peterdelevoryas / rpms / qemu

Forked from rpms/qemu 2 years ago
Clone

Blame qemu-sasl-01-tls-handshake-fix.patch

Daniel P. Berrange 42af21
This patch was previously posted here:
Daniel P. Berrange 42af21
Daniel P. Berrange 42af21
  http://lists.gnu.org/archive/html/qemu-devel/2009-02/msg00820.html
Daniel P. Berrange 42af21
Daniel P. Berrange 42af21
In the case where the TLS handshake does *not* block on I/O, QEMU
Daniel P. Berrange 42af21
sends the next 'start sub-auth' message twice. This seriously confuses
Daniel P. Berrange 42af21
the VNC client :-) Fortunately the chances of the handshake not blocking
Daniel P. Berrange 42af21
are close to zero for a TCP socket, which is why it has not been noticed
Daniel P. Berrange 42af21
thus far. Even with both client & server on localhost, I can only hit the
Daniel P. Berrange 42af21
bug 1 time in 20.
Daniel P. Berrange 42af21
Daniel P. Berrange 42af21
NB, the diff context here is not too informative. If you look at the
Daniel P. Berrange 42af21
full code you'll see that a few lines early we called vnc_start_tls()
Daniel P. Berrange 42af21
which called vnc_continue_handshake() which called the method
Daniel P. Berrange 42af21
start_auth_vencrypt_subauth(). Hence, fixing the bug, just involves
Daniel P. Berrange 42af21
removing the 2nd bogus call to start_auth_vencrypt_subauth() as per
Daniel P. Berrange 42af21
this patch.
Daniel P. Berrange 42af21
Daniel P. Berrange 42af21
Daniel P. Berrange 42af21
 vnc.c |    8 --------
Daniel P. Berrange 42af21
 1 file changed, 8 deletions(-)
Daniel P. Berrange 42af21
Daniel P. Berrange 42af21
   Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Daniel P. Berrange 42af21
Glauber Costa 8571d0
Index: kvm-84.git-snapshot-20090303/qemu/vnc.c
Glauber Costa 8571d0
===================================================================
Glauber Costa 8571d0
--- kvm-84.git-snapshot-20090303.orig/qemu/vnc.c
Glauber Costa 8571d0
+++ kvm-84.git-snapshot-20090303/qemu/vnc.c
Daniel P. Berrange 42af21
@@ -2096,14 +2096,6 @@ static int protocol_client_vencrypt_auth
Daniel P. Berrange 42af21
 	    VNC_DEBUG("Failed to complete TLS\n");
Daniel P. Berrange 42af21
 	    return 0;
Daniel P. Berrange 42af21
 	}
Daniel P. Berrange 42af21
-
Daniel P. Berrange 42af21
-	if (vs->wiremode == VNC_WIREMODE_TLS) {
Daniel P. Berrange 42af21
-	    VNC_DEBUG("Starting VeNCrypt subauth\n");
Daniel P. Berrange 42af21
-	    return start_auth_vencrypt_subauth(vs);
Daniel P. Berrange 42af21
-	} else {
Daniel P. Berrange 42af21
-	    VNC_DEBUG("TLS handshake blocked\n");
Daniel P. Berrange 42af21
-	    return 0;
Daniel P. Berrange 42af21
-	}
Daniel P. Berrange 42af21
     }
Daniel P. Berrange 42af21
     return 0;
Daniel P. Berrange 42af21
 }