@ -88,6 +88,7 @@ export default class RFB extends EventTargetMixin {
this . _rfb _version = 0 ;
this . _rfb _max _version = 3.8 ;
this . _rfb _tightvnc = false ;
this . _rfb _vencrypt _state = 0 ;
this . _rfb _xvp _ver = 0 ;
this . _fb _width = 0 ;
@ -1033,6 +1034,8 @@ export default class RFB extends EventTargetMixin {
this . _rfb _auth _scheme = 16 ; // Tight
} else if ( includes ( 2 , types ) ) {
this . _rfb _auth _scheme = 2 ; // VNC Auth
} else if ( includes ( 19 , types ) ) {
this . _rfb _auth _scheme = 19 ; // VeNCrypt Auth
} else {
return this . _fail ( "Unsupported security types (types: " + types + ")" ) ;
}
@ -1108,6 +1111,94 @@ export default class RFB extends EventTargetMixin {
return this . _negotiate _authentication ( ) ;
}
// VeNCrypt authentication, currently only supports version 0.2 and only Plain subtype
_negotiate _vencrypt _auth ( ) {
// waiting for VeNCrypt version
if ( this . _rfb _vencrypt _state == 0 ) {
if ( this . _sock . rQwait ( "vencrypt version" , 2 ) ) { return false ; }
const major = this . _sock . rQshift8 ( ) ;
const minor = this . _sock . rQshift8 ( ) ;
if ( ! ( major == 0 && minor == 2 ) ) {
return this . _fail ( "Unsupported VeNCrypt version " + major + "." + minor ) ;
}
this . _sock . send ( [ 0 , 2 ] ) ;
this . _rfb _vencrypt _state = 1 ;
}
// waiting for ACK
if ( this . _rfb _vencrypt _state == 1 ) {
if ( this . _sock . rQwait ( "vencrypt ack" , 1 ) ) { return false ; }
const res = this . _sock . rQshift8 ( ) ;
if ( res != 0 ) {
return this . _fail ( "VeNCrypt failure " + res ) ;
}
this . _rfb _vencrypt _state = 2 ;
}
// must fall through here (i.e. no "else if"), beacause we may have already received
// the subtypes length and won't be called again
if ( this . _rfb _vencrypt _state == 2 ) { // waiting for subtypes length
if ( this . _sock . rQwait ( "vencrypt subtypes length" , 1 ) ) { return false ; }
const subtypes _length = this . _sock . rQshift8 ( ) ;
if ( subtypes _length < 1 ) {
return this . _fail ( "VeNCrypt subtypes empty" ) ;
}
this . _rfb _vencrypt _subtypes _length = subtypes _length ;
this . _rfb _vencrypt _state = 3 ;
}
// waiting for subtypes list
if ( this . _rfb _vencrypt _state == 3 ) {
if ( this . _sock . rQwait ( "vencrypt subtypes" , 4 * this . _rfb _vencrypt _subtypes _length ) ) { return false ; }
const subtypes = [ ] ;
for ( let i = 0 ; i < this . _rfb _vencrypt _subtypes _length ; i ++ ) {
subtypes . push ( this . _sock . rQshift32 ( ) ) ;
}
// 256 = Plain subtype
if ( subtypes . indexOf ( 256 ) != - 1 ) {
// 0x100 = 256
this . _sock . send ( [ 0 , 0 , 1 , 0 ] ) ;
this . _rfb _vencrypt _state = 4 ;
} else {
return this . _fail ( "VeNCrypt Plain subtype not offered by server" ) ;
}
}
// negotiated Plain subtype, server waits for password
if ( this . _rfb _vencrypt _state == 4 ) {
if ( ! this . _rfb _credentials . username ||
! this . _rfb _credentials . password ) {
this . dispatchEvent ( new CustomEvent (
"credentialsrequired" ,
{ detail : { types : [ "username" , "password" ] } } ) ) ;
return false ;
}
const user = encodeUTF8 ( this . _rfb _credentials . username ) ;
const pass = encodeUTF8 ( this . _rfb _credentials . password ) ;
// XXX we assume lengths are <= 255 (should not be an issue in the real world)
this . _sock . send ( [ 0 , 0 , 0 , user . length ] ) ;
this . _sock . send ( [ 0 , 0 , 0 , pass . length ] ) ;
this . _sock . send _string ( user ) ;
this . _sock . send _string ( pass ) ;
this . _rfb _init _state = "SecurityResult" ;
return true ;
}
}
_negotiate _std _vnc _auth ( ) {
if ( this . _sock . rQwait ( "auth challenge" , 16 ) ) { return false ; }
@ -1264,6 +1355,9 @@ export default class RFB extends EventTargetMixin {
case 16 : // TightVNC Security Type
return this . _negotiate _tight _auth ( ) ;
case 19 : // VeNCrypt Security Type
return this . _negotiate _vencrypt _auth ( ) ;
case 129 : // TightVNC UNIX Security Type
return this . _negotiate _tight _unix _auth ( ) ;
Filip Stedronsky
5 years ago
committed by