1 |
commit: 3cc06e5fd4889a3fd2d77d6a411efe0f82f37777 |
2 |
Author: Alexander Tsoy <alexander <AT> tsoy <DOT> me> |
3 |
AuthorDate: Mon Jun 29 07:52:36 2020 +0000 |
4 |
Commit: Aaron Bauman <bman <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Jun 29 17:29:20 2020 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3cc06e5f |
7 |
|
8 |
net-libs/libvncserver: Security cleanup |
9 |
|
10 |
Bug: https://bugs.gentoo.org/728594 |
11 |
Signed-off-by: Alexander Tsoy <alexander <AT> tsoy.me> |
12 |
Closes: https://github.com/gentoo/gentoo/pull/16483 |
13 |
Signed-off-by: Aaron Bauman <bman <AT> gentoo.org> |
14 |
|
15 |
net-libs/libvncserver/Manifest | 1 - |
16 |
.../files/libvncserver-0.9.12-CVE-2018-20750.patch | 47 -------------- |
17 |
.../files/libvncserver-0.9.12-CVE-2019-15681.patch | 26 -------- |
18 |
.../files/libvncserver-0.9.12-CVE-2019-15690.patch | 39 ----------- |
19 |
.../files/libvncserver-0.9.12-cmake-libdir.patch | 46 ------------- |
20 |
.../libvncserver-0.9.12-fix-shutdown-crash.patch | 63 ------------------ |
21 |
...ibvncserver-0.9.12-fix-tight-raw-decoding.patch | 40 ------------ |
22 |
.../files/libvncserver-0.9.12-libgcrypt.patch | 40 ------------ |
23 |
.../libvncserver-0.9.12-pkgconfig-libdir.patch | 41 ------------ |
24 |
.../libvncserver-0.9.12-sparc-unaligned.patch | 40 ------------ |
25 |
.../libvncserver/libvncserver-0.9.12-r5.ebuild | 75 ---------------------- |
26 |
11 files changed, 458 deletions(-) |
27 |
|
28 |
diff --git a/net-libs/libvncserver/Manifest b/net-libs/libvncserver/Manifest |
29 |
index 836e8ec1e80..c7569e5d477 100644 |
30 |
--- a/net-libs/libvncserver/Manifest |
31 |
+++ b/net-libs/libvncserver/Manifest |
32 |
@@ -1,2 +1 @@ |
33 |
-DIST LibVNCServer-0.9.12.tar.gz 2237447 BLAKE2B 583500c0bcfb6e9e3a02a33fb2701113b164851f0906fcc4845de7c7d82d4f7f65f5edd6c9a672348ee1deeefc65c1b0a257da024254598ba86d121d424f027e SHA512 60ff1cc93a937d6f8f97449bc58b763095846207112f7b1b3c43eb2d74448b595d6da949903a764bd484ee54e38ff6277e882adbe965dd6d26ba15ef6ff6fcb8 |
34 |
DIST LibVNCServer-0.9.13.tar.gz 567491 BLAKE2B 138c7ca63f8cd30a21dc1b58aafa744e12a1a9eca503ffec18a63d18791d7a5df4eef176d7e4e797a2aadda1dd04d1b051abfd76bf5c6806d558c09ffee78cce SHA512 18b0a1698d32bbdbfe6f65f76130b2a95860e3cc76e8adb904269663698c7c0ae982f451fda1f25e5461f096045d40a89d9014258f439366d5b4feaa4999d643 |
35 |
|
36 |
diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2018-20750.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2018-20750.patch |
37 |
deleted file mode 100644 |
38 |
index 55f122d1258..00000000000 |
39 |
--- a/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2018-20750.patch |
40 |
+++ /dev/null |
41 |
@@ -1,47 +0,0 @@ |
42 |
-From 09e8fc02f59f16e2583b34fe1a270c238bd9ffec Mon Sep 17 00:00:00 2001 |
43 |
-From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@××××××.com> |
44 |
-Date: Mon, 7 Jan 2019 10:40:01 +0100 |
45 |
-Subject: [PATCH 01/51] Limit lenght to INT_MAX bytes in |
46 |
- rfbProcessFileTransferReadBuffer() |
47 |
- |
48 |
-This ammends 15bb719c03cc70f14c36a843dcb16ed69b405707 fix for a heap |
49 |
-out-of-bound write access in rfbProcessFileTransferReadBuffer() when |
50 |
-reading a transfered file content in a server. The former fix did not |
51 |
-work on platforms with a 32-bit int type (expected by rfbReadExact()). |
52 |
- |
53 |
-CVE-2018-15127 |
54 |
-<https://github.com/LibVNC/libvncserver/issues/243> |
55 |
-<https://github.com/LibVNC/libvncserver/issues/273> |
56 |
---- |
57 |
- libvncserver/rfbserver.c | 7 ++++++- |
58 |
- 1 file changed, 6 insertions(+), 1 deletion(-) |
59 |
- |
60 |
-diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c |
61 |
-index 7af8490..f2edbee 100644 |
62 |
---- a/libvncserver/rfbserver.c |
63 |
-+++ b/libvncserver/rfbserver.c |
64 |
-@@ -88,6 +88,8 @@ |
65 |
- #include <errno.h> |
66 |
- /* strftime() */ |
67 |
- #include <time.h> |
68 |
-+/* INT_MAX */ |
69 |
-+#include <limits.h> |
70 |
- |
71 |
- #ifdef LIBVNCSERVER_WITH_WEBSOCKETS |
72 |
- #include "rfbssl.h" |
73 |
-@@ -1472,8 +1474,11 @@ char *rfbProcessFileTransferReadBuffer(rfbClientPtr cl, uint32_t length) |
74 |
- 0XFFFFFFFF, i.e. SIZE_MAX for 32-bit systems. On 64-bit systems, a length of 0XFFFFFFFF |
75 |
- will safely be allocated since this check will never trigger and malloc() can digest length+1 |
76 |
- without problems as length is a uint32_t. |
77 |
-+ We also later pass length to rfbReadExact() that expects a signed int type and |
78 |
-+ that might wrap on platforms with a 32-bit int type if length is bigger |
79 |
-+ than 0X7FFFFFFF. |
80 |
- */ |
81 |
-- if(length == SIZE_MAX) { |
82 |
-+ if(length == SIZE_MAX || length > INT_MAX) { |
83 |
- rfbErr("rfbProcessFileTransferReadBuffer: too big file transfer length requested: %u", (unsigned int)length); |
84 |
- rfbCloseClient(cl); |
85 |
- return NULL; |
86 |
--- |
87 |
-2.23.0 |
88 |
- |
89 |
|
90 |
diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15681.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15681.patch |
91 |
deleted file mode 100644 |
92 |
index 301d1340d14..00000000000 |
93 |
--- a/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15681.patch |
94 |
+++ /dev/null |
95 |
@@ -1,26 +0,0 @@ |
96 |
-From d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a Mon Sep 17 00:00:00 2001 |
97 |
-From: Christian Beier <dontmind@×××××××××.org> |
98 |
-Date: Mon, 19 Aug 2019 22:32:25 +0200 |
99 |
-Subject: [PATCH 48/51] rfbserver: don't leak stack memory to the remote |
100 |
- |
101 |
-Thanks go to Pavel Cheremushkin of Kaspersky for reporting. |
102 |
---- |
103 |
- libvncserver/rfbserver.c | 2 ++ |
104 |
- 1 file changed, 2 insertions(+) |
105 |
- |
106 |
-diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c |
107 |
-index 3bacc89..310e548 100644 |
108 |
---- a/libvncserver/rfbserver.c |
109 |
-+++ b/libvncserver/rfbserver.c |
110 |
-@@ -3724,6 +3724,8 @@ rfbSendServerCutText(rfbScreenInfoPtr rfbScreen,char *str, int len) |
111 |
- rfbServerCutTextMsg sct; |
112 |
- rfbClientIteratorPtr iterator; |
113 |
- |
114 |
-+ memset((char *)&sct, 0, sizeof(sct)); |
115 |
-+ |
116 |
- iterator = rfbGetClientIterator(rfbScreen); |
117 |
- while ((cl = rfbClientIteratorNext(iterator)) != NULL) { |
118 |
- sct.type = rfbServerCutText; |
119 |
--- |
120 |
-2.23.0 |
121 |
- |
122 |
|
123 |
diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15690.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15690.patch |
124 |
deleted file mode 100644 |
125 |
index 5ef290129c7..00000000000 |
126 |
--- a/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15690.patch |
127 |
+++ /dev/null |
128 |
@@ -1,39 +0,0 @@ |
129 |
-From 54220248886b5001fbbb9fa73c4e1a2cb9413fed Mon Sep 17 00:00:00 2001 |
130 |
-From: Christian Beier <dontmind@×××××××××.org> |
131 |
-Date: Sun, 17 Nov 2019 17:18:35 +0100 |
132 |
-Subject: [PATCH] libvncclient/cursor: limit width/height input values |
133 |
- |
134 |
-Avoids a possible heap overflow reported by Pavel Cheremushkin |
135 |
-<Pavel.Cheremushkin@×××××××××.com>. |
136 |
- |
137 |
-re #275 |
138 |
---- |
139 |
- libvncclient/cursor.c | 5 +++++ |
140 |
- 1 file changed, 5 insertions(+) |
141 |
- |
142 |
-diff --git a/libvncclient/cursor.c b/libvncclient/cursor.c |
143 |
-index 67f4572..40ffb3b 100644 |
144 |
---- a/libvncclient/cursor.c |
145 |
-+++ b/libvncclient/cursor.c |
146 |
-@@ -28,6 +28,8 @@ |
147 |
- #define OPER_SAVE 0 |
148 |
- #define OPER_RESTORE 1 |
149 |
- |
150 |
-+#define MAX_CURSOR_SIZE 1024 |
151 |
-+ |
152 |
- #define RGB24_TO_PIXEL(bpp,r,g,b) \ |
153 |
- ((((uint##bpp##_t)(r) & 0xFF) * client->format.redMax + 127) / 255 \ |
154 |
- << client->format.redShift | \ |
155 |
-@@ -54,6 +56,9 @@ rfbBool HandleCursorShape(rfbClient* client,int xhot, int yhot, int width, int h |
156 |
- if (width * height == 0) |
157 |
- return TRUE; |
158 |
- |
159 |
-+ if (width >= MAX_CURSOR_SIZE || height >= MAX_CURSOR_SIZE) |
160 |
-+ return FALSE; |
161 |
-+ |
162 |
- /* Allocate memory for pixel data and temporary mask data. */ |
163 |
- if(client->rcSource) |
164 |
- free(client->rcSource); |
165 |
--- |
166 |
-2.24.1 |
167 |
- |
168 |
|
169 |
diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-cmake-libdir.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-cmake-libdir.patch |
170 |
deleted file mode 100644 |
171 |
index cc6e4bdc909..00000000000 |
172 |
--- a/net-libs/libvncserver/files/libvncserver-0.9.12-cmake-libdir.patch |
173 |
+++ /dev/null |
174 |
@@ -1,46 +0,0 @@ |
175 |
-From 3348a7e42e86dfb98dd7458ad29def476cf6096f Mon Sep 17 00:00:00 2001 |
176 |
-From: Christian Beier <dontmind@×××××××××.org> |
177 |
-Date: Sat, 9 Feb 2019 13:23:26 +0100 |
178 |
-Subject: [PATCH 02/51] CMake: replace hardcoded 'lib' with |
179 |
- ${CMAKE_INSTALL_LIBDIR} |
180 |
- |
181 |
-Closes #281 |
182 |
---- |
183 |
- CMakeLists.txt | 7 ++++--- |
184 |
- 1 file changed, 4 insertions(+), 3 deletions(-) |
185 |
- |
186 |
-diff --git a/CMakeLists.txt b/CMakeLists.txt |
187 |
-index 873cc7b..55f7e65 100644 |
188 |
---- a/CMakeLists.txt |
189 |
-+++ b/CMakeLists.txt |
190 |
-@@ -9,6 +9,7 @@ include(CheckTypeSize) |
191 |
- include(TestBigEndian) |
192 |
- include(CheckCSourceCompiles) |
193 |
- include(CheckCSourceRuns) |
194 |
-+include(GNUInstallDirs) |
195 |
- |
196 |
- enable_testing() |
197 |
- |
198 |
-@@ -666,8 +667,8 @@ get_link_libraries(PRIVATE_LIBS vncclient) |
199 |
- configure_file(${CMAKE_CURRENT_SOURCE_DIR}/libvncclient.pc.cmakein ${CMAKE_CURRENT_BINARY_DIR}/libvncclient.pc @ONLY) |
200 |
- |
201 |
- |
202 |
--install_targets(/lib vncserver) |
203 |
--install_targets(/lib vncclient) |
204 |
-+install_targets(/${CMAKE_INSTALL_LIBDIR} vncserver) |
205 |
-+install_targets(/${CMAKE_INSTALL_LIBDIR} vncclient) |
206 |
- install_files(/include/rfb FILES |
207 |
- rfb/keysym.h |
208 |
- rfb/rfb.h |
209 |
-@@ -677,7 +678,7 @@ install_files(/include/rfb FILES |
210 |
- rfb/rfbregion.h |
211 |
- ) |
212 |
- |
213 |
--install_files(/lib/pkgconfig FILES |
214 |
-+install_files(/${CMAKE_INSTALL_LIBDIR}/pkgconfig FILES |
215 |
- libvncserver.pc |
216 |
- libvncclient.pc |
217 |
- ) |
218 |
--- |
219 |
-2.23.0 |
220 |
- |
221 |
|
222 |
diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-fix-shutdown-crash.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-fix-shutdown-crash.patch |
223 |
deleted file mode 100644 |
224 |
index 0ae8d38c6f8..00000000000 |
225 |
--- a/net-libs/libvncserver/files/libvncserver-0.9.12-fix-shutdown-crash.patch |
226 |
+++ /dev/null |
227 |
@@ -1,63 +0,0 @@ |
228 |
-From d0a76539835d11c0f4723499f8be4bc9c7724eb9 Mon Sep 17 00:00:00 2001 |
229 |
-From: Rajesh Sahoo <rajesh.sahoo@×××.com> |
230 |
-Date: Tue, 11 Jun 2019 15:13:04 +0530 |
231 |
-Subject: [PATCH] avoid pthread_join if backgroundLoop is FALSE |
232 |
- |
233 |
-client_thread is created depending upon backgroundLoop, but joining |
234 |
-without checking for same condition. so we are trying to join a garbage |
235 |
-thread_id. |
236 |
---- |
237 |
- libvncserver/main.c | 2 ++ |
238 |
- 1 file changed, 2 insertions(+) |
239 |
- |
240 |
-diff --git a/libvncserver/main.c b/libvncserver/main.c |
241 |
-index d3cd9b1..772fb18 100644 |
242 |
---- a/libvncserver/main.c |
243 |
-+++ b/libvncserver/main.c |
244 |
-@@ -1112,6 +1112,7 @@ void rfbShutdownServer(rfbScreenInfoPtr screen,rfbBool disconnectClients) { |
245 |
- } |
246 |
- |
247 |
- #ifdef LIBVNCSERVER_HAVE_LIBPTHREAD |
248 |
-+ if(currentCl->screen->backgroundLoop) { |
249 |
- /* |
250 |
- Notify the thread. This simply writes a NULL byte to the notify pipe in order to get past the select() |
251 |
- in clientInput(), the loop in there will then break because the rfbCloseClient() above has set |
252 |
-@@ -1120,6 +1121,7 @@ void rfbShutdownServer(rfbScreenInfoPtr screen,rfbBool disconnectClients) { |
253 |
- write(currentCl->pipe_notify_client_thread[1], "\x00", 1); |
254 |
- /* And wait for it to finish. */ |
255 |
- pthread_join(currentCl->client_thread, NULL); |
256 |
-+ } |
257 |
- #else |
258 |
- rfbClientConnectionGone(currentCl); |
259 |
- #endif |
260 |
--- |
261 |
-2.24.1 |
262 |
- |
263 |
-From 15c4f144a3783d9f1f2c976acf9f4d85988fd466 Mon Sep 17 00:00:00 2001 |
264 |
-From: Albert Astals Cid <aacid@×××.org> |
265 |
-Date: Sun, 5 Jan 2020 19:56:57 +0100 |
266 |
-Subject: [PATCH] rfbShutdownServer: Call rfbClientConnectionGone if no |
267 |
- backgroundLoop |
268 |
- |
269 |
-Otherwise the servers that don't use rfbRunEventLoop don't get |
270 |
-notified of client disconnections |
271 |
---- |
272 |
- libvncserver/main.c | 2 ++ |
273 |
- 1 file changed, 2 insertions(+) |
274 |
- |
275 |
-diff --git a/libvncserver/main.c b/libvncserver/main.c |
276 |
-index b51f0ab..738a501 100644 |
277 |
---- a/libvncserver/main.c |
278 |
-+++ b/libvncserver/main.c |
279 |
-@@ -1152,6 +1152,8 @@ void rfbShutdownServer(rfbScreenInfoPtr screen,rfbBool disconnectClients) { |
280 |
- write(currentCl->pipe_notify_client_thread[1], "\x00", 1); |
281 |
- /* And wait for it to finish. */ |
282 |
- pthread_join(currentCl->client_thread, NULL); |
283 |
-+ } else { |
284 |
-+ rfbClientConnectionGone(currentCl); |
285 |
- } |
286 |
- #else |
287 |
- rfbClientConnectionGone(currentCl); |
288 |
--- |
289 |
-2.24.1 |
290 |
- |
291 |
|
292 |
diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-fix-tight-raw-decoding.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-fix-tight-raw-decoding.patch |
293 |
deleted file mode 100644 |
294 |
index e862d634346..00000000000 |
295 |
--- a/net-libs/libvncserver/files/libvncserver-0.9.12-fix-tight-raw-decoding.patch |
296 |
+++ /dev/null |
297 |
@@ -1,40 +0,0 @@ |
298 |
-From 6b87d6154200667a66212f80068f7468eaa0f048 Mon Sep 17 00:00:00 2001 |
299 |
-From: DRC <information@×××××××××.org> |
300 |
-Date: Sat, 28 Sep 2019 14:54:30 -0500 |
301 |
-Subject: [PATCH 50/51] LibVNCClient: Fix regression in Tight/Raw decoding |
302 |
- |
303 |
-Introduced by d7b1462 in LibVNCServer 0.9.12. This regression caused |
304 |
-the pixels in some RFB rectangles to become corrupted/garbled when the |
305 |
-Tight encoding was used, without the JPEG subencoding, with a 15-bit or |
306 |
-16-bit color depth. |
307 |
- |
308 |
-Fixes #335 |
309 |
-Fixes https://gitlab.com/Remmina/Remmina/issues/1824 |
310 |
---- |
311 |
- libvncclient/tight.c | 5 +++-- |
312 |
- 1 file changed, 3 insertions(+), 2 deletions(-) |
313 |
- |
314 |
-diff --git a/libvncclient/tight.c b/libvncclient/tight.c |
315 |
-index df01812..0586f47 100644 |
316 |
---- a/libvncclient/tight.c |
317 |
-+++ b/libvncclient/tight.c |
318 |
-@@ -1,5 +1,5 @@ |
319 |
- /* |
320 |
-- * Copyright (C) 2017 D. R. Commander. All Rights Reserved. |
321 |
-+ * Copyright (C) 2017, 2019 D. R. Commander. All Rights Reserved. |
322 |
- * Copyright (C) 2004-2008 Sun Microsystems, Inc. All Rights Reserved. |
323 |
- * Copyright (C) 2004 Landmark Graphics Corporation. All Rights Reserved. |
324 |
- * Copyright (C) 2000, 2001 Const Kaplinsky. All Rights Reserved. |
325 |
-@@ -360,7 +360,8 @@ FilterCopyBPP (rfbClient* client, int srcx, int srcy, int numRows) |
326 |
- #endif |
327 |
- |
328 |
- for (y = 0; y < numRows; y++) |
329 |
-- memcpy (&dst[y*client->width], &client->buffer[y*client->rectWidth], |
330 |
-+ memcpy (&dst[y*client->width], |
331 |
-+ &client->buffer[y * client->rectWidth * (BPP / 8)], |
332 |
- client->rectWidth * (BPP / 8)); |
333 |
- } |
334 |
- |
335 |
--- |
336 |
-2.23.0 |
337 |
- |
338 |
|
339 |
diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-libgcrypt.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-libgcrypt.patch |
340 |
deleted file mode 100644 |
341 |
index a0313562ff1..00000000000 |
342 |
--- a/net-libs/libvncserver/files/libvncserver-0.9.12-libgcrypt.patch |
343 |
+++ /dev/null |
344 |
@@ -1,40 +0,0 @@ |
345 |
-From 57be637006a95091119f7a49b4232e461116520f Mon Sep 17 00:00:00 2001 |
346 |
-From: Alexander Tsoy <alexander@××××.me> |
347 |
-Date: Sat, 25 May 2019 02:02:47 +0300 |
348 |
-Subject: [PATCH] crypto: rfbcrypto_gnutls is actually libgcrypt-based |
349 |
- |
350 |
-Long time ago gnutls used libgcrypt as a cryptographic backend. Perhaps |
351 |
-that was what caused the confusion. |
352 |
---- |
353 |
- CMakeLists.txt | 9 ++++----- |
354 |
- common/{rfbcrypto_gnutls.c => rfbcrypto_libgcrypt.c} | 0 |
355 |
- 2 files changed, 4 insertions(+), 5 deletions(-) |
356 |
- rename common/{rfbcrypto_gnutls.c => rfbcrypto_libgcrypt.c} (100%) |
357 |
- |
358 |
-diff --git a/CMakeLists.txt b/CMakeLists.txt |
359 |
-index b9ca4ba..0d3b4dc 100644 |
360 |
---- a/CMakeLists.txt |
361 |
-+++ b/CMakeLists.txt |
362 |
-@@ -226,11 +226,10 @@ if(SYSTEMD_FOUND) |
363 |
- endif(SYSTEMD_FOUND) |
364 |
- |
365 |
- if(LIBVNCSERVER_HAVE_SYS_UIO_H) |
366 |
-- if(GNUTLS_FOUND) |
367 |
-- message(STATUS "Building crypto with GnuTLS") |
368 |
-- set(CRYPTO_LIBRARIES ${GNUTLS_LIBRARIES}) |
369 |
-- set(CRYPTO_SOURCES ${COMMON_DIR}/rfbcrypto_gnutls) |
370 |
-- include_directories(${GNUTLS_INCLUDE_DIR}) |
371 |
-+ if(WITH_GCRYPT AND LIBGCRYPT_LIBRARIES) |
372 |
-+ message(STATUS "Building crypto with Libgcrypt") |
373 |
-+ set(CRYPTO_LIBRARIES ${LIBGCRYPT_LIBRARIES}) |
374 |
-+ set(CRYPTO_SOURCES ${COMMON_DIR}/rfbcrypto_libgcrypt) |
375 |
- elseif(OPENSSL_FOUND) |
376 |
- message(STATUS "Building crypto with OpenSSL") |
377 |
- set(CRYPTO_LIBRARIES ${OPENSSL_LIBRARIES}) |
378 |
-diff --git a/common/rfbcrypto_gnutls.c b/common/rfbcrypto_libgcrypt.c |
379 |
-similarity index 100% |
380 |
-rename from common/rfbcrypto_gnutls.c |
381 |
-rename to common/rfbcrypto_libgcrypt.c |
382 |
--- |
383 |
-2.21.0 |
384 |
- |
385 |
|
386 |
diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-pkgconfig-libdir.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-pkgconfig-libdir.patch |
387 |
deleted file mode 100644 |
388 |
index 6a50ac89206..00000000000 |
389 |
--- a/net-libs/libvncserver/files/libvncserver-0.9.12-pkgconfig-libdir.patch |
390 |
+++ /dev/null |
391 |
@@ -1,41 +0,0 @@ |
392 |
-From 36a71279ed5b10effecd879caf6c3791842ca713 Mon Sep 17 00:00:00 2001 |
393 |
-From: Christian Beier <dontmind@×××××××××.org> |
394 |
-Date: Thu, 28 Mar 2019 21:06:36 +0100 |
395 |
-Subject: [PATCH 03/51] CMake: replace 'lib' with ${CMAKE_INSTALL_LIBDIR} for |
396 |
- pkgconfig files as well |
397 |
- |
398 |
-Thanks to https://github.com/ikelos for spotting this ;-) |
399 |
- |
400 |
-Closes #290 |
401 |
---- |
402 |
- libvncclient.pc.cmakein | 2 +- |
403 |
- libvncserver.pc.cmakein | 2 +- |
404 |
- 2 files changed, 2 insertions(+), 2 deletions(-) |
405 |
- |
406 |
-diff --git a/libvncclient.pc.cmakein b/libvncclient.pc.cmakein |
407 |
-index 169a8b7..445f7e7 100644 |
408 |
---- a/libvncclient.pc.cmakein |
409 |
-+++ b/libvncclient.pc.cmakein |
410 |
-@@ -1,6 +1,6 @@ |
411 |
- prefix=@CMAKE_INSTALL_PREFIX@ |
412 |
- exec_prefix=@CMAKE_INSTALL_PREFIX@ |
413 |
--libdir=@CMAKE_INSTALL_PREFIX@/lib |
414 |
-+libdir=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@ |
415 |
- includedir=@CMAKE_INSTALL_PREFIX@/include |
416 |
- |
417 |
- Name: LibVNCClient |
418 |
-diff --git a/libvncserver.pc.cmakein b/libvncserver.pc.cmakein |
419 |
-index f38d74f..c689806 100644 |
420 |
---- a/libvncserver.pc.cmakein |
421 |
-+++ b/libvncserver.pc.cmakein |
422 |
-@@ -1,6 +1,6 @@ |
423 |
- prefix=@CMAKE_INSTALL_PREFIX@ |
424 |
- exec_prefix=@CMAKE_INSTALL_PREFIX@ |
425 |
--libdir=@CMAKE_INSTALL_PREFIX@/lib |
426 |
-+libdir=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@ |
427 |
- includedir=@CMAKE_INSTALL_PREFIX@/include |
428 |
- |
429 |
- Name: LibVNCServer |
430 |
--- |
431 |
-2.23.0 |
432 |
- |
433 |
|
434 |
diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-sparc-unaligned.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-sparc-unaligned.patch |
435 |
deleted file mode 100644 |
436 |
index dce787f1295..00000000000 |
437 |
--- a/net-libs/libvncserver/files/libvncserver-0.9.12-sparc-unaligned.patch |
438 |
+++ /dev/null |
439 |
@@ -1,40 +0,0 @@ |
440 |
-From 0cf1400c61850065de590d403f6d49e32882fd76 Mon Sep 17 00:00:00 2001 |
441 |
-From: Rolf Eike Beer <eike@×××××××.de> |
442 |
-Date: Tue, 28 May 2019 18:30:46 +0200 |
443 |
-Subject: [PATCH] fix crash because of unaligned accesses in |
444 |
- hybiReadAndDecode() |
445 |
- |
446 |
---- |
447 |
- libvncserver/ws_decode.c | 7 ++++--- |
448 |
- 1 file changed, 4 insertions(+), 3 deletions(-) |
449 |
- |
450 |
-diff --git a/libvncserver/ws_decode.c b/libvncserver/ws_decode.c |
451 |
-index 441ebc7..10c44d1 100644 |
452 |
---- a/libvncserver/ws_decode.c |
453 |
-+++ b/libvncserver/ws_decode.c |
454 |
-@@ -327,7 +327,6 @@ hybiReadAndDecode(ws_ctx_t *wsctx, char *dst, int len, int *sockRet, int nInBuf) |
455 |
- int bufsize; |
456 |
- int nextRead; |
457 |
- unsigned char *data; |
458 |
-- uint32_t *data32; |
459 |
- |
460 |
- /* if data was carried over, copy to start of buffer */ |
461 |
- memcpy(wsctx->writePos, wsctx->carryBuf, wsctx->carrylen); |
462 |
-@@ -383,10 +382,12 @@ hybiReadAndDecode(ws_ctx_t *wsctx, char *dst, int len, int *sockRet, int nInBuf) |
463 |
- /* for a possible base64 decoding, we decode multiples of 4 bytes until |
464 |
- * the whole frame is received and carry over any remaining bytes in the carry buf*/ |
465 |
- data = (unsigned char *)(wsctx->writePos - toDecode); |
466 |
-- data32= (uint32_t *)data; |
467 |
- |
468 |
- for (i = 0; i < (toDecode >> 2); i++) { |
469 |
-- data32[i] ^= wsctx->header.mask.u; |
470 |
-+ uint32_t tmp; |
471 |
-+ memcpy(&tmp, data + i * sizeof(tmp), sizeof(tmp)); |
472 |
-+ tmp ^= wsctx->header.mask.u; |
473 |
-+ memcpy(data + i * sizeof(tmp), &tmp, sizeof(tmp)); |
474 |
- } |
475 |
- ws_dbg("mask decoding; i=%d toDecode=%d\n", i, toDecode); |
476 |
- |
477 |
--- |
478 |
-2.16.4 |
479 |
- |
480 |
|
481 |
diff --git a/net-libs/libvncserver/libvncserver-0.9.12-r5.ebuild b/net-libs/libvncserver/libvncserver-0.9.12-r5.ebuild |
482 |
deleted file mode 100644 |
483 |
index 9ea5a4c3370..00000000000 |
484 |
--- a/net-libs/libvncserver/libvncserver-0.9.12-r5.ebuild |
485 |
+++ /dev/null |
486 |
@@ -1,75 +0,0 @@ |
487 |
-# Copyright 1999-2020 Gentoo Authors |
488 |
-# Distributed under the terms of the GNU General Public License v2 |
489 |
- |
490 |
-EAPI=7 |
491 |
- |
492 |
-inherit cmake |
493 |
- |
494 |
-MY_P="LibVNCServer-${PV}" |
495 |
- |
496 |
-DESCRIPTION="library for creating vnc servers" |
497 |
-HOMEPAGE="https://libvnc.github.io/" |
498 |
-SRC_URI="https://github.com/LibVNC/${PN}/archive/${MY_P}.tar.gz" |
499 |
-S="${WORKDIR}/${PN}-${MY_P}" |
500 |
- |
501 |
-# libvncserver/tightvnc-filetransfer/*: GPL-2, but we don't build it |
502 |
-# common/d3des.*: https://github.com/LibVNC/libvncserver/issues/88 |
503 |
-LICENSE="GPL-2+ LGPL-2.1+ BSD MIT" |
504 |
-# no sub slot wanted (yet), see #578958 |
505 |
-SLOT="0" |
506 |
-KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~mips ppc ppc64 ~s390 sparc x86 ~amd64-linux ~x86-linux" |
507 |
-IUSE="+24bpp gcrypt gnutls ipv6 +jpeg libressl lzo +png sasl ssl systemd +threads +zlib" |
508 |
-# https://bugs.gentoo.org/690202 |
509 |
-# https://bugs.gentoo.org/435326 |
510 |
-# https://bugs.gentoo.org/550916 |
511 |
-REQUIRED_USE="jpeg? ( zlib ) png? ( zlib ) ssl? ( !gnutls? ( threads ) )" |
512 |
- |
513 |
-DEPEND=" |
514 |
- gcrypt? ( >=dev-libs/libgcrypt-1.5.3:0= ) |
515 |
- ssl? ( |
516 |
- !gnutls? ( |
517 |
- !libressl? ( >=dev-libs/openssl-1.0.2:0= ) |
518 |
- libressl? ( >=dev-libs/libressl-2.7.0:0= ) |
519 |
- ) |
520 |
- gnutls? ( >=net-libs/gnutls-2.12.23-r6:0= ) |
521 |
- ) |
522 |
- jpeg? ( >=virtual/jpeg-0-r2:0 ) |
523 |
- lzo? ( dev-libs/lzo ) |
524 |
- png? ( >=media-libs/libpng-1.6.10:0= ) |
525 |
- sasl? ( dev-libs/cyrus-sasl ) |
526 |
- systemd? ( sys-apps/systemd:= ) |
527 |
- zlib? ( >=sys-libs/zlib-1.2.8-r1:0= )" |
528 |
-RDEPEND="${DEPEND}" |
529 |
- |
530 |
-DOCS=( AUTHORS ChangeLog NEWS README.md TODO ) |
531 |
- |
532 |
-PATCHES=( |
533 |
- "${FILESDIR}"/${P}-cmake-libdir.patch |
534 |
- "${FILESDIR}"/${P}-pkgconfig-libdir.patch |
535 |
- "${FILESDIR}"/${P}-libgcrypt.patch |
536 |
- "${FILESDIR}"/${P}-sparc-unaligned.patch |
537 |
- "${FILESDIR}"/${P}-CVE-2018-20750.patch |
538 |
- "${FILESDIR}"/${P}-CVE-2019-15681.patch |
539 |
- "${FILESDIR}"/${P}-fix-tight-raw-decoding.patch |
540 |
- "${FILESDIR}"/${P}-fix-shutdown-crash.patch |
541 |
- "${FILESDIR}"/${P}-CVE-2019-15690.patch |
542 |
-) |
543 |
- |
544 |
-src_configure() { |
545 |
- local mycmakeargs=( |
546 |
- -DWITH_ZLIB=$(usex zlib ON OFF) |
547 |
- -DWITH_LZO=$(usex lzo ON OFF) |
548 |
- -DWITH_JPEG=$(usex jpeg ON OFF) |
549 |
- -DWITH_PNG=$(usex png ON OFF) |
550 |
- -DWITH_THREADS=$(usex threads ON OFF) |
551 |
- -DWITH_GNUTLS=$(usex gnutls $(usex ssl ON OFF) OFF) |
552 |
- -DWITH_OPENSSL=$(usex gnutls OFF $(usex ssl ON OFF)) |
553 |
- -DWITH_GCRYPT=$(usex gcrypt ON OFF) |
554 |
- -DWITH_SYSTEMD=$(usex systemd ON OFF) |
555 |
- -DWITH_FFMPEG=OFF |
556 |
- -DWITH_24BPP=$(usex 24bpp ON OFF) |
557 |
- -DWITH_IPv6=$(usex ipv6 ON OFF) |
558 |
- -DWITH_SASL=$(usex sasl ON OFF) |
559 |
- ) |
560 |
- cmake_src_configure |
561 |
-} |