[arch-commits] Commit in networkmanager-openconnect/trunk (3 files)
Jan Steffens
heftig at archlinux.org
Sat Jan 10 21:10:32 UTC 2015
Date: Saturday, January 10, 2015 @ 22:10:31
Author: heftig
Revision: 228898
1.0.0
Modified:
networkmanager-openconnect/trunk/PKGBUILD
Deleted:
networkmanager-openconnect/trunk/libopenconnect.so.4.patch
networkmanager-openconnect/trunk/libopenconnect.so.5.patch
---------------------------+
PKGBUILD | 14 ---
libopenconnect.so.4.patch | 124 -----------------------------
libopenconnect.so.5.patch | 182 --------------------------------------------
3 files changed, 4 insertions(+), 316 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2015-01-10 21:05:55 UTC (rev 228897)
+++ PKGBUILD 2015-01-10 21:10:31 UTC (rev 228898)
@@ -2,8 +2,8 @@
# Maintainer: Ionut Biru <ibiru at archlinux.org>
pkgname=networkmanager-openconnect
-pkgver=0.9.10.0
-pkgrel=2
+pkgver=1.0.0
+pkgrel=1
pkgdesc="NetworkManager VPN integration for openconnect"
arch=('i686' 'x86_64')
license=('GPL')
@@ -12,17 +12,11 @@
makedepends=('intltool')
optdepends=('network-manager-applet: GNOME frontends to NetWorkmanager')
install=$pkgname.install
-source=(http://ftp.gnome.org/pub/GNOME/sources/NetworkManager-openconnect/0.9/NetworkManager-openconnect-${pkgver}.tar.xz
- libopenconnect.so.4.patch
- libopenconnect.so.5.patch)
-sha256sums=('8007d70a6943388bfa141f99fc4da9965fd122cf2741512ce0cf9c0f9c78331a'
- 'e2a84ac7467b5ffb20891946fd132f9d34012f17a4847ab7c7cde34cca3a9762'
- '6b46edb11f96e0ad2b0fd39b11326b24520d9d2ff35a1d167a98c8bc5b7c6272')
+source=(http://ftp.gnome.org/pub/GNOME/sources/NetworkManager-openconnect/${pkgver::3}/NetworkManager-openconnect-${pkgver}.tar.xz)
+sha256sums=('06f322f8efe9b882b19dcaa4314049171fd38701e902f688cbdcacfd21d23f5f')
prepare() {
cd NetworkManager-openconnect-${pkgver}
- patch -p1 -i ../libopenconnect.so.4.patch
- patch -p1 -i ../libopenconnect.so.5.patch
}
build() {
Deleted: libopenconnect.so.4.patch
===================================================================
--- libopenconnect.so.4.patch 2015-01-10 21:05:55 UTC (rev 228897)
+++ libopenconnect.so.4.patch 2015-01-10 21:10:31 UTC (rev 228898)
@@ -1,124 +0,0 @@
-From 58944a3ef9c92f7afa07cbb539d062e1956bafc0 Mon Sep 17 00:00:00 2001
-From: David Woodhouse <David.Woodhouse at intel.com>
-Date: Thu, 30 Oct 2014 23:09:14 +0000
-Subject: Support libopenconnect.so.4
-
-
-diff --git a/auth-dialog/main.c b/auth-dialog/main.c
-index 7171247..8285bf4 100644
---- a/auth-dialog/main.c
-+++ b/auth-dialog/main.c
-@@ -89,6 +89,21 @@
- #define OC_FORM_RESULT_NEWGROUP 2
- #endif
-
-+#if OPENCONNECT_CHECK_VER(4,0)
-+#define dup_option_value(opt) g_strdup((opt)->_value);
-+#define OC3DUP(x) (x)
-+#define write_config_const const
-+#else
-+#define dup_option_value(opt) g_strdup((opt)->value);
-+#define openconnect_set_option_value(opt, val) do { \
-+ struct oc_form_opt *_o = (opt); \
-+ free(_o->value); _o->value = g_strdup(val); \
-+ } while (0)
-+#define openconnect_free_cert_info(v, x) free(x)
-+#define OC3DUP(x) g_strdup(x)
-+#define write_config_const /* */
-+#endif
-+
- #ifdef OPENCONNECT_OPENSSL
- #include <openssl/ssl.h>
- #include <openssl/bio.h>
-@@ -712,7 +727,7 @@ static gboolean ui_form (struct oc_auth_form *form)
- data->entry_text = g_strdup (find_form_answer(ui_data->secrets,
- form, opt));
- if (!data->entry_text)
-- data->entry_text = g_strdup (opt->value);
-+ data->entry_text = dup_option_value(opt);
- } else {
- GHashTable *attrs;
-
-@@ -776,8 +791,7 @@ static gboolean set_initial_authgroup (auth_ui_data *ui_data, struct oc_auth_for
- for (i = 0; i < sopt->nr_choices; i++) {
- struct oc_choice *ch = FORMCHOICE(sopt, i);
- if (!strcmp(saved_group, ch->name) && i != AUTHGROUP_SELECTION(form)) {
-- free(opt->value);
-- opt->value = g_strdup(saved_group);
-+ openconnect_set_option_value(opt, saved_group);
- return TRUE;
- }
- }
-@@ -823,7 +837,7 @@ static int nm_process_auth_form (void *cbdata, struct oc_auth_form *form)
- g_cancellable_cancel(data->cancel);
-
- if (data->entry_text) {
-- data->opt->value = g_strdup (data->entry_text);
-+ openconnect_set_option_value(data->opt, data->entry_text);
-
- if (data->opt->type == OC_FORM_OPT_TEXT ||
- data->opt->type == OC_FORM_OPT_SELECT) {
-@@ -932,7 +946,7 @@ static gboolean user_validate_cert(cert_data *data)
- text = gtk_text_view_new();
- buffer = gtk_text_view_get_buffer(GTK_TEXT_VIEW(text));
- gtk_text_buffer_set_text(buffer, details, -1);
-- free(details);
-+ openconnect_free_cert_info(data->ui_data->vpninfo, details);
- gtk_text_view_set_editable(GTK_TEXT_VIEW(text), 0);
- gtk_text_view_set_cursor_visible(GTK_TEXT_VIEW(text), FALSE);
- gtk_container_add(GTK_CONTAINER(scroll), text);
-@@ -1166,7 +1180,7 @@ static int get_config (GHashTable *options, GHashTable *secrets,
-
- cafile = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_CACERT);
- if (cafile)
-- openconnect_set_cafile(vpninfo, g_strdup (cafile));
-+ openconnect_set_cafile(vpninfo, OC3DUP (cafile));
-
- csd = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_CSD_ENABLE);
- if (csd && !strcmp(csd, "yes")) {
-@@ -1176,16 +1190,16 @@ static int get_config (GHashTable *options, GHashTable *secrets,
- if (csd_wrapper && !csd_wrapper[0])
- csd_wrapper = NULL;
-
-- openconnect_setup_csd(vpninfo, getuid(), 1, g_strdup (csd_wrapper));
-+ openconnect_setup_csd(vpninfo, getuid(), 1, OC3DUP (csd_wrapper));
- }
-
- proxy = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_PROXY);
-- if (proxy && proxy[0] && openconnect_set_http_proxy(vpninfo, g_strdup (proxy)))
-+ if (proxy && proxy[0] && openconnect_set_http_proxy(vpninfo, OC3DUP (proxy)))
- return -EINVAL;
-
- cert = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_USERCERT);
- sslkey = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_PRIVKEY);
-- openconnect_set_client_cert (vpninfo, g_strdup (cert), g_strdup (sslkey));
-+ openconnect_set_client_cert (vpninfo, OC3DUP (cert), OC3DUP (sslkey));
-
- pem_passphrase_fsid = g_hash_table_lookup (options,
- NM_OPENCONNECT_KEY_PEM_PASSPHRASE_FSID);
-@@ -1245,7 +1259,7 @@ static int update_token(void *cbdata, const char *tok)
- }
- #endif
-
--static int write_new_config(void *cbdata, char *buf, int buflen)
-+static int write_new_config(void *cbdata, write_config_const char *buf, int buflen)
- {
- auth_ui_data *ui_data = cbdata;
- g_hash_table_insert (ui_data->secrets, g_strdup ("xmlconfig"),
-@@ -1472,11 +1486,11 @@ static void connect_host(auth_ui_data *ui_data)
- if (openconnect_parse_url(ui_data->vpninfo, host->hostaddress)) {
- fprintf(stderr, "Failed to parse server URL '%s'\n",
- host->hostaddress);
-- openconnect_set_hostname (ui_data->vpninfo, g_strdup(host->hostaddress));
-+ openconnect_set_hostname (ui_data->vpninfo, OC3DUP (host->hostaddress));
- }
-
- if (!openconnect_get_urlpath(ui_data->vpninfo) && host->usergroup)
-- openconnect_set_urlpath(ui_data->vpninfo, g_strdup(host->usergroup));
-+ openconnect_set_urlpath(ui_data->vpninfo, OC3DUP (host->usergroup));
-
-
- g_hash_table_insert (ui_data->success_secrets, g_strdup("lasthost"),
---
-cgit v0.10.1
-
Deleted: libopenconnect.so.5.patch
===================================================================
--- libopenconnect.so.5.patch 2015-01-10 21:05:55 UTC (rev 228897)
+++ libopenconnect.so.5.patch 2015-01-10 21:10:31 UTC (rev 228898)
@@ -1,182 +0,0 @@
-From 2dc45e25b200e1b70e862f46c9f7ad652e59c8a2 Mon Sep 17 00:00:00 2001
-From: David Woodhouse <David.Woodhouse at intel.com>
-Date: Mon, 3 Nov 2014 17:39:43 +0000
-Subject: Update to new hash handling, fix to match stored certs only for the
- same host/port
-
-
-diff --git a/auth-dialog/main.c b/auth-dialog/main.c
-index df0146c..38f3a8f 100644
---- a/auth-dialog/main.c
-+++ b/auth-dialog/main.c
-@@ -694,7 +694,7 @@ static char* get_title(const char *vpn_name)
-
- typedef struct cert_data {
- auth_ui_data *ui_data;
-- OPENCONNECT_X509 *peer_cert;
-+ char *cert_details;
- const char *reason;
- } cert_data;
-
-@@ -722,13 +722,10 @@ static gboolean user_validate_cert(cert_data *data)
- {
- auth_ui_data *ui_data = _ui_data; /* FIXME global */
- char *title;
-- char *details;
- GtkWidget *dlg, *text, *scroll;
- GtkTextBuffer *buffer;
- int result;
-
-- details = openconnect_get_cert_details(ui_data->vpninfo, data->peer_cert);
--
- title = get_title(data->ui_data->vpn_name);
- dlg = gtk_message_dialog_new(NULL, 0, GTK_MESSAGE_QUESTION,
- GTK_BUTTONS_OK_CANCEL,
-@@ -751,8 +748,7 @@ static gboolean user_validate_cert(cert_data *data)
-
- text = gtk_text_view_new();
- buffer = gtk_text_view_get_buffer(GTK_TEXT_VIEW(text));
-- gtk_text_buffer_set_text(buffer, details, -1);
-- openconnect_free_cert_info(data->ui_data->vpninfo, details);
-+ gtk_text_buffer_set_text(buffer, data->cert_details, -1);
- gtk_text_view_set_editable(GTK_TEXT_VIEW(text), 0);
- gtk_text_view_set_cursor_visible(GTK_TEXT_VIEW(text), FALSE);
- gtk_container_add(GTK_CONTAINER(scroll), text);
-@@ -775,36 +771,40 @@ static gboolean user_validate_cert(cert_data *data)
-
- /* runs in worker thread */
- static int validate_peer_cert(void *cbdata,
-- OPENCONNECT_X509 *peer_cert, const char *reason)
-+#if !OPENCONNECT_CHECK_VER(5,0)
-+ OPENCONNECT_X509 *peer_cert,
-+#endif
-+ const char *reason)
- {
- auth_ui_data *ui_data = cbdata;
-- char fingerprint[41];
-- char *certs_data;
- int ret = 0;
- cert_data *data;
-+ char *certkey;
-+ char *accepted_hash = NULL;
-+#if OPENCONNECT_CHECK_VER(5,0)
-+ const char *fingerprint = openconnect_get_peer_cert_hash(ui_data->vpninfo);
-+#else
-+ char fingerprint[41];
-
- ret = openconnect_get_cert_sha1(ui_data->vpninfo, peer_cert, fingerprint);
- if (ret)
- return ret;
-
-- certs_data = g_hash_table_lookup (ui_data->secrets, "certsigs");
-- if (certs_data) {
-- char **certs = g_strsplit_set(certs_data, "\t", 0);
-- char **this = certs;
-+#define openconnect_check_peer_cert_hash(v, h) strcmp(h, fingerprint)
-+#define openconnect_get_peer_cert_details(v) openconnect_get_cert_details(v, peer_cert);
-+#endif
-
-- while (*this) {
-- if (!strcmp(*this, fingerprint)) {
-- g_strfreev(certs);
-- goto out;
-- }
-- this++;
-- }
-- g_strfreev(certs);
-- }
-+ certkey = g_strdup_printf ("certificate:%s:%d",
-+ openconnect_get_hostname(ui_data->vpninfo),
-+ openconnect_get_port(ui_data->vpninfo));
-+
-+ accepted_hash = g_hash_table_lookup (ui_data->secrets, certkey);
-+ if (accepted_hash && !openconnect_check_peer_cert_hash(ui_data->vpninfo, accepted_hash))
-+ goto accepted;
-
- data = g_slice_new(cert_data);
- data->ui_data = ui_data; /* FIXME uses global */
-- data->peer_cert = peer_cert;
-+ data->cert_details = openconnect_get_peer_cert_details(ui_data->vpninfo);
- data->reason = reason;
-
- g_mutex_lock(&ui_data->form_mutex);
-@@ -813,27 +813,27 @@ static int validate_peer_cert(void *cbdata,
- g_idle_add((GSourceFunc)user_validate_cert, data);
-
- /* wait for user to accept or cancel */
-- while (ui_data->cert_response == CERT_USER_NOT_READY) {
-+ while (ui_data->cert_response == CERT_USER_NOT_READY)
- g_cond_wait(&ui_data->cert_response_changed, &ui_data->form_mutex);
-- }
-- if (ui_data->cert_response == CERT_ACCEPTED) {
-- if (certs_data) {
-- char *new = g_strdup_printf("%s\t%s", certs_data, fingerprint);
-- g_hash_table_insert (ui_data->secrets,
-- g_strdup ("certsigs"), new);
-- } else {
-- g_hash_table_insert (ui_data->secrets, g_strdup ("certsigs"),
-- g_strdup (fingerprint));
-- }
-+
-+ openconnect_free_cert_info(data->ui_data->vpninfo, data->cert_details);
-+ g_slice_free(cert_data, data);
-+
-+ if (ui_data->cert_response == CERT_ACCEPTED)
- ret = 0;
-- } else {
-+ else
- ret = -EINVAL;
-- }
-+
- g_mutex_unlock (&ui_data->form_mutex);
-
-- g_slice_free(cert_data, data);
-+ accepted:
-+ if (!ret) {
-+ g_hash_table_insert (ui_data->secrets, certkey,
-+ g_strdup(fingerprint));
-+ certkey = NULL;
-+ }
-
-- out:
-+ g_free (certkey);
- return ret;
- }
-
-@@ -1196,7 +1196,7 @@ static gboolean cookie_obtained(auth_ui_data *ui_data)
- gtk_widget_set_sensitive(ui_data->cancel_button, FALSE);
- }
- } else if (!ui_data->cookie_retval) {
-- OPENCONNECT_X509 *cert;
-+ const void *cert;
- gchar *key, *value;
-
- /* got cookie */
-@@ -1218,14 +1218,22 @@ static gboolean cookie_obtained(auth_ui_data *ui_data)
- g_hash_table_insert (ui_data->secrets, key, value);
- openconnect_clear_cookie(ui_data->vpninfo);
-
-+#if OPENCONNECT_CHECK_VER(5,0)
-+ cert = openconnect_get_peer_cert_hash (ui_data->vpninfo);
-+ if (cert) {
-+ key = g_strdup (NM_OPENCONNECT_KEY_GWCERT);
-+ value = g_strdup (cert);
-+ g_hash_table_insert (ui_data->secrets, key, value);
-+ }
-+#else
- cert = openconnect_get_peer_cert (ui_data->vpninfo);
- if (cert) {
- key = g_strdup (NM_OPENCONNECT_KEY_GWCERT);
- value = g_malloc0 (41);
-- openconnect_get_cert_sha1(ui_data->vpninfo, cert, value);
-+ openconnect_get_cert_sha1(ui_data->vpninfo, (void *)cert, value);
- g_hash_table_insert (ui_data->secrets, key, value);
- }
--
-+#endif
- if (get_save_passwords(ui_data->secrets)) {
- g_hash_table_foreach(ui_data->success_passwords,
- keyring_store_passwords,
---
-cgit v0.10.1
-
More information about the arch-commits
mailing list