cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

remove net/ssvnc, the upstream maintainer hasn't been seen in some years

Browse Source 
and has various security issues (most libvncclient security fixes from the
past are relevant to this too; see e.g. patches in debian's ssvnc package).

suggest using either tigervnc's vncviewer, or something using
libvncclient (e.g. remmina) instead, both of which are better maintained.

ok tb@
This commit is contained in:
sthen 2022-01-13 15:12:55 +00:00
parent c9436280b6
commit fc0be99f33
17 changed files with 7 additions and 490 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
devel/quirks/Makefile
View File

@ -1,11 +1,11 @@
# $OpenBSD: Makefile,v 1.1341 2022/01/13 14:13:00 ajacoutot Exp $
# $OpenBSD: Makefile,v 1.1342 2022/01/13 15:12:55 sthen Exp $
COMMENT = exceptions to pkg_add rules
CATEGORIES = devel databases
DISTFILES =
# API.rev
PKGNAME = quirks-4.94
PKGNAME = quirks-4.95
PKG_ARCH = *
MAINTAINER = Marc Espie <espie@openbsd.org>

5
devel/quirks/files/Quirks.pm
View File

@ -1,7 +1,7 @@
#! /usr/bin/perl
# ex:ts=8 sw=4:
# $OpenBSD: Quirks.pm,v 1.1358 2022/01/13 14:13:00 ajacoutot Exp $
# $OpenBSD: Quirks.pm,v 1.1359 2022/01/13 15:12:55 sthen Exp $
#
# Copyright (c) 2009 Marc Espie <espie@openbsd.org>
#
@ -1627,6 +1627,8 @@ setup_obsolete_reason(
3 => 'climm',
31 => 'spe',
31 => 'py-Checker',
14 => 'ssvnc',
14 => 'ssvnc-viewer',
);
# though it's not yet used, these should be pkgnames, so that eventually
@ -1661,6 +1663,7 @@ my $obsolete_message = {
11 => "no longer packageable",
12 => "replace with IMAPSieve, see https://wiki.dovecot.org/HowTo/AntispamWithSieve",
13 => "has a dependency on obsolete software",
14 => "no longer maintained upstream and has security issues, consider remmina or tigervnc's vncviewer as an alternative",
17 => "old GeoIP databases end-of-life, see alternative using geoip2/libmaxminddb",
20 => "merged into IETF Opus codec, obsolete, audio/mumble uses bundled version now",
21 => "upstream recommends to use composer to build a drupal site",

3
net/Makefile
View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.1284 2022/01/06 19:06:18 jeremy Exp $
# $OpenBSD: Makefile,v 1.1285 2022/01/13 15:12:55 sthen Exp $
SUBDIR =
SUBDIR += adns
@ -662,7 +662,6 @@
SUBDIR += ssldump
SUBDIR += sslh
SUBDIR += sslsniffer
SUBDIR += ssvnc
SUBDIR += strongswan
SUBDIR += supybot
SUBDIR += swirc

80
net/ssvnc/Makefile
View File

@ -1,80 +0,0 @@
# $OpenBSD: Makefile,v 1.38 2022/01/13 11:00:17 tb Exp $
COMMENT-gui = enhanced TightVNC client GUI and wrappers
COMMENT-main = enhanced TightVNC client
V = 1.0.29
DISTNAME = ssvnc-$V.src
PKGNAME = ssvnc-$V
EPOCH = 0
FULLPKGNAME-gui = ssvnc-$V
FULLPKGNAME-main = ssvnc-viewer-$V
REVISION-gui = 5
REVISION-main = 3
CATEGORIES = net x11
HOMEPAGE = http://www.karlrunge.com/x11vnc/ssvnc.html
# GPLv2
PERMIT_PACKAGE = Yes
MASTER_SITES = ${MASTER_SITE_SOURCEFORGE:=ssvnc/}
MULTI_PACKAGES =-main -gui
MAKE_ENV = CFLAGS="${CFLAGS}" CXXFLAGS="${CXXFLAGS}" \
CC="${CC}" CXX="${CXX}"
WRKDIST = ${WRKDIR}/ssvnc-$V
NO_TEST = Yes
MODULES = x11/tk
WANTLIB-main = ICE SM X11 Xau Xaw Xdmcp Xext Xpm Xmu Xt c z jpeg>=62
LIB_DEPENDS-main = graphics/jpeg
WANTLIB-gui = c crypto ssl
RUN_DEPENDS-gui = devel/desktop-file-utils \
net/ssvnc,-main \
security/stunnel \
${MODTK_RUN_DEPENDS}
CONFIGURE_STYLE = imake noman
XMKMF = xmkmf
VNCSRC = ${WRKSRC}/vnc_unixsrc/
VNCLIB = ${PREFIX}/lib/ssvnc/
pre-configure:
cd ${WRKSRC}/scripts && ${SUBST_CMD} ssvnc util/ss_vncviewer
do-configure:
cd ${VNCSRC}/libvncauth && ${MAKE_ENV} ${XMKMF}
cd ${VNCSRC}/vncviewer && ${MAKE_ENV} ${XMKMF}
do-build:
cd ${VNCSRC}/libvncauth && ${SETENV} ${MAKE_ENV} ${MAKE}
cd ${VNCSRC}/vncviewer && ${SETENV} ${MAKE_ENV} ${MAKE}
cd ${WRKSRC}/vncstorepw && ${SETENV} ${MAKE_ENV} ${MAKE}
do-install:
${INSTALL_PROGRAM_DIR} ${VNCLIB}
cd ${WRKSRC}/scripts; tar cf - * | tar xf - -C ${VNCLIB}
${INSTALL_MAN} ${WRKSRC}/man/man1/ssvnc.1 ${PREFIX}/man/man1
${INSTALL_MAN} ${WRKSRC}/man/man1/ssvncviewer.1 ${PREFIX}/man/man1/vncviewer.1
${INSTALL_DATA_DIR} ${PREFIX}/share/applications
${INSTALL_DATA} ${WRKSRC}/ssvnc.desktop ${PREFIX}/share/applications
${INSTALL_PROGRAM} ${VNCSRC}/vncviewer/vncviewer ${PREFIX}/bin
${INSTALL_PROGRAM} ${WRKSRC}/vncstorepw/vncstorepw ${PREFIX}/bin
${INSTALL_PROGRAM} ${WRKSRC}/vncstorepw/ultravnc_dsm_helper ${VNCLIB}
.for i in vncstorepw/lim_accept.so vncstorepw/unwrap.so
if test -r ${WRKSRC}/$i; then ${INSTALL_DATA} ${WRKSRC}/$i ${VNCLIB}; fi
.endfor
.for i in ssvnc tsvnc sshvnc
${WRKSRC}/wr_tool ${PREFIX}/bin/$i ${TRUEPREFIX}/lib/ssvnc/$i
.endfor
.include <bsd.port.mk>

2
net/ssvnc/distinfo
View File

@ -1,2 +0,0 @@
SHA256 (ssvnc-1.0.29.src.tar.gz) = dN8y646qaLB8lpOiMuvkIVRhfH88vh1OaNP+fFV9YY0=
SIZE (ssvnc-1.0.29.src.tar.gz) = 552796

16
net/ssvnc/patches/patch-scripts_ssvnc
View File

@ -1,16 +0,0 @@
$OpenBSD: patch-scripts_ssvnc,v 1.5 2011/09/15 20:24:16 sthen Exp $
use the correct wish binary first. N.B. update-patches will destroy
the ${MODTK_BIN} expansion in the 'for' line.
--- scripts/ssvnc.orig Sun Mar 27 18:10:45 2011
+++ scripts/ssvnc Thu Sep 15 14:44:01 2011
@@ -171,7 +171,7 @@ fi
if [ "X$WISH" = "X" ]; then
WISH=wish
- for try in wish8.4 wish wish8.3 wish8.5 wish8.6
+ for try in ${MODTK_BIN} wish8.4 wish wish8.3 wish8.5 wish8.6
do
if type $try > /dev/null 2>&1; then
WISH=$try

44
net/ssvnc/patches/patch-scripts_util_ss_vncviewer
View File

@ -1,44 +0,0 @@
$OpenBSD: patch-scripts_util_ss_vncviewer,v 1.2 2017/02/26 20:11:53 sthen Exp $
--- scripts/util/ss_vncviewer.orig Mon Apr 11 23:24:15 2011
+++ scripts/util/ss_vncviewer Sun Feb 26 20:10:35 2017
@@ -150,37 +150,15 @@ if [ "X$SS_DEBUG" != "X" -a "X$SS_DEBUG" != "X0" ]; th
set -xv
fi
-PATH=$PATH:/usr/sbin:/usr/local/sbin:/dist/sbin; export PATH
+PATH=$PATH:/usr/sbin:/usr/local/sbin; export PATH
localhost="localhost"
if uname | grep Darwin >/dev/null; then
localhost="127.0.0.1"
fi
-# work out which stunnel to use (debian installs as stunnel4)
-stunnel_set_here=""
-if [ "X$STUNNEL" = "X" ]; then
- check_stunnel=1
- if [ "X$SSVNC_BASEDIRNAME" != "X" ]; then
- if [ -x "$SSVNC_BASEDIRNAME/stunnel" ]; then
- type stunnel > /dev/null 2>&1
- if [ $? = 0 ]; then
- # found ours
- STUNNEL=stunnel
- check_stunnel=0
- fi
- fi
- fi
- if [ "X$check_stunnel" = "X1" ]; then
- type stunnel4 > /dev/null 2>&1
- if [ $? = 0 ]; then
- STUNNEL=stunnel4
- else
- STUNNEL=stunnel
- fi
- fi
- stunnel_set_here=1
-fi
+STUNNEL=/usr/local/sbin/stunnel
+stunnel_set_here=1
help() {
tail -n +2 "$0" | sed -e '/^$/ q'

34
net/ssvnc/patches/patch-scripts_util_ssvnc_tcl
View File

@ -1,34 +0,0 @@
$OpenBSD: patch-scripts_util_ssvnc_tcl,v 1.6 2011/09/15 20:24:16 sthen Exp $
type sometimes returns "xx is a tracked alias for /foo/bar" which
isn't handled. whence is sufficient and more reliable.
--- scripts/util/ssvnc.tcl.orig Wed Jan 12 01:20:29 2011
+++ scripts/util/ssvnc.tcl Thu Sep 15 14:44:01 2011
@@ -18236,7 +18236,7 @@ proc check_zeroconf_browse {} {
return 0;
}
set p ""
- set r [catch {set p [exec /bin/sh -c {type avahi-browse}]}]
+ set r [catch {set p [exec /bin/sh -c {whence avahi-browse}]}]
if {$r == 0} {
regsub {^.* is *} $p "" p
regsub -all {[ \t\n\r]} $p "" p
@@ -18246,7 +18246,7 @@ proc check_zeroconf_browse {} {
}
}
set p ""
- set r [catch {set p [exec /bin/sh -c {type dns-sd}]}]
+ set r [catch {set p [exec /bin/sh -c {whence dns-sd}]}]
if {$r == 0} {
regsub {^.* is *} $p "" p
regsub -all {[ \t\n\r]} $p "" p
@@ -18261,7 +18261,7 @@ proc check_zeroconf_browse {} {
}
}
set p ""
- set r [catch {set p [exec /bin/sh -c {type mDNS}]}]
+ set r [catch {set p [exec /bin/sh -c {whence mDNS}]}]
if {$r == 0} {
regsub {^.* is *} $p "" p
regsub -all {[ \t\n\r]} $p "" p

14
net/ssvnc/patches/patch-vnc_unixsrc_vncviewer_Imakefile
View File

@ -1,14 +0,0 @@
$OpenBSD: patch-vnc_unixsrc_vncviewer_Imakefile,v 1.1 2018/07/05 14:55:22 jcs Exp $
Index: vnc_unixsrc/vncviewer/Imakefile
--- vnc_unixsrc/vncviewer/Imakefile.orig
+++ vnc_unixsrc/vncviewer/Imakefile
@@ -6,7 +6,7 @@ EXTRA_DEFINES = -D__EXTENSIONS__
XCOMM Shared memory support works OK on x86 linux, not tested elsewhere but
XCOMM seems to cause problems on Digital Unix.
-#if defined(i386Architecture) && defined(LinuxArchitecture)
+#if (defined(i386Architecture) && defined(LinuxArchitecture)) || defined(OpenBSDArchitecture)
DEFINES = -DMITSHM
#endif

15
net/ssvnc/patches/patch-vnc_unixsrc_vncviewer_vncviewer_h
View File

@ -1,15 +0,0 @@
$OpenBSD: patch-vnc_unixsrc_vncviewer_vncviewer_h,v 1.1 2011/04/27 22:07:09 sthen Exp $
--- vnc_unixsrc/vncviewer/vncviewer.h.orig Wed Apr 27 23:01:21 2011
+++ vnc_unixsrc/vncviewer/vncviewer.h Wed Apr 27 23:02:30 2011
@@ -67,9 +67,9 @@ extern int endianTest;
#define DEFAULT_SSH_CMD "/usr/bin/ssh"
#define DEFAULT_TUNNEL_CMD \
- (DEFAULT_SSH_CMD " -f -L %L:localhost:%R %H sleep 20")
+ (DEFAULT_SSH_CMD " -f -S none -L %L:localhost:%R %H sleep 20")
#define DEFAULT_VIA_CMD \
- (DEFAULT_SSH_CMD " -f -L %L:%H:%R %G sleep 20")
+ (DEFAULT_SSH_CMD " -f -S none -L %L:%H:%R %G sleep 20")
#define TVNC_SAMPOPT 4
enum {TVNC_1X=0, TVNC_4X, TVNC_2X, TVNC_GRAY};

21
net/ssvnc/patches/patch-vnc_unixsrc_vncviewer_vncviewer_man
View File

@ -1,21 +0,0 @@
$OpenBSD: patch-vnc_unixsrc_vncviewer_vncviewer_man,v 1.1 2013/04/20 16:26:25 sthen Exp $
--- vnc_unixsrc/vncviewer/vncviewer.man.orig Mon Mar 4 16:54:22 2013
+++ vnc_unixsrc/vncviewer/vncviewer.man Mon Mar 4 16:54:51 2013
@@ -116,7 +116,7 @@ login authentication over the standard VNC authenticat
.TP
\fB\-passwd\fR \fIpasswd\-file\fR
File from which to get the password (as generated by the
-\fBvncpasswd\fR(1) program). This option affects only the standard VNC
+\fBvncstorepw\fR(1) program). This option affects only the standard VNC
authentication.
.TP
\fB\-encodings\fR \fIencoding\-list\fR
@@ -816,7 +816,7 @@ local TCP port number;
.B %R
remote TCP port number.
.SH SEE ALSO
-\fBvncserver\fR(1), \fBx11vnc\fR(1), \fBssvnc\fR(1), \fBXvnc\fR(1), \fBvncpasswd\fR(1),
+\fBvncserver\fR(1), \fBx11vnc\fR(1), \fBssvnc\fR(1), \fBXvnc\fR(1), \fBvncstorepw\fR(1),
\fBvncconnect\fR(1), \fBssh\fR(1), http://www.karlrunge.com/x11vnc, http://www.karlrunge.com/x11vnc/ssvnc.html
.SH AUTHORS
Original VNC was developed in AT&T Laboratories Cambridge. TightVNC

12
net/ssvnc/patches/patch-vncstorepw_Makefile
View File

@ -1,12 +0,0 @@
$OpenBSD: patch-vncstorepw_Makefile,v 1.3 2017/02/26 20:11:53 sthen Exp $
--- vncstorepw/Makefile.orig Sun Feb 26 20:11:06 2017
+++ vncstorepw/Makefile Sun Feb 26 20:11:14 2017
@@ -8,7 +8,7 @@ LIMACC = lim_accept.so
ULTDSM = ultravnc_dsm_helper
# gcc must be used:
-CC = gcc
+#CC = gcc
all: $(CMD) $(UNWRAP) $(LIMACC) $(ULTDSM)

209
net/ssvnc/patches/patch-vncstorepw_ultravnc_dsm_helper_c
View File

@ -1,209 +0,0 @@
$OpenBSD: patch-vncstorepw_ultravnc_dsm_helper_c,v 1.3 2022/01/13 11:00:17 tb Exp $
LibreSSL 2.3 gets rid of SHA-0 (EVP_sha).
OpenSSL has no targetted way to disable this, thus OPENSSL_NO_SHA0 is
LibreSSL-only at present.
Build fix for opaque EVP_* based on Debian's patch
https://sources.debian.org/patches/ssvnc/1.0.29-5/openssl1.1.patch/
Index: vncstorepw/ultravnc_dsm_helper.c
--- vncstorepw/ultravnc_dsm_helper.c.orig
+++ vncstorepw/ultravnc_dsm_helper.c
@@ -413,8 +413,10 @@ void enc_do(char *ciph, char *keyfile, char *lport, ch
p++;
if (strstr(p, "md5+") == p) {
Digest = EVP_md5(); p += strlen("md5+");
+#ifndef OPENSSL_NO_SHA0
} else if (strstr(p, "sha+") == p) {
Digest = EVP_sha(); p += strlen("sha+");
+#endif
} else if (strstr(p, "sha1+") == p) {
Digest = EVP_sha1(); p += strlen("sha1+");
} else if (strstr(p, "ripe+") == p) {
@@ -655,7 +657,6 @@ static void enc_xfer(int sock_fr, int sock_to, int enc
*/
unsigned char E_keystr[EVP_MAX_KEY_LENGTH];
unsigned char D_keystr[EVP_MAX_KEY_LENGTH];
- EVP_CIPHER_CTX E_ctx, D_ctx;
EVP_CIPHER_CTX *ctx = NULL;
unsigned char buf[BSIZE], out[BSIZE];
@@ -697,12 +698,15 @@ static void enc_xfer(int sock_fr, int sock_to, int enc
encstr = encrypt ? "encrypt" : "decrypt"; /* string for messages */
encsym = encrypt ? "+" : "-";
+ if ((ctx = EVP_CIPHER_CTX_new()) == NULL) {
+ fprintf(stderr, "EVP_CIPHER_CTX_new failed.\n");
+ goto finished;
+ }
+
/* use the encryption/decryption context variables below */
if (encrypt) {
- ctx = &E_ctx;
keystr = E_keystr;
} else {
- ctx = &D_ctx;
keystr = D_keystr;
}
@@ -797,7 +801,6 @@ static void enc_xfer(int sock_fr, int sock_to, int enc
if (whoops) {
fprintf(stderr, "%s: %s - WARNING: MSRC4 mode and IGNORING random salt\n", prog, encstr);
fprintf(stderr, "%s: %s - WARNING: and initialization vector!!\n", prog, encstr);
- EVP_CIPHER_CTX_init(ctx);
if (pw_in) {
/* for pw=xxxx a md5 hash is used */
EVP_BytesToKey(Cipher, Digest, NULL, (unsigned char *) keydata,
@@ -836,9 +839,9 @@ static void enc_xfer(int sock_fr, int sock_to, int enc
in_salt = salt;
}
- if (ivec_size < Cipher->iv_len && !securevnc) {
+ if (ivec_size < EVP_CIPHER_iv_length(Cipher) && !securevnc) {
fprintf(stderr, "%s: %s - WARNING: short IV %d < %d\n",
- prog, encstr, ivec_size, Cipher->iv_len);
+ prog, encstr, ivec_size, EVP_CIPHER_iv_length(Cipher));
}
/* make the hashed value and place in keystr */
@@ -877,10 +880,6 @@ static void enc_xfer(int sock_fr, int sock_to, int enc
}
- /* initialize the context */
- EVP_CIPHER_CTX_init(ctx);
-
-
/* set the cipher & initialize */
/*
@@ -1005,6 +1004,8 @@ static void enc_xfer(int sock_fr, int sock_to, int enc
prog, (int) getpid(), encstr, (int) parent);
}
}
+
+ EVP_CIPHER_CTX_free(ctx);
}
static int securevnc_server_rsa_save_dialog(char *file, char *md5str, unsigned char* rsabuf) {
@@ -1060,14 +1061,16 @@ static int securevnc_server_rsa_save_dialog(char *file
}
static char *rsa_md5_sum(unsigned char* rsabuf) {
- EVP_MD_CTX md;
+ EVP_MD_CTX *md;
char digest[EVP_MAX_MD_SIZE], tmp[16];
char md5str[EVP_MAX_MD_SIZE * 8];
unsigned int i, size = 0;
- EVP_DigestInit(&md, EVP_md5());
- EVP_DigestUpdate(&md, rsabuf, SECUREVNC_RSA_PUBKEY_SIZE);
- EVP_DigestFinal(&md, (unsigned char *)digest, &size);
+ md = EVP_MD_CTX_new();
+ EVP_DigestInit(md, EVP_md5());
+ EVP_DigestUpdate(md, rsabuf, SECUREVNC_RSA_PUBKEY_SIZE);
+ EVP_DigestFinal(md, (unsigned char *)digest, &size);
+ EVP_MD_CTX_free(md);
memset(md5str, 0, sizeof(md5str));
for (i=0; i < size; i++) {
@@ -1184,7 +1187,7 @@ static void sslexit(char *msg) {
static void securevnc_setup(int conn1, int conn2) {
RSA *rsa = NULL;
- EVP_CIPHER_CTX init_ctx;
+ EVP_CIPHER_CTX *init_ctx;
unsigned char keystr[EVP_MAX_KEY_LENGTH];
unsigned char *rsabuf, *rsasav;
unsigned char *encrypted_keybuf;
@@ -1203,6 +1206,11 @@ static void securevnc_setup(int conn1, int conn2) {
ERR_load_crypto_strings();
+ if ((init_ctx = EVP_CIPHER_CTX_new()) == NULL) {
+ fprintf(stderr, "securevnc_setup: EVP_CIPHER_CTX_new failed.\n");
+ exit(1);
+ }
+
/* alloc and read from server the 270 comprising the rsa public key: */
rsabuf = (unsigned char *) calloc(SECUREVNC_RSA_PUBKEY_SIZE, 1);
rsasav = (unsigned char *) calloc(SECUREVNC_RSA_PUBKEY_SIZE, 1);
@@ -1323,8 +1331,7 @@ static void securevnc_setup(int conn1, int conn2) {
/*
* Back to the work involving the tmp obscuring key:
*/
- EVP_CIPHER_CTX_init(&init_ctx);
- rc = EVP_CipherInit_ex(&init_ctx, EVP_rc4(), NULL, initkey, NULL, 1);
+ rc = EVP_CipherInit_ex(init_ctx, EVP_rc4(), NULL, initkey, NULL, 1);
if (rc == 0) {
sslexit("securevnc_setup: EVP_CipherInit_ex(init_ctx) failed");
}
@@ -1340,13 +1347,13 @@ static void securevnc_setup(int conn1, int conn2) {
/* decode with the tmp key */
if (n > 0) {
memset(to_viewer, 0, sizeof(to_viewer));
- if (EVP_CipherUpdate(&init_ctx, to_viewer, &len, buf, n) == 0) {
+ if (EVP_CipherUpdate(init_ctx, to_viewer, &len, buf, n) == 0) {
sslexit("securevnc_setup: EVP_CipherUpdate(init_ctx) failed");
exit(1);
}
to_viewer_len = len;
}
- EVP_CIPHER_CTX_cleanup(&init_ctx);
+ EVP_CIPHER_CTX_free(init_ctx);
free(initkey);
/* print what we would send to the viewer (sent below): */
@@ -1407,7 +1414,7 @@ static void securevnc_setup(int conn1, int conn2) {
if (client_auth_req && client_auth) {
RSA *client_rsa = load_client_auth(client_auth);
- EVP_MD_CTX dctx;
+ EVP_MD_CTX *dctx;
unsigned char digest[EVP_MAX_MD_SIZE], *signature;
unsigned int ndig = 0, nsig = 0;
@@ -1421,8 +1428,13 @@ static void securevnc_setup(int conn1, int conn2) {
exit(1);
}
- EVP_DigestInit(&dctx, EVP_sha1());
- EVP_DigestUpdate(&dctx, keystr, SECUREVNC_KEY_SIZE);
+ if ((dctx = EVP_MD_CTX_new()) == NULL) {
+ fprintf(stderr, "securevnc_setup: EVP_MD_CTX_new failed.\n");
+ exit(1);
+ }
+
+ EVP_DigestInit(dctx, EVP_sha1());
+ EVP_DigestUpdate(dctx, keystr, SECUREVNC_KEY_SIZE);
/*
* Without something like the following MITM is still possible.
* This is because the MITM knows keystr and can use it with
@@ -1433,7 +1445,7 @@ static void securevnc_setup(int conn1, int conn2) {
* he doesn't have Viewer_ClientAuth.pkey.
*/
if (0) {
- EVP_DigestUpdate(&dctx, rsasav, SECUREVNC_RSA_PUBKEY_SIZE);
+ EVP_DigestUpdate(dctx, rsasav, SECUREVNC_RSA_PUBKEY_SIZE);
if (!keystore_verified) {
fprintf(stderr, "securevnc_setup:\n");
fprintf(stderr, "securevnc_setup: Warning: even *WITH* Client Authentication in SecureVNC,\n");
@@ -1456,7 +1468,7 @@ static void securevnc_setup(int conn1, int conn2) {
fprintf(stderr, "securevnc_setup:\n");
}
}
- EVP_DigestFinal(&dctx, (unsigned char *)digest, &ndig);
+ EVP_DigestFinal(dctx, (unsigned char *)digest, &ndig);
signature = (unsigned char *) calloc(RSA_size(client_rsa), 1);
RSA_sign(NID_sha1, digest, ndig, signature, &nsig, client_rsa);
@@ -1466,6 +1478,7 @@ static void securevnc_setup(int conn1, int conn2) {
free(signature);
RSA_free(client_rsa);
+ EVP_MD_CTX_free(dctx);
}
fprintf(stderr, "securevnc_setup: done.\n");

2
net/ssvnc/pkg/DESCR-gui
View File

@ -1,2 +0,0 @@
SSVNC provides wrappers and a Tcl/Tk GUI to simplify creating
encrypted VNC connections via SSH and SSL.

6
net/ssvnc/pkg/DESCR-main
View File

@ -1,6 +0,0 @@
The Enhanced VNC viewer provides for remote access to VNC displays
using the standard protocol and various extensions including those used
by TightVNC, UltraVNC, RealVNC and x11vnc providing for features such
as dynamic screen resizing, server-side scaling, blocking input devices
on the server, and low colour modes. Many of these can now be set from
the popup menu.

22
net/ssvnc/pkg/PLIST-gui
View File

@ -1,22 +0,0 @@
@comment $OpenBSD: PLIST-gui,v 1.8 2018/06/27 21:04:00 espie Exp $
bin/sshvnc
bin/ssvnc
bin/tsvnc
lib/ssvnc/
lib/ssvnc/lim_accept.so
lib/ssvnc/sshvnc
lib/ssvnc/ssvnc
@comment lib/ssvnc/ssvnc.beforesubst
@comment lib/ssvnc/ssvnc.orig
lib/ssvnc/ssvnc_cmd
lib/ssvnc/tsvnc
@bin lib/ssvnc/ultravnc_dsm_helper
lib/ssvnc/unwrap.so
lib/ssvnc/util/
lib/ssvnc/util/ss_vncviewer
lib/ssvnc/util/ssvnc.tcl
@comment lib/ssvnc/util/ssvnc.tcl.orig
lib/ssvnc/util/stunnel-server.conf
@man man/man1/ssvnc.1
share/applications/ssvnc.desktop
@tag update-desktop-database

8
net/ssvnc/pkg/PLIST-main
View File

@ -1,8 +0,0 @@
@comment $OpenBSD: PLIST-main,v 1.4 2013/04/20 16:26:25 sthen Exp $
@conflict tightvnc-viewer-*
@conflict ssvnc-<=ssvnc-1.0.29p0v0
@pkgpath net/tightvnc,-viewer
@bin bin/vncviewer
@bin bin/vncstorepw
@man man/man1/vncviewer.1
@comment share/applications/