source:
trunk/packages/invirt-vnc-client/debian/patches/invirt-ssl-proxy.patch
@
2691
Last change on this file since 2691 was 1472, checked in by quentin, 16 years ago | |
---|---|
File size: 24.6 KB |
-
new file invirt-vnc-client/InvirtTrustManager.java
- + 1 // This code is based on http://svntrac.hanhuy.com/repo/browser/hanhuy/trunk/cms/src/com/hanhuy/ria/client/RIATrustManager.java 2 /* 3 * Copyright 2006 Perry Nguyen <pfnguyen@hanhuy.com> 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 import java.io.IOException; 17 import java.io.InputStream; 18 import java.security.KeyStore; 19 import java.security.KeyStoreException; 20 import java.security.NoSuchAlgorithmException; 21 import java.security.cert.CertificateException; 22 import java.security.cert.X509Certificate; 23 import java.util.Enumeration; 24 import java.util.logging.Level; 25 import java.util.logging.Logger; 26 27 import javax.net.ssl.TrustManager; 28 import javax.net.ssl.TrustManagerFactory; 29 import javax.net.ssl.X509TrustManager; 30 31 public class InvirtTrustManager implements X509TrustManager { 32 private X509TrustManager trustManager; 33 private final static char[] KEY_STORE_PASSWORD = 34 { 'f', 'o', 'o', 'b', 'a', 'r' }; 35 private final static String KEY_STORE_RESOURCE = 36 "trust.store"; 37 38 private KeyStore loadKeyStore() throws Exception { 39 InputStream in = getClass().getClassLoader().getResourceAsStream( 40 KEY_STORE_RESOURCE); 41 KeyStore ks = null; 42 try { 43 if (in == null) { 44 //log.severe("Unable to open KeyStore"); 45 throw new NullPointerException(); 46 } 47 ks = KeyStore.getInstance(KeyStore.getDefaultType()); 48 ks.load(in, KEY_STORE_PASSWORD); 49 /*if (log.isLoggable(Level.FINEST)) { 50 for (Enumeration<String> aliases = ks.aliases(); 51 aliases.hasMoreElements();) { 52 String alias = aliases.nextElement(); 53 log.finest("ALIAS: " + alias); 54 } 55 }*/ 56 } catch (NoSuchAlgorithmException e) { 57 throwError(e); 58 } catch (CertificateException e) { 59 throwError(e); 60 } catch (IOException e) { 61 throwError(e); 62 } catch (KeyStoreException e) { 63 throwError(e); 64 } finally { 65 try { 66 if (in != null) 67 in.close(); 68 } 69 catch (IOException e) { } // ignore 70 } 71 return ks; 72 } 73 private void createTrustManager() { 74 try { 75 try { 76 KeyStore keystore = loadKeyStore(); 77 TrustManagerFactory factory = TrustManagerFactory.getInstance( 78 TrustManagerFactory.getDefaultAlgorithm()); 79 factory.init(keystore); 80 TrustManager[] trustManagers = factory.getTrustManagers(); 81 if (trustManagers.length == 0) 82 throw new IllegalStateException("No trust manager found"); 83 setTrustManager((X509TrustManager) trustManagers[0]); 84 } catch (NoSuchAlgorithmException e) { 85 throwError(e); 86 } catch (KeyStoreException e) { 87 throwError(e); 88 } 89 } catch (Exception e) { 90 e.printStackTrace(); 91 } 92 } 93 private void throwError(Exception e) throws Exception { 94 //HttpClientError error = new HttpClientError(e.getMessage()); 95 //error.initCause(e); 96 throw e; 97 } 98 public X509TrustManager getTrustManager() { 99 if (trustManager == null) 100 createTrustManager(); 101 return trustManager; 102 } 103 104 public void setTrustManager(X509TrustManager trustManager) { 105 this.trustManager = trustManager; 106 } 107 108 public void checkClientTrusted(X509Certificate[] chain, String authType) 109 throws CertificateException { 110 getTrustManager().checkClientTrusted(chain, authType); 111 } 112 113 public void checkServerTrusted(X509Certificate[] chain, String authType) 114 throws CertificateException { 115 getTrustManager().checkServerTrusted(chain, authType); 116 117 } 118 119 public X509Certificate[] getAcceptedIssuers() { 120 return getTrustManager().getAcceptedIssuers(); 121 } 122 123 } 124 No newline at end of file -
invirt-vnc-client
old new 17 17 DesCipher.class CapabilityInfo.class CapsContainer.class \ 18 18 RecordingFrame.class SessionRecorder.class \ 19 19 SocketFactory.class HTTPConnectSocketFactory.class \ 20 VNCProxyConnectSocketFactory.class VNCProxyConnectSocket.class \ 20 21 HTTPConnectSocket.class ReloginPanel.class \ 21 InStream.class MemInStream.class ZlibInStream.class 22 InStream.class MemInStream.class ZlibInStream.class \ 23 VNCProxyConnectSocketWrapper.class SocketWrapper.class SocketWrapper\$$WrappingSocketImpl.class InvirtTrustManager.class 22 24 23 25 SOURCES = VncViewer.java RfbProto.java AuthPanel.java VncCanvas.java \ 24 26 VncCanvas2.java \ … … 26 28 DesCipher.java CapabilityInfo.java CapsContainer.java \ 27 29 RecordingFrame.java SessionRecorder.java \ 28 30 SocketFactory.java HTTPConnectSocketFactory.java \ 31 VNCProxyConnectSocketFactory.java VNCProxyConnectSocket.java \ 29 32 HTTPConnectSocket.java ReloginPanel.java \ 30 InStream.java MemInStream.java ZlibInStream.java 33 InStream.java MemInStream.java ZlibInStream.java \ 34 VNCProxyConnectSocketWrapper.java SocketWrapper.java InvirtTrustManager.java 31 35 32 36 all: $(CLASSES) $(ARCHIVE) 33 37 -
invirt-vnc-client
old new 208 208 port = p; 209 209 210 210 if (viewer.socketFactory == null) { 211 System.out.println("Null socketFactory"); 211 212 sock = new Socket(host, port); 212 213 } else { 213 214 try { 214 215 Class factoryClass = Class.forName(viewer.socketFactory); 215 216 SocketFactory factory = (SocketFactory)factoryClass.newInstance(); 217 System.out.println("Using socketFactory " + factory); 216 218 if (viewer.inAnApplet) 217 219 sock = factory.createSocket(host, port, viewer); 218 220 else … … 236 238 try { 237 239 sock.close(); 238 240 closed = true; 239 System.out.println("RFB socket closed ");241 System.out.println("RFB socket closed " + sock); 240 242 if (rec != null) { 241 243 rec.close(); 242 244 rec = null; -
new file invirt-vnc-client/SocketWrapper.java
- + 1 /* 2 * Written by Dawid Kurzyniec and released to the public domain, as explained 3 * at http://creativecommons.org/licenses/publicdomain 4 */ 5 // Upstream is at http://www.dcl.mathcs.emory.edu/downloads/h2o/doc/api/edu/emory/mathcs/util/net/SocketWrapper.html 6 7 //package edu.emory.mathcs.util.net; 8 9 import java.io.*; 10 import java.net.*; 11 import java.nio.channels.*; 12 13 /** 14 * Wrapper for sockets which enables to add functionality in subclasses 15 * on top of existing, connected sockets. It is useful when direct subclassing 16 * of delegate socket class is not possible, e.g. if the delegate socket is 17 * created by a library. Possible usage example is socket factory chaining. 18 * This class delegates all socket-related requests to the wrapped delegate, 19 * as of JDK 1.4. 20 * 21 * @author Dawid Kurzyniec 22 * @version 1.4 23 */ 24 public abstract class SocketWrapper extends Socket { 25 26 /** 27 * the wrapped delegate socket. 28 */ 29 protected final Socket delegate; 30 31 /** 32 * Creates new socket wrapper for a given socket. The delegate 33 * must be connected and bound and it must not be closed. 34 * @param delegate the delegate socket to wrap 35 * @throws SocketException if the delegate socket is closed, not bound, 36 * or not connected 37 */ 38 protected SocketWrapper(Socket delegate) throws SocketException { 39 super(new WrappingSocketImpl(delegate)); 40 this.delegate = delegate; 41 System.out.println("Creating SocketWrapper $Rev$"); 42 } 43 44 public SocketChannel getChannel() { 45 return delegate.getChannel(); 46 } 47 48 /** 49 * Returns true, indicating that the socket is bound. 50 * 51 * @return true 52 */ 53 public boolean isBound() { 54 return true; 55 } 56 57 public boolean isClosed() { 58 return super.isClosed() || delegate.isClosed(); 59 } 60 61 /** 62 * Returns true, indicating that the socket is connected. 63 * 64 * @return true 65 */ 66 public boolean isConnected() { 67 return true; 68 } 69 70 public boolean isInputShutdown() { 71 return super.isInputShutdown() || delegate.isInputShutdown(); 72 } 73 74 public boolean isOutputShutdown() { 75 return super.isInputShutdown() || delegate.isOutputShutdown(); 76 } 77 78 private static class WrappingSocketImpl extends SocketImpl { 79 private final Socket delegate; 80 WrappingSocketImpl(Socket delegate) throws SocketException { 81 if (delegate == null) { 82 throw new NullPointerException(); 83 } 84 if (delegate.isClosed()) { 85 throw new SocketException("Delegate server socket is closed"); 86 } 87 if (!(delegate.isBound())) { 88 throw new SocketException("Delegate server socket is not bound"); 89 } 90 if (!(delegate.isConnected())) { 91 throw new SocketException("Delegate server socket is not connected"); 92 } 93 this.delegate = delegate; 94 } 95 96 protected void create(boolean stream) {} 97 98 protected void connect(String host, int port) { 99 // delegate is always connected, thus this method is never called 100 throw new UnsupportedOperationException(); 101 } 102 103 protected void connect(InetAddress address, int port) { 104 // delegate is always connected, thus this method is never called 105 throw new UnsupportedOperationException(); 106 } 107 108 protected void connect(SocketAddress address, int timeout) { 109 // delegate is always connected, thus this method is never called 110 throw new UnsupportedOperationException(); 111 } 112 113 protected void bind(InetAddress host, int port) { 114 // delegate is always bound, thus this method is never called 115 throw new UnsupportedOperationException(); 116 } 117 118 protected void listen(int backlog) { 119 // this wrapper is never used by a ServerSocket 120 throw new UnsupportedOperationException(); 121 } 122 123 protected void accept(SocketImpl s) { 124 // this wrapper is never used by a ServerSocket 125 throw new UnsupportedOperationException(); 126 } 127 128 protected InputStream getInputStream() throws IOException { 129 return delegate.getInputStream(); 130 } 131 132 protected OutputStream getOutputStream() throws IOException { 133 return delegate.getOutputStream(); 134 } 135 136 protected int available() throws IOException { 137 return getInputStream().available(); 138 } 139 140 protected void close() throws IOException { 141 System.out.println("Calling delegate.close"); 142 delegate.close(); 143 } 144 145 protected void shutdownInput() throws IOException { 146 delegate.shutdownInput(); 147 } 148 149 protected void shutdownOutput() throws IOException { 150 delegate.shutdownOutput(); 151 } 152 153 protected FileDescriptor getFileDescriptor() { 154 // this wrapper is never used by a ServerSocket 155 throw new UnsupportedOperationException(); 156 } 157 158 protected InetAddress getInetAddress() { 159 return delegate.getInetAddress(); 160 } 161 162 protected int getPort() { 163 return delegate.getPort(); 164 } 165 166 protected boolean supportsUrgentData() { 167 return false; // must be overridden in sub-class 168 } 169 170 protected void sendUrgentData (int data) throws IOException { 171 delegate.sendUrgentData(data); 172 } 173 174 protected int getLocalPort() { 175 return delegate.getLocalPort(); 176 } 177 178 public Object getOption(int optID) throws SocketException { 179 switch (optID) { 180 case SocketOptions.IP_TOS: 181 return new Integer(delegate.getTrafficClass()); 182 case SocketOptions.SO_BINDADDR: 183 return delegate.getLocalAddress(); 184 case SocketOptions.SO_KEEPALIVE: 185 return Boolean.valueOf(delegate.getKeepAlive()); 186 case SocketOptions.SO_LINGER: 187 return new Integer(delegate.getSoLinger()); 188 case SocketOptions.SO_OOBINLINE: 189 return Boolean.valueOf(delegate.getOOBInline()); 190 case SocketOptions.SO_RCVBUF: 191 return new Integer(delegate.getReceiveBufferSize()); 192 case SocketOptions.SO_REUSEADDR: 193 return Boolean.valueOf(delegate.getReuseAddress()); 194 case SocketOptions.SO_SNDBUF: 195 return new Integer(delegate.getSendBufferSize()); 196 case SocketOptions.SO_TIMEOUT: 197 return new Integer(delegate.getSoTimeout()); 198 case SocketOptions.TCP_NODELAY: 199 return Boolean.valueOf(delegate.getTcpNoDelay()); 200 case SocketOptions.SO_BROADCAST: 201 default: 202 throw new IllegalArgumentException("Unsupported option type"); 203 } 204 } 205 206 public void setOption(int optID, Object value) throws SocketException { 207 switch (optID) { 208 case SocketOptions.SO_BINDADDR: 209 throw new IllegalArgumentException("Socket is bound"); 210 case SocketOptions.SO_KEEPALIVE: 211 delegate.setKeepAlive(((Boolean)value).booleanValue()); 212 break; 213 case SocketOptions.SO_LINGER: 214 if (value instanceof Boolean) { 215 delegate.setSoLinger(((Boolean)value).booleanValue(), 0); 216 } 217 else { 218 delegate.setSoLinger(true, ((Integer)value).intValue()); 219 } 220 break; 221 case SocketOptions.SO_OOBINLINE: 222 delegate.setOOBInline(((Boolean)value).booleanValue()); 223 break; 224 case SocketOptions.SO_RCVBUF: 225 delegate.setReceiveBufferSize(((Integer)value).intValue()); 226 break; 227 case SocketOptions.SO_REUSEADDR: 228 delegate.setReuseAddress(((Boolean)value).booleanValue()); 229 break; 230 case SocketOptions.SO_SNDBUF: 231 delegate.setSendBufferSize(((Integer)value).intValue()); 232 break; 233 case SocketOptions.SO_TIMEOUT: 234 delegate.setSoTimeout(((Integer)value).intValue()); 235 break; 236 case SocketOptions.TCP_NODELAY: 237 delegate.setTcpNoDelay(((Boolean)value).booleanValue()); 238 break; 239 case SocketOptions.SO_BROADCAST: 240 default: 241 throw new IllegalArgumentException("Unsupported option type"); 242 } 243 } 244 } 245 246 public void close() throws IOException { 247 System.out.println("Calling SocketWrapper.delegate.close"); 248 delegate.close(); 249 } 250 251 public boolean equals(Object obj) { 252 if (!(obj instanceof SocketWrapper)) return false; 253 SocketWrapper that = (SocketWrapper)obj; 254 return this.delegate.equals(that.delegate); 255 } 256 257 public int hashCode() { 258 return delegate.hashCode() ^ 0x01010101; 259 } 260 public String toString() { 261 return "<SocketWrapper " + super.toString() + "(delegating to " + delegate.toString() + ")" + ">"; 262 } 263 } 264 No newline at end of file -
new file invirt-vnc-client/VNCProxyConnectSocket.java
- + 1 // 2 // Copyright (C) 2002 Constantin Kaplinsky, Inc. All Rights Reserved. 3 // Copyright 2007 MIT Student Information Processing Board 4 // 5 // This is free software; you can redistribute it and/or modify 6 // it under the terms of the GNU General Public License as published by 7 // the Free Software Foundation; either version 2 of the License, or 8 // (at your option) any later version. 9 // 10 // This software is distributed in the hope that it will be useful, 11 // but WITHOUT ANY WARRANTY; without even the implied warranty of 12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 // GNU General Public License for more details. 14 // 15 // You should have received a copy of the GNU General Public License 16 // along with this software; if not, write to the Free Software 17 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, 18 // USA. 19 // 20 21 // 22 // VNCProxySocket.java together with VNCProxySocketFactory.java 23 // implement an alternate way to connect to VNC servers via one or two 24 // VNCProxy proxies supporting the VNCProxy VNCCONNECT method. 25 // 26 27 import java.net.*; 28 import java.io.*; 29 30 class VNCProxyConnectSocket extends Socket { 31 32 public VNCProxyConnectSocket(String host, int port, 33 String vmname, String authtoken) 34 throws IOException { 35 36 // Connect to the specified HTTP proxy 37 super(host, port); 38 39 // Send the CONNECT request 40 getOutputStream().write(("CONNECTVNC " + vmname + 41 " VNCProxy/1.0\r\nAuth-token: " + authtoken + 42 "\r\n\r\n").getBytes()); 43 44 // Read the first line of the response 45 DataInputStream is = new DataInputStream(getInputStream()); 46 String str = is.readLine(); 47 48 // Check the HTTP error code -- it should be "200" on success 49 if (!str.startsWith("VNCProxy/1.0 200 ")) { 50 if (str.startsWith("VNCProxy/1.0 ")) 51 str = str.substring(13); 52 throw new IOException("Proxy reports \"" + str + "\""); 53 } 54 55 // Success -- skip remaining HTTP headers 56 do { 57 str = is.readLine(); 58 } while (str.length() != 0); 59 } 60 } 61 -
new file invirt-vnc-client/VNCProxyConnectSocketFactory.java
- + 1 // 2 // Copyright (C) 2002 Constantin Kaplinsky, Inc. All Rights Reserved. 3 // Copyright 2007 MIT Student Information Processing Board 4 // 5 // This is free software; you can redistribute it and/or modify 6 // it under the terms of the GNU General Public License as published by 7 // the Free Software Foundation; either version 2 of the License, or 8 // (at your option) any later version. 9 // 10 // This software is distributed in the hope that it will be useful, 11 // but WITHOUT ANY WARRANTY; without even the implied warranty of 12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 // GNU General Public License for more details. 14 // 15 // You should have received a copy of the GNU General Public License 16 // along with this software; if not, write to the Free Software 17 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, 18 // USA. 19 // 20 21 // 22 // VNCProxyConnectSocketFactory.java together with VNCProxyConnectSocket.java 23 // implement an alternate way to connect to VNC servers via one or two 24 // VNCProxy proxies supporting the VNCProxy CONNECT method. 25 // 26 27 import java.applet.*; 28 import java.net.*; 29 import javax.net.ssl.*; 30 import java.io.*; 31 32 class VNCProxyConnectSocketFactory implements SocketFactory { 33 34 SSLSocketFactory factory; 35 36 public VNCProxyConnectSocketFactory() { 37 try { 38 SSLContext c = SSLContext.getInstance("SSL"); 39 c.init(null, 40 new TrustManager[] { new InvirtTrustManager() }, 41 null); 42 factory = 43 (SSLSocketFactory)c.getSocketFactory(); 44 } catch (Exception e) { 45 e.printStackTrace(); 46 } 47 } 48 49 public Socket createSocket(String host, int port, Applet applet) 50 throws IOException { 51 52 return createSocket(host, port, 53 applet.getParameter("VMNAME"), 54 applet.getParameter("AUTHTOKEN")); 55 } 56 57 public Socket createSocket(String host, int port, String[] args) 58 throws IOException { 59 60 return createSocket(host, port, 61 readArg(args, "VMNAME"), 62 readArg(args, "AUTHTOKEN")); 63 } 64 65 public Socket createSocket(String host, int port, 66 String vmname, String authtoken) 67 throws IOException { 68 69 if (vmname == null || authtoken == null) { 70 System.out.println("Incomplete parameter list for VNCProxyConnectSocket"); 71 return new Socket(host, port); 72 } 73 74 System.out.println("VNCProxy CONNECT via proxy " + host + 75 " port " + port + " to vm " + vmname); 76 SSLSocket ssls = (SSLSocket)factory.createSocket(host, port); 77 ssls.startHandshake(); 78 VNCProxyConnectSocketWrapper s = 79 new VNCProxyConnectSocketWrapper(ssls, vmname, authtoken); 80 81 return (Socket)s; 82 } 83 84 private String readArg(String[] args, String name) { 85 86 for (int i = 0; i < args.length; i += 2) { 87 if (args[i].equalsIgnoreCase(name)) { 88 try { 89 return args[i+1]; 90 } catch (Exception e) { 91 return null; 92 } 93 } 94 } 95 return null; 96 } 97 } 98 -
new file invirt-vnc-client/VNCProxyConnectSocketWrapper.java
- + 1 // 2 // Copyright (C) 2002 Constantin Kaplinsky, Inc. All Rights Reserved. 3 // Copyright 2007 MIT Student Information Processing Board 4 // 5 // This is free software; you can redistribute it and/or modify 6 // it under the terms of the GNU General Public License as published by 7 // the Free Software Foundation; either version 2 of the License, or 8 // (at your option) any later version. 9 // 10 // This software is distributed in the hope that it will be useful, 11 // but WITHOUT ANY WARRANTY; without even the implied warranty of 12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 // GNU General Public License for more details. 14 // 15 // You should have received a copy of the GNU General Public License 16 // along with this software; if not, write to the Free Software 17 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, 18 // USA. 19 // 20 21 // 22 // VNCProxySocket.java together with VNCProxySocketFactory.java 23 // implement an alternate way to connect to VNC servers via one or two 24 // VNCProxy proxies supporting the VNCProxy VNCCONNECT method. 25 // 26 27 import java.net.*; 28 import java.io.*; 29 30 class VNCProxyConnectSocketWrapper extends SocketWrapper { 31 32 public VNCProxyConnectSocketWrapper(Socket sock, 33 String vmname, String authtoken) 34 throws IOException { 35 36 super(sock); 37 38 // Send the CONNECT request 39 getOutputStream().write(("CONNECTVNC " + vmname + 40 " VNCProxy/1.0\r\nAuth-token: " + authtoken + 41 "\r\n\r\n").getBytes()); 42 43 // Read the first line of the response 44 DataInputStream is = new DataInputStream(getInputStream()); 45 String str = is.readLine(); 46 47 // Check the HTTP error code -- it should be "200" on success 48 if (!str.startsWith("VNCProxy/1.0 200 ")) { 49 if (str.startsWith("VNCProxy/1.0 ")) 50 str = str.substring(13); 51 throw new IOException("Proxy reports \"" + str + "\""); 52 } 53 54 // Success -- skip remaining HTTP headers 55 do { 56 str = is.readLine(); 57 } while (str.length() != 0); 58 } 59 } 60
Note: See TracBrowser
for help on using the repository browser.