diff options
| author | William Pitcock <kaniini@dereferenced.org> | 2013-09-27 16:49:05 +0000 |
|---|---|---|
| committer | William Pitcock <kaniini@dereferenced.org> | 2013-09-27 16:49:05 +0000 |
| commit | 7aafa84cc7d9fec43073cf4bd2bfea83992674af (patch) | |
| tree | 49c0d1b4f9f523fa7ddac6d980e870355c8a3c45 /main/xen | |
| parent | 1372cc184451ae1f3837017ca97d9fa3cc45b55b (diff) | |
| download | aports-7aafa84cc7d9fec43073cf4bd2bfea83992674af.tar.bz2 aports-7aafa84cc7d9fec43073cf4bd2bfea83992674af.tar.xz | |
main/xen: more robust websockets vencrypt-bypass hack
Diffstat (limited to 'main/xen')
| -rw-r--r-- | main/xen/APKBUILD | 6 | ||||
| -rw-r--r-- | main/xen/qemu-xen-websocket-plain-hack.patch | 60 |
2 files changed, 58 insertions, 8 deletions
diff --git a/main/xen/APKBUILD b/main/xen/APKBUILD index e0d9dfdd29..9b169cd62d 100644 --- a/main/xen/APKBUILD +++ b/main/xen/APKBUILD @@ -192,7 +192,7 @@ b3e3a57d189a4f86c9766eaf3b5207f4 xsa48-4.2.patch a4097e06a7e000ed00f4607db014d277 qemu-xen-websocket.patch 35bdea1d4e3ae2565edc7e40906efdd5 qemu-xen-tls-websockets.patch 9cf9b155dfa6cd473554aa0f25181c1c qemu-coroutine-gthread.patch -c64a3b7bd77cdb01398d8ab8017fa269 qemu-xen-websocket-plain-hack.patch +f8ea5786b0a6157b9cb3e67e323b592c qemu-xen-websocket-plain-hack.patch a90c36642f0701a8aaa4ebe4dde430f5 xenstored.initd b017ccdd5e1c27bbf1513e3569d4ff07 xenstored.confd ed262f15fb880badb53575539468646c xenconsoled.initd @@ -216,7 +216,7 @@ fcb5b9ff0bc4b4d39fed9b88891491b91628aa449914cfea321abe5da24c1da2 fix-pod2man-ch e9f6c482fc449e0b540657a8988ad31f2e680b8933e50e6486687a52f6a9ed04 qemu-xen-websocket.patch 435dd428d83acdfde58888532a1cece1e9075b2a2460fe3f6cd33c7d400f2715 qemu-xen-tls-websockets.patch 7477c5acfc756f6498858e4a3eb250b3db84ee491a9d4ae38dddbc27275a370c qemu-coroutine-gthread.patch -9498c65a2c7aa454560605a7acf4702e9e3c48224421850c604be0723941c77f qemu-xen-websocket-plain-hack.patch +6c4c184462d47e7fd00e8d8f6bf12b33f6cf486f00415c1934ecf6c2b62f69c1 qemu-xen-websocket-plain-hack.patch 868c77d689ae54b7041da169bfaa01868503337d4105a071eb771f4ec5a0543d xenstored.initd ea9171e71ab3d33061979bcf3bb737156192aa4b0be4d1234438ced75b6fdef3 xenstored.confd 93bea2eb90ea1b4628854c8141dd351bbd1fbc5959b12795447ea933ad025f01 xenconsoled.initd @@ -240,7 +240,7 @@ bda9105793f2327e1317991762120d0668af0e964076b18c9fdbfd509984b2e88d85df95702c46b2 45f1da45f3ff937d0a626e37c130d76f5b97f49a57ddeb11ef2a8e850c04c32c819a3dfcef501eb3784db5fe7b39c88230063e56aa6e5197fd9c7b7d424fff77 qemu-xen-websocket.patch 11eaccc346440ff285552f204d491e3b31bda1665c3219ecae3061b5d55db9dec885af0c031fa19c67e87bbe238002b1911bbd5bfea2f2ba0d61e6b3d0c952c9 qemu-xen-tls-websockets.patch 8b8df4f57ab725f54cfe44fb6b8d271ee22e94873f168e452293dd53955854b171b8311209133e5d825f9ce985219818803182b3451708a3452bc699b7b1dda1 qemu-coroutine-gthread.patch -0b1fc70267efd2303945dc64c8c224c52f5161c1f5bfc2b1db6392ec6945ecccb2ae93bacd3f0146d9b9cb0e568b80c8f1edf63cdd0b9e8a8ac57227ad198e3f qemu-xen-websocket-plain-hack.patch +692e29205fa3d0a6e4d1be69a242d55c44a1fee26c594e6e46d8809339f93dcdc31c0735723a46f63ae0a727741bdc8a899bb1ce9103a2cd701b236f63a17fa2 qemu-xen-websocket-plain-hack.patch 880584e0866b1efcf3b7a934f07072ec84c13c782e3e7a15848d38ba8af50259d46db037dca1e037b15274989f2c22acd1134954dd60c59f4ee693b417d03e0d xenstored.initd 100cf4112f401f45c1e4e885a5074698c484b40521262f6268fad286498e95f4c51e746f0e94eb43a590bb8e813a397bb53801ccacebec9541020799d8d70514 xenstored.confd 12f981b2459c65d66e67ec0b32d0d19b95a029bc54c2a79138cfe488d3524a22e51860f755abfe25ddcdaf1b27f2ded59b6e350b9d5f8791193d00e2d3673137 xenconsoled.initd diff --git a/main/xen/qemu-xen-websocket-plain-hack.patch b/main/xen/qemu-xen-websocket-plain-hack.patch index 11d77708bb..acfabe7a98 100644 --- a/main/xen/qemu-xen-websocket-plain-hack.patch +++ b/main/xen/qemu-xen-websocket-plain-hack.patch @@ -1,11 +1,61 @@ ---- xen-4.3.0.orig/tools/qemu-xen/ui/vnc.c -+++ xen-4.3.0/tools/qemu-xen/ui/vnc.c -@@ -3121,7 +3121,7 @@ +--- xen-4.3.0/tools/qemu-xen/ui/vnc-ws.c ++++ xen-4.3.0.mod/tools/qemu-xen/ui/vnc-ws.c +@@ -90,11 +90,6 @@ + vncws_tls_handshake(vs); + } + +-#define NEED_X509_AUTH(vs) \ +- ((vs)->subauth == VNC_AUTH_VENCRYPT_X509NONE || \ +- (vs)->subauth == VNC_AUTH_VENCRYPT_X509VNC || \ +- (vs)->subauth == VNC_AUTH_VENCRYPT_X509PLAIN || \ +- (vs)->subauth == VNC_AUTH_VENCRYPT_X509SASL) + #endif + + void vncws_handshake_read(void *opaque) +@@ -105,7 +100,7 @@ + if (!vs->vd->want_tls) + return vncws_handshake_read_impl(vs); + +- if (vnc_tls_client_setup(vs, NEED_X509_AUTH(vs)) < 0) { ++ if (vnc_tls_client_setup(vs, true) < 0) { + VNC_DEBUG("Failed to setup TLS\n"); + return 0; + } +--- xen-4.3.0/tools/qemu-xen/ui/vnc.c ++++ xen-4.3.0.mod/tools/qemu-xen/ui/vnc.c +@@ -3121,7 +3121,11 @@ */ if (password) { #ifdef CONFIG_VNC_TLS -- if (tls) { -+ if (0) { ++#ifdef CONFIG_VNC_WS ++ if (tls && !vs->websocket) { ++#else + if (tls) { ++#endif vs->auth = VNC_AUTH_VENCRYPT; if (x509) { VNC_DEBUG("Initializing VNC server with x509 password auth\n"); +@@ -3141,7 +3145,11 @@ + #ifdef CONFIG_VNC_SASL + } else if (sasl) { + #ifdef CONFIG_VNC_TLS ++#ifdef CONFIG_VNC_WS ++ if (tls && !vs->websocket) { ++#else + if (tls) { ++#endif + vs->auth = VNC_AUTH_VENCRYPT; + if (x509) { + VNC_DEBUG("Initializing VNC server with x509 SASL auth\n"); +@@ -3161,7 +3169,11 @@ + #endif /* CONFIG_VNC_SASL */ + } else { + #ifdef CONFIG_VNC_TLS ++#ifdef CONFIG_VNC_WS ++ if (tls && !vs->websocket) { ++#else + if (tls) { ++#endif + vs->auth = VNC_AUTH_VENCRYPT; + if (x509) { + VNC_DEBUG("Initializing VNC server with x509 no auth\n"); |