summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--libvncserver/Makefile.am12
-rw-r--r--libvncserver/rfbcrypto.h12
-rw-r--r--libvncserver/rfbcrypto_gnutls.c50
-rw-r--r--libvncserver/rfbcrypto_included.c49
-rw-r--r--libvncserver/rfbcrypto_openssl.c49
-rw-r--r--libvncserver/rfbcrypto_polarssl.c26
-rw-r--r--libvncserver/websockets.c51
7 files changed, 212 insertions, 37 deletions
diff --git a/libvncserver/Makefile.am b/libvncserver/Makefile.am
index 98d97bc..287f1c9 100644
--- a/libvncserver/Makefile.am
+++ b/libvncserver/Makefile.am
@@ -15,16 +15,18 @@ endif
if WITH_WEBSOCKETS
if HAVE_LIBSSL
-WEBSOCKETSSSLSRCS = rfbssl_openssl.c
+WEBSOCKETSSSLSRCS = rfbssl_openssl.c rfbcrypto_openssl.c
+WEBSOCKETSSSLLIBS = @SSL_LIBS@ @CRYPT_LIBS@
else
if HAVE_GNUTLS
-WEBSOCKETSSSLSRCS = rfbssl_gnutls.c
+WEBSOCKETSSSLSRCS = rfbssl_gnutls.c rfbcrypto_gnutls.c
+WEBSOCKETSSSLLIBS = @GNUTLS_LIBS@
else
-WEBSOCKETSSSLSRCS = rfbssl_none.c
+WEBSOCKETSSSLSRCS = rfbssl_none.c rfbcrypto_included.c ../common/md5.c ../common/sha1.c
endif
endif
-WEBSOCKETSSRCS = websockets.c ../common/md5.c ../common/sha1.c $(WEBSOCKETSSSLSRCS)
+WEBSOCKETSSRCS = websockets.c $(WEBSOCKETSSSLSRCS)
endif
includedir=$(prefix)/include/rfb
@@ -59,7 +61,7 @@ LIB_SRCS = main.c rfbserver.c rfbregion.c auth.c sockets.c $(WEBSOCKETSSRCS) \
$(ZLIBSRCS) $(TIGHTSRCS) $(TIGHTVNCFILETRANSFERSRCS)
libvncserver_la_SOURCES=$(LIB_SRCS)
-libvncserver_la_LIBADD=@SSL_LIBS@ @CRYPT_LIBS@
+libvncserver_la_LIBADD=$(WEBSOCKETSSSLLIBS)
lib_LTLIBRARIES=libvncserver.la
diff --git a/libvncserver/rfbcrypto.h b/libvncserver/rfbcrypto.h
new file mode 100644
index 0000000..9dc3e63
--- /dev/null
+++ b/libvncserver/rfbcrypto.h
@@ -0,0 +1,12 @@
+#ifndef _RFB_CRYPTO_H
+#define _RFB_CRYPTO_H 1
+
+#include <sys/uio.h>
+
+#define SHA1_HASH_SIZE 20
+#define MD5_HASH_SIZE 16
+
+void digestmd5(const struct iovec *iov, int iovcnt, void *dest);
+void digestsha1(const struct iovec *iov, int iovcnt, void *dest);
+
+#endif
diff --git a/libvncserver/rfbcrypto_gnutls.c b/libvncserver/rfbcrypto_gnutls.c
new file mode 100644
index 0000000..2ecb2da
--- /dev/null
+++ b/libvncserver/rfbcrypto_gnutls.c
@@ -0,0 +1,50 @@
+/*
+ * rfbcrypto_gnutls.c - Crypto wrapper (gnutls version)
+ */
+
+/*
+ * Copyright (C) 2011 Gernot Tenchio
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+
+#include <string.h>
+#include <gcrypt.h>
+#include "rfbcrypto.h"
+
+void digestmd5(const struct iovec *iov, int iovcnt, void *dest)
+{
+ gcry_md_hd_t c;
+ int i;
+
+ gcry_md_open(&c, GCRY_MD_MD5, 0);
+ for (i = 0; i < iovcnt; i++)
+ gcry_md_write(c, iov[i].iov_base, iov[i].iov_len);
+ gcry_md_final(c);
+ memcpy(dest, gcry_md_read(c, 0), gcry_md_get_algo_dlen(GCRY_MD_MD5));
+}
+
+void digestsha1(const struct iovec *iov, int iovcnt, void *dest)
+{
+ gcry_md_hd_t c;
+ int i;
+
+ gcry_md_open(&c, GCRY_MD_SHA1, 0);
+ for (i = 0; i < iovcnt; i++)
+ gcry_md_write(c, iov[i].iov_base, iov[i].iov_len);
+ gcry_md_final(c);
+ memcpy(dest, gcry_md_read(c, 0), gcry_md_get_algo_dlen(GCRY_MD_SHA1));
+}
diff --git a/libvncserver/rfbcrypto_included.c b/libvncserver/rfbcrypto_included.c
new file mode 100644
index 0000000..e02b623
--- /dev/null
+++ b/libvncserver/rfbcrypto_included.c
@@ -0,0 +1,49 @@
+/*
+ * rfbcrypto_included.c - Crypto wrapper (included version)
+ */
+
+/*
+ * Copyright (C) 2011 Gernot Tenchio
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+
+#include <string.h>
+#include "md5.h"
+#include "sha1.h"
+#include "rfbcrypto.h"
+
+void digestmd5(const struct iovec *iov, int iovcnt, void *dest)
+{
+ md5_context c;
+ int i;
+
+ __md5_init_ctx(&c);
+ for (i = 0; i < iovcnt; i++)
+ __md5_process_bytes(&c, iov[i].iov_base, iov[i].iov_len);
+ __md5_finish_ctx(&c, dest);
+}
+
+void digestsha1(const struct iovec *iov, int iovcnt, void *dest)
+{
+ SHA1Context c;
+ int i;
+
+ SHA1Reset(&c);
+ for (i = 0; i < iovcnt; i++)
+ SHA1Input(&c, iov[i].iov_base, iov[i].iov_len);
+ SHA1Result(&c, dest);
+}
diff --git a/libvncserver/rfbcrypto_openssl.c b/libvncserver/rfbcrypto_openssl.c
new file mode 100644
index 0000000..29ec5c1
--- /dev/null
+++ b/libvncserver/rfbcrypto_openssl.c
@@ -0,0 +1,49 @@
+/*
+ * rfbcrypto_openssl.c - Crypto wrapper (openssl version)
+ */
+
+/*
+ * Copyright (C) 2011 Gernot Tenchio
+ *
+ * This is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this software; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+
+#include <string.h>
+#include <openssl/sha.h>
+#include <openssl/md5.h>
+#include "rfbcrypto.h"
+
+void digestmd5(const struct iovec *iov, int iovcnt, void *dest)
+{
+ MD5_CTX c;
+ int i;
+
+ MD5_Init(&c);
+ for (i = 0; i < iovcnt; i++)
+ MD5_Update(&c, iov[i].iov_base, iov[i].iov_len);
+ MD5_Final(dest, &c);
+}
+
+void digestsha1(const struct iovec *iov, int iovcnt, void *dest)
+{
+ SHA_CTX c;
+ int i;
+
+ SHA1_Init(&c);
+ for (i = 0; i < iovcnt; i++)
+ SHA1_Update(&c, iov[i].iov_base, iov[i].iov_len);
+ SHA1_Final(dest, &c);
+}
diff --git a/libvncserver/rfbcrypto_polarssl.c b/libvncserver/rfbcrypto_polarssl.c
new file mode 100644
index 0000000..f28dca3
--- /dev/null
+++ b/libvncserver/rfbcrypto_polarssl.c
@@ -0,0 +1,26 @@
+#include <string.h>
+#include <polarssl/md5.h>
+#include <polarssl/sha1.h>
+#include "rfbcrypto.h"
+
+void digestmd5(const struct iovec *iov, int iovcnt, void *dest)
+{
+ md5_context c;
+ int i;
+
+ md5_starts(&c);
+ for (i = 0; i < iovcnt; i++)
+ md5_update(&c, iov[i].iov_base, iov[i].iov_len);
+ md5_finish(dest, &c);
+}
+
+void digestsha1(const struct iovec *iov, int iovcnt, void *dest)
+{
+ sha1_context c;
+ int i;
+
+ sha1_starts(&c);
+ for (i = 0; i < iovcnt; i++)
+ sha1_update(&c, iov[i].iov_base, iov[i].iov_len);
+ sha1_finish(dest, &c);
+}
diff --git a/libvncserver/websockets.c b/libvncserver/websockets.c
index a030b15..7532e33 100644
--- a/libvncserver/websockets.c
+++ b/libvncserver/websockets.c
@@ -33,10 +33,9 @@
#include <byteswap.h>
#include <string.h>
-#include "md5.h"
-#include "sha1.h"
#include "rfbconfig.h"
#include "rfbssl.h"
+#include "rfbcrypto.h"
#if defined(__BYTE_ORDER) && defined(__BIG_ENDIAN) && __BYTE_ORDER == __BIG_ENDIAN
#define WS_NTOH64(n) (n)
@@ -165,36 +164,20 @@ min (int a, int b) {
return a < b ? a : b;
}
-void
-webSocketsGenSha1Key(char * target, int size, char *key)
+static void webSocketsGenSha1Key(char *target, int size, char *key)
{
- int len;
- SHA1Context sha;
- uint8_t digest[SHA1HashSize];
-
- if (size < B64LEN(SHA1HashSize) + 1) {
- rfbErr("webSocketsGenSha1Key: not enough space in target\n");
- target[0] = '\0';
- return;
- }
-
- SHA1Reset(&sha);
- SHA1Input(&sha, (unsigned char *)key, strlen(key));
- SHA1Input(&sha, (unsigned char *)GUID, strlen(GUID));
- SHA1Result(&sha, digest);
-
- len = __b64_ntop((unsigned char *)digest, SHA1HashSize, target, size);
- if (len < size - 1) {
- rfbErr("webSocketsGenSha1Key: b64_ntop failed\n");
- target[0] = '\0';
- return;
- }
-
- target[len] = '\0';
- return;
+ struct iovec iov[2];
+ unsigned char hash[20];
+
+ iov[0].iov_base = key;
+ iov[0].iov_len = strlen(key);
+ iov[1].iov_base = GUID;
+ iov[1].iov_len = sizeof(GUID) - 1;
+ digestsha1(iov, 2, hash);
+ if (-1 == __b64_ntop(hash, sizeof(hash), target, size))
+ rfbErr("b64_ntop failed\n");
}
-
/*
* rfbWebSocketsHandshake is called to handle new WebSockets connections
*/
@@ -389,7 +372,7 @@ webSocketsHandshake(rfbClientPtr cl, char *scheme)
*/
if (sec_ws_version) {
- char accept[B64LEN(SHA1HashSize) + 1];
+ char accept[B64LEN(SHA1_HASH_SIZE) + 1];
rfbLog(" - WebSockets client version hybi-%02d\n", sec_ws_version);
webSocketsGenSha1Key(accept, sizeof(accept), sec_ws_key);
len = snprintf(response, WEBSOCKETS_MAX_HANDSHAKE_LEN,
@@ -436,13 +419,15 @@ webSocketsHandshake(rfbClientPtr cl, char *scheme)
cl->wsctx = (wsCtx *)wsctx;
return TRUE;
}
-
+
void
webSocketsGenMd5(char * target, char *key1, char *key2, char *key3)
{
unsigned int i, spaces1 = 0, spaces2 = 0;
unsigned long num1 = 0, num2 = 0;
unsigned char buf[17];
+ struct iovec iov[1];
+
for (i=0; i < strlen(key1); i++) {
if (key1[i] == ' ') {
spaces1 += 1;
@@ -477,7 +462,9 @@ webSocketsGenMd5(char * target, char *key1, char *key2, char *key3)
strncpy((char *)buf+8, key3, 8);
buf[16] = '\0';
- md5_buffer((char *)buf, 16, target);
+ iov[0].iov_base = buf;
+ iov[0].iov_len = 16;
+ digestmd5(iov, 1, target);
target[16] = '\0';
return;