Fix checkNoWait logic in SSecurityPlain. Currently it proceeds only if there aren't enough data in queue and then it blocks waiting. Also the required amount to receive from network is (ulen + plen), not (ulen + plen + 2). This allowed not authenticated clients to deny service to everyone.

commit: 9801c5efcf8c1774d9c807ebd5d27ac7049ad993 [log] [tgz]
author: Michal Srb <michalsrb@gmail.com> Wed Mar 29 17:00:30 2017 +0300
committer: Michal Srb <michalsrb@gmail.com> Thu Mar 30 03:25:02 2017 +0300
tree: cd98032c253310d920f6ccf2074d17e7534bb649
parent: d71508b94bd1c6f0d8be89aa559a8a7de48f7f3f [diff]
diff --git a/common/rfb/SSecurityPlain.cxx b/common/rfb/SSecurityPlain.cxx
index f5a5cc7..0531549 100644
--- a/common/rfb/SSecurityPlain.cxx
+++ b/common/rfb/SSecurityPlain.cxx

@@ -92,7 +92,7 @@
   }
 
   if (state == 1) {
-    if (is->checkNoWait(ulen + plen + 2))
+    if (!is->checkNoWait(ulen + plen))
       return false;
     state = 2;
     pw = new char[plen + 1];
commit	9801c5efcf8c1774d9c807ebd5d27ac7049ad993	[log] [tgz]
author	Michal Srb <michalsrb@gmail.com>	Wed Mar 29 17:00:30 2017 +0300
committer	Michal Srb <michalsrb@gmail.com>	Thu Mar 30 03:25:02 2017 +0300
tree	cd98032c253310d920f6ccf2074d17e7534bb649
parent	d71508b94bd1c6f0d8be89aa559a8a7de48f7f3f [diff]