[kde-plasma-networkmanagement] Build against new libopenconnect
David Woodhouse
dwmw2 at fedoraproject.org
Thu Jun 14 00:37:08 UTC 2012
commit c1927d7d74dc200f70811be13774276f6177ef17
Author: David Woodhouse <David.Woodhouse at intel.com>
Date: Thu Jun 14 01:27:33 2012 +0100
Build against new libopenconnect
...-Eliminate-OpenSSL-dependencies-support-n.patch | 289 ++++++++++++++++++++
...-Fix-cancellation-of-in-progress-connecti.patch | 140 ++++++++++
...t-Fix-handling-of-host-list-in-XML-config.patch | 49 ++++
...-Connect-to-host-as-soon-as-it-s-selected.patch | 26 ++
...-Add-a-comment-about-why-we-re-removing-i.patch | 28 ++
...t-Use-Q_UNUSED-instead-of-self-assignment.patch | 69 +++++
kde-plasma-networkmanagement.spec | 21 ++-
7 files changed, 620 insertions(+), 2 deletions(-)
---
diff --git a/0001-OpenConnect-Eliminate-OpenSSL-dependencies-support-n.patch b/0001-OpenConnect-Eliminate-OpenSSL-dependencies-support-n.patch
new file mode 100644
index 0000000..8899acb
--- /dev/null
+++ b/0001-OpenConnect-Eliminate-OpenSSL-dependencies-support-n.patch
@@ -0,0 +1,289 @@
+From dee0fd854cf0467abf48b508505b2d084e21720a Mon Sep 17 00:00:00 2001
+From: David Woodhouse <David.Woodhouse at intel.com>
+Date: Fri, 1 Jun 2012 01:17:04 +0100
+Subject: [PATCH] OpenConnect: Eliminate OpenSSL dependencies, support new
+ libopenconnect
+
+Making libopenconnect support GnuTLS, required for licence compatibility
+with KDE, means retrospectively changing the ABI so that the certificate
+is treated as an opaque pointer. The library now provides a get_details()
+method to get the certificate information in text form, so use that instead
+of "knowing" that it's an OpenSSL X509 structure.
+
+Cope with a couple of other minor API changes which the change of soname
+gave us the opportunity to introduce.
+---
+ vpnplugins/openconnect/CMakeLists.txt | 21 ++++++---
+ vpnplugins/openconnect/openconnectauth.cpp | 23 +++-------
+ vpnplugins/openconnect/openconnectauth.h | 1 -
+ .../openconnect/openconnectauthworkerthread.cpp | 47 +++++++++++++-------
+ .../openconnect/openconnectauthworkerthread.h | 21 ++++++++-
+ 5 files changed, 73 insertions(+), 40 deletions(-)
+
+diff --git a/vpnplugins/openconnect/CMakeLists.txt b/vpnplugins/openconnect/CMakeLists.txt
+index 3ea15bd..d568512 100644
+--- a/vpnplugins/openconnect/CMakeLists.txt
++++ b/vpnplugins/openconnect/CMakeLists.txt
+@@ -1,11 +1,18 @@
+-set (MINIMUM_OPENCONNECT_VERSION_REQUIRED "3.03")
++set (MINIMUM_OPENCONNECT_VERSION_REQUIRED "3.99")
+
+ set(CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR} ${CMAKE_MODULE_PATH})
+-macro_optional_find_package(OpenSSL)
+-macro_log_feature(OPENSSL_FOUND "OpenSSL headers" "Encryption suite" "http://www.openssl.org" FALSE "" "Needed for OpenConnect support in Network Management")
++
+ macro_optional_find_package(OpenConnect ${MINIMUM_OPENCONNECT_VERSION_REQUIRED})
++if (${OPENCONNECT_VERSION} VERSION_LESS "3.99")
++ macro_optional_find_package(OpenSSL)
++ macro_log_feature(OPENSSL_FOUND "OpenSSL headers" "Encryption suite" "http://www.openssl.org" FALSE "" "Needed for OpenConnect support in Network Management")
++ if (OPENSSL_FOUND)
++ set (MINIMUM_OPENCONNECT_VERSION_REQUIRED "3.03")
++ set (maybe_OPENSSL_LIBRARIES ${OPENSSL_LIBRARIES})
++ endif()
++endif()
+
+-if (OPENCONNECT_FOUND AND OPENSSL_FOUND)
++if (OPENCONNECT_FOUND)
+ if (${OPENCONNECT_VERSION} VERSION_GREATER ${MINIMUM_OPENCONNECT_VERSION_REQUIRED} OR
+ ${OPENCONNECT_VERSION} VERSION_EQUAL ${MINIMUM_OPENCONNECT_VERSION_REQUIRED})
+
+@@ -25,7 +32,7 @@ if (OPENCONNECT_FOUND AND OPENSSL_FOUND)
+
+ kde4_add_plugin(networkmanagement_openconnectui ${openconnect_SRCS})
+
+- target_link_libraries(networkmanagement_openconnectui ${KDE4_KIO_LIBS} knminternals knmui ${OPENCONNECT_LIBRARIES} ${OPENSSL_LIBRARIES})
++ target_link_libraries(networkmanagement_openconnectui ${KDE4_KIO_LIBS} knminternals knmui ${OPENCONNECT_LIBRARIES} ${maybe_OPENSSL_LIBRARIES})
+ install(TARGETS networkmanagement_openconnectui DESTINATION ${PLUGIN_INSTALL_DIR})
+
+ install( FILES networkmanagement_openconnectui.desktop DESTINATION ${SERVICES_INSTALL_DIR})
+@@ -33,6 +40,6 @@ if (OPENCONNECT_FOUND AND OPENSSL_FOUND)
+ message("ERROR: OpenConnection version '${OPENCONNECT_VERSION}' does not match minimum required (${MINIMUM_OPENCONNECT_VERSION_REQUIRED})")
+ message("OpenConnect plugin will not be built")
+ endif()
+-else (OPENCONNECT_FOUND AND OPENSSL_FOUND)
++else (OPENCONNECT_FOUND)
+ message("OpenConnect plugin will not be built")
+-endif (OPENCONNECT_FOUND AND OPENSSL_FOUND)
++endif (OPENCONNECT_FOUND)
+diff --git a/vpnplugins/openconnect/openconnectauth.cpp b/vpnplugins/openconnect/openconnectauth.cpp
+index cd9504b..93eb404 100644
+--- a/vpnplugins/openconnect/openconnectauth.cpp
++++ b/vpnplugins/openconnect/openconnectauth.cpp
+@@ -35,6 +35,7 @@ License along with this library. If not, see <http://www.gnu.org/licenses/>.
+ #include <KPushButton>
+ #include <KComboBox>
+ #include <QDomDocument>
++#include <QCryptographicHash>
+
+ #include "nm-openconnect-service.h"
+
+@@ -45,8 +46,6 @@ License along with this library. If not, see <http://www.gnu.org/licenses/>.
+ extern "C"
+ {
+ #include <string.h>
+-#include <openssl/ssl.h>
+-#include <openconnect.h>
+ #include <unistd.h>
+ #include <fcntl.h>
+ }
+@@ -184,21 +183,13 @@ void OpenconnectAuthWidget::readSecrets()
+ d->certificateFingerprints.append(d->secrets[NM_OPENCONNECT_KEY_GWCERT]);
+ }
+ if (!d->secrets["xmlconfig"].isEmpty()) {
+- unsigned char sha1[SHA_DIGEST_LENGTH];
+- char sha1_text[SHA_DIGEST_LENGTH * 2];
+- EVP_MD_CTX c;
+- int i;
+
+ QByteArray config = QByteArray::fromBase64(d->secrets["xmlconfig"].toAscii());
+
+- EVP_MD_CTX_init (&c);
+- EVP_Digest (config.data(), config.size(), sha1, NULL, EVP_sha1(), NULL);
+- EVP_MD_CTX_cleanup (&c);
+-
+- for (i = 0; i < SHA_DIGEST_LENGTH; i++)
+- sprintf (&sha1_text[i*2], "%02x", sha1[i]);
+-
+- openconnect_set_xmlsha1 (d->vpninfo, sha1_text, sizeof(sha1_text));
++ QCryptographicHash hash(QCryptographicHash::Sha1);
++ hash.addData(config.data(), config.size());
++ const char *sha1_text = hash.result().toHex();
++ openconnect_set_xmlsha1 (d->vpninfo, (char *)sha1_text, strlen(sha1_text)+1);
+
+ QDomDocument xmlconfig;
+ xmlconfig.setContent(config);
+@@ -293,8 +284,8 @@ void OpenconnectAuthWidget::writeConfig()
+ secretData.insert(QLatin1String(NM_OPENCONNECT_KEY_COOKIE), QLatin1String(openconnect_get_cookie(d->vpninfo)));
+ openconnect_clear_cookie(d->vpninfo);
+
+- struct x509_st *cert = openconnect_get_peer_cert(d->vpninfo);
+- char fingerprint[EVP_MAX_MD_SIZE * 2 + 1];
++ OPENCONNECT_X509 *cert = openconnect_get_peer_cert(d->vpninfo);
++ char fingerprint[41];
+ openconnect_get_cert_sha1(d->vpninfo, cert, fingerprint);
+ secretData.insert(QLatin1String(NM_OPENCONNECT_KEY_GWCERT), QLatin1String(fingerprint));
+ secretData.insert(QLatin1String("certsigs"), d->certificateFingerprints.join("\t"));
+diff --git a/vpnplugins/openconnect/openconnectauth.h b/vpnplugins/openconnect/openconnectauth.h
+index 417bd7e..17414da 100644
+--- a/vpnplugins/openconnect/openconnectauth.h
++++ b/vpnplugins/openconnect/openconnectauth.h
+@@ -34,7 +34,6 @@ namespace Knm
+ class QLayout;
+ struct openconnect_info;
+ struct oc_auth_form;
+-struct x509_st;
+
+ class OpenconnectAuthWidgetPrivate;
+
+diff --git a/vpnplugins/openconnect/openconnectauthworkerthread.cpp b/vpnplugins/openconnect/openconnectauthworkerthread.cpp
+index ec93ab2..fc01186 100644
+--- a/vpnplugins/openconnect/openconnectauthworkerthread.cpp
++++ b/vpnplugins/openconnect/openconnectauthworkerthread.cpp
+@@ -29,9 +29,12 @@ License along with this library. If not, see <http://www.gnu.org/licenses/>.
+ extern "C"
+ {
+ #include <openconnect.h>
++#include <stdlib.h>
++#if !OPENCONNECT_CHECK_VER(1,5)
+ #include <openssl/ssl.h>
+ #include <openssl/bio.h>
+ #include <openssl/ossl_typ.h>
++#endif
+ #include <errno.h>
+ }
+
+@@ -46,7 +49,7 @@ public:
+ return static_cast<OpenconnectAuthWorkerThread*>(obj)->writeNewConfig(str, num);
+ return -1;
+ }
+- static int validatePeerCert(void *obj, struct x509_st *cert, const char *str)
++ static int validatePeerCert(void *obj, OPENCONNECT_X509 *cert, const char *str)
+ {
+ if (obj)
+ return static_cast<OpenconnectAuthWorkerThread*>(obj)->validatePeerCert(cert, str);
+@@ -69,13 +72,10 @@ public:
+ }
+ };
+
+-#ifndef OPENCONNECT_CHECK_VER
+-#define OPENCONNECT_CHECK_VER(x,y) 0
+-#endif
+ OpenconnectAuthWorkerThread::OpenconnectAuthWorkerThread(QMutex *mutex, QWaitCondition *waitForUserInput, bool *userDecidedToQuit, int cancelFd)
+ : QThread(), m_mutex(mutex), m_waitForUserInput(waitForUserInput), m_userDecidedToQuit(userDecidedToQuit)
+ {
+- m_openconnectInfo = openconnect_vpninfo_new_with_cbdata((char*)"OpenConnect VPN Agent (NetworkManager - running on KDE)",
++ m_openconnectInfo = openconnect_vpninfo_new((char*)"OpenConnect VPN Agent (NetworkManager - running on KDE)",
+ OpenconnectAuthStaticWrapper::validatePeerCert,
+ OpenconnectAuthStaticWrapper::writeNewConfig,
+ OpenconnectAuthStaticWrapper::processAuthForm,
+@@ -96,7 +96,7 @@ OpenconnectAuthWorkerThread::~OpenconnectAuthWorkerThread()
+
+ void OpenconnectAuthWorkerThread::run()
+ {
+- openconnect_init_openssl();
++ openconnect_init_ssl();
+ int ret = openconnect_obtain_cookie(m_openconnectInfo);
+ if (*m_userDecidedToQuit)
+ return;
+@@ -116,33 +116,50 @@ int OpenconnectAuthWorkerThread::writeNewConfig(char *buf, int buflen)
+ emit writeNewConfig(QString(QByteArray(buf).toBase64()));
+ return 0;
+ }
++#if !OPENCONNECT_CHECK_VER(1,5)
++static char *openconnect_get_cert_details(struct openconnect_info *vpninfo,
++ OPENCONNECT_X509 *cert)
++{
++ Q_UNUSED(vpninfo)
++
++ BIO *bp = BIO_new(BIO_s_mem());
++ BUF_MEM *certinfo;
++ char zero = 0;
++ char *ret;
++
++ X509_print_ex(bp, cert, 0, 0);
++ BIO_write(bp, &zero, 1);
++ BIO_get_mem_ptr(bp, &certinfo);
++
++ ret = strdup(certinfo->data);
++ BIO_free(bp);
+
+-int OpenconnectAuthWorkerThread::validatePeerCert(struct x509_st *cert, const char *reason)
++ return ret;
++}
++#endif
++
++int OpenconnectAuthWorkerThread::validatePeerCert(OPENCONNECT_X509 *cert, const char *reason)
+ {
+ if (*m_userDecidedToQuit)
+ return -EINVAL;
+- char fingerprint[EVP_MAX_MD_SIZE * 2 + 1];
++ char fingerprint[41];
+ int ret = 0;
+
+ ret = openconnect_get_cert_sha1(m_openconnectInfo, cert, fingerprint);
+ if (ret)
+ return ret;
+
+- BIO *bp = BIO_new(BIO_s_mem());
+- BUF_MEM *certinfo;
+- X509_print_ex(bp, cert, 0, 0);
+-
+- BIO_get_mem_ptr(bp, &certinfo);
++ char *details = openconnect_get_cert_details(m_openconnectInfo, cert);
+
+ bool accepted = false;
+ m_mutex->lock();
+ QString qFingerprint(fingerprint);
+- QString qCertinfo(certinfo->data);
++ QString qCertinfo(details);
+ QString qReason(reason);
+ emit validatePeerCert(qFingerprint, qCertinfo, qReason, &accepted);
+ m_waitForUserInput->wait(m_mutex);
+ m_mutex->unlock();
+- BIO_free(bp);
++ ::free(details);
+ if (*m_userDecidedToQuit)
+ return -EINVAL;
+
+diff --git a/vpnplugins/openconnect/openconnectauthworkerthread.h b/vpnplugins/openconnect/openconnectauthworkerthread.h
+index 7aa8dfc..798cebb 100644
+--- a/vpnplugins/openconnect/openconnectauthworkerthread.h
++++ b/vpnplugins/openconnect/openconnectauthworkerthread.h
+@@ -21,6 +21,25 @@ License along with this library. If not, see <http://www.gnu.org/licenses/>.
+ #ifndef OPENCONNECTAUTHWORKERTHREAD_H
+ #define OPENCONNECTAUTHWORKERTHREAD_H
+
++extern "C" {
++#include <openconnect.h>
++}
++
++#if OPENCONNECT_API_VERSION_MAJOR == 1
++#define openconnect_vpninfo_new openconnect_vpninfo_new_with_cbdata
++#define openconnect_init_ssl openconnect_init_openssl
++#endif
++
++#ifndef OPENCONNECT_CHECK_VER
++#define OPENCONNECT_CHECK_VER(x,y) 0
++#endif
++
++#if !OPENCONNECT_CHECK_VER(1,5)
++struct x509_st;
++#define OPENCONNECT_X509 struct x509_st
++#define OPENCONNECT_OPENSSL
++#endif
++
+ #include <QThread>
+
+ class QMutex;
+@@ -48,7 +67,7 @@ protected:
+
+ private:
+ int writeNewConfig(char *, int);
+- int validatePeerCert(struct x509_st *, const char *);
++ int validatePeerCert(OPENCONNECT_X509 *, const char *);
+ int processAuthFormP(struct oc_auth_form *);
+ void writeProgress(int level, const char *, va_list);
+
+--
+1.7.10.2
+
diff --git a/0001-OpenConnect-Fix-cancellation-of-in-progress-connecti.patch b/0001-OpenConnect-Fix-cancellation-of-in-progress-connecti.patch
new file mode 100644
index 0000000..fc758a1
--- /dev/null
+++ b/0001-OpenConnect-Fix-cancellation-of-in-progress-connecti.patch
@@ -0,0 +1,140 @@
+From 513fe79f0454344383d25fdc90d277162cbc3baa Mon Sep 17 00:00:00 2001
+From: David Woodhouse <David.Woodhouse at intel.com>
+Date: Fri, 18 May 2012 01:39:30 +0100
+Subject: [PATCH 1/5] OpenConnect: Fix cancellation of in-progress connections
+ (cherry picked from commit
+ f78e8a6f638076c9dcd316eb32cdbbef9eedb090)
+
+---
+ vpnplugins/openconnect/openconnectauth.cpp | 23 +++++++++++++++++++-
+ .../openconnect/openconnectauthworkerthread.cpp | 12 ++++++++--
+ .../openconnect/openconnectauthworkerthread.h | 4 ++--
+ 3 files changed, 34 insertions(+), 5 deletions(-)
+
+diff --git a/vpnplugins/openconnect/openconnectauth.cpp b/vpnplugins/openconnect/openconnectauth.cpp
+index 08d2b6a..036dfcd 100644
+--- a/vpnplugins/openconnect/openconnectauth.cpp
++++ b/vpnplugins/openconnect/openconnectauth.cpp
+@@ -47,6 +47,8 @@ extern "C"
+ #include <string.h>
+ #include <openssl/ssl.h>
+ #include <openconnect.h>
++#include <unistd.h>
++#include <fcntl.h>
+ }
+
+ // name/address: IP/domain name of the host (OpenConnect accepts both, so no difference here)
+@@ -70,6 +72,7 @@ public:
+ OpenconnectAuthWorkerThread *worker;
+ QList<VPNHost> hosts;
+ bool userQuit;
++ int cancelPipes[2];
+ QList<QPair<QString, int> > serverLog;
+
+ enum LogLevels {Error = 0, Info, Debug, Trace};
+@@ -83,6 +86,11 @@ OpenconnectAuthWidget::OpenconnectAuthWidget(Knm::Connection * connection, QWidg
+ d->setting = static_cast<Knm::VpnSetting *>(connection->setting(Knm::Setting::Vpn));
+ d->ui.setupUi(this);
+ d->userQuit = false;
++ if (pipe2(d->cancelPipes, O_NONBLOCK|O_CLOEXEC)) {
++ // Should never happen. Just don't do real cancellation if it does
++ d->cancelPipes[0] = -1;
++ d->cancelPipes[1] = -1;
++ }
+
+ connect(d->ui.cmbLogLevel, SIGNAL(currentIndexChanged(int)), this, SLOT(logLevelChanged(int)));
+ connect(d->ui.viewServerLog, SIGNAL(toggled(bool)), this, SLOT(viewServerLogToggled(bool)));
+@@ -92,7 +100,7 @@ OpenconnectAuthWidget::OpenconnectAuthWidget(Knm::Connection * connection, QWidg
+ d->ui.btnConnect->setIcon(KIcon("network-connect"));
+ d->ui.viewServerLog->setChecked(false);
+
+- d->worker = new OpenconnectAuthWorkerThread(&d->mutex, &d->workerWaiting, &d->userQuit);
++ d->worker = new OpenconnectAuthWorkerThread(&d->mutex, &d->workerWaiting, &d->userQuit, d->cancelPipes[0]);
+
+ // gets the pointer to struct openconnect_info (defined in openconnect.h), which contains data that OpenConnect needs,
+ // and which needs to be populated with settings we get from NM, like host, certificate or private key
+@@ -109,8 +117,13 @@ OpenconnectAuthWidget::~OpenconnectAuthWidget()
+ {
+ Q_D(OpenconnectAuthWidget);
+ d->userQuit = true;
++ if (write(d->cancelPipes[1], "x", 1)) {
++ // not a lot we can do
++ }
+ d->workerWaiting.wakeAll();
+ d->worker->wait();
++ ::close(d->cancelPipes[0]);
++ ::close(d->cancelPipes[1]);
+ deleteAllFromLayout(d->ui.loginBoxLayout);
+ delete d->worker;
+ delete d;
+@@ -228,9 +241,17 @@ void OpenconnectAuthWidget::connectHost()
+ {
+ Q_D(OpenconnectAuthWidget);
+ d->userQuit = true;
++ if (write(d->cancelPipes[1], "x", 1)) {
++ // not a lot we can do
++ }
+ d->workerWaiting.wakeAll();
+ d->worker->wait();
+ d->userQuit = false;
++
++ /* Suck out the cancel byte(s) */
++ char buf;
++ while (read(d->cancelPipes[0], &buf, 1) == 1)
++ ;
+ deleteAllFromLayout(d->ui.loginBoxLayout);
+ int i = d->ui.cmbHosts->currentIndex();
+ if (i == -1)
+diff --git a/vpnplugins/openconnect/openconnectauthworkerthread.cpp b/vpnplugins/openconnect/openconnectauthworkerthread.cpp
+index 23d8731..d8666de 100644
+--- a/vpnplugins/openconnect/openconnectauthworkerthread.cpp
++++ b/vpnplugins/openconnect/openconnectauthworkerthread.cpp
+@@ -69,8 +69,10 @@ public:
+ }
+ };
+
+-
+-OpenconnectAuthWorkerThread::OpenconnectAuthWorkerThread(QMutex *mutex, QWaitCondition *waitForUserInput, bool *userDecidedToQuit)
++#ifndef OPENCONNECT_CHECK_VER
++#define OPENCONNECT_CHECK_VER(x,y) 0
++#endif
++OpenconnectAuthWorkerThread::OpenconnectAuthWorkerThread(QMutex *mutex, QWaitCondition *waitForUserInput, bool *userDecidedToQuit, int cancelFd)
+ : QThread(), m_mutex(mutex), m_waitForUserInput(waitForUserInput), m_userDecidedToQuit(userDecidedToQuit)
+ {
+ m_openconnectInfo = openconnect_vpninfo_new_with_cbdata((char*)"OpenConnect VPN Agent (NetworkManager - running on KDE)",
+@@ -79,6 +81,12 @@ OpenconnectAuthWorkerThread::OpenconnectAuthWorkerThread(QMutex *mutex, QWaitCon
+ OpenconnectAuthStaticWrapper::processAuthForm,
+ OpenconnectAuthStaticWrapper::writeProgress,
+ this);
++#if OPENCONNECT_CHECK_VER(1,4)
++ openconnect_set_cancel_fd(m_openconnectInfo, cancelFd);
++#else
++ // Silence warning about unused parameter
++ cancelFd = cancelFd;
++#endif
+ }
+
+ OpenconnectAuthWorkerThread::~OpenconnectAuthWorkerThread()
+diff --git a/vpnplugins/openconnect/openconnectauthworkerthread.h b/vpnplugins/openconnect/openconnectauthworkerthread.h
+index 109dee1..7aa8dfc 100644
+--- a/vpnplugins/openconnect/openconnectauthworkerthread.h
++++ b/vpnplugins/openconnect/openconnectauthworkerthread.h
+@@ -32,7 +32,7 @@ class OpenconnectAuthWorkerThread : public QThread
+ Q_OBJECT
+ friend class OpenconnectAuthStaticWrapper;
+ public:
+- OpenconnectAuthWorkerThread(QMutex *, QWaitCondition *, bool *);
++ OpenconnectAuthWorkerThread(QMutex *, QWaitCondition *, bool *, int);
+ ~OpenconnectAuthWorkerThread();
+ struct openconnect_info* getOpenconnectInfo();
+
+@@ -58,4 +58,4 @@ private:
+ struct openconnect_info *m_openconnectInfo;
+ };
+
+-#endif
+\ No newline at end of file
++#endif
+--
+1.7.10.2
+
diff --git a/0002-OpenConnect-Fix-handling-of-host-list-in-XML-config.patch b/0002-OpenConnect-Fix-handling-of-host-list-in-XML-config.patch
new file mode 100644
index 0000000..44e5823
--- /dev/null
+++ b/0002-OpenConnect-Fix-handling-of-host-list-in-XML-config.patch
@@ -0,0 +1,49 @@
+From 3e0b82230093f77ed1e0540596855426b4fbdbc7 Mon Sep 17 00:00:00 2001
+From: David Woodhouse <David.Woodhouse at intel.com>
+Date: Fri, 18 May 2012 01:44:39 +0100
+Subject: [PATCH 2/5] OpenConnect: Fix handling of host list in XML config
+ (cherry picked from commit
+ 891cb81394fd4ad3d66a4be5fe274ae930e29ce2)
+
+---
+ vpnplugins/openconnect/openconnectauth.cpp | 16 +++++++++++-----
+ 1 file changed, 11 insertions(+), 5 deletions(-)
+
+diff --git a/vpnplugins/openconnect/openconnectauth.cpp b/vpnplugins/openconnect/openconnectauth.cpp
+index 036dfcd..276f781 100644
+--- a/vpnplugins/openconnect/openconnectauth.cpp
++++ b/vpnplugins/openconnect/openconnectauth.cpp
+@@ -201,19 +201,25 @@ void OpenconnectAuthWidget::readSecrets()
+
+ QDomDocument xmlconfig;
+ xmlconfig.setContent(config);
+- QDomNode serverList = xmlconfig.elementsByTagName(QLatin1String("ServerList")).at(0);
++ QDomNode anyConnectProfile = xmlconfig.elementsByTagName(QLatin1String("AnyConnectProfile")).at(0);
++ bool matchedGw = false;
++ QDomNode serverList = anyConnectProfile.firstChildElement(QLatin1String("ServerList"));
+ for (QDomElement entry = serverList.firstChildElement(QLatin1String("HostEntry")); !entry.isNull(); entry = entry.nextSiblingElement(QLatin1String("HostEntry"))) {
+ VPNHost host;
+- host.name = entry.namedItem(QLatin1String("HostName")).toText().data();
+- host.group = entry.namedItem(QLatin1String("UserGroup")).toText().data();
+- host.address = entry.namedItem(QLatin1String("HostAddress")).toText().data();
++ host.name = entry.firstChildElement(QLatin1String("HostName")).text();
++ host.group = entry.firstChildElement(QLatin1String("UserGroup")).text();
++ host.address = entry.firstChildElement(QLatin1String("HostAddress")).text();
++ if (!matchedGw && host.address == d->hosts.at(0).address) {
++ d->hosts.removeFirst();
++ matchedGw = true;
++ }
+ d->hosts.append(host);
+ }
+ }
+
+ for (int i = 0; i < d->hosts.size(); i++) {
+ d->ui.cmbHosts->addItem(d->hosts.at(i).name, i);
+- if (d->secrets["lasthost"] == d->hosts.at(i).name)
++ if (d->secrets["lasthost"] == d->hosts.at(i).name || d->secrets["lasthost"] == d->hosts.at(i).address)
+ d->ui.cmbHosts->setCurrentIndex(i);
+ }
+
+--
+1.7.10.2
+
diff --git a/0003-OpenConnect-Connect-to-host-as-soon-as-it-s-selected.patch b/0003-OpenConnect-Connect-to-host-as-soon-as-it-s-selected.patch
new file mode 100644
index 0000000..07942cf
--- /dev/null
+++ b/0003-OpenConnect-Connect-to-host-as-soon-as-it-s-selected.patch
@@ -0,0 +1,26 @@
+From 3148c41f71d18fd30beb344dfc2567d11191ab29 Mon Sep 17 00:00:00 2001
+From: David Woodhouse <David.Woodhouse at intel.com>
+Date: Fri, 18 May 2012 01:51:56 +0100
+Subject: [PATCH 3/5] OpenConnect: Connect to host as soon as it's selected
+ (cherry picked from commit
+ 9f36ed10a7b70096a6c458276f51151981ed9f0f)
+
+---
+ vpnplugins/openconnect/openconnectauth.cpp | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/vpnplugins/openconnect/openconnectauth.cpp b/vpnplugins/openconnect/openconnectauth.cpp
+index 276f781..f055951 100644
+--- a/vpnplugins/openconnect/openconnectauth.cpp
++++ b/vpnplugins/openconnect/openconnectauth.cpp
+@@ -95,6 +95,7 @@ OpenconnectAuthWidget::OpenconnectAuthWidget(Knm::Connection * connection, QWidg
+ connect(d->ui.cmbLogLevel, SIGNAL(currentIndexChanged(int)), this, SLOT(logLevelChanged(int)));
+ connect(d->ui.viewServerLog, SIGNAL(toggled(bool)), this, SLOT(viewServerLogToggled(bool)));
+ connect(d->ui.btnConnect, SIGNAL(clicked()), this, SLOT(connectHost()));
++ connect(d->ui.cmbHosts, SIGNAL(currentIndexChanged(int)), this, SLOT(connectHost()));
+
+ d->ui.cmbLogLevel->setCurrentIndex(OpenconnectAuthWidgetPrivate::Debug);
+ d->ui.btnConnect->setIcon(KIcon("network-connect"));
+--
+1.7.10.2
+
diff --git a/0004-OpenConnect-Add-a-comment-about-why-we-re-removing-i.patch b/0004-OpenConnect-Add-a-comment-about-why-we-re-removing-i.patch
new file mode 100644
index 0000000..d4733fc
--- /dev/null
+++ b/0004-OpenConnect-Add-a-comment-about-why-we-re-removing-i.patch
@@ -0,0 +1,28 @@
+From 4de617d127fd970884a4f5ad92c573c1f67c5897 Mon Sep 17 00:00:00 2001
+From: David Woodhouse <David.Woodhouse at intel.com>
+Date: Sat, 19 May 2012 00:23:59 +0100
+Subject: [PATCH 4/5] OpenConnect: Add a comment about why we're removing
+ items from the host list (cherry picked from commit
+ 5ff4f58bffec2aaa5eed27dc56ba81070cb66287)
+
+---
+ vpnplugins/openconnect/openconnectauth.cpp | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/vpnplugins/openconnect/openconnectauth.cpp b/vpnplugins/openconnect/openconnectauth.cpp
+index f055951..ed68a80 100644
+--- a/vpnplugins/openconnect/openconnectauth.cpp
++++ b/vpnplugins/openconnect/openconnectauth.cpp
+@@ -210,6 +210,9 @@ void OpenconnectAuthWidget::readSecrets()
+ host.name = entry.firstChildElement(QLatin1String("HostName")).text();
+ host.group = entry.firstChildElement(QLatin1String("UserGroup")).text();
+ host.address = entry.firstChildElement(QLatin1String("HostAddress")).text();
++ // We added the originally configured host in readConfig(). But if
++ // it matches one of the ones in the XML config (as presumably it
++ // should), remove the original and use the one with the pretty name.
+ if (!matchedGw && host.address == d->hosts.at(0).address) {
+ d->hosts.removeFirst();
+ matchedGw = true;
+--
+1.7.10.2
+
diff --git a/0005-OpenConnect-Use-Q_UNUSED-instead-of-self-assignment.patch b/0005-OpenConnect-Use-Q_UNUSED-instead-of-self-assignment.patch
new file mode 100644
index 0000000..0e72f01
--- /dev/null
+++ b/0005-OpenConnect-Use-Q_UNUSED-instead-of-self-assignment.patch
@@ -0,0 +1,69 @@
+From d22df8ea31fbd371e59d6724780c8bfd5c7ad81f Mon Sep 17 00:00:00 2001
+From: David Woodhouse <David.Woodhouse at intel.com>
+Date: Sat, 19 May 2012 00:24:19 +0100
+Subject: [PATCH 5/5] OpenConnect: Use Q_UNUSED() instead of self-assignment.
+
+REVIEW: 104979
+FIXED-IN: 0.9.0.3
+---
+ plasma_nm_version.h | 2 +-
+ vpnplugins/openconnect/openconnectauth.cpp | 12 ++++++------
+ vpnplugins/openconnect/openconnectauthworkerthread.cpp | 2 +-
+ 3 files changed, 8 insertions(+), 8 deletions(-)
+
+diff --git a/plasma_nm_version.h b/plasma_nm_version.h
+index 1b03e56..085409d 100644
+--- a/plasma_nm_version.h
++++ b/plasma_nm_version.h
+@@ -1,4 +1,4 @@
+ #ifndef PLASMA_NM_VERSION_H
+ #define PLASMA_NM_VERSION_H
+-static const char * plasmaNmVersion = "0.9.0.2 (nm09 20120507)";
++static const char * plasmaNmVersion = "0.9.0.2 (nm09 20120518)";
+ #endif
+diff --git a/vpnplugins/openconnect/openconnectauth.cpp b/vpnplugins/openconnect/openconnectauth.cpp
+index ed68a80..cd9504b 100644
+--- a/vpnplugins/openconnect/openconnectauth.cpp
++++ b/vpnplugins/openconnect/openconnectauth.cpp
+@@ -87,9 +87,9 @@ OpenconnectAuthWidget::OpenconnectAuthWidget(Knm::Connection * connection, QWidg
+ d->ui.setupUi(this);
+ d->userQuit = false;
+ if (pipe2(d->cancelPipes, O_NONBLOCK|O_CLOEXEC)) {
+- // Should never happen. Just don't do real cancellation if it does
+- d->cancelPipes[0] = -1;
+- d->cancelPipes[1] = -1;
++ // Should never happen. Just don't do real cancellation if it does
++ d->cancelPipes[0] = -1;
++ d->cancelPipes[1] = -1;
+ }
+
+ connect(d->ui.cmbLogLevel, SIGNAL(currentIndexChanged(int)), this, SLOT(logLevelChanged(int)));
+@@ -210,9 +210,9 @@ void OpenconnectAuthWidget::readSecrets()
+ host.name = entry.firstChildElement(QLatin1String("HostName")).text();
+ host.group = entry.firstChildElement(QLatin1String("UserGroup")).text();
+ host.address = entry.firstChildElement(QLatin1String("HostAddress")).text();
+- // We added the originally configured host in readConfig(). But if
+- // it matches one of the ones in the XML config (as presumably it
+- // should), remove the original and use the one with the pretty name.
++ // We added the originally configured host in readConfig(). But if
++ // it matches one of the ones in the XML config (as presumably it
++ // should), remove the original and use the one with the pretty name.
+ if (!matchedGw && host.address == d->hosts.at(0).address) {
+ d->hosts.removeFirst();
+ matchedGw = true;
+diff --git a/vpnplugins/openconnect/openconnectauthworkerthread.cpp b/vpnplugins/openconnect/openconnectauthworkerthread.cpp
+index d8666de..ec93ab2 100644
+--- a/vpnplugins/openconnect/openconnectauthworkerthread.cpp
++++ b/vpnplugins/openconnect/openconnectauthworkerthread.cpp
+@@ -85,7 +85,7 @@ OpenconnectAuthWorkerThread::OpenconnectAuthWorkerThread(QMutex *mutex, QWaitCon
+ openconnect_set_cancel_fd(m_openconnectInfo, cancelFd);
+ #else
+ // Silence warning about unused parameter
+- cancelFd = cancelFd;
++ Q_UNUSED(cancelFd);
+ #endif
+ }
+
+--
+1.7.10.2
+
diff --git a/kde-plasma-networkmanagement.spec b/kde-plasma-networkmanagement.spec
index 24daec3..a1979bc 100644
--- a/kde-plasma-networkmanagement.spec
+++ b/kde-plasma-networkmanagement.spec
@@ -1,7 +1,7 @@
Name: kde-plasma-networkmanagement
Epoch: 1
Version: 0.9.0.2
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: NetworkManager KDE 4 integration
Group: Applications/Internet
@@ -12,6 +12,15 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
# yes, 0.9.0 is still under "unstable"
Source0: ftp://ftp.kde.org/pub/kde/unstable/networkmanagement/%{version}/src/networkmanagement-%{version}.tar.bz2
+# https://git.reviewboard.kde.org/r/104979/
+Patch1: 0001-OpenConnect-Fix-cancellation-of-in-progress-connecti.patch
+Patch2: 0002-OpenConnect-Fix-handling-of-host-list-in-XML-config.patch
+Patch3: 0003-OpenConnect-Connect-to-host-as-soon-as-it-s-selected.patch
+Patch4: 0004-OpenConnect-Add-a-comment-about-why-we-re-removing-i.patch
+Patch5: 0005-OpenConnect-Use-Q_UNUSED-instead-of-self-assignment.patch
+# https://git.reviewboard.kde.org/r/105185/
+patch10: 0001-OpenConnect-Eliminate-OpenSSL-dependencies-support-n.patch
+
# Add plasma-nm to default systray if needed, for upgraders...
Source10: 00-fedora-networkmanagement.js
@@ -94,7 +103,12 @@ Requires: NetworkManager-openconnect
%prep
%setup -q -n networkmanagement-%{version}
-
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch10 -p1
%build
mkdir -p %{_target_platform}
@@ -221,6 +235,9 @@ gtk-update-icon-cache %{_kde4_iconsdir}/oxygen &> /dev/null || :
%changelog
+* Tue Jun 14 2012 David Woodhouse <David.Woodhouse at intel.com> - 0.9.0.2-3
+- Merge OpenConnect fixes to build with new libopenconnect
+
* Tue May 22 2012 Lukas Tinkl <ltinkl at redhat.com> 0.9.0.2-2
- add RHEL/Fedora condition
More information about the scm-commits
mailing list