diff options
author | Pierre Ossman <ossman@cendio.se> | 2015-12-29 15:02:11 +0100 |
---|---|---|
committer | Pierre Ossman <ossman@cendio.se> | 2015-12-29 15:02:11 +0100 |
commit | 1f8aba3147ec13aaa70a44372775b72bb4e59941 (patch) | |
tree | 5c2e81abb3eba69d0a78a8b4685b4fbd50aa3cdc | |
parent | cddd64832be2503b4829c7874776e878731524fd (diff) | |
download | tigervnc-1f8aba3147ec13aaa70a44372775b72bb4e59941.tar.gz tigervnc-1f8aba3147ec13aaa70a44372775b72bb4e59941.zip |
Add workaround for Vino's VeNCrypt implementation
-rw-r--r-- | common/rfb/Security.cxx | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/common/rfb/Security.cxx b/common/rfb/Security.cxx index e623ab54..0666041c 100644 --- a/common/rfb/Security.cxx +++ b/common/rfb/Security.cxx @@ -74,7 +74,18 @@ const std::list<rdr::U8> Security::GetEnabledSecTypes(void) list<rdr::U8> result; list<U32>::iterator i; - result.push_back(secTypeVeNCrypt); + /* Partial workaround for Vino's stupid behaviour. It doesn't allow + * the basic authentication types as part of the VeNCrypt handshake, + * making it impossible for a client to do opportunistic encryption. + * At least make it possible to connect when encryption is explicitly + * disabled. */ + for (i = enabledSecTypes.begin(); i != enabledSecTypes.end(); i++) { + if (*i >= 0x100) { + result.push_back(secTypeVeNCrypt); + break; + } + } + for (i = enabledSecTypes.begin(); i != enabledSecTypes.end(); i++) if (*i < 0x100) result.push_back(*i); |