diff options
author | Pierre Ossman <ossman@cendio.se> | 2018-09-21 15:31:11 +0200 |
---|---|---|
committer | Pierre Ossman <ossman@cendio.se> | 2018-09-21 15:59:46 +0200 |
commit | ad2b3c4aa3db056b83f5d91564400e03f3239835 (patch) | |
tree | a81ce066072a3c5db0665e4e522d3fbfd1c221ea | |
parent | 50aaed49b67e451cad63b3846989d13f083aad0a (diff) | |
download | tigervnc-ad2b3c4aa3db056b83f5d91564400e03f3239835.tar.gz tigervnc-ad2b3c4aa3db056b83f5d91564400e03f3239835.zip |
Strongly bind security objects to connection object
There is already an implicit connection between them, so let's make
it explicit. This allows easy lookup outside of the processMsg() function.
30 files changed, 123 insertions, 93 deletions
diff --git a/common/rfb/CConnection.cxx b/common/rfb/CConnection.cxx index d7a9d852..fb953775 100644 --- a/common/rfb/CConnection.cxx +++ b/common/rfb/CConnection.cxx @@ -235,14 +235,14 @@ void CConnection::processSecurityTypesMsg() } state_ = RFBSTATE_SECURITY; - csecurity = security.GetCSecurity(secType); + csecurity = security.GetCSecurity(this, secType); processSecurityMsg(); } void CConnection::processSecurityMsg() { vlog.debug("processing security message"); - if (csecurity->processMsg(this)) { + if (csecurity->processMsg()) { state_ = RFBSTATE_SECURITY_RESULT; processSecurityResultMsg(); } diff --git a/common/rfb/CSecurity.h b/common/rfb/CSecurity.h index 4bf4b38e..2e703c6d 100644 --- a/common/rfb/CSecurity.h +++ b/common/rfb/CSecurity.h @@ -44,8 +44,9 @@ namespace rfb { class CConnection; class CSecurity { public: + CSecurity(CConnection* cc) { this->cc = cc; } virtual ~CSecurity() {} - virtual bool processMsg(CConnection* cc)=0; + virtual bool processMsg() = 0; virtual int getType() const = 0; virtual const char* description() const = 0; virtual bool isSecure() const { return false; } @@ -55,6 +56,9 @@ namespace rfb { * It MUST be set by viewer. */ static UserPasswdGetter *upg; + + protected: + CConnection* cc; }; } #endif diff --git a/common/rfb/CSecurityNone.h b/common/rfb/CSecurityNone.h index a7db6e03..d07815f6 100644 --- a/common/rfb/CSecurityNone.h +++ b/common/rfb/CSecurityNone.h @@ -29,7 +29,8 @@ namespace rfb { class CSecurityNone : public CSecurity { public: - virtual bool processMsg(CConnection* cc) { return true; } + CSecurityNone(CConnection* cc) : CSecurity(cc) {} + virtual bool processMsg() { return true; } virtual int getType() const {return secTypeNone;} virtual const char* description() const {return "No Encryption";} }; diff --git a/common/rfb/CSecurityPlain.cxx b/common/rfb/CSecurityPlain.cxx index 8e383c31..b2fb7364 100644 --- a/common/rfb/CSecurityPlain.cxx +++ b/common/rfb/CSecurityPlain.cxx @@ -26,7 +26,7 @@ using namespace rfb; -bool CSecurityPlain::processMsg(CConnection* cc) +bool CSecurityPlain::processMsg() { rdr::OutStream* os = cc->getOutStream(); diff --git a/common/rfb/CSecurityPlain.h b/common/rfb/CSecurityPlain.h index fb0d7a5f..4ea8c9d4 100644 --- a/common/rfb/CSecurityPlain.h +++ b/common/rfb/CSecurityPlain.h @@ -26,8 +26,8 @@ namespace rfb { class CSecurityPlain : public CSecurity { public: - CSecurityPlain() {} - virtual bool processMsg(CConnection* cc); + CSecurityPlain(CConnection* cc) : CSecurity(cc) {} + virtual bool processMsg(); virtual int getType() const { return secTypePlain; } virtual const char* description() const { return "ask for username and password"; } }; diff --git a/common/rfb/CSecurityStack.cxx b/common/rfb/CSecurityStack.cxx index 47c3f6db..55f3133e 100644 --- a/common/rfb/CSecurityStack.cxx +++ b/common/rfb/CSecurityStack.cxx @@ -21,9 +21,9 @@ using namespace rfb; -CSecurityStack::CSecurityStack(int Type, const char*Name, CSecurity* s0, - CSecurity* s1) - :name(Name),type(Type) +CSecurityStack::CSecurityStack(CConnection* cc, int Type, const char* Name, + CSecurity* s0, CSecurity* s1) + : CSecurity(cc), name(Name), type(Type) { state = 0; state0 = s0; @@ -38,12 +38,12 @@ CSecurityStack::~CSecurityStack() delete state1; } -bool CSecurityStack::processMsg(CConnection* cc) +bool CSecurityStack::processMsg() { bool res=true; if (state == 0) { if (state0) - res = state0->processMsg(cc); + res = state0->processMsg(); if (!res) return res; @@ -53,7 +53,7 @@ bool CSecurityStack::processMsg(CConnection* cc) if (state == 1) { if(state1) - res = state1->processMsg(cc); + res = state1->processMsg(); if(!res) return res; diff --git a/common/rfb/CSecurityStack.h b/common/rfb/CSecurityStack.h index a16003f0..4be507ec 100644 --- a/common/rfb/CSecurityStack.h +++ b/common/rfb/CSecurityStack.h @@ -27,9 +27,10 @@ namespace rfb { class CSecurityStack : public CSecurity { public: - CSecurityStack(int Type, const char *Name, CSecurity* s0 = 0, CSecurity* s1 = 0); + CSecurityStack(CConnection* cc, int Type, const char *Name, + CSecurity* s0 = NULL, CSecurity* s1 = NULL); ~CSecurityStack(); - virtual bool processMsg(CConnection* cc); + virtual bool processMsg(); virtual int getType() const {return type;}; virtual const char* description() const {return name;} virtual bool isSecure() const; diff --git a/common/rfb/CSecurityTLS.cxx b/common/rfb/CSecurityTLS.cxx index c90f49ec..b943c106 100644 --- a/common/rfb/CSecurityTLS.cxx +++ b/common/rfb/CSecurityTLS.cxx @@ -67,8 +67,9 @@ StringParameter CSecurityTLS::X509CRL("X509CRL", "X509 CRL file", "", ConfViewer static LogWriter vlog("TLS"); -CSecurityTLS::CSecurityTLS(bool _anon) : session(0), anon_cred(0), - cert_cred(0), anon(_anon), fis(0), fos(0) +CSecurityTLS::CSecurityTLS(CConnection* cc, bool _anon) + : CSecurity(cc), session(NULL), anon_cred(NULL), cert_cred(NULL), + anon(_anon), fis(NULL), fos(NULL) { cafile = X509CA.getData(); crlfile = X509CRL.getData(); @@ -137,7 +138,7 @@ CSecurityTLS::~CSecurityTLS() gnutls_global_deinit(); } -bool CSecurityTLS::processMsg(CConnection* cc) +bool CSecurityTLS::processMsg() { rdr::InStream* is = cc->getInStream(); rdr::OutStream* os = cc->getOutStream(); diff --git a/common/rfb/CSecurityTLS.h b/common/rfb/CSecurityTLS.h index e726d1e9..6791a4ad 100644 --- a/common/rfb/CSecurityTLS.h +++ b/common/rfb/CSecurityTLS.h @@ -42,9 +42,9 @@ namespace rfb { class UserMsgBox; class CSecurityTLS : public CSecurity { public: - CSecurityTLS(bool _anon); + CSecurityTLS(CConnection* cc, bool _anon); virtual ~CSecurityTLS(); - virtual bool processMsg(CConnection* cc); + virtual bool processMsg(); virtual int getType() const { return anon ? secTypeTLSNone : secTypeX509None; } virtual const char* description() const { return anon ? "TLS Encryption without VncAuth" : "X509 Encryption without VncAuth"; } diff --git a/common/rfb/CSecurityVeNCrypt.cxx b/common/rfb/CSecurityVeNCrypt.cxx index f9597cc7..22201dd2 100644 --- a/common/rfb/CSecurityVeNCrypt.cxx +++ b/common/rfb/CSecurityVeNCrypt.cxx @@ -36,7 +36,8 @@ using namespace std; static LogWriter vlog("CVeNCrypt"); -CSecurityVeNCrypt::CSecurityVeNCrypt(SecurityClient* sec) : csecurity(NULL), security(sec) +CSecurityVeNCrypt::CSecurityVeNCrypt(CConnection* cc, SecurityClient* sec) + : CSecurity(cc), csecurity(NULL), security(sec) { haveRecvdMajorVersion = false; haveRecvdMinorVersion = false; @@ -59,7 +60,7 @@ CSecurityVeNCrypt::~CSecurityVeNCrypt() delete[] availableTypes; } -bool CSecurityVeNCrypt::processMsg(CConnection* cc) +bool CSecurityVeNCrypt::processMsg() { InStream* is = cc->getInStream(); OutStream* os = cc->getOutStream(); @@ -171,7 +172,7 @@ bool CSecurityVeNCrypt::processMsg(CConnection* cc) if (chosenType == secTypeInvalid || chosenType == secTypeVeNCrypt) throw AuthFailureException("No valid VeNCrypt sub-type"); - csecurity = security->GetCSecurity(chosenType); + csecurity = security->GetCSecurity(cc, chosenType); /* send chosen type to server */ os->writeU32(chosenType); @@ -188,7 +189,7 @@ bool CSecurityVeNCrypt::processMsg(CConnection* cc) throw AuthFailureException("The server reported 0 VeNCrypt sub-types"); } - return csecurity->processMsg(cc); + return csecurity->processMsg(); } const char* CSecurityVeNCrypt::description() const diff --git a/common/rfb/CSecurityVeNCrypt.h b/common/rfb/CSecurityVeNCrypt.h index 6d978c75..d015e8f2 100644 --- a/common/rfb/CSecurityVeNCrypt.h +++ b/common/rfb/CSecurityVeNCrypt.h @@ -34,9 +34,9 @@ namespace rfb { class CSecurityVeNCrypt : public CSecurity { public: - CSecurityVeNCrypt(SecurityClient* sec); + CSecurityVeNCrypt(CConnection* cc, SecurityClient* sec); ~CSecurityVeNCrypt(); - virtual bool processMsg(CConnection* cc);// { return true; } + virtual bool processMsg(); int getType() const {return chosenType;} virtual const char* description() const; virtual bool isSecure() const; diff --git a/common/rfb/CSecurityVncAuth.cxx b/common/rfb/CSecurityVncAuth.cxx index 46463e0a..6a87498c 100644 --- a/common/rfb/CSecurityVncAuth.cxx +++ b/common/rfb/CSecurityVncAuth.cxx @@ -40,7 +40,7 @@ using namespace rfb; static const int vncAuthChallengeSize = 16; -bool CSecurityVncAuth::processMsg(CConnection* cc) +bool CSecurityVncAuth::processMsg() { rdr::InStream* is = cc->getInStream(); rdr::OutStream* os = cc->getOutStream(); diff --git a/common/rfb/CSecurityVncAuth.h b/common/rfb/CSecurityVncAuth.h index 391ed236..2da98177 100644 --- a/common/rfb/CSecurityVncAuth.h +++ b/common/rfb/CSecurityVncAuth.h @@ -25,9 +25,9 @@ namespace rfb { class CSecurityVncAuth : public CSecurity { public: - CSecurityVncAuth(void) {} + CSecurityVncAuth(CConnection* cc) : CSecurity(cc) {} virtual ~CSecurityVncAuth() {} - virtual bool processMsg(CConnection* cc); + virtual bool processMsg(); virtual int getType() const {return secTypeVncAuth;}; virtual const char* description() const {return "No Encryption";} }; diff --git a/common/rfb/SConnection.cxx b/common/rfb/SConnection.cxx index ae43254d..efc26acf 100644 --- a/common/rfb/SConnection.cxx +++ b/common/rfb/SConnection.cxx @@ -156,7 +156,7 @@ void SConnection::processVersionMsg() os->writeU32(*i); if (*i == secTypeNone) os->flush(); state_ = RFBSTATE_SECURITY; - ssecurity = security.GetSSecurity(*i); + ssecurity = security.GetSSecurity(this, *i); processSecurityMsg(); return; } @@ -199,7 +199,7 @@ void SConnection::processSecurityType(int secType) try { state_ = RFBSTATE_SECURITY; - ssecurity = security.GetSSecurity(secType); + ssecurity = security.GetSSecurity(this, secType); } catch (rdr::Exception& e) { throwConnFailedException("%s", e.str()); } @@ -211,7 +211,7 @@ void SConnection::processSecurityMsg() { vlog.debug("processing security message"); try { - bool done = ssecurity->processMsg(this); + bool done = ssecurity->processMsg(); if (done) { state_ = RFBSTATE_QUERYING; setAccessRights(ssecurity->getAccessRights()); diff --git a/common/rfb/SSecurity.h b/common/rfb/SSecurity.h index 0280574d..8ae7902c 100644 --- a/common/rfb/SSecurity.h +++ b/common/rfb/SSecurity.h @@ -52,8 +52,9 @@ namespace rfb { class SSecurity { public: + SSecurity(SConnection* sc) { this->sc = sc; } virtual ~SSecurity() {} - virtual bool processMsg(SConnection* sc)=0; + virtual bool processMsg() = 0; virtual int getType() const = 0; // getUserName() gets the name of the user attempting authentication. The @@ -63,6 +64,9 @@ namespace rfb { virtual const char* getUserName() const = 0; virtual SConnection::AccessRights getAccessRights() const { return SConnection::AccessDefault; } + + protected: + SConnection* sc; }; } diff --git a/common/rfb/SSecurityNone.h b/common/rfb/SSecurityNone.h index 5c19f290..f14d83a4 100644 --- a/common/rfb/SSecurityNone.h +++ b/common/rfb/SSecurityNone.h @@ -28,7 +28,8 @@ namespace rfb { class SSecurityNone : public SSecurity { public: - virtual bool processMsg(SConnection* sc) { return true; } + SSecurityNone(SConnection* sc) : SSecurity(sc) {} + virtual bool processMsg() { return true; } virtual int getType() const {return secTypeNone;} virtual const char* getUserName() const {return 0;} }; diff --git a/common/rfb/SSecurityPlain.cxx b/common/rfb/SSecurityPlain.cxx index fc9dff23..6d48b65c 100644 --- a/common/rfb/SSecurityPlain.cxx +++ b/common/rfb/SSecurityPlain.cxx @@ -60,7 +60,7 @@ bool PasswordValidator::validUser(const char* username) return false; } -SSecurityPlain::SSecurityPlain() +SSecurityPlain::SSecurityPlain(SConnection* sc) : SSecurity(sc) { #ifdef HAVE_PAM valid = new UnixPasswordValidator(); @@ -73,7 +73,7 @@ SSecurityPlain::SSecurityPlain() state = 0; } -bool SSecurityPlain::processMsg(SConnection* sc) +bool SSecurityPlain::processMsg() { rdr::InStream* is = sc->getInStream(); char* pw; diff --git a/common/rfb/SSecurityPlain.h b/common/rfb/SSecurityPlain.h index 4bf42b74..4b12da05 100644 --- a/common/rfb/SSecurityPlain.h +++ b/common/rfb/SSecurityPlain.h @@ -47,8 +47,8 @@ namespace rfb { class SSecurityPlain : public SSecurity { public: - SSecurityPlain(); - virtual bool processMsg(SConnection* sc); + SSecurityPlain(SConnection* sc); + virtual bool processMsg(); virtual int getType() const { return secTypePlain; }; virtual const char* getUserName() const { return username.buf; } diff --git a/common/rfb/SSecurityStack.cxx b/common/rfb/SSecurityStack.cxx index 478ce4f6..74509e71 100644 --- a/common/rfb/SSecurityStack.cxx +++ b/common/rfb/SSecurityStack.cxx @@ -20,8 +20,11 @@ using namespace rfb; -SSecurityStack::SSecurityStack(int Type, SSecurity* s0, SSecurity* s1) - :state(0), state0(s0), state1(s1), type(Type) {} +SSecurityStack::SSecurityStack(SConnection* sc, int Type, + SSecurity* s0, SSecurity* s1) + : SSecurity(sc), state(0), state0(s0), state1(s1), type(Type) +{ +} SSecurityStack::~SSecurityStack() { @@ -31,13 +34,13 @@ SSecurityStack::~SSecurityStack() delete state1; } -bool SSecurityStack::processMsg(SConnection* cc) +bool SSecurityStack::processMsg() { bool res = true; if (state == 0) { if (state0) - res = state0->processMsg(cc); + res = state0->processMsg(); if (!res) return res; state++; @@ -45,7 +48,7 @@ bool SSecurityStack::processMsg(SConnection* cc) if (state == 1) { if (state1) - res = state1->processMsg(cc); + res = state1->processMsg(); if (!res) return res; state++; diff --git a/common/rfb/SSecurityStack.h b/common/rfb/SSecurityStack.h index dd743d28..8b412bdf 100644 --- a/common/rfb/SSecurityStack.h +++ b/common/rfb/SSecurityStack.h @@ -26,9 +26,10 @@ namespace rfb { class SSecurityStack : public SSecurity { public: - SSecurityStack(int Type, SSecurity* s0 = 0, SSecurity* s1 = 0); + SSecurityStack(SConnection* sc, int Type, + SSecurity* s0 = NULL, SSecurity* s1 = NULL); ~SSecurityStack(); - virtual bool processMsg(SConnection* cc); + virtual bool processMsg(); virtual int getType() const { return type; }; virtual const char* getUserName() const; virtual SConnection::AccessRights getAccessRights() const; diff --git a/common/rfb/SSecurityTLS.cxx b/common/rfb/SSecurityTLS.cxx index 5576a060..72b83db6 100644 --- a/common/rfb/SSecurityTLS.cxx +++ b/common/rfb/SSecurityTLS.cxx @@ -49,9 +49,9 @@ StringParameter SSecurityTLS::X509_KeyFile static LogWriter vlog("TLS"); -SSecurityTLS::SSecurityTLS(bool _anon) : session(0), dh_params(0), - anon_cred(0), cert_cred(0), - anon(_anon), fis(0), fos(0) +SSecurityTLS::SSecurityTLS(SConnection* sc, bool _anon) + : SSecurity(sc), session(NULL), dh_params(NULL), anon_cred(NULL), + cert_cred(NULL), anon(_anon), fis(NULL), fos(NULL) { certfile = X509_CertFile.getData(); keyfile = X509_KeyFile.getData(); @@ -106,7 +106,7 @@ SSecurityTLS::~SSecurityTLS() gnutls_global_deinit(); } -bool SSecurityTLS::processMsg(SConnection *sc) +bool SSecurityTLS::processMsg() { rdr::InStream* is = sc->getInStream(); rdr::OutStream* os = sc->getOutStream(); diff --git a/common/rfb/SSecurityTLS.h b/common/rfb/SSecurityTLS.h index 30242a24..e137b280 100644 --- a/common/rfb/SSecurityTLS.h +++ b/common/rfb/SSecurityTLS.h @@ -40,9 +40,9 @@ namespace rfb { class SSecurityTLS : public SSecurity { public: - SSecurityTLS(bool _anon); + SSecurityTLS(SConnection* sc, bool _anon); virtual ~SSecurityTLS(); - virtual bool processMsg(SConnection* sc); + virtual bool processMsg(); virtual const char* getUserName() const {return 0;} virtual int getType() const { return anon ? secTypeTLSNone : secTypeX509None;} diff --git a/common/rfb/SSecurityVeNCrypt.cxx b/common/rfb/SSecurityVeNCrypt.cxx index ce6c71ba..d522ef6f 100644 --- a/common/rfb/SSecurityVeNCrypt.cxx +++ b/common/rfb/SSecurityVeNCrypt.cxx @@ -38,7 +38,8 @@ using namespace std; static LogWriter vlog("SVeNCrypt"); -SSecurityVeNCrypt::SSecurityVeNCrypt(SecurityServer *sec) : security(sec) +SSecurityVeNCrypt::SSecurityVeNCrypt(SConnection* sc, SecurityServer *sec) + : SSecurity(sc), security(sec) { ssecurity = NULL; haveSentVersion = false; @@ -63,7 +64,7 @@ SSecurityVeNCrypt::~SSecurityVeNCrypt() } } -bool SSecurityVeNCrypt::processMsg(SConnection* sc) +bool SSecurityVeNCrypt::processMsg() { rdr::InStream* is = sc->getInStream(); rdr::OutStream* os = sc->getOutStream(); @@ -166,11 +167,11 @@ bool SSecurityVeNCrypt::processMsg(SConnection* sc) if (chosenType == secTypeInvalid || chosenType == secTypeVeNCrypt) throw AuthFailureException("No valid VeNCrypt sub-type"); - ssecurity = security->GetSSecurity(chosenType); + ssecurity = security->GetSSecurity(sc, chosenType); } /* continue processing the messages */ - return ssecurity->processMsg(sc); + return ssecurity->processMsg(); } const char* SSecurityVeNCrypt::getUserName() const diff --git a/common/rfb/SSecurityVeNCrypt.h b/common/rfb/SSecurityVeNCrypt.h index f9c753f0..06758b88 100644 --- a/common/rfb/SSecurityVeNCrypt.h +++ b/common/rfb/SSecurityVeNCrypt.h @@ -36,9 +36,9 @@ namespace rfb { class SSecurityVeNCrypt : public SSecurity { public: - SSecurityVeNCrypt(SecurityServer *sec); + SSecurityVeNCrypt(SConnection* sc, SecurityServer *sec); ~SSecurityVeNCrypt(); - virtual bool processMsg(SConnection* sc);// { return true; } + virtual bool processMsg(); virtual int getType() const { return chosenType; } virtual const char* getUserName() const; virtual SConnection::AccessRights getAccessRights() const; diff --git a/common/rfb/SSecurityVncAuth.cxx b/common/rfb/SSecurityVncAuth.cxx index 05488f67..882f0b08 100644 --- a/common/rfb/SSecurityVncAuth.cxx +++ b/common/rfb/SSecurityVncAuth.cxx @@ -48,8 +48,9 @@ VncAuthPasswdParameter SSecurityVncAuth::vncAuthPasswd ("Password", "Obfuscated binary encoding of the password which clients must supply to " "access the server", &SSecurityVncAuth::vncAuthPasswdFile); -SSecurityVncAuth::SSecurityVncAuth(void) - : sentChallenge(false), responsePos(0), pg(&vncAuthPasswd), accessRights(0) +SSecurityVncAuth::SSecurityVncAuth(SConnection* sc) + : SSecurity(sc), sentChallenge(false), responsePos(0), + pg(&vncAuthPasswd), accessRights(0) { } @@ -70,7 +71,7 @@ bool SSecurityVncAuth::verifyResponse(const PlainPasswd &password) return memcmp(response, expectedResponse, vncAuthChallengeSize) == 0; } -bool SSecurityVncAuth::processMsg(SConnection* sc) +bool SSecurityVncAuth::processMsg() { rdr::InStream* is = sc->getInStream(); rdr::OutStream* os = sc->getOutStream(); diff --git a/common/rfb/SSecurityVncAuth.h b/common/rfb/SSecurityVncAuth.h index a1d17472..fe00b031 100644 --- a/common/rfb/SSecurityVncAuth.h +++ b/common/rfb/SSecurityVncAuth.h @@ -51,8 +51,8 @@ namespace rfb { class SSecurityVncAuth : public SSecurity { public: - SSecurityVncAuth(void); - virtual bool processMsg(SConnection* sc); + SSecurityVncAuth(SConnection* sc); + virtual bool processMsg(); virtual int getType() const {return secTypeVncAuth;} virtual const char* getUserName() const {return 0;} virtual SConnection::AccessRights getAccessRights() const { return accessRights; } diff --git a/common/rfb/SecurityClient.cxx b/common/rfb/SecurityClient.cxx index 9bd780fc..23c1d67c 100644 --- a/common/rfb/SecurityClient.cxx +++ b/common/rfb/SecurityClient.cxx @@ -55,7 +55,7 @@ StringParameter SecurityClient::secTypes #endif ConfViewer); -CSecurity* SecurityClient::GetCSecurity(U32 secType) +CSecurity* SecurityClient::GetCSecurity(CConnection* cc, U32 secType) { assert (CSecurity::upg != NULL); /* (upg == NULL) means bug in the viewer */ #ifdef HAVE_GNUTLS @@ -66,29 +66,39 @@ CSecurity* SecurityClient::GetCSecurity(U32 secType) goto bail; switch (secType) { - case secTypeNone: return new CSecurityNone(); - case secTypeVncAuth: return new CSecurityVncAuth(); - case secTypeVeNCrypt: return new CSecurityVeNCrypt(this); - case secTypePlain: return new CSecurityPlain(); + case secTypeNone: return new CSecurityNone(cc); + case secTypeVncAuth: return new CSecurityVncAuth(cc); + case secTypeVeNCrypt: return new CSecurityVeNCrypt(cc, this); + case secTypePlain: return new CSecurityPlain(cc); #ifdef HAVE_GNUTLS case secTypeTLSNone: - return new CSecurityStack(secTypeTLSNone, "TLS with no password", - new CSecurityTLS(true)); + return new CSecurityStack(cc, secTypeTLSNone, + "TLS with no password", + new CSecurityTLS(cc, true)); case secTypeTLSVnc: - return new CSecurityStack(secTypeTLSVnc, "TLS with VNCAuth", - new CSecurityTLS(true), new CSecurityVncAuth()); + return new CSecurityStack(cc, secTypeTLSVnc, + "TLS with VNCAuth", + new CSecurityTLS(cc, true), + new CSecurityVncAuth(cc)); case secTypeTLSPlain: - return new CSecurityStack(secTypeTLSPlain, "TLS with Username/Password", - new CSecurityTLS(true), new CSecurityPlain()); + return new CSecurityStack(cc, secTypeTLSPlain, + "TLS with Username/Password", + new CSecurityTLS(cc, true), + new CSecurityPlain(cc)); case secTypeX509None: - return new CSecurityStack(secTypeX509None, "X509 with no password", - new CSecurityTLS(false)); + return new CSecurityStack(cc, secTypeX509None, + "X509 with no password", + new CSecurityTLS(cc, false)); case secTypeX509Vnc: - return new CSecurityStack(secTypeX509Vnc, "X509 with VNCAuth", - new CSecurityTLS(false), new CSecurityVncAuth()); + return new CSecurityStack(cc, secTypeX509Vnc, + "X509 with VNCAuth", + new CSecurityTLS(cc, false), + new CSecurityVncAuth(cc)); case secTypeX509Plain: - return new CSecurityStack(secTypeX509Plain, "X509 with Username/Password", - new CSecurityTLS(false), new CSecurityPlain()); + return new CSecurityStack(cc, secTypeX509Plain, + "X509 with Username/Password", + new CSecurityTLS(cc, false), + new CSecurityPlain(cc)); #endif } diff --git a/common/rfb/SecurityClient.h b/common/rfb/SecurityClient.h index b8ad8315..3074a876 100644 --- a/common/rfb/SecurityClient.h +++ b/common/rfb/SecurityClient.h @@ -33,7 +33,7 @@ namespace rfb { SecurityClient(void) : Security(secTypes) {} /* Create client side CSecurity class instance */ - CSecurity* GetCSecurity(rdr::U32 secType); + CSecurity* GetCSecurity(CConnection* cc, rdr::U32 secType); static void setDefaults(void); diff --git a/common/rfb/SecurityServer.cxx b/common/rfb/SecurityServer.cxx index e0aee137..97b133c7 100644 --- a/common/rfb/SecurityServer.cxx +++ b/common/rfb/SecurityServer.cxx @@ -49,29 +49,29 @@ StringParameter SecurityServer::secTypes #endif ConfServer); -SSecurity* SecurityServer::GetSSecurity(U32 secType) +SSecurity* SecurityServer::GetSSecurity(SConnection* sc, U32 secType) { if (!IsSupported(secType)) goto bail; switch (secType) { - case secTypeNone: return new SSecurityNone(); - case secTypeVncAuth: return new SSecurityVncAuth(); - case secTypeVeNCrypt: return new SSecurityVeNCrypt(this); - case secTypePlain: return new SSecurityPlain(); + case secTypeNone: return new SSecurityNone(sc); + case secTypeVncAuth: return new SSecurityVncAuth(sc); + case secTypeVeNCrypt: return new SSecurityVeNCrypt(sc, this); + case secTypePlain: return new SSecurityPlain(sc); #ifdef HAVE_GNUTLS case secTypeTLSNone: - return new SSecurityStack(secTypeTLSNone, new SSecurityTLS(true)); + return new SSecurityStack(sc, secTypeTLSNone, new SSecurityTLS(sc, true)); case secTypeTLSVnc: - return new SSecurityStack(secTypeTLSVnc, new SSecurityTLS(true), new SSecurityVncAuth()); + return new SSecurityStack(sc, secTypeTLSVnc, new SSecurityTLS(sc, true), new SSecurityVncAuth(sc)); case secTypeTLSPlain: - return new SSecurityStack(secTypeTLSPlain, new SSecurityTLS(true), new SSecurityPlain()); + return new SSecurityStack(sc, secTypeTLSPlain, new SSecurityTLS(sc, true), new SSecurityPlain(sc)); case secTypeX509None: - return new SSecurityStack(secTypeX509None, new SSecurityTLS(false)); + return new SSecurityStack(sc, secTypeX509None, new SSecurityTLS(sc, false)); case secTypeX509Vnc: - return new SSecurityStack(secTypeX509None, new SSecurityTLS(false), new SSecurityVncAuth()); + return new SSecurityStack(sc, secTypeX509None, new SSecurityTLS(sc, false), new SSecurityVncAuth(sc)); case secTypeX509Plain: - return new SSecurityStack(secTypeX509Plain, new SSecurityTLS(false), new SSecurityPlain()); + return new SSecurityStack(sc, secTypeX509Plain, new SSecurityTLS(sc, false), new SSecurityPlain(sc)); #endif } diff --git a/common/rfb/SecurityServer.h b/common/rfb/SecurityServer.h index 019d67fc..354f6420 100644 --- a/common/rfb/SecurityServer.h +++ b/common/rfb/SecurityServer.h @@ -24,7 +24,8 @@ #include <rfb/Security.h> namespace rfb { - + + class SConnection; class SSecurity; class SecurityServer : public Security { @@ -32,7 +33,7 @@ namespace rfb { SecurityServer(void) : Security(secTypes) {} /* Create server side SSecurity class instance */ - SSecurity* GetSSecurity(rdr::U32 secType); + SSecurity* GetSSecurity(SConnection* sc, rdr::U32 secType); static StringParameter secTypes; }; |