Don't read invalid TLS auth reason

The specification only states a single result byte and not any reason after a TLS authentication failure.
author: Pierre Ossman <ossman@cendio.se> 2020-05-21 12:10:52 +0200
committer: Pierre Ossman <ossman@cendio.se> 2020-05-21 12:10:52 +0200
commit: 5f09e7c662a2a31b5d4f276c978da936d77f61ad (patch)
tree: a7ac104b3006c0f31f8bf4a5b1329d24b77f44c0 /common/rfb/CSecurityTLS.cxx
parent: 2354ce7404b8bacced3249e9c9787a12de307d2a (diff)
download: tigervnc-5f09e7c662a2a31b5d4f276c978da936d77f61ad.tar.gz
tigervnc-5f09e7c662a2a31b5d4f276c978da936d77f61ad.zip
1 files changed, 2 insertions, 9 deletions
diff --git a/common/rfb/CSecurityTLS.cxx b/common/rfb/CSecurityTLS.cxx
index 5c303a37..374ec7f3 100644
--- a/common/rfb/CSecurityTLS.cxx
+++ b/common/rfb/CSecurityTLS.cxx
@@ -157,15 +157,8 @@ bool CSecurityTLS::processMsg()
     if (!is->checkNoWait(1))
       return false;
 
-    if (is->readU8() == 0) {
-      rdr::U32 result = is->readU32();
-      CharArray reason;
-      if (result == secResultFailed || result == secResultTooMany)
-        reason.buf = is->readString();
-      else
-        reason.buf = strDup("protocol error");
-      throw AuthFailureException(reason.buf);
-    }
+    if (is->readU8() == 0)
+      throw AuthFailureException("Server failed to initialize TLS session");
 
     if (gnutls_init(&session, GNUTLS_CLIENT) != GNUTLS_E_SUCCESS)
       throw AuthFailureException("gnutls_init failed");
author	Pierre Ossman <ossman@cendio.se>	2020-05-21 12:10:52 +0200
committer	Pierre Ossman <ossman@cendio.se>	2020-05-21 12:10:52 +0200
commit	5f09e7c662a2a31b5d4f276c978da936d77f61ad (patch)
tree	a7ac104b3006c0f31f8bf4a5b1329d24b77f44c0 /common/rfb/CSecurityTLS.cxx
parent	2354ce7404b8bacced3249e9c9787a12de307d2a (diff)
download	tigervnc-5f09e7c662a2a31b5d4f276c978da936d77f61ad.tar.gz tigervnc-5f09e7c662a2a31b5d4f276c978da936d77f61ad.zip