From 814fa8972e130777d2465d63f57ac7029e2d9ec1 Mon Sep 17 00:00:00 2001 From: Adam Tkac Date: Tue, 20 Jul 2010 15:14:50 +0000 Subject: [PATCH] [Development] Use SecurityType also as configuration for VeNCrypt. Signed-off-by: Martin Koegler git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4102 3789f03b-4d11-0410-bbf8-ca57d06f2519 --- common/rfb/CSecurityVeNCrypt.cxx | 29 ++++------ common/rfb/SSecurityVeNCrypt.cxx | 90 ++------------------------------ common/rfb/SSecurityVeNCrypt.h | 7 +-- 3 files changed, 15 insertions(+), 111 deletions(-) diff --git a/common/rfb/CSecurityVeNCrypt.cxx b/common/rfb/CSecurityVeNCrypt.cxx index 94af48d5..39a95f44 100644 --- a/common/rfb/CSecurityVeNCrypt.cxx +++ b/common/rfb/CSecurityVeNCrypt.cxx @@ -30,7 +30,6 @@ #include #include #include -#include #include using namespace rfb; @@ -147,14 +146,14 @@ bool CSecurityVeNCrypt::processMsg(CConnection* cc) /* make a choice and send it to the server, meanwhile set up the stack */ if (!haveChosenType) { - chosenType = 0; + chosenType = secTypeInvalid; U8 i; list::iterator j; list preferredList; /* Try preferred choice */ - SSecurityVeNCrypt::getSecTypes(&preferredList); - + preferredList = security->GetEnabledExtSecTypes(); + for (j = preferredList.begin(); j != preferredList.end(); j++) { for (i = 0; i < nAvailableTypes; i++) { if (*j == availableTypes[i]) { @@ -163,29 +162,19 @@ bool CSecurityVeNCrypt::processMsg(CConnection* cc) } } - if (chosenType) + if (chosenType != secTypeInvalid) break; } vlog.debug("Choosing security type %s (%d)", secTypeName(chosenType), chosenType); + /* Set up the stack according to the chosen type: */ - switch (chosenType) { - case secTypeTLSNone: - case secTypeTLSVnc: - case secTypeTLSPlain: - case secTypeX509None: - case secTypeX509Vnc: - case secTypeX509Plain: - csecurity = CSecurityVeNCrypt::getCSecurityStack(chosenType); - break; + if (chosenType == secTypeInvalid || chosenType == secTypeVeNCrypt) + throw AuthFailureException("No valid VeNCrypt sub-type"); + + csecurity = CSecurityVeNCrypt::getCSecurityStack(chosenType); - case secTypeInvalid: - case secTypeVeNCrypt: /* would cause looping */ - default: - throw AuthFailureException("No valid VeNCrypt sub-type"); - } - /* send chosen type to server */ os->writeU32(chosenType); os->flush(); diff --git a/common/rfb/SSecurityVeNCrypt.cxx b/common/rfb/SSecurityVeNCrypt.cxx index 894118db..2dd331e9 100644 --- a/common/rfb/SSecurityVeNCrypt.cxx +++ b/common/rfb/SSecurityVeNCrypt.cxx @@ -54,12 +54,6 @@ StringParameter SSecurityVeNCrypt::X509_KeyFile "specifies path to the key of the x509 certificate in PEM format", "", ConfServer); -StringParameter SSecurityVeNCrypt::secTypesStr -("VeNCryptTypes", - "Specify which security scheme to use for VeNCrypt connections (TLSNone, " - "TLSVnc, TLSPlain, X509None, X509Vnc, X509Plain)", - "TLSVnc,TLSPlain,X509Vnc,X509Plain"); - SSecurityVeNCrypt::SSecurityVeNCrypt(Security *sec) : security(sec) { ssecurity = NULL; @@ -141,7 +135,8 @@ bool SSecurityVeNCrypt::processMsg(SConnection* sc) */ if (!haveSentTypes) { list listSubTypes; - SSecurityVeNCrypt::getSecTypes(&listSubTypes); + + listSubTypes = security->GetEnabledExtSecTypes(); numTypes = listSubTypes.size(); subTypes = new U32[numTypes]; @@ -180,22 +175,12 @@ bool SSecurityVeNCrypt::processMsg(SConnection* sc) vlog.debug("Choosing security type %s (%d)", secTypeName(chosenType), chosenType); + /* Set up the stack according to the chosen type */ - switch(chosenType) { - case secTypeTLSNone: - case secTypeTLSVnc: - case secTypeTLSPlain: - case secTypeX509None: - case secTypeX509Vnc: - case secTypeX509Plain: - ssecurity = SSecurityVeNCrypt::getSSecurityStack(chosenType); - break; - case secTypeInvalid: - case secTypeVeNCrypt: /* This would cause looping */ - default: + if (chosenType == secTypeInvalid || chosenType == secTypeVeNCrypt) throw AuthFailureException("No valid VeNCrypt sub-type"); - } + ssecurity = SSecurityVeNCrypt::getSSecurityStack(chosenType); } /* continue processing the messages */ @@ -221,68 +206,3 @@ SSecurityStack* SSecurityVeNCrypt::getSSecurityStack(int secType) } } -void SSecurityVeNCrypt::getSecTypes(list* secTypes) -{ - CharArray types; - - types.buf = SSecurityVeNCrypt::secTypesStr.getData(); - list configured = SSecurityVeNCrypt::parseSecTypes(types.buf); - list::iterator i; - for (i = configured.begin(); i != configured.end(); i++) - secTypes->push_back(*i); -} - -U32 SSecurityVeNCrypt::secTypeNum(const char *name) -{ - if (strcasecmp(name, "TLSNone") == 0) - return secTypeTLSNone; - if (strcasecmp(name, "TLSVnc") == 0) - return secTypeTLSVnc; - if (strcasecmp(name, "TLSPlain") == 0) - return secTypeTLSPlain; - if (strcasecmp(name, "X509None") == 0) - return secTypeX509None; - if (strcasecmp(name, "X509Vnc") == 0) - return secTypeX509Vnc; - if (strcasecmp(name, "X509Plain") == 0) - return secTypeX509Plain; - - return secTypeInvalid; -} - -char* SSecurityVeNCrypt::secTypeName(U32 num) -{ - switch (num) { - case secTypePlain: - return "Plain"; - case secTypeTLSNone: - return "TLSNone"; - case secTypeTLSVnc: - return "TLSVnc"; - case secTypeTLSPlain: - return "TLSPlain"; - case secTypeX509None: - return "X509None"; - case secTypeX509Vnc: - return "X509Vnc"; - case secTypeX509Plain: - return "X509Plain"; - default: - return "[unknown secType]"; - } -} - -list SSecurityVeNCrypt::parseSecTypes(const char *secTypes) -{ - list result; - CharArray types(strDup(secTypes)), type; - while (types.buf) { - strSplit(types.buf, ',', &type.buf, &types.buf); - int typeNum = SSecurityVeNCrypt::secTypeNum(type.buf); - if (typeNum != secTypeInvalid) - result.push_back(typeNum); - } - return result; -} - - diff --git a/common/rfb/SSecurityVeNCrypt.h b/common/rfb/SSecurityVeNCrypt.h index 1fd6b4a0..3d5949ef 100644 --- a/common/rfb/SSecurityVeNCrypt.h +++ b/common/rfb/SSecurityVeNCrypt.h @@ -46,13 +46,8 @@ namespace rfb { virtual int getType() const { return secTypeVeNCrypt; } virtual const char* getUserName() const { return NULL; } - static StringParameter X509_CertFile, X509_KeyFile, secTypesStr; + static StringParameter X509_CertFile, X509_KeyFile; - /* XXX Derive Security class and merge those functions appropriately ? */ - static void getSecTypes(std::list* secTypes); - static rdr::U32 secTypeNum(const char *name); - static char* secTypeName(rdr::U32 num); - static std::list parseSecTypes(const char *types); protected: static SSecurityStack* getSSecurityStack(int secType); -- 2.39.5