Initial commit

2020-09-20 12:16:44 +00:00
parent 09a4460ddb
commit 408c005d3e
839 changed files with 190481 additions and 0 deletions
--- a/common/rfb/SSecurityPlain.cxx
+++ b/common/rfb/SSecurityPlain.cxx
@@ -0,0 +1,120 @@
+/* Copyright (C) 2005 Martin Koegler
+ * Copyright (C) 2006 OCCAM Financial Technology
+ * 
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ * 
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307,
+ * USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <rfb/SSecurityPlain.h>
+#include <rfb/SConnection.h>
+#include <rfb/Exception.h>
+#include <rdr/InStream.h>
+#ifdef HAVE_PAM
+#include <rfb/UnixPasswordValidator.h>
+#endif
+#ifdef BUILD_WIN
+#include <rfb/WinPasswdValidator.h>
+#endif
+
+using namespace rfb;
+
+StringParameter PasswordValidator::plainUsers
+("PlainUsers",
+ "Users permitted to access via Plain security type (including TLSPlain, X509Plain etc.)",
+ "");
+
+bool PasswordValidator::validUser(const char* username)
+{
+  CharArray users(strDup(plainUsers.getValueStr())), user;
+
+  while (users.buf) {
+    strSplit(users.buf, ',', &user.buf, &users.buf);
+#ifdef WIN32
+    if (0 == stricmp(user.buf, "*"))
+	  return true;
+    if (0 == stricmp(user.buf, username))
+	  return true;
+#else
+    if (!strcmp(user.buf, "*"))
+	  return true;
+    if (!strcmp(user.buf, username))
+	  return true;
+#endif
+  }
+  return false;
+}
+
+SSecurityPlain::SSecurityPlain()
+{
+#ifdef HAVE_PAM
+  valid = new UnixPasswordValidator();
+#elif BUILD_WIN
+  valid = new WinPasswdValidator();
+#else
+  valid = NULL;
+#endif
+
+  state = 0;
+}
+
+bool SSecurityPlain::processMsg(SConnection* sc)
+{
+  rdr::InStream* is = sc->getInStream();
+  char* pw;
+  char *uname;
+  CharArray password;
+
+  if (!valid)
+    throw AuthFailureException("No password validator configured");
+
+  if (state == 0) {
+    if (!is->checkNoWait(8))
+      return false;
+
+    ulen = is->readU32();
+    if (ulen > MaxSaneUsernameLength)
+      throw AuthFailureException("Too long username");
+
+    plen = is->readU32();
+    if (plen > MaxSanePasswordLength)
+      throw AuthFailureException("Too long password");
+
+    state = 1;
+  }
+
+  if (state == 1) {
+    if (!is->checkNoWait(ulen + plen))
+      return false;
+    state = 2;
+    pw = new char[plen + 1];
+    uname = new char[ulen + 1];
+    username.replaceBuf(uname);
+    password.replaceBuf(pw);
+    is->readBytes(uname, ulen);
+    is->readBytes(pw, plen);
+    pw[plen] = 0;
+    uname[ulen] = 0;
+    plen = 0;
+    if (!valid->validate(sc, uname, pw))
+      throw AuthFailureException("invalid password or username");
+  }
+
+  return true;
+}
+