On Wed, Sep 01, 2010 at 07:03:12PM +0100, Daniel P. Berrange wrote:
> The server initially offers 2 auth types in order 'TLS(18)',
> 'None(1)'. Most clients will choose 'none', since they don't
> support TLS auth. GTK-VNC will choose 'TLS' since that's the
> first reported one by the server. The first phase of TLS
> auth appears successful, and Vino then offers 'None' as a
> sub-auth. This appears to fail which is rather odd :-)
> Could be a bug in either Vino or GTK-VNC handling of the
> 'none' type when used as a sub-auth scheme
It seems auth type and auth subtype are kind of reversed in the TLS
case. Attached patch makes things work for me.
-- Guido
diff --git a/src/vncconnection.c b/src/vncconnection.c
index e3835c9..69dd570 100644
--- a/src/vncconnection.c
+++ b/src/vncconnection.c
@@ -3832,7 +3832,7 @@ static gboolean vnc_connection_perform_auth_tls(VncConnection *conn)
if (priv->has_error)
return FALSE;
- vnc_connection_choose_auth(conn, VNC_AUTH_CHOOSE_TYPE, nauth, auth);
+ vnc_connection_choose_auth(conn, VNC_AUTH_CHOOSE_SUBTYPE, nauth, auth);
if (priv->has_error)
return FALSE;
diff --git a/src/vncdisplay.c b/src/vncdisplay.c
index 65b8c3b..1f839cd 100644
--- a/src/vncdisplay.c
+++ b/src/vncdisplay.c
@@ -1104,7 +1104,7 @@ static void on_auth_choose_subtype(VncConnection *conn G_GNUC_UNUSED,
if (!subtypes->n_values)
return;
- if (type == VNC_CONNECTION_AUTH_TLS) {
+ if (type != VNC_CONNECTION_AUTH_TLS) {
for (l = priv->preferable_auths; l; l=l->next) {
int pref = GPOINTER_TO_UINT (l->data);
