diff options
| author | William Pitcock <kaniini@dereferenced.org> | 2013-09-27 16:49:05 +0000 |
|---|---|---|
| committer | William Pitcock <kaniini@dereferenced.org> | 2013-09-27 16:49:05 +0000 |
| commit | 7aafa84cc7d9fec43073cf4bd2bfea83992674af (patch) | |
| tree | 49c0d1b4f9f523fa7ddac6d980e870355c8a3c45 /main/xen/qemu-xen-websocket-plain-hack.patch | |
| parent | 1372cc184451ae1f3837017ca97d9fa3cc45b55b (diff) | |
| download | aports-7aafa84cc7d9fec43073cf4bd2bfea83992674af.tar.bz2 aports-7aafa84cc7d9fec43073cf4bd2bfea83992674af.tar.xz | |
main/xen: more robust websockets vencrypt-bypass hack
Diffstat (limited to 'main/xen/qemu-xen-websocket-plain-hack.patch')
| -rw-r--r-- | main/xen/qemu-xen-websocket-plain-hack.patch | 60 |
1 files changed, 55 insertions, 5 deletions
diff --git a/main/xen/qemu-xen-websocket-plain-hack.patch b/main/xen/qemu-xen-websocket-plain-hack.patch index 11d77708b..acfabe7a9 100644 --- a/main/xen/qemu-xen-websocket-plain-hack.patch +++ b/main/xen/qemu-xen-websocket-plain-hack.patch @@ -1,11 +1,61 @@ ---- xen-4.3.0.orig/tools/qemu-xen/ui/vnc.c -+++ xen-4.3.0/tools/qemu-xen/ui/vnc.c -@@ -3121,7 +3121,7 @@ +--- xen-4.3.0/tools/qemu-xen/ui/vnc-ws.c ++++ xen-4.3.0.mod/tools/qemu-xen/ui/vnc-ws.c +@@ -90,11 +90,6 @@ + vncws_tls_handshake(vs); + } + +-#define NEED_X509_AUTH(vs) \ +- ((vs)->subauth == VNC_AUTH_VENCRYPT_X509NONE || \ +- (vs)->subauth == VNC_AUTH_VENCRYPT_X509VNC || \ +- (vs)->subauth == VNC_AUTH_VENCRYPT_X509PLAIN || \ +- (vs)->subauth == VNC_AUTH_VENCRYPT_X509SASL) + #endif + + void vncws_handshake_read(void *opaque) +@@ -105,7 +100,7 @@ + if (!vs->vd->want_tls) + return vncws_handshake_read_impl(vs); + +- if (vnc_tls_client_setup(vs, NEED_X509_AUTH(vs)) < 0) { ++ if (vnc_tls_client_setup(vs, true) < 0) { + VNC_DEBUG("Failed to setup TLS\n"); + return 0; + } +--- xen-4.3.0/tools/qemu-xen/ui/vnc.c ++++ xen-4.3.0.mod/tools/qemu-xen/ui/vnc.c +@@ -3121,7 +3121,11 @@ */ if (password) { #ifdef CONFIG_VNC_TLS -- if (tls) { -+ if (0) { ++#ifdef CONFIG_VNC_WS ++ if (tls && !vs->websocket) { ++#else + if (tls) { ++#endif vs->auth = VNC_AUTH_VENCRYPT; if (x509) { VNC_DEBUG("Initializing VNC server with x509 password auth\n"); +@@ -3141,7 +3145,11 @@ + #ifdef CONFIG_VNC_SASL + } else if (sasl) { + #ifdef CONFIG_VNC_TLS ++#ifdef CONFIG_VNC_WS ++ if (tls && !vs->websocket) { ++#else + if (tls) { ++#endif + vs->auth = VNC_AUTH_VENCRYPT; + if (x509) { + VNC_DEBUG("Initializing VNC server with x509 SASL auth\n"); +@@ -3161,7 +3169,11 @@ + #endif /* CONFIG_VNC_SASL */ + } else { + #ifdef CONFIG_VNC_TLS ++#ifdef CONFIG_VNC_WS ++ if (tls && !vs->websocket) { ++#else + if (tls) { ++#endif + vs->auth = VNC_AUTH_VENCRYPT; + if (x509) { + VNC_DEBUG("Initializing VNC server with x509 no auth\n"); |