Conflicts:
	CMakeLists.txt
	libvncserver/main.c
pull/1/head
Slávek Banko 5 years ago
commit 68cb29a12f
  1. 1
      .gitignore
  2. 15
      .travis.yml
  3. 30
      CMakeLists.txt
  4. 445
      ChangeLog
  5. 3
      Doxyfile
  6. 5
      Makefile.am
  7. 23
      NEWS
  8. 24
      README
  9. 1
      README.md
  10. 16
      client_examples/gtkvncviewer.c
  11. 6
      client_examples/vnc2mpg.c
  12. 2
      common/md5.c
  13. 29
      common/sha-private.h
  14. 358
      common/sha.h
  15. 653
      common/sha1.c
  16. 101
      common/sha1.h
  17. 4
      common/zywrletemplate.c
  18. 31
      configure.ac
  19. 6
      examples/camera.c
  20. 2
      examples/example.c
  21. 2
      examples/zippy.c
  22. 6
      libvncclient/Makefile.am
  23. 6
      libvncclient/cursor.c
  24. 648
      libvncclient/h264.c
  25. 11
      libvncclient/listen.c
  26. 63
      libvncclient/rfbproto.c
  27. 2
      libvncclient/sockets.c
  28. 40
      libvncclient/tls_gnutls.c
  29. 8
      libvncclient/ultra.c
  30. 6
      libvncclient/vncviewer.c
  31. 12
      libvncserver/Makefile.am
  32. 2
      libvncserver/cargs.c
  33. 30
      libvncserver/httpd.c
  34. 18
      libvncserver/main.c
  35. 2
      libvncserver/rfbcrypto_included.c
  36. 29
      libvncserver/rfbserver.c
  37. 2
      libvncserver/rfbssl_gnutls.c
  38. 4
      libvncserver/scale.c
  39. 155
      libvncserver/sockets.c
  40. 8
      libvncserver/tight.c
  41. 4
      libvncserver/tightvnc-filetransfer/filetransfermsg.c
  42. 2
      libvncserver/tightvnc-filetransfer/handlefiletransferrequest.c
  43. 2
      libvncserver/tightvnc-filetransfer/rfbtightproto.h
  44. 2
      libvncserver/tightvnc-filetransfer/rfbtightserver.c
  45. 2
      libvncserver/ultra.c
  46. 58
      libvncserver/websockets.c
  47. 2
      libvncserver/zlib.c
  48. 727
      m4/ax_create_stdint_h.m4
  49. 4
      rfb/keysym.h
  50. 11
      rfb/rfb.h
  51. 26
      rfb/rfbclient.h
  52. 21
      rfb/rfbconfig.h.cmake
  53. 36
      rfb/rfbproto.h
  54. 5
      test/Makefile.am
  55. 2
      webclients/index.vnc
  56. 6
      webclients/java-applet/ssl/README
  57. 2
      webclients/java-applet/ssl/proxy.vnc
  58. 10
      webclients/java-applet/ssl/ss_vncviewer
  59. 6
      webclients/java-applet/ssl/ultravnc-102-JavaViewer-ssl-etc.patch
  60. 10
      webclients/novnc/include/display.js
  61. 144
      webclients/novnc/include/keyboard.js
  62. 2
      webclients/novnc/include/keysym.js
  63. 15
      webclients/novnc/include/rfb.js
  64. 4
      webclients/novnc/include/ui.js
  65. 43
      webclients/novnc/include/vnc.js
  66. 2
      webclients/novnc/vnc_auto.html

1
.gitignore vendored

@ -61,7 +61,6 @@ examples/vncev
libtool
libvncclient/libvncclient.la
libvncserver/libvncserver.la
rfb/rfbint.h
test/blooptest
test/cargstest
test/copyrecttest

@ -0,0 +1,15 @@
language: c
os:
- linux
- osx
compiler:
- gcc
- clang
before_install:
- 'if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then export CFLAGS="-I/usr/local/opt/openssl/include $CFLAGS" LDFLAGS="-L/usr/local/opt/openssl/lib $LDFLAGS"; fi'
# before build script, run autoreconf
before_script: autoreconf -fiv

@ -1,4 +1,5 @@
cmake_minimum_required(VERSION 2.6)
cmake_policy(SET CMP0037 NEW)
project(LibVNCServer)
include(CheckFunctionExists)
@ -11,10 +12,11 @@ include(CheckCSourceRuns)
set(PACKAGE_NAME "LibVNCServer")
set(FULL_PACKAGE_NAME "LibVNCServer")
set(PACKAGE_VERSION "0.9.10")
set(VERSION_MAJOR "0")
set(VERSION_MINOR "9")
set(VERSION_PATCHLEVEL "10")
set(VERSION_PATCHLEVEL "11")
set(VERSION_SO "0")
set(PACKAGE_VERSION "${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_PATCHLEVEL}")
set(PROJECT_BUGREPORT_PATH "http://sourceforge.net/projects/libvncserver")
set(CMAKE_C_FLAGS "-O2 -W -Wall -g")
set(LIBVNCSERVER_DIR ${CMAKE_CURRENT_SOURCE_DIR}/libvncserver)
@ -34,6 +36,7 @@ find_package(GnuTLS)
find_package(Threads)
find_package(X11)
find_package(OpenSSL)
find_package(PkgConfig)
find_library(LIBGCRYPT_LIBRARIES gcrypt)
# Check whether the version of libjpeg we found was libjpeg-turbo and print a
@ -100,15 +103,28 @@ if(PNG_FOUND)
endif(PNG_FOUND)
option(LIBVNCSERVER_ALLOW24BPP "Allow 24 bpp" ON)
pkg_check_modules(SYSTEMD "libsystemd")
if(SYSTEMD_FOUND)
option(LIBVNCSERVER_WITH_SYSTEMD "Build with systemd socket activation support" ON)
endif(SYSTEMD_FOUND)
if(LIBVNCSERVER_WITH_SYSTEMD)
add_definitions(-DLIBVNCSERVER_WITH_SYSTEMD)
include_directories(${SYSTEMD_INCLUDE_DIRS})
set(ADDITIONAL_LIBS ${ADDITIONAL_LIBS} ${SYSTEMD_LIBRARIES})
endif(LIBVNCSERVER_WITH_SYSTEMD)
if(GNUTLS_FOUND)
set(LIBVNCSERVER_WITH_CLIENT_TLS 1)
option(LIBVNCSERVER_WITH_WEBSOCKETS "Build with websockets support (gnutls)" ON)
set(WEBSOCKET_LIBRARIES ${RESOLV_LIB} ${GNUTLS_LIBRARIES})
set(WSSRCS ${LIBVNCSERVER_DIR}/rfbssl_gnutls.c ${LIBVNCSERVER_DIR}/rfbcrypto_gnutls.c)
include_directories(${GNUTLS_INCLUDE_DIR})
elseif(OPENSSL_FOUND)
option(LIBVNCSERVER_WITH_WEBSOCKETS "Build with websockets support (openssl)" ON)
set(WEBSOCKET_LIBRARIES ${RESOLV_LIB} ${OPENSSL_LIBRARIES})
set(WSSRCS ${LIBVNCSERVER_DIR}/rfbssl_openssl.c ${LIBVNCSERVER_DIR}/rfbcrypto_openssl.c)
include_directories(${OPENSSL_INCLUDE_DIR})
else()
option(LIBVNCSERVER_WITH_WEBSOCKETS "Build with websockets support (no ssl)" ON)
set(WEBSOCKET_LIBRARIES ${RESOLV_LIB})
@ -134,12 +150,21 @@ check_include_file("sys/wait.h" LIBVNCSERVER_HAVE_SYS_WAIT_H)
check_include_file("unistd.h" LIBVNCSERVER_HAVE_UNISTD_H)
# headers needed for check_type_size()
check_include_file("vfork.h" LIBVNCSERVER_HAVE_VFORK_H)
check_include_file("ws2tcpip.h" LIBVNCSERVER_HAVE_WS2TCPIP_H)
check_include_file("arpa/inet.h" HAVE_ARPA_INET_H)
check_include_file("stdint.h" HAVE_STDINT_H)
check_include_file("stddef.h" HAVE_STDDEF_H)
check_include_file("sys/types.h" HAVE_SYS_TYPES_H)
check_function_exists(gettimeofday LIBVNCSERVER_HAVE_GETTIMEOFDAY)
check_function_exists(vfork LIBVNCSERVER_HAVE_VFORK)
check_function_exists(vprintf LIBVNCSERVER_HAVE_VPRINTF)
if(LIBVNCSERVER_HAVE_WS2TCPIP_H AND LIBVNCSERVER_HAVE_VPRINTF)
option(LIBVNCSERVER_IPv6 "Enable IPv6 Support" ON)
endif()
if(CMAKE_USE_PTHREADS_INIT)
set(LIBVNCSERVER_HAVE_LIBPTHREAD 1)
@ -168,7 +193,6 @@ TEST_BIG_ENDIAN(LIBVNCSERVER_WORDS_BIGENDIAN)
# inline
configure_file(${CMAKE_CURRENT_SOURCE_DIR}/rfb/rfbconfig.h.cmake ${CMAKE_CURRENT_BINARY_DIR}/rfb/rfbconfig.h)
configure_file(${CMAKE_CURRENT_SOURCE_DIR}/rfb/rfbint.h.cmake ${CMAKE_CURRENT_BINARY_DIR}/rfb/rfbint.h)
set(LIBVNCSERVER_SOURCES
${LIBVNCSERVER_DIR}/main.cc

@ -1,3 +1,448 @@
2016-12-29 Christian Beier <dontmind@freeshell.org>
* README: Fix README markdown.
2016-12-28 Christian Beier <dontmind@freeshell.org>
* CMakeLists.txt: CMake: version up as well.
2016-12-28 Christian Beier <dontmind@freeshell.org>
* NEWS: Update NEWS.
2016-12-28 Christian Beier <dontmind@freeshell.org>
* configure.ac: Version up.
2016-12-28 Christian Beier <dontmind@freeshell.org>
* libvncserver/main.c: LibVNCServer: fix starting of an
onHold-client in threaded mode. Discovered by madscientist159 on 11 Jan 2015: "noted in testing with the threaded server build, whereby if
newClientHook() returned RFB_CLIENT_ON_HOLD there was no way to
release the hold when the server became ready"
2016-12-09 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #145 from bkylerussell/websockets Sec-WebSocket-Protocol header fix
2016-12-02 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #142 from samhed/master Write the correct length for end of header
2016-11-29 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #140 from vapier/master test/Makefile: use check_PROGRAMS
2015-01-10 Timothy Pearson <kb9vqf@pearsoncomputing.net>
* README: Update README to reflect change from defaultPtrAddEvent to
rfbDefaultPtrAddEvent
2016-11-25 Christian Beier <dontmind@freeshell.org>
* libvncserver/httpd.c: httpd: rework mime type handling to
recognise more types
2016-11-24 Christian Beier <dontmind@freeshell.org>
* .travis.yml: TravisCI: Another stab at fixing OSX build. See https://github.com/Tarsnap/spiped/pull/92
2016-11-24 Christian Beier <dontmind@freeshell.org>
* configure.ac: Revert "Hopefully fix building on OSX." This reverts commit 584b23fdbe12edd81119d57ddd378d10e52cc9e1.
2016-11-24 Christian Beier <dontmind@freeshell.org>
* configure.ac: Hopefully fix building on OSX.
2016-11-24 Christian Beier <dontmind@freeshell.org>
* .travis.yml: TravisCI: check on OSX as well, test both gcc and
clang.
2016-11-24 Christian Beier <dontmind@freeshell.org>
* libvncclient/rfbproto.c: Fix building on OSX.
2016-11-24 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #137 from atalax/master Fix two heap buffer overflows
2016-11-18 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #138 from stweil/master Fix some typos
2016-11-18 Stefan Weil <sw@weilnetz.de>
* README, common/zywrletemplate.c, examples/example.c,
examples/zippy.c: Fix some typos (it's / its) Signed-off-by: Stefan Weil <sw@weilnetz.de>
2016-11-14 Josef Gajdusek <atx@atx.name>
* libvncclient/ultra.c: Fix heap overflow in the ultra.c decoder The Ultra type tile decoder does not use the _safe variant of the
LZO decompress function, which allows a maliciuous server to
overwrite parts of the heap by sending a larger-than-specified LZO
data stream.
2016-11-14 Josef Gajdusek <atx@atx.name>
* libvncclient/rfbproto.c: Fix heap overflows in the various
rectangle fill functions Altough rfbproto.c does check whether the overall FramebufferUpdate
rectangle is too large, some of the individual encoding decoders do
not, which allows a malicious server to overwrite parts of the heap.
2016-09-24 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #129 from bkylerussell/systemd Support systemd socket activation
2016-08-14 Zac Medico <zmedico@gmail.com>
* libvncserver/sockets.c: Support autoPort with ipv4 or ipv6
disabled Make it possible to get autoPort behavior with either ipv4 or ipv6
disabled, by setting rfbScreen->ipv6port or rfbScreen->port to a
negative number. This will make it possible for x11vnc to enforce
its -noipv6 option, as discussed in the following bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=672449
2016-06-05 Christian Beier <dontmind@freeshell.org>
* NEWS: Update NEWS.
2016-06-05 Christian Beier <dontmind@freeshell.org>
* rfb/rfbclient.h: Fix rfbClientSwap64IfLE broken in
fe7df89fb1777b4fd303d5a601541f6062caf8ea
2016-06-05 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #84 from plettix/master fix for issue 81
2016-05-30 Christian Beier <cb@shoutrlabs.com>
* CMakeLists.txt: CMake: Add maybe-found OpenSSL libs to
libvncclient.
2016-05-30 Christian Beier <cb@shoutrlabs.com>
* CMakeLists.txt: CMake: Not all platforms have endian.h, so use the
build system's endianess check.
2016-05-30 Christian Beier <cb@shoutrlabs.com>
* rfb/rfbproto.h: Only include endian.h if present on system.
2016-05-30 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #105 from cgeorges82/master fix for issue #97. Also, this fixes cmake builds for other
platforms.
2016-05-13 George Fleury <gfleury@gmail.com>
* libvncserver/sockets.c: Avoid calling SSL_pending when connection
is already closed Avoid calling SSL_pending when connection is already closed, calling
SSL_pending with connection already closed is crashing. To
reproduce, open a secure websocket binay protocol connection with
libvncserver compiled with OpenSSL, and when libvncserver is waiting
for rfbProcessClientProtocolVersion send any invalid char, it will
fail and call rfbCloseClient whith destroy all SSL context, calling
SSL_pending after that will generate a invalid access.
2016-04-24 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #103 from rdieter/master use namespaced vnc_max macro (issue #102)
2016-04-23 gbdj <gbdj@users.noreply.github.com>
* libvncclient/tls_gnutls.c, libvncclient/vncviewer.c,
rfb/rfbclient.h: libvncclient/tls_gnutls.c: Add hooks to
WriteToTLS() for optional protection by mutex. Fix upstream issue
#100 Squashed commit of the pull request #101 : commit
1c7e01e81862bc46508e675e83c74cc6d63224b0 commit
1e749b094d6696380d3f0540a00138d7e3427874
2016-02-18 Rex Dieter <rdieter@math.unl.edu>
* libvncclient/listen.c, libvncserver/httpd.c,
libvncserver/rfbserver.c, libvncserver/sockets.c, rfb/rfbproto.h:
use namespaced rfbMax macro (issue #102) Not using generic 'max', avoids conflicts with stl_algobase.h
2016-04-15 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #115 from solofox/master Enable AF_UNIX socket: ignore setsockopt TCP_NODELAY failure.
2016-04-13 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #114 from zbierak/master Increase MAX_ENCODINGS value to accommodate more client encodings
2016-04-12 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #110 from AlexejStukov/patch-1 break statement out of case
2016-04-12 zbierak <zbierak@users.noreply.github.com>
* libvncclient/rfbproto.c: Fix buffer overflow when applying client
encodings
2016-04-12 Christian Beier <cb@shoutrlabs.com>
* travis.yml: TravisCI: remove old config.
2016-04-12 Christian Beier <cb@shoutrlabs.com>
* .travis.yml: TravisCI: add autoreconf step.
2016-04-12 Christian Beier <cb@shoutrlabs.com>
* .travis.yml: TravisCI: the config starts with a dot!
2016-04-12 Christian Beier <cb@shoutrlabs.com>
* README, README.md: Add a README.md and and Travis CI status badge.
2016-04-12 Christian Beier <cb@shoutrlabs.com>
* travis.yml: Add a minimalistic config for Travis CI.
2016-04-08 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #109 from zbierak/master Fix memory access error in camera.c example
2016-04-04 zbierak <zbierak@users.noreply.github.com>
* examples/camera.c: Fix memory access error in camera.c example
2016-03-05 Cédric Georges <cgeorges@edge-airport.com>
* CMakeLists.txt, libvncclient/tls_gnutls.c: Append missing include
directory for GNUTLS and OPENSSL in CMake project Append support of
gnutls > v 2.99.01 (gnutls_transport_set_global_errno have a
different signature)
2016-03-05 Cédric Georges <cgeorges@edge-airport.com>
* CMakeLists.txt: re-up comment
2016-03-05 Cédric Georges <cgeorges@edge-airport.com>
* CMakeLists.txt, rfb/rfbconfig.h.cmake: Append IPv6 option in CMake
Project
2016-01-27 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #99 from spaceone/master Ignore null pointers in FillRectangle() and
CopyRectangleFromRectangle()
2016-01-27 SpaceOne <space@wechall.net>
* libvncclient/rfbproto.c: Ignore null pointers in FillRectangle()
and CopyRectangleFromRectangle()
2015-12-03 Christian Beier <cb@shoutrlabs.com>
* rfb/rfbclient.h: Be a bit clearer with the cursorshape
documentation for libvncclient.
2015-12-03 Christian Beier <cb@shoutrlabs.com>
* libvncclient/cursor.c, rfb/rfbclient.h: Properly document
HandleCursorShape and GotCursorShapeProc.
2015-10-10 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #90 from stweil/fix Fix some recently introduced regressions
2015-10-10 Stefan Weil <sw@weilnetz.de>
* rfb/rfbproto.h: Fix definition of POSIX data types Commit 92f558482d94c5152174a1983a40863bd6b07911 added stdint.h to
get the type definitions, but included it after the first use of
int8_t in builds for Windows. Signed-off-by: Stefan Weil <sw@weilnetz.de>
2015-10-10 Stefan Weil <sw@weilnetz.de>
* rfb/rfbproto.h: Fix endianness detection Commit 97f442ef2aa65ade6bea11e90054c57b90abbaca tried to improve the
endianness detection, but introduced a typo and problems for Windows
builds (no endian.h, different definition of
LIBVNCSERVER_WORDS_BIGENDIAN). Fix both issues. Signed-off-by: Stefan Weil <sw@weilnetz.de>
2015-10-09 Stefan Weil <sw@weilnetz.de>
* ChangeLog, Doxyfile, NEWS, README, client_examples/vnc2mpg.c,
common/zywrletemplate.c, examples/camera.c, libvncclient/listen.c,
libvncclient/sockets.c, libvncserver/cargs.c, libvncserver/scale.c,
libvncserver/sockets.c, libvncserver/tight.c,
libvncserver/tightvnc-filetransfer/filetransfermsg.c,
libvncserver/tightvnc-filetransfer/handlefiletransferrequest.c,
libvncserver/tightvnc-filetransfer/rfbtightproto.h,
libvncserver/tightvnc-filetransfer/rfbtightserver.c,
libvncserver/ultra.c, libvncserver/zlib.c, rfb/keysym.h, rfb/rfb.h,
rfb/rfbproto.h, webclients/java-applet/ssl/README,
webclients/java-applet/ssl/proxy.vnc,
webclients/java-applet/ssl/ss_vncviewer,
webclients/java-applet/ssl/ultravnc-102-JavaViewer-ssl-etc.patch,
webclients/novnc/include/display.js,
webclients/novnc/include/rfb.js, webclients/novnc/include/ui.js: Fix
some typos (found by codespell) Signed-off-by: Stefan Weil <sw@weilnetz.de>
2015-07-22 plettix <plettix@gmail.com>
* common/md5.c: another shift fix
2015-07-22 plettix <plettix@gmail.com>
* rfb/rfb.h, rfb/rfbclient.h: shift fixes - if an integer is a
negative number then the return value of "Swap32IfLE" was -1
2015-07-07 plettix <plettix@gmail.com>
* libvncserver/websockets.c: fix for issue 81 use different buffers
for decode and encode
2015-05-28 Christian Beier <dontmind@freeshell.org>
* CMakeLists.txt, configure.ac, rfb/rfbproto.h: Instead of letting
the build system define endianess, rely on endian.h.
2015-05-28 Christian Beier <dontmind@freeshell.org>
* .gitignore, CMakeLists.txt, Doxyfile, Makefile.am, configure.ac,
libvncserver/Makefile.am, m4/ax_create_stdint_h.m4, rfb/rfbproto.h:
Do away with rfbint.h generation and use stdint.h directly instead.
2015-04-17 Christian Beier <dontmind@freeshell.org>
* libvncclient/rfbproto.c, libvncclient/vncviewer.c: Re-add the
useful bits of 9aa9ac59b4cb10bfca93456a3098e348de172d7f.
2015-04-17 Christian Beier <dontmind@freeshell.org>
* libvncclient/Makefile.am: Revert "Add libvncclient/h264.c to dist
tarball." This reverts commit 9aa9ac59b4cb10bfca93456a3098e348de172d7f.
2015-04-17 Christian Beier <dontmind@freeshell.org>
* client_examples/gtkvncviewer.c, configure.ac,
libvncclient/Makefile.am, libvncclient/h264.c,
libvncclient/rfbproto.c, libvncclient/vncviewer.c, rfb/rfbproto.h:
Revert "LibVNCClient: Add H.264 encoding for framebuffer updates" This reverts commit d891478ec985660c03f95cffda0e6a1ad4ba350c. Conflicts: configure.ac libvncclient/h264.c
2015-04-17 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #70 from maxnet/master httpd: disallow directory traversal
2015-04-17 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #72 from lopago/fix-segfaults prevent segfaults due to uninitialized memory
2015-04-15 Thomas Anderson <tanderson@caltech.edu>
* configure.ac: configure.ac: Use AC_CHECK_TOOL for cross-compiling
support. When cross-compiling the ar program has the appropriate prefix
prepended. Respect that here and have autotools autodetect the
appropriate tool.
2015-04-13 Benjamin Dürholt <b.duerholt@portunity.de>
* libvncserver/rfbssl_gnutls.c, libvncserver/tight.c: Changed C++
style comments to C ones
2015-04-10 Benjamin Dürholt <b.duerholt@portunity.de>
* libvncserver/rfbssl_gnutls.c, libvncserver/tight.c: prevent
segfault
2015-03-29 Floris Bos <bos@je-eigen-domein.nl>
* libvncserver/httpd.c: httpd: disallow directory traversal Signed-off-by: Floris Bos <bos@je-eigen-domein.nl>
2015-03-27 Jay Carlson <nop@nop.com>
* libvncclient/rfbproto.c: Avoid divide-by-zero in raw encoding (OSX
RealVNC) OS X RealVNC server crashes out Remmina because the server can
provoke bytesPerLine to be zero. Assume this is coding for zero
lines. The condition could be checked before the calculation of
bytesPerLine. I don’t understand the preconditions of this code
to say one way or the other.
2015-02-09 Peter Spiess-Knafl <psk@autistici.org>
* libvncclient/Makefile.am, libvncserver/Makefile.am: Set autotools
SOVERSION.
2015-02-05 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #63 from LibVNC/sha1rework Replace SHA1 implementation with the one from RFC 6234.
2015-01-27 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #60 from cinemast/master fixing SOVERSION and .so VERSION
2015-01-18 Christian Beier <dontmind@freeshell.org>
* webclients/index.vnc: Update link to project home page in
index.vnc.
2015-01-18 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #57 from maxnet/master Fix handling of multiple VNC commands per websockets frame
2015-01-16 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #56 from maxnet/master Only advertise xvp support when xvpHook is set
2015-01-06 Christian Beier <dontmind@freeshell.org>
* AUTHORS: Add Floris to AUTHORS.
2015-01-06 Christian Beier <dontmind@freeshell.org>
* NEWS: Update NEWS.
2015-01-02 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #51 from maxnet/master Initialize libgcrypt before use
2015-01-02 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #50 from maxnet/master tls_openssl.c: define _XOPEN_SOURCE for extra POSIX functionality
2014-12-30 Christian Beier <dontmind@freeshell.org>
* libvncclient/sockets.c: Fix another MinGW64 build issue.
WSAEWOULDBLOCK is not MinGW-specific.
2014-12-30 Christian Beier <dontmind@freeshell.org>
* libvncserver/rfbserver.c: Fix building with mingw-w64.
2014-12-30 Christian Beier <dontmind@freeshell.org>
* configure.ac: confgure.ac: Remove MinGW linker flag that's
incompatible with mingw-w64.
2014-12-30 Christian Beier <dontmind@freeshell.org>
* autogen.sh: autogen.sh: pass cmdline params to configure call.
2014-12-29 Christian Beier <dontmind@freeshell.org>
* : Merge pull request #49 from maxnet/master Fix libva related compile errors
2014-12-29 Floris Bos <bos@je-eigen-domein.nl>
* configure.ac, libvncclient/h264.c: Fix libva related compile
errors - Make h264.c compile with recent libva version by including
va_compat.h - Only enable libva if libva-x11 is installed - Modified configure help text Previous help text suggested libva was only build when
--with-libva was specified, while actual behavior is to build it
by default. Warning: THIS CODE IS UNTESTED. Lacking a h.264 capable VNC server
Also no attempt is made to support platforms not using X11 Signed-off-by: Floris Bos <bos@je-eigen-domein.nl>
2014-10-31 Christian Beier <dontmind@freeshell.org>
* README: Add VNCpp to projects using LibVNC.
2014-10-21 Christian Beier <dontmind@freeshell.org>
* ChangeLog: Update ChangeLog for 0.9.10.
2014-10-21 Christian Beier <dontmind@freeshell.org>
* NEWS: Update NEWS.

@ -292,7 +292,7 @@ TYPEDEF_HIDES_STRUCT = YES
# causing a significant performance penality.
# If the system has enough physical memory increasing the cache will improve the
# performance by keeping more symbols in memory. Note that the value works on
# a logarithmic scale so increasing the size by one will rougly double the
# a logarithmic scale so increasing the size by one will roughly double the
# memory usage. The cache size is given by this formula:
# 2^(16+SYMBOL_CACHE_SIZE). The valid range is 0..9, the default is 0,
# corresponding to a cache size of 2^16 = 65536 symbols
@ -661,7 +661,6 @@ RECURSIVE = YES
# subdirectory from a directory tree whose root is specified with the INPUT tag.
EXCLUDE = rfb/rfbconfig.h \
rfb/rfbint.h \
rfb/default8x16.h
# The EXCLUDE_SYMLINKS tag can be used select whether or not files or

@ -2,7 +2,7 @@ ACLOCAL_AMFLAGS = -I m4
SUBDIRS=libvncserver examples libvncclient webclients client_examples test
DIST_SUBDIRS=libvncserver examples libvncclient webclients client_examples test
EXTRA_DIST = CMakeLists.txt rfb/rfbint.h.cmake rfb/rfbconfig.h.cmake
EXTRA_DIST = CMakeLists.txt rfb/rfbconfig.h.cmake
bin_SCRIPTS = libvncserver-config
@ -10,9 +10,8 @@ pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = libvncserver.pc libvncclient.pc
includedir=$(prefix)/include/rfb
#include_HEADERS=rfb.h rfbconfig.h rfbint.h rfbproto.h keysym.h rfbregion.h
include_HEADERS=rfb/rfb.h rfb/rfbconfig.h rfb/rfbint.h rfb/rfbproto.h \
include_HEADERS=rfb/rfb.h rfb/rfbconfig.h rfb/rfbproto.h \
rfb/keysym.h rfb/rfbregion.h rfb/rfbclient.h
$(PACKAGE)-$(VERSION).tar.gz: dist

23
NEWS

@ -1,8 +1,27 @@
0.9.11
- Overall changes:
* LibVNCServer/LibVNCClient development now uses continous intregration,
provided by TravisCI.
- LibVNCClient:
* Now initializes libgcrypt before use if the application did not do it.
Fixes a crash when connection to Mac hosts
(https://github.com/LibVNC/libvncserver/issues/45).
* Various fixes that result in more stable handling of malicious or broken
servers.
* Removed broken and unmaintained H264 decoding.
* Some documentation fixes.
* Added hooks to WriteToTLS() for optional protection by mutex.
- LibVNCServer:
* Stability fixes for the WebSocket implementation.
* Replaced SHA1 implementation with the one from RFC 6234.
* The built-in HTTP server does not allow directory traversals anymore.
* The built-in HTTP now sends correct MIME types for CSS and SVG.
* Added support for systemd socket activation.
* Made it possible to get autoPort behavior with either ipv4 or ipv6
disabled.
* Fixed starting of an onHold-client in threaded mode.
0.9.10
- Overall changes:
@ -80,7 +99,7 @@
* Implemented xvp VNC extension.
* Updated minilzo library used for Ultra encoding to ver 2.04.
According to the minilzo README, this brings a significant
speedup on 64-bit architechtures.
speedup on 64-bit architectures.
- LibVNCServer:
* Thread safety for ZRLE, Zlib, Tight, RRE, CoRRE and Ultra encodings.
@ -131,7 +150,7 @@
- Print this string out to stdout: 'PORT=XXXX' (usually XXXX = 5900).
Combining with -bg, easy to write a ssh/rsh wrapper with something like:
port=`ssh $host "x11vnc -bg .."` then run vncviewer based on $port output.
(tunneling the vnc traffic thru ssh a bit more messy, but doable)
(tunneling the vnc traffic through ssh a bit more messy, but doable)
- Quite a bit of code to be more careful when doing 8bpp indexed color, e.g.
not assuming NCOLORS is 256, handling 8bit TrueColor and Direct Color, etc

@ -1,3 +1,5 @@
[![Build Status](https://travis-ci.org/LibVNC/libvncserver.svg?branch=master)](https://travis-ci.org/LibVNC/libvncserver)
LibVNCServer: A library for easy implementation of a VNC server.
Copyright (C) 2001-2003 Johannes E. Schindelin
@ -24,7 +26,7 @@ Try example: it outputs on which port it listens (default: 5900), so it is
display 0. To view, call
vncviewer :0
You should see a sheet with a gradient and "Hello World!" written on it. Try
to paint something. Note that everytime you click, there is some bigger blot,
to paint something. Note that every time you click, there is some bigger blot,
whereas when you drag the mouse while clicked you draw a line. The size of the
blot depends on the mouse button you click. Open a second vncviewer with
the same parameters and watch it as you paint in the other window. This also
@ -32,7 +34,7 @@ works over internet. You just have to know either the name or the IP of your
machine. Then it is
vncviewer machine.where.example.runs.com:0
or similar for the remote client. Now you are ready to type something. Be sure
that your mouse sits still, because everytime the mouse moves, the cursor is
that your mouse sits still, because every time the mouse moves, the cursor is
reset to the position of the pointer! If you are done with that demo, press
the down or up arrows. If your viewer supports it, then the dimensions of the
sheet change. Just press Escape in the viewer. Note that the server still
@ -112,11 +114,11 @@ Before you draw something, be sure to call
This tells LibVNCServer to hide the cursor.
Remark: There are vncviewers out there, which know a cursor encoding, so
that network traffic is low, and also the cursor doesn't need to be
drawn the cursor everytime an update is sent. LibVNCServer handles
drawn the cursor every time an update is sent. LibVNCServer handles
all the details. Just set the cursor and don't bother any more.
To set the mouse coordinates (or emulate mouse clicks), call
defaultPtrAddEvent(buttonMask,x,y,cl);
rfbDefaultPtrAddEvent(buttonMask,x,y,cl);
IMPORTANT: do this at the end of your function, because this actually draws
the cursor if no cursor encoding is active.
@ -182,7 +184,7 @@ kbdReleaseAllKeys(rfbClientPtr cl)
ptrAddEvent(int buttonMask,int x,int y,rfbClientPtr cl)
is called when the mouse moves or a button is pressed.
WARNING: if you want to have proper cursor handling, call
defaultPtrAddEvent(buttonMask,x,y,cl)
rfbDefaultPtrAddEvent(buttonMask,x,y,cl)
in your own function. This sets the coordinates of the cursor.
setXCutText(char* str,int len,rfbClientPtr cl)
is called when the selection changes.
@ -246,7 +248,7 @@ the original code from ORL/AT&T.
When I began hacking with computers, my first interest was speed. So, when I
got around assembler, I programmed the floppy to do much of the work, because
it's clock rate was higher than that of my C64. This was my first experience
its clock rate was higher than that of my C64. This was my first experience
with client/server techniques.
When I came around Xwindows (much later), I was at once intrigued by the
@ -257,7 +259,7 @@ modem from home, it was no longer that much fun.
When I started working with ASP (Application Service Provider) programs, I
tumbled across Tarantella and Citrix. Being a security fanatic, the idea of
running a server on windows didn't appeal to me, so Citrix went down the
basket. However, Tarantella has it's own problems (security as well as the
basket. However, Tarantella has its own problems (security as well as the
high price). But at the same time somebody told me about this "great little
administrator's tool" named VNC. Being used to windows programs' sizes, the
surprise was reciprocal inverse to the size of VNC!
@ -323,8 +325,8 @@ If you love products from Redmod, you better skip this paragraph.
I am always amazed how people react whenever Microsoft(tm) puts in some
features into their products which were around for a long time. Especially
reporters seem to not know dick about what they are reporting about! But
what is everytime annoying again, is that they don't do it right. Every
concept has it's new name (remember what enumerators used to be until
what is every time annoying again, is that they don't do it right. Every
concept has its new name (remember what enumerators used to be until
Mickeysoft(tm) claimed that enumerators are what we thought were iterators.
Yeah right, enumerators are also containers. They are not separated. Muddy.)
@ -332,11 +334,13 @@ There are three packages you want to get hold of: zlib, jpeg and pthreads.
The latter is not strictly necessary, but when you put something like this
into your source:
```
#define MUTEX(s)
struct {
int something;
MUTEX(latex);
}
```
Microsoft's C++ compiler doesn't do it. It complains that this is an error.
This, however, is how I implemented mutexes in case you don't need pthreads,
@ -391,7 +395,7 @@ The people at AT&T worked really well to produce something as clean and lean
as VNC. The managers decided that for their fame, they would release the
program for free. But not only that! They realized that by releasing also
the code for free, VNC would become an evolving little child, conquering
new worlds, making it's parents very proud. As well they can be! To protect
new worlds, making its parents very proud. As well they can be! To protect
this innovation, they decided to make it GPL, not BSD. The principal
difference is: You can make closed source programs deriving from BSD, not
from GPL. You have to give proper credit with both.

@ -0,0 +1 @@
README

@ -23,10 +23,6 @@
#include <gdk/gdkkeysyms.h>
#include <rfb/rfbclient.h>
#ifdef LIBVNCSERVER_CONFIG_LIBVA
#include <gdk/gdkx.h>
#endif
static rfbClient *cl;
static gchar *server_cut_text = NULL;
static gboolean framebuffer_allocated = FALSE;
@ -61,14 +57,6 @@ static gboolean expose_event (GtkWidget *widget,
cl->format.greenMax = (1 << image->visual->green_prec) - 1;
cl->format.blueMax = (1 << image->visual->blue_prec) - 1;
#ifdef LIBVNCSERVER_CONFIG_LIBVA
/* Allow libvncclient to use a more efficient way
* of putting the framebuffer on the screen when
* using the H.264 format.
*/
cl->outputWindow = GDK_WINDOW_XID(widget->window);
#endif
SetFormatAndEncodings (cl);
framebuffer_allocated = TRUE;
@ -79,14 +67,12 @@ static gboolean expose_event (GtkWidget *widget,
gdk_cursor_unref( cur );
}
#ifndef LIBVNCSERVER_CONFIG_LIBVA
gdk_draw_image (GDK_DRAWABLE (widget->window),
widget->style->fg_gc[gtk_widget_get_state(widget)],
image,
event->area.x, event->area.y,
event->area.x, event->area.y,
event->area.width, event->area.height);
#endif
return FALSE;
}
@ -476,12 +462,10 @@ static void update (rfbClient *cl, int x, int y, int w, int h) {
dialog_connecting = NULL;
}
#ifndef LIBVNCSERVER_CONFIG_LIBVA
GtkWidget *drawing_area = rfbClientGetClientData (cl, gtk_init);
if (drawing_area != NULL)
gtk_widget_queue_draw_area (drawing_area, x, y, w, h);
#endif
}
static void kbd_leds (rfbClient *cl, int value, int pad) {

@ -85,11 +85,11 @@ AVStream *add_video_stream(AVFormatContext *oc, int codec_id, int w, int h)
}
if (c->codec_id == CODEC_ID_MPEG1VIDEO){
/* needed to avoid using macroblocks in which some coeffs overflow
this doesnt happen with normal video, it just happens here as the
motion of the chroma plane doesnt match the luma plane */
this doesn't happen with normal video, it just happens here as the
motion of the chroma plane doesn't match the luma plane */
c->mb_decision=2;
}
/* some formats want stream headers to be seperate */
/* some formats want stream headers to be separate */
if(!strcmp(oc->oformat->name, "mp4") || !strcmp(oc->oformat->name, "mov") || !strcmp(oc->oformat->name, "3gp"))
c->flags |= CODEC_FLAG_GLOBAL_HEADER;

@ -46,7 +46,7 @@
#ifdef WORDS_BIGENDIAN
# define SWAP(n) \
(((n) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | ((n) >> 24))
((((n) & 0x00ff) << 24) | (((n) & 0xff00) << 8) | (((n) >> 8) & 0xff00) | (((n) >> 24) & 0x00ff))
#else
# define SWAP(n) (n)
#endif

@ -0,0 +1,29 @@
/************************ sha-private.h ************************/
/***************** See RFC 6234 for details. *******************/
#ifndef _SHA_PRIVATE__H
#define _SHA_PRIVATE__H
/*
* These definitions are defined in FIPS 180-3, section 4.1.
* Ch() and Maj() are defined identically in sections 4.1.1,
* 4.1.2, and 4.1.3.
*
* The definitions used in FIPS 180-3 are as follows:
*/
#ifndef USE_MODIFIED_MACROS
#define SHA_Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
#define SHA_Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
#else /* USE_MODIFIED_MACROS */
/*
* The following definitions are equivalent and potentially faster.
*/
#define SHA_Ch(x, y, z) (((x) & ((y) ^ (z))) ^ (z))
#define SHA_Maj(x, y, z) (((x) & ((y) | (z))) | ((y) & (z)))
#endif /* USE_MODIFIED_MACROS */
#define SHA_Parity(x, y, z) ((x) ^ (y) ^ (z))
#endif /* _SHA_PRIVATE__H */

@ -0,0 +1,358 @@
/**************************** sha.h ****************************/
/***************** See RFC 6234 for details. *******************/
/*
Copyright (c) 2011 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, are permitted provided that the following
conditions are met:
- Redistributions of source code must retain the above
copyright notice, this list of conditions and
the following disclaimer.
- Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following
disclaimer in the documentation and/or other materials provided
with the distribution.
- Neither the name of Internet Society, IETF or IETF Trust, nor
the names of specific contributors, may be used to endorse or
promote products derived from this software without specific
prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef _SHA_H_
#define _SHA_H_
/*
* Description:
* This file implements the Secure Hash Algorithms
* as defined in the U.S. National Institute of Standards
* and Technology Federal Information Processing Standards
* Publication (FIPS PUB) 180-3 published in October 2008
* and formerly defined in its predecessors, FIPS PUB 180-1
* and FIP PUB 180-2.
*
* A combined document showing all algorithms is available at
* http://csrc.nist.gov/publications/fips/
* fips180-3/fips180-3_final.pdf
*
* The five hashes are defined in these sizes:
* SHA-1 20 byte / 160 bit
* SHA-224 28 byte / 224 bit
* SHA-256 32 byte / 256 bit
* SHA-384 48 byte / 384 bit
* SHA-512 64 byte / 512 bit
*
* Compilation Note:
* These files may be compiled with two options:
* USE_32BIT_ONLY - use 32-bit arithmetic only, for systems
* without 64-bit integers
*
* USE_MODIFIED_MACROS - use alternate form of the SHA_Ch()
* and SHA_Maj() macros that are equivalent
* and potentially faster on many systems
*
*/
#include <stdint.h>
/*
* If you do not have the ISO standard stdint.h header file, then you
* must typedef the following:
* name meaning
* uint64_t unsigned 64-bit integer
* uint32_t unsigned 32-bit integer
* uint8_t unsigned 8-bit integer (i.e., unsigned char)
* int_least16_t integer of >= 16 bits
*
* See stdint-example.h
*/
#ifndef _SHA_enum_
#define _SHA_enum_
/*
* All SHA functions return one of these values.
*/
enum {
shaSuccess = 0,
shaNull, /* Null pointer parameter */
shaInputTooLong, /* input data too long */
shaStateError, /* called Input after FinalBits or Result */
shaBadParam /* passed a bad parameter */
};
#endif /* _SHA_enum_ */
/*
* These constants hold size information for each of the SHA
* hashing operations
*/
enum {
SHA1_Message_Block_Size = 64, SHA224_Message_Block_Size = 64,
SHA256_Message_Block_Size = 64, SHA384_Message_Block_Size = 128,
SHA512_Message_Block_Size = 128,
USHA_Max_Message_Block_Size = SHA512_Message_Block_Size,
SHA1HashSize = 20, SHA224HashSize = 28, SHA256HashSize = 32,
SHA384HashSize = 48, SHA512HashSize = 64,
USHAMaxHashSize = SHA512HashSize,
SHA1HashSizeBits = 160, SHA224HashSizeBits = 224,
SHA256HashSizeBits = 256, SHA384HashSizeBits = 384,
SHA512HashSizeBits = 512, USHAMaxHashSizeBits = SHA512HashSizeBits
};
/*
* These constants are used in the USHA (Unified SHA) functions.
*/
typedef enum SHAversion {
SHA1, SHA224, SHA256, SHA384, SHA512
} SHAversion;
/*
* This structure will hold context information for the SHA-1
* hashing operation.
*/
typedef struct SHA1Context {
uint32_t Intermediate_Hash[SHA1HashSize/4]; /* Message Digest */
uint32_t Length_High; /* Message length in bits */
uint32_t Length_Low; /* Message length in bits */
int_least16_t Message_Block_Index; /* Message_Block array index */
/* 512-bit message blocks */
uint8_t Message_Block[SHA1_Message_Block_Size];
int Computed; /* Is the hash computed? */
int Corrupted; /* Cumulative corruption code */
} SHA1Context;
/*
* This structure will hold context information for the SHA-256
* hashing operation.
*/
typedef struct SHA256Context {
uint32_t Intermediate_Hash[SHA256HashSize/4]; /* Message Digest */
uint32_t Length_High; /* Message length in bits */
uint32_t Length_Low; /* Message length in bits */
int_least16_t Message_Block_Index; /* Message_Block array index */
/* 512-bit message blocks */
uint8_t Message_Block[SHA256_Message_Block_Size];
int Computed; /* Is the hash computed? */
int Corrupted; /* Cumulative corruption code */
} SHA256Context;
/*
* This structure will hold context information for the SHA-512
* hashing operation.
*/
typedef struct SHA512Context {
#ifdef USE_32BIT_ONLY
uint32_t Intermediate_Hash[SHA512HashSize/4]; /* Message Digest */
uint32_t Length[4]; /* Message length in bits */
#else /* !USE_32BIT_ONLY */
uint64_t Intermediate_Hash[SHA512HashSize/8]; /* Message Digest */
uint64_t Length_High, Length_Low; /* Message length in bits */
#endif /* USE_32BIT_ONLY */
int_least16_t Message_Block_Index; /* Message_Block array index */
/* 1024-bit message blocks */
uint8_t Message_Block[SHA512_Message_Block_Size];
int Computed; /* Is the hash computed?*/
int Corrupted; /* Cumulative corruption code */
} SHA512Context;
/*
* This structure will hold context information for the SHA-224
* hashing operation. It uses the SHA-256 structure for computation.
*/
typedef struct SHA256Context SHA224Context;
/*
* This structure will hold context information for the SHA-384
* hashing operation. It uses the SHA-512 structure for computation.
*/
typedef struct SHA512Context SHA384Context;
/*
* This structure holds context information for all SHA
* hashing operations.
*/
typedef struct USHAContext {
int whichSha; /* which SHA is being used */
union {
SHA1Context sha1Context;
SHA224Context sha224Context; SHA256Context sha256Context;
SHA384Context sha384Context; SHA512Context sha512Context;
} ctx;
} USHAContext;
/*
* This structure will hold context information for the HMAC
* keyed-hashing operation.
*/
typedef struct HMACContext {
int whichSha; /* which SHA is being used */
int hashSize; /* hash size of SHA being used */
int blockSize; /* block size of SHA being used */
USHAContext shaContext; /* SHA context */
unsigned char k_opad[USHA_Max_Message_Block_Size];
/* outer padding - key XORd with opad */
int Computed; /* Is the MAC computed? */
int Corrupted; /* Cumulative corruption code */
} HMACContext;
/*
* This structure will hold context information for the HKDF
* extract-and-expand Key Derivation Functions.
*/
typedef struct HKDFContext {
int whichSha; /* which SHA is being used */
HMACContext hmacContext;
int hashSize; /* hash size of SHA being used */
unsigned char prk[USHAMaxHashSize];
/* pseudo-random key - output of hkdfInput */
int Computed; /* Is the key material computed? */
int Corrupted; /* Cumulative corruption code */
} HKDFContext;
/*
* Function Prototypes
*/
/* SHA-1 */
extern int SHA1Reset(SHA1Context *);
extern int SHA1Input(SHA1Context *, const uint8_t *bytes,
unsigned int bytecount);
extern int SHA1FinalBits(SHA1Context *, uint8_t bits,
unsigned int bit_count);
extern int SHA1Result(SHA1Context *,
uint8_t Message_Digest[SHA1HashSize]);
/* SHA-224 */
extern int SHA224Reset(SHA224Context *);
extern int SHA224Input(SHA224Context *, const uint8_t *bytes,
unsigned int bytecount);
extern int SHA224FinalBits(SHA224Context *, uint8_t bits,
unsigned int bit_count);
extern int SHA224Result(SHA224Context *,
uint8_t Message_Digest[SHA224HashSize]);
/* SHA-256 */
extern int SHA256Reset(SHA256Context *);
extern int SHA256Input(SHA256Context *, const uint8_t *bytes,
unsigned int bytecount);
extern int SHA256FinalBits(SHA256Context *, uint8_t bits,
unsigned int bit_count);
extern int SHA256Result(SHA256Context *,
uint8_t Message_Digest[SHA256HashSize]);
/* SHA-384 */
extern int SHA384Reset(SHA384Context *);
extern int SHA384Input(SHA384Context *, const uint8_t *bytes,
unsigned int bytecount);
extern int SHA384FinalBits(SHA384Context *, uint8_t bits,
unsigned int bit_count);
extern int SHA384Result(SHA384Context *,
uint8_t Message_Digest[SHA384HashSize]);
/* SHA-512 */
extern int SHA512Reset(SHA512Context *);
extern int SHA512Input(SHA512Context *, const uint8_t *bytes,
unsigned int bytecount);
extern int SHA512FinalBits(SHA512Context *, uint8_t bits,
unsigned int bit_count);
extern int SHA512Result(SHA512Context *,
uint8_t Message_Digest[SHA512HashSize]);
/* Unified SHA functions, chosen by whichSha */
extern int USHAReset(USHAContext *context, SHAversion whichSha);
extern int USHAInput(USHAContext *context,
const uint8_t *bytes, unsigned int bytecount);
extern int USHAFinalBits(USHAContext *context,
uint8_t bits, unsigned int bit_count);
extern int USHAResult(USHAContext *context,
uint8_t Message_Digest[USHAMaxHashSize]);
extern int USHABlockSize(enum SHAversion whichSha);
extern int USHAHashSize(enum SHAversion whichSha);
extern int USHAHashSizeBits(enum SHAversion whichSha);
extern const char *USHAHashName(enum SHAversion whichSha);
/*
* HMAC Keyed-Hashing for Message Authentication, RFC 2104,
* for all SHAs.
* This interface allows a fixed-length text input to be used.
*/
extern int hmac(SHAversion whichSha, /* which SHA algorithm to use */
const unsigned char *text, /* pointer to data stream */
int text_len, /* length of data stream */
const unsigned char *key, /* pointer to authentication key */
int key_len, /* length of authentication key */
uint8_t digest[USHAMaxHashSize]); /* caller digest to fill in */
/*
* HMAC Keyed-Hashing for Message Authentication, RFC 2104,
* for all SHAs.
* This interface allows any length of text input to be used.
*/
extern int hmacReset(HMACContext *context, enum SHAversion whichSha,
const unsigned char *key, int key_len);
extern int hmacInput(HMACContext *context, const unsigned char *text,
int text_len);
extern int hmacFinalBits(HMACContext *context, uint8_t bits,
unsigned int bit_count);
extern int hmacResult(HMACContext *context,
uint8_t digest[USHAMaxHashSize]);
/*
* HKDF HMAC-based Extract-and-Expand Key Derivation Function,
* RFC 5869, for all SHAs.
*/
extern int hkdf(SHAversion whichSha, const unsigned char *salt,
int salt_len, const unsigned char *ikm, int ikm_len,
const unsigned char *info, int info_len,
uint8_t okm[ ], int okm_len);
extern int hkdfExtract(SHAversion whichSha, const unsigned char *salt,
int salt_len, const unsigned char *ikm,
int ikm_len, uint8_t prk[USHAMaxHashSize]);
extern int hkdfExpand(SHAversion whichSha, const uint8_t prk[ ],
int prk_len, const unsigned char *info,
int info_len, uint8_t okm[ ], int okm_len);
/*
* HKDF HMAC-based Extract-and-Expand Key Derivation Function,
* RFC 5869, for all SHAs.
* This interface allows any length of text input to be used.
*/
extern int hkdfReset(HKDFContext *context, enum SHAversion whichSha,
const unsigned char *salt, int salt_len);
extern int hkdfInput(HKDFContext *context, const unsigned char *ikm,
int ikm_len);
extern int hkdfFinalBits(HKDFContext *context, uint8_t ikm_bits,
unsigned int ikm_bit_count);
extern int hkdfResult(HKDFContext *context,
uint8_t prk[USHAMaxHashSize],
const unsigned char *info, int info_len,
uint8_t okm[USHAMaxHashSize], int okm_len);
#endif /* _SHA_H_ */

@ -1,73 +1,66 @@
/*
* Copyright (C) The Internet Society (2001). All Rights Reserved.
*
* This document and translations of it may be copied and furnished to
* others, and derivative works that comment on or otherwise explain it
* or assist in its implementation may be prepared, copied, published
* and distributed, in whole or in part, without restriction of any
* kind, provided that the above copyright notice and this paragraph are
* included on all such copies and derivative works. However, this
* document itself may not be modified in any way, such as by removing
* the copyright notice or references to the Internet Society or other
* Internet organizations, except as needed for the purpose of
* developing Internet standards in which case the procedures for
* copyrights defined in the Internet Standards process must be
* followed, or as required to translate it into languages other than
* English.
*
* The limited permissions granted above are perpetual and will not be
* revoked by the Internet Society or its successors or assigns.
*
* This document and the information contained herein is provided on an
* "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
* TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
* BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
* HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
* MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
*/
/**************************** sha1.c ***************************/
/***************** See RFC 6234 for details. *******************/
/* Copyright (c) 2011 IETF Trust and the persons identified as */
/* authors of the code. All rights reserved. */
/* See sha.h for terms of use and redistribution. */
/*
* sha1.c
*
* Description:
* This file implements the Secure Hashing Algorithm 1 as
* defined in FIPS PUB 180-1 published April 17, 1995.
* This file implements the Secure Hash Algorithm SHA-1
* as defined in the U.S. National Institute of Standards
* and Technology Federal Information Processing Standards
* Publication (FIPS PUB) 180-3 published in October 2008
* and formerly defined in its predecessors, FIPS PUB 180-1
* and FIP PUB 180-2.
*
* The SHA-1, produces a 160-bit message digest for a given
* data stream. It should take about 2**n steps to find a
* message with the same digest as a given message and
* 2**(n/2) to find any two messages with the same digest,
* when n is the digest size in bits. Therefore, this
* algorithm can serve as a means of providing a
* A combined document showing all algorithms is available at
* http://csrc.nist.gov/publications/fips/
* fips180-3/fips180-3_final.pdf
*
* The SHA-1 algorithm produces a 160-bit message digest for a
* given data stream that can serve as a means of providing a
* "fingerprint" for a message.
*
* Portability Issues:
* SHA-1 is defined in terms of 32-bit "words". This code
* uses <stdint.h> (included via "sha1.h" to define 32 and 8
* bit unsigned integer types. If your C compiler does not
* support 32 bit unsigned integers, this code is not
* uses <stdint.h> (included via "sha.h") to define 32- and
* 8-bit unsigned integer types. If your C compiler does
* not support 32-bit unsigned integers, this code is not
* appropriate.
*
* Caveats:
* SHA-1 is designed to work with messages less than 2^64 bits
* long. Although SHA-1 allows a message digest to be generated
* for messages of any number of bits less than 2^64, this
* implementation only works with messages with a length that is
* a multiple of the size of an 8-bit character.
*
* long. This implementation uses SHA1Input() to hash the bits
* that are a multiple of the size of an 8-bit octet, and then
* optionally uses SHA1FinalBits() to hash the final few bits of
* the input.
*/
#include "sha1.h"
#include "sha.h"
#include "sha-private.h"
/*
* Define the SHA1 circular left shift macro
*/
#define SHA1CircularShift(bits,word) \
#define SHA1_ROTL(bits,word) \
(((word) << (bits)) | ((word) >> (32-(bits))))
/* Local Function Prototyptes */
void SHA1PadMessage(SHA1Context *);
void SHA1ProcessMessageBlock(SHA1Context *);
/*
* Add "length" to the length.
* Set Corrupted when overflow has occurred.
*/
static uint32_t addTemp;
#define SHA1AddLength(context, length) \
(addTemp = (context)->Length_Low, \
(context)->Corrupted = \
(((context)->Length_Low += (length)) < addTemp) && \
(++(context)->Length_High == 0) ? shaInputTooLong \
: (context)->Corrupted )
/* Local Function Prototypes */
static void SHA1ProcessMessageBlock(SHA1Context *context);
static void SHA1Finalize(SHA1Context *context, uint8_t Pad_Byte);
static void SHA1PadMessage(SHA1Context *context, uint8_t Pad_Byte);
/*
* SHA1Reset
@ -86,80 +79,22 @@ void SHA1ProcessMessageBlock(SHA1Context *);
*/
int SHA1Reset(SHA1Context *context)
{
if (!context)
{
return shaNull;
}
context->Length_Low = 0;
context->Length_High = 0;
context->Message_Block_Index = 0;
context->Intermediate_Hash[0] = 0x67452301;
context->Intermediate_Hash[1] = 0xEFCDAB89;
context->Intermediate_Hash[2] = 0x98BADCFE;
context->Intermediate_Hash[3] = 0x10325476;
context->Intermediate_Hash[4] = 0xC3D2E1F0;
context->Computed = 0;
context->Corrupted = 0;
return shaSuccess;
}
if (!context) return shaNull;