Move the AccessRights type and constants to the rfb namespace

They must belong to the rfb namespace, not to the SConnection class. Also add an AccessNone constant, since it's better to use a mnemonic symbol rather than zero to initialize the accessRights members. Signed-off-by: Carlos Santos <casantos@redhat.com>
author: Carlos Santos <casantos@redhat.com> 2023-11-28 18:11:13 -0300
committer: Carlos Santos <casantos@redhat.com> 2024-04-23 17:41:01 -0300
commit: ae81801cccbbef7c424103ec3aee9bfc6021059e (patch)
tree: b9d288bf7e8341cad9b54c7f240f84e08bf16e65
parent: 34d96928632b79196cc3d46aa2abd7c1f1122593 (diff)
download: tigervnc-ae81801cccbbef7c424103ec3aee9bfc6021059e.tar.gz
tigervnc-ae81801cccbbef7c424103ec3aee9bfc6021059e.zip
17 files changed, 116 insertions, 60 deletions
diff --git a/common/rfb/AccessRights.cxx b/common/rfb/AccessRights.cxx
new file mode 100644
index 00000000..65e6ce24
--- /dev/null
+++ b/common/rfb/AccessRights.cxx
@@ -0,0 +1,36 @@
+/* Copyright 2024 TigerVNC Team
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307,
+ * USA.
+ */
+
+#include "AccessRights.h"
+
+namespace rfb
+{
+
+  // AccessRights values
+  const AccessRights AccessNone           = 0x0000;
+  const AccessRights AccessView           = 0x0001;
+  const AccessRights AccessKeyEvents      = 0x0002;
+  const AccessRights AccessPtrEvents      = 0x0004;
+  const AccessRights AccessCutText        = 0x0008;
+  const AccessRights AccessSetDesktopSize = 0x0010;
+  const AccessRights AccessNonShared      = 0x0020;
+  const AccessRights AccessDefault        = 0x03ff;
+  const AccessRights AccessNoQuery        = 0x0400;
+  const AccessRights AccessFull           = 0xffff;
+
+} /* namespace rfb */
diff --git a/common/rfb/AccessRights.h b/common/rfb/AccessRights.h
new file mode 100644
index 00000000..adf4393d
--- /dev/null
+++ b/common/rfb/AccessRights.h
@@ -0,0 +1,41 @@
+/* Copyright 2024 TigerVNC Team
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307,
+ * USA.
+ */
+
+#ifndef COMMON_RFB_ACCESSRIGHTS_H_
+#define COMMON_RFB_ACCESSRIGHTS_H_
+
+#include <stdint.h>
+
+namespace rfb
+{
+
+  typedef uint16_t AccessRights;
+  extern const AccessRights AccessNone;           // No rights at all
+  extern const AccessRights AccessView;           // View display contents
+  extern const AccessRights AccessKeyEvents;      // Send key events
+  extern const AccessRights AccessPtrEvents;      // Send pointer events
+  extern const AccessRights AccessCutText;        // Send/receive clipboard events
+  extern const AccessRights AccessSetDesktopSize; // Change desktop size
+  extern const AccessRights AccessNonShared;      // Exclusive access to the server
+  extern const AccessRights AccessDefault;        // The default rights, INCLUDING FUTURE ONES
+  extern const AccessRights AccessNoQuery;        // Connect without local user accepting
+  extern const AccessRights AccessFull;           // All of the available AND FUTURE rights
+
+} /* namespace rfb */
+
+#endif /* COMMON_RFB_ACCESSRIGHTS_H_ */
diff --git a/common/rfb/CMakeLists.txt b/common/rfb/CMakeLists.txt
index 2cae2356..360434a9 100644
--- a/common/rfb/CMakeLists.txt
+++ b/common/rfb/CMakeLists.txt
@@ -1,4 +1,5 @@
 add_library(rfb STATIC
+  AccessRights.cxx
   Blacklist.cxx
   Congestion.cxx
   CConnection.cxx
diff --git a/common/rfb/SConnection.cxx b/common/rfb/SConnection.cxx
index 33b2d850..462c34c2 100644
--- a/common/rfb/SConnection.cxx
+++ b/common/rfb/SConnection.cxx
@@ -43,24 +43,12 @@ using namespace rfb;
 
 static LogWriter vlog("SConnection");
 
-// AccessRights values
-const SConnection::AccessRights SConnection::AccessView           = 0x0001;
-const SConnection::AccessRights SConnection::AccessKeyEvents      = 0x0002;
-const SConnection::AccessRights SConnection::AccessPtrEvents      = 0x0004;
-const SConnection::AccessRights SConnection::AccessCutText        = 0x0008;
-const SConnection::AccessRights SConnection::AccessSetDesktopSize = 0x0010;
-const SConnection::AccessRights SConnection::AccessNonShared      = 0x0020;
-const SConnection::AccessRights SConnection::AccessDefault        = 0x03ff;
-const SConnection::AccessRights SConnection::AccessNoQuery        = 0x0400;
-const SConnection::AccessRights SConnection::AccessFull           = 0xffff;
-
-
 SConnection::SConnection()
   : readyForSetColourMapEntries(false),
     is(0), os(0), reader_(0), writer_(0), ssecurity(0),
     authFailureTimer(this, &SConnection::handleAuthFailureTimeout),
     state_(RFBSTATE_UNINITIALISED), preferredEncoding(encodingRaw),
-    accessRights(0x0000), hasRemoteClipboard(false),
+    accessRights(AccessNone), hasRemoteClipboard(false),
     hasLocalClipboard(false),
     unsolicitedClipboardAttempt(false)
 {
diff --git a/common/rfb/SConnection.h b/common/rfb/SConnection.h
index b163d627..fb8b0b4c 100644
--- a/common/rfb/SConnection.h
+++ b/common/rfb/SConnection.h
@@ -29,6 +29,7 @@
 #include <rdr/InStream.h>
 #include <rdr/OutStream.h>
 
+#include <rfb/AccessRights.h>
 #include <rfb/SMsgHandler.h>
 #include <rfb/SecurityServer.h>
 #include <rfb/Timer.h>
@@ -178,17 +179,6 @@ namespace rfb {
     // setAccessRights() allows a security package to limit the access rights
     // of a SConnection to the server.  How the access rights are treated
     // is up to the derived class.
-
-    typedef uint16_t AccessRights;
-    static const AccessRights AccessView;           // View display contents
-    static const AccessRights AccessKeyEvents;      // Send key events
-    static const AccessRights AccessPtrEvents;      // Send pointer events
-    static const AccessRights AccessCutText;        // Send/receive clipboard events
-    static const AccessRights AccessSetDesktopSize; // Change desktop size
-    static const AccessRights AccessNonShared;      // Exclusive access to the server
-    static const AccessRights AccessDefault;        // The default rights, INCLUDING FUTURE ONES
-    static const AccessRights AccessNoQuery;        // Connect without local user accepting
-    static const AccessRights AccessFull;           // All of the available AND FUTURE rights
     virtual void setAccessRights(AccessRights ar);
     virtual bool accessCheck(AccessRights ar) const;
 
diff --git a/common/rfb/SSecurity.h b/common/rfb/SSecurity.h
index fbc3de6f..8e296c5a 100644
--- a/common/rfb/SSecurity.h
+++ b/common/rfb/SSecurity.h
@@ -62,7 +62,7 @@ namespace rfb {
     // for this security type.
     virtual const char* getUserName() const = 0;
 
-    virtual SConnection::AccessRights getAccessRights() const { return SConnection::AccessDefault; }
+    virtual AccessRights getAccessRights() const { return AccessDefault; }
 
   protected:
     SConnection* sc;
diff --git a/common/rfb/SSecurityRSAAES.cxx b/common/rfb/SSecurityRSAAES.cxx
index 2a8dfa3e..cea62644 100644
--- a/common/rfb/SSecurityRSAAES.cxx
+++ b/common/rfb/SSecurityRSAAES.cxx
@@ -76,7 +76,7 @@ SSecurityRSAAES::SSecurityRSAAES(SConnection* sc, uint32_t _secType,
     keySize(_keySize), isAllEncrypted(_isAllEncrypted), secType(_secType),
     serverKey(), clientKey(),
     serverKeyN(NULL), serverKeyE(NULL), clientKeyN(NULL), clientKeyE(NULL),
-    accessRights(SConnection::AccessDefault),
+    accessRights(AccessDefault),
     rais(NULL), raos(NULL), rawis(NULL), rawos(NULL)
 {
   assert(keySize == 128 || keySize == 256);
@@ -578,12 +578,12 @@ void SSecurityRSAAES::verifyPass()
     throw AuthFailureException("No password configured for VNC Auth");
 
   if (password == passwd) {
-    accessRights = SConnection::AccessDefault;
+    accessRights = AccessDefault;
     return;
   }
 
   if (!passwdReadOnly.empty() && password == passwdReadOnly) {
-    accessRights = SConnection::AccessView;
+    accessRights = AccessView;
     return;
   }
 
diff --git a/common/rfb/SSecurityRSAAES.h b/common/rfb/SSecurityRSAAES.h
index eaeb13a1..0c4fc852 100644
--- a/common/rfb/SSecurityRSAAES.h
+++ b/common/rfb/SSecurityRSAAES.h
@@ -39,7 +39,7 @@ namespace rfb {
     virtual bool processMsg();
     virtual const char* getUserName() const;
     virtual int getType() const { return secType; }
-    virtual SConnection::AccessRights getAccessRights() const
+    virtual AccessRights getAccessRights() const
     {
       return accessRights;
     }
@@ -82,7 +82,7 @@ namespace rfb {
 
     char username[256];
     char password[256];
-    SConnection::AccessRights accessRights;
+    AccessRights accessRights;
 
     rdr::InStream* rais;
     rdr::OutStream* raos;
diff --git a/common/rfb/SSecurityStack.cxx b/common/rfb/SSecurityStack.cxx
index 8b1c2a47..9c0321d4 100644
--- a/common/rfb/SSecurityStack.cxx
+++ b/common/rfb/SSecurityStack.cxx
@@ -71,14 +71,14 @@ const char* SSecurityStack::getUserName() const
   return c;
 }
 
-SConnection::AccessRights SSecurityStack::getAccessRights() const
+AccessRights SSecurityStack::getAccessRights() const
 {
-  SConnection::AccessRights accessRights;
+  AccessRights accessRights;
 
   if (!state0 && !state1)
     return SSecurity::getAccessRights();
 
-  accessRights = SConnection::AccessFull;
+  accessRights = AccessFull;
 
   if (state0)
     accessRights &= state0->getAccessRights();
diff --git a/common/rfb/SSecurityStack.h b/common/rfb/SSecurityStack.h
index 8b412bdf..cf7b10d0 100644
--- a/common/rfb/SSecurityStack.h
+++ b/common/rfb/SSecurityStack.h
@@ -32,7 +32,7 @@ namespace rfb {
     virtual bool processMsg();
     virtual int getType() const { return type; };
     virtual const char* getUserName() const;
-    virtual SConnection::AccessRights getAccessRights() const;
+    virtual AccessRights getAccessRights() const;
   protected:
     short state;
     SSecurity* state0;
diff --git a/common/rfb/SSecurityVeNCrypt.cxx b/common/rfb/SSecurityVeNCrypt.cxx
index c126d82f..2813f299 100644
--- a/common/rfb/SSecurityVeNCrypt.cxx
+++ b/common/rfb/SSecurityVeNCrypt.cxx
@@ -180,7 +180,7 @@ const char* SSecurityVeNCrypt::getUserName() const
   return ssecurity->getUserName();
 }
 
-SConnection::AccessRights SSecurityVeNCrypt::getAccessRights() const
+AccessRights SSecurityVeNCrypt::getAccessRights() const
 {
   if (ssecurity == NULL)
     return SSecurity::getAccessRights();
diff --git a/common/rfb/SSecurityVeNCrypt.h b/common/rfb/SSecurityVeNCrypt.h
index 86cf420a..91713f89 100644
--- a/common/rfb/SSecurityVeNCrypt.h
+++ b/common/rfb/SSecurityVeNCrypt.h
@@ -37,7 +37,7 @@ namespace rfb {
     virtual bool processMsg();
     virtual int getType() const { return chosenType; }
     virtual const char* getUserName() const;
-    virtual SConnection::AccessRights getAccessRights() const;
+    virtual AccessRights getAccessRights() const;
 
   protected:
     SSecurity *ssecurity;
diff --git a/common/rfb/SSecurityVncAuth.cxx b/common/rfb/SSecurityVncAuth.cxx
index cbd0ccd2..c1ef1f1c 100644
--- a/common/rfb/SSecurityVncAuth.cxx
+++ b/common/rfb/SSecurityVncAuth.cxx
@@ -54,7 +54,7 @@ VncAuthPasswdParameter SSecurityVncAuth::vncAuthPasswd
 
 SSecurityVncAuth::SSecurityVncAuth(SConnection* sc)
   : SSecurity(sc), sentChallenge(false),
-    pg(&vncAuthPasswd), accessRights(0)
+    pg(&vncAuthPasswd), accessRights(AccessNone)
 {
 }
 
@@ -103,13 +103,13 @@ bool SSecurityVncAuth::processMsg()
     throw AuthFailureException("No password configured for VNC Auth");
 
   if (verifyResponse(passwd.c_str())) {
-    accessRights = SConnection::AccessDefault;
+    accessRights = AccessDefault;
     return true;
   }
 
   if (!passwdReadOnly.empty() &&
       verifyResponse(passwdReadOnly.c_str())) {
-    accessRights = SConnection::AccessView;
+    accessRights = AccessView;
     return true;
   }
 
diff --git a/common/rfb/SSecurityVncAuth.h b/common/rfb/SSecurityVncAuth.h
index 2bd27791..7f27b02b 100644
--- a/common/rfb/SSecurityVncAuth.h
+++ b/common/rfb/SSecurityVncAuth.h
@@ -55,7 +55,7 @@ namespace rfb {
     virtual bool processMsg();
     virtual int getType() const {return secTypeVncAuth;}
     virtual const char* getUserName() const {return 0;}
-    virtual SConnection::AccessRights getAccessRights() const { return accessRights; }
+    virtual AccessRights getAccessRights() const { return accessRights; }
     static StringParameter vncAuthPasswdFile;
     static VncAuthPasswdParameter vncAuthPasswd;
   private:
@@ -65,7 +65,7 @@ namespace rfb {
     uint8_t response[vncAuthChallengeSize];
     bool sentChallenge;
     VncAuthPasswdGetter* pg;
-    SConnection::AccessRights accessRights;
+    AccessRights accessRights;
   };
 }
 #endif
diff --git a/common/rfb/VNCServerST.cxx b/common/rfb/VNCServerST.cxx
index 560a0ffa..c97b0735 100644
--- a/common/rfb/VNCServerST.cxx
+++ b/common/rfb/VNCServerST.cxx
@@ -680,7 +680,7 @@ void VNCServerST::queryConnection(VNCSConnectionST* client,
   }
 
   // - Does the client have the right to bypass the query?
-  if (client->accessCheck(SConnection::AccessNoQuery))
+  if (client->accessCheck(AccessNoQuery))
   {
     approveConnection(client->getSock(), true, NULL);
     return;
@@ -693,7 +693,7 @@ void VNCServerST::clientReady(VNCSConnectionST* client, bool shared)
 {
   if (!shared) {
     if (rfb::Server::disconnectClients &&
-        client->accessCheck(SConnection::AccessNonShared)) {
+        client->accessCheck(AccessNonShared)) {
       // - Close all the other connected clients
       slog.debug("non-shared connection - closing clients");
       closeClients("Non-shared connection requested", client->getSock());
diff --git a/tests/perf/encperf.cxx b/tests/perf/encperf.cxx
index 40e3abfc..55fa386e 100644
--- a/tests/perf/encperf.cxx
+++ b/tests/perf/encperf.cxx
@@ -134,7 +134,7 @@ public:
 
   void getStats(double&, unsigned long long&, unsigned long long&);
 
-  virtual void setAccessRights(AccessRights ar);
+  virtual void setAccessRights(rfb::AccessRights ar);
 
   virtual void setDesktopSize(int fb_width, int fb_height,
                               const rfb::ScreenSet& layout);
@@ -329,7 +329,7 @@ void SConn::getStats(double& ratio, unsigned long long& bytes,
   manager->getStats(ratio, bytes, rawEquivalent);
 }
 
-void SConn::setAccessRights(AccessRights)
+void SConn::setAccessRights(rfb::AccessRights)
 {
 }
 
diff --git a/win/winvnc/VNCServerWin32.cxx b/win/winvnc/VNCServerWin32.cxx
index a243d95e..38b2ef16 100644
--- a/win/winvnc/VNCServerWin32.cxx
+++ b/win/winvnc/VNCServerWin32.cxx
@@ -363,11 +363,11 @@ void VNCServerWin32::getConnInfo(ListConnInfo * listConn)
 
     if (!conn->authenticated())
       status = 3;
-    else if (conn->accessCheck(rfb::SConnection::AccessPtrEvents |
-                               rfb::SConnection::AccessKeyEvents |
-                               rfb::SConnection::AccessView))
+    else if (conn->accessCheck(rfb::AccessPtrEvents |
+                               rfb::AccessKeyEvents |
+                               rfb::AccessView))
       status = 0;
-    else if (conn->accessCheck(rfb::SConnection::AccessView))
+    else if (conn->accessCheck(rfb::AccessView))
       status = 1;
     else
       status = 2;
@@ -398,25 +398,25 @@ void VNCServerWin32::setConnStatus(ListConnInfo* listConn)
     if (status == 3) {
       conn->close(0);
     } else {
-      rfb::SConnection::AccessRights ar;
+      rfb::AccessRights ar;
 
-      ar = rfb::SConnection::AccessDefault;
+      ar = rfb::AccessDefault;
 
       switch (status) {
       case 0:
-        ar |= rfb::SConnection::AccessPtrEvents |
-              rfb::SConnection::AccessKeyEvents |
-              rfb::SConnection::AccessView;
+        ar |= rfb::AccessPtrEvents |
+              rfb::AccessKeyEvents |
+              rfb::AccessView;
         break;
       case 1:
-        ar |= rfb::SConnection::AccessView;
-        ar &= ~(rfb::SConnection::AccessPtrEvents |
-                rfb::SConnection::AccessKeyEvents);
+        ar |= rfb::AccessView;
+        ar &= ~(rfb::AccessPtrEvents |
+                rfb::AccessKeyEvents);
         break;
       case 2:
-        ar &= ~(rfb::SConnection::AccessPtrEvents |
-                rfb::SConnection::AccessKeyEvents |
-                rfb::SConnection::AccessView);
+        ar &= ~(rfb::AccessPtrEvents |
+                rfb::AccessKeyEvents |
+                rfb::AccessView);
         break;
       }
       conn->setAccessRights(ar);
author	Carlos Santos <casantos@redhat.com>	2023-11-28 18:11:13 -0300
committer	Carlos Santos <casantos@redhat.com>	2024-04-23 17:41:01 -0300
commit	ae81801cccbbef7c424103ec3aee9bfc6021059e (patch)
tree	b9d288bf7e8341cad9b54c7f240f84e08bf16e65
parent	34d96928632b79196cc3d46aa2abd7c1f1122593 (diff)
download	tigervnc-ae81801cccbbef7c424103ec3aee9bfc6021059e.tar.gz tigervnc-ae81801cccbbef7c424103ec3aee9bfc6021059e.zip