diff options
author | Pacho Ramos <pacho@gentoo.org> | 2015-12-12 12:04:06 +0100 |
---|---|---|
committer | Pacho Ramos <pacho@gentoo.org> | 2015-12-12 15:27:23 +0100 |
commit | 901a420a4d4bdc0ab7fc50c5f5577392c34a00f8 (patch) | |
tree | e9a0350f639496148bb8990231b357e949ca6df2 /net-misc | |
parent | net-misc/networkmanager-openconnect: Version bump (diff) | |
download | gentoo-901a420a4d4bdc0ab7fc50c5f5577392c34a00f8.tar.gz gentoo-901a420a4d4bdc0ab7fc50c5f5577392c34a00f8.tar.bz2 gentoo-901a420a4d4bdc0ab7fc50c5f5577392c34a00f8.zip |
net-misc/networkmanager-openconnect: Drop old
Package-Manager: portage-2.2.24
Diffstat (limited to 'net-misc')
9 files changed, 0 insertions, 961 deletions
diff --git a/net-misc/networkmanager-openconnect/Manifest b/net-misc/networkmanager-openconnect/Manifest index 1ad199cfbd67..8eba99116493 100644 --- a/net-misc/networkmanager-openconnect/Manifest +++ b/net-misc/networkmanager-openconnect/Manifest @@ -1,4 +1,2 @@ -DIST NetworkManager-openconnect-0.9.10.0.tar.xz 438008 SHA256 8007d70a6943388bfa141f99fc4da9965fd122cf2741512ce0cf9c0f9c78331a SHA512 0543db106524e66782ce51854bfe29e2e0317e9e0de1d303c4c8a0e021d2cd04defa9421fffada8d5f6a4cd79672bf4dd7683415102c0ce85a9dea4132ad2f55 WHIRLPOOL a16a34214186c9446b31ccce87248007fef33b44073bf740dae1494ba5fec52d3814601680b2b1288ee02dcca4d57099e49b38717ef4ef14865bdcbe1de7d6b8 -DIST NetworkManager-openconnect-1.0.0.tar.xz 465812 SHA256 06f322f8efe9b882b19dcaa4314049171fd38701e902f688cbdcacfd21d23f5f SHA512 3a919750e865bf51213bba99cf141255a04e4452facca7ac40115cb9c66b5767e1831b11f10b3d93901f6d794aca22cf55ed80e2e061d8c38548727d0831eac5 WHIRLPOOL 0f3609a1d36f9e1a1859e2fe4c1a650bac7226eea5904b67190af85987ada9b075707d22cce4fb07880ce4da9ddca0fb1c08bd13b76a1343c08630a523b30039 DIST NetworkManager-openconnect-1.0.2.tar.xz 543000 SHA256 120a055863841df1763d4c6b5de03e6f7180fa1a218f376ecc9c75a5862e600e SHA512 54ec54ec1b3387f8c3375181b1e537d4100eea4dc896dbda6f7c785de49f3e3b4c5b73204ee246b21b3f718e9391b4476768a596550aa54a23b8ee04a9191f9f WHIRLPOOL 89c45f5b45ed832cc1a15b0210dac7504f9d96ceca71cbc934670f1920bb2661be21dfa4d34305e37f057a640a2742c1535813d44f303a206378899e53e780c9 DIST NetworkManager-openconnect-1.0.8.tar.xz 576940 SHA256 c1bf2884ffaccae327e98d8e6c8caeb16f57993d1321ce43f99ef8312406d7e6 SHA512 3930fe6a32b583f5d007f724db0d3c0b60c6f8bb1871edeedc7d98ea3edb22d6da6e5dd778300f8d688af394b42358829d17df3f9a40e22fdbc8a01f4e69b2f3 WHIRLPOOL db6cb0484169363acf176fc23839de58d37f805ffb9fab8116b4e7a69aa1cb1760f79c50dc13baa63272b8eb982ff53f4ca58df5b74686909c630d12d8ff59c7 diff --git a/net-misc/networkmanager-openconnect/files/0.9.10.0/0016-Add-HOTP-support.patch b/net-misc/networkmanager-openconnect/files/0.9.10.0/0016-Add-HOTP-support.patch deleted file mode 100644 index 9dc8c4ae70d6..000000000000 --- a/net-misc/networkmanager-openconnect/files/0.9.10.0/0016-Add-HOTP-support.patch +++ /dev/null @@ -1,148 +0,0 @@ -From b3815e96635c8f89c6161bdb6de53cd3c01c8535 Mon Sep 17 00:00:00 2001 -From: David Woodhouse <David.Woodhouse@intel.com> -Date: Tue, 12 Aug 2014 14:55:39 +0100 -Subject: [PATCH 16/34] Add HOTP support - -This requires migrating the token_secret from a config item to a secret, -which thankfully doesn't seem to be too diffcult. ---- - auth-dialog/main.c | 24 +++++++++++++++++++++++- - properties/nm-openconnect-dialog.ui | 6 ++++++ - properties/nm-openconnect.c | 18 ++++++++++++++---- - 3 files changed, 43 insertions(+), 5 deletions(-) - -diff --git a/auth-dialog/main.c b/auth-dialog/main.c -index 2133e52..b078d48 100644 ---- a/auth-dialog/main.c -+++ b/auth-dialog/main.c -@@ -1194,7 +1194,9 @@ static int get_config (GHashTable *options, GHashTable *secrets, - openconnect_passphrase_from_fsid(vpninfo); - - token_mode = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_TOKEN_MODE); -- token_secret = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_TOKEN_SECRET); -+ token_secret = g_hash_table_lookup (secrets, NM_OPENCONNECT_KEY_TOKEN_SECRET); -+ if (!token_secret || !token_secret[0]) -+ token_secret = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_TOKEN_SECRET); - if (token_mode) { - int ret = 0; - -@@ -1204,6 +1206,10 @@ static int get_config (GHashTable *options, GHashTable *secrets, - ret = __openconnect_set_token_mode(vpninfo, OC_TOKEN_MODE_STOKEN, NULL); - else if (!strcmp(token_mode, "totp") && token_secret) - ret = __openconnect_set_token_mode(vpninfo, OC_TOKEN_MODE_TOTP, token_secret); -+#if OPENCONNECT_CHECK_VER(3,4) -+ else if (!strcmp(token_mode, "hotp") && token_secret) -+ ret = __openconnect_set_token_mode(vpninfo, OC_TOKEN_MODE_HOTP, token_secret); -+#endif - - if (ret) - fprintf(stderr, "Failed to initialize software token: %d\n", ret); -@@ -1229,6 +1235,17 @@ static void populate_vpnhost_combo(auth_ui_data *ui_data) - } - } - -+#if OPENCONNECT_CHECK_VER(3,4) -+static int update_token(void *cbdata, const char *tok) -+{ -+ auth_ui_data *ui_data = cbdata; -+ g_hash_table_insert (ui_data->secrets, g_strdup (NM_OPENCONNECT_KEY_TOKEN_SECRET), -+ g_strdup(tok)); -+ -+ return 0; -+} -+#endif -+ - static int write_new_config(void *cbdata, char *buf, int buflen) - { - auth_ui_data *ui_data = cbdata; -@@ -1801,6 +1818,11 @@ int main (int argc, char **argv) - fprintf(stderr, "Failed to find VPN UUID %s\n", vpn_uuid); - return 1; - } -+ -+#if OPENCONNECT_CHECK_VER(3,4) -+ openconnect_set_token_callbacks (_ui_data->vpninfo, _ui_data, NULL, update_token); -+#endif -+ - build_main_dialog(_ui_data); - - #ifdef OPENCONNECT_OPENSSL -diff --git a/properties/nm-openconnect-dialog.ui b/properties/nm-openconnect-dialog.ui -index b3401db..4643b73 100644 ---- a/properties/nm-openconnect-dialog.ui -+++ b/properties/nm-openconnect-dialog.ui -@@ -766,6 +766,12 @@ - <col id="2" translatable="no">totp</col> - <col id="3" translatable="no">True</col> - </row> -+ <row> -+ <col id="0" translatable="yes">HOTP - manually entered</col> -+ <col id="1" translatable="no">hotp</col> -+ <col id="2" translatable="no">hotp</col> -+ <col id="3" translatable="no">True</col> -+ </row> - </data> - </object> - </interface> -diff --git a/properties/nm-openconnect.c b/properties/nm-openconnect.c -index e00e757..dfd5f5c 100644 ---- a/properties/nm-openconnect.c -+++ b/properties/nm-openconnect.c -@@ -214,7 +214,7 @@ import (NMVpnPluginUiInterface *iface, const char *path, GError **error) - /* Soft token secret */ - buf = g_key_file_get_string (keyfile, "openconnect", "StokenString", NULL); - if (buf) -- nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET, buf); -+ nm_setting_vpn_add_secret (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET, buf); - - return connection; - } -@@ -297,9 +297,14 @@ export (NMVpnPluginUiInterface *iface, - if (value && strlen (value)) - token_mode = value; - -- value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET); -+ value = nm_setting_vpn_get_secret (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET); - if (value && strlen (value)) - token_secret = value; -+ else { -+ value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET); -+ if (value && strlen (value)) -+ token_secret = value; -+ } - - fprintf (f, - "[openconnect]\n" -@@ -427,6 +432,9 @@ init_token_mode_options (GtkComboBox *token_mode) - iter_valid = gtk_list_store_remove (token_mode_list, &iter); - else if (!strcmp (token_type, "totp") && !openconnect_has_oath_support ()) - iter_valid = gtk_list_store_remove (token_mode_list, &iter); -+ else if (!strcmp (token_type, "hotp") && -+ (!openconnect_has_oath_support () || !OPENCONNECT_CHECK_VER(3,4))) -+ iter_valid = gtk_list_store_remove (token_mode_list, &iter); - else { - iter_valid = gtk_tree_model_iter_next (model, &iter); - valid_rows++; -@@ -492,7 +500,9 @@ init_token_ui (OpenconnectPluginUiWidget *self, - if (!buffer) - return FALSE; - if (s_vpn) { -- value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET); -+ value = nm_setting_vpn_get_secret (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET); -+ if (!value) -+ value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET); - if (value) - gtk_text_buffer_set_text (buffer, value, -1); - } -@@ -653,7 +663,7 @@ update_connection (NMVpnPluginUiWidgetInterface *iface, - *dst = 0; - - if (strlen (str)) -- nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET, str); -+ nm_setting_vpn_add_secret (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET, str); - } - - if (!check_validity (self, error)) --- -2.2.0 - diff --git a/net-misc/networkmanager-openconnect/files/0.9.10.0/0017-Always-return-success-from-auth-dialog.patch b/net-misc/networkmanager-openconnect/files/0.9.10.0/0017-Always-return-success-from-auth-dialog.patch deleted file mode 100644 index f5427130c5dd..000000000000 --- a/net-misc/networkmanager-openconnect/files/0.9.10.0/0017-Always-return-success-from-auth-dialog.patch +++ /dev/null @@ -1,68 +0,0 @@ -From 5e899ec0dfff56ac15f9e19cccb8b8d17f792afd Mon Sep 17 00:00:00 2001 -From: David Woodhouse <David.Woodhouse@intel.com> -Date: Tue, 12 Aug 2014 14:58:05 +0100 -Subject: [PATCH 17/34] Always return success from auth-dialog - -We want to store the secrets even when we ultimately failed to log in. -This was slightly suboptimal even before, when we were failing to remember -things like the 'autoconnect' and 'certsigs' secrets. But now with HOTP -it's particularly important that we keep track of which tokens have been -used *even* if we end up failing to log in. - -Even if we don't get a valid login cookie, it's OK to return success. ---- - auth-dialog/main.c | 7 +------ - 1 file changed, 1 insertion(+), 6 deletions(-) - -diff --git a/auth-dialog/main.c b/auth-dialog/main.c -index b078d48..7171247 100644 ---- a/auth-dialog/main.c -+++ b/auth-dialog/main.c -@@ -180,7 +180,6 @@ typedef struct auth_ui_data { - GtkWidget *last_notice_icon; - GtkTextBuffer *log; - -- int retval; - int cookie_retval; - - int cancel_pipes[2]; -@@ -1376,7 +1375,6 @@ static gboolean cookie_obtained(auth_ui_data *ui_data) - gtk_widget_show_all(ui_data->ssl_box); - gtk_widget_set_sensitive(ui_data->cancel_button, FALSE); - } -- ui_data->retval = 1; - } else if (!ui_data->cookie_retval) { - OPENCONNECT_X509 *cert; - gchar *key, *value; -@@ -1413,13 +1411,11 @@ static gboolean cookie_obtained(auth_ui_data *ui_data) - keyring_store_passwords, - NULL); - } -- ui_data->retval = 0; - - gtk_main_quit(); - } else { - /* no cookie; user cancellation */ - gtk_widget_show (ui_data->no_form_label); -- ui_data->retval = 1; - } - - g_hash_table_remove_all (ui_data->success_secrets); -@@ -1672,7 +1668,6 @@ static auth_ui_data *init_ui_data (char *vpn_name, GHashTable *options, GHashTab - auth_ui_data *ui_data; - - ui_data = g_slice_new0(auth_ui_data); -- ui_data->retval = 1; - - ui_data->form_entries = g_queue_new(); - g_mutex_init(&ui_data->form_mutex); -@@ -1848,5 +1843,5 @@ int main (int argc, char **argv) - - wait_for_quit (); - -- return _ui_data->retval; -+ return 0; - } --- -2.2.0 - diff --git a/net-misc/networkmanager-openconnect/files/0.9.10.0/0025-Support-libopenconnect.so.4.patch b/net-misc/networkmanager-openconnect/files/0.9.10.0/0025-Support-libopenconnect.so.4.patch deleted file mode 100644 index ed366702b1ce..000000000000 --- a/net-misc/networkmanager-openconnect/files/0.9.10.0/0025-Support-libopenconnect.so.4.patch +++ /dev/null @@ -1,127 +0,0 @@ -From 58944a3ef9c92f7afa07cbb539d062e1956bafc0 Mon Sep 17 00:00:00 2001 -From: David Woodhouse <David.Woodhouse@intel.com> -Date: Thu, 30 Oct 2014 23:09:14 +0000 -Subject: [PATCH 25/34] Support libopenconnect.so.4 - ---- - auth-dialog/main.c | 38 ++++++++++++++++++++++++++------------ - 1 file changed, 26 insertions(+), 12 deletions(-) - -diff --git a/auth-dialog/main.c b/auth-dialog/main.c -index 7171247..8285bf4 100644 ---- a/auth-dialog/main.c -+++ b/auth-dialog/main.c -@@ -89,6 +89,21 @@ - #define OC_FORM_RESULT_NEWGROUP 2 - #endif - -+#if OPENCONNECT_CHECK_VER(4,0) -+#define dup_option_value(opt) g_strdup((opt)->_value); -+#define OC3DUP(x) (x) -+#define write_config_const const -+#else -+#define dup_option_value(opt) g_strdup((opt)->value); -+#define openconnect_set_option_value(opt, val) do { \ -+ struct oc_form_opt *_o = (opt); \ -+ free(_o->value); _o->value = g_strdup(val); \ -+ } while (0) -+#define openconnect_free_cert_info(v, x) free(x) -+#define OC3DUP(x) g_strdup(x) -+#define write_config_const /* */ -+#endif -+ - #ifdef OPENCONNECT_OPENSSL - #include <openssl/ssl.h> - #include <openssl/bio.h> -@@ -712,7 +727,7 @@ static gboolean ui_form (struct oc_auth_form *form) - data->entry_text = g_strdup (find_form_answer(ui_data->secrets, - form, opt)); - if (!data->entry_text) -- data->entry_text = g_strdup (opt->value); -+ data->entry_text = dup_option_value(opt); - } else { - GHashTable *attrs; - -@@ -776,8 +791,7 @@ static gboolean set_initial_authgroup (auth_ui_data *ui_data, struct oc_auth_for - for (i = 0; i < sopt->nr_choices; i++) { - struct oc_choice *ch = FORMCHOICE(sopt, i); - if (!strcmp(saved_group, ch->name) && i != AUTHGROUP_SELECTION(form)) { -- free(opt->value); -- opt->value = g_strdup(saved_group); -+ openconnect_set_option_value(opt, saved_group); - return TRUE; - } - } -@@ -823,7 +837,7 @@ static int nm_process_auth_form (void *cbdata, struct oc_auth_form *form) - g_cancellable_cancel(data->cancel); - - if (data->entry_text) { -- data->opt->value = g_strdup (data->entry_text); -+ openconnect_set_option_value(data->opt, data->entry_text); - - if (data->opt->type == OC_FORM_OPT_TEXT || - data->opt->type == OC_FORM_OPT_SELECT) { -@@ -932,7 +946,7 @@ static gboolean user_validate_cert(cert_data *data) - text = gtk_text_view_new(); - buffer = gtk_text_view_get_buffer(GTK_TEXT_VIEW(text)); - gtk_text_buffer_set_text(buffer, details, -1); -- free(details); -+ openconnect_free_cert_info(data->ui_data->vpninfo, details); - gtk_text_view_set_editable(GTK_TEXT_VIEW(text), 0); - gtk_text_view_set_cursor_visible(GTK_TEXT_VIEW(text), FALSE); - gtk_container_add(GTK_CONTAINER(scroll), text); -@@ -1166,7 +1180,7 @@ static int get_config (GHashTable *options, GHashTable *secrets, - - cafile = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_CACERT); - if (cafile) -- openconnect_set_cafile(vpninfo, g_strdup (cafile)); -+ openconnect_set_cafile(vpninfo, OC3DUP (cafile)); - - csd = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_CSD_ENABLE); - if (csd && !strcmp(csd, "yes")) { -@@ -1176,16 +1190,16 @@ static int get_config (GHashTable *options, GHashTable *secrets, - if (csd_wrapper && !csd_wrapper[0]) - csd_wrapper = NULL; - -- openconnect_setup_csd(vpninfo, getuid(), 1, g_strdup (csd_wrapper)); -+ openconnect_setup_csd(vpninfo, getuid(), 1, OC3DUP (csd_wrapper)); - } - - proxy = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_PROXY); -- if (proxy && proxy[0] && openconnect_set_http_proxy(vpninfo, g_strdup (proxy))) -+ if (proxy && proxy[0] && openconnect_set_http_proxy(vpninfo, OC3DUP (proxy))) - return -EINVAL; - - cert = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_USERCERT); - sslkey = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_PRIVKEY); -- openconnect_set_client_cert (vpninfo, g_strdup (cert), g_strdup (sslkey)); -+ openconnect_set_client_cert (vpninfo, OC3DUP (cert), OC3DUP (sslkey)); - - pem_passphrase_fsid = g_hash_table_lookup (options, - NM_OPENCONNECT_KEY_PEM_PASSPHRASE_FSID); -@@ -1245,7 +1259,7 @@ static int update_token(void *cbdata, const char *tok) - } - #endif - --static int write_new_config(void *cbdata, char *buf, int buflen) -+static int write_new_config(void *cbdata, write_config_const char *buf, int buflen) - { - auth_ui_data *ui_data = cbdata; - g_hash_table_insert (ui_data->secrets, g_strdup ("xmlconfig"), -@@ -1472,11 +1486,11 @@ static void connect_host(auth_ui_data *ui_data) - if (openconnect_parse_url(ui_data->vpninfo, host->hostaddress)) { - fprintf(stderr, "Failed to parse server URL '%s'\n", - host->hostaddress); -- openconnect_set_hostname (ui_data->vpninfo, g_strdup(host->hostaddress)); -+ openconnect_set_hostname (ui_data->vpninfo, OC3DUP (host->hostaddress)); - } - - if (!openconnect_get_urlpath(ui_data->vpninfo) && host->usergroup) -- openconnect_set_urlpath(ui_data->vpninfo, g_strdup(host->usergroup)); -+ openconnect_set_urlpath(ui_data->vpninfo, OC3DUP (host->usergroup)); - - - g_hash_table_insert (ui_data->success_secrets, g_strdup("lasthost"), --- -2.2.0 - diff --git a/net-misc/networkmanager-openconnect/files/0.9.10.0/0026-Drop-support-for-libopenconnect.so.1.patch b/net-misc/networkmanager-openconnect/files/0.9.10.0/0026-Drop-support-for-libopenconnect.so.1.patch deleted file mode 100644 index 835f694e4fb1..000000000000 --- a/net-misc/networkmanager-openconnect/files/0.9.10.0/0026-Drop-support-for-libopenconnect.so.1.patch +++ /dev/null @@ -1,283 +0,0 @@ -From b8c7e773204d3b4a85a27d7d2ae58dfc1939e1a8 Mon Sep 17 00:00:00 2001 -From: David Woodhouse <David.Woodhouse@intel.com> -Date: Thu, 30 Oct 2014 23:16:20 +0000 -Subject: [PATCH 26/34] Drop support for libopenconnect.so.1 - ---- - auth-dialog/main.c | 201 +---------------------------------------------------- - 1 file changed, 2 insertions(+), 199 deletions(-) - -diff --git a/auth-dialog/main.c b/auth-dialog/main.c -index 8285bf4..df0146c 100644 ---- a/auth-dialog/main.c -+++ b/auth-dialog/main.c -@@ -49,20 +49,6 @@ - - #include "openconnect.h" - --#if OPENCONNECT_API_VERSION_MAJOR == 1 --#define openconnect_vpninfo_new openconnect_vpninfo_new_with_cbdata --#define openconnect_init_ssl openconnect_init_openssl --#endif -- --#ifndef OPENCONNECT_CHECK_VER --#define OPENCONNECT_CHECK_VER(x,y) 0 --#endif -- --#if !OPENCONNECT_CHECK_VER(1,5) --#define OPENCONNECT_X509 X509 --#define OPENCONNECT_OPENSSL --#endif -- - #if !OPENCONNECT_CHECK_VER(2,1) - #define __openconnect_set_token_mode(...) -EOPNOTSUPP - #elif !OPENCONNECT_CHECK_VER(2,2) -@@ -104,12 +90,6 @@ - #define write_config_const /* */ - #endif - --#ifdef OPENCONNECT_OPENSSL --#include <openssl/ssl.h> --#include <openssl/bio.h> --#include <openssl/ui.h> --#endif -- - static const SecretSchema openconnect_secret_schema = { - "org.freedesktop.NetworkManager.Connection.Openconnect", - SECRET_SCHEMA_DONT_MATCH_NAME, -@@ -301,9 +281,6 @@ typedef struct ui_fragment_data { - GtkWidget *entry; - GCancellable *cancel; - auth_ui_data *ui_data; --#ifdef OPENCONNECT_OPENSSL -- UI_STRING *uis; --#endif - struct oc_form_opt *opt; - char *entry_text; - int initial_selection; -@@ -315,27 +292,9 @@ static void entry_activate_cb(GtkWidget *widget, auth_ui_data *ui_data) - gtk_dialog_response(GTK_DIALOG(ui_data->dialog), AUTH_DIALOG_RESPONSE_LOGIN); - } - --#ifdef OPENCONNECT_OPENSSL --static void do_check_visibility(ui_fragment_data *data, gboolean *visible) --{ -- int min_len; -- -- if (!data->uis) -- return; -- -- min_len = UI_get_result_minsize(data->uis); -- -- if (min_len && (!data->entry_text || strlen(data->entry_text) < min_len)) -- *visible = FALSE; --} --#endif - static void evaluate_login_visibility(auth_ui_data *ui_data) - { - gboolean visible = TRUE; --#ifdef OPENCONNECT_OPENSSL -- g_queue_foreach(ui_data->form_entries, (GFunc)do_check_visibility, -- &visible); --#endif - gtk_widget_set_sensitive (ui_data->login_button, visible); - } - -@@ -343,9 +302,6 @@ static void entry_changed(GtkEntry *entry, ui_fragment_data *data) - { - g_free (data->entry_text); - data->entry_text = g_strdup(gtk_entry_get_text(entry)); --#ifdef OPENCONNECT_OPENSSL -- evaluate_login_visibility(data->ui_data); --#endif - } - - static void do_override_label(ui_fragment_data *data, struct oc_choice *choice) -@@ -387,26 +343,6 @@ static void combo_changed(GtkComboBox *combo, ui_fragment_data *data) - FORMCHOICE(sopt, entry)); - } - --#ifdef OPENCONNECT_OPENSSL --static gboolean ui_write_error (ui_fragment_data *data) --{ -- ssl_box_add_error(data->ui_data, UI_get0_output_string(data->uis)); -- -- g_slice_free (ui_fragment_data, data); -- -- return FALSE; --} -- --static gboolean ui_write_info (ui_fragment_data *data) --{ -- ssl_box_add_info(data->ui_data, UI_get0_output_string(data->uis)); -- -- g_slice_free (ui_fragment_data, data); -- -- return FALSE; --} --#endif -- - static gboolean ui_write_prompt (ui_fragment_data *data) - { - auth_ui_data *ui_data = _ui_data; /* FIXME global */ -@@ -414,16 +350,8 @@ static gboolean ui_write_prompt (ui_fragment_data *data) - int visible; - const char *label; - --#ifdef OPENCONNECT_OPENSSL -- if (data->uis) { -- label = UI_get0_output_string(data->uis); -- visible = UI_get_input_flags(data->uis) & UI_INPUT_FLAG_ECHO; -- } else --#endif -- { -- label = data->opt->label; -- visible = (data->opt->type == OC_FORM_OPT_TEXT); -- } -+ label = data->opt->label; -+ visible = (data->opt->type == OC_FORM_OPT_TEXT); - - hbox = gtk_box_new (GTK_ORIENTATION_HORIZONTAL, 0); - gtk_box_pack_start(GTK_BOX(data->ui_data->ssl_box), hbox, FALSE, FALSE, 0); -@@ -512,128 +440,6 @@ static gboolean ui_show (auth_ui_data *ui_data) - return FALSE; - } - --#ifdef OPENCONNECT_OPENSSL --/* runs in worker thread */ --static int ui_open(UI *ui) --{ -- auth_ui_data *ui_data = _ui_data; /* FIXME global */ -- -- UI_add_user_data(ui, ui_data); -- -- return 1; --} -- --/* runs in worker thread */ --static int ui_write(UI *ui, UI_STRING *uis) --{ -- auth_ui_data *ui_data; -- ui_fragment_data *data; -- -- ui_data = UI_get0_user_data(ui); -- -- /* return if a new host has been selected */ -- if (ui_data->cancelled) { -- return 1; -- } -- -- data = g_slice_new0 (ui_fragment_data); -- data->ui_data = ui_data; -- data->uis = uis; -- -- switch(UI_get_string_type(uis)) { -- case UIT_ERROR: -- g_idle_add ((GSourceFunc)ui_write_error, data); -- break; -- -- case UIT_INFO: -- g_idle_add ((GSourceFunc)ui_write_info, data); -- break; -- -- case UIT_PROMPT: -- case UIT_VERIFY: -- g_mutex_lock (&ui_data->form_mutex); -- g_queue_push_head(ui_data->form_entries, data); -- g_mutex_unlock (&ui_data->form_mutex); -- -- g_idle_add ((GSourceFunc)ui_write_prompt, data); -- break; -- -- case UIT_BOOLEAN: -- /* FIXME */ -- case UIT_NONE: -- default: -- g_slice_free (ui_fragment_data, data); -- } -- return 1; --} -- --/* runs in worker thread */ --static int ui_flush(UI* ui) --{ -- auth_ui_data *ui_data; -- int response; -- -- ui_data = UI_get0_user_data(ui); -- -- g_idle_add((GSourceFunc)ui_show, ui_data); -- g_mutex_lock(&ui_data->form_mutex); -- /* wait for ui to show */ -- while (!ui_data->form_shown) { -- g_cond_wait(&ui_data->form_shown_changed, &ui_data->form_mutex); -- } -- ui_data->form_shown = FALSE; -- -- if (!ui_data->cancelled) { -- /* wait for form submission or cancel */ -- while (!ui_data->form_retval) { -- g_cond_wait(&ui_data->form_retval_changed, &ui_data->form_mutex); -- } -- response = GPOINTER_TO_INT (ui_data->form_retval); -- ui_data->form_retval = NULL; -- } else -- response = AUTH_DIALOG_RESPONSE_CANCEL; -- -- /* set entry results and free temporary data structures */ -- while (!g_queue_is_empty (ui_data->form_entries)) { -- ui_fragment_data *data; -- data = g_queue_pop_tail (ui_data->form_entries); -- if (data->entry_text) { -- UI_set_result(ui, data->uis, data->entry_text); -- } -- if (data->cancel) { -- g_cancellable_cancel(data->cancel); -- } -- g_slice_free (ui_fragment_data, data); -- } -- ui_data->form_grabbed = 0; -- g_mutex_unlock(&ui_data->form_mutex); -- -- /* -1 = cancel, -- * 0 = failure, -- * 1 = success */ -- return (response == AUTH_DIALOG_RESPONSE_LOGIN ? 1 : -1); --} -- --/* runs in worker thread */ --static int ui_close(UI *ui) --{ -- return 1; --} -- --static int init_openssl_ui(void) --{ -- UI_METHOD *ui_method = UI_create_method("OpenConnect VPN UI (gtk)"); -- -- UI_method_set_opener(ui_method, ui_open); -- UI_method_set_flusher(ui_method, ui_flush); -- UI_method_set_writer(ui_method, ui_write); -- UI_method_set_closer(ui_method, ui_close); -- -- UI_set_default_method(ui_method); -- return 0; --} --#endif /* OPENCONNECT_OPENSSL */ -- - static char *find_form_answer(GHashTable *secrets, struct oc_auth_form *form, - struct oc_form_opt *opt) - { -@@ -1834,9 +1640,6 @@ int main (int argc, char **argv) - - build_main_dialog(_ui_data); - --#ifdef OPENCONNECT_OPENSSL -- init_openssl_ui(); --#endif - openconnect_init_ssl(); - - /* Start connecting now if there's only one host. Or if configured to */ --- -2.2.0 - diff --git a/net-misc/networkmanager-openconnect/files/0.9.10.0/0028-Update-to-new-hash-handling-fix-to-match-stored-cert.patch b/net-misc/networkmanager-openconnect/files/0.9.10.0/0028-Update-to-new-hash-handling-fix-to-match-stored-cert.patch deleted file mode 100644 index 223d59f0c1db..000000000000 --- a/net-misc/networkmanager-openconnect/files/0.9.10.0/0028-Update-to-new-hash-handling-fix-to-match-stored-cert.patch +++ /dev/null @@ -1,185 +0,0 @@ -From 2dc45e25b200e1b70e862f46c9f7ad652e59c8a2 Mon Sep 17 00:00:00 2001 -From: David Woodhouse <David.Woodhouse@intel.com> -Date: Mon, 3 Nov 2014 17:39:43 +0000 -Subject: [PATCH 28/34] Update to new hash handling, fix to match stored certs - only for the same host/port - ---- - auth-dialog/main.c | 90 +++++++++++++++++++++++++++++------------------------- - 1 file changed, 49 insertions(+), 41 deletions(-) - -diff --git a/auth-dialog/main.c b/auth-dialog/main.c -index df0146c..38f3a8f 100644 ---- a/auth-dialog/main.c -+++ b/auth-dialog/main.c -@@ -694,7 +694,7 @@ static char* get_title(const char *vpn_name) - - typedef struct cert_data { - auth_ui_data *ui_data; -- OPENCONNECT_X509 *peer_cert; -+ char *cert_details; - const char *reason; - } cert_data; - -@@ -722,13 +722,10 @@ static gboolean user_validate_cert(cert_data *data) - { - auth_ui_data *ui_data = _ui_data; /* FIXME global */ - char *title; -- char *details; - GtkWidget *dlg, *text, *scroll; - GtkTextBuffer *buffer; - int result; - -- details = openconnect_get_cert_details(ui_data->vpninfo, data->peer_cert); -- - title = get_title(data->ui_data->vpn_name); - dlg = gtk_message_dialog_new(NULL, 0, GTK_MESSAGE_QUESTION, - GTK_BUTTONS_OK_CANCEL, -@@ -751,8 +748,7 @@ static gboolean user_validate_cert(cert_data *data) - - text = gtk_text_view_new(); - buffer = gtk_text_view_get_buffer(GTK_TEXT_VIEW(text)); -- gtk_text_buffer_set_text(buffer, details, -1); -- openconnect_free_cert_info(data->ui_data->vpninfo, details); -+ gtk_text_buffer_set_text(buffer, data->cert_details, -1); - gtk_text_view_set_editable(GTK_TEXT_VIEW(text), 0); - gtk_text_view_set_cursor_visible(GTK_TEXT_VIEW(text), FALSE); - gtk_container_add(GTK_CONTAINER(scroll), text); -@@ -775,36 +771,40 @@ static gboolean user_validate_cert(cert_data *data) - - /* runs in worker thread */ - static int validate_peer_cert(void *cbdata, -- OPENCONNECT_X509 *peer_cert, const char *reason) -+#if !OPENCONNECT_CHECK_VER(5,0) -+ OPENCONNECT_X509 *peer_cert, -+#endif -+ const char *reason) - { - auth_ui_data *ui_data = cbdata; -- char fingerprint[41]; -- char *certs_data; - int ret = 0; - cert_data *data; -+ char *certkey; -+ char *accepted_hash = NULL; -+#if OPENCONNECT_CHECK_VER(5,0) -+ const char *fingerprint = openconnect_get_peer_cert_hash(ui_data->vpninfo); -+#else -+ char fingerprint[41]; - - ret = openconnect_get_cert_sha1(ui_data->vpninfo, peer_cert, fingerprint); - if (ret) - return ret; - -- certs_data = g_hash_table_lookup (ui_data->secrets, "certsigs"); -- if (certs_data) { -- char **certs = g_strsplit_set(certs_data, "\t", 0); -- char **this = certs; -+#define openconnect_check_peer_cert_hash(v, h) strcmp(h, fingerprint) -+#define openconnect_get_peer_cert_details(v) openconnect_get_cert_details(v, peer_cert); -+#endif - -- while (*this) { -- if (!strcmp(*this, fingerprint)) { -- g_strfreev(certs); -- goto out; -- } -- this++; -- } -- g_strfreev(certs); -- } -+ certkey = g_strdup_printf ("certificate:%s:%d", -+ openconnect_get_hostname(ui_data->vpninfo), -+ openconnect_get_port(ui_data->vpninfo)); -+ -+ accepted_hash = g_hash_table_lookup (ui_data->secrets, certkey); -+ if (accepted_hash && !openconnect_check_peer_cert_hash(ui_data->vpninfo, accepted_hash)) -+ goto accepted; - - data = g_slice_new(cert_data); - data->ui_data = ui_data; /* FIXME uses global */ -- data->peer_cert = peer_cert; -+ data->cert_details = openconnect_get_peer_cert_details(ui_data->vpninfo); - data->reason = reason; - - g_mutex_lock(&ui_data->form_mutex); -@@ -813,27 +813,27 @@ static int validate_peer_cert(void *cbdata, - g_idle_add((GSourceFunc)user_validate_cert, data); - - /* wait for user to accept or cancel */ -- while (ui_data->cert_response == CERT_USER_NOT_READY) { -+ while (ui_data->cert_response == CERT_USER_NOT_READY) - g_cond_wait(&ui_data->cert_response_changed, &ui_data->form_mutex); -- } -- if (ui_data->cert_response == CERT_ACCEPTED) { -- if (certs_data) { -- char *new = g_strdup_printf("%s\t%s", certs_data, fingerprint); -- g_hash_table_insert (ui_data->secrets, -- g_strdup ("certsigs"), new); -- } else { -- g_hash_table_insert (ui_data->secrets, g_strdup ("certsigs"), -- g_strdup (fingerprint)); -- } -+ -+ openconnect_free_cert_info(data->ui_data->vpninfo, data->cert_details); -+ g_slice_free(cert_data, data); -+ -+ if (ui_data->cert_response == CERT_ACCEPTED) - ret = 0; -- } else { -+ else - ret = -EINVAL; -- } -+ - g_mutex_unlock (&ui_data->form_mutex); - -- g_slice_free(cert_data, data); -+ accepted: -+ if (!ret) { -+ g_hash_table_insert (ui_data->secrets, certkey, -+ g_strdup(fingerprint)); -+ certkey = NULL; -+ } - -- out: -+ g_free (certkey); - return ret; - } - -@@ -1196,7 +1196,7 @@ static gboolean cookie_obtained(auth_ui_data *ui_data) - gtk_widget_set_sensitive(ui_data->cancel_button, FALSE); - } - } else if (!ui_data->cookie_retval) { -- OPENCONNECT_X509 *cert; -+ const void *cert; - gchar *key, *value; - - /* got cookie */ -@@ -1218,14 +1218,22 @@ static gboolean cookie_obtained(auth_ui_data *ui_data) - g_hash_table_insert (ui_data->secrets, key, value); - openconnect_clear_cookie(ui_data->vpninfo); - -+#if OPENCONNECT_CHECK_VER(5,0) -+ cert = openconnect_get_peer_cert_hash (ui_data->vpninfo); -+ if (cert) { -+ key = g_strdup (NM_OPENCONNECT_KEY_GWCERT); -+ value = g_strdup (cert); -+ g_hash_table_insert (ui_data->secrets, key, value); -+ } -+#else - cert = openconnect_get_peer_cert (ui_data->vpninfo); - if (cert) { - key = g_strdup (NM_OPENCONNECT_KEY_GWCERT); - value = g_malloc0 (41); -- openconnect_get_cert_sha1(ui_data->vpninfo, cert, value); -+ openconnect_get_cert_sha1(ui_data->vpninfo, (void *)cert, value); - g_hash_table_insert (ui_data->secrets, key, value); - } -- -+#endif - if (get_save_passwords(ui_data->secrets)) { - g_hash_table_foreach(ui_data->success_passwords, - keyring_store_passwords, --- -2.2.0 - diff --git a/net-misc/networkmanager-openconnect/networkmanager-openconnect-0.9.10.0-r1.ebuild b/net-misc/networkmanager-openconnect/networkmanager-openconnect-0.9.10.0-r1.ebuild deleted file mode 100644 index 785249c13653..000000000000 --- a/net-misc/networkmanager-openconnect/networkmanager-openconnect-0.9.10.0-r1.ebuild +++ /dev/null @@ -1,51 +0,0 @@ -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -EAPI="5" -GCONF_DEBUG="no" -GNOME_ORG_MODULE="NetworkManager-${PN##*-}" - -inherit gnome2 user - -DESCRIPTION="NetworkManager OpenConnect plugin" -HOMEPAGE="https://wiki.gnome.org/Projects/NetworkManager" - -LICENSE="GPL-2+" -SLOT="0" -KEYWORDS="~amd64 ~x86" -IUSE="gtk" - -RDEPEND=" - app-crypt/libsecret - >=net-misc/networkmanager-0.9.6:= - >=dev-libs/glib-2.32:2 - >=dev-libs/dbus-glib-0.74 - dev-libs/libxml2:2 - >=net-misc/openconnect-3.02:= - gtk? ( >=x11-libs/gtk+-3.4:3 ) -" -DEPEND="${RDEPEND} - sys-devel/gettext - dev-util/intltool - virtual/pkgconfig -" - -src_prepare() { - EPATCH_FORCE=yes EPATCH_SUFFIX=patch EPATCH_SOURCE="${FILESDIR}/${PV}" epatch - gnome2_src_prepare -} - -src_configure() { - gnome2_src_configure \ - --disable-more-warnings \ - --disable-static \ - $(use_with gtk gnome) \ - $(use_with gtk authdlg) -} - -pkg_postinst() { - gnome2_pkg_postinst - enewgroup nm-openconnect - enewuser nm-openconnect -1 -1 -1 nm-openconnect -} diff --git a/net-misc/networkmanager-openconnect/networkmanager-openconnect-0.9.10.0.ebuild b/net-misc/networkmanager-openconnect/networkmanager-openconnect-0.9.10.0.ebuild deleted file mode 100644 index 63720dc17d0b..000000000000 --- a/net-misc/networkmanager-openconnect/networkmanager-openconnect-0.9.10.0.ebuild +++ /dev/null @@ -1,51 +0,0 @@ -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -EAPI="5" -GCONF_DEBUG="no" -GNOME_ORG_MODULE="NetworkManager-${PN##*-}" - -inherit gnome2 user - -DESCRIPTION="NetworkManager OpenConnect plugin" -HOMEPAGE="https://wiki.gnome.org/Projects/NetworkManager" - -LICENSE="GPL-2+" -SLOT="0" -KEYWORDS="amd64 x86" -IUSE="gtk" - -RDEPEND=" - app-crypt/libsecret - >=net-misc/networkmanager-0.9.6:= - >=dev-libs/glib-2.32:2 - >=dev-libs/dbus-glib-0.74 - dev-libs/libxml2:2 - >=net-misc/openconnect-3.02:= - gtk? ( >=x11-libs/gtk+-3.4:3 ) -" -DEPEND="${RDEPEND} - sys-devel/gettext - dev-util/intltool - virtual/pkgconfig -" - -src_prepare() { - epatch_user - gnome2_src_prepare -} - -src_configure() { - gnome2_src_configure \ - --disable-more-warnings \ - --disable-static \ - $(use_with gtk gnome) \ - $(use_with gtk authdlg) -} - -pkg_postinst() { - gnome2_pkg_postinst - enewgroup nm-openconnect - enewuser nm-openconnect -1 -1 -1 nm-openconnect -} diff --git a/net-misc/networkmanager-openconnect/networkmanager-openconnect-1.0.0.ebuild b/net-misc/networkmanager-openconnect/networkmanager-openconnect-1.0.0.ebuild deleted file mode 100644 index 16c7bc1d02df..000000000000 --- a/net-misc/networkmanager-openconnect/networkmanager-openconnect-1.0.0.ebuild +++ /dev/null @@ -1,46 +0,0 @@ -# Copyright 1999-2015 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -EAPI="5" -GCONF_DEBUG="no" -GNOME_ORG_MODULE="NetworkManager-${PN##*-}" - -inherit gnome2 user - -DESCRIPTION="NetworkManager OpenConnect plugin" -HOMEPAGE="https://wiki.gnome.org/Projects/NetworkManager" - -LICENSE="GPL-2+" -SLOT="0" -KEYWORDS="amd64 x86" -IUSE="gtk" - -RDEPEND=" - app-crypt/libsecret - >=net-misc/networkmanager-0.9.10:= - >=dev-libs/glib-2.32:2 - >=dev-libs/dbus-glib-0.74 - dev-libs/libxml2:2 - >=net-misc/openconnect-3.02:= - gtk? ( >=x11-libs/gtk+-3.4:3 ) -" -DEPEND="${RDEPEND} - sys-devel/gettext - dev-util/intltool - virtual/pkgconfig -" - -src_configure() { - gnome2_src_configure \ - --disable-more-warnings \ - --disable-static \ - $(use_with gtk gnome) \ - $(use_with gtk authdlg) -} - -pkg_postinst() { - gnome2_pkg_postinst - enewgroup nm-openconnect - enewuser nm-openconnect -1 -1 -1 nm-openconnect -} |