Package: tightvnc Severity: wishlist Tags: patch Hello
On Fri, Jan 14, 2005 at 01:13:25AM +0100, Ralf Zerres wrote: > Hey Ole, > > all of my work is enclosed in the attachment. I suggest that you send this to upstream. He is very responsive and would most probably appriciate the patch. I think it is better because he will be able to add it to future releases as well. http://www.tightvnc.com/contribute.html I'll add this as a wishlist bug too in the BTS. Regards, // Ola > Ralf > > -- > > ---------------------------------------------------------- > > Ralf Zerres > Networkx GmbH Tel: +49 (0)221 / 937725-0 > Markstr.8 Fax: +49 (0)221 / 937725-18 > D-50968 K�ln E-Mail: [EMAIL PROTECTED] > Germany Internet: www.networkx.de > GPG-Fingerprint: 4654 DD2B 4B68 9E45 33B4 AB50 B9AA 2BB1 A249 086D > > ---------------------------------------------------------- > > > diff -urN vnc-3.3.7.orig/rfb/vncauth.c vnc-3.3.7-ultra/rfb/vncauth.c > --- vnc-3.3.7.orig/rfb/vncauth.c 2002-09-01 17:58:21.000000000 +0200 > +++ vnc-3.3.7-ultra/rfb/vncauth.c 2004-05-26 00:47:43.000000000 +0200 > @@ -162,3 +162,59 @@ > des(bytes+i, bytes+i); > } > } > + > + > +void > +vncEncryptPasswdMs( unsigned char *encryptedPasswd, char *passwd ) > +{ > + unsigned int i; > + > + /* pad password with nulls */ > + for (i = 0; i < 32; i++) { > + if (i < strlen(passwd)) { > + encryptedPasswd[i] = passwd[i]; > + } else { > + encryptedPasswd[i] = 0; > + } > + } > + > +/* Do encryption in-place - this way we overwrite our copy of the plaintext > + * password */ > + deskey(fixedkey, EN0); > + des(encryptedPasswd, encryptedPasswd); > +} > + > + > +void > +vncEncryptPasswd( unsigned char *encryptedPasswd, char *passwd ) > +{ > + unsigned int i; > + > + /* pad password with nulls */ > + for (i = 0; i < MAXPWLEN; i++) { > + if (i < strlen(passwd)) { > + encryptedPasswd[i] = passwd[i]; > + } else { > + encryptedPasswd[i] = 0; > + } > + } > + > +/* Do encryption in-place - this way we overwrite our copy of the plaintext > + * password */ > + deskey(fixedkey, EN0); > + des(encryptedPasswd, encryptedPasswd); > +} > + > + > +void > +vncRandomBytesMs(unsigned char *where) { > + int i; > + static unsigned int seed; > + seed += (unsigned int) time(0) + getpid() + getpid() * 987654; > + > + srand(seed); > + for (i=0; i < CHALLENGESIZEMS; i++) { > + where[i] = (unsigned char)(rand() & 255); > + } > +} > + > diff -urN vnc-3.3.7.orig/rfb/vncauth.h vnc-3.3.7-ultra/rfb/vncauth.h > --- vnc-3.3.7.orig/rfb/vncauth.h 2002-07-01 23:23:29.000000000 +0200 > +++ vnc-3.3.7-ultra/rfb/vncauth.h 2004-05-26 00:47:43.000000000 +0200 > @@ -23,8 +23,13 @@ > > #define MAXPWLEN 8 > #define CHALLENGESIZE 16 > +#define CHALLENGESIZEMS 64 > + > > extern int vncEncryptAndStorePasswd(char *passwd, char *fname); > extern char *vncDecryptPasswdFromFile(char *fname); > extern void vncRandomBytes(unsigned char *bytes); > +extern void vncRandomBytesMs(unsigned char *bytes); > +extern void vncEncryptPasswdMs(unsigned char *encryptedPasswd, char *passwd); > +extern void vncEncryptPasswd(unsigned char *encryptedPasswd, char *passwd); > extern void vncEncryptBytes(unsigned char *bytes, char *passwd); > diff -urN vnc-3.3.7.orig/vncviewer/argsresources.c > vnc-3.3.7-ultra/vncviewer/argsresources.c > --- vnc-3.3.7.orig/vncviewer/argsresources.c 2003-02-28 19:47:10.000000000 > +0100 > +++ vnc-3.3.7-ultra/vncviewer/argsresources.c 2004-05-26 00:48:03.000000000 > +0200 > @@ -157,6 +157,9 @@ > > {"passwordFile", "PasswordFile", XtRString, sizeof(String), > XtOffsetOf(AppData, passwordFile), XtRImmediate, (XtPointer) 0}, > + > + {"userName", "UserName", XtRString, sizeof(String), > + XtOffsetOf(AppData, userName), XtRImmediate, (XtPointer) 0}, > > {"passwordDialog", "PasswordDialog", XtRBool, sizeof(Bool), > XtOffsetOf(AppData, passwordDialog), XtRImmediate, (XtPointer) False}, > @@ -232,6 +235,7 @@ > {"-truecolor", "*forceTrueColour", XrmoptionNoArg, "True"}, > {"-truecolour", "*forceTrueColour", XrmoptionNoArg, "True"}, > {"-depth", "*requestedDepth", XrmoptionSepArg, 0}, > + {"-user", "*userName", XrmoptionSepArg, 0}, > }; > > int numCmdLineOptions = XtNumber(cmdLineOptions); > @@ -276,6 +280,7 @@ > " -viewonly\n" > " -fullscreen\n" > " -passwd <passwd-file>\n" > + " -user <username for ultravnc mslogon>\n" > " -noauto\n" > " -encodings <encoding-list> (e.g. \"raw copyrect\")\n" > " -bgr233\n" > diff -urN vnc-3.3.7.orig/vncviewer/rfbproto.c > vnc-3.3.7-ultra/vncviewer/rfbproto.c > --- vnc-3.3.7.orig/vncviewer/rfbproto.c 2002-11-21 15:17:07.000000000 > +0100 > +++ vnc-3.3.7-ultra/vncviewer/rfbproto.c 2004-05-26 00:47:43.000000000 > +0200 > @@ -68,6 +68,11 @@ > #define NUM_SUPPORTED_ENCODINGS (sizeof(supportedEncodings)/sizeof(int)) > > rfbServerInitMsg si; > +unsigned char m_encPasswd[8]; > +unsigned char m_encPasswdMs[32]; > +char m_clearPasswd[256]; > + > + > char *serverCutText = NULL; > Bool newServerCutText = False; > > @@ -86,6 +91,7 @@ > * InitialiseRFBConnection. > */ > > + > Bool > InitialiseRFBConnection() > { > @@ -94,9 +100,19 @@ > CARD32 authScheme, reasonLen, authResult; > char *reason; > CARD8 challenge[CHALLENGESIZE]; > - char *passwd; > + CARD8 challengems[CHALLENGESIZEMS]; > int i; > rfbClientInitMsg ci; > + m_encPasswd[0] = '\0'; > + Bool m_ms_logon = False; > + char passwd[256]; > + char domain[256]; > + char user[256]; > + memset(passwd, 0, sizeof(char)*256); > + memset(domain, 0, sizeof(char)*256); > + memset(user, 0, sizeof(char)*256); > + char *temp; > + > > if (!ReadFromRFBServer(pv, sz_rfbProtocolVersionMsg)) return False; > > @@ -109,6 +125,11 @@ > > fprintf(stderr,"VNC server supports protocol version %d.%d (viewer > %d.%d)\n", > major, minor, rfbProtocolMajorVersion, rfbProtocolMinorVersion); > + if (minor == 4) { > + m_ms_logon = True; > + fprintf(stderr,"[EMAIL PROTECTED] mslogon detected\n"); > + } > + > > major = rfbProtocolMajorVersion; > minor = rfbProtocolMinorVersion; > @@ -138,38 +159,67 @@ > break; > > case rfbVncAuth: > - if (!ReadFromRFBServer((char *)challenge, CHALLENGESIZE)) return False; > + if (m_ms_logon) { > + if (!appData.userName) { > + printf("Username: "); > + fgets(user,255,stdin); > + } else { > + strncpy(user,appData.userName,sizeof(user)); > + } > + temp=strchr(user,0x0A); > + if (temp) *temp='\0'; > + strncpy(passwd,getpass("Password: "),sizeof(passwd)); > + strncpy(domain,".",2); > + } > + if (m_ms_logon) vncEncryptPasswdMs(m_encPasswdMs, passwd); > + vncEncryptPasswd(m_encPasswd, passwd); > + if (m_ms_logon) if(!ReadFromRFBServer((char *)challengems, > CHALLENGESIZEMS)) return False; > + if(!ReadFromRFBServer((char *)challenge, CHALLENGESIZE)) return False; > > + if (!m_ms_logon) { > if (appData.passwordFile) { > - passwd = vncDecryptPasswdFromFile(appData.passwordFile); > + > strncpy(passwd,vncDecryptPasswdFromFile(appData.passwordFile),sizeof(passwd)); > if (!passwd) { > fprintf(stderr,"Cannot read valid password from file \"%s\"\n", > appData.passwordFile); > return False; > } > } else if (appData.passwordDialog) { > - passwd = DoPasswordDialog(); > + strncpy(passwd,DoPasswordDialog(),sizeof(passwd)); > } else { > - passwd = getpass("Password: "); > + strncpy(passwd,getpass("Password: "),sizeof(passwd)); > } > - > + > if ((!passwd) || (strlen(passwd) == 0)) { > fprintf(stderr,"Reading password failed\n"); > - return False; > + return False; > } > if (strlen(passwd) > 8) { > passwd[8] = '\0'; > } > + } > + > + if (m_ms_logon) { > + int i=0; > + for (i=0;i<32;i++) > + { > + challengems[i]=m_encPasswdMs[i]^challengems[i]; > + } > + if(!WriteToRFBServer((char *) user, sizeof(char)*256)) return > False; > + if(!WriteToRFBServer((char *) domain, sizeof(char)*256)) return > False; > + if(!WriteToRFBServer((char *) challengems, CHALLENGESIZEMS)) > return False; > + vncEncryptBytes(challenge, passwd); > + if(!WriteToRFBServer((char *) challenge, CHALLENGESIZE)) return > False; > + } else { > + vncEncryptBytes(challenge, passwd); > + if(!WriteToRFBServer((char *) challenge, CHALLENGESIZE)) return > False; > + } > > - vncEncryptBytes(challenge, passwd); > - > - /* Lose the password from memory */ > + /* Lose the password from memory */ > for (i = strlen(passwd); i >= 0; i--) { > passwd[i] = '\0'; > } > - > - if (!WriteToRFBServer((char *)challenge, CHALLENGESIZE)) return False; > - > + > if (!ReadFromRFBServer((char *)&authResult, 4)) return False; > > authResult = Swap32IfLE(authResult); > diff -urN vnc-3.3.7.orig/vncviewer/vncviewer.h > vnc-3.3.7-ultra/vncviewer/vncviewer.h > --- vnc-3.3.7.orig/vncviewer/vncviewer.h 2002-10-22 13:09:35.000000000 > +0200 > +++ vnc-3.3.7-ultra/vncviewer/vncviewer.h 2004-05-26 00:47:43.000000000 > +0200 > @@ -78,6 +78,7 @@ > int wmDecorationHeight; > > char *passwordFile; > + char *userName; > Bool passwordDialog; > > int rawDelay; -- --- Ola Lundqvist systemkonsult --- M Sc in IT Engineering ---- / [EMAIL PROTECTED] Annebergsslingan 37 \ | [EMAIL PROTECTED] 654 65 KARLSTAD | | http://www.opal.dhs.org Mobile: +46 (0)70-332 1551 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --------------------------------------------------------------- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
