| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
This makes things more consistent since we mix with the standard library
exceptions so often.
|
| |
|
|
|
| |
Use the more specific already included exception classes for common
errors to keep things more understandable.
|
| |
|
|
|
|
|
|
| |
This exception is for when the user fails to authenticate, not all
possible errors that might occur during the authentication phase.
Use more appropriate exception types for the various other problems that
might occur, so that we can present things more accurately to the user.
|
| |
|
|
|
|
|
|
| |
This prefix often just added noise, and could sometimes be added
multiple times. It's better that user interface catch the specific
exception type and give a more descriptive presentation to the user.
This is partially a revert of 1922550.
|
| |
|
|
|
| |
It's a source of confusion and possibly bugs to reuse the same variable
name for multiple things.
|
| |
|
|
|
| |
It's more readable than 0, and a bit safer than NULL, so let's try to
follow modern norms.
|
| |
|
|
|
|
|
|
|
|
|
| |
This permits to enable PAM for the effective user of the Xvnc process by
adding this to ~/.vnc/config or /etc/tigervnc/vncserver-config-defaults:
SecurityTypes=TLSPlain
PlainUsers=%u
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2233204
Signed-off-by: Carlos Santos <casantos@redhat.com>
|
| |
|
|
|
| |
These will always be byte streams at heart, so let's try to keep them
with a proper type. Should make it clearer how they will be used.
|
| |
|
|
|
|
|
|
| |
These files don't use anything from this header, so remove the include.
This exposes some missing includes in other places, though. So add an
explicit include in the files that were relying on an indirect
inclusion.
|
| |
|
|
|
| |
This matches the naming in STL, which is what we are mostly mimicing now
that we are using std::string for these functions.
|
| |
|
|
|
|
|
| |
Get rid of all the magical re-allocation and shuffling and instead just
return a new set of strings that is fully splitted. Will consume a bit
more memory, but is a lot safer to use as there is less confusion about
ownership of memory.
|
| |
|
|
|
|
| |
We mostly use classical C strings, but the memory management around them
can get confusing and error prone. Let's use std::string for the cases
where we need to return a newly allocated string.
|
| |
|
|
|
| |
We know the needed space here, so let's keep it simple with a constant
size string buffer.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Major restructuring of how streams work. Neither input nor output
streams are now blocking. This avoids stalling the rest of the client or
server when a peer is slow or unresponsive.
Note that this puts an extra burden on users of streams to make sure
they are allowed to do their work once the underlying transports are
ready (e.g. monitoring fds).
|
| |
|
|
|
| |
It is present on all UNIX systems anyway, so let's simplify things.
We will need it for more proper session startup anyway.
|
| | |
|
| |
|
|
|
| |
There is already an implicit connection between them, so let's make
it explicit. This allows easy lookup outside of the processMsg() function.
|
| |
|
|
|
|
|
|
|
|
|
| |
Setting the limit to 1024 which should be still more than enough.
Unlimited ulen and plen can cause various security problems:
* Overflow in `is->checkNoWait(ulen + plen)` causing it to contine when there is not enough data and then wait forever.
* Overflow in `new char[plen + 1]` that would allocate zero sized array which succeeds but returns pointer that should not be written into.
* Allocation failure in `new char[plen + 1]` from trying to allocate too much and crashing the whole server.
All those issues can be triggered by a client before authentication.
|
| |
|
|
|
|
|
| |
Currently it proceeds only if there aren't enough data in queue and then it blocks waiting.
Also the required amount to receive from network is (ulen + plen), not (ulen + plen + 2).
This allowed not authenticated clients to deny service to everyone.
|
| |
|
|
| |
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4183 3789f03b-4d11-0410-bbf8-ca57d06f2519
|
| |
|
|
|
|
|
| |
PAM for credential validation on UNIX.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4128 3789f03b-4d11-0410-bbf8-ca57d06f2519
|
| |
|
|
| |
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4119 3789f03b-4d11-0410-bbf8-ca57d06f2519
|
| |
|
|
|
|
|
| |
Signed-off-by: Martin Koegler <mkoegler@auto.tuwien.ac.at>
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4103 3789f03b-4d11-0410-bbf8-ca57d06f2519
|
| |
|
|
| |
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4049 3789f03b-4d11-0410-bbf8-ca57d06f2519
|
|
|
TLSNone and TLSVnc VeNCrypt subtypes are implemented.
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4045 3789f03b-4d11-0410-bbf8-ca57d06f2519
|
