Move getUserPasswd()/showMsgBox() to CConnection

Problems with the original code: A process can only establish one connection.
After modification, multiple connections can be supported.

common/rfb/CConnection.h

@@ -36,6 +36,18 @@ namespace rfb {
   class CMsgWriter;
   class CSecurity;
 
+  enum MsgBoxFlags{
+      M_OK = 0,
+      M_OKCANCEL = 1,
+      M_YESNO = 4,
+      M_ICONERROR = 0x10,
+      M_ICONQUESTION = 0x20,
+      M_ICONWARNING = 0x30,
+      M_ICONINFORMATION = 0x40,
+      M_DEFBUTTON1 = 0,
+      M_DEFBUTTON2 = 0x100
+  };
+
   class CConnection : public CMsgHandler {
   public:
 
@@ -111,7 +123,7 @@ namespace rfb {
     void serverCutText(const char* str) override;
 
     void handleClipboardCaps(uint32_t flags,
-                                     const uint32_t* lengths) override;
+                             const uint32_t* lengths) override;
     void handleClipboardRequest(uint32_t flags) override;
     void handleClipboardPeek() override;
     void handleClipboardNotify(uint32_t flags) override;
@@ -121,6 +133,17 @@ namespace rfb {
 
     // Methods to be overridden in a derived class
 
+    // getUserPasswd() gets the username and password.  This might
+    // involve a dialog, getpass(), etc.  The user buffer pointer can be
+    // null, in which case no user name will be retrieved.
+    virtual void getUserPasswd(bool secure, std::string* user,
+                               std::string* password) = 0;
+
+    // showMsgBox() displays a message box with the specified style and
+    // contents.  The return value is true if the user clicked OK/Yes.
+    virtual bool showMsgBox(MsgBoxFlags flags, const char *title,
+                            const char *text) = 0;
+
     // authSuccess() is called when authentication has succeeded.
     virtual void authSuccess();
 

common/rfb/CSecurity.h

@@ -38,9 +38,6 @@
 #ifndef __RFB_CSECURITY_H__
 #define __RFB_CSECURITY_H__
 
-#include <rfb/UserPasswdGetter.h>
-#include <rfb/UserMsgBox.h>
-
 namespace rfb {
   class CConnection;
   class CSecurity {
@@ -51,13 +48,6 @@ namespace rfb {
     virtual int getType() const = 0;
     virtual bool isSecure() const { return false; }
 
-    /*
-     * Use variable directly instead of dumb get/set methods.
-     * It MUST be set by viewer.
-     */
-    static UserPasswdGetter *upg;
-    static UserMsgBox *msg;
-
   protected:
     CConnection* cc;
   };

common/rfb/CSecurityDH.cxx

@@ -108,7 +108,7 @@ void CSecurityDH::writeCredentials()
   std::string password;
   rdr::RandomStream rs;
 
-  (CSecurity::upg)->getUserPasswd(isSecure(), &username, &password);
+  cc->getUserPasswd(isSecure(), &username, &password);
 
   std::vector<uint8_t> bBytes(keyLength);
   if (!rs.hasData(keyLength))

common/rfb/CSecurityMSLogonII.cxx

@@ -97,7 +97,7 @@ void CSecurityMSLogonII::writeCredentials()
   std::string password;
   rdr::RandomStream rs;
 
-  (CSecurity::upg)->getUserPasswd(isSecure(), &username, &password);
+  cc->getUserPasswd(isSecure(), &username, &password);
 
   std::vector<uint8_t> bBytes(8);
   if (!rs.hasData(8))

common/rfb/CSecurityPlain.cxx

@@ -23,7 +23,6 @@
 
 #include <rfb/CConnection.h>
 #include <rfb/CSecurityPlain.h>
-#include <rfb/UserPasswdGetter.h>
 
 #include <rdr/OutStream.h>
 
@@ -36,7 +35,7 @@ bool CSecurityPlain::processMsg()
   std::string username;
   std::string password;
 
-  (CSecurity::upg)->getUserPasswd(cc->isSecure(), &username, &password);
+  cc->getUserPasswd(cc->isSecure(), &username, &password);
 
   // Return the response to the server
   os->writeU32(username.size());

common/rfb/CSecurityRSAAES.cxx

@@ -38,7 +38,6 @@
 #include <rfb/CConnection.h>
 #include <rfb/LogWriter.h>
 #include <rfb/Exception.h>
-#include <rfb/UserMsgBox.h>
 #include <rfb/util.h>
 #include <rdr/AESInStream.h>
 #include <rdr/AESOutStream.h>
@@ -215,7 +214,7 @@ void CSecurityRSAAES::verifyServer()
     "Fingerprint: %02x-%02x-%02x-%02x-%02x-%02x-%02x-%02x\n"
     "Please verify that the information is correct and press \"Yes\". "
     "Otherwise press \"No\"", f[0], f[1], f[2], f[3], f[4], f[5], f[6], f[7]);
-  if (!msg->showMsgBox(UserMsgBox::M_YESNO, title, text.c_str()))
+  if (!cc->showMsgBox(MsgBoxFlags::M_YESNO, title, text.c_str()))
     throw Exception("server key mismatch");
 }
 
@@ -438,9 +437,9 @@ void CSecurityRSAAES::writeCredentials()
   std::string password;
 
   if (subtype == secTypeRA2UserPass)
-    (CSecurity::upg)->getUserPasswd(isSecure(), &username, &password);
+    cc->getUserPasswd(isSecure(), &username, &password);
   else
-    (CSecurity::upg)->getUserPasswd(isSecure(), nullptr, &password);
+    cc->getUserPasswd(isSecure(), nullptr, &password);
 
   if (subtype == secTypeRA2UserPass) {
     if (username.size() > 255)

common/rfb/CSecurityRSAAES.h

@@ -27,13 +27,11 @@
 #include <nettle/rsa.h>
 #include <rfb/CSecurity.h>
 #include <rfb/Security.h>
-#include <rfb/UserMsgBox.h>
 #include <rdr/InStream.h>
 #include <rdr/OutStream.h>
 #include <rdr/RandomStream.h>
 
 namespace rfb {
-  class UserMsgBox;
   class CSecurityRSAAES : public CSecurity {
   public:
     CSecurityRSAAES(CConnection* cc, uint32_t secType,

common/rfb/CSecurityTLS.cxx

@@ -38,7 +38,6 @@
 #include <rfb/CConnection.h>
 #include <rfb/LogWriter.h>
 #include <rfb/Exception.h>
-#include <rfb/UserMsgBox.h>
 #include <rfb/util.h>
 #include <rdr/TLSException.h>
 #include <rdr/TLSInStream.h>
@@ -442,7 +441,7 @@ void CSecurityTLS::checkSession()
                     "Do you want to make an exception for this "
                     "server?", info.data);
 
-      if (!msg->showMsgBox(UserMsgBox::M_YESNO,
+      if (!cc->showMsgBox(MsgBoxFlags::M_YESNO,
                            "Unknown certificate issuer",
                            text.c_str()))
         throw AuthCancelledException();
@@ -462,8 +461,7 @@ void CSecurityTLS::checkSession()
                     "\n"
                     "Do you want to make an exception for this "
                     "server?", info.data);
-
-      if (!msg->showMsgBox(UserMsgBox::M_YESNO,
+      if (!cc->showMsgBox(MsgBoxFlags::M_YESNO,
                            "Certificate is not yet valid",
                            text.c_str()))
         throw AuthCancelledException();
@@ -482,7 +480,7 @@ void CSecurityTLS::checkSession()
                     "Do you want to make an exception for this "
                     "server?", info.data);
 
-      if (!msg->showMsgBox(UserMsgBox::M_YESNO,
+      if (!cc->showMsgBox(MsgBoxFlags::M_YESNO,
                            "Expired certificate",
                            text.c_str()))
         throw AuthCancelledException();
@@ -501,7 +499,7 @@ void CSecurityTLS::checkSession()
                     "Do you want to make an exception for this "
                     "server?", info.data);
 
-      if (!msg->showMsgBox(UserMsgBox::M_YESNO,
+      if (!cc->showMsgBox(MsgBoxFlags::M_YESNO,
                            "Insecure certificate algorithm",
                            text.c_str()))
         throw AuthCancelledException();
@@ -526,7 +524,7 @@ void CSecurityTLS::checkSession()
                     "Do you want to make an exception for this "
                     "server?", client->getServerName(), info.data);
 
-      if (!msg->showMsgBox(UserMsgBox::M_YESNO,
+      if (!cc->showMsgBox(MsgBoxFlags::M_YESNO,
                            "Certificate hostname mismatch",
                            text.c_str()))
         throw AuthCancelledException();
@@ -552,7 +550,7 @@ void CSecurityTLS::checkSession()
                     "Do you want to make an exception for this "
                     "server?", info.data);
 
-      if (!msg->showMsgBox(UserMsgBox::M_YESNO,
+      if (!cc->showMsgBox(MsgBoxFlags::M_YESNO,
                            "Unexpected server certificate",
                            text.c_str()))
         throw AuthCancelledException();
@@ -575,7 +573,7 @@ void CSecurityTLS::checkSession()
                     "Do you want to make an exception for this "
                     "server?", info.data);
 
-      if (!msg->showMsgBox(UserMsgBox::M_YESNO,
+      if (!cc->showMsgBox(MsgBoxFlags::M_YESNO,
                            "Unexpected server certificate",
                            text.c_str()))
         throw AuthCancelledException();
@@ -596,7 +594,7 @@ void CSecurityTLS::checkSession()
                     "Do you want to make an exception for this "
                     "server?", info.data);
 
-      if (!msg->showMsgBox(UserMsgBox::M_YESNO,
+      if (!cc->showMsgBox(MsgBoxFlags::M_YESNO,
                            "Unexpected server certificate",
                            text.c_str()))
         throw AuthCancelledException();
@@ -617,7 +615,7 @@ void CSecurityTLS::checkSession()
                     "Do you want to make an exception for this "
                     "server?", info.data);
 
-      if (!msg->showMsgBox(UserMsgBox::M_YESNO,
+      if (!cc->showMsgBox(MsgBoxFlags::M_YESNO,
                            "Unexpected server certificate",
                            text.c_str()))
         throw AuthCancelledException();
@@ -644,7 +642,7 @@ void CSecurityTLS::checkSession()
                     "Do you want to make an exception for this "
                     "server?", client->getServerName(), info.data);
 
-      if (!msg->showMsgBox(UserMsgBox::M_YESNO,
+      if (!cc->showMsgBox(MsgBoxFlags::M_YESNO,
                            "Unexpected server certificate",
                            text.c_str()))
         throw AuthCancelledException();

common/rfb/CSecurityTLS.h

@@ -28,7 +28,6 @@
 
 #include <rfb/CSecurity.h>
 #include <rfb/Security.h>
-#include <rfb/UserMsgBox.h>
 #include <rdr/InStream.h>
 #include <rdr/OutStream.h>
 #include <gnutls/gnutls.h>

common/rfb/CSecurityVncAuth.cxx

@@ -54,7 +54,7 @@ bool CSecurityVncAuth::processMsg()
   uint8_t challenge[vncAuthChallengeSize];
   is->readBytes(challenge, vncAuthChallengeSize);
   std::string passwd;
-  (CSecurity::upg)->getUserPasswd(cc->isSecure(), nullptr, &passwd);
+  cc->getUserPasswd(cc->isSecure(), nullptr, &passwd);
 
   // Calculate the correct response
   uint8_t key[8];

common/rfb/SecurityClient.cxx

@@ -40,11 +40,6 @@
 
 using namespace rfb;
 
-UserPasswdGetter *CSecurity::upg = nullptr;
-#if defined(HAVE_GNUTLS) || defined(HAVE_NETTLE)
-UserMsgBox *CSecurity::msg = nullptr;
-#endif
-
 StringParameter SecurityClient::secTypes
 ("SecurityTypes",
  "Specify which security scheme to use (None, VncAuth, Plain"
@@ -66,11 +61,6 @@ ConfViewer);
 
 CSecurity* SecurityClient::GetCSecurity(CConnection* cc, uint32_t secType)
 {
-  assert (CSecurity::upg != nullptr); /* (upg == nullptr) means bug in the viewer */
-#if defined(HAVE_GNUTLS) || defined(HAVE_NETTLE)
-  assert (CSecurity::msg != nullptr);
-#endif
-
   if (!IsSupported(secType))
     goto bail;
 

tests/perf/decperf.cxx

@@ -75,13 +75,16 @@ class CConn : public rfb::CConnection {
   void setColourMapEntries(int, int, uint16_t*) override;
   void bell() override;
   void serverCutText(const char*) override;
+  virtual void getUserPasswd(bool secure, std::string *user, std::string *password) override;
+  virtual bool showMsgBox(rfb::MsgBoxFlags flags, const char *title, const char *text) override;
 
 public:
   double cpuTime;
 
 protected:
   rdr::FileInStream *in;
   DummyOutStream *out;
+
 };
 
 DummyOutStream::DummyOutStream()
@@ -174,6 +177,15 @@ void CConn::serverCutText(const char*)
 {
 }
 
+void CConn::getUserPasswd(bool, std::string *, std::string *)
+{
+}
+
+bool CConn::showMsgBox(rfb::MsgBoxFlags, const char *, const char *)
+{
+    return true;
+}
+
 struct stats
 {
   double decodeTime;