Don't read invalid TLS auth reason

The specification only states a single result byte and not any reason
after a TLS authentication failure.

diff --git a/common/rfb/CSecurityTLS.cxx b/common/rfb/CSecurityTLS.cxx
index 5c303a37c99d67eda010c44c739976b6723becdb..374ec7f3da31009a8044f03668d75d934bd989b2 100644 (file)
--- a/common/rfb/CSecurityTLS.cxx
+++ b/common/rfb/CSecurityTLS.cxx
@@ -157,15 +157,8 @@ bool CSecurityTLS::processMsg()
     if (!is->checkNoWait(1))
       return false;
 
-    if (is->readU8() == 0) {
-      rdr::U32 result = is->readU32();
-      CharArray reason;
-      if (result == secResultFailed || result == secResultTooMany)
-        reason.buf = is->readString();
-      else
-        reason.buf = strDup("protocol error");
-      throw AuthFailureException(reason.buf);
-    }
+    if (is->readU8() == 0)
+      throw AuthFailureException("Server failed to initialize TLS session");
 
     if (gnutls_init(&session, GNUTLS_CLIENT) != GNUTLS_E_SUCCESS)
       throw AuthFailureException("gnutls_init failed");