ba9e898 100644 index 5e9ba86f..3c0b25a3 100644
--- a/rfb/rfb.h --- a/rfb/rfb.h
+++ b/rfb/rfb.h +++ b/rfb/rfb.h
@@ -413,6 +413,14 @@ typedef struct sraRegion* sraRegionPtr; @@ -387,6 +387,14 @@ typedef struct sraRegion* sraRegionPtr;
typedef void (*ClientGoneHookPtr)(struct _rfbClientRec* cl); typedef void (*ClientGoneHookPtr)(struct _rfbClientRec* cl);
typedef void (*ClientFramebufferUpdateRequestHookPtr)(struct _rfbClientRec* cl, rfbFramebufferUpdateRequestMsg* furMsg);
+typedef int (*ClientReadFromSocket)(struct _rfbClientRec* cl, +typedef int (*ClientReadFromSocket)(struct _rfbClientRec* cl,
+ char *buf, int len); + char *buf, int len);
@ -165,10 +211,10 @@ index f982b40..ba9e898 100644
typedef struct _rfbFileTransferData { typedef struct _rfbFileTransferData {
int fd; int fd;
int compressionEnabled; int compressionEnabled;
@@ -694,6 +702,11 @@ typedef struct _rfbClientRec { @@ -680,6 +688,11 @@ typedef struct _rfbClientRec {
#ifdef LIBVNCSERVER_HAVE_LIBPTHREAD rfbBool useExtDesktopSize;
int pipe_notify_client_thread[2]; int requestedDesktopSizeChange;
#endif int lastDesktopSizeChangeError;
+ +
+ ClientReadFromSocket readFromSocket; /* Read data from socket */ + ClientReadFromSocket readFromSocket; /* Read data from socket */
+ ClientPeekAtSocket peekAtSocket; /* Peek at data from socket */ + ClientPeekAtSocket peekAtSocket; /* Peek at data from socket */
@ -177,7 +223,7 @@ index f982b40..ba9e898 100644
} rfbClientRec, *rfbClientPtr; } rfbClientRec, *rfbClientPtr;
/** /**
@@ -746,8 +759,12 @@ extern void rfbDisconnectUDPSock(rfbScre @@ -732,8 +745,12 @@ extern void rfbDisconnectUDPSock(rfbScreenInfoPtr rfbScreen);
extern void rfbCloseClient(rfbClientPtr cl); extern void rfbCloseClient(rfbClientPtr cl);
extern int rfbReadExact(rfbClientPtr cl, char *buf, int len); extern int rfbReadExact(rfbClientPtr cl, char *buf, int len);
extern int rfbReadExactTimeout(rfbClientPtr cl, char *buf, int len,int timeout); extern int rfbReadExactTimeout(rfbClientPtr cl, char *buf, int len,int timeout);
@ -188,5 +234,8 @@ index f982b40..ba9e898 100644
extern int rfbWriteExact(rfbClientPtr cl, const char *buf, int len); extern int rfbWriteExact(rfbClientPtr cl, const char *buf, int len);
+extern int rfbDefaultWriteToSocket(rfbClientPtr cl, const char *buf, int len); +extern int rfbDefaultWriteToSocket(rfbClientPtr cl, const char *buf, int len);
extern int rfbCheckFds(rfbScreenInfoPtr rfbScreen,long usec); extern int rfbCheckFds(rfbScreenInfoPtr rfbScreen,long usec);
extern int rfbConnect(rfbScreenInfoPtr rfbScreen, char* host, int port); extern rfbSocket rfbConnect(rfbScreenInfoPtr rfbScreen, char* host, int port);
extern int rfbConnectToTcpAddr(char* host, int port); extern rfbSocket rfbConnectToTcpAddr(char* host, int port);
--
2.25.4

34
0002-libvncserver-Add-channel-security-handlers.patch
Unescape View File

@ -1,4 +1,4 @@
From c343c1b43080bcb45dad285faa5cd8926bfb9811 Mon Sep 17 00:00:00 2001 From 30b947df1b25cf741f6863b4c3f77e0016aa4898 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com> From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
Date: Mon, 11 Jun 2018 23:50:05 +0200 Date: Mon, 11 Jun 2018 23:50:05 +0200
Subject: [PATCH 2/2] libvncserver: Add channel security handlers Subject: [PATCH 2/2] libvncserver: Add channel security handlers
@ -13,13 +13,13 @@ done by adding a single channel security handler with the rfbTLS (18)
with a handler that initiates a TLS session, and when a TLS session is with a handler that initiates a TLS session, and when a TLS session is
initiated, the regular security handler list is sent. initiated, the regular security handler list is sent.
--- ---
libvncserver/auth.c | 162 ++++++++++++++++++++++++++++++--------- libvncserver/auth.c | 164 ++++++++++++++++++++++++++++++---------
libvncserver/rfbserver.c | 1 + libvncserver/rfbserver.c | 1 +
rfb/rfb.h | 15 +++- rfb/rfb.h | 15 +++-
3 files changed, 140 insertions(+), 38 deletions(-) 3 files changed, 142 insertions(+), 38 deletions(-)
diff --git a/libvncserver/auth.c b/libvncserver/auth.c diff --git a/libvncserver/auth.c b/libvncserver/auth.c
index 814a814..6581953 100644 index 814a8142..55e0b3c9 100644
--- a/libvncserver/auth.c --- a/libvncserver/auth.c
+++ b/libvncserver/auth.c +++ b/libvncserver/auth.c
@@ -37,18 +37,17 @@ void rfbClientSendString(rfbClientPtr cl, const char *reason); @@ -37,18 +37,17 @@ void rfbClientSendString(rfbClientPtr cl, const char *reason);
@ -255,20 +255,22 @@ index 814a814..6581953 100644
if (securityType == rfbSecTypeInvalid) { if (securityType == rfbSecTypeInvalid) {
rfbLog("VNC authentication disabled - RFB 3.3 client rejected\n"); rfbLog("VNC authentication disabled - RFB 3.3 client rejected\n");
rfbClientConnFailed(cl, "Your viewer cannot handle required " rfbClientConnFailed(cl, "Your viewer cannot handle required "
@@ -316,9 +394,11 @@ rfbAuthNewClient(rfbClientPtr cl) @@ -316,9 +394,13 @@ rfbAuthNewClient(rfbClientPtr cl)
return; return;
} }
rfbSendSecurityType(cl, securityType); rfbSendSecurityType(cl, securityType);
+ } else if (channelSecurityHandlers) { + } else if (channelSecurityHandlers) {
+ rfbLog("Send channel security type list\n");
+ rfbSendChannelSecurityTypeList(cl); + rfbSendChannelSecurityTypeList(cl);
} else { } else {
/* Here it's ok when securityType is set to rfbSecTypeInvalid. */ /* Here it's ok when securityType is set to rfbSecTypeInvalid. */
- rfbSendSecurityTypeList(cl, securityType); - rfbSendSecurityTypeList(cl, securityType);
+ rfbLog("Send channel security type 'none'\n");
+ rfbSendSecurityTypeList(cl, RFB_SECURITY_TAG_NONE); + rfbSendSecurityTypeList(cl, RFB_SECURITY_TAG_NONE);
} }
} }
@@ -332,6 +412,7 @@ rfbProcessClientSecurityType(rfbClientPtr cl) @@ -332,6 +414,7 @@ rfbProcessClientSecurityType(rfbClientPtr cl)
int n; int n;
uint8_t chosenType; uint8_t chosenType;
rfbSecurityHandler* handler; rfbSecurityHandler* handler;
@ -276,7 +278,7 @@ index 814a814..6581953 100644
/* Read the security type. */ /* Read the security type. */
n = rfbReadExact(cl, (char *)&chosenType, 1); n = rfbReadExact(cl, (char *)&chosenType, 1);
@@ -344,8 +425,17 @@ rfbProcessClientSecurityType(rfbClientPtr cl) @@ -344,8 +427,17 @@ rfbProcessClientSecurityType(rfbClientPtr cl)
return; return;
} }
@ -296,10 +298,10 @@ index 814a814..6581953 100644
rfbLog("rfbProcessClientSecurityType: executing handler for type %d\n", chosenType); rfbLog("rfbProcessClientSecurityType: executing handler for type %d\n", chosenType);
handler->handler(cl); handler->handler(cl);
diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
index fbedd9f..1e8b3c1 100644 index cee87dbb..6efede61 100644
--- a/libvncserver/rfbserver.c --- a/libvncserver/rfbserver.c
+++ b/libvncserver/rfbserver.c +++ b/libvncserver/rfbserver.c
@@ -643,6 +643,7 @@ rfbProcessClientMessage(rfbClientPtr cl) @@ -654,6 +654,7 @@ rfbProcessClientMessage(rfbClientPtr cl)
case RFB_PROTOCOL_VERSION: case RFB_PROTOCOL_VERSION:
rfbProcessClientProtocolVersion(cl); rfbProcessClientProtocolVersion(cl);
return; return;
@ -308,10 +310,10 @@ index fbedd9f..1e8b3c1 100644
rfbProcessClientSecurityType(cl); rfbProcessClientSecurityType(cl);
return; return;
diff --git a/rfb/rfb.h b/rfb/rfb.h diff --git a/rfb/rfb.h b/rfb/rfb.h
index ba9e898..be58d08 100644 index 3c0b25a3..d136f884 100644
--- a/rfb/rfb.h --- a/rfb/rfb.h
+++ b/rfb/rfb.h +++ b/rfb/rfb.h
@@ -182,6 +182,11 @@ typedef struct { @@ -144,6 +144,11 @@ typedef struct {
} data; /**< there have to be count*3 entries */ } data; /**< there have to be count*3 entries */
} rfbColourMap; } rfbColourMap;
@ -323,7 +325,7 @@ index ba9e898..be58d08 100644
/** /**
* Security handling (RFB protocol version 3.7) * Security handling (RFB protocol version 3.7)
*/ */
@@ -190,6 +195,7 @@ typedef struct _rfbSecurity { @@ -152,6 +157,7 @@ typedef struct _rfbSecurity {
uint8_t type; uint8_t type;
void (*handler)(struct _rfbClientRec* cl); void (*handler)(struct _rfbClientRec* cl);
struct _rfbSecurity* next; struct _rfbSecurity* next;
@ -331,7 +333,7 @@ index ba9e898..be58d08 100644
} rfbSecurityHandler; } rfbSecurityHandler;
/** /**
@@ -506,7 +512,7 @@ typedef struct _rfbClientRec { @@ -480,7 +486,7 @@ typedef struct _rfbClientRec {
/** Possible client states: */ /** Possible client states: */
enum { enum {
RFB_PROTOCOL_VERSION, /**< establishing protocol version */ RFB_PROTOCOL_VERSION, /**< establishing protocol version */
@ -340,7 +342,7 @@ index ba9e898..be58d08 100644
RFB_AUTHENTICATION, /**< authenticating */ RFB_AUTHENTICATION, /**< authenticating */
RFB_INITIALISATION, /**< sending initialisation messages */ RFB_INITIALISATION, /**< sending initialisation messages */
RFB_NORMAL, /**< normal protocol messages */ RFB_NORMAL, /**< normal protocol messages */
@@ -514,7 +520,9 @@ typedef struct _rfbClientRec { @@ -488,7 +494,9 @@ typedef struct _rfbClientRec {
/* Ephemeral internal-use states that will never be seen by software /* Ephemeral internal-use states that will never be seen by software
* using LibVNCServer to provide services: */ * using LibVNCServer to provide services: */
@ -351,7 +353,7 @@ index ba9e898..be58d08 100644
} state; } state;
rfbBool reverseConnection; rfbBool reverseConnection;
@@ -855,6 +863,9 @@ extern void rfbProcessClientSecurityType(rfbClientPtr cl); @@ -840,6 +848,9 @@ extern void rfbProcessClientSecurityType(rfbClientPtr cl);
extern void rfbAuthProcessClientMessage(rfbClientPtr cl); extern void rfbAuthProcessClientMessage(rfbClientPtr cl);
extern void rfbRegisterSecurityHandler(rfbSecurityHandler* handler); extern void rfbRegisterSecurityHandler(rfbSecurityHandler* handler);
extern void rfbUnregisterSecurityHandler(rfbSecurityHandler* handler); extern void rfbUnregisterSecurityHandler(rfbSecurityHandler* handler);
@ -362,5 +364,5 @@ index ba9e898..be58d08 100644
/* rre.c */ /* rre.c */
-- --
2.17.1 2.25.4

9
libvncserver.spec
Unescape View File

@ -1,7 +1,7 @@
Summary: Library to make writing a VNC server easy Summary: Library to make writing a VNC server easy
Name: libvncserver Name: libvncserver
Version: 0.9.13 Version: 0.9.13
Release: 1%{?dist} Release: 2%{?dist}
# NOTE: --with-filetransfer => GPLv2 # NOTE: --with-filetransfer => GPLv2
License: GPLv2+ License: GPLv2+
@ -80,8 +80,8 @@ developing applications that use %{name}.
%setup -q -n %{name}-LibVNCServer-%{version} %setup -q -n %{name}-LibVNCServer-%{version}
## FIXME: needs rebasing ## FIXME: needs rebasing
#patch10 -p1 -b .tls-1 %patch10 -p1 -b .tls-1
#patch11 -p1 -b .tls-2 %patch11 -p1 -b .tls-2
%patch102 -p1 -b .crypto_policy %patch102 -p1 -b .crypto_policy
@ -125,6 +125,9 @@ popd
%changelog %changelog
* Thu Jul 02 2020 Rex Dieter <rdieter@fedoraproject.org> - 0.9.13-2
- tls patches rebased
* Thu Jul 02 2020 Rex Dieter <rdieter@fedoraproject.org> - 0.9.13-1 * Thu Jul 02 2020 Rex Dieter <rdieter@fedoraproject.org> - 0.9.13-1
- 0.9.13 - 0.9.13
- FIXME/TODO: tls patches need rebasing, work-in-progress - FIXME/TODO: tls patches need rebasing, work-in-progress

Write Preview
Loading…
Cancel
Save