From a9964ef276a8d5ef2e337ee4a2a268234f453157 Mon Sep 17 00:00:00 2001
From: Thomas Gerbet <thomas@gerbet.me>
Date: Sat, 17 Apr 2021 19:54:21 +0200
Subject: spice-vdagent: 0.20.0 -> 0.21.0

Fixes CVE-2020-25650, CVE-2020-25651, CVE-2020-25652 and
CVE-2020-25653.

Changelog:
https://gitlab.freedesktop.org/spice/linux/vd_agent/-/blob/spice-vdagent-0.21.0/CHANGELOG.md
---
 .../virtualization/spice-vdagent/default.nix       | 13 ++--
 .../virtualization/spice-vdagent/timeout.diff      | 84 ----------------------
 2 files changed, 5 insertions(+), 92 deletions(-)
 delete mode 100644 pkgs/applications/virtualization/spice-vdagent/timeout.diff

(limited to 'pkgs/applications/virtualization')

diff --git a/pkgs/applications/virtualization/spice-vdagent/default.nix b/pkgs/applications/virtualization/spice-vdagent/default.nix
index 48b0423983d2e..67ac8119fd542 100644
--- a/pkgs/applications/virtualization/spice-vdagent/default.nix
+++ b/pkgs/applications/virtualization/spice-vdagent/default.nix
@@ -2,15 +2,12 @@
  libpciaccess, libxcb, libXrandr, libXinerama, libXfixes, dbus, libdrm,
  systemd}:
 stdenv.mkDerivation rec {
-  name = "spice-vdagent-0.20.0";
+  pname = "spice-vdagent";
+  version = "0.21.0";
   src = fetchurl {
-    url = "https://www.spice-space.org/download/releases/${name}.tar.bz2";
-    sha256 = "0n9k2kna2gd1zi6jv45zsp2jlv439nz5l5jjijirxqaycwi74srf";
+    url = "https://www.spice-space.org/download/releases/${pname}-${version}.tar.bz2";
+    sha256 = "0n8jlc1pv6mkry161y656b1nk9hhhminjq6nymzmmyjl7k95ymzx";
   };
-  NIX_CFLAGS_COMPILE = [ "-Wno-error=address-of-packed-member" ];
-  patchFlags = [ "-uNp1" ];
-  # included in the next release.
-  patches = [ ./timeout.diff ];
   postPatch = ''
     substituteInPlace data/spice-vdagent.desktop --replace /usr $out
   '';
@@ -29,7 +26,7 @@ stdenv.mkDerivation rec {
        * Multiple displays
     '';
     homepage = "https://www.spice-space.org/";
-    license = lib.licenses.gpl3;
+    license = lib.licenses.gpl3Plus;
     maintainers = [ lib.maintainers.aboseley ];
     platforms = lib.platforms.linux;
   };
diff --git a/pkgs/applications/virtualization/spice-vdagent/timeout.diff b/pkgs/applications/virtualization/spice-vdagent/timeout.diff
deleted file mode 100644
index 2021e98e41f29..0000000000000
--- a/pkgs/applications/virtualization/spice-vdagent/timeout.diff
+++ /dev/null
@@ -1,84 +0,0 @@
-diff --git a/src/udscs.c b/src/udscs.c
-index 4de75f8..7c99eed 100644
---- a/src/udscs.c
-+++ b/src/udscs.c
-@@ -186,6 +186,7 @@ struct udscs_server *udscs_server_new(
-     server->read_callback = read_callback;
-     server->error_cb = error_cb;
-     server->service = g_socket_service_new();
-+    g_socket_service_stop(server->service);
- 
-     g_signal_connect(server->service, "incoming",
-         G_CALLBACK(udscs_server_accept_cb), server);
-@@ -223,6 +224,11 @@ void udscs_server_listen_to_address(struct udscs_server *server,
-     g_object_unref(sock_addr);
- }
- 
-+void udscs_server_start(struct udscs_server *server)
-+{
-+    g_socket_service_start(server->service);
-+}
-+
- void udscs_server_destroy_connection(struct udscs_server *server,
-                                      UdscsConnection     *conn)
- {
-diff --git a/src/udscs.h b/src/udscs.h
-index 45ebd3f..4f7ea36 100644
---- a/src/udscs.h
-+++ b/src/udscs.h
-@@ -98,6 +98,8 @@ void udscs_server_listen_to_address(struct udscs_server *server,
-                                     const gchar         *addr,
-                                     GError             **err);
- 
-+void udscs_server_start(struct udscs_server *server);
-+
- void udscs_server_destroy_connection(struct udscs_server *server,
-                                      UdscsConnection     *conn);
- 
-diff --git a/src/vdagentd/vdagentd.c b/src/vdagentd/vdagentd.c
-index cfd0a51..753c9bf 100644
---- a/src/vdagentd/vdagentd.c
-+++ b/src/vdagentd/vdagentd.c
-@@ -1184,10 +1184,6 @@ int main(int argc, char *argv[])
-         uinput_device = g_strdup(DEFAULT_UINPUT_DEVICE);
-     }
- 
--    g_unix_signal_add(SIGINT, signal_handler, NULL);
--    g_unix_signal_add(SIGHUP, signal_handler, NULL);
--    g_unix_signal_add(SIGTERM, signal_handler, NULL);
--
-     openlog("spice-vdagentd", do_daemonize ? 0 : LOG_PERROR, LOG_USER);
- 
-     /* Setup communication with vdagent process(es) */
-@@ -1228,9 +1224,6 @@ int main(int argc, char *argv[])
-         }
-     }
- 
--    if (do_daemonize)
--        daemonize();
--
- #ifdef WITH_STATIC_UINPUT
-     uinput = vdagentd_uinput_create(uinput_device, 1024, 768, NULL, 0,
-                                     debug > 1, uinput_fake);
-@@ -1240,6 +1233,13 @@ int main(int argc, char *argv[])
-     }
- #endif
- 
-+    if (do_daemonize)
-+        daemonize();
-+
-+    g_unix_signal_add(SIGINT, signal_handler, NULL);
-+    g_unix_signal_add(SIGHUP, signal_handler, NULL);
-+    g_unix_signal_add(SIGTERM, signal_handler, NULL);
-+
-     if (want_session_info)
-         session_info = session_info_create(debug);
-     if (session_info) {
-@@ -1252,6 +1252,7 @@ int main(int argc, char *argv[])
- 
-     active_xfers = g_hash_table_new(g_direct_hash, g_direct_equal);
- 
-+    udscs_server_start(server);
-     loop = g_main_loop_new(NULL, FALSE);
-     g_main_loop_run(loop);
- 
-- 
cgit 1.4.1