GUACAMOLE-514: Remove x509 support.
This commit is contained in:
parent
88425160ae
commit
f21621e677
@ -33,54 +33,17 @@ char* guac_vnc_get_password(rfbClient* client) {
|
||||
|
||||
rfbCredential* guac_vnc_get_credentials(rfbClient* client, int credentialType) {
|
||||
guac_client* gc = rfbClientGetClientData(client, GUAC_VNC_CLIENT_KEY);
|
||||
rfbCredential *creds = malloc(sizeof(rfbCredential));
|
||||
guac_vnc_settings* settings = ((guac_vnc_client*) gc->data)->settings;
|
||||
|
||||
if (credentialType == rfbCredentialTypeUser) {
|
||||
rfbCredential *creds = malloc(sizeof(rfbCredential));
|
||||
creds->userCredential.username = settings->username;
|
||||
creds->userCredential.password = settings->password;
|
||||
return creds;
|
||||
}
|
||||
|
||||
else if (credentialType == rfbCredentialTypeX509) {
|
||||
char* template = "guac_XXXXXX";
|
||||
|
||||
if (settings->client_cert != NULL) {
|
||||
settings->client_cert_temp = strdup(template);
|
||||
int cert_fd = mkstemp(settings->client_cert_temp);
|
||||
write(cert_fd, settings->client_cert, strlen(settings->client_cert));
|
||||
close(cert_fd);
|
||||
creds->x509Credential.x509ClientCertFile = settings->client_cert_temp;
|
||||
}
|
||||
|
||||
if (settings->client_key != NULL) {
|
||||
settings->client_key_temp = strdup(template);
|
||||
int key_fd = mkstemp(settings->client_key_temp);
|
||||
write(key_fd, settings->client_key, strlen(settings->client_key));
|
||||
close(key_fd);
|
||||
creds->x509Credential.x509ClientKeyFile = settings->client_key_temp;
|
||||
}
|
||||
|
||||
if (settings->ca_cert != NULL) {
|
||||
settings->ca_cert_temp = strdup(template);
|
||||
int ca_fd = mkstemp(settings->ca_cert_temp);
|
||||
write(ca_fd, settings->ca_cert, strlen(settings->ca_cert));
|
||||
close(ca_fd);
|
||||
creds->x509Credential.x509CACertFile = settings->ca_cert_temp;
|
||||
}
|
||||
|
||||
if (settings->ca_crl != NULL) {
|
||||
settings->ca_crl_temp = strdup(template);
|
||||
int crl_fd = mkstemp(settings->ca_crl_temp);
|
||||
write(crl_fd, settings->ca_crl, strlen(settings->ca_crl));
|
||||
close(crl_fd);
|
||||
creds->x509Credential.x509CACrlFile = settings->ca_crl_temp;
|
||||
}
|
||||
|
||||
return creds;
|
||||
}
|
||||
|
||||
guac_client_log(gc, GUAC_LOG_ERROR, "Unknown credential type requested.");
|
||||
guac_client_log(gc, GUAC_LOG_ERROR,
|
||||
"Unsupported credential type requested.");
|
||||
return NULL;
|
||||
|
||||
}
|
||||
|
@ -28,7 +28,6 @@
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <time.h>
|
||||
#include <unistd.h>
|
||||
|
||||
/* Client plugin arguments */
|
||||
const char* GUAC_VNC_CLIENT_ARGS[] = {
|
||||
@ -38,10 +37,6 @@ const char* GUAC_VNC_CLIENT_ARGS[] = {
|
||||
"encodings",
|
||||
"username",
|
||||
"password",
|
||||
"client-cert",
|
||||
"client-key",
|
||||
"ca-cert",
|
||||
"ca-crl",
|
||||
"swap-red-blue",
|
||||
"color-depth",
|
||||
"cursor",
|
||||
@ -124,28 +119,6 @@ enum VNC_ARGS_IDX {
|
||||
*/
|
||||
IDX_PASSWORD,
|
||||
|
||||
/**
|
||||
* The client certificate to send to the VNC server if x509 authentication
|
||||
* is being used.
|
||||
*/
|
||||
IDX_CLIENT_CERT,
|
||||
|
||||
/**
|
||||
* The client private key to send to the VNC server if x509 authentication
|
||||
* is being used.
|
||||
*/
|
||||
IDX_CLIENT_KEY,
|
||||
|
||||
/**
|
||||
* The CA certificate to use when performing x509 authentication.
|
||||
*/
|
||||
IDX_CA_CERT,
|
||||
|
||||
/**
|
||||
* The location of the CA CRL to use when performing x509 authentication.
|
||||
*/
|
||||
IDX_CA_CRL,
|
||||
|
||||
/**
|
||||
* "true" if the red and blue components of each color should be swapped,
|
||||
* "false" or blank otherwise. This is mainly used for VNC servers that do
|
||||
@ -378,22 +351,6 @@ guac_vnc_settings* guac_vnc_parse_args(guac_user* user,
|
||||
guac_user_parse_args_string(user, GUAC_VNC_CLIENT_ARGS, argv,
|
||||
IDX_PASSWORD, ""); /* NOTE: freed by libvncclient */
|
||||
|
||||
settings->client_cert =
|
||||
guac_user_parse_args_string(user, GUAC_VNC_CLIENT_ARGS, argv,
|
||||
IDX_CLIENT_CERT, NULL);
|
||||
|
||||
settings->client_key =
|
||||
guac_user_parse_args_string(user, GUAC_VNC_CLIENT_ARGS, argv,
|
||||
IDX_CLIENT_KEY, NULL);
|
||||
|
||||
settings->ca_cert =
|
||||
guac_user_parse_args_string(user, GUAC_VNC_CLIENT_ARGS, argv,
|
||||
IDX_CA_CERT, NULL);
|
||||
|
||||
settings->ca_crl =
|
||||
guac_user_parse_args_string(user, GUAC_VNC_CLIENT_ARGS, argv,
|
||||
IDX_CA_CRL, NULL);
|
||||
|
||||
/* Remote cursor */
|
||||
if (strcmp(argv[IDX_CURSOR], "remote") == 0) {
|
||||
guac_user_log(user, GUAC_LOG_INFO, "Cursor rendering: remote");
|
||||
@ -583,30 +540,6 @@ void guac_vnc_settings_free(guac_vnc_settings* settings) {
|
||||
free(settings->hostname);
|
||||
free(settings->recording_name);
|
||||
free(settings->recording_path);
|
||||
free(settings->client_cert);
|
||||
free(settings->client_key);
|
||||
free(settings->ca_cert);
|
||||
free(settings->ca_crl);
|
||||
|
||||
if (settings->client_cert_temp != NULL) {
|
||||
unlink(settings->client_cert_temp);
|
||||
free(settings->client_cert_temp);
|
||||
}
|
||||
|
||||
if (settings->client_key_temp != NULL) {
|
||||
unlink(settings->client_key_temp);
|
||||
free(settings->client_key_temp);
|
||||
}
|
||||
|
||||
if (settings->ca_cert_temp != NULL) {
|
||||
unlink(settings->ca_cert_temp);
|
||||
free(settings->ca_cert_temp);
|
||||
}
|
||||
|
||||
if (settings->ca_crl_temp != NULL) {
|
||||
unlink(settings->ca_crl_temp);
|
||||
free(settings->ca_crl_temp);
|
||||
}
|
||||
|
||||
#ifdef ENABLE_VNC_REPEATER
|
||||
/* Free VNC repeater settings */
|
||||
|
@ -55,47 +55,6 @@ typedef struct guac_vnc_settings {
|
||||
*/
|
||||
char* password;
|
||||
|
||||
/**
|
||||
* The contents of the client certificate to use for authentication.
|
||||
*/
|
||||
char* client_cert;
|
||||
|
||||
/**
|
||||
* The location of the temporary client certificate file.
|
||||
*/
|
||||
char* client_cert_temp;
|
||||
|
||||
/**
|
||||
* The contents of the client private key to use for authentication.
|
||||
*/
|
||||
char* client_key;
|
||||
|
||||
/**
|
||||
* The location of the temporary client key file.
|
||||
*/
|
||||
char* client_key_temp;
|
||||
|
||||
/**
|
||||
* The contents of the CA certificate file to use for authentication.
|
||||
*/
|
||||
char* ca_cert;
|
||||
|
||||
/**
|
||||
* The location of the temporary CA file.
|
||||
*/
|
||||
char* ca_cert_temp;
|
||||
|
||||
/**
|
||||
* The contents of the CA CRL location to use for checking for revoked
|
||||
* certificates during authentication.
|
||||
*/
|
||||
char* ca_crl;
|
||||
|
||||
/**
|
||||
* The location of the temporary CRL file.
|
||||
*/
|
||||
char* ca_crl_temp;
|
||||
|
||||
/**
|
||||
* Space-separated list of encodings to use within the VNC session.
|
||||
*/
|
||||
|
Loading…
Reference in New Issue
Block a user