vinzenz/hyperhive
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

weston-vnc: restore auth-method=none ini so weston accepts empty Apple-DH credentials

Browse source
This commit is contained in:
iris 2026-05-20 19:20:02 +02:00
parent 3224178d2d
commit 1b7d058d3c
1 changed files with 12 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

16
nix/templates/weston-vnc.nix
View file

@ -106,11 +106,19 @@
# neatvnc ≥ 0.9 advertises RSA-AES and Apple-DH security types # neatvnc ≥ 0.9 advertises RSA-AES and Apple-DH security types
# when auth is compiled in. The browser client handles Apple-DH # when auth is compiled in. The browser client handles Apple-DH
# (type 30) with empty credentials (weston auth-method=none # (type 30) with empty credentials.
# accepts any credentials). --disable-transport-layer-security #
# prevents the VeNCrypt TLS wrapper over the VNC-over-WebSocket # weston.ini [vnc] auth-method=none: weston uses an always-accept
# relay; plain auth types are used directly. # auth callback instead of PAM. Without this, weston defaults to
# PAM authentication which rejects empty credentials (SecurityResult=1).
#
# --disable-transport-layer-security prevents the VeNCrypt TLS
# wrapper; plain auth types (incl. type 30) are advertised directly.
WESTON_INI=$(${pkgs.coreutils}/bin/mktemp /tmp/weston-XXXXXX.ini)
${pkgs.coreutils}/bin/printf '[vnc]\nauth-method=none\n' > "$WESTON_INI"
exec ${pkgs.weston}/bin/weston \ exec ${pkgs.weston}/bin/weston \
--config="$WESTON_INI" \
--backend=vnc-backend.so \ --backend=vnc-backend.so \
--renderer=pixman \ --renderer=pixman \
--port="$VNC_PORT" \ --port="$VNC_PORT" \