Commit be2b77f2 authored by runge's avatar runge

x11vnc: clear DISPLAY for -unixpw su_verify, user supplied sig ignore.

parent 130cf391
......@@ -2971,9 +2971,9 @@ rfbSendNewFBSize(rfbClientPtr cl,
}
if (cl->PalmVNC==TRUE)
rfbLog("Sending a rfbEncodingNewFBSize in response to a PalmVNC style frameuffer resize request (%dx%d)\n", w, h);
rfbLog("Sending rfbEncodingNewFBSize in response to a PalmVNC style framebuffer resize (%dx%d)\n", w, h);
else
rfbLog("Sending a rfbEncodingNewFBSize in response to a UltraVNC style frameuffer resize request (%dx%d)\n", w, h);
rfbLog("Sending rfbEncodingNewFBSize for resize to (%dx%d)\n", w, h);
rect.encoding = Swap32IfLE(rfbEncodingNewFBSize);
rect.r.x = 0;
......
2006-09-15 Karl Runge <runge@karlrunge.com>
* x11vnc: allow user set signals to ignore, clear DISPLAY in
-unixpw su_verify. -rawfb none same as null.
* rfbserver.c: shorten rfbEncodingNewFBSize message.
2006-09-13 Karl Runge <runge@karlrunge.com>
* x11vnc: document 'ssh -t' improved keyboard response. add
extra rfbPE() around keystrokes.
......
x11vnc README file Date: Wed Sep 13 21:30:41 EDT 2006
x11vnc README file Date: Fri Sep 15 11:12:28 EDT 2006
The following information is taken from these URLs:
......@@ -8061,7 +8061,7 @@ x11vnc: a VNC server for real X displays
Here are all of x11vnc command line options:
% x11vnc -opts (see below for -help long descriptions)
x11vnc: allow VNC connections to real X11 displays. 0.8.3 lastmod: 2006-09-13
x11vnc: allow VNC connections to real X11 displays. 0.8.3 lastmod: 2006-09-15
x11vnc options:
-display disp -auth file -id windowid
......@@ -8160,7 +8160,7 @@ libvncserver-tight-extension options:
% x11vnc -help
x11vnc: allow VNC connections to real X11 displays. 0.8.3 lastmod: 2006-09-13
x11vnc: allow VNC connections to real X11 displays. 0.8.3 lastmod: 2006-09-15
(type "x11vnc -opts" to just list the options.)
......@@ -8713,20 +8713,31 @@ Options:
-unixpw_nis [list] As -unixpw above, however do not use su(1) but rather
use the traditional getpwnam(3) + crypt(3) method to
verify passwords instead. This requires that the
encrypted passwords be readable. Passwords stored
in /etc/shadow will be inaccessible unless x11vnc
is run as root.
verify passwords. All of the above -unixpw options and
contraints apply.
This mode requires that the encrypted passwords be
readable. Encrypted passwords stored in /etc/shadow
will be inaccessible unless x11vnc is run as root.
This is called "NIS" mode simply because in most
NIS setups the user encrypted passwords are accessible
(e.g. "ypcat passwd"). NIS is not required for this
mode to work (only that getpwnam(3) return the encrypted
password is required), but it is unlikely it will work
for any other modern environment unless x11vnc is run
as root (which, btw, is often done when running x11vnc
from inetd and xdm/gdm/kdm). All of the -unixpw options
and contraints apply.
NIS setups user encrypted passwords are accessible
(e.g. "ypcat passwd") by an ordinary user and so that
user can authenticate ANY user.
NIS is not required for this mode to work (only that
getpwnam(3) return the encrypted password is required),
but it is unlikely it will work for any most modern
environments unless x11vnc is run as root to be able
to access /etc/shadow (note running as root is often
done when running x11vnc from inetd and xdm/gdm/kdm).
Looked at another way, if you do not want to use the
su(1) method provided by -unixpw, you can run x11vnc
as root and use -unixpw_nis. Any users with passwords
in /etc/shadow can then be authenticated. You may want
to use -users unixpw= to switch the process user after
the user logs in.
-display_WAIT :... A special usage mode for the normal -display option.
Useful with -unixpw, but can be used independently
......@@ -10500,8 +10511,15 @@ Options:
"ignore" or "exit". For "ignore" libvncserver
will handle the abrupt loss of a client and continue,
for "exit" x11vnc will cleanup and exit at the 1st
broken connection. Default: "ignore". This option
is obsolete.
broken connection.
This option is not really needed since libvncserver
is doing the correct thing now for quite some time.
However, for convenience you can use it to ignore other
signals, e.g. "-sigpipe ignore:HUP,INT,TERM" in case
that would be useful for some sort of application.
You can also put "exit:.." in there.
-threads Whether or not to use the threaded libvncserver
-nothreads algorithm [rfbRunEventLoop] if libpthread is available
Default: -nothreads
......
......@@ -405,6 +405,83 @@ static void interrupted (int sig) {
}
}
static void ignore_sigs(char *list) {
char *str, *p;
int ignore = 1;
if (list == NULL || *list == '\0') {
return;
}
str = strdup(list);
p = strtok(str, ":,");
#define SETSIG(x, y) \
if (strstr(p, x)) { \
if (ignore) { \
signal(y, SIG_IGN); \
} else { \
signal(y, interrupted); \
} \
}
#ifdef SIG_IGN
while (p) {
if (!strcmp(p, "ignore")) {
ignore = 1;
} else if (!strcmp(p, "exit")) {
ignore = 0;
}
/* Take off every 'sig' ;-) */
#ifdef SIGHUP
SETSIG("HUP", SIGHUP);
#endif
#ifdef SIGINT
SETSIG("INT", SIGINT);
#endif
#ifdef SIGQUIT
SETSIG("QUIT", SIGQUIT);
#endif
#ifdef SIGTRAP
SETSIG("TRAP", SIGTRAP);
#endif
#ifdef SIGABRT
SETSIG("ABRT", SIGABRT);
#endif
#ifdef SIGBUS
SETSIG("BUS", SIGBUS);
#endif
#ifdef SIGFPE
SETSIG("FPE", SIGFPE);
#endif
#ifdef SIGSEGV
SETSIG("SEGV", SIGSEGV);
#endif
#ifdef SIGPIPE
SETSIG("PIPE", SIGPIPE);
#endif
#ifdef SIGTERM
SETSIG("TERM", SIGTERM);
#endif
#ifdef SIGUSR1
SETSIG("USR1", SIGUSR1);
#endif
#ifdef SIGUSR2
SETSIG("USR2", SIGUSR2);
#endif
#ifdef SIGCONT
SETSIG("CONT", SIGCONT);
#endif
#ifdef SIGSTOP
SETSIG("STOP", SIGSTOP);
#endif
#ifdef SIGTSTP
SETSIG("TSTP", SIGTSTP);
#endif
p = strtok(NULL, ":,");
}
#endif /* SIG_IGN */
free(str);
}
/* signal handlers */
void initialize_signals(void) {
signal(SIGHUP, interrupted);
......@@ -418,6 +495,10 @@ void initialize_signals(void) {
if (!sigpipe || *sigpipe == '\0' || !strcmp(sigpipe, "skip")) {
;
} else if (strstr(sigpipe, "ignore:") == sigpipe) {
ignore_sigs(sigpipe);
} else if (strstr(sigpipe, "exit:") == sigpipe) {
ignore_sigs(sigpipe);
} else if (!strcmp(sigpipe, "ignore")) {
#ifdef SIG_IGN
signal(SIGPIPE, SIG_IGN);
......@@ -454,6 +535,12 @@ int known_sigpipe_mode(char *s) {
/*
* skip, ignore, exit
*/
if (strstr(s, "ignore:") == s) {
return 1;
}
if (strstr(s, "exit:") == s) {
return 1;
}
if (strcmp(s, "skip") && strcmp(s, "ignore") &&
strcmp(s, "exit")) {
return 0;
......
......@@ -574,20 +574,31 @@ void print_help(int mode) {
"\n"
"-unixpw_nis [list] As -unixpw above, however do not use su(1) but rather\n"
" use the traditional getpwnam(3) + crypt(3) method to\n"
" verify passwords instead. This requires that the\n"
" encrypted passwords be readable. Passwords stored\n"
" in /etc/shadow will be inaccessible unless x11vnc\n"
" is run as root.\n"
" verify passwords. All of the above -unixpw options and\n"
" contraints apply.\n"
"\n"
" This mode requires that the encrypted passwords be\n"
" readable. Encrypted passwords stored in /etc/shadow\n"
" will be inaccessible unless x11vnc is run as root.\n"
"\n"
" This is called \"NIS\" mode simply because in most\n"
" NIS setups the user encrypted passwords are accessible\n"
" (e.g. \"ypcat passwd\"). NIS is not required for this\n"
" mode to work (only that getpwnam(3) return the encrypted\n"
" password is required), but it is unlikely it will work\n"
" for any other modern environment unless x11vnc is run\n"
" as root (which, btw, is often done when running x11vnc\n"
" from inetd and xdm/gdm/kdm). All of the -unixpw options\n"
" and contraints apply.\n"
" NIS setups user encrypted passwords are accessible\n"
" (e.g. \"ypcat passwd\") by an ordinary user and so that\n"
" user can authenticate ANY user.\n"
"\n"
" NIS is not required for this mode to work (only that\n"
" getpwnam(3) return the encrypted password is required),\n"
" but it is unlikely it will work for any most modern\n"
" environments unless x11vnc is run as root to be able\n"
" to access /etc/shadow (note running as root is often\n"
" done when running x11vnc from inetd and xdm/gdm/kdm).\n"
"\n"
" Looked at another way, if you do not want to use the\n"
" su(1) method provided by -unixpw, you can run x11vnc\n"
" as root and use -unixpw_nis. Any users with passwords\n"
" in /etc/shadow can then be authenticated. You may want\n"
" to use -users unixpw= to switch the process user after\n"
" the user logs in.\n"
"\n"
#endif
"-display WAIT:... A special usage mode for the normal -display option.\n"
......@@ -2374,8 +2385,15 @@ void print_help(int mode) {
" \"ignore\" or \"exit\". For \"ignore\" libvncserver\n"
" will handle the abrupt loss of a client and continue,\n"
" for \"exit\" x11vnc will cleanup and exit at the 1st\n"
" broken connection. Default: \"ignore\". This option\n"
" is obsolete.\n"
" broken connection.\n"
"\n"
" This option is not really needed since libvncserver\n"
" is doing the correct thing now for quite some time.\n"
" However, for convenience you can use it to ignore other\n"
" signals, e.g. \"-sigpipe ignore:HUP,INT,TERM\" in case\n"
" that would be useful for some sort of application.\n"
" You can also put \"exit:..\" in there.\n"
"\n"
"-threads Whether or not to use the threaded libvncserver\n"
"-nothreads algorithm [rfbRunEventLoop] if libpthread is available\n"
" Default: %s\n"
......
......@@ -880,7 +880,8 @@ if (db) fprintf(stderr, "initialize_raw_fb reset\n");
if (! raw_fb_str) {
return NULL;
}
if (!strcasecmp(raw_fb_str, "NULL") || !strcasecmp(raw_fb_str, "ZERO")) {
if (!strcasecmp(raw_fb_str, "NULL") || !strcasecmp(raw_fb_str, "ZERO")
|| !strcasecmp(raw_fb_str, "NONE")) {
raw_fb_str = strdup("map:/dev/zero@640x480x32");
}
if (!strcasecmp(raw_fb_str, "RAND")) {
......
......@@ -584,6 +584,11 @@ if (db) fprintf(stderr, "slave is: %s fd=%d\n", slave, fd);
try_to_be_nobody();
#if LIBVNCSERVER_HAVE_GETUID
if (0 && db > 1) {
/* does not work, writes to pty... */
fprintf(stderr, "getuid=%d geteuid=%d\n",
getuid(), geteuid());
}
if (getuid() == 0 || geteuid() == 0) {
exit(1);
}
......@@ -594,6 +599,11 @@ if (db) fprintf(stderr, "slave is: %s fd=%d\n", slave, fd);
set_env("LC_ALL", "C");
set_env("LANG", "C");
set_env("SHELL", "/bin/sh");
if (!cmd && getenv("DISPLAY")) {
/* this will cause timeout problems with pam_xauth */
char *s = getenv("DISPLAY");
if (s) *(s-2) = '_';
}
/* synchronize with parent: */
write(2, "C", 1);
......
......@@ -2,7 +2,7 @@
.TH X11VNC "1" "September 2006" "x11vnc " "User Commands"
.SH NAME
x11vnc - allow VNC connections to real X11 displays
version: 0.8.3, lastmod: 2006-09-13
version: 0.8.3, lastmod: 2006-09-15
.SH SYNOPSIS
.B x11vnc
[OPTION]...
......@@ -692,22 +692,33 @@ use the traditional
+
.IR crypt (3)
method to
verify passwords instead. This requires that the
encrypted passwords be readable. Passwords stored
in /etc/shadow will be inaccessible unless x11vnc
is run as root.
verify passwords. All of the above \fB-unixpw\fR options and
contraints apply.
.IP
This mode requires that the encrypted passwords be
readable. Encrypted passwords stored in /etc/shadow
will be inaccessible unless x11vnc is run as root.
.IP
This is called "NIS" mode simply because in most
NIS setups the user encrypted passwords are accessible
(e.g. "ypcat passwd"). NIS is not required for this
mode to work (only that
NIS setups user encrypted passwords are accessible
(e.g. "ypcat passwd") by an ordinary user and so that
user can authenticate ANY user.
.IP
NIS is not required for this mode to work (only that
.IR getpwnam (3)
return the encrypted
password is required), but it is unlikely it will work
for any other modern environment unless x11vnc is run
as root (which, btw, is often done when running x11vnc
from inetd and xdm/gdm/kdm). All of the \fB-unixpw\fR options
and contraints apply.
return the encrypted password is required),
but it is unlikely it will work for any most modern
environments unless x11vnc is run as root to be able
to access /etc/shadow (note running as root is often
done when running x11vnc from inetd and xdm/gdm/kdm).
.IP
Looked at another way, if you do not want to use the
.IR su (1)
method provided by \fB-unixpw,\fR you can run x11vnc
as root and use \fB-unixpw_nis.\fR Any users with passwords
in /etc/shadow can then be authenticated. You may want
to use \fB-users\fR unixpw= to switch the process user after
the user logs in.
.PP
\fB-display\fR \fIWAIT:...\fR
.IP
......@@ -2801,8 +2812,14 @@ Broken pipe (SIGPIPE) handling. \fIstring\fR can be
"ignore" or "exit". For "ignore" libvncserver
will handle the abrupt loss of a client and continue,
for "exit" x11vnc will cleanup and exit at the 1st
broken connection. Default: "ignore". This option
is obsolete.
broken connection.
.IP
This option is not really needed since libvncserver
is doing the correct thing now for quite some time.
However, for convenience you can use it to ignore other
signals, e.g. "\fB-sigpipe\fR \fIignore:HUP,INT,TERM\fR" in case
that would be useful for some sort of application.
You can also put "exit:.." in there.
.PP
\fB-threads,\fR \fB-nothreads\fR
.IP
......
......@@ -15,7 +15,7 @@ int xtrap_base_event_type = 0;
int xdamage_base_event_type = 0;
/* date +'lastmod: %Y-%m-%d' */
char lastmod[] = "0.8.3 lastmod: 2006-09-13";
char lastmod[] = "0.8.3 lastmod: 2006-09-15";
/* X display info */
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment