VNC Authentication Problem
James [Wez] Weatherall
jnw "at" orl.co.uk
Wed, 24 Jun 1998 14:35:21 +0000
On Wed, 24 Jun 1998, Dave DeBarr wrote:
> There appears to be a _possible_ problem with the UNIX source code:
>
> The vncDecryptPasswdFromFile() function (libvncauth/vncauth.c) does not
> appear to _properly_ release the file descriptor for the password file.
> Currently, it will only release the file descriptor if the password file
> is less than eight bytes in size. This function probably needs an
> "fclose(fp);" statement somewhere near its return statement.
>
> Symptom: VNC server eventually stops authenticating clients.
In practice, this means that only about 64 connects and disconnects
(typically) can be made to an Xvnc. It's a bug we found last week, which
hadn't shown up till now because you actually need to run a desktop for
quite a while before you've made that many connections.
I think we may be making an 'official' patch for this available soon, or a
new Unix distribution revision.
Thanks,
James "Wez" Weatherall
--
Olivetti & Oracle Research Laboratory, Cambridge, UK.
Tel : Work - 343000