necouchman commented on a change in pull request #232: GUACAMOLE-514: Implement
additional VNC authentication support
URL: https://github.com/apache/guacamole-server/pull/232#discussion_r310359667
##########
File path: src/protocols/vnc/auth.c
##########
@@ -31,3 +31,25 @@ char* guac_vnc_get_password(rfbClient* client) {
return ((guac_vnc_client*) gc->data)->settings->password;
}
+rfbCredential* guac_vnc_get_credentials(rfbClient* client, int credentialType)
{
+ guac_client* gc = rfbClientGetClientData(client, GUAC_VNC_CLIENT_KEY);
+ rfbCredential *creds = malloc(sizeof(rfbCredential));
+
+ if (credentialType == rfbCredentialTypeUser) {
+ creds->userCredential.username = ((guac_vnc_client*)
gc->data)->settings->username;
+ creds->userCredential.password = ((guac_vnc_client*)
gc->data)->settings->password;
+ return creds;
+ }
+
+ else if (credentialType == rfbCredentialTypeX509) {
+ creds->x509Credential.x509ClientCertFile = ((guac_vnc_client*)
gc->data)->settings->client_cert;
Review comment:
Well, after digging into the source code, it does indeed look like
libvncclient expects this to be the path to the file, not the contents of the
file. Which stinks.
https://github.com/LibVNC/libvncserver/blob/f997b5a75fa171d79c5e568b7157fba83c8d8355/libvncclient/tls_gnutls.c#L416-L425
Which calls `gnutls_certificate_set_x509_key_file()`, which takes file
locations as an argument.
Aside from writing out a temporary file, are there any creative ways to
point a function like `gnutls_certificate_set_x509_key_file()` to read a
location in memory rather than a filesystem location?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
