Merge branch 'VeNCrypt'

configure.ac

@@ -681,6 +681,22 @@ if test ! -z "$MINGW"; then
 fi
 AC_SUBST(WSOCKLIB)
 
+# Checks for GnuTLS
+AH_TEMPLATE(WITH_CLIENT_TLS, [Enable support for gnutls in libvncclient])
+AC_ARG_WITH(gnutls,
+[  --without-gnutls        disable support for gnutls],,)
+AC_ARG_WITH(client-tls,
+[  --without-client-tls    disable support for gnutls in libvncclient],,)
+
+if test "x$with_gnutls" != "xno"; then
+	PKG_CHECK_MODULES(GNUTLS, gnutls >= 2.8.0, , with_client_tls=no)
+	CFLAGS="$CFLAGS $GNUTLS_CFLAGS"
+	LIBS="$LIBS $GNUTLS_LIBS"
+	if test "x$with_client_tls" != "xno"; then
+		AC_DEFINE(WITH_CLIENT_TLS)
+	fi
+fi
+
 # Checks for header files.
 AC_HEADER_STDC
 AC_CHECK_HEADERS([arpa/inet.h fcntl.h netdb.h netinet/in.h stdlib.h string.h sys/socket.h sys/time.h sys/timeb.h syslog.h unistd.h])

libvncclient/Makefile.am

 INCLUDES = -I$(top_srcdir)
 
-libvncclient_la_SOURCES=cursor.c listen.c rfbproto.c sockets.c vncviewer.c minilzo.c
+libvncclient_la_SOURCES=cursor.c listen.c rfbproto.c sockets.c vncviewer.c minilzo.c tls.c
 
-noinst_HEADERS=lzoconf.h minilzo.h
+noinst_HEADERS=lzoconf.h minilzo.h tls.h
 
 rfbproto.o: rfbproto.c corre.c hextile.c rre.c tight.c zlib.c zrle.c ultra.c
 
-EXTRA_DIST=corre.c hextile.c rre.c tight.c zlib.c zrle.c ultra.c
+EXTRA_DIST=corre.c hextile.c rre.c tight.c zlib.c zrle.c ultra.c tls.c
 
 $(libvncclient_la_OBJECTS): ../rfb/rfbclient.h
 

libvncclient/sockets.c

@@ -44,6 +44,7 @@
 #include <arpa/inet.h>
 #include <netdb.h>
 #endif
+#include "tls.h"
 
 void PrintInHex(char *buf, int len);
 
@@ -128,7 +129,16 @@ ReadFromRFBServer(rfbClient* client, char *out, unsigned int n)
   if (n <= RFB_BUF_SIZE) {
 
     while (client->buffered < n) {
-      int i = read(client->sock, client->buf + client->buffered, RFB_BUF_SIZE - client->buffered);
+      int i;
+#ifdef LIBVNCSERVER_WITH_CLIENT_TLS
+      if (client->tlsSession) {
+        i = ReadFromTLS(client, client->buf + client->buffered, RFB_BUF_SIZE - client->buffered);
+      } else {
+#endif
+        i = read(client->sock, client->buf + client->buffered, RFB_BUF_SIZE - client->buffered);
+#ifdef LIBVNCSERVER_WITH_CLIENT_TLS
+      }
+#endif
       if (i <= 0) {
 	if (i < 0) {
 #ifdef WIN32
@@ -160,7 +170,16 @@ ReadFromRFBServer(rfbClient* client, char *out, unsigned int n)
   } else {
 
     while (n > 0) {
-      int i = read(client->sock, out, n);
+      int i;
+#ifdef LIBVNCSERVER_WITH_CLIENT_TLS
+      if (client->tlsSession) {
+        i = ReadFromTLS(client, out, n);
+      } else {
+#endif
+        i = read(client->sock, out, n);
+#ifdef LIBVNCSERVER_WITH_CLIENT_TLS
+      }
+#endif
       if (i <= 0) {
 	if (i < 0) {
 #ifdef WIN32
@@ -214,6 +233,16 @@ WriteToRFBServer(rfbClient* client, char *buf, int n)
   if (client->serverPort==-1)
     return TRUE; /* vncrec playing */
 
+#ifdef LIBVNCSERVER_WITH_CLIENT_TLS
+  if (client->tlsSession) {
+    /* WriteToTLS() will guarantee either everything is written, or error/eof returns */
+    i = WriteToTLS(client, buf, n);
+    if (i <= 0) return FALSE;
+
+    return TRUE;
+  }
+#endif
+
   while (i < n) {
     j = write(client->sock, buf + i, (n - i));
     if (j <= 0) {

libvncclient/tls.h

+#ifndef TLS_H
+#define TLS_H
+
+/*
+ *  Copyright (C) 2009 Vic Lee.
+ *
+ *  This is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This software is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this software; if not, write to the Free Software
+ *  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307,
+ *  USA.
+ */
+
+/* Handle Anonymous TLS Authentication (18) with the server.
+ * After authentication, client->tlsSession will be set.
+ */
+rfbBool HandleAnonTLSAuth(rfbClient* client);
+
+/* Handle VeNCrypt Authentication (19) with the server.
+ * The callback function GetX509Credential will be called.
+ * After authentication, client->tlsSession will be set.
+ */
+rfbBool HandleVeNCryptAuth(rfbClient* client);
+
+/* Read desired bytes from TLS session.
+ * It's a wrapper function over gnutls_record_recv() and return values
+ * are same as read(), that is, >0 for actual bytes read, 0 for EOF,
+ * or EAGAIN, EINTR.
+ * This should be a non-blocking call. Blocking is handled in sockets.c.
+ */
+int ReadFromTLS(rfbClient* client, char *out, unsigned int n);
+
+/* Write desired bytes to TLS session.
+ * It's a wrapper function over gnutls_record_send() and it will be
+ * blocking call, until all bytes are written or error returned.
+ */
+int WriteToTLS(rfbClient* client, char *buf, unsigned int n);
+
+/* Free TLS resources */
+void FreeTLS(rfbClient* client);
+
+#endif /* TLS_H */

libvncclient/vncviewer.c

@@ -30,6 +30,7 @@
 #include <string.h>
 #include <time.h>
 #include <rfb/rfbclient.h>
+#include "tls.h"
 
 static void Dummy(rfbClient* client) {
 }
@@ -181,6 +182,13 @@ rfbClient* rfbGetClient(int bitsPerSample,int samplesPerPixel,
   client->CurrentKeyboardLedState = 0;
   client->HandleKeyboardLedState = (HandleKeyboardLedStateProc)DummyPoint;
 
+  client->authScheme = 0;
+  client->subAuthScheme = 0;
+  client->GetCredential = NULL;
+#ifdef LIBVNCSERVER_WITH_CLIENT_TLS
+  client->tlsSession = NULL;
+#endif
+
   return client;
 }
 
@@ -323,6 +331,7 @@ void rfbClientCleanup(rfbClient* client) {
 #endif
 #endif
 
+  FreeTLS(client);
   if (client->sock > 0)
     close(client->sock);
   free(client->desktopName);

libvncserver/vncauth.c

@@ -191,3 +191,18 @@ rfbEncryptBytes(unsigned char *bytes, char *passwd)
 	rfbDes(bytes+i, bytes+i);
     }
 }
+
+void
+rfbEncryptBytes2(unsigned char *where, const int length, unsigned char *key) {
+  int i, j;
+  rfbDesKey(key, EN0);
+  for (i = 0; i< 8; i++)
+    where[i] ^= key[i];
+  rfbDes(where, where);
+  for (i = 8; i < length; i += 8) {
+    for (j = 0; j < 8; j++)
+      where[i + j] ^= where[i + j - 8];
+      rfbDes(where + i, where + i);
+  }
+}
+

rfb/rfbclient.h

@@ -33,6 +33,9 @@
 #include <unistd.h>
 #include <rfb/rfbproto.h>
 #include <rfb/keysym.h>
+#ifdef LIBVNCSERVER_WITH_CLIENT_TLS
+#include <gnutls/gnutls.h>
+#endif
 
 #define rfbClientSwap16IfLE(s) \
     (*(char *)&client->endianTest ? ((((s) & 0xff) << 8) | (((s) >> 8) & 0xff)) : (s))
@@ -43,6 +46,16 @@
 			     (((l) & 0x0000ff00) << 8)  | \
 			     (((l) & 0x000000ff) << 24))  : (l))
 
+#define rfbClientSwap64IfLE(l) \
+    (*(char *)&client->endianTest ? ((((l) & 0xff00000000000000ULL) >> 56) | \
+			     (((l) & 0x00ff000000000000ULL) >> 40)  | \
+			     (((l) & 0x0000ff0000000000ULL) >> 24)  | \
+			     (((l) & 0x000000ff00000000ULL) >> 8)  | \
+			     (((l) & 0x00000000ff000000ULL) << 8)  | \
+			     (((l) & 0x0000000000ff0000ULL) << 24)  | \
+			     (((l) & 0x000000000000ff00ULL) << 40)  | \
+			     (((l) & 0x00000000000000ffULL) << 56))  : (l))
+
 #define FLASH_PORT_OFFSET 5400
 #define LISTEN_PORT_OFFSET 5500
 #define TUNNEL_PORT_OFFSET 5500
@@ -98,6 +111,27 @@ typedef struct {
   int scaleSetting; /* 0 means no scale set, else 1/scaleSetting */
 } AppData;
 
+/* For GetCredentialProc callback function to return */
+typedef union _rfbCredential
+{
+  /* X509 (VeNCrypt) */
+  struct
+  {
+    char *x509CACertFile;
+    char *x509CACrlFile;
+    char *x509ClientCertFile;
+    char *x509ClientKeyFile;
+  } x509Credential;
+  /* Plain (VeNCrypt), MSLogon (UltraVNC) */
+  struct
+  {
+    char *username;
+    char *password;
+  } userCredential;
+} rfbCredential;
+
+#define rfbCredentialTypeX509 1
+#define rfbCredentialTypeUser 2
 
 struct _rfbClient;
 
@@ -109,6 +143,7 @@ typedef void (*SoftCursorUnlockScreenProc)(struct _rfbClient* client);
 typedef void (*GotFrameBufferUpdateProc)(struct _rfbClient* client, int x, int y, int w, int h);
 typedef void (*FinishedFrameBufferUpdateProc)(struct _rfbClient* client);
 typedef char* (*GetPasswordProc)(struct _rfbClient* client);
+typedef rfbCredential* (*GetCredentialProc)(struct _rfbClient* client, int credentialType);
 typedef rfbBool (*MallocFrameBufferProc)(struct _rfbClient* client);
 typedef void (*GotXCutTextProc)(struct _rfbClient* client, const char *text, int textlen);
 typedef void (*BellProc)(struct _rfbClient* client);
@@ -254,6 +289,22 @@ typedef struct _rfbClient {
 
 	/* negotiated protocol version */
 	int major, minor;
+
+	/* The selected security types */
+	uint32_t authScheme, subAuthScheme;
+
+#ifdef LIBVNCSERVER_WITH_CLIENT_TLS
+	/* The TLS session for Anonymous TLS and VeNCrypt */
+	gnutls_session_t tlsSession;
+#endif
+
+	/* To support security types that requires user input (except VNC password
+	 * authentication), for example VeNCrypt and MSLogon, this callback function
+	 * must be set before the authentication. Otherwise, it implicates that the
+	 * caller application does not support it and related security types should
+	 * be bypassed.
+	 */
+	GetCredentialProc GetCredential;
 } rfbClient;
 
 /* cursor.c */

rfb/rfbproto.h

@@ -264,6 +264,18 @@ typedef char rfbProtocolVersionMsg[13];	/* allow extra byte for null */
 #define rfbTight 16
 #define rfbUltra 17
 #define rfbTLS 18
+#define rfbVeNCrypt 19
+#define rfbMSLogon 0xfffffffa
+
+#define rfbVeNCryptPlain 256
+#define rfbVeNCryptTLSNone 257
+#define rfbVeNCryptTLSVNC 258
+#define rfbVeNCryptTLSPlain 259
+#define rfbVeNCryptX509None 260
+#define rfbVeNCryptX509VNC 261
+#define rfbVeNCryptX509Plain 262
+#define rfbVeNCryptX509SASL 263
+#define rfbVeNCryptTLSSASL 264
 
 /*
  * rfbConnFailed:	For some reason the connection failed (e.g. the server