import gtk-vnc-0.9.0-2.el8

This commit is contained in:
CentOS Sources 2020-04-28 04:54:09 -04:00 committed by Andrew Lukoshko
parent 8de792c212
commit eaddb23766
8 changed files with 722 additions and 1 deletions

View File

@ -0,0 +1,63 @@
From 9fc84302bb18ffb552f2405df7820df9c4bfa2ec Mon Sep 17 00:00:00 2001
From: Christophe Fergeau <cfergeau@redhat.com>
Date: Wed, 9 Jan 2019 14:01:22 +0100
Subject: [PATCH] sasl: Factor common code auth failure
The new vnc_connection_auth_failure() method will be reused in the
next commit.
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
(cherry picked from commit 83cac0cbe8b8006c50d177650459aaa47f1fd129)
Resolves: rhbz#1688275
---
src/vncconnection.c | 17 +++++++++++------
1 file changed, 11 insertions(+), 6 deletions(-)
diff --git a/src/vncconnection.c b/src/vncconnection.c
index afc1418..58455df 100644
--- a/src/vncconnection.c
+++ b/src/vncconnection.c
@@ -124,6 +124,7 @@ static void vnc_connection_close(VncConnection *conn);
static void vnc_connection_set_error(VncConnection *conn,
const char *format,
...) G_GNUC_PRINTF(2, 3);
+static void vnc_connection_auth_failure(VncConnection *conn, const char *reason);
/*
* A special GSource impl which allows us to wait on a certain
@@ -660,6 +661,14 @@ static G_GNUC_PRINTF(2, 3) void vnc_connection_set_error(VncConnection *conn,
vnc_connection_emit_main_context(conn, VNC_ERROR, &s);
}
+static void vnc_connection_auth_failure(VncConnection *conn,
+ const char *reason)
+{
+ struct signal_data sigdata;
+
+ sigdata.params.authReason = reason;
+ vnc_connection_emit_main_context(conn, VNC_AUTH_FAILURE, &sigdata);
+}
static gboolean vnc_connection_use_compression(VncConnection *conn)
{
@@ -3571,18 +3580,14 @@ static gboolean vnc_connection_check_auth_result(VncConnection *conn)
reason[len] = '\0';
VNC_DEBUG("Fail %s", reason);
if (!priv->coroutine_stop) {
- struct signal_data sigdata;
- sigdata.params.authReason = reason;
vnc_connection_set_error(conn, "%s", reason);
- vnc_connection_emit_main_context(conn, VNC_AUTH_FAILURE, &sigdata);
+ vnc_connection_auth_failure(conn, reason);
}
} else {
VNC_DEBUG("Fail auth no result");
if (!priv->coroutine_stop) {
- struct signal_data sigdata;
- sigdata.params.authReason = "Unknown authentication failure";
vnc_connection_set_error(conn, "%s", "Unknown authentication failure");
- vnc_connection_emit_main_context(conn, VNC_AUTH_FAILURE, &sigdata);
+ vnc_connection_auth_failure(conn, "Unknown authentication failure");
}
}
return FALSE;

View File

@ -0,0 +1,33 @@
From 9cadf0ab5071d14066af233a11f994b166454267 Mon Sep 17 00:00:00 2001
From: Christophe Fergeau <cfergeau@redhat.com>
Date: Wed, 9 Jan 2019 14:01:23 +0100
Subject: [PATCH] sasl: Emit vnc-auth-failure signal on SASL auth failures
When the SASL username or password are wrong, at the moment client
application will not get any specific notification for it, they will
just know that the remote connection was closed because of an error.
This commit adds the emission of the vnc-auth-failure signal when
vnc_connection_perform_auth_sasl() fails.
https://bugzilla.redhat.com/show_bug.cgi?id=1456175
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
(cherry picked from commit 3f4f79ffbf74f31ae65055c03a8eb523ac631422)
Resolves: rhbz#1688275
---
src/vncconnection.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/vncconnection.c b/src/vncconnection.c
index 58455df..aceb31d 100644
--- a/src/vncconnection.c
+++ b/src/vncconnection.c
@@ -4419,6 +4419,7 @@ static gboolean vnc_connection_perform_auth_sasl(VncConnection *conn)
error:
if (saslconn)
sasl_dispose(&saslconn);
+ vnc_connection_auth_failure(conn, "Unknown authentication failure");
return FALSE;
}
#endif /* HAVE_SASL */

View File

@ -0,0 +1,66 @@
From bfc434015456687388370ccfc0fc92fd54c58b4b Mon Sep 17 00:00:00 2001
From: Christophe Fergeau <cfergeau@redhat.com>
Date: Wed, 9 Jan 2019 14:01:24 +0100
Subject: [PATCH] conn: Report error if vnc_connection_perform_auth_vnc fails
At the moment, when the various crypto operations that
vnc_connection_perform_auth_vnc performs fail, no error is reported to
the client application. This commit adds the emission of a vnc-error
signal when this happens. This is not reported as an auth failure as
these errors are not something which is recoverable, they indicate
system failures.
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
(cherry picked from commit fa21beab5b44354c890699663a71b07d6ce18d40)
Resolves: rhbz#1688275
---
src/vncconnection.c | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/src/vncconnection.c b/src/vncconnection.c
index aceb31d..65111fd 100644
--- a/src/vncconnection.c
+++ b/src/vncconnection.c
@@ -3638,33 +3638,38 @@ static gboolean vnc_connection_perform_auth_vnc(VncConnection *conn)
error = gcry_cipher_open(&c, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0);
if (gcry_err_code (error) != GPG_ERR_NO_ERROR) {
VNC_DEBUG("gcry_cipher_open error: %s\n", gcry_strerror(error));
- return FALSE;
+ goto error;
}
error = gcry_cipher_setkey(c, key, 8);
if (gcry_err_code (error) != GPG_ERR_NO_ERROR) {
VNC_DEBUG("gcry_cipher_setkey error: %s\n", gcry_strerror(error));
gcry_cipher_close(c);
- return FALSE;
+ goto error;
}
error = gcry_cipher_encrypt(c, challenge, 8, challenge, 8);
if (gcry_err_code (error) != GPG_ERR_NO_ERROR) {
VNC_DEBUG("gcry_cipher_encrypt error: %s\n", gcry_strerror(error));
gcry_cipher_close(c);
- return FALSE;
+ goto error;
}
error = gcry_cipher_encrypt(c, challenge + 8, 8, challenge + 8, 8);
if (gcry_err_code (error) != GPG_ERR_NO_ERROR) {
VNC_DEBUG("gcry_cipher_encrypt error: %s\n", gcry_strerror(error));
gcry_cipher_close(c);
- return FALSE;
+ goto error;
}
gcry_cipher_close(c);
vnc_connection_write(conn, challenge, 16);
vnc_connection_flush(conn);
return vnc_connection_check_auth_result(conn);
+
+error:
+ vnc_connection_set_error(conn, "%s: %s", "Unknown authentication failure: %s",
+ gcry_strerror(error));
+ return FALSE;
}
/*

View File

@ -0,0 +1,73 @@
From 74fcc039b313a0d3b91d15b83b4d4df4aa84536e Mon Sep 17 00:00:00 2001
From: Christophe Fergeau <cfergeau@redhat.com>
Date: Wed, 9 Jan 2019 14:01:25 +0100
Subject: [PATCH] conn: Remove redundant vnc_connection_has_error() calls
No need to call it twice in:
if (vnc_connection_has_error(conn))
return !vnc_connection_has_error(conn);
and no need to call it after calling vnc_connection_set_error() as it
will always return TRUE in this scenario.
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
(cherry picked from commit 247eaddd7455ee4eb80efe4971167ab0636a4509)
Resolves: rhbz#1688275
---
src/vncconnection.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/src/vncconnection.c b/src/vncconnection.c
index 65111fd..fd7468b 100644
--- a/src/vncconnection.c
+++ b/src/vncconnection.c
@@ -3120,7 +3120,7 @@ static gboolean vnc_connection_framebuffer_update(VncConnection *conn, gint32 et
etype, width, height, x, y);
if (vnc_connection_has_error(conn))
- return !vnc_connection_has_error(conn);
+ return FALSE;
switch (etype) {
case VNC_CONNECTION_ENCODING_RAW:
@@ -3292,7 +3292,7 @@ static gboolean vnc_connection_server_message(VncConnection *conn)
int ret;
if (vnc_connection_has_error(conn))
- return !vnc_connection_has_error(conn);
+ return FALSE;
/* NB: make sure that all server message functions
handle has_error appropriately */
@@ -5838,7 +5838,7 @@ gboolean vnc_connection_set_auth_type(VncConnection *conn, unsigned int type)
VNC_DEBUG("Thinking about auth type %u", type);
if (priv->auth_type != VNC_CONNECTION_AUTH_INVALID) {
vnc_connection_set_error(conn, "%s", "Auth type has already been set");
- return !vnc_connection_has_error(conn);
+ return FALSE;
}
if (type != VNC_CONNECTION_AUTH_NONE &&
type != VNC_CONNECTION_AUTH_VNC &&
@@ -5851,7 +5851,7 @@ gboolean vnc_connection_set_auth_type(VncConnection *conn, unsigned int type)
vnc_connection_set_error(conn, "Auth type %u is not supported",
type);
g_signal_emit(conn, VNC_AUTH_UNSUPPORTED, 0, type);
- return !vnc_connection_has_error(conn);
+ return FALSE;
}
VNC_DEBUG("Decided on auth type %u", type);
priv->auth_type = type;
@@ -5880,11 +5880,11 @@ gboolean vnc_connection_set_auth_subtype(VncConnection *conn, unsigned int type)
priv->auth_type != VNC_CONNECTION_AUTH_TLS) {
vnc_connection_set_error(conn, "Auth type %u does not support subauth",
priv->auth_type);
- return !vnc_connection_has_error(conn);
+ return FALSE;
}
if (priv->auth_subtype != VNC_CONNECTION_AUTH_INVALID) {
vnc_connection_set_error(conn, "%s", "Auth subtype has already been set");
- return !vnc_connection_has_error(conn);
+ return FALSE;
}
priv->auth_subtype = type;

View File

@ -0,0 +1,333 @@
From fe4d5599a9aec8bcd2ad53d8e124630a53cd8394 Mon Sep 17 00:00:00 2001
From: Christophe Fergeau <cfergeau@redhat.com>
Date: Wed, 9 Jan 2019 14:01:26 +0100
Subject: [PATCH] conn: Use vnc_connection_has_error() extensively
It's better to call this helper rather than directly checking for
priv->coroutine_stop.
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
(cherry picked from commit ad6478a1e522f5e0c2f396ac3600dc35df5871a8)
Resolves: rhbz#1688275
---
src/vncconnection.c | 77 ++++++++++++++++++++++-----------------------
1 file changed, 37 insertions(+), 40 deletions(-)
diff --git a/src/vncconnection.c b/src/vncconnection.c
index fd7468b..bbf4373 100644
--- a/src/vncconnection.c
+++ b/src/vncconnection.c
@@ -736,7 +736,7 @@ static int vnc_connection_read_wire(VncConnection *conn, void *data, size_t len)
reread:
- if (priv->coroutine_stop) return -EINVAL;
+ if (vnc_connection_has_error(conn)) return -EINVAL;
if (priv->tls_session) {
ret = gnutls_read(priv->tls_session, data, len);
@@ -885,7 +885,7 @@ static int vnc_connection_read(VncConnection *conn, void *data, size_t len)
char *ptr = data;
size_t offset = 0;
- if (priv->coroutine_stop) return -EINVAL;
+ if (vnc_connection_has_error(conn)) return -EINVAL;
while (offset < len) {
size_t tmp;
@@ -941,7 +941,7 @@ static void vnc_connection_flush_wire(VncConnection *conn,
int ret;
gboolean blocking = FALSE;
- if (priv->coroutine_stop) return;
+ if (vnc_connection_has_error(conn)) return;
if (priv->tls_session) {
ret = gnutls_write(priv->tls_session,
@@ -2878,10 +2878,9 @@ static void vnc_connection_tight_update(VncConnection *conn,
static void vnc_connection_update(VncConnection *conn, int x, int y, int width, int height)
{
- VncConnectionPrivate *priv = conn->priv;
struct signal_data sigdata;
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return;
VNC_DEBUG("Notify update area (%dx%d) at location %d,%d", width, height, x, y);
@@ -2896,10 +2895,9 @@ static void vnc_connection_update(VncConnection *conn, int x, int y, int width,
static void vnc_connection_bell(VncConnection *conn)
{
- VncConnectionPrivate *priv = conn->priv;
struct signal_data sigdata;
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return;
VNC_DEBUG("Server beep");
@@ -2911,11 +2909,10 @@ static void vnc_connection_server_cut_text(VncConnection *conn,
const void *data,
size_t len)
{
- VncConnectionPrivate *priv = conn->priv;
struct signal_data sigdata;
GString *text;
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return;
text = g_string_new_len ((const gchar *)data, len);
@@ -2933,7 +2930,7 @@ static void vnc_connection_resize(VncConnection *conn, int width, int height)
VNC_DEBUG("Desktop resize w=%d h=%d", width, height);
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return;
priv->width = width;
@@ -2949,7 +2946,7 @@ static void vnc_connection_pixel_format(VncConnection *conn)
VncConnectionPrivate *priv = conn->priv;
struct signal_data sigdata;
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return;
sigdata.params.pixelFormat = &priv->fmt;
@@ -2967,7 +2964,7 @@ static void vnc_connection_pointer_type_change(VncConnection *conn, gboolean abs
return;
priv->absPointer = absPointer;
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return;
sigdata.params.absPointer = absPointer;
@@ -3028,7 +3025,7 @@ static void vnc_connection_rich_cursor(VncConnection *conn, guint16 x, guint16 y
priv->cursor = vnc_cursor_new(pixbuf, x, y, width, height);
}
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return;
sigdata.params.cursor = priv->cursor;
@@ -3093,7 +3090,7 @@ static void vnc_connection_xcursor(VncConnection *conn, guint16 x, guint16 y, gu
priv->cursor = vnc_cursor_new(pixbuf, x, y, width, height);
}
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return;
sigdata.params.cursor = priv->cursor;
@@ -3405,7 +3402,7 @@ static gboolean vnc_connection_server_message(VncConnection *conn)
n_type = vnc_connection_read_u8(conn);
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
break;
switch (n_type) {
@@ -3423,7 +3420,7 @@ static gboolean vnc_connection_server_message(VncConnection *conn)
n_length, 1024 * 1024);
break;
}
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
break;
if (!priv->audio) {
@@ -3491,7 +3488,7 @@ static gboolean vnc_connection_has_credentials(gpointer data)
VncConnection *conn = data;
VncConnectionPrivate *priv = conn->priv;
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return TRUE;
if (priv->want_cred_username && !priv->cred_username)
return FALSE;
@@ -3508,7 +3505,7 @@ static gboolean vnc_connection_gather_credentials(VncConnection *conn)
VNC_DEBUG("Checking if credentials are needed");
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return FALSE;
if (!vnc_connection_has_credentials(conn)) {
@@ -3546,7 +3543,7 @@ static gboolean vnc_connection_gather_credentials(VncConnection *conn)
g_value_array_free(authCred);
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return FALSE;
VNC_DEBUG("Waiting for missing credentials");
g_condition_wait(vnc_connection_has_credentials, conn);
@@ -3579,13 +3576,13 @@ static gboolean vnc_connection_check_auth_result(VncConnection *conn)
vnc_connection_read(conn, reason, len);
reason[len] = '\0';
VNC_DEBUG("Fail %s", reason);
- if (!priv->coroutine_stop) {
+ if (!vnc_connection_has_error(conn)) {
vnc_connection_set_error(conn, "%s", reason);
vnc_connection_auth_failure(conn, reason);
}
} else {
VNC_DEBUG("Fail auth no result");
- if (!priv->coroutine_stop) {
+ if (!vnc_connection_has_error(conn)) {
vnc_connection_set_error(conn, "%s", "Unknown authentication failure");
vnc_connection_auth_failure(conn, "Unknown authentication failure");
}
@@ -4197,7 +4194,7 @@ static gboolean vnc_connection_perform_auth_sasl(VncConnection *conn)
/* Get the supported mechanisms from the server */
mechlistlen = vnc_connection_read_u32(conn);
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
goto error;
if (mechlistlen > SASL_MAX_MECHLIST_LEN) {
vnc_connection_set_error(conn,
@@ -4209,7 +4206,7 @@ static gboolean vnc_connection_perform_auth_sasl(VncConnection *conn)
mechlist = g_malloc(mechlistlen+1);
vnc_connection_read(conn, mechlist, mechlistlen);
mechlist[mechlistlen] = '\0';
- if (priv->coroutine_stop) {
+ if (vnc_connection_has_error(conn)) {
g_free(mechlist);
mechlist = NULL;
goto error;
@@ -4266,14 +4263,14 @@ static gboolean vnc_connection_perform_auth_sasl(VncConnection *conn)
vnc_connection_write_u32(conn, 0);
}
vnc_connection_flush(conn);
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
goto error;
VNC_DEBUG("%s", "Getting sever start negotiation reply");
/* Read the 'START' message reply from server */
serverinlen = vnc_connection_read_u32(conn);
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
goto error;
if (serverinlen > SASL_MAX_DATA_LEN) {
vnc_connection_set_error(conn,
@@ -4292,7 +4289,7 @@ static gboolean vnc_connection_perform_auth_sasl(VncConnection *conn)
serverin = NULL;
}
complete = vnc_connection_read_u8(conn);
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
goto error;
VNC_DEBUG("Client start result complete: %d. Data %u bytes %p '%s'",
@@ -4354,13 +4351,13 @@ static gboolean vnc_connection_perform_auth_sasl(VncConnection *conn)
vnc_connection_write_u32(conn, 0);
}
vnc_connection_flush(conn);
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
goto error;
VNC_DEBUG("Server step with %u bytes %p", clientoutlen, clientout);
serverinlen = vnc_connection_read_u32(conn);
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
goto error;
if (serverinlen > SASL_MAX_DATA_LEN) {
vnc_connection_set_error(conn,
@@ -4379,7 +4376,7 @@ static gboolean vnc_connection_perform_auth_sasl(VncConnection *conn)
serverin = NULL;
}
complete = vnc_connection_read_u8(conn);
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
goto error;
VNC_DEBUG("Client step result complete: %d. Data %u bytes %p '%s'",
@@ -4524,7 +4521,7 @@ static gboolean vnc_connection_has_auth_subtype(gpointer data)
VncConnection *conn = data;
VncConnectionPrivate *priv = conn->priv;
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return TRUE;
if (priv->auth_subtype == VNC_CONNECTION_AUTH_INVALID)
return FALSE;
@@ -4597,15 +4594,15 @@ static gboolean vnc_connection_perform_auth_tls(VncConnection *conn)
VNC_DEBUG("Possible TLS sub-auth %u", auth[i]);
}
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return FALSE;
vnc_connection_choose_auth(conn, VNC_AUTH_CHOOSE_SUBTYPE, nauth, auth);
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return FALSE;
VNC_DEBUG("Waiting for TLS auth subtype");
g_condition_wait(vnc_connection_has_auth_subtype, conn);
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return FALSE;
VNC_DEBUG("Choose auth %u", priv->auth_subtype);
@@ -4672,15 +4669,15 @@ static gboolean vnc_connection_perform_auth_vencrypt(VncConnection *conn)
VNC_DEBUG("Possible VeNCrypt sub-auth %u", auth[i]);
}
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return FALSE;
vnc_connection_choose_auth(conn, VNC_AUTH_CHOOSE_SUBTYPE, nauth, auth);
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return FALSE;
VNC_DEBUG("Waiting for VeNCrypt auth subtype");
g_condition_wait(vnc_connection_has_auth_subtype, conn);
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return FALSE;
VNC_DEBUG("Choose auth %u", priv->auth_subtype);
@@ -4753,7 +4750,7 @@ static gboolean vnc_connection_has_auth_type(gpointer data)
VncConnection *conn = data;
VncConnectionPrivate *priv = conn->priv;
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return TRUE;
if (priv->auth_type == VNC_CONNECTION_AUTH_INVALID)
return FALSE;
@@ -4790,15 +4787,15 @@ static gboolean vnc_connection_perform_auth(VncConnection *conn)
VNC_DEBUG("Possible auth %u", auth[i]);
}
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return FALSE;
vnc_connection_choose_auth(conn, VNC_AUTH_CHOOSE_TYPE, nauth, auth);
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return FALSE;
VNC_DEBUG("Waiting for auth type");
g_condition_wait(vnc_connection_has_auth_type, conn);
- if (priv->coroutine_stop)
+ if (vnc_connection_has_error(conn))
return FALSE;
VNC_DEBUG("Choose auth %u", priv->auth_type);

View File

@ -0,0 +1,75 @@
From a820d8623e5eae48cb08b624c85fc846a198df16 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
Date: Fri, 11 Jan 2019 16:34:30 +0100
Subject: [PATCH] vnc_connection_start_tls: add deinit label
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Introduce a deinit label to unify cleanup paths which call gnutls_deinit.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
(cherry picked from commit e62d010777eecda47829e9da54bad3387f4d6231)
Resolves: rhbz#1665837
---
src/vncconnection.c | 19 +++++++++----------
1 file changed, 9 insertions(+), 10 deletions(-)
diff --git a/src/vncconnection.c b/src/vncconnection.c
index bbf4373..7b15211 100644
--- a/src/vncconnection.c
+++ b/src/vncconnection.c
@@ -4445,22 +4445,19 @@ static gboolean vnc_connection_start_tls(VncConnection *conn, int anonTLS)
}
if (gnutls_priority_set_direct(priv->tls_session, priority, NULL) < 0) {
- gnutls_deinit(priv->tls_session);
vnc_connection_set_error(conn, "%s", "Failed to set priority");
- return FALSE;
+ goto deinit;
}
if (anonTLS) {
gnutls_anon_client_credentials anon_cred = vnc_connection_tls_initialize_anon_cred();
if (!anon_cred) {
- gnutls_deinit(priv->tls_session);
vnc_connection_set_error(conn, "%s", "Failed to allocate credentials");
- return FALSE;
+ goto deinit;
}
if (gnutls_credentials_set(priv->tls_session, GNUTLS_CRD_ANON, anon_cred) < 0) {
- gnutls_deinit(priv->tls_session);
vnc_connection_set_error(conn, "%s", "Failed to initialize credentials");
- return FALSE;
+ goto deinit;
}
} else {
priv->want_cred_password = FALSE;
@@ -4471,14 +4468,12 @@ static gboolean vnc_connection_start_tls(VncConnection *conn, int anonTLS)
gnutls_certificate_credentials_t x509_cred = vnc_connection_tls_initialize_cert_cred(conn);
if (!x509_cred) {
- gnutls_deinit(priv->tls_session);
vnc_connection_set_error(conn, "%s", "Failed to allocate credentials");
- return FALSE;
+ goto deinit;
}
if (gnutls_credentials_set(priv->tls_session, GNUTLS_CRD_CERTIFICATE, x509_cred) < 0) {
- gnutls_deinit(priv->tls_session);
vnc_connection_set_error(conn, "%s", "Failed to initialize credentials");
- return FALSE;
+ goto deinit;
}
}
@@ -4514,6 +4509,10 @@ static gboolean vnc_connection_start_tls(VncConnection *conn, int anonTLS)
}
return TRUE;
}
+
+ deinit:
+ gnutls_deinit(priv->tls_session);
+ return FALSE;
}
static gboolean vnc_connection_has_auth_subtype(gpointer data)

View File

@ -0,0 +1,60 @@
From 47fdacf72c35cb89071084171e020b4846b3fbd6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
Date: Fri, 11 Jan 2019 16:34:31 +0100
Subject: [PATCH] vnc_connection_start_tls: set tls_session to NULL after
deinit
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Avoid a double free in case of a failure, e.g. when vnc_connection_tls_initialize_cert_cred
fails to read the certificate:
==1154== Invalid read of size 4
==1154== at 0x60870FB: gnutls_bye (record.c:288)
==1154== by 0x4A46B73: vnc_connection_close (vncconnection.c:5120)
==1154== by 0x4A4E6CA: vnc_connection_coroutine (vncconnection.c:5650)
==1154== by 0x4A51BCE: coroutine_trampoline (coroutine_ucontext.c:55)
==1154== by 0x5BD81FF: ??? (in /usr/lib64/libc-2.28.so)
==1154== by 0x175DB277: ???
==1154== Address 0x1847fcf0 is 384 bytes inside a block of size 6,496 free'd
==1154== at 0x4839A0C: free (vg_replace_malloc.c:540)
==1154== by 0x4A4B019: vnc_connection_start_tls (vncconnection.c:4466)
==1154== by 0x4A4CBE8: vnc_connection_perform_auth_vencrypt (vncconnection.c:4708)
==1154== by 0x4A4CBE8: vnc_connection_perform_auth (vncconnection.c:4818)
==1154== by 0x4A4CBE8: vnc_connection_initialize (vncconnection.c:5415)
==1154== by 0x4A4E50F: vnc_connection_coroutine (vncconnection.c:5639)
==1154== by 0x4A51BCE: coroutine_trampoline (coroutine_ucontext.c:55)
==1154== by 0x5BD81FF: ??? (in /usr/lib64/libc-2.28.so)
==1154== by 0x175DB277: ???
==1154== Block was alloc'd at
==1154== at 0x483AB1A: calloc (vg_replace_malloc.c:762)
==1154== by 0x60B6FDE: gnutls_init (state.c:465)
==1154== by 0x4A4AB28: vnc_connection_start_tls (vncconnection.c:4434)
==1154== by 0x4A4CBE8: vnc_connection_perform_auth_vencrypt (vncconnection.c:4708)
==1154== by 0x4A4CBE8: vnc_connection_perform_auth (vncconnection.c:4818)
==1154== by 0x4A4CBE8: vnc_connection_initialize (vncconnection.c:5415)
==1154== by 0x4A4E50F: vnc_connection_coroutine (vncconnection.c:5639)
==1154== by 0x4A51BCE: coroutine_trampoline (coroutine_ucontext.c:55)
==1154== by 0x5BD81FF: ??? (in /usr/lib64/libc-2.28.so)
==1154== by 0x175DB277: ???
Signed-off-by: Ján Tomko <jtomko@redhat.com>
(cherry picked from commit 7879ae9c747b4e95bb3850c4e67ca57d3ded82e3)
Resolves: rhbz#1665837
---
src/vncconnection.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/vncconnection.c b/src/vncconnection.c
index 7b15211..5321731 100644
--- a/src/vncconnection.c
+++ b/src/vncconnection.c
@@ -4512,6 +4512,7 @@ static gboolean vnc_connection_start_tls(VncConnection *conn, int anonTLS)
deinit:
gnutls_deinit(priv->tls_session);
+ priv->tls_session = NULL;
return FALSE;
}

View File

@ -32,11 +32,18 @@
Summary: A GTK2 widget for VNC clients Summary: A GTK2 widget for VNC clients
Name: gtk-vnc Name: gtk-vnc
Version: 0.9.0 Version: 0.9.0
Release: 1%{?dist}%{?extra_release} Release: 2%{?dist}%{?extra_release}
License: LGPLv2+ License: LGPLv2+
Source: http://ftp.gnome.org/pub/GNOME/sources/%{name}/0.5/%{name}-%{version}.tar.xz Source: http://ftp.gnome.org/pub/GNOME/sources/%{name}/0.5/%{name}-%{version}.tar.xz
Patch1: 0001-fix-crash-when-connection-fails-early.patch Patch1: 0001-fix-crash-when-connection-fails-early.patch
Patch2: 0002-gvnc-1.0.pc.in-Use-GLIB_REQUIRED.patch Patch2: 0002-gvnc-1.0.pc.in-Use-GLIB_REQUIRED.patch
Patch3: 0003-sasl-Factor-common-code-auth-failure.patch
Patch4: 0004-sasl-Emit-vnc-auth-failure-signal-on-SASL-auth-failu.patch
Patch5: 0005-conn-Report-error-if-vnc_connection_perform_auth_vnc.patch
Patch6: 0006-conn-Remove-redundant-vnc_connection_has_error-calls.patch
Patch7: 0007-conn-Use-vnc_connection_has_error-extensively.patch
Patch8: 0008-vnc_connection_start_tls-add-deinit-label.patch
Patch9: 0009-vnc_connection_start_tls-set-tls_session-to-NULL-aft.patch
URL: https://wiki.gnome.org/Projects/gtk-vnc URL: https://wiki.gnome.org/Projects/gtk-vnc
Requires: gvnc = %{version}-%{release} Requires: gvnc = %{version}-%{release}
%if %{with_gtk2} %if %{with_gtk2}
@ -159,6 +166,13 @@ Libraries, includes, etc. to compile with the gtk-vnc library
cd gtk-vnc-%{version} cd gtk-vnc-%{version}
%patch1 -p1 %patch1 -p1
%patch2 -p1 %patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
cd .. cd ..
%if %{with_gtk3} %if %{with_gtk3}
@ -322,6 +336,10 @@ rm -f %{buildroot}%{_libdir}/*.la
%endif %endif
%changelog %changelog
* Thu Nov 28 2019 Daniel P. Berrangé <berrange@redhat.com> - 0.9.0-2
- Fix crash when TLS handshake fails (rhbz #1665837)
- Ensure auth failure signal is emitted when SASL fails (rhbz #1688275)
* Thu Aug 30 2018 Daniel P. Berrangé <berrange@redhat.com> - 0.9.0-1 * Thu Aug 30 2018 Daniel P. Berrangé <berrange@redhat.com> - 0.9.0-1
- Update to 0.9.0 release - Update to 0.9.0 release
- Use gcrypt for DES impl instead of local DES impl (rhbz #1618426) - Use gcrypt for DES impl instead of local DES impl (rhbz #1618426)