Updated patch
Description: Fix compiler warnings, TLS deprecation warnings Also fixes https://bugs.debian.org/759259 . wmbiff (0.4.27-2.2) unstable; urgency=medium . * Non-maintainer upload. * Switch to quilt v3 format. * 15_no_more_LZO.diff: Stop trying to use gnutls LZO compression, which was removed upstream. Closes: #638736 * 16_gnutls_deprecated.diff: Pull parts of 4e9e018b2236e00aa591f1d5d99ec59f74475480 from upstream GIT, use gnutls_certificate_verify_peers2() instead of gnutls_certificate_verify_peers(). Closes: #624083 * 10_use_pkg-config.diff/11_autoconfgenchanges.diff: gnutls_certificate_verify_peers2() was added in gnutls 1.2.0, check for this version in ./configure. * Build against libgnutls28-dev/libgcrypt20-dev. Author: Andreas Metzler <ametz...@debian.org> Bug-Debian: https://bugs.debian.org/624083 Bug-Debian: https://bugs.debian.org/638736
--- The information above should follow the Patch Tagging Guidelines, please checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here are templates for supplementary fields that you might want to add: Origin: <vendor|upstream|other>, <url of original patch> Bug: <url in upstream bugtracker> Bug-Debian: https://bugs.debian.org/<bugnumber> Bug-Ubuntu: https://launchpad.net/bugs/<bugnumber> Forwarded: <no|not-needed|url proving that it has been forwarded> Reviewed-By: <name and email of someone who approved the patch> Last-Update: <YYYY-MM-DD> --- a/wmbiff/Client.h +++ b/wmbiff/Client.h @@ -184,7 +184,7 @@ #define max(x,y) ({ \ const typeof(x) _xa = (x); \ const typeof(y) _ya = (y); \ - (void) (&_xa == &_ya); \ + (void) ((void *)&_xa == (void *)&_ya); \ _xa > _ya ? _xa : _ya; }) #endif --- a/wmbiff/Pop3Client.c +++ b/wmbiff/Pop3Client.c @@ -408,7 +408,7 @@ char buf[BUF_SIZE]; tlscomm_printf(scs, "USER %s\r\n", PCU.userName); - if (tlscomm_gets(buf, BUF_SIZE, scs) == NULL) { + if (tlscomm_gets(buf, BUF_SIZE, scs) == 0) { POP_DM(pc, DEBUG_ERROR, "Error reading from server authenticating '%s@%s:%d'\n", PCU.userName, PCU.serverName, PCU.serverPort); @@ -426,7 +426,7 @@ tlscomm_printf(scs, "PASS %s\r\n", PCU.password); - if (tlscomm_gets(buf, BUF_SIZE, scs) == NULL) { + if (tlscomm_gets(buf, BUF_SIZE, scs) == 0) { POP_DM(pc, DEBUG_ERROR, "Error reading from server (2) authenticating '%s@%s:%d'\n", PCU.userName, PCU.serverName, PCU.serverPort); @@ -437,7 +437,7 @@ PCU.password[0] = '\0'; ask_user_for_password(pc, 1); /* 1=overwrite the cache */ tlscomm_printf(scs, "PASS %s\r\n", PCU.password); - if (tlscomm_gets(buf, BUF_SIZE, scs) == NULL) { + if (tlscomm_gets(buf, BUF_SIZE, scs) == 0) { POP_DM(pc, DEBUG_ERROR, "Error reading from server (2) authenticating '%s@%s:%d'\n", PCU.userName, PCU.serverName, PCU.serverPort); --- a/wmbiff/gnutls-common.c +++ b/wmbiff/gnutls-common.c @@ -34,11 +34,12 @@ } -void print_x509_info(gnutls_session session, const char* hostname) +void print_x509_info(gnutls_session_t session, const char* hostname) { - gnutls_x509_crt crt; - const gnutls_datum *cert_list; - int cert_list_size = 0, ret; + gnutls_x509_crt_t crt; + const gnutls_datum_t *cert_list; + unsigned int cert_list_size = 0; + int ret; char digest[20]; char serial[40]; char dn[256]; @@ -106,7 +107,7 @@ if (xml) { #ifdef ENABLE_PKI - gnutls_datum xml_data; + gnutls_datum_t xml_data; ret = gnutls_x509_crt_to_xml( crt, &xml_data, 0); if (ret < 0) { @@ -199,7 +200,7 @@ #ifdef HAVE_LIBOPENCDK -void print_openpgp_info(gnutls_session session, const char* hostname) +void print_openpgp_info(gnutls_session_t session, const char* hostname) { char digest[20]; @@ -211,7 +212,7 @@ char name[256]; size_t name_len = sizeof(name); gnutls_openpgp_key crt; - const gnutls_datum *cert_list; + const gnutls_datum_t *cert_list; int cert_list_size = 0; time_t expiret; time_t activet; @@ -258,7 +259,7 @@ } if (xml) { - gnutls_datum xml_data; + gnutls_datum_t xml_data; ret = gnutls_openpgp_key_to_xml( crt, &xml_data, 0); if (ret < 0) { @@ -331,7 +332,7 @@ #endif -void print_cert_vrfy(gnutls_session session) +void print_cert_vrfy(gnutls_session_t session) { unsigned int status; @@ -367,11 +368,11 @@ } } -int print_info(gnutls_session session, const char* hostname) +int print_info(gnutls_session_t session, const char* hostname) { const char *tmp; - gnutls_credentials_type cred; - gnutls_kx_algorithm kx; + gnutls_credentials_type_t cred; + gnutls_kx_algorithm_t kx; /* print the key exchange's algorithm name @@ -452,7 +453,7 @@ return 0; } -void print_cert_info(gnutls_session session, const char* hostname) +void print_cert_info(gnutls_session_t session, const char* hostname) { printf("- Certificate type: "); --- a/wmbiff/gnutls-common.h +++ b/wmbiff/gnutls-common.h @@ -25,8 +25,8 @@ extern const char str_unknown[]; -int print_info( gnutls_session state, const char* hostname); -void print_cert_info( gnutls_session state, const char* hostname); +int print_info( gnutls_session_t state, const char* hostname); +void print_cert_info( gnutls_session_t state, const char* hostname); void print_list(void); void parse_comp( char** comp, int ncomp, int* comp_priority); --- a/wmbiff/test_tlscomm.c +++ b/wmbiff/test_tlscomm.c @@ -5,6 +5,8 @@ #include <sys/time.h> #include <unistd.h> +#include "tlsComm.h" + int debug_default = 2; int SkipCertificateCheck = 0; const char *certificate_filename = NULL; --- a/wmbiff/test_wmbiff.c +++ b/wmbiff/test_wmbiff.c @@ -366,7 +366,7 @@ { struct sockaddr_in addr; int s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); - int addrlen = sizeof(struct sockaddr_in); + socklen_t addrlen = sizeof(struct sockaddr_in); if (s < 0) { perror("socket"); return 1; --- a/wmbiff/tlsComm.c +++ b/wmbiff/tlsComm.c @@ -55,8 +55,8 @@ int sd; char *name; #ifdef USE_GNUTLS - gnutls_session tls_state; - gnutls_certificate_credentials xcred; + gnutls_session_t tls_state; + gnutls_certificate_credentials_t xcred; #else /*@null@ */ void *tls_state; /*@null@ */ void *xcred; @@ -305,9 +305,10 @@ va_end(args); if (scs->sd != -1) { + int written; #ifdef USE_GNUTLS if (scs->tls_state) { - int written = gnutls_write(scs->tls_state, buf, bytes); + written = gnutls_write(scs->tls_state, buf, bytes); if (written < bytes) { TDM(DEBUG_ERROR, "Error %s prevented writing: %*s\n", @@ -316,7 +317,15 @@ } } else #endif - (void) write(scs->sd, buf, bytes); + { + written = write(scs->sd, buf, bytes); + if (written < bytes) { + TDM(DEBUG_ERROR, + "Error %s prevented writing: %*s\n", + strerror(written), bytes, buf); + return; + } + } } else { printf ("warning: tlscomm_printf called with an invalid socket descriptor\n"); @@ -359,13 +368,13 @@ #define CERT_SEP "-----BEGIN" /* this bit is based on read_ca_file() in gnutls */ -static int tls_compare_certificates(const gnutls_datum * peercert) +static int tls_compare_certificates(const gnutls_datum_t * peercert) { - gnutls_datum cert; + gnutls_datum_t cert; unsigned char *ptr; FILE *fd1; int ret; - gnutls_datum b64_data; + gnutls_datum_t b64_data; unsigned char *b64_data_data; struct stat filestat; @@ -373,7 +382,7 @@ return 0; b64_data.size = filestat.st_size + 1; - b64_data_data = (unsigned char *) malloc(b64_data.size); + b64_data_data = malloc(b64_data.size); b64_data_data[b64_data.size - 1] = '\0'; b64_data.data = b64_data_data; @@ -392,8 +401,8 @@ return 0; } - ptr = (unsigned char *) strstr(b64_data.data, CERT_SEP) + 1; - ptr = (unsigned char *) strstr(ptr, CERT_SEP); + ptr = (unsigned char *) strstr((char *)b64_data.data, CERT_SEP) + 1; + ptr = (unsigned char *) strstr((char *)ptr, CERT_SEP); b64_data.size = b64_data.size - (ptr - b64_data.data); b64_data.data = ptr; @@ -422,9 +431,9 @@ { int ret; unsigned int certstat; - const gnutls_datum *cert_list; + const gnutls_datum_t *cert_list; unsigned int cert_list_size = 0; - gnutls_x509_crt cert; + gnutls_x509_crt_t cert; if (gnutls_auth_get_type(scs->tls_state) != GNUTLS_CRD_CERTIFICATE) { bad_certificate(scs, "Unable to get certificate from peer.\n"); @@ -553,6 +562,9 @@ assert(gnutls_init(&scs->tls_state, GNUTLS_CLIENT) == 0); { +#if 1 // HAVE_GNUTLS_PRIORITY_SET_DIRECT + assert(gnutls_priority_set_direct(scs->tls_state, "NORMAL", NULL) == 0); +#else const int protocols[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 }; const int ciphers[] = { GNUTLS_CIPHER_RIJNDAEL_128_CBC, GNUTLS_CIPHER_3DES_CBC, @@ -572,6 +584,7 @@ 0); assert(gnutls_kx_set_priority(scs->tls_state, key_exch) == 0); assert(gnutls_mac_set_priority(scs->tls_state, mac) == 0); +#endif /* no client private key */ if (gnutls_certificate_allocate_credentials(&scs->xcred) < 0) { DMA(DEBUG_ERROR, "gnutls memory error\n"); @@ -601,8 +614,7 @@ gnutls_cred_set(scs->tls_state, GNUTLS_CRD_CERTIFICATE, scs->xcred); - gnutls_transport_set_ptr(scs->tls_state, - (gnutls_transport_ptr) sd); + gnutls_transport_set_int(scs->tls_state, sd); do { zok = gnutls_handshake(scs->tls_state); } --- a/wmbiff/wmbiff.c +++ b/wmbiff/wmbiff.c @@ -21,6 +21,7 @@ #include <signal.h> #include <X11/Xlib.h> +#include <X11/XKBlib.h> #include <X11/xpm.h> #include <X11/cursorfont.h> #include <X11/keysym.h> @@ -1135,7 +1136,7 @@ break; case KeyPress:{ XKeyPressedEvent *xkpe = (XKeyPressedEvent *) & Event; - KeySym ks = XKeycodeToKeysym(display, xkpe->keycode, 0); + KeySym ks = XkbKeycodeToKeysym(display, xkpe->keycode, 0, 0); if (ks > XK_0 && ks < XK_0 + min(9U, num_mailboxes)) { const char *click_action = mbox[ks - XK_1].action; if (click_action != NULL @@ -1158,7 +1159,6 @@ static void do_biff(int argc, const char **argv) { unsigned int i; - time_t curtime; int Sleep_Interval; const char **skin_xpm = NULL; const char **bkg_xpm = NULL; @@ -1206,7 +1206,6 @@ } /* First time setup of button regions and labels */ - curtime = time(0); for (i = 0; i < num_mailboxes; i++) { /* make it easy to recover the mbox index from a mouse click */ AddMouseRegion(i, x_origin, mbox_y(i), 58, mbox_y(i + 1) - 1);
