Utilize system-wide crypto policies

Resolves: bz#1179345 Try to disable patch4 as it was previously written to support an older version of a different client and breakse some other usage Resolves: bz#1280440
2016-05-23 18:15:21 +02:00 · 2016-05-23 18:15:21 +02:00 · 6c74881c53
commit 6c74881c53
parent 9f5871d7a7
2 changed files with 121 additions and 96 deletions
--- a/tigervnc-utilize-system-crypto-policies.patch
+++ b/tigervnc-utilize-system-crypto-policies.patch
@ -0,0 +1,13 @@
+diff --git a/common/rfb/Security.cxx b/common/rfb/Security.cxx
+index e623ab5..4987b29 100644
+--- a/common/rfb/Security.cxx
+++ b/common/rfb/Security.cxx
+@@ -52,7 +52,7 @@ static LogWriter vlog("Security");
+ #ifdef HAVE_GNUTLS
+ StringParameter Security::GnuTLSPriority("GnuTLSPriority",
+   "GnuTLS priority string that controls the TLS session’s handshake algorithms",
+-  "NORMAL");
+  "@SYSTEM");
+ #endif
+
+ Security::Security()
--- a/tigervnc.spec
+++ b/tigervnc.spec
@ -1,6 +1,6 @@
 Name:           tigervnc
 Version:        1.6.0
-Release:	3%{?dist}
+Release:        4%{?dist}
 Summary:        A TigerVNC remote display system

 %global _hardened_build 1
@ -47,7 +47,7 @@ Obsoletes:	tightvnc < 1.5.0-0.15.20090204svn3586

 Patch1:         tigervnc-cookie.patch
 Patch3:         tigervnc-libvnc-os.patch
-Patch4:		tigervnc11-rh692048.patch
+# Patch4:         tigervnc11-rh692048.patch
 Patch5:         tigervnc-inetd-nowait.patch
 Patch7:         tigervnc-manpages.patch
 Patch8:         tigervnc-getmaster.patch
@ -55,6 +55,7 @@ Patch9:		tigervnc-shebang.patch
 Patch14:        tigervnc-xstartup.patch
 Patch15:        tigervnc-xserver118.patch
 Patch17:        tigervnc-xorg118-QueueKeyboardEvents.patch
+Patch18:        tigervnc-utilize-system-crypto-policies.patch

 # This is tigervnc-%%{version}/unix/xserver116.patch rebased on the latest xorg
 Patch100:       tigervnc-xserver116-rebased.patch
@ -154,7 +155,7 @@ This package contains icons for TigerVNC viewer

 %patch1 -p1 -b .cookie
 %patch3 -p1 -b .libvnc-os
-%patch4 -p1 -b .rh692048
+# %patch4 -p1 -b .rh692048

 cp -r /usr/share/xorg-x11-server-source/* unix/xserver
 pushd unix/xserver
@ -187,6 +188,10 @@ popd
 %patch17 -p1 -b .xorg118-QueueKeyboardEvents
 %endif

+# Utilize system-wide crypto policies
+%patch18 -p1 -b .utilize-system-crypto-policies.patch
+
+
 %build
 %ifarch sparcv9 sparc64 s390 s390x
 export CFLAGS="$RPM_OPT_FLAGS -fPIC"
@ -354,6 +359,13 @@ fi
 %{_datadir}/icons/hicolor/*/apps/*

 %changelog
+* Mon May 23 2016 Jan Grulich <jgrulich@redhat.com> - 1.6.0-4
+- Utilize system-wide crypto policies
+  Resolves: bz#1179345
+- Try to disable patch4 as it was previously written to support an
+  older version of a different client and breaks some other usage
+  Resolves: bz#1280440
+
 * Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.0-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild