From 4e17ce57fa4b190b82a065fc8aa6fa6143651ecd Mon Sep 17 00:00:00 2001 From: CoprDistGit Date: Fri, 2 Aug 2024 07:10:58 +0000 Subject: automatic import of gnome-remote-desktop --- ...t-compile-SHA1-support-when-Websockets-ar.patch | 92 ++++++++++++++++++++++ 1 file changed, 92 insertions(+) create mode 100644 0001-crypto-Don-t-compile-SHA1-support-when-Websockets-ar.patch (limited to '0001-crypto-Don-t-compile-SHA1-support-when-Websockets-ar.patch') diff --git a/0001-crypto-Don-t-compile-SHA1-support-when-Websockets-ar.patch b/0001-crypto-Don-t-compile-SHA1-support-when-Websockets-ar.patch new file mode 100644 index 0000000..fddcb8b --- /dev/null +++ b/0001-crypto-Don-t-compile-SHA1-support-when-Websockets-ar.patch @@ -0,0 +1,92 @@ +From fdc71dd25c8505b3580e70afd4b4213cad8f8ebb Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jonas=20=C3=85dahl?= +Date: Mon, 25 Oct 2021 16:14:26 +0200 +Subject: [PATCH] crypto: Don't compile SHA1 support when Websockets are + disabled + +SHA1 is not ideal, security wise. Let's make sure we don't even have it +compiled when nothing depends on it, e.g. Websockets. +--- + common/crypto.h | 2 ++ + common/crypto_included.c | 2 ++ + common/crypto_libgcrypt.c | 2 ++ + common/crypto_openssl.c | 2 ++ + 4 files changed, 8 insertions(+) + +diff --git a/common/crypto.h b/common/crypto.h +index 04be9304..c1f32194 100644 +--- a/common/crypto.h ++++ b/common/crypto.h +@@ -11,7 +11,9 @@ + int hash_md5(void *out, const void *in, const size_t in_len); + + /* Generates an SHA1 hash of 'in' and writes it to 'out', which must be 20 bytes in size. */ ++#ifdef LIBVNCSERVER_WITH_WEBSOCKETS + int hash_sha1(void *out, const void *in, const size_t in_len); ++#endif + + /* Fill 'out' with 'len' random bytes. */ + void random_bytes(void *out, size_t len); +diff --git a/common/crypto_included.c b/common/crypto_included.c +index b359336f..cf8d43c2 100644 +--- a/common/crypto_included.c ++++ b/common/crypto_included.c +@@ -33,6 +33,7 @@ int hash_md5(void *out, const void *in, const size_t in_len) + return 0; + } + ++#ifdef LIBVNCSERVER_WITH_WEBSOCKETS + int hash_sha1(void *out, const void *in, const size_t in_len) + { + SHA1Context sha1; +@@ -45,6 +46,7 @@ int hash_sha1(void *out, const void *in, const size_t in_len) + + return 1; + } ++#endif /* LIBVNCSERVER_WITH_WEBSOCKETS */ + + void random_bytes(void *out, size_t len) + { +diff --git a/common/crypto_libgcrypt.c b/common/crypto_libgcrypt.c +index 34d845b4..f62bdaf8 100644 +--- a/common/crypto_libgcrypt.c ++++ b/common/crypto_libgcrypt.c +@@ -74,6 +74,7 @@ int hash_md5(void *out, const void *in, const size_t in_len) + return result; + } + ++#ifdef LIBVNCSERVER_WITH_WEBSOCKETS + int hash_sha1(void *out, const void *in, const size_t in_len) + { + int result = 0; +@@ -98,6 +99,7 @@ int hash_sha1(void *out, const void *in, const size_t in_len) + gcry_md_close(sha1); + return result; + } ++#endif /* LIBVNCSERVER_WITH_WEBSOCKETS */ + + void random_bytes(void *out, size_t len) + { +diff --git a/common/crypto_openssl.c b/common/crypto_openssl.c +index 60d4bd4d..9816eb04 100644 +--- a/common/crypto_openssl.c ++++ b/common/crypto_openssl.c +@@ -49,6 +49,7 @@ int hash_md5(void *out, const void *in, const size_t in_len) + return 1; + } + ++#ifdef LIBVNCSERVER_WITH_WEBSOCKETS + int hash_sha1(void *out, const void *in, const size_t in_len) + { + SHA_CTX sha1; +@@ -60,6 +61,7 @@ int hash_sha1(void *out, const void *in, const size_t in_len) + return 0; + return 1; + } ++#endif /* LIBVNCSERVER_WITH_WEBSOCKETS */ + + void random_bytes(void *out, size_t len) + { +-- +2.31.1 + -- cgit v1.2.3