Re: [Libvncserver-common] [Patch] Connect to Vino AnonTLS without password hangs

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hi,

Is this patch already ok for merging? Sorry this bug is kind of
important to fix.

Thanks,

Vic

On Mon, 2009-12-21 at 08:27 +0800, Vic Lee wrote:
> Agreed, this is the standard of non-tls behavior, but there's no spec
> anywhere saying the tls sub-authentication should follow the same
> behavior... so the best thing is to assume it follows. Besides ssvnc, I
> also checked the gtk-vnc implementation, and it appears that it does
> follow the non-tls spec:
> 
> 3099: static gboolean gvnc_perform_auth_tls(struct gvnc *gvnc)
> ......
> 3152:	switch (gvnc->auth_subtype) {
> 3153:	case GVNC_AUTH_NONE:
> 3154:		if (gvnc->minor == 8)
> 3155:			return gvnc_check_auth_result(gvnc);
> 3156:		return TRUE;
> ......
> 
> And since gtk-vnc has the same developer as vino I think the patch
> should be good even if Vino upgrade to 3.8 in the future.
> 
> Thanks,
> 
> Vic
> 
> On Sun, 2009-12-20 at 18:11 -0500, Karl J. Runge wrote:
> > I haven't checked in detail, but I think vino is obeying the 3.7 version 
> > of the protocol:
> > 
> >   6.2 SECURITY TYPE
> >   6.2.1 None
> >   No authentication is needed and protocol data is to be sent unencrypted.
> >   Version 3.8 onwards The protocol continues with the SecurityResult message.
> >   Version 3.3 and 3.7 The protocol passes to the initialisation phase (section 6.3). 
> > 
> > i.e. for None (aka NoAuth) 3.7 does the same as 3.3, i.e. just get going
> > w/o the SecurityResult.
> > 
> > Also, in my ssvnc viewer side project I don't see me doing anything
> > special for the AnonTLS/vino case.
> > 
> > So I suspect vino is doing the right thing for 3.7 and Vic's most recent
> > patch is the right way to handle it, but like I say I didn't check this
> > in detail and so would need to be verified more carefully.
> > 
> > Karl
> > 
> > 
> > PS: Academically, I suppose there is no strict reason why the
> > security-type AnonTLS's *sub-type* "None" needs to match the RFB
> > security-type "None" (besides being sensible).  However, I think having
> > them the same is their intention; but I never found a written spec for
> > vino's AnonTLS besides the vino implementation itself...
> > 
> 
> 
> 
> 
> ------------------------------------------------------------------------------
> This SF.Net email is sponsored by the Verizon Developer Community
> Take advantage of Verizon's best-in-class app development support
> A streamlined, 14 day to market process makes app distribution fast and easy
> Join now and get one step closer to millions of Verizon customers
> http://p.sf.net/sfu/verizon-dev2dev 
> _______________________________________________
> LibVNCServer-common mailing list
> Lib...@li...
> https://lists.sourceforge.net/lists/listinfo/libvncserver-common