pool/tigervnc
SHA256
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Accepting request 627664 from X11:XOrg

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/627664
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/tigervnc?expand=0&rev=53
This commit is contained in:
Dominique Leuenberger 2018-08-07 07:41:41 +00:00 committed by Git OBS Bridge
commit 7942832048
21 changed files with 170 additions and 875 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
10-libvnc.conf
View File

@ -12,7 +12,7 @@
#EndSection
#Section "Screen"
# Identifier "Screen0
# Identifier "Screen0"
# Option "SecurityTypes" "VncAuth"
# Option "PasswordFile" "/root/.vnc/passwd"
#EndSection

87
U_allow_multiple_certs_with_same_dn_in_saved_certs_file.patch
View File

@ -1,87 +0,0 @@
Git-commit: 7fcc8614e1ff8c19fd3a1a275fa5ab6eda28f6bd
Author: "Brian P. Hinz" <bphinz@users.sf.net>
Subject: Allow multiple certs with same DN in saved certs file.
Signed-off-by: Michal Srb <msrb@suse.com>
References: bnc#1041847
diff --git a/java/com/tigervnc/rfb/CSecurityTLS.java b/java/com/tigervnc/rfb/CSecurityTLS.java
index 4b20e0bf..08aa1125 100644
--- a/java/com/tigervnc/rfb/CSecurityTLS.java
+++ b/java/com/tigervnc/rfb/CSecurityTLS.java
@@ -218,9 +218,8 @@ public class CSecurityTLS extends CSecurity {
Collection<? extends Certificate> cacerts =
cf.generateCertificates(caStream);
for (Certificate cert : cacerts) {
- String dn =
- ((X509Certificate)cert).getSubjectX500Principal().getName();
- ks.setCertificateEntry(dn, (X509Certificate)cert);
+ String thumbprint = getThumbprint((X509Certificate)cert);
+ ks.setCertificateEntry(thumbprint, (X509Certificate)cert);
}
}
File cacert = new File(cafile);
@@ -229,9 +228,8 @@ public class CSecurityTLS extends CSecurity {
Collection<? extends Certificate> cacerts =
cf.generateCertificates(caStream);
for (Certificate cert : cacerts) {
- String dn =
- ((X509Certificate)cert).getSubjectX500Principal().getName();
- ks.setCertificateEntry(dn, (X509Certificate)cert);
+ String thumbprint = getThumbprint((X509Certificate)cert);
+ ks.setCertificateEntry(thumbprint, (X509Certificate)cert);
}
}
PKIXBuilderParameters params =
@@ -264,19 +262,13 @@ public class CSecurityTLS extends CSecurity {
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException
{
- MessageDigest md = null;
try {
- md = MessageDigest.getInstance("SHA-1");
verifyHostname(chain[0]);
tm.checkServerTrusted(chain, authType);
} catch (java.lang.Exception e) {
if (e.getCause() instanceof CertPathBuilderException) {
Object[] answer = {"YES", "NO"};
X509Certificate cert = chain[0];
- md.update(cert.getEncoded());
- String thumbprint =
- DatatypeConverter.printHexBinary(md.digest());
- thumbprint = thumbprint.replaceAll("..(?!$)", "$0 ");
int ret = JOptionPane.showOptionDialog(null,
"This certificate has been signed by an unknown authority\n"+
"\n"+
@@ -287,7 +279,7 @@ public class CSecurityTLS extends CSecurity {
" Signature Algorithm: "+cert.getPublicKey().getAlgorithm()+"\n"+
" Not Valid Before: "+cert.getNotBefore()+"\n"+
" Not Valid After: "+cert.getNotAfter()+"\n"+
- " SHA1 Fingerprint: "+thumbprint+"\n"+
+ " SHA1 Fingerprint: "+getThumbprint(cert)+"\n"+
"\n"+
"Do you want to save it and continue?",
"Certificate Issuer Unknown",
@@ -351,6 +343,22 @@ public class CSecurityTLS extends CSecurity {
return tm.getAcceptedIssuers();
}
+ private String getThumbprint(X509Certificate cert)
+ {
+ String thumbprint = null;
+ try {
+ MessageDigest md = MessageDigest.getInstance("SHA-1");
+ md.update(cert.getEncoded());
+ thumbprint = DatatypeConverter.printHexBinary(md.digest());
+ thumbprint = thumbprint.replaceAll("..(?!$)", "$0 ");
+ } catch(CertificateEncodingException e) {
+ throw new SystemException(e.getMessage());
+ } catch(NoSuchAlgorithmException e) {
+ throw new SystemException(e.getMessage());
+ }
+ return thumbprint;
+ }
+
private void verifyHostname(X509Certificate cert)
throws CertificateParsingException
{

131
U_handle_certificate_verification_for_saved_certs_correctly.patch
View File

@ -1,131 +0,0 @@
Git-commit: 79314c2f6abef363a83cc406de5d6628410e53e5
Author: "Brian P. Hinz" <bphinz@users.sf.net>
Subject: Handle certificate verification for saved certs correctly
Signed-off-by: Michal Srb <msrb@suse.com>
References: bnc#1041847
diff --git a/java/com/tigervnc/rfb/CSecurityTLS.java b/java/com/tigervnc/rfb/CSecurityTLS.java
index 08aa1125..733e97d4 100644
--- a/java/com/tigervnc/rfb/CSecurityTLS.java
+++ b/java/com/tigervnc/rfb/CSecurityTLS.java
@@ -3,7 +3,7 @@
* Copyright (C) 2005 Martin Koegler
* Copyright (C) 2010 m-privacy GmbH
* Copyright (C) 2010 TigerVNC Team
- * Copyright (C) 2011-2015 Brian P. Hinz
+ * Copyright (C) 2011-2017 Brian P. Hinz
* Copyright (C) 2015 D. R. Commander. All Rights Reserved.
*
* This is free software; you can redistribute it and/or modify
@@ -211,17 +211,7 @@ public class CSecurityTLS extends CSecurity {
for (TrustManager m : tmf.getTrustManagers())
if (m instanceof X509TrustManager)
for (X509Certificate c : ((X509TrustManager)m).getAcceptedIssuers())
- ks.setCertificateEntry(c.getSubjectX500Principal().getName(), c);
- File castore = new File(FileUtils.getVncHomeDir()+"x509_savedcerts.pem");
- if (castore.exists() && castore.canRead()) {
- InputStream caStream = new MyFileInputStream(castore);
- Collection<? extends Certificate> cacerts =
- cf.generateCertificates(caStream);
- for (Certificate cert : cacerts) {
- String thumbprint = getThumbprint((X509Certificate)cert);
- ks.setCertificateEntry(thumbprint, (X509Certificate)cert);
- }
- }
+ ks.setCertificateEntry(getThumbprint((X509Certificate)c), c);
File cacert = new File(cafile);
if (cacert.exists() && cacert.canRead()) {
InputStream caStream = new MyFileInputStream(cacert);
@@ -262,13 +252,25 @@ public class CSecurityTLS extends CSecurity {
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException
{
+ Collection<? extends Certificate> certs = null;
+ X509Certificate cert = chain[0];
+ String thumbprint = getThumbprint(cert);
+ File vncDir = new File(FileUtils.getVncHomeDir());
+ File certFile = new File(vncDir, "x509_savedcerts.pem");
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ if (vncDir.exists() && certFile.exists() && certFile.canRead()) {
+ InputStream certStream = new MyFileInputStream(certFile);
+ certs = cf.generateCertificates(certStream);
+ for (Certificate c : certs)
+ if (thumbprint.equals(getThumbprint((X509Certificate)c)))
+ return;
+ }
try {
- verifyHostname(chain[0]);
+ verifyHostname(cert);
tm.checkServerTrusted(chain, authType);
} catch (java.lang.Exception e) {
if (e.getCause() instanceof CertPathBuilderException) {
Object[] answer = {"YES", "NO"};
- X509Certificate cert = chain[0];
int ret = JOptionPane.showOptionDialog(null,
"This certificate has been signed by an unknown authority\n"+
"\n"+
@@ -286,13 +288,10 @@ public class CSecurityTLS extends CSecurity {
JOptionPane.YES_NO_OPTION, JOptionPane.WARNING_MESSAGE,
null, answer, answer[0]);
if (ret == JOptionPane.YES_OPTION) {
- Collection<? extends X509Certificate> cacerts = null;
- File vncDir = new File(FileUtils.getVncHomeDir());
- File caFile = new File(vncDir, "x509_savedcerts.pem");
try {
if (!vncDir.exists())
vncDir.mkdir();
- if (!caFile.createNewFile()) {
+ if (!certFile.exists() && !certFile.createNewFile()) {
vlog.error("Certificate save failed.");
return;
}
@@ -301,31 +300,24 @@ public class CSecurityTLS extends CSecurity {
vlog.error("Certificate save failed: "+ioe.getMessage());
return;
}
- InputStream caStream = new MyFileInputStream(caFile);
- CertificateFactory cf =
- CertificateFactory.getInstance("X.509");
- cacerts =
- (Collection <? extends X509Certificate>)cf.generateCertificates(caStream);
- for (int i = 0; i < chain.length; i++) {
- if (cacerts == null || !cacerts.contains(chain[i])) {
- byte[] der = chain[i].getEncoded();
- String pem = DatatypeConverter.printBase64Binary(der);
- pem = pem.replaceAll("(.{64})", "$1\n");
- FileWriter fw = null;
+ if (certs == null || !certs.contains(cert)) {
+ byte[] der = cert.getEncoded();
+ String pem = DatatypeConverter.printBase64Binary(der);
+ pem = pem.replaceAll("(.{64})", "$1\n");
+ FileWriter fw = null;
+ try {
+ fw = new FileWriter(certFile.getAbsolutePath(), true);
+ fw.write("-----BEGIN CERTIFICATE-----\n");
+ fw.write(pem+"\n");
+ fw.write("-----END CERTIFICATE-----\n");
+ } catch (IOException ioe) {
+ throw new Exception(ioe.getMessage());
+ } finally {
try {
- fw = new FileWriter(caFile.getAbsolutePath(), true);
- fw.write("-----BEGIN CERTIFICATE-----\n");
- fw.write(pem+"\n");
- fw.write("-----END CERTIFICATE-----\n");
- } catch (IOException ioe) {
- throw new Exception(ioe.getMessage());
- } finally {
- try {
- if (fw != null)
- fw.close();
- } catch(IOException ioe2) {
- throw new Exception(ioe2.getMessage());
- }
+ if (fw != null)
+ fw.close();
+ } catch(IOException ioe2) {
+ throw new Exception(ioe2.getMessage());
}
}
}

37
U_vncviewer-Fix-fullscreen-scrolling.patch
View File

@ -1,37 +0,0 @@
From e8d25d83463805c0f6ef623dba2ac9a276df3587 Mon Sep 17 00:00:00 2001
From: Luke Shumaker <lukeshu@lukeshu.com>
Date: Tue, 23 May 2017 02:16:27 -0400
Subject: [PATCH] vncviewer: Fix fullscreen scrolling
---
vncviewer/DesktopWindow.cxx | 7 +------
1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/vncviewer/DesktopWindow.cxx b/vncviewer/DesktopWindow.cxx
index 47fe8f89..946b162c 100644
--- a/vncviewer/DesktopWindow.cxx
+++ b/vncviewer/DesktopWindow.cxx
@@ -1120,11 +1120,6 @@ void DesktopWindow::scrollTo(int x, int y)
hscroll->value(x);
vscroll->value(y);
- if (!hscroll->visible())
- x = -viewport->x();
- if (!vscroll->visible())
- y = -viewport->y();
-
// Scrollbar position results in inverse movement of
// the viewport widget
x = -x;
@@ -1189,7 +1184,7 @@ void DesktopWindow::handleEdgeScroll(void *data)
if ((dx == 0) && (dy == 0))
return;
- self->scrollTo(self->hscroll->value() + dx, self->vscroll->value() + dy);
+ self->scrollTo(self->hscroll->value() - dx, self->vscroll->value() - dy);
Fl::repeat_timeout(0.1, handleEdgeScroll, data);
}
--
2.13.6

92
U_vncviewer-Fix-scrollbar-visibility.patch
View File

@ -1,92 +0,0 @@
From 0a8c4d48bbf71b83a575ec89b41aebc4439242ae Mon Sep 17 00:00:00 2001
From: Luke Shumaker <lukeshu@lukeshu.com>
Date: Tue, 23 May 2017 14:03:15 -0400
Subject: [PATCH] vncviewer: Fix scrollbar visibility
Have a window that is sized to the remote screen. Now shrink the window
vertically, making it shorter than the remote screen in one axis. The
vertical scrollbar appears. However, the horizontal scrollbar does not
appear, despite the rightmost ~24 pixels (Fl::scrollbar_size()) being
hidden by the vertical scroll bar.
Fix that.
For clarity, move the fullscreen checks into a separate `if` statement,
rather than keeping the size and fullscreen checks together.
I think the comment does a decent job of explaining and justifying the
check's logic, but if you require further convincing, perhaps this
alternate explanation will help:
The check for the X-axis is
if ((w() - (h() < viewport->h() ? Fl::scrollbar_size() : 0) < viewport->w())
To be a bit more verbose and repetitive, we can split that ternary in to
two separate checks, and add some comments:
if (
(w() - < viewport->w()) // X needs a scrollbar
||
( (w() - Fl::scrollbar_size() < viewport->w()) && (h() < viewport->h()) )
//( X doesn't need a scrollbar unless Y does ) && ( Y does need one ) )
)
Within the "Y does need one" check, we don't need to worry about the
case where `h() - Fl::scrollbar_size() < viewport-h()` is true,
because if both axes are saying "I don't need a scrollbar unless
you do", then neither needs one.
---
vncviewer/DesktopWindow.cxx | 34 +++++++++++++++++++++++++++-------
1 file changed, 27 insertions(+), 7 deletions(-)
diff --git a/vncviewer/DesktopWindow.cxx b/vncviewer/DesktopWindow.cxx
index 47fe8f89..e2ed0887 100644
--- a/vncviewer/DesktopWindow.cxx
+++ b/vncviewer/DesktopWindow.cxx
@@ -1046,15 +1046,35 @@ void DesktopWindow::repositionWidgets()
// Scrollbars visbility
- if (!fullscreen_active() && (w() < viewport->w()))
- hscroll->show();
- else
+ if (fullscreen_active()) {
hscroll->hide();
-
- if (!fullscreen_active() && (h() < viewport->h()))
- vscroll->show();
- else
vscroll->hide();
+ } else {
+ // Decide whether to show a scrollbar by checking if the window
+ // size (possibly minus scrollbar_size) is less than the viewport
+ // (remote framebuffer) size.
+ //
+ // We decide whether to subtract scrollbar_size on an axis by
+ // checking if the other axis *definitely* needs a scrollbar. You
+ // might be tempted to think that this becomes a weird recursive
+ // problem, but it isn't: If the window size is less than the
+ // viewport size (without subtracting the scrollbar_size), then
+ // that axis *definitely* needs a scrollbar; if the check changes
+ // when we subtract scrollbar_size, then that axis only *maybe*
+ // needs a scrollbar. If both axes only "maybe" need a scrollbar,
+ // then neither does; so we don't need to recurse on the "maybe"
+ // cases.
+
+ if (w() - (h() < viewport->h() ? Fl::scrollbar_size() : 0) < viewport->w())
+ hscroll->show();
+ else
+ hscroll->hide();
+
+ if (h() - (w() < viewport->w() ? Fl::scrollbar_size() : 0) < viewport->h())
+ vscroll->show();
+ else
+ vscroll->hide();
+ }
// Scrollbars positions
--
2.13.6

17
n_correct_path_in_desktop_file.patch Normal file
View File

@ -0,0 +1,17 @@
Our /usr/bin/vncviewer is symlink to alternatives. This desktop file is named
specifically "TigerVNC Viewer", so lets start /usr/bin/vncviewer-tigervnc, no
matter what the currently selected alternative is.
Index: tigervnc-1.9.0/vncviewer/vncviewer.desktop.in.in
===================================================================
--- tigervnc-1.9.0.orig/vncviewer/vncviewer.desktop.in.in
+++ tigervnc-1.9.0/vncviewer/vncviewer.desktop.in.in
@@ -2,7 +2,7 @@
Name=TigerVNC Viewer
GenericName=Remote Desktop Viewer
Comment=Connect to VNC server and display remote desktop
-Exec=@BIN_DIR@/vncviewer
+Exec=@BIN_DIR@/vncviewer-tigervnc
Icon=tigervnc
Terminal=false
Type=Application

42
n_tigervnc-date-time.patch
View File

@ -1,47 +1,47 @@
Index: tigervnc-1.8.0/unix/xserver/hw/vnc/buildtime.c
Index: tigervnc-1.9.0/unix/xserver/hw/vnc/buildtime.c
===================================================================
--- tigervnc-1.8.0.orig/unix/xserver/hw/vnc/buildtime.c
+++ tigervnc-1.8.0/unix/xserver/hw/vnc/buildtime.c
--- tigervnc-1.9.0.orig/unix/xserver/hw/vnc/buildtime.c
+++ tigervnc-1.9.0/unix/xserver/hw/vnc/buildtime.c
@@ -15,4 +15,4 @@
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
-char buildtime[] = __DATE__ " " __TIME__;
+char buildtime[] = "??? ?? ???? ??:??:??";
Index: tigervnc-1.8.0/unix/vncconfig/buildtime.c
Index: tigervnc-1.9.0/unix/vncconfig/buildtime.c
===================================================================
--- tigervnc-1.8.0.orig/unix/vncconfig/buildtime.c
+++ tigervnc-1.8.0/unix/vncconfig/buildtime.c
--- tigervnc-1.9.0.orig/unix/vncconfig/buildtime.c
+++ tigervnc-1.9.0/unix/vncconfig/buildtime.c
@@ -15,4 +15,4 @@
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
-char buildtime[] = __DATE__ " " __TIME__;
+char buildtime[] = "??? ?? ???? ??:??:??";
Index: tigervnc-1.8.0/unix/x0vncserver/buildtime.c
Index: tigervnc-1.9.0/unix/x0vncserver/buildtime.c
===================================================================
--- tigervnc-1.8.0.orig/unix/x0vncserver/buildtime.c
+++ tigervnc-1.8.0/unix/x0vncserver/buildtime.c
--- tigervnc-1.9.0.orig/unix/x0vncserver/buildtime.c
+++ tigervnc-1.9.0/unix/x0vncserver/buildtime.c
@@ -15,4 +15,4 @@
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
-char buildtime[] = __DATE__ " " __TIME__;
+char buildtime[] = "??? ?? ???? ??:??:??";
Index: tigervnc-1.8.0/win/winvnc/buildTime.cxx
Index: tigervnc-1.9.0/win/winvnc/buildTime.cxx
===================================================================
--- tigervnc-1.8.0.orig/win/winvnc/buildTime.cxx
+++ tigervnc-1.8.0/win/winvnc/buildTime.cxx
--- tigervnc-1.9.0.orig/win/winvnc/buildTime.cxx
+++ tigervnc-1.9.0/win/winvnc/buildTime.cxx
@@ -15,4 +15,4 @@
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
-const char* buildTime = "Built on " __DATE__ " at " __TIME__;
+const char* buildTime = "Built on ??? ?? ???? at ??:??:??";
Index: tigervnc-1.8.0/CMakeLists.txt
Index: tigervnc-1.9.0/CMakeLists.txt
===================================================================
--- tigervnc-1.8.0.orig/CMakeLists.txt
+++ tigervnc-1.8.0/CMakeLists.txt
--- tigervnc-1.9.0.orig/CMakeLists.txt
+++ tigervnc-1.9.0/CMakeLists.txt
@@ -42,12 +42,6 @@ if(MSVC)
message(FATAL_ERROR "TigerVNC cannot be built with Visual Studio. Please use MinGW")
endif()
@ -55,20 +55,20 @@ Index: tigervnc-1.8.0/CMakeLists.txt
# Default to optimised builds instead of debug ones. Our code has no bugs ;)
# (CMake makes it fairly easy to toggle this back to Debug if needed)
if(NOT CMAKE_BUILD_TYPE)
Index: tigervnc-1.8.0/vncviewer/vncviewer.cxx
Index: tigervnc-1.9.0/vncviewer/vncviewer.cxx
===================================================================
--- tigervnc-1.8.0.orig/vncviewer/vncviewer.cxx
+++ tigervnc-1.8.0/vncviewer/vncviewer.cxx
--- tigervnc-1.9.0.orig/vncviewer/vncviewer.cxx
+++ tigervnc-1.9.0/vncviewer/vncviewer.cxx
@@ -98,11 +98,9 @@ static const char *about_text()
// time.
snprintf(buffer, sizeof(buffer),
_("TigerVNC Viewer %d-bit v%s\n"
- "Built on: %s\n"
"Copyright (C) 1999-%d TigerVNC Team and many others (see README.txt)\n"
"Copyright (C) 1999-%d TigerVNC Team and many others (see README.rst)\n"
"See http://www.tigervnc.org for information on TigerVNC."),
- (int)sizeof(size_t)*8, PACKAGE_VERSION,
- BUILD_TIMESTAMP, 2017);
+ (int)sizeof(size_t)*8, PACKAGE_VERSION, 2017);
- BUILD_TIMESTAMP, 2018);
+ (int)sizeof(size_t)*8, PACKAGE_VERSION, 2018);
return buffer;
}

12
tigervnc-1.8.0-nowindows.patch
View File

@ -1,12 +0,0 @@
--- tigervnc-1.8.0/java/com/tigervnc/vncviewer/F8Menu.java 2017-12-18 15:47:56.544658662 +0100
+++ tigervnc-1.8.0/java/com/tigervnc/vncviewer/F8Menu.java 2017-12-18 15:54:53.002571101 +0100
@@ -40,9 +40,6 @@
public F8Menu(CConn cc) {
super("VNC Menu");
setLightWeightPopupEnabled(false);
- String os = System.getProperty("os.name");
- if (os.startsWith("Windows"))
- com.sun.java.swing.plaf.windows.WindowsLookAndFeel.setMnemonicHidden(false);
this.cc = cc;
restore = addMenuItem("Restore",KeyEvent.VK_R);
restore.setEnabled(!embed.getValue());

51
tigervnc-clean-pressed-key-on-exit.patch
View File

@ -1,8 +1,8 @@
Index: tigervnc-1.8.0/vncviewer/DesktopWindow.cxx
Index: tigervnc-1.9.0/vncviewer/DesktopWindow.cxx
===================================================================
--- tigervnc-1.8.0.orig/vncviewer/DesktopWindow.cxx
+++ tigervnc-1.8.0/vncviewer/DesktopWindow.cxx
@@ -206,6 +206,8 @@ DesktopWindow::~DesktopWindow()
--- tigervnc-1.9.0.orig/vncviewer/DesktopWindow.cxx
+++ tigervnc-1.9.0/vncviewer/DesktopWindow.cxx
@@ -207,6 +207,8 @@ DesktopWindow::~DesktopWindow()
delete statsGraph;
@ -11,26 +11,33 @@ Index: tigervnc-1.8.0/vncviewer/DesktopWindow.cxx
// FLTK automatically deletes all child widgets, so we shouldn't touch
// them ourselves here
}
Index: tigervnc-1.8.0/vncviewer/Viewport.cxx
Index: tigervnc-1.9.0/vncviewer/Viewport.cxx
===================================================================
--- tigervnc-1.8.0.orig/vncviewer/Viewport.cxx
+++ tigervnc-1.8.0/vncviewer/Viewport.cxx
@@ -131,6 +131,11 @@ Viewport::Viewport(int w, int h, const r
--- tigervnc-1.9.0.orig/vncviewer/Viewport.cxx
+++ tigervnc-1.9.0/vncviewer/Viewport.cxx
@@ -189,6 +189,18 @@ Viewport::Viewport(int w, int h, const r
Viewport::~Viewport()
{
+ // Send release for every pressed key
+ for(DownMap::iterator iter = downKeySym.begin(); iter != downKeySym.end(); ++iter) {
+ cc->writer()->keyEvent(iter->second, false);
+ try {
+ if (iter->first > 0xff)
+ cc->writer()->writeKeyEvent(iter->second, 0, false);
+ else
+ cc->writer()->writeKeyEvent(iter->second, iter->first, false);
+ } catch (rdr::Exception& e) {
+ // ignore
+ }
+ }
+
// Unregister all timeouts in case they get a change tro trigger
// again later when this object is already gone.
Fl::remove_timeout(handlePointerTimeout, this);
Index: tigervnc-1.8.0/vncviewer/vncviewer.cxx
Index: tigervnc-1.9.0/vncviewer/vncviewer.cxx
===================================================================
--- tigervnc-1.8.0.orig/vncviewer/vncviewer.cxx
+++ tigervnc-1.8.0/vncviewer/vncviewer.cxx
--- tigervnc-1.9.0.orig/vncviewer/vncviewer.cxx
+++ tigervnc-1.9.0/vncviewer/vncviewer.cxx
@@ -107,6 +107,8 @@ static const char *about_text()
return buffer;
}
@ -57,27 +64,17 @@ Index: tigervnc-1.8.0/vncviewer/vncviewer.cxx
exit(1);
}
@@ -481,11 +493,19 @@ int main(int argc, char** argv)
init_fltk();
+ fl_open_display();
+
+ XSetIOErrorHandler(CleanupXIOErrorHandler);
+
#if !defined(WIN32) && !defined(__APPLE__)
fl_open_display();
@@ -566,6 +578,9 @@ int main(int argc, char** argv)
XkbSetDetectableAutoRepeat(fl_display, True, NULL);
#endif
+ fl_open_display();
+
+ XSetIOErrorHandler(CleanupXIOErrorHandler);
+
Configuration::enableViewerParams();
/* Load the default parameter settings */
@@ -602,7 +622,7 @@ int main(int argc, char** argv)
CSecurity::upg = &dlg;
#ifdef HAVE_GNUTLS
CSecurityTLS::msg = &dlg;
@@ -651,7 +666,7 @@ int main(int argc, char** argv)
#endif
}

48
tigervnc.changes
View File

@ -1,3 +1,51 @@
-------------------------------------------------------------------
Mon Aug 6 12:04:52 UTC 2018 - msrb@suse.com
- Add xvnc.target to fix xvnc-novnc.service's dependency.
(bnc#1103552)
- Split the X server's VNC module into subpackage and give it
dependency on the current extension ABI.
-------------------------------------------------------------------
Thu Aug 2 08:31:09 UTC 2018 - msrb@suse.com
- Update to tigervnc 1.9.0
* Alternative, "raw" keyboard mode in the native client and all servers
* CapsLock/NumLock/ScrollLock synchronisation in the native client and all servers
* Automatic "repair" of JPEG artefacts on screen in all servers
* Support for UNIX sockets in the native client and in the UNIX servers
* Both clients now warn when sending the password over a possibly insecure channel
* Performance improvements in the Java client
* The Java client now requires Java 7
* Improved high latency handling in all servers
* Slightly better keyboard handling in x0vncserver
* x0vncserver now supports cursors and screen resize
* Xorg 1.20 can now be used as a base for Xvnc/libvnc.so
- Fixes bnc#1103537
- Removed patches (included in 1.9.0):
* u_tigervnc-show-unencrypted-warning.patch
* U_allow_multiple_certs_with_same_dn_in_saved_certs_file.patch
* U_handle_certificate_verification_for_saved_certs_correctly.patch
* u_Unset-pixel-buffer-when-x0vncserver-client-disconnect.patch
* u_add-support-for-X-server-1.20.0.patch
* U_vncviewer-Fix-fullscreen-scrolling.patch
* U_vncviewer-Fix-scrollbar-visibility.patch
- Removed patches (no longer needed):
* tigervnc-1.8.0-nowindows.patch
- Refreshed patches:
* n_tigervnc-date-time.patch
* tigervnc-clean-pressed-key-on-exit.patch
* u_tigervnc-add-autoaccept-parameter.patch
* u_tigervnc-ignore-epipe-on-write.patch
- Added patches:
* n_correct_path_in_desktop_file.patch
- Fixed typo in 10-libvnc.conf
-------------------------------------------------------------------
Fri Jun 8 09:09:38 UTC 2018 - msrb@suse.com

69
tigervnc.spec
View File

@ -31,7 +31,7 @@
%endif
Name: tigervnc
Version: 1.8.0
Version: 1.9.0
Release: 0
Provides: tightvnc = 1.3.9
Obsoletes: tightvnc < 1.3.9
@ -126,6 +126,7 @@ Source15: xvnc-novnc.service
Source16: xvnc-novnc.socket
Source17: tigervnc.firewalld
Source18: tigervnc-https.firewalld
Source19: xvnc.target
Patch1: tigervnc-newfbsize.patch
Patch2: tigervnc-clean-pressed-key-on-exit.patch
@ -134,16 +135,9 @@ Patch4: n_tigervnc-date-time.patch
Patch5: u_tigervnc-cve-2014-8240.patch
Patch6: u_tigervnc_update_default_vncxstartup.patch
Patch7: u_build_libXvnc_as_separate_library.patch
Patch8: u_tigervnc-show-unencrypted-warning.patch
Patch9: U_allow_multiple_certs_with_same_dn_in_saved_certs_file.patch
Patch10: U_handle_certificate_verification_for_saved_certs_correctly.patch
Patch11: u_tigervnc-add-autoaccept-parameter.patch
Patch12: u_Unset-pixel-buffer-when-x0vncserver-client-disconnect.patch
Patch13: tigervnc-1.8.0-nowindows.patch
Patch14: u_change-button-layout-in-ServerDialog.patch
Patch15: u_add-support-for-X-server-1.20.0.patch
Patch16: U_vncviewer-Fix-fullscreen-scrolling.patch
Patch17: U_vncviewer-Fix-scrollbar-visibility.patch
Patch8: u_tigervnc-add-autoaccept-parameter.patch
Patch9: u_change-button-layout-in-ServerDialog.patch
Patch10: n_correct_path_in_desktop_file.patch
%description
TigerVNC is an implementation of VNC (Virtual Network Computing), a
@ -171,6 +165,7 @@ Requires: xorg-x11-fonts-core
# For the with-vnc-key.sh script
Requires: /bin/hostname
%{?systemd_requires}
Recommends: xorg-x11-Xvnc-module
Provides: tightvnc = 1.3.9
Provides: xorg-x11-Xvnc:/usr/lib/vnc/with-vnc-key.sh
Obsoletes: tightvnc < 1.3.9
@ -180,6 +175,17 @@ Group: System/X11/Servers/XF86_4
%description -n xorg-x11-Xvnc
This is the TigerVNC implementation of Xvnc.
%package -n xorg-x11-Xvnc-module
Requires: xorg-x11-Xvnc
Summary: VNC module for X server
Group: System/X11/Servers/XF86_4
%{x11_abi_extension_req}
%description -n xorg-x11-Xvnc-module
This module allows to share content of X server's screen over VNC.
It is loaded into X server as a module if enable in X server's
configuration.
%package -n xorg-x11-Xvnc-novnc
Requires: novnc
Requires: python-websockify
@ -245,13 +251,6 @@ cp -r /usr/src/xserver/* unix/xserver/
%patch8 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
%patch17 -p1
pushd unix/xserver
patch -p1 < ../xserver120.patch
@ -346,6 +345,7 @@ install -D %{SOURCE13} -m 0444 %{buildroot}%{_unitdir}/xvnc@.service
install -D %{SOURCE14} -m 0444 %{buildroot}%{_unitdir}/xvnc.socket
install -D %{SOURCE15} -m 0444 %{buildroot}%{_unitdir}/xvnc-novnc.service
install -D %{SOURCE16} -m 0444 %{buildroot}%{_unitdir}/xvnc-novnc.socket
install -D %{SOURCE19} -m 0444 %{buildroot}%{_unitdir}/xvnc.target
rm -rf $RPM_BUILD_ROOT/usr/share/doc/tigervnc-*
@ -423,7 +423,7 @@ fi
%defattr(-,root,root,-)
%ghost %{_bindir}/vncviewer
%{_bindir}/vncviewer-tigervnc
%doc LICENCE.TXT README.txt
%doc LICENCE.TXT README.rst
%ghost %_mandir/man1/vncviewer.1.gz
%doc %_mandir/man1/vncviewer-tigervnc.1.gz
%if 0%{?suse_version} >= 1315
@ -450,7 +450,7 @@ fi
%_datadir/applications/vncviewer.desktop
%files -n xorg-x11-Xvnc
%doc LICENCE.TXT README.txt
%doc LICENCE.TXT README.rst
%defattr(-,root,root)
%{_bindir}/Xvnc
@ -469,18 +469,9 @@ fi
%{_unitdir}/xvnc@.service
%{_unitdir}/xvnc.socket
%{_unitdir}/xvnc.target
%{_sbindir}/rcxvnc
%exclude /usr/%{_lib}/xorg/protocol.txt
%exclude /usr/%{_lib}/xorg/modules/extensions/libvnc.la
%ifnarch s390 s390x
%{_libdir}/xorg/modules/extensions/libvnc.so
%else
%exclude %{_libdir}/xorg/modules
%exclude %{_libdir}/xorg/modules/extensions
%exclude %{_libdir}/xorg/modules/extensions/libvnc.so
%endif
%exclude /var/lib/xkb/compiled/README.compiled
%if %{use_firewalld}
@ -493,11 +484,6 @@ fi
%config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/vnc-httpd
%endif
%ifnarch s390 s390x
%config(noreplace) /etc/X11/xorg.conf.d/10-libvnc.conf
%else
%exclude /etc/X11/xorg.conf.d
%endif
%dir /etc/slp.reg.d
%config(noreplace) /etc/slp.reg.d/vnc.reg
@ -509,6 +495,19 @@ fi
%{_libexecdir}/vnc
%files -n xorg-x11-Xvnc-module
%exclude /usr/%{_lib}/xorg/protocol.txt
%exclude /usr/%{_lib}/xorg/modules/extensions/libvnc.la
%ifnarch s390 s390x
%{_libdir}/xorg/modules/extensions/libvnc.so
%config(noreplace) /etc/X11/xorg.conf.d/10-libvnc.conf
%else
%exclude /etc/X11/xorg.conf.d
%exclude %{_libdir}/xorg/modules
%exclude %{_libdir}/xorg/modules/extensions
%exclude %{_libdir}/xorg/modules/extensions/libvnc.so
%endif
%files -n xorg-x11-Xvnc-novnc
%{_unitdir}/xvnc-novnc.service
%{_unitdir}/xvnc-novnc.socket

71
u_Unset-pixel-buffer-when-x0vncserver-client-disconnect.patch
View File

@ -1,71 +0,0 @@
From b1d7c2caf496e7236fe43c69fd380fedb830a979 Mon Sep 17 00:00:00 2001
From: Michal Srb <msrb@suse.com>
Date: Tue, 26 Sep 2017 13:45:36 +0200
Subject: [PATCH] Unset pixel buffer when x0vncserver client disconnects.
In XDesktop::start() we allocate pixel buffer and set it as the backend to the given VNCServer.
In XDesktop::stop() we deallocate the buffer, so we must unset it from the VNCServer as well.
Otherwise the VNCServer could try to access it and crash, for example in deferred update.
---
common/rfb/VNCServerST.cxx | 14 ++++----------
unix/x0vncserver/x0vncserver.cxx | 6 +++++-
2 files changed, 9 insertions(+), 11 deletions(-)
Index: tigervnc-1.8.0/common/rfb/VNCServerST.cxx
===================================================================
--- tigervnc-1.8.0.orig/common/rfb/VNCServerST.cxx
+++ tigervnc-1.8.0/common/rfb/VNCServerST.cxx
@@ -312,6 +312,8 @@ void VNCServerST::setPixelBuffer(PixelBu
screenLayout = layout;
if (!pb) {
+ stopFrameClock();
+
if (desktopStarted)
throw Exception("setPixelBuffer: null PixelBuffer when desktopStarted?");
return;
@@ -335,18 +337,10 @@ void VNCServerST::setPixelBuffer(PixelBu
void VNCServerST::setPixelBuffer(PixelBuffer* pb_)
{
- ScreenSet layout;
-
- if (!pb_) {
- if (desktopStarted)
- throw Exception("setPixelBuffer: null PixelBuffer when desktopStarted?");
- return;
- }
-
- layout = screenLayout;
+ ScreenSet layout = screenLayout;
// Check that the screen layout is still valid
- if (!layout.validate(pb_->width(), pb_->height())) {
+ if (pb_ && !layout.validate(pb_->width(), pb_->height())) {
Rect fbRect;
ScreenSet::iterator iter, iter_next;
Index: tigervnc-1.8.0/unix/x0vncserver/x0vncserver.cxx
===================================================================
--- tigervnc-1.8.0.orig/unix/x0vncserver/x0vncserver.cxx
+++ tigervnc-1.8.0/unix/x0vncserver/x0vncserver.cxx
@@ -176,7 +176,8 @@ public:
#endif
}
virtual ~XDesktop() {
- stop();
+ if (running)
+ stop();
}
inline void poll() {
@@ -223,6 +224,9 @@ public:
XDamageDestroy(dpy, damage);
#endif
+ server->setPixelBuffer(0);
+ server = 0;
+
delete pb;
pb = 0;
}

162
u_add-support-for-X-server-1.20.0.patch
View File

@ -1,162 +0,0 @@
Git-commit: 25520b9b4680ac56f43d9b03929dd87093a3d06d
Author: Michal Srb <msrb@suse.com>
Subject: Add support for X server 1.20.0.
Patch-mainline: To be upstreamed
In-server GLVND requires xorgGlxCreateVendor call from InitOutput.
DPMS functions were moved to another location and no longer need to be faked.
xserver120.patch is a copy of xserver119.patch with refreshed contexts.
---
unix/xserver/hw/vnc/xorg-version.h | 4 +-
unix/xserver/hw/vnc/xvnc.c | 8 ++++
unix/xserver120.patch | 82 ++++++++++++++++++++++++++++++++++++++
3 files changed, 93 insertions(+), 1 deletion(-)
create mode 100644 unix/xserver120.patch
diff --git a/unix/xserver/hw/vnc/xorg-version.h b/unix/xserver/hw/vnc/xorg-version.h
index 9d1c0eb8..16145711 100644
--- a/unix/xserver/hw/vnc/xorg-version.h
+++ b/unix/xserver/hw/vnc/xorg-version.h
@@ -52,8 +52,10 @@
#define XORG 118
#elif XORG_VERSION_CURRENT < ((1 * 10000000) + (19 * 100000) + (99 * 1000))
#define XORG 119
+#elif XORG_VERSION_CURRENT < ((1 * 10000000) + (20 * 100000) + (99 * 1000))
+#define XORG 120
#else
-#error "X.Org newer than 1.19 is not supported"
+#error "X.Org newer than 1.20 is not supported"
#endif
#endif
diff --git a/unix/xserver/hw/vnc/xvnc.c b/unix/xserver/hw/vnc/xvnc.c
index 57152cd5..9a61b1ef 100644
--- a/unix/xserver/hw/vnc/xvnc.c
+++ b/unix/xserver/hw/vnc/xvnc.c
@@ -202,6 +202,7 @@ vfbBitsPerPixel(int depth)
static void vfbFreeFramebufferMemory(vfbFramebufferInfoPtr pfb);
#ifdef DPMSExtension
+#if XORG < 120
/* Why support DPMS? Because stupid modern desktop environments
such as Unity 2D on Ubuntu 11.10 crashes if DPMS is not
available. (DPMSSet is called by dpms.c, but the return value
@@ -218,6 +219,7 @@ Bool DPMSSupported(void)
return FALSE;
}
#endif
+#endif
#if XORG < 111
void ddxGiveUp()
@@ -1738,6 +1740,10 @@ InitOutput(ScreenInfo *scrInfo, int argc, char **argv)
vncPrintBanner();
+#if XORG >= 120
+ xorgGlxCreateVendor();
+#else
+
#if XORG >= 113
#ifdef GLXEXT
if (serverGeneration == 1)
@@ -1749,6 +1755,8 @@ InitOutput(ScreenInfo *scrInfo, int argc, char **argv)
#endif
#endif
+#endif
+
/* initialize pixmap formats */
/* must have a pixmap depth to match every screen depth */
diff --git a/unix/xserver120.patch b/unix/xserver120.patch
new file mode 100644
index 00000000..d8598494
--- /dev/null
+++ b/unix/xserver120.patch
@@ -0,0 +1,82 @@
+Index: xserver/configure.ac
+===================================================================
+--- xserver.orig/configure.ac
++++ xserver/configure.ac
+@@ -74,6 +74,7 @@ dnl forcing an entire recompile.x
+ AC_CONFIG_HEADERS(include/version-config.h)
+
+ AM_PROG_AS
++AC_PROG_CXX
+ AC_PROG_LN_S
+ LT_PREREQ([2.2])
+ LT_INIT([disable-static win32-dll])
+@@ -1777,6 +1778,10 @@ if test "x$XVFB" = xyes; then
+ AC_SUBST([XVFB_SYS_LIBS])
+ fi
+
++dnl Xvnc DDX
++AC_SUBST([XVNC_CPPFLAGS], ["-DHAVE_DIX_CONFIG_H $XSERVER_CFLAGS"])
++AC_SUBST([XVNC_LIBS], ["$FB_LIB $FIXES_LIB $XEXT_LIB $CONFIG_LIB $DBE_LIB $RECORD_LIB $GLX_LIBS $RANDR_LIB $RENDER_LIB $DAMAGE_LIB $DRI3_LIB $PRESENT_LIB $MIEXT_SYNC_LIB $MIEXT_DAMAGE_LIB $MIEXT_SHADOW_LIB $XI_LIB $XKB_LIB $XKB_STUB_LIB $COMPOSITE_LIB $MAIN_LIB"])
++AC_SUBST([XVNC_SYS_LIBS], ["$GLX_SYS_LIBS"])
+
+ dnl Xnest DDX
+
+@@ -1812,6 +1817,8 @@ if test "x$XORG" = xauto; then
+ fi
+ AC_MSG_RESULT([$XORG])
+
++AC_DEFINE_UNQUOTED(XORG_VERSION_CURRENT, [$VENDOR_RELEASE], [Current Xorg version])
++
+ if test "x$XORG" = xyes; then
+ XORG_DDXINCS='-I$(top_srcdir)/hw/xfree86 -I$(top_srcdir)/hw/xfree86/include -I$(top_srcdir)/hw/xfree86/common'
+ XORG_OSINCS='-I$(top_srcdir)/hw/xfree86/os-support -I$(top_srcdir)/hw/xfree86/os-support/bus -I$(top_srcdir)/os'
+@@ -2029,7 +2036,6 @@ if test "x$XORG" = xyes; then
+ AC_DEFINE(XORG_SERVER, 1, [Building Xorg server])
+ AC_DEFINE(XORGSERVER, 1, [Building Xorg server])
+ AC_DEFINE(XFree86Server, 1, [Building XFree86 server])
+- AC_DEFINE_UNQUOTED(XORG_VERSION_CURRENT, [$VENDOR_RELEASE], [Current Xorg version])
+ AC_DEFINE(NEED_XF86_TYPES, 1, [Need XFree86 typedefs])
+ AC_DEFINE(NEED_XF86_PROTOTYPES, 1, [Need XFree86 helper functions])
+ AC_DEFINE(__XSERVERNAME__, "Xorg", [Name of X server])
+@@ -2565,6 +2571,7 @@ hw/dmx/Makefile
+ hw/dmx/man/Makefile
+ hw/vfb/Makefile
+ hw/vfb/man/Makefile
++hw/vnc/Makefile
+ hw/xnest/Makefile
+ hw/xnest/man/Makefile
+ hw/xwin/Makefile
+Index: xserver/hw/Makefile.am
+===================================================================
+--- xserver.orig/hw/Makefile.am
++++ xserver/hw/Makefile.am
+@@ -38,7 +38,8 @@ SUBDIRS = \
+ $(DMX_SUBDIRS) \
+ $(KDRIVE_SUBDIRS) \
+ $(XQUARTZ_SUBDIRS) \
+- $(XWAYLAND_SUBDIRS)
++ $(XWAYLAND_SUBDIRS) \
++ vnc
+
+ DIST_SUBDIRS = dmx xfree86 vfb xnest xwin xquartz kdrive xwayland
+
+Index: xserver/mi/miinitext.c
+===================================================================
+--- xserver.orig/mi/miinitext.c
++++ xserver/mi/miinitext.c
+@@ -107,8 +107,15 @@ SOFTWARE.
+ #include "os.h"
+ #include "globals.h"
+
++#ifdef TIGERVNC
++extern void vncExtensionInit(void);
++#endif
++
+ /* List of built-in (statically linked) extensions */
+ static const ExtensionModule staticExtensions[] = {
++#ifdef TIGERVNC
++ {vncExtensionInit, "VNC-EXTENSION", NULL},
++#endif
+ {GEExtensionInit, "Generic Event Extension", &noGEExtension},
+ {ShapeExtensionInit, "SHAPE", NULL},
+ #ifdef MITSHM
--
2.13.6

28
u_tigervnc-add-autoaccept-parameter.patch
View File

@ -1,18 +1,18 @@
Index: tigervnc-1.8.0/java/com/tigervnc/rfb/CSecurityTLS.java
Index: tigervnc-1.9.0/java/com/tigervnc/rfb/CSecurityTLS.java
===================================================================
--- tigervnc-1.8.0.orig/java/com/tigervnc/rfb/CSecurityTLS.java
+++ tigervnc-1.8.0/java/com/tigervnc/rfb/CSecurityTLS.java
@@ -64,6 +64,9 @@ public class CSecurityTLS extends CSecur
--- tigervnc-1.9.0.orig/java/com/tigervnc/rfb/CSecurityTLS.java
+++ tigervnc-1.9.0/java/com/tigervnc/rfb/CSecurityTLS.java
@@ -66,6 +66,9 @@ public class CSecurityTLS extends CSecur
public static StringParameter X509CRL
= new StringParameter("X509CRL",
"X509 CRL file", "", Configuration.ConfigurationObject.ConfViewer);
+ public static StringParameter x509autoaccept
+ = new StringParameter("x509autoaccept",
+ "X509 Certificate SHA-1 fingerprint", "", Configuration.ConfigurationObject.ConfViewer);
public static UserMsgBox msg;
private void initGlobal()
{
@@ -82,6 +85,7 @@ public class CSecurityTLS extends CSecur
@@ -85,6 +88,7 @@ public class CSecurityTLS extends CSecur
setDefaults();
cafile = X509CA.getData();
crlfile = X509CRL.getData();
@ -20,7 +20,7 @@ Index: tigervnc-1.8.0/java/com/tigervnc/rfb/CSecurityTLS.java
}
public static String getDefaultCA() {
@@ -270,6 +274,10 @@ public class CSecurityTLS extends CSecur
@@ -283,6 +287,10 @@ public class CSecurityTLS extends CSecur
tm.checkServerTrusted(chain, authType);
} catch (java.lang.Exception e) {
if (e.getCause() instanceof CertPathBuilderException) {
@ -28,10 +28,10 @@ Index: tigervnc-1.8.0/java/com/tigervnc/rfb/CSecurityTLS.java
+ return;
+ }
+
Object[] answer = {"YES", "NO"};
int ret = JOptionPane.showOptionDialog(null,
String certinfo =
"This certificate has been signed by an unknown authority\n"+
@@ -466,7 +474,7 @@ public class CSecurityTLS extends CSecur
"\n"+
@@ -471,7 +479,7 @@ public class CSecurityTLS extends CSecur
private SSLEngineManager manager;
private boolean anon;
@ -40,11 +40,11 @@ Index: tigervnc-1.8.0/java/com/tigervnc/rfb/CSecurityTLS.java
private FdInStream is;
private FdOutStream os;
Index: tigervnc-1.8.0/java/com/tigervnc/vncviewer/VncViewer.java
Index: tigervnc-1.9.0/java/com/tigervnc/vncviewer/VncViewer.java
===================================================================
--- tigervnc-1.8.0.orig/java/com/tigervnc/vncviewer/VncViewer.java
+++ tigervnc-1.8.0/java/com/tigervnc/vncviewer/VncViewer.java
@@ -368,6 +368,8 @@ public class VncViewer extends javax.swi
--- tigervnc-1.9.0.orig/java/com/tigervnc/vncviewer/VncViewer.java
+++ tigervnc-1.9.0/java/com/tigervnc/vncviewer/VncViewer.java
@@ -393,6 +393,8 @@ public class VncViewer extends javax.swi
// Called right after zero-arg constructor in applet mode
setLookAndFeel();
setBackground(Color.white);

4
u_tigervnc-ignore-epipe-on-write.patch
View File

@ -9,8 +9,8 @@ Index: common/rdr/FdOutStream.cxx
===================================================================
--- common/rdr/FdOutStream.cxx.orig
+++ common/rdr/FdOutStream.cxx
@@ -191,8 +191,12 @@ int FdOutStream::writeWithTimeout(const
n = ::write(fd, data, length);
@@ -204,8 +204,12 @@ int FdOutStream::writeWithTimeout(const
#endif
} while (n < 0 && (errno == EINTR));
- if (n < 0)

178
u_tigervnc-show-unencrypted-warning.patch
View File

@ -1,178 +0,0 @@
Author: Michal Srb <michalsrb@gmail.com>
Subject: Display warning in window title when no encryption is in use.
Patch-Mainline: To be upstreamed
References: fate#319701
Index: tigervnc-1.6.0/common/rfb/CSecurityPlain.cxx
===================================================================
--- tigervnc-1.6.0.orig/common/rfb/CSecurityPlain.cxx
+++ tigervnc-1.6.0/common/rfb/CSecurityPlain.cxx
@@ -31,7 +31,7 @@ bool CSecurityPlain::processMsg(CConnect
CharArray username;
CharArray password;
- (CSecurity::upg)->getUserPasswd(&username.buf, &password.buf);
+ (CSecurity::upg)->getUserPasswd(&username.buf, &password.buf, cc->csecurity->getType());
// Return the response to the server
os->writeU32(strlen(username.buf));
Index: tigervnc-1.6.0/common/rfb/CSecurityVncAuth.cxx
===================================================================
--- tigervnc-1.6.0.orig/common/rfb/CSecurityVncAuth.cxx
+++ tigervnc-1.6.0/common/rfb/CSecurityVncAuth.cxx
@@ -46,7 +46,7 @@ bool CSecurityVncAuth::processMsg(CConne
rdr::U8 challenge[vncAuthChallengeSize];
is->readBytes(challenge, vncAuthChallengeSize);
PlainPasswd passwd;
- (CSecurity::upg)->getUserPasswd(0, &passwd.buf);
+ (CSecurity::upg)->getUserPasswd(0, &passwd.buf, cc->csecurity->getType());
// Calculate the correct response
rdr::U8 key[8];
Index: tigervnc-1.6.0/common/rfb/Security.cxx
===================================================================
--- tigervnc-1.6.0.orig/common/rfb/Security.cxx
+++ tigervnc-1.6.0/common/rfb/Security.cxx
@@ -206,3 +206,19 @@ std::list<rdr::U32> rfb::parseSecTypes(c
}
return result;
}
+
+bool rfb::isSecTypeEncrypted(rdr::U32 num)
+{
+ switch (num) {
+ case secTypeTLSNone:
+ case secTypeTLSVnc:
+ case secTypeTLSPlain:
+ case secTypeX509None:
+ case secTypeX509Vnc:
+ case secTypeX509Plain:
+ return true;
+
+ default:
+ return false;
+ }
+}
Index: tigervnc-1.6.0/common/rfb/Security.h
===================================================================
--- tigervnc-1.6.0.orig/common/rfb/Security.h
+++ tigervnc-1.6.0/common/rfb/Security.h
@@ -104,6 +104,8 @@ namespace rfb {
const char* secTypeName(rdr::U32 num);
rdr::U32 secTypeNum(const char* name);
std::list<rdr::U32> parseSecTypes(const char* types);
+
+ bool isSecTypeEncrypted(rdr::U32 num);
}
#endif
Index: tigervnc-1.6.0/common/rfb/UserPasswdGetter.h
===================================================================
--- tigervnc-1.6.0.orig/common/rfb/UserPasswdGetter.h
+++ tigervnc-1.6.0/common/rfb/UserPasswdGetter.h
@@ -17,6 +17,9 @@
*/
#ifndef __RFB_USERPASSWDGETTER_H__
#define __RFB_USERPASSWDGETTER_H__
+
+#include <rdr/types.h>
+
namespace rfb {
class UserPasswdGetter {
public:
@@ -24,7 +27,7 @@ namespace rfb {
// dialog, getpass(), etc. The user buffer pointer can be null, in which
// case no user name will be retrieved. The caller MUST delete [] the
// result(s).
- virtual void getUserPasswd(char** user, char** password)=0;
+ virtual void getUserPasswd(char** user, char** password, rdr::U32 secType)=0;
};
}
#endif
Index: tigervnc-1.6.0/vncviewer/DesktopWindow.cxx
===================================================================
--- tigervnc-1.6.0.orig/vncviewer/DesktopWindow.cxx
+++ tigervnc-1.6.0/vncviewer/DesktopWindow.cxx
@@ -27,6 +27,7 @@
#include <rfb/LogWriter.h>
#include <rfb/CMsgWriter.h>
+#include <rfb/Security.h>
#include "DesktopWindow.h"
#include "OptionsDialog.h"
@@ -206,7 +207,11 @@ void DesktopWindow::setName(const char *
CharArray windowNameStr;
windowNameStr.replaceBuf(new char[256]);
- snprintf(windowNameStr.buf, 256, "%.240s - TigerVNC", name);
+ const char *warning = "";
+ if (!rfb::isSecTypeEncrypted(cc->csecurity->getType()))
+ warning = _("(Connection not encrypted!)");
+
+ snprintf(windowNameStr.buf, 256, "%.240s - TigerVNC %s", name, warning);
copy_label(windowNameStr.buf);
}
Index: tigervnc-1.6.0/vncviewer/UserDialog.cxx
===================================================================
--- tigervnc-1.6.0.orig/vncviewer/UserDialog.cxx
+++ tigervnc-1.6.0/vncviewer/UserDialog.cxx
@@ -32,10 +32,12 @@
#include <FL/Fl_Secret_Input.H>
#include <FL/Fl_Button.H>
#include <FL/Fl_Return_Button.H>
+#include <FL/Fl_Text_Display.H>
#include <rfb/util.h>
#include <rfb/Password.h>
#include <rfb/Exception.h>
+#include <rfb/Security.h>
#include "i18n.h"
#include "fltk_layout.h"
@@ -59,7 +61,7 @@ UserDialog::~UserDialog()
{
}
-void UserDialog::getUserPasswd(char** user, char** password)
+void UserDialog::getUserPasswd(char** user, char** password, rdr::U32 secType)
{
CharArray passwordFileStr(passwordFile.getData());
@@ -82,8 +84,12 @@ void UserDialog::getUserPasswd(char** us
return;
}
+ const char* title = _("VNC authentication");
+ if (!rfb::isSecTypeEncrypted(secType))
+ title = _("VNC authentication (Connection not encrypted!)");
+
if (!user) {
- fl_message_title(_("VNC authentication"));
+ fl_message_title(title);
*password = strDup(fl_password(_("Password:"), ""));
if (!*password)
throw rfb::Exception(_("Authentication cancelled"));
@@ -93,7 +99,7 @@ void UserDialog::getUserPasswd(char** us
// Largely copied from FLTK so that we get the same look and feel
// as the simpler password input.
- Fl_Window *win = new Fl_Window(410, 145, _("VNC authentication"));
+ Fl_Window *win = new Fl_Window(410, 145, title);
win->callback(button_cb,(void *)0);
Fl_Input *username = new Fl_Input(70, 25, 300, 25, _("Username:"));
Index: tigervnc-1.6.0/vncviewer/UserDialog.h
===================================================================
--- tigervnc-1.6.0.orig/vncviewer/UserDialog.h
+++ tigervnc-1.6.0/vncviewer/UserDialog.h
@@ -31,7 +31,7 @@ public:
// UserPasswdGetter callbacks
- void getUserPasswd(char** user, char** password);
+ void getUserPasswd(char** user, char** password, rdr::U32 secType);
// UserMsgBox callbacks

3
v1.8.0.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:9951dab0e10f8de03996ec94bec0d938da9f36d48dca8c954e8bbc95c16338f8
size 1433830

3
v1.9.0.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f15ced8500ec56356c3bf271f52e58ed83729118361c7103eab64a618441f740
size 1506520

4
xvnc-novnc.service
View File

@ -1,7 +1,7 @@
[Unit]
Description=noVNC Web Server
Requires=xvnc.socket
After=xvnc.socket
Requires=xvnc.target
After=xvnc.target
[Service]
ExecStart=/usr/lib/vnc/with-vnc-key.sh /usr/bin/websockify --key /etc/vnc/tls.key --cert /etc/vnc/tls.cert --web /usr/share/novnc --inetd localhost:5901

2
xvnc.socket
View File

@ -1,5 +1,7 @@
[Unit]
Description=Xvnc Server
Before=xvnc.target
Wants=xvnc.target
[Socket]
ListenStream=5901

2
xvnc.target Normal file
View File

@ -0,0 +1,2 @@
[Unit]
Description=System VNC service