forked from pool/tigervnc
bbd43011aa
- Update to tigervnc 1.9.0 * Alternative, "raw" keyboard mode in the native client and all servers * CapsLock/NumLock/ScrollLock synchronisation in the native client and all servers * Automatic "repair" of JPEG artefacts on screen in all servers * Support for UNIX sockets in the native client and in the UNIX servers * Both clients now warn when sending the password over a possibly insecure channel * Performance improvements in the Java client * The Java client now requires Java 7 * Improved high latency handling in all servers * Slightly better keyboard handling in x0vncserver * x0vncserver now supports cursors and screen resize * Xorg 1.20 can now be used as a base for Xvnc/libvnc.so - Removed patches (included in 1.9.0): * u_tigervnc-show-unencrypted-warning.patch * U_allow_multiple_certs_with_same_dn_in_saved_certs_file.patch * U_handle_certificate_verification_for_saved_certs_correctly.patch * u_Unset-pixel-buffer-when-x0vncserver-client-disconnect.patch * u_add-support-for-X-server-1.20.0.patch * U_vncviewer-Fix-fullscreen-scrolling.patch * U_vncviewer-Fix-scrollbar-visibility.patch - Removed patches (no longer needed): * tigervnc-1.8.0-nowindows.patch - Refreshed patches: * n_tigervnc-date-time.patch * tigervnc-clean-pressed-key-on-exit.patch * u_tigervnc-add-autoaccept-parameter.patch * u_tigervnc-ignore-epipe-on-write.patch - Added patches: * n_correct_path_in_desktop_file.patch - Fixed typo in 10-libvnc.conf OBS-URL: https://build.opensuse.org/request/show/627036 OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/tigervnc?expand=0&rev=145
56 lines
2.3 KiB
Diff
56 lines
2.3 KiB
Diff
Index: tigervnc-1.9.0/java/com/tigervnc/rfb/CSecurityTLS.java
|
|
===================================================================
|
|
--- tigervnc-1.9.0.orig/java/com/tigervnc/rfb/CSecurityTLS.java
|
|
+++ tigervnc-1.9.0/java/com/tigervnc/rfb/CSecurityTLS.java
|
|
@@ -66,6 +66,9 @@ public class CSecurityTLS extends CSecur
|
|
public static StringParameter X509CRL
|
|
= new StringParameter("X509CRL",
|
|
"X509 CRL file", "", Configuration.ConfigurationObject.ConfViewer);
|
|
+ public static StringParameter x509autoaccept
|
|
+ = new StringParameter("x509autoaccept",
|
|
+ "X509 Certificate SHA-1 fingerprint", "", Configuration.ConfigurationObject.ConfViewer);
|
|
public static UserMsgBox msg;
|
|
|
|
private void initGlobal()
|
|
@@ -85,6 +88,7 @@ public class CSecurityTLS extends CSecur
|
|
setDefaults();
|
|
cafile = X509CA.getData();
|
|
crlfile = X509CRL.getData();
|
|
+ certautoaccept = x509autoaccept.getData();
|
|
}
|
|
|
|
public static String getDefaultCA() {
|
|
@@ -283,6 +287,10 @@ public class CSecurityTLS extends CSecur
|
|
tm.checkServerTrusted(chain, authType);
|
|
} catch (java.lang.Exception e) {
|
|
if (e.getCause() instanceof CertPathBuilderException) {
|
|
+ if (certautoaccept != null && thumbprint.equalsIgnoreCase(certautoaccept)) {
|
|
+ return;
|
|
+ }
|
|
+
|
|
String certinfo =
|
|
"This certificate has been signed by an unknown authority\n"+
|
|
"\n"+
|
|
@@ -471,7 +479,7 @@ public class CSecurityTLS extends CSecur
|
|
private SSLEngineManager manager;
|
|
private boolean anon;
|
|
|
|
- private String cafile, crlfile;
|
|
+ private String cafile, crlfile, certautoaccept;
|
|
private FdInStream is;
|
|
private FdOutStream os;
|
|
|
|
Index: tigervnc-1.9.0/java/com/tigervnc/vncviewer/VncViewer.java
|
|
===================================================================
|
|
--- tigervnc-1.9.0.orig/java/com/tigervnc/vncviewer/VncViewer.java
|
|
+++ tigervnc-1.9.0/java/com/tigervnc/vncviewer/VncViewer.java
|
|
@@ -393,6 +393,8 @@ public class VncViewer extends javax.swi
|
|
// Called right after zero-arg constructor in applet mode
|
|
setLookAndFeel();
|
|
setBackground(Color.white);
|
|
+
|
|
+ SecurityClient.setDefaults();
|
|
applet = this;
|
|
vncServerName.put(loadAppletParameters(applet).toCharArray()).flip();
|
|
if (embed.getValue()) {
|