vncrec 1.0.3 → 1.0.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 3feee74e40b84f5e30207f99e01b2444f8f18d54
-  data.tar.gz: 2da896794d70531e284c14b369e6f21c5c9085c1
+  metadata.gz: b496fdd1cf4345a163978a601c2f3defa77e4646
+  data.tar.gz: 205b7ca582a47c89da2e220d77fc5e6b4dc7f2b8
 SHA512:
-  metadata.gz: 0c5ed155f4838c12c0b3a1b3288cd9b71c8526f6e04e2628187745b6bcd5ab02954e9a96816f3fa7cac5ac850345a31813ef116f173de96c949d3aef3100dcb5
-  data.tar.gz: 1c7e9cd361f129e87c298caaebecb70526a6767d49a877356e80e4931001ad5adbe41f37219ea61456d7eed2bcd1ef8d201e9f7570a35bf2cd06f5d47b3413b6
+  metadata.gz: 8aeb8c8cd064a12dc28897625cefd801559fd1b920c7afe1a9970848388fd17d8e0473a8723b8407e329cd7d16abdff1a153dd7bcc50c54bc7099c01cbff2947
+  data.tar.gz: 6b3bcfb25adc7581a1a90c1a3b7103501a081329c473e05af99851f0338f1258f89fb583bede9a3f6684ae3c7fb2bdfb3162ad7e1226e6d5016355ec5b2a7775

data/CHANGELOG.md

@@ -1,5 +1,11 @@
 # Changelog
 
+##1.0.4
+
+* Added authentication
+
+##1.0.3
+
 ##1.0.2
 
 * Fixed crash caused by sending `USR1` when `Writer` is not initialized

data/README.md

@@ -4,6 +4,10 @@ VNCRec
 VNCRec is a gem that provides you 
 tools to record VNC session.
 
+##Installation
+
+`gem install vncrec`
+
 ##Usage
 There is a binary called `vncrec`, which is a recorder tool.
 

data/bin/vncrec

@@ -64,6 +64,10 @@ OptionParser.new do |opts|
   opts.on('-s', '--server SERVER', 'Specify host address') do |s|
     options[:host] = s
   end
+
+  opts.on('--password PASSWORD', 'Specify password to use') do |s|
+    options[:auth] = [VNCRec::RFB::Authentication::VncAuthentication, s]
+  end
 end.parse!
 
 v = VNCRec::Recorder.new(options)

data/examples/auth.rb

@@ -0,0 +1,20 @@
+#!/usr/bin/env ruby
+# encoding: utf-8
+
+# Authentication example.
+# Currently only VNC Authentication type is supported.
+# This type of auth should not be used over untrusted networks,
+# because it uses DES in ECB mode.
+#
+# auth option is an Array. Either
+# [VNCRec::RFB::Authentication::None] (default) or
+# [VNCRec::RFB::Authentication::VncAuthentication, 'mypassword']
+
+require 'vncrec'
+
+VNCRec::Recorder.new(
+  encoding: VNCRec::EncHextile,
+  filename: 'file.mp4',
+  auth: [VNCRec::RFB::Authentication::VncAuthentication, 'mypassword']
+)
+

data/lib/vncrec/recorder.rb

@@ -13,6 +13,7 @@ end
 
 require 'vncrec/constants.rb'
 require 'vncrec/rfb/proxy.rb'
+require 'vncrec/rfb/authentication.rb'
 require 'vncrec/writers.rb'
 
 module VNCRec
@@ -20,13 +21,14 @@ module VNCRec
 
   class Recorder
     DEFAULTS = {
-      :pix_fmt      => :BGR8,
-      :debug        => nil,
-      :encoding     => VNCRec::ENC_RAW,
-      :filename     => nil,
-      :fps          => 6,
-      :input        => nil,
-      :port         => 5900
+      :pix_fmt       => :BGR8,
+      :debug         => nil,
+      :encoding      => VNCRec::ENC_RAW,
+      :filename      => nil,
+      :fps           => 6,
+      :input         => nil,
+      :port          => 5900,
+      :auth          => [VNCRec::RFB::Authentication::None]
     }
 
     # @param geometry [String] geometry of the screen area to capture(+x,y offset is not implemented yet)
@@ -62,6 +64,9 @@ module VNCRec
 
       @client = nil
 
+      @auth = options[:auth]
+      @password = options[:password]
+
       @framerate = options[:fps]
       fail ArgumentError if !@framerate.is_a?(Numeric) || @framerate <= 0
 
@@ -164,7 +169,7 @@ module VNCRec
         @logger.info 'got client' if @logging
 
       end
-      @client = VNCRec::RFB::Proxy.new(@server, 'RFB 003.008', @enc, @pix_fmt)
+      @client = VNCRec::RFB::Proxy.new(@server, 'RFB 003.008', @enc, @pix_fmt, @auth)
       @recording_starttime = Time.now if @filename.include?('DATE')
 
       w, h, name = @client.handshake

data/lib/vncrec/rfb/authentication.rb

@@ -0,0 +1,180 @@
+module VNCRec
+  module RFB
+    module Authentication
+      class Abstract
+        def initialize(io, *args)
+          @io = io
+        end
+
+        def to_msg
+          [@code].pack('C')
+        end
+
+        def handshake
+          types = get_security_types
+          handle_types(types)
+          send_type
+          perform_authentication
+          security_result
+        end
+
+        # Once the protocol version has been decided, the server and client
+        # must agree on the type of security to be used on the connection.  The
+        # server lists the security types that it supports:
+        #
+        # +--------------------------+-------------+--------------------------+
+        # | No. of bytes             | Type        | Description              |
+        # |                          | [Value]     |                          |
+        # +--------------------------+-------------+--------------------------+
+        # | 1                        | U8          | number-of-security-types |
+        # | number-of-security-types | U8 array    | security-types           |
+        # +--------------------------+-------------+--------------------------+
+        # If the server listed at least one valid security type supported by
+        # the client, the client sends back a single byte indicating which
+        # security type is to be used on the connection:
+        #
+        #      +--------------+--------------+---------------+
+        #      | No. of bytes | Type [Value] | Description   |
+        #      +--------------+--------------+---------------+
+        #      | 1            | U8           | security-type |
+        #      +--------------+--------------+---------------+
+        #
+        # If number-of-security-types is zero, then for some reason the
+        # connection failed (e.g., the server cannot support the desired
+        # protocol version).  This is followed by a string describing the
+        # reason (where a string is specified as a length followed by that many
+        # ASCII characters):
+        #
+        #      +---------------+--------------+---------------+
+        #      | No. of bytes  | Type [Value] | Description   |
+        #      +---------------+--------------+---------------+
+        #      | 4             | U32          | reason-length |
+        #      | reason-length | U8 array     | reason-string |
+        #      +---------------+--------------+---------------+
+        #
+        #  The server closes the connection after sending the reason-string.
+        #  @return [Integer] types
+        def get_security_types
+          num_of_st = @io.readbyte
+          if num_of_st == 0 # failed
+            reason_len = @io.readpartial(4).unpack('L>')[0]
+            reason = @io.readpartial(reason_len)
+            raise reason
+          else
+            result = []
+            num_of_st.times do
+              result << @io.readbyte
+            end
+            result
+          end
+        end
+
+        def handle_types(types)
+          raise 'The server does not support requested auth method' unless types.include? @code
+        end
+
+        # If the server listed at least one valid security type supported by
+        # the client, the client sends back a single byte indicating which
+        # security type is to be used on the connection.
+        def send_type
+          @io.syswrite to_msg
+        end
+
+        # The server sends a word to inform the client whether the security
+        # handshaking was successful.
+        #
+        #      +--------------+--------------+-------------+
+        #      | No. of bytes | Type [Value] | Description |
+        #      +--------------+--------------+-------------+
+        #      | 4            | U32          | status:     |
+        #      |              | 0            | OK          |
+        #      |              | 1            | failed      |
+        #      +--------------+--------------+-------------+
+        #
+        # If unsuccessful, the server sends a string describing the reason for
+        # the failure, and then closes the connection:
+        #
+        #     +---------------+--------------+---------------+
+        #     | No. of bytes  | Type [Value] | Description   |
+        #     +---------------+--------------+---------------+
+        #     | 4             | U32          | reason-length |
+        #     | reason-length | U8 array     | reason-string |
+        #     +---------------+--------------+---------------+
+        #
+        def security_result
+          word = (@io.readpartial 4).unpack('L>').first
+          if word != 0
+            reason_len = (@io.readpartial 4).unpack('L>').first
+            reason = @io.readpartial(reason_len)
+            raise reason
+          end
+        end
+
+        def perform_authentication
+          raise 'NI'
+        end
+      end
+
+      class None < Abstract
+        def initialize(io, *args)
+          super
+          @code = 1
+        end
+
+        def perform_authentication
+        end
+      end
+
+      class VncAuthentication < Abstract
+        def initialize(io, *args)
+          super
+          @code = 2
+          @password = args.first
+        end
+
+        # The server sends a random 16-byte challenge:
+        #
+        #      +--------------+--------------+-------------+
+        #      | No. of bytes | Type [Value] | Description |
+        #      +--------------+--------------+-------------+
+        #      | 16           | U8           | challenge   |
+        #      +--------------+--------------+-------------+
+        #
+        # The client encrypts the challenge with DES (ECB), using a password supplied
+        # by the user as the key.  To form the key, the password is truncated
+        # to eight characters, or padded with null bytes on the right.
+        # Actually, each byte is also reversed. Challenge string is split
+        # in two chunks of 8 bytes, which are encrypted separately and clashed together
+        # again. The client then sends the resulting 16-byte response:
+        #
+        #      +--------------+--------------+-------------+
+        #      | No. of bytes | Type [Value] | Description |
+        #      +--------------+--------------+-------------+
+        #      | 16           | U8           | response    |
+        #      +--------------+--------------+-------------+
+        #
+        # The protocol continues with the SecurityResult message.
+        def perform_authentication
+          require 'openssl'
+
+          challenge = @io.readpartial(16)
+          split_challenge = [challenge.slice(0, 8), challenge.slice(8, 8)]
+
+          cipher = OpenSSL::Cipher::DES.new(:ECB)
+          cipher.encrypt
+          cipher.key = normalized_password
+          encrypted = split_challenge.reduce('') { |a, e| cipher.reset; a << cipher.update(e) }
+          @io.syswrite encrypted
+        end
+
+        private
+
+        def normalized_password
+          rev = ->(n) { (0...8).reduce(0) { |a, e| a + 2**e * n[7 - e] } }
+          inv = @password.each_byte.map { |b| rev[b].chr }.join
+          inv.ljust(8, "\x00")
+        end
+      end
+    end
+  end
+end

data/lib/vncrec/rfb/proxy.rb

@@ -18,15 +18,20 @@ module VNCRec
       # @param pf [Hash] pixel format:
       #  * {VNCRec::PIX_FMT_BGR8} - 8 bits per pixel
       #  * {VNCRec::PIX_FMT_BGR32} - 32 bits per pixel
-      # @param w width of the screen area
-      # @param h height of the screen area
-      def initialize(io, rfbv, enc, pf)
+      # @param auth [Array]:
+      # * Constant class e.g. VNCRec::Authentication::VncAuthentication
+      # * optional argument, e.g. password string
+      def initialize(io, rfbv, enc, pf, auth)
         @io = io
         @version = rfbv
         @enc = enc
         @pf = pf
+        @auth = auth.first.new(@io, *auth.drop(1))
       end
 
+      # @param w width of the screen area
+      # @param h height of the screen area
+      # @param bpp bits per pixel
       def prepare_framebuffer(w, h, bpp)
         @w = w
         @h = h
@@ -43,24 +48,10 @@ module VNCRec
         version = @io.readpartial 12
         @io.syswrite(@version + "\n")
 
-        # security
-        num_of_st = @io.readbyte
-        if num_of_st == 0 # failed
-          reason_len = @io.readpartial(4).unpack('L>')[0]
-          reason = @io.readpartial(reason_len)
-          fail reason
-        else
-          num_of_st.times do
-            @io.readbyte
-          end
-        end
-
-        reply = [1].pack('C') # security type:none
-        @io.syswrite reply
+        @auth.handshake
 
-        stype = (@io.readpartial 4).unpack('H' * 8)
         # client init
-        @io.syswrite reply
+        @io.syswrite "\x01"
 
         # server init
         w = @io.readpartial(2).unpack('S>')[0]
@@ -69,8 +60,6 @@ module VNCRec
         nlen = @io.readpartial(4).unpack('L>')[0]
         @name = @io.readpartial nlen
         return [w, h, @name]
-      rescue
-        return nil
       end
 
       # Set a way that server should use to represent pixel data

data/lib/vncrec/version.rb

@@ -1,3 +1,3 @@
 module VNCRec
-  VERSION = "1.0.3"
+  VERSION = "1.0.4"
 end

data/vncrec.gemspec

@@ -28,6 +28,8 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'rspec'
   spec.add_development_dependency 'rspec-its'
   spec.add_development_dependency 'activesupport'
+  spec.add_development_dependency 'pry'
+  spec.add_development_dependency 'pry-byebug'
 
   spec.requirements << 'ffmpeg'
   spec.requirements << 'x11vnc'

metadata

@@ -1,97 +1,125 @@
 --- !ruby/object:Gem::Specification
 name: vncrec
 version: !ruby/object:Gem::Version
-  version: 1.0.3
+  version: 1.0.4
 platform: ruby
 authors:
 - d-theus
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-03-05 00:00:00.000000000 Z
+date: 2017-08-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.7'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '1.7'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '10.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '10.0'
 - !ruby/object:Gem::Dependency
   name: rake-compiler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec-its
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry-byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0'
 description: |-
@@ -106,14 +134,15 @@ extensions:
 - ext/enchex_c/extconf.rb
 extra_rdoc_files: []
 files:
-- .gitignore
-- .rspec
+- ".gitignore"
+- ".rspec"
 - CHANGELOG.md
 - Gemfile
 - LICENSE.txt
 - README.md
 - Rakefile
 - bin/vncrec
+- examples/auth.rb
 - examples/exit.rb
 - examples/mp4.rb
 - examples/mp4audio.rb
@@ -122,6 +151,7 @@ files:
 - lib/vncrec.rb
 - lib/vncrec/constants.rb
 - lib/vncrec/recorder.rb
+- lib/vncrec/rfb/authentication.rb
 - lib/vncrec/rfb/enchex.rb
 - lib/vncrec/rfb/encraw.rb
 - lib/vncrec/rfb/enczrle.rb
@@ -143,19 +173,19 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements:
 - ffmpeg
 - x11vnc
 rubyforge_project: 
-rubygems_version: 2.0.14
+rubygems_version: 2.4.5.2
 signing_key: 
 specification_version: 4
 summary: VNC session recording