summaryrefslogtreecommitdiffstats
path: root/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch
diff options
context:
space:
mode:
Diffstat (limited to 'classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch')
-rw-r--r--classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch97
1 files changed, 87 insertions, 10 deletions
diff --git a/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch b/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch
index 8111b88..bd26a47 100644
--- a/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch
+++ b/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch
@@ -73,8 +73,8 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/RfbProto.java vnc_javasrc/RfbProto
serverMajor = (b[4] - '0') * 100 + (b[5] - '0') * 10 + (b[6] - '0');
diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSLSocketToMe.java
--- vnc_javasrc.orig/SSLSocketToMe.java 1969-12-31 19:00:00.000000000 -0500
-+++ vnc_javasrc/SSLSocketToMe.java 2006-09-23 18:35:25.000000000 -0400
-@@ -0,0 +1,1301 @@
++++ vnc_javasrc/SSLSocketToMe.java 2007-02-21 23:27:10.000000000 -0500
+@@ -0,0 +1,1366 @@
+/*
+ * SSLSocketToMe.java: add SSL encryption to Java VNC Viewer.
+ *
@@ -100,9 +100,14 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+import java.net.*;
+import java.io.*;
+import javax.net.ssl.*;
-+import java.security.cert.*;
+import java.util.*;
+
++import java.security.*;
++import java.security.cert.*;
++import java.security.spec.*;
++import java.security.cert.Certificate;
++import java.security.cert.CertificateFactory;
++
+import java.awt.*;
+import java.awt.event.*;
+
@@ -149,6 +154,25 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+ java.security.cert.Certificate[] trustallCerts = null;
+ java.security.cert.Certificate[] trusturlCerts = null;
+
++ byte[] hex2bytes(String s) {
++ byte[] bytes = new byte[s.length()/2];
++ for (int i=0; i<s.length()/2; i++) {
++ int j = 2*i;
++ try {
++ int val = Integer.parseInt(s.substring(j, j+2), 16);
++ if (val > 127) {
++ val -= 256;
++ }
++ Integer I = new Integer(val);
++ bytes[i] = Byte.decode(I.toString()).byteValue();
++
++ } catch (Exception e) {
++ ;
++ }
++ }
++ return bytes;
++ }
++
+ SSLSocketToMe(String h, int p, VncViewer v) throws Exception {
+ host = h;
+ port = p;
@@ -338,10 +362,48 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+ * 2) to subsequently connect to the server if user agrees.
+ */
+
++ KeyManager[] mykey = null;
++
++ if (viewer.oneTimeKey != null && viewer.oneTimeKey.indexOf(",") > 0) {
++ int idx = viewer.oneTimeKey.indexOf(",");
++
++ String onetimekey = viewer.oneTimeKey.substring(0, idx);
++ byte[] key = hex2bytes(onetimekey);
++ String onetimecert = viewer.oneTimeKey.substring(idx+1);
++ byte[] cert = hex2bytes(onetimecert);
++
++ KeyFactory kf = KeyFactory.getInstance("RSA");
++ PKCS8EncodedKeySpec keysp = new PKCS8EncodedKeySpec ( key );
++ PrivateKey ff = kf.generatePrivate (keysp);
++ dbg("ff " + ff);
++ String cert_str = new String(cert);
++
++ CertificateFactory cf = CertificateFactory.getInstance("X.509");
++ Collection c = cf.generateCertificates(new ByteArrayInputStream(cert));
++ Certificate[] certs = new Certificate[c.toArray().length];
++ if (c.size() == 1) {
++ Certificate tmpcert = cf.generateCertificate(new ByteArrayInputStream(cert));
++ dbg("tmpcert" + tmpcert);
++ certs[0] = tmpcert;
++ } else {
++ certs = (Certificate[]) c.toArray();
++ }
++
++ KeyStore ks = KeyStore.getInstance("JKS");
++ ks.load(null, null);
++ ks.setKeyEntry("onetimekey", ff, "".toCharArray(), certs);
++ String da = KeyManagerFactory.getDefaultAlgorithm();
++ KeyManagerFactory kmf = KeyManagerFactory.getInstance(da);
++ kmf.init(ks, "".toCharArray());
++
++ mykey = kmf.getKeyManagers();
++ }
++
++
+ /* trust loc certs: */
+ try {
+ trustloc_ctx = SSLContext.getInstance("SSL");
-+ trustloc_ctx.init(null, null, new
++ trustloc_ctx.init(mykey, null, new
+ java.security.SecureRandom());
+
+ } catch (Exception e) {
@@ -353,7 +415,7 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+ /* trust all certs: */
+ try {
+ trustall_ctx = SSLContext.getInstance("SSL");
-+ trustall_ctx.init(null, trustAllCerts, new
++ trustall_ctx.init(mykey, trustAllCerts, new
+ java.security.SecureRandom());
+
+ } catch (Exception e) {
@@ -365,7 +427,7 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+ /* trust url certs: */
+ try {
+ trusturl_ctx = SSLContext.getInstance("SSL");
-+ trusturl_ctx.init(null, trustUrlCert, new
++ trusturl_ctx.init(mykey, trustUrlCert, new
+ java.security.SecureRandom());
+
+ } catch (Exception e) {
@@ -377,7 +439,7 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+ /* trust the one cert from server: */
+ try {
+ trustone_ctx = SSLContext.getInstance("SSL");
-+ trustone_ctx.init(null, trustOneCert, new
++ trustone_ctx.init(mykey, trustOneCert, new
+ java.security.SecureRandom());
+
+ } catch (Exception e) {
@@ -563,6 +625,9 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+ if (viewer.trustAllVncCerts) {
+ dbg("viewer.trustAllVncCerts-2");
+ user_wants_to_see_cert = false;
++ } else if (viewer.trustUrlVncCert) {
++ dbg("viewer.trustUrlVncCert-1");
++ user_wants_to_see_cert = false;
+ } else {
+ bcd = new BrowserCertsDialog(serv, host + ":" + port);
+ bcd.queryUser();
@@ -1378,8 +1443,8 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+}
diff -x VncCanvas.java -Naur vnc_javasrc.orig/VncViewer.java vnc_javasrc/VncViewer.java
--- vnc_javasrc.orig/VncViewer.java 2004-03-04 08:34:25.000000000 -0500
-+++ vnc_javasrc/VncViewer.java 2006-12-01 02:31:26.000000000 -0500
-@@ -88,6 +88,14 @@
++++ vnc_javasrc/VncViewer.java 2007-02-21 23:24:37.000000000 -0500
+@@ -88,6 +88,16 @@
int deferCursorUpdates;
int deferUpdateRequests;
@@ -1388,13 +1453,15 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/VncViewer.java vnc_javasrc/VncView
+ String CONNECT;
+ String urlPrefix;
+ String httpsPort;
++ String oneTimeKey;
+ boolean forceProxy;
+ boolean trustAllVncCerts;
++ boolean trustUrlVncCert;
+
// Reference to this applet for inter-applet communication.
public static java.applet.Applet refApplet;
-@@ -626,6 +634,53 @@
+@@ -626,6 +636,63 @@
// SocketFactory.
socketFactory = readParameter("SocketFactory", false);
@@ -1435,6 +1502,11 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/VncViewer.java vnc_javasrc/VncView
+ }
+ System.out.println("urlPrefix: '" + urlPrefix + "'");
+
++ oneTimeKey = readParameter("oneTimeKey", false);
++ if (oneTimeKey != null) {
++ System.out.println("oneTimeKey: is set");
++ }
++
+ forceProxy = false;
+ str = readParameter("forceProxy", false);
+ if (str != null && str.equalsIgnoreCase("Yes")) {
@@ -1445,6 +1517,11 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/VncViewer.java vnc_javasrc/VncView
+ if (str != null && str.equalsIgnoreCase("Yes")) {
+ trustAllVncCerts = true;
+ }
++ trustUrlVncCert = false;
++ str = readParameter("trustUrlVncCert", false);
++ if (str != null && str.equalsIgnoreCase("Yes")) {
++ trustUrlVncCert = true;
++ }
}
public String readParameter(String name, boolean required) {
generated by cgit v1.2.1 (git 2.18.0) at 2024-12-29 18:33:39 +0000