On Thu, Sep 06, 2012 at 08:30:08AM -0500, DRC wrote: > On 9/5/12 11:24 PM, Brian Hinz wrote: > > Is there any good reason why the "rh692048" patch [1] that RedHat, > > Debain, etc. are applying hasn't been merged into the trunk? I see > > Martin's point regarding the order of the security types in this thread: > > > > http://www.mail-archive.com/tigervnc-devel@lists.sourceforge.net/msg00746.html > > > > But as far as I can tell, the order is still honored with the patch > > applied. The only quirk that I've seen is that after the patch is > > applied the SecurityTypes argument supplied to the server must have > > "VeNCrypt" preceding the VeNCrypt sub-types, otherwise the client will > > not be presented with the VeNCrypt subtypes (ie: '-SecurityTypes TLSvnc, > > VncAuth' works like '-SecurityTypes VncAuth', but '-SecurityTypes > > VeNCrypt,TLSVnc,VncAuth' works like '-SecurityTypes TLSVnc,VncAuth') > > > > In either case, it seems a bit silly to me not to adopt the patch given > > that basically every major distro has already done so. By not doing so, > > we're potentially creating multiple releases of the same "version" that > > are incompatible with each other. I vote to commit it. > > I guess I'm confused, because I thought we specifically patched TigerVNC > to prevent having to specify "VeNCrypt" as a security type, and I > remember Martin being the one who suggested that. If the Red Hat > version of TigerVNC now requires specifying "VeNCrypt", then that is a > regression relative to the project version of TigerVNC. "VeNCrypt" > should be automatically added to the security types whenever a VeNCrypt > security type is part of the list.
There are two possible views on this issue. From upstream point of view it's incompatible change in distribution. From distribution point of view, our users can just start "vncserver" and connect to it via vinagre, which is impossible with current upstream. In my opinion the best will be to automatically add VeNCrypt only when user explicitly selects some VeNCrypt subtype (TLS*/X509*). If no VeNCrypt subtype is selected, then default should be VncAuth, not VeNCrypt,VncAuth, which is default now. I will attach a patch. Regards, Adam -- Adam Tkac, Red Hat, Inc. ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Tigervnc-devel mailing list Tigervnc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tigervnc-devel
