Commit 8bef644d authored by runge's avatar runge

x11vnc: 0.9.6 release. Some strtok bugfixes. rename -tlsvnc

to -anontls.  Disable ssl caching.  No cert creation prompting
in inetd or bg modes.  waitpid a bit more carefully on ssl
helpers.  Tune ssl initial timeouts.  Let -create user specify
starting X display.  fix -rfbport prompt gui for older tk.
-sslonly option. Error if no -ssl with related options. -rand
option.  -ssl implies -ssl SAVE
parent e6819291
2008-12-10 Karl Runge <runge@karlrunge.com>
* x11vnc: 0.9.6 release. Some strtok bugfixes. rename -tlsvnc
to -anontls. Disable ssl caching. No cert creation prompting
in inetd or bg modes. waitpid a bit more carefully on ssl
helpers. Tune ssl initial timeouts. Let -create user specify
starting X display. fix -rfbport prompt gui for older tk.
-sslonly option. Error if no -ssl with related options. -rand
option. -ssl implies -ssl SAVE
2008-11-22 Karl Runge <runge@karlrunge.com> 2008-11-22 Karl Runge <runge@karlrunge.com>
* x11vnc: x11vnc.desktop file. -reopen, -dhparams, -sslCRL, * x11vnc: x11vnc.desktop file. -reopen, -dhparams, -sslCRL,
-setdefer options. -rfbport PROMPT VeNCrypt and TLSVNC SSL/TLS -setdefer options. -rfbport PROMPT VeNCrypt and TLSVNC SSL/TLS
......
This diff is collapsed.
...@@ -2338,6 +2338,7 @@ static int do_reverse_connect(char *str_in) { ...@@ -2338,6 +2338,7 @@ static int do_reverse_connect(char *str_in) {
write(vncsock, prestring, prestring_len); write(vncsock, prestring, prestring_len);
free(prestring); free(prestring);
} }
/* XXX use header */
#define OPENSSL_REVERSE 4 #define OPENSSL_REVERSE 4
openssl_init(1); openssl_init(1);
accept_openssl(OPENSSL_REVERSE, vncsock); accept_openssl(OPENSSL_REVERSE, vncsock);
...@@ -2345,6 +2346,7 @@ static int do_reverse_connect(char *str_in) { ...@@ -2345,6 +2346,7 @@ static int do_reverse_connect(char *str_in) {
free(host); free(host);
return 1; return 1;
} }
if (use_stunnel) { if (use_stunnel) {
if(strcmp(host, "localhost") && strcmp(host, "127.0.0.1")) { if(strcmp(host, "localhost") && strcmp(host, "127.0.0.1")) {
if (!getenv("STUNNEL_DISABLE_LOCALHOST")) { if (!getenv("STUNNEL_DISABLE_LOCALHOST")) {
...@@ -2427,20 +2429,31 @@ void reverse_connect(char *str) { ...@@ -2427,20 +2429,31 @@ void reverse_connect(char *str) {
int sleep_min = 1500, sleep_max = 4500, n_max = 5; int sleep_min = 1500, sleep_max = 4500, n_max = 5;
int n, tot, t, dt = 100, cnt = 0; int n, tot, t, dt = 100, cnt = 0;
int nclients0 = client_count; int nclients0 = client_count;
int lcnt, j;
char **list;
if (unixpw_in_progress) return; if (unixpw_in_progress) return;
tmp = strdup(str); tmp = strdup(str);
list = (char **) calloc( (strlen(tmp)+2) * sizeof (char *), 1);
lcnt = 0;
p = strtok(tmp, ", \t\r\n"); p = strtok(tmp, ", \t\r\n");
while (p) { while (p) {
list[lcnt++] = strdup(p);
p = strtok(NULL, ", \t\r\n");
}
free(tmp);
for (j = 0; j < lcnt; j++) {
p = list[j];
if ((n = do_reverse_connect(p)) != 0) { if ((n = do_reverse_connect(p)) != 0) {
rfbPE(-1); rfbPE(-1);
} }
cnt += n; cnt += n;
if (list[j+1] != NULL) {
p = strtok(NULL, ", \t\r\n");
if (p) {
t = 0; t = 0;
while (t < sleep_between_host) { while (t < sleep_between_host) {
usleep(dt * 1000); usleep(dt * 1000);
...@@ -2449,7 +2462,12 @@ void reverse_connect(char *str) { ...@@ -2449,7 +2462,12 @@ void reverse_connect(char *str) {
} }
} }
} }
free(tmp);
for (j = 0; j < lcnt; j++) {
p = list[j];
if (p) free(p);
}
free(list);
if (cnt == 0) { if (cnt == 0) {
if (connect_or_exit) { if (connect_or_exit) {
...@@ -2739,6 +2757,9 @@ void check_gui_inputs(void) { ...@@ -2739,6 +2757,9 @@ void check_gui_inputs(void) {
for (i=0; i<n; i++) { for (i=0; i<n; i++) {
int k, fd = icon_mode_socks[socks[i]]; int k, fd = icon_mode_socks[socks[i]];
char *p; char *p;
char **list;
int lind;
if (! FD_ISSET(fd, &fds)) { if (! FD_ISSET(fd, &fds)) {
continue; continue;
} }
...@@ -2752,8 +2773,18 @@ void check_gui_inputs(void) { ...@@ -2752,8 +2773,18 @@ void check_gui_inputs(void) {
continue; continue;
} }
list = (char **) calloc((strlen(buf)+2) * sizeof(char *), 1);
lind = 0;
p = strtok(buf, "\r\n"); p = strtok(buf, "\r\n");
while (p) { while (p) {
list[lind++] = strdup(p);
p = strtok(NULL, "\r\n");
}
lind = 0;
while (list[lind] != NULL) {
p = list[lind++];
if (strstr(p, "cmd=") == p || if (strstr(p, "cmd=") == p ||
strstr(p, "qry=") == p) { strstr(p, "qry=") == p) {
char *str = process_remote_cmd(p, 1); char *str = process_remote_cmd(p, 1);
...@@ -2769,8 +2800,14 @@ void check_gui_inputs(void) { ...@@ -2769,8 +2800,14 @@ void check_gui_inputs(void) {
break; break;
} }
} }
p = strtok(NULL, "\r\n");
} }
lind = 0;
while (list[lind] != NULL) {
p = list[lind++];
if (p) free(p);
}
free(list);
} }
} }
......
This diff is collapsed.
...@@ -34,7 +34,7 @@ char *enc_str = NULL; ...@@ -34,7 +34,7 @@ char *enc_str = NULL;
int vencrypt_mode = VENCRYPT_SUPPORT; int vencrypt_mode = VENCRYPT_SUPPORT;
int vencrypt_kx = VENCRYPT_BOTH; int vencrypt_kx = VENCRYPT_BOTH;
int vencrypt_enable_plain_login = 0; int vencrypt_enable_plain_login = 0;
int tlsvnc_mode = TLSVNC_SUPPORT; int anontls_mode = ANONTLS_SUPPORT;
int create_fresh_dhparams = 0; int create_fresh_dhparams = 0;
char *dhparams_file = NULL; char *dhparams_file = NULL;
int https_port_num = -1; int https_port_num = -1;
......
...@@ -34,7 +34,7 @@ extern char *enc_str; ...@@ -34,7 +34,7 @@ extern char *enc_str;
extern int vencrypt_mode; extern int vencrypt_mode;
extern int vencrypt_kx; extern int vencrypt_kx;
extern int vencrypt_enable_plain_login; extern int vencrypt_enable_plain_login;
extern int tlsvnc_mode; extern int anontls_mode;
extern int create_fresh_dhparams; extern int create_fresh_dhparams;
extern char *dhparams_file; extern char *dhparams_file;
extern int https_port_num; extern int https_port_num;
......
...@@ -63,9 +63,9 @@ ...@@ -63,9 +63,9 @@
#define VENCRYPT_NODH 1 #define VENCRYPT_NODH 1
#define VENCRYPT_NOX509 2 #define VENCRYPT_NOX509 2
#define TLSVNC_NONE 0 #define ANONTLS_NONE 0
#define TLSVNC_SUPPORT 1 #define ANONTLS_SUPPORT 1
#define TLSVNC_SOLE 2 #define ANONTLS_SOLE 2
#define TLSVNC_FORCE 3 #define ANONTLS_FORCE 3
#endif /* _X11VNC_PARAMS_H */ #endif /* _X11VNC_PARAMS_H */
...@@ -327,6 +327,7 @@ int check_httpdir(void) { ...@@ -327,6 +327,7 @@ int check_httpdir(void) {
if ((q = strrchr(prog, '/')) == NULL) { if ((q = strrchr(prog, '/')) == NULL) {
rfbLog("check_httpdir: bad program path: %s\n", prog); rfbLog("check_httpdir: bad program path: %s\n", prog);
free(prog); free(prog);
rfbLog("check_httpdir: *HTTP disabled* Use -httpdir path\n");
return 0; return 0;
} }
...@@ -383,6 +384,7 @@ int check_httpdir(void) { ...@@ -383,6 +384,7 @@ int check_httpdir(void) {
rfbLog("check_httpdir: bad guess:\n"); rfbLog("check_httpdir: bad guess:\n");
rfbLog(" %s\n", httpdir); rfbLog(" %s\n", httpdir);
rfbLog("check_httpdir: *HTTP disabled* Use -httpdir path\n");
return 0; return 0;
} }
} }
......
This diff is collapsed.
...@@ -394,7 +394,7 @@ char genCert[] = ...@@ -394,7 +394,7 @@ char genCert[] =
" else\n" " else\n"
" echo \"the key and pretend to be your VNC client. The downside is it is\"\n" " echo \"the key and pretend to be your VNC client. The downside is it is\"\n"
" fi\n" " fi\n"
" echo \"inconvenient because you will have to supply the passphrase every\"\n" " echo \"inconvenient because you will need to supply the passphrase EVERY\"\n"
" if [ \"x$type\" = \"xserver\" ]; then\n" " if [ \"x$type\" = \"xserver\" ]; then\n"
" echo \"time you start x11vnc using this key.\"\n" " echo \"time you start x11vnc using this key.\"\n"
" else\n" " else\n"
...@@ -402,9 +402,24 @@ char genCert[] = ...@@ -402,9 +402,24 @@ char genCert[] =
" fi\n" " fi\n"
" echo \"\"\n" " echo \"\"\n"
" if [ \"X$GENCERT_NOPROMPT\" = \"X\" ]; then\n" " if [ \"X$GENCERT_NOPROMPT\" = \"X\" ]; then\n"
" printf \"Protect key with a passphrase? [y]/n \"\n" " x=\"\"\n"
" for tp in 1 2 3\n"
" do\n"
" printf \"Protect key with a passphrase? y/n \"\n"
" read x\n" " read x\n"
" x=`echo \"$x\" | tr 'A-Z' 'a-z' | sed -e 's/[ ]//g'`\n"
" if [ \"X$x\" = \"Xy\" -o \"X$x\" = \"Xn\" ]; then\n"
" break;\n"
" else \n"
" echo \"Please reply with \\\"y\\\" or \\\"n\\\".\"\n"
" fi\n"
" done\n"
" if [ \"X$x\" != \"Xy\" -a \"X$x\" != \"Xn\" ]; then\n"
" echo \"Assuming reply \\\"n\\\".\"\n"
" x=n\n"
" fi\n"
" else\n" " else\n"
" echo \"NOT protecting private key with passphrase.\"\n"
" x=n\n" " x=n\n"
" fi\n" " fi\n"
" estr=\" *unencrypted*\"\n" " estr=\" *unencrypted*\"\n"
...@@ -1273,12 +1288,17 @@ char create_display[] = ...@@ -1273,12 +1288,17 @@ char create_display[] =
"\n" "\n"
"findfree() {\n" "findfree() {\n"
" try=20\n" " try=20\n"
" sry=99\n"
" if [ \"X$X11VNC_CREATE_STARTING_DISPLAY_NUMBER\" != \"X\" ]; then\n"
" try=$X11VNC_CREATE_STARTING_DISPLAY_NUMBER\n"
" sry=`expr $try + 99`\n"
" fi\n"
" n=\"\"\n" " n=\"\"\n"
" nsout=\"\"\n" " nsout=\"\"\n"
" if [ \"X$have_netstat\" != \"X\" ]; then\n" " if [ \"X$have_netstat\" != \"X\" ]; then\n"
" nsout=`$have_netstat -an`\n" " nsout=`$have_netstat -an`\n"
" fi\n" " fi\n"
" while [ $try -lt 99 ]\n" " while [ $try -lt $sry ]\n"
" do\n" " do\n"
" if [ ! -f \"/tmp/.X${try}-lock\" ]; then\n" " if [ ! -f \"/tmp/.X${try}-lock\" ]; then\n"
" if echo \"$nsout\" | grep \"/tmp/.X11-unix/X${try}[ ]*\\$\" > /dev/null; then\n" " if echo \"$nsout\" | grep \"/tmp/.X11-unix/X${try}[ ]*\\$\" > /dev/null; then\n"
...@@ -1517,6 +1537,7 @@ char create_display[] = ...@@ -1517,6 +1537,7 @@ char create_display[] =
" sess=\"env $sess\"\n" " sess=\"env $sess\"\n"
" fi\n" " fi\n"
" redir_daemon=`echo \"$redir_daemon\" | sed -e 's/^,*//'`\n" " redir_daemon=`echo \"$redir_daemon\" | sed -e 's/^,*//'`\n"
" echo \"redir_daemon=$redir_daemon\" 1>&2\n"
"}\n" "}\n"
"\n" "\n"
"rchk() {\n" "rchk() {\n"
...@@ -1730,12 +1751,13 @@ char create_display[] = ...@@ -1730,12 +1751,13 @@ char create_display[] =
"# fi\n" "# fi\n"
"\n" "\n"
" if [ \"X$redir_daemon\" != \"X\" -a \"X$result\" = \"X1\" ]; then\n" " if [ \"X$redir_daemon\" != \"X\" -a \"X$result\" = \"X1\" ]; then\n"
" redir_daemon=`echo \"$redir_daemon\" | sed -e 's|[^A-z0-9:,/]||g'`\n" " redir_daemon=`echo \"$redir_daemon\" | sed -e 's/[~!$&*()|;?<>\"]//g' -e \"s/'//g\"`\n"
" xprog=$X11VNC_PROG\n" " xprog=$X11VNC_PROG\n"
" if [ \"X$xprog\" = \"X\" ]; then\n" " if [ \"X$xprog\" = \"X\" ]; then\n"
" xprog=x11vnc\n" " xprog=x11vnc\n"
" fi\n" " fi\n"
" $have_nohup sh -c \"$xprog -sleepin 10 -auth $authfile -tsd $redir_daemon\" 2>.tsd.log.$USER 1>&2 &\n" " echo \"running: $xprog -sleepin 10 -auth $authfile -tsd '$redir_daemon'\" 1>&2\n"
" $have_nohup sh -c \"$xprog -sleepin 10 -auth $authfile -tsd '$redir_daemon' &\" 2>.tsd.log.$USER 1>&2 &\n"
" fi\n" " fi\n"
"}\n" "}\n"
"\n" "\n"
......
...@@ -414,6 +414,7 @@ Tuning ...@@ -414,6 +414,7 @@ Tuning
grow: grow:
fuzz: fuzz:
wait_ui: wait_ui:
setdefer:
nowait_bog nowait_bog
slow_fb: slow_fb:
xrefresh: xrefresh:
...@@ -6461,7 +6462,10 @@ proc do_port_prompt {} { ...@@ -6461,7 +6462,10 @@ proc do_port_prompt {} {
vncviewer $hn:1 vncviewer $hn:1
etc. etc.
You may also set some additional parameters: Your firewall may block incoming connections to TCP ports;
if it does you may need to reconfigure it.
You can also set some additional parameters:
- Enable SSL encryption. - Enable SSL encryption.
(requires an SSL enabled vncviewer, such as SSVNC) (requires an SSL enabled vncviewer, such as SSVNC)
...@@ -6477,9 +6481,24 @@ proc do_port_prompt {} { ...@@ -6477,9 +6481,24 @@ proc do_port_prompt {} {
wm protocol . WM_DELETE_WINDOW "destroy .; exit" wm protocol . WM_DELETE_WINDOW "destroy .; exit"
wm protocol .pp WM_DELETE_WINDOW "destroy .pp; exit" wm protocol .pp WM_DELETE_WINDOW "destroy .pp; exit"
label .pp.m -text "$text" -justify left -font $ffont label .pp.m -text "$text" -relief ridge -justify left -font $ffont
global tk_version
set tkold 0
if [info exists tk_version] {
if [regexp {^8\.[0-3]$} $tk_version] {
set tkold 1
}
if [regexp {^[3-7]\.} $tk_version] {
set tkold 1
}
}
if {$tkold} {
frame .pp.f -bd 1 -relief ridge
} else {
frame .pp.f -bd 1 -relief ridge -pady 2 frame .pp.f -bd 1 -relief ridge -pady 2
}
label .pp.f.l -text "Port: " label .pp.f.l -text "Port: "
entry .pp.f.e -width 8 -textvariable port_set entry .pp.f.e -width 8 -textvariable port_set
global enable_ssl; set enable_ssl 0 global enable_ssl; set enable_ssl 0
...@@ -6495,7 +6514,11 @@ proc do_port_prompt {} { ...@@ -6495,7 +6514,11 @@ proc do_port_prompt {} {
pack .pp.f.l .pp.f.e -side left pack .pp.f.l .pp.f.e -side left
pack .pp.f.loc .pp.f.ssl -side right pack .pp.f.loc .pp.f.ssl -side right
if {$tkold} {
frame .pp.t -bd 1 -relief ridge
} else {
frame .pp.t -bd 1 -relief ridge -pady 2 frame .pp.t -bd 1 -relief ridge -pady 2
}
global file_transfer; set file_transfer "none" global file_transfer; set file_transfer "none"
if [info exists env(X11VNC_FILETRANSFER_ENABLED)] { if [info exists env(X11VNC_FILETRANSFER_ENABLED)] {
set file_transfer $env(X11VNC_FILETRANSFER_ENABLED) set file_transfer $env(X11VNC_FILETRANSFER_ENABLED)
......
...@@ -425,6 +425,7 @@ char gui_code[] = ""; ...@@ -425,6 +425,7 @@ char gui_code[] = "";
" grow:\n" " grow:\n"
" fuzz:\n" " fuzz:\n"
" wait_ui:\n" " wait_ui:\n"
" setdefer:\n"
" nowait_bog\n" " nowait_bog\n"
" slow_fb:\n" " slow_fb:\n"
" xrefresh:\n" " xrefresh:\n"
...@@ -6471,8 +6472,11 @@ char gui_code[] = ""; ...@@ -6471,8 +6472,11 @@ char gui_code[] = "";
" vncviewer $hn:0\n" " vncviewer $hn:0\n"
" vncviewer $hn:1\n" " vncviewer $hn:1\n"
" etc.\n" " etc.\n"
"\n"
" Your firewall may block incoming connections to TCP ports;\n"
" if it does you may need to reconfigure it. \n"
" \n" " \n"
" You may also set some additional parameters:\n" " You can also set some additional parameters:\n"
"\n" "\n"
" - Enable SSL encryption.\n" " - Enable SSL encryption.\n"
" (requires an SSL enabled vncviewer, such as SSVNC) \n" " (requires an SSL enabled vncviewer, such as SSVNC) \n"
...@@ -6488,9 +6492,24 @@ char gui_code[] = ""; ...@@ -6488,9 +6492,24 @@ char gui_code[] = "";
" wm protocol . WM_DELETE_WINDOW \"destroy .; exit\"\n" " wm protocol . WM_DELETE_WINDOW \"destroy .; exit\"\n"
" wm protocol .pp WM_DELETE_WINDOW \"destroy .pp; exit\"\n" " wm protocol .pp WM_DELETE_WINDOW \"destroy .pp; exit\"\n"
"\n" "\n"
" label .pp.m -text \"$text\" -justify left -font $ffont\n" " label .pp.m -text \"$text\" -relief ridge -justify left -font $ffont\n"
"\n"
" global tk_version\n"
" set tkold 0\n"
" if [info exists tk_version] {\n"
" if [regexp {^8\\.[0-3]$} $tk_version] {\n"
" set tkold 1\n"
" }\n"
" if [regexp {^[3-7]\\.} $tk_version] {\n"
" set tkold 1\n"
" }\n"
" }\n"
"\n" "\n"
" if {$tkold} {\n"
" frame .pp.f -bd 1 -relief ridge\n"
" } else {\n"
" frame .pp.f -bd 1 -relief ridge -pady 2\n" " frame .pp.f -bd 1 -relief ridge -pady 2\n"
" }\n"
" label .pp.f.l -text \"Port: \"\n" " label .pp.f.l -text \"Port: \"\n"
" entry .pp.f.e -width 8 -textvariable port_set\n" " entry .pp.f.e -width 8 -textvariable port_set\n"
" global enable_ssl; set enable_ssl 0\n" " global enable_ssl; set enable_ssl 0\n"
...@@ -6506,7 +6525,11 @@ char gui_code[] = ""; ...@@ -6506,7 +6525,11 @@ char gui_code[] = "";
" pack .pp.f.l .pp.f.e -side left\n" " pack .pp.f.l .pp.f.e -side left\n"
" pack .pp.f.loc .pp.f.ssl -side right\n" " pack .pp.f.loc .pp.f.ssl -side right\n"
"\n" "\n"
" if {$tkold} {\n"
" frame .pp.t -bd 1 -relief ridge\n"
" } else {\n"
" frame .pp.t -bd 1 -relief ridge -pady 2\n" " frame .pp.t -bd 1 -relief ridge -pady 2\n"
" }\n"
" global file_transfer; set file_transfer \"none\"\n" " global file_transfer; set file_transfer \"none\"\n"
" if [info exists env(X11VNC_FILETRANSFER_ENABLED)] {\n" " if [info exists env(X11VNC_FILETRANSFER_ENABLED)] {\n"
" set file_transfer $env(X11VNC_FILETRANSFER_ENABLED)\n" " set file_transfer $env(X11VNC_FILETRANSFER_ENABLED)\n"
......
...@@ -224,12 +224,12 @@ static char **user_list(char *user_str) { ...@@ -224,12 +224,12 @@ static char **user_list(char *user_str) {
n++; n++;
} }
} }
list = (char **) malloc((n+1)*sizeof(char *)); list = (char **) calloc((n+1)*sizeof(char *), 1);
p = strtok(user_str, ","); p = strtok(user_str, ",");
i = 0; i = 0;
while (p) { while (p) {
list[i++] = p; list[i++] = strdup(p);
p = strtok(NULL, ","); p = strtok(NULL, ",");
} }
list[i] = NULL; list[i] = NULL;
...@@ -327,6 +327,8 @@ static int lurk(char **users) { ...@@ -327,6 +327,8 @@ static int lurk(char **users) {
gid_t gid; gid_t gid;
int success = 0, dmin = -1, dmax = -1; int success = 0, dmin = -1, dmax = -1;
char *p, *logins, **u; char *p, *logins, **u;
char **list;
int lind;
if ((u = users) != NULL && *u != NULL && *(*u) == ':') { if ((u = users) != NULL && *u != NULL && *(*u) == ':') {
int len; int len;
...@@ -403,12 +405,23 @@ static int lurk(char **users) { ...@@ -403,12 +405,23 @@ static int lurk(char **users) {
logins = get_login_list(1); logins = get_login_list(1);
} }
list = (char **) calloc((strlen(logins)+2)*sizeof(char *), 1);
lind = 0;
p = strtok(logins, ","); p = strtok(logins, ",");
while (p) { while (p) {
list[lind++] = strdup(p);
p = strtok(NULL, ",");
}
free(logins);
lind = 0;
while (list[lind] != NULL) {
char *user, *name, *home, dpystr[10]; char *user, *name, *home, dpystr[10];
char *q, *t; char *q, *t;
int ok = 1, dn; int ok = 1, dn;
p = list[lind++];
t = strdup(p); /* bob:0 */ t = strdup(p); /* bob:0 */
q = strchr(t, ':'); q = strchr(t, ':');
if (! q) { if (! q) {
...@@ -442,7 +455,6 @@ static int lurk(char **users) { ...@@ -442,7 +455,6 @@ static int lurk(char **users) {
} }
if (! ok) { if (! ok) {
p = strtok(NULL, ",");
continue; continue;
} }
...@@ -464,10 +476,14 @@ static int lurk(char **users) { ...@@ -464,10 +476,14 @@ static int lurk(char **users) {
if (success) { if (success) {
break; break;
} }
}
p = strtok(NULL, ","); lind = 0;
while (list[lind] != NULL) {
free(list[lind]);
lind++;
} }
free(logins);
return success; return success;
} }
...@@ -502,6 +518,8 @@ static int guess_user_and_switch(char *str, int fb_mode) { ...@@ -502,6 +518,8 @@ static int guess_user_and_switch(char *str, int fb_mode) {
char *dstr, *d; char *dstr, *d;
char *p, *tstr = NULL, *allowed = NULL, *logins, **users = NULL; char *p, *tstr = NULL, *allowed = NULL, *logins, **users = NULL;
int dpy1, ret = 0; int dpy1, ret = 0;
char **list;
int lind;
RAWFB_RET(0) RAWFB_RET(0)
...@@ -528,11 +546,22 @@ static int guess_user_and_switch(char *str, int fb_mode) { ...@@ -528,11 +546,22 @@ static int guess_user_and_switch(char *str, int fb_mode) {
/* loop over the utmpx entries looking for this display */ /* loop over the utmpx entries looking for this display */
logins = get_login_list(1); logins = get_login_list(1);
list = (char **) calloc((strlen(logins)+2)*sizeof(char *), 1);
lind = 0;
p = strtok(logins, ","); p = strtok(logins, ",");
while (p) { while (p) {
list[lind++] = strdup(p);
p = strtok(NULL, ",");
}
lind = 0;
while (list[lind] != NULL) {
char *user, *q, *t; char *user, *q, *t;
int dpy2, ok = 1; int dpy2, ok = 1;
p = list[lind++];
t = strdup(p); t = strdup(p);
q = strchr(t, ':'); q = strchr(t, ':');
if (! q) { if (! q) {
...@@ -559,7 +588,6 @@ static int guess_user_and_switch(char *str, int fb_mode) { ...@@ -559,7 +588,6 @@ static int guess_user_and_switch(char *str, int fb_mode) {
if (! ok) { if (! ok) {
free(t); free(t);
p = strtok(NULL, ",");
continue; continue;
} }
if (switch_user(user, fb_mode)) { if (switch_user(user, fb_mode)) {
...@@ -568,8 +596,6 @@ static int guess_user_and_switch(char *str, int fb_mode) { ...@@ -568,8 +596,6 @@ static int guess_user_and_switch(char *str, int fb_mode) {
ret = 1; ret = 1;
break; break;
} }
p = strtok(NULL, ",");
} }
if (tstr) { if (tstr) {
free(tstr); free(tstr);
...@@ -1479,6 +1505,7 @@ static void loop_for_connect(int did_client_connect) { ...@@ -1479,6 +1505,7 @@ static void loop_for_connect(int did_client_connect) {
} }
if (use_openssl && !inetd) { if (use_openssl && !inetd) {
check_openssl(); check_openssl();
check_https();
/* /*
* This is to handle an initial verify cert from viewer, * This is to handle an initial verify cert from viewer,
* they disconnect right after fetching the cert. * they disconnect right after fetching the cert.
......
...@@ -177,9 +177,9 @@ static double scr_key_bdpush_time, scr_mouse_bdpush_time; ...@@ -177,9 +177,9 @@ static double scr_key_bdpush_time, scr_mouse_bdpush_time;
static void parse_scroll_copyrect_str(char *scr) { static void parse_scroll_copyrect_str(char *scr) {
char *p, *str; char *p, *str;
int i; int i;
char *part[10]; char *part[16];
for (i=0; i<10; i++) { for (i=0; i<16; i++) {
part[i] = NULL; part[i] = NULL;
} }
...@@ -194,6 +194,7 @@ static void parse_scroll_copyrect_str(char *scr) { ...@@ -194,6 +194,7 @@ static void parse_scroll_copyrect_str(char *scr) {
while (p) { while (p) {
part[i++] = strdup(p); part[i++] = strdup(p);
p = strtok(NULL, ","); p = strtok(NULL, ",");
if (i >= 16) break;
} }
free(str); free(str);
...@@ -301,9 +302,9 @@ static char *wireframe_mods = NULL; ...@@ -301,9 +302,9 @@ static char *wireframe_mods = NULL;
static void parse_wireframe_str(char *wf) { static void parse_wireframe_str(char *wf) {
char *p, *str; char *p, *str;
int i; int i;
char *part[10]; char *part[16];
for (i=0; i<10; i++) { for (i=0; i<16; i++) {
part[i] = NULL; part[i] = NULL;
} }
...@@ -327,6 +328,7 @@ static void parse_wireframe_str(char *wf) { ...@@ -327,6 +328,7 @@ static void parse_wireframe_str(char *wf) {
while (p) { while (p) {
part[i++] = strdup(p); part[i++] = strdup(p);
p = strtok(NULL, ","); p = strtok(NULL, ",");
if (i >= 16) break;
} }
free(str); free(str);
......
...@@ -333,10 +333,7 @@ char **create_str_list(char *cslist) { ...@@ -333,10 +333,7 @@ char **create_str_list(char *cslist) {
} }
/* the extra last one holds NULL */ /* the extra last one holds NULL */
list = (char **) malloc( (n+1)*sizeof(char *) ); list = (char **) calloc((n+1)*sizeof(char *), 1);
for(i=0; i < n+1; i++) {
list[i] = NULL;
}
p = strtok(str, ","); p = strtok(str, ",");
i = 0; i = 0;
......
This diff is collapsed.
...@@ -243,6 +243,7 @@ void set_redir_properties(void); ...@@ -243,6 +243,7 @@ void set_redir_properties(void);
#define TSMAX 32 #define TSMAX 32
#define TSSTK 16 #define TSSTK 16
void terminal_services(char *list) { void terminal_services(char *list) {
int i, j, n = 0, db = 1; int i, j, n = 0, db = 1;
char *p, *q, *r, *str = strdup(list); char *p, *q, *r, *str = strdup(list);
...@@ -257,6 +258,10 @@ void terminal_services(char *list) { ...@@ -257,6 +258,10 @@ void terminal_services(char *list) {
char num[32]; char num[32];
time_t last_clean = time(NULL); time_t last_clean = time(NULL);
if (getenv("TS_REDIR_DEBUG")) {
db = 2;
}
if (! dpy) { if (! dpy) {
return; return;
} }
...@@ -268,6 +273,8 @@ void terminal_services(char *list) { ...@@ -268,6 +273,8 @@ void terminal_services(char *list) {
PropModeReplace, (unsigned char *)list, strlen(list)); PropModeReplace, (unsigned char *)list, strlen(list));
XSync(dpy, False); XSync(dpy, False);
} }
if (db) fprintf(stderr, "TS_REDIR_LIST Atom: %d.\n");
for (i=0; i<TASKMAX; i++) { for (i=0; i<TASKMAX; i++) {
ts_tasks[i] = 0; ts_tasks[i] = 0;
} }
...@@ -544,12 +551,19 @@ void do_tsd(void) { ...@@ -544,12 +551,19 @@ void do_tsd(void) {
char *cmd; char *cmd;
int n, sz = 0; int n, sz = 0;
char *disp = DisplayString(dpy); char *disp = DisplayString(dpy);
int db = 0;
if (getenv("TS_REDIR_DEBUG")) {
db = 1;
}
if (db) fprintf(stderr, "do_tsd() in.\n");
prop[0] = '\0'; prop[0] = '\0';
a = XInternAtom(dpy, "TS_REDIR_LIST", False); a = XInternAtom(dpy, "TS_REDIR_LIST", False);
if (a != None) { if (a != None) {
get_prop(prop, 512, a); get_prop(prop, 512, a);
} }
if (db) fprintf(stderr, "TS_REDIR_LIST Atom: %d = '%s'\n", a, prop);
if (prop[0] == '\0') { if (prop[0] == '\0') {
return; return;
...@@ -662,6 +676,13 @@ static void check_redir_services(void) { ...@@ -662,6 +676,13 @@ static void check_redir_services(void) {
time_t tsd_last; time_t tsd_last;
int restart = 0; int restart = 0;
pid_t pid = 0; pid_t pid = 0;
int db = 0;
db = 0;
if (getenv("TS_REDIR_DEBUG")) {
db = 1;
}
if (db) fprintf(stderr, "check_redir_services in.\n");
if (! dpy) { if (! dpy) {
return; return;
...@@ -675,6 +696,7 @@ static void check_redir_services(void) { ...@@ -675,6 +696,7 @@ static void check_redir_services(void) {
pid = (pid_t) atoi(prop); pid = (pid_t) atoi(prop);
} }
} }
if (db) fprintf(stderr, "TS_REDIR_PID Atom: %d = '%s'\n", a, prop);
if (getenv("FD_TAG")) { if (getenv("FD_TAG")) {
a = XInternAtom(dpy, "FD_TAG", False); a = XInternAtom(dpy, "FD_TAG", False);
...@@ -685,6 +707,7 @@ static void check_redir_services(void) { ...@@ -685,6 +707,7 @@ static void check_redir_services(void) {
PropModeReplace, (unsigned char *)tag, strlen(tag)); PropModeReplace, (unsigned char *)tag, strlen(tag));
XSync(dpy, False); XSync(dpy, False);
} }
if (db) fprintf(stderr, "FD_TAG Atom: %d = '%s'\n", a, prop);
} }
prop[0] = '\0'; prop[0] = '\0';
...@@ -692,6 +715,7 @@ static void check_redir_services(void) { ...@@ -692,6 +715,7 @@ static void check_redir_services(void) {
if (a != None) { if (a != None) {
get_prop(prop, 512, a); get_prop(prop, 512, a);
} }
if (db) fprintf(stderr, "TS_REDIR Atom: %d = '%s'\n", a, prop);
if (prop[0] == '\0') { if (prop[0] == '\0') {
rfbLog("TS_REDIR is empty, restarting...\n"); rfbLog("TS_REDIR is empty, restarting...\n");
restart = 1; restart = 1;
...@@ -718,9 +742,11 @@ static void check_redir_services(void) { ...@@ -718,9 +742,11 @@ static void check_redir_services(void) {
kill(pid, SIGKILL); kill(pid, SIGKILL);
} }
do_tsd(); do_tsd();
if (db) fprintf(stderr, "check_redir_services restarted.\n");
return; return;
} }
if (db) fprintf(stderr, "check_redir_services, no restart, calling set_redir_properties.\n");
set_redir_properties(); set_redir_properties();
#endif #endif
} }
...@@ -1805,6 +1831,7 @@ int main(int argc, char* argv[]) { ...@@ -1805,6 +1831,7 @@ int main(int argc, char* argv[]) {
int ncache_msg = 0; int ncache_msg = 0;
char *got_rfbport_str = NULL; char *got_rfbport_str = NULL;
int got_rfbport_pos = -1; int got_rfbport_pos = -1;
int got_tls = 0;
/* used to pass args we do not know about to rfbGetScreen(): */ /* used to pass args we do not know about to rfbGetScreen(): */
int argc_vnc_max = 1024; int argc_vnc_max = 1024;
...@@ -2188,6 +2215,7 @@ int main(int argc, char* argv[]) { ...@@ -2188,6 +2215,7 @@ int main(int argc, char* argv[]) {
if (!strcmp(arg, "-http_ssl")) { if (!strcmp(arg, "-http_ssl")) {
try_http = 1; try_http = 1;
http_ssl = 1; http_ssl = 1;
got_tls++;
continue; continue;
} }
if (!strcmp(arg, "-avahi") || !strcmp(arg, "-mdns") || !strcmp(arg, "-zeroconf")) { if (!strcmp(arg, "-avahi") || !strcmp(arg, "-mdns") || !strcmp(arg, "-zeroconf")) {
...@@ -2357,6 +2385,7 @@ int main(int argc, char* argv[]) { ...@@ -2357,6 +2385,7 @@ int main(int argc, char* argv[]) {
char *s; char *s;
CHECK_ARGC CHECK_ARGC
s = strdup(argv[++i]); s = strdup(argv[++i]);
got_tls++;
if (strstr(s, "never")) { if (strstr(s, "never")) {
vencrypt_mode = VENCRYPT_NONE; vencrypt_mode = VENCRYPT_NONE;
} else if (strstr(s, "support")) { } else if (strstr(s, "support")) {
...@@ -2385,18 +2414,19 @@ int main(int argc, char* argv[]) { ...@@ -2385,18 +2414,19 @@ int main(int argc, char* argv[]) {
free(s); free(s);
continue; continue;
} }
if (!strcmp(arg, "-tlsvnc")) { if (!strcmp(arg, "-anontls")) {
char *s; char *s;
CHECK_ARGC CHECK_ARGC
s = strdup(argv[++i]); s = strdup(argv[++i]);
got_tls++;
if (strstr(s, "never")) { if (strstr(s, "never")) {
tlsvnc_mode = TLSVNC_NONE; anontls_mode = ANONTLS_NONE;
} else if (strstr(s, "support")) { } else if (strstr(s, "support")) {
tlsvnc_mode = TLSVNC_SUPPORT; anontls_mode = ANONTLS_SUPPORT;
} else if (strstr(s, "only")) { } else if (strstr(s, "only")) {
tlsvnc_mode = TLSVNC_SOLE; anontls_mode = ANONTLS_SOLE;
} else if (strstr(s, "force")) { } else if (strstr(s, "force")) {
tlsvnc_mode = TLSVNC_FORCE; anontls_mode = ANONTLS_FORCE;
} else { } else {
fprintf(stderr, "invalid %s arg: %s\n", arg, s); fprintf(stderr, "invalid %s arg: %s\n", arg, s);
exit(1); exit(1);
...@@ -2407,14 +2437,22 @@ int main(int argc, char* argv[]) { ...@@ -2407,14 +2437,22 @@ int main(int argc, char* argv[]) {
free(s); free(s);
continue; continue;
} }
if (!strcmp(arg, "-sslonly")) {
vencrypt_mode = VENCRYPT_NONE;
anontls_mode = ANONTLS_NONE;
got_tls++;
continue;
}
if (!strcmp(arg, "-dhparams")) { if (!strcmp(arg, "-dhparams")) {
CHECK_ARGC CHECK_ARGC
dhparams_file = strdup(argv[++i]); dhparams_file = strdup(argv[++i]);
got_tls++;
continue; continue;
} }
if (!strcmp(arg, "-nossl")) { if (!strcmp(arg, "-nossl")) {
use_openssl = 0; use_openssl = 0;
openssl_pem = NULL; openssl_pem = NULL;
got_tls = -1000;
continue; continue;
} }
if (!strcmp(arg, "-ssl")) { if (!strcmp(arg, "-ssl")) {
...@@ -2422,9 +2460,21 @@ int main(int argc, char* argv[]) { ...@@ -2422,9 +2460,21 @@ int main(int argc, char* argv[]) {
if (i < argc-1) { if (i < argc-1) {
char *s = argv[i+1]; char *s = argv[i+1];
if (s[0] != '-') { if (s[0] != '-') {
if (!strcmp(s, "ADH")) {
openssl_pem = strdup("ANON");
} else if (!strcmp(s, "ANONDH")) {
openssl_pem = strdup("ANON");
} else if (!strcmp(s, "TMP")) {
openssl_pem = NULL;
} else {
openssl_pem = strdup(s); openssl_pem = strdup(s);
}
i++; i++;
} else {
openssl_pem = strdup("SAVE");
} }
} else {
openssl_pem = strdup("SAVE");
} }
continue; continue;
} }
...@@ -2458,11 +2508,13 @@ int main(int argc, char* argv[]) { ...@@ -2458,11 +2508,13 @@ int main(int argc, char* argv[]) {
if (!strcmp(arg, "-sslverify")) { if (!strcmp(arg, "-sslverify")) {
CHECK_ARGC CHECK_ARGC
ssl_verify = strdup(argv[++i]); ssl_verify = strdup(argv[++i]);
got_tls++;
continue; continue;
} }
if (!strcmp(arg, "-sslCRL")) { if (!strcmp(arg, "-sslCRL")) {
CHECK_ARGC CHECK_ARGC
ssl_crl = strdup(argv[++i]); ssl_crl = strdup(argv[++i]);
got_tls++;
continue; continue;
} }
if (!strcmp(arg, "-sslGenCA")) { if (!strcmp(arg, "-sslGenCA")) {
...@@ -2522,15 +2574,19 @@ int main(int argc, char* argv[]) { ...@@ -2522,15 +2574,19 @@ int main(int argc, char* argv[]) {
sslEncKey(s, 2); sslEncKey(s, 2);
} }
exit(0); exit(0);
continue; continue;
} }
if (!strcmp(arg, "-stunnel")) { if (!strcmp(arg, "-stunnel")) {
use_stunnel = 1; use_stunnel = 1;
got_tls = -1000;
if (i < argc-1) { if (i < argc-1) {
char *s = argv[i+1]; char *s = argv[i+1];
if (s[0] != '-') { if (s[0] != '-') {
if (!strcmp(s, "TMP")) {
stunnel_pem = NULL;
} else {
stunnel_pem = strdup(s); stunnel_pem = strdup(s);
}
i++; i++;
} }
} }
...@@ -2538,10 +2594,15 @@ int main(int argc, char* argv[]) { ...@@ -2538,10 +2594,15 @@ int main(int argc, char* argv[]) {
} }
if (!strcmp(arg, "-stunnel3")) { if (!strcmp(arg, "-stunnel3")) {
use_stunnel = 3; use_stunnel = 3;
got_tls = -1000;
if (i < argc-1) { if (i < argc-1) {
char *s = argv[i+1]; char *s = argv[i+1];
if (s[0] != '-') { if (s[0] != '-') {
if (!strcmp(s, "TMP")) {
stunnel_pem = NULL;
} else {
stunnel_pem = strdup(s); stunnel_pem = strdup(s);
}
i++; i++;
} }
} }
...@@ -2550,6 +2611,7 @@ int main(int argc, char* argv[]) { ...@@ -2550,6 +2611,7 @@ int main(int argc, char* argv[]) {
if (!strcmp(arg, "-https")) { if (!strcmp(arg, "-https")) {
https_port_num = 0; https_port_num = 0;
try_http = 1; try_http = 1;
got_tls++;
if (i < argc-1) { if (i < argc-1) {
char *s = argv[i+1]; char *s = argv[i+1];
if (s[0] != '-') { if (s[0] != '-') {
...@@ -2561,6 +2623,7 @@ int main(int argc, char* argv[]) { ...@@ -2561,6 +2623,7 @@ int main(int argc, char* argv[]) {
} }
if (!strcmp(arg, "-httpsredir")) { if (!strcmp(arg, "-httpsredir")) {
https_port_redir = -1; https_port_redir = -1;
got_tls++;
if (i < argc-1) { if (i < argc-1) {
char *s = argv[i+1]; char *s = argv[i+1];
if (s[0] != '-') { if (s[0] != '-') {
...@@ -3410,6 +3473,12 @@ int main(int argc, char* argv[]) { ...@@ -3410,6 +3473,12 @@ int main(int argc, char* argv[]) {
use_snapfb = 1; use_snapfb = 1;
continue; continue;
} }
if (!strcmp(arg, "-rand")) {
/* equiv. to -nopw -rawfb rand for quick tests */
raw_fb_str = strdup("rand");
nopw = 1;
continue;
}
if (!strcmp(arg, "-rawfb")) { if (!strcmp(arg, "-rawfb")) {
CHECK_ARGC CHECK_ARGC
raw_fb_str = strdup(argv[++i]); raw_fb_str = strdup(argv[++i]);
...@@ -4091,6 +4160,18 @@ int main(int argc, char* argv[]) { ...@@ -4091,6 +4160,18 @@ int main(int argc, char* argv[]) {
if (db) fprintf(stderr, "users_list: %s\n", users_list); if (db) fprintf(stderr, "users_list: %s\n", users_list);
} }
if (got_tls > 0 && !use_openssl) {
rfbLog("SSL: Error: you did not supply the '-ssl ...' option even\n");
rfbLog("SSL: though you supplied one of these related options:\n");
rfbLog("SSL: -sslonly, -sslverify, -sslCRL, -vencrypt, -anontls,\n");
rfbLog("SSL: -dhparams, -https, -http_ssl, or -httpsredir.\n");
rfbLog("SSL: Restart with, for example, '-ssl SAVE' on the cmd line.\n");
rfbLog("SSL: See the '-ssl' x11vnc -help description for more info.\n");
if (!getenv("X11VNC_FORCE_NO_OPENSSL")) {
exit(1);
}
}
if (unixpw) { if (unixpw) {
if (inetd) { if (inetd) {
use_stunnel = 0; use_stunnel = 0;
...@@ -5049,12 +5130,12 @@ if (0) fprintf(stderr, "XA: %s\n", getenv("XAUTHORITY")); ...@@ -5049,12 +5130,12 @@ if (0) fprintf(stderr, "XA: %s\n", getenv("XAUTHORITY"));
initialize_speeds(); initialize_speeds();
if (speeds_read_rate_measured > 100) { if (speeds_read_rate_measured > 80) {
/* framebuffer read is fast at > 100 MB/sec */ /* framebuffer read is fast at > 80 MB/sec */
if (! got_waitms) { if (! got_waitms) {
waitms /= 2; waitms /= 2;
if (waitms < 10) { if (waitms < 5) {
waitms = 10; waitms = 5;
} }
if (!quiet) { if (!quiet) {
rfbLog("fast read: reset wait ms to: %d\n", waitms); rfbLog("fast read: reset wait ms to: %d\n", waitms);
......
...@@ -15,7 +15,7 @@ int xtrap_base_event_type = 0; ...@@ -15,7 +15,7 @@ int xtrap_base_event_type = 0;
int xdamage_base_event_type = 0; int xdamage_base_event_type = 0;
/* date +'lastmod: %Y-%m-%d' */ /* date +'lastmod: %Y-%m-%d' */
char lastmod[] = "0.9.6 lastmod: 2008-11-22"; char lastmod[] = "0.9.6 lastmod: 2008-12-08";
/* X display info */ /* X display info */
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment