Mercurial > hg > Applications > TightVNC_orginal
comparison src/main/java/com/glavsoft/rfb/protocol/auth/TightAuthentication.java @ 0:4689cc86d6cb
create TreeViewer2 Repository
| author | Yu Taninari <you@cr.ie.u-ryukyu.ac.jp> |
|---|---|
| date | Tue, 03 Jul 2012 13:20:49 +0900 |
| parents | |
| children | 472a9bcacb21 |
comparison
equal
deleted
inserted
replaced
| -1:000000000000 | 0:4689cc86d6cb |
|---|---|
| 1 // Copyright (C) 2010, 2011 GlavSoft LLC. | |
| 2 // All rights reserved. | |
| 3 // | |
| 4 //------------------------------------------------------------------------- | |
| 5 // This file is part of the TightVNC software. Please visit our Web site: | |
| 6 // | |
| 7 // http://www.tightvnc.com/ | |
| 8 // | |
| 9 // This program is free software; you can redistribute it and/or modify | |
| 10 // it under the terms of the GNU General Public License as published by | |
| 11 // the Free Software Foundation; either version 2 of the License, or | |
| 12 // (at your option) any later version. | |
| 13 // | |
| 14 // This program is distributed in the hope that it will be useful, | |
| 15 // but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 16 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| 17 // GNU General Public License for more details. | |
| 18 // | |
| 19 // You should have received a copy of the GNU General Public License along | |
| 20 // with this program; if not, write to the Free Software Foundation, Inc., | |
| 21 // 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
| 22 //------------------------------------------------------------------------- | |
| 23 // | |
| 24 | |
| 25 package com.glavsoft.rfb.protocol.auth; | |
| 26 | |
| 27 import java.util.logging.Logger; | |
| 28 | |
| 29 import com.glavsoft.exceptions.FatalException; | |
| 30 import com.glavsoft.exceptions.TransportException; | |
| 31 import com.glavsoft.exceptions.UnsupportedSecurityTypeException; | |
| 32 import com.glavsoft.rfb.CapabilityContainer; | |
| 33 import com.glavsoft.rfb.IPasswordRetriever; | |
| 34 import com.glavsoft.rfb.RfbCapabilityInfo; | |
| 35 import com.glavsoft.rfb.protocol.state.SecurityTypeState; | |
| 36 import com.glavsoft.transport.Reader; | |
| 37 import com.glavsoft.transport.Writer; | |
| 38 | |
| 39 /** | |
| 40 * | |
| 41 */ | |
| 42 public class TightAuthentication extends AuthHandler { | |
| 43 | |
| 44 @Override | |
| 45 public SecurityType getType() { | |
| 46 return SecurityType.TIGHT_AUTHENTICATION; | |
| 47 } | |
| 48 | |
| 49 @Override | |
| 50 public boolean authenticate(Reader reader, Writer writer, | |
| 51 CapabilityContainer authCaps, IPasswordRetriever passwordRetriever) | |
| 52 throws TransportException, FatalException, UnsupportedSecurityTypeException { | |
| 53 initTunnelling(reader, writer); | |
| 54 initAuthorization(reader, writer, authCaps, passwordRetriever); | |
| 55 return true; | |
| 56 } | |
| 57 | |
| 58 /** | |
| 59 * Negotiation of Tunneling Capabilities (protocol versions 3.7t, 3.8t) | |
| 60 * | |
| 61 * If the chosen security type is rfbSecTypeTight, the server sends a list of | |
| 62 * supported tunneling methods ("tunneling" refers to any additional layer of | |
| 63 * data transformation, such as encryption or external compression.) | |
| 64 * | |
| 65 * nTunnelTypes specifies the number of following rfbCapabilityInfo structures | |
| 66 * that list all supported tunneling methods in the order of preference. | |
| 67 * | |
| 68 * NOTE: If nTunnelTypes is 0, that tells the client that no tunneling can be | |
| 69 * used, and the client should not send a response requesting a tunneling | |
| 70 * method. | |
| 71 * | |
| 72 * typedef struct _rfbTunnelingCapsMsg { | |
| 73 * CARD32 nTunnelTypes; | |
| 74 * //followed by nTunnelTypes * rfbCapabilityInfo structures | |
| 75 * } rfbTunnelingCapsMsg; | |
| 76 * #define sz_rfbTunnelingCapsMsg 4 | |
| 77 * ---------------------------------------------------------------------------- | |
| 78 * Tunneling Method Request (protocol versions 3.7t, 3.8t) | |
| 79 * | |
| 80 * If the list of tunneling capabilities sent by the server was not empty, the | |
| 81 * client should reply with a 32-bit code specifying a particular tunneling | |
| 82 * method. The following code should be used for no tunneling. | |
| 83 * | |
| 84 * #define rfbNoTunneling 0 | |
| 85 * #define sig_rfbNoTunneling "NOTUNNEL" | |
| 86 * | |
| 87 */ | |
| 88 private void initTunnelling(Reader reader, Writer writer) | |
| 89 throws TransportException { | |
| 90 long tunnelsCount; | |
| 91 tunnelsCount = reader.readUInt32(); | |
| 92 if (tunnelsCount > 0) { | |
| 93 for (int i = 0; i < tunnelsCount; ++i) { | |
| 94 RfbCapabilityInfo rfbCapabilityInfo = new RfbCapabilityInfo(reader); | |
| 95 Logger.getLogger("com.glavsoft.rfb.protocol.auth").fine(rfbCapabilityInfo.toString()); | |
| 96 } | |
| 97 writer.writeInt32(0); // NOTUNNEL | |
| 98 } | |
| 99 } | |
| 100 | |
| 101 /** | |
| 102 * Negotiation of Authentication Capabilities (protocol versions 3.7t, 3.8t) | |
| 103 * | |
| 104 * After setting up tunneling, the server sends a list of supported | |
| 105 * authentication schemes. | |
| 106 * | |
| 107 * nAuthTypes specifies the number of following rfbCapabilityInfo structures | |
| 108 * that list all supported authentication schemes in the order of preference. | |
| 109 * | |
| 110 * NOTE: If nAuthTypes is 0, that tells the client that no authentication is | |
| 111 * necessary, and the client should not send a response requesting an | |
| 112 * authentication scheme. | |
| 113 * | |
| 114 * typedef struct _rfbAuthenticationCapsMsg { | |
| 115 * CARD32 nAuthTypes; | |
| 116 * // followed by nAuthTypes * rfbCapabilityInfo structures | |
| 117 * } rfbAuthenticationCapsMsg; | |
| 118 * #define sz_rfbAuthenticationCapsMsg 4 | |
| 119 * @param authCaps TODO | |
| 120 * @param passwordRetriever | |
| 121 * @throws UnsupportedSecurityTypeException | |
| 122 * @throws TransportException | |
| 123 * @throws FatalException | |
| 124 */ | |
| 125 private void initAuthorization(Reader reader, Writer writer, | |
| 126 CapabilityContainer authCaps, IPasswordRetriever passwordRetriever) | |
| 127 throws UnsupportedSecurityTypeException, TransportException, FatalException { | |
| 128 int authCount; | |
| 129 authCount = reader.readInt32(); | |
| 130 byte[] cap = new byte[authCount]; | |
| 131 for (int i = 0; i < authCount; ++i) { | |
| 132 RfbCapabilityInfo rfbCapabilityInfo = new RfbCapabilityInfo(reader); | |
| 133 cap[i] = (byte) rfbCapabilityInfo.getCode(); | |
| 134 Logger.getLogger("com.glavsoft.rfb.protocol.auth").fine(rfbCapabilityInfo.toString()); | |
| 135 } | |
| 136 AuthHandler authHandler = null; | |
| 137 if (authCount > 0) { | |
| 138 authHandler = SecurityTypeState.selectAuthHandler(cap, authCaps); | |
| 139 for (int i = 0; i < authCount; ++i) { | |
| 140 if (authCaps.isSupported(cap[i])) { | |
| 141 //sending back RFB capability code | |
| 142 writer.writeInt32(cap[i]); | |
| 143 break; | |
| 144 } | |
| 145 } | |
| 146 } else { | |
| 147 authHandler = SecurityType.getAuthHandlerById(SecurityType.NONE_AUTHENTICATION.getId()); | |
| 148 } | |
| 149 Logger.getLogger("com.glavsoft.rfb.protocol.auth").info("Auth capability accepted: " + authHandler.getName()); | |
| 150 authHandler.authenticate(reader, writer, authCaps, passwordRetriever); | |
| 151 } | |
| 152 | |
| 153 } |