gentoo resync 31.01.2019

author: V3n3RiX <venerix@redcorelinux.org> 2019-01-31 16:00:27 +0000
committer: V3n3RiX <venerix@redcorelinux.org> 2019-01-31 16:00:27 +0000
commit: 1db00cc6e94b90c08090bb5b8c406622946c4ae5 (patch)
tree: c34bf820c2809fb7e08ed5564df2a25cf759516f /net-misc/ssvnc
parent: 693cc9b6e847a01c1bb692153021aaf9fb0fab25 (diff)
3 files changed, 216 insertions, 11 deletions
diff --git a/net-misc/ssvnc/Manifest b/net-misc/ssvnc/Manifest
index ab240e75c491..39b5d82e5b35 100644
--- a/net-misc/ssvnc/Manifest
+++ b/net-misc/ssvnc/Manifest
@@ -1,6 +1,7 @@
 AUX Makefile.libvncauth 140 BLAKE2B 84b119a944ffe6b126fd697d28f96f805a7c7b11311b4b93796694a98bf0f8e54d9e0b9822d675e2446be6082df9db7dc64c75c90dd87a452daf40daa5810ff4 SHA512 7d3a8833afc2169ab6440763680b24550fc16a0c60371e8b9ceb8eca48217638cc5e0beb9bff5d6c65fb81fe0bad77b6eb7b71c81195fa70b8879e45967852be
 AUX Makefile.vncviewer 273 BLAKE2B 2c57e85006e4f2ee8cd81d074deae19aea3ee3fe7c8f8a5f3c4273d17788214c97c40c2b18901fb7748386583a42f343098923d8e17959d089d104feb9bf7af3 SHA512 21104188080d7a3dab83140e7a32ebb8129cbc7af1759d7537802df9943f63af1d6e01df57cc816b96b7a91886607ccfcf86f35ebabb05537dad16a850f8c22d
 AUX ssvnc-1.0.29-build.patch 1087 BLAKE2B 9c568b53d1aee0875e65cbb919fcc0f7a986fe70d81028ed28bbb881ebbba91644cddae92bbc52d3c291d85cb07390b9f38bbb419b6b4e277e6a48850ea3421d SHA512 f0dbbf55f3c37aba66b8b26160e7447c413986bcf9676fcf744c1d53a63c3776a3c25f90a1ad5819f21ff3967151d5c7c44abb15b78898840bc45cb9c2ef5157
+AUX ssvnc-1.0.29-openssl1.1.patch 6990 BLAKE2B c64425b5872cabfcde55b66ac433e734b53724ea0a002b081a7112a24167908fd1c4857c237a2d06fdf80be063450fd9d468dff28df295dcd20411509ad430bd SHA512 460b1f89e571acd61a411ba0653fd8cfa342d8004dbb44b57a1a887cd0abe72804cc9f87c8d9647004b01ba25ce0e5e83eab211f4222a06c8bf583791a97d377
 DIST ssvnc-1.0.29.src.tar.gz 552796 BLAKE2B 3bee980ef85c1a2769933ca0fec7ed7c76b4cbe107d3e0c81ee04fb6a5f4219cd625e948ed4a398b1db4b322498573c63e69f4d88612281b8cace239d1b65f5e SHA512 ea94f8114ee7e44d788ae698dd85ee8633f0dc8e9b86e17062c733e70b4f7c7c45bf68d0ea8d3e6156395777a41e3fbf63cc9425f45db6f6fda940ae2abcd092
-EBUILD ssvnc-1.0.29-r2.ebuild 1347 BLAKE2B aa53dd49376ebefae26d6995ee6afb70e28d518c5b18c35f3fc2f2d2a381daca29823aa55d86780afe63b174cd28e99a4ff6907bbc33d8771c86ea11d7875aff SHA512 abed242fef361462b5e0d7af76dd9a380568a40a95dc8ba787a68698bac8ade05fb8828cd837b84a373e4a95e2d8542d087aa7a6fa1f897dce9c4af6f0561aec
+EBUILD ssvnc-1.0.29-r2.ebuild 1381 BLAKE2B 100c6712a2715ffa40ca6a32dc3a6c2ad4c4ecd265f08bbd513f56fec8bbecdc961d0ebdab8623c11053ef642119f60b3f3964d9f54152bf685fa0997333b4f9 SHA512 0123a82de54b93ed72a98adf67e4e248f47e9539d2e2be131f10c6b31e697c1bfd740e3a55ced7953573f7b969832a1fbba8d3a31a455a93a65d373ce13114d5
 MISC metadata.xml 242 BLAKE2B fccb5f5d9a500d3cb05aaee9df21a0ec0421e398c36915139fe871493632c7df070d222a5bc7d06b4451518baab1d0cbeb61ee2c8e909eb796d087ef7b627676 SHA512 ddf123246fb00abd46363ba180b90241b23577c60d7c001c2cbca9c3968dd240e98d8af00f63f3170fc7df9f824e7fd7957b3aafc780530a2c2fefbfd7e5faad
diff --git a/net-misc/ssvnc/files/ssvnc-1.0.29-openssl1.1.patch b/net-misc/ssvnc/files/ssvnc-1.0.29-openssl1.1.patch
new file mode 100644
index 000000000000..0ee278f9eea3
--- /dev/null
+++ b/net-misc/ssvnc/files/ssvnc-1.0.29-openssl1.1.patch
@@ -0,0 +1,199 @@
+--- a/vncstorepw/ultravnc_dsm_helper.c
++++ b/vncstorepw/ultravnc_dsm_helper.c
+@@ -414,7 +414,9 @@ void enc_do(char *ciph, char *keyfile, c
+ 		if (strstr(p, "md5+") == p) {
+ 			Digest = EVP_md5();        p += strlen("md5+");
+ 		} else if (strstr(p, "sha+") == p) {
+-			Digest = EVP_sha();        p += strlen("sha+");
++			fprintf(stderr, "%s: obsolete hash algorithm: SHA-0\n",
++			    prog, s);
++			exit(1);
+ 		} else if (strstr(p, "sha1+") == p) {
+ 			Digest = EVP_sha1();       p += strlen("sha1+");
+ 		} else if (strstr(p, "ripe+") == p) {
+@@ -655,8 +657,10 @@ static void enc_xfer(int sock_fr, int so
+ 	 */
+ 	unsigned char E_keystr[EVP_MAX_KEY_LENGTH];
+ 	unsigned char D_keystr[EVP_MAX_KEY_LENGTH];
+-	EVP_CIPHER_CTX E_ctx, D_ctx;
+-	EVP_CIPHER_CTX *ctx = NULL;
++	//openssl1.1.patch - Do NOT create two context and only use one
++	// - that's silly.
++	//EVP_CIPHER_CTX *E_ctx, *D_ctx;
++	EVP_CIPHER_CTX *ctx;
+ 
+ 	unsigned char buf[BSIZE], out[BSIZE];
+ 	unsigned char *psrc = NULL, *keystr;
+@@ -698,11 +702,14 @@ static void enc_xfer(int sock_fr, int so
+ 	encsym = encrypt ? "+" : "-";
+ 
+ 	/* use the encryption/decryption context variables below */
++	ctx = EVP_CIPHER_CTX_new();
++	if (!ctx) {
++	    fprintf(stderr, "Failed to create encryption/decryption context.\n");
++	    goto finished;
++	}
+ 	if (encrypt) {
+-		ctx = &E_ctx;
+ 		keystr = E_keystr;
+ 	} else {
+-		ctx = &D_ctx;
+ 		keystr = D_keystr;
+ 	}
+ 
+@@ -797,7 +804,6 @@ static void enc_xfer(int sock_fr, int so
+ 		if (whoops) {
+ 			fprintf(stderr, "%s: %s - WARNING: MSRC4 mode and IGNORING random salt\n", prog, encstr);
+ 			fprintf(stderr, "%s: %s - WARNING: and initialization vector!!\n", prog, encstr);
+-			EVP_CIPHER_CTX_init(ctx);
+ 			if (pw_in) {
+ 			    /* for pw=xxxx a md5 hash is used */
+ 			    EVP_BytesToKey(Cipher, Digest, NULL, (unsigned char *) keydata,
+@@ -816,7 +822,6 @@ static void enc_xfer(int sock_fr, int so
+ 
+ 			EVP_BytesToKey(Cipher, Digest, NULL, (unsigned char *) keydata,
+ 			    keydata_len, 1, keystr, ivec); 
+-			EVP_CIPHER_CTX_init(ctx);
+ 			EVP_CipherInit_ex(ctx, Cipher, NULL, keystr, ivec,
+ 			    encrypt);
+ 		}
+@@ -836,9 +841,9 @@ static void enc_xfer(int sock_fr, int so
+ 			in_salt = salt;
+ 		}
+ 
+-		if (ivec_size < Cipher->iv_len && !securevnc) {
++		if (ivec_size < EVP_CIPHER_iv_length(Cipher) && !securevnc) {
+ 			fprintf(stderr, "%s: %s - WARNING: short IV %d < %d\n",
+-			    prog, encstr, ivec_size, Cipher->iv_len);
++			    prog, encstr, ivec_size, EVP_CIPHER_iv_length(Cipher));
+ 		}
+ 
+ 		/* make the hashed value and place in keystr */
+@@ -877,9 +882,6 @@ static void enc_xfer(int sock_fr, int so
+ 		}
+ 
+ 
+-		/* initialize the context */
+-		EVP_CIPHER_CTX_init(ctx);
+-
+ 
+ 		/* set the cipher & initialize */
+ 
+@@ -986,6 +988,7 @@ static void enc_xfer(int sock_fr, int so
+ 	/* transfer done (viewer exited or some error) */
+ 	finished:
+ 
++	if (ctx) EVP_CIPHER_CTX_free(ctx);
+ 	fprintf(stderr, "\n%s: %s - close sock_to\n", prog, encstr);
+ 	close(sock_to);
+ 
+@@ -1060,14 +1063,14 @@ static int securevnc_server_rsa_save_dia
+ }
+ 
+ static char *rsa_md5_sum(unsigned char* rsabuf) {
+-	EVP_MD_CTX md;
++	EVP_MD_CTX *md = EVP_MD_CTX_create();
+ 	char digest[EVP_MAX_MD_SIZE], tmp[16];
+ 	char md5str[EVP_MAX_MD_SIZE * 8];
+ 	unsigned int i, size = 0;
+ 
+-	EVP_DigestInit(&md, EVP_md5());
+-	EVP_DigestUpdate(&md, rsabuf, SECUREVNC_RSA_PUBKEY_SIZE);
+-	EVP_DigestFinal(&md, (unsigned char *)digest, &size);
++	EVP_DigestInit(md, EVP_md5());
++	EVP_DigestUpdate(md, rsabuf, SECUREVNC_RSA_PUBKEY_SIZE);
++	EVP_DigestFinal(md, (unsigned char *)digest, &size);
+ 
+ 	memset(md5str, 0, sizeof(md5str));
+ 	for (i=0; i < size; i++) {
+@@ -1075,6 +1078,7 @@ static char *rsa_md5_sum(unsigned char*
+ 		sprintf(tmp, "%02x", (int) uc);
+ 		strcat(md5str, tmp);
+ 	}
++	EVP_MD_CTX_destroy(md);
+ 	return strdup(md5str);
+ }
+ 
+@@ -1184,7 +1188,7 @@ static void sslexit(char *msg) {
+ 
+ static void securevnc_setup(int conn1, int conn2) {
+ 	RSA *rsa = NULL;
+-	EVP_CIPHER_CTX init_ctx;
++	EVP_CIPHER_CTX *init_ctx = EVP_CIPHER_CTX_new();
+ 	unsigned char keystr[EVP_MAX_KEY_LENGTH];
+ 	unsigned char *rsabuf, *rsasav;
+ 	unsigned char *encrypted_keybuf;
+@@ -1203,6 +1207,8 @@ static void securevnc_setup(int conn1, i
+ 
+ 	ERR_load_crypto_strings();
+ 
++	if (!init_ctx) sslexit("securevnc_setup: EVP_CIPHER_CTX_new() failed");
++	
+ 	/* alloc and read from server the 270 comprising the rsa public key: */
+ 	rsabuf = (unsigned char *) calloc(SECUREVNC_RSA_PUBKEY_SIZE, 1);
+ 	rsasav = (unsigned char *) calloc(SECUREVNC_RSA_PUBKEY_SIZE, 1);
+@@ -1323,8 +1329,7 @@ static void securevnc_setup(int conn1, i
+ 	/*
+ 	 * Back to the work involving the tmp obscuring key:
+ 	 */
+-	EVP_CIPHER_CTX_init(&init_ctx);
+-	rc = EVP_CipherInit_ex(&init_ctx, EVP_rc4(), NULL, initkey, NULL, 1);
++	rc = EVP_CipherInit_ex(init_ctx, EVP_rc4(), NULL, initkey, NULL, 1);
+ 	if (rc == 0) {
+ 		sslexit("securevnc_setup: EVP_CipherInit_ex(init_ctx) failed");
+ 	}
+@@ -1340,13 +1345,13 @@ static void securevnc_setup(int conn1, i
+ 	/* decode with the tmp key */
+ 	if (n > 0) {
+ 		memset(to_viewer, 0, sizeof(to_viewer));
+-		if (EVP_CipherUpdate(&init_ctx, to_viewer, &len, buf, n) == 0) {
++		if (EVP_CipherUpdate(init_ctx, to_viewer, &len, buf, n) == 0) {
+ 			sslexit("securevnc_setup: EVP_CipherUpdate(init_ctx) failed");
+ 			exit(1);
+ 		}
+ 		to_viewer_len = len;
+ 	}
+-	EVP_CIPHER_CTX_cleanup(&init_ctx);
++	EVP_CIPHER_CTX_free(init_ctx);
+ 	free(initkey);
+ 
+ 	/* print what we would send to the viewer (sent below): */
+@@ -1407,7 +1412,7 @@ static void securevnc_setup(int conn1, i
+ 
+ 	if (client_auth_req && client_auth) {
+ 		RSA *client_rsa = load_client_auth(client_auth);
+-		EVP_MD_CTX dctx;
++		EVP_MD_CTX *dctx = EVP_MD_CTX_create();
+ 		unsigned char digest[EVP_MAX_MD_SIZE], *signature;
+ 		unsigned int ndig = 0, nsig = 0;
+ 
+@@ -1421,8 +1426,8 @@ static void securevnc_setup(int conn1, i
+ 			exit(1);
+ 		}
+ 
+-		EVP_DigestInit(&dctx, EVP_sha1());
+-		EVP_DigestUpdate(&dctx, keystr, SECUREVNC_KEY_SIZE);
++		EVP_DigestInit(dctx, EVP_sha1());
++		EVP_DigestUpdate(dctx, keystr, SECUREVNC_KEY_SIZE);
+ 		/*
+ 		 * Without something like the following MITM is still possible.
+ 		 * This is because the MITM knows keystr and can use it with
+@@ -1433,7 +1438,7 @@ static void securevnc_setup(int conn1, i
+ 		 * he doesn't have Viewer_ClientAuth.pkey.
+ 		 */
+ 		if (0) {
+-			EVP_DigestUpdate(&dctx, rsasav, SECUREVNC_RSA_PUBKEY_SIZE);
++			EVP_DigestUpdate(dctx, rsasav, SECUREVNC_RSA_PUBKEY_SIZE);
+ 			if (!keystore_verified) {
+ 				fprintf(stderr, "securevnc_setup:\n");
+ 				fprintf(stderr, "securevnc_setup: Warning: even *WITH* Client Authentication in SecureVNC,\n");
+@@ -1456,7 +1461,8 @@ static void securevnc_setup(int conn1, i
+ 				fprintf(stderr, "securevnc_setup:\n");
+ 			}
+ 		}
+-		EVP_DigestFinal(&dctx, (unsigned char *)digest, &ndig);
++		EVP_DigestFinal(dctx, (unsigned char *)digest, &ndig);
++		EVP_MD_CTX_destroy(dctx);
+ 
+ 		signature = (unsigned char *) calloc(RSA_size(client_rsa), 1);
+ 		RSA_sign(NID_sha1, digest, ndig, signature, &nsig, client_rsa);
diff --git a/net-misc/ssvnc/ssvnc-1.0.29-r2.ebuild b/net-misc/ssvnc/ssvnc-1.0.29-r2.ebuild
index 0304a7237897..fbd99ff15127 100644
--- a/net-misc/ssvnc/ssvnc-1.0.29-r2.ebuild
+++ b/net-misc/ssvnc/ssvnc-1.0.29-r2.ebuild
@@ -1,9 +1,8 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2019 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
-EAPI=6
-
-inherit eutils multilib toolchain-funcs
+EAPI=7
+inherit toolchain-funcs
 
 DESCRIPTION="VNC viewer that adds encryption security to VNC connections"
 HOMEPAGE="http://www.karlrunge.com/x11vnc/ssvnc.html"
@@ -14,10 +13,11 @@ SLOT="0"
 KEYWORDS="amd64 x86 ~amd64-linux ~x86-linux"
 IUSE="java"
 
-RDEPEND="sys-libs/zlib
+RDEPEND="
+	sys-libs/zlib:0=
 	virtual/jpeg:0
 	dev-libs/openssl:0=
-	dev-lang/tk:0
+	dev-lang/tk:0=
 	net-misc/stunnel
 	java? ( virtual/jre:* )
 	x11-terms/xterm
@@ -25,11 +25,16 @@ RDEPEND="sys-libs/zlib
 	x11-libs/libX11
 	x11-libs/libXext
 	x11-libs/libXmu
-	x11-libs/libXt"
+	x11-libs/libXt
+"
 DEPEND="${RDEPEND}
-	java? ( virtual/jdk )"
+	java? ( virtual/jdk )
+"
 
-PATCHES=( "${FILESDIR}"/${PN}-1.0.29-build.patch )
+PATCHES=(
+	"${FILESDIR}"/${PN}-1.0.29-build.patch
+	"${FILESDIR}"/${PN}-1.0.29-openssl1.1.patch
+)
 
 src_prepare() {
 	default
@@ -55,5 +60,5 @@ src_compile() {
 
 src_install() {
 	emake DESTDIR="${D}" PREFIX="${EPREFIX}/usr" install
-	dodoc README
+	einstalldocs
 }
author	V3n3RiX <venerix@redcorelinux.org>	2019-01-31 16:00:27 +0000
committer	V3n3RiX <venerix@redcorelinux.org>	2019-01-31 16:00:27 +0000
commit	1db00cc6e94b90c08090bb5b8c406622946c4ae5 (patch)
tree	c34bf820c2809fb7e08ed5564df2a25cf759516f /net-misc/ssvnc
parent	693cc9b6e847a01c1bb692153021aaf9fb0fab25 (diff)