Pierre Ossman
741300728a
Use StringParameters directly
We don't need to make extra copies of the string in most cases, so let's
simplify the code and access the string directly when we can.
před 1 rokem
pdlan
484ae7a2ea
Add support for RSA-AES security types
před 1 rokem
Pierre Ossman
d67657e67d
Remove unused CSecurity::description()
před 1 rokem
Pierre Ossman
b6d6db9b7c
Be consistent in including config.h
The generally recommended way is to include it from source files, not
headers. We had a mix of both. Let's try to be consistent and follow the
recommended way.
před 2 roky
Pierre Ossman
960c7d2ff3
Clean up default value for X509 parameters
Let's avoid making this too complex and force every user to know about
magical functions.
před 3 roky
Pierre Ossman
14d21d7b44
Handle GnuTLS shutdown on dead session
The session might have died, or failed to initialise properly, so be
prepared for gnutls_bye() to be unable to do its job.
před 3 roky
Pierre Ossman
52a2e6520a
Remove unused include
We should not be including server headers from client code. It was
not even needed, so simply remove it.
před 6 roky
Pierre Ossman
06c1199c0a
Restore original streams when terminating TLS
In theory we could return to communicate without TLS after a
shutdown. It also makes sure the connection object isn't left
completely without streams.
před 5 roky
Pierre Ossman
1b7463478e
Delete TLS streams before deleting the session
The streams depend on the session and can crash the program if they
are removed in the wrong order. Do a general cleanup of the life time
management of the streams.
před 5 roky
Pierre Ossman
ad2b3c4aa3
Strongly bind security objects to connection object
There is already an implicit connection between them, so let's make
it explicit. This allows easy lookup outside of the processMsg() function.
před 5 roky
Pierre Ossman
daf3d88aa1
Display security state when asking for password
Indicate to the user how secure the transport channel is so they
can avoid entering their password for untrusted sites.
před 6 roky
Pierre Ossman
8aa4bc5320
Proper global init/deinit of GnuTLS
These are reference counted so it is important to retain symmetry
between the calls. Failure to do so will result in bad memory access
and crashes.
před 7 roky
Pierre Ossman
88c24edd8f
Raise GnuTLS requirements to 3.x
This allows us to simplify things by getting rid of some old
compatibility code. People should really be using current versions
of GnuTLS anyway to stay secure.
před 9 roky
Pierre Ossman
3d2a84b9ea
Correct naming convention for some parameters
před 9 roky
Adam Tkac
44cdb1352a
[Bugfix] Call gnutls_bye only when handshake is completed.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4275 3789f03b-4d11-0410-bbf8-ca57d06f2519
před 13 roky
Adam Tkac
27b2f773be
[Development] client: Add dialog window to accept/save invalid X509
certificates. (Guillaume Destuynder)
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4198 3789f03b-4d11-0410-bbf8-ca57d06f2519
před 13 roky
Adam Tkac
5522d61b7a
[Cleanup] Ensure all files use LF as newline control character, not CR+LF.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4119 3789f03b-4d11-0410-bbf8-ca57d06f2519
před 14 roky
Adam Tkac
3c5be39e92
[Development] Rename CSecurityTLSBase class to CSecurityTLS.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4110 3789f03b-4d11-0410-bbf8-ca57d06f2519
před 14 roky
Adam Tkac
0e61c34932
[Development] Merge CSecurityTLS and CSecurityX509 classes into CSecurityTLSBase class.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4109 3789f03b-4d11-0410-bbf8-ca57d06f2519
před 14 roky
Adam Tkac
4395823664
[Bugfix] Add "#error" directives to client-side TLS sources to avoid wrong usage.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4104 3789f03b-4d11-0410-bbf8-ca57d06f2519
před 14 roky
Adam Tkac
b10489b039
[Development] Implement VeNCrypt type support on client side. Currently only
TLSNone and TLSVnc VeNCrypt subtypes are implemented.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4046 3789f03b-4d11-0410-bbf8-ca57d06f2519
před 14 roky
Adam Tkac
dfe19cfff8
[Development] Implement VeNCrypt security type on server side. Currently only
TLSNone and TLSVnc VeNCrypt subtypes are implemented.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4045 3789f03b-4d11-0410-bbf8-ca57d06f2519
před 14 roky
Adam Tkac
35e6d4c554
[Development] Implement secure TLS streams.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4044 3789f03b-4d11-0410-bbf8-ca57d06f2519
před 14 roky
Constantin Kaplinsky
a2adc8d4cf
Migrating to new directory structure adopted from the RealVNC's source tree. More changes will follow.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@589 3789f03b-4d11-0410-bbf8-ca57d06f2519
před 18 roky
Constantin Kaplinsky
b0f89f834a
Merged the rdr library with VNC 4.1.1.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@333 3789f03b-4d11-0410-bbf8-ca57d06f2519
před 19 roky
Constantin Kaplinsky
384b18ba92
Removed the FdOutStream::writeBytes() implementation as the same
method of the parent class seems to do the work better. The function
can flush buffered data even if there were only a few bytes in the
buffer. That results in sending packets with just 1 byte of data,
while encoding data with 32-bit Hextile.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@318 3789f03b-4d11-0410-bbf8-ca57d06f2519
před 19 roky
Constantin Kaplinsky
47ed8d321c
Initial revision
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@2 3789f03b-4d11-0410-bbf8-ca57d06f2519
před 20 roky