x11vnc: -display WAIT:..., -users unixpw=, su_verify dpy command.

ChangeLog

+2006-06-08  Karl Runge <runge@karlrunge.com>
+	* prepare_x11vnc_dist.sh: to 0.8.2
+
 2006-05-29  Steven Carr <scarr@jsa-usa.com>
 	* Identified and removed some memory leaks associated
 	  with the Encodings RRE, CoRRE, ZLIB, and Ultra.

prepare_x11vnc_dist.sh

 #!/bin/bash
 
-VERSION="0.8.1"
+VERSION="0.8.2"
 
 cd "$(dirname "$0")"
 

x11vnc/ChangeLog

+2006-06-08  Karl Runge <runge@karlrunge.com>
+	* x11vnc: XOpenDisplay wrapper for raw xauth data, -unixpw 
+	  su_verify() to run any cmd, -users unixpw= mode. -display WAIT:...
+	  modes for delayed X display opening and dynamic choosing.
+
 2006-06-03  Karl Runge <runge@karlrunge.com>
 	* x11vnc: -capslock and -skip_lockkeys options.  map some Alt keys
 	  to Latin under linuxfb.  switch to new stats API.  Handle more

x11vnc/cleanup.c

@@ -155,7 +155,7 @@ void clean_up_exit (int ret) {
 	}
 #endif
 	/* XXX rdpy_ctrl, etc. cannot close w/o blocking */
-	XCloseDisplay(dpy);
+	XCloseDisplay_wr(dpy);
 	X_UNLOCK;
 
 	fflush(stderr);
@@ -311,6 +311,7 @@ static void crash_shell(void) {
 			crash_shell_help();
 		} else if (*str == 's' && *(str+1) == '\0') {
 			sprintf(cmd, "sh -c '(%s) &'", crash_stack_command1);
+			/* crash */
 			if (no_external_cmds) {
 				fprintf(stderr, "\nno_external_cmds=%d\n",
 				    no_external_cmds);

x11vnc/connections.c

@@ -448,6 +448,7 @@ static int run_user_command(char *cmd, rfbClientPtr client, char *mode) {
 	sprintf(str, "%d", client_count);
 	set_env("RFB_CLIENT_COUNT", str);
 
+	/* gone, accept, afteraccept */
 	if (no_external_cmds) {
 		rfbLogEnable(1);
 		rfbLog("cannot run external commands in -nocmds mode:\n");

x11vnc/gui.c

@@ -5,6 +5,7 @@
 #include "win_utils.h"
 #include "remote.h"
 #include "cleanup.h"
+#include "xwrappers.h"
 
 #include "tkx11vnc.h"
 
@@ -229,15 +230,15 @@ if (0) fprintf(stderr, "run_gui: %s -- %d %d\n", gui_xdisplay, connect_to_x11vnc
 			} else {
 				old_xauth = strdup("");
 			}
-			dpy = XOpenDisplay(x11vnc_xdisplay); 
+			dpy = XOpenDisplay_wr(x11vnc_xdisplay); 
 			if (! dpy && auth_file) {
 				set_env("XAUTHORITY", auth_file);
-				dpy = XOpenDisplay(x11vnc_xdisplay);
+				dpy = XOpenDisplay_wr(x11vnc_xdisplay);
 			}
 			if (! dpy && ! x11vnc_xdisplay) {
 				/* worstest case */
 				x11vnc_xdisplay = strdup(":0");
-				dpy = XOpenDisplay(x11vnc_xdisplay); 
+				dpy = XOpenDisplay_wr(x11vnc_xdisplay); 
 			}
 			if (! dpy) {
 				rfbLog("gui: could not open x11vnc "
@@ -310,7 +311,7 @@ if (0) fprintf(stderr, "run_gui: %s -- %d %d\n", gui_xdisplay, connect_to_x11vnc
 			set_env("X11VNC_CONNECT_FILE", client_connect_file);
 		}
 		if (dpy)  {
-			XCloseDisplay(dpy);
+			XCloseDisplay_wr(dpy);
 			dpy = NULL;
 		}
 		if (old_xauth) {
@@ -418,6 +419,7 @@ if (0) fprintf(stderr, "run_gui: %s -- %d %d\n", gui_xdisplay, connect_to_x11vnc
 		set_env("X11VNC_ICON_FONT", icon_mode_font);
 	}
 
+	/* gui */
 	if (no_external_cmds) {
 		fprintf(stderr, "cannot run external commands in -nocmds "
 		    "mode:\n");
@@ -576,20 +578,20 @@ void do_gui(char *opts, int sleep) {
 		fprintf(stderr, "starting gui, trying display: %s\n",
 		    gui_xdisplay);
 	}
-	test_dpy = XOpenDisplay(gui_xdisplay);
+	test_dpy = XOpenDisplay_wr(gui_xdisplay);
 	if (! test_dpy && auth_file) {
 		if (getenv("XAUTHORITY") != NULL) {
 			old_xauth = strdup(getenv("XAUTHORITY"));
 		}
 		set_env("XAUTHORITY", auth_file);
-		test_dpy = XOpenDisplay(gui_xdisplay);
+		test_dpy = XOpenDisplay_wr(gui_xdisplay);
 	}
 	if (! test_dpy) {
 		if (! old_xauth && getenv("XAUTHORITY") != NULL) {
 			old_xauth = strdup(getenv("XAUTHORITY"));
 		}
 		set_env("XAUTHORITY", "");
-		test_dpy = XOpenDisplay(gui_xdisplay);
+		test_dpy = XOpenDisplay_wr(gui_xdisplay);
 	}
 	if (! test_dpy) {
 		fprintf(stderr, "error: cannot connect to gui X DISPLAY: %s\n",
@@ -603,7 +605,7 @@ void do_gui(char *opts, int sleep) {
 			tray_manager_ok = 0;
 		}
 	}
-	XCloseDisplay(test_dpy);
+	XCloseDisplay_wr(test_dpy);
 
 	if (start_x11vnc) {
 

x11vnc/options.c

@@ -93,7 +93,7 @@ char *allowed_input_str = NULL;
 char *viewonly_passwd = NULL;	/* view only passwd. */
 char **passwd_list = NULL;	/* for -passwdfile */
 int begin_viewonly = -1;
-int inetd = 0;			/* spawned from inetd(1) */
+int inetd = 0;			/* spawned from inetd(8) */
 #ifndef FILEXFER
 #define FILEXFER 1
 #endif

x11vnc/pointer.c

@@ -941,6 +941,7 @@ if (0) fprintf(stderr, "initialize_pipeinput: %s -- %s\n", pipeinput_str, p);
 	}
 
 	set_child_info();
+	/* pipeinput */
 	if (no_external_cmds) {
 		rfbLogEnable(1);
 		rfbLog("cannot run external commands in -nocmds mode:\n");

x11vnc/remote.c

@@ -585,7 +585,7 @@ int remote_control_access_ok(void) {
 		    "XAUTHORITY\n", dpy_str);
 		fprintf(stderr, "   -- (ignore any Xlib: errors that"
 		    " follow) --\n");
-		dpy2 = XOpenDisplay(dpy_str); 
+		dpy2 = XOpenDisplay_wr(dpy_str); 
 		fflush(stderr);
 		fprintf(stderr, "   -- (done checking) --\n\n");
 
@@ -601,7 +601,7 @@ int remote_control_access_ok(void) {
 		if (dpy2) {
 			rfbLog("XAUTHORITY is not required on display.\n");
 			rfbLog("   %s\n", DisplayString(dpy));
-			XCloseDisplay(dpy2);
+			XCloseDisplay_wr(dpy2);
 			dpy2 = NULL;
 			return 0;
 		}

x11vnc/screen.c

@@ -541,7 +541,7 @@ void set_raw_fb_params(int restore) {
 		multiple_cursors_mode = mc0;
 
 		if (! dpy && raw_fb_orig_dpy) {
-			dpy = XOpenDisplay(raw_fb_orig_dpy);
+			dpy = XOpenDisplay_wr(raw_fb_orig_dpy);
 			if (dpy) {
 				if (! quiet) rfbLog("reopened DISPLAY: %s\n",
 				    raw_fb_orig_dpy);
@@ -881,6 +881,7 @@ if (db) fprintf(stderr, "initialize_raw_fb reset\n");
 
 		set_child_info();
 		q += strlen("setup:");
+		/* rawfb-setup */
 		if (no_external_cmds) {
 			rfbLogEnable(1);
 			rfbLog("cannot run external commands in -nocmds "
@@ -988,7 +989,7 @@ if (db) fprintf(stderr, "initialize_raw_fb reset\n");
 		if (dpy) {
 			rfbLog("closing X DISPLAY: %s in rawfb mode.\n",
 			    DisplayString(dpy));
-			XCloseDisplay(dpy);	/* yow! */
+			XCloseDisplay_wr(dpy);	/* yow! */
 		}
 		dpy = NULL;
 	}
@@ -1974,7 +1975,7 @@ void initialize_screen(int *argc, char **argv, XImage *fb) {
 		have_masks = 0;
 	}
 
-	if (cmap8to24 && depth == 8) {
+	if (cmap8to24 && depth == 8 && dpy) {
 		XVisualInfo vinfo;
 		/* more cooking up... */
 		have_masks = 2;
@@ -2042,6 +2043,8 @@ void initialize_screen(int *argc, char **argv, XImage *fb) {
 				rfbLog("Raw fb at addr %p is %dbpp depth=%d "
 				    "true color\n", raw_fb_addr,
 				    fb_bpp, fb_depth);
+			} else if (! dpy) {
+				;
 			} else if (have_masks == 2) {
 				rfbLog("\n");
 				rfbLog("X display %s is %dbpp depth=%d indexed "
@@ -2206,6 +2209,7 @@ void initialize_screen(int *argc, char **argv, XImage *fb) {
 		fprintf(stderr, " 8to24_fb:    %p\n", cmap8to24_fb);
 		fprintf(stderr, " snap_fb:     %p\n", snap_fb);
 		fprintf(stderr, " raw_fb:      %p\n", raw_fb);
+		fprintf(stderr, " fake_fb:     %p\n", fake_fb);
 		fprintf(stderr, "\n");
 	}
 

x11vnc/solid.c

@@ -53,6 +53,7 @@ static int dt_cmd(char *cmd) {
 		return 0;
 	}
 
+	/* dt */
 	if (no_external_cmds) {
 		rfbLog("cannot run external commands in -nocmds mode:\n");
 		rfbLog("   \"%s\"\n", cmd);

x11vnc/sslcmds.c

@@ -113,6 +113,7 @@ int start_stunnel(int stunnel_port, int x11vnc_port) {
 		return 0;
 	}
 
+	/* stunnel */
 	if (no_external_cmds) {
 		rfbLogEnable(1);
 		rfbLog("start_stunnel: cannot run external commands in -nocmds mode:\n");

x11vnc/sslhelper.c

@@ -246,6 +246,7 @@ static char *create_tmp_pem(char *pathin, int prompt) {
 	CN = strdup(line);
 	EM = strdup("x11vnc@server.nowhere");
 
+	/* ssl */
 	if (no_external_cmds) {
 		rfbLog("create_tmp_pem: cannot run external commands.\n");	
 		return NULL;
@@ -818,7 +819,7 @@ void openssl_port(void) {
 		rfbLog("openssl_port: could not reopen port %d\n", port);
 		clean_up_exit(1);
 	}
-	if (db) fprintf(stderr, "listen on port/sock %d/%d\n", port, sock);
+	rfbLog("openssl_port: listen on port/sock %d/%d\n", port, sock);
 	openssl_sock = sock;
 	openssl_port_num = port;
 

x11vnc/tkx11vnc

@@ -316,6 +316,12 @@ Tuning
 	=D-C:0,1,2,3,4 pointer_mode:
 	input_skip:
 	=D nodragging
+	-- D
+	speeds:
+	=D wait:
+	defer:
+	=D nap
+	screen_blank:
 	--
 	=GAL WireFrame::
 	wireframe
@@ -337,12 +343,6 @@ Tuning
 	xd_area:
 	xd_mem:
 	=GAL LOFF
-	-- D
-	speeds:
-	=D wait:
-	defer:
-	=D nap
-	screen_blank:
 	--
 	=GAL SharedMemory::
 	noshm

x11vnc/tkx11vnc.h

@@ -327,6 +327,12 @@ char gui_code[] = "";
 "	=D-C:0,1,2,3,4 pointer_mode:\n"
 "	input_skip:\n"
 "	=D nodragging\n"
+"	-- D\n"
+"	speeds:\n"
+"	=D wait:\n"
+"	defer:\n"
+"	=D nap\n"
+"	screen_blank:\n"
 "	--\n"
 "	=GAL WireFrame::\n"
 "	wireframe\n"
@@ -348,12 +354,6 @@ char gui_code[] = "";
 "	xd_area:\n"
 "	xd_mem:\n"
 "	=GAL LOFF\n"
-"	-- D\n"
-"	speeds:\n"
-"	=D wait:\n"
-"	defer:\n"
-"	=D nap\n"
-"	screen_blank:\n"
 "	--\n"
 "	=GAL SharedMemory::\n"
 "	noshm\n"

x11vnc/unixpw.c

@@ -49,7 +49,7 @@ void unixpw_screen(int init);
 void unixpw_keystroke(rfbBool down, rfbKeySym keysym, int init);
 void unixpw_accept(char *user);
 void unixpw_deny(void);
-int su_verify(char *user, char *pass);
+int su_verify(char *user, char *pass, char *cmd, char *rbuf, int *rbuf_size);
 int crypt_verify(char *user, char *pass);
 
 static int white(void);
@@ -63,6 +63,10 @@ int unixpw_login_viewonly = 0;
 time_t unixpw_last_try_time = 0;
 rfbClientPtr unixpw_client = NULL;
 
+int keep_unixpw = 0;
+char *keep_unixpw_user = NULL;
+char *keep_unixpw_pass = NULL;
+
 static int in_login = 0, in_passwd = 0, tries = 0;
 static int char_row = 0, char_col = 0;
 static int char_x = 0, char_y = 0, char_w = 8, char_h = 16;
@@ -352,11 +356,11 @@ int crypt_verify(char *user, char *pass) {
 #endif	/* UNIXPW_CRYPT */
 }
 
-int su_verify(char *user, char *pass) {
+int su_verify(char *user, char *pass, char *cmd, char *rbuf, int *rbuf_size) {
 #ifndef UNIXPW_SU
 	return 0;
 #else
-	int i, j, status, fd = -1, sfd, tfd;
+	int i, j, status, fd = -1, sfd, tfd, drain_size = 4096, rsize;
 	int slow_pw = 1;
 	char *slave, *bin_true = NULL, *bin_su = NULL;
 	pid_t pid, pidw;
@@ -389,6 +393,7 @@ int su_verify(char *user, char *pass) {
 			return 0;
 		}
 	}
+	/* unixpw */
 	if (no_external_cmds) {
 		rfbLog("su_verify: cannot run external commands.\n");	
 		clean_up_exit(1);
@@ -417,6 +422,10 @@ int su_verify(char *user, char *pass) {
 	} if (stat("/usr/bin/true", &sbuf) == 0) {
 		bin_true = "/usr/bin/true";
 	}
+	if (cmd != NULL && cmd[0] != '\0') {
+		/* this is for ext. cmd su -c "my cmd" */
+		bin_true = cmd;
+	}
 	if (bin_true == NULL) {
 		rfbLogPerror("existence /bin/true");
 		return 0;
@@ -617,13 +626,13 @@ if (db) fprintf(stderr, "slave is: %s fd=%d\n", slave, fd);
 if (db) fprintf(stderr, "%s", buf);
 
 		if (db > 3 && n == 1 && buf[0] == ':') {
-			char cmd[32];
+			char cmd0[32];
 			usleep( 100 * 1000 );
 			fprintf(stderr, "\n\n");
-			sprintf(cmd, "ps wu %d", pid);
-			system(cmd);
-			sprintf(cmd, "stty -a < %s", slave);
-			system(cmd);
+			sprintf(cmd0, "ps wu %d", pid);
+			system(cmd0);
+			sprintf(cmd0, "stty -a < %s", slave);
+			system(cmd0);
 			fprintf(stderr, "\n\n");
 		}
 
@@ -675,7 +684,12 @@ if (db) {
 	 * if we don't drain we may block at waitpid.  If we close(fd), the
 	 * make cause child to die by signal.
 	 */
-	for (i = 0; i<4096; i++) {
+	if (rbuf && *rbuf_size > 0) {
+		/* asked to return output of command */
+		drain_size = *rbuf_size;
+		rsize = 0;
+	}
+	for (i = 0; i< drain_size; i++) {
 		int n;	
 		
 		buf[0] = '\0';
@@ -691,6 +705,48 @@ if (db) fprintf(stderr, "%s", buf);
 		if (n <= 0) {
 			break;
 		}
+
+		if (rbuf) {
+			rbuf[i] = buf[0];
+			rsize++;
+		}
+	}
+	if (rbuf) {
+		char *s = rbuf;
+		char *p = strdup(pass);
+		int n, o = 0;
+		
+		n = strlen(p);
+		if (p[n-1] == '\n') {
+			p[n-1] = '\0';
+		}
+		/*
+		 * usually is: Password: mypassword\r\n\r\n<output-of-command>
+		 * and output will have \n -> \r\n
+		 */
+		if (rbuf[0] == ' ') {
+			s++;
+			o++;
+		}
+		if (strstr(s, p) == s) {
+			s += strlen(p);
+			o += strlen(p);
+			for (n = 0; n < 4; n++) {
+				if (s[0] == '\r' || s[0] == '\n') {
+					s++;
+					o++;
+				}
+			}
+		}
+		if (o > 0) {
+			int i = 0;
+			rsize -= o;
+			while (o < drain_size) {
+				rbuf[i++] = rbuf[o++];
+			}
+		}
+		*rbuf_size = rsize;
+		strzero(p);
 	}
 
 if (db) fprintf(stderr, "\n");
@@ -730,14 +786,39 @@ if (db) fprintf(stderr, "unixpw_verify: '%s' '%s'\n", user, db > 1 ? pass : "***
 	if (unixpw_nis) {
 		if (crypt_verify(user, pass)) {
 			unixpw_accept(user);
+			if (keep_unixpw) {
+				keep_unixpw_user = strdup(user);
+				keep_unixpw_pass = strdup(pass);
+			}
 			return;
 		} else {
 			rfbLog("unixpw_verify: crypt_verify login for %s failed.\n", user);
 			usleep(3000*1000);
 		}
+	} else if (0) {
+		char buf[8192];
+		int n = 8000;
+		int res = su_verify(user, pass, "/home/runge/wallycom yegg 33", buf, &n);
+
+		fprintf(stderr, "su_verify ret: n=%d ", n);
+		write(2, buf, n);
+
+		if (res) {
+			unixpw_accept(user);
+			if (keep_unixpw) {
+				keep_unixpw_user = strdup(user);
+				keep_unixpw_pass = strdup(pass);
+			}
+			return;
+		}
+		rfbLog("unixpw_verify: su_verify login for %s failed.\n", user);
 	} else {
-		if (su_verify(user, pass)) {
+		if (su_verify(user, pass, NULL, NULL, NULL)) {
 			unixpw_accept(user);
+			if (keep_unixpw) {
+				keep_unixpw_user = strdup(user);
+				keep_unixpw_pass = strdup(pass);
+			}
 			return;
 		}
 		rfbLog("unixpw_verify: su_verify login for %s failed.\n", user);
@@ -803,6 +884,14 @@ void unixpw_keystroke(rfbBool down, rfbKeySym keysym, int init) {
 			user[i] = '\0';
 			pass[i] = '\0';
 		}
+		if (keep_unixpw_user) {
+			free(keep_unixpw_user);
+			keep_unixpw_user = NULL;
+		}
+		if (keep_unixpw_pass) {
+			free(keep_unixpw_pass);
+			keep_unixpw_pass = NULL;
+		}
 		return;
 	}
 
@@ -1027,6 +1116,41 @@ static void apply_opts (char *user) {
 void unixpw_accept(char *user) {
 	apply_opts(user);
 
+	if (started_as_root == 1 && users_list
+	    && strstr(users_list, "unixpw=") == users_list) {
+		if (getuid() && geteuid()) {
+			rfbLog("unixpw_accept: unixpw= but not root\n");
+			started_as_root = 2;
+		} else {
+			char *u = (char *)malloc(strlen(user)+1); 
+
+			u[0] = '\0';
+			if (!strcmp(users_list, "unixpw=")) {
+				sprintf(u, "+%s", user);
+			} else {
+				char *p, *str = strdup(users_list);
+				p = strtok(str + strlen("unixpw="), ",");
+				while (p) {
+					if (!strcmp(p, user)) {
+						sprintf(u, "+%s", user);
+						break;
+					}
+					p = strtok(NULL, ",");
+				}
+				free(str);
+			}
+			
+			if (u[0] == '\0') {
+				rfbLog("unixpw_accept skipping switch to user: %s\n", user);
+			} else if (switch_user(u, 0)) {
+				rfbLog("unixpw_accept switched to user: %s\n", user);
+			} else {
+				rfbLog("unixpw_accept failed to switched to user: %s\n", user);
+			}
+			free(u);
+		}
+	}
+
 	if (unixpw_login_viewonly) {
 		unixpw_client->viewOnly = TRUE;
 	}

x11vnc/unixpw.h

@@ -7,12 +7,15 @@ extern void unixpw_screen(int init);
 extern void unixpw_keystroke(rfbBool down, rfbKeySym keysym, int init);
 extern void unixpw_accept(char *user);
 extern void unixpw_deny(void);
-extern int su_verify(char *user, char *pass);
+extern int su_verify(char *user, char *pass, char *cmd, char *rbuf, int *rbuf_size);
 extern int crypt_verify(char *user, char *pass);
 
 extern int unixpw_in_progress;
 extern int unixpw_login_viewonly;
 extern time_t unixpw_last_try_time;
 extern rfbClientPtr unixpw_client;
+extern int keep_unixpw;
+extern char *keep_unixpw_user;
+extern char *keep_unixpw_pass;
 
 #endif /* _X11VNC_UNIXPW_H */

x11vnc/user.c

@@ -6,6 +6,8 @@
 #include "scan.h"
 #include "screen.h"
 #include "unixpw.h"
+#include "sslhelper.h"
+#include "xwrappers.h"
 
 void check_switched_user(void);
 void lurk_loop(char *str);
@@ -13,6 +15,7 @@ int switch_user(char *user, int fb_mode);
 int read_passwds(char *passfile);
 void install_passwds(void);
 void check_new_passwds(void);
+int wait_for_client(int *argc, char** argv, int http);
 
 
 static void switch_user_task_dummy(void);
@@ -574,9 +577,9 @@ static int try_user_and_display(uid_t uid, char *dpystr) {
 		}
 
 		fclose(stderr);
-		dpy2 = XOpenDisplay(dpystr);
+		dpy2 = XOpenDisplay_wr(dpystr);
 		if (dpy2) {
-			XCloseDisplay(dpy2);
+			XCloseDisplay_wr(dpy2);
 			exit(0);	/* success */
 		} else {
 			exit(2);	/* fail */
@@ -940,4 +943,234 @@ void check_new_passwds(void) {
 	}
 }
 
+int wait_for_client(int *argc, char** argv, int http) {
+	static XImage ximage_struct;
+	XImage* fb_image;
+	int w = 640, h = 480, b = 32;
+	int w0, h0, i;
+	int chg_raw_fb = 0;
+	char *str, *q, *p;
+	char *cmd = NULL;
+	int db = 0;
+
+	if (! use_dpy || strstr(use_dpy, "WAIT:") != use_dpy) {
+		return 0;
+	}
+
+	rfbLog("into wait_for_client.\n");
+	str = strdup(use_dpy);
+	str += strlen("WAIT:");
+	q = strchr(str, ':');
+
+	/* get any leading geometry: */
+	if (q) *q = '\0';
+	if (sscanf(str, "%dx%d", &w0, &h0) == 2)  {
+		w = w0;
+		h = h0;
+	}
+	if (q) *q = ':';
+
+	q = strchr(str, ':');
+	if (! q) {
+		if (strstr(str, "cmd=") != str) {
+			str = strdup(":0"); 
+		}
+	} else {
+		str = q;
+	}
+	if (db) fprintf(stderr, "str: %s\n", str);
+
+	if (strstr(str, "cmd=") == str) {
+		cmd = str + strlen("cmd=");
+		if (db) fprintf(stderr, "cmd: %s\n", cmd);
+
+		/* WAIT */
+		if (no_external_cmds) {
+			rfbLog("wait_for_client external cmds not allowed:"
+			    " %s\n", use_dpy);
+			clean_up_exit(1);
+		}
+	}
+	
+	if (fake_fb) {
+		free(fake_fb);
+	}
+	fake_fb = (char *) calloc(w*h*b/4, 1);
+
+	fb_image = &ximage_struct;
+	fb_image->data = fake_fb;
+	fb_image->format = ZPixmap;
+	fb_image->width  = w;
+	fb_image->height = h;
+	fb_image->bits_per_pixel = b;
+	fb_image->bytes_per_line = w*b/8;
+	fb_image->bitmap_unit = -1;
+	fb_image->depth = 24;
+	fb_image->red_mask   = 0xff0000;
+	fb_image->green_mask = 0x00ff00;
+	fb_image->blue_mask  = 0x0000ff;
+
+	depth = fb_image->depth;
+
+	dpy_x = wdpy_x = w;
+	dpy_y = wdpy_y = h;
+	off_x = 0;
+	off_y = 0;
+
+	initialize_allowed_input();
+	
+	initialize_screen(argc, argv, fb_image);
+
+	if (http && check_httpdir()) {
+		http_connections(1);
+	}
+
+	if (! raw_fb) {
+		chg_raw_fb = 1;
+		/* kludge to get RAWFB_RET with dpy == NULL guards */
+		raw_fb = "null";
+	}
+
+	if (cmd && unixpw) {
+		keep_unixpw = 1;
+	}
+
+	if (inetd && use_openssl) {
+		accept_openssl(OPENSSL_INETD);
+	}
+
+	while (1) {
+		if (! use_threads) {
+			rfbPE(-1);
+		}
+		if (use_openssl) {
+			check_openssl();
+		}
+		if (! screen || ! screen->clientHead) {
+			usleep(100 * 1000);
+			continue;
+		}
+		rfbLog("wait_for_client: got client\n");
+		break;
+	}
+
+	if (unixpw) {
+		if (! unixpw_in_progress) {
+			rfbLog("unixpw but no unixpw_in_progress\n");
+			clean_up_exit(1);
+		}
+		while (1) {
+			if (! use_threads) {
+				rfbPE(-1);
+			}
+			if (unixpw_in_progress) {
+				usleep(20 * 1000);
+				continue;
+			}
+			rfbLog("wait_for_client: unixpw finished.\n");
+			break;
+		}
+	}
+
+	if (cmd) {
+		char line1[1024];
+		char line2[16384];
+		char *q;
+		int n;
+
+		memset(line1, 0, 1024);
+		memset(line2, 0, 16384);
+
+		if (unixpw) {
+			int res = 0, k, j;
+			char line[18000];
+
+			memset(line, 0, 18000);
+
+			if (keep_unixpw_user && keep_unixpw_pass) {
+				n = 18000;
+				res = su_verify(keep_unixpw_user, keep_unixpw_pass,
+				    cmd, line, &n);
+				strzero(keep_unixpw_user);
+				strzero(keep_unixpw_pass);
+			}
+			keep_unixpw = 0;
+
+			if (! res) {
+				rfbLog("wait_for_client: cmd failed: %s\n", cmd);
+				clean_up_exit(1);
+			}
+			for (k = 0; k < 1024; k++) {
+				line1[k] = line[k];
+				if (line[k] == '\n') {
+					k++;
+					break;
+				}
+			}
+			n -= k;
+			while (j < 16384) {
+				line2[j] = line[k+j];
+				j++;
+			}
+		} else {
+			FILE *p = popen(cmd, "r");
+			if (! p) {
+				rfbLog("wait_for_client: cmd failed: %s\n", cmd);
+				rfbLogPerror("popen");
+				clean_up_exit(1);
+			}
+			if (fgets(line1, 1024, p) == NULL) {
+				rfbLog("wait_for_client: read failed: %s\n", cmd);
+				rfbLogPerror("fgets");
+				clean_up_exit(1);
+			}
+			n = fread(line2, 1, 16384, p);
+			pclose(p);
+		}
+
+		if (strstr(line1, "DISPLAY=") != line1) {
+			rfbLog("wait_for_client: bad reply %s\n", line1);
+			clean_up_exit(1);
+		}
+
+		use_dpy = strdup(line1 + strlen("DISPLAY="));
+		q = use_dpy;
+		while (*q != '\0') {
+			if (*q == '\n' || *q == '\r') *q = '\0';
+			q++;
+		}
+if (db) fprintf(stderr, "use_dpy: %s  n: %d\n", use_dpy, n);
+if (0) write(2, line2, n);
+		if (line2[0] != '\0') {
+			if (strstr(line2, "XAUTHORITY=") == line2) {
+				q = line2;
+				while (*q != '\0') {
+					if (*q == '\n' || *q == '\r') *q = '\0';
+					q++;
+				}
+				if (auth_file) {
+					free(auth_file);
+				}
+				auth_file = strdup(line2 + strlen("XAUTHORITY="));
+
+			} else {
+				xauth_raw_data = (char *)malloc(n);
+				xauth_raw_len = n;
+				memcpy(xauth_raw_data, line2, n);
+if (db) fprintf(stderr, "xauth_raw_len: %d\n", n);
+if (0) {
+	write(2, xauth_raw_data, xauth_raw_len);
+	fprintf(stderr, "\n");
+}
+			}
+		}
+	} else {
+		use_dpy = strdup(str);
+	}
+	if (chg_raw_fb) {
+		raw_fb = NULL;
+	}
+
+	return 1;
+}
 

x11vnc/user.h

@@ -9,5 +9,6 @@ extern int switch_user(char *, int);
 extern int read_passwds(char *passfile);
 extern void install_passwds(void);
 extern void check_new_passwds(void);
+extern int wait_for_client(int *argc, char** argv, int http);
 
 #endif /* _X11VNC_USER_H */

x11vnc/v4l.c

@@ -1089,6 +1089,7 @@ static char *guess_via_v4l_info(char *dev, int *fd) {
 
 	if (*fd) {}
 
+	/* v4l-info */
 	if (no_external_cmds) {
 		rfbLog("guess_via_v4l_info: cannot run external "
 		    "command: v4l-info\n");

x11vnc/win_utils.c

@@ -304,6 +304,7 @@ int pick_windowid(unsigned long *num) {
 	if (use_dpy) {
 		set_env("DISPLAY", use_dpy);
 	}
+	/* id */
 	if (no_external_cmds) {
 		rfbLogEnable(1);
 		rfbLog("cannot run external commands in -nocmds mode:\n");

x11vnc/x11vnc.c

@@ -960,7 +960,7 @@ static void quick_pw(char *str) {
 			
 		}
 		fprintf(stdout, "password: ");
-		/* no_external_cmds does not apply */
+		/* test mode: no_external_cmds does not apply */
 		system("stty -echo");
 		if(fgets(tmp, 128, stdin) == NULL) {
 			fprintf(stdout, "\n");
@@ -1003,7 +1003,7 @@ static void quick_pw(char *str) {
 			exit(1);
 		}
 	} else {
-		if (su_verify(p, q+1)) {
+		if (su_verify(p, q+1, NULL, NULL, NULL)) {
 			fprintf(stdout, "Y %s\n", p);
 			exit(0);
 		} else {
@@ -1254,7 +1254,7 @@ static void check_loop_mode(int argc, char* argv[]) {
 				perror("fork");
 				exit(1);
 			} else {
-				/* no_external_cmds does not apply */
+				/* loop mode: no_external_cmds does not apply */
 				execvp(argv[0], argv2); 
 				exit(1);
 			}
@@ -1283,6 +1283,7 @@ static void store_homedir_passwd(char *file) {
 	str1[0] = '\0';
 	str2[0] = '\0';
 
+	/* storepasswd */
 	if (no_external_cmds) {
 		fprintf(stderr, "-nocmds cannot be used with -storepasswd\n");
 		exit(1);
@@ -1388,6 +1389,7 @@ int main(int argc, char* argv[]) {
 	int dt = 0, bg = 0;
 	int got_rfbwait = 0;
 	int got_httpdir = 0, try_http = 0;
+	int waited_for_client = 0;
 	XImage *fb0 = NULL;
 
 	/* used to pass args we do not know about to rfbGetScreen(): */
@@ -2728,20 +2730,33 @@ int main(int argc, char* argv[]) {
 	use_xkb_modtweak = 0;
 #endif
 
+#ifdef LIBVNCSERVER_WITH_TIGHTVNC_FILETRANSFER
+	if (filexfer) {
+		rfbRegisterTightVNCFileTransferExtension();
+	} else {
+		rfbUnregisterTightVNCFileTransferExtension();
+	}
+#endif
+
+	initialize_allowed_input();
+
 	if (users_list && strstr(users_list, "lurk=")) {
 		if (use_dpy) {
 			rfbLog("warning: -display does not make sense in "
 			    "\"lurk=\" mode...\n");
 		}
 		lurk_loop(users_list);
+	} else if (use_dpy && strstr(use_dpy, "WAIT:") == use_dpy) {
+		waited_for_client = wait_for_client(&argc_vnc, argv_vnc,
+		    try_http && ! got_httpdir);
 	}
 
 	if (use_dpy) {
-		dpy = XOpenDisplay(use_dpy);
+		dpy = XOpenDisplay_wr(use_dpy);
 	} else if ( (use_dpy = getenv("DISPLAY")) ) {
-		dpy = XOpenDisplay(use_dpy);
+		dpy = XOpenDisplay_wr(use_dpy);
 	} else {
-		dpy = XOpenDisplay("");
+		dpy = XOpenDisplay_wr("");
 	}
 
 	if (! dpy && raw_fb_str) {
@@ -2764,7 +2779,7 @@ int main(int argc, char* argv[]) {
 		}
 		fprintf(stderr, "\n");
 		use_dpy = ":0";
-		dpy = XOpenDisplay(use_dpy);
+		dpy = XOpenDisplay_wr(use_dpy);
 		if (dpy) {
 			rfbLog("*** XOpenDisplay of \":0\" successful.\n");
 		}
@@ -2803,7 +2818,7 @@ int main(int argc, char* argv[]) {
 		fflush(stderr);
 		fflush(stdout);
 		usleep(30 * 1000);	/* still needed? */
-		XCloseDisplay(dpy);
+		XCloseDisplay_wr(dpy);
 		exit(rc);
 	}
 
@@ -3133,13 +3148,6 @@ int main(int argc, char* argv[]) {
 
 	raw_fb_pass_go_and_collect_200_dollars:
 
-#ifdef LIBVNCSERVER_WITH_TIGHTVNC_FILETRANSFER
-	if (filexfer) {
-		rfbRegisterTightVNCFileTransferExtension();
-	} else {
-		rfbUnregisterTightVNCFileTransferExtension();
-	}
-#endif
 	if (! dt) {
 		static char str[] = "-desktop";
 		argv_vnc[argc_vnc++] = str;
@@ -3162,9 +3170,16 @@ int main(int argc, char* argv[]) {
 
 	initialize_screen(&argc_vnc, argv_vnc, fb0);
 
+	if (waited_for_client && fake_fb) {
+		free(fake_fb);
+		fake_fb = NULL;
+	}
+
+	if (! waited_for_client) {
 		if (try_http && ! got_httpdir && check_httpdir()) {
 			http_connections(1);
 		}
+	}
 
 	initialize_tiles();
 
@@ -3180,11 +3195,11 @@ int main(int argc, char* argv[]) {
 
 	initialize_keyboard_and_pointer();
 
-	initialize_allowed_input();
-
 	if (inetd && use_openssl) {
+		if (! waited_for_client) {
 			accept_openssl(OPENSSL_INETD);
 		}
+	}
 	if (! inetd && ! use_openssl) {
 		if (! screen->port || screen->listenSock < 0) {
 			rfbLogEnable(1);

x11vnc/x11vnc.h

@@ -114,7 +114,7 @@
 #define PASSWD_UNLESS_NOPW 0
 #endif
 
-#define REL81
+#define noREL81
 
 /*
  * Beginning of support for small binary footprint build for embedded
@@ -320,6 +320,8 @@ extern char lastmod[];
 
 extern Display *dpy;		/* the single display screen we connect to */
 extern int scr;
+extern char *xauth_raw_data;
+extern int xauth_raw_len;
 extern Window window, rootwin;		/* polled window, root window (usu. same) */
 extern Visual *default_visual;		/* the default visual (unless -visual) */
 extern int bpp, depth;

x11vnc/x11vnc_defs.c

@@ -15,12 +15,14 @@ int xtrap_base_event_type = 0;
 int xdamage_base_event_type = 0;
 
 /*               date +'lastmod: %Y-%m-%d' */
-char lastmod[] = "0.8.1 lastmod: 2006-06-03";
+char lastmod[] = "0.8.2 lastmod: 2006-06-08";
 
 /* X display info */
 
 Display *dpy = NULL;		/* the single display screen we connect to */
 int scr = 0;
+char *xauth_raw_data = NULL;
+int xauth_raw_len = 0;
 Window window = None, rootwin = None;	/* polled window, root window (usu. same) */
 Visual *default_visual = NULL;	/* the default visual (unless -visual) */
 int bpp = 0, depth = 0;

x11vnc/xevents.c

@@ -454,7 +454,7 @@ static void grab_buster_watch(int parent, char *dstr) {
 	}
 
 	/* overwrite original dpy, we let orig connection sit unused. */
-	dpy = XOpenDisplay(dstr);
+	dpy = XOpenDisplay_wr(dstr);
 	if (!dpy) {
 		fprintf(stderr, "grab_buster_watch: could not reopen: %s\n",
 		    dstr);
@@ -518,7 +518,7 @@ void spawn_grab_buster(void) {
 
 	RAWFB_RET_VOID
 
-	XCloseDisplay(dpy); 
+	XCloseDisplay_wr(dpy); 
 	dpy = NULL;
 
 	if ((pid = fork()) > 0) {
@@ -539,7 +539,7 @@ void spawn_grab_buster(void) {
 		exit(0);
 	}
 
-	dpy = XOpenDisplay(dstr);
+	dpy = XOpenDisplay_wr(dstr);
 	if (!dpy) {
 		rfbLog("failed to reopen display %s in spawn_grab_buster\n",
 		    dstr);

x11vnc/xkb_bell.c

@@ -40,6 +40,10 @@ void initialize_xkb(void) {
 		return;
 	}
 
+	if (! xauth_raw(1)) {
+		return;
+	}
+
 	if (! XkbOpenDisplay(DisplayString(dpy), &xkb_base_event_type, &ir,
 	    NULL, NULL, &reason) ) {
 		if (! quiet) {
@@ -49,6 +53,7 @@ void initialize_xkb(void) {
 		xkb_base_event_type = 0;
 		xkb_present = 0;
 	}
+	xauth_raw(0);
 }
 
 void initialize_watch_bell(void) {

x11vnc/xrecord.c

@@ -118,8 +118,8 @@ static void xrecord_grabserver(int start) {
 	XSync(gdpy_ctrl, True);
 
 	if (! rc_grab || trapped_record_xerror) {
-		XCloseDisplay(gdpy_ctrl);
-		XCloseDisplay(gdpy_data);
+		XCloseDisplay_wr(gdpy_ctrl);
+		XCloseDisplay_wr(gdpy_data);
 		gdpy_ctrl = NULL;
 		gdpy_data = NULL;
 		XSetErrorHandler(old_handler);
@@ -127,8 +127,8 @@ static void xrecord_grabserver(int start) {
 	}
 	rc = XRecordEnableContextAsync(gdpy_data, rc_grab, record_grab, NULL);
 	if (!rc || trapped_record_xerror) {
-		XCloseDisplay(gdpy_ctrl);
-		XCloseDisplay(gdpy_data);
+		XCloseDisplay_wr(gdpy_ctrl);
+		XCloseDisplay_wr(gdpy_data);
 		gdpy_ctrl = NULL;
 		gdpy_data = NULL;
 		XSetErrorHandler(old_handler);
@@ -179,18 +179,18 @@ void initialize_xrecord(void) {
 	X_LOCK;
 	/* open a 2nd control connection to DISPLAY: */
 	if (rdpy_data) {
-		XCloseDisplay(rdpy_data);
+		XCloseDisplay_wr(rdpy_data);
 		rdpy_data = NULL;
 	}
 	if (rdpy_ctrl) {
-		XCloseDisplay(rdpy_ctrl);
+		XCloseDisplay_wr(rdpy_ctrl);
 		rdpy_ctrl = NULL;
 	}
-	rdpy_ctrl = XOpenDisplay(DisplayString(dpy));
+	rdpy_ctrl = XOpenDisplay_wr(DisplayString(dpy));
 	XSync(dpy, True);
 	XSync(rdpy_ctrl, True);
 	/* open datalink connection to DISPLAY: */
-	rdpy_data = XOpenDisplay(DisplayString(dpy));
+	rdpy_data = XOpenDisplay_wr(DisplayString(dpy));
 	if (!rdpy_ctrl || ! rdpy_data) {
 		X_UNLOCK;
 		return;
@@ -206,19 +206,19 @@ void initialize_xrecord(void) {
 	 * in place, why?  Not sure, so we manually watch for grabs...
 	 */
 	if (gdpy_data) {
-		XCloseDisplay(gdpy_data);
+		XCloseDisplay_wr(gdpy_data);
 		gdpy_data = NULL;
 	}
 	if (gdpy_ctrl) {
-		XCloseDisplay(gdpy_ctrl);
+		XCloseDisplay_wr(gdpy_ctrl);
 		gdpy_ctrl = NULL;
 	}
 	xserver_grabbed = 0;
 
-	gdpy_ctrl = XOpenDisplay(DisplayString(dpy));
+	gdpy_ctrl = XOpenDisplay_wr(DisplayString(dpy));
 	XSync(dpy, True);
 	XSync(gdpy_ctrl, True);
-	gdpy_data = XOpenDisplay(DisplayString(dpy));
+	gdpy_data = XOpenDisplay_wr(DisplayString(dpy));
 	if (gdpy_ctrl && gdpy_data) {
 		disable_grabserver(gdpy_ctrl, 0);
 		disable_grabserver(gdpy_data, 0);
@@ -260,19 +260,19 @@ void shutdown_xrecord(void) {
 	}
 		
 	if (rdpy_data) {
-		XCloseDisplay(rdpy_data);
+		XCloseDisplay_wr(rdpy_data);
 		rdpy_data = NULL;
 	}
 	if (rdpy_ctrl) {
-		XCloseDisplay(rdpy_ctrl);
+		XCloseDisplay_wr(rdpy_ctrl);
 		rdpy_ctrl = NULL;
 	}
 	if (gdpy_data) {
-		XCloseDisplay(gdpy_data);
+		XCloseDisplay_wr(gdpy_data);
 		gdpy_data = NULL;
 	}
 	if (gdpy_ctrl) {
-		XCloseDisplay(gdpy_ctrl);
+		XCloseDisplay_wr(gdpy_ctrl);
 		gdpy_ctrl = NULL;
 	}
 	xserver_grabbed = 0;
@@ -1367,16 +1367,16 @@ static void shutdown_record_context(XRecordContext rc, int bequiet, int reopen)
 		if (debug_scroll) {
 			rfbLog("closing RECORD data connection.\n");
 		}
-		XCloseDisplay(rdpy_data);
+		XCloseDisplay_wr(rdpy_data);
 		rdpy_data = NULL;
 
 		if (debug_scroll) {
 			rfbLog("closing RECORD control connection.\n");
 		}
-		XCloseDisplay(rdpy_ctrl);
+		XCloseDisplay_wr(rdpy_ctrl);
 		rdpy_ctrl = NULL;
 
-		rdpy_ctrl = XOpenDisplay(dpystr);
+		rdpy_ctrl = XOpenDisplay_wr(dpystr);
 
 		if (! rdpy_ctrl) {
 			rfbLog("Failed to reopen RECORD control connection:"
@@ -1390,13 +1390,13 @@ static void shutdown_record_context(XRecordContext rc, int bequiet, int reopen)
 		disable_grabserver(rdpy_ctrl, 0);
 		XSync(rdpy_ctrl, True);
 
-		rdpy_data = XOpenDisplay(dpystr);
+		rdpy_data = XOpenDisplay_wr(dpystr);
 
 		if (! rdpy_data) {
 			rfbLog("Failed to reopen RECORD data connection:"
 			    "%s\n", dpystr);
 			rfbLog("  disabling RECORD scroll detection.\n");
-			XCloseDisplay(rdpy_ctrl);
+			XCloseDisplay_wr(rdpy_ctrl);
 			rdpy_ctrl = NULL;
 			use_xrecord = 0;
 			return;

x11vnc/xwrappers.c

@@ -68,6 +68,10 @@ void disable_grabserver(Display *in_dpy, int change);
 
 Bool XRecordQueryVersion_wr(Display *dpy, int *maj, int *min);
 
+int xauth_raw(int on);
+Display *XOpenDisplay_wr(char *display_name);
+int XCloseDisplay_wr(Display *display);
+
 void copy_raw_fb(XImage *dest, int x, int y, unsigned int w, unsigned int h);
 static void upup_downdown_warning(KeyCode key, Bool down);
 
@@ -879,4 +883,74 @@ Bool XRecordQueryVersion_wr(Display *dpy, int *maj, int *min) {
 #endif
 }
 
+int xauth_raw(int on) {
+	char tmp[] = "/tmp/x11vnc-xauth.XXXXXX";
+	int tmp_fd = -1;
+	static char *old_xauthority = NULL;
+	static char *old_tmp = NULL;
+	int db = 0;
+
+	if (on) {
+		if (old_xauthority) {
+			free(old_xauthority);
+			old_xauthority = NULL;
+		}
+		if (old_tmp) {
+			free(old_tmp);
+			old_tmp = NULL;
+		}
+		if (xauth_raw_data) {
+			tmp_fd = mkstemp(tmp);
+			if (tmp_fd < 0) {
+				rfbLog("could not create tmp xauth file: %s\n", tmp);	
+				return 0;
+			}
+			if (db) fprintf(stderr, "tmp: %s\n", tmp);
+			write(tmp_fd, xauth_raw_data, xauth_raw_len);
+			close(tmp_fd);
+			if (getenv("XAUTHORITY")) {
+				old_xauthority = strdup(getenv("XAUTHORITY"));
+			} else {
+				old_xauthority = strdup("");
+			}
+			set_env("XAUTHORITY", tmp);
+			old_tmp = strdup(tmp);
+		}
+		return 1;
+	} else {
+		if (old_xauthority) {
+			set_env("XAUTHORITY", old_xauthority);
+			free(old_xauthority);
+			old_xauthority = NULL;
+		}
+		if (old_tmp) {
+			unlink(old_tmp);
+			free(old_tmp);
+			old_tmp = NULL;
+		}
+		return 1;
+	}
+}
+
+Display *XOpenDisplay_wr(char *display_name) {
+	Display *d;
+	int db = 0;
+
+	if (! xauth_raw(1)) {
+		return NULL;
+	}
+
+	d = XOpenDisplay(display_name);
+	if (db) fprintf(stderr, "XOpenDisplay_wr: %s  0x%x\n", display_name, d);
+
+	xauth_raw(0);
+
+	return d;
+}
+
+int XCloseDisplay_wr(Display *display) {
+	int db = 0;
+	if (db) fprintf(stderr, "XCloseDisplay_wr: 0x%x\n", display);
+	return XCloseDisplay(display);
+}
 

x11vnc/xwrappers.h

@@ -68,4 +68,8 @@ extern void disable_grabserver(Display *in_dpy, int change);
 
 extern Bool XRecordQueryVersion_wr(Display *dpy, int *maj, int *min);
 
+extern int xauth_raw(int on);
+extern Display *XOpenDisplay_wr(char *display_name);
+extern int XCloseDisplay_wr(Display *display);
+
 #endif /* _X11VNC_XWRAPPERS_H */