Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_tigervnc / 5e04c269078655503422588153d09afa1d742463 / . / common / rfb / Security.cxx
blob: 238f335169b58b98002a353474b27ddfdec9369e [file] [log] [blame]
Constantin Kaplinskya2adc8d2006-05-25 05:01:55 +0000[diff] [blame]1/* Copyright (C) 2002-2005 RealVNC Ltd. All Rights Reserved.
Adam Tkacdf799702010-04-28 15:45:53 +0000[diff] [blame]2 * Copyright (C) 2010 TigerVNC Team
Constantin Kaplinskya2adc8d2006-05-25 05:01:55 +0000[diff] [blame]3 *
4 * This is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 2 of the License, or
7 * (at your option) any later version.
8 *
9 * This software is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this software; if not, write to the Free Software
16 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
17 * USA.
18 */
Adam Tkacdf799702010-04-28 15:45:53 +0000[diff] [blame]19
20#ifdef HAVE_CONFIG_H
21#include <config.h>
22#endif
23
Adam Tkac1d15e2d2010-04-23 14:06:38 +0000[diff] [blame]24#include <assert.h>
25#include <stdlib.h>
Constantin Kaplinskya2adc8d2006-05-25 05:01:55 +0000[diff] [blame]26#include <string.h>
27#ifdef _WIN32
28#define strcasecmp _stricmp
29#endif
Adam Tkacc210e8a2010-04-23 14:09:16 +0000[diff] [blame]30#include <rfb/CSecurityNone.h>
Adam Tkac707d3612010-07-20 15:16:10 +0000[diff] [blame]31#include <rfb/CSecurityStack.h>
Adam Tkacb10489b2010-04-23 14:16:04 +0000[diff] [blame]32#include <rfb/CSecurityVeNCrypt.h>
Adam Tkacc210e8a2010-04-23 14:09:16 +0000[diff] [blame]33#include <rfb/CSecurityVncAuth.h>
Adam Tkac8c048382010-09-02 12:37:00 +0000[diff] [blame]34#include <rfb/CSecurityPlain.h>
Adam Tkac1d15e2d2010-04-23 14:06:38 +0000[diff] [blame]35#include <rdr/Exception.h>
36#include <rfb/LogWriter.h>
Adam Tkacb6eb3992010-04-23 14:05:00 +0000[diff] [blame]37#include <rfb/Security.h>
Adam Tkac1d15e2d2010-04-23 14:06:38 +0000[diff] [blame]38#include <rfb/SSecurityNone.h>
Adam Tkac707d3612010-07-20 15:16:10 +0000[diff] [blame]39#include <rfb/SSecurityStack.h>
Adam Tkac520fc412010-09-02 14:13:24 +0000[diff] [blame]40#include <rfb/SSecurityPlain.h>
Adam Tkac1d15e2d2010-04-23 14:06:38 +0000[diff] [blame]41#include <rfb/SSecurityVncAuth.h>
Adam Tkacdfe19cf2010-04-23 14:14:11 +0000[diff] [blame]42#include <rfb/SSecurityVeNCrypt.h>
Adam Tkac707d3612010-07-20 15:16:10 +0000[diff] [blame]43#ifdef HAVE_GNUTLS
Adam Tkac3c5be392010-07-21 09:27:34 +0000[diff] [blame]44#include <rfb/CSecurityTLS.h>
Adam Tkac21b61a52010-07-21 09:19:00 +0000[diff] [blame]45#include <rfb/SSecurityTLS.h>
Adam Tkacdf799702010-04-28 15:45:53 +0000[diff] [blame]46#endif
Constantin Kaplinskya2adc8d2006-05-25 05:01:55 +0000[diff] [blame]47#include <rfb/util.h>
48
Adam Tkac1d15e2d2010-04-23 14:06:38 +0000[diff] [blame]49using namespace rdr;
50using namespace rfb;
51using namespace std;
52
53static LogWriter vlog("Security");
54
Pierre Ossmane5fe0702011-05-16 12:46:16 +0000[diff] [blame]55Security::Security()
56{
57}
58
Adam Tkacbfd66c12010-10-01 08:33:29 +0000[diff] [blame]59Security::Security(StringParameter &secTypes)
Adam Tkac1d15e2d2010-04-23 14:06:38 +0000[diff] [blame]60{
Adam Tkacfb993152010-08-12 14:17:28 +0000[diff] [blame]61 char *secTypesStr;
62
Adam Tkacbfd66c12010-10-01 08:33:29 +0000[diff] [blame]63 secTypesStr = secTypes.getData();
Adam Tkac1d15e2d2010-04-23 14:06:38 +0000[diff] [blame]64 enabledSecTypes = parseSecTypes(secTypesStr);
65
Pierre Ossman5e04c262011-11-09 11:31:12 +0000[diff] [blame^]66 delete [] secTypesStr;
Adam Tkac1d15e2d2010-04-23 14:06:38 +0000[diff] [blame]67}
68
Adam Tkac0c77e512010-07-20 15:10:16 +0000[diff] [blame]69const std::list<rdr::U8> Security::GetEnabledSecTypes(void)
Adam Tkac1d15e2d2010-04-23 14:06:38 +0000[diff] [blame]70{
Adam Tkac0c77e512010-07-20 15:10:16 +0000[diff] [blame]71 list<rdr::U8> result;
72 list<U32>::iterator i;
73
DRC674bf062011-02-21 13:14:16 +0000[diff] [blame]74 result.push_back(secTypeVeNCrypt);
Adam Tkac0c77e512010-07-20 15:10:16 +0000[diff] [blame]75 for (i = enabledSecTypes.begin(); i != enabledSecTypes.end(); i++)
76 if (*i < 0x100)
77 result.push_back(*i);
78
79 return result;
80}
81
82const std::list<rdr::U32> Security::GetEnabledExtSecTypes(void)
83{
84 list<rdr::U32> result;
85 list<U32>::iterator i;
86
87 for (i = enabledSecTypes.begin(); i != enabledSecTypes.end(); i++)
Adam Tkac95e2fe82010-08-12 13:54:59 +0000[diff] [blame]88 if (*i != secTypeVeNCrypt) /* Do not include VeNCrypt type to avoid loops */
Adam Tkac0c77e512010-07-20 15:10:16 +0000[diff] [blame]89 result.push_back(*i);
90
91 return result;
92}
93
94void Security::EnableSecType(U32 secType)
95{
96 list<U32>::iterator i;
Adam Tkac1d15e2d2010-04-23 14:06:38 +0000[diff] [blame]97
98 for (i = enabledSecTypes.begin(); i != enabledSecTypes.end(); i++)
99 if (*i == secType)
100 return;
101
102 enabledSecTypes.push_back(secType);
103}
104
Adam Tkac0c77e512010-07-20 15:10:16 +0000[diff] [blame]105bool Security::IsSupported(U32 secType)
Adam Tkac1d15e2d2010-04-23 14:06:38 +0000[diff] [blame]106{
Adam Tkac0c77e512010-07-20 15:10:16 +0000[diff] [blame]107 list<U32>::iterator i;
Adam Tkac1d15e2d2010-04-23 14:06:38 +0000[diff] [blame]108
109 for (i = enabledSecTypes.begin(); i != enabledSecTypes.end(); i++)
110 if (*i == secType)
111 return true;
DRC674bf062011-02-21 13:14:16 +0000[diff] [blame]112 if (secType == secTypeVeNCrypt)
113 return true;
Adam Tkac1d15e2d2010-04-23 14:06:38 +0000[diff] [blame]114
115 return false;
116}
117
Adam Tkaca9a7b4b2011-02-01 14:34:55 +0000[diff] [blame]118char *Security::ToString(void)
119{
120 list<U32>::iterator i;
121 static char out[128]; /* Should be enough */
122 bool firstpass = true;
123 const char *name;
124
125 memset(out, 0, sizeof(out));
126
127 for (i = enabledSecTypes.begin(); i != enabledSecTypes.end(); i++) {
128 name = secTypeName(*i);
129 if (name[0] == '[') /* Unknown security type */
130 continue;
131
132 if (!firstpass)
133 strncat(out, ",", sizeof(out) - 1);
134 else
135 firstpass = false;
136 strncat(out, name, sizeof(out) - 1);
137 }
138
139 return out;
140}
141
Adam Tkac0c77e512010-07-20 15:10:16 +0000[diff] [blame]142rdr::U32 rfb::secTypeNum(const char* name)
Constantin Kaplinskya2adc8d2006-05-25 05:01:55 +0000[diff] [blame]143{
144 if (strcasecmp(name, "None") == 0) return secTypeNone;
145 if (strcasecmp(name, "VncAuth") == 0) return secTypeVncAuth;
146 if (strcasecmp(name, "Tight") == 0) return secTypeTight;
147 if (strcasecmp(name, "RA2") == 0) return secTypeRA2;
148 if (strcasecmp(name, "RA2ne") == 0) return secTypeRA2ne;
149 if (strcasecmp(name, "SSPI") == 0) return secTypeSSPI;
Adam Tkacdfe19cf2010-04-23 14:14:11 +0000[diff] [blame]150 if (strcasecmp(name, "SSPIne") == 0) return secTypeSSPIne;
151 if (strcasecmp(name, "VeNCrypt") == 0) return secTypeVeNCrypt;
Adam Tkacb3e60c62010-07-20 15:10:59 +0000[diff] [blame]152
153 /* VeNCrypt subtypes */
Adam Tkac957a5ae2010-07-20 15:12:41 +0000[diff] [blame]154 if (strcasecmp(name, "Plain") == 0) return secTypePlain;
Adam Tkacb3e60c62010-07-20 15:10:59 +0000[diff] [blame]155 if (strcasecmp(name, "TLSNone") == 0) return secTypeTLSNone;
156 if (strcasecmp(name, "TLSVnc") == 0) return secTypeTLSVnc;
Adam Tkac957a5ae2010-07-20 15:12:41 +0000[diff] [blame]157 if (strcasecmp(name, "TLSPlain") == 0) return secTypeTLSPlain;
Adam Tkacb3e60c62010-07-20 15:10:59 +0000[diff] [blame]158 if (strcasecmp(name, "X509None") == 0) return secTypeX509None;
159 if (strcasecmp(name, "X509Vnc") == 0) return secTypeX509Vnc;
Adam Tkacb3e60c62010-07-20 15:10:59 +0000[diff] [blame]160 if (strcasecmp(name, "X509Plain") == 0) return secTypeX509Plain;
Adam Tkacb3e60c62010-07-20 15:10:59 +0000[diff] [blame]161
Constantin Kaplinskya2adc8d2006-05-25 05:01:55 +0000[diff] [blame]162 return secTypeInvalid;
163}
164
Adam Tkac0c77e512010-07-20 15:10:16 +0000[diff] [blame]165const char* rfb::secTypeName(rdr::U32 num)
Constantin Kaplinskya2adc8d2006-05-25 05:01:55 +0000[diff] [blame]166{
167 switch (num) {
168 case secTypeNone: return "None";
169 case secTypeVncAuth: return "VncAuth";
170 case secTypeTight: return "Tight";
171 case secTypeRA2: return "RA2";
172 case secTypeRA2ne: return "RA2ne";
173 case secTypeSSPI: return "SSPI";
174 case secTypeSSPIne: return "SSPIne";
Adam Tkacdfe19cf2010-04-23 14:14:11 +0000[diff] [blame]175 case secTypeVeNCrypt: return "VeNCrypt";
Adam Tkacb3e60c62010-07-20 15:10:59 +0000[diff] [blame]176
177 /* VeNCrypt subtypes */
Adam Tkac957a5ae2010-07-20 15:12:41 +0000[diff] [blame]178 case secTypePlain: return "Plain";
Adam Tkacb3e60c62010-07-20 15:10:59 +0000[diff] [blame]179 case secTypeTLSNone: return "TLSNone";
180 case secTypeTLSVnc: return "TLSVnc";
Adam Tkacb3e60c62010-07-20 15:10:59 +0000[diff] [blame]181 case secTypeTLSPlain: return "TLSPlain";
182 case secTypeX509None: return "X509None";
183 case secTypeX509Vnc: return "X509Vnc";
184 case secTypeX509Plain: return "X509Plain";
Constantin Kaplinskya2adc8d2006-05-25 05:01:55 +0000[diff] [blame]185 default: return "[unknown secType]";
186 }
187}
188
Adam Tkac0c77e512010-07-20 15:10:16 +0000[diff] [blame]189std::list<rdr::U32> rfb::parseSecTypes(const char* types_)
Constantin Kaplinskya2adc8d2006-05-25 05:01:55 +0000[diff] [blame]190{
Adam Tkac0c77e512010-07-20 15:10:16 +0000[diff] [blame]191 std::list<rdr::U32> result;
Adam Tkacd36b6262009-09-04 10:57:20 +0000[diff] [blame]192 CharArray types(strDup(types_)), type;
Constantin Kaplinskya2adc8d2006-05-25 05:01:55 +0000[diff] [blame]193 while (types.buf) {
194 strSplit(types.buf, ',', &type.buf, &types.buf);
Adam Tkac0c77e512010-07-20 15:10:16 +0000[diff] [blame]195 rdr::U32 typeNum = secTypeNum(type.buf);
Constantin Kaplinskya2adc8d2006-05-25 05:01:55 +0000[diff] [blame]196 if (typeNum != secTypeInvalid)
197 result.push_back(typeNum);
198 }
199 return result;
200}