From 05a0cd66288265805ae21fe9c1322216fda4fce0 Mon Sep 17 00:00:00 2001
From: Adam Tkac <atkac@redhat.com>
Date: Tue, 20 Jul 2010 15:07:44 +0000
Subject: [PATCH] [Development] Client now uses security types from
 -SecurityTypes parameter instead of hardcoded list.

git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4094 3789f03b-4d11-0410-bbf8-ca57d06f2519
---
 common/rfb/CConnection.cxx | 47 +++++++++++++++++++-------------------
 common/rfb/CConnection.h   |  8 -------
 unix/vncviewer/CConn.cxx   |  3 ---
 win/vncviewer/CConn.cxx    |  3 ---
 4 files changed, 23 insertions(+), 38 deletions(-)

diff --git a/common/rfb/CConnection.cxx b/common/rfb/CConnection.cxx
index b2393256..7aa38d9e 100644
--- a/common/rfb/CConnection.cxx
+++ b/common/rfb/CConnection.cxx
@@ -33,7 +33,7 @@ static LogWriter vlog("CConnection");
 
 CConnection::CConnection()
   : csecurity(0), is(0), os(0), reader_(0), writer_(0),
-    shared(false), nSecTypes(0),
+    shared(false),
     state_(RFBSTATE_UNINITIALISED), useProtocol3_3(false)
 {
   security = new Security();
@@ -59,13 +59,6 @@ void CConnection::setStreams(rdr::InStream* is_, rdr::OutStream* os_)
   os = os_;
 }
 
-void CConnection::addSecType(rdr::U8 secType)
-{
-  if (nSecTypes == maxSecTypes)
-    throw Exception("too many security types");
-  secTypes[nSecTypes++] = secType;
-}
-
 void CConnection::initialiseProtocol()
 {
   state_ = RFBSTATE_PROTOCOL_VERSION;
@@ -129,6 +122,9 @@ void CConnection::processSecurityTypesMsg()
 
   int secType = secTypeInvalid;
 
+  std::list<rdr::U8> secTypes;
+  secTypes = security->GetEnabledSecTypes();
+
   if (cp.isVersion(3,3)) {
 
     // legacy 3.3 server may only offer "vnc authentication" or "none"
@@ -138,10 +134,14 @@ void CConnection::processSecurityTypesMsg()
       throwConnFailedException();
 
     } else if (secType == secTypeNone || secType == secTypeVncAuth) {
-      int j;
-      for (j = 0; j < nSecTypes; j++)
-        if (secTypes[j] == secType) break;
-      if (j == nSecTypes)
+      std::list<rdr::U8>::iterator i;
+      for (i = secTypes.begin(); i != secTypes.end(); i++)
+        if (*i == secType) {
+          secType = *i;
+          break;
+        }
+
+      if (i == secTypes.end())
         secType = secTypeInvalid;
     } else {
       vlog.error("Unknown 3.3 security type %d", secType);
@@ -156,25 +156,24 @@ void CConnection::processSecurityTypesMsg()
     if (nServerSecTypes == 0)
       throwConnFailedException();
 
-    int secTypePos = nSecTypes;
+    std::list<rdr::U8>::iterator j;
+    int secTypePos, secTypePosMin;
+
+    secTypePosMin = secTypes.size();
+
     for (int i = 0; i < nServerSecTypes; i++) {
       rdr::U8 serverSecType = is->readU8();
       vlog.debug("Server offers security type %s(%d)",
                  secTypeName(serverSecType),serverSecType);
 
-      // If we haven't already chosen a secType, try this one
-      // If we are using the client's preference for types,
-      // we keep trying types, to find the one that matches and
+      // We keep trying types, to find the one that matches and
       // which appears first in the client's list of supported types.
-      if (secType == secTypeInvalid) {
-        for (int j = 0; j < nSecTypes; j++) {
-          if (secTypes[j] == serverSecType && j < secTypePos) {
-            secType = secTypes[j];
-            secTypePos = j;
-            break;
-          }
+      for (j = secTypes.begin(), secTypePos = 0; j != secTypes.end(); j++, secTypePos++) {
+        if (*j == serverSecType && secTypePos < secTypePosMin) {
+          secType = *j;
+          secTypePosMin = secTypePos;
+          break;
         }
-        // NB: Continue reading the remaining server secTypes, but ignore them
       }
     }
 
diff --git a/common/rfb/CConnection.h b/common/rfb/CConnection.h
index 5ee681da..58fbb969 100644
--- a/common/rfb/CConnection.h
+++ b/common/rfb/CConnection.h
@@ -59,11 +59,6 @@ namespace rfb {
     // (i.e. SConnection will not delete them).
     void setStreams(rdr::InStream* is, rdr::OutStream* os);
 
-    // addSecType() should be called once for each security type which the
-    // client supports.  The order in which they're added is such that the
-    // first one is most preferred.
-    void addSecType(rdr::U8 secType);
-
     // setShared sets the value of the shared flag which will be sent to the
     // server upon initialisation.
     void setShared(bool s) { shared = s; }
@@ -157,9 +152,6 @@ namespace rfb {
     CMsgWriter* writer_;
     bool deleteStreamsWhenDone;
     bool shared;
-    enum { maxSecTypes = 8 };
-    int nSecTypes;
-    rdr::U8 secTypes[maxSecTypes];
     stateEnum state_;
 
     CharArray serverName;
diff --git a/unix/vncviewer/CConn.cxx b/unix/vncviewer/CConn.cxx
index 406e167b..8d311c39 100644
--- a/unix/vncviewer/CConn.cxx
+++ b/unix/vncviewer/CConn.cxx
@@ -69,9 +69,6 @@ CConn::CConn(Display* dpy_, int argc_, char** argv_, network::Socket* sock_,
   menuKeysym = XStringToKeysym(menuKeyStr.buf);
 
   setShared(shared);
-  addSecType(secTypeNone);
-  addSecType(secTypeVncAuth);
-  addSecType(secTypeVeNCrypt);
   CSecurity::upg = this; /* Security instance is created in CConnection costructor. */
 
   CharArray encStr(preferredEncoding.getData());
diff --git a/win/vncviewer/CConn.cxx b/win/vncviewer/CConn.cxx
index 511c4123..81f040b7 100644
--- a/win/vncviewer/CConn.cxx
+++ b/win/vncviewer/CConn.cxx
@@ -98,9 +98,6 @@ bool CConn::initialise(network::Socket* s, bool reverse) {
   // Initialise the viewer options
   applyOptions(options);
 
-  // - Set which auth schemes we support, in order of preference
-  addSecType(secTypeVncAuth);
-  addSecType(secTypeNone);
   CSecurity::upg = this;
 
   // Start the RFB protocol
-- 
2.39.5