[Development] Add code which process new GUI-exposed security options.

git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4143 3789f03b-4d11-0410-bbf8-ca57d06f2519
author: Adam Tkac <atkac@redhat.com> 2010-09-15 14:13:17 +0000
committer: Adam Tkac <atkac@redhat.com> 2010-09-15 14:13:17 +0000
commit: b7bafc5596c25f47724cb86ee70c3c304e23ad66 (patch)
tree: d062ae6a58daa81450b3cb5caeb4b73a201cf8d1
parent: e3cb0c3c8a0e022af94c31767c283927dff85066 (diff)
download: tigervnc-b7bafc5596c25f47724cb86ee70c3c304e23ad66.tar.gz
tigervnc-b7bafc5596c25f47724cb86ee70c3c304e23ad66.zip
2 files changed, 167 insertions, 2 deletions
diff --git a/unix/vncviewer/CConn.cxx b/unix/vncviewer/CConn.cxx
index 8d311c39..f4281165 100644
--- a/unix/vncviewer/CConn.cxx
+++ b/unix/vncviewer/CConn.cxx
@@ -27,6 +27,7 @@
 #include <rfb/Security.h>
 #include <rfb/CSecurityNone.h>
 #include <rfb/CSecurityVncAuth.h>
+#include <rfb/CSecurityTLS.h>
 #include <rfb/Hostname.h>
 #include <rfb/LogWriter.h>
 #include <rfb/util.h>
@@ -34,6 +35,7 @@
 #include <rfb/screenTypes.h>
 #include <network/TcpSocket.h>
 #include <cassert>
+#include <list>
 
 #include "TXViewport.h"
 #include "DesktopWindow.h"
@@ -41,7 +43,9 @@
 #include "PasswdDialog.h"
 #include "parameters.h"
 
+using namespace rdr;
 using namespace rfb;
+using namespace std;
 
 static rfb::LogWriter vlog("CConn");
 
@@ -608,10 +612,77 @@ void CConn::setOptions() {
   options.acceptClipboard.checked(acceptClipboard);
   options.sendClipboard.checked(sendClipboard);
   options.sendPrimary.checked(sendPrimary);
-  if (state() == RFBSTATE_NORMAL)
+  if (state() == RFBSTATE_NORMAL) {
     options.shared.disabled(true);
-  else
+    options.secVeNCrypt.disabled(true);
+    options.encNone.disabled(true);
+    options.encTLS.disabled(true);
+    options.encX509.disabled(true);
+    options.ca.disabled(true);
+    options.crl.disabled(true);
+    options.secNone.disabled(true);
+    options.secVnc.disabled(true);
+    options.secPlain.disabled(true);
+  } else {
     options.shared.checked(shared);
+
+    /* Process non-VeNCrypt sectypes */
+    list<U8> secTypes = security->GetEnabledSecTypes();
+    list<U8>::iterator i;
+    for (i = secTypes.begin(); i != secTypes.end(); i++) {
+      switch (*i) {
+      case secTypeVeNCrypt:
+        options.secVeNCrypt.checked(true);
+        break;
+      case secTypeNone:
+	options.encNone.checked(true);
+        options.secNone.checked(true);
+	break;
+      case secTypeVncAuth:
+	options.encNone.checked(true);
+        options.secVnc.checked(true);
+	break;
+      }
+   }
+
+   /* Process VeNCrypt subtypes */
+   if (options.secVeNCrypt.checked()) {
+     list<U32> secTypesExt = security->GetEnabledExtSecTypes();
+     list<U32>::iterator iext;
+     for (iext = secTypesExt.begin(); iext != secTypesExt.end(); iext++) {
+	switch (*iext) {
+	case secTypePlain:
+	  options.encNone.checked(true);
+          options.secPlain.checked(true);
+	  break;
+	case secTypeTLSNone:
+	  options.encTLS.checked(true);
+          options.secNone.checked(true);
+	  break;
+	case secTypeTLSVnc:
+	  options.encTLS.checked(true);
+          options.secVnc.checked(true);
+	  break;
+	case secTypeTLSPlain:
+	  options.encTLS.checked(true);
+          options.secPlain.checked(true);
+	  break;
+	case secTypeX509None:
+	  options.encX509.checked(true);
+          options.secNone.checked(true);
+	  break;
+	case secTypeX509Vnc:
+	  options.encX509.checked(true);
+          options.secVnc.checked(true);
+	  break;
+	case secTypeX509Plain:
+	  options.encX509.checked(true);
+          options.secPlain.checked(true);
+	  break;
+        }
+      }
+    }
+  }
   options.fullScreen.checked(fullScreen);
   options.useLocalCursor.checked(useLocalCursor);
   options.dotWhenNoCursor.checked(dotWhenNoCursor);
@@ -681,6 +752,93 @@ void CConn::getOptions() {
   if (desktop)
     desktop->setNoCursor();
   checkEncodings();
+
+  /* Process security types which don't use encryption */
+  if (options.encNone.checked()) {
+    if (options.secNone.checked())
+      security->EnableSecType(secTypeNone);
+    if (options.secVnc.checked())
+      security->EnableSecType(secTypeVncAuth);
+    if (options.secPlain.checked())
+      security->EnableSecType(secTypePlain);
+  } else {
+    security->DisableSecType(secTypeNone);
+    security->DisableSecType(secTypeVncAuth);
+    security->DisableSecType(secTypePlain);
+  }
+
+  /* Process security types which use TLS encryption */
+  if (options.encTLS.checked()) {
+    if (options.secNone.checked())
+      security->EnableSecType(secTypeTLSNone);
+    if (options.secVnc.checked())
+      security->EnableSecType(secTypeTLSVnc);
+    if (options.secPlain.checked())
+      security->EnableSecType(secTypeTLSPlain);
+  } else {
+    security->DisableSecType(secTypeTLSNone);
+    security->DisableSecType(secTypeTLSVnc);
+    security->DisableSecType(secTypeTLSPlain);
+  }
+
+  /* Process security types which use X509 encryption */
+  if (options.encX509.checked()) {
+    if (options.secNone.checked())
+      security->EnableSecType(secTypeX509None);
+    if (options.secVnc.checked())
+      security->EnableSecType(secTypeX509Vnc);
+    if (options.secPlain.checked())
+      security->EnableSecType(secTypeX509Plain);
+  } else {
+    security->DisableSecType(secTypeX509None);
+    security->DisableSecType(secTypeX509Vnc);
+    security->DisableSecType(secTypeX509Plain);
+  }
+
+  /* Process *None security types */
+  if (options.secNone.checked()) {
+    if (options.encNone.checked())
+      security->EnableSecType(secTypeNone);
+    if (options.encTLS.checked())
+      security->EnableSecType(secTypeTLSNone);
+    if (options.encX509.checked())
+      security->EnableSecType(secTypeX509None);
+  } else {
+    security->DisableSecType(secTypeNone);
+    security->DisableSecType(secTypeTLSNone);
+    security->DisableSecType(secTypeX509None);
+  }
+
+  /* Process *Vnc security types */
+  if (options.secVnc.checked()) {
+    if (options.encNone.checked())
+      security->EnableSecType(secTypeVncAuth);
+    if (options.encTLS.checked())
+      security->EnableSecType(secTypeTLSVnc);
+    if (options.encX509.checked())
+      security->EnableSecType(secTypeX509Vnc);
+  } else {
+    security->DisableSecType(secTypeVncAuth);
+    security->DisableSecType(secTypeTLSVnc);
+    security->DisableSecType(secTypeX509Vnc);
+  }
+
+  /* Process *Plain security types */
+  if (options.secPlain.checked()) {
+    if (options.encNone.checked())
+      security->EnableSecType(secTypePlain);
+    if (options.encTLS.checked())
+      security->EnableSecType(secTypeTLSPlain);
+    if (options.encX509.checked())
+      security->EnableSecType(secTypeX509Plain);
+  } else {
+    security->DisableSecType(secTypePlain);
+    security->DisableSecType(secTypeTLSPlain);
+    security->DisableSecType(secTypeX509Plain);
+  }
+
+  CSecurityTLS::x509ca.setParam(options.ca.getText());
+  CSecurityTLS::x509crl.setParam(options.crl.getText());
 }
 
 void CConn::resizeFramebuffer()
diff --git a/unix/vncviewer/OptionsDialog.h b/unix/vncviewer/OptionsDialog.h
index 64c09106..549372a2 100644
--- a/unix/vncviewer/OptionsDialog.h
+++ b/unix/vncviewer/OptionsDialog.h
@@ -263,6 +263,13 @@ public:
       compressLevel.disabled(!customCompressLevel.checked());
     } else if (checkbox == &noJpeg) {
       qualityLevel.disabled(autoSelect.checked() || !noJpeg.checked());
+    } else if (checkbox == &secVeNCrypt) {
+      encTLS.checked(false);
+      encTLS.disabled(!secVeNCrypt.checked());
+      encX509.checked(false);
+      encX509.disabled(!secVeNCrypt.checked());
+      secPlain.checked(false);
+      secPlain.disabled(!secVeNCrypt.checked());
     }
   }
author	Adam Tkac <atkac@redhat.com>	2010-09-15 14:13:17 +0000
committer	Adam Tkac <atkac@redhat.com>	2010-09-15 14:13:17 +0000
commit	b7bafc5596c25f47724cb86ee70c3c304e23ad66 (patch)
tree	d062ae6a58daa81450b3cb5caeb4b73a201cf8d1
parent	e3cb0c3c8a0e022af94c31767c283927dff85066 (diff)
download	tigervnc-b7bafc5596c25f47724cb86ee70c3c304e23ad66.tar.gz tigervnc-b7bafc5596c25f47724cb86ee70c3c304e23ad66.zip