weston-vnc: fix neatvnc overlay to use -Dtls=disabled instead of removing gnutls
This commit is contained in:
iris
parent
cddaacd12f
commit
3e5d430873
1 changed files with 18 additions and 11 deletions
|
|
@ -57,21 +57,28 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf config.hyperhive.gui.enable {
|
config = lib.mkIf config.hyperhive.gui.enable {
|
||||||
# Build weston linked against a neatvnc without auth/crypto support.
|
# Build weston linked against a neatvnc without TLS/auth support.
|
||||||
# neatvnc ≥ 0.9 compiled with gnutls/nettle always advertises RSA-AES
|
# neatvnc ≥ 0.9 compiled with gnutls always advertises RSA-AES-256
|
||||||
# and Apple-DH security types (types 129, 5, 30) regardless of the
|
# (type 129), RSA-AES (type 5), and Apple-DH (type 30) security types
|
||||||
# weston.ini auth-method setting, causing the in-browser RFB client to
|
# regardless of the weston.ini auth-method setting — because
|
||||||
# fail with "auth failed" (it has no RSA key to complete the handshake).
|
# nvnc_has_auth() returns true at the C level, causing weston to call
|
||||||
# Removing gnutls + nettle from neatvnc's buildInputs disables the auth
|
# nvnc_enable_auth() unconditionally. The in-browser RFB client has no
|
||||||
# module at compile time, so nvnc_has_auth() returns false and weston
|
# RSA key and cannot complete these handshakes.
|
||||||
# skips nvnc_enable_auth() — neatvnc then advertises only type 1 (None).
|
#
|
||||||
|
# The fix: pass `-Dtls=disabled` to neatvnc's meson build (the option
|
||||||
|
# name from neatvnc's meson_options.txt that guards gnutls + the entire
|
||||||
|
# auth module). With TLS disabled, nvnc_has_auth() returns false, weston
|
||||||
|
# skips nvnc_enable_auth(), and neatvnc advertises only type 1 (None).
|
||||||
|
# gnutls stays in buildInputs so pkg-config resolution doesn't error;
|
||||||
|
# the meson flag overrides the feature to "disabled" at configure time.
|
||||||
nixpkgs.overlays = [
|
nixpkgs.overlays = [
|
||||||
(_final: prev: {
|
(_final: prev: {
|
||||||
weston = prev.weston.override {
|
weston = prev.weston.override {
|
||||||
neatvnc = prev.neatvnc.overrideAttrs (old: {
|
neatvnc = prev.neatvnc.overrideAttrs (old: {
|
||||||
buildInputs = builtins.filter
|
mesonFlags = (old.mesonFlags or []) ++ [
|
||||||
(p: (p.pname or p.name or "") != "gnutls")
|
"-Dtls=disabled"
|
||||||
old.buildInputs;
|
"-Dnettle=disabled"
|
||||||
|
];
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue