krfb/libvncserver/auth.c

   1 /*
   2  * auth.c - deal with authentication.
   3  *
   4  * This file implements the VNC authentication protocol when setting up an RFB
   5  * connection.
   6  */
   7
   8 /*
   9  *  OSXvnc Copyright (C) 2001 Dan McGuirk <mcguirk@incompleteness.net>.
  10  *  Original Xvnc code Copyright (C) 1999 AT&T Laboratories Cambridge.
  11  *  All Rights Reserved.
  12  *
  13  *  This is free software; you can redistribute it and/or modify
  14  *  it under the terms of the GNU General Public License as published by
  15  *  the Free Software Foundation; either version 2 of the License, or
  16  *  (at your option) any later version.
  17  *
  18  *  This software is distributed in the hope that it will be useful,
  19  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  20  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  21  *  GNU General Public License for more details.
  22  *
  23  *  You should have received a copy of the GNU General Public License
  24  *  along with this software; if not, write to the Free Software
  25  *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301,
  26  *  USA.
  27  */
  28
  29 #include <stdio.h>
  30 #include <stdlib.h>
  31 #include "rfb.h"
  32
  33 static int rfbMaxPasswordWait = 120000;   /* password timeout (ms)  */
  34
  35 /*
  36  * rfbAuthNewClient is called when we reach the point of authenticating
  37  * a new client.  If authentication isn't being used then we simply send
  38  * rfbNoAuth.  Otherwise we send rfbVncAuth plus the challenge.
  39  */
  40
  41 void
  42 rfbAuthNewClient(cl)
  43     rfbClientPtr cl;
  44 {
  45     char buf[4 + CHALLENGESIZE];
  46     int len;
  47
  48     cl->state = RFB_AUTHENTICATION;
  49
  50     if (cl->screen->rfbAuthPasswdData && !cl->reverseConnection) {
  51         *(CARD32 *)buf = Swap32IfLE(rfbVncAuth);
  52         vncRandomBytes(cl->authChallenge);
  53         memcpy(&buf[4], (char *)cl->authChallenge, CHALLENGESIZE);
  54         len = 4 + CHALLENGESIZE;
  55     } else {
  56         *(CARD32 *)buf = Swap32IfLE(rfbNoAuth);
  57         len = 4;
  58         cl->state = RFB_INITIALISATION;
  59     }
  60
  61     if (WriteExact(cl, buf, len) < 0) {
  62         rfbLogPerror("rfbAuthNewClient: write");
  63         rfbCloseClient(cl);
  64         return;
  65     }
  66 }
  67
  68
  69 /*
  70  * rfbAuthProcessClientMessage is called when the client sends its
  71  * authentication response.
  72  */
  73
  74 void
  75 rfbAuthProcessClientMessage(cl)
  76     rfbClientPtr cl;
  77 {
  78     int n;
  79     CARD8 response[CHALLENGESIZE];
  80     CARD32 authResult;
  81
  82     if ((n = ReadExactTimeout(cl, (char *)response, CHALLENGESIZE,
  83                               rfbMaxPasswordWait)) <= 0) {
  84         if (n != 0)
  85             rfbLogPerror("rfbAuthProcessClientMessage: read");
  86         rfbCloseClient(cl);
  87         return;
  88     }
  89
  90     if(!cl->screen->passwordCheck(cl,response,CHALLENGESIZE)) {
  91         rfbLog("rfbAuthProcessClientMessage: password check failed\n");
  92         authResult = Swap32IfLE(rfbVncAuthFailed);
  93         if (WriteExact(cl, (char *)&authResult, 4) < 0) {
  94             rfbLogPerror("rfbAuthProcessClientMessage: write");
  95         }
  96         rfbCloseClient(cl);
  97         return;
  98     }
  99
 100     authResult = Swap32IfLE(rfbVncAuthOK);
 101
 102     if (WriteExact(cl, (char *)&authResult, 4) < 0) {
 103         rfbLogPerror("rfbAuthProcessClientMessage: write");
 104         rfbCloseClient(cl);
 105         return;
 106     }
 107
 108     cl->state = RFB_INITIALISATION;
 109 }