mirrors
/
tigervnc
дзеркало https://github.com/TigerVNC/tigervnc.git
Слідкувати 1
В обрані 0
Форк 0
Код Проблеми 0 Релізи 37 Вікі Активність
Переглянути джерело

[Cleanup] Ensure all files use LF as newline control character, not CR+LF. 


git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4119 3789f03b-4d11-0410-bbf8-ca57d06f2519
tags/v1.0.90
Adam Tkac 14 роки тому
джерело
bacbbaa697
коміт
5522d61b7a
9 змінених файлів з 797 додано та 797 видалено
Розділений перегляд Показати статистику Diff
  1. 43
    43
      common/rfb/CSecurityStack.h
  2. 74
    74
      common/rfb/CSecurityTLS.h
  3. 193
    193
      common/rfb/CSecurityVeNCrypt.cxx
  4. 62
    62
      common/rfb/CSecurityVeNCrypt.h
  5. 97
    97
      common/rfb/SSecurityPlain.cxx
  6. 60
    60
      common/rfb/SSecurityPlain.h
  7. 41
    41
      common/rfb/SSecurityStack.h
  8. 173
    173
      common/rfb/SSecurityVeNCrypt.cxx
  9. 54
    54
      common/rfb/SSecurityVeNCrypt.h

+ 43
- 43
common/rfb/CSecurityStack.h Переглянути файл

@@ -1,43 +1,43 @@
/* Copyright (C) 2005 Martin Koegler
* Copyright (C) 2006 OCCAM Financial Technology
* Copyright (C) 2010 TigerVNC Team
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this software; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
#ifndef __RFB_CSECURITYSTACK_H__
#define __RFB_CSECURITYSTACK_H__
#include <rfb/CSecurity.h>
#include <rfb/Security.h>
namespace rfb {
class CSecurityStack : public CSecurity {
public:
CSecurityStack(int Type, const char *Name, CSecurity* s0 = 0, CSecurity* s1 = 0);
~CSecurityStack();
virtual bool processMsg(CConnection* cc);
virtual int getType() const {return type;};
virtual const char* description() const {return name;}
protected:
int state;
CSecurity* state0;
CSecurity* state1;
const char* name;
int type;
};
}
#endif
/* Copyright (C) 2005 Martin Koegler
* Copyright (C) 2006 OCCAM Financial Technology
* Copyright (C) 2010 TigerVNC Team
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this software; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
#ifndef __RFB_CSECURITYSTACK_H__
#define __RFB_CSECURITYSTACK_H__
#include <rfb/CSecurity.h>
#include <rfb/Security.h>
namespace rfb {
class CSecurityStack : public CSecurity {
public:
CSecurityStack(int Type, const char *Name, CSecurity* s0 = 0, CSecurity* s1 = 0);
~CSecurityStack();
virtual bool processMsg(CConnection* cc);
virtual int getType() const {return type;};
virtual const char* description() const {return name;}
protected:
int state;
CSecurity* state0;
CSecurity* state1;
const char* name;
int type;
};
}
#endif

+ 74
- 74
common/rfb/CSecurityTLS.h Переглянути файл

@@ -1,74 +1,74 @@
/*
* Copyright (C) 2004 Red Hat Inc.
* Copyright (C) 2005 Martin Koegler
* Copyright (C) 2010 TigerVNC Team
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this software; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
#ifndef __C_SECURITY_TLS_H__
#define __C_SECURITY_TLS_H__
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#ifndef HAVE_GNUTLS
#error "This header should not be compiled without HAVE_GNUTLS defined"
#endif
#include <rfb/CSecurity.h>
#include <rfb/SSecurityVeNCrypt.h>
#include <rfb/Security.h>
#include <rdr/InStream.h>
#include <rdr/OutStream.h>
#include <gnutls/gnutls.h>
namespace rfb {
class CSecurityTLS : public CSecurity {
public:
CSecurityTLS(bool _anon);
virtual ~CSecurityTLS();
virtual bool processMsg(CConnection* cc);
virtual int getType() const { return anon ? secTypeTLSNone : secTypeX509None; }
virtual const char* description() const
{ return anon ? "TLS Encryption without VncAuth" : "X509 Encryption without VncAuth"; }
static StringParameter x509ca;
static StringParameter x509crl;
protected:
void shutdown();
void freeResources();
void setParam();
void checkSession();
CConnection *client;
private:
static void initGlobal();
gnutls_session session;
gnutls_anon_client_credentials anon_cred;
gnutls_certificate_credentials cert_cred;
bool anon;
char *cafile, *crlfile;
rdr::InStream* fis;
rdr::OutStream* fos;
};
}
#endif
/*
* Copyright (C) 2004 Red Hat Inc.
* Copyright (C) 2005 Martin Koegler
* Copyright (C) 2010 TigerVNC Team
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this software; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
#ifndef __C_SECURITY_TLS_H__
#define __C_SECURITY_TLS_H__
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#ifndef HAVE_GNUTLS
#error "This header should not be compiled without HAVE_GNUTLS defined"
#endif
#include <rfb/CSecurity.h>
#include <rfb/SSecurityVeNCrypt.h>
#include <rfb/Security.h>
#include <rdr/InStream.h>
#include <rdr/OutStream.h>
#include <gnutls/gnutls.h>
namespace rfb {
class CSecurityTLS : public CSecurity {
public:
CSecurityTLS(bool _anon);
virtual ~CSecurityTLS();
virtual bool processMsg(CConnection* cc);
virtual int getType() const { return anon ? secTypeTLSNone : secTypeX509None; }
virtual const char* description() const
{ return anon ? "TLS Encryption without VncAuth" : "X509 Encryption without VncAuth"; }
static StringParameter x509ca;
static StringParameter x509crl;
protected:
void shutdown();
void freeResources();
void setParam();
void checkSession();
CConnection *client;
private:
static void initGlobal();
gnutls_session session;
gnutls_anon_client_credentials anon_cred;
gnutls_certificate_credentials cert_cred;
bool anon;
char *cafile, *crlfile;
rdr::InStream* fis;
rdr::OutStream* fos;
};
}
#endif

+ 193
- 193
common/rfb/CSecurityVeNCrypt.cxx Переглянути файл

@@ -1,193 +1,193 @@
/*
* Copyright (C) 2006 OCCAM Financial Technology
* Copyright (C) 2005-2006 Martin Koegler
* Copyright (C) 2010 TigerVNC Team
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this software; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
//
// CSecurityVeNCrypt
//
#include <rfb/Exception.h>
#include <rdr/InStream.h>
#include <rdr/OutStream.h>
#include <rfb/CConnection.h>
#include <rfb/CSecurityVeNCrypt.h>
#include <rfb/LogWriter.h>
#include <list>
using namespace rfb;
using namespace rdr;
using namespace std;
static LogWriter vlog("CVeNCrypt");
CSecurityVeNCrypt::CSecurityVeNCrypt(Security* sec) : csecurity(NULL), security(sec)
{
haveRecvdMajorVersion = false;
haveRecvdMinorVersion = false;
haveSentVersion = false;
haveAgreedVersion = false;
haveListOfTypes = false;
haveNumberOfTypes = false;
haveChosenType = false;
majorVersion = 0;
minorVersion = 0;
chosenType = secTypeVeNCrypt;
nAvailableTypes = 0;
availableTypes = NULL;
iAvailableType = 0;
}
CSecurityVeNCrypt::~CSecurityVeNCrypt()
{
if (availableTypes)
delete[] availableTypes;
}
bool CSecurityVeNCrypt::processMsg(CConnection* cc)
{
InStream* is = cc->getInStream();
OutStream* os = cc->getOutStream();
/* get major, minor versions, send what we can support (or 0.0 for can't support it) */
if (!haveRecvdMajorVersion) {
majorVersion = is->readU8();
haveRecvdMajorVersion = true;
return false;
}
if (!haveRecvdMinorVersion) {
minorVersion = is->readU8();
haveRecvdMinorVersion = true;
}
/* major version in upper 8 bits and minor version in lower 8 bits */
U16 Version = (((U16) majorVersion) << 8) | ((U16) minorVersion);
if (!haveSentVersion) {
/* Currently we don't support former VeNCrypt 0.1 */
if (Version >= 0x0002) {
majorVersion = 0;
minorVersion = 2;
os->writeU8(majorVersion);
os->writeU8(minorVersion);
os->flush();
} else {
/* Send 0.0 to indicate no support */
majorVersion = 0;
minorVersion = 0;
os->writeU8(0);
os->writeU8(0);
os->flush();
throw AuthFailureException("The server reported an unsupported VeNCrypt version");
}
haveSentVersion = true;
return false;
}
/* Check that the server is OK */
if (!haveAgreedVersion) {
if (is->readU8())
throw AuthFailureException("The server reported it could not support the "
"VeNCrypt version");
haveAgreedVersion = true;
return false;
}
/* get a number of types */
if (!haveNumberOfTypes) {
nAvailableTypes = is->readU8();
iAvailableType = 0;
if (!nAvailableTypes)
throw AuthFailureException("The server reported no VeNCrypt sub-types");
availableTypes = new rdr::U32[nAvailableTypes];
haveNumberOfTypes = true;
return false;
}
if (nAvailableTypes) {
/* read in the types possible */
if (!haveListOfTypes) {
if (is->checkNoWait(4)) {
availableTypes[iAvailableType++] = is->readU32();
haveListOfTypes = (iAvailableType >= nAvailableTypes);
vlog.debug("Server offers security type %s (%d)",
secTypeName(availableTypes[iAvailableType - 1]),
availableTypes[iAvailableType - 1]);
if (!haveListOfTypes)
return false;
} else
return false;
}
/* make a choice and send it to the server, meanwhile set up the stack */
if (!haveChosenType) {
chosenType = secTypeInvalid;
U8 i;
list<U32>::iterator j;
list<U32> preferredList;
/* Try preferred choice */
preferredList = security->GetEnabledExtSecTypes();
for (j = preferredList.begin(); j != preferredList.end(); j++) {
for (i = 0; i < nAvailableTypes; i++) {
if (*j == availableTypes[i]) {
chosenType = *j;
break;
}
}
if (chosenType != secTypeInvalid)
break;
}
vlog.debug("Choosing security type %s (%d)", secTypeName(chosenType),
chosenType);
/* Set up the stack according to the chosen type: */
if (chosenType == secTypeInvalid || chosenType == secTypeVeNCrypt)
throw AuthFailureException("No valid VeNCrypt sub-type");
csecurity = security->GetCSecurity(chosenType);
/* send chosen type to server */
os->writeU32(chosenType);
os->flush();
haveChosenType = true;
}
} else {
/*
* Server told us that there are 0 types it can support - this should not
* happen, since if the server supports 0 sub-types, it doesn't support
* this security type
*/
throw AuthFailureException("The server reported 0 VeNCrypt sub-types");
}
return csecurity->processMsg(cc);
}
/*
* Copyright (C) 2006 OCCAM Financial Technology
* Copyright (C) 2005-2006 Martin Koegler
* Copyright (C) 2010 TigerVNC Team
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this software; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
//
// CSecurityVeNCrypt
//
#include <rfb/Exception.h>
#include <rdr/InStream.h>
#include <rdr/OutStream.h>
#include <rfb/CConnection.h>
#include <rfb/CSecurityVeNCrypt.h>
#include <rfb/LogWriter.h>
#include <list>
using namespace rfb;
using namespace rdr;
using namespace std;
static LogWriter vlog("CVeNCrypt");
CSecurityVeNCrypt::CSecurityVeNCrypt(Security* sec) : csecurity(NULL), security(sec)
{
haveRecvdMajorVersion = false;
haveRecvdMinorVersion = false;
haveSentVersion = false;
haveAgreedVersion = false;
haveListOfTypes = false;
haveNumberOfTypes = false;
haveChosenType = false;
majorVersion = 0;
minorVersion = 0;
chosenType = secTypeVeNCrypt;
nAvailableTypes = 0;
availableTypes = NULL;
iAvailableType = 0;
}
CSecurityVeNCrypt::~CSecurityVeNCrypt()
{
if (availableTypes)
delete[] availableTypes;
}
bool CSecurityVeNCrypt::processMsg(CConnection* cc)
{
InStream* is = cc->getInStream();
OutStream* os = cc->getOutStream();
/* get major, minor versions, send what we can support (or 0.0 for can't support it) */
if (!haveRecvdMajorVersion) {
majorVersion = is->readU8();
haveRecvdMajorVersion = true;
return false;
}
if (!haveRecvdMinorVersion) {
minorVersion = is->readU8();
haveRecvdMinorVersion = true;
}
/* major version in upper 8 bits and minor version in lower 8 bits */
U16 Version = (((U16) majorVersion) << 8) | ((U16) minorVersion);
if (!haveSentVersion) {
/* Currently we don't support former VeNCrypt 0.1 */
if (Version >= 0x0002) {
majorVersion = 0;
minorVersion = 2;
os->writeU8(majorVersion);
os->writeU8(minorVersion);
os->flush();
} else {
/* Send 0.0 to indicate no support */
majorVersion = 0;
minorVersion = 0;
os->writeU8(0);
os->writeU8(0);
os->flush();
throw AuthFailureException("The server reported an unsupported VeNCrypt version");
}
haveSentVersion = true;
return false;
}
/* Check that the server is OK */
if (!haveAgreedVersion) {
if (is->readU8())
throw AuthFailureException("The server reported it could not support the "
"VeNCrypt version");
haveAgreedVersion = true;
return false;
}
/* get a number of types */
if (!haveNumberOfTypes) {
nAvailableTypes = is->readU8();
iAvailableType = 0;
if (!nAvailableTypes)
throw AuthFailureException("The server reported no VeNCrypt sub-types");
availableTypes = new rdr::U32[nAvailableTypes];
haveNumberOfTypes = true;
return false;
}
if (nAvailableTypes) {
/* read in the types possible */
if (!haveListOfTypes) {
if (is->checkNoWait(4)) {
availableTypes[iAvailableType++] = is->readU32();
haveListOfTypes = (iAvailableType >= nAvailableTypes);
vlog.debug("Server offers security type %s (%d)",
secTypeName(availableTypes[iAvailableType - 1]),
availableTypes[iAvailableType - 1]);
if (!haveListOfTypes)
return false;
} else
return false;
}
/* make a choice and send it to the server, meanwhile set up the stack */
if (!haveChosenType) {
chosenType = secTypeInvalid;
U8 i;
list<U32>::iterator j;
list<U32> preferredList;
/* Try preferred choice */
preferredList = security->GetEnabledExtSecTypes();
for (j = preferredList.begin(); j != preferredList.end(); j++) {
for (i = 0; i < nAvailableTypes; i++) {
if (*j == availableTypes[i]) {
chosenType = *j;
break;
}
}
if (chosenType != secTypeInvalid)
break;
}
vlog.debug("Choosing security type %s (%d)", secTypeName(chosenType),
chosenType);
/* Set up the stack according to the chosen type: */
if (chosenType == secTypeInvalid || chosenType == secTypeVeNCrypt)
throw AuthFailureException("No valid VeNCrypt sub-type");
csecurity = security->GetCSecurity(chosenType);
/* send chosen type to server */
os->writeU32(chosenType);
os->flush();
haveChosenType = true;
}
} else {
/*
* Server told us that there are 0 types it can support - this should not
* happen, since if the server supports 0 sub-types, it doesn't support
* this security type
*/
throw AuthFailureException("The server reported 0 VeNCrypt sub-types");
}
return csecurity->processMsg(cc);
}

+ 62
- 62
common/rfb/CSecurityVeNCrypt.h Переглянути файл

@@ -1,62 +1,62 @@
/*
* Copyright (C) 2005-2006 Martin Koegler
* Copyright (C) 2006 OCCAM Financial Technology
* Copyright (C) 2010 TigerVNC Team
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this software; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
//
// CSecurityVeNCrypt
//
#ifndef __CSECURITYVENCRYPT_H__
#define __CSECURITYVENCRYPT_H__
#include <rfb/CSecurity.h>
#include <rfb/Security.h>
#include <rdr/types.h>
namespace rfb {
class CSecurityVeNCrypt : public CSecurity {
public:
CSecurityVeNCrypt(Security* sec);
~CSecurityVeNCrypt();
virtual bool processMsg(CConnection* cc);// { return true; }
int getType() const {return chosenType;}
virtual const char* description() const { return secTypeName(chosenType); }
static StringParameter secTypesStr;
protected:
CSecurity *csecurity;
Security *security;
bool haveRecvdMajorVersion;
bool haveRecvdMinorVersion;
bool haveSentVersion;
bool haveAgreedVersion;
bool haveListOfTypes;
bool haveNumberOfTypes;
bool haveChosenType;
rdr::U8 majorVersion, minorVersion;
rdr::U32 chosenType;
rdr::U8 nAvailableTypes;
rdr::U32 *availableTypes;
rdr::U8 iAvailableType;
const char* desc;
};
}
#endif
/*
* Copyright (C) 2005-2006 Martin Koegler
* Copyright (C) 2006 OCCAM Financial Technology
* Copyright (C) 2010 TigerVNC Team
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this software; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
//
// CSecurityVeNCrypt
//
#ifndef __CSECURITYVENCRYPT_H__
#define __CSECURITYVENCRYPT_H__
#include <rfb/CSecurity.h>
#include <rfb/Security.h>
#include <rdr/types.h>
namespace rfb {
class CSecurityVeNCrypt : public CSecurity {
public:
CSecurityVeNCrypt(Security* sec);
~CSecurityVeNCrypt();
virtual bool processMsg(CConnection* cc);// { return true; }
int getType() const {return chosenType;}
virtual const char* description() const { return secTypeName(chosenType); }
static StringParameter secTypesStr;
protected:
CSecurity *csecurity;
Security *security;
bool haveRecvdMajorVersion;
bool haveRecvdMinorVersion;
bool haveSentVersion;
bool haveAgreedVersion;
bool haveListOfTypes;
bool haveNumberOfTypes;
bool haveChosenType;
rdr::U8 majorVersion, minorVersion;
rdr::U32 chosenType;
rdr::U8 nAvailableTypes;
rdr::U32 *availableTypes;
rdr::U8 iAvailableType;
const char* desc;
};
}
#endif

+ 97
- 97
common/rfb/SSecurityPlain.cxx Переглянути файл

@@ -1,97 +1,97 @@
/* Copyright (C) 2005 Martin Koegler
* Copyright (C) 2006 OCCAM Financial Technology
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this software; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <rfb/SSecurityPlain.h>
#include <rfb/SConnection.h>
#include <rfb/Exception.h>
#include <rdr/InStream.h>
using namespace rfb;
StringParameter PasswordValidator::plainUsers
("PlainUsers",
"Users permitted to access via Plain security type (including TLSPlain, X509Plain etc.)",
"");
bool PasswordValidator::validUser(const char* username)
{
CharArray users(strDup(plainUsers.getValueStr())), user;
while (users.buf) {
strSplit(users.buf, ',', &user.buf, &users.buf);
#ifdef WIN32
if(0==stricmp(user.buf, "*"))
return true;
if(0==stricmp(user.buf, username))
return true;
#else
if(!strcmp (user.buf, "*"))
return true;
if(!strcmp (user.buf, username))
return true;
#endif
}
return false;
}
SSecurityPlain::SSecurityPlain(PasswordValidator* _valid)
{
valid=_valid;
state=0;
}
bool SSecurityPlain::processMsg(SConnection* sc)
{
rdr::InStream* is = sc->getInStream();
char* pw;
char *uname;
CharArray password;
if(state==0)
{
if(!is->checkNoWait(8))
return false;
ulen=is->readU32();
plen=is->readU32();
state=1;
}
if(state==1)
{
if(is->checkNoWait(ulen+plen+2))
return false;
state=2;
pw=new char[plen+1];
uname=new char[ulen+1];
username.replaceBuf(uname);
password.replaceBuf(pw);
is->readBytes(uname,ulen);
is->readBytes(pw,plen);
pw[plen]=0;
uname[ulen]=0;
plen=0;
if(!valid->validate(sc,uname,pw))
throw AuthFailureException("invalid password or username");
return true;
}
return true;
}
/* Copyright (C) 2005 Martin Koegler
* Copyright (C) 2006 OCCAM Financial Technology
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this software; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <rfb/SSecurityPlain.h>
#include <rfb/SConnection.h>
#include <rfb/Exception.h>
#include <rdr/InStream.h>
using namespace rfb;
StringParameter PasswordValidator::plainUsers
("PlainUsers",
"Users permitted to access via Plain security type (including TLSPlain, X509Plain etc.)",
"");
bool PasswordValidator::validUser(const char* username)
{
CharArray users(strDup(plainUsers.getValueStr())), user;
while (users.buf) {
strSplit(users.buf, ',', &user.buf, &users.buf);
#ifdef WIN32
if(0==stricmp(user.buf, "*"))
return true;
if(0==stricmp(user.buf, username))
return true;
#else
if(!strcmp (user.buf, "*"))
return true;
if(!strcmp (user.buf, username))
return true;
#endif
}
return false;
}
SSecurityPlain::SSecurityPlain(PasswordValidator* _valid)
{
valid=_valid;
state=0;
}
bool SSecurityPlain::processMsg(SConnection* sc)
{
rdr::InStream* is = sc->getInStream();
char* pw;
char *uname;
CharArray password;
if(state==0)
{
if(!is->checkNoWait(8))
return false;
ulen=is->readU32();
plen=is->readU32();
state=1;
}
if(state==1)
{
if(is->checkNoWait(ulen+plen+2))
return false;
state=2;
pw=new char[plen+1];
uname=new char[ulen+1];
username.replaceBuf(uname);
password.replaceBuf(pw);
is->readBytes(uname,ulen);
is->readBytes(pw,plen);
pw[plen]=0;
uname[ulen]=0;
plen=0;
if(!valid->validate(sc,uname,pw))
throw AuthFailureException("invalid password or username");
return true;
}
return true;
}

+ 60
- 60
common/rfb/SSecurityPlain.h Переглянути файл

@@ -1,60 +1,60 @@
/* Copyright (C) 2005 Martin Koegler
* Copyright (C) 2006 OCCAM Financial Technology
* Copyright (C) 2010 TigerVNC Team
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this software; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
#ifndef __RFB_SSECURITYPLAIN_H__
#define __RFB_SSECURITYPLAIN_H__
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <rfb/SConnection.h>
#include <rfb/SSecurity.h>
#include <rfb/SSecurityVeNCrypt.h>
#include <rfb/util.h>
#include <rfb/Configuration.h>
namespace rfb {
class PasswordValidator {
public:
// validate username / password combination
bool validate(SConnection* sc, const char *username, const char *password) { return validUser(username) ? validateInternal(sc, username, password) : false; };
static StringParameter plainUsers;
protected:
virtual bool validateInternal(SConnection* sc, const char *username, const char *password)=0;
static bool validUser(const char* username);
};
class SSecurityPlain : public SSecurity {
public:
SSecurityPlain(PasswordValidator* valid);
virtual bool processMsg(SConnection* sc);
virtual int getType() const {return secTypePlain;};
virtual const char* getUserName() const { return username.buf; }
private:
PasswordValidator* valid;
unsigned int ulen,plen,state;
CharArray username;
};
}
#endif
/* Copyright (C) 2005 Martin Koegler
* Copyright (C) 2006 OCCAM Financial Technology
* Copyright (C) 2010 TigerVNC Team
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this software; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
#ifndef __RFB_SSECURITYPLAIN_H__
#define __RFB_SSECURITYPLAIN_H__
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <rfb/SConnection.h>
#include <rfb/SSecurity.h>
#include <rfb/SSecurityVeNCrypt.h>
#include <rfb/util.h>
#include <rfb/Configuration.h>
namespace rfb {
class PasswordValidator {
public:
// validate username / password combination
bool validate(SConnection* sc, const char *username, const char *password) { return validUser(username) ? validateInternal(sc, username, password) : false; };
static StringParameter plainUsers;
protected:
virtual bool validateInternal(SConnection* sc, const char *username, const char *password)=0;
static bool validUser(const char* username);
};
class SSecurityPlain : public SSecurity {
public:
SSecurityPlain(PasswordValidator* valid);
virtual bool processMsg(SConnection* sc);
virtual int getType() const {return secTypePlain;};
virtual const char* getUserName() const { return username.buf; }
private:
PasswordValidator* valid;
unsigned int ulen,plen,state;
CharArray username;
};
}
#endif

+ 41
- 41
common/rfb/SSecurityStack.h Переглянути файл

@@ -1,41 +1,41 @@
/* Copyright (C) 2005 Martin Koegler
* Copyright (C) 2006 OCCAM Financial Technology
* Copyright (C) 2010 TigerVNC Team
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this software; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
#ifndef __RFB_SSECURITYSTACK_H__
#define __RFB_SSECURITYSTACK_H__
#include <rfb/SSecurity.h>
namespace rfb {
class SSecurityStack : public SSecurity {
public:
SSecurityStack(int Type, SSecurity* s0 = 0, SSecurity* s1 = 0);
~SSecurityStack();
virtual bool processMsg(SConnection* cc);
virtual int getType() const { return type; };
virtual const char* getUserName() const;
protected:
short state;
SSecurity* state0;
SSecurity* state1;
int type;
};
}
#endif
/* Copyright (C) 2005 Martin Koegler
* Copyright (C) 2006 OCCAM Financial Technology
* Copyright (C) 2010 TigerVNC Team
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this software; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
#ifndef __RFB_SSECURITYSTACK_H__
#define __RFB_SSECURITYSTACK_H__
#include <rfb/SSecurity.h>
namespace rfb {
class SSecurityStack : public SSecurity {
public:
SSecurityStack(int Type, SSecurity* s0 = 0, SSecurity* s1 = 0);
~SSecurityStack();
virtual bool processMsg(SConnection* cc);
virtual int getType() const { return type; };
virtual const char* getUserName() const;
protected:
short state;
SSecurity* state0;
SSecurity* state1;
int type;
};
}
#endif

+ 173
- 173
common/rfb/SSecurityVeNCrypt.cxx Переглянути файл

@@ -1,173 +1,173 @@
/*
* Copyright (C) 2005-2006 Martin Koegler
* Copyright (C) 2006 OCCAM Financial Technology
* Copyright (C) 2010 TigerVNC Team
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this software; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
/*
* SSecurityVeNCrypt
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <rfb/SSecurityVeNCrypt.h>
#include <rfb/Exception.h>
#include <rfb/LogWriter.h>
#include <rdr/InStream.h>
#include <rdr/OutStream.h>
using namespace rfb;
using namespace rdr;
using namespace std;
static LogWriter vlog("SVeNCrypt");
SSecurityVeNCrypt::SSecurityVeNCrypt(Security *sec) : security(sec)
{
ssecurity = NULL;
haveSentVersion = false;
haveRecvdMajorVersion = false;
haveRecvdMinorVersion = false;
majorVersion = 0;
minorVersion = 0;
haveSentTypes = false;
haveChosenType = false;
chosenType = secTypeVeNCrypt;
numTypes = 0;
subTypes = NULL;
}
SSecurityVeNCrypt::~SSecurityVeNCrypt()
{
if (subTypes) {
delete [] subTypes;
subTypes = NULL;
}
}
bool SSecurityVeNCrypt::processMsg(SConnection* sc)
{
rdr::InStream* is = sc->getInStream();
rdr::OutStream* os = sc->getOutStream();
rdr::U8 i;
/* VeNCrypt initialization */
/* Send the highest version we can support */
if (!haveSentVersion) {
os->writeU8(0);
os->writeU8(2);
haveSentVersion = true;
os->flush();
return false;
}
/* Receive back highest version that client can support (up to and including ours) */
if (!haveRecvdMajorVersion) {
majorVersion = is->readU8();
haveRecvdMajorVersion = true;
return false;
}
if (!haveRecvdMinorVersion) {
minorVersion = is->readU8();
haveRecvdMinorVersion = true;
/* WORD value with major version in upper 8 bits and minor version in lower 8 bits */
U16 Version = (((U16)majorVersion) << 8) | ((U16)minorVersion);
switch (Version) {
case 0x0000: /* 0.0 - The client cannot support us! */
case 0x0001: /* 0.1 Legacy VeNCrypt, not supported */
os->writeU8(0xFF); /* This is not OK */
os->flush();
throw AuthFailureException("The client cannot support the server's "
"VeNCrypt version");
case 0x0002: /* 0.2 */
os->writeU8(0); /* OK */
break;
default:
os->writeU8(0xFF); /* Not OK */
os->flush();
throw AuthFailureException("The client returned an unsupported VeNCrypt version");
}
}
/*
* send number of supported VeNCrypt authentication types (U8) followed
* by authentication types (U32s)
*/
if (!haveSentTypes) {
list<U32> listSubTypes;
listSubTypes = security->GetEnabledExtSecTypes();
numTypes = listSubTypes.size();
subTypes = new U32[numTypes];
for (i = 0; i < numTypes; i++) {
subTypes[i] = listSubTypes.front();
listSubTypes.pop_front();
}
if (numTypes) {
os->writeU8(numTypes);
for (i = 0; i < numTypes; i++)
os->writeU32(subTypes[i]);
os->flush();
haveSentTypes = true;
return false;
} else
throw AuthFailureException("There are no VeNCrypt sub-types to send to the client");
}
/* get type back from client (must be one of the ones we sent) */
if (!haveChosenType) {
is->check(4);
chosenType = is->readU32();
for (i = 0; i < numTypes; i++) {
if (chosenType == subTypes[i]) {
haveChosenType = true;
break;
}
}
if (!haveChosenType)
chosenType = secTypeInvalid;
vlog.debug("Choosing security type %s (%d)", secTypeName(chosenType),
chosenType);
/* Set up the stack according to the chosen type */
if (chosenType == secTypeInvalid || chosenType == secTypeVeNCrypt)
throw AuthFailureException("No valid VeNCrypt sub-type");
ssecurity = security->GetSSecurity(chosenType);
}
/* continue processing the messages */
return ssecurity->processMsg(sc);
}
/*
* Copyright (C) 2005-2006 Martin Koegler
* Copyright (C) 2006 OCCAM Financial Technology
* Copyright (C) 2010 TigerVNC Team
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this software; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
/*
* SSecurityVeNCrypt
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <rfb/SSecurityVeNCrypt.h>
#include <rfb/Exception.h>
#include <rfb/LogWriter.h>
#include <rdr/InStream.h>
#include <rdr/OutStream.h>
using namespace rfb;
using namespace rdr;
using namespace std;
static LogWriter vlog("SVeNCrypt");
SSecurityVeNCrypt::SSecurityVeNCrypt(Security *sec) : security(sec)
{
ssecurity = NULL;
haveSentVersion = false;
haveRecvdMajorVersion = false;
haveRecvdMinorVersion = false;
majorVersion = 0;
minorVersion = 0;
haveSentTypes = false;
haveChosenType = false;
chosenType = secTypeVeNCrypt;
numTypes = 0;
subTypes = NULL;
}
SSecurityVeNCrypt::~SSecurityVeNCrypt()
{
if (subTypes) {
delete [] subTypes;
subTypes = NULL;
}
}
bool SSecurityVeNCrypt::processMsg(SConnection* sc)
{
rdr::InStream* is = sc->getInStream();
rdr::OutStream* os = sc->getOutStream();
rdr::U8 i;
/* VeNCrypt initialization */
/* Send the highest version we can support */
if (!haveSentVersion) {
os->writeU8(0);
os->writeU8(2);
haveSentVersion = true;
os->flush();
return false;
}
/* Receive back highest version that client can support (up to and including ours) */
if (!haveRecvdMajorVersion) {
majorVersion = is->readU8();
haveRecvdMajorVersion = true;
return false;
}
if (!haveRecvdMinorVersion) {
minorVersion = is->readU8();
haveRecvdMinorVersion = true;
/* WORD value with major version in upper 8 bits and minor version in lower 8 bits */
U16 Version = (((U16)majorVersion) << 8) | ((U16)minorVersion);
switch (Version) {
case 0x0000: /* 0.0 - The client cannot support us! */
case 0x0001: /* 0.1 Legacy VeNCrypt, not supported */
os->writeU8(0xFF); /* This is not OK */
os->flush();
throw AuthFailureException("The client cannot support the server's "
"VeNCrypt version");
case 0x0002: /* 0.2 */
os->writeU8(0); /* OK */
break;
default:
os->writeU8(0xFF); /* Not OK */
os->flush();
throw AuthFailureException("The client returned an unsupported VeNCrypt version");
}
}
/*
* send number of supported VeNCrypt authentication types (U8) followed
* by authentication types (U32s)
*/
if (!haveSentTypes) {
list<U32> listSubTypes;
listSubTypes = security->GetEnabledExtSecTypes();
numTypes = listSubTypes.size();
subTypes = new U32[numTypes];
for (i = 0; i < numTypes; i++) {
subTypes[i] = listSubTypes.front();
listSubTypes.pop_front();
}
if (numTypes) {
os->writeU8(numTypes);
for (i = 0; i < numTypes; i++)
os->writeU32(subTypes[i]);
os->flush();
haveSentTypes = true;
return false;
} else
throw AuthFailureException("There are no VeNCrypt sub-types to send to the client");
}
/* get type back from client (must be one of the ones we sent) */
if (!haveChosenType) {
is->check(4);
chosenType = is->readU32();
for (i = 0; i < numTypes; i++) {
if (chosenType == subTypes[i]) {
haveChosenType = true;
break;
}
}
if (!haveChosenType)
chosenType = secTypeInvalid;
vlog.debug("Choosing security type %s (%d)", secTypeName(chosenType),
chosenType);
/* Set up the stack according to the chosen type */
if (chosenType == secTypeInvalid || chosenType == secTypeVeNCrypt)
throw AuthFailureException("No valid VeNCrypt sub-type");
ssecurity = security->GetSSecurity(chosenType);
}
/* continue processing the messages */
return ssecurity->processMsg(sc);
}

+ 54
- 54
common/rfb/SSecurityVeNCrypt.h Переглянути файл

@@ -1,54 +1,54 @@
/*
* Copyright (C) 2005-2006 Martin Koegler
* Copyright (C) 2006 OCCAM Financial Technology
* Copyright (C) 2010 TigerVNC Team
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this software; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
//
// SSecurityVeNCrypt
//
#ifndef __SSECURITYVENCRYPT_H__
#define __SSECURITYVENCRYPT_H__
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <rfb/SSecurityStack.h>
#include <rfb/SConnection.h>
namespace rfb {
class SSecurityVeNCrypt : public SSecurity {
public:
SSecurityVeNCrypt(Security *sec);
~SSecurityVeNCrypt();
virtual bool processMsg(SConnection* sc);// { return true; }
virtual int getType() const { return secTypeVeNCrypt; }
virtual const char* getUserName() const { return NULL; }
protected:
SSecurity *ssecurity;
Security *security;
bool haveSentVersion, haveRecvdMajorVersion, haveRecvdMinorVersion;
bool haveSentTypes, haveChosenType;
rdr::U8 majorVersion, minorVersion, numTypes;
rdr::U32 *subTypes, chosenType;
};
}
#endif
/*
* Copyright (C) 2005-2006 Martin Koegler
* Copyright (C) 2006 OCCAM Financial Technology
* Copyright (C) 2010 TigerVNC Team
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this software; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
* USA.
*/
//
// SSecurityVeNCrypt
//
#ifndef __SSECURITYVENCRYPT_H__
#define __SSECURITYVENCRYPT_H__
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <rfb/SSecurityStack.h>
#include <rfb/SConnection.h>
namespace rfb {
class SSecurityVeNCrypt : public SSecurity {
public:
SSecurityVeNCrypt(Security *sec);
~SSecurityVeNCrypt();
virtual bool processMsg(SConnection* sc);// { return true; }
virtual int getType() const { return secTypeVeNCrypt; }
virtual const char* getUserName() const { return NULL; }
protected:
SSecurity *ssecurity;
Security *security;
bool haveSentVersion, haveRecvdMajorVersion, haveRecvdMinorVersion;
bool haveSentTypes, haveChosenType;
rdr::U8 majorVersion, minorVersion, numTypes;
rdr::U32 *subTypes, chosenType;
};
}
#endif

Писати Попередній перегляд
Завантаження…
Відмінити
Зберегти