Compare commits
No commits in common. "c8" and "c8s" have entirely different histories.
|
@ -1 +1 @@
|
||||||
SOURCES/tigervnc-1.13.1.tar.gz
|
SOURCES/tigervnc-1.12.0.tar.gz
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
6f7a23f14833f552c88523da1a5e102f3b8d35c2 SOURCES/tigervnc-1.13.1.tar.gz
|
44db63993d8ad04f730b0b48e8aca32933bff15a SOURCES/tigervnc-1.12.0.tar.gz
|
||||||
|
|
|
@ -0,0 +1,199 @@
|
||||||
|
From ccbd491fa48f1c43daeb1a6c5ee91a1a8fa3db88 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jan Grulich <jgrulich@redhat.com>
|
||||||
|
Date: Tue, 9 Aug 2022 14:31:07 +0200
|
||||||
|
Subject: [PATCH] x0vncserver: add new keysym in case we don't find a matching
|
||||||
|
keycode
|
||||||
|
|
||||||
|
We might often fail to find a matching X11 keycode when the client has
|
||||||
|
a different keyboard layout and end up with no key event. To avoid a
|
||||||
|
failure we add it as a new keysym/keycode pair so the next time a keysym
|
||||||
|
from the client that is unknown to the server is send, we will find a
|
||||||
|
match and proceed with key event. This is same behavior used in Xvnc or
|
||||||
|
x11vnc, although Xvnc has more advanced mapping from keysym to keycode.
|
||||||
|
---
|
||||||
|
unix/x0vncserver/XDesktop.cxx | 121 +++++++++++++++++++++++++++++++++-
|
||||||
|
unix/x0vncserver/XDesktop.h | 4 ++
|
||||||
|
2 files changed, 122 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/unix/x0vncserver/XDesktop.cxx b/unix/x0vncserver/XDesktop.cxx
|
||||||
|
index f2046e43e..933998f05 100644
|
||||||
|
--- a/unix/x0vncserver/XDesktop.cxx
|
||||||
|
+++ b/unix/x0vncserver/XDesktop.cxx
|
||||||
|
@@ -31,6 +31,7 @@
|
||||||
|
#include <x0vncserver/XDesktop.h>
|
||||||
|
|
||||||
|
#include <X11/XKBlib.h>
|
||||||
|
+#include <X11/Xutil.h>
|
||||||
|
#ifdef HAVE_XTEST
|
||||||
|
#include <X11/extensions/XTest.h>
|
||||||
|
#endif
|
||||||
|
@@ -50,6 +51,7 @@ void vncSetGlueContext(Display *dpy, void *res);
|
||||||
|
#include <x0vncserver/Geometry.h>
|
||||||
|
#include <x0vncserver/XPixelBuffer.h>
|
||||||
|
|
||||||
|
+using namespace std;
|
||||||
|
using namespace rfb;
|
||||||
|
|
||||||
|
extern const unsigned short code_map_qnum_to_xorgevdev[];
|
||||||
|
@@ -264,6 +266,9 @@ void XDesktop::start(VNCServer* vs) {
|
||||||
|
void XDesktop::stop() {
|
||||||
|
running = false;
|
||||||
|
|
||||||
|
+ // Delete added keycodes
|
||||||
|
+ deleteAddedKeysyms(dpy);
|
||||||
|
+
|
||||||
|
#ifdef HAVE_XDAMAGE
|
||||||
|
if (haveDamage)
|
||||||
|
XDamageDestroy(dpy, damage);
|
||||||
|
@@ -383,6 +388,118 @@ KeyCode XDesktop::XkbKeysymToKeycode(Display* dpy, KeySym keysym) {
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+KeyCode XDesktop::addKeysym(Display* dpy, KeySym keysym)
|
||||||
|
+{
|
||||||
|
+ int types[1];
|
||||||
|
+ unsigned int key;
|
||||||
|
+ XkbDescPtr xkb;
|
||||||
|
+ XkbMapChangesRec changes;
|
||||||
|
+ KeySym *syms;
|
||||||
|
+ KeySym upper, lower;
|
||||||
|
+
|
||||||
|
+ xkb = XkbGetMap(dpy, XkbAllComponentsMask, XkbUseCoreKbd);
|
||||||
|
+
|
||||||
|
+ if (!xkb)
|
||||||
|
+ return 0;
|
||||||
|
+
|
||||||
|
+ for (key = xkb->max_key_code; key >= xkb->min_key_code; key--) {
|
||||||
|
+ if (XkbKeyNumGroups(xkb, key) == 0)
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (key < xkb->min_key_code)
|
||||||
|
+ return 0;
|
||||||
|
+
|
||||||
|
+ memset(&changes, 0, sizeof(changes));
|
||||||
|
+
|
||||||
|
+ XConvertCase(keysym, &lower, &upper);
|
||||||
|
+
|
||||||
|
+ if (upper == lower)
|
||||||
|
+ types[XkbGroup1Index] = XkbOneLevelIndex;
|
||||||
|
+ else
|
||||||
|
+ types[XkbGroup1Index] = XkbAlphabeticIndex;
|
||||||
|
+
|
||||||
|
+ XkbChangeTypesOfKey(xkb, key, 1, XkbGroup1Mask, types, &changes);
|
||||||
|
+
|
||||||
|
+ syms = XkbKeySymsPtr(xkb,key);
|
||||||
|
+ if (upper == lower)
|
||||||
|
+ syms[0] = keysym;
|
||||||
|
+ else {
|
||||||
|
+ syms[0] = lower;
|
||||||
|
+ syms[1] = upper;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ changes.changed |= XkbKeySymsMask;
|
||||||
|
+ changes.first_key_sym = key;
|
||||||
|
+ changes.num_key_syms = 1;
|
||||||
|
+
|
||||||
|
+ if (XkbChangeMap(dpy, xkb, &changes)) {
|
||||||
|
+ vlog.info("Added unknown keysym %s to keycode %d", XKeysymToString(keysym), key);
|
||||||
|
+ addedKeysyms[keysym] = key;
|
||||||
|
+ return key;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ return 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+void XDesktop::deleteAddedKeysyms(Display* dpy) {
|
||||||
|
+ XkbDescPtr xkb;
|
||||||
|
+ xkb = XkbGetMap(dpy, XkbAllComponentsMask, XkbUseCoreKbd);
|
||||||
|
+
|
||||||
|
+ if (!xkb)
|
||||||
|
+ return;
|
||||||
|
+
|
||||||
|
+ XkbMapChangesRec changes;
|
||||||
|
+ memset(&changes, 0, sizeof(changes));
|
||||||
|
+
|
||||||
|
+ KeyCode lowestKeyCode = xkb->max_key_code;
|
||||||
|
+ KeyCode highestKeyCode = xkb->min_key_code;
|
||||||
|
+ std::map<KeySym, KeyCode>::iterator it;
|
||||||
|
+ for (it = addedKeysyms.begin(); it != addedKeysyms.end(); it++) {
|
||||||
|
+ if (XkbKeyNumGroups(xkb, it->second) != 0) {
|
||||||
|
+ // Check if we are removing keysym we added ourself
|
||||||
|
+ if (XkbKeysymToKeycode(dpy, it->first) != it->second)
|
||||||
|
+ continue;
|
||||||
|
+
|
||||||
|
+ XkbChangeTypesOfKey(xkb, it->second, 0, XkbGroup1Mask, NULL, &changes);
|
||||||
|
+
|
||||||
|
+ if (it->second < lowestKeyCode)
|
||||||
|
+ lowestKeyCode = it->second;
|
||||||
|
+
|
||||||
|
+ if (it->second > highestKeyCode)
|
||||||
|
+ highestKeyCode = it->second;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ changes.changed |= XkbKeySymsMask;
|
||||||
|
+ changes.first_key_sym = lowestKeyCode;
|
||||||
|
+ changes.num_key_syms = highestKeyCode - lowestKeyCode + 1;
|
||||||
|
+ XkbChangeMap(dpy, xkb, &changes);
|
||||||
|
+
|
||||||
|
+ addedKeysyms.clear();
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+KeyCode XDesktop::keysymToKeycode(Display* dpy, KeySym keysym) {
|
||||||
|
+ int keycode = 0;
|
||||||
|
+
|
||||||
|
+ // XKeysymToKeycode() doesn't respect state, so we have to use
|
||||||
|
+ // something slightly more complex
|
||||||
|
+ keycode = XkbKeysymToKeycode(dpy, keysym);
|
||||||
|
+
|
||||||
|
+ if (keycode != 0)
|
||||||
|
+ return keycode;
|
||||||
|
+
|
||||||
|
+ // TODO: try to further guess keycode with all possible mods as Xvnc does
|
||||||
|
+
|
||||||
|
+ keycode = addKeysym(dpy, keysym);
|
||||||
|
+
|
||||||
|
+ if (keycode == 0)
|
||||||
|
+ vlog.error("Failure adding new keysym 0x%lx", keysym);
|
||||||
|
+
|
||||||
|
+ return keycode;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+
|
||||||
|
void XDesktop::keyEvent(rdr::U32 keysym, rdr::U32 xtcode, bool down) {
|
||||||
|
#ifdef HAVE_XTEST
|
||||||
|
int keycode = 0;
|
||||||
|
@@ -398,9 +515,7 @@ void XDesktop::keyEvent(rdr::U32 keysym, rdr::U32 xtcode, bool down) {
|
||||||
|
if (pressedKeys.find(keysym) != pressedKeys.end())
|
||||||
|
keycode = pressedKeys[keysym];
|
||||||
|
else {
|
||||||
|
- // XKeysymToKeycode() doesn't respect state, so we have to use
|
||||||
|
- // something slightly more complex
|
||||||
|
- keycode = XkbKeysymToKeycode(dpy, keysym);
|
||||||
|
+ keycode = keysymToKeycode(dpy, keysym);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
diff --git a/unix/x0vncserver/XDesktop.h b/unix/x0vncserver/XDesktop.h
|
||||||
|
index 840d43316..6ebcd9f8a 100644
|
||||||
|
--- a/unix/x0vncserver/XDesktop.h
|
||||||
|
+++ b/unix/x0vncserver/XDesktop.h
|
||||||
|
@@ -55,6 +55,9 @@ class XDesktop : public rfb::SDesktop,
|
||||||
|
const char* userName);
|
||||||
|
virtual void pointerEvent(const rfb::Point& pos, int buttonMask);
|
||||||
|
KeyCode XkbKeysymToKeycode(Display* dpy, KeySym keysym);
|
||||||
|
+ KeyCode addKeysym(Display* dpy, KeySym keysym);
|
||||||
|
+ void deleteAddedKeysyms(Display* dpy);
|
||||||
|
+ KeyCode keysymToKeycode(Display* dpy, KeySym keysym);
|
||||||
|
virtual void keyEvent(rdr::U32 keysym, rdr::U32 xtcode, bool down);
|
||||||
|
virtual void clientCutText(const char* str);
|
||||||
|
virtual unsigned int setScreenLayout(int fb_width, int fb_height,
|
||||||
|
@@ -78,6 +81,7 @@ class XDesktop : public rfb::SDesktop,
|
||||||
|
bool haveXtest;
|
||||||
|
bool haveDamage;
|
||||||
|
int maxButtons;
|
||||||
|
+ std::map<KeySym, KeyCode> addedKeysyms;
|
||||||
|
std::map<KeySym, KeyCode> pressedKeys;
|
||||||
|
bool running;
|
||||||
|
#ifdef HAVE_XDAMAGE
|
|
@ -1,13 +0,0 @@
|
||||||
diff --git a/unix/xserver/hw/vnc/vncInput.c b/unix/xserver/hw/vnc/vncInput.c
|
|
||||||
index b3d0926d..d36a096f 100644
|
|
||||||
--- a/unix/xserver/hw/vnc/vncInput.c
|
|
||||||
+++ b/unix/xserver/hw/vnc/vncInput.c
|
|
||||||
@@ -167,7 +167,7 @@ void vncPointerMove(int x, int y)
|
|
||||||
|
|
||||||
void vncGetPointerPos(int *x, int *y)
|
|
||||||
{
|
|
||||||
- if (vncPointerDev != NULL) {
|
|
||||||
+ if (vncPointerDev != NULL && !IsFloating(vncPointerDev)) {
|
|
||||||
ScreenPtr ptrScreen;
|
|
||||||
|
|
||||||
miPointerGetPosition(vncPointerDev, &cursorPosX, &cursorPosY);
|
|
|
@ -1,51 +0,0 @@
|
||||||
diff --git a/po/CMakeLists.txt b/po/CMakeLists.txt
|
|
||||||
index 052cfb3..c84fb0e 100644
|
|
||||||
--- a/po/CMakeLists.txt
|
|
||||||
+++ b/po/CMakeLists.txt
|
|
||||||
@@ -14,7 +14,6 @@ if (GETTEXT_XGETTEXT_EXECUTABLE)
|
|
||||||
${PROJECT_SOURCE_DIR}/vncviewer/*.h
|
|
||||||
${PROJECT_SOURCE_DIR}/vncviewer/*.cxx
|
|
||||||
${PROJECT_SOURCE_DIR}/vncviewer/*.desktop.in.in
|
|
||||||
- ${PROJECT_SOURCE_DIR}/vncviewer/*.metainfo.xml.in
|
|
||||||
)
|
|
||||||
|
|
||||||
add_custom_target(translations_update
|
|
||||||
diff --git a/vncviewer/CMakeLists.txt b/vncviewer/CMakeLists.txt
|
|
||||||
index 15eac66..450b732 100644
|
|
||||||
--- a/vncviewer/CMakeLists.txt
|
|
||||||
+++ b/vncviewer/CMakeLists.txt
|
|
||||||
@@ -100,34 +100,6 @@ if(UNIX)
|
|
||||||
add_custom_target(desktop ALL DEPENDS vncviewer.desktop)
|
|
||||||
install(FILES ${CMAKE_CURRENT_BINARY_DIR}/vncviewer.desktop DESTINATION ${CMAKE_INSTALL_FULL_DATADIR}/applications)
|
|
||||||
|
|
||||||
- if("${GETTEXT_VERSION_STRING}" VERSION_GREATER 0.19.6)
|
|
||||||
- add_custom_command(OUTPUT org.tigervnc.vncviewer.metainfo.xml
|
|
||||||
- COMMAND ${GETTEXT_MSGFMT_EXECUTABLE}
|
|
||||||
- --xml --template ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in
|
|
||||||
- -d ${CMAKE_SOURCE_DIR}/po -o org.tigervnc.vncviewer.metainfo.xml
|
|
||||||
- DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in
|
|
||||||
- )
|
|
||||||
- elseif(INTLTOOL_MERGE_EXECUTABLE)
|
|
||||||
- add_custom_command(OUTPUT org.tigervnc.vncviewer.metainfo.xml
|
|
||||||
- COMMAND sed -e 's@<name>@<_name>@\;s@</name>@</_name>@'
|
|
||||||
- -e 's@<summary>@<_summary>@\;s@</summary>@</_summary>@'
|
|
||||||
- -e 's@<caption>@<_caption>@\;s@</caption>@</_caption>@'
|
|
||||||
- -e 's@<p>@<_p>@g\;s@</p>@</_p>@g'
|
|
||||||
- ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in > org.tigervnc.vncviewer.metainfo.xml.intl
|
|
||||||
- COMMAND ${INTLTOOL_MERGE_EXECUTABLE}
|
|
||||||
- -x ${CMAKE_SOURCE_DIR}/po
|
|
||||||
- org.tigervnc.vncviewer.metainfo.xml.intl org.tigervnc.vncviewer.metainfo.xml
|
|
||||||
- DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in
|
|
||||||
- )
|
|
||||||
- else()
|
|
||||||
- add_custom_command(OUTPUT org.tigervnc.vncviewer.metainfo.xml
|
|
||||||
- COMMAND cp ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in org.tigervnc.vncviewer.metainfo.xml
|
|
||||||
- DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in
|
|
||||||
- )
|
|
||||||
- endif()
|
|
||||||
- add_custom_target(appstream ALL DEPENDS org.tigervnc.vncviewer.metainfo.xml)
|
|
||||||
- install(FILES ${CMAKE_CURRENT_BINARY_DIR}/org.tigervnc.vncviewer.metainfo.xml DESTINATION ${CMAKE_INSTALL_FULL_DATADIR}/metainfo)
|
|
||||||
-
|
|
||||||
foreach(res 16 22 24 32 48 64 128)
|
|
||||||
install(FILES ../media/icons/tigervnc_${res}.png DESTINATION ${CMAKE_INSTALL_FULL_DATADIR}/icons/hicolor/${res}x${res}/apps RENAME tigervnc.png)
|
|
||||||
endforeach()
|
|
|
@ -0,0 +1,117 @@
|
||||||
|
From f783d5c8b567199178b6690f347e060a69d2aa36 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jan Grulich <jgrulich@redhat.com>
|
||||||
|
Date: Thu, 11 Aug 2022 13:15:29 +0200
|
||||||
|
Subject: [PATCH] x0vncserver: update/display cursor only on correct screen in
|
||||||
|
zaphod mode
|
||||||
|
|
||||||
|
We have to check whether we update cursor position/shape only in case
|
||||||
|
the cursor is on our display, otherwise in zaphod mode, ie. when having
|
||||||
|
two instances of x0vncserver on screens :0.0 and :0.1 we would be having
|
||||||
|
the cursor duplicated and actually not funcional (aka ghost cursor) as
|
||||||
|
it would be actually not present. We also additionally watch EnterNotify
|
||||||
|
and LeaveNotify events in order to show/hide cursor accordingly.
|
||||||
|
|
||||||
|
Change made with help from Olivier Fourdan <ofourdan@redhat.com>
|
||||||
|
---
|
||||||
|
unix/x0vncserver/XDesktop.cxx | 60 +++++++++++++++++++++++++++++++----
|
||||||
|
1 file changed, 53 insertions(+), 7 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/unix/x0vncserver/XDesktop.cxx b/unix/x0vncserver/XDesktop.cxx
|
||||||
|
index f2046e43e..f07fd78bf 100644
|
||||||
|
--- a/unix/x0vncserver/XDesktop.cxx
|
||||||
|
+++ b/unix/x0vncserver/XDesktop.cxx
|
||||||
|
@@ -192,7 +192,8 @@ XDesktop::XDesktop(Display* dpy_, Geometry *geometry_)
|
||||||
|
RRScreenChangeNotifyMask | RRCrtcChangeNotifyMask);
|
||||||
|
/* Override TXWindow::init input mask */
|
||||||
|
XSelectInput(dpy, DefaultRootWindow(dpy),
|
||||||
|
- PropertyChangeMask | StructureNotifyMask | ExposureMask);
|
||||||
|
+ PropertyChangeMask | StructureNotifyMask |
|
||||||
|
+ ExposureMask | EnterWindowMask | LeaveWindowMask);
|
||||||
|
} else {
|
||||||
|
#endif
|
||||||
|
vlog.info("RANDR extension not present");
|
||||||
|
@@ -217,11 +218,13 @@ void XDesktop::poll() {
|
||||||
|
Window root, child;
|
||||||
|
int x, y, wx, wy;
|
||||||
|
unsigned int mask;
|
||||||
|
- XQueryPointer(dpy, DefaultRootWindow(dpy), &root, &child,
|
||||||
|
- &x, &y, &wx, &wy, &mask);
|
||||||
|
- x -= geometry->offsetLeft();
|
||||||
|
- y -= geometry->offsetTop();
|
||||||
|
- server->setCursorPos(rfb::Point(x, y), false);
|
||||||
|
+
|
||||||
|
+ if (XQueryPointer(dpy, DefaultRootWindow(dpy), &root, &child,
|
||||||
|
+ &x, &y, &wx, &wy, &mask)) {
|
||||||
|
+ x -= geometry->offsetLeft();
|
||||||
|
+ y -= geometry->offsetTop();
|
||||||
|
+ server->setCursorPos(rfb::Point(x, y), false);
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -253,7 +256,14 @@ void XDesktop::start(VNCServer* vs) {
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifdef HAVE_XFIXES
|
||||||
|
- setCursor();
|
||||||
|
+ Window root, child;
|
||||||
|
+ int x, y, wx, wy;
|
||||||
|
+ unsigned int mask;
|
||||||
|
+ // Check whether the cursor is initially on our screen
|
||||||
|
+ if (XQueryPointer(dpy, DefaultRootWindow(dpy), &root, &child,
|
||||||
|
+ &x, &y, &wx, &wy, &mask))
|
||||||
|
+ setCursor();
|
||||||
|
+
|
||||||
|
#endif
|
||||||
|
|
||||||
|
server->setLEDState(ledState);
|
||||||
|
@@ -701,6 +711,15 @@ bool XDesktop::handleGlobalEvent(XEvent* ev) {
|
||||||
|
if (cev->subtype != XFixesDisplayCursorNotify)
|
||||||
|
return false;
|
||||||
|
|
||||||
|
+ Window root, child;
|
||||||
|
+ int x, y, wx, wy;
|
||||||
|
+ unsigned int mask;
|
||||||
|
+
|
||||||
|
+ // Check whether the cursor is initially on our screen
|
||||||
|
+ if (!XQueryPointer(dpy, DefaultRootWindow(dpy), &root, &child,
|
||||||
|
+ &x, &y, &wx, &wy, &mask))
|
||||||
|
+ return false;
|
||||||
|
+
|
||||||
|
return setCursor();
|
||||||
|
#endif
|
||||||
|
#ifdef HAVE_XRANDR
|
||||||
|
@@ -753,6 +772,33 @@ bool XDesktop::handleGlobalEvent(XEvent* ev) {
|
||||||
|
|
||||||
|
return true;
|
||||||
|
#endif
|
||||||
|
+#ifdef HAVE_XFIXES
|
||||||
|
+ } else if (ev->type == EnterNotify) {
|
||||||
|
+ XCrossingEvent* cev;
|
||||||
|
+
|
||||||
|
+ if (!running)
|
||||||
|
+ return true;
|
||||||
|
+
|
||||||
|
+ cev = (XCrossingEvent*)ev;
|
||||||
|
+
|
||||||
|
+ if (cev->window != cev->root)
|
||||||
|
+ return false;
|
||||||
|
+
|
||||||
|
+ return setCursor();
|
||||||
|
+ } else if (ev->type == LeaveNotify) {
|
||||||
|
+ XCrossingEvent* cev;
|
||||||
|
+
|
||||||
|
+ if (!running)
|
||||||
|
+ return true;
|
||||||
|
+
|
||||||
|
+ cev = (XCrossingEvent*)ev;
|
||||||
|
+
|
||||||
|
+ if (cev->window == cev->root)
|
||||||
|
+ return false;
|
||||||
|
+
|
||||||
|
+ server->setCursor(0, 0, Point(), NULL);
|
||||||
|
+ return true;
|
||||||
|
+#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
|
@ -0,0 +1,34 @@
|
||||||
|
From 2daf4126882f82b6e392dfbae87205dbdc559c3d Mon Sep 17 00:00:00 2001
|
||||||
|
From: Pierre Ossman <ossman@cendio.se>
|
||||||
|
Date: Thu, 23 Dec 2021 15:58:00 +0100
|
||||||
|
Subject: [PATCH] Fix typo in mirror monitor detection
|
||||||
|
|
||||||
|
Bug introduced in fb561eb but still somehow passed manual testing.
|
||||||
|
Resulted in some stray reads off the end of the stack, which were
|
||||||
|
hopefully harmless.
|
||||||
|
---
|
||||||
|
vncviewer/MonitorIndicesParameter.cxx | 8 ++++----
|
||||||
|
1 file changed, 4 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/vncviewer/MonitorIndicesParameter.cxx b/vncviewer/MonitorIndicesParameter.cxx
|
||||||
|
index 5130831cb..4ac74dd1a 100644
|
||||||
|
--- a/vncviewer/MonitorIndicesParameter.cxx
|
||||||
|
+++ b/vncviewer/MonitorIndicesParameter.cxx
|
||||||
|
@@ -211,13 +211,13 @@ std::vector<MonitorIndicesParameter::Monitor> MonitorIndicesParameter::fetchMoni
|
||||||
|
// Only keep a single entry for mirrored screens
|
||||||
|
match = false;
|
||||||
|
for (int j = 0; j < ((int) monitors.size()); j++) {
|
||||||
|
- if (monitors[i].x != monitor.x)
|
||||||
|
+ if (monitors[j].x != monitor.x)
|
||||||
|
continue;
|
||||||
|
- if (monitors[i].y != monitor.y)
|
||||||
|
+ if (monitors[j].y != monitor.y)
|
||||||
|
continue;
|
||||||
|
- if (monitors[i].w != monitor.w)
|
||||||
|
+ if (monitors[j].w != monitor.w)
|
||||||
|
continue;
|
||||||
|
- if (monitors[i].h != monitor.h)
|
||||||
|
+ if (monitors[j].h != monitor.h)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
match = true;
|
|
@ -0,0 +1,25 @@
|
||||||
|
From faf81b4b238e24fe29eb53f885a25367e212dd7b Mon Sep 17 00:00:00 2001
|
||||||
|
From: Zdenek Pytela <zpytela@redhat.com>
|
||||||
|
Date: Mon, 7 Feb 2022 10:45:41 +0100
|
||||||
|
Subject: [PATCH] SELinux: use /root/.vnc in file context specification
|
||||||
|
|
||||||
|
Instead of HOME_ROOT/.vnc, /root/.vnc should be used
|
||||||
|
for user root's home to specify default file context
|
||||||
|
as HOME_ROOT actually means base for home dirs (usually /home).
|
||||||
|
---
|
||||||
|
unix/vncserver/selinux/vncsession.fc | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/unix/vncserver/selinux/vncsession.fc b/unix/vncserver/selinux/vncsession.fc
|
||||||
|
index 6aaf4b1f4..bc81f8f25 100644
|
||||||
|
--- a/unix/vncserver/selinux/vncsession.fc
|
||||||
|
+++ b/unix/vncserver/selinux/vncsession.fc
|
||||||
|
@@ -18,7 +18,7 @@
|
||||||
|
#
|
||||||
|
|
||||||
|
HOME_DIR/\.vnc(/.*)? gen_context(system_u:object_r:vnc_home_t,s0)
|
||||||
|
-HOME_ROOT/\.vnc(/.*)? gen_context(system_u:object_r:vnc_home_t,s0)
|
||||||
|
+/root/\.vnc(/.*)? gen_context(system_u:object_r:vnc_home_t,s0)
|
||||||
|
|
||||||
|
/usr/sbin/vncsession -- gen_context(system_u:object_r:vnc_session_exec_t,s0)
|
||||||
|
/usr/libexec/vncsession-start -- gen_context(system_u:object_r:vnc_session_exec_t,s0)
|
|
@ -0,0 +1,81 @@
|
||||||
|
From d2d52704624ce841f4a392fccd82079d87ff13b6 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jan Grulich <jgrulich@redhat.com>
|
||||||
|
Date: Thu, 11 Nov 2021 13:52:41 +0100
|
||||||
|
Subject: [PATCH] SELinux: restore SELinux context in case of different
|
||||||
|
policies
|
||||||
|
|
||||||
|
---
|
||||||
|
CMakeLists.txt | 13 +++++++++++++
|
||||||
|
unix/vncserver/CMakeLists.txt | 2 +-
|
||||||
|
unix/vncserver/vncsession.c | 16 ++++++++++++++++
|
||||||
|
3 files changed, 30 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/CMakeLists.txt b/CMakeLists.txt
|
||||||
|
index 50247c7da..1708eb3d8 100644
|
||||||
|
--- a/CMakeLists.txt
|
||||||
|
+++ b/CMakeLists.txt
|
||||||
|
@@ -268,6 +268,19 @@ if(UNIX AND NOT APPLE)
|
||||||
|
endif()
|
||||||
|
endif()
|
||||||
|
|
||||||
|
+# Check for SELinux library
|
||||||
|
+if(UNIX AND NOT APPLE)
|
||||||
|
+ check_include_files(selinux/selinux.h HAVE_SELINUX_H)
|
||||||
|
+ if(HAVE_SELINUX_H)
|
||||||
|
+ set(CMAKE_REQUIRED_LIBRARIES -lselinux)
|
||||||
|
+ set(CMAKE_REQUIRED_LIBRARIES)
|
||||||
|
+ set(SELINUX_LIBS selinux)
|
||||||
|
+ add_definitions("-DHAVE_SELINUX")
|
||||||
|
+ else()
|
||||||
|
+ message(WARNING "Could not find SELinux development files")
|
||||||
|
+ endif()
|
||||||
|
+endif()
|
||||||
|
+
|
||||||
|
# Generate config.h and make sure the source finds it
|
||||||
|
configure_file(config.h.in config.h)
|
||||||
|
add_definitions(-DHAVE_CONFIG_H)
|
||||||
|
diff --git a/unix/vncserver/CMakeLists.txt b/unix/vncserver/CMakeLists.txt
|
||||||
|
index f65ccc7db..ae69dc098 100644
|
||||||
|
--- a/unix/vncserver/CMakeLists.txt
|
||||||
|
+++ b/unix/vncserver/CMakeLists.txt
|
||||||
|
@@ -1,5 +1,5 @@
|
||||||
|
add_executable(vncsession vncsession.c)
|
||||||
|
-target_link_libraries(vncsession ${PAM_LIBS})
|
||||||
|
+target_link_libraries(vncsession ${PAM_LIBS} ${SELINUX_LIBS})
|
||||||
|
|
||||||
|
configure_file(vncserver@.service.in vncserver@.service @ONLY)
|
||||||
|
configure_file(vncsession-start.in vncsession-start @ONLY)
|
||||||
|
diff --git a/unix/vncserver/vncsession.c b/unix/vncserver/vncsession.c
|
||||||
|
index 3573e5e9b..f6d2fd59e 100644
|
||||||
|
--- a/unix/vncserver/vncsession.c
|
||||||
|
+++ b/unix/vncserver/vncsession.c
|
||||||
|
@@ -37,6 +37,11 @@
|
||||||
|
#include <sys/types.h>
|
||||||
|
#include <sys/wait.h>
|
||||||
|
|
||||||
|
+#ifdef HAVE_SELINUX
|
||||||
|
+#include <selinux/selinux.h>
|
||||||
|
+#include <selinux/restorecon.h>
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
extern char **environ;
|
||||||
|
|
||||||
|
// PAM service name
|
||||||
|
@@ -360,6 +365,17 @@ redir_stdio(const char *homedir, const char *display)
|
||||||
|
syslog(LOG_CRIT, "Failure creating \"%s\": %s", logfile, strerror(errno));
|
||||||
|
_exit(EX_OSERR);
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+#ifdef HAVE_SELINUX
|
||||||
|
+ int result;
|
||||||
|
+ if (selinux_file_context_verify(logfile, 0) == 0) {
|
||||||
|
+ result = selinux_restorecon(logfile, SELINUX_RESTORECON_RECURSE);
|
||||||
|
+
|
||||||
|
+ if (result < 0) {
|
||||||
|
+ syslog(LOG_WARNING, "Failure restoring SELinux context for \"%s\": %s", logfile, strerror(errno));
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
hostlen = sysconf(_SC_HOST_NAME_MAX);
|
|
@ -1,135 +0,0 @@
|
||||||
diff --git a/common/rfb/SSecurityPlain.cxx b/common/rfb/SSecurityPlain.cxx
|
|
||||||
index 6f65e87..3142ba3 100644
|
|
||||||
--- a/common/rfb/SSecurityPlain.cxx
|
|
||||||
+++ b/common/rfb/SSecurityPlain.cxx
|
|
||||||
@@ -27,6 +27,8 @@
|
|
||||||
#include <rdr/InStream.h>
|
|
||||||
#if !defined(WIN32) && !defined(__APPLE__)
|
|
||||||
#include <rfb/UnixPasswordValidator.h>
|
|
||||||
+#include <unistd.h>
|
|
||||||
+#include <pwd.h>
|
|
||||||
#endif
|
|
||||||
#ifdef WIN32
|
|
||||||
#include <rfb/WinPasswdValidator.h>
|
|
||||||
@@ -45,21 +47,22 @@ StringParameter PasswordValidator::plainUsers
|
|
||||||
|
|
||||||
bool PasswordValidator::validUser(const char* username)
|
|
||||||
{
|
|
||||||
- CharArray users(plainUsers.getValueStr()), user;
|
|
||||||
+ std::vector<std::string> users;
|
|
||||||
|
|
||||||
- while (users.buf) {
|
|
||||||
- strSplit(users.buf, ',', &user.buf, &users.buf);
|
|
||||||
-#ifdef WIN32
|
|
||||||
- if (0 == stricmp(user.buf, "*"))
|
|
||||||
- return true;
|
|
||||||
- if (0 == stricmp(user.buf, username))
|
|
||||||
- return true;
|
|
||||||
-#else
|
|
||||||
- if (!strcmp(user.buf, "*"))
|
|
||||||
- return true;
|
|
||||||
- if (!strcmp(user.buf, username))
|
|
||||||
- return true;
|
|
||||||
+ users = split(plainUsers, ',');
|
|
||||||
+
|
|
||||||
+ for (size_t i = 0; i < users.size(); i++) {
|
|
||||||
+ if (users[i] == "*")
|
|
||||||
+ return true;
|
|
||||||
+#if !defined(WIN32) && !defined(__APPLE__)
|
|
||||||
+ if (users[i] == "%u") {
|
|
||||||
+ struct passwd *pw = getpwnam(username);
|
|
||||||
+ if (pw && pw->pw_uid == getuid())
|
|
||||||
+ return true;
|
|
||||||
+ }
|
|
||||||
#endif
|
|
||||||
+ if (users[i] == username)
|
|
||||||
+ return true;
|
|
||||||
}
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
diff --git a/common/rfb/util.cxx b/common/rfb/util.cxx
|
|
||||||
index 649eb0b..cce73a0 100644
|
|
||||||
--- a/common/rfb/util.cxx
|
|
||||||
+++ b/common/rfb/util.cxx
|
|
||||||
@@ -99,6 +99,26 @@ namespace rfb {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
+ std::vector<std::string> split(const char* src,
|
|
||||||
+ const char delimiter)
|
|
||||||
+ {
|
|
||||||
+ std::vector<std::string> out;
|
|
||||||
+ const char *start, *stop;
|
|
||||||
+
|
|
||||||
+ start = src;
|
|
||||||
+ do {
|
|
||||||
+ stop = strchr(start, delimiter);
|
|
||||||
+ if (stop == NULL) {
|
|
||||||
+ out.push_back(start);
|
|
||||||
+ } else {
|
|
||||||
+ out.push_back(std::string(start, stop-start));
|
|
||||||
+ start = stop + 1;
|
|
||||||
+ }
|
|
||||||
+ } while (stop != NULL);
|
|
||||||
+
|
|
||||||
+ return out;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
bool strContains(const char* src, char c) {
|
|
||||||
int l=strlen(src);
|
|
||||||
for (int i=0; i<l; i++)
|
|
||||||
diff --git a/common/rfb/util.h b/common/rfb/util.h
|
|
||||||
index f0ac9ef..ed15c28 100644
|
|
||||||
--- a/common/rfb/util.h
|
|
||||||
+++ b/common/rfb/util.h
|
|
||||||
@@ -27,6 +27,9 @@
|
|
||||||
#include <limits.h>
|
|
||||||
#include <string.h>
|
|
||||||
|
|
||||||
+#include <string>
|
|
||||||
+#include <vector>
|
|
||||||
+
|
|
||||||
struct timeval;
|
|
||||||
|
|
||||||
#ifdef __GNUC__
|
|
||||||
@@ -76,6 +79,10 @@ namespace rfb {
|
|
||||||
// that part of the string. Obviously, setting both to 0 is not useful...
|
|
||||||
bool strSplit(const char* src, const char limiter, char** out1, char** out2, bool fromEnd=false);
|
|
||||||
|
|
||||||
+ // Splits a string with the specified delimiter
|
|
||||||
+ std::vector<std::string> split(const char* src,
|
|
||||||
+ const char delimiter);
|
|
||||||
+
|
|
||||||
// Returns true if src contains c
|
|
||||||
bool strContains(const char* src, char c);
|
|
||||||
|
|
||||||
diff --git a/unix/x0vncserver/x0vncserver.man b/unix/x0vncserver/x0vncserver.man
|
|
||||||
index c36ae34..78db730 100644
|
|
||||||
--- a/unix/x0vncserver/x0vncserver.man
|
|
||||||
+++ b/unix/x0vncserver/x0vncserver.man
|
|
||||||
@@ -125,8 +125,8 @@ parameter instead.
|
|
||||||
.B \-PlainUsers \fIuser-list\fP
|
|
||||||
A comma separated list of user names that are allowed to authenticate via
|
|
||||||
any of the "Plain" security types (Plain, TLSPlain, etc.). Specify \fB*\fP
|
|
||||||
-to allow any user to authenticate using this security type. Default is to
|
|
||||||
-deny all users.
|
|
||||||
+to allow any user to authenticate using this security type. Specify \fB%u\fP
|
|
||||||
+to allow the user of the server process. Default is to deny all users.
|
|
||||||
.
|
|
||||||
.TP
|
|
||||||
.B \-pam_service \fIname\fP, \-PAMService \fIname\fP
|
|
||||||
diff --git a/unix/xserver/hw/vnc/Xvnc.man b/unix/xserver/hw/vnc/Xvnc.man
|
|
||||||
index ea87dea..e9fb654 100644
|
|
||||||
--- a/unix/xserver/hw/vnc/Xvnc.man
|
|
||||||
+++ b/unix/xserver/hw/vnc/Xvnc.man
|
|
||||||
@@ -200,8 +200,8 @@ parameter instead.
|
|
||||||
.B \-PlainUsers \fIuser-list\fP
|
|
||||||
A comma separated list of user names that are allowed to authenticate via
|
|
||||||
any of the "Plain" security types (Plain, TLSPlain, etc.). Specify \fB*\fP
|
|
||||||
-to allow any user to authenticate using this security type. Default is to
|
|
||||||
-deny all users.
|
|
||||||
+to allow any user to authenticate using this security type. Specify \fB%u\fP
|
|
||||||
+to allow the user of the server process. Default is to deny all users.
|
|
||||||
.
|
|
||||||
.TP
|
|
||||||
.B \-pam_service \fIname\fP, \-PAMService \fIname\fP
|
|
|
@ -1,17 +0,0 @@
|
||||||
diff --git a/unix/xserver/hw/vnc/xvnc.c b/unix/xserver/hw/vnc/xvnc.c
|
|
||||||
index f8141959..c5c36539 100644
|
|
||||||
--- a/unix/xserver/hw/vnc/xvnc.c
|
|
||||||
+++ b/unix/xserver/hw/vnc/xvnc.c
|
|
||||||
@@ -366,8 +366,10 @@ ddxProcessArgument(int argc, char *argv[], int i)
|
|
||||||
if (strcmp(argv[i], "-inetd") == 0) {
|
|
||||||
int nullfd;
|
|
||||||
|
|
||||||
- dup2(0, 3);
|
|
||||||
- vncInetdSock = 3;
|
|
||||||
+ if ((vncInetdSock = dup(0)) == -1)
|
|
||||||
+ FatalError
|
|
||||||
+ ("Xvnc error: failed to allocate a new file descriptor for -inetd: %s\n", strerror(errno));
|
|
||||||
+
|
|
||||||
|
|
||||||
/* Avoid xserver >= 1.19's epoll-fd becoming fd 2 / stderr only to be
|
|
||||||
replaced by /dev/null by OsInit() because the pollfd is not
|
|
|
@ -121,7 +121,7 @@ if ($fontPath eq "") {
|
||||||
# Check command line options
|
# Check command line options
|
||||||
|
|
||||||
&ParseOptions("-geometry",1,"-depth",1,"-pixelformat",1,"-name",1,"-kill",1,
|
&ParseOptions("-geometry",1,"-depth",1,"-pixelformat",1,"-name",1,"-kill",1,
|
||||||
"-help",0,"-h",0,"--help",0,"-fp",1,"-list",0,"-fg",0,"-autokill",0,"-noxstartup",0,"-xstartup",1,"-fallbacktofreeport",0);
|
"-help",0,"-h",0,"--help",0,"-fp",1,"-list",0,"-fg",0,"-autokill",0,"-noxstartup",0,"-xstartup",1);
|
||||||
|
|
||||||
&Usage() if ($opt{'-help'} || $opt{'-h'} || $opt{'--help'});
|
&Usage() if ($opt{'-help'} || $opt{'-h'} || $opt{'--help'});
|
||||||
|
|
||||||
|
@ -168,13 +168,8 @@ if ((@ARGV > 0) && ($ARGV[0] =~ /^:(\d+)$/)) {
|
||||||
$displayNumber = $1;
|
$displayNumber = $1;
|
||||||
shift(@ARGV);
|
shift(@ARGV);
|
||||||
if (!&CheckDisplayNumber($displayNumber)) {
|
if (!&CheckDisplayNumber($displayNumber)) {
|
||||||
if ($opt{'-fallbacktofreeport'}) {
|
warn "A VNC server is already running as :$displayNumber\n";
|
||||||
warn "A VNC server is already running as :$displayNumber\n";
|
$displayNumber = &GetDisplayNumber();
|
||||||
$displayNumber = &GetDisplayNumber();
|
|
||||||
warn "Using port :$displayNumber as fallback\n";
|
|
||||||
} else {
|
|
||||||
die "A VNC server is already running as :$displayNumber\n";
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
} elsif ((@ARGV > 0) && ($ARGV[0] !~ /^-/) && ($ARGV[0] !~ /^\+/)) {
|
} elsif ((@ARGV > 0) && ($ARGV[0] !~ /^-/) && ($ARGV[0] !~ /^\+/)) {
|
||||||
&Usage();
|
&Usage();
|
||||||
|
@ -680,7 +675,6 @@ sub Usage
|
||||||
" [-autokill]\n".
|
" [-autokill]\n".
|
||||||
" [-noxstartup]\n".
|
" [-noxstartup]\n".
|
||||||
" [-xstartup <file>]\n".
|
" [-xstartup <file>]\n".
|
||||||
" [-fallbacktofreeport]\n".
|
|
||||||
" <Xvnc-options>...\n\n".
|
" <Xvnc-options>...\n\n".
|
||||||
" $prog -kill <X-display>\n\n".
|
" $prog -kill <X-display>\n\n".
|
||||||
" $prog -list\n\n");
|
" $prog -list\n\n");
|
||||||
|
|
|
@ -1,72 +0,0 @@
|
||||||
From 337d8d48b618d4fc0168a7b978be4c3447650b04 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Olivier Fourdan <ofourdan@redhat.com>
|
|
||||||
Date: Fri, 5 Apr 2024 15:24:49 +0200
|
|
||||||
Subject: [PATCH] render: Avoid possible double-free in ProcRenderAddGlyphs()
|
|
||||||
|
|
||||||
ProcRenderAddGlyphs() adds the glyph to the glyphset using AddGlyph() and
|
|
||||||
then frees it using FreeGlyph() to decrease the reference count, after
|
|
||||||
AddGlyph() has increased it.
|
|
||||||
|
|
||||||
AddGlyph() however may chose to reuse an existing glyph if it's already
|
|
||||||
in the glyphSet, and free the glyph that was given, in which case the
|
|
||||||
caller function, ProcRenderAddGlyphs() will call FreeGlyph() on an
|
|
||||||
already freed glyph, as reported by ASan:
|
|
||||||
|
|
||||||
READ of size 4 thread T0
|
|
||||||
#0 in FreeGlyph xserver/render/glyph.c:252
|
|
||||||
#1 in ProcRenderAddGlyphs xserver/render/render.c:1174
|
|
||||||
#2 in Dispatch xserver/dix/dispatch.c:546
|
|
||||||
#3 in dix_main xserver/dix/main.c:271
|
|
||||||
#4 in main xserver/dix/stubmain.c:34
|
|
||||||
#5 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
|
|
||||||
#6 in __libc_start_main_impl ../csu/libc-start.c:360
|
|
||||||
#7 (/usr/bin/Xwayland+0x44fe4)
|
|
||||||
Address is located 0 bytes inside of 64-byte region
|
|
||||||
freed by thread T0 here:
|
|
||||||
#0 in __interceptor_free libsanitizer/asan/asan_malloc_linux.cpp:52
|
|
||||||
#1 in _dixFreeObjectWithPrivates xserver/dix/privates.c:538
|
|
||||||
#2 in AddGlyph xserver/render/glyph.c:295
|
|
||||||
#3 in ProcRenderAddGlyphs xserver/render/render.c:1173
|
|
||||||
#4 in Dispatch xserver/dix/dispatch.c:546
|
|
||||||
#5 in dix_main xserver/dix/main.c:271
|
|
||||||
#6 in main xserver/dix/stubmain.c:34
|
|
||||||
#7 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
|
|
||||||
previously allocated by thread T0 here:
|
|
||||||
#0 in __interceptor_malloc libsanitizer/asan/asan_malloc_linux.cpp:69
|
|
||||||
#1 in AllocateGlyph xserver/render/glyph.c:355
|
|
||||||
#2 in ProcRenderAddGlyphs xserver/render/render.c:1085
|
|
||||||
#3 in Dispatch xserver/dix/dispatch.c:546
|
|
||||||
#4 in dix_main xserver/dix/main.c:271
|
|
||||||
#5 in main xserver/dix/stubmain.c:34
|
|
||||||
#6 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
|
|
||||||
SUMMARY: AddressSanitizer: heap-use-after-free xserver/render/glyph.c:252 in FreeGlyph
|
|
||||||
|
|
||||||
To avoid that, make sure not to free the given glyph in AddGlyph().
|
|
||||||
|
|
||||||
v2: Simplify the test using the boolean returned from AddGlyph() (Michel)
|
|
||||||
v3: Simplify even more by not freeing the glyph in AddGlyph() (Peter)
|
|
||||||
|
|
||||||
Fixes: bdca6c3d1 - render: fix refcounting of glyphs during ProcRenderAddGlyphs
|
|
||||||
Closes: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1659
|
|
||||||
Signed-off-by: Olivier Fourdan <ofourdan@redhat.com>
|
|
||||||
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1476>
|
|
||||||
---
|
|
||||||
render/glyph.c | 2 --
|
|
||||||
1 file changed, 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/render/glyph.c b/render/glyph.c
|
|
||||||
index 13991f8a1..5fa7f3b5b 100644
|
|
||||||
--- a/render/glyph.c
|
|
||||||
+++ b/render/glyph.c
|
|
||||||
@@ -291,8 +291,6 @@ AddGlyph(GlyphSetPtr glyphSet, GlyphPtr glyph, Glyph id)
|
|
||||||
gr = FindGlyphRef(&globalGlyphs[glyphSet->fdepth], signature,
|
|
||||||
TRUE, glyph->sha1);
|
|
||||||
if (gr->glyph && gr->glyph != DeletedGlyph && gr->glyph != glyph) {
|
|
||||||
- FreeGlyphPicture(glyph);
|
|
||||||
- dixFreeObjectWithPrivates(glyph, PRIVATE_GLYPH);
|
|
||||||
glyph = gr->glyph;
|
|
||||||
}
|
|
||||||
else if (gr->glyph != glyph) {
|
|
||||||
--
|
|
||||||
2.44.0
|
|
||||||
|
|
|
@ -4,8 +4,8 @@
|
||||||
%global modulename vncsession
|
%global modulename vncsession
|
||||||
|
|
||||||
Name: tigervnc
|
Name: tigervnc
|
||||||
Version: 1.13.1
|
Version: 1.12.0
|
||||||
Release: 10%{?dist}
|
Release: 9%{?dist}
|
||||||
Summary: A TigerVNC remote display system
|
Summary: A TigerVNC remote display system
|
||||||
|
|
||||||
%global _hardened_build 1
|
%global _hardened_build 1
|
||||||
|
@ -21,73 +21,47 @@ Source3: 10-libvnc.conf
|
||||||
# Backwards compatibility
|
# Backwards compatibility
|
||||||
Source5: vncserver
|
Source5: vncserver
|
||||||
|
|
||||||
# Downstream patches
|
|
||||||
Patch1: tigervnc-use-gnome-as-default-session.patch
|
Patch1: tigervnc-use-gnome-as-default-session.patch
|
||||||
Patch2: tigervnc-vncsession-restore-script-systemd-service.patch
|
|
||||||
Patch3: tigervnc-dont-install-appstream-metadata-file.patch
|
|
||||||
|
|
||||||
# Upstream patches
|
# Upstream patches
|
||||||
Patch50: tigervnc-support-username-alias-in-plainusers.patch
|
Patch50: tigervnc-selinux-restore-context-in-case-of-different-policies.patch
|
||||||
Patch51: tigervnc-use-dup-to-get-available-fd-for-inetd.patch
|
Patch51: tigervnc-fix-typo-in-mirror-monitor-detection.patch
|
||||||
|
Patch52: tigervnc-root-user-selinux-context.patch
|
||||||
# Upstreamable patches
|
Patch53: tigervnc-vncsession-restore-script-systemd-service.patch
|
||||||
Patch80: tigervnc-dont-get-pointer-position-for-floating-device.patch
|
# https://github.com/TigerVNC/tigervnc/pull/1513
|
||||||
|
Patch54: tigervnc-fix-ghost-cursor-in-zaphod-mode.patch
|
||||||
|
# https://github.com/TigerVNC/tigervnc/pull/1510
|
||||||
|
Patch55: tigervnc-add-new-keycodes-for-unknown-keysyms.patch
|
||||||
|
|
||||||
# This is tigervnc-%%{version}/unix/xserver116.patch rebased on the latest xorg
|
# This is tigervnc-%%{version}/unix/xserver116.patch rebased on the latest xorg
|
||||||
Patch100: tigervnc-xserver120.patch
|
Patch100: tigervnc-xserver120.patch
|
||||||
# 1326867 - [RHEL7.3] GLX applications in an Xvnc session fails to start
|
# 1326867 - [RHEL7.3] GLX applications in an Xvnc session fails to start
|
||||||
Patch101: 0001-rpath-hack.patch
|
Patch101: 0001-rpath-hack.patch
|
||||||
|
|
||||||
# XServer patches
|
# Upstreamable patches
|
||||||
Patch200: xorg-CVE-2024-31083-followup.patch
|
|
||||||
|
|
||||||
BuildRequires: make
|
|
||||||
BuildRequires: gcc-c++
|
BuildRequires: gcc-c++
|
||||||
BuildRequires: gettext
|
BuildRequires: libX11-devel, automake, autoconf, libtool, gettext, gettext-autopoint
|
||||||
BuildRequires: cmake
|
BuildRequires: libXext-devel, xorg-x11-server-source, libXi-devel
|
||||||
|
BuildRequires: xorg-x11-xtrans-devel, xorg-x11-util-macros, libXtst-devel
|
||||||
BuildRequires: gnutls-devel
|
BuildRequires: libxkbfile-devel, openssl-devel, libpciaccess-devel
|
||||||
BuildRequires: desktop-file-utils
|
BuildRequires: mesa-libGL-devel, libXinerama-devel, xorg-x11-font-utils
|
||||||
BuildRequires: libappstream-glib
|
BuildRequires: freetype-devel, libXdmcp-devel, libxshmfence-devel
|
||||||
BuildRequires: libjpeg-turbo-devel
|
BuildRequires: libjpeg-turbo-devel, gnutls-devel, pam-devel
|
||||||
BuildRequires: openssl-devel
|
BuildRequires: libdrm-devel, libXt-devel, pixman-devel
|
||||||
BuildRequires: pam-devel
|
BuildRequires: systemd, cmake, desktop-file-utils
|
||||||
BuildRequires: zlib-devel
|
BuildRequires: libselinux-devel, selinux-policy-devel
|
||||||
|
BuildRequires: libXfixes-devel, libXdamage-devel, libXrandr-devel
|
||||||
|
%if 0%{?fedora} > 24 || 0%{?rhel} >= 7
|
||||||
|
BuildRequires: libXfont2-devel
|
||||||
|
%else
|
||||||
|
BuildRequires: libXfont-devel
|
||||||
|
%endif
|
||||||
|
|
||||||
# TigerVNC 1.4.x requires fltk 1.3.3 for keyboard handling support
|
# TigerVNC 1.4.x requires fltk 1.3.3 for keyboard handling support
|
||||||
# See https://github.com/TigerVNC/tigervnc/issues/8, also bug #1208814
|
# See https://github.com/TigerVNC/tigervnc/issues/8, also bug #1208814
|
||||||
BuildRequires: fltk-devel >= 1.3.3
|
BuildRequires: fltk-devel >= 1.3.3
|
||||||
BuildRequires: libX11-devel
|
|
||||||
BuildRequires: libXext-devel
|
|
||||||
BuildRequires: libXi-devel
|
|
||||||
BuildRequires: libXrandr-devel
|
|
||||||
BuildRequires: libXrender-devel
|
|
||||||
BuildRequires: pixman-devel
|
|
||||||
|
|
||||||
# X11/graphics dependencies
|
|
||||||
BuildRequires: autoconf
|
|
||||||
BuildRequires: automake
|
|
||||||
BuildRequires: gettext-autopoint
|
|
||||||
BuildRequires: libXdamage-devel
|
|
||||||
BuildRequires: libXdmcp-devel
|
|
||||||
BuildRequires: libXfixes-devel
|
|
||||||
BuildRequires: libXfont2-devel
|
|
||||||
BuildRequires: libXinerama-devel
|
|
||||||
BuildRequires: libXt-devel
|
|
||||||
BuildRequires: libXtst-devel
|
|
||||||
BuildRequires: libdrm-devel
|
|
||||||
BuildRequires: libtool
|
|
||||||
BuildRequires: libxkbfile-devel
|
|
||||||
BuildRequires: libxshmfence-devel
|
|
||||||
BuildRequires: mesa-libGL-devel
|
|
||||||
BuildRequires: xorg-x11-font-utils
|
|
||||||
BuildRequires: xorg-x11-server-devel
|
BuildRequires: xorg-x11-server-devel
|
||||||
BuildRequires: xorg-x11-server-source
|
|
||||||
BuildRequires: xorg-x11-util-macros
|
|
||||||
BuildRequires: xorg-x11-xtrans-devel
|
|
||||||
|
|
||||||
# SELinux
|
|
||||||
BuildRequires: libselinux-devel, selinux-policy-devel, systemd
|
|
||||||
|
|
||||||
Requires(post): coreutils
|
Requires(post): coreutils
|
||||||
Requires(postun):coreutils
|
Requires(postun):coreutils
|
||||||
|
@ -187,19 +161,18 @@ for all in `find . -type f -perm -001`; do
|
||||||
done
|
done
|
||||||
%patch100 -p1 -b .xserver120-rebased
|
%patch100 -p1 -b .xserver120-rebased
|
||||||
%patch101 -p1 -b .rpath
|
%patch101 -p1 -b .rpath
|
||||||
%patch200 -p1 -b .xorg-CVE-2024-31083-followup
|
|
||||||
popd
|
popd
|
||||||
|
|
||||||
%patch1 -p1 -b .use-gnome-as-default-session
|
%patch1 -p1 -b .use-gnome-as-default-session
|
||||||
%patch2 -p1 -b .vncsession-restore-script-systemd-service
|
|
||||||
%patch3 -p1 -b .dont-install-appstream-metadata-file.patch
|
|
||||||
|
|
||||||
# Upstream patches
|
# Upstream patches
|
||||||
%patch50 -p1 -b .support-username-alias-in-plainusers
|
%patch50 -p1 -b .selinux-restore-context-in-case-of-different-policies
|
||||||
%patch51 -p1 -b .use-dup-to-get-available-fd-for-inetd
|
%patch51 -p1 -b .fix-typo-in-mirror-monitor-detection
|
||||||
|
%patch52 -p1 -b .root-user-selinux-context
|
||||||
|
%patch53 -p1 -b .vncsession-restore-script-systemd-service
|
||||||
|
%patch54 -p1 -b .fix-ghost-cursor-in-zaphod-mode
|
||||||
|
%patch55 -p1 -b .add-new-keycodes-for-unknown-keysyms
|
||||||
|
|
||||||
# Upstreamable patches
|
|
||||||
%patch80 -p1 -b .dont-get-pointer-position-for-floating-device
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%ifarch sparcv9 sparc64 s390 s390x
|
%ifarch sparcv9 sparc64 s390 s390x
|
||||||
|
@ -265,7 +238,7 @@ install -m644 %{SOURCE2} %{buildroot}%{_unitdir}/xvnc.socket
|
||||||
mkdir -p %{buildroot}%{_datadir}/icons/hicolor/{16x16,24x24,48x48}/apps
|
mkdir -p %{buildroot}%{_datadir}/icons/hicolor/{16x16,24x24,48x48}/apps
|
||||||
|
|
||||||
pushd media/icons
|
pushd media/icons
|
||||||
for s in 16 22 24 32 48 64 128; do
|
for s in 16 24 48; do
|
||||||
install -m644 tigervnc_$s.png %{buildroot}%{_datadir}/icons/hicolor/${s}x$s/apps/tigervnc.png
|
install -m644 tigervnc_$s.png %{buildroot}%{_datadir}/icons/hicolor/${s}x$s/apps/tigervnc.png
|
||||||
done
|
done
|
||||||
popd
|
popd
|
||||||
|
@ -351,69 +324,9 @@ fi
|
||||||
|
|
||||||
%files selinux
|
%files selinux
|
||||||
%{_datadir}/selinux/packages/%{selinuxtype}/%{modulename}.pp.*
|
%{_datadir}/selinux/packages/%{selinuxtype}/%{modulename}.pp.*
|
||||||
%ghost %verify(not md5 size mode mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{modulename}
|
%ghost %verify(not md5 size mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{modulename}
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Mon Apr 15 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-10
|
|
||||||
- Drop patches that are already part of xorg-x11-server
|
|
||||||
Resolves: RHEL-30755
|
|
||||||
Resolves: RHEL-30767
|
|
||||||
Resolves: RHEL-30761
|
|
||||||
|
|
||||||
* Thu Apr 04 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-9
|
|
||||||
- Fix CVE-2024-31080 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents
|
|
||||||
Resolves: RHEL-30755
|
|
||||||
- Fix CVE-2024-31083 tigervnc: xorg-x11-server: User-after-free in ProcRenderAddGlyphs
|
|
||||||
Resolves: RHEL-30767
|
|
||||||
- Fix CVE-2024-31081 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice
|
|
||||||
Resolves: RHEL-30761
|
|
||||||
|
|
||||||
* Wed Feb 07 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-8
|
|
||||||
- Fix copy/paste error in the DeviceStateNotify
|
|
||||||
Resolves: RHEL-20530
|
|
||||||
|
|
||||||
* Mon Jan 22 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-7
|
|
||||||
- Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice
|
|
||||||
Resolves: RHEL-20388
|
|
||||||
- Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent
|
|
||||||
Resolves: RHEL-20382
|
|
||||||
- Fix CVE-2024-0229 tigervnc: xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
|
|
||||||
Resolves: RHEL-20530
|
|
||||||
- Fix CVE-2023-6816 tigervnc: xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer
|
|
||||||
Resolves: RHEL-21214
|
|
||||||
|
|
||||||
* Mon Jan 08 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-6
|
|
||||||
- Use dup() to get available file descriptor when using -inetd option
|
|
||||||
Resolves: RHEL-21000
|
|
||||||
|
|
||||||
* Mon Dec 18 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-5
|
|
||||||
- Fix CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
|
|
||||||
Resolves: RHEL-18410
|
|
||||||
- Fix CVE-2023-6478 tigervnc: xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty
|
|
||||||
Resolves: RHEL-18422
|
|
||||||
|
|
||||||
* Wed Nov 01 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-4
|
|
||||||
- Fix CVE-2023-5380 tigervnc: xorg-x11-server: Use-after-free bug in DestroyWindow
|
|
||||||
Resolves: RHEL-15236
|
|
||||||
|
|
||||||
- Fix CVE-2023-5367 tigervnc: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty
|
|
||||||
Resolves: RHEL-15230
|
|
||||||
|
|
||||||
* Mon Oct 09 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-3
|
|
||||||
- Support username alias in PlainUsers
|
|
||||||
Resolves: RHEL-4258
|
|
||||||
|
|
||||||
* Tue Apr 11 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-2
|
|
||||||
- xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege
|
|
||||||
Escalation Vulnerability
|
|
||||||
Resolves: bz#2180306
|
|
||||||
|
|
||||||
* Tue Mar 21 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-1
|
|
||||||
- 1.13.1
|
|
||||||
Resolves: bz#2175748
|
|
||||||
- Restore "--fallbacktofreeport" option in the vncserver script
|
|
||||||
Resolves: bz#2174398
|
|
||||||
|
|
||||||
* Thu Dec 08 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-9
|
* Thu Dec 08 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-9
|
||||||
- Bump build version to fix upgrade path
|
- Bump build version to fix upgrade path
|
||||||
Resolves: bz#1437569
|
Resolves: bz#1437569
|
||||||
|
|
Loading…
Reference in New Issue