void RfbInitializer::initAuthenticate()
{
try {
// Determine effective security type from the configuration.
UINT32 primSecType = SecurityDefs::VNC;
if (!Configurator::getInstance()->getServerConfig()->isUsingAuthentication()
|| !m_authAllowed) {
primSecType = SecurityDefs::NONE;
}
// Here the protocol varies between versions 3.3 and 3.7+.
if (m_minorVerNum >= 7) {
// Send a list with two security types -- VNC-compatible security type
// and a special code allowing to enable TightVNC protocol extensions.
m_output->writeUInt8(2);
m_output->writeUInt8(primSecType);
m_output->writeUInt8(SecurityDefs::TIGHT);
// Read what the client has actually selected.
UINT8 clientSecType = m_input->readUInt8();
if (clientSecType == SecurityDefs::TIGHT) {
m_tightEnabled = true;
doTightAuth();
} else {
if (clientSecType != primSecType) {
throw Exception(_T("Security types do not match"));
}
doAuth(AuthDefs::convertFromSecurityType(clientSecType));
}
} else {
// Just tell the client we will use the configured security type.
m_output->writeUInt32(primSecType);
doAuth(AuthDefs::convertFromSecurityType(primSecType));
}
} catch (AuthException &e) {
// FIXME: The authentication result must be sent in protocols 3.3 and 3.7
// as well, unless the authentication was set to AuthDefs::NONE.
if (m_minorVerNum >= 8) {
AnsiStringStorage reason(&StringStorage(e.getMessage()));
unsigned int reasonLen = (unsigned int)reason.getLength();
_ASSERT(reasonLen == reason.getLength());
m_output->writeUInt32(1); // FIXME: Use a named constant instead of 1.
m_output->writeUInt32(reasonLen);
m_output->writeFully(reason.getString(), reasonLen);
}
throw;
}
}
void RfbInitializer::initAuthenticate()
{
try {
UINT32 primSecType = SecurityDefs::VNC;
if (!Configurator::getInstance()->getServerConfig()->isUsingAuthentication()
|| !m_authAllowed) {
primSecType = SecurityDefs::NONE;
}
if (m_minorVerNum >= 7) {
m_output->writeUInt8(2);
m_output->writeUInt8(primSecType);
m_output->writeUInt8(SecurityDefs::TIGHT);
UINT8 clientSecType = m_input->readUInt8();
if (clientSecType == SecurityDefs::TIGHT) {
m_tightEnabled = true;
doTightAuth();
} else {
if (clientSecType != primSecType) {
throw Exception(_T("Security types do not match"));
}
doAuth(AuthDefs::convertFromSecurityType(clientSecType));
}
} else {
m_output->writeUInt32(primSecType);
doAuth(AuthDefs::convertFromSecurityType(primSecType));
}
} catch (AuthException &e) {
if (m_minorVerNum >= 8) {
StringStorage errorMessage(e.getMessage());
size_t reasonLen = errorMessage.getLength();
char *reason = new char[reasonLen + 1];
try {
if (errorMessage.toAnsiString(reason, reasonLen + 1)) {
m_output->writeUInt32(1);
m_output->writeUInt32(reasonLen);
m_output->writeFully(reason, reasonLen);
}
} catch (...) {
delete reason;
throw;
}
delete reason;
}
throw;
}
}