diff options
| author | richard <richard> | 2016-09-22 11:31:37 +0000 |
|---|---|---|
| committer | richard <richard> | 2016-09-22 11:31:37 +0000 |
| commit | 8a25852259714077223fef6c567f1d3f35428f06 (patch) | |
| tree | c64ef72bda9f2e50645e5867b6728365dea2e3c1 /net | |
| parent | 5779c1c13b8869844f85508026b5b9fdec529e08 (diff) | |
| download | pkgsrc-8a25852259714077223fef6c567f1d3f35428f06.tar.gz | |
Do not use deprecated GnuTLS functions
http://bugzilla.gnome.org/show_bug.cgi?id=648606
require minimally gnutls 2.2.0 for use of currently used functions
since the recent gnutls update, deprecated => obsoleted
fixes build for now, discussing with wiz@ seems reasonable later
to update to the gnome3 version and, if necessary, adding back vino2.
Diffstat (limited to 'net')
| -rw-r--r-- | net/vino/distinfo | 5 | ||||
| -rw-r--r-- | net/vino/patches/patch-aa | 48 | ||||
| -rw-r--r-- | net/vino/patches/patch-server_libvncserver_auth.c | 26 |
3 files changed, 76 insertions, 3 deletions
diff --git a/net/vino/distinfo b/net/vino/distinfo index d9a36118429..2a79b55e789 100644 --- a/net/vino/distinfo +++ b/net/vino/distinfo @@ -1,10 +1,11 @@ -$NetBSD: distinfo,v 1.14 2016/03/24 13:36:52 richard Exp $ +$NetBSD: distinfo,v 1.15 2016/09/22 11:31:37 richard Exp $ SHA1 (vino-2.32.2.tar.bz2) = e457d1c5705607c3cd18b7e6fbb8776b7483c733 RMD160 (vino-2.32.2.tar.bz2) = 1de0923ef33a73dd6a9c4e761291728c552708e8 SHA512 (vino-2.32.2.tar.bz2) = 1205341c83f296f93d948d3b0408a54e9a036abc15ad4e980e9abde8d24ab4a1639ea0d0898d768cf0a01e1ef9e916d907c58d4617534b0dc6860900e1a62a58 Size (vino-2.32.2.tar.bz2) = 856440 bytes -SHA1 (patch-aa) = d240f809769fee144ce0a6057327107ade82ef6c +SHA1 (patch-aa) = b75e056367be66ce2c8ed7cc1ca898737380ed50 SHA1 (patch-ab) = 0c09812fc98bced9938a0460305c7dbcbed40ad3 SHA1 (patch-ad) = 0e1b226e8c5ac5f9e3d3c7270b9a19a2314ef737 +SHA1 (patch-server_libvncserver_auth.c) = 43284ea485bc028fdad7a96e72ff7832f53dd908 SHA1 (patch-server_miniupnp_miniwget.c) = 6612c1a16d955c0e60546209d0e2f47546a976ff diff --git a/net/vino/patches/patch-aa b/net/vino/patches/patch-aa index 1b51b6df70f..c359c9f3cdd 100644 --- a/net/vino/patches/patch-aa +++ b/net/vino/patches/patch-aa @@ -1,7 +1,53 @@ -$NetBSD: patch-aa,v 1.3 2013/08/12 09:36:41 obache Exp $ +$NetBSD: patch-aa,v 1.4 2016/09/22 11:31:37 richard Exp $ + +Do not use deprecated GnuTLS functions +http://bugzilla.gnome.org/show_bug.cgi?id=648606 +require minimally gnutls 2.2.0 for use of currently used functions --- configure.orig 2011-05-02 16:35:08.000000000 +0000 +++ configure +@@ -15322,12 +15322,12 @@ if test -n "$LIBGNUTLS_CFLAGS"; then + pkg_cv_LIBGNUTLS_CFLAGS="$LIBGNUTLS_CFLAGS" + elif test -n "$PKG_CONFIG"; then + if test -n "$PKG_CONFIG" && \ +- { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"gnutls >= 1.0.0\""; } >&5 +- ($PKG_CONFIG --exists --print-errors "gnutls >= 1.0.0") 2>&5 ++ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"gnutls >= 2.2.0\""; } >&5 ++ ($PKG_CONFIG --exists --print-errors "gnutls >= 2.2.0") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then +- pkg_cv_LIBGNUTLS_CFLAGS=`$PKG_CONFIG --cflags "gnutls >= 1.0.0" 2>/dev/null` ++ pkg_cv_LIBGNUTLS_CFLAGS=`$PKG_CONFIG --cflags "gnutls >= 2.2.0" 2>/dev/null` + else + pkg_failed=yes + fi +@@ -15339,11 +15339,11 @@ if test -n "$LIBGNUTLS_LIBS"; then + elif test -n "$PKG_CONFIG"; then + if test -n "$PKG_CONFIG" && \ + { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"gnutls >= 1.0.0\""; } >&5 +- ($PKG_CONFIG --exists --print-errors "gnutls >= 1.0.0") 2>&5 ++ ($PKG_CONFIG --exists --print-errors "gnutls >= 2.2.0") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then +- pkg_cv_LIBGNUTLS_LIBS=`$PKG_CONFIG --libs "gnutls >= 1.0.0" 2>/dev/null` ++ pkg_cv_LIBGNUTLS_LIBS=`$PKG_CONFIG --libs "gnutls >= 2.2.0" 2>/dev/null` + else + pkg_failed=yes + fi +@@ -15363,9 +15363,9 @@ else + _pkg_short_errors_supported=no + fi + if test $_pkg_short_errors_supported = yes; then +- LIBGNUTLS_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors "gnutls >= 1.0.0" 2>&1` ++ LIBGNUTLS_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors "gnutls >= 2.2.0" 2>&1` + else +- LIBGNUTLS_PKG_ERRORS=`$PKG_CONFIG --print-errors "gnutls >= 1.0.0" 2>&1` ++ LIBGNUTLS_PKG_ERRORS=`$PKG_CONFIG --print-errors "gnutls >= 2.2.0" 2>&1` + fi + # Put the nasty error message in config.log where it belongs + echo "$LIBGNUTLS_PKG_ERRORS" >&5 @@ -16129,6 +16129,8 @@ if test "x$ac_cv_header_ifaddrs_h" = "xy cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ diff --git a/net/vino/patches/patch-server_libvncserver_auth.c b/net/vino/patches/patch-server_libvncserver_auth.c new file mode 100644 index 00000000000..ff5e7532ffc --- /dev/null +++ b/net/vino/patches/patch-server_libvncserver_auth.c @@ -0,0 +1,26 @@ +$NetBSD: patch-server_libvncserver_auth.c,v 1.1 2016/09/22 11:31:37 richard Exp $ + +Do not use deprecated GnuTLS functions +http://bugzilla.gnome.org/show_bug.cgi?id=648606 + +--- server/libvncserver/auth.c.orig 2011-05-02 16:07:11.000000000 +0000 ++++ server/libvncserver/auth.c +@@ -64,13 +64,16 @@ rfbAuthCleanupScreen(rfbScreenInfoPtr rf + static rfbBool + rfbAuthTLSHandshake(rfbClientPtr cl) + { +- static const int kx_priority[] = { GNUTLS_KX_ANON_DH, 0 }; ++ /* TODO: Perform non-anonymous key exchange to prevent man-in-the-middle ++ * attacks. */ ++ static const char kx_priority[] = "NORMAL:+ANON-DH"; ++ + int err; + + gnutls_init(&cl->tlsSession, GNUTLS_SERVER); + + gnutls_set_default_priority(cl->tlsSession); +- gnutls_kx_set_priority(cl->tlsSession, kx_priority); ++ gnutls_priority_set_direct(cl->tlsSession, kx_priority, NULL); + + gnutls_credentials_set(cl->tlsSession, + GNUTLS_CRD_ANON, |