[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] PATCH: 1/9: Fix bug in TLS authenticataion
From: |
Daniel P. Berrange |
Subject: |
Re: [Qemu-devel] PATCH: 1/9: Fix bug in TLS authenticataion |
Date: |
Thu, 26 Feb 2009 11:52:09 +0000 |
User-agent: |
Mutt/1.4.1i |
This patch was previously posted here:
http://lists.gnu.org/archive/html/qemu-devel/2009-02/msg00820.html
In the case where the TLS handshake does *not* block on I/O, QEMU
sends the next 'start sub-auth' message twice. This seriously confuses
the VNC client :-) Fortunately the chances of the handshake not blocking
are close to zero for a TCP socket, which is why it has not been noticed
thus far. Even with both client & server on localhost, I can only hit the
bug 1 time in 20.
NB, the diff context here is not too informative. If you look at the
full code you'll see that a few lines early we called vnc_start_tls()
which called vnc_continue_handshake() which called the method
start_auth_vencrypt_subauth(). Hence, fixing the bug, just involves
removing the 2nd bogus call to start_auth_vencrypt_subauth() as per
this patch.
vnc.c | 8 --------
1 file changed, 8 deletions(-)
Signed-off-by: Daniel P. Berrange <address@hidden>
diff -r ff004fb525e7 vnc.c
--- a/vnc.c Thu Feb 19 11:26:55 2009 +0000
+++ b/vnc.c Thu Feb 19 11:27:44 2009 +0000
@@ -2096,14 +2096,6 @@ static int protocol_client_vencrypt_auth
VNC_DEBUG("Failed to complete TLS\n");
return 0;
}
-
- if (vs->wiremode == VNC_WIREMODE_TLS) {
- VNC_DEBUG("Starting VeNCrypt subauth\n");
- return start_auth_vencrypt_subauth(vs);
- } else {
- VNC_DEBUG("TLS handshake blocked\n");
- return 0;
- }
}
return 0;
}
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
- [Qemu-devel] PATCH: 0/9: Support SASL authentication in VNC server (version 3), Daniel P. Berrange, 2009/02/26
- Re: [Qemu-devel] PATCH: 1/9: Fix bug in TLS authenticataion,
Daniel P. Berrange <=
- Re: [Qemu-devel] PATCH: 2/9: Enhance 'info vnc' monitor output, Daniel P. Berrange, 2009/02/26
- Re: [Qemu-devel] PATCH: 3/9: Refactor keymap code to avoid duplication, Daniel P. Berrange, 2009/02/26
- Re: [Qemu-devel] PATCH: 4/9: Move VNC structs into header file, Daniel P. Berrange, 2009/02/26
- Re: [Qemu-devel] PATCH: 5/9: Move TLS auth into separate file, Daniel P. Berrange, 2009/02/26
- Re: [Qemu-devel] PATCH: 6/9: Add SASL authentication support, Daniel P. Berrange, 2009/02/26