-/* Copyright (C) 2005 Martin Koegler\r
- * Copyright (C) 2006 OCCAM Financial Technology\r
- * Copyright (C) 2010 TigerVNC Team\r
- * \r
- * This is free software; you can redistribute it and/or modify\r
- * it under the terms of the GNU General Public License as published by\r
- * the Free Software Foundation; either version 2 of the License, or\r
- * (at your option) any later version.\r
- * \r
- * This software is distributed in the hope that it will be useful,\r
- * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
- * GNU General Public License for more details.\r
- * \r
- * You should have received a copy of the GNU General Public License\r
- * along with this software; if not, write to the Free Software\r
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,\r
- * USA.\r
- */\r
-#ifndef __RFB_CSECURITYSTACK_H__\r
-#define __RFB_CSECURITYSTACK_H__\r
-\r
-#include <rfb/CSecurity.h>\r
-#include <rfb/Security.h>\r
-\r
-namespace rfb {\r
-\r
- class CSecurityStack : public CSecurity {\r
- public:\r
- CSecurityStack(int Type, const char *Name, CSecurity* s0 = 0, CSecurity* s1 = 0);\r
- ~CSecurityStack();\r
- virtual bool processMsg(CConnection* cc);\r
- virtual int getType() const {return type;};\r
- virtual const char* description() const {return name;}\r
- protected:\r
- int state;\r
- CSecurity* state0;\r
- CSecurity* state1;\r
- const char* name;\r
- int type;\r
- };\r
-}\r
-#endif\r
+/* Copyright (C) 2005 Martin Koegler
+ * Copyright (C) 2006 OCCAM Financial Technology
+ * Copyright (C) 2010 TigerVNC Team
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+#ifndef __RFB_CSECURITYSTACK_H__
+#define __RFB_CSECURITYSTACK_H__
+
+#include <rfb/CSecurity.h>
+#include <rfb/Security.h>
+
+namespace rfb {
+
+ class CSecurityStack : public CSecurity {
+ public:
+ CSecurityStack(int Type, const char *Name, CSecurity* s0 = 0, CSecurity* s1 = 0);
+ ~CSecurityStack();
+ virtual bool processMsg(CConnection* cc);
+ virtual int getType() const {return type;};
+ virtual const char* description() const {return name;}
+ protected:
+ int state;
+ CSecurity* state0;
+ CSecurity* state1;
+ const char* name;
+ int type;
+ };
+}
+#endif
-/* \r
- * Copyright (C) 2004 Red Hat Inc.\r
- * Copyright (C) 2005 Martin Koegler\r
- * Copyright (C) 2010 TigerVNC Team\r
- * \r
- * This is free software; you can redistribute it and/or modify\r
- * it under the terms of the GNU General Public License as published by\r
- * the Free Software Foundation; either version 2 of the License, or\r
- * (at your option) any later version.\r
- * \r
- * This software is distributed in the hope that it will be useful,\r
- * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
- * GNU General Public License for more details.\r
- * \r
- * You should have received a copy of the GNU General Public License\r
- * along with this software; if not, write to the Free Software\r
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,\r
- * USA.\r
- */\r
-\r
-#ifndef __C_SECURITY_TLS_H__\r
-#define __C_SECURITY_TLS_H__\r
-\r
-#ifdef HAVE_CONFIG_H\r
-#include <config.h>\r
-#endif\r
-\r
-#ifndef HAVE_GNUTLS\r
-#error "This header should not be compiled without HAVE_GNUTLS defined"\r
-#endif\r
-\r
-#include <rfb/CSecurity.h>\r
-#include <rfb/SSecurityVeNCrypt.h>\r
-#include <rfb/Security.h>\r
-#include <rdr/InStream.h>\r
-#include <rdr/OutStream.h>\r
-#include <gnutls/gnutls.h>\r
-\r
-namespace rfb {\r
- class CSecurityTLS : public CSecurity {\r
- public:\r
- CSecurityTLS(bool _anon);\r
- virtual ~CSecurityTLS();\r
- virtual bool processMsg(CConnection* cc);\r
- virtual int getType() const { return anon ? secTypeTLSNone : secTypeX509None; }\r
- virtual const char* description() const\r
- { return anon ? "TLS Encryption without VncAuth" : "X509 Encryption without VncAuth"; }\r
-\r
- static StringParameter x509ca;\r
- static StringParameter x509crl;\r
-\r
- protected:\r
- void shutdown();\r
- void freeResources();\r
- void setParam();\r
- void checkSession();\r
- CConnection *client;\r
-\r
- private:\r
- static void initGlobal();\r
-\r
- gnutls_session session;\r
- gnutls_anon_client_credentials anon_cred;\r
- gnutls_certificate_credentials cert_cred;\r
- bool anon;\r
-\r
- char *cafile, *crlfile;\r
- rdr::InStream* fis;\r
- rdr::OutStream* fos;\r
- };\r
-}\r
-\r
-#endif\r
+/*
+ * Copyright (C) 2004 Red Hat Inc.
+ * Copyright (C) 2005 Martin Koegler
+ * Copyright (C) 2010 TigerVNC Team
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+
+#ifndef __C_SECURITY_TLS_H__
+#define __C_SECURITY_TLS_H__
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#ifndef HAVE_GNUTLS
+#error "This header should not be compiled without HAVE_GNUTLS defined"
+#endif
+
+#include <rfb/CSecurity.h>
+#include <rfb/SSecurityVeNCrypt.h>
+#include <rfb/Security.h>
+#include <rdr/InStream.h>
+#include <rdr/OutStream.h>
+#include <gnutls/gnutls.h>
+
+namespace rfb {
+ class CSecurityTLS : public CSecurity {
+ public:
+ CSecurityTLS(bool _anon);
+ virtual ~CSecurityTLS();
+ virtual bool processMsg(CConnection* cc);
+ virtual int getType() const { return anon ? secTypeTLSNone : secTypeX509None; }
+ virtual const char* description() const
+ { return anon ? "TLS Encryption without VncAuth" : "X509 Encryption without VncAuth"; }
+
+ static StringParameter x509ca;
+ static StringParameter x509crl;
+
+ protected:
+ void shutdown();
+ void freeResources();
+ void setParam();
+ void checkSession();
+ CConnection *client;
+
+ private:
+ static void initGlobal();
+
+ gnutls_session session;
+ gnutls_anon_client_credentials anon_cred;
+ gnutls_certificate_credentials cert_cred;
+ bool anon;
+
+ char *cafile, *crlfile;
+ rdr::InStream* fis;
+ rdr::OutStream* fos;
+ };
+}
+
+#endif
-/* \r
- * Copyright (C) 2006 OCCAM Financial Technology\r
- * Copyright (C) 2005-2006 Martin Koegler\r
- * Copyright (C) 2010 TigerVNC Team\r
- * \r
- * This is free software; you can redistribute it and/or modify\r
- * it under the terms of the GNU General Public License as published by\r
- * the Free Software Foundation; either version 2 of the License, or\r
- * (at your option) any later version.\r
- * \r
- * This software is distributed in the hope that it will be useful,\r
- * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
- * GNU General Public License for more details.\r
- * \r
- * You should have received a copy of the GNU General Public License\r
- * along with this software; if not, write to the Free Software\r
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,\r
- * USA.\r
- */\r
-//\r
-// CSecurityVeNCrypt\r
-//\r
-\r
-#include <rfb/Exception.h>\r
-#include <rdr/InStream.h>\r
-#include <rdr/OutStream.h>\r
-#include <rfb/CConnection.h>\r
-#include <rfb/CSecurityVeNCrypt.h>\r
-#include <rfb/LogWriter.h>\r
-#include <list>\r
-\r
-using namespace rfb;\r
-using namespace rdr;\r
-using namespace std;\r
-\r
-static LogWriter vlog("CVeNCrypt");\r
-\r
-CSecurityVeNCrypt::CSecurityVeNCrypt(Security* sec) : csecurity(NULL), security(sec)\r
-{\r
- haveRecvdMajorVersion = false;\r
- haveRecvdMinorVersion = false;\r
- haveSentVersion = false;\r
- haveAgreedVersion = false;\r
- haveListOfTypes = false;\r
- haveNumberOfTypes = false;\r
- haveChosenType = false;\r
- majorVersion = 0;\r
- minorVersion = 0;\r
- chosenType = secTypeVeNCrypt;\r
- nAvailableTypes = 0;\r
- availableTypes = NULL;\r
- iAvailableType = 0;\r
-}\r
-\r
-CSecurityVeNCrypt::~CSecurityVeNCrypt()\r
-{\r
- if (availableTypes)\r
- delete[] availableTypes;\r
-}\r
-\r
-bool CSecurityVeNCrypt::processMsg(CConnection* cc)\r
-{\r
- InStream* is = cc->getInStream();\r
- OutStream* os = cc->getOutStream();\r
- \r
- /* get major, minor versions, send what we can support (or 0.0 for can't support it) */\r
- if (!haveRecvdMajorVersion) {\r
- majorVersion = is->readU8();\r
- haveRecvdMajorVersion = true;\r
-\r
- return false;\r
- }\r
-\r
- if (!haveRecvdMinorVersion) {\r
- minorVersion = is->readU8();\r
- haveRecvdMinorVersion = true;\r
- }\r
-\r
- /* major version in upper 8 bits and minor version in lower 8 bits */\r
- U16 Version = (((U16) majorVersion) << 8) | ((U16) minorVersion);\r
- \r
- if (!haveSentVersion) {\r
- /* Currently we don't support former VeNCrypt 0.1 */\r
- if (Version >= 0x0002) {\r
- majorVersion = 0;\r
- minorVersion = 2;\r
- os->writeU8(majorVersion);\r
- os->writeU8(minorVersion);\r
- os->flush();\r
- } else {\r
- /* Send 0.0 to indicate no support */\r
- majorVersion = 0;\r
- minorVersion = 0;\r
- os->writeU8(0);\r
- os->writeU8(0);\r
- os->flush();\r
- throw AuthFailureException("The server reported an unsupported VeNCrypt version");\r
- }\r
-\r
- haveSentVersion = true;\r
- return false;\r
- }\r
-\r
- /* Check that the server is OK */\r
- if (!haveAgreedVersion) {\r
- if (is->readU8())\r
- throw AuthFailureException("The server reported it could not support the "\r
- "VeNCrypt version");\r
-\r
- haveAgreedVersion = true;\r
- return false;\r
- }\r
- \r
- /* get a number of types */\r
- if (!haveNumberOfTypes) {\r
- nAvailableTypes = is->readU8();\r
- iAvailableType = 0;\r
-\r
- if (!nAvailableTypes)\r
- throw AuthFailureException("The server reported no VeNCrypt sub-types");\r
-\r
- availableTypes = new rdr::U32[nAvailableTypes];\r
- haveNumberOfTypes = true;\r
- return false;\r
- }\r
-\r
- if (nAvailableTypes) {\r
- /* read in the types possible */\r
- if (!haveListOfTypes) {\r
- if (is->checkNoWait(4)) {\r
- availableTypes[iAvailableType++] = is->readU32();\r
- haveListOfTypes = (iAvailableType >= nAvailableTypes);\r
- vlog.debug("Server offers security type %s (%d)",\r
- secTypeName(availableTypes[iAvailableType - 1]),\r
- availableTypes[iAvailableType - 1]);\r
-\r
- if (!haveListOfTypes)\r
- return false;\r
-\r
- } else\r
- return false;\r
- }\r
-\r
- /* make a choice and send it to the server, meanwhile set up the stack */\r
- if (!haveChosenType) {\r
- chosenType = secTypeInvalid;\r
- U8 i;\r
- list<U32>::iterator j;\r
- list<U32> preferredList;\r
-\r
- /* Try preferred choice */\r
- preferredList = security->GetEnabledExtSecTypes();\r
-\r
- for (j = preferredList.begin(); j != preferredList.end(); j++) {\r
- for (i = 0; i < nAvailableTypes; i++) {\r
- if (*j == availableTypes[i]) {\r
- chosenType = *j;\r
- break;\r
- }\r
- }\r
-\r
- if (chosenType != secTypeInvalid)\r
- break;\r
- }\r
-\r
- vlog.debug("Choosing security type %s (%d)", secTypeName(chosenType),\r
- chosenType);\r
-\r
- /* Set up the stack according to the chosen type: */\r
- if (chosenType == secTypeInvalid || chosenType == secTypeVeNCrypt)\r
- throw AuthFailureException("No valid VeNCrypt sub-type");\r
-\r
- csecurity = security->GetCSecurity(chosenType);\r
-\r
- /* send chosen type to server */\r
- os->writeU32(chosenType);\r
- os->flush();\r
-\r
- haveChosenType = true;\r
- }\r
- } else {\r
- /*\r
- * Server told us that there are 0 types it can support - this should not\r
- * happen, since if the server supports 0 sub-types, it doesn't support\r
- * this security type\r
- */\r
- throw AuthFailureException("The server reported 0 VeNCrypt sub-types");\r
- }\r
-\r
- return csecurity->processMsg(cc);\r
-}\r
-\r
+/*
+ * Copyright (C) 2006 OCCAM Financial Technology
+ * Copyright (C) 2005-2006 Martin Koegler
+ * Copyright (C) 2010 TigerVNC Team
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+//
+// CSecurityVeNCrypt
+//
+
+#include <rfb/Exception.h>
+#include <rdr/InStream.h>
+#include <rdr/OutStream.h>
+#include <rfb/CConnection.h>
+#include <rfb/CSecurityVeNCrypt.h>
+#include <rfb/LogWriter.h>
+#include <list>
+
+using namespace rfb;
+using namespace rdr;
+using namespace std;
+
+static LogWriter vlog("CVeNCrypt");
+
+CSecurityVeNCrypt::CSecurityVeNCrypt(Security* sec) : csecurity(NULL), security(sec)
+{
+ haveRecvdMajorVersion = false;
+ haveRecvdMinorVersion = false;
+ haveSentVersion = false;
+ haveAgreedVersion = false;
+ haveListOfTypes = false;
+ haveNumberOfTypes = false;
+ haveChosenType = false;
+ majorVersion = 0;
+ minorVersion = 0;
+ chosenType = secTypeVeNCrypt;
+ nAvailableTypes = 0;
+ availableTypes = NULL;
+ iAvailableType = 0;
+}
+
+CSecurityVeNCrypt::~CSecurityVeNCrypt()
+{
+ if (availableTypes)
+ delete[] availableTypes;
+}
+
+bool CSecurityVeNCrypt::processMsg(CConnection* cc)
+{
+ InStream* is = cc->getInStream();
+ OutStream* os = cc->getOutStream();
+
+ /* get major, minor versions, send what we can support (or 0.0 for can't support it) */
+ if (!haveRecvdMajorVersion) {
+ majorVersion = is->readU8();
+ haveRecvdMajorVersion = true;
+
+ return false;
+ }
+
+ if (!haveRecvdMinorVersion) {
+ minorVersion = is->readU8();
+ haveRecvdMinorVersion = true;
+ }
+
+ /* major version in upper 8 bits and minor version in lower 8 bits */
+ U16 Version = (((U16) majorVersion) << 8) | ((U16) minorVersion);
+
+ if (!haveSentVersion) {
+ /* Currently we don't support former VeNCrypt 0.1 */
+ if (Version >= 0x0002) {
+ majorVersion = 0;
+ minorVersion = 2;
+ os->writeU8(majorVersion);
+ os->writeU8(minorVersion);
+ os->flush();
+ } else {
+ /* Send 0.0 to indicate no support */
+ majorVersion = 0;
+ minorVersion = 0;
+ os->writeU8(0);
+ os->writeU8(0);
+ os->flush();
+ throw AuthFailureException("The server reported an unsupported VeNCrypt version");
+ }
+
+ haveSentVersion = true;
+ return false;
+ }
+
+ /* Check that the server is OK */
+ if (!haveAgreedVersion) {
+ if (is->readU8())
+ throw AuthFailureException("The server reported it could not support the "
+ "VeNCrypt version");
+
+ haveAgreedVersion = true;
+ return false;
+ }
+
+ /* get a number of types */
+ if (!haveNumberOfTypes) {
+ nAvailableTypes = is->readU8();
+ iAvailableType = 0;
+
+ if (!nAvailableTypes)
+ throw AuthFailureException("The server reported no VeNCrypt sub-types");
+
+ availableTypes = new rdr::U32[nAvailableTypes];
+ haveNumberOfTypes = true;
+ return false;
+ }
+
+ if (nAvailableTypes) {
+ /* read in the types possible */
+ if (!haveListOfTypes) {
+ if (is->checkNoWait(4)) {
+ availableTypes[iAvailableType++] = is->readU32();
+ haveListOfTypes = (iAvailableType >= nAvailableTypes);
+ vlog.debug("Server offers security type %s (%d)",
+ secTypeName(availableTypes[iAvailableType - 1]),
+ availableTypes[iAvailableType - 1]);
+
+ if (!haveListOfTypes)
+ return false;
+
+ } else
+ return false;
+ }
+
+ /* make a choice and send it to the server, meanwhile set up the stack */
+ if (!haveChosenType) {
+ chosenType = secTypeInvalid;
+ U8 i;
+ list<U32>::iterator j;
+ list<U32> preferredList;
+
+ /* Try preferred choice */
+ preferredList = security->GetEnabledExtSecTypes();
+
+ for (j = preferredList.begin(); j != preferredList.end(); j++) {
+ for (i = 0; i < nAvailableTypes; i++) {
+ if (*j == availableTypes[i]) {
+ chosenType = *j;
+ break;
+ }
+ }
+
+ if (chosenType != secTypeInvalid)
+ break;
+ }
+
+ vlog.debug("Choosing security type %s (%d)", secTypeName(chosenType),
+ chosenType);
+
+ /* Set up the stack according to the chosen type: */
+ if (chosenType == secTypeInvalid || chosenType == secTypeVeNCrypt)
+ throw AuthFailureException("No valid VeNCrypt sub-type");
+
+ csecurity = security->GetCSecurity(chosenType);
+
+ /* send chosen type to server */
+ os->writeU32(chosenType);
+ os->flush();
+
+ haveChosenType = true;
+ }
+ } else {
+ /*
+ * Server told us that there are 0 types it can support - this should not
+ * happen, since if the server supports 0 sub-types, it doesn't support
+ * this security type
+ */
+ throw AuthFailureException("The server reported 0 VeNCrypt sub-types");
+ }
+
+ return csecurity->processMsg(cc);
+}
+
-/*\r
- * Copyright (C) 2005-2006 Martin Koegler\r
- * Copyright (C) 2006 OCCAM Financial Technology\r
- * Copyright (C) 2010 TigerVNC Team\r
- * \r
- * This is free software; you can redistribute it and/or modify\r
- * it under the terms of the GNU General Public License as published by\r
- * the Free Software Foundation; either version 2 of the License, or\r
- * (at your option) any later version.\r
- * \r
- * This software is distributed in the hope that it will be useful,\r
- * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
- * GNU General Public License for more details.\r
- * \r
- * You should have received a copy of the GNU General Public License\r
- * along with this software; if not, write to the Free Software\r
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,\r
- * USA.\r
- */\r
-//\r
-// CSecurityVeNCrypt\r
-//\r
-\r
-#ifndef __CSECURITYVENCRYPT_H__\r
-#define __CSECURITYVENCRYPT_H__\r
-\r
-#include <rfb/CSecurity.h>\r
-#include <rfb/Security.h>\r
-#include <rdr/types.h>\r
-\r
-namespace rfb {\r
-\r
- class CSecurityVeNCrypt : public CSecurity {\r
- public:\r
-\r
- CSecurityVeNCrypt(Security* sec);\r
- ~CSecurityVeNCrypt();\r
- virtual bool processMsg(CConnection* cc);// { return true; }\r
- int getType() const {return chosenType;}\r
- virtual const char* description() const { return secTypeName(chosenType); }\r
-\r
- static StringParameter secTypesStr;\r
- protected:\r
- CSecurity *csecurity;\r
- Security *security;\r
- bool haveRecvdMajorVersion;\r
- bool haveRecvdMinorVersion;\r
- bool haveSentVersion;\r
- bool haveAgreedVersion;\r
- bool haveListOfTypes;\r
- bool haveNumberOfTypes;\r
- bool haveChosenType;\r
- rdr::U8 majorVersion, minorVersion;\r
- rdr::U32 chosenType;\r
- rdr::U8 nAvailableTypes;\r
- rdr::U32 *availableTypes;\r
- rdr::U8 iAvailableType;\r
- const char* desc;\r
- };\r
-}\r
-#endif\r
+/*
+ * Copyright (C) 2005-2006 Martin Koegler
+ * Copyright (C) 2006 OCCAM Financial Technology
+ * Copyright (C) 2010 TigerVNC Team
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+//
+// CSecurityVeNCrypt
+//
+
+#ifndef __CSECURITYVENCRYPT_H__
+#define __CSECURITYVENCRYPT_H__
+
+#include <rfb/CSecurity.h>
+#include <rfb/Security.h>
+#include <rdr/types.h>
+
+namespace rfb {
+
+ class CSecurityVeNCrypt : public CSecurity {
+ public:
+
+ CSecurityVeNCrypt(Security* sec);
+ ~CSecurityVeNCrypt();
+ virtual bool processMsg(CConnection* cc);// { return true; }
+ int getType() const {return chosenType;}
+ virtual const char* description() const { return secTypeName(chosenType); }
+
+ static StringParameter secTypesStr;
+ protected:
+ CSecurity *csecurity;
+ Security *security;
+ bool haveRecvdMajorVersion;
+ bool haveRecvdMinorVersion;
+ bool haveSentVersion;
+ bool haveAgreedVersion;
+ bool haveListOfTypes;
+ bool haveNumberOfTypes;
+ bool haveChosenType;
+ rdr::U8 majorVersion, minorVersion;
+ rdr::U32 chosenType;
+ rdr::U8 nAvailableTypes;
+ rdr::U32 *availableTypes;
+ rdr::U8 iAvailableType;
+ const char* desc;
+ };
+}
+#endif
-/* Copyright (C) 2005 Martin Koegler\r
- * Copyright (C) 2006 OCCAM Financial Technology\r
- * \r
- * This is free software; you can redistribute it and/or modify\r
- * it under the terms of the GNU General Public License as published by\r
- * the Free Software Foundation; either version 2 of the License, or\r
- * (at your option) any later version.\r
- * \r
- * This software is distributed in the hope that it will be useful,\r
- * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
- * GNU General Public License for more details.\r
- * \r
- * You should have received a copy of the GNU General Public License\r
- * along with this software; if not, write to the Free Software\r
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,\r
- * USA.\r
- */\r
-\r
-#ifdef HAVE_CONFIG_H\r
-#include <config.h>\r
-#endif\r
-\r
-#include <rfb/SSecurityPlain.h>\r
-#include <rfb/SConnection.h>\r
-#include <rfb/Exception.h>\r
-#include <rdr/InStream.h>\r
-\r
-using namespace rfb;\r
-\r
-StringParameter PasswordValidator::plainUsers\r
-("PlainUsers",\r
- "Users permitted to access via Plain security type (including TLSPlain, X509Plain etc.)",\r
- "");\r
-\r
-bool PasswordValidator::validUser(const char* username)\r
-{\r
- CharArray users(strDup(plainUsers.getValueStr())), user;\r
- while (users.buf) {\r
- strSplit(users.buf, ',', &user.buf, &users.buf);\r
-#ifdef WIN32\r
- if(0==stricmp(user.buf, "*"))\r
- return true;\r
- if(0==stricmp(user.buf, username))\r
- return true;\r
-#else\r
- if(!strcmp (user.buf, "*"))\r
- return true;\r
- if(!strcmp (user.buf, username))\r
- return true;\r
-#endif\r
- }\r
- return false;\r
-}\r
-\r
-SSecurityPlain::SSecurityPlain(PasswordValidator* _valid)\r
-{\r
- valid=_valid;\r
- state=0;\r
-}\r
-\r
-bool SSecurityPlain::processMsg(SConnection* sc)\r
-{\r
- rdr::InStream* is = sc->getInStream();\r
- char* pw;\r
- char *uname;\r
- CharArray password;\r
-\r
- if(state==0)\r
- {\r
- if(!is->checkNoWait(8))\r
- return false;\r
- ulen=is->readU32();\r
- plen=is->readU32();\r
- state=1;\r
- }\r
- if(state==1)\r
- {\r
- if(is->checkNoWait(ulen+plen+2))\r
- return false;\r
- state=2;\r
- pw=new char[plen+1];\r
- uname=new char[ulen+1];\r
- username.replaceBuf(uname);\r
- password.replaceBuf(pw);\r
- is->readBytes(uname,ulen);\r
- is->readBytes(pw,plen);\r
- pw[plen]=0;\r
- uname[ulen]=0;\r
- plen=0;\r
- if(!valid->validate(sc,uname,pw))\r
- throw AuthFailureException("invalid password or username");\r
- return true;\r
- }\r
- return true;\r
-}\r
-\r
+/* Copyright (C) 2005 Martin Koegler
+ * Copyright (C) 2006 OCCAM Financial Technology
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <rfb/SSecurityPlain.h>
+#include <rfb/SConnection.h>
+#include <rfb/Exception.h>
+#include <rdr/InStream.h>
+
+using namespace rfb;
+
+StringParameter PasswordValidator::plainUsers
+("PlainUsers",
+ "Users permitted to access via Plain security type (including TLSPlain, X509Plain etc.)",
+ "");
+
+bool PasswordValidator::validUser(const char* username)
+{
+ CharArray users(strDup(plainUsers.getValueStr())), user;
+ while (users.buf) {
+ strSplit(users.buf, ',', &user.buf, &users.buf);
+#ifdef WIN32
+ if(0==stricmp(user.buf, "*"))
+ return true;
+ if(0==stricmp(user.buf, username))
+ return true;
+#else
+ if(!strcmp (user.buf, "*"))
+ return true;
+ if(!strcmp (user.buf, username))
+ return true;
+#endif
+ }
+ return false;
+}
+
+SSecurityPlain::SSecurityPlain(PasswordValidator* _valid)
+{
+ valid=_valid;
+ state=0;
+}
+
+bool SSecurityPlain::processMsg(SConnection* sc)
+{
+ rdr::InStream* is = sc->getInStream();
+ char* pw;
+ char *uname;
+ CharArray password;
+
+ if(state==0)
+ {
+ if(!is->checkNoWait(8))
+ return false;
+ ulen=is->readU32();
+ plen=is->readU32();
+ state=1;
+ }
+ if(state==1)
+ {
+ if(is->checkNoWait(ulen+plen+2))
+ return false;
+ state=2;
+ pw=new char[plen+1];
+ uname=new char[ulen+1];
+ username.replaceBuf(uname);
+ password.replaceBuf(pw);
+ is->readBytes(uname,ulen);
+ is->readBytes(pw,plen);
+ pw[plen]=0;
+ uname[ulen]=0;
+ plen=0;
+ if(!valid->validate(sc,uname,pw))
+ throw AuthFailureException("invalid password or username");
+ return true;
+ }
+ return true;
+}
+
-/* Copyright (C) 2005 Martin Koegler\r
- * Copyright (C) 2006 OCCAM Financial Technology\r
- * Copyright (C) 2010 TigerVNC Team\r
- * \r
- * This is free software; you can redistribute it and/or modify\r
- * it under the terms of the GNU General Public License as published by\r
- * the Free Software Foundation; either version 2 of the License, or\r
- * (at your option) any later version.\r
- * \r
- * This software is distributed in the hope that it will be useful,\r
- * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
- * GNU General Public License for more details.\r
- * \r
- * You should have received a copy of the GNU General Public License\r
- * along with this software; if not, write to the Free Software\r
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,\r
- * USA.\r
- */\r
-#ifndef __RFB_SSECURITYPLAIN_H__\r
-#define __RFB_SSECURITYPLAIN_H__\r
-\r
-#ifdef HAVE_CONFIG_H\r
-#include <config.h>\r
-#endif\r
-\r
-#include <rfb/SConnection.h>\r
-#include <rfb/SSecurity.h>\r
-#include <rfb/SSecurityVeNCrypt.h>\r
-#include <rfb/util.h>\r
-#include <rfb/Configuration.h>\r
-\r
-namespace rfb {\r
-\r
- class PasswordValidator {\r
- public:\r
- // validate username / password combination\r
- bool validate(SConnection* sc, const char *username, const char *password) { return validUser(username) ? validateInternal(sc, username, password) : false; };\r
- static StringParameter plainUsers;\r
- protected:\r
- virtual bool validateInternal(SConnection* sc, const char *username, const char *password)=0;\r
- static bool validUser(const char* username);\r
- };\r
-\r
- class SSecurityPlain : public SSecurity {\r
- public:\r
- SSecurityPlain(PasswordValidator* valid);\r
- virtual bool processMsg(SConnection* sc);\r
- virtual int getType() const {return secTypePlain;};\r
- virtual const char* getUserName() const { return username.buf; }\r
-\r
- private:\r
- PasswordValidator* valid;\r
- unsigned int ulen,plen,state;\r
- CharArray username;\r
- };\r
-\r
-}\r
-#endif\r
-\r
+/* Copyright (C) 2005 Martin Koegler
+ * Copyright (C) 2006 OCCAM Financial Technology
+ * Copyright (C) 2010 TigerVNC Team
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+#ifndef __RFB_SSECURITYPLAIN_H__
+#define __RFB_SSECURITYPLAIN_H__
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <rfb/SConnection.h>
+#include <rfb/SSecurity.h>
+#include <rfb/SSecurityVeNCrypt.h>
+#include <rfb/util.h>
+#include <rfb/Configuration.h>
+
+namespace rfb {
+
+ class PasswordValidator {
+ public:
+ // validate username / password combination
+ bool validate(SConnection* sc, const char *username, const char *password) { return validUser(username) ? validateInternal(sc, username, password) : false; };
+ static StringParameter plainUsers;
+ protected:
+ virtual bool validateInternal(SConnection* sc, const char *username, const char *password)=0;
+ static bool validUser(const char* username);
+ };
+
+ class SSecurityPlain : public SSecurity {
+ public:
+ SSecurityPlain(PasswordValidator* valid);
+ virtual bool processMsg(SConnection* sc);
+ virtual int getType() const {return secTypePlain;};
+ virtual const char* getUserName() const { return username.buf; }
+
+ private:
+ PasswordValidator* valid;
+ unsigned int ulen,plen,state;
+ CharArray username;
+ };
+
+}
+#endif
+
-/* Copyright (C) 2005 Martin Koegler\r
- * Copyright (C) 2006 OCCAM Financial Technology\r
- * Copyright (C) 2010 TigerVNC Team\r
- * \r
- * This is free software; you can redistribute it and/or modify\r
- * it under the terms of the GNU General Public License as published by\r
- * the Free Software Foundation; either version 2 of the License, or\r
- * (at your option) any later version.\r
- * \r
- * This software is distributed in the hope that it will be useful,\r
- * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
- * GNU General Public License for more details.\r
- * \r
- * You should have received a copy of the GNU General Public License\r
- * along with this software; if not, write to the Free Software\r
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,\r
- * USA.\r
- */\r
-#ifndef __RFB_SSECURITYSTACK_H__\r
-#define __RFB_SSECURITYSTACK_H__\r
-\r
-#include <rfb/SSecurity.h>\r
-\r
-namespace rfb {\r
-\r
- class SSecurityStack : public SSecurity {\r
- public:\r
- SSecurityStack(int Type, SSecurity* s0 = 0, SSecurity* s1 = 0);\r
- ~SSecurityStack();\r
- virtual bool processMsg(SConnection* cc);\r
- virtual int getType() const { return type; };\r
- virtual const char* getUserName() const;\r
- protected:\r
- short state;\r
- SSecurity* state0;\r
- SSecurity* state1;\r
- int type;\r
- };\r
-}\r
-#endif\r
+/* Copyright (C) 2005 Martin Koegler
+ * Copyright (C) 2006 OCCAM Financial Technology
+ * Copyright (C) 2010 TigerVNC Team
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+#ifndef __RFB_SSECURITYSTACK_H__
+#define __RFB_SSECURITYSTACK_H__
+
+#include <rfb/SSecurity.h>
+
+namespace rfb {
+
+ class SSecurityStack : public SSecurity {
+ public:
+ SSecurityStack(int Type, SSecurity* s0 = 0, SSecurity* s1 = 0);
+ ~SSecurityStack();
+ virtual bool processMsg(SConnection* cc);
+ virtual int getType() const { return type; };
+ virtual const char* getUserName() const;
+ protected:
+ short state;
+ SSecurity* state0;
+ SSecurity* state1;
+ int type;
+ };
+}
+#endif
-/*\r
- * Copyright (C) 2005-2006 Martin Koegler\r
- * Copyright (C) 2006 OCCAM Financial Technology\r
- * Copyright (C) 2010 TigerVNC Team\r
- * \r
- * This is free software; you can redistribute it and/or modify\r
- * it under the terms of the GNU General Public License as published by\r
- * the Free Software Foundation; either version 2 of the License, or\r
- * (at your option) any later version.\r
- * \r
- * This software is distributed in the hope that it will be useful,\r
- * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
- * GNU General Public License for more details.\r
- * \r
- * You should have received a copy of the GNU General Public License\r
- * along with this software; if not, write to the Free Software\r
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,\r
- * USA.\r
- */\r
-/*\r
- * SSecurityVeNCrypt\r
- */\r
-\r
-#ifdef HAVE_CONFIG_H\r
-#include <config.h>\r
-#endif\r
-\r
-#include <rfb/SSecurityVeNCrypt.h>\r
-#include <rfb/Exception.h>\r
-#include <rfb/LogWriter.h>\r
-#include <rdr/InStream.h>\r
-#include <rdr/OutStream.h>\r
-\r
-using namespace rfb;\r
-using namespace rdr;\r
-using namespace std;\r
-\r
-static LogWriter vlog("SVeNCrypt");\r
-\r
-SSecurityVeNCrypt::SSecurityVeNCrypt(Security *sec) : security(sec)\r
-{\r
- ssecurity = NULL;\r
- haveSentVersion = false;\r
- haveRecvdMajorVersion = false;\r
- haveRecvdMinorVersion = false;\r
- majorVersion = 0;\r
- minorVersion = 0;\r
- haveSentTypes = false;\r
- haveChosenType = false;\r
- chosenType = secTypeVeNCrypt;\r
- numTypes = 0;\r
- subTypes = NULL;\r
-}\r
-\r
-SSecurityVeNCrypt::~SSecurityVeNCrypt()\r
-{\r
- if (subTypes) {\r
- delete [] subTypes;\r
- subTypes = NULL;\r
- }\r
-}\r
-\r
-bool SSecurityVeNCrypt::processMsg(SConnection* sc)\r
-{\r
- rdr::InStream* is = sc->getInStream();\r
- rdr::OutStream* os = sc->getOutStream();\r
- rdr::U8 i;\r
-\r
- /* VeNCrypt initialization */\r
-\r
- /* Send the highest version we can support */\r
- if (!haveSentVersion) {\r
- os->writeU8(0);\r
- os->writeU8(2);\r
- haveSentVersion = true;\r
- os->flush();\r
-\r
- return false;\r
- }\r
-\r
- /* Receive back highest version that client can support (up to and including ours) */\r
- if (!haveRecvdMajorVersion) {\r
- majorVersion = is->readU8();\r
- haveRecvdMajorVersion = true;\r
-\r
- return false;\r
- }\r
-\r
- if (!haveRecvdMinorVersion) {\r
- minorVersion = is->readU8();\r
- haveRecvdMinorVersion = true;\r
-\r
- /* WORD value with major version in upper 8 bits and minor version in lower 8 bits */\r
- U16 Version = (((U16)majorVersion) << 8) | ((U16)minorVersion);\r
-\r
- switch (Version) {\r
- case 0x0000: /* 0.0 - The client cannot support us! */\r
- case 0x0001: /* 0.1 Legacy VeNCrypt, not supported */\r
- os->writeU8(0xFF); /* This is not OK */\r
- os->flush();\r
- throw AuthFailureException("The client cannot support the server's "\r
- "VeNCrypt version");\r
-\r
- case 0x0002: /* 0.2 */\r
- os->writeU8(0); /* OK */\r
- break;\r
-\r
- default:\r
- os->writeU8(0xFF); /* Not OK */\r
- os->flush();\r
- throw AuthFailureException("The client returned an unsupported VeNCrypt version");\r
- }\r
- }\r
-\r
- /*\r
- * send number of supported VeNCrypt authentication types (U8) followed\r
- * by authentication types (U32s)\r
- */\r
- if (!haveSentTypes) {\r
- list<U32> listSubTypes;\r
-\r
- listSubTypes = security->GetEnabledExtSecTypes();\r
-\r
- numTypes = listSubTypes.size();\r
- subTypes = new U32[numTypes];\r
-\r
- for (i = 0; i < numTypes; i++) {\r
- subTypes[i] = listSubTypes.front();\r
- listSubTypes.pop_front();\r
- }\r
-\r
- if (numTypes) { \r
- os->writeU8(numTypes);\r
- for (i = 0; i < numTypes; i++)\r
- os->writeU32(subTypes[i]);\r
-\r
- os->flush(); \r
- haveSentTypes = true;\r
- return false;\r
- } else\r
- throw AuthFailureException("There are no VeNCrypt sub-types to send to the client");\r
- }\r
-\r
- /* get type back from client (must be one of the ones we sent) */\r
- if (!haveChosenType) {\r
- is->check(4);\r
- chosenType = is->readU32();\r
-\r
- for (i = 0; i < numTypes; i++) {\r
- if (chosenType == subTypes[i]) {\r
- haveChosenType = true;\r
- break;\r
- }\r
- }\r
-\r
- if (!haveChosenType)\r
- chosenType = secTypeInvalid;\r
-\r
- vlog.debug("Choosing security type %s (%d)", secTypeName(chosenType),\r
- chosenType);\r
-\r
- /* Set up the stack according to the chosen type */\r
- if (chosenType == secTypeInvalid || chosenType == secTypeVeNCrypt)\r
- throw AuthFailureException("No valid VeNCrypt sub-type");\r
-\r
- ssecurity = security->GetSSecurity(chosenType);\r
- }\r
-\r
- /* continue processing the messages */\r
- return ssecurity->processMsg(sc);\r
-}\r
-\r
+/*
+ * Copyright (C) 2005-2006 Martin Koegler
+ * Copyright (C) 2006 OCCAM Financial Technology
+ * Copyright (C) 2010 TigerVNC Team
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+/*
+ * SSecurityVeNCrypt
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <rfb/SSecurityVeNCrypt.h>
+#include <rfb/Exception.h>
+#include <rfb/LogWriter.h>
+#include <rdr/InStream.h>
+#include <rdr/OutStream.h>
+
+using namespace rfb;
+using namespace rdr;
+using namespace std;
+
+static LogWriter vlog("SVeNCrypt");
+
+SSecurityVeNCrypt::SSecurityVeNCrypt(Security *sec) : security(sec)
+{
+ ssecurity = NULL;
+ haveSentVersion = false;
+ haveRecvdMajorVersion = false;
+ haveRecvdMinorVersion = false;
+ majorVersion = 0;
+ minorVersion = 0;
+ haveSentTypes = false;
+ haveChosenType = false;
+ chosenType = secTypeVeNCrypt;
+ numTypes = 0;
+ subTypes = NULL;
+}
+
+SSecurityVeNCrypt::~SSecurityVeNCrypt()
+{
+ if (subTypes) {
+ delete [] subTypes;
+ subTypes = NULL;
+ }
+}
+
+bool SSecurityVeNCrypt::processMsg(SConnection* sc)
+{
+ rdr::InStream* is = sc->getInStream();
+ rdr::OutStream* os = sc->getOutStream();
+ rdr::U8 i;
+
+ /* VeNCrypt initialization */
+
+ /* Send the highest version we can support */
+ if (!haveSentVersion) {
+ os->writeU8(0);
+ os->writeU8(2);
+ haveSentVersion = true;
+ os->flush();
+
+ return false;
+ }
+
+ /* Receive back highest version that client can support (up to and including ours) */
+ if (!haveRecvdMajorVersion) {
+ majorVersion = is->readU8();
+ haveRecvdMajorVersion = true;
+
+ return false;
+ }
+
+ if (!haveRecvdMinorVersion) {
+ minorVersion = is->readU8();
+ haveRecvdMinorVersion = true;
+
+ /* WORD value with major version in upper 8 bits and minor version in lower 8 bits */
+ U16 Version = (((U16)majorVersion) << 8) | ((U16)minorVersion);
+
+ switch (Version) {
+ case 0x0000: /* 0.0 - The client cannot support us! */
+ case 0x0001: /* 0.1 Legacy VeNCrypt, not supported */
+ os->writeU8(0xFF); /* This is not OK */
+ os->flush();
+ throw AuthFailureException("The client cannot support the server's "
+ "VeNCrypt version");
+
+ case 0x0002: /* 0.2 */
+ os->writeU8(0); /* OK */
+ break;
+
+ default:
+ os->writeU8(0xFF); /* Not OK */
+ os->flush();
+ throw AuthFailureException("The client returned an unsupported VeNCrypt version");
+ }
+ }
+
+ /*
+ * send number of supported VeNCrypt authentication types (U8) followed
+ * by authentication types (U32s)
+ */
+ if (!haveSentTypes) {
+ list<U32> listSubTypes;
+
+ listSubTypes = security->GetEnabledExtSecTypes();
+
+ numTypes = listSubTypes.size();
+ subTypes = new U32[numTypes];
+
+ for (i = 0; i < numTypes; i++) {
+ subTypes[i] = listSubTypes.front();
+ listSubTypes.pop_front();
+ }
+
+ if (numTypes) {
+ os->writeU8(numTypes);
+ for (i = 0; i < numTypes; i++)
+ os->writeU32(subTypes[i]);
+
+ os->flush();
+ haveSentTypes = true;
+ return false;
+ } else
+ throw AuthFailureException("There are no VeNCrypt sub-types to send to the client");
+ }
+
+ /* get type back from client (must be one of the ones we sent) */
+ if (!haveChosenType) {
+ is->check(4);
+ chosenType = is->readU32();
+
+ for (i = 0; i < numTypes; i++) {
+ if (chosenType == subTypes[i]) {
+ haveChosenType = true;
+ break;
+ }
+ }
+
+ if (!haveChosenType)
+ chosenType = secTypeInvalid;
+
+ vlog.debug("Choosing security type %s (%d)", secTypeName(chosenType),
+ chosenType);
+
+ /* Set up the stack according to the chosen type */
+ if (chosenType == secTypeInvalid || chosenType == secTypeVeNCrypt)
+ throw AuthFailureException("No valid VeNCrypt sub-type");
+
+ ssecurity = security->GetSSecurity(chosenType);
+ }
+
+ /* continue processing the messages */
+ return ssecurity->processMsg(sc);
+}
+
-/*\r
- * Copyright (C) 2005-2006 Martin Koegler\r
- * Copyright (C) 2006 OCCAM Financial Technology\r
- * Copyright (C) 2010 TigerVNC Team\r
- * \r
- * This is free software; you can redistribute it and/or modify\r
- * it under the terms of the GNU General Public License as published by\r
- * the Free Software Foundation; either version 2 of the License, or\r
- * (at your option) any later version.\r
- * \r
- * This software is distributed in the hope that it will be useful,\r
- * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\r
- * GNU General Public License for more details.\r
- * \r
- * You should have received a copy of the GNU General Public License\r
- * along with this software; if not, write to the Free Software\r
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,\r
- * USA.\r
- */\r
-//\r
-// SSecurityVeNCrypt\r
-//\r
-\r
-#ifndef __SSECURITYVENCRYPT_H__\r
-#define __SSECURITYVENCRYPT_H__\r
-\r
-#ifdef HAVE_CONFIG_H\r
-#include <config.h>\r
-#endif\r
-\r
-#include <rfb/SSecurityStack.h>\r
-#include <rfb/SConnection.h>\r
-\r
-namespace rfb {\r
-\r
- class SSecurityVeNCrypt : public SSecurity {\r
- public:\r
- SSecurityVeNCrypt(Security *sec);\r
- ~SSecurityVeNCrypt();\r
- virtual bool processMsg(SConnection* sc);// { return true; }\r
- virtual int getType() const { return secTypeVeNCrypt; }\r
- virtual const char* getUserName() const { return NULL; }\r
-\r
- protected:\r
- SSecurity *ssecurity;\r
- Security *security;\r
- bool haveSentVersion, haveRecvdMajorVersion, haveRecvdMinorVersion;\r
- bool haveSentTypes, haveChosenType;\r
- rdr::U8 majorVersion, minorVersion, numTypes;\r
- rdr::U32 *subTypes, chosenType;\r
- };\r
-}\r
-#endif\r
+/*
+ * Copyright (C) 2005-2006 Martin Koegler
+ * Copyright (C) 2006 OCCAM Financial Technology
+ * Copyright (C) 2010 TigerVNC Team
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+//
+// SSecurityVeNCrypt
+//
+
+#ifndef __SSECURITYVENCRYPT_H__
+#define __SSECURITYVENCRYPT_H__
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <rfb/SSecurityStack.h>
+#include <rfb/SConnection.h>
+
+namespace rfb {
+
+ class SSecurityVeNCrypt : public SSecurity {
+ public:
+ SSecurityVeNCrypt(Security *sec);
+ ~SSecurityVeNCrypt();
+ virtual bool processMsg(SConnection* sc);// { return true; }
+ virtual int getType() const { return secTypeVeNCrypt; }
+ virtual const char* getUserName() const { return NULL; }
+
+ protected:
+ SSecurity *ssecurity;
+ Security *security;
+ bool haveSentVersion, haveRecvdMajorVersion, haveRecvdMinorVersion;
+ bool haveSentTypes, haveChosenType;
+ rdr::U8 majorVersion, minorVersion, numTypes;
+ rdr::U32 *subTypes, chosenType;
+ };
+}
+#endif
projects / tigervnc.git / commitdiff