|
|
@@ -18,6 +18,16 @@ |
|
|
|
#ifndef WINVNCCONF_AUTHENTICATION |
|
|
|
#define WINVNCCONF_AUTHENTICATION |
|
|
|
|
|
|
|
#include <windows.h> |
|
|
|
#include <commctrl.h> |
|
|
|
|
|
|
|
#ifdef HAVE_GNUTLS |
|
|
|
#include <assert.h> |
|
|
|
#include <gnutls/gnutls.h> |
|
|
|
#include <gnutls/x509.h> |
|
|
|
#define CHECK(x) assert((x)>=0) |
|
|
|
#endif |
|
|
|
|
|
|
|
#include <vncconfig/PasswordDialog.h> |
|
|
|
#include <rfb_win32/Registry.h> |
|
|
|
#include <rfb_win32/SecurityPage.h> |
|
|
@@ -26,6 +36,7 @@ |
|
|
|
#include <rfb/Security.h> |
|
|
|
#include <rfb/SecurityServer.h> |
|
|
|
#include <rfb/SSecurityVncAuth.h> |
|
|
|
#include <rfb/SSecurityTLS.h> |
|
|
|
#include <rfb/Password.h> |
|
|
|
|
|
|
|
static rfb::BoolParameter queryOnlyIfLoggedOn("QueryOnlyIfLoggedOn", |
|
|
@@ -53,11 +64,20 @@ namespace rfb { |
|
|
|
bool onCommand(int id, int cmd) { |
|
|
|
SecurityPage::onCommand(id, cmd); |
|
|
|
|
|
|
|
setChanged(true); |
|
|
|
setChanged(true); |
|
|
|
|
|
|
|
if (id == IDC_AUTH_VNC_PASSWD) { |
|
|
|
PasswordDialog passwdDlg(regKey, registryInsecure); |
|
|
|
passwdDlg.showDialog(handle); |
|
|
|
} else if (id == IDC_LOAD_CERT) { |
|
|
|
const TCHAR* title = _T("X509Cert"); |
|
|
|
const TCHAR* filter = |
|
|
|
_T("X.509 Certificates (*.crt;*.cer;*.pem)\0*.crt;*.cer;*.pem\0All\0*.*\0"); |
|
|
|
showFileChooser(regKey, title, filter, handle); |
|
|
|
} else if (id == IDC_LOAD_CERTKEY) { |
|
|
|
const TCHAR* title = _T("X509Key"); |
|
|
|
const TCHAR* filter = _T("X.509 Keys (*.key;*.pem)\0*.key;*.pem\0All\0*.*\0"); |
|
|
|
showFileChooser(regKey, title, filter, handle); |
|
|
|
} else if (id == IDC_QUERY_LOGGED_ON) { |
|
|
|
enableItem(IDC_QUERY_LOGGED_ON, enableQueryOnlyIfLoggedOn()); |
|
|
|
} |
|
|
@@ -76,6 +96,37 @@ namespace rfb { |
|
|
|
regKey.setBinary(_T("Password"), 0, 0); |
|
|
|
} |
|
|
|
|
|
|
|
#ifdef HAVE_GNUTLS |
|
|
|
if (isItemChecked(IDC_ENC_X509)) { |
|
|
|
gnutls_certificate_credentials_t xcred; |
|
|
|
CHECK(gnutls_global_init()); |
|
|
|
CHECK(gnutls_certificate_allocate_credentials(&xcred)); |
|
|
|
int ret = gnutls_certificate_set_x509_key_file (xcred, |
|
|
|
regKey.getString("X509Cert"), |
|
|
|
regKey.getString("X509Key"), |
|
|
|
GNUTLS_X509_FMT_PEM); |
|
|
|
if (ret >= 0) { |
|
|
|
SSecurityTLS::X509_CertFile.setParam(regKey.getString("X509Cert")); |
|
|
|
SSecurityTLS::X509_CertFile.setParam(regKey.getString("X509Key")); |
|
|
|
} else { |
|
|
|
if (ret == GNUTLS_E_CERTIFICATE_KEY_MISMATCH) { |
|
|
|
MsgBox(0, _T("Private key does not match certificate.\n") |
|
|
|
_T("X.509 security types will not be enabled!"), |
|
|
|
MB_ICONWARNING | MB_OK); |
|
|
|
} else if (ret == GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE) { |
|
|
|
MsgBox(0, _T("Unsupported certificate type.\n") |
|
|
|
_T("X.509 security types will not be enabled!"), |
|
|
|
MB_ICONWARNING | MB_OK); |
|
|
|
} else { |
|
|
|
MsgBox(0, _T("Unknown error while importing X.509 certificate or private key.\n") |
|
|
|
_T("X.509 security types will not be enabled!"), |
|
|
|
MB_ICONWARNING | MB_OK); |
|
|
|
} |
|
|
|
} |
|
|
|
gnutls_global_deinit(); |
|
|
|
} |
|
|
|
#endif |
|
|
|
|
|
|
|
regKey.setString(_T("SecurityTypes"), security->ToString()); |
|
|
|
regKey.setBool(_T("QueryConnect"), isItemChecked(IDC_QUERY_CONNECT)); |
|
|
|
regKey.setBool(_T("QueryOnlyIfLoggedOn"), isItemChecked(IDC_QUERY_LOGGED_ON)); |
|
|
@@ -124,8 +175,37 @@ namespace rfb { |
|
|
|
private: |
|
|
|
inline void modifyAuthMethod(int enc_idc, int auth_idc, bool enable) |
|
|
|
{ |
|
|
|
setItemChecked(enc_idc, enable); |
|
|
|
setItemChecked(auth_idc, enable); |
|
|
|
setItemChecked(enc_idc, enable); |
|
|
|
setItemChecked(auth_idc, enable); |
|
|
|
} |
|
|
|
inline bool showFileChooser(const RegKey& rk, |
|
|
|
const char* title, |
|
|
|
const char* filter, |
|
|
|
HWND hwnd) |
|
|
|
{ |
|
|
|
OPENFILENAME ofn; |
|
|
|
char filename[MAX_PATH]; |
|
|
|
|
|
|
|
ZeroMemory(&ofn, sizeof(ofn)); |
|
|
|
ZeroMemory(&filename, sizeof(filename)); |
|
|
|
filename[0] = '\0'; |
|
|
|
ofn.lStructSize = sizeof(ofn); |
|
|
|
ofn.hwndOwner = hwnd; |
|
|
|
ofn.lpstrFile = filename; |
|
|
|
ofn.nMaxFile = sizeof(filename); |
|
|
|
ofn.lpstrFilter = (char*)filter; |
|
|
|
ofn.nFilterIndex = 1; |
|
|
|
ofn.lpstrFileTitle = NULL; |
|
|
|
ofn.nMaxFileTitle = 0; |
|
|
|
ofn.lpstrTitle = (char*)title; |
|
|
|
ofn.lpstrInitialDir = NULL; |
|
|
|
ofn.Flags = OFN_PATHMUSTEXIST | OFN_FILEMUSTEXIST; |
|
|
|
|
|
|
|
if (GetOpenFileName(&ofn)==TRUE) { |
|
|
|
regKey.setString(title, filename); |
|
|
|
return true; |
|
|
|
} |
|
|
|
return false; |
|
|
|
} |
|
|
|
}; |
|
|
|
|