summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPierre Ossman <ossman@cendio.se>2018-09-21 15:31:11 +0200
committerPierre Ossman <ossman@cendio.se>2018-09-21 15:59:46 +0200
commitad2b3c4aa3db056b83f5d91564400e03f3239835 (patch)
treea81ce066072a3c5db0665e4e522d3fbfd1c221ea
parent50aaed49b67e451cad63b3846989d13f083aad0a (diff)
downloadtigervnc-ad2b3c4aa3db056b83f5d91564400e03f3239835.tar.gz
tigervnc-ad2b3c4aa3db056b83f5d91564400e03f3239835.zip
Strongly bind security objects to connection object
There is already an implicit connection between them, so let's make it explicit. This allows easy lookup outside of the processMsg() function.
-rw-r--r--common/rfb/CConnection.cxx4
-rw-r--r--common/rfb/CSecurity.h6
-rw-r--r--common/rfb/CSecurityNone.h3
-rw-r--r--common/rfb/CSecurityPlain.cxx2
-rw-r--r--common/rfb/CSecurityPlain.h4
-rw-r--r--common/rfb/CSecurityStack.cxx12
-rw-r--r--common/rfb/CSecurityStack.h5
-rw-r--r--common/rfb/CSecurityTLS.cxx7
-rw-r--r--common/rfb/CSecurityTLS.h4
-rw-r--r--common/rfb/CSecurityVeNCrypt.cxx9
-rw-r--r--common/rfb/CSecurityVeNCrypt.h4
-rw-r--r--common/rfb/CSecurityVncAuth.cxx2
-rw-r--r--common/rfb/CSecurityVncAuth.h4
-rw-r--r--common/rfb/SConnection.cxx6
-rw-r--r--common/rfb/SSecurity.h6
-rw-r--r--common/rfb/SSecurityNone.h3
-rw-r--r--common/rfb/SSecurityPlain.cxx4
-rw-r--r--common/rfb/SSecurityPlain.h4
-rw-r--r--common/rfb/SSecurityStack.cxx13
-rw-r--r--common/rfb/SSecurityStack.h5
-rw-r--r--common/rfb/SSecurityTLS.cxx8
-rw-r--r--common/rfb/SSecurityTLS.h4
-rw-r--r--common/rfb/SSecurityVeNCrypt.cxx9
-rw-r--r--common/rfb/SSecurityVeNCrypt.h4
-rw-r--r--common/rfb/SSecurityVncAuth.cxx7
-rw-r--r--common/rfb/SSecurityVncAuth.h4
-rw-r--r--common/rfb/SecurityClient.cxx44
-rw-r--r--common/rfb/SecurityClient.h2
-rw-r--r--common/rfb/SecurityServer.cxx22
-rw-r--r--common/rfb/SecurityServer.h5
30 files changed, 123 insertions, 93 deletions
diff --git a/common/rfb/CConnection.cxx b/common/rfb/CConnection.cxx
index d7a9d852..fb953775 100644
--- a/common/rfb/CConnection.cxx
+++ b/common/rfb/CConnection.cxx
@@ -235,14 +235,14 @@ void CConnection::processSecurityTypesMsg()
}
state_ = RFBSTATE_SECURITY;
- csecurity = security.GetCSecurity(secType);
+ csecurity = security.GetCSecurity(this, secType);
processSecurityMsg();
}
void CConnection::processSecurityMsg()
{
vlog.debug("processing security message");
- if (csecurity->processMsg(this)) {
+ if (csecurity->processMsg()) {
state_ = RFBSTATE_SECURITY_RESULT;
processSecurityResultMsg();
}
diff --git a/common/rfb/CSecurity.h b/common/rfb/CSecurity.h
index 4bf4b38e..2e703c6d 100644
--- a/common/rfb/CSecurity.h
+++ b/common/rfb/CSecurity.h
@@ -44,8 +44,9 @@ namespace rfb {
class CConnection;
class CSecurity {
public:
+ CSecurity(CConnection* cc) { this->cc = cc; }
virtual ~CSecurity() {}
- virtual bool processMsg(CConnection* cc)=0;
+ virtual bool processMsg() = 0;
virtual int getType() const = 0;
virtual const char* description() const = 0;
virtual bool isSecure() const { return false; }
@@ -55,6 +56,9 @@ namespace rfb {
* It MUST be set by viewer.
*/
static UserPasswdGetter *upg;
+
+ protected:
+ CConnection* cc;
};
}
#endif
diff --git a/common/rfb/CSecurityNone.h b/common/rfb/CSecurityNone.h
index a7db6e03..d07815f6 100644
--- a/common/rfb/CSecurityNone.h
+++ b/common/rfb/CSecurityNone.h
@@ -29,7 +29,8 @@ namespace rfb {
class CSecurityNone : public CSecurity {
public:
- virtual bool processMsg(CConnection* cc) { return true; }
+ CSecurityNone(CConnection* cc) : CSecurity(cc) {}
+ virtual bool processMsg() { return true; }
virtual int getType() const {return secTypeNone;}
virtual const char* description() const {return "No Encryption";}
};
diff --git a/common/rfb/CSecurityPlain.cxx b/common/rfb/CSecurityPlain.cxx
index 8e383c31..b2fb7364 100644
--- a/common/rfb/CSecurityPlain.cxx
+++ b/common/rfb/CSecurityPlain.cxx
@@ -26,7 +26,7 @@
using namespace rfb;
-bool CSecurityPlain::processMsg(CConnection* cc)
+bool CSecurityPlain::processMsg()
{
rdr::OutStream* os = cc->getOutStream();
diff --git a/common/rfb/CSecurityPlain.h b/common/rfb/CSecurityPlain.h
index fb0d7a5f..4ea8c9d4 100644
--- a/common/rfb/CSecurityPlain.h
+++ b/common/rfb/CSecurityPlain.h
@@ -26,8 +26,8 @@ namespace rfb {
class CSecurityPlain : public CSecurity {
public:
- CSecurityPlain() {}
- virtual bool processMsg(CConnection* cc);
+ CSecurityPlain(CConnection* cc) : CSecurity(cc) {}
+ virtual bool processMsg();
virtual int getType() const { return secTypePlain; }
virtual const char* description() const { return "ask for username and password"; }
};
diff --git a/common/rfb/CSecurityStack.cxx b/common/rfb/CSecurityStack.cxx
index 47c3f6db..55f3133e 100644
--- a/common/rfb/CSecurityStack.cxx
+++ b/common/rfb/CSecurityStack.cxx
@@ -21,9 +21,9 @@
using namespace rfb;
-CSecurityStack::CSecurityStack(int Type, const char*Name, CSecurity* s0,
- CSecurity* s1)
- :name(Name),type(Type)
+CSecurityStack::CSecurityStack(CConnection* cc, int Type, const char* Name,
+ CSecurity* s0, CSecurity* s1)
+ : CSecurity(cc), name(Name), type(Type)
{
state = 0;
state0 = s0;
@@ -38,12 +38,12 @@ CSecurityStack::~CSecurityStack()
delete state1;
}
-bool CSecurityStack::processMsg(CConnection* cc)
+bool CSecurityStack::processMsg()
{
bool res=true;
if (state == 0) {
if (state0)
- res = state0->processMsg(cc);
+ res = state0->processMsg();
if (!res)
return res;
@@ -53,7 +53,7 @@ bool CSecurityStack::processMsg(CConnection* cc)
if (state == 1) {
if(state1)
- res = state1->processMsg(cc);
+ res = state1->processMsg();
if(!res)
return res;
diff --git a/common/rfb/CSecurityStack.h b/common/rfb/CSecurityStack.h
index a16003f0..4be507ec 100644
--- a/common/rfb/CSecurityStack.h
+++ b/common/rfb/CSecurityStack.h
@@ -27,9 +27,10 @@ namespace rfb {
class CSecurityStack : public CSecurity {
public:
- CSecurityStack(int Type, const char *Name, CSecurity* s0 = 0, CSecurity* s1 = 0);
+ CSecurityStack(CConnection* cc, int Type, const char *Name,
+ CSecurity* s0 = NULL, CSecurity* s1 = NULL);
~CSecurityStack();
- virtual bool processMsg(CConnection* cc);
+ virtual bool processMsg();
virtual int getType() const {return type;};
virtual const char* description() const {return name;}
virtual bool isSecure() const;
diff --git a/common/rfb/CSecurityTLS.cxx b/common/rfb/CSecurityTLS.cxx
index c90f49ec..b943c106 100644
--- a/common/rfb/CSecurityTLS.cxx
+++ b/common/rfb/CSecurityTLS.cxx
@@ -67,8 +67,9 @@ StringParameter CSecurityTLS::X509CRL("X509CRL", "X509 CRL file", "", ConfViewer
static LogWriter vlog("TLS");
-CSecurityTLS::CSecurityTLS(bool _anon) : session(0), anon_cred(0),
- cert_cred(0), anon(_anon), fis(0), fos(0)
+CSecurityTLS::CSecurityTLS(CConnection* cc, bool _anon)
+ : CSecurity(cc), session(NULL), anon_cred(NULL), cert_cred(NULL),
+ anon(_anon), fis(NULL), fos(NULL)
{
cafile = X509CA.getData();
crlfile = X509CRL.getData();
@@ -137,7 +138,7 @@ CSecurityTLS::~CSecurityTLS()
gnutls_global_deinit();
}
-bool CSecurityTLS::processMsg(CConnection* cc)
+bool CSecurityTLS::processMsg()
{
rdr::InStream* is = cc->getInStream();
rdr::OutStream* os = cc->getOutStream();
diff --git a/common/rfb/CSecurityTLS.h b/common/rfb/CSecurityTLS.h
index e726d1e9..6791a4ad 100644
--- a/common/rfb/CSecurityTLS.h
+++ b/common/rfb/CSecurityTLS.h
@@ -42,9 +42,9 @@ namespace rfb {
class UserMsgBox;
class CSecurityTLS : public CSecurity {
public:
- CSecurityTLS(bool _anon);
+ CSecurityTLS(CConnection* cc, bool _anon);
virtual ~CSecurityTLS();
- virtual bool processMsg(CConnection* cc);
+ virtual bool processMsg();
virtual int getType() const { return anon ? secTypeTLSNone : secTypeX509None; }
virtual const char* description() const
{ return anon ? "TLS Encryption without VncAuth" : "X509 Encryption without VncAuth"; }
diff --git a/common/rfb/CSecurityVeNCrypt.cxx b/common/rfb/CSecurityVeNCrypt.cxx
index f9597cc7..22201dd2 100644
--- a/common/rfb/CSecurityVeNCrypt.cxx
+++ b/common/rfb/CSecurityVeNCrypt.cxx
@@ -36,7 +36,8 @@ using namespace std;
static LogWriter vlog("CVeNCrypt");
-CSecurityVeNCrypt::CSecurityVeNCrypt(SecurityClient* sec) : csecurity(NULL), security(sec)
+CSecurityVeNCrypt::CSecurityVeNCrypt(CConnection* cc, SecurityClient* sec)
+ : CSecurity(cc), csecurity(NULL), security(sec)
{
haveRecvdMajorVersion = false;
haveRecvdMinorVersion = false;
@@ -59,7 +60,7 @@ CSecurityVeNCrypt::~CSecurityVeNCrypt()
delete[] availableTypes;
}
-bool CSecurityVeNCrypt::processMsg(CConnection* cc)
+bool CSecurityVeNCrypt::processMsg()
{
InStream* is = cc->getInStream();
OutStream* os = cc->getOutStream();
@@ -171,7 +172,7 @@ bool CSecurityVeNCrypt::processMsg(CConnection* cc)
if (chosenType == secTypeInvalid || chosenType == secTypeVeNCrypt)
throw AuthFailureException("No valid VeNCrypt sub-type");
- csecurity = security->GetCSecurity(chosenType);
+ csecurity = security->GetCSecurity(cc, chosenType);
/* send chosen type to server */
os->writeU32(chosenType);
@@ -188,7 +189,7 @@ bool CSecurityVeNCrypt::processMsg(CConnection* cc)
throw AuthFailureException("The server reported 0 VeNCrypt sub-types");
}
- return csecurity->processMsg(cc);
+ return csecurity->processMsg();
}
const char* CSecurityVeNCrypt::description() const
diff --git a/common/rfb/CSecurityVeNCrypt.h b/common/rfb/CSecurityVeNCrypt.h
index 6d978c75..d015e8f2 100644
--- a/common/rfb/CSecurityVeNCrypt.h
+++ b/common/rfb/CSecurityVeNCrypt.h
@@ -34,9 +34,9 @@ namespace rfb {
class CSecurityVeNCrypt : public CSecurity {
public:
- CSecurityVeNCrypt(SecurityClient* sec);
+ CSecurityVeNCrypt(CConnection* cc, SecurityClient* sec);
~CSecurityVeNCrypt();
- virtual bool processMsg(CConnection* cc);// { return true; }
+ virtual bool processMsg();
int getType() const {return chosenType;}
virtual const char* description() const;
virtual bool isSecure() const;
diff --git a/common/rfb/CSecurityVncAuth.cxx b/common/rfb/CSecurityVncAuth.cxx
index 46463e0a..6a87498c 100644
--- a/common/rfb/CSecurityVncAuth.cxx
+++ b/common/rfb/CSecurityVncAuth.cxx
@@ -40,7 +40,7 @@ using namespace rfb;
static const int vncAuthChallengeSize = 16;
-bool CSecurityVncAuth::processMsg(CConnection* cc)
+bool CSecurityVncAuth::processMsg()
{
rdr::InStream* is = cc->getInStream();
rdr::OutStream* os = cc->getOutStream();
diff --git a/common/rfb/CSecurityVncAuth.h b/common/rfb/CSecurityVncAuth.h
index 391ed236..2da98177 100644
--- a/common/rfb/CSecurityVncAuth.h
+++ b/common/rfb/CSecurityVncAuth.h
@@ -25,9 +25,9 @@ namespace rfb {
class CSecurityVncAuth : public CSecurity {
public:
- CSecurityVncAuth(void) {}
+ CSecurityVncAuth(CConnection* cc) : CSecurity(cc) {}
virtual ~CSecurityVncAuth() {}
- virtual bool processMsg(CConnection* cc);
+ virtual bool processMsg();
virtual int getType() const {return secTypeVncAuth;};
virtual const char* description() const {return "No Encryption";}
};
diff --git a/common/rfb/SConnection.cxx b/common/rfb/SConnection.cxx
index ae43254d..efc26acf 100644
--- a/common/rfb/SConnection.cxx
+++ b/common/rfb/SConnection.cxx
@@ -156,7 +156,7 @@ void SConnection::processVersionMsg()
os->writeU32(*i);
if (*i == secTypeNone) os->flush();
state_ = RFBSTATE_SECURITY;
- ssecurity = security.GetSSecurity(*i);
+ ssecurity = security.GetSSecurity(this, *i);
processSecurityMsg();
return;
}
@@ -199,7 +199,7 @@ void SConnection::processSecurityType(int secType)
try {
state_ = RFBSTATE_SECURITY;
- ssecurity = security.GetSSecurity(secType);
+ ssecurity = security.GetSSecurity(this, secType);
} catch (rdr::Exception& e) {
throwConnFailedException("%s", e.str());
}
@@ -211,7 +211,7 @@ void SConnection::processSecurityMsg()
{
vlog.debug("processing security message");
try {
- bool done = ssecurity->processMsg(this);
+ bool done = ssecurity->processMsg();
if (done) {
state_ = RFBSTATE_QUERYING;
setAccessRights(ssecurity->getAccessRights());
diff --git a/common/rfb/SSecurity.h b/common/rfb/SSecurity.h
index 0280574d..8ae7902c 100644
--- a/common/rfb/SSecurity.h
+++ b/common/rfb/SSecurity.h
@@ -52,8 +52,9 @@ namespace rfb {
class SSecurity {
public:
+ SSecurity(SConnection* sc) { this->sc = sc; }
virtual ~SSecurity() {}
- virtual bool processMsg(SConnection* sc)=0;
+ virtual bool processMsg() = 0;
virtual int getType() const = 0;
// getUserName() gets the name of the user attempting authentication. The
@@ -63,6 +64,9 @@ namespace rfb {
virtual const char* getUserName() const = 0;
virtual SConnection::AccessRights getAccessRights() const { return SConnection::AccessDefault; }
+
+ protected:
+ SConnection* sc;
};
}
diff --git a/common/rfb/SSecurityNone.h b/common/rfb/SSecurityNone.h
index 5c19f290..f14d83a4 100644
--- a/common/rfb/SSecurityNone.h
+++ b/common/rfb/SSecurityNone.h
@@ -28,7 +28,8 @@ namespace rfb {
class SSecurityNone : public SSecurity {
public:
- virtual bool processMsg(SConnection* sc) { return true; }
+ SSecurityNone(SConnection* sc) : SSecurity(sc) {}
+ virtual bool processMsg() { return true; }
virtual int getType() const {return secTypeNone;}
virtual const char* getUserName() const {return 0;}
};
diff --git a/common/rfb/SSecurityPlain.cxx b/common/rfb/SSecurityPlain.cxx
index fc9dff23..6d48b65c 100644
--- a/common/rfb/SSecurityPlain.cxx
+++ b/common/rfb/SSecurityPlain.cxx
@@ -60,7 +60,7 @@ bool PasswordValidator::validUser(const char* username)
return false;
}
-SSecurityPlain::SSecurityPlain()
+SSecurityPlain::SSecurityPlain(SConnection* sc) : SSecurity(sc)
{
#ifdef HAVE_PAM
valid = new UnixPasswordValidator();
@@ -73,7 +73,7 @@ SSecurityPlain::SSecurityPlain()
state = 0;
}
-bool SSecurityPlain::processMsg(SConnection* sc)
+bool SSecurityPlain::processMsg()
{
rdr::InStream* is = sc->getInStream();
char* pw;
diff --git a/common/rfb/SSecurityPlain.h b/common/rfb/SSecurityPlain.h
index 4bf42b74..4b12da05 100644
--- a/common/rfb/SSecurityPlain.h
+++ b/common/rfb/SSecurityPlain.h
@@ -47,8 +47,8 @@ namespace rfb {
class SSecurityPlain : public SSecurity {
public:
- SSecurityPlain();
- virtual bool processMsg(SConnection* sc);
+ SSecurityPlain(SConnection* sc);
+ virtual bool processMsg();
virtual int getType() const { return secTypePlain; };
virtual const char* getUserName() const { return username.buf; }
diff --git a/common/rfb/SSecurityStack.cxx b/common/rfb/SSecurityStack.cxx
index 478ce4f6..74509e71 100644
--- a/common/rfb/SSecurityStack.cxx
+++ b/common/rfb/SSecurityStack.cxx
@@ -20,8 +20,11 @@
using namespace rfb;
-SSecurityStack::SSecurityStack(int Type, SSecurity* s0, SSecurity* s1)
- :state(0), state0(s0), state1(s1), type(Type) {}
+SSecurityStack::SSecurityStack(SConnection* sc, int Type,
+ SSecurity* s0, SSecurity* s1)
+ : SSecurity(sc), state(0), state0(s0), state1(s1), type(Type)
+{
+}
SSecurityStack::~SSecurityStack()
{
@@ -31,13 +34,13 @@ SSecurityStack::~SSecurityStack()
delete state1;
}
-bool SSecurityStack::processMsg(SConnection* cc)
+bool SSecurityStack::processMsg()
{
bool res = true;
if (state == 0) {
if (state0)
- res = state0->processMsg(cc);
+ res = state0->processMsg();
if (!res)
return res;
state++;
@@ -45,7 +48,7 @@ bool SSecurityStack::processMsg(SConnection* cc)
if (state == 1) {
if (state1)
- res = state1->processMsg(cc);
+ res = state1->processMsg();
if (!res)
return res;
state++;
diff --git a/common/rfb/SSecurityStack.h b/common/rfb/SSecurityStack.h
index dd743d28..8b412bdf 100644
--- a/common/rfb/SSecurityStack.h
+++ b/common/rfb/SSecurityStack.h
@@ -26,9 +26,10 @@ namespace rfb {
class SSecurityStack : public SSecurity {
public:
- SSecurityStack(int Type, SSecurity* s0 = 0, SSecurity* s1 = 0);
+ SSecurityStack(SConnection* sc, int Type,
+ SSecurity* s0 = NULL, SSecurity* s1 = NULL);
~SSecurityStack();
- virtual bool processMsg(SConnection* cc);
+ virtual bool processMsg();
virtual int getType() const { return type; };
virtual const char* getUserName() const;
virtual SConnection::AccessRights getAccessRights() const;
diff --git a/common/rfb/SSecurityTLS.cxx b/common/rfb/SSecurityTLS.cxx
index 5576a060..72b83db6 100644
--- a/common/rfb/SSecurityTLS.cxx
+++ b/common/rfb/SSecurityTLS.cxx
@@ -49,9 +49,9 @@ StringParameter SSecurityTLS::X509_KeyFile
static LogWriter vlog("TLS");
-SSecurityTLS::SSecurityTLS(bool _anon) : session(0), dh_params(0),
- anon_cred(0), cert_cred(0),
- anon(_anon), fis(0), fos(0)
+SSecurityTLS::SSecurityTLS(SConnection* sc, bool _anon)
+ : SSecurity(sc), session(NULL), dh_params(NULL), anon_cred(NULL),
+ cert_cred(NULL), anon(_anon), fis(NULL), fos(NULL)
{
certfile = X509_CertFile.getData();
keyfile = X509_KeyFile.getData();
@@ -106,7 +106,7 @@ SSecurityTLS::~SSecurityTLS()
gnutls_global_deinit();
}
-bool SSecurityTLS::processMsg(SConnection *sc)
+bool SSecurityTLS::processMsg()
{
rdr::InStream* is = sc->getInStream();
rdr::OutStream* os = sc->getOutStream();
diff --git a/common/rfb/SSecurityTLS.h b/common/rfb/SSecurityTLS.h
index 30242a24..e137b280 100644
--- a/common/rfb/SSecurityTLS.h
+++ b/common/rfb/SSecurityTLS.h
@@ -40,9 +40,9 @@ namespace rfb {
class SSecurityTLS : public SSecurity {
public:
- SSecurityTLS(bool _anon);
+ SSecurityTLS(SConnection* sc, bool _anon);
virtual ~SSecurityTLS();
- virtual bool processMsg(SConnection* sc);
+ virtual bool processMsg();
virtual const char* getUserName() const {return 0;}
virtual int getType() const { return anon ? secTypeTLSNone : secTypeX509None;}
diff --git a/common/rfb/SSecurityVeNCrypt.cxx b/common/rfb/SSecurityVeNCrypt.cxx
index ce6c71ba..d522ef6f 100644
--- a/common/rfb/SSecurityVeNCrypt.cxx
+++ b/common/rfb/SSecurityVeNCrypt.cxx
@@ -38,7 +38,8 @@ using namespace std;
static LogWriter vlog("SVeNCrypt");
-SSecurityVeNCrypt::SSecurityVeNCrypt(SecurityServer *sec) : security(sec)
+SSecurityVeNCrypt::SSecurityVeNCrypt(SConnection* sc, SecurityServer *sec)
+ : SSecurity(sc), security(sec)
{
ssecurity = NULL;
haveSentVersion = false;
@@ -63,7 +64,7 @@ SSecurityVeNCrypt::~SSecurityVeNCrypt()
}
}
-bool SSecurityVeNCrypt::processMsg(SConnection* sc)
+bool SSecurityVeNCrypt::processMsg()
{
rdr::InStream* is = sc->getInStream();
rdr::OutStream* os = sc->getOutStream();
@@ -166,11 +167,11 @@ bool SSecurityVeNCrypt::processMsg(SConnection* sc)
if (chosenType == secTypeInvalid || chosenType == secTypeVeNCrypt)
throw AuthFailureException("No valid VeNCrypt sub-type");
- ssecurity = security->GetSSecurity(chosenType);
+ ssecurity = security->GetSSecurity(sc, chosenType);
}
/* continue processing the messages */
- return ssecurity->processMsg(sc);
+ return ssecurity->processMsg();
}
const char* SSecurityVeNCrypt::getUserName() const
diff --git a/common/rfb/SSecurityVeNCrypt.h b/common/rfb/SSecurityVeNCrypt.h
index f9c753f0..06758b88 100644
--- a/common/rfb/SSecurityVeNCrypt.h
+++ b/common/rfb/SSecurityVeNCrypt.h
@@ -36,9 +36,9 @@ namespace rfb {
class SSecurityVeNCrypt : public SSecurity {
public:
- SSecurityVeNCrypt(SecurityServer *sec);
+ SSecurityVeNCrypt(SConnection* sc, SecurityServer *sec);
~SSecurityVeNCrypt();
- virtual bool processMsg(SConnection* sc);// { return true; }
+ virtual bool processMsg();
virtual int getType() const { return chosenType; }
virtual const char* getUserName() const;
virtual SConnection::AccessRights getAccessRights() const;
diff --git a/common/rfb/SSecurityVncAuth.cxx b/common/rfb/SSecurityVncAuth.cxx
index 05488f67..882f0b08 100644
--- a/common/rfb/SSecurityVncAuth.cxx
+++ b/common/rfb/SSecurityVncAuth.cxx
@@ -48,8 +48,9 @@ VncAuthPasswdParameter SSecurityVncAuth::vncAuthPasswd
("Password", "Obfuscated binary encoding of the password which clients must supply to "
"access the server", &SSecurityVncAuth::vncAuthPasswdFile);
-SSecurityVncAuth::SSecurityVncAuth(void)
- : sentChallenge(false), responsePos(0), pg(&vncAuthPasswd), accessRights(0)
+SSecurityVncAuth::SSecurityVncAuth(SConnection* sc)
+ : SSecurity(sc), sentChallenge(false), responsePos(0),
+ pg(&vncAuthPasswd), accessRights(0)
{
}
@@ -70,7 +71,7 @@ bool SSecurityVncAuth::verifyResponse(const PlainPasswd &password)
return memcmp(response, expectedResponse, vncAuthChallengeSize) == 0;
}
-bool SSecurityVncAuth::processMsg(SConnection* sc)
+bool SSecurityVncAuth::processMsg()
{
rdr::InStream* is = sc->getInStream();
rdr::OutStream* os = sc->getOutStream();
diff --git a/common/rfb/SSecurityVncAuth.h b/common/rfb/SSecurityVncAuth.h
index a1d17472..fe00b031 100644
--- a/common/rfb/SSecurityVncAuth.h
+++ b/common/rfb/SSecurityVncAuth.h
@@ -51,8 +51,8 @@ namespace rfb {
class SSecurityVncAuth : public SSecurity {
public:
- SSecurityVncAuth(void);
- virtual bool processMsg(SConnection* sc);
+ SSecurityVncAuth(SConnection* sc);
+ virtual bool processMsg();
virtual int getType() const {return secTypeVncAuth;}
virtual const char* getUserName() const {return 0;}
virtual SConnection::AccessRights getAccessRights() const { return accessRights; }
diff --git a/common/rfb/SecurityClient.cxx b/common/rfb/SecurityClient.cxx
index 9bd780fc..23c1d67c 100644
--- a/common/rfb/SecurityClient.cxx
+++ b/common/rfb/SecurityClient.cxx
@@ -55,7 +55,7 @@ StringParameter SecurityClient::secTypes
#endif
ConfViewer);
-CSecurity* SecurityClient::GetCSecurity(U32 secType)
+CSecurity* SecurityClient::GetCSecurity(CConnection* cc, U32 secType)
{
assert (CSecurity::upg != NULL); /* (upg == NULL) means bug in the viewer */
#ifdef HAVE_GNUTLS
@@ -66,29 +66,39 @@ CSecurity* SecurityClient::GetCSecurity(U32 secType)
goto bail;
switch (secType) {
- case secTypeNone: return new CSecurityNone();
- case secTypeVncAuth: return new CSecurityVncAuth();
- case secTypeVeNCrypt: return new CSecurityVeNCrypt(this);
- case secTypePlain: return new CSecurityPlain();
+ case secTypeNone: return new CSecurityNone(cc);
+ case secTypeVncAuth: return new CSecurityVncAuth(cc);
+ case secTypeVeNCrypt: return new CSecurityVeNCrypt(cc, this);
+ case secTypePlain: return new CSecurityPlain(cc);
#ifdef HAVE_GNUTLS
case secTypeTLSNone:
- return new CSecurityStack(secTypeTLSNone, "TLS with no password",
- new CSecurityTLS(true));
+ return new CSecurityStack(cc, secTypeTLSNone,
+ "TLS with no password",
+ new CSecurityTLS(cc, true));
case secTypeTLSVnc:
- return new CSecurityStack(secTypeTLSVnc, "TLS with VNCAuth",
- new CSecurityTLS(true), new CSecurityVncAuth());
+ return new CSecurityStack(cc, secTypeTLSVnc,
+ "TLS with VNCAuth",
+ new CSecurityTLS(cc, true),
+ new CSecurityVncAuth(cc));
case secTypeTLSPlain:
- return new CSecurityStack(secTypeTLSPlain, "TLS with Username/Password",
- new CSecurityTLS(true), new CSecurityPlain());
+ return new CSecurityStack(cc, secTypeTLSPlain,
+ "TLS with Username/Password",
+ new CSecurityTLS(cc, true),
+ new CSecurityPlain(cc));
case secTypeX509None:
- return new CSecurityStack(secTypeX509None, "X509 with no password",
- new CSecurityTLS(false));
+ return new CSecurityStack(cc, secTypeX509None,
+ "X509 with no password",
+ new CSecurityTLS(cc, false));
case secTypeX509Vnc:
- return new CSecurityStack(secTypeX509Vnc, "X509 with VNCAuth",
- new CSecurityTLS(false), new CSecurityVncAuth());
+ return new CSecurityStack(cc, secTypeX509Vnc,
+ "X509 with VNCAuth",
+ new CSecurityTLS(cc, false),
+ new CSecurityVncAuth(cc));
case secTypeX509Plain:
- return new CSecurityStack(secTypeX509Plain, "X509 with Username/Password",
- new CSecurityTLS(false), new CSecurityPlain());
+ return new CSecurityStack(cc, secTypeX509Plain,
+ "X509 with Username/Password",
+ new CSecurityTLS(cc, false),
+ new CSecurityPlain(cc));
#endif
}
diff --git a/common/rfb/SecurityClient.h b/common/rfb/SecurityClient.h
index b8ad8315..3074a876 100644
--- a/common/rfb/SecurityClient.h
+++ b/common/rfb/SecurityClient.h
@@ -33,7 +33,7 @@ namespace rfb {
SecurityClient(void) : Security(secTypes) {}
/* Create client side CSecurity class instance */
- CSecurity* GetCSecurity(rdr::U32 secType);
+ CSecurity* GetCSecurity(CConnection* cc, rdr::U32 secType);
static void setDefaults(void);
diff --git a/common/rfb/SecurityServer.cxx b/common/rfb/SecurityServer.cxx
index e0aee137..97b133c7 100644
--- a/common/rfb/SecurityServer.cxx
+++ b/common/rfb/SecurityServer.cxx
@@ -49,29 +49,29 @@ StringParameter SecurityServer::secTypes
#endif
ConfServer);
-SSecurity* SecurityServer::GetSSecurity(U32 secType)
+SSecurity* SecurityServer::GetSSecurity(SConnection* sc, U32 secType)
{
if (!IsSupported(secType))
goto bail;
switch (secType) {
- case secTypeNone: return new SSecurityNone();
- case secTypeVncAuth: return new SSecurityVncAuth();
- case secTypeVeNCrypt: return new SSecurityVeNCrypt(this);
- case secTypePlain: return new SSecurityPlain();
+ case secTypeNone: return new SSecurityNone(sc);
+ case secTypeVncAuth: return new SSecurityVncAuth(sc);
+ case secTypeVeNCrypt: return new SSecurityVeNCrypt(sc, this);
+ case secTypePlain: return new SSecurityPlain(sc);
#ifdef HAVE_GNUTLS
case secTypeTLSNone:
- return new SSecurityStack(secTypeTLSNone, new SSecurityTLS(true));
+ return new SSecurityStack(sc, secTypeTLSNone, new SSecurityTLS(sc, true));
case secTypeTLSVnc:
- return new SSecurityStack(secTypeTLSVnc, new SSecurityTLS(true), new SSecurityVncAuth());
+ return new SSecurityStack(sc, secTypeTLSVnc, new SSecurityTLS(sc, true), new SSecurityVncAuth(sc));
case secTypeTLSPlain:
- return new SSecurityStack(secTypeTLSPlain, new SSecurityTLS(true), new SSecurityPlain());
+ return new SSecurityStack(sc, secTypeTLSPlain, new SSecurityTLS(sc, true), new SSecurityPlain(sc));
case secTypeX509None:
- return new SSecurityStack(secTypeX509None, new SSecurityTLS(false));
+ return new SSecurityStack(sc, secTypeX509None, new SSecurityTLS(sc, false));
case secTypeX509Vnc:
- return new SSecurityStack(secTypeX509None, new SSecurityTLS(false), new SSecurityVncAuth());
+ return new SSecurityStack(sc, secTypeX509None, new SSecurityTLS(sc, false), new SSecurityVncAuth(sc));
case secTypeX509Plain:
- return new SSecurityStack(secTypeX509Plain, new SSecurityTLS(false), new SSecurityPlain());
+ return new SSecurityStack(sc, secTypeX509Plain, new SSecurityTLS(sc, false), new SSecurityPlain(sc));
#endif
}
diff --git a/common/rfb/SecurityServer.h b/common/rfb/SecurityServer.h
index 019d67fc..354f6420 100644
--- a/common/rfb/SecurityServer.h
+++ b/common/rfb/SecurityServer.h
@@ -24,7 +24,8 @@
#include <rfb/Security.h>
namespace rfb {
-
+
+ class SConnection;
class SSecurity;
class SecurityServer : public Security {
@@ -32,7 +33,7 @@ namespace rfb {
SecurityServer(void) : Security(secTypes) {}
/* Create server side SSecurity class instance */
- SSecurity* GetSSecurity(rdr::U32 secType);
+ SSecurity* GetSSecurity(SConnection* sc, rdr::U32 secType);
static StringParameter secTypes;
};