* [gentoo-commits] repo/gentoo:master commit in: net-libs/libvncserver/files/, net-libs/libvncserver/
@ 2019-01-17 21:21 Sven Wegener
0 siblings, 0 replies; 4+ messages in thread
From: Sven Wegener @ 2019-01-17 21:21 UTC (permalink / raw
To: gentoo-commits
commit: 4fbd9dd57d76b333b4c75791b1590f5ee09119f1
Author: Sven Wegener <swegener <AT> gentoo <DOT> org>
AuthorDate: Tue Jan 15 21:40:20 2019 +0000
Commit: Sven Wegener <swegener <AT> gentoo <DOT> org>
CommitDate: Thu Jan 17 21:21:30 2019 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4fbd9dd5
net-libs/libvncserver: Version bump, security bug #659560 and #673508
Bug: https://bugs.gentoo.org/659560
Bug: https://bugs.gentoo.org/673508
Closes: https://bugs.gentoo.org/435326
Closes: https://bugs.gentoo.org/675046
Signed-off-by: Sven Wegener <swegener <AT> gentoo.org>
Package-Manager: Portage-2.3.51, Repoman-2.3.11
net-libs/libvncserver/Manifest | 1 +
.../files/libvncserver-0.9.12-cmake-libdir.patch | 22 +++++++
net-libs/libvncserver/libvncserver-0.9.12.ebuild | 72 ++++++++++++++++++++++
3 files changed, 95 insertions(+)
diff --git a/net-libs/libvncserver/Manifest b/net-libs/libvncserver/Manifest
index 85c0fe603f2..0cb75239ec8 100644
--- a/net-libs/libvncserver/Manifest
+++ b/net-libs/libvncserver/Manifest
@@ -1 +1,2 @@
DIST LibVNCServer-0.9.11.tar.gz 1413739 BLAKE2B e295d3aef7181cd767676c4e55130fa65ecf8ea92a659b6de82d2cc465f1c9e1a587839942fd89882126dc8ec54f9de20a78e799ea194f9ae227a82ae705721b SHA512 e473c081b68dd3cdd96a1756b4f4945ece79d3c8e4cef62140be1699671555fc16d3080e81d764197a14ea83203ffcd0e18c3cc182e012d036e3faae943003fb
+DIST LibVNCServer-0.9.12.tar.gz 2237447 BLAKE2B 583500c0bcfb6e9e3a02a33fb2701113b164851f0906fcc4845de7c7d82d4f7f65f5edd6c9a672348ee1deeefc65c1b0a257da024254598ba86d121d424f027e SHA512 60ff1cc93a937d6f8f97449bc58b763095846207112f7b1b3c43eb2d74448b595d6da949903a764bd484ee54e38ff6277e882adbe965dd6d26ba15ef6ff6fcb8
diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-cmake-libdir.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-cmake-libdir.patch
new file mode 100644
index 00000000000..35ee26dc7b0
--- /dev/null
+++ b/net-libs/libvncserver/files/libvncserver-0.9.12-cmake-libdir.patch
@@ -0,0 +1,22 @@
+--- libvncserver-LibVNCServer-0.9.12/CMakeLists.txt
++++ libvncserver-LibVNCServer-0.9.12/CMakeLists.txt
+@@ -666,8 +666,8 @@
+ configure_file(${CMAKE_CURRENT_SOURCE_DIR}/libvncclient.pc.cmakein ${CMAKE_CURRENT_BINARY_DIR}/libvncclient.pc @ONLY)
+
+
+-install_targets(/lib vncserver)
+-install_targets(/lib vncclient)
++install_targets(/${CMAKE_INSTALL_LIBDIR} vncserver)
++install_targets(/${CMAKE_INSTALL_LIBDIR} vncclient)
+ install_files(/include/rfb FILES
+ rfb/keysym.h
+ rfb/rfb.h
+@@ -677,7 +677,7 @@
+ rfb/rfbregion.h
+ )
+
+-install_files(/lib/pkgconfig FILES
++install_files(/${CMAKE_INSTALL_LIBDIR}/pkgconfig FILES
+ libvncserver.pc
+ libvncclient.pc
+ )
diff --git a/net-libs/libvncserver/libvncserver-0.9.12.ebuild b/net-libs/libvncserver/libvncserver-0.9.12.ebuild
new file mode 100644
index 00000000000..1a25cd77ee5
--- /dev/null
+++ b/net-libs/libvncserver/libvncserver-0.9.12.ebuild
@@ -0,0 +1,72 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+
+inherit cmake-multilib
+
+MY_PN="LibVNCServer"
+
+DESCRIPTION="library for creating vnc servers"
+HOMEPAGE="https://libvnc.github.io/"
+SRC_URI="https://github.com/LibVNC/${PN}/archive/${MY_PN}-${PV}.tar.gz"
+
+LICENSE="GPL-2"
+# No sub slot wanted (yet), see #578958
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux"
+IUSE="+24bpp gcrypt gnutls ipv6 +jpeg libressl lzo +png sasl sdl ssl static-libs systemd test +threads +zlib"
+REQUIRED_USE="!gnutls? ( ssl? ( threads ) ) png? ( zlib )"
+
+DEPEND="
+ gcrypt? ( >=dev-libs/libgcrypt-1.5.3:0=[${MULTILIB_USEDEP}] )
+ gnutls? (
+ >=net-libs/gnutls-2.12.23-r6:0=[${MULTILIB_USEDEP}]
+ >=dev-libs/libgcrypt-1.5.3:0=[${MULTILIB_USEDEP}]
+ )
+ !gnutls? (
+ ssl? (
+ !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] )
+ libressl? ( dev-libs/libressl:0=[${MULTILIB_USEDEP}] )
+ )
+ )
+ jpeg? ( >=virtual/jpeg-0-r2:0[${MULTILIB_USEDEP}] )
+ lzo? ( dev-libs/lzo )
+ png? ( >=media-libs/libpng-1.6.10:0=[${MULTILIB_USEDEP}] )
+ sasl? ( dev-libs/cyrus-sasl )
+ sdl? ( media-libs/libsdl2 )
+ systemd? ( sys-apps/systemd:= )
+ zlib? ( >=sys-libs/zlib-1.2.8-r1:0=[${MULTILIB_USEDEP}] )"
+RDEPEND="${DEPEND}"
+
+S="${WORKDIR}/${PN}-${MY_PN}-${PV}"
+
+DOCS=( AUTHORS ChangeLog NEWS README.md TODO )
+
+PATCHES=(
+ "${FILESDIR}"/${P}-cmake-libdir.patch
+)
+
+multilib_src_configure() {
+ local mycmakeargs=(
+ -DWITH_ZLIB=$(usex zlib ON OFF)
+ -DWITH_LZO=$(usex lzo ON OFF)
+ -DWITH_JPEG=$(usex jpeg ON OFF)
+ -DWITH_PNG=$(usex png ON OFF)
+ -DWITH_SDL=$(usex sdl ON OFF)
+ -DWITH_THREADS=$(usex threads ON OFF)
+ -DWITH_GNUTLS=$(usex gnutls ON OFF)
+ -DWITH_OPENSSL=$(usex gnutls OFF $(usex ssl ON OFF))
+ -DWITH_GCRYPT=$(usex gnutls ON $(usex gcrypt ON OFF))
+ -DWITH_SYSTEMD=$(usex systemd ON OFF)
+ -DWITH_FFMPEG=OFF
+ -DWITH_24BPP=$(usex 24bpp ON OFF)
+ -DWITH_IPv6=$(usex ipv6 ON OFF)
+ -DWITH_SASL=$(usex sasl ON OFF)
+ )
+ cmake-utils_src_configure
+}
+
+multilib_src_install_all() {
+ einstalldocs
+}
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-libs/libvncserver/files/, net-libs/libvncserver/
@ 2020-03-26 7:22 Joonas Niilola
0 siblings, 0 replies; 4+ messages in thread
From: Joonas Niilola @ 2020-03-26 7:22 UTC (permalink / raw
To: gentoo-commits
commit: 369a02be4da385aca62393c390229d3311e6bb78
Author: Alexander Tsoy <alexander <AT> tsoy <DOT> me>
AuthorDate: Mon Mar 23 15:40:08 2020 +0000
Commit: Joonas Niilola <juippis <AT> gentoo <DOT> org>
CommitDate: Thu Mar 26 07:22:02 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=369a02be
net-libs/libvncserver: Fix CVE-2019-15690
Bug: https://bugs.gentoo.org/714054
Signed-off-by: Alexander Tsoy <alexander <AT> tsoy.me>
Closes: https://github.com/gentoo/gentoo/pull/15070
Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org>
.../files/libvncserver-0.9.12-CVE-2019-15690.patch | 39 +++++++++++
.../libvncserver/libvncserver-0.9.12-r5.ebuild | 75 ++++++++++++++++++++++
2 files changed, 114 insertions(+)
diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15690.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15690.patch
new file mode 100644
index 00000000000..5ef290129c7
--- /dev/null
+++ b/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15690.patch
@@ -0,0 +1,39 @@
+From 54220248886b5001fbbb9fa73c4e1a2cb9413fed Mon Sep 17 00:00:00 2001
+From: Christian Beier <dontmind@freeshell.org>
+Date: Sun, 17 Nov 2019 17:18:35 +0100
+Subject: [PATCH] libvncclient/cursor: limit width/height input values
+
+Avoids a possible heap overflow reported by Pavel Cheremushkin
+<Pavel.Cheremushkin@kaspersky.com>.
+
+re #275
+---
+ libvncclient/cursor.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/libvncclient/cursor.c b/libvncclient/cursor.c
+index 67f4572..40ffb3b 100644
+--- a/libvncclient/cursor.c
++++ b/libvncclient/cursor.c
+@@ -28,6 +28,8 @@
+ #define OPER_SAVE 0
+ #define OPER_RESTORE 1
+
++#define MAX_CURSOR_SIZE 1024
++
+ #define RGB24_TO_PIXEL(bpp,r,g,b) \
+ ((((uint##bpp##_t)(r) & 0xFF) * client->format.redMax + 127) / 255 \
+ << client->format.redShift | \
+@@ -54,6 +56,9 @@ rfbBool HandleCursorShape(rfbClient* client,int xhot, int yhot, int width, int h
+ if (width * height == 0)
+ return TRUE;
+
++ if (width >= MAX_CURSOR_SIZE || height >= MAX_CURSOR_SIZE)
++ return FALSE;
++
+ /* Allocate memory for pixel data and temporary mask data. */
+ if(client->rcSource)
+ free(client->rcSource);
+--
+2.24.1
+
diff --git a/net-libs/libvncserver/libvncserver-0.9.12-r5.ebuild b/net-libs/libvncserver/libvncserver-0.9.12-r5.ebuild
new file mode 100644
index 00000000000..87aad236303
--- /dev/null
+++ b/net-libs/libvncserver/libvncserver-0.9.12-r5.ebuild
@@ -0,0 +1,75 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit cmake
+
+MY_P="LibVNCServer-${PV}"
+
+DESCRIPTION="library for creating vnc servers"
+HOMEPAGE="https://libvnc.github.io/"
+SRC_URI="https://github.com/LibVNC/${PN}/archive/${MY_P}.tar.gz"
+S="${WORKDIR}/${PN}-${MY_P}"
+
+# libvncserver/tightvnc-filetransfer/*: GPL-2, but we don't build it
+# common/d3des.*: https://github.com/LibVNC/libvncserver/issues/88
+LICENSE="GPL-2+ LGPL-2.1+ BSD MIT"
+# no sub slot wanted (yet), see #578958
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~x86-linux"
+IUSE="+24bpp gcrypt gnutls ipv6 +jpeg libressl lzo +png sasl ssl systemd +threads +zlib"
+# https://bugs.gentoo.org/690202
+# https://bugs.gentoo.org/435326
+# https://bugs.gentoo.org/550916
+REQUIRED_USE="jpeg? ( zlib ) png? ( zlib ) ssl? ( !gnutls? ( threads ) )"
+
+DEPEND="
+ gcrypt? ( >=dev-libs/libgcrypt-1.5.3:0= )
+ ssl? (
+ !gnutls? (
+ !libressl? ( >=dev-libs/openssl-1.0.2:0= )
+ libressl? ( >=dev-libs/libressl-2.7.0:0= )
+ )
+ gnutls? ( >=net-libs/gnutls-2.12.23-r6:0= )
+ )
+ jpeg? ( >=virtual/jpeg-0-r2:0 )
+ lzo? ( dev-libs/lzo )
+ png? ( >=media-libs/libpng-1.6.10:0= )
+ sasl? ( dev-libs/cyrus-sasl )
+ systemd? ( sys-apps/systemd:= )
+ zlib? ( >=sys-libs/zlib-1.2.8-r1:0= )"
+RDEPEND="${DEPEND}"
+
+DOCS=( AUTHORS ChangeLog NEWS README.md TODO )
+
+PATCHES=(
+ "${FILESDIR}"/${P}-cmake-libdir.patch
+ "${FILESDIR}"/${P}-pkgconfig-libdir.patch
+ "${FILESDIR}"/${P}-libgcrypt.patch
+ "${FILESDIR}"/${P}-sparc-unaligned.patch
+ "${FILESDIR}"/${P}-CVE-2018-20750.patch
+ "${FILESDIR}"/${P}-CVE-2019-15681.patch
+ "${FILESDIR}"/${P}-fix-tight-raw-decoding.patch
+ "${FILESDIR}"/${P}-fix-shutdown-crash.patch
+ "${FILESDIR}"/${P}-CVE-2019-15690.patch
+)
+
+src_configure() {
+ local mycmakeargs=(
+ -DWITH_ZLIB=$(usex zlib ON OFF)
+ -DWITH_LZO=$(usex lzo ON OFF)
+ -DWITH_JPEG=$(usex jpeg ON OFF)
+ -DWITH_PNG=$(usex png ON OFF)
+ -DWITH_THREADS=$(usex threads ON OFF)
+ -DWITH_GNUTLS=$(usex gnutls $(usex ssl ON OFF) OFF)
+ -DWITH_OPENSSL=$(usex gnutls OFF $(usex ssl ON OFF))
+ -DWITH_GCRYPT=$(usex gcrypt ON OFF)
+ -DWITH_SYSTEMD=$(usex systemd ON OFF)
+ -DWITH_FFMPEG=OFF
+ -DWITH_24BPP=$(usex 24bpp ON OFF)
+ -DWITH_IPv6=$(usex ipv6 ON OFF)
+ -DWITH_SASL=$(usex sasl ON OFF)
+ )
+ cmake_src_configure
+}
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-libs/libvncserver/files/, net-libs/libvncserver/
@ 2023-02-18 13:06 Andreas Sturmlechner
0 siblings, 0 replies; 4+ messages in thread
From: Andreas Sturmlechner @ 2023-02-18 13:06 UTC (permalink / raw
To: gentoo-commits
commit: 29bd18220587faa63d90afb87447327f638257c2
Author: Alexander Tsoy <alexander <AT> tsoy <DOT> me>
AuthorDate: Fri Feb 17 21:35:03 2023 +0000
Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
CommitDate: Sat Feb 18 13:06:13 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=29bd1822
net-libs/libvncserver: security cleanup
Bug: https://bugs.gentoo.org/887067
Signed-off-by: Alexander Tsoy <alexander <AT> tsoy.me>
Closes: https://github.com/gentoo/gentoo/pull/29641
Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org>
net-libs/libvncserver/Manifest | 1 -
.../files/libvncserver-0.9.13-CVE-2020-29260.patch | 27 --------
.../libvncserver-0.9.13-test-fix-includetest.patch | 54 ---------------
.../libvncserver-0.9.13-test-fix-tjunittest.patch | 29 ---------
.../libvncserver/libvncserver-0.9.13-r1.ebuild | 76 ----------------------
5 files changed, 187 deletions(-)
diff --git a/net-libs/libvncserver/Manifest b/net-libs/libvncserver/Manifest
index 560434399356..779ce1c48b7d 100644
--- a/net-libs/libvncserver/Manifest
+++ b/net-libs/libvncserver/Manifest
@@ -1,2 +1 @@
-DIST LibVNCServer-0.9.13.tar.gz 567491 BLAKE2B 138c7ca63f8cd30a21dc1b58aafa744e12a1a9eca503ffec18a63d18791d7a5df4eef176d7e4e797a2aadda1dd04d1b051abfd76bf5c6806d558c09ffee78cce SHA512 18b0a1698d32bbdbfe6f65f76130b2a95860e3cc76e8adb904269663698c7c0ae982f451fda1f25e5461f096045d40a89d9014258f439366d5b4feaa4999d643
DIST LibVNCServer-0.9.14.tar.gz 593516 BLAKE2B 6585e15e2ade08211ace0ae40deb07eca04b96dcfe38fb4d2e7d7a7192ca22dda546cb69fc4be6c6b7eb83c8afb0ea14d7cee3779a9e64c138ec861efeb540b8 SHA512 8a0a58e355154cbe1e5807864dc874b063c5e5f5e20d64ae541d49d51b654a35ca9c625adc5c303b6570fa79c19f82d87a37612f9801b453ccf862bd77c06fcc
diff --git a/net-libs/libvncserver/files/libvncserver-0.9.13-CVE-2020-29260.patch b/net-libs/libvncserver/files/libvncserver-0.9.13-CVE-2020-29260.patch
deleted file mode 100644
index 23ffed8c1774..000000000000
--- a/net-libs/libvncserver/files/libvncserver-0.9.13-CVE-2020-29260.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From bef41f6ec4097a8ee094f90a1b34a708fbd757ec Mon Sep 17 00:00:00 2001
-From: Christian Beier <info@christianbeier.net>
-Date: Sat, 21 Nov 2020 12:52:31 +0100
-Subject: [PATCH] libvncclient: free vncRec memory in rfbClientCleanup()
-
-Otherwise we leak memory. Spotted by Ramin Farajpour Cami
-<ramin.blackhat@gmail.com>, thanks!
----
- libvncclient/vncviewer.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/libvncclient/vncviewer.c b/libvncclient/vncviewer.c
-index d6b91f02..0a1bdcf6 100644
---- a/libvncclient/vncviewer.c
-+++ b/libvncclient/vncviewer.c
-@@ -534,6 +534,8 @@ void rfbClientCleanup(rfbClient* client) {
- client->clientData = next;
- }
-
-+ free(client->vncRec);
-+
- if (client->sock != RFB_INVALID_SOCKET)
- rfbCloseSocket(client->sock);
- if (client->listenSock != RFB_INVALID_SOCKET)
---
-2.35.1
-
diff --git a/net-libs/libvncserver/files/libvncserver-0.9.13-test-fix-includetest.patch b/net-libs/libvncserver/files/libvncserver-0.9.13-test-fix-includetest.patch
deleted file mode 100644
index 767708288830..000000000000
--- a/net-libs/libvncserver/files/libvncserver-0.9.13-test-fix-includetest.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From 39cff3dd6b5d9ebcf86f01e2c7e0bef62abd9d6f Mon Sep 17 00:00:00 2001
-From: Alexander Tsoy <alexander@tsoy.me>
-Date: Thu, 25 Jun 2020 11:35:04 +0300
-Subject: [PATCH 1/2] test: fix includetest to use CMAKE_MAKE_PROGRAM (#431)
-
-includetest currently fais if, for example, ninja is used as a CMake
-generator. Fix it by using CMAKE_MAKE_PROGRAM in the test.
----
- CMakeLists.txt | 2 +-
- test/includetest.sh | 7 ++++---
- 2 files changed, 5 insertions(+), 4 deletions(-)
-
-diff --git a/CMakeLists.txt b/CMakeLists.txt
-index 0b6228a2..290deb38 100644
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -680,7 +680,7 @@ endif(LIBVNCSERVER_WITH_WEBSOCKETS)
-
- add_test(NAME cargs COMMAND test_cargstest)
- if(UNIX)
-- add_test(NAME includetest COMMAND ${TESTS_DIR}/includetest.sh ${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_INCLUDEDIR})
-+ add_test(NAME includetest COMMAND ${TESTS_DIR}/includetest.sh ${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_INCLUDEDIR} ${CMAKE_MAKE_PROGRAM})
- endif(UNIX)
- if(FOUND_LIBJPEG_TURBO)
- add_test(NAME turbojpeg COMMAND test_tjunittest)
-diff --git a/test/includetest.sh b/test/includetest.sh
-index 23d602e6..6b064208 100755
---- a/test/includetest.sh
-+++ b/test/includetest.sh
-@@ -5,10 +5,11 @@
-
- # expects install prefix like /usr as an argument
- PREFIX=$1
-+CMAKE_MAKE_PROGRAM=$2
-
- TMPDIR=$(mktemp -d)
-
--make install DESTDIR=$TMPDIR
-+DESTDIR="$TMPDIR" $CMAKE_MAKE_PROGRAM install
-
- echo \
- "
-@@ -19,6 +20,6 @@ int main()
- {
- return 0;
- }
--" > $TMPDIR/includetest.c
-+" > "$TMPDIR"/includetest.c
-
--cc -I $TMPDIR/$PREFIX $TMPDIR/includetest.c
-+cc -I "$TMPDIR/$PREFIX" "$TMPDIR"/includetest.c
---
-2.26.2
-
diff --git a/net-libs/libvncserver/files/libvncserver-0.9.13-test-fix-tjunittest.patch b/net-libs/libvncserver/files/libvncserver-0.9.13-test-fix-tjunittest.patch
deleted file mode 100644
index 98e3a654b471..000000000000
--- a/net-libs/libvncserver/files/libvncserver-0.9.13-test-fix-tjunittest.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 8244fab5421fd14d4c75ce488ad18d38b7a6edb4 Mon Sep 17 00:00:00 2001
-From: Christian Beier <info@christianbeier.net>
-Date: Thu, 25 Jun 2020 12:21:50 +0200
-Subject: [PATCH 2/2] CMake: only add turbojpeg test if configured WITH_JPEG
-
-Closes #430
----
- CMakeLists.txt | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/CMakeLists.txt b/CMakeLists.txt
-index 290deb38..fdca4d81 100644
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -682,9 +682,9 @@ add_test(NAME cargs COMMAND test_cargstest)
- if(UNIX)
- add_test(NAME includetest COMMAND ${TESTS_DIR}/includetest.sh ${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_INCLUDEDIR} ${CMAKE_MAKE_PROGRAM})
- endif(UNIX)
--if(FOUND_LIBJPEG_TURBO)
-+if(WITH_JPEG AND FOUND_LIBJPEG_TURBO)
- add_test(NAME turbojpeg COMMAND test_tjunittest)
--endif(FOUND_LIBJPEG_TURBO)
-+endif(WITH_JPEG AND FOUND_LIBJPEG_TURBO)
- if(LIBVNCSERVER_WITH_WEBSOCKETS)
- add_test(NAME wstest COMMAND test_wstest)
- endif(LIBVNCSERVER_WITH_WEBSOCKETS)
---
-2.26.2
-
diff --git a/net-libs/libvncserver/libvncserver-0.9.13-r1.ebuild b/net-libs/libvncserver/libvncserver-0.9.13-r1.ebuild
deleted file mode 100644
index 29851d5a4e57..000000000000
--- a/net-libs/libvncserver/libvncserver-0.9.13-r1.ebuild
+++ /dev/null
@@ -1,76 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-inherit cmake
-
-MY_P="LibVNCServer-${PV}"
-
-DESCRIPTION="library for creating vnc servers"
-HOMEPAGE="https://libvnc.github.io/"
-SRC_URI="https://github.com/LibVNC/${PN}/archive/${MY_P}.tar.gz"
-S="${WORKDIR}/${PN}-${MY_P}"
-
-# common/d3des.*: https://github.com/LibVNC/libvncserver/issues/88
-LICENSE="GPL-2 GPL-2+ LGPL-2.1+ BSD MIT"
-# no sub slot wanted (yet), see #578958
-SLOT="0"
-KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux"
-IUSE="+24bpp +filetransfer gcrypt gnutls ipv6 +jpeg lzo +png sasl ssl systemd +threads +zlib"
-# https://bugs.gentoo.org/690202
-# https://bugs.gentoo.org/435326
-# https://bugs.gentoo.org/550916
-REQUIRED_USE="
- filetransfer? ( threads )
- jpeg? ( zlib )
- png? ( zlib )
- ssl? ( !gnutls? ( threads ) )
-"
-
-DEPEND="
- gcrypt? ( >=dev-libs/libgcrypt-1.5.3:0= )
- ssl? (
- !gnutls? (
- >=dev-libs/openssl-1.0.2:0=
- )
- gnutls? ( >=net-libs/gnutls-2.12.23-r6:0= )
- )
- jpeg? ( media-libs/libjpeg-turbo:= )
- lzo? ( dev-libs/lzo )
- png? ( >=media-libs/libpng-1.6.10:0= )
- sasl? ( dev-libs/cyrus-sasl )
- systemd? ( sys-apps/systemd:= )
- zlib? ( >=sys-libs/zlib-1.2.8-r1:0= )
-"
-RDEPEND="${DEPEND}"
-
-DOCS=( AUTHORS ChangeLog NEWS.md README.md TODO.md )
-
-PATCHES=(
- "${FILESDIR}"/${P}-test-fix-includetest.patch
- "${FILESDIR}"/${P}-test-fix-tjunittest.patch
- "${FILESDIR}"/${P}-CVE-2020-29260.patch
-)
-
-src_configure() {
- local mycmakeargs=(
- -DWITH_FFMPEG=OFF
- -DWITH_GTK=OFF
- -DWITH_SDL=OFF
- -DWITH_24BPP=$(usex 24bpp ON OFF)
- -DWITH_TIGHTVNC_FILETRANSFER=$(usex filetransfer ON OFF)
- -DWITH_GCRYPT=$(usex gcrypt ON OFF)
- -DWITH_GNUTLS=$(usex gnutls $(usex ssl ON OFF) OFF)
- -DWITH_IPv6=$(usex ipv6 ON OFF)
- -DWITH_JPEG=$(usex jpeg ON OFF)
- -DWITH_LZO=$(usex lzo ON OFF)
- -DWITH_OPENSSL=$(usex gnutls OFF $(usex ssl ON OFF))
- -DWITH_PNG=$(usex png ON OFF)
- -DWITH_SASL=$(usex sasl ON OFF)
- -DWITH_SYSTEMD=$(usex systemd ON OFF)
- -DWITH_THREADS=$(usex threads ON OFF)
- -DWITH_ZLIB=$(usex zlib ON OFF)
- )
- cmake_src_configure
-}
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: net-libs/libvncserver/files/, net-libs/libvncserver/
@ 2023-03-23 4:57 Sam James
0 siblings, 0 replies; 4+ messages in thread
From: Sam James @ 2023-03-23 4:57 UTC (permalink / raw
To: gentoo-commits
commit: 01dbaaafe6f24fecdc12973aa620ce50ffeb544d
Author: Alexander Tsoy <alexander <AT> tsoy <DOT> me>
AuthorDate: Thu Mar 23 02:50:59 2023 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Thu Mar 23 04:56:50 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=01dbaaaf
net-libs/libvncserver: fix openssl crypto backend
Bug: https://bugs.gentoo.org/893608
Signed-off-by: Alexander Tsoy <alexander <AT> tsoy.me>
Closes: https://github.com/gentoo/gentoo/pull/30311
Signed-off-by: Sam James <sam <AT> gentoo.org>
.../libvncserver-0.9.14-crypto-openssl-fix.patch | 59 ++++++++++++++++
.../libvncserver/libvncserver-0.9.14-r1.ebuild | 81 ++++++++++++++++++++++
2 files changed, 140 insertions(+)
diff --git a/net-libs/libvncserver/files/libvncserver-0.9.14-crypto-openssl-fix.patch b/net-libs/libvncserver/files/libvncserver-0.9.14-crypto-openssl-fix.patch
new file mode 100644
index 000000000000..d4c76773b02c
--- /dev/null
+++ b/net-libs/libvncserver/files/libvncserver-0.9.14-crypto-openssl-fix.patch
@@ -0,0 +1,59 @@
+From b686f379c34114cf938fe88291f58014337558f6 Mon Sep 17 00:00:00 2001
+From: Gaurav Ujjwal <gujjwal00@gmail.com>
+Date: Mon, 23 Jan 2023 00:03:03 +0530
+Subject: [PATCH] common/crypto_openssl: pad DH key buffers with leading zeros
+ for smaller keys
+
+Re: https://github.com/LibVNC/libvncserver/issues/493
+Re: https://github.com/bk138/multivnc/issues/202
+---
+ common/crypto_openssl.c | 18 ++++++++++++++++--
+ 1 file changed, 16 insertions(+), 2 deletions(-)
+
+diff --git a/common/crypto_openssl.c b/common/crypto_openssl.c
+index 50e8073a..dc1ee093 100644
+--- a/common/crypto_openssl.c
++++ b/common/crypto_openssl.c
+@@ -156,6 +156,15 @@ int encrypt_aes128ecb(void *out, int *out_len, const unsigned char key[16], cons
+ return result;
+ }
+
++static void pad_leading_zeros(uint8_t *out, const size_t current_len, const size_t expected_len) {
++ if (current_len >= expected_len || expected_len < 1)
++ return;
++
++ size_t diff = expected_len - current_len;
++ memmove(out + diff, out, current_len);
++ memset(out, 0, diff);
++}
++
+ int dh_generate_keypair(uint8_t *priv_out, uint8_t *pub_out, const uint8_t *gen, const size_t gen_len, const uint8_t *prime, const size_t keylen)
+ {
+ int result = 0;
+@@ -184,6 +193,9 @@ int dh_generate_keypair(uint8_t *priv_out, uint8_t *pub_out, const uint8_t *gen,
+ goto out;
+ if(BN_bn2bin(dh->pub_key, pub_out) == 0)
+ goto out;
++
++ pad_leading_zeros(priv_out, BN_num_bytes(dh->priv_key), keylen);
++ pad_leading_zeros(pub_out, BN_num_bytes(dh->pub_key), keylen);
+ #else
+ DH_get0_key(dh, &pub_key, &priv_key);
+ if(BN_bn2binpad(priv_key, priv_out, keylen) == -1)
+@@ -216,9 +228,11 @@ int dh_compute_shared_key(uint8_t *shared_out, const uint8_t *priv, const uint8_
+ if(!DH_set0_key(dh, NULL, BN_bin2bn(priv, keylen, NULL)))
+ goto out;
+ #endif
+- if(DH_compute_key(shared_out, BN_bin2bn(pub, keylen, NULL), dh) == -1)
+- goto out;
++ int shared_len = DH_compute_key(shared_out, BN_bin2bn(pub, keylen, NULL), dh);
++ if(shared_len == -1)
++ goto out;
+
++ pad_leading_zeros(shared_out, shared_len, keylen);
+ result = 1;
+
+ out:
+--
+2.39.2
+
diff --git a/net-libs/libvncserver/libvncserver-0.9.14-r1.ebuild b/net-libs/libvncserver/libvncserver-0.9.14-r1.ebuild
new file mode 100644
index 000000000000..996b5e9c2b4e
--- /dev/null
+++ b/net-libs/libvncserver/libvncserver-0.9.14-r1.ebuild
@@ -0,0 +1,81 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit cmake
+
+MY_P="LibVNCServer-${PV}"
+
+DESCRIPTION="library for creating vnc servers"
+HOMEPAGE="https://libvnc.github.io/"
+SRC_URI="https://github.com/LibVNC/${PN}/archive/${MY_P}.tar.gz"
+S="${WORKDIR}/${PN}-${MY_P}"
+
+# common/d3des.*: https://github.com/LibVNC/libvncserver/issues/88
+LICENSE="GPL-2 GPL-2+ LGPL-2.1+ BSD MIT"
+# no sub slot wanted (yet), see #578958
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"
+IUSE="+24bpp +filetransfer +gcrypt gnutls ipv6 +jpeg lzo +png sasl ssl systemd +threads +zlib"
+# https://bugs.gentoo.org/690202
+# https://bugs.gentoo.org/435326
+# https://bugs.gentoo.org/550916
+REQUIRED_USE="
+ filetransfer? ( threads )
+ jpeg? ( zlib )
+ png? ( zlib )
+ ssl? ( !gnutls? ( threads ) )
+"
+# Avoid using internal crypto backend as it doesn't support
+# all authentication methods #893608
+REQUIRED_USE+="
+ ssl? ( gnutls? ( gcrypt ) )
+ !ssl? ( gcrypt )
+"
+
+DEPEND="
+ gcrypt? ( >=dev-libs/libgcrypt-1.5.3:0= )
+ ssl? (
+ !gnutls? (
+ >=dev-libs/openssl-1.0.2:0=
+ )
+ gnutls? ( >=net-libs/gnutls-2.12.23-r6:0= )
+ )
+ jpeg? ( media-libs/libjpeg-turbo:= )
+ lzo? ( dev-libs/lzo )
+ png? ( >=media-libs/libpng-1.6.10:0= )
+ sasl? ( dev-libs/cyrus-sasl )
+ systemd? ( sys-apps/systemd:= )
+ zlib? ( >=sys-libs/zlib-1.2.8-r1:0= )
+"
+RDEPEND="${DEPEND}"
+
+DOCS=( AUTHORS ChangeLog NEWS.md README.md )
+
+PATCHES=(
+ "${FILESDIR}"/${P}-crypto-openssl-fix.patch
+)
+
+src_configure() {
+ local mycmakeargs=(
+ -DWITH_EXAMPLES=OFF
+ -DWITH_FFMPEG=OFF
+ -DWITH_GTK=OFF
+ -DWITH_SDL=OFF
+ -DWITH_24BPP=$(usex 24bpp ON OFF)
+ -DWITH_TIGHTVNC_FILETRANSFER=$(usex filetransfer ON OFF)
+ -DWITH_GCRYPT=$(usex gcrypt ON OFF)
+ -DWITH_GNUTLS=$(usex gnutls $(usex ssl ON OFF) OFF)
+ -DWITH_IPv6=$(usex ipv6 ON OFF)
+ -DWITH_JPEG=$(usex jpeg ON OFF)
+ -DWITH_LZO=$(usex lzo ON OFF)
+ -DWITH_OPENSSL=$(usex gnutls OFF $(usex ssl ON OFF))
+ -DWITH_PNG=$(usex png ON OFF)
+ -DWITH_SASL=$(usex sasl ON OFF)
+ -DWITH_SYSTEMD=$(usex systemd ON OFF)
+ -DWITH_THREADS=$(usex threads ON OFF)
+ -DWITH_ZLIB=$(usex zlib ON OFF)
+ )
+ cmake_src_configure
+}
^ permalink raw reply related [flat|nested] 4+ messages in thread
end of thread, other threads:[~2023-03-23 4:57 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-03-23 4:57 [gentoo-commits] repo/gentoo:master commit in: net-libs/libvncserver/files/, net-libs/libvncserver/ Sam James
-- strict thread matches above, loose matches on Subject: below --
2023-02-18 13:06 Andreas Sturmlechner
2020-03-26 7:22 Joonas Niilola
2019-01-17 21:21 Sven Wegener
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox