There is already an implicit connection between them, so let's make it explicit. This allows easy lookup outside of the processMsg() function.

5 years ago · ad2b3c4aa3
--- a/common/rfb/CConnection.cxx
+++ b/common/rfb/CConnection.cxx
@@ -235,14 +235,14 @@ void CConnection::processSecurityTypesMsg()
  }

  state_ = RFBSTATE_SECURITY;
  csecurity = security.GetCSecurity(secType);
  csecurity = security.GetCSecurity(this, secType);
  processSecurityMsg();
 }

 void CConnection::processSecurityMsg()
 {
  vlog.debug("processing security message");
  if (csecurity->processMsg(this)) {
  if (csecurity->processMsg()) {
    state_ = RFBSTATE_SECURITY_RESULT;
    processSecurityResultMsg();
  }
--- a/common/rfb/CSecurity.h
+++ b/common/rfb/CSecurity.h
@@ -44,8 +44,9 @@ namespace rfb {
  class CConnection;
  class CSecurity {
  public:
    CSecurity(CConnection* cc) { this->cc = cc; }
    virtual ~CSecurity() {}
    virtual bool processMsg(CConnection* cc)=0;
    virtual bool processMsg() = 0;
    virtual int getType() const = 0;
    virtual const char* description() const = 0;
    virtual bool isSecure() const { return false; }
@@ -55,6 +56,9 @@ namespace rfb {
     * It MUST be set by viewer.
     */
    static UserPasswdGetter *upg;

  protected:
    CConnection* cc;
  };
 }
 #endif
--- a/common/rfb/CSecurityNone.h
+++ b/common/rfb/CSecurityNone.h
@@ -29,7 +29,8 @@ namespace rfb {

  class CSecurityNone : public CSecurity {
  public:
    virtual bool processMsg(CConnection* cc) { return true; }
    CSecurityNone(CConnection* cc) : CSecurity(cc) {}
    virtual bool processMsg() { return true; }
    virtual int getType() const {return secTypeNone;}
    virtual const char* description() const {return "No Encryption";}
  };
--- a/common/rfb/CSecurityPlain.cxx
+++ b/common/rfb/CSecurityPlain.cxx
@@ -26,7 +26,7 @@

 using namespace rfb;

 bool CSecurityPlain::processMsg(CConnection* cc)
 bool CSecurityPlain::processMsg()
 {
   rdr::OutStream* os = cc->getOutStream();

--- a/common/rfb/CSecurityPlain.h
+++ b/common/rfb/CSecurityPlain.h
@@ -26,8 +26,8 @@ namespace rfb {

  class CSecurityPlain : public CSecurity {
  public:
    CSecurityPlain() {}
    virtual bool processMsg(CConnection* cc);
    CSecurityPlain(CConnection* cc) : CSecurity(cc) {}
    virtual bool processMsg();
    virtual int getType() const { return secTypePlain; }
    virtual const char* description() const { return "ask for username and password"; }
  };
--- a/common/rfb/CSecurityStack.cxx
+++ b/common/rfb/CSecurityStack.cxx
@@ -21,9 +21,9 @@

 using namespace rfb;

 CSecurityStack::CSecurityStack(int Type, const char*Name, CSecurity* s0,
 			       CSecurity* s1)
  :name(Name),type(Type)
 CSecurityStack::CSecurityStack(CConnection* cc, int Type, const char* Name,
                               CSecurity* s0, CSecurity* s1)
  : CSecurity(cc), name(Name), type(Type)
 {
  state = 0;
  state0 = s0;
@@ -38,12 +38,12 @@ CSecurityStack::~CSecurityStack()
    delete state1;
 }

 bool CSecurityStack::processMsg(CConnection* cc)
 bool CSecurityStack::processMsg()
 {
  bool res=true;
  if (state == 0) {
    if (state0)
      res = state0->processMsg(cc);
      res = state0->processMsg();

    if (!res)
      return res;
@@ -53,7 +53,7 @@ bool CSecurityStack::processMsg(CConnection* cc)

  if (state == 1) {
    if(state1)
      res = state1->processMsg(cc);
      res = state1->processMsg();

    if(!res)
      return res;
--- a/common/rfb/CSecurityStack.h
+++ b/common/rfb/CSecurityStack.h
@@ -27,9 +27,10 @@ namespace rfb {

  class CSecurityStack : public CSecurity {
  public:
    CSecurityStack(int Type, const char *Name, CSecurity* s0 = 0, CSecurity* s1 = 0);
    CSecurityStack(CConnection* cc, int Type, const char *Name,
                   CSecurity* s0 = NULL, CSecurity* s1 = NULL);
    ~CSecurityStack();
    virtual bool processMsg(CConnection* cc);
    virtual bool processMsg();
    virtual int getType() const {return type;};
    virtual const char* description() const {return name;}
    virtual bool isSecure() const;
--- a/common/rfb/CSecurityTLS.cxx
+++ b/common/rfb/CSecurityTLS.cxx
@@ -67,8 +67,9 @@ StringParameter CSecurityTLS::X509CRL("X509CRL", "X509 CRL file", "", ConfViewer

 static LogWriter vlog("TLS");

 CSecurityTLS::CSecurityTLS(bool _anon) : session(0), anon_cred(0),
 						 cert_cred(0), anon(_anon), fis(0), fos(0)
 CSecurityTLS::CSecurityTLS(CConnection* cc, bool _anon)
  : CSecurity(cc), session(NULL), anon_cred(NULL), cert_cred(NULL),
    anon(_anon), fis(NULL), fos(NULL)
 {
  cafile = X509CA.getData();
  crlfile = X509CRL.getData();
@@ -137,7 +138,7 @@ CSecurityTLS::~CSecurityTLS()
  gnutls_global_deinit();
 }

 bool CSecurityTLS::processMsg(CConnection* cc)
 bool CSecurityTLS::processMsg()
 {
  rdr::InStream* is = cc->getInStream();
  rdr::OutStream* os = cc->getOutStream();
--- a/common/rfb/CSecurityTLS.h
+++ b/common/rfb/CSecurityTLS.h
@@ -42,9 +42,9 @@ namespace rfb {
  class UserMsgBox;
  class CSecurityTLS : public CSecurity {
  public:
    CSecurityTLS(bool _anon);
    CSecurityTLS(CConnection* cc, bool _anon);
    virtual ~CSecurityTLS();
    virtual bool processMsg(CConnection* cc);
    virtual bool processMsg();
    virtual int getType() const { return anon ? secTypeTLSNone : secTypeX509None; }
    virtual const char* description() const
      { return anon ? "TLS Encryption without VncAuth" : "X509 Encryption without VncAuth"; }
--- a/common/rfb/CSecurityVeNCrypt.cxx
+++ b/common/rfb/CSecurityVeNCrypt.cxx
@@ -36,7 +36,8 @@ using namespace std;

 static LogWriter vlog("CVeNCrypt");

 CSecurityVeNCrypt::CSecurityVeNCrypt(SecurityClient* sec) : csecurity(NULL), security(sec)
 CSecurityVeNCrypt::CSecurityVeNCrypt(CConnection* cc, SecurityClient* sec)
  : CSecurity(cc), csecurity(NULL), security(sec)
 {
  haveRecvdMajorVersion = false;
  haveRecvdMinorVersion = false;
@@ -59,7 +60,7 @@ CSecurityVeNCrypt::~CSecurityVeNCrypt()
 	delete[] availableTypes;
 }

 bool CSecurityVeNCrypt::processMsg(CConnection* cc)
 bool CSecurityVeNCrypt::processMsg()
 {
  InStream* is = cc->getInStream();
  OutStream* os = cc->getOutStream();
@@ -171,7 +172,7 @@ bool CSecurityVeNCrypt::processMsg(CConnection* cc)
      if (chosenType == secTypeInvalid || chosenType == secTypeVeNCrypt)
 	throw AuthFailureException("No valid VeNCrypt sub-type");

      csecurity = security->GetCSecurity(chosenType);
      csecurity = security->GetCSecurity(cc, chosenType);

      /* send chosen type to server */
      os->writeU32(chosenType);
@@ -188,7 +189,7 @@ bool CSecurityVeNCrypt::processMsg(CConnection* cc)
    throw AuthFailureException("The server reported 0 VeNCrypt sub-types");
  }

  return csecurity->processMsg(cc);
  return csecurity->processMsg();
 }

 const char* CSecurityVeNCrypt::description() const
--- a/common/rfb/CSecurityVeNCrypt.h
+++ b/common/rfb/CSecurityVeNCrypt.h
@@ -34,9 +34,9 @@ namespace rfb {
  class CSecurityVeNCrypt : public CSecurity {
  public:

    CSecurityVeNCrypt(SecurityClient* sec);
    CSecurityVeNCrypt(CConnection* cc, SecurityClient* sec);
    ~CSecurityVeNCrypt();
    virtual bool processMsg(CConnection* cc);// { return true; }
    virtual bool processMsg();
    int getType() const {return chosenType;}
    virtual const char* description() const;
    virtual bool isSecure() const;
--- a/common/rfb/CSecurityVncAuth.cxx
+++ b/common/rfb/CSecurityVncAuth.cxx
@@ -40,7 +40,7 @@ using namespace rfb;

 static const int vncAuthChallengeSize = 16;

 bool CSecurityVncAuth::processMsg(CConnection* cc)
 bool CSecurityVncAuth::processMsg()
 {
  rdr::InStream* is = cc->getInStream();
  rdr::OutStream* os = cc->getOutStream();
--- a/common/rfb/CSecurityVncAuth.h
+++ b/common/rfb/CSecurityVncAuth.h
@@ -25,9 +25,9 @@ namespace rfb {

  class CSecurityVncAuth : public CSecurity {
  public:
    CSecurityVncAuth(void) {}
    CSecurityVncAuth(CConnection* cc) : CSecurity(cc) {}
    virtual ~CSecurityVncAuth() {}
    virtual bool processMsg(CConnection* cc);
    virtual bool processMsg();
    virtual int getType() const {return secTypeVncAuth;};
    virtual const char* description() const {return "No Encryption";}
  };
--- a/common/rfb/SConnection.cxx
+++ b/common/rfb/SConnection.cxx
@@ -156,7 +156,7 @@ void SConnection::processVersionMsg()
    os->writeU32(*i);
    if (*i == secTypeNone) os->flush();
    state_ = RFBSTATE_SECURITY;
    ssecurity = security.GetSSecurity(*i);
    ssecurity = security.GetSSecurity(this, *i);
    processSecurityMsg();
    return;
  }
@@ -199,7 +199,7 @@ void SConnection::processSecurityType(int secType)

  try {
    state_ = RFBSTATE_SECURITY;
    ssecurity = security.GetSSecurity(secType);
    ssecurity = security.GetSSecurity(this, secType);
  } catch (rdr::Exception& e) {
    throwConnFailedException("%s", e.str());
  }
@@ -211,7 +211,7 @@ void SConnection::processSecurityMsg()
 {
  vlog.debug("processing security message");
  try {
    bool done = ssecurity->processMsg(this);
    bool done = ssecurity->processMsg();
    if (done) {
      state_ = RFBSTATE_QUERYING;
      setAccessRights(ssecurity->getAccessRights());
--- a/common/rfb/SSecurity.h
+++ b/common/rfb/SSecurity.h
@@ -52,8 +52,9 @@ namespace rfb {

  class SSecurity {
  public:
    SSecurity(SConnection* sc) { this->sc = sc; }
    virtual ~SSecurity() {}
    virtual bool processMsg(SConnection* sc)=0;
    virtual bool processMsg() = 0;
    virtual int getType() const = 0;

    // getUserName() gets the name of the user attempting authentication.  The
@@ -63,6 +64,9 @@ namespace rfb {
    virtual const char* getUserName() const = 0;

    virtual SConnection::AccessRights getAccessRights() const { return SConnection::AccessDefault; }

  protected:
    SConnection* sc;
  };

 }
--- a/common/rfb/SSecurityNone.h
+++ b/common/rfb/SSecurityNone.h
@@ -28,7 +28,8 @@ namespace rfb {

  class SSecurityNone : public SSecurity {
  public:
    virtual bool processMsg(SConnection* sc) { return true; }
    SSecurityNone(SConnection* sc) : SSecurity(sc) {}
    virtual bool processMsg() { return true; }
    virtual int getType() const {return secTypeNone;}
    virtual const char* getUserName() const {return 0;}
  };
--- a/common/rfb/SSecurityPlain.cxx
+++ b/common/rfb/SSecurityPlain.cxx
@@ -60,7 +60,7 @@ bool PasswordValidator::validUser(const char* username)
  return false;
 }

 SSecurityPlain::SSecurityPlain()
 SSecurityPlain::SSecurityPlain(SConnection* sc) : SSecurity(sc)
 {
 #ifdef HAVE_PAM
  valid = new UnixPasswordValidator();
@@ -73,7 +73,7 @@ SSecurityPlain::SSecurityPlain()
  state = 0;
 }

 bool SSecurityPlain::processMsg(SConnection* sc)
 bool SSecurityPlain::processMsg()
 {
  rdr::InStream* is = sc->getInStream();
  char* pw;
--- a/common/rfb/SSecurityPlain.h
+++ b/common/rfb/SSecurityPlain.h
@@ -47,8 +47,8 @@ namespace rfb {

  class SSecurityPlain : public SSecurity {
  public:
    SSecurityPlain();
    virtual bool processMsg(SConnection* sc);
    SSecurityPlain(SConnection* sc);
    virtual bool processMsg();
    virtual int getType() const { return secTypePlain; };
    virtual const char* getUserName() const { return username.buf; }

--- a/common/rfb/SSecurityStack.cxx
+++ b/common/rfb/SSecurityStack.cxx
@@ -20,8 +20,11 @@

 using namespace rfb;

 SSecurityStack::SSecurityStack(int Type, SSecurity* s0, SSecurity* s1)
  :state(0), state0(s0), state1(s1), type(Type) {}
 SSecurityStack::SSecurityStack(SConnection* sc, int Type,
                               SSecurity* s0, SSecurity* s1)
  : SSecurity(sc), state(0), state0(s0), state1(s1), type(Type)
 {
 }

 SSecurityStack::~SSecurityStack()
 {
@@ -31,13 +34,13 @@ SSecurityStack::~SSecurityStack()
    delete state1;
 }

 bool SSecurityStack::processMsg(SConnection* cc)
 bool SSecurityStack::processMsg()
 {
  bool res = true;

  if (state == 0) {
    if (state0)
      res = state0->processMsg(cc);
      res = state0->processMsg();
    if (!res)
      return res;
    state++;
@@ -45,7 +48,7 @@ bool SSecurityStack::processMsg(SConnection* cc)

  if (state == 1) {
    if (state1)
      res = state1->processMsg(cc);
      res = state1->processMsg();
    if (!res)
      return res;
    state++;
--- a/common/rfb/SSecurityStack.h
+++ b/common/rfb/SSecurityStack.h
@@ -26,9 +26,10 @@ namespace rfb {

  class SSecurityStack : public SSecurity {
  public:
    SSecurityStack(int Type, SSecurity* s0 = 0, SSecurity* s1 = 0);
    SSecurityStack(SConnection* sc, int Type,
                   SSecurity* s0 = NULL, SSecurity* s1 = NULL);
    ~SSecurityStack();
    virtual bool processMsg(SConnection* cc);
    virtual bool processMsg();
    virtual int getType() const { return type; };
    virtual const char* getUserName() const;
    virtual SConnection::AccessRights getAccessRights() const;
--- a/common/rfb/SSecurityTLS.cxx
+++ b/common/rfb/SSecurityTLS.cxx
@@ -49,9 +49,9 @@ StringParameter SSecurityTLS::X509_KeyFile

 static LogWriter vlog("TLS");

 SSecurityTLS::SSecurityTLS(bool _anon) : session(0), dh_params(0),
 						 anon_cred(0), cert_cred(0),
 						 anon(_anon), fis(0), fos(0)
 SSecurityTLS::SSecurityTLS(SConnection* sc, bool _anon)
  : SSecurity(sc), session(NULL), dh_params(NULL), anon_cred(NULL),
    cert_cred(NULL), anon(_anon), fis(NULL), fos(NULL)
 {
  certfile = X509_CertFile.getData();
  keyfile = X509_KeyFile.getData();
@@ -106,7 +106,7 @@ SSecurityTLS::~SSecurityTLS()
  gnutls_global_deinit();
 }

 bool SSecurityTLS::processMsg(SConnection *sc)
 bool SSecurityTLS::processMsg()
 {
  rdr::InStream* is = sc->getInStream();
  rdr::OutStream* os = sc->getOutStream();
--- a/common/rfb/SSecurityTLS.h
+++ b/common/rfb/SSecurityTLS.h
@@ -40,9 +40,9 @@ namespace rfb {

  class SSecurityTLS : public SSecurity {
  public:
    SSecurityTLS(bool _anon);
    SSecurityTLS(SConnection* sc, bool _anon);
    virtual ~SSecurityTLS();
    virtual bool processMsg(SConnection* sc);
    virtual bool processMsg();
    virtual const char* getUserName() const {return 0;}
    virtual int getType() const { return anon ? secTypeTLSNone : secTypeX509None;}

--- a/common/rfb/SSecurityVeNCrypt.cxx
+++ b/common/rfb/SSecurityVeNCrypt.cxx
@@ -38,7 +38,8 @@ using namespace std;

 static LogWriter vlog("SVeNCrypt");

 SSecurityVeNCrypt::SSecurityVeNCrypt(SecurityServer *sec) : security(sec)
 SSecurityVeNCrypt::SSecurityVeNCrypt(SConnection* sc, SecurityServer *sec)
  : SSecurity(sc), security(sec)
 {
  ssecurity = NULL;
  haveSentVersion = false;
@@ -63,7 +64,7 @@ SSecurityVeNCrypt::~SSecurityVeNCrypt()
  }
 }

 bool SSecurityVeNCrypt::processMsg(SConnection* sc)
 bool SSecurityVeNCrypt::processMsg()
 {
  rdr::InStream* is = sc->getInStream();
  rdr::OutStream* os = sc->getOutStream();
@@ -166,11 +167,11 @@ bool SSecurityVeNCrypt::processMsg(SConnection* sc)
    if (chosenType == secTypeInvalid || chosenType == secTypeVeNCrypt)
      throw AuthFailureException("No valid VeNCrypt sub-type");

    ssecurity = security->GetSSecurity(chosenType);
    ssecurity = security->GetSSecurity(sc, chosenType);
  }

  /* continue processing the messages */
  return ssecurity->processMsg(sc);
  return ssecurity->processMsg();
 }

 const char* SSecurityVeNCrypt::getUserName() const
--- a/common/rfb/SSecurityVeNCrypt.h
+++ b/common/rfb/SSecurityVeNCrypt.h
@@ -36,9 +36,9 @@ namespace rfb {

  class SSecurityVeNCrypt : public SSecurity {
  public:
    SSecurityVeNCrypt(SecurityServer *sec);
    SSecurityVeNCrypt(SConnection* sc, SecurityServer *sec);
    ~SSecurityVeNCrypt();
    virtual bool processMsg(SConnection* sc);// { return true; }
    virtual bool processMsg();
    virtual int getType() const { return chosenType; }
    virtual const char* getUserName() const;
    virtual SConnection::AccessRights getAccessRights() const;
--- a/common/rfb/SSecurityVncAuth.cxx
+++ b/common/rfb/SSecurityVncAuth.cxx
@@ -48,8 +48,9 @@ VncAuthPasswdParameter SSecurityVncAuth::vncAuthPasswd
 ("Password", "Obfuscated binary encoding of the password which clients must supply to "
 "access the server", &SSecurityVncAuth::vncAuthPasswdFile);

 SSecurityVncAuth::SSecurityVncAuth(void)
  : sentChallenge(false), responsePos(0), pg(&vncAuthPasswd), accessRights(0)
 SSecurityVncAuth::SSecurityVncAuth(SConnection* sc)
  : SSecurity(sc), sentChallenge(false), responsePos(0),
    pg(&vncAuthPasswd), accessRights(0)
 {
 }

@@ -70,7 +71,7 @@ bool SSecurityVncAuth::verifyResponse(const PlainPasswd &password)
  return memcmp(response, expectedResponse, vncAuthChallengeSize) == 0;
 }

 bool SSecurityVncAuth::processMsg(SConnection* sc)
 bool SSecurityVncAuth::processMsg()
 {
  rdr::InStream* is = sc->getInStream();
  rdr::OutStream* os = sc->getOutStream();
--- a/common/rfb/SSecurityVncAuth.h
+++ b/common/rfb/SSecurityVncAuth.h
@@ -51,8 +51,8 @@ namespace rfb {

  class SSecurityVncAuth : public SSecurity {
  public:
    SSecurityVncAuth(void);
    virtual bool processMsg(SConnection* sc);
    SSecurityVncAuth(SConnection* sc);
    virtual bool processMsg();
    virtual int getType() const {return secTypeVncAuth;}
    virtual const char* getUserName() const {return 0;}
    virtual SConnection::AccessRights getAccessRights() const { return accessRights; }
--- a/common/rfb/SecurityClient.cxx
+++ b/common/rfb/SecurityClient.cxx
@@ -55,7 +55,7 @@ StringParameter SecurityClient::secTypes
 #endif
 ConfViewer);

 CSecurity* SecurityClient::GetCSecurity(U32 secType)
 CSecurity* SecurityClient::GetCSecurity(CConnection* cc, U32 secType)
 {
  assert (CSecurity::upg != NULL); /* (upg == NULL) means bug in the viewer */
 #ifdef HAVE_GNUTLS
@@ -66,29 +66,39 @@ CSecurity* SecurityClient::GetCSecurity(U32 secType)
    goto bail;

  switch (secType) {
  case secTypeNone: return new CSecurityNone();
  case secTypeVncAuth: return new CSecurityVncAuth();
  case secTypeVeNCrypt: return new CSecurityVeNCrypt(this);
  case secTypePlain: return new CSecurityPlain();
  case secTypeNone: return new CSecurityNone(cc);
  case secTypeVncAuth: return new CSecurityVncAuth(cc);
  case secTypeVeNCrypt: return new CSecurityVeNCrypt(cc, this);
  case secTypePlain: return new CSecurityPlain(cc);
 #ifdef HAVE_GNUTLS
  case secTypeTLSNone:
    return new CSecurityStack(secTypeTLSNone, "TLS with no password",
 			      new CSecurityTLS(true));
    return new CSecurityStack(cc, secTypeTLSNone,
                              "TLS with no password",
                              new CSecurityTLS(cc, true));
  case secTypeTLSVnc:
    return new CSecurityStack(secTypeTLSVnc, "TLS with VNCAuth",
 			      new CSecurityTLS(true), new CSecurityVncAuth());
    return new CSecurityStack(cc, secTypeTLSVnc,
                              "TLS with VNCAuth",
                              new CSecurityTLS(cc, true),
                              new CSecurityVncAuth(cc));
  case secTypeTLSPlain:
    return new CSecurityStack(secTypeTLSPlain, "TLS with Username/Password",
 			      new CSecurityTLS(true), new CSecurityPlain());
    return new CSecurityStack(cc, secTypeTLSPlain,
                              "TLS with Username/Password",
                              new CSecurityTLS(cc, true),
                              new CSecurityPlain(cc));
  case secTypeX509None:
    return new CSecurityStack(secTypeX509None, "X509 with no password",
 			      new CSecurityTLS(false));
    return new CSecurityStack(cc, secTypeX509None,
                              "X509 with no password",
                              new CSecurityTLS(cc, false));
  case secTypeX509Vnc:
    return new CSecurityStack(secTypeX509Vnc, "X509 with VNCAuth",
 			      new CSecurityTLS(false), new CSecurityVncAuth());
    return new CSecurityStack(cc, secTypeX509Vnc,
                              "X509 with VNCAuth",
                              new CSecurityTLS(cc, false),
                              new CSecurityVncAuth(cc));
  case secTypeX509Plain:
    return new CSecurityStack(secTypeX509Plain, "X509 with Username/Password",
 			      new CSecurityTLS(false), new CSecurityPlain());
    return new CSecurityStack(cc, secTypeX509Plain,
                              "X509 with Username/Password",
                              new CSecurityTLS(cc, false),
                              new CSecurityPlain(cc));
 #endif
  }

--- a/common/rfb/SecurityClient.h
+++ b/common/rfb/SecurityClient.h
@@ -33,7 +33,7 @@ namespace rfb {
    SecurityClient(void) : Security(secTypes) {}

    /* Create client side CSecurity class instance */
    CSecurity* GetCSecurity(rdr::U32 secType);
    CSecurity* GetCSecurity(CConnection* cc, rdr::U32 secType);

    static void setDefaults(void);

--- a/common/rfb/SecurityServer.cxx
+++ b/common/rfb/SecurityServer.cxx
@@ -49,29 +49,29 @@ StringParameter SecurityServer::secTypes
 #endif
 ConfServer);

 SSecurity* SecurityServer::GetSSecurity(U32 secType)
 SSecurity* SecurityServer::GetSSecurity(SConnection* sc, U32 secType)
 {
  if (!IsSupported(secType))
    goto bail;

  switch (secType) {
  case secTypeNone: return new SSecurityNone();
  case secTypeVncAuth: return new SSecurityVncAuth();
  case secTypeVeNCrypt: return new SSecurityVeNCrypt(this);
  case secTypePlain: return new SSecurityPlain();
  case secTypeNone: return new SSecurityNone(sc);
  case secTypeVncAuth: return new SSecurityVncAuth(sc);
  case secTypeVeNCrypt: return new SSecurityVeNCrypt(sc, this);
  case secTypePlain: return new SSecurityPlain(sc);
 #ifdef HAVE_GNUTLS
  case secTypeTLSNone:
    return new SSecurityStack(secTypeTLSNone, new SSecurityTLS(true));
    return new SSecurityStack(sc, secTypeTLSNone, new SSecurityTLS(sc, true));
  case secTypeTLSVnc:
    return new SSecurityStack(secTypeTLSVnc, new SSecurityTLS(true), new SSecurityVncAuth());
    return new SSecurityStack(sc, secTypeTLSVnc, new SSecurityTLS(sc, true), new SSecurityVncAuth(sc));
  case secTypeTLSPlain:
    return new SSecurityStack(secTypeTLSPlain, new SSecurityTLS(true), new SSecurityPlain());
    return new SSecurityStack(sc, secTypeTLSPlain, new SSecurityTLS(sc, true), new SSecurityPlain(sc));
  case secTypeX509None:
    return new SSecurityStack(secTypeX509None, new SSecurityTLS(false));
    return new SSecurityStack(sc, secTypeX509None, new SSecurityTLS(sc, false));
  case secTypeX509Vnc:
    return new SSecurityStack(secTypeX509None, new SSecurityTLS(false), new SSecurityVncAuth());
    return new SSecurityStack(sc, secTypeX509None, new SSecurityTLS(sc, false), new SSecurityVncAuth(sc));
  case secTypeX509Plain:
    return new SSecurityStack(secTypeX509Plain, new SSecurityTLS(false), new SSecurityPlain());
    return new SSecurityStack(sc, secTypeX509Plain, new SSecurityTLS(sc, false), new SSecurityPlain(sc));
 #endif
  }

--- a/common/rfb/SecurityServer.h
+++ b/common/rfb/SecurityServer.h
@@ -24,7 +24,8 @@
 #include <rfb/Security.h>

 namespace rfb {
  

  class SConnection;
  class SSecurity;

  class SecurityServer : public Security {
@@ -32,7 +33,7 @@ namespace rfb {
    SecurityServer(void) : Security(secTypes) {}

    /* Create server side SSecurity class instance */
    SSecurity* GetSSecurity(rdr::U32 secType);
    SSecurity* GetSSecurity(SConnection* sc, rdr::U32 secType);

    static StringParameter secTypes;
  };