From eaddb2376621fcc1db0287f77ca12d0e2d779d42 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 28 Apr 2020 04:54:09 -0400 Subject: [PATCH] import gtk-vnc-0.9.0-2.el8 --- ...sasl-Factor-common-code-auth-failure.patch | 63 ++++ ...th-failure-signal-on-SASL-auth-failu.patch | 33 ++ ...r-if-vnc_connection_perform_auth_vnc.patch | 66 ++++ ...ndant-vnc_connection_has_error-calls.patch | 73 ++++ ...vnc_connection_has_error-extensively.patch | 333 ++++++++++++++++++ ...onnection_start_tls-add-deinit-label.patch | 75 ++++ ...tart_tls-set-tls_session-to-NULL-aft.patch | 60 ++++ SPECS/gtk-vnc.spec | 20 +- 8 files changed, 722 insertions(+), 1 deletion(-) create mode 100644 SOURCES/0003-sasl-Factor-common-code-auth-failure.patch create mode 100644 SOURCES/0004-sasl-Emit-vnc-auth-failure-signal-on-SASL-auth-failu.patch create mode 100644 SOURCES/0005-conn-Report-error-if-vnc_connection_perform_auth_vnc.patch create mode 100644 SOURCES/0006-conn-Remove-redundant-vnc_connection_has_error-calls.patch create mode 100644 SOURCES/0007-conn-Use-vnc_connection_has_error-extensively.patch create mode 100644 SOURCES/0008-vnc_connection_start_tls-add-deinit-label.patch create mode 100644 SOURCES/0009-vnc_connection_start_tls-set-tls_session-to-NULL-aft.patch diff --git a/SOURCES/0003-sasl-Factor-common-code-auth-failure.patch b/SOURCES/0003-sasl-Factor-common-code-auth-failure.patch new file mode 100644 index 0000000..826364a --- /dev/null +++ b/SOURCES/0003-sasl-Factor-common-code-auth-failure.patch @@ -0,0 +1,63 @@ +From 9fc84302bb18ffb552f2405df7820df9c4bfa2ec Mon Sep 17 00:00:00 2001 +From: Christophe Fergeau +Date: Wed, 9 Jan 2019 14:01:22 +0100 +Subject: [PATCH] sasl: Factor common code auth failure + +The new vnc_connection_auth_failure() method will be reused in the +next commit. + +Signed-off-by: Christophe Fergeau +(cherry picked from commit 83cac0cbe8b8006c50d177650459aaa47f1fd129) +Resolves: rhbz#1688275 +--- + src/vncconnection.c | 17 +++++++++++------ + 1 file changed, 11 insertions(+), 6 deletions(-) + +diff --git a/src/vncconnection.c b/src/vncconnection.c +index afc1418..58455df 100644 +--- a/src/vncconnection.c ++++ b/src/vncconnection.c +@@ -124,6 +124,7 @@ static void vnc_connection_close(VncConnection *conn); + static void vnc_connection_set_error(VncConnection *conn, + const char *format, + ...) G_GNUC_PRINTF(2, 3); ++static void vnc_connection_auth_failure(VncConnection *conn, const char *reason); + + /* + * A special GSource impl which allows us to wait on a certain +@@ -660,6 +661,14 @@ static G_GNUC_PRINTF(2, 3) void vnc_connection_set_error(VncConnection *conn, + vnc_connection_emit_main_context(conn, VNC_ERROR, &s); + } + ++static void vnc_connection_auth_failure(VncConnection *conn, ++ const char *reason) ++{ ++ struct signal_data sigdata; ++ ++ sigdata.params.authReason = reason; ++ vnc_connection_emit_main_context(conn, VNC_AUTH_FAILURE, &sigdata); ++} + + static gboolean vnc_connection_use_compression(VncConnection *conn) + { +@@ -3571,18 +3580,14 @@ static gboolean vnc_connection_check_auth_result(VncConnection *conn) + reason[len] = '\0'; + VNC_DEBUG("Fail %s", reason); + if (!priv->coroutine_stop) { +- struct signal_data sigdata; +- sigdata.params.authReason = reason; + vnc_connection_set_error(conn, "%s", reason); +- vnc_connection_emit_main_context(conn, VNC_AUTH_FAILURE, &sigdata); ++ vnc_connection_auth_failure(conn, reason); + } + } else { + VNC_DEBUG("Fail auth no result"); + if (!priv->coroutine_stop) { +- struct signal_data sigdata; +- sigdata.params.authReason = "Unknown authentication failure"; + vnc_connection_set_error(conn, "%s", "Unknown authentication failure"); +- vnc_connection_emit_main_context(conn, VNC_AUTH_FAILURE, &sigdata); ++ vnc_connection_auth_failure(conn, "Unknown authentication failure"); + } + } + return FALSE; diff --git a/SOURCES/0004-sasl-Emit-vnc-auth-failure-signal-on-SASL-auth-failu.patch b/SOURCES/0004-sasl-Emit-vnc-auth-failure-signal-on-SASL-auth-failu.patch new file mode 100644 index 0000000..2962825 --- /dev/null +++ b/SOURCES/0004-sasl-Emit-vnc-auth-failure-signal-on-SASL-auth-failu.patch @@ -0,0 +1,33 @@ +From 9cadf0ab5071d14066af233a11f994b166454267 Mon Sep 17 00:00:00 2001 +From: Christophe Fergeau +Date: Wed, 9 Jan 2019 14:01:23 +0100 +Subject: [PATCH] sasl: Emit vnc-auth-failure signal on SASL auth failures + +When the SASL username or password are wrong, at the moment client +application will not get any specific notification for it, they will +just know that the remote connection was closed because of an error. + +This commit adds the emission of the vnc-auth-failure signal when +vnc_connection_perform_auth_sasl() fails. + +https://bugzilla.redhat.com/show_bug.cgi?id=1456175 + +Signed-off-by: Christophe Fergeau +(cherry picked from commit 3f4f79ffbf74f31ae65055c03a8eb523ac631422) +Resolves: rhbz#1688275 +--- + src/vncconnection.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/vncconnection.c b/src/vncconnection.c +index 58455df..aceb31d 100644 +--- a/src/vncconnection.c ++++ b/src/vncconnection.c +@@ -4419,6 +4419,7 @@ static gboolean vnc_connection_perform_auth_sasl(VncConnection *conn) + error: + if (saslconn) + sasl_dispose(&saslconn); ++ vnc_connection_auth_failure(conn, "Unknown authentication failure"); + return FALSE; + } + #endif /* HAVE_SASL */ diff --git a/SOURCES/0005-conn-Report-error-if-vnc_connection_perform_auth_vnc.patch b/SOURCES/0005-conn-Report-error-if-vnc_connection_perform_auth_vnc.patch new file mode 100644 index 0000000..ef7f5b2 --- /dev/null +++ b/SOURCES/0005-conn-Report-error-if-vnc_connection_perform_auth_vnc.patch @@ -0,0 +1,66 @@ +From bfc434015456687388370ccfc0fc92fd54c58b4b Mon Sep 17 00:00:00 2001 +From: Christophe Fergeau +Date: Wed, 9 Jan 2019 14:01:24 +0100 +Subject: [PATCH] conn: Report error if vnc_connection_perform_auth_vnc fails + +At the moment, when the various crypto operations that +vnc_connection_perform_auth_vnc performs fail, no error is reported to +the client application. This commit adds the emission of a vnc-error +signal when this happens. This is not reported as an auth failure as +these errors are not something which is recoverable, they indicate +system failures. + +Signed-off-by: Christophe Fergeau +(cherry picked from commit fa21beab5b44354c890699663a71b07d6ce18d40) +Resolves: rhbz#1688275 +--- + src/vncconnection.c | 13 +++++++++---- + 1 file changed, 9 insertions(+), 4 deletions(-) + +diff --git a/src/vncconnection.c b/src/vncconnection.c +index aceb31d..65111fd 100644 +--- a/src/vncconnection.c ++++ b/src/vncconnection.c +@@ -3638,33 +3638,38 @@ static gboolean vnc_connection_perform_auth_vnc(VncConnection *conn) + error = gcry_cipher_open(&c, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0); + if (gcry_err_code (error) != GPG_ERR_NO_ERROR) { + VNC_DEBUG("gcry_cipher_open error: %s\n", gcry_strerror(error)); +- return FALSE; ++ goto error; + } + + error = gcry_cipher_setkey(c, key, 8); + if (gcry_err_code (error) != GPG_ERR_NO_ERROR) { + VNC_DEBUG("gcry_cipher_setkey error: %s\n", gcry_strerror(error)); + gcry_cipher_close(c); +- return FALSE; ++ goto error; + } + + error = gcry_cipher_encrypt(c, challenge, 8, challenge, 8); + if (gcry_err_code (error) != GPG_ERR_NO_ERROR) { + VNC_DEBUG("gcry_cipher_encrypt error: %s\n", gcry_strerror(error)); + gcry_cipher_close(c); +- return FALSE; ++ goto error; + } + error = gcry_cipher_encrypt(c, challenge + 8, 8, challenge + 8, 8); + if (gcry_err_code (error) != GPG_ERR_NO_ERROR) { + VNC_DEBUG("gcry_cipher_encrypt error: %s\n", gcry_strerror(error)); + gcry_cipher_close(c); +- return FALSE; ++ goto error; + } + gcry_cipher_close(c); + + vnc_connection_write(conn, challenge, 16); + vnc_connection_flush(conn); + return vnc_connection_check_auth_result(conn); ++ ++error: ++ vnc_connection_set_error(conn, "%s: %s", "Unknown authentication failure: %s", ++ gcry_strerror(error)); ++ return FALSE; + } + + /* diff --git a/SOURCES/0006-conn-Remove-redundant-vnc_connection_has_error-calls.patch b/SOURCES/0006-conn-Remove-redundant-vnc_connection_has_error-calls.patch new file mode 100644 index 0000000..452de49 --- /dev/null +++ b/SOURCES/0006-conn-Remove-redundant-vnc_connection_has_error-calls.patch @@ -0,0 +1,73 @@ +From 74fcc039b313a0d3b91d15b83b4d4df4aa84536e Mon Sep 17 00:00:00 2001 +From: Christophe Fergeau +Date: Wed, 9 Jan 2019 14:01:25 +0100 +Subject: [PATCH] conn: Remove redundant vnc_connection_has_error() calls + +No need to call it twice in: +if (vnc_connection_has_error(conn)) + return !vnc_connection_has_error(conn); + +and no need to call it after calling vnc_connection_set_error() as it +will always return TRUE in this scenario. + +Signed-off-by: Christophe Fergeau +(cherry picked from commit 247eaddd7455ee4eb80efe4971167ab0636a4509) +Resolves: rhbz#1688275 +--- + src/vncconnection.c | 12 ++++++------ + 1 file changed, 6 insertions(+), 6 deletions(-) + +diff --git a/src/vncconnection.c b/src/vncconnection.c +index 65111fd..fd7468b 100644 +--- a/src/vncconnection.c ++++ b/src/vncconnection.c +@@ -3120,7 +3120,7 @@ static gboolean vnc_connection_framebuffer_update(VncConnection *conn, gint32 et + etype, width, height, x, y); + + if (vnc_connection_has_error(conn)) +- return !vnc_connection_has_error(conn); ++ return FALSE; + + switch (etype) { + case VNC_CONNECTION_ENCODING_RAW: +@@ -3292,7 +3292,7 @@ static gboolean vnc_connection_server_message(VncConnection *conn) + int ret; + + if (vnc_connection_has_error(conn)) +- return !vnc_connection_has_error(conn); ++ return FALSE; + + /* NB: make sure that all server message functions + handle has_error appropriately */ +@@ -5838,7 +5838,7 @@ gboolean vnc_connection_set_auth_type(VncConnection *conn, unsigned int type) + VNC_DEBUG("Thinking about auth type %u", type); + if (priv->auth_type != VNC_CONNECTION_AUTH_INVALID) { + vnc_connection_set_error(conn, "%s", "Auth type has already been set"); +- return !vnc_connection_has_error(conn); ++ return FALSE; + } + if (type != VNC_CONNECTION_AUTH_NONE && + type != VNC_CONNECTION_AUTH_VNC && +@@ -5851,7 +5851,7 @@ gboolean vnc_connection_set_auth_type(VncConnection *conn, unsigned int type) + vnc_connection_set_error(conn, "Auth type %u is not supported", + type); + g_signal_emit(conn, VNC_AUTH_UNSUPPORTED, 0, type); +- return !vnc_connection_has_error(conn); ++ return FALSE; + } + VNC_DEBUG("Decided on auth type %u", type); + priv->auth_type = type; +@@ -5880,11 +5880,11 @@ gboolean vnc_connection_set_auth_subtype(VncConnection *conn, unsigned int type) + priv->auth_type != VNC_CONNECTION_AUTH_TLS) { + vnc_connection_set_error(conn, "Auth type %u does not support subauth", + priv->auth_type); +- return !vnc_connection_has_error(conn); ++ return FALSE; + } + if (priv->auth_subtype != VNC_CONNECTION_AUTH_INVALID) { + vnc_connection_set_error(conn, "%s", "Auth subtype has already been set"); +- return !vnc_connection_has_error(conn); ++ return FALSE; + } + priv->auth_subtype = type; + diff --git a/SOURCES/0007-conn-Use-vnc_connection_has_error-extensively.patch b/SOURCES/0007-conn-Use-vnc_connection_has_error-extensively.patch new file mode 100644 index 0000000..8583b52 --- /dev/null +++ b/SOURCES/0007-conn-Use-vnc_connection_has_error-extensively.patch @@ -0,0 +1,333 @@ +From fe4d5599a9aec8bcd2ad53d8e124630a53cd8394 Mon Sep 17 00:00:00 2001 +From: Christophe Fergeau +Date: Wed, 9 Jan 2019 14:01:26 +0100 +Subject: [PATCH] conn: Use vnc_connection_has_error() extensively + +It's better to call this helper rather than directly checking for +priv->coroutine_stop. + +Signed-off-by: Christophe Fergeau +(cherry picked from commit ad6478a1e522f5e0c2f396ac3600dc35df5871a8) +Resolves: rhbz#1688275 +--- + src/vncconnection.c | 77 ++++++++++++++++++++++----------------------- + 1 file changed, 37 insertions(+), 40 deletions(-) + +diff --git a/src/vncconnection.c b/src/vncconnection.c +index fd7468b..bbf4373 100644 +--- a/src/vncconnection.c ++++ b/src/vncconnection.c +@@ -736,7 +736,7 @@ static int vnc_connection_read_wire(VncConnection *conn, void *data, size_t len) + + reread: + +- if (priv->coroutine_stop) return -EINVAL; ++ if (vnc_connection_has_error(conn)) return -EINVAL; + + if (priv->tls_session) { + ret = gnutls_read(priv->tls_session, data, len); +@@ -885,7 +885,7 @@ static int vnc_connection_read(VncConnection *conn, void *data, size_t len) + char *ptr = data; + size_t offset = 0; + +- if (priv->coroutine_stop) return -EINVAL; ++ if (vnc_connection_has_error(conn)) return -EINVAL; + + while (offset < len) { + size_t tmp; +@@ -941,7 +941,7 @@ static void vnc_connection_flush_wire(VncConnection *conn, + int ret; + gboolean blocking = FALSE; + +- if (priv->coroutine_stop) return; ++ if (vnc_connection_has_error(conn)) return; + + if (priv->tls_session) { + ret = gnutls_write(priv->tls_session, +@@ -2878,10 +2878,9 @@ static void vnc_connection_tight_update(VncConnection *conn, + + static void vnc_connection_update(VncConnection *conn, int x, int y, int width, int height) + { +- VncConnectionPrivate *priv = conn->priv; + struct signal_data sigdata; + +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return; + + VNC_DEBUG("Notify update area (%dx%d) at location %d,%d", width, height, x, y); +@@ -2896,10 +2895,9 @@ static void vnc_connection_update(VncConnection *conn, int x, int y, int width, + + static void vnc_connection_bell(VncConnection *conn) + { +- VncConnectionPrivate *priv = conn->priv; + struct signal_data sigdata; + +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return; + + VNC_DEBUG("Server beep"); +@@ -2911,11 +2909,10 @@ static void vnc_connection_server_cut_text(VncConnection *conn, + const void *data, + size_t len) + { +- VncConnectionPrivate *priv = conn->priv; + struct signal_data sigdata; + GString *text; + +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return; + + text = g_string_new_len ((const gchar *)data, len); +@@ -2933,7 +2930,7 @@ static void vnc_connection_resize(VncConnection *conn, int width, int height) + + VNC_DEBUG("Desktop resize w=%d h=%d", width, height); + +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return; + + priv->width = width; +@@ -2949,7 +2946,7 @@ static void vnc_connection_pixel_format(VncConnection *conn) + VncConnectionPrivate *priv = conn->priv; + struct signal_data sigdata; + +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return; + + sigdata.params.pixelFormat = &priv->fmt; +@@ -2967,7 +2964,7 @@ static void vnc_connection_pointer_type_change(VncConnection *conn, gboolean abs + return; + priv->absPointer = absPointer; + +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return; + + sigdata.params.absPointer = absPointer; +@@ -3028,7 +3025,7 @@ static void vnc_connection_rich_cursor(VncConnection *conn, guint16 x, guint16 y + priv->cursor = vnc_cursor_new(pixbuf, x, y, width, height); + } + +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return; + + sigdata.params.cursor = priv->cursor; +@@ -3093,7 +3090,7 @@ static void vnc_connection_xcursor(VncConnection *conn, guint16 x, guint16 y, gu + priv->cursor = vnc_cursor_new(pixbuf, x, y, width, height); + } + +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return; + + sigdata.params.cursor = priv->cursor; +@@ -3405,7 +3402,7 @@ static gboolean vnc_connection_server_message(VncConnection *conn) + + n_type = vnc_connection_read_u8(conn); + +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + break; + + switch (n_type) { +@@ -3423,7 +3420,7 @@ static gboolean vnc_connection_server_message(VncConnection *conn) + n_length, 1024 * 1024); + break; + } +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + break; + + if (!priv->audio) { +@@ -3491,7 +3488,7 @@ static gboolean vnc_connection_has_credentials(gpointer data) + VncConnection *conn = data; + VncConnectionPrivate *priv = conn->priv; + +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return TRUE; + if (priv->want_cred_username && !priv->cred_username) + return FALSE; +@@ -3508,7 +3505,7 @@ static gboolean vnc_connection_gather_credentials(VncConnection *conn) + + VNC_DEBUG("Checking if credentials are needed"); + +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return FALSE; + + if (!vnc_connection_has_credentials(conn)) { +@@ -3546,7 +3543,7 @@ static gboolean vnc_connection_gather_credentials(VncConnection *conn) + + g_value_array_free(authCred); + +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return FALSE; + VNC_DEBUG("Waiting for missing credentials"); + g_condition_wait(vnc_connection_has_credentials, conn); +@@ -3579,13 +3576,13 @@ static gboolean vnc_connection_check_auth_result(VncConnection *conn) + vnc_connection_read(conn, reason, len); + reason[len] = '\0'; + VNC_DEBUG("Fail %s", reason); +- if (!priv->coroutine_stop) { ++ if (!vnc_connection_has_error(conn)) { + vnc_connection_set_error(conn, "%s", reason); + vnc_connection_auth_failure(conn, reason); + } + } else { + VNC_DEBUG("Fail auth no result"); +- if (!priv->coroutine_stop) { ++ if (!vnc_connection_has_error(conn)) { + vnc_connection_set_error(conn, "%s", "Unknown authentication failure"); + vnc_connection_auth_failure(conn, "Unknown authentication failure"); + } +@@ -4197,7 +4194,7 @@ static gboolean vnc_connection_perform_auth_sasl(VncConnection *conn) + + /* Get the supported mechanisms from the server */ + mechlistlen = vnc_connection_read_u32(conn); +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + goto error; + if (mechlistlen > SASL_MAX_MECHLIST_LEN) { + vnc_connection_set_error(conn, +@@ -4209,7 +4206,7 @@ static gboolean vnc_connection_perform_auth_sasl(VncConnection *conn) + mechlist = g_malloc(mechlistlen+1); + vnc_connection_read(conn, mechlist, mechlistlen); + mechlist[mechlistlen] = '\0'; +- if (priv->coroutine_stop) { ++ if (vnc_connection_has_error(conn)) { + g_free(mechlist); + mechlist = NULL; + goto error; +@@ -4266,14 +4263,14 @@ static gboolean vnc_connection_perform_auth_sasl(VncConnection *conn) + vnc_connection_write_u32(conn, 0); + } + vnc_connection_flush(conn); +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + goto error; + + + VNC_DEBUG("%s", "Getting sever start negotiation reply"); + /* Read the 'START' message reply from server */ + serverinlen = vnc_connection_read_u32(conn); +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + goto error; + if (serverinlen > SASL_MAX_DATA_LEN) { + vnc_connection_set_error(conn, +@@ -4292,7 +4289,7 @@ static gboolean vnc_connection_perform_auth_sasl(VncConnection *conn) + serverin = NULL; + } + complete = vnc_connection_read_u8(conn); +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + goto error; + + VNC_DEBUG("Client start result complete: %d. Data %u bytes %p '%s'", +@@ -4354,13 +4351,13 @@ static gboolean vnc_connection_perform_auth_sasl(VncConnection *conn) + vnc_connection_write_u32(conn, 0); + } + vnc_connection_flush(conn); +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + goto error; + + VNC_DEBUG("Server step with %u bytes %p", clientoutlen, clientout); + + serverinlen = vnc_connection_read_u32(conn); +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + goto error; + if (serverinlen > SASL_MAX_DATA_LEN) { + vnc_connection_set_error(conn, +@@ -4379,7 +4376,7 @@ static gboolean vnc_connection_perform_auth_sasl(VncConnection *conn) + serverin = NULL; + } + complete = vnc_connection_read_u8(conn); +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + goto error; + + VNC_DEBUG("Client step result complete: %d. Data %u bytes %p '%s'", +@@ -4524,7 +4521,7 @@ static gboolean vnc_connection_has_auth_subtype(gpointer data) + VncConnection *conn = data; + VncConnectionPrivate *priv = conn->priv; + +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return TRUE; + if (priv->auth_subtype == VNC_CONNECTION_AUTH_INVALID) + return FALSE; +@@ -4597,15 +4594,15 @@ static gboolean vnc_connection_perform_auth_tls(VncConnection *conn) + VNC_DEBUG("Possible TLS sub-auth %u", auth[i]); + } + +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return FALSE; + vnc_connection_choose_auth(conn, VNC_AUTH_CHOOSE_SUBTYPE, nauth, auth); +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return FALSE; + + VNC_DEBUG("Waiting for TLS auth subtype"); + g_condition_wait(vnc_connection_has_auth_subtype, conn); +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return FALSE; + + VNC_DEBUG("Choose auth %u", priv->auth_subtype); +@@ -4672,15 +4669,15 @@ static gboolean vnc_connection_perform_auth_vencrypt(VncConnection *conn) + VNC_DEBUG("Possible VeNCrypt sub-auth %u", auth[i]); + } + +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return FALSE; + vnc_connection_choose_auth(conn, VNC_AUTH_CHOOSE_SUBTYPE, nauth, auth); +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return FALSE; + + VNC_DEBUG("Waiting for VeNCrypt auth subtype"); + g_condition_wait(vnc_connection_has_auth_subtype, conn); +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return FALSE; + + VNC_DEBUG("Choose auth %u", priv->auth_subtype); +@@ -4753,7 +4750,7 @@ static gboolean vnc_connection_has_auth_type(gpointer data) + VncConnection *conn = data; + VncConnectionPrivate *priv = conn->priv; + +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return TRUE; + if (priv->auth_type == VNC_CONNECTION_AUTH_INVALID) + return FALSE; +@@ -4790,15 +4787,15 @@ static gboolean vnc_connection_perform_auth(VncConnection *conn) + VNC_DEBUG("Possible auth %u", auth[i]); + } + +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return FALSE; + vnc_connection_choose_auth(conn, VNC_AUTH_CHOOSE_TYPE, nauth, auth); +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return FALSE; + + VNC_DEBUG("Waiting for auth type"); + g_condition_wait(vnc_connection_has_auth_type, conn); +- if (priv->coroutine_stop) ++ if (vnc_connection_has_error(conn)) + return FALSE; + + VNC_DEBUG("Choose auth %u", priv->auth_type); diff --git a/SOURCES/0008-vnc_connection_start_tls-add-deinit-label.patch b/SOURCES/0008-vnc_connection_start_tls-add-deinit-label.patch new file mode 100644 index 0000000..6f689af --- /dev/null +++ b/SOURCES/0008-vnc_connection_start_tls-add-deinit-label.patch @@ -0,0 +1,75 @@ +From a820d8623e5eae48cb08b624c85fc846a198df16 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?J=C3=A1n=20Tomko?= +Date: Fri, 11 Jan 2019 16:34:30 +0100 +Subject: [PATCH] vnc_connection_start_tls: add deinit label +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Introduce a deinit label to unify cleanup paths which call gnutls_deinit. + +Signed-off-by: Ján Tomko +(cherry picked from commit e62d010777eecda47829e9da54bad3387f4d6231) +Resolves: rhbz#1665837 +--- + src/vncconnection.c | 19 +++++++++---------- + 1 file changed, 9 insertions(+), 10 deletions(-) + +diff --git a/src/vncconnection.c b/src/vncconnection.c +index bbf4373..7b15211 100644 +--- a/src/vncconnection.c ++++ b/src/vncconnection.c +@@ -4445,22 +4445,19 @@ static gboolean vnc_connection_start_tls(VncConnection *conn, int anonTLS) + } + + if (gnutls_priority_set_direct(priv->tls_session, priority, NULL) < 0) { +- gnutls_deinit(priv->tls_session); + vnc_connection_set_error(conn, "%s", "Failed to set priority"); +- return FALSE; ++ goto deinit; + } + + if (anonTLS) { + gnutls_anon_client_credentials anon_cred = vnc_connection_tls_initialize_anon_cred(); + if (!anon_cred) { +- gnutls_deinit(priv->tls_session); + vnc_connection_set_error(conn, "%s", "Failed to allocate credentials"); +- return FALSE; ++ goto deinit; + } + if (gnutls_credentials_set(priv->tls_session, GNUTLS_CRD_ANON, anon_cred) < 0) { +- gnutls_deinit(priv->tls_session); + vnc_connection_set_error(conn, "%s", "Failed to initialize credentials"); +- return FALSE; ++ goto deinit; + } + } else { + priv->want_cred_password = FALSE; +@@ -4471,14 +4468,12 @@ static gboolean vnc_connection_start_tls(VncConnection *conn, int anonTLS) + + gnutls_certificate_credentials_t x509_cred = vnc_connection_tls_initialize_cert_cred(conn); + if (!x509_cred) { +- gnutls_deinit(priv->tls_session); + vnc_connection_set_error(conn, "%s", "Failed to allocate credentials"); +- return FALSE; ++ goto deinit; + } + if (gnutls_credentials_set(priv->tls_session, GNUTLS_CRD_CERTIFICATE, x509_cred) < 0) { +- gnutls_deinit(priv->tls_session); + vnc_connection_set_error(conn, "%s", "Failed to initialize credentials"); +- return FALSE; ++ goto deinit; + } + } + +@@ -4514,6 +4509,10 @@ static gboolean vnc_connection_start_tls(VncConnection *conn, int anonTLS) + } + return TRUE; + } ++ ++ deinit: ++ gnutls_deinit(priv->tls_session); ++ return FALSE; + } + + static gboolean vnc_connection_has_auth_subtype(gpointer data) diff --git a/SOURCES/0009-vnc_connection_start_tls-set-tls_session-to-NULL-aft.patch b/SOURCES/0009-vnc_connection_start_tls-set-tls_session-to-NULL-aft.patch new file mode 100644 index 0000000..b8df57e --- /dev/null +++ b/SOURCES/0009-vnc_connection_start_tls-set-tls_session-to-NULL-aft.patch @@ -0,0 +1,60 @@ +From 47fdacf72c35cb89071084171e020b4846b3fbd6 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?J=C3=A1n=20Tomko?= +Date: Fri, 11 Jan 2019 16:34:31 +0100 +Subject: [PATCH] vnc_connection_start_tls: set tls_session to NULL after + deinit +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Avoid a double free in case of a failure, e.g. when vnc_connection_tls_initialize_cert_cred +fails to read the certificate: + +==1154== Invalid read of size 4 +==1154== at 0x60870FB: gnutls_bye (record.c:288) +==1154== by 0x4A46B73: vnc_connection_close (vncconnection.c:5120) +==1154== by 0x4A4E6CA: vnc_connection_coroutine (vncconnection.c:5650) +==1154== by 0x4A51BCE: coroutine_trampoline (coroutine_ucontext.c:55) +==1154== by 0x5BD81FF: ??? (in /usr/lib64/libc-2.28.so) +==1154== by 0x175DB277: ??? +==1154== Address 0x1847fcf0 is 384 bytes inside a block of size 6,496 free'd +==1154== at 0x4839A0C: free (vg_replace_malloc.c:540) +==1154== by 0x4A4B019: vnc_connection_start_tls (vncconnection.c:4466) +==1154== by 0x4A4CBE8: vnc_connection_perform_auth_vencrypt (vncconnection.c:4708) +==1154== by 0x4A4CBE8: vnc_connection_perform_auth (vncconnection.c:4818) +==1154== by 0x4A4CBE8: vnc_connection_initialize (vncconnection.c:5415) +==1154== by 0x4A4E50F: vnc_connection_coroutine (vncconnection.c:5639) +==1154== by 0x4A51BCE: coroutine_trampoline (coroutine_ucontext.c:55) +==1154== by 0x5BD81FF: ??? (in /usr/lib64/libc-2.28.so) +==1154== by 0x175DB277: ??? +==1154== Block was alloc'd at +==1154== at 0x483AB1A: calloc (vg_replace_malloc.c:762) +==1154== by 0x60B6FDE: gnutls_init (state.c:465) +==1154== by 0x4A4AB28: vnc_connection_start_tls (vncconnection.c:4434) +==1154== by 0x4A4CBE8: vnc_connection_perform_auth_vencrypt (vncconnection.c:4708) +==1154== by 0x4A4CBE8: vnc_connection_perform_auth (vncconnection.c:4818) +==1154== by 0x4A4CBE8: vnc_connection_initialize (vncconnection.c:5415) +==1154== by 0x4A4E50F: vnc_connection_coroutine (vncconnection.c:5639) +==1154== by 0x4A51BCE: coroutine_trampoline (coroutine_ucontext.c:55) +==1154== by 0x5BD81FF: ??? (in /usr/lib64/libc-2.28.so) +==1154== by 0x175DB277: ??? + +Signed-off-by: Ján Tomko +(cherry picked from commit 7879ae9c747b4e95bb3850c4e67ca57d3ded82e3) +Resolves: rhbz#1665837 +--- + src/vncconnection.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/vncconnection.c b/src/vncconnection.c +index 7b15211..5321731 100644 +--- a/src/vncconnection.c ++++ b/src/vncconnection.c +@@ -4512,6 +4512,7 @@ static gboolean vnc_connection_start_tls(VncConnection *conn, int anonTLS) + + deinit: + gnutls_deinit(priv->tls_session); ++ priv->tls_session = NULL; + return FALSE; + } + diff --git a/SPECS/gtk-vnc.spec b/SPECS/gtk-vnc.spec index 8a6193d..098f6de 100644 --- a/SPECS/gtk-vnc.spec +++ b/SPECS/gtk-vnc.spec @@ -32,11 +32,18 @@ Summary: A GTK2 widget for VNC clients Name: gtk-vnc Version: 0.9.0 -Release: 1%{?dist}%{?extra_release} +Release: 2%{?dist}%{?extra_release} License: LGPLv2+ Source: http://ftp.gnome.org/pub/GNOME/sources/%{name}/0.5/%{name}-%{version}.tar.xz Patch1: 0001-fix-crash-when-connection-fails-early.patch Patch2: 0002-gvnc-1.0.pc.in-Use-GLIB_REQUIRED.patch +Patch3: 0003-sasl-Factor-common-code-auth-failure.patch +Patch4: 0004-sasl-Emit-vnc-auth-failure-signal-on-SASL-auth-failu.patch +Patch5: 0005-conn-Report-error-if-vnc_connection_perform_auth_vnc.patch +Patch6: 0006-conn-Remove-redundant-vnc_connection_has_error-calls.patch +Patch7: 0007-conn-Use-vnc_connection_has_error-extensively.patch +Patch8: 0008-vnc_connection_start_tls-add-deinit-label.patch +Patch9: 0009-vnc_connection_start_tls-set-tls_session-to-NULL-aft.patch URL: https://wiki.gnome.org/Projects/gtk-vnc Requires: gvnc = %{version}-%{release} %if %{with_gtk2} @@ -159,6 +166,13 @@ Libraries, includes, etc. to compile with the gtk-vnc library cd gtk-vnc-%{version} %patch1 -p1 %patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 +%patch7 -p1 +%patch8 -p1 +%patch9 -p1 cd .. %if %{with_gtk3} @@ -322,6 +336,10 @@ rm -f %{buildroot}%{_libdir}/*.la %endif %changelog +* Thu Nov 28 2019 Daniel P. Berrangé - 0.9.0-2 +- Fix crash when TLS handshake fails (rhbz #1665837) +- Ensure auth failure signal is emitted when SASL fails (rhbz #1688275) + * Thu Aug 30 2018 Daniel P. Berrangé - 0.9.0-1 - Update to 0.9.0 release - Use gcrypt for DES impl instead of local DES impl (rhbz #1618426)