tigervnc/u_tigervnc-show-unencrypted-warning.patch

179 lines
5.9 KiB
Diff
Raw Normal View History

Author: Michal Srb <michalsrb@gmail.com>
Subject: Display warning in window title when no encryption is in use.
Patch-Mainline: To be upstreamed
References: fate#319701
Index: tigervnc-1.6.0/common/rfb/CSecurityPlain.cxx
===================================================================
--- tigervnc-1.6.0.orig/common/rfb/CSecurityPlain.cxx
+++ tigervnc-1.6.0/common/rfb/CSecurityPlain.cxx
@@ -31,7 +31,7 @@ bool CSecurityPlain::processMsg(CConnect
CharArray username;
CharArray password;
- (CSecurity::upg)->getUserPasswd(&username.buf, &password.buf);
+ (CSecurity::upg)->getUserPasswd(&username.buf, &password.buf, cc->csecurity->getType());
// Return the response to the server
os->writeU32(strlen(username.buf));
Index: tigervnc-1.6.0/common/rfb/CSecurityVncAuth.cxx
===================================================================
--- tigervnc-1.6.0.orig/common/rfb/CSecurityVncAuth.cxx
+++ tigervnc-1.6.0/common/rfb/CSecurityVncAuth.cxx
@@ -46,7 +46,7 @@ bool CSecurityVncAuth::processMsg(CConne
rdr::U8 challenge[vncAuthChallengeSize];
is->readBytes(challenge, vncAuthChallengeSize);
PlainPasswd passwd;
- (CSecurity::upg)->getUserPasswd(0, &passwd.buf);
+ (CSecurity::upg)->getUserPasswd(0, &passwd.buf, cc->csecurity->getType());
// Calculate the correct response
rdr::U8 key[8];
Index: tigervnc-1.6.0/common/rfb/Security.cxx
===================================================================
--- tigervnc-1.6.0.orig/common/rfb/Security.cxx
+++ tigervnc-1.6.0/common/rfb/Security.cxx
@@ -206,3 +206,19 @@ std::list<rdr::U32> rfb::parseSecTypes(c
}
return result;
}
+
+bool rfb::isSecTypeEncrypted(rdr::U32 num)
+{
+ switch (num) {
+ case secTypeTLSNone:
+ case secTypeTLSVnc:
+ case secTypeTLSPlain:
+ case secTypeX509None:
+ case secTypeX509Vnc:
+ case secTypeX509Plain:
+ return true;
+
+ default:
+ return false;
+ }
+}
Index: tigervnc-1.6.0/common/rfb/Security.h
===================================================================
--- tigervnc-1.6.0.orig/common/rfb/Security.h
+++ tigervnc-1.6.0/common/rfb/Security.h
@@ -104,6 +104,8 @@ namespace rfb {
const char* secTypeName(rdr::U32 num);
rdr::U32 secTypeNum(const char* name);
std::list<rdr::U32> parseSecTypes(const char* types);
+
+ bool isSecTypeEncrypted(rdr::U32 num);
}
#endif
Index: tigervnc-1.6.0/common/rfb/UserPasswdGetter.h
===================================================================
--- tigervnc-1.6.0.orig/common/rfb/UserPasswdGetter.h
+++ tigervnc-1.6.0/common/rfb/UserPasswdGetter.h
@@ -17,6 +17,9 @@
*/
#ifndef __RFB_USERPASSWDGETTER_H__
#define __RFB_USERPASSWDGETTER_H__
+
+#include <rdr/types.h>
+
namespace rfb {
class UserPasswdGetter {
public:
@@ -24,7 +27,7 @@ namespace rfb {
// dialog, getpass(), etc. The user buffer pointer can be null, in which
// case no user name will be retrieved. The caller MUST delete [] the
// result(s).
- virtual void getUserPasswd(char** user, char** password)=0;
+ virtual void getUserPasswd(char** user, char** password, rdr::U32 secType)=0;
};
}
#endif
Index: tigervnc-1.6.0/vncviewer/DesktopWindow.cxx
===================================================================
--- tigervnc-1.6.0.orig/vncviewer/DesktopWindow.cxx
+++ tigervnc-1.6.0/vncviewer/DesktopWindow.cxx
@@ -27,6 +27,7 @@
#include <rfb/LogWriter.h>
#include <rfb/CMsgWriter.h>
+#include <rfb/Security.h>
#include "DesktopWindow.h"
#include "OptionsDialog.h"
@@ -206,7 +207,11 @@ void DesktopWindow::setName(const char *
CharArray windowNameStr;
windowNameStr.replaceBuf(new char[256]);
- snprintf(windowNameStr.buf, 256, "%.240s - TigerVNC", name);
+ const char *warning = "";
+ if (!rfb::isSecTypeEncrypted(cc->csecurity->getType()))
+ warning = _("(Connection not encrypted!)");
+
+ snprintf(windowNameStr.buf, 256, "%.240s - TigerVNC %s", name, warning);
copy_label(windowNameStr.buf);
}
Index: tigervnc-1.6.0/vncviewer/UserDialog.cxx
===================================================================
--- tigervnc-1.6.0.orig/vncviewer/UserDialog.cxx
+++ tigervnc-1.6.0/vncviewer/UserDialog.cxx
@@ -32,10 +32,12 @@
#include <FL/Fl_Secret_Input.H>
#include <FL/Fl_Button.H>
#include <FL/Fl_Return_Button.H>
+#include <FL/Fl_Text_Display.H>
#include <rfb/util.h>
#include <rfb/Password.h>
#include <rfb/Exception.h>
+#include <rfb/Security.h>
#include "i18n.h"
#include "fltk_layout.h"
@@ -59,7 +61,7 @@ UserDialog::~UserDialog()
{
}
-void UserDialog::getUserPasswd(char** user, char** password)
+void UserDialog::getUserPasswd(char** user, char** password, rdr::U32 secType)
{
CharArray passwordFileStr(passwordFile.getData());
@@ -82,8 +84,12 @@ void UserDialog::getUserPasswd(char** us
return;
}
+ const char* title = _("VNC authentication");
+ if (!rfb::isSecTypeEncrypted(secType))
+ title = _("VNC authentication (Connection not encrypted!)");
+
if (!user) {
- fl_message_title(_("VNC authentication"));
+ fl_message_title(title);
*password = strDup(fl_password(_("Password:"), ""));
if (!*password)
throw rfb::Exception(_("Authentication cancelled"));
@@ -93,7 +99,7 @@ void UserDialog::getUserPasswd(char** us
// Largely copied from FLTK so that we get the same look and feel
// as the simpler password input.
- Fl_Window *win = new Fl_Window(410, 145, _("VNC authentication"));
+ Fl_Window *win = new Fl_Window(410, 145, title);
win->callback(button_cb,(void *)0);
Fl_Input *username = new Fl_Input(70, 25, 300, 25, _("Username:"));
Index: tigervnc-1.6.0/vncviewer/UserDialog.h
===================================================================
--- tigervnc-1.6.0.orig/vncviewer/UserDialog.h
+++ tigervnc-1.6.0/vncviewer/UserDialog.h
@@ -31,7 +31,7 @@ public:
// UserPasswdGetter callbacks
- void getUserPasswd(char** user, char** password);
+ void getUserPasswd(char** user, char** password, rdr::U32 secType);
// UserMsgBox callbacks