Make accessRights a member of SSecurity, not of subclasses, so we don't need to override getAccessRights(). Also avoid shadowing the member in SSecurityStack::getAccessRights(). This is in preparation for changes that will allow to force connections to view-only access. Signed-off-by: Carlos Santos <casantos@redhat.com>

hace 5 meses · 2de86119e6
--- a/common/rfb/CMakeLists.txt
+++ b/common/rfb/CMakeLists.txt
@@ -44,6 +44,7 @@ add_library(rfb STATIC
  Security.cxx
  SecurityServer.cxx
  SecurityClient.cxx
  SSecurity.cxx
  SSecurityPlain.cxx
  SSecurityStack.cxx
  SSecurityVncAuth.cxx
--- a/common/rfb/SSecurity.cxx
+++ b/common/rfb/SSecurity.cxx
@@ -0,0 +1,39 @@
 /* Copyright (C) 2023 TigerVNC Team
 * 
 * This is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 * 
 * This software is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with this software; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307,
 * USA.
 */

 #ifdef HAVE_CONFIG_H
 #include <config.h>
 #endif

 #include <rfb/SSecurity.h>

 using namespace rfb;

 SSecurity::SSecurity(SConnection* sc)
  : sc(sc), accessRights(SConnection::AccessDefault)
 {
 }

 SSecurity::~SSecurity()
 {
 }

 SConnection::AccessRights SSecurity::getAccessRights() const
 {
  return accessRights;
 }
--- a/common/rfb/SSecurity.h
+++ b/common/rfb/SSecurity.h
@@ -51,8 +51,8 @@ namespace rfb {

  class SSecurity {
  public:
    SSecurity(SConnection* sc_) : sc(sc_) {}
    virtual ~SSecurity() {}
    SSecurity(SConnection* sc);
    virtual ~SSecurity();
    virtual bool processMsg() = 0;
    virtual int getType() const = 0;

@@ -62,10 +62,11 @@ namespace rfb {
    // for this security type.
    virtual const char* getUserName() const = 0;

    virtual SConnection::AccessRights getAccessRights() const { return SConnection::AccessDefault; }
    virtual SConnection::AccessRights getAccessRights() const;

  protected:
    SConnection* sc;
    SConnection::AccessRights accessRights;
  };

 }
--- a/common/rfb/SSecurityRSAAES.cxx
+++ b/common/rfb/SSecurityRSAAES.cxx
@@ -76,7 +76,6 @@ SSecurityRSAAES::SSecurityRSAAES(SConnection* sc, uint32_t _secType,
    keySize(_keySize), isAllEncrypted(_isAllEncrypted), secType(_secType),
    serverKey(), clientKey(),
    serverKeyN(NULL), serverKeyE(NULL), clientKeyN(NULL), clientKeyE(NULL),
    accessRights(SConnection::AccessDefault),
    rais(NULL), raos(NULL), rawis(NULL), rawos(NULL)
 {
  assert(keySize == 128 || keySize == 256);
--- a/common/rfb/SSecurityRSAAES.h
+++ b/common/rfb/SSecurityRSAAES.h
@@ -39,10 +39,6 @@ namespace rfb {
    virtual bool processMsg();
    virtual const char* getUserName() const;
    virtual int getType() const { return secType; }
    virtual SConnection::AccessRights getAccessRights() const
    {
      return accessRights;
    }

    static StringParameter keyFile;
    static BoolParameter requireUsername;
@@ -82,7 +78,6 @@ namespace rfb {

    char username[256];
    char password[256];
    SConnection::AccessRights accessRights;

    rdr::InStream* rais;
    rdr::OutStream* raos;
--- a/common/rfb/SSecurityStack.cxx
+++ b/common/rfb/SSecurityStack.cxx
@@ -73,17 +73,17 @@ const char* SSecurityStack::getUserName() const

 SConnection::AccessRights SSecurityStack::getAccessRights() const
 {
  SConnection::AccessRights accessRights;
  SConnection::AccessRights rights;

  if (!state0 && !state1)
    return SSecurity::getAccessRights();

  accessRights = SConnection::AccessFull;
  rights = SConnection::AccessFull;

  if (state0)
    accessRights &= state0->getAccessRights();
    rights &= state0->getAccessRights();
  if (state1)
    accessRights &= state1->getAccessRights();
    rights &= state1->getAccessRights();

  return accessRights;
  return rights;
 }
--- a/common/rfb/SSecurityVncAuth.cxx
+++ b/common/rfb/SSecurityVncAuth.cxx
@@ -54,7 +54,7 @@ VncAuthPasswdParameter SSecurityVncAuth::vncAuthPasswd

 SSecurityVncAuth::SSecurityVncAuth(SConnection* sc)
  : SSecurity(sc), sentChallenge(false),
    pg(&vncAuthPasswd), accessRights(SConnection::AccessNone)
    pg(&vncAuthPasswd)
 {
 }

--- a/common/rfb/SSecurityVncAuth.h
+++ b/common/rfb/SSecurityVncAuth.h
@@ -55,7 +55,6 @@ namespace rfb {
    virtual bool processMsg();
    virtual int getType() const {return secTypeVncAuth;}
    virtual const char* getUserName() const {return 0;}
    virtual SConnection::AccessRights getAccessRights() const { return accessRights; }
    static StringParameter vncAuthPasswdFile;
    static VncAuthPasswdParameter vncAuthPasswd;
  private:
@@ -65,7 +64,6 @@ namespace rfb {
    uint8_t response[vncAuthChallengeSize];
    bool sentChallenge;
    VncAuthPasswdGetter* pg;
    SConnection::AccessRights accessRights;
  };
 }
 #endif