Skip to content

L
libvncserver
Commit 4dbc5d5a authored by runge's avatar runge
Browse files
Options

x11vnc: -http_oneport for single port HTTP and VNC. Improve find_display wrt lsof blocking with -b.

parent 8938cda1
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 2009 additions and 1725 deletions
prepare_x11vnc_dist.sh
View file @ 4dbc5d5a
#!/bin/bash
VERSION="0.9.5"
VERSION="0.9.6"
cd "$(dirname "$0")"
......
x11vnc/ChangeLog
View file @ 4dbc5d5a
2008-10-29 Karl Runge <runge@karlrunge.com>
* x11vnc: -http_oneport for single port HTTP and VNC.
Improve find_display wrt lsof blocking with -b.
2008-10-19 Karl Runge <runge@karlrunge.com>
* x11vnc: -chatwindow for chat window on X console using SSVNC
as a helper. Print suggestion for X_ShmAttach failure.
......
x11vnc/README
View file @ 4dbc5d5a
This diff is collapsed.
x11vnc/help.c
View file @ 4dbc5d5a
......@@ -1732,7 +1732,8 @@ void print_help(int mode) {
" Use this option if you do not want to deal with SSL\n"
" certificates for authentication and do not want to\n"
" use SSH but want some encryption for your VNC session.\n"
" Or if you must interface with some symmetric key tunnel.\n"
" Or if you must interface with a symmetric key tunnel\n"
" that you do not have control over.\n"
"\n"
" Note that this mode will NOT work with the UltraVNC DSM\n"
" plugins because they alter the RFB protocol in addition\n"
......@@ -1865,6 +1866,36 @@ void print_help(int mode) {
" to include the PORT= in the browser URL, simply supply\n"
" \"-httpsredir\" to x11vnc.\n"
"\n"
"-http_oneport For un-encrypted connections mode (i.e. no -ssl,\n"
" -stunnel, or -enc options), allow the Java VNC Viewer\n"
" applet to be downloaded thru the VNC port via HTTP.\n"
"\n"
" That is to say, you can use a single port for Java\n"
" applet viewer connections by using a URL in your web\n"
" browser like this, for example:\n"
"\n"
" http://hostname:5900\n"
"\n"
" The regular, two-port mode, URL http://hostname:5800\n"
" will continue to work as well.\n"
"\n"
" As mentioned above, this mode will NOT work with\n"
" the -ssl, -stunnel, or -enc encryption options.\n"
" Note that is it equivalent to '-enc none' (i.e. it\n"
" uses the same detection mechanism as for HTTPS, but\n"
" with no encryption.)\n"
"\n"
" HTTPS single-port is on by default in -ssl encrypted\n"
" mode (and -enc too), so you only need -http_oneport\n"
" when doing non-SSL encrypted connections.\n"
"\n"
" This mode could also be useful for SSH tunnels since\n"
" it means only one port needs to be redirected.\n"
"\n"
" The -httpsredir option may also be useful for this\n"
" mode when using an SSH tunnel as well as for router\n"
" port redirections.\n"
"\n"
#endif
"-ssh user@host:disp Create a remote listening port on machine \"host\"\n"
" via a SSH tunnel using the -R rport:localhost:lport\n"
......
x11vnc/nox11.h
View file @ 4dbc5d5a
......@@ -6663,3 +6663,9 @@ extern XIOErrorHandler XSetIOErrorHandler (
XIOErrorHandler /* handler */
);
#define X_ShmQueryVersion 0
#define X_ShmAttach 1
#define X_ShmDetach 2
#define X_ShmPutImage 3
#define X_ShmGetImage 4
#define X_ShmCreatePixmap 5
x11vnc/remote.c
View file @ 4dbc5d5a
......@@ -333,13 +333,13 @@ int check_httpdir(void) {
len = strlen(prog) + 21 + 1;
*q = '\0';
httpdir = (char *) malloc(len);
if (use_openssl || use_stunnel || http_ssl) {
if (!enc_str && (use_openssl || use_stunnel || http_ssl)) {
snprintf(httpdir, len, "%s/../share/x11vnc/classes/ssl", prog);
} else {
snprintf(httpdir, len, "%s/../share/x11vnc/classes", prog);
}
if (stat(httpdir, &sbuf) != 0) {
if (use_openssl || use_stunnel || http_ssl) {
if (!enc_str && (use_openssl || use_stunnel || http_ssl)) {
snprintf(httpdir, len, "%s/../classes/ssl", prog);
} else {
snprintf(httpdir, len, "%s/../classes", prog);
......@@ -367,7 +367,7 @@ int check_httpdir(void) {
"/usr/share/x11vnc/classes/ssl",
NULL
};
if (use_openssl || use_stunnel || http_ssl) {
if (!enc_str && (use_openssl || use_stunnel || http_ssl)) {
use = ssllist;
} else {
use = list;
......
x11vnc/screen.c
View file @ 4dbc5d5a
......@@ -3101,7 +3101,9 @@ void announce(int lport, int ssl, char *iface) {
if (! ssl) {
tvdt = "The VNC desktop is: ";
} else {
if (enc_str) {
if (enc_str && !strcmp(enc_str, "none")) {
tvdt = "The VNC desktop is: ";
} else if (enc_str) {
tvdt = "The ENC VNC desktop is: ";
} else {
tvdt = "The SSL VNC desktop is: ";
......@@ -3156,7 +3158,9 @@ static void announce_http(int lport, int ssl, char *iface) {
char *host = this_host();
char *jvu;
if (ssl == 1) {
if (enc_str && !strcmp(enc_str, "none")) {
jvu = "Java viewer URL: http";
} else if (ssl == 1) {
jvu = "Java SSL viewer URL: https";
} else if (ssl == 2) {
jvu = "Java SSL viewer URL: http";
......@@ -3170,6 +3174,9 @@ static void announce_http(int lport, int ssl, char *iface) {
if (host != NULL) {
if (! inetd) {
fprintf(stderr, "%s://%s:%d/\n", jvu, host, lport);
if (screen && enc_str && !strcmp(enc_str, "none")) {
fprintf(stderr, "%s://%s:%d/\n", jvu, host, screen->port);
}
}
}
}
......@@ -3187,7 +3194,9 @@ void set_vnc_desktop_name(void) {
rfbLog("\n");
rfbLog("The URLs printed out below ('Java ... viewer URL') can\n");
rfbLog("be used for Java enabled Web browser connections.\n");
if (use_openssl || stunnel_port) {
if (enc_str && !strcmp(enc_str, "none")) {
;
} else if (use_openssl || stunnel_port) {
rfbLog("Here are some additional possibilities:\n");
rfbLog("\n");
rfbLog("https://host:port/proxy.vnc (MUST be used if Web Proxy used)\n");
......@@ -3213,7 +3222,11 @@ void set_vnc_desktop_name(void) {
}
if (screen->httpListenSock > -1 && screen->httpPort) {
if (use_openssl) {
announce_http(screen->port, 1, listen_str);
if (enc_str && !strcmp(enc_str, "none")) {
;
} else {
announce_http(screen->port, 1, listen_str);
}
if (https_port_num >= 0) {
announce_http(https_port_num, 1,
listen_str);
......@@ -3234,7 +3247,9 @@ void set_vnc_desktop_name(void) {
if (stunnel_port) {
fprintf(stdout, "SSLPORT=%d\n", stunnel_port);
} else if (use_openssl) {
if (enc_str) {
if (enc_str && !strcmp(enc_str, "none")) {
;
} else if (enc_str) {
fprintf(stdout, "ENCPORT=%d\n", screen->port);
} else {
fprintf(stdout, "SSLPORT=%d\n", screen->port);
......
x11vnc/sslhelper.c
View file @ 4dbc5d5a
......@@ -1153,7 +1153,7 @@ if (db) fprintf(stderr, "tv_sec: %d - %s\n", (int) tv.tv_sec, last_get);
}
#define ABSIZE 16384
static int watch_for_http_traffic(char *buf_a, int *n_a) {
static int watch_for_http_traffic(char *buf_a, int *n_a, int raw_sock) {
int is_http, err, n, n2;
char *buf;
int db = 0;
......@@ -1174,8 +1174,13 @@ static int watch_for_http_traffic(char *buf_a, int *n_a) {
buf = (char *) calloc((ABSIZE+1), 1);
*n_a = 0;
n = SSL_read(ssl, buf, 2);
err = SSL_get_error(ssl, n);
if (enc_str && !strcmp(enc_str, "none")) {
n = read(raw_sock, buf, 2);
err = SSL_ERROR_NONE;
} else {
n = SSL_read(ssl, buf, 2);
err = SSL_get_error(ssl, n);
}
if (err != SSL_ERROR_NONE || n < 2) {
if (n > 0) {
......@@ -1204,7 +1209,11 @@ static int watch_for_http_traffic(char *buf_a, int *n_a) {
* in ssl_xfer().
*/
n2 = SSL_read(ssl, buf + n, ABSIZE - n);
if (enc_str && !strcmp(enc_str, "none")) {
n2 = read(raw_sock, buf + n, ABSIZE - n);
} else {
n2 = SSL_read(ssl, buf + n, ABSIZE - n);
}
if (n2 >= 0) {
n += n2;
}
......@@ -1663,7 +1672,7 @@ void accept_openssl(int mode, int presock) {
if (db) fprintf(stderr, "watch_for_http_traffic\n");
is_http = watch_for_http_traffic(buf, &n);
is_http = watch_for_http_traffic(buf, &n, s_in);
if (is_http < 0 || is_http == 0) {
/*
......@@ -1707,7 +1716,7 @@ void accept_openssl(int mode, int presock) {
if (n > 0) {
ptr += n;
}
if (db) fprintf(stderr, "buf2: '%s'\n", buf2);
if (db) fprintf(stderr, "buf2: '%s'\n", buf2);
if (strstr(buf2, "\r\n\r\n")) {
break;
......@@ -1807,7 +1816,7 @@ void accept_openssl(int mode, int presock) {
write(vncsock, tbuf, strlen(tbuf));
usleep(150*1000);
if (db) fprintf(stderr, "close vncsock: %d\n", vncsock);
if (db) fprintf(stderr, "close vncsock: %d\n", vncsock);
close(vncsock);
/* now, finally, connect to the libvncserver httpd: */
......@@ -1822,7 +1831,7 @@ if (db) fprintf(stderr, "close vncsock: %d\n", vncsock);
if (iface == NULL || !strcmp(iface, "")) {
iface = "127.0.0.1";
}
if (db) fprintf(stderr, "iface: %s\n", iface);
if (db) fprintf(stderr, "iface: %s:%d\n", iface, hport);
usleep(150*1000);
httpsock = rfbConnectToTcpAddr(iface, hport);
......@@ -1840,6 +1849,7 @@ if (db) fprintf(stderr, "iface: %s\n", iface);
* the rest of the SSL session to it:
*/
if (n > 0) {
if (db) fprintf(stderr, "sending http buffer httpsock: %d\n'%s'\n", httpsock, buf);
write(httpsock, buf, n);
}
ssl_xfer(httpsock, s_in, s_out, is_http);
......@@ -2288,7 +2298,13 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) {
return;
}
if (enc_str != NULL) {
symmetric_encryption_xfer(csock, s_in, s_out);
if (!strcmp(enc_str, "none")) {
usleep(250*1000);
rfbLog("doing '-enc none' raw transfer (no encryption)\n");
raw_xfer(csock, s_in, s_out);
} else {
symmetric_encryption_xfer(csock, s_in, s_out);
}
return;
}
if (getenv("SSL_DEBUG")) {
......@@ -2772,8 +2788,11 @@ void raw_xfer(int csock, int s_in, int s_out) {
if (pid < 0) {
exit(1);
}
if (getenv("X11VNC_DEBUG_RAW_XFER")) {
db = atoi(getenv("X11VNC_DEBUG_RAW_XFER"));
}
if (pid) {
if (db) fprintf(stderr, "raw_xfer start: %d -> %d/%d\n", csock, s_in, s_out);
if (db) rfbLog("raw_xfer start: %d -> %d/%d\n", csock, s_in, s_out);
while (1) {
n = read(csock, buf, sz);
......@@ -2793,7 +2812,7 @@ void raw_xfer(int csock, int s_in, int s_out) {
if (m < 0 && (errno == EINTR || errno == EAGAIN)) {
continue;
}
if (db) fprintf(stderr, "raw_xfer bad write: %d -> %d | %d/%d errno=%d\n", csock, s_out, m, n, errno);
if (db) rfbLog("raw_xfer bad write: %d -> %d | %d/%d errno=%d\n", csock, s_out, m, n, errno);
break;
}
}
......@@ -2801,10 +2820,11 @@ if (db) fprintf(stderr, "raw_xfer bad write: %d -> %d | %d/%d errno=%d\n", cso
usleep(250*1000);
kill(pid, SIGTERM);
waitpid(pid, &status, WNOHANG);
if (db) fprintf(stderr, "raw_xfer done: %d -> %d\n", csock, s_out);
if (db) rfbLog("raw_xfer done: %d -> %d\n", csock, s_out);
} else {
if (db) fprintf(stderr, "raw_xfer start: %d <- %d\n", csock, s_in);
if (db) usleep(50*1000);
if (db) rfbLog("raw_xfer start: %d <- %d\n", csock, s_in);
while (1) {
n = read(s_in, buf, sz);
......@@ -2824,7 +2844,7 @@ if (db) fprintf(stderr, "raw_xfer bad write: %d -> %d | %d/%d errno=%d\n", cso
if (m < 0 && (errno == EINTR || errno == EAGAIN)) {
continue;
}
if (db) fprintf(stderr, "raw_xfer bad write: %d <- %d | %d/%d errno=%d\n", csock, s_in, m, n, errno);
if (db) rfbLog("raw_xfer bad write: %d <- %d | %d/%d errno=%d\n", csock, s_in, m, n, errno);
break;
}
}
......@@ -2832,7 +2852,7 @@ if (db) fprintf(stderr, "raw_xfer bad write: %d -> %d | %d/%d errno=%d\n", cso
usleep(250*1000);
kill(par, SIGTERM);
waitpid(par, &status, WNOHANG);
if (db) fprintf(stderr, "raw_xfer done: %d <- %d\n", csock, s_in);
if (db) rfbLog("raw_xfer done: %d <- %d\n", csock, s_in);
}
close(csock);
close(s_in);
......
x11vnc/ssltools.h
View file @ 4dbc5d5a
......@@ -802,7 +802,7 @@ char find_display[] =
" # otherwise try lsof:\n"
" pvt=`ps wwwwwaux | grep X | egrep -v 'startx|xinit' | egrep \" $d4 \" | head -n 1 | awk '{print $2}'`\n"
" if [ \"X$pvt\" != \"X\" ]; then\n"
" vt=`lsof -p \"$pvt\" 2>/dev/null | egrep '/dev/tty([789]|[1-9][0-9][0-9]*)$' | grep -v grep | head -n 1 | awk '{print $NF}' | sed -e 's,/dev/tty,,'`\n"
" vt=`lsof -b -p \"$pvt\" 2>/dev/null | egrep '/dev/tty([789]|[1-9][0-9][0-9]*)$' | grep -v grep | head -n 1 | awk '{print $NF}' | sed -e 's,/dev/tty,,'`\n"
" if echo \"$vt\" | grep '^[0-9][0-9]*$' > /dev/null; then\n"
" chvt0=\",VT=$vt\"\n"
" else\n"
......
x11vnc/x11vnc.1
View file @ 4dbc5d5a
......@@ -2,7 +2,7 @@
.TH X11VNC "1" "October 2008" "x11vnc " "User Commands"
.SH NAME
x11vnc - allow VNC connections to real X11 displays
version: 0.9.5, lastmod: 2008-10-18
version: 0.9.6, lastmod: 2008-10-29
.SH SYNOPSIS
.B x11vnc
[OPTION]...
......@@ -1953,7 +1953,8 @@ session keys and is more compatible with other software.
Use this option if you do not want to deal with SSL
certificates for authentication and do not want to
use SSH but want some encryption for your VNC session.
Or if you must interface with some symmetric key tunnel.
Or if you must interface with a symmetric key tunnel
that you do not have control over.
.IP
Note that this mode will NOT work with the UltraVNC DSM
plugins because they alter the RFB protocol in addition
......@@ -2091,6 +2092,38 @@ https://mygateway.com:8000/?PORT=8000. To avoid having
to include the PORT= in the browser URL, simply supply
"\fB-httpsredir\fR" to x11vnc.
.PP
\fB-http_oneport\fR
.IP
For un-encrypted connections mode (i.e. no \fB-ssl,\fR
\fB-stunnel,\fR or \fB-enc\fR options), allow the Java VNC Viewer
applet to be downloaded thru the VNC port via HTTP.
.IP
That is to say, you can use a single port for Java
applet viewer connections by using a URL in your web
browser like this, for example:
.IP
http://hostname:5900
.IP
The regular, two-port mode, URL http://hostname:5800
will continue to work as well.
.IP
As mentioned above, this mode will NOT work with
the \fB-ssl,\fR \fB-stunnel,\fR or \fB-enc\fR encryption options.
Note that is it equivalent to '-enc none' (i.e. it
uses the same detection mechanism as for HTTPS, but
with no encryption.)
.IP
HTTPS single-port is on by default in \fB-ssl\fR encrypted
mode (and \fB-enc\fR too), so you only need \fB-http_oneport\fR
when doing non-SSL encrypted connections.
.IP
This mode could also be useful for SSH tunnels since
it means only one port needs to be redirected.
.IP
The \fB-httpsredir\fR option may also be useful for this
mode when using an SSH tunnel as well as for router
port redirections.
.PP
\fB-ssh\fR \fIuser@host:disp\fR
.IP
Create a remote listening port on machine "host"
......
x11vnc/x11vnc.c
View file @ 4dbc5d5a
......@@ -1800,6 +1800,7 @@ int main(int argc, char* argv[]) {
int got_rfbwait = 0;
int got_httpdir = 0, try_http = 0;
int orig_use_xdamage = use_xdamage;
int http_oneport_msg = 0;
XImage *fb0 = NULL;
int ncache_msg = 0;
......@@ -2362,6 +2363,12 @@ int main(int argc, char* argv[]) {
enc_str = strdup(argv[++i]);
continue;
}
if (!strcmp(arg, "-http_oneport")) {
http_oneport_msg = 1;
use_openssl = 1;
enc_str = strdup("none");
continue;
}
if (!strcmp(arg, "-ssltimeout")) {
CHECK_ARGC
ssl_timeout_secs = atoi(argv[++i]);
......@@ -3643,6 +3650,9 @@ int main(int argc, char* argv[]) {
}
if (! quiet && ! inetd) {
int i;
if (http_oneport_msg) {
rfbLog("setting '-enc none' for -http_oneport mode.\n");
}
for (i=1; i < argc_vnc; i++) {
rfbLog("passing arg to libvncserver: %s\n", argv_vnc[i]);
if (!strcmp(argv_vnc[i], "-passwd")) {
......@@ -4620,11 +4630,13 @@ if (0) fprintf(stderr, "XA: %s\n", getenv("XAUTHORITY"));
#endif
}
} else {
#if !NO_X11
int op, ev, er;
if (XQueryExtension(dpy, "MIT-SHM", &op, &ev, &er)) {
xshm_opcode = op;
if (0) fprintf(stderr, "xshm_opcode: %d %d %d\n", op, ev, er);
}
#endif
}
#if LIBVNCSERVER_HAVE_XKEYBOARD
......
x11vnc/x11vnc_defs.c
View file @ 4dbc5d5a
......@@ -15,7 +15,7 @@ int xtrap_base_event_type = 0;
int xdamage_base_event_type = 0;
/* date +'lastmod: %Y-%m-%d' */
char lastmod[] = "0.9.5 lastmod: 2008-10-18";
char lastmod[] = "0.9.6 lastmod: 2008-10-29";
/* X display info */
......
x11vnc/xevents.c
View file @ 4dbc5d5a
......@@ -1508,6 +1508,7 @@ static void try_local_chat_window(void) {
int i, port, lsock;
char cmd[100];
struct sockaddr_in addr;
pid_t pid = -1;
#ifdef __hpux
int addrlen = sizeof(addr);
#else
......@@ -1532,7 +1533,9 @@ static void try_local_chat_window(void) {
sprintf(cmd, "ssvnc -cmd VNC://localhost:%d -chatonly", port);
pid_t pid = fork();
#if LIBVNCSERVER_HAVE_FORK
pid = fork();
#endif
if (pid == -1) {
perror("fork");
......@@ -1542,14 +1545,19 @@ static void try_local_chat_window(void) {
int d;
args[0] = "/bin/sh";
args[1] = "-c";
/* "ssvnc -cmd VNC://fd=0 -chatonly"; */
/* "ssvnc -cmd VNC://fd=0 -chatonly"; not working */
args[2] = cmd;
args[3] = NULL;
set_env("VNCVIEWER_PASSWORD", "moo");
#if !NO_X11
if (dpy != NULL) {
set_env("DISPLAY", DisplayString(dpy));
}
#endif
for (d = 3; d < 256; d++) {
close(d);
}
set_env("VNCVIEWER_PASSWORD", "moo");
execvp(args[0], args);
perror("exec");
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment