diff options
| author | Efraim Flashner <efraim@flashner.co.il> | 2019-01-09 10:48:42 +0200 |
|---|---|---|
| committer | Efraim Flashner <efraim@flashner.co.il> | 2019-01-09 10:52:41 +0200 |
| commit | 0e289672503a4e1599ef826d49f2fa5575081942 (patch) | |
| tree | cdaec28207956090b7cebff805135754dcb22f06 /gnu/packages/patches | |
| parent | 0109b89c5834b5374f248dc3681702180013f41f (diff) | |
| parent | 6df4d8338d2bf94ab729e3b12e42ace0a06687ae (diff) | |
| download | guix-patches-0e289672503a4e1599ef826d49f2fa5575081942.tar guix-patches-0e289672503a4e1599ef826d49f2fa5575081942.tar.gz | |
Merge remote-tracking branch 'origin/master' into staging
Diffstat (limited to 'gnu/packages/patches')
21 files changed, 1332 insertions, 712 deletions
diff --git a/gnu/packages/patches/biber-fix-encoding-write.patch b/gnu/packages/patches/biber-fix-encoding-write.patch new file mode 100644 index 0000000000..56cd11212e --- /dev/null +++ b/gnu/packages/patches/biber-fix-encoding-write.patch @@ -0,0 +1,31 @@ +From 2a9b15aefb842a734637f3d230936ea1b7c60096 Mon Sep 17 00:00:00 2001 +From: Philip Kime <Philip@kime.org.uk> +Date: Thu, 8 Nov 2018 22:02:09 +0100 +Subject: [PATCH] Fix to address #239 + +--- + lib/Biber.pm | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/lib/Biber.pm b/lib/Biber.pm +index 8b1f80a5..d97fca29 100644 +--- a/lib/Biber.pm ++++ b/lib/Biber.pm +@@ -311,6 +311,8 @@ sub parse_ctrlfile { + unless (eval {$checkbuf = File::Slurper::read_text($ctrl_file_path, 'latin1')}) { + biber_error("$ctrl_file_path is not UTF-8 or even latin1, how horrible."); + } ++ # Write ctrl file as UTF-8 ++ File::Slurper::write_text($ctrl_file_path, NFC($checkbuf));# Unicode NFC boundary + } + + $checkbuf = NFD($checkbuf);# Unicode NFD boundary +@@ -319,8 +321,6 @@ sub parse_ctrlfile { + unlink($output) unless $output eq '-';# ignore deletion of STDOUT marker + biber_error("$ctrl_file_path is malformed, last biblatex run probably failed. Deleted $output"); + } +- # Write ctrl file as UTF-8 +- File::Slurper::write_text($ctrl_file_path, NFC($checkbuf));# Unicode NFC boundary + + # Validate if asked to + if (Biber::Config->getoption('validate_control')) { diff --git a/gnu/packages/patches/gnucash-fix-test-transaction-failure.patch b/gnu/packages/patches/gnucash-fix-test-transaction-failure.patch new file mode 100644 index 0000000000..7b1b29f06c --- /dev/null +++ b/gnu/packages/patches/gnucash-fix-test-transaction-failure.patch @@ -0,0 +1,54 @@ +# This patch was submitted upstream to: https://bugs.gnucash.org/show_bug.cgi?id=797008. +From c20d74bebca516d0e391724202aad511967fe109 Mon Sep 17 00:00:00 2001 +From: Maxim Cournoyer <maxim.cournoyer@gmail.com> +Date: Wed, 2 Jan 2019 14:46:28 -0500 +Subject: [PATCH] tests: Fix a test failure in test-transaction.scm. + +With the New Year upon us, a test which was hard-coded to use 2018 now +failed. + +Fixes issue #797008 (see: +https://bugs.gnucash.org/show_bug.cgi?id=797008). + +* gnucash/report/standard-reports/test/test-transaction.scm: +(trep-tests): Use the current year in the test string instead of a +static one. +--- + gnucash/report/standard-reports/test/test-transaction.scm | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/gnucash/report/standard-reports/test/test-transaction.scm b/gnucash/report/standard-reports/test/test-transaction.scm +index 755aba298..ae3fbd5c1 100644 +--- a/gnucash/report/standard-reports/test/test-transaction.scm ++++ b/gnucash/report/standard-reports/test/test-transaction.scm +@@ -5,6 +5,7 @@ + (use-modules (gnucash report stylesheets)) + (use-modules (gnucash report report-system)) + (use-modules (gnucash report report-system test test-extras)) ++(use-modules (srfi srfi-19)) + (use-modules (srfi srfi-64)) + (use-modules (gnucash engine test srfi64-extras)) + (use-modules (sxml simple)) +@@ -643,7 +644,8 @@ + (set-option! options "General" "Show original currency amount" #t) + (set-option! options "Sorting" "Primary Key" 'date) + (set-option! options "Sorting" "Primary Subtotal for Date Key" 'none) +- (let* ((sxml (options->sxml options "dual columns"))) ++ (let* ((sxml (options->sxml options "dual columns")) ++ (current-year (date->string (current-date) "~y"))) + (test-equal "dual amount column, with original currency headers" + (list "Date" "Num" "Description" "Memo/Notes" "Account" + "Debit (USD)" "Credit (USD)" "Debit" "Credit") +@@ -652,7 +654,8 @@ + (list "Grand Total" "$2,280.00" "$2,280.00") + (get-row-col sxml -1 #f)) + (test-equal "dual amount column, first transaction correct" +- (list "01/03/18" "$103 income" "Root.Asset.Bank" "$103.00" "$103.00") ++ (list (string-append "01/03/" current-year) "$103 income" ++ "Root.Asset.Bank" "$103.00" "$103.00") + (get-row-col sxml 1 #f))) + ) + +-- +2.19.0 + diff --git a/gnu/packages/patches/kinit-kdeinit-extra_libs.patch b/gnu/packages/patches/kinit-kdeinit-extra_libs.patch new file mode 100644 index 0000000000..8dcd4d3e95 --- /dev/null +++ b/gnu/packages/patches/kinit-kdeinit-extra_libs.patch @@ -0,0 +1,55 @@ +Search the "extra libs" in GUIX_KF5INIT_LIB_PATH (which basically is a +collection of all /lib directories). We can not hard-code the full path to the +libsKF5Plasam, since adding palse-workspace + +Adopted from NixOS +pkgs/development/libraries/kde-frameworks/kinit/kdeinit-extra_libs.patch + +=================================================================== +--- kinit-5.32.0/src/kdeinit/kinit-5.32.0/src/kdeinit/.orig ++++ kinit-5.32.0/src/kdeinit/kinit.cpp +@@ -96,11 +96,9 @@ + "libKF5Parts.5.dylib", + "libKF5Plasma.5.dylib" + #else +- "libKF5KIOCore.so.5", +- "libKF5Parts.so.5", +-//#ifdef __KDE_HAVE_GCC_VISIBILITY // Removed for KF5, we'll see. +- "libKF5Plasma.so.5" +-//#endif ++ "GUIX_PKGS_KF5_KIO/lib/libKF5KIOCore.so.5", ++ "GUIX_PKGS_KF5_PARTS/lib/libKF5Parts.so.5", ++ "GUIX_PKGS_KF5_PLASMA/lib/libKF5Plasma.so.5" + #endif + }; + #endif +@@ -1533,20 +1531,6 @@ static int initXconnection() + } + #endif + +-#ifndef Q_OS_OSX +-// Find a shared lib in the lib dir, e.g. libkio.so. +-// Completely unrelated to plugins. +-static QString findSharedLib(const QString &lib) +-{ +- QString path = QFile::decodeName(CMAKE_INSTALL_PREFIX "/" LIB_INSTALL_DIR "/") + lib; +- if (QFile::exists(path)) { +- return path; +- } +- // We could also look in LD_LIBRARY_PATH, but really, who installs the main libs in different prefixes? +- return QString(); +-} +-#endif +- + extern "C" { + + static void secondary_child_handler(int) +@@ -1689,7 +1693,7 @@ + if (!d.suicide && qEnvironmentVariableIsEmpty("KDE_IS_PRELINKED")) { + const int extrasCount = sizeof(extra_libs) / sizeof(extra_libs[0]); + for (int i = 0; i < extrasCount; i++) { +- const QString extra = findSharedLib(QString::fromLatin1(extra_libs[i])); ++ const QString extra = QString::fromLatin1(extra_libs[i]); + if (!extra.isEmpty()) { + QLibrary l(extra); + l.setLoadHints(QLibrary::ExportExternalSymbolsHint); diff --git a/gnu/packages/patches/kinit-kdeinit-libpath.patch b/gnu/packages/patches/kinit-kdeinit-libpath.patch new file mode 100644 index 0000000000..89cf1a941d --- /dev/null +++ b/gnu/packages/patches/kinit-kdeinit-libpath.patch @@ -0,0 +1,37 @@ +Search libraries in GUIX_KF5INIT_LIB_PATH. + +Based on an idea by NixOs +pkgs/development/libraries/kde-frameworks/kinit/kinit-libpath.patch + +=================================================================== +--- kinit-5.32.0/src/kdeinit/kinit.cpp.orig 2017-10-22 21:02:20.908765455 +0200 ++++ kinit-5.32.0/src/kdeinit/kinit.cpp 2017-10-22 21:03:25.312818248 +0200 +@@ -623,20 +623,18 @@ + if (libpath_relative) { + // NB: Because Qt makes the actual dlopen() call, the + // RUNPATH of kdeinit is *not* respected - see + // https://sourceware.org/bugzilla/show_bug.cgi?id=13945 + // - so we try hacking it in ourselves +- QString install_lib_dir = QFile::decodeName( +- CMAKE_INSTALL_PREFIX "/" LIB_INSTALL_DIR "/"); +- QString orig_libpath = libpath; +- libpath = install_lib_dir + libpath; +- l.setFileName(libpath); +- if (!l.load()) { +- libpath = orig_libpath; +- l.setFileName(libpath); +- l.load(); +- } ++ // Try to load the library relative to the active profiles. ++ QByteArrayList profiles = qgetenv("LIBRARY_PATH").split(':'); ++ for (const QByteArray &profile: profiles) { ++ if (!profile.isEmpty()) { ++ l.setFileName(QFile::decodeName(profile) + QStringLiteral("/") + libpath); ++ if (l.load()) break; ++ } ++ } + } else { + l.load(); + } + if (!l.isLoaded()) { + QString ltdlError(l.errorString()); diff --git a/gnu/packages/patches/kio-search-smbd-on-PATH.patch b/gnu/packages/patches/kio-search-smbd-on-PATH.patch new file mode 100644 index 0000000000..47e20cfc0b --- /dev/null +++ b/gnu/packages/patches/kio-search-smbd-on-PATH.patch @@ -0,0 +1,30 @@ +Adopted from NixOS +pkgs/development/libraries/kde-frameworks/kio/samba-search-path.patch + +=================================================================== +--- kio-5.17.0.orig/src/core/ksambashare.cpp ++++ kio-5.17.0/src/core/ksambashare.cpp +@@ -67,13 +67,18 @@ KSambaSharePrivate::~KSambaSharePrivate( + + bool KSambaSharePrivate::isSambaInstalled() + { +- if (QFile::exists(QStringLiteral("/usr/sbin/smbd")) +- || QFile::exists(QStringLiteral("/usr/local/sbin/smbd"))) { +- return true; ++ const QByteArray pathEnv = qgetenv("PATH"); ++ if (!pathEnv.isEmpty()) { ++ QLatin1Char pathSep(':'); ++ QStringList paths = QFile::decodeName(pathEnv).split(pathSep, QString::SkipEmptyParts); ++ for (QStringList::iterator it = paths.begin(); it != paths.end(); ++it) { ++ it->append("/smbd"); ++ if (QFile::exists(*it)) { ++ return true; ++ } ++ } + } + +- //qDebug() << "Samba is not installed!"; +- + return false; + } + diff --git a/gnu/packages/patches/kpackage-allow-external-paths.patch b/gnu/packages/patches/kpackage-allow-external-paths.patch new file mode 100644 index 0000000000..c1c9efde7f --- /dev/null +++ b/gnu/packages/patches/kpackage-allow-external-paths.patch @@ -0,0 +1,13 @@ +diff --git a/src/kpackage/package.cpp b/src/kpackage/package.cpp +index 5aec9fd..b15c933 100644 +--- a/src/kpackage/package.cpp ++++ b/src/kpackage/package.cpp +@@ -820,7 +820,7 @@ PackagePrivate::PackagePrivate() + : QSharedData(), + fallbackPackage(nullptr), + metadata(nullptr), +- externalPaths(false), ++ externalPaths(true), + valid(false), + checkedValid(false) + { diff --git a/gnu/packages/patches/libarchive-CVE-2018-1000877.patch b/gnu/packages/patches/libarchive-CVE-2018-1000877.patch new file mode 100644 index 0000000000..5b68884a0f --- /dev/null +++ b/gnu/packages/patches/libarchive-CVE-2018-1000877.patch @@ -0,0 +1,45 @@ +Fix CVE-2018-1000877: + +https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909 +https://github.com/libarchive/libarchive/pull/1105 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000877 +https://security-tracker.debian.org/tracker/CVE-2018-1000877 + +Patch copied from upstream source repository: + +https://github.com/libarchive/libarchive/commit/021efa522ad729ff0f5806c4ce53e4a6cc1daa31 + +From 021efa522ad729ff0f5806c4ce53e4a6cc1daa31 Mon Sep 17 00:00:00 2001 +From: Daniel Axtens <dja@axtens.net> +Date: Tue, 20 Nov 2018 17:56:29 +1100 +Subject: [PATCH] Avoid a double-free when a window size of 0 is specified + +new_size can be 0 with a malicious or corrupted RAR archive. + +realloc(area, 0) is equivalent to free(area), so the region would +be free()d here and the free()d again in the cleanup function. + +Found with a setup running AFL, afl-rb, and qsym. +--- + libarchive/archive_read_support_format_rar.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c +index 23452222..6f419c27 100644 +--- a/libarchive/archive_read_support_format_rar.c ++++ b/libarchive/archive_read_support_format_rar.c +@@ -2300,6 +2300,11 @@ parse_codes(struct archive_read *a) + new_size = DICTIONARY_MAX_SIZE; + else + new_size = rar_fls((unsigned int)rar->unp_size) << 1; ++ if (new_size == 0) { ++ archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, ++ "Zero window size is invalid."); ++ return (ARCHIVE_FATAL); ++ } + new_window = realloc(rar->lzss.window, new_size); + if (new_window == NULL) { + archive_set_error(&a->archive, ENOMEM, +-- +2.20.1 + diff --git a/gnu/packages/patches/libarchive-CVE-2018-1000878.patch b/gnu/packages/patches/libarchive-CVE-2018-1000878.patch new file mode 100644 index 0000000000..fef0881320 --- /dev/null +++ b/gnu/packages/patches/libarchive-CVE-2018-1000878.patch @@ -0,0 +1,86 @@ +Fix CVE-2018-1000878: + +https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909 +https://github.com/libarchive/libarchive/pull/1105 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000878 +https://security-tracker.debian.org/tracker/CVE-2018-1000878 + +Patch copied from upstream source repository: + +https://github.com/libarchive/libarchive/commit/bfcfe6f04ed20db2504db8a254d1f40a1d84eb28 + +From bfcfe6f04ed20db2504db8a254d1f40a1d84eb28 Mon Sep 17 00:00:00 2001 +From: Daniel Axtens <dja@axtens.net> +Date: Tue, 4 Dec 2018 00:55:22 +1100 +Subject: [PATCH] rar: file split across multi-part archives must match + +Fuzzing uncovered some UAF and memory overrun bugs where a file in a +single file archive reported that it was split across multiple +volumes. This was caused by ppmd7 operations calling +rar_br_fillup. This would invoke rar_read_ahead, which would in some +situations invoke archive_read_format_rar_read_header. That would +check the new file name against the old file name, and if they didn't +match up it would free the ppmd7 buffer and allocate a new +one. However, because the ppmd7 decoder wasn't actually done with the +buffer, it would continue to used the freed buffer. Both reads and +writes to the freed region can be observed. + +This is quite tricky to solve: once the buffer has been freed it is +too late, as the ppmd7 decoder functions almost universally assume +success - there's no way for ppmd_read to signal error, nor are there +good ways for functions like Range_Normalise to propagate them. So we +can't detect after the fact that we're in an invalid state - e.g. by +checking rar->cursor, we have to prevent ourselves from ever ending up +there. So, when we are in the dangerous part or rar_read_ahead that +assumes a valid split, we set a flag force read_header to either go +down the path for split files or bail. This means that the ppmd7 +decoder keeps a valid buffer and just runs out of data. + +Found with a combination of AFL, afl-rb and qsym. +--- + libarchive/archive_read_support_format_rar.c | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c +index 6f419c27..a8cc5c94 100644 +--- a/libarchive/archive_read_support_format_rar.c ++++ b/libarchive/archive_read_support_format_rar.c +@@ -258,6 +258,7 @@ struct rar + struct data_block_offsets *dbo; + unsigned int cursor; + unsigned int nodes; ++ char filename_must_match; + + /* LZSS members */ + struct huffman_code maincode; +@@ -1560,6 +1561,12 @@ read_header(struct archive_read *a, struct archive_entry *entry, + } + return ret; + } ++ else if (rar->filename_must_match) ++ { ++ archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, ++ "Mismatch of file parts split across multi-volume archive"); ++ return (ARCHIVE_FATAL); ++ } + + rar->filename_save = (char*)realloc(rar->filename_save, + filename_size + 1); +@@ -2933,12 +2940,14 @@ rar_read_ahead(struct archive_read *a, size_t min, ssize_t *avail) + else if (*avail == 0 && rar->main_flags & MHD_VOLUME && + rar->file_flags & FHD_SPLIT_AFTER) + { ++ rar->filename_must_match = 1; + ret = archive_read_format_rar_read_header(a, a->entry); + if (ret == (ARCHIVE_EOF)) + { + rar->has_endarc_header = 1; + ret = archive_read_format_rar_read_header(a, a->entry); + } ++ rar->filename_must_match = 0; + if (ret != (ARCHIVE_OK)) + return NULL; + return rar_read_ahead(a, min, avail); +-- +2.20.1 + diff --git a/gnu/packages/patches/libarchive-CVE-2018-1000880.patch b/gnu/packages/patches/libarchive-CVE-2018-1000880.patch new file mode 100644 index 0000000000..6834cabda0 --- /dev/null +++ b/gnu/packages/patches/libarchive-CVE-2018-1000880.patch @@ -0,0 +1,51 @@ +Fix CVE-2018-1000880: + +https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909 +https://github.com/libarchive/libarchive/pull/1105 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880 +https://security-tracker.debian.org/tracker/CVE-2018-1000880 + +Patch copied from upstream source repository: + +https://github.com/libarchive/libarchive/commit/9c84b7426660c09c18cc349f6d70b5f8168b5680 + +From 9c84b7426660c09c18cc349f6d70b5f8168b5680 Mon Sep 17 00:00:00 2001 +From: Daniel Axtens <dja@axtens.net> +Date: Tue, 4 Dec 2018 16:33:42 +1100 +Subject: [PATCH] warc: consume data once read + +The warc decoder only used read ahead, it wouldn't actually consume +data that had previously been printed. This means that if you specify +an invalid content length, it will just reprint the same data over +and over and over again until it hits the desired length. + +This means that a WARC resource with e.g. +Content-Length: 666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666665 +but only a few hundred bytes of data, causes a quasi-infinite loop. + +Consume data in subsequent calls to _warc_read. + +Found with an AFL + afl-rb + qsym setup. +--- + libarchive/archive_read_support_format_warc.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/libarchive/archive_read_support_format_warc.c b/libarchive/archive_read_support_format_warc.c +index e8753853..e8fc8428 100644 +--- a/libarchive/archive_read_support_format_warc.c ++++ b/libarchive/archive_read_support_format_warc.c +@@ -386,6 +386,11 @@ _warc_read(struct archive_read *a, const void **buf, size_t *bsz, int64_t *off) + return (ARCHIVE_EOF); + } + ++ if (w->unconsumed) { ++ __archive_read_consume(a, w->unconsumed); ++ w->unconsumed = 0U; ++ } ++ + rab = __archive_read_ahead(a, 1U, &nrd); + if (nrd < 0) { + *bsz = 0U; +-- +2.20.1 + diff --git a/gnu/packages/patches/libextractor-CVE-2018-20430.patch b/gnu/packages/patches/libextractor-CVE-2018-20430.patch new file mode 100644 index 0000000000..570cd7c006 --- /dev/null +++ b/gnu/packages/patches/libextractor-CVE-2018-20430.patch @@ -0,0 +1,60 @@ +Fix CVE-2018-20430: + +https://gnunet.org/bugs/view.php?id=5493 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20430 +https://security-tracker.debian.org/tracker/CVE-2018-20430 + +Patch copied from upstream source repository: + +https://gnunet.org/git/libextractor.git/commit/?id=b405d707b36e0654900cba78e89f49779efea110 + +From b405d707b36e0654900cba78e89f49779efea110 Mon Sep 17 00:00:00 2001 +From: Christian Grothoff <christian@grothoff.org> +Date: Thu, 20 Dec 2018 22:47:53 +0100 +Subject: [PATCH] fix #5493 (out of bounds read) + +--- + src/common/convert.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/src/common/convert.c b/src/common/convert.c +index c0edf21..2be2108 100644 +--- a/src/common/convert.c ++++ b/src/common/convert.c +@@ -36,8 +36,8 @@ + * string is returned. + */ + char * +-EXTRACTOR_common_convert_to_utf8 (const char *input, +- size_t len, ++EXTRACTOR_common_convert_to_utf8 (const char *input, ++ size_t len, + const char *charset) + { + #if HAVE_ICONV +@@ -52,7 +52,7 @@ EXTRACTOR_common_convert_to_utf8 (const char *input, + i = input; + cd = iconv_open ("UTF-8", charset); + if (cd == (iconv_t) - 1) +- return strdup (i); ++ return strndup (i, len); + if (len > 1024 * 1024) + { + iconv_close (cd); +@@ -67,11 +67,11 @@ EXTRACTOR_common_convert_to_utf8 (const char *input, + } + itmp = tmp; + finSize = tmpSize; +- if (iconv (cd, (char **) &input, &len, &itmp, &finSize) == SIZE_MAX) ++ if (iconv (cd, (char **) &input, &len, &itmp, &finSize) == ((size_t) -1)) + { + iconv_close (cd); + free (tmp); +- return strdup (i); ++ return strndup (i, len); + } + ret = malloc (tmpSize - finSize + 1); + if (ret == NULL) +-- +2.20.1 + diff --git a/gnu/packages/patches/libextractor-CVE-2018-20431.patch b/gnu/packages/patches/libextractor-CVE-2018-20431.patch new file mode 100644 index 0000000000..855c5ba64b --- /dev/null +++ b/gnu/packages/patches/libextractor-CVE-2018-20431.patch @@ -0,0 +1,53 @@ +Fix CVE-2018-20431: + +https://gnunet.org/bugs/view.php?id=5494 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20431 +https://security-tracker.debian.org/tracker/CVE-2018-20431 + +Patch copied from upstream source repository: + +https://gnunet.org/git/libextractor.git/commit/?id=489c4a540bb2c4744471441425b8932b97a153e7 + +To apply the patch to libextractor 1.8 release tarball, +hunk #1 which patches ChangeLog is removed. + +From 489c4a540bb2c4744471441425b8932b97a153e7 Mon Sep 17 00:00:00 2001 +From: Christian Grothoff <christian@grothoff.org> +Date: Thu, 20 Dec 2018 23:02:28 +0100 +Subject: [PATCH] fix #5494 + +--- + ChangeLog | 3 ++- + src/plugins/ole2_extractor.c | 9 +++++++-- + 2 files changed, 9 insertions(+), 3 deletions(-) + +diff --git a/src/plugins/ole2_extractor.c b/src/plugins/ole2_extractor.c +index 53fa1b9..a48b726 100644 +--- a/src/plugins/ole2_extractor.c ++++ b/src/plugins/ole2_extractor.c +@@ -173,7 +173,7 @@ struct ProcContext + EXTRACTOR_MetaDataProcessor proc; + + /** +- * Closure for 'proc'. ++ * Closure for @e proc. + */ + void *proc_cls; + +@@ -213,7 +213,12 @@ process_metadata (gpointer key, + + if (G_VALUE_TYPE(gval) == G_TYPE_STRING) + { +- contents = strdup (g_value_get_string (gval)); ++ const char *gvals; ++ ++ gvals = g_value_get_string (gval); ++ if (NULL == gvals) ++ return; ++ contents = strdup (gvals); + } + else + { +-- +2.20.1 + diff --git a/gnu/packages/patches/owncloud-disable-updatecheck.patch b/gnu/packages/patches/owncloud-disable-updatecheck.patch index 69a984a104..3469398eb4 100644 --- a/gnu/packages/patches/owncloud-disable-updatecheck.patch +++ b/gnu/packages/patches/owncloud-disable-updatecheck.patch @@ -10,14 +10,14 @@ Last-Update: 2014-02-17 This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ --- a/src/libsync/configfile.cpp +++ b/src/libsync/configfile.cpp -@@ -417,11 +417,14 @@ bool ConfigFile::skipUpdateCheck( const - QString con( connection ); - if( connection.isEmpty() ) con = defaultConnection(); - +@@ -522,11 +522,14 @@ bool ConfigFile::skipUpdateCheck(const Q + if (connection.isEmpty()) + con = defaultConnection(); + - QVariant fallback = getValue(QLatin1String(skipUpdateCheckC), con, false); + QVariant fallback = getValue(QLatin1String(skipUpdateCheckC), con, true); fallback = getValue(QLatin1String(skipUpdateCheckC), QString(), fallback); - + QVariant value = getPolicySetting(QLatin1String(skipUpdateCheckC), fallback); - return value.toBool(); + if ( !value.toBool() ) @@ -25,25 +25,25 @@ This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ + + return true; } - - void ConfigFile::setSkipUpdateCheck( bool skip, const QString& connection ) + + void ConfigFile::setSkipUpdateCheck(bool skip, const QString &connection) --- a/src/gui/generalsettings.cpp +++ b/src/gui/generalsettings.cpp -@@ -124,6 +124,7 @@ void GeneralSettings::loadMiscSettings() - +@@ -146,6 +149,7 @@ void GeneralSettings::loadMiscSettings() + void GeneralSettings::slotUpdateInfo() { + /* Guix doesn't want an autoupdater - // Note: the sparkle-updater is not an OCUpdater - OCUpdater *updater = qobject_cast<OCUpdater*>(Updater::instance()); - if (ConfigFile().skipUpdateCheck()) { -@@ -140,6 +141,9 @@ void GeneralSettings::slotUpdateInfo() - // can't have those infos from sparkle currently - _ui->updatesGroupBox->setVisible(false); - } + if (ConfigFile().skipUpdateCheck() || !Updater::instance()) { + // updater disabled on compile + _ui->updaterWidget->setVisible(false); +@@ -174,6 +178,9 @@ void GeneralSettings::slotUpdateInfo() + _ui->updateChannel->setCurrentIndex(ConfigFile().updateChannel() == "beta" ? 1 : 0); + connect(_ui->updateChannel, static_cast<void (QComboBox::*)(int)>(&QComboBox::currentIndexChanged), + this, &GeneralSettings::slotUpdateChannelChanged, Qt::UniqueConnection); + */ + //hide the update group box for Guix. -+ _ui->updatesGroupBox->setVisible(false); ++ _ui->updaterWidget->setVisible(false); } - - void GeneralSettings::saveMiscSettings() + + void GeneralSettings::slotUpdateChannelChanged(int index) diff --git a/gnu/packages/patches/streamlink-update-test.patch b/gnu/packages/patches/streamlink-update-test.patch new file mode 100644 index 0000000000..2d90009192 --- /dev/null +++ b/gnu/packages/patches/streamlink-update-test.patch @@ -0,0 +1,70 @@ +https://github.com/streamlink/streamlink/commit/a3123346824ee7b9c461110f292ea6987ea9a78d.patch +This is taken from upstream, and can be removed at the next release + +From c6f3994e177a42792238f2edd07ba9053c10abc9 Mon Sep 17 00:00:00 2001 +From: back-to <backto@protonmail.ch> +Date: Sat, 21 Jul 2018 14:30:51 +0200 +Subject: [PATCH] tests.localization: use en_CA instead of en_US for + test_equivalent + +**python-iso3166** got an update which breaks the Streamlink tests. +https://pypi.org/project/iso3166/#history + +**python-iso3166** and **pycountry** have now a different `name` for _the United States of America_ + +> python-iso3166: United States of America +https://github.com/deactivated/python-iso3166/commit/e5f8b37f18b01fcb5fa0e8130d8296fc7a7b5a9f + +> pycountry: United States +https://bitbucket.org/flyingcircus/pycountry/src/5aa4bb47e33798cb631a81521b7b5b18f7d6c919/src/pycountry/databases/iso3166-1.json?at=default&fileviewer=file-view-default#iso3166-1.json-1572:1578 + +https://www.iso.org/obp/ui/#iso:code:3166:US + +--- + +use **en_CA** instead of **en_US** for backwards compatibility, +as changing the **US** name would fail with older versions of **python-iso3166** / **pycountry** +--- + tests/test_localization.py | 13 +++++++------ + 1 file changed, 7 insertions(+), 6 deletions(-) + +diff --git a/tests/test_localization.py b/tests/test_localization.py +index 0b81ae591..90bb3ac31 100644 +--- a/tests/test_localization.py ++++ b/tests/test_localization.py +@@ -32,11 +32,12 @@ def test_bad_language_code(self): + self.assertRaises(LookupError, l10n.Localization, "enUS") + + def test_equivalent(self): +- l = l10n.Localization("en_US") ++ l = l10n.Localization("en_CA") + self.assertTrue(l.equivalent(language="eng")) + self.assertTrue(l.equivalent(language="en")) +- self.assertTrue(l.equivalent(language="en", country="US")) +- self.assertTrue(l.equivalent(language="en", country="United States")) ++ self.assertTrue(l.equivalent(language="en", country="CA")) ++ self.assertTrue(l.equivalent(language="en", country="CAN")) ++ self.assertTrue(l.equivalent(language="en", country="Canada")) + + def test_equivalent_remap(self): + l = l10n.Localization("fr_FR") +@@ -48,7 +49,7 @@ def test_not_equivalent(self): + self.assertFalse(l.equivalent(language="eng")) + self.assertFalse(l.equivalent(language="en")) + self.assertFalse(l.equivalent(language="en", country="US")) +- self.assertFalse(l.equivalent(language="en", country="United States")) ++ self.assertFalse(l.equivalent(language="en", country="Canada")) + self.assertFalse(l.equivalent(language="en", country="ES")) + self.assertFalse(l.equivalent(language="en", country="Spain")) + +@@ -71,8 +72,8 @@ def test_get_country(self): + l10n.Localization.get_country("USA").alpha2) + self.assertEqual("GB", + l10n.Localization.get_country("GB").alpha2) +- self.assertEqual("United States", +- l10n.Localization.get_country("United States").name) ++ self.assertEqual("Canada", ++ l10n.Localization.get_country("Canada").name) + + def test_get_country_miss(self): + self.assertRaises(LookupError, l10n.Localization.get_country, "XE") diff --git a/gnu/packages/patches/unrtf-CVE-2016-10091.patch b/gnu/packages/patches/unrtf-CVE-2016-10091.patch deleted file mode 100644 index badd1b8ed6..0000000000 --- a/gnu/packages/patches/unrtf-CVE-2016-10091.patch +++ /dev/null @@ -1,189 +0,0 @@ -Fix CVE-2016-10091 (stack-based buffer overflows in cmd_* functions): - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10091 -https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849705 -http://seclists.org/oss-sec/2016/q4/787 - -Patch adapted from Debian: - -https://anonscm.debian.org/cgit/collab-maint/unrtf.git/commit/?h=jessie&id=7500a48fb0fbad3ab963fb17560b2f90a8a485c8 - -The Debian patch adapts this upstream commit so that it can be applied -to the 0.21.9 release tarball: - -http://hg.savannah.gnu.org/hgweb/unrtf/rev/3b16893a6406 - -From 7dd568ed8a6a5acb6c04f2b40f457d63a00435f3 Mon Sep 17 00:00:00 2001 -From: Willi Mann <willi@debian.org> -Date: Sat, 31 Dec 2016 20:31:38 +0100 -Subject: [PATCH] Add patch from upstream to fix CVE-2016-10091 (buffer - overflow in various cmd_ functions) - -diff --git a/src/attr.c b/src/attr.c -index 02b5c81..e2951ea 100644 ---- a/src/attr.c -+++ b/src/attr.c -@@ -746,7 +746,7 @@ char * - assemble_string(char *string, int nr) - { - -- char *s, tmp[12];/* Number of characters that can be in int type (including '\0') - AF */ -+ char *s, tmp[20]; - int i = 0, j = 0; - - if (string == NULL) -@@ -762,7 +762,7 @@ assemble_string(char *string, int nr) - } - - if (string[i] != '\0') { -- sprintf(tmp, "%d", nr); -+ snprintf(tmp, 20, "%d", nr); - strcpy(&s[j], tmp); - j = j + strlen(tmp); - } -diff --git a/src/convert.c b/src/convert.c -index c76d7d6..8eacdcb 100644 ---- a/src/convert.c -+++ b/src/convert.c -@@ -472,7 +472,7 @@ static const int fcharsetparmtocp(int parm) - } - - // Translate code page to encoding name hopefully suitable as iconv input --static char *cptoencoding(parm) -+static char *cptoencoding(int parm) - { - // Note that CP0 is supposed to mean current system default, which does - // not make any sense as a stored value, we don't handle it. -@@ -964,7 +964,7 @@ cmd_cf (Word *w, int align, char has_param, int num) - } - else - { -- sprintf(str,"#%02x%02x%02x", -+ snprintf(str, 40, "#%02x%02x%02x", - color_table[num].r, - color_table[num].g, - color_table[num].b); -@@ -993,7 +993,7 @@ cmd_cb (Word *w, int align, char has_param, int num) - } - else - { -- sprintf(str,"#%02x%02x%02x", -+ snprintf(str, 40, "#%02x%02x%02x", - color_table[num].r, - color_table[num].g, - color_table[num].b); -@@ -1018,7 +1018,7 @@ cmd_fs (Word *w, int align, char has_param, int points) { - /* Note, fs20 means 10pt */ - points /= 2; - -- sprintf(str,"%d",points); -+ snprintf(str, 20, "%d", points); - attr_push(ATTR_FONTSIZE,str); - - return FALSE; -@@ -1166,7 +1166,7 @@ cmd_f (Word *w, int align, char has_param, int num) - { - // TOBEDONE: WHAT'S THIS ??? - name = my_malloc(12); -- sprintf(name, "%d", num); -+ snprintf(name, 12, "%d", num); - } - - /* we are going to output entities, so should not output font */ -@@ -1218,7 +1218,7 @@ cmd_highlight (Word *w, int align, char has_param, int num) - } - else - { -- sprintf(str,"#%02x%02x%02x", -+ snprintf(str, 40, "#%02x%02x%02x", - color_table[num].r, - color_table[num].g, - color_table[num].b); -@@ -1373,9 +1373,9 @@ cmd_ftech (Word *w, int align, char has_param, int param) { - - static int - cmd_expand (Word *w, int align, char has_param, int param) { -- char str[10]; -+ char str[20]; - if (has_param) { -- sprintf(str, "%d", param/4); -+ snprintf(str, 20, "%d", param / 4); - if (!param) - attr_pop(ATTR_EXPAND); - else -@@ -1394,7 +1394,7 @@ cmd_expand (Word *w, int align, char has_param, int param) { - - static int - cmd_emboss (Word *w, int align, char has_param, int param) { -- char str[10]; -+ char str[20]; - if (has_param && !param) - #ifdef SUPPORT_UNNESTED - attr_find_pop(ATTR_EMBOSS); -@@ -1403,7 +1403,7 @@ cmd_emboss (Word *w, int align, char has_param, int param) { - #endif - else - { -- sprintf(str, "%d", param); -+ snprintf(str, 20, "%d", param); - attr_push(ATTR_EMBOSS, str); - } - return FALSE; -@@ -1419,12 +1419,12 @@ cmd_emboss (Word *w, int align, char has_param, int param) { - - static int - cmd_engrave (Word *w, int align, char has_param, int param) { -- char str[10]; -+ char str[20]; - if (has_param && !param) - attr_pop(ATTR_ENGRAVE); - else - { -- sprintf(str, "%d", param); -+ snprintf(str, 20, "%d", param); - attr_push(ATTR_ENGRAVE, str); - } - return FALSE; -@@ -1976,7 +1976,7 @@ static int cmd_u (Word *w, int align, char has_param, int param) { - - short done=0; - long unicode_number = (long) param; /* On 16bit architectures int is too small to store unicode characters. - AF */ -- char tmp[12]; /* Number of characters that can be in int type (including '\0'). If int size is greater than 4 bytes change this value. - AF */ -+ char tmp[20]; /* Number of characters that can be in int type (including '\0'). If int size is greater than 4 bytes change this value. - AF */ - const char *alias; - #define DEBUG 0 - #if DEBUG -@@ -2006,7 +2006,7 @@ static int cmd_u (Word *w, int align, char has_param, int param) { - /* RTF spec: Unicode values beyond 32767 are represented by negative numbers */ - unicode_number += 65536; - } -- sprintf(tmp, "%ld", unicode_number); -+ snprintf(tmp, 20, "%ld", unicode_number); - - if (safe_printf(1, op->unisymbol_print, tmp)) fprintf(stderr, TOO_MANY_ARGS, "unisymbol_print"); - done++; -diff --git a/src/output.c b/src/output.c -index 86d8b5c..4cdbfa6 100644 ---- a/src/output.c -+++ b/src/output.c -@@ -320,7 +320,7 @@ op_begin_std_fontsize (OutputPersonality *op, int size) - if (!found_std_expr) { - if (op->fontsize_begin) { - char expr[16]; -- sprintf (expr, "%d", size); -+ snprintf(expr, 16, "%d", size); - if (safe_printf (1, op->fontsize_begin, expr)) fprintf(stderr, TOO_MANY_ARGS, "fontsize_begin"); - } else { - /* If we cannot write out a change for the exact -@@ -440,7 +440,7 @@ op_end_std_fontsize (OutputPersonality *op, int size) - if (!found_std_expr) { - if (op->fontsize_end) { - char expr[16]; -- sprintf (expr, "%d", size); -+ snprintf(expr, 16, "%d", size); - if (safe_printf(1, op->fontsize_end, expr)) fprintf(stderr, TOO_MANY_ARGS, "fontsize_end"); - } else { - /* If we cannot write out a change for the exact -- -.11.0 - diff --git a/gnu/packages/patches/vboot-utils-fix-format-load-address.patch b/gnu/packages/patches/vboot-utils-fix-format-load-address.patch new file mode 100644 index 0000000000..899531e40e --- /dev/null +++ b/gnu/packages/patches/vboot-utils-fix-format-load-address.patch @@ -0,0 +1,33 @@ +This patch was copied from Debian. + +Description: Fix format load_address for 32 bits architectures + The offset and load_address are 64bits integers + On 32bits we have to use strtoull (instead of strtoul) to parse number + into 64bits unsigned integers. Without this the parsed numbers are + truncated to 2^32-1. +Author: Sophie Brun <sophie@freexian.com> +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881997 +Forwarded: https://bugs.chromium.org/p/chromium/issues/detail?id=786969 +Last-Update: 2017-11-20 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +--- a/futility/cmd_bdb.c ++++ b/futility/cmd_bdb.c +@@ -637,7 +637,7 @@ static int do_bdb(int argc, char *argv[] + } + break; + case OPT_OFFSET: +- offset = strtoul(optarg, &e, 0); ++ offset = strtoull(optarg, &e, 0); + if (!*optarg || (e && *e)) { + fprintf(stderr, "Invalid --offset\n"); + parse_error = 1; +@@ -658,7 +658,7 @@ static int do_bdb(int argc, char *argv[] + } + break; + case OPT_LOAD_ADDRESS: +- load_address = strtoul(optarg, &e, 0); ++ load_address = strtoull(optarg, &e, 0); + if (!*optarg || (e && *e)) { + fprintf(stderr, "Invalid --load_address\n"); + parse_error = 1; diff --git a/gnu/packages/patches/vboot-utils-fix-tests-show-contents.patch b/gnu/packages/patches/vboot-utils-fix-tests-show-contents.patch new file mode 100644 index 0000000000..8e0c691a22 --- /dev/null +++ b/gnu/packages/patches/vboot-utils-fix-tests-show-contents.patch @@ -0,0 +1,142 @@ +This patch was copied from Debian. + +Description: Fix tests/futility/test_show_contents.sh + Tests compare generated files containing the file path and upstream files + ("expected output") containing path like + "/mnt/host/source/src/platform/vboot_reference/tests/". They can't + match. Drop these lines mentioning paths in the generated files and in + the upstream provided files to avoid failures. +Author: Sophie Brun <sophie@freexian.com> +Last-Update: 2017-11-14 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +--- a/tests/futility/expect_output/show.tests_devkeys_kernel.keyblock ++++ b/tests/futility/expect_output/show.tests_devkeys_kernel.keyblock +@@ -1,4 +1,3 @@ +-Key block: /mnt/host/source/src/platform/vboot_reference/tests/devkeys/kernel.keyblock + Signature: ignored + Size: 0x4b8 + Flags: 7 !DEV DEV !REC +--- a/tests/futility/expect_output/show.tests_devkeys_root_key.vbprivk ++++ b/tests/futility/expect_output/show.tests_devkeys_root_key.vbprivk +@@ -1,4 +1,3 @@ +-Private Key file: /mnt/host/source/src/platform/vboot_reference/tests/devkeys/root_key.vbprivk + Vboot API: 1.0 + Algorithm: 11 RSA8192 SHA512 + Key sha1sum: b11d74edd286c144e1135b49e7f0bc20cf041f10 +--- a/tests/futility/expect_output/show.tests_devkeys_root_key.vbpubk ++++ b/tests/futility/expect_output/show.tests_devkeys_root_key.vbpubk +@@ -1,4 +1,3 @@ +-Public Key file: /mnt/host/source/src/platform/vboot_reference/tests/devkeys/root_key.vbpubk + Vboot API: 1.0 + Algorithm: 11 RSA8192 SHA512 + Key Version: 1 +--- a/tests/futility/expect_output/show.tests_futility_data_bios_mario_mp.bin ++++ b/tests/futility/expect_output/show.tests_futility_data_bios_mario_mp.bin +@@ -1,4 +1,3 @@ +-BIOS: /mnt/host/source/src/platform/vboot_reference/tests/futility/data/bios_mario_mp.bin + GBB header: GBB Area + Version: 1.0 + Flags: 0x00000000 +--- a/tests/futility/expect_output/show.tests_futility_data_bios_zgb_mp.bin ++++ b/tests/futility/expect_output/show.tests_futility_data_bios_zgb_mp.bin +@@ -1,4 +1,3 @@ +-BIOS: /mnt/host/source/src/platform/vboot_reference/tests/futility/data/bios_zgb_mp.bin + GBB header: GBB + Version: 1.0 + Flags: 0x00000000 +--- a/tests/futility/expect_output/show.tests_futility_data_fw_gbb.bin ++++ b/tests/futility/expect_output/show.tests_futility_data_fw_gbb.bin +@@ -1,4 +1,3 @@ +-GBB header: /mnt/host/source/src/platform/vboot_reference/tests/futility/data/fw_gbb.bin + Version: 1.1 + Flags: 0x00000039 + Regions: offset size +--- a/tests/futility/expect_output/show.tests_futility_data_fw_vblock.bin ++++ b/tests/futility/expect_output/show.tests_futility_data_fw_vblock.bin +@@ -1,4 +1,3 @@ +-Key block: /mnt/host/source/src/platform/vboot_reference/tests/futility/data/fw_vblock.bin + Signature: ignored + Size: 0x8b8 + Flags: 7 !DEV DEV !REC +--- a/tests/futility/expect_output/show.tests_futility_data_kern_preamble.bin ++++ b/tests/futility/expect_output/show.tests_futility_data_kern_preamble.bin +@@ -1,4 +1,3 @@ +-Kernel partition: /mnt/host/source/src/platform/vboot_reference/tests/futility/data/kern_preamble.bin + Key block: + Signature: ignored + Size: 0x5b8 +--- a/tests/futility/expect_output/show.tests_futility_data_sample.vbprik2 ++++ b/tests/futility/expect_output/show.tests_futility_data_sample.vbprik2 +@@ -1,4 +1,3 @@ +-Private key file: /mnt/host/source/src/platform/vboot_reference/tests/futility/data/sample.vbprik2 + Vboot API: 2.1 + Desc: "sample vb21 keypair" + Signature Algorithm: 5 RSA8192 +--- a/tests/futility/expect_output/show.tests_futility_data_sample.vbpubk2 ++++ b/tests/futility/expect_output/show.tests_futility_data_sample.vbpubk2 +@@ -1,4 +1,3 @@ +-Public Key file: /mnt/host/source/src/platform/vboot_reference/tests/futility/data/sample.vbpubk2 + Vboot API: 2.1 + Desc: "sample vb21 keypair" + Signature Algorithm: 5 RSA8192 +--- a/tests/futility/expect_output/show.tests_testkeys_key_rsa2048.pem ++++ b/tests/futility/expect_output/show.tests_testkeys_key_rsa2048.pem +@@ -1,3 +1,2 @@ +-Private Key file: /mnt/host/source/src/platform/vboot_reference/tests/testkeys/key_rsa2048.pem + Key length: 2048 + Key sha1sum: bfb2fa9188a87bf766dd7c313ea6802553b646b6 +--- a/tests/futility/expect_output/show.tests_testkeys_key_rsa8192.pub.pem ++++ b/tests/futility/expect_output/show.tests_testkeys_key_rsa8192.pub.pem +@@ -1,3 +1,2 @@ +-Public Key file: /mnt/host/source/src/platform/vboot_reference/tests/testkeys/key_rsa8192.pub.pem + Key length: 8192 + Key sha1sum: f1afa44a1aed0d0e9ff630579df920a725e9de5e +--- a/tests/futility/test_show_contents.sh ++++ b/tests/futility/test_show_contents.sh +@@ -29,7 +29,7 @@ for file in $SHOW_FILES; do + outfile="show.${file//\//_}" + gotfile="${OUTDIR}/${outfile}" + wantfile="${SRCDIR}/tests/futility/expect_output/${outfile}" +- ${FUTILITY} show "${SRCDIR}/${file}" | tee "${gotfile}" ++ ${FUTILITY} show "${SRCDIR}/${file}" | grep -v "tests/" | tee "${gotfile}" + + # Uncomment this to update the expected output + #cp ${gotfile} ${wantfile} +@@ -48,7 +48,7 @@ for file in $VBUTIL_KEY_FILES; do + outfile="vbutil_key.${file//\//_}" + gotfile="${OUTDIR}/${outfile}" + wantfile="${SRCDIR}/tests/futility/expect_output/${outfile}" +- ${FUTILITY} vbutil_key --unpack "${SRCDIR}/${file}" | tee "${gotfile}" ++ ${FUTILITY} vbutil_key --unpack "${SRCDIR}/${file}" | grep -v "tests/" | tee "${gotfile}" + + # Uncomment this to update the expected output + #cp ${gotfile} ${wantfile} +@@ -64,7 +64,7 @@ gotfile="${OUTDIR}/${outfile}" + wantfile="${SRCDIR}/tests/futility/expect_output/${outfile}" + ${FUTILITY} vbutil_keyblock --unpack "${SRCDIR}/${file}" \ + --signpubkey "${SRCDIR}/tests/devkeys/kernel_subkey.vbpubk" \ +- | tee "${gotfile}" ++ | grep -v "tests/" | tee "${gotfile}" + + # Uncomment this to update the expected output + #cp ${gotfile} ${wantfile} +--- a/tests/futility/expect_output/vbutil_key.tests_devkeys_root_key.vbprivk ++++ b/tests/futility/expect_output/vbutil_key.tests_devkeys_root_key.vbprivk +@@ -1,2 +1 @@ +-Private Key file: /mnt/host/source/src/platform/vboot_reference/tests/devkeys/root_key.vbprivk + Algorithm: 11 RSA8192 SHA512 +--- a/tests/futility/expect_output/vbutil_keyblock.tests_devkeys_kernel.keyblock ++++ b/tests/futility/expect_output/vbutil_keyblock.tests_devkeys_kernel.keyblock +@@ -1,4 +1,3 @@ +-Key block file: /mnt/host/source/src/platform/vboot_reference/tests/devkeys/kernel.keyblock + Signature valid + Flags: 7 !DEV DEV !REC + Data key algorithm: 4 RSA2048 SHA256 +--- a/tests/futility/expect_output/vbutil_key.tests_devkeys_root_key.vbpubk ++++ b/tests/futility/expect_output/vbutil_key.tests_devkeys_root_key.vbpubk +@@ -1,4 +1,3 @@ +-Public Key file: /mnt/host/source/src/platform/vboot_reference/tests/devkeys/root_key.vbpubk + Algorithm: 11 RSA8192 SHA512 + Key Version: 1 + Key sha1sum: b11d74edd286c144e1135b49e7f0bc20cf041f10 diff --git a/gnu/packages/patches/vboot-utils-skip-test-workbuf.patch b/gnu/packages/patches/vboot-utils-skip-test-workbuf.patch new file mode 100644 index 0000000000..9618c76f83 --- /dev/null +++ b/gnu/packages/patches/vboot-utils-skip-test-workbuf.patch @@ -0,0 +1,21 @@ +This patch was copied from Debian. + +Description: skip the workbuf test if VB2_WORKBUF_ALIGN different from 16 +Author: Sophie Brun <sophie@freexian.com> +Last-Update: 2015-12-03 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +--- a/tests/vb2_common_tests.c ++++ b/tests/vb2_common_tests.c +@@ -70,6 +70,11 @@ static void test_workbuf(void) + /* NOTE: There are several magic numbers below which assume that + * VB2_WORKBUF_ALIGN == 16 */ + ++ /* Skip the tests if VB2_WORKBUF_ALIGN != 16 */ ++ if (VB2_WORKBUF_ALIGN != 16) { ++ return; ++ } ++ + /* Init */ + vb2_workbuf_init(&wb, p0, 64); + TEST_EQ(vb2_offset_of(p0, wb.buf), 0, "Workbuf init aligned"); diff --git a/gnu/packages/patches/vinagre-newer-freerdp.patch b/gnu/packages/patches/vinagre-newer-freerdp.patch new file mode 100644 index 0000000000..ab79fefc5c --- /dev/null +++ b/gnu/packages/patches/vinagre-newer-freerdp.patch @@ -0,0 +1,320 @@ +https://gitlab.gnome.org/GNOME/vinagre/merge_requests/4.patch + +From 83ec3835c36d5cd2c957512c18d21a33b4136c95 Mon Sep 17 00:00:00 2001 +From: Ondrej Holy <oholy@redhat.com> +Date: Tue, 20 Nov 2018 14:57:17 +0100 +Subject: [PATCH 1/2] Fix build with recent FreeRDP versions + +Vinagre is not buildable with recent FreeRDP versions and similar patches +are used by distributions to fix that. I have also removed some old +compatibility codes, because it wasn't buildable against 1.0, nor 1.1 +anyway and 1.2 has never been officially released and is superseded by 2.0. + +https://gitlab.gnome.org/GNOME/vinagre/issues/4 +--- + configure.ac | 7 +- + plugins/rdp/vinagre-rdp-tab.c | 129 +++++++--------------------------- + 2 files changed, 27 insertions(+), 109 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 5b51a82..61617f1 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -58,16 +58,15 @@ AS_IF([test "x$have_ssh" = "xyes"], + AM_CONDITIONAL([VINAGRE_ENABLE_SSH], [test "x$have_ssh" = "xyes"]) + + # Whether to enable support for RDP. +-RDP_DEPS="freerdp x11" ++RDP_DEPS="freerdp2 x11" ++ + AC_ARG_ENABLE([rdp], + [AS_HELP_STRING([--disable-rdp], + [Disable Remote Desktop Protocol (RDP) support])]) + + AS_IF([test "x$enable_rdp" != "xno"], + [PKG_CHECK_EXISTS([$RDP_DEPS], +- [have_rdp=yes +- PKG_CHECK_EXISTS(freerdp >= 1.1, +- [AC_DEFINE([HAVE_FREERDP_1_1], [1], [FreeRDP is of version 1.1 or newer])], [])], ++ [have_rdp=yes], + [have_rdp=no])], + [have_rdp=no]) + +diff --git a/plugins/rdp/vinagre-rdp-tab.c b/plugins/rdp/vinagre-rdp-tab.c +index 5b98c24..28e3eb6 100644 +--- a/plugins/rdp/vinagre-rdp-tab.c ++++ b/plugins/rdp/vinagre-rdp-tab.c +@@ -29,12 +29,7 @@ + #include <freerdp/types.h> + #include <freerdp/freerdp.h> + #include <freerdp/gdi/gdi.h> +-#if HAVE_FREERDP_1_1 + #include <freerdp/locale/keyboard.h> +-#else +-#include <freerdp/kbd/vkcodes.h> +-#include <gdk/gdkx.h> +-#endif + + #include "vinagre-rdp-tab.h" + #include "vinagre-rdp-connection.h" +@@ -44,12 +39,6 @@ + + #define SELECT_TIMEOUT 50 + +-#if !HAVE_FREERDP_1_1 +-typedef boolean BOOL; +-typedef uint8 UINT8; +-typedef uint16 UINT16; +-#endif +- + struct _VinagreRdpTabPrivate + { + freerdp *freerdp_session; +@@ -476,16 +465,18 @@ frdp_drawing_area_draw (GtkWidget *area, + return TRUE; + } + +-static void ++static BOOL + frdp_begin_paint (rdpContext *context) + { + rdpGdi *gdi = context->gdi; + + gdi->primary->hdc->hwnd->invalid->null = 1; + gdi->primary->hdc->hwnd->ninvalid = 0; ++ ++ return TRUE; + } + +-static void ++static BOOL + frdp_end_paint (rdpContext *context) + { + VinagreRdpTab *rdp_tab = ((frdpContext *) context)->rdp_tab; +@@ -495,7 +486,7 @@ frdp_end_paint (rdpContext *context) + gint x, y, w, h; + + if (gdi->primary->hdc->hwnd->invalid->null) +- return; ++ return TRUE; + + x = gdi->primary->hdc->hwnd->invalid->x; + y = gdi->primary->hdc->hwnd->invalid->y; +@@ -517,6 +508,8 @@ frdp_end_paint (rdpContext *context) + { + gtk_widget_queue_draw_area (priv->display, x, y, w, h); + } ++ ++ return TRUE; + } + + static BOOL +@@ -524,7 +517,6 @@ frdp_pre_connect (freerdp *instance) + { + rdpSettings *settings = instance->settings; + +-#if HAVE_FREERDP_1_1 + settings->OrderSupport[NEG_DSTBLT_INDEX] = TRUE; + settings->OrderSupport[NEG_PATBLT_INDEX] = TRUE; + settings->OrderSupport[NEG_SCRBLT_INDEX] = TRUE; +@@ -549,32 +541,6 @@ frdp_pre_connect (freerdp *instance) + settings->OrderSupport[NEG_POLYGON_CB_INDEX] = FALSE; + settings->OrderSupport[NEG_ELLIPSE_SC_INDEX] = FALSE; + settings->OrderSupport[NEG_ELLIPSE_CB_INDEX] = FALSE; +-#else +- settings->order_support[NEG_DSTBLT_INDEX] = true; +- settings->order_support[NEG_PATBLT_INDEX] = true; +- settings->order_support[NEG_SCRBLT_INDEX] = true; +- settings->order_support[NEG_OPAQUE_RECT_INDEX] = true; +- settings->order_support[NEG_DRAWNINEGRID_INDEX] = false; +- settings->order_support[NEG_MULTIDSTBLT_INDEX] = false; +- settings->order_support[NEG_MULTIPATBLT_INDEX] = false; +- settings->order_support[NEG_MULTISCRBLT_INDEX] = false; +- settings->order_support[NEG_MULTIOPAQUERECT_INDEX] = true; +- settings->order_support[NEG_MULTI_DRAWNINEGRID_INDEX] = false; +- settings->order_support[NEG_LINETO_INDEX] = true; +- settings->order_support[NEG_POLYLINE_INDEX] = true; +- settings->order_support[NEG_MEMBLT_INDEX] = true; +- settings->order_support[NEG_MEM3BLT_INDEX] = false; +- settings->order_support[NEG_MEMBLT_V2_INDEX] = true; +- settings->order_support[NEG_MEM3BLT_V2_INDEX] = false; +- settings->order_support[NEG_SAVEBITMAP_INDEX] = false; +- settings->order_support[NEG_GLYPH_INDEX_INDEX] = true; +- settings->order_support[NEG_FAST_INDEX_INDEX] = true; +- settings->order_support[NEG_FAST_GLYPH_INDEX] = false; +- settings->order_support[NEG_POLYGON_SC_INDEX] = false; +- settings->order_support[NEG_POLYGON_CB_INDEX] = false; +- settings->order_support[NEG_ELLIPSE_SC_INDEX] = false; +- settings->order_support[NEG_ELLIPSE_CB_INDEX] = false; +-#endif + + return TRUE; + } +@@ -587,15 +553,7 @@ frdp_post_connect (freerdp *instance) + rdpGdi *gdi; + int stride; + +- gdi_init (instance, +-#if defined(FREERDP_VERSION_MAJOR) && defined(FREERDP_VERSION_MINOR) && \ +- !(FREERDP_VERSION_MAJOR > 1 || (FREERDP_VERSION_MAJOR == 1 && \ +- FREERDP_VERSION_MINOR >= 2)) +- CLRBUF_24BPP, +-#else +- CLRBUF_32BPP, +-#endif +- NULL); ++ gdi_init (instance, PIXEL_FORMAT_BGRA32); + gdi = instance->context->gdi; + + instance->update->BeginPaint = frdp_begin_paint; +@@ -705,21 +663,15 @@ frdp_key_pressed (GtkWidget *widget, + VinagreRdpTab *rdp_tab = (VinagreRdpTab *) user_data; + VinagreRdpTabPrivate *priv = rdp_tab->priv; + frdpEventKey *frdp_event; +-#if HAVE_FREERDP_1_1 + UINT16 scancode; +-#endif + + frdp_event = g_new0 (frdpEventKey, 1); + frdp_event->type = FRDP_EVENT_TYPE_KEY; + frdp_event->flags = event->type == GDK_KEY_PRESS ? KBD_FLAGS_DOWN : KBD_FLAGS_RELEASE; + +-#if HAVE_FREERDP_1_1 + scancode = freerdp_keyboard_get_rdp_scancode_from_x11_keycode (event->hardware_keycode); + frdp_event->code = RDP_SCANCODE_CODE(scancode); + frdp_event->extended = RDP_SCANCODE_EXTENDED(scancode); +-#else +- frdp_event->code = freerdp_kbd_get_scancode_by_keycode (event->hardware_keycode, &frdp_event->extended); +-#endif + + if (frdp_event->extended) + frdp_event->flags |= KBD_FLAGS_EXTENDED; +@@ -934,11 +886,13 @@ frdp_authenticate (freerdp *instance, + return TRUE; + } + +-static BOOL ++static DWORD + frdp_certificate_verify (freerdp *instance, +- char *subject, +- char *issuer, +- char *fingerprint) ++ const char *common_name, ++ const char *subject, ++ const char *issuer, ++ const char *fingerprint, ++ BOOL host_mismatch) + { + VinagreTab *tab = VINAGRE_TAB (((frdpContext *) instance->context)->rdp_tab); + GtkBuilder *builder; +@@ -968,17 +922,18 @@ frdp_certificate_verify (freerdp *instance, + gtk_widget_hide (dialog); + + +- return response == GTK_RESPONSE_YES; ++ return (response == GTK_RESPONSE_YES) ? 1 : 0; + } + +- +-#if HAVE_FREERDP_1_1 +-static BOOL ++static DWORD + frdp_changed_certificate_verify (freerdp *instance, +- char *subject, +- char *issuer, +- char *new_fingerprint, +- char *old_fingerprint) ++ const char *common_name, ++ const char *subject, ++ const char *issuer, ++ const char *new_fingerprint, ++ const char *old_subject, ++ const char *old_issuer, ++ const char *old_fingerprint) + { + VinagreTab *tab = VINAGRE_TAB (((frdpContext *) instance->context)->rdp_tab); + GtkBuilder *builder; +@@ -1023,9 +978,8 @@ frdp_changed_certificate_verify (freerdp *instance, + gtk_widget_hide (dialog); + + +- return response == GTK_RESPONSE_YES; ++ return (response == GTK_RESPONSE_YES) ? 1 : 0; + } +-#endif + + static void + init_freerdp (VinagreRdpTab *rdp_tab) +@@ -1053,15 +1007,9 @@ init_freerdp (VinagreRdpTab *rdp_tab) + priv->freerdp_session->PostConnect = frdp_post_connect; + priv->freerdp_session->Authenticate = frdp_authenticate; + priv->freerdp_session->VerifyCertificate = frdp_certificate_verify; +-#if HAVE_FREERDP_1_1 + priv->freerdp_session->VerifyChangedCertificate = frdp_changed_certificate_verify; +-#endif + +-#if HAVE_FREERDP_1_1 + priv->freerdp_session->ContextSize = sizeof (frdpContext); +-#else +- priv->freerdp_session->context_size = sizeof (frdpContext); +-#endif + + freerdp_context_new (priv->freerdp_session); + ((frdpContext *) priv->freerdp_session->context)->rdp_tab = rdp_tab; +@@ -1070,53 +1018,24 @@ init_freerdp (VinagreRdpTab *rdp_tab) + settings = priv->freerdp_session->settings; + + /* Security settings */ +-#if HAVE_FREERDP_1_1 + settings->RdpSecurity = TRUE; + settings->TlsSecurity = TRUE; + settings->NlaSecurity = TRUE; + settings->EncryptionMethods = ENCRYPTION_METHOD_40BIT | ENCRYPTION_METHOD_128BIT | ENCRYPTION_METHOD_FIPS; + settings->EncryptionLevel = ENCRYPTION_LEVEL_CLIENT_COMPATIBLE; +-#else +- settings->rdp_security = true; +- settings->tls_security = true; +- settings->nla_security = true; +- settings->encryption = true; +- settings->encryption_method = ENCRYPTION_METHOD_40BIT | ENCRYPTION_METHOD_128BIT | ENCRYPTION_METHOD_FIPS; +- settings->encryption_level = ENCRYPTION_LEVEL_CLIENT_COMPATIBLE; +-#endif +-#include <freerdp/version.h> +-#if (FREERDP_VERSION_MAJOR == 1 && FREERDP_VERSION_MINOR >= 2 && FREERDP_VERSION_REVISION >= 1) || (FREERDP_VERSION_MAJOR == 2) + settings->UseRdpSecurityLayer = FALSE; +-#else +- settings->DisableEncryption = FALSE; +-#endif + + /* Set display size */ +-#if HAVE_FREERDP_1_1 + settings->DesktopWidth = width; + settings->DesktopHeight = height; +-#else +- settings->width = width; +- settings->height = height; +-#endif + + /* Set hostname */ +-#if HAVE_FREERDP_1_1 + settings->WindowTitle = g_strdup (hostname); + settings->ServerHostname = g_strdup (hostname); + settings->ServerPort = port; +-#else +- settings->window_title = g_strdup (hostname); +- settings->hostname = g_strdup (hostname); +- settings->port = port; +-#endif + + /* Set keyboard layout */ +-#if HAVE_FREERDP_1_1 + freerdp_keyboard_init (KBD_US); +-#else +- freerdp_kbd_init (GDK_DISPLAY_XDISPLAY (gdk_display_get_default ()), KBD_US); +-#endif + + /* Allow font smoothing by default */ + settings->AllowFontSmoothing = TRUE; +-- +2.18.1 + diff --git a/gnu/packages/patches/vinagre-newer-rdp-parameters.patch b/gnu/packages/patches/vinagre-newer-rdp-parameters.patch new file mode 100644 index 0000000000..99bcee5a98 --- /dev/null +++ b/gnu/packages/patches/vinagre-newer-rdp-parameters.patch @@ -0,0 +1,212 @@ +https://gitlab.gnome.org/GNOME/vinagre/merge_requests/4.patch + +From 141f9383129795da267a8111897fb3a0a324b080 Mon Sep 17 00:00:00 2001 +From: Ondrej Holy <oholy@redhat.com> +Date: Thu, 22 Nov 2018 17:22:35 +0100 +Subject: [PATCH 2/2] Handle new RDP certificate parameters + +The freerdp2 certificate callbacks contains more parameters, let's +present some of them to user also. +--- + data/vinagre.ui | 80 ++++++++++++++++++++++++++++++----- + plugins/rdp/vinagre-rdp-tab.c | 26 +++++------- + 2 files changed, 80 insertions(+), 26 deletions(-) + +diff --git a/data/vinagre.ui b/data/vinagre.ui +index 3135336..d7ce258 100644 +--- a/data/vinagre.ui ++++ b/data/vinagre.ui +@@ -885,7 +885,7 @@ Do you trust the new certificate?</property> + <property name="vexpand">True</property> + <property name="xalign">0</property> + <property name="xpad">12</property> +- <property name="label" translatable="yes" comments="Subject of the certificate.">Subject:</property> ++ <property name="label" translatable="yes" comments="Subject of the certificate.">New subject:</property> + </object> + <packing> + <property name="left_attach">0</property> +@@ -901,7 +901,7 @@ Do you trust the new certificate?</property> + <property name="vexpand">True</property> + <property name="xalign">0</property> + <property name="xpad">12</property> +- <property name="label" translatable="yes" comments="Issuer of the certificate.">Issuer:</property> ++ <property name="label" translatable="yes" comments="Issuer of the certificate.">New issuer:</property> + </object> + <packing> + <property name="left_attach">0</property> +@@ -927,7 +927,55 @@ Do you trust the new certificate?</property> + </packing> + </child> + <child> +- <object class="GtkLabel" id="certificate_changed_subject"> ++ <object class="GtkLabel"> ++ <property name="visible">True</property> ++ <property name="can_focus">False</property> ++ <property name="vexpand">True</property> ++ <property name="xalign">0</property> ++ <property name="xpad">12</property> ++ <property name="label" translatable="yes" comments="Subject of the old certificate.">Old subject:</property> ++ </object> ++ <packing> ++ <property name="left_attach">0</property> ++ <property name="top_attach">3</property> ++ <property name="width">1</property> ++ <property name="height">1</property> ++ </packing> ++ </child> ++ <child> ++ <object class="GtkLabel"> ++ <property name="visible">True</property> ++ <property name="can_focus">False</property> ++ <property name="vexpand">True</property> ++ <property name="xalign">0</property> ++ <property name="xpad">12</property> ++ <property name="label" translatable="yes" comments="Issuer of the old certificate.">Old issuer:</property> ++ </object> ++ <packing> ++ <property name="left_attach">0</property> ++ <property name="top_attach">4</property> ++ <property name="width">1</property> ++ <property name="height">1</property> ++ </packing> ++ </child> ++ <child> ++ <object class="GtkLabel"> ++ <property name="visible">True</property> ++ <property name="can_focus">False</property> ++ <property name="vexpand">True</property> ++ <property name="xalign">0</property> ++ <property name="xpad">12</property> ++ <property name="label" translatable="yes" comments="Fingerprint of the old certificate.">Old fingerprint:</property> ++ </object> ++ <packing> ++ <property name="left_attach">0</property> ++ <property name="top_attach">5</property> ++ <property name="width">1</property> ++ <property name="height">1</property> ++ </packing> ++ </child> ++ <child> ++ <object class="GtkLabel" id="certificate_changed_new_subject"> + <property name="visible">True</property> + <property name="can_focus">False</property> + <property name="hexpand">True</property> +@@ -942,7 +990,7 @@ Do you trust the new certificate?</property> + </packing> + </child> + <child> +- <object class="GtkLabel" id="certificate_changed_issuer"> ++ <object class="GtkLabel" id="certificate_changed_new_issuer"> + <property name="visible">True</property> + <property name="can_focus">False</property> + <property name="hexpand">True</property> +@@ -972,21 +1020,33 @@ Do you trust the new certificate?</property> + </packing> + </child> + <child> +- <object class="GtkLabel" id="certificate_changed_old_fingerprint_label"> ++ <object class="GtkLabel" id="certificate_changed_old_subject"> + <property name="visible">True</property> + <property name="can_focus">False</property> +- <property name="vexpand">True</property> ++ <property name="hexpand">True</property> + <property name="xalign">0</property> +- <property name="xpad">12</property> +- <property name="label" translatable="yes" comments="Fingerprint of the old certificate.">Old fingerprint:</property> + </object> + <packing> +- <property name="left_attach">0</property> ++ <property name="left_attach">1</property> + <property name="top_attach">3</property> + <property name="width">1</property> + <property name="height">1</property> + </packing> + </child> ++ <child> ++ <object class="GtkLabel" id="certificate_changed_old_issuer"> ++ <property name="visible">True</property> ++ <property name="can_focus">False</property> ++ <property name="hexpand">True</property> ++ <property name="xalign">0</property> ++ </object> ++ <packing> ++ <property name="left_attach">1</property> ++ <property name="top_attach">4</property> ++ <property name="width">1</property> ++ <property name="height">1</property> ++ </packing> ++ </child> + <child> + <object class="GtkLabel" id="certificate_changed_old_fingerprint"> + <property name="visible">True</property> +@@ -997,7 +1057,7 @@ Do you trust the new certificate?</property> + </object> + <packing> + <property name="left_attach">1</property> +- <property name="top_attach">3</property> ++ <property name="top_attach">5</property> + <property name="width">1</property> + <property name="height">1</property> + </packing> +diff --git a/plugins/rdp/vinagre-rdp-tab.c b/plugins/rdp/vinagre-rdp-tab.c +index 28e3eb6..30a8698 100644 +--- a/plugins/rdp/vinagre-rdp-tab.c ++++ b/plugins/rdp/vinagre-rdp-tab.c +@@ -917,6 +917,7 @@ frdp_certificate_verify (freerdp *instance, + widget = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_fingerprint")); + gtk_label_set_text (GTK_LABEL (widget), fingerprint); + ++ /* FIXME: Warn user in case of host_mismatch. */ + + response = gtk_dialog_run (GTK_DIALOG (dialog)); + gtk_widget_hide (dialog); +@@ -939,7 +940,6 @@ frdp_changed_certificate_verify (freerdp *instance, + GtkBuilder *builder; + GtkWidget *dialog; + GtkWidget *widget; +- GtkWidget *label; + gint response; + + builder = vinagre_utils_get_builder (); +@@ -950,29 +950,23 @@ frdp_changed_certificate_verify (freerdp *instance, + _("Connect"), GTK_RESPONSE_YES, NULL); + gtk_dialog_set_default_response (GTK_DIALOG (dialog), GTK_RESPONSE_YES); + +- widget = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_changed_subject")); ++ widget = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_changed_new_subject")); + gtk_label_set_text (GTK_LABEL (widget), subject); + +- widget = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_changed_issuer")); ++ widget = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_changed_new_issuer")); + gtk_label_set_text (GTK_LABEL (widget), issuer); + + widget = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_changed_new_fingerprint")); + gtk_label_set_text (GTK_LABEL (widget), new_fingerprint); + +- widget = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_changed_old_fingerprint")); +- label = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_changed_old_fingerprint_label")); +- if (old_fingerprint != NULL && old_fingerprint[0] != '\0') +- { +- gtk_label_set_text (GTK_LABEL (widget), old_fingerprint); +- gtk_widget_show (widget); +- gtk_widget_show (label); +- } +- else +- { +- gtk_widget_hide (widget); +- gtk_widget_hide (label); +- } ++ widget = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_changed_old_subject")); ++ gtk_label_set_text (GTK_LABEL (widget), old_subject); + ++ widget = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_changed_old_issuer")); ++ gtk_label_set_text (GTK_LABEL (widget), old_issuer); ++ ++ widget = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_changed_old_fingerprint")); ++ gtk_label_set_text (GTK_LABEL (widget), old_fingerprint); + + response = gtk_dialog_run (GTK_DIALOG (dialog)); + gtk_widget_hide (dialog); +-- +2.18.1 + diff --git a/gnu/packages/patches/vinagre-revert-1.patch b/gnu/packages/patches/vinagre-revert-1.patch deleted file mode 100644 index 5a983770b7..0000000000 --- a/gnu/packages/patches/vinagre-revert-1.patch +++ /dev/null @@ -1,56 +0,0 @@ -Patch taken from Debian: revert changes that prevent building against freerdp -version 1.1 branch. - -From 8ebc0685b85e0d1f70eb00171f2e7712de3d44bd Mon Sep 17 00:00:00 2001 -From: Michael Biebl <biebl@debian.org> -Date: Thu, 22 Sep 2016 01:15:55 +0200 -Subject: [PATCH 1/2] Revert "Improve FreeRDP authentication failure handling" - -This reverts commit d7b4f88943e8615d252d27e1efc58cb64a9e1821. ---- - plugins/rdp/vinagre-rdp-tab.c | 10 ++++++---- - 1 file changed, 6 insertions(+), 4 deletions(-) - -diff --git a/plugins/rdp/vinagre-rdp-tab.c b/plugins/rdp/vinagre-rdp-tab.c -index b731f9b..8572bc3 100644 ---- a/plugins/rdp/vinagre-rdp-tab.c -+++ b/plugins/rdp/vinagre-rdp-tab.c -@@ -1195,8 +1195,8 @@ open_freerdp (VinagreRdpTab *rdp_tab) - VinagreTab *tab = VINAGRE_TAB (rdp_tab); - GtkWindow *window = GTK_WINDOW (vinagre_tab_get_window (tab)); - gboolean success = TRUE; -+ gboolean authentication_error = FALSE; - gboolean cancelled = FALSE; -- guint authentication_errors = 0; - - priv->events = g_queue_new (); - -@@ -1205,12 +1205,14 @@ open_freerdp (VinagreRdpTab *rdp_tab) - - do - { -+ authentication_error = FALSE; -+ - /* Run FreeRDP session */ - success = freerdp_connect (priv->freerdp_session); - if (!success) - { -- authentication_errors += freerdp_get_last_error (priv->freerdp_session->context) == 0x20009 || -- freerdp_get_last_error (priv->freerdp_session->context) == 0x2000c; -+ authentication_error = freerdp_get_last_error (priv->freerdp_session->context) == 0x20009 || -+ freerdp_get_last_error (priv->freerdp_session->context) == 0x2000c; - - cancelled = freerdp_get_last_error (priv->freerdp_session->context) == 0x2000b; - -@@ -1218,7 +1220,7 @@ open_freerdp (VinagreRdpTab *rdp_tab) - init_freerdp (rdp_tab); - } - } -- while (!success && authentication_errors < 3); -+ while (!success && authentication_error); - - if (!success) - { --- -2.9.3 - diff --git a/gnu/packages/patches/vinagre-revert-2.patch b/gnu/packages/patches/vinagre-revert-2.patch deleted file mode 100644 index 686ee203e4..0000000000 --- a/gnu/packages/patches/vinagre-revert-2.patch +++ /dev/null @@ -1,448 +0,0 @@ -Patch taken from Debian: revert changes that prevent building against freerdp -version 1.1 branch. - -From bb1828b6b7eb29bb037bcc687cf10f916ddc7561 Mon Sep 17 00:00:00 2001 -From: Michael Biebl <biebl@debian.org> -Date: Thu, 22 Sep 2016 01:18:16 +0200 -Subject: [PATCH 2/2] Revert "Store credentials for RDP" - -This reverts commit 60dea279a24c7f0e398b89a0a60d45e80087ed1d. ---- - plugins/rdp/vinagre-rdp-connection.c | 22 +--- - plugins/rdp/vinagre-rdp-plugin.c | 29 +---- - plugins/rdp/vinagre-rdp-tab.c | 231 +++++++++++++++++------------------ - 3 files changed, 123 insertions(+), 159 deletions(-) - -diff --git a/plugins/rdp/vinagre-rdp-connection.c b/plugins/rdp/vinagre-rdp-connection.c -index f0ff02b..c5f6ed1 100644 ---- a/plugins/rdp/vinagre-rdp-connection.c -+++ b/plugins/rdp/vinagre-rdp-connection.c -@@ -127,25 +127,9 @@ rdp_parse_item (VinagreConnection *conn, xmlNode *root) - static void - rdp_parse_options_widget (VinagreConnection *conn, GtkWidget *widget) - { -- const gchar *text; -- GtkWidget *u_entry, *d_entry, *spin_button, *scaling_button; -- gboolean scaling; -- guint width, height; -- -- d_entry = g_object_get_data (G_OBJECT (widget), "domain_entry"); -- if (!d_entry) -- { -- g_warning ("Wrong widget passed to rdp_parse_options_widget()"); -- return; -- } -- -- text = gtk_entry_get_text (GTK_ENTRY (d_entry)); -- vinagre_cache_prefs_set_string ("rdp-connection", "domain", text); -- -- g_object_set (conn, -- "domain", text != NULL && *text != '\0' ? text : NULL, -- NULL); -- -+ GtkWidget *u_entry, *spin_button, *scaling_button; -+ gboolean scaling; -+ guint width, height; - - u_entry = g_object_get_data (G_OBJECT (widget), "username_entry"); - if (!u_entry) -diff --git a/plugins/rdp/vinagre-rdp-plugin.c b/plugins/rdp/vinagre-rdp-plugin.c -index 4751102..f41da37 100644 ---- a/plugins/rdp/vinagre-rdp-plugin.c -+++ b/plugins/rdp/vinagre-rdp-plugin.c -@@ -100,7 +100,7 @@ vinagre_rdp_plugin_init (VinagreRdpPlugin *plugin) - static GtkWidget * - impl_get_connect_widget (VinagreProtocol *plugin, VinagreConnection *conn) - { -- GtkWidget *grid, *label, *u_entry, *d_entry, *spin_button, *check; -+ GtkWidget *grid, *label, *u_entry, *spin_button, *check; - gchar *str; - gint width, height; - -@@ -146,29 +146,10 @@ impl_get_connect_widget (VinagreProtocol *plugin, VinagreConnection *conn) - g_free (str); - - -- label = gtk_label_new_with_mnemonic (_("_Domain:")); -- gtk_misc_set_alignment (GTK_MISC (label), 0.0, 0.5); -- gtk_grid_attach (GTK_GRID (grid), label, 0, 3, 1, 1); -- gtk_widget_set_margin_left (label, 12); -- -- d_entry = gtk_entry_new (); -- /* Translators: This is the tooltip for the domain field in a RDP connection */ -- gtk_widget_set_tooltip_text (d_entry, _("Optional.")); -- g_object_set_data (G_OBJECT (grid), "domain_entry", d_entry); -- gtk_grid_attach (GTK_GRID (grid), d_entry, 1, 3, 1, 1); -- gtk_label_set_mnemonic_widget (GTK_LABEL (label), d_entry); -- str = g_strdup (VINAGRE_IS_CONNECTION (conn) ? -- vinagre_connection_get_domain (conn) : -- vinagre_cache_prefs_get_string ("rdp-connection", "domain", "")); -- gtk_entry_set_text (GTK_ENTRY (d_entry), str); -- gtk_entry_set_activates_default (GTK_ENTRY (d_entry), TRUE); -- g_free (str); -- -- - /* Host width */ - label = gtk_label_new_with_mnemonic (_("_Width:")); - gtk_misc_set_alignment (GTK_MISC (label), 0.0, 0.5); -- gtk_grid_attach (GTK_GRID (grid), label, 0, 4, 1, 1); -+ gtk_grid_attach (GTK_GRID (grid), label, 0, 3, 1, 1); - gtk_widget_set_margin_left (label, 12); - - spin_button = gtk_spin_button_new_with_range (MIN_SIZE, MAX_SIZE, 1); -@@ -176,7 +157,7 @@ impl_get_connect_widget (VinagreProtocol *plugin, VinagreConnection *conn) - gtk_widget_set_tooltip_text (spin_button, _("Set width of the remote desktop")); - gtk_spin_button_set_value (GTK_SPIN_BUTTON (spin_button), DEFAULT_WIDTH); - g_object_set_data (G_OBJECT (grid), "width_spin_button", spin_button); -- gtk_grid_attach (GTK_GRID (grid), spin_button, 1, 4, 1, 1); -+ gtk_grid_attach (GTK_GRID (grid), spin_button, 1, 3, 1, 1); - gtk_label_set_mnemonic_widget (GTK_LABEL (label), spin_button); - width = VINAGRE_IS_CONNECTION (conn) ? - vinagre_connection_get_width (conn) : -@@ -188,7 +169,7 @@ impl_get_connect_widget (VinagreProtocol *plugin, VinagreConnection *conn) - /* Host height */ - label = gtk_label_new_with_mnemonic (_("_Height:")); - gtk_misc_set_alignment (GTK_MISC (label), 0.0, 0.5); -- gtk_grid_attach (GTK_GRID (grid), label, 0, 5, 1, 1); -+ gtk_grid_attach (GTK_GRID (grid), label, 0, 4, 1, 1); - gtk_widget_set_margin_left (label, 12); - - spin_button = gtk_spin_button_new_with_range (MIN_SIZE, MAX_SIZE, 1); -@@ -196,7 +177,7 @@ impl_get_connect_widget (VinagreProtocol *plugin, VinagreConnection *conn) - gtk_widget_set_tooltip_text (spin_button, _("Set height of the remote desktop")); - gtk_spin_button_set_value (GTK_SPIN_BUTTON (spin_button), DEFAULT_HEIGHT); - g_object_set_data (G_OBJECT (grid), "height_spin_button", spin_button); -- gtk_grid_attach (GTK_GRID (grid), spin_button, 1, 5, 1, 1); -+ gtk_grid_attach (GTK_GRID (grid), spin_button, 1, 4, 1, 1); - gtk_label_set_mnemonic_widget (GTK_LABEL (label), spin_button); - height = VINAGRE_IS_CONNECTION (conn) ? - vinagre_connection_get_height (conn) : -diff --git a/plugins/rdp/vinagre-rdp-tab.c b/plugins/rdp/vinagre-rdp-tab.c -index 8572bc3..f3d9c08 100644 ---- a/plugins/rdp/vinagre-rdp-tab.c -+++ b/plugins/rdp/vinagre-rdp-tab.c -@@ -70,8 +70,6 @@ struct _VinagreRdpTabPrivate - gboolean scaling; - double scale; - double offset_x, offset_y; -- -- guint authentication_attempts; - }; - - G_DEFINE_TYPE (VinagreRdpTab, vinagre_rdp_tab, VINAGRE_TYPE_TAB) -@@ -611,7 +609,6 @@ frdp_post_connect (freerdp *instance) - 0, 0, - gdi->width, gdi->height); - -- vinagre_tab_save_credentials_in_keyring (VINAGRE_TAB (rdp_tab)); - vinagre_tab_add_recent_used (VINAGRE_TAB (rdp_tab)); - vinagre_tab_set_state (VINAGRE_TAB (rdp_tab), VINAGRE_TAB_STATE_CONNECTED); - -@@ -862,76 +859,114 @@ frdp_mouse_moved (GtkWidget *widget, - return TRUE; - } - -+static void -+entry_text_changed_cb (GtkEntry *entry, -+ GtkBuilder *builder) -+{ -+ const gchar *text; -+ GtkWidget *widget; -+ gsize username_length; -+ gsize password_length; -+ -+ widget = GTK_WIDGET (gtk_builder_get_object (builder, "username_entry")); -+ text = gtk_entry_get_text (GTK_ENTRY (widget)); -+ username_length = strlen (text); -+ -+ widget = GTK_WIDGET (gtk_builder_get_object (builder, "password_entry")); -+ text = gtk_entry_get_text (GTK_ENTRY (widget)); -+ password_length = strlen (text); -+ -+ widget = GTK_WIDGET (gtk_builder_get_object (builder, "ok_button")); -+ gtk_widget_set_sensitive (widget, password_length > 0 && username_length > 0); -+} -+ - static gboolean - frdp_authenticate (freerdp *instance, - char **username, - char **password, - char **domain) - { -- VinagreTab *tab = VINAGRE_TAB (((frdpContext *) instance->context)->rdp_tab); -- VinagreRdpTab *rdp_tab = VINAGRE_RDP_TAB (tab); -- VinagreRdpTabPrivate *priv = rdp_tab->priv; -- VinagreConnection *conn = vinagre_tab_get_conn (tab); -- GtkWindow *window = GTK_WINDOW (vinagre_tab_get_window (tab)); -- gboolean save_in_keyring = FALSE; -- gchar *keyring_domain = NULL; -- gchar *keyring_username = NULL; -- gchar *keyring_password = NULL; -+ VinagreTab *tab = VINAGRE_TAB (((frdpContext *) instance->context)->rdp_tab); -+ VinagreConnection *conn = vinagre_tab_get_conn (tab); -+ const gchar *user_name; -+ const gchar *domain_name; -+ GtkBuilder *builder; -+ GtkWidget *dialog; -+ GtkWidget *widget; -+ GtkWidget *username_entry; -+ GtkWidget *password_entry; -+ GtkWidget *domain_entry; -+ gboolean save_credential_check_visible; -+ gboolean domain_label_visible; -+ gboolean domain_entry_visible; -+ gint response; - -- priv->authentication_attempts++; -+ builder = vinagre_utils_get_builder (); - -- if (priv->authentication_attempts == 1) -- { -- vinagre_tab_find_credentials_in_keyring (tab, &keyring_domain, &keyring_username, &keyring_password); -- if (keyring_password != NULL && keyring_username != NULL) -- { -- *domain = keyring_domain; -- *username = keyring_username; -- *password = keyring_password; -+ dialog = GTK_WIDGET (gtk_builder_get_object (builder, "auth_required_dialog")); -+ gtk_window_set_modal ((GtkWindow *) dialog, TRUE); -+ gtk_window_set_transient_for ((GtkWindow *) dialog, GTK_WINDOW (vinagre_tab_get_window (tab))); - -- return TRUE; -- } -- else -- { -- g_free (keyring_domain); -- g_free (keyring_username); -- g_free (keyring_password); -- } -+ widget = GTK_WIDGET (gtk_builder_get_object (builder, "host_label")); -+ gtk_label_set_text (GTK_LABEL (widget), vinagre_connection_get_host (conn)); -+ -+ username_entry = GTK_WIDGET (gtk_builder_get_object (builder, "username_entry")); -+ password_entry = GTK_WIDGET (gtk_builder_get_object (builder, "password_entry")); -+ domain_entry = GTK_WIDGET (gtk_builder_get_object (builder, "domain_entry")); -+ -+ if (*username != NULL && *username[0] != '\0') -+ { -+ gtk_entry_set_text (GTK_ENTRY (username_entry), *username); -+ gtk_widget_grab_focus (password_entry); - } - -- if (vinagre_utils_request_credential (window, -- "RDP", -- vinagre_connection_get_host (conn), -- vinagre_connection_get_domain (conn), -- vinagre_connection_get_username (conn), -- TRUE, -- TRUE, -- TRUE, -- 20, -- domain, -- username, -- password, -- &save_in_keyring)) -+ g_signal_connect (username_entry, "changed", G_CALLBACK (entry_text_changed_cb), builder); -+ g_signal_connect (password_entry, "changed", G_CALLBACK (entry_text_changed_cb), builder); -+ -+ -+ widget = GTK_WIDGET (gtk_builder_get_object (builder, "save_credential_check")); -+ save_credential_check_visible = gtk_widget_get_visible (widget); -+ gtk_widget_set_visible (widget, FALSE); -+ -+ widget = GTK_WIDGET (gtk_builder_get_object (builder, "domain_label")); -+ domain_label_visible = gtk_widget_get_visible (widget); -+ gtk_widget_set_visible (widget, TRUE); -+ -+ domain_entry_visible = gtk_widget_get_visible (domain_entry); -+ gtk_widget_set_visible (domain_entry, TRUE); -+ -+ -+ response = gtk_dialog_run (GTK_DIALOG (dialog)); -+ gtk_widget_hide (dialog); -+ -+ -+ widget = GTK_WIDGET (gtk_builder_get_object (builder, "save_credential_check")); -+ gtk_widget_set_visible (widget, save_credential_check_visible); -+ -+ widget = GTK_WIDGET (gtk_builder_get_object (builder, "domain_label")); -+ gtk_widget_set_visible (widget, domain_label_visible); -+ -+ gtk_widget_set_visible (domain_entry, domain_entry_visible); -+ -+ -+ if (response == GTK_RESPONSE_OK) - { -- if (*domain && **domain != '\0') -- vinagre_connection_set_domain (conn, *domain); -+ domain_name = gtk_entry_get_text (GTK_ENTRY (domain_entry)); -+ if (g_strcmp0 (*domain, domain_name) != 0) -+ *domain = g_strdup (domain_name); - -- if (*username && **username != '\0') -- vinagre_connection_set_username (conn, *username); -+ user_name = gtk_entry_get_text (GTK_ENTRY (username_entry)); -+ if (g_strcmp0 (*username, user_name) != 0) -+ *username = g_strdup (user_name); - -- if (*password && **password != '\0') -- vinagre_connection_set_password (conn, *password); -+ *password = g_strdup (gtk_entry_get_text (GTK_ENTRY (password_entry))); - -- vinagre_tab_set_save_credentials (tab, save_in_keyring); -+ return TRUE; - } - else - { -- vinagre_tab_remove_from_notebook (tab); -- - return FALSE; - } -- -- return TRUE; - } - - static BOOL -@@ -1028,25 +1063,30 @@ frdp_changed_certificate_verify (freerdp *instance, - #endif - - static void --init_freerdp (VinagreRdpTab *rdp_tab) -+open_freerdp (VinagreRdpTab *rdp_tab) - { - VinagreRdpTabPrivate *priv = rdp_tab->priv; -- rdpSettings *settings; - VinagreTab *tab = VINAGRE_TAB (rdp_tab); - VinagreConnection *conn = vinagre_tab_get_conn (tab); -- gboolean scaling; -- gchar *hostname; -- gint width, height; -- gint port; -+ rdpSettings *settings; -+ GtkWindow *window = GTK_WINDOW (vinagre_tab_get_window (tab)); -+ gboolean success = TRUE; -+ gboolean fullscreen, scaling; -+ gchar *hostname, *username; -+ gint port, width, height; - - g_object_get (conn, - "port", &port, - "host", &hostname, - "width", &width, - "height", &height, -+ "fullscreen", &fullscreen, - "scaling", &scaling, -+ "username", &username, - NULL); - -+ priv->events = g_queue_new (); -+ - /* Setup FreeRDP session */ - priv->freerdp_session = freerdp_new (); - priv->freerdp_session->PreConnect = frdp_pre_connect; -@@ -1111,6 +1151,17 @@ init_freerdp (VinagreRdpTab *rdp_tab) - settings->port = port; - #endif - -+ /* Set username */ -+ username = g_strstrip (username); -+ if (username != NULL && username[0] != '\0') -+ { -+#if HAVE_FREERDP_1_1 -+ settings->Username = g_strdup (username); -+#else -+ settings->username = g_strdup (username); -+#endif -+ } -+ - /* Set keyboard layout */ - #if HAVE_FREERDP_1_1 - freerdp_keyboard_init (KBD_US); -@@ -1120,24 +1171,6 @@ init_freerdp (VinagreRdpTab *rdp_tab) - - /* Allow font smoothing by default */ - settings->AllowFontSmoothing = TRUE; --} -- --static void --init_display (VinagreRdpTab *rdp_tab) --{ -- VinagreRdpTabPrivate *priv = rdp_tab->priv; -- VinagreTab *tab = VINAGRE_TAB (rdp_tab); -- VinagreConnection *conn = vinagre_tab_get_conn (tab); -- GtkWindow *window = GTK_WINDOW (vinagre_tab_get_window (tab)); -- gboolean fullscreen, scaling; -- gint width, height; -- -- g_object_get (conn, -- "width", &width, -- "height", &height, -- "fullscreen", &fullscreen, -- "scaling", &scaling, -- NULL); - - /* Setup display for FreeRDP session */ - priv->display = gtk_drawing_area_new (); -@@ -1186,54 +1219,20 @@ init_display (VinagreRdpTab *rdp_tab) - priv->key_release_handler_id = g_signal_connect (GTK_WIDGET (tab), "key-release-event", - G_CALLBACK (frdp_key_pressed), - rdp_tab); --} -- --static void --open_freerdp (VinagreRdpTab *rdp_tab) --{ -- VinagreRdpTabPrivate *priv = rdp_tab->priv; -- VinagreTab *tab = VINAGRE_TAB (rdp_tab); -- GtkWindow *window = GTK_WINDOW (vinagre_tab_get_window (tab)); -- gboolean success = TRUE; -- gboolean authentication_error = FALSE; -- gboolean cancelled = FALSE; -- -- priv->events = g_queue_new (); -- -- init_freerdp (rdp_tab); -- init_display (rdp_tab); -- -- do -- { -- authentication_error = FALSE; - -- /* Run FreeRDP session */ -- success = freerdp_connect (priv->freerdp_session); -- if (!success) -- { -- authentication_error = freerdp_get_last_error (priv->freerdp_session->context) == 0x20009 || -- freerdp_get_last_error (priv->freerdp_session->context) == 0x2000c; -- -- cancelled = freerdp_get_last_error (priv->freerdp_session->context) == 0x2000b; -- -- freerdp_free (priv->freerdp_session); -- init_freerdp (rdp_tab); -- } -- } -- while (!success && authentication_error); -+ /* Run FreeRDP session */ -+ success = freerdp_connect (priv->freerdp_session); - - if (!success) - { - gtk_window_unfullscreen (window); -- if (!cancelled) -- vinagre_utils_show_error_dialog (_("Error connecting to host."), -- NULL, -- window); -+ vinagre_utils_show_error_dialog (_("Error connecting to host."), -+ NULL, -+ window); - g_idle_add ((GSourceFunc) idle_close, rdp_tab); - } - else - { -- priv->authentication_attempts = 0; - priv->update_id = g_idle_add ((GSourceFunc) update, rdp_tab); - } - } --- -2.9.3 - |