[arch-commits] Commit in networkmanager-openconnect/trunk (3 files)

Jan Steffens heftig at archlinux.org
Sat Jan 10 21:10:32 UTC 2015 

    Date: Saturday, January 10, 2015 @ 22:10:31
  Author: heftig
Revision: 228898

1.0.0

Modified:
  networkmanager-openconnect/trunk/PKGBUILD
Deleted:
  networkmanager-openconnect/trunk/libopenconnect.so.4.patch
  networkmanager-openconnect/trunk/libopenconnect.so.5.patch

---------------------------+
 PKGBUILD                  |   14 ---
 libopenconnect.so.4.patch |  124 -----------------------------
 libopenconnect.so.5.patch |  182 --------------------------------------------
 3 files changed, 4 insertions(+), 316 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2015-01-10 21:05:55 UTC (rev 228897)
+++ PKGBUILD	2015-01-10 21:10:31 UTC (rev 228898)
@@ -2,8 +2,8 @@
 # Maintainer: Ionut Biru <ibiru at archlinux.org>
 
 pkgname=networkmanager-openconnect
-pkgver=0.9.10.0
-pkgrel=2
+pkgver=1.0.0
+pkgrel=1
 pkgdesc="NetworkManager VPN integration for openconnect"
 arch=('i686' 'x86_64')
 license=('GPL')
@@ -12,17 +12,11 @@
 makedepends=('intltool')
 optdepends=('network-manager-applet: GNOME frontends to NetWorkmanager')
 install=$pkgname.install
-source=(http://ftp.gnome.org/pub/GNOME/sources/NetworkManager-openconnect/0.9/NetworkManager-openconnect-${pkgver}.tar.xz
-        libopenconnect.so.4.patch
-        libopenconnect.so.5.patch)
-sha256sums=('8007d70a6943388bfa141f99fc4da9965fd122cf2741512ce0cf9c0f9c78331a'
-            'e2a84ac7467b5ffb20891946fd132f9d34012f17a4847ab7c7cde34cca3a9762'
-            '6b46edb11f96e0ad2b0fd39b11326b24520d9d2ff35a1d167a98c8bc5b7c6272')
+source=(http://ftp.gnome.org/pub/GNOME/sources/NetworkManager-openconnect/${pkgver::3}/NetworkManager-openconnect-${pkgver}.tar.xz)
+sha256sums=('06f322f8efe9b882b19dcaa4314049171fd38701e902f688cbdcacfd21d23f5f')
 
 prepare() {
   cd NetworkManager-openconnect-${pkgver}
-  patch -p1 -i ../libopenconnect.so.4.patch
-  patch -p1 -i ../libopenconnect.so.5.patch
 }
 
 build() {

Deleted: libopenconnect.so.4.patch
===================================================================
--- libopenconnect.so.4.patch	2015-01-10 21:05:55 UTC (rev 228897)
+++ libopenconnect.so.4.patch	2015-01-10 21:10:31 UTC (rev 228898)
@@ -1,124 +0,0 @@
-From 58944a3ef9c92f7afa07cbb539d062e1956bafc0 Mon Sep 17 00:00:00 2001
-From: David Woodhouse <David.Woodhouse at intel.com>
-Date: Thu, 30 Oct 2014 23:09:14 +0000
-Subject: Support libopenconnect.so.4
-
-
-diff --git a/auth-dialog/main.c b/auth-dialog/main.c
-index 7171247..8285bf4 100644
---- a/auth-dialog/main.c
-+++ b/auth-dialog/main.c
-@@ -89,6 +89,21 @@
- #define OC_FORM_RESULT_NEWGROUP		2
- #endif
- 
-+#if OPENCONNECT_CHECK_VER(4,0)
-+#define dup_option_value(opt)		g_strdup((opt)->_value);
-+#define OC3DUP(x)			(x)
-+#define write_config_const		const
-+#else
-+#define dup_option_value(opt)		g_strdup((opt)->value);
-+#define openconnect_set_option_value(opt, val) do { \
-+		struct oc_form_opt *_o = (opt);				\
-+		free(_o->value); _o->value = g_strdup(val);		\
-+	} while (0)
-+#define openconnect_free_cert_info(v, x) free(x)
-+#define OC3DUP(x)			g_strdup(x)
-+#define write_config_const		/* */
-+#endif
-+
- #ifdef OPENCONNECT_OPENSSL
- #include <openssl/ssl.h>
- #include <openssl/bio.h>
-@@ -712,7 +727,7 @@ static gboolean ui_form (struct oc_auth_form *form)
- 				data->entry_text = g_strdup (find_form_answer(ui_data->secrets,
- 									      form, opt));
- 				if (!data->entry_text)
--					data->entry_text = g_strdup (opt->value);
-+					data->entry_text = dup_option_value(opt);
- 			} else {
- 				GHashTable *attrs;
- 
-@@ -776,8 +791,7 @@ static gboolean set_initial_authgroup (auth_ui_data *ui_data, struct oc_auth_for
- 		for (i = 0; i < sopt->nr_choices; i++) {
- 			struct oc_choice *ch = FORMCHOICE(sopt, i);
- 			if (!strcmp(saved_group, ch->name) && i != AUTHGROUP_SELECTION(form)) {
--				free(opt->value);
--				opt->value = g_strdup(saved_group);
-+				openconnect_set_option_value(opt, saved_group);
- 				return TRUE;
- 			}
- 		}
-@@ -823,7 +837,7 @@ static int nm_process_auth_form (void *cbdata, struct oc_auth_form *form)
- 				g_cancellable_cancel(data->cancel);
- 
- 			if (data->entry_text) {
--				data->opt->value = g_strdup (data->entry_text);
-+				openconnect_set_option_value(data->opt, data->entry_text);
- 
- 				if (data->opt->type == OC_FORM_OPT_TEXT ||
- 				    data->opt->type == OC_FORM_OPT_SELECT) {
-@@ -932,7 +946,7 @@ static gboolean user_validate_cert(cert_data *data)
- 	text = gtk_text_view_new();
- 	buffer = gtk_text_view_get_buffer(GTK_TEXT_VIEW(text));
- 	gtk_text_buffer_set_text(buffer, details, -1);
--	free(details);
-+	openconnect_free_cert_info(data->ui_data->vpninfo, details);
- 	gtk_text_view_set_editable(GTK_TEXT_VIEW(text), 0);
- 	gtk_text_view_set_cursor_visible(GTK_TEXT_VIEW(text), FALSE);
- 	gtk_container_add(GTK_CONTAINER(scroll), text);
-@@ -1166,7 +1180,7 @@ static int get_config (GHashTable *options, GHashTable *secrets,
- 
- 	cafile = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_CACERT);
- 	if (cafile)
--		openconnect_set_cafile(vpninfo, g_strdup (cafile));
-+		openconnect_set_cafile(vpninfo, OC3DUP (cafile));
- 
- 	csd = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_CSD_ENABLE);
- 	if (csd && !strcmp(csd, "yes")) {
-@@ -1176,16 +1190,16 @@ static int get_config (GHashTable *options, GHashTable *secrets,
- 		if (csd_wrapper && !csd_wrapper[0])
- 			csd_wrapper = NULL;
- 
--		openconnect_setup_csd(vpninfo, getuid(), 1, g_strdup (csd_wrapper));
-+		openconnect_setup_csd(vpninfo, getuid(), 1, OC3DUP (csd_wrapper));
- 	}
- 
- 	proxy = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_PROXY);
--	if (proxy && proxy[0] && openconnect_set_http_proxy(vpninfo, g_strdup (proxy)))
-+	if (proxy && proxy[0] && openconnect_set_http_proxy(vpninfo, OC3DUP (proxy)))
- 		return -EINVAL;
- 
- 	cert = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_USERCERT);
- 	sslkey = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_PRIVKEY);
--	openconnect_set_client_cert (vpninfo, g_strdup (cert), g_strdup (sslkey));
-+	openconnect_set_client_cert (vpninfo, OC3DUP (cert), OC3DUP (sslkey));
- 
- 	pem_passphrase_fsid = g_hash_table_lookup (options,
- 						   NM_OPENCONNECT_KEY_PEM_PASSPHRASE_FSID);
-@@ -1245,7 +1259,7 @@ static int update_token(void *cbdata, const char *tok)
- }
- #endif
- 
--static int write_new_config(void *cbdata, char *buf, int buflen)
-+static int write_new_config(void *cbdata, write_config_const char *buf, int buflen)
- {
- 	auth_ui_data *ui_data = cbdata;
- 	g_hash_table_insert (ui_data->secrets, g_strdup ("xmlconfig"),
-@@ -1472,11 +1486,11 @@ static void connect_host(auth_ui_data *ui_data)
- 	if (openconnect_parse_url(ui_data->vpninfo, host->hostaddress)) {
- 		fprintf(stderr, "Failed to parse server URL '%s'\n",
- 			host->hostaddress);
--		openconnect_set_hostname (ui_data->vpninfo, g_strdup(host->hostaddress));
-+		openconnect_set_hostname (ui_data->vpninfo, OC3DUP (host->hostaddress));
- 	}
- 
- 	if (!openconnect_get_urlpath(ui_data->vpninfo) && host->usergroup)
--		openconnect_set_urlpath(ui_data->vpninfo, g_strdup(host->usergroup));
-+		openconnect_set_urlpath(ui_data->vpninfo, OC3DUP (host->usergroup));
- 
- 
- 	g_hash_table_insert (ui_data->success_secrets, g_strdup("lasthost"),
--- 
-cgit v0.10.1
-

Deleted: libopenconnect.so.5.patch
===================================================================
--- libopenconnect.so.5.patch	2015-01-10 21:05:55 UTC (rev 228897)
+++ libopenconnect.so.5.patch	2015-01-10 21:10:31 UTC (rev 228898)
@@ -1,182 +0,0 @@
-From 2dc45e25b200e1b70e862f46c9f7ad652e59c8a2 Mon Sep 17 00:00:00 2001
-From: David Woodhouse <David.Woodhouse at intel.com>
-Date: Mon, 3 Nov 2014 17:39:43 +0000
-Subject: Update to new hash handling, fix to match stored certs only for the
- same host/port
-
-
-diff --git a/auth-dialog/main.c b/auth-dialog/main.c
-index df0146c..38f3a8f 100644
---- a/auth-dialog/main.c
-+++ b/auth-dialog/main.c
-@@ -694,7 +694,7 @@ static char* get_title(const char *vpn_name)
- 
- typedef struct cert_data {
- 	auth_ui_data *ui_data;
--	OPENCONNECT_X509 *peer_cert;
-+	char *cert_details;
- 	const char *reason;
- } cert_data;
- 
-@@ -722,13 +722,10 @@ static gboolean user_validate_cert(cert_data *data)
- {
- 	auth_ui_data *ui_data = _ui_data; /* FIXME global */
- 	char *title;
--	char *details;
- 	GtkWidget *dlg, *text, *scroll;
- 	GtkTextBuffer *buffer;
- 	int result;
- 
--	details = openconnect_get_cert_details(ui_data->vpninfo, data->peer_cert);
--
- 	title = get_title(data->ui_data->vpn_name);
- 	dlg = gtk_message_dialog_new(NULL, 0, GTK_MESSAGE_QUESTION,
- 				     GTK_BUTTONS_OK_CANCEL,
-@@ -751,8 +748,7 @@ static gboolean user_validate_cert(cert_data *data)
- 
- 	text = gtk_text_view_new();
- 	buffer = gtk_text_view_get_buffer(GTK_TEXT_VIEW(text));
--	gtk_text_buffer_set_text(buffer, details, -1);
--	openconnect_free_cert_info(data->ui_data->vpninfo, details);
-+	gtk_text_buffer_set_text(buffer, data->cert_details, -1);
- 	gtk_text_view_set_editable(GTK_TEXT_VIEW(text), 0);
- 	gtk_text_view_set_cursor_visible(GTK_TEXT_VIEW(text), FALSE);
- 	gtk_container_add(GTK_CONTAINER(scroll), text);
-@@ -775,36 +771,40 @@ static gboolean user_validate_cert(cert_data *data)
- 
- /* runs in worker thread */
- static int validate_peer_cert(void *cbdata,
--			      OPENCONNECT_X509 *peer_cert, const char *reason)
-+#if !OPENCONNECT_CHECK_VER(5,0)
-+			      OPENCONNECT_X509 *peer_cert,
-+#endif
-+			      const char *reason)
- {
- 	auth_ui_data *ui_data = cbdata;
--	char fingerprint[41];
--	char *certs_data;
- 	int ret = 0;
- 	cert_data *data;
-+	char *certkey;
-+	char *accepted_hash = NULL;
-+#if OPENCONNECT_CHECK_VER(5,0)
-+	const char *fingerprint = openconnect_get_peer_cert_hash(ui_data->vpninfo);
-+#else
-+	char fingerprint[41];
- 
- 	ret = openconnect_get_cert_sha1(ui_data->vpninfo, peer_cert, fingerprint);
- 	if (ret)
- 		return ret;
- 
--	certs_data = g_hash_table_lookup (ui_data->secrets, "certsigs");
--	if (certs_data) {
--		char **certs = g_strsplit_set(certs_data, "\t", 0);
--		char **this = certs;
-+#define openconnect_check_peer_cert_hash(v, h) strcmp(h, fingerprint)
-+#define openconnect_get_peer_cert_details(v) openconnect_get_cert_details(v, peer_cert);
-+#endif
- 
--		while (*this) {
--			if (!strcmp(*this, fingerprint)) {
--				g_strfreev(certs);
--				goto out;
--			}
--			this++;
--		}
--		g_strfreev(certs);
--	}
-+	certkey = g_strdup_printf ("certificate:%s:%d",
-+				   openconnect_get_hostname(ui_data->vpninfo),
-+				   openconnect_get_port(ui_data->vpninfo));
-+
-+	accepted_hash = g_hash_table_lookup (ui_data->secrets, certkey);
-+	if (accepted_hash && !openconnect_check_peer_cert_hash(ui_data->vpninfo, accepted_hash))
-+		goto accepted;
- 
- 	data = g_slice_new(cert_data);
- 	data->ui_data = ui_data; /* FIXME uses global */
--	data->peer_cert = peer_cert;
-+	data->cert_details = openconnect_get_peer_cert_details(ui_data->vpninfo);
- 	data->reason = reason;
- 
- 	g_mutex_lock(&ui_data->form_mutex);
-@@ -813,27 +813,27 @@ static int validate_peer_cert(void *cbdata,
- 	g_idle_add((GSourceFunc)user_validate_cert, data);
- 
- 	/* wait for user to accept or cancel */
--	while (ui_data->cert_response == CERT_USER_NOT_READY) {
-+	while (ui_data->cert_response == CERT_USER_NOT_READY)
- 		g_cond_wait(&ui_data->cert_response_changed, &ui_data->form_mutex);
--	}
--	if (ui_data->cert_response == CERT_ACCEPTED) {
--		if (certs_data) {
--			char *new = g_strdup_printf("%s\t%s", certs_data, fingerprint);
--			g_hash_table_insert (ui_data->secrets,
--					     g_strdup ("certsigs"), new);
--		} else {
--			g_hash_table_insert (ui_data->secrets, g_strdup ("certsigs"),
--					     g_strdup (fingerprint));
--		}
-+
-+	openconnect_free_cert_info(data->ui_data->vpninfo, data->cert_details);
-+	g_slice_free(cert_data, data);
-+
-+	if (ui_data->cert_response == CERT_ACCEPTED)
- 		ret = 0;
--	} else {
-+	else
- 		ret = -EINVAL;
--	}
-+
- 	g_mutex_unlock (&ui_data->form_mutex);
- 
--	g_slice_free(cert_data, data);
-+ accepted:
-+	if (!ret) {
-+		g_hash_table_insert (ui_data->secrets, certkey,
-+				     g_strdup(fingerprint));
-+		certkey = NULL;
-+	}
- 
-- out:
-+	g_free (certkey);
- 	return ret;
- }
- 
-@@ -1196,7 +1196,7 @@ static gboolean cookie_obtained(auth_ui_data *ui_data)
- 			gtk_widget_set_sensitive(ui_data->cancel_button, FALSE);
- 		}
- 	} else if (!ui_data->cookie_retval) {
--		OPENCONNECT_X509 *cert;
-+		const void *cert;
- 		gchar *key, *value;
- 
- 		/* got cookie */
-@@ -1218,14 +1218,22 @@ static gboolean cookie_obtained(auth_ui_data *ui_data)
- 		g_hash_table_insert (ui_data->secrets, key, value);
- 		openconnect_clear_cookie(ui_data->vpninfo);
- 
-+#if OPENCONNECT_CHECK_VER(5,0)
-+		cert = openconnect_get_peer_cert_hash (ui_data->vpninfo);
-+		if (cert) {
-+			key = g_strdup (NM_OPENCONNECT_KEY_GWCERT);
-+			value = g_strdup (cert);
-+			g_hash_table_insert (ui_data->secrets, key, value);
-+		}
-+#else
- 		cert = openconnect_get_peer_cert (ui_data->vpninfo);
- 		if (cert) {
- 			key = g_strdup (NM_OPENCONNECT_KEY_GWCERT);
- 			value = g_malloc0 (41);
--			openconnect_get_cert_sha1(ui_data->vpninfo, cert, value);
-+			openconnect_get_cert_sha1(ui_data->vpninfo, (void *)cert, value);
- 			g_hash_table_insert (ui_data->secrets, key, value);
- 		}
--
-+#endif
- 		if (get_save_passwords(ui_data->secrets)) {
- 			g_hash_table_foreach(ui_data->success_passwords,
- 					     keyring_store_passwords,
--- 
-cgit v0.10.1
-

More information about the arch-commits mailing list