Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

rfbEncryptAndStorePasswd: fail if encryption fails #611

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

rfbEncryptAndStorePasswd: fail if encryption fails #611

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion include/rfb/rfbproto.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1557,7 +1557,7 @@ typedef union {
extern int rfbEncryptAndStorePasswd(char *passwd, char *fname);
extern char *rfbDecryptPasswdFromFile(char *fname);
extern void rfbRandomBytes(unsigned char *bytes);
extern void rfbEncryptBytes(unsigned char *bytes, char *passwd);
extern int rfbEncryptBytes(unsigned char *bytes, char *passwd);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

API change but I think it's OK ABI-wise. https://stackoverflow.com/questions/15626579/c-abi-is-changing-a-void-function-to-return-an-int-a-breaking-change also indicates so.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's the semantics of the return value? If it's boolean why not use the rfbBool type?



#endif
23 changes: 17 additions & 6 deletions src/common/vncauth.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,7 +102,10 @@ rfbEncryptAndStorePasswd(char *passwd, char *fname)

/* Do encryption in-place - this way we overwrite our copy of the plaintext
password */
encrypt_rfbdes(encryptedPasswd, &out_len, fixedkey, encryptedPasswd, sizeof(encryptedPasswd));
if (encrypt_rfbdes(encryptedPasswd, &out_len, fixedkey, encryptedPasswd, sizeof(encryptedPasswd)) == 0) {
chhitz marked this conversation as resolved.
Show resolved Hide resolved
fclose(fp);
return 1;
}

for (i = 0; i < 8; i++) {
putc(encryptedPasswd[i], fp);
Expand Down Expand Up @@ -180,7 +183,7 @@ rfbRandomBytes(unsigned char *bytes)
* Encrypt CHALLENGESIZE bytes in memory using a password.
*/

void
int
rfbEncryptBytes(unsigned char *bytes, char *passwd)
{
unsigned char key[8];
Expand All @@ -197,19 +200,27 @@ rfbEncryptBytes(unsigned char *bytes, char *passwd)
}
}

encrypt_rfbdes(bytes, &out_len, key, bytes, CHALLENGESIZE);
if (encrypt_rfbdes(bytes, &out_len, key, bytes, CHALLENGESIZE) == 0) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe just return the return value of encrypt_rfbdes() or use a ternary op?

return 1;
}
return 0;
}

void
int
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Comment here about return value semantics would be good!

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also, maybe rfbBool?

rfbEncryptBytes2(unsigned char *where, const int length, unsigned char *key) {
int i, j, out_len;
for (i = 0; i< 8; i++)
where[i] ^= key[i];
encrypt_rfbdes(where, &out_len, key, where, 8);
if (encrypt_rfbdes(where, &out_len, key, where, 8) == 0) {
return 1;
}
for (i = 8; i < length; i += 8) {
for (j = 0; j < 8; j++) {
where[i + j] ^= where[i + j - 8];
}
encrypt_rfbdes(where + i, &out_len, key, where + i, 8);
if (encrypt_rfbdes(where + i, &out_len, key, where + i, 8) == 0) {
return 1;
}
}
return 0;
}
29 changes: 22 additions & 7 deletions src/libvncclient/rfbclient.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -404,8 +404,8 @@ rfbBool ConnectToRFBRepeater(rfbClient* client,const char *repeaterHost, int rep
return TRUE;
}

extern void rfbClientEncryptBytes(unsigned char* bytes, char* passwd);
extern void rfbClientEncryptBytes2(unsigned char *where, const int length, unsigned char *key);
extern int rfbClientEncryptBytes(unsigned char* bytes, char* passwd);
extern int rfbClientEncryptBytes2(unsigned char *where, const int length, unsigned char *key);

static void
ReadReason(rfbClient* client)
Expand Down Expand Up @@ -585,7 +585,10 @@ HandleVncAuth(rfbClient *client)
passwd[8] = '\0';
}

rfbClientEncryptBytes(challenge, passwd);
if (rfbClientEncryptBytes(challenge, passwd) != 0) {
rfbClientLog("Encryption failed\n");
return FALSE;
}

/* Lose the password from memory */
for (i = strlen(passwd); i >= 0; i--) {
Expand Down Expand Up @@ -733,8 +736,14 @@ HandleUltraMSLogonIIAuth(rfbClient *client)
strncpy((char *)password, cred->userCredential.password, sizeof(password)-1);
FreeUserCredential(cred);

rfbClientEncryptBytes2(username, sizeof(username), (unsigned char *)key);
rfbClientEncryptBytes2(password, sizeof(password), (unsigned char *)key);
if (rfbClientEncryptBytes2(username, sizeof(username), (unsigned char *)key) != 0) {
rfbClientLog("Encrypting username failed\n");
return FALSE;
}
if (rfbClientEncryptBytes2(password, sizeof(password), (unsigned char *)key) != 0) {
rfbClientLog("Encrypting password failed\n");
return FALSE;
}

if (!WriteToRFBServer(client, (char *)pub, sizeof(pub))) return FALSE;
if (!WriteToRFBServer(client, (char *)username, sizeof(username))) return FALSE;
Expand Down Expand Up @@ -789,8 +798,14 @@ HandleMSLogonAuth(rfbClient *client)
pub = rfbClientSwap64IfLE(pub);
key = rfbClientSwap64IfLE(key);

rfbClientEncryptBytes2(username, sizeof(username), (unsigned char *)&key);
rfbClientEncryptBytes2(password, sizeof(password), (unsigned char *)&key);
if (rfbClientEncryptBytes2(username, sizeof(username), (unsigned char *)key) != 0) {
rfbClientLog("Encrypting username failed\n");
return FALSE;
}
if (rfbClientEncryptBytes2(password, sizeof(password), (unsigned char *)key) != 0) {
rfbClientLog("Encrypting password failed\n");
return FALSE;
}

if (!WriteToRFBServer(client, (char *)&pub, 8)) return FALSE;
if (!WriteToRFBServer(client, (char *)username, sizeof(username))) return FALSE;
Expand Down
11 changes: 9 additions & 2 deletions src/libvncserver/main.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -792,7 +792,11 @@ static rfbBool rfbDefaultPasswordCheck(rfbClientPtr cl,const char* response,int
return(FALSE);
}

rfbEncryptBytes(cl->authChallenge, passwd);
if (rfbEncryptBytes(cl->authChallenge, passwd) != 0) {
rfbErr("Encryption failed\n");
free(passwd);
return(FALSE);
}

/* Lose the password from memory */
for (i = strlen(passwd); i >= 0; i--) {
Expand Down Expand Up @@ -820,7 +824,10 @@ rfbBool rfbCheckPasswordByList(rfbClientPtr cl,const char* response,int len)
for(passwds=(char**)cl->screen->authPasswdData;*passwds;passwds++,i++) {
uint8_t auth_tmp[CHALLENGESIZE];
memcpy((char *)auth_tmp, (char *)cl->authChallenge, CHALLENGESIZE);
rfbEncryptBytes(auth_tmp, *passwds);
if (rfbEncryptBytes(auth_tmp, *passwds) != 0) {
rfbErr("Encryption failed\n");
return(FALSE);
}

if (memcmp(auth_tmp, response, len) == 0) {
if(i>=cl->screen->authPasswdFirstViewOnly)
Expand Down
Loading