From: Dietmar Maurer <dietmar@proxmox.com>
Date: Mon, 3 Jun 2013 06:28:22 +0000 (+0200)
Subject: Allow to add intermediate certificates to /etc/pve/local/pve-ssl.pem
X-Git-Url: https://git.proxmox.com/?p=vncterm.git;a=commitdiff_plain;h=75f214c0252c8a8e03ec9b16082aa10299b2d36b

Allow to add intermediate certificates to /etc/pve/local/pve-ssl.pem
---

diff --git a/Makefile b/Makefile
index 0aefbdd..419ee66 100644
--- a/Makefile
+++ b/Makefile
@@ -3,7 +3,7 @@ RELEASE=3.0
 PACKAGE=vncterm
 # Note: also change version in debian/control and debian/changelog
 VERSION=1.1
-PACKAGERELEASE=3
+PACKAGERELEASE=4
 ARCH:=$(shell dpkg-architecture -qDEB_BUILD_ARCH)
 CDATE:=$(shell date +%F)
 
diff --git a/VncViewer.jar b/VncViewer.jar
index 2c750c5..854ffd6 100644
Binary files a/VncViewer.jar and b/VncViewer.jar differ
diff --git a/debian/changelog.Debian b/debian/changelog.Debian
index 4c598d8..72a238a 100644
--- a/debian/changelog.Debian
+++ b/debian/changelog.Debian
@@ -1,3 +1,10 @@
+vncterm (1.1-4) unstable; urgency=low
+
+  * Allow to add intermediate certificates to /etc/pve/local/pve-ssl.pem 
+  (users previously used apache option SSLCertificateChainFile for that).
+  
+ -- Proxmox Support Team <support@proxmox.com>  Mon, 03 Jun 2013 08:26:59 +0200
+
 vncterm (1.1-3) unstable; urgency=low
 
   *  re-enable javascript-events.patch (used for migrate/reload)
diff --git a/debian/control b/debian/control
index f45682d..f3a325f 100644
--- a/debian/control
+++ b/debian/control
@@ -1,5 +1,5 @@
 Package: vncterm
-Version: 1.1-3
+Version: 1.1-4
 Section: x11
 Priority: optional
 Depends: libc6 (>= 2.7-18), libjpeg62, zlib1g (>= 1:1.2.1), libvncserver0
diff --git a/tigerpatches/trust-manager.patch b/tigerpatches/trust-manager.patch
index 5bbd9c6..e8158d5 100644
--- a/tigerpatches/trust-manager.patch
+++ b/tigerpatches/trust-manager.patch
@@ -7,10 +7,10 @@
  certificate (or CA who signed the server certificate) as applet 
  parameter "PVECert" (newline encoded as '|').
 
-Index: new/java/src/com/tigervnc/vncviewer/X509Tunnel.java
+Index: tigervnc/java/src/com/tigervnc/vncviewer/X509Tunnel.java
 ===================================================================
---- new.orig/java/src/com/tigervnc/vncviewer/X509Tunnel.java	2013-04-20 15:24:59.000000000 +0200
-+++ new/java/src/com/tigervnc/vncviewer/X509Tunnel.java	2013-04-20 15:28:55.000000000 +0200
+--- tigervnc.orig/java/src/com/tigervnc/vncviewer/X509Tunnel.java	2013-06-03 08:17:17.000000000 +0200
++++ tigervnc/java/src/com/tigervnc/vncviewer/X509Tunnel.java	2013-06-03 08:22:52.000000000 +0200
 @@ -26,13 +26,23 @@
  import javax.net.ssl.*;
  import java.security.*;
@@ -36,7 +36,7 @@ Index: new/java/src/com/tigervnc/vncviewer/X509Tunnel.java
    }
  
    protected void setParam (SSLSocket sock)
-@@ -52,9 +62,51 @@
+@@ -52,9 +62,48 @@
    protected void initContext (SSLContext sc) throws java.security.
      GeneralSecurityException
    {
@@ -64,9 +64,6 @@ Index: new/java/src/com/tigervnc/vncviewer/X509Tunnel.java
 +	    if (certs == null || certs.length < 1) {
 +	      throw new CertificateException("no certs");
 +	    }
-+	    if (certs == null || certs.length > 1) {
-+	      throw new CertificateException("cert path too long");
-+	    }
 +	    PublicKey cakey = pvecert.getPublicKey();
 +
 +	    boolean ca_match;
@@ -91,16 +88,16 @@ Index: new/java/src/com/tigervnc/vncviewer/X509Tunnel.java
      sc.init (null, myTM, null);
    }
  
-@@ -100,4 +152,5 @@
+@@ -100,4 +149,5 @@
        return tm.getAcceptedIssuers ();
      }
    }
 +
  }
-Index: new/java/src/com/tigervnc/vncviewer/RfbProto.java
+Index: tigervnc/java/src/com/tigervnc/vncviewer/RfbProto.java
 ===================================================================
---- new.orig/java/src/com/tigervnc/vncviewer/RfbProto.java	2013-04-20 15:24:59.000000000 +0200
-+++ new/java/src/com/tigervnc/vncviewer/RfbProto.java	2013-04-20 15:28:55.000000000 +0200
+--- tigervnc.orig/java/src/com/tigervnc/vncviewer/RfbProto.java	2013-06-03 08:17:17.000000000 +0200
++++ tigervnc/java/src/com/tigervnc/vncviewer/RfbProto.java	2013-06-03 08:19:05.000000000 +0200
 @@ -411,7 +411,8 @@
      }
  
@@ -111,10 +108,10 @@ Index: new/java/src/com/tigervnc/vncviewer/RfbProto.java
  	tunnel.setup (this);
      }
  
-Index: new/java/src/com/tigervnc/vncviewer/VncViewer.java
+Index: tigervnc/java/src/com/tigervnc/vncviewer/VncViewer.java
 ===================================================================
---- new.orig/java/src/com/tigervnc/vncviewer/VncViewer.java	2013-04-20 15:28:42.000000000 +0200
-+++ new/java/src/com/tigervnc/vncviewer/VncViewer.java	2013-04-20 15:29:55.000000000 +0200
+--- tigervnc.orig/java/src/com/tigervnc/vncviewer/VncViewer.java	2013-06-03 08:19:03.000000000 +0200
++++ tigervnc/java/src/com/tigervnc/vncviewer/VncViewer.java	2013-06-03 08:19:05.000000000 +0200
 @@ -91,6 +91,8 @@
    int debugStatsExcludeUpdates;
    int debugStatsMeasureUpdates;