GUACAMOLE-1133: initialize GCrypt in VNC protocol prior to client start-up.

This commit is contained in:
Nick Couchman 2020-12-28 17:01:34 -05:00
parent 68c5dd1730
commit 46bed49a43
2 changed files with 46 additions and 5 deletions

View File

@ -140,11 +140,21 @@ static void guac_common_ssh_openssl_free_locks(int count) {
int guac_common_ssh_init(guac_client* client) { int guac_common_ssh_init(guac_client* client) {
#ifdef LIBSSH2_USES_GCRYPT #ifdef LIBSSH2_USES_GCRYPT
/* Init threadsafety in libgcrypt */
gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread); if (!gcry_control(GCRYCTL_INITIALIZATION_FINISHED_P)) {
if (!gcry_check_version(GCRYPT_VERSION)) {
guac_client_log(client, GUAC_LOG_ERROR, "libgcrypt version mismatch."); /* Init threadsafety in libgcrypt */
return 1; gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
/* Initialize GCrypt */
if (!gcry_check_version(GCRYPT_VERSION)) {
guac_client_log(client, GUAC_LOG_ERROR, "libgcrypt version mismatch.");
return 1;
}
/* Mark initialization as completed. */
gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
} }
#endif #endif

View File

@ -48,12 +48,22 @@
#include <guacamole/timestamp.h> #include <guacamole/timestamp.h>
#include <guacamole/wol.h> #include <guacamole/wol.h>
#include <rfb/rfbclient.h> #include <rfb/rfbclient.h>
#include <rfb/rfbconfig.h>
#include <rfb/rfbproto.h> #include <rfb/rfbproto.h>
#ifdef LIBVNCSERVER_WITH_CLIENT_GCRYPT
#include <errno.h>
#include <gcrypt.h>
#endif
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <time.h> #include <time.h>
#ifdef LIBVNCSERVER_WITH_CLIENT_GCRYPT
GCRY_THREAD_OPTION_PTHREAD_IMPL;
#endif
char* GUAC_VNC_CLIENT_KEY = "GUAC_VNC"; char* GUAC_VNC_CLIENT_KEY = "GUAC_VNC";
#ifdef ENABLE_VNC_TLS_LOCKING #ifdef ENABLE_VNC_TLS_LOCKING
@ -135,6 +145,27 @@ rfbClient* guac_vnc_get_client(guac_client* client) {
rfb_client->UnlockWriteToTLS = guac_vnc_unlock_write_to_tls; rfb_client->UnlockWriteToTLS = guac_vnc_unlock_write_to_tls;
#endif #endif
#ifdef LIBVNCSERVER_WITH_CLIENT_GCRYPT
/* Check if GCrypt is initialized, do it if not. */
if (!gcry_control(GCRYCTL_INITIALIZATION_FINISHED_P)) {
guac_client_log(client, GUAC_LOG_DEBUG, "GCrypt initialization started.");
/* Initialize thread control. */
gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread);
/* Basic GCrypt library initialization. */
gcry_check_version(NULL);
/* Mark initialization as completed. */
gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
guac_client_log(client, GUAC_LOG_DEBUG, "GCrypt initialization completed.");
}
#endif
/* Do not handle clipboard and local cursor if read-only */ /* Do not handle clipboard and local cursor if read-only */
if (vnc_settings->read_only == 0) { if (vnc_settings->read_only == 0) {