Allow longer passwords in Plain authentication

Some people have longer passwords than 256 characters (hooray for password managers!). Server implementations also allow longer passwords: TigerVNC allows up to 1024 characters.
author: lhchavez <lhchavez@lhchavez.com> 2021-03-03 17:34:02 -0800
committer: lhchavez <lhchavez@lhchavez.com> 2021-03-03 17:34:02 -0800
commit: 18593154d3cf8973dbddb9f97615453efa6b3b0d (patch)
tree: d8ae590f2a2a35288924d5dd4a8632b449fb6e51
parent: 5a0cceb8156926fe125ca541adae60754ecd3698 (diff)
download: novnc-18593154d3cf8973dbddb9f97615453efa6b3b0d.tar.gz
1 files changed, 12 insertions, 3 deletions
diff --git a/core/rfb.js b/core/rfb.js
index 26cdfcd..e3786cb 100644
--- a/core/rfb.js
+++ b/core/rfb.js
@@ -1438,9 +1438,18 @@ export default class RFB extends EventTargetMixin {
             const user = encodeUTF8(this._rfbCredentials.username);
             const pass = encodeUTF8(this._rfbCredentials.password);
 
-            // XXX we assume lengths are <= 255 (should not be an issue in the real world)
-            this._sock.send([0, 0, 0, user.length]);
-            this._sock.send([0, 0, 0, pass.length]);
+            this._sock.send([
+                (user.length >> 24) & 0xFF,
+                (user.length >> 16) & 0xFF,
+                (user.legnth >> 8) & 0xFF,
+                user.length & 0xFF
+            ]);
+            this._sock.send([
+                (pass.length >> 24) & 0xFF,
+                (pass.length >> 16) & 0xFF,
+                (pass.legnth >> 8) & 0xFF,
+                pass.length & 0xFF
+            ]);
             this._sock.sendString(user);
             this._sock.sendString(pass);
author	lhchavez <lhchavez@lhchavez.com>	2021-03-03 17:34:02 -0800
committer	lhchavez <lhchavez@lhchavez.com>	2021-03-03 17:34:02 -0800
commit	18593154d3cf8973dbddb9f97615453efa6b3b0d (patch)
tree	d8ae590f2a2a35288924d5dd4a8632b449fb6e51
parent	5a0cceb8156926fe125ca541adae60754ecd3698 (diff)
download	novnc-18593154d3cf8973dbddb9f97615453efa6b3b0d.tar.gz