Make accessRights a member of SSecurity, not of subclasses, so we don't need to override getAccessRights(). Also avoid shadowing the member in SSecurityStack::getAccessRights(). This is in preparation for changes that will allow to force connections to view-only access. Signed-off-by: Carlos Santos <casantos@redhat.com>pull/1701/head
@@ -44,6 +44,7 @@ add_library(rfb STATIC | |||
Security.cxx | |||
SecurityServer.cxx | |||
SecurityClient.cxx | |||
SSecurity.cxx | |||
SSecurityPlain.cxx | |||
SSecurityStack.cxx | |||
SSecurityVncAuth.cxx |
@@ -0,0 +1,39 @@ | |||
/* Copyright (C) 2023 TigerVNC Team | |||
* | |||
* This is free software; you can redistribute it and/or modify | |||
* it under the terms of the GNU General Public License as published by | |||
* the Free Software Foundation; either version 2 of the License, or | |||
* (at your option) any later version. | |||
* | |||
* This software is distributed in the hope that it will be useful, | |||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |||
* GNU General Public License for more details. | |||
* | |||
* You should have received a copy of the GNU General Public License | |||
* along with this software; if not, write to the Free Software | |||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | |||
* USA. | |||
*/ | |||
#ifdef HAVE_CONFIG_H | |||
#include <config.h> | |||
#endif | |||
#include <rfb/SSecurity.h> | |||
using namespace rfb; | |||
SSecurity::SSecurity(SConnection* sc) | |||
: sc(sc), accessRights(SConnection::AccessDefault) | |||
{ | |||
} | |||
SSecurity::~SSecurity() | |||
{ | |||
} | |||
SConnection::AccessRights SSecurity::getAccessRights() const | |||
{ | |||
return accessRights; | |||
} |
@@ -51,8 +51,8 @@ namespace rfb { | |||
class SSecurity { | |||
public: | |||
SSecurity(SConnection* sc_) : sc(sc_) {} | |||
virtual ~SSecurity() {} | |||
SSecurity(SConnection* sc); | |||
virtual ~SSecurity(); | |||
virtual bool processMsg() = 0; | |||
virtual int getType() const = 0; | |||
@@ -62,10 +62,11 @@ namespace rfb { | |||
// for this security type. | |||
virtual const char* getUserName() const = 0; | |||
virtual SConnection::AccessRights getAccessRights() const { return SConnection::AccessDefault; } | |||
virtual SConnection::AccessRights getAccessRights() const; | |||
protected: | |||
SConnection* sc; | |||
SConnection::AccessRights accessRights; | |||
}; | |||
} |
@@ -76,7 +76,6 @@ SSecurityRSAAES::SSecurityRSAAES(SConnection* sc, uint32_t _secType, | |||
keySize(_keySize), isAllEncrypted(_isAllEncrypted), secType(_secType), | |||
serverKey(), clientKey(), | |||
serverKeyN(NULL), serverKeyE(NULL), clientKeyN(NULL), clientKeyE(NULL), | |||
accessRights(SConnection::AccessDefault), | |||
rais(NULL), raos(NULL), rawis(NULL), rawos(NULL) | |||
{ | |||
assert(keySize == 128 || keySize == 256); |
@@ -39,10 +39,6 @@ namespace rfb { | |||
virtual bool processMsg(); | |||
virtual const char* getUserName() const; | |||
virtual int getType() const { return secType; } | |||
virtual SConnection::AccessRights getAccessRights() const | |||
{ | |||
return accessRights; | |||
} | |||
static StringParameter keyFile; | |||
static BoolParameter requireUsername; | |||
@@ -82,7 +78,6 @@ namespace rfb { | |||
char username[256]; | |||
char password[256]; | |||
SConnection::AccessRights accessRights; | |||
rdr::InStream* rais; | |||
rdr::OutStream* raos; |
@@ -73,17 +73,17 @@ const char* SSecurityStack::getUserName() const | |||
SConnection::AccessRights SSecurityStack::getAccessRights() const | |||
{ | |||
SConnection::AccessRights accessRights; | |||
SConnection::AccessRights rights; | |||
if (!state0 && !state1) | |||
return SSecurity::getAccessRights(); | |||
accessRights = SConnection::AccessFull; | |||
rights = SConnection::AccessFull; | |||
if (state0) | |||
accessRights &= state0->getAccessRights(); | |||
rights &= state0->getAccessRights(); | |||
if (state1) | |||
accessRights &= state1->getAccessRights(); | |||
rights &= state1->getAccessRights(); | |||
return accessRights; | |||
return rights; | |||
} |
@@ -54,7 +54,7 @@ VncAuthPasswdParameter SSecurityVncAuth::vncAuthPasswd | |||
SSecurityVncAuth::SSecurityVncAuth(SConnection* sc) | |||
: SSecurity(sc), sentChallenge(false), | |||
pg(&vncAuthPasswd), accessRights(SConnection::AccessNone) | |||
pg(&vncAuthPasswd) | |||
{ | |||
} | |||
@@ -55,7 +55,6 @@ namespace rfb { | |||
virtual bool processMsg(); | |||
virtual int getType() const {return secTypeVncAuth;} | |||
virtual const char* getUserName() const {return 0;} | |||
virtual SConnection::AccessRights getAccessRights() const { return accessRights; } | |||
static StringParameter vncAuthPasswdFile; | |||
static VncAuthPasswdParameter vncAuthPasswd; | |||
private: | |||
@@ -65,7 +64,6 @@ namespace rfb { | |||
uint8_t response[vncAuthChallengeSize]; | |||
bool sentChallenge; | |||
VncAuthPasswdGetter* pg; | |||
SConnection::AccessRights accessRights; | |||
}; | |||
} | |||
#endif |