From 670a09cf42ce4fd958e1ab3f790096c8068b820e Mon Sep 17 00:00:00 2001 From: Adam Tkac Date: Tue, 1 Feb 2011 14:36:51 +0000 Subject: [PATCH] [Development] Windows vncconfig: add various TLS related boxes to Security dialog git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4248 3789f03b-4d11-0410-bbf8-ca57d06f2519 --- win/vncconfig/Authentication.h | 107 ++++++++++++++++----------------- win/vncconfig/resource.h | 17 ++---- win/vncconfig/vncconfig.cxx | 2 +- win/vncconfig/vncconfig.rc | 51 ++++++++++------ 4 files changed, 88 insertions(+), 89 deletions(-) diff --git a/win/vncconfig/Authentication.h b/win/vncconfig/Authentication.h index 60be40a2..534646c5 100644 --- a/win/vncconfig/Authentication.h +++ b/win/vncconfig/Authentication.h @@ -20,7 +20,7 @@ #include #include -#include +#include #include #include #include @@ -36,73 +36,51 @@ namespace rfb { namespace win32 { - class AuthenticationPage : public PropSheetPage { + class SecPage : public SecurityPage { public: - AuthenticationPage(const RegKey& rk) - : PropSheetPage(GetModuleHandle(0), MAKEINTRESOURCE(IDD_AUTHENTICATION)), regKey(rk) {} - void initDialog() { - CharArray sec_types_str(SecurityServer::secTypes.getData()); - std::list sec_types = parseSecTypes(sec_types_str.buf); - - useNone = useVNC = false; - std::list::iterator i; - for (i=sec_types.begin(); i!=sec_types.end(); i++) { - if ((*i) == secTypeNone) useNone = true; - else if ((*i) == secTypeVncAuth) useVNC = true; - } + SecPage(const RegKey& rk) + : SecurityPage(NULL), regKey(rk) { + security = new SecurityServer(); + } - HWND security = GetDlgItem(handle, IDC_ENCRYPTION); - SendMessage(security, CB_ADDSTRING, 0, (LPARAM)_T("Always Off")); - SendMessage(security, CB_SETCURSEL, 0, 0); - enableItem(IDC_AUTH_NT, false); enableItem(IDC_AUTH_NT_CONF, false); - enableItem(IDC_ENCRYPTION, false); enableItem(IDC_AUTH_RA2_CONF, false); + void initDialog() { + SecurityPage::initDialog(); - setItemChecked(IDC_AUTH_NONE, useNone); - setItemChecked(IDC_AUTH_VNC, useVNC); setItemChecked(IDC_QUERY_CONNECT, rfb::Server::queryConnect); setItemChecked(IDC_QUERY_LOGGED_ON, queryOnlyIfLoggedOn); onCommand(IDC_AUTH_NONE, 0); } + bool onCommand(int id, int cmd) { - switch (id) { - case IDC_AUTH_VNC_PASSWD: - { - PasswordDialog passwdDlg(regKey, registryInsecure); - passwdDlg.showDialog(handle); - } - return true; - case IDC_AUTH_NONE: - case IDC_AUTH_VNC: - enableItem(IDC_AUTH_VNC_PASSWD, isItemChecked(IDC_AUTH_VNC)); - case IDC_QUERY_CONNECT: - case IDC_QUERY_LOGGED_ON: - setChanged((useNone != isItemChecked(IDC_AUTH_NONE)) || - (useVNC != isItemChecked(IDC_AUTH_VNC)) || - (rfb::Server::queryConnect != isItemChecked(IDC_QUERY_CONNECT)) || - (queryOnlyIfLoggedOn != isItemChecked(IDC_QUERY_LOGGED_ON))); + SecurityPage::onCommand(id, cmd); + + setChanged(true); + + if (id == IDC_AUTH_VNC_PASSWD) { + PasswordDialog passwdDlg(regKey, registryInsecure); + passwdDlg.showDialog(handle); + } else if (id == IDC_QUERY_LOGGED_ON) { enableItem(IDC_QUERY_LOGGED_ON, enableQueryOnlyIfLoggedOn()); - return false; - }; - return false; + } + + return true; } bool onOk() { - bool useVncChanged = useVNC != isItemChecked(IDC_AUTH_VNC); - useVNC = isItemChecked(IDC_AUTH_VNC); - useNone = isItemChecked(IDC_AUTH_NONE); - if (useVNC) { + SecurityPage::onOk(); + + if (isItemChecked(IDC_AUTH_VNC)) verifyVncPassword(regKey); - regKey.setString(_T("SecurityTypes"), _T("VncAuth")); - } else { - if (haveVncPassword() && useVncChanged && - MsgBox(0, _T("The VNC authentication method is disabled, but a password is still stored for it.\n") - _T("Do you want to remove the VNC authentication password from the registry?"), - MB_ICONWARNING | MB_YESNO) == IDYES) { - regKey.setBinary(_T("Password"), 0, 0); - } - regKey.setString(_T("SecurityTypes"), _T("None")); + else if (haveVncPassword() && + MsgBox(0, _T("The VNC authentication method is disabled, but a password is still stored for it.\n") + _T("Do you want to remove the VNC authentication password from the registry?"), + MB_ICONWARNING | MB_YESNO) == IDYES) { + regKey.setBinary(_T("Password"), 0, 0); } + + regKey.setString(_T("SecurityTypes"), security->ToString()); regKey.setBool(_T("QueryConnect"), isItemChecked(IDC_QUERY_CONNECT)); regKey.setBool(_T("QueryOnlyIfLoggedOn"), isItemChecked(IDC_QUERY_LOGGED_ON)); + return true; } void setWarnPasswdInsecure(bool warn) { @@ -127,16 +105,33 @@ namespace rfb { } } + virtual void loadX509Certs(void) {} + virtual void enableX509Dialogs(void) { + enableItem(IDC_LOAD_CERT, true); + enableItem(IDC_LOAD_CERTKEY, true); + } + virtual void disableX509Dialogs(void) { + enableItem(IDC_LOAD_CERT, false); + enableItem(IDC_LOAD_CERTKEY, false); + } + virtual void loadVncPasswd() { + enableItem(IDC_AUTH_VNC_PASSWD, isItemChecked(IDC_AUTH_VNC)); + } + protected: RegKey regKey; static bool registryInsecure; - bool useNone; - bool useVNC; + private: + inline void modifyAuthMethod(int enc_idc, int auth_idc, bool enable) + { + setItemChecked(enc_idc, enable); + setItemChecked(auth_idc, enable); + } }; }; - bool AuthenticationPage::registryInsecure = false; + bool SecPage::registryInsecure = false; }; diff --git a/win/vncconfig/resource.h b/win/vncconfig/resource.h index ca1fbf5a..395edc9e 100644 --- a/win/vncconfig/resource.h +++ b/win/vncconfig/resource.h @@ -1,13 +1,11 @@ -//{{NO_DEPENDENCIES}} -// Microsoft Developer Studio generated include file. // Used by vncconfig.rc -// + +#include + #define IDR_MANIFEST 1 #define IDI_ICON 101 #define IDD_DIALOG1 102 #define IDD_DIALOG2 103 -#define IDD_SECURITY 104 -#define IDD_AUTHENTICATION 104 #define IDD_CONNECTIONS 105 #define IDD_HOOKING 106 #define IDD_VNC_PASSWD 107 @@ -24,8 +22,6 @@ #define IDC_PORT 1000 #define IDC_PASSWORD1 1000 #define IDC_HOST_PATTERN 1000 -#define IDC_AUTH_NONE 1002 -#define IDC_AUTH_VNC 1003 #define IDC_AUTH_VNC_PASSWD 1009 #define IDC_USEHOOKS 1011 #define IDC_POLLCONSOLES 1012 @@ -63,9 +59,6 @@ #define IDC_AFFECT_SCREENSAVER 1048 #define IDC_LOCALHOST 1049 #define IDC_DISABLE_LOCAL_INPUTS 1050 -#define IDC_AUTH_NT 1051 -#define IDC_AUTH_NT_CONF 1052 -#define IDC_AUTH_RA2_CONF 1053 #define IDC_QUERY_CONNECT 1055 #define IDC_DISCONNECT_NONE 1056 #define IDC_DISCONNECT_LOCK 1057 @@ -74,7 +67,6 @@ #define IDC_REMOVE_PATTERN 1060 #define IDC_DISABLE_EFFECTS 1061 #define IDC_CAPTUREBLT 1062 -#define IDC_ENCRYPTION 1063 #define IDC_QUERY 1064 #define IDC_USEPOLLING 1066 #define IDC_USEDRIVER 1068 @@ -84,8 +76,9 @@ #define IDC_AUTH_ADMIN_ENABLE 1078 #define IDC_AUTH_VIEWONLY_ENABLE 1079 #define IDC_AUTH_INPUTONLY_ENABLE 1080 -#define IDC_AUTH_VNC_EXT 1081 #define IDC_RFB_ENABLE 1082 +#define IDC_LOAD_CERT 1087 +#define IDC_LOAD_CERTKEY 1088 #define ID_OPTIONS 40001 #define ID_CLOSE 40002 #define ID_ABOUT 40003 diff --git a/win/vncconfig/vncconfig.cxx b/win/vncconfig/vncconfig.cxx index 93e8cf36..535febbe 100644 --- a/win/vncconfig/vncconfig.cxx +++ b/win/vncconfig/vncconfig.cxx @@ -149,7 +149,7 @@ int WINAPI WinMain(HINSTANCE inst, HINSTANCE prev, char* cmdLine, int cmdShow) { // Build the dialog std::list pages; - AuthenticationPage auth(rootKey); pages.push_back(&auth); + SecPage auth(rootKey); pages.push_back(&auth); auth.setWarnPasswdInsecure(warnOnChangePassword); ConnectionsPage conn(rootKey); pages.push_back(&conn); InputsPage inputs(rootKey); pages.push_back(&inputs); diff --git a/win/vncconfig/vncconfig.rc b/win/vncconfig/vncconfig.rc index df6cfdde..8914c1dc 100644 --- a/win/vncconfig/vncconfig.rc +++ b/win/vncconfig/vncconfig.rc @@ -66,29 +66,40 @@ IDI_ICON ICON DISCARDABLE "vncconfig.ico" // Dialog // -IDD_AUTHENTICATION DIALOG DISCARDABLE 0, 0, 193, 135 +IDD_SECURITY DIALOG DISCARDABLE 0, 0, 180, 220 STYLE DS_MODALFRAME | DS_CONTROL | WS_POPUP | WS_CAPTION | WS_SYSMENU -CAPTION "Authentication" +CAPTION "Security" FONT 8, "MS Sans Serif" BEGIN - CONTROL "No Authentication",IDC_AUTH_NONE,"Button", - BS_AUTORADIOBUTTON | WS_GROUP,7,10,113,15 - CONTROL "VNC Password Authentication",IDC_AUTH_VNC,"Button", - BS_AUTORADIOBUTTON,7,30,113,15 - PUSHBUTTON "Configure",IDC_AUTH_VNC_PASSWD,125,30,61,15 - CONTROL "NT Logon Authentication",IDC_AUTH_NT,"Button", - BS_AUTORADIOBUTTON,7,50,113,15 - PUSHBUTTON "Configure",IDC_AUTH_NT_CONF,125,50,61,15 - LTEXT "Encryption:",IDC_STATIC,7,70,42,15,SS_CENTERIMAGE - COMBOBOX IDC_ENCRYPTION,49,70,71,50,CBS_DROPDOWN | WS_VSCROLL | - WS_TABSTOP - PUSHBUTTON "Generate Keys",IDC_AUTH_RA2_CONF,125,70,61,15 - CONTROL "Prompt local user to accept connections", - IDC_QUERY_CONNECT,"Button",BS_AUTOCHECKBOX | WS_TABSTOP, - 7,95,181,15 - CONTROL "Only prompt when there is a user logged on", - IDC_QUERY_LOGGED_ON,"Button",BS_AUTOCHECKBOX | - WS_TABSTOP,20,110,166,15 + CONTROL "Extended encryption and authentication methods (VeNCrypt)", + IDC_VENCRYPT, "Button", BS_AUTOCHECKBOX | WS_TABSTOP, + 7,10,200,15 + GROUPBOX "Session encryption", IDC_STATIC, 7,25,120,60 + CONTROL "None", IDC_ENC_NONE, "Button", BS_AUTOCHECKBOX | WS_TABSTOP, + 10,35,50,15 + CONTROL "Anonymous TLS", IDC_ENC_TLS, "Button", + BS_AUTOCHECKBOX | WS_TABSTOP, 10,50,80,15 + CONTROL "TLS with X.509 certificates", IDC_ENC_X509, "Button", + BS_AUTOCHECKBOX | WS_TABSTOP, 10,65,110,15 + GROUPBOX "X.509 certificates", IDC_STATIC, 7,90,185,30 + PUSHBUTTON "Load X.509 Certificate", IDC_LOAD_CERT, 10,100,80,15 + PUSHBUTTON "Load X.509 Certificate key", IDC_LOAD_CERTKEY, 90,100,100,15 + GROUPBOX "Authentication", IDC_STATIC, 7,125,170,60 + CONTROL "None", IDC_AUTH_NONE, "Button", BS_AUTOCHECKBOX | WS_TABSTOP, + 10,135,50,15 + CONTROL "Standard VNC", IDC_AUTH_VNC, "Button", + BS_AUTOCHECKBOX | WS_TABSTOP, 10,150,80,15 + PUSHBUTTON "Configure", IDC_AUTH_VNC_PASSWD, 100,150,61,15 +/* + CONTROL "Plaintext", IDC_AUTH_PLAIN, "Button", + BS_AUTOCHECKBOX | WS_TABSTOP, 10,165,70,15 +*/ + CONTROL "Prompt local user to accept connections", + IDC_QUERY_CONNECT, "Button", BS_AUTOCHECKBOX | WS_TABSTOP, + 7,185,181,15 + CONTROL "Only prompt when there is a user logged on", + IDC_QUERY_LOGGED_ON, "Button", BS_AUTOCHECKBOX | + WS_TABSTOP,20,200,166,15 END IDD_CONNECTIONS DIALOG DISCARDABLE 0, 0, 218, 198 -- 2.39.5