mirrors
/
tigervnc
mirror of https://github.com/TigerVNC/tigervnc.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 37 Wiki Activity
Browse Source

[Development] Use SecurityType also as configuration for VeNCrypt. 

Signed-off-by: Martin Koegler <mkoegler@auto.tuwien.ac.at>


git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4102 3789f03b-4d11-0410-bbf8-ca57d06f2519
tags/v1.0.90
Adam Tkac 14 years ago
parent
a032593f99
commit
814fa8972e
3 changed files with 15 additions and 111 deletions
Split View Show Diff Stats
  1. 9
    20
      common/rfb/CSecurityVeNCrypt.cxx
  2. 5
    85
      common/rfb/SSecurityVeNCrypt.cxx
  3. 1
    6
      common/rfb/SSecurityVeNCrypt.h

+ 9
- 20
common/rfb/CSecurityVeNCrypt.cxx View File

@@ -30,7 +30,6 @@
#include <rfb/CSecurityVeNCrypt.h>
#include <rfb/CSecurityVncAuth.h>
#include <rfb/LogWriter.h>
#include <rfb/SSecurityVeNCrypt.h>
#include <list>
using namespace rfb;
@@ -147,14 +146,14 @@ bool CSecurityVeNCrypt::processMsg(CConnection* cc)
/* make a choice and send it to the server, meanwhile set up the stack */
if (!haveChosenType) {
chosenType = 0;
chosenType = secTypeInvalid;
U8 i;
list<U32>::iterator j;
list<U32> preferredList;
/* Try preferred choice */
SSecurityVeNCrypt::getSecTypes(&preferredList);
preferredList = security->GetEnabledExtSecTypes();
for (j = preferredList.begin(); j != preferredList.end(); j++) {
for (i = 0; i < nAvailableTypes; i++) {
if (*j == availableTypes[i]) {
@@ -163,29 +162,19 @@ bool CSecurityVeNCrypt::processMsg(CConnection* cc)
}
}
if (chosenType)
if (chosenType != secTypeInvalid)
break;
}
vlog.debug("Choosing security type %s (%d)", secTypeName(chosenType),
chosenType);
/* Set up the stack according to the chosen type: */
switch (chosenType) {
case secTypeTLSNone:
case secTypeTLSVnc:
case secTypeTLSPlain:
case secTypeX509None:
case secTypeX509Vnc:
case secTypeX509Plain:
csecurity = CSecurityVeNCrypt::getCSecurityStack(chosenType);
break;
if (chosenType == secTypeInvalid || chosenType == secTypeVeNCrypt)
throw AuthFailureException("No valid VeNCrypt sub-type");
csecurity = CSecurityVeNCrypt::getCSecurityStack(chosenType);
case secTypeInvalid:
case secTypeVeNCrypt: /* would cause looping */
default:
throw AuthFailureException("No valid VeNCrypt sub-type");
}
/* send chosen type to server */
os->writeU32(chosenType);
os->flush();

+ 5
- 85
common/rfb/SSecurityVeNCrypt.cxx View File

@@ -54,12 +54,6 @@ StringParameter SSecurityVeNCrypt::X509_KeyFile
"specifies path to the key of the x509 certificate in PEM format",
"", ConfServer);
StringParameter SSecurityVeNCrypt::secTypesStr
("VeNCryptTypes",
"Specify which security scheme to use for VeNCrypt connections (TLSNone, "
"TLSVnc, TLSPlain, X509None, X509Vnc, X509Plain)",
"TLSVnc,TLSPlain,X509Vnc,X509Plain");
SSecurityVeNCrypt::SSecurityVeNCrypt(Security *sec) : security(sec)
{
ssecurity = NULL;
@@ -141,7 +135,8 @@ bool SSecurityVeNCrypt::processMsg(SConnection* sc)
*/
if (!haveSentTypes) {
list<U32> listSubTypes;
SSecurityVeNCrypt::getSecTypes(&listSubTypes);
listSubTypes = security->GetEnabledExtSecTypes();
numTypes = listSubTypes.size();
subTypes = new U32[numTypes];
@@ -180,22 +175,12 @@ bool SSecurityVeNCrypt::processMsg(SConnection* sc)
vlog.debug("Choosing security type %s (%d)", secTypeName(chosenType),
chosenType);
/* Set up the stack according to the chosen type */
switch(chosenType) {
case secTypeTLSNone:
case secTypeTLSVnc:
case secTypeTLSPlain:
case secTypeX509None:
case secTypeX509Vnc:
case secTypeX509Plain:
ssecurity = SSecurityVeNCrypt::getSSecurityStack(chosenType);
break;
case secTypeInvalid:
case secTypeVeNCrypt: /* This would cause looping */
default:
if (chosenType == secTypeInvalid || chosenType == secTypeVeNCrypt)
throw AuthFailureException("No valid VeNCrypt sub-type");
}
ssecurity = SSecurityVeNCrypt::getSSecurityStack(chosenType);
}
/* continue processing the messages */
@@ -221,68 +206,3 @@ SSecurityStack* SSecurityVeNCrypt::getSSecurityStack(int secType)
}
}
void SSecurityVeNCrypt::getSecTypes(list<U32>* secTypes)
{
CharArray types;
types.buf = SSecurityVeNCrypt::secTypesStr.getData();
list<U32> configured = SSecurityVeNCrypt::parseSecTypes(types.buf);
list<U32>::iterator i;
for (i = configured.begin(); i != configured.end(); i++)
secTypes->push_back(*i);
}
U32 SSecurityVeNCrypt::secTypeNum(const char *name)
{
if (strcasecmp(name, "TLSNone") == 0)
return secTypeTLSNone;
if (strcasecmp(name, "TLSVnc") == 0)
return secTypeTLSVnc;
if (strcasecmp(name, "TLSPlain") == 0)
return secTypeTLSPlain;
if (strcasecmp(name, "X509None") == 0)
return secTypeX509None;
if (strcasecmp(name, "X509Vnc") == 0)
return secTypeX509Vnc;
if (strcasecmp(name, "X509Plain") == 0)
return secTypeX509Plain;
return secTypeInvalid;
}
char* SSecurityVeNCrypt::secTypeName(U32 num)
{
switch (num) {
case secTypePlain:
return "Plain";
case secTypeTLSNone:
return "TLSNone";
case secTypeTLSVnc:
return "TLSVnc";
case secTypeTLSPlain:
return "TLSPlain";
case secTypeX509None:
return "X509None";
case secTypeX509Vnc:
return "X509Vnc";
case secTypeX509Plain:
return "X509Plain";
default:
return "[unknown secType]";
}
}
list<U32> SSecurityVeNCrypt::parseSecTypes(const char *secTypes)
{
list<U32> result;
CharArray types(strDup(secTypes)), type;
while (types.buf) {
strSplit(types.buf, ',', &type.buf, &types.buf);
int typeNum = SSecurityVeNCrypt::secTypeNum(type.buf);
if (typeNum != secTypeInvalid)
result.push_back(typeNum);
}
return result;
}

+ 1
- 6
common/rfb/SSecurityVeNCrypt.h View File

@@ -46,13 +46,8 @@ namespace rfb {
virtual int getType() const { return secTypeVeNCrypt; }
virtual const char* getUserName() const { return NULL; }
static StringParameter X509_CertFile, X509_KeyFile, secTypesStr;
static StringParameter X509_CertFile, X509_KeyFile;
/* XXX Derive Security class and merge those functions appropriately ? */
static void getSecTypes(std::list<rdr::U32>* secTypes);
static rdr::U32 secTypeNum(const char *name);
static char* secTypeName(rdr::U32 num);
static std::list<rdr::U32> parseSecTypes(const char *types);
protected:
static SSecurityStack* getSSecurityStack(int secType);

Write Preview
Loading…
Cancel
Save