From 8e751955b6ab996a30603ca56b3d084d2c7c1b16 Mon Sep 17 00:00:00 2001 From: Pierre Ossman Date: Tue, 29 Dec 2015 15:02:11 +0100 Subject: [PATCH] Add workaround for Vino's VeNCrypt implementation --- common/rfb/Security.cxx | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/common/rfb/Security.cxx b/common/rfb/Security.cxx index e623ab54..0666041c 100644 --- a/common/rfb/Security.cxx +++ b/common/rfb/Security.cxx @@ -74,7 +74,18 @@ const std::list Security::GetEnabledSecTypes(void) list result; list::iterator i; - result.push_back(secTypeVeNCrypt); + /* Partial workaround for Vino's stupid behaviour. It doesn't allow + * the basic authentication types as part of the VeNCrypt handshake, + * making it impossible for a client to do opportunistic encryption. + * At least make it possible to connect when encryption is explicitly + * disabled. */ + for (i = enabledSecTypes.begin(); i != enabledSecTypes.end(); i++) { + if (*i >= 0x100) { + result.push_back(secTypeVeNCrypt); + break; + } + } + for (i = enabledSecTypes.begin(); i != enabledSecTypes.end(); i++) if (*i < 0x100) result.push_back(*i); -- 2.39.5