pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/net/vino Do not use deprecated GnuTLS functions
details: https://anonhg.NetBSD.org/pkgsrc/rev/56d56942da30
branches: trunk
changeset: 353024:56d56942da30
user: richard <richard%pkgsrc.org@localhost>
date: Thu Sep 22 11:31:37 2016 +0000
description:
Do not use deprecated GnuTLS functions
http://bugzilla.gnome.org/show_bug.cgi?id=648606
require minimally gnutls 2.2.0 for use of currently used functions
since the recent gnutls update, deprecated => obsoleted
fixes build for now, discussing with wiz@ seems reasonable later
to update to the gnome3 version and, if necessary, adding back vino2.
diffstat:
net/vino/distinfo | 5 +-
net/vino/patches/patch-aa | 48 ++++++++++++++++++++++-
net/vino/patches/patch-server_libvncserver_auth.c | 26 ++++++++++++
3 files changed, 76 insertions(+), 3 deletions(-)
diffs (105 lines):
diff -r a9f7422fcd99 -r 56d56942da30 net/vino/distinfo
--- a/net/vino/distinfo Thu Sep 22 09:07:26 2016 +0000
+++ b/net/vino/distinfo Thu Sep 22 11:31:37 2016 +0000
@@ -1,10 +1,11 @@
-$NetBSD: distinfo,v 1.14 2016/03/24 13:36:52 richard Exp $
+$NetBSD: distinfo,v 1.15 2016/09/22 11:31:37 richard Exp $
SHA1 (vino-2.32.2.tar.bz2) = e457d1c5705607c3cd18b7e6fbb8776b7483c733
RMD160 (vino-2.32.2.tar.bz2) = 1de0923ef33a73dd6a9c4e761291728c552708e8
SHA512 (vino-2.32.2.tar.bz2) = 1205341c83f296f93d948d3b0408a54e9a036abc15ad4e980e9abde8d24ab4a1639ea0d0898d768cf0a01e1ef9e916d907c58d4617534b0dc6860900e1a62a58
Size (vino-2.32.2.tar.bz2) = 856440 bytes
-SHA1 (patch-aa) = d240f809769fee144ce0a6057327107ade82ef6c
+SHA1 (patch-aa) = b75e056367be66ce2c8ed7cc1ca898737380ed50
SHA1 (patch-ab) = 0c09812fc98bced9938a0460305c7dbcbed40ad3
SHA1 (patch-ad) = 0e1b226e8c5ac5f9e3d3c7270b9a19a2314ef737
+SHA1 (patch-server_libvncserver_auth.c) = 43284ea485bc028fdad7a96e72ff7832f53dd908
SHA1 (patch-server_miniupnp_miniwget.c) = 6612c1a16d955c0e60546209d0e2f47546a976ff
diff -r a9f7422fcd99 -r 56d56942da30 net/vino/patches/patch-aa
--- a/net/vino/patches/patch-aa Thu Sep 22 09:07:26 2016 +0000
+++ b/net/vino/patches/patch-aa Thu Sep 22 11:31:37 2016 +0000
@@ -1,7 +1,53 @@
-$NetBSD: patch-aa,v 1.3 2013/08/12 09:36:41 obache Exp $
+$NetBSD: patch-aa,v 1.4 2016/09/22 11:31:37 richard Exp $
+
+Do not use deprecated GnuTLS functions
+http://bugzilla.gnome.org/show_bug.cgi?id=648606
+require minimally gnutls 2.2.0 for use of currently used functions
--- configure.orig 2011-05-02 16:35:08.000000000 +0000
+++ configure
+@@ -15322,12 +15322,12 @@ if test -n "$LIBGNUTLS_CFLAGS"; then
+ pkg_cv_LIBGNUTLS_CFLAGS="$LIBGNUTLS_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+- { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"gnutls >= 1.0.0\""; } >&5
+- ($PKG_CONFIG --exists --print-errors "gnutls >= 1.0.0") 2>&5
++ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"gnutls >= 2.2.0\""; } >&5
++ ($PKG_CONFIG --exists --print-errors "gnutls >= 2.2.0") 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+- pkg_cv_LIBGNUTLS_CFLAGS=`$PKG_CONFIG --cflags "gnutls >= 1.0.0" 2>/dev/null`
++ pkg_cv_LIBGNUTLS_CFLAGS=`$PKG_CONFIG --cflags "gnutls >= 2.2.0" 2>/dev/null`
+ else
+ pkg_failed=yes
+ fi
+@@ -15339,11 +15339,11 @@ if test -n "$LIBGNUTLS_LIBS"; then
+ elif test -n "$PKG_CONFIG"; then
+ if test -n "$PKG_CONFIG" && \
+ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"gnutls >= 1.0.0\""; } >&5
+- ($PKG_CONFIG --exists --print-errors "gnutls >= 1.0.0") 2>&5
++ ($PKG_CONFIG --exists --print-errors "gnutls >= 2.2.0") 2>&5
+ ac_status=$?
+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+ test $ac_status = 0; }; then
+- pkg_cv_LIBGNUTLS_LIBS=`$PKG_CONFIG --libs "gnutls >= 1.0.0" 2>/dev/null`
++ pkg_cv_LIBGNUTLS_LIBS=`$PKG_CONFIG --libs "gnutls >= 2.2.0" 2>/dev/null`
+ else
+ pkg_failed=yes
+ fi
+@@ -15363,9 +15363,9 @@ else
+ _pkg_short_errors_supported=no
+ fi
+ if test $_pkg_short_errors_supported = yes; then
+- LIBGNUTLS_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors "gnutls >= 1.0.0" 2>&1`
++ LIBGNUTLS_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors "gnutls >= 2.2.0" 2>&1`
+ else
+- LIBGNUTLS_PKG_ERRORS=`$PKG_CONFIG --print-errors "gnutls >= 1.0.0" 2>&1`
++ LIBGNUTLS_PKG_ERRORS=`$PKG_CONFIG --print-errors "gnutls >= 2.2.0" 2>&1`
+ fi
+ # Put the nasty error message in config.log where it belongs
+ echo "$LIBGNUTLS_PKG_ERRORS" >&5
@@ -16129,6 +16129,8 @@ if test "x$ac_cv_header_ifaddrs_h" = "xy
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
diff -r a9f7422fcd99 -r 56d56942da30 net/vino/patches/patch-server_libvncserver_auth.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/vino/patches/patch-server_libvncserver_auth.c Thu Sep 22 11:31:37 2016 +0000
@@ -0,0 +1,26 @@
+$NetBSD: patch-server_libvncserver_auth.c,v 1.1 2016/09/22 11:31:37 richard Exp $
+
+Do not use deprecated GnuTLS functions
+http://bugzilla.gnome.org/show_bug.cgi?id=648606
+
+--- server/libvncserver/auth.c.orig 2011-05-02 16:07:11.000000000 +0000
++++ server/libvncserver/auth.c
+@@ -64,13 +64,16 @@ rfbAuthCleanupScreen(rfbScreenInfoPtr rf
+ static rfbBool
+ rfbAuthTLSHandshake(rfbClientPtr cl)
+ {
+- static const int kx_priority[] = { GNUTLS_KX_ANON_DH, 0 };
++ /* TODO: Perform non-anonymous key exchange to prevent man-in-the-middle
++ * attacks. */
++ static const char kx_priority[] = "NORMAL:+ANON-DH";
++
+ int err;
+
+ gnutls_init(&cl->tlsSession, GNUTLS_SERVER);
+
+ gnutls_set_default_priority(cl->tlsSession);
+- gnutls_kx_set_priority(cl->tlsSession, kx_priority);
++ gnutls_priority_set_direct(cl->tlsSession, kx_priority, NULL);
+
+ gnutls_credentials_set(cl->tlsSession,
+ GNUTLS_CRD_ANON,
Home |
Main Index |
Thread Index |
Old Index