Skip to content

L
libvncserver
Commit c997e901 authored by runge's avatar runge
Browse files
Options

x11vnc: gui speedup and fixes. -unixpw and -inetd

parent a9a9c812
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 682 additions and 223 deletions
x11vnc/ChangeLog
View file @ c997e901
2006-03-06 Karl Runge <runge@karlrunge.com>
* x11vnc: switch remote control to X11VNC_REMOTE property. Put
in -unixpw constraints for reverse connections under -inetd.
-inetd won't quit when reverse conn client leaves. Allow keyboard
input for viewonly -unixpw logins. "%*" utils for testing
-unixpw. improve start time fix bugs, small screen in gui.
2006-03-04 Karl Runge <runge@karlrunge.com>
* x11vnc: -unixpw on *bsd, hpux and tru64. Add -unixpw_nis for
non-shadow systems. check stunnel dying. check SSH_CONNECTION
......
x11vnc/README
View file @ c997e901
x11vnc README file Date: Sat Mar 4 17:57:40 EST 2006
x11vnc README file Date: Mon Mar 6 10:24:41 EST 2006
The following information is taken from these URLs:
......@@ -5382,7 +5382,7 @@ x11vnc: a VNC server for real X displays
Here are all of x11vnc command line options:
% x11vnc -opts (see below for -help long descriptions)
x11vnc: allow VNC connections to real X11 displays. 0.8.1 lastmod: 2006-03-04
x11vnc: allow VNC connections to real X11 displays. 0.8.1 lastmod: 2006-03-06
x11vnc options:
-display disp -auth file
......@@ -5495,7 +5495,7 @@ libvncserver-tight-extension options:
% x11vnc -help
x11vnc: allow VNC connections to real X11 displays. 0.8.1 lastmod: 2006-03-04
x11vnc: allow VNC connections to real X11 displays. 0.8.1 lastmod: 2006-03-06
Typical usage is:
......@@ -5793,8 +5793,9 @@ Options:
-novncconnect VNC program vncconnect(1). When the property is
set to "host" or "host:port" establish a reverse
connection. Using xprop(1) instead of vncconnect may
work (see the FAQ). The -remote control mechanism also
uses this VNC_CONNECT channel. Default: -vncconnect
work (see the FAQ). The -remote control mechanism uses
X11VNC_REMOTE channel, and this option disables/enables
it as well. Default: -vncconnect
-allow host1[,host2..] Only allow client connections from hosts matching
the comma separated list of hostnames or IP addresses.
......@@ -5909,8 +5910,8 @@ Options:
x11vnc as root with the "-users +nobody" option to
immediately switch to user nobody. Another source of
problems are PAM modules that prompt for extra info,
e.g. password aging modules. These logins will always
fail as well.
e.g. password aging modules. These logins will fail
as well even when the correct password is supplied.
*IMPORTANT*: to prevent the Unix password being sent in
*clear text* over the network, two x11vnc options are
......@@ -5937,17 +5938,28 @@ Options:
is set and appears reasonable. If it does, then the
stunnel requirement is dropped since it is assumed
you are using ssh for the encrypted tunnelling.
Use -stunnel to force stunnel usage.
Use -stunnel to force stunnel usage for this case.
Set UNIXPW_DISABLE_LOCALHOST=1 to disable the -localhost
requirement. One should never do this (i.e. allow the
Unix passwords to be sniffed on the network).
NOTE: in -inetd mode the two settings are not enforced
since x11vnc does not make network connections in
that case. Be sure to use encryption from the viewer
to inetd. One can also have your own stunnel spawn
x11vnc in -inetd mode. See the FAQ.
Regarding reverse connections (e.g. -R connect:host),
the -localhost constraint is in effect and the reverse
connections can only be used to connect to the same
machine x11vnc is running on (default port 5500).
Please use a ssh or stunnel port redirection to the
viewer machine to tunnel the reverse connection over
an encrypted channel. Note that Unix username and
password *will* be prompted for (unlike VNC passwords
that are skipped for reverse connections).
NOTE: in -inetd mode the two settings are attempted
to be enforced for reverse connections. Be sure to
use encryption from the viewer to inetd since x11vnc
cannot guess easily if it is encrpyted. Note: you can
also have your own stunnel spawn x11vnc in -inetd mode
(i.e. bypassing inetd). See the FAQ.
The user names in the comma separated [list] can have
per-user options after a ":", e.g. "fred:opts"
......@@ -5962,16 +5974,21 @@ Options:
Use "deny" to explicitly deny some users if you use
"*" to set a global option.
-unixpw_nis [list] As -unixpw above, however do not run su(1) but rather
use the traditional getpwnam() + crypt() method instead.
This requires that the encrpyted passwords be readable.
Passwords stored in /etc/shadow will be inaccessible
unless run as root. This is called "NIS" mode
simply because in most NIS setups the user encrypted
passwords are accessible (e.g. "ypcat passwd").
NIS is not required for this mode to work, but it
is unlikely it will work for any other environment.
All of the -unixpw options and contraints apply.
There are also some tools for testing password if [list]
starts with the "%" character. See the quick_pw()
function for details.
-unixpw_nis [list] As -unixpw above, however do not use su(1) but rather
use the traditional getpwnam(3) + crypt(3) method
instead. This requires that the encrpyted passwords
be readable. Passwords stored in /etc/shadow will
be inaccessible unless run as root. This is called
"NIS" mode simply because in most NIS setups the
user encrypted passwords are accessible (e.g. "ypcat
passwd"). NIS is not required for this mode to
work, but it is unlikely it will work for any other
environment. All of the -unixpw options and contraints
apply.
-stunnel [pem] Use the stunnel(1) (www.stunnel.org) to provide
an encrypted SSL tunnel between viewers and x11vnc.
......@@ -7238,7 +7255,7 @@ n
-remote command.
The default communication channel is that of X
properties (specifically VNC_CONNECT), and so this
properties (specifically X11VNC_REMOTE), and so this
command must be run with correct settings for DISPLAY
and possibly XAUTHORITY to connect to the X server
and set the property. Alternatively, use the -display
......@@ -7520,9 +7537,9 @@ n
it comes back with prefix "aro=" instead of "ans=".
Some -remote commands are pure actions that do not make
sense as variables, e.g. "stop" or "disconnect",
in these cases the value returned is "N/A". To direct
a query straight to the VNC_CONNECT property or connect
sense as variables, e.g. "stop" or "disconnect", in
these cases the value returned is "N/A". To direct a
query straight to the X11VNC_REMOTE property or connect
file use "qry=..." instead of "cmd=..."
Here is the current list of "variables" that can
......@@ -7621,9 +7638,9 @@ n
A note about security wrt remote control commands.
If someone can connect to the X display and change
the property VNC_CONNECT, then they can remotely
the property X11VNC_REMOTE, then they can remotely
control x11vnc. Normally access to the X display is
protected. Note that if they can modify VNC_CONNECT
protected. Note that if they can modify X11VNC_REMOTE
on the X server, they have enough permissions to also
run their own x11vnc and thus have complete control
of the desktop. If the "-connect /path/to/file"
......@@ -7633,9 +7650,9 @@ n
permissions. See -privremote below.
If you are paranoid and do not think -noremote is
enough, to disable the VNC_CONNECT property channel
completely use -novncconnect, or use the -safer
option that shuts many things off.
enough, to disable the X11VNC_REMOTE property channel
completely use -novncconnect, or use the -safer option
that shuts many things off.
-unsafe A few remote commands are disabled by default
(currently: id:pick, accept:<cmd>, gone:<cmd>, and
......
x11vnc/connections.c
View file @ c997e901
......@@ -19,6 +19,9 @@
/* string for the VNC_CONNECT property */
char vnc_connect_str[VNC_CONNECT_MAX+1];
Atom vnc_connect_prop = None;
char x11vnc_remote_str[X11VNC_REMOTE_MAX+1];
Atom x11vnc_remote_prop = None;
rfbClientPtr inetd_client = NULL;
int all_clients_initialized(void);
char *list_clients(void);
......@@ -29,7 +32,9 @@ void set_client_input(char *str);
void set_child_info(void);
void reverse_connect(char *str);
void set_vnc_connect_prop(char *str);
void read_vnc_connect_prop(void);
void read_vnc_connect_prop(int);
void set_x11vnc_remote_prop(char *str);
void read_x11vnc_remote_prop(int);
void check_connect_inputs(void);
void check_gui_inputs(void);
enum rfbNewClientAction new_client(rfbClientPtr client);
......@@ -604,8 +609,8 @@ static void client_gone(rfbClientPtr client) {
free_client_data(client);
if (inetd) {
rfbLog("viewer exited.\n");
if (inetd && client == inetd_client) {
rfbLog("inetd viewer exited.\n");
clean_up_exit(0);
}
if (connect_once) {
......@@ -1463,6 +1468,21 @@ static int do_reverse_connect(char *str) {
*p = '\0';
}
if (inetd && unixpw) {
if(strcmp(host, "localhost") && strcmp(host, "127.0.0.1")) {
if (! getenv("UNIXPW_DISABLE_LOCALHOST")) {
rfbLog("reverse_connect: in -inetd only localhost\n");
rfbLog("connections allowed under -unixpw\n");
return 0;
}
}
if (! getenv("UNIXPW_DISABLE_STUNNEL") && ! have_ssh_env()) {
rfbLog("reverse_connect: in -inetd stunnel/ssh\n");
rfbLog("required under -unixpw\n");
return 0;
}
}
cl = rfbReverseConnection(screen, host, rport);
free(host);
......@@ -1529,15 +1549,20 @@ void reverse_connect(char *str) {
}
/*
* Routines for monitoring the VNC_CONNECT property for changes.
* The vncconnect(1) will set it on our X display.
* Routines for monitoring the VNC_CONNECT and X11VNC_REMOTE properties
* for changes. The vncconnect(1) will set it on our X display.
*/
void set_vnc_connect_prop(char *str) {
XChangeProperty(dpy, rootwin, vnc_connect_prop, XA_STRING, 8,
PropModeReplace, (unsigned char *)str, strlen(str));
}
void read_vnc_connect_prop(void) {
void set_x11vnc_remote_prop(char *str) {
XChangeProperty(dpy, rootwin, x11vnc_remote_prop, XA_STRING, 8,
PropModeReplace, (unsigned char *)str, strlen(str));
}
void read_vnc_connect_prop(int nomsg) {
Atom type;
int format, slen, dlen;
unsigned long nitems = 0, bytes_after = 0;
......@@ -1575,28 +1600,73 @@ void read_vnc_connect_prop(void) {
} while (bytes_after > 0);
vnc_connect_str[VNC_CONNECT_MAX] = '\0';
if (! db) {
if (! db || nomsg) {
;
} else if (strstr(vnc_connect_str, "ans=stop:N/A,ans=quit:N/A,ans=")) {
} else {
rfbLog("read VNC_CONNECT: %s\n", vnc_connect_str);
}
}
void read_x11vnc_remote_prop(int nomsg) {
Atom type;
int format, slen, dlen;
unsigned long nitems = 0, bytes_after = 0;
unsigned char* data = NULL;
int db = 1;
x11vnc_remote_str[0] = '\0';
slen = 0;
if (! vnc_connect || x11vnc_remote_prop == None) {
/* not active or problem with X11VNC_REMOTE atom */
return;
}
/* read the property value into x11vnc_remote_str: */
do {
if (XGetWindowProperty(dpy, DefaultRootWindow(dpy),
x11vnc_remote_prop, nitems/4, X11VNC_REMOTE_MAX/16, False,
AnyPropertyType, &type, &format, &nitems, &bytes_after,
&data) == Success) {
dlen = nitems * (format/8);
if (slen + dlen > X11VNC_REMOTE_MAX) {
/* too big */
rfbLog("warning: truncating large X11VNC_REMOTE"
" string > %d bytes.\n", X11VNC_REMOTE_MAX);
XFree(data);
break;
}
memcpy(x11vnc_remote_str+slen, data, dlen);
slen += dlen;
x11vnc_remote_str[slen] = '\0';
XFree(data);
}
} while (bytes_after > 0);
x11vnc_remote_str[X11VNC_REMOTE_MAX] = '\0';
if (! db || nomsg) {
;
} else if (strstr(vnc_connect_str, "qry=stop,quit,exit")) {
} else if (strstr(x11vnc_remote_str, "ans=stop:N/A,ans=quit:N/A,ans=")) {
;
} else if (strstr(vnc_connect_str, "ack=") == vnc_connect_str) {
} else if (strstr(x11vnc_remote_str, "qry=stop,quit,exit")) {
;
} else if (quiet && strstr(vnc_connect_str, "qry=ping") ==
vnc_connect_str) {
} else if (strstr(x11vnc_remote_str, "ack=") == x11vnc_remote_str) {
;
} else if (strstr(vnc_connect_str, "cmd=") &&
strstr(vnc_connect_str, "passwd")) {
rfbLog("read VNC_CONNECT: *\n");
} else if (strlen(vnc_connect_str) > 38) {
} else if (quiet && strstr(x11vnc_remote_str, "qry=ping") ==
x11vnc_remote_str) {
;
} else if (strstr(x11vnc_remote_str, "cmd=") &&
strstr(x11vnc_remote_str, "passwd")) {
rfbLog("read X11VNC_REMOTE: *\n");
} else if (strlen(x11vnc_remote_str) > 38) {
char trim[100];
trim[0] = '\0';
strncat(trim, vnc_connect_str, 38);
rfbLog("read VNC_CONNECT: %s ...\n", trim);
strncat(trim, x11vnc_remote_str, 38);
rfbLog("read X11VNC_REMOTE: %s ...\n", trim);
} else {
rfbLog("read VNC_CONNECT: %s\n", vnc_connect_str);
rfbLog("read X11VNC_REMOTE: %s\n", x11vnc_remote_str);
}
}
......@@ -1643,6 +1713,13 @@ void check_connect_inputs(void) {
vnc_connect_str[0] = '\0';
}
send_client_connect();
/* X11VNC_REMOTE property */
if (vnc_connect && *x11vnc_remote_str != '\0') {
client_connect = strdup(x11vnc_remote_str);
x11vnc_remote_str[0] = '\0';
}
send_client_connect();
}
void check_gui_inputs(void) {
......@@ -1650,7 +1727,7 @@ void check_gui_inputs(void) {
int socks[ICON_MODE_SOCKS];
fd_set fds;
struct timeval tv;
char buf[VNC_CONNECT_MAX+1];
char buf[X11VNC_REMOTE_MAX+1];
ssize_t nbytes;
if (unixpw_in_progress) return;
......@@ -1686,10 +1763,10 @@ void check_gui_inputs(void) {
if (! FD_ISSET(fd, &fds)) {
continue;
}
for (k=0; k<=VNC_CONNECT_MAX; k++) {
for (k=0; k<=X11VNC_REMOTE_MAX; k++) {
buf[k] = '\0';
}
nbytes = read(fd, buf, VNC_CONNECT_MAX);
nbytes = read(fd, buf, X11VNC_REMOTE_MAX);
if (nbytes <= 0) {
close(fd);
icon_mode_socks[socks[i]] = -1;
......@@ -1726,15 +1803,20 @@ enum rfbNewClientAction new_client(rfbClientPtr client) {
last_event = last_input = time(0);
if (inetd) {
/*
* Set this so we exit as soon as connection closes,
* otherwise client_gone is only called after RFB_CLIENT_ACCEPT
*/
client->clientGoneHook = client_gone;
if (inetd_client == NULL) {
inetd_client = client;
client->clientGoneHook = client_gone;
}
}
clients_served++;
if (0) fprintf(stderr, "new_client: %s %d\n", client->host, clients_served);
if (unixpw && unixpw_in_progress) {
rfbLog("denying additional client: %s during -unixpw login.\n",
......@@ -1822,6 +1904,11 @@ enum rfbNewClientAction new_client(rfbClientPtr client) {
if (unixpw) {
unixpw_in_progress = 1;
unixpw_client = client;
unixpw_login_viewonly = 0;
if (client->viewOnly) {
unixpw_login_viewonly = 1;
client->viewOnly = FALSE;
}
unixpw_last_try_time = time(0);
unixpw_screen(1);
unixpw_keystroke(0, 0, 1);
......@@ -1926,6 +2013,7 @@ void send_client_info(char *str) {
strcat(pstr, "\n");
if (icon_mode_fh) {
if (0) fprintf(icon_mode_fh, "\n");
fprintf(icon_mode_fh, "%s", pstr);
fflush(icon_mode_fh);
}
......@@ -1940,6 +2028,7 @@ void send_client_info(char *str) {
len = strlen(pstr);
while (len > 0) {
if (0) write(sock, "\n", 1);
n = write(sock, buf, len);
if (n > 0) {
buf += n;
......@@ -1965,7 +2054,11 @@ void check_new_clients(void) {
int run_after_accept = 0;
if (unixpw_in_progress) {
if (time(0) > unixpw_last_try_time + 30) {
if (unixpw_client && unixpw_client->viewOnly) {
unixpw_login_viewonly = 1;
unixpw_client->viewOnly = FALSE;
}
if (time(0) > unixpw_last_try_time + 25) {
rfbLog("unixpw_deny: timed out waiting for reply.\n");
unixpw_deny();
}
......@@ -1992,7 +2085,7 @@ void check_new_clients(void) {
return;
}
if (! client_count) {
send_client_info("none");
send_client_info("clients:none");
return;
}
......@@ -2037,9 +2130,12 @@ void check_new_clients(void) {
}
}
if (send_info) {
char *str = list_clients();
char *str, *s = list_clients();
str = (char *) malloc(strlen("clients:") + strlen(s) + 1);
sprintf(str, "clients:%s", s);
send_client_info(str);
free(str);
free(s);
}
}
......
x11vnc/connections.h
View file @ c997e901
......@@ -5,6 +5,10 @@
extern char vnc_connect_str[];
extern Atom vnc_connect_prop;
extern char x11vnc_remote_str[];
extern Atom x11vnc_remote_prop;
extern rfbClientPtr inetd_client;
extern int all_clients_initialized(void);
extern char *list_clients(void);
......@@ -15,7 +19,9 @@ extern void set_client_input(char *str);
extern void set_child_info(void);
extern void reverse_connect(char *str);
extern void set_vnc_connect_prop(char *str);
extern void read_vnc_connect_prop(void);
extern void read_vnc_connect_prop(int);
extern void set_x11vnc_remote_prop(char *str);
extern void read_x11vnc_remote_prop(int);
extern void check_connect_inputs(void);
extern void check_gui_inputs(void);
extern enum rfbNewClientAction new_client(rfbClientPtr client);
......
x11vnc/gui.c
View file @ c997e901
......@@ -22,6 +22,7 @@ int tray_manager_ok = 0;
Window tray_request = None;
Window tray_window = None;
int tray_unembed = 0;
pid_t run_gui_pid = 0;
char *get_gui_code(void);
......@@ -183,6 +184,12 @@ static char *icon_mode_embed_id = NULL;
static char *icon_mode_font = NULL;
static char *icon_mode_params = NULL;
static int got_sigusr1 = 0;
static void sigusr1 (int sig) {
got_sigusr1 = 1;
}
static void run_gui(char *gui_xdisplay, int connect_to_x11vnc, int start_x11vnc,
int simple_gui, pid_t parent, char *gui_opts) {
char *x11vnc_xdisplay = NULL;
......@@ -191,10 +198,11 @@ static void run_gui(char *gui_xdisplay, int connect_to_x11vnc, int start_x11vnc,
char cmd[100];
char *wish = NULL, *orig_path, *full_path, *tpath, *p;
char *old_xauth = NULL;
int try_max = 4, sleep = 300;
int try_max = 4, sleep = 300, totms;
pid_t mypid = getpid();
FILE *pipe, *tmpf;
if (0) fprintf(stderr, "run_gui: %s -- %d %d\n", gui_xdisplay, connect_to_x11vnc, (int) parent);
if (*gui_code == '\0') {
rfbLog("gui: gui not compiled into this program.\n");
exit(0);
......@@ -234,21 +242,44 @@ static void run_gui(char *gui_xdisplay, int connect_to_x11vnc, int start_x11vnc,
scr = DefaultScreen(dpy);
rootwin = RootWindow(dpy, scr);
initialize_vnc_connect_prop();
initialize_x11vnc_remote_prop();
}
signal(SIGUSR1, sigusr1);
got_sigusr1 = 0;
totms = 0;
while (totms < 3500) {
usleep(50*1000);
totms += 50;
if (got_sigusr1) {
fprintf(stderr, "\n");
if (! quiet) rfbLog("gui: got SIGUSR1\n");
break;
}
if (! start_x11vnc && totms >= 150) {
break;
}
}
usleep(2200*1000);
fprintf(stderr, "\n");
if (!quiet) {
signal(SIGUSR1, SIG_DFL);
if (! got_sigusr1) fprintf(stderr, "\n");
if (!quiet && ! got_sigusr1) {
rfbLog("gui: trying to contact a x11vnc server at X"
" display %s ...\n", NONUL(x11vnc_xdisplay));
}
for (i=0; i<try_max; i++) {
usleep(sleep*1000);
if (!quiet) {
rfbLog("gui: pinging %s try=%d ...\n",
NONUL(x11vnc_xdisplay), i+1);
}
rc = send_remote_cmd("qry=ping", 1, 1);
if (rc == 0) {
if (! got_sigusr1) {
if (!quiet) {
rfbLog("gui: pinging %s try=%d ...\n",
NONUL(x11vnc_xdisplay), i+1);
}
rc = send_remote_cmd("qry=ping", 1, 1);
if (rc == 0) {
break;
}
} else {
rc = 0;
break;
}
if (parent && mypid != parent && kill(parent, 0) != 0) {
......@@ -257,6 +288,7 @@ static void run_gui(char *gui_xdisplay, int connect_to_x11vnc, int start_x11vnc,
rc = 1;
break;
}
usleep(sleep*1000);
}
set_env("X11VNC_XDISPLAY", x11vnc_xdisplay);
if (getenv("XAUTHORITY") != NULL) {
......@@ -619,6 +651,9 @@ void do_gui(char *opts, int sleep) {
simple_gui, parent, opts);
exit(1);
}
if (connect_to_x11vnc) {
run_gui_pid = p;
}
#else
fprintf(stderr, "system does not support fork: start "
"x11vnc in the gui.\n");
......
x11vnc/gui.h
View file @ c997e901
......@@ -11,6 +11,7 @@ extern int tray_manager_ok;
extern Window tray_request;
extern Window tray_window;
extern int tray_unembed;
extern pid_t run_gui_pid;
extern char *get_gui_code(void);
extern int tray_embed(Window iconwin, int remove);
......
x11vnc/help.c
View file @ c997e901
......@@ -315,8 +315,9 @@ void print_help(int mode) {
"-novncconnect VNC program vncconnect(1). When the property is\n"
" set to \"host\" or \"host:port\" establish a reverse\n"
" connection. Using xprop(1) instead of vncconnect may\n"
" work (see the FAQ). The -remote control mechanism also\n"
" uses this VNC_CONNECT channel. Default: %s\n"
" work (see the FAQ). The -remote control mechanism uses\n"
" X11VNC_REMOTE channel, and this option disables/enables\n"
" it as well. Default: %s\n"
"\n"
"-allow host1[,host2..] Only allow client connections from hosts matching\n"
" the comma separated list of hostnames or IP addresses.\n"
......@@ -431,8 +432,8 @@ void print_help(int mode) {
" x11vnc as root with the \"-users +nobody\" option to\n"
" immediately switch to user nobody. Another source of\n"
" problems are PAM modules that prompt for extra info,\n"
" e.g. password aging modules. These logins will always\n"
" fail as well.\n"
" e.g. password aging modules. These logins will fail\n"
" as well even when the correct password is supplied.\n"
"\n"
" *IMPORTANT*: to prevent the Unix password being sent in\n"
" *clear text* over the network, two x11vnc options are\n"
......@@ -459,17 +460,28 @@ void print_help(int mode) {
" is set and appears reasonable. If it does, then the\n"
" stunnel requirement is dropped since it is assumed\n"
" you are using ssh for the encrypted tunnelling.\n"
" Use -stunnel to force stunnel usage.\n"
" Use -stunnel to force stunnel usage for this case.\n"
"\n"
" Set UNIXPW_DISABLE_LOCALHOST=1 to disable the -localhost\n"
" requirement. One should never do this (i.e. allow the\n"
" Unix passwords to be sniffed on the network).\n"
"\n"
" NOTE: in -inetd mode the two settings are not enforced\n"
" since x11vnc does not make network connections in\n"
" that case. Be sure to use encryption from the viewer\n"
" to inetd. One can also have your own stunnel spawn\n"
" x11vnc in -inetd mode. See the FAQ.\n"
" Regarding reverse connections (e.g. -R connect:host),\n"
" the -localhost constraint is in effect and the reverse\n"
" connections can only be used to connect to the same\n"
" machine x11vnc is running on (default port 5500).\n"
" Please use a ssh or stunnel port redirection to the\n"
" viewer machine to tunnel the reverse connection over\n"
" an encrypted channel. Note that Unix username and\n"
" password *will* be prompted for (unlike VNC passwords\n"
" that are skipped for reverse connections).\n"
"\n"
" NOTE: in -inetd mode the two settings are attempted\n"
" to be enforced for reverse connections. Be sure to\n"
" use encryption from the viewer to inetd since x11vnc\n"
" cannot guess easily if it is encrpyted. Note: you can\n"
" also have your own stunnel spawn x11vnc in -inetd mode\n"
" (i.e. bypassing inetd). See the FAQ.\n"
"\n"
" The user names in the comma separated [list] can have\n"
" per-user options after a \":\", e.g. \"fred:opts\"\n"
......@@ -484,16 +496,21 @@ void print_help(int mode) {
" Use \"deny\" to explicitly deny some users if you use\n"
" \"*\" to set a global option.\n"
"\n"
"-unixpw_nis [list] As -unixpw above, however do not run su(1) but rather\n"
" use the traditional getpwnam() + crypt() method instead.\n"
" This requires that the encrpyted passwords be readable.\n"
" Passwords stored in /etc/shadow will be inaccessible\n"
" unless run as root. This is called \"NIS\" mode\n"
" simply because in most NIS setups the user encrypted\n"
" passwords are accessible (e.g. \"ypcat passwd\").\n"
" NIS is not required for this mode to work, but it\n"
" is unlikely it will work for any other environment.\n"
" All of the -unixpw options and contraints apply.\n"
" There are also some tools for testing password if [list]\n"
" starts with the \"%\" character. See the quick_pw()\n"
" function for details.\n"
"\n"
"-unixpw_nis [list] As -unixpw above, however do not use su(1) but rather\n"
" use the traditional getpwnam(3) + crypt(3) method\n"
" instead. This requires that the encrpyted passwords\n"
" be readable. Passwords stored in /etc/shadow will\n"
" be inaccessible unless run as root. This is called\n"
" \"NIS\" mode simply because in most NIS setups the\n"
" user encrypted passwords are accessible (e.g. \"ypcat\n"
" passwd\"). NIS is not required for this mode to\n"
" work, but it is unlikely it will work for any other\n"
" environment. All of the -unixpw options and contraints\n"
" apply.\n"
"\n"
"-stunnel [pem] Use the stunnel(1) (www.stunnel.org) to provide\n"
" an encrypted SSL tunnel between viewers and x11vnc.\n"
......@@ -1767,7 +1784,7 @@ void print_help(int mode) {
" -remote command.\n"
"\n"
" The default communication channel is that of X\n"
" properties (specifically VNC_CONNECT), and so this\n"
" properties (specifically X11VNC_REMOTE), and so this\n"
" command must be run with correct settings for DISPLAY\n"
" and possibly XAUTHORITY to connect to the X server\n"
" and set the property. Alternatively, use the -display\n"
......@@ -2056,9 +2073,9 @@ void print_help(int mode) {
" it comes back with prefix \"aro=\" instead of \"ans=\".\n"
"\n"
" Some -remote commands are pure actions that do not make\n"
" sense as variables, e.g. \"stop\" or \"disconnect\",\n"
" in these cases the value returned is \"N/A\". To direct\n"
" a query straight to the VNC_CONNECT property or connect\n"
" sense as variables, e.g. \"stop\" or \"disconnect\", in\n"
" these cases the value returned is \"N/A\". To direct a\n"
" query straight to the X11VNC_REMOTE property or connect\n"
" file use \"qry=...\" instead of \"cmd=...\"\n"
"\n"
" Here is the current list of \"variables\" that can\n"
......@@ -2157,9 +2174,9 @@ void print_help(int mode) {
"\n"
" A note about security wrt remote control commands.\n"
" If someone can connect to the X display and change\n"
" the property VNC_CONNECT, then they can remotely\n"
" the property X11VNC_REMOTE, then they can remotely\n"
" control x11vnc. Normally access to the X display is\n"
" protected. Note that if they can modify VNC_CONNECT\n"
" protected. Note that if they can modify X11VNC_REMOTE\n"
" on the X server, they have enough permissions to also\n"
" run their own x11vnc and thus have complete control\n"
" of the desktop. If the \"-connect /path/to/file\"\n"
......@@ -2169,9 +2186,9 @@ void print_help(int mode) {
" permissions. See -privremote below.\n"
"\n"
" If you are paranoid and do not think -noremote is\n"
" enough, to disable the VNC_CONNECT property channel\n"
" completely use -novncconnect, or use the -safer\n"
" option that shuts many things off.\n"
" enough, to disable the X11VNC_REMOTE property channel\n"
" completely use -novncconnect, or use the -safer option\n"
" that shuts many things off.\n"
"\n"
"-unsafe A few remote commands are disabled by default\n"
" (currently: id:pick, accept:<cmd>, gone:<cmd>, and\n"
......
x11vnc/params.h
View file @ c997e901
......@@ -30,6 +30,7 @@
#define FB_REQ 0x4
#define VNC_CONNECT_MAX 16384
#define X11VNC_REMOTE_MAX 16384
#define PROP_MAX (131072L)
#define MAXN 256
......
x11vnc/remote.c
View file @ c997e901
......@@ -55,11 +55,11 @@ int send_remote_cmd(char *cmd, int query, int wait) {
perror("fopen");
return 1;
}
} else if (vnc_connect_prop == None) {
initialize_vnc_connect_prop();
if (vnc_connect_prop == None) {
} else if (x11vnc_remote_prop == None) {
initialize_x11vnc_remote_prop();
if (x11vnc_remote_prop == None) {
fprintf(stderr, "send_remote_cmd: could not obtain "
"VNC_CONNECT X property\n");
"X11VNC_REMOTE X property\n");
return 1;
}
}
......@@ -71,13 +71,13 @@ int send_remote_cmd(char *cmd, int query, int wait) {
fclose(in);
} else {
fprintf(stderr, ">>> sending remote command: \"%s\" via"
" VNC_CONNECT X property.\n", cmd);
set_vnc_connect_prop(cmd);
" X11VNC_REMOTE X property.\n", cmd);
set_x11vnc_remote_prop(cmd);
XFlush(dpy);
}
if (query || wait) {
char line[VNC_CONNECT_MAX];
char line[X11VNC_REMOTE_MAX];
int rc=1, i=0, max=70, ms_sl=50;
if (!strcmp(cmd, "cmd=stop")) {
......@@ -95,7 +95,7 @@ int send_remote_cmd(char *cmd, int query, int wait) {
perror("fopen");
return 1;
}
fgets(line, VNC_CONNECT_MAX, in);
fgets(line, X11VNC_REMOTE_MAX, in);
fclose(in);
q = line;
while (*q != '\0') {
......@@ -103,8 +103,9 @@ int send_remote_cmd(char *cmd, int query, int wait) {
q++;
}
} else {
read_vnc_connect_prop();
strncpy(line, vnc_connect_str, VNC_CONNECT_MAX);
read_x11vnc_remote_prop(1);
strncpy(line, x11vnc_remote_str,
X11VNC_REMOTE_MAX);
}
if (strcmp(cmd, line)){
if (query) {
......@@ -581,8 +582,8 @@ char *process_remote_cmd(char *cmd, int stringonly) {
#if REMOTE_CONTROL
char *p = cmd;
char *co = "";
char buf[VNC_CONNECT_MAX];
int bufn = VNC_CONNECT_MAX;
char buf[X11VNC_REMOTE_MAX];
int bufn = X11VNC_REMOTE_MAX;
int query = 0;
static char *prev_cursors_mode = NULL;
......@@ -617,7 +618,7 @@ char *process_remote_cmd(char *cmd, int stringonly) {
strncat(tmp, q, 500);
res = process_remote_cmd(tmp, 1);
if (res && strlen(buf)+strlen(res)
>= VNC_CONNECT_MAX - 1) {
>= X11VNC_REMOTE_MAX - 1) {
rfbLog("overflow in process_remote_cmd:"
" %s -- %s\n", buf, res);
free(res);
......@@ -3848,7 +3849,7 @@ char *process_remote_cmd(char *cmd, int stringonly) {
}
} else {
if (dpy) { /* raw_fb hack */
set_vnc_connect_prop(buf);
set_x11vnc_remote_prop(buf);
XFlush(dpy);
}
}
......
x11vnc/sslcmds.c
View file @ c997e901
......@@ -13,6 +13,7 @@
#endif
void check_stunnel(void);
int start_stunnel(int stunnel_port, int x11vnc_port);
void stop_stunnel(void);
void setup_stunnel(int rport, int *argc, char **argv);
......
x11vnc/tkx11vnc
View file @ c997e901
This diff is collapsed.
x11vnc/tkx11vnc.h
View file @ c997e901
This diff is collapsed.
x11vnc/unixpw.c
View file @ c997e901
......@@ -54,6 +54,7 @@ static void set_db(void);
static void unixpw_verify(char *user, char *pass);
int unixpw_in_progress = 0;
int unixpw_login_viewonly = 0;
time_t unixpw_last_try_time = 0;
rfbClientPtr unixpw_client = NULL;
......@@ -975,6 +976,9 @@ static void apply_opts (char *user) {
void unixpw_accept(char *user) {
apply_opts(user);
if (unixpw_login_viewonly) {
unixpw_client->viewOnly = TRUE;
}
unixpw_in_progress = 0;
unixpw_client = NULL;
mark_rect_as_modified(0, 0, dpy_x, dpy_y, 0);
......
x11vnc/unixpw.h
View file @ c997e901
......@@ -11,6 +11,7 @@ extern int su_verify(char *user, char *pass);
extern int crypt_verify(char *user, char *pass);
extern int unixpw_in_progress;
extern int unixpw_login_viewonly;
extern time_t unixpw_last_try_time;
extern rfbClientPtr unixpw_client;
......
x11vnc/x11vnc.1
View file @ c997e901
......@@ -2,7 +2,7 @@
.TH X11VNC "1" "March 2006" "x11vnc " "User Commands"
.SH NAME
x11vnc - allow VNC connections to real X11 displays
version: 0.8.1, lastmod: 2006-03-04
version: 0.8.1, lastmod: 2006-03-06
.SH SYNOPSIS
.B x11vnc
[OPTION]...
......@@ -391,8 +391,9 @@ set to "host" or "host:port" establish a reverse
connection. Using
.IR xprop (1)
instead of vncconnect may
work (see the FAQ). The \fB-remote\fR control mechanism also
uses this VNC_CONNECT channel. Default: \fB-vncconnect\fR
work (see the FAQ). The \fB-remote\fR control mechanism uses
X11VNC_REMOTE channel, and this option disables/enables
it as well. Default: \fB-vncconnect\fR
.PP
\fB-allow\fR \fIhost1[,host2..]\fR
.IP
......@@ -530,8 +531,8 @@ this case. A possible workaround would be to start
x11vnc as root with the "\fB-users\fR \fI+nobody\fR" option to
immediately switch to user nobody. Another source of
problems are PAM modules that prompt for extra info,
e.g. password aging modules. These logins will always
fail as well.
e.g. password aging modules. These logins will fail
as well even when the correct password is supplied.
.IP
*IMPORTANT*: to prevent the Unix password being sent in
*clear text* over the network, two x11vnc options are
......@@ -564,17 +565,28 @@ will check if the environment variable SSH_CONNECTION
is set and appears reasonable. If it does, then the
stunnel requirement is dropped since it is assumed
you are using ssh for the encrypted tunnelling.
Use \fB-stunnel\fR to force stunnel usage.
Use \fB-stunnel\fR to force stunnel usage for this case.
.IP
Set UNIXPW_DISABLE_LOCALHOST=1 to disable the \fB-localhost\fR
requirement. One should never do this (i.e. allow the
Unix passwords to be sniffed on the network).
.IP
NOTE: in \fB-inetd\fR mode the two settings are not enforced
since x11vnc does not make network connections in
that case. Be sure to use encryption from the viewer
to inetd. One can also have your own stunnel spawn
x11vnc in \fB-inetd\fR mode. See the FAQ.
Regarding reverse connections (e.g. \fB-R\fR connect:host),
the \fB-localhost\fR constraint is in effect and the reverse
connections can only be used to connect to the same
machine x11vnc is running on (default port 5500).
Please use a ssh or stunnel port redirection to the
viewer machine to tunnel the reverse connection over
an encrypted channel. Note that Unix username and
password *will* be prompted for (unlike VNC passwords
that are skipped for reverse connections).
.IP
NOTE: in \fB-inetd\fR mode the two settings are attempted
to be enforced for reverse connections. Be sure to
use encryption from the viewer to inetd since x11vnc
cannot guess easily if it is encrpyted. Note: you can
also have your own stunnel spawn x11vnc in \fB-inetd\fR mode
(i.e. bypassing inetd). See the FAQ.
.IP
The user names in the comma separated [list] can have
per-user options after a ":", e.g. "fred:opts"
......@@ -588,21 +600,30 @@ options apply to all users. It also means all users
are allowed to log in after supplying a valid password.
Use "deny" to explicitly deny some users if you use
"*" to set a global option.
.IP
There are also some tools for testing password if [list]
starts with the "%" character. See the quick_pw()
function for details.
.PP
\fB-unixpw_nis\fR \fI[list]\fR
.IP
As \fB-unixpw\fR above, however do not run
As \fB-unixpw\fR above, however do not use
.IR su (1)
but rather
use the traditional getpwnam() + crypt() method instead.
This requires that the encrpyted passwords be readable.
Passwords stored in /etc/shadow will be inaccessible
unless run as root. This is called "NIS" mode
simply because in most NIS setups the user encrypted
passwords are accessible (e.g. "ypcat passwd").
NIS is not required for this mode to work, but it
is unlikely it will work for any other environment.
All of the \fB-unixpw\fR options and contraints apply.
use the traditional
.IR getpwnam (3)
+
.IR crypt (3)
method
instead. This requires that the encrpyted passwords
be readable. Passwords stored in /etc/shadow will
be inaccessible unless run as root. This is called
"NIS" mode simply because in most NIS setups the
user encrypted passwords are accessible (e.g. "ypcat
passwd"). NIS is not required for this mode to
work, but it is unlikely it will work for any other
environment. All of the \fB-unixpw\fR options and contraints
apply.
.PP
\fB-stunnel\fR \fI[pem]\fR
.IP
......@@ -2163,7 +2184,7 @@ command exits. You can often use the \fB-query\fR command
\fB-remote\fR command.
.IP
The default communication channel is that of X
properties (specifically VNC_CONNECT), and so this
properties (specifically X11VNC_REMOTE), and so this
command must be run with correct settings for DISPLAY
and possibly XAUTHORITY to connect to the X server
and set the property. Alternatively, use the \fB-display\fR
......@@ -2655,9 +2676,9 @@ to the standard output. If a variable is read-only,
it comes back with prefix "aro=" instead of "ans=".
.IP
Some \fB-remote\fR commands are pure actions that do not make
sense as variables, e.g. "stop" or "disconnect",
in these cases the value returned is "N/A". To direct
a query straight to the VNC_CONNECT property or connect
sense as variables, e.g. "stop" or "disconnect", in
these cases the value returned is "N/A". To direct a
query straight to the X11VNC_REMOTE property or connect
file use "qry=..." instead of "cmd=..."
.IP
Here is the current list of "variables" that can
......@@ -2762,9 +2783,9 @@ Default: \fB-yesremote\fR
.IP
A note about security wrt remote control commands.
If someone can connect to the X display and change
the property VNC_CONNECT, then they can remotely
the property X11VNC_REMOTE, then they can remotely
control x11vnc. Normally access to the X display is
protected. Note that if they can modify VNC_CONNECT
protected. Note that if they can modify X11VNC_REMOTE
on the X server, they have enough permissions to also
run their own x11vnc and thus have complete control
of the desktop. If the "\fB-connect\fR \fI/path/to/file\fR"
......@@ -2774,9 +2795,9 @@ sure to protect the X display and that file's write
permissions. See \fB-privremote\fR below.
.IP
If you are paranoid and do not think \fB-noremote\fR is
enough, to disable the VNC_CONNECT property channel
completely use \fB-novncconnect,\fR or use the \fB-safer\fR
option that shuts many things off.
enough, to disable the X11VNC_REMOTE property channel
completely use \fB-novncconnect,\fR or use the \fB-safer\fR option
that shuts many things off.
.PP
\fB-unsafe\fR
.IP
......
x11vnc/x11vnc.c
View file @ c997e901
......@@ -139,6 +139,7 @@
#include "rates.h"
#include "unixpw.h"
#include "inet.h"
#include "sslcmds.h"
/*
* main routine for the x11vnc program
......@@ -920,6 +921,8 @@ static void quick_pw(char *str) {
*
* starting "%/" or "%." means read the first line from that file.
*
* "%%" or "%" means prompt user.
*
* otherwise: %user:pass
*/
if (!strcmp(str, "%-") || !strcmp(str, "%stdin")) {
......@@ -932,6 +935,31 @@ static void quick_pw(char *str) {
exit(1);
}
q = strdup(getenv("UNIXPW"));
} else if (!strcmp(str, "%%") || !strcmp(str, "%")) {
char *t, inp[1024];
fprintf(stdout, "username: ");
if(fgets(tmp, 128, stdin) == NULL) {
exit(1);
}
strcpy(inp, tmp);
t = strchr(inp, '\n');
if (t) {
*t = ':';
} else {
strcat(inp, ":");
}
fprintf(stdout, "password: ");
system("stty -echo");
if(fgets(tmp, 128, stdin) == NULL) {
fprintf(stdout, "\n");
system("stty echo");
exit(1);
}
system("stty echo");
fprintf(stdout, "\n");
strcat(inp, tmp);
q = strdup(inp);
} else if (str[1] == '/' || str[1] == '.') {
FILE *in = fopen(str+1, "r");
if (in == NULL) {
......@@ -1235,6 +1263,10 @@ static void check_loop_mode(int argc, char* argv[]) {
}
}
#define SHOW_NO_PASSWORD_WARNING \
(!got_passwd && !got_rfbauth && (!got_passwdfile || !passwd_list) \
&& !query_cmd && !remote_cmd && !unixpw && !got_gui_pw)
int main(int argc, char* argv[]) {
int i, len, tmpi;
......@@ -1244,6 +1276,7 @@ int main(int argc, char* argv[]) {
char *remote_cmd = NULL;
char *query_cmd = NULL;
char *gui_str = NULL;
int got_gui_pw = 0;
int pw_loc = -1, got_passwd = 0, got_rfbauth = 0, nopw = NOPW;
int got_viewpasswd = 0, got_localhost = 0, got_passwdfile = 0;
int got_stunnel = 0;
......@@ -1448,7 +1481,7 @@ int main(int argc, char* argv[]) {
unixpw_nis = 1;
}
if (i < argc-1) {
char *p, *q, *s = argv[i+1];
char *s = argv[i+1];
if (s[0] != '-') {
unixpw_list = strdup(s);
i++;
......@@ -1875,6 +1908,9 @@ int main(int argc, char* argv[]) {
char *s = argv[i+1];
if (*s != '-') {
gui_str = strdup(s);
if (strstr(gui_str, "setp")) {
got_gui_pw = 1;
}
i++;
}
}
......@@ -2005,8 +2041,8 @@ int main(int argc, char* argv[]) {
}
if (launch_gui) {
int sleep = 0;
if (!got_passwd && !got_rfbauth && !got_passwdfile && !nopw) {
sleep = 3;
if (SHOW_NO_PASSWORD_WARNING && !nopw) {
sleep = 2;
}
do_gui(gui_str, sleep);
}
......@@ -2132,8 +2168,7 @@ int main(int argc, char* argv[]) {
exit(1);
}
if (!got_passwd && !got_rfbauth && (!got_passwdfile || !passwd_list)
&& !query_cmd && !remote_cmd && !unixpw) {
if (SHOW_NO_PASSWORD_WARNING) {
char message[] = "-rfbauth, -passwdfile, -passwd password, "
"or -unixpw required.";
if (! nopw) {
......@@ -2834,8 +2869,7 @@ int main(int argc, char* argv[]) {
}
if (! quiet) {
rfbLog("screen setup finished.\n");
if (!got_passwd && !got_rfbauth && !got_passwdfile && !unixpw
&& !nopw) {
if (SHOW_NO_PASSWORD_WARNING && !nopw) {
rfbLog("\n");
rfbLog("WARNING: You are running x11vnc WITHOUT"
" a password. See\n");
......
x11vnc/x11vnc_defs.c
View file @ c997e901
......@@ -15,7 +15,7 @@ int xtrap_base_event_type = 0;
int xdamage_base_event_type = 0;
/* date +'lastmod: %Y-%m-%d' */
char lastmod[] = "0.8.1 lastmod: 2006-03-04";
char lastmod[] = "0.8.1 lastmod: 2006-03-06";
/* X display info */
......
x11vnc/xevents.c
View file @ c997e901
......@@ -18,6 +18,7 @@ int grab_buster = 0;
int sync_tod_delay = 3;
void initialize_vnc_connect_prop(void);
void initialize_x11vnc_remote_prop(void);
void spawn_grab_buster(void);
void sync_tod_with_servertime(void);
void check_keycode_state(void);
......@@ -39,10 +40,16 @@ void initialize_vnc_connect_prop(void) {
vnc_connect_prop = XInternAtom(dpy, "VNC_CONNECT", False);
}
void initialize_x11vnc_remote_prop(void) {
x11vnc_remote_str[0] = '\0';
x11vnc_remote_prop = XInternAtom(dpy, "X11VNC_REMOTE", False);
}
static void initialize_xevents(void) {
static int did_xselect_input = 0;
static int did_xcreate_simple_window = 0;
static int did_vnc_connect_prop = 0;
static int did_x11vnc_remote_prop = 0;
static int did_xfixes = 0;
static int did_xdamage = 0;
static int did_xrandr = 0;
......@@ -75,6 +82,14 @@ static void initialize_xevents(void) {
initialize_vnc_connect_prop();
did_vnc_connect_prop = 1;
}
if (vnc_connect && !did_x11vnc_remote_prop) {
initialize_x11vnc_remote_prop();
did_x11vnc_remote_prop = 1;
}
if (run_gui_pid > 0) {
kill(run_gui_pid, SIGUSR1);
run_gui_pid = 0;
}
if (xfixes_present && use_xfixes && !did_xfixes) {
initialize_xfixes();
did_xfixes = 1;
......@@ -744,11 +759,16 @@ void check_xevents(void) {
set_cutbuffer = 0;
} else if (vnc_connect && vnc_connect_prop != None
&& xev.xproperty.atom == vnc_connect_prop) {
/*
* Go retrieve VNC_CONNECT string.
*/
read_vnc_connect_prop();
read_vnc_connect_prop(0);
} else if (vnc_connect && x11vnc_remote_prop != None
&& xev.xproperty.atom == x11vnc_remote_prop) {
/*
* Go retrieve X11VNC_REMOTE string.
*/
read_x11vnc_remote_prop(0);
}
}
}
......
x11vnc/xevents.h
View file @ c997e901
......@@ -7,6 +7,7 @@ extern int grab_buster;
extern int sync_tod_delay;
extern void initialize_vnc_connect_prop(void);
extern void initialize_x11vnc_remote_prop(void);
extern void spawn_grab_buster(void);
extern void sync_tod_with_servertime(void);
extern void check_keycode_state(void);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment