CConnection: Modify UserPasswdGetter and UserMsgBox interface to CCon…

…nection

Problems with the original code: A process can only establish one connection.
After modification, multiple connections can be supported.

common/rfb/CConnection.h

@@ -37,7 +37,13 @@ namespace rfb {
   class CSecurity;
   class IdentityVerifier;
 
-  class CConnection : public CMsgHandler {
+  class CConnection
+      : public CMsgHandler
+      , public UserPasswdGetter
+#if defined(HAVE_GNUTLS) || defined(HAVE_NETTLE)
+      ,public UserMsgBox
+#endif
+  {
   public:
 
     CConnection();
@@ -126,7 +132,7 @@ namespace rfb {
 
 
     // Methods to be overridden in a derived class
-
+    
     // authSuccess() is called when authentication has succeeded.
     virtual void authSuccess();
 

common/rfb/CSecurity.h

@@ -51,13 +51,6 @@ namespace rfb {
     virtual int getType() const = 0;
     virtual bool isSecure() const { return false; }
 
-    /*
-     * Use variable directly instead of dumb get/set methods.
-     * It MUST be set by viewer.
-     */
-    static UserPasswdGetter *upg;
-    static UserMsgBox *msg;
-
   protected:
     CConnection* cc;
   };

common/rfb/CSecurityDH.cxx

@@ -108,7 +108,7 @@ void CSecurityDH::writeCredentials()
   std::string password;
   rdr::RandomStream rs;
 
-  (CSecurity::upg)->getUserPasswd(isSecure(), &username, &password);
+  cc->getUserPasswd(isSecure(), &username, &password);
 
   std::vector<uint8_t> bBytes(keyLength);
   if (!rs.hasData(keyLength))

common/rfb/CSecurityMSLogonII.cxx

@@ -97,7 +97,7 @@ void CSecurityMSLogonII::writeCredentials()
   std::string password;
   rdr::RandomStream rs;
 
-  (CSecurity::upg)->getUserPasswd(isSecure(), &username, &password);
+  cc->getUserPasswd(isSecure(), &username, &password);
 
   std::vector<uint8_t> bBytes(8);
   if (!rs.hasData(8))

common/rfb/CSecurityPlain.cxx

@@ -36,7 +36,7 @@ bool CSecurityPlain::processMsg()
   std::string username;
   std::string password;
 
-  (CSecurity::upg)->getUserPasswd(cc->isSecure(), &username, &password);
+  cc->getUserPasswd(cc->isSecure(), &username, &password);
 
   // Return the response to the server
   os->writeU32(username.size());

common/rfb/CSecurityRSAAES.cxx

@@ -215,7 +215,7 @@ void CSecurityRSAAES::verifyServer()
     "Fingerprint: %02x-%02x-%02x-%02x-%02x-%02x-%02x-%02x\n"
     "Please verify that the information is correct and press \"Yes\". "
     "Otherwise press \"No\"", f[0], f[1], f[2], f[3], f[4], f[5], f[6], f[7]);
-  if (!msg->showMsgBox(UserMsgBox::M_YESNO, title, text.c_str()))
+  if (!cc->showMsgBox(UserMsgBox::M_YESNO, title, text.c_str()))
     throw AuthFailureException("server key mismatch");
 }
 
@@ -438,9 +438,9 @@ void CSecurityRSAAES::writeCredentials()
   std::string password;
 
   if (subtype == secTypeRA2UserPass)
-    (CSecurity::upg)->getUserPasswd(isSecure(), &username, &password);
+    cc->getUserPasswd(isSecure(), &username, &password);
   else
-    (CSecurity::upg)->getUserPasswd(isSecure(), nullptr, &password);
+    cc->getUserPasswd(isSecure(), nullptr, &password);
 
   if (subtype == secTypeRA2UserPass) {
     if (username.size() > 255)

common/rfb/CSecurityTLS.cxx

@@ -441,7 +441,7 @@ void CSecurityTLS::checkSession()
                     "Do you want to make an exception for this "
                     "server?", info.data);
 
-      if (!msg->showMsgBox(UserMsgBox::M_YESNO,
+      if (!cc->showMsgBox(UserMsgBox::M_YESNO,
                            "Unknown certificate issuer",
                            text.c_str()))
         throw AuthFailureException("Unknown certificate issuer");
@@ -462,7 +462,7 @@ void CSecurityTLS::checkSession()
                     "Do you want to make an exception for this "
                     "server?", info.data);
 
-      if (!msg->showMsgBox(UserMsgBox::M_YESNO,
+      if (!cc->showMsgBox(UserMsgBox::M_YESNO,
                            "Certificate is not yet valid",
                            text.c_str()))
         throw AuthFailureException("Certificate is not yet valid");
@@ -481,7 +481,7 @@ void CSecurityTLS::checkSession()
                     "Do you want to make an exception for this "
                     "server?", info.data);
 
-      if (!msg->showMsgBox(UserMsgBox::M_YESNO,
+      if (!cc->showMsgBox(UserMsgBox::M_YESNO,
                            "Expired certificate",
                            text.c_str()))
         throw AuthFailureException("Expired certificate");
@@ -500,7 +500,7 @@ void CSecurityTLS::checkSession()
                     "Do you want to make an exception for this "
                     "server?", info.data);
 
-      if (!msg->showMsgBox(UserMsgBox::M_YESNO,
+      if (!cc->showMsgBox(UserMsgBox::M_YESNO,
                            "Insecure certificate algorithm",
                            text.c_str()))
         throw AuthFailureException("Insecure certificate algorithm");
@@ -525,7 +525,7 @@ void CSecurityTLS::checkSession()
                     "Do you want to make an exception for this "
                     "server?", client->getServerName(), info.data);
 
-      if (!msg->showMsgBox(UserMsgBox::M_YESNO,
+      if (!cc->showMsgBox(UserMsgBox::M_YESNO,
                            "Certificate hostname mismatch",
                            text.c_str()))
         throw AuthFailureException("Certificate hostname mismatch");
@@ -551,7 +551,7 @@ void CSecurityTLS::checkSession()
                     "Do you want to make an exception for this "
                     "server?", info.data);
 
-      if (!msg->showMsgBox(UserMsgBox::M_YESNO,
+      if (!cc->showMsgBox(UserMsgBox::M_YESNO,
                            "Unexpected server certificate",
                            text.c_str()))
         throw AuthFailureException("Unexpected server certificate");
@@ -574,7 +574,7 @@ void CSecurityTLS::checkSession()
                     "Do you want to make an exception for this "
                     "server?", info.data);
 
-      if (!msg->showMsgBox(UserMsgBox::M_YESNO,
+      if (!cc->showMsgBox(UserMsgBox::M_YESNO,
                            "Unexpected server certificate",
                            text.c_str()))
         throw AuthFailureException("Unexpected server certificate");
@@ -595,7 +595,7 @@ void CSecurityTLS::checkSession()
                     "Do you want to make an exception for this "
                     "server?", info.data);
 
-      if (!msg->showMsgBox(UserMsgBox::M_YESNO,
+      if (!cc->showMsgBox(UserMsgBox::M_YESNO,
                            "Unexpected server certificate",
                            text.c_str()))
         throw AuthFailureException("Unexpected server certificate");
@@ -616,7 +616,7 @@ void CSecurityTLS::checkSession()
                     "Do you want to make an exception for this "
                     "server?", info.data);
 
-      if (!msg->showMsgBox(UserMsgBox::M_YESNO,
+      if (!cc->showMsgBox(UserMsgBox::M_YESNO,
                            "Unexpected server certificate",
                            text.c_str()))
         throw AuthFailureException("Unexpected server certificate");
@@ -643,7 +643,7 @@ void CSecurityTLS::checkSession()
                     "Do you want to make an exception for this "
                     "server?", client->getServerName(), info.data);
 
-      if (!msg->showMsgBox(UserMsgBox::M_YESNO,
+      if (!cc->showMsgBox(UserMsgBox::M_YESNO,
                            "Unexpected server certificate",
                            text.c_str()))
         throw AuthFailureException("Unexpected server certificate");

common/rfb/CSecurityVncAuth.cxx

@@ -54,7 +54,7 @@ bool CSecurityVncAuth::processMsg()
   uint8_t challenge[vncAuthChallengeSize];
   is->readBytes(challenge, vncAuthChallengeSize);
   std::string passwd;
-  (CSecurity::upg)->getUserPasswd(cc->isSecure(), nullptr, &passwd);
+  cc->getUserPasswd(cc->isSecure(), nullptr, &passwd);
 
   // Calculate the correct response
   uint8_t key[8];

common/rfb/SecurityClient.cxx

@@ -41,11 +41,6 @@
 using namespace rdr;
 using namespace rfb;
 
-UserPasswdGetter *CSecurity::upg = nullptr;
-#if defined(HAVE_GNUTLS) || defined(HAVE_NETTLE)
-UserMsgBox *CSecurity::msg = nullptr;
-#endif
-
 StringParameter SecurityClient::secTypes
 ("SecurityTypes",
  "Specify which security scheme to use (None, VncAuth, Plain"
@@ -67,11 +62,6 @@ ConfViewer);
 
 CSecurity* SecurityClient::GetCSecurity(CConnection* cc, uint32_t secType)
 {
-  assert (CSecurity::upg != nullptr); /* (upg == nullptr) means bug in the viewer */
-#if defined(HAVE_GNUTLS) || defined(HAVE_NETTLE)
-  assert (CSecurity::msg != nullptr);
-#endif
-
   if (!IsSupported(secType))
     goto bail;
 

tests/perf/decperf.cxx

@@ -76,6 +76,11 @@ class CConn : public rfb::CConnection {
   void setColourMapEntries(int, int, uint16_t*) override;
   void bell() override;
   void serverCutText(const char*) override;
+
+  // UserMsgBox interface
+  virtual bool showMsgBox(int flags, const char *title, const char *text) override;
+  // UserPasswdGetter interface
+  virtual void getUserPasswd(bool secure, std::string *user, std::string *password) override;
 
 public:
   double cpuTime;
@@ -85,6 +90,15 @@ class CConn : public rfb::CConnection {
   DummyOutStream *out;
 };
 
+bool CConn::showMsgBox(int, const char *, const char *)
+{
+    return true;
+}
+
+void CConn::getUserPasswd(bool, std::string *, std::string *)
+{
+}
+
 DummyOutStream::DummyOutStream()
 {
   offset = 0;

tests/perf/encperf.cxx

@@ -108,7 +108,10 @@ class CConn : public rfb::CConnection {
   void setColourMapEntries(int, int, uint16_t*) override;
   void bell() override;
   void serverCutText(const char*) override;
-
+
+  virtual bool showMsgBox(int flags, const char *title, const char *text) override;
+  virtual void getUserPasswd(bool secure, std::string *user, std::string *password) override;
+
 public:
   double decodeTime;
   double encodeTime;
@@ -118,8 +121,18 @@ class CConn : public rfb::CConnection {
   DummyOutStream *out;
   rfb::SimpleUpdateTracker updates;
   class SConn *sc;
+
 };
 
+bool CConn::showMsgBox(int, const char *, const char *)
+{
+    return true;
+}
+
+void CConn::getUserPasswd(bool, std::string *, std::string *)
+{
+}
+
 class Manager : public rfb::EncodeManager {
 public:
   Manager(class rfb::SConnection *conn);

vncviewer/CConn.cxx

@@ -597,3 +597,13 @@ void CConn::handleUpdateTimeout(void *data)
 
   Fl::repeat_timeout(1.0, handleUpdateTimeout, data);
 }
+
+bool CConn::showMsgBox(int flags, const char *title, const char *text)
+{
+    return dlg.showMsgBox(flags, title, text);
+}
+
+void CConn::getUserPasswd(bool secure, std::string *user, std::string *password)
+{
+    dlg.getUserPasswd(secure, user, password);
+}

vncviewer/CConn.h

@@ -24,6 +24,7 @@
 
 #include <rfb/CConnection.h>
 #include <rdr/FdInStream.h>
+#include "UserDialog.h"
 
 namespace network { class Socket; }
 
@@ -43,7 +44,13 @@ class CConn : public rfb::CConnection
 
   // Callback when socket is ready (or broken)
   static void socketEvent(FL_SOCKET fd, void *data);
-
+
+  // UserMsgBox interface
+  virtual bool showMsgBox(int flags, const char *title, const char *text) override;
+
+  // UserPasswdGetter interface
+  virtual void getUserPasswd(bool secure, std::string *user, std::string *password) override;
+
   // CConnection callback methods
   void initDone() override;
 
@@ -105,6 +112,8 @@ class CConn : public rfb::CConnection
   struct timeval updateStartTime;
   size_t updateStartPos;
   unsigned long long bpsEstimate;
+
+  UserDialog dlg;
 };
 
 #endif

vncviewer/vncviewer.cxx

@@ -607,7 +607,6 @@ static int mktunnel()
 int main(int argc, char** argv)
 {
   const char *localedir;
-  UserDialog dlg;
 
   argv0 = argv[0];
 
@@ -742,11 +741,6 @@ int main(int argc, char** argv)
       vlog.error(_("Could not create VNC state directory: %s"), strerror(errno));
   }
 
-  CSecurity::upg = &dlg;
-#if defined(HAVE_GNUTLS) || defined(HAVE_NETTLE)
-  CSecurity::msg = &dlg;
-#endif
-
   Socket *sock = nullptr;
 
 #ifndef WIN32