On 5/7/19 3:49 AM, Laurent Vivier wrote:
void start_auth_vnc(VncState *vs)
{
- make_challenge(vs);
+ Error *err = NULL;
+
+ if (qcrypto_random_bytes(vs->challenge, sizeof(vs->challenge), &err)) {
+ trace_vnc_auth_fail(vs, vs->auth, "cannot get random bytes",
+ error_get_pretty(err));
+ error_free(err);
+ authentication_failed(vs);
+ return;
+ }
+
This part is weird for me: if auth fails we send "vnc_write_u32(vs, 1)" but if
it succeeds we send the challenge. There is no success value to send (like
"vnc_write_u32(vs, 0)") ?
There is, but this code is a mess of callbacks. In this case it happens toward
the end of protocol_client_auth_vnc:
2604 trace_vnc_auth_pass(vs, vs->auth);
2605 vnc_write_u32(vs, 0); /* Accept auth */
2606 vnc_flush(vs);