mirror of
git://git.proxmox.com/git/vncterm.git
synced 2025-01-06 21:17:39 +03:00
76 lines
2.8 KiB
Diff
76 lines
2.8 KiB
Diff
|
Index: new/java/com/tigervnc/rfb/CSecurityTLS.java
|
||
|
===================================================================
|
||
|
--- new.orig/java/com/tigervnc/rfb/CSecurityTLS.java 2013-04-18 11:56:22.000000000 +0200
|
||
|
+++ new/java/com/tigervnc/rfb/CSecurityTLS.java 2013-04-18 13:59:03.000000000 +0200
|
||
|
@@ -25,6 +25,7 @@
|
||
|
import java.io.File;
|
||
|
import java.io.InputStream;
|
||
|
import java.io.FileInputStream;
|
||
|
+import java.io.ByteArrayInputStream;
|
||
|
import java.util.ArrayList;
|
||
|
import java.util.Collection;
|
||
|
import javax.swing.JOptionPane;
|
||
|
@@ -34,6 +35,9 @@
|
||
|
|
||
|
public class CSecurityTLS extends CSecurity {
|
||
|
|
||
|
+ public static StringParameter PVECert
|
||
|
+ = new StringParameter("PVECert",
|
||
|
+ "Proxmox VE CA certificate", "");
|
||
|
public static StringParameter x509ca
|
||
|
= new StringParameter("x509ca",
|
||
|
"X509 CA certificate", "");
|
||
|
@@ -92,6 +96,8 @@
|
||
|
{
|
||
|
anon = _anon;
|
||
|
setDefaults();
|
||
|
+
|
||
|
+ pvecert = PVECert.getData();
|
||
|
cafile = x509ca.getData();
|
||
|
crlfile = x509crl.getData();
|
||
|
}
|
||
|
@@ -170,10 +176,15 @@
|
||
|
CertificateFactory cf = CertificateFactory.getInstance("X.509");
|
||
|
try {
|
||
|
ks.load(null, null);
|
||
|
- File cacert = new File(cafile);
|
||
|
- if (!cacert.exists() || !cacert.canRead())
|
||
|
- return;
|
||
|
- InputStream caStream = new FileInputStream(cafile);
|
||
|
+ InputStream caStream;
|
||
|
+ if (pvecert != null) {
|
||
|
+ caStream = new ByteArrayInputStream(pvecert.getBytes("ISO-8859-1"));
|
||
|
+ } else {
|
||
|
+ File cacert = new File(cafile);
|
||
|
+ if (!cacert.exists() || !cacert.canRead())
|
||
|
+ return;
|
||
|
+ caStream = new FileInputStream(cafile);
|
||
|
+ }
|
||
|
X509Certificate ca = (X509Certificate)cf.generateCertificate(caStream);
|
||
|
ks.setCertificateEntry("CA", ca);
|
||
|
PKIXBuilderParameters params = new PKIXBuilderParameters(ks, new X509CertSelector());
|
||
|
@@ -241,6 +252,7 @@
|
||
|
private boolean anon;
|
||
|
private SSLSession session;
|
||
|
private String cafile, crlfile;
|
||
|
+ private String pvecert;
|
||
|
private InStream is;
|
||
|
private SSLSocket ssl;
|
||
|
|
||
|
Index: new/java/com/tigervnc/vncviewer/VncViewer.java
|
||
|
===================================================================
|
||
|
--- new.orig/java/com/tigervnc/vncviewer/VncViewer.java 2013-04-18 11:56:21.000000000 +0200
|
||
|
+++ new/java/com/tigervnc/vncviewer/VncViewer.java 2013-04-18 13:56:33.000000000 +0200
|
||
|
@@ -168,6 +168,11 @@
|
||
|
if (firstApplet) {
|
||
|
alwaysShowServerDialog.setParam(true);
|
||
|
Configuration.readAppletParams(this);
|
||
|
+ String tmpcert = this.getParameter("PVECert");
|
||
|
+ if (tmpcert != null) {
|
||
|
+ CSecurityTLS.PVECert.setParam(tmpcert.replace('|', '\n'));
|
||
|
+ }
|
||
|
+
|
||
|
String host = getCodeBase().getHost();
|
||
|
if (vncServerName.getValue() == null && vncServerPort.getValue() != 0) {
|
||
|
int port = vncServerPort.getValue();
|