rpms
/
libvncserver
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

0.9.13

Browse Source 
FIXME/TODO: tls patches need rebasing, work-in-progress
epel9
Rex Dieter 5 years ago
parent b8138f6b1a
commit ef2f30c801
11 changed files with 30 additions and 254 deletions
Show Stats Download Patch File Download Diff File

1
.gitignore vendored
Unescape View File

@ -5,3 +5,4 @@
/LibVNCServer-0.9.10.tar.gz /LibVNCServer-0.9.10.tar.gz
/LibVNCServer-0.9.11.tar.gz /LibVNCServer-0.9.11.tar.gz
/LibVNCServer-0.9.12.tar.gz /LibVNCServer-0.9.12.tar.gz
/LibVNCServer-0.9.13.tar.gz

25
15c4f144a3783d9f1f2c976acf9f4d85988fd466.patch
Unescape View File

@ -1,25 +0,0 @@
From 15c4f144a3783d9f1f2c976acf9f4d85988fd466 Mon Sep 17 00:00:00 2001
From: Albert Astals Cid <aacid@kde.org>
Date: Sun, 5 Jan 2020 19:56:57 +0100
Subject: [PATCH] rfbShutdownServer: Call rfbClientConnectionGone if no
backgroundLoop
Otherwise the servers that don't use rfbRunEventLoop don't get
notified of client disconnections
---
libvncserver/main.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libvncserver/main.c b/libvncserver/main.c
index b51f0ab6..738a501d 100644
--- a/libvncserver/main.c
+++ b/libvncserver/main.c
@@ -1152,6 +1152,8 @@ void rfbShutdownServer(rfbScreenInfoPtr screen,rfbBool disconnectClients) {
write(currentCl->pipe_notify_client_thread[1], "\x00", 1);
/* And wait for it to finish. */
pthread_join(currentCl->client_thread, NULL);
+ } else {
+ rfbClientConnectionGone(currentCl);
}
#else
rfbClientConnectionGone(currentCl);

42
3348a7e42e86dfb98dd7458ad29def476cf6096f.patch
Unescape View File

@ -1,42 +0,0 @@
From 3348a7e42e86dfb98dd7458ad29def476cf6096f Mon Sep 17 00:00:00 2001
From: Christian Beier <dontmind@freeshell.org>
Date: Sat, 9 Feb 2019 13:23:26 +0100
Subject: [PATCH] CMake: replace hardcoded 'lib' with ${CMAKE_INSTALL_LIBDIR}
Closes #281
---
CMakeLists.txt | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 873cc7b5..55f7e650 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -9,6 +9,7 @@ include(CheckTypeSize)
include(TestBigEndian)
include(CheckCSourceCompiles)
include(CheckCSourceRuns)
+include(GNUInstallDirs)
enable_testing()
@@ -666,8 +667,8 @@ get_link_libraries(PRIVATE_LIBS vncclient)
configure_file(${CMAKE_CURRENT_SOURCE_DIR}/libvncclient.pc.cmakein ${CMAKE_CURRENT_BINARY_DIR}/libvncclient.pc @ONLY)
-install_targets(/lib vncserver)
-install_targets(/lib vncclient)
+install_targets(/${CMAKE_INSTALL_LIBDIR} vncserver)
+install_targets(/${CMAKE_INSTALL_LIBDIR} vncclient)
install_files(/include/rfb FILES
rfb/keysym.h
rfb/rfb.h
@@ -677,7 +678,7 @@ install_files(/include/rfb FILES
rfb/rfbregion.h
)
-install_files(/lib/pkgconfig FILES
+install_files(/${CMAKE_INSTALL_LIBDIR}/pkgconfig FILES
libvncserver.pc
libvncclient.pc
)

38
36a71279ed5b10effecd879caf6c3791842ca713.patch
Unescape View File

@ -1,38 +0,0 @@
From 36a71279ed5b10effecd879caf6c3791842ca713 Mon Sep 17 00:00:00 2001
From: Christian Beier <dontmind@freeshell.org>
Date: Thu, 28 Mar 2019 21:06:36 +0100
Subject: [PATCH] CMake: replace 'lib' with ${CMAKE_INSTALL_LIBDIR} for
pkgconfig files as well
Thanks to https://github.com/ikelos for spotting this ;-)
Closes #290
---
libvncclient.pc.cmakein | 2 +-
libvncserver.pc.cmakein | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/libvncclient.pc.cmakein b/libvncclient.pc.cmakein
index 169a8b7c..445f7e74 100644
--- a/libvncclient.pc.cmakein
+++ b/libvncclient.pc.cmakein
@@ -1,6 +1,6 @@
prefix=@CMAKE_INSTALL_PREFIX@
exec_prefix=@CMAKE_INSTALL_PREFIX@
-libdir=@CMAKE_INSTALL_PREFIX@/lib
+libdir=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@
includedir=@CMAKE_INSTALL_PREFIX@/include
Name: LibVNCClient
diff --git a/libvncserver.pc.cmakein b/libvncserver.pc.cmakein
index f38d74fe..c6898061 100644
--- a/libvncserver.pc.cmakein
+++ b/libvncserver.pc.cmakein
@@ -1,6 +1,6 @@
prefix=@CMAKE_INSTALL_PREFIX@
exec_prefix=@CMAKE_INSTALL_PREFIX@
-libdir=@CMAKE_INSTALL_PREFIX@/lib
+libdir=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@
includedir=@CMAKE_INSTALL_PREFIX@/include
Name: LibVNCServer

44
CVE-2018-15127.patch
Unescape View File

@ -1,44 +0,0 @@
From 09e8fc02f59f16e2583b34fe1a270c238bd9ffec Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Mon, 7 Jan 2019 10:40:01 +0100
Subject: [PATCH] Limit lenght to INT_MAX bytes in
rfbProcessFileTransferReadBuffer()
This ammends 15bb719c03cc70f14c36a843dcb16ed69b405707 fix for a heap
out-of-bound write access in rfbProcessFileTransferReadBuffer() when
reading a transfered file content in a server. The former fix did not
work on platforms with a 32-bit int type (expected by rfbReadExact()).
CVE-2018-15127
<https://github.com/LibVNC/libvncserver/issues/243>
<https://github.com/LibVNC/libvncserver/issues/273>
---
libvncserver/rfbserver.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
index 7af84906..f2edbeea 100644
--- a/libvncserver/rfbserver.c
+++ b/libvncserver/rfbserver.c
@@ -88,6 +88,8 @@
#include <errno.h>
/* strftime() */
#include <time.h>
+/* INT_MAX */
+#include <limits.h>
#ifdef LIBVNCSERVER_WITH_WEBSOCKETS
#include "rfbssl.h"
@@ -1472,8 +1474,11 @@ char *rfbProcessFileTransferReadBuffer(rfbClientPtr cl, uint32_t length)
0XFFFFFFFF, i.e. SIZE_MAX for 32-bit systems. On 64-bit systems, a length of 0XFFFFFFFF
will safely be allocated since this check will never trigger and malloc() can digest length+1
without problems as length is a uint32_t.
+ We also later pass length to rfbReadExact() that expects a signed int type and
+ that might wrap on platforms with a 32-bit int type if length is bigger
+ than 0X7FFFFFFF.
*/
- if(length == SIZE_MAX) {
+ if(length == SIZE_MAX || length > INT_MAX) {
rfbErr("rfbProcessFileTransferReadBuffer: too big file transfer length requested: %u", (unsigned int)length);
rfbCloseClient(cl);
return NULL;

23
CVE-2019-15681.patch
Unescape View File

@ -1,23 +0,0 @@
From d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a Mon Sep 17 00:00:00 2001
From: Christian Beier <dontmind@freeshell.org>
Date: Mon, 19 Aug 2019 22:32:25 +0200
Subject: [PATCH] rfbserver: don't leak stack memory to the remote
Thanks go to Pavel Cheremushkin of Kaspersky for reporting.
---
libvncserver/rfbserver.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
index 3bacc891..310e5487 100644
--- a/libvncserver/rfbserver.c
+++ b/libvncserver/rfbserver.c
@@ -3724,6 +3724,8 @@ rfbSendServerCutText(rfbScreenInfoPtr rfbScreen,char *str, int len)
rfbServerCutTextMsg sct;
rfbClientIteratorPtr iterator;
+ memset((char *)&sct, 0, sizeof(sct));
+
iterator = rfbGetClientIterator(rfbScreen);
while ((cl = rfbClientIteratorNext(iterator)) != NULL) {
sct.type = rfbServerCutText;

26
LibVNCServer-0.9.10-system-crypto-policy.patch
Unescape View File

@ -1,26 +0,0 @@
diff -Naur libvncserver-LibVNCServer-0.9.10.old/libvncclient/tls_gnutls.c libvncserver-LibVNCServer-0.9.10/libvncclient/tls_gnutls.c
--- libvncserver-LibVNCServer-0.9.10.old/libvncclient/tls_gnutls.c 2015-12-12 00:14:37.269157918 +0100
+++ libvncserver-LibVNCServer-0.9.10/libvncclient/tls_gnutls.c 2015-12-12 11:23:29.391385234 +0100
@@ -31,8 +31,8 @@
#include "tls.h"
-static const char *rfbTLSPriority = "NORMAL:+DHE-DSS:+RSA:+DHE-RSA:+SRP";
-static const char *rfbAnonTLSPriority= "NORMAL:+ANON-DH";
+static const char *rfbTLSPriority = "@SYSTEM";
+static const char *rfbAnonTLSPriority= "@SYSTEM:+ANON-DH";
#define DH_BITS 1024
static gnutls_dh_params_t rfbDHParams;
diff -Naur libvncserver-LibVNCServer-0.9.10.old/libvncserver/rfbssl_gnutls.c libvncserver-LibVNCServer-0.9.10/libvncserver/rfbssl_gnutls.c
--- libvncserver-LibVNCServer-0.9.10.old/libvncserver/rfbssl_gnutls.c 2015-12-12 00:14:37.270157930 +0100
+++ libvncserver-LibVNCServer-0.9.10/libvncserver/rfbssl_gnutls.c 2015-12-12 11:14:49.966830581 +0100
@@ -54,7 +54,7 @@
if (!GNUTLS_E_SUCCESS == (ret = gnutls_init(&session, GNUTLS_SERVER))) {
/* */
- } else if (!GNUTLS_E_SUCCESS == (ret = gnutls_priority_set_direct(session, "EXPORT", NULL))) {
+ } else if (!GNUTLS_E_SUCCESS == (ret = gnutls_set_default_priority(session))) {
/* */
} else if (!GNUTLS_E_SUCCESS == (ret = gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, ctx->x509_cred))) {
/* */

32
d0a76539835d11c0f4723499f8be4bc9c7724eb9.patch
Unescape View File

@ -1,32 +0,0 @@
From d0a76539835d11c0f4723499f8be4bc9c7724eb9 Mon Sep 17 00:00:00 2001
From: Rajesh Sahoo <rajesh.sahoo@lge.com>
Date: Tue, 11 Jun 2019 15:13:04 +0530
Subject: [PATCH] avoid pthread_join if backgroundLoop is FALSE
client_thread is created depending upon backgroundLoop, but joining
without checking for same condition. so we are trying to join a garbage
thread_id.
---
libvncserver/main.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libvncserver/main.c b/libvncserver/main.c
index d3cd9b1e..772fb18f 100644
--- a/libvncserver/main.c
+++ b/libvncserver/main.c
@@ -1112,6 +1112,7 @@ void rfbShutdownServer(rfbScreenInfoPtr screen,rfbBool disconnectClients) {
}
#ifdef LIBVNCSERVER_HAVE_LIBPTHREAD
+ if(currentCl->screen->backgroundLoop) {
/*
Notify the thread. This simply writes a NULL byte to the notify pipe in order to get past the select()
in clientInput(), the loop in there will then break because the rfbCloseClient() above has set
@@ -1120,6 +1121,7 @@ void rfbShutdownServer(rfbScreenInfoPtr screen,rfbBool disconnectClients) {
write(currentCl->pipe_notify_client_thread[1], "\x00", 1);
/* And wait for it to finish. */
pthread_join(currentCl->client_thread, NULL);
+ }
#else
rfbClientConnectionGone(currentCl);
#endif

15
libvncserver-LibVNCServer-0.9.13-system-crypto-policy.patch
Unescape View File

@ -0,0 +1,15 @@
diff -up libvncserver-LibVNCServer-0.9.13/libvncclient/tls_gnutls.c.crypto_policy libvncserver-LibVNCServer-0.9.13/libvncclient/tls_gnutls.c
--- libvncserver-LibVNCServer-0.9.13/libvncclient/tls_gnutls.c.crypto_policy 2020-06-13 13:49:53.000000000 -0500
+++ libvncserver-LibVNCServer-0.9.13/libvncclient/tls_gnutls.c 2020-07-02 08:00:54.304902893 -0500
@@ -29,8 +29,8 @@
#include "tls.h"
-static const char *rfbTLSPriority = "NORMAL:+DHE-DSS:+RSA:+DHE-RSA:+SRP";
-static const char *rfbAnonTLSPriority= "NORMAL:+ANON-DH";
+static const char *rfbTLSPriority = "@SYSTEM";
+static const char *rfbAnonTLSPriority= "@SYSTEM:+ANON-DH";
#define DH_BITS 1024
static gnutls_dh_params_t rfbDHParams;
diff -up libvncserver-LibVNCServer-0.9.13/libvncserver/rfbssl_gnutls.c.crypto_policy libvncserver-LibVNCServer-0.9.13/libvncserver/rfbssl_gnutls.c

36
libvncserver.spec
Unescape View File

@ -1,6 +1,6 @@
Summary: Library to make writing a VNC server easy Summary: Library to make writing a VNC server easy
Name: libvncserver Name: libvncserver
Version: 0.9.12 Version: 0.9.13
Release: 1%{?dist} Release: 1%{?dist}
# NOTE: --with-filetransfer => GPLv2 # NOTE: --with-filetransfer => GPLv2
@ -8,22 +8,13 @@ License: GPLv2+
URL: http://libvnc.github.io/ URL: http://libvnc.github.io/
Source0: https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{version}.tar.gz Source0: https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{version}.tar.gz
Patch1: 3348a7e42e86dfb98dd7458ad29def476cf6096f.patch
Patch2: 36a71279ed5b10effecd879caf6c3791842ca713.patch
Patch3: d0a76539835d11c0f4723499f8be4bc9c7724eb9.patch
Patch4: 15c4f144a3783d9f1f2c976acf9f4d85988fd466.patch
## TLS security type enablement patches ## TLS security type enablement patches
# https://github.com/LibVNC/libvncserver/pull/234 # https://github.com/LibVNC/libvncserver/pull/234
Patch10: 0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch Patch10: 0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch
Patch11: 0002-libvncserver-Add-channel-security-handlers.patch Patch11: 0002-libvncserver-Add-channel-security-handlers.patch
## downstream patches ## downstream patches
Patch102: LibVNCServer-0.9.10-system-crypto-policy.patch Patch102: libvncserver-LibVNCServer-0.9.13-system-crypto-policy.patch
Patch106: CVE-2018-15127.patch
Patch107: CVE-2019-15681.patch
BuildRequires: gcc-c++ BuildRequires: gcc-c++
BuildRequires: cmake3 BuildRequires: cmake3
@ -88,20 +79,15 @@ developing applications that use %{name}.
%prep %prep
%setup -q -n %{name}-LibVNCServer-%{version} %setup -q -n %{name}-LibVNCServer-%{version}
%patch1 -p1 ## FIXME: needs rebasing
%patch2 -p1 #patch10 -p1 -b .tls-1
%patch3 -p1 #patch11 -p1 -b .tls-2
%patch4 -p1
%patch10 -p1 %patch102 -p1 -b .crypto_policy
%patch11 -p1
# Nuke bundled minilzo # Nuke bundled minilzo
rm -fv common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c rm -fv common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c
%patch102 -p1
%patch106 -p1
%patch107 -p1
# Fix encoding # Fix encoding
for file in ChangeLog ; do for file in ChangeLog ; do
@ -125,9 +111,9 @@ popd
%files %files
%license COPYING %license COPYING
%doc AUTHORS ChangeLog NEWS README.md TODO %doc AUTHORS ChangeLog NEWS* README* TODO*
%{_libdir}/libvncclient.so.* %{_libdir}/libvncclient.so.1*
%{_libdir}/libvncserver.so.* %{_libdir}/libvncserver.so.1*
%files devel %files devel
#{_bindir}/libvncserver-config #{_bindir}/libvncserver-config
@ -139,6 +125,10 @@ popd
%changelog %changelog
* Thu Jul 02 2020 Rex Dieter <rdieter@fedoraproject.org> - 0.9.13-1
- 0.9.13
- FIXME/TODO: tls patches need rebasing, work-in-progress
* Tue Feb 11 2020 Sérgio Basto <sergio@serjux.com> - 0.9.12-1 * Tue Feb 11 2020 Sérgio Basto <sergio@serjux.com> - 0.9.12-1
- Update to 0.9.12 - Update to 0.9.12

2
sources
Unescape View File

@ -1 +1 @@
SHA512 (LibVNCServer-0.9.12.tar.gz) = 60ff1cc93a937d6f8f97449bc58b763095846207112f7b1b3c43eb2d74448b595d6da949903a764bd484ee54e38ff6277e882adbe965dd6d26ba15ef6ff6fcb8 SHA512 (LibVNCServer-0.9.13.tar.gz) = 18b0a1698d32bbdbfe6f65f76130b2a95860e3cc76e8adb904269663698c7c0ae982f451fda1f25e5461f096045d40a89d9014258f439366d5b4feaa4999d643

Write Preview
Loading…
Cancel
Save