Any update on this issue? On 4/8/20 3:25 PM, DRC wrote: > OK, well, your next step is-- as I suggested-- to add the diagnostic > code to the server so you can see whether it is properly receiving the > OTP. I can't proceed without that information. > > On 4/8/20 3:00 PM, Rafael Guimaraes wrote: >> What kind of /dev/urandom issue do you mean? I have executed "hexdump >> -C -n 800 /dev/urandom" and it seems to be generating fine random >> numbers (at least, visually)... Moreover, when I run vncpasswd, it >> returns me an OTP number... So it seems to be generating OTPs >> correctly. However, when I try to connect to the VNC session, the >> server tells me that no OTP was generated... Very weird... >> >> Em ter., 7 de abr. de 2020 às 15:40, DRC <[email protected] >> <mailto:[email protected]>> escreveu: >> >> The OTP is stored in a root window property (VNC_OTP) on the >> TurboVNC X >> display, but that property is ephemeral. When vncpasswd sets the root >> property, the TurboVNC Server immediately reads the property, >> copies the >> value into an internal variable, and deletes the property. >> >> The best way to verify the OTP value is to modify the TurboVNC >> Server as >> follows: >> >> --------- BEGIN PATCH ---------- >> --- a/unix/Xvnc/programs/Xserver/hw/vnc/init.c >> +++ b/unix/Xvnc/programs/Xserver/hw/vnc/init.c >> @@ -1380,10 +1380,22 @@ void rfbRootPropertyChange(PropertyPtr pProp) >> } >> >> } else if ((pProp->size == MAXPWLEN) || (pProp->size == >> (MAXPWLEN * >> 2))) { >> + char passwdFullControl[MAXPWLEN + 1] = "\0"; >> + char passwdViewOnly[MAXPWLEN + 1] = "\0"; >> + >> free(rfbAuthOTPValue); >> rfbAuthOTPValueLen = pProp->size; >> rfbAuthOTPValue = (char *)rfbAlloc(pProp->size); >> memcpy(rfbAuthOTPValue, pProp->data, pProp->size); >> + >> + memcpy(passwdFullControl, rfbAuthOTPValue, MAXPWLEN); >> + passwdFullControl[MAXPWLEN] = '\0'; >> + rfbLog("Full control one-time password: %s\n", >> passwdFullControl); >> + if (rfbAuthOTPValueLen / MAXPWLEN > 1) { >> + memcpy(passwdViewOnly, rfbAuthOTPValue + MAXPWLEN, MAXPWLEN); >> + passwdViewOnly[MAXPWLEN] = '\0'; >> + rfbLog("View-only one-time password: %s\n", passwdViewOnly); >> + } >> } >> >> memset(pProp->data, 0, pProp->size); >> --------- END PATCH ---------- >> >> >> If I were a betting man, I would bet that the failing machine has an >> issue with /dev/urandom. >> >> DRC >> >> On 4/7/20 9:10 AM, Rafael Guimaraes wrote: >> > Hi Folks, >> > >> > I am having some problem on using TurboVNC with OTP in one specific >> > computer. I have always used OTP and it has never let me down. >> However, >> > in this specific computer, I ask VNC server to generate an OTP >> (through >> > vncpasswd), it provides me a number but, when I try using it to >> access >> > the session, VNC server tells me that no OTP was set. >> > Any suggestions? Where do VNC server stores OTP? Could this be a >> simple >> > permission issue? >> > >> > Cheers, >> > >> > Rafael Guimarães
-- You received this message because you are subscribed to the Google Groups "TurboVNC User Discussion/Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/turbovnc-users/673885f0-406e-6706-c182-afc4abd4544d%40virtualgl.org.
