summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPacho Ramos <pacho@gentoo.org>2015-12-12 12:04:06 +0100
committerPacho Ramos <pacho@gentoo.org>2015-12-12 15:27:23 +0100
commit901a420a4d4bdc0ab7fc50c5f5577392c34a00f8 (patch)
treee9a0350f639496148bb8990231b357e949ca6df2 /net-misc
parentnet-misc/networkmanager-openconnect: Version bump (diff)
downloadgentoo-901a420a4d4bdc0ab7fc50c5f5577392c34a00f8.tar.gz
gentoo-901a420a4d4bdc0ab7fc50c5f5577392c34a00f8.tar.bz2
gentoo-901a420a4d4bdc0ab7fc50c5f5577392c34a00f8.zip
net-misc/networkmanager-openconnect: Drop old
Package-Manager: portage-2.2.24
Diffstat (limited to 'net-misc')
-rw-r--r--net-misc/networkmanager-openconnect/Manifest2
-rw-r--r--net-misc/networkmanager-openconnect/files/0.9.10.0/0016-Add-HOTP-support.patch148
-rw-r--r--net-misc/networkmanager-openconnect/files/0.9.10.0/0017-Always-return-success-from-auth-dialog.patch68
-rw-r--r--net-misc/networkmanager-openconnect/files/0.9.10.0/0025-Support-libopenconnect.so.4.patch127
-rw-r--r--net-misc/networkmanager-openconnect/files/0.9.10.0/0026-Drop-support-for-libopenconnect.so.1.patch283
-rw-r--r--net-misc/networkmanager-openconnect/files/0.9.10.0/0028-Update-to-new-hash-handling-fix-to-match-stored-cert.patch185
-rw-r--r--net-misc/networkmanager-openconnect/networkmanager-openconnect-0.9.10.0-r1.ebuild51
-rw-r--r--net-misc/networkmanager-openconnect/networkmanager-openconnect-0.9.10.0.ebuild51
-rw-r--r--net-misc/networkmanager-openconnect/networkmanager-openconnect-1.0.0.ebuild46
9 files changed, 0 insertions, 961 deletions
diff --git a/net-misc/networkmanager-openconnect/Manifest b/net-misc/networkmanager-openconnect/Manifest
index 1ad199cfbd67..8eba99116493 100644
--- a/net-misc/networkmanager-openconnect/Manifest
+++ b/net-misc/networkmanager-openconnect/Manifest
@@ -1,4 +1,2 @@
-DIST NetworkManager-openconnect-0.9.10.0.tar.xz 438008 SHA256 8007d70a6943388bfa141f99fc4da9965fd122cf2741512ce0cf9c0f9c78331a SHA512 0543db106524e66782ce51854bfe29e2e0317e9e0de1d303c4c8a0e021d2cd04defa9421fffada8d5f6a4cd79672bf4dd7683415102c0ce85a9dea4132ad2f55 WHIRLPOOL a16a34214186c9446b31ccce87248007fef33b44073bf740dae1494ba5fec52d3814601680b2b1288ee02dcca4d57099e49b38717ef4ef14865bdcbe1de7d6b8
-DIST NetworkManager-openconnect-1.0.0.tar.xz 465812 SHA256 06f322f8efe9b882b19dcaa4314049171fd38701e902f688cbdcacfd21d23f5f SHA512 3a919750e865bf51213bba99cf141255a04e4452facca7ac40115cb9c66b5767e1831b11f10b3d93901f6d794aca22cf55ed80e2e061d8c38548727d0831eac5 WHIRLPOOL 0f3609a1d36f9e1a1859e2fe4c1a650bac7226eea5904b67190af85987ada9b075707d22cce4fb07880ce4da9ddca0fb1c08bd13b76a1343c08630a523b30039
DIST NetworkManager-openconnect-1.0.2.tar.xz 543000 SHA256 120a055863841df1763d4c6b5de03e6f7180fa1a218f376ecc9c75a5862e600e SHA512 54ec54ec1b3387f8c3375181b1e537d4100eea4dc896dbda6f7c785de49f3e3b4c5b73204ee246b21b3f718e9391b4476768a596550aa54a23b8ee04a9191f9f WHIRLPOOL 89c45f5b45ed832cc1a15b0210dac7504f9d96ceca71cbc934670f1920bb2661be21dfa4d34305e37f057a640a2742c1535813d44f303a206378899e53e780c9
DIST NetworkManager-openconnect-1.0.8.tar.xz 576940 SHA256 c1bf2884ffaccae327e98d8e6c8caeb16f57993d1321ce43f99ef8312406d7e6 SHA512 3930fe6a32b583f5d007f724db0d3c0b60c6f8bb1871edeedc7d98ea3edb22d6da6e5dd778300f8d688af394b42358829d17df3f9a40e22fdbc8a01f4e69b2f3 WHIRLPOOL db6cb0484169363acf176fc23839de58d37f805ffb9fab8116b4e7a69aa1cb1760f79c50dc13baa63272b8eb982ff53f4ca58df5b74686909c630d12d8ff59c7
diff --git a/net-misc/networkmanager-openconnect/files/0.9.10.0/0016-Add-HOTP-support.patch b/net-misc/networkmanager-openconnect/files/0.9.10.0/0016-Add-HOTP-support.patch
deleted file mode 100644
index 9dc8c4ae70d6..000000000000
--- a/net-misc/networkmanager-openconnect/files/0.9.10.0/0016-Add-HOTP-support.patch
+++ /dev/null
@@ -1,148 +0,0 @@
-From b3815e96635c8f89c6161bdb6de53cd3c01c8535 Mon Sep 17 00:00:00 2001
-From: David Woodhouse <David.Woodhouse@intel.com>
-Date: Tue, 12 Aug 2014 14:55:39 +0100
-Subject: [PATCH 16/34] Add HOTP support
-
-This requires migrating the token_secret from a config item to a secret,
-which thankfully doesn't seem to be too diffcult.
----
- auth-dialog/main.c | 24 +++++++++++++++++++++++-
- properties/nm-openconnect-dialog.ui | 6 ++++++
- properties/nm-openconnect.c | 18 ++++++++++++++----
- 3 files changed, 43 insertions(+), 5 deletions(-)
-
-diff --git a/auth-dialog/main.c b/auth-dialog/main.c
-index 2133e52..b078d48 100644
---- a/auth-dialog/main.c
-+++ b/auth-dialog/main.c
-@@ -1194,7 +1194,9 @@ static int get_config (GHashTable *options, GHashTable *secrets,
- openconnect_passphrase_from_fsid(vpninfo);
-
- token_mode = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_TOKEN_MODE);
-- token_secret = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_TOKEN_SECRET);
-+ token_secret = g_hash_table_lookup (secrets, NM_OPENCONNECT_KEY_TOKEN_SECRET);
-+ if (!token_secret || !token_secret[0])
-+ token_secret = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_TOKEN_SECRET);
- if (token_mode) {
- int ret = 0;
-
-@@ -1204,6 +1206,10 @@ static int get_config (GHashTable *options, GHashTable *secrets,
- ret = __openconnect_set_token_mode(vpninfo, OC_TOKEN_MODE_STOKEN, NULL);
- else if (!strcmp(token_mode, "totp") && token_secret)
- ret = __openconnect_set_token_mode(vpninfo, OC_TOKEN_MODE_TOTP, token_secret);
-+#if OPENCONNECT_CHECK_VER(3,4)
-+ else if (!strcmp(token_mode, "hotp") && token_secret)
-+ ret = __openconnect_set_token_mode(vpninfo, OC_TOKEN_MODE_HOTP, token_secret);
-+#endif
-
- if (ret)
- fprintf(stderr, "Failed to initialize software token: %d\n", ret);
-@@ -1229,6 +1235,17 @@ static void populate_vpnhost_combo(auth_ui_data *ui_data)
- }
- }
-
-+#if OPENCONNECT_CHECK_VER(3,4)
-+static int update_token(void *cbdata, const char *tok)
-+{
-+ auth_ui_data *ui_data = cbdata;
-+ g_hash_table_insert (ui_data->secrets, g_strdup (NM_OPENCONNECT_KEY_TOKEN_SECRET),
-+ g_strdup(tok));
-+
-+ return 0;
-+}
-+#endif
-+
- static int write_new_config(void *cbdata, char *buf, int buflen)
- {
- auth_ui_data *ui_data = cbdata;
-@@ -1801,6 +1818,11 @@ int main (int argc, char **argv)
- fprintf(stderr, "Failed to find VPN UUID %s\n", vpn_uuid);
- return 1;
- }
-+
-+#if OPENCONNECT_CHECK_VER(3,4)
-+ openconnect_set_token_callbacks (_ui_data->vpninfo, _ui_data, NULL, update_token);
-+#endif
-+
- build_main_dialog(_ui_data);
-
- #ifdef OPENCONNECT_OPENSSL
-diff --git a/properties/nm-openconnect-dialog.ui b/properties/nm-openconnect-dialog.ui
-index b3401db..4643b73 100644
---- a/properties/nm-openconnect-dialog.ui
-+++ b/properties/nm-openconnect-dialog.ui
-@@ -766,6 +766,12 @@
- <col id="2" translatable="no">totp</col>
- <col id="3" translatable="no">True</col>
- </row>
-+ <row>
-+ <col id="0" translatable="yes">HOTP - manually entered</col>
-+ <col id="1" translatable="no">hotp</col>
-+ <col id="2" translatable="no">hotp</col>
-+ <col id="3" translatable="no">True</col>
-+ </row>
- </data>
- </object>
- </interface>
-diff --git a/properties/nm-openconnect.c b/properties/nm-openconnect.c
-index e00e757..dfd5f5c 100644
---- a/properties/nm-openconnect.c
-+++ b/properties/nm-openconnect.c
-@@ -214,7 +214,7 @@ import (NMVpnPluginUiInterface *iface, const char *path, GError **error)
- /* Soft token secret */
- buf = g_key_file_get_string (keyfile, "openconnect", "StokenString", NULL);
- if (buf)
-- nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET, buf);
-+ nm_setting_vpn_add_secret (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET, buf);
-
- return connection;
- }
-@@ -297,9 +297,14 @@ export (NMVpnPluginUiInterface *iface,
- if (value && strlen (value))
- token_mode = value;
-
-- value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET);
-+ value = nm_setting_vpn_get_secret (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET);
- if (value && strlen (value))
- token_secret = value;
-+ else {
-+ value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET);
-+ if (value && strlen (value))
-+ token_secret = value;
-+ }
-
- fprintf (f,
- "[openconnect]\n"
-@@ -427,6 +432,9 @@ init_token_mode_options (GtkComboBox *token_mode)
- iter_valid = gtk_list_store_remove (token_mode_list, &iter);
- else if (!strcmp (token_type, "totp") && !openconnect_has_oath_support ())
- iter_valid = gtk_list_store_remove (token_mode_list, &iter);
-+ else if (!strcmp (token_type, "hotp") &&
-+ (!openconnect_has_oath_support () || !OPENCONNECT_CHECK_VER(3,4)))
-+ iter_valid = gtk_list_store_remove (token_mode_list, &iter);
- else {
- iter_valid = gtk_tree_model_iter_next (model, &iter);
- valid_rows++;
-@@ -492,7 +500,9 @@ init_token_ui (OpenconnectPluginUiWidget *self,
- if (!buffer)
- return FALSE;
- if (s_vpn) {
-- value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET);
-+ value = nm_setting_vpn_get_secret (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET);
-+ if (!value)
-+ value = nm_setting_vpn_get_data_item (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET);
- if (value)
- gtk_text_buffer_set_text (buffer, value, -1);
- }
-@@ -653,7 +663,7 @@ update_connection (NMVpnPluginUiWidgetInterface *iface,
- *dst = 0;
-
- if (strlen (str))
-- nm_setting_vpn_add_data_item (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET, str);
-+ nm_setting_vpn_add_secret (s_vpn, NM_OPENCONNECT_KEY_TOKEN_SECRET, str);
- }
-
- if (!check_validity (self, error))
---
-2.2.0
-
diff --git a/net-misc/networkmanager-openconnect/files/0.9.10.0/0017-Always-return-success-from-auth-dialog.patch b/net-misc/networkmanager-openconnect/files/0.9.10.0/0017-Always-return-success-from-auth-dialog.patch
deleted file mode 100644
index f5427130c5dd..000000000000
--- a/net-misc/networkmanager-openconnect/files/0.9.10.0/0017-Always-return-success-from-auth-dialog.patch
+++ /dev/null
@@ -1,68 +0,0 @@
-From 5e899ec0dfff56ac15f9e19cccb8b8d17f792afd Mon Sep 17 00:00:00 2001
-From: David Woodhouse <David.Woodhouse@intel.com>
-Date: Tue, 12 Aug 2014 14:58:05 +0100
-Subject: [PATCH 17/34] Always return success from auth-dialog
-
-We want to store the secrets even when we ultimately failed to log in.
-This was slightly suboptimal even before, when we were failing to remember
-things like the 'autoconnect' and 'certsigs' secrets. But now with HOTP
-it's particularly important that we keep track of which tokens have been
-used *even* if we end up failing to log in.
-
-Even if we don't get a valid login cookie, it's OK to return success.
----
- auth-dialog/main.c | 7 +------
- 1 file changed, 1 insertion(+), 6 deletions(-)
-
-diff --git a/auth-dialog/main.c b/auth-dialog/main.c
-index b078d48..7171247 100644
---- a/auth-dialog/main.c
-+++ b/auth-dialog/main.c
-@@ -180,7 +180,6 @@ typedef struct auth_ui_data {
- GtkWidget *last_notice_icon;
- GtkTextBuffer *log;
-
-- int retval;
- int cookie_retval;
-
- int cancel_pipes[2];
-@@ -1376,7 +1375,6 @@ static gboolean cookie_obtained(auth_ui_data *ui_data)
- gtk_widget_show_all(ui_data->ssl_box);
- gtk_widget_set_sensitive(ui_data->cancel_button, FALSE);
- }
-- ui_data->retval = 1;
- } else if (!ui_data->cookie_retval) {
- OPENCONNECT_X509 *cert;
- gchar *key, *value;
-@@ -1413,13 +1411,11 @@ static gboolean cookie_obtained(auth_ui_data *ui_data)
- keyring_store_passwords,
- NULL);
- }
-- ui_data->retval = 0;
-
- gtk_main_quit();
- } else {
- /* no cookie; user cancellation */
- gtk_widget_show (ui_data->no_form_label);
-- ui_data->retval = 1;
- }
-
- g_hash_table_remove_all (ui_data->success_secrets);
-@@ -1672,7 +1668,6 @@ static auth_ui_data *init_ui_data (char *vpn_name, GHashTable *options, GHashTab
- auth_ui_data *ui_data;
-
- ui_data = g_slice_new0(auth_ui_data);
-- ui_data->retval = 1;
-
- ui_data->form_entries = g_queue_new();
- g_mutex_init(&ui_data->form_mutex);
-@@ -1848,5 +1843,5 @@ int main (int argc, char **argv)
-
- wait_for_quit ();
-
-- return _ui_data->retval;
-+ return 0;
- }
---
-2.2.0
-
diff --git a/net-misc/networkmanager-openconnect/files/0.9.10.0/0025-Support-libopenconnect.so.4.patch b/net-misc/networkmanager-openconnect/files/0.9.10.0/0025-Support-libopenconnect.so.4.patch
deleted file mode 100644
index ed366702b1ce..000000000000
--- a/net-misc/networkmanager-openconnect/files/0.9.10.0/0025-Support-libopenconnect.so.4.patch
+++ /dev/null
@@ -1,127 +0,0 @@
-From 58944a3ef9c92f7afa07cbb539d062e1956bafc0 Mon Sep 17 00:00:00 2001
-From: David Woodhouse <David.Woodhouse@intel.com>
-Date: Thu, 30 Oct 2014 23:09:14 +0000
-Subject: [PATCH 25/34] Support libopenconnect.so.4
-
----
- auth-dialog/main.c | 38 ++++++++++++++++++++++++++------------
- 1 file changed, 26 insertions(+), 12 deletions(-)
-
-diff --git a/auth-dialog/main.c b/auth-dialog/main.c
-index 7171247..8285bf4 100644
---- a/auth-dialog/main.c
-+++ b/auth-dialog/main.c
-@@ -89,6 +89,21 @@
- #define OC_FORM_RESULT_NEWGROUP 2
- #endif
-
-+#if OPENCONNECT_CHECK_VER(4,0)
-+#define dup_option_value(opt) g_strdup((opt)->_value);
-+#define OC3DUP(x) (x)
-+#define write_config_const const
-+#else
-+#define dup_option_value(opt) g_strdup((opt)->value);
-+#define openconnect_set_option_value(opt, val) do { \
-+ struct oc_form_opt *_o = (opt); \
-+ free(_o->value); _o->value = g_strdup(val); \
-+ } while (0)
-+#define openconnect_free_cert_info(v, x) free(x)
-+#define OC3DUP(x) g_strdup(x)
-+#define write_config_const /* */
-+#endif
-+
- #ifdef OPENCONNECT_OPENSSL
- #include <openssl/ssl.h>
- #include <openssl/bio.h>
-@@ -712,7 +727,7 @@ static gboolean ui_form (struct oc_auth_form *form)
- data->entry_text = g_strdup (find_form_answer(ui_data->secrets,
- form, opt));
- if (!data->entry_text)
-- data->entry_text = g_strdup (opt->value);
-+ data->entry_text = dup_option_value(opt);
- } else {
- GHashTable *attrs;
-
-@@ -776,8 +791,7 @@ static gboolean set_initial_authgroup (auth_ui_data *ui_data, struct oc_auth_for
- for (i = 0; i < sopt->nr_choices; i++) {
- struct oc_choice *ch = FORMCHOICE(sopt, i);
- if (!strcmp(saved_group, ch->name) && i != AUTHGROUP_SELECTION(form)) {
-- free(opt->value);
-- opt->value = g_strdup(saved_group);
-+ openconnect_set_option_value(opt, saved_group);
- return TRUE;
- }
- }
-@@ -823,7 +837,7 @@ static int nm_process_auth_form (void *cbdata, struct oc_auth_form *form)
- g_cancellable_cancel(data->cancel);
-
- if (data->entry_text) {
-- data->opt->value = g_strdup (data->entry_text);
-+ openconnect_set_option_value(data->opt, data->entry_text);
-
- if (data->opt->type == OC_FORM_OPT_TEXT ||
- data->opt->type == OC_FORM_OPT_SELECT) {
-@@ -932,7 +946,7 @@ static gboolean user_validate_cert(cert_data *data)
- text = gtk_text_view_new();
- buffer = gtk_text_view_get_buffer(GTK_TEXT_VIEW(text));
- gtk_text_buffer_set_text(buffer, details, -1);
-- free(details);
-+ openconnect_free_cert_info(data->ui_data->vpninfo, details);
- gtk_text_view_set_editable(GTK_TEXT_VIEW(text), 0);
- gtk_text_view_set_cursor_visible(GTK_TEXT_VIEW(text), FALSE);
- gtk_container_add(GTK_CONTAINER(scroll), text);
-@@ -1166,7 +1180,7 @@ static int get_config (GHashTable *options, GHashTable *secrets,
-
- cafile = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_CACERT);
- if (cafile)
-- openconnect_set_cafile(vpninfo, g_strdup (cafile));
-+ openconnect_set_cafile(vpninfo, OC3DUP (cafile));
-
- csd = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_CSD_ENABLE);
- if (csd && !strcmp(csd, "yes")) {
-@@ -1176,16 +1190,16 @@ static int get_config (GHashTable *options, GHashTable *secrets,
- if (csd_wrapper && !csd_wrapper[0])
- csd_wrapper = NULL;
-
-- openconnect_setup_csd(vpninfo, getuid(), 1, g_strdup (csd_wrapper));
-+ openconnect_setup_csd(vpninfo, getuid(), 1, OC3DUP (csd_wrapper));
- }
-
- proxy = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_PROXY);
-- if (proxy && proxy[0] && openconnect_set_http_proxy(vpninfo, g_strdup (proxy)))
-+ if (proxy && proxy[0] && openconnect_set_http_proxy(vpninfo, OC3DUP (proxy)))
- return -EINVAL;
-
- cert = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_USERCERT);
- sslkey = g_hash_table_lookup (options, NM_OPENCONNECT_KEY_PRIVKEY);
-- openconnect_set_client_cert (vpninfo, g_strdup (cert), g_strdup (sslkey));
-+ openconnect_set_client_cert (vpninfo, OC3DUP (cert), OC3DUP (sslkey));
-
- pem_passphrase_fsid = g_hash_table_lookup (options,
- NM_OPENCONNECT_KEY_PEM_PASSPHRASE_FSID);
-@@ -1245,7 +1259,7 @@ static int update_token(void *cbdata, const char *tok)
- }
- #endif
-
--static int write_new_config(void *cbdata, char *buf, int buflen)
-+static int write_new_config(void *cbdata, write_config_const char *buf, int buflen)
- {
- auth_ui_data *ui_data = cbdata;
- g_hash_table_insert (ui_data->secrets, g_strdup ("xmlconfig"),
-@@ -1472,11 +1486,11 @@ static void connect_host(auth_ui_data *ui_data)
- if (openconnect_parse_url(ui_data->vpninfo, host->hostaddress)) {
- fprintf(stderr, "Failed to parse server URL '%s'\n",
- host->hostaddress);
-- openconnect_set_hostname (ui_data->vpninfo, g_strdup(host->hostaddress));
-+ openconnect_set_hostname (ui_data->vpninfo, OC3DUP (host->hostaddress));
- }
-
- if (!openconnect_get_urlpath(ui_data->vpninfo) && host->usergroup)
-- openconnect_set_urlpath(ui_data->vpninfo, g_strdup(host->usergroup));
-+ openconnect_set_urlpath(ui_data->vpninfo, OC3DUP (host->usergroup));
-
-
- g_hash_table_insert (ui_data->success_secrets, g_strdup("lasthost"),
---
-2.2.0
-
diff --git a/net-misc/networkmanager-openconnect/files/0.9.10.0/0026-Drop-support-for-libopenconnect.so.1.patch b/net-misc/networkmanager-openconnect/files/0.9.10.0/0026-Drop-support-for-libopenconnect.so.1.patch
deleted file mode 100644
index 835f694e4fb1..000000000000
--- a/net-misc/networkmanager-openconnect/files/0.9.10.0/0026-Drop-support-for-libopenconnect.so.1.patch
+++ /dev/null
@@ -1,283 +0,0 @@
-From b8c7e773204d3b4a85a27d7d2ae58dfc1939e1a8 Mon Sep 17 00:00:00 2001
-From: David Woodhouse <David.Woodhouse@intel.com>
-Date: Thu, 30 Oct 2014 23:16:20 +0000
-Subject: [PATCH 26/34] Drop support for libopenconnect.so.1
-
----
- auth-dialog/main.c | 201 +----------------------------------------------------
- 1 file changed, 2 insertions(+), 199 deletions(-)
-
-diff --git a/auth-dialog/main.c b/auth-dialog/main.c
-index 8285bf4..df0146c 100644
---- a/auth-dialog/main.c
-+++ b/auth-dialog/main.c
-@@ -49,20 +49,6 @@
-
- #include "openconnect.h"
-
--#if OPENCONNECT_API_VERSION_MAJOR == 1
--#define openconnect_vpninfo_new openconnect_vpninfo_new_with_cbdata
--#define openconnect_init_ssl openconnect_init_openssl
--#endif
--
--#ifndef OPENCONNECT_CHECK_VER
--#define OPENCONNECT_CHECK_VER(x,y) 0
--#endif
--
--#if !OPENCONNECT_CHECK_VER(1,5)
--#define OPENCONNECT_X509 X509
--#define OPENCONNECT_OPENSSL
--#endif
--
- #if !OPENCONNECT_CHECK_VER(2,1)
- #define __openconnect_set_token_mode(...) -EOPNOTSUPP
- #elif !OPENCONNECT_CHECK_VER(2,2)
-@@ -104,12 +90,6 @@
- #define write_config_const /* */
- #endif
-
--#ifdef OPENCONNECT_OPENSSL
--#include <openssl/ssl.h>
--#include <openssl/bio.h>
--#include <openssl/ui.h>
--#endif
--
- static const SecretSchema openconnect_secret_schema = {
- "org.freedesktop.NetworkManager.Connection.Openconnect",
- SECRET_SCHEMA_DONT_MATCH_NAME,
-@@ -301,9 +281,6 @@ typedef struct ui_fragment_data {
- GtkWidget *entry;
- GCancellable *cancel;
- auth_ui_data *ui_data;
--#ifdef OPENCONNECT_OPENSSL
-- UI_STRING *uis;
--#endif
- struct oc_form_opt *opt;
- char *entry_text;
- int initial_selection;
-@@ -315,27 +292,9 @@ static void entry_activate_cb(GtkWidget *widget, auth_ui_data *ui_data)
- gtk_dialog_response(GTK_DIALOG(ui_data->dialog), AUTH_DIALOG_RESPONSE_LOGIN);
- }
-
--#ifdef OPENCONNECT_OPENSSL
--static void do_check_visibility(ui_fragment_data *data, gboolean *visible)
--{
-- int min_len;
--
-- if (!data->uis)
-- return;
--
-- min_len = UI_get_result_minsize(data->uis);
--
-- if (min_len && (!data->entry_text || strlen(data->entry_text) < min_len))
-- *visible = FALSE;
--}
--#endif
- static void evaluate_login_visibility(auth_ui_data *ui_data)
- {
- gboolean visible = TRUE;
--#ifdef OPENCONNECT_OPENSSL
-- g_queue_foreach(ui_data->form_entries, (GFunc)do_check_visibility,
-- &visible);
--#endif
- gtk_widget_set_sensitive (ui_data->login_button, visible);
- }
-
-@@ -343,9 +302,6 @@ static void entry_changed(GtkEntry *entry, ui_fragment_data *data)
- {
- g_free (data->entry_text);
- data->entry_text = g_strdup(gtk_entry_get_text(entry));
--#ifdef OPENCONNECT_OPENSSL
-- evaluate_login_visibility(data->ui_data);
--#endif
- }
-
- static void do_override_label(ui_fragment_data *data, struct oc_choice *choice)
-@@ -387,26 +343,6 @@ static void combo_changed(GtkComboBox *combo, ui_fragment_data *data)
- FORMCHOICE(sopt, entry));
- }
-
--#ifdef OPENCONNECT_OPENSSL
--static gboolean ui_write_error (ui_fragment_data *data)
--{
-- ssl_box_add_error(data->ui_data, UI_get0_output_string(data->uis));
--
-- g_slice_free (ui_fragment_data, data);
--
-- return FALSE;
--}
--
--static gboolean ui_write_info (ui_fragment_data *data)
--{
-- ssl_box_add_info(data->ui_data, UI_get0_output_string(data->uis));
--
-- g_slice_free (ui_fragment_data, data);
--
-- return FALSE;
--}
--#endif
--
- static gboolean ui_write_prompt (ui_fragment_data *data)
- {
- auth_ui_data *ui_data = _ui_data; /* FIXME global */
-@@ -414,16 +350,8 @@ static gboolean ui_write_prompt (ui_fragment_data *data)
- int visible;
- const char *label;
-
--#ifdef OPENCONNECT_OPENSSL
-- if (data->uis) {
-- label = UI_get0_output_string(data->uis);
-- visible = UI_get_input_flags(data->uis) & UI_INPUT_FLAG_ECHO;
-- } else
--#endif
-- {
-- label = data->opt->label;
-- visible = (data->opt->type == OC_FORM_OPT_TEXT);
-- }
-+ label = data->opt->label;
-+ visible = (data->opt->type == OC_FORM_OPT_TEXT);
-
- hbox = gtk_box_new (GTK_ORIENTATION_HORIZONTAL, 0);
- gtk_box_pack_start(GTK_BOX(data->ui_data->ssl_box), hbox, FALSE, FALSE, 0);
-@@ -512,128 +440,6 @@ static gboolean ui_show (auth_ui_data *ui_data)
- return FALSE;
- }
-
--#ifdef OPENCONNECT_OPENSSL
--/* runs in worker thread */
--static int ui_open(UI *ui)
--{
-- auth_ui_data *ui_data = _ui_data; /* FIXME global */
--
-- UI_add_user_data(ui, ui_data);
--
-- return 1;
--}
--
--/* runs in worker thread */
--static int ui_write(UI *ui, UI_STRING *uis)
--{
-- auth_ui_data *ui_data;
-- ui_fragment_data *data;
--
-- ui_data = UI_get0_user_data(ui);
--
-- /* return if a new host has been selected */
-- if (ui_data->cancelled) {
-- return 1;
-- }
--
-- data = g_slice_new0 (ui_fragment_data);
-- data->ui_data = ui_data;
-- data->uis = uis;
--
-- switch(UI_get_string_type(uis)) {
-- case UIT_ERROR:
-- g_idle_add ((GSourceFunc)ui_write_error, data);
-- break;
--
-- case UIT_INFO:
-- g_idle_add ((GSourceFunc)ui_write_info, data);
-- break;
--
-- case UIT_PROMPT:
-- case UIT_VERIFY:
-- g_mutex_lock (&ui_data->form_mutex);
-- g_queue_push_head(ui_data->form_entries, data);
-- g_mutex_unlock (&ui_data->form_mutex);
--
-- g_idle_add ((GSourceFunc)ui_write_prompt, data);
-- break;
--
-- case UIT_BOOLEAN:
-- /* FIXME */
-- case UIT_NONE:
-- default:
-- g_slice_free (ui_fragment_data, data);
-- }
-- return 1;
--}
--
--/* runs in worker thread */
--static int ui_flush(UI* ui)
--{
-- auth_ui_data *ui_data;
-- int response;
--
-- ui_data = UI_get0_user_data(ui);
--
-- g_idle_add((GSourceFunc)ui_show, ui_data);
-- g_mutex_lock(&ui_data->form_mutex);
-- /* wait for ui to show */
-- while (!ui_data->form_shown) {
-- g_cond_wait(&ui_data->form_shown_changed, &ui_data->form_mutex);
-- }
-- ui_data->form_shown = FALSE;
--
-- if (!ui_data->cancelled) {
-- /* wait for form submission or cancel */
-- while (!ui_data->form_retval) {
-- g_cond_wait(&ui_data->form_retval_changed, &ui_data->form_mutex);
-- }
-- response = GPOINTER_TO_INT (ui_data->form_retval);
-- ui_data->form_retval = NULL;
-- } else
-- response = AUTH_DIALOG_RESPONSE_CANCEL;
--
-- /* set entry results and free temporary data structures */
-- while (!g_queue_is_empty (ui_data->form_entries)) {
-- ui_fragment_data *data;
-- data = g_queue_pop_tail (ui_data->form_entries);
-- if (data->entry_text) {
-- UI_set_result(ui, data->uis, data->entry_text);
-- }
-- if (data->cancel) {
-- g_cancellable_cancel(data->cancel);
-- }
-- g_slice_free (ui_fragment_data, data);
-- }
-- ui_data->form_grabbed = 0;
-- g_mutex_unlock(&ui_data->form_mutex);
--
-- /* -1 = cancel,
-- * 0 = failure,
-- * 1 = success */
-- return (response == AUTH_DIALOG_RESPONSE_LOGIN ? 1 : -1);
--}
--
--/* runs in worker thread */
--static int ui_close(UI *ui)
--{
-- return 1;
--}
--
--static int init_openssl_ui(void)
--{
-- UI_METHOD *ui_method = UI_create_method("OpenConnect VPN UI (gtk)");
--
-- UI_method_set_opener(ui_method, ui_open);
-- UI_method_set_flusher(ui_method, ui_flush);
-- UI_method_set_writer(ui_method, ui_write);
-- UI_method_set_closer(ui_method, ui_close);
--
-- UI_set_default_method(ui_method);
-- return 0;
--}
--#endif /* OPENCONNECT_OPENSSL */
--
- static char *find_form_answer(GHashTable *secrets, struct oc_auth_form *form,
- struct oc_form_opt *opt)
- {
-@@ -1834,9 +1640,6 @@ int main (int argc, char **argv)
-
- build_main_dialog(_ui_data);
-
--#ifdef OPENCONNECT_OPENSSL
-- init_openssl_ui();
--#endif
- openconnect_init_ssl();
-
- /* Start connecting now if there's only one host. Or if configured to */
---
-2.2.0
-
diff --git a/net-misc/networkmanager-openconnect/files/0.9.10.0/0028-Update-to-new-hash-handling-fix-to-match-stored-cert.patch b/net-misc/networkmanager-openconnect/files/0.9.10.0/0028-Update-to-new-hash-handling-fix-to-match-stored-cert.patch
deleted file mode 100644
index 223d59f0c1db..000000000000
--- a/net-misc/networkmanager-openconnect/files/0.9.10.0/0028-Update-to-new-hash-handling-fix-to-match-stored-cert.patch
+++ /dev/null
@@ -1,185 +0,0 @@
-From 2dc45e25b200e1b70e862f46c9f7ad652e59c8a2 Mon Sep 17 00:00:00 2001
-From: David Woodhouse <David.Woodhouse@intel.com>
-Date: Mon, 3 Nov 2014 17:39:43 +0000
-Subject: [PATCH 28/34] Update to new hash handling, fix to match stored certs
- only for the same host/port
-
----
- auth-dialog/main.c | 90 +++++++++++++++++++++++++++++-------------------------
- 1 file changed, 49 insertions(+), 41 deletions(-)
-
-diff --git a/auth-dialog/main.c b/auth-dialog/main.c
-index df0146c..38f3a8f 100644
---- a/auth-dialog/main.c
-+++ b/auth-dialog/main.c
-@@ -694,7 +694,7 @@ static char* get_title(const char *vpn_name)
-
- typedef struct cert_data {
- auth_ui_data *ui_data;
-- OPENCONNECT_X509 *peer_cert;
-+ char *cert_details;
- const char *reason;
- } cert_data;
-
-@@ -722,13 +722,10 @@ static gboolean user_validate_cert(cert_data *data)
- {
- auth_ui_data *ui_data = _ui_data; /* FIXME global */
- char *title;
-- char *details;
- GtkWidget *dlg, *text, *scroll;
- GtkTextBuffer *buffer;
- int result;
-
-- details = openconnect_get_cert_details(ui_data->vpninfo, data->peer_cert);
--
- title = get_title(data->ui_data->vpn_name);
- dlg = gtk_message_dialog_new(NULL, 0, GTK_MESSAGE_QUESTION,
- GTK_BUTTONS_OK_CANCEL,
-@@ -751,8 +748,7 @@ static gboolean user_validate_cert(cert_data *data)
-
- text = gtk_text_view_new();
- buffer = gtk_text_view_get_buffer(GTK_TEXT_VIEW(text));
-- gtk_text_buffer_set_text(buffer, details, -1);
-- openconnect_free_cert_info(data->ui_data->vpninfo, details);
-+ gtk_text_buffer_set_text(buffer, data->cert_details, -1);
- gtk_text_view_set_editable(GTK_TEXT_VIEW(text), 0);
- gtk_text_view_set_cursor_visible(GTK_TEXT_VIEW(text), FALSE);
- gtk_container_add(GTK_CONTAINER(scroll), text);
-@@ -775,36 +771,40 @@ static gboolean user_validate_cert(cert_data *data)
-
- /* runs in worker thread */
- static int validate_peer_cert(void *cbdata,
-- OPENCONNECT_X509 *peer_cert, const char *reason)
-+#if !OPENCONNECT_CHECK_VER(5,0)
-+ OPENCONNECT_X509 *peer_cert,
-+#endif
-+ const char *reason)
- {
- auth_ui_data *ui_data = cbdata;
-- char fingerprint[41];
-- char *certs_data;
- int ret = 0;
- cert_data *data;
-+ char *certkey;
-+ char *accepted_hash = NULL;
-+#if OPENCONNECT_CHECK_VER(5,0)
-+ const char *fingerprint = openconnect_get_peer_cert_hash(ui_data->vpninfo);
-+#else
-+ char fingerprint[41];
-
- ret = openconnect_get_cert_sha1(ui_data->vpninfo, peer_cert, fingerprint);
- if (ret)
- return ret;
-
-- certs_data = g_hash_table_lookup (ui_data->secrets, "certsigs");
-- if (certs_data) {
-- char **certs = g_strsplit_set(certs_data, "\t", 0);
-- char **this = certs;
-+#define openconnect_check_peer_cert_hash(v, h) strcmp(h, fingerprint)
-+#define openconnect_get_peer_cert_details(v) openconnect_get_cert_details(v, peer_cert);
-+#endif
-
-- while (*this) {
-- if (!strcmp(*this, fingerprint)) {
-- g_strfreev(certs);
-- goto out;
-- }
-- this++;
-- }
-- g_strfreev(certs);
-- }
-+ certkey = g_strdup_printf ("certificate:%s:%d",
-+ openconnect_get_hostname(ui_data->vpninfo),
-+ openconnect_get_port(ui_data->vpninfo));
-+
-+ accepted_hash = g_hash_table_lookup (ui_data->secrets, certkey);
-+ if (accepted_hash && !openconnect_check_peer_cert_hash(ui_data->vpninfo, accepted_hash))
-+ goto accepted;
-
- data = g_slice_new(cert_data);
- data->ui_data = ui_data; /* FIXME uses global */
-- data->peer_cert = peer_cert;
-+ data->cert_details = openconnect_get_peer_cert_details(ui_data->vpninfo);
- data->reason = reason;
-
- g_mutex_lock(&ui_data->form_mutex);
-@@ -813,27 +813,27 @@ static int validate_peer_cert(void *cbdata,
- g_idle_add((GSourceFunc)user_validate_cert, data);
-
- /* wait for user to accept or cancel */
-- while (ui_data->cert_response == CERT_USER_NOT_READY) {
-+ while (ui_data->cert_response == CERT_USER_NOT_READY)
- g_cond_wait(&ui_data->cert_response_changed, &ui_data->form_mutex);
-- }
-- if (ui_data->cert_response == CERT_ACCEPTED) {
-- if (certs_data) {
-- char *new = g_strdup_printf("%s\t%s", certs_data, fingerprint);
-- g_hash_table_insert (ui_data->secrets,
-- g_strdup ("certsigs"), new);
-- } else {
-- g_hash_table_insert (ui_data->secrets, g_strdup ("certsigs"),
-- g_strdup (fingerprint));
-- }
-+
-+ openconnect_free_cert_info(data->ui_data->vpninfo, data->cert_details);
-+ g_slice_free(cert_data, data);
-+
-+ if (ui_data->cert_response == CERT_ACCEPTED)
- ret = 0;
-- } else {
-+ else
- ret = -EINVAL;
-- }
-+
- g_mutex_unlock (&ui_data->form_mutex);
-
-- g_slice_free(cert_data, data);
-+ accepted:
-+ if (!ret) {
-+ g_hash_table_insert (ui_data->secrets, certkey,
-+ g_strdup(fingerprint));
-+ certkey = NULL;
-+ }
-
-- out:
-+ g_free (certkey);
- return ret;
- }
-
-@@ -1196,7 +1196,7 @@ static gboolean cookie_obtained(auth_ui_data *ui_data)
- gtk_widget_set_sensitive(ui_data->cancel_button, FALSE);
- }
- } else if (!ui_data->cookie_retval) {
-- OPENCONNECT_X509 *cert;
-+ const void *cert;
- gchar *key, *value;
-
- /* got cookie */
-@@ -1218,14 +1218,22 @@ static gboolean cookie_obtained(auth_ui_data *ui_data)
- g_hash_table_insert (ui_data->secrets, key, value);
- openconnect_clear_cookie(ui_data->vpninfo);
-
-+#if OPENCONNECT_CHECK_VER(5,0)
-+ cert = openconnect_get_peer_cert_hash (ui_data->vpninfo);
-+ if (cert) {
-+ key = g_strdup (NM_OPENCONNECT_KEY_GWCERT);
-+ value = g_strdup (cert);
-+ g_hash_table_insert (ui_data->secrets, key, value);
-+ }
-+#else
- cert = openconnect_get_peer_cert (ui_data->vpninfo);
- if (cert) {
- key = g_strdup (NM_OPENCONNECT_KEY_GWCERT);
- value = g_malloc0 (41);
-- openconnect_get_cert_sha1(ui_data->vpninfo, cert, value);
-+ openconnect_get_cert_sha1(ui_data->vpninfo, (void *)cert, value);
- g_hash_table_insert (ui_data->secrets, key, value);
- }
--
-+#endif
- if (get_save_passwords(ui_data->secrets)) {
- g_hash_table_foreach(ui_data->success_passwords,
- keyring_store_passwords,
---
-2.2.0
-
diff --git a/net-misc/networkmanager-openconnect/networkmanager-openconnect-0.9.10.0-r1.ebuild b/net-misc/networkmanager-openconnect/networkmanager-openconnect-0.9.10.0-r1.ebuild
deleted file mode 100644
index 785249c13653..000000000000
--- a/net-misc/networkmanager-openconnect/networkmanager-openconnect-0.9.10.0-r1.ebuild
+++ /dev/null
@@ -1,51 +0,0 @@
-# Copyright 1999-2014 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI="5"
-GCONF_DEBUG="no"
-GNOME_ORG_MODULE="NetworkManager-${PN##*-}"
-
-inherit gnome2 user
-
-DESCRIPTION="NetworkManager OpenConnect plugin"
-HOMEPAGE="https://wiki.gnome.org/Projects/NetworkManager"
-
-LICENSE="GPL-2+"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="gtk"
-
-RDEPEND="
- app-crypt/libsecret
- >=net-misc/networkmanager-0.9.6:=
- >=dev-libs/glib-2.32:2
- >=dev-libs/dbus-glib-0.74
- dev-libs/libxml2:2
- >=net-misc/openconnect-3.02:=
- gtk? ( >=x11-libs/gtk+-3.4:3 )
-"
-DEPEND="${RDEPEND}
- sys-devel/gettext
- dev-util/intltool
- virtual/pkgconfig
-"
-
-src_prepare() {
- EPATCH_FORCE=yes EPATCH_SUFFIX=patch EPATCH_SOURCE="${FILESDIR}/${PV}" epatch
- gnome2_src_prepare
-}
-
-src_configure() {
- gnome2_src_configure \
- --disable-more-warnings \
- --disable-static \
- $(use_with gtk gnome) \
- $(use_with gtk authdlg)
-}
-
-pkg_postinst() {
- gnome2_pkg_postinst
- enewgroup nm-openconnect
- enewuser nm-openconnect -1 -1 -1 nm-openconnect
-}
diff --git a/net-misc/networkmanager-openconnect/networkmanager-openconnect-0.9.10.0.ebuild b/net-misc/networkmanager-openconnect/networkmanager-openconnect-0.9.10.0.ebuild
deleted file mode 100644
index 63720dc17d0b..000000000000
--- a/net-misc/networkmanager-openconnect/networkmanager-openconnect-0.9.10.0.ebuild
+++ /dev/null
@@ -1,51 +0,0 @@
-# Copyright 1999-2014 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI="5"
-GCONF_DEBUG="no"
-GNOME_ORG_MODULE="NetworkManager-${PN##*-}"
-
-inherit gnome2 user
-
-DESCRIPTION="NetworkManager OpenConnect plugin"
-HOMEPAGE="https://wiki.gnome.org/Projects/NetworkManager"
-
-LICENSE="GPL-2+"
-SLOT="0"
-KEYWORDS="amd64 x86"
-IUSE="gtk"
-
-RDEPEND="
- app-crypt/libsecret
- >=net-misc/networkmanager-0.9.6:=
- >=dev-libs/glib-2.32:2
- >=dev-libs/dbus-glib-0.74
- dev-libs/libxml2:2
- >=net-misc/openconnect-3.02:=
- gtk? ( >=x11-libs/gtk+-3.4:3 )
-"
-DEPEND="${RDEPEND}
- sys-devel/gettext
- dev-util/intltool
- virtual/pkgconfig
-"
-
-src_prepare() {
- epatch_user
- gnome2_src_prepare
-}
-
-src_configure() {
- gnome2_src_configure \
- --disable-more-warnings \
- --disable-static \
- $(use_with gtk gnome) \
- $(use_with gtk authdlg)
-}
-
-pkg_postinst() {
- gnome2_pkg_postinst
- enewgroup nm-openconnect
- enewuser nm-openconnect -1 -1 -1 nm-openconnect
-}
diff --git a/net-misc/networkmanager-openconnect/networkmanager-openconnect-1.0.0.ebuild b/net-misc/networkmanager-openconnect/networkmanager-openconnect-1.0.0.ebuild
deleted file mode 100644
index 16c7bc1d02df..000000000000
--- a/net-misc/networkmanager-openconnect/networkmanager-openconnect-1.0.0.ebuild
+++ /dev/null
@@ -1,46 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI="5"
-GCONF_DEBUG="no"
-GNOME_ORG_MODULE="NetworkManager-${PN##*-}"
-
-inherit gnome2 user
-
-DESCRIPTION="NetworkManager OpenConnect plugin"
-HOMEPAGE="https://wiki.gnome.org/Projects/NetworkManager"
-
-LICENSE="GPL-2+"
-SLOT="0"
-KEYWORDS="amd64 x86"
-IUSE="gtk"
-
-RDEPEND="
- app-crypt/libsecret
- >=net-misc/networkmanager-0.9.10:=
- >=dev-libs/glib-2.32:2
- >=dev-libs/dbus-glib-0.74
- dev-libs/libxml2:2
- >=net-misc/openconnect-3.02:=
- gtk? ( >=x11-libs/gtk+-3.4:3 )
-"
-DEPEND="${RDEPEND}
- sys-devel/gettext
- dev-util/intltool
- virtual/pkgconfig
-"
-
-src_configure() {
- gnome2_src_configure \
- --disable-more-warnings \
- --disable-static \
- $(use_with gtk gnome) \
- $(use_with gtk authdlg)
-}
-
-pkg_postinst() {
- gnome2_pkg_postinst
- enewgroup nm-openconnect
- enewuser nm-openconnect -1 -1 -1 nm-openconnect
-}