Bug 213607 - net/tigervnc: server requires mcookie utility
Summary: net/tigervnc: server requires mcookie utility
Status: Closed DUPLICATE of bug 213150
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: Kubilay Kocak
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-10-19 11:39 UTC by dominik.muth
Modified: 2016-10-20 01:35 UTC (History)
2 users (show)

See Also:
koobs: maintainer-feedback+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description dominik.muth 2016-10-19 11:39:28 UTC 
$ vncserver          
vncserver: couldn't find "mcookie" on your PATH.

and the tigervnc server refuses to start. I can find no mcookie in base or ports. As a workaround I have

$ cat bin/mcookie 
#!/bin/sh
dd if=/dev/urandom bs=1k count=1 2>/dev/null | md5 | cut -d ' ' -f 1

which may introduce security issues.

$ uname -a
FreeBSD foobar 11.0-RELEASE-p1 FreeBSD 11.0-RELEASE-p1 #0 r306420: Thu Sep 29 01:43:23 UTC 2016     root@releng2.nyi.freebsd.org:/usr/obj/usr/src/sys/GENERIC  amd64

$ freebsd-version 
11.0-RELEASE-p1

$ pkg info tigervnc
tigervnc-1.7.0
Name           : tigervnc
Version        : 1.7.0
Installed on   : Wed Oct 19 13:07:58 2016 CEST
Origin         : net/tigervnc
Architecture   : freebsd:11:x86:64
Prefix         : /usr/local
Categories     : net x11-servers
Licenses       : GPLv2+
Maintainer     : meta+ports@vmeta.jp
WWW            : http://tigervnc.org/
Comment        : High-performance, platform-neutral implementation of VNC
Options        :
	DOCS           : on
	GNUTLS         : on
	NLS            : on
	PAM            : on
	VIEWER         : on
Shared Libs required:
	libX11.so.6
	libxshmfence.so.1
	libGL.so.1
	libXrender.so.1
	libXext.so.6
	libjpeg.so.8
	libpixman-1.so.0
	libXdmcp.so.6
	libXcursor.so.1
	libXfont.so.1
	libXdamage.so.1
	libXft.so.2
	libunwind.so.8
	libICE.so.6
	libfltk.so.1.3
	libXtst.so.6
	libintl.so.8
	libgnutls.so.30
	libSM.so.6
	libXau.so.6
	libfontconfig.so.1
	libXinerama.so.1
	libfltk_images.so.1.3
	libXfixes.so.3
Shared Libs provided:
	libvnc.so
Annotations    :
	cpe            : cpe:2.3:a:tigervnc:tigervnc:1.7.0:::::freebsd11:x64
	repo_type      : binary
	repository     : FreeBSD
Flat size      : 4.41MiB
Description    :
TigerVNC is a high-performance, platform-neutral implementation of VNC,
a client/server application that allows users to launch and interact with
graphical applications on remote machines.

WWW: http://tigervnc.org/
Comment 1 Koichiro Iwao freebsd_committer freebsd_triage 2016-10-20 01:22:13 UTC 
Already fixed in Bug 213250. Try tigervnc-1.7.0_1.

And what is the security issue you concern about? usage of MD5?
You don't need to use MD5 hash at all.  Just convert the random
output of /dev/urandom to hex style, like this.

dd if=/dev/urandom bs=16 count=1 2>/dev/null| od -x -An | tr -d ' '
Comment 2 Kubilay Kocak freebsd_committer freebsd_triage 2016-10-20 01:32:01 UTC 
(In reply to Koichiro IWAO from comment #1)

Bug 213250 seems to refer to an unrelated issue. Can you add the correct bug ID that you mention fixed this issue to the "See Also" field please.
Comment 3 Kubilay Kocak freebsd_committer freebsd_triage 2016-10-20 01:35:11 UTC 
Fixed in r423352 as part of bug 213150.

Please update your ports tree (or package database). If the problem is still reproducible in version 1.7.0_1, please re-open bug 213150.

*** This bug has been marked as a duplicate of bug 213150 ***