forked from pool/tigervnc
Accepting request 760157 from home:ldevulder
- Add tigervnc-fix-saving-of-bad-server-certs.patch * fix saving of bad server certificates (boo#1159948) OBS-URL: https://build.opensuse.org/request/show/760157 OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/tigervnc?expand=0&rev=166
This commit is contained in:
parent
f77169be49
commit
48c98ae8f1
60
tigervnc-fix-saving-of-bad-server-certs.patch
Normal file
60
tigervnc-fix-saving-of-bad-server-certs.patch
Normal file
@ -0,0 +1,60 @@
|
|||||||
|
From dbad687182ae9093efaf096a069eeafc18b22973 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Pierre Ossman <ossman@cendio.se>
|
||||||
|
Date: Mon, 30 Dec 2019 10:24:11 +0100
|
||||||
|
Subject: [PATCH 1/2] Fix saving of bad server certificates
|
||||||
|
|
||||||
|
This check is completely backwards and it is currently unknown how
|
||||||
|
this ever worked.
|
||||||
|
---
|
||||||
|
common/rfb/CSecurityTLS.cxx | 5 +++--
|
||||||
|
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/common/rfb/CSecurityTLS.cxx b/common/rfb/CSecurityTLS.cxx
|
||||||
|
index aa1910909..c1a00212a 100644
|
||||||
|
--- a/common/rfb/CSecurityTLS.cxx
|
||||||
|
+++ b/common/rfb/CSecurityTLS.cxx
|
||||||
|
@@ -416,8 +416,9 @@ void CSecurityTLS::checkSession()
|
||||||
|
delete [] certinfo;
|
||||||
|
|
||||||
|
if (gnutls_x509_crt_export(crt, GNUTLS_X509_FMT_PEM, NULL, &out_size)
|
||||||
|
- == GNUTLS_E_SHORT_MEMORY_BUFFER)
|
||||||
|
- throw AuthFailureException("Out of memory");
|
||||||
|
+ != GNUTLS_E_SHORT_MEMORY_BUFFER)
|
||||||
|
+ throw AuthFailureException("certificate issuer unknown, and certificate "
|
||||||
|
+ "export failed");
|
||||||
|
|
||||||
|
// Save cert
|
||||||
|
out_buf = new char[out_size];
|
||||||
|
|
||||||
|
From 6208f47dcbf68ff1e751b0b526bb643f0da867a6 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Pierre Ossman <ossman@cendio.se>
|
||||||
|
Date: Mon, 30 Dec 2019 10:26:12 +0100
|
||||||
|
Subject: [PATCH 2/2] Remove unneeded memory checks
|
||||||
|
|
||||||
|
new throws an exception on allocation errors rather than return NULL.
|
||||||
|
---
|
||||||
|
common/rfb/CSecurityTLS.cxx | 4 ----
|
||||||
|
1 file changed, 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/common/rfb/CSecurityTLS.cxx b/common/rfb/CSecurityTLS.cxx
|
||||||
|
index c1a00212a..5c303a37c 100644
|
||||||
|
--- a/common/rfb/CSecurityTLS.cxx
|
||||||
|
+++ b/common/rfb/CSecurityTLS.cxx
|
||||||
|
@@ -396,8 +396,6 @@ void CSecurityTLS::checkSession()
|
||||||
|
vlog.debug("%s", info.data);
|
||||||
|
|
||||||
|
certinfo = new char[len];
|
||||||
|
- if (certinfo == NULL)
|
||||||
|
- throw AuthFailureException("Out of memory");
|
||||||
|
|
||||||
|
snprintf(certinfo, len, "This certificate has been signed by an unknown "
|
||||||
|
"authority:\n\n%s\n\nDo you want to save it and "
|
||||||
|
@@ -422,8 +420,6 @@ void CSecurityTLS::checkSession()
|
||||||
|
|
||||||
|
// Save cert
|
||||||
|
out_buf = new char[out_size];
|
||||||
|
- if (out_buf == NULL)
|
||||||
|
- throw AuthFailureException("Out of memory");
|
||||||
|
|
||||||
|
if (gnutls_x509_crt_export(crt, GNUTLS_X509_FMT_PEM, out_buf, &out_size) < 0)
|
||||||
|
throw AuthFailureException("certificate issuer unknown, and certificate "
|
@ -1,3 +1,9 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Dec 31 09:53:30 UTC 2019 - Loic Devulder <ldevulder@suse.com>
|
||||||
|
|
||||||
|
- Add tigervnc-fix-saving-of-bad-server-certs.patch
|
||||||
|
* fix saving of bad server certificates (boo#1159948)
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Fri Oct 4 14:19:48 UTC 2019 - Hans-Peter Jansen <hpj@urpla.net>
|
Fri Oct 4 14:19:48 UTC 2019 - Hans-Peter Jansen <hpj@urpla.net>
|
||||||
|
|
||||||
|
@ -140,6 +140,7 @@ Patch8: u_tigervnc-add-autoaccept-parameter.patch
|
|||||||
Patch9: u_change-button-layout-in-ServerDialog.patch
|
Patch9: u_change-button-layout-in-ServerDialog.patch
|
||||||
Patch10: n_correct_path_in_desktop_file.patch
|
Patch10: n_correct_path_in_desktop_file.patch
|
||||||
Patch11: U_viewer-reset-ctrl-alt-to-menu-state-on-focus.patch
|
Patch11: U_viewer-reset-ctrl-alt-to-menu-state-on-focus.patch
|
||||||
|
Patch12: tigervnc-fix-saving-of-bad-server-certs.patch
|
||||||
|
|
||||||
%description
|
%description
|
||||||
TigerVNC is an implementation of VNC (Virtual Network Computing), a
|
TigerVNC is an implementation of VNC (Virtual Network Computing), a
|
||||||
@ -258,6 +259,7 @@ cp -r /usr/src/xserver/* unix/xserver/
|
|||||||
%patch9 -p1
|
%patch9 -p1
|
||||||
%patch10 -p1
|
%patch10 -p1
|
||||||
%patch11 -p1
|
%patch11 -p1
|
||||||
|
%patch12 -p1
|
||||||
|
|
||||||
pushd unix/xserver
|
pushd unix/xserver
|
||||||
patch -p1 < ../xserver120.patch
|
patch -p1 < ../xserver120.patch
|
||||||
|
Loading…
Reference in New Issue
Block a user