Dynamic security handlers #313
Description
Hi there,
I need to change the security handlers dynamically at runtime without restarting the server. This means that I want to enable/disable the VNC password authentication on demand.
I've tried with changing the screen->authPasswdData pointer:
void VncServer::setPassword(const std::string &password) {
free(m_screen->authPasswdData);
if(password.empty()) {
// password is empty --> disable password in VNC server
m_screen->authPasswdData = nullptr;
} else {
// password is not empty --> enable password in VNC server
m_screen->authPasswdData = strndup(password.c_str(), 8);
}
}This does not work since "toggling" the screen->authPasswdData pointer twice sends a list of security types to the server where the client may select any security type and the server will accept it.
That relies in static void rfbSendSecurityTypeList(rfbClientPtr cl, int primaryType) where primaryType represents whether screen->authPasswdData is nullptr or not. This function appends the security type to the list when not existing.
The list static rfbSecurityHandler* securityHandlers = NULL; is static and there is no way to reset the list or unregister any previously set types. So currently I'am unable to control the state whether the VNC password authentication is enabled at runtime properly without restarting the whole server, which is not an option for me.
There are some solutions to the problem:
- Add e.g.
void rfbResetSecurityHandlers()which clears the list of security types - Store the list in the server screen struct to allow full modification by the userland (also:
authPasswdDatais handled independently in each server but the list is static across the whole process? strange...)
Thanks in advance! I'm willing to improve this with pull requests.