1. 02 May, 2011 1 commit
    • David King's avatar
      Avoid out-of-bounds memory accesses · 0c2c9175
      David King authored
      This fixes two critical security vulnerabilities that lead to an
      out-of-bounds memory access with a crafted client framebuffer update
      request packet. The dimensions of the update from the packet are checked
      to ensure that they are within the screen dimensions.
      
      Thanks to Kevin Chen from the Bitblaze group for the reports in bugs
      641802 and 641803. The CVE identifiers for these vulnerabilities are
      CVE-2011-0904 and CVE-2011-0905.
      0c2c9175
  2. 22 Dec, 2008 1 commit
    • Jonh Wendell's avatar
      Resets cursorWasMoved and cursorWasChanged flags, thus eliminating mouse · 503a0d55
      Jonh Wendell authored
      2008-12-22  Jonh Wendell  <jwendell@gnome.org>
      
      	* server/libvncserver/rfbserver.c (rfbSendFramebufferUpdate):
      	Resets cursorWasMoved and cursorWasChanged flags, thus eliminating
      	mouse update changes, when there's no mouse change. Closes #494059.
      	Thanks to Oliver Gerlich for the patch.
      
      
      svn path=/trunk/; revision=1030
      503a0d55
  3. 12 Dec, 2008 1 commit
    • Jorge Pereira's avatar
      Removed the feature localOnly, added correct support for IPv4 mapped IPv6, · 2ce388dc
      Jorge Pereira authored
      2008-11-25  Jorge Pereira  <jorge@jorgepereira.com.br>
      
      	* capplet/vino-preferences.c:
      	(vino_preferences_dialog_update_for_allowed),
      	(vino_preferences_load_network_interfaces),
      	(vino_preferences_dialog_network_interface_update_combox),
      	(vino_preferences_dialog_network_interface_notify),
      	(vino_preferences_dialog_network_interface_changed),
      	(vino_preferences_dialog_setup_network_interface_combox),
      	(vino_preferences_dialog_init):
      	* capplet/vino-preferences.glade:
      	* configure.in:
      	* server/libvncserver/main.c: (rfbGetScreen):
      	* server/libvncserver/rfb/rfb.h:
      	* server/libvncserver/rfbserver.c: (rfbNewClient):
      	* server/libvncserver/sockets.c: (rfbInitListenSock),
      	(rfbSetAutoPort), (rfbSetPort), (rfbProcessNewConnection),
      	(rfbCheckFds), (ListenOnTCPPort), (NewSocketListenTCP),
      	(rfbSetNetworkInterface):
      	* server/vino-prefs.c: (vino_prefs_network_interface_changed),
      	(vino_prefs_create_server), (vino_prefs_init):
      	* server/vino-server.c: (vino_server_new_connection_pending),
      	(vino_server_init_from_screen), (vino_server_finalize),
      	(vino_server_set_property), (vino_server_get_property),
      	(vino_server_class_init), (vino_server_get_network_interface),
      	(vino_server_set_network_interface):
      	* server/vino-server.h:
      	* server/vino-server.schemas.in:
      	Removed the feature localOnly, added correct support for IPv4 mapped 
      	IPv6, and added a new feature to able to set network interface for 
      	accept connection. Closes #403183,#403192,#488354.
      
      
      svn path=/trunk/; revision=1015
      2ce388dc
  4. 13 Nov, 2008 1 commit
    • Jorge Pereira's avatar
      Drop some warning messages. Closes #558135. · 499773d5
      Jorge Pereira authored
      2008-11-13  Jorge Pereira  <jorge@jorgepereira.com.br>
      	* server/libvncserver/auth.c:
      	* server/libvncserver/main.c:
      	* server/libvncserver/rfbserver.c:
      	* server/vino-prefs.c:
      	* server/vino-util.h:
      	* tools/vino-passwd.c:
      	Drop some warning messages.
      	Closes #558135.
      
      
      svn path=/trunk/; revision=1006
      499773d5
  5. 12 Feb, 2008 1 commit
  6. 17 Nov, 2006 1 commit
  7. 20 Oct, 2006 2 commits
    • Mark McLoughlin's avatar
      Use inet_ntop() instead of inet_ntoa() · e7a01da0
      Mark McLoughlin authored
      2006-10-20  Mark McLoughlin  <mark@skynet.ie>
      
      	Use inet_ntop() instead of inet_ntoa()
      
      	* vino/server/libvncserver/rfbserver.c:
      	(rfbSockaddrToHostname): function to use inet_ntop
      	on ipv4, ipv4-mapped ipv6 and ipv6 addresses.
      	(rfbNewClient): use it.
      
      	* vino/server/libvncserver/CHANGES: add note.
      e7a01da0
    • Mark McLoughlin's avatar
      remove a heap of threading stuff which we don't use. · a5b3c74c
      Mark McLoughlin authored
      2006-10-20  Mark McLoughlin  <mark@skynet.ie>
      
      	* vino/server/libvncserver/main.c,
      	vino/server/libvncserver/sockets.c,
      	vino/server/libvncserver/rfbserver.c,
      	vino/server/libvncserver/rfb/rfb.h: remove
      	a heap of threading stuff which we don't
      	use.
      
      	* vino/server/libvncserver/CHANGES: add note.
      a5b3c74c
  8. 18 Oct, 2006 2 commits
  9. 16 Oct, 2006 1 commit
    • Dan Winship's avatar
      define this. · c9740526
      Dan Winship authored
      	* server/libvncserver/rfb/rfbproto.h (rfbProtocolMinorVersion8):
      	define this.
      
      	* server/libvncserver/auth.c (rfbAuthNewClient,
      	rfbAuthProcessSecurityTypeMessage, rfbAuthPasswordChecked):
      	Minor updates to support RFB 3.8.
      
      	* server/libvncserver/rfbserver.c
      	(rfbProcessClientProtocolVersion): allow the client to specify
      	protocol version 3.8 even though we still only advertise 3.7. See
      	bug #356131.
      c9740526
  10. 12 Jul, 2004 1 commit
    • Mark McLoughlin's avatar
      Support building without GNU TLS. · 4b27f567
      Mark McLoughlin authored
      2004-07-12  Mark McLoughlin  <mark@skynet.ie>
      
              Support building without GNU TLS.
      
              * configure.in: only warn if gnutls or libgcrypt isn't
              found.
      
              * server/libvncserver/auth.c,
                server/libvncserver/main.c,
                server/libvncserver/rfb/rfb.h,
                server/libvncserver/rfb/rfbproto.h,
                server/libvncserver/rfbserver.c,
                server/libvncserver/sockets.c,
                server/libvncserver/vncauth.c,
                server/vino-main.c,
                server/vino-server.c,
                server/vino-util.[ch]: add a bunch of #ifdef HAVE_GNUTLS.
      4b27f567
  11. 06 Feb, 2004 1 commit
    • Mark McLoughlin's avatar
      Change the way we use TLS with the RFB protocol after discussions with the · aa594e34
      Mark McLoughlin authored
      2004-02-06  Mark McLoughlin  <mark@skynet.ie>
      
      	Change the way we use TLS with the RFB protocol after discussions
      	with the RFB maintainers:
      
      	  + Only use a single extra security type (rfbTLS == 18) which has
      	    been registered with the RFB maintainers rather than the original
      	    rfbTlsWithNoAuth(3) and rfbTlsWithVncAuth(4).
      	  + Negotiation the authentication type (rfbNoAuth or rfbVncAuth) once
      	    the TLS handshake has completed. The authentication type negotiation
      	    is exactly the same format as the security type negotiation.
      
      	Server changes:
      
      	* server/vino-server.c: (vino_server_update_security_types):
      	Update for security/authentication types split.
      
      	* server/libvncserver/auth.c:
      	(rfbAuthListAuthTypes): impl. listing the authentication types.
      	(rfbAuthProcessSecurityTypeMessage): don't start authenticating
      	when the TLS handshake has completed. Instead, just list the
      	security types and wait for a response.
      	(rfbAuthProcessTLSHandshake): ditto.
      	(rfbAuthProcessAuthTypeMessage): begin authenticating with whatever
      	authentication type the client returns.
      
      	* server/libvncserver/main.c:
      	(rfbAddAuthType), (rfbClearAuthTypes): API for maintaining the
      	authentication types list.
      
      	* server/libvncserver/rfb/rfb.h: add the RFB_AUTH_TYPE client
      	processing state and add the authTypes list to the server
      	structure.
      
      	* server/libvncserver/rfb/rfbproto.h: update with details of
      	new TLS security type protocol.
      
      	Client changes:
      
      	* client/java/rfb/CConnection.java:
      	(CConnection.addAuthType): function for building up a list
      	of supported authentication types.
      	(CConnection.processSecurityMsg): handle new return values
      	from CSecurity::processMsg().
      	(CConnection.processAuthTypesMsg): impl. negotiating authentication
      	type.
      
      	* client/java/rfb/CSecurity.java: (CSecurity): define return values
      	for processMsg() rather than using silly magic numbers.
      
      	* client/java/rfb/CSecurityNone.java: (CSecurityNone.processMsg): upd.
      
      	* client/java/rfb/CSecurityTls.java:
      	(CSecurityTls.CSecurityTls.processMsg): re-work so as to not chain
      	up to the authentication implementation.
      
      	* client/java/rfb/CSecurityVncAuth.java:
      	(CSecurityVncAuth.processMsg): return proper return codes.
      
      	* client/java/rfb/SecTypes.java: remove the TlsWithNone(3) and
      	TlsWithVncAuth(4) and add the TLS(18) security type which has
      	been registered with the protocol maintainers.
      
      	* client/java/vncviewer/CConn.java: update for security types
      	change.
      
      2004-02-06  Mark McLoughlin  <mark@skynet.ie>
      
      	* client/java/vncviewer/AboutDialog.java:
      	(AboutDialog.AboutDialog): fix bug #133529 - compile failure
      	because the about dialog text wasn't defined.
      aa594e34
  12. 05 Feb, 2004 1 commit