Update to x11vnc 0.9.15 (switching from the original upstream to the

community-maintained version at LibVNC), including some buffer overleak and
memory leak fixes. From semarie with a few changes to autoconf handling from me.

x11/x11vnc/Makefile

@@ -1,37 +1,44 @@
-# $OpenBSD: Makefile,v 1.48 2018/06/27 21:04:23 espie Exp $
+# $OpenBSD: Makefile,v 1.49 2018/08/09 15:04:21 sthen Exp $
 
 COMMENT =		VNC server for real X displays
 
-DISTNAME =		x11vnc-0.9.13
-REVISION =		11
+GH_ACCOUNT =		LibVNC
+GH_PROJECT =		x11vnc
+GH_TAGNAME =		0.9.15
 
 CATEGORIES =		x11
-HOMEPAGE =		http://www.karlrunge.com/x11vnc/
 
 # GPLv2
 PERMIT_PACKAGE_CDROM =	Yes
 
-WANTLIB += X11 Xdamage Xext Xfixes Xinerama Xrandr Xtst c crypto
-WANTLIB += pthread ssl z jpeg avahi-client avahi-common
+WANTLIB += X11 Xcomposite Xcursor Xdamage Xext Xfixes Xi Xinerama
+WANTLIB += Xrandr Xtst avahi-client avahi-common c cairo crypto
+WANTLIB += pthread ssl vncclient vncserver
 
-MASTER_SITES =		${MASTER_SITE_SOURCEFORGE:=libvncserver/}
 MODULES =		x11/tk
 RUN_DEPENDS =		devel/desktop-file-utils \
 			${MODTK_RUN_DEPENDS}
-LIB_DEPENDS =		graphics/jpeg \
-			net/avahi
+LIB_DEPENDS =		graphics/cairo \
+			net/avahi \
+			net/libvncserver
 
-AUTOCONF_VERSION =	2.59
-CONFIGURE_STYLE =	autoconf
+USE_GMAKE =		Yes
+CONFIGURE_STYLE =	gnu
 CONFIGURE_ARGS +=	--with-x \
 			--with-avahi
 CONFIGURE_ENV +=	CPPFLAGS="-I${LOCALBASE}/include" \
 			LDFLAGS="-L${LOCALBASE}/lib"
 
-REORDER_DEPENDENCIES =	${FILESDIR}/automake.dep
+AUTOCONF_VERSION =	2.69
+AUTOMAKE_VERSION =	1.15
+BUILD_DEPENDS =		${MODGNU_AUTOCONF_DEPENDS} \
+			${MODGNU_AUTOMAKE_DEPENDS}
+
+post-patch:
+	cd ${WRKSRC}; ${AUTOCONF_ENV} autoreconf -v --install
 
 pre-configure:
-	${SUBST_CMD} ${WRKSRC}/x11vnc/gui.c
+	${SUBST_CMD} ${WRKSRC}/src/gui.c
 
 post-install:
 	${INSTALL_DATA_DIR} ${PREFIX}/share/doc/x11vnc

x11/x11vnc/distinfo

@@ -1,2 +1,2 @@
-SHA256 (x11vnc-0.9.13.tar.gz) = 9oKfLmKWZ6UoTeYrCAsTEmoHNkmf5HzbRHrtsHpZ8Ts=
-SIZE (x11vnc-0.9.13.tar.gz) = 2853769
+SHA256 (x11vnc-0.9.15.tar.gz) = PkO9h17cPH9SoNNnbE7H3pEPzSECQO4gtFIt6yv4TP8=
+SIZE (x11vnc-0.9.15.tar.gz) = 1701821

x11/x11vnc/files/automake.dep

@@ -1,4 +0,0 @@
-# $OpenBSD: automake.dep,v 1.1 2012/12/17 19:02:48 naddy Exp $
-rfbconfig.h.in configure.ac
-rfbconfig.h.in aclocal.m4
-/rfbconfig.h configure.ac

x11/x11vnc/patches/patch-configure_ac

@@ -1,12 +1,13 @@
-$OpenBSD: patch-configure_ac,v 1.1 2012/12/17 19:02:48 naddy Exp $
---- configure.ac.orig	Mon Dec 10 21:38:46 2012
-+++ configure.ac	Mon Dec 10 21:39:06 2012
-@@ -777,7 +777,7 @@ fi
- AC_CHECK_FUNCS([ftime gethostbyname gethostname gettimeofday inet_ntoa memmove memset mmap mkfifo select socket strchr strcspn strdup strerror strstr])
- # x11vnc only:
- if test "$build_x11vnc" = "yes"; then
--	AC_CHECK_FUNCS([setsid setpgrp getpwuid getpwnam getspnam getuid geteuid setuid setgid seteuid setegid initgroups waitpid setutxent grantpt shmat])
-+	AC_CHECK_FUNCS([setsid setpgrp getpwuid getpwnam getspnam getuid geteuid setuid setgid seteuid setegid initgroups waitpid setutxent posix_openpt grantpt shmat])
+$OpenBSD: patch-configure_ac,v 1.2 2018/08/09 15:04:21 sthen Exp $
+Index: configure.ac
+--- configure.ac.orig
++++ configure.ac
+@@ -482,7 +482,7 @@ if test "x$uname_s" = "xHP-UX"; then
  fi
  
+ AC_CHECK_FUNCS([ftime gethostbyname gethostname gettimeofday inet_ntoa memmove memset mmap mkfifo select socket strchr strcspn strdup strerror strstr])
+-AC_CHECK_FUNCS([setsid setpgrp getpwuid getpwnam getspnam getuid geteuid setuid setgid seteuid setegid initgroups waitpid setutxent grantpt shmat])
++AC_CHECK_FUNCS([setsid setpgrp getpwuid getpwnam getspnam getuid geteuid setuid setgid seteuid setegid initgroups waitpid setutxent posix_openpt grantpt shmat])
+ 
+ 
  # check, if shmget is in cygipc.a

x11/x11vnc/patches/patch-src_enc_h

@@ -0,0 +1,14 @@
+$OpenBSD: patch-src_enc_h,v 1.1 2018/08/09 15:04:21 sthen Exp $
+
+Index: src/enc.h
+--- src/enc.h.orig
++++ src/enc.h
+@@ -1449,7 +1449,7 @@ static void securevnc_setup(int conn1, int conn2) {
+ 		fprintf(stderr, "securevnc_setup: RAND_pseudo_bytes() rc=%d\n", rc);
+ 		if (getenv("RANDSTR")) {
+ 			char *s = getenv("RANDSTR"); 
+-			fprintf(stderr, "securevnc_setup: seeding with RANDSTR len=%d\n", strlen(s));
++			fprintf(stderr, "securevnc_setup: seeding with RANDSTR len=%zd\n", strlen(s));
+ 			RAND_add(s, strlen(s), strlen(s));
+ 		}
+ 	}

x11/x11vnc/patches/patch-src_gui_c

@@ -1,6 +1,6 @@
-$OpenBSD: patch-x11vnc_gui_c,v 1.5 2010/04/02 00:42:25 sthen Exp $
---- x11vnc/gui.c.orig	Mon Dec 21 04:58:10 2009
-+++ x11vnc/gui.c	Wed Dec 23 22:02:45 2009
+$OpenBSD: patch-src_gui_c,v 1.1 2018/08/09 15:04:21 sthen Exp $
+--- src/gui.c.orig	Mon Dec 21 04:58:10 2009
++++ src/gui.c	Wed Dec 23 22:02:45 2009
 @@ -263,9 +263,8 @@ static void sigusr1 (int sig) {
  
  /* Most of the following mess is for wish on Solaris: */

x11/x11vnc/patches/patch-src_help_c

@@ -1,7 +1,8 @@
-$OpenBSD: patch-x11vnc_help_c,v 1.6 2017/04/16 12:43:20 ajacoutot Exp $
---- x11vnc/help.c.orig	Wed Aug 10 23:31:32 2011
-+++ x11vnc/help.c	Wed Sep 14 15:56:22 2011
-@@ -6036,7 +6036,7 @@ void xopen_display_fail_message(char *disp) {
+$OpenBSD: patch-src_help_c,v 1.1 2018/08/09 15:04:21 sthen Exp $
+Index: src/help.c
+--- src/help.c.orig
++++ src/help.c
+@@ -5956,7 +5956,7 @@ void xopen_display_fail_message(char *disp) {
  	fprintf(stderr, "              -auth /var/lib/gdm/:0.Xauth\n");
  	fprintf(stderr, "     kdm:     -auth /var/lib/kdm/A:0-crWk72\n");
  	fprintf(stderr, "              -auth /var/run/xauth/A:0-crWk72\n");

x11/x11vnc/patches/patch-src_sslhelper_c

@@ -0,0 +1,85 @@
+$OpenBSD: patch-src_sslhelper_c,v 1.1 2018/08/09 15:04:21 sthen Exp $
+
+Index: src/sslhelper.c
+--- src/sslhelper.c.orig
++++ src/sslhelper.c
+@@ -803,7 +803,7 @@ static int pem_passwd_callback(char *buf, int size, in
+ static int crl_callback(X509_STORE_CTX *callback_ctx) {
+ 	const ASN1_INTEGER *revoked_serial;
+ 	X509_STORE_CTX *store_ctx;
+-#if OPENSSL_VERSION_NUMBER > 0x10100000L
++#if OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 	X509_OBJECT *obj;
+ #else
+ 	X509_OBJECT obj;
+@@ -829,7 +829,7 @@ static int crl_callback(X509_STORE_CTX *callback_ctx) 
+ 	* the current certificate in order to verify it's integrity. */
+ 	store_ctx = X509_STORE_CTX_new();
+ 	X509_STORE_CTX_init(store_ctx, revocation_store, NULL, NULL);
+-#if OPENSSL_VERSION_NUMBER > 0x10100000L
++#if OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 	obj = X509_OBJECT_new();
+ 	rc=X509_STORE_get_by_subject(store_ctx, X509_LU_CRL, subject, obj);
+ 	crl = X509_OBJECT_get0_X509_CRL(obj);
+@@ -865,7 +865,7 @@ static int crl_callback(X509_STORE_CTX *callback_ctx) 
+ 			rfbLog("Invalid signature on CRL\n");
+ 			X509_STORE_CTX_set_error(callback_ctx,
+ 				X509_V_ERR_CRL_SIGNATURE_FAILURE);
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 			X509_OBJECT_free(obj);
+ #else
+ 			X509_OBJECT_free_contents(&obj);
+@@ -883,7 +883,7 @@ static int crl_callback(X509_STORE_CTX *callback_ctx) 
+ 			rfbLog("Found CRL has invalid nextUpdate field\n");
+ 			X509_STORE_CTX_set_error(callback_ctx,
+ 				X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD);
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 			X509_OBJECT_free(obj);
+ #else
+ 			X509_OBJECT_free_contents(&obj);
+@@ -894,14 +894,14 @@ static int crl_callback(X509_STORE_CTX *callback_ctx) 
+ 			rfbLog("Found CRL is expired - "
+ 				"revoking all certificates until you get updated CRL\n");
+ 			X509_STORE_CTX_set_error(callback_ctx, X509_V_ERR_CRL_HAS_EXPIRED);
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 			X509_OBJECT_free(obj);
+ #else
+ 			X509_OBJECT_free_contents(&obj);
+ #endif
+ 			return 0; /* Reject connection */
+ 		}
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 			X509_OBJECT_free(obj);
+ #else
+ 			X509_OBJECT_free_contents(&obj);
+@@ -912,7 +912,7 @@ static int crl_callback(X509_STORE_CTX *callback_ctx) 
+ 	 * the current certificate in order to check for revocation. */
+ 	store_ctx = X509_STORE_CTX_new();
+ 	X509_STORE_CTX_init(store_ctx, revocation_store, NULL, NULL);
+-#if OPENSSL_VERSION_NUMBER > 0x10100000L
++#if OPENSSL_VERSION_NUMBER > 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 	obj = X509_OBJECT_new();
+ 	rc=X509_STORE_get_by_subject(store_ctx, X509_LU_CRL, issuer, obj);
+ 	crl = X509_OBJECT_get0_X509_CRL(obj);
+@@ -942,7 +942,7 @@ static int crl_callback(X509_STORE_CTX *callback_ctx) 
+ 					"revoked per CRL from issuer %s\n", serial, serial, cp);
+ 				OPENSSL_free(cp);
+ 				X509_STORE_CTX_set_error(callback_ctx, X509_V_ERR_CERT_REVOKED);
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 				X509_OBJECT_free(obj);
+ #else
+ 				X509_OBJECT_free_contents(&obj);
+@@ -950,7 +950,7 @@ static int crl_callback(X509_STORE_CTX *callback_ctx) 
+ 				return 0; /* Reject connection */
+ 			}
+ 		}
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ 			X509_OBJECT_free(obj);
+ #else
+ 			X509_OBJECT_free_contents(&obj);

x11/x11vnc/patches/patch-src_ssltools_h

@@ -1,9 +1,9 @@
-$OpenBSD: patch-x11vnc_ssltools_h,v 1.3 2014/09/09 11:10:50 naddy Exp $
+$OpenBSD: patch-src_ssltools_h,v 1.1 2018/08/09 15:04:21 sthen Exp $
 
 - fix path to su(1)
 
---- x11vnc/ssltools.h.orig	Wed Aug 10 23:31:32 2011
-+++ x11vnc/ssltools.h	Wed Sep 14 16:03:27 2011
+--- src/ssltools.h.orig	Wed Aug 10 23:31:32 2011
++++ src/ssltools.h	Wed Sep 14 16:03:27 2011
 @@ -1909,7 +1909,7 @@ char create_display[] = 
  "		rm -f $ctmp1 $ctmp2\n"
  "		XAUTHORITY=$authfile\n"

x11/x11vnc/patches/patch-src_unixpw_c

@@ -1,6 +1,7 @@
-$OpenBSD: patch-x11vnc_unixpw_c,v 1.1 2012/12/17 19:02:48 naddy Exp $
---- x11vnc/unixpw.c.orig	Thu Aug 11 00:31:32 2011
-+++ x11vnc/unixpw.c	Mon Dec 10 21:59:46 2012
+$OpenBSD: patch-src_unixpw_c,v 1.1 2018/08/09 15:04:21 sthen Exp $
+Index: src/unixpw.c
+--- src/unixpw.c.orig
++++ src/unixpw.c
 @@ -85,13 +85,6 @@ extern char *crypt(const char*, const char *);
  #include <sys/stropts.h>
  #endif
@@ -17,7 +18,7 @@ $OpenBSD: patch-x11vnc_unixpw_c,v 1.1 2012/12/17 19:02:48 naddy Exp $
  void unixpw_keystroke(rfbBool down, rfbKeySym keysym, int init);
 @@ -522,6 +515,9 @@ char *get_pty_ptmx(int *fd_p) {
  
- #if LIBVNCSERVER_HAVE_GRANTPT
+ #if HAVE_GRANTPT
  
 +#if LIBVNCSERVER_HAVE_POSIX_OPENPT
 +	fd = posix_openpt(O_RDWR|O_NOCTTY);
@@ -40,7 +41,7 @@ $OpenBSD: patch-x11vnc_unixpw_c,v 1.1 2012/12/17 19:02:48 naddy Exp $
 -#ifdef IS_BSD
 -	return get_pty_loop(fd_p);
 -#else
- #if LIBVNCSERVER_HAVE_GRANTPT
+ #if HAVE_GRANTPT
  	used_get_pty_ptmx = 1;
  	return get_pty_ptmx(fd_p);
  #else

x11/x11vnc/patches/patch-x11vnc_enc_h

@@ -1,29 +0,0 @@
-$OpenBSD: patch-x11vnc_enc_h,v 1.2 2015/09/16 10:43:18 sthen Exp $
-
-LibreSSL 2.3 gets rid of SHA-0 (EVP_sha).
-
-OpenSSL has no targetted way to disable this, thus OPENSSL_NO_SHA0 is
-LibreSSL-only at prsent.
-
---- x11vnc/enc.h.orig	Wed Sep 16 04:32:40 2015
-+++ x11vnc/enc.h	Wed Sep 16 04:35:00 2015
-@@ -454,8 +454,10 @@ extern void enc_do(char *ciph, char *keyfile, char *lp
- 		p++;
- 		if (strstr(p, "md5+") == p) {
- 			Digest = EVP_md5();        p += strlen("md5+");
-+#ifndef OPENSSL_NO_SHA0
- 		} else if (strstr(p, "sha+") == p) {
- 			Digest = EVP_sha();        p += strlen("sha+");
-+#endif
- 		} else if (strstr(p, "sha1+") == p) {
- 			Digest = EVP_sha1();       p += strlen("sha1+");
- 		} else if (strstr(p, "ripe+") == p) {
-@@ -1407,7 +1409,7 @@ static void securevnc_setup(int conn1, int conn2) {
- 		fprintf(stderr, "securevnc_setup: RAND_pseudo_bytes() rc=%d\n", rc);
- 		if (getenv("RANDSTR")) {
- 			char *s = getenv("RANDSTR"); 
--			fprintf(stderr, "securevnc_setup: seeding with RANDSTR len=%d\n", strlen(s));
-+			fprintf(stderr, "securevnc_setup: seeding with RANDSTR len=%zd\n", strlen(s));
- 			RAND_add(s, strlen(s), strlen(s));
- 		}
- 	}

x11/x11vnc/patches/patch-x11vnc_options_c

@@ -1,15 +0,0 @@
-$OpenBSD: patch-x11vnc_options_c,v 1.2 2011/09/15 20:27:29 sthen Exp $
-
-don't use xrecord for now; https://bugs.freedesktop.org/show_bug.cgi?id=30032
-
---- x11vnc/options.c.orig	Wed Aug 10 23:31:32 2011
-+++ x11vnc/options.c	Wed Sep 14 15:56:22 2011
-@@ -249,7 +249,7 @@ time_t pad_geometry_time = 0;
- int use_snapfb = 0;
- 
- int use_xrecord = 0;
--int noxrecord = 0;
-+int noxrecord = 1;
- 
- char *client_connect = NULL;	/* strings for -connect option */
- char *client_connect_file = NULL;

x11/x11vnc/pkg/PLIST

@@ -1,32 +1,9 @@
-@comment $OpenBSD: PLIST,v 1.9 2018/06/27 21:04:23 espie Exp $
-@conflict libvncserver-*
+@comment $OpenBSD: PLIST,v 1.10 2018/08/09 15:04:21 sthen Exp $
+@rcscript ${RCDIR}/x11vnc
+bin/Xdummy
 @bin bin/x11vnc
-include/rfb/
-include/rfb/keysym.h
-include/rfb/rfb.h
-include/rfb/rfbclient.h
-include/rfb/rfbconfig.h
-include/rfb/rfbint.h
-include/rfb/rfbproto.h
-include/rfb/rfbregion.h
 @man man/man1/x11vnc.1
 share/applications/x11vnc.desktop
 share/doc/x11vnc/
 share/doc/x11vnc/README
-share/x11vnc/
-share/x11vnc/classes/
-share/x11vnc/classes/VncViewer.jar
-share/x11vnc/classes/index.vnc
-share/x11vnc/classes/ssl/
-share/x11vnc/classes/ssl/README
-share/x11vnc/classes/ssl/SignedUltraViewerSSL.jar
-share/x11vnc/classes/ssl/SignedVncViewer.jar
-share/x11vnc/classes/ssl/UltraViewerSSL.jar
-share/x11vnc/classes/ssl/VncViewer.jar
-share/x11vnc/classes/ssl/index.vnc
-share/x11vnc/classes/ssl/proxy.vnc
-share/x11vnc/classes/ssl/ss_vncviewer
-share/x11vnc/classes/ssl/ultra.vnc
-share/x11vnc/classes/ssl/ultrasigned.vnc
 @tag update-desktop-database
-@rcscript ${RCDIR}/x11vnc