They must belong to the rfb namespace, not to the SConnection class.
Also add an AccessNone constant, since it's better to use a mnemonic
symbol rather than zero to initialize the accessRights members.
Signed-off-by: Carlos Santos <casantos@redhat.com>
--- /dev/null
+/* Copyright 2024 TigerVNC Team
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+
+#include "AccessRights.h"
+
+namespace rfb
+{
+
+ // AccessRights values
+ const AccessRights AccessNone = 0x0000;
+ const AccessRights AccessView = 0x0001;
+ const AccessRights AccessKeyEvents = 0x0002;
+ const AccessRights AccessPtrEvents = 0x0004;
+ const AccessRights AccessCutText = 0x0008;
+ const AccessRights AccessSetDesktopSize = 0x0010;
+ const AccessRights AccessNonShared = 0x0020;
+ const AccessRights AccessDefault = 0x03ff;
+ const AccessRights AccessNoQuery = 0x0400;
+ const AccessRights AccessFull = 0xffff;
+
+} /* namespace rfb */
--- /dev/null
+/* Copyright 2024 TigerVNC Team
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+
+#ifndef COMMON_RFB_ACCESSRIGHTS_H_
+#define COMMON_RFB_ACCESSRIGHTS_H_
+
+#include <stdint.h>
+
+namespace rfb
+{
+
+ typedef uint16_t AccessRights;
+ extern const AccessRights AccessNone; // No rights at all
+ extern const AccessRights AccessView; // View display contents
+ extern const AccessRights AccessKeyEvents; // Send key events
+ extern const AccessRights AccessPtrEvents; // Send pointer events
+ extern const AccessRights AccessCutText; // Send/receive clipboard events
+ extern const AccessRights AccessSetDesktopSize; // Change desktop size
+ extern const AccessRights AccessNonShared; // Exclusive access to the server
+ extern const AccessRights AccessDefault; // The default rights, INCLUDING FUTURE ONES
+ extern const AccessRights AccessNoQuery; // Connect without local user accepting
+ extern const AccessRights AccessFull; // All of the available AND FUTURE rights
+
+} /* namespace rfb */
+
+#endif /* COMMON_RFB_ACCESSRIGHTS_H_ */
add_library(rfb STATIC
+ AccessRights.cxx
Blacklist.cxx
Congestion.cxx
CConnection.cxx
static LogWriter vlog("SConnection");
-// AccessRights values
-const SConnection::AccessRights SConnection::AccessView = 0x0001;
-const SConnection::AccessRights SConnection::AccessKeyEvents = 0x0002;
-const SConnection::AccessRights SConnection::AccessPtrEvents = 0x0004;
-const SConnection::AccessRights SConnection::AccessCutText = 0x0008;
-const SConnection::AccessRights SConnection::AccessSetDesktopSize = 0x0010;
-const SConnection::AccessRights SConnection::AccessNonShared = 0x0020;
-const SConnection::AccessRights SConnection::AccessDefault = 0x03ff;
-const SConnection::AccessRights SConnection::AccessNoQuery = 0x0400;
-const SConnection::AccessRights SConnection::AccessFull = 0xffff;
-
-
SConnection::SConnection()
: readyForSetColourMapEntries(false),
is(0), os(0), reader_(0), writer_(0), ssecurity(0),
authFailureTimer(this, &SConnection::handleAuthFailureTimeout),
state_(RFBSTATE_UNINITIALISED), preferredEncoding(encodingRaw),
- accessRights(0x0000), hasRemoteClipboard(false),
+ accessRights(AccessNone), hasRemoteClipboard(false),
hasLocalClipboard(false),
unsolicitedClipboardAttempt(false)
{
#include <rdr/InStream.h>
#include <rdr/OutStream.h>
+#include <rfb/AccessRights.h>
#include <rfb/SMsgHandler.h>
#include <rfb/SecurityServer.h>
#include <rfb/Timer.h>
// setAccessRights() allows a security package to limit the access rights
// of a SConnection to the server. How the access rights are treated
// is up to the derived class.
-
- typedef uint16_t AccessRights;
- static const AccessRights AccessView; // View display contents
- static const AccessRights AccessKeyEvents; // Send key events
- static const AccessRights AccessPtrEvents; // Send pointer events
- static const AccessRights AccessCutText; // Send/receive clipboard events
- static const AccessRights AccessSetDesktopSize; // Change desktop size
- static const AccessRights AccessNonShared; // Exclusive access to the server
- static const AccessRights AccessDefault; // The default rights, INCLUDING FUTURE ONES
- static const AccessRights AccessNoQuery; // Connect without local user accepting
- static const AccessRights AccessFull; // All of the available AND FUTURE rights
virtual void setAccessRights(AccessRights ar);
virtual bool accessCheck(AccessRights ar) const;
// for this security type.
virtual const char* getUserName() const = 0;
- virtual SConnection::AccessRights getAccessRights() const { return SConnection::AccessDefault; }
+ virtual AccessRights getAccessRights() const { return AccessDefault; }
protected:
SConnection* sc;
keySize(_keySize), isAllEncrypted(_isAllEncrypted), secType(_secType),
serverKey(), clientKey(),
serverKeyN(NULL), serverKeyE(NULL), clientKeyN(NULL), clientKeyE(NULL),
- accessRights(SConnection::AccessDefault),
+ accessRights(AccessDefault),
rais(NULL), raos(NULL), rawis(NULL), rawos(NULL)
{
assert(keySize == 128 || keySize == 256);
throw AuthFailureException("No password configured for VNC Auth");
if (password == passwd) {
- accessRights = SConnection::AccessDefault;
+ accessRights = AccessDefault;
return;
}
if (!passwdReadOnly.empty() && password == passwdReadOnly) {
- accessRights = SConnection::AccessView;
+ accessRights = AccessView;
return;
}
virtual bool processMsg();
virtual const char* getUserName() const;
virtual int getType() const { return secType; }
- virtual SConnection::AccessRights getAccessRights() const
+ virtual AccessRights getAccessRights() const
{
return accessRights;
}
char username[256];
char password[256];
- SConnection::AccessRights accessRights;
+ AccessRights accessRights;
rdr::InStream* rais;
rdr::OutStream* raos;
return c;
}
-SConnection::AccessRights SSecurityStack::getAccessRights() const
+AccessRights SSecurityStack::getAccessRights() const
{
- SConnection::AccessRights accessRights;
+ AccessRights accessRights;
if (!state0 && !state1)
return SSecurity::getAccessRights();
- accessRights = SConnection::AccessFull;
+ accessRights = AccessFull;
if (state0)
accessRights &= state0->getAccessRights();
virtual bool processMsg();
virtual int getType() const { return type; };
virtual const char* getUserName() const;
- virtual SConnection::AccessRights getAccessRights() const;
+ virtual AccessRights getAccessRights() const;
protected:
short state;
SSecurity* state0;
return ssecurity->getUserName();
}
-SConnection::AccessRights SSecurityVeNCrypt::getAccessRights() const
+AccessRights SSecurityVeNCrypt::getAccessRights() const
{
if (ssecurity == NULL)
return SSecurity::getAccessRights();
virtual bool processMsg();
virtual int getType() const { return chosenType; }
virtual const char* getUserName() const;
- virtual SConnection::AccessRights getAccessRights() const;
+ virtual AccessRights getAccessRights() const;
protected:
SSecurity *ssecurity;
SSecurityVncAuth::SSecurityVncAuth(SConnection* sc)
: SSecurity(sc), sentChallenge(false),
- pg(&vncAuthPasswd), accessRights(0)
+ pg(&vncAuthPasswd), accessRights(AccessNone)
{
}
throw AuthFailureException("No password configured for VNC Auth");
if (verifyResponse(passwd.c_str())) {
- accessRights = SConnection::AccessDefault;
+ accessRights = AccessDefault;
return true;
}
if (!passwdReadOnly.empty() &&
verifyResponse(passwdReadOnly.c_str())) {
- accessRights = SConnection::AccessView;
+ accessRights = AccessView;
return true;
}
virtual bool processMsg();
virtual int getType() const {return secTypeVncAuth;}
virtual const char* getUserName() const {return 0;}
- virtual SConnection::AccessRights getAccessRights() const { return accessRights; }
+ virtual AccessRights getAccessRights() const { return accessRights; }
static StringParameter vncAuthPasswdFile;
static VncAuthPasswdParameter vncAuthPasswd;
private:
uint8_t response[vncAuthChallengeSize];
bool sentChallenge;
VncAuthPasswdGetter* pg;
- SConnection::AccessRights accessRights;
+ AccessRights accessRights;
};
}
#endif
}
// - Does the client have the right to bypass the query?
- if (client->accessCheck(SConnection::AccessNoQuery))
+ if (client->accessCheck(AccessNoQuery))
{
approveConnection(client->getSock(), true, NULL);
return;
{
if (!shared) {
if (rfb::Server::disconnectClients &&
- client->accessCheck(SConnection::AccessNonShared)) {
+ client->accessCheck(AccessNonShared)) {
// - Close all the other connected clients
slog.debug("non-shared connection - closing clients");
closeClients("Non-shared connection requested", client->getSock());
void getStats(double&, unsigned long long&, unsigned long long&);
- virtual void setAccessRights(AccessRights ar);
+ virtual void setAccessRights(rfb::AccessRights ar);
virtual void setDesktopSize(int fb_width, int fb_height,
const rfb::ScreenSet& layout);
manager->getStats(ratio, bytes, rawEquivalent);
}
-void SConn::setAccessRights(AccessRights)
+void SConn::setAccessRights(rfb::AccessRights)
{
}
if (!conn->authenticated())
status = 3;
- else if (conn->accessCheck(rfb::SConnection::AccessPtrEvents |
- rfb::SConnection::AccessKeyEvents |
- rfb::SConnection::AccessView))
+ else if (conn->accessCheck(rfb::AccessPtrEvents |
+ rfb::AccessKeyEvents |
+ rfb::AccessView))
status = 0;
- else if (conn->accessCheck(rfb::SConnection::AccessView))
+ else if (conn->accessCheck(rfb::AccessView))
status = 1;
else
status = 2;
if (status == 3) {
conn->close(0);
} else {
- rfb::SConnection::AccessRights ar;
+ rfb::AccessRights ar;
- ar = rfb::SConnection::AccessDefault;
+ ar = rfb::AccessDefault;
switch (status) {
case 0:
- ar |= rfb::SConnection::AccessPtrEvents |
- rfb::SConnection::AccessKeyEvents |
- rfb::SConnection::AccessView;
+ ar |= rfb::AccessPtrEvents |
+ rfb::AccessKeyEvents |
+ rfb::AccessView;
break;
case 1:
- ar |= rfb::SConnection::AccessView;
- ar &= ~(rfb::SConnection::AccessPtrEvents |
- rfb::SConnection::AccessKeyEvents);
+ ar |= rfb::AccessView;
+ ar &= ~(rfb::AccessPtrEvents |
+ rfb::AccessKeyEvents);
break;
case 2:
- ar &= ~(rfb::SConnection::AccessPtrEvents |
- rfb::SConnection::AccessKeyEvents |
- rfb::SConnection::AccessView);
+ ar &= ~(rfb::AccessPtrEvents |
+ rfb::AccessKeyEvents |
+ rfb::AccessView);
break;
}
conn->setAccessRights(ar);
projects / tigervnc.git / commitdiff