jcarr
/
noVNC
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Expect security result for RFB 3.7 

The cut off was wrong here. 3.7 will send a security result, but not a
security reason. It also fixes the issue that < 3.7 (e.g. 3.3) supports
VNC authentication as well.
This commit is contained in:
Pierre Ossman 2022-08-18 14:33:48 +02:00
parent 084030fe68
commit 5671072dfe
2 changed files with 14 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
core/rfb.js
View File

@ -1835,11 +1835,7 @@ export default class RFB extends EventTargetMixin {
_negotiateAuthentication() { _negotiateAuthentication() {
switch (this._rfbAuthScheme) { switch (this._rfbAuthScheme) {
case 1: // no auth case 1: // no auth
if (this._rfbVersion >= 3.8) { this._rfbInitState = 'SecurityResult';
this._rfbInitState = 'SecurityResult';
return true;
}
this._rfbInitState = 'ClientInitialisation';
return true; return true;
case 22: // XVP auth case 22: // XVP auth
@ -1870,6 +1866,13 @@ export default class RFB extends EventTargetMixin {
} }
_handleSecurityResult() { _handleSecurityResult() {
// There is no security choice, and hence no security result
// until RFB 3.7
if (this._rfbVersion < 3.7) {
this._rfbInitState = 'ClientInitialisation';
return true;
}
if (this._sock.rQwait('VNC auth response ', 4)) { return false; } if (this._sock.rQwait('VNC auth response ', 4)) { return false; }
const status = this._sock.rQshift32(); const status = this._sock.rQshift32();

12
tests/test.rfb.js
View File

@ -1144,7 +1144,7 @@ describe('Remote Frame Buffer Protocol Client', function () {
const authSchemes = [2, 1, 3]; const authSchemes = [2, 1, 3];
client._sock._websocket._receiveData(new Uint8Array(authSchemes)); client._sock._websocket._receiveData(new Uint8Array(authSchemes));
expect(client._rfbAuthScheme).to.equal(1); expect(client._rfbAuthScheme).to.equal(1);
expect(client._sock).to.have.sent(new Uint8Array([1, 1])); expect(client._sock).to.have.sent(new Uint8Array([1]));
}); });
it('should choose for the most prefered scheme possible for versions >= 3.7', function () { it('should choose for the most prefered scheme possible for versions >= 3.7', function () {
@ -1209,15 +1209,15 @@ describe('Remote Frame Buffer Protocol Client', function () {
'Security negotiation failed on authentication scheme (reason: Whoopsies)'); 'Security negotiation failed on authentication scheme (reason: Whoopsies)');
}); });
it('should transition straight to SecurityResult on "no auth" (1) for versions >= 3.8', function () { it('should transition straight to SecurityResult on "no auth" (1) for versions >= 3.7', function () {
client._rfbVersion = 3.8; client._rfbVersion = 3.7;
sendSecurity(1, client); sendSecurity(1, client);
expect(client._rfbInitState).to.equal('SecurityResult'); expect(client._rfbInitState).to.equal('SecurityResult');
}); });
it('should transition straight to ServerInitialisation on "no auth" for versions < 3.8', function () { it('should transition straight to ServerInitialisation on "no auth" for versions < 3.7', function () {
client._rfbVersion = 3.7; client._rfbVersion = 3.6;
sendSecurity(1, client); client._sock._websocket._receiveData(new Uint8Array([0, 0, 0, 1]));
expect(client._rfbInitState).to.equal('ServerInitialisation'); expect(client._rfbInitState).to.equal('ServerInitialisation');
}); });