From e64a5f87d0e9d4c02cffb84a082f008760655848 Mon Sep 17 00:00:00 2001
From: Ryan Kuba <ryan.kuba@kasmweb.com>
Date: Fri, 24 Feb 2023 12:02:28 +0000
Subject: [PATCH] Resolve KASM-4032 "Feature/ build fedora 37"

---
 .gitlab-ci.yml                                |  36 +++++
 builder/build.sh                              |   5 +-
 ...ile.fedora_thirtyseven.barebones.rpm.test} |   2 +-
 builder/dockerfile.fedora_thirtyseven.build   |  65 +++++++++
 ...> dockerfile.fedora_thirtyseven.rpm.build} |   4 +-
 ...=> dockerfile.fedora_thirtyseven.rpm.test} |   4 +-
 builder/dockerfile.fedora_thirtythree.build   |  38 ------
 fedora/kasmvncserver.spec                     | 124 ++++++++++++++++++
 8 files changed, 234 insertions(+), 44 deletions(-)
 rename builder/{dockerfile.fedora_thirtythree.barebones.rpm.test => dockerfile.fedora_thirtyseven.barebones.rpm.test} (96%)
 create mode 100644 builder/dockerfile.fedora_thirtyseven.build
 rename builder/{dockerfile.fedora_thirtythree.rpm.build => dockerfile.fedora_thirtyseven.rpm.build} (86%)
 rename builder/{dockerfile.fedora_thirtythree.rpm.test => dockerfile.fedora_thirtyseven.rpm.test} (96%)
 delete mode 100644 builder/dockerfile.fedora_thirtythree.build
 create mode 100644 fedora/kasmvncserver.spec

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index b7fb76b..9148f7b 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -385,6 +385,42 @@ build_opensuse_15_arm:
     paths:
       - output/
 
+build_fedora_thirtyseven:
+  stage: build
+  allow_failure: true
+  before_script:
+    - *prepare_build
+    - *prepare_www
+  after_script:
+    - *prepare_artfacts
+  script:
+    - bash builder/build-package fedora thirtyseven;
+  only:
+    variables:
+      - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
+  artifacts:
+    paths:
+      - output/
+
+build_fedora_thirtyseven_arm:
+  stage: build
+  allow_failure: true
+  tags:
+    - oci-fixed-arm64
+  before_script:
+    - *prepare_build
+    - *prepare_www
+  after_script:
+    - *prepare_artfacts
+  script:
+    - bash builder/build-package fedora thirtyseven;
+  only:
+    variables:
+      - $BUILD_JOBS == 'all' || $BUILD_JOBS =~ $CI_JOB_NAME
+  artifacts:
+    paths:
+      - output/
+
 test:
   stage: test
   before_script:
diff --git a/builder/build.sh b/builder/build.sh
index 52d80c0..6e6832d 100755
--- a/builder/build.sh
+++ b/builder/build.sh
@@ -40,7 +40,7 @@ EOF
 #sudo apt-get install cmake git libjpeg-dev libgnutls-dev
 
 # Gcc12 builds fail due to bug
-fail_on_gcc_12
+#fail_on_gcc_12
 
 # Ubuntu applies a million patches, but here we use upstream to simplify matters
 cd /tmp
@@ -89,6 +89,7 @@ ensure_crashpad_can_fetch_line_number_by_address
 if [ "${KASMVNC_BUILD_OS}" == "opensuse" ]; then
   sed -i 's/LIBGL="gl >= 7.1.0"/LIBGL="gl >= 1.1"/g' configure
 fi
+# build X11
 ./configure --prefix=/opt/kasmweb \
 	--with-xkb-path=/usr/share/X11/xkb \
 	--with-xkb-output=/var/lib/xkb \
@@ -101,6 +102,8 @@ fi
 	--disable-dmx --disable-xwin --disable-xephyr --disable-kdrive \
 	--disable-config-hal --disable-config-udev \
 	--disable-dri2 --enable-glx --disable-xwayland --disable-dri3
+# remove array bounds errors for new versions of GCC
+find . -name "Makefile" -exec sed -i 's/-Werror=array-bounds//g' {} \;
 make -j5
 
 # modifications for the servertarball
diff --git a/builder/dockerfile.fedora_thirtythree.barebones.rpm.test b/builder/dockerfile.fedora_thirtyseven.barebones.rpm.test
similarity index 96%
rename from builder/dockerfile.fedora_thirtythree.barebones.rpm.test
rename to builder/dockerfile.fedora_thirtyseven.barebones.rpm.test
index 07f215c..ba97bf8 100644
--- a/builder/dockerfile.fedora_thirtythree.barebones.rpm.test
+++ b/builder/dockerfile.fedora_thirtyseven.barebones.rpm.test
@@ -1,4 +1,4 @@
-FROM fedora:33
+FROM fedora:37
 
 ENV STARTUPDIR=/dockerstartup
 
diff --git a/builder/dockerfile.fedora_thirtyseven.build b/builder/dockerfile.fedora_thirtyseven.build
new file mode 100644
index 0000000..b83db05
--- /dev/null
+++ b/builder/dockerfile.fedora_thirtyseven.build
@@ -0,0 +1,65 @@
+FROM fedora:37
+
+ENV KASMVNC_BUILD_OS fedora
+ENV KASMVNC_BUILD_OS_CODENAME thirtyseven
+ENV XORG_VER 1.20.7
+
+RUN \
+  echo "**** install build deps ****" && \
+  dnf install -y \
+    autoconf \
+    automake \
+    bzip2 \
+    cmake \
+    gcc \
+    gcc-c++ \
+    git \
+    libdrm-devel \
+    libepoxy-devel \
+    libjpeg-turbo-devel \
+    libjpeg-turbo-static \
+    libpciaccess-devel \
+    libtool \
+    libwebp-devel \
+    libX11-devel \
+    libXau-devel \
+    libxcb-devel \
+    libXcursor-devel \
+    libxcvt-devel \
+    libXdmcp-devel \
+    libXext-devel \
+    libXfont2-devel \
+    libxkbfile-devel \
+    libXrandr-devel \
+    libxshmfence-devel \
+    libXtst-devel \
+    mesa-libEGL-devel \
+    mesa-libGL-devel \
+    meson \
+    nettle-devel \
+    openssl-devel \
+    patch \
+    pixman-devel \
+    wayland-devel \
+    wget \
+    xcb-util-devel \
+    xcb-util-image-devel \
+    xcb-util-keysyms-devel \
+    xcb-util-renderutil-devel \
+    xcb-util-wm-devel \
+    xinit \
+    xkbcomp \
+    xkbcomp-devel \
+    xkeyboard-config \
+    xorg-x11-font-utils \
+    xorg-x11-proto-devel \
+    xorg-x11-server-common \
+    xorg-x11-server-devel \
+    xorg-x11-xtrans-devel
+
+RUN useradd -m docker && echo "docker:docker" | chpasswd
+
+COPY --chown=docker:docker . /src/
+
+USER docker
+ENTRYPOINT ["/src/builder/build.sh"]
diff --git a/builder/dockerfile.fedora_thirtythree.rpm.build b/builder/dockerfile.fedora_thirtyseven.rpm.build
similarity index 86%
rename from builder/dockerfile.fedora_thirtythree.rpm.build
rename to builder/dockerfile.fedora_thirtyseven.rpm.build
index ae92ec7..8384b10 100644
--- a/builder/dockerfile.fedora_thirtythree.rpm.build
+++ b/builder/dockerfile.fedora_thirtyseven.rpm.build
@@ -1,11 +1,11 @@
-FROM fedora:33
+FROM fedora:37
 
 RUN dnf install -y fedora-packager fedora-review
 RUN dnf install -y tree vim less
 RUN dnf install -y redhat-lsb-core
 RUN dnf install -y dnf-plugins-core
 
-COPY centos/*.spec /tmp
+COPY fedora/*.spec /tmp
 RUN dnf builddep -y /tmp/*.spec
 
 RUN useradd -m docker && echo "docker:docker" | chpasswd
diff --git a/builder/dockerfile.fedora_thirtythree.rpm.test b/builder/dockerfile.fedora_thirtyseven.rpm.test
similarity index 96%
rename from builder/dockerfile.fedora_thirtythree.rpm.test
rename to builder/dockerfile.fedora_thirtyseven.rpm.test
index fdbcd9c..2bce89f 100644
--- a/builder/dockerfile.fedora_thirtythree.rpm.test
+++ b/builder/dockerfile.fedora_thirtyseven.rpm.test
@@ -1,4 +1,4 @@
-FROM fedora:33
+FROM fedora:37
 
 ENV DISPLAY=:1 \
     VNC_PORT=8443 \
@@ -47,7 +47,7 @@ COPY builder/startup/ $STARTUPDIR
 
 ### START CUSTOM STUFF ####
 COPY ./builder/scripts/ /tmp/scripts/
-COPY ./centos/kasmvncserver.spec /tmp
+COPY ./fedora/kasmvncserver.spec /tmp
 
 ARG KASMVNC_PACKAGE_DIR
 COPY $KASMVNC_PACKAGE_DIR/*.rpm /tmp/
diff --git a/builder/dockerfile.fedora_thirtythree.build b/builder/dockerfile.fedora_thirtythree.build
deleted file mode 100644
index b9f5720..0000000
--- a/builder/dockerfile.fedora_thirtythree.build
+++ /dev/null
@@ -1,38 +0,0 @@
-FROM fedora:33
-
-ENV KASMVNC_BUILD_OS fedora
-ENV KASMVNC_BUILD_OS_CODENAME thirtythree
-ENV XORG_VER 1.20.10
-
-# RUN dnf install -y build-dep xorg-server libxfont-dev sudo
-RUN dnf install -y gcc cmake git gnutls-devel vim wget
-#tightvncserver
-RUN dnf install -y libjpeg-turbo-devel libpng-devel libtiff-devel giflib-devel openssl-devel
-
-#libavcodec-dev
-RUN dnf -y install https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm
-RUN dnf -y install https://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm
-RUN dnf -y install ffmpeg-devel
-
-RUN dnf install -y make
-RUN dnf group install -y "Development Tools"
-RUN dnf install -y xorg-x11-server-devel zlib-devel libjpeg-turbo-devel
-RUN dnf install -y libxkbfile-devel libXfont2-devel xorg-x11-font-utils \
-  xorg-x11-xtrans-devel xorg-x11-xkb-utils-devel libXrandr-devel libXtst-devel \
-  libXcursor-devel
-RUN dnf install -y mesa-dri-drivers
-RUN dnf install -y bzip2 redhat-lsb-core
-
-# Additions for webp
-RUN cd /tmp && wget https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-1.0.2.tar.gz
-RUN cd /tmp && tar -xzf /tmp/libwebp-*
-RUN cd /tmp/libwebp-1.0.2 && \
-    ./configure --enable-static --disable-shared && \
-    make && make install
-
-RUN useradd -m docker && echo "docker:docker" | chpasswd
-
-COPY --chown=docker:docker . /src/
-
-USER docker
-ENTRYPOINT ["/src/builder/build.sh"]
diff --git a/fedora/kasmvncserver.spec b/fedora/kasmvncserver.spec
new file mode 100644
index 0000000..412cbf4
--- /dev/null
+++ b/fedora/kasmvncserver.spec
@@ -0,0 +1,124 @@
+Name:           kasmvncserver
+Version:        1.0.0
+Release:        1%{?dist}
+Summary:        VNC server accessible from a web browser
+
+License: GPLv2+
+URL: https://github.com/kasmtech/KasmVNC
+
+BuildRequires: rsync
+Requires: xorg-x11-xauth, xkeyboard-config, openssl, perl, perl-Switch, perl-YAML-Tiny, perl-Hash-Merge-Simple, perl-Scalar-List-Utils, perl-List-MoreUtils, perl-Try-Tiny
+Conflicts: tigervnc-server, tigervnc-server-minimal
+
+%description
+KasmVNC provides remote web-based access to a Desktop or application. 
+While VNC is in the name, KasmVNC differs from other VNC variants such 
+as TigerVNC, RealVNC, and TurboVNC. KasmVNC has broken from the RFB 
+specification which defines VNC, in order to support modern technologies 
+and increase security. KasmVNC is accessed by users from any modern 
+browser and does not support legacy VNC viewer applications. KasmVNC 
+uses a modern YAML based configuration at the server and user level, 
+allowing for ease of management. KasmVNC is maintained by Kasm 
+Technologies Corp, www.kasmweb.com.
+
+WARNING: this package requires EPEL.
+
+%prep
+
+%install
+rm -rf $RPM_BUILD_ROOT
+
+TARGET_OS=$(lsb_release -is | tr '[:upper:]' '[:lower:]')
+TARGET_OS_CODENAME=$(lsb_release -cs | tr '[:upper:]' '[:lower:]')
+TARBALL=$RPM_SOURCE_DIR/kasmvnc.${TARGET_OS}_${TARGET_OS_CODENAME}.tar.gz
+TAR_DATA=$(mktemp -d)
+tar -xzf "$TARBALL" -C "$TAR_DATA"
+
+SRC=$TAR_DATA/usr/local
+SRC_BIN=$SRC/bin
+DESTDIR=$RPM_BUILD_ROOT
+DST_MAN=$DESTDIR/usr/share/man/man1
+
+mkdir -p $DESTDIR/usr/bin $DESTDIR/usr/share/man/man1 \
+  $DESTDIR/usr/share/doc/kasmvncserver $DESTDIR/usr/lib \
+  $DESTDIR/usr/share/perl5 $DESTDIR/etc/kasmvnc
+
+cp $SRC_BIN/Xvnc $DESTDIR/usr/bin;
+cp $SRC_BIN/vncserver $DESTDIR/usr/bin;
+cp -a $SRC_BIN/KasmVNC $DESTDIR/usr/share/perl5/
+cp $SRC_BIN/vncconfig $DESTDIR/usr/bin;
+cp $SRC_BIN/kasmvncpasswd $DESTDIR/usr/bin;
+cp $SRC_BIN/kasmxproxy $DESTDIR/usr/bin;
+cp -r $SRC/lib/kasmvnc/ $DESTDIR/usr/lib/kasmvncserver
+cd $DESTDIR/usr/bin && ln -s kasmvncpasswd vncpasswd;
+cp -r $SRC/share/doc/kasmvnc*/* $DESTDIR/usr/share/doc/kasmvncserver/
+rsync -r --exclude '.git*' --exclude po2js --exclude xgettext-html \
+  --exclude www/utils/ --exclude .eslintrc --exclude configure \
+  $SRC/share/kasmvnc $DESTDIR/usr/share
+
+sed -i -e 's!pem_certificate: .\+$!pem_certificate: /etc/pki/tls/private/kasmvnc.pem!' \
+    $DESTDIR/usr/share/kasmvnc/kasmvnc_defaults.yaml
+sed -i -e 's!pem_key: .\+$!pem_key: /etc/pki/tls/private/kasmvnc.pem!' \
+    $DESTDIR/usr/share/kasmvnc/kasmvnc_defaults.yaml
+sed -e 's/^\([^#]\)/# \1/' $DESTDIR/usr/share/kasmvnc/kasmvnc_defaults.yaml > \
+  $DESTDIR/etc/kasmvnc/kasmvnc.yaml
+cp $SRC/man/man1/Xvnc.1 $DESTDIR/usr/share/man/man1/;
+cp $SRC/share/man/man1/vncserver.1 $DST_MAN;
+cp $SRC/share/man/man1/vncconfig.1 $DST_MAN;
+cp $SRC/share/man/man1/vncpasswd.1 $DST_MAN;
+cp $SRC/share/man/man1/kasmxproxy.1 $DST_MAN;
+cd $DST_MAN && ln -s vncpasswd.1 kasmvncpasswd.1;
+
+
+%files
+%config(noreplace) /etc/kasmvnc
+
+/usr/bin/*
+/usr/lib/kasmvncserver
+/usr/share/man/man1/*
+/usr/share/perl5/KasmVNC
+/usr/share/kasmvnc
+
+%license /usr/share/doc/kasmvncserver/LICENSE.TXT
+%doc /usr/share/doc/kasmvncserver/README.md
+
+%changelog
+* Tue Nov 29 2022 KasmTech <info@kasmweb.com> - 1.0.0-1
+- WebRTC UDP transit support with support of STUN servers
+- Lossless compression using multi-threaded WASM QOI decoder client side
+- New yaml based configuration
+- Significantly improved FPS through both client-side and server-side improvements.
+- Support for the admin to define arbitrary http response headers for the built in web server
+- Support for additional mouse buttons
+- Refinement of vncserver checks and user prompts
+- Added send_full_frame to developer API, forces full frame to be sent to all connected users that have at least read permission.
+* Tue Mar 22 2022 KasmTech <info@kasmweb.com> - 0.9.3~beta-1
+* Fri Feb 12 2021 KasmTech <info@kasmweb.com> - 0.9.1~beta-1
+- Initial release of the rpm package.
+
+%post
+  kasmvnc_group="kasmvnc-cert"
+
+  create_kasmvnc_group() {
+    if ! getent group "$kasmvnc_group" >/dev/null; then
+	    groupadd --system "$kasmvnc_group"
+    fi
+  }
+
+  make_self_signed_certificate() {
+    local cert_file=/etc/pki/tls/private/kasmvnc.pem
+    [ -f "$cert_file" ] && return 0
+
+    openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \
+      -keyout "$cert_file" \
+      -out "$cert_file" -subj \
+      "/C=US/ST=VA/L=None/O=None/OU=DoFu/CN=kasm/emailAddress=none@none.none"
+    chgrp "$kasmvnc_group" "$cert_file"
+    chmod 640 "$cert_file"
+  }
+
+  create_kasmvnc_group
+  make_self_signed_certificate
+
+%postun
+  rm -f /etc/pki/tls/private/kasmvnc.pem