From 5bbcddec459e79da916611e30fdb925d65126418 Mon Sep 17 00:00:00 2001 From: Troy Dawson Date: Thu, 21 Mar 2024 18:58:57 +0000 Subject: [PATCH] libvncserver package is retired on branch c10s for BAKERY-412 --- .gitignore | 9 - ...d-API-to-add-custom-I-O-entry-points.patch | 241 ------------ ...server-Add-channel-security-handlers.patch | 366 ------------------ dead.package | 1 + ffmpeg.patch | 10 - ...NCServer-0.9.13-system-crypto-policy.patch | 13 - libvncserver.spec | 326 ---------------- sources | 1 - 8 files changed, 1 insertion(+), 966 deletions(-) delete mode 100644 .gitignore delete mode 100644 0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch delete mode 100644 0002-libvncserver-Add-channel-security-handlers.patch create mode 100644 dead.package delete mode 100644 ffmpeg.patch delete mode 100644 libvncserver-LibVNCServer-0.9.13-system-crypto-policy.patch delete mode 100644 libvncserver.spec delete mode 100644 sources diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 2a79e4a..0000000 --- a/.gitignore +++ /dev/null @@ -1,9 +0,0 @@ -/LibVNCServer-0.9.8.2.tar.gz -/LibVNCServer-0.9.9.tar.gz -/LibVNCServer-0.9.10-646f844f.tar.gz -/LibVNCServer-0.9.10-9453be42.tar.gz -/LibVNCServer-0.9.10.tar.gz -/LibVNCServer-0.9.11.tar.gz -/LibVNCServer-0.9.12.tar.gz -/LibVNCServer-0.9.13.tar.gz -/LibVNCServer-0.9.14.tar.gz diff --git a/0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch b/0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch deleted file mode 100644 index 9060b60..0000000 --- a/0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch +++ /dev/null @@ -1,241 +0,0 @@ -From e4849b01fec4494057728d1aa3a165ed21705682 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Jonas=20=C3=85dahl?= -Date: Mon, 11 Jun 2018 23:47:02 +0200 -Subject: [PATCH 1/4] libvncserver: Add API to add custom I/O entry points - -Add API to make it possible to channel RFB input and output through -another layer, for example TLS. This is done by making it possible to -override the default read/write/peek functions. ---- - libvncserver/rfbserver.c | 4 ++ - libvncserver/sockets.c | 79 ++++++++++++++++++++++++++++++++++++---- - rfb/rfb.h | 17 +++++++++ - 3 files changed, 93 insertions(+), 7 deletions(-) - -diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c -index e9eaa5fc..72e9ba79 100644 ---- a/libvncserver/rfbserver.c -+++ b/libvncserver/rfbserver.c -@@ -319,6 +319,10 @@ rfbNewTCPOrUDPClient(rfbScreenInfoPtr rfbScreen, - - cl->screen = rfbScreen; - cl->sock = sock; -+ cl->readFromSocket = rfbDefaultReadFromSocket; -+ cl->peekAtSocket = rfbDefaultPeekAtSocket; -+ cl->hasPendingOnSocket = rfbDefaultHasPendingOnSocket; -+ cl->writeToSocket = rfbDefaultWriteToSocket; - cl->viewOnly = FALSE; - /* setup pseudo scaling */ - cl->scaledScreen = rfbScreen; -diff --git a/libvncserver/sockets.c b/libvncserver/sockets.c -index 2c87376b..4bb881ec 100644 ---- a/libvncserver/sockets.c -+++ b/libvncserver/sockets.c -@@ -101,6 +101,9 @@ int deny_severity=LOG_WARNING; - int rfbMaxClientWait = 20000; /* time (ms) after which we decide client has - gone away - needed to stop us hanging */ - -+static rfbBool -+rfbHasPendingOnSocket(rfbClientPtr cl); -+ - static rfbBool - rfbNewConnectionFromSock(rfbScreenInfoPtr rfbScreen, rfbSocket sock) - { -@@ -364,16 +367,20 @@ rfbCheckFds(rfbScreenInfoPtr rfbScreen,long usec) - tv.tv_usec = usec; - nfds = select(rfbScreen->maxFd + 1, &fds, NULL, NULL /* &fds */, &tv); - if (nfds == 0) { -+ rfbBool hasPendingData = FALSE; -+ - /* timed out, check for async events */ - i = rfbGetClientIterator(rfbScreen); - while((cl = rfbClientIteratorNext(i))) { - if (cl->onHold) - continue; -+ hasPendingData |= rfbHasPendingOnSocket(cl); - if (FD_ISSET(cl->sock, &(rfbScreen->allFds))) - rfbSendFileTransferChunk(cl); - } - rfbReleaseClientIterator(i); -- return result; -+ if (!hasPendingData) -+ return result; - } - - if (nfds < 0) { -@@ -449,9 +456,11 @@ rfbCheckFds(rfbScreenInfoPtr rfbScreen,long usec) - if (cl->onHold) - continue; - -- if (FD_ISSET(cl->sock, &(rfbScreen->allFds))) -+ if (rfbHasPendingOnSocket (cl) || -+ FD_ISSET(cl->sock, &(rfbScreen->allFds))) - { -- if (FD_ISSET(cl->sock, &fds)) -+ if (rfbHasPendingOnSocket (cl) || -+ FD_ISSET(cl->sock, &fds)) - { - #ifdef LIBVNCSERVER_WITH_WEBSOCKETS - do { -@@ -614,6 +623,30 @@ rfbConnect(rfbScreenInfoPtr rfbScreen, - return sock; - } - -+int -+rfbDefaultReadFromSocket(rfbClientPtr cl, char *buf, int len) -+{ -+ return read(cl->sock, buf, len); -+} -+ -+static int -+rfbReadFromSocket(rfbClientPtr cl, char *buf, int len) -+{ -+ return cl->readFromSocket(cl, buf, len); -+} -+ -+rfbBool -+rfbDefaultHasPendingOnSocket(rfbClientPtr cl) -+{ -+ return FALSE; -+} -+ -+static rfbBool -+rfbHasPendingOnSocket(rfbClientPtr cl) -+{ -+ return cl->hasPendingOnSocket(cl); -+} -+ - /* - * ReadExact reads an exact number of bytes from a client. Returns 1 if - * those bytes have been read, 0 if the other end has closed, or -1 if an error -@@ -635,10 +668,10 @@ rfbReadExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout) - } else if (cl->sslctx) { - n = rfbssl_read(cl, buf, len); - } else { -- n = read(sock, buf, len); -+ n = rfbReadFromSocket(cl, buf, len); - } - #else -- n = read(sock, buf, len); -+ n = rfbReadFromSocket(cl, buf, len); - #endif - - if (n > 0) { -@@ -670,6 +703,10 @@ rfbReadExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout) - continue; - } - #endif -+ -+ if (rfbHasPendingOnSocket(cl)) -+ continue; -+ - FD_ZERO(&fds); - FD_SET(sock, &fds); - tv.tv_sec = timeout / 1000; -@@ -706,6 +743,18 @@ int rfbReadExact(rfbClientPtr cl,char* buf,int len) - return(rfbReadExactTimeout(cl,buf,len,rfbMaxClientWait)); - } - -+int -+rfbDefaultPeekAtSocket(rfbClientPtr cl, char *buf, int len) -+{ -+ return recv(cl->sock, buf, len, MSG_PEEK); -+} -+ -+int -+rfbPeekAtSocket(rfbClientPtr cl, char *buf, int len) -+{ -+ cl->peekAtSocket(cl, buf, len); -+} -+ - /* - * PeekExact peeks at an exact number of bytes from a client. Returns 1 if - * those bytes have been read, 0 if the other end has closed, or -1 if an -@@ -726,7 +775,7 @@ rfbPeekExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout) - n = rfbssl_peek(cl, buf, len); - else - #endif -- n = recv(sock, buf, len, MSG_PEEK); -+ n = rfbPeekAtSocket(cl, buf, len); - - if (n == len) { - -@@ -782,6 +831,22 @@ rfbPeekExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout) - return 1; - } - -+int -+rfbDefaultWriteToSocket(rfbClientPtr cl, -+ const char *buf, -+ int len) -+{ -+ return write(cl->sock, buf, len); -+} -+ -+static int -+rfbWriteToSocket(rfbClientPtr cl, -+ const char *buf, -+ int len) -+{ -+ return cl->writeToSocket(cl, buf, len); -+} -+ - /* - * WriteExact writes an exact number of bytes to a client. Returns 1 if - * those bytes have been written, or -1 if an error occurred (errno is set to -@@ -826,7 +891,7 @@ rfbWriteExact(rfbClientPtr cl, - n = rfbssl_write(cl, buf, len); - else - #endif -- n = write(sock, buf, len); -+ n = rfbWriteToSocket(cl, buf, len); - - if (n > 0) { - -diff --git a/rfb/rfb.h b/rfb/rfb.h -index 5e9ba86f..3c0b25a3 100644 ---- a/rfb/rfb.h -+++ b/rfb/rfb.h -@@ -398,6 +398,14 @@ typedef struct sraRegion* sraRegionPtr; - typedef void (*ClientGoneHookPtr)(struct _rfbClientRec* cl); - typedef void (*ClientFramebufferUpdateRequestHookPtr)(struct _rfbClientRec* cl, rfbFramebufferUpdateRequestMsg* furMsg); - -+typedef int (*ClientReadFromSocket)(struct _rfbClientRec* cl, -+ char *buf, int len); -+typedef int (*ClientPeekAtSocket)(struct _rfbClientRec* cl, -+ char *buf, int len); -+typedef rfbBool (*ClientHasPendingOnSocket)(struct _rfbClientRec* cl); -+typedef int (*ClientWriteToSocket)(struct _rfbClientRec* cl, -+ const char *buf, int len); -+ - typedef struct _rfbFileTransferData { - int fd; - int compressionEnabled; -@@ -707,6 +715,11 @@ typedef struct _rfbClientRec { - int tightPngDstDataLen; - #endif - #endif -+ -+ ClientReadFromSocket readFromSocket; /* Read data from socket */ -+ ClientPeekAtSocket peekAtSocket; /* Peek at data from socket */ -+ ClientHasPendingOnSocket hasPendingOnSocket; /* Peek at data from socket */ -+ ClientWriteToSocket writeToSocket; /* Write data to socket */ - } rfbClientRec, *rfbClientPtr; - - /** -@@ -759,8 +772,12 @@ extern void rfbDisconnectUDPSock(rfbScre - extern void rfbCloseClient(rfbClientPtr cl); - extern int rfbReadExact(rfbClientPtr cl, char *buf, int len); - extern int rfbReadExactTimeout(rfbClientPtr cl, char *buf, int len,int timeout); -+extern int rfbDefaultReadFromSocket(rfbClientPtr cl, char *buf, int len); - extern int rfbPeekExactTimeout(rfbClientPtr cl, char *buf, int len,int timeout); -+extern int rfbDefaultPeekAtSocket(rfbClientPtr cl, char *buf, int len); -+extern rfbBool rfbDefaultHasPendingOnSocket(rfbClientPtr cl); - extern int rfbWriteExact(rfbClientPtr cl, const char *buf, int len); -+extern int rfbDefaultWriteToSocket(rfbClientPtr cl, const char *buf, int len); - extern int rfbCheckFds(rfbScreenInfoPtr rfbScreen,long usec); - extern rfbSocket rfbConnect(rfbScreenInfoPtr rfbScreen, char* host, int port); - extern rfbSocket rfbConnectToTcpAddr(char* host, int port); --- -2.28.0 - diff --git a/0002-libvncserver-Add-channel-security-handlers.patch b/0002-libvncserver-Add-channel-security-handlers.patch deleted file mode 100644 index 12b8fc2..0000000 --- a/0002-libvncserver-Add-channel-security-handlers.patch +++ /dev/null @@ -1,366 +0,0 @@ -From c9131a78878a785c3de21e9d49521d7b68400ad7 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Jonas=20=C3=85dahl?= -Date: Mon, 11 Jun 2018 23:50:05 +0200 -Subject: [PATCH 2/4] libvncserver: Add channel security handlers - -Add another type of security handler that is meant to be used initially -to set up a secure channel. Regular security handlers would be -advertised and processed after any channel security have succeeded. - -For example, this, together with the custom I/O functions allows a -LibVNCServer user to implement TLS in combination with VNCAuth. This is -done by adding a single channel security handler with the rfbTLS (18) -with a handler that initiates a TLS session, and when a TLS session is -initiated, the regular security handler list is sent. ---- - libvncserver/auth.c | 164 ++++++++++++++++++++++++++++++--------- - libvncserver/rfbserver.c | 1 + - rfb/rfb.h | 15 +++- - 3 files changed, 142 insertions(+), 38 deletions(-) - -diff --git a/libvncserver/auth.c b/libvncserver/auth.c -index 814a8142..55e0b3c9 100644 ---- a/libvncserver/auth.c -+++ b/libvncserver/auth.c -@@ -37,18 +37,17 @@ void rfbClientSendString(rfbClientPtr cl, const char *reason); - * Handle security types - */ - -+/* Channel security handlers to set up a secure channel, e.g. TLS. */ -+static rfbSecurityHandler* channelSecurityHandlers = NULL; -+ -+/* Security handlers when channel security is established. */ - static rfbSecurityHandler* securityHandlers = NULL; - --/* -- * This method registers a list of new security types. -- * It avoids same security type getting registered multiple times. -- * The order is not preserved if multiple security types are -- * registered at one-go. -- */ - void --rfbRegisterSecurityHandler(rfbSecurityHandler* handler) -+rfbRegisterSecurityHandlerTo(rfbSecurityHandler* handler, -+ rfbSecurityHandler** handlerList) - { -- rfbSecurityHandler *head = securityHandlers, *next = NULL; -+ rfbSecurityHandler *head = *handlerList, *next = NULL; - - if(handler == NULL) - return; -@@ -57,39 +56,35 @@ rfbRegisterSecurityHandler(rfbSecurityHandler* handler) - - while(head != NULL) { - if(head == handler) { -- rfbRegisterSecurityHandler(next); -+ rfbRegisterSecurityHandlerTo(next, handlerList); - return; - } - - head = head->next; - } - -- handler->next = securityHandlers; -- securityHandlers = handler; -+ handler->next = *handlerList; -+ *handlerList = handler; - -- rfbRegisterSecurityHandler(next); -+ rfbRegisterSecurityHandlerTo(next, handlerList); - } - --/* -- * This method unregisters a list of security types. -- * These security types won't be available for any new -- * client connection. -- */ --void --rfbUnregisterSecurityHandler(rfbSecurityHandler* handler) -+static void -+rfbUnregisterSecurityHandlerFrom(rfbSecurityHandler* handler, -+ rfbSecurityHandler** handlerList) - { - rfbSecurityHandler *cur = NULL, *pre = NULL; - - if(handler == NULL) - return; - -- if(securityHandlers == handler) { -- securityHandlers = securityHandlers->next; -- rfbUnregisterSecurityHandler(handler->next); -+ if(*handlerList == handler) { -+ *handlerList = (*handlerList)->next; -+ rfbUnregisterSecurityHandlerFrom(handler->next, handlerList); - return; - } - -- cur = pre = securityHandlers; -+ cur = pre = *handlerList; - - while(cur) { - if(cur == handler) { -@@ -99,7 +94,50 @@ rfbUnregisterSecurityHandler(rfbSecurityHandler* handler) - pre = cur; - cur = cur->next; - } -- rfbUnregisterSecurityHandler(handler->next); -+ rfbUnregisterSecurityHandlerFrom(handler->next, handlerList); -+} -+ -+void -+rfbRegisterChannelSecurityHandler(rfbSecurityHandler* handler) -+{ -+ rfbRegisterSecurityHandlerTo(handler, &channelSecurityHandlers); -+} -+ -+/* -+ * This method unregisters a list of security types. -+ * These security types won't be available for any new -+ * client connection. -+ */ -+ -+void -+rfbUnregisterChannelSecurityHandler(rfbSecurityHandler* handler) -+{ -+ rfbUnregisterSecurityHandlerFrom(handler, &channelSecurityHandlers); -+} -+ -+/* -+ * This method registers a list of new security types. -+ * It avoids same security type getting registered multiple times. -+ * The order is not preserved if multiple security types are -+ * registered at one-go. -+ */ -+ -+void -+rfbRegisterSecurityHandler(rfbSecurityHandler* handler) -+{ -+ rfbRegisterSecurityHandlerTo(handler, &securityHandlers); -+} -+ -+/* -+ * This method unregisters a list of security types. -+ * These security types won't be available for any new -+ * client connection. -+ */ -+ -+void -+rfbUnregisterSecurityHandler(rfbSecurityHandler* handler) -+{ -+ rfbUnregisterSecurityHandlerFrom(handler, &securityHandlers); - } - - /* -@@ -197,9 +235,22 @@ static rfbSecurityHandler VncSecurityHandlerNone = { - NULL - }; - -+static int32_t -+determinePrimarySecurityType(rfbClientPtr cl) -+{ -+ if (!cl->screen->authPasswdData || cl->reverseConnection) { -+ /* chk if this condition is valid or not. */ -+ return rfbSecTypeNone; -+ } else if (cl->screen->authPasswdData) { -+ return rfbSecTypeVncAuth; -+ } else { -+ return rfbSecTypeInvalid; -+ } -+} - --static void --rfbSendSecurityTypeList(rfbClientPtr cl, int primaryType) -+void -+rfbSendSecurityTypeList(rfbClientPtr cl, -+ enum rfbSecurityTag exclude) - { - /* The size of the message is the count of security types +1, - * since the first byte is the number of types. */ -@@ -207,9 +207,10 @@ rfbSendSecurityTypeList(rfbClientPtr cl, - rfbSecurityHandler* handler; - #define MAX_SECURITY_TYPES 255 - uint8_t buffer[MAX_SECURITY_TYPES+1]; -- -+ int32_t primaryType; - - /* Fill in the list of security types in the client structure. (NOTE: Not really in the client structure) */ -+ primaryType = determinePrimarySecurityType(cl); - switch (primaryType) { - case rfbSecTypeNone: - rfbUnregisterSecurityHandler(&VncSecurityHandlerVncAuth); -@@ -221,6 +273,9 @@ rfbSendSecurityTypeList(rfbClientPtr cl, int primaryType) - - for (handler = securityHandlers; - handler && sizenext) { -+ if (exclude && (handler->securityTags & exclude)) -+ continue; -+ - buffer[size] = handler->type; - size++; - } -@@ -249,7 +304,29 @@ rfbSendSecurityTypeList(rfbClientPtr cl, int primaryType) - cl->state = RFB_SECURITY_TYPE; - } - -+static void -+rfbSendChannelSecurityTypeList(rfbClientPtr cl) -+{ -+ int size = 1; -+ rfbSecurityHandler* handler; -+ uint8_t buffer[MAX_SECURITY_TYPES+1]; -+ -+ for (handler = channelSecurityHandlers; -+ handler && sizenext) { -+ buffer[size] = handler->type; -+ size++; -+ } -+ buffer[0] = (unsigned char)size-1; -+ -+ if (rfbWriteExact(cl, (char *)buffer, size) < 0) { -+ rfbLogPerror("rfbSendSecurityTypeList: write"); -+ rfbCloseClient(cl); -+ return; -+ } - -+ /* Dispatch client input to rfbProcessClientChannelSecurityType. */ -+ cl->state = RFB_CHANNEL_SECURITY_TYPE; -+} - - - /* -@@ -297,18 +374,19 @@ rfbSendSecurityType(rfbClientPtr cl, int32_t securityType) - void - rfbAuthNewClient(rfbClientPtr cl) - { -- int32_t securityType = rfbSecTypeInvalid; -+ int32_t securityType; - -- if (!cl->screen->authPasswdData || cl->reverseConnection) { -- /* chk if this condition is valid or not. */ -- securityType = rfbSecTypeNone; -- } else if (cl->screen->authPasswdData) { -- securityType = rfbSecTypeVncAuth; -- } -+ securityType = determinePrimarySecurityType(cl); - - if (cl->protocolMajorVersion==3 && cl->protocolMinorVersion < 7) - { - /* Make sure we use only RFB 3.3 compatible security types. */ -+ if (channelSecurityHandlers) { -+ rfbLog("VNC channel security enabled - RFB 3.3 client rejected\n"); -+ rfbClientConnFailed(cl, "Your viewer cannot hnadler required " -+ "security methods"); -+ return; -+ } - if (securityType == rfbSecTypeInvalid) { - rfbLog("VNC authentication disabled - RFB 3.3 client rejected\n"); - rfbClientConnFailed(cl, "Your viewer cannot handle required " -@@ -316,9 +394,13 @@ rfbAuthNewClient(rfbClientPtr cl) - return; - } - rfbSendSecurityType(cl, securityType); -+ } else if (channelSecurityHandlers) { -+ rfbLog("Send channel security type list\n"); -+ rfbSendChannelSecurityTypeList(cl); - } else { - /* Here it's ok when securityType is set to rfbSecTypeInvalid. */ -- rfbSendSecurityTypeList(cl, securityType); -+ rfbLog("Send channel security type 'none'\n"); -+ rfbSendSecurityTypeList(cl, RFB_SECURITY_TAG_NONE); - } - } - -@@ -332,6 +414,7 @@ rfbProcessClientSecurityType(rfbClientPtr cl) - int n; - uint8_t chosenType; - rfbSecurityHandler* handler; -+ rfbSecurityHandler* handlerListHead; - - /* Read the security type. */ - n = rfbReadExact(cl, (char *)&chosenType, 1); -@@ -344,8 +427,17 @@ rfbProcessClientSecurityType(rfbClientPtr cl) - return; - } - -+ switch (cl->state) { -+ case RFB_CHANNEL_SECURITY_TYPE: -+ handlerListHead = channelSecurityHandlers; -+ break; -+ case RFB_SECURITY_TYPE: -+ handlerListHead = securityHandlers; -+ break; -+ } -+ - /* Make sure it was present in the list sent by the server. */ -- for (handler = securityHandlers; handler; handler = handler->next) { -+ for (handler = handlerListHead; handler; handler = handler->next) { - if (chosenType == handler->type) { - rfbLog("rfbProcessClientSecurityType: executing handler for type %d\n", chosenType); - handler->handler(cl); -diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c -index 72e9ba79..48eada64 100644 ---- a/libvncserver/rfbserver.c -+++ b/libvncserver/rfbserver.c -@@ -652,6 +652,7 @@ rfbProcessClientMessage(rfbClientPtr cl) - case RFB_PROTOCOL_VERSION: - rfbProcessClientProtocolVersion(cl); - return; -+ case RFB_CHANNEL_SECURITY_TYPE: - case RFB_SECURITY_TYPE: - rfbProcessClientSecurityType(cl); - return; -diff --git a/rfb/rfb.h b/rfb/rfb.h -index 3c0b25a3..d136f884 100644 ---- a/rfb/rfb.h -+++ b/rfb/rfb.h -@@ -144,6 +144,11 @@ typedef struct { - } data; /**< there have to be count*3 entries */ - } rfbColourMap; - -+enum rfbSecurityTag { -+ RFB_SECURITY_TAG_NONE = 0, -+ RFB_SECURITY_TAG_CHANNEL = 1 << 0 -+}; -+ - /** - * Security handling (RFB protocol version 3.7) - */ -@@ -152,6 +157,7 @@ typedef struct _rfbSecurity { - uint8_t type; - void (*handler)(struct _rfbClientRec* cl); - struct _rfbSecurity* next; -+ enum rfbSecurityTag securityTags; - } rfbSecurityHandler; - - /** -@@ -480,7 +486,7 @@ typedef struct _rfbClientRec { - /** Possible client states: */ - enum { - RFB_PROTOCOL_VERSION, /**< establishing protocol version */ -- RFB_SECURITY_TYPE, /**< negotiating security (RFB v.3.7) */ -+ RFB_SECURITY_TYPE, /**< negotiating security (RFB v.3.7) */ - RFB_AUTHENTICATION, /**< authenticating */ - RFB_INITIALISATION, /**< sending initialisation messages */ - RFB_NORMAL, /**< normal protocol messages */ -@@ -500,6 +506,8 @@ typedef struct _rfbClientRec { - * using LibVNCServer to provide services: */ - - RFB_INITIALISATION_SHARED, /**< sending initialisation messages with implicit shared-flag already true */ -+ -+ RFB_CHANNEL_SECURITY_TYPE, /**< negotiating security (RFB v.3.7) */ - RFB_SHUTDOWN /**< Client is shutting down */ - } state; - -@@ -840,6 +848,9 @@ extern void rfbProcessClientSecurityType(rfbClientPtr cl); - extern void rfbAuthProcessClientMessage(rfbClientPtr cl); - extern void rfbRegisterSecurityHandler(rfbSecurityHandler* handler); - extern void rfbUnregisterSecurityHandler(rfbSecurityHandler* handler); -+extern void rfbRegisterChannelSecurityHandler(rfbSecurityHandler* handler); -+extern void rfbUnregisterChannelSecurityHandler(rfbSecurityHandler* handler); -+extern void rfbSendSecurityTypeList(rfbClientPtr cl, enum rfbSecurityTag exclude); - - /* rre.c */ - --- -2.28.0 - diff --git a/dead.package b/dead.package new file mode 100644 index 0000000..d7ad94e --- /dev/null +++ b/dead.package @@ -0,0 +1 @@ +libvncserver package is retired on branch c10s for BAKERY-412 \ No newline at end of file diff --git a/ffmpeg.patch b/ffmpeg.patch deleted file mode 100644 index c2c422e..0000000 --- a/ffmpeg.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- ./CMakeLists.txt.orig 2023-11-17 00:42:59.088325120 +0000 -+++ ./CMakeLists.txt 2023-11-17 00:44:57.007106061 +0000 -@@ -619,6 +619,7 @@ if(NOT LIBSSH2_FOUND) - endif() - - if(FFMPEG_FOUND) -+ include_directories(${FFMPEG_INCLUDE_DIRS}) - set(LIBVNCCLIENT_EXAMPLES - ${LIBVNCCLIENT_EXAMPLES} - vnc2mpg diff --git a/libvncserver-LibVNCServer-0.9.13-system-crypto-policy.patch b/libvncserver-LibVNCServer-0.9.13-system-crypto-policy.patch deleted file mode 100644 index bce1b83..0000000 --- a/libvncserver-LibVNCServer-0.9.13-system-crypto-policy.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- ./libvncclient/tls_gnutls.c.crypto_policy 2023-11-15 13:20:04.136352789 +0000 -+++ ./libvncclient/tls_gnutls.c 2023-11-15 13:21:40.971072818 +0000 -@@ -25,8 +25,8 @@ - #include "tls.h" - - --static const char *rfbTLSPriority = "NORMAL:+DHE-DSS:+RSA:+DHE-RSA:+SRP"; --static const char *rfbAnonTLSPriority = "NORMAL:+ANON-ECDH:+ANON-DH"; -+static const char *rfbTLSPriority = "@SYSTEM"; -+static const char *rfbAnonTLSPriority= "@SYSTEM:+ANON-DH"; - - #define DH_BITS 1024 - static gnutls_dh_params_t rfbDHParams; diff --git a/libvncserver.spec b/libvncserver.spec deleted file mode 100644 index b5b023d..0000000 --- a/libvncserver.spec +++ /dev/null @@ -1,326 +0,0 @@ -%undefine __cmake_in_source_build - -Summary: Library to make writing a VNC server easy -Name: libvncserver -Version: 0.9.14 -Release: 1%{?dist} - -# NOTE: --with-filetransfer => GPLv2 -License: GPL-2.0-or-later -URL: http://libvnc.github.io/ -Source0: https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{version}.tar.gz - -## TLS security type enablement patches -# https://github.com/LibVNC/libvncserver/pull/234 -Patch10: 0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch -Patch11: 0002-libvncserver-Add-channel-security-handlers.patch -Patch12: ffmpeg.patch - -## downstream patches -Patch102: libvncserver-LibVNCServer-0.9.13-system-crypto-policy.patch - -BuildRequires: gcc-c++ -BuildRequires: cmake -BuildRequires: pkgconfig(gnutls) -BuildRequires: pkgconfig(sdl2) -BuildRequires: pkgconfig(libsystemd) -BuildRequires: pkgconfig(x11) -BuildRequires: pkgconfig(xdamage) -BuildRequires: pkgconfig(xext) -BuildRequires: pkgconfig(xrandr) -BuildRequires: pkgconfig(xtst) -BuildRequires: pkgconfig(xinerama) -BuildRequires: pkgconfig(xfixes) -BuildRequires: pkgconfig(openssl) -BuildRequires: pkgconfig(zlib) -BuildRequires: pkgconfig(libjpeg) -BuildRequires: pkgconfig(libpng) -#BuildRequires: pkgconfig(lzo2) -BuildRequires: pkgconfig(libavformat) -BuildRequires: pkgconfig(libavcodec) -BuildRequires: pkgconfig(libavutil) -BuildRequires: pkgconfig(libswscale) -BuildRequires: gettext-devel -BuildRequires: libgcrypt-devel -BuildRequires: lzo-devel -BuildRequires: lzo-minilzo -BuildRequires: pkgconfig(libcrypto) -BuildRequires: pkgconfig(libssl) -# Additional deps for --with-x11vnc, see https://bugzilla.redhat.com/show_bug.cgi?id=864947 -BuildRequires: pkgconfig(avahi-client) -BuildRequires: pkgconfig(ice) -BuildRequires: pkgconfig(x11) -BuildRequires: pkgconfig(xdamage) -BuildRequires: pkgconfig(xext) -BuildRequires: pkgconfig(xfixes) -BuildRequires: pkgconfig(xi) -BuildRequires: pkgconfig(xinerama) -BuildRequires: pkgconfig(xrandr) -BuildRequires: pkgconfig(xtst) - -# For %%check -BuildRequires: xorg-x11-xauth -BuildRequires: zlib-devel - -%description -LibVNCServer makes writing a VNC server (or more correctly, a program exporting -a frame-buffer via the Remote Frame Buffer protocol) easy. - -It hides the programmer from the tedious task of managing clients and -compression schemata. - -%package devel -Summary: Development files for %{name} -Requires: %{name}%{?_isa} = %{version}-%{release} -# libvncserver-config deps -Requires: coreutils -# /usr/include/rfb/rfbproto.h:#include -Requires: zlib-devel - -%description devel -The %{name}-devel package contains libraries and header files for -developing applications that use %{name}. - - -%prep -%setup -q -n %{name}-LibVNCServer-%{version} - -%patch -P10 -p1 -b .tls-1 -%patch -P11 -p1 -b .tls-2 -%patch -P12 -p1 -b .include_ffmpeg -%patch -P102 -p1 -b .crypto_policy - -# Nuke bundled minilzo -#rm common/base64.c -#rm common/base64.h -#rm common/crypto.h -#rm common/crypto_included.c -#rm common/crypto_libgcrypt.c -rm common/crypto_openssl.c -rm common/d3des.c -rm common/d3des.h -rm common/minilzo.h -rm common/sha1.c -rm common/sha.h -rm common/sha-private.h -#rm common/sockets.c -#rm common/sockets.h -#rm common/turbojpeg.c -#rm common/turbojpeg.h -#rm common/vncauth.c -#rm common/zywrletemplate.c - -# Fix encoding -for file in ChangeLog ; do - mv ${file} ${file}.OLD && \ - iconv -f ISO_8859-1 -t UTF8 ${file}.OLD > ${file} && \ - touch --reference ${file}.OLD $file -done - - -%build -%cmake - -%cmake_build - - -%install -%cmake_install - - -%files -%license COPYING -%doc AUTHORS ChangeLog NEWS* README* CONTRIBUTING.md HISTORY.md SECURITY.md -%{_libdir}/libvncclient.so.1 -%{_libdir}/libvncclient.so.%{version} -%{_libdir}/libvncserver.so.1 -%{_libdir}/libvncserver.so.%{version} - -%files devel -#{_bindir}/libvncserver-config -%{_includedir}/rfb/ -%{_libdir}/libvncclient.so -%{_libdir}/libvncserver.so -%{_libdir}/pkgconfig/libvncclient.pc -%{_libdir}/pkgconfig/libvncserver.pc -%{_libdir}/cmake/LibVNCServer/*.cmake - - -%changelog -* Wed Nov 15 2023 Sérgio Basto - 0.9.14-1 -- Update to 0.9.14 (#2155072) -- Enable ffmpeg - -* Thu Jul 20 2023 Fedora Release Engineering - 0.9.13-15 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild - -* Thu Jan 19 2023 Fedora Release Engineering - 0.9.13-14 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild - -* Thu Jul 21 2022 Fedora Release Engineering - 0.9.13-13 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild - -* Thu Jan 20 2022 Fedora Release Engineering - 0.9.13-12 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild - -* Thu Jul 22 2021 Fedora Release Engineering - 0.9.13-11 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild - -* Tue Jan 26 2021 Fedora Release Engineering - 0.9.13-10 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild - -* Mon Oct 12 2020 Adam Williamson - 0.9.13-9 -- Backport another crasher fix (#1882718) - -* Fri Oct 09 2020 Adam Williamson - 0.9.13-8 -- Rebase all patches so Patch12 applies -- Backport PR #444 to fix crash on all runs after the first (#1882718) - -* Mon Sep 14 2020 Jonas Ådahl - 0.9.13-7 -- Add API to unregister security handlers - -* Tue Aug 25 2020 Rex Dieter - 0.9.13-6 -- -devel: +Requires: zlib-devel - -* Mon Aug 03 2020 Rex Dieter - 0.9.13-5 -- use new cmake macros - -* Sat Aug 01 2020 Fedora Release Engineering - 0.9.13-4 -- Second attempt - Rebuilt for - https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild - -* Tue Jul 28 2020 Fedora Release Engineering - 0.9.13-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild - -* Thu Jul 02 2020 Rex Dieter - 0.9.13-2 -- tls patches rebased - -* Thu Jul 02 2020 Rex Dieter - 0.9.13-1 -- 0.9.13 -- FIXME/TODO: tls patches need rebasing, work-in-progress - -* Tue Feb 11 2020 Sérgio Basto - 0.9.12-1 -- Update to 0.9.12 - -* Wed Jan 29 2020 Fedora Release Engineering - 0.9.11-11 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild - -* Thu Jul 25 2019 Fedora Release Engineering - 0.9.11-10 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild - -* Fri Feb 01 2019 Fedora Release Engineering - 0.9.11-9 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild - -* Fri Jul 13 2018 Fedora Release Engineering - 0.9.11-8 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild - -* Tue Jun 19 2018 Jonas Ådahl - 0.9.11-7 -- Add API to enable implementing TLS security type - -* Mon Feb 26 2018 Petr Pisar - 0.9.11-6 -- Fix CVE-2018-7225 (bug #1546860) - -* Wed Feb 07 2018 Fedora Release Engineering - 0.9.11-5.1 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild - -* Thu Aug 03 2017 Fedora Release Engineering - 0.9.11-4.1 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild - -* Wed Jul 26 2017 Fedora Release Engineering - 0.9.11-3.1 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild - -* Wed May 17 2017 Rex Dieter - 0.9.11-2.1 -- revert soname bump for < f26 - -* Tue May 16 2017 Rex Dieter - 0.9.11-2 -- libvncclient sets +SRP in priority string (#1449605) -- libvncserver blocks gtk-vnc clients >= 0.7.0 (#1451321) - -* Tue Feb 14 2017 Rex Dieter - 0.9.11-1 -- 0.9.11 (#1421948) - -* Fri Feb 10 2017 Fedora Release Engineering - 0.9.10-6 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild - -* Thu Feb 18 2016 Than Ngo - 0.9.10-5 -- fix conflict with max() macro with gcc6, which causes build failure in KDE/Qt - like krfb - -* Thu Feb 04 2016 Fedora Release Engineering - 0.9.10-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild - -* Thu Dec 17 2015 Simone Caronni - 0.9.10-3 -- Update crypto policies patch. - -* Sat Dec 12 2015 Simone Caronni - 0.9.10-2 -- Add patch for using system crypto policies (#1179318). - -* Fri Dec 11 2015 Simone Caronni - 0.9.10-1 -- Update to official 0.9.10 release, update configure parameters and remove - upstreamed patches. -- Trim changelog. -- Clean up SPEC file. -- Add license macro. -- Remove very old obsolete/provides on pacakge with camel case (LibVNCServer). - -* Wed Jun 17 2015 Fedora Release Engineering - 0.9.10-0.7.20140718git9453be42 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - -* Thu Sep 25 2014 Rex Dieter 0.9.10-0.6.20140718git9453be42 -- Security fixes (#1145878) ... -- CVE-2014-6051 (#1144287) -- CVE-2014-6052 (#1144288) -- CVE-2014-6053 (#1144289) -- CVE-2014-6054 (#1144291) -- CVE-2014-6055 (#1144293) - -* Sun Aug 17 2014 Fedora Release Engineering - 0.9.10-0.5.20140718git9453be42 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild - -* Sun Aug 03 2014 Rex Dieter 0.9.10-0.4.20140718git9453be42 -- 20140718git9453be42 snapshot - -* Sun Aug 03 2014 Rex Dieter 0.9.10-0.3.20140405git646f844f -- include krfb patches (upstream pull request #16) - -* Sat Jun 07 2014 Fedora Release Engineering - 0.9.10-0.2.20140405git646f844f -- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - -* Tue Apr 29 2014 Rex Dieter 0.9.10-0.1.20140405git646f844f -- Update to the latest git commit 646f844 (#1092245) - -* Mon Mar 31 2014 Rex Dieter 0.9.9-11 -- x11vnc crash when client connect (#972618) - pull in some upstream commits that may help - -* Sat Dec 21 2013 Rex Dieter - 0.9.9-10 -- include additional dependencies for x11vnc (#864947) -- %%build: --disable-silent-rules -- cleanup spec, drop support for old rpm (el5) - -* Sat Aug 03 2013 Fedora Release Engineering - 0.9.9-9 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - -* Tue Jul 23 2013 Rex Dieter 0.9.9-8 -- Automagic dependencies, explitictly build --with-gcrypt --with-png (#852660) - -* Thu Feb 14 2013 Rex Dieter 0.9.9-7 -- pkgconfig love (#854111) - -* Thu Feb 14 2013 Fedora Release Engineering - 0.9.9-6 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild - -* Fri Jan 18 2013 Adam Tkac - 0.9.9-5 -- rebuild due to "jpeg8-ABI" feature drop - -* Fri Dec 21 2012 Adam Tkac - 0.9.9-4 -- rebuild against new libjpeg - -* Thu Jul 26 2012 Rex Dieter 0.9.9-3 -- libvncserver fails to build in mock with selinux enabled (#843603) - -* Thu Jul 19 2012 Fedora Release Engineering - 0.9.9-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild - -* Mon May 07 2012 Rex Dieter 0.9.9-1 -- 0.9.9 diff --git a/sources b/sources deleted file mode 100644 index d89fad2..0000000 --- a/sources +++ /dev/null @@ -1 +0,0 @@ -SHA512 (LibVNCServer-0.9.14.tar.gz) = 8a0a58e355154cbe1e5807864dc874b063c5e5f5e20d64ae541d49d51b654a35ca9c625adc5c303b6570fa79c19f82d87a37612f9801b453ccf862bd77c06fcc