Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue using connection SSL Vencrypt with ANONTLS and rfbVeNCryptX509Plain #237

Open
mdrodrigo opened this issue Oct 17, 2023 · 1 comment
Open

Issue using connection SSL Vencrypt with ANONTLS and rfbVeNCryptX509Plain #237

mdrodrigo opened this issue Oct 17, 2023 · 1 comment
Labels
bug

Comments

@mdrodrigo
Copy link

Hello everyone,

I'm encountering an issue when attempting to connect to Weston VNC using the x11vnc reflect method.

How to Reproduce:

I have a system running Wayland+Weston and I'm utilizing VNC with neatvnc 0.6.0. The command line to start the VNC is as follows:

weston --backend vnc --shell=fullscreen-shell.so --vnc-tls-cert /home/root/tls.crt --vnc-tls-key /home/root/tls.key

The TLS keys are generated using the following commands:

openssl genrsa -out tls.key 2048
openssl req -new -key tls.key -out tls.csr
openssl x509 -req -days 365 -signkey tls.key -in tls.csr -out tls.crt
weston --backend vnc --width 1024 --height 768 --vnc-tls-cert tls.crt --vnc-tls-key tls.key

I attempt to connect using x11vnc in reflect mode using the following command line:

x11vnc -reflect 10.5.4.3:5900

However, during the x11vnc handshake with the server, a warning is logged:

x11vnc version: 0.9.16 lastmod: 2019-01-05  pid: 182922
Not opening DISPLAY in -rawfb mode (force via -rawfb +str)
Continuing without X display in -rawfb mode.
rfbGetClient(bitsPerSample=8, samplesPerPixel=3, bytesPerPixel=4)
rawfb: vnc:10.5.4.3:5900
VNC server supports protocol version 3.8 (viewer 3.8)
We have 1 security types to read
0) Received security type 19
Selecting security type 19 (0/1 in the list)
Selected Security Scheme 19
GnuTLS version 3.7.1 initialized.
Got VeNCrypt version 0.2 from server.
We have 1 security types to read
0) Received security type 262
Selecting security type 262 (0/1 in the list)
GetCredential callback is not set. <-------- HERE!
vnc_reflector failed for: vnc:10.5.4.3:5900

Upon investigating the code, I noticed the message GetCredential callback is not set.

In the code at include/rfb/rfbclient.h, the following commentary is present:

/** To support security types that require user input (except VNC password
 * authentication), for example VeNCrypt and MSLogon, this callback function
 * must be set before the authentication. Otherwise, it implies that the
 * caller application does not support it and related security types should
 * be bypassed.
 */
GetCredentialProc GetCredential;

My question is: when using the x509 certification type, do I need to write a specific function to handle this particular protocol?

Regards
@mdrodrigo mdrodrigo added the bug label Oct 17, 2023
@bk138
Copy link
Member

bk138 commented Oct 18, 2023

Hi Rodrigo,
It could well be that x11vnc did not properly track libvncserver/client development and that the needed call is missing there. I suggest moving the issue over to x11vnc. However, you would need to fix x11vnc yourself as it's currently unmaintained.

@bk138 bk138 transferred this issue from LibVNC/libvncserver Oct 18, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bk138 @mdrodrigo