From bfd66c1e8c526dff1757bf349c9bb4d87906265f Mon Sep 17 00:00:00 2001 From: Adam Tkac Date: Fri, 1 Oct 2010 08:33:29 +0000 Subject: [PATCH] [Development] Move Get{C,S}Security from Security class to separate classes. git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4156 3789f03b-4d11-0410-bbf8-ca57d06f2519 --- common/rfb/CConnection.cxx | 2 +- common/rfb/CConnection.h | 4 +- common/rfb/CSecurityVeNCrypt.cxx | 2 +- common/rfb/CSecurityVeNCrypt.h | 6 +- common/rfb/Makefile.am | 6 +- common/rfb/SConnection.cxx | 2 +- common/rfb/SConnection.h | 4 +- common/rfb/SSecurityVeNCrypt.cxx | 2 +- common/rfb/SSecurityVeNCrypt.h | 4 +- common/rfb/Security.cxx | 102 +------------------------------ common/rfb/Security.h | 13 +--- common/rfb/SecurityClient.cxx | 88 ++++++++++++++++++++++++++ common/rfb/SecurityClient.h | 43 +++++++++++++ common/rfb/SecurityServer.cxx | 77 +++++++++++++++++++++++ common/rfb/SecurityServer.h | 41 +++++++++++++ win/vncconfig/Authentication.h | 2 +- 16 files changed, 270 insertions(+), 128 deletions(-) create mode 100644 common/rfb/SecurityClient.cxx create mode 100644 common/rfb/SecurityClient.h create mode 100644 common/rfb/SecurityServer.cxx create mode 100644 common/rfb/SecurityServer.h diff --git a/common/rfb/CConnection.cxx b/common/rfb/CConnection.cxx index 6e1bf123..cc68ea11 100644 --- a/common/rfb/CConnection.cxx +++ b/common/rfb/CConnection.cxx @@ -36,7 +36,7 @@ CConnection::CConnection() shared(false), state_(RFBSTATE_UNINITIALISED), useProtocol3_3(false) { - security = new Security(SecurityViewer); + security = new SecurityClient(); } CConnection::~CConnection() diff --git a/common/rfb/CConnection.h b/common/rfb/CConnection.h index 58fbb969..eb8c1c3f 100644 --- a/common/rfb/CConnection.h +++ b/common/rfb/CConnection.h @@ -28,7 +28,7 @@ #include #include #include -#include +#include namespace rfb { @@ -134,7 +134,7 @@ namespace rfb { CSecurity *csecurity; /* Windows viewer needs it exported. */ protected: void setState(stateEnum s) { state_ = s; } - Security *security; + SecurityClient *security; private: void processVersionMsg(); diff --git a/common/rfb/CSecurityVeNCrypt.cxx b/common/rfb/CSecurityVeNCrypt.cxx index 3b77ed1a..9c2cebaf 100644 --- a/common/rfb/CSecurityVeNCrypt.cxx +++ b/common/rfb/CSecurityVeNCrypt.cxx @@ -36,7 +36,7 @@ using namespace std; static LogWriter vlog("CVeNCrypt"); -CSecurityVeNCrypt::CSecurityVeNCrypt(Security* sec) : csecurity(NULL), security(sec) +CSecurityVeNCrypt::CSecurityVeNCrypt(SecurityClient* sec) : csecurity(NULL), security(sec) { haveRecvdMajorVersion = false; haveRecvdMinorVersion = false; diff --git a/common/rfb/CSecurityVeNCrypt.h b/common/rfb/CSecurityVeNCrypt.h index c04d1bf2..fd9c5dc0 100644 --- a/common/rfb/CSecurityVeNCrypt.h +++ b/common/rfb/CSecurityVeNCrypt.h @@ -26,7 +26,7 @@ #define __CSECURITYVENCRYPT_H__ #include -#include +#include #include namespace rfb { @@ -34,7 +34,7 @@ namespace rfb { class CSecurityVeNCrypt : public CSecurity { public: - CSecurityVeNCrypt(Security* sec); + CSecurityVeNCrypt(SecurityClient* sec); ~CSecurityVeNCrypt(); virtual bool processMsg(CConnection* cc);// { return true; } int getType() const {return chosenType;} @@ -43,7 +43,7 @@ namespace rfb { static StringParameter secTypesStr; protected: CSecurity *csecurity; - Security *security; + SecurityClient *security; bool haveRecvdMajorVersion; bool haveRecvdMinorVersion; bool haveSentVersion; diff --git a/common/rfb/Makefile.am b/common/rfb/Makefile.am index cf55fab0..ce196c6e 100644 --- a/common/rfb/Makefile.am +++ b/common/rfb/Makefile.am @@ -18,7 +18,8 @@ HDRS = Blacklist.h CapsContainer.h CapsList.h CConnection.h \ PixelFormat.h PixelFormat.inl Pixel.h RawDecoder.h RawEncoder.h \ Rect.h Region.h rreDecode.h RREDecoder.h rreEncode.h RREEncoder.h \ ScaledPixelBuffer.h ScaleFilters.h SConnection.h ScreenSet.h \ - screenTypes.h SDesktop.h Security.h ServerCore.h SMsgHandler.h \ + screenTypes.h SDesktop.h Security.h SecurityServer.h SecurityClient.h \ + ServerCore.h SMsgHandler.h \ SMsgReader.h SMsgReaderV3.h SMsgWriter.h SMsgWriterV3.h SSecurity.h \ SSecurityNone.h SSecurityPlain.h SSecurityStack.h SSecurityVeNCrypt.h \ SSecurityVncAuth.h Threading.h tightDecode.h \ @@ -40,7 +41,8 @@ librfb_la_SOURCES = $(HDRS) Blacklist.cxx CConnection.cxx CMsgHandler.cxx \ RREEncoder.cxx RREDecoder.cxx RawDecoder.cxx RawEncoder.cxx \ Region.cxx SConnection.cxx SMsgHandler.cxx \ SMsgReader.cxx SMsgReaderV3.cxx SMsgWriter.cxx SMsgWriterV3.cxx \ - ServerCore.cxx Security.cxx SSecurityPlain.cxx SSecurityStack.cxx \ + ServerCore.cxx Security.cxx SecurityServer.cxx SecurityClient.cxx \ + SSecurityPlain.cxx SSecurityStack.cxx \ SSecurityVncAuth.cxx SSecurityVeNCrypt.cxx \ ScaledPixelBuffer.cxx ScaleFilters.cxx Timer.cxx TightDecoder.cxx \ TightEncoder.cxx TightPalette.cxx TransImageGetter.cxx \ diff --git a/common/rfb/SConnection.cxx b/common/rfb/SConnection.cxx index 87db2001..bc4c982d 100644 --- a/common/rfb/SConnection.cxx +++ b/common/rfb/SConnection.cxx @@ -55,7 +55,7 @@ SConnection::SConnection(bool reverseConnection_) cp.setVersion(defaultMajorVersion, defaultMinorVersion); - security = new Security(SecurityServer); + security = new SecurityServer(); } SConnection::~SConnection() diff --git a/common/rfb/SConnection.h b/common/rfb/SConnection.h index e139f15f..d0bd499b 100644 --- a/common/rfb/SConnection.h +++ b/common/rfb/SConnection.h @@ -26,7 +26,7 @@ #include #include #include -#include +#include #include namespace rfb { @@ -191,7 +191,7 @@ namespace rfb { rdr::OutStream* os; SMsgReader* reader_; SMsgWriter* writer_; - Security *security; + SecurityServer *security; SSecurity* ssecurity; stateEnum state_; bool reverseConnection; diff --git a/common/rfb/SSecurityVeNCrypt.cxx b/common/rfb/SSecurityVeNCrypt.cxx index f094c8d0..9e4260f4 100644 --- a/common/rfb/SSecurityVeNCrypt.cxx +++ b/common/rfb/SSecurityVeNCrypt.cxx @@ -38,7 +38,7 @@ using namespace std; static LogWriter vlog("SVeNCrypt"); -SSecurityVeNCrypt::SSecurityVeNCrypt(Security *sec) : security(sec) +SSecurityVeNCrypt::SSecurityVeNCrypt(SecurityServer *sec) : security(sec) { ssecurity = NULL; haveSentVersion = false; diff --git a/common/rfb/SSecurityVeNCrypt.h b/common/rfb/SSecurityVeNCrypt.h index d7090914..849a702f 100644 --- a/common/rfb/SSecurityVeNCrypt.h +++ b/common/rfb/SSecurityVeNCrypt.h @@ -36,7 +36,7 @@ namespace rfb { class SSecurityVeNCrypt : public SSecurity { public: - SSecurityVeNCrypt(Security *sec); + SSecurityVeNCrypt(SecurityServer *sec); ~SSecurityVeNCrypt(); virtual bool processMsg(SConnection* sc);// { return true; } virtual int getType() const { return secTypeVeNCrypt; } @@ -44,7 +44,7 @@ namespace rfb { protected: SSecurity *ssecurity; - Security *security; + SecurityServer *security; bool haveSentVersion, haveRecvdMajorVersion, haveRecvdMinorVersion; bool haveSentTypes, haveChosenType; rdr::U8 majorVersion, minorVersion, numTypes; diff --git a/common/rfb/Security.cxx b/common/rfb/Security.cxx index 2ea51fac..cbc72aef 100644 --- a/common/rfb/Security.cxx +++ b/common/rfb/Security.cxx @@ -52,41 +52,11 @@ using namespace std; static LogWriter vlog("Security"); -UserPasswdGetter *CSecurity::upg = NULL; - -StringParameter Security::secTypesViewer -("SecurityTypes", - "Specify which security scheme to use (None, VncAuth)", -#ifdef HAVE_GNUTLS - "VeNCrypt,X509Plain,TLSPlain,X509Vnc,TLSVnc,X509None,TLSNone,VncAuth,None", -#else - "VncAuth,None", -#endif -ConfViewer); - -StringParameter Security::secTypesServer -("SecurityTypes", - "Specify which security scheme to use (None, VncAuth)", -#ifdef HAVE_GNUTLS - "VeNCrypt,TLSVnc,VncAuth", -#else - "VncAuth", -#endif -ConfServer); - -Security::Security(SecurityClassType secClassType) +Security::Security(StringParameter &secTypes) { char *secTypesStr; - switch (secClassType) { - case SecurityViewer: - secTypesStr = secTypesViewer.getData(); - break; - case SecurityServer: - secTypesStr = secTypesServer.getData(); - break; - }; - + secTypesStr = secTypes.getData(); enabledSecTypes = parseSecTypes(secTypesStr); delete secTypesStr; @@ -138,74 +108,6 @@ bool Security::IsSupported(U32 secType) return false; } -SSecurity* Security::GetSSecurity(U32 secType) -{ - if (!IsSupported(secType)) - goto bail; - - switch (secType) { - case secTypeNone: return new SSecurityNone(); - case secTypeVncAuth: return new SSecurityVncAuth(); - case secTypeVeNCrypt: return new SSecurityVeNCrypt(this); - case secTypePlain: return new SSecurityPlain(); -#ifdef HAVE_GNUTLS - case secTypeTLSNone: - return new SSecurityStack(secTypeTLSNone, new SSecurityTLS(true)); - case secTypeTLSVnc: - return new SSecurityStack(secTypeTLSVnc, new SSecurityTLS(true), new SSecurityVncAuth()); - case secTypeTLSPlain: - return new SSecurityStack(secTypeTLSPlain, new SSecurityTLS(true), new SSecurityPlain()); - case secTypeX509None: - return new SSecurityStack(secTypeX509None, new SSecurityTLS(false)); - case secTypeX509Vnc: - return new SSecurityStack(secTypeX509None, new SSecurityTLS(false), new SSecurityVncAuth()); - case secTypeX509Plain: - return new SSecurityStack(secTypeX509Plain, new SSecurityTLS(false), new SSecurityPlain()); -#endif - } - -bail: - throw Exception("Security type not supported"); -} - -CSecurity* Security::GetCSecurity(U32 secType) -{ - assert (CSecurity::upg != NULL); /* (upg == NULL) means bug in the viewer */ - - if (!IsSupported(secType)) - goto bail; - - switch (secType) { - case secTypeNone: return new CSecurityNone(); - case secTypeVncAuth: return new CSecurityVncAuth(); - case secTypeVeNCrypt: return new CSecurityVeNCrypt(this); - case secTypePlain: return new CSecurityPlain(); -#ifdef HAVE_GNUTLS - case secTypeTLSNone: - return new CSecurityStack(secTypeTLSNone, "TLS with no password", - new CSecurityTLS(true)); - case secTypeTLSVnc: - return new CSecurityStack(secTypeTLSVnc, "TLS with VNCAuth", - new CSecurityTLS(true), new CSecurityVncAuth()); - case secTypeTLSPlain: - return new CSecurityStack(secTypeTLSPlain, "TLS with Username/Password", - new CSecurityTLS(true), new CSecurityPlain()); - case secTypeX509None: - return new CSecurityStack(secTypeX509None, "X509 with no password", - new CSecurityTLS(false)); - case secTypeX509Vnc: - return new CSecurityStack(secTypeX509None, "X509 with VNCAuth", - new CSecurityTLS(false), new CSecurityVncAuth()); - case secTypeX509Plain: - return new CSecurityStack(secTypeX509Plain, "X509 with Username/Password", - new CSecurityTLS(false), new CSecurityPlain()); -#endif - } - -bail: - throw Exception("Security type not supported"); -} - rdr::U32 rfb::secTypeNum(const char* name) { if (strcasecmp(name, "None") == 0) return secTypeNone; diff --git a/common/rfb/Security.h b/common/rfb/Security.h index 7b9fd407..8c90d764 100644 --- a/common/rfb/Security.h +++ b/common/rfb/Security.h @@ -60,14 +60,12 @@ namespace rfb { const rdr::U32 secResultFailed = 1; const rdr::U32 secResultTooMany = 2; // deprecated - enum SecurityClassType { SecurityViewer, SecurityServer }; - class Security { public: /* * Create Security instance. */ - Security(SecurityClassType secClassType); + Security(StringParameter &secTypes); /* * Note about security types. @@ -90,15 +88,6 @@ namespace rfb { /* Get list of enabled VeNCrypt subtypes */ const std::list GetEnabledExtSecTypes(void); - /* Create server side SSecurity class instance */ - SSecurity* GetSSecurity(rdr::U32 secType); - - /* Create client side CSecurity class instance */ - CSecurity* GetCSecurity(rdr::U32 secType); - - static StringParameter secTypesViewer; - static StringParameter secTypesServer; - private: std::list enabledSecTypes; }; diff --git a/common/rfb/SecurityClient.cxx b/common/rfb/SecurityClient.cxx new file mode 100644 index 00000000..e5e428c6 --- /dev/null +++ b/common/rfb/SecurityClient.cxx @@ -0,0 +1,88 @@ +/* Copyright (C) 2002-2005 RealVNC Ltd. All Rights Reserved. + * Copyright (C) 2010 TigerVNC Team + * + * This is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this software; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, + * USA. + */ + +#ifdef HAVE_CONFIG_H +#include +#endif + +#include +#include +#include +#include +#include +#include +#include +#include +#ifdef HAVE_GNUTLS +#include +#endif + +using namespace rdr; +using namespace rfb; + +UserPasswdGetter *CSecurity::upg = NULL; + +StringParameter SecurityClient::secTypes +("SecurityTypes", + "Specify which security scheme to use (None, VncAuth)", +#ifdef HAVE_GNUTLS + "VeNCrypt,X509Plain,TLSPlain,X509Vnc,TLSVnc,X509None,TLSNone,VncAuth,None", +#else + "VncAuth,None", +#endif +ConfViewer); + +CSecurity* SecurityClient::GetCSecurity(U32 secType) +{ + assert (CSecurity::upg != NULL); /* (upg == NULL) means bug in the viewer */ + + if (!IsSupported(secType)) + goto bail; + + switch (secType) { + case secTypeNone: return new CSecurityNone(); + case secTypeVncAuth: return new CSecurityVncAuth(); + case secTypeVeNCrypt: return new CSecurityVeNCrypt(this); + case secTypePlain: return new CSecurityPlain(); +#ifdef HAVE_GNUTLS + case secTypeTLSNone: + return new CSecurityStack(secTypeTLSNone, "TLS with no password", + new CSecurityTLS(true)); + case secTypeTLSVnc: + return new CSecurityStack(secTypeTLSVnc, "TLS with VNCAuth", + new CSecurityTLS(true), new CSecurityVncAuth()); + case secTypeTLSPlain: + return new CSecurityStack(secTypeTLSPlain, "TLS with Username/Password", + new CSecurityTLS(true), new CSecurityPlain()); + case secTypeX509None: + return new CSecurityStack(secTypeX509None, "X509 with no password", + new CSecurityTLS(false)); + case secTypeX509Vnc: + return new CSecurityStack(secTypeX509None, "X509 with VNCAuth", + new CSecurityTLS(false), new CSecurityVncAuth()); + case secTypeX509Plain: + return new CSecurityStack(secTypeX509Plain, "X509 with Username/Password", + new CSecurityTLS(false), new CSecurityPlain()); +#endif + } + +bail: + throw Exception("Security type not supported"); +} + diff --git a/common/rfb/SecurityClient.h b/common/rfb/SecurityClient.h new file mode 100644 index 00000000..c30fdfcd --- /dev/null +++ b/common/rfb/SecurityClient.h @@ -0,0 +1,43 @@ +/* Copyright (C) 2002-2005 RealVNC Ltd. All Rights Reserved. + * + * This is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this software; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, + * USA. + */ +// +// secTypes.h - constants for the various security types. +// + +#ifndef __RFB_SECURITYCLIENT_H__ +#define __RFB_SECURITYCLIENT_H__ + +#include +#include +#include + +namespace rfb { + + class SecurityClient : public Security { + public: + SecurityClient(void) : Security(secTypes) {} + + /* Create client side CSecurity class instance */ + CSecurity* GetCSecurity(rdr::U32 secType); + + static StringParameter secTypes; + }; + +} + +#endif diff --git a/common/rfb/SecurityServer.cxx b/common/rfb/SecurityServer.cxx new file mode 100644 index 00000000..e3ac4059 --- /dev/null +++ b/common/rfb/SecurityServer.cxx @@ -0,0 +1,77 @@ +/* + * Copyright (C) 2010 TigerVNC Team + * + * This is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this software; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, + * USA. + */ + +#ifdef HAVE_CONFIG_H +#include +#endif + +#include +#include +#include +#include +#include +#include +#include +#ifdef HAVE_GNUTLS +#include +#endif + +using namespace rdr; +using namespace rfb; + +StringParameter SecurityServer::secTypes +("SecurityTypes", + "Specify which security scheme to use (None, VncAuth)", +#ifdef HAVE_GNUTLS + "VeNCrypt,TLSVnc,VncAuth", +#else + "VncAuth", +#endif +ConfServer); + +SSecurity* SecurityServer::GetSSecurity(U32 secType) +{ + if (!IsSupported(secType)) + goto bail; + + switch (secType) { + case secTypeNone: return new SSecurityNone(); + case secTypeVncAuth: return new SSecurityVncAuth(); + case secTypeVeNCrypt: return new SSecurityVeNCrypt(this); + case secTypePlain: return new SSecurityPlain(); +#ifdef HAVE_GNUTLS + case secTypeTLSNone: + return new SSecurityStack(secTypeTLSNone, new SSecurityTLS(true)); + case secTypeTLSVnc: + return new SSecurityStack(secTypeTLSVnc, new SSecurityTLS(true), new SSecurityVncAuth()); + case secTypeTLSPlain: + return new SSecurityStack(secTypeTLSPlain, new SSecurityTLS(true), new SSecurityPlain()); + case secTypeX509None: + return new SSecurityStack(secTypeX509None, new SSecurityTLS(false)); + case secTypeX509Vnc: + return new SSecurityStack(secTypeX509None, new SSecurityTLS(false), new SSecurityVncAuth()); + case secTypeX509Plain: + return new SSecurityStack(secTypeX509Plain, new SSecurityTLS(false), new SSecurityPlain()); +#endif + } + +bail: + throw Exception("Security type not supported"); +} + diff --git a/common/rfb/SecurityServer.h b/common/rfb/SecurityServer.h new file mode 100644 index 00000000..0986619a --- /dev/null +++ b/common/rfb/SecurityServer.h @@ -0,0 +1,41 @@ +/* + * Copyright (C) 2010 TigerVNC Team + * + * This is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this software; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, + * USA. + */ + +#ifndef __RFB_SECURITYSERVER_H__ +#define __RFB_SECURITYSERVER_H__ + +#include +#include +#include + +namespace rfb { + + class SecurityServer : public Security { + public: + SecurityServer(void) : Security(secTypes) {} + + /* Create server side SSecurity class instance */ + SSecurity* GetSSecurity(rdr::U32 secType); + + static StringParameter secTypes; + }; + +} + +#endif diff --git a/win/vncconfig/Authentication.h b/win/vncconfig/Authentication.h index 90bf08c3..731a1710 100644 --- a/win/vncconfig/Authentication.h +++ b/win/vncconfig/Authentication.h @@ -40,7 +40,7 @@ namespace rfb { AuthenticationPage(const RegKey& rk) : PropSheetPage(GetModuleHandle(0), MAKEINTRESOURCE(IDD_AUTHENTICATION)), regKey(rk) {} void initDialog() { - CharArray sec_types_str(Security::secTypesServer.getData()); + CharArray sec_types_str(SecurityServer::secTypes.getData()); std::list sec_types = parseSecTypes(sec_types_str.buf); useNone = useVNC = false; -- 2.39.5