Browse Source

gtk-vnc package update

Signed-off-by: guibuilder_pel7x64builder0 <guibuilder@powerel.org>
master
guibuilder_pel7x64builder0 6 years ago
parent
commit
31aea4afd8
  1. 46
      SOURCES/0001-Restore-correct-size-of-reserved-data.patch
  2. 29
      SOURCES/0002-Fix-inverted-args-when-creating-framebuffer-for-test.patch
  3. 34
      SOURCES/0003-Avoid-sign-extension-warnings-from-coverity.patch
  4. 32
      SOURCES/0004-Fix-crash-when-opening-connection-from-a-GSocketAddr.patch
  5. 36
      SOURCES/0005-Fix-crash-when-no-error-is-set-after-connection-fail.patch
  6. 32
      SOURCES/0006-Report-a-proper-error-message-if-hitting-connection-.patch
  7. 241
      SOURCES/0007-Fix-incompatibility-with-libvncserver-websockets-han.patch
  8. 40
      SOURCES/0008-Don-t-short-circuit-request-for-TLS-credentials.patch
  9. 56
      SOURCES/0009-Add-debug-logs-wrt-credential-gathering.patch
  10. 87
      SOURCES/0010-Explicitly-track-whether-x509-creds-have-been-set.patch
  11. 638
      SPECS/gtk-vnc.spec

46
SOURCES/0001-Restore-correct-size-of-reserved-data.patch

@ -0,0 +1,46 @@ @@ -0,0 +1,46 @@
From 9fe889dbd9e97ee947f13da3c86891940a1a1406 Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Thu, 6 Apr 2017 17:12:24 +0100
Subject: [PATCH] Restore correct size of reserved data

A previous commit

commit 7a9271620c894931cc22d6587d58e46c5996dac3
Author: Lei Li <lilei@linux.vnet.ibm.com>
Date: Mon May 20 11:45:59 2013 +0100

Add support for LED state extension to gvnc

removed 4 elements from the reserved data field, when adding
one pointer. This is because it mistakenly thought the reserved
elements were 1 byte in length, when they are in fact one pointer
in size.

The original change was technically an ABI incompatible change,
as is this fix. In practice, however, GObject classes are never
instantiated statically at compile time. Instead a call to
g_type_register_static is made at runtime. So this change in the
class size won't have a negative effect unless someone has
subclassed the VncConnectionClass type. Even if subclassing, this
should be harmless as we've merely increased the memory allocation
by 3 words.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit 77bd7cd620a1f9d45f9d479b55a5cba807732b91)
---
src/vncconnection.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/vncconnection.h b/src/vncconnection.h
index 8c1fa28..3477d1b 100644
--- a/src/vncconnection.h
+++ b/src/vncconnection.h
@@ -85,7 +85,7 @@ struct _VncConnectionClass
* If adding fields to this struct, remove corresponding
* amount of padding to avoid changing overall struct size
*/
- gpointer _vnc_reserved[VNC_PADDING_LARGE - 5];
+ gpointer _vnc_reserved[VNC_PADDING_LARGE - 2];
};

29
SOURCES/0002-Fix-inverted-args-when-creating-framebuffer-for-test.patch

@ -0,0 +1,29 @@ @@ -0,0 +1,29 @@
From 871f698cfdd4a7a43e3a155e2b31a13bf54a3cc5 Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Thu, 6 Apr 2017 17:18:33 +0100
Subject: [PATCH] Fix inverted args when creating framebuffer for test suite

The local & remote format args were inverted in the test
suite. This is currently harmless since we are not trying
to validate the rendered framebuffer content.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit 1f508111add33f0e4ceb4425132777d781974730)
---
src/vncconnectiontest.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/vncconnectiontest.c b/src/vncconnectiontest.c
index 6a5e49c..7caaa6e 100644
--- a/src/vncconnectiontest.c
+++ b/src/vncconnectiontest.c
@@ -187,8 +187,7 @@ static void test_helper_desktop_resize(VncConnection *conn,
test->pixels = g_new0(guint8, width * height * 4);
fb = vnc_base_framebuffer_new(test->pixels, width, height, width * 4,
- remoteFormat,
- &localFormat);
+ &localFormat, remoteFormat);
vnc_connection_set_framebuffer(conn, VNC_FRAMEBUFFER(fb));

34
SOURCES/0003-Avoid-sign-extension-warnings-from-coverity.patch

@ -0,0 +1,34 @@ @@ -0,0 +1,34 @@
From b608ab801c6dfd5babd224d5f8a21010ccb64b28 Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Thu, 6 Apr 2017 17:21:29 +0100
Subject: [PATCH] Avoid sign extension warnings from coverity

src/vncconnection.c:3082: sign_extension:
Suspicious implicit sign extension: "height" with type "unsigned short"
(16 bits, unsigned) is promoted in "rowlen * height" to type "int"
(32 bits, signed), then sign-extended to type "unsigned long"
(64 bits, unsigned). If "rowlen * height" is greater than 0x7FFFFFFF,
the upper bits of the result will all be 1.

The 'rowlen' variable is initialization from the unsigned width
variable, so should have used uint instead of int.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit c3e5d23d67c9a209f127caab7843d94a91031a5f)
---
src/vncconnection.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/vncconnection.c b/src/vncconnection.c
index 19dbfee..c55f71d 100644
--- a/src/vncconnection.c
+++ b/src/vncconnection.c
@@ -3064,7 +3064,7 @@ static void vnc_connection_xcursor(VncConnection *conn, guint16 x, guint16 y, gu
guint8 *pixbuf = NULL;
guint8 *data, *mask, *datap, *maskp;
guint32 *pixp;
- int rowlen;
+ guint rowlen;
int x1, y1;
guint8 fgrgb[3], bgrgb[3];
guint32 fg, bg;

32
SOURCES/0004-Fix-crash-when-opening-connection-from-a-GSocketAddr.patch

@ -0,0 +1,32 @@ @@ -0,0 +1,32 @@
From 605811dbb15450037befa3e3b120f737f4625752 Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Thu, 6 Apr 2017 17:24:50 +0100
Subject: [PATCH] Fix crash when opening connection from a GSocketAddress

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit 5368f77d6215d7b6ad1422dff284d288a26ff481)
---
src/vncconnection.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/vncconnection.c b/src/vncconnection.c
index c55f71d..8cec1af 100644
--- a/src/vncconnection.c
+++ b/src/vncconnection.c
@@ -5423,13 +5423,13 @@ static gboolean vnc_connection_open_addr_internal(VncConnection *conn)
VNC_DEBUG("Connecting with addr %p", priv->addr);
sock = vnc_connection_connect_socket(&priv->wait, priv->addr, &conn_error);
- vnc_connection_set_error(conn, "Unable to connect: %s",
- conn_error->message);
- g_clear_error(&conn_error);
if (sock) {
priv->sock = sock;
return TRUE;
}
+ vnc_connection_set_error(conn, "Unable to connect: %s",
+ conn_error ? conn_error->message : "");
+ g_clear_error(&conn_error);
return FALSE;
}

36
SOURCES/0005-Fix-crash-when-no-error-is-set-after-connection-fail.patch

@ -0,0 +1,36 @@ @@ -0,0 +1,36 @@
From 4b202fd478ccbdb504c9c2a52b5ef4ddcc50838f Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Tue, 11 Apr 2017 10:47:56 +0100
Subject: [PATCH] Fix crash when no error is set after connection failure

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit a51e6a6973e9bdfcba0e52d3f9ee37686cd95db9)
---
src/vncconnection.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/vncconnection.c b/src/vncconnection.c
index 8cec1af..e5b43a0 100644
--- a/src/vncconnection.c
+++ b/src/vncconnection.c
@@ -5428,7 +5428,7 @@ static gboolean vnc_connection_open_addr_internal(VncConnection *conn)
return TRUE;
}
vnc_connection_set_error(conn, "Unable to connect: %s",
- conn_error ? conn_error->message : "");
+ conn_error ? conn_error->message : "Unknown problem");
g_clear_error(&conn_error);
return FALSE;
}
@@ -5466,8 +5466,9 @@ static gboolean vnc_connection_open_host_internal(VncConnection *conn)
}
g_object_unref(enumerator);
if (!sock) {
- vnc_connection_set_error(conn, "Unable to connect: %s",
- conn_error->message);
+ vnc_connection_set_error(conn, "Unable to connect to %s:%s: %s",
+ priv->host, priv->port,
+ conn_error ? conn_error->message : "Unknown problem");
}
g_clear_error(&conn_error);
if (sock) {

32
SOURCES/0006-Report-a-proper-error-message-if-hitting-connection-.patch

@ -0,0 +1,32 @@ @@ -0,0 +1,32 @@
From 3691a5e5fdf7aeab78ad9b038994c1d24063a509 Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Tue, 11 Apr 2017 11:06:28 +0100
Subject: [PATCH] Report a proper error message if hitting connection timeout

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit 283434730d0cc3a1ee8270e137d71cebe4f0e01b)
---
src/vncconnection.c | 3 +++
1 file changed, 3 insertions(+)

diff --git a/src/vncconnection.c b/src/vncconnection.c
index e5b43a0..2b2bdbb 100644
--- a/src/vncconnection.c
+++ b/src/vncconnection.c
@@ -103,6 +103,8 @@
#endif
+#define GTK_VNC_ERROR g_quark_from_static_string("gtk-vnc")
+
struct wait_queue
{
gboolean waiting;
@@ -5386,6 +5388,7 @@ static GSocket *vnc_connection_connect_socket(struct wait_queue *wait,
*error = NULL;
VNC_DEBUG("Socket pending");
if (!g_io_wait_interruptable(wait, sock, G_IO_OUT|G_IO_ERR|G_IO_HUP)) {
+ g_set_error(error, GTK_VNC_ERROR, 0, "%s", "Connection timed out");
VNC_DEBUG("connect interrupted");
timeout = 0;
goto timeout;

241
SOURCES/0007-Fix-incompatibility-with-libvncserver-websockets-han.patch

@ -0,0 +1,241 @@ @@ -0,0 +1,241 @@
From 7079fa855bfbaff0d14122eac27e96a6a6637a17 Mon Sep 17 00:00:00 2001
From: "Daniel P. Berrange" <berrange@redhat.com>
Date: Tue, 11 Apr 2017 11:41:03 +0100
Subject: [PATCH] Fix incompatibility with libvncserver websockets handling

The previous commit:

commit 7f4f2fe8da72ed9fef5dd4319e19feb2b4f3d62e
Author: Daniel P. Berrange <berrange@redhat.com>
Date: Thu Jan 26 09:31:40 2017 +0000

Add workaround to avoid hangs when connecting to SPICE

changed the code so that it would send the bytes "RFB " to the
server before we received its own greeting. This works fine for
VNC servers which follow the RFB protocol spec exclusively. The
libvncserver code though tries to implement websockets tunnelling
support on the same port as the normal RFB service. The way it
does this is by waiting 100ms after the client connects to see
if the client sends any data. If the client sends data, then it
tries to interpret this as an HTTP GET request to initiate the
websockets connection. This breaks when it sees our "RFB " bytes
being sent. Ideally the libvncserver would have just run a normal
RFB connection in this case, but that's not what happens, and
given the libvncserver code is in the wild we need a workaround.

So instead of immediately sending the 'RFB ' bytes to the VNC
server, we introduce a 2 second wait. ie, we'll wait for the
normal VNC server greeting and if it doesn't arrive after 2 seconds,
we'll send our 'RFB ' bytes proactively, and continue waiting. If we
are on a real VNC server, we'll get our connection initialized
eventually. If connecting to a SPICE server by mistake, we'll get a
clean disconnect, and we'll avoid upsetting libvncserver, because its
100ms wait for HTTP GET will have long since finished.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit f5623cbc63bb0a835bc662d451cc5128d683bd5d)
---
src/vncconnection.c | 134 +++++++++++++++++++++++++++++++++++-----------------
1 file changed, 90 insertions(+), 44 deletions(-)

diff --git a/src/vncconnection.c b/src/vncconnection.c
index 2b2bdbb..1ddf38d 100644
--- a/src/vncconnection.c
+++ b/src/vncconnection.c
@@ -347,6 +347,23 @@ static GIOCondition g_io_wait(GSocket *sock, GIOCondition cond)
}
+static void g_io_wakeup(struct wait_queue *wait)
+{
+ if (wait->waiting)
+ coroutine_yieldto(wait->context, NULL);
+}
+
+
+static gboolean vnc_connection_timeout(gpointer data)
+{
+ struct wait_queue *wait = data;
+
+ g_io_wakeup(wait);
+
+ return FALSE;
+}
+
+
static GIOCondition g_io_wait_interruptable(struct wait_queue *wait,
GSocket *sock,
GIOCondition cond)
@@ -373,13 +390,6 @@ static GIOCondition g_io_wait_interruptable(struct wait_queue *wait,
return *ret;
}
-static void g_io_wakeup(struct wait_queue *wait)
-{
- if (wait->waiting)
- coroutine_yieldto(wait->context, NULL);
-}
-
-
/*
* Call immediately before the main loop does an iteration. Returns
* true if the condition we're checking is ready for dispatch
@@ -921,8 +931,13 @@ static int vnc_connection_read(VncConnection *conn, void *data, size_t len)
} else if (priv->read_offset == priv->read_size) {
int ret = vnc_connection_read_buf(conn);
- if (ret < 0)
- return ret;
+ if (ret < 0) {
+ if (ret == -EAGAIN) {
+ return offset == 0 ? -EAGAIN : offset;
+ } else {
+ return ret;
+ }
+ }
priv->read_offset = 0;
priv->read_size = ret;
}
@@ -935,7 +950,7 @@ static int vnc_connection_read(VncConnection *conn, void *data, size_t len)
offset += tmp;
}
- return 0;
+ return len;
}
/*
@@ -5239,34 +5254,66 @@ static gboolean vnc_connection_after_version (VncConnection *conn, int major, in
static gboolean vnc_connection_initialize(VncConnection *conn)
{
VncConnectionPrivate *priv = conn->priv;
- int ret, i;
+ int ret, i, want;
char version[13];
guint32 n_name;
+ gboolean partialGreeting = FALSE;
+ guint timeout;
priv->absPointer = TRUE;
- /* We should technically read the server greeting first.
- * If the user mistakenly connects to a SPICE server
- * though, we'll never see the greeting, because with
- * SPICE the client starts first.
- *
- * By sending these 4 bytes first, if the user has
- * accidentally connected to a SPICE server, it will
- * notice this garbage and close the connection, avoiding
- * us waiting forever for a VNC greeting that'll never
- * come.
- *
- * This is harmless for real VNC servers, since the
- * early send will just be queued until they've sent
- * their greeting
- */
- vnc_connection_write(conn, "RFB ", 4);
- vnc_connection_flush(conn);
+ timeout = g_timeout_add_seconds(2, vnc_connection_timeout, &priv->wait);
+ want = 12;
+ while (want > 0) {
+ priv->wait_interruptable = 1;
+ ret = vnc_connection_read(conn, version + (12 - want), want);
+ priv->wait_interruptable = 0;
+ if (vnc_connection_has_error(conn)) {
+ VNC_DEBUG("Error while reading server version");
+ goto fail;
+ }
+ if (ret >= 0) {
+ want -= ret;
+ if (ret != 12) {
+ timeout = 0;
+ }
+ } else {
+ if (ret == -EAGAIN) {
+ /*
+ * We didn't see any RFB greeting before our
+ * timeout. We might have mistakenly connected
+ * to a SPICE server, in which case we might
+ * wait forever, since SPICE expects the client
+ * to send first.
+ *
+ * We'll proactively send the 'RFB ' bytes to the
+ * sever. If we've just got a slow VNC server, it'll
+ * be harmless, but if we've got a SPICE server, this
+ * should trigger it to close the connection, avoiding
+ * us waiting foever.
+ *
+ * NB, while we could just send the "RFB " bytes
+ * immediately, the libvncserver code does something
+ * really crazy. When it sees a client connection, it
+ * waits 100ms for an HTTP GET request to indicate
+ * use of websockets proxy. If it sees the RFB bytes
+ * it doesn't run a normal VNC connection, it just kills
+ * the connection :-(
+ */
+ VNC_DEBUG("No server greeting, sending partial client greeting");
+ vnc_connection_write(conn, "RFB ", 4);
+ vnc_connection_flush(conn);
+ partialGreeting = TRUE;
+ timeout = 0;
+ } else {
+ VNC_DEBUG("Unexpected read error during greeting");
+ goto fail;
+ }
+ }
+ }
- vnc_connection_read(conn, version, 12);
- if (vnc_connection_has_error(conn)) {
- VNC_DEBUG("Error while reading server version");
- goto fail;
+ if (timeout != 0) {
+ g_source_remove(timeout);
}
version[12] = 0;
@@ -5291,8 +5338,16 @@ static gboolean vnc_connection_initialize(VncConnection *conn)
priv->minor = 8;
}
- snprintf(version, 13, "%03d.%03d\n", priv->major, priv->minor);
- vnc_connection_write(conn, version, 8);
+ if (partialGreeting) {
+ VNC_DEBUG("Sending rest of greeting");
+ snprintf(version, 13, "%03d.%03d\n", priv->major, priv->minor);
+ want = 8;
+ } else {
+ VNC_DEBUG("Sending full greeting");
+ snprintf(version, 13, "RFB %03d.%03d\n", priv->major, priv->minor);
+ want = 12;
+ }
+ vnc_connection_write(conn, version, want);
vnc_connection_flush(conn);
VNC_DEBUG("Using version: %d.%d", priv->major, priv->minor);
@@ -5358,15 +5413,6 @@ static gboolean vnc_connection_open_fd_internal(VncConnection *conn)
return !vnc_connection_has_error(conn);
}
-static gboolean connect_timeout(gpointer data)
-{
- struct wait_queue *wait = data;
-
- g_io_wakeup(wait);
-
- return FALSE;
-}
-
static GSocket *vnc_connection_connect_socket(struct wait_queue *wait,
GSocketAddress *sockaddr,
GError **error)
@@ -5379,7 +5425,7 @@ static GSocket *vnc_connection_connect_socket(struct wait_queue *wait,
if (!sock)
return NULL;
- guint timeout = g_timeout_add_seconds(10, connect_timeout, wait);
+ guint timeout = g_timeout_add_seconds(10, vnc_connection_timeout, wait);
g_socket_set_blocking(sock, FALSE);
if (!g_socket_connect(sock, sockaddr, NULL, error)) {

40
SOURCES/0008-Don-t-short-circuit-request-for-TLS-credentials.patch

@ -0,0 +1,40 @@ @@ -0,0 +1,40 @@
From a6ef11572ffdfde69c901c8c4903c911f0e27d76 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Wed, 31 Jan 2018 11:09:38 +0000
Subject: [PATCH] Don't short-circuit request for TLS credentials
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Although newer GNUTLS has a default system trust fallback for CA
certificates, we must still request certificates from the client app. If
we do not, then the VNC client will never be given the opportunity to
provide custom certs to override the system trust database.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit df656c79467c2595b4a2cd35283c7f5d52adf336)
---
src/vncconnection.c | 8 --------
1 file changed, 8 deletions(-)

diff --git a/src/vncconnection.c b/src/vncconnection.c
index 1ddf38d..e5496ef 100644
--- a/src/vncconnection.c
+++ b/src/vncconnection.c
@@ -3528,16 +3528,8 @@ static gboolean vnc_connection_has_credentials(gpointer data)
return FALSE;
if (priv->want_cred_password && !priv->cred_password)
return FALSE;
- /*
- * For x509 we require a minimum of the CA cert
- * if using GNUTLS < 3.0. With newer GNUTLS we'll
- * fallback to the system trust, so don't need to
- * explicitly check for a CA cert.
- */
-#if GNUTLS_VERSION_NUMBER < 0x030000
if (priv->want_cred_x509 && !priv->cred_x509_cacert)
return FALSE;
-#endif
return TRUE;
}

56
SOURCES/0009-Add-debug-logs-wrt-credential-gathering.patch

@ -0,0 +1,56 @@ @@ -0,0 +1,56 @@
From 109cb2369ce3064e96c91e4387c4e122cf722d53 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Wed, 31 Jan 2018 11:11:09 +0000
Subject: [PATCH] Add debug logs wrt credential gathering
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit 8e14f8a00c486ac4a133fcd190526e73406d9cb6)
---
src/vncconnection.c | 7 +++++++
1 file changed, 7 insertions(+)

diff --git a/src/vncconnection.c b/src/vncconnection.c
index e5496ef..35966c9 100644
--- a/src/vncconnection.c
+++ b/src/vncconnection.c
@@ -3537,6 +3537,8 @@ static gboolean vnc_connection_gather_credentials(VncConnection *conn)
{
VncConnectionPrivate *priv = conn->priv;
+ VNC_DEBUG("Checking if credentials are needed");
+
if (priv->coroutine_stop)
return FALSE;
@@ -3554,16 +3556,19 @@ static gboolean vnc_connection_gather_credentials(VncConnection *conn)
g_value_init(&username, VNC_TYPE_CONNECTION_CREDENTIAL);
g_value_set_enum(&username, VNC_CONNECTION_CREDENTIAL_USERNAME);
authCred = g_value_array_append(authCred, &username);
+ VNC_DEBUG("Want a username");
}
if (priv->want_cred_password) {
g_value_init(&password, VNC_TYPE_CONNECTION_CREDENTIAL);
g_value_set_enum(&password, VNC_CONNECTION_CREDENTIAL_PASSWORD);
authCred = g_value_array_append(authCred, &password);
+ VNC_DEBUG("Want a password");
}
if (priv->want_cred_x509) {
g_value_init(&clientname, VNC_TYPE_CONNECTION_CREDENTIAL);
g_value_set_enum(&clientname, VNC_CONNECTION_CREDENTIAL_CLIENTNAME);
authCred = g_value_array_append(authCred, &clientname);
+ VNC_DEBUG("Want a TLS clientname");
}
sigdata.params.authCred = authCred;
@@ -3577,6 +3582,8 @@ static gboolean vnc_connection_gather_credentials(VncConnection *conn)
VNC_DEBUG("Waiting for missing credentials");
g_condition_wait(vnc_connection_has_credentials, conn);
VNC_DEBUG("Got all credentials");
+ } else {
+ VNC_DEBUG("No credentials required");
}
return !vnc_connection_has_error(conn);
}

87
SOURCES/0010-Explicitly-track-whether-x509-creds-have-been-set.patch

@ -0,0 +1,87 @@ @@ -0,0 +1,87 @@
From 04a3fe9e8122166eb8f257396fd07314182d2fc2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Wed, 31 Jan 2018 11:27:10 +0000
Subject: [PATCH] Explicitly track whether x509 creds have been set
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

If we want to use the system trust DB, we can't rely on cred_x509_cacert
field being non-NULL. We must explicitly record whether the client app
has set the x509 credentials. We allow cacert to be missing if we are
built against a new enough GNUTLS.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit abc27748c6ca309ec3c39fb6c84426a459f56c74)
---
src/vncconnection.c | 21 ++++++++++++++++++---
1 file changed, 18 insertions(+), 3 deletions(-)

diff --git a/src/vncconnection.c b/src/vncconnection.c
index 35966c9..7fcbe89 100644
--- a/src/vncconnection.c
+++ b/src/vncconnection.c
@@ -217,6 +217,7 @@ struct _VncConnectionPrivate
char *cred_x509_cacrl;
char *cred_x509_cert;
char *cred_x509_key;
+ gboolean set_cred_x509;
gboolean want_cred_username;
gboolean want_cred_password;
gboolean want_cred_x509;
@@ -3528,7 +3529,7 @@ static gboolean vnc_connection_has_credentials(gpointer data)
return FALSE;
if (priv->want_cred_password && !priv->cred_password)
return FALSE;
- if (priv->want_cred_x509 && !priv->cred_x509_cacert)
+ if (priv->want_cred_x509 && !priv->set_cred_x509)
return FALSE;
return TRUE;
}
@@ -5122,6 +5123,7 @@ static void vnc_connection_close(VncConnection *conn)
priv->cred_password = NULL;
}
+ priv->set_cred_x509 = FALSE;
if (priv->cred_x509_cacert) {
g_free(priv->cred_x509_cacert);
priv->cred_x509_cacert = NULL;
@@ -5838,6 +5840,7 @@ static gboolean vnc_connection_set_credential_x509(VncConnection *conn,
{
VncConnectionPrivate *priv = conn->priv;
char *sysdir = g_strdup_printf("%s/pki", SYSCONFDIR);
+ int ret;
#ifndef WIN32
struct passwd *pw;
@@ -5852,9 +5855,19 @@ static gboolean vnc_connection_set_credential_x509(VncConnection *conn,
for (int i = 0 ; i < sizeof(dirs)/sizeof(dirs[0]) ; i++)
VNC_DEBUG("Searching for certs in %s", dirs[i]);
- if (vnc_connection_best_path(&priv->cred_x509_cacert, "CA", "cacert.pem",
- dirs, sizeof(dirs)/sizeof(dirs[0])) < 0)
+ ret = vnc_connection_best_path(&priv->cred_x509_cacert, "CA", "cacert.pem",
+ dirs, sizeof(dirs)/sizeof(dirs[0]));
+ /* With modern GNUTLS we can just allow the global GNUTLS trust database
+ * to be used to validate CA certificates if no specific cert is set
+ */
+ if (ret < 0) {
+#if GNUTLS_VERSION_NUMBER < 0x030000
+ VNC_DEBUG("No CA certificate provided and no global fallback");
return FALSE;
+#else
+ VNC_DEBUG("No CA certificate provided, using GNUTLS global trust");
+#endif
+ }
/* Don't mind failures of CRL */
vnc_connection_best_path(&priv->cred_x509_cacrl, "CA", "cacrl.pem",
@@ -5867,6 +5880,8 @@ static gboolean vnc_connection_set_credential_x509(VncConnection *conn,
vnc_connection_best_path(&priv->cred_x509_cert, name, "clientcert.pem",
dirs, sizeof(dirs)/sizeof(dirs[0]));
+ priv->set_cred_x509 = TRUE;
+
return TRUE;
}

638
SPECS/gtk-vnc.spec

@ -0,0 +1,638 @@ @@ -0,0 +1,638 @@
# -*- rpm-spec -*-

# This spec file assumes you are building for Fedora 20 or newer,
# or for RHEL 6 or newer. It may need some tweaks for other distros.

%global with_gir 0
%if 0%{?fedora} || 0%{?rhel} >= 7
%global with_gir 1
%endif

%global with_gtk3 0
%if 0%{?fedora} || 0%{?rhel} >= 7
%global with_gtk3 1
%endif

%global with_vala 0
%if 0%{with_gtk3}
%global with_vala 1
%endif

%if 0%{?fedora} >= 25
%global tls_priority "@LIBVIRT,SYSTEM"
%else
%if 0%{?fedora} >= 21
%global tls_priority "@SYSTEM"
%else
%global tls_priority "NORMAL"
%endif
%endif

Summary: A GTK2 widget for VNC clients
Name: gtk-vnc
Version: 0.7.0
Release: 3%{?dist}%{?extra_release}
License: LGPLv2+
Group: Development/Libraries
Source: http://ftp.gnome.org/pub/GNOME/sources/%{name}/0.5/%{name}-%{version}.tar.xz
Patch1: 0001-Restore-correct-size-of-reserved-data.patch
Patch2: 0002-Fix-inverted-args-when-creating-framebuffer-for-test.patch
Patch3: 0003-Avoid-sign-extension-warnings-from-coverity.patch
Patch4: 0004-Fix-crash-when-opening-connection-from-a-GSocketAddr.patch
Patch5: 0005-Fix-crash-when-no-error-is-set-after-connection-fail.patch
Patch6: 0006-Report-a-proper-error-message-if-hitting-connection-.patch
Patch7: 0007-Fix-incompatibility-with-libvncserver-websockets-han.patch
Patch8: 0008-Don-t-short-circuit-request-for-TLS-credentials.patch
Patch9: 0009-Add-debug-logs-wrt-credential-gathering.patch
Patch10: 0010-Explicitly-track-whether-x509-creds-have-been-set.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
URL: https://wiki.gnome.org/Projects/gtk-vnc
Requires: gvnc = %{version}-%{release}
BuildRequires: gtk2-devel >= 2.14
BuildRequires: pygtk2-devel python-devel zlib-devel
BuildRequires: gnutls-devel libgcrypt-devel cyrus-sasl-devel intltool
%if %{with_gir}
BuildRequires: gobject-introspection-devel
%endif
%if %{with_gtk3}
BuildRequires: gtk3-devel
%endif
%if %{with_vala}
BuildRequires: vala-tools
%endif
BuildRequires: pulseaudio-libs-devel
BuildRequires: /usr/bin/pod2man

%description
gtk-vnc is a VNC viewer widget for GTK2. It is built using coroutines
allowing it to be completely asynchronous while remaining single threaded.

%package devel
Summary: Development files to build GTK2 applications with gtk-vnc
Group: Development/Libraries
Requires: %{name} = %{version}-%{release}
Requires: pkgconfig
Requires: gtk2-devel

%description devel
gtk-vnc is a VNC viewer widget for GTK2. It is built using coroutines
allowing it to be completely asynchronous while remaining single threaded.

Libraries, includes, etc. to compile with the gtk-vnc library

%package python
Summary: Python bindings for the gtk-vnc library
Group: Development/Libraries
Requires: %{name} = %{version}-%{release}

%description python
gtk-vnc is a VNC viewer widget for GTK2. It is built using coroutines
allowing it to be completely asynchronous while remaining single threaded.

A module allowing use of the GTK-VNC widget from python

%package -n gvnc
Summary: A GObject for VNC connections
Group: Development/Libraries

%description -n gvnc
gvnc is a GObject for managing a VNC connection. It provides all the
infrastructure required to build a VNC client without having to deal
with the raw protocol itself.

%package -n gvnc-devel
Summary: Libraries, includes, etc. to compile with the gvnc library
Group: Development/Libraries
Requires: gvnc = %{version}-%{release}
Requires: pkgconfig

%description -n gvnc-devel
gvnc is a GObject for managing a VNC connection. It provides all the
infrastructure required to build a VNC client without having to deal
with the raw protocol itself.

Libraries, includes, etc. to compile with the gvnc library

%package -n gvncpulse
Summary: A Pulse Audio bridge for VNC connections
Group: Development/Libraries
Requires: gvnc = %{version}-%{release}

%description -n gvncpulse
gvncpulse is a bridge to the Pulse Audio system for VNC.
It allows VNC clients to play back audio on the local
system

%package -n gvncpulse-devel
Summary: Libraries, includes, etc. to compile with the gvncpulse library
Group: Development/Libraries
Requires: gvncpulse = %{version}-%{release}
Requires: pkgconfig

%description -n gvncpulse-devel
gvncpulse is a bridge to the Pulse Audio system for VNC.
It allows VNC clients to play back audio on the local
system

Libraries, includes, etc. to compile with the gvnc library

%package -n gvnc-tools
Summary: Command line VNC tools
Group: Applications/Internet
Requires: gvnc = %{version}-%{release}

%description -n gvnc-tools
Provides useful command line utilities for interacting with
VNC servers. Includes the gvnccapture program for capturing
screenshots of a VNC desktop

%if %{with_gtk3}
%package -n gtk-vnc2
Summary: A GTK3 widget for VNC clients
Group: Applications/Internet
Requires: gvnc = %{version}-%{release}

%description -n gtk-vnc2
gtk-vnc is a VNC viewer widget for GTK3. It is built using coroutines
allowing it to be completely asynchronous while remaining single threaded.

%package -n gtk-vnc2-devel
Summary: Development files to build GTK3 applications with gtk-vnc
Group: Development/Libraries
Requires: gtk-vnc2 = %{version}-%{release}
Requires: pkgconfig
Requires: gtk3-devel

%description -n gtk-vnc2-devel
gtk-vnc is a VNC viewer widget for GTK3. It is built using coroutines
allowing it to be completely asynchronous while remaining single threaded.

Libraries, includes, etc. to compile with the gtk-vnc library
%endif

%prep
%setup -q -n gtk-vnc-%{version} -c
cd gtk-vnc-%{version}
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
%patch10 -p1
cd ..
%if %{with_gtk3}
cp -a gtk-vnc-%{version} gtk-vnc2-%{version}
%endif

%build
%if %{with_gir}
%define gir_arg --enable-introspection=yes
%else
%define gir_arg --enable-introspection=no
%endif

cd gtk-vnc-%{version}
%configure --with-gtk=2.0 %{gir_arg} \
--with-tls-priority=%{tls_priority}
%__make %{?_smp_mflags} V=1
chmod -x examples/*.pl examples/*.js examples/*.py
cd ..

%if %{with_gtk3}
cd gtk-vnc2-%{version}
%configure --with-gtk=3.0 %{gir_arg} \
--with-tls-priority=%{tls_priority}
%__make %{?_smp_mflags} V=1
chmod -x examples/*.pl examples/*.js examples/*.py
cd ..
%endif

%install
rm -fr %{buildroot}
cd gtk-vnc-%{version}
%__make install DESTDIR=%{buildroot}
cd ..

%if %{with_gtk3}
cd gtk-vnc2-%{version}
%__make install DESTDIR=%{buildroot}
cd ..
%endif

rm -f %{buildroot}%{_libdir}/*.a
rm -f %{buildroot}%{_libdir}/*.la
rm -f %{buildroot}%{_libdir}/python*/site-packages/*.a
rm -f %{buildroot}%{_libdir}/python*/site-packages/*.la

%find_lang %{name}

%clean
rm -fr %{buildroot}

%post -p /sbin/ldconfig

%postun -p /sbin/ldconfig

%post -n gvnc -p /sbin/ldconfig

%postun -n gvnc -p /sbin/ldconfig

%post -n gvncpulse -p /sbin/ldconfig

%postun -n gvncpulse -p /sbin/ldconfig

%if %{with_gtk3}
%post -n gtk-vnc2 -p /sbin/ldconfig

%postun -n gtk-vnc2 -p /sbin/ldconfig
%endif

%files
%defattr(-, root, root)
%{_libdir}/libgtk-vnc-1.0.so.*
%if %{with_gir}
%{_libdir}/girepository-1.0/GtkVnc-1.0.typelib
%endif

%files devel
%defattr(-, root, root)
%doc gtk-vnc-%{version}/examples/gvncviewer.c
%{_libdir}/libgtk-vnc-1.0.so
%dir %{_includedir}/%{name}-1.0/
%{_includedir}/%{name}-1.0/*.h
%{_libdir}/pkgconfig/%{name}-1.0.pc
%if %{with_gir}
%{_datadir}/gir-1.0/GtkVnc-1.0.gir
%endif

%files python
%defattr(-, root, root)
%doc gtk-vnc-%{version}/examples/gvncviewer-bindings.py
%{_libdir}/python*/site-packages/gtkvnc.so

%files -n gvnc -f %{name}.lang
%defattr(-, root, root)
%{_libdir}/libgvnc-1.0.so.*
%if %{with_gir}
%{_libdir}/girepository-1.0/GVnc-1.0.typelib
%endif
%if %{with_vala}
%{_datadir}/vala/vapi/gvnc-1.0.deps
%{_datadir}/vala/vapi/gvnc-1.0.vapi
%endif

%files -n gvnc-devel
%defattr(-, root, root)
%{_libdir}/libgvnc-1.0.so
%dir %{_includedir}/gvnc-1.0/
%{_includedir}/gvnc-1.0/*.h
%{_libdir}/pkgconfig/gvnc-1.0.pc
%if %{with_gir}
%{_datadir}/gir-1.0/GVnc-1.0.gir
%endif

%files -n gvncpulse -f %{name}.lang
%defattr(-, root, root)
%{_libdir}/libgvncpulse-1.0.so.*
%if %{with_gir}
%{_libdir}/girepository-1.0/GVncPulse-1.0.typelib
%endif
%if %{with_vala}
%{_datadir}/vala/vapi/gvncpulse-1.0.deps
%{_datadir}/vala/vapi/gvncpulse-1.0.vapi
%endif

%files -n gvncpulse-devel
%defattr(-, root, root)
%{_libdir}/libgvncpulse-1.0.so
%dir %{_includedir}/gvncpulse-1.0/
%{_includedir}/gvncpulse-1.0/*.h
%{_libdir}/pkgconfig/gvncpulse-1.0.pc
%if %{with_gir}
%{_datadir}/gir-1.0/GVncPulse-1.0.gir
%endif

%files -n gvnc-tools
%defattr(-, root, root)
%doc gtk-vnc-%{version}/AUTHORS
%doc gtk-vnc-%{version}/ChangeLog
%doc gtk-vnc-%{version}/ChangeLog-old
%doc gtk-vnc-%{version}/NEWS
%doc gtk-vnc-%{version}/README
%doc gtk-vnc-%{version}/COPYING.LIB
%{_bindir}/gvnccapture
%{_mandir}/man1/gvnccapture.1*

%if %{with_gtk3}
%files -n gtk-vnc2
%defattr(-, root, root)
%{_libdir}/libgtk-vnc-2.0.so.*
%if %{with_gir}
%{_libdir}/girepository-1.0/GtkVnc-2.0.typelib
%endif
%if %{with_vala}
%{_datadir}/vala/vapi/gtk-vnc-2.0.deps
%{_datadir}/vala/vapi/gtk-vnc-2.0.vapi
%endif

%files -n gtk-vnc2-devel
%defattr(-, root, root)
%doc gtk-vnc2-%{version}/examples/gvncviewer.c
%if %{with_gir}
%doc gtk-vnc2-%{version}/examples/gvncviewer.js
%doc gtk-vnc2-%{version}/examples/gvncviewer.pl
%doc gtk-vnc2-%{version}/examples/gvncviewer-introspection.py
%endif
%{_libdir}/libgtk-vnc-2.0.so
%dir %{_includedir}/%{name}-2.0/
%{_includedir}/%{name}-2.0/*.h
%{_libdir}/pkgconfig/%{name}-2.0.pc
%if %{with_gir}
%{_datadir}/gir-1.0/GtkVnc-2.0.gir
%endif
%endif

%changelog
* Thu Feb 1 2018 Daniel P. Berrange <berrange@redhat.com> - 0.7.0-3
- Fix TLS credentials request (rhbz #1539148)

* Wed Apr 12 2017 Daniel P. Berrange <berrange@redhat.com> - 0.7.0-2
- Fix reserved data size (rhbz #1416783)
- Fix inverted args in tests (rhbz #1416783)
- Avoid sign extension problems (rhbz #1416783)
- Fix crash with opening via GSocketAddress (rhbz #1416783)
- Fix crash & error reporting during connection timeout (rhbz #1441120)
- Fix incompatibility with libvncserver websockets (rhbz #921330)

* Thu Feb 16 2017 Daniel P. Berrange <berrange@redhat.com> - 0.7.0-1
- Update to 0.7.0 release (rhbz #1416783)
- Release held keys when loosing focus (rhbz #921008)
- Avoid warnings when disconnecting (rhbz #1126825)
- Workaround to avoid hang connecting to SPICE guest (rhbz #921330)
- CVE-2017-5884 - fix bounds checking for RRE, hextile and
copyrect encodings (rhbz #1425367)
- CVE-2017-5885 - fix color map index bounds checking (rhbz #1425367)

* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 0.5.2-7
- Mass rebuild 2014-01-24

* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 0.5.2-6
- Mass rebuild 2013-12-27

* Wed Oct 9 2013 Daniel P. Berrange <berrange@redhat.com> - 0.5.2-5
- Fix missing/incorrect deps in sub-RPMs

* Fri Sep 13 2013 Daniel P. Berrange <berrange@redhat.com> - 0.5.2-4
- Only process key grab sequence upon release (rhbz #1007877)

* Fri Sep 13 2013 Daniel P. Berrange <berrange@redhat.com> - 0.5.2-3
- Fix memory leak in ucontext coroutine (rhbz #1007837)

* Wed May 8 2013 Daniel P. Berrange <berrange@redhat.com> - 0.5.2-2
- Turn off execute bit on examples to stop auto-deps being added

* Tue Apr 30 2013 Daniel Mach <dmach@redhat.com> - 0.5.2-1.2
- Rebuild for cyrus-sasl

* Fri Feb 22 2013 Daniel P. Berrange <berrange@redhat.com> - 0.5.2-1
- Update to 0.5.2 release
- Fix auth credential type (rhbz #697067)

* Sat Feb 16 2013 Cole Robinson <crobinso@redhat.com> - 0.5.1-7
- Fix send_key introspection bindings

* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.5.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild

* Mon Dec 10 2012 Adam Jackson <ajax@redhat.com> 0.5.1-5
- gtk-vnc-0.5.1-bigendian.patch: Fix pixel swizzling on big-endian.

* Tue Sep 4 2012 Daniel P. Berrange <berrange@redhat.com> - 0.5.1-4
- Add missing deps on gvnc (rhbz #852053)

* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.5.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

* Sat Jul 14 2012 Ville Skyttä <ville.skytta@iki.fi> - 0.5.1-2
- Call ldconfig at gvnc, gvncpulse, and gtk-vnc2 post(un)install time.

* Thu Jul 12 2012 Daniel P. Berrange <berrange@redhat.com> - 0.5.1-1
- Update to 0.5.1 release

* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.5.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

* Wed Dec 21 2011 Daniel P. Berrange <berrange@redhat.com> - 0.5.0-1
- Update to 0.5.0 release

* Thu Nov 10 2011 Daniel P. Berrange <berrange@redhat.com> - 0.4.4-1
- Update to 0.4.4 release

* Tue Nov 08 2011 Adam Jackson <ajax@redhat.com> - 0.4.3-2
- Rebuild to break bogus libpng dep

* Fri Feb 18 2011 Daniel P. Berrange <berrange@redhat.com> - 0.4.3-1
- Update to 0.4.3 release

* Thu Feb 10 2011 Matthias Clasen <mclasen@redhat.com> - 0.4.2-10
- Rebuild against newer gtk

* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.4.2-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

* Wed Feb 2 2011 Matthias Clasen <mclasen@redhat.com> - 0.4.2-8
- Rebuild against newer gtk

* Thu Jan 13 2011 Daniel P. Berrange <berrange@redhat.com> - 0.4.2-7
- Cope with multiple GDK backends in GTK3

* Tue Jan 11 2011 Daniel P. Berrange <berrange@redhat.com> - 0.4.2-6
- Rebuild for change in GTK3 soname

* Mon Jan 10 2011 Daniel P. Berrange <berrange@redhat.com> - 0.4.2-5
- Add fix to remove use of GdkDrawble for GTK3 compat

* Sun Jan 9 2011 Matthias Clasen <mclasen@redhat.com> - 0.4.2-5
- Rebuild against newer gtk3

* Tue Dec 14 2010 Daniel P. Berrange <berrange@redhat.com> - 0.4.2-4
- Fix unref of GSource objects to address performance degradation (rhbz #657847)

* Mon Nov 29 2010 Daniel P. Berrange <berrange@redhat.com> - 0.4.2-3
- Re-introduce a server side pixmap via cairo to cache framebuffer (rhbz #657542)

* Mon Nov 29 2010 Daniel P. Berrange <berrange@redhat.com> - 0.4.2-2
- Fix crash in TLS shutdown code (rhbz #650601)
- Fix crash in motion event handler (rhbz #650104)
- Fix framebuffer update bounds checking (rhbz #655630)

* Fri Nov 5 2010 Daniel P. Berrange <berrange@redhat.com> - 0.4.2-1
- Update to 0.4.2 release.
- Enable experimental GTK3 build

* Mon Oct 18 2010 Colin Walters <walters@verbum.org> - 0.4.1-9
- Rebuild to use old pygobject2-python2 API again:
https://bugzilla.redhat.com/show_bug.cgi?id=638457

* Wed Sep 29 2010 jkeating - 0.4.1-8
- Rebuilt for gcc bug 634757

* Tue Sep 21 2010 Matthias Clasen <mclasen@redhat.com> - 0.4.1-7
- Rebuild against newer gobject-introspection

* Tue Aug 31 2010 Daniel P. Berrange <berrange@redhat.com> - 0.4.1-6
- Prevent RPM picking up a dep on gjs (rhbz 628604)

* Fri Aug 6 2010 Daniel P. Berrange <berrange@redhat.com> - 0.4.1-5
- Reset buffer offsets on connection close (rhbz 620843)

* Thu Aug 5 2010 Daniel P. Berrange <berrange@redhat.com> - 0.4.1-4
- Reset buffer pointer on connection close (rhbz 620843)

* Wed Jul 21 2010 David Malcolm <dmalcolm@redhat.com> - 0.4.1-3
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild

* Thu Jul 15 2010 Colin Walters <walters@verbum.org> - 0.4.1-2
- Rebuild with new gobject-introspection

* Wed Jul 14 2010 Daniel P. Berrange <berrange@redhat.com> - 0.4.1-1
- Update to 0.4.1 release

* Sun Jul 11 2010 Daniel P. Berrange <berrange@redhat.com> - 0.4.0-1
- Update to 0.4.0 release
- Add new sub-packages for gvnc

* Tue Apr 27 2010 Daniel P. Berrange <berrange@redhat.com> - 0.3.10-3
- Drop VNC connection if the server sends a update spaning outside bounds of desktop (rhbz #540810)
- Fix gcrypt threading initialization (rhbz #537489)

* Tue Oct 20 2009 Matthias Clasen <mclaesn@redhat.com> - 0.3.10-1
- Update to 0.3.10

* Thu Oct 8 2009 Matthias Clasen <mclaesn@redhat.com> - 0.3.9-2
- Request a full screen refresh when receives a desktop-resize encoding

* Tue Aug 11 2009 Daniel P. Berrange <berrange@redhat.com> - 0.3.9-1
- Update to 0.3.9 release

* Tue Aug 11 2009 Ville Skyttä <ville.skytta@iki.fi> - 0.3.8-10
- Use bzipped upstream tarball.

* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.8-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

* Fri Mar 27 2009 Daniel P. Berrange <berrange@redhat.com> - 0.3.8-8.fc11
- Fix ungrab when pointer type changes

* Tue Mar 24 2009 Daniel P. Berrange <berrange@redhat.com> - 0.3.8-7.fc11
- Fix release of keyboard grab when releasing mouse grab outside app window (rhbz #491167)

* Thu Mar 5 2009 Daniel P. Berrange <berrange@redhat.com> - 0.3.8-6.fc11
- Fix SASL address generation when using AF_UNIX sockets

* Tue Mar 3 2009 Daniel P. Berrange <berrange@redhat.com> - 0.3.8-5.fc11
- Support SASL authentication extension

* Thu Feb 26 2009 Daniel P. Berrange <berrange@redhat.com> - 0.3.8-4.fc11
- Fix relative mouse handling to avoid 'invisible wall'

* Tue Feb 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.8-3.fc11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

* Tue Feb 24 2009 Daniel P. Berrange <berrange@redhat.com> - 0.3.8-2.fc11
- Update URLs to gnome.org hosting

* Sun Dec 7 2008 Daniel P. Berrange <berrange@redhat.com> - 0.3.8-1.fc11
- Update to 0.3.8 release

* Sat Nov 29 2008 Ignacio Vazquez-Abrams <ivazqueznet+rpm@gmail.com> - 0.3.7-4
- Rebuild for Python 2.6

* Thu Oct 9 2008 Daniel P. Berrange <berrange@redhat.com> - 0.3.7-3.fc10
- Avoid bogus framebuffer updates for psuedo-encodings
- Fix scancode translation for evdev

* Thu Sep 25 2008 Daniel P. Berrange <berrange@redhat.com> - 0.3.7-2.fc10
- Allow pointer ungrab keysequence if already grabbed (rhbz #463729)

* Fri Sep 5 2008 Matthias Clasen <mclasen@redhat.com> - 0.3.7-1
- Update to 0.3.7

* Thu Aug 28 2008 Daniel P. Berrange <berrange@redhat.com> - 0.3.6-4.fc10
- Fix key/mouse event propagation (rhbz #454627)

* Mon Jul 7 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 0.3.6-3
- fix conditional comparison

* Wed Jun 25 2008 Daniel P. Berrange <berrange@redhat.com> - 0.3.6-2.fc10
- Rebuild for GNU TLS ABI change

* Wed May 7 2008 Daniel P. Berrange <berrange@redhat.com> - 0.3.6-1.fc10
- Updated to 0.3.6 release

* Fri Apr 25 2008 Matthias Clasen <mclasen@redhat.com> - 0.3.5-1.fc9
- Update to 0.3.5

* Fri Apr 4 2008 Daniel P. Berrange <berrange@redhat.com> - 0.3.4-4.fc9
- Remove bogus chunk of render patch

* Thu Apr 3 2008 Daniel P. Berrange <berrange@redhat.com> - 0.3.4-3.fc9
- Fix OpenGL rendering artifacts (rhbz #440184)

* Thu Apr 3 2008 Daniel P. Berrange <berrange@redhat.com> - 0.3.4-2.fc9
- Fixed endianness conversions
- Fix makecontext() args crash on x86_64
- Fix protocol version negotiation

* Thu Mar 6 2008 Daniel P. Berrange <berrange@redhat.com> - 0.3.4-1.fc9
- Update to 0.3.4 release
- Fix crash with OpenGL scaling code

* Sun Feb 3 2008 Daniel P. Berrange <berrange@redhat.com> - 0.3.3-1.fc9
- Update to 0.3.3 release

* Mon Jan 14 2008 Daniel P. Berrange <berrange@redhat.com> - 0.3.2-2.fc9
- Track keystate to avoid stuck modifier keys

* Mon Dec 31 2007 Daniel P. Berrange <berrange@redhat.com> - 0.3.2-1.fc9
- Update to 0.3.2 release
- Added dep on zlib-devel

* Thu Dec 13 2007 Daniel P. Berrange <berrange@redhat.com> - 0.3.1-1.fc9
- Update to 0.3.1 release

* Wed Oct 10 2007 Daniel P. Berrange <berrange@redhat.com> - 0.2.0-4.fc8
- Fixed coroutine cleanup to avoid SEGV (rhbz #325731)

* Thu Oct 4 2007 Daniel P. Berrange <berrange@redhat.com> - 0.2.0-3.fc8
- Fixed coroutine caller to avoid SEGV

* Wed Sep 26 2007 Daniel P. Berrange <berrange@redhat.com> - 0.2.0-2.fc8
- Remove use of PROT_EXEC for coroutine stack (rhbz #307531 )

* Thu Sep 13 2007 Daniel P. Berrange <berrange@redhat.com> - 0.2.0-1.fc8
- Update to 0.2.0 release

* Wed Aug 29 2007 Daniel P. Berrange <berrange@redhat.com> - 0.1.0-5.fc8
- Fixed handling of mis-matched client/server colour depths

* Wed Aug 22 2007 Daniel P. Berrange <berrange@redhat.com> - 0.1.0-4.fc8
- Fix mixed endian handling & BGR pixel format (rhbz #253597)
- Clear widget areas outside of framebuffer (rhbz #253599)
- Fix off-by-one in python demo

* Thu Aug 16 2007 Daniel P. Berrange <berrange@redhat.com> - 0.1.0-3.fc8
- Tweaked post scripts
- Removed docs from sub-packages
- Explicitly set license to LGPLv2+
- Remove use of macro for install rule

* Wed Aug 15 2007 Daniel P. Berrange <berrange@redhat.com> - 0.1.0-2.fc8
- Added gnutls-devel requirement to -devel package

* Wed Aug 15 2007 Daniel P. Berrange <berrange@redhat.com> - 0.1.0-1.fc8
- Initial official release
Loading…
Cancel
Save