diff mbox series

[PULL,11/14] ui/vnc: don't check for SSF after SASL authentication on UNIX sockets

Message ID 20241022152415.1632556-12-berrange@redhat.com (mailing list archive)
State New
Headers show
Series [PULL,01/14] crypto: Remove unused DER string functions | expand

Commit Message

Daniel P. Berrangé Oct. 22, 2024, 3:24 p.m. UTC
Although we avoid requesting an SSF when querying SASL mechanisms for a
UNIX socket client, we still mistakenly checked for availability of an
SSF once the SASL auth process is complete.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 ui/vnc-auth-sasl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff mbox series

Patch

diff --git a/ui/vnc-auth-sasl.c b/ui/vnc-auth-sasl.c
index 43515447fb..25f6b4b776 100644
--- a/ui/vnc-auth-sasl.c
+++ b/ui/vnc-auth-sasl.c
@@ -628,7 +628,7 @@  void start_auth_sasl(VncState *vs)
             goto authabort;
         }
     } else {
-        vs->sasl.wantSSF = 1;
+        vs->sasl.wantSSF = !vnc_socket_is_unix(vs->sioc);
     }
 
     memset (&secprops, 0, sizeof secprops);