Пример #1
0
void RfbInitializer::doVncAuth()
{
  UINT8 challenge[16];
  srand((unsigned)time(0));
  for (int i = 0; i < sizeof(challenge); i++) {
    challenge[i] = rand() & 0xff;
  }

  m_output->writeFully(challenge, sizeof(challenge));
  UINT8 response[16];
  m_input->readFully(response, sizeof(response));
  checkForBan();

  ServerConfig *srvConf = Configurator::getInstance()->getServerConfig();
  if ( srvConf->shouldReloadConfigOnClientAuth() ) {
	  Configurator::getInstance()->reloadConfig();
	  srvConf = Configurator::getInstance()->getServerConfig();
  }

  bool hasPrim = srvConf->hasPrimaryPassword();
  bool hasRdly = srvConf->hasReadOnlyPassword();

  if (!hasPrim && !hasRdly) {
    throw AuthException(_T("Server is not configured properly"));
  }

  if (hasPrim) {
    UINT8 crypPrimPass[8];
    srvConf->getPrimaryPassword(crypPrimPass);
    VncPassCrypt passCrypt;
    passCrypt.updatePlain(crypPrimPass);
    if (passCrypt.challengeAndResponseIsValid(challenge, response)) {
      return;
    }
  }
  if (hasRdly) {
    UINT8 crypReadOnlyPass[8];
    srvConf->getReadOnlyPassword(crypReadOnlyPass);
    VncPassCrypt passCrypt;
    passCrypt.updatePlain(crypReadOnlyPass);
    if (passCrypt.challengeAndResponseIsValid(challenge, response)) {
      m_viewOnlyAuth = true;
      return;
    }
  }
  m_extAuthListener->onAuthFailed(m_client);
  throw AuthException(_T("Authentication failed"));
}
Пример #2
0
void RfbInitializer::doVncAuth()
{
  UINT8 challenge[16];
  srand((unsigned)time(0));
  for (int i = 0; i < sizeof(challenge); i++) {
    challenge[i] = rand() & 0xff;
  }

  m_output->writeFully(challenge, sizeof(challenge));
  UINT8 response[16];
  m_input->readFully(response, sizeof(response));
  // Checking for a ban after auth.
  checkForBan();

  // Comparing the challenge with the response.
  ServerConfig *srvConf = Configurator::getInstance()->getServerConfig();
  bool hasPrim = srvConf->hasPrimaryPassword();
  bool hasRdly = srvConf->hasReadOnlyPassword();

  if (!hasPrim && !hasRdly) {
    throw AuthException(_T("Server is not configured properly"));
  }

  if (hasPrim) {
    UINT8 crypPrimPass[8];
    srvConf->getPrimaryPassword(crypPrimPass);
    VncPassCrypt passCrypt;
    passCrypt.updatePlain(crypPrimPass);
    if (passCrypt.challengeAndResponseIsValid(challenge, response)) {
      return;
    }
  }
  if (hasRdly) {
    UINT8 crypReadOnlyPass[8];
    srvConf->getReadOnlyPassword(crypReadOnlyPass);
    VncPassCrypt passCrypt;
    passCrypt.updatePlain(crypReadOnlyPass);
    if (passCrypt.challengeAndResponseIsValid(challenge, response)) {
      m_viewOnlyAuth = true;
      return;
    }
  }
  // At this time we are sure that the client was typed an incorectly password.
  m_extAuthListener->onAuthFailed(m_client);
  throw AuthException(_T("Authentication failed"));
}
Пример #3
0
bool ControlAppAuthenticator::authenticate(const UINT8 cryptPassword[8],
                                           const UINT8 challenge[8],
                                           const UINT8 response[8])
{
  AutoLock al(&m_authMutex);

  checkBeforeAuth();
  if (m_isBreaked) {
    return false;
  }

  VncPassCrypt passCrypt;
  passCrypt.updatePlain(cryptPassword);
  bool isAuthSucceed = passCrypt.challengeAndResponseIsValid(challenge,
                                                             response);

  if (!isAuthSucceed) {
    notifyAbAuthFailed();
  }

  return isAuthSucceed;
}