SSecurityVncAuth class. git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4036 3789f03b-4d11-0410-bbf8-ca57d06f2519tags/v1.0.90
@@ -42,18 +42,11 @@ StringParameter SSecurityFactoryStandard::rev_sec_types | |||
"None"); | |||
StringParameter SSecurityFactoryStandard::vncAuthPasswdFile | |||
("PasswordFile", "Password file for VNC authentication", ""); | |||
VncAuthPasswdParameter SSecurityFactoryStandard::vncAuthPasswd | |||
("Password", "Obfuscated binary encoding of the password which clients must supply to " | |||
"access the server", &SSecurityFactoryStandard::vncAuthPasswdFile); | |||
SSecurity* SSecurityFactoryStandard::getSSecurity(rdr::U8 secType, bool reverseConnection) { | |||
switch (secType) { | |||
case secTypeNone: return new SSecurityNone(); | |||
case secTypeVncAuth: | |||
return new SSecurityVncAuth(&vncAuthPasswd); | |||
return new SSecurityVncAuth(); | |||
default: | |||
throw Exception("Security type not supported"); | |||
} | |||
@@ -83,46 +76,3 @@ bool SSecurityFactoryStandard::isSecTypeSupported(rdr::U8 secType) { | |||
} | |||
} | |||
VncAuthPasswdParameter::VncAuthPasswdParameter(const char* name, | |||
const char* desc, | |||
StringParameter* passwdFile_) | |||
: BinaryParameter(name, desc, 0, 0), passwdFile(passwdFile_) { | |||
} | |||
char* VncAuthPasswdParameter::getVncAuthPasswd() { | |||
ObfuscatedPasswd obfuscated; | |||
getData((void**)&obfuscated.buf, &obfuscated.length); | |||
if (obfuscated.length == 0) { | |||
if (passwdFile) { | |||
CharArray fname(passwdFile->getData()); | |||
if (!fname.buf[0]) { | |||
vlog.info("neither %s nor %s params set", getName(), passwdFile->getName()); | |||
return 0; | |||
} | |||
FILE* fp = fopen(fname.buf, "r"); | |||
if (!fp) { | |||
vlog.error("opening password file '%s' failed",fname.buf); | |||
return 0; | |||
} | |||
vlog.debug("reading password file"); | |||
obfuscated.buf = new char[128]; | |||
obfuscated.length = fread(obfuscated.buf, 1, 128, fp); | |||
fclose(fp); | |||
} else { | |||
vlog.info("%s parameter not set", getName()); | |||
} | |||
} | |||
try { | |||
PlainPasswd password(obfuscated); | |||
return password.takeBuf(); | |||
} catch (...) { | |||
return 0; | |||
} | |||
} | |||
@@ -44,22 +44,12 @@ | |||
namespace rfb { | |||
class VncAuthPasswdParameter : public VncAuthPasswdGetter, BinaryParameter { | |||
public: | |||
VncAuthPasswdParameter(const char* name, const char* desc, StringParameter* passwdFile_); | |||
virtual char* getVncAuthPasswd(); | |||
protected: | |||
StringParameter* passwdFile; | |||
}; | |||
class SSecurityFactoryStandard : public SSecurityFactory { | |||
public: | |||
virtual SSecurity* getSSecurity(rdr::U8 secType, bool reverse); | |||
virtual void getSecTypes(std::list<rdr::U8>* secTypes, bool reverse); | |||
static StringParameter sec_types; | |||
static StringParameter rev_sec_types; | |||
static StringParameter vncAuthPasswdFile; | |||
static VncAuthPasswdParameter vncAuthPasswd; | |||
protected: | |||
virtual bool isSecTypeSupported(rdr::U8 secType); | |||
}; |
@@ -40,9 +40,16 @@ using namespace rfb; | |||
static LogWriter vlog("SVncAuth"); | |||
StringParameter SSecurityVncAuth::vncAuthPasswdFile | |||
("PasswordFile", "Password file for VNC authentication", "", ConfServer); | |||
AliasParameter rfbauth("rfbauth", "Alias for PasswordFile", | |||
&SSecurityVncAuth::vncAuthPasswdFile, ConfServer); | |||
VncAuthPasswdParameter SSecurityVncAuth::vncAuthPasswd | |||
("Password", "Obfuscated binary encoding of the password which clients must supply to " | |||
"access the server", &SSecurityVncAuth::vncAuthPasswdFile); | |||
SSecurityVncAuth::SSecurityVncAuth(VncAuthPasswdGetter* pg_) | |||
: sentChallenge(false), responsePos(0), pg(pg_) | |||
SSecurityVncAuth::SSecurityVncAuth(void) | |||
: sentChallenge(false), responsePos(0), pg(&vncAuthPasswd) | |||
{ | |||
} | |||
@@ -85,3 +92,45 @@ bool SSecurityVncAuth::processMsg(SConnection* sc) | |||
return true; | |||
} | |||
VncAuthPasswdParameter::VncAuthPasswdParameter(const char* name, | |||
const char* desc, | |||
StringParameter* passwdFile_) | |||
: BinaryParameter(name, desc, 0, 0, ConfServer), passwdFile(passwdFile_) { | |||
} | |||
char* VncAuthPasswdParameter::getVncAuthPasswd() { | |||
ObfuscatedPasswd obfuscated; | |||
getData((void**)&obfuscated.buf, &obfuscated.length); | |||
if (obfuscated.length == 0) { | |||
if (passwdFile) { | |||
CharArray fname(passwdFile->getData()); | |||
if (!fname.buf[0]) { | |||
vlog.info("neither %s nor %s params set", getName(), passwdFile->getName()); | |||
return 0; | |||
} | |||
FILE* fp = fopen(fname.buf, "r"); | |||
if (!fp) { | |||
vlog.error("opening password file '%s' failed",fname.buf); | |||
return 0; | |||
} | |||
vlog.debug("reading password file"); | |||
obfuscated.buf = new char[128]; | |||
obfuscated.length = fread(obfuscated.buf, 1, 128, fp); | |||
fclose(fp); | |||
} else { | |||
vlog.info("%s parameter not set", getName()); | |||
} | |||
} | |||
try { | |||
PlainPasswd password(obfuscated); | |||
return password.takeBuf(); | |||
} catch (...) { | |||
return 0; | |||
} | |||
} | |||
@@ -24,6 +24,7 @@ | |||
#ifndef __RFB_SSECURITYVNCAUTH_H__ | |||
#define __RFB_SSECURITYVNCAUTH_H__ | |||
#include <rfb/Configuration.h> | |||
#include <rfb/SSecurity.h> | |||
#include <rfb/Security.h> | |||
#include <rdr/types.h> | |||
@@ -37,12 +38,22 @@ namespace rfb { | |||
virtual char* getVncAuthPasswd()=0; | |||
}; | |||
class VncAuthPasswdParameter : public VncAuthPasswdGetter, BinaryParameter { | |||
public: | |||
VncAuthPasswdParameter(const char* name, const char* desc, StringParameter* passwdFile_); | |||
virtual char* getVncAuthPasswd(); | |||
protected: | |||
StringParameter* passwdFile; | |||
}; | |||
class SSecurityVncAuth : public SSecurity { | |||
public: | |||
SSecurityVncAuth(VncAuthPasswdGetter* pg); | |||
SSecurityVncAuth(void); | |||
virtual bool processMsg(SConnection* sc); | |||
virtual int getType() const {return secTypeVncAuth;} | |||
virtual const char* getUserName() const {return 0;} | |||
static StringParameter vncAuthPasswdFile; | |||
static VncAuthPasswdParameter vncAuthPasswd; | |||
private: | |||
enum {vncAuthChallengeSize = 16}; | |||
rdr::U8 challenge[vncAuthChallengeSize]; |
@@ -110,8 +110,6 @@ static int vncErrorBase = 0; | |||
static int vncEventBase = 0; | |||
int vncInetdSock = -1; | |||
rfb::AliasParameter rfbauth("rfbauth", "Alias for PasswordFile", | |||
&SSecurityFactoryStandard::vncAuthPasswdFile); | |||
rfb::StringParameter httpDir("httpd", | |||
"Directory containing files to serve via HTTP", | |||
""); |
@@ -24,7 +24,8 @@ | |||
#include <rfb_win32/OSVersion.h> | |||
#include <rfb_win32/MsgBox.h> | |||
#include <rfb/ServerCore.h> | |||
#include <rfb/secTypes.h> | |||
#include <rfb/Security.h> | |||
#include <rfb/SSecurityVncAuth.h> | |||
#include <rfb/Password.h> | |||
static rfb::BoolParameter queryOnlyIfLoggedOn("QueryOnlyIfLoggedOn", |