Package init

2019-09-30 11:19:29 -04:00 · 2019-09-30 11:19:29 -04:00 · 3d17b439c2
commit 3d17b439c2
5 changed files with 207 additions and 0 deletions
--- a/Do-not-listen-all-if-invalid-interface-is-provided.patch
+++ b/Do-not-listen-all-if-invalid-interface-is-provided.patch
@ -0,0 +1,68 @@
+From bfa1432ea1972b4272e3a7b8927f7c22094e5e44 Mon Sep 17 00:00:00 2001
+From: Ondrej Holy <oholy@redhat.com>
+Date: Tue, 22 May 2018 21:06:06 +0200
+Subject: [PATCH 2/2] Do not listen all if invalid interface is provided
+
+It is not a good idea from security point of view to listen all interfaces
+in case of invalid interface is provided. We should rather listen to nothing
+and print error in journal.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=796349
+---
+ server/libvncserver/sockets.c | 18 ++++++++++++------
+ server/vino-server.c          |  3 +++
+ 2 files changed, 15 insertions(+), 6 deletions(-)
+
+diff --git a/server/libvncserver/sockets.c b/server/libvncserver/sockets.c
+index 746a3e5..45df6d5 100644
+--- a/server/libvncserver/sockets.c
+++ b/server/libvncserver/sockets.c
+@@ -152,9 +152,13 @@ rfbInitListenSock(rfbScreenInfoPtr rfbScreen)
+     char *netIface = (char*)rfbScreen->netIface;
+     int i;
+ 
+-    if(netIface == NULL || if_nametoindex(netIface) == 0) {
+-      if(netIface != NULL)
+-        rfbLog("WARNING: This (%s) a invalid network interface, set to all\n", netIface);
+    if(netIface != NULL && strlen(netIface) > 0) {
+      if(if_nametoindex(netIface) == 0) {
+        rfbLog("(%s) is an invalid network interface\n", netIface);
+        return;
+      }
+    }
+    else {
+       netIface = NULL;
+     }
+ 
+@@ -748,9 +752,11 @@ rfbSetNetworkInterface(rfbScreenInfoPtr rfbScreen, const char *netIface)
+      rfbScreen->netIface = netIface;
+   }
+   else {
+-     rfbScreen->netIface = NULL;
+-     if(netIface != NULL)
+-        rfbLog("WARNING: This (%s) a invalid network interface, set to all\n", netIface);
+    rfbScreen->netIface = NULL;
+    if(netIface != NULL && strlen(netIface) > 0) {
+      rfbLog("(%s) is an invalid network interface\n", netIface);
+      return FALSE;
+    }
+   }
+ 
+   rfbLog("Re-binding socket to listen for VNC connections on TCP port %d in (%s) interface\n",
+diff --git a/server/vino-server.c b/server/vino-server.c
+index 38b17e3..b8cd755 100644
+--- a/server/vino-server.c
+++ b/server/vino-server.c
+@@ -970,6 +970,9 @@ vino_server_init_io_channels(VinoServer *server)
+     {
+       dprintf (RFB, "%d ", rfb_screen->rfbListenSock[i]);
+ 
+      if (rfb_screen->rfbListenSock[i] == -1)
+        continue;
+
+       server->priv->io_channel[i] = g_io_channel_unix_new (rfb_screen->rfbListenSock[i]);
+       server->priv->io_watch[i]   = g_io_add_watch (server->priv->io_channel[i],
+                                                     G_IO_IN|G_IO_PRI,
+-- 
+2.17.0
+
--- a/Do-not-restart-service-after-unclean-exit-code.patch
+++ b/Do-not-restart-service-after-unclean-exit-code.patch
@ -0,0 +1,31 @@
+From c5e3011b7364729fa2cd4f11761bf1f001a931a4 Mon Sep 17 00:00:00 2001
+From: Ondrej Holy <oholy@redhat.com>
+Date: Tue, 22 May 2018 20:45:45 +0200
+Subject: [PATCH 1/2] Do not restart service after unclean exit code
+
+Currently, the vino-server.service has Restart=on-failure, which means
+that it is restarted in abnormal cases, but also in case of non-zero
+exit code. It is restarted 5 times e.g. in case when X11 is not detected,
+which doesn't make sense. Non-zero exit code is used only for states
+which won't change with restart (invalid commandline, wayland and some
+sanity checks). Change the value to Restart=on-abnormal in order to
+prevent the useless restarts and to not spam journal.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=761120
+---
+ server/vino-server.service.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/server/vino-server.service.in b/server/vino-server.service.in
+index a48b813..49e9c1f 100644
+--- a/server/vino-server.service.in
+++ b/server/vino-server.service.in
+@@ -5,4 +5,4 @@ Description=Vino VNC server
+ Type=dbus
+ BusName=org.gnome.Vino
+ ExecStart=@libexecdir@/vino-server
+-Restart=on-failure
+Restart=on-abnormal
+-- 
+2.17.0
+
--- a/Return-error-if-X11-is-not-detected.patch
+++ b/Return-error-if-X11-is-not-detected.patch
@ -0,0 +1,42 @@
+From d5b743b11a6f102353af719fa34abd5e6c679e77 Mon Sep 17 00:00:00 2001
+From: Ondrej Holy <oholy@redhat.com>
+Date: Tue, 20 Feb 2018 12:26:18 +0100
+Subject: [PATCH] Return error if X11 is not detected
+
+Vino-server crashes on Wayland in XQueryExtension. Since vino-server is
+not expected to work on displays other than X11, let's exit immediately
+if GDK_IS_X11_DISPLAY fail.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=761120
+---
+ server/vino-main.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/server/vino-main.c b/server/vino-main.c
+index dd95de7..7be3fff 100644
+--- a/server/vino-main.c
+++ b/server/vino-main.c
+@@ -28,6 +28,7 @@
+ #include <glib/gi18n.h>
+ #include <gtk/gtk.h>
+ #include <locale.h>
+#include <gdk/gdkx.h>
+ 
+ #include "vino-input.h"
+ #include "vino-mdns.h"
+@@ -273,6 +274,12 @@ main (int argc, char **argv)
+     g_option_context_free (context);
+   }
+ 
+  if (!GDK_IS_X11_DISPLAY (gdk_display_get_default ()))
+    {
+      g_printerr ("X11 is not detected\n");
+      return 1;
+    }
+
+   /* GSettings */
+   vino.settings = g_settings_new ("org.gnome.Vino");
+ 
+-- 
+2.17.0
+
--- a/vino-3.22.0.tar.xz
+++ b/vino-3.22.0.tar.xz
--- a/vino.spec
+++ b/vino.spec
@ -0,0 +1,66 @@
+Name:              vino	
+Version:           3.22.0
+Release:           12
+Summary:           Vino is the GNOME desktop sharing server.
+
+License:           GPLv2+	
+URL:               https:wiki.gnome.org/Projects/Vino
+Source0:           https://download.gnome.org/sources/%{name}/3.22/%{name}-%{version}.tar.xz
+
+Patch0:            Return-error-if-X11-is-not-detected.patch
+Patch1:            Do-not-restart-service-after-unclean-exit-code.patch
+Patch2:            Do-not-listen-all-if-invalid-interface-is-provided.patch
+
+BuildRequires:     desktop-file-utils gcc gettext intltool libXdamage-devel
+BuildRequires:     libXt-devel libXtst-devel libgcrypt-devel avahi-devel libsecret-devel
+BuildRequires:     avahi-glib-devel gnutls-devel gtk3-devel libICE-devel libnotify-devel
+BuildRequires:     libSM-devel systemd
+Requires:          dbus glibc pango
+%{?systemd_requires}
+
+%description
+A VNC Server for GNOME
+
+%package_help
+
+%prep
+%autosetup -n %{name}-%{version} -p1
+
+%build
+%configure --disable-silent-rules --with-avahi --with-secret  -with-gnutls --without-telepathy
+%make_build 
+
+%install
+%make_install 
+
+%check
+make check
+desktop-file-validate %{buildroot}%{_datadir}/applications/vino-server.desktop
+
+%post
+%systemd_user_post vino-server.service
+
+%preun
+%systemd_user_preun vino-server.service
+
+%postun
+%systemd_user_postun vino-server.service
+
+%files
+%defattr(-,root,root)
+%doc README AUTHORS
+%license COPYING
+%{_libexecdir}/*
+%{_datadir}/locale/*
+%{_datadir}/applications/*
+%{_datadir}/glib-2.0/schemas/*.xml
+%{_userunitdir}/vino-server.service
+
+%files             help
+%defattr(-,root,root)
+%doc NEWS docs/TODO docs/remote-desktop.txt
+%exclude %{_datadir}/dbus-1/services/org.freedesktop.Telepathy.Client.Vino.service
+
+%changelog
+* Mon Sep 1 2019 openEuler Buildteam <buildteam@openeuler.org> - 3.22.0-12
+- Package init