Expect security result for RFB 3.7

The cut off was wrong here. 3.7 will send a security result, but not a security reason. It also fixes the issue that < 3.7 (e.g. 3.3) supports VNC authentication as well.
2022-08-18 14:33:48 +02:00 · 2022-08-18 14:33:48 +02:00 · 5671072dfe
parent 084030fe68
commit 5671072dfe
2 changed files with 14 additions and 11 deletions
--- a/core/rfb.js
+++ b/core/rfb.js
@ -1835,11 +1835,7 @@ export default class RFB extends EventTargetMixin {
    _negotiateAuthentication() {
        switch (this._rfbAuthScheme) {
            case 1:  // no auth
-                if (this._rfbVersion >= 3.8) {
-                    this._rfbInitState = 'SecurityResult';
-                    return true;
-                }
-                this._rfbInitState = 'ClientInitialisation';
+                this._rfbInitState = 'SecurityResult';
                return true;

            case 22:  // XVP auth
@ -1870,6 +1866,13 @@ export default class RFB extends EventTargetMixin {
    }

    _handleSecurityResult() {
+        // There is no security choice, and hence no security result
+        // until RFB 3.7
+        if (this._rfbVersion < 3.7) {
+            this._rfbInitState = 'ClientInitialisation';
+            return true;
+        }
+
        if (this._sock.rQwait('VNC auth response ', 4)) { return false; }

        const status = this._sock.rQshift32();
--- a/tests/test.rfb.js
+++ b/tests/test.rfb.js
@ -1144,7 +1144,7 @@ describe('Remote Frame Buffer Protocol Client', function () {
                const authSchemes = [2, 1, 3];
                client._sock._websocket._receiveData(new Uint8Array(authSchemes));
                expect(client._rfbAuthScheme).to.equal(1);
-                expect(client._sock).to.have.sent(new Uint8Array([1, 1]));
+                expect(client._sock).to.have.sent(new Uint8Array([1]));
            });

            it('should choose for the most prefered scheme possible for versions >= 3.7', function () {
@ -1209,15 +1209,15 @@ describe('Remote Frame Buffer Protocol Client', function () {
                    'Security negotiation failed on authentication scheme (reason: Whoopsies)');
            });

-            it('should transition straight to SecurityResult on "no auth" (1) for versions >= 3.8', function () {
-                client._rfbVersion = 3.8;
+            it('should transition straight to SecurityResult on "no auth" (1) for versions >= 3.7', function () {
+                client._rfbVersion = 3.7;
                sendSecurity(1, client);
                expect(client._rfbInitState).to.equal('SecurityResult');
            });

-            it('should transition straight to ServerInitialisation on "no auth" for versions < 3.8', function () {
-                client._rfbVersion = 3.7;
-                sendSecurity(1, client);
+            it('should transition straight to ServerInitialisation on "no auth" for versions < 3.7', function () {
+                client._rfbVersion = 3.6;
+                client._sock._websocket._receiveData(new Uint8Array([0, 0, 0, 1]));
                expect(client._rfbInitState).to.equal('ServerInitialisation');
            });