rpms/qemu/F-11 qemu-fix-vnc-copyrect-screen-corruption.patch, NONE, 1.1 qemu-fix-vnc-disconnect-segfault.patch, NONE, 1.1 01-tls-handshake-fix.patch, 1.4, 1.5 02-vnc-monitor-info.patch, 1.4, 1.5 03-display-keymaps.patch, 1.4, 1.5 04-vnc-struct.patch, 1.4, 1.5 05-vnc-tls-vencrypt.patch, 1.4, 1.5 06-vnc-sasl.patch, 1.4, 1.5 07-vnc-monitor-authinfo.patch, 1.4, 1.5 qemu.spec, 1.102, 1.103
Mark McLoughlin
markmc at fedoraproject.org
Fri Sep 11 11:13:09 UTC 2009
- Previous message (by thread): rpms/lohit-telugu-fonts/devel import.log, NONE, 1.1 lohit-telugu-fonts.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message (by thread): rpms/qemu/F-11 qemu.spec,1.103,1.104
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: markmc
Update of /cvs/pkgs/rpms/qemu/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv14905
Modified Files:
01-tls-handshake-fix.patch 02-vnc-monitor-info.patch
03-display-keymaps.patch 04-vnc-struct.patch
05-vnc-tls-vencrypt.patch 06-vnc-sasl.patch
07-vnc-monitor-authinfo.patch qemu.spec
Added Files:
qemu-fix-vnc-copyrect-screen-corruption.patch
qemu-fix-vnc-disconnect-segfault.patch
Log Message:
* Fri Sep 11 2009 Mark McLoughlin <markmc at redhat.com> - 2:0.10.6-4
- Fix vnc segfault on disconnect (#501131)
- Fix vnc screen corruption with e.g. xterm (#503156)
- Rebase vnc sasl patches on top of these two vnc fixes
qemu-fix-vnc-copyrect-screen-corruption.patch:
vnc.c | 24 +++++++++++++++++++++++-
1 file changed, 23 insertions(+), 1 deletion(-)
--- NEW FILE qemu-fix-vnc-copyrect-screen-corruption.patch ---
>From 30157150182db6907cde111d8c3d76224b0841df Mon Sep 17 00:00:00 2001
From: Gerd Hoffmann <kraxel at redhat.com>
Date: Mon, 27 Jul 2009 17:10:48 +0200
Subject: [PATCH] BACKPORT: vnc: fix copyrect screen corruption
When sending a copyrect command to the vnc client, we must also update
the local server surface. Otherwise the server's and the client's idea
of the screen content run out of sync and screen updates don't work
correctly.
[ backport: uses ds_get_data() instead of direct dereference ]
(cherry picked from commit 74ccfe8b7e9c351b3196f68795126e76060903b3)
Signed-off-by: Anthony Liguori <aliguori at us.ibm.com>
Signed-off-by: Glauber Costa <glommer at redhat.com>
Signed-off-by: Mark McLoughlin <markmc at redhat.com>
Fedora-patch: qemu-fix-vnc-copyrect-screen-corruption.patch
---
vnc.c | 23 +++++++++++++++++++++++
1 files changed, 23 insertions(+), 0 deletions(-)
diff --git a/vnc.c b/vnc.c
index 1d8ebe7..c0700c0 100644
--- a/vnc.c
+++ b/vnc.c
@@ -633,8 +633,14 @@ static void send_framebuffer_update(VncState *vs, int x, int y, int w, int h)
static void vnc_copy(VncState *vs, int src_x, int src_y, int dst_x, int dst_y, int w, int h)
{
+
+ uint8_t *src_row;
+ uint8_t *dst_row;
+ int y,pitch,depth;
+
vnc_update_client(vs);
+ /* send bitblit op to the vnc client */
vnc_write_u8(vs, 0); /* msg id */
vnc_write_u8(vs, 0);
vnc_write_u16(vs, 1); /* number of rects */
@@ -642,6 +648,23 @@ static void vnc_copy(VncState *vs, int src_x, int src_y, int dst_x, int dst_y, i
vnc_write_u16(vs, src_x);
vnc_write_u16(vs, src_y);
vnc_flush(vs);
+
+ /* do bitblit op on the local surface too */
+ pitch = ds_get_linesize(vs->ds);
+ depth = ds_get_bytes_per_pixel(vs->ds);
+ src_row = ds_get_data(vs->ds) + pitch * src_y + depth * src_x;
+ dst_row = ds_get_data(vs->ds) + pitch * dst_y + depth * dst_x;
+ if (dst_y > src_y) {
+ /* copy backwards */
+ src_row += pitch * (h-1);
+ dst_row += pitch * (h-1);
+ pitch = -pitch;
+ }
+ for (y = 0; y < h; y++) {
+ memmove(dst_row, src_row, w * depth);
+ src_row += pitch;
+ dst_row += pitch;
+ }
}
static void vnc_dpy_copy(DisplayState *ds, int src_x, int src_y, int dst_x, int dst_y, int w, int h)
--
1.6.2.5
qemu-fix-vnc-disconnect-segfault.patch:
vnc.c | 111 ++++++++++++++++++++++++++++++++++++++++++------------------------
1 file changed, 71 insertions(+), 40 deletions(-)
--- NEW FILE qemu-fix-vnc-disconnect-segfault.patch ---
>From 977b3b69b2e06f0aab0c48ff08a236bff8763f2e Mon Sep 17 00:00:00 2001
From: Chris Webb <chris at arachsys.com>
Date: Wed, 26 Aug 2009 22:52:43 +0000
Subject: [PATCH] vnc: rework VncState release workflow
Split socket closing and releasing of VncState into two steps. First close
the socket and set the variable to -1 to indicate shutdown in progress. Do
the actual release in a few places where we can be sure it doesn't cause
trouble in form of use-after-free. Add some checks for a valid socket handle
to make sure we don't try to use the closed socket.
Signed-off-by: Gerd Hoffmann <kraxel at redhat.com>
Signed-off-by: Anthony Liguori <aliguori at us.ibm.com>
Backported to 0.10-stable, removing references to vs->force_update and
changing vnc_disconnect_finish() to match the code in the 0.10 version of
vnc_client_io_error() in place of the master branch version.
(cherry picked from commit c2723a9606dae5af5c614a55296ee37e2ed7801a)
Signed-off-by: Chris Webb <chris at arachsys.com>
Signed-off-by: Glauber Costa <glommer at redhat.com>
Signed-off-by: Mark McLoughlin <markmc at redhat.com>
Fedora-patch: qemu-fix-vnc-disconnect-segfault.patch
---
vnc.c | 110 ++++++++++++++++++++++++++++++++++++++++++-----------------------
1 files changed, 71 insertions(+), 39 deletions(-)
diff --git a/vnc.c b/vnc.c
index c0700c0..28e8362 100644
--- a/vnc.c
+++ b/vnc.c
@@ -200,6 +200,8 @@ static void vnc_write_u16(VncState *vs, uint16_t value);
static void vnc_write_u8(VncState *vs, uint8_t value);
static void vnc_flush(VncState *vs);
static void vnc_update_client(void *opaque);
+static void vnc_disconnect_start(VncState *vs);
+static void vnc_disconnect_finish(VncState *vs);
static void vnc_client_read(void *opaque);
static void vnc_colordepth(VncState *vs);
@@ -670,13 +672,21 @@ static void vnc_copy(VncState *vs, int src_x, int src_y, int dst_x, int dst_y, i
static void vnc_dpy_copy(DisplayState *ds, int src_x, int src_y, int dst_x, int dst_y, int w, int h)
{
VncDisplay *vd = ds->opaque;
- VncState *vs = vd->clients;
- while (vs != NULL) {
+ VncState *vs, *vn;
+
+ for (vs = vd->clients; vs != NULL; vs = vn) {
+ vn = vs->next;
+ if (vnc_has_feature(vs, VNC_FEATURE_COPYRECT)) {
+ vnc_update_client(vs);
+ /* vs might be free()ed here */
+ }
+ }
+
+ for (vs = vd->clients; vs != NULL; vs = vs->next) {
if (vnc_has_feature(vs, VNC_FEATURE_COPYRECT))
vnc_copy(vs, src_x, src_y, dst_x, dst_y, w, h);
else /* TODO */
vnc_update(vs, dst_x, dst_y, w, h);
- vs = vs->next;
}
}
@@ -786,6 +796,8 @@ static void vnc_update_client(void *opaque)
if (vs->csock != -1) {
qemu_mod_timer(vs->timer, qemu_get_clock(rt_clock) + VNC_REFRESH_INTERVAL);
+ } else {
+ vnc_disconnect_finish(vs);
}
}
@@ -855,6 +867,47 @@ static void audio_del(VncState *vs)
}
}
+static void vnc_disconnect_start(VncState *vs)
+{
+ if (vs->csock == -1)
+ return;
+ qemu_set_fd_handler2(vs->csock, NULL, NULL, NULL, NULL);
+ closesocket(vs->csock);
+ vs->csock = -1;
+}
+
+static void vnc_disconnect_finish(VncState *vs)
+{
+ qemu_del_timer(vs->timer);
+ qemu_free_timer(vs->timer);
+ if (vs->input.buffer) qemu_free(vs->input.buffer);
+ if (vs->output.buffer) qemu_free(vs->output.buffer);
+#ifdef CONFIG_VNC_TLS
+ if (vs->tls_session) {
+ gnutls_deinit(vs->tls_session);
+ vs->tls_session = NULL;
+ }
+#endif /* CONFIG_VNC_TLS */
+ audio_del(vs);
+
+ VncState *p, *parent = NULL;
+ for (p = vs->vd->clients; p != NULL; p = p->next) {
+ if (p == vs) {
+ if (parent)
+ parent->next = p->next;
+ else
+ vs->vd->clients = p->next;
+ break;
+ }
+ parent = p;
+ }
+ if (!vs->vd->clients)
+ dcl->idle = 1;
+
+ qemu_free(vs->old_data);
+ qemu_free(vs);
+}
+
static int vnc_client_io_error(VncState *vs, int ret, int last_errno)
{
if (ret == 0 || ret == -1) {
@@ -872,36 +925,7 @@ static int vnc_client_io_error(VncState *vs, int ret, int last_errno)
}
VNC_DEBUG("Closing down client sock %d %d\n", ret, ret < 0 ? last_errno : 0);
- qemu_set_fd_handler2(vs->csock, NULL, NULL, NULL, NULL);
- closesocket(vs->csock);
- qemu_del_timer(vs->timer);
- qemu_free_timer(vs->timer);
- if (vs->input.buffer) qemu_free(vs->input.buffer);
- if (vs->output.buffer) qemu_free(vs->output.buffer);
-#ifdef CONFIG_VNC_TLS
- if (vs->tls_session) {
- gnutls_deinit(vs->tls_session);
- vs->tls_session = NULL;
- }
-#endif /* CONFIG_VNC_TLS */
- audio_del(vs);
-
- VncState *p, *parent = NULL;
- for (p = vs->vd->clients; p != NULL; p = p->next) {
- if (p == vs) {
- if (parent)
- parent->next = p->next;
- else
- vs->vd->clients = p->next;
- break;
- }
- parent = p;
- }
- if (!vs->vd->clients)
- dcl->idle = 1;
-
- qemu_free(vs->old_data);
- qemu_free(vs);
+ vnc_disconnect_start(vs);
return 0;
}
@@ -910,7 +934,8 @@ static int vnc_client_io_error(VncState *vs, int ret, int last_errno)
static void vnc_client_error(VncState *vs)
{
- vnc_client_io_error(vs, -1, EINVAL);
+ VNC_DEBUG("Closing down client sock: protocol error\n");
+ vnc_disconnect_start(vs);
}
static void vnc_client_write(void *opaque)
@@ -970,8 +995,11 @@ static void vnc_client_read(void *opaque)
#endif /* CONFIG_VNC_TLS */
ret = recv(vs->csock, buffer_end(&vs->input), 4096, 0);
ret = vnc_client_io_error(vs, ret, socket_error());
- if (!ret)
+ if (!ret) {
+ if (vs->csock == -1)
+ vnc_disconnect_finish(vs);
return;
+ }
vs->input.offset += ret;
@@ -980,8 +1008,10 @@ static void vnc_client_read(void *opaque)
int ret;
ret = vs->read_handler(vs, vs->input.buffer, len);
- if (vs->csock == -1)
+ if (vs->csock == -1) {
+ vnc_disconnect_finish(vs);
return;
+ }
if (!ret) {
memmove(vs->input.buffer, vs->input.buffer + len, (vs->input.offset - len));
@@ -996,7 +1026,7 @@ static void vnc_write(VncState *vs, const void *data, size_t len)
{
buffer_reserve(&vs->output, len);
- if (buffer_empty(&vs->output)) {
+ if (vs->csock != -1 && buffer_empty(&vs->output)) {
qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, vnc_client_write, vs);
}
@@ -1037,7 +1067,7 @@ static void vnc_write_u8(VncState *vs, uint8_t value)
static void vnc_flush(VncState *vs)
{
- if (vs->output.offset)
+ if (vs->csock != -1 && vs->output.offset)
vnc_client_write(vs);
}
@@ -2305,11 +2335,13 @@ static void vnc_connect(VncDisplay *vd, int csock)
vnc_read_when(vs, protocol_version, 12);
memset(vs->old_data, 0, ds_get_linesize(vs->ds) * ds_get_height(vs->ds));
memset(vs->dirty_row, 0xFF, sizeof(vs->dirty_row));
- vnc_update_client(vs);
reset_keys(vs);
vs->next = vd->clients;
vd->clients = vs;
+
+ vnc_update_client(vs);
+ /* vs might be free()ed here */
}
static void vnc_listen_read(void *opaque)
--
1.6.2.5
01-tls-handshake-fix.patch:
vnc.c | 9 ---------
1 file changed, 9 deletions(-)
Index: 01-tls-handshake-fix.patch
===================================================================
RCS file: /cvs/pkgs/rpms/qemu/F-11/01-tls-handshake-fix.patch,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -p -r1.4 -r1.5
--- 01-tls-handshake-fix.patch 4 Aug 2009 15:35:42 -0000 1.4
+++ 01-tls-handshake-fix.patch 11 Sep 2009 11:13:08 -0000 1.5
@@ -1,4 +1,4 @@
-From 6b55d3e74400c9f7e71739abd0dac362a5db1dc6 Mon Sep 17 00:00:00 2001
+From 9883355cd27949061b396a42bb724853b75ce7f9 Mon Sep 17 00:00:00 2001
From: aliguori <aliguori at c046a42c-6fe2-441c-8c8c-71466251a162>
Date: Fri, 6 Mar 2009 20:27:02 +0000
Subject: [PATCH] Fix bug in TLS authentication ("Daniel P. Berrange")
@@ -32,10 +32,10 @@ Fedora-patch: 01-tls-handshake-fix.patch
1 files changed, 0 insertions(+), 8 deletions(-)
diff --git a/vnc.c b/vnc.c
-index 1d8ebe7..d6a7225 100644
+index 28e8362..9fa0f82 100644
--- a/vnc.c
+++ b/vnc.c
-@@ -2105,14 +2105,6 @@ static int protocol_client_vencrypt_auth(VncState *vs, uint8_t *data, size_t len
+@@ -2158,14 +2158,6 @@ static int protocol_client_vencrypt_auth(VncState *vs, uint8_t *data, size_t len
VNC_DEBUG("Failed to complete TLS\n");
return 0;
}
02-vnc-monitor-info.patch:
vnc.c | 140 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++------
1 file changed, 128 insertions(+), 12 deletions(-)
Index: 02-vnc-monitor-info.patch
===================================================================
RCS file: /cvs/pkgs/rpms/qemu/F-11/02-vnc-monitor-info.patch,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -p -r1.4 -r1.5
--- 02-vnc-monitor-info.patch 4 Aug 2009 15:35:42 -0000 1.4
+++ 02-vnc-monitor-info.patch 11 Sep 2009 11:13:08 -0000 1.5
@@ -1,4 +1,4 @@
-From b4b2ff2fbd7e6458fbfa8f2e6af7d1b668a06a1a Mon Sep 17 00:00:00 2001
+From 37beb4aa5dd10764a492d76822f2d7ec04b33fd0 Mon Sep 17 00:00:00 2001
From: aliguori <aliguori at c046a42c-6fe2-441c-8c8c-71466251a162>
Date: Fri, 6 Mar 2009 20:27:05 +0000
Subject: [PATCH] Enhance 'info vnc' monitor output ("Daniel P. Berrange")
@@ -48,7 +48,7 @@ Fedora-patch: 02-vnc-monitor-info.patch
1 files changed, 128 insertions(+), 11 deletions(-)
diff --git a/vnc.c b/vnc.c
-index d6a7225..d7d9b91 100644
+index 9fa0f82..7853635 100644
--- a/vnc.c
+++ b/vnc.c
@@ -166,19 +166,136 @@ struct VncState
03-display-keymaps.patch:
Makefile | 9 +++++---
curses.c | 3 --
curses_keys.h | 9 +++-----
keymaps.c | 45 ++++++++++++++++---------------------------
keymaps.h | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
sdl.c | 3 --
sdl_keysym.h | 7 ++----
vnc.c | 5 +---
vnc_keysym.h | 8 ++-----
9 files changed, 97 insertions(+), 52 deletions(-)
Index: 03-display-keymaps.patch
===================================================================
RCS file: /cvs/pkgs/rpms/qemu/F-11/03-display-keymaps.patch,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -p -r1.4 -r1.5
--- 03-display-keymaps.patch 4 Aug 2009 15:35:42 -0000 1.4
+++ 03-display-keymaps.patch 11 Sep 2009 11:13:08 -0000 1.5
@@ -1,4 +1,4 @@
-From 202790c357fcff7f1222f4e7777e0cf561b516d5 Mon Sep 17 00:00:00 2001
+From 15a868dc4e7a982f9d684a0231938602757c0c25 Mon Sep 17 00:00:00 2001
From: aliguori <aliguori at c046a42c-6fe2-441c-8c8c-71466251a162>
Date: Fri, 6 Mar 2009 20:27:10 +0000
Subject: [PATCH] Refactor keymap code to avoid duplication ("Daniel P. Berrange")
@@ -323,7 +323,7 @@ index c9087d7..c213ef8 100644
/* ascii */
{ "space", 0x020},
diff --git a/vnc.c b/vnc.c
-index d7d9b91..969d5b0 100644
+index 7853635..239a9ce 100644
--- a/vnc.c
+++ b/vnc.c
@@ -35,7 +35,6 @@
@@ -334,7 +334,7 @@ index d7d9b91..969d5b0 100644
#include "d3des.h"
#ifdef CONFIG_VNC_TLS
-@@ -2428,9 +2427,9 @@ void vnc_display_init(DisplayState *ds)
+@@ -2483,9 +2482,9 @@ void vnc_display_init(DisplayState *ds)
vs->ds = ds;
if (keyboard_layout)
04-vnc-struct.patch:
vnc.c | 109 -----------------------------------------------
vnc.h | 150 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--
2 files changed, 148 insertions(+), 111 deletions(-)
Index: 04-vnc-struct.patch
===================================================================
RCS file: /cvs/pkgs/rpms/qemu/F-11/04-vnc-struct.patch,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -p -r1.4 -r1.5
--- 04-vnc-struct.patch 4 Aug 2009 15:35:42 -0000 1.4
+++ 04-vnc-struct.patch 11 Sep 2009 11:13:08 -0000 1.5
@@ -1,4 +1,4 @@
-From 35b87b5d1543c563c09361086519ebdc960d4934 Mon Sep 17 00:00:00 2001
+From f710ba3ae8fdfa1206d22a3d77884487f9e52477 Mon Sep 17 00:00:00 2001
From: aliguori <aliguori at c046a42c-6fe2-441c-8c8c-71466251a162>
Date: Fri, 6 Mar 2009 20:27:13 +0000
Subject: [PATCH] Move VNC structs into header file ("Daniel P. Berrange")
@@ -19,7 +19,7 @@ Fedora-patch: 04-vnc-struct.patch
2 files changed, 148 insertions(+), 110 deletions(-)
diff --git a/vnc.c b/vnc.c
-index 969d5b0..7fb31b6 100644
+index 239a9ce..4d793ab 100644
--- a/vnc.c
+++ b/vnc.c
@@ -3,6 +3,7 @@
05-vnc-tls-vencrypt.patch:
Makefile | 11
vnc-auth-vencrypt.c | 167 ++++++++++++++
vnc-auth-vencrypt.h | 33 ++
vnc-tls.c | 414 +++++++++++++++++++++++++++++++++++++
vnc-tls.h | 70 ++++++
vnc.c | 581 +++-------------------------------------------------
vnc.h | 77 ++++--
7 files changed, 780 insertions(+), 573 deletions(-)
Index: 05-vnc-tls-vencrypt.patch
===================================================================
RCS file: /cvs/pkgs/rpms/qemu/F-11/05-vnc-tls-vencrypt.patch,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -p -r1.4 -r1.5
--- 05-vnc-tls-vencrypt.patch 4 Aug 2009 15:35:42 -0000 1.4
+++ 05-vnc-tls-vencrypt.patch 11 Sep 2009 11:13:08 -0000 1.5
@@ -1,4 +1,4 @@
-From af17025ce83b924f666617294606ec5ad1a9e833 Mon Sep 17 00:00:00 2001
+From a2f48883d67b606218c98dc4996cbb41d3dc0990 Mon Sep 17 00:00:00 2001
From: aliguori <aliguori at c046a42c-6fe2-441c-8c8c-71466251a162>
Date: Fri, 6 Mar 2009 20:27:23 +0000
Subject: [PATCH] Move TLS auth into separate file ("Daniel P. Berrange")
@@ -789,7 +789,7 @@ index 0000000..cda95b9
+#endif /* __QEMU_VNC_TLS_H__ */
+
diff --git a/vnc.c b/vnc.c
-index 7fb31b6..f980d68 100644
+index 4d793ab..4da5fbb 100644
--- a/vnc.c
+++ b/vnc.c
@@ -34,21 +34,6 @@
@@ -814,7 +814,7 @@ index 7fb31b6..f980d68 100644
#define count_bits(c, v) { \
for (c = 0; v; v >>= 1) \
{ \
-@@ -204,14 +189,7 @@ static inline uint32_t vnc_has_feature(VncState *vs, int feature) {
+@@ -204,16 +189,9 @@ static inline uint32_t vnc_has_feature(VncState *vs, int feature) {
3) resolutions > 1024
*/
@@ -825,23 +825,25 @@ index 7fb31b6..f980d68 100644
-static void vnc_write_u8(VncState *vs, uint8_t value);
-static void vnc_flush(VncState *vs);
static void vnc_update_client(void *opaque);
+ static void vnc_disconnect_start(VncState *vs);
+ static void vnc_disconnect_finish(VncState *vs);
-static void vnc_client_read(void *opaque);
static void vnc_colordepth(VncState *vs);
-@@ -867,10 +845,7 @@ static int vnc_client_io_error(VncState *vs, int ret, int last_errno)
- if (vs->input.buffer) qemu_free(vs->input.buffer);
- if (vs->output.buffer) qemu_free(vs->output.buffer);
+@@ -894,10 +872,7 @@ static void vnc_disconnect_finish(VncState *vs)
+ if (vs->input.buffer) qemu_free(vs->input.buffer);
+ if (vs->output.buffer) qemu_free(vs->output.buffer);
#ifdef CONFIG_VNC_TLS
-- if (vs->tls_session) {
-- gnutls_deinit(vs->tls_session);
-- vs->tls_session = NULL;
-- }
-+ vnc_tls_client_cleanup(vs);
+- if (vs->tls_session) {
+- gnutls_deinit(vs->tls_session);
+- vs->tls_session = NULL;
+- }
++ vnc_tls_client_cleanup(vs);
#endif /* CONFIG_VNC_TLS */
- audio_del(vs);
+ audio_del(vs);
-@@ -896,19 +871,20 @@ static int vnc_client_io_error(VncState *vs, int ret, int last_errno)
+@@ -943,20 +918,21 @@ static int vnc_client_io_error(VncState *vs, int ret, int last_errno)
return ret;
}
@@ -849,7 +851,8 @@ index 7fb31b6..f980d68 100644
+
+void vnc_client_error(VncState *vs)
{
- vnc_client_io_error(vs, -1, EINVAL);
+ VNC_DEBUG("Closing down client sock: protocol error\n");
+ vnc_disconnect_start(vs);
}
-static void vnc_client_write(void *opaque)
@@ -866,7 +869,7 @@ index 7fb31b6..f980d68 100644
if (ret < 0) {
if (ret == GNUTLS_E_AGAIN)
errno = EAGAIN;
-@@ -931,13 +907,13 @@ static void vnc_client_write(void *opaque)
+@@ -979,13 +955,13 @@ static void vnc_client_write(void *opaque)
}
}
@@ -882,7 +885,7 @@ index 7fb31b6..f980d68 100644
{
VncState *vs = opaque;
long ret;
-@@ -945,8 +921,8 @@ static void vnc_client_read(void *opaque)
+@@ -993,8 +969,8 @@ static void vnc_client_read(void *opaque)
buffer_reserve(&vs->input, 4096);
#ifdef CONFIG_VNC_TLS
@@ -893,7 +896,7 @@ index 7fb31b6..f980d68 100644
if (ret < 0) {
if (ret == GNUTLS_E_AGAIN)
errno = EAGAIN;
-@@ -980,7 +956,7 @@ static void vnc_client_read(void *opaque)
+@@ -1033,7 +1009,7 @@ static void vnc_client_read(void *opaque)
}
}
@@ -902,7 +905,7 @@ index 7fb31b6..f980d68 100644
{
buffer_reserve(&vs->output, len);
-@@ -991,12 +967,12 @@ static void vnc_write(VncState *vs, const void *data, size_t len)
+@@ -1044,12 +1020,12 @@ static void vnc_write(VncState *vs, const void *data, size_t len)
buffer_append(&vs->output, data, len);
}
@@ -917,7 +920,7 @@ index 7fb31b6..f980d68 100644
{
uint8_t buf[4];
-@@ -1008,7 +984,7 @@ static void vnc_write_u32(VncState *vs, uint32_t value)
+@@ -1061,7 +1037,7 @@ static void vnc_write_u32(VncState *vs, uint32_t value)
vnc_write(vs, buf, 4);
}
@@ -926,7 +929,7 @@ index 7fb31b6..f980d68 100644
{
uint8_t buf[2];
-@@ -1018,74 +994,39 @@ static void vnc_write_u16(VncState *vs, uint16_t value)
+@@ -1071,74 +1047,39 @@ static void vnc_write_u16(VncState *vs, uint16_t value)
vnc_write(vs, buf, 2);
}
@@ -939,7 +942,7 @@ index 7fb31b6..f980d68 100644
-static void vnc_flush(VncState *vs)
+void vnc_flush(VncState *vs)
{
- if (vs->output.offset)
+ if (vs->csock != -1 && vs->output.offset)
vnc_client_write(vs);
}
@@ -1007,7 +1010,7 @@ index 7fb31b6..f980d68 100644
static void client_cut_text(VncState *vs, size_t len, uint8_t *text)
{
}
-@@ -1677,6 +1618,11 @@ static int protocol_client_init(VncState *vs, uint8_t *data, size_t len)
+@@ -1730,6 +1671,11 @@ static int protocol_client_init(VncState *vs, uint8_t *data, size_t len)
return 0;
}
@@ -1019,7 +1022,7 @@ index 7fb31b6..f980d68 100644
static void make_challenge(VncState *vs)
{
int i;
-@@ -1732,12 +1678,12 @@ static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len)
+@@ -1785,12 +1731,12 @@ static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len)
vnc_write_u32(vs, 0); /* Accept auth */
vnc_flush(vs);
@@ -1034,7 +1037,7 @@ index 7fb31b6..f980d68 100644
{
make_challenge(vs);
/* Send client a 'random' challenge */
-@@ -1745,410 +1691,8 @@ static int start_auth_vnc(VncState *vs)
+@@ -1798,410 +1744,8 @@ static int start_auth_vnc(VncState *vs)
vnc_flush(vs);
vnc_read_when(vs, protocol_client_auth_vnc, sizeof(vs->challenge));
@@ -1445,7 +1448,7 @@ index 7fb31b6..f980d68 100644
static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len)
{
-@@ -2172,17 +1716,19 @@ static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len)
+@@ -2225,17 +1769,19 @@ static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len)
vnc_write_u32(vs, 0); /* Accept auth completion */
vnc_flush(vs);
}
@@ -1468,7 +1471,7 @@ index 7fb31b6..f980d68 100644
#endif /* CONFIG_VNC_TLS */
default: /* Should not be possible, but just in case */
-@@ -2235,7 +1781,7 @@ static int protocol_version(VncState *vs, uint8_t *version, size_t len)
+@@ -2288,7 +1834,7 @@ static int protocol_version(VncState *vs, uint8_t *version, size_t len)
VNC_DEBUG("Tell client auth none\n");
vnc_write_u32(vs, vs->vd->auth);
vnc_flush(vs);
@@ -1477,7 +1480,7 @@ index 7fb31b6..f980d68 100644
} else if (vs->vd->auth == VNC_AUTH_VNC) {
VNC_DEBUG("Tell client VNC auth\n");
vnc_write_u32(vs, vs->vd->auth);
-@@ -2336,61 +1882,6 @@ void vnc_display_init(DisplayState *ds)
+@@ -2391,61 +1937,6 @@ void vnc_display_init(DisplayState *ds)
register_displaychangelistener(ds, dcl);
}
@@ -1539,7 +1542,7 @@ index 7fb31b6..f980d68 100644
void vnc_display_close(DisplayState *ds)
{
-@@ -2410,7 +1901,7 @@ void vnc_display_close(DisplayState *ds)
+@@ -2465,7 +1956,7 @@ void vnc_display_close(DisplayState *ds)
vs->auth = VNC_AUTH_INVALID;
#ifdef CONFIG_VNC_TLS
vs->subauth = VNC_AUTH_INVALID;
@@ -1548,7 +1551,7 @@ index 7fb31b6..f980d68 100644
#endif
}
-@@ -2466,7 +1957,7 @@ int vnc_display_open(DisplayState *ds, const char *display)
+@@ -2521,7 +2012,7 @@ int vnc_display_open(DisplayState *ds, const char *display)
char *start, *end;
x509 = 1; /* Require x509 certificates */
if (strncmp(options, "x509verify", 10) == 0)
@@ -1557,7 +1560,7 @@ index 7fb31b6..f980d68 100644
/* Now check for 'x509=/some/path' postfix
* and use that to setup x509 certificate/key paths */
-@@ -2477,7 +1968,7 @@ int vnc_display_open(DisplayState *ds, const char *display)
+@@ -2532,7 +2023,7 @@ int vnc_display_open(DisplayState *ds, const char *display)
char *path = qemu_strndup(start + 1, len);
VNC_DEBUG("Trying certificate path '%s'\n", path);
06-vnc-sasl.patch:
Makefile | 7
Makefile.target | 5
configure | 34 ++
qemu-doc.texi | 97 ++++++++
qemu.sasl | 34 ++
vnc-auth-sasl.c | 626 ++++++++++++++++++++++++++++++++++++++++++++++++++++
vnc-auth-sasl.h | 67 +++++
vnc-auth-vencrypt.c | 12
vnc.c | 248 ++++++++++++++++++--
vnc.h | 32 ++
10 files changed, 1128 insertions(+), 34 deletions(-)
Index: 06-vnc-sasl.patch
===================================================================
RCS file: /cvs/pkgs/rpms/qemu/F-11/06-vnc-sasl.patch,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -p -r1.4 -r1.5
--- 06-vnc-sasl.patch 4 Aug 2009 15:35:42 -0000 1.4
+++ 06-vnc-sasl.patch 11 Sep 2009 11:13:08 -0000 1.5
@@ -1,4 +1,4 @@
-From 1b4f956f40315ecc756e34cdeb923424c7095684 Mon Sep 17 00:00:00 2001
+From 655a2c8e445a6992bf483de3ba326306b8bf951f Mon Sep 17 00:00:00 2001
From: aliguori <aliguori at c046a42c-6fe2-441c-8c8c-71466251a162>
Date: Fri, 6 Mar 2009 20:27:28 +0000
Subject: [PATCH] Add SASL authentication support ("Daniel P. Berrange")
@@ -79,9 +79,9 @@ Fedora-patch: 06-vnc-sasl.patch
vnc-auth-sasl.c | 626 +++++++++++++++++++++++++++++++++++++++++++++++++++
vnc-auth-sasl.h | 67 ++++++
vnc-auth-vencrypt.c | 12 +-
- vnc.c | 249 ++++++++++++++++++---
+ vnc.c | 248 ++++++++++++++++++---
vnc.h | 31 +++-
- 10 files changed, 1129 insertions(+), 33 deletions(-)
+ 10 files changed, 1128 insertions(+), 33 deletions(-)
create mode 100644 qemu.sasl
create mode 100644 vnc-auth-sasl.c
create mode 100644 vnc-auth-sasl.h
@@ -1121,7 +1121,7 @@ index 1f113a7..9ed642c 100644
static int protocol_client_vencrypt_auth(VncState *vs, uint8_t *data, size_t len)
diff --git a/vnc.c b/vnc.c
-index f980d68..3c315d6 100644
+index 4da5fbb..0b62000 100644
--- a/vnc.c
+++ b/vnc.c
@@ -68,7 +68,8 @@ static char *addr_to_string(const char *format,
@@ -1163,7 +1163,7 @@ index f980d68..3c315d6 100644
}
return "unknown";
}
-@@ -278,7 +286,7 @@ static void vnc_framebuffer_update(VncState *vs, int x, int y, int w, int h,
+@@ -280,7 +288,7 @@ static void vnc_framebuffer_update(VncState *vs, int x, int y, int w, int h,
vnc_write_s32(vs, encoding);
}
@@ -1172,7 +1172,7 @@ index f980d68..3c315d6 100644
{
if ((buffer->capacity - buffer->offset) < len) {
buffer->capacity += (len + 1024);
-@@ -290,22 +298,22 @@ static void buffer_reserve(Buffer *buffer, size_t len)
+@@ -292,22 +300,22 @@ static void buffer_reserve(Buffer *buffer, size_t len)
}
}
@@ -1199,28 +1199,27 @@ index f980d68..3c315d6 100644
{
memcpy(buffer->buffer + buffer->offset, data, len);
buffer->offset += len;
-@@ -821,7 +829,8 @@ static void audio_del(VncState *vs)
- }
+@@ -874,6 +882,9 @@ static void vnc_disconnect_finish(VncState *vs)
+ #ifdef CONFIG_VNC_TLS
+ vnc_tls_client_cleanup(vs);
+ #endif /* CONFIG_VNC_TLS */
++#ifdef CONFIG_VNC_SASL
++ vnc_sasl_client_cleanup(vs);
++#endif /* CONFIG_VNC_SASL */
+ audio_del(vs);
+
+ VncState *p, *parent = NULL;
+@@ -894,7 +905,7 @@ static void vnc_disconnect_finish(VncState *vs)
+ qemu_free(vs);
}
-static int vnc_client_io_error(VncState *vs, int ret, int last_errno)
-+
+int vnc_client_io_error(VncState *vs, int ret, int last_errno)
{
if (ret == 0 || ret == -1) {
if (ret == -1) {
-@@ -847,6 +856,9 @@ static int vnc_client_io_error(VncState *vs, int ret, int last_errno)
- #ifdef CONFIG_VNC_TLS
- vnc_tls_client_cleanup(vs);
- #endif /* CONFIG_VNC_TLS */
-+#ifdef CONFIG_VNC_SASL
-+ vnc_sasl_client_cleanup(vs);
-+#endif /* CONFIG_VNC_SASL */
- audio_del(vs);
-
- VncState *p, *parent = NULL;
-@@ -877,14 +889,28 @@ void vnc_client_error(VncState *vs)
- vnc_client_io_error(vs, -1, EINVAL);
+@@ -925,14 +936,28 @@ void vnc_client_error(VncState *vs)
+ vnc_disconnect_start(vs);
}
-void vnc_client_write(void *opaque)
@@ -1252,7 +1251,7 @@ index f980d68..3c315d6 100644
if (ret < 0) {
if (ret == GNUTLS_E_AGAIN)
errno = EAGAIN;
-@@ -894,10 +920,42 @@ void vnc_client_write(void *opaque)
+@@ -942,10 +967,42 @@ void vnc_client_write(void *opaque)
}
} else
#endif /* CONFIG_VNC_TLS */
@@ -1298,7 +1297,7 @@ index f980d68..3c315d6 100644
memmove(vs->output.buffer, vs->output.buffer + ret, (vs->output.offset - ret));
vs->output.offset -= ret;
-@@ -905,6 +963,29 @@ void vnc_client_write(void *opaque)
+@@ -953,6 +1010,29 @@ void vnc_client_write(void *opaque)
if (vs->output.offset == 0) {
qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, NULL, vs);
}
@@ -1328,7 +1327,7 @@ index f980d68..3c315d6 100644
}
void vnc_read_when(VncState *vs, VncReadEvent *func, size_t expecting)
-@@ -913,16 +994,28 @@ void vnc_read_when(VncState *vs, VncReadEvent *func, size_t expecting)
+@@ -961,16 +1041,28 @@ void vnc_read_when(VncState *vs, VncReadEvent *func, size_t expecting)
vs->read_handler_expect = expecting;
}
@@ -1363,19 +1362,17 @@ index f980d68..3c315d6 100644
if (ret < 0) {
if (ret == GNUTLS_E_AGAIN)
errno = EAGAIN;
-@@ -932,12 +1025,52 @@ void vnc_client_read(void *opaque)
+@@ -980,16 +1072,56 @@ void vnc_client_read(void *opaque)
}
} else
#endif /* CONFIG_VNC_TLS */
- ret = recv(vs->csock, buffer_end(&vs->input), 4096, 0);
- ret = vnc_client_io_error(vs, ret, socket_error());
-- if (!ret)
-- return;
+ ret = recv(vs->csock, data, datalen, 0);
+ VNC_DEBUG("Read wire %p %d -> %ld\n", data, datalen, ret);
+ return vnc_client_io_error(vs, ret, socket_error());
+}
-
++
+
+/*
+ * Called to read data from the client socket to the input buffer,
@@ -1394,7 +1391,7 @@ index f980d68..3c315d6 100644
+ ret = vnc_client_read_buf(vs, buffer_end(&vs->input), 4096);
+ if (!ret)
+ return 0;
- vs->input.offset += ret;
++ vs->input.offset += ret;
+ return ret;
+}
+
@@ -1415,12 +1412,18 @@ index f980d68..3c315d6 100644
+ else
+#endif /* CONFIG_VNC_SASL */
+ ret = vnc_client_read_plain(vs);
-+ if (!ret)
-+ return;
+ if (!ret) {
+ if (vs->csock == -1)
+ vnc_disconnect_finish(vs);
+ return;
+ }
+- vs->input.offset += ret;
+-
while (vs->read_handler && vs->input.offset >= vs->read_handler_expect) {
size_t len = vs->read_handler_expect;
-@@ -1731,6 +1864,13 @@ static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len)
+ int ret;
+@@ -1784,6 +1916,13 @@ static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len)
break;
#endif /* CONFIG_VNC_TLS */
@@ -1434,7 +1437,7 @@ index f980d68..3c315d6 100644
default: /* Should not be possible, but just in case */
VNC_DEBUG("Reject auth %d\n", vs->vd->auth);
vnc_write_u8(vs, 1);
-@@ -1931,6 +2071,10 @@ int vnc_display_open(DisplayState *ds, const char *display)
+@@ -1986,6 +2125,10 @@ int vnc_display_open(DisplayState *ds, const char *display)
#ifdef CONFIG_VNC_TLS
int tls = 0, x509 = 0;
#endif
@@ -1445,7 +1448,7 @@ index f980d68..3c315d6 100644
if (!vnc_display)
return -1;
-@@ -1950,6 +2094,10 @@ int vnc_display_open(DisplayState *ds, const char *display)
+@@ -2005,6 +2148,10 @@ int vnc_display_open(DisplayState *ds, const char *display)
reverse = 1;
} else if (strncmp(options, "to=", 3) == 0) {
to_port = atoi(options+3) + 5900;
@@ -1456,7 +1459,7 @@ index f980d68..3c315d6 100644
#ifdef CONFIG_VNC_TLS
} else if (strncmp(options, "tls", 3) == 0) {
tls = 1; /* Require TLS */
-@@ -1986,6 +2134,22 @@ int vnc_display_open(DisplayState *ds, const char *display)
+@@ -2041,6 +2188,22 @@ int vnc_display_open(DisplayState *ds, const char *display)
}
}
@@ -1479,7 +1482,7 @@ index f980d68..3c315d6 100644
if (password) {
#ifdef CONFIG_VNC_TLS
if (tls) {
-@@ -1998,13 +2162,34 @@ int vnc_display_open(DisplayState *ds, const char *display)
+@@ -2053,13 +2216,34 @@ int vnc_display_open(DisplayState *ds, const char *display)
vs->subauth = VNC_AUTH_VENCRYPT_TLSVNC;
}
} else {
@@ -1516,7 +1519,7 @@ index f980d68..3c315d6 100644
} else {
#ifdef CONFIG_VNC_TLS
if (tls) {
-@@ -2026,6 +2211,16 @@ int vnc_display_open(DisplayState *ds, const char *display)
+@@ -2081,6 +2265,16 @@ int vnc_display_open(DisplayState *ds, const char *display)
#endif
}
07-vnc-monitor-authinfo.patch:
vnc-tls.c | 17 +++++++++++++++++
vnc-tls.h | 3 +++
vnc.c | 20 +++++++++++++++++---
3 files changed, 37 insertions(+), 3 deletions(-)
Index: 07-vnc-monitor-authinfo.patch
===================================================================
RCS file: /cvs/pkgs/rpms/qemu/F-11/07-vnc-monitor-authinfo.patch,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -p -r1.4 -r1.5
--- 07-vnc-monitor-authinfo.patch 4 Aug 2009 15:35:42 -0000 1.4
+++ 07-vnc-monitor-authinfo.patch 11 Sep 2009 11:13:08 -0000 1.5
@@ -1,4 +1,4 @@
-From e61c19737387273e305a2da5c9b28fe42e2eef67 Mon Sep 17 00:00:00 2001
+From 54d323707c4e1603795259fc3078f3e4ef9487d2 Mon Sep 17 00:00:00 2001
From: aliguori <aliguori at c046a42c-6fe2-441c-8c8c-71466251a162>
Date: Fri, 6 Mar 2009 20:27:32 +0000
Subject: [PATCH] Include auth credentials in 'info vnc' ("Daniel P. Berrange")
@@ -87,7 +87,7 @@ index cda95b9..fd0a2d9 100644
int vnc_tls_client_setup(VncState *vs, int x509Creds);
diff --git a/vnc.c b/vnc.c
-index 3c315d6..9f0e16b 100644
+index 0b62000..de7b3b4 100644
--- a/vnc.c
+++ b/vnc.c
@@ -156,6 +156,21 @@ static void do_info_vnc_client(VncState *client)
@@ -112,7 +112,7 @@ index 3c315d6..9f0e16b 100644
}
void do_info_vnc(void)
-@@ -1832,7 +1847,7 @@ static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len)
+@@ -1884,7 +1899,7 @@ static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len)
/* We only advertise 1 auth scheme at a time, so client
* must pick the one we sent. Verify this */
if (data[0] != vs->vd->auth) { /* Reject auth */
@@ -121,7 +121,7 @@ index 3c315d6..9f0e16b 100644
vnc_write_u32(vs, 1);
if (vs->minor >= 8) {
static const char err[] = "Authentication failed";
-@@ -1872,7 +1887,7 @@ static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len)
+@@ -1924,7 +1939,7 @@ static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len)
#endif /* CONFIG_VNC_SASL */
default: /* Should not be possible, but just in case */
Index: qemu.spec
===================================================================
RCS file: /cvs/pkgs/rpms/qemu/F-11/qemu.spec,v
retrieving revision 1.102
retrieving revision 1.103
diff -u -p -r1.102 -r1.103
--- qemu.spec 4 Sep 2009 10:38:39 -0000 1.102
+++ qemu.spec 11 Sep 2009 11:13:08 -0000 1.103
@@ -1,7 +1,7 @@
Summary: QEMU is a FAST! processor emulator
Name: qemu
Version: 0.10.6
-Release: 4%{?dist}
+Release: 5%{?dist}
# Epoch because we pushed a qemu-1.0 package
Epoch: 2
License: GPLv2+ and LGPLv2+ and BSD
@@ -12,6 +12,11 @@ Source0: http://downloads.sourceforge.ne
Source1: qemu.init
Source2: kvm.modules
+# Patches for bug #503156 and bug #501131
+# Both will be include in qemu-kvm-0.10.7
+Patch100: qemu-fix-vnc-copyrect-screen-corruption.patch
+Patch101: qemu-fix-vnc-disconnect-segfault.patch
+
Patch1: 01-tls-handshake-fix.patch
Patch2: 02-vnc-monitor-info.patch
Patch3: 03-display-keymaps.patch
@@ -211,6 +216,9 @@ such as kvmtrace and kvm_stat.
%prep
%setup -q -n qemu-kvm-%{version}
+%patch100 -p1
+%patch101 -p1
+
%patch1 -p1
%patch2 -p1
%patch3 -p1
@@ -471,6 +479,11 @@ fi
%{_mandir}/man1/qemu-img.1*
%changelog
+* Fri Sep 11 2009 Mark McLoughlin <markmc at redhat.com> - 2:0.10.6-4
+- Fix vnc segfault on disconnect (#501131)
+- Fix vnc screen corruption with e.g. xterm (#503156)
+- Rebase vnc sasl patches on top of these two vnc fixes
+
* Fri Sep 4 2009 Mark McLoughlin <markmc at redhat.com> - 2:0.10.6-4
- Make pulseaudio the default audio backend (#519540, #495964, #496627)
- Previous message (by thread): rpms/lohit-telugu-fonts/devel import.log, NONE, 1.1 lohit-telugu-fonts.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message (by thread): rpms/qemu/F-11 qemu.spec,1.103,1.104
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list