diff --git a/gst/librfb/Makefile.am b/gst/librfb/Makefile.am index f871fe3ad2..e698cb6f4c 100644 --- a/gst/librfb/Makefile.am +++ b/gst/librfb/Makefile.am @@ -13,8 +13,7 @@ libgstrfbsrc_la_LIBTOOLFLAGS = $(GST_PLUGIN_LIBTOOLFLAGS) librfb_la_SOURCES = \ rfbbuffer.c \ rfbdecoder.c \ - d3des.c \ - vncauth.c + d3des.c librfb_la_CFLAGS = $(GST_CFLAGS) $(GIO_CFLAGS) -I$(srcdir)/.. librfb_la_LIBADD = $(GST_LIBS) $(GIO_LIBS) @@ -25,8 +24,7 @@ noinst_HEADERS = \ rfbcontext.h \ rfbutil.h \ gstrfbsrc.h \ - d3des.h \ - vncauth.h + d3des.h Android.mk: Makefile.am $(BUILT_SOURCES) androgenizer \ diff --git a/gst/librfb/rfbdecoder.c b/gst/librfb/rfbdecoder.c index 3ae5f4f2e0..70976590b5 100644 --- a/gst/librfb/rfbdecoder.c +++ b/gst/librfb/rfbdecoder.c @@ -3,9 +3,7 @@ #endif #include "rfb.h" - -#include "vncauth.h" - +#include "d3des.h" #include #include @@ -424,7 +422,10 @@ rfb_decoder_state_wait_for_security (RfbDecoder * decoder) decoder->state = rfb_decoder_state_send_client_initialisation; } break; - case SECURITY_VNC: + case SECURITY_VNC:{ + unsigned char key[8], *challenge; + gsize password_len; + /* * VNC authentication is to be used and protocol data is to be sent unencrypted. The * server sends a random 16-byte challenge @@ -437,14 +438,29 @@ rfb_decoder_state_wait_for_security (RfbDecoder * decoder) return FALSE; } - rfb_decoder_read (decoder, 16); - vncEncryptBytes ((unsigned char *) decoder->data, decoder->password); - rfb_decoder_send (decoder, decoder->data, 16); + /* key is 8 bytes and made up of password (padded with 0s if needed) */ + memset (key, 0, 8); + password_len = strlen (decoder->password); + memcpy (key, decoder->password, MIN (password_len, 8)); - GST_DEBUG ("Encrypted challenge send to server"); + /* read challenge */ + challenge = rfb_decoder_read (decoder, 16); + if (challenge == NULL) + return FALSE; + + /* encrypt 16 challenge bytes in place using key */ + deskey (key, EN0); + des (challenge, challenge); + des (challenge + 8, challenge + 8); + + /* .. and send back to server */ + rfb_decoder_send (decoder, challenge, 16); + + GST_DEBUG ("Encrypted challenge sent to server"); decoder->state = rfb_decoder_state_security_result; break; + } default: GST_WARNING ("Security type is not known"); return FALSE; diff --git a/gst/librfb/vncauth.c b/gst/librfb/vncauth.c deleted file mode 100644 index 8f8b7aab04..0000000000 --- a/gst/librfb/vncauth.c +++ /dev/null @@ -1,177 +0,0 @@ -/* - * Copyright (C) 1999 AT&T Laboratories Cambridge. All Rights Reserved. - * - * This is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, - * USA. - */ - -/* - * vncauth.c - Functions for VNC password management and authentication. - */ - -#include "config.h" -#include -#include "_stdint.h" -#include "stdio.h" -#include "stdlib.h" -#include "string.h" -#include "time.h" -#include "vncauth.h" -#include "d3des.h" - -#include "sys/stat.h" - - -/* - * We use a fixed key to store passwords, since we assume that our local - * file system is secure but nonetheless don't want to store passwords - * as plaintext. - */ - -unsigned char fixedkey[8] = { 23, 82, 107, 6, 35, 78, 88, 7 }; - - -/* - * Encrypt a password and store it in a file. Returns 0 if successful, - * 1 if the file could not be written. - */ - -int32_t -vncEncryptAndStorePasswd (char *passwd, char *fname) -{ - FILE *fp; - uint32_t i; - unsigned char encryptedPasswd[8]; - - if ((fp = fopen (fname, "w")) == NULL) - return 1; - - chmod (fname, S_IRUSR | S_IWUSR); - - /* pad password with nulls */ - - for (i = 0; i < 8; i++) { - if (i < strlen (passwd)) { - encryptedPasswd[i] = passwd[i]; - } else { - encryptedPasswd[i] = 0; - } - } - - /* Do encryption in-place - this way we overwrite our copy of the plaintext - password */ - - deskey (fixedkey, EN0); - des (encryptedPasswd, encryptedPasswd); - - for (i = 0; i < 8; i++) { - putc (encryptedPasswd[i], fp); - } - - fclose (fp); - return 0; -} - - -/* - * Decrypt a password from a file. Returns a pointer to a newly allocated - * string containing the password or a null pointer if the password could - * not be retrieved for some reason. - */ - -char * -vncDecryptPasswdFromFile (char *fname) -{ - FILE *fp; - int32_t i, ch; - unsigned char *passwd; - - if ((fp = fopen (fname, "r")) == NULL) - return NULL; - - passwd = (unsigned char *) malloc (9); - - for (i = 0; i < 8; i++) { - ch = getc (fp); - if (ch == EOF) { - fclose (fp); - free (passwd); - return NULL; - } - passwd[i] = ch; - } - - fclose (fp); - - deskey (fixedkey, DE1); - des (passwd, passwd); - - passwd[8] = 0; - - return (char *) passwd; -} - - -/* - * Generate CHALLENGESIZE random bytes for use in challenge-response - * authentication. - */ - -void -vncRandomBytes (unsigned char *bytes) -{ - int32_t i; - uint32_t seed = (uint32_t) time (0); -#ifndef G_OS_WIN32 - srandom (seed); -#else - srand (seed); -#endif - for (i = 0; i < CHALLENGESIZE; i++) { -#ifndef G_OS_WIN32 - bytes[i] = (unsigned char) (random () & 255); -#else - bytes[i] = (unsigned char) (rand () & 255); -#endif - } -} - - -/* - * Encrypt CHALLENGESIZE bytes in memory using a password. - */ - -void -vncEncryptBytes (unsigned char *bytes, char *passwd) -{ - unsigned char key[8]; - uint32_t i; - - /* key is simply password padded with nulls */ - - for (i = 0; i < 8; i++) { - if (i < strlen (passwd)) { - key[i] = passwd[i]; - } else { - key[i] = 0; - } - } - - deskey (key, EN0); - - for (i = 0; i < CHALLENGESIZE; i += 8) { - des (bytes + i, bytes + i); - } -} diff --git a/gst/librfb/vncauth.h b/gst/librfb/vncauth.h deleted file mode 100644 index be679b26fe..0000000000 --- a/gst/librfb/vncauth.h +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright (C) 1999 AT&T Laboratories Cambridge. All Rights Reserved. - * - * This is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this software; if not, write to the Free Software - * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, - * USA. - */ - -/* - * vncauth.h - describes the functions provided by the vncauth library. - */ - -#define MAXPWLEN 8 -#define CHALLENGESIZE 16 - -extern int vncEncryptAndStorePasswd (char *passwd, char *fname); -extern char *vncDecryptPasswdFromFile (char *fname); -extern void vncRandomBytes (unsigned char *bytes); -extern void vncEncryptBytes (unsigned char *bytes, char *passwd);