summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPierre Ossman <ossman@cendio.se>2015-12-29 15:02:11 +0100
committerPierre Ossman <ossman@cendio.se>2015-12-29 15:02:11 +0100
commit1f8aba3147ec13aaa70a44372775b72bb4e59941 (patch)
tree5c2e81abb3eba69d0a78a8b4685b4fbd50aa3cdc
parentcddd64832be2503b4829c7874776e878731524fd (diff)
downloadtigervnc-1f8aba3147ec13aaa70a44372775b72bb4e59941.tar.gz
tigervnc-1f8aba3147ec13aaa70a44372775b72bb4e59941.zip
Add workaround for Vino's VeNCrypt implementation
-rw-r--r--common/rfb/Security.cxx13
1 files changed, 12 insertions, 1 deletions
diff --git a/common/rfb/Security.cxx b/common/rfb/Security.cxx
index e623ab54..0666041c 100644
--- a/common/rfb/Security.cxx
+++ b/common/rfb/Security.cxx
@@ -74,7 +74,18 @@ const std::list<rdr::U8> Security::GetEnabledSecTypes(void)
list<rdr::U8> result;
list<U32>::iterator i;
- result.push_back(secTypeVeNCrypt);
+ /* Partial workaround for Vino's stupid behaviour. It doesn't allow
+ * the basic authentication types as part of the VeNCrypt handshake,
+ * making it impossible for a client to do opportunistic encryption.
+ * At least make it possible to connect when encryption is explicitly
+ * disabled. */
+ for (i = enabledSecTypes.begin(); i != enabledSecTypes.end(); i++) {
+ if (*i >= 0x100) {
+ result.push_back(secTypeVeNCrypt);
+ break;
+ }
+ }
+
for (i = enabledSecTypes.begin(); i != enabledSecTypes.end(); i++)
if (*i < 0x100)
result.push_back(*i);