|
|
@@ -43,6 +43,7 @@
|
|
|
#include "crypto/hash.h"
|
|
|
#include "crypto/tlscredsanon.h"
|
|
|
#include "crypto/tlscredsx509.h"
|
|
|
+#include "crypto/random.h"
|
|
|
#include "qom/object_interfaces.h"
|
|
|
#include "qemu/cutils.h"
|
|
|
#include "io/dns-resolver.h"
|
|
|
@@ -2547,16 +2548,6 @@ static void authentication_failed(VncState *vs)
|
|
|
vnc_client_error(vs);
|
|
|
}
|
|
|
|
|
|
-static void make_challenge(VncState *vs)
|
|
|
-{
|
|
|
- int i;
|
|
|
-
|
|
|
- srand(time(NULL)+getpid()+getpid()*987654+rand());
|
|
|
-
|
|
|
- for (i = 0 ; i < sizeof(vs->challenge) ; i++)
|
|
|
- vs->challenge[i] = (int) (256.0*rand()/(RAND_MAX+1.0));
|
|
|
-}
|
|
|
-
|
|
|
static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len)
|
|
|
{
|
|
|
unsigned char response[VNC_AUTH_CHALLENGE_SIZE];
|
|
|
@@ -2628,7 +2619,16 @@ reject:
|
|
|
|
|
|
void start_auth_vnc(VncState *vs)
|
|
|
{
|
|
|
- make_challenge(vs);
|
|
|
+ Error *err = NULL;
|
|
|
+
|
|
|
+ if (qcrypto_random_bytes(vs->challenge, sizeof(vs->challenge), &err)) {
|
|
|
+ trace_vnc_auth_fail(vs, vs->auth, "cannot get random bytes",
|
|
|
+ error_get_pretty(err));
|
|
|
+ error_free(err);
|
|
|
+ authentication_failed(vs);
|
|
|
+ return;
|
|
|
+ }
|
|
|
+
|
|
|
/* Send client a 'random' challenge */
|
|
|
vnc_write(vs, vs->challenge, sizeof(vs->challenge));
|
|
|
vnc_flush(vs);
|
Richard Henderson