El jue, 03-06-2010 a las 14:15 +0200, Josselin Mouette escribió: > Le jeudi 03 juin 2010 à 12:23 +0200, Mario Izquierdo (mariodebian) a > écrit : > > I'm working on this bug. > > > > Set "net.ipv6.bindv6only = 1", no changes is set to 0. > > > > Setting Debug/Enable=True I found that the call to XdmcpFill fails, > > with this line in syslog: > > > > GdmXdmcpDisplayFactory: Could not create XDMCP buffer! > > > > With this patch: > > > > http://tcosproject.org/cgit/gdm3.git/tree/debian/patches/95_xdmcp_fill_fix.patch > > > > XdmcpFill don't fail and remote session continue but all is IPV6: > > Sorry but your email is very confusing. > > What patch do you want us to apply? What does it fix exactly, and what does > it not fix? >
I have compared the code of XDM ,KDM with GDM. In XDM and KDM ssl_len is set to sizeof socket_storage before calling XdmcpFill() XDM: http://cgit.freedesktop.org/xorg/app/xdm/tree/xdmcp.c#n347 KDM: http://websvn.kde.org/trunk/KDE/kdebase/workspace/kdm/backend/xdmcp.c?revision=1069071&view=markup (line 1094) My patch should move line 2887 to 2881 in this file: http://tcosproject.org/cgit/gdm3.git/tree/daemon/gdm-xdmcp-display-factory.c#n2864 With the patch, XDMCP don't work yet, but logs says that WILLING is trying to send to an ( malformed??? ) IPV6 address instead of fail with bad XDMCP header. > > In LAN networks XDMCP is very used and IPV6 must be optional, and > > leave user to enable it, in config file not in a compile flag. > > No, we should just fix it so that it works, not put it under the carpet. > > In all cases I would highly recommend against XDMCP which is very > unsecure, unless you have done everything needed on your network. GDM is > able to start X sessions over SSH, which doesn’t have these problems. > > Cheers, I know it... I'm developing a thin client project like LTSP called TCOS [1] (I hope to upload to Debian soon [2], need a sponsor) that use XDMCP (or SSH, rDesktop, NX...). My target users are school classrooms (TCOS is used in about 400 schools in Madrid, Valencia (Spain) and 40-50 in Argentina, Brazil, and some other counties) The security in this environments is less important than speed, some of our installations can display children games at 40/50 FPS in gigabit LAN and with SSH this is not possible. We use a lot of old hardware (like Pentium II-350 MHz, 64/128 MB RAM) Greetings [1] http://tcosproject.org/ [2] http://wiki.tcosproject.org/Tcos_Into_Debian PD.- If you are interested, or know somebody that can sponsor some TCOS uploads please tell me. I have uploaded 2 TCOS depends before: http://qa.debian.org/developer.php?login=mariodeb...@gmail.com Thanks -- http://mariodebian.com
signature.asc
Description: This is a digitally signed message part
