aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/biber-fix-encoding-write.patch31
-rw-r--r--gnu/packages/patches/gnucash-fix-test-transaction-failure.patch54
-rw-r--r--gnu/packages/patches/kinit-kdeinit-extra_libs.patch55
-rw-r--r--gnu/packages/patches/kinit-kdeinit-libpath.patch37
-rw-r--r--gnu/packages/patches/kio-search-smbd-on-PATH.patch30
-rw-r--r--gnu/packages/patches/kpackage-allow-external-paths.patch13
-rw-r--r--gnu/packages/patches/libarchive-CVE-2018-1000877.patch45
-rw-r--r--gnu/packages/patches/libarchive-CVE-2018-1000878.patch86
-rw-r--r--gnu/packages/patches/libarchive-CVE-2018-1000880.patch51
-rw-r--r--gnu/packages/patches/libextractor-CVE-2018-20430.patch60
-rw-r--r--gnu/packages/patches/libextractor-CVE-2018-20431.patch53
-rw-r--r--gnu/packages/patches/owncloud-disable-updatecheck.patch38
-rw-r--r--gnu/packages/patches/streamlink-update-test.patch70
-rw-r--r--gnu/packages/patches/unrtf-CVE-2016-10091.patch189
-rw-r--r--gnu/packages/patches/vboot-utils-fix-format-load-address.patch33
-rw-r--r--gnu/packages/patches/vboot-utils-fix-tests-show-contents.patch142
-rw-r--r--gnu/packages/patches/vboot-utils-skip-test-workbuf.patch21
-rw-r--r--gnu/packages/patches/vinagre-newer-freerdp.patch320
-rw-r--r--gnu/packages/patches/vinagre-newer-rdp-parameters.patch212
-rw-r--r--gnu/packages/patches/vinagre-revert-1.patch56
-rw-r--r--gnu/packages/patches/vinagre-revert-2.patch448
21 files changed, 1332 insertions, 712 deletions
diff --git a/gnu/packages/patches/biber-fix-encoding-write.patch b/gnu/packages/patches/biber-fix-encoding-write.patch
new file mode 100644
index 0000000000..56cd11212e
--- /dev/null
+++ b/gnu/packages/patches/biber-fix-encoding-write.patch
@@ -0,0 +1,31 @@
+From 2a9b15aefb842a734637f3d230936ea1b7c60096 Mon Sep 17 00:00:00 2001
+From: Philip Kime <Philip@kime.org.uk>
+Date: Thu, 8 Nov 2018 22:02:09 +0100
+Subject: [PATCH] Fix to address #239
+
+---
+ lib/Biber.pm | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/lib/Biber.pm b/lib/Biber.pm
+index 8b1f80a5..d97fca29 100644
+--- a/lib/Biber.pm
++++ b/lib/Biber.pm
+@@ -311,6 +311,8 @@ sub parse_ctrlfile {
+ unless (eval {$checkbuf = File::Slurper::read_text($ctrl_file_path, 'latin1')}) {
+ biber_error("$ctrl_file_path is not UTF-8 or even latin1, how horrible.");
+ }
++ # Write ctrl file as UTF-8
++ File::Slurper::write_text($ctrl_file_path, NFC($checkbuf));# Unicode NFC boundary
+ }
+
+ $checkbuf = NFD($checkbuf);# Unicode NFD boundary
+@@ -319,8 +321,6 @@ sub parse_ctrlfile {
+ unlink($output) unless $output eq '-';# ignore deletion of STDOUT marker
+ biber_error("$ctrl_file_path is malformed, last biblatex run probably failed. Deleted $output");
+ }
+- # Write ctrl file as UTF-8
+- File::Slurper::write_text($ctrl_file_path, NFC($checkbuf));# Unicode NFC boundary
+
+ # Validate if asked to
+ if (Biber::Config->getoption('validate_control')) {
diff --git a/gnu/packages/patches/gnucash-fix-test-transaction-failure.patch b/gnu/packages/patches/gnucash-fix-test-transaction-failure.patch
new file mode 100644
index 0000000000..7b1b29f06c
--- /dev/null
+++ b/gnu/packages/patches/gnucash-fix-test-transaction-failure.patch
@@ -0,0 +1,54 @@
+# This patch was submitted upstream to: https://bugs.gnucash.org/show_bug.cgi?id=797008.
+From c20d74bebca516d0e391724202aad511967fe109 Mon Sep 17 00:00:00 2001
+From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
+Date: Wed, 2 Jan 2019 14:46:28 -0500
+Subject: [PATCH] tests: Fix a test failure in test-transaction.scm.
+
+With the New Year upon us, a test which was hard-coded to use 2018 now
+failed.
+
+Fixes issue #797008 (see:
+https://bugs.gnucash.org/show_bug.cgi?id=797008).
+
+* gnucash/report/standard-reports/test/test-transaction.scm:
+(trep-tests): Use the current year in the test string instead of a
+static one.
+---
+ gnucash/report/standard-reports/test/test-transaction.scm | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/gnucash/report/standard-reports/test/test-transaction.scm b/gnucash/report/standard-reports/test/test-transaction.scm
+index 755aba298..ae3fbd5c1 100644
+--- a/gnucash/report/standard-reports/test/test-transaction.scm
++++ b/gnucash/report/standard-reports/test/test-transaction.scm
+@@ -5,6 +5,7 @@
+ (use-modules (gnucash report stylesheets))
+ (use-modules (gnucash report report-system))
+ (use-modules (gnucash report report-system test test-extras))
++(use-modules (srfi srfi-19))
+ (use-modules (srfi srfi-64))
+ (use-modules (gnucash engine test srfi64-extras))
+ (use-modules (sxml simple))
+@@ -643,7 +644,8 @@
+ (set-option! options "General" "Show original currency amount" #t)
+ (set-option! options "Sorting" "Primary Key" 'date)
+ (set-option! options "Sorting" "Primary Subtotal for Date Key" 'none)
+- (let* ((sxml (options->sxml options "dual columns")))
++ (let* ((sxml (options->sxml options "dual columns"))
++ (current-year (date->string (current-date) "~y")))
+ (test-equal "dual amount column, with original currency headers"
+ (list "Date" "Num" "Description" "Memo/Notes" "Account"
+ "Debit (USD)" "Credit (USD)" "Debit" "Credit")
+@@ -652,7 +654,8 @@
+ (list "Grand Total" "$2,280.00" "$2,280.00")
+ (get-row-col sxml -1 #f))
+ (test-equal "dual amount column, first transaction correct"
+- (list "01/03/18" "$103 income" "Root.Asset.Bank" "$103.00" "$103.00")
++ (list (string-append "01/03/" current-year) "$103 income"
++ "Root.Asset.Bank" "$103.00" "$103.00")
+ (get-row-col sxml 1 #f)))
+ )
+
+--
+2.19.0
+
diff --git a/gnu/packages/patches/kinit-kdeinit-extra_libs.patch b/gnu/packages/patches/kinit-kdeinit-extra_libs.patch
new file mode 100644
index 0000000000..8dcd4d3e95
--- /dev/null
+++ b/gnu/packages/patches/kinit-kdeinit-extra_libs.patch
@@ -0,0 +1,55 @@
+Search the "extra libs" in GUIX_KF5INIT_LIB_PATH (which basically is a
+collection of all /lib directories). We can not hard-code the full path to the
+libsKF5Plasam, since adding palse-workspace
+
+Adopted from NixOS
+pkgs/development/libraries/kde-frameworks/kinit/kdeinit-extra_libs.patch
+
+===================================================================
+--- kinit-5.32.0/src/kdeinit/kinit-5.32.0/src/kdeinit/.orig
++++ kinit-5.32.0/src/kdeinit/kinit.cpp
+@@ -96,11 +96,9 @@
+ "libKF5Parts.5.dylib",
+ "libKF5Plasma.5.dylib"
+ #else
+- "libKF5KIOCore.so.5",
+- "libKF5Parts.so.5",
+-//#ifdef __KDE_HAVE_GCC_VISIBILITY // Removed for KF5, we'll see.
+- "libKF5Plasma.so.5"
+-//#endif
++ "GUIX_PKGS_KF5_KIO/lib/libKF5KIOCore.so.5",
++ "GUIX_PKGS_KF5_PARTS/lib/libKF5Parts.so.5",
++ "GUIX_PKGS_KF5_PLASMA/lib/libKF5Plasma.so.5"
+ #endif
+ };
+ #endif
+@@ -1533,20 +1531,6 @@ static int initXconnection()
+ }
+ #endif
+
+-#ifndef Q_OS_OSX
+-// Find a shared lib in the lib dir, e.g. libkio.so.
+-// Completely unrelated to plugins.
+-static QString findSharedLib(const QString &lib)
+-{
+- QString path = QFile::decodeName(CMAKE_INSTALL_PREFIX "/" LIB_INSTALL_DIR "/") + lib;
+- if (QFile::exists(path)) {
+- return path;
+- }
+- // We could also look in LD_LIBRARY_PATH, but really, who installs the main libs in different prefixes?
+- return QString();
+-}
+-#endif
+-
+ extern "C" {
+
+ static void secondary_child_handler(int)
+@@ -1689,7 +1693,7 @@
+ if (!d.suicide && qEnvironmentVariableIsEmpty("KDE_IS_PRELINKED")) {
+ const int extrasCount = sizeof(extra_libs) / sizeof(extra_libs[0]);
+ for (int i = 0; i < extrasCount; i++) {
+- const QString extra = findSharedLib(QString::fromLatin1(extra_libs[i]));
++ const QString extra = QString::fromLatin1(extra_libs[i]);
+ if (!extra.isEmpty()) {
+ QLibrary l(extra);
+ l.setLoadHints(QLibrary::ExportExternalSymbolsHint);
diff --git a/gnu/packages/patches/kinit-kdeinit-libpath.patch b/gnu/packages/patches/kinit-kdeinit-libpath.patch
new file mode 100644
index 0000000000..89cf1a941d
--- /dev/null
+++ b/gnu/packages/patches/kinit-kdeinit-libpath.patch
@@ -0,0 +1,37 @@
+Search libraries in GUIX_KF5INIT_LIB_PATH.
+
+Based on an idea by NixOs
+pkgs/development/libraries/kde-frameworks/kinit/kinit-libpath.patch
+
+===================================================================
+--- kinit-5.32.0/src/kdeinit/kinit.cpp.orig 2017-10-22 21:02:20.908765455 +0200
++++ kinit-5.32.0/src/kdeinit/kinit.cpp 2017-10-22 21:03:25.312818248 +0200
+@@ -623,20 +623,18 @@
+ if (libpath_relative) {
+ // NB: Because Qt makes the actual dlopen() call, the
+ // RUNPATH of kdeinit is *not* respected - see
+ // https://sourceware.org/bugzilla/show_bug.cgi?id=13945
+ // - so we try hacking it in ourselves
+- QString install_lib_dir = QFile::decodeName(
+- CMAKE_INSTALL_PREFIX "/" LIB_INSTALL_DIR "/");
+- QString orig_libpath = libpath;
+- libpath = install_lib_dir + libpath;
+- l.setFileName(libpath);
+- if (!l.load()) {
+- libpath = orig_libpath;
+- l.setFileName(libpath);
+- l.load();
+- }
++ // Try to load the library relative to the active profiles.
++ QByteArrayList profiles = qgetenv("LIBRARY_PATH").split(':');
++ for (const QByteArray &profile: profiles) {
++ if (!profile.isEmpty()) {
++ l.setFileName(QFile::decodeName(profile) + QStringLiteral("/") + libpath);
++ if (l.load()) break;
++ }
++ }
+ } else {
+ l.load();
+ }
+ if (!l.isLoaded()) {
+ QString ltdlError(l.errorString());
diff --git a/gnu/packages/patches/kio-search-smbd-on-PATH.patch b/gnu/packages/patches/kio-search-smbd-on-PATH.patch
new file mode 100644
index 0000000000..47e20cfc0b
--- /dev/null
+++ b/gnu/packages/patches/kio-search-smbd-on-PATH.patch
@@ -0,0 +1,30 @@
+Adopted from NixOS
+pkgs/development/libraries/kde-frameworks/kio/samba-search-path.patch
+
+===================================================================
+--- kio-5.17.0.orig/src/core/ksambashare.cpp
++++ kio-5.17.0/src/core/ksambashare.cpp
+@@ -67,13 +67,18 @@ KSambaSharePrivate::~KSambaSharePrivate(
+
+ bool KSambaSharePrivate::isSambaInstalled()
+ {
+- if (QFile::exists(QStringLiteral("/usr/sbin/smbd"))
+- || QFile::exists(QStringLiteral("/usr/local/sbin/smbd"))) {
+- return true;
++ const QByteArray pathEnv = qgetenv("PATH");
++ if (!pathEnv.isEmpty()) {
++ QLatin1Char pathSep(':');
++ QStringList paths = QFile::decodeName(pathEnv).split(pathSep, QString::SkipEmptyParts);
++ for (QStringList::iterator it = paths.begin(); it != paths.end(); ++it) {
++ it->append("/smbd");
++ if (QFile::exists(*it)) {
++ return true;
++ }
++ }
+ }
+
+- //qDebug() << "Samba is not installed!";
+-
+ return false;
+ }
+
diff --git a/gnu/packages/patches/kpackage-allow-external-paths.patch b/gnu/packages/patches/kpackage-allow-external-paths.patch
new file mode 100644
index 0000000000..c1c9efde7f
--- /dev/null
+++ b/gnu/packages/patches/kpackage-allow-external-paths.patch
@@ -0,0 +1,13 @@
+diff --git a/src/kpackage/package.cpp b/src/kpackage/package.cpp
+index 5aec9fd..b15c933 100644
+--- a/src/kpackage/package.cpp
++++ b/src/kpackage/package.cpp
+@@ -820,7 +820,7 @@ PackagePrivate::PackagePrivate()
+ : QSharedData(),
+ fallbackPackage(nullptr),
+ metadata(nullptr),
+- externalPaths(false),
++ externalPaths(true),
+ valid(false),
+ checkedValid(false)
+ {
diff --git a/gnu/packages/patches/libarchive-CVE-2018-1000877.patch b/gnu/packages/patches/libarchive-CVE-2018-1000877.patch
new file mode 100644
index 0000000000..5b68884a0f
--- /dev/null
+++ b/gnu/packages/patches/libarchive-CVE-2018-1000877.patch
@@ -0,0 +1,45 @@
+Fix CVE-2018-1000877:
+
+https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909
+https://github.com/libarchive/libarchive/pull/1105
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000877
+https://security-tracker.debian.org/tracker/CVE-2018-1000877
+
+Patch copied from upstream source repository:
+
+https://github.com/libarchive/libarchive/commit/021efa522ad729ff0f5806c4ce53e4a6cc1daa31
+
+From 021efa522ad729ff0f5806c4ce53e4a6cc1daa31 Mon Sep 17 00:00:00 2001
+From: Daniel Axtens <dja@axtens.net>
+Date: Tue, 20 Nov 2018 17:56:29 +1100
+Subject: [PATCH] Avoid a double-free when a window size of 0 is specified
+
+new_size can be 0 with a malicious or corrupted RAR archive.
+
+realloc(area, 0) is equivalent to free(area), so the region would
+be free()d here and the free()d again in the cleanup function.
+
+Found with a setup running AFL, afl-rb, and qsym.
+---
+ libarchive/archive_read_support_format_rar.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c
+index 23452222..6f419c27 100644
+--- a/libarchive/archive_read_support_format_rar.c
++++ b/libarchive/archive_read_support_format_rar.c
+@@ -2300,6 +2300,11 @@ parse_codes(struct archive_read *a)
+ new_size = DICTIONARY_MAX_SIZE;
+ else
+ new_size = rar_fls((unsigned int)rar->unp_size) << 1;
++ if (new_size == 0) {
++ archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
++ "Zero window size is invalid.");
++ return (ARCHIVE_FATAL);
++ }
+ new_window = realloc(rar->lzss.window, new_size);
+ if (new_window == NULL) {
+ archive_set_error(&a->archive, ENOMEM,
+--
+2.20.1
+
diff --git a/gnu/packages/patches/libarchive-CVE-2018-1000878.patch b/gnu/packages/patches/libarchive-CVE-2018-1000878.patch
new file mode 100644
index 0000000000..fef0881320
--- /dev/null
+++ b/gnu/packages/patches/libarchive-CVE-2018-1000878.patch
@@ -0,0 +1,86 @@
+Fix CVE-2018-1000878:
+
+https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909
+https://github.com/libarchive/libarchive/pull/1105
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000878
+https://security-tracker.debian.org/tracker/CVE-2018-1000878
+
+Patch copied from upstream source repository:
+
+https://github.com/libarchive/libarchive/commit/bfcfe6f04ed20db2504db8a254d1f40a1d84eb28
+
+From bfcfe6f04ed20db2504db8a254d1f40a1d84eb28 Mon Sep 17 00:00:00 2001
+From: Daniel Axtens <dja@axtens.net>
+Date: Tue, 4 Dec 2018 00:55:22 +1100
+Subject: [PATCH] rar: file split across multi-part archives must match
+
+Fuzzing uncovered some UAF and memory overrun bugs where a file in a
+single file archive reported that it was split across multiple
+volumes. This was caused by ppmd7 operations calling
+rar_br_fillup. This would invoke rar_read_ahead, which would in some
+situations invoke archive_read_format_rar_read_header. That would
+check the new file name against the old file name, and if they didn't
+match up it would free the ppmd7 buffer and allocate a new
+one. However, because the ppmd7 decoder wasn't actually done with the
+buffer, it would continue to used the freed buffer. Both reads and
+writes to the freed region can be observed.
+
+This is quite tricky to solve: once the buffer has been freed it is
+too late, as the ppmd7 decoder functions almost universally assume
+success - there's no way for ppmd_read to signal error, nor are there
+good ways for functions like Range_Normalise to propagate them. So we
+can't detect after the fact that we're in an invalid state - e.g. by
+checking rar->cursor, we have to prevent ourselves from ever ending up
+there. So, when we are in the dangerous part or rar_read_ahead that
+assumes a valid split, we set a flag force read_header to either go
+down the path for split files or bail. This means that the ppmd7
+decoder keeps a valid buffer and just runs out of data.
+
+Found with a combination of AFL, afl-rb and qsym.
+---
+ libarchive/archive_read_support_format_rar.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c
+index 6f419c27..a8cc5c94 100644
+--- a/libarchive/archive_read_support_format_rar.c
++++ b/libarchive/archive_read_support_format_rar.c
+@@ -258,6 +258,7 @@ struct rar
+ struct data_block_offsets *dbo;
+ unsigned int cursor;
+ unsigned int nodes;
++ char filename_must_match;
+
+ /* LZSS members */
+ struct huffman_code maincode;
+@@ -1560,6 +1561,12 @@ read_header(struct archive_read *a, struct archive_entry *entry,
+ }
+ return ret;
+ }
++ else if (rar->filename_must_match)
++ {
++ archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
++ "Mismatch of file parts split across multi-volume archive");
++ return (ARCHIVE_FATAL);
++ }
+
+ rar->filename_save = (char*)realloc(rar->filename_save,
+ filename_size + 1);
+@@ -2933,12 +2940,14 @@ rar_read_ahead(struct archive_read *a, size_t min, ssize_t *avail)
+ else if (*avail == 0 && rar->main_flags & MHD_VOLUME &&
+ rar->file_flags & FHD_SPLIT_AFTER)
+ {
++ rar->filename_must_match = 1;
+ ret = archive_read_format_rar_read_header(a, a->entry);
+ if (ret == (ARCHIVE_EOF))
+ {
+ rar->has_endarc_header = 1;
+ ret = archive_read_format_rar_read_header(a, a->entry);
+ }
++ rar->filename_must_match = 0;
+ if (ret != (ARCHIVE_OK))
+ return NULL;
+ return rar_read_ahead(a, min, avail);
+--
+2.20.1
+
diff --git a/gnu/packages/patches/libarchive-CVE-2018-1000880.patch b/gnu/packages/patches/libarchive-CVE-2018-1000880.patch
new file mode 100644
index 0000000000..6834cabda0
--- /dev/null
+++ b/gnu/packages/patches/libarchive-CVE-2018-1000880.patch
@@ -0,0 +1,51 @@
+Fix CVE-2018-1000880:
+
+https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909
+https://github.com/libarchive/libarchive/pull/1105
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880
+https://security-tracker.debian.org/tracker/CVE-2018-1000880
+
+Patch copied from upstream source repository:
+
+https://github.com/libarchive/libarchive/commit/9c84b7426660c09c18cc349f6d70b5f8168b5680
+
+From 9c84b7426660c09c18cc349f6d70b5f8168b5680 Mon Sep 17 00:00:00 2001
+From: Daniel Axtens <dja@axtens.net>
+Date: Tue, 4 Dec 2018 16:33:42 +1100
+Subject: [PATCH] warc: consume data once read
+
+The warc decoder only used read ahead, it wouldn't actually consume
+data that had previously been printed. This means that if you specify
+an invalid content length, it will just reprint the same data over
+and over and over again until it hits the desired length.
+
+This means that a WARC resource with e.g.
+Content-Length: 666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666666665
+but only a few hundred bytes of data, causes a quasi-infinite loop.
+
+Consume data in subsequent calls to _warc_read.
+
+Found with an AFL + afl-rb + qsym setup.
+---
+ libarchive/archive_read_support_format_warc.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/libarchive/archive_read_support_format_warc.c b/libarchive/archive_read_support_format_warc.c
+index e8753853..e8fc8428 100644
+--- a/libarchive/archive_read_support_format_warc.c
++++ b/libarchive/archive_read_support_format_warc.c
+@@ -386,6 +386,11 @@ _warc_read(struct archive_read *a, const void **buf, size_t *bsz, int64_t *off)
+ return (ARCHIVE_EOF);
+ }
+
++ if (w->unconsumed) {
++ __archive_read_consume(a, w->unconsumed);
++ w->unconsumed = 0U;
++ }
++
+ rab = __archive_read_ahead(a, 1U, &nrd);
+ if (nrd < 0) {
+ *bsz = 0U;
+--
+2.20.1
+
diff --git a/gnu/packages/patches/libextractor-CVE-2018-20430.patch b/gnu/packages/patches/libextractor-CVE-2018-20430.patch
new file mode 100644
index 0000000000..570cd7c006
--- /dev/null
+++ b/gnu/packages/patches/libextractor-CVE-2018-20430.patch
@@ -0,0 +1,60 @@
+Fix CVE-2018-20430:
+
+https://gnunet.org/bugs/view.php?id=5493
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20430
+https://security-tracker.debian.org/tracker/CVE-2018-20430
+
+Patch copied from upstream source repository:
+
+https://gnunet.org/git/libextractor.git/commit/?id=b405d707b36e0654900cba78e89f49779efea110
+
+From b405d707b36e0654900cba78e89f49779efea110 Mon Sep 17 00:00:00 2001
+From: Christian Grothoff <christian@grothoff.org>
+Date: Thu, 20 Dec 2018 22:47:53 +0100
+Subject: [PATCH] fix #5493 (out of bounds read)
+
+---
+ src/common/convert.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/src/common/convert.c b/src/common/convert.c
+index c0edf21..2be2108 100644
+--- a/src/common/convert.c
++++ b/src/common/convert.c
+@@ -36,8 +36,8 @@
+ * string is returned.
+ */
+ char *
+-EXTRACTOR_common_convert_to_utf8 (const char *input,
+- size_t len,
++EXTRACTOR_common_convert_to_utf8 (const char *input,
++ size_t len,
+ const char *charset)
+ {
+ #if HAVE_ICONV
+@@ -52,7 +52,7 @@ EXTRACTOR_common_convert_to_utf8 (const char *input,
+ i = input;
+ cd = iconv_open ("UTF-8", charset);
+ if (cd == (iconv_t) - 1)
+- return strdup (i);
++ return strndup (i, len);
+ if (len > 1024 * 1024)
+ {
+ iconv_close (cd);
+@@ -67,11 +67,11 @@ EXTRACTOR_common_convert_to_utf8 (const char *input,
+ }
+ itmp = tmp;
+ finSize = tmpSize;
+- if (iconv (cd, (char **) &input, &len, &itmp, &finSize) == SIZE_MAX)
++ if (iconv (cd, (char **) &input, &len, &itmp, &finSize) == ((size_t) -1))
+ {
+ iconv_close (cd);
+ free (tmp);
+- return strdup (i);
++ return strndup (i, len);
+ }
+ ret = malloc (tmpSize - finSize + 1);
+ if (ret == NULL)
+--
+2.20.1
+
diff --git a/gnu/packages/patches/libextractor-CVE-2018-20431.patch b/gnu/packages/patches/libextractor-CVE-2018-20431.patch
new file mode 100644
index 0000000000..855c5ba64b
--- /dev/null
+++ b/gnu/packages/patches/libextractor-CVE-2018-20431.patch
@@ -0,0 +1,53 @@
+Fix CVE-2018-20431:
+
+https://gnunet.org/bugs/view.php?id=5494
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20431
+https://security-tracker.debian.org/tracker/CVE-2018-20431
+
+Patch copied from upstream source repository:
+
+https://gnunet.org/git/libextractor.git/commit/?id=489c4a540bb2c4744471441425b8932b97a153e7
+
+To apply the patch to libextractor 1.8 release tarball,
+hunk #1 which patches ChangeLog is removed.
+
+From 489c4a540bb2c4744471441425b8932b97a153e7 Mon Sep 17 00:00:00 2001
+From: Christian Grothoff <christian@grothoff.org>
+Date: Thu, 20 Dec 2018 23:02:28 +0100
+Subject: [PATCH] fix #5494
+
+---
+ ChangeLog | 3 ++-
+ src/plugins/ole2_extractor.c | 9 +++++++--
+ 2 files changed, 9 insertions(+), 3 deletions(-)
+
+diff --git a/src/plugins/ole2_extractor.c b/src/plugins/ole2_extractor.c
+index 53fa1b9..a48b726 100644
+--- a/src/plugins/ole2_extractor.c
++++ b/src/plugins/ole2_extractor.c
+@@ -173,7 +173,7 @@ struct ProcContext
+ EXTRACTOR_MetaDataProcessor proc;
+
+ /**
+- * Closure for 'proc'.
++ * Closure for @e proc.
+ */
+ void *proc_cls;
+
+@@ -213,7 +213,12 @@ process_metadata (gpointer key,
+
+ if (G_VALUE_TYPE(gval) == G_TYPE_STRING)
+ {
+- contents = strdup (g_value_get_string (gval));
++ const char *gvals;
++
++ gvals = g_value_get_string (gval);
++ if (NULL == gvals)
++ return;
++ contents = strdup (gvals);
+ }
+ else
+ {
+--
+2.20.1
+
diff --git a/gnu/packages/patches/owncloud-disable-updatecheck.patch b/gnu/packages/patches/owncloud-disable-updatecheck.patch
index 69a984a104..3469398eb4 100644
--- a/gnu/packages/patches/owncloud-disable-updatecheck.patch
+++ b/gnu/packages/patches/owncloud-disable-updatecheck.patch
@@ -10,14 +10,14 @@ Last-Update: 2014-02-17
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- a/src/libsync/configfile.cpp
+++ b/src/libsync/configfile.cpp
-@@ -417,11 +417,14 @@ bool ConfigFile::skipUpdateCheck( const
- QString con( connection );
- if( connection.isEmpty() ) con = defaultConnection();
-
+@@ -522,11 +522,14 @@ bool ConfigFile::skipUpdateCheck(const Q
+ if (connection.isEmpty())
+ con = defaultConnection();
+
- QVariant fallback = getValue(QLatin1String(skipUpdateCheckC), con, false);
+ QVariant fallback = getValue(QLatin1String(skipUpdateCheckC), con, true);
fallback = getValue(QLatin1String(skipUpdateCheckC), QString(), fallback);
-
+
QVariant value = getPolicySetting(QLatin1String(skipUpdateCheckC), fallback);
- return value.toBool();
+ if ( !value.toBool() )
@@ -25,25 +25,25 @@ This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+
+ return true;
}
-
- void ConfigFile::setSkipUpdateCheck( bool skip, const QString& connection )
+
+ void ConfigFile::setSkipUpdateCheck(bool skip, const QString &connection)
--- a/src/gui/generalsettings.cpp
+++ b/src/gui/generalsettings.cpp
-@@ -124,6 +124,7 @@ void GeneralSettings::loadMiscSettings()
-
+@@ -146,6 +149,7 @@ void GeneralSettings::loadMiscSettings()
+
void GeneralSettings::slotUpdateInfo()
{
+ /* Guix doesn't want an autoupdater
- // Note: the sparkle-updater is not an OCUpdater
- OCUpdater *updater = qobject_cast<OCUpdater*>(Updater::instance());
- if (ConfigFile().skipUpdateCheck()) {
-@@ -140,6 +141,9 @@ void GeneralSettings::slotUpdateInfo()
- // can't have those infos from sparkle currently
- _ui->updatesGroupBox->setVisible(false);
- }
+ if (ConfigFile().skipUpdateCheck() || !Updater::instance()) {
+ // updater disabled on compile
+ _ui->updaterWidget->setVisible(false);
+@@ -174,6 +178,9 @@ void GeneralSettings::slotUpdateInfo()
+ _ui->updateChannel->setCurrentIndex(ConfigFile().updateChannel() == "beta" ? 1 : 0);
+ connect(_ui->updateChannel, static_cast<void (QComboBox::*)(int)>(&QComboBox::currentIndexChanged),
+ this, &GeneralSettings::slotUpdateChannelChanged, Qt::UniqueConnection);
+ */
+ //hide the update group box for Guix.
-+ _ui->updatesGroupBox->setVisible(false);
++ _ui->updaterWidget->setVisible(false);
}
-
- void GeneralSettings::saveMiscSettings()
+
+ void GeneralSettings::slotUpdateChannelChanged(int index)
diff --git a/gnu/packages/patches/streamlink-update-test.patch b/gnu/packages/patches/streamlink-update-test.patch
new file mode 100644
index 0000000000..2d90009192
--- /dev/null
+++ b/gnu/packages/patches/streamlink-update-test.patch
@@ -0,0 +1,70 @@
+https://github.com/streamlink/streamlink/commit/a3123346824ee7b9c461110f292ea6987ea9a78d.patch
+This is taken from upstream, and can be removed at the next release
+
+From c6f3994e177a42792238f2edd07ba9053c10abc9 Mon Sep 17 00:00:00 2001
+From: back-to <backto@protonmail.ch>
+Date: Sat, 21 Jul 2018 14:30:51 +0200
+Subject: [PATCH] tests.localization: use en_CA instead of en_US for
+ test_equivalent
+
+**python-iso3166** got an update which breaks the Streamlink tests.
+https://pypi.org/project/iso3166/#history
+
+**python-iso3166** and **pycountry** have now a different `name` for _the United States of America_
+
+> python-iso3166: United States of America
+https://github.com/deactivated/python-iso3166/commit/e5f8b37f18b01fcb5fa0e8130d8296fc7a7b5a9f
+
+> pycountry: United States
+https://bitbucket.org/flyingcircus/pycountry/src/5aa4bb47e33798cb631a81521b7b5b18f7d6c919/src/pycountry/databases/iso3166-1.json?at=default&fileviewer=file-view-default#iso3166-1.json-1572:1578
+
+https://www.iso.org/obp/ui/#iso:code:3166:US
+
+---
+
+use **en_CA** instead of **en_US** for backwards compatibility,
+as changing the **US** name would fail with older versions of **python-iso3166** / **pycountry**
+---
+ tests/test_localization.py | 13 +++++++------
+ 1 file changed, 7 insertions(+), 6 deletions(-)
+
+diff --git a/tests/test_localization.py b/tests/test_localization.py
+index 0b81ae591..90bb3ac31 100644
+--- a/tests/test_localization.py
++++ b/tests/test_localization.py
+@@ -32,11 +32,12 @@ def test_bad_language_code(self):
+ self.assertRaises(LookupError, l10n.Localization, "enUS")
+
+ def test_equivalent(self):
+- l = l10n.Localization("en_US")
++ l = l10n.Localization("en_CA")
+ self.assertTrue(l.equivalent(language="eng"))
+ self.assertTrue(l.equivalent(language="en"))
+- self.assertTrue(l.equivalent(language="en", country="US"))
+- self.assertTrue(l.equivalent(language="en", country="United States"))
++ self.assertTrue(l.equivalent(language="en", country="CA"))
++ self.assertTrue(l.equivalent(language="en", country="CAN"))
++ self.assertTrue(l.equivalent(language="en", country="Canada"))
+
+ def test_equivalent_remap(self):
+ l = l10n.Localization("fr_FR")
+@@ -48,7 +49,7 @@ def test_not_equivalent(self):
+ self.assertFalse(l.equivalent(language="eng"))
+ self.assertFalse(l.equivalent(language="en"))
+ self.assertFalse(l.equivalent(language="en", country="US"))
+- self.assertFalse(l.equivalent(language="en", country="United States"))
++ self.assertFalse(l.equivalent(language="en", country="Canada"))
+ self.assertFalse(l.equivalent(language="en", country="ES"))
+ self.assertFalse(l.equivalent(language="en", country="Spain"))
+
+@@ -71,8 +72,8 @@ def test_get_country(self):
+ l10n.Localization.get_country("USA").alpha2)
+ self.assertEqual("GB",
+ l10n.Localization.get_country("GB").alpha2)
+- self.assertEqual("United States",
+- l10n.Localization.get_country("United States").name)
++ self.assertEqual("Canada",
++ l10n.Localization.get_country("Canada").name)
+
+ def test_get_country_miss(self):
+ self.assertRaises(LookupError, l10n.Localization.get_country, "XE")
diff --git a/gnu/packages/patches/unrtf-CVE-2016-10091.patch b/gnu/packages/patches/unrtf-CVE-2016-10091.patch
deleted file mode 100644
index badd1b8ed6..0000000000
--- a/gnu/packages/patches/unrtf-CVE-2016-10091.patch
+++ /dev/null
@@ -1,189 +0,0 @@
-Fix CVE-2016-10091 (stack-based buffer overflows in cmd_* functions):
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10091
-https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849705
-http://seclists.org/oss-sec/2016/q4/787
-
-Patch adapted from Debian:
-
-https://anonscm.debian.org/cgit/collab-maint/unrtf.git/commit/?h=jessie&id=7500a48fb0fbad3ab963fb17560b2f90a8a485c8
-
-The Debian patch adapts this upstream commit so that it can be applied
-to the 0.21.9 release tarball:
-
-http://hg.savannah.gnu.org/hgweb/unrtf/rev/3b16893a6406
-
-From 7dd568ed8a6a5acb6c04f2b40f457d63a00435f3 Mon Sep 17 00:00:00 2001
-From: Willi Mann <willi@debian.org>
-Date: Sat, 31 Dec 2016 20:31:38 +0100
-Subject: [PATCH] Add patch from upstream to fix CVE-2016-10091 (buffer
- overflow in various cmd_ functions)
-
-diff --git a/src/attr.c b/src/attr.c
-index 02b5c81..e2951ea 100644
---- a/src/attr.c
-+++ b/src/attr.c
-@@ -746,7 +746,7 @@ char *
- assemble_string(char *string, int nr)
- {
-
-- char *s, tmp[12];/* Number of characters that can be in int type (including '\0') - AF */
-+ char *s, tmp[20];
- int i = 0, j = 0;
-
- if (string == NULL)
-@@ -762,7 +762,7 @@ assemble_string(char *string, int nr)
- }
-
- if (string[i] != '\0') {
-- sprintf(tmp, "%d", nr);
-+ snprintf(tmp, 20, "%d", nr);
- strcpy(&s[j], tmp);
- j = j + strlen(tmp);
- }
-diff --git a/src/convert.c b/src/convert.c
-index c76d7d6..8eacdcb 100644
---- a/src/convert.c
-+++ b/src/convert.c
-@@ -472,7 +472,7 @@ static const int fcharsetparmtocp(int parm)
- }
-
- // Translate code page to encoding name hopefully suitable as iconv input
--static char *cptoencoding(parm)
-+static char *cptoencoding(int parm)
- {
- // Note that CP0 is supposed to mean current system default, which does
- // not make any sense as a stored value, we don't handle it.
-@@ -964,7 +964,7 @@ cmd_cf (Word *w, int align, char has_param, int num)
- }
- else
- {
-- sprintf(str,"#%02x%02x%02x",
-+ snprintf(str, 40, "#%02x%02x%02x",
- color_table[num].r,
- color_table[num].g,
- color_table[num].b);
-@@ -993,7 +993,7 @@ cmd_cb (Word *w, int align, char has_param, int num)
- }
- else
- {
-- sprintf(str,"#%02x%02x%02x",
-+ snprintf(str, 40, "#%02x%02x%02x",
- color_table[num].r,
- color_table[num].g,
- color_table[num].b);
-@@ -1018,7 +1018,7 @@ cmd_fs (Word *w, int align, char has_param, int points) {
- /* Note, fs20 means 10pt */
- points /= 2;
-
-- sprintf(str,"%d",points);
-+ snprintf(str, 20, "%d", points);
- attr_push(ATTR_FONTSIZE,str);
-
- return FALSE;
-@@ -1166,7 +1166,7 @@ cmd_f (Word *w, int align, char has_param, int num)
- {
- // TOBEDONE: WHAT'S THIS ???
- name = my_malloc(12);
-- sprintf(name, "%d", num);
-+ snprintf(name, 12, "%d", num);
- }
-
- /* we are going to output entities, so should not output font */
-@@ -1218,7 +1218,7 @@ cmd_highlight (Word *w, int align, char has_param, int num)
- }
- else
- {
-- sprintf(str,"#%02x%02x%02x",
-+ snprintf(str, 40, "#%02x%02x%02x",
- color_table[num].r,
- color_table[num].g,
- color_table[num].b);
-@@ -1373,9 +1373,9 @@ cmd_ftech (Word *w, int align, char has_param, int param) {
-
- static int
- cmd_expand (Word *w, int align, char has_param, int param) {
-- char str[10];
-+ char str[20];
- if (has_param) {
-- sprintf(str, "%d", param/4);
-+ snprintf(str, 20, "%d", param / 4);
- if (!param)
- attr_pop(ATTR_EXPAND);
- else
-@@ -1394,7 +1394,7 @@ cmd_expand (Word *w, int align, char has_param, int param) {
-
- static int
- cmd_emboss (Word *w, int align, char has_param, int param) {
-- char str[10];
-+ char str[20];
- if (has_param && !param)
- #ifdef SUPPORT_UNNESTED
- attr_find_pop(ATTR_EMBOSS);
-@@ -1403,7 +1403,7 @@ cmd_emboss (Word *w, int align, char has_param, int param) {
- #endif
- else
- {
-- sprintf(str, "%d", param);
-+ snprintf(str, 20, "%d", param);
- attr_push(ATTR_EMBOSS, str);
- }
- return FALSE;
-@@ -1419,12 +1419,12 @@ cmd_emboss (Word *w, int align, char has_param, int param) {
-
- static int
- cmd_engrave (Word *w, int align, char has_param, int param) {
-- char str[10];
-+ char str[20];
- if (has_param && !param)
- attr_pop(ATTR_ENGRAVE);
- else
- {
-- sprintf(str, "%d", param);
-+ snprintf(str, 20, "%d", param);
- attr_push(ATTR_ENGRAVE, str);
- }
- return FALSE;
-@@ -1976,7 +1976,7 @@ static int cmd_u (Word *w, int align, char has_param, int param) {
-
- short done=0;
- long unicode_number = (long) param; /* On 16bit architectures int is too small to store unicode characters. - AF */
-- char tmp[12]; /* Number of characters that can be in int type (including '\0'). If int size is greater than 4 bytes change this value. - AF */
-+ char tmp[20]; /* Number of characters that can be in int type (including '\0'). If int size is greater than 4 bytes change this value. - AF */
- const char *alias;
- #define DEBUG 0
- #if DEBUG
-@@ -2006,7 +2006,7 @@ static int cmd_u (Word *w, int align, char has_param, int param) {
- /* RTF spec: Unicode values beyond 32767 are represented by negative numbers */
- unicode_number += 65536;
- }
-- sprintf(tmp, "%ld", unicode_number);
-+ snprintf(tmp, 20, "%ld", unicode_number);
-
- if (safe_printf(1, op->unisymbol_print, tmp)) fprintf(stderr, TOO_MANY_ARGS, "unisymbol_print");
- done++;
-diff --git a/src/output.c b/src/output.c
-index 86d8b5c..4cdbfa6 100644
---- a/src/output.c
-+++ b/src/output.c
-@@ -320,7 +320,7 @@ op_begin_std_fontsize (OutputPersonality *op, int size)
- if (!found_std_expr) {
- if (op->fontsize_begin) {
- char expr[16];
-- sprintf (expr, "%d", size);
-+ snprintf(expr, 16, "%d", size);
- if (safe_printf (1, op->fontsize_begin, expr)) fprintf(stderr, TOO_MANY_ARGS, "fontsize_begin");
- } else {
- /* If we cannot write out a change for the exact
-@@ -440,7 +440,7 @@ op_end_std_fontsize (OutputPersonality *op, int size)
- if (!found_std_expr) {
- if (op->fontsize_end) {
- char expr[16];
-- sprintf (expr, "%d", size);
-+ snprintf(expr, 16, "%d", size);
- if (safe_printf(1, op->fontsize_end, expr)) fprintf(stderr, TOO_MANY_ARGS, "fontsize_end");
- } else {
- /* If we cannot write out a change for the exact
--
-.11.0
-
diff --git a/gnu/packages/patches/vboot-utils-fix-format-load-address.patch b/gnu/packages/patches/vboot-utils-fix-format-load-address.patch
new file mode 100644
index 0000000000..899531e40e
--- /dev/null
+++ b/gnu/packages/patches/vboot-utils-fix-format-load-address.patch
@@ -0,0 +1,33 @@
+This patch was copied from Debian.
+
+Description: Fix format load_address for 32 bits architectures
+ The offset and load_address are 64bits integers
+ On 32bits we have to use strtoull (instead of strtoul) to parse number
+ into 64bits unsigned integers. Without this the parsed numbers are
+ truncated to 2^32-1.
+Author: Sophie Brun <sophie@freexian.com>
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881997
+Forwarded: https://bugs.chromium.org/p/chromium/issues/detail?id=786969
+Last-Update: 2017-11-20
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/futility/cmd_bdb.c
++++ b/futility/cmd_bdb.c
+@@ -637,7 +637,7 @@ static int do_bdb(int argc, char *argv[]
+ }
+ break;
+ case OPT_OFFSET:
+- offset = strtoul(optarg, &e, 0);
++ offset = strtoull(optarg, &e, 0);
+ if (!*optarg || (e && *e)) {
+ fprintf(stderr, "Invalid --offset\n");
+ parse_error = 1;
+@@ -658,7 +658,7 @@ static int do_bdb(int argc, char *argv[]
+ }
+ break;
+ case OPT_LOAD_ADDRESS:
+- load_address = strtoul(optarg, &e, 0);
++ load_address = strtoull(optarg, &e, 0);
+ if (!*optarg || (e && *e)) {
+ fprintf(stderr, "Invalid --load_address\n");
+ parse_error = 1;
diff --git a/gnu/packages/patches/vboot-utils-fix-tests-show-contents.patch b/gnu/packages/patches/vboot-utils-fix-tests-show-contents.patch
new file mode 100644
index 0000000000..8e0c691a22
--- /dev/null
+++ b/gnu/packages/patches/vboot-utils-fix-tests-show-contents.patch
@@ -0,0 +1,142 @@
+This patch was copied from Debian.
+
+Description: Fix tests/futility/test_show_contents.sh
+ Tests compare generated files containing the file path and upstream files
+ ("expected output") containing path like
+ "/mnt/host/source/src/platform/vboot_reference/tests/". They can't
+ match. Drop these lines mentioning paths in the generated files and in
+ the upstream provided files to avoid failures.
+Author: Sophie Brun <sophie@freexian.com>
+Last-Update: 2017-11-14
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/tests/futility/expect_output/show.tests_devkeys_kernel.keyblock
++++ b/tests/futility/expect_output/show.tests_devkeys_kernel.keyblock
+@@ -1,4 +1,3 @@
+-Key block: /mnt/host/source/src/platform/vboot_reference/tests/devkeys/kernel.keyblock
+ Signature: ignored
+ Size: 0x4b8
+ Flags: 7 !DEV DEV !REC
+--- a/tests/futility/expect_output/show.tests_devkeys_root_key.vbprivk
++++ b/tests/futility/expect_output/show.tests_devkeys_root_key.vbprivk
+@@ -1,4 +1,3 @@
+-Private Key file: /mnt/host/source/src/platform/vboot_reference/tests/devkeys/root_key.vbprivk
+ Vboot API: 1.0
+ Algorithm: 11 RSA8192 SHA512
+ Key sha1sum: b11d74edd286c144e1135b49e7f0bc20cf041f10
+--- a/tests/futility/expect_output/show.tests_devkeys_root_key.vbpubk
++++ b/tests/futility/expect_output/show.tests_devkeys_root_key.vbpubk
+@@ -1,4 +1,3 @@
+-Public Key file: /mnt/host/source/src/platform/vboot_reference/tests/devkeys/root_key.vbpubk
+ Vboot API: 1.0
+ Algorithm: 11 RSA8192 SHA512
+ Key Version: 1
+--- a/tests/futility/expect_output/show.tests_futility_data_bios_mario_mp.bin
++++ b/tests/futility/expect_output/show.tests_futility_data_bios_mario_mp.bin
+@@ -1,4 +1,3 @@
+-BIOS: /mnt/host/source/src/platform/vboot_reference/tests/futility/data/bios_mario_mp.bin
+ GBB header: GBB Area
+ Version: 1.0
+ Flags: 0x00000000
+--- a/tests/futility/expect_output/show.tests_futility_data_bios_zgb_mp.bin
++++ b/tests/futility/expect_output/show.tests_futility_data_bios_zgb_mp.bin
+@@ -1,4 +1,3 @@
+-BIOS: /mnt/host/source/src/platform/vboot_reference/tests/futility/data/bios_zgb_mp.bin
+ GBB header: GBB
+ Version: 1.0
+ Flags: 0x00000000
+--- a/tests/futility/expect_output/show.tests_futility_data_fw_gbb.bin
++++ b/tests/futility/expect_output/show.tests_futility_data_fw_gbb.bin
+@@ -1,4 +1,3 @@
+-GBB header: /mnt/host/source/src/platform/vboot_reference/tests/futility/data/fw_gbb.bin
+ Version: 1.1
+ Flags: 0x00000039
+ Regions: offset size
+--- a/tests/futility/expect_output/show.tests_futility_data_fw_vblock.bin
++++ b/tests/futility/expect_output/show.tests_futility_data_fw_vblock.bin
+@@ -1,4 +1,3 @@
+-Key block: /mnt/host/source/src/platform/vboot_reference/tests/futility/data/fw_vblock.bin
+ Signature: ignored
+ Size: 0x8b8
+ Flags: 7 !DEV DEV !REC
+--- a/tests/futility/expect_output/show.tests_futility_data_kern_preamble.bin
++++ b/tests/futility/expect_output/show.tests_futility_data_kern_preamble.bin
+@@ -1,4 +1,3 @@
+-Kernel partition: /mnt/host/source/src/platform/vboot_reference/tests/futility/data/kern_preamble.bin
+ Key block:
+ Signature: ignored
+ Size: 0x5b8
+--- a/tests/futility/expect_output/show.tests_futility_data_sample.vbprik2
++++ b/tests/futility/expect_output/show.tests_futility_data_sample.vbprik2
+@@ -1,4 +1,3 @@
+-Private key file: /mnt/host/source/src/platform/vboot_reference/tests/futility/data/sample.vbprik2
+ Vboot API: 2.1
+ Desc: "sample vb21 keypair"
+ Signature Algorithm: 5 RSA8192
+--- a/tests/futility/expect_output/show.tests_futility_data_sample.vbpubk2
++++ b/tests/futility/expect_output/show.tests_futility_data_sample.vbpubk2
+@@ -1,4 +1,3 @@
+-Public Key file: /mnt/host/source/src/platform/vboot_reference/tests/futility/data/sample.vbpubk2
+ Vboot API: 2.1
+ Desc: "sample vb21 keypair"
+ Signature Algorithm: 5 RSA8192
+--- a/tests/futility/expect_output/show.tests_testkeys_key_rsa2048.pem
++++ b/tests/futility/expect_output/show.tests_testkeys_key_rsa2048.pem
+@@ -1,3 +1,2 @@
+-Private Key file: /mnt/host/source/src/platform/vboot_reference/tests/testkeys/key_rsa2048.pem
+ Key length: 2048
+ Key sha1sum: bfb2fa9188a87bf766dd7c313ea6802553b646b6
+--- a/tests/futility/expect_output/show.tests_testkeys_key_rsa8192.pub.pem
++++ b/tests/futility/expect_output/show.tests_testkeys_key_rsa8192.pub.pem
+@@ -1,3 +1,2 @@
+-Public Key file: /mnt/host/source/src/platform/vboot_reference/tests/testkeys/key_rsa8192.pub.pem
+ Key length: 8192
+ Key sha1sum: f1afa44a1aed0d0e9ff630579df920a725e9de5e
+--- a/tests/futility/test_show_contents.sh
++++ b/tests/futility/test_show_contents.sh
+@@ -29,7 +29,7 @@ for file in $SHOW_FILES; do
+ outfile="show.${file//\//_}"
+ gotfile="${OUTDIR}/${outfile}"
+ wantfile="${SRCDIR}/tests/futility/expect_output/${outfile}"
+- ${FUTILITY} show "${SRCDIR}/${file}" | tee "${gotfile}"
++ ${FUTILITY} show "${SRCDIR}/${file}" | grep -v "tests/" | tee "${gotfile}"
+
+ # Uncomment this to update the expected output
+ #cp ${gotfile} ${wantfile}
+@@ -48,7 +48,7 @@ for file in $VBUTIL_KEY_FILES; do
+ outfile="vbutil_key.${file//\//_}"
+ gotfile="${OUTDIR}/${outfile}"
+ wantfile="${SRCDIR}/tests/futility/expect_output/${outfile}"
+- ${FUTILITY} vbutil_key --unpack "${SRCDIR}/${file}" | tee "${gotfile}"
++ ${FUTILITY} vbutil_key --unpack "${SRCDIR}/${file}" | grep -v "tests/" | tee "${gotfile}"
+
+ # Uncomment this to update the expected output
+ #cp ${gotfile} ${wantfile}
+@@ -64,7 +64,7 @@ gotfile="${OUTDIR}/${outfile}"
+ wantfile="${SRCDIR}/tests/futility/expect_output/${outfile}"
+ ${FUTILITY} vbutil_keyblock --unpack "${SRCDIR}/${file}" \
+ --signpubkey "${SRCDIR}/tests/devkeys/kernel_subkey.vbpubk" \
+- | tee "${gotfile}"
++ | grep -v "tests/" | tee "${gotfile}"
+
+ # Uncomment this to update the expected output
+ #cp ${gotfile} ${wantfile}
+--- a/tests/futility/expect_output/vbutil_key.tests_devkeys_root_key.vbprivk
++++ b/tests/futility/expect_output/vbutil_key.tests_devkeys_root_key.vbprivk
+@@ -1,2 +1 @@
+-Private Key file: /mnt/host/source/src/platform/vboot_reference/tests/devkeys/root_key.vbprivk
+ Algorithm: 11 RSA8192 SHA512
+--- a/tests/futility/expect_output/vbutil_keyblock.tests_devkeys_kernel.keyblock
++++ b/tests/futility/expect_output/vbutil_keyblock.tests_devkeys_kernel.keyblock
+@@ -1,4 +1,3 @@
+-Key block file: /mnt/host/source/src/platform/vboot_reference/tests/devkeys/kernel.keyblock
+ Signature valid
+ Flags: 7 !DEV DEV !REC
+ Data key algorithm: 4 RSA2048 SHA256
+--- a/tests/futility/expect_output/vbutil_key.tests_devkeys_root_key.vbpubk
++++ b/tests/futility/expect_output/vbutil_key.tests_devkeys_root_key.vbpubk
+@@ -1,4 +1,3 @@
+-Public Key file: /mnt/host/source/src/platform/vboot_reference/tests/devkeys/root_key.vbpubk
+ Algorithm: 11 RSA8192 SHA512
+ Key Version: 1
+ Key sha1sum: b11d74edd286c144e1135b49e7f0bc20cf041f10
diff --git a/gnu/packages/patches/vboot-utils-skip-test-workbuf.patch b/gnu/packages/patches/vboot-utils-skip-test-workbuf.patch
new file mode 100644
index 0000000000..9618c76f83
--- /dev/null
+++ b/gnu/packages/patches/vboot-utils-skip-test-workbuf.patch
@@ -0,0 +1,21 @@
+This patch was copied from Debian.
+
+Description: skip the workbuf test if VB2_WORKBUF_ALIGN different from 16
+Author: Sophie Brun <sophie@freexian.com>
+Last-Update: 2015-12-03
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/tests/vb2_common_tests.c
++++ b/tests/vb2_common_tests.c
+@@ -70,6 +70,11 @@ static void test_workbuf(void)
+ /* NOTE: There are several magic numbers below which assume that
+ * VB2_WORKBUF_ALIGN == 16 */
+
++ /* Skip the tests if VB2_WORKBUF_ALIGN != 16 */
++ if (VB2_WORKBUF_ALIGN != 16) {
++ return;
++ }
++
+ /* Init */
+ vb2_workbuf_init(&wb, p0, 64);
+ TEST_EQ(vb2_offset_of(p0, wb.buf), 0, "Workbuf init aligned");
diff --git a/gnu/packages/patches/vinagre-newer-freerdp.patch b/gnu/packages/patches/vinagre-newer-freerdp.patch
new file mode 100644
index 0000000000..ab79fefc5c
--- /dev/null
+++ b/gnu/packages/patches/vinagre-newer-freerdp.patch
@@ -0,0 +1,320 @@
+https://gitlab.gnome.org/GNOME/vinagre/merge_requests/4.patch
+
+From 83ec3835c36d5cd2c957512c18d21a33b4136c95 Mon Sep 17 00:00:00 2001
+From: Ondrej Holy <oholy@redhat.com>
+Date: Tue, 20 Nov 2018 14:57:17 +0100
+Subject: [PATCH 1/2] Fix build with recent FreeRDP versions
+
+Vinagre is not buildable with recent FreeRDP versions and similar patches
+are used by distributions to fix that. I have also removed some old
+compatibility codes, because it wasn't buildable against 1.0, nor 1.1
+anyway and 1.2 has never been officially released and is superseded by 2.0.
+
+https://gitlab.gnome.org/GNOME/vinagre/issues/4
+---
+ configure.ac | 7 +-
+ plugins/rdp/vinagre-rdp-tab.c | 129 +++++++---------------------------
+ 2 files changed, 27 insertions(+), 109 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 5b51a82..61617f1 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -58,16 +58,15 @@ AS_IF([test "x$have_ssh" = "xyes"],
+ AM_CONDITIONAL([VINAGRE_ENABLE_SSH], [test "x$have_ssh" = "xyes"])
+
+ # Whether to enable support for RDP.
+-RDP_DEPS="freerdp x11"
++RDP_DEPS="freerdp2 x11"
++
+ AC_ARG_ENABLE([rdp],
+ [AS_HELP_STRING([--disable-rdp],
+ [Disable Remote Desktop Protocol (RDP) support])])
+
+ AS_IF([test "x$enable_rdp" != "xno"],
+ [PKG_CHECK_EXISTS([$RDP_DEPS],
+- [have_rdp=yes
+- PKG_CHECK_EXISTS(freerdp >= 1.1,
+- [AC_DEFINE([HAVE_FREERDP_1_1], [1], [FreeRDP is of version 1.1 or newer])], [])],
++ [have_rdp=yes],
+ [have_rdp=no])],
+ [have_rdp=no])
+
+diff --git a/plugins/rdp/vinagre-rdp-tab.c b/plugins/rdp/vinagre-rdp-tab.c
+index 5b98c24..28e3eb6 100644
+--- a/plugins/rdp/vinagre-rdp-tab.c
++++ b/plugins/rdp/vinagre-rdp-tab.c
+@@ -29,12 +29,7 @@
+ #include <freerdp/types.h>
+ #include <freerdp/freerdp.h>
+ #include <freerdp/gdi/gdi.h>
+-#if HAVE_FREERDP_1_1
+ #include <freerdp/locale/keyboard.h>
+-#else
+-#include <freerdp/kbd/vkcodes.h>
+-#include <gdk/gdkx.h>
+-#endif
+
+ #include "vinagre-rdp-tab.h"
+ #include "vinagre-rdp-connection.h"
+@@ -44,12 +39,6 @@
+
+ #define SELECT_TIMEOUT 50
+
+-#if !HAVE_FREERDP_1_1
+-typedef boolean BOOL;
+-typedef uint8 UINT8;
+-typedef uint16 UINT16;
+-#endif
+-
+ struct _VinagreRdpTabPrivate
+ {
+ freerdp *freerdp_session;
+@@ -476,16 +465,18 @@ frdp_drawing_area_draw (GtkWidget *area,
+ return TRUE;
+ }
+
+-static void
++static BOOL
+ frdp_begin_paint (rdpContext *context)
+ {
+ rdpGdi *gdi = context->gdi;
+
+ gdi->primary->hdc->hwnd->invalid->null = 1;
+ gdi->primary->hdc->hwnd->ninvalid = 0;
++
++ return TRUE;
+ }
+
+-static void
++static BOOL
+ frdp_end_paint (rdpContext *context)
+ {
+ VinagreRdpTab *rdp_tab = ((frdpContext *) context)->rdp_tab;
+@@ -495,7 +486,7 @@ frdp_end_paint (rdpContext *context)
+ gint x, y, w, h;
+
+ if (gdi->primary->hdc->hwnd->invalid->null)
+- return;
++ return TRUE;
+
+ x = gdi->primary->hdc->hwnd->invalid->x;
+ y = gdi->primary->hdc->hwnd->invalid->y;
+@@ -517,6 +508,8 @@ frdp_end_paint (rdpContext *context)
+ {
+ gtk_widget_queue_draw_area (priv->display, x, y, w, h);
+ }
++
++ return TRUE;
+ }
+
+ static BOOL
+@@ -524,7 +517,6 @@ frdp_pre_connect (freerdp *instance)
+ {
+ rdpSettings *settings = instance->settings;
+
+-#if HAVE_FREERDP_1_1
+ settings->OrderSupport[NEG_DSTBLT_INDEX] = TRUE;
+ settings->OrderSupport[NEG_PATBLT_INDEX] = TRUE;
+ settings->OrderSupport[NEG_SCRBLT_INDEX] = TRUE;
+@@ -549,32 +541,6 @@ frdp_pre_connect (freerdp *instance)
+ settings->OrderSupport[NEG_POLYGON_CB_INDEX] = FALSE;
+ settings->OrderSupport[NEG_ELLIPSE_SC_INDEX] = FALSE;
+ settings->OrderSupport[NEG_ELLIPSE_CB_INDEX] = FALSE;
+-#else
+- settings->order_support[NEG_DSTBLT_INDEX] = true;
+- settings->order_support[NEG_PATBLT_INDEX] = true;
+- settings->order_support[NEG_SCRBLT_INDEX] = true;
+- settings->order_support[NEG_OPAQUE_RECT_INDEX] = true;
+- settings->order_support[NEG_DRAWNINEGRID_INDEX] = false;
+- settings->order_support[NEG_MULTIDSTBLT_INDEX] = false;
+- settings->order_support[NEG_MULTIPATBLT_INDEX] = false;
+- settings->order_support[NEG_MULTISCRBLT_INDEX] = false;
+- settings->order_support[NEG_MULTIOPAQUERECT_INDEX] = true;
+- settings->order_support[NEG_MULTI_DRAWNINEGRID_INDEX] = false;
+- settings->order_support[NEG_LINETO_INDEX] = true;
+- settings->order_support[NEG_POLYLINE_INDEX] = true;
+- settings->order_support[NEG_MEMBLT_INDEX] = true;
+- settings->order_support[NEG_MEM3BLT_INDEX] = false;
+- settings->order_support[NEG_MEMBLT_V2_INDEX] = true;
+- settings->order_support[NEG_MEM3BLT_V2_INDEX] = false;
+- settings->order_support[NEG_SAVEBITMAP_INDEX] = false;
+- settings->order_support[NEG_GLYPH_INDEX_INDEX] = true;
+- settings->order_support[NEG_FAST_INDEX_INDEX] = true;
+- settings->order_support[NEG_FAST_GLYPH_INDEX] = false;
+- settings->order_support[NEG_POLYGON_SC_INDEX] = false;
+- settings->order_support[NEG_POLYGON_CB_INDEX] = false;
+- settings->order_support[NEG_ELLIPSE_SC_INDEX] = false;
+- settings->order_support[NEG_ELLIPSE_CB_INDEX] = false;
+-#endif
+
+ return TRUE;
+ }
+@@ -587,15 +553,7 @@ frdp_post_connect (freerdp *instance)
+ rdpGdi *gdi;
+ int stride;
+
+- gdi_init (instance,
+-#if defined(FREERDP_VERSION_MAJOR) && defined(FREERDP_VERSION_MINOR) && \
+- !(FREERDP_VERSION_MAJOR > 1 || (FREERDP_VERSION_MAJOR == 1 && \
+- FREERDP_VERSION_MINOR >= 2))
+- CLRBUF_24BPP,
+-#else
+- CLRBUF_32BPP,
+-#endif
+- NULL);
++ gdi_init (instance, PIXEL_FORMAT_BGRA32);
+ gdi = instance->context->gdi;
+
+ instance->update->BeginPaint = frdp_begin_paint;
+@@ -705,21 +663,15 @@ frdp_key_pressed (GtkWidget *widget,
+ VinagreRdpTab *rdp_tab = (VinagreRdpTab *) user_data;
+ VinagreRdpTabPrivate *priv = rdp_tab->priv;
+ frdpEventKey *frdp_event;
+-#if HAVE_FREERDP_1_1
+ UINT16 scancode;
+-#endif
+
+ frdp_event = g_new0 (frdpEventKey, 1);
+ frdp_event->type = FRDP_EVENT_TYPE_KEY;
+ frdp_event->flags = event->type == GDK_KEY_PRESS ? KBD_FLAGS_DOWN : KBD_FLAGS_RELEASE;
+
+-#if HAVE_FREERDP_1_1
+ scancode = freerdp_keyboard_get_rdp_scancode_from_x11_keycode (event->hardware_keycode);
+ frdp_event->code = RDP_SCANCODE_CODE(scancode);
+ frdp_event->extended = RDP_SCANCODE_EXTENDED(scancode);
+-#else
+- frdp_event->code = freerdp_kbd_get_scancode_by_keycode (event->hardware_keycode, &frdp_event->extended);
+-#endif
+
+ if (frdp_event->extended)
+ frdp_event->flags |= KBD_FLAGS_EXTENDED;
+@@ -934,11 +886,13 @@ frdp_authenticate (freerdp *instance,
+ return TRUE;
+ }
+
+-static BOOL
++static DWORD
+ frdp_certificate_verify (freerdp *instance,
+- char *subject,
+- char *issuer,
+- char *fingerprint)
++ const char *common_name,
++ const char *subject,
++ const char *issuer,
++ const char *fingerprint,
++ BOOL host_mismatch)
+ {
+ VinagreTab *tab = VINAGRE_TAB (((frdpContext *) instance->context)->rdp_tab);
+ GtkBuilder *builder;
+@@ -968,17 +922,18 @@ frdp_certificate_verify (freerdp *instance,
+ gtk_widget_hide (dialog);
+
+
+- return response == GTK_RESPONSE_YES;
++ return (response == GTK_RESPONSE_YES) ? 1 : 0;
+ }
+
+-
+-#if HAVE_FREERDP_1_1
+-static BOOL
++static DWORD
+ frdp_changed_certificate_verify (freerdp *instance,
+- char *subject,
+- char *issuer,
+- char *new_fingerprint,
+- char *old_fingerprint)
++ const char *common_name,
++ const char *subject,
++ const char *issuer,
++ const char *new_fingerprint,
++ const char *old_subject,
++ const char *old_issuer,
++ const char *old_fingerprint)
+ {
+ VinagreTab *tab = VINAGRE_TAB (((frdpContext *) instance->context)->rdp_tab);
+ GtkBuilder *builder;
+@@ -1023,9 +978,8 @@ frdp_changed_certificate_verify (freerdp *instance,
+ gtk_widget_hide (dialog);
+
+
+- return response == GTK_RESPONSE_YES;
++ return (response == GTK_RESPONSE_YES) ? 1 : 0;
+ }
+-#endif
+
+ static void
+ init_freerdp (VinagreRdpTab *rdp_tab)
+@@ -1053,15 +1007,9 @@ init_freerdp (VinagreRdpTab *rdp_tab)
+ priv->freerdp_session->PostConnect = frdp_post_connect;
+ priv->freerdp_session->Authenticate = frdp_authenticate;
+ priv->freerdp_session->VerifyCertificate = frdp_certificate_verify;
+-#if HAVE_FREERDP_1_1
+ priv->freerdp_session->VerifyChangedCertificate = frdp_changed_certificate_verify;
+-#endif
+
+-#if HAVE_FREERDP_1_1
+ priv->freerdp_session->ContextSize = sizeof (frdpContext);
+-#else
+- priv->freerdp_session->context_size = sizeof (frdpContext);
+-#endif
+
+ freerdp_context_new (priv->freerdp_session);
+ ((frdpContext *) priv->freerdp_session->context)->rdp_tab = rdp_tab;
+@@ -1070,53 +1018,24 @@ init_freerdp (VinagreRdpTab *rdp_tab)
+ settings = priv->freerdp_session->settings;
+
+ /* Security settings */
+-#if HAVE_FREERDP_1_1
+ settings->RdpSecurity = TRUE;
+ settings->TlsSecurity = TRUE;
+ settings->NlaSecurity = TRUE;
+ settings->EncryptionMethods = ENCRYPTION_METHOD_40BIT | ENCRYPTION_METHOD_128BIT | ENCRYPTION_METHOD_FIPS;
+ settings->EncryptionLevel = ENCRYPTION_LEVEL_CLIENT_COMPATIBLE;
+-#else
+- settings->rdp_security = true;
+- settings->tls_security = true;
+- settings->nla_security = true;
+- settings->encryption = true;
+- settings->encryption_method = ENCRYPTION_METHOD_40BIT | ENCRYPTION_METHOD_128BIT | ENCRYPTION_METHOD_FIPS;
+- settings->encryption_level = ENCRYPTION_LEVEL_CLIENT_COMPATIBLE;
+-#endif
+-#include <freerdp/version.h>
+-#if (FREERDP_VERSION_MAJOR == 1 && FREERDP_VERSION_MINOR >= 2 && FREERDP_VERSION_REVISION >= 1) || (FREERDP_VERSION_MAJOR == 2)
+ settings->UseRdpSecurityLayer = FALSE;
+-#else
+- settings->DisableEncryption = FALSE;
+-#endif
+
+ /* Set display size */
+-#if HAVE_FREERDP_1_1
+ settings->DesktopWidth = width;
+ settings->DesktopHeight = height;
+-#else
+- settings->width = width;
+- settings->height = height;
+-#endif
+
+ /* Set hostname */
+-#if HAVE_FREERDP_1_1
+ settings->WindowTitle = g_strdup (hostname);
+ settings->ServerHostname = g_strdup (hostname);
+ settings->ServerPort = port;
+-#else
+- settings->window_title = g_strdup (hostname);
+- settings->hostname = g_strdup (hostname);
+- settings->port = port;
+-#endif
+
+ /* Set keyboard layout */
+-#if HAVE_FREERDP_1_1
+ freerdp_keyboard_init (KBD_US);
+-#else
+- freerdp_kbd_init (GDK_DISPLAY_XDISPLAY (gdk_display_get_default ()), KBD_US);
+-#endif
+
+ /* Allow font smoothing by default */
+ settings->AllowFontSmoothing = TRUE;
+--
+2.18.1
+
diff --git a/gnu/packages/patches/vinagre-newer-rdp-parameters.patch b/gnu/packages/patches/vinagre-newer-rdp-parameters.patch
new file mode 100644
index 0000000000..99bcee5a98
--- /dev/null
+++ b/gnu/packages/patches/vinagre-newer-rdp-parameters.patch
@@ -0,0 +1,212 @@
+https://gitlab.gnome.org/GNOME/vinagre/merge_requests/4.patch
+
+From 141f9383129795da267a8111897fb3a0a324b080 Mon Sep 17 00:00:00 2001
+From: Ondrej Holy <oholy@redhat.com>
+Date: Thu, 22 Nov 2018 17:22:35 +0100
+Subject: [PATCH 2/2] Handle new RDP certificate parameters
+
+The freerdp2 certificate callbacks contains more parameters, let's
+present some of them to user also.
+---
+ data/vinagre.ui | 80 ++++++++++++++++++++++++++++++-----
+ plugins/rdp/vinagre-rdp-tab.c | 26 +++++-------
+ 2 files changed, 80 insertions(+), 26 deletions(-)
+
+diff --git a/data/vinagre.ui b/data/vinagre.ui
+index 3135336..d7ce258 100644
+--- a/data/vinagre.ui
++++ b/data/vinagre.ui
+@@ -885,7 +885,7 @@ Do you trust the new certificate?</property>
+ <property name="vexpand">True</property>
+ <property name="xalign">0</property>
+ <property name="xpad">12</property>
+- <property name="label" translatable="yes" comments="Subject of the certificate.">Subject:</property>
++ <property name="label" translatable="yes" comments="Subject of the certificate.">New subject:</property>
+ </object>
+ <packing>
+ <property name="left_attach">0</property>
+@@ -901,7 +901,7 @@ Do you trust the new certificate?</property>
+ <property name="vexpand">True</property>
+ <property name="xalign">0</property>
+ <property name="xpad">12</property>
+- <property name="label" translatable="yes" comments="Issuer of the certificate.">Issuer:</property>
++ <property name="label" translatable="yes" comments="Issuer of the certificate.">New issuer:</property>
+ </object>
+ <packing>
+ <property name="left_attach">0</property>
+@@ -927,7 +927,55 @@ Do you trust the new certificate?</property>
+ </packing>
+ </child>
+ <child>
+- <object class="GtkLabel" id="certificate_changed_subject">
++ <object class="GtkLabel">
++ <property name="visible">True</property>
++ <property name="can_focus">False</property>
++ <property name="vexpand">True</property>
++ <property name="xalign">0</property>
++ <property name="xpad">12</property>
++ <property name="label" translatable="yes" comments="Subject of the old certificate.">Old subject:</property>
++ </object>
++ <packing>
++ <property name="left_attach">0</property>
++ <property name="top_attach">3</property>
++ <property name="width">1</property>
++ <property name="height">1</property>
++ </packing>
++ </child>
++ <child>
++ <object class="GtkLabel">
++ <property name="visible">True</property>
++ <property name="can_focus">False</property>
++ <property name="vexpand">True</property>
++ <property name="xalign">0</property>
++ <property name="xpad">12</property>
++ <property name="label" translatable="yes" comments="Issuer of the old certificate.">Old issuer:</property>
++ </object>
++ <packing>
++ <property name="left_attach">0</property>
++ <property name="top_attach">4</property>
++ <property name="width">1</property>
++ <property name="height">1</property>
++ </packing>
++ </child>
++ <child>
++ <object class="GtkLabel">
++ <property name="visible">True</property>
++ <property name="can_focus">False</property>
++ <property name="vexpand">True</property>
++ <property name="xalign">0</property>
++ <property name="xpad">12</property>
++ <property name="label" translatable="yes" comments="Fingerprint of the old certificate.">Old fingerprint:</property>
++ </object>
++ <packing>
++ <property name="left_attach">0</property>
++ <property name="top_attach">5</property>
++ <property name="width">1</property>
++ <property name="height">1</property>
++ </packing>
++ </child>
++ <child>
++ <object class="GtkLabel" id="certificate_changed_new_subject">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="hexpand">True</property>
+@@ -942,7 +990,7 @@ Do you trust the new certificate?</property>
+ </packing>
+ </child>
+ <child>
+- <object class="GtkLabel" id="certificate_changed_issuer">
++ <object class="GtkLabel" id="certificate_changed_new_issuer">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="hexpand">True</property>
+@@ -972,21 +1020,33 @@ Do you trust the new certificate?</property>
+ </packing>
+ </child>
+ <child>
+- <object class="GtkLabel" id="certificate_changed_old_fingerprint_label">
++ <object class="GtkLabel" id="certificate_changed_old_subject">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+- <property name="vexpand">True</property>
++ <property name="hexpand">True</property>
+ <property name="xalign">0</property>
+- <property name="xpad">12</property>
+- <property name="label" translatable="yes" comments="Fingerprint of the old certificate.">Old fingerprint:</property>
+ </object>
+ <packing>
+- <property name="left_attach">0</property>
++ <property name="left_attach">1</property>
+ <property name="top_attach">3</property>
+ <property name="width">1</property>
+ <property name="height">1</property>
+ </packing>
+ </child>
++ <child>
++ <object class="GtkLabel" id="certificate_changed_old_issuer">
++ <property name="visible">True</property>
++ <property name="can_focus">False</property>
++ <property name="hexpand">True</property>
++ <property name="xalign">0</property>
++ </object>
++ <packing>
++ <property name="left_attach">1</property>
++ <property name="top_attach">4</property>
++ <property name="width">1</property>
++ <property name="height">1</property>
++ </packing>
++ </child>
+ <child>
+ <object class="GtkLabel" id="certificate_changed_old_fingerprint">
+ <property name="visible">True</property>
+@@ -997,7 +1057,7 @@ Do you trust the new certificate?</property>
+ </object>
+ <packing>
+ <property name="left_attach">1</property>
+- <property name="top_attach">3</property>
++ <property name="top_attach">5</property>
+ <property name="width">1</property>
+ <property name="height">1</property>
+ </packing>
+diff --git a/plugins/rdp/vinagre-rdp-tab.c b/plugins/rdp/vinagre-rdp-tab.c
+index 28e3eb6..30a8698 100644
+--- a/plugins/rdp/vinagre-rdp-tab.c
++++ b/plugins/rdp/vinagre-rdp-tab.c
+@@ -917,6 +917,7 @@ frdp_certificate_verify (freerdp *instance,
+ widget = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_fingerprint"));
+ gtk_label_set_text (GTK_LABEL (widget), fingerprint);
+
++ /* FIXME: Warn user in case of host_mismatch. */
+
+ response = gtk_dialog_run (GTK_DIALOG (dialog));
+ gtk_widget_hide (dialog);
+@@ -939,7 +940,6 @@ frdp_changed_certificate_verify (freerdp *instance,
+ GtkBuilder *builder;
+ GtkWidget *dialog;
+ GtkWidget *widget;
+- GtkWidget *label;
+ gint response;
+
+ builder = vinagre_utils_get_builder ();
+@@ -950,29 +950,23 @@ frdp_changed_certificate_verify (freerdp *instance,
+ _("Connect"), GTK_RESPONSE_YES, NULL);
+ gtk_dialog_set_default_response (GTK_DIALOG (dialog), GTK_RESPONSE_YES);
+
+- widget = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_changed_subject"));
++ widget = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_changed_new_subject"));
+ gtk_label_set_text (GTK_LABEL (widget), subject);
+
+- widget = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_changed_issuer"));
++ widget = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_changed_new_issuer"));
+ gtk_label_set_text (GTK_LABEL (widget), issuer);
+
+ widget = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_changed_new_fingerprint"));
+ gtk_label_set_text (GTK_LABEL (widget), new_fingerprint);
+
+- widget = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_changed_old_fingerprint"));
+- label = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_changed_old_fingerprint_label"));
+- if (old_fingerprint != NULL && old_fingerprint[0] != '\0')
+- {
+- gtk_label_set_text (GTK_LABEL (widget), old_fingerprint);
+- gtk_widget_show (widget);
+- gtk_widget_show (label);
+- }
+- else
+- {
+- gtk_widget_hide (widget);
+- gtk_widget_hide (label);
+- }
++ widget = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_changed_old_subject"));
++ gtk_label_set_text (GTK_LABEL (widget), old_subject);
+
++ widget = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_changed_old_issuer"));
++ gtk_label_set_text (GTK_LABEL (widget), old_issuer);
++
++ widget = GTK_WIDGET (gtk_builder_get_object (builder, "certificate_changed_old_fingerprint"));
++ gtk_label_set_text (GTK_LABEL (widget), old_fingerprint);
+
+ response = gtk_dialog_run (GTK_DIALOG (dialog));
+ gtk_widget_hide (dialog);
+--
+2.18.1
+
diff --git a/gnu/packages/patches/vinagre-revert-1.patch b/gnu/packages/patches/vinagre-revert-1.patch
deleted file mode 100644
index 5a983770b7..0000000000
--- a/gnu/packages/patches/vinagre-revert-1.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-Patch taken from Debian: revert changes that prevent building against freerdp
-version 1.1 branch.
-
-From 8ebc0685b85e0d1f70eb00171f2e7712de3d44bd Mon Sep 17 00:00:00 2001
-From: Michael Biebl <biebl@debian.org>
-Date: Thu, 22 Sep 2016 01:15:55 +0200
-Subject: [PATCH 1/2] Revert "Improve FreeRDP authentication failure handling"
-
-This reverts commit d7b4f88943e8615d252d27e1efc58cb64a9e1821.
----
- plugins/rdp/vinagre-rdp-tab.c | 10 ++++++----
- 1 file changed, 6 insertions(+), 4 deletions(-)
-
-diff --git a/plugins/rdp/vinagre-rdp-tab.c b/plugins/rdp/vinagre-rdp-tab.c
-index b731f9b..8572bc3 100644
---- a/plugins/rdp/vinagre-rdp-tab.c
-+++ b/plugins/rdp/vinagre-rdp-tab.c
-@@ -1195,8 +1195,8 @@ open_freerdp (VinagreRdpTab *rdp_tab)
- VinagreTab *tab = VINAGRE_TAB (rdp_tab);
- GtkWindow *window = GTK_WINDOW (vinagre_tab_get_window (tab));
- gboolean success = TRUE;
-+ gboolean authentication_error = FALSE;
- gboolean cancelled = FALSE;
-- guint authentication_errors = 0;
-
- priv->events = g_queue_new ();
-
-@@ -1205,12 +1205,14 @@ open_freerdp (VinagreRdpTab *rdp_tab)
-
- do
- {
-+ authentication_error = FALSE;
-+
- /* Run FreeRDP session */
- success = freerdp_connect (priv->freerdp_session);
- if (!success)
- {
-- authentication_errors += freerdp_get_last_error (priv->freerdp_session->context) == 0x20009 ||
-- freerdp_get_last_error (priv->freerdp_session->context) == 0x2000c;
-+ authentication_error = freerdp_get_last_error (priv->freerdp_session->context) == 0x20009 ||
-+ freerdp_get_last_error (priv->freerdp_session->context) == 0x2000c;
-
- cancelled = freerdp_get_last_error (priv->freerdp_session->context) == 0x2000b;
-
-@@ -1218,7 +1220,7 @@ open_freerdp (VinagreRdpTab *rdp_tab)
- init_freerdp (rdp_tab);
- }
- }
-- while (!success && authentication_errors < 3);
-+ while (!success && authentication_error);
-
- if (!success)
- {
---
-2.9.3
-
diff --git a/gnu/packages/patches/vinagre-revert-2.patch b/gnu/packages/patches/vinagre-revert-2.patch
deleted file mode 100644
index 686ee203e4..0000000000
--- a/gnu/packages/patches/vinagre-revert-2.patch
+++ /dev/null
@@ -1,448 +0,0 @@
-Patch taken from Debian: revert changes that prevent building against freerdp
-version 1.1 branch.
-
-From bb1828b6b7eb29bb037bcc687cf10f916ddc7561 Mon Sep 17 00:00:00 2001
-From: Michael Biebl <biebl@debian.org>
-Date: Thu, 22 Sep 2016 01:18:16 +0200
-Subject: [PATCH 2/2] Revert "Store credentials for RDP"
-
-This reverts commit 60dea279a24c7f0e398b89a0a60d45e80087ed1d.
----
- plugins/rdp/vinagre-rdp-connection.c | 22 +---
- plugins/rdp/vinagre-rdp-plugin.c | 29 +----
- plugins/rdp/vinagre-rdp-tab.c | 231 +++++++++++++++++------------------
- 3 files changed, 123 insertions(+), 159 deletions(-)
-
-diff --git a/plugins/rdp/vinagre-rdp-connection.c b/plugins/rdp/vinagre-rdp-connection.c
-index f0ff02b..c5f6ed1 100644
---- a/plugins/rdp/vinagre-rdp-connection.c
-+++ b/plugins/rdp/vinagre-rdp-connection.c
-@@ -127,25 +127,9 @@ rdp_parse_item (VinagreConnection *conn, xmlNode *root)
- static void
- rdp_parse_options_widget (VinagreConnection *conn, GtkWidget *widget)
- {
-- const gchar *text;
-- GtkWidget *u_entry, *d_entry, *spin_button, *scaling_button;
-- gboolean scaling;
-- guint width, height;
--
-- d_entry = g_object_get_data (G_OBJECT (widget), "domain_entry");
-- if (!d_entry)
-- {
-- g_warning ("Wrong widget passed to rdp_parse_options_widget()");
-- return;
-- }
--
-- text = gtk_entry_get_text (GTK_ENTRY (d_entry));
-- vinagre_cache_prefs_set_string ("rdp-connection", "domain", text);
--
-- g_object_set (conn,
-- "domain", text != NULL && *text != '\0' ? text : NULL,
-- NULL);
--
-+ GtkWidget *u_entry, *spin_button, *scaling_button;
-+ gboolean scaling;
-+ guint width, height;
-
- u_entry = g_object_get_data (G_OBJECT (widget), "username_entry");
- if (!u_entry)
-diff --git a/plugins/rdp/vinagre-rdp-plugin.c b/plugins/rdp/vinagre-rdp-plugin.c
-index 4751102..f41da37 100644
---- a/plugins/rdp/vinagre-rdp-plugin.c
-+++ b/plugins/rdp/vinagre-rdp-plugin.c
-@@ -100,7 +100,7 @@ vinagre_rdp_plugin_init (VinagreRdpPlugin *plugin)
- static GtkWidget *
- impl_get_connect_widget (VinagreProtocol *plugin, VinagreConnection *conn)
- {
-- GtkWidget *grid, *label, *u_entry, *d_entry, *spin_button, *check;
-+ GtkWidget *grid, *label, *u_entry, *spin_button, *check;
- gchar *str;
- gint width, height;
-
-@@ -146,29 +146,10 @@ impl_get_connect_widget (VinagreProtocol *plugin, VinagreConnection *conn)
- g_free (str);
-
-
-- label = gtk_label_new_with_mnemonic (_("_Domain:"));
-- gtk_misc_set_alignment (GTK_MISC (label), 0.0, 0.5);
-- gtk_grid_attach (GTK_GRID (grid), label, 0, 3, 1, 1);
-- gtk_widget_set_margin_left (label, 12);
--
-- d_entry = gtk_entry_new ();
-- /* Translators: This is the tooltip for the domain field in a RDP connection */
-- gtk_widget_set_tooltip_text (d_entry, _("Optional."));
-- g_object_set_data (G_OBJECT (grid), "domain_entry", d_entry);
-- gtk_grid_attach (GTK_GRID (grid), d_entry, 1, 3, 1, 1);
-- gtk_label_set_mnemonic_widget (GTK_LABEL (label), d_entry);
-- str = g_strdup (VINAGRE_IS_CONNECTION (conn) ?
-- vinagre_connection_get_domain (conn) :
-- vinagre_cache_prefs_get_string ("rdp-connection", "domain", ""));
-- gtk_entry_set_text (GTK_ENTRY (d_entry), str);
-- gtk_entry_set_activates_default (GTK_ENTRY (d_entry), TRUE);
-- g_free (str);
--
--
- /* Host width */
- label = gtk_label_new_with_mnemonic (_("_Width:"));
- gtk_misc_set_alignment (GTK_MISC (label), 0.0, 0.5);
-- gtk_grid_attach (GTK_GRID (grid), label, 0, 4, 1, 1);
-+ gtk_grid_attach (GTK_GRID (grid), label, 0, 3, 1, 1);
- gtk_widget_set_margin_left (label, 12);
-
- spin_button = gtk_spin_button_new_with_range (MIN_SIZE, MAX_SIZE, 1);
-@@ -176,7 +157,7 @@ impl_get_connect_widget (VinagreProtocol *plugin, VinagreConnection *conn)
- gtk_widget_set_tooltip_text (spin_button, _("Set width of the remote desktop"));
- gtk_spin_button_set_value (GTK_SPIN_BUTTON (spin_button), DEFAULT_WIDTH);
- g_object_set_data (G_OBJECT (grid), "width_spin_button", spin_button);
-- gtk_grid_attach (GTK_GRID (grid), spin_button, 1, 4, 1, 1);
-+ gtk_grid_attach (GTK_GRID (grid), spin_button, 1, 3, 1, 1);
- gtk_label_set_mnemonic_widget (GTK_LABEL (label), spin_button);
- width = VINAGRE_IS_CONNECTION (conn) ?
- vinagre_connection_get_width (conn) :
-@@ -188,7 +169,7 @@ impl_get_connect_widget (VinagreProtocol *plugin, VinagreConnection *conn)
- /* Host height */
- label = gtk_label_new_with_mnemonic (_("_Height:"));
- gtk_misc_set_alignment (GTK_MISC (label), 0.0, 0.5);
-- gtk_grid_attach (GTK_GRID (grid), label, 0, 5, 1, 1);
-+ gtk_grid_attach (GTK_GRID (grid), label, 0, 4, 1, 1);
- gtk_widget_set_margin_left (label, 12);
-
- spin_button = gtk_spin_button_new_with_range (MIN_SIZE, MAX_SIZE, 1);
-@@ -196,7 +177,7 @@ impl_get_connect_widget (VinagreProtocol *plugin, VinagreConnection *conn)
- gtk_widget_set_tooltip_text (spin_button, _("Set height of the remote desktop"));
- gtk_spin_button_set_value (GTK_SPIN_BUTTON (spin_button), DEFAULT_HEIGHT);
- g_object_set_data (G_OBJECT (grid), "height_spin_button", spin_button);
-- gtk_grid_attach (GTK_GRID (grid), spin_button, 1, 5, 1, 1);
-+ gtk_grid_attach (GTK_GRID (grid), spin_button, 1, 4, 1, 1);
- gtk_label_set_mnemonic_widget (GTK_LABEL (label), spin_button);
- height = VINAGRE_IS_CONNECTION (conn) ?
- vinagre_connection_get_height (conn) :
-diff --git a/plugins/rdp/vinagre-rdp-tab.c b/plugins/rdp/vinagre-rdp-tab.c
-index 8572bc3..f3d9c08 100644
---- a/plugins/rdp/vinagre-rdp-tab.c
-+++ b/plugins/rdp/vinagre-rdp-tab.c
-@@ -70,8 +70,6 @@ struct _VinagreRdpTabPrivate
- gboolean scaling;
- double scale;
- double offset_x, offset_y;
--
-- guint authentication_attempts;
- };
-
- G_DEFINE_TYPE (VinagreRdpTab, vinagre_rdp_tab, VINAGRE_TYPE_TAB)
-@@ -611,7 +609,6 @@ frdp_post_connect (freerdp *instance)
- 0, 0,
- gdi->width, gdi->height);
-
-- vinagre_tab_save_credentials_in_keyring (VINAGRE_TAB (rdp_tab));
- vinagre_tab_add_recent_used (VINAGRE_TAB (rdp_tab));
- vinagre_tab_set_state (VINAGRE_TAB (rdp_tab), VINAGRE_TAB_STATE_CONNECTED);
-
-@@ -862,76 +859,114 @@ frdp_mouse_moved (GtkWidget *widget,
- return TRUE;
- }
-
-+static void
-+entry_text_changed_cb (GtkEntry *entry,
-+ GtkBuilder *builder)
-+{
-+ const gchar *text;
-+ GtkWidget *widget;
-+ gsize username_length;
-+ gsize password_length;
-+
-+ widget = GTK_WIDGET (gtk_builder_get_object (builder, "username_entry"));
-+ text = gtk_entry_get_text (GTK_ENTRY (widget));
-+ username_length = strlen (text);
-+
-+ widget = GTK_WIDGET (gtk_builder_get_object (builder, "password_entry"));
-+ text = gtk_entry_get_text (GTK_ENTRY (widget));
-+ password_length = strlen (text);
-+
-+ widget = GTK_WIDGET (gtk_builder_get_object (builder, "ok_button"));
-+ gtk_widget_set_sensitive (widget, password_length > 0 && username_length > 0);
-+}
-+
- static gboolean
- frdp_authenticate (freerdp *instance,
- char **username,
- char **password,
- char **domain)
- {
-- VinagreTab *tab = VINAGRE_TAB (((frdpContext *) instance->context)->rdp_tab);
-- VinagreRdpTab *rdp_tab = VINAGRE_RDP_TAB (tab);
-- VinagreRdpTabPrivate *priv = rdp_tab->priv;
-- VinagreConnection *conn = vinagre_tab_get_conn (tab);
-- GtkWindow *window = GTK_WINDOW (vinagre_tab_get_window (tab));
-- gboolean save_in_keyring = FALSE;
-- gchar *keyring_domain = NULL;
-- gchar *keyring_username = NULL;
-- gchar *keyring_password = NULL;
-+ VinagreTab *tab = VINAGRE_TAB (((frdpContext *) instance->context)->rdp_tab);
-+ VinagreConnection *conn = vinagre_tab_get_conn (tab);
-+ const gchar *user_name;
-+ const gchar *domain_name;
-+ GtkBuilder *builder;
-+ GtkWidget *dialog;
-+ GtkWidget *widget;
-+ GtkWidget *username_entry;
-+ GtkWidget *password_entry;
-+ GtkWidget *domain_entry;
-+ gboolean save_credential_check_visible;
-+ gboolean domain_label_visible;
-+ gboolean domain_entry_visible;
-+ gint response;
-
-- priv->authentication_attempts++;
-+ builder = vinagre_utils_get_builder ();
-
-- if (priv->authentication_attempts == 1)
-- {
-- vinagre_tab_find_credentials_in_keyring (tab, &keyring_domain, &keyring_username, &keyring_password);
-- if (keyring_password != NULL && keyring_username != NULL)
-- {
-- *domain = keyring_domain;
-- *username = keyring_username;
-- *password = keyring_password;
-+ dialog = GTK_WIDGET (gtk_builder_get_object (builder, "auth_required_dialog"));
-+ gtk_window_set_modal ((GtkWindow *) dialog, TRUE);
-+ gtk_window_set_transient_for ((GtkWindow *) dialog, GTK_WINDOW (vinagre_tab_get_window (tab)));
-
-- return TRUE;
-- }
-- else
-- {
-- g_free (keyring_domain);
-- g_free (keyring_username);
-- g_free (keyring_password);
-- }
-+ widget = GTK_WIDGET (gtk_builder_get_object (builder, "host_label"));
-+ gtk_label_set_text (GTK_LABEL (widget), vinagre_connection_get_host (conn));
-+
-+ username_entry = GTK_WIDGET (gtk_builder_get_object (builder, "username_entry"));
-+ password_entry = GTK_WIDGET (gtk_builder_get_object (builder, "password_entry"));
-+ domain_entry = GTK_WIDGET (gtk_builder_get_object (builder, "domain_entry"));
-+
-+ if (*username != NULL && *username[0] != '\0')
-+ {
-+ gtk_entry_set_text (GTK_ENTRY (username_entry), *username);
-+ gtk_widget_grab_focus (password_entry);
- }
-
-- if (vinagre_utils_request_credential (window,
-- "RDP",
-- vinagre_connection_get_host (conn),
-- vinagre_connection_get_domain (conn),
-- vinagre_connection_get_username (conn),
-- TRUE,
-- TRUE,
-- TRUE,
-- 20,
-- domain,
-- username,
-- password,
-- &save_in_keyring))
-+ g_signal_connect (username_entry, "changed", G_CALLBACK (entry_text_changed_cb), builder);
-+ g_signal_connect (password_entry, "changed", G_CALLBACK (entry_text_changed_cb), builder);
-+
-+
-+ widget = GTK_WIDGET (gtk_builder_get_object (builder, "save_credential_check"));
-+ save_credential_check_visible = gtk_widget_get_visible (widget);
-+ gtk_widget_set_visible (widget, FALSE);
-+
-+ widget = GTK_WIDGET (gtk_builder_get_object (builder, "domain_label"));
-+ domain_label_visible = gtk_widget_get_visible (widget);
-+ gtk_widget_set_visible (widget, TRUE);
-+
-+ domain_entry_visible = gtk_widget_get_visible (domain_entry);
-+ gtk_widget_set_visible (domain_entry, TRUE);
-+
-+
-+ response = gtk_dialog_run (GTK_DIALOG (dialog));
-+ gtk_widget_hide (dialog);
-+
-+
-+ widget = GTK_WIDGET (gtk_builder_get_object (builder, "save_credential_check"));
-+ gtk_widget_set_visible (widget, save_credential_check_visible);
-+
-+ widget = GTK_WIDGET (gtk_builder_get_object (builder, "domain_label"));
-+ gtk_widget_set_visible (widget, domain_label_visible);
-+
-+ gtk_widget_set_visible (domain_entry, domain_entry_visible);
-+
-+
-+ if (response == GTK_RESPONSE_OK)
- {
-- if (*domain && **domain != '\0')
-- vinagre_connection_set_domain (conn, *domain);
-+ domain_name = gtk_entry_get_text (GTK_ENTRY (domain_entry));
-+ if (g_strcmp0 (*domain, domain_name) != 0)
-+ *domain = g_strdup (domain_name);
-
-- if (*username && **username != '\0')
-- vinagre_connection_set_username (conn, *username);
-+ user_name = gtk_entry_get_text (GTK_ENTRY (username_entry));
-+ if (g_strcmp0 (*username, user_name) != 0)
-+ *username = g_strdup (user_name);
-
-- if (*password && **password != '\0')
-- vinagre_connection_set_password (conn, *password);
-+ *password = g_strdup (gtk_entry_get_text (GTK_ENTRY (password_entry)));
-
-- vinagre_tab_set_save_credentials (tab, save_in_keyring);
-+ return TRUE;
- }
- else
- {
-- vinagre_tab_remove_from_notebook (tab);
--
- return FALSE;
- }
--
-- return TRUE;
- }
-
- static BOOL
-@@ -1028,25 +1063,30 @@ frdp_changed_certificate_verify (freerdp *instance,
- #endif
-
- static void
--init_freerdp (VinagreRdpTab *rdp_tab)
-+open_freerdp (VinagreRdpTab *rdp_tab)
- {
- VinagreRdpTabPrivate *priv = rdp_tab->priv;
-- rdpSettings *settings;
- VinagreTab *tab = VINAGRE_TAB (rdp_tab);
- VinagreConnection *conn = vinagre_tab_get_conn (tab);
-- gboolean scaling;
-- gchar *hostname;
-- gint width, height;
-- gint port;
-+ rdpSettings *settings;
-+ GtkWindow *window = GTK_WINDOW (vinagre_tab_get_window (tab));
-+ gboolean success = TRUE;
-+ gboolean fullscreen, scaling;
-+ gchar *hostname, *username;
-+ gint port, width, height;
-
- g_object_get (conn,
- "port", &port,
- "host", &hostname,
- "width", &width,
- "height", &height,
-+ "fullscreen", &fullscreen,
- "scaling", &scaling,
-+ "username", &username,
- NULL);
-
-+ priv->events = g_queue_new ();
-+
- /* Setup FreeRDP session */
- priv->freerdp_session = freerdp_new ();
- priv->freerdp_session->PreConnect = frdp_pre_connect;
-@@ -1111,6 +1151,17 @@ init_freerdp (VinagreRdpTab *rdp_tab)
- settings->port = port;
- #endif
-
-+ /* Set username */
-+ username = g_strstrip (username);
-+ if (username != NULL && username[0] != '\0')
-+ {
-+#if HAVE_FREERDP_1_1
-+ settings->Username = g_strdup (username);
-+#else
-+ settings->username = g_strdup (username);
-+#endif
-+ }
-+
- /* Set keyboard layout */
- #if HAVE_FREERDP_1_1
- freerdp_keyboard_init (KBD_US);
-@@ -1120,24 +1171,6 @@ init_freerdp (VinagreRdpTab *rdp_tab)
-
- /* Allow font smoothing by default */
- settings->AllowFontSmoothing = TRUE;
--}
--
--static void
--init_display (VinagreRdpTab *rdp_tab)
--{
-- VinagreRdpTabPrivate *priv = rdp_tab->priv;
-- VinagreTab *tab = VINAGRE_TAB (rdp_tab);
-- VinagreConnection *conn = vinagre_tab_get_conn (tab);
-- GtkWindow *window = GTK_WINDOW (vinagre_tab_get_window (tab));
-- gboolean fullscreen, scaling;
-- gint width, height;
--
-- g_object_get (conn,
-- "width", &width,
-- "height", &height,
-- "fullscreen", &fullscreen,
-- "scaling", &scaling,
-- NULL);
-
- /* Setup display for FreeRDP session */
- priv->display = gtk_drawing_area_new ();
-@@ -1186,54 +1219,20 @@ init_display (VinagreRdpTab *rdp_tab)
- priv->key_release_handler_id = g_signal_connect (GTK_WIDGET (tab), "key-release-event",
- G_CALLBACK (frdp_key_pressed),
- rdp_tab);
--}
--
--static void
--open_freerdp (VinagreRdpTab *rdp_tab)
--{
-- VinagreRdpTabPrivate *priv = rdp_tab->priv;
-- VinagreTab *tab = VINAGRE_TAB (rdp_tab);
-- GtkWindow *window = GTK_WINDOW (vinagre_tab_get_window (tab));
-- gboolean success = TRUE;
-- gboolean authentication_error = FALSE;
-- gboolean cancelled = FALSE;
--
-- priv->events = g_queue_new ();
--
-- init_freerdp (rdp_tab);
-- init_display (rdp_tab);
--
-- do
-- {
-- authentication_error = FALSE;
-
-- /* Run FreeRDP session */
-- success = freerdp_connect (priv->freerdp_session);
-- if (!success)
-- {
-- authentication_error = freerdp_get_last_error (priv->freerdp_session->context) == 0x20009 ||
-- freerdp_get_last_error (priv->freerdp_session->context) == 0x2000c;
--
-- cancelled = freerdp_get_last_error (priv->freerdp_session->context) == 0x2000b;
--
-- freerdp_free (priv->freerdp_session);
-- init_freerdp (rdp_tab);
-- }
-- }
-- while (!success && authentication_error);
-+ /* Run FreeRDP session */
-+ success = freerdp_connect (priv->freerdp_session);
-
- if (!success)
- {
- gtk_window_unfullscreen (window);
-- if (!cancelled)
-- vinagre_utils_show_error_dialog (_("Error connecting to host."),
-- NULL,
-- window);
-+ vinagre_utils_show_error_dialog (_("Error connecting to host."),
-+ NULL,
-+ window);
- g_idle_add ((GSourceFunc) idle_close, rdp_tab);
- }
- else
- {
-- priv->authentication_attempts = 0;
- priv->update_id = g_idle_add ((GSourceFunc) update, rdp_tab);
- }
- }
---
-2.9.3
-