[gentoo-commits] repo/proj/libressl:migration commit in: x11-misc/x11vnc/files/, x11-misc/x11vnc/

[gentoo-commits] repo/proj/libressl:migration commit in: x11-misc/x11vnc/files/, x11-misc/x11vnc/

[Quentin Retornaz]

commit:     9f99efbc58b0994c152976cd7d79142973846da0
Author:     Quentin Retornaz <gentoo <AT> retornaz <DOT> com>
AuthorDate: Sun Jan 17 21:07:17 2021 +0000
Commit:     Quentin Retornaz <gentoo <AT> retornaz <DOT> com>
CommitDate: Tue Jan 26 00:21:45 2021 +0000
URL:        https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=9f99efbc

x11-misc/x11vnc: new package

Package-Manager: Portage-3.0.12, Repoman-3.0.2
Signed-off-by: Quentin Retornaz <gentoo <AT> retornaz.com>

 x11-misc/x11vnc/Manifest                           |  1 +
 .../files/x11vnc-0.9.16-CVE-2020-29074.patch       | 25 ++++++
 .../x11vnc/files/x11vnc-0.9.16-anonymous-ssl.patch | 26 ++++++
 x11-misc/x11vnc/files/x11vnc-0.9.16-crypto.patch   | 23 ++++++
 .../x11vnc/files/x11vnc-0.9.16-fno-common.patch    | 45 +++++++++++
 x11-misc/x11vnc/files/x11vnc-0.9.16-libressl.patch | 93 ++++++++++++++++++++++
 x11-misc/x11vnc/files/x11vnc.conf.d                | 37 +++++++++
 x11-misc/x11vnc/files/x11vnc.init.d                | 70 ++++++++++++++++
 x11-misc/x11vnc/metadata.xml                       | 26 ++++++
 x11-misc/x11vnc/x11vnc-0.9.16-r4.ebuild            | 81 +++++++++++++++++++
 10 files changed, 427 insertions(+)

diff --git a/x11-misc/x11vnc/Manifest b/x11-misc/x11vnc/Manifest
new file mode 100644
index 0000000..99593c7
--- /dev/null
+++ b/x11-misc/x11vnc/Manifest
@@ -0,0 +1 @@
+DIST x11vnc-0.9.16.tar.gz 1708009 BLAKE2B a8789f95ef421a78a83703748e1d80fd45539dff24f80493fd75e357bc22378213915853f9d114248c172cd83977880e1e4e8a3f8df0771017e9988d83b7307d SHA512 69f65ee312f8dede6051b401304987502a213c6c28c7f41e855734f11de1fae14d5d493dc9c28b2e4b7c0be55f8dbd3b35dd2610aae910183772c3e626736fec

diff --git a/x11-misc/x11vnc/files/x11vnc-0.9.16-CVE-2020-29074.patch b/x11-misc/x11vnc/files/x11vnc-0.9.16-CVE-2020-29074.patch
new file mode 100644
index 0000000..12f65b9
--- /dev/null
+++ b/x11-misc/x11vnc/files/x11vnc-0.9.16-CVE-2020-29074.patch
@@ -0,0 +1,25 @@
+From 69eeb9f7baa14ca03b16c9de821f9876def7a36a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Gu=C3=A9nal=20DAVALAN?= <guenal.davalan@uca.fr>
+Date: Wed, 18 Nov 2020 08:40:45 +0100
+Subject: [PATCH] scan: limit access to shared memory segments to current user
+
+---
+ src/scan.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/scan.c b/src/scan.c
+index 43e00d2..12994d5 100644
+--- a/src/scan.c
++++ b/src/scan.c
+@@ -320,7 +320,7 @@ static int shm_create(XShmSegmentInfo *shm, XImage **ximg_ptr, int w, int h,
+ 
+ #if HAVE_XSHM
+ 	shm->shmid = shmget(IPC_PRIVATE,
+-	    xim->bytes_per_line * xim->height, IPC_CREAT | 0777);
++	    xim->bytes_per_line * xim->height, IPC_CREAT | 0600);
+ 
+ 	if (shm->shmid == -1) {
+ 		rfbErr("shmget(%s) failed.\n", name);
+-- 
+2.26.2
+

diff --git a/x11-misc/x11vnc/files/x11vnc-0.9.16-anonymous-ssl.patch b/x11-misc/x11vnc/files/x11vnc-0.9.16-anonymous-ssl.patch
new file mode 100644
index 0000000..3dafb9a
--- /dev/null
+++ b/x11-misc/x11vnc/files/x11vnc-0.9.16-anonymous-ssl.patch
@@ -0,0 +1,26 @@
+From b9cf79fd3d61a7586fe6b24b3141e406cdf334eb Mon Sep 17 00:00:00 2001
+From: Jim Broadus <jbroadus@xevo.com>
+Date: Wed, 2 Jan 2019 17:37:40 -0800
+Subject: [PATCH] Fix anonymous SSL. In version 1.1.0, openssl introduced a
+ security level concept. Only level 0 allows the use of unauthenticated cipher
+ suites such as ADH.
+
+---
+ src/sslhelper.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/sslhelper.c b/src/sslhelper.c
+index 1a3e7474..04c2e273 100644
+--- a/src/sslhelper.c
++++ b/src/sslhelper.c
+@@ -1596,6 +1596,10 @@ static int switch_to_anon_dh(void) {
+ 	if (ssl_client_mode) {
+ 		return 1;
+ 	}
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	/* Security level must be set to 0 for unauthenticated suites. */
++	SSL_CTX_set_security_level(ctx, 0);
++#endif
+ 	if (!SSL_CTX_set_cipher_list(ctx, "ADH:@STRENGTH")) {
+ 		return 0;
+ 	}

diff --git a/x11-misc/x11vnc/files/x11vnc-0.9.16-crypto.patch b/x11-misc/x11vnc/files/x11vnc-0.9.16-crypto.patch
new file mode 100644
index 0000000..21872e7
--- /dev/null
+++ b/x11-misc/x11vnc/files/x11vnc-0.9.16-crypto.patch
@@ -0,0 +1,23 @@
+From 3024af3685be9eb618352bd17ba37953d8076946 Mon Sep 17 00:00:00 2001
+From: Christian Beier <dontmind@freeshell.org>
+Date: Thu, 17 Jan 2019 14:05:53 +0100
+Subject: [PATCH] unixpw: don't try to use crypt() when it isn't available
+
+Closes #86
+---
+ src/unixpw.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/unixpw.c b/src/unixpw.c
+index 9a43cec..e2cb016 100644
+--- a/src/unixpw.c
++++ b/src/unixpw.c
+@@ -757,7 +757,7 @@ int unixpw_list_match(char *user) {
+ }
+ 
+ int crypt_verify(char *user, char *pass) {
+-#ifndef UNIXPW_CRYPT
++#if !defined UNIXPW_CRYPT || !defined HAVE_LIBCRYPT
+ 	return 0;
+ #else
+ 	struct passwd *pwd;

diff --git a/x11-misc/x11vnc/files/x11vnc-0.9.16-fno-common.patch b/x11-misc/x11vnc/files/x11vnc-0.9.16-fno-common.patch
new file mode 100644
index 0000000..504159e
--- /dev/null
+++ b/x11-misc/x11vnc/files/x11vnc-0.9.16-fno-common.patch
@@ -0,0 +1,45 @@
+From a48b0b1cd887d7f3ae67f525d7d334bd2feffe60 Mon Sep 17 00:00:00 2001
+From: Alexander Tsoy <alexander@tsoy.me>
+Date: Tue, 28 Jan 2020 22:21:01 +0300
+Subject: [PATCH] Fix build with -fno-common
+
+GCC 10 defaults to -fno-common
+---
+ src/util.c | 3 +++
+ src/util.h | 6 +++---
+ 2 files changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/src/util.c b/src/util.c
+index a82a1a4..6a52ebf 100644
+--- a/src/util.c
++++ b/src/util.c
+@@ -47,6 +47,9 @@ int hxl = 0;
+ #ifdef LIBVNCSERVER_HAVE_LIBPTHREAD
+ MUTEX(x11Mutex);
+ MUTEX(scrollMutex);
++MUTEX(clientMutex);
++MUTEX(inputMutex);
++MUTEX(pointerMutex);
+ #endif
+ 
+ int nfix(int i, int n);
+diff --git a/src/util.h b/src/util.h
+index 35c1afd..99b5dd1 100644
+--- a/src/util.h
++++ b/src/util.h
+@@ -102,9 +102,9 @@ extern struct timeval _mysleep;
+ #ifdef LIBVNCSERVER_HAVE_LIBPTHREAD
+ extern MUTEX(x11Mutex);
+ extern MUTEX(scrollMutex);
+-MUTEX(clientMutex);
+-MUTEX(inputMutex);
+-MUTEX(pointerMutex);
++extern MUTEX(clientMutex);
++extern MUTEX(inputMutex);
++extern MUTEX(pointerMutex);
+ #endif
+ 
+ #define X_INIT INIT_MUTEX(x11Mutex)
+-- 
+2.24.1
+

diff --git a/x11-misc/x11vnc/files/x11vnc-0.9.16-libressl.patch b/x11-misc/x11vnc/files/x11vnc-0.9.16-libressl.patch
new file mode 100644
index 0000000..8e5d8a6
--- /dev/null
+++ b/x11-misc/x11vnc/files/x11vnc-0.9.16-libressl.patch
@@ -0,0 +1,93 @@
+diff --git a/src/sslhelper.c b/src/sslhelper.c
+index 04c2e27..fb9daa6 100644
+--- a/src/sslhelper.c
++++ b/src/sslhelper.c
+@@ -803,7 +803,7 @@ static int pem_passwd_callback(char *buf, int size, int rwflag,
+ static int crl_callback(X509_STORE_CTX *callback_ctx) {
+ 	const ASN1_INTEGER *revoked_serial;
+ 	X509_STORE_CTX *store_ctx;
+-#if OPENSSL_VERSION_NUMBER > 0x10100000L
++#if OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 	X509_OBJECT *obj;
+ #else
+ 	X509_OBJECT obj;
+@@ -829,7 +829,7 @@ static int crl_callback(X509_STORE_CTX *callback_ctx) {
+ 	* the current certificate in order to verify it's integrity. */
+ 	store_ctx = X509_STORE_CTX_new();
+ 	X509_STORE_CTX_init(store_ctx, revocation_store, NULL, NULL);
+-#if OPENSSL_VERSION_NUMBER > 0x10100000L
++#if OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 	obj = X509_OBJECT_new();
+ 	rc=X509_STORE_get_by_subject(store_ctx, X509_LU_CRL, subject, obj);
+ 	crl = X509_OBJECT_get0_X509_CRL(obj);
+@@ -865,7 +865,7 @@ static int crl_callback(X509_STORE_CTX *callback_ctx) {
+ 			rfbLog("Invalid signature on CRL\n");
+ 			X509_STORE_CTX_set_error(callback_ctx,
+ 				X509_V_ERR_CRL_SIGNATURE_FAILURE);
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 			X509_OBJECT_free(obj);
+ #else
+ 			X509_OBJECT_free_contents(&obj);
+@@ -883,7 +883,7 @@ static int crl_callback(X509_STORE_CTX *callback_ctx) {
+ 			rfbLog("Found CRL has invalid nextUpdate field\n");
+ 			X509_STORE_CTX_set_error(callback_ctx,
+ 				X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD);
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 			X509_OBJECT_free(obj);
+ #else
+ 			X509_OBJECT_free_contents(&obj);
+@@ -894,14 +894,14 @@ static int crl_callback(X509_STORE_CTX *callback_ctx) {
+ 			rfbLog("Found CRL is expired - "
+ 				"revoking all certificates until you get updated CRL\n");
+ 			X509_STORE_CTX_set_error(callback_ctx, X509_V_ERR_CRL_HAS_EXPIRED);
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 			X509_OBJECT_free(obj);
+ #else
+ 			X509_OBJECT_free_contents(&obj);
+ #endif
+ 			return 0; /* Reject connection */
+ 		}
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 			X509_OBJECT_free(obj);
+ #else
+ 			X509_OBJECT_free_contents(&obj);
+@@ -912,7 +912,7 @@ static int crl_callback(X509_STORE_CTX *callback_ctx) {
+ 	 * the current certificate in order to check for revocation. */
+ 	store_ctx = X509_STORE_CTX_new();
+ 	X509_STORE_CTX_init(store_ctx, revocation_store, NULL, NULL);
+-#if OPENSSL_VERSION_NUMBER > 0x10100000L
++#if OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 	obj = X509_OBJECT_new();
+ 	rc=X509_STORE_get_by_subject(store_ctx, X509_LU_CRL, issuer, obj);
+ 	crl = X509_OBJECT_get0_X509_CRL(obj);
+@@ -942,7 +942,7 @@ static int crl_callback(X509_STORE_CTX *callback_ctx) {
+ 					"revoked per CRL from issuer %s\n", serial, serial, cp);
+ 				OPENSSL_free(cp);
+ 				X509_STORE_CTX_set_error(callback_ctx, X509_V_ERR_CERT_REVOKED);
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 				X509_OBJECT_free(obj);
+ #else
+ 				X509_OBJECT_free_contents(&obj);
+@@ -950,7 +950,7 @@ static int crl_callback(X509_STORE_CTX *callback_ctx) {
+ 				return 0; /* Reject connection */
+ 			}
+ 		}
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 			X509_OBJECT_free(obj);
+ #else
+ 			X509_OBJECT_free_contents(&obj);
+@@ -1596,7 +1596,7 @@ static int switch_to_anon_dh(void) {
+ 	if (ssl_client_mode) {
+ 		return 1;
+ 	}
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 	/* Security level must be set to 0 for unauthenticated suites. */
+ 	SSL_CTX_set_security_level(ctx, 0);
+ #endif

diff --git a/x11-misc/x11vnc/files/x11vnc.conf.d b/x11-misc/x11vnc/files/x11vnc.conf.d
new file mode 100644
index 0000000..91f2a13
--- /dev/null
+++ b/x11-misc/x11vnc/files/x11vnc.conf.d
@@ -0,0 +1,37 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+# Configuration for running x11vnc as a service. This allows VNC 
+# connections prior to logging in to the X display manager.
+
+# Password file location of the password file for VNC Connections
+#   Prior to first run, you must configure a password, to do so please
+#   run `x11vnc -storepasswd /etc/x11vnc.pass`. Replace /etc/x11vnc.pass 
+#   ith the location you have specified below
+#X11VNC_RFBAUTH="/etc/x11vnc.pass"
+
+# Port to listen on for incoming connections
+#X11VNC_RFBPORT="5900"
+
+# Automatically probe for a free port to listen on for incoming connections
+# starting from the port number specified
+#   Setting this will diable X11VNC_RFBPORT above
+#   See `man x11vnc`, option `-autoport` for more information
+#X11VNC_AUTOPORT=""
+
+# X Display to attach to
+#   This should match the display your DM is running on
+#X11VNC_DISPLAY=":0"
+
+# Location of the x11vnc logfile
+#X11VNC_LOG="/var/log/x11vnc"
+
+# Miscelaneous options to pass to x11vnc.
+#   Do not set options that are configurable above.
+#   Check `x11vnc -help` or `man x11vnc` for more options.
+#   * Modern composting DMs/WMs will require "-noxdamage"
+#   * If you experience crashes on logging in, try "-noxfixes"
+#   * Other suggested options include "-noxrecord" and "-ncache ##"
+#     Refer to the x11vnc man page for further explanations.
+#X11VNC_OPTS=""
+

diff --git a/x11-misc/x11vnc/files/x11vnc.init.d b/x11-misc/x11vnc/files/x11vnc.init.d
new file mode 100644
index 0000000..4adcb23
--- /dev/null
+++ b/x11-misc/x11vnc/files/x11vnc.init.d
@@ -0,0 +1,70 @@
+#!/sbin/openrc-run
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+description="The x11vnc daemon init script"
+
+depend() {
+	need net
+	need xdm
+}
+
+checkconfig() {
+
+	# Set Defaults
+	X11VNC_RFBAUTH=${X11VNC_RFBAUTH:-/etc/x11vnc.pass}
+	X11VNC_RFBPORT=${X11VNC_RFBPORT:-5900}
+	X11VNC_DISPLAY=${X11VNC_DISPLAY:-:0}
+	X11VNC_LOG=${X11VNC_LOG:-/var/log/x11vnc}
+	
+	X11VNC_AUTH="/var/run/x11vnc-${X11VNC_DISPLAY}"	
+
+	if [ -n "${X11VNC_AUTOPORT}" ]; then
+		X11VNC_PORT=""
+	fi
+
+	if [ ! -f "${X11VNC_RFBAUTH}" -o ! -s "${X11VNC_RFBAUTH}" ]; then
+		eerror "VNC Password not set, please set one by running: \`x11vnc -storepasswd ${X11VNC_RFBAUTH}\`"
+		return 1
+	fi
+	checkpath -q -f -m 0600 -o root:root "${X11VNC_RFBAUTH}"
+
+	# Attempt to find X-Auth file
+	if ! type xauth > /dev/null 2>&1 ||
+			! xauth -f /root/.Xauthority extract - "${X11VNC_DISPLAY}" > "${X11VNC_AUTH}" 2>/dev/null ||
+			[ ! -s "${X11VNC_AUTH}" ]; then
+		# Let x11vnc guess at auth
+		X11VNC_AUTH_OPTS="--env FD_XDM=1 -auth guess"
+	else
+		# We found the proper auth
+		X11VNC_AUTH_OPTS="-auth ${X11VNC_AUTH}"
+	fi
+
+	if [ ! -f "${X11VNC_AUTH}" ]; then
+		eerror "Specified X-Authority file '${X11VNC_AUTH}' not found!"
+		return 1
+	fi	
+}
+
+start() {
+	checkconfig || return 1
+
+	ebegin "Starting ${SVCNAME}"
+	start-stop-daemon --start \
+		--exec /usr/bin/x11vnc -- \
+			${X11VNC_AUTH_OPTS} \
+			-rfbauth ${X11VNC_RFBAUTH} \
+			${X11VNC_RFBPORT:+-rfbport} ${X11VNC_RFBPORT} \
+			${X11VNC_AUTOPORT:+-autoport} ${X11VNC_AUTOPORT} \
+			-display ${X11VNC_DISPLAY} \
+			-o ${X11VNC_LOG} \
+			-bg -forever \
+			${X11VNC_OPTS}
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping ${SVCNAME}"
+	start-stop-daemon --stop /usr/bin/x11vnc
+	eend $?
+}

diff --git a/x11-misc/x11vnc/metadata.xml b/x11-misc/x11vnc/metadata.xml
new file mode 100644
index 0000000..40fa318
--- /dev/null
+++ b/x11-misc/x11vnc/metadata.xml
@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="person">
+		<email>alexander@tsoy.me</email>
+		<name>Alexander Tsoy</name>
+	</maintainer>
+	<maintainer type="project">
+		<email>proxy-maint@gentoo.org</email>
+		<name>Proxy Maintainers</name>
+	</maintainer>
+	<longdescription>
+		The primary goal of this program is to create a portable and
+		simple command-line server utility that allows a VNC viewer
+		to connect to an actual X display.
+	</longdescription>
+	<use>
+		<flag name="xdamage">Enable support for the Xdamage library</flag>
+		<flag name="xfixes">Enable support for the Xfixes library</flag>
+		<flag name="xrandr">Enable support for the X xrandr extension</flag>
+	</use>
+	<upstream>
+		<remote-id type="sourceforge">libvncserver</remote-id>
+		<remote-id type="github">LibVNC/x11vnc</remote-id>
+	</upstream>
+</pkgmetadata>

diff --git a/x11-misc/x11vnc/x11vnc-0.9.16-r4.ebuild b/x11-misc/x11vnc/x11vnc-0.9.16-r4.ebuild
new file mode 100644
index 0000000..2e798c0
--- /dev/null
+++ b/x11-misc/x11vnc/x11vnc-0.9.16-r4.ebuild
@@ -0,0 +1,81 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools
+
+DESCRIPTION="VNC server for real X displays"
+HOMEPAGE="https://libvnc.github.io/"
+SRC_URI="https://github.com/LibVNC/x11vnc/archive/${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="GPL-2+-with-openssl-exception"
+SLOT="0"
+KEYWORDS="~alpha amd64 arm ~arm64 ~hppa ~ia64 ~mips ppc ppc64 ~s390 sparc x86 ~amd64-linux ~x86-linux ~sparc-solaris ~x64-solaris ~x86-solaris"
+IUSE="crypt fbcon libressl ssl +xcomposite +xdamage +xfixes xinerama +xrandr zeroconf"
+
+COMMON_DEPEND="
+	>=net-libs/libvncserver-0.9.8[ssl=]
+	x11-libs/libX11
+	x11-libs/libXcursor
+	x11-libs/libXext
+	>=x11-libs/libXtst-1.1.0
+	ssl? (
+		!libressl? ( dev-libs/openssl:0= )
+		libressl? ( dev-libs/libressl:= )
+	)
+	xcomposite? ( x11-libs/libXcomposite )
+	xdamage? ( x11-libs/libXdamage )
+	xfixes? ( x11-libs/libXfixes )
+	xinerama? ( x11-libs/libXinerama )
+	xrandr? ( x11-libs/libXrandr )
+	zeroconf? ( >=net-dns/avahi-0.6.4 )
+"
+DEPEND="${COMMON_DEPEND}
+	x11-base/xorg-proto
+	x11-libs/libXt
+"
+# https://bugzilla.redhat.com/show_bug.cgi?id=920554
+RDEPEND="${COMMON_DEPEND}
+	dev-lang/tk:0
+"
+
+PATCHES=(
+	"${FILESDIR}"/${P}-crypto.patch # https://github.com/LibVNC/x11vnc/issues/86
+	"${FILESDIR}"/${P}-anonymous-ssl.patch # https://github.com/LibVNC/x11vnc/pull/85
+	"${FILESDIR}"/${P}-libressl.patch
+	"${FILESDIR}"/${P}-fno-common.patch
+	"${FILESDIR}"/${P}-CVE-2020-29074.patch
+)
+
+src_prepare() {
+	default
+	eautoreconf
+}
+
+src_configure() {
+	# --without-v4l because of missing video4linux 2.x support wrt #389079
+	local myconf=(
+		--without-v4l
+		--without-xkeyboard
+		--without-fbpm
+		--without-dpms
+		$(use_with crypt)
+		$(use_with fbcon fbdev)
+		$(use_with ssl)
+		$(use_with ssl crypto)
+		$(use_with xcomposite)
+		$(use_with xdamage)
+		$(use_with xfixes)
+		$(use_with xinerama)
+		$(use_with xrandr)
+		$(use_with zeroconf avahi)
+	)
+	econf "${myconf[@]}"
+}
+
+src_install() {
+	default
+	newinitd "${FILESDIR}/x11vnc.init.d" x11vnc
+	newconfd "${FILESDIR}/x11vnc.conf.d" x11vnc
+}

[gentoo-commits] repo/proj/libressl:master commit in: x11-misc/x11vnc/, x11-misc/x11vnc/files/

[Quentin Retornaz]

commit:     9f99efbc58b0994c152976cd7d79142973846da0
Author:     Quentin Retornaz <gentoo <AT> retornaz <DOT> com>
AuthorDate: Sun Jan 17 21:07:17 2021 +0000
Commit:     Quentin Retornaz <gentoo <AT> retornaz <DOT> com>
CommitDate: Tue Jan 26 00:21:45 2021 +0000
URL:        https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=9f99efbc

x11-misc/x11vnc: new package

Package-Manager: Portage-3.0.12, Repoman-3.0.2
Signed-off-by: Quentin Retornaz <gentoo <AT> retornaz.com>

 x11-misc/x11vnc/Manifest                           |  1 +
 .../files/x11vnc-0.9.16-CVE-2020-29074.patch       | 25 ++++++
 .../x11vnc/files/x11vnc-0.9.16-anonymous-ssl.patch | 26 ++++++
 x11-misc/x11vnc/files/x11vnc-0.9.16-crypto.patch   | 23 ++++++
 .../x11vnc/files/x11vnc-0.9.16-fno-common.patch    | 45 +++++++++++
 x11-misc/x11vnc/files/x11vnc-0.9.16-libressl.patch | 93 ++++++++++++++++++++++
 x11-misc/x11vnc/files/x11vnc.conf.d                | 37 +++++++++
 x11-misc/x11vnc/files/x11vnc.init.d                | 70 ++++++++++++++++
 x11-misc/x11vnc/metadata.xml                       | 26 ++++++
 x11-misc/x11vnc/x11vnc-0.9.16-r4.ebuild            | 81 +++++++++++++++++++
 10 files changed, 427 insertions(+)

diff --git a/x11-misc/x11vnc/Manifest b/x11-misc/x11vnc/Manifest
new file mode 100644
index 0000000..99593c7
--- /dev/null
+++ b/x11-misc/x11vnc/Manifest
@@ -0,0 +1 @@
+DIST x11vnc-0.9.16.tar.gz 1708009 BLAKE2B a8789f95ef421a78a83703748e1d80fd45539dff24f80493fd75e357bc22378213915853f9d114248c172cd83977880e1e4e8a3f8df0771017e9988d83b7307d SHA512 69f65ee312f8dede6051b401304987502a213c6c28c7f41e855734f11de1fae14d5d493dc9c28b2e4b7c0be55f8dbd3b35dd2610aae910183772c3e626736fec

diff --git a/x11-misc/x11vnc/files/x11vnc-0.9.16-CVE-2020-29074.patch b/x11-misc/x11vnc/files/x11vnc-0.9.16-CVE-2020-29074.patch
new file mode 100644
index 0000000..12f65b9
--- /dev/null
+++ b/x11-misc/x11vnc/files/x11vnc-0.9.16-CVE-2020-29074.patch
@@ -0,0 +1,25 @@
+From 69eeb9f7baa14ca03b16c9de821f9876def7a36a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Gu=C3=A9nal=20DAVALAN?= <guenal.davalan@uca.fr>
+Date: Wed, 18 Nov 2020 08:40:45 +0100
+Subject: [PATCH] scan: limit access to shared memory segments to current user
+
+---
+ src/scan.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/scan.c b/src/scan.c
+index 43e00d2..12994d5 100644
+--- a/src/scan.c
++++ b/src/scan.c
+@@ -320,7 +320,7 @@ static int shm_create(XShmSegmentInfo *shm, XImage **ximg_ptr, int w, int h,
+ 
+ #if HAVE_XSHM
+ 	shm->shmid = shmget(IPC_PRIVATE,
+-	    xim->bytes_per_line * xim->height, IPC_CREAT | 0777);
++	    xim->bytes_per_line * xim->height, IPC_CREAT | 0600);
+ 
+ 	if (shm->shmid == -1) {
+ 		rfbErr("shmget(%s) failed.\n", name);
+-- 
+2.26.2
+

diff --git a/x11-misc/x11vnc/files/x11vnc-0.9.16-anonymous-ssl.patch b/x11-misc/x11vnc/files/x11vnc-0.9.16-anonymous-ssl.patch
new file mode 100644
index 0000000..3dafb9a
--- /dev/null
+++ b/x11-misc/x11vnc/files/x11vnc-0.9.16-anonymous-ssl.patch
@@ -0,0 +1,26 @@
+From b9cf79fd3d61a7586fe6b24b3141e406cdf334eb Mon Sep 17 00:00:00 2001
+From: Jim Broadus <jbroadus@xevo.com>
+Date: Wed, 2 Jan 2019 17:37:40 -0800
+Subject: [PATCH] Fix anonymous SSL. In version 1.1.0, openssl introduced a
+ security level concept. Only level 0 allows the use of unauthenticated cipher
+ suites such as ADH.
+
+---
+ src/sslhelper.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/sslhelper.c b/src/sslhelper.c
+index 1a3e7474..04c2e273 100644
+--- a/src/sslhelper.c
++++ b/src/sslhelper.c
+@@ -1596,6 +1596,10 @@ static int switch_to_anon_dh(void) {
+ 	if (ssl_client_mode) {
+ 		return 1;
+ 	}
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++	/* Security level must be set to 0 for unauthenticated suites. */
++	SSL_CTX_set_security_level(ctx, 0);
++#endif
+ 	if (!SSL_CTX_set_cipher_list(ctx, "ADH:@STRENGTH")) {
+ 		return 0;
+ 	}

diff --git a/x11-misc/x11vnc/files/x11vnc-0.9.16-crypto.patch b/x11-misc/x11vnc/files/x11vnc-0.9.16-crypto.patch
new file mode 100644
index 0000000..21872e7
--- /dev/null
+++ b/x11-misc/x11vnc/files/x11vnc-0.9.16-crypto.patch
@@ -0,0 +1,23 @@
+From 3024af3685be9eb618352bd17ba37953d8076946 Mon Sep 17 00:00:00 2001
+From: Christian Beier <dontmind@freeshell.org>
+Date: Thu, 17 Jan 2019 14:05:53 +0100
+Subject: [PATCH] unixpw: don't try to use crypt() when it isn't available
+
+Closes #86
+---
+ src/unixpw.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/unixpw.c b/src/unixpw.c
+index 9a43cec..e2cb016 100644
+--- a/src/unixpw.c
++++ b/src/unixpw.c
+@@ -757,7 +757,7 @@ int unixpw_list_match(char *user) {
+ }
+ 
+ int crypt_verify(char *user, char *pass) {
+-#ifndef UNIXPW_CRYPT
++#if !defined UNIXPW_CRYPT || !defined HAVE_LIBCRYPT
+ 	return 0;
+ #else
+ 	struct passwd *pwd;

diff --git a/x11-misc/x11vnc/files/x11vnc-0.9.16-fno-common.patch b/x11-misc/x11vnc/files/x11vnc-0.9.16-fno-common.patch
new file mode 100644
index 0000000..504159e
--- /dev/null
+++ b/x11-misc/x11vnc/files/x11vnc-0.9.16-fno-common.patch
@@ -0,0 +1,45 @@
+From a48b0b1cd887d7f3ae67f525d7d334bd2feffe60 Mon Sep 17 00:00:00 2001
+From: Alexander Tsoy <alexander@tsoy.me>
+Date: Tue, 28 Jan 2020 22:21:01 +0300
+Subject: [PATCH] Fix build with -fno-common
+
+GCC 10 defaults to -fno-common
+---
+ src/util.c | 3 +++
+ src/util.h | 6 +++---
+ 2 files changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/src/util.c b/src/util.c
+index a82a1a4..6a52ebf 100644
+--- a/src/util.c
++++ b/src/util.c
+@@ -47,6 +47,9 @@ int hxl = 0;
+ #ifdef LIBVNCSERVER_HAVE_LIBPTHREAD
+ MUTEX(x11Mutex);
+ MUTEX(scrollMutex);
++MUTEX(clientMutex);
++MUTEX(inputMutex);
++MUTEX(pointerMutex);
+ #endif
+ 
+ int nfix(int i, int n);
+diff --git a/src/util.h b/src/util.h
+index 35c1afd..99b5dd1 100644
+--- a/src/util.h
++++ b/src/util.h
+@@ -102,9 +102,9 @@ extern struct timeval _mysleep;
+ #ifdef LIBVNCSERVER_HAVE_LIBPTHREAD
+ extern MUTEX(x11Mutex);
+ extern MUTEX(scrollMutex);
+-MUTEX(clientMutex);
+-MUTEX(inputMutex);
+-MUTEX(pointerMutex);
++extern MUTEX(clientMutex);
++extern MUTEX(inputMutex);
++extern MUTEX(pointerMutex);
+ #endif
+ 
+ #define X_INIT INIT_MUTEX(x11Mutex)
+-- 
+2.24.1
+

diff --git a/x11-misc/x11vnc/files/x11vnc-0.9.16-libressl.patch b/x11-misc/x11vnc/files/x11vnc-0.9.16-libressl.patch
new file mode 100644
index 0000000..8e5d8a6
--- /dev/null
+++ b/x11-misc/x11vnc/files/x11vnc-0.9.16-libressl.patch
@@ -0,0 +1,93 @@
+diff --git a/src/sslhelper.c b/src/sslhelper.c
+index 04c2e27..fb9daa6 100644
+--- a/src/sslhelper.c
++++ b/src/sslhelper.c
+@@ -803,7 +803,7 @@ static int pem_passwd_callback(char *buf, int size, int rwflag,
+ static int crl_callback(X509_STORE_CTX *callback_ctx) {
+ 	const ASN1_INTEGER *revoked_serial;
+ 	X509_STORE_CTX *store_ctx;
+-#if OPENSSL_VERSION_NUMBER > 0x10100000L
++#if OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 	X509_OBJECT *obj;
+ #else
+ 	X509_OBJECT obj;
+@@ -829,7 +829,7 @@ static int crl_callback(X509_STORE_CTX *callback_ctx) {
+ 	* the current certificate in order to verify it's integrity. */
+ 	store_ctx = X509_STORE_CTX_new();
+ 	X509_STORE_CTX_init(store_ctx, revocation_store, NULL, NULL);
+-#if OPENSSL_VERSION_NUMBER > 0x10100000L
++#if OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 	obj = X509_OBJECT_new();
+ 	rc=X509_STORE_get_by_subject(store_ctx, X509_LU_CRL, subject, obj);
+ 	crl = X509_OBJECT_get0_X509_CRL(obj);
+@@ -865,7 +865,7 @@ static int crl_callback(X509_STORE_CTX *callback_ctx) {
+ 			rfbLog("Invalid signature on CRL\n");
+ 			X509_STORE_CTX_set_error(callback_ctx,
+ 				X509_V_ERR_CRL_SIGNATURE_FAILURE);
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 			X509_OBJECT_free(obj);
+ #else
+ 			X509_OBJECT_free_contents(&obj);
+@@ -883,7 +883,7 @@ static int crl_callback(X509_STORE_CTX *callback_ctx) {
+ 			rfbLog("Found CRL has invalid nextUpdate field\n");
+ 			X509_STORE_CTX_set_error(callback_ctx,
+ 				X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD);
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 			X509_OBJECT_free(obj);
+ #else
+ 			X509_OBJECT_free_contents(&obj);
+@@ -894,14 +894,14 @@ static int crl_callback(X509_STORE_CTX *callback_ctx) {
+ 			rfbLog("Found CRL is expired - "
+ 				"revoking all certificates until you get updated CRL\n");
+ 			X509_STORE_CTX_set_error(callback_ctx, X509_V_ERR_CRL_HAS_EXPIRED);
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 			X509_OBJECT_free(obj);
+ #else
+ 			X509_OBJECT_free_contents(&obj);
+ #endif
+ 			return 0; /* Reject connection */
+ 		}
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 			X509_OBJECT_free(obj);
+ #else
+ 			X509_OBJECT_free_contents(&obj);
+@@ -912,7 +912,7 @@ static int crl_callback(X509_STORE_CTX *callback_ctx) {
+ 	 * the current certificate in order to check for revocation. */
+ 	store_ctx = X509_STORE_CTX_new();
+ 	X509_STORE_CTX_init(store_ctx, revocation_store, NULL, NULL);
+-#if OPENSSL_VERSION_NUMBER > 0x10100000L
++#if OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 	obj = X509_OBJECT_new();
+ 	rc=X509_STORE_get_by_subject(store_ctx, X509_LU_CRL, issuer, obj);
+ 	crl = X509_OBJECT_get0_X509_CRL(obj);
+@@ -942,7 +942,7 @@ static int crl_callback(X509_STORE_CTX *callback_ctx) {
+ 					"revoked per CRL from issuer %s\n", serial, serial, cp);
+ 				OPENSSL_free(cp);
+ 				X509_STORE_CTX_set_error(callback_ctx, X509_V_ERR_CERT_REVOKED);
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 				X509_OBJECT_free(obj);
+ #else
+ 				X509_OBJECT_free_contents(&obj);
+@@ -950,7 +950,7 @@ static int crl_callback(X509_STORE_CTX *callback_ctx) {
+ 				return 0; /* Reject connection */
+ 			}
+ 		}
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 			X509_OBJECT_free(obj);
+ #else
+ 			X509_OBJECT_free_contents(&obj);
+@@ -1596,7 +1596,7 @@ static int switch_to_anon_dh(void) {
+ 	if (ssl_client_mode) {
+ 		return 1;
+ 	}
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 	/* Security level must be set to 0 for unauthenticated suites. */
+ 	SSL_CTX_set_security_level(ctx, 0);
+ #endif

diff --git a/x11-misc/x11vnc/files/x11vnc.conf.d b/x11-misc/x11vnc/files/x11vnc.conf.d
new file mode 100644
index 0000000..91f2a13
--- /dev/null
+++ b/x11-misc/x11vnc/files/x11vnc.conf.d
@@ -0,0 +1,37 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+# Configuration for running x11vnc as a service. This allows VNC 
+# connections prior to logging in to the X display manager.
+
+# Password file location of the password file for VNC Connections
+#   Prior to first run, you must configure a password, to do so please
+#   run `x11vnc -storepasswd /etc/x11vnc.pass`. Replace /etc/x11vnc.pass 
+#   ith the location you have specified below
+#X11VNC_RFBAUTH="/etc/x11vnc.pass"
+
+# Port to listen on for incoming connections
+#X11VNC_RFBPORT="5900"
+
+# Automatically probe for a free port to listen on for incoming connections
+# starting from the port number specified
+#   Setting this will diable X11VNC_RFBPORT above
+#   See `man x11vnc`, option `-autoport` for more information
+#X11VNC_AUTOPORT=""
+
+# X Display to attach to
+#   This should match the display your DM is running on
+#X11VNC_DISPLAY=":0"
+
+# Location of the x11vnc logfile
+#X11VNC_LOG="/var/log/x11vnc"
+
+# Miscelaneous options to pass to x11vnc.
+#   Do not set options that are configurable above.
+#   Check `x11vnc -help` or `man x11vnc` for more options.
+#   * Modern composting DMs/WMs will require "-noxdamage"
+#   * If you experience crashes on logging in, try "-noxfixes"
+#   * Other suggested options include "-noxrecord" and "-ncache ##"
+#     Refer to the x11vnc man page for further explanations.
+#X11VNC_OPTS=""
+

diff --git a/x11-misc/x11vnc/files/x11vnc.init.d b/x11-misc/x11vnc/files/x11vnc.init.d
new file mode 100644
index 0000000..4adcb23
--- /dev/null
+++ b/x11-misc/x11vnc/files/x11vnc.init.d
@@ -0,0 +1,70 @@
+#!/sbin/openrc-run
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+description="The x11vnc daemon init script"
+
+depend() {
+	need net
+	need xdm
+}
+
+checkconfig() {
+
+	# Set Defaults
+	X11VNC_RFBAUTH=${X11VNC_RFBAUTH:-/etc/x11vnc.pass}
+	X11VNC_RFBPORT=${X11VNC_RFBPORT:-5900}
+	X11VNC_DISPLAY=${X11VNC_DISPLAY:-:0}
+	X11VNC_LOG=${X11VNC_LOG:-/var/log/x11vnc}
+	
+	X11VNC_AUTH="/var/run/x11vnc-${X11VNC_DISPLAY}"	
+
+	if [ -n "${X11VNC_AUTOPORT}" ]; then
+		X11VNC_PORT=""
+	fi
+
+	if [ ! -f "${X11VNC_RFBAUTH}" -o ! -s "${X11VNC_RFBAUTH}" ]; then
+		eerror "VNC Password not set, please set one by running: \`x11vnc -storepasswd ${X11VNC_RFBAUTH}\`"
+		return 1
+	fi
+	checkpath -q -f -m 0600 -o root:root "${X11VNC_RFBAUTH}"
+
+	# Attempt to find X-Auth file
+	if ! type xauth > /dev/null 2>&1 ||
+			! xauth -f /root/.Xauthority extract - "${X11VNC_DISPLAY}" > "${X11VNC_AUTH}" 2>/dev/null ||
+			[ ! -s "${X11VNC_AUTH}" ]; then
+		# Let x11vnc guess at auth
+		X11VNC_AUTH_OPTS="--env FD_XDM=1 -auth guess"
+	else
+		# We found the proper auth
+		X11VNC_AUTH_OPTS="-auth ${X11VNC_AUTH}"
+	fi
+
+	if [ ! -f "${X11VNC_AUTH}" ]; then
+		eerror "Specified X-Authority file '${X11VNC_AUTH}' not found!"
+		return 1
+	fi	
+}
+
+start() {
+	checkconfig || return 1
+
+	ebegin "Starting ${SVCNAME}"
+	start-stop-daemon --start \
+		--exec /usr/bin/x11vnc -- \
+			${X11VNC_AUTH_OPTS} \
+			-rfbauth ${X11VNC_RFBAUTH} \
+			${X11VNC_RFBPORT:+-rfbport} ${X11VNC_RFBPORT} \
+			${X11VNC_AUTOPORT:+-autoport} ${X11VNC_AUTOPORT} \
+			-display ${X11VNC_DISPLAY} \
+			-o ${X11VNC_LOG} \
+			-bg -forever \
+			${X11VNC_OPTS}
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping ${SVCNAME}"
+	start-stop-daemon --stop /usr/bin/x11vnc
+	eend $?
+}

diff --git a/x11-misc/x11vnc/metadata.xml b/x11-misc/x11vnc/metadata.xml
new file mode 100644
index 0000000..40fa318
--- /dev/null
+++ b/x11-misc/x11vnc/metadata.xml
@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="person">
+		<email>alexander@tsoy.me</email>
+		<name>Alexander Tsoy</name>
+	</maintainer>
+	<maintainer type="project">
+		<email>proxy-maint@gentoo.org</email>
+		<name>Proxy Maintainers</name>
+	</maintainer>
+	<longdescription>
+		The primary goal of this program is to create a portable and
+		simple command-line server utility that allows a VNC viewer
+		to connect to an actual X display.
+	</longdescription>
+	<use>
+		<flag name="xdamage">Enable support for the Xdamage library</flag>
+		<flag name="xfixes">Enable support for the Xfixes library</flag>
+		<flag name="xrandr">Enable support for the X xrandr extension</flag>
+	</use>
+	<upstream>
+		<remote-id type="sourceforge">libvncserver</remote-id>
+		<remote-id type="github">LibVNC/x11vnc</remote-id>
+	</upstream>
+</pkgmetadata>

diff --git a/x11-misc/x11vnc/x11vnc-0.9.16-r4.ebuild b/x11-misc/x11vnc/x11vnc-0.9.16-r4.ebuild
new file mode 100644
index 0000000..2e798c0
--- /dev/null
+++ b/x11-misc/x11vnc/x11vnc-0.9.16-r4.ebuild
@@ -0,0 +1,81 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools
+
+DESCRIPTION="VNC server for real X displays"
+HOMEPAGE="https://libvnc.github.io/"
+SRC_URI="https://github.com/LibVNC/x11vnc/archive/${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="GPL-2+-with-openssl-exception"
+SLOT="0"
+KEYWORDS="~alpha amd64 arm ~arm64 ~hppa ~ia64 ~mips ppc ppc64 ~s390 sparc x86 ~amd64-linux ~x86-linux ~sparc-solaris ~x64-solaris ~x86-solaris"
+IUSE="crypt fbcon libressl ssl +xcomposite +xdamage +xfixes xinerama +xrandr zeroconf"
+
+COMMON_DEPEND="
+	>=net-libs/libvncserver-0.9.8[ssl=]
+	x11-libs/libX11
+	x11-libs/libXcursor
+	x11-libs/libXext
+	>=x11-libs/libXtst-1.1.0
+	ssl? (
+		!libressl? ( dev-libs/openssl:0= )
+		libressl? ( dev-libs/libressl:= )
+	)
+	xcomposite? ( x11-libs/libXcomposite )
+	xdamage? ( x11-libs/libXdamage )
+	xfixes? ( x11-libs/libXfixes )
+	xinerama? ( x11-libs/libXinerama )
+	xrandr? ( x11-libs/libXrandr )
+	zeroconf? ( >=net-dns/avahi-0.6.4 )
+"
+DEPEND="${COMMON_DEPEND}
+	x11-base/xorg-proto
+	x11-libs/libXt
+"
+# https://bugzilla.redhat.com/show_bug.cgi?id=920554
+RDEPEND="${COMMON_DEPEND}
+	dev-lang/tk:0
+"
+
+PATCHES=(
+	"${FILESDIR}"/${P}-crypto.patch # https://github.com/LibVNC/x11vnc/issues/86
+	"${FILESDIR}"/${P}-anonymous-ssl.patch # https://github.com/LibVNC/x11vnc/pull/85
+	"${FILESDIR}"/${P}-libressl.patch
+	"${FILESDIR}"/${P}-fno-common.patch
+	"${FILESDIR}"/${P}-CVE-2020-29074.patch
+)
+
+src_prepare() {
+	default
+	eautoreconf
+}
+
+src_configure() {
+	# --without-v4l because of missing video4linux 2.x support wrt #389079
+	local myconf=(
+		--without-v4l
+		--without-xkeyboard
+		--without-fbpm
+		--without-dpms
+		$(use_with crypt)
+		$(use_with fbcon fbdev)
+		$(use_with ssl)
+		$(use_with ssl crypto)
+		$(use_with xcomposite)
+		$(use_with xdamage)
+		$(use_with xfixes)
+		$(use_with xinerama)
+		$(use_with xrandr)
+		$(use_with zeroconf avahi)
+	)
+	econf "${myconf[@]}"
+}
+
+src_install() {
+	default
+	newinitd "${FILESDIR}/x11vnc.init.d" x11vnc
+	newconfd "${FILESDIR}/x11vnc.conf.d" x11vnc
+}

[gentoo-commits] repo/proj/libressl:master commit in: x11-misc/x11vnc/, x11-misc/x11vnc/files/

[orbea]

commit:     c1df34700f5d2deec94934df567e81733cb75a61
Author:     orbea <orbea <AT> riseup <DOT> net>
AuthorDate: Sun Apr 23 00:54:12 2023 +0000
Commit:     orbea <orbea <AT> riseup <DOT> net>
CommitDate: Sun Apr 23 00:54:12 2023 +0000
URL:        https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=c1df3470

x11-misc/x11vnc: add 0.9.16-r8

Upstream-PR: https://github.com/LibVNC/x11vnc/pull/224
Signed-off-by: orbea <orbea <AT> riseup.net>

 ...1vnc-0.9.16-implicit-function-declaration.patch | 26 ++++++++
 x11-misc/x11vnc/files/x11vnc-0.9.16-libressl.patch | 20 +++----
 x11-misc/x11vnc/files/x11vnc.init.d                | 70 ----------------------
 x11-misc/x11vnc/files/x11vnc.init.d-r1             |  8 +--
 ...nc-0.9.16-r7.ebuild => x11vnc-0.9.16-r8.ebuild} |  5 +-
 5 files changed, 43 insertions(+), 86 deletions(-)

diff --git a/x11-misc/x11vnc/files/x11vnc-0.9.16-implicit-function-declaration.patch b/x11-misc/x11vnc/files/x11vnc-0.9.16-implicit-function-declaration.patch
new file mode 100644
index 0000000..c6d1c49
--- /dev/null
+++ b/x11-misc/x11vnc/files/x11vnc-0.9.16-implicit-function-declaration.patch
@@ -0,0 +1,26 @@
+From 351d27d4a846e3d0e5c724e067f44b52e04402f1 Mon Sep 17 00:00:00 2001
+From: Alexander Tsoy <alexander@tsoy.me>
+Date: Mon, 6 Mar 2023 00:57:20 +0300
+Subject: [PATCH] Drop AC_FUNC_STAT macro
+
+This macro is obsolescent and doesn't work with
+-Werror=implicit-function-declaration compiler flag
+---
+ configure.ac | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/configure.ac b/configure.ac
+index 6b62ac5..5a386db 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -474,7 +474,6 @@ if test $inaddrt = no ; then
+ fi
+ # Checks for library functions.
+ AC_FUNC_MEMCMP
+-AC_FUNC_STAT
+ AC_FUNC_STRFTIME
+ AC_FUNC_VPRINTF
+ AC_FUNC_FORK
+-- 
+2.39.2
+

diff --git a/x11-misc/x11vnc/files/x11vnc-0.9.16-libressl.patch b/x11-misc/x11vnc/files/x11vnc-0.9.16-libressl.patch
index cad9f5e..0f86d05 100644
--- a/x11-misc/x11vnc/files/x11vnc-0.9.16-libressl.patch
+++ b/x11-misc/x11vnc/files/x11vnc-0.9.16-libressl.patch
@@ -1,25 +1,25 @@
-Upstream-PR: https://github.com/LibVNC/x11vnc/pull/202
+https://github.com/LibVNC/x11vnc/pull/224
 
-From d81e9d8e56ccc1b346b5aeb4b64fa0a32737c22d Mon Sep 17 00:00:00 2001
 From: orbea <orbea@riseup.net>
-Date: Tue, 5 Jul 2022 08:57:29 -0700
-Subject: [PATCH] Support LibreSSL
+Date: Tue, 11 Apr 2023 09:35:26 -0700
+Subject: [PATCH] sslhelper: Update for LibreSSL >= 3.6.0
 
-This builds with LibreSSL 3.5.x.
+Since LibreSSL 3.6.0 SSL_CTX_set_security_level() has been available.
 ---
- src/sslhelper.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
+ src/sslhelper.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
 
 diff --git a/src/sslhelper.c b/src/sslhelper.c
-index ba680b35..bd5ef0fb 100644
+index 04c2e27..4608750 100644
 --- a/src/sslhelper.c
 +++ b/src/sslhelper.c
-@@ -1596,7 +1596,7 @@ static int switch_to_anon_dh(void) {
+@@ -1596,7 +1596,8 @@ static int switch_to_anon_dh(void) {
  	if (ssl_client_mode) {
  		return 1;
  	}
 -#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
++#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || \
++	(defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER >= 0x3060000fL))
  	/* Security level must be set to 0 for unauthenticated suites. */
  	SSL_CTX_set_security_level(ctx, 0);
  #endif

diff --git a/x11-misc/x11vnc/files/x11vnc.init.d b/x11-misc/x11vnc/files/x11vnc.init.d
deleted file mode 100644
index b6b16da..0000000
--- a/x11-misc/x11vnc/files/x11vnc.init.d
+++ /dev/null
@@ -1,70 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 1999-2011 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-description="The x11vnc daemon init script"
-
-depend() {
-	need net
-	need xdm
-}
-
-checkconfig() {
-
-	# Set Defaults
-	X11VNC_RFBAUTH=${X11VNC_RFBAUTH:-/etc/x11vnc.pass}
-	X11VNC_RFBPORT=${X11VNC_RFBPORT:-5900}
-	X11VNC_DISPLAY=${X11VNC_DISPLAY:-:0}
-	X11VNC_LOG=${X11VNC_LOG:-/var/log/x11vnc}
-	
-	X11VNC_AUTH="/var/run/x11vnc-${X11VNC_DISPLAY}"	
-
-	if [ -n "${X11VNC_AUTOPORT}" ]; then
-		X11VNC_PORT=""
-	fi
-
-	if [ ! -f "${X11VNC_RFBAUTH}" -o ! -s "${X11VNC_RFBAUTH}" ]; then
-		eerror "VNC Password not set, please set one by running: \`x11vnc -storepasswd ${X11VNC_RFBAUTH}\`"
-		return 1
-	fi
-	checkpath -q -f -m 0600 -o root:root "${X11VNC_RFBAUTH}"
-
-	# Attempt to find X-Auth file
-	if ! type xauth > /dev/null 2>&1 ||
-			! xauth -f /root/.Xauthority extract - "${X11VNC_DISPLAY}" > "${X11VNC_AUTH}" 2>/dev/null ||
-			[ ! -s "${X11VNC_AUTH}" ]; then
-		# Let x11vnc guess at auth
-		X11VNC_AUTH_OPTS="--env FD_XDM=1 -auth guess"
-	else
-		# We found the proper auth
-		X11VNC_AUTH_OPTS="-auth ${X11VNC_AUTH}"
-	fi
-
-	if [ ! -f "${X11VNC_AUTH}" ]; then
-		eerror "Specified X-Authority file '${X11VNC_AUTH}' not found!"
-		return 1
-	fi	
-}
-
-start() {
-	checkconfig || return 1
-
-	ebegin "Starting ${SVCNAME}"
-	start-stop-daemon --start \
-		--exec /usr/bin/x11vnc -- \
-			${X11VNC_AUTH_OPTS} \
-			-rfbauth ${X11VNC_RFBAUTH} \
-			${X11VNC_RFBPORT:+-rfbport} ${X11VNC_RFBPORT} \
-			${X11VNC_AUTOPORT:+-autoport} ${X11VNC_AUTOPORT} \
-			-display ${X11VNC_DISPLAY} \
-			-o ${X11VNC_LOG} \
-			-bg -forever \
-			${X11VNC_OPTS}
-	eend $?
-}
-
-stop() {
-	ebegin "Stopping ${SVCNAME}"
-	start-stop-daemon --stop /usr/bin/x11vnc
-	eend $?
-}

diff --git a/x11-misc/x11vnc/files/x11vnc.init.d-r1 b/x11-misc/x11vnc/files/x11vnc.init.d-r1
index 04c36ea..8907b38 100644
--- a/x11-misc/x11vnc/files/x11vnc.init.d-r1
+++ b/x11-misc/x11vnc/files/x11vnc.init.d-r1
@@ -16,8 +16,8 @@ checkconfig() {
 	X11VNC_RFBPORT=${X11VNC_RFBPORT:-5900}
 	X11VNC_DISPLAY=${X11VNC_DISPLAY:-:0}
 	X11VNC_LOG=${X11VNC_LOG:-/var/log/x11vnc}
-	
-	X11VNC_AUTH="/var/run/x11vnc-${X11VNC_DISPLAY}"	
+
+	X11VNC_AUTH="/var/run/x11vnc-${X11VNC_DISPLAY}"
 
 	if [ -n "${X11VNC_AUTOPORT}" ]; then
 		X11VNC_PORT=""
@@ -30,7 +30,7 @@ checkconfig() {
 	checkpath -q -f -m 0600 -o root:root "${X11VNC_RFBAUTH}"
 
 	# Attempt to find X-Auth file
-	if ! type xauth > /dev/null 2>&1 ||
+	if ! command -v xauth > /dev/null 2>&1 ||
 			! xauth -f /root/.Xauthority extract - "${X11VNC_DISPLAY}" > "${X11VNC_AUTH}" 2>/dev/null ||
 			[ ! -s "${X11VNC_AUTH}" ]; then
 		# Let x11vnc guess at auth
@@ -43,7 +43,7 @@ checkconfig() {
 	if [ ! -f "${X11VNC_AUTH}" ]; then
 		eerror "Specified X-Authority file '${X11VNC_AUTH}' not found!"
 		return 1
-	fi	
+	fi
 }
 
 start() {

diff --git a/x11-misc/x11vnc/x11vnc-0.9.16-r7.ebuild b/x11-misc/x11vnc/x11vnc-0.9.16-r8.ebuild
similarity index 95%
rename from x11-misc/x11vnc/x11vnc-0.9.16-r7.ebuild
rename to x11-misc/x11vnc/x11vnc-0.9.16-r8.ebuild
index 9ce245d..eaaef2f 100644
--- a/x11-misc/x11vnc/x11vnc-0.9.16-r7.ebuild
+++ b/x11-misc/x11vnc/x11vnc-0.9.16-r8.ebuild
@@ -1,7 +1,7 @@
-# Copyright 1999-2021 Gentoo Authors
+# Copyright 1999-2023 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
-EAPI=7
+EAPI=8
 
 inherit autotools
 
@@ -44,6 +44,7 @@ PATCHES=(
 	"${FILESDIR}"/${P}-libressl.patch
 	"${FILESDIR}"/${P}-fno-common.patch
 	"${FILESDIR}"/${P}-CVE-2020-29074.patch
+	"${FILESDIR}"/${P}-implicit-function-declaration.patch
 )
 
 src_prepare() {

[gentoo-commits] repo/proj/libressl:master commit in: x11-misc/x11vnc/, x11-misc/x11vnc/files/

[orbea]

commit:     1a3b9f8ddc8b919798838f62c90fc200b067a0a0
Author:     orbea <orbea <AT> riseup <DOT> net>
AuthorDate: Wed May 10 18:03:58 2023 +0000
Commit:     orbea <orbea <AT> riseup <DOT> net>
CommitDate: Wed May 10 18:03:58 2023 +0000
URL:        https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=1a3b9f8d

x11-misc/x11vnc: treeclean

Bug: https://bugs.gentoo.org/903001
Upstream-PR: https://github.com/gentoo/gentoo/pull/30856
Upstream-Commit: https://github.com/gentoo/gentoo/commit/6736b24818b00f95d55ca46ac02335bfc505e71f
Signed-off-by: orbea <orbea <AT> riseup.net>

 x11-misc/x11vnc/Manifest                           |  1 -
 .../files/x11vnc-0.9.16-CVE-2020-29074.patch       | 25 -------
 .../x11vnc/files/x11vnc-0.9.16-anonymous-ssl.patch | 26 -------
 x11-misc/x11vnc/files/x11vnc-0.9.16-crypto.patch   | 23 -------
 .../x11vnc/files/x11vnc-0.9.16-fno-common.patch    | 45 ------------
 ...1vnc-0.9.16-implicit-function-declaration.patch | 26 -------
 x11-misc/x11vnc/files/x11vnc-0.9.16-libressl.patch | 25 -------
 x11-misc/x11vnc/files/x11vnc.conf.d                | 37 ----------
 x11-misc/x11vnc/files/x11vnc.init.d-r1             | 70 -------------------
 x11-misc/x11vnc/metadata.xml                       | 26 -------
 x11-misc/x11vnc/x11vnc-0.9.16-r8.ebuild            | 80 ----------------------
 11 files changed, 384 deletions(-)

diff --git a/x11-misc/x11vnc/Manifest b/x11-misc/x11vnc/Manifest
deleted file mode 100644
index 99593c7..0000000
--- a/x11-misc/x11vnc/Manifest
+++ /dev/null
@@ -1 +0,0 @@
-DIST x11vnc-0.9.16.tar.gz 1708009 BLAKE2B a8789f95ef421a78a83703748e1d80fd45539dff24f80493fd75e357bc22378213915853f9d114248c172cd83977880e1e4e8a3f8df0771017e9988d83b7307d SHA512 69f65ee312f8dede6051b401304987502a213c6c28c7f41e855734f11de1fae14d5d493dc9c28b2e4b7c0be55f8dbd3b35dd2610aae910183772c3e626736fec

diff --git a/x11-misc/x11vnc/files/x11vnc-0.9.16-CVE-2020-29074.patch b/x11-misc/x11vnc/files/x11vnc-0.9.16-CVE-2020-29074.patch
deleted file mode 100644
index 12f65b9..0000000
--- a/x11-misc/x11vnc/files/x11vnc-0.9.16-CVE-2020-29074.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 69eeb9f7baa14ca03b16c9de821f9876def7a36a Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Gu=C3=A9nal=20DAVALAN?= <guenal.davalan@uca.fr>
-Date: Wed, 18 Nov 2020 08:40:45 +0100
-Subject: [PATCH] scan: limit access to shared memory segments to current user
-
----
- src/scan.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/scan.c b/src/scan.c
-index 43e00d2..12994d5 100644
---- a/src/scan.c
-+++ b/src/scan.c
-@@ -320,7 +320,7 @@ static int shm_create(XShmSegmentInfo *shm, XImage **ximg_ptr, int w, int h,
- 
- #if HAVE_XSHM
- 	shm->shmid = shmget(IPC_PRIVATE,
--	    xim->bytes_per_line * xim->height, IPC_CREAT | 0777);
-+	    xim->bytes_per_line * xim->height, IPC_CREAT | 0600);
- 
- 	if (shm->shmid == -1) {
- 		rfbErr("shmget(%s) failed.\n", name);
--- 
-2.26.2
-

diff --git a/x11-misc/x11vnc/files/x11vnc-0.9.16-anonymous-ssl.patch b/x11-misc/x11vnc/files/x11vnc-0.9.16-anonymous-ssl.patch
deleted file mode 100644
index 3dafb9a..0000000
--- a/x11-misc/x11vnc/files/x11vnc-0.9.16-anonymous-ssl.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From b9cf79fd3d61a7586fe6b24b3141e406cdf334eb Mon Sep 17 00:00:00 2001
-From: Jim Broadus <jbroadus@xevo.com>
-Date: Wed, 2 Jan 2019 17:37:40 -0800
-Subject: [PATCH] Fix anonymous SSL. In version 1.1.0, openssl introduced a
- security level concept. Only level 0 allows the use of unauthenticated cipher
- suites such as ADH.
-
----
- src/sslhelper.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/src/sslhelper.c b/src/sslhelper.c
-index 1a3e7474..04c2e273 100644
---- a/src/sslhelper.c
-+++ b/src/sslhelper.c
-@@ -1596,6 +1596,10 @@ static int switch_to_anon_dh(void) {
- 	if (ssl_client_mode) {
- 		return 1;
- 	}
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-+	/* Security level must be set to 0 for unauthenticated suites. */
-+	SSL_CTX_set_security_level(ctx, 0);
-+#endif
- 	if (!SSL_CTX_set_cipher_list(ctx, "ADH:@STRENGTH")) {
- 		return 0;
- 	}

diff --git a/x11-misc/x11vnc/files/x11vnc-0.9.16-crypto.patch b/x11-misc/x11vnc/files/x11vnc-0.9.16-crypto.patch
deleted file mode 100644
index 21872e7..0000000
--- a/x11-misc/x11vnc/files/x11vnc-0.9.16-crypto.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-From 3024af3685be9eb618352bd17ba37953d8076946 Mon Sep 17 00:00:00 2001
-From: Christian Beier <dontmind@freeshell.org>
-Date: Thu, 17 Jan 2019 14:05:53 +0100
-Subject: [PATCH] unixpw: don't try to use crypt() when it isn't available
-
-Closes #86
----
- src/unixpw.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/unixpw.c b/src/unixpw.c
-index 9a43cec..e2cb016 100644
---- a/src/unixpw.c
-+++ b/src/unixpw.c
-@@ -757,7 +757,7 @@ int unixpw_list_match(char *user) {
- }
- 
- int crypt_verify(char *user, char *pass) {
--#ifndef UNIXPW_CRYPT
-+#if !defined UNIXPW_CRYPT || !defined HAVE_LIBCRYPT
- 	return 0;
- #else
- 	struct passwd *pwd;

diff --git a/x11-misc/x11vnc/files/x11vnc-0.9.16-fno-common.patch b/x11-misc/x11vnc/files/x11vnc-0.9.16-fno-common.patch
deleted file mode 100644
index 504159e..0000000
--- a/x11-misc/x11vnc/files/x11vnc-0.9.16-fno-common.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-From a48b0b1cd887d7f3ae67f525d7d334bd2feffe60 Mon Sep 17 00:00:00 2001
-From: Alexander Tsoy <alexander@tsoy.me>
-Date: Tue, 28 Jan 2020 22:21:01 +0300
-Subject: [PATCH] Fix build with -fno-common
-
-GCC 10 defaults to -fno-common
----
- src/util.c | 3 +++
- src/util.h | 6 +++---
- 2 files changed, 6 insertions(+), 3 deletions(-)
-
-diff --git a/src/util.c b/src/util.c
-index a82a1a4..6a52ebf 100644
---- a/src/util.c
-+++ b/src/util.c
-@@ -47,6 +47,9 @@ int hxl = 0;
- #ifdef LIBVNCSERVER_HAVE_LIBPTHREAD
- MUTEX(x11Mutex);
- MUTEX(scrollMutex);
-+MUTEX(clientMutex);
-+MUTEX(inputMutex);
-+MUTEX(pointerMutex);
- #endif
- 
- int nfix(int i, int n);
-diff --git a/src/util.h b/src/util.h
-index 35c1afd..99b5dd1 100644
---- a/src/util.h
-+++ b/src/util.h
-@@ -102,9 +102,9 @@ extern struct timeval _mysleep;
- #ifdef LIBVNCSERVER_HAVE_LIBPTHREAD
- extern MUTEX(x11Mutex);
- extern MUTEX(scrollMutex);
--MUTEX(clientMutex);
--MUTEX(inputMutex);
--MUTEX(pointerMutex);
-+extern MUTEX(clientMutex);
-+extern MUTEX(inputMutex);
-+extern MUTEX(pointerMutex);
- #endif
- 
- #define X_INIT INIT_MUTEX(x11Mutex)
--- 
-2.24.1
-

diff --git a/x11-misc/x11vnc/files/x11vnc-0.9.16-implicit-function-declaration.patch b/x11-misc/x11vnc/files/x11vnc-0.9.16-implicit-function-declaration.patch
deleted file mode 100644
index c6d1c49..0000000
--- a/x11-misc/x11vnc/files/x11vnc-0.9.16-implicit-function-declaration.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From 351d27d4a846e3d0e5c724e067f44b52e04402f1 Mon Sep 17 00:00:00 2001
-From: Alexander Tsoy <alexander@tsoy.me>
-Date: Mon, 6 Mar 2023 00:57:20 +0300
-Subject: [PATCH] Drop AC_FUNC_STAT macro
-
-This macro is obsolescent and doesn't work with
--Werror=implicit-function-declaration compiler flag
----
- configure.ac | 1 -
- 1 file changed, 1 deletion(-)
-
-diff --git a/configure.ac b/configure.ac
-index 6b62ac5..5a386db 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -474,7 +474,6 @@ if test $inaddrt = no ; then
- fi
- # Checks for library functions.
- AC_FUNC_MEMCMP
--AC_FUNC_STAT
- AC_FUNC_STRFTIME
- AC_FUNC_VPRINTF
- AC_FUNC_FORK
--- 
-2.39.2
-

diff --git a/x11-misc/x11vnc/files/x11vnc-0.9.16-libressl.patch b/x11-misc/x11vnc/files/x11vnc-0.9.16-libressl.patch
deleted file mode 100644
index 0f86d05..0000000
--- a/x11-misc/x11vnc/files/x11vnc-0.9.16-libressl.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-https://github.com/LibVNC/x11vnc/pull/224
-
-From: orbea <orbea@riseup.net>
-Date: Tue, 11 Apr 2023 09:35:26 -0700
-Subject: [PATCH] sslhelper: Update for LibreSSL >= 3.6.0
-
-Since LibreSSL 3.6.0 SSL_CTX_set_security_level() has been available.
----
- src/sslhelper.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/src/sslhelper.c b/src/sslhelper.c
-index 04c2e27..4608750 100644
---- a/src/sslhelper.c
-+++ b/src/sslhelper.c
-@@ -1596,7 +1596,8 @@ static int switch_to_anon_dh(void) {
- 	if (ssl_client_mode) {
- 		return 1;
- 	}
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)) || \
-+	(defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER >= 0x3060000fL))
- 	/* Security level must be set to 0 for unauthenticated suites. */
- 	SSL_CTX_set_security_level(ctx, 0);
- #endif

diff --git a/x11-misc/x11vnc/files/x11vnc.conf.d b/x11-misc/x11vnc/files/x11vnc.conf.d
deleted file mode 100644
index 7df3a13..0000000
--- a/x11-misc/x11vnc/files/x11vnc.conf.d
+++ /dev/null
@@ -1,37 +0,0 @@
-# Copyright 1999-2012 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-# Configuration for running x11vnc as a service. This allows VNC 
-# connections prior to logging in to the X display manager.
-
-# Password file location of the password file for VNC Connections
-#   Prior to first run, you must configure a password, to do so please
-#   run `x11vnc -storepasswd /etc/x11vnc.pass`. Replace /etc/x11vnc.pass 
-#   ith the location you have specified below
-#X11VNC_RFBAUTH="/etc/x11vnc.pass"
-
-# Port to listen on for incoming connections
-#X11VNC_RFBPORT="5900"
-
-# Automatically probe for a free port to listen on for incoming connections
-# starting from the port number specified
-#   Setting this will diable X11VNC_RFBPORT above
-#   See `man x11vnc`, option `-autoport` for more information
-#X11VNC_AUTOPORT=""
-
-# X Display to attach to
-#   This should match the display your DM is running on
-#X11VNC_DISPLAY=":0"
-
-# Location of the x11vnc logfile
-#X11VNC_LOG="/var/log/x11vnc"
-
-# Miscelaneous options to pass to x11vnc.
-#   Do not set options that are configurable above.
-#   Check `x11vnc -help` or `man x11vnc` for more options.
-#   * Modern composting DMs/WMs will require "-noxdamage"
-#   * If you experience crashes on logging in, try "-noxfixes"
-#   * Other suggested options include "-noxrecord" and "-ncache ##"
-#     Refer to the x11vnc man page for further explanations.
-#X11VNC_OPTS=""
-

diff --git a/x11-misc/x11vnc/files/x11vnc.init.d-r1 b/x11-misc/x11vnc/files/x11vnc.init.d-r1
deleted file mode 100644
index 8907b38..0000000
--- a/x11-misc/x11vnc/files/x11vnc.init.d-r1
+++ /dev/null
@@ -1,70 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-description="The x11vnc daemon init script"
-
-depend() {
-	need net
-	need display-manager
-}
-
-checkconfig() {
-
-	# Set Defaults
-	X11VNC_RFBAUTH=${X11VNC_RFBAUTH:-/etc/x11vnc.pass}
-	X11VNC_RFBPORT=${X11VNC_RFBPORT:-5900}
-	X11VNC_DISPLAY=${X11VNC_DISPLAY:-:0}
-	X11VNC_LOG=${X11VNC_LOG:-/var/log/x11vnc}
-
-	X11VNC_AUTH="/var/run/x11vnc-${X11VNC_DISPLAY}"
-
-	if [ -n "${X11VNC_AUTOPORT}" ]; then
-		X11VNC_PORT=""
-	fi
-
-	if [ ! -f "${X11VNC_RFBAUTH}" -o ! -s "${X11VNC_RFBAUTH}" ]; then
-		eerror "VNC Password not set, please set one by running: \`x11vnc -storepasswd ${X11VNC_RFBAUTH}\`"
-		return 1
-	fi
-	checkpath -q -f -m 0600 -o root:root "${X11VNC_RFBAUTH}"
-
-	# Attempt to find X-Auth file
-	if ! command -v xauth > /dev/null 2>&1 ||
-			! xauth -f /root/.Xauthority extract - "${X11VNC_DISPLAY}" > "${X11VNC_AUTH}" 2>/dev/null ||
-			[ ! -s "${X11VNC_AUTH}" ]; then
-		# Let x11vnc guess at auth
-		X11VNC_AUTH_OPTS="--env FD_XDM=1 -auth guess"
-	else
-		# We found the proper auth
-		X11VNC_AUTH_OPTS="-auth ${X11VNC_AUTH}"
-	fi
-
-	if [ ! -f "${X11VNC_AUTH}" ]; then
-		eerror "Specified X-Authority file '${X11VNC_AUTH}' not found!"
-		return 1
-	fi
-}
-
-start() {
-	checkconfig || return 1
-
-	ebegin "Starting ${SVCNAME}"
-	start-stop-daemon --start \
-		--exec /usr/bin/x11vnc -- \
-			${X11VNC_AUTH_OPTS} \
-			-rfbauth ${X11VNC_RFBAUTH} \
-			${X11VNC_RFBPORT:+-rfbport} ${X11VNC_RFBPORT} \
-			${X11VNC_AUTOPORT:+-autoport} ${X11VNC_AUTOPORT} \
-			-display ${X11VNC_DISPLAY} \
-			-o ${X11VNC_LOG} \
-			-bg -forever \
-			${X11VNC_OPTS}
-	eend $?
-}
-
-stop() {
-	ebegin "Stopping ${SVCNAME}"
-	start-stop-daemon --stop /usr/bin/x11vnc
-	eend $?
-}

diff --git a/x11-misc/x11vnc/metadata.xml b/x11-misc/x11vnc/metadata.xml
deleted file mode 100644
index 432585e..0000000
--- a/x11-misc/x11vnc/metadata.xml
+++ /dev/null
@@ -1,26 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
-<pkgmetadata>
-	<maintainer type="person" proxied="yes">
-		<email>alexander@tsoy.me</email>
-		<name>Alexander Tsoy</name>
-	</maintainer>
-	<maintainer type="project" proxied="proxy">
-		<email>proxy-maint@gentoo.org</email>
-		<name>Proxy Maintainers</name>
-	</maintainer>
-	<longdescription>
-		The primary goal of this program is to create a portable and
-		simple command-line server utility that allows a VNC viewer
-		to connect to an actual X display.
-	</longdescription>
-	<use>
-		<flag name="xdamage">Enable support for the Xdamage library</flag>
-		<flag name="xfixes">Enable support for the Xfixes library</flag>
-		<flag name="xrandr">Enable support for the X xrandr extension</flag>
-	</use>
-	<upstream>
-		<remote-id type="sourceforge">libvncserver</remote-id>
-		<remote-id type="github">LibVNC/x11vnc</remote-id>
-	</upstream>
-</pkgmetadata>

diff --git a/x11-misc/x11vnc/x11vnc-0.9.16-r8.ebuild b/x11-misc/x11vnc/x11vnc-0.9.16-r8.ebuild
deleted file mode 100644
index eaaef2f..0000000
--- a/x11-misc/x11vnc/x11vnc-0.9.16-r8.ebuild
+++ /dev/null
@@ -1,80 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-inherit autotools
-
-DESCRIPTION="VNC server for real X displays"
-HOMEPAGE="https://libvnc.github.io/"
-SRC_URI="https://github.com/LibVNC/x11vnc/archive/${PV}.tar.gz -> ${P}.tar.gz"
-
-LICENSE="GPL-2+-with-openssl-exception"
-SLOT="0"
-KEYWORDS="~alpha amd64 arm ~arm64 ~hppa ~ia64 ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~sparc-solaris ~x64-solaris ~x86-solaris"
-IUSE="crypt fbcon ssl +xcomposite +xdamage +xfixes xinerama +xrandr zeroconf"
-
-COMMON_DEPEND="
-	>=net-libs/libvncserver-0.9.8[ssl=]
-	x11-libs/libX11
-	x11-libs/libXcursor
-	x11-libs/libXext
-	>=x11-libs/libXtst-1.1.0
-	virtual/libcrypt:=
-	ssl? ( dev-libs/openssl:0= )
-	xcomposite? ( x11-libs/libXcomposite )
-	xdamage? ( x11-libs/libXdamage )
-	xfixes? ( x11-libs/libXfixes )
-	xinerama? ( x11-libs/libXinerama )
-	xrandr? ( x11-libs/libXrandr )
-	zeroconf? ( >=net-dns/avahi-0.6.4 )
-"
-DEPEND="${COMMON_DEPEND}
-	x11-base/xorg-proto
-	x11-libs/libXt
-"
-# https://bugzilla.redhat.com/show_bug.cgi?id=920554
-RDEPEND="${COMMON_DEPEND}
-	dev-lang/tk:0
-"
-
-PATCHES=(
-	"${FILESDIR}"/${P}-crypto.patch # https://github.com/LibVNC/x11vnc/issues/86
-	"${FILESDIR}"/${P}-anonymous-ssl.patch # https://github.com/LibVNC/x11vnc/pull/85
-	"${FILESDIR}"/${P}-libressl.patch
-	"${FILESDIR}"/${P}-fno-common.patch
-	"${FILESDIR}"/${P}-CVE-2020-29074.patch
-	"${FILESDIR}"/${P}-implicit-function-declaration.patch
-)
-
-src_prepare() {
-	default
-	eautoreconf
-}
-
-src_configure() {
-	# --without-v4l because of missing video4linux 2.x support wrt #389079
-	local myconf=(
-		--without-v4l
-		--without-xkeyboard
-		--without-fbpm
-		--without-dpms
-		$(use_with crypt)
-		$(use_with fbcon fbdev)
-		$(use_with ssl)
-		$(use_with ssl crypto)
-		$(use_with xcomposite)
-		$(use_with xdamage)
-		$(use_with xfixes)
-		$(use_with xinerama)
-		$(use_with xrandr)
-		$(use_with zeroconf avahi)
-	)
-	econf "${myconf[@]}"
-}
-
-src_install() {
-	default
-	newinitd "${FILESDIR}/x11vnc.init.d-r1" x11vnc
-	newconfd "${FILESDIR}/x11vnc.conf.d" x11vnc
-}