From 1c1f09d6c5f3eff8ea577e215a3aad266bcb2576 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Aug 01 2017 03:21:25 +0000 Subject: import gtk-vnc-0.7.0-2.el7 --- diff --git a/.gitignore b/.gitignore index 0e6ec64..f5a23f8 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/gtk-vnc-0.5.2.tar.xz +SOURCES/gtk-vnc-0.7.0.tar.xz diff --git a/.gtk-vnc.metadata b/.gtk-vnc.metadata index bc0529b..1320818 100644 --- a/.gtk-vnc.metadata +++ b/.gtk-vnc.metadata @@ -1 +1 @@ -894019db4395b72c269c76a438e78aaa48641b34 SOURCES/gtk-vnc-0.5.2.tar.xz +ee1aeeb6a16784a1c0aeb58654afefa887d68500 SOURCES/gtk-vnc-0.7.0.tar.xz diff --git a/SOURCES/0001-Abort-if-mmap-of-coroutine-stack-fails.patch b/SOURCES/0001-Abort-if-mmap-of-coroutine-stack-fails.patch deleted file mode 100644 index 88bcb75..0000000 --- a/SOURCES/0001-Abort-if-mmap-of-coroutine-stack-fails.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 18d452c1b5229198aa04d4a04f7acce9bc662c8f Mon Sep 17 00:00:00 2001 -From: "Daniel P. Berrange" -Date: Fri, 13 Sep 2013 12:05:55 +0100 -Subject: [PATCH] Abort if mmap of coroutine stack fails - -For - - https://bugzilla.redhat.com/show_bug.cgi?id=1007837 - -If we fail to mmap the stack, abort the processs rather -than returning an error. This is standard practice in -glib apps, and the caller was not checking the -coroutine_init() return code leading to memory corruption. - -Signed-off-by: Daniel P. Berrange -(cherry picked from commit b3963416e22382a1fa0ef2d4196f421ef6aee56d) ---- - src/coroutine_ucontext.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/src/coroutine_ucontext.c b/src/coroutine_ucontext.c -index a97e2b1..848016e 100644 ---- a/src/coroutine_ucontext.c -+++ b/src/coroutine_ucontext.c -@@ -20,6 +20,7 @@ - - #include - -+#include - #include - #include - #include -@@ -63,7 +64,8 @@ int coroutine_init(struct coroutine *co) - MAP_PRIVATE | MAP_ANONYMOUS, - -1, 0); - if (co->cc.stack == MAP_FAILED) -- return -1; -+ g_error("Failed to allocate %u bytes for coroutine stack", -+ (unsigned)co->stack_size); - co->cc.entry = coroutine_trampoline; - co->cc.release = _coroutine_release; - co->exited = 0; diff --git a/SOURCES/0001-Restore-correct-size-of-reserved-data.patch b/SOURCES/0001-Restore-correct-size-of-reserved-data.patch new file mode 100644 index 0000000..8f205f3 --- /dev/null +++ b/SOURCES/0001-Restore-correct-size-of-reserved-data.patch @@ -0,0 +1,46 @@ +From 9fe889dbd9e97ee947f13da3c86891940a1a1406 Mon Sep 17 00:00:00 2001 +From: "Daniel P. Berrange" +Date: Thu, 6 Apr 2017 17:12:24 +0100 +Subject: [PATCH] Restore correct size of reserved data + +A previous commit + + commit 7a9271620c894931cc22d6587d58e46c5996dac3 + Author: Lei Li + Date: Mon May 20 11:45:59 2013 +0100 + + Add support for LED state extension to gvnc + +removed 4 elements from the reserved data field, when adding +one pointer. This is because it mistakenly thought the reserved +elements were 1 byte in length, when they are in fact one pointer +in size. + +The original change was technically an ABI incompatible change, +as is this fix. In practice, however, GObject classes are never +instantiated statically at compile time. Instead a call to +g_type_register_static is made at runtime. So this change in the +class size won't have a negative effect unless someone has +subclassed the VncConnectionClass type. Even if subclassing, this +should be harmless as we've merely increased the memory allocation +by 3 words. + +Signed-off-by: Daniel P. Berrange +(cherry picked from commit 77bd7cd620a1f9d45f9d479b55a5cba807732b91) +--- + src/vncconnection.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/vncconnection.h b/src/vncconnection.h +index 8c1fa28..3477d1b 100644 +--- a/src/vncconnection.h ++++ b/src/vncconnection.h +@@ -85,7 +85,7 @@ struct _VncConnectionClass + * If adding fields to this struct, remove corresponding + * amount of padding to avoid changing overall struct size + */ +- gpointer _vnc_reserved[VNC_PADDING_LARGE - 5]; ++ gpointer _vnc_reserved[VNC_PADDING_LARGE - 2]; + }; + + diff --git a/SOURCES/0002-Fix-inverted-args-when-creating-framebuffer-for-test.patch b/SOURCES/0002-Fix-inverted-args-when-creating-framebuffer-for-test.patch new file mode 100644 index 0000000..c25347e --- /dev/null +++ b/SOURCES/0002-Fix-inverted-args-when-creating-framebuffer-for-test.patch @@ -0,0 +1,29 @@ +From 871f698cfdd4a7a43e3a155e2b31a13bf54a3cc5 Mon Sep 17 00:00:00 2001 +From: "Daniel P. Berrange" +Date: Thu, 6 Apr 2017 17:18:33 +0100 +Subject: [PATCH] Fix inverted args when creating framebuffer for test suite + +The local & remote format args were inverted in the test +suite. This is currently harmless since we are not trying +to validate the rendered framebuffer content. + +Signed-off-by: Daniel P. Berrange +(cherry picked from commit 1f508111add33f0e4ceb4425132777d781974730) +--- + src/vncconnectiontest.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/src/vncconnectiontest.c b/src/vncconnectiontest.c +index 6a5e49c..7caaa6e 100644 +--- a/src/vncconnectiontest.c ++++ b/src/vncconnectiontest.c +@@ -187,8 +187,7 @@ static void test_helper_desktop_resize(VncConnection *conn, + test->pixels = g_new0(guint8, width * height * 4); + + fb = vnc_base_framebuffer_new(test->pixels, width, height, width * 4, +- remoteFormat, +- &localFormat); ++ &localFormat, remoteFormat); + + vnc_connection_set_framebuffer(conn, VNC_FRAMEBUFFER(fb)); + diff --git a/SOURCES/0002-Free-coroutine-stack-when-releasing-coroutine.patch b/SOURCES/0002-Free-coroutine-stack-when-releasing-coroutine.patch deleted file mode 100644 index dd327b0..0000000 --- a/SOURCES/0002-Free-coroutine-stack-when-releasing-coroutine.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 63c2a334ca2d1c13f8f6d424ff5ebdc2c166ce63 Mon Sep 17 00:00:00 2001 -From: "Daniel P. Berrange" -Date: Fri, 13 Sep 2013 12:06:57 +0100 -Subject: [PATCH] Free coroutine stack when releasing coroutine - -For - - https://bugzilla.redhat.com/show_bug.cgi?id=1007837 - -The coroutine_init function mmap's a stack for the -ucontext coroutine, but nothing ever munmaps it. - -Signed-off-by: Daniel P. Berrange -(cherry picked from commit 49fbd957cb686ff3f9c31923ff17a9529edd9c13) ---- - src/coroutine_ucontext.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/src/coroutine_ucontext.c b/src/coroutine_ucontext.c -index 848016e..8fe650e 100644 ---- a/src/coroutine_ucontext.c -+++ b/src/coroutine_ucontext.c -@@ -42,6 +42,8 @@ static int _coroutine_release(struct continuation *cc) - return ret; - } - -+ munmap(co->cc.stack, co->cc.stack_size); -+ - co->caller = NULL; - - return 0; diff --git a/SOURCES/0003-Avoid-sign-extension-warnings-from-coverity.patch b/SOURCES/0003-Avoid-sign-extension-warnings-from-coverity.patch new file mode 100644 index 0000000..12efffa --- /dev/null +++ b/SOURCES/0003-Avoid-sign-extension-warnings-from-coverity.patch @@ -0,0 +1,34 @@ +From b608ab801c6dfd5babd224d5f8a21010ccb64b28 Mon Sep 17 00:00:00 2001 +From: "Daniel P. Berrange" +Date: Thu, 6 Apr 2017 17:21:29 +0100 +Subject: [PATCH] Avoid sign extension warnings from coverity + + src/vncconnection.c:3082: sign_extension: + Suspicious implicit sign extension: "height" with type "unsigned short" + (16 bits, unsigned) is promoted in "rowlen * height" to type "int" + (32 bits, signed), then sign-extended to type "unsigned long" + (64 bits, unsigned). If "rowlen * height" is greater than 0x7FFFFFFF, + the upper bits of the result will all be 1. + +The 'rowlen' variable is initialization from the unsigned width +variable, so should have used uint instead of int. + +Signed-off-by: Daniel P. Berrange +(cherry picked from commit c3e5d23d67c9a209f127caab7843d94a91031a5f) +--- + src/vncconnection.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/vncconnection.c b/src/vncconnection.c +index 19dbfee..c55f71d 100644 +--- a/src/vncconnection.c ++++ b/src/vncconnection.c +@@ -3064,7 +3064,7 @@ static void vnc_connection_xcursor(VncConnection *conn, guint16 x, guint16 y, gu + guint8 *pixbuf = NULL; + guint8 *data, *mask, *datap, *maskp; + guint32 *pixp; +- int rowlen; ++ guint rowlen; + int x1, y1; + guint8 fgrgb[3], bgrgb[3]; + guint32 fg, bg; diff --git a/SOURCES/0003-Only-trigger-grab-sequence-upon-release.patch b/SOURCES/0003-Only-trigger-grab-sequence-upon-release.patch deleted file mode 100644 index 72a6a67..0000000 --- a/SOURCES/0003-Only-trigger-grab-sequence-upon-release.patch +++ /dev/null @@ -1,117 +0,0 @@ -From afc46d8f3ba54c0a3b536d1ce05b3f8b4743cf17 Mon Sep 17 00:00:00 2001 -From: "Daniel P. Berrange" -Date: Fri, 13 Sep 2013 14:22:17 +0100 -Subject: [PATCH] Only trigger grab sequence upon release - -For - - https://bugzilla.redhat.com/show_bug.cgi?id=1007877 - -GTK-VNC uses the keyboard shortcut ctrl+alt to toggle inside/outside -the VM (aka release pointer). Now Gnome uses ctrl+alt+arrow_key to -switch virtual desktops. So these two shortcuts collide and gtk-vnc -will grab the key presses as soon as ctrl+alt is pressed and toogle -inside/outside the VM, which makes switching desktops impossible. - -The solution is to only trigger the grab sequence when the user -releases the key. So if they press Ctrl+alt and then release it, -we trigger, but if they press Ctrl+alt+left-arrow we don't trigger - -https://bugzilla.gnome.org/show_bug.cgi?id=685257 - -Signed-off-by: Daniel P. Berrange -(cherry picked from commit af4fc65182f8a51d81fab2d7e46bc4a11a9da452) ---- - src/vncdisplay.c | 50 +++++++++++++++++++++++++++++++++++++++++--------- - 1 file changed, 41 insertions(+), 9 deletions(-) - -diff --git a/src/vncdisplay.c b/src/vncdisplay.c -index 37de008..51a6b0f 100644 ---- a/src/vncdisplay.c -+++ b/src/vncdisplay.c -@@ -80,6 +80,7 @@ struct _VncDisplayPrivate - size_t keycode_maplen; - const guint16 *keycode_map; - -+ gboolean vncgrabpending; /* Key sequence detected, waiting for release */ - VncGrabSequence *vncgrabseq; /* the configured key sequence */ - gboolean *vncactiveseq; /* the currently pressed keys */ - }; -@@ -784,6 +785,17 @@ static gboolean motion_event(GtkWidget *widget, GdkEventMotion *motion) - } - - -+/* -+ * Lets say the grab sequence of Ctrl_L + Alt_L -+ * -+ * We first need to detect when both Ctrl_L and Alt_L are pressed. -+ * When this happens we are "primed" to tigger. -+ * -+ * If any further key is pressed though, we unprime ourselves -+ * -+ * If any key is released while we are primed, then we -+ * trigger. -+ */ - static gboolean check_for_grab_key(GtkWidget *widget, int type, int keyval) - { - VncDisplayPrivate *priv = VNC_DISPLAY(widget)->priv; -@@ -793,23 +805,42 @@ static gboolean check_for_grab_key(GtkWidget *widget, int type, int keyval) - return FALSE; - - if (type == GDK_KEY_RELEASE) { -+ gboolean active = priv->vncgrabpending; - /* Any key release resets the whole grab sequence */ - memset(priv->vncactiveseq, 0, - sizeof(gboolean)*priv->vncgrabseq->nkeysyms); -- -- return FALSE; -+ priv->vncgrabpending = FALSE; -+ return active; - } else { -+ gboolean setone = FALSE; -+ - /* Record the new key press */ -- for (i = 0 ; i < priv->vncgrabseq->nkeysyms ; i++) -- if (priv->vncgrabseq->keysyms[i] == keyval) -+ for (i = 0 ; i < priv->vncgrabseq->nkeysyms ; i++) { -+ if (priv->vncgrabseq->keysyms[i] == keyval) { - priv->vncactiveseq[i] = TRUE; -+ setone = TRUE; -+ } -+ } - -- /* Return if any key is not pressed */ -- for (i = 0 ; i < priv->vncgrabseq->nkeysyms ; i++) -- if (priv->vncactiveseq[i] == FALSE) -- return FALSE; -+ if (setone) { -+ /* Return if any key is not pressed */ -+ for (i = 0 ; i < priv->vncgrabseq->nkeysyms ; i++) -+ if (priv->vncactiveseq[i] == FALSE) -+ return FALSE; - -- return TRUE; -+ /* All keys in grab seq are pressed, so prime -+ * to trigger on release -+ */ -+ priv->vncgrabpending = TRUE; -+ } else { -+ /* Key not in grab seq, so must reset any pending -+ * grab keys we have */ -+ memset(priv->vncactiveseq, 0, -+ sizeof(gboolean)*priv->vncgrabseq->nkeysyms); -+ priv->vncgrabpending = FALSE; -+ } -+ -+ return FALSE; - } - } - -@@ -2238,6 +2269,7 @@ void vnc_display_set_pointer_grab(VncDisplay *obj, gboolean enable) - */ - void vnc_display_set_grab_keys(VncDisplay *obj, VncGrabSequence *seq) - { -+ obj->priv->vncgrabpending = FALSE; - if (obj->priv->vncgrabseq) { - vnc_grab_sequence_free(obj->priv->vncgrabseq); - g_free(obj->priv->vncactiveseq); diff --git a/SOURCES/0004-Fix-crash-when-opening-connection-from-a-GSocketAddr.patch b/SOURCES/0004-Fix-crash-when-opening-connection-from-a-GSocketAddr.patch new file mode 100644 index 0000000..83f9262 --- /dev/null +++ b/SOURCES/0004-Fix-crash-when-opening-connection-from-a-GSocketAddr.patch @@ -0,0 +1,32 @@ +From 605811dbb15450037befa3e3b120f737f4625752 Mon Sep 17 00:00:00 2001 +From: "Daniel P. Berrange" +Date: Thu, 6 Apr 2017 17:24:50 +0100 +Subject: [PATCH] Fix crash when opening connection from a GSocketAddress + +Signed-off-by: Daniel P. Berrange +(cherry picked from commit 5368f77d6215d7b6ad1422dff284d288a26ff481) +--- + src/vncconnection.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/vncconnection.c b/src/vncconnection.c +index c55f71d..8cec1af 100644 +--- a/src/vncconnection.c ++++ b/src/vncconnection.c +@@ -5423,13 +5423,13 @@ static gboolean vnc_connection_open_addr_internal(VncConnection *conn) + VNC_DEBUG("Connecting with addr %p", priv->addr); + + sock = vnc_connection_connect_socket(&priv->wait, priv->addr, &conn_error); +- vnc_connection_set_error(conn, "Unable to connect: %s", +- conn_error->message); +- g_clear_error(&conn_error); + if (sock) { + priv->sock = sock; + return TRUE; + } ++ vnc_connection_set_error(conn, "Unable to connect: %s", ++ conn_error ? conn_error->message : ""); ++ g_clear_error(&conn_error); + return FALSE; + } + diff --git a/SOURCES/0005-Fix-crash-when-no-error-is-set-after-connection-fail.patch b/SOURCES/0005-Fix-crash-when-no-error-is-set-after-connection-fail.patch new file mode 100644 index 0000000..4deb907 --- /dev/null +++ b/SOURCES/0005-Fix-crash-when-no-error-is-set-after-connection-fail.patch @@ -0,0 +1,36 @@ +From 4b202fd478ccbdb504c9c2a52b5ef4ddcc50838f Mon Sep 17 00:00:00 2001 +From: "Daniel P. Berrange" +Date: Tue, 11 Apr 2017 10:47:56 +0100 +Subject: [PATCH] Fix crash when no error is set after connection failure + +Signed-off-by: Daniel P. Berrange +(cherry picked from commit a51e6a6973e9bdfcba0e52d3f9ee37686cd95db9) +--- + src/vncconnection.c | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/src/vncconnection.c b/src/vncconnection.c +index 8cec1af..e5b43a0 100644 +--- a/src/vncconnection.c ++++ b/src/vncconnection.c +@@ -5428,7 +5428,7 @@ static gboolean vnc_connection_open_addr_internal(VncConnection *conn) + return TRUE; + } + vnc_connection_set_error(conn, "Unable to connect: %s", +- conn_error ? conn_error->message : ""); ++ conn_error ? conn_error->message : "Unknown problem"); + g_clear_error(&conn_error); + return FALSE; + } +@@ -5466,8 +5466,9 @@ static gboolean vnc_connection_open_host_internal(VncConnection *conn) + } + g_object_unref(enumerator); + if (!sock) { +- vnc_connection_set_error(conn, "Unable to connect: %s", +- conn_error->message); ++ vnc_connection_set_error(conn, "Unable to connect to %s:%s: %s", ++ priv->host, priv->port, ++ conn_error ? conn_error->message : "Unknown problem"); + } + g_clear_error(&conn_error); + if (sock) { diff --git a/SOURCES/0006-Report-a-proper-error-message-if-hitting-connection-.patch b/SOURCES/0006-Report-a-proper-error-message-if-hitting-connection-.patch new file mode 100644 index 0000000..4526606 --- /dev/null +++ b/SOURCES/0006-Report-a-proper-error-message-if-hitting-connection-.patch @@ -0,0 +1,32 @@ +From 3691a5e5fdf7aeab78ad9b038994c1d24063a509 Mon Sep 17 00:00:00 2001 +From: "Daniel P. Berrange" +Date: Tue, 11 Apr 2017 11:06:28 +0100 +Subject: [PATCH] Report a proper error message if hitting connection timeout + +Signed-off-by: Daniel P. Berrange +(cherry picked from commit 283434730d0cc3a1ee8270e137d71cebe4f0e01b) +--- + src/vncconnection.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/vncconnection.c b/src/vncconnection.c +index e5b43a0..2b2bdbb 100644 +--- a/src/vncconnection.c ++++ b/src/vncconnection.c +@@ -103,6 +103,8 @@ + #endif + + ++#define GTK_VNC_ERROR g_quark_from_static_string("gtk-vnc") ++ + struct wait_queue + { + gboolean waiting; +@@ -5386,6 +5388,7 @@ static GSocket *vnc_connection_connect_socket(struct wait_queue *wait, + *error = NULL; + VNC_DEBUG("Socket pending"); + if (!g_io_wait_interruptable(wait, sock, G_IO_OUT|G_IO_ERR|G_IO_HUP)) { ++ g_set_error(error, GTK_VNC_ERROR, 0, "%s", "Connection timed out"); + VNC_DEBUG("connect interrupted"); + timeout = 0; + goto timeout; diff --git a/SOURCES/0007-Fix-incompatibility-with-libvncserver-websockets-han.patch b/SOURCES/0007-Fix-incompatibility-with-libvncserver-websockets-han.patch new file mode 100644 index 0000000..3ab2be0 --- /dev/null +++ b/SOURCES/0007-Fix-incompatibility-with-libvncserver-websockets-han.patch @@ -0,0 +1,241 @@ +From 7079fa855bfbaff0d14122eac27e96a6a6637a17 Mon Sep 17 00:00:00 2001 +From: "Daniel P. Berrange" +Date: Tue, 11 Apr 2017 11:41:03 +0100 +Subject: [PATCH] Fix incompatibility with libvncserver websockets handling + +The previous commit: + + commit 7f4f2fe8da72ed9fef5dd4319e19feb2b4f3d62e + Author: Daniel P. Berrange + Date: Thu Jan 26 09:31:40 2017 +0000 + + Add workaround to avoid hangs when connecting to SPICE + +changed the code so that it would send the bytes "RFB " to the +server before we received its own greeting. This works fine for +VNC servers which follow the RFB protocol spec exclusively. The +libvncserver code though tries to implement websockets tunnelling +support on the same port as the normal RFB service. The way it +does this is by waiting 100ms after the client connects to see +if the client sends any data. If the client sends data, then it +tries to interpret this as an HTTP GET request to initiate the +websockets connection. This breaks when it sees our "RFB " bytes +being sent. Ideally the libvncserver would have just run a normal +RFB connection in this case, but that's not what happens, and +given the libvncserver code is in the wild we need a workaround. + +So instead of immediately sending the 'RFB ' bytes to the VNC +server, we introduce a 2 second wait. ie, we'll wait for the +normal VNC server greeting and if it doesn't arrive after 2 seconds, +we'll send our 'RFB ' bytes proactively, and continue waiting. If we +are on a real VNC server, we'll get our connection initialized +eventually. If connecting to a SPICE server by mistake, we'll get a +clean disconnect, and we'll avoid upsetting libvncserver, because its +100ms wait for HTTP GET will have long since finished. + +Signed-off-by: Daniel P. Berrange +(cherry picked from commit f5623cbc63bb0a835bc662d451cc5128d683bd5d) +--- + src/vncconnection.c | 134 +++++++++++++++++++++++++++++++++++----------------- + 1 file changed, 90 insertions(+), 44 deletions(-) + +diff --git a/src/vncconnection.c b/src/vncconnection.c +index 2b2bdbb..1ddf38d 100644 +--- a/src/vncconnection.c ++++ b/src/vncconnection.c +@@ -347,6 +347,23 @@ static GIOCondition g_io_wait(GSocket *sock, GIOCondition cond) + } + + ++static void g_io_wakeup(struct wait_queue *wait) ++{ ++ if (wait->waiting) ++ coroutine_yieldto(wait->context, NULL); ++} ++ ++ ++static gboolean vnc_connection_timeout(gpointer data) ++{ ++ struct wait_queue *wait = data; ++ ++ g_io_wakeup(wait); ++ ++ return FALSE; ++} ++ ++ + static GIOCondition g_io_wait_interruptable(struct wait_queue *wait, + GSocket *sock, + GIOCondition cond) +@@ -373,13 +390,6 @@ static GIOCondition g_io_wait_interruptable(struct wait_queue *wait, + return *ret; + } + +-static void g_io_wakeup(struct wait_queue *wait) +-{ +- if (wait->waiting) +- coroutine_yieldto(wait->context, NULL); +-} +- +- + /* + * Call immediately before the main loop does an iteration. Returns + * true if the condition we're checking is ready for dispatch +@@ -921,8 +931,13 @@ static int vnc_connection_read(VncConnection *conn, void *data, size_t len) + } else if (priv->read_offset == priv->read_size) { + int ret = vnc_connection_read_buf(conn); + +- if (ret < 0) +- return ret; ++ if (ret < 0) { ++ if (ret == -EAGAIN) { ++ return offset == 0 ? -EAGAIN : offset; ++ } else { ++ return ret; ++ } ++ } + priv->read_offset = 0; + priv->read_size = ret; + } +@@ -935,7 +950,7 @@ static int vnc_connection_read(VncConnection *conn, void *data, size_t len) + offset += tmp; + } + +- return 0; ++ return len; + } + + /* +@@ -5239,34 +5254,66 @@ static gboolean vnc_connection_after_version (VncConnection *conn, int major, in + static gboolean vnc_connection_initialize(VncConnection *conn) + { + VncConnectionPrivate *priv = conn->priv; +- int ret, i; ++ int ret, i, want; + char version[13]; + guint32 n_name; ++ gboolean partialGreeting = FALSE; ++ guint timeout; + + priv->absPointer = TRUE; + +- /* We should technically read the server greeting first. +- * If the user mistakenly connects to a SPICE server +- * though, we'll never see the greeting, because with +- * SPICE the client starts first. +- * +- * By sending these 4 bytes first, if the user has +- * accidentally connected to a SPICE server, it will +- * notice this garbage and close the connection, avoiding +- * us waiting forever for a VNC greeting that'll never +- * come. +- * +- * This is harmless for real VNC servers, since the +- * early send will just be queued until they've sent +- * their greeting +- */ +- vnc_connection_write(conn, "RFB ", 4); +- vnc_connection_flush(conn); ++ timeout = g_timeout_add_seconds(2, vnc_connection_timeout, &priv->wait); ++ want = 12; ++ while (want > 0) { ++ priv->wait_interruptable = 1; ++ ret = vnc_connection_read(conn, version + (12 - want), want); ++ priv->wait_interruptable = 0; ++ if (vnc_connection_has_error(conn)) { ++ VNC_DEBUG("Error while reading server version"); ++ goto fail; ++ } ++ if (ret >= 0) { ++ want -= ret; ++ if (ret != 12) { ++ timeout = 0; ++ } ++ } else { ++ if (ret == -EAGAIN) { ++ /* ++ * We didn't see any RFB greeting before our ++ * timeout. We might have mistakenly connected ++ * to a SPICE server, in which case we might ++ * wait forever, since SPICE expects the client ++ * to send first. ++ * ++ * We'll proactively send the 'RFB ' bytes to the ++ * sever. If we've just got a slow VNC server, it'll ++ * be harmless, but if we've got a SPICE server, this ++ * should trigger it to close the connection, avoiding ++ * us waiting foever. ++ * ++ * NB, while we could just send the "RFB " bytes ++ * immediately, the libvncserver code does something ++ * really crazy. When it sees a client connection, it ++ * waits 100ms for an HTTP GET request to indicate ++ * use of websockets proxy. If it sees the RFB bytes ++ * it doesn't run a normal VNC connection, it just kills ++ * the connection :-( ++ */ ++ VNC_DEBUG("No server greeting, sending partial client greeting"); ++ vnc_connection_write(conn, "RFB ", 4); ++ vnc_connection_flush(conn); ++ partialGreeting = TRUE; ++ timeout = 0; ++ } else { ++ VNC_DEBUG("Unexpected read error during greeting"); ++ goto fail; ++ } ++ } ++ } + +- vnc_connection_read(conn, version, 12); +- if (vnc_connection_has_error(conn)) { +- VNC_DEBUG("Error while reading server version"); +- goto fail; ++ if (timeout != 0) { ++ g_source_remove(timeout); + } + + version[12] = 0; +@@ -5291,8 +5338,16 @@ static gboolean vnc_connection_initialize(VncConnection *conn) + priv->minor = 8; + } + +- snprintf(version, 13, "%03d.%03d\n", priv->major, priv->minor); +- vnc_connection_write(conn, version, 8); ++ if (partialGreeting) { ++ VNC_DEBUG("Sending rest of greeting"); ++ snprintf(version, 13, "%03d.%03d\n", priv->major, priv->minor); ++ want = 8; ++ } else { ++ VNC_DEBUG("Sending full greeting"); ++ snprintf(version, 13, "RFB %03d.%03d\n", priv->major, priv->minor); ++ want = 12; ++ } ++ vnc_connection_write(conn, version, want); + vnc_connection_flush(conn); + VNC_DEBUG("Using version: %d.%d", priv->major, priv->minor); + +@@ -5358,15 +5413,6 @@ static gboolean vnc_connection_open_fd_internal(VncConnection *conn) + return !vnc_connection_has_error(conn); + } + +-static gboolean connect_timeout(gpointer data) +-{ +- struct wait_queue *wait = data; +- +- g_io_wakeup(wait); +- +- return FALSE; +-} +- + static GSocket *vnc_connection_connect_socket(struct wait_queue *wait, + GSocketAddress *sockaddr, + GError **error) +@@ -5379,7 +5425,7 @@ static GSocket *vnc_connection_connect_socket(struct wait_queue *wait, + if (!sock) + return NULL; + +- guint timeout = g_timeout_add_seconds(10, connect_timeout, wait); ++ guint timeout = g_timeout_add_seconds(10, vnc_connection_timeout, wait); + + g_socket_set_blocking(sock, FALSE); + if (!g_socket_connect(sock, sockaddr, NULL, error)) { diff --git a/SPECS/gtk-vnc.spec b/SPECS/gtk-vnc.spec index ccf5921..d42fdad 100644 --- a/SPECS/gtk-vnc.spec +++ b/SPECS/gtk-vnc.spec @@ -1,12 +1,15 @@ # -*- rpm-spec -*- +# This spec file assumes you are building for Fedora 20 or newer, +# or for RHEL 6 or newer. It may need some tweaks for other distros. + %global with_gir 0 -%if 0%{?fedora} >= 12 || 0%{?rhel} >= 7 +%if 0%{?fedora} || 0%{?rhel} >= 7 %global with_gir 1 %endif %global with_gtk3 0 -%if 0%{?fedora} >= 15 || 0%{?rhel} >= 7 +%if 0%{?fedora} || 0%{?rhel} >= 7 %global with_gtk3 1 %endif @@ -15,29 +18,38 @@ %global with_vala 1 %endif -%global with_pulse 1 +%if 0%{?fedora} >= 25 + %global tls_priority "@LIBVIRT,SYSTEM" +%else + %if 0%{?fedora} >= 21 + %global tls_priority "@SYSTEM" + %else + %global tls_priority "NORMAL" + %endif +%endif Summary: A GTK2 widget for VNC clients Name: gtk-vnc -Version: 0.5.2 -Release: 7%{?dist}%{?extra_release} +Version: 0.7.0 +Release: 2%{?dist}%{?extra_release} License: LGPLv2+ Group: Development/Libraries Source: http://ftp.gnome.org/pub/GNOME/sources/%{name}/0.5/%{name}-%{version}.tar.xz -Patch1: 0001-Abort-if-mmap-of-coroutine-stack-fails.patch -Patch2: 0002-Free-coroutine-stack-when-releasing-coroutine.patch -Patch3: 0003-Only-trigger-grab-sequence-upon-release.patch +Patch1: 0001-Restore-correct-size-of-reserved-data.patch +Patch2: 0002-Fix-inverted-args-when-creating-framebuffer-for-test.patch +Patch3: 0003-Avoid-sign-extension-warnings-from-coverity.patch +Patch4: 0004-Fix-crash-when-opening-connection-from-a-GSocketAddr.patch +Patch5: 0005-Fix-crash-when-no-error-is-set-after-connection-fail.patch +Patch6: 0006-Report-a-proper-error-message-if-hitting-connection-.patch +Patch7: 0007-Fix-incompatibility-with-libvncserver-websockets-han.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -URL: http://live.gnome.org/gtk-vnc +URL: https://wiki.gnome.org/Projects/gtk-vnc Requires: gvnc = %{version}-%{release} BuildRequires: gtk2-devel >= 2.14 BuildRequires: pygtk2-devel python-devel zlib-devel BuildRequires: gnutls-devel libgcrypt-devel cyrus-sasl-devel intltool %if %{with_gir} BuildRequires: gobject-introspection-devel -%if 0%{?fedora} && 0%{?fedora} < 14 -BuildRequires: gir-repository-devel -%endif %endif %if %{with_gtk3} BuildRequires: gtk3-devel @@ -45,9 +57,7 @@ BuildRequires: gtk3-devel %if %{with_vala} BuildRequires: vala-tools %endif -%if %{with_pulse} BuildRequires: pulseaudio-libs-devel -%endif BuildRequires: /usr/bin/pod2man %description @@ -80,6 +90,7 @@ A module allowing use of the GTK-VNC widget from python %package -n gvnc Summary: A GObject for VNC connections +Group: Development/Libraries %description -n gvnc gvnc is a GObject for managing a VNC connection. It provides all the @@ -99,9 +110,9 @@ with the raw protocol itself. Libraries, includes, etc. to compile with the gvnc library -%if %{with_pulse} %package -n gvncpulse Summary: A Pulse Audio bridge for VNC connections +Group: Development/Libraries Requires: gvnc = %{version}-%{release} %description -n gvncpulse @@ -121,7 +132,6 @@ It allows VNC clients to play back audio on the local system Libraries, includes, etc. to compile with the gvnc library -%endif %package -n gvnc-tools Summary: Command line VNC tools @@ -163,6 +173,10 @@ cd gtk-vnc-%{version} %patch1 -p1 %patch2 -p1 %patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 +%patch7 -p1 cd .. %if %{with_gtk3} cp -a gtk-vnc-%{version} gtk-vnc2-%{version} @@ -176,14 +190,16 @@ cp -a gtk-vnc-%{version} gtk-vnc2-%{version} %endif cd gtk-vnc-%{version} -%configure --with-gtk=2.0 %{gir_arg} +%configure --with-gtk=2.0 %{gir_arg} \ + --with-tls-priority=%{tls_priority} %__make %{?_smp_mflags} V=1 chmod -x examples/*.pl examples/*.js examples/*.py cd .. %if %{with_gtk3} cd gtk-vnc2-%{version} -%configure --with-gtk=3.0 %{gir_arg} +%configure --with-gtk=3.0 %{gir_arg} \ + --with-tls-priority=%{tls_priority} %__make %{?_smp_mflags} V=1 chmod -x examples/*.pl examples/*.js examples/*.py cd .. @@ -223,9 +239,11 @@ rm -fr %{buildroot} %postun -n gvncpulse -p /sbin/ldconfig +%if %{with_gtk3} %post -n gtk-vnc2 -p /sbin/ldconfig %postun -n gtk-vnc2 -p /sbin/ldconfig +%endif %files %defattr(-, root, root) @@ -247,7 +265,7 @@ rm -fr %{buildroot} %files python %defattr(-, root, root) -%attr(0644, -, -) %doc gtk-vnc-%{version}/examples/gvncviewer-bindings.py +%doc gtk-vnc-%{version}/examples/gvncviewer-bindings.py %{_libdir}/python*/site-packages/gtkvnc.so %files -n gvnc -f %{name}.lang @@ -257,6 +275,7 @@ rm -fr %{buildroot} %{_libdir}/girepository-1.0/GVnc-1.0.typelib %endif %if %{with_vala} +%{_datadir}/vala/vapi/gvnc-1.0.deps %{_datadir}/vala/vapi/gvnc-1.0.vapi %endif @@ -270,7 +289,6 @@ rm -fr %{buildroot} %{_datadir}/gir-1.0/GVnc-1.0.gir %endif -%if %{with_pulse} %files -n gvncpulse -f %{name}.lang %defattr(-, root, root) %{_libdir}/libgvncpulse-1.0.so.* @@ -278,6 +296,7 @@ rm -fr %{buildroot} %{_libdir}/girepository-1.0/GVncPulse-1.0.typelib %endif %if %{with_vala} +%{_datadir}/vala/vapi/gvncpulse-1.0.deps %{_datadir}/vala/vapi/gvncpulse-1.0.vapi %endif @@ -290,7 +309,6 @@ rm -fr %{buildroot} %if %{with_gir} %{_datadir}/gir-1.0/GVncPulse-1.0.gir %endif -%endif %files -n gvnc-tools %defattr(-, root, root) @@ -333,6 +351,23 @@ rm -fr %{buildroot} %endif %changelog +* Wed Apr 12 2017 Daniel P. Berrange - 0.7.0-2 +- Fix reserved data size (rhbz #1416783) +- Fix inverted args in tests (rhbz #1416783) +- Avoid sign extension problems (rhbz #1416783) +- Fix crash with opening via GSocketAddress (rhbz #1416783) +- Fix crash & error reporting during connection timeout (rhbz #1441120) +- Fix incompatibility with libvncserver websockets (rhbz #921330) + +* Thu Feb 16 2017 Daniel P. Berrange - 0.7.0-1 +- Update to 0.7.0 release (rhbz #1416783) +- Release held keys when loosing focus (rhbz #921008) +- Avoid warnings when disconnecting (rhbz #1126825) +- Workaround to avoid hang connecting to SPICE guest (rhbz #921330) +- CVE-2017-5884 - fix bounds checking for RRE, hextile and + copyrect encodings (rhbz #1425367) +- CVE-2017-5885 - fix color map index bounds checking (rhbz #1425367) + * Fri Jan 24 2014 Daniel Mach - 0.5.2-7 - Mass rebuild 2014-01-24