From: "Andreas Sturmlechner" <asturm@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: x11-misc/x11vnc/files/, x11-misc/x11vnc/
Date: Tue, 21 May 2019 18:41:17 +0000 (UTC) [thread overview]
Message-ID: <1558464054.8f8397278392054a78ad0d75c86577a12e6204f5.asturm@gentoo> (raw)
commit: 8f8397278392054a78ad0d75c86577a12e6204f5
Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
AuthorDate: Tue May 21 18:34:33 2019 +0000
Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
CommitDate: Tue May 21 18:40:54 2019 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8f839727
x11-misc/x11vnc: Fix anonymous SSL w/ OpenSSL-1.1
Package-Manager: Portage-2.3.66, Repoman-2.3.12
Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org>
.../x11vnc/files/x11vnc-0.9.16-anonymous-ssl.patch | 26 ++++++++++++++++++++++
x11-misc/x11vnc/x11vnc-0.9.16-r2.ebuild | 4 ++--
2 files changed, 28 insertions(+), 2 deletions(-)
diff --git a/x11-misc/x11vnc/files/x11vnc-0.9.16-anonymous-ssl.patch b/x11-misc/x11vnc/files/x11vnc-0.9.16-anonymous-ssl.patch
new file mode 100644
index 00000000000..3dafb9aa6b0
--- /dev/null
+++ b/x11-misc/x11vnc/files/x11vnc-0.9.16-anonymous-ssl.patch
@@ -0,0 +1,26 @@
+From b9cf79fd3d61a7586fe6b24b3141e406cdf334eb Mon Sep 17 00:00:00 2001
+From: Jim Broadus <jbroadus@xevo.com>
+Date: Wed, 2 Jan 2019 17:37:40 -0800
+Subject: [PATCH] Fix anonymous SSL. In version 1.1.0, openssl introduced a
+ security level concept. Only level 0 allows the use of unauthenticated cipher
+ suites such as ADH.
+
+---
+ src/sslhelper.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/sslhelper.c b/src/sslhelper.c
+index 1a3e7474..04c2e273 100644
+--- a/src/sslhelper.c
++++ b/src/sslhelper.c
+@@ -1596,6 +1596,10 @@ static int switch_to_anon_dh(void) {
+ if (ssl_client_mode) {
+ return 1;
+ }
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++ /* Security level must be set to 0 for unauthenticated suites. */
++ SSL_CTX_set_security_level(ctx, 0);
++#endif
+ if (!SSL_CTX_set_cipher_list(ctx, "ADH:@STRENGTH")) {
+ return 0;
+ }
diff --git a/x11-misc/x11vnc/x11vnc-0.9.16-r2.ebuild b/x11-misc/x11vnc/x11vnc-0.9.16-r2.ebuild
index 55edb78e789..f78d4c9f6ab 100644
--- a/x11-misc/x11vnc/x11vnc-0.9.16-r2.ebuild
+++ b/x11-misc/x11vnc/x11vnc-0.9.16-r2.ebuild
@@ -41,8 +41,8 @@ RDEPEND="${COMMON_DEPEND}
"
PATCHES=(
- # https://github.com/LibVNC/x11vnc/issues/86
- "${FILESDIR}"/${P}-crypto.patch
+ "${FILESDIR}"/${P}-crypto.patch # https://github.com/LibVNC/x11vnc/issues/86
+ "${FILESDIR}"/${P}-anonymous-ssl.patch # https://github.com/LibVNC/x11vnc/pull/85
)
src_prepare() {
next reply other threads:[~2019-05-21 18:41 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-21 18:41 Andreas Sturmlechner [this message]
-- strict thread matches above, loose matches on Subject: below --
2023-03-11 17:15 [gentoo-commits] repo/gentoo:master commit in: x11-misc/x11vnc/files/, x11-misc/x11vnc/ Sam James
2021-03-24 16:07 Matt Turner
2016-12-05 16:10 Pacho Ramos
2015-11-27 17:20 Patrice Clement
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1558464054.8f8397278392054a78ad0d75c86577a12e6204f5.asturm@gentoo \
--to=asturm@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox