From 58a8df6ff2bffa46d96b057603c93d824f1c8591 Mon Sep 17 00:00:00 2001
From: Vic Lee <llyzs@163.com>
Date: Thu, 1 Oct 2009 20:22:36 +0800
Subject: Add anonymous TLS support in libvncclient

Signed-off-by: Vic Lee <llyzs@163.com>
---
 rfb/rfbclient.h | 38 ++++++++++++++++++++++++++++++++++++++
 rfb/rfbproto.h  |  1 +
 2 files changed, 39 insertions(+)

(limited to 'rfb')

diff --git a/rfb/rfbclient.h b/rfb/rfbclient.h
index 07da7df..b3a0d87 100644
--- a/rfb/rfbclient.h
+++ b/rfb/rfbclient.h
@@ -33,6 +33,9 @@
 #include <unistd.h>
 #include <rfb/rfbproto.h>
 #include <rfb/keysym.h>
+#ifdef LIBVNCSERVER_WITH_CLIENT_TLS
+#include <gnutls/gnutls.h>
+#endif
 
 #define rfbClientSwap16IfLE(s) \
     (*(char *)&client->endianTest ? ((((s) & 0xff) << 8) | (((s) >> 8) & 0xff)) : (s))
@@ -98,6 +101,24 @@ typedef struct {
   int scaleSetting; /* 0 means no scale set, else 1/scaleSetting */
 } AppData;
 
+/* For GetCredentialProc callback function to return */
+typedef union _rfbCredential
+{
+  /* VeNCrypt */
+  struct
+  {
+    char *x509CACertFile;
+    char *x509CACrlFile;
+    char *x509ClientCertFile;
+    char *x509ClientKeyFile;
+  } x509Credential;
+  /* MSLogon */
+  struct
+  {
+    char *username;
+    char *password;
+  } userCredential;
+} rfbCredential;
 
 struct _rfbClient;
 
@@ -108,6 +129,7 @@ typedef void (*SoftCursorLockAreaProc)(struct _rfbClient* client, int x, int y,
 typedef void (*SoftCursorUnlockScreenProc)(struct _rfbClient* client);
 typedef void (*GotFrameBufferUpdateProc)(struct _rfbClient* client, int x, int y, int w, int h);
 typedef char* (*GetPasswordProc)(struct _rfbClient* client);
+typedef rfbCredential* (*GetCredentialProc)(struct _rfbClient* client, uint8_t securityType);
 typedef rfbBool (*MallocFrameBufferProc)(struct _rfbClient* client);
 typedef void (*GotXCutTextProc)(struct _rfbClient* client, const char *text, int textlen);
 typedef void (*BellProc)(struct _rfbClient* client);
@@ -249,6 +271,22 @@ typedef struct _rfbClient {
 
 	/* negotiated protocol version */
 	int major, minor;
+
+	/* The selected security types */
+	uint32_t authScheme, subAuthScheme;
+
+#ifdef LIBVNCSERVER_WITH_CLIENT_TLS
+	/* The TLS session for Anonymous TLS and VeNCrypt */
+	gnutls_session_t tlsSession;
+#endif
+
+	/* To support security types that requires user input (except VNC password
+	 * authentication), for example VeNCrypt and MSLogon, this callback function
+	 * must be set before the authentication. Otherwise, it implicates that the
+	 * caller application does not support it and related security types should
+	 * be bypassed.
+	 */
+	GetCredentialProc GetCredential;
 } rfbClient;
 
 /* cursor.c */
diff --git a/rfb/rfbproto.h b/rfb/rfbproto.h
index f0660e1..fec6bf7 100644
--- a/rfb/rfbproto.h
+++ b/rfb/rfbproto.h
@@ -264,6 +264,7 @@ typedef char rfbProtocolVersionMsg[13];	/* allow extra byte for null */
 #define rfbTight 16
 #define rfbUltra 17
 #define rfbTLS 18
+#define rfbVeNCrypt 19
 
 /*
  * rfbConnFailed:	For some reason the connection failed (e.g. the server
-- 
cgit v1.1


From 95ae56c83110c35bce9752d18975b6edcd8088b9 Mon Sep 17 00:00:00 2001
From: Vic Lee <llyzs@163.com>
Date: Fri, 2 Oct 2009 20:42:05 +0800
Subject: Add VeNCrypt support in libvncclient

Signed-off-by: Vic Lee <llyzs@163.com>
---
 rfb/rfbclient.h |  9 ++++++---
 rfb/rfbproto.h  | 10 ++++++++++
 2 files changed, 16 insertions(+), 3 deletions(-)

(limited to 'rfb')

diff --git a/rfb/rfbclient.h b/rfb/rfbclient.h
index b3a0d87..c32168c 100644
--- a/rfb/rfbclient.h
+++ b/rfb/rfbclient.h
@@ -104,7 +104,7 @@ typedef struct {
 /* For GetCredentialProc callback function to return */
 typedef union _rfbCredential
 {
-  /* VeNCrypt */
+  /* X509 (VeNCrypt) */
   struct
   {
     char *x509CACertFile;
@@ -112,7 +112,7 @@ typedef union _rfbCredential
     char *x509ClientCertFile;
     char *x509ClientKeyFile;
   } x509Credential;
-  /* MSLogon */
+  /* Plain (VeNCrypt), MSLogon (UltraVNC) */
   struct
   {
     char *username;
@@ -120,6 +120,9 @@ typedef union _rfbCredential
   } userCredential;
 } rfbCredential;
 
+#define rfbCredentialTypeX509 1
+#define rfbCredentialTypeUser 2
+
 struct _rfbClient;
 
 typedef void (*HandleTextChatProc)(struct _rfbClient* client, int value, char *text);
@@ -129,7 +132,7 @@ typedef void (*SoftCursorLockAreaProc)(struct _rfbClient* client, int x, int y,
 typedef void (*SoftCursorUnlockScreenProc)(struct _rfbClient* client);
 typedef void (*GotFrameBufferUpdateProc)(struct _rfbClient* client, int x, int y, int w, int h);
 typedef char* (*GetPasswordProc)(struct _rfbClient* client);
-typedef rfbCredential* (*GetCredentialProc)(struct _rfbClient* client, uint8_t securityType);
+typedef rfbCredential* (*GetCredentialProc)(struct _rfbClient* client, int credentialType);
 typedef rfbBool (*MallocFrameBufferProc)(struct _rfbClient* client);
 typedef void (*GotXCutTextProc)(struct _rfbClient* client, const char *text, int textlen);
 typedef void (*BellProc)(struct _rfbClient* client);
diff --git a/rfb/rfbproto.h b/rfb/rfbproto.h
index fec6bf7..06ab579 100644
--- a/rfb/rfbproto.h
+++ b/rfb/rfbproto.h
@@ -266,6 +266,16 @@ typedef char rfbProtocolVersionMsg[13];	/* allow extra byte for null */
 #define rfbTLS 18
 #define rfbVeNCrypt 19
 
+#define rfbVeNCryptPlain 256
+#define rfbVeNCryptTLSNone 257
+#define rfbVeNCryptTLSVNC 258
+#define rfbVeNCryptTLSPlain 259
+#define rfbVeNCryptX509None 260
+#define rfbVeNCryptX509VNC 261
+#define rfbVeNCryptX509Plain 262
+#define rfbVeNCryptX509SASL 263
+#define rfbVeNCryptTLSSASL 264
+
 /*
  * rfbConnFailed:	For some reason the connection failed (e.g. the server
  *			cannot support the desired protocol version).  This is
-- 
cgit v1.1


From 29990f0090754c722653aafd3fc6800cebc1584c Mon Sep 17 00:00:00 2001
From: Vic Lee <llyzs@163.com>
Date: Wed, 7 Oct 2009 11:01:55 +0800
Subject: Add MSLogon security type

Signed-off-by: Vic Lee <llyzs@163.com>
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
---
 rfb/rfbclient.h | 10 ++++++++++
 rfb/rfbproto.h  |  1 +
 2 files changed, 11 insertions(+)

(limited to 'rfb')

diff --git a/rfb/rfbclient.h b/rfb/rfbclient.h
index c32168c..6d38c8f 100644
--- a/rfb/rfbclient.h
+++ b/rfb/rfbclient.h
@@ -46,6 +46,16 @@
 			     (((l) & 0x0000ff00) << 8)  | \
 			     (((l) & 0x000000ff) << 24))  : (l))
 
+#define rfbClientSwap64IfLE(l) \
+    (*(char *)&client->endianTest ? ((((l) & 0xff00000000000000ULL) >> 56) | \
+			     (((l) & 0x00ff000000000000ULL) >> 40)  | \
+			     (((l) & 0x0000ff0000000000ULL) >> 24)  | \
+			     (((l) & 0x000000ff00000000ULL) >> 8)  | \
+			     (((l) & 0x00000000ff000000ULL) << 8)  | \
+			     (((l) & 0x0000000000ff0000ULL) << 24)  | \
+			     (((l) & 0x000000000000ff00ULL) << 40)  | \
+			     (((l) & 0x00000000000000ffULL) << 56))  : (l))
+
 #define FLASH_PORT_OFFSET 5400
 #define LISTEN_PORT_OFFSET 5500
 #define TUNNEL_PORT_OFFSET 5500
diff --git a/rfb/rfbproto.h b/rfb/rfbproto.h
index 06ab579..b6f201c 100644
--- a/rfb/rfbproto.h
+++ b/rfb/rfbproto.h
@@ -265,6 +265,7 @@ typedef char rfbProtocolVersionMsg[13];	/* allow extra byte for null */
 #define rfbUltra 17
 #define rfbTLS 18
 #define rfbVeNCrypt 19
+#define rfbMSLogon 0xfffffffa
 
 #define rfbVeNCryptPlain 256
 #define rfbVeNCryptTLSNone 257
-- 
cgit v1.1