From 3f48dcf21fd2203726174ef40723b405c21220b2 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Fri, 1 Feb 2008 02:28:37 +0000 Subject: [PATCH 01/81] Setup of module libvncserver --- .cvsignore | 0 Makefile | 21 +++++++++++++++++++++ sources | 0 3 files changed, 21 insertions(+) create mode 100644 .cvsignore create mode 100644 Makefile create mode 100644 sources diff --git a/.cvsignore b/.cvsignore new file mode 100644 index 0000000..e69de29 diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..5a777df --- /dev/null +++ b/Makefile @@ -0,0 +1,21 @@ +# Makefile for source rpm: libvncserver +# $Id$ +NAME := libvncserver +SPECFILE = $(firstword $(wildcard *.spec)) + +define find-makefile-common +for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done +endef + +MAKEFILE_COMMON := $(shell $(find-makefile-common)) + +ifeq ($(MAKEFILE_COMMON),) +# attept a checkout +define checkout-makefile-common +test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2 +endef + +MAKEFILE_COMMON := $(shell $(checkout-makefile-common)) +endif + +include $(MAKEFILE_COMMON) diff --git a/sources b/sources new file mode 100644 index 0000000..e69de29 From b2a02bb7f1b0494e4e2c7db5251b524d66bf0456 Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Fri, 1 Feb 2008 13:18:04 +0000 Subject: [PATCH 02/81] import --- .cvsignore | 1 + libvncserver-0.9.1-multilib.patch | 20 +++++ libvncserver.spec | 117 ++++++++++++++++++++++++++++++ sources | 1 + 4 files changed, 139 insertions(+) create mode 100644 libvncserver-0.9.1-multilib.patch create mode 100644 libvncserver.spec diff --git a/.cvsignore b/.cvsignore index e69de29..427fb29 100644 --- a/.cvsignore +++ b/.cvsignore @@ -0,0 +1 @@ +LibVNCServer-0.9.1.tar.gz diff --git a/libvncserver-0.9.1-multilib.patch b/libvncserver-0.9.1-multilib.patch new file mode 100644 index 0000000..d54a470 --- /dev/null +++ b/libvncserver-0.9.1-multilib.patch @@ -0,0 +1,20 @@ +diff -up LibVNCServer-0.9.1/libvncserver-config.in.multilib LibVNCServer-0.9.1/libvncserver-config.in +--- LibVNCServer-0.9.1/libvncserver-config.in.multilib 2007-05-26 21:28:25.000000000 -0500 ++++ LibVNCServer-0.9.1/libvncserver-config.in 2008-01-22 14:51:08.000000000 -0600 +@@ -4,7 +4,6 @@ prefix=@prefix@ + exec_prefix=@exec_prefix@ + exec_prefix_set=no + includedir=@includedir@ +-libdir=@libdir@ + + # if this script is in the same directory as libvncserver-config.in, assume not installed + if [ -f "`dirname "$0"`/libvncserver-config.in" ]; then +@@ -63,7 +62,7 @@ while test $# -gt 0; do + libs="$libs -R$dir" + fi + done +- echo "$libs" -lvncserver -lvncclient @LIBS@ @WSOCKLIB@ ++ echo "$libs" -lvncserver -lvncclient + ;; + --link) + echo @CC@ diff --git a/libvncserver.spec b/libvncserver.spec new file mode 100644 index 0000000..6816e32 --- /dev/null +++ b/libvncserver.spec @@ -0,0 +1,117 @@ + +Summary: Library to make writing a vnc server easy +Name: libvncserver +Version: 0.9.1 +Release: 2%{?dist} +# NOTE: --with-tightvnc-filetransfer => GPLv2 +License: GPLv2+ +Group: System Environment/Libraries +URL: http://libvncserver.sourceforge.net/ +Source0: http://downloads.sf.net/libvncserver/LibVNCServer-%{version}.tar.gz +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) + +# FIXME/TODO +#Patch1: libvncserver-0.9.1-pkgconfig.patch +# until patch1 works, this will do +Patch2: libvncserver-0.9.1-multilib.patch + +# upstream name +Obsoletes: LibVNCServer < %{version}-%{release} +Provides: LibVNCServer = %{version}-%{release} + +#BuildRequires: automake libtool +BuildRequires: findutils +BuildRequires: libjpeg-devel +#BuildRequires: libICE-devel libXdamage-devel libXfixes-devel libXinerama-devel libXrandr-devel +BuildRequires: zlib-devel + +%description +LibVNCServer makes writing a VNC server (or more correctly, a program +exporting a framebuffer via the Remote Frame Buffer protocol) easy. + +It hides the programmer from the tedious task of managing clients and +compression schemata. + +%package devel +Summary: Development files for %{name} +Group: Development/Libraries +Requires: %{name} = %{version}-%{release} +# libvncserver-config deps +Requires: coreutils +# upstream name +Obsoletes: LibVNCServer-devel < %{version}-%{release} +Provides: LibVNCServer-devel = %{version}-%{release} +%description devel +%{summary}. + + +%prep +%setup -q -n LibVNCServer-%{version} + +#patch1 -p1 -b .pkgconfig +#aclocal +#automake + +%patch2 -p1 -b .multilib + +# fix encoding +mv AUTHORS AUTHORS.OLD && \ +iconv -f ISO_8859-1 -t UTF8 AUTHORS.OLD > AUTHORS && \ +touch --reference AUTHORS.OLD AUTHORS + +# fix source perms +find -name "*.c" -o -name "*.h" | xargs chmod 644 + + + +%build +%configure \ + --disable-static \ + --without-tightvnc-filetransfer + +# hack to omit unused-direct-shlib-dependencies +sed -i -e 's! -shared ! -Wl,--as-needed\0!g' libtool + +make %{?_smp_mflags} + + +%install +rm -rf %{buildroot} + +make install DESTDIR=%{buildroot} + +# unpackaged files +rm -f %{buildroot}%{_bindir}/LinuxVNC +rm -f %{buildroot}%{_libdir}/lib*.a +rm -f %{buildroot}%{_libdir}/lib*.la + + +%clean +rm -rf %{buildroot} + + +%post -p /sbin/ldconfig + +%postun -p /sbin/ldconfig + + +%files +%defattr(-,root,root,-) +%doc AUTHORS ChangeLog COPYING NEWS README TODO +%{_libdir}/lib*.so.* + +%files devel +%defattr(-,root,root,-) +%{_bindir}/*-config +%{_includedir}/rfb/ +%{_libdir}/lib*.so + + +%changelog +* Sun Jan 27 2008 Rex Dieter 0.9.1-2 +- hack libtool to omit unused shlib dependencies +- fix AUTHORS encoding +- fix src perms + +* Mon Jan 21 2008 Rex Dieter 0.9.1-1 +- 0.9.1 diff --git a/sources b/sources index e69de29..aa400e7 100644 --- a/sources +++ b/sources @@ -0,0 +1 @@ +aa00efc3dabde82fde9509bfbab0aba4 LibVNCServer-0.9.1.tar.gz From b6e57290fedf859286290100a917fd204c44a793 Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Fri, 1 Feb 2008 14:52:37 +0000 Subject: [PATCH 03/81] note pkg review --- libvncserver.spec | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libvncserver.spec b/libvncserver.spec index 6816e32..2c02fad 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,4 +1,6 @@ +# Fedora pkg review: http://bugzilla.redhat.com/429749 + Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.1 From 257c22b779795c3d7d69ef359d65cc866719ad32 Mon Sep 17 00:00:00 2001 From: Manuel Wolfshant Date: Mon, 14 Apr 2008 20:40:24 +0000 Subject: [PATCH 04/81] do not use bundled copy of minilzo --- .cvsignore | 1 + libvncserver.spec | 13 ++++++++++--- sources | 1 + 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/.cvsignore b/.cvsignore index 427fb29..f5ae850 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1,2 @@ LibVNCServer-0.9.1.tar.gz +libvnc-minilzo.patch diff --git a/libvncserver.spec b/libvncserver.spec index 2c02fad..d429873 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -4,12 +4,13 @@ Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.1 -Release: 2%{?dist} +Release: 3%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ Group: System Environment/Libraries URL: http://libvncserver.sourceforge.net/ Source0: http://downloads.sf.net/libvncserver/LibVNCServer-%{version}.tar.gz +Patch0: libvnc-minilzo.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) # FIXME/TODO @@ -26,6 +27,7 @@ BuildRequires: findutils BuildRequires: libjpeg-devel #BuildRequires: libICE-devel libXdamage-devel libXfixes-devel libXinerama-devel libXrandr-devel BuildRequires: zlib-devel +BuildRequires: lzo-minilzo lzo-devel %description LibVNCServer makes writing a VNC server (or more correctly, a program @@ -49,6 +51,9 @@ Provides: LibVNCServer-devel = %{version}-%{release} %prep %setup -q -n LibVNCServer-%{version} +#nuke bundled minilzo +%patch0 -p1 +find . -name minilzo\* -exec rm -f {} \; #patch1 -p1 -b .pkgconfig #aclocal @@ -70,11 +75,10 @@ find -name "*.c" -o -name "*.h" | xargs chmod 644 %configure \ --disable-static \ --without-tightvnc-filetransfer - # hack to omit unused-direct-shlib-dependencies sed -i -e 's! -shared ! -Wl,--as-needed\0!g' libtool -make %{?_smp_mflags} +make %{?_smp_mflags} CFLAGS="$RPM_OPT_FLAGS -I %{_includedir}/lzo" LDFLAGS="$LDFLAGS -lminilzo" %install @@ -110,6 +114,9 @@ rm -rf %{buildroot} %changelog +* Thu Apr 10 2008 Manuel Wolfshant 0.9.1-3 +- do not use bundled copy of minilzo + * Sun Jan 27 2008 Rex Dieter 0.9.1-2 - hack libtool to omit unused shlib dependencies - fix AUTHORS encoding diff --git a/sources b/sources index aa400e7..5824292 100644 --- a/sources +++ b/sources @@ -1 +1,2 @@ aa00efc3dabde82fde9509bfbab0aba4 LibVNCServer-0.9.1.tar.gz +0e0db2560a08d993306442294121c3b7 libvnc-minilzo.patch From 1c75fe79e578961d31ed438405d0d3aabbfefc67 Mon Sep 17 00:00:00 2001 From: Jesse Keating Date: Wed, 25 Feb 2009 19:51:06 +0000 Subject: [PATCH 05/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index d429873..2a015db 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -4,7 +4,7 @@ Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.1 -Release: 3%{?dist} +Release: 4%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ Group: System Environment/Libraries @@ -114,6 +114,9 @@ rm -rf %{buildroot} %changelog +* Wed Feb 25 2009 Fedora Release Engineering - 0.9.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + * Thu Apr 10 2008 Manuel Wolfshant 0.9.1-3 - do not use bundled copy of minilzo From 4a140f19975c3a9f23b5f1ef3acb07884dfd0520 Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Mon, 4 May 2009 18:10:17 +0000 Subject: [PATCH 06/81] - LibVNCServer-0.9.7 --- .cvsignore | 3 +- libvncserver-0.9.7-system_minilzo.patch | 99 +++++++++++++++++++++++++ libvncserver.spec | 31 ++++---- sources | 3 +- 4 files changed, 115 insertions(+), 21 deletions(-) create mode 100644 libvncserver-0.9.7-system_minilzo.patch diff --git a/.cvsignore b/.cvsignore index f5ae850..4be5f1b 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,2 +1 @@ -LibVNCServer-0.9.1.tar.gz -libvnc-minilzo.patch +LibVNCServer-0.9.7.tar.gz diff --git a/libvncserver-0.9.7-system_minilzo.patch b/libvncserver-0.9.7-system_minilzo.patch new file mode 100644 index 0000000..ea91907 --- /dev/null +++ b/libvncserver-0.9.7-system_minilzo.patch @@ -0,0 +1,99 @@ +diff -up LibVNCServer-0.9.7/libvncclient/Makefile.in.orig LibVNCServer-0.9.7/libvncclient/Makefile.in +--- LibVNCServer-0.9.7/libvncclient/Makefile.in.orig 2009-01-11 20:53:13.000000000 -0600 ++++ LibVNCServer-0.9.7/libvncclient/Makefile.in 2009-05-04 12:33:14.513826561 -0500 +@@ -61,7 +61,7 @@ libLTLIBRARIES_INSTALL = $(INSTALL) + LTLIBRARIES = $(lib_LTLIBRARIES) + libvncclient_la_LIBADD = + am_libvncclient_la_OBJECTS = cursor.lo listen.lo rfbproto.lo \ +- sockets.lo vncviewer.lo minilzo.lo ++ sockets.lo vncviewer.lo + libvncclient_la_OBJECTS = $(am_libvncclient_la_OBJECTS) + DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) + depcomp = $(SHELL) $(top_srcdir)/depcomp +@@ -222,8 +222,8 @@ sysconfdir = @sysconfdir@ + target_alias = @target_alias@ + with_ffmpeg = @with_ffmpeg@ + AM_CFLAGS = -g -I $(top_srcdir) -I. -Wall +-libvncclient_la_SOURCES = cursor.c listen.c rfbproto.c sockets.c vncviewer.c minilzo.c +-noinst_HEADERS = lzoconf.h minilzo.h ++libvncclient_la_SOURCES = cursor.c listen.c rfbproto.c sockets.c vncviewer.c ++noinst_HEADERS = lzoconf.h + EXTRA_DIST = corre.c hextile.c rre.c tight.c zlib.c zrle.c ultra.c + lib_LTLIBRARIES = libvncclient.la + all: all-am +@@ -297,7 +297,6 @@ distclean-compile: + + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cursor.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/listen.Plo@am__quote@ +-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/minilzo.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rfbproto.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sockets.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/vncviewer.Plo@am__quote@ +diff -up LibVNCServer-0.9.7/libvncclient/rfbproto.c.orig LibVNCServer-0.9.7/libvncclient/rfbproto.c +--- LibVNCServer-0.9.7/libvncclient/rfbproto.c.orig 2008-02-04 11:58:11.000000000 -0600 ++++ LibVNCServer-0.9.7/libvncclient/rfbproto.c 2009-05-04 12:33:14.514826549 -0500 +@@ -50,7 +50,7 @@ + #include + #include + +-#include "minilzo.h" ++#include + + /* + * rfbClientLog prints a time-stamped message to the log file (stderr). +diff -up LibVNCServer-0.9.7/libvncserver/Makefile.in.orig LibVNCServer-0.9.7/libvncserver/Makefile.in +--- LibVNCServer-0.9.7/libvncserver/Makefile.in.orig 2009-01-11 20:53:13.000000000 -0600 ++++ LibVNCServer-0.9.7/libvncserver/Makefile.in 2009-05-04 12:40:31.533854737 -0500 +@@ -63,7 +63,7 @@ libvncserver_la_LIBADD = + am__libvncserver_la_SOURCES_DIST = main.c rfbserver.c rfbregion.c \ + auth.c sockets.c stats.c corre.c hextile.c rre.c translate.c \ + cutpaste.c httpd.c cursor.c font.c draw.c selbox.c d3des.c \ +- vncauth.c cargs.c minilzo.c ultra.c scale.c zlib.c zrle.c \ ++ vncauth.c cargs.c ultra.c scale.c zlib.c zrle.c \ + zrleoutstream.c zrlepalettehelper.c zywrletemplate.c tight.c \ + tightvnc-filetransfer/rfbtightserver.c \ + tightvnc-filetransfer/handlefiletransferrequest.c \ +@@ -79,7 +79,7 @@ am__libvncserver_la_SOURCES_DIST = main. + am__objects_4 = main.lo rfbserver.lo rfbregion.lo auth.lo sockets.lo \ + stats.lo corre.lo hextile.lo rre.lo translate.lo cutpaste.lo \ + httpd.lo cursor.lo font.lo draw.lo selbox.lo d3des.lo \ +- vncauth.lo cargs.lo minilzo.lo ultra.lo scale.lo \ ++ vncauth.lo cargs.lo ultra.lo scale.lo \ + $(am__objects_1) $(am__objects_2) $(am__objects_3) + am_libvncserver_la_OBJECTS = $(am__objects_4) + libvncserver_la_OBJECTS = $(am_libvncserver_la_OBJECTS) +@@ -98,7 +98,7 @@ SOURCES = $(libvncserver_la_SOURCES) + DIST_SOURCES = $(am__libvncserver_la_SOURCES_DIST) + includeHEADERS_INSTALL = $(INSTALL_HEADER) + am__noinst_HEADERS_DIST = d3des.h ../rfb/default8x16.h zrleoutstream.h \ +- zrlepalettehelper.h zrletypes.h private.h minilzo.h lzoconf.h \ ++ zrlepalettehelper.h zrletypes.h private.h lzoconf.h \ + scale.h tightvnc-filetransfer/filelistinfo.h \ + tightvnc-filetransfer/filetransfermsg.h \ + tightvnc-filetransfer/handlefiletransferrequest.h \ +@@ -264,7 +264,7 @@ include_HEADERS = ../rfb/rfb.h ../rfb/rf + ../rfb/rfbproto.h ../rfb/keysym.h ../rfb/rfbregion.h ../rfb/rfbclient.h + + noinst_HEADERS = d3des.h ../rfb/default8x16.h zrleoutstream.h \ +- zrlepalettehelper.h zrletypes.h private.h minilzo.h lzoconf.h scale.h \ ++ zrlepalettehelper.h zrletypes.h private.h lzoconf.h scale.h \ + $(TIGHTVNCFILETRANSFERHDRS) + + EXTRA_DIST = tableinit24.c tableinittctemplate.c tabletranstemplate.c \ +@@ -276,7 +276,7 @@ EXTRA_DIST = tableinit24.c tableinittcte + LIB_SRCS = main.c rfbserver.c rfbregion.c auth.c sockets.c \ + stats.c corre.c hextile.c rre.c translate.c cutpaste.c \ + httpd.c cursor.c font.c \ +- draw.c selbox.c d3des.c vncauth.c cargs.c minilzo.c ultra.c scale.c \ ++ draw.c selbox.c d3des.c vncauth.c cargs.c ultra.c scale.c \ + $(ZLIBSRCS) $(JPEGSRCS) $(TIGHTVNCFILETRANSFERSRCS) + + libvncserver_la_SOURCES = $(LIB_SRCS) +@@ -364,7 +364,6 @@ distclean-compile: + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hextile.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/httpd.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/main.Plo@am__quote@ +-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/minilzo.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rfbregion.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rfbserver.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rfbtightserver.Plo@am__quote@ diff --git a/libvncserver.spec b/libvncserver.spec index 2a015db..c04b969 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -3,29 +3,24 @@ Summary: Library to make writing a vnc server easy Name: libvncserver -Version: 0.9.1 -Release: 4%{?dist} +Version: 0.9.7 +Release: 1%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ Group: System Environment/Libraries URL: http://libvncserver.sourceforge.net/ Source0: http://downloads.sf.net/libvncserver/LibVNCServer-%{version}.tar.gz -Patch0: libvnc-minilzo.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -# FIXME/TODO -#Patch1: libvncserver-0.9.1-pkgconfig.patch -# until patch1 works, this will do +Patch1: libvncserver-0.9.7-system_minilzo.patch Patch2: libvncserver-0.9.1-multilib.patch # upstream name Obsoletes: LibVNCServer < %{version}-%{release} Provides: LibVNCServer = %{version}-%{release} -#BuildRequires: automake libtool BuildRequires: findutils BuildRequires: libjpeg-devel -#BuildRequires: libICE-devel libXdamage-devel libXfixes-devel libXinerama-devel libXrandr-devel BuildRequires: zlib-devel BuildRequires: lzo-minilzo lzo-devel @@ -43,7 +38,7 @@ Requires: %{name} = %{version}-%{release} # libvncserver-config deps Requires: coreutils # upstream name -Obsoletes: LibVNCServer-devel < %{version}-%{release} +#Obsoletes: LibVNCServer-devel < %{version}-%{release} Provides: LibVNCServer-devel = %{version}-%{release} %description devel %{summary}. @@ -51,14 +46,11 @@ Provides: LibVNCServer-devel = %{version}-%{release} %prep %setup -q -n LibVNCServer-%{version} + +%patch1 -p1 -b .system_minilzo #nuke bundled minilzo -%patch0 -p1 find . -name minilzo\* -exec rm -f {} \; -#patch1 -p1 -b .pkgconfig -#aclocal -#automake - %patch2 -p1 -b .multilib # fix encoding @@ -70,11 +62,11 @@ touch --reference AUTHORS.OLD AUTHORS find -name "*.c" -o -name "*.h" | xargs chmod 644 - %build %configure \ --disable-static \ --without-tightvnc-filetransfer + # hack to omit unused-direct-shlib-dependencies sed -i -e 's! -shared ! -Wl,--as-needed\0!g' libtool @@ -104,16 +96,21 @@ rm -rf %{buildroot} %files %defattr(-,root,root,-) %doc AUTHORS ChangeLog COPYING NEWS README TODO -%{_libdir}/lib*.so.* +%{_libdir}/libvncclient.so.0* +%{_libdir}/libvncserver.so.0* %files devel %defattr(-,root,root,-) %{_bindir}/*-config %{_includedir}/rfb/ -%{_libdir}/lib*.so +%{_libdir}/libvncclient.so +%{_libdir}/libvncserver.so %changelog +* Mon May 04 2009 Rex Dieter - 0.9.7-1 +- LibVNCServer-0.9.7 + * Wed Feb 25 2009 Fedora Release Engineering - 0.9.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild diff --git a/sources b/sources index 5824292..cf0687c 100644 --- a/sources +++ b/sources @@ -1,2 +1 @@ -aa00efc3dabde82fde9509bfbab0aba4 LibVNCServer-0.9.1.tar.gz -0e0db2560a08d993306442294121c3b7 libvnc-minilzo.patch +14af5bdae461df4666c18e5f83c150c4 LibVNCServer-0.9.7.tar.gz From a6ceb4c1189ba47d189c25085e86f3c0a3035c16 Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Mon, 4 May 2009 18:46:46 +0000 Subject: [PATCH 07/81] - fix detection of LINUX platform/define --- libvncserver-LINUX.patch | 16 ++++++++++++++++ libvncserver.spec | 19 ++++++++++++++++--- 2 files changed, 32 insertions(+), 3 deletions(-) create mode 100644 libvncserver-LINUX.patch diff --git a/libvncserver-LINUX.patch b/libvncserver-LINUX.patch new file mode 100644 index 0000000..5c7fc52 --- /dev/null +++ b/libvncserver-LINUX.patch @@ -0,0 +1,16 @@ +Index: configure.ac +=================================================================== +--- configure.ac.orig ++++ configure.ac +@@ -636,9 +636,10 @@ fi + AC_CHECK_LIB(cygipc,shmget) + AM_CONDITIONAL(CYGIPC, test "$HAVE_CYGIPC" = "true") + + # Check if /dev/vcsa1 exists, if so, define LINUX +-AM_CONDITIONAL(LINUX, test -c /dev/vcsa1) ++dnl AM_CONDITIONAL(LINUX, test -c /dev/vcsa1) ++AM_CONDITIONAL(LINUX, test `uname` = Linux) + + # Check for OS X specific header + AC_CHECK_HEADER(ApplicationServices/ApplicationServices.h, HAVE_OSX="true") + AM_CONDITIONAL(OSX, test "$HAVE_OSX" = "true") diff --git a/libvncserver.spec b/libvncserver.spec index c04b969..8d29e12 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,10 +1,14 @@ # Fedora pkg review: http://bugzilla.redhat.com/429749 +%if 0%{?fedora} +%define system_minilzo 1 +%endif + Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.7 -Release: 1%{?dist} +Release: 2%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ Group: System Environment/Libraries @@ -15,6 +19,9 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Patch1: libvncserver-0.9.7-system_minilzo.patch Patch2: libvncserver-0.9.1-multilib.patch +# safer LINUX platform detection (from opensuse) +Patch50: libvncserver-LINUX.patch + # upstream name Obsoletes: LibVNCServer < %{version}-%{release} Provides: LibVNCServer = %{version}-%{release} @@ -22,7 +29,7 @@ Provides: LibVNCServer = %{version}-%{release} BuildRequires: findutils BuildRequires: libjpeg-devel BuildRequires: zlib-devel -BuildRequires: lzo-minilzo lzo-devel +%{?system_minilzo:BuildRequires: lzo-minilzo lzo-devel} %description LibVNCServer makes writing a VNC server (or more correctly, a program @@ -47,11 +54,14 @@ Provides: LibVNCServer-devel = %{version}-%{release} %prep %setup -q -n LibVNCServer-%{version} +%if 0%{?system_minilzo} %patch1 -p1 -b .system_minilzo #nuke bundled minilzo find . -name minilzo\* -exec rm -f {} \; +%endif %patch2 -p1 -b .multilib +%patch50 -p0 -b .LINUX # fix encoding mv AUTHORS AUTHORS.OLD && \ @@ -70,7 +80,7 @@ find -name "*.c" -o -name "*.h" | xargs chmod 644 # hack to omit unused-direct-shlib-dependencies sed -i -e 's! -shared ! -Wl,--as-needed\0!g' libtool -make %{?_smp_mflags} CFLAGS="$RPM_OPT_FLAGS -I %{_includedir}/lzo" LDFLAGS="$LDFLAGS -lminilzo" +make %{?_smp_mflags} %{?system_minilzo:CFLAGS="$RPM_OPT_FLAGS -I %{_includedir}/lzo" LDFLAGS="$LDFLAGS -lminilzo"} %install @@ -108,6 +118,9 @@ rm -rf %{buildroot} %changelog +* Mon May 04 2009 Rex Dieter - 0.9.7-2 +- fix detection of LINUX platform/define + * Mon May 04 2009 Rex Dieter - 0.9.7-1 - LibVNCServer-0.9.7 From 52054f8a64aaec4950af13630a3ad016aab72ffc Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Sun, 24 May 2009 04:30:29 +0000 Subject: [PATCH 08/81] - Socket is not closed when disconnecting from server (#501895) --- libvncserver-0.9.1-close_server_socket.patch | 11 +++++++++++ libvncserver.spec | 9 ++++++++- 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 libvncserver-0.9.1-close_server_socket.patch diff --git a/libvncserver-0.9.1-close_server_socket.patch b/libvncserver-0.9.1-close_server_socket.patch new file mode 100644 index 0000000..b1076f7 --- /dev/null +++ b/libvncserver-0.9.1-close_server_socket.patch @@ -0,0 +1,11 @@ +diff -up LibVNCServer-0.9.1/libvncclient/vncviewer.c~ LibVNCServer-0.9.1/libvncclient/vncviewer.c +--- LibVNCServer-0.9.1/libvncclient/vncviewer.c~ 2007-02-01 17:05:56.000000000 +0200 ++++ LibVNCServer-0.9.1/libvncclient/vncviewer.c 2009-05-20 22:26:35.000000000 +0300 +@@ -316,6 +316,7 @@ void rfbClientCleanup(rfbClient* client) + #endif + #endif + ++ if (client->sock > 0) close(client->sock); + free(client->desktopName); + free(client->serverHost); + free(client); diff --git a/libvncserver.spec b/libvncserver.spec index 8d29e12..e2ec2ba 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -22,6 +22,9 @@ Patch2: libvncserver-0.9.1-multilib.patch # safer LINUX platform detection (from opensuse) Patch50: libvncserver-LINUX.patch +## upstream patches +Patch100: libvncserver-0.9.1-close_server_socket.patch + # upstream name Obsoletes: LibVNCServer < %{version}-%{release} Provides: LibVNCServer = %{version}-%{release} @@ -62,6 +65,7 @@ find . -name minilzo\* -exec rm -f {} \; %patch2 -p1 -b .multilib %patch50 -p0 -b .LINUX +%patch100 -p1 -b .close_server_socket # fix encoding mv AUTHORS AUTHORS.OLD && \ @@ -118,6 +122,9 @@ rm -rf %{buildroot} %changelog +* Sat May 23 2009 Rex Dieter - 0.9.7-3 +- Socket is not closed when disconnecting from server (#501895) + * Mon May 04 2009 Rex Dieter - 0.9.7-2 - fix detection of LINUX platform/define @@ -128,7 +135,7 @@ rm -rf %{buildroot} - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Thu Apr 10 2008 Manuel Wolfshant 0.9.1-3 -- do not use bundled copy of minilzo +- do not use bundled copy of minilzo (#439979) * Sun Jan 27 2008 Rex Dieter 0.9.1-2 - hack libtool to omit unused shlib dependencies From afaaea493b0b8870922c49438f2dadb443c2118e Mon Sep 17 00:00:00 2001 From: Jesse Keating Date: Sat, 25 Jul 2009 08:53:14 +0000 Subject: [PATCH 09/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index e2ec2ba..9e1385f 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -8,7 +8,7 @@ Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.7 -Release: 2%{?dist} +Release: 3%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ Group: System Environment/Libraries @@ -122,6 +122,9 @@ rm -rf %{buildroot} %changelog +* Sat Jul 25 2009 Fedora Release Engineering - 0.9.7-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + * Sat May 23 2009 Rex Dieter - 0.9.7-3 - Socket is not closed when disconnecting from server (#501895) From 293ae4c800c6bb61635d02339db241ef9f69310f Mon Sep 17 00:00:00 2001 From: Bill Nottingham Date: Wed, 25 Nov 2009 23:51:23 +0000 Subject: [PATCH 10/81] Fix typo that causes a failure to update the common directory. (releng #2781) --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 5a777df..6fd0d66 100644 --- a/Makefile +++ b/Makefile @@ -1,10 +1,10 @@ # Makefile for source rpm: libvncserver -# $Id$ +# $Id: Makefile,v 1.1 2008/02/01 02:28:37 kevin Exp $ NAME := libvncserver SPECFILE = $(firstword $(wildcard *.spec)) define find-makefile-common -for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done +for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done endef MAKEFILE_COMMON := $(shell $(find-makefile-common)) From 41b4b33048b2abc85c0364355a05b3d630cef676 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=A0t=C4=9Bp=C3=A1n=20Kasal?= Date: Thu, 18 Feb 2010 13:25:25 +0000 Subject: [PATCH 11/81] - repack the tarball, there are .jar files without any source - do not BR findutils, they are guaranteed in Fedora mock - fix obsolete, so that it covers only packages created before this spec was added to Fedora --- .cvsignore | 2 +- libvncserver.spec | 16 ++++++++++++---- sources | 2 +- 3 files changed, 14 insertions(+), 6 deletions(-) diff --git a/.cvsignore b/.cvsignore index 4be5f1b..daebdff 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1 +1 @@ -LibVNCServer-0.9.7.tar.gz +LibVNCServer-0.9.7-clean.tar.xz diff --git a/libvncserver.spec b/libvncserver.spec index 9e1385f..121c85b 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -8,12 +8,15 @@ Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.7 -Release: 3%{?dist} +Release: 4%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ Group: System Environment/Libraries URL: http://libvncserver.sourceforge.net/ -Source0: http://downloads.sf.net/libvncserver/LibVNCServer-%{version}.tar.gz +# This source is made from +# http://downloads.sf.net/libvncserver/LibVNCServer-%{version}.tar.gz +# by deleting all .jar files. +Source0: LibVNCServer-%{version}-clean.tar.gz BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Patch1: libvncserver-0.9.7-system_minilzo.patch @@ -26,10 +29,9 @@ Patch50: libvncserver-LINUX.patch Patch100: libvncserver-0.9.1-close_server_socket.patch # upstream name -Obsoletes: LibVNCServer < %{version}-%{release} +Obsoletes: LibVNCServer < 0.9.1 Provides: LibVNCServer = %{version}-%{release} -BuildRequires: findutils BuildRequires: libjpeg-devel BuildRequires: zlib-devel %{?system_minilzo:BuildRequires: lzo-minilzo lzo-devel} @@ -122,6 +124,12 @@ rm -rf %{buildroot} %changelog +* Thu Feb 18 2010 Stepan Kasal - 0.9.7-4 +- repack the tarball, there are .jar files without any source +- do not BR findutils, they are guaranteed in Fedora mock +- fix obsolete, so that it covers only packages created before this + spec was added to Fedora + * Sat Jul 25 2009 Fedora Release Engineering - 0.9.7-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild diff --git a/sources b/sources index cf0687c..61a47f6 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -14af5bdae461df4666c18e5f83c150c4 LibVNCServer-0.9.7.tar.gz +ad6811d32e275df89b3dbcf491d4f3f5 LibVNCServer-0.9.7-clean.tar.xz From f1407338ac21bb7e6d1cf1f648c8f93800aaec49 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=A0t=C4=9Bp=C3=A1n=20Kasal?= Date: Thu, 18 Feb 2010 13:28:06 +0000 Subject: [PATCH 12/81] oops, tarball name --- libvncserver.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index 121c85b..24161bb 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -16,7 +16,7 @@ URL: http://libvncserver.sourceforge.net/ # This source is made from # http://downloads.sf.net/libvncserver/LibVNCServer-%{version}.tar.gz # by deleting all .jar files. -Source0: LibVNCServer-%{version}-clean.tar.gz +Source0: LibVNCServer-%{version}-clean.tar.xz BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Patch1: libvncserver-0.9.7-system_minilzo.patch From 63d51409927729949acf2522483d24f24c46600a Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 28 Jul 2010 21:51:08 +0000 Subject: [PATCH 13/81] dist-git conversion --- .cvsignore => .gitignore | 0 Makefile | 21 --------------------- 2 files changed, 21 deletions(-) rename .cvsignore => .gitignore (100%) delete mode 100644 Makefile diff --git a/.cvsignore b/.gitignore similarity index 100% rename from .cvsignore rename to .gitignore diff --git a/Makefile b/Makefile deleted file mode 100644 index 6fd0d66..0000000 --- a/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -# Makefile for source rpm: libvncserver -# $Id: Makefile,v 1.1 2008/02/01 02:28:37 kevin Exp $ -NAME := libvncserver -SPECFILE = $(firstword $(wildcard *.spec)) - -define find-makefile-common -for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done -endef - -MAKEFILE_COMMON := $(shell $(find-makefile-common)) - -ifeq ($(MAKEFILE_COMMON),) -# attept a checkout -define checkout-makefile-common -test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2 -endef - -MAKEFILE_COMMON := $(shell $(checkout-makefile-common)) -endif - -include $(MAKEFILE_COMMON) From f9bdaaf4ddeb489125495c38d8dccacbc0d0ec56 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Tue, 8 Feb 2011 06:41:45 -0600 Subject: [PATCH 14/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index 24161bb..dcee420 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -8,7 +8,7 @@ Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.7 -Release: 4%{?dist} +Release: 5%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ Group: System Environment/Libraries @@ -124,6 +124,9 @@ rm -rf %{buildroot} %changelog +* Tue Feb 08 2011 Fedora Release Engineering - 0.9.7-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + * Thu Feb 18 2010 Stepan Kasal - 0.9.7-4 - repack the tarball, there are .jar files without any source - do not BR findutils, they are guaranteed in Fedora mock From de4dfee1aa6b74ed01fd806a81d013dd2f6c866d Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Tue, 13 Dec 2011 11:09:03 -0600 Subject: [PATCH 15/81] 0.9.8.2 (#694975) new %check section (yay for xvfb-run) --- .gitignore | 3 +- libvncserver-0.9.1-close_server_socket.patch | 11 --- libvncserver-0.9.7-system_minilzo.patch | 99 -------------------- libvncserver.spec | 55 ++++++----- sources | 2 +- 5 files changed, 35 insertions(+), 135 deletions(-) delete mode 100644 libvncserver-0.9.1-close_server_socket.patch delete mode 100644 libvncserver-0.9.7-system_minilzo.patch diff --git a/.gitignore b/.gitignore index daebdff..3cbe231 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ -LibVNCServer-0.9.7-clean.tar.xz +/LibVNCServer-0.9.7-clean.tar.xz +/LibVNCServer-0.9.8.2.tar.gz diff --git a/libvncserver-0.9.1-close_server_socket.patch b/libvncserver-0.9.1-close_server_socket.patch deleted file mode 100644 index b1076f7..0000000 --- a/libvncserver-0.9.1-close_server_socket.patch +++ /dev/null @@ -1,11 +0,0 @@ -diff -up LibVNCServer-0.9.1/libvncclient/vncviewer.c~ LibVNCServer-0.9.1/libvncclient/vncviewer.c ---- LibVNCServer-0.9.1/libvncclient/vncviewer.c~ 2007-02-01 17:05:56.000000000 +0200 -+++ LibVNCServer-0.9.1/libvncclient/vncviewer.c 2009-05-20 22:26:35.000000000 +0300 -@@ -316,6 +316,7 @@ void rfbClientCleanup(rfbClient* client) - #endif - #endif - -+ if (client->sock > 0) close(client->sock); - free(client->desktopName); - free(client->serverHost); - free(client); diff --git a/libvncserver-0.9.7-system_minilzo.patch b/libvncserver-0.9.7-system_minilzo.patch deleted file mode 100644 index ea91907..0000000 --- a/libvncserver-0.9.7-system_minilzo.patch +++ /dev/null @@ -1,99 +0,0 @@ -diff -up LibVNCServer-0.9.7/libvncclient/Makefile.in.orig LibVNCServer-0.9.7/libvncclient/Makefile.in ---- LibVNCServer-0.9.7/libvncclient/Makefile.in.orig 2009-01-11 20:53:13.000000000 -0600 -+++ LibVNCServer-0.9.7/libvncclient/Makefile.in 2009-05-04 12:33:14.513826561 -0500 -@@ -61,7 +61,7 @@ libLTLIBRARIES_INSTALL = $(INSTALL) - LTLIBRARIES = $(lib_LTLIBRARIES) - libvncclient_la_LIBADD = - am_libvncclient_la_OBJECTS = cursor.lo listen.lo rfbproto.lo \ -- sockets.lo vncviewer.lo minilzo.lo -+ sockets.lo vncviewer.lo - libvncclient_la_OBJECTS = $(am_libvncclient_la_OBJECTS) - DEFAULT_INCLUDES = -I. -I$(srcdir) -I$(top_builddir) - depcomp = $(SHELL) $(top_srcdir)/depcomp -@@ -222,8 +222,8 @@ sysconfdir = @sysconfdir@ - target_alias = @target_alias@ - with_ffmpeg = @with_ffmpeg@ - AM_CFLAGS = -g -I $(top_srcdir) -I. -Wall --libvncclient_la_SOURCES = cursor.c listen.c rfbproto.c sockets.c vncviewer.c minilzo.c --noinst_HEADERS = lzoconf.h minilzo.h -+libvncclient_la_SOURCES = cursor.c listen.c rfbproto.c sockets.c vncviewer.c -+noinst_HEADERS = lzoconf.h - EXTRA_DIST = corre.c hextile.c rre.c tight.c zlib.c zrle.c ultra.c - lib_LTLIBRARIES = libvncclient.la - all: all-am -@@ -297,7 +297,6 @@ distclean-compile: - - @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cursor.Plo@am__quote@ - @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/listen.Plo@am__quote@ --@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/minilzo.Plo@am__quote@ - @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rfbproto.Plo@am__quote@ - @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sockets.Plo@am__quote@ - @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/vncviewer.Plo@am__quote@ -diff -up LibVNCServer-0.9.7/libvncclient/rfbproto.c.orig LibVNCServer-0.9.7/libvncclient/rfbproto.c ---- LibVNCServer-0.9.7/libvncclient/rfbproto.c.orig 2008-02-04 11:58:11.000000000 -0600 -+++ LibVNCServer-0.9.7/libvncclient/rfbproto.c 2009-05-04 12:33:14.514826549 -0500 -@@ -50,7 +50,7 @@ - #include - #include - --#include "minilzo.h" -+#include - - /* - * rfbClientLog prints a time-stamped message to the log file (stderr). -diff -up LibVNCServer-0.9.7/libvncserver/Makefile.in.orig LibVNCServer-0.9.7/libvncserver/Makefile.in ---- LibVNCServer-0.9.7/libvncserver/Makefile.in.orig 2009-01-11 20:53:13.000000000 -0600 -+++ LibVNCServer-0.9.7/libvncserver/Makefile.in 2009-05-04 12:40:31.533854737 -0500 -@@ -63,7 +63,7 @@ libvncserver_la_LIBADD = - am__libvncserver_la_SOURCES_DIST = main.c rfbserver.c rfbregion.c \ - auth.c sockets.c stats.c corre.c hextile.c rre.c translate.c \ - cutpaste.c httpd.c cursor.c font.c draw.c selbox.c d3des.c \ -- vncauth.c cargs.c minilzo.c ultra.c scale.c zlib.c zrle.c \ -+ vncauth.c cargs.c ultra.c scale.c zlib.c zrle.c \ - zrleoutstream.c zrlepalettehelper.c zywrletemplate.c tight.c \ - tightvnc-filetransfer/rfbtightserver.c \ - tightvnc-filetransfer/handlefiletransferrequest.c \ -@@ -79,7 +79,7 @@ am__libvncserver_la_SOURCES_DIST = main. - am__objects_4 = main.lo rfbserver.lo rfbregion.lo auth.lo sockets.lo \ - stats.lo corre.lo hextile.lo rre.lo translate.lo cutpaste.lo \ - httpd.lo cursor.lo font.lo draw.lo selbox.lo d3des.lo \ -- vncauth.lo cargs.lo minilzo.lo ultra.lo scale.lo \ -+ vncauth.lo cargs.lo ultra.lo scale.lo \ - $(am__objects_1) $(am__objects_2) $(am__objects_3) - am_libvncserver_la_OBJECTS = $(am__objects_4) - libvncserver_la_OBJECTS = $(am_libvncserver_la_OBJECTS) -@@ -98,7 +98,7 @@ SOURCES = $(libvncserver_la_SOURCES) - DIST_SOURCES = $(am__libvncserver_la_SOURCES_DIST) - includeHEADERS_INSTALL = $(INSTALL_HEADER) - am__noinst_HEADERS_DIST = d3des.h ../rfb/default8x16.h zrleoutstream.h \ -- zrlepalettehelper.h zrletypes.h private.h minilzo.h lzoconf.h \ -+ zrlepalettehelper.h zrletypes.h private.h lzoconf.h \ - scale.h tightvnc-filetransfer/filelistinfo.h \ - tightvnc-filetransfer/filetransfermsg.h \ - tightvnc-filetransfer/handlefiletransferrequest.h \ -@@ -264,7 +264,7 @@ include_HEADERS = ../rfb/rfb.h ../rfb/rf - ../rfb/rfbproto.h ../rfb/keysym.h ../rfb/rfbregion.h ../rfb/rfbclient.h - - noinst_HEADERS = d3des.h ../rfb/default8x16.h zrleoutstream.h \ -- zrlepalettehelper.h zrletypes.h private.h minilzo.h lzoconf.h scale.h \ -+ zrlepalettehelper.h zrletypes.h private.h lzoconf.h scale.h \ - $(TIGHTVNCFILETRANSFERHDRS) - - EXTRA_DIST = tableinit24.c tableinittctemplate.c tabletranstemplate.c \ -@@ -276,7 +276,7 @@ EXTRA_DIST = tableinit24.c tableinittcte - LIB_SRCS = main.c rfbserver.c rfbregion.c auth.c sockets.c \ - stats.c corre.c hextile.c rre.c translate.c cutpaste.c \ - httpd.c cursor.c font.c \ -- draw.c selbox.c d3des.c vncauth.c cargs.c minilzo.c ultra.c scale.c \ -+ draw.c selbox.c d3des.c vncauth.c cargs.c ultra.c scale.c \ - $(ZLIBSRCS) $(JPEGSRCS) $(TIGHTVNCFILETRANSFERSRCS) - - libvncserver_la_SOURCES = $(LIB_SRCS) -@@ -364,7 +364,6 @@ distclean-compile: - @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hextile.Plo@am__quote@ - @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/httpd.Plo@am__quote@ - @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/main.Plo@am__quote@ --@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/minilzo.Plo@am__quote@ - @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rfbregion.Plo@am__quote@ - @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rfbserver.Plo@am__quote@ - @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rfbtightserver.Plo@am__quote@ diff --git a/libvncserver.spec b/libvncserver.spec index dcee420..f899064 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -7,34 +7,32 @@ Summary: Library to make writing a vnc server easy Name: libvncserver -Version: 0.9.7 -Release: 5%{?dist} +Version: 0.9.8.2 +Release: 1%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ Group: System Environment/Libraries URL: http://libvncserver.sourceforge.net/ -# This source is made from -# http://downloads.sf.net/libvncserver/LibVNCServer-%{version}.tar.gz -# by deleting all .jar files. -Source0: LibVNCServer-%{version}-clean.tar.xz +Source0: http://downloads.sf.net/libvncserver/LibVNCServer-%{version}.tar.gz BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -Patch1: libvncserver-0.9.7-system_minilzo.patch +Patch1: LibVNCServer-0.9.8.2-system_minilzo.patch Patch2: libvncserver-0.9.1-multilib.patch # safer LINUX platform detection (from opensuse) Patch50: libvncserver-LINUX.patch -## upstream patches -Patch100: libvncserver-0.9.1-close_server_socket.patch - # upstream name Obsoletes: LibVNCServer < 0.9.1 Provides: LibVNCServer = %{version}-%{release} +BuildRequires: automake autoconf BuildRequires: libjpeg-devel -BuildRequires: zlib-devel %{?system_minilzo:BuildRequires: lzo-minilzo lzo-devel} +BuildRequires: pkgconfig(gnutls) +# for %%check +BuildRequires: xorg-x11-server-Xvfb +BuildRequires: zlib-devel %description LibVNCServer makes writing a VNC server (or more correctly, a program @@ -46,7 +44,7 @@ compression schemata. %package devel Summary: Development files for %{name} Group: Development/Libraries -Requires: %{name} = %{version}-%{release} +Requires: %{name}%{?_isa} = %{version}-%{release} # libvncserver-config deps Requires: coreutils # upstream name @@ -62,20 +60,21 @@ Provides: LibVNCServer-devel = %{version}-%{release} %if 0%{?system_minilzo} %patch1 -p1 -b .system_minilzo #nuke bundled minilzo -find . -name minilzo\* -exec rm -f {} \; +rm -f common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c %endif %patch2 -p1 -b .multilib %patch50 -p0 -b .LINUX -%patch100 -p1 -b .close_server_socket # fix encoding -mv AUTHORS AUTHORS.OLD && \ -iconv -f ISO_8859-1 -t UTF8 AUTHORS.OLD > AUTHORS && \ -touch --reference AUTHORS.OLD AUTHORS +for file in AUTHORS ChangeLog ; do +mv ${file} ${file}.OLD && \ +iconv -f ISO_8859-1 -t UTF8 ${file}.OLD > ${file} && \ +touch --reference ${file}.OLD $file +done -# fix source perms -find -name "*.c" -o -name "*.h" | xargs chmod 644 +# needed by patches 1, 50 +autoreconf %build @@ -86,7 +85,7 @@ find -name "*.c" -o -name "*.h" | xargs chmod 644 # hack to omit unused-direct-shlib-dependencies sed -i -e 's! -shared ! -Wl,--as-needed\0!g' libtool -make %{?_smp_mflags} %{?system_minilzo:CFLAGS="$RPM_OPT_FLAGS -I %{_includedir}/lzo" LDFLAGS="$LDFLAGS -lminilzo"} +make %{?_smp_mflags} %install @@ -100,15 +99,19 @@ rm -f %{buildroot}%{_libdir}/lib*.a rm -f %{buildroot}%{_libdir}/lib*.la +%check +unset DISPLAY +# Run a fake X session +xvfb-run -a make -C test test + + %clean rm -rf %{buildroot} %post -p /sbin/ldconfig - %postun -p /sbin/ldconfig - %files %defattr(-,root,root,-) %doc AUTHORS ChangeLog COPYING NEWS README TODO @@ -117,13 +120,19 @@ rm -rf %{buildroot} %files devel %defattr(-,root,root,-) -%{_bindir}/*-config +%{_bindir}/libvncserver-config %{_includedir}/rfb/ %{_libdir}/libvncclient.so %{_libdir}/libvncserver.so +%{_libdir}/pkgconfig/libvncclient.pc +%{_libdir}/pkgconfig/libvncserver.pc %changelog +* Tue Dec 13 2011 Rex Dieter 0.9.8.2-1 +- 0.9.8.2 (#694975) +- new %%check section (yay for xvfb-run) + * Tue Feb 08 2011 Fedora Release Engineering - 0.9.7-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild diff --git a/sources b/sources index 61a47f6..73c0d8e 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -ad6811d32e275df89b3dbcf491d4f3f5 LibVNCServer-0.9.7-clean.tar.xz +dfed1dcc25cb338c7fdbcda2c3df7f50 LibVNCServer-0.9.8.2.tar.gz From 8fe3ce456eb2fcf35070e62fecac8a387967e68c Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Tue, 13 Dec 2011 11:15:18 -0600 Subject: [PATCH 16/81] commit awol patch --- LibVNCServer-0.9.8.2-system_minilzo.patch | 89 +++++++++++++++++++++++ 1 file changed, 89 insertions(+) create mode 100644 LibVNCServer-0.9.8.2-system_minilzo.patch diff --git a/LibVNCServer-0.9.8.2-system_minilzo.patch b/LibVNCServer-0.9.8.2-system_minilzo.patch new file mode 100644 index 0000000..5dfc436 --- /dev/null +++ b/LibVNCServer-0.9.8.2-system_minilzo.patch @@ -0,0 +1,89 @@ +diff -up LibVNCServer-0.9.8.2/configure.ac.system_minilzo LibVNCServer-0.9.8.2/configure.ac +--- LibVNCServer-0.9.8.2/configure.ac.system_minilzo 2011-11-09 05:53:25.000000000 -0600 ++++ LibVNCServer-0.9.8.2/configure.ac 2011-12-13 09:24:15.185258499 -0600 +@@ -855,7 +855,7 @@ if test "$build_x11vnc" = "yes"; then + # + # configure.ac:690: required file `x11vnc/Makefile.in' not found + # +- AC_CONFIG_FILES([x11vnc/Makefile x11vnc/misc/Makefile x11vnc/misc/turbovnc/Makefile]) ++ #AC_CONFIG_FILES([x11vnc/Makefile x11vnc/misc/Makefile x11vnc/misc/turbovnc/Makefile]) + + if test ! -z "$with_system_libvncserver" -a "x$with_system_libvncserver" != "xno"; then + # need to move local tarball rfb headers aside: +diff -up LibVNCServer-0.9.8.2/libvncclient/Makefile.am.system_minilzo LibVNCServer-0.9.8.2/libvncclient/Makefile.am +--- LibVNCServer-0.9.8.2/libvncclient/Makefile.am.system_minilzo 2011-10-12 11:44:49.000000000 -0500 ++++ LibVNCServer-0.9.8.2/libvncclient/Makefile.am 2011-12-13 09:25:16.923486669 -0600 +@@ -1,8 +1,9 @@ + INCLUDES = -I$(top_srcdir) -I$(top_srcdir)/common + +-libvncclient_la_SOURCES=cursor.c listen.c rfbproto.c sockets.c vncviewer.c ../common/minilzo.c tls.c ++libvncclient_la_LIBADD=-lminilzo ++libvncclient_la_SOURCES=cursor.c listen.c rfbproto.c sockets.c vncviewer.c tls.c + +-noinst_HEADERS=../common/lzodefs.h ../common/lzoconf.h ../common/minilzo.h tls.h ++noinst_HEADERS=tls.h + + rfbproto.o: rfbproto.c corre.c hextile.c rre.c tight.c zlib.c zrle.c ultra.c + +diff -up LibVNCServer-0.9.8.2/libvncclient/rfbproto.c.system_minilzo LibVNCServer-0.9.8.2/libvncclient/rfbproto.c +--- LibVNCServer-0.9.8.2/libvncclient/rfbproto.c.system_minilzo 2011-11-09 05:44:18.000000000 -0600 ++++ LibVNCServer-0.9.8.2/libvncclient/rfbproto.c 2011-12-13 09:24:15.186258487 -0600 +@@ -59,7 +59,7 @@ + #include + #endif + +-#include "minilzo.h" ++#include + #include "tls.h" + + /* +diff -up LibVNCServer-0.9.8.2/libvncserver/Makefile.am.system_minilzo LibVNCServer-0.9.8.2/libvncserver/Makefile.am +--- LibVNCServer-0.9.8.2/libvncserver/Makefile.am.system_minilzo 2011-11-09 05:43:52.000000000 -0600 ++++ LibVNCServer-0.9.8.2/libvncserver/Makefile.am 2011-12-13 09:24:15.187258475 -0600 +@@ -19,7 +19,7 @@ include_HEADERS=../rfb/rfb.h ../rfb/rfbc + ../rfb/rfbproto.h ../rfb/keysym.h ../rfb/rfbregion.h ../rfb/rfbclient.h + + noinst_HEADERS=../common/d3des.h ../rfb/default8x16.h zrleoutstream.h \ +- zrlepalettehelper.h zrletypes.h private.h ../common/minilzo.h ../common/lzoconf.h ../common/lzodefs.h scale.h \ ++ zrlepalettehelper.h zrletypes.h private.h scale.h \ + $(TIGHTVNCFILETRANSFERHDRS) + + EXTRA_DIST=tableinit24.c tableinittctemplate.c tabletranstemplate.c \ +@@ -36,10 +36,11 @@ endif + LIB_SRCS = main.c rfbserver.c rfbregion.c auth.c sockets.c \ + stats.c corre.c hextile.c rre.c translate.c cutpaste.c \ + httpd.c cursor.c font.c \ +- draw.c selbox.c ../common/d3des.c ../common/vncauth.c cargs.c ../common/minilzo.c ultra.c scale.c \ ++ draw.c selbox.c ../common/d3des.c ../common/vncauth.c cargs.c ultra.c scale.c \ + $(ZLIBSRCS) $(JPEGSRCS) $(TIGHTVNCFILETRANSFERSRCS) + + libvncserver_la_SOURCES=$(LIB_SRCS) ++libvncserver_la_LIBADD=-lminilzo + + lib_LTLIBRARIES=libvncserver.la + +diff -up LibVNCServer-0.9.8.2/libvncserver/ultra.c.system_minilzo LibVNCServer-0.9.8.2/libvncserver/ultra.c +--- LibVNCServer-0.9.8.2/libvncserver/ultra.c.system_minilzo 2011-10-12 11:44:50.000000000 -0500 ++++ LibVNCServer-0.9.8.2/libvncserver/ultra.c 2011-12-13 09:24:15.187258475 -0600 +@@ -8,7 +8,7 @@ + */ + + #include +-#include "minilzo.h" ++#include + + /* + * cl->beforeEncBuf contains pixel data in the client's format. +diff -up LibVNCServer-0.9.8.2/Makefile.am.system_minilzo LibVNCServer-0.9.8.2/Makefile.am +--- LibVNCServer-0.9.8.2/Makefile.am.system_minilzo 2011-06-09 18:14:00.000000000 -0500 ++++ LibVNCServer-0.9.8.2/Makefile.am 2011-12-13 09:24:15.187258475 -0600 +@@ -1,6 +1,6 @@ +-if WITH_X11VNC +-X11VNC=x11vnc +-endif ++#if WITH_X11VNC ++#X11VNC=x11vnc ++#endif + + SUBDIRS=libvncserver examples libvncclient vncterm classes client_examples test $(X11VNC) + DIST_SUBDIRS=libvncserver examples libvncclient vncterm classes client_examples test From a3f4f72c43fedc8deb7ddc242e1ac6efd478f175 Mon Sep 17 00:00:00 2001 From: Christoph Wickert Date: Sat, 31 Dec 2011 10:56:31 +0100 Subject: [PATCH 17/81] On F15, %check needs xorg-x11-xauth, too --- libvncserver.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index f899064..3e3baac 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -8,7 +8,7 @@ Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.8.2 -Release: 1%{?dist} +Release: 2%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ Group: System Environment/Libraries @@ -32,6 +32,7 @@ BuildRequires: libjpeg-devel BuildRequires: pkgconfig(gnutls) # for %%check BuildRequires: xorg-x11-server-Xvfb +BuildRequires: xorg-x11-xauth BuildRequires: zlib-devel %description @@ -129,6 +130,9 @@ rm -rf %{buildroot} %changelog +* Sat Dec 31 2011 Christoph Wickert - 0.9.8.2-2 +- On F15, %%check needs xorg-x11-xauth, too + * Tue Dec 13 2011 Rex Dieter 0.9.8.2-1 - 0.9.8.2 (#694975) - new %%check section (yay for xvfb-run) From 127cfcb5f84b3b2da063e95f84a19e15fc0cdcfc Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Fri, 13 Jan 2012 02:38:15 -0600 Subject: [PATCH 18/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index 3e3baac..d3a268d 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -8,7 +8,7 @@ Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.8.2 -Release: 2%{?dist} +Release: 3%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ Group: System Environment/Libraries @@ -130,6 +130,9 @@ rm -rf %{buildroot} %changelog +* Fri Jan 13 2012 Fedora Release Engineering - 0.9.8.2-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + * Sat Dec 31 2011 Christoph Wickert - 0.9.8.2-2 - On F15, %%check needs xorg-x11-xauth, too From e9d89b6c835199eebfc4640ce73c146d0ba2dfc8 Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Wed, 18 Apr 2012 07:05:50 -0500 Subject: [PATCH 19/81] Enable system lzo library on rhel >= 6 (#813764) --- libvncserver.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/libvncserver.spec b/libvncserver.spec index d3a268d..ad3a5e5 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,14 +1,14 @@ # Fedora pkg review: http://bugzilla.redhat.com/429749 -%if 0%{?fedora} +%if 0%{?fedora} || 0%{?rhel} > 5 %define system_minilzo 1 %endif Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.8.2 -Release: 3%{?dist} +Release: 4%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ Group: System Environment/Libraries @@ -130,6 +130,9 @@ rm -rf %{buildroot} %changelog +* Wed Apr 18 2012 Petr Pisar 0.9.8.2-4 +- Enable system lzo library on rhel >= 6 (#813764) + * Fri Jan 13 2012 Fedora Release Engineering - 0.9.8.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild From dd9b15a6e37595f1417ec072a6d86510a6bcbb98 Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Tue, 8 May 2012 10:24:04 -0500 Subject: [PATCH 20/81] 0.9.9 --- .gitignore | 2 +- LibVNCServer-0.9.8.2-system_minilzo.patch | 89 ---------------------- LibVNCServer-0.9.9-system_minilzo.patch | 92 +++++++++++++++++++++++ libvncserver-LINUX.patch | 16 ---- libvncserver.spec | 21 +++--- sources | 2 +- 6 files changed, 104 insertions(+), 118 deletions(-) delete mode 100644 LibVNCServer-0.9.8.2-system_minilzo.patch create mode 100644 LibVNCServer-0.9.9-system_minilzo.patch delete mode 100644 libvncserver-LINUX.patch diff --git a/.gitignore b/.gitignore index 3cbe231..76ae855 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -/LibVNCServer-0.9.7-clean.tar.xz /LibVNCServer-0.9.8.2.tar.gz +/LibVNCServer-0.9.9.tar.gz diff --git a/LibVNCServer-0.9.8.2-system_minilzo.patch b/LibVNCServer-0.9.8.2-system_minilzo.patch deleted file mode 100644 index 5dfc436..0000000 --- a/LibVNCServer-0.9.8.2-system_minilzo.patch +++ /dev/null @@ -1,89 +0,0 @@ -diff -up LibVNCServer-0.9.8.2/configure.ac.system_minilzo LibVNCServer-0.9.8.2/configure.ac ---- LibVNCServer-0.9.8.2/configure.ac.system_minilzo 2011-11-09 05:53:25.000000000 -0600 -+++ LibVNCServer-0.9.8.2/configure.ac 2011-12-13 09:24:15.185258499 -0600 -@@ -855,7 +855,7 @@ if test "$build_x11vnc" = "yes"; then - # - # configure.ac:690: required file `x11vnc/Makefile.in' not found - # -- AC_CONFIG_FILES([x11vnc/Makefile x11vnc/misc/Makefile x11vnc/misc/turbovnc/Makefile]) -+ #AC_CONFIG_FILES([x11vnc/Makefile x11vnc/misc/Makefile x11vnc/misc/turbovnc/Makefile]) - - if test ! -z "$with_system_libvncserver" -a "x$with_system_libvncserver" != "xno"; then - # need to move local tarball rfb headers aside: -diff -up LibVNCServer-0.9.8.2/libvncclient/Makefile.am.system_minilzo LibVNCServer-0.9.8.2/libvncclient/Makefile.am ---- LibVNCServer-0.9.8.2/libvncclient/Makefile.am.system_minilzo 2011-10-12 11:44:49.000000000 -0500 -+++ LibVNCServer-0.9.8.2/libvncclient/Makefile.am 2011-12-13 09:25:16.923486669 -0600 -@@ -1,8 +1,9 @@ - INCLUDES = -I$(top_srcdir) -I$(top_srcdir)/common - --libvncclient_la_SOURCES=cursor.c listen.c rfbproto.c sockets.c vncviewer.c ../common/minilzo.c tls.c -+libvncclient_la_LIBADD=-lminilzo -+libvncclient_la_SOURCES=cursor.c listen.c rfbproto.c sockets.c vncviewer.c tls.c - --noinst_HEADERS=../common/lzodefs.h ../common/lzoconf.h ../common/minilzo.h tls.h -+noinst_HEADERS=tls.h - - rfbproto.o: rfbproto.c corre.c hextile.c rre.c tight.c zlib.c zrle.c ultra.c - -diff -up LibVNCServer-0.9.8.2/libvncclient/rfbproto.c.system_minilzo LibVNCServer-0.9.8.2/libvncclient/rfbproto.c ---- LibVNCServer-0.9.8.2/libvncclient/rfbproto.c.system_minilzo 2011-11-09 05:44:18.000000000 -0600 -+++ LibVNCServer-0.9.8.2/libvncclient/rfbproto.c 2011-12-13 09:24:15.186258487 -0600 -@@ -59,7 +59,7 @@ - #include - #endif - --#include "minilzo.h" -+#include - #include "tls.h" - - /* -diff -up LibVNCServer-0.9.8.2/libvncserver/Makefile.am.system_minilzo LibVNCServer-0.9.8.2/libvncserver/Makefile.am ---- LibVNCServer-0.9.8.2/libvncserver/Makefile.am.system_minilzo 2011-11-09 05:43:52.000000000 -0600 -+++ LibVNCServer-0.9.8.2/libvncserver/Makefile.am 2011-12-13 09:24:15.187258475 -0600 -@@ -19,7 +19,7 @@ include_HEADERS=../rfb/rfb.h ../rfb/rfbc - ../rfb/rfbproto.h ../rfb/keysym.h ../rfb/rfbregion.h ../rfb/rfbclient.h - - noinst_HEADERS=../common/d3des.h ../rfb/default8x16.h zrleoutstream.h \ -- zrlepalettehelper.h zrletypes.h private.h ../common/minilzo.h ../common/lzoconf.h ../common/lzodefs.h scale.h \ -+ zrlepalettehelper.h zrletypes.h private.h scale.h \ - $(TIGHTVNCFILETRANSFERHDRS) - - EXTRA_DIST=tableinit24.c tableinittctemplate.c tabletranstemplate.c \ -@@ -36,10 +36,11 @@ endif - LIB_SRCS = main.c rfbserver.c rfbregion.c auth.c sockets.c \ - stats.c corre.c hextile.c rre.c translate.c cutpaste.c \ - httpd.c cursor.c font.c \ -- draw.c selbox.c ../common/d3des.c ../common/vncauth.c cargs.c ../common/minilzo.c ultra.c scale.c \ -+ draw.c selbox.c ../common/d3des.c ../common/vncauth.c cargs.c ultra.c scale.c \ - $(ZLIBSRCS) $(JPEGSRCS) $(TIGHTVNCFILETRANSFERSRCS) - - libvncserver_la_SOURCES=$(LIB_SRCS) -+libvncserver_la_LIBADD=-lminilzo - - lib_LTLIBRARIES=libvncserver.la - -diff -up LibVNCServer-0.9.8.2/libvncserver/ultra.c.system_minilzo LibVNCServer-0.9.8.2/libvncserver/ultra.c ---- LibVNCServer-0.9.8.2/libvncserver/ultra.c.system_minilzo 2011-10-12 11:44:50.000000000 -0500 -+++ LibVNCServer-0.9.8.2/libvncserver/ultra.c 2011-12-13 09:24:15.187258475 -0600 -@@ -8,7 +8,7 @@ - */ - - #include --#include "minilzo.h" -+#include - - /* - * cl->beforeEncBuf contains pixel data in the client's format. -diff -up LibVNCServer-0.9.8.2/Makefile.am.system_minilzo LibVNCServer-0.9.8.2/Makefile.am ---- LibVNCServer-0.9.8.2/Makefile.am.system_minilzo 2011-06-09 18:14:00.000000000 -0500 -+++ LibVNCServer-0.9.8.2/Makefile.am 2011-12-13 09:24:15.187258475 -0600 -@@ -1,6 +1,6 @@ --if WITH_X11VNC --X11VNC=x11vnc --endif -+#if WITH_X11VNC -+#X11VNC=x11vnc -+#endif - - SUBDIRS=libvncserver examples libvncclient vncterm classes client_examples test $(X11VNC) - DIST_SUBDIRS=libvncserver examples libvncclient vncterm classes client_examples test diff --git a/LibVNCServer-0.9.9-system_minilzo.patch b/LibVNCServer-0.9.9-system_minilzo.patch new file mode 100644 index 0000000..c0c29b1 --- /dev/null +++ b/LibVNCServer-0.9.9-system_minilzo.patch @@ -0,0 +1,92 @@ +diff -up LibVNCServer-0.9.9/configure.ac.system_minilzo LibVNCServer-0.9.9/configure.ac +--- LibVNCServer-0.9.9/configure.ac.system_minilzo 2012-05-04 11:27:08.000000000 -0500 ++++ LibVNCServer-0.9.9/configure.ac 2012-05-07 08:22:19.473583597 -0500 +@@ -992,7 +992,7 @@ if test "$build_x11vnc" = "yes"; then + # + # configure.ac:690: required file `x11vnc/Makefile.in' not found + # +- AC_CONFIG_FILES([x11vnc/Makefile x11vnc/misc/Makefile x11vnc/misc/turbovnc/Makefile]) ++ #AC_CONFIG_FILES([x11vnc/Makefile x11vnc/misc/Makefile x11vnc/misc/turbovnc/Makefile]) + + if test ! -z "$with_system_libvncserver" -a "x$with_system_libvncserver" != "xno"; then + # need to move local tarball rfb headers aside: +diff -up LibVNCServer-0.9.9/libvncclient/Makefile.am.system_minilzo LibVNCServer-0.9.9/libvncclient/Makefile.am +--- LibVNCServer-0.9.9/libvncclient/Makefile.am.system_minilzo 2012-05-04 09:19:00.000000000 -0500 ++++ LibVNCServer-0.9.9/libvncclient/Makefile.am 2012-05-07 08:22:19.474583585 -0500 +@@ -13,10 +13,10 @@ endif + endif + + +-libvncclient_la_SOURCES=cursor.c listen.c rfbproto.c sockets.c vncviewer.c ../common/minilzo.c $(TLSSRCS) +-libvncclient_la_LIBADD=$(TLSLIBS) ++libvncclient_la_SOURCES=cursor.c listen.c rfbproto.c sockets.c vncviewer.c $(TLSSRCS) ++libvncclient_la_LIBADD=$(TLSLIBS) -lminilzo + +-noinst_HEADERS=../common/lzodefs.h ../common/lzoconf.h ../common/minilzo.h tls.h ++noinst_HEADERS=tls.h + + rfbproto.o: rfbproto.c corre.c hextile.c rre.c tight.c zlib.c zrle.c ultra.c + +diff -up LibVNCServer-0.9.9/libvncclient/rfbproto.c.system_minilzo LibVNCServer-0.9.9/libvncclient/rfbproto.c +--- LibVNCServer-0.9.9/libvncclient/rfbproto.c.system_minilzo 2012-05-04 09:19:00.000000000 -0500 ++++ LibVNCServer-0.9.9/libvncclient/rfbproto.c 2012-05-07 08:22:19.474583585 -0500 +@@ -59,7 +59,7 @@ + #include + #endif + +-#include "minilzo.h" ++#include + #include "tls.h" + + /* +diff -up LibVNCServer-0.9.9/libvncserver/Makefile.am.system_minilzo LibVNCServer-0.9.9/libvncserver/Makefile.am +--- LibVNCServer-0.9.9/libvncserver/Makefile.am.system_minilzo 2012-05-04 09:19:00.000000000 -0500 ++++ LibVNCServer-0.9.9/libvncserver/Makefile.am 2012-05-07 08:31:01.342059345 -0500 +@@ -37,7 +37,7 @@ include_HEADERS=../rfb/rfb.h ../rfb/rfbc + + noinst_HEADERS=../common/d3des.h ../rfb/default8x16.h zrleoutstream.h \ + zrlepalettehelper.h zrletypes.h private.h scale.h rfbssl.h rfbcrypto.h \ +- ../common/minilzo.h ../common/lzoconf.h ../common/lzodefs.h ../common/md5.h ../common/sha1.h \ ++ ../common/md5.h ../common/sha1.h \ + $(TIGHTVNCFILETRANSFERHDRS) + + EXTRA_DIST=tableinit24.c tableinittctemplate.c tabletranstemplate.c \ +@@ -54,11 +54,11 @@ endif + LIB_SRCS = main.c rfbserver.c rfbregion.c auth.c sockets.c $(WEBSOCKETSSRCS) \ + stats.c corre.c hextile.c rre.c translate.c cutpaste.c \ + httpd.c cursor.c font.c \ +- draw.c selbox.c ../common/d3des.c ../common/vncauth.c cargs.c ../common/minilzo.c ultra.c scale.c \ ++ draw.c selbox.c ../common/d3des.c ../common/vncauth.c cargs.c ultra.c scale.c \ + $(ZLIBSRCS) $(TIGHTSRCS) $(TIGHTVNCFILETRANSFERSRCS) + + libvncserver_la_SOURCES=$(LIB_SRCS) +-libvncserver_la_LIBADD=$(WEBSOCKETSSSLLIBS) ++libvncserver_la_LIBADD=$(WEBSOCKETSSSLLIBS) -lminilzo + + lib_LTLIBRARIES=libvncserver.la + +diff -up LibVNCServer-0.9.9/libvncserver/ultra.c.system_minilzo LibVNCServer-0.9.9/libvncserver/ultra.c +--- LibVNCServer-0.9.9/libvncserver/ultra.c.system_minilzo 2012-05-04 09:19:00.000000000 -0500 ++++ LibVNCServer-0.9.9/libvncserver/ultra.c 2012-05-07 08:22:19.475583573 -0500 +@@ -8,7 +8,7 @@ + */ + + #include +-#include "minilzo.h" ++#include + + /* + * cl->beforeEncBuf contains pixel data in the client's format. +diff -up LibVNCServer-0.9.9/Makefile.am.system_minilzo LibVNCServer-0.9.9/Makefile.am +--- LibVNCServer-0.9.9/Makefile.am.system_minilzo 2012-05-04 09:19:00.000000000 -0500 ++++ LibVNCServer-0.9.9/Makefile.am 2012-05-07 08:22:19.475583573 -0500 +@@ -1,6 +1,6 @@ +-if WITH_X11VNC +-X11VNC=x11vnc +-endif ++#if WITH_X11VNC ++#X11VNC=x11vnc ++#endif + + SUBDIRS=libvncserver examples libvncclient vncterm webclients client_examples test $(X11VNC) + DIST_SUBDIRS=libvncserver examples libvncclient vncterm webclients client_examples test diff --git a/libvncserver-LINUX.patch b/libvncserver-LINUX.patch deleted file mode 100644 index 5c7fc52..0000000 --- a/libvncserver-LINUX.patch +++ /dev/null @@ -1,16 +0,0 @@ -Index: configure.ac -=================================================================== ---- configure.ac.orig -+++ configure.ac -@@ -636,9 +636,10 @@ fi - AC_CHECK_LIB(cygipc,shmget) - AM_CONDITIONAL(CYGIPC, test "$HAVE_CYGIPC" = "true") - - # Check if /dev/vcsa1 exists, if so, define LINUX --AM_CONDITIONAL(LINUX, test -c /dev/vcsa1) -+dnl AM_CONDITIONAL(LINUX, test -c /dev/vcsa1) -+AM_CONDITIONAL(LINUX, test `uname` = Linux) - - # Check for OS X specific header - AC_CHECK_HEADER(ApplicationServices/ApplicationServices.h, HAVE_OSX="true") - AM_CONDITIONAL(OSX, test "$HAVE_OSX" = "true") diff --git a/libvncserver.spec b/libvncserver.spec index ad3a5e5..f0c24cd 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -7,8 +7,8 @@ Summary: Library to make writing a vnc server easy Name: libvncserver -Version: 0.9.8.2 -Release: 4%{?dist} +Version: 0.9.9 +Release: 1%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ Group: System Environment/Libraries @@ -16,12 +16,9 @@ URL: http://libvncserver.sourceforge.net/ Source0: http://downloads.sf.net/libvncserver/LibVNCServer-%{version}.tar.gz BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -Patch1: LibVNCServer-0.9.8.2-system_minilzo.patch +Patch1: LibVNCServer-0.9.9-system_minilzo.patch Patch2: libvncserver-0.9.1-multilib.patch -# safer LINUX platform detection (from opensuse) -Patch50: libvncserver-LINUX.patch - # upstream name Obsoletes: LibVNCServer < 0.9.1 Provides: LibVNCServer = %{version}-%{release} @@ -65,7 +62,6 @@ rm -f common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c %endif %patch2 -p1 -b .multilib -%patch50 -p0 -b .LINUX # fix encoding for file in AUTHORS ChangeLog ; do @@ -86,7 +82,7 @@ autoreconf # hack to omit unused-direct-shlib-dependencies sed -i -e 's! -shared ! -Wl,--as-needed\0!g' libtool -make %{?_smp_mflags} +make V=1 %{?_smp_mflags} %install @@ -95,9 +91,9 @@ rm -rf %{buildroot} make install DESTDIR=%{buildroot} # unpackaged files -rm -f %{buildroot}%{_bindir}/LinuxVNC -rm -f %{buildroot}%{_libdir}/lib*.a -rm -f %{buildroot}%{_libdir}/lib*.la +rm -fv %{buildroot}%{_bindir}/linuxvnc +rm -fv %{buildroot}%{_libdir}/lib*.a +rm -fv %{buildroot}%{_libdir}/lib*.la %check @@ -130,6 +126,9 @@ rm -rf %{buildroot} %changelog +* Mon May 07 2012 Rex Dieter 0.9.9-1 +- 0.9.9 + * Wed Apr 18 2012 Petr Pisar 0.9.8.2-4 - Enable system lzo library on rhel >= 6 (#813764) diff --git a/sources b/sources index 73c0d8e..2564e4a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -dfed1dcc25cb338c7fdbcda2c3df7f50 LibVNCServer-0.9.8.2.tar.gz +70422169b122765693d2a294d13e3714 LibVNCServer-0.9.9.tar.gz From 949f72c7993fb383c64ae4e095dee1a2b4e821d3 Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Wed, 9 May 2012 11:14:37 -0500 Subject: [PATCH 21/81] 'make check' non-fatal on rawhide --- LibVNCServer-0.9.9-no_x11vnc.patch | 26 +++++++++++++++++++++++++ LibVNCServer-0.9.9-system_minilzo.patch | 25 ------------------------ libvncserver.spec | 10 +++++++++- 3 files changed, 35 insertions(+), 26 deletions(-) create mode 100644 LibVNCServer-0.9.9-no_x11vnc.patch diff --git a/LibVNCServer-0.9.9-no_x11vnc.patch b/LibVNCServer-0.9.9-no_x11vnc.patch new file mode 100644 index 0000000..db2ec9d --- /dev/null +++ b/LibVNCServer-0.9.9-no_x11vnc.patch @@ -0,0 +1,26 @@ +diff -up LibVNCServer-0.9.9/configure.ac.system_minilzo LibVNCServer-0.9.9/configure.ac +--- LibVNCServer-0.9.9/configure.ac.system_minilzo 2012-05-04 11:27:08.000000000 -0500 ++++ LibVNCServer-0.9.9/configure.ac 2012-05-07 08:22:19.473583597 -0500 +@@ -992,7 +992,7 @@ if test "$build_x11vnc" = "yes"; then + # + # configure.ac:690: required file `x11vnc/Makefile.in' not found + # +- AC_CONFIG_FILES([x11vnc/Makefile x11vnc/misc/Makefile x11vnc/misc/turbovnc/Makefile]) ++ #AC_CONFIG_FILES([x11vnc/Makefile x11vnc/misc/Makefile x11vnc/misc/turbovnc/Makefile]) + + if test ! -z "$with_system_libvncserver" -a "x$with_system_libvncserver" != "xno"; then + # need to move local tarball rfb headers aside: +diff -up LibVNCServer-0.9.9/Makefile.am.system_minilzo LibVNCServer-0.9.9/Makefile.am +--- LibVNCServer-0.9.9/Makefile.am.system_minilzo 2012-05-04 09:19:00.000000000 -0500 ++++ LibVNCServer-0.9.9/Makefile.am 2012-05-07 08:22:19.475583573 -0500 +@@ -1,6 +1,6 @@ +-if WITH_X11VNC +-X11VNC=x11vnc +-endif ++#if WITH_X11VNC ++#X11VNC=x11vnc ++#endif + + SUBDIRS=libvncserver examples libvncclient vncterm webclients client_examples test $(X11VNC) + DIST_SUBDIRS=libvncserver examples libvncclient vncterm webclients client_examples test + diff --git a/LibVNCServer-0.9.9-system_minilzo.patch b/LibVNCServer-0.9.9-system_minilzo.patch index c0c29b1..f6d7db9 100644 --- a/LibVNCServer-0.9.9-system_minilzo.patch +++ b/LibVNCServer-0.9.9-system_minilzo.patch @@ -1,15 +1,3 @@ -diff -up LibVNCServer-0.9.9/configure.ac.system_minilzo LibVNCServer-0.9.9/configure.ac ---- LibVNCServer-0.9.9/configure.ac.system_minilzo 2012-05-04 11:27:08.000000000 -0500 -+++ LibVNCServer-0.9.9/configure.ac 2012-05-07 08:22:19.473583597 -0500 -@@ -992,7 +992,7 @@ if test "$build_x11vnc" = "yes"; then - # - # configure.ac:690: required file `x11vnc/Makefile.in' not found - # -- AC_CONFIG_FILES([x11vnc/Makefile x11vnc/misc/Makefile x11vnc/misc/turbovnc/Makefile]) -+ #AC_CONFIG_FILES([x11vnc/Makefile x11vnc/misc/Makefile x11vnc/misc/turbovnc/Makefile]) - - if test ! -z "$with_system_libvncserver" -a "x$with_system_libvncserver" != "xno"; then - # need to move local tarball rfb headers aside: diff -up LibVNCServer-0.9.9/libvncclient/Makefile.am.system_minilzo LibVNCServer-0.9.9/libvncclient/Makefile.am --- LibVNCServer-0.9.9/libvncclient/Makefile.am.system_minilzo 2012-05-04 09:19:00.000000000 -0500 +++ LibVNCServer-0.9.9/libvncclient/Makefile.am 2012-05-07 08:22:19.474583585 -0500 @@ -77,16 +65,3 @@ diff -up LibVNCServer-0.9.9/libvncserver/ultra.c.system_minilzo LibVNCServer-0.9 /* * cl->beforeEncBuf contains pixel data in the client's format. -diff -up LibVNCServer-0.9.9/Makefile.am.system_minilzo LibVNCServer-0.9.9/Makefile.am ---- LibVNCServer-0.9.9/Makefile.am.system_minilzo 2012-05-04 09:19:00.000000000 -0500 -+++ LibVNCServer-0.9.9/Makefile.am 2012-05-07 08:22:19.475583573 -0500 -@@ -1,6 +1,6 @@ --if WITH_X11VNC --X11VNC=x11vnc --endif -+#if WITH_X11VNC -+#X11VNC=x11vnc -+#endif - - SUBDIRS=libvncserver examples libvncclient vncterm webclients client_examples test $(X11VNC) - DIST_SUBDIRS=libvncserver examples libvncclient vncterm webclients client_examples test diff --git a/libvncserver.spec b/libvncserver.spec index f0c24cd..85e4fc8 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -16,6 +16,8 @@ URL: http://libvncserver.sourceforge.net/ Source0: http://downloads.sf.net/libvncserver/LibVNCServer-%{version}.tar.gz BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +# workaround there being no x11vnc/ dir in tarball +Patch0: LibVNCServer-0.9.9-no_x11vnc.patch Patch1: LibVNCServer-0.9.9-system_minilzo.patch Patch2: libvncserver-0.9.1-multilib.patch @@ -55,6 +57,7 @@ Provides: LibVNCServer-devel = %{version}-%{release} %prep %setup -q -n LibVNCServer-%{version} +%patch0 -p1 -b .no_x11vnc %if 0%{?system_minilzo} %patch1 -p1 -b .system_minilzo #nuke bundled minilzo @@ -70,7 +73,7 @@ iconv -f ISO_8859-1 -t UTF8 ${file}.OLD > ${file} && \ touch --reference ${file}.OLD $file done -# needed by patches 1, 50 +# needed by patch 1 (and to nuke rpath's) autoreconf @@ -99,7 +102,12 @@ rm -fv %{buildroot}%{_libdir}/lib*.la %check unset DISPLAY # Run a fake X session +%if 0%{?fedora} > 17 +# rawhide/koji seems to have some some unreproducible errors atm -- rex +xvfb-run -a make -C test test ||: +%else xvfb-run -a make -C test test +%endif %clean From e3fbea268849ffefa9b374a9e74e7ed1dfd35d69 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Thu, 19 Jul 2012 16:35:55 -0500 Subject: [PATCH 22/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index 85e4fc8..36190cb 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -8,7 +8,7 @@ Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.9 -Release: 1%{?dist} +Release: 2%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ Group: System Environment/Libraries @@ -134,6 +134,9 @@ rm -rf %{buildroot} %changelog +* Thu Jul 19 2012 Fedora Release Engineering - 0.9.9-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + * Mon May 07 2012 Rex Dieter 0.9.9-1 - 0.9.9 From a58c68920e6661a2971c0ddc08c55fb3a0203220 Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Thu, 26 Jul 2012 13:46:25 -0500 Subject: [PATCH 23/81] libvncserver fails to build in mock with selinux enabled (#843603) --- libvncserver.spec | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/libvncserver.spec b/libvncserver.spec index 36190cb..d16a2f4 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -8,7 +8,7 @@ Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.9 -Release: 2%{?dist} +Release: 3%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ Group: System Environment/Libraries @@ -102,12 +102,9 @@ rm -fv %{buildroot}%{_libdir}/lib*.la %check unset DISPLAY # Run a fake X session -%if 0%{?fedora} > 17 # rawhide/koji seems to have some some unreproducible errors atm -- rex +# there's also selinux :( https://bugzilla.redhat.com/843603 xvfb-run -a make -C test test ||: -%else -xvfb-run -a make -C test test -%endif %clean @@ -134,6 +131,9 @@ rm -rf %{buildroot} %changelog +* Thu Jul 26 2012 Rex Dieter 0.9.9-3 +- libvncserver fails to build in mock with selinux enabled (#843603) + * Thu Jul 19 2012 Fedora Release Engineering - 0.9.9-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild From a88f754b8a7d6a45dd455224a9d2d82dd19c3d1d Mon Sep 17 00:00:00 2001 From: Adam Tkac Date: Fri, 21 Dec 2012 18:01:42 +0100 Subject: [PATCH 24/81] rebuild against new libjpeg Signed-off-by: Adam Tkac --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index d16a2f4..4b3e439 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -8,7 +8,7 @@ Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.9 -Release: 3%{?dist} +Release: 4%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ Group: System Environment/Libraries @@ -131,6 +131,9 @@ rm -rf %{buildroot} %changelog +* Fri Dec 21 2012 Adam Tkac - 0.9.9-4 +- rebuild against new libjpeg + * Thu Jul 26 2012 Rex Dieter 0.9.9-3 - libvncserver fails to build in mock with selinux enabled (#843603) From 11492678bc5955883645cbaa012895ea9050cbe3 Mon Sep 17 00:00:00 2001 From: Adam Tkac Date: Fri, 18 Jan 2013 19:07:19 +0100 Subject: [PATCH 25/81] Rebuild due to "jpeg8-ABI" feature drop Signed-off-by: Adam Tkac --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index 4b3e439..c240399 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -8,7 +8,7 @@ Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.9 -Release: 4%{?dist} +Release: 5%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ Group: System Environment/Libraries @@ -131,6 +131,9 @@ rm -rf %{buildroot} %changelog +* Fri Jan 18 2013 Adam Tkac - 0.9.9-5 +- rebuild due to "jpeg8-ABI" feature drop + * Fri Dec 21 2012 Adam Tkac - 0.9.9-4 - rebuild against new libjpeg From 80157d24d29e4711ec4bafb9e60e32e415b76278 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Wed, 13 Feb 2013 23:28:31 -0600 Subject: [PATCH 26/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index c240399..e2155d2 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -8,7 +8,7 @@ Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.9 -Release: 5%{?dist} +Release: 6%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ Group: System Environment/Libraries @@ -131,6 +131,9 @@ rm -rf %{buildroot} %changelog +* Thu Feb 14 2013 Fedora Release Engineering - 0.9.9-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + * Fri Jan 18 2013 Adam Tkac - 0.9.9-5 - rebuild due to "jpeg8-ABI" feature drop From 624239a17f64b4be8c527cb464cecbfb13d6c79f Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Thu, 14 Feb 2013 10:48:52 -0600 Subject: [PATCH 27/81] pkgconfig love (#854111) --- LibVNCServer-0.9.9-pkgconfig.patch | 26 ++++++++++++++++++++++++++ libvncserver.spec | 11 +++++++---- 2 files changed, 33 insertions(+), 4 deletions(-) create mode 100644 LibVNCServer-0.9.9-pkgconfig.patch diff --git a/LibVNCServer-0.9.9-pkgconfig.patch b/LibVNCServer-0.9.9-pkgconfig.patch new file mode 100644 index 0000000..a0425e6 --- /dev/null +++ b/LibVNCServer-0.9.9-pkgconfig.patch @@ -0,0 +1,26 @@ +diff -up LibVNCServer-0.9.9/libvncclient.pc.in.pkgconfig LibVNCServer-0.9.9/libvncclient.pc.in +--- LibVNCServer-0.9.9/libvncclient.pc.in.pkgconfig 2012-05-04 09:19:00.000000000 -0500 ++++ LibVNCServer-0.9.9/libvncclient.pc.in 2013-02-14 10:45:18.902001014 -0600 +@@ -7,6 +7,8 @@ Name: LibVNCClient + Description: A library for easy implementation of a VNC client. + Version: @VERSION@ + Requires: +-Libs: -L${libdir} -lvncclient @LIBS@ @WSOCKLIB@ ++Requires.private: zlib ++Libs: -L${libdir} -lvncclient ++Libs.private: @LIBS@ @WSOCKLIB@ + Cflags: -I${includedir} + +diff -up LibVNCServer-0.9.9/libvncserver.pc.in.pkgconfig LibVNCServer-0.9.9/libvncserver.pc.in +--- LibVNCServer-0.9.9/libvncserver.pc.in.pkgconfig 2012-05-04 09:19:00.000000000 -0500 ++++ LibVNCServer-0.9.9/libvncserver.pc.in 2013-02-14 10:44:49.727365748 -0600 +@@ -7,6 +7,8 @@ Name: LibVNCServer + Description: A library for easy implementation of a VNC server. + Version: @VERSION@ + Requires: +-Libs: -L${libdir} -lvncserver @LIBS@ @WSOCKLIB@ ++Requires.private: zlib ++Libs: -L${libdir} -lvncserver ++Libs.private: @LIBS@ @WSOCKLIB@ + Cflags: -I${includedir} + diff --git a/libvncserver.spec b/libvncserver.spec index e2155d2..71e7f4f 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,6 +1,4 @@ -# Fedora pkg review: http://bugzilla.redhat.com/429749 - %if 0%{?fedora} || 0%{?rhel} > 5 %define system_minilzo 1 %endif @@ -8,7 +6,7 @@ Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.9 -Release: 6%{?dist} +Release: 7%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ Group: System Environment/Libraries @@ -20,6 +18,8 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Patch0: LibVNCServer-0.9.9-no_x11vnc.patch Patch1: LibVNCServer-0.9.9-system_minilzo.patch Patch2: libvncserver-0.9.1-multilib.patch +# pkgconfig love (upstreamable) +Patch3: LibVNCServer-0.9.9-pkgconfig.patch # upstream name Obsoletes: LibVNCServer < 0.9.1 @@ -63,8 +63,8 @@ Provides: LibVNCServer-devel = %{version}-%{release} #nuke bundled minilzo rm -f common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c %endif - %patch2 -p1 -b .multilib +%patch3 -p1 -b .pkgconfig # fix encoding for file in AUTHORS ChangeLog ; do @@ -131,6 +131,9 @@ rm -rf %{buildroot} %changelog +* Thu Feb 14 2013 Rex Dieter 0.9.9-7 +- pkgconfig love (#854111) + * Thu Feb 14 2013 Fedora Release Engineering - 0.9.9-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild From d498e64b825d4088525bd46f31317ab599026a49 Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Tue, 23 Jul 2013 09:40:08 -0500 Subject: [PATCH 28/81] Automagic dependencies, explitictly build --with-gcrypt --with-png (#852660) --- libvncserver.spec | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/libvncserver.spec b/libvncserver.spec index 71e7f4f..12d580b 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -6,7 +6,7 @@ Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.9 -Release: 7%{?dist} +Release: 8%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ Group: System Environment/Libraries @@ -26,9 +26,11 @@ Obsoletes: LibVNCServer < 0.9.1 Provides: LibVNCServer = %{version}-%{release} BuildRequires: automake autoconf +BuildRequires: libgcrypt-devel BuildRequires: libjpeg-devel %{?system_minilzo:BuildRequires: lzo-minilzo lzo-devel} BuildRequires: pkgconfig(gnutls) +BuildRequires: pkgconfig(libpng) # for %%check BuildRequires: xorg-x11-server-Xvfb BuildRequires: xorg-x11-xauth @@ -80,7 +82,9 @@ autoreconf %build %configure \ --disable-static \ - --without-tightvnc-filetransfer + --without-tightvnc-filetransfer \ + --with-gcrypt \ + --with-png # hack to omit unused-direct-shlib-dependencies sed -i -e 's! -shared ! -Wl,--as-needed\0!g' libtool @@ -131,6 +135,9 @@ rm -rf %{buildroot} %changelog +* Tue Jul 23 2013 Rex Dieter 0.9.9-8 +- Automagic dependencies, explitictly build --with-gcrypt --with-png (#852660) + * Thu Feb 14 2013 Rex Dieter 0.9.9-7 - pkgconfig love (#854111) From de9deb6cb444577867547a9cf488b45f60454fd8 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Sat, 3 Aug 2013 02:26:21 -0500 Subject: [PATCH 29/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index 12d580b..f633976 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -6,7 +6,7 @@ Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.9 -Release: 8%{?dist} +Release: 9%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ Group: System Environment/Libraries @@ -135,6 +135,9 @@ rm -rf %{buildroot} %changelog +* Sat Aug 03 2013 Fedora Release Engineering - 0.9.9-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + * Tue Jul 23 2013 Rex Dieter 0.9.9-8 - Automagic dependencies, explitictly build --with-gcrypt --with-png (#852660) From b206bf527ec8f694f10c9db12de36c161af61c4c Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Sat, 21 Dec 2013 06:02:04 -0600 Subject: [PATCH 30/81] 0.9.9-10 - include additional dependencies for x11vnc (#864947) - %build: --disable-silent-rules - cleanup spec, drop support for old rpm (el5) --- libvncserver.spec | 40 +++++++++++++++++++--------------------- 1 file changed, 19 insertions(+), 21 deletions(-) diff --git a/libvncserver.spec b/libvncserver.spec index f633976..e13d343 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,18 +1,13 @@ -%if 0%{?fedora} || 0%{?rhel} > 5 -%define system_minilzo 1 -%endif - Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.9 -Release: 9%{?dist} +Release: 10%{?dist} + # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ -Group: System Environment/Libraries URL: http://libvncserver.sourceforge.net/ Source0: http://downloads.sf.net/libvncserver/LibVNCServer-%{version}.tar.gz -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) # workaround there being no x11vnc/ dir in tarball Patch0: LibVNCServer-0.9.9-no_x11vnc.patch @@ -28,9 +23,16 @@ Provides: LibVNCServer = %{version}-%{release} BuildRequires: automake autoconf BuildRequires: libgcrypt-devel BuildRequires: libjpeg-devel -%{?system_minilzo:BuildRequires: lzo-minilzo lzo-devel} +BuildRequires: lzo-minilzo lzo-devel BuildRequires: pkgconfig(gnutls) +BuildRequires: pkgconfig(libcrypto) pkgconfig(libssl) BuildRequires: pkgconfig(libpng) +# Additional deps for --with-x11vnc, see https://bugzilla.redhat.com/show_bug.cgi?id=864947 +BuildRequires: pkgconfig(avahi-client) +BuildRequires: pkgconfig(ice) pkgconfig(x11) pkgconfig(xdamage) +BuildRequires: pkgconfig(xext) pkgconfig(xfixes) pkgconfig(xi) +BuildRequires: pkgconfig(xinerama) pkgconfig(xrandr) pkgconfig(xtst) + # for %%check BuildRequires: xorg-x11-server-Xvfb BuildRequires: xorg-x11-xauth @@ -45,7 +47,6 @@ compression schemata. %package devel Summary: Development files for %{name} -Group: Development/Libraries Requires: %{name}%{?_isa} = %{version}-%{release} # libvncserver-config deps Requires: coreutils @@ -60,11 +61,9 @@ Provides: LibVNCServer-devel = %{version}-%{release} %setup -q -n LibVNCServer-%{version} %patch0 -p1 -b .no_x11vnc -%if 0%{?system_minilzo} %patch1 -p1 -b .system_minilzo #nuke bundled minilzo rm -f common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c -%endif %patch2 -p1 -b .multilib %patch3 -p1 -b .pkgconfig @@ -81,20 +80,20 @@ autoreconf %build %configure \ + --disable-silent-rules \ --disable-static \ --without-tightvnc-filetransfer \ --with-gcrypt \ - --with-png + --with-png \ + --with-x11vnc # hack to omit unused-direct-shlib-dependencies sed -i -e 's! -shared ! -Wl,--as-needed\0!g' libtool -make V=1 %{?_smp_mflags} +make %{?_smp_mflags} %install -rm -rf %{buildroot} - make install DESTDIR=%{buildroot} # unpackaged files @@ -111,21 +110,15 @@ unset DISPLAY xvfb-run -a make -C test test ||: -%clean -rm -rf %{buildroot} - - %post -p /sbin/ldconfig %postun -p /sbin/ldconfig %files -%defattr(-,root,root,-) %doc AUTHORS ChangeLog COPYING NEWS README TODO %{_libdir}/libvncclient.so.0* %{_libdir}/libvncserver.so.0* %files devel -%defattr(-,root,root,-) %{_bindir}/libvncserver-config %{_includedir}/rfb/ %{_libdir}/libvncclient.so @@ -135,6 +128,11 @@ rm -rf %{buildroot} %changelog +* Sat Dec 21 2013 Rex Dieter - 0.9.9-10 +- include additional dependencies for x11vnc (#864947) +- %%build: --disable-silent-rules +- cleanup spec, drop support for old rpm (el5) + * Sat Aug 03 2013 Fedora Release Engineering - 0.9.9-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild From 2de2888588ad96c3473ecadb1c76b21deb2ef3ea Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Mon, 31 Mar 2014 11:00:28 -0500 Subject: [PATCH 31/81] x11vnc crash when client connect (#972618) pull in some upstream commits that may help --- ...kets.c-do-not-segfault-when-listenSo.patch | 29 +++++++++++ ...c-to-allow-the-use-of-IPv6-without-I.patch | 48 +++++++++++++++++++ libvncserver.spec | 13 ++++- 3 files changed, 89 insertions(+), 1 deletion(-) create mode 100644 0005-libvncserver-sockets.c-do-not-segfault-when-listenSo.patch create mode 100644 0010-Patched-sockets.c-to-allow-the-use-of-IPv6-without-I.patch diff --git a/0005-libvncserver-sockets.c-do-not-segfault-when-listenSo.patch b/0005-libvncserver-sockets.c-do-not-segfault-when-listenSo.patch new file mode 100644 index 0000000..1d2a4cb --- /dev/null +++ b/0005-libvncserver-sockets.c-do-not-segfault-when-listenSo.patch @@ -0,0 +1,29 @@ +From 66282f58000c8863e104666c30cb67b1d5cbdee3 Mon Sep 17 00:00:00 2001 +From: "Kyle J. McKay" +Date: Fri, 18 May 2012 00:30:11 -0700 +Subject: [PATCH 05/32] libvncserver/sockets.c: do not segfault when + listenSock/listen6Sock == -1 + +--- + libvncserver/sockets.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/libvncserver/sockets.c b/libvncserver/sockets.c +index 84c9c98..3ff2aac 100644 +--- a/libvncserver/sockets.c ++++ b/libvncserver/sockets.c +@@ -402,9 +402,9 @@ rfbProcessNewConnection(rfbScreenInfoPtr rfbScreen) + rfbLogPerror("rfbProcessNewConnection: error in select"); + return FALSE; + } +- if (FD_ISSET(rfbScreen->listenSock, &listen_fds)) ++ if (rfbScreen->listenSock >= 0 && FD_ISSET(rfbScreen->listenSock, &listen_fds)) + chosen_listen_sock = rfbScreen->listenSock; +- if (FD_ISSET(rfbScreen->listen6Sock, &listen_fds)) ++ if (rfbScreen->listen6Sock >= 0 && FD_ISSET(rfbScreen->listen6Sock, &listen_fds)) + chosen_listen_sock = rfbScreen->listen6Sock; + + if ((sock = accept(chosen_listen_sock, +-- +1.8.3.1 + diff --git a/0010-Patched-sockets.c-to-allow-the-use-of-IPv6-without-I.patch b/0010-Patched-sockets.c-to-allow-the-use-of-IPv6-without-I.patch new file mode 100644 index 0000000..98e680f --- /dev/null +++ b/0010-Patched-sockets.c-to-allow-the-use-of-IPv6-without-I.patch @@ -0,0 +1,48 @@ +From 584542ba97d35706a9e5c001b5cdf64296b5dd7f Mon Sep 17 00:00:00 2001 +From: Oliver Loch +Date: Wed, 8 Aug 2012 22:09:13 +0200 +Subject: [PATCH 10/32] Patched sockets.c to allow the use of IPv6 without + IPv4. + +As requested only those lines are indented that have been changed. +--- + libvncserver/sockets.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/libvncserver/sockets.c b/libvncserver/sockets.c +index 3ff2aac..15b40ac 100644 +--- a/libvncserver/sockets.c ++++ b/libvncserver/sockets.c +@@ -176,7 +176,9 @@ rfbInitSockets(rfbScreenInfoPtr rfbScreen) + rfbScreen->maxFd = max((int)rfbScreen->listen6Sock,rfbScreen->maxFd); + #endif + } +- else if(rfbScreen->port>0) { ++ else ++ { ++ if(rfbScreen->port>0) { + FD_ZERO(&(rfbScreen->allFds)); + + if ((rfbScreen->listenSock = rfbListenOnTCPPort(rfbScreen->port, iface)) < 0) { +@@ -187,8 +189,10 @@ rfbInitSockets(rfbScreenInfoPtr rfbScreen) + + FD_SET(rfbScreen->listenSock, &(rfbScreen->allFds)); + rfbScreen->maxFd = rfbScreen->listenSock; ++ } + + #ifdef LIBVNCSERVER_IPv6 ++ if (rfbScreen->ipv6port>0) { + if ((rfbScreen->listen6Sock = rfbListenOnTCP6Port(rfbScreen->ipv6port, rfbScreen->listen6Interface)) < 0) { + /* ListenOnTCP6Port has its own detailed error printout */ + return; +@@ -197,6 +201,7 @@ rfbInitSockets(rfbScreenInfoPtr rfbScreen) + + FD_SET(rfbScreen->listen6Sock, &(rfbScreen->allFds)); + rfbScreen->maxFd = max((int)rfbScreen->listen6Sock,rfbScreen->maxFd); ++ } + #endif + + } +-- +1.8.3.1 + diff --git a/libvncserver.spec b/libvncserver.spec index e13d343..77bc0d6 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -2,7 +2,7 @@ Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.9 -Release: 10%{?dist} +Release: 11%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ @@ -16,6 +16,10 @@ Patch2: libvncserver-0.9.1-multilib.patch # pkgconfig love (upstreamable) Patch3: LibVNCServer-0.9.9-pkgconfig.patch +## upstream patches +Patch105: 0005-libvncserver-sockets.c-do-not-segfault-when-listenSo.patch +Patch110: 0010-Patched-sockets.c-to-allow-the-use-of-IPv6-without-I.patch + # upstream name Obsoletes: LibVNCServer < 0.9.1 Provides: LibVNCServer = %{version}-%{release} @@ -60,6 +64,9 @@ Provides: LibVNCServer-devel = %{version}-%{release} %prep %setup -q -n LibVNCServer-%{version} +%patch105 -p1 -b .0005 +%patch110 -p1 -b .0010 + %patch0 -p1 -b .no_x11vnc %patch1 -p1 -b .system_minilzo #nuke bundled minilzo @@ -128,6 +135,10 @@ xvfb-run -a make -C test test ||: %changelog +* Mon Mar 31 2014 Rex Dieter 0.9.9-11 +- x11vnc crash when client connect (#972618) + pull in some upstream commits that may help + * Sat Dec 21 2013 Rex Dieter - 0.9.9-10 - include additional dependencies for x11vnc (#864947) - %%build: --disable-silent-rules From 3812732acdde139176e09eb887cc6a16b4714ec5 Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Tue, 29 Apr 2014 09:09:48 -0500 Subject: [PATCH 32/81] Update to the latest git commit 646f844 (#1092245) --- .gitignore | 1 + ...kets.c-do-not-segfault-when-listenSo.patch | 29 ----------- ...c-to-allow-the-use-of-IPv6-without-I.patch | 48 ------------------- ...tch => LibVNCServer-0.9.10-no_x11vnc.patch | 17 ++++--- ...> LibVNCServer-0.9.10-system_minilzo.patch | 30 ++++++------ libvncserver.spec | 36 +++++++++----- sources | 2 +- 7 files changed, 50 insertions(+), 113 deletions(-) delete mode 100644 0005-libvncserver-sockets.c-do-not-segfault-when-listenSo.patch delete mode 100644 0010-Patched-sockets.c-to-allow-the-use-of-IPv6-without-I.patch rename LibVNCServer-0.9.9-no_x11vnc.patch => LibVNCServer-0.9.10-no_x11vnc.patch (54%) rename LibVNCServer-0.9.9-system_minilzo.patch => LibVNCServer-0.9.10-system_minilzo.patch (57%) diff --git a/.gitignore b/.gitignore index 76ae855..0066bbb 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ /LibVNCServer-0.9.8.2.tar.gz /LibVNCServer-0.9.9.tar.gz +/LibVNCServer-0.9.10-646f844f.tar.gz diff --git a/0005-libvncserver-sockets.c-do-not-segfault-when-listenSo.patch b/0005-libvncserver-sockets.c-do-not-segfault-when-listenSo.patch deleted file mode 100644 index 1d2a4cb..0000000 --- a/0005-libvncserver-sockets.c-do-not-segfault-when-listenSo.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 66282f58000c8863e104666c30cb67b1d5cbdee3 Mon Sep 17 00:00:00 2001 -From: "Kyle J. McKay" -Date: Fri, 18 May 2012 00:30:11 -0700 -Subject: [PATCH 05/32] libvncserver/sockets.c: do not segfault when - listenSock/listen6Sock == -1 - ---- - libvncserver/sockets.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/libvncserver/sockets.c b/libvncserver/sockets.c -index 84c9c98..3ff2aac 100644 ---- a/libvncserver/sockets.c -+++ b/libvncserver/sockets.c -@@ -402,9 +402,9 @@ rfbProcessNewConnection(rfbScreenInfoPtr rfbScreen) - rfbLogPerror("rfbProcessNewConnection: error in select"); - return FALSE; - } -- if (FD_ISSET(rfbScreen->listenSock, &listen_fds)) -+ if (rfbScreen->listenSock >= 0 && FD_ISSET(rfbScreen->listenSock, &listen_fds)) - chosen_listen_sock = rfbScreen->listenSock; -- if (FD_ISSET(rfbScreen->listen6Sock, &listen_fds)) -+ if (rfbScreen->listen6Sock >= 0 && FD_ISSET(rfbScreen->listen6Sock, &listen_fds)) - chosen_listen_sock = rfbScreen->listen6Sock; - - if ((sock = accept(chosen_listen_sock, --- -1.8.3.1 - diff --git a/0010-Patched-sockets.c-to-allow-the-use-of-IPv6-without-I.patch b/0010-Patched-sockets.c-to-allow-the-use-of-IPv6-without-I.patch deleted file mode 100644 index 98e680f..0000000 --- a/0010-Patched-sockets.c-to-allow-the-use-of-IPv6-without-I.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 584542ba97d35706a9e5c001b5cdf64296b5dd7f Mon Sep 17 00:00:00 2001 -From: Oliver Loch -Date: Wed, 8 Aug 2012 22:09:13 +0200 -Subject: [PATCH 10/32] Patched sockets.c to allow the use of IPv6 without - IPv4. - -As requested only those lines are indented that have been changed. ---- - libvncserver/sockets.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/libvncserver/sockets.c b/libvncserver/sockets.c -index 3ff2aac..15b40ac 100644 ---- a/libvncserver/sockets.c -+++ b/libvncserver/sockets.c -@@ -176,7 +176,9 @@ rfbInitSockets(rfbScreenInfoPtr rfbScreen) - rfbScreen->maxFd = max((int)rfbScreen->listen6Sock,rfbScreen->maxFd); - #endif - } -- else if(rfbScreen->port>0) { -+ else -+ { -+ if(rfbScreen->port>0) { - FD_ZERO(&(rfbScreen->allFds)); - - if ((rfbScreen->listenSock = rfbListenOnTCPPort(rfbScreen->port, iface)) < 0) { -@@ -187,8 +189,10 @@ rfbInitSockets(rfbScreenInfoPtr rfbScreen) - - FD_SET(rfbScreen->listenSock, &(rfbScreen->allFds)); - rfbScreen->maxFd = rfbScreen->listenSock; -+ } - - #ifdef LIBVNCSERVER_IPv6 -+ if (rfbScreen->ipv6port>0) { - if ((rfbScreen->listen6Sock = rfbListenOnTCP6Port(rfbScreen->ipv6port, rfbScreen->listen6Interface)) < 0) { - /* ListenOnTCP6Port has its own detailed error printout */ - return; -@@ -197,6 +201,7 @@ rfbInitSockets(rfbScreenInfoPtr rfbScreen) - - FD_SET(rfbScreen->listen6Sock, &(rfbScreen->allFds)); - rfbScreen->maxFd = max((int)rfbScreen->listen6Sock,rfbScreen->maxFd); -+ } - #endif - - } --- -1.8.3.1 - diff --git a/LibVNCServer-0.9.9-no_x11vnc.patch b/LibVNCServer-0.9.10-no_x11vnc.patch similarity index 54% rename from LibVNCServer-0.9.9-no_x11vnc.patch rename to LibVNCServer-0.9.10-no_x11vnc.patch index db2ec9d..a0162ee 100644 --- a/LibVNCServer-0.9.9-no_x11vnc.patch +++ b/LibVNCServer-0.9.10-no_x11vnc.patch @@ -1,7 +1,7 @@ -diff -up LibVNCServer-0.9.9/configure.ac.system_minilzo LibVNCServer-0.9.9/configure.ac ---- LibVNCServer-0.9.9/configure.ac.system_minilzo 2012-05-04 11:27:08.000000000 -0500 -+++ LibVNCServer-0.9.9/configure.ac 2012-05-07 08:22:19.473583597 -0500 -@@ -992,7 +992,7 @@ if test "$build_x11vnc" = "yes"; then +diff -up LibVNCServer-0.9.10/configure.ac.no_x11vnc LibVNCServer-0.9.10/configure.ac +--- LibVNCServer-0.9.10/configure.ac.no_x11vnc 2014-04-05 18:38:35.000000000 -0500 ++++ LibVNCServer-0.9.10/configure.ac 2014-04-29 09:06:27.336448096 -0500 +@@ -1020,7 +1020,7 @@ if test "$build_x11vnc" = "yes"; then # # configure.ac:690: required file `x11vnc/Makefile.in' not found # @@ -10,9 +10,9 @@ diff -up LibVNCServer-0.9.9/configure.ac.system_minilzo LibVNCServer-0.9.9/confi if test ! -z "$with_system_libvncserver" -a "x$with_system_libvncserver" != "xno"; then # need to move local tarball rfb headers aside: -diff -up LibVNCServer-0.9.9/Makefile.am.system_minilzo LibVNCServer-0.9.9/Makefile.am ---- LibVNCServer-0.9.9/Makefile.am.system_minilzo 2012-05-04 09:19:00.000000000 -0500 -+++ LibVNCServer-0.9.9/Makefile.am 2012-05-07 08:22:19.475583573 -0500 +diff -up LibVNCServer-0.9.10/Makefile.am.no_x11vnc LibVNCServer-0.9.10/Makefile.am +--- LibVNCServer-0.9.10/Makefile.am.no_x11vnc 2014-04-05 18:38:35.000000000 -0500 ++++ LibVNCServer-0.9.10/Makefile.am 2014-04-29 09:06:27.337448086 -0500 @@ -1,6 +1,6 @@ -if WITH_X11VNC -X11VNC=x11vnc @@ -20,7 +20,6 @@ diff -up LibVNCServer-0.9.9/Makefile.am.system_minilzo LibVNCServer-0.9.9/Makefi +#if WITH_X11VNC +#X11VNC=x11vnc +#endif - + SUBDIRS=libvncserver examples libvncclient vncterm webclients client_examples test $(X11VNC) DIST_SUBDIRS=libvncserver examples libvncclient vncterm webclients client_examples test - diff --git a/LibVNCServer-0.9.9-system_minilzo.patch b/LibVNCServer-0.9.10-system_minilzo.patch similarity index 57% rename from LibVNCServer-0.9.9-system_minilzo.patch rename to LibVNCServer-0.9.10-system_minilzo.patch index f6d7db9..34e789b 100644 --- a/LibVNCServer-0.9.9-system_minilzo.patch +++ b/LibVNCServer-0.9.10-system_minilzo.patch @@ -1,24 +1,24 @@ -diff -up LibVNCServer-0.9.9/libvncclient/Makefile.am.system_minilzo LibVNCServer-0.9.9/libvncclient/Makefile.am ---- LibVNCServer-0.9.9/libvncclient/Makefile.am.system_minilzo 2012-05-04 09:19:00.000000000 -0500 -+++ LibVNCServer-0.9.9/libvncclient/Makefile.am 2012-05-07 08:22:19.474583585 -0500 +diff -up LibVNCServer-0.9.10/libvncclient/Makefile.am.system_minilzo LibVNCServer-0.9.10/libvncclient/Makefile.am +--- LibVNCServer-0.9.10/libvncclient/Makefile.am.system_minilzo 2014-04-05 18:38:35.000000000 -0500 ++++ LibVNCServer-0.9.10/libvncclient/Makefile.am 2014-04-29 08:56:27.861761880 -0500 @@ -13,10 +13,10 @@ endif endif -libvncclient_la_SOURCES=cursor.c listen.c rfbproto.c sockets.c vncviewer.c ../common/minilzo.c $(TLSSRCS) --libvncclient_la_LIBADD=$(TLSLIBS) +-libvncclient_la_LIBADD=$(TLSLIBS) $(VA_LIBS) +libvncclient_la_SOURCES=cursor.c listen.c rfbproto.c sockets.c vncviewer.c $(TLSSRCS) -+libvncclient_la_LIBADD=$(TLSLIBS) -lminilzo ++libvncclient_la_LIBADD=$(TLSLIBS) $(VA_LIBS) -lminilzo -noinst_HEADERS=../common/lzodefs.h ../common/lzoconf.h ../common/minilzo.h tls.h +noinst_HEADERS=tls.h rfbproto.o: rfbproto.c corre.c hextile.c rre.c tight.c zlib.c zrle.c ultra.c -diff -up LibVNCServer-0.9.9/libvncclient/rfbproto.c.system_minilzo LibVNCServer-0.9.9/libvncclient/rfbproto.c ---- LibVNCServer-0.9.9/libvncclient/rfbproto.c.system_minilzo 2012-05-04 09:19:00.000000000 -0500 -+++ LibVNCServer-0.9.9/libvncclient/rfbproto.c 2012-05-07 08:22:19.474583585 -0500 -@@ -59,7 +59,7 @@ +diff -up LibVNCServer-0.9.10/libvncclient/rfbproto.c.system_minilzo LibVNCServer-0.9.10/libvncclient/rfbproto.c +--- LibVNCServer-0.9.10/libvncclient/rfbproto.c.system_minilzo 2014-04-05 18:38:35.000000000 -0500 ++++ LibVNCServer-0.9.10/libvncclient/rfbproto.c 2014-04-29 08:39:57.638331693 -0500 +@@ -61,7 +61,7 @@ #include #endif @@ -27,9 +27,9 @@ diff -up LibVNCServer-0.9.9/libvncclient/rfbproto.c.system_minilzo LibVNCServer- #include "tls.h" /* -diff -up LibVNCServer-0.9.9/libvncserver/Makefile.am.system_minilzo LibVNCServer-0.9.9/libvncserver/Makefile.am ---- LibVNCServer-0.9.9/libvncserver/Makefile.am.system_minilzo 2012-05-04 09:19:00.000000000 -0500 -+++ LibVNCServer-0.9.9/libvncserver/Makefile.am 2012-05-07 08:31:01.342059345 -0500 +diff -up LibVNCServer-0.9.10/libvncserver/Makefile.am.system_minilzo LibVNCServer-0.9.10/libvncserver/Makefile.am +--- LibVNCServer-0.9.10/libvncserver/Makefile.am.system_minilzo 2014-04-05 18:38:35.000000000 -0500 ++++ LibVNCServer-0.9.10/libvncserver/Makefile.am 2014-04-29 08:39:57.638331693 -0500 @@ -37,7 +37,7 @@ include_HEADERS=../rfb/rfb.h ../rfb/rfbc noinst_HEADERS=../common/d3des.h ../rfb/default8x16.h zrleoutstream.h \ @@ -53,9 +53,9 @@ diff -up LibVNCServer-0.9.9/libvncserver/Makefile.am.system_minilzo LibVNCServer lib_LTLIBRARIES=libvncserver.la -diff -up LibVNCServer-0.9.9/libvncserver/ultra.c.system_minilzo LibVNCServer-0.9.9/libvncserver/ultra.c ---- LibVNCServer-0.9.9/libvncserver/ultra.c.system_minilzo 2012-05-04 09:19:00.000000000 -0500 -+++ LibVNCServer-0.9.9/libvncserver/ultra.c 2012-05-07 08:22:19.475583573 -0500 +diff -up LibVNCServer-0.9.10/libvncserver/ultra.c.system_minilzo LibVNCServer-0.9.10/libvncserver/ultra.c +--- LibVNCServer-0.9.10/libvncserver/ultra.c.system_minilzo 2014-04-05 18:38:35.000000000 -0500 ++++ LibVNCServer-0.9.10/libvncserver/ultra.c 2014-04-29 08:39:57.638331693 -0500 @@ -8,7 +8,7 @@ */ diff --git a/libvncserver.spec b/libvncserver.spec index 77bc0d6..02a750d 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,24 +1,31 @@ +%define git_commit 646f844f69cc74b8eebf25cc76663b2ee851e5d3 +%define git_short 646f844f +%define snap 20140405 + Summary: Library to make writing a vnc server easy Name: libvncserver -Version: 0.9.9 -Release: 11%{?dist} +Version: 0.9.10 +Release: 0.1.%{snap}git%{git_short}%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ URL: http://libvncserver.sourceforge.net/ +%if 0%{?snap:1} +# git archive --prefix=LibVNCServer-0.9.10/ 646f844f69cc74b8eebf25cc76663b2ee851e5d3 | gzip -9 > LibVNCServer-0.9.10-646f844f.tar.gz +Source0: LibVNCServer-%{version}-%{git_short}.tar.gz +%else Source0: http://downloads.sf.net/libvncserver/LibVNCServer-%{version}.tar.gz +%endif # workaround there being no x11vnc/ dir in tarball -Patch0: LibVNCServer-0.9.9-no_x11vnc.patch -Patch1: LibVNCServer-0.9.9-system_minilzo.patch +Patch0: LibVNCServer-0.9.10-no_x11vnc.patch +Patch1: LibVNCServer-0.9.10-system_minilzo.patch Patch2: libvncserver-0.9.1-multilib.patch # pkgconfig love (upstreamable) Patch3: LibVNCServer-0.9.9-pkgconfig.patch ## upstream patches -Patch105: 0005-libvncserver-sockets.c-do-not-segfault-when-listenSo.patch -Patch110: 0010-Patched-sockets.c-to-allow-the-use-of-IPv6-without-I.patch # upstream name Obsoletes: LibVNCServer < 0.9.1 @@ -27,6 +34,8 @@ Provides: LibVNCServer = %{version}-%{release} BuildRequires: automake autoconf BuildRequires: libgcrypt-devel BuildRequires: libjpeg-devel +## FIXME/TODO: --with-va FTBFS +#BuildRequires: libva-devel BuildRequires: lzo-minilzo lzo-devel BuildRequires: pkgconfig(gnutls) BuildRequires: pkgconfig(libcrypto) pkgconfig(libssl) @@ -64,13 +73,10 @@ Provides: LibVNCServer-devel = %{version}-%{release} %prep %setup -q -n LibVNCServer-%{version} -%patch105 -p1 -b .0005 -%patch110 -p1 -b .0010 - %patch0 -p1 -b .no_x11vnc %patch1 -p1 -b .system_minilzo #nuke bundled minilzo -rm -f common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c +rm -fv common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c %patch2 -p1 -b .multilib %patch3 -p1 -b .pkgconfig @@ -82,7 +88,11 @@ touch --reference ${file}.OLD $file done # needed by patch 1 (and to nuke rpath's) -autoreconf +%if 0%{?snap:1} +./autogen.sh +%else +autoreconf -is +%endif %build @@ -91,6 +101,7 @@ autoreconf --disable-static \ --without-tightvnc-filetransfer \ --with-gcrypt \ + --without-libva \ --with-png \ --with-x11vnc @@ -135,6 +146,9 @@ xvfb-run -a make -C test test ||: %changelog +* Tue Apr 29 2014 Rex Dieter 0.9.10-0.1.20140405git646f844f +- Update to the latest git commit 646f844 (#1092245) + * Mon Mar 31 2014 Rex Dieter 0.9.9-11 - x11vnc crash when client connect (#972618) pull in some upstream commits that may help diff --git a/sources b/sources index 2564e4a..342e80e 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -70422169b122765693d2a294d13e3714 LibVNCServer-0.9.9.tar.gz +8cc7125fdd5ea6fb5cea4266bb55db74 LibVNCServer-0.9.10-646f844f.tar.gz From c8b27687908b04fb2557fdca7f98722cff2eb521 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Sat, 7 Jun 2014 01:00:20 -0500 Subject: [PATCH 33/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index 02a750d..e16055a 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -6,7 +6,7 @@ Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.10 -Release: 0.1.%{snap}git%{git_short}%{?dist} +Release: 0.2.%{snap}git%{git_short}%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ @@ -146,6 +146,9 @@ xvfb-run -a make -C test test ||: %changelog +* Sat Jun 07 2014 Fedora Release Engineering - 0.9.10-0.2.20140405git646f844f +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + * Tue Apr 29 2014 Rex Dieter 0.9.10-0.1.20140405git646f844f - Update to the latest git commit 646f844 (#1092245) From 2524743962d1e2477769bbd0d0ce0719eda8b9a3 Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Sun, 3 Aug 2014 20:30:00 -0500 Subject: [PATCH 34/81] include krfb patches (upstream pull request #16) --- 0001-Fix-crash-in-krfb.patch | 36 +++++++++++++++++++ ...rfbInitSockets-with-non-ready-states.patch | 30 ++++++++++++++++ libvncserver.spec | 10 +++++- 3 files changed, 75 insertions(+), 1 deletion(-) create mode 100644 0001-Fix-crash-in-krfb.patch create mode 100644 0002-allow-rfbInitSockets-with-non-ready-states.patch diff --git a/0001-Fix-crash-in-krfb.patch b/0001-Fix-crash-in-krfb.patch new file mode 100644 index 0000000..1847720 --- /dev/null +++ b/0001-Fix-crash-in-krfb.patch @@ -0,0 +1,36 @@ +From afd1d329ed117f6e4d8c46eba362b7d5c51184ac Mon Sep 17 00:00:00 2001 +From: Amandeep Singh +Date: Wed, 9 Oct 2013 04:12:08 +0530 +Subject: [PATCH 1/2] Fix crash in krfb + +Krfb crashes on quit, if any client is connected +due to a rfbClientConnectionGone call missing +--- + libvncserver/main.c | 11 +++++++---- + 1 file changed, 7 insertions(+), 4 deletions(-) + +diff --git a/libvncserver/main.c b/libvncserver/main.c +index 4cb18ac..b8cdde1 100644 +--- a/libvncserver/main.c ++++ b/libvncserver/main.c +@@ -1061,10 +1061,13 @@ void rfbShutdownServer(rfbScreenInfoPtr screen,rfbBool disconnectClients) { + if(disconnectClients) { + rfbClientPtr cl; + rfbClientIteratorPtr iter = rfbGetClientIterator(screen); +- while( (cl = rfbClientIteratorNext(iter)) ) +- if (cl->sock > -1) +- /* we don't care about maxfd here, because the server goes away */ +- rfbCloseClient(cl); ++ while( (cl = rfbClientIteratorNext(iter)) ) { ++ if (cl->sock > -1) { ++ /* we don't care about maxfd here, because the server goes away */ ++ rfbCloseClient(cl); ++ rfbClientConnectionGone(cl); ++ } ++ } + rfbReleaseClientIterator(iter); + } + +-- +1.9.3 + diff --git a/0002-allow-rfbInitSockets-with-non-ready-states.patch b/0002-allow-rfbInitSockets-with-non-ready-states.patch new file mode 100644 index 0000000..a9107e2 --- /dev/null +++ b/0002-allow-rfbInitSockets-with-non-ready-states.patch @@ -0,0 +1,30 @@ +From 012594b970b07c212eaf48ed22333a9d37d017a4 Mon Sep 17 00:00:00 2001 +From: Amandeep Singh +Date: Sat, 28 Sep 2013 17:58:13 +0530 +Subject: [PATCH 2/2] allow rfbInitSockets with non-ready states. + +This allows for reinitializations of e. g. sockets in a SHUTDOWN state. +The only state that doesn't make sense to reinitialize are READY states. +--- + libvncserver/sockets.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/libvncserver/sockets.c b/libvncserver/sockets.c +index ddd8450..d2f814b 100644 +--- a/libvncserver/sockets.c ++++ b/libvncserver/sockets.c +@@ -122,8 +122,9 @@ rfbInitSockets(rfbScreenInfoPtr rfbScreen) + { + in_addr_t iface = rfbScreen->listenInterface; + +- if (rfbScreen->socketState!=RFB_SOCKET_INIT) +- return; ++ if (rfbScreen->socketState == RFB_SOCKET_READY) { ++ return; ++ } + + rfbScreen->socketState = RFB_SOCKET_READY; + +-- +1.9.3 + diff --git a/libvncserver.spec b/libvncserver.spec index e16055a..715cc90 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -6,7 +6,7 @@ Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.10 -Release: 0.2.%{snap}git%{git_short}%{?dist} +Release: 0.3.%{snap}git%{git_short}%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ @@ -24,6 +24,9 @@ Patch1: LibVNCServer-0.9.10-system_minilzo.patch Patch2: libvncserver-0.9.1-multilib.patch # pkgconfig love (upstreamable) Patch3: LibVNCServer-0.9.9-pkgconfig.patch +# krfb patches, https://github.com/LibVNC/libvncserver/pull/16 +Patch11: 0001-Fix-crash-in-krfb.patch +Patch12: 0002-allow-rfbInitSockets-with-non-ready-states.patch ## upstream patches @@ -79,6 +82,8 @@ Provides: LibVNCServer-devel = %{version}-%{release} rm -fv common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c %patch2 -p1 -b .multilib %patch3 -p1 -b .pkgconfig +%patch11 -p1 -b .0001 +%patch12 -p1 -b .0002 # fix encoding for file in AUTHORS ChangeLog ; do @@ -146,6 +151,9 @@ xvfb-run -a make -C test test ||: %changelog +* Sun Aug 03 2014 Rex Dieter 0.9.10-0.3.20140405git646f844f +- include krfb patches (upstream pull request #16) + * Sat Jun 07 2014 Fedora Release Engineering - 0.9.10-0.2.20140405git646f844f - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild From f32e7c8f291edaa4ef931cf22ab1f47e1e703b61 Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Sun, 3 Aug 2014 20:35:13 -0500 Subject: [PATCH 35/81] 20140718git9453be42 snapshot --- .gitignore | 1 + libvncserver.spec | 11 +++++++---- sources | 2 +- 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index 0066bbb..ac78c8d 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ /LibVNCServer-0.9.8.2.tar.gz /LibVNCServer-0.9.9.tar.gz /LibVNCServer-0.9.10-646f844f.tar.gz +/LibVNCServer-0.9.10-9453be42.tar.gz diff --git a/libvncserver.spec b/libvncserver.spec index 715cc90..3414e4f 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,12 +1,12 @@ -%define git_commit 646f844f69cc74b8eebf25cc76663b2ee851e5d3 -%define git_short 646f844f -%define snap 20140405 +%define git_commit 9453be42014b6b9eaa6ab6f8c2e8b6f4f01d15aa +%define git_short 9453be42 +%define snap 20140718 Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.10 -Release: 0.3.%{snap}git%{git_short}%{?dist} +Release: 0.4.%{snap}git%{git_short}%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ @@ -151,6 +151,9 @@ xvfb-run -a make -C test test ||: %changelog +* Sun Aug 03 2014 Rex Dieter 0.9.10-0.4.20140718git9453be42 +- 20140718git9453be42 snapshot + * Sun Aug 03 2014 Rex Dieter 0.9.10-0.3.20140405git646f844f - include krfb patches (upstream pull request #16) diff --git a/sources b/sources index 342e80e..3fd3940 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -8cc7125fdd5ea6fb5cea4266bb55db74 LibVNCServer-0.9.10-646f844f.tar.gz +53a5a6484848caaa0c352ece4d8b6202 LibVNCServer-0.9.10-9453be42.tar.gz From af4fbcf96f17accdfd00ca132c173d33e2435f80 Mon Sep 17 00:00:00 2001 From: Peter Robinson Date: Sun, 17 Aug 2014 06:43:46 +0000 Subject: [PATCH 36/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index 3414e4f..0e27690 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -6,7 +6,7 @@ Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.10 -Release: 0.4.%{snap}git%{git_short}%{?dist} +Release: 0.5.%{snap}git%{git_short}%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ @@ -151,6 +151,9 @@ xvfb-run -a make -C test test ||: %changelog +* Sun Aug 17 2014 Fedora Release Engineering - 0.9.10-0.5.20140718git9453be42 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + * Sun Aug 03 2014 Rex Dieter 0.9.10-0.4.20140718git9453be42 - 20140718git9453be42 snapshot From de37ba2f0a2461222f51686c39fb31a50a683353 Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Thu, 25 Sep 2014 10:38:31 -0500 Subject: [PATCH 37/81] Security fixes (#1145878) ... - CVE-2014-6051 (#1144287) - CVE-2014-6052 (#1144288) - CVE-2014-6053 (#1144289) - CVE-2014-6054 (#1144291) - CVE-2014-6055 (#1144293) --- CVE-2014-6051.patch | 42 +++++++++++ CVE-2014-6052.patch | 59 ++++++++++++++++ CVE-2014-6053.patch | 22 ++++++ CVE-2014-6054.patch | 38 ++++++++++ CVE-2014-6055.patch | 165 ++++++++++++++++++++++++++++++++++++++++++++ libvncserver.spec | 26 +++++++ 6 files changed, 352 insertions(+) create mode 100644 CVE-2014-6051.patch create mode 100644 CVE-2014-6052.patch create mode 100644 CVE-2014-6053.patch create mode 100644 CVE-2014-6054.patch create mode 100644 CVE-2014-6055.patch diff --git a/CVE-2014-6051.patch b/CVE-2014-6051.patch new file mode 100644 index 0000000..ee6598c --- /dev/null +++ b/CVE-2014-6051.patch @@ -0,0 +1,42 @@ +commit 045a044e8ae79db9244593fbce154cdf6e843273 +Author: newsoft +Date: Fri Aug 15 16:31:13 2014 +0200 + + Fix integer overflow in MallocFrameBuffer() + + Promote integers to uint64_t to avoid integer overflow issue during + frame buffer allocation for very large screen sizes + +diff --git a/libvncclient/vncviewer.c b/libvncclient/vncviewer.c +index 3b16a6f..24bc6f8 100644 +--- a/libvncclient/vncviewer.c ++++ b/libvncclient/vncviewer.c +@@ -82,9 +82,27 @@ static char* ReadPassword(rfbClient* client) { + #endif + } + static rfbBool MallocFrameBuffer(rfbClient* client) { ++uint64_t allocSize; ++ + if(client->frameBuffer) + free(client->frameBuffer); +- client->frameBuffer=malloc(client->width*client->height*client->format.bitsPerPixel/8); ++ ++ /* SECURITY: promote 'width' into uint64_t so that the multiplication does not overflow ++ 'width' and 'height' are 16-bit integers per RFB protocol design ++ SIZE_MAX is the maximum value that can fit into size_t ++ */ ++ allocSize = (uint64_t)client->width * client->height * client->format.bitsPerPixel/8; ++ ++ if (allocSize >= SIZE_MAX) { ++ rfbClientErr("CRITICAL: cannot allocate frameBuffer, requested size is too large\n"); ++ return FALSE; ++ } ++ ++ client->frameBuffer=malloc( (size_t)allocSize ); ++ ++ if (client->frameBuffer == NULL) ++ rfbClientErr("CRITICAL: frameBuffer allocation failed, requested size too large or not enough memory?\n"); ++ + return client->frameBuffer?TRUE:FALSE; + } + diff --git a/CVE-2014-6052.patch b/CVE-2014-6052.patch new file mode 100644 index 0000000..35757f1 --- /dev/null +++ b/CVE-2014-6052.patch @@ -0,0 +1,59 @@ +commit 85a778c0e45e87e35ee7199f1f25020648e8b812 +Author: newsoft +Date: Fri Aug 15 16:41:58 2014 +0200 + + Check for MallocFrameBuffer() return value + + If MallocFrameBuffer() returns FALSE, frame buffer pointer is left to + NULL. Subsequent writes into that buffer could lead to memory + corruption, or even arbitrary code execution. + +diff --git a/libvncclient/rfbproto.c b/libvncclient/rfbproto.c +index b4d7156..f55c74f 100644 +--- a/libvncclient/rfbproto.c ++++ b/libvncclient/rfbproto.c +@@ -1829,7 +1829,8 @@ HandleRFBServerMessage(rfbClient* client) + client->updateRect.x = client->updateRect.y = 0; + client->updateRect.w = client->width; + client->updateRect.h = client->height; +- client->MallocFrameBuffer(client); ++ if (!client->MallocFrameBuffer(client)) ++ return FALSE; + SendFramebufferUpdateRequest(client, 0, 0, rect.r.w, rect.r.h, FALSE); + rfbClientLog("Got new framebuffer size: %dx%d\n", rect.r.w, rect.r.h); + continue; +@@ -2290,7 +2291,9 @@ HandleRFBServerMessage(rfbClient* client) + client->updateRect.x = client->updateRect.y = 0; + client->updateRect.w = client->width; + client->updateRect.h = client->height; +- client->MallocFrameBuffer(client); ++ if (!client->MallocFrameBuffer(client)) ++ return FALSE; ++ + SendFramebufferUpdateRequest(client, 0, 0, client->width, client->height, FALSE); + rfbClientLog("Got new framebuffer size: %dx%d\n", client->width, client->height); + break; +@@ -2306,7 +2309,8 @@ HandleRFBServerMessage(rfbClient* client) + client->updateRect.x = client->updateRect.y = 0; + client->updateRect.w = client->width; + client->updateRect.h = client->height; +- client->MallocFrameBuffer(client); ++ if (!client->MallocFrameBuffer(client)) ++ return FALSE; + SendFramebufferUpdateRequest(client, 0, 0, client->width, client->height, FALSE); + rfbClientLog("Got new framebuffer size: %dx%d\n", client->width, client->height); + break; +diff --git a/libvncclient/vncviewer.c b/libvncclient/vncviewer.c +index 24bc6f8..65b7412 100644 +--- a/libvncclient/vncviewer.c ++++ b/libvncclient/vncviewer.c +@@ -250,7 +250,8 @@ static rfbBool rfbInitConnection(rfbClient* client) + + client->width=client->si.framebufferWidth; + client->height=client->si.framebufferHeight; +- client->MallocFrameBuffer(client); ++ if (!client->MallocFrameBuffer(client)) ++ return FALSE; + + if (!SetFormatAndEncodings(client)) + return FALSE; diff --git a/CVE-2014-6053.patch b/CVE-2014-6053.patch new file mode 100644 index 0000000..4f59a7b --- /dev/null +++ b/CVE-2014-6053.patch @@ -0,0 +1,22 @@ +commit 6037a9074d52b1963c97cb28ea1096c7c14cbf28 +Author: Nicolas Ruff +Date: Mon Aug 18 15:16:16 2014 +0200 + + Check malloc() return value on client->server ClientCutText message. Client can send up to 2**32-1 bytes of text, and such a large allocation is likely to fail in case of high memory pressure. This would in a server crash (write at address 0). + +diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c +index 5f3b31d..7e43fe3 100644 +--- a/libvncserver/rfbserver.c ++++ b/libvncserver/rfbserver.c +@@ -2461,6 +2461,11 @@ rfbProcessClientNormalMessage(rfbClientPtr cl) + msg.cct.length = Swap32IfLE(msg.cct.length); + + str = (char *)malloc(msg.cct.length); ++ if (str == NULL) { ++ rfbLogPerror("rfbProcessClientNormalMessage: not enough memory"); ++ rfbCloseClient(cl); ++ return; ++ } + + if ((n = rfbReadExact(cl, str, msg.cct.length)) <= 0) { + if (n != 0) diff --git a/CVE-2014-6054.patch b/CVE-2014-6054.patch new file mode 100644 index 0000000..b8225ac --- /dev/null +++ b/CVE-2014-6054.patch @@ -0,0 +1,38 @@ +commit 05a9bd41a8ec0a9d580a8f420f41718bdd235446 +Author: Nicolas Ruff +Date: Mon Aug 18 15:22:48 2014 +0200 + + Do not accept a scaling factor of zero on PalmVNCSetScaleFactor and SetScale client->server messages. This would cause a division by zero and crash the server. + +diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c +index 7e43fe3..df7d74c 100644 +--- a/libvncserver/rfbserver.c ++++ b/libvncserver/rfbserver.c +@@ -2491,6 +2491,13 @@ rfbProcessClientNormalMessage(rfbClientPtr cl) + rfbCloseClient(cl); + return; + } ++ ++ if (msg.ssc.scale == 0) { ++ rfbLogPerror("rfbProcessClientNormalMessage: will not accept a scale factor of zero"); ++ rfbCloseClient(cl); ++ return; ++ } ++ + rfbStatRecordMessageRcvd(cl, msg.type, sz_rfbSetScaleMsg, sz_rfbSetScaleMsg); + rfbLog("rfbSetScale(%d)\n", msg.ssc.scale); + rfbScalingSetup(cl,cl->screen->width/msg.ssc.scale, cl->screen->height/msg.ssc.scale); +@@ -2507,6 +2514,13 @@ rfbProcessClientNormalMessage(rfbClientPtr cl) + rfbCloseClient(cl); + return; + } ++ ++ if (msg.ssc.scale == 0) { ++ rfbLogPerror("rfbProcessClientNormalMessage: will not accept a scale factor of zero"); ++ rfbCloseClient(cl); ++ return; ++ } ++ + rfbStatRecordMessageRcvd(cl, msg.type, sz_rfbSetScaleMsg, sz_rfbSetScaleMsg); + rfbLog("rfbSetScale(%d)\n", msg.ssc.scale); + rfbScalingSetup(cl,cl->screen->width/msg.ssc.scale, cl->screen->height/msg.ssc.scale); diff --git a/CVE-2014-6055.patch b/CVE-2014-6055.patch new file mode 100644 index 0000000..bbcfc1c --- /dev/null +++ b/CVE-2014-6055.patch @@ -0,0 +1,165 @@ +commit 06ccdf016154fde8eccb5355613ba04c59127b2e +Author: Nicolas Ruff +Date: Mon Sep 1 14:36:26 2014 +0200 + + Fix multiple stack-based buffer overflows in file transfer feature + +diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c +index df7d74c..445331a 100644 +--- a/libvncserver/rfbserver.c ++++ b/libvncserver/rfbserver.c +@@ -1241,21 +1241,35 @@ typedef struct { + #define RFB_FILE_ATTRIBUTE_TEMPORARY 0x100 + #define RFB_FILE_ATTRIBUTE_COMPRESSED 0x800 + +-rfbBool rfbFilenameTranslate2UNIX(rfbClientPtr cl, char *path, char *unixPath) ++rfbBool rfbFilenameTranslate2UNIX(rfbClientPtr cl, /* in */ char *path, /* out */ char *unixPath, size_t unixPathMaxLen ) + { + int x; + char *home=NULL; + + FILEXFER_ALLOWED_OR_CLOSE_AND_RETURN("", cl, FALSE); + ++ /* ++ * Do not use strncpy() - truncating the file name would probably have undesirable side effects ++ * Instead check if destination buffer is big enough ++ */ ++ ++ if (strlen(path) >= unixPathMaxLen) ++ return FALSE; ++ + /* C: */ + if (path[0]=='C' && path[1]==':') ++ { + strcpy(unixPath, &path[2]); ++ } + else + { + home = getenv("HOME"); + if (home!=NULL) + { ++ /* Re-check buffer size */ ++ if ((strlen(path) + strlen(home) + 1) >= unixPathMaxLen) ++ return FALSE; ++ + strcpy(unixPath, home); + strcat(unixPath,"/"); + strcat(unixPath, path); +@@ -1293,7 +1307,8 @@ rfbBool rfbSendDirContent(rfbClientPtr cl, int length, char *buffer) + FILEXFER_ALLOWED_OR_CLOSE_AND_RETURN("", cl, FALSE); + + /* Client thinks we are Winblows */ +- rfbFilenameTranslate2UNIX(cl, buffer, path); ++ if (!rfbFilenameTranslate2UNIX(cl, buffer, path, sizeof(path))) ++ return FALSE; + + if (DB) rfbLog("rfbProcessFileTransfer() rfbDirContentRequest: rfbRDirContent: \"%s\"->\"%s\"\n",buffer, path); + +@@ -1570,7 +1585,11 @@ rfbBool rfbProcessFileTransfer(rfbClientPtr cl, uint8_t contentType, uint8_t con + /* add some space to the end of the buffer as we will be adding a timespec to it */ + if ((buffer = rfbProcessFileTransferReadBuffer(cl, length))==NULL) return FALSE; + /* The client requests a File */ +- rfbFilenameTranslate2UNIX(cl, buffer, filename1); ++ if (!rfbFilenameTranslate2UNIX(cl, buffer, filename1, sizeof(filename1))) ++ { ++ if (buffer!=NULL) free(buffer); ++ return FALSE; ++ } + cl->fileTransfer.fd=open(filename1, O_RDONLY, 0744); + + /* +@@ -1685,7 +1704,11 @@ rfbBool rfbProcessFileTransfer(rfbClientPtr cl, uint8_t contentType, uint8_t con + } + sizeHtmp = Swap32IfLE(sizeHtmp); + +- rfbFilenameTranslate2UNIX(cl, buffer, filename1); ++ if (!rfbFilenameTranslate2UNIX(cl, buffer, filename1, sizeof(filename1))) ++ { ++ if (buffer!=NULL) free(buffer); ++ return FALSE; ++ } + + /* If the file exists... We can send a rfbFileChecksums back to the client before we send an rfbFileAcceptHeader */ + /* TODO: Delta Transfer */ +@@ -1814,7 +1837,12 @@ rfbBool rfbProcessFileTransfer(rfbClientPtr cl, uint8_t contentType, uint8_t con + if ((buffer = rfbProcessFileTransferReadBuffer(cl, length))==NULL) return FALSE; + switch (contentParam) { + case rfbCDirCreate: /* Client requests the creation of a directory */ +- rfbFilenameTranslate2UNIX(cl, buffer, filename1); ++ if (!rfbFilenameTranslate2UNIX(cl, buffer, filename1, sizeof(filename1))) ++ { ++ if (buffer!=NULL) free(buffer); ++ return FALSE; ++ } ++ + retval = mkdir(filename1, 0755); + if (DB) rfbLog("rfbProcessFileTransfer() rfbCommand: rfbCDirCreate(\"%s\"->\"%s\") %s\n", buffer, filename1, (retval==-1?"Failed":"Success")); + /* +@@ -1823,7 +1851,12 @@ rfbBool rfbProcessFileTransfer(rfbClientPtr cl, uint8_t contentType, uint8_t con + if (buffer!=NULL) free(buffer); + return retval; + case rfbCFileDelete: /* Client requests the deletion of a file */ +- rfbFilenameTranslate2UNIX(cl, buffer, filename1); ++ if (!rfbFilenameTranslate2UNIX(cl, buffer, filename1, sizeof(filename1))) ++ { ++ if (buffer!=NULL) free(buffer); ++ return FALSE; ++ } ++ + if (stat(filename1,&statbuf)==0) + { + if (S_ISDIR(statbuf.st_mode)) +@@ -1841,8 +1874,18 @@ rfbBool rfbProcessFileTransfer(rfbClientPtr cl, uint8_t contentType, uint8_t con + { + /* Split into 2 filenames ('*' is a seperator) */ + *p = '\0'; +- rfbFilenameTranslate2UNIX(cl, buffer, filename1); +- rfbFilenameTranslate2UNIX(cl, p+1, filename2); ++ if (!rfbFilenameTranslate2UNIX(cl, buffer, filename1, sizeof(filename1))) ++ { ++ if (buffer!=NULL) free(buffer); ++ return FALSE; ++ } ++ ++ if (!rfbFilenameTranslate2UNIX(cl, p+1, filename2, sizeof(filename2))) ++ { ++ if (buffer!=NULL) free(buffer); ++ return FALSE; ++ } ++ + retval = rename(filename1,filename2); + if (DB) rfbLog("rfbProcessFileTransfer() rfbCommand: rfbCFileRename(\"%s\"->\"%s\" -->> \"%s\"->\"%s\") %s\n", buffer, filename1, p+1, filename2, (retval==-1?"Failed":"Success")); + /* + +commit f528072216dec01cee7ca35d94e171a3b909e677 +Author: Nicolas Ruff +Date: Mon Sep 1 14:51:07 2014 +0200 + + Fix stack-based buffer overflow in rfbFileTransferOffer message, FileTime processing + +diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c +index 445331a..23532b0 100644 +--- a/libvncserver/rfbserver.c ++++ b/libvncserver/rfbserver.c +@@ -1683,16 +1683,17 @@ rfbBool rfbProcessFileTransfer(rfbClientPtr cl, uint8_t contentType, uint8_t con + */ + if ((buffer = rfbProcessFileTransferReadBuffer(cl, length))==NULL) return FALSE; + +- /* Parse the FileTime */ ++ /* Parse the FileTime ++ * TODO: FileTime is actually never used afterwards ++ */ + p = strrchr(buffer, ','); + if (p!=NULL) { + *p = '\0'; +- strcpy(szFileTime, p+1); ++ strncpy(szFileTime, p+1, sizeof(szFileTime)); ++ szFileTime[sizeof(szFileTime)-1] = '\x00'; /* ensure NULL terminating byte is present, even if copy overflowed */ + } else + szFileTime[0]=0; + +- +- + /* Need to read in sizeHtmp */ + if ((n = rfbReadExact(cl, (char *)&sizeHtmp, 4)) <= 0) { + if (n != 0) diff --git a/libvncserver.spec b/libvncserver.spec index 0e27690..aaafe54 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -30,6 +30,19 @@ Patch12: 0002-allow-rfbInitSockets-with-non-ready-states.patch ## upstream patches +## security patches +## pulled from (fork): https://github.com/newsoft/libvncserver +# https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6051 +Patch201: CVE-2014-6051.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6052 +Patch202: CVE-2014-6052.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6053 +Patch203: CVE-2014-6053.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6054 +Patch204: CVE-2014-6054.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6055 +Patch205: CVE-2014-6055.patch + # upstream name Obsoletes: LibVNCServer < 0.9.1 Provides: LibVNCServer = %{version}-%{release} @@ -84,6 +97,11 @@ rm -fv common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c %patch3 -p1 -b .pkgconfig %patch11 -p1 -b .0001 %patch12 -p1 -b .0002 +%patch201 -p1 -b .CVE-2014-6051 +%patch202 -p1 -b .CVE-2014-6052 +%patch203 -p1 -b .CVE-2014-6053 +%patch204 -p1 -b .CVE-2014-6054 +%patch205 -p1 -b .CVE-2014-6055 # fix encoding for file in AUTHORS ChangeLog ; do @@ -151,6 +169,14 @@ xvfb-run -a make -C test test ||: %changelog +* Thu Sep 25 2014 Rex Dieter 0.9.10-0.5.20140718git9453be42 +- Security fixes (#1145878) ... +- CVE-2014-6051 (#1144287) +- CVE-2014-6052 (#1144288) +- CVE-2014-6053 (#1144289) +- CVE-2014-6054 (#1144291) +- CVE-2014-6055 (#1144293) + * Sun Aug 17 2014 Fedora Release Engineering - 0.9.10-0.5.20140718git9453be42 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild From 5b9d53a6b621c9112acea6312e08fd3dff4471ee Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Thu, 25 Sep 2014 10:39:06 -0500 Subject: [PATCH 38/81] dump Release --- libvncserver.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libvncserver.spec b/libvncserver.spec index aaafe54..6d020c7 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -6,7 +6,7 @@ Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.10 -Release: 0.5.%{snap}git%{git_short}%{?dist} +Release: 0.6.%{snap}git%{git_short}%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ @@ -169,7 +169,7 @@ xvfb-run -a make -C test test ||: %changelog -* Thu Sep 25 2014 Rex Dieter 0.9.10-0.5.20140718git9453be42 +* Thu Sep 25 2014 Rex Dieter 0.9.10-0.6.20140718git9453be42 - Security fixes (#1145878) ... - CVE-2014-6051 (#1144287) - CVE-2014-6052 (#1144288) From 9f60621ce5ebe53533bdb4306d416bfa4b1bc959 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Wed, 17 Jun 2015 17:33:26 +0000 Subject: [PATCH 39/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index 6d020c7..306eba2 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -6,7 +6,7 @@ Summary: Library to make writing a vnc server easy Name: libvncserver Version: 0.9.10 -Release: 0.6.%{snap}git%{git_short}%{?dist} +Release: 0.7.%{snap}git%{git_short}%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ @@ -169,6 +169,9 @@ xvfb-run -a make -C test test ||: %changelog +* Wed Jun 17 2015 Fedora Release Engineering - 0.9.10-0.7.20140718git9453be42 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + * Thu Sep 25 2014 Rex Dieter 0.9.10-0.6.20140718git9453be42 - Security fixes (#1145878) ... - CVE-2014-6051 (#1144287) From c75c62309367d32a67f1cea077de42c30f5be8ac Mon Sep 17 00:00:00 2001 From: Simone Caronni Date: Sat, 12 Dec 2015 09:59:35 +0100 Subject: [PATCH 40/81] Update to official 0.9.10 --- 0001-Fix-crash-in-krfb.patch | 36 ---- ...rfbInitSockets-with-non-ready-states.patch | 30 ---- CVE-2014-6051.patch | 42 ----- CVE-2014-6052.patch | 59 ------- CVE-2014-6053.patch | 22 --- CVE-2014-6054.patch | 38 ---- CVE-2014-6055.patch | 165 ------------------ LibVNCServer-0.9.10-no_x11vnc.patch | 25 --- LibVNCServer-0.9.10-system_minilzo.patch | 34 ++-- LibVNCServer-0.9.9-pkgconfig.patch | 26 --- libvncserver.spec | 113 ++---------- 11 files changed, 29 insertions(+), 561 deletions(-) delete mode 100644 0001-Fix-crash-in-krfb.patch delete mode 100644 0002-allow-rfbInitSockets-with-non-ready-states.patch delete mode 100644 CVE-2014-6051.patch delete mode 100644 CVE-2014-6052.patch delete mode 100644 CVE-2014-6053.patch delete mode 100644 CVE-2014-6054.patch delete mode 100644 CVE-2014-6055.patch delete mode 100644 LibVNCServer-0.9.10-no_x11vnc.patch delete mode 100644 LibVNCServer-0.9.9-pkgconfig.patch diff --git a/0001-Fix-crash-in-krfb.patch b/0001-Fix-crash-in-krfb.patch deleted file mode 100644 index 1847720..0000000 --- a/0001-Fix-crash-in-krfb.patch +++ /dev/null @@ -1,36 +0,0 @@ -From afd1d329ed117f6e4d8c46eba362b7d5c51184ac Mon Sep 17 00:00:00 2001 -From: Amandeep Singh -Date: Wed, 9 Oct 2013 04:12:08 +0530 -Subject: [PATCH 1/2] Fix crash in krfb - -Krfb crashes on quit, if any client is connected -due to a rfbClientConnectionGone call missing ---- - libvncserver/main.c | 11 +++++++---- - 1 file changed, 7 insertions(+), 4 deletions(-) - -diff --git a/libvncserver/main.c b/libvncserver/main.c -index 4cb18ac..b8cdde1 100644 ---- a/libvncserver/main.c -+++ b/libvncserver/main.c -@@ -1061,10 +1061,13 @@ void rfbShutdownServer(rfbScreenInfoPtr screen,rfbBool disconnectClients) { - if(disconnectClients) { - rfbClientPtr cl; - rfbClientIteratorPtr iter = rfbGetClientIterator(screen); -- while( (cl = rfbClientIteratorNext(iter)) ) -- if (cl->sock > -1) -- /* we don't care about maxfd here, because the server goes away */ -- rfbCloseClient(cl); -+ while( (cl = rfbClientIteratorNext(iter)) ) { -+ if (cl->sock > -1) { -+ /* we don't care about maxfd here, because the server goes away */ -+ rfbCloseClient(cl); -+ rfbClientConnectionGone(cl); -+ } -+ } - rfbReleaseClientIterator(iter); - } - --- -1.9.3 - diff --git a/0002-allow-rfbInitSockets-with-non-ready-states.patch b/0002-allow-rfbInitSockets-with-non-ready-states.patch deleted file mode 100644 index a9107e2..0000000 --- a/0002-allow-rfbInitSockets-with-non-ready-states.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 012594b970b07c212eaf48ed22333a9d37d017a4 Mon Sep 17 00:00:00 2001 -From: Amandeep Singh -Date: Sat, 28 Sep 2013 17:58:13 +0530 -Subject: [PATCH 2/2] allow rfbInitSockets with non-ready states. - -This allows for reinitializations of e. g. sockets in a SHUTDOWN state. -The only state that doesn't make sense to reinitialize are READY states. ---- - libvncserver/sockets.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/libvncserver/sockets.c b/libvncserver/sockets.c -index ddd8450..d2f814b 100644 ---- a/libvncserver/sockets.c -+++ b/libvncserver/sockets.c -@@ -122,8 +122,9 @@ rfbInitSockets(rfbScreenInfoPtr rfbScreen) - { - in_addr_t iface = rfbScreen->listenInterface; - -- if (rfbScreen->socketState!=RFB_SOCKET_INIT) -- return; -+ if (rfbScreen->socketState == RFB_SOCKET_READY) { -+ return; -+ } - - rfbScreen->socketState = RFB_SOCKET_READY; - --- -1.9.3 - diff --git a/CVE-2014-6051.patch b/CVE-2014-6051.patch deleted file mode 100644 index ee6598c..0000000 --- a/CVE-2014-6051.patch +++ /dev/null @@ -1,42 +0,0 @@ -commit 045a044e8ae79db9244593fbce154cdf6e843273 -Author: newsoft -Date: Fri Aug 15 16:31:13 2014 +0200 - - Fix integer overflow in MallocFrameBuffer() - - Promote integers to uint64_t to avoid integer overflow issue during - frame buffer allocation for very large screen sizes - -diff --git a/libvncclient/vncviewer.c b/libvncclient/vncviewer.c -index 3b16a6f..24bc6f8 100644 ---- a/libvncclient/vncviewer.c -+++ b/libvncclient/vncviewer.c -@@ -82,9 +82,27 @@ static char* ReadPassword(rfbClient* client) { - #endif - } - static rfbBool MallocFrameBuffer(rfbClient* client) { -+uint64_t allocSize; -+ - if(client->frameBuffer) - free(client->frameBuffer); -- client->frameBuffer=malloc(client->width*client->height*client->format.bitsPerPixel/8); -+ -+ /* SECURITY: promote 'width' into uint64_t so that the multiplication does not overflow -+ 'width' and 'height' are 16-bit integers per RFB protocol design -+ SIZE_MAX is the maximum value that can fit into size_t -+ */ -+ allocSize = (uint64_t)client->width * client->height * client->format.bitsPerPixel/8; -+ -+ if (allocSize >= SIZE_MAX) { -+ rfbClientErr("CRITICAL: cannot allocate frameBuffer, requested size is too large\n"); -+ return FALSE; -+ } -+ -+ client->frameBuffer=malloc( (size_t)allocSize ); -+ -+ if (client->frameBuffer == NULL) -+ rfbClientErr("CRITICAL: frameBuffer allocation failed, requested size too large or not enough memory?\n"); -+ - return client->frameBuffer?TRUE:FALSE; - } - diff --git a/CVE-2014-6052.patch b/CVE-2014-6052.patch deleted file mode 100644 index 35757f1..0000000 --- a/CVE-2014-6052.patch +++ /dev/null @@ -1,59 +0,0 @@ -commit 85a778c0e45e87e35ee7199f1f25020648e8b812 -Author: newsoft -Date: Fri Aug 15 16:41:58 2014 +0200 - - Check for MallocFrameBuffer() return value - - If MallocFrameBuffer() returns FALSE, frame buffer pointer is left to - NULL. Subsequent writes into that buffer could lead to memory - corruption, or even arbitrary code execution. - -diff --git a/libvncclient/rfbproto.c b/libvncclient/rfbproto.c -index b4d7156..f55c74f 100644 ---- a/libvncclient/rfbproto.c -+++ b/libvncclient/rfbproto.c -@@ -1829,7 +1829,8 @@ HandleRFBServerMessage(rfbClient* client) - client->updateRect.x = client->updateRect.y = 0; - client->updateRect.w = client->width; - client->updateRect.h = client->height; -- client->MallocFrameBuffer(client); -+ if (!client->MallocFrameBuffer(client)) -+ return FALSE; - SendFramebufferUpdateRequest(client, 0, 0, rect.r.w, rect.r.h, FALSE); - rfbClientLog("Got new framebuffer size: %dx%d\n", rect.r.w, rect.r.h); - continue; -@@ -2290,7 +2291,9 @@ HandleRFBServerMessage(rfbClient* client) - client->updateRect.x = client->updateRect.y = 0; - client->updateRect.w = client->width; - client->updateRect.h = client->height; -- client->MallocFrameBuffer(client); -+ if (!client->MallocFrameBuffer(client)) -+ return FALSE; -+ - SendFramebufferUpdateRequest(client, 0, 0, client->width, client->height, FALSE); - rfbClientLog("Got new framebuffer size: %dx%d\n", client->width, client->height); - break; -@@ -2306,7 +2309,8 @@ HandleRFBServerMessage(rfbClient* client) - client->updateRect.x = client->updateRect.y = 0; - client->updateRect.w = client->width; - client->updateRect.h = client->height; -- client->MallocFrameBuffer(client); -+ if (!client->MallocFrameBuffer(client)) -+ return FALSE; - SendFramebufferUpdateRequest(client, 0, 0, client->width, client->height, FALSE); - rfbClientLog("Got new framebuffer size: %dx%d\n", client->width, client->height); - break; -diff --git a/libvncclient/vncviewer.c b/libvncclient/vncviewer.c -index 24bc6f8..65b7412 100644 ---- a/libvncclient/vncviewer.c -+++ b/libvncclient/vncviewer.c -@@ -250,7 +250,8 @@ static rfbBool rfbInitConnection(rfbClient* client) - - client->width=client->si.framebufferWidth; - client->height=client->si.framebufferHeight; -- client->MallocFrameBuffer(client); -+ if (!client->MallocFrameBuffer(client)) -+ return FALSE; - - if (!SetFormatAndEncodings(client)) - return FALSE; diff --git a/CVE-2014-6053.patch b/CVE-2014-6053.patch deleted file mode 100644 index 4f59a7b..0000000 --- a/CVE-2014-6053.patch +++ /dev/null @@ -1,22 +0,0 @@ -commit 6037a9074d52b1963c97cb28ea1096c7c14cbf28 -Author: Nicolas Ruff -Date: Mon Aug 18 15:16:16 2014 +0200 - - Check malloc() return value on client->server ClientCutText message. Client can send up to 2**32-1 bytes of text, and such a large allocation is likely to fail in case of high memory pressure. This would in a server crash (write at address 0). - -diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c -index 5f3b31d..7e43fe3 100644 ---- a/libvncserver/rfbserver.c -+++ b/libvncserver/rfbserver.c -@@ -2461,6 +2461,11 @@ rfbProcessClientNormalMessage(rfbClientPtr cl) - msg.cct.length = Swap32IfLE(msg.cct.length); - - str = (char *)malloc(msg.cct.length); -+ if (str == NULL) { -+ rfbLogPerror("rfbProcessClientNormalMessage: not enough memory"); -+ rfbCloseClient(cl); -+ return; -+ } - - if ((n = rfbReadExact(cl, str, msg.cct.length)) <= 0) { - if (n != 0) diff --git a/CVE-2014-6054.patch b/CVE-2014-6054.patch deleted file mode 100644 index b8225ac..0000000 --- a/CVE-2014-6054.patch +++ /dev/null @@ -1,38 +0,0 @@ -commit 05a9bd41a8ec0a9d580a8f420f41718bdd235446 -Author: Nicolas Ruff -Date: Mon Aug 18 15:22:48 2014 +0200 - - Do not accept a scaling factor of zero on PalmVNCSetScaleFactor and SetScale client->server messages. This would cause a division by zero and crash the server. - -diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c -index 7e43fe3..df7d74c 100644 ---- a/libvncserver/rfbserver.c -+++ b/libvncserver/rfbserver.c -@@ -2491,6 +2491,13 @@ rfbProcessClientNormalMessage(rfbClientPtr cl) - rfbCloseClient(cl); - return; - } -+ -+ if (msg.ssc.scale == 0) { -+ rfbLogPerror("rfbProcessClientNormalMessage: will not accept a scale factor of zero"); -+ rfbCloseClient(cl); -+ return; -+ } -+ - rfbStatRecordMessageRcvd(cl, msg.type, sz_rfbSetScaleMsg, sz_rfbSetScaleMsg); - rfbLog("rfbSetScale(%d)\n", msg.ssc.scale); - rfbScalingSetup(cl,cl->screen->width/msg.ssc.scale, cl->screen->height/msg.ssc.scale); -@@ -2507,6 +2514,13 @@ rfbProcessClientNormalMessage(rfbClientPtr cl) - rfbCloseClient(cl); - return; - } -+ -+ if (msg.ssc.scale == 0) { -+ rfbLogPerror("rfbProcessClientNormalMessage: will not accept a scale factor of zero"); -+ rfbCloseClient(cl); -+ return; -+ } -+ - rfbStatRecordMessageRcvd(cl, msg.type, sz_rfbSetScaleMsg, sz_rfbSetScaleMsg); - rfbLog("rfbSetScale(%d)\n", msg.ssc.scale); - rfbScalingSetup(cl,cl->screen->width/msg.ssc.scale, cl->screen->height/msg.ssc.scale); diff --git a/CVE-2014-6055.patch b/CVE-2014-6055.patch deleted file mode 100644 index bbcfc1c..0000000 --- a/CVE-2014-6055.patch +++ /dev/null @@ -1,165 +0,0 @@ -commit 06ccdf016154fde8eccb5355613ba04c59127b2e -Author: Nicolas Ruff -Date: Mon Sep 1 14:36:26 2014 +0200 - - Fix multiple stack-based buffer overflows in file transfer feature - -diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c -index df7d74c..445331a 100644 ---- a/libvncserver/rfbserver.c -+++ b/libvncserver/rfbserver.c -@@ -1241,21 +1241,35 @@ typedef struct { - #define RFB_FILE_ATTRIBUTE_TEMPORARY 0x100 - #define RFB_FILE_ATTRIBUTE_COMPRESSED 0x800 - --rfbBool rfbFilenameTranslate2UNIX(rfbClientPtr cl, char *path, char *unixPath) -+rfbBool rfbFilenameTranslate2UNIX(rfbClientPtr cl, /* in */ char *path, /* out */ char *unixPath, size_t unixPathMaxLen ) - { - int x; - char *home=NULL; - - FILEXFER_ALLOWED_OR_CLOSE_AND_RETURN("", cl, FALSE); - -+ /* -+ * Do not use strncpy() - truncating the file name would probably have undesirable side effects -+ * Instead check if destination buffer is big enough -+ */ -+ -+ if (strlen(path) >= unixPathMaxLen) -+ return FALSE; -+ - /* C: */ - if (path[0]=='C' && path[1]==':') -+ { - strcpy(unixPath, &path[2]); -+ } - else - { - home = getenv("HOME"); - if (home!=NULL) - { -+ /* Re-check buffer size */ -+ if ((strlen(path) + strlen(home) + 1) >= unixPathMaxLen) -+ return FALSE; -+ - strcpy(unixPath, home); - strcat(unixPath,"/"); - strcat(unixPath, path); -@@ -1293,7 +1307,8 @@ rfbBool rfbSendDirContent(rfbClientPtr cl, int length, char *buffer) - FILEXFER_ALLOWED_OR_CLOSE_AND_RETURN("", cl, FALSE); - - /* Client thinks we are Winblows */ -- rfbFilenameTranslate2UNIX(cl, buffer, path); -+ if (!rfbFilenameTranslate2UNIX(cl, buffer, path, sizeof(path))) -+ return FALSE; - - if (DB) rfbLog("rfbProcessFileTransfer() rfbDirContentRequest: rfbRDirContent: \"%s\"->\"%s\"\n",buffer, path); - -@@ -1570,7 +1585,11 @@ rfbBool rfbProcessFileTransfer(rfbClientPtr cl, uint8_t contentType, uint8_t con - /* add some space to the end of the buffer as we will be adding a timespec to it */ - if ((buffer = rfbProcessFileTransferReadBuffer(cl, length))==NULL) return FALSE; - /* The client requests a File */ -- rfbFilenameTranslate2UNIX(cl, buffer, filename1); -+ if (!rfbFilenameTranslate2UNIX(cl, buffer, filename1, sizeof(filename1))) -+ { -+ if (buffer!=NULL) free(buffer); -+ return FALSE; -+ } - cl->fileTransfer.fd=open(filename1, O_RDONLY, 0744); - - /* -@@ -1685,7 +1704,11 @@ rfbBool rfbProcessFileTransfer(rfbClientPtr cl, uint8_t contentType, uint8_t con - } - sizeHtmp = Swap32IfLE(sizeHtmp); - -- rfbFilenameTranslate2UNIX(cl, buffer, filename1); -+ if (!rfbFilenameTranslate2UNIX(cl, buffer, filename1, sizeof(filename1))) -+ { -+ if (buffer!=NULL) free(buffer); -+ return FALSE; -+ } - - /* If the file exists... We can send a rfbFileChecksums back to the client before we send an rfbFileAcceptHeader */ - /* TODO: Delta Transfer */ -@@ -1814,7 +1837,12 @@ rfbBool rfbProcessFileTransfer(rfbClientPtr cl, uint8_t contentType, uint8_t con - if ((buffer = rfbProcessFileTransferReadBuffer(cl, length))==NULL) return FALSE; - switch (contentParam) { - case rfbCDirCreate: /* Client requests the creation of a directory */ -- rfbFilenameTranslate2UNIX(cl, buffer, filename1); -+ if (!rfbFilenameTranslate2UNIX(cl, buffer, filename1, sizeof(filename1))) -+ { -+ if (buffer!=NULL) free(buffer); -+ return FALSE; -+ } -+ - retval = mkdir(filename1, 0755); - if (DB) rfbLog("rfbProcessFileTransfer() rfbCommand: rfbCDirCreate(\"%s\"->\"%s\") %s\n", buffer, filename1, (retval==-1?"Failed":"Success")); - /* -@@ -1823,7 +1851,12 @@ rfbBool rfbProcessFileTransfer(rfbClientPtr cl, uint8_t contentType, uint8_t con - if (buffer!=NULL) free(buffer); - return retval; - case rfbCFileDelete: /* Client requests the deletion of a file */ -- rfbFilenameTranslate2UNIX(cl, buffer, filename1); -+ if (!rfbFilenameTranslate2UNIX(cl, buffer, filename1, sizeof(filename1))) -+ { -+ if (buffer!=NULL) free(buffer); -+ return FALSE; -+ } -+ - if (stat(filename1,&statbuf)==0) - { - if (S_ISDIR(statbuf.st_mode)) -@@ -1841,8 +1874,18 @@ rfbBool rfbProcessFileTransfer(rfbClientPtr cl, uint8_t contentType, uint8_t con - { - /* Split into 2 filenames ('*' is a seperator) */ - *p = '\0'; -- rfbFilenameTranslate2UNIX(cl, buffer, filename1); -- rfbFilenameTranslate2UNIX(cl, p+1, filename2); -+ if (!rfbFilenameTranslate2UNIX(cl, buffer, filename1, sizeof(filename1))) -+ { -+ if (buffer!=NULL) free(buffer); -+ return FALSE; -+ } -+ -+ if (!rfbFilenameTranslate2UNIX(cl, p+1, filename2, sizeof(filename2))) -+ { -+ if (buffer!=NULL) free(buffer); -+ return FALSE; -+ } -+ - retval = rename(filename1,filename2); - if (DB) rfbLog("rfbProcessFileTransfer() rfbCommand: rfbCFileRename(\"%s\"->\"%s\" -->> \"%s\"->\"%s\") %s\n", buffer, filename1, p+1, filename2, (retval==-1?"Failed":"Success")); - /* - -commit f528072216dec01cee7ca35d94e171a3b909e677 -Author: Nicolas Ruff -Date: Mon Sep 1 14:51:07 2014 +0200 - - Fix stack-based buffer overflow in rfbFileTransferOffer message, FileTime processing - -diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c -index 445331a..23532b0 100644 ---- a/libvncserver/rfbserver.c -+++ b/libvncserver/rfbserver.c -@@ -1683,16 +1683,17 @@ rfbBool rfbProcessFileTransfer(rfbClientPtr cl, uint8_t contentType, uint8_t con - */ - if ((buffer = rfbProcessFileTransferReadBuffer(cl, length))==NULL) return FALSE; - -- /* Parse the FileTime */ -+ /* Parse the FileTime -+ * TODO: FileTime is actually never used afterwards -+ */ - p = strrchr(buffer, ','); - if (p!=NULL) { - *p = '\0'; -- strcpy(szFileTime, p+1); -+ strncpy(szFileTime, p+1, sizeof(szFileTime)); -+ szFileTime[sizeof(szFileTime)-1] = '\x00'; /* ensure NULL terminating byte is present, even if copy overflowed */ - } else - szFileTime[0]=0; - -- -- - /* Need to read in sizeHtmp */ - if ((n = rfbReadExact(cl, (char *)&sizeHtmp, 4)) <= 0) { - if (n != 0) diff --git a/LibVNCServer-0.9.10-no_x11vnc.patch b/LibVNCServer-0.9.10-no_x11vnc.patch deleted file mode 100644 index a0162ee..0000000 --- a/LibVNCServer-0.9.10-no_x11vnc.patch +++ /dev/null @@ -1,25 +0,0 @@ -diff -up LibVNCServer-0.9.10/configure.ac.no_x11vnc LibVNCServer-0.9.10/configure.ac ---- LibVNCServer-0.9.10/configure.ac.no_x11vnc 2014-04-05 18:38:35.000000000 -0500 -+++ LibVNCServer-0.9.10/configure.ac 2014-04-29 09:06:27.336448096 -0500 -@@ -1020,7 +1020,7 @@ if test "$build_x11vnc" = "yes"; then - # - # configure.ac:690: required file `x11vnc/Makefile.in' not found - # -- AC_CONFIG_FILES([x11vnc/Makefile x11vnc/misc/Makefile x11vnc/misc/turbovnc/Makefile]) -+ #AC_CONFIG_FILES([x11vnc/Makefile x11vnc/misc/Makefile x11vnc/misc/turbovnc/Makefile]) - - if test ! -z "$with_system_libvncserver" -a "x$with_system_libvncserver" != "xno"; then - # need to move local tarball rfb headers aside: -diff -up LibVNCServer-0.9.10/Makefile.am.no_x11vnc LibVNCServer-0.9.10/Makefile.am ---- LibVNCServer-0.9.10/Makefile.am.no_x11vnc 2014-04-05 18:38:35.000000000 -0500 -+++ LibVNCServer-0.9.10/Makefile.am 2014-04-29 09:06:27.337448086 -0500 -@@ -1,6 +1,6 @@ --if WITH_X11VNC --X11VNC=x11vnc --endif -+#if WITH_X11VNC -+#X11VNC=x11vnc -+#endif - - SUBDIRS=libvncserver examples libvncclient vncterm webclients client_examples test $(X11VNC) - DIST_SUBDIRS=libvncserver examples libvncclient vncterm webclients client_examples test diff --git a/LibVNCServer-0.9.10-system_minilzo.patch b/LibVNCServer-0.9.10-system_minilzo.patch index 34e789b..756e79f 100644 --- a/LibVNCServer-0.9.10-system_minilzo.patch +++ b/LibVNCServer-0.9.10-system_minilzo.patch @@ -1,7 +1,7 @@ -diff -up LibVNCServer-0.9.10/libvncclient/Makefile.am.system_minilzo LibVNCServer-0.9.10/libvncclient/Makefile.am ---- LibVNCServer-0.9.10/libvncclient/Makefile.am.system_minilzo 2014-04-05 18:38:35.000000000 -0500 -+++ LibVNCServer-0.9.10/libvncclient/Makefile.am 2014-04-29 08:56:27.861761880 -0500 -@@ -13,10 +13,10 @@ endif +diff -Naur libvncserver-LibVNCServer-0.9.10.old/libvncclient/Makefile.am libvncserver-LibVNCServer-0.9.10/libvncclient/Makefile.am +--- libvncserver-LibVNCServer-0.9.10.old/libvncclient/Makefile.am 2015-12-12 00:14:37.269157918 +0100 ++++ libvncserver-LibVNCServer-0.9.10/libvncclient/Makefile.am 2015-12-12 00:17:43.040435309 +0100 +@@ -13,10 +13,10 @@ endif @@ -15,10 +15,10 @@ diff -up LibVNCServer-0.9.10/libvncclient/Makefile.am.system_minilzo LibVNCServe rfbproto.o: rfbproto.c corre.c hextile.c rre.c tight.c zlib.c zrle.c ultra.c -diff -up LibVNCServer-0.9.10/libvncclient/rfbproto.c.system_minilzo LibVNCServer-0.9.10/libvncclient/rfbproto.c ---- LibVNCServer-0.9.10/libvncclient/rfbproto.c.system_minilzo 2014-04-05 18:38:35.000000000 -0500 -+++ LibVNCServer-0.9.10/libvncclient/rfbproto.c 2014-04-29 08:39:57.638331693 -0500 -@@ -61,7 +61,7 @@ +diff -Naur libvncserver-LibVNCServer-0.9.10.old/libvncclient/rfbproto.c libvncserver-LibVNCServer-0.9.10/libvncclient/rfbproto.c +--- libvncserver-LibVNCServer-0.9.10.old/libvncclient/rfbproto.c 2015-12-12 00:14:37.269157918 +0100 ++++ libvncserver-LibVNCServer-0.9.10/libvncclient/rfbproto.c 2015-12-12 00:17:43.041435322 +0100 +@@ -66,7 +66,7 @@ #include #endif @@ -26,11 +26,11 @@ diff -up LibVNCServer-0.9.10/libvncclient/rfbproto.c.system_minilzo LibVNCServer +#include #include "tls.h" - /* -diff -up LibVNCServer-0.9.10/libvncserver/Makefile.am.system_minilzo LibVNCServer-0.9.10/libvncserver/Makefile.am ---- LibVNCServer-0.9.10/libvncserver/Makefile.am.system_minilzo 2014-04-05 18:38:35.000000000 -0500 -+++ LibVNCServer-0.9.10/libvncserver/Makefile.am 2014-04-29 08:39:57.638331693 -0500 -@@ -37,7 +37,7 @@ include_HEADERS=../rfb/rfb.h ../rfb/rfbc + #ifdef _MSC_VER +diff -Naur libvncserver-LibVNCServer-0.9.10.old/libvncserver/Makefile.am libvncserver-LibVNCServer-0.9.10/libvncserver/Makefile.am +--- libvncserver-LibVNCServer-0.9.10.old/libvncserver/Makefile.am 2015-12-12 00:14:37.270157930 +0100 ++++ libvncserver-LibVNCServer-0.9.10/libvncserver/Makefile.am 2015-12-12 00:17:43.042435334 +0100 +@@ -37,7 +37,7 @@ noinst_HEADERS=../common/d3des.h ../rfb/default8x16.h zrleoutstream.h \ zrlepalettehelper.h zrletypes.h private.h scale.h rfbssl.h rfbcrypto.h \ @@ -39,7 +39,7 @@ diff -up LibVNCServer-0.9.10/libvncserver/Makefile.am.system_minilzo LibVNCServe $(TIGHTVNCFILETRANSFERHDRS) EXTRA_DIST=tableinit24.c tableinittctemplate.c tabletranstemplate.c \ -@@ -54,11 +54,11 @@ endif +@@ -54,11 +54,11 @@ LIB_SRCS = main.c rfbserver.c rfbregion.c auth.c sockets.c $(WEBSOCKETSSRCS) \ stats.c corre.c hextile.c rre.c translate.c cutpaste.c \ httpd.c cursor.c font.c \ @@ -53,9 +53,9 @@ diff -up LibVNCServer-0.9.10/libvncserver/Makefile.am.system_minilzo LibVNCServe lib_LTLIBRARIES=libvncserver.la -diff -up LibVNCServer-0.9.10/libvncserver/ultra.c.system_minilzo LibVNCServer-0.9.10/libvncserver/ultra.c ---- LibVNCServer-0.9.10/libvncserver/ultra.c.system_minilzo 2014-04-05 18:38:35.000000000 -0500 -+++ LibVNCServer-0.9.10/libvncserver/ultra.c 2014-04-29 08:39:57.638331693 -0500 +diff -Naur libvncserver-LibVNCServer-0.9.10.old/libvncserver/ultra.c libvncserver-LibVNCServer-0.9.10/libvncserver/ultra.c +--- libvncserver-LibVNCServer-0.9.10.old/libvncserver/ultra.c 2015-12-12 00:14:37.271157942 +0100 ++++ libvncserver-LibVNCServer-0.9.10/libvncserver/ultra.c 2015-12-12 00:17:43.042435334 +0100 @@ -8,7 +8,7 @@ */ diff --git a/LibVNCServer-0.9.9-pkgconfig.patch b/LibVNCServer-0.9.9-pkgconfig.patch deleted file mode 100644 index a0425e6..0000000 --- a/LibVNCServer-0.9.9-pkgconfig.patch +++ /dev/null @@ -1,26 +0,0 @@ -diff -up LibVNCServer-0.9.9/libvncclient.pc.in.pkgconfig LibVNCServer-0.9.9/libvncclient.pc.in ---- LibVNCServer-0.9.9/libvncclient.pc.in.pkgconfig 2012-05-04 09:19:00.000000000 -0500 -+++ LibVNCServer-0.9.9/libvncclient.pc.in 2013-02-14 10:45:18.902001014 -0600 -@@ -7,6 +7,8 @@ Name: LibVNCClient - Description: A library for easy implementation of a VNC client. - Version: @VERSION@ - Requires: --Libs: -L${libdir} -lvncclient @LIBS@ @WSOCKLIB@ -+Requires.private: zlib -+Libs: -L${libdir} -lvncclient -+Libs.private: @LIBS@ @WSOCKLIB@ - Cflags: -I${includedir} - -diff -up LibVNCServer-0.9.9/libvncserver.pc.in.pkgconfig LibVNCServer-0.9.9/libvncserver.pc.in ---- LibVNCServer-0.9.9/libvncserver.pc.in.pkgconfig 2012-05-04 09:19:00.000000000 -0500 -+++ LibVNCServer-0.9.9/libvncserver.pc.in 2013-02-14 10:44:49.727365748 -0600 -@@ -7,6 +7,8 @@ Name: LibVNCServer - Description: A library for easy implementation of a VNC server. - Version: @VERSION@ - Requires: --Libs: -L${libdir} -lvncserver @LIBS@ @WSOCKLIB@ -+Requires.private: zlib -+Libs: -L${libdir} -lvncserver -+Libs.private: @LIBS@ @WSOCKLIB@ - Cflags: -I${includedir} - diff --git a/libvncserver.spec b/libvncserver.spec index 306eba2..12251dd 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,53 +1,21 @@ - -%define git_commit 9453be42014b6b9eaa6ab6f8c2e8b6f4f01d15aa -%define git_short 9453be42 -%define snap 20140718 - -Summary: Library to make writing a vnc server easy +Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.10 -Release: 0.7.%{snap}git%{git_short}%{?dist} +Release: 1%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ -URL: http://libvncserver.sourceforge.net/ -%if 0%{?snap:1} -# git archive --prefix=LibVNCServer-0.9.10/ 646f844f69cc74b8eebf25cc76663b2ee851e5d3 | gzip -9 > LibVNCServer-0.9.10-646f844f.tar.gz -Source0: LibVNCServer-%{version}-%{git_short}.tar.gz -%else -Source0: http://downloads.sf.net/libvncserver/LibVNCServer-%{version}.tar.gz -%endif +URL: http://libvnc.github.io/ +Source0: https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{version}.tar.gz -# workaround there being no x11vnc/ dir in tarball -Patch0: LibVNCServer-0.9.10-no_x11vnc.patch Patch1: LibVNCServer-0.9.10-system_minilzo.patch Patch2: libvncserver-0.9.1-multilib.patch -# pkgconfig love (upstreamable) -Patch3: LibVNCServer-0.9.9-pkgconfig.patch -# krfb patches, https://github.com/LibVNC/libvncserver/pull/16 -Patch11: 0001-Fix-crash-in-krfb.patch -Patch12: 0002-allow-rfbInitSockets-with-non-ready-states.patch - -## upstream patches - -## security patches -## pulled from (fork): https://github.com/newsoft/libvncserver -# https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6051 -Patch201: CVE-2014-6051.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6052 -Patch202: CVE-2014-6052.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6053 -Patch203: CVE-2014-6053.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6054 -Patch204: CVE-2014-6054.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6055 -Patch205: CVE-2014-6055.patch # upstream name Obsoletes: LibVNCServer < 0.9.1 Provides: LibVNCServer = %{version}-%{release} -BuildRequires: automake autoconf +BuildRequires: automake autoconf libtool BuildRequires: libgcrypt-devel BuildRequires: libjpeg-devel ## FIXME/TODO: --with-va FTBFS @@ -80,28 +48,18 @@ Requires: %{name}%{?_isa} = %{version}-%{release} # libvncserver-config deps Requires: coreutils # upstream name -#Obsoletes: LibVNCServer-devel < %{version}-%{release} Provides: LibVNCServer-devel = %{version}-%{release} %description devel %{summary}. %prep -%setup -q -n LibVNCServer-%{version} +%setup -q -n %{name}-LibVNCServer-%{version} -%patch0 -p1 -b .no_x11vnc %patch1 -p1 -b .system_minilzo #nuke bundled minilzo rm -fv common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c %patch2 -p1 -b .multilib -%patch3 -p1 -b .pkgconfig -%patch11 -p1 -b .0001 -%patch12 -p1 -b .0002 -%patch201 -p1 -b .CVE-2014-6051 -%patch202 -p1 -b .CVE-2014-6052 -%patch203 -p1 -b .CVE-2014-6053 -%patch204 -p1 -b .CVE-2014-6054 -%patch205 -p1 -b .CVE-2014-6055 # fix encoding for file in AUTHORS ChangeLog ; do @@ -144,11 +102,7 @@ rm -fv %{buildroot}%{_libdir}/lib*.la %check -unset DISPLAY -# Run a fake X session -# rawhide/koji seems to have some some unreproducible errors atm -- rex -# there's also selinux :( https://bugzilla.redhat.com/843603 -xvfb-run -a make -C test test ||: +make -C test test ||: %post -p /sbin/ldconfig @@ -169,6 +123,11 @@ xvfb-run -a make -C test test ||: %changelog +* Fri Dec 11 2015 Simone Caronni - 0.9.10-1 +- Update to official 0.9.10 release. +- Remove upstreamed patches. +- Trim changelog. + * Wed Jun 17 2015 Fedora Release Engineering - 0.9.10-0.7.20140718git9453be42 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild @@ -230,51 +189,3 @@ xvfb-run -a make -C test test ||: * Mon May 07 2012 Rex Dieter 0.9.9-1 - 0.9.9 - -* Wed Apr 18 2012 Petr Pisar 0.9.8.2-4 -- Enable system lzo library on rhel >= 6 (#813764) - -* Fri Jan 13 2012 Fedora Release Engineering - 0.9.8.2-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - -* Sat Dec 31 2011 Christoph Wickert - 0.9.8.2-2 -- On F15, %%check needs xorg-x11-xauth, too - -* Tue Dec 13 2011 Rex Dieter 0.9.8.2-1 -- 0.9.8.2 (#694975) -- new %%check section (yay for xvfb-run) - -* Tue Feb 08 2011 Fedora Release Engineering - 0.9.7-5 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - -* Thu Feb 18 2010 Stepan Kasal - 0.9.7-4 -- repack the tarball, there are .jar files without any source -- do not BR findutils, they are guaranteed in Fedora mock -- fix obsolete, so that it covers only packages created before this - spec was added to Fedora - -* Sat Jul 25 2009 Fedora Release Engineering - 0.9.7-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild - -* Sat May 23 2009 Rex Dieter - 0.9.7-3 -- Socket is not closed when disconnecting from server (#501895) - -* Mon May 04 2009 Rex Dieter - 0.9.7-2 -- fix detection of LINUX platform/define - -* Mon May 04 2009 Rex Dieter - 0.9.7-1 -- LibVNCServer-0.9.7 - -* Wed Feb 25 2009 Fedora Release Engineering - 0.9.1-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild - -* Thu Apr 10 2008 Manuel Wolfshant 0.9.1-3 -- do not use bundled copy of minilzo (#439979) - -* Sun Jan 27 2008 Rex Dieter 0.9.1-2 -- hack libtool to omit unused shlib dependencies -- fix AUTHORS encoding -- fix src perms - -* Mon Jan 21 2008 Rex Dieter 0.9.1-1 -- 0.9.1 From 53d91b95b19c59c4d66b8cec921fb13db7cfe4ed Mon Sep 17 00:00:00 2001 From: Simone Caronni Date: Sat, 12 Dec 2015 10:00:14 +0100 Subject: [PATCH 41/81] Update sources --- .gitignore | 1 + sources | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index ac78c8d..e7f87f6 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,4 @@ /LibVNCServer-0.9.9.tar.gz /LibVNCServer-0.9.10-646f844f.tar.gz /LibVNCServer-0.9.10-9453be42.tar.gz +/LibVNCServer-0.9.10.tar.gz diff --git a/sources b/sources index 3fd3940..c194150 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -53a5a6484848caaa0c352ece4d8b6202 LibVNCServer-0.9.10-9453be42.tar.gz +e1b888fae717b06896f8aec100163d27 LibVNCServer-0.9.10.tar.gz From ebaf93144296a572ccbcf43dbb5165d2159a95ce Mon Sep 17 00:00:00 2001 From: Simone Caronni Date: Sat, 12 Dec 2015 10:24:48 +0100 Subject: [PATCH 42/81] Clean up SPEC file. --- libvncserver.spec | 134 +++++++++++++++++++++++++--------------------- 1 file changed, 72 insertions(+), 62 deletions(-) diff --git a/libvncserver.spec b/libvncserver.spec index 12251dd..b0fee1b 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,101 +1,107 @@ -Summary: Library to make writing a VNC server easy -Name: libvncserver -Version: 0.9.10 -Release: 1%{?dist} - -# NOTE: --with-tightvnc-filetransfer => GPLv2 -License: GPLv2+ -URL: http://libvnc.github.io/ -Source0: https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{version}.tar.gz - -Patch1: LibVNCServer-0.9.10-system_minilzo.patch -Patch2: libvncserver-0.9.1-multilib.patch - -# upstream name -Obsoletes: LibVNCServer < 0.9.1 -Provides: LibVNCServer = %{version}-%{release} - -BuildRequires: automake autoconf libtool -BuildRequires: libgcrypt-devel -BuildRequires: libjpeg-devel +Summary: Library to make writing a VNC server easy +Name: libvncserver +Version: 0.9.10 +Release: 1%{?dist} + +# NOTE: --with-filetransfer => GPLv2 +License: GPLv2+ +URL: http://libvnc.github.io/ +Source0: https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{version}.tar.gz + +Patch1: LibVNCServer-0.9.10-system_minilzo.patch +Patch2: libvncserver-0.9.1-multilib.patch + +# Upstream name +Obsoletes: LibVNCServer < 0.9.1 +Provides: LibVNCServer = %{version}-%{release} + +BuildRequires: autoconf +BuildRequires: automake +BuildRequires: libgcrypt-devel +BuildRequires: libjpeg-devel +BuildRequires: libtool ## FIXME/TODO: --with-va FTBFS #BuildRequires: libva-devel -BuildRequires: lzo-minilzo lzo-devel -BuildRequires: pkgconfig(gnutls) -BuildRequires: pkgconfig(libcrypto) pkgconfig(libssl) -BuildRequires: pkgconfig(libpng) +BuildRequires: lzo-devel +BuildRequires: lzo-minilzo +BuildRequires: pkgconfig(gnutls) +BuildRequires: pkgconfig(libcrypto) +BuildRequires: pkgconfig(libpng) +BuildRequires: pkgconfig(libssl) # Additional deps for --with-x11vnc, see https://bugzilla.redhat.com/show_bug.cgi?id=864947 -BuildRequires: pkgconfig(avahi-client) -BuildRequires: pkgconfig(ice) pkgconfig(x11) pkgconfig(xdamage) -BuildRequires: pkgconfig(xext) pkgconfig(xfixes) pkgconfig(xi) -BuildRequires: pkgconfig(xinerama) pkgconfig(xrandr) pkgconfig(xtst) - -# for %%check -BuildRequires: xorg-x11-server-Xvfb -BuildRequires: xorg-x11-xauth -BuildRequires: zlib-devel +BuildRequires: pkgconfig(avahi-client) +BuildRequires: pkgconfig(ice) +BuildRequires: pkgconfig(x11) +BuildRequires: pkgconfig(xdamage) +BuildRequires: pkgconfig(xext) +BuildRequires: pkgconfig(xfixes) +BuildRequires: pkgconfig(xi) +BuildRequires: pkgconfig(xinerama) +BuildRequires: pkgconfig(xrandr) +BuildRequires: pkgconfig(xtst) + +# For %%check +BuildRequires: xorg-x11-xauth +BuildRequires: zlib-devel %description -LibVNCServer makes writing a VNC server (or more correctly, a program -exporting a framebuffer via the Remote Frame Buffer protocol) easy. +LibVNCServer makes writing a VNC server (or more correctly, a program exporting +a frame-buffer via the Remote Frame Buffer protocol) easy. It hides the programmer from the tedious task of managing clients and compression schemata. %package devel -Summary: Development files for %{name} -Requires: %{name}%{?_isa} = %{version}-%{release} +Summary: Development files for %{name} +Requires: %{name}%{?_isa} = %{version}-%{release} # libvncserver-config deps -Requires: coreutils -# upstream name -Provides: LibVNCServer-devel = %{version}-%{release} +Requires: coreutils +# Upstream name +Provides: LibVNCServer-devel = %{version}-%{release} + %description devel -%{summary}. +The %{name}-devel package contains libraries and header files for +developing applications that use %{name}. %prep %setup -q -n %{name}-LibVNCServer-%{version} - %patch1 -p1 -b .system_minilzo -#nuke bundled minilzo +# Nuke bundled minilzo rm -fv common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c %patch2 -p1 -b .multilib -# fix encoding -for file in AUTHORS ChangeLog ; do -mv ${file} ${file}.OLD && \ -iconv -f ISO_8859-1 -t UTF8 ${file}.OLD > ${file} && \ -touch --reference ${file}.OLD $file +# Fix encoding +for file in ChangeLog ; do + mv ${file} ${file}.OLD && \ + iconv -f ISO_8859-1 -t UTF8 ${file}.OLD > ${file} && \ + touch --reference ${file}.OLD $file done -# needed by patch 1 (and to nuke rpath's) -%if 0%{?snap:1} -./autogen.sh -%else -autoreconf -is -%endif +# Needed by patch 1 (and to nuke rpath's) +autoreconf -vif %build %configure \ --disable-silent-rules \ --disable-static \ - --without-tightvnc-filetransfer \ + --without-filetransfer \ --with-gcrypt \ --without-libva \ --with-png \ --with-x11vnc -# hack to omit unused-direct-shlib-dependencies +# Hack to omit unused-direct-shlib-dependencies sed -i -e 's! -shared ! -Wl,--as-needed\0!g' libtool make %{?_smp_mflags} %install -make install DESTDIR=%{buildroot} +%make_install -# unpackaged files +# Unpackaged files rm -fv %{buildroot}%{_bindir}/linuxvnc rm -fv %{buildroot}%{_libdir}/lib*.a rm -fv %{buildroot}%{_libdir}/lib*.la @@ -104,12 +110,14 @@ rm -fv %{buildroot}%{_libdir}/lib*.la %check make -C test test ||: - %post -p /sbin/ldconfig + %postun -p /sbin/ldconfig %files -%doc AUTHORS ChangeLog COPYING NEWS README TODO +%{!?_licensedir:%global license %%doc} +%license COPYING +%doc AUTHORS ChangeLog NEWS README TODO %{_libdir}/libvncclient.so.0* %{_libdir}/libvncserver.so.0* @@ -124,9 +132,11 @@ make -C test test ||: %changelog * Fri Dec 11 2015 Simone Caronni - 0.9.10-1 -- Update to official 0.9.10 release. -- Remove upstreamed patches. +- Update to official 0.9.10 release, update configure parameters and remove + upstreamed patches. - Trim changelog. +- Clean up SPEC file. +- Add license macro. * Wed Jun 17 2015 Fedora Release Engineering - 0.9.10-0.7.20140718git9453be42 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild From 1d246394ac9f0c4f985ffaec69aa0b82b909cba8 Mon Sep 17 00:00:00 2001 From: Simone Caronni Date: Sat, 12 Dec 2015 10:25:38 +0100 Subject: [PATCH 43/81] Remove very old obsolete/provides on pacakge with camel case --- libvncserver.spec | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/libvncserver.spec b/libvncserver.spec index b0fee1b..c3bc290 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -11,10 +11,6 @@ Source0: https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{versio Patch1: LibVNCServer-0.9.10-system_minilzo.patch Patch2: libvncserver-0.9.1-multilib.patch -# Upstream name -Obsoletes: LibVNCServer < 0.9.1 -Provides: LibVNCServer = %{version}-%{release} - BuildRequires: autoconf BuildRequires: automake BuildRequires: libgcrypt-devel @@ -56,8 +52,6 @@ Summary: Development files for %{name} Requires: %{name}%{?_isa} = %{version}-%{release} # libvncserver-config deps Requires: coreutils -# Upstream name -Provides: LibVNCServer-devel = %{version}-%{release} %description devel The %{name}-devel package contains libraries and header files for @@ -137,6 +131,7 @@ make -C test test ||: - Trim changelog. - Clean up SPEC file. - Add license macro. +- Remove very old obsolete/provides on pacakge with camel case (LibVNCServer). * Wed Jun 17 2015 Fedora Release Engineering - 0.9.10-0.7.20140718git9453be42 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild From 55dd353e2e4b1cea6c6f34d78b9097196b14af8c Mon Sep 17 00:00:00 2001 From: Simone Caronni Date: Sat, 12 Dec 2015 14:43:02 +0100 Subject: [PATCH 44/81] Add patch for using system crypto policies (#1179318) --- ...NCServer-0.9.10-system-crypto-policy.patch | 26 +++++++++++++++++++ libvncserver.spec | 7 ++++- 2 files changed, 32 insertions(+), 1 deletion(-) create mode 100644 LibVNCServer-0.9.10-system-crypto-policy.patch diff --git a/LibVNCServer-0.9.10-system-crypto-policy.patch b/LibVNCServer-0.9.10-system-crypto-policy.patch new file mode 100644 index 0000000..198aeec --- /dev/null +++ b/LibVNCServer-0.9.10-system-crypto-policy.patch @@ -0,0 +1,26 @@ +diff -Naur libvncserver-LibVNCServer-0.9.10.old/libvncclient/tls_gnutls.c libvncserver-LibVNCServer-0.9.10/libvncclient/tls_gnutls.c +--- libvncserver-LibVNCServer-0.9.10.old/libvncclient/tls_gnutls.c 2015-12-12 00:14:37.269157918 +0100 ++++ libvncserver-LibVNCServer-0.9.10/libvncclient/tls_gnutls.c 2015-12-12 11:23:29.391385234 +0100 +@@ -31,8 +31,8 @@ + #include "tls.h" + + +-static const char *rfbTLSPriority = "NORMAL:+DHE-DSS:+RSA:+DHE-RSA:+SRP"; +-static const char *rfbAnonTLSPriority= "NORMAL:+ANON-DH"; ++static const char *rfbTLSPriority = "@SYSTEM"; ++static const char *rfbAnonTLSPriority= "@SYSTEM"; + + #define DH_BITS 1024 + static gnutls_dh_params_t rfbDHParams; +diff -Naur libvncserver-LibVNCServer-0.9.10.old/libvncserver/rfbssl_gnutls.c libvncserver-LibVNCServer-0.9.10/libvncserver/rfbssl_gnutls.c +--- libvncserver-LibVNCServer-0.9.10.old/libvncserver/rfbssl_gnutls.c 2015-12-12 00:14:37.270157930 +0100 ++++ libvncserver-LibVNCServer-0.9.10/libvncserver/rfbssl_gnutls.c 2015-12-12 11:14:49.966830581 +0100 +@@ -54,7 +54,7 @@ + + if (!GNUTLS_E_SUCCESS == (ret = gnutls_init(&session, GNUTLS_SERVER))) { + /* */ +- } else if (!GNUTLS_E_SUCCESS == (ret = gnutls_priority_set_direct(session, "EXPORT", NULL))) { ++ } else if (!GNUTLS_E_SUCCESS == (ret = gnutls_set_default_priority(session))) { + /* */ + } else if (!GNUTLS_E_SUCCESS == (ret = gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, ctx->x509_cred))) { + /* */ diff --git a/libvncserver.spec b/libvncserver.spec index c3bc290..dc57364 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,7 +1,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.10 -Release: 1%{?dist} +Release: 2%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -10,6 +10,7 @@ Source0: https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{versio Patch1: LibVNCServer-0.9.10-system_minilzo.patch Patch2: libvncserver-0.9.1-multilib.patch +Patch3: LibVNCServer-0.9.10-system-crypto-policy.patch BuildRequires: autoconf BuildRequires: automake @@ -64,6 +65,7 @@ developing applications that use %{name}. # Nuke bundled minilzo rm -fv common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c %patch2 -p1 -b .multilib +%patch3 -p1 # Fix encoding for file in ChangeLog ; do @@ -125,6 +127,9 @@ make -C test test ||: %changelog +* Sat Dec 12 2015 Simone Caronni - 0.9.10-2 +- Add patch for using system crypto policies (#1179318). + * Fri Dec 11 2015 Simone Caronni - 0.9.10-1 - Update to official 0.9.10 release, update configure parameters and remove upstreamed patches. From 2e24d960e8465f8ed77dd56a2d449239b4e15b4d Mon Sep 17 00:00:00 2001 From: Simone Caronni Date: Thu, 17 Dec 2015 20:58:34 +0100 Subject: [PATCH 45/81] Udpate patch --- LibVNCServer-0.9.10-system-crypto-policy.patch | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/LibVNCServer-0.9.10-system-crypto-policy.patch b/LibVNCServer-0.9.10-system-crypto-policy.patch index 198aeec..2f65b17 100644 --- a/LibVNCServer-0.9.10-system-crypto-policy.patch +++ b/LibVNCServer-0.9.10-system-crypto-policy.patch @@ -7,8 +7,8 @@ diff -Naur libvncserver-LibVNCServer-0.9.10.old/libvncclient/tls_gnutls.c libvnc -static const char *rfbTLSPriority = "NORMAL:+DHE-DSS:+RSA:+DHE-RSA:+SRP"; -static const char *rfbAnonTLSPriority= "NORMAL:+ANON-DH"; -+static const char *rfbTLSPriority = "@SYSTEM"; -+static const char *rfbAnonTLSPriority= "@SYSTEM"; ++static const char *rfbTLSPriority = "@SYSTEM:+SRP"; ++static const char *rfbAnonTLSPriority= "@SYSTEM:+ANON-DH"; #define DH_BITS 1024 static gnutls_dh_params_t rfbDHParams; From 7a21214758212c62c97a6fcd358c5df4b6658b98 Mon Sep 17 00:00:00 2001 From: Simone Caronni Date: Thu, 17 Dec 2015 20:59:43 +0100 Subject: [PATCH 46/81] Update spec file --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index dc57364..0f52340 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,7 +1,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.10 -Release: 2%{?dist} +Release: 3%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -127,6 +127,9 @@ make -C test test ||: %changelog +* Thu Dec 17 2015 Simone Caronni - 0.9.10-3 +- Update crypto policies patch. + * Sat Dec 12 2015 Simone Caronni - 0.9.10-2 - Add patch for using system crypto policies (#1179318). From 12553b15db54256bff4b0749af79e33e928d1e4e Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Thu, 4 Feb 2016 04:07:56 +0000 Subject: [PATCH 47/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index 0f52340..801918c 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,7 +1,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.10 -Release: 3%{?dist} +Release: 4%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -127,6 +127,9 @@ make -C test test ||: %changelog +* Thu Feb 04 2016 Fedora Release Engineering - 0.9.10-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + * Thu Dec 17 2015 Simone Caronni - 0.9.10-3 - Update crypto policies patch. From 3dc41b0aec91a72d58b9f69f6d805e6704dcb468 Mon Sep 17 00:00:00 2001 From: Than Ngo Date: Thu, 18 Feb 2016 13:57:05 +0100 Subject: [PATCH 48/81] fix conflict with max() macro with gcc6, which causes build failure in KDE/Qt like krfb --- LibVNCServer-0.9.10-max-gcc6.patch | 99 ++++++++++++++++++++++++++++++ libvncserver.spec | 8 ++- 2 files changed, 106 insertions(+), 1 deletion(-) create mode 100644 LibVNCServer-0.9.10-max-gcc6.patch diff --git a/LibVNCServer-0.9.10-max-gcc6.patch b/LibVNCServer-0.9.10-max-gcc6.patch new file mode 100644 index 0000000..b0549c1 --- /dev/null +++ b/LibVNCServer-0.9.10-max-gcc6.patch @@ -0,0 +1,99 @@ +diff -Nur libvncserver-LibVNCServer-0.9.10.than/libvncclient/listen.c libvncserver-LibVNCServer-0.9.10/libvncclient/listen.c +--- libvncserver-LibVNCServer-0.9.10.than/libvncclient/listen.c 2014-10-21 17:57:11.000000000 +0200 ++++ libvncserver-LibVNCServer-0.9.10/libvncclient/listen.c 2016-02-18 13:13:26.265271713 +0100 +@@ -99,7 +99,7 @@ + if(listen6Socket >= 0) + FD_SET(listen6Socket, &fds); + +- r = select(max(listenSocket, listen6Socket)+1, &fds, NULL, NULL, NULL); ++ r = select(VNC_MAX(listenSocket, listen6Socket)+1, &fds, NULL, NULL, NULL); + + if (r > 0) { + if (FD_ISSET(listenSocket, &fds)) +@@ -195,9 +195,9 @@ + FD_SET(client->listen6Sock, &fds); + + if (timeout < 0) +- r = select(max(client->listenSock, client->listen6Sock) +1, &fds, NULL, NULL, NULL); ++ r = select(VNC_MAX(client->listenSock, client->listen6Sock) +1, &fds, NULL, NULL, NULL); + else +- r = select(max(client->listenSock, client->listen6Sock) +1, &fds, NULL, NULL, &to); ++ r = select(VNC_MAX(client->listenSock, client->listen6Sock) +1, &fds, NULL, NULL, &to); + + if (r > 0) + { +diff -Nur libvncserver-LibVNCServer-0.9.10.than/libvncserver/httpd.c libvncserver-LibVNCServer-0.9.10/libvncserver/httpd.c +--- libvncserver-LibVNCServer-0.9.10.than/libvncserver/httpd.c 2014-10-21 17:57:11.000000000 +0200 ++++ libvncserver-LibVNCServer-0.9.10/libvncserver/httpd.c 2016-02-18 13:13:56.527062313 +0100 +@@ -192,7 +192,7 @@ + } + tv.tv_sec = 0; + tv.tv_usec = 0; +- nfds = select(max(rfbScreen->httpListen6Sock, max(rfbScreen->httpSock,rfbScreen->httpListenSock)) + 1, &fds, NULL, NULL, &tv); ++ nfds = select(VNC_MAX(rfbScreen->httpListen6Sock, VNC_MAX(rfbScreen->httpSock,rfbScreen->httpListenSock)) + 1, &fds, NULL, NULL, &tv); + if (nfds == 0) { + return; + } +diff -Nur libvncserver-LibVNCServer-0.9.10.than/libvncserver/rfbserver.c libvncserver-LibVNCServer-0.9.10/libvncserver/rfbserver.c +--- libvncserver-LibVNCServer-0.9.10.than/libvncserver/rfbserver.c 2014-10-21 17:57:11.000000000 +0200 ++++ libvncserver-LibVNCServer-0.9.10/libvncserver/rfbserver.c 2016-02-18 13:13:40.808171081 +0100 +@@ -367,7 +367,7 @@ + } + + FD_SET(sock,&(rfbScreen->allFds)); +- rfbScreen->maxFd = max(sock,rfbScreen->maxFd); ++ rfbScreen->maxFd = VNC_MAX(sock,rfbScreen->maxFd); + + INIT_MUTEX(cl->outputMutex); + INIT_MUTEX(cl->refCountMutex); +diff -Nur libvncserver-LibVNCServer-0.9.10.than/libvncserver/sockets.c libvncserver-LibVNCServer-0.9.10/libvncserver/sockets.c +--- libvncserver-LibVNCServer-0.9.10.than/libvncserver/sockets.c 2014-10-21 17:57:11.000000000 +0200 ++++ libvncserver-LibVNCServer-0.9.10/libvncserver/sockets.c 2016-02-18 13:13:48.695116507 +0100 +@@ -193,7 +193,7 @@ + + rfbLog("Autoprobing selected TCP6 port %d\n", rfbScreen->ipv6port); + FD_SET(rfbScreen->listen6Sock, &(rfbScreen->allFds)); +- rfbScreen->maxFd = max((int)rfbScreen->listen6Sock,rfbScreen->maxFd); ++ rfbScreen->maxFd = VNC_MAX((int)rfbScreen->listen6Sock,rfbScreen->maxFd); + #endif + } + else +@@ -220,7 +220,7 @@ + rfbLog("Listening for VNC connections on TCP6 port %d\n", rfbScreen->ipv6port); + + FD_SET(rfbScreen->listen6Sock, &(rfbScreen->allFds)); +- rfbScreen->maxFd = max((int)rfbScreen->listen6Sock,rfbScreen->maxFd); ++ rfbScreen->maxFd = VNC_MAX((int)rfbScreen->listen6Sock,rfbScreen->maxFd); + } + #endif + +@@ -236,7 +236,7 @@ + rfbLog("Listening for VNC connections on TCP port %d\n", rfbScreen->port); + + FD_SET(rfbScreen->udpSock, &(rfbScreen->allFds)); +- rfbScreen->maxFd = max((int)rfbScreen->udpSock,rfbScreen->maxFd); ++ rfbScreen->maxFd = VNC_MAX((int)rfbScreen->udpSock,rfbScreen->maxFd); + } + } + +@@ -555,7 +555,7 @@ + + /* AddEnabledDevice(sock); */ + FD_SET(sock, &rfbScreen->allFds); +- rfbScreen->maxFd = max(sock,rfbScreen->maxFd); ++ rfbScreen->maxFd = VNC_MAX(sock,rfbScreen->maxFd); + + return sock; + } +diff -Nur libvncserver-LibVNCServer-0.9.10.than/rfb/rfbproto.h libvncserver-LibVNCServer-0.9.10/rfb/rfbproto.h +--- libvncserver-LibVNCServer-0.9.10.than/rfb/rfbproto.h 2014-10-21 17:57:11.000000000 +0200 ++++ libvncserver-LibVNCServer-0.9.10/rfb/rfbproto.h 2016-02-18 13:14:08.672978267 +0100 +@@ -93,7 +93,7 @@ + #endif + + #if !defined(WIN32) || defined(__MINGW32__) +-#define max(a,b) (((a)>(b))?(a):(b)) ++#define VNC_MAX(a,b) (((a)>(b))?(a):(b)) + #ifdef LIBVNCSERVER_HAVE_SYS_TIME_H + #include + #endif diff --git a/libvncserver.spec b/libvncserver.spec index 801918c..b831ac8 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,7 +1,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.10 -Release: 4%{?dist} +Release: 5%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -11,6 +11,7 @@ Source0: https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{versio Patch1: LibVNCServer-0.9.10-system_minilzo.patch Patch2: libvncserver-0.9.1-multilib.patch Patch3: LibVNCServer-0.9.10-system-crypto-policy.patch +Patch4: LibVNCServer-0.9.10-max-gcc6.patch BuildRequires: autoconf BuildRequires: automake @@ -66,6 +67,7 @@ developing applications that use %{name}. rm -fv common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c %patch2 -p1 -b .multilib %patch3 -p1 +%patch4 -p1 # Fix encoding for file in ChangeLog ; do @@ -127,6 +129,10 @@ make -C test test ||: %changelog +* Thu Feb 18 2016 Than Ngo - 0.9.10-5 +- fix conflict with max() macro with gcc6, which causes build failure in KDE/Qt + like krfb + * Thu Feb 04 2016 Fedora Release Engineering - 0.9.10-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild From 5aca04ab962d54bba591e43d0a987490f620fbf2 Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Thu, 18 Feb 2016 08:38:40 -0600 Subject: [PATCH 49/81] add reference to upstream issue --- libvncserver.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/libvncserver.spec b/libvncserver.spec index b831ac8..adee6f9 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -11,6 +11,7 @@ Source0: https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{versio Patch1: LibVNCServer-0.9.10-system_minilzo.patch Patch2: libvncserver-0.9.1-multilib.patch Patch3: LibVNCServer-0.9.10-system-crypto-policy.patch +# https://github.com/LibVNC/libvncserver/issues/102 Patch4: LibVNCServer-0.9.10-max-gcc6.patch BuildRequires: autoconf From 737f850d686c674d26eba23f083d88870daf850f Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 10 Feb 2017 19:40:50 +0000 Subject: [PATCH 50/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index adee6f9..2550e2d 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,7 +1,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.10 -Release: 5%{?dist} +Release: 6%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -130,6 +130,9 @@ make -C test test ||: %changelog +* Fri Feb 10 2017 Fedora Release Engineering - 0.9.10-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + * Thu Feb 18 2016 Than Ngo - 0.9.10-5 - fix conflict with max() macro with gcc6, which causes build failure in KDE/Qt like krfb From 947ff9ef954cb39838548b0ee27885c3a41778de Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Tue, 14 Feb 2017 11:15:17 -0600 Subject: [PATCH 51/81] 0.9.11 (#1421948) --- .gitignore | 1 + LibVNCServer-0.9.10-max-gcc6.patch | 99 ------------------------ LibVNCServer-0.9.10-system_minilzo.patch | 67 ---------------- libvncserver-0.9.11-system_minilzo.patch | 55 +++++++++++++ libvncserver.spec | 26 +++---- sources | 2 +- 6 files changed, 69 insertions(+), 181 deletions(-) delete mode 100644 LibVNCServer-0.9.10-max-gcc6.patch delete mode 100644 LibVNCServer-0.9.10-system_minilzo.patch create mode 100644 libvncserver-0.9.11-system_minilzo.patch diff --git a/.gitignore b/.gitignore index e7f87f6..2f3d545 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ /LibVNCServer-0.9.10-646f844f.tar.gz /LibVNCServer-0.9.10-9453be42.tar.gz /LibVNCServer-0.9.10.tar.gz +/LibVNCServer-0.9.11.tar.gz diff --git a/LibVNCServer-0.9.10-max-gcc6.patch b/LibVNCServer-0.9.10-max-gcc6.patch deleted file mode 100644 index b0549c1..0000000 --- a/LibVNCServer-0.9.10-max-gcc6.patch +++ /dev/null @@ -1,99 +0,0 @@ -diff -Nur libvncserver-LibVNCServer-0.9.10.than/libvncclient/listen.c libvncserver-LibVNCServer-0.9.10/libvncclient/listen.c ---- libvncserver-LibVNCServer-0.9.10.than/libvncclient/listen.c 2014-10-21 17:57:11.000000000 +0200 -+++ libvncserver-LibVNCServer-0.9.10/libvncclient/listen.c 2016-02-18 13:13:26.265271713 +0100 -@@ -99,7 +99,7 @@ - if(listen6Socket >= 0) - FD_SET(listen6Socket, &fds); - -- r = select(max(listenSocket, listen6Socket)+1, &fds, NULL, NULL, NULL); -+ r = select(VNC_MAX(listenSocket, listen6Socket)+1, &fds, NULL, NULL, NULL); - - if (r > 0) { - if (FD_ISSET(listenSocket, &fds)) -@@ -195,9 +195,9 @@ - FD_SET(client->listen6Sock, &fds); - - if (timeout < 0) -- r = select(max(client->listenSock, client->listen6Sock) +1, &fds, NULL, NULL, NULL); -+ r = select(VNC_MAX(client->listenSock, client->listen6Sock) +1, &fds, NULL, NULL, NULL); - else -- r = select(max(client->listenSock, client->listen6Sock) +1, &fds, NULL, NULL, &to); -+ r = select(VNC_MAX(client->listenSock, client->listen6Sock) +1, &fds, NULL, NULL, &to); - - if (r > 0) - { -diff -Nur libvncserver-LibVNCServer-0.9.10.than/libvncserver/httpd.c libvncserver-LibVNCServer-0.9.10/libvncserver/httpd.c ---- libvncserver-LibVNCServer-0.9.10.than/libvncserver/httpd.c 2014-10-21 17:57:11.000000000 +0200 -+++ libvncserver-LibVNCServer-0.9.10/libvncserver/httpd.c 2016-02-18 13:13:56.527062313 +0100 -@@ -192,7 +192,7 @@ - } - tv.tv_sec = 0; - tv.tv_usec = 0; -- nfds = select(max(rfbScreen->httpListen6Sock, max(rfbScreen->httpSock,rfbScreen->httpListenSock)) + 1, &fds, NULL, NULL, &tv); -+ nfds = select(VNC_MAX(rfbScreen->httpListen6Sock, VNC_MAX(rfbScreen->httpSock,rfbScreen->httpListenSock)) + 1, &fds, NULL, NULL, &tv); - if (nfds == 0) { - return; - } -diff -Nur libvncserver-LibVNCServer-0.9.10.than/libvncserver/rfbserver.c libvncserver-LibVNCServer-0.9.10/libvncserver/rfbserver.c ---- libvncserver-LibVNCServer-0.9.10.than/libvncserver/rfbserver.c 2014-10-21 17:57:11.000000000 +0200 -+++ libvncserver-LibVNCServer-0.9.10/libvncserver/rfbserver.c 2016-02-18 13:13:40.808171081 +0100 -@@ -367,7 +367,7 @@ - } - - FD_SET(sock,&(rfbScreen->allFds)); -- rfbScreen->maxFd = max(sock,rfbScreen->maxFd); -+ rfbScreen->maxFd = VNC_MAX(sock,rfbScreen->maxFd); - - INIT_MUTEX(cl->outputMutex); - INIT_MUTEX(cl->refCountMutex); -diff -Nur libvncserver-LibVNCServer-0.9.10.than/libvncserver/sockets.c libvncserver-LibVNCServer-0.9.10/libvncserver/sockets.c ---- libvncserver-LibVNCServer-0.9.10.than/libvncserver/sockets.c 2014-10-21 17:57:11.000000000 +0200 -+++ libvncserver-LibVNCServer-0.9.10/libvncserver/sockets.c 2016-02-18 13:13:48.695116507 +0100 -@@ -193,7 +193,7 @@ - - rfbLog("Autoprobing selected TCP6 port %d\n", rfbScreen->ipv6port); - FD_SET(rfbScreen->listen6Sock, &(rfbScreen->allFds)); -- rfbScreen->maxFd = max((int)rfbScreen->listen6Sock,rfbScreen->maxFd); -+ rfbScreen->maxFd = VNC_MAX((int)rfbScreen->listen6Sock,rfbScreen->maxFd); - #endif - } - else -@@ -220,7 +220,7 @@ - rfbLog("Listening for VNC connections on TCP6 port %d\n", rfbScreen->ipv6port); - - FD_SET(rfbScreen->listen6Sock, &(rfbScreen->allFds)); -- rfbScreen->maxFd = max((int)rfbScreen->listen6Sock,rfbScreen->maxFd); -+ rfbScreen->maxFd = VNC_MAX((int)rfbScreen->listen6Sock,rfbScreen->maxFd); - } - #endif - -@@ -236,7 +236,7 @@ - rfbLog("Listening for VNC connections on TCP port %d\n", rfbScreen->port); - - FD_SET(rfbScreen->udpSock, &(rfbScreen->allFds)); -- rfbScreen->maxFd = max((int)rfbScreen->udpSock,rfbScreen->maxFd); -+ rfbScreen->maxFd = VNC_MAX((int)rfbScreen->udpSock,rfbScreen->maxFd); - } - } - -@@ -555,7 +555,7 @@ - - /* AddEnabledDevice(sock); */ - FD_SET(sock, &rfbScreen->allFds); -- rfbScreen->maxFd = max(sock,rfbScreen->maxFd); -+ rfbScreen->maxFd = VNC_MAX(sock,rfbScreen->maxFd); - - return sock; - } -diff -Nur libvncserver-LibVNCServer-0.9.10.than/rfb/rfbproto.h libvncserver-LibVNCServer-0.9.10/rfb/rfbproto.h ---- libvncserver-LibVNCServer-0.9.10.than/rfb/rfbproto.h 2014-10-21 17:57:11.000000000 +0200 -+++ libvncserver-LibVNCServer-0.9.10/rfb/rfbproto.h 2016-02-18 13:14:08.672978267 +0100 -@@ -93,7 +93,7 @@ - #endif - - #if !defined(WIN32) || defined(__MINGW32__) --#define max(a,b) (((a)>(b))?(a):(b)) -+#define VNC_MAX(a,b) (((a)>(b))?(a):(b)) - #ifdef LIBVNCSERVER_HAVE_SYS_TIME_H - #include - #endif diff --git a/LibVNCServer-0.9.10-system_minilzo.patch b/LibVNCServer-0.9.10-system_minilzo.patch deleted file mode 100644 index 756e79f..0000000 --- a/LibVNCServer-0.9.10-system_minilzo.patch +++ /dev/null @@ -1,67 +0,0 @@ -diff -Naur libvncserver-LibVNCServer-0.9.10.old/libvncclient/Makefile.am libvncserver-LibVNCServer-0.9.10/libvncclient/Makefile.am ---- libvncserver-LibVNCServer-0.9.10.old/libvncclient/Makefile.am 2015-12-12 00:14:37.269157918 +0100 -+++ libvncserver-LibVNCServer-0.9.10/libvncclient/Makefile.am 2015-12-12 00:17:43.040435309 +0100 -@@ -13,10 +13,10 @@ - endif - - --libvncclient_la_SOURCES=cursor.c listen.c rfbproto.c sockets.c vncviewer.c ../common/minilzo.c $(TLSSRCS) --libvncclient_la_LIBADD=$(TLSLIBS) $(VA_LIBS) -+libvncclient_la_SOURCES=cursor.c listen.c rfbproto.c sockets.c vncviewer.c $(TLSSRCS) -+libvncclient_la_LIBADD=$(TLSLIBS) $(VA_LIBS) -lminilzo - --noinst_HEADERS=../common/lzodefs.h ../common/lzoconf.h ../common/minilzo.h tls.h -+noinst_HEADERS=tls.h - - rfbproto.o: rfbproto.c corre.c hextile.c rre.c tight.c zlib.c zrle.c ultra.c - -diff -Naur libvncserver-LibVNCServer-0.9.10.old/libvncclient/rfbproto.c libvncserver-LibVNCServer-0.9.10/libvncclient/rfbproto.c ---- libvncserver-LibVNCServer-0.9.10.old/libvncclient/rfbproto.c 2015-12-12 00:14:37.269157918 +0100 -+++ libvncserver-LibVNCServer-0.9.10/libvncclient/rfbproto.c 2015-12-12 00:17:43.041435322 +0100 -@@ -66,7 +66,7 @@ - #include - #endif - --#include "minilzo.h" -+#include - #include "tls.h" - - #ifdef _MSC_VER -diff -Naur libvncserver-LibVNCServer-0.9.10.old/libvncserver/Makefile.am libvncserver-LibVNCServer-0.9.10/libvncserver/Makefile.am ---- libvncserver-LibVNCServer-0.9.10.old/libvncserver/Makefile.am 2015-12-12 00:14:37.270157930 +0100 -+++ libvncserver-LibVNCServer-0.9.10/libvncserver/Makefile.am 2015-12-12 00:17:43.042435334 +0100 -@@ -37,7 +37,7 @@ - - noinst_HEADERS=../common/d3des.h ../rfb/default8x16.h zrleoutstream.h \ - zrlepalettehelper.h zrletypes.h private.h scale.h rfbssl.h rfbcrypto.h \ -- ../common/minilzo.h ../common/lzoconf.h ../common/lzodefs.h ../common/md5.h ../common/sha1.h \ -+ ../common/md5.h ../common/sha1.h \ - $(TIGHTVNCFILETRANSFERHDRS) - - EXTRA_DIST=tableinit24.c tableinittctemplate.c tabletranstemplate.c \ -@@ -54,11 +54,11 @@ - LIB_SRCS = main.c rfbserver.c rfbregion.c auth.c sockets.c $(WEBSOCKETSSRCS) \ - stats.c corre.c hextile.c rre.c translate.c cutpaste.c \ - httpd.c cursor.c font.c \ -- draw.c selbox.c ../common/d3des.c ../common/vncauth.c cargs.c ../common/minilzo.c ultra.c scale.c \ -+ draw.c selbox.c ../common/d3des.c ../common/vncauth.c cargs.c ultra.c scale.c \ - $(ZLIBSRCS) $(TIGHTSRCS) $(TIGHTVNCFILETRANSFERSRCS) - - libvncserver_la_SOURCES=$(LIB_SRCS) --libvncserver_la_LIBADD=$(WEBSOCKETSSSLLIBS) -+libvncserver_la_LIBADD=$(WEBSOCKETSSSLLIBS) -lminilzo - - lib_LTLIBRARIES=libvncserver.la - -diff -Naur libvncserver-LibVNCServer-0.9.10.old/libvncserver/ultra.c libvncserver-LibVNCServer-0.9.10/libvncserver/ultra.c ---- libvncserver-LibVNCServer-0.9.10.old/libvncserver/ultra.c 2015-12-12 00:14:37.271157942 +0100 -+++ libvncserver-LibVNCServer-0.9.10/libvncserver/ultra.c 2015-12-12 00:17:43.042435334 +0100 -@@ -8,7 +8,7 @@ - */ - - #include --#include "minilzo.h" -+#include - - /* - * cl->beforeEncBuf contains pixel data in the client's format. diff --git a/libvncserver-0.9.11-system_minilzo.patch b/libvncserver-0.9.11-system_minilzo.patch new file mode 100644 index 0000000..c513c40 --- /dev/null +++ b/libvncserver-0.9.11-system_minilzo.patch @@ -0,0 +1,55 @@ +diff -up libvncserver-LibVNCServer-0.9.11/libvncclient/Makefile.am.system_minilzo libvncserver-LibVNCServer-0.9.11/libvncclient/Makefile.am +--- libvncserver-LibVNCServer-0.9.11/libvncclient/Makefile.am.system_minilzo 2017-02-14 10:54:54.308402791 -0600 ++++ libvncserver-LibVNCServer-0.9.11/libvncclient/Makefile.am 2017-02-14 10:56:28.007379315 -0600 +@@ -13,8 +13,8 @@ endif + endif + + +-libvncclient_la_SOURCES=cursor.c listen.c rfbproto.c sockets.c vncviewer.c ../common/minilzo.c $(TLSSRCS) +-libvncclient_la_LIBADD=$(TLSLIBS) ++libvncclient_la_SOURCES=cursor.c listen.c rfbproto.c sockets.c vncviewer.c $(TLSSRCS) ++libvncclient_la_LIBADD=$(TLSLIBS) -lminilzo + + noinst_HEADERS=../common/lzodefs.h ../common/lzoconf.h ../common/minilzo.h tls.h + +diff -up libvncserver-LibVNCServer-0.9.11/libvncclient/rfbproto.c.system_minilzo libvncserver-LibVNCServer-0.9.11/libvncclient/rfbproto.c +--- libvncserver-LibVNCServer-0.9.11/libvncclient/rfbproto.c.system_minilzo 2016-12-30 07:01:28.000000000 -0600 ++++ libvncserver-LibVNCServer-0.9.11/libvncclient/rfbproto.c 2017-02-14 10:54:54.309402801 -0600 +@@ -66,7 +66,7 @@ + #include + #endif + +-#include "minilzo.h" ++#include + #include "tls.h" + + #ifdef _MSC_VER +diff -up libvncserver-LibVNCServer-0.9.11/libvncserver/Makefile.am.system_minilzo libvncserver-LibVNCServer-0.9.11/libvncserver/Makefile.am +--- libvncserver-LibVNCServer-0.9.11/libvncserver/Makefile.am.system_minilzo 2017-02-14 10:54:54.309402801 -0600 ++++ libvncserver-LibVNCServer-0.9.11/libvncserver/Makefile.am 2017-02-14 10:57:28.495009713 -0600 +@@ -53,11 +53,11 @@ endif + LIB_SRCS = main.c rfbserver.c rfbregion.c auth.c sockets.c $(WEBSOCKETSSRCS) \ + stats.c corre.c hextile.c rre.c translate.c cutpaste.c \ + httpd.c cursor.c font.c \ +- draw.c selbox.c ../common/d3des.c ../common/vncauth.c cargs.c ../common/minilzo.c ultra.c scale.c \ ++ draw.c selbox.c ../common/d3des.c ../common/vncauth.c cargs.c ultra.c scale.c \ + $(ZLIBSRCS) $(TIGHTSRCS) $(TIGHTVNCFILETRANSFERSRCS) + + libvncserver_la_SOURCES=$(LIB_SRCS) +-libvncserver_la_LIBADD=$(WEBSOCKETSSSLLIBS) ++libvncserver_la_LIBADD=$(WEBSOCKETSSSLLIBS) -lminilzo + + if WITH_SYSTEMD + AM_CPPFLAGS += -DLIBVNCSERVER_WITH_SYSTEMD +diff -up libvncserver-LibVNCServer-0.9.11/libvncserver/ultra.c.system_minilzo libvncserver-LibVNCServer-0.9.11/libvncserver/ultra.c +--- libvncserver-LibVNCServer-0.9.11/libvncserver/ultra.c.system_minilzo 2016-12-30 07:01:28.000000000 -0600 ++++ libvncserver-LibVNCServer-0.9.11/libvncserver/ultra.c 2017-02-14 10:54:54.309402801 -0600 +@@ -8,7 +8,7 @@ + */ + + #include +-#include "minilzo.h" ++#include + + /* + * cl->beforeEncBuf contains pixel data in the client's format. diff --git a/libvncserver.spec b/libvncserver.spec index 2550e2d..6e2839f 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,26 +1,22 @@ Summary: Library to make writing a VNC server easy Name: libvncserver -Version: 0.9.10 -Release: 6%{?dist} +Version: 0.9.11 +Release: 1%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ URL: http://libvnc.github.io/ Source0: https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{version}.tar.gz -Patch1: LibVNCServer-0.9.10-system_minilzo.patch +Patch1: libvncserver-0.9.11-system_minilzo.patch Patch2: libvncserver-0.9.1-multilib.patch Patch3: LibVNCServer-0.9.10-system-crypto-policy.patch -# https://github.com/LibVNC/libvncserver/issues/102 -Patch4: LibVNCServer-0.9.10-max-gcc6.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: libgcrypt-devel BuildRequires: libjpeg-devel BuildRequires: libtool -## FIXME/TODO: --with-va FTBFS -#BuildRequires: libva-devel BuildRequires: lzo-devel BuildRequires: lzo-minilzo BuildRequires: pkgconfig(gnutls) @@ -63,12 +59,13 @@ developing applications that use %{name}. %prep %setup -q -n %{name}-LibVNCServer-%{version} + %patch1 -p1 -b .system_minilzo # Nuke bundled minilzo -rm -fv common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c +#rm -fv common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c + %patch2 -p1 -b .multilib %patch3 -p1 -%patch4 -p1 # Fix encoding for file in ChangeLog ; do @@ -87,7 +84,6 @@ autoreconf -vif --disable-static \ --without-filetransfer \ --with-gcrypt \ - --without-libva \ --with-png \ --with-x11vnc @@ -109,16 +105,15 @@ rm -fv %{buildroot}%{_libdir}/lib*.la %check make -C test test ||: -%post -p /sbin/ldconfig +%post -p /sbin/ldconfig %postun -p /sbin/ldconfig %files -%{!?_licensedir:%global license %%doc} %license COPYING %doc AUTHORS ChangeLog NEWS README TODO -%{_libdir}/libvncclient.so.0* -%{_libdir}/libvncserver.so.0* +%{_libdir}/libvncclient.so.1* +%{_libdir}/libvncserver.so.1* %files devel %{_bindir}/libvncserver-config @@ -130,6 +125,9 @@ make -C test test ||: %changelog +* Tue Feb 14 2017 Rex Dieter - 0.9.11-1 +- 0.9.11 (#1421948) + * Fri Feb 10 2017 Fedora Release Engineering - 0.9.10-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild diff --git a/sources b/sources index c194150..67f4805 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -e1b888fae717b06896f8aec100163d27 LibVNCServer-0.9.10.tar.gz +SHA512 (LibVNCServer-0.9.11.tar.gz) = e473c081b68dd3cdd96a1756b4f4945ece79d3c8e4cef62140be1699671555fc16d3080e81d764197a14ea83203ffcd0e18c3cc182e012d036e3faae943003fb From 91b12f16088080509523a27f7afe40303b65f1f5 Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Tue, 16 May 2017 10:23:10 -0500 Subject: [PATCH 52/81] libvncclient sets +SRP in priority string (#1449605) libvncserver blocks gtk-vnc clients >= 0.7.0 (#1451321) --- ...ure-compatibility-with-gtk-vnc-0.7.0.patch | 28 +++++++++++++++++++ ...NCServer-0.9.10-system-crypto-policy.patch | 2 +- libvncserver.spec | 24 +++++++++++----- 3 files changed, 46 insertions(+), 8 deletions(-) create mode 100644 0040-Ensure-compatibility-with-gtk-vnc-0.7.0.patch diff --git a/0040-Ensure-compatibility-with-gtk-vnc-0.7.0.patch b/0040-Ensure-compatibility-with-gtk-vnc-0.7.0.patch new file mode 100644 index 0000000..a814328 --- /dev/null +++ b/0040-Ensure-compatibility-with-gtk-vnc-0.7.0.patch @@ -0,0 +1,28 @@ +From 75f04c14e49e084e41bdd5491edad8823773a08c Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= +Date: Tue, 14 Feb 2017 12:42:04 +0100 +Subject: [PATCH 40/98] Ensure compatibility with gtk-vnc 0.7.0+ + +--- + libvncserver/websockets.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/libvncserver/websockets.c b/libvncserver/websockets.c +index 72396c2..0b2d46f 100644 +--- a/libvncserver/websockets.c ++++ b/libvncserver/websockets.c +@@ -245,7 +245,10 @@ webSocketsCheck (rfbClientPtr cl) + return FALSE; + } + +- if (strncmp(bbuf, "<", 1) == 0) { ++ if (strncmp(bbuf, "RFB ", 4) == 0) { ++ rfbLog("Normal socket connection\n"); ++ return TRUE; ++ } else if (strncmp(bbuf, "<", 1) == 0) { + rfbLog("Got Flash policy request, sending response\n"); + if (rfbWriteExact(cl, FLASH_POLICY_RESPONSE, + SZ_FLASH_POLICY_RESPONSE) < 0) { +-- +2.9.4 + diff --git a/LibVNCServer-0.9.10-system-crypto-policy.patch b/LibVNCServer-0.9.10-system-crypto-policy.patch index 2f65b17..47d540b 100644 --- a/LibVNCServer-0.9.10-system-crypto-policy.patch +++ b/LibVNCServer-0.9.10-system-crypto-policy.patch @@ -7,7 +7,7 @@ diff -Naur libvncserver-LibVNCServer-0.9.10.old/libvncclient/tls_gnutls.c libvnc -static const char *rfbTLSPriority = "NORMAL:+DHE-DSS:+RSA:+DHE-RSA:+SRP"; -static const char *rfbAnonTLSPriority= "NORMAL:+ANON-DH"; -+static const char *rfbTLSPriority = "@SYSTEM:+SRP"; ++static const char *rfbTLSPriority = "@SYSTEM"; +static const char *rfbAnonTLSPriority= "@SYSTEM:+ANON-DH"; #define DH_BITS 1024 diff --git a/libvncserver.spec b/libvncserver.spec index 6e2839f..6063b3d 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,16 +1,20 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.11 -Release: 1%{?dist} +Release: 2%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ URL: http://libvnc.github.io/ Source0: https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{version}.tar.gz -Patch1: libvncserver-0.9.11-system_minilzo.patch -Patch2: libvncserver-0.9.1-multilib.patch -Patch3: LibVNCServer-0.9.10-system-crypto-policy.patch +## upstream patches +Patch4: 0040-Ensure-compatibility-with-gtk-vnc-0.7.0.patch + +## downstream patches +Patch100: libvncserver-0.9.11-system_minilzo.patch +Patch101: libvncserver-0.9.1-multilib.patch +Patch102: LibVNCServer-0.9.10-system-crypto-policy.patch BuildRequires: autoconf BuildRequires: automake @@ -60,12 +64,14 @@ developing applications that use %{name}. %prep %setup -q -n %{name}-LibVNCServer-%{version} -%patch1 -p1 -b .system_minilzo +%patch4 -p1 -b .0004 + +%patch100 -p1 -b .system_minilzo # Nuke bundled minilzo #rm -fv common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c -%patch2 -p1 -b .multilib -%patch3 -p1 +%patch101 -p1 -b .multilib +%patch102 -p1 # Fix encoding for file in ChangeLog ; do @@ -125,6 +131,10 @@ make -C test test ||: %changelog +* Tue May 16 2017 Rex Dieter - 0.9.11-2 +- libvncclient sets +SRP in priority string (#1449605) +- libvncserver blocks gtk-vnc clients >= 0.7.0 (#1451321) + * Tue Feb 14 2017 Rex Dieter - 0.9.11-1 - 0.9.11 (#1421948) From 46fa05c99237813c26dc60a81fa847ad1cc9eab9 Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Wed, 17 May 2017 11:32:01 -0500 Subject: [PATCH 53/81] revert soname bump for < f26 --- libvncserver-0.9.11-soname.patch | 22 ++++++++++++++++++++++ libvncserver.spec | 17 ++++++++++++++--- 2 files changed, 36 insertions(+), 3 deletions(-) create mode 100644 libvncserver-0.9.11-soname.patch diff --git a/libvncserver-0.9.11-soname.patch b/libvncserver-0.9.11-soname.patch new file mode 100644 index 0000000..3b45b34 --- /dev/null +++ b/libvncserver-0.9.11-soname.patch @@ -0,0 +1,22 @@ +diff -up libvncserver-LibVNCServer-0.9.11/libvncclient/Makefile.am.soname libvncserver-LibVNCServer-0.9.11/libvncclient/Makefile.am +--- libvncserver-LibVNCServer-0.9.11/libvncclient/Makefile.am.soname 2017-05-16 10:21:51.500768946 -0500 ++++ libvncserver-LibVNCServer-0.9.11/libvncclient/Makefile.am 2017-05-17 11:26:44.383312391 -0500 +@@ -25,5 +25,5 @@ EXTRA_DIST=corre.c hextile.c rre.c tight + $(libvncclient_la_OBJECTS): ../rfb/rfbclient.h + + lib_LTLIBRARIES=libvncclient.la +-libvncclient_la_LDFLAGS = -version-info 1:0:0 ++libvncclient_la_LDFLAGS = -version-info 0:0:0 + +diff -up libvncserver-LibVNCServer-0.9.11/libvncserver/Makefile.am.soname libvncserver-LibVNCServer-0.9.11/libvncserver/Makefile.am +--- libvncserver-LibVNCServer-0.9.11/libvncserver/Makefile.am.soname 2017-05-16 10:21:51.500768946 -0500 ++++ libvncserver-LibVNCServer-0.9.11/libvncserver/Makefile.am 2017-05-17 11:27:02.259459683 -0500 +@@ -66,7 +66,7 @@ libvncserver_la_LIBADD += $(LIBSYSTEMD_L + endif + + lib_LTLIBRARIES=libvncserver.la +-libvncserver_la_LDFLAGS = -version-info 1:0:0 ++libvncserver_la_LDFLAGS = -version-info 0:0:0 + + if HAVE_RPM + $(PACKAGE)-$(VERSION).tar.gz: dist diff --git a/libvncserver.spec b/libvncserver.spec index 6063b3d..61ab9f4 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,7 +1,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.11 -Release: 2%{?dist} +Release: 2%{?dist}.1 # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -15,6 +15,8 @@ Patch4: 0040-Ensure-compatibility-with-gtk-vnc-0.7.0.patch Patch100: libvncserver-0.9.11-system_minilzo.patch Patch101: libvncserver-0.9.1-multilib.patch Patch102: LibVNCServer-0.9.10-system-crypto-policy.patch +# revert soname bump +Patch103: libvncserver-0.9.11-soname.patch BuildRequires: autoconf BuildRequires: automake @@ -72,6 +74,12 @@ developing applications that use %{name}. %patch101 -p1 -b .multilib %patch102 -p1 +%if 0%{?fedora} < 26 +%patch103 -p1 -b .soname +%global soname 0 +%else +%global soname 1 +%endif # Fix encoding for file in ChangeLog ; do @@ -118,8 +126,8 @@ make -C test test ||: %files %license COPYING %doc AUTHORS ChangeLog NEWS README TODO -%{_libdir}/libvncclient.so.1* -%{_libdir}/libvncserver.so.1* +%{_libdir}/libvncclient.so.%{soname}* +%{_libdir}/libvncserver.so.%{soname}* %files devel %{_bindir}/libvncserver-config @@ -131,6 +139,9 @@ make -C test test ||: %changelog +* Wed May 17 2017 Rex Dieter - 0.9.11-2.1 +- revert soname bump for < f26 + * Tue May 16 2017 Rex Dieter - 0.9.11-2 - libvncclient sets +SRP in priority string (#1449605) - libvncserver blocks gtk-vnc clients >= 0.7.0 (#1451321) From 83db893e212d75a016ab9f2a4ce7796bbd82f209 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 26 Jul 2017 19:57:49 +0000 Subject: [PATCH 54/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index 61ab9f4..5b75c09 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,7 +1,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.11 -Release: 2%{?dist}.1 +Release: 3%{?dist}.1 # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -139,6 +139,9 @@ make -C test test ||: %changelog +* Wed Jul 26 2017 Fedora Release Engineering - 0.9.11-3.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + * Wed May 17 2017 Rex Dieter - 0.9.11-2.1 - revert soname bump for < f26 From 2c83c51d50215d9e5d2cd06da020accba0f8c5db Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 3 Aug 2017 02:30:13 +0000 Subject: [PATCH 55/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index 5b75c09..2859592 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,7 +1,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.11 -Release: 3%{?dist}.1 +Release: 4%{?dist}.1 # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -139,6 +139,9 @@ make -C test test ||: %changelog +* Thu Aug 03 2017 Fedora Release Engineering - 0.9.11-4.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + * Wed Jul 26 2017 Fedora Release Engineering - 0.9.11-3.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild From 1d603de0c582c33775a2459df68c92e044148658 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 7 Feb 2018 23:40:35 +0000 Subject: [PATCH 56/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index 2859592..1b3ad20 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,7 +1,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.11 -Release: 4%{?dist}.1 +Release: 5%{?dist}.1 # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -139,6 +139,9 @@ make -C test test ||: %changelog +* Wed Feb 07 2018 Fedora Release Engineering - 0.9.11-5.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + * Thu Aug 03 2017 Fedora Release Engineering - 0.9.11-4.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild From 46d9c246b99bbc779305bf2858fbefc61c15e01e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= Date: Mon, 26 Feb 2018 14:41:37 +0100 Subject: [PATCH 57/81] Fix CVE-2018-7225 --- ...Limit-client-cut-text-length-to-1-MB.patch | 40 ++++++++++ ...9.11-Validate-client-cut-text-length.patch | 76 +++++++++++++++++++ libvncserver.spec | 11 ++- 3 files changed, 126 insertions(+), 1 deletion(-) create mode 100644 libvncserver-0.9.11-Limit-client-cut-text-length-to-1-MB.patch create mode 100644 libvncserver-0.9.11-Validate-client-cut-text-length.patch diff --git a/libvncserver-0.9.11-Limit-client-cut-text-length-to-1-MB.patch b/libvncserver-0.9.11-Limit-client-cut-text-length-to-1-MB.patch new file mode 100644 index 0000000..2a71f7f --- /dev/null +++ b/libvncserver-0.9.11-Limit-client-cut-text-length-to-1-MB.patch @@ -0,0 +1,40 @@ +From e7d578afbb16592ccee8f13aedd65b2220e220ae Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= +Date: Tue, 6 Mar 2018 11:58:02 +0100 +Subject: [PATCH] Limit client cut text length to 1 MB +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This patch constrains client text length to 1 MB. Otherwise a client +could make server allocate 2 GB of memory and that seems to be to much +to classify it as denial of service. + +I keep the previous checks for maximal type values intentionally as +a course of defensive coding. (You cannot never know how small the +types are. And as a warning for people patching out this change not to +introduce CVE-2018-7225 again.) + +Signed-off-by: Petr Písař +--- + libvncserver/rfbserver.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c +index a9561fc..0027343 100644 +--- a/libvncserver/rfbserver.c ++++ b/libvncserver/rfbserver.c +@@ -2587,7 +2587,9 @@ rfbProcessClientNormalMessage(rfbClientPtr cl) + * argument. Here we check that the value fits into all of them to + * prevent from misinterpretation and thus from accessing uninitialized + * memory. CVE-2018-7225 */ +- if (msg.cct.length > SIZE_MAX || msg.cct.length > INT_MAX - sz_rfbClientCutTextMsg) { ++ /* But first to prevent from a denial-of-service by allocating to much ++ * memory in the server, we impose a limit of 1 MB. */ ++ if (msg.cct.length > 1<<20 || msg.cct.length > SIZE_MAX || msg.cct.length > INT_MAX - sz_rfbClientCutTextMsg) { + rfbLog("rfbClientCutText: too big cut text length requested: %" PRIu32 "\n", + msg.cct.length); + rfbCloseClient(cl); +-- +2.13.6 + diff --git a/libvncserver-0.9.11-Validate-client-cut-text-length.patch b/libvncserver-0.9.11-Validate-client-cut-text-length.patch new file mode 100644 index 0000000..dc89cdf --- /dev/null +++ b/libvncserver-0.9.11-Validate-client-cut-text-length.patch @@ -0,0 +1,76 @@ +From 0073e4f694d5a51bb72ff12a5e8364b6e752e094 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= +Date: Mon, 26 Feb 2018 13:48:00 +0100 +Subject: [PATCH] Validate client cut text length +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Client-provided unsigned 32-bit cut text length is passed to various +functions that expects argument of a different type. + +E.g. "RFB 003.003\n\001\006\0\0\0\xff\xff\xff\xff" string sent to the +RFB server leads to 4294967295 msg.cct.length value that in turn is +interpreted as -1 by rfbReadExact() and thus uninitialized str buffer +with potentially sensitive data is passed to subsequent functions. + +This patch fixes it by checking for a maximal value that still can be +processed correctly. It also corrects accepting length value of zero +(malloc(0) is interpreted on differnet systems differently). + +Whether a client can make the server allocate up to 2 GB and cause +a denial of service on memory-tight systems is kept without answer. +A possible solution would be adding an arbitrary memory limit that is +deemed safe. + +CVE-2018-7225 + + +Signed-off-by: Petr Písař +--- + libvncserver/rfbserver.c | 22 +++++++++++++++++++++- + 1 file changed, 21 insertions(+), 1 deletion(-) + +diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c +index 116c488..a9561fc 100644 +--- a/libvncserver/rfbserver.c ++++ b/libvncserver/rfbserver.c +@@ -88,6 +88,12 @@ + #include + /* strftime() */ + #include ++/* SIZE_MAX */ ++#include ++/* PRIu32 */ ++#include ++/* INT_MAX */ ++#include + + #ifdef LIBVNCSERVER_WITH_WEBSOCKETS + #include "rfbssl.h" +@@ -2575,7 +2581,21 @@ rfbProcessClientNormalMessage(rfbClientPtr cl) + + msg.cct.length = Swap32IfLE(msg.cct.length); + +- str = (char *)malloc(msg.cct.length); ++ /* uint32_t input is passed to malloc()'s size_t argument, ++ * to rfbReadExact()'s int argument, to rfbStatRecordMessageRcvd()'s int ++ * argument increased of sz_rfbClientCutTextMsg, and to setXCutText()'s int ++ * argument. Here we check that the value fits into all of them to ++ * prevent from misinterpretation and thus from accessing uninitialized ++ * memory. CVE-2018-7225 */ ++ if (msg.cct.length > SIZE_MAX || msg.cct.length > INT_MAX - sz_rfbClientCutTextMsg) { ++ rfbLog("rfbClientCutText: too big cut text length requested: %" PRIu32 "\n", ++ msg.cct.length); ++ rfbCloseClient(cl); ++ return; ++ } ++ ++ /* Allow zero-length client cut text. */ ++ str = (char *)malloc(msg.cct.length ? msg.cct.length : 1); + if (str == NULL) { + rfbLogPerror("rfbProcessClientNormalMessage: not enough memory"); + rfbCloseClient(cl); +-- +2.13.6 + diff --git a/libvncserver.spec b/libvncserver.spec index 1b3ad20..d010bfd 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,7 +1,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.11 -Release: 5%{?dist}.1 +Release: 6%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -17,6 +17,10 @@ Patch101: libvncserver-0.9.1-multilib.patch Patch102: LibVNCServer-0.9.10-system-crypto-policy.patch # revert soname bump Patch103: libvncserver-0.9.11-soname.patch +# 1/2 Fix CVE-2018-7225, bug #1546860 +Patch104: libvncserver-0.9.11-Validate-client-cut-text-length.patch +# 2/2 Fix CVE-2018-7225, bug #1546860 +Patch105: libvncserver-0.9.11-Limit-client-cut-text-length-to-1-MB.patch BuildRequires: autoconf BuildRequires: automake @@ -80,6 +84,8 @@ developing applications that use %{name}. %else %global soname 1 %endif +%patch104 -p1 +%patch105 -p1 # Fix encoding for file in ChangeLog ; do @@ -139,6 +145,9 @@ make -C test test ||: %changelog +* Mon Feb 26 2018 Petr Pisar - 0.9.11-6 +- Fix CVE-2018-7225 (bug #1546860) + * Wed Feb 07 2018 Fedora Release Engineering - 0.9.11-5.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild From 604fea467909c9d3b610079d0f600f04184f93c0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonas=20=C3=85dahl?= Date: Tue, 19 Jun 2018 11:03:49 +0200 Subject: [PATCH 58/81] Add external channel security patches https://fedoraproject.org/wiki/Changes/WaylandRemoteDesktop --- ...d-API-to-add-custom-I-O-entry-points.patch | 195 ++++++++++ ...server-Add-channel-security-handlers.patch | 366 ++++++++++++++++++ libvncserver.spec | 13 +- 3 files changed, 573 insertions(+), 1 deletion(-) create mode 100644 0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch create mode 100644 0002-libvncserver-Add-channel-security-handlers.patch diff --git a/0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch b/0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch new file mode 100644 index 0000000..853ea28 --- /dev/null +++ b/0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch @@ -0,0 +1,195 @@ +From 0a98d629447964f1d5d922d5012ee0c2cbf10694 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jonas=20=C3=85dahl?= +Date: Mon, 11 Jun 2018 23:47:02 +0200 +Subject: [PATCH 1/2] libvncserver: Add API to add custom I/O entry points + +Add API to make it possible to channel RFB input and output through +another layer, for example TLS. This is done by making it possible to +override the default read/write/peek functions. +--- + libvncserver/rfbserver.c | 4 +++ + libvncserver/sockets.c | 64 +++++++++++++++++++++++++++++++++++++--- + rfb/rfb.h | 17 +++++++++++ + 3 files changed, 81 insertions(+), 4 deletions(-) + +diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c +index 7af6aed..fbedd9f 100644 +--- a/libvncserver/rfbserver.c ++++ b/libvncserver/rfbserver.c +@@ -322,6 +322,10 @@ rfbNewTCPOrUDPClient(rfbScreenInfoPtr rfbScreen, + + cl->screen = rfbScreen; + cl->sock = sock; ++ cl->readFromSocket = rfbDefaultReadFromSocket; ++ cl->peekAtSocket = rfbDefaultPeekAtSocket; ++ cl->hasPendingOnSocket = rfbDefaultHasPendingOnSocket; ++ cl->writeToSocket = rfbDefaultWriteToSocket; + cl->viewOnly = FALSE; + /* setup pseudo scaling */ + cl->scaledScreen = rfbScreen; +diff --git a/libvncserver/sockets.c b/libvncserver/sockets.c +index bbc3d90..27515f2 100644 +--- a/libvncserver/sockets.c ++++ b/libvncserver/sockets.c +@@ -589,6 +589,30 @@ rfbConnect(rfbScreenInfoPtr rfbScreen, + return sock; + } + ++int ++rfbDefaultReadFromSocket(rfbClientPtr cl, char *buf, int len) ++{ ++ return read(cl->sock, buf, len); ++} ++ ++static int ++rfbReadFromSocket(rfbClientPtr cl, char *buf, int len) ++{ ++ return cl->readFromSocket(cl, buf, len); ++} ++ ++rfbBool ++rfbDefaultHasPendingOnSocket(rfbClientPtr cl) ++{ ++ return FALSE; ++} ++ ++static rfbBool ++rfbHasPendingOnSocket(rfbClientPtr cl) ++{ ++ cl->hasPendingOnSocket(cl); ++} ++ + /* + * ReadExact reads an exact number of bytes from a client. Returns 1 if + * those bytes have been read, 0 if the other end has closed, or -1 if an error +@@ -610,10 +634,10 @@ rfbReadExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout) + } else if (cl->sslctx) { + n = rfbssl_read(cl, buf, len); + } else { +- n = read(sock, buf, len); ++ n = rfbReadFromSocket(cl, buf, len); + } + #else +- n = read(sock, buf, len); ++ n = rfbReadFromSocket(cl, buf, len); + #endif + + if (n > 0) { +@@ -645,6 +669,10 @@ rfbReadExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout) + continue; + } + #endif ++ ++ if (rfbHasPendingOnSocket(cl)) ++ continue; ++ + FD_ZERO(&fds); + FD_SET(sock, &fds); + tv.tv_sec = timeout / 1000; +@@ -681,6 +709,18 @@ int rfbReadExact(rfbClientPtr cl,char* buf,int len) + return(rfbReadExactTimeout(cl,buf,len,rfbMaxClientWait)); + } + ++int ++rfbDefaultPeekAtSocket(rfbClientPtr cl, char *buf, int len) ++{ ++ return recv(cl->sock, buf, len, MSG_PEEK); ++} ++ ++int ++rfbPeekAtSocket(rfbClientPtr cl, char *buf, int len) ++{ ++ cl->peekAtSocket(cl, buf, len); ++} ++ + /* + * PeekExact peeks at an exact number of bytes from a client. Returns 1 if + * those bytes have been read, 0 if the other end has closed, or -1 if an +@@ -701,7 +741,7 @@ rfbPeekExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout) + n = rfbssl_peek(cl, buf, len); + else + #endif +- n = recv(sock, buf, len, MSG_PEEK); ++ n = rfbPeekAtSocket(cl, buf, len); + + if (n == len) { + +@@ -757,6 +797,22 @@ rfbPeekExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout) + return 1; + } + ++int ++rfbDefaultWriteToSocket(rfbClientPtr cl, ++ const char *buf, ++ int len) ++{ ++ return write(cl->sock, buf, len); ++} ++ ++static int ++rfbWriteToSocket(rfbClientPtr cl, ++ const char *buf, ++ int len) ++{ ++ return cl->writeToSocket(cl, buf, len); ++} ++ + /* + * WriteExact writes an exact number of bytes to a client. Returns 1 if + * those bytes have been written, or -1 if an error occurred (errno is set to +@@ -801,7 +857,7 @@ rfbWriteExact(rfbClientPtr cl, + n = rfbssl_write(cl, buf, len); + else + #endif +- n = write(sock, buf, len); ++ n = rfbWriteToSocket(cl, buf, len); + + if (n > 0) { + +diff --git a/rfb/rfb.h b/rfb/rfb.h +index f982b40..ba9e898 100644 +--- a/rfb/rfb.h ++++ b/rfb/rfb.h +@@ -415,6 +415,14 @@ typedef struct sraRegion* sraRegionPtr; + + typedef void (*ClientGoneHookPtr)(struct _rfbClientRec* cl); + ++typedef int (*ClientReadFromSocket)(struct _rfbClientRec* cl, ++ char *buf, int len); ++typedef int (*ClientPeekAtSocket)(struct _rfbClientRec* cl, ++ char *buf, int len); ++typedef rfbBool (*ClientHasPendingOnSocket)(struct _rfbClientRec* cl); ++typedef int (*ClientWriteToSocket)(struct _rfbClientRec* cl, ++ const char *buf, int len); ++ + typedef struct _rfbFileTransferData { + int fd; + int compressionEnabled; +@@ -696,6 +704,11 @@ typedef struct _rfbClientRec { + wsCtx *wsctx; + char *wspath; /* Requests path component */ + #endif ++ ++ ClientReadFromSocket readFromSocket; /* Read data from socket */ ++ ClientPeekAtSocket peekAtSocket; /* Peek at data from socket */ ++ ClientHasPendingOnSocket hasPendingOnSocket; /* Peek at data from socket */ ++ ClientWriteToSocket writeToSocket; /* Write data to socket */ + } rfbClientRec, *rfbClientPtr; + + /** +@@ -748,8 +761,12 @@ extern void rfbDisconnectUDPSock(rfbScreenInfoPtr rfbScreen); + extern void rfbCloseClient(rfbClientPtr cl); + extern int rfbReadExact(rfbClientPtr cl, char *buf, int len); + extern int rfbReadExactTimeout(rfbClientPtr cl, char *buf, int len,int timeout); ++extern int rfbDefaultReadFromSocket(rfbClientPtr cl, char *buf, int len); + extern int rfbPeekExactTimeout(rfbClientPtr cl, char *buf, int len,int timeout); ++extern int rfbDefaultPeekAtSocket(rfbClientPtr cl, char *buf, int len); ++extern rfbBool rfbDefaultHasPendingOnSocket(rfbClientPtr cl); + extern int rfbWriteExact(rfbClientPtr cl, const char *buf, int len); ++extern int rfbDefaultWriteToSocket(rfbClientPtr cl, const char *buf, int len); + extern int rfbCheckFds(rfbScreenInfoPtr rfbScreen,long usec); + extern int rfbConnect(rfbScreenInfoPtr rfbScreen, char* host, int port); + extern int rfbConnectToTcpAddr(char* host, int port); +-- +2.17.1 + diff --git a/0002-libvncserver-Add-channel-security-handlers.patch b/0002-libvncserver-Add-channel-security-handlers.patch new file mode 100644 index 0000000..e922461 --- /dev/null +++ b/0002-libvncserver-Add-channel-security-handlers.patch @@ -0,0 +1,366 @@ +From c343c1b43080bcb45dad285faa5cd8926bfb9811 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jonas=20=C3=85dahl?= +Date: Mon, 11 Jun 2018 23:50:05 +0200 +Subject: [PATCH 2/2] libvncserver: Add channel security handlers + +Add another type of security handler that is meant to be used initially +to set up a secure channel. Regular security handlers would be +advertised and processed after any channel security have succeeded. + +For example, this, together with the custom I/O functions allows a +LibVNCServer user to implement TLS in combination with VNCAuth. This is +done by adding a single channel security handler with the rfbTLS (18) +with a handler that initiates a TLS session, and when a TLS session is +initiated, the regular security handler list is sent. +--- + libvncserver/auth.c | 162 ++++++++++++++++++++++++++++++--------- + libvncserver/rfbserver.c | 1 + + rfb/rfb.h | 15 +++- + 3 files changed, 140 insertions(+), 38 deletions(-) + +diff --git a/libvncserver/auth.c b/libvncserver/auth.c +index 814a814..6581953 100644 +--- a/libvncserver/auth.c ++++ b/libvncserver/auth.c +@@ -37,18 +37,17 @@ void rfbClientSendString(rfbClientPtr cl, const char *reason); + * Handle security types + */ + ++/* Channel security handlers to set up a secure channel, e.g. TLS. */ ++static rfbSecurityHandler* channelSecurityHandlers = NULL; ++ ++/* Security handlers when channel security is established. */ + static rfbSecurityHandler* securityHandlers = NULL; + +-/* +- * This method registers a list of new security types. +- * It avoids same security type getting registered multiple times. +- * The order is not preserved if multiple security types are +- * registered at one-go. +- */ + void +-rfbRegisterSecurityHandler(rfbSecurityHandler* handler) ++rfbRegisterSecurityHandlerTo(rfbSecurityHandler* handler, ++ rfbSecurityHandler** handlerList) + { +- rfbSecurityHandler *head = securityHandlers, *next = NULL; ++ rfbSecurityHandler *head = *handlerList, *next = NULL; + + if(handler == NULL) + return; +@@ -57,39 +56,35 @@ rfbRegisterSecurityHandler(rfbSecurityHandler* handler) + + while(head != NULL) { + if(head == handler) { +- rfbRegisterSecurityHandler(next); ++ rfbRegisterSecurityHandlerTo(next, handlerList); + return; + } + + head = head->next; + } + +- handler->next = securityHandlers; +- securityHandlers = handler; ++ handler->next = *handlerList; ++ *handlerList = handler; + +- rfbRegisterSecurityHandler(next); ++ rfbRegisterSecurityHandlerTo(next, handlerList); + } + +-/* +- * This method unregisters a list of security types. +- * These security types won't be available for any new +- * client connection. +- */ +-void +-rfbUnregisterSecurityHandler(rfbSecurityHandler* handler) ++static void ++rfbUnregisterSecurityHandlerFrom(rfbSecurityHandler* handler, ++ rfbSecurityHandler** handlerList) + { + rfbSecurityHandler *cur = NULL, *pre = NULL; + + if(handler == NULL) + return; + +- if(securityHandlers == handler) { +- securityHandlers = securityHandlers->next; +- rfbUnregisterSecurityHandler(handler->next); ++ if(*handlerList == handler) { ++ *handlerList = (*handlerList)->next; ++ rfbUnregisterSecurityHandlerFrom(handler->next, handlerList); + return; + } + +- cur = pre = securityHandlers; ++ cur = pre = *handlerList; + + while(cur) { + if(cur == handler) { +@@ -99,7 +94,50 @@ rfbUnregisterSecurityHandler(rfbSecurityHandler* handler) + pre = cur; + cur = cur->next; + } +- rfbUnregisterSecurityHandler(handler->next); ++ rfbUnregisterSecurityHandlerFrom(handler->next, handlerList); ++} ++ ++void ++rfbRegisterChannelSecurityHandler(rfbSecurityHandler* handler) ++{ ++ rfbRegisterSecurityHandlerTo(handler, &channelSecurityHandlers); ++} ++ ++/* ++ * This method unregisters a list of security types. ++ * These security types won't be available for any new ++ * client connection. ++ */ ++ ++void ++rfbUnregisterChannelSecurityHandler(rfbSecurityHandler* handler) ++{ ++ rfbUnregisterSecurityHandlerFrom(handler, &channelSecurityHandlers); ++} ++ ++/* ++ * This method registers a list of new security types. ++ * It avoids same security type getting registered multiple times. ++ * The order is not preserved if multiple security types are ++ * registered at one-go. ++ */ ++ ++void ++rfbRegisterSecurityHandler(rfbSecurityHandler* handler) ++{ ++ rfbRegisterSecurityHandlerTo(handler, &securityHandlers); ++} ++ ++/* ++ * This method unregisters a list of security types. ++ * These security types won't be available for any new ++ * client connection. ++ */ ++ ++void ++rfbUnregisterSecurityHandler(rfbSecurityHandler* handler) ++{ ++ rfbUnregisterSecurityHandlerFrom(handler, &securityHandlers); + } + + /* +@@ -197,9 +235,22 @@ static rfbSecurityHandler VncSecurityHandlerNone = { + NULL + }; + ++static int32_t ++determinePrimarySecurityType(rfbClientPtr cl) ++{ ++ if (!cl->screen->authPasswdData || cl->reverseConnection) { ++ /* chk if this condition is valid or not. */ ++ return rfbSecTypeNone; ++ } else if (cl->screen->authPasswdData) { ++ return rfbSecTypeVncAuth; ++ } else { ++ return rfbSecTypeInvalid; ++ } ++} + +-static void +-rfbSendSecurityTypeList(rfbClientPtr cl, int primaryType) ++void ++rfbSendSecurityTypeList(rfbClientPtr cl, ++ enum rfbSecurityTag exclude) + { + /* The size of the message is the count of security types +1, + * since the first byte is the number of types. */ +@@ -207,9 +258,10 @@ rfbSendSecurityTypeList(rfbClientPtr cl, int primaryType) + rfbSecurityHandler* handler; + #define MAX_SECURITY_TYPES 255 + uint8_t buffer[MAX_SECURITY_TYPES+1]; +- ++ int32_t primaryType; + + /* Fill in the list of security types in the client structure. (NOTE: Not really in the client structure) */ ++ primaryType = determinePrimarySecurityType(cl); + switch (primaryType) { + case rfbSecTypeNone: + rfbRegisterSecurityHandler(&VncSecurityHandlerNone); +@@ -221,6 +273,9 @@ rfbSendSecurityTypeList(rfbClientPtr cl, int primaryType) + + for (handler = securityHandlers; + handler && sizenext) { ++ if (exclude && (handler->securityTags & exclude)) ++ continue; ++ + buffer[size] = handler->type; + size++; + } +@@ -249,7 +304,29 @@ rfbSendSecurityTypeList(rfbClientPtr cl, int primaryType) + cl->state = RFB_SECURITY_TYPE; + } + ++static void ++rfbSendChannelSecurityTypeList(rfbClientPtr cl) ++{ ++ int size = 1; ++ rfbSecurityHandler* handler; ++ uint8_t buffer[MAX_SECURITY_TYPES+1]; ++ ++ for (handler = channelSecurityHandlers; ++ handler && sizenext) { ++ buffer[size] = handler->type; ++ size++; ++ } ++ buffer[0] = (unsigned char)size-1; ++ ++ if (rfbWriteExact(cl, (char *)buffer, size) < 0) { ++ rfbLogPerror("rfbSendSecurityTypeList: write"); ++ rfbCloseClient(cl); ++ return; ++ } + ++ /* Dispatch client input to rfbProcessClientChannelSecurityType. */ ++ cl->state = RFB_CHANNEL_SECURITY_TYPE; ++} + + + /* +@@ -297,18 +374,19 @@ rfbSendSecurityType(rfbClientPtr cl, int32_t securityType) + void + rfbAuthNewClient(rfbClientPtr cl) + { +- int32_t securityType = rfbSecTypeInvalid; ++ int32_t securityType; + +- if (!cl->screen->authPasswdData || cl->reverseConnection) { +- /* chk if this condition is valid or not. */ +- securityType = rfbSecTypeNone; +- } else if (cl->screen->authPasswdData) { +- securityType = rfbSecTypeVncAuth; +- } ++ securityType = determinePrimarySecurityType(cl); + + if (cl->protocolMajorVersion==3 && cl->protocolMinorVersion < 7) + { + /* Make sure we use only RFB 3.3 compatible security types. */ ++ if (channelSecurityHandlers) { ++ rfbLog("VNC channel security enabled - RFB 3.3 client rejected\n"); ++ rfbClientConnFailed(cl, "Your viewer cannot hnadler required " ++ "security methods"); ++ return; ++ } + if (securityType == rfbSecTypeInvalid) { + rfbLog("VNC authentication disabled - RFB 3.3 client rejected\n"); + rfbClientConnFailed(cl, "Your viewer cannot handle required " +@@ -316,9 +394,11 @@ rfbAuthNewClient(rfbClientPtr cl) + return; + } + rfbSendSecurityType(cl, securityType); ++ } else if (channelSecurityHandlers) { ++ rfbSendChannelSecurityTypeList(cl); + } else { + /* Here it's ok when securityType is set to rfbSecTypeInvalid. */ +- rfbSendSecurityTypeList(cl, securityType); ++ rfbSendSecurityTypeList(cl, RFB_SECURITY_TAG_NONE); + } + } + +@@ -332,6 +412,7 @@ rfbProcessClientSecurityType(rfbClientPtr cl) + int n; + uint8_t chosenType; + rfbSecurityHandler* handler; ++ rfbSecurityHandler* handlerListHead; + + /* Read the security type. */ + n = rfbReadExact(cl, (char *)&chosenType, 1); +@@ -344,8 +425,17 @@ rfbProcessClientSecurityType(rfbClientPtr cl) + return; + } + ++ switch (cl->state) { ++ case RFB_CHANNEL_SECURITY_TYPE: ++ handlerListHead = channelSecurityHandlers; ++ break; ++ case RFB_SECURITY_TYPE: ++ handlerListHead = securityHandlers; ++ break; ++ } ++ + /* Make sure it was present in the list sent by the server. */ +- for (handler = securityHandlers; handler; handler = handler->next) { ++ for (handler = handlerListHead; handler; handler = handler->next) { + if (chosenType == handler->type) { + rfbLog("rfbProcessClientSecurityType: executing handler for type %d\n", chosenType); + handler->handler(cl); +diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c +index fbedd9f..1e8b3c1 100644 +--- a/libvncserver/rfbserver.c ++++ b/libvncserver/rfbserver.c +@@ -643,6 +643,7 @@ rfbProcessClientMessage(rfbClientPtr cl) + case RFB_PROTOCOL_VERSION: + rfbProcessClientProtocolVersion(cl); + return; ++ case RFB_CHANNEL_SECURITY_TYPE: + case RFB_SECURITY_TYPE: + rfbProcessClientSecurityType(cl); + return; +diff --git a/rfb/rfb.h b/rfb/rfb.h +index ba9e898..be58d08 100644 +--- a/rfb/rfb.h ++++ b/rfb/rfb.h +@@ -182,6 +182,11 @@ typedef struct { + } data; /**< there have to be count*3 entries */ + } rfbColourMap; + ++enum rfbSecurityTag { ++ RFB_SECURITY_TAG_NONE = 0, ++ RFB_SECURITY_TAG_CHANNEL = 1 << 0 ++}; ++ + /** + * Security handling (RFB protocol version 3.7) + */ +@@ -190,6 +195,7 @@ typedef struct _rfbSecurity { + uint8_t type; + void (*handler)(struct _rfbClientRec* cl); + struct _rfbSecurity* next; ++ enum rfbSecurityTag securityTags; + } rfbSecurityHandler; + + /** +@@ -506,7 +512,7 @@ typedef struct _rfbClientRec { + /** Possible client states: */ + enum { + RFB_PROTOCOL_VERSION, /**< establishing protocol version */ +- RFB_SECURITY_TYPE, /**< negotiating security (RFB v.3.7) */ ++ RFB_SECURITY_TYPE, /**< negotiating security (RFB v.3.7) */ + RFB_AUTHENTICATION, /**< authenticating */ + RFB_INITIALISATION, /**< sending initialisation messages */ + RFB_NORMAL, /**< normal protocol messages */ +@@ -514,7 +520,9 @@ typedef struct _rfbClientRec { + /* Ephemeral internal-use states that will never be seen by software + * using LibVNCServer to provide services: */ + +- RFB_INITIALISATION_SHARED /**< sending initialisation messages with implicit shared-flag already true */ ++ RFB_INITIALISATION_SHARED, /**< sending initialisation messages with implicit shared-flag already true */ ++ ++ RFB_CHANNEL_SECURITY_TYPE, /**< negotiating security (RFB v.3.7) */ + } state; + + rfbBool reverseConnection; +@@ -855,6 +863,9 @@ extern void rfbProcessClientSecurityType(rfbClientPtr cl); + extern void rfbAuthProcessClientMessage(rfbClientPtr cl); + extern void rfbRegisterSecurityHandler(rfbSecurityHandler* handler); + extern void rfbUnregisterSecurityHandler(rfbSecurityHandler* handler); ++extern void rfbRegisterChannelSecurityHandler(rfbSecurityHandler* handler); ++extern void rfbUnregisterChannelSecurityHandler(rfbSecurityHandler* handler); ++extern void rfbSendSecurityTypeList(rfbClientPtr cl, enum rfbSecurityTag exclude); + + /* rre.c */ + +-- +2.17.1 + diff --git a/libvncserver.spec b/libvncserver.spec index d010bfd..cd14b3e 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,7 +1,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.11 -Release: 6%{?dist} +Release: 7%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -11,6 +11,11 @@ Source0: https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{versio ## upstream patches Patch4: 0040-Ensure-compatibility-with-gtk-vnc-0.7.0.patch +## TLS security type enablement patches +# https://github.com/LibVNC/libvncserver/pull/234 +Patch10: 0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch +Patch11: 0002-libvncserver-Add-channel-security-handlers.patch + ## downstream patches Patch100: libvncserver-0.9.11-system_minilzo.patch Patch101: libvncserver-0.9.1-multilib.patch @@ -72,6 +77,9 @@ developing applications that use %{name}. %patch4 -p1 -b .0004 +%patch10 -p1 +%patch11 -p1 + %patch100 -p1 -b .system_minilzo # Nuke bundled minilzo #rm -fv common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c @@ -145,6 +153,9 @@ make -C test test ||: %changelog +* Tue Jun 19 2018 Jonas Ådahl - 0.9.11-7 +- Add API to enable implementing TLS security type + * Mon Feb 26 2018 Petr Pisar - 0.9.11-6 - Fix CVE-2018-7225 (bug #1546860) From 1a0a109b5041fa3261df41aa3186e115075d718f Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 13 Jul 2018 09:02:33 +0000 Subject: [PATCH 59/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index cd14b3e..0a4272b 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,7 +1,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.11 -Release: 7%{?dist} +Release: 8%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -153,6 +153,9 @@ make -C test test ||: %changelog +* Fri Jul 13 2018 Fedora Release Engineering - 0.9.11-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + * Tue Jun 19 2018 Jonas Ådahl - 0.9.11-7 - Add API to enable implementing TLS security type From 45ae4f3098dd8753fc55d5e8fab2d8ffdfca53ce Mon Sep 17 00:00:00 2001 From: Igor Gnatenko Date: Tue, 22 Jan 2019 18:40:15 +0100 Subject: [PATCH 60/81] Remove obsolete ldconfig scriptlets References: https://fedoraproject.org/wiki/Changes/RemoveObsoleteScriptlets Signed-off-by: Igor Gnatenko --- libvncserver.spec | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/libvncserver.spec b/libvncserver.spec index 0a4272b..404391a 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -134,8 +134,7 @@ rm -fv %{buildroot}%{_libdir}/lib*.la make -C test test ||: -%post -p /sbin/ldconfig -%postun -p /sbin/ldconfig +%ldconfig_scriptlets %files %license COPYING From 731a381562471644ebae86f20075550bab9d9a51 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 1 Feb 2019 08:32:02 +0000 Subject: [PATCH 61/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index 404391a..e6c3d95 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,7 +1,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.11 -Release: 8%{?dist} +Release: 9%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -152,6 +152,9 @@ make -C test test ||: %changelog +* Fri Feb 01 2019 Fedora Release Engineering - 0.9.11-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + * Fri Jul 13 2018 Fedora Release Engineering - 0.9.11-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild From 9874cb9fbc73ef5b598ffeac87a69f490a07bdc4 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 25 Jul 2019 14:42:30 +0000 Subject: [PATCH 62/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index e6c3d95..5934fc2 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,7 +1,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.11 -Release: 9%{?dist} +Release: 10%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -152,6 +152,9 @@ make -C test test ||: %changelog +* Thu Jul 25 2019 Fedora Release Engineering - 0.9.11-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + * Fri Feb 01 2019 Fedora Release Engineering - 0.9.11-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild From 8f273ec18c61724a23294d006d56ad98923b38ec Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 29 Jan 2020 10:45:22 +0000 Subject: [PATCH 63/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index 5934fc2..bf8a7c4 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,7 +1,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.11 -Release: 10%{?dist} +Release: 11%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -152,6 +152,9 @@ make -C test test ||: %changelog +* Wed Jan 29 2020 Fedora Release Engineering - 0.9.11-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + * Thu Jul 25 2019 Fedora Release Engineering - 0.9.11-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild From 69c1237250db2a4b5a564509c2fa0ad1d1dd7ae2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Mon, 10 Feb 2020 23:27:40 +0000 Subject: [PATCH 64/81] Update to 0.9.12 phase 1 --- ...d-API-to-add-custom-I-O-entry-points.patch | 13 +-- ...ure-compatibility-with-gtk-vnc-0.7.0.patch | 28 ------ CMakeLists.txt.patch | 22 +++++ libvncserver.spec | 96 +++++++++---------- 4 files changed, 70 insertions(+), 89 deletions(-) delete mode 100644 0040-Ensure-compatibility-with-gtk-vnc-0.7.0.patch create mode 100644 CMakeLists.txt.patch diff --git a/0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch b/0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch index 853ea28..0a8cea8 100644 --- a/0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch +++ b/0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch @@ -150,7 +150,7 @@ diff --git a/rfb/rfb.h b/rfb/rfb.h index f982b40..ba9e898 100644 --- a/rfb/rfb.h +++ b/rfb/rfb.h -@@ -415,6 +415,14 @@ typedef struct sraRegion* sraRegionPtr; +@@ -413,6 +413,14 @@ typedef struct sraRegion* sraRegionPtr; typedef void (*ClientGoneHookPtr)(struct _rfbClientRec* cl); @@ -165,9 +165,9 @@ index f982b40..ba9e898 100644 typedef struct _rfbFileTransferData { int fd; int compressionEnabled; -@@ -696,6 +704,11 @@ typedef struct _rfbClientRec { - wsCtx *wsctx; - char *wspath; /* Requests path component */ +@@ -694,6 +702,11 @@ typedef struct _rfbClientRec { + #ifdef LIBVNCSERVER_HAVE_LIBPTHREAD + int pipe_notify_client_thread[2]; #endif + + ClientReadFromSocket readFromSocket; /* Read data from socket */ @@ -177,7 +177,7 @@ index f982b40..ba9e898 100644 } rfbClientRec, *rfbClientPtr; /** -@@ -748,8 +761,12 @@ extern void rfbDisconnectUDPSock(rfbScreenInfoPtr rfbScreen); +@@ -746,8 +759,12 @@ extern void rfbDisconnectUDPSock(rfbScre extern void rfbCloseClient(rfbClientPtr cl); extern int rfbReadExact(rfbClientPtr cl, char *buf, int len); extern int rfbReadExactTimeout(rfbClientPtr cl, char *buf, int len,int timeout); @@ -190,6 +190,3 @@ index f982b40..ba9e898 100644 extern int rfbCheckFds(rfbScreenInfoPtr rfbScreen,long usec); extern int rfbConnect(rfbScreenInfoPtr rfbScreen, char* host, int port); extern int rfbConnectToTcpAddr(char* host, int port); --- -2.17.1 - diff --git a/0040-Ensure-compatibility-with-gtk-vnc-0.7.0.patch b/0040-Ensure-compatibility-with-gtk-vnc-0.7.0.patch deleted file mode 100644 index a814328..0000000 --- a/0040-Ensure-compatibility-with-gtk-vnc-0.7.0.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 75f04c14e49e084e41bdd5491edad8823773a08c Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= -Date: Tue, 14 Feb 2017 12:42:04 +0100 -Subject: [PATCH 40/98] Ensure compatibility with gtk-vnc 0.7.0+ - ---- - libvncserver/websockets.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/libvncserver/websockets.c b/libvncserver/websockets.c -index 72396c2..0b2d46f 100644 ---- a/libvncserver/websockets.c -+++ b/libvncserver/websockets.c -@@ -245,7 +245,10 @@ webSocketsCheck (rfbClientPtr cl) - return FALSE; - } - -- if (strncmp(bbuf, "<", 1) == 0) { -+ if (strncmp(bbuf, "RFB ", 4) == 0) { -+ rfbLog("Normal socket connection\n"); -+ return TRUE; -+ } else if (strncmp(bbuf, "<", 1) == 0) { - rfbLog("Got Flash policy request, sending response\n"); - if (rfbWriteExact(cl, FLASH_POLICY_RESPONSE, - SZ_FLASH_POLICY_RESPONSE) < 0) { --- -2.9.4 - diff --git a/CMakeLists.txt.patch b/CMakeLists.txt.patch new file mode 100644 index 0000000..f0ebe0b --- /dev/null +++ b/CMakeLists.txt.patch @@ -0,0 +1,22 @@ +--- ./CMakeLists.txt.orig 2020-02-10 05:29:48.921993426 +0000 ++++ ./CMakeLists.txt 2020-02-10 19:27:27.762744228 +0000 +@@ -666,8 +666,8 @@ get_link_libraries(PRIVATE_LIBS vncclien + configure_file(${CMAKE_CURRENT_SOURCE_DIR}/libvncclient.pc.cmakein ${CMAKE_CURRENT_BINARY_DIR}/libvncclient.pc @ONLY) + + +-install_targets(/lib vncserver) +-install_targets(/lib vncclient) ++install_targets(/lib64 vncserver) ++install_targets(/lib64 vncclient) + install_files(/include/rfb FILES + rfb/keysym.h + rfb/rfb.h +@@ -677,7 +677,7 @@ install_files(/include/rfb FILES + rfb/rfbregion.h + ) + +-install_files(/lib/pkgconfig FILES ++install_files(/lib64/pkgconfig FILES + libvncserver.pc + libvncclient.pc + ) diff --git a/libvncserver.spec b/libvncserver.spec index bf8a7c4..0394b4a 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,15 +1,14 @@ Summary: Library to make writing a VNC server easy Name: libvncserver -Version: 0.9.11 -Release: 11%{?dist} +Version: 0.9.12 +Release: 1%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ URL: http://libvnc.github.io/ Source0: https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{version}.tar.gz -## upstream patches -Patch4: 0040-Ensure-compatibility-with-gtk-vnc-0.7.0.patch +Patch1: CMakeLists.txt.patch ## TLS security type enablement patches # https://github.com/LibVNC/libvncserver/pull/234 @@ -27,16 +26,30 @@ Patch104: libvncserver-0.9.11-Validate-client-cut-text-length.patch # 2/2 Fix CVE-2018-7225, bug #1546860 Patch105: libvncserver-0.9.11-Limit-client-cut-text-length-to-1-MB.patch -BuildRequires: autoconf -BuildRequires: automake +BuildRequires: cmake +BuildRequires: pkgconfig(gnutls) +BuildRequires: pkgconfig(sdl2) +BuildRequires: pkgconfig(libsystemd) +BuildRequires: pkgconfig(x11) +BuildRequires: pkgconfig(xdamage) +BuildRequires: pkgconfig(xext) +BuildRequires: pkgconfig(xrandr) +BuildRequires: pkgconfig(xtst) +BuildRequires: pkgconfig(xinerama) +BuildRequires: pkgconfig(xfixes) +BuildRequires: pkgconfig(openssl) +BuildRequires: pkgconfig(zlib) +BuildRequires: pkgconfig(libjpeg) +BuildRequires: pkgconfig(libpng) +#BuildRequires: pkgconfig(lzo2) +#BuildRequires: ffmpeg-devel +BuildRequires: gettext-devel BuildRequires: libgcrypt-devel -BuildRequires: libjpeg-devel -BuildRequires: libtool + + BuildRequires: lzo-devel BuildRequires: lzo-minilzo -BuildRequires: pkgconfig(gnutls) BuildRequires: pkgconfig(libcrypto) -BuildRequires: pkgconfig(libpng) BuildRequires: pkgconfig(libssl) # Additional deps for --with-x11vnc, see https://bugzilla.redhat.com/show_bug.cgi?id=864947 BuildRequires: pkgconfig(avahi-client) @@ -75,25 +88,20 @@ developing applications that use %{name}. %prep %setup -q -n %{name}-LibVNCServer-%{version} -%patch4 -p1 -b .0004 +%patch1 -p1 +#patch4 -p1 -b .0004 %patch10 -p1 %patch11 -p1 -%patch100 -p1 -b .system_minilzo +#patch100 -p1 -b .system_minilzo # Nuke bundled minilzo -#rm -fv common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c +rm -fv common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c -%patch101 -p1 -b .multilib +#patch101 -p1 -b .multilib %patch102 -p1 -%if 0%{?fedora} < 26 -%patch103 -p1 -b .soname -%global soname 0 -%else -%global soname 1 -%endif -%patch104 -p1 -%patch105 -p1 +#patch104 -p1 +#patch105 -p1 # Fix encoding for file in ChangeLog ; do @@ -102,48 +110,27 @@ for file in ChangeLog ; do touch --reference ${file}.OLD $file done -# Needed by patch 1 (and to nuke rpath's) -autoreconf -vif - %build -%configure \ - --disable-silent-rules \ - --disable-static \ - --without-filetransfer \ - --with-gcrypt \ - --with-png \ - --with-x11vnc - -# Hack to omit unused-direct-shlib-dependencies -sed -i -e 's! -shared ! -Wl,--as-needed\0!g' libtool - -make %{?_smp_mflags} - +mkdir -p %{_target_platform} +pushd %{_target_platform} +%cmake .. +popd +%make_build -C %{_target_platform} %install -%make_install - -# Unpackaged files -rm -fv %{buildroot}%{_bindir}/linuxvnc -rm -fv %{buildroot}%{_libdir}/lib*.a -rm -fv %{buildroot}%{_libdir}/lib*.la - - -%check -make -C test test ||: - +%make_install -C %{_target_platform} %ldconfig_scriptlets %files %license COPYING -%doc AUTHORS ChangeLog NEWS README TODO -%{_libdir}/libvncclient.so.%{soname}* -%{_libdir}/libvncserver.so.%{soname}* +%doc AUTHORS ChangeLog NEWS README.md TODO +%{_libdir}/libvncclient.so.* +%{_libdir}/libvncserver.so.* %files devel -%{_bindir}/libvncserver-config +#{_bindir}/libvncserver-config %{_includedir}/rfb/ %{_libdir}/libvncclient.so %{_libdir}/libvncserver.so @@ -152,6 +139,9 @@ make -C test test ||: %changelog +* Tue Feb 11 2020 Sérgio Basto - 0.9.12-1 +- Update to 0.9.12 + * Wed Jan 29 2020 Fedora Release Engineering - 0.9.11-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild From 6d0c01c61508c7c3ac3d098c9f3e1bc9219ecc36 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Tue, 11 Feb 2020 03:01:52 +0000 Subject: [PATCH 65/81] Update to 0.9.12 phase 2 --- CVE-2018-15127.patch | 44 +++++++++++ CVE-2019-15681.patch | 23 ++++++ libvncserver-0.9.1-multilib.patch | 20 ----- ...Limit-client-cut-text-length-to-1-MB.patch | 40 ---------- ...9.11-Validate-client-cut-text-length.patch | 76 ------------------- libvncserver-0.9.11-soname.patch | 22 ------ libvncserver-0.9.11-system_minilzo.patch | 55 -------------- libvncserver.spec | 18 ++--- 8 files changed, 72 insertions(+), 226 deletions(-) create mode 100644 CVE-2018-15127.patch create mode 100644 CVE-2019-15681.patch delete mode 100644 libvncserver-0.9.1-multilib.patch delete mode 100644 libvncserver-0.9.11-Limit-client-cut-text-length-to-1-MB.patch delete mode 100644 libvncserver-0.9.11-Validate-client-cut-text-length.patch delete mode 100644 libvncserver-0.9.11-soname.patch delete mode 100644 libvncserver-0.9.11-system_minilzo.patch diff --git a/CVE-2018-15127.patch b/CVE-2018-15127.patch new file mode 100644 index 0000000..1462436 --- /dev/null +++ b/CVE-2018-15127.patch @@ -0,0 +1,44 @@ +From 09e8fc02f59f16e2583b34fe1a270c238bd9ffec Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= +Date: Mon, 7 Jan 2019 10:40:01 +0100 +Subject: [PATCH] Limit lenght to INT_MAX bytes in + rfbProcessFileTransferReadBuffer() + +This ammends 15bb719c03cc70f14c36a843dcb16ed69b405707 fix for a heap +out-of-bound write access in rfbProcessFileTransferReadBuffer() when +reading a transfered file content in a server. The former fix did not +work on platforms with a 32-bit int type (expected by rfbReadExact()). + +CVE-2018-15127 + + +--- + libvncserver/rfbserver.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c +index 7af84906..f2edbeea 100644 +--- a/libvncserver/rfbserver.c ++++ b/libvncserver/rfbserver.c +@@ -88,6 +88,8 @@ + #include + /* strftime() */ + #include ++/* INT_MAX */ ++#include + + #ifdef LIBVNCSERVER_WITH_WEBSOCKETS + #include "rfbssl.h" +@@ -1472,8 +1474,11 @@ char *rfbProcessFileTransferReadBuffer(rfbClientPtr cl, uint32_t length) + 0XFFFFFFFF, i.e. SIZE_MAX for 32-bit systems. On 64-bit systems, a length of 0XFFFFFFFF + will safely be allocated since this check will never trigger and malloc() can digest length+1 + without problems as length is a uint32_t. ++ We also later pass length to rfbReadExact() that expects a signed int type and ++ that might wrap on platforms with a 32-bit int type if length is bigger ++ than 0X7FFFFFFF. + */ +- if(length == SIZE_MAX) { ++ if(length == SIZE_MAX || length > INT_MAX) { + rfbErr("rfbProcessFileTransferReadBuffer: too big file transfer length requested: %u", (unsigned int)length); + rfbCloseClient(cl); + return NULL; diff --git a/CVE-2019-15681.patch b/CVE-2019-15681.patch new file mode 100644 index 0000000..e328d87 --- /dev/null +++ b/CVE-2019-15681.patch @@ -0,0 +1,23 @@ +From d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a Mon Sep 17 00:00:00 2001 +From: Christian Beier +Date: Mon, 19 Aug 2019 22:32:25 +0200 +Subject: [PATCH] rfbserver: don't leak stack memory to the remote + +Thanks go to Pavel Cheremushkin of Kaspersky for reporting. +--- + libvncserver/rfbserver.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c +index 3bacc891..310e5487 100644 +--- a/libvncserver/rfbserver.c ++++ b/libvncserver/rfbserver.c +@@ -3724,6 +3724,8 @@ rfbSendServerCutText(rfbScreenInfoPtr rfbScreen,char *str, int len) + rfbServerCutTextMsg sct; + rfbClientIteratorPtr iterator; + ++ memset((char *)&sct, 0, sizeof(sct)); ++ + iterator = rfbGetClientIterator(rfbScreen); + while ((cl = rfbClientIteratorNext(iterator)) != NULL) { + sct.type = rfbServerCutText; diff --git a/libvncserver-0.9.1-multilib.patch b/libvncserver-0.9.1-multilib.patch deleted file mode 100644 index d54a470..0000000 --- a/libvncserver-0.9.1-multilib.patch +++ /dev/null @@ -1,20 +0,0 @@ -diff -up LibVNCServer-0.9.1/libvncserver-config.in.multilib LibVNCServer-0.9.1/libvncserver-config.in ---- LibVNCServer-0.9.1/libvncserver-config.in.multilib 2007-05-26 21:28:25.000000000 -0500 -+++ LibVNCServer-0.9.1/libvncserver-config.in 2008-01-22 14:51:08.000000000 -0600 -@@ -4,7 +4,6 @@ prefix=@prefix@ - exec_prefix=@exec_prefix@ - exec_prefix_set=no - includedir=@includedir@ --libdir=@libdir@ - - # if this script is in the same directory as libvncserver-config.in, assume not installed - if [ -f "`dirname "$0"`/libvncserver-config.in" ]; then -@@ -63,7 +62,7 @@ while test $# -gt 0; do - libs="$libs -R$dir" - fi - done -- echo "$libs" -lvncserver -lvncclient @LIBS@ @WSOCKLIB@ -+ echo "$libs" -lvncserver -lvncclient - ;; - --link) - echo @CC@ diff --git a/libvncserver-0.9.11-Limit-client-cut-text-length-to-1-MB.patch b/libvncserver-0.9.11-Limit-client-cut-text-length-to-1-MB.patch deleted file mode 100644 index 2a71f7f..0000000 --- a/libvncserver-0.9.11-Limit-client-cut-text-length-to-1-MB.patch +++ /dev/null @@ -1,40 +0,0 @@ -From e7d578afbb16592ccee8f13aedd65b2220e220ae Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= -Date: Tue, 6 Mar 2018 11:58:02 +0100 -Subject: [PATCH] Limit client cut text length to 1 MB -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This patch constrains client text length to 1 MB. Otherwise a client -could make server allocate 2 GB of memory and that seems to be to much -to classify it as denial of service. - -I keep the previous checks for maximal type values intentionally as -a course of defensive coding. (You cannot never know how small the -types are. And as a warning for people patching out this change not to -introduce CVE-2018-7225 again.) - -Signed-off-by: Petr Písař ---- - libvncserver/rfbserver.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c -index a9561fc..0027343 100644 ---- a/libvncserver/rfbserver.c -+++ b/libvncserver/rfbserver.c -@@ -2587,7 +2587,9 @@ rfbProcessClientNormalMessage(rfbClientPtr cl) - * argument. Here we check that the value fits into all of them to - * prevent from misinterpretation and thus from accessing uninitialized - * memory. CVE-2018-7225 */ -- if (msg.cct.length > SIZE_MAX || msg.cct.length > INT_MAX - sz_rfbClientCutTextMsg) { -+ /* But first to prevent from a denial-of-service by allocating to much -+ * memory in the server, we impose a limit of 1 MB. */ -+ if (msg.cct.length > 1<<20 || msg.cct.length > SIZE_MAX || msg.cct.length > INT_MAX - sz_rfbClientCutTextMsg) { - rfbLog("rfbClientCutText: too big cut text length requested: %" PRIu32 "\n", - msg.cct.length); - rfbCloseClient(cl); --- -2.13.6 - diff --git a/libvncserver-0.9.11-Validate-client-cut-text-length.patch b/libvncserver-0.9.11-Validate-client-cut-text-length.patch deleted file mode 100644 index dc89cdf..0000000 --- a/libvncserver-0.9.11-Validate-client-cut-text-length.patch +++ /dev/null @@ -1,76 +0,0 @@ -From 0073e4f694d5a51bb72ff12a5e8364b6e752e094 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= -Date: Mon, 26 Feb 2018 13:48:00 +0100 -Subject: [PATCH] Validate client cut text length -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Client-provided unsigned 32-bit cut text length is passed to various -functions that expects argument of a different type. - -E.g. "RFB 003.003\n\001\006\0\0\0\xff\xff\xff\xff" string sent to the -RFB server leads to 4294967295 msg.cct.length value that in turn is -interpreted as -1 by rfbReadExact() and thus uninitialized str buffer -with potentially sensitive data is passed to subsequent functions. - -This patch fixes it by checking for a maximal value that still can be -processed correctly. It also corrects accepting length value of zero -(malloc(0) is interpreted on differnet systems differently). - -Whether a client can make the server allocate up to 2 GB and cause -a denial of service on memory-tight systems is kept without answer. -A possible solution would be adding an arbitrary memory limit that is -deemed safe. - -CVE-2018-7225 - - -Signed-off-by: Petr Písař ---- - libvncserver/rfbserver.c | 22 +++++++++++++++++++++- - 1 file changed, 21 insertions(+), 1 deletion(-) - -diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c -index 116c488..a9561fc 100644 ---- a/libvncserver/rfbserver.c -+++ b/libvncserver/rfbserver.c -@@ -88,6 +88,12 @@ - #include - /* strftime() */ - #include -+/* SIZE_MAX */ -+#include -+/* PRIu32 */ -+#include -+/* INT_MAX */ -+#include - - #ifdef LIBVNCSERVER_WITH_WEBSOCKETS - #include "rfbssl.h" -@@ -2575,7 +2581,21 @@ rfbProcessClientNormalMessage(rfbClientPtr cl) - - msg.cct.length = Swap32IfLE(msg.cct.length); - -- str = (char *)malloc(msg.cct.length); -+ /* uint32_t input is passed to malloc()'s size_t argument, -+ * to rfbReadExact()'s int argument, to rfbStatRecordMessageRcvd()'s int -+ * argument increased of sz_rfbClientCutTextMsg, and to setXCutText()'s int -+ * argument. Here we check that the value fits into all of them to -+ * prevent from misinterpretation and thus from accessing uninitialized -+ * memory. CVE-2018-7225 */ -+ if (msg.cct.length > SIZE_MAX || msg.cct.length > INT_MAX - sz_rfbClientCutTextMsg) { -+ rfbLog("rfbClientCutText: too big cut text length requested: %" PRIu32 "\n", -+ msg.cct.length); -+ rfbCloseClient(cl); -+ return; -+ } -+ -+ /* Allow zero-length client cut text. */ -+ str = (char *)malloc(msg.cct.length ? msg.cct.length : 1); - if (str == NULL) { - rfbLogPerror("rfbProcessClientNormalMessage: not enough memory"); - rfbCloseClient(cl); --- -2.13.6 - diff --git a/libvncserver-0.9.11-soname.patch b/libvncserver-0.9.11-soname.patch deleted file mode 100644 index 3b45b34..0000000 --- a/libvncserver-0.9.11-soname.patch +++ /dev/null @@ -1,22 +0,0 @@ -diff -up libvncserver-LibVNCServer-0.9.11/libvncclient/Makefile.am.soname libvncserver-LibVNCServer-0.9.11/libvncclient/Makefile.am ---- libvncserver-LibVNCServer-0.9.11/libvncclient/Makefile.am.soname 2017-05-16 10:21:51.500768946 -0500 -+++ libvncserver-LibVNCServer-0.9.11/libvncclient/Makefile.am 2017-05-17 11:26:44.383312391 -0500 -@@ -25,5 +25,5 @@ EXTRA_DIST=corre.c hextile.c rre.c tight - $(libvncclient_la_OBJECTS): ../rfb/rfbclient.h - - lib_LTLIBRARIES=libvncclient.la --libvncclient_la_LDFLAGS = -version-info 1:0:0 -+libvncclient_la_LDFLAGS = -version-info 0:0:0 - -diff -up libvncserver-LibVNCServer-0.9.11/libvncserver/Makefile.am.soname libvncserver-LibVNCServer-0.9.11/libvncserver/Makefile.am ---- libvncserver-LibVNCServer-0.9.11/libvncserver/Makefile.am.soname 2017-05-16 10:21:51.500768946 -0500 -+++ libvncserver-LibVNCServer-0.9.11/libvncserver/Makefile.am 2017-05-17 11:27:02.259459683 -0500 -@@ -66,7 +66,7 @@ libvncserver_la_LIBADD += $(LIBSYSTEMD_L - endif - - lib_LTLIBRARIES=libvncserver.la --libvncserver_la_LDFLAGS = -version-info 1:0:0 -+libvncserver_la_LDFLAGS = -version-info 0:0:0 - - if HAVE_RPM - $(PACKAGE)-$(VERSION).tar.gz: dist diff --git a/libvncserver-0.9.11-system_minilzo.patch b/libvncserver-0.9.11-system_minilzo.patch deleted file mode 100644 index c513c40..0000000 --- a/libvncserver-0.9.11-system_minilzo.patch +++ /dev/null @@ -1,55 +0,0 @@ -diff -up libvncserver-LibVNCServer-0.9.11/libvncclient/Makefile.am.system_minilzo libvncserver-LibVNCServer-0.9.11/libvncclient/Makefile.am ---- libvncserver-LibVNCServer-0.9.11/libvncclient/Makefile.am.system_minilzo 2017-02-14 10:54:54.308402791 -0600 -+++ libvncserver-LibVNCServer-0.9.11/libvncclient/Makefile.am 2017-02-14 10:56:28.007379315 -0600 -@@ -13,8 +13,8 @@ endif - endif - - --libvncclient_la_SOURCES=cursor.c listen.c rfbproto.c sockets.c vncviewer.c ../common/minilzo.c $(TLSSRCS) --libvncclient_la_LIBADD=$(TLSLIBS) -+libvncclient_la_SOURCES=cursor.c listen.c rfbproto.c sockets.c vncviewer.c $(TLSSRCS) -+libvncclient_la_LIBADD=$(TLSLIBS) -lminilzo - - noinst_HEADERS=../common/lzodefs.h ../common/lzoconf.h ../common/minilzo.h tls.h - -diff -up libvncserver-LibVNCServer-0.9.11/libvncclient/rfbproto.c.system_minilzo libvncserver-LibVNCServer-0.9.11/libvncclient/rfbproto.c ---- libvncserver-LibVNCServer-0.9.11/libvncclient/rfbproto.c.system_minilzo 2016-12-30 07:01:28.000000000 -0600 -+++ libvncserver-LibVNCServer-0.9.11/libvncclient/rfbproto.c 2017-02-14 10:54:54.309402801 -0600 -@@ -66,7 +66,7 @@ - #include - #endif - --#include "minilzo.h" -+#include - #include "tls.h" - - #ifdef _MSC_VER -diff -up libvncserver-LibVNCServer-0.9.11/libvncserver/Makefile.am.system_minilzo libvncserver-LibVNCServer-0.9.11/libvncserver/Makefile.am ---- libvncserver-LibVNCServer-0.9.11/libvncserver/Makefile.am.system_minilzo 2017-02-14 10:54:54.309402801 -0600 -+++ libvncserver-LibVNCServer-0.9.11/libvncserver/Makefile.am 2017-02-14 10:57:28.495009713 -0600 -@@ -53,11 +53,11 @@ endif - LIB_SRCS = main.c rfbserver.c rfbregion.c auth.c sockets.c $(WEBSOCKETSSRCS) \ - stats.c corre.c hextile.c rre.c translate.c cutpaste.c \ - httpd.c cursor.c font.c \ -- draw.c selbox.c ../common/d3des.c ../common/vncauth.c cargs.c ../common/minilzo.c ultra.c scale.c \ -+ draw.c selbox.c ../common/d3des.c ../common/vncauth.c cargs.c ultra.c scale.c \ - $(ZLIBSRCS) $(TIGHTSRCS) $(TIGHTVNCFILETRANSFERSRCS) - - libvncserver_la_SOURCES=$(LIB_SRCS) --libvncserver_la_LIBADD=$(WEBSOCKETSSSLLIBS) -+libvncserver_la_LIBADD=$(WEBSOCKETSSSLLIBS) -lminilzo - - if WITH_SYSTEMD - AM_CPPFLAGS += -DLIBVNCSERVER_WITH_SYSTEMD -diff -up libvncserver-LibVNCServer-0.9.11/libvncserver/ultra.c.system_minilzo libvncserver-LibVNCServer-0.9.11/libvncserver/ultra.c ---- libvncserver-LibVNCServer-0.9.11/libvncserver/ultra.c.system_minilzo 2016-12-30 07:01:28.000000000 -0600 -+++ libvncserver-LibVNCServer-0.9.11/libvncserver/ultra.c 2017-02-14 10:54:54.309402801 -0600 -@@ -8,7 +8,7 @@ - */ - - #include --#include "minilzo.h" -+#include - - /* - * cl->beforeEncBuf contains pixel data in the client's format. diff --git a/libvncserver.spec b/libvncserver.spec index 0394b4a..c0e6832 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -16,15 +16,10 @@ Patch10: 0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch Patch11: 0002-libvncserver-Add-channel-security-handlers.patch ## downstream patches -Patch100: libvncserver-0.9.11-system_minilzo.patch -Patch101: libvncserver-0.9.1-multilib.patch Patch102: LibVNCServer-0.9.10-system-crypto-policy.patch -# revert soname bump -Patch103: libvncserver-0.9.11-soname.patch -# 1/2 Fix CVE-2018-7225, bug #1546860 -Patch104: libvncserver-0.9.11-Validate-client-cut-text-length.patch -# 2/2 Fix CVE-2018-7225, bug #1546860 -Patch105: libvncserver-0.9.11-Limit-client-cut-text-length-to-1-MB.patch + +Patch106: CVE-2018-15127.patch +Patch107: CVE-2019-15681.patch BuildRequires: cmake BuildRequires: pkgconfig(gnutls) @@ -89,19 +84,16 @@ developing applications that use %{name}. %setup -q -n %{name}-LibVNCServer-%{version} %patch1 -p1 -#patch4 -p1 -b .0004 %patch10 -p1 %patch11 -p1 -#patch100 -p1 -b .system_minilzo # Nuke bundled minilzo rm -fv common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c -#patch101 -p1 -b .multilib %patch102 -p1 -#patch104 -p1 -#patch105 -p1 +%patch106 -p1 +%patch107 -p1 # Fix encoding for file in ChangeLog ; do From 79761f1333a59de08e70d4649a1ba26dd919e48b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Wed, 12 Feb 2020 22:13:49 +0000 Subject: [PATCH 66/81] Fix build on 32bits arches and on epel 7 --- libvncserver.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/libvncserver.spec b/libvncserver.spec index c0e6832..b967d89 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -21,7 +21,8 @@ Patch102: LibVNCServer-0.9.10-system-crypto-policy.patch Patch106: CVE-2018-15127.patch Patch107: CVE-2019-15681.patch -BuildRequires: cmake +BuildRequires: gcc-c++ +BuildRequires: cmake3 BuildRequires: pkgconfig(gnutls) BuildRequires: pkgconfig(sdl2) BuildRequires: pkgconfig(libsystemd) @@ -83,7 +84,9 @@ developing applications that use %{name}. %prep %setup -q -n %{name}-LibVNCServer-%{version} +%if "%{_libdir}" == "/usr/lib64" %patch1 -p1 +%endif %patch10 -p1 %patch11 -p1 @@ -106,7 +109,7 @@ done %build mkdir -p %{_target_platform} pushd %{_target_platform} -%cmake .. +%cmake3 .. popd %make_build -C %{_target_platform} From 1489dcc38ac5a69b28842589fd46152f6261c415 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Mon, 17 Feb 2020 21:47:35 +0000 Subject: [PATCH 67/81] Update to 0.9.12 --- ...f144a3783d9f1f2c976acf9f4d85988fd466.patch | 25 +++++++++++ ...a7e42e86dfb98dd7458ad29def476cf6096f.patch | 42 +++++++++++++++++++ ...1279ed5b10effecd879caf6c3791842ca713.patch | 38 +++++++++++++++++ CMakeLists.txt.patch | 22 ---------- ...6539835d11c0f4723499f8be4bc9c7724eb9.patch | 32 ++++++++++++++ libvncserver.spec | 11 +++-- 6 files changed, 145 insertions(+), 25 deletions(-) create mode 100644 15c4f144a3783d9f1f2c976acf9f4d85988fd466.patch create mode 100644 3348a7e42e86dfb98dd7458ad29def476cf6096f.patch create mode 100644 36a71279ed5b10effecd879caf6c3791842ca713.patch delete mode 100644 CMakeLists.txt.patch create mode 100644 d0a76539835d11c0f4723499f8be4bc9c7724eb9.patch diff --git a/15c4f144a3783d9f1f2c976acf9f4d85988fd466.patch b/15c4f144a3783d9f1f2c976acf9f4d85988fd466.patch new file mode 100644 index 0000000..b8edd35 --- /dev/null +++ b/15c4f144a3783d9f1f2c976acf9f4d85988fd466.patch @@ -0,0 +1,25 @@ +From 15c4f144a3783d9f1f2c976acf9f4d85988fd466 Mon Sep 17 00:00:00 2001 +From: Albert Astals Cid +Date: Sun, 5 Jan 2020 19:56:57 +0100 +Subject: [PATCH] rfbShutdownServer: Call rfbClientConnectionGone if no + backgroundLoop + +Otherwise the servers that don't use rfbRunEventLoop don't get +notified of client disconnections +--- + libvncserver/main.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/libvncserver/main.c b/libvncserver/main.c +index b51f0ab6..738a501d 100644 +--- a/libvncserver/main.c ++++ b/libvncserver/main.c +@@ -1152,6 +1152,8 @@ void rfbShutdownServer(rfbScreenInfoPtr screen,rfbBool disconnectClients) { + write(currentCl->pipe_notify_client_thread[1], "\x00", 1); + /* And wait for it to finish. */ + pthread_join(currentCl->client_thread, NULL); ++ } else { ++ rfbClientConnectionGone(currentCl); + } + #else + rfbClientConnectionGone(currentCl); diff --git a/3348a7e42e86dfb98dd7458ad29def476cf6096f.patch b/3348a7e42e86dfb98dd7458ad29def476cf6096f.patch new file mode 100644 index 0000000..9adde95 --- /dev/null +++ b/3348a7e42e86dfb98dd7458ad29def476cf6096f.patch @@ -0,0 +1,42 @@ +From 3348a7e42e86dfb98dd7458ad29def476cf6096f Mon Sep 17 00:00:00 2001 +From: Christian Beier +Date: Sat, 9 Feb 2019 13:23:26 +0100 +Subject: [PATCH] CMake: replace hardcoded 'lib' with ${CMAKE_INSTALL_LIBDIR} + +Closes #281 +--- + CMakeLists.txt | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index 873cc7b5..55f7e650 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -9,6 +9,7 @@ include(CheckTypeSize) + include(TestBigEndian) + include(CheckCSourceCompiles) + include(CheckCSourceRuns) ++include(GNUInstallDirs) + + enable_testing() + +@@ -666,8 +667,8 @@ get_link_libraries(PRIVATE_LIBS vncclient) + configure_file(${CMAKE_CURRENT_SOURCE_DIR}/libvncclient.pc.cmakein ${CMAKE_CURRENT_BINARY_DIR}/libvncclient.pc @ONLY) + + +-install_targets(/lib vncserver) +-install_targets(/lib vncclient) ++install_targets(/${CMAKE_INSTALL_LIBDIR} vncserver) ++install_targets(/${CMAKE_INSTALL_LIBDIR} vncclient) + install_files(/include/rfb FILES + rfb/keysym.h + rfb/rfb.h +@@ -677,7 +678,7 @@ install_files(/include/rfb FILES + rfb/rfbregion.h + ) + +-install_files(/lib/pkgconfig FILES ++install_files(/${CMAKE_INSTALL_LIBDIR}/pkgconfig FILES + libvncserver.pc + libvncclient.pc + ) diff --git a/36a71279ed5b10effecd879caf6c3791842ca713.patch b/36a71279ed5b10effecd879caf6c3791842ca713.patch new file mode 100644 index 0000000..c72b80e --- /dev/null +++ b/36a71279ed5b10effecd879caf6c3791842ca713.patch @@ -0,0 +1,38 @@ +From 36a71279ed5b10effecd879caf6c3791842ca713 Mon Sep 17 00:00:00 2001 +From: Christian Beier +Date: Thu, 28 Mar 2019 21:06:36 +0100 +Subject: [PATCH] CMake: replace 'lib' with ${CMAKE_INSTALL_LIBDIR} for + pkgconfig files as well + +Thanks to https://github.com/ikelos for spotting this ;-) + +Closes #290 +--- + libvncclient.pc.cmakein | 2 +- + libvncserver.pc.cmakein | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/libvncclient.pc.cmakein b/libvncclient.pc.cmakein +index 169a8b7c..445f7e74 100644 +--- a/libvncclient.pc.cmakein ++++ b/libvncclient.pc.cmakein +@@ -1,6 +1,6 @@ + prefix=@CMAKE_INSTALL_PREFIX@ + exec_prefix=@CMAKE_INSTALL_PREFIX@ +-libdir=@CMAKE_INSTALL_PREFIX@/lib ++libdir=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@ + includedir=@CMAKE_INSTALL_PREFIX@/include + + Name: LibVNCClient +diff --git a/libvncserver.pc.cmakein b/libvncserver.pc.cmakein +index f38d74fe..c6898061 100644 +--- a/libvncserver.pc.cmakein ++++ b/libvncserver.pc.cmakein +@@ -1,6 +1,6 @@ + prefix=@CMAKE_INSTALL_PREFIX@ + exec_prefix=@CMAKE_INSTALL_PREFIX@ +-libdir=@CMAKE_INSTALL_PREFIX@/lib ++libdir=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@ + includedir=@CMAKE_INSTALL_PREFIX@/include + + Name: LibVNCServer diff --git a/CMakeLists.txt.patch b/CMakeLists.txt.patch deleted file mode 100644 index f0ebe0b..0000000 --- a/CMakeLists.txt.patch +++ /dev/null @@ -1,22 +0,0 @@ ---- ./CMakeLists.txt.orig 2020-02-10 05:29:48.921993426 +0000 -+++ ./CMakeLists.txt 2020-02-10 19:27:27.762744228 +0000 -@@ -666,8 +666,8 @@ get_link_libraries(PRIVATE_LIBS vncclien - configure_file(${CMAKE_CURRENT_SOURCE_DIR}/libvncclient.pc.cmakein ${CMAKE_CURRENT_BINARY_DIR}/libvncclient.pc @ONLY) - - --install_targets(/lib vncserver) --install_targets(/lib vncclient) -+install_targets(/lib64 vncserver) -+install_targets(/lib64 vncclient) - install_files(/include/rfb FILES - rfb/keysym.h - rfb/rfb.h -@@ -677,7 +677,7 @@ install_files(/include/rfb FILES - rfb/rfbregion.h - ) - --install_files(/lib/pkgconfig FILES -+install_files(/lib64/pkgconfig FILES - libvncserver.pc - libvncclient.pc - ) diff --git a/d0a76539835d11c0f4723499f8be4bc9c7724eb9.patch b/d0a76539835d11c0f4723499f8be4bc9c7724eb9.patch new file mode 100644 index 0000000..7192b6f --- /dev/null +++ b/d0a76539835d11c0f4723499f8be4bc9c7724eb9.patch @@ -0,0 +1,32 @@ +From d0a76539835d11c0f4723499f8be4bc9c7724eb9 Mon Sep 17 00:00:00 2001 +From: Rajesh Sahoo +Date: Tue, 11 Jun 2019 15:13:04 +0530 +Subject: [PATCH] avoid pthread_join if backgroundLoop is FALSE + +client_thread is created depending upon backgroundLoop, but joining +without checking for same condition. so we are trying to join a garbage +thread_id. +--- + libvncserver/main.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/libvncserver/main.c b/libvncserver/main.c +index d3cd9b1e..772fb18f 100644 +--- a/libvncserver/main.c ++++ b/libvncserver/main.c +@@ -1112,6 +1112,7 @@ void rfbShutdownServer(rfbScreenInfoPtr screen,rfbBool disconnectClients) { + } + + #ifdef LIBVNCSERVER_HAVE_LIBPTHREAD ++ if(currentCl->screen->backgroundLoop) { + /* + Notify the thread. This simply writes a NULL byte to the notify pipe in order to get past the select() + in clientInput(), the loop in there will then break because the rfbCloseClient() above has set +@@ -1120,6 +1121,7 @@ void rfbShutdownServer(rfbScreenInfoPtr screen,rfbBool disconnectClients) { + write(currentCl->pipe_notify_client_thread[1], "\x00", 1); + /* And wait for it to finish. */ + pthread_join(currentCl->client_thread, NULL); ++ } + #else + rfbClientConnectionGone(currentCl); + #endif diff --git a/libvncserver.spec b/libvncserver.spec index b967d89..13f1138 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -8,7 +8,11 @@ License: GPLv2+ URL: http://libvnc.github.io/ Source0: https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{version}.tar.gz -Patch1: CMakeLists.txt.patch +Patch1: 3348a7e42e86dfb98dd7458ad29def476cf6096f.patch +Patch2: 36a71279ed5b10effecd879caf6c3791842ca713.patch +Patch3: d0a76539835d11c0f4723499f8be4bc9c7724eb9.patch +Patch4: 15c4f144a3783d9f1f2c976acf9f4d85988fd466.patch + ## TLS security type enablement patches # https://github.com/LibVNC/libvncserver/pull/234 @@ -84,9 +88,10 @@ developing applications that use %{name}. %prep %setup -q -n %{name}-LibVNCServer-%{version} -%if "%{_libdir}" == "/usr/lib64" %patch1 -p1 -%endif +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 %patch10 -p1 %patch11 -p1 From b8138f6b1ad564d2b08e848fb842fde1340f9342 Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Tue, 18 Feb 2020 14:10:10 -0600 Subject: [PATCH 68/81] new-sources --- .gitignore | 1 + sources | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 2f3d545..e5d99d2 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,4 @@ /LibVNCServer-0.9.10-9453be42.tar.gz /LibVNCServer-0.9.10.tar.gz /LibVNCServer-0.9.11.tar.gz +/LibVNCServer-0.9.12.tar.gz diff --git a/sources b/sources index 67f4805..69214d2 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (LibVNCServer-0.9.11.tar.gz) = e473c081b68dd3cdd96a1756b4f4945ece79d3c8e4cef62140be1699671555fc16d3080e81d764197a14ea83203ffcd0e18c3cc182e012d036e3faae943003fb +SHA512 (LibVNCServer-0.9.12.tar.gz) = 60ff1cc93a937d6f8f97449bc58b763095846207112f7b1b3c43eb2d74448b595d6da949903a764bd484ee54e38ff6277e882adbe965dd6d26ba15ef6ff6fcb8 From ef2f30c801a7a821ab32eba18d00b7f69e07638e Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Thu, 2 Jul 2020 08:20:09 -0500 Subject: [PATCH 69/81] 0.9.13 FIXME/TODO: tls patches need rebasing, work-in-progress --- .gitignore | 1 + ...f144a3783d9f1f2c976acf9f4d85988fd466.patch | 25 ----------- ...a7e42e86dfb98dd7458ad29def476cf6096f.patch | 42 ------------------ ...1279ed5b10effecd879caf6c3791842ca713.patch | 38 ---------------- CVE-2018-15127.patch | 44 ------------------- CVE-2019-15681.patch | 23 ---------- ...NCServer-0.9.10-system-crypto-policy.patch | 26 ----------- ...6539835d11c0f4723499f8be4bc9c7724eb9.patch | 32 -------------- ...NCServer-0.9.13-system-crypto-policy.patch | 15 +++++++ libvncserver.spec | 36 ++++++--------- sources | 2 +- 11 files changed, 30 insertions(+), 254 deletions(-) delete mode 100644 15c4f144a3783d9f1f2c976acf9f4d85988fd466.patch delete mode 100644 3348a7e42e86dfb98dd7458ad29def476cf6096f.patch delete mode 100644 36a71279ed5b10effecd879caf6c3791842ca713.patch delete mode 100644 CVE-2018-15127.patch delete mode 100644 CVE-2019-15681.patch delete mode 100644 LibVNCServer-0.9.10-system-crypto-policy.patch delete mode 100644 d0a76539835d11c0f4723499f8be4bc9c7724eb9.patch create mode 100644 libvncserver-LibVNCServer-0.9.13-system-crypto-policy.patch diff --git a/.gitignore b/.gitignore index e5d99d2..087deae 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,4 @@ /LibVNCServer-0.9.10.tar.gz /LibVNCServer-0.9.11.tar.gz /LibVNCServer-0.9.12.tar.gz +/LibVNCServer-0.9.13.tar.gz diff --git a/15c4f144a3783d9f1f2c976acf9f4d85988fd466.patch b/15c4f144a3783d9f1f2c976acf9f4d85988fd466.patch deleted file mode 100644 index b8edd35..0000000 --- a/15c4f144a3783d9f1f2c976acf9f4d85988fd466.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 15c4f144a3783d9f1f2c976acf9f4d85988fd466 Mon Sep 17 00:00:00 2001 -From: Albert Astals Cid -Date: Sun, 5 Jan 2020 19:56:57 +0100 -Subject: [PATCH] rfbShutdownServer: Call rfbClientConnectionGone if no - backgroundLoop - -Otherwise the servers that don't use rfbRunEventLoop don't get -notified of client disconnections ---- - libvncserver/main.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/libvncserver/main.c b/libvncserver/main.c -index b51f0ab6..738a501d 100644 ---- a/libvncserver/main.c -+++ b/libvncserver/main.c -@@ -1152,6 +1152,8 @@ void rfbShutdownServer(rfbScreenInfoPtr screen,rfbBool disconnectClients) { - write(currentCl->pipe_notify_client_thread[1], "\x00", 1); - /* And wait for it to finish. */ - pthread_join(currentCl->client_thread, NULL); -+ } else { -+ rfbClientConnectionGone(currentCl); - } - #else - rfbClientConnectionGone(currentCl); diff --git a/3348a7e42e86dfb98dd7458ad29def476cf6096f.patch b/3348a7e42e86dfb98dd7458ad29def476cf6096f.patch deleted file mode 100644 index 9adde95..0000000 --- a/3348a7e42e86dfb98dd7458ad29def476cf6096f.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 3348a7e42e86dfb98dd7458ad29def476cf6096f Mon Sep 17 00:00:00 2001 -From: Christian Beier -Date: Sat, 9 Feb 2019 13:23:26 +0100 -Subject: [PATCH] CMake: replace hardcoded 'lib' with ${CMAKE_INSTALL_LIBDIR} - -Closes #281 ---- - CMakeLists.txt | 7 ++++--- - 1 file changed, 4 insertions(+), 3 deletions(-) - -diff --git a/CMakeLists.txt b/CMakeLists.txt -index 873cc7b5..55f7e650 100644 ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -9,6 +9,7 @@ include(CheckTypeSize) - include(TestBigEndian) - include(CheckCSourceCompiles) - include(CheckCSourceRuns) -+include(GNUInstallDirs) - - enable_testing() - -@@ -666,8 +667,8 @@ get_link_libraries(PRIVATE_LIBS vncclient) - configure_file(${CMAKE_CURRENT_SOURCE_DIR}/libvncclient.pc.cmakein ${CMAKE_CURRENT_BINARY_DIR}/libvncclient.pc @ONLY) - - --install_targets(/lib vncserver) --install_targets(/lib vncclient) -+install_targets(/${CMAKE_INSTALL_LIBDIR} vncserver) -+install_targets(/${CMAKE_INSTALL_LIBDIR} vncclient) - install_files(/include/rfb FILES - rfb/keysym.h - rfb/rfb.h -@@ -677,7 +678,7 @@ install_files(/include/rfb FILES - rfb/rfbregion.h - ) - --install_files(/lib/pkgconfig FILES -+install_files(/${CMAKE_INSTALL_LIBDIR}/pkgconfig FILES - libvncserver.pc - libvncclient.pc - ) diff --git a/36a71279ed5b10effecd879caf6c3791842ca713.patch b/36a71279ed5b10effecd879caf6c3791842ca713.patch deleted file mode 100644 index c72b80e..0000000 --- a/36a71279ed5b10effecd879caf6c3791842ca713.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 36a71279ed5b10effecd879caf6c3791842ca713 Mon Sep 17 00:00:00 2001 -From: Christian Beier -Date: Thu, 28 Mar 2019 21:06:36 +0100 -Subject: [PATCH] CMake: replace 'lib' with ${CMAKE_INSTALL_LIBDIR} for - pkgconfig files as well - -Thanks to https://github.com/ikelos for spotting this ;-) - -Closes #290 ---- - libvncclient.pc.cmakein | 2 +- - libvncserver.pc.cmakein | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/libvncclient.pc.cmakein b/libvncclient.pc.cmakein -index 169a8b7c..445f7e74 100644 ---- a/libvncclient.pc.cmakein -+++ b/libvncclient.pc.cmakein -@@ -1,6 +1,6 @@ - prefix=@CMAKE_INSTALL_PREFIX@ - exec_prefix=@CMAKE_INSTALL_PREFIX@ --libdir=@CMAKE_INSTALL_PREFIX@/lib -+libdir=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@ - includedir=@CMAKE_INSTALL_PREFIX@/include - - Name: LibVNCClient -diff --git a/libvncserver.pc.cmakein b/libvncserver.pc.cmakein -index f38d74fe..c6898061 100644 ---- a/libvncserver.pc.cmakein -+++ b/libvncserver.pc.cmakein -@@ -1,6 +1,6 @@ - prefix=@CMAKE_INSTALL_PREFIX@ - exec_prefix=@CMAKE_INSTALL_PREFIX@ --libdir=@CMAKE_INSTALL_PREFIX@/lib -+libdir=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@ - includedir=@CMAKE_INSTALL_PREFIX@/include - - Name: LibVNCServer diff --git a/CVE-2018-15127.patch b/CVE-2018-15127.patch deleted file mode 100644 index 1462436..0000000 --- a/CVE-2018-15127.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 09e8fc02f59f16e2583b34fe1a270c238bd9ffec Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= -Date: Mon, 7 Jan 2019 10:40:01 +0100 -Subject: [PATCH] Limit lenght to INT_MAX bytes in - rfbProcessFileTransferReadBuffer() - -This ammends 15bb719c03cc70f14c36a843dcb16ed69b405707 fix for a heap -out-of-bound write access in rfbProcessFileTransferReadBuffer() when -reading a transfered file content in a server. The former fix did not -work on platforms with a 32-bit int type (expected by rfbReadExact()). - -CVE-2018-15127 - - ---- - libvncserver/rfbserver.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c -index 7af84906..f2edbeea 100644 ---- a/libvncserver/rfbserver.c -+++ b/libvncserver/rfbserver.c -@@ -88,6 +88,8 @@ - #include - /* strftime() */ - #include -+/* INT_MAX */ -+#include - - #ifdef LIBVNCSERVER_WITH_WEBSOCKETS - #include "rfbssl.h" -@@ -1472,8 +1474,11 @@ char *rfbProcessFileTransferReadBuffer(rfbClientPtr cl, uint32_t length) - 0XFFFFFFFF, i.e. SIZE_MAX for 32-bit systems. On 64-bit systems, a length of 0XFFFFFFFF - will safely be allocated since this check will never trigger and malloc() can digest length+1 - without problems as length is a uint32_t. -+ We also later pass length to rfbReadExact() that expects a signed int type and -+ that might wrap on platforms with a 32-bit int type if length is bigger -+ than 0X7FFFFFFF. - */ -- if(length == SIZE_MAX) { -+ if(length == SIZE_MAX || length > INT_MAX) { - rfbErr("rfbProcessFileTransferReadBuffer: too big file transfer length requested: %u", (unsigned int)length); - rfbCloseClient(cl); - return NULL; diff --git a/CVE-2019-15681.patch b/CVE-2019-15681.patch deleted file mode 100644 index e328d87..0000000 --- a/CVE-2019-15681.patch +++ /dev/null @@ -1,23 +0,0 @@ -From d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a Mon Sep 17 00:00:00 2001 -From: Christian Beier -Date: Mon, 19 Aug 2019 22:32:25 +0200 -Subject: [PATCH] rfbserver: don't leak stack memory to the remote - -Thanks go to Pavel Cheremushkin of Kaspersky for reporting. ---- - libvncserver/rfbserver.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c -index 3bacc891..310e5487 100644 ---- a/libvncserver/rfbserver.c -+++ b/libvncserver/rfbserver.c -@@ -3724,6 +3724,8 @@ rfbSendServerCutText(rfbScreenInfoPtr rfbScreen,char *str, int len) - rfbServerCutTextMsg sct; - rfbClientIteratorPtr iterator; - -+ memset((char *)&sct, 0, sizeof(sct)); -+ - iterator = rfbGetClientIterator(rfbScreen); - while ((cl = rfbClientIteratorNext(iterator)) != NULL) { - sct.type = rfbServerCutText; diff --git a/LibVNCServer-0.9.10-system-crypto-policy.patch b/LibVNCServer-0.9.10-system-crypto-policy.patch deleted file mode 100644 index 47d540b..0000000 --- a/LibVNCServer-0.9.10-system-crypto-policy.patch +++ /dev/null @@ -1,26 +0,0 @@ -diff -Naur libvncserver-LibVNCServer-0.9.10.old/libvncclient/tls_gnutls.c libvncserver-LibVNCServer-0.9.10/libvncclient/tls_gnutls.c ---- libvncserver-LibVNCServer-0.9.10.old/libvncclient/tls_gnutls.c 2015-12-12 00:14:37.269157918 +0100 -+++ libvncserver-LibVNCServer-0.9.10/libvncclient/tls_gnutls.c 2015-12-12 11:23:29.391385234 +0100 -@@ -31,8 +31,8 @@ - #include "tls.h" - - --static const char *rfbTLSPriority = "NORMAL:+DHE-DSS:+RSA:+DHE-RSA:+SRP"; --static const char *rfbAnonTLSPriority= "NORMAL:+ANON-DH"; -+static const char *rfbTLSPriority = "@SYSTEM"; -+static const char *rfbAnonTLSPriority= "@SYSTEM:+ANON-DH"; - - #define DH_BITS 1024 - static gnutls_dh_params_t rfbDHParams; -diff -Naur libvncserver-LibVNCServer-0.9.10.old/libvncserver/rfbssl_gnutls.c libvncserver-LibVNCServer-0.9.10/libvncserver/rfbssl_gnutls.c ---- libvncserver-LibVNCServer-0.9.10.old/libvncserver/rfbssl_gnutls.c 2015-12-12 00:14:37.270157930 +0100 -+++ libvncserver-LibVNCServer-0.9.10/libvncserver/rfbssl_gnutls.c 2015-12-12 11:14:49.966830581 +0100 -@@ -54,7 +54,7 @@ - - if (!GNUTLS_E_SUCCESS == (ret = gnutls_init(&session, GNUTLS_SERVER))) { - /* */ -- } else if (!GNUTLS_E_SUCCESS == (ret = gnutls_priority_set_direct(session, "EXPORT", NULL))) { -+ } else if (!GNUTLS_E_SUCCESS == (ret = gnutls_set_default_priority(session))) { - /* */ - } else if (!GNUTLS_E_SUCCESS == (ret = gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, ctx->x509_cred))) { - /* */ diff --git a/d0a76539835d11c0f4723499f8be4bc9c7724eb9.patch b/d0a76539835d11c0f4723499f8be4bc9c7724eb9.patch deleted file mode 100644 index 7192b6f..0000000 --- a/d0a76539835d11c0f4723499f8be4bc9c7724eb9.patch +++ /dev/null @@ -1,32 +0,0 @@ -From d0a76539835d11c0f4723499f8be4bc9c7724eb9 Mon Sep 17 00:00:00 2001 -From: Rajesh Sahoo -Date: Tue, 11 Jun 2019 15:13:04 +0530 -Subject: [PATCH] avoid pthread_join if backgroundLoop is FALSE - -client_thread is created depending upon backgroundLoop, but joining -without checking for same condition. so we are trying to join a garbage -thread_id. ---- - libvncserver/main.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/libvncserver/main.c b/libvncserver/main.c -index d3cd9b1e..772fb18f 100644 ---- a/libvncserver/main.c -+++ b/libvncserver/main.c -@@ -1112,6 +1112,7 @@ void rfbShutdownServer(rfbScreenInfoPtr screen,rfbBool disconnectClients) { - } - - #ifdef LIBVNCSERVER_HAVE_LIBPTHREAD -+ if(currentCl->screen->backgroundLoop) { - /* - Notify the thread. This simply writes a NULL byte to the notify pipe in order to get past the select() - in clientInput(), the loop in there will then break because the rfbCloseClient() above has set -@@ -1120,6 +1121,7 @@ void rfbShutdownServer(rfbScreenInfoPtr screen,rfbBool disconnectClients) { - write(currentCl->pipe_notify_client_thread[1], "\x00", 1); - /* And wait for it to finish. */ - pthread_join(currentCl->client_thread, NULL); -+ } - #else - rfbClientConnectionGone(currentCl); - #endif diff --git a/libvncserver-LibVNCServer-0.9.13-system-crypto-policy.patch b/libvncserver-LibVNCServer-0.9.13-system-crypto-policy.patch new file mode 100644 index 0000000..493617f --- /dev/null +++ b/libvncserver-LibVNCServer-0.9.13-system-crypto-policy.patch @@ -0,0 +1,15 @@ +diff -up libvncserver-LibVNCServer-0.9.13/libvncclient/tls_gnutls.c.crypto_policy libvncserver-LibVNCServer-0.9.13/libvncclient/tls_gnutls.c +--- libvncserver-LibVNCServer-0.9.13/libvncclient/tls_gnutls.c.crypto_policy 2020-06-13 13:49:53.000000000 -0500 ++++ libvncserver-LibVNCServer-0.9.13/libvncclient/tls_gnutls.c 2020-07-02 08:00:54.304902893 -0500 +@@ -29,8 +29,8 @@ + #include "tls.h" + + +-static const char *rfbTLSPriority = "NORMAL:+DHE-DSS:+RSA:+DHE-RSA:+SRP"; +-static const char *rfbAnonTLSPriority= "NORMAL:+ANON-DH"; ++static const char *rfbTLSPriority = "@SYSTEM"; ++static const char *rfbAnonTLSPriority= "@SYSTEM:+ANON-DH"; + + #define DH_BITS 1024 + static gnutls_dh_params_t rfbDHParams; +diff -up libvncserver-LibVNCServer-0.9.13/libvncserver/rfbssl_gnutls.c.crypto_policy libvncserver-LibVNCServer-0.9.13/libvncserver/rfbssl_gnutls.c diff --git a/libvncserver.spec b/libvncserver.spec index 13f1138..018f8a8 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,6 +1,6 @@ Summary: Library to make writing a VNC server easy Name: libvncserver -Version: 0.9.12 +Version: 0.9.13 Release: 1%{?dist} # NOTE: --with-filetransfer => GPLv2 @@ -8,22 +8,13 @@ License: GPLv2+ URL: http://libvnc.github.io/ Source0: https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{version}.tar.gz -Patch1: 3348a7e42e86dfb98dd7458ad29def476cf6096f.patch -Patch2: 36a71279ed5b10effecd879caf6c3791842ca713.patch -Patch3: d0a76539835d11c0f4723499f8be4bc9c7724eb9.patch -Patch4: 15c4f144a3783d9f1f2c976acf9f4d85988fd466.patch - - ## TLS security type enablement patches # https://github.com/LibVNC/libvncserver/pull/234 Patch10: 0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch Patch11: 0002-libvncserver-Add-channel-security-handlers.patch ## downstream patches -Patch102: LibVNCServer-0.9.10-system-crypto-policy.patch - -Patch106: CVE-2018-15127.patch -Patch107: CVE-2019-15681.patch +Patch102: libvncserver-LibVNCServer-0.9.13-system-crypto-policy.patch BuildRequires: gcc-c++ BuildRequires: cmake3 @@ -88,20 +79,15 @@ developing applications that use %{name}. %prep %setup -q -n %{name}-LibVNCServer-%{version} -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 +## FIXME: needs rebasing +#patch10 -p1 -b .tls-1 +#patch11 -p1 -b .tls-2 -%patch10 -p1 -%patch11 -p1 +%patch102 -p1 -b .crypto_policy # Nuke bundled minilzo rm -fv common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c -%patch102 -p1 -%patch106 -p1 -%patch107 -p1 # Fix encoding for file in ChangeLog ; do @@ -125,9 +111,9 @@ popd %files %license COPYING -%doc AUTHORS ChangeLog NEWS README.md TODO -%{_libdir}/libvncclient.so.* -%{_libdir}/libvncserver.so.* +%doc AUTHORS ChangeLog NEWS* README* TODO* +%{_libdir}/libvncclient.so.1* +%{_libdir}/libvncserver.so.1* %files devel #{_bindir}/libvncserver-config @@ -139,6 +125,10 @@ popd %changelog +* Thu Jul 02 2020 Rex Dieter - 0.9.13-1 +- 0.9.13 +- FIXME/TODO: tls patches need rebasing, work-in-progress + * Tue Feb 11 2020 Sérgio Basto - 0.9.12-1 - Update to 0.9.12 diff --git a/sources b/sources index 69214d2..07072b2 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (LibVNCServer-0.9.12.tar.gz) = 60ff1cc93a937d6f8f97449bc58b763095846207112f7b1b3c43eb2d74448b595d6da949903a764bd484ee54e38ff6277e882adbe965dd6d26ba15ef6ff6fcb8 +SHA512 (LibVNCServer-0.9.13.tar.gz) = 18b0a1698d32bbdbfe6f65f76130b2a95860e3cc76e8adb904269663698c7c0ae982f451fda1f25e5461f096045d40a89d9014258f439366d5b4feaa4999d643 From 3995c25270b826d0ac384fe5ebdaebbc40cdf34b Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Thu, 2 Jul 2020 08:35:47 -0500 Subject: [PATCH 70/81] tls patches rebased --- ...d-API-to-add-custom-I-O-entry-points.patch | 101 +++++++++++++----- ...server-Add-channel-security-handlers.patch | 34 +++--- libvncserver.spec | 9 +- 3 files changed, 99 insertions(+), 45 deletions(-) diff --git a/0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch b/0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch index 0a8cea8..af27908 100644 --- a/0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch +++ b/0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch @@ -1,4 +1,4 @@ -From 0a98d629447964f1d5d922d5012ee0c2cbf10694 Mon Sep 17 00:00:00 2001 +From 450f4a50771fd36cdd170356f83ebab5ff0dea51 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonas=20=C3=85dahl?= Date: Mon, 11 Jun 2018 23:47:02 +0200 Subject: [PATCH 1/2] libvncserver: Add API to add custom I/O entry points @@ -7,16 +7,16 @@ Add API to make it possible to channel RFB input and output through another layer, for example TLS. This is done by making it possible to override the default read/write/peek functions. --- - libvncserver/rfbserver.c | 4 +++ - libvncserver/sockets.c | 64 +++++++++++++++++++++++++++++++++++++--- - rfb/rfb.h | 17 +++++++++++ - 3 files changed, 81 insertions(+), 4 deletions(-) + libvncserver/rfbserver.c | 4 ++ + libvncserver/sockets.c | 79 ++++++++++++++++++++++++++++++++++++---- + rfb/rfb.h | 17 +++++++++ + 3 files changed, 93 insertions(+), 7 deletions(-) diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c -index 7af6aed..fbedd9f 100644 +index 44ca2153..cee87dbb 100644 --- a/libvncserver/rfbserver.c +++ b/libvncserver/rfbserver.c -@@ -322,6 +322,10 @@ rfbNewTCPOrUDPClient(rfbScreenInfoPtr rfbScreen, +@@ -319,6 +319,10 @@ rfbNewTCPOrUDPClient(rfbScreenInfoPtr rfbScreen, cl->screen = rfbScreen; cl->sock = sock; @@ -28,10 +28,56 @@ index 7af6aed..fbedd9f 100644 /* setup pseudo scaling */ cl->scaledScreen = rfbScreen; diff --git a/libvncserver/sockets.c b/libvncserver/sockets.c -index bbc3d90..27515f2 100644 +index 2c87376b..4bb881ec 100644 --- a/libvncserver/sockets.c +++ b/libvncserver/sockets.c -@@ -589,6 +589,30 @@ rfbConnect(rfbScreenInfoPtr rfbScreen, +@@ -101,6 +101,9 @@ int deny_severity=LOG_WARNING; + int rfbMaxClientWait = 20000; /* time (ms) after which we decide client has + gone away - needed to stop us hanging */ + ++static rfbBool ++rfbHasPendingOnSocket(rfbClientPtr cl); ++ + static rfbBool + rfbNewConnectionFromSock(rfbScreenInfoPtr rfbScreen, rfbSocket sock) + { +@@ -364,16 +367,20 @@ rfbCheckFds(rfbScreenInfoPtr rfbScreen,long usec) + tv.tv_usec = usec; + nfds = select(rfbScreen->maxFd + 1, &fds, NULL, NULL /* &fds */, &tv); + if (nfds == 0) { ++ rfbBool hasPendingData = FALSE; ++ + /* timed out, check for async events */ + i = rfbGetClientIterator(rfbScreen); + while((cl = rfbClientIteratorNext(i))) { + if (cl->onHold) + continue; ++ hasPendingData |= rfbHasPendingOnSocket(cl); + if (FD_ISSET(cl->sock, &(rfbScreen->allFds))) + rfbSendFileTransferChunk(cl); + } + rfbReleaseClientIterator(i); +- return result; ++ if (!hasPendingData) ++ return result; + } + + if (nfds < 0) { +@@ -449,9 +456,11 @@ rfbCheckFds(rfbScreenInfoPtr rfbScreen,long usec) + if (cl->onHold) + continue; + +- if (FD_ISSET(cl->sock, &(rfbScreen->allFds))) ++ if (rfbHasPendingOnSocket (cl) || ++ FD_ISSET(cl->sock, &(rfbScreen->allFds))) + { +- if (FD_ISSET(cl->sock, &fds)) ++ if (rfbHasPendingOnSocket (cl) || ++ FD_ISSET(cl->sock, &fds)) + { + #ifdef LIBVNCSERVER_WITH_WEBSOCKETS + do { +@@ -614,6 +623,30 @@ rfbConnect(rfbScreenInfoPtr rfbScreen, return sock; } @@ -56,13 +102,13 @@ index bbc3d90..27515f2 100644 +static rfbBool +rfbHasPendingOnSocket(rfbClientPtr cl) +{ -+ cl->hasPendingOnSocket(cl); ++ return cl->hasPendingOnSocket(cl); +} + /* * ReadExact reads an exact number of bytes from a client. Returns 1 if * those bytes have been read, 0 if the other end has closed, or -1 if an error -@@ -610,10 +634,10 @@ rfbReadExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout) +@@ -635,10 +668,10 @@ rfbReadExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout) } else if (cl->sslctx) { n = rfbssl_read(cl, buf, len); } else { @@ -75,7 +121,7 @@ index bbc3d90..27515f2 100644 #endif if (n > 0) { -@@ -645,6 +669,10 @@ rfbReadExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout) +@@ -670,6 +703,10 @@ rfbReadExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout) continue; } #endif @@ -86,7 +132,7 @@ index bbc3d90..27515f2 100644 FD_ZERO(&fds); FD_SET(sock, &fds); tv.tv_sec = timeout / 1000; -@@ -681,6 +709,18 @@ int rfbReadExact(rfbClientPtr cl,char* buf,int len) +@@ -706,6 +743,18 @@ int rfbReadExact(rfbClientPtr cl,char* buf,int len) return(rfbReadExactTimeout(cl,buf,len,rfbMaxClientWait)); } @@ -105,7 +151,7 @@ index bbc3d90..27515f2 100644 /* * PeekExact peeks at an exact number of bytes from a client. Returns 1 if * those bytes have been read, 0 if the other end has closed, or -1 if an -@@ -701,7 +741,7 @@ rfbPeekExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout) +@@ -726,7 +775,7 @@ rfbPeekExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout) n = rfbssl_peek(cl, buf, len); else #endif @@ -114,7 +160,7 @@ index bbc3d90..27515f2 100644 if (n == len) { -@@ -757,6 +797,22 @@ rfbPeekExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout) +@@ -782,6 +831,22 @@ rfbPeekExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout) return 1; } @@ -137,7 +183,7 @@ index bbc3d90..27515f2 100644 /* * WriteExact writes an exact number of bytes to a client. Returns 1 if * those bytes have been written, or -1 if an error occurred (errno is set to -@@ -801,7 +857,7 @@ rfbWriteExact(rfbClientPtr cl, +@@ -826,7 +891,7 @@ rfbWriteExact(rfbClientPtr cl, n = rfbssl_write(cl, buf, len); else #endif @@ -147,12 +193,12 @@ index bbc3d90..27515f2 100644 if (n > 0) { diff --git a/rfb/rfb.h b/rfb/rfb.h -index f982b40..ba9e898 100644 +index 5e9ba86f..3c0b25a3 100644 --- a/rfb/rfb.h +++ b/rfb/rfb.h -@@ -413,6 +413,14 @@ typedef struct sraRegion* sraRegionPtr; - +@@ -387,6 +387,14 @@ typedef struct sraRegion* sraRegionPtr; typedef void (*ClientGoneHookPtr)(struct _rfbClientRec* cl); + typedef void (*ClientFramebufferUpdateRequestHookPtr)(struct _rfbClientRec* cl, rfbFramebufferUpdateRequestMsg* furMsg); +typedef int (*ClientReadFromSocket)(struct _rfbClientRec* cl, + char *buf, int len); @@ -165,10 +211,10 @@ index f982b40..ba9e898 100644 typedef struct _rfbFileTransferData { int fd; int compressionEnabled; -@@ -694,6 +702,11 @@ typedef struct _rfbClientRec { - #ifdef LIBVNCSERVER_HAVE_LIBPTHREAD - int pipe_notify_client_thread[2]; - #endif +@@ -680,6 +688,11 @@ typedef struct _rfbClientRec { + rfbBool useExtDesktopSize; + int requestedDesktopSizeChange; + int lastDesktopSizeChangeError; + + ClientReadFromSocket readFromSocket; /* Read data from socket */ + ClientPeekAtSocket peekAtSocket; /* Peek at data from socket */ @@ -177,7 +223,7 @@ index f982b40..ba9e898 100644 } rfbClientRec, *rfbClientPtr; /** -@@ -746,8 +759,12 @@ extern void rfbDisconnectUDPSock(rfbScre +@@ -732,8 +745,12 @@ extern void rfbDisconnectUDPSock(rfbScreenInfoPtr rfbScreen); extern void rfbCloseClient(rfbClientPtr cl); extern int rfbReadExact(rfbClientPtr cl, char *buf, int len); extern int rfbReadExactTimeout(rfbClientPtr cl, char *buf, int len,int timeout); @@ -188,5 +234,8 @@ index f982b40..ba9e898 100644 extern int rfbWriteExact(rfbClientPtr cl, const char *buf, int len); +extern int rfbDefaultWriteToSocket(rfbClientPtr cl, const char *buf, int len); extern int rfbCheckFds(rfbScreenInfoPtr rfbScreen,long usec); - extern int rfbConnect(rfbScreenInfoPtr rfbScreen, char* host, int port); - extern int rfbConnectToTcpAddr(char* host, int port); + extern rfbSocket rfbConnect(rfbScreenInfoPtr rfbScreen, char* host, int port); + extern rfbSocket rfbConnectToTcpAddr(char* host, int port); +-- +2.25.4 + diff --git a/0002-libvncserver-Add-channel-security-handlers.patch b/0002-libvncserver-Add-channel-security-handlers.patch index e922461..de2e421 100644 --- a/0002-libvncserver-Add-channel-security-handlers.patch +++ b/0002-libvncserver-Add-channel-security-handlers.patch @@ -1,4 +1,4 @@ -From c343c1b43080bcb45dad285faa5cd8926bfb9811 Mon Sep 17 00:00:00 2001 +From 30b947df1b25cf741f6863b4c3f77e0016aa4898 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonas=20=C3=85dahl?= Date: Mon, 11 Jun 2018 23:50:05 +0200 Subject: [PATCH 2/2] libvncserver: Add channel security handlers @@ -13,13 +13,13 @@ done by adding a single channel security handler with the rfbTLS (18) with a handler that initiates a TLS session, and when a TLS session is initiated, the regular security handler list is sent. --- - libvncserver/auth.c | 162 ++++++++++++++++++++++++++++++--------- + libvncserver/auth.c | 164 ++++++++++++++++++++++++++++++--------- libvncserver/rfbserver.c | 1 + rfb/rfb.h | 15 +++- - 3 files changed, 140 insertions(+), 38 deletions(-) + 3 files changed, 142 insertions(+), 38 deletions(-) diff --git a/libvncserver/auth.c b/libvncserver/auth.c -index 814a814..6581953 100644 +index 814a8142..55e0b3c9 100644 --- a/libvncserver/auth.c +++ b/libvncserver/auth.c @@ -37,18 +37,17 @@ void rfbClientSendString(rfbClientPtr cl, const char *reason); @@ -255,20 +255,22 @@ index 814a814..6581953 100644 if (securityType == rfbSecTypeInvalid) { rfbLog("VNC authentication disabled - RFB 3.3 client rejected\n"); rfbClientConnFailed(cl, "Your viewer cannot handle required " -@@ -316,9 +394,11 @@ rfbAuthNewClient(rfbClientPtr cl) +@@ -316,9 +394,13 @@ rfbAuthNewClient(rfbClientPtr cl) return; } rfbSendSecurityType(cl, securityType); + } else if (channelSecurityHandlers) { ++ rfbLog("Send channel security type list\n"); + rfbSendChannelSecurityTypeList(cl); } else { /* Here it's ok when securityType is set to rfbSecTypeInvalid. */ - rfbSendSecurityTypeList(cl, securityType); ++ rfbLog("Send channel security type 'none'\n"); + rfbSendSecurityTypeList(cl, RFB_SECURITY_TAG_NONE); } } -@@ -332,6 +412,7 @@ rfbProcessClientSecurityType(rfbClientPtr cl) +@@ -332,6 +414,7 @@ rfbProcessClientSecurityType(rfbClientPtr cl) int n; uint8_t chosenType; rfbSecurityHandler* handler; @@ -276,7 +278,7 @@ index 814a814..6581953 100644 /* Read the security type. */ n = rfbReadExact(cl, (char *)&chosenType, 1); -@@ -344,8 +425,17 @@ rfbProcessClientSecurityType(rfbClientPtr cl) +@@ -344,8 +427,17 @@ rfbProcessClientSecurityType(rfbClientPtr cl) return; } @@ -296,10 +298,10 @@ index 814a814..6581953 100644 rfbLog("rfbProcessClientSecurityType: executing handler for type %d\n", chosenType); handler->handler(cl); diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c -index fbedd9f..1e8b3c1 100644 +index cee87dbb..6efede61 100644 --- a/libvncserver/rfbserver.c +++ b/libvncserver/rfbserver.c -@@ -643,6 +643,7 @@ rfbProcessClientMessage(rfbClientPtr cl) +@@ -654,6 +654,7 @@ rfbProcessClientMessage(rfbClientPtr cl) case RFB_PROTOCOL_VERSION: rfbProcessClientProtocolVersion(cl); return; @@ -308,10 +310,10 @@ index fbedd9f..1e8b3c1 100644 rfbProcessClientSecurityType(cl); return; diff --git a/rfb/rfb.h b/rfb/rfb.h -index ba9e898..be58d08 100644 +index 3c0b25a3..d136f884 100644 --- a/rfb/rfb.h +++ b/rfb/rfb.h -@@ -182,6 +182,11 @@ typedef struct { +@@ -144,6 +144,11 @@ typedef struct { } data; /**< there have to be count*3 entries */ } rfbColourMap; @@ -323,7 +325,7 @@ index ba9e898..be58d08 100644 /** * Security handling (RFB protocol version 3.7) */ -@@ -190,6 +195,7 @@ typedef struct _rfbSecurity { +@@ -152,6 +157,7 @@ typedef struct _rfbSecurity { uint8_t type; void (*handler)(struct _rfbClientRec* cl); struct _rfbSecurity* next; @@ -331,7 +333,7 @@ index ba9e898..be58d08 100644 } rfbSecurityHandler; /** -@@ -506,7 +512,7 @@ typedef struct _rfbClientRec { +@@ -480,7 +486,7 @@ typedef struct _rfbClientRec { /** Possible client states: */ enum { RFB_PROTOCOL_VERSION, /**< establishing protocol version */ @@ -340,7 +342,7 @@ index ba9e898..be58d08 100644 RFB_AUTHENTICATION, /**< authenticating */ RFB_INITIALISATION, /**< sending initialisation messages */ RFB_NORMAL, /**< normal protocol messages */ -@@ -514,7 +520,9 @@ typedef struct _rfbClientRec { +@@ -488,7 +494,9 @@ typedef struct _rfbClientRec { /* Ephemeral internal-use states that will never be seen by software * using LibVNCServer to provide services: */ @@ -351,7 +353,7 @@ index ba9e898..be58d08 100644 } state; rfbBool reverseConnection; -@@ -855,6 +863,9 @@ extern void rfbProcessClientSecurityType(rfbClientPtr cl); +@@ -840,6 +848,9 @@ extern void rfbProcessClientSecurityType(rfbClientPtr cl); extern void rfbAuthProcessClientMessage(rfbClientPtr cl); extern void rfbRegisterSecurityHandler(rfbSecurityHandler* handler); extern void rfbUnregisterSecurityHandler(rfbSecurityHandler* handler); @@ -362,5 +364,5 @@ index ba9e898..be58d08 100644 /* rre.c */ -- -2.17.1 +2.25.4 diff --git a/libvncserver.spec b/libvncserver.spec index 018f8a8..b97c9eb 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,7 +1,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.13 -Release: 1%{?dist} +Release: 2%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -80,8 +80,8 @@ developing applications that use %{name}. %setup -q -n %{name}-LibVNCServer-%{version} ## FIXME: needs rebasing -#patch10 -p1 -b .tls-1 -#patch11 -p1 -b .tls-2 +%patch10 -p1 -b .tls-1 +%patch11 -p1 -b .tls-2 %patch102 -p1 -b .crypto_policy @@ -125,6 +125,9 @@ popd %changelog +* Thu Jul 02 2020 Rex Dieter - 0.9.13-2 +- tls patches rebased + * Thu Jul 02 2020 Rex Dieter - 0.9.13-1 - 0.9.13 - FIXME/TODO: tls patches need rebasing, work-in-progress From 9bcfe94d9327e2f1b2efcb29ba9eb28d9e4acb9a Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Thu, 2 Jul 2020 09:18:09 -0500 Subject: [PATCH 71/81] fix/cleanup/tighten %%files for library sonames --- libvncserver.spec | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/libvncserver.spec b/libvncserver.spec index b97c9eb..89ae80d 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -112,8 +112,10 @@ popd %files %license COPYING %doc AUTHORS ChangeLog NEWS* README* TODO* -%{_libdir}/libvncclient.so.1* -%{_libdir}/libvncserver.so.1* +%{_libdir}/libvncclient.so.1 +%{_libdir}/libvncclient.so.%{version} +%{_libdir}/libvncserver.so.1 +%{_libdir}/libvncserver.so.%{version} %files devel #{_bindir}/libvncserver-config From 05a67725dc622d56f1370444f10873045aad12a3 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Tue, 28 Jul 2020 05:53:23 +0000 Subject: [PATCH 72/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index 89ae80d..e9cb6d5 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,7 +1,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.13 -Release: 2%{?dist} +Release: 3%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -127,6 +127,9 @@ popd %changelog +* Tue Jul 28 2020 Fedora Release Engineering - 0.9.13-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + * Thu Jul 02 2020 Rex Dieter - 0.9.13-2 - tls patches rebased From 7cf63d9da2beecedabc00d3742701da61f1dc2bd Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Sat, 1 Aug 2020 04:13:10 +0000 Subject: [PATCH 73/81] - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- libvncserver.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index e9cb6d5..c1c26c2 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,7 +1,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.13 -Release: 3%{?dist} +Release: 4%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -127,6 +127,10 @@ popd %changelog +* Sat Aug 01 2020 Fedora Release Engineering - 0.9.13-4 +- Second attempt - Rebuilt for + https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + * Tue Jul 28 2020 Fedora Release Engineering - 0.9.13-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild From 0a645f90c721ec6867039c4185b29e15d166aa7d Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Mon, 3 Aug 2020 14:34:05 -0500 Subject: [PATCH 74/81] use new cmake macros --- libvncserver.spec | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/libvncserver.spec b/libvncserver.spec index c1c26c2..b249752 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,7 +1,9 @@ +%undefine __cmake_in_source_build + Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.13 -Release: 4%{?dist} +Release: 5%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -98,14 +100,14 @@ done %build -mkdir -p %{_target_platform} -pushd %{_target_platform} -%cmake3 .. -popd -%make_build -C %{_target_platform} +%cmake3 + +%cmake_build + %install -%make_install -C %{_target_platform} +%cmake_install + %ldconfig_scriptlets @@ -127,6 +129,9 @@ popd %changelog +* Mon Aug 03 2020 Rex Dieter - 0.9.13-5 +- use new cmake macros + * Sat Aug 01 2020 Fedora Release Engineering - 0.9.13-4 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild From 8f4e5de62ce7e9d0b9d4256ded971b58d8158c3b Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Tue, 25 Aug 2020 16:22:57 -0500 Subject: [PATCH 75/81] -devel: +Requires: zlib-devel --- libvncserver.spec | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index b249752..668c230 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -3,7 +3,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.13 -Release: 5%{?dist} +Release: 6%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -72,6 +72,8 @@ Summary: Development files for %{name} Requires: %{name}%{?_isa} = %{version}-%{release} # libvncserver-config deps Requires: coreutils +# /usr/include/rfb/rfbproto.h:#include +Requires: zlib-devel %description devel The %{name}-devel package contains libraries and header files for @@ -129,6 +131,9 @@ done %changelog +* Tue Aug 25 2020 Rex Dieter - 0.9.13-6 +- -devel: +Requires: zlib-devel + * Mon Aug 03 2020 Rex Dieter - 0.9.13-5 - use new cmake macros From ef4793207b35ab6b92c98c0c5d5fb6c7d36ce746 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonas=20=C3=85dahl?= Date: Mon, 14 Sep 2020 10:15:23 +0200 Subject: [PATCH 76/81] Add API to unregister security handler --- ...unregister-built-in-security-handler.patch | 47 +++++++++++++++++++ libvncserver.spec | 7 ++- 2 files changed, 53 insertions(+), 1 deletion(-) create mode 100644 0003-auth-Add-API-to-unregister-built-in-security-handler.patch diff --git a/0003-auth-Add-API-to-unregister-built-in-security-handler.patch b/0003-auth-Add-API-to-unregister-built-in-security-handler.patch new file mode 100644 index 0000000..5c4a84d --- /dev/null +++ b/0003-auth-Add-API-to-unregister-built-in-security-handler.patch @@ -0,0 +1,47 @@ +From 42815c7a5672edb16ab810378b7c34b3e8e74832 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jonas=20=C3=85dahl?= +Date: Wed, 27 Nov 2019 16:58:29 +0100 +Subject: [PATCH 3/3] auth: Add API to unregister built in security handlers + +If I have a VNC server that first accepts password based authentication, +then switches to something not using password (e.g. a prompt on screen), +the security handler from the first would still be sent as, meaning +clients would still ask for a password without there being one. +--- + libvncserver/auth.c | 7 +++++++ + rfb/rfb.h | 1 + + 2 files changed, 8 insertions(+) + +diff --git a/libvncserver/auth.c b/libvncserver/auth.c +index fc74c800..94b46fd6 100644 +--- a/libvncserver/auth.c ++++ b/libvncserver/auth.c +@@ -248,6 +248,13 @@ determinePrimarySecurityType(rfbClientPtr cl) + } + } + ++void ++rfbUnregisterPrimarySecurityHandlers (void) ++{ ++ rfbUnregisterSecurityHandler(&VncSecurityHandlerNone); ++ rfbUnregisterSecurityHandler(&VncSecurityHandlerVncAuth); ++} ++ + void + rfbSendSecurityTypeList(rfbClientPtr cl, + enum rfbSecurityTag exclude) +diff --git a/rfb/rfb.h b/rfb/rfb.h +index f56bd47d..d1763c6c 100644 +--- a/rfb/rfb.h ++++ b/rfb/rfb.h +@@ -856,6 +856,7 @@ extern void rfbUnregisterSecurityHandler(rfbSecurityHandler* handler); + extern void rfbRegisterChannelSecurityHandler(rfbSecurityHandler* handler); + extern void rfbUnregisterChannelSecurityHandler(rfbSecurityHandler* handler); + extern void rfbSendSecurityTypeList(rfbClientPtr cl, enum rfbSecurityTag exclude); ++extern void rfbUnregisterPrimarySecurityHandlers (void); + + /* rre.c */ + +-- +2.26.2 + diff --git a/libvncserver.spec b/libvncserver.spec index 668c230..49e6624 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -3,7 +3,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.13 -Release: 6%{?dist} +Release: 7%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -14,6 +14,8 @@ Source0: https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{versio # https://github.com/LibVNC/libvncserver/pull/234 Patch10: 0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch Patch11: 0002-libvncserver-Add-channel-security-handlers.patch +# https://github.com/LibVNC/libvncserver/pull/350 +Patch12: 0003-auth-Add-API-to-unregister-built-in-security-handler.patch ## downstream patches Patch102: libvncserver-LibVNCServer-0.9.13-system-crypto-policy.patch @@ -131,6 +133,9 @@ done %changelog +* Mon Sep 14 2020 Jonas Ådahl - 0.9.13-7 +- Add API to unregister security handlers + * Tue Aug 25 2020 Rex Dieter - 0.9.13-6 - -devel: +Requires: zlib-devel From 5cf3fbdaabc5557a04e811cad04833469b8cab38 Mon Sep 17 00:00:00 2001 From: Adam Williamson Date: Fri, 9 Oct 2020 16:28:47 -0700 Subject: [PATCH 77/81] Rebase patches so all apply, backport crasher fix (#1882718) --- ...d-API-to-add-custom-I-O-entry-points.patch | 8 ++-- ...server-Add-channel-security-handlers.patch | 10 ++-- ...unregister-built-in-security-handler.patch | 47 ------------------- ...h-don-t-keep-security-handlers-from-.patch | 32 +++++++++++++ ...Clear-buffer-pointers-on-cleanup-444.patch | 45 ++++++++++++++++++ libvncserver.spec | 17 +++++-- 6 files changed, 99 insertions(+), 60 deletions(-) delete mode 100644 0003-auth-Add-API-to-unregister-built-in-security-handler.patch create mode 100644 0003-libvncserver-auth-don-t-keep-security-handlers-from-.patch create mode 100644 0004-zlib-Clear-buffer-pointers-on-cleanup-444.patch diff --git a/0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch b/0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch index af27908..5d85b09 100644 --- a/0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch +++ b/0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch @@ -1,7 +1,7 @@ -From 450f4a50771fd36cdd170356f83ebab5ff0dea51 Mon Sep 17 00:00:00 2001 +From e4849b01fec4494057728d1aa3a165ed21705682 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonas=20=C3=85dahl?= Date: Mon, 11 Jun 2018 23:47:02 +0200 -Subject: [PATCH 1/2] libvncserver: Add API to add custom I/O entry points +Subject: [PATCH 1/4] libvncserver: Add API to add custom I/O entry points Add API to make it possible to channel RFB input and output through another layer, for example TLS. This is done by making it possible to @@ -13,7 +13,7 @@ override the default read/write/peek functions. 3 files changed, 93 insertions(+), 7 deletions(-) diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c -index 44ca2153..cee87dbb 100644 +index e9eaa5fc..72e9ba79 100644 --- a/libvncserver/rfbserver.c +++ b/libvncserver/rfbserver.c @@ -319,6 +319,10 @@ rfbNewTCPOrUDPClient(rfbScreenInfoPtr rfbScreen, @@ -237,5 +237,5 @@ index 5e9ba86f..3c0b25a3 100644 extern rfbSocket rfbConnect(rfbScreenInfoPtr rfbScreen, char* host, int port); extern rfbSocket rfbConnectToTcpAddr(char* host, int port); -- -2.25.4 +2.28.0 diff --git a/0002-libvncserver-Add-channel-security-handlers.patch b/0002-libvncserver-Add-channel-security-handlers.patch index de2e421..eb2aa9f 100644 --- a/0002-libvncserver-Add-channel-security-handlers.patch +++ b/0002-libvncserver-Add-channel-security-handlers.patch @@ -1,7 +1,7 @@ -From 30b947df1b25cf741f6863b4c3f77e0016aa4898 Mon Sep 17 00:00:00 2001 +From c9131a78878a785c3de21e9d49521d7b68400ad7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonas=20=C3=85dahl?= Date: Mon, 11 Jun 2018 23:50:05 +0200 -Subject: [PATCH 2/2] libvncserver: Add channel security handlers +Subject: [PATCH 2/4] libvncserver: Add channel security handlers Add another type of security handler that is meant to be used initially to set up a secure channel. Regular security handlers would be @@ -298,10 +298,10 @@ index 814a8142..55e0b3c9 100644 rfbLog("rfbProcessClientSecurityType: executing handler for type %d\n", chosenType); handler->handler(cl); diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c -index cee87dbb..6efede61 100644 +index 72e9ba79..48eada64 100644 --- a/libvncserver/rfbserver.c +++ b/libvncserver/rfbserver.c -@@ -654,6 +654,7 @@ rfbProcessClientMessage(rfbClientPtr cl) +@@ -652,6 +652,7 @@ rfbProcessClientMessage(rfbClientPtr cl) case RFB_PROTOCOL_VERSION: rfbProcessClientProtocolVersion(cl); return; @@ -364,5 +364,5 @@ index 3c0b25a3..d136f884 100644 /* rre.c */ -- -2.25.4 +2.28.0 diff --git a/0003-auth-Add-API-to-unregister-built-in-security-handler.patch b/0003-auth-Add-API-to-unregister-built-in-security-handler.patch deleted file mode 100644 index 5c4a84d..0000000 --- a/0003-auth-Add-API-to-unregister-built-in-security-handler.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 42815c7a5672edb16ab810378b7c34b3e8e74832 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Jonas=20=C3=85dahl?= -Date: Wed, 27 Nov 2019 16:58:29 +0100 -Subject: [PATCH 3/3] auth: Add API to unregister built in security handlers - -If I have a VNC server that first accepts password based authentication, -then switches to something not using password (e.g. a prompt on screen), -the security handler from the first would still be sent as, meaning -clients would still ask for a password without there being one. ---- - libvncserver/auth.c | 7 +++++++ - rfb/rfb.h | 1 + - 2 files changed, 8 insertions(+) - -diff --git a/libvncserver/auth.c b/libvncserver/auth.c -index fc74c800..94b46fd6 100644 ---- a/libvncserver/auth.c -+++ b/libvncserver/auth.c -@@ -248,6 +248,13 @@ determinePrimarySecurityType(rfbClientPtr cl) - } - } - -+void -+rfbUnregisterPrimarySecurityHandlers (void) -+{ -+ rfbUnregisterSecurityHandler(&VncSecurityHandlerNone); -+ rfbUnregisterSecurityHandler(&VncSecurityHandlerVncAuth); -+} -+ - void - rfbSendSecurityTypeList(rfbClientPtr cl, - enum rfbSecurityTag exclude) -diff --git a/rfb/rfb.h b/rfb/rfb.h -index f56bd47d..d1763c6c 100644 ---- a/rfb/rfb.h -+++ b/rfb/rfb.h -@@ -856,6 +856,7 @@ extern void rfbUnregisterSecurityHandler(rfbSecurityHandler* handler); - extern void rfbRegisterChannelSecurityHandler(rfbSecurityHandler* handler); - extern void rfbUnregisterChannelSecurityHandler(rfbSecurityHandler* handler); - extern void rfbSendSecurityTypeList(rfbClientPtr cl, enum rfbSecurityTag exclude); -+extern void rfbUnregisterPrimarySecurityHandlers (void); - - /* rre.c */ - --- -2.26.2 - diff --git a/0003-libvncserver-auth-don-t-keep-security-handlers-from-.patch b/0003-libvncserver-auth-don-t-keep-security-handlers-from-.patch new file mode 100644 index 0000000..2f736d0 --- /dev/null +++ b/0003-libvncserver-auth-don-t-keep-security-handlers-from-.patch @@ -0,0 +1,32 @@ +From 2a77dd86a97fa5f4735f678599cea839ba09009c Mon Sep 17 00:00:00 2001 +From: Christian Beier +Date: Sun, 9 Aug 2020 20:11:26 +0200 +Subject: [PATCH 3/4] libvncserver/auth: don't keep security handlers from + previous runs + +Whyohsoever security handlers are stored in a variable global to the +application, not in the rfbScreen struct. This meant that security +handlers registered once would stick around forever before this commit. +--- + libvncserver/auth.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/libvncserver/auth.c b/libvncserver/auth.c +index 55e0b3c9..fc74c800 100644 +--- a/libvncserver/auth.c ++++ b/libvncserver/auth.c +@@ -264,9 +264,11 @@ rfbSendSecurityTypeList(rfbClientPtr cl, + primaryType = determinePrimarySecurityType(cl); + switch (primaryType) { + case rfbSecTypeNone: ++ rfbUnregisterSecurityHandler(&VncSecurityHandlerVncAuth); + rfbRegisterSecurityHandler(&VncSecurityHandlerNone); + break; + case rfbSecTypeVncAuth: ++ rfbUnregisterSecurityHandler(&VncSecurityHandlerNone); + rfbRegisterSecurityHandler(&VncSecurityHandlerVncAuth); + break; + } +-- +2.28.0 + diff --git a/0004-zlib-Clear-buffer-pointers-on-cleanup-444.patch b/0004-zlib-Clear-buffer-pointers-on-cleanup-444.patch new file mode 100644 index 0000000..d45dfeb --- /dev/null +++ b/0004-zlib-Clear-buffer-pointers-on-cleanup-444.patch @@ -0,0 +1,45 @@ +From 641610b961a732bb68f111536ebf8c42be20f05b Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jonas=20=C3=85dahl?= +Date: Wed, 16 Sep 2020 17:35:49 +0200 +Subject: [PATCH 4/4] zlib: Clear buffer pointers on cleanup (#444) + +The pointers to the buffers were freed, and the size fields were set to +0, but the buffer pointers themsef was not set to NULL, when shutting +down, meaning the next time used, NULL checks would not tell whether the +pointer is valid. This caused crashes ending with + + #0 0x00007ffff73729e5 in raise () from /lib64/libc.so.6 + #1 0x00007ffff735b895 in abort () from /lib64/libc.so.6 + #2 0x00007ffff73b6857 in __libc_message () from /lib64/libc.so.6 + #3 0x00007ffff73bdd7c in malloc_printerr () from /lib64/libc.so.6 + #4 0x00007ffff73c2f1a in realloc () from /lib64/libc.so.6 + #5 0x00007ffff78b558e in rfbSendOneRectEncodingZlib (cl=0x4a4b80, x=0, y=0, w=800, h=40) at /home/jonas/Dev/gnome/libvncserver/libvncserver/zlib.c:106 + #6 0x00007ffff78b5dec in rfbSendRectEncodingZlib (cl=0x4a4b80, x=0, y=0, w=800, h=600) at /home/jonas/Dev/gnome/libvncserver/libvncserver/zlib.c:308 + #7 0x00007ffff7899453 in rfbSendFramebufferUpdate (cl=0x4a4b80, givenUpdateRegion=0x49ef70) at /home/jonas/Dev/gnome/libvncserver/libvncserver/rfbserver.c:3264 + #8 0x00007ffff789079d in rfbUpdateClient (cl=0x4a4b80) at /home/jonas/Dev/gnome/libvncserver/libvncserver/main.c:1275 + #9 0x00007ffff78905f5 in rfbProcessEvents (screen=0x4d5790, usec=0) at /home/jonas/Dev/gnome/libvncserver/libvncserver/main.c:1251 +--- + libvncserver/zlib.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/libvncserver/zlib.c b/libvncserver/zlib.c +index d24d7d15..5c3a8236 100644 +--- a/libvncserver/zlib.c ++++ b/libvncserver/zlib.c +@@ -64,11 +64,13 @@ void rfbZlibCleanup(rfbScreenInfoPtr screen) + { + if (zlibBeforeBufSize) { + free(zlibBeforeBuf); ++ zlibBeforeBuf = NULL; + zlibBeforeBufSize=0; + } + if (zlibAfterBufSize) { + zlibAfterBufSize=0; + free(zlibAfterBuf); ++ zlibAfterBuf = NULL; + } + } + +-- +2.28.0 + diff --git a/libvncserver.spec b/libvncserver.spec index 49e6624..c733a32 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -3,7 +3,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.13 -Release: 7%{?dist} +Release: 8%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -14,8 +14,12 @@ Source0: https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{versio # https://github.com/LibVNC/libvncserver/pull/234 Patch10: 0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch Patch11: 0002-libvncserver-Add-channel-security-handlers.patch -# https://github.com/LibVNC/libvncserver/pull/350 -Patch12: 0003-auth-Add-API-to-unregister-built-in-security-handler.patch +# https://github.com/LibVNC/libvncserver/commit/87c52ee0551b7c4e76855d270d475b9e3039fe08 +Patch12: 0003-libvncserver-auth-don-t-keep-security-handlers-from-.patch +# Fix crash on all runs after the first +# https://github.com/LibVNC/libvncserver/pull/444 +# https://bugzilla.redhat.com/show_bug.cgi?id=1882718 +Patch13: 0004-zlib-Clear-buffer-pointers-on-cleanup-444.patch ## downstream patches Patch102: libvncserver-LibVNCServer-0.9.13-system-crypto-policy.patch @@ -85,9 +89,10 @@ developing applications that use %{name}. %prep %setup -q -n %{name}-LibVNCServer-%{version} -## FIXME: needs rebasing %patch10 -p1 -b .tls-1 %patch11 -p1 -b .tls-2 +%patch12 -p1 -b .handlers +%patch13 -p1 -b .pointers %patch102 -p1 -b .crypto_policy @@ -133,6 +138,10 @@ done %changelog +* Fri Oct 09 2020 Adam Williamson - 0.9.13-8 +- Rebase all patches so Patch12 applies +- Backport PR #444 to fix crash on all runs after the first (#1882718) + * Mon Sep 14 2020 Jonas Ådahl - 0.9.13-7 - Add API to unregister security handlers From 5c28be294effad456b17655b1a08b334c32ff9f5 Mon Sep 17 00:00:00 2001 From: Adam Williamson Date: Mon, 12 Oct 2020 11:10:55 -0700 Subject: [PATCH 78/81] Backport another crasher fix (#1882718) --- ...-t-NULL-out-internal-of-the-default-.patch | 28 +++++++++++++++++++ libvncserver.spec | 10 ++++++- 2 files changed, 37 insertions(+), 1 deletion(-) create mode 100644 0001-libvncserver-don-t-NULL-out-internal-of-the-default-.patch diff --git a/0001-libvncserver-don-t-NULL-out-internal-of-the-default-.patch b/0001-libvncserver-don-t-NULL-out-internal-of-the-default-.patch new file mode 100644 index 0000000..11d0f7e --- /dev/null +++ b/0001-libvncserver-don-t-NULL-out-internal-of-the-default-.patch @@ -0,0 +1,28 @@ +From d138cf90130b0e8d5062f136ecdbcaa85e734d5d Mon Sep 17 00:00:00 2001 +From: Christian Beier +Date: Mon, 20 Jul 2020 22:33:29 +0200 +Subject: [PATCH] libvncserver: don't NULL out internal of the default cursor + +...otherwise an rfbScreen created after rfbScreenCleanup() was called +gets assigned an invalid cursor struct. +--- + libvncserver/main.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/libvncserver/main.c b/libvncserver/main.c +index 9149fda3..a3a711e3 100644 +--- a/libvncserver/main.c ++++ b/libvncserver/main.c +@@ -1110,7 +1110,8 @@ void rfbScreenCleanup(rfbScreenInfoPtr screen) + FREE_IF(underCursorBuffer); + TINI_MUTEX(screen->cursorMutex); + +- rfbFreeCursor(screen->cursor); ++ if(screen->cursor != &myCursor) ++ rfbFreeCursor(screen->cursor); + + #ifdef LIBVNCSERVER_HAVE_LIBZ + rfbZlibCleanup(screen); +-- +2.28.0 + diff --git a/libvncserver.spec b/libvncserver.spec index c733a32..d67a942 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -3,7 +3,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.13 -Release: 8%{?dist} +Release: 9%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -20,6 +20,10 @@ Patch12: 0003-libvncserver-auth-don-t-keep-security-handlers-from-.patch # https://github.com/LibVNC/libvncserver/pull/444 # https://bugzilla.redhat.com/show_bug.cgi?id=1882718 Patch13: 0004-zlib-Clear-buffer-pointers-on-cleanup-444.patch +# Fix another crasher +# https://gitlab.gnome.org/GNOME/gnome-remote-desktop/-/issues/45 +# https://bugzilla.redhat.com/show_bug.cgi?id=1882718 +Patch14: 0001-libvncserver-don-t-NULL-out-internal-of-the-default-.patch ## downstream patches Patch102: libvncserver-LibVNCServer-0.9.13-system-crypto-policy.patch @@ -93,6 +97,7 @@ developing applications that use %{name}. %patch11 -p1 -b .tls-2 %patch12 -p1 -b .handlers %patch13 -p1 -b .pointers +%patch14 -p1 -b .cursor_null %patch102 -p1 -b .crypto_policy @@ -138,6 +143,9 @@ done %changelog +* Mon Oct 12 2020 Adam Williamson - 0.9.13-9 +- Backport another crasher fix (#1882718) + * Fri Oct 09 2020 Adam Williamson - 0.9.13-8 - Rebase all patches so Patch12 applies - Backport PR #444 to fix crash on all runs after the first (#1882718) From 832d9c251cc5568e81e8cc6663d1adac616340b8 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Tue, 26 Jan 2021 18:18:21 +0000 Subject: [PATCH 79/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index d67a942..b3fbf9c 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -3,7 +3,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.13 -Release: 9%{?dist} +Release: 10%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -143,6 +143,9 @@ done %changelog +* Tue Jan 26 2021 Fedora Release Engineering - 0.9.13-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + * Mon Oct 12 2020 Adam Williamson - 0.9.13-9 - Backport another crasher fix (#1882718) From 0ad94687eceb85a53a1987aa4c356b8fbe70b6d9 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 22 Jul 2021 12:43:20 +0000 Subject: [PATCH 80/81] - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- libvncserver.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libvncserver.spec b/libvncserver.spec index b3fbf9c..fb464cd 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -3,7 +3,7 @@ Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.13 -Release: 10%{?dist} +Release: 11%{?dist} # NOTE: --with-filetransfer => GPLv2 License: GPLv2+ @@ -143,6 +143,9 @@ done %changelog +* Thu Jul 22 2021 Fedora Release Engineering - 0.9.13-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + * Tue Jan 26 2021 Fedora Release Engineering - 0.9.13-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild From 1ee1abff9370e058f2f5e6792a27a3de32f9c3a0 Mon Sep 17 00:00:00 2001 From: MSVSphere Packaging Team Date: Mon, 30 Oct 2023 23:20:23 +0300 Subject: [PATCH 81/81] Remove unnecessary files --- sources | 1 - 1 file changed, 1 deletion(-) delete mode 100644 sources diff --git a/sources b/sources deleted file mode 100644 index 07072b2..0000000 --- a/sources +++ /dev/null @@ -1 +0,0 @@ -SHA512 (LibVNCServer-0.9.13.tar.gz) = 18b0a1698d32bbdbfe6f65f76130b2a95860e3cc76e8adb904269663698c7c0ae982f451fda1f25e5461f096045d40a89d9014258f439366d5b4feaa4999d643