rpms/libvncserver
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import libvncserver-0.9.11-13.el8

Browse Source
This commit is contained in:
CentOS Sources 2020-01-21 17:35:56 -05:00 committed by Stepan Oksanichenko
parent cc087ceb9b
commit 888fcadb9d
4 changed files with 155 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
SOURCES/0001-auth-Add-API-to-unregister-built-in-security-handler.patch Normal file
View File

@ -0,0 +1,47 @@
From b793e8c51ab253c0951e43a84e9d448416462887 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
Date: Wed, 27 Nov 2019 16:58:29 +0100
Subject: [PATCH] auth: Add API to unregister built in security handlers
If I have a VNC server that first accepts password based authentication,
then switches to something not using password (e.g. a prompt on screen),
the security handler from the first would still be sent as, meaning
clients would still ask for a password without there being one.
---
libvncserver/auth.c | 7 +++++++
rfb/rfb.h | 1 +
2 files changed, 8 insertions(+)
diff --git a/libvncserver/auth.c b/libvncserver/auth.c
index 55e0b3c9..8b6fc48f 100644
--- a/libvncserver/auth.c
+++ b/libvncserver/auth.c
@@ -248,6 +248,13 @@ determinePrimarySecurityType(rfbClientPtr cl)
}
}
+void
+rfbUnregisterPrimarySecurityHandlers (void)
+{
+ rfbUnregisterSecurityHandler(&VncSecurityHandlerNone);
+ rfbUnregisterSecurityHandler(&VncSecurityHandlerVncAuth);
+}
+
void
rfbSendSecurityTypeList(rfbClientPtr cl,
enum rfbSecurityTag exclude)
diff --git a/rfb/rfb.h b/rfb/rfb.h
index 70b92242..738dbd82 100644
--- a/rfb/rfb.h
+++ b/rfb/rfb.h
@@ -887,6 +887,7 @@ extern void rfbProcessClientSecurityType(rfbClientPtr cl);
extern void rfbAuthProcessClientMessage(rfbClientPtr cl);
extern void rfbRegisterSecurityHandler(rfbSecurityHandler* handler);
extern void rfbUnregisterSecurityHandler(rfbSecurityHandler* handler);
+extern void rfbUnregisterPrimarySecurityHandlers (void);
extern void rfbRegisterChannelSecurityHandler(rfbSecurityHandler* handler);
extern void rfbUnregisterChannelSecurityHandler(rfbSecurityHandler* handler);
extern void rfbSendSecurityTypeList(rfbClientPtr cl, enum rfbSecurityTag exclude);
--
2.23.0

88
SOURCES/0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch
View File

@ -1,4 +1,4 @@
From 0a98d629447964f1d5d922d5012ee0c2cbf10694 Mon Sep 17 00:00:00 2001
From fb4b12407e869c3da33df65ed3a43ef87aeae1c4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
Date: Mon, 11 Jun 2018 23:47:02 +0200
Subject: [PATCH 1/2] libvncserver: Add API to add custom I/O entry points
@ -7,16 +7,16 @@ Add API to make it possible to channel RFB input and output through
another layer, for example TLS. This is done by making it possible to
override the default read/write/peek functions.
---
libvncserver/rfbserver.c | 4 +++
libvncserver/sockets.c | 64 +++++++++++++++++++++++++++++++++++++---
rfb/rfb.h | 17 +++++++++++
3 files changed, 81 insertions(+), 4 deletions(-)
libvncserver/rfbserver.c | 4 ++
libvncserver/sockets.c | 79 ++++++++++++++++++++++++++++++++++++----
rfb/rfb.h | 17 +++++++++
3 files changed, 93 insertions(+), 7 deletions(-)
diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
index 7af6aed..fbedd9f 100644
index bc9cc117..0c8ee735 100644
--- a/libvncserver/rfbserver.c
+++ b/libvncserver/rfbserver.c
@@ -322,6 +322,10 @@ rfbNewTCPOrUDPClient(rfbScreenInfoPtr rfbScreen,
@@ -319,6 +319,10 @@ rfbNewTCPOrUDPClient(rfbScreenInfoPtr rfbScreen,
cl->screen = rfbScreen;
cl->sock = sock;
@ -28,10 +28,56 @@ index 7af6aed..fbedd9f 100644
/* setup pseudo scaling */
cl->scaledScreen = rfbScreen;
diff --git a/libvncserver/sockets.c b/libvncserver/sockets.c
index bbc3d90..27515f2 100644
index bbc3d90d..4874d4b6 100644
--- a/libvncserver/sockets.c
+++ b/libvncserver/sockets.c
@@ -589,6 +589,30 @@ rfbConnect(rfbScreenInfoPtr rfbScreen,
@@ -126,6 +126,9 @@ int deny_severity=LOG_WARNING;
int rfbMaxClientWait = 20000; /* time (ms) after which we decide client has
gone away - needed to stop us hanging */
+static rfbBool
+rfbHasPendingOnSocket(rfbClientPtr cl);
+
static rfbBool
rfbNewConnectionFromSock(rfbScreenInfoPtr rfbScreen, int sock)
{
@@ -370,16 +373,20 @@ rfbCheckFds(rfbScreenInfoPtr rfbScreen,long usec)
tv.tv_usec = usec;
nfds = select(rfbScreen->maxFd + 1, &fds, NULL, NULL /* &fds */, &tv);
if (nfds == 0) {
+ rfbBool hasPendingData = FALSE;
+
/* timed out, check for async events */
i = rfbGetClientIterator(rfbScreen);
while((cl = rfbClientIteratorNext(i))) {
if (cl->onHold)
continue;
+ hasPendingData |= rfbHasPendingOnSocket(cl);
if (FD_ISSET(cl->sock, &(rfbScreen->allFds)))
rfbSendFileTransferChunk(cl);
}
rfbReleaseClientIterator(i);
- return result;
+ if (!hasPendingData)
+ return result;
}
if (nfds < 0) {
@@ -455,9 +462,11 @@ rfbCheckFds(rfbScreenInfoPtr rfbScreen,long usec)
if (cl->onHold)
continue;
- if (FD_ISSET(cl->sock, &(rfbScreen->allFds)))
+ if (rfbHasPendingOnSocket (cl) ||
+ FD_ISSET(cl->sock, &(rfbScreen->allFds)))
{
- if (FD_ISSET(cl->sock, &fds))
+ if (rfbHasPendingOnSocket (cl) ||
+ FD_ISSET(cl->sock, &fds))
{
#ifdef LIBVNCSERVER_WITH_WEBSOCKETS
do {
@@ -589,6 +598,30 @@ rfbConnect(rfbScreenInfoPtr rfbScreen,
return sock;
}
@ -56,13 +102,13 @@ index bbc3d90..27515f2 100644
+static rfbBool
+rfbHasPendingOnSocket(rfbClientPtr cl)
+{
+ cl->hasPendingOnSocket(cl);
+ return cl->hasPendingOnSocket(cl);
+}
+
/*
* ReadExact reads an exact number of bytes from a client. Returns 1 if
* those bytes have been read, 0 if the other end has closed, or -1 if an error
@@ -610,10 +634,10 @@ rfbReadExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout)
@@ -610,10 +643,10 @@ rfbReadExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout)
} else if (cl->sslctx) {
n = rfbssl_read(cl, buf, len);
} else {
@ -75,7 +121,7 @@ index bbc3d90..27515f2 100644
#endif
if (n > 0) {
@@ -645,6 +669,10 @@ rfbReadExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout)
@@ -645,6 +678,10 @@ rfbReadExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout)
continue;
}
#endif
@ -86,7 +132,7 @@ index bbc3d90..27515f2 100644
FD_ZERO(&fds);
FD_SET(sock, &fds);
tv.tv_sec = timeout / 1000;
@@ -681,6 +709,18 @@ int rfbReadExact(rfbClientPtr cl,char* buf,int len)
@@ -681,6 +718,18 @@ int rfbReadExact(rfbClientPtr cl,char* buf,int len)
return(rfbReadExactTimeout(cl,buf,len,rfbMaxClientWait));
}
@ -105,7 +151,7 @@ index bbc3d90..27515f2 100644
/*
* PeekExact peeks at an exact number of bytes from a client. Returns 1 if
* those bytes have been read, 0 if the other end has closed, or -1 if an
@@ -701,7 +741,7 @@ rfbPeekExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout)
@@ -701,7 +750,7 @@ rfbPeekExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout)
n = rfbssl_peek(cl, buf, len);
else
#endif
@ -114,7 +160,7 @@ index bbc3d90..27515f2 100644
if (n == len) {
@@ -757,6 +797,22 @@ rfbPeekExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout)
@@ -757,6 +806,22 @@ rfbPeekExactTimeout(rfbClientPtr cl, char* buf, int len, int timeout)
return 1;
}
@ -137,7 +183,7 @@ index bbc3d90..27515f2 100644
/*
* WriteExact writes an exact number of bytes to a client. Returns 1 if
* those bytes have been written, or -1 if an error occurred (errno is set to
@@ -801,7 +857,7 @@ rfbWriteExact(rfbClientPtr cl,
@@ -801,7 +866,7 @@ rfbWriteExact(rfbClientPtr cl,
n = rfbssl_write(cl, buf, len);
else
#endif
@ -147,10 +193,10 @@ index bbc3d90..27515f2 100644
if (n > 0) {
diff --git a/rfb/rfb.h b/rfb/rfb.h
index f982b40..ba9e898 100644
index c6edc119..2e5597a9 100644
--- a/rfb/rfb.h
+++ b/rfb/rfb.h
@@ -415,6 +415,14 @@ typedef struct sraRegion* sraRegionPtr;
@@ -414,6 +414,14 @@ typedef struct sraRegion* sraRegionPtr;
typedef void (*ClientGoneHookPtr)(struct _rfbClientRec* cl);
@ -165,7 +211,7 @@ index f982b40..ba9e898 100644
typedef struct _rfbFileTransferData {
int fd;
int compressionEnabled;
@@ -696,6 +704,11 @@ typedef struct _rfbClientRec {
@@ -695,6 +703,11 @@ typedef struct _rfbClientRec {
wsCtx *wsctx;
char *wspath; /* Requests path component */
#endif
@ -177,7 +223,7 @@ index f982b40..ba9e898 100644
} rfbClientRec, *rfbClientPtr;
/**
@@ -748,8 +761,12 @@ extern void rfbDisconnectUDPSock(rfbScreenInfoPtr rfbScreen);
@@ -747,8 +760,12 @@ extern void rfbDisconnectUDPSock(rfbScreenInfoPtr rfbScreen);
extern void rfbCloseClient(rfbClientPtr cl);
extern int rfbReadExact(rfbClientPtr cl, char *buf, int len);
extern int rfbReadExactTimeout(rfbClientPtr cl, char *buf, int len,int timeout);
@ -191,5 +237,5 @@ index f982b40..ba9e898 100644
extern int rfbConnect(rfbScreenInfoPtr rfbScreen, char* host, int port);
extern int rfbConnectToTcpAddr(char* host, int port);
--
2.17.1
2.23.0

34
SOURCES/0002-libvncserver-Add-channel-security-handlers.patch
View File

@ -1,4 +1,4 @@
From c343c1b43080bcb45dad285faa5cd8926bfb9811 Mon Sep 17 00:00:00 2001
From 5e4d810d62da0f2048ce78b3a7812e9e13968162 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jonas=20=C3=85dahl?= <jadahl@gmail.com>
Date: Mon, 11 Jun 2018 23:50:05 +0200
Subject: [PATCH 2/2] libvncserver: Add channel security handlers
@ -13,13 +13,13 @@ done by adding a single channel security handler with the rfbTLS (18)
with a handler that initiates a TLS session, and when a TLS session is
initiated, the regular security handler list is sent.
---
libvncserver/auth.c | 162 ++++++++++++++++++++++++++++++---------
libvncserver/auth.c | 164 ++++++++++++++++++++++++++++++---------
libvncserver/rfbserver.c | 1 +
rfb/rfb.h | 15 +++-
3 files changed, 140 insertions(+), 38 deletions(-)
3 files changed, 142 insertions(+), 38 deletions(-)
diff --git a/libvncserver/auth.c b/libvncserver/auth.c
index 814a814..6581953 100644
index 814a8142..55e0b3c9 100644
--- a/libvncserver/auth.c
+++ b/libvncserver/auth.c
@@ -37,18 +37,17 @@ void rfbClientSendString(rfbClientPtr cl, const char *reason);
@ -255,20 +255,22 @@ index 814a814..6581953 100644
if (securityType == rfbSecTypeInvalid) {
rfbLog("VNC authentication disabled - RFB 3.3 client rejected\n");
rfbClientConnFailed(cl, "Your viewer cannot handle required "
@@ -316,9 +394,11 @@ rfbAuthNewClient(rfbClientPtr cl)
@@ -316,9 +394,13 @@ rfbAuthNewClient(rfbClientPtr cl)
return;
}
rfbSendSecurityType(cl, securityType);
+ } else if (channelSecurityHandlers) {
+ rfbLog("Send channel security type list\n");
+ rfbSendChannelSecurityTypeList(cl);
} else {
/* Here it's ok when securityType is set to rfbSecTypeInvalid. */
- rfbSendSecurityTypeList(cl, securityType);
+ rfbLog("Send channel security type 'none'\n");
+ rfbSendSecurityTypeList(cl, RFB_SECURITY_TAG_NONE);
}
}
@@ -332,6 +412,7 @@ rfbProcessClientSecurityType(rfbClientPtr cl)
@@ -332,6 +414,7 @@ rfbProcessClientSecurityType(rfbClientPtr cl)
int n;
uint8_t chosenType;
rfbSecurityHandler* handler;
@ -276,7 +278,7 @@ index 814a814..6581953 100644
/* Read the security type. */
n = rfbReadExact(cl, (char *)&chosenType, 1);
@@ -344,8 +425,17 @@ rfbProcessClientSecurityType(rfbClientPtr cl)
@@ -344,8 +427,17 @@ rfbProcessClientSecurityType(rfbClientPtr cl)
return;
}
@ -296,10 +298,10 @@ index 814a814..6581953 100644
rfbLog("rfbProcessClientSecurityType: executing handler for type %d\n", chosenType);
handler->handler(cl);
diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
index fbedd9f..1e8b3c1 100644
index 0c8ee735..421d8c7f 100644
--- a/libvncserver/rfbserver.c
+++ b/libvncserver/rfbserver.c
@@ -643,6 +643,7 @@ rfbProcessClientMessage(rfbClientPtr cl)
@@ -640,6 +640,7 @@ rfbProcessClientMessage(rfbClientPtr cl)
case RFB_PROTOCOL_VERSION:
rfbProcessClientProtocolVersion(cl);
return;
@ -308,10 +310,10 @@ index fbedd9f..1e8b3c1 100644
rfbProcessClientSecurityType(cl);
return;
diff --git a/rfb/rfb.h b/rfb/rfb.h
index ba9e898..be58d08 100644
index 2e5597a9..d2a7c9fb 100644
--- a/rfb/rfb.h
+++ b/rfb/rfb.h
@@ -182,6 +182,11 @@ typedef struct {
@@ -181,6 +181,11 @@ typedef struct {
} data; /**< there have to be count*3 entries */
} rfbColourMap;
@ -323,7 +325,7 @@ index ba9e898..be58d08 100644
/**
* Security handling (RFB protocol version 3.7)
*/
@@ -190,6 +195,7 @@ typedef struct _rfbSecurity {
@@ -189,6 +194,7 @@ typedef struct _rfbSecurity {
uint8_t type;
void (*handler)(struct _rfbClientRec* cl);
struct _rfbSecurity* next;
@ -331,7 +333,7 @@ index ba9e898..be58d08 100644
} rfbSecurityHandler;
/**
@@ -506,7 +512,7 @@ typedef struct _rfbClientRec {
@@ -505,7 +511,7 @@ typedef struct _rfbClientRec {
/** Possible client states: */
enum {
RFB_PROTOCOL_VERSION, /**< establishing protocol version */
@ -340,7 +342,7 @@ index ba9e898..be58d08 100644
RFB_AUTHENTICATION, /**< authenticating */
RFB_INITIALISATION, /**< sending initialisation messages */
RFB_NORMAL, /**< normal protocol messages */
@@ -514,7 +520,9 @@ typedef struct _rfbClientRec {
@@ -513,7 +519,9 @@ typedef struct _rfbClientRec {
/* Ephemeral internal-use states that will never be seen by software
* using LibVNCServer to provide services: */
@ -351,7 +353,7 @@ index ba9e898..be58d08 100644
} state;
rfbBool reverseConnection;
@@ -855,6 +863,9 @@ extern void rfbProcessClientSecurityType(rfbClientPtr cl);
@@ -854,6 +862,9 @@ extern void rfbProcessClientSecurityType(rfbClientPtr cl);
extern void rfbAuthProcessClientMessage(rfbClientPtr cl);
extern void rfbRegisterSecurityHandler(rfbSecurityHandler* handler);
extern void rfbUnregisterSecurityHandler(rfbSecurityHandler* handler);
@ -362,5 +364,5 @@ index ba9e898..be58d08 100644
/* rre.c */
--
2.17.1
2.23.0

24
SPECS/libvncserver.spec
View File

@ -1,7 +1,7 @@
Summary: Library to make writing a VNC server easy
Name: libvncserver
Version: 0.9.11
Release: 9%{?dist}
Release: 13%{?dist}
# NOTE: --with-filetransfer => GPLv2
License: GPLv2+
@ -16,6 +16,10 @@ Patch4: 0040-Ensure-compatibility-with-gtk-vnc-0.7.0.patch
Patch10: 0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch
Patch11: 0002-libvncserver-Add-channel-security-handlers.patch
## Add API needed by gnome-remote-desktop to handle settings changes
# rhbz#1684729
Patch12: 0001-auth-Add-API-to-unregister-built-in-security-handler.patch
## downstream patches
Patch100: libvncserver-0.9.11-system_minilzo.patch
Patch101: libvncserver-0.9.1-multilib.patch
@ -87,6 +91,8 @@ developing applications that use %{name}.
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch100 -p1 -b .system_minilzo
# Nuke bundled minilzo
#rm -fv common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c
@ -161,6 +167,22 @@ make -C test test ||:
%changelog
* Thu Nov 28 2019 Jonas Ådahl <jadahl@redhat.com> - 0.9.11-13
- Manually apply new patch
Resolves: #1684729
* Wed Nov 27 2019 Jonas Ådahl <jadahl@redhat.com> - 0.9.11-12
- Add API needed by gnome-remote-desktop to handle settings changes
Resolves: #1684729
* Wed Nov 27 2019 Tomas Pelka <tpelka@redhat.com> - 0.9.11-11
- Enable gating through gnome-remote-desktop for now
Resolves: #1765448
* Wed Nov 27 2019 Jonas Ådahl <jadahl@redhat.com> - 0.9.11-10
- Update TLS security type enablement patches
Resolves: #1765448
* Thu Jan 10 2019 Petr Pisar <ppisar@redhat.com> - 0.9.11-9
- Fix CVE-2018-15127 (Heap out-of-bounds write in
rfbserver.c:rfbProcessFileTransferReadBuffer()) (bug #1662997)