@@ -63,8 +63,8 @@ | |||
using namespace rfb; | |||
StringParameter CSecurityTLS::x509ca("x509ca", "X509 CA certificate", "", ConfViewer); | |||
StringParameter CSecurityTLS::x509crl("x509crl", "X509 CRL file", "", ConfViewer); | |||
StringParameter CSecurityTLS::X509CA("X509CA", "X509 CA certificate", "", ConfViewer); | |||
StringParameter CSecurityTLS::X509CRL("X509CRL", "X509 CRL file", "", ConfViewer); | |||
static LogWriter vlog("TLS"); | |||
static LogWriter vlog_raw("RawTLS"); | |||
@@ -94,8 +94,8 @@ void CSecurityTLS::initGlobal() | |||
CSecurityTLS::CSecurityTLS(bool _anon) : session(0), anon_cred(0), | |||
anon(_anon), fis(0), fos(0) | |||
{ | |||
cafile = x509ca.getData(); | |||
crlfile = x509crl.getData(); | |||
cafile = X509CA.getData(); | |||
crlfile = X509CRL.getData(); | |||
} | |||
void CSecurityTLS::setDefaults() | |||
@@ -115,9 +115,9 @@ void CSecurityTLS::setDefaults() | |||
delete [] homeDir; | |||
if (!fileexists(caDefault.buf)) | |||
x509ca.setDefaultStr(strdup(caDefault.buf)); | |||
X509CA.setDefaultStr(strdup(caDefault.buf)); | |||
if (!fileexists(crlDefault.buf)) | |||
x509crl.setDefaultStr(strdup(crlDefault.buf)); | |||
X509CRL.setDefaultStr(strdup(crlDefault.buf)); | |||
} | |||
void CSecurityTLS::shutdown(bool needbye) |
@@ -50,8 +50,8 @@ namespace rfb { | |||
{ return anon ? "TLS Encryption without VncAuth" : "X509 Encryption without VncAuth"; } | |||
static void setDefaults(); | |||
static StringParameter x509ca; | |||
static StringParameter x509crl; | |||
static StringParameter X509CA; | |||
static StringParameter X509CRL; | |||
static UserMsgBox *msg; | |||
protected: |
@@ -39,10 +39,10 @@ | |||
using namespace rfb; | |||
StringParameter SSecurityTLS::X509_CertFile | |||
("x509cert", "specifies path to the x509 certificate in PEM format", "", ConfServer); | |||
("X509Cert", "Path to the X509 certificate in PEM format", "", ConfServer); | |||
StringParameter SSecurityTLS::X509_KeyFile | |||
("x509key", "specifies path to the key of the x509 certificate in PEM format", "", ConfServer); | |||
("X509Key", "Path to the key of the X509 certificate in PEM format", "", ConfServer); | |||
static LogWriter vlog("TLS"); | |||
static LogWriter vlog_raw("RawTLS"); |
@@ -31,8 +31,10 @@ | |||
using namespace rfb; | |||
static StringParameter pam_service | |||
("pam_service", "service name for pam password validation", "vnc"); | |||
static StringParameter pamService | |||
("PAMService", "Service name for PAM password validation", "vnc"); | |||
AliasParameter pam_service("pam_service", "Alias for PAMService", | |||
&pamService); | |||
int do_pam_auth(const char *service, const char *username, | |||
const char *password); | |||
@@ -42,7 +44,7 @@ bool UnixPasswordValidator::validateInternal(SConnection * sc, | |||
const char *password) | |||
{ | |||
#ifdef HAVE_PAM | |||
CharArray service(strDup(pam_service.getData())); | |||
CharArray service(strDup(pamService.getData())); | |||
return do_pam_auth(service.buf, username, password); | |||
#else | |||
throw AuthFailureException("PAM not supported"); |
@@ -104,18 +104,18 @@ to allow any user to authenticate using this security type. Default is to | |||
deny all users. | |||
. | |||
.TP | |||
.B pam_service | |||
.B pam_service, PAMService | |||
PAM service name to use when authentication users using any of the "Plain" | |||
security types. Default is \fBvnc\fP. | |||
. | |||
.TP | |||
.B x509cert | |||
.B X509Cert | |||
Path to a X509 certificate in PEM format to be used for all X509 based | |||
security types (X509None, X509Vnc, etc.). | |||
. | |||
.TP | |||
.B x509key | |||
Private key counter part to the certificate given in \fBx509cert\fP. Must | |||
.B X509Key | |||
Private key counter part to the certificate given in \fBX509Cert\fP. Must | |||
also be in PEM format. | |||
. | |||
.TP |
@@ -208,18 +208,18 @@ to allow any user to authenticate using this security type. Default is to | |||
deny all users. | |||
. | |||
.TP | |||
.B \-pam_service \fIname\fP | |||
.B \-pam_service \fIname\fP, \-PAMService \fIname\fP | |||
PAM service name to use when authentication users using any of the "Plain" | |||
security types. Default is \fBvnc\fP. | |||
. | |||
.TP | |||
.B \-x509cert \fIpath\fP | |||
.B \-X509Cert \fIpath\fP | |||
Path to a X509 certificate in PEM format to be used for all X509 based | |||
security types (X509None, X509Vnc, etc.). | |||
. | |||
.TP | |||
.B \-x509key \fIpath\fP | |||
Private key counter part to the certificate given in \fBx509cert\fP. Must | |||
.B \-X509Key \fIpath\fP | |||
Private key counter part to the certificate given in \fBX509Cert\fP. Must | |||
also be in PEM format. | |||
. | |||
.TP |
@@ -252,8 +252,8 @@ void OptionsDialog::loadOptions(void) | |||
} | |||
} | |||
caInput->value(CSecurityTLS::x509ca); | |||
crlInput->value(CSecurityTLS::x509crl); | |||
caInput->value(CSecurityTLS::X509CA); | |||
crlInput->value(CSecurityTLS::X509CRL); | |||
handleX509(encX509Checkbox, this); | |||
#endif | |||
@@ -368,8 +368,8 @@ void OptionsDialog::storeOptions(void) | |||
SecurityClient::secTypes.setParam(security.ToString()); | |||
CSecurityTLS::x509ca.setParam(caInput->value()); | |||
CSecurityTLS::x509crl.setParam(crlInput->value()); | |||
CSecurityTLS::X509CA.setParam(caInput->value()); | |||
CSecurityTLS::X509CRL.setParam(crlInput->value()); | |||
#endif | |||
/* Input */ |
@@ -144,8 +144,8 @@ const char* IDENTIFIER_STRING = "TigerVNC Configuration file Version 1.0"; | |||
VoidParameter* parameterArray[] = { | |||
#ifdef HAVE_GNUTLS | |||
&CSecurityTLS::x509ca, | |||
&CSecurityTLS::x509crl, | |||
&CSecurityTLS::X509CA, | |||
&CSecurityTLS::X509CRL, | |||
#endif // HAVE_GNUTLS | |||
&SecurityClient::secTypes, | |||
&dotWhenNoCursor, |