void RfbInitializer::doVncAuth()
{
UINT8 challenge[16];
srand((unsigned)time(0));
for (int i = 0; i < sizeof(challenge); i++) {
challenge[i] = rand() & 0xff;
}
m_output->writeFully(challenge, sizeof(challenge));
UINT8 response[16];
m_input->readFully(response, sizeof(response));
checkForBan();
ServerConfig *srvConf = Configurator::getInstance()->getServerConfig();
if ( srvConf->shouldReloadConfigOnClientAuth() ) {
Configurator::getInstance()->reloadConfig();
srvConf = Configurator::getInstance()->getServerConfig();
}
bool hasPrim = srvConf->hasPrimaryPassword();
bool hasRdly = srvConf->hasReadOnlyPassword();
if (!hasPrim && !hasRdly) {
throw AuthException(_T("Server is not configured properly"));
}
if (hasPrim) {
UINT8 crypPrimPass[8];
srvConf->getPrimaryPassword(crypPrimPass);
VncPassCrypt passCrypt;
passCrypt.updatePlain(crypPrimPass);
if (passCrypt.challengeAndResponseIsValid(challenge, response)) {
return;
}
}
if (hasRdly) {
UINT8 crypReadOnlyPass[8];
srvConf->getReadOnlyPassword(crypReadOnlyPass);
VncPassCrypt passCrypt;
passCrypt.updatePlain(crypReadOnlyPass);
if (passCrypt.challengeAndResponseIsValid(challenge, response)) {
m_viewOnlyAuth = true;
return;
}
}
m_extAuthListener->onAuthFailed(m_client);
throw AuthException(_T("Authentication failed"));
}
void RfbInitializer::doVncAuth()
{
UINT8 challenge[16];
srand((unsigned)time(0));
for (int i = 0; i < sizeof(challenge); i++) {
challenge[i] = rand() & 0xff;
}
m_output->writeFully(challenge, sizeof(challenge));
UINT8 response[16];
m_input->readFully(response, sizeof(response));
// Checking for a ban after auth.
checkForBan();
// Comparing the challenge with the response.
ServerConfig *srvConf = Configurator::getInstance()->getServerConfig();
bool hasPrim = srvConf->hasPrimaryPassword();
bool hasRdly = srvConf->hasReadOnlyPassword();
if (!hasPrim && !hasRdly) {
throw AuthException(_T("Server is not configured properly"));
}
if (hasPrim) {
UINT8 crypPrimPass[8];
srvConf->getPrimaryPassword(crypPrimPass);
VncPassCrypt passCrypt;
passCrypt.updatePlain(crypPrimPass);
if (passCrypt.challengeAndResponseIsValid(challenge, response)) {
return;
}
}
if (hasRdly) {
UINT8 crypReadOnlyPass[8];
srvConf->getReadOnlyPassword(crypReadOnlyPass);
VncPassCrypt passCrypt;
passCrypt.updatePlain(crypReadOnlyPass);
if (passCrypt.challengeAndResponseIsValid(challenge, response)) {
m_viewOnlyAuth = true;
return;
}
}
// At this time we are sure that the client was typed an incorectly password.
m_extAuthListener->onAuthFailed(m_client);
throw AuthException(_T("Authentication failed"));
}
bool ControlAppAuthenticator::authenticate(const UINT8 cryptPassword[8],
const UINT8 challenge[8],
const UINT8 response[8])
{
AutoLock al(&m_authMutex);
checkBeforeAuth();
if (m_isBreaked) {
return false;
}
VncPassCrypt passCrypt;
passCrypt.updatePlain(cryptPassword);
bool isAuthSucceed = passCrypt.challengeAndResponseIsValid(challenge,
response);
if (!isAuthSucceed) {
notifyAbAuthFailed();
}
return isAuthSucceed;
}