void RfbInitializer::initAuthenticate()
{
try {
// Determine effective security type from the configuration.
UINT32 primSecType = SecurityDefs::VNC;
if (!Configurator::getInstance()->getServerConfig()->isUsingAuthentication()
|| !m_authAllowed) {
primSecType = SecurityDefs::NONE;
}
// Here the protocol varies between versions 3.3 and 3.7+.
if (m_minorVerNum >= 7) {
// Send a list with two security types -- VNC-compatible security type
// and a special code allowing to enable TightVNC protocol extensions.
m_output->writeUInt8(2);
m_output->writeUInt8(primSecType);
m_output->writeUInt8(SecurityDefs::TIGHT);
// Read what the client has actually selected.
UINT8 clientSecType = m_input->readUInt8();
if (clientSecType == SecurityDefs::TIGHT) {
m_tightEnabled = true;
doTightAuth();
} else {
if (clientSecType != primSecType) {
throw Exception(_T("Security types do not match"));
}
doAuth(AuthDefs::convertFromSecurityType(clientSecType));
}
} else {
// Just tell the client we will use the configured security type.
m_output->writeUInt32(primSecType);
doAuth(AuthDefs::convertFromSecurityType(primSecType));
}
} catch (AuthException &e) {
// FIXME: The authentication result must be sent in protocols 3.3 and 3.7
// as well, unless the authentication was set to AuthDefs::NONE.
if (m_minorVerNum >= 8) {
AnsiStringStorage reason(&StringStorage(e.getMessage()));
unsigned int reasonLen = (unsigned int)reason.getLength();
_ASSERT(reasonLen == reason.getLength());
m_output->writeUInt32(1); // FIXME: Use a named constant instead of 1.
m_output->writeUInt32(reasonLen);
m_output->writeFully(reason.getString(), reasonLen);
}
throw;
}
}
void RfbInitializer::initAuthenticate()
{
try {
UINT32 primSecType = SecurityDefs::VNC;
if (!Configurator::getInstance()->getServerConfig()->isUsingAuthentication()
|| !m_authAllowed) {
primSecType = SecurityDefs::NONE;
}
if (m_minorVerNum >= 7) {
m_output->writeUInt8(2);
m_output->writeUInt8(primSecType);
m_output->writeUInt8(SecurityDefs::TIGHT);
UINT8 clientSecType = m_input->readUInt8();
if (clientSecType == SecurityDefs::TIGHT) {
m_tightEnabled = true;
doTightAuth();
} else {
if (clientSecType != primSecType) {
throw Exception(_T("Security types do not match"));
}
doAuth(AuthDefs::convertFromSecurityType(clientSecType));
}
} else {
m_output->writeUInt32(primSecType);
doAuth(AuthDefs::convertFromSecurityType(primSecType));
}
} catch (AuthException &e) {
if (m_minorVerNum >= 8) {
StringStorage errorMessage(e.getMessage());
size_t reasonLen = errorMessage.getLength();
char *reason = new char[reasonLen + 1];
try {
if (errorMessage.toAnsiString(reason, reasonLen + 1)) {
m_output->writeUInt32(1);
m_output->writeUInt32(reasonLen);
m_output->writeFully(reason, reasonLen);
}
} catch (...) {
delete reason;
throw;
}
delete reason;
}
throw;
}
}
void RfbInitializer::doTightAuth()
{
m_output->writeUInt32(0);
if (Configurator::getInstance()->getServerConfig()->isUsingAuthentication()
&& m_authAllowed) {
CapContainer authInfo;
authInfo.addCap(AuthDefs::VNC, VendorDefs::STANDARD, AuthDefs::SIG_VNC);
m_output->writeUInt32(authInfo.getCapCount());
authInfo.sendCaps(m_output);
UINT32 clientAuthValue = m_input->readUInt32();
if (!authInfo.includes(clientAuthValue)) {
throw Exception(_T(""));
}
doAuth(clientAuthValue);
} else {
m_output->writeUInt32(0);
doAuth(AuthDefs::NONE);
}
}
void QAuthApp::setUp() {
QStringList args = QCoreApplication::arguments();
QString server;
int pos;
if ((pos = args.indexOf("--socket")) >= 0) {
if (pos >= args.length() - 1) {
qCritical() << "This application is not supposed to be executed manually";
exit(OTHER_ERROR);
return;
}
server = args[pos + 1];
}
if ((pos = args.indexOf("--id")) >= 0) {
if (pos >= args.length() - 1) {
qCritical() << "This application is not supposed to be executed manually";
exit(OTHER_ERROR);
return;
}
m_id = QString(args[pos + 1]).toLongLong();
}
if ((pos = args.indexOf("--start")) >= 0) {
if (pos >= args.length() - 1) {
qCritical() << "This application is not supposed to be executed manually";
exit(OTHER_ERROR);
return;
}
m_session->setPath(args[pos + 1]);
}
if ((pos = args.indexOf("--user")) >= 0) {
if (pos >= args.length() - 1) {
qCritical() << "This application is not supposed to be executed manually";
exit(OTHER_ERROR);
return;
}
m_user = args[pos + 1];
}
if ((pos = args.indexOf("--autologin")) >= 0) {
m_backend->setAutologin(true);
}
if (server.isEmpty() || m_id <= 0) {
qCritical() << "This application is not supposed to be executed manually";
exit(OTHER_ERROR);
return;
}
connect(m_socket, SIGNAL(connected()), this, SLOT(doAuth()));
connect(m_session, SIGNAL(finished(int)), this, SLOT(sessionFinished(int)));
m_socket->connectToServer(server, QIODevice::ReadWrite | QIODevice::Unbuffered);
}
void RfbInitializer::doTightAuth()
{
// Negotiate tunneling.
m_output->writeUInt32(0);
// Negotiate authentication.
// FIXME: Recognize authentication types.
if (Configurator::getInstance()->getServerConfig()->isUsingAuthentication()
&& m_authAllowed) {
CapContainer authInfo;
authInfo.addCap(AuthDefs::VNC, VendorDefs::STANDARD, AuthDefs::SIG_VNC);
m_output->writeUInt32(authInfo.getCapCount());
authInfo.sendCaps(m_output);
// Read the security type selected by the client.
UINT32 clientAuthValue = m_input->readUInt32();
if (!authInfo.includes(clientAuthValue)) {
throw Exception(_T(""));
}
doAuth(clientAuthValue);
} else {
m_output->writeUInt32(0);
doAuth(AuthDefs::NONE);
}
}
bool Connection::createConnection()
{
bool rval = false;
struct sockaddr_in remote = {};
remote.sin_port = htons(m_port);
remote.sin_family = AF_INET;
if (inet_aton(m_address.c_str(), (struct in_addr*)&remote.sin_addr.s_addr) == 0)
{
m_error = "Invalid address: ";
m_error += m_address;
}
else
{
int fd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (fd == -1)
{
char err[ERRBUF_SIZE];
m_error = "Failed to create socket: ";
m_error += strerror_r(errno, err, sizeof (err));
}
m_fd = fd;
if (connect(fd, (struct sockaddr*) &remote, sizeof (remote)) == -1)
{
char err[ERRBUF_SIZE];
m_error = "Failed to connect: ";
m_error += strerror_r(errno, err, sizeof (err));
}
else if (doAuth())
{
rval = doRegistration();
}
}
return rval;
}
void Router::onMessage(Connection *conn)
{
Buffer *pBuffer = conn->getBuffer();
while(true)
{
if(pBuffer->size() < ROUTER_HEAD_SIZE){
return ;
}
RouterMsg msg = unpackMsg(pBuffer->data());
if(pBuffer->size() < ROUTER_HEAD_SIZE + msg.slen + msg.len){
return ;
}
RouterMsg *pMsg = (RouterMsg*)pBuffer->data();
pMsg->type = msg.type;
pMsg->slen = msg.slen;
pMsg->len = msg.len;
LOG("on data, type=%d, slen=%d, len=%d", pMsg->type, pMsg->slen, pMsg->len);
switch(pMsg->type){
case ROUTER_MSG_AUTH:
doAuth(conn, pMsg);
break;
case ROUTER_MSG_CONN:
doConn(conn, pMsg);
break;
case ROUTER_MSG_CLOSE:
doClose(conn, pMsg);
break;
case ROUTER_MSG_KICK:
doKick(conn, pMsg);
break;
case ROUTER_MSG_SEND_MSG:
doSendMsg(conn, pMsg);
break;
case ROUTER_MSG_SEND_ALL:
doSendAllMsg(conn, pMsg);
break;
case ROUTER_MSG_CH_ADD:
doChannelAdd(conn, pMsg);
break;
case ROUTER_MSG_CH_DEL:
doChannelDel(conn, pMsg);
break;
case ROUTER_MSG_CH_PUB:
doChannelPub(conn, pMsg);
break;
case ROUTER_MSG_CH_SUB:
doChannelSub(conn, pMsg);
break;
case ROUTER_MSG_CH_UNSUB:
doChannelUnSub(conn, pMsg);
break;
case ROUTER_MSG_INFO:
doInfo(conn, pMsg);
break;
default:
LOG("[router]error type");
break;
}
pBuffer->seek(ROUTER_HEAD_SIZE + pMsg->slen + pMsg->len);
}
}
