Let's avoid making this too complex and force every user to know about magical functions.

2 yıl önce · 960c7d2ff3
--- a/common/os/os.cxx
+++ b/common/os/os.cxx
@@ -84,14 +84,3 @@ int getvnchomedir(char **dirp)
 	*dirp = dir;
 	return 0;
 }

 int fileexists(char *file)
 {
 #ifdef WIN32
  return (GetFileAttributes(file) == INVALID_FILE_ATTRIBUTES) ? -1 : 0;
 #else
  return access(file, R_OK);
 #endif
 }


--- a/common/os/os.h
+++ b/common/os/os.h
@@ -39,13 +39,4 @@
 */
 int getvnchomedir(char **dirp);

 /*
 * Check if the file exists
 *
 * Returns:
 * 0 - Success
 * -1 - Failure
 */
 int fileexists(char *file);

 #endif /* OS_OS_H */
--- a/common/rfb/CSecurityTLS.cxx
+++ b/common/rfb/CSecurityTLS.cxx
@@ -62,11 +62,32 @@

 using namespace rfb;

 StringParameter CSecurityTLS::X509CA("X509CA", "X509 CA certificate", "", ConfViewer);
 StringParameter CSecurityTLS::X509CRL("X509CRL", "X509 CRL file", "", ConfViewer);
 static const char* homedirfn(const char* fn);

 StringParameter CSecurityTLS::X509CA("X509CA", "X509 CA certificate",
                                     homedirfn("x509_ca.pem"),
                                     ConfViewer);
 StringParameter CSecurityTLS::X509CRL("X509CRL", "X509 CRL file",
                                     homedirfn("x509_crl.pem"),
                                     ConfViewer);

 static LogWriter vlog("TLS");

 static const char* homedirfn(const char* fn)
 {
  static char full_path[PATH_MAX];
  char* homedir = NULL;

  if (getvnchomedir(&homedir) == -1)
    return "";

  snprintf(full_path, sizeof(full_path), "%s%s", homedir, fn);

  delete [] homedir;

  return full_path;
 }

 CSecurityTLS::CSecurityTLS(CConnection* cc, bool _anon)
  : CSecurity(cc), session(NULL), anon_cred(NULL), cert_cred(NULL),
    anon(_anon), tlsis(NULL), tlsos(NULL), rawis(NULL), rawos(NULL)
@@ -78,28 +99,6 @@ CSecurityTLS::CSecurityTLS(CConnection* cc, bool _anon)
    throw AuthFailureException("gnutls_global_init failed");
 }

 void CSecurityTLS::setDefaults()
 {
  char* homeDir = NULL;

  if (getvnchomedir(&homeDir) == -1) {
    vlog.error("Could not obtain VNC home directory path");
    return;
  }

  int len = strlen(homeDir) + 1;
  CharArray caDefault(len + 11);
  CharArray crlDefault(len + 12);
  sprintf(caDefault.buf, "%sx509_ca.pem", homeDir);
  sprintf(crlDefault.buf, "%s509_crl.pem", homeDir);
  delete [] homeDir;

 if (!fileexists(caDefault.buf))
   X509CA.setDefaultStr(caDefault.buf);
 if (!fileexists(crlDefault.buf))
   X509CRL.setDefaultStr(crlDefault.buf);
 }

 void CSecurityTLS::shutdown()
 {
  if (session) {
--- a/common/rfb/CSecurityTLS.h
+++ b/common/rfb/CSecurityTLS.h
@@ -48,7 +48,6 @@ namespace rfb {
    virtual const char* description() const
      { return anon ? "TLS Encryption without VncAuth" : "X509 Encryption without VncAuth"; }
    virtual bool isSecure() const { return !anon; }
    static void setDefaults();

    static StringParameter X509CA;
    static StringParameter X509CRL;
--- a/common/rfb/Configuration.cxx
+++ b/common/rfb/Configuration.cxx
@@ -389,13 +389,6 @@ StringParameter::~StringParameter() {
  strFree(def_value);
 }

 void StringParameter::setDefaultStr(const char* v) {
  strFree(def_value);
  def_value = strDup(v);
  strFree(value);
  value = strDup(v);
 }

 bool StringParameter::setParam(const char* v) {
  LOCK_CONFIG;
  if (immutable) return true;
--- a/common/rfb/Configuration.h
+++ b/common/rfb/Configuration.h
@@ -243,7 +243,6 @@ namespace rfb {
    virtual bool setParam(const char* value);
    virtual char* getDefaultStr() const;
    virtual char* getValueStr() const;
    void setDefaultStr(const char* v);
    operator const char*() const;

    // getData() returns a copy of the data - it must be delete[]d by the
--- a/common/rfb/SecurityClient.cxx
+++ b/common/rfb/SecurityClient.cxx
@@ -105,10 +105,3 @@ CSecurity* SecurityClient::GetCSecurity(CConnection* cc, U32 secType)
 bail:
  throw Exception("Security type not supported");
 }

 void SecurityClient::setDefaults()
 {
 #ifdef HAVE_GNUTLS
    CSecurityTLS::setDefaults();
 #endif
 }
--- a/common/rfb/SecurityClient.h
+++ b/common/rfb/SecurityClient.h
@@ -35,8 +35,6 @@ namespace rfb {
    /* Create client side CSecurity class instance */
    CSecurity* GetCSecurity(CConnection* cc, rdr::U32 secType);

    static void setDefaults(void);

    static StringParameter secTypes;
  };

--- a/vncviewer/vncviewer.cxx
+++ b/vncviewer/vncviewer.cxx
@@ -45,8 +45,6 @@
 #endif

 #include <rfb/Logger_stdio.h>
 #include <rfb/SecurityClient.h>
 #include <rfb/Security.h>
 #ifdef HAVE_GNUTLS
 #include <rfb/CSecurityTLS.h>
 #endif
@@ -521,8 +519,6 @@ int main(int argc, char** argv)
  bindtextdomain(PACKAGE_NAME, CMAKE_INSTALL_FULL_LOCALEDIR);
  textdomain(PACKAGE_NAME);

  rfb::SecurityClient::setDefaults();

  // Write about text to console, still using normal locale codeset
  fprintf(stderr,"\n%s\n", about_text());

--- a/vncviewer/vncviewer.man
+++ b/vncviewer/vncviewer.man
@@ -152,13 +152,13 @@ the server, you can specify it here to avoid typing it in.  It will usually be
 .B \-X509CA \fIpath\fP
 Path to CA certificate to use when authenticating remote servers using any
 of the X509 security schemes (X509None, X509Vnc, etc.). Must be in PEM
 format. Default is \fB$HOME/.vnc/x509_ca.pem\fP, if it exists.
 format. Default is \fB$HOME/.vnc/x509_ca.pem\fP.
 .
 .TP
 .B \-X509CRL \fIpath\fP
 Path to certificate revocation list to use in conjunction with
 \fB-X509CA\fP. Must also be in PEM format. Default is
 \fB$HOME/.vnc/x509_crl.pem\fP, if it exists.
 \fB$HOME/.vnc/x509_crl.pem\fP.
 .
 .TP
 .B \-Shared