Re: [Qemu-devel] Re: PATCH: Secure TLS encrypted authentication for VNC

[Peter Rosin]

Hi!

Sorry for the response to this old post, but since it seems to be the
best reference for the VeNCrypt protocol on the web, I don't feel too
bad. Hopefully I got the message-id correct so that this post is
properly linked.

S. I. Becker skrev:
> Daniel P. Berrange wrote:
> > If there's any formal doc describing the VeNCrypt auth system in the
> > same style as the primary RFB protocol doc[1] that'd be very helpful.

*snip*

> Dan,
>
> The closest I have to a formal spec are some emails going back-and-forth
> between Martin Koegler and myself over what the protocol should be.
> I've tried to collate and format these together below.  Please let me
> know if anything is not clear, or if you can spot any edge-cases that
> permit security flaws.

*snip*

> RFB Protocol Section 6.2.19.257 - TLSNone VeNCrypt sub-type
>
> If the TLSNone, TLSVnc or TLSPlain sub-types have been chosen, Anonymous
> TLS authentication is initiated as described in the TLS protocol.
>
> If the TLS authentication was not successful, the connection is closed.
>    Otherwise, all further communication takes place over the encrypted
> TLS channel.
>
> If the TLSNone sub-type was chosen, authentication continues as for the
> None type described in section 6.2.1.

*snip*

I would like to point out that vencserver seems to be sending an
extra U8 (== 0x01. Is that a boolean? 0x00 means failure?) before
the SSL/TLS handshake is started. The QEMU implementation does
this also, so the bug is clearly in this "spec". This also affects
sub-types 258, 259, 260, 261 and 262.


Cheers,
Peter (not subscribed)