Hello community, here is the log from the commit of package LibVNCServer for openSUSE:Factory checked in at 2013-01-10 13:12:26 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/LibVNCServer (Old) and /work/SRC/openSUSE:Factory/.LibVNCServer.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "LibVNCServer", Maintainer is "[email protected]" Changes: -------- --- /work/SRC/openSUSE:Factory/LibVNCServer/LibVNCServer.changes 2012-12-31 14:26:03.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.LibVNCServer.new/LibVNCServer.changes 2013-01-10 13:12:28.000000000 +0100 @@ -1,0 +2,11 @@ +Tue Jan 1 19:35:08 UTC 2013 - [email protected] + +- Switch SSL backend to openssl, we all agree that OpenSSL + has it faults, but it is heavily optimized in all platforms + not only x86 and performance matters in interactive,latency + sensitive tasks like VNC. + +- libvncserver-ossl.patch Ensures openssl use less memory + and avoid abi breaks on openSSL updates. + +------------------------------------------------------------------- New: ---- libvncserver-ossl.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ LibVNCServer.spec ++++++ --- /var/tmp/diff_new_pack.uHSR6S/_old 2013-01-10 13:12:29.000000000 +0100 +++ /var/tmp/diff_new_pack.uHSR6S/_new 2013-01-10 13:12:29.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package LibVNCServer # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,13 +17,13 @@ Name: LibVNCServer -BuildRequires: gnutls-devel BuildRequires: libavahi-devel BuildRequires: libgcrypt-devel BuildRequires: libjpeg-devel BuildRequires: libpng-devel BuildRequires: libtool BuildRequires: lzo-devel +BuildRequires: openssl-devel BuildRequires: slang-devel BuildRequires: xorg-x11-devel Version: 0.9.9 @@ -43,6 +43,7 @@ Patch10: LibVNCServer-0.9.9-no_x11vnc.patch #PATCH_FIX-OPENSUSE: Use system fast byteswap routines. Patch11: libvncserver-byteswap.patch +Patch12: libvncserver-ossl.patch %description VNC is a set of programs using the RFB (Remote Frame Buffer) protocol. @@ -87,6 +88,7 @@ # ./configure --enable-maintainer-mode # sh ./autogen.sh %patch11 +%patch12 # fix encoding for file in AUTHORS ChangeLog ; do mv ${file} ${file}.OLD && \ ++++++ libvncserver-ossl.patch ++++++ --- libvncclient/tls_openssl.c.orig +++ libvncclient/tls_openssl.c @@ -18,9 +18,11 @@ * USA. */ +#include "rfbconfig.h" #include <rfb/rfbclient.h> #include <errno.h> - +#define OPENSSL_LOAD_CONF +#define OPENSSL_NO_SSL_INTERN #include <openssl/err.h> #include <openssl/ssl.h> #include <openssl/x509.h> @@ -157,7 +159,7 @@ ssl_verify (int ok, X509_STORE_CTX *ctx) ssl = X509_STORE_CTX_get_ex_data (ctx, SSL_get_ex_data_X509_STORE_CTX_idx ()); - client = SSL_CTX_get_app_data (ssl->ctx); + client = SSL_CTX_get_app_data (SSL_get_SSL_CTX(ssl)); cert = X509_STORE_CTX_get_current_cert (ctx); err = X509_STORE_CTX_get_error (ctx); @@ -240,6 +242,10 @@ open_ssl_connection (rfbClient *client, BIO *sbio; ssl_ctx = SSL_CTX_new (SSLv23_client_method ()); +#ifdef SSL_MODE_RELEASE_BUFFERS + SSL_CTX_set_mode(ssl_ctx, SSL_MODE_RELEASE_BUFFERS); +#endif + SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2); SSL_CTX_set_default_verify_paths (ssl_ctx); SSL_CTX_set_verify (ssl_ctx, SSL_VERIFY_NONE, &ssl_verify); ssl = SSL_new (ssl_ctx); @@ -259,8 +265,8 @@ open_ssl_connection (rfbClient *client, if (wait_for_data(ssl, n, 1) != 1) { finished = 1; - if (ssl->ctx) - SSL_CTX_free (ssl->ctx); + if (SSL_get_SSL_CTX(ssl)) + SSL_CTX_free (SSL_get_SSL_CTX(ssl)); SSL_free(ssl); SSL_shutdown (ssl); --- libvncserver/rfbssl_openssl.c.orig +++ libvncserver/rfbssl_openssl.c @@ -21,7 +21,10 @@ * USA. */ +#include "rfbconfig.h" #include "rfbssl.h" +#define OPENSSL_LOAD_CONF +#define OPENSSL_NO_SSL_INTERN #include <openssl/ssl.h> #include <openssl/err.h> -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
