Hello,
I've just finished UNIX vncviewer GUI improvements. With attached
patches user can specify security parameters in the "Options" window.
I've also uploaded screenshot of new GUI to
http://atkac.fedorapeople.org/2010-08-27-140726_1280x1024_scrot.png,
you can check it.
After we decide UNIX GUI is fine I will start work on similar
Windows GUI improvements.
What is your opinion about it? Should be something improved?
Regards, Adam
--
Adam Tkac, Red Hat, Inc.
>From 2d04be0854a9e9f769efd623f73c18c3adb5941f Mon Sep 17 00:00:00 2001
From: Adam Tkac <at...@redhat.com>
Date: Thu, 19 Aug 2010 14:34:57 +0200
Subject: [PATCH 1/2] Expose encryption and authentication params in the
"Options" window.
Signed-off-by: Adam Tkac <at...@redhat.com>
---
unix/vncviewer/OptionsDialog.h | 86 +++++++++++++++++++++++++++++++++++++++-
1 files changed, 84 insertions(+), 2 deletions(-)
diff --git a/unix/vncviewer/OptionsDialog.h b/unix/vncviewer/OptionsDialog.h
index 9ee6d25..64c0910 100644
--- a/unix/vncviewer/OptionsDialog.h
+++ b/unix/vncviewer/OptionsDialog.h
@@ -29,6 +29,8 @@
#include "TXCheckbox.h"
#include "parameters.h"
+#define SECOND_COL_XPAD 350
+
class OptionsDialogCallback {
public:
virtual void setOptions() = 0;
@@ -39,7 +41,9 @@ class OptionsDialog : public TXDialog, public
TXButtonCallback,
public TXCheckboxCallback, public TXEntryCallback {
public:
OptionsDialog(Display* dpy, OptionsDialogCallback* cb_)
- : TXDialog(dpy, 450, 450, _("VNC Viewer: Connection Options")), cb(cb_),
+ : TXDialog(dpy, 750, 450, _("VNC Viewer: Connection Options")), cb(cb_),
+
+ /* Encoding and color level */
formatAndEnc(dpy, _("Encoding and Color Level:"), this),
inputs(dpy, _("Inputs:"), this),
misc(dpy, _("Misc:"), this),
@@ -52,24 +56,54 @@ public:
zrle(dpy, "ZRLE", this, true, this),
hextile(dpy, "Hextile", this, true, this),
raw(dpy, "Raw", this, true, this),
+
+ /* Compression */
customCompressLevel(dpy, _("Custom compression level:"), this, false,
this),
compressLevel(dpy, this, this, false, 30),
compressLevelLabel(dpy, _("level (1=fast, 9=best)"), this),
noJpeg(dpy, _("Allow JPEG compression:"), this, false, this),
qualityLevel(dpy, this, this, false, 30),
qualityLevelLabel(dpy, _("quality (1=poor, 9=best)"), this),
+
+ /* Inputs */
viewOnly(dpy, _("View only (ignore mouse & keyboard)"), this, false,
this),
acceptClipboard(dpy, _("Accept clipboard from server"), this, false,
this),
sendClipboard(dpy, _("Send clipboard to server"), this, false, this),
sendPrimary(dpy, _("Send primary selection & cut buffer as clipboard"),
this, false, this),
+
+ /* Misc */
shared(dpy, _("Shared (don't disconnect other viewers)"), this,
false,this),
fullScreen(dpy, _("Full-screen mode"), this, false, this),
useLocalCursor(dpy, _("Render cursor locally"), this, false, this),
dotWhenNoCursor(dpy, _("Show dot when no cursor"), this, false, this),
okButton(dpy, _("OK"), this, this, 60),
- cancelButton(dpy, _("Cancel"), this, this, 60)
+ cancelButton(dpy, _("Cancel"), this, this, 60),
+
+ /* Security */
+ security(dpy, _("Security:"), this),
+ secVeNCrypt(dpy, _("Extended encryption and authentication methods
(VeNCrypt)"),
+ this, false, this),
+
+ /* Encryption */
+ encryption(dpy, _("Session encryption:"), this),
+ encNone(dpy, _("None"), this, false, this),
+ encTLS(dpy, _("TLS with anonymous certificates"), this, false, this),
+ encX509(dpy, _("TLS with X509 certificates"), this, false, this),
+ cacert(dpy, _("Path to X509 CA certificate"), this),
+ ca(dpy, this, this, false, 350),
+ crlcert(dpy, _("Path to X509 CRL file"), this),
+ crl(dpy, this, this, false, 350),
+
+ /* Authentication */
+ authentication(dpy, _("Authentication:"), this),
+ secNone(dpy, _("None"), this, false, this),
+ secVnc(dpy, _("Standard VNC (insecure without encryption)"),
+ this, false, this),
+ secPlain(dpy, _("Username and password (insecure without encryption)"),
+ this, false, this)
{
+ /* Render the first collumn */
int y = yPad;
formatAndEnc.move(xPad, y);
y += formatAndEnc.height();
@@ -125,10 +159,48 @@ public:
dotWhenNoCursor.move(xPad, y);
y += dotWhenNoCursor.height();
+
+ /* Render "OK" and "Cancel" buttons */
okButton.move(width() - xPad*12 - cancelButton.width() - okButton.width(),
height() - yPad*4 - okButton.height());
cancelButton.move(width() - xPad*6 - cancelButton.width(),
height() - yPad*4 - cancelButton.height());
+
+ /* Render the second collumn */
+ y = yPad;
+ xPad += SECOND_COL_XPAD;
+
+ security.move(xPad, y);
+ y += security.height();
+ secVeNCrypt.move(xPad, y);
+ y += secVeNCrypt.height();
+
+ encryption.move(xPad, y);
+ y += encryption.height();
+ encNone.move(xPad, y);
+ y += encNone.height();
+ encTLS.move(xPad, y);
+ y += encTLS.height();
+ encX509.move(xPad, y);
+ y += encX509.height();
+ cacert.move(xPad, y);
+ y += cacert.height();
+ ca.move(xPad, y);
+ y += ca.height();
+ crlcert.move(xPad, y);
+ y += crlcert.height();
+ crl.move(xPad, y);
+ y += crl.height();
+
+ authentication.move(xPad, y);
+ y += authentication.height();
+ secNone.move(xPad, y);
+ y += secNone.height();
+ secVnc.move(xPad, y);
+ y += secVnc.height();
+ secPlain.move(xPad, y);
+ y += secPlain.height();
+
setBorderWidth(1);
}
@@ -209,6 +281,16 @@ public:
TXCheckbox viewOnly, acceptClipboard, sendClipboard, sendPrimary;
TXCheckbox shared, fullScreen, useLocalCursor, dotWhenNoCursor;
TXButton okButton, cancelButton;
+
+ TXLabel security;
+ TXCheckbox secVeNCrypt;
+
+ TXLabel encryption;
+ TXCheckbox encNone, encTLS, encX509;
+ TXLabel cacert; TXEntry ca; TXLabel crlcert; TXEntry crl;
+
+ TXLabel authentication;
+ TXCheckbox secNone, secVnc, secPlain;
};
#endif
--
1.7.2.2
>From 22e9caa268bfb4e6dc5de76d4d58f5afce0e4b66 Mon Sep 17 00:00:00 2001
From: Adam Tkac <at...@redhat.com>
Date: Fri, 27 Aug 2010 13:45:22 +0200
Subject: [PATCH 2/2] Add logic which process new GUI-exposed security options.
Signed-off-by: Adam Tkac <at...@redhat.com>
---
unix/vncviewer/CConn.cxx | 162 +++++++++++++++++++++++++++++++++++++++-
unix/vncviewer/OptionsDialog.h | 7 ++
2 files changed, 167 insertions(+), 2 deletions(-)
diff --git a/unix/vncviewer/CConn.cxx b/unix/vncviewer/CConn.cxx
index 8d311c3..f428116 100644
--- a/unix/vncviewer/CConn.cxx
+++ b/unix/vncviewer/CConn.cxx
@@ -27,6 +27,7 @@
#include <rfb/Security.h>
#include <rfb/CSecurityNone.h>
#include <rfb/CSecurityVncAuth.h>
+#include <rfb/CSecurityTLS.h>
#include <rfb/Hostname.h>
#include <rfb/LogWriter.h>
#include <rfb/util.h>
@@ -34,6 +35,7 @@
#include <rfb/screenTypes.h>
#include <network/TcpSocket.h>
#include <cassert>
+#include <list>
#include "TXViewport.h"
#include "DesktopWindow.h"
@@ -41,7 +43,9 @@
#include "PasswdDialog.h"
#include "parameters.h"
+using namespace rdr;
using namespace rfb;
+using namespace std;
static rfb::LogWriter vlog("CConn");
@@ -608,10 +612,77 @@ void CConn::setOptions() {
options.acceptClipboard.checked(acceptClipboard);
options.sendClipboard.checked(sendClipboard);
options.sendPrimary.checked(sendPrimary);
- if (state() == RFBSTATE_NORMAL)
+ if (state() == RFBSTATE_NORMAL) {
options.shared.disabled(true);
- else
+ options.secVeNCrypt.disabled(true);
+ options.encNone.disabled(true);
+ options.encTLS.disabled(true);
+ options.encX509.disabled(true);
+ options.ca.disabled(true);
+ options.crl.disabled(true);
+ options.secNone.disabled(true);
+ options.secVnc.disabled(true);
+ options.secPlain.disabled(true);
+ } else {
options.shared.checked(shared);
+
+ /* Process non-VeNCrypt sectypes */
+ list<U8> secTypes = security->GetEnabledSecTypes();
+ list<U8>::iterator i;
+ for (i = secTypes.begin(); i != secTypes.end(); i++) {
+ switch (*i) {
+ case secTypeVeNCrypt:
+ options.secVeNCrypt.checked(true);
+ break;
+ case secTypeNone:
+ options.encNone.checked(true);
+ options.secNone.checked(true);
+ break;
+ case secTypeVncAuth:
+ options.encNone.checked(true);
+ options.secVnc.checked(true);
+ break;
+ }
+ }
+
+ /* Process VeNCrypt subtypes */
+ if (options.secVeNCrypt.checked()) {
+ list<U32> secTypesExt = security->GetEnabledExtSecTypes();
+ list<U32>::iterator iext;
+ for (iext = secTypesExt.begin(); iext != secTypesExt.end(); iext++) {
+ switch (*iext) {
+ case secTypePlain:
+ options.encNone.checked(true);
+ options.secPlain.checked(true);
+ break;
+ case secTypeTLSNone:
+ options.encTLS.checked(true);
+ options.secNone.checked(true);
+ break;
+ case secTypeTLSVnc:
+ options.encTLS.checked(true);
+ options.secVnc.checked(true);
+ break;
+ case secTypeTLSPlain:
+ options.encTLS.checked(true);
+ options.secPlain.checked(true);
+ break;
+ case secTypeX509None:
+ options.encX509.checked(true);
+ options.secNone.checked(true);
+ break;
+ case secTypeX509Vnc:
+ options.encX509.checked(true);
+ options.secVnc.checked(true);
+ break;
+ case secTypeX509Plain:
+ options.encX509.checked(true);
+ options.secPlain.checked(true);
+ break;
+ }
+ }
+ }
+ }
options.fullScreen.checked(fullScreen);
options.useLocalCursor.checked(useLocalCursor);
options.dotWhenNoCursor.checked(dotWhenNoCursor);
@@ -681,6 +752,93 @@ void CConn::getOptions() {
if (desktop)
desktop->setNoCursor();
checkEncodings();
+
+ /* Process security types which don't use encryption */
+ if (options.encNone.checked()) {
+ if (options.secNone.checked())
+ security->EnableSecType(secTypeNone);
+ if (options.secVnc.checked())
+ security->EnableSecType(secTypeVncAuth);
+ if (options.secPlain.checked())
+ security->EnableSecType(secTypePlain);
+ } else {
+ security->DisableSecType(secTypeNone);
+ security->DisableSecType(secTypeVncAuth);
+ security->DisableSecType(secTypePlain);
+ }
+
+ /* Process security types which use TLS encryption */
+ if (options.encTLS.checked()) {
+ if (options.secNone.checked())
+ security->EnableSecType(secTypeTLSNone);
+ if (options.secVnc.checked())
+ security->EnableSecType(secTypeTLSVnc);
+ if (options.secPlain.checked())
+ security->EnableSecType(secTypeTLSPlain);
+ } else {
+ security->DisableSecType(secTypeTLSNone);
+ security->DisableSecType(secTypeTLSVnc);
+ security->DisableSecType(secTypeTLSPlain);
+ }
+
+ /* Process security types which use X509 encryption */
+ if (options.encX509.checked()) {
+ if (options.secNone.checked())
+ security->EnableSecType(secTypeX509None);
+ if (options.secVnc.checked())
+ security->EnableSecType(secTypeX509Vnc);
+ if (options.secPlain.checked())
+ security->EnableSecType(secTypeX509Plain);
+ } else {
+ security->DisableSecType(secTypeX509None);
+ security->DisableSecType(secTypeX509Vnc);
+ security->DisableSecType(secTypeX509Plain);
+ }
+
+ /* Process *None security types */
+ if (options.secNone.checked()) {
+ if (options.encNone.checked())
+ security->EnableSecType(secTypeNone);
+ if (options.encTLS.checked())
+ security->EnableSecType(secTypeTLSNone);
+ if (options.encX509.checked())
+ security->EnableSecType(secTypeX509None);
+ } else {
+ security->DisableSecType(secTypeNone);
+ security->DisableSecType(secTypeTLSNone);
+ security->DisableSecType(secTypeX509None);
+ }
+
+ /* Process *Vnc security types */
+ if (options.secVnc.checked()) {
+ if (options.encNone.checked())
+ security->EnableSecType(secTypeVncAuth);
+ if (options.encTLS.checked())
+ security->EnableSecType(secTypeTLSVnc);
+ if (options.encX509.checked())
+ security->EnableSecType(secTypeX509Vnc);
+ } else {
+ security->DisableSecType(secTypeVncAuth);
+ security->DisableSecType(secTypeTLSVnc);
+ security->DisableSecType(secTypeX509Vnc);
+ }
+
+ /* Process *Plain security types */
+ if (options.secPlain.checked()) {
+ if (options.encNone.checked())
+ security->EnableSecType(secTypePlain);
+ if (options.encTLS.checked())
+ security->EnableSecType(secTypeTLSPlain);
+ if (options.encX509.checked())
+ security->EnableSecType(secTypeX509Plain);
+ } else {
+ security->DisableSecType(secTypePlain);
+ security->DisableSecType(secTypeTLSPlain);
+ security->DisableSecType(secTypeX509Plain);
+ }
+
+ CSecurityTLS::x509ca.setParam(options.ca.getText());
+ CSecurityTLS::x509crl.setParam(options.crl.getText());
}
void CConn::resizeFramebuffer()
diff --git a/unix/vncviewer/OptionsDialog.h b/unix/vncviewer/OptionsDialog.h
index 64c0910..549372a 100644
--- a/unix/vncviewer/OptionsDialog.h
+++ b/unix/vncviewer/OptionsDialog.h
@@ -263,6 +263,13 @@ public:
compressLevel.disabled(!customCompressLevel.checked());
} else if (checkbox == &noJpeg) {
qualityLevel.disabled(autoSelect.checked() || !noJpeg.checked());
+ } else if (checkbox == &secVeNCrypt) {
+ encTLS.checked(false);
+ encTLS.disabled(!secVeNCrypt.checked());
+ encX509.checked(false);
+ encX509.disabled(!secVeNCrypt.checked());
+ secPlain.checked(false);
+ secPlain.disabled(!secVeNCrypt.checked());
}
}
--
1.7.2.2
------------------------------------------------------------------------------
Sell apps to millions through the Intel(R) Atom(Tm) Developer Program
Be part of this innovative community and reach millions of netbook users
worldwide. Take advantage of special opportunities to increase revenue and
speed time-to-market. Join now, and jumpstart your future.
http://p.sf.net/sfu/intel-atom-d2d
_______________________________________________
Tigervnc-devel mailing list
Tigervnc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tigervnc-devel
