VNC Authentication Problem
Quentin Stafford-Fraser
quentin "at" orl.co.uk
Wed, 24 Jun 1998 17:36:43 +0000
As Wez says, this will be fixed in the next revision. And yes, Dave is
right, the answer is to include a
fclose(fp);
just after the for loop (approx line 107) in vncauth.c.
If you see messages something like
"could not get password from /home/qsf/.vnc/passwd"
in the log file, this is the fix.
Another reason we hadn't seen this earlier is that most of our connections
in the internal version are initiated by the CORBA back-end and don't use
the password file.
Quentin
----
Dr Quentin Stafford-Fraser
The Olivetti & Oracle Research Lab
http://www.orl.co.uk/~qsf
> -----Original Message-----
> From: owner-vnc-list "at" orl.co.uk [mailto:owner-vnc-list "at" orl.co.uk]On
> Behalf Of James [Wez] Weatherall
> Sent: 24 June 1998 14:30
> To: Dave DeBarr
> Cc: vnc-list "at" orl.co.uk; vncd "at" vector2.mitre.org
> Subject: Re: VNC Authentication Problem
>
>
> On Wed, 24 Jun 1998, Dave DeBarr wrote:
>
> > There appears to be a _possible_ problem with the UNIX source code:
> >
> > The vncDecryptPasswdFromFile() function (libvncauth/vncauth.c) does not
> > appear to _properly_ release the file descriptor for the password file.
> > Currently, it will only release the file descriptor if the password file
> > is less than eight bytes in size. This function probably needs an
> > "fclose(fp);" statement somewhere near its return statement.
> >
> > Symptom: VNC server eventually stops authenticating clients.
>
> In practice, this means that only about 64 connects and disconnects
> (typically) can be made to an Xvnc. It's a bug we found last week, which
> hadn't shown up till now because you actually need to run a desktop for
> quite a while before you've made that many connections.
>
> I think we may be making an 'official' patch for this available soon, or a
> new Unix distribution revision.
>
> Thanks,
>
> James "Wez" Weatherall
> --
> Olivetti & Oracle Research Laboratory, Cambridge, UK.
> Tel : Work - 343000
>