From c10b4e26efa89bebb42324b4de5f79f2bfb87e18 Mon Sep 17 00:00:00 2001
From: iris <iris@hyperhive>
Date: Wed, 20 May 2026 21:47:27 +0200
Subject: [PATCH] screen: fix MD5 rotation schedule and send root username
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Two bugs found via the weston journal (issue #92):

1. MD5 rotation index used (j>>2 & 3) for the round number, which
   cycles every 4 steps instead of every 16. Verified against RFC 1321
   test vectors: md5("") was 7a1dce5b... instead of d41d8cd9... — the
   derived AES key was wrong, so the server decrypted the credentials
   to garbage. Fixed to j>>4.

2. weston's vnc_handle_auth calls getpwnam(username) and requires
   pw_uid == weston's own uid before PAM is consulted. We sent an empty
   username, which fails outright ("VNC: wrong user"). weston runs as
   root, so send username "root"; the empty password still passes via
   pam_permit.so on the weston-remote-access service.

Fixes #92
---
 hive-ag3nt/assets/screen.html | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/hive-ag3nt/assets/screen.html b/hive-ag3nt/assets/screen.html
index 5ce270e..4899567 100644
--- a/hive-ag3nt/assets/screen.html
+++ b/hive-ag3nt/assets/screen.html
@@ -242,7 +242,9 @@ canvas { display: block; cursor: default; }
           : j<48 ? [bb^cc^dd, (3*j+5)%16]
           : [cc^(bb|(~dd)), (7*j)%16];
         f = add(add(aa, f), add(m[i+g], T[j]));
-        [aa,dd,cc,bb] = [dd, cc, bb, add(bb, r(f, S[(j%4)+((j>>2&3)*4)]))];
+        // Rotation amount: round = j>>4 (changes every 16 steps),
+        // position-in-round = j%4. S is laid out as 4 rounds × 4.
+        [aa,dd,cc,bb] = [dd, cc, bb, add(bb, r(f, S[(j%4)+((j>>4)*4)]))];
       }
       [a,b2,c,d] = [add(a,aa), add(b2,bb), add(c,cc), add(d,dd)];
     }
@@ -419,8 +421,15 @@ canvas { display: block; cursor: default; }
             const aesKey = md5(sharedBytes);
             dbg('Apple-DH: shared MD5 key=' + hex(aesKey));
 
-            // Credentials: 64 bytes username (zeroed) + 64 bytes password (zeroed)
-            const creds = new Uint8Array(128); // empty username + empty password
+            // Credentials: 64 bytes username + 64 bytes password.
+            // weston's vnc_handle_auth (libweston/backend-vnc/vnc.c) does
+            // getpwnam(username) and requires pw_uid == weston's own uid
+            // BEFORE PAM is ever consulted — an empty/garbage username is
+            // rejected outright. weston runs as root, so the username must
+            // be "root". The password stays empty; pam_permit.so on the
+            // weston-remote-access PAM service accepts it.
+            const creds = new Uint8Array(128);
+            creds.set(new TextEncoder().encode('root'), 0);
             const encCreds = await aes128ecb(aesKey, creds);
 
             // Send: encrypted_creds + client_pub