aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--common/rfb/AccessRights.cxx36
-rw-r--r--common/rfb/AccessRights.h41
-rw-r--r--common/rfb/CMakeLists.txt1
-rw-r--r--common/rfb/SConnection.cxx14
-rw-r--r--common/rfb/SConnection.h12
-rw-r--r--common/rfb/SSecurity.h2
-rw-r--r--common/rfb/SSecurityRSAAES.cxx6
-rw-r--r--common/rfb/SSecurityRSAAES.h4
-rw-r--r--common/rfb/SSecurityStack.cxx6
-rw-r--r--common/rfb/SSecurityStack.h2
-rw-r--r--common/rfb/SSecurityVeNCrypt.cxx2
-rw-r--r--common/rfb/SSecurityVeNCrypt.h2
-rw-r--r--common/rfb/SSecurityVncAuth.cxx6
-rw-r--r--common/rfb/SSecurityVncAuth.h4
-rw-r--r--common/rfb/VNCServerST.cxx4
-rw-r--r--tests/perf/encperf.cxx4
-rw-r--r--win/winvnc/VNCServerWin32.cxx30
17 files changed, 116 insertions, 60 deletions
diff --git a/common/rfb/AccessRights.cxx b/common/rfb/AccessRights.cxx
new file mode 100644
index 00000000..65e6ce24
--- /dev/null
+++ b/common/rfb/AccessRights.cxx
@@ -0,0 +1,36 @@
+/* Copyright 2024 TigerVNC Team
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+
+#include "AccessRights.h"
+
+namespace rfb
+{
+
+ // AccessRights values
+ const AccessRights AccessNone = 0x0000;
+ const AccessRights AccessView = 0x0001;
+ const AccessRights AccessKeyEvents = 0x0002;
+ const AccessRights AccessPtrEvents = 0x0004;
+ const AccessRights AccessCutText = 0x0008;
+ const AccessRights AccessSetDesktopSize = 0x0010;
+ const AccessRights AccessNonShared = 0x0020;
+ const AccessRights AccessDefault = 0x03ff;
+ const AccessRights AccessNoQuery = 0x0400;
+ const AccessRights AccessFull = 0xffff;
+
+} /* namespace rfb */
diff --git a/common/rfb/AccessRights.h b/common/rfb/AccessRights.h
new file mode 100644
index 00000000..adf4393d
--- /dev/null
+++ b/common/rfb/AccessRights.h
@@ -0,0 +1,41 @@
+/* Copyright 2024 TigerVNC Team
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+
+#ifndef COMMON_RFB_ACCESSRIGHTS_H_
+#define COMMON_RFB_ACCESSRIGHTS_H_
+
+#include <stdint.h>
+
+namespace rfb
+{
+
+ typedef uint16_t AccessRights;
+ extern const AccessRights AccessNone; // No rights at all
+ extern const AccessRights AccessView; // View display contents
+ extern const AccessRights AccessKeyEvents; // Send key events
+ extern const AccessRights AccessPtrEvents; // Send pointer events
+ extern const AccessRights AccessCutText; // Send/receive clipboard events
+ extern const AccessRights AccessSetDesktopSize; // Change desktop size
+ extern const AccessRights AccessNonShared; // Exclusive access to the server
+ extern const AccessRights AccessDefault; // The default rights, INCLUDING FUTURE ONES
+ extern const AccessRights AccessNoQuery; // Connect without local user accepting
+ extern const AccessRights AccessFull; // All of the available AND FUTURE rights
+
+} /* namespace rfb */
+
+#endif /* COMMON_RFB_ACCESSRIGHTS_H_ */
diff --git a/common/rfb/CMakeLists.txt b/common/rfb/CMakeLists.txt
index 2cae2356..360434a9 100644
--- a/common/rfb/CMakeLists.txt
+++ b/common/rfb/CMakeLists.txt
@@ -1,4 +1,5 @@
add_library(rfb STATIC
+ AccessRights.cxx
Blacklist.cxx
Congestion.cxx
CConnection.cxx
diff --git a/common/rfb/SConnection.cxx b/common/rfb/SConnection.cxx
index 33b2d850..462c34c2 100644
--- a/common/rfb/SConnection.cxx
+++ b/common/rfb/SConnection.cxx
@@ -43,24 +43,12 @@ using namespace rfb;
static LogWriter vlog("SConnection");
-// AccessRights values
-const SConnection::AccessRights SConnection::AccessView = 0x0001;
-const SConnection::AccessRights SConnection::AccessKeyEvents = 0x0002;
-const SConnection::AccessRights SConnection::AccessPtrEvents = 0x0004;
-const SConnection::AccessRights SConnection::AccessCutText = 0x0008;
-const SConnection::AccessRights SConnection::AccessSetDesktopSize = 0x0010;
-const SConnection::AccessRights SConnection::AccessNonShared = 0x0020;
-const SConnection::AccessRights SConnection::AccessDefault = 0x03ff;
-const SConnection::AccessRights SConnection::AccessNoQuery = 0x0400;
-const SConnection::AccessRights SConnection::AccessFull = 0xffff;
-
-
SConnection::SConnection()
: readyForSetColourMapEntries(false),
is(0), os(0), reader_(0), writer_(0), ssecurity(0),
authFailureTimer(this, &SConnection::handleAuthFailureTimeout),
state_(RFBSTATE_UNINITIALISED), preferredEncoding(encodingRaw),
- accessRights(0x0000), hasRemoteClipboard(false),
+ accessRights(AccessNone), hasRemoteClipboard(false),
hasLocalClipboard(false),
unsolicitedClipboardAttempt(false)
{
diff --git a/common/rfb/SConnection.h b/common/rfb/SConnection.h
index b163d627..fb8b0b4c 100644
--- a/common/rfb/SConnection.h
+++ b/common/rfb/SConnection.h
@@ -29,6 +29,7 @@
#include <rdr/InStream.h>
#include <rdr/OutStream.h>
+#include <rfb/AccessRights.h>
#include <rfb/SMsgHandler.h>
#include <rfb/SecurityServer.h>
#include <rfb/Timer.h>
@@ -178,17 +179,6 @@ namespace rfb {
// setAccessRights() allows a security package to limit the access rights
// of a SConnection to the server. How the access rights are treated
// is up to the derived class.
-
- typedef uint16_t AccessRights;
- static const AccessRights AccessView; // View display contents
- static const AccessRights AccessKeyEvents; // Send key events
- static const AccessRights AccessPtrEvents; // Send pointer events
- static const AccessRights AccessCutText; // Send/receive clipboard events
- static const AccessRights AccessSetDesktopSize; // Change desktop size
- static const AccessRights AccessNonShared; // Exclusive access to the server
- static const AccessRights AccessDefault; // The default rights, INCLUDING FUTURE ONES
- static const AccessRights AccessNoQuery; // Connect without local user accepting
- static const AccessRights AccessFull; // All of the available AND FUTURE rights
virtual void setAccessRights(AccessRights ar);
virtual bool accessCheck(AccessRights ar) const;
diff --git a/common/rfb/SSecurity.h b/common/rfb/SSecurity.h
index fbc3de6f..8e296c5a 100644
--- a/common/rfb/SSecurity.h
+++ b/common/rfb/SSecurity.h
@@ -62,7 +62,7 @@ namespace rfb {
// for this security type.
virtual const char* getUserName() const = 0;
- virtual SConnection::AccessRights getAccessRights() const { return SConnection::AccessDefault; }
+ virtual AccessRights getAccessRights() const { return AccessDefault; }
protected:
SConnection* sc;
diff --git a/common/rfb/SSecurityRSAAES.cxx b/common/rfb/SSecurityRSAAES.cxx
index 2a8dfa3e..cea62644 100644
--- a/common/rfb/SSecurityRSAAES.cxx
+++ b/common/rfb/SSecurityRSAAES.cxx
@@ -76,7 +76,7 @@ SSecurityRSAAES::SSecurityRSAAES(SConnection* sc, uint32_t _secType,
keySize(_keySize), isAllEncrypted(_isAllEncrypted), secType(_secType),
serverKey(), clientKey(),
serverKeyN(NULL), serverKeyE(NULL), clientKeyN(NULL), clientKeyE(NULL),
- accessRights(SConnection::AccessDefault),
+ accessRights(AccessDefault),
rais(NULL), raos(NULL), rawis(NULL), rawos(NULL)
{
assert(keySize == 128 || keySize == 256);
@@ -578,12 +578,12 @@ void SSecurityRSAAES::verifyPass()
throw AuthFailureException("No password configured for VNC Auth");
if (password == passwd) {
- accessRights = SConnection::AccessDefault;
+ accessRights = AccessDefault;
return;
}
if (!passwdReadOnly.empty() && password == passwdReadOnly) {
- accessRights = SConnection::AccessView;
+ accessRights = AccessView;
return;
}
diff --git a/common/rfb/SSecurityRSAAES.h b/common/rfb/SSecurityRSAAES.h
index eaeb13a1..0c4fc852 100644
--- a/common/rfb/SSecurityRSAAES.h
+++ b/common/rfb/SSecurityRSAAES.h
@@ -39,7 +39,7 @@ namespace rfb {
virtual bool processMsg();
virtual const char* getUserName() const;
virtual int getType() const { return secType; }
- virtual SConnection::AccessRights getAccessRights() const
+ virtual AccessRights getAccessRights() const
{
return accessRights;
}
@@ -82,7 +82,7 @@ namespace rfb {
char username[256];
char password[256];
- SConnection::AccessRights accessRights;
+ AccessRights accessRights;
rdr::InStream* rais;
rdr::OutStream* raos;
diff --git a/common/rfb/SSecurityStack.cxx b/common/rfb/SSecurityStack.cxx
index 8b1c2a47..9c0321d4 100644
--- a/common/rfb/SSecurityStack.cxx
+++ b/common/rfb/SSecurityStack.cxx
@@ -71,14 +71,14 @@ const char* SSecurityStack::getUserName() const
return c;
}
-SConnection::AccessRights SSecurityStack::getAccessRights() const
+AccessRights SSecurityStack::getAccessRights() const
{
- SConnection::AccessRights accessRights;
+ AccessRights accessRights;
if (!state0 && !state1)
return SSecurity::getAccessRights();
- accessRights = SConnection::AccessFull;
+ accessRights = AccessFull;
if (state0)
accessRights &= state0->getAccessRights();
diff --git a/common/rfb/SSecurityStack.h b/common/rfb/SSecurityStack.h
index 8b412bdf..cf7b10d0 100644
--- a/common/rfb/SSecurityStack.h
+++ b/common/rfb/SSecurityStack.h
@@ -32,7 +32,7 @@ namespace rfb {
virtual bool processMsg();
virtual int getType() const { return type; };
virtual const char* getUserName() const;
- virtual SConnection::AccessRights getAccessRights() const;
+ virtual AccessRights getAccessRights() const;
protected:
short state;
SSecurity* state0;
diff --git a/common/rfb/SSecurityVeNCrypt.cxx b/common/rfb/SSecurityVeNCrypt.cxx
index c126d82f..2813f299 100644
--- a/common/rfb/SSecurityVeNCrypt.cxx
+++ b/common/rfb/SSecurityVeNCrypt.cxx
@@ -180,7 +180,7 @@ const char* SSecurityVeNCrypt::getUserName() const
return ssecurity->getUserName();
}
-SConnection::AccessRights SSecurityVeNCrypt::getAccessRights() const
+AccessRights SSecurityVeNCrypt::getAccessRights() const
{
if (ssecurity == NULL)
return SSecurity::getAccessRights();
diff --git a/common/rfb/SSecurityVeNCrypt.h b/common/rfb/SSecurityVeNCrypt.h
index 86cf420a..91713f89 100644
--- a/common/rfb/SSecurityVeNCrypt.h
+++ b/common/rfb/SSecurityVeNCrypt.h
@@ -37,7 +37,7 @@ namespace rfb {
virtual bool processMsg();
virtual int getType() const { return chosenType; }
virtual const char* getUserName() const;
- virtual SConnection::AccessRights getAccessRights() const;
+ virtual AccessRights getAccessRights() const;
protected:
SSecurity *ssecurity;
diff --git a/common/rfb/SSecurityVncAuth.cxx b/common/rfb/SSecurityVncAuth.cxx
index cbd0ccd2..c1ef1f1c 100644
--- a/common/rfb/SSecurityVncAuth.cxx
+++ b/common/rfb/SSecurityVncAuth.cxx
@@ -54,7 +54,7 @@ VncAuthPasswdParameter SSecurityVncAuth::vncAuthPasswd
SSecurityVncAuth::SSecurityVncAuth(SConnection* sc)
: SSecurity(sc), sentChallenge(false),
- pg(&vncAuthPasswd), accessRights(0)
+ pg(&vncAuthPasswd), accessRights(AccessNone)
{
}
@@ -103,13 +103,13 @@ bool SSecurityVncAuth::processMsg()
throw AuthFailureException("No password configured for VNC Auth");
if (verifyResponse(passwd.c_str())) {
- accessRights = SConnection::AccessDefault;
+ accessRights = AccessDefault;
return true;
}
if (!passwdReadOnly.empty() &&
verifyResponse(passwdReadOnly.c_str())) {
- accessRights = SConnection::AccessView;
+ accessRights = AccessView;
return true;
}
diff --git a/common/rfb/SSecurityVncAuth.h b/common/rfb/SSecurityVncAuth.h
index 2bd27791..7f27b02b 100644
--- a/common/rfb/SSecurityVncAuth.h
+++ b/common/rfb/SSecurityVncAuth.h
@@ -55,7 +55,7 @@ namespace rfb {
virtual bool processMsg();
virtual int getType() const {return secTypeVncAuth;}
virtual const char* getUserName() const {return 0;}
- virtual SConnection::AccessRights getAccessRights() const { return accessRights; }
+ virtual AccessRights getAccessRights() const { return accessRights; }
static StringParameter vncAuthPasswdFile;
static VncAuthPasswdParameter vncAuthPasswd;
private:
@@ -65,7 +65,7 @@ namespace rfb {
uint8_t response[vncAuthChallengeSize];
bool sentChallenge;
VncAuthPasswdGetter* pg;
- SConnection::AccessRights accessRights;
+ AccessRights accessRights;
};
}
#endif
diff --git a/common/rfb/VNCServerST.cxx b/common/rfb/VNCServerST.cxx
index 560a0ffa..c97b0735 100644
--- a/common/rfb/VNCServerST.cxx
+++ b/common/rfb/VNCServerST.cxx
@@ -680,7 +680,7 @@ void VNCServerST::queryConnection(VNCSConnectionST* client,
}
// - Does the client have the right to bypass the query?
- if (client->accessCheck(SConnection::AccessNoQuery))
+ if (client->accessCheck(AccessNoQuery))
{
approveConnection(client->getSock(), true, NULL);
return;
@@ -693,7 +693,7 @@ void VNCServerST::clientReady(VNCSConnectionST* client, bool shared)
{
if (!shared) {
if (rfb::Server::disconnectClients &&
- client->accessCheck(SConnection::AccessNonShared)) {
+ client->accessCheck(AccessNonShared)) {
// - Close all the other connected clients
slog.debug("non-shared connection - closing clients");
closeClients("Non-shared connection requested", client->getSock());
diff --git a/tests/perf/encperf.cxx b/tests/perf/encperf.cxx
index 40e3abfc..55fa386e 100644
--- a/tests/perf/encperf.cxx
+++ b/tests/perf/encperf.cxx
@@ -134,7 +134,7 @@ public:
void getStats(double&, unsigned long long&, unsigned long long&);
- virtual void setAccessRights(AccessRights ar);
+ virtual void setAccessRights(rfb::AccessRights ar);
virtual void setDesktopSize(int fb_width, int fb_height,
const rfb::ScreenSet& layout);
@@ -329,7 +329,7 @@ void SConn::getStats(double& ratio, unsigned long long& bytes,
manager->getStats(ratio, bytes, rawEquivalent);
}
-void SConn::setAccessRights(AccessRights)
+void SConn::setAccessRights(rfb::AccessRights)
{
}
diff --git a/win/winvnc/VNCServerWin32.cxx b/win/winvnc/VNCServerWin32.cxx
index a243d95e..38b2ef16 100644
--- a/win/winvnc/VNCServerWin32.cxx
+++ b/win/winvnc/VNCServerWin32.cxx
@@ -363,11 +363,11 @@ void VNCServerWin32::getConnInfo(ListConnInfo * listConn)
if (!conn->authenticated())
status = 3;
- else if (conn->accessCheck(rfb::SConnection::AccessPtrEvents |
- rfb::SConnection::AccessKeyEvents |
- rfb::SConnection::AccessView))
+ else if (conn->accessCheck(rfb::AccessPtrEvents |
+ rfb::AccessKeyEvents |
+ rfb::AccessView))
status = 0;
- else if (conn->accessCheck(rfb::SConnection::AccessView))
+ else if (conn->accessCheck(rfb::AccessView))
status = 1;
else
status = 2;
@@ -398,25 +398,25 @@ void VNCServerWin32::setConnStatus(ListConnInfo* listConn)
if (status == 3) {
conn->close(0);
} else {
- rfb::SConnection::AccessRights ar;
+ rfb::AccessRights ar;
- ar = rfb::SConnection::AccessDefault;
+ ar = rfb::AccessDefault;
switch (status) {
case 0:
- ar |= rfb::SConnection::AccessPtrEvents |
- rfb::SConnection::AccessKeyEvents |
- rfb::SConnection::AccessView;
+ ar |= rfb::AccessPtrEvents |
+ rfb::AccessKeyEvents |
+ rfb::AccessView;
break;
case 1:
- ar |= rfb::SConnection::AccessView;
- ar &= ~(rfb::SConnection::AccessPtrEvents |
- rfb::SConnection::AccessKeyEvents);
+ ar |= rfb::AccessView;
+ ar &= ~(rfb::AccessPtrEvents |
+ rfb::AccessKeyEvents);
break;
case 2:
- ar &= ~(rfb::SConnection::AccessPtrEvents |
- rfb::SConnection::AccessKeyEvents |
- rfb::SConnection::AccessView);
+ ar &= ~(rfb::AccessPtrEvents |
+ rfb::AccessKeyEvents |
+ rfb::AccessView);
break;
}
conn->setAccessRights(ar);