[gentoo-commits] repo/gentoo:master commit in: net-libs/libvncserver/, net-libs/libvncserver/files/

[gentoo-commits] repo/gentoo:master commit in: net-libs/libvncserver/, net-libs/libvncserver/files/

[Thomas Deutschmann]

commit:     6c329ef7d981dbb47dee4c1b45d7a98b7f60e38e
Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Fri Feb 17 09:38:32 2017 +0000
Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Fri Feb 17 09:38:32 2017 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6c329ef7

net-libs/libvncserver: Security cleanup (bug #605326)

Package-Manager: Portage-2.3.3, Repoman-2.3.1

 net-libs/libvncserver/Manifest                     |  2 -
 .../files/libvncserver-0.9.10-libva-1.0.patch      | 52 ----------------
 .../libvncserver/libvncserver-0.9.10-r3.ebuild     | 69 ---------------------
 .../libvncserver/libvncserver-0.9.10-r4.ebuild     | 72 ----------------------
 .../libvncserver-0.9.10_p20160127.ebuild           | 67 --------------------
 5 files changed, 262 deletions(-)

diff --git a/net-libs/libvncserver/Manifest b/net-libs/libvncserver/Manifest
index a0a440b054..9f3efc5747 100644
--- a/net-libs/libvncserver/Manifest
+++ b/net-libs/libvncserver/Manifest
@@ -1,3 +1 @@
-DIST LibVNCServer-0.9.10.tar.gz 1415191 SHA256 ed10819a5bfbf269969f97f075939cc38273cc1b6d28bccfb0999fba489411f7 SHA512 eb637dfb72dc50fb713a715c9d0cc8824a6871527c2edb497e70c92e2e708021fbd5d8134f2dee6a9e90d1c8fd3fee53c5f5ece790c2804e938011a980ffceae WHIRLPOOL 821234e772d15668b88bd99e72345a7b5d1a9072fd868ddd47fb47a1e4c6b3c1c2de2380622231a968bd98ac05f20a004a80dfbe43db77f8170056121207b9f4
 DIST LibVNCServer-0.9.11.tar.gz 1413739 SHA256 193d630372722a532136fd25c5326b2ca1a636cbb8bf9bb115ef869c804d2894 SHA512 e473c081b68dd3cdd96a1756b4f4945ece79d3c8e4cef62140be1699671555fc16d3080e81d764197a14ea83203ffcd0e18c3cc182e012d036e3faae943003fb WHIRLPOOL 98a24e533a0b8065d1f3c52672b601750f26a89e29cee8e3b253cc15219d0249befd1aa2735f06351d7911777ff7dc3ce39dc903f7046f39a0abf0af277dff11
-DIST libvncserver-0.9.10_p20160127.tar.gz 1407878 SHA256 cac045bc068e567e9639624e66fb0db18205d93c12845366e16b8351b70ebd2e SHA512 3e8079d814c624e7c8f6f4dd91dfdf05e035ec489fc87a797a4a08b4f8998156b420b941b94c48f6b5f783f1a962f802e83d4bbdefc1f4093837331c8247676d WHIRLPOOL 4884303a7071c450f06b93b2b483903d45f871c0d6e1dd55f2a1c141feb3eca97d9fbcd32e8f02bf6413beb6a11e70f53b498f15172bb2f04be1796045095331

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.10-libva-1.0.patch b/net-libs/libvncserver/files/libvncserver-0.9.10-libva-1.0.patch
deleted file mode 100644
index 2e6939e886..0000000000
--- a/net-libs/libvncserver/files/libvncserver-0.9.10-libva-1.0.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-commit 7b6243157f042a7bde353abc6fb22aadad6d9e2d
-Author: Floris Bos <bos@je-eigen-domein.nl>
-Date:   2014-12-29 00:02:33 +0100
-
-    Fix libva related compile errors
-    
-    - Make h264.c compile with recent libva version by including va_compat.h
-    - Only enable libva if libva-x11 is installed
-    - Modified configure help text
-      Previous help text suggested libva was only build when --with-libva
-      was specified, while actual behavior is to build it by default.
-    
-    Warning: THIS CODE IS UNTESTED. Lacking a h.264 capable VNC server
-    Also no attempt is made to support platforms not using X11
-    
-    Signed-off-by: Floris Bos <bos@je-eigen-domein.nl>
-
-diff --git a/configure.ac b/configure.ac
-index ca9f3b3..fe8b1de 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -150,12 +150,11 @@ AM_CONDITIONAL(HAVE_LIBSSL, test ! -z "$SSL_LIBS")
- 
- 
- # See if we want libva support
--# TODO: check if library actually exists
- AH_TEMPLATE(CONFIG_LIBVA, [Build libva support])
- AC_ARG_WITH(libva,
--[  --with-libva                   build libva support],,)
-+[  --without-libva         disable support for libva],,)
- if test "x$with_libva" != "xno"; then
--    AC_CHECK_LIB(va, vaInitialize,
-+    AC_CHECK_LIB(va-x11, vaGetDisplay,
-         VA_LIBS="-lva -lva-x11"
-         [AC_DEFINE(CONFIG_LIBVA) CONFIG_LIBVA="true"], ,)
- fi
-diff --git a/libvncclient/h264.c b/libvncclient/h264.c
-index 1d94454..c63a713 100644
---- a/libvncclient/h264.c
-+++ b/libvncclient/h264.c
-@@ -20,6 +20,10 @@
- #ifdef LIBVNCSERVER_CONFIG_LIBVA
- 
- #include <X11/Xlib.h>
-+#include <va/va_version.h>
-+#if VA_CHECK_VERSION(0,34,0)
-+#include <va/va_compat.h>
-+#endif
- #include <va/va_x11.h>
- 
- enum _slice_types {
-

diff --git a/net-libs/libvncserver/libvncserver-0.9.10-r3.ebuild b/net-libs/libvncserver/libvncserver-0.9.10-r3.ebuild
deleted file mode 100644
index 298b3dff2e..0000000000
--- a/net-libs/libvncserver/libvncserver-0.9.10-r3.ebuild
+++ /dev/null
@@ -1,69 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI="5"
-
-inherit autotools multilib-minimal
-
-DESCRIPTION="library for creating vnc servers"
-HOMEPAGE="http://libvncserver.sourceforge.net/"
-SRC_URI="https://github.com/LibVNC/libvncserver/archive/LibVNCServer-${PV}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux"
-IUSE="+24bpp gcrypt gnutls ipv6 +jpeg +png ssl static-libs test threads +zlib"
-REQUIRED_USE="!gnutls? ( ssl? ( threads ) )"
-
-DEPEND="
-	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] )
-	gnutls? (
-		>=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}]
-		>=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}]
-	)
-	!gnutls? (
-		ssl? ( >=dev-libs/openssl-1.0.1h-r2[${MULTILIB_USEDEP}] )
-	)
-	jpeg? ( >=virtual/jpeg-0-r2:0[${MULTILIB_USEDEP}] )
-	png? ( >=media-libs/libpng-1.6.10:0[${MULTILIB_USEDEP}] )
-	zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] )"
-RDEPEND="${DEPEND}"
-
-S="${WORKDIR}"/${PN}-LibVNCServer-${PV}
-
-DOCS=( AUTHORS ChangeLog NEWS README TODO )
-
-src_prepare() {
-	# https://github.com/LibVNC/libvncserver/issues/11
-	epatch "${FILESDIR}/${P}-libva-1.0.patch"
-
-	sed -i -r \
-		-e "/^SUBDIRS/s:\<$(usex test '' 'test|')client_examples|examples\>::g" \
-		Makefile.am || die
-
-	eautoreconf
-}
-
-multilib_src_configure() {
-	# bug 548012: disable vaapi per upstream
-	ECONF_SOURCE=${S} \
-	econf \
-		--disable-silent-rules \
-		--without-libva \
-		$(use_enable static-libs static) \
-		$(use_with 24bpp) \
-		$(use_with gnutls) \
-		$(usex gnutls --with-gcrypt $(use_with gcrypt)) \
-		$(usex gnutls --without-ssl $(use_with ssl)) \
-		$(use_with ipv6) \
-		$(use_with jpeg) \
-		$(use_with png) \
-		$(use_with threads pthread) \
-		$(use_with zlib)
-}
-
-multilib_src_install_all() {
-	einstalldocs
-	prune_libtool_files
-}

diff --git a/net-libs/libvncserver/libvncserver-0.9.10-r4.ebuild b/net-libs/libvncserver/libvncserver-0.9.10-r4.ebuild
deleted file mode 100644
index c5903de34a..0000000000
--- a/net-libs/libvncserver/libvncserver-0.9.10-r4.ebuild
+++ /dev/null
@@ -1,72 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI="5"
-
-inherit autotools multilib-minimal
-
-DESCRIPTION="library for creating vnc servers"
-HOMEPAGE="http://libvncserver.sourceforge.net/"
-SRC_URI="https://github.com/LibVNC/libvncserver/archive/LibVNCServer-${PV}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux"
-IUSE="+24bpp gcrypt gnutls ipv6 +jpeg libressl +png ssl static-libs test threads +zlib"
-REQUIRED_USE="!gnutls? ( ssl? ( threads ) )"
-
-DEPEND="
-	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] )
-	gnutls? (
-		>=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}]
-		>=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}]
-	)
-	!gnutls? (
-		ssl? (
-			!libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] )
-			libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] )
-		)
-	)
-	jpeg? ( >=virtual/jpeg-0-r2:0[${MULTILIB_USEDEP}] )
-	png? ( >=media-libs/libpng-1.6.10:0[${MULTILIB_USEDEP}] )
-	zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] )"
-RDEPEND="${DEPEND}"
-
-S="${WORKDIR}"/${PN}-LibVNCServer-${PV}
-
-DOCS=( AUTHORS ChangeLog NEWS README TODO )
-
-src_prepare() {
-	# https://github.com/LibVNC/libvncserver/issues/11
-	epatch "${FILESDIR}/${P}-libva-1.0.patch"
-
-	sed -i -r \
-		-e "/^SUBDIRS/s:\<$(usex test '' 'test|')client_examples|examples\>::g" \
-		Makefile.am || die
-
-	eautoreconf
-}
-
-multilib_src_configure() {
-	# bug 548012: disable vaapi per upstream
-	ECONF_SOURCE=${S} \
-	econf \
-		--disable-silent-rules \
-		--without-libva \
-		$(use_enable static-libs static) \
-		$(use_with 24bpp) \
-		$(use_with gnutls) \
-		$(usex gnutls --with-gcrypt $(use_with gcrypt)) \
-		$(usex gnutls --without-ssl $(use_with ssl)) \
-		$(use_with ipv6) \
-		$(use_with jpeg) \
-		$(use_with png) \
-		$(use_with threads pthread) \
-		$(use_with zlib)
-}
-
-multilib_src_install_all() {
-	einstalldocs
-	prune_libtool_files
-}

diff --git a/net-libs/libvncserver/libvncserver-0.9.10_p20160127.ebuild b/net-libs/libvncserver/libvncserver-0.9.10_p20160127.ebuild
deleted file mode 100644
index 8d83469a33..0000000000
--- a/net-libs/libvncserver/libvncserver-0.9.10_p20160127.ebuild
+++ /dev/null
@@ -1,67 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=6
-
-inherit autotools eutils multilib-minimal vcs-snapshot
-
-DESCRIPTION="library for creating vnc servers"
-HOMEPAGE="http://libvncserver.sourceforge.net/"
-SRC_URI="https://github.com/LibVNC/${PN}/archive/5b322f523faa437d8e7d03736bdb1714e8f84ce5.tar.gz -> ${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~arm-linux ~x86-linux"
-IUSE="+24bpp gcrypt gnutls ipv6 +jpeg libressl +png ssl static-libs test threads +zlib"
-REQUIRED_USE="!gnutls? ( ssl? ( threads ) )"
-
-DEPEND="
-	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}] )
-	gnutls? (
-		>=net-libs/gnutls-2.12.23-r6[${MULTILIB_USEDEP}]
-		>=dev-libs/libgcrypt-1.5.3:0[${MULTILIB_USEDEP}]
-	)
-	!gnutls? (
-		ssl? (
-			!libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] )
-			libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] )
-		)
-	)
-	jpeg? ( >=virtual/jpeg-0-r2:0[${MULTILIB_USEDEP}] )
-	png? ( >=media-libs/libpng-1.6.10:0[${MULTILIB_USEDEP}] )
-	zlib? ( >=sys-libs/zlib-1.2.8-r1[${MULTILIB_USEDEP}] )"
-RDEPEND="${DEPEND}"
-
-DOCS=( AUTHORS ChangeLog NEWS README TODO )
-
-src_prepare() {
-	default
-
-	sed -i -r \
-		-e "/^SUBDIRS/s:\<$(usex test '' 'test|')client_examples|examples\>::g" \
-		Makefile.am || die
-
-	eautoreconf
-}
-
-multilib_src_configure() {
-	ECONF_SOURCE=${S} \
-	econf \
-		--disable-silent-rules \
-		$(use_enable static-libs static) \
-		$(use_with 24bpp) \
-		$(use_with gnutls) \
-		$(usex gnutls --with-gcrypt $(use_with gcrypt)) \
-		$(usex gnutls --without-ssl $(use_with ssl)) \
-		$(use_with ipv6) \
-		$(use_with jpeg) \
-		$(use_with png) \
-		$(use_with threads pthread) \
-		$(use_with zlib)
-}
-
-multilib_src_install_all() {
-	einstalldocs
-	prune_libtool_files
-}

[gentoo-commits] repo/gentoo:master commit in: net-libs/libvncserver/, net-libs/libvncserver/files/

[Michał Górny]

commit:     8ffb9961657028bdacc37362aeb7aa1ac877cc15
Author:     Alexander Tsoy <alexander <AT> tsoy <DOT> me>
AuthorDate: Thu Jun 20 22:36:01 2019 +0000
Commit:     Michał Górny <mgorny <AT> gentoo <DOT> org>
CommitDate: Sat Jul  6 07:02:54 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8ffb9961

net-libs/libvncserver: reorganize ssl/crypto deps

* no longer depend on libgcrypt when gnutls USE-flag is enabled
* put gnutls dependency behind ssl USE-flag

openssl/libressl also provides crypto (if gcrypt is not enabled), but
lets leave them behind ssl USE-flag anyway.

Package-Manager: Portage-2.3.66, Repoman-2.3.11
Signed-off-by: Alexander Tsoy <alexander <AT> tsoy.me>
Signed-off-by: Michał Górny <mgorny <AT> gentoo.org>

 .../files/libvncserver-0.9.12-libgcrypt.patch      | 40 ++++++++++++++++++++++
 .../libvncserver/libvncserver-0.9.12-r1.ebuild     | 16 ++++-----
 2 files changed, 47 insertions(+), 9 deletions(-)

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-libgcrypt.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-libgcrypt.patch
new file mode 100644
index 00000000000..a0313562ff1
--- /dev/null
+++ b/net-libs/libvncserver/files/libvncserver-0.9.12-libgcrypt.patch
@@ -0,0 +1,40 @@
+From 57be637006a95091119f7a49b4232e461116520f Mon Sep 17 00:00:00 2001
+From: Alexander Tsoy <alexander@tsoy.me>
+Date: Sat, 25 May 2019 02:02:47 +0300
+Subject: [PATCH] crypto: rfbcrypto_gnutls is actually libgcrypt-based
+
+Long time ago gnutls used libgcrypt as a cryptographic backend. Perhaps
+that was what caused the confusion.
+---
+ CMakeLists.txt                                       | 9 ++++-----
+ common/{rfbcrypto_gnutls.c => rfbcrypto_libgcrypt.c} | 0
+ 2 files changed, 4 insertions(+), 5 deletions(-)
+ rename common/{rfbcrypto_gnutls.c => rfbcrypto_libgcrypt.c} (100%)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index b9ca4ba..0d3b4dc 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -226,11 +226,10 @@ if(SYSTEMD_FOUND)
+ endif(SYSTEMD_FOUND)
+ 
+ if(LIBVNCSERVER_HAVE_SYS_UIO_H)
+-  if(GNUTLS_FOUND)
+-    message(STATUS "Building crypto with GnuTLS")
+-    set(CRYPTO_LIBRARIES ${GNUTLS_LIBRARIES})
+-    set(CRYPTO_SOURCES ${COMMON_DIR}/rfbcrypto_gnutls)
+-    include_directories(${GNUTLS_INCLUDE_DIR})
++  if(WITH_GCRYPT AND LIBGCRYPT_LIBRARIES)
++    message(STATUS "Building crypto with Libgcrypt")
++    set(CRYPTO_LIBRARIES ${LIBGCRYPT_LIBRARIES})
++    set(CRYPTO_SOURCES ${COMMON_DIR}/rfbcrypto_libgcrypt)
+   elseif(OPENSSL_FOUND)
+     message(STATUS "Building crypto with OpenSSL")
+     set(CRYPTO_LIBRARIES ${OPENSSL_LIBRARIES})
+diff --git a/common/rfbcrypto_gnutls.c b/common/rfbcrypto_libgcrypt.c
+similarity index 100%
+rename from common/rfbcrypto_gnutls.c
+rename to common/rfbcrypto_libgcrypt.c
+-- 
+2.21.0
+

diff --git a/net-libs/libvncserver/libvncserver-0.9.12-r1.ebuild b/net-libs/libvncserver/libvncserver-0.9.12-r1.ebuild
index c8c0be485e3..8f97ef15b98 100644
--- a/net-libs/libvncserver/libvncserver-0.9.12-r1.ebuild
+++ b/net-libs/libvncserver/libvncserver-0.9.12-r1.ebuild
@@ -17,19 +17,16 @@ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~spa
 IUSE="+24bpp gcrypt gnutls ipv6 +jpeg libressl lzo +png sasl ssl systemd +threads +zlib"
 # https://bugs.gentoo.org/435326
 # https://bugs.gentoo.org/550916
-REQUIRED_USE="!gnutls? ( ssl? ( threads ) ) png? ( zlib )"
+REQUIRED_USE="ssl? ( !gnutls? ( threads ) ) png? ( zlib )"
 
 DEPEND="
 	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:0= )
-	gnutls? (
-		>=net-libs/gnutls-2.12.23-r6:0=
-		>=dev-libs/libgcrypt-1.5.3:0=
-	)
-	!gnutls? (
-		ssl? (
+	ssl? (
+		!gnutls? (
 			!libressl? ( >=dev-libs/openssl-1.0.2:0= )
 			libressl? ( >=dev-libs/libressl-2.7.0:0= )
 		)
+		gnutls? ( >=net-libs/gnutls-2.12.23-r6:0= )
 	)
 	jpeg? ( >=virtual/jpeg-0-r2:0 )
 	lzo? ( dev-libs/lzo )
@@ -45,6 +42,7 @@ DOCS=( AUTHORS ChangeLog NEWS README.md TODO )
 
 PATCHES=(
 	"${FILESDIR}"/${P}-cmake-libdir.patch
+	"${FILESDIR}"/${P}-libgcrypt.patch
 )
 
 src_configure() {
@@ -54,9 +52,9 @@ src_configure() {
 		-DWITH_JPEG=$(usex jpeg ON OFF)
 		-DWITH_PNG=$(usex png ON OFF)
 		-DWITH_THREADS=$(usex threads ON OFF)
-		-DWITH_GNUTLS=$(usex gnutls ON OFF)
+		-DWITH_GNUTLS=$(usex gnutls $(usex ssl ON OFF) OFF)
 		-DWITH_OPENSSL=$(usex gnutls OFF $(usex ssl ON OFF))
-		-DWITH_GCRYPT=$(usex gnutls ON $(usex gcrypt ON OFF))
+		-DWITH_GCRYPT=$(usex gcrypt ON OFF)
 		-DWITH_SYSTEMD=$(usex systemd ON OFF)
 		-DWITH_FFMPEG=OFF
 		-DWITH_24BPP=$(usex 24bpp ON OFF)

[gentoo-commits] repo/gentoo:master commit in: net-libs/libvncserver/, net-libs/libvncserver/files/

[Andreas Sturmlechner]

commit:     594b7ead9c34a3970c3e37f252a24869452fbf8f
Author:     Rolf Eike Beer <eike <AT> sf-mail <DOT> de>
AuthorDate: Sun Jun 30 14:01:53 2019 +0000
Commit:     Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
CommitDate: Tue Jul 16 17:16:22 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=594b7ead

net-libs/libvncserver: add fix for unaligned access crash

Signed-off-by: Rolf Eike Beer <eike <AT> sf-mail.de>
Package-Manager: Portage-2.3.66, Repoman-2.3.11
Closes: https://bugs.gentoo.org/686914
Closes: https://github.com/gentoo/gentoo/pull/12359
Closes: https://github.com/gentoo/gentoo/pull/12359
Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org>

 .../libvncserver-0.9.12-sparc-unaligned.patch      | 40 +++++++++++++
 .../libvncserver/libvncserver-0.9.12-r2.ebuild     | 68 ++++++++++++++++++++++
 2 files changed, 108 insertions(+)

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-sparc-unaligned.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-sparc-unaligned.patch
new file mode 100644
index 00000000000..dce787f1295
--- /dev/null
+++ b/net-libs/libvncserver/files/libvncserver-0.9.12-sparc-unaligned.patch
@@ -0,0 +1,40 @@
+From 0cf1400c61850065de590d403f6d49e32882fd76 Mon Sep 17 00:00:00 2001
+From: Rolf Eike Beer <eike@sf-mail.de>
+Date: Tue, 28 May 2019 18:30:46 +0200
+Subject: [PATCH] fix crash because of unaligned accesses in
+ hybiReadAndDecode()
+
+---
+ libvncserver/ws_decode.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/libvncserver/ws_decode.c b/libvncserver/ws_decode.c
+index 441ebc7..10c44d1 100644
+--- a/libvncserver/ws_decode.c
++++ b/libvncserver/ws_decode.c
+@@ -327,7 +327,6 @@ hybiReadAndDecode(ws_ctx_t *wsctx, char *dst, int len, int *sockRet, int nInBuf)
+   int bufsize;
+   int nextRead;
+   unsigned char *data;
+-  uint32_t *data32;
+ 
+   /* if data was carried over, copy to start of buffer */
+   memcpy(wsctx->writePos, wsctx->carryBuf, wsctx->carrylen);
+@@ -383,10 +382,12 @@ hybiReadAndDecode(ws_ctx_t *wsctx, char *dst, int len, int *sockRet, int nInBuf)
+   /* for a possible base64 decoding, we decode multiples of 4 bytes until
+    * the whole frame is received and carry over any remaining bytes in the carry buf*/
+   data = (unsigned char *)(wsctx->writePos - toDecode);
+-  data32= (uint32_t *)data;
+ 
+   for (i = 0; i < (toDecode >> 2); i++) {
+-    data32[i] ^= wsctx->header.mask.u;
++    uint32_t tmp;
++    memcpy(&tmp, data + i * sizeof(tmp), sizeof(tmp));
++    tmp ^= wsctx->header.mask.u;
++    memcpy(data + i * sizeof(tmp), &tmp, sizeof(tmp));
+   }
+   ws_dbg("mask decoding; i=%d toDecode=%d\n", i, toDecode);
+ 
+-- 
+2.16.4
+

diff --git a/net-libs/libvncserver/libvncserver-0.9.12-r2.ebuild b/net-libs/libvncserver/libvncserver-0.9.12-r2.ebuild
new file mode 100644
index 00000000000..9b76cd57135
--- /dev/null
+++ b/net-libs/libvncserver/libvncserver-0.9.12-r2.ebuild
@@ -0,0 +1,68 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit cmake-utils
+
+MY_P="LibVNCServer-${PV}"
+DESCRIPTION="library for creating vnc servers"
+HOMEPAGE="https://libvnc.github.io/"
+SRC_URI="https://github.com/LibVNC/${PN}/archive/${MY_P}.tar.gz"
+
+# libvncserver/tightvnc-filetransfer/*: GPL-2, but we don't build it
+# common/d3des.*: https://github.com/LibVNC/libvncserver/issues/88
+LICENSE="GPL-2+ LGPL-2.1+ BSD MIT"
+# no sub slot wanted (yet), see #578958
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux"
+IUSE="+24bpp gcrypt gnutls ipv6 +jpeg libressl lzo +png sasl ssl systemd +threads +zlib"
+# https://bugs.gentoo.org/435326
+# https://bugs.gentoo.org/550916
+REQUIRED_USE="ssl? ( !gnutls? ( threads ) ) png? ( zlib )"
+
+DEPEND="
+	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:0= )
+	ssl? (
+		!gnutls? (
+			!libressl? ( >=dev-libs/openssl-1.0.2:0= )
+			libressl? ( >=dev-libs/libressl-2.7.0:0= )
+		)
+		gnutls? ( >=net-libs/gnutls-2.12.23-r6:0= )
+	)
+	jpeg? ( >=virtual/jpeg-0-r2:0 )
+	lzo? ( dev-libs/lzo )
+	png? ( >=media-libs/libpng-1.6.10:0= )
+	sasl? ( dev-libs/cyrus-sasl )
+	systemd? ( sys-apps/systemd:= )
+	zlib? ( >=sys-libs/zlib-1.2.8-r1:0= )"
+RDEPEND="${DEPEND}"
+
+S="${WORKDIR}/${PN}-${MY_P}"
+
+DOCS=( AUTHORS ChangeLog NEWS README.md TODO )
+
+PATCHES=(
+	"${FILESDIR}"/${P}-cmake-libdir.patch
+	"${FILESDIR}"/${P}-libgcrypt.patch
+	"${FILESDIR}"/${P}-sparc-unaligned.patch
+)
+
+src_configure() {
+	local mycmakeargs=(
+		-DWITH_ZLIB=$(usex zlib ON OFF)
+		-DWITH_LZO=$(usex lzo ON OFF)
+		-DWITH_JPEG=$(usex jpeg ON OFF)
+		-DWITH_PNG=$(usex png ON OFF)
+		-DWITH_THREADS=$(usex threads ON OFF)
+		-DWITH_GNUTLS=$(usex gnutls $(usex ssl ON OFF) OFF)
+		-DWITH_OPENSSL=$(usex gnutls OFF $(usex ssl ON OFF))
+		-DWITH_GCRYPT=$(usex gcrypt ON OFF)
+		-DWITH_SYSTEMD=$(usex systemd ON OFF)
+		-DWITH_FFMPEG=OFF
+		-DWITH_24BPP=$(usex 24bpp ON OFF)
+		-DWITH_IPv6=$(usex ipv6 ON OFF)
+		-DWITH_SASL=$(usex sasl ON OFF)
+	)
+	cmake-utils_src_configure
+}

[gentoo-commits] repo/gentoo:master commit in: net-libs/libvncserver/, net-libs/libvncserver/files/

[Joonas Niilola]

commit:     5ae4ada68cdf7aa131d7a50c9305b55ba14fcd43
Author:     Alexander Tsoy <alexander <AT> tsoy <DOT> me>
AuthorDate: Thu Oct 31 18:41:58 2019 +0000
Commit:     Joonas Niilola <juippis <AT> gentoo <DOT> org>
CommitDate: Fri Nov  1 14:10:59 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5ae4ada6

net-libs/libvncserver: Add a bunch of upstream fixes

* fix CVE-2018-20750 (the fix for CVE-2018-15127 was incomplete)
* fix CVE-2019-15681
* fix libdir in pkgconfig files
* fix regression in Tight/Raw decoding

Bug: https://bugs.gentoo.org/699036
Closes: https://bugs.gentoo.org/676942
Closes: https://bugs.gentoo.org/691848
Package-Manager: Portage-2.3.76, Repoman-2.3.16
Signed-off-by: Alexander Tsoy <alexander <AT> tsoy.me>
Closes: https://github.com/gentoo/gentoo/pull/13509
Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org>

 .../files/libvncserver-0.9.12-CVE-2018-20750.patch | 47 ++++++++++++++
 .../files/libvncserver-0.9.12-CVE-2019-15681.patch | 26 ++++++++
 .../files/libvncserver-0.9.12-cmake-libdir.patch   | 32 ++++++++--
 ...ibvncserver-0.9.12-fix-tight-raw-decoding.patch | 40 ++++++++++++
 .../libvncserver-0.9.12-pkgconfig-libdir.patch     | 41 ++++++++++++
 .../libvncserver/libvncserver-0.9.12-r3.ebuild     | 73 ++++++++++++++++++++++
 6 files changed, 255 insertions(+), 4 deletions(-)

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2018-20750.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2018-20750.patch
new file mode 100644
index 00000000000..55f122d1258
--- /dev/null
+++ b/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2018-20750.patch
@@ -0,0 +1,47 @@
+From 09e8fc02f59f16e2583b34fe1a270c238bd9ffec Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
+Date: Mon, 7 Jan 2019 10:40:01 +0100
+Subject: [PATCH 01/51] Limit lenght to INT_MAX bytes in
+ rfbProcessFileTransferReadBuffer()
+
+This ammends 15bb719c03cc70f14c36a843dcb16ed69b405707 fix for a heap
+out-of-bound write access in rfbProcessFileTransferReadBuffer() when
+reading a transfered file content in a server. The former fix did not
+work on platforms with a 32-bit int type (expected by rfbReadExact()).
+
+CVE-2018-15127
+<https://github.com/LibVNC/libvncserver/issues/243>
+<https://github.com/LibVNC/libvncserver/issues/273>
+---
+ libvncserver/rfbserver.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
+index 7af8490..f2edbee 100644
+--- a/libvncserver/rfbserver.c
++++ b/libvncserver/rfbserver.c
+@@ -88,6 +88,8 @@
+ #include <errno.h>
+ /* strftime() */
+ #include <time.h>
++/* INT_MAX */
++#include <limits.h>
+ 
+ #ifdef LIBVNCSERVER_WITH_WEBSOCKETS
+ #include "rfbssl.h"
+@@ -1472,8 +1474,11 @@ char *rfbProcessFileTransferReadBuffer(rfbClientPtr cl, uint32_t length)
+        0XFFFFFFFF, i.e. SIZE_MAX for 32-bit systems. On 64-bit systems, a length of 0XFFFFFFFF
+        will safely be allocated since this check will never trigger and malloc() can digest length+1
+        without problems as length is a uint32_t.
++       We also later pass length to rfbReadExact() that expects a signed int type and
++       that might wrap on platforms with a 32-bit int type if length is bigger
++       than 0X7FFFFFFF.
+     */
+-    if(length == SIZE_MAX) {
++    if(length == SIZE_MAX || length > INT_MAX) {
+ 	rfbErr("rfbProcessFileTransferReadBuffer: too big file transfer length requested: %u", (unsigned int)length);
+ 	rfbCloseClient(cl);
+ 	return NULL;
+-- 
+2.23.0
+

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15681.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15681.patch
new file mode 100644
index 00000000000..301d1340d14
--- /dev/null
+++ b/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15681.patch
@@ -0,0 +1,26 @@
+From d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a Mon Sep 17 00:00:00 2001
+From: Christian Beier <dontmind@freeshell.org>
+Date: Mon, 19 Aug 2019 22:32:25 +0200
+Subject: [PATCH 48/51] rfbserver: don't leak stack memory to the remote
+
+Thanks go to Pavel Cheremushkin of Kaspersky for reporting.
+---
+ libvncserver/rfbserver.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
+index 3bacc89..310e548 100644
+--- a/libvncserver/rfbserver.c
++++ b/libvncserver/rfbserver.c
+@@ -3724,6 +3724,8 @@ rfbSendServerCutText(rfbScreenInfoPtr rfbScreen,char *str, int len)
+     rfbServerCutTextMsg sct;
+     rfbClientIteratorPtr iterator;
+ 
++    memset((char *)&sct, 0, sizeof(sct));
++
+     iterator = rfbGetClientIterator(rfbScreen);
+     while ((cl = rfbClientIteratorNext(iterator)) != NULL) {
+         sct.type = rfbServerCutText;
+-- 
+2.23.0
+

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-cmake-libdir.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-cmake-libdir.patch
index 35ee26dc7b0..cc6e4bdc909 100644
--- a/net-libs/libvncserver/files/libvncserver-0.9.12-cmake-libdir.patch
+++ b/net-libs/libvncserver/files/libvncserver-0.9.12-cmake-libdir.patch
@@ -1,6 +1,27 @@
---- libvncserver-LibVNCServer-0.9.12/CMakeLists.txt
-+++ libvncserver-LibVNCServer-0.9.12/CMakeLists.txt
-@@ -666,8 +666,8 @@
+From 3348a7e42e86dfb98dd7458ad29def476cf6096f Mon Sep 17 00:00:00 2001
+From: Christian Beier <dontmind@freeshell.org>
+Date: Sat, 9 Feb 2019 13:23:26 +0100
+Subject: [PATCH 02/51] CMake: replace hardcoded 'lib' with
+ ${CMAKE_INSTALL_LIBDIR}
+
+Closes #281
+---
+ CMakeLists.txt | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 873cc7b..55f7e65 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -9,6 +9,7 @@ include(CheckTypeSize)
+ include(TestBigEndian)
+ include(CheckCSourceCompiles)
+ include(CheckCSourceRuns)
++include(GNUInstallDirs)
+ 
+ enable_testing()
+ 
+@@ -666,8 +667,8 @@ get_link_libraries(PRIVATE_LIBS vncclient)
  configure_file(${CMAKE_CURRENT_SOURCE_DIR}/libvncclient.pc.cmakein ${CMAKE_CURRENT_BINARY_DIR}/libvncclient.pc @ONLY)
  
  
@@ -11,7 +32,7 @@
  install_files(/include/rfb FILES
      rfb/keysym.h
      rfb/rfb.h
-@@ -677,7 +677,7 @@
+@@ -677,7 +678,7 @@ install_files(/include/rfb FILES
      rfb/rfbregion.h
  )
  
@@ -20,3 +41,6 @@
      libvncserver.pc
      libvncclient.pc
  )
+-- 
+2.23.0
+

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-fix-tight-raw-decoding.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-fix-tight-raw-decoding.patch
new file mode 100644
index 00000000000..e862d634346
--- /dev/null
+++ b/net-libs/libvncserver/files/libvncserver-0.9.12-fix-tight-raw-decoding.patch
@@ -0,0 +1,40 @@
+From 6b87d6154200667a66212f80068f7468eaa0f048 Mon Sep 17 00:00:00 2001
+From: DRC <information@virtualgl.org>
+Date: Sat, 28 Sep 2019 14:54:30 -0500
+Subject: [PATCH 50/51] LibVNCClient: Fix regression in Tight/Raw decoding
+
+Introduced by d7b1462 in LibVNCServer 0.9.12.  This regression caused
+the pixels in some RFB rectangles to become corrupted/garbled when the
+Tight encoding was used, without the JPEG subencoding, with a 15-bit or
+16-bit color depth.
+
+Fixes #335
+Fixes https://gitlab.com/Remmina/Remmina/issues/1824
+---
+ libvncclient/tight.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/libvncclient/tight.c b/libvncclient/tight.c
+index df01812..0586f47 100644
+--- a/libvncclient/tight.c
++++ b/libvncclient/tight.c
+@@ -1,5 +1,5 @@
+ /*
+- *  Copyright (C) 2017 D. R. Commander.  All Rights Reserved.
++ *  Copyright (C) 2017, 2019 D. R. Commander.  All Rights Reserved.
+  *  Copyright (C) 2004-2008 Sun Microsystems, Inc.  All Rights Reserved.
+  *  Copyright (C) 2004 Landmark Graphics Corporation.  All Rights Reserved.
+  *  Copyright (C) 2000, 2001 Const Kaplinsky.  All Rights Reserved.
+@@ -360,7 +360,8 @@ FilterCopyBPP (rfbClient* client, int srcx, int srcy, int numRows)
+ #endif
+ 
+   for (y = 0; y < numRows; y++)
+-    memcpy (&dst[y*client->width], &client->buffer[y*client->rectWidth],
++    memcpy (&dst[y*client->width],
++            &client->buffer[y * client->rectWidth * (BPP / 8)],
+             client->rectWidth * (BPP / 8));
+ }
+ 
+-- 
+2.23.0
+

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-pkgconfig-libdir.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-pkgconfig-libdir.patch
new file mode 100644
index 00000000000..6a50ac89206
--- /dev/null
+++ b/net-libs/libvncserver/files/libvncserver-0.9.12-pkgconfig-libdir.patch
@@ -0,0 +1,41 @@
+From 36a71279ed5b10effecd879caf6c3791842ca713 Mon Sep 17 00:00:00 2001
+From: Christian Beier <dontmind@freeshell.org>
+Date: Thu, 28 Mar 2019 21:06:36 +0100
+Subject: [PATCH 03/51] CMake: replace 'lib' with ${CMAKE_INSTALL_LIBDIR} for
+ pkgconfig files as well
+
+Thanks to https://github.com/ikelos for spotting this ;-)
+
+Closes #290
+---
+ libvncclient.pc.cmakein | 2 +-
+ libvncserver.pc.cmakein | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/libvncclient.pc.cmakein b/libvncclient.pc.cmakein
+index 169a8b7..445f7e7 100644
+--- a/libvncclient.pc.cmakein
++++ b/libvncclient.pc.cmakein
+@@ -1,6 +1,6 @@
+ prefix=@CMAKE_INSTALL_PREFIX@
+ exec_prefix=@CMAKE_INSTALL_PREFIX@
+-libdir=@CMAKE_INSTALL_PREFIX@/lib
++libdir=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@
+ includedir=@CMAKE_INSTALL_PREFIX@/include
+ 
+ Name: LibVNCClient
+diff --git a/libvncserver.pc.cmakein b/libvncserver.pc.cmakein
+index f38d74f..c689806 100644
+--- a/libvncserver.pc.cmakein
++++ b/libvncserver.pc.cmakein
+@@ -1,6 +1,6 @@
+ prefix=@CMAKE_INSTALL_PREFIX@
+ exec_prefix=@CMAKE_INSTALL_PREFIX@
+-libdir=@CMAKE_INSTALL_PREFIX@/lib
++libdir=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@
+ includedir=@CMAKE_INSTALL_PREFIX@/include
+ 
+ Name: LibVNCServer
+-- 
+2.23.0
+

diff --git a/net-libs/libvncserver/libvncserver-0.9.12-r3.ebuild b/net-libs/libvncserver/libvncserver-0.9.12-r3.ebuild
new file mode 100644
index 00000000000..e21ed47bcc3
--- /dev/null
+++ b/net-libs/libvncserver/libvncserver-0.9.12-r3.ebuild
@@ -0,0 +1,73 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit cmake-utils
+
+MY_P="LibVNCServer-${PV}"
+DESCRIPTION="library for creating vnc servers"
+HOMEPAGE="https://libvnc.github.io/"
+SRC_URI="https://github.com/LibVNC/${PN}/archive/${MY_P}.tar.gz"
+
+# libvncserver/tightvnc-filetransfer/*: GPL-2, but we don't build it
+# common/d3des.*: https://github.com/LibVNC/libvncserver/issues/88
+LICENSE="GPL-2+ LGPL-2.1+ BSD MIT"
+# no sub slot wanted (yet), see #578958
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~x86-linux"
+IUSE="+24bpp gcrypt gnutls ipv6 +jpeg libressl lzo +png sasl ssl systemd +threads +zlib"
+# https://bugs.gentoo.org/690202
+# https://bugs.gentoo.org/435326
+# https://bugs.gentoo.org/550916
+REQUIRED_USE="jpeg? ( zlib ) png? ( zlib ) ssl? ( !gnutls? ( threads ) )"
+
+DEPEND="
+	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:0= )
+	ssl? (
+		!gnutls? (
+			!libressl? ( >=dev-libs/openssl-1.0.2:0= )
+			libressl? ( >=dev-libs/libressl-2.7.0:0= )
+		)
+		gnutls? ( >=net-libs/gnutls-2.12.23-r6:0= )
+	)
+	jpeg? ( >=virtual/jpeg-0-r2:0 )
+	lzo? ( dev-libs/lzo )
+	png? ( >=media-libs/libpng-1.6.10:0= )
+	sasl? ( dev-libs/cyrus-sasl )
+	systemd? ( sys-apps/systemd:= )
+	zlib? ( >=sys-libs/zlib-1.2.8-r1:0= )"
+RDEPEND="${DEPEND}"
+
+S="${WORKDIR}/${PN}-${MY_P}"
+
+DOCS=( AUTHORS ChangeLog NEWS README.md TODO )
+
+PATCHES=(
+	"${FILESDIR}"/${P}-cmake-libdir.patch
+	"${FILESDIR}"/${P}-pkgconfig-libdir.patch
+	"${FILESDIR}"/${P}-libgcrypt.patch
+	"${FILESDIR}"/${P}-sparc-unaligned.patch
+	"${FILESDIR}"/${P}-CVE-2018-20750.patch
+	"${FILESDIR}"/${P}-CVE-2019-15681.patch
+	"${FILESDIR}"/${P}-fix-tight-raw-decoding.patch
+)
+
+src_configure() {
+	local mycmakeargs=(
+		-DWITH_ZLIB=$(usex zlib ON OFF)
+		-DWITH_LZO=$(usex lzo ON OFF)
+		-DWITH_JPEG=$(usex jpeg ON OFF)
+		-DWITH_PNG=$(usex png ON OFF)
+		-DWITH_THREADS=$(usex threads ON OFF)
+		-DWITH_GNUTLS=$(usex gnutls $(usex ssl ON OFF) OFF)
+		-DWITH_OPENSSL=$(usex gnutls OFF $(usex ssl ON OFF))
+		-DWITH_GCRYPT=$(usex gcrypt ON OFF)
+		-DWITH_SYSTEMD=$(usex systemd ON OFF)
+		-DWITH_FFMPEG=OFF
+		-DWITH_24BPP=$(usex 24bpp ON OFF)
+		-DWITH_IPv6=$(usex ipv6 ON OFF)
+		-DWITH_SASL=$(usex sasl ON OFF)
+	)
+	cmake-utils_src_configure
+}

[gentoo-commits] repo/gentoo:master commit in: net-libs/libvncserver/, net-libs/libvncserver/files/

[Andreas Sturmlechner]

commit:     578ad0d4d400d6ab947a44aa56dde4186a0d256e
Author:     Alexander Tsoy <alexander <AT> tsoy <DOT> me>
AuthorDate: Tue Jan 14 17:04:01 2020 +0000
Commit:     Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
CommitDate: Wed Jan 15 19:32:45 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=578ad0d4

net-libs/libvncserver: fix crash on exit

Closes: https://bugs.gentoo.org/705124
Signed-off-by: Alexander Tsoy <alexander <AT> tsoy.me>
Closes: https://github.com/gentoo/gentoo/pull/14337
Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org>

 .../libvncserver-0.9.12-fix-shutdown-crash.patch   | 63 ++++++++++++++++++
 .../libvncserver/libvncserver-0.9.12-r4.ebuild     | 74 ++++++++++++++++++++++
 2 files changed, 137 insertions(+)

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-fix-shutdown-crash.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-fix-shutdown-crash.patch
new file mode 100644
index 00000000000..0ae8d38c6f8
--- /dev/null
+++ b/net-libs/libvncserver/files/libvncserver-0.9.12-fix-shutdown-crash.patch
@@ -0,0 +1,63 @@
+From d0a76539835d11c0f4723499f8be4bc9c7724eb9 Mon Sep 17 00:00:00 2001
+From: Rajesh Sahoo <rajesh.sahoo@lge.com>
+Date: Tue, 11 Jun 2019 15:13:04 +0530
+Subject: [PATCH] avoid pthread_join if backgroundLoop is FALSE
+
+client_thread is created depending upon backgroundLoop, but joining
+without checking for same condition. so we are trying to join a garbage
+thread_id.
+---
+ libvncserver/main.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libvncserver/main.c b/libvncserver/main.c
+index d3cd9b1..772fb18 100644
+--- a/libvncserver/main.c
++++ b/libvncserver/main.c
+@@ -1112,6 +1112,7 @@ void rfbShutdownServer(rfbScreenInfoPtr screen,rfbBool disconnectClients) {
+       }
+ 
+ #ifdef LIBVNCSERVER_HAVE_LIBPTHREAD
++    if(currentCl->screen->backgroundLoop) {
+       /*
+ 	Notify the thread. This simply writes a NULL byte to the notify pipe in order to get past the select()
+ 	in clientInput(), the loop in there will then break because the rfbCloseClient() above has set
+@@ -1120,6 +1121,7 @@ void rfbShutdownServer(rfbScreenInfoPtr screen,rfbBool disconnectClients) {
+       write(currentCl->pipe_notify_client_thread[1], "\x00", 1);
+       /* And wait for it to finish. */
+       pthread_join(currentCl->client_thread, NULL);
++    }
+ #else
+       rfbClientConnectionGone(currentCl);
+ #endif
+-- 
+2.24.1
+
+From 15c4f144a3783d9f1f2c976acf9f4d85988fd466 Mon Sep 17 00:00:00 2001
+From: Albert Astals Cid <aacid@kde.org>
+Date: Sun, 5 Jan 2020 19:56:57 +0100
+Subject: [PATCH] rfbShutdownServer: Call rfbClientConnectionGone if no
+ backgroundLoop
+
+Otherwise the servers that don't use rfbRunEventLoop don't get
+notified of client disconnections
+---
+ libvncserver/main.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libvncserver/main.c b/libvncserver/main.c
+index b51f0ab..738a501 100644
+--- a/libvncserver/main.c
++++ b/libvncserver/main.c
+@@ -1152,6 +1152,8 @@ void rfbShutdownServer(rfbScreenInfoPtr screen,rfbBool disconnectClients) {
+       write(currentCl->pipe_notify_client_thread[1], "\x00", 1);
+       /* And wait for it to finish. */
+       pthread_join(currentCl->client_thread, NULL);
++    } else {
++      rfbClientConnectionGone(currentCl);
+     }
+ #else
+       rfbClientConnectionGone(currentCl);
+-- 
+2.24.1
+

diff --git a/net-libs/libvncserver/libvncserver-0.9.12-r4.ebuild b/net-libs/libvncserver/libvncserver-0.9.12-r4.ebuild
new file mode 100644
index 00000000000..44fc2c99053
--- /dev/null
+++ b/net-libs/libvncserver/libvncserver-0.9.12-r4.ebuild
@@ -0,0 +1,74 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit cmake
+
+MY_P="LibVNCServer-${PV}"
+
+DESCRIPTION="library for creating vnc servers"
+HOMEPAGE="https://libvnc.github.io/"
+SRC_URI="https://github.com/LibVNC/${PN}/archive/${MY_P}.tar.gz"
+S="${WORKDIR}/${PN}-${MY_P}"
+
+# libvncserver/tightvnc-filetransfer/*: GPL-2, but we don't build it
+# common/d3des.*: https://github.com/LibVNC/libvncserver/issues/88
+LICENSE="GPL-2+ LGPL-2.1+ BSD MIT"
+# no sub slot wanted (yet), see #578958
+SLOT="0"
+KEYWORDS="~alpha amd64 arm arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-linux ~x86-linux"
+IUSE="+24bpp gcrypt gnutls ipv6 +jpeg libressl lzo +png sasl ssl systemd +threads +zlib"
+# https://bugs.gentoo.org/690202
+# https://bugs.gentoo.org/435326
+# https://bugs.gentoo.org/550916
+REQUIRED_USE="jpeg? ( zlib ) png? ( zlib ) ssl? ( !gnutls? ( threads ) )"
+
+DEPEND="
+	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:0= )
+	ssl? (
+		!gnutls? (
+			!libressl? ( >=dev-libs/openssl-1.0.2:0= )
+			libressl? ( >=dev-libs/libressl-2.7.0:0= )
+		)
+		gnutls? ( >=net-libs/gnutls-2.12.23-r6:0= )
+	)
+	jpeg? ( >=virtual/jpeg-0-r2:0 )
+	lzo? ( dev-libs/lzo )
+	png? ( >=media-libs/libpng-1.6.10:0= )
+	sasl? ( dev-libs/cyrus-sasl )
+	systemd? ( sys-apps/systemd:= )
+	zlib? ( >=sys-libs/zlib-1.2.8-r1:0= )"
+RDEPEND="${DEPEND}"
+
+DOCS=( AUTHORS ChangeLog NEWS README.md TODO )
+
+PATCHES=(
+	"${FILESDIR}"/${P}-cmake-libdir.patch
+	"${FILESDIR}"/${P}-pkgconfig-libdir.patch
+	"${FILESDIR}"/${P}-libgcrypt.patch
+	"${FILESDIR}"/${P}-sparc-unaligned.patch
+	"${FILESDIR}"/${P}-CVE-2018-20750.patch
+	"${FILESDIR}"/${P}-CVE-2019-15681.patch
+	"${FILESDIR}"/${P}-fix-tight-raw-decoding.patch
+	"${FILESDIR}"/${P}-fix-shutdown-crash.patch
+)
+
+src_configure() {
+	local mycmakeargs=(
+		-DWITH_ZLIB=$(usex zlib ON OFF)
+		-DWITH_LZO=$(usex lzo ON OFF)
+		-DWITH_JPEG=$(usex jpeg ON OFF)
+		-DWITH_PNG=$(usex png ON OFF)
+		-DWITH_THREADS=$(usex threads ON OFF)
+		-DWITH_GNUTLS=$(usex gnutls $(usex ssl ON OFF) OFF)
+		-DWITH_OPENSSL=$(usex gnutls OFF $(usex ssl ON OFF))
+		-DWITH_GCRYPT=$(usex gcrypt ON OFF)
+		-DWITH_SYSTEMD=$(usex systemd ON OFF)
+		-DWITH_FFMPEG=OFF
+		-DWITH_24BPP=$(usex 24bpp ON OFF)
+		-DWITH_IPv6=$(usex ipv6 ON OFF)
+		-DWITH_SASL=$(usex sasl ON OFF)
+	)
+	cmake_src_configure
+}

[gentoo-commits] repo/gentoo:master commit in: net-libs/libvncserver/, net-libs/libvncserver/files/

[Andreas Sturmlechner]

commit:     4917a4e4865c7854528acd1d95c7c1996aa57214
Author:     Alexander Tsoy <alexander <AT> tsoy <DOT> me>
AuthorDate: Thu Jun 25 11:15:54 2020 +0000
Commit:     Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
CommitDate: Sat Jun 27 12:15:37 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4917a4e4

net-libs/libvncserver: Fix tests

* Fix includetest with CMAKE_MAKEFILE_GENERATOR=ninja
* Do not run tjunittest with USE=-jpeg

Commiting straight to stable as only tests are affected by these
changes.

Closes: https://bugs.gentoo.org/729092
Bug: https://bugs.gentoo.org/729188
Signed-off-by: Alexander Tsoy <alexander <AT> tsoy.me>
Closes: https://github.com/gentoo/gentoo/pull/16411
Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org>

 .../libvncserver-0.9.13-test-fix-includetest.patch | 54 ++++++++++++++++++++++
 .../libvncserver-0.9.13-test-fix-tjunittest.patch  | 29 ++++++++++++
 net-libs/libvncserver/libvncserver-0.9.13.ebuild   |  5 ++
 3 files changed, 88 insertions(+)

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.13-test-fix-includetest.patch b/net-libs/libvncserver/files/libvncserver-0.9.13-test-fix-includetest.patch
new file mode 100644
index 00000000000..76770828883
--- /dev/null
+++ b/net-libs/libvncserver/files/libvncserver-0.9.13-test-fix-includetest.patch
@@ -0,0 +1,54 @@
+From 39cff3dd6b5d9ebcf86f01e2c7e0bef62abd9d6f Mon Sep 17 00:00:00 2001
+From: Alexander Tsoy <alexander@tsoy.me>
+Date: Thu, 25 Jun 2020 11:35:04 +0300
+Subject: [PATCH 1/2] test: fix includetest to use CMAKE_MAKE_PROGRAM (#431)
+
+includetest currently fais if, for example, ninja is used as a CMake
+generator. Fix it by using CMAKE_MAKE_PROGRAM in the test.
+---
+ CMakeLists.txt      | 2 +-
+ test/includetest.sh | 7 ++++---
+ 2 files changed, 5 insertions(+), 4 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 0b6228a2..290deb38 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -680,7 +680,7 @@ endif(LIBVNCSERVER_WITH_WEBSOCKETS)
+ 
+ add_test(NAME cargs COMMAND test_cargstest)
+ if(UNIX)
+-  add_test(NAME includetest COMMAND ${TESTS_DIR}/includetest.sh ${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_INCLUDEDIR})
++  add_test(NAME includetest COMMAND ${TESTS_DIR}/includetest.sh ${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_INCLUDEDIR} ${CMAKE_MAKE_PROGRAM})
+ endif(UNIX)
+ if(FOUND_LIBJPEG_TURBO)
+     add_test(NAME turbojpeg COMMAND test_tjunittest)
+diff --git a/test/includetest.sh b/test/includetest.sh
+index 23d602e6..6b064208 100755
+--- a/test/includetest.sh
++++ b/test/includetest.sh
+@@ -5,10 +5,11 @@
+ 
+ # expects install prefix like /usr as an argument
+ PREFIX=$1
++CMAKE_MAKE_PROGRAM=$2
+ 
+ TMPDIR=$(mktemp -d)
+ 
+-make install DESTDIR=$TMPDIR
++DESTDIR="$TMPDIR" $CMAKE_MAKE_PROGRAM install
+ 
+ echo \
+ "
+@@ -19,6 +20,6 @@ int main()
+ {
+     return 0;
+ }
+-" > $TMPDIR/includetest.c
++" > "$TMPDIR"/includetest.c
+ 
+-cc -I $TMPDIR/$PREFIX $TMPDIR/includetest.c
++cc -I "$TMPDIR/$PREFIX" "$TMPDIR"/includetest.c
+-- 
+2.26.2
+

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.13-test-fix-tjunittest.patch b/net-libs/libvncserver/files/libvncserver-0.9.13-test-fix-tjunittest.patch
new file mode 100644
index 00000000000..98e3a654b47
--- /dev/null
+++ b/net-libs/libvncserver/files/libvncserver-0.9.13-test-fix-tjunittest.patch
@@ -0,0 +1,29 @@
+From 8244fab5421fd14d4c75ce488ad18d38b7a6edb4 Mon Sep 17 00:00:00 2001
+From: Christian Beier <info@christianbeier.net>
+Date: Thu, 25 Jun 2020 12:21:50 +0200
+Subject: [PATCH 2/2] CMake: only add turbojpeg test if configured WITH_JPEG
+
+Closes #430
+---
+ CMakeLists.txt | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 290deb38..fdca4d81 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -682,9 +682,9 @@ add_test(NAME cargs COMMAND test_cargstest)
+ if(UNIX)
+   add_test(NAME includetest COMMAND ${TESTS_DIR}/includetest.sh ${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_INCLUDEDIR} ${CMAKE_MAKE_PROGRAM})
+ endif(UNIX)
+-if(FOUND_LIBJPEG_TURBO)
++if(WITH_JPEG AND FOUND_LIBJPEG_TURBO)
+     add_test(NAME turbojpeg COMMAND test_tjunittest)
+-endif(FOUND_LIBJPEG_TURBO)
++endif(WITH_JPEG AND FOUND_LIBJPEG_TURBO)
+ if(LIBVNCSERVER_WITH_WEBSOCKETS)
+     add_test(NAME wstest COMMAND test_wstest)
+ endif(LIBVNCSERVER_WITH_WEBSOCKETS)
+-- 
+2.26.2
+

diff --git a/net-libs/libvncserver/libvncserver-0.9.13.ebuild b/net-libs/libvncserver/libvncserver-0.9.13.ebuild
index 2adb6bf71a2..a5f53103e42 100644
--- a/net-libs/libvncserver/libvncserver-0.9.13.ebuild
+++ b/net-libs/libvncserver/libvncserver-0.9.13.ebuild
@@ -48,6 +48,11 @@ RDEPEND="${DEPEND}"
 
 DOCS=( AUTHORS ChangeLog NEWS.md README.md TODO.md )
 
+PATCHES=(
+	"${FILESDIR}"/${P}-test-fix-includetest.patch
+	"${FILESDIR}"/${P}-test-fix-tjunittest.patch
+)
+
 src_configure() {
 	local mycmakeargs=(
 		-DWITH_FFMPEG=OFF

[gentoo-commits] repo/gentoo:master commit in: net-libs/libvncserver/, net-libs/libvncserver/files/

[Aaron Bauman]

commit:     3cc06e5fd4889a3fd2d77d6a411efe0f82f37777
Author:     Alexander Tsoy <alexander <AT> tsoy <DOT> me>
AuthorDate: Mon Jun 29 07:52:36 2020 +0000
Commit:     Aaron Bauman <bman <AT> gentoo <DOT> org>
CommitDate: Mon Jun 29 17:29:20 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3cc06e5f

net-libs/libvncserver: Security cleanup

Bug: https://bugs.gentoo.org/728594
Signed-off-by: Alexander Tsoy <alexander <AT> tsoy.me>
Closes: https://github.com/gentoo/gentoo/pull/16483
Signed-off-by: Aaron Bauman <bman <AT> gentoo.org>

 net-libs/libvncserver/Manifest                     |  1 -
 .../files/libvncserver-0.9.12-CVE-2018-20750.patch | 47 --------------
 .../files/libvncserver-0.9.12-CVE-2019-15681.patch | 26 --------
 .../files/libvncserver-0.9.12-CVE-2019-15690.patch | 39 -----------
 .../files/libvncserver-0.9.12-cmake-libdir.patch   | 46 -------------
 .../libvncserver-0.9.12-fix-shutdown-crash.patch   | 63 ------------------
 ...ibvncserver-0.9.12-fix-tight-raw-decoding.patch | 40 ------------
 .../files/libvncserver-0.9.12-libgcrypt.patch      | 40 ------------
 .../libvncserver-0.9.12-pkgconfig-libdir.patch     | 41 ------------
 .../libvncserver-0.9.12-sparc-unaligned.patch      | 40 ------------
 .../libvncserver/libvncserver-0.9.12-r5.ebuild     | 75 ----------------------
 11 files changed, 458 deletions(-)

diff --git a/net-libs/libvncserver/Manifest b/net-libs/libvncserver/Manifest
index 836e8ec1e80..c7569e5d477 100644
--- a/net-libs/libvncserver/Manifest
+++ b/net-libs/libvncserver/Manifest
@@ -1,2 +1 @@
-DIST LibVNCServer-0.9.12.tar.gz 2237447 BLAKE2B 583500c0bcfb6e9e3a02a33fb2701113b164851f0906fcc4845de7c7d82d4f7f65f5edd6c9a672348ee1deeefc65c1b0a257da024254598ba86d121d424f027e SHA512 60ff1cc93a937d6f8f97449bc58b763095846207112f7b1b3c43eb2d74448b595d6da949903a764bd484ee54e38ff6277e882adbe965dd6d26ba15ef6ff6fcb8
 DIST LibVNCServer-0.9.13.tar.gz 567491 BLAKE2B 138c7ca63f8cd30a21dc1b58aafa744e12a1a9eca503ffec18a63d18791d7a5df4eef176d7e4e797a2aadda1dd04d1b051abfd76bf5c6806d558c09ffee78cce SHA512 18b0a1698d32bbdbfe6f65f76130b2a95860e3cc76e8adb904269663698c7c0ae982f451fda1f25e5461f096045d40a89d9014258f439366d5b4feaa4999d643

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2018-20750.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2018-20750.patch
deleted file mode 100644
index 55f122d1258..00000000000
--- a/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2018-20750.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From 09e8fc02f59f16e2583b34fe1a270c238bd9ffec Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
-Date: Mon, 7 Jan 2019 10:40:01 +0100
-Subject: [PATCH 01/51] Limit lenght to INT_MAX bytes in
- rfbProcessFileTransferReadBuffer()
-
-This ammends 15bb719c03cc70f14c36a843dcb16ed69b405707 fix for a heap
-out-of-bound write access in rfbProcessFileTransferReadBuffer() when
-reading a transfered file content in a server. The former fix did not
-work on platforms with a 32-bit int type (expected by rfbReadExact()).
-
-CVE-2018-15127
-<https://github.com/LibVNC/libvncserver/issues/243>
-<https://github.com/LibVNC/libvncserver/issues/273>
----
- libvncserver/rfbserver.c | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
-index 7af8490..f2edbee 100644
---- a/libvncserver/rfbserver.c
-+++ b/libvncserver/rfbserver.c
-@@ -88,6 +88,8 @@
- #include <errno.h>
- /* strftime() */
- #include <time.h>
-+/* INT_MAX */
-+#include <limits.h>
- 
- #ifdef LIBVNCSERVER_WITH_WEBSOCKETS
- #include "rfbssl.h"
-@@ -1472,8 +1474,11 @@ char *rfbProcessFileTransferReadBuffer(rfbClientPtr cl, uint32_t length)
-        0XFFFFFFFF, i.e. SIZE_MAX for 32-bit systems. On 64-bit systems, a length of 0XFFFFFFFF
-        will safely be allocated since this check will never trigger and malloc() can digest length+1
-        without problems as length is a uint32_t.
-+       We also later pass length to rfbReadExact() that expects a signed int type and
-+       that might wrap on platforms with a 32-bit int type if length is bigger
-+       than 0X7FFFFFFF.
-     */
--    if(length == SIZE_MAX) {
-+    if(length == SIZE_MAX || length > INT_MAX) {
- 	rfbErr("rfbProcessFileTransferReadBuffer: too big file transfer length requested: %u", (unsigned int)length);
- 	rfbCloseClient(cl);
- 	return NULL;
--- 
-2.23.0
-

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15681.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15681.patch
deleted file mode 100644
index 301d1340d14..00000000000
--- a/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15681.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a Mon Sep 17 00:00:00 2001
-From: Christian Beier <dontmind@freeshell.org>
-Date: Mon, 19 Aug 2019 22:32:25 +0200
-Subject: [PATCH 48/51] rfbserver: don't leak stack memory to the remote
-
-Thanks go to Pavel Cheremushkin of Kaspersky for reporting.
----
- libvncserver/rfbserver.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
-index 3bacc89..310e548 100644
---- a/libvncserver/rfbserver.c
-+++ b/libvncserver/rfbserver.c
-@@ -3724,6 +3724,8 @@ rfbSendServerCutText(rfbScreenInfoPtr rfbScreen,char *str, int len)
-     rfbServerCutTextMsg sct;
-     rfbClientIteratorPtr iterator;
- 
-+    memset((char *)&sct, 0, sizeof(sct));
-+
-     iterator = rfbGetClientIterator(rfbScreen);
-     while ((cl = rfbClientIteratorNext(iterator)) != NULL) {
-         sct.type = rfbServerCutText;
--- 
-2.23.0
-

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15690.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15690.patch
deleted file mode 100644
index 5ef290129c7..00000000000
--- a/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15690.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From 54220248886b5001fbbb9fa73c4e1a2cb9413fed Mon Sep 17 00:00:00 2001
-From: Christian Beier <dontmind@freeshell.org>
-Date: Sun, 17 Nov 2019 17:18:35 +0100
-Subject: [PATCH] libvncclient/cursor: limit width/height input values
-
-Avoids a possible heap overflow reported by Pavel Cheremushkin
-<Pavel.Cheremushkin@kaspersky.com>.
-
-re #275
----
- libvncclient/cursor.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/libvncclient/cursor.c b/libvncclient/cursor.c
-index 67f4572..40ffb3b 100644
---- a/libvncclient/cursor.c
-+++ b/libvncclient/cursor.c
-@@ -28,6 +28,8 @@
- #define OPER_SAVE     0
- #define OPER_RESTORE  1
- 
-+#define MAX_CURSOR_SIZE 1024
-+
- #define RGB24_TO_PIXEL(bpp,r,g,b)                                       \
-    ((((uint##bpp##_t)(r) & 0xFF) * client->format.redMax + 127) / 255             \
-     << client->format.redShift |                                              \
-@@ -54,6 +56,9 @@ rfbBool HandleCursorShape(rfbClient* client,int xhot, int yhot, int width, int h
-   if (width * height == 0)
-     return TRUE;
- 
-+  if (width >= MAX_CURSOR_SIZE || height >= MAX_CURSOR_SIZE)
-+    return FALSE;
-+
-   /* Allocate memory for pixel data and temporary mask data. */
-   if(client->rcSource)
-     free(client->rcSource);
--- 
-2.24.1
-

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-cmake-libdir.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-cmake-libdir.patch
deleted file mode 100644
index cc6e4bdc909..00000000000
--- a/net-libs/libvncserver/files/libvncserver-0.9.12-cmake-libdir.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From 3348a7e42e86dfb98dd7458ad29def476cf6096f Mon Sep 17 00:00:00 2001
-From: Christian Beier <dontmind@freeshell.org>
-Date: Sat, 9 Feb 2019 13:23:26 +0100
-Subject: [PATCH 02/51] CMake: replace hardcoded 'lib' with
- ${CMAKE_INSTALL_LIBDIR}
-
-Closes #281
----
- CMakeLists.txt | 7 ++++---
- 1 file changed, 4 insertions(+), 3 deletions(-)
-
-diff --git a/CMakeLists.txt b/CMakeLists.txt
-index 873cc7b..55f7e65 100644
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -9,6 +9,7 @@ include(CheckTypeSize)
- include(TestBigEndian)
- include(CheckCSourceCompiles)
- include(CheckCSourceRuns)
-+include(GNUInstallDirs)
- 
- enable_testing()
- 
-@@ -666,8 +667,8 @@ get_link_libraries(PRIVATE_LIBS vncclient)
- configure_file(${CMAKE_CURRENT_SOURCE_DIR}/libvncclient.pc.cmakein ${CMAKE_CURRENT_BINARY_DIR}/libvncclient.pc @ONLY)
- 
- 
--install_targets(/lib vncserver)
--install_targets(/lib vncclient)
-+install_targets(/${CMAKE_INSTALL_LIBDIR} vncserver)
-+install_targets(/${CMAKE_INSTALL_LIBDIR} vncclient)
- install_files(/include/rfb FILES
-     rfb/keysym.h
-     rfb/rfb.h
-@@ -677,7 +678,7 @@ install_files(/include/rfb FILES
-     rfb/rfbregion.h
- )
- 
--install_files(/lib/pkgconfig FILES
-+install_files(/${CMAKE_INSTALL_LIBDIR}/pkgconfig FILES
-     libvncserver.pc
-     libvncclient.pc
- )
--- 
-2.23.0
-

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-fix-shutdown-crash.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-fix-shutdown-crash.patch
deleted file mode 100644
index 0ae8d38c6f8..00000000000
--- a/net-libs/libvncserver/files/libvncserver-0.9.12-fix-shutdown-crash.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-From d0a76539835d11c0f4723499f8be4bc9c7724eb9 Mon Sep 17 00:00:00 2001
-From: Rajesh Sahoo <rajesh.sahoo@lge.com>
-Date: Tue, 11 Jun 2019 15:13:04 +0530
-Subject: [PATCH] avoid pthread_join if backgroundLoop is FALSE
-
-client_thread is created depending upon backgroundLoop, but joining
-without checking for same condition. so we are trying to join a garbage
-thread_id.
----
- libvncserver/main.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/libvncserver/main.c b/libvncserver/main.c
-index d3cd9b1..772fb18 100644
---- a/libvncserver/main.c
-+++ b/libvncserver/main.c
-@@ -1112,6 +1112,7 @@ void rfbShutdownServer(rfbScreenInfoPtr screen,rfbBool disconnectClients) {
-       }
- 
- #ifdef LIBVNCSERVER_HAVE_LIBPTHREAD
-+    if(currentCl->screen->backgroundLoop) {
-       /*
- 	Notify the thread. This simply writes a NULL byte to the notify pipe in order to get past the select()
- 	in clientInput(), the loop in there will then break because the rfbCloseClient() above has set
-@@ -1120,6 +1121,7 @@ void rfbShutdownServer(rfbScreenInfoPtr screen,rfbBool disconnectClients) {
-       write(currentCl->pipe_notify_client_thread[1], "\x00", 1);
-       /* And wait for it to finish. */
-       pthread_join(currentCl->client_thread, NULL);
-+    }
- #else
-       rfbClientConnectionGone(currentCl);
- #endif
--- 
-2.24.1
-
-From 15c4f144a3783d9f1f2c976acf9f4d85988fd466 Mon Sep 17 00:00:00 2001
-From: Albert Astals Cid <aacid@kde.org>
-Date: Sun, 5 Jan 2020 19:56:57 +0100
-Subject: [PATCH] rfbShutdownServer: Call rfbClientConnectionGone if no
- backgroundLoop
-
-Otherwise the servers that don't use rfbRunEventLoop don't get
-notified of client disconnections
----
- libvncserver/main.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/libvncserver/main.c b/libvncserver/main.c
-index b51f0ab..738a501 100644
---- a/libvncserver/main.c
-+++ b/libvncserver/main.c
-@@ -1152,6 +1152,8 @@ void rfbShutdownServer(rfbScreenInfoPtr screen,rfbBool disconnectClients) {
-       write(currentCl->pipe_notify_client_thread[1], "\x00", 1);
-       /* And wait for it to finish. */
-       pthread_join(currentCl->client_thread, NULL);
-+    } else {
-+      rfbClientConnectionGone(currentCl);
-     }
- #else
-       rfbClientConnectionGone(currentCl);
--- 
-2.24.1
-

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-fix-tight-raw-decoding.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-fix-tight-raw-decoding.patch
deleted file mode 100644
index e862d634346..00000000000
--- a/net-libs/libvncserver/files/libvncserver-0.9.12-fix-tight-raw-decoding.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 6b87d6154200667a66212f80068f7468eaa0f048 Mon Sep 17 00:00:00 2001
-From: DRC <information@virtualgl.org>
-Date: Sat, 28 Sep 2019 14:54:30 -0500
-Subject: [PATCH 50/51] LibVNCClient: Fix regression in Tight/Raw decoding
-
-Introduced by d7b1462 in LibVNCServer 0.9.12.  This regression caused
-the pixels in some RFB rectangles to become corrupted/garbled when the
-Tight encoding was used, without the JPEG subencoding, with a 15-bit or
-16-bit color depth.
-
-Fixes #335
-Fixes https://gitlab.com/Remmina/Remmina/issues/1824
----
- libvncclient/tight.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/libvncclient/tight.c b/libvncclient/tight.c
-index df01812..0586f47 100644
---- a/libvncclient/tight.c
-+++ b/libvncclient/tight.c
-@@ -1,5 +1,5 @@
- /*
-- *  Copyright (C) 2017 D. R. Commander.  All Rights Reserved.
-+ *  Copyright (C) 2017, 2019 D. R. Commander.  All Rights Reserved.
-  *  Copyright (C) 2004-2008 Sun Microsystems, Inc.  All Rights Reserved.
-  *  Copyright (C) 2004 Landmark Graphics Corporation.  All Rights Reserved.
-  *  Copyright (C) 2000, 2001 Const Kaplinsky.  All Rights Reserved.
-@@ -360,7 +360,8 @@ FilterCopyBPP (rfbClient* client, int srcx, int srcy, int numRows)
- #endif
- 
-   for (y = 0; y < numRows; y++)
--    memcpy (&dst[y*client->width], &client->buffer[y*client->rectWidth],
-+    memcpy (&dst[y*client->width],
-+            &client->buffer[y * client->rectWidth * (BPP / 8)],
-             client->rectWidth * (BPP / 8));
- }
- 
--- 
-2.23.0
-

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-libgcrypt.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-libgcrypt.patch
deleted file mode 100644
index a0313562ff1..00000000000
--- a/net-libs/libvncserver/files/libvncserver-0.9.12-libgcrypt.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 57be637006a95091119f7a49b4232e461116520f Mon Sep 17 00:00:00 2001
-From: Alexander Tsoy <alexander@tsoy.me>
-Date: Sat, 25 May 2019 02:02:47 +0300
-Subject: [PATCH] crypto: rfbcrypto_gnutls is actually libgcrypt-based
-
-Long time ago gnutls used libgcrypt as a cryptographic backend. Perhaps
-that was what caused the confusion.
----
- CMakeLists.txt                                       | 9 ++++-----
- common/{rfbcrypto_gnutls.c => rfbcrypto_libgcrypt.c} | 0
- 2 files changed, 4 insertions(+), 5 deletions(-)
- rename common/{rfbcrypto_gnutls.c => rfbcrypto_libgcrypt.c} (100%)
-
-diff --git a/CMakeLists.txt b/CMakeLists.txt
-index b9ca4ba..0d3b4dc 100644
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -226,11 +226,10 @@ if(SYSTEMD_FOUND)
- endif(SYSTEMD_FOUND)
- 
- if(LIBVNCSERVER_HAVE_SYS_UIO_H)
--  if(GNUTLS_FOUND)
--    message(STATUS "Building crypto with GnuTLS")
--    set(CRYPTO_LIBRARIES ${GNUTLS_LIBRARIES})
--    set(CRYPTO_SOURCES ${COMMON_DIR}/rfbcrypto_gnutls)
--    include_directories(${GNUTLS_INCLUDE_DIR})
-+  if(WITH_GCRYPT AND LIBGCRYPT_LIBRARIES)
-+    message(STATUS "Building crypto with Libgcrypt")
-+    set(CRYPTO_LIBRARIES ${LIBGCRYPT_LIBRARIES})
-+    set(CRYPTO_SOURCES ${COMMON_DIR}/rfbcrypto_libgcrypt)
-   elseif(OPENSSL_FOUND)
-     message(STATUS "Building crypto with OpenSSL")
-     set(CRYPTO_LIBRARIES ${OPENSSL_LIBRARIES})
-diff --git a/common/rfbcrypto_gnutls.c b/common/rfbcrypto_libgcrypt.c
-similarity index 100%
-rename from common/rfbcrypto_gnutls.c
-rename to common/rfbcrypto_libgcrypt.c
--- 
-2.21.0
-

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-pkgconfig-libdir.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-pkgconfig-libdir.patch
deleted file mode 100644
index 6a50ac89206..00000000000
--- a/net-libs/libvncserver/files/libvncserver-0.9.12-pkgconfig-libdir.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From 36a71279ed5b10effecd879caf6c3791842ca713 Mon Sep 17 00:00:00 2001
-From: Christian Beier <dontmind@freeshell.org>
-Date: Thu, 28 Mar 2019 21:06:36 +0100
-Subject: [PATCH 03/51] CMake: replace 'lib' with ${CMAKE_INSTALL_LIBDIR} for
- pkgconfig files as well
-
-Thanks to https://github.com/ikelos for spotting this ;-)
-
-Closes #290
----
- libvncclient.pc.cmakein | 2 +-
- libvncserver.pc.cmakein | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/libvncclient.pc.cmakein b/libvncclient.pc.cmakein
-index 169a8b7..445f7e7 100644
---- a/libvncclient.pc.cmakein
-+++ b/libvncclient.pc.cmakein
-@@ -1,6 +1,6 @@
- prefix=@CMAKE_INSTALL_PREFIX@
- exec_prefix=@CMAKE_INSTALL_PREFIX@
--libdir=@CMAKE_INSTALL_PREFIX@/lib
-+libdir=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@
- includedir=@CMAKE_INSTALL_PREFIX@/include
- 
- Name: LibVNCClient
-diff --git a/libvncserver.pc.cmakein b/libvncserver.pc.cmakein
-index f38d74f..c689806 100644
---- a/libvncserver.pc.cmakein
-+++ b/libvncserver.pc.cmakein
-@@ -1,6 +1,6 @@
- prefix=@CMAKE_INSTALL_PREFIX@
- exec_prefix=@CMAKE_INSTALL_PREFIX@
--libdir=@CMAKE_INSTALL_PREFIX@/lib
-+libdir=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@
- includedir=@CMAKE_INSTALL_PREFIX@/include
- 
- Name: LibVNCServer
--- 
-2.23.0
-

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-sparc-unaligned.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-sparc-unaligned.patch
deleted file mode 100644
index dce787f1295..00000000000
--- a/net-libs/libvncserver/files/libvncserver-0.9.12-sparc-unaligned.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 0cf1400c61850065de590d403f6d49e32882fd76 Mon Sep 17 00:00:00 2001
-From: Rolf Eike Beer <eike@sf-mail.de>
-Date: Tue, 28 May 2019 18:30:46 +0200
-Subject: [PATCH] fix crash because of unaligned accesses in
- hybiReadAndDecode()
-
----
- libvncserver/ws_decode.c | 7 ++++---
- 1 file changed, 4 insertions(+), 3 deletions(-)
-
-diff --git a/libvncserver/ws_decode.c b/libvncserver/ws_decode.c
-index 441ebc7..10c44d1 100644
---- a/libvncserver/ws_decode.c
-+++ b/libvncserver/ws_decode.c
-@@ -327,7 +327,6 @@ hybiReadAndDecode(ws_ctx_t *wsctx, char *dst, int len, int *sockRet, int nInBuf)
-   int bufsize;
-   int nextRead;
-   unsigned char *data;
--  uint32_t *data32;
- 
-   /* if data was carried over, copy to start of buffer */
-   memcpy(wsctx->writePos, wsctx->carryBuf, wsctx->carrylen);
-@@ -383,10 +382,12 @@ hybiReadAndDecode(ws_ctx_t *wsctx, char *dst, int len, int *sockRet, int nInBuf)
-   /* for a possible base64 decoding, we decode multiples of 4 bytes until
-    * the whole frame is received and carry over any remaining bytes in the carry buf*/
-   data = (unsigned char *)(wsctx->writePos - toDecode);
--  data32= (uint32_t *)data;
- 
-   for (i = 0; i < (toDecode >> 2); i++) {
--    data32[i] ^= wsctx->header.mask.u;
-+    uint32_t tmp;
-+    memcpy(&tmp, data + i * sizeof(tmp), sizeof(tmp));
-+    tmp ^= wsctx->header.mask.u;
-+    memcpy(data + i * sizeof(tmp), &tmp, sizeof(tmp));
-   }
-   ws_dbg("mask decoding; i=%d toDecode=%d\n", i, toDecode);
- 
--- 
-2.16.4
-

diff --git a/net-libs/libvncserver/libvncserver-0.9.12-r5.ebuild b/net-libs/libvncserver/libvncserver-0.9.12-r5.ebuild
deleted file mode 100644
index 9ea5a4c3370..00000000000
--- a/net-libs/libvncserver/libvncserver-0.9.12-r5.ebuild
+++ /dev/null
@@ -1,75 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit cmake
-
-MY_P="LibVNCServer-${PV}"
-
-DESCRIPTION="library for creating vnc servers"
-HOMEPAGE="https://libvnc.github.io/"
-SRC_URI="https://github.com/LibVNC/${PN}/archive/${MY_P}.tar.gz"
-S="${WORKDIR}/${PN}-${MY_P}"
-
-# libvncserver/tightvnc-filetransfer/*: GPL-2, but we don't build it
-# common/d3des.*: https://github.com/LibVNC/libvncserver/issues/88
-LICENSE="GPL-2+ LGPL-2.1+ BSD MIT"
-# no sub slot wanted (yet), see #578958
-SLOT="0"
-KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~mips ppc ppc64 ~s390 sparc x86 ~amd64-linux ~x86-linux"
-IUSE="+24bpp gcrypt gnutls ipv6 +jpeg libressl lzo +png sasl ssl systemd +threads +zlib"
-# https://bugs.gentoo.org/690202
-# https://bugs.gentoo.org/435326
-# https://bugs.gentoo.org/550916
-REQUIRED_USE="jpeg? ( zlib ) png? ( zlib ) ssl? ( !gnutls? ( threads ) )"
-
-DEPEND="
-	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:0= )
-	ssl? (
-		!gnutls? (
-			!libressl? ( >=dev-libs/openssl-1.0.2:0= )
-			libressl? ( >=dev-libs/libressl-2.7.0:0= )
-		)
-		gnutls? ( >=net-libs/gnutls-2.12.23-r6:0= )
-	)
-	jpeg? ( >=virtual/jpeg-0-r2:0 )
-	lzo? ( dev-libs/lzo )
-	png? ( >=media-libs/libpng-1.6.10:0= )
-	sasl? ( dev-libs/cyrus-sasl )
-	systemd? ( sys-apps/systemd:= )
-	zlib? ( >=sys-libs/zlib-1.2.8-r1:0= )"
-RDEPEND="${DEPEND}"
-
-DOCS=( AUTHORS ChangeLog NEWS README.md TODO )
-
-PATCHES=(
-	"${FILESDIR}"/${P}-cmake-libdir.patch
-	"${FILESDIR}"/${P}-pkgconfig-libdir.patch
-	"${FILESDIR}"/${P}-libgcrypt.patch
-	"${FILESDIR}"/${P}-sparc-unaligned.patch
-	"${FILESDIR}"/${P}-CVE-2018-20750.patch
-	"${FILESDIR}"/${P}-CVE-2019-15681.patch
-	"${FILESDIR}"/${P}-fix-tight-raw-decoding.patch
-	"${FILESDIR}"/${P}-fix-shutdown-crash.patch
-	"${FILESDIR}"/${P}-CVE-2019-15690.patch
-)
-
-src_configure() {
-	local mycmakeargs=(
-		-DWITH_ZLIB=$(usex zlib ON OFF)
-		-DWITH_LZO=$(usex lzo ON OFF)
-		-DWITH_JPEG=$(usex jpeg ON OFF)
-		-DWITH_PNG=$(usex png ON OFF)
-		-DWITH_THREADS=$(usex threads ON OFF)
-		-DWITH_GNUTLS=$(usex gnutls $(usex ssl ON OFF) OFF)
-		-DWITH_OPENSSL=$(usex gnutls OFF $(usex ssl ON OFF))
-		-DWITH_GCRYPT=$(usex gcrypt ON OFF)
-		-DWITH_SYSTEMD=$(usex systemd ON OFF)
-		-DWITH_FFMPEG=OFF
-		-DWITH_24BPP=$(usex 24bpp ON OFF)
-		-DWITH_IPv6=$(usex ipv6 ON OFF)
-		-DWITH_SASL=$(usex sasl ON OFF)
-	)
-	cmake_src_configure
-}

[gentoo-commits] repo/gentoo:master commit in: net-libs/libvncserver/, net-libs/libvncserver/files/

[Andreas Sturmlechner]

commit:     d33d79334f52b44ddc670fa9461105d2cfc64ea9
Author:     Alexander Tsoy <alexander <AT> tsoy <DOT> me>
AuthorDate: Thu Sep 22 00:02:29 2022 +0000
Commit:     Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
CommitDate: Sat Sep 24 10:00:51 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d33d7933

net-libs/libvncserver: fix CVE-2020-29260

Also update EAPI 7 -> 8

Bug: https://bugs.gentoo.org/868135
Signed-off-by: Alexander Tsoy <alexander <AT> tsoy.me>
Closes: https://github.com/gentoo/gentoo/pull/27388
Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org>

 .../files/libvncserver-0.9.13-CVE-2020-29260.patch | 27 ++++++++
 .../libvncserver/libvncserver-0.9.13-r1.ebuild     | 76 ++++++++++++++++++++++
 2 files changed, 103 insertions(+)

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.13-CVE-2020-29260.patch b/net-libs/libvncserver/files/libvncserver-0.9.13-CVE-2020-29260.patch
new file mode 100644
index 000000000000..23ffed8c1774
--- /dev/null
+++ b/net-libs/libvncserver/files/libvncserver-0.9.13-CVE-2020-29260.patch
@@ -0,0 +1,27 @@
+From bef41f6ec4097a8ee094f90a1b34a708fbd757ec Mon Sep 17 00:00:00 2001
+From: Christian Beier <info@christianbeier.net>
+Date: Sat, 21 Nov 2020 12:52:31 +0100
+Subject: [PATCH] libvncclient: free vncRec memory in rfbClientCleanup()
+
+Otherwise we leak memory. Spotted by Ramin Farajpour Cami
+<ramin.blackhat@gmail.com>, thanks!
+---
+ libvncclient/vncviewer.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libvncclient/vncviewer.c b/libvncclient/vncviewer.c
+index d6b91f02..0a1bdcf6 100644
+--- a/libvncclient/vncviewer.c
++++ b/libvncclient/vncviewer.c
+@@ -534,6 +534,8 @@ void rfbClientCleanup(rfbClient* client) {
+     client->clientData = next;
+   }
+ 
++  free(client->vncRec);
++
+   if (client->sock != RFB_INVALID_SOCKET)
+     rfbCloseSocket(client->sock);
+   if (client->listenSock != RFB_INVALID_SOCKET)
+-- 
+2.35.1
+

diff --git a/net-libs/libvncserver/libvncserver-0.9.13-r1.ebuild b/net-libs/libvncserver/libvncserver-0.9.13-r1.ebuild
new file mode 100644
index 000000000000..2a9d65199e87
--- /dev/null
+++ b/net-libs/libvncserver/libvncserver-0.9.13-r1.ebuild
@@ -0,0 +1,76 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit cmake
+
+MY_P="LibVNCServer-${PV}"
+
+DESCRIPTION="library for creating vnc servers"
+HOMEPAGE="https://libvnc.github.io/"
+SRC_URI="https://github.com/LibVNC/${PN}/archive/${MY_P}.tar.gz"
+S="${WORKDIR}/${PN}-${MY_P}"
+
+# common/d3des.*: https://github.com/LibVNC/libvncserver/issues/88
+LICENSE="GPL-2 GPL-2+ LGPL-2.1+ BSD MIT"
+# no sub slot wanted (yet), see #578958
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"
+IUSE="+24bpp +filetransfer gcrypt gnutls ipv6 +jpeg lzo +png sasl ssl systemd +threads +zlib"
+# https://bugs.gentoo.org/690202
+# https://bugs.gentoo.org/435326
+# https://bugs.gentoo.org/550916
+REQUIRED_USE="
+	filetransfer? ( threads )
+	jpeg? ( zlib )
+	png? ( zlib )
+	ssl? ( !gnutls? ( threads ) )
+"
+
+DEPEND="
+	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:0= )
+	ssl? (
+		!gnutls? (
+			>=dev-libs/openssl-1.0.2:0=
+		)
+		gnutls? ( >=net-libs/gnutls-2.12.23-r6:0= )
+	)
+	jpeg? ( media-libs/libjpeg-turbo:= )
+	lzo? ( dev-libs/lzo )
+	png? ( >=media-libs/libpng-1.6.10:0= )
+	sasl? ( dev-libs/cyrus-sasl )
+	systemd? ( sys-apps/systemd:= )
+	zlib? ( >=sys-libs/zlib-1.2.8-r1:0= )
+"
+RDEPEND="${DEPEND}"
+
+DOCS=( AUTHORS ChangeLog NEWS.md README.md TODO.md )
+
+PATCHES=(
+	"${FILESDIR}"/${P}-test-fix-includetest.patch
+	"${FILESDIR}"/${P}-test-fix-tjunittest.patch
+	"${FILESDIR}"/${P}-CVE-2020-29260.patch
+)
+
+src_configure() {
+	local mycmakeargs=(
+		-DWITH_FFMPEG=OFF
+		-DWITH_GTK=OFF
+		-DWITH_SDL=OFF
+		-DWITH_24BPP=$(usex 24bpp ON OFF)
+		-DWITH_TIGHTVNC_FILETRANSFER=$(usex filetransfer ON OFF)
+		-DWITH_GCRYPT=$(usex gcrypt ON OFF)
+		-DWITH_GNUTLS=$(usex gnutls $(usex ssl ON OFF) OFF)
+		-DWITH_IPv6=$(usex ipv6 ON OFF)
+		-DWITH_JPEG=$(usex jpeg ON OFF)
+		-DWITH_LZO=$(usex lzo ON OFF)
+		-DWITH_OPENSSL=$(usex gnutls OFF $(usex ssl ON OFF))
+		-DWITH_PNG=$(usex png ON OFF)
+		-DWITH_SASL=$(usex sasl ON OFF)
+		-DWITH_SYSTEMD=$(usex systemd ON OFF)
+		-DWITH_THREADS=$(usex threads ON OFF)
+		-DWITH_ZLIB=$(usex zlib ON OFF)
+	)
+	cmake_src_configure
+}