Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 392270 Details for
Bug 532294
kde-misc/plasma-nm-0.9.3.5 with USE="openconnect" doesn't compile against net-misc/openconnect-7.01
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch proposal for openconnect support
plasma-mn-openconnect.patch (text/plain), 8.34 KB, created by
Evgeny Bobkin
on 2014-12-23 11:45:05 UTC
(
hide
)
Description:
patch proposal for openconnect support
Filename:
MIME Type:
Creator:
Evgeny Bobkin
Created:
2014-12-23 11:45:05 UTC
Size:
8.34 KB
patch
obsolete
>From: David Woodhouse <David.Woodhouse@intel.com> >Date: Wed, 03 Dec 2014 14:10:44 +0000 >Subject: Update OpenConnect support for library version 5 >X-Git-Url: http://quickgit.kde.org/?p=plasma-nm.git&a=commitdiff&h=3e6585fa4dd2fb3d9b59c7704bd3d7ae5b2c4167 >--- >Update OpenConnect support for library version 5 > >String ownership rules are now very simple: the library never takes ownership >of a string it's passed. It always takes its *own* copy and is responsible >for freeing that. Mostly driven by Windows DLL Hell where it's painful to >allocate in one library and free in another because they might actually be >using different heaps. > >Also adapt to the changes in server certificate hash handling. We are no >longer supposed to just compare strings, and must call the relevant function >to check a hash against the server's certificate. This gives better matching >and allows libopenconnect to upgrade the hash in future when it becomes >necessary. >--- > > >--- a/vpn/openconnect/CMakeLists.txt >+++ b/vpn/openconnect/CMakeLists.txt >@@ -15,6 +15,8 @@ > > if (${OPENCONNECT_VERSION} VERSION_GREATER ${MINIMUM_OPENCONNECT_VERSION_REQUIRED} OR > ${OPENCONNECT_VERSION} VERSION_EQUAL ${MINIMUM_OPENCONNECT_VERSION_REQUIRED}) >+ >+ include_directories(${OPENCONNECT_INCLUDE_DIRS}) > > set(openconnect_SRCS > openconnectui.cpp > >--- a/vpn/openconnect/openconnectauth.cpp >+++ b/vpn/openconnect/openconnectauth.cpp >@@ -161,7 +161,7 @@ > } > if (!dataMap[NM_OPENCONNECT_KEY_CACERT].isEmpty()) { > const QByteArray crt = QFile::encodeName(dataMap[NM_OPENCONNECT_KEY_CACERT]); >- openconnect_set_cafile(d->vpninfo, strdup(crt.data())); >+ openconnect_set_cafile(d->vpninfo, OC3DUP(crt.data())); > } > if (dataMap[NM_OPENCONNECT_KEY_CSD_ENABLE] == "yes") { > char *wrapper; >@@ -174,12 +174,12 @@ > } > if (!dataMap[NM_OPENCONNECT_KEY_PROXY].isEmpty()) { > const QByteArray proxy = QFile::encodeName(dataMap[NM_OPENCONNECT_KEY_PROXY]); >- openconnect_set_http_proxy(d->vpninfo, strdup(proxy.data())); >+ openconnect_set_http_proxy(d->vpninfo, OC3DUP(proxy.data())); > } > if (!dataMap[NM_OPENCONNECT_KEY_USERCERT].isEmpty()) { > const QByteArray crt = QFile::encodeName(dataMap[NM_OPENCONNECT_KEY_USERCERT]); > const QByteArray key = QFile::encodeName(dataMap[NM_OPENCONNECT_KEY_PRIVKEY]); >- openconnect_set_client_cert (d->vpninfo, strdup(crt.data()), strdup(key.data())); >+ openconnect_set_client_cert (d->vpninfo, OC3DUP(crt.data()), OC3DUP(key.data())); > > if (!crt.isEmpty() && dataMap[NM_OPENCONNECT_KEY_PEM_PASSPHRASE_FSID] == "yes") { > openconnect_passphrase_from_fsid(d->vpninfo); >@@ -276,10 +276,10 @@ > const VPNHost &host = d->hosts.at(i); > if (openconnect_parse_url(d->vpninfo, host.address.toAscii().data())) { > kWarning() << "Failed to parse server URL" << host.address; >- openconnect_set_hostname(d->vpninfo, strdup(host.address.toAscii().data())); >+ openconnect_set_hostname(d->vpninfo, OC3DUP(host.address.toAscii().data())); > } > if (!openconnect_get_urlpath(d->vpninfo) && !host.group.isEmpty()) >- openconnect_set_urlpath(d->vpninfo, strdup(host.group.toAscii().data())); >+ openconnect_set_urlpath(d->vpninfo, OC3DUP(host.group.toAscii().data())); > d->secrets["lasthost"] = host.name; > addFormInfo(QLatin1String("dialog-information"), i18n("Contacting host, please wait...")); > d->worker->start(); >@@ -301,9 +301,13 @@ > secrets.insert(QLatin1String(NM_OPENCONNECT_KEY_COOKIE), QLatin1String(openconnect_get_cookie(d->vpninfo))); > openconnect_clear_cookie(d->vpninfo); > >+#if OPENCONNECT_CHECK_VER(5,0) >+ const char *fingerprint = openconnect_get_peer_cert_hash(d->vpninfo); >+#else > OPENCONNECT_X509 *cert = openconnect_get_peer_cert(d->vpninfo); > char fingerprint[41]; > openconnect_get_cert_sha1(d->vpninfo, cert, fingerprint); >+#endif > secrets.insert(QLatin1String(NM_OPENCONNECT_KEY_GWCERT), QLatin1String(fingerprint)); > secrets.insert(QLatin1String("certsigs"), d->certificateFingerprints.join("\t")); > secrets.insert(QLatin1String("autoconnect"), d->ui.chkAutoconnect->isChecked() ? "yes" : "no"); >@@ -578,14 +582,14 @@ > if (opt->type == OC_FORM_OPT_PASSWORD || opt->type == OC_FORM_OPT_TEXT) { > KLineEdit *le = qobject_cast<KLineEdit*>(widget); > QByteArray text = le->text().toUtf8(); >- opt->value = strdup(text.data()); >+ openconnect_set_option_value(opt, text.data()); > if (opt->type == OC_FORM_OPT_TEXT) { > d->secrets.insert(key,le->text()); > } > } else if (opt->type == OC_FORM_OPT_SELECT) { > KComboBox *cbo = qobject_cast<KComboBox*>(widget); > QByteArray text = cbo->itemData(cbo->currentIndex()).toString().toAscii(); >- opt->value = strdup(text.data()); >+ openconnect_set_option_value(opt, text.data()); > d->secrets.insert(key,cbo->itemData(cbo->currentIndex()).toString()); > } > } > >--- a/vpn/openconnect/openconnectauthworkerthread.cpp >+++ b/vpn/openconnect/openconnectauthworkerthread.cpp >@@ -43,6 +43,20 @@ > class OpenconnectAuthStaticWrapper > { > public: >+#if OPENCONNECT_CHECK_VER(5,0) >+ static int writeNewConfig(void *obj, const char *str, int num) >+ { >+ if (obj) >+ return static_cast<OpenconnectAuthWorkerThread*>(obj)->writeNewConfig(str, num); >+ return -1; >+ } >+ static int validatePeerCert(void *obj, const char *str) >+ { >+ if (obj) >+ return static_cast<OpenconnectAuthWorkerThread*>(obj)->validatePeerCert(NULL, str); >+ return -1; >+ } >+#else > static int writeNewConfig(void *obj, char *str, int num) > { > if (obj) >@@ -55,7 +69,8 @@ > return static_cast<OpenconnectAuthWorkerThread*>(obj)->validatePeerCert(cert, str); > return -1; > } >- static int processAuthForm(void *obj, struct oc_auth_form *form) >+#endif >+ static int processAuthForm(void *obj, struct oc_auth_form *form) > { > if (obj) > return static_cast<OpenconnectAuthWorkerThread*>(obj)->processAuthFormP(form); >@@ -108,7 +123,7 @@ > return m_openconnectInfo; > } > >-int OpenconnectAuthWorkerThread::writeNewConfig(char *buf, int buflen) >+int OpenconnectAuthWorkerThread::writeNewConfig(const char *buf, int buflen) > { > Q_UNUSED(buflen) > if (*m_userDecidedToQuit) >@@ -139,10 +154,16 @@ > } > #endif > >-int OpenconnectAuthWorkerThread::validatePeerCert(OPENCONNECT_X509 *cert, const char *reason) >-{ >- if (*m_userDecidedToQuit) >- return -EINVAL; >+int OpenconnectAuthWorkerThread::validatePeerCert(void *cert, const char *reason) >+{ >+ if (*m_userDecidedToQuit) >+ return -EINVAL; >+ >+#if OPENCONNECT_CHECK_VER(5,0) >+ (void)cert; >+ const char *fingerprint = openconnect_get_peer_cert_hash(m_openconnectInfo); >+ char *details = openconnect_get_peer_cert_details(m_openconnectInfo); >+#else > char fingerprint[41]; > int ret = 0; > >@@ -151,7 +172,7 @@ > return ret; > > char *details = openconnect_get_cert_details(m_openconnectInfo, cert); >- >+#endif > bool accepted = false; > m_mutex->lock(); > QString qFingerprint(fingerprint); >@@ -160,7 +181,7 @@ > emit validatePeerCert(qFingerprint, qCertinfo, qReason, &accepted); > m_waitForUserInput->wait(m_mutex); > m_mutex->unlock(); >- ::free(details); >+ openconnect_free_cert_info(m_openconnectInfo, details); > if (*m_userDecidedToQuit) > return -EINVAL; > > >--- a/vpn/openconnect/openconnectauthworkerthread.h >+++ b/vpn/openconnect/openconnectauthworkerthread.h >@@ -59,6 +59,17 @@ > #define OC_FORM_RESULT_NEWGROUP 2 > #endif > >+#if OPENCONNECT_CHECK_VER(4,0) >+#define OC3DUP(x) (x) >+#else >+#define openconnect_set_option_value(opt, val) do { \ >+ struct oc_form_opt *_o = (opt); \ >+ free(_o->value); _o->value = strdup(val); \ >+ } while (0) >+#define openconnect_free_cert_info(v, x) ::free(x) >+#define OC3DUP(x) strdup(x) >+#endif >+ > #include <QThread> > > class QMutex; >@@ -85,8 +96,8 @@ > void run(); > > private: >- int writeNewConfig(char *, int); >- int validatePeerCert(OPENCONNECT_X509 *, const char *); >+ int writeNewConfig(const char *, int); >+ int validatePeerCert(void *, const char *); > int processAuthFormP(struct oc_auth_form *); > void writeProgress(int level, const char *, va_list); > >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=392270">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 532294
:
391450
| 392270
