On Tue, Jun 23, 2015 at 10:26:50AM +0800, Gonglei wrote: > On 2015/6/19 1:02, Daniel P. Berrange wrote: > > if (!vs->vd->password) { > > VNC_DEBUG("No password configured on server"); > > @@ -2534,9 +2536,29 @@ static int protocol_client_auth_vnc(VncState *vs, > > uint8_t *data, size_t len) > > pwlen = strlen(vs->vd->password); > > for (i=0; i<sizeof(key); i++) > > key[i] = i<pwlen ? vs->vd->password[i] : 0; > > - deskey(key, EN0); > > - for (j = 0; j < VNC_AUTH_CHALLENGE_SIZE; j += 8) > > - des(response+j, response+j); > > + > > + cipher = qcrypto_cipher_new( > > + QCRYPTO_CIPHER_ALG_DES_RFB, > > + QCRYPTO_CIPHER_MODE_ECB, > > + key, G_N_ELEMENTS(key), > > + &err); > > + if (!cipher) { > > + VNC_DEBUG("Cannot initialize cipher %s", > > + error_get_pretty(err)); > > + error_free(err); > > + goto reject; > > + } > > + > > + if (qcrypto_cipher_decrypt(cipher, > > + vs->challenge, > > + response, > > + VNC_AUTH_CHALLENGE_SIZE, > > + &err) < 0) { > > + VNC_DEBUG("Cannot encrypt challenge %s", > > + error_get_pretty(err)); > > + error_free(err); > > + goto reject; > > + } > > Do we need change above VNC_DEBUGs to error_report() or something like that?
In general, yes, the VNC code doesn't really handle error reporting very well today. > Anyway, it doesn't influence my R-b: > Reviewed-by: Gonglei <arei.gong...@huawei.com> Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|