X-Git-Url: https://git.proxmox.com/?p=vncterm.git;a=blobdiff_plain;f=newtigerpatches%2Fadd-pvecert-parameter.patch;fp=newtigerpatches%2Fadd-pvecert-parameter.patch;h=11bef806fdd7e588e8ed6ea6adc93cbc07fa0a1e;hp=0000000000000000000000000000000000000000;hb=336e20e1c7aff1db230add4ebd74c4d50318fd55;hpb=4f21735dc06d089624fa82400d6e19fce220dd14

diff --git a/newtigerpatches/add-pvecert-parameter.patch b/newtigerpatches/add-pvecert-parameter.patch
new file mode 100644
index 0000000..11bef80
--- /dev/null
+++ b/newtigerpatches/add-pvecert-parameter.patch
@@ -0,0 +1,75 @@
+Index: new/java/com/tigervnc/rfb/CSecurityTLS.java
+===================================================================
+--- new.orig/java/com/tigervnc/rfb/CSecurityTLS.java	2013-04-18 11:56:22.000000000 +0200
++++ new/java/com/tigervnc/rfb/CSecurityTLS.java	2013-04-18 13:59:03.000000000 +0200
+@@ -25,6 +25,7 @@
+ import java.io.File;
+ import java.io.InputStream;
+ import java.io.FileInputStream;
++import java.io.ByteArrayInputStream;
+ import java.util.ArrayList;
+ import java.util.Collection;
+ import javax.swing.JOptionPane;
+@@ -34,6 +35,9 @@
+ 
+ public class CSecurityTLS extends CSecurity {
+ 
++  public static StringParameter PVECert
++  = new StringParameter("PVECert",
++                        "Proxmox VE CA certificate", "");
+   public static StringParameter x509ca
+   = new StringParameter("x509ca",
+                         "X509 CA certificate", "");
+@@ -92,6 +96,8 @@
+   {
+     anon = _anon;
+     setDefaults();
++
++    pvecert = PVECert.getData();
+     cafile = x509ca.getData(); 
+     crlfile = x509crl.getData(); 
+   }
+@@ -170,10 +176,15 @@
+       CertificateFactory cf = CertificateFactory.getInstance("X.509");
+       try {
+         ks.load(null, null);
+-        File cacert = new File(cafile);
+-        if (!cacert.exists() || !cacert.canRead())
+-          return;
+-        InputStream caStream = new FileInputStream(cafile);
++        InputStream caStream;
++        if (pvecert != null) {
++            caStream = new ByteArrayInputStream(pvecert.getBytes("ISO-8859-1"));
++        } else {
++            File cacert = new File(cafile);
++            if (!cacert.exists() || !cacert.canRead())
++                return;
++            caStream = new FileInputStream(cafile);
++        }
+         X509Certificate ca = (X509Certificate)cf.generateCertificate(caStream);
+         ks.setCertificateEntry("CA", ca);
+         PKIXBuilderParameters params = new PKIXBuilderParameters(ks, new X509CertSelector());
+@@ -241,6 +252,7 @@
+   private boolean anon;
+   private SSLSession session;
+   private String cafile, crlfile;
++  private String pvecert;
+   private InStream is;
+   private SSLSocket ssl;
+ 
+Index: new/java/com/tigervnc/vncviewer/VncViewer.java
+===================================================================
+--- new.orig/java/com/tigervnc/vncviewer/VncViewer.java	2013-04-18 11:56:21.000000000 +0200
++++ new/java/com/tigervnc/vncviewer/VncViewer.java	2013-04-18 13:56:33.000000000 +0200
+@@ -168,6 +168,11 @@
+     if (firstApplet) {
+       alwaysShowServerDialog.setParam(true);
+       Configuration.readAppletParams(this);
++      String tmpcert = this.getParameter("PVECert");
++      if (tmpcert != null) {
++          CSecurityTLS.PVECert.setParam(tmpcert.replace('|', '\n'));
++      }
++ 
+       String host = getCodeBase().getHost();
+       if (vncServerName.getValue() == null && vncServerPort.getValue() != 0) {
+         int port = vncServerPort.getValue();