From b7bafc5596c25f47724cb86ee70c3c304e23ad66 Mon Sep 17 00:00:00 2001 From: Adam Tkac Date: Wed, 15 Sep 2010 14:13:17 +0000 Subject: [PATCH] [Development] Add code which process new GUI-exposed security options. git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4143 3789f03b-4d11-0410-bbf8-ca57d06f2519 --- unix/vncviewer/CConn.cxx | 162 ++++++++++++++++++++++++++++++++- unix/vncviewer/OptionsDialog.h | 7 ++ 2 files changed, 167 insertions(+), 2 deletions(-) diff --git a/unix/vncviewer/CConn.cxx b/unix/vncviewer/CConn.cxx index 8d311c39..f4281165 100644 --- a/unix/vncviewer/CConn.cxx +++ b/unix/vncviewer/CConn.cxx @@ -27,6 +27,7 @@ #include #include #include +#include #include #include #include @@ -34,6 +35,7 @@ #include #include #include +#include #include "TXViewport.h" #include "DesktopWindow.h" @@ -41,7 +43,9 @@ #include "PasswdDialog.h" #include "parameters.h" +using namespace rdr; using namespace rfb; +using namespace std; static rfb::LogWriter vlog("CConn"); @@ -608,10 +612,77 @@ void CConn::setOptions() { options.acceptClipboard.checked(acceptClipboard); options.sendClipboard.checked(sendClipboard); options.sendPrimary.checked(sendPrimary); - if (state() == RFBSTATE_NORMAL) + if (state() == RFBSTATE_NORMAL) { options.shared.disabled(true); - else + options.secVeNCrypt.disabled(true); + options.encNone.disabled(true); + options.encTLS.disabled(true); + options.encX509.disabled(true); + options.ca.disabled(true); + options.crl.disabled(true); + options.secNone.disabled(true); + options.secVnc.disabled(true); + options.secPlain.disabled(true); + } else { options.shared.checked(shared); + + /* Process non-VeNCrypt sectypes */ + list secTypes = security->GetEnabledSecTypes(); + list::iterator i; + for (i = secTypes.begin(); i != secTypes.end(); i++) { + switch (*i) { + case secTypeVeNCrypt: + options.secVeNCrypt.checked(true); + break; + case secTypeNone: + options.encNone.checked(true); + options.secNone.checked(true); + break; + case secTypeVncAuth: + options.encNone.checked(true); + options.secVnc.checked(true); + break; + } + } + + /* Process VeNCrypt subtypes */ + if (options.secVeNCrypt.checked()) { + list secTypesExt = security->GetEnabledExtSecTypes(); + list::iterator iext; + for (iext = secTypesExt.begin(); iext != secTypesExt.end(); iext++) { + switch (*iext) { + case secTypePlain: + options.encNone.checked(true); + options.secPlain.checked(true); + break; + case secTypeTLSNone: + options.encTLS.checked(true); + options.secNone.checked(true); + break; + case secTypeTLSVnc: + options.encTLS.checked(true); + options.secVnc.checked(true); + break; + case secTypeTLSPlain: + options.encTLS.checked(true); + options.secPlain.checked(true); + break; + case secTypeX509None: + options.encX509.checked(true); + options.secNone.checked(true); + break; + case secTypeX509Vnc: + options.encX509.checked(true); + options.secVnc.checked(true); + break; + case secTypeX509Plain: + options.encX509.checked(true); + options.secPlain.checked(true); + break; + } + } + } + } options.fullScreen.checked(fullScreen); options.useLocalCursor.checked(useLocalCursor); options.dotWhenNoCursor.checked(dotWhenNoCursor); @@ -681,6 +752,93 @@ void CConn::getOptions() { if (desktop) desktop->setNoCursor(); checkEncodings(); + + /* Process security types which don't use encryption */ + if (options.encNone.checked()) { + if (options.secNone.checked()) + security->EnableSecType(secTypeNone); + if (options.secVnc.checked()) + security->EnableSecType(secTypeVncAuth); + if (options.secPlain.checked()) + security->EnableSecType(secTypePlain); + } else { + security->DisableSecType(secTypeNone); + security->DisableSecType(secTypeVncAuth); + security->DisableSecType(secTypePlain); + } + + /* Process security types which use TLS encryption */ + if (options.encTLS.checked()) { + if (options.secNone.checked()) + security->EnableSecType(secTypeTLSNone); + if (options.secVnc.checked()) + security->EnableSecType(secTypeTLSVnc); + if (options.secPlain.checked()) + security->EnableSecType(secTypeTLSPlain); + } else { + security->DisableSecType(secTypeTLSNone); + security->DisableSecType(secTypeTLSVnc); + security->DisableSecType(secTypeTLSPlain); + } + + /* Process security types which use X509 encryption */ + if (options.encX509.checked()) { + if (options.secNone.checked()) + security->EnableSecType(secTypeX509None); + if (options.secVnc.checked()) + security->EnableSecType(secTypeX509Vnc); + if (options.secPlain.checked()) + security->EnableSecType(secTypeX509Plain); + } else { + security->DisableSecType(secTypeX509None); + security->DisableSecType(secTypeX509Vnc); + security->DisableSecType(secTypeX509Plain); + } + + /* Process *None security types */ + if (options.secNone.checked()) { + if (options.encNone.checked()) + security->EnableSecType(secTypeNone); + if (options.encTLS.checked()) + security->EnableSecType(secTypeTLSNone); + if (options.encX509.checked()) + security->EnableSecType(secTypeX509None); + } else { + security->DisableSecType(secTypeNone); + security->DisableSecType(secTypeTLSNone); + security->DisableSecType(secTypeX509None); + } + + /* Process *Vnc security types */ + if (options.secVnc.checked()) { + if (options.encNone.checked()) + security->EnableSecType(secTypeVncAuth); + if (options.encTLS.checked()) + security->EnableSecType(secTypeTLSVnc); + if (options.encX509.checked()) + security->EnableSecType(secTypeX509Vnc); + } else { + security->DisableSecType(secTypeVncAuth); + security->DisableSecType(secTypeTLSVnc); + security->DisableSecType(secTypeX509Vnc); + } + + /* Process *Plain security types */ + if (options.secPlain.checked()) { + if (options.encNone.checked()) + security->EnableSecType(secTypePlain); + if (options.encTLS.checked()) + security->EnableSecType(secTypeTLSPlain); + if (options.encX509.checked()) + security->EnableSecType(secTypeX509Plain); + } else { + security->DisableSecType(secTypePlain); + security->DisableSecType(secTypeTLSPlain); + security->DisableSecType(secTypeX509Plain); + } + + CSecurityTLS::x509ca.setParam(options.ca.getText()); + CSecurityTLS::x509crl.setParam(options.crl.getText()); } void CConn::resizeFramebuffer() diff --git a/unix/vncviewer/OptionsDialog.h b/unix/vncviewer/OptionsDialog.h index 64c09106..549372a2 100644 --- a/unix/vncviewer/OptionsDialog.h +++ b/unix/vncviewer/OptionsDialog.h @@ -263,6 +263,13 @@ public: compressLevel.disabled(!customCompressLevel.checked()); } else if (checkbox == &noJpeg) { qualityLevel.disabled(autoSelect.checked() || !noJpeg.checked()); + } else if (checkbox == &secVeNCrypt) { + encTLS.checked(false); + encTLS.disabled(!secVeNCrypt.checked()); + encX509.checked(false); + encX509.disabled(!secVeNCrypt.checked()); + secPlain.checked(false); + secPlain.disabled(!secVeNCrypt.checked()); } } -- 2.39.5