From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Daniel P. Berrange" <berrange@redhat.com>
Subject: Re: [PATCH][Take 3] VNC authentification
Date: Tue, 3 Oct 2006 19:06:11 +0100
Message-ID: <20061003180611.GB29356@redhat.com>
References: <3AAA99889D105740BE010EB6D5A5A3B202A3D2@paddington.ad.cl.cam.ac.uk>
	<JX200609291747343.1765484@jp.fujitsu.com>
	<20060929221145.GE8564@redhat.com>
	<JH200610010353334.2150046@jp.fujitsu.com>
	<20061002162232.GB1730@redhat.com> <45214B54.8060805@us.ibm.com>
	<20061002181231.GC1730@redhat.com>
	<3AAA99889D105740BE010EB6D5A5A3B202A4F0@paddington.ad.cl.cam.ac.uk>
	<JZ200610040108511.216281@jp.fujitsu.com>
	<4522A44F.1020700@us.ibm.com>
Reply-To: "Daniel P. Berrange" <berrange@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Return-path: <xen-devel-bounces@lists.xensource.com>
Content-Disposition: inline
In-Reply-To: <4522A44F.1020700@us.ibm.com>
List-Unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: Anthony Liguori <aliguori@us.ibm.com>
Cc: Ian Pratt <m+Ian.Pratt@cl.cam.ac.uk>, xen-devel@lists.xensource.com, Masami Watanabe <masami.watanabe@jp.fujitsu.com>
List-Id: xen-devel@lists.xenproject.org

On Tue, Oct 03, 2006 at 12:56:31PM -0500, Anthony Liguori wrote:
> Masami Watanabe wrote:
> >+static int vnc_auth(VncState *vs)
> >+{
> >+    extern char vncpasswd[64];
> >+    extern unsigned char challenge[AUTHCHALLENGESIZE];
> >+
> >+    if (*vncpasswd == '\0') {
> >+	/* AuthType is None */
> >+	vnc_write_u32(vs, 1);
> >+	vnc_flush(vs);
> >+	vnc_read_when(vs, protocol_client_init, 1);
> >+    } else {
> >+	/* AuthType is VncAuth */
> >+	vnc_write_u32(vs, 2);
> >+	vnc_flush(vs);
> >+
> >+	/* Read AuthType */
> >+	vnc_read_when(vs, protocol_authtype, 1);
> >  
> 
> As I mentioned before, you cannot have to vnc_read_when()'s execution 
> path without returning the the mainloop.
> 
> protocol_authtype() cannot possibly be invoked.  If the code is working 
> now, it's pure luck.

Yeah, the impl of protocol_authtype() in there is a no-op too - it should
be rejecting auth types which aren't supported, even if it was being invoked.
With the code as it is, protocol_authtype never runs & the server starts
doing VNCAuth regardless of what the client says it wants to do, which is
clearly not correct.

Dan.
-- 
|=- Red Hat, Engineering, Emerging Technologies, Boston.  +1 978 392 2496 -=|
|=-           Perl modules: http://search.cpan.org/~danberr/              -=|
|=-               Projects: http://freshmeat.net/~danielpb/               -=|
|=-  GnuPG: 7D3B9505   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505  -=|