tigervnc/u_tigervnc-show-unencrypted-warning.patch

Author: Michal Srb <michalsrb@gmail.com>
Subject: Display warning in window title when no encryption is in use.
Patch-Mainline: To be upstreamed
References: fate#319701

Index: tigervnc-1.6.0/common/rfb/CSecurityPlain.cxx
===================================================================
--- tigervnc-1.6.0.orig/common/rfb/CSecurityPlain.cxx
+++ tigervnc-1.6.0/common/rfb/CSecurityPlain.cxx
@@ -31,7 +31,7 @@ bool CSecurityPlain::processMsg(CConnect
   CharArray username;
   CharArray password;
 
-  (CSecurity::upg)->getUserPasswd(&username.buf, &password.buf);
+  (CSecurity::upg)->getUserPasswd(&username.buf, &password.buf, cc->csecurity->getType());
 
   // Return the response to the server
   os->writeU32(strlen(username.buf));
Index: tigervnc-1.6.0/common/rfb/CSecurityVncAuth.cxx
===================================================================
--- tigervnc-1.6.0.orig/common/rfb/CSecurityVncAuth.cxx
+++ tigervnc-1.6.0/common/rfb/CSecurityVncAuth.cxx
@@ -46,7 +46,7 @@ bool CSecurityVncAuth::processMsg(CConne
   rdr::U8 challenge[vncAuthChallengeSize];
   is->readBytes(challenge, vncAuthChallengeSize);
   PlainPasswd passwd;
-  (CSecurity::upg)->getUserPasswd(0, &passwd.buf);
+  (CSecurity::upg)->getUserPasswd(0, &passwd.buf, cc->csecurity->getType());
 
   // Calculate the correct response
   rdr::U8 key[8];
Index: tigervnc-1.6.0/common/rfb/Security.cxx
===================================================================
--- tigervnc-1.6.0.orig/common/rfb/Security.cxx
+++ tigervnc-1.6.0/common/rfb/Security.cxx
@@ -206,3 +206,19 @@ std::list<rdr::U32> rfb::parseSecTypes(c
   }
   return result;
 }
+
+bool rfb::isSecTypeEncrypted(rdr::U32 num)
+{
+  switch (num) {
+  case secTypeTLSNone:
+  case secTypeTLSVnc:
+  case secTypeTLSPlain:
+  case secTypeX509None:
+  case secTypeX509Vnc:
+  case secTypeX509Plain:
+    return true;
+
+  default:
+    return false;
+  }
+}
Index: tigervnc-1.6.0/common/rfb/Security.h
===================================================================
--- tigervnc-1.6.0.orig/common/rfb/Security.h
+++ tigervnc-1.6.0/common/rfb/Security.h
@@ -104,6 +104,8 @@ namespace rfb {
   const char* secTypeName(rdr::U32 num);
   rdr::U32 secTypeNum(const char* name);
   std::list<rdr::U32> parseSecTypes(const char* types);
+
+  bool isSecTypeEncrypted(rdr::U32 num);
 }
 
 #endif
Index: tigervnc-1.6.0/common/rfb/UserPasswdGetter.h
===================================================================
--- tigervnc-1.6.0.orig/common/rfb/UserPasswdGetter.h
+++ tigervnc-1.6.0/common/rfb/UserPasswdGetter.h
@@ -17,6 +17,9 @@
  */
 #ifndef __RFB_USERPASSWDGETTER_H__
 #define __RFB_USERPASSWDGETTER_H__
+
+#include <rdr/types.h>
+
 namespace rfb {
   class UserPasswdGetter {
   public:
@@ -24,7 +27,7 @@ namespace rfb {
     // dialog, getpass(), etc.  The user buffer pointer can be null, in which
     // case no user name will be retrieved.  The caller MUST delete [] the
     // result(s).
-    virtual void getUserPasswd(char** user, char** password)=0;
+    virtual void getUserPasswd(char** user, char** password, rdr::U32 secType)=0;
   };
 }
 #endif
Index: tigervnc-1.6.0/vncviewer/DesktopWindow.cxx
===================================================================
--- tigervnc-1.6.0.orig/vncviewer/DesktopWindow.cxx
+++ tigervnc-1.6.0/vncviewer/DesktopWindow.cxx
@@ -27,6 +27,7 @@
 
 #include <rfb/LogWriter.h>
 #include <rfb/CMsgWriter.h>
+#include <rfb/Security.h>
 
 #include "DesktopWindow.h"
 #include "OptionsDialog.h"
@@ -206,7 +207,11 @@ void DesktopWindow::setName(const char *
   CharArray windowNameStr;
   windowNameStr.replaceBuf(new char[256]);
 
-  snprintf(windowNameStr.buf, 256, "%.240s - TigerVNC", name);
+  const char *warning = "";
+  if (!rfb::isSecTypeEncrypted(cc->csecurity->getType()))
+    warning = _("(Connection not encrypted!)");
+
+  snprintf(windowNameStr.buf, 256, "%.240s - TigerVNC %s", name, warning);
 
   copy_label(windowNameStr.buf);
 }
Index: tigervnc-1.6.0/vncviewer/UserDialog.cxx
===================================================================
--- tigervnc-1.6.0.orig/vncviewer/UserDialog.cxx
+++ tigervnc-1.6.0/vncviewer/UserDialog.cxx
@@ -32,10 +32,12 @@
 #include <FL/Fl_Secret_Input.H>
 #include <FL/Fl_Button.H>
 #include <FL/Fl_Return_Button.H>
+#include <FL/Fl_Text_Display.H>
 
 #include <rfb/util.h>
 #include <rfb/Password.h>
 #include <rfb/Exception.h>
+#include <rfb/Security.h>
 
 #include "i18n.h"
 #include "fltk_layout.h"
@@ -59,7 +61,7 @@ UserDialog::~UserDialog()
 {
 }
 
-void UserDialog::getUserPasswd(char** user, char** password)
+void UserDialog::getUserPasswd(char** user, char** password, rdr::U32 secType)
 {
   CharArray passwordFileStr(passwordFile.getData());
 
@@ -82,8 +84,12 @@ void UserDialog::getUserPasswd(char** us
     return;
   }
 
+  const char* title = _("VNC authentication");
+  if (!rfb::isSecTypeEncrypted(secType))
+    title = _("VNC authentication (Connection not encrypted!)");
+
   if (!user) {
-    fl_message_title(_("VNC authentication"));
+    fl_message_title(title);
     *password = strDup(fl_password(_("Password:"), ""));
     if (!*password)
       throw rfb::Exception(_("Authentication cancelled"));
@@ -93,7 +99,7 @@ void UserDialog::getUserPasswd(char** us
 
   // Largely copied from FLTK so that we get the same look and feel
   // as the simpler password input.
-  Fl_Window *win = new Fl_Window(410, 145, _("VNC authentication"));
+  Fl_Window *win = new Fl_Window(410, 145, title);
   win->callback(button_cb,(void *)0);
 
   Fl_Input *username = new Fl_Input(70, 25, 300, 25, _("Username:"));
Index: tigervnc-1.6.0/vncviewer/UserDialog.h
===================================================================
--- tigervnc-1.6.0.orig/vncviewer/UserDialog.h
+++ tigervnc-1.6.0/vncviewer/UserDialog.h
@@ -31,7 +31,7 @@ public:
 
   // UserPasswdGetter callbacks
 
-  void getUserPasswd(char** user, char** password);
+  void getUserPasswd(char** user, char** password, rdr::U32 secType);
 
   // UserMsgBox callbacks