AuthHosts syntax

Barry Zubel barry@zubel.co.uk
Tue Jul 8 11:43:02 2003


This used to be possible, but was fixed (it was undesired behaviour!)

If can be changed if you're willing to recompile the vncserver module
yourself. Simply go into vncserver.cpp and find the following section:

MatchStringToTemplate(const char *addr, UINT addrlen,
				      const char *filtstr, UINT filtlen)
{
	if (filtlen == 0)
		return 1;
	if (addrlen < filtlen)
		return 0;
	for (int x = 0; x < filtlen; x++) {
		if (addr[x] != filtstr[x])
			return 0;
	}
	if ((addrlen > filtlen) && (addr[filtlen] != '.'))    <==REMOVE
		return 0;
<==THESE
	return 1;
}

Remove the two marked lines and it should allow you to put in an
AuthHosts line of 10.0.60.11 to match .110-.119. Please be aware that it
will also match 10.0.60.11 !!

I have not tested this, only glanced quickly at the code so YMMV.

Barry Zubel
Able Packaging Designs Ltd

************************************************************************
***
This email may contain confidential information and/or copyright
material. This email is intended for the use of the addressee only. Any
unauthorised use may be unlawful. If you receive this email by mistake,
please advise the sender immediately by using the reply facility in your
email software. Thank you for your cooperation.

Please note that any opinions expressed in this e-mail are those of the
author personally and are not necessarily those of the Company or any of
its subsidiary companies, none of whom accept responsibility for the
contents of the message. This footnote also confirms that this email
message has been swept for the presence of computer viruses.
************************************************************************
***
 

-----Original Message-----
From: vnc-list-admin@realvnc.com [mailto:vnc-list-admin@realvnc.com] On
Behalf Of Kaciuba, Michael - AUS PER
Sent: 08 July 2003 09:42
To: 'vnc-list@realvnc.com'
Subject: AuthHosts syntax


Im working in a network environment where we are using winvnc on our
pc's and servers. Currently we are using the
HKLM\Software\ORL\WinVNC3\AuthHosts
key to define who can use vnc on the network. Until now we have had no
issues. Basically our string looks something like this
"-:+10.0.60.141:?10.0.31.169:?10.0.20.240:?10.0.20.184:" By default all
computers can not use vnc, there is one ip (10.0.60.141) which can force
accept, and we have listed a whole bunch of computers that can query our
network computers for control. Heres the problem. Our string is reaching
its max char length of 255. Were at 247 at the moment. To combat this
weve moved all our vnc users to ip's between 10.0.60.110 and
10.0.60.119. What were want to do is take out all the individual ip's
and just have a range between 10.0.60.110 and 10.0.60.119 in the key.

We know that entering a value of ?10.0.60 will mean that all ip's upder
10.0.60.x will be able to query but what i need to know is, will
entering a value of 10.0.60.11 work for only that ip address or will it
work for 10.0.60.11x (eg. 10.0.60.111, 10.0.60.112, 10.0.60.113, ...)
And if not, is there a way to enter a range of ip addresses instead of
listing each individual ip.

Kinda hard to explain, any help appreciated. Thanks Guys.

Michael Kaciuba
Network Administrator

Jardine Lloyd Thompson
Phone:	(08) 9426 0939
Mobile:     0421 612 603
E-mail:	kacim@jlta.com.au
_______________________________________________
VNC-List mailing list
VNC-List@realvnc.com
To remove yourself from the list visit:
http://www.realvnc.com/mailman/listinfo/vnc-list