From b1db87ea216274aa479cfece5ab8c1bc2f9ed690 Mon Sep 17 00:00:00 2001 From: Pavel Roskin Date: Sat, 17 Dec 2016 02:23:53 +0000 Subject: [PATCH] Use per-display VNC password files, remove old style password if found Every session uses its own VNC password, so keep then in separate files. The old style password file uses the user's password encrypted with a known key. Since we are not replacing it anymore, we should remove it. --- sesman/env.c | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/sesman/env.c b/sesman/env.c index 1a4fa679..d8eb3106 100644 --- a/sesman/env.c +++ b/sesman/env.c @@ -150,7 +150,7 @@ env_set_user(const char *username, char **passwd_file, int display, if (0 == g_cfg->auth_file_path) { /* if no auth_file_path is set, then we go for - $HOME/.vnc/sesman_username_passwd */ + $HOME/.vnc/sesman_username_passwd:DISPLAY */ if (!g_directory_exist(".vnc")) { if (g_mkdir(".vnc") < 0) @@ -161,12 +161,24 @@ env_set_user(const char *username, char **passwd_file, int display, } } - len = g_snprintf(NULL, 0, "%s/.vnc/sesman_%s_passwd", pw_dir, username); + len = g_snprintf(NULL, 0, "%s/.vnc/sesman_%s_passwd:%d", + pw_dir, username, display); *passwd_file = (char *) g_malloc(len + 1, 1); if (*passwd_file != NULL) { - g_sprintf(*passwd_file, "%s/.vnc/sesman_%s_passwd", pw_dir, username); + /* Try legacy name first, remove if found */ + g_sprintf(*passwd_file, "%s/.vnc/sesman_%s_passwd", + pw_dir, username); + if (g_file_exist(*passwd_file)) + { + log_message(LOG_LEVEL_WARNING, "Removing insecure " + "password file %s", *passwd_file); + g_file_delete(*passwd_file); + } + + g_sprintf(*passwd_file, "%s/.vnc/sesman_%s_passwd:%d", + pw_dir, username, display); } } else