pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/net/vino Do not use deprecated GnuTLS functions



details:   https://anonhg.NetBSD.org/pkgsrc/rev/56d56942da30
branches:  trunk
changeset: 353024:56d56942da30
user:      richard <richard%pkgsrc.org@localhost>
date:      Thu Sep 22 11:31:37 2016 +0000

description:
Do not use deprecated GnuTLS functions
http://bugzilla.gnome.org/show_bug.cgi?id=648606
require minimally gnutls 2.2.0 for use of currently used functions

since the recent gnutls update, deprecated => obsoleted
fixes build for now, discussing with wiz@ seems reasonable later
to update to the gnome3 version and, if necessary, adding back vino2.

diffstat:

 net/vino/distinfo                                 |   5 +-
 net/vino/patches/patch-aa                         |  48 ++++++++++++++++++++++-
 net/vino/patches/patch-server_libvncserver_auth.c |  26 ++++++++++++
 3 files changed, 76 insertions(+), 3 deletions(-)

diffs (105 lines):

diff -r a9f7422fcd99 -r 56d56942da30 net/vino/distinfo
--- a/net/vino/distinfo Thu Sep 22 09:07:26 2016 +0000
+++ b/net/vino/distinfo Thu Sep 22 11:31:37 2016 +0000
@@ -1,10 +1,11 @@
-$NetBSD: distinfo,v 1.14 2016/03/24 13:36:52 richard Exp $
+$NetBSD: distinfo,v 1.15 2016/09/22 11:31:37 richard Exp $
 
 SHA1 (vino-2.32.2.tar.bz2) = e457d1c5705607c3cd18b7e6fbb8776b7483c733
 RMD160 (vino-2.32.2.tar.bz2) = 1de0923ef33a73dd6a9c4e761291728c552708e8
 SHA512 (vino-2.32.2.tar.bz2) = 1205341c83f296f93d948d3b0408a54e9a036abc15ad4e980e9abde8d24ab4a1639ea0d0898d768cf0a01e1ef9e916d907c58d4617534b0dc6860900e1a62a58
 Size (vino-2.32.2.tar.bz2) = 856440 bytes
-SHA1 (patch-aa) = d240f809769fee144ce0a6057327107ade82ef6c
+SHA1 (patch-aa) = b75e056367be66ce2c8ed7cc1ca898737380ed50
 SHA1 (patch-ab) = 0c09812fc98bced9938a0460305c7dbcbed40ad3
 SHA1 (patch-ad) = 0e1b226e8c5ac5f9e3d3c7270b9a19a2314ef737
+SHA1 (patch-server_libvncserver_auth.c) = 43284ea485bc028fdad7a96e72ff7832f53dd908
 SHA1 (patch-server_miniupnp_miniwget.c) = 6612c1a16d955c0e60546209d0e2f47546a976ff
diff -r a9f7422fcd99 -r 56d56942da30 net/vino/patches/patch-aa
--- a/net/vino/patches/patch-aa Thu Sep 22 09:07:26 2016 +0000
+++ b/net/vino/patches/patch-aa Thu Sep 22 11:31:37 2016 +0000
@@ -1,7 +1,53 @@
-$NetBSD: patch-aa,v 1.3 2013/08/12 09:36:41 obache Exp $
+$NetBSD: patch-aa,v 1.4 2016/09/22 11:31:37 richard Exp $
+
+Do not use deprecated GnuTLS functions
+http://bugzilla.gnome.org/show_bug.cgi?id=648606
+require minimally gnutls 2.2.0 for use of currently used functions
 
 --- configure.orig     2011-05-02 16:35:08.000000000 +0000
 +++ configure
+@@ -15322,12 +15322,12 @@ if test -n "$LIBGNUTLS_CFLAGS"; then
+     pkg_cv_LIBGNUTLS_CFLAGS="$LIBGNUTLS_CFLAGS"
+  elif test -n "$PKG_CONFIG"; then
+     if test -n "$PKG_CONFIG" && \
+-    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"gnutls >= 1.0.0\""; } >&5
+-  ($PKG_CONFIG --exists --print-errors "gnutls >= 1.0.0") 2>&5
++    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"gnutls >= 2.2.0\""; } >&5
++  ($PKG_CONFIG --exists --print-errors "gnutls >= 2.2.0") 2>&5
+   ac_status=$?
+   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+   test $ac_status = 0; }; then
+-  pkg_cv_LIBGNUTLS_CFLAGS=`$PKG_CONFIG --cflags "gnutls >= 1.0.0" 2>/dev/null`
++  pkg_cv_LIBGNUTLS_CFLAGS=`$PKG_CONFIG --cflags "gnutls >= 2.2.0" 2>/dev/null`
+ else
+   pkg_failed=yes
+ fi
+@@ -15339,11 +15339,11 @@ if test -n "$LIBGNUTLS_LIBS"; then
+  elif test -n "$PKG_CONFIG"; then
+     if test -n "$PKG_CONFIG" && \
+     { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"gnutls >= 1.0.0\""; } >&5
+-  ($PKG_CONFIG --exists --print-errors "gnutls >= 1.0.0") 2>&5
++  ($PKG_CONFIG --exists --print-errors "gnutls >= 2.2.0") 2>&5
+   ac_status=$?
+   $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+   test $ac_status = 0; }; then
+-  pkg_cv_LIBGNUTLS_LIBS=`$PKG_CONFIG --libs "gnutls >= 1.0.0" 2>/dev/null`
++  pkg_cv_LIBGNUTLS_LIBS=`$PKG_CONFIG --libs "gnutls >= 2.2.0" 2>/dev/null`
+ else
+   pkg_failed=yes
+ fi
+@@ -15363,9 +15363,9 @@ else
+         _pkg_short_errors_supported=no
+ fi
+         if test $_pkg_short_errors_supported = yes; then
+-              LIBGNUTLS_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors "gnutls >= 1.0.0" 2>&1`
++              LIBGNUTLS_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors "gnutls >= 2.2.0" 2>&1`
+         else
+-              LIBGNUTLS_PKG_ERRORS=`$PKG_CONFIG --print-errors "gnutls >= 1.0.0" 2>&1`
++              LIBGNUTLS_PKG_ERRORS=`$PKG_CONFIG --print-errors "gnutls >= 2.2.0" 2>&1`
+         fi
+       # Put the nasty error message in config.log where it belongs
+       echo "$LIBGNUTLS_PKG_ERRORS" >&5
 @@ -16129,6 +16129,8 @@ if test "x$ac_cv_header_ifaddrs_h" = "xy
          cat confdefs.h - <<_ACEOF >conftest.$ac_ext
  /* end confdefs.h.  */
diff -r a9f7422fcd99 -r 56d56942da30 net/vino/patches/patch-server_libvncserver_auth.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/vino/patches/patch-server_libvncserver_auth.c Thu Sep 22 11:31:37 2016 +0000
@@ -0,0 +1,26 @@
+$NetBSD: patch-server_libvncserver_auth.c,v 1.1 2016/09/22 11:31:37 richard Exp $
+
+Do not use deprecated GnuTLS functions
+http://bugzilla.gnome.org/show_bug.cgi?id=648606
+
+--- server/libvncserver/auth.c.orig    2011-05-02 16:07:11.000000000 +0000
++++ server/libvncserver/auth.c
+@@ -64,13 +64,16 @@ rfbAuthCleanupScreen(rfbScreenInfoPtr rf
+ static rfbBool
+ rfbAuthTLSHandshake(rfbClientPtr cl)
+ {
+-    static const int kx_priority[] = { GNUTLS_KX_ANON_DH, 0 };
++    /* TODO: Perform non-anonymous key exchange to prevent man-in-the-middle
++     * attacks. */
++    static const char kx_priority[] = "NORMAL:+ANON-DH";
++
+     int              err;
+     
+     gnutls_init(&cl->tlsSession, GNUTLS_SERVER);
+ 
+     gnutls_set_default_priority(cl->tlsSession);
+-    gnutls_kx_set_priority(cl->tlsSession, kx_priority);
++    gnutls_priority_set_direct(cl->tlsSession, kx_priority, NULL);
+ 
+     gnutls_credentials_set(cl->tlsSession,
+                          GNUTLS_CRD_ANON,



Home | Main Index | Thread Index | Old Index