github/vncproxy
1
0
Fork 0
mirror of https://github.com/amitbet/vncproxy.git synced 2025-09-23 10:28:54 +00:00
Code Issues Projects Releases Wiki Activity

Added server for web sockets, plus some refactoring

Browse Source
This commit is contained in:
amit bezalel
2017-07-01 23:01:58 +03:00
parent 66c322c164
commit 076d8bb4cf
28 changed files with 1774 additions and 1716 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
server/client-messages.go
View File

@@ -39,7 +39,7 @@ func (msg *SetPixelFormat) Write(c common.Conn) error {
c.SetColorMap(&common.ColorMap{})
}
return c.Flush()
return nil
}
func (*SetPixelFormat) Read(c common.Conn) (common.ClientMessage, error) {
@@ -103,7 +103,7 @@ func (msg *SetEncodings) Write(c common.Conn) error {
return err
}
}
return c.Flush()
return nil
}
// FramebufferUpdateRequest holds the wire format message.
@@ -132,7 +132,7 @@ func (msg *FramebufferUpdateRequest) Write(c common.Conn) error {
if err := binary.Write(c, binary.BigEndian, msg); err != nil {
return err
}
return c.Flush()
return nil
}
// KeyEvent holds the wire format message.
@@ -161,7 +161,7 @@ func (msg *KeyEvent) Write(c common.Conn) error {
if err := binary.Write(c, binary.BigEndian, msg); err != nil {
return err
}
return c.Flush()
return nil
}
// PointerEventMessage holds the wire format message.
@@ -189,7 +189,7 @@ func (msg *PointerEvent) Write(c common.Conn) error {
if err := binary.Write(c, binary.BigEndian, msg); err != nil {
return err
}
return c.Flush()
return nil
}
// ClientCutText holds the wire format message, sans the text field.
@@ -243,5 +243,5 @@ func (msg *ClientCutText) Write(c common.Conn) error {
return err
}
return c.Flush()
return nil
}

BIN
server/debug.test
View File

Binary file not shown.

165
server/handlers.go
View File

@@ -7,20 +7,6 @@ import (
"io"
)
// // ClientMessage is the interface
// type ClientMessage interface {
// Type() ClientMessageType
// Read(Conn) (ClientMessage, error)
// Write(Conn) error
// }
// // ServerMessage is the interface
// type ServerMessage interface {
// Type() ServerMessageType
// Read(Conn) (ServerMessage, error)
// Write(Conn) error
// }
const ProtoVersionLength = 12
const (
@@ -47,45 +33,14 @@ func ParseProtoVersion(pv []byte) (uint, uint, error) {
return major, minor, nil
}
// func ClientVersionHandler(cfg *ClientConfig, c ServerConn) error {
// var version [ProtoVersionLength]byte
// if err := binary.Read(c, binary.BigEndian, &version); err != nil {
// return err
// }
// major, minor, err := ParseProtoVersion(version[:])
// if err != nil {
// return err
// }
// pv := ProtoVersionUnknown
// if major == 3 {
// if minor >= 8 {
// pv = ProtoVersion38
// } else if minor >= 3 {
// pv = ProtoVersion38
// }
// }
// if pv == ProtoVersionUnknown {
// return fmt.Errorf("ProtocolVersion handshake failed; unsupported version '%v'", string(version[:]))
// }
// c.SetProtoVersion(string(version[:]))
// if err := binary.Write(c, binary.BigEndian, []byte(pv)); err != nil {
// return err
// }
// return c.Flush()
// }
func ServerVersionHandler(cfg *ServerConfig, c *ServerConn) error {
var version [ProtoVersionLength]byte
if err := binary.Write(c, binary.BigEndian, []byte(ProtoVersion38)); err != nil {
return err
}
if err := c.Flush(); err != nil {
return err
}
// if err := c.Flush(); err != nil {
// return err
// }
if err := binary.Read(c, binary.BigEndian, &version); err != nil {
return err
}
@@ -111,58 +66,6 @@ func ServerVersionHandler(cfg *ServerConfig, c *ServerConn) error {
return nil
}
// func ClientSecurityHandler(cfg *ClientConfig, c Conn) error {
// var numSecurityTypes uint8
// if err := binary.Read(c, binary.BigEndian, &numSecurityTypes); err != nil {
// return err
// }
// secTypes := make([]SecurityType, numSecurityTypes)
// if err := binary.Read(c, binary.BigEndian, &secTypes); err != nil {
// return err
// }
// var secType SecurityHandler
// for _, st := range cfg.SecurityHandlers {
// for _, sc := range secTypes {
// if st.Type() == sc {
// secType = st
// }
// }
// }
// if err := binary.Write(c, binary.BigEndian, cfg.SecurityHandlers[0].Type()); err != nil {
// return err
// }
// if err := c.Flush(); err != nil {
// return err
// }
// err := secType.Auth(c)
// if err != nil {
// return err
// }
// var authCode uint32
// if err := binary.Read(c, binary.BigEndian, &authCode); err != nil {
// return err
// }
// if authCode == 1 {
// var reasonLength uint32
// if err := binary.Read(c, binary.BigEndian, &reasonLength); err != nil {
// return err
// }
// reasonText := make([]byte, reasonLength)
// if err := binary.Read(c, binary.BigEndian, &reasonText); err != nil {
// return err
// }
// return fmt.Errorf("%s", reasonText)
// }
// return nil
// }
func ServerSecurityHandler(cfg *ServerConfig, c *ServerConn) error {
if err := binary.Write(c, binary.BigEndian, uint8(len(cfg.SecurityHandlers))); err != nil {
return err
@@ -174,9 +77,9 @@ func ServerSecurityHandler(cfg *ServerConfig, c *ServerConn) error {
}
}
if err := c.Flush(); err != nil {
return err
}
// if err := c.Flush(); err != nil {
// return err
// }
var secType SecurityType
if err := binary.Read(c, binary.BigEndian, &secType); err != nil {
@@ -202,9 +105,9 @@ func ServerSecurityHandler(cfg *ServerConfig, c *ServerConn) error {
if err := binary.Write(c, binary.BigEndian, authCode); err != nil {
return err
}
if err := c.Flush(); err != nil {
return err
}
// if err := c.Flush(); err != nil {
// return err
// }
if authErr != nil {
if err := binary.Write(c, binary.BigEndian, len(authErr.Error())); err != nil {
@@ -213,44 +116,15 @@ func ServerSecurityHandler(cfg *ServerConfig, c *ServerConn) error {
if err := binary.Write(c, binary.BigEndian, []byte(authErr.Error())); err != nil {
return err
}
if err := c.Flush(); err != nil {
return err
}
// if err := c.Flush(); err != nil {
// return err
// }
return authErr
}
return nil
}
// func ClientServerInitHandler(cfg *ClientConfig, c *ServerConn) error {
// srvInit := &ServerInit{}
// if err := binary.Read(c, binary.BigEndian, &srvInit.FBWidth); err != nil {
// return err
// }
// if err := binary.Read(c, binary.BigEndian, &srvInit.FBHeight); err != nil {
// return err
// }
// if err := binary.Read(c, binary.BigEndian, &srvInit.PixelFormat); err != nil {
// return err
// }
// if err := binary.Read(c, binary.BigEndian, &srvInit.NameLength); err != nil {
// return err
// }
// nameText := make([]byte, srvInit.NameLength)
// if err := binary.Read(c, binary.BigEndian, nameText); err != nil {
// return err
// }
// srvInit.NameText = nameText
// c.SetDesktopName(string(srvInit.NameText))
// c.SetWidth(srvInit.FBWidth)
// c.SetHeight(srvInit.FBHeight)
// c.SetPixelFormat(&srvInit.PixelFormat)
// return nil
// }
func ServerServerInitHandler(cfg *ServerConfig, c *ServerConn) error {
srvInit := &ServerInit{
FBWidth: c.Width(),
@@ -293,7 +167,7 @@ func ServerServerInitHandler(cfg *ServerConfig, c *ServerConn) error {
//}
//tightInit.WriteTo(c)
return c.Flush()
return nil
}
const (
@@ -465,19 +339,6 @@ func (t *TightCapability) ReadFrom(r io.Reader) error {
return nil
}
// func ClientClientInitHandler(cfg *ClientConfig, c *ServerConn) error {
// var shared uint8
// if cfg.Exclusive {
// shared = 0
// } else {
// shared = 1
// }
// if err := binary.Write(c, binary.BigEndian, shared); err != nil {
// return err
// }
// return c.Flush()
// }
func ServerClientInitHandler(cfg *ServerConfig, c *ServerConn) error {
var shared uint8
if err := binary.Read(c, binary.BigEndian, &shared); err != nil {

668
server/security.go
View File

@@ -1,333 +1,335 @@
package server
import (
"bytes"
"crypto/des"
"crypto/rand"
"errors"
"log"
"vncproxy/common"
)
type SecurityType uint8
const (
SecTypeUnknown = SecurityType(0)
SecTypeNone = SecurityType(1)
SecTypeVNC = SecurityType(2)
SecTypeVeNCrypt = SecurityType(19)
)
type SecuritySubType uint32
const (
SecSubTypeUnknown = SecuritySubType(0)
)
const (
SecSubTypeVeNCrypt01Unknown = SecuritySubType(0)
SecSubTypeVeNCrypt01Plain = SecuritySubType(19)
SecSubTypeVeNCrypt01TLSNone = SecuritySubType(20)
SecSubTypeVeNCrypt01TLSVNC = SecuritySubType(21)
SecSubTypeVeNCrypt01TLSPlain = SecuritySubType(22)
SecSubTypeVeNCrypt01X509None = SecuritySubType(23)
SecSubTypeVeNCrypt01X509VNC = SecuritySubType(24)
SecSubTypeVeNCrypt01X509Plain = SecuritySubType(25)
)
const (
SecSubTypeVeNCrypt02Unknown = SecuritySubType(0)
SecSubTypeVeNCrypt02Plain = SecuritySubType(256)
SecSubTypeVeNCrypt02TLSNone = SecuritySubType(257)
SecSubTypeVeNCrypt02TLSVNC = SecuritySubType(258)
SecSubTypeVeNCrypt02TLSPlain = SecuritySubType(259)
SecSubTypeVeNCrypt02X509None = SecuritySubType(260)
SecSubTypeVeNCrypt02X509VNC = SecuritySubType(261)
SecSubTypeVeNCrypt02X509Plain = SecuritySubType(262)
)
type SecurityHandler interface {
Type() SecurityType
SubType() SecuritySubType
Auth(common.Conn) error
}
// type ClientAuthNone struct{}
// func (*ClientAuthNone) Type() SecurityType {
// return SecTypeNone
// }
// func (*ClientAuthNone) SubType() SecuritySubType {
// return SecSubTypeUnknown
// }
// func (*ClientAuthNone) Auth(conn common.Conn) error {
// return nil
// }
// ServerAuthNone is the "none" authentication. See 7.2.1.
type ServerAuthNone struct{}
func (*ServerAuthNone) Type() SecurityType {
return SecTypeNone
}
func (*ServerAuthNone) Auth(c common.Conn) error {
return nil
}
func (*ServerAuthNone) SubType() SecuritySubType {
return SecSubTypeUnknown
}
// func (*ClientAuthVeNCrypt02Plain) Type() SecurityType {
// return SecTypeVeNCrypt
// }
// func (*ClientAuthVeNCrypt02Plain) SubType() SecuritySubType {
// return SecSubTypeVeNCrypt02Plain
// }
// // ClientAuthVeNCryptPlain see https://www.berrange.com/~dan/vencrypt.txt
// type ClientAuthVeNCrypt02Plain struct {
// Username []byte
// Password []byte
// }
// func (auth *ClientAuthVeNCrypt02Plain) Auth(c common.Conn) error {
// if err := binary.Write(c, binary.BigEndian, []uint8{0, 2}); err != nil {
// return err
// }
// if err := c.Flush(); err != nil {
// return err
// }
// var (
// major, minor uint8
// )
// if err := binary.Read(c, binary.BigEndian, &major); err != nil {
// return err
// }
// if err := binary.Read(c, binary.BigEndian, &minor); err != nil {
// return err
// }
// res := uint8(1)
// if major == 0 && minor == 2 {
// res = uint8(0)
// }
// if err := binary.Write(c, binary.BigEndian, res); err != nil {
// return err
// }
// c.Flush()
// if err := binary.Write(c, binary.BigEndian, uint8(1)); err != nil {
// return err
// }
// if err := binary.Write(c, binary.BigEndian, auth.SubType()); err != nil {
// return err
// }
// if err := c.Flush(); err != nil {
// return err
// }
// var secType SecuritySubType
// if err := binary.Read(c, binary.BigEndian, &secType); err != nil {
// return err
// }
// if secType != auth.SubType() {
// binary.Write(c, binary.BigEndian, uint8(1))
// c.Flush()
// return fmt.Errorf("invalid sectype")
// }
// if len(auth.Password) == 0 || len(auth.Username) == 0 {
// return fmt.Errorf("Security Handshake failed; no username and/or password provided for VeNCryptAuth.")
// }
// /*
// if err := binary.Write(c, binary.BigEndian, uint32(len(auth.Username))); err != nil {
// return err
// }
// if err := binary.Write(c, binary.BigEndian, uint32(len(auth.Password))); err != nil {
// return err
// }
// if err := binary.Write(c, binary.BigEndian, auth.Username); err != nil {
// return err
// }
// if err := binary.Write(c, binary.BigEndian, auth.Password); err != nil {
// return err
// }
// */
// var (
// uLength, pLength uint32
// )
// if err := binary.Read(c, binary.BigEndian, &uLength); err != nil {
// return err
// }
// if err := binary.Read(c, binary.BigEndian, &pLength); err != nil {
// return err
// }
// username := make([]byte, uLength)
// password := make([]byte, pLength)
// if err := binary.Read(c, binary.BigEndian, &username); err != nil {
// return err
// }
// if err := binary.Read(c, binary.BigEndian, &password); err != nil {
// return err
// }
// if !bytes.Equal(auth.Username, username) || !bytes.Equal(auth.Password, password) {
// return fmt.Errorf("invalid username/password")
// }
// return nil
// }
// ServerAuthVNC is the standard password authentication. See 7.2.2.
type ServerAuthVNC struct{}
func (*ServerAuthVNC) Type() SecurityType {
return SecTypeVNC
}
func (*ServerAuthVNC) SubType() SecuritySubType {
return SecSubTypeUnknown
}
const AUTH_FAIL = "Authentication Failure"
func (auth *ServerAuthVNC) Auth(c common.Conn) error {
buf := make([]byte, 8+len([]byte(AUTH_FAIL)))
rand.Read(buf[:16]) // Random 16 bytes in buf
sndsz, err := c.Write(buf[:16])
if err != nil {
log.Printf("Error sending challenge to client: %s\n", err.Error())
return errors.New("Error sending challenge to client:" + err.Error())
}
if sndsz != 16 {
log.Printf("The full 16 byte challenge was not sent!\n")
return errors.New("The full 16 byte challenge was not sent")
}
c.Flush()
buf2 := make([]byte, 16)
_, err = c.Read(buf2)
if err != nil {
log.Printf("The authentication result was not read: %s\n", err.Error())
return errors.New("The authentication result was not read" + err.Error())
}
AuthText := "1234"
bk, err := des.NewCipher([]byte(fixDesKey(AuthText)))
if err != nil {
log.Printf("Error generating authentication cipher: %s\n", err.Error())
return errors.New("Error generating authentication cipher")
}
buf3 := make([]byte, 16)
bk.Encrypt(buf3, buf) //Encrypt first 8 bytes
bk.Encrypt(buf3[8:], buf[8:]) // Encrypt second 8 bytes
if bytes.Compare(buf2, buf3) != 0 { // If the result does not decrypt correctly to what we sent then a problem
SetUint32(buf, 0, 1)
SetUint32(buf, 4, uint32(len([]byte(AUTH_FAIL))))
copy(buf[8:], []byte(AUTH_FAIL))
c.Write(buf)
c.Flush()
return errors.New("Authentication failed")
}
return nil
}
// SetUint32 set 4 bytes at pos in buf to the val (in big endian format)
// A test is done to ensure there are 4 bytes available at pos in the buffer
func SetUint32(buf []byte, pos int, val uint32) {
if pos+4 > len(buf) {
return
}
for i := 0; i < 4; i++ {
buf[3-i+pos] = byte(val)
val >>= 8
}
}
// fixDesKeyByte is used to mirror a byte's bits
// This is not clearly indicated by the document, but is in actual fact used
func fixDesKeyByte(val byte) byte {
var newval byte = 0
for i := 0; i < 8; i++ {
newval <<= 1
newval += (val & 1)
val >>= 1
}
return newval
}
// fixDesKey will make sure that exactly 8 bytes is used either by truncating or padding with nulls
// The bytes are then bit mirrored and returned
func fixDesKey(key string) []byte {
tmp := []byte(key)
buf := make([]byte, 8)
if len(tmp) <= 8 {
copy(buf, tmp)
} else {
copy(buf, tmp[:8])
}
for i := 0; i < 8; i++ {
buf[i] = fixDesKeyByte(buf[i])
}
return buf
}
// // ClientAuthVNC is the standard password authentication. See 7.2.2.
// type ClientAuthVNC struct {
// Challenge [16]byte
// Password []byte
// }
// func (*ClientAuthVNC) Type() SecurityType {
// return SecTypeVNC
// }
// func (*ClientAuthVNC) SubType() SecuritySubType {
// return SecSubTypeUnknown
// }
// func (auth *ClientAuthVNC) Auth(c common.Conn) error {
// if len(auth.Password) == 0 {
// return fmt.Errorf("Security Handshake failed; no password provided for VNCAuth.")
// }
// if err := binary.Read(c, binary.BigEndian, auth.Challenge); err != nil {
// return err
// }
// auth.encode()
// // Send the encrypted challenge back to server
// if err := binary.Write(c, binary.BigEndian, auth.Challenge); err != nil {
// return err
// }
// return c.Flush()
// }
// func (auth *ClientAuthVNC) encode() error {
// // Copy password string to 8 byte 0-padded slice
// key := make([]byte, 8)
// copy(key, auth.Password)
// // Each byte of the password needs to be reversed. This is a
// // non RFC-documented behaviour of VNC clients and servers
// for i := range key {
// key[i] = (key[i]&0x55)<<1 | (key[i]&0xAA)>>1 // Swap adjacent bits
// key[i] = (key[i]&0x33)<<2 | (key[i]&0xCC)>>2 // Swap adjacent pairs
// key[i] = (key[i]&0x0F)<<4 | (key[i]&0xF0)>>4 // Swap the 2 halves
// }
// // Encrypt challenge with key.
// cipher, err := des.NewCipher(key)
// if err != nil {
// return err
// }
// for i := 0; i < len(auth.Challenge); i += cipher.BlockSize() {
// cipher.Encrypt(auth.Challenge[i:i+cipher.BlockSize()], auth.Challenge[i:i+cipher.BlockSize()])
// }
// return nil
// }
package server
import (
"bytes"
"crypto/des"
"crypto/rand"
"errors"
"log"
"vncproxy/common"
)
type SecurityType uint8
const (
SecTypeUnknown = SecurityType(0)
SecTypeNone = SecurityType(1)
SecTypeVNC = SecurityType(2)
SecTypeVeNCrypt = SecurityType(19)
)
type SecuritySubType uint32
const (
SecSubTypeUnknown = SecuritySubType(0)
)
const (
SecSubTypeVeNCrypt01Unknown = SecuritySubType(0)
SecSubTypeVeNCrypt01Plain = SecuritySubType(19)
SecSubTypeVeNCrypt01TLSNone = SecuritySubType(20)
SecSubTypeVeNCrypt01TLSVNC = SecuritySubType(21)
SecSubTypeVeNCrypt01TLSPlain = SecuritySubType(22)
SecSubTypeVeNCrypt01X509None = SecuritySubType(23)
SecSubTypeVeNCrypt01X509VNC = SecuritySubType(24)
SecSubTypeVeNCrypt01X509Plain = SecuritySubType(25)
)
const (
SecSubTypeVeNCrypt02Unknown = SecuritySubType(0)
SecSubTypeVeNCrypt02Plain = SecuritySubType(256)
SecSubTypeVeNCrypt02TLSNone = SecuritySubType(257)
SecSubTypeVeNCrypt02TLSVNC = SecuritySubType(258)
SecSubTypeVeNCrypt02TLSPlain = SecuritySubType(259)
SecSubTypeVeNCrypt02X509None = SecuritySubType(260)
SecSubTypeVeNCrypt02X509VNC = SecuritySubType(261)
SecSubTypeVeNCrypt02X509Plain = SecuritySubType(262)
)
type SecurityHandler interface {
Type() SecurityType
SubType() SecuritySubType
Auth(common.Conn) error
}
// type ClientAuthNone struct{}
// func (*ClientAuthNone) Type() SecurityType {
// return SecTypeNone
// }
// func (*ClientAuthNone) SubType() SecuritySubType {
// return SecSubTypeUnknown
// }
// func (*ClientAuthNone) Auth(conn common.Conn) error {
// return nil
// }
// ServerAuthNone is the "none" authentication. See 7.2.1.
type ServerAuthNone struct{}
func (*ServerAuthNone) Type() SecurityType {
return SecTypeNone
}
func (*ServerAuthNone) Auth(c common.Conn) error {
return nil
}
func (*ServerAuthNone) SubType() SecuritySubType {
return SecSubTypeUnknown
}
// func (*ClientAuthVeNCrypt02Plain) Type() SecurityType {
// return SecTypeVeNCrypt
// }
// func (*ClientAuthVeNCrypt02Plain) SubType() SecuritySubType {
// return SecSubTypeVeNCrypt02Plain
// }
// // ClientAuthVeNCryptPlain see https://www.berrange.com/~dan/vencrypt.txt
// type ClientAuthVeNCrypt02Plain struct {
// Username []byte
// Password []byte
// }
// func (auth *ClientAuthVeNCrypt02Plain) Auth(c common.Conn) error {
// if err := binary.Write(c, binary.BigEndian, []uint8{0, 2}); err != nil {
// return err
// }
// if err := c.Flush(); err != nil {
// return err
// }
// var (
// major, minor uint8
// )
// if err := binary.Read(c, binary.BigEndian, &major); err != nil {
// return err
// }
// if err := binary.Read(c, binary.BigEndian, &minor); err != nil {
// return err
// }
// res := uint8(1)
// if major == 0 && minor == 2 {
// res = uint8(0)
// }
// if err := binary.Write(c, binary.BigEndian, res); err != nil {
// return err
// }
// c.Flush()
// if err := binary.Write(c, binary.BigEndian, uint8(1)); err != nil {
// return err
// }
// if err := binary.Write(c, binary.BigEndian, auth.SubType()); err != nil {
// return err
// }
// if err := c.Flush(); err != nil {
// return err
// }
// var secType SecuritySubType
// if err := binary.Read(c, binary.BigEndian, &secType); err != nil {
// return err
// }
// if secType != auth.SubType() {
// binary.Write(c, binary.BigEndian, uint8(1))
// c.Flush()
// return fmt.Errorf("invalid sectype")
// }
// if len(auth.Password) == 0 || len(auth.Username) == 0 {
// return fmt.Errorf("Security Handshake failed; no username and/or password provided for VeNCryptAuth.")
// }
// /*
// if err := binary.Write(c, binary.BigEndian, uint32(len(auth.Username))); err != nil {
// return err
// }
// if err := binary.Write(c, binary.BigEndian, uint32(len(auth.Password))); err != nil {
// return err
// }
// if err := binary.Write(c, binary.BigEndian, auth.Username); err != nil {
// return err
// }
// if err := binary.Write(c, binary.BigEndian, auth.Password); err != nil {
// return err
// }
// */
// var (
// uLength, pLength uint32
// )
// if err := binary.Read(c, binary.BigEndian, &uLength); err != nil {
// return err
// }
// if err := binary.Read(c, binary.BigEndian, &pLength); err != nil {
// return err
// }
// username := make([]byte, uLength)
// password := make([]byte, pLength)
// if err := binary.Read(c, binary.BigEndian, &username); err != nil {
// return err
// }
// if err := binary.Read(c, binary.BigEndian, &password); err != nil {
// return err
// }
// if !bytes.Equal(auth.Username, username) || !bytes.Equal(auth.Password, password) {
// return fmt.Errorf("invalid username/password")
// }
// return nil
// }
// ServerAuthVNC is the standard password authentication. See 7.2.2.
type ServerAuthVNC struct {
pass string
}
func (*ServerAuthVNC) Type() SecurityType {
return SecTypeVNC
}
func (*ServerAuthVNC) SubType() SecuritySubType {
return SecSubTypeUnknown
}
const AUTH_FAIL = "Authentication Failure"
func (auth *ServerAuthVNC) Auth(c common.Conn) error {
buf := make([]byte, 8+len([]byte(AUTH_FAIL)))
rand.Read(buf[:16]) // Random 16 bytes in buf
sndsz, err := c.Write(buf[:16])
if err != nil {
log.Printf("Error sending challenge to client: %s\n", err.Error())
return errors.New("Error sending challenge to client:" + err.Error())
}
if sndsz != 16 {
log.Printf("The full 16 byte challenge was not sent!\n")
return errors.New("The full 16 byte challenge was not sent")
}
//c.Flush()
buf2 := make([]byte, 16)
_, err = c.Read(buf2)
if err != nil {
log.Printf("The authentication result was not read: %s\n", err.Error())
return errors.New("The authentication result was not read" + err.Error())
}
AuthText := auth.pass
bk, err := des.NewCipher([]byte(fixDesKey(AuthText)))
if err != nil {
log.Printf("Error generating authentication cipher: %s\n", err.Error())
return errors.New("Error generating authentication cipher")
}
buf3 := make([]byte, 16)
bk.Encrypt(buf3, buf) //Encrypt first 8 bytes
bk.Encrypt(buf3[8:], buf[8:]) // Encrypt second 8 bytes
if bytes.Compare(buf2, buf3) != 0 { // If the result does not decrypt correctly to what we sent then a problem
SetUint32(buf, 0, 1)
SetUint32(buf, 4, uint32(len([]byte(AUTH_FAIL))))
copy(buf[8:], []byte(AUTH_FAIL))
c.Write(buf)
//c.Flush()
return errors.New("Authentication failed")
}
return nil
}
// SetUint32 set 4 bytes at pos in buf to the val (in big endian format)
// A test is done to ensure there are 4 bytes available at pos in the buffer
func SetUint32(buf []byte, pos int, val uint32) {
if pos+4 > len(buf) {
return
}
for i := 0; i < 4; i++ {
buf[3-i+pos] = byte(val)
val >>= 8
}
}
// fixDesKeyByte is used to mirror a byte's bits
// This is not clearly indicated by the document, but is in actual fact used
func fixDesKeyByte(val byte) byte {
var newval byte = 0
for i := 0; i < 8; i++ {
newval <<= 1
newval += (val & 1)
val >>= 1
}
return newval
}
// fixDesKey will make sure that exactly 8 bytes is used either by truncating or padding with nulls
// The bytes are then bit mirrored and returned
func fixDesKey(key string) []byte {
tmp := []byte(key)
buf := make([]byte, 8)
if len(tmp) <= 8 {
copy(buf, tmp)
} else {
copy(buf, tmp[:8])
}
for i := 0; i < 8; i++ {
buf[i] = fixDesKeyByte(buf[i])
}
return buf
}
// // ClientAuthVNC is the standard password authentication. See 7.2.2.
// type ClientAuthVNC struct {
// Challenge [16]byte
// Password []byte
// }
// func (*ClientAuthVNC) Type() SecurityType {
// return SecTypeVNC
// }
// func (*ClientAuthVNC) SubType() SecuritySubType {
// return SecSubTypeUnknown
// }
// func (auth *ClientAuthVNC) Auth(c common.Conn) error {
// if len(auth.Password) == 0 {
// return fmt.Errorf("Security Handshake failed; no password provided for VNCAuth.")
// }
// if err := binary.Read(c, binary.BigEndian, auth.Challenge); err != nil {
// return err
// }
// auth.encode()
// // Send the encrypted challenge back to server
// if err := binary.Write(c, binary.BigEndian, auth.Challenge); err != nil {
// return err
// }
// return c.Flush()
// }
// func (auth *ClientAuthVNC) encode() error {
// // Copy password string to 8 byte 0-padded slice
// key := make([]byte, 8)
// copy(key, auth.Password)
// // Each byte of the password needs to be reversed. This is a
// // non RFC-documented behaviour of VNC clients and servers
// for i := range key {
// key[i] = (key[i]&0x55)<<1 | (key[i]&0xAA)>>1 // Swap adjacent bits
// key[i] = (key[i]&0x33)<<2 | (key[i]&0xCC)>>2 // Swap adjacent pairs
// key[i] = (key[i]&0x0F)<<4 | (key[i]&0xF0)>>4 // Swap the 2 halves
// }
// // Encrypt challenge with key.
// cipher, err := des.NewCipher(key)
// if err != nil {
// return err
// }
// for i := 0; i < len(auth.Challenge); i += cipher.BlockSize() {
// cipher.Encrypt(auth.Challenge[i:i+cipher.BlockSize()], auth.Challenge[i:i+cipher.BlockSize()])
// }
// return nil
// }

35
server/server-conn.go
View File

@@ -1,17 +1,16 @@
package server
import (
"bufio"
"net"
"io"
"sync"
"vncproxy/common"
)
type ServerConn struct {
c net.Conn
cfg *ServerConfig
br *bufio.Reader
bw *bufio.Writer
c io.ReadWriter
cfg *ServerConfig
//br *bufio.Reader
//bw *bufio.Writer
protocol string
m sync.Mutex
// If the pixel format uses a color map, then this is the color
@@ -41,11 +40,11 @@ type ServerConn struct {
quit chan struct{}
}
func (c *ServerConn) UnreadByte() error {
return c.br.UnreadByte()
}
// func (c *ServerConn) UnreadByte() error {
// return c.br.UnreadByte()
// }
func (c *ServerConn) Conn() net.Conn {
func (c *ServerConn) Conn() io.ReadWriter {
return c.c
}
@@ -66,14 +65,14 @@ func (c *ServerConn) SetProtoVersion(pv string) {
c.protocol = pv
}
func (c *ServerConn) Flush() error {
// c.m.Lock()
// defer c.m.Unlock()
return c.bw.Flush()
}
// func (c *ServerConn) Flush() error {
// // c.m.Lock()
// // defer c.m.Unlock()
// return c.bw.Flush()
// }
func (c *ServerConn) Close() error {
return c.c.Close()
return c.c.(io.ReadWriteCloser).Close()
}
/*
@@ -86,13 +85,13 @@ func (c *ServerConn) Output() chan *ClientMessage {
}
*/
func (c *ServerConn) Read(buf []byte) (int, error) {
return c.br.Read(buf)
return c.c.Read(buf)
}
func (c *ServerConn) Write(buf []byte) (int, error) {
// c.m.Lock()
// defer c.m.Unlock()
return c.bw.Write(buf)
return c.c.Write(buf)
}
func (c *ServerConn) ColorMap() *common.ColorMap {

380
server/server.go
View File

@@ -1,12 +1,12 @@
package server
import (
"bufio"
"context"
"encoding/binary"
"fmt"
"io"
"log"
"net"
"sync"
"vncproxy/common"
)
@@ -71,7 +71,7 @@ type ServerConfig struct {
Width uint16
}
func NewServerConn(c net.Conn, cfg *ServerConfig) (*ServerConn, error) {
func newServerConn(c io.ReadWriter, cfg *ServerConfig) (*ServerConn, error) {
if cfg.ClientMessageCh == nil {
return nil, fmt.Errorf("ClientMessageCh nil")
}
@@ -81,9 +81,9 @@ func NewServerConn(c net.Conn, cfg *ServerConfig) (*ServerConn, error) {
}
return &ServerConn{
c: c,
br: bufio.NewReader(c),
bw: bufio.NewWriter(c),
c: c,
//br: bufio.NewReader(c),
//bw: bufio.NewWriter(c),
cfg: cfg,
quit: make(chan struct{}),
encodings: cfg.Encodings,
@@ -92,275 +92,137 @@ func NewServerConn(c net.Conn, cfg *ServerConfig) (*ServerConn, error) {
fbHeight: cfg.Height,
}, nil
}
func wsHandlerFunc(ws io.ReadWriter, cfg *ServerConfig) {
// header := ws.Request().Header
// url := ws.Request().URL
// //stam := header.Get("Origin")
// fmt.Printf("header: %v\nurl: %v\n", header, url)
// io.Copy(ws, ws)
func Serve(ctx context.Context, ln net.Listener, cfg *ServerConfig) error {
for {
c, err := ln.Accept()
if err != nil {
continue
}
conn, err := NewServerConn(c, cfg)
if err != nil {
continue
}
if err := ServerVersionHandler(cfg, conn); err != nil {
conn.Close()
continue
}
if err := ServerSecurityHandler(cfg, conn); err != nil {
conn.Close()
continue
}
if err := ServerClientInitHandler(cfg, conn); err != nil {
conn.Close()
continue
}
if err := ServerServerInitHandler(cfg, conn); err != nil {
conn.Close()
continue
}
go conn.Handle()
err := attachNewServerConn(ws, cfg)
if err != nil {
log.Fatalf("Error attaching new connection. %v", err)
}
}
func (c *ServerConn) Handle() error {
//var err error
var wg sync.WaitGroup
func WsServe(url string, ctx context.Context, cfg *ServerConfig) error {
//server := WsServer1{cfg}
server := WsServer{cfg}
server.Listen(url, WsHandler(wsHandlerFunc))
return nil
}
defer c.Close()
func TcpServe(url string, ctx context.Context, cfg *ServerConfig) error {
ln, err := net.Listen("tcp", ":5903")
if err != nil {
log.Fatalf("Error listen. %v", err)
}
for {
c, err := ln.Accept()
if err != nil {
return err
}
go attachNewServerConn(c, cfg)
// if err != nil {
// return err
// }
}
return nil
}
func attachNewServerConn(c io.ReadWriter, cfg *ServerConfig) error {
conn, err := newServerConn(c, cfg)
if err != nil {
return err
}
if err := ServerVersionHandler(cfg, conn); err != nil {
fmt.Errorf("err: %v\n", err)
conn.Close()
return err
}
if err := ServerSecurityHandler(cfg, conn); err != nil {
conn.Close()
return err
}
if err := ServerClientInitHandler(cfg, conn); err != nil {
conn.Close()
return err
}
if err := ServerServerInitHandler(cfg, conn); err != nil {
conn.Close()
return err
}
//go
conn.handle()
return nil
}
func (c *ServerConn) handle() error {
//var err error
//var wg sync.WaitGroup
//defer c.Close()
//create a map of all message types
clientMessages := make(map[common.ClientMessageType]common.ClientMessage)
for _, m := range c.cfg.ClientMessages {
clientMessages[m.Type()] = m
}
wg.Add(2)
//wg.Add(2)
// server
go func() error {
defer wg.Done()
for {
select {
case msg := <-c.cfg.ServerMessageCh:
fmt.Printf("%v", msg)
// if err = msg.Write(c); err != nil {
// return err
// }
case <-c.quit:
return nil
}
}
}()
// go func() error {
// defer wg.Done()
// for {
// select {
// case msg := <-c.cfg.ServerMessageCh:
// fmt.Printf("%v", msg)
// // if err = msg.Write(c); err != nil {
// // return err
// // }
// case <-c.quit:
// c.Close()
// return nil
// }
// }
// }()
// client
go func() error {
defer wg.Done()
for {
select {
case <-c.quit:
return nil
default:
var messageType common.ClientMessageType
if err := binary.Read(c, binary.BigEndian, &messageType); err != nil {
return err
}
msg, ok := clientMessages[messageType]
if !ok {
return fmt.Errorf("unsupported message-type: %v", messageType)
}
parsedMsg, err := msg.Read(c)
if err != nil {
fmt.Printf("srv err %s\n", err.Error())
return err
}
fmt.Printf("message:%s, %v\n",parsedMsg.Type(), parsedMsg)
//c.cfg.ClientMessageCh <- parsedMsg
//go func() error {
//defer wg.Done()
for {
select {
case <-c.quit:
return nil
default:
var messageType common.ClientMessageType
if err := binary.Read(c, binary.BigEndian, &messageType); err != nil {
fmt.Printf("Error: %v\n", err)
return err
}
msg, ok := clientMessages[messageType]
if !ok {
return fmt.Errorf("unsupported message-type: %v", messageType)
}
parsedMsg, err := msg.Read(c)
if err != nil {
fmt.Printf("srv err %s\n", err.Error())
return err
}
fmt.Printf("message:%s, %v\n", parsedMsg.Type(), parsedMsg)
//c.cfg.ClientMessageCh <- parsedMsg
}
}()
}
//}()
wg.Wait()
return nil
//wg.Wait()
//return nil
}
// type ServerCutText struct {
// _ [1]byte
// Length uint32
// Text []byte
// }
// func (*ServerCutText) Type() ServerMessageType {
// return ServerCutTextMsgType
// }
// func (*ServerCutText) Read(c common.Conn) (common.ServerMessage, error) {
// msg := ServerCutText{}
// var pad [1]byte
// if err := binary.Read(c, binary.BigEndian, &pad); err != nil {
// return nil, err
// }
// if err := binary.Read(c, binary.BigEndian, &msg.Length); err != nil {
// return nil, err
// }
// msg.Text = make([]byte, msg.Length)
// if err := binary.Read(c, binary.BigEndian, &msg.Text); err != nil {
// return nil, err
// }
// return &msg, nil
// }
// func (msg *ServerCutText) Write(c common.Conn) error {
// if err := binary.Write(c, binary.BigEndian, msg.Type()); err != nil {
// return err
// }
// var pad [1]byte
// if err := binary.Write(c, binary.BigEndian, pad); err != nil {
// return err
// }
// if msg.Length < uint32(len(msg.Text)) {
// msg.Length = uint32(len(msg.Text))
// }
// if err := binary.Write(c, binary.BigEndian, msg.Length); err != nil {
// return err
// }
// if err := binary.Write(c, binary.BigEndian, msg.Text); err != nil {
// return err
// }
// return nil
// }
// type Bell struct{}
// func (*Bell) Type() ServerMessageType {
// return BellMsgType
// }
// func (*Bell) Read(c common.Conn) (common.ServerMessage, error) {
// return &Bell{}, nil
// }
// func (msg *Bell) Write(c common.Conn) error {
// return binary.Write(c, binary.BigEndian, msg.Type())
// }
// type SetColorMapEntries struct {
// _ [1]byte
// FirstColor uint16
// ColorsNum uint16
// Colors []common.Color
// }
// func (*SetColorMapEntries) Type() ServerMessageType {
// return SetColorMapEntriesMsgType
// }
// func (*SetColorMapEntries) Read(c common.Conn) (common.ServerMessage, error) {
// msg := SetColorMapEntries{}
// var pad [1]byte
// if err := binary.Read(c, binary.BigEndian, &pad); err != nil {
// return nil, err
// }
// if err := binary.Read(c, binary.BigEndian, &msg.FirstColor); err != nil {
// return nil, err
// }
// if err := binary.Read(c, binary.BigEndian, &msg.ColorsNum); err != nil {
// return nil, err
// }
// msg.Colors = make([]common.Color, msg.ColorsNum)
// colorMap := c.ColorMap()
// for i := uint16(0); i < msg.ColorsNum; i++ {
// color := &msg.Colors[i]
// if err := binary.Read(c, binary.BigEndian, &color); err != nil {
// return nil, err
// }
// colorMap[msg.FirstColor+i] = *color
// }
// c.SetColorMap(colorMap)
// return &msg, nil
// }
// func (msg *SetColorMapEntries) Write(c common.Conn) error {
// if err := binary.Write(c, binary.BigEndian, msg.Type()); err != nil {
// return err
// }
// var pad [1]byte
// if err := binary.Write(c, binary.BigEndian, &pad); err != nil {
// return err
// }
// if err := binary.Write(c, binary.BigEndian, msg.FirstColor); err != nil {
// return err
// }
// if msg.ColorsNum < uint16(len(msg.Colors)) {
// msg.ColorsNum = uint16(len(msg.Colors))
// }
// if err := binary.Write(c, binary.BigEndian, msg.ColorsNum); err != nil {
// return err
// }
// for i := 0; i < len(msg.Colors); i++ {
// color := msg.Colors[i]
// if err := binary.Write(c, binary.BigEndian, color); err != nil {
// return err
// }
// }
// return nil
// }
// func (*FramebufferUpdate) Read(cliInfo common.IClientConn, c *common.RfbReadHelper) (common.ServerMessage, error) {
// msg := FramebufferUpdate{}
// var pad [1]byte
// if err := binary.Read(c, binary.BigEndian, &pad); err != nil {
// return nil, err
// }
// if err := binary.Read(c, binary.BigEndian, &msg.NumRect); err != nil {
// return nil, err
// }
// for i := uint16(0); i < msg.NumRect; i++ {
// rect := &common.Rectangle{}
// if err := rect.Read(c); err != nil {
// return nil, err
// }
// msg.Rects = append(msg.Rects, rect)
// }
// return &msg, nil
// }
// func (msg *FramebufferUpdate) Write(c common.Conn) error {
// if err := binary.Write(c, binary.BigEndian, msg.Type()); err != nil {
// return err
// }
// var pad [1]byte
// if err := binary.Write(c, binary.BigEndian, pad); err != nil {
// return err
// }
// if err := binary.Write(c, binary.BigEndian, msg.NumRect); err != nil {
// return err
// }
// for _, rect := range msg.Rects {
// if err := rect.Write(c); err != nil {
// return err
// }
// }
// return c.Flush()
// }

13
server/server_test.go
View File

@@ -3,24 +3,19 @@ package server
import (
"context"
"log"
"net"
"testing"
"vncproxy/common"
"vncproxy/encodings"
)
func TestServer(t *testing.T) {
ln, err := net.Listen("tcp", ":5903")
if err != nil {
log.Fatalf("Error listen. %v", err)
}
chServer := make(chan common.ClientMessage)
chClient := make(chan common.ServerMessage)
cfg := &ServerConfig{
//SecurityHandlers: []SecurityHandler{&ServerAuthNone{}, &ServerAuthVNC{}},
SecurityHandlers: []SecurityHandler{&ServerAuthVNC{}},
SecurityHandlers: []SecurityHandler{&ServerAuthVNC{"Ch_#!T@8"}},
Encodings: []common.Encoding{&encodings.RawEncoding{}, &encodings.TightEncoding{}, &encodings.CopyRectEncoding{}},
PixelFormat: common.NewPixelFormat(32),
ClientMessageCh: chServer,
@@ -29,10 +24,10 @@ func TestServer(t *testing.T) {
DesktopName: []byte("workDesk"),
Height: uint16(768),
Width: uint16(1024),
}
go Serve(context.Background(), ln, cfg)
url := "http://localhost:8091/"
go WsServe(url, context.Background(), cfg)
go TcpServe(":5903", context.Background(), cfg)
// Process messages coming in on the ClientMessage channel.
for {
msg := <-chClient

43
server/ws-server-go.go Normal file
View File

@@ -0,0 +1,43 @@
package server
import (
"fmt"
"io"
"net/http"
"net/url"
"golang.org/x/net/websocket"
)
type WsServer struct {
cfg *ServerConfig
}
type WsHandler func(io.ReadWriter, *ServerConfig)
// This example demonstrates a trivial echo server.
func (wsServer *WsServer) Listen(urlStr string, handlerFunc WsHandler) {
//http.Handle("/", websocket.Handler(EchoHandler))
if urlStr == "" {
urlStr = "/"
}
url, err := url.Parse(urlStr)
if err != nil {
fmt.Println("error while parsing url: ", err)
}
http.Handle(url.Path, websocket.Handler(func(ws *websocket.Conn) {
// header := ws.Request().Header
// url := ws.Request().URL
// //stam := header.Get("Origin")
// fmt.Printf("header: %v\nurl: %v\n", header, url)
// io.Copy(ws, ws)
ws.PayloadType = websocket.BinaryFrame
handlerFunc(ws, wsServer.cfg)
}))
err = http.ListenAndServe(url.Host, nil)
if err != nil {
panic("ListenAndServe: " + err.Error())
}
}

104
server/ws-server-gorilla.go Normal file
View File

@@ -0,0 +1,104 @@
package server
import (
"fmt"
"io"
"log"
"net/http"
"net/url"
"bytes"
"github.com/gorilla/websocket"
)
type WsServer1 struct {
cfg *ServerConfig
}
type WsHandler1 func(io.ReadWriter, *ServerConfig)
var upgrader = websocket.Upgrader{
ReadBufferSize: 1024,
WriteBufferSize: 1024,
CheckOrigin: func(r *http.Request) bool {
return true
}}
type WsConnection struct {
Reader WsReader
Writer WsWriter
}
func NewWsConnection(c *websocket.Conn) *WsConnection {
return &WsConnection{
WsReader{},
WsWriter{c},
}
}
type WsWriter struct {
conn *websocket.Conn
}
type WsReader struct {
Buff bytes.Buffer
}
func (wr WsReader) Read(p []byte) (n int, err error) {
return wr.Buff.Read(p)
}
func (wr WsWriter) Write(p []byte) (int, error) {
err := wr.conn.WriteMessage(websocket.BinaryMessage, p)
return len(p), err
}
func handleConnection(w http.ResponseWriter, r *http.Request) {
log.Print("got connection:", r.URL)
c, err := upgrader.Upgrade(w, r, nil)
if err != nil {
log.Print("upgrade:", err)
return
}
defer c.Close()
myConn := NewWsConnection(c)
for {
mt, message, err := c.ReadMessage()
if err != nil {
log.Println("read:", err)
break
}
if mt == websocket.BinaryMessage {
myConn.Reader.Buff.Write(message)
}
log.Printf("recv: %s", message)
// err = c.WriteMessage(mt, message)
// if err != nil {
// log.Println("write:", err)
// break
// }
}
}
// This example demonstrates a trivial echo server.
func (wsServer *WsServer1) Listen(urlStr string, handlerFunc WsHandler) {
//http.Handle("/", websocket.Handler(EchoHandler))
if urlStr == "" {
urlStr = "/"
}
url, err := url.Parse(urlStr)
if err != nil {
fmt.Println("error while parsing url: ", err)
}
http.HandleFunc(url.Path, handleConnection)
err = http.ListenAndServe(url.Host, nil)
if err != nil {
panic("ListenAndServe: " + err.Error())
}
}

33
server/ws_test.go Normal file
View File

@@ -0,0 +1,33 @@
package server
// import (
// "fmt"
// "io"
// "net/http"
// "testing"
// "golang.org/x/net/websocket"
// )
// func TestWsServer(t *testing.T) {
// server := WsServer{}
// server.Listen(":8090")
// }
// // Echo the data received on the WebSocket.
// func EchoHandler(ws *websocket.Conn) {
// header := ws.Request().Header
// url := ws.Request().URL
// //stam := header.Get("Origin")
// fmt.Printf("header: %v\nurl: %v\n", header, url)
// io.Copy(ws, ws)
// }
// // This example demonstrates a trivial echo server.
// func TestGoWsServer(t *testing.T) {
// http.Handle("/", websocket.Handler(EchoHandler))
// err := http.ListenAndServe(":11111", nil)
// if err != nil {
// panic("ListenAndServe: " + err.Error())
// }
// }