[Development] Use SecurityType also as configuration for VeNCrypt.
Signed-off-by: Martin Koegler <mkoegler@auto.tuwien.ac.at>
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4102 3789f03b-4d11-0410-bbf8-ca57d06f2519
diff --git a/common/rfb/CSecurityVeNCrypt.cxx b/common/rfb/CSecurityVeNCrypt.cxx
index 94af48d..39a95f4 100644
--- a/common/rfb/CSecurityVeNCrypt.cxx
+++ b/common/rfb/CSecurityVeNCrypt.cxx
@@ -30,7 +30,6 @@
#include <rfb/CSecurityVeNCrypt.h>
#include <rfb/CSecurityVncAuth.h>
#include <rfb/LogWriter.h>
-#include <rfb/SSecurityVeNCrypt.h>
#include <list>
using namespace rfb;
@@ -147,14 +146,14 @@
/* make a choice and send it to the server, meanwhile set up the stack */
if (!haveChosenType) {
- chosenType = 0;
+ chosenType = secTypeInvalid;
U8 i;
list<U32>::iterator j;
list<U32> preferredList;
/* Try preferred choice */
- SSecurityVeNCrypt::getSecTypes(&preferredList);
-
+ preferredList = security->GetEnabledExtSecTypes();
+
for (j = preferredList.begin(); j != preferredList.end(); j++) {
for (i = 0; i < nAvailableTypes; i++) {
if (*j == availableTypes[i]) {
@@ -163,29 +162,19 @@
}
}
- if (chosenType)
+ if (chosenType != secTypeInvalid)
break;
}
vlog.debug("Choosing security type %s (%d)", secTypeName(chosenType),
chosenType);
- /* Set up the stack according to the chosen type: */
- switch (chosenType) {
- case secTypeTLSNone:
- case secTypeTLSVnc:
- case secTypeTLSPlain:
- case secTypeX509None:
- case secTypeX509Vnc:
- case secTypeX509Plain:
- csecurity = CSecurityVeNCrypt::getCSecurityStack(chosenType);
- break;
- case secTypeInvalid:
- case secTypeVeNCrypt: /* would cause looping */
- default:
- throw AuthFailureException("No valid VeNCrypt sub-type");
- }
-
+ /* Set up the stack according to the chosen type: */
+ if (chosenType == secTypeInvalid || chosenType == secTypeVeNCrypt)
+ throw AuthFailureException("No valid VeNCrypt sub-type");
+
+ csecurity = CSecurityVeNCrypt::getCSecurityStack(chosenType);
+
/* send chosen type to server */
os->writeU32(chosenType);
os->flush();
diff --git a/common/rfb/SSecurityVeNCrypt.cxx b/common/rfb/SSecurityVeNCrypt.cxx
index 894118d..2dd331e 100644
--- a/common/rfb/SSecurityVeNCrypt.cxx
+++ b/common/rfb/SSecurityVeNCrypt.cxx
@@ -54,12 +54,6 @@
"specifies path to the key of the x509 certificate in PEM format",
"", ConfServer);
-StringParameter SSecurityVeNCrypt::secTypesStr
-("VeNCryptTypes",
- "Specify which security scheme to use for VeNCrypt connections (TLSNone, "
- "TLSVnc, TLSPlain, X509None, X509Vnc, X509Plain)",
- "TLSVnc,TLSPlain,X509Vnc,X509Plain");
-
SSecurityVeNCrypt::SSecurityVeNCrypt(Security *sec) : security(sec)
{
ssecurity = NULL;
@@ -141,7 +135,8 @@
*/
if (!haveSentTypes) {
list<U32> listSubTypes;
- SSecurityVeNCrypt::getSecTypes(&listSubTypes);
+
+ listSubTypes = security->GetEnabledExtSecTypes();
numTypes = listSubTypes.size();
subTypes = new U32[numTypes];
@@ -180,22 +175,12 @@
vlog.debug("Choosing security type %s (%d)", secTypeName(chosenType),
chosenType);
- /* Set up the stack according to the chosen type */
- switch(chosenType) {
- case secTypeTLSNone:
- case secTypeTLSVnc:
- case secTypeTLSPlain:
- case secTypeX509None:
- case secTypeX509Vnc:
- case secTypeX509Plain:
- ssecurity = SSecurityVeNCrypt::getSSecurityStack(chosenType);
- break;
- case secTypeInvalid:
- case secTypeVeNCrypt: /* This would cause looping */
- default:
- throw AuthFailureException("No valid VeNCrypt sub-type");
- }
+ /* Set up the stack according to the chosen type */
+ if (chosenType == secTypeInvalid || chosenType == secTypeVeNCrypt)
+ throw AuthFailureException("No valid VeNCrypt sub-type");
+
+ ssecurity = SSecurityVeNCrypt::getSSecurityStack(chosenType);
}
/* continue processing the messages */
@@ -221,68 +206,3 @@
}
}
-void SSecurityVeNCrypt::getSecTypes(list<U32>* secTypes)
-{
- CharArray types;
-
- types.buf = SSecurityVeNCrypt::secTypesStr.getData();
- list<U32> configured = SSecurityVeNCrypt::parseSecTypes(types.buf);
- list<U32>::iterator i;
- for (i = configured.begin(); i != configured.end(); i++)
- secTypes->push_back(*i);
-}
-
-U32 SSecurityVeNCrypt::secTypeNum(const char *name)
-{
- if (strcasecmp(name, "TLSNone") == 0)
- return secTypeTLSNone;
- if (strcasecmp(name, "TLSVnc") == 0)
- return secTypeTLSVnc;
- if (strcasecmp(name, "TLSPlain") == 0)
- return secTypeTLSPlain;
- if (strcasecmp(name, "X509None") == 0)
- return secTypeX509None;
- if (strcasecmp(name, "X509Vnc") == 0)
- return secTypeX509Vnc;
- if (strcasecmp(name, "X509Plain") == 0)
- return secTypeX509Plain;
-
- return secTypeInvalid;
-}
-
-char* SSecurityVeNCrypt::secTypeName(U32 num)
-{
- switch (num) {
- case secTypePlain:
- return "Plain";
- case secTypeTLSNone:
- return "TLSNone";
- case secTypeTLSVnc:
- return "TLSVnc";
- case secTypeTLSPlain:
- return "TLSPlain";
- case secTypeX509None:
- return "X509None";
- case secTypeX509Vnc:
- return "X509Vnc";
- case secTypeX509Plain:
- return "X509Plain";
- default:
- return "[unknown secType]";
- }
-}
-
-list<U32> SSecurityVeNCrypt::parseSecTypes(const char *secTypes)
-{
- list<U32> result;
- CharArray types(strDup(secTypes)), type;
- while (types.buf) {
- strSplit(types.buf, ',', &type.buf, &types.buf);
- int typeNum = SSecurityVeNCrypt::secTypeNum(type.buf);
- if (typeNum != secTypeInvalid)
- result.push_back(typeNum);
- }
- return result;
-}
-
-
diff --git a/common/rfb/SSecurityVeNCrypt.h b/common/rfb/SSecurityVeNCrypt.h
index 1fd6b4a..3d5949e 100644
--- a/common/rfb/SSecurityVeNCrypt.h
+++ b/common/rfb/SSecurityVeNCrypt.h
@@ -46,13 +46,8 @@
virtual int getType() const { return secTypeVeNCrypt; }
virtual const char* getUserName() const { return NULL; }
- static StringParameter X509_CertFile, X509_KeyFile, secTypesStr;
+ static StringParameter X509_CertFile, X509_KeyFile;
- /* XXX Derive Security class and merge those functions appropriately ? */
- static void getSecTypes(std::list<rdr::U32>* secTypes);
- static rdr::U32 secTypeNum(const char *name);
- static char* secTypeName(rdr::U32 num);
- static std::list<rdr::U32> parseSecTypes(const char *types);
protected:
static SSecurityStack* getSSecurityStack(int secType);