From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-wr1-f42.google.com ([209.85.221.42]) by ewsd; Wed Sep 23 02:41:18 EDT 2020
Received: by mail-wr1-f42.google.com with SMTP id k15so19644039wrn.10
        for <9front@9front.org>; Tue, 22 Sep 2020 23:41:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:references:message-id:date:user-agent
         :mime-version:in-reply-to;
        bh=GXoNTyhGgAQVzH+98Xn7b2LNQ9kl2b2yDUIGgV0EzTo=;
        b=IO02GlAfP49sRCt177l53C2bSZ1nz5rvHwh5tPkO0Y1bzyG/SP8NIc0eBB4IDo0bVY
         Pbmnq/HfwG/nCXdtPpKCfMa9E/qAExvLiTuBJtxhYr+eY9VctRry1+9KOc/1pOFk8iWd
         RQxaS3f7WZzh0PgwjE8HHx6cCWPBGpl7oZWzFzFGsVRyKiETzZ6DpfPKAZryzv75iNpz
         dLMkZtW+o3D5ux0SpJ9C8BlUiiKmI2nAP68pMXlx/LChfYvCrKusCPjdVc47qE0D5BWr
         WtiI7Gjj2zo7byQS+tMLpr3LMePrBfY362zprl2Y/hiZwjYHrrt7TZEp2lRu6jecMQ8z
         0/7Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:references:message-id:date
         :user-agent:mime-version:in-reply-to;
        bh=GXoNTyhGgAQVzH+98Xn7b2LNQ9kl2b2yDUIGgV0EzTo=;
        b=umeBrLq4+CAJMkCH8blrypeicZImgO6LfGOn4Qoa1h03TGi6BjjUEkgQ9/u4+l/Y/e
         kfHoBvLiGk7bSmVgqEAhSLDuC7frF2DXZ86ZPIgKpmJrfJWH1+gk2BZCh8o1VTupIARV
         EoG8ydwzDbcef5ZZ+QCBgpz+2hhOCvje97jtEzRlp9e4wms8Lqr6Bi5PtAc3sOb7nFtz
         x2+QFMoiqN8yLYJgesXK4FCXSkqnT0Fcv6VNSAqk7MTAc5FQNgGezvpm+1Fikw+F/xMH
         8OEwoILc/QaZED/6lu565SWsXn2YyC52O5q0XCeGpfpcJTnddR5vWojK29MmrQG6dSUb
         8RHg==
X-Gm-Message-State: AOAM531hhSkbjA+8jKdU+USvbRJOqWJuxHlDI0iy7SrOtTrbhb3KXnId
	XyY/0igPpsPeOjMz3+uwCicjHtkh6Oo+2A==
X-Google-Smtp-Source: ABdhPJyCMLNJgWs7Pw3dZTnEaHt6qIZZRtg+vE/y/OvtJdB8Qas4I1Fyo3HLUI1d8FaiCRYR8+t9OQ==
X-Received: by 2002:adf:ffc2:: with SMTP id x2mr2530935wrs.48.1600843272120;
        Tue, 22 Sep 2020 23:41:12 -0700 (PDT)
Return-Path: <iru.muzgo@gmail.com>
Received: from localhost.localdomain (250.12.13.109.rev.sfr.net. [109.13.12.250])
        by smtp.gmail.com with ESMTPSA id e13sm33297662wre.60.2020.09.22.23.41.10
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Tue, 22 Sep 2020 23:41:11 -0700 (PDT)
From: =?UTF-8?Q?Iruat=c3=a3_Souza?= <iru.muzgo@gmail.com>
To: ori@eigenstate.org
Cc: 9front@9front.org
Subject: Re: [9front] vncv(1): support for RFB 3.8
References: <CABJnqBT0Q8cweG-H_A7jzcH_yVk0ubg_gycSzzEA9oBvSBmXww@mail.gmail.com>
 <9F73D22234268D0F042E4DADDE672823@eigenstate.org>
Message-ID: <8917ba98-ba07-096f-eaed-3fa98f4c001c@gmail.com>
Date: Wed, 23 Sep 2020 08:41:10 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101
 Thunderbird/60.8.0
MIME-Version: 1.0
In-Reply-To: <9F73D22234268D0F042E4DADDE672823@eigenstate.org>
Content-Type: multipart/mixed;
 boundary="------------D5224ADF0BF33823A0E624D3"
List-ID: <9front.9front.org>
List-Help: <http://lists.9front.org>
X-Glyph: ➈
X-Bullshit: overflow-preventing open-source standard wrapper metadata-scale cloud 

This is a multi-part message in MIME format.
--------------D5224ADF0BF33823A0E624D3
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit


On 23/09/2020 01:25, ori@eigenstate.org wrote:
> > Hi,
> >
> > The following patch adds support for RFB 3.8 in vncv(1).
> > It has been tested by connecting to a screen shared by gnome3 on
> > linux. Please let me know if it introduces any regressions.
>
> Can you re-generate the patch and either add it as an attachment
> or send it through something other than gmail's web interface?
>
> gmail mangles patches, wrappigng them and replacing tabs with
> spaces.
>
here it goes


--------------D5224ADF0BF33823A0E624D3
Content-Type: text/x-patch;
 name="9front-vncv38.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
 filename="9front-vncv38.diff"

diff -r 19baa5600a90 sys/man/1/vnc
--- a/sys/man/1/vnc	Mon Apr 06 01:31:35 2020 +0200
+++ b/sys/man/1/vnc	Mon Jun 22 19:25:55 2020 +0200
@@ -204,6 +204,3 @@
 .I Vncv
 does no verification of the TLS certificate presented
 by the server.
-.PP
-.I Vncv
-supports only version 3.3 of the RFB protocol.
diff -r 19baa5600a90 sys/src/cmd/vnc/auth.c
--- a/sys/src/cmd/vnc/auth.c	Mon Apr 06 01:31:35 2020 +0200
+++ b/sys/src/cmd/vnc/auth.c	Mon Jun 22 19:25:55 2020 +0200
@@ -9,14 +9,16 @@
 	VerLen	= 12
 };
 
-static char version[VerLen+1] = "RFB 003.003\n";
+static char version33[VerLen+1] = "RFB 003.003\n";
+static char version38[VerLen+1] = "RFB 003.008\n";
+static int srvversion;
 
 int
 vncsrvhandshake(Vnc *v)
 {
 	char msg[VerLen+1];
 
-	strecpy(msg, msg+sizeof msg, version);
+	strecpy(msg, msg+sizeof msg, version33);
 	if(verbose)
 		fprint(2, "server version: %s\n", msg);
 	vncwrbytes(v, msg, VerLen);
@@ -35,18 +37,51 @@
 
 	msg[VerLen] = 0;
 	vncrdbytes(v, msg, VerLen);
-	if(strncmp(msg, "RFB ", 4) != 0){
+	if(strncmp(msg, "RFB 003.", 8) != 0) {
 		werrstr("bad rfb version \"%s\"", msg);
 		return -1;
 	}
+	if(strncmp(msg, "RFB 003.008\n", VerLen) == 0)
+		srvversion = 38;
+	else
+		srvversion = 33;
+
 	if(verbose)
 		fprint(2, "server version: %s\n", msg);
-	strcpy(msg, version);
+	strcpy(msg, version38);
 	vncwrbytes(v, msg, VerLen);
 	vncflush(v);
 	return 0;
 }
 
+ulong
+sectype38(Vnc *v)
+{
+	ulong auth, type;
+	int i, ntypes;
+
+	ntypes = vncrdchar(v);
+	if (ntypes == 0) {
+		werrstr("no security types from server");
+		return AFailed;
+	}
+
+	/* choose the "most secure" security type */
+	auth = AFailed;
+	for (i = 0; i < ntypes; i++) {
+		type = vncrdchar(v);
+		if(verbose){
+			fprint(2, "auth type %s\n",
+				type == AFailed ? "Invalid" :
+				type == ANoAuth ? "None" :
+				type == AVncAuth ? "VNC" : "Unknown");
+		}
+		if(type > auth)
+			auth = type;
+	}
+	return auth;
+}
+
 int
 vncauth(Vnc *v, char *keypattern)
 {
@@ -56,7 +91,9 @@
 
 	if(keypattern == nil)
 		keypattern = "";
-	auth = vncrdlong(v);
+
+	auth = srvversion == 38 ? sectype38(v) : vncrdlong(v);
+
 	switch(auth){
 	default:
 		werrstr("unknown auth type 0x%lux", auth);
@@ -65,6 +102,7 @@
 		return -1;
 
 	case AFailed:
+	failed:
 		reason = vncrdstring(v);
 		werrstr("%s", reason);
 		if(verbose)
@@ -72,11 +110,20 @@
 		return -1;
 
 	case ANoAuth:
+		if(srvversion == 38){
+			vncwrchar(v, auth);
+			vncflush(v);
+		}
 		if(verbose)
 			fprint(2, "no auth needed\n");
 		break;
 
 	case AVncAuth:
+		if(srvversion == 38){
+			vncwrchar(v, auth);
+			vncflush(v);
+		}
+
 		vncrdbytes(v, chal, VncChalLen);
 		if(auth_respond(chal, VncChalLen, nil, 0, chal, VncChalLen, auth_getkey,
 			"proto=vnc role=client server=%s %s", serveraddr, keypattern) != VncChalLen){
@@ -84,13 +131,20 @@
 		}
 		vncwrbytes(v, chal, VncChalLen);
 		vncflush(v);
+		break;
+	}
 
-		auth = vncrdlong(v);
+	/* in version 3.8 the auth status is always sent, in 3.3 only in AVncAuth */
+	if(srvversion == 38 || auth == AVncAuth){
+		auth = vncrdlong(v); /* auth status */
 		switch(auth){
 		default:
 			werrstr("unknown server response 0x%lux", auth);
 			return -1;
 		case VncAuthFailed:
+			if (srvversion == 38)
+				goto failed;
+
 			werrstr("server says authentication failed");
 			return -1;
 		case VncAuthTooMany:
@@ -99,7 +153,6 @@
 		case VncAuthOK:
 			break;
 		}
-		break;
 	}
 	return 0;
 }

--------------D5224ADF0BF33823A0E624D3--