diff options
Diffstat (limited to 'ui/vnc.c')
-rw-r--r-- | ui/vnc.c | 53 |
1 files changed, 23 insertions, 30 deletions
@@ -43,6 +43,7 @@ #include "crypto/hash.h" #include "crypto/tlscredsanon.h" #include "crypto/tlscredsx509.h" +#include "crypto/random.h" #include "qom/object_interfaces.h" #include "qemu/cutils.h" #include "io/dns-resolver.h" @@ -2535,14 +2536,16 @@ void start_client_init(VncState *vs) vnc_read_when(vs, protocol_client_init, 1); } -static void make_challenge(VncState *vs) +static void authentication_failed(VncState *vs) { - int i; - - srand(time(NULL)+getpid()+getpid()*987654+rand()); - - for (i = 0 ; i < sizeof(vs->challenge) ; i++) - vs->challenge[i] = (int) (256.0*rand()/(RAND_MAX+1.0)); + vnc_write_u32(vs, 1); /* Reject auth */ + if (vs->minor >= 8) { + static const char err[] = "Authentication failed"; + vnc_write_u32(vs, sizeof(err)); + vnc_write(vs, err, sizeof(err)); + } + vnc_flush(vs); + vnc_client_error(vs); } static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len) @@ -2609,21 +2612,23 @@ static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len) return 0; reject: - vnc_write_u32(vs, 1); /* Reject auth */ - if (vs->minor >= 8) { - static const char err[] = "Authentication failed"; - vnc_write_u32(vs, sizeof(err)); - vnc_write(vs, err, sizeof(err)); - } - vnc_flush(vs); - vnc_client_error(vs); + authentication_failed(vs); qcrypto_cipher_free(cipher); return 0; } void start_auth_vnc(VncState *vs) { - make_challenge(vs); + Error *err = NULL; + + if (qcrypto_random_bytes(vs->challenge, sizeof(vs->challenge), &err)) { + trace_vnc_auth_fail(vs, vs->auth, "cannot get random bytes", + error_get_pretty(err)); + error_free(err); + authentication_failed(vs); + return; + } + /* Send client a 'random' challenge */ vnc_write(vs, vs->challenge, sizeof(vs->challenge)); vnc_flush(vs); @@ -2638,13 +2643,7 @@ static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len) * must pick the one we sent. Verify this */ if (data[0] != vs->auth) { /* Reject auth */ trace_vnc_auth_reject(vs, vs->auth, (int)data[0]); - vnc_write_u32(vs, 1); - if (vs->minor >= 8) { - static const char err[] = "Authentication failed"; - vnc_write_u32(vs, sizeof(err)); - vnc_write(vs, err, sizeof(err)); - } - vnc_client_error(vs); + authentication_failed(vs); } else { /* Accept requested auth */ trace_vnc_auth_start(vs, vs->auth); switch (vs->auth) { @@ -2673,13 +2672,7 @@ static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len) default: /* Should not be possible, but just in case */ trace_vnc_auth_fail(vs, vs->auth, "Unhandled auth method", ""); - vnc_write_u8(vs, 1); - if (vs->minor >= 8) { - static const char err[] = "Authentication failed"; - vnc_write_u32(vs, sizeof(err)); - vnc_write(vs, err, sizeof(err)); - } - vnc_client_error(vs); + authentication_failed(vs); } } return 0; |