Commit d1a86ee7 authored by runge's avatar runge

ssvnc: Home dir changing, skip enc warning, memory stick doc.

parent 15d04d46
Enhanced TightVNC Viewer (ssvnc: SSL/SSH VNC viewer) Enhanced TightVNC Viewer (SSVNC: SSL/SSH VNC viewer)
Copyright (c) 2006-2007 Karl J. Runge <runge@karlrunge.com> Copyright (c) 2006-2007 Karl J. Runge <runge@karlrunge.com>
All rights reserved. All rights reserved.
...@@ -239,6 +239,22 @@ mapped to Linux.i686). (See the ./bin/ssvnc_cmd -h output for how to ...@@ -239,6 +239,22 @@ mapped to Linux.i686). (See the ./bin/ssvnc_cmd -h output for how to
override platform autodection via the UNAME env. var). override platform autodection via the UNAME env. var).
Memory Stick Usage:
-------------------
If you create a directory named "Home" in that toplevel ssvnc directory
then that will be used as the base for storing VNC profiles and
certificates. Also, for convenience, if you first run the command with
"." as an argument (e.g. "ssvnc .") it will automatically create that
"Home" directory for you. This is handy if you want to place SSVNC
on a USB flash drive that you carry around for mobile use and you want
the profiles you create to stay with the drive (otherwise you'd have to
browse to the drive directory each time you load or save).
WARNING: if you use ssvnc from an "Internet Cafe", i.e. an untrusted
computer, an intruder may be capturing keystrokes etc.
External Dependencies: External Dependencies:
---------------------- ----------------------
......
...@@ -218,6 +218,11 @@ do ...@@ -218,6 +218,11 @@ do
shift shift
done done
targ="-t"
if [ "X$SS_VNCVIEWER_NO_T" != "X" ]; then
targ=""
fi
if [ "X$gotalpha" = "X1" ]; then if [ "X$gotalpha" = "X1" ]; then
VNCVIEWER_ALPHABLEND=1 VNCVIEWER_ALPHABLEND=1
export VNCVIEWER_ALPHABLEND export VNCVIEWER_ALPHABLEND
...@@ -255,6 +260,12 @@ if [ "X$use_ssh" = "X1" -a "X$use_sshssl" = "X" ]; then ...@@ -255,6 +260,12 @@ if [ "X$use_ssh" = "X1" -a "X$use_sshssl" = "X" ]; then
fi fi
fi fi
if echo "$orig" | grep '^V[Nn][Cc]://' > /dev/null; then
SSVNC_NO_ENC_WARN=1
export SSVNC_NO_ENC_WARN
orig=`echo "$orig" | sed -e 's/^...:/vnc:/'`
fi
if echo "$orig" | grep '^vnc://' > /dev/null; then if echo "$orig" | grep '^vnc://' > /dev/null; then
orig=`echo "$orig" | sed -e 's,vnc://,,'` orig=`echo "$orig" | sed -e 's,vnc://,,'`
verify="" verify=""
...@@ -266,9 +277,14 @@ elif echo "$orig" | grep '^vncs://' > /dev/null; then ...@@ -266,9 +277,14 @@ elif echo "$orig" | grep '^vncs://' > /dev/null; then
orig=`echo "$orig" | sed -e 's,vncs://,,'` orig=`echo "$orig" | sed -e 's,vncs://,,'`
elif echo "$orig" | grep '^vncssl://' > /dev/null; then elif echo "$orig" | grep '^vncssl://' > /dev/null; then
orig=`echo "$orig" | sed -e 's,vncssl://,,'` orig=`echo "$orig" | sed -e 's,vncssl://,,'`
elif echo "$orig" | grep '^vnc+ssl://' > /dev/null; then
orig=`echo "$orig" | sed -e 's,vnc.ssl://,,'`
elif echo "$orig" | grep '^vncssh://' > /dev/null; then elif echo "$orig" | grep '^vncssh://' > /dev/null; then
orig=`echo "$orig" | sed -e 's,vncssh://,,'` orig=`echo "$orig" | sed -e 's,vncssh://,,'`
use_ssh=1 use_ssh=1
elif echo "$orig" | grep '^vnc+ssh://' > /dev/null; then
orig=`echo "$orig" | sed -e 's,vnc.ssh://,,'`
use_ssh=1
fi fi
if [ "X$reverse" != "X" -a "X$direct_connect" = "X" ]; then if [ "X$reverse" != "X" -a "X$direct_connect" = "X" ]; then
VNCVIEWER_LISTEN_LOCALHOST=1 VNCVIEWER_LISTEN_LOCALHOST=1
...@@ -438,8 +454,8 @@ if [ "X$use_ssh" = "X1" ]; then ...@@ -438,8 +454,8 @@ if [ "X$use_ssh" = "X1" ]; then
proxport=`findfree 3500` proxport=`findfree 3500`
echo echo
echo "Running 1st ssh proxy:" echo "Running 1st ssh proxy:"
echo "$ssh -f -x -p $ssh_port1 -t -e none -L $proxport:$ssh_host2:$ssh_port2 $ssh_host1 \"sleep 30\"" echo "$ssh -f -x -p $ssh_port1 $targ -e none -L $proxport:$ssh_host2:$ssh_port2 $ssh_host1 \"sleep 30\""
$ssh -f -x -p $ssh_port1 -t -e none -L $proxport:$ssh_host2:$ssh_port2 $ssh_host1 "sleep 30" $ssh -f -x -p $ssh_port1 $targ -e none -L $proxport:$ssh_host2:$ssh_port2 $ssh_host1 "sleep 30"
ssh_args="$ssh_args -o NoHostAuthenticationForLocalhost=yes" ssh_args="$ssh_args -o NoHostAuthenticationForLocalhost=yes"
sleep 1 sleep 1
stty sane stty sane
...@@ -475,18 +491,18 @@ if [ "X$use_ssh" = "X1" ]; then ...@@ -475,18 +491,18 @@ if [ "X$use_ssh" = "X1" ]; then
pmark=`sh -c 'echo $$'` pmark=`sh -c 'echo $$'`
# the -t option actually speeds up typing response via VNC!! # the -t option actually speeds up typing response via VNC!!
if [ "X$SS_VNCVIEWER_SSH_ONLY" != "X" ]; then if [ "X$SS_VNCVIEWER_SSH_ONLY" != "X" ]; then
echo "$ssh -x -p $ssh_port -t $C $ssh_args $ssh_host \"$info\"" echo "$ssh -x -p $ssh_port $targ $C $ssh_args $ssh_host \"$info\""
echo "" echo ""
$ssh -x -p $ssh_port -t $C $ssh_args $ssh_host "$ssh_cmd" $ssh -x -p $ssh_port $targ $C $ssh_args $ssh_host "$ssh_cmd"
exit $? exit $?
elif [ "X$SS_VNCVIEWER_NO_F" != "X" ]; then elif [ "X$SS_VNCVIEWER_NO_F" != "X" ]; then
echo "$ssh -x -p $ssh_port -t $C $ssh_redir $ssh_args $ssh_host \"$info\"" echo "$ssh -x -p $ssh_port $targ $C $ssh_redir $ssh_args $ssh_host \"$info\""
echo "" echo ""
$ssh -x -p $ssh_port -t $C $ssh_redir $ssh_args $ssh_host "$ssh_cmd" $ssh -x -p $ssh_port $targ $C $ssh_redir $ssh_args $ssh_host "$ssh_cmd"
else else
echo "$ssh -x -f -p $ssh_port -t $C $ssh_redir $ssh_args $ssh_host \"$info\"" echo "$ssh -x -f -p $ssh_port $targ $C $ssh_redir $ssh_args $ssh_host \"$info\""
echo "" echo ""
$ssh -x -f -p $ssh_port -t $C $ssh_redir $ssh_args $ssh_host "$ssh_cmd" $ssh -x -f -p $ssh_port $targ $C $ssh_redir $ssh_args $ssh_host "$ssh_cmd"
fi fi
if [ "$?" != "0" ]; then if [ "$?" != "0" ]; then
echo "" echo ""
...@@ -774,12 +790,15 @@ if [ "X$direct_connect" != "X" ]; then ...@@ -774,12 +790,15 @@ if [ "X$direct_connect" != "X" ]; then
echo "" echo ""
echo "** NOTE: THERE WILL BE NO SSL OR SSH ENCRYPTION **" echo "** NOTE: THERE WILL BE NO SSL OR SSH ENCRYPTION **"
echo "" echo ""
if type printf > /dev/null 2>&1; then if [ "X$SSVNC_NO_ENC_WARN" != "X" ]; then
sleep 1
elif type printf > /dev/null 2>&1; then
printf "Are you sure you want to continue? [y]/n " printf "Are you sure you want to continue? [y]/n "
read x
else else
echo -n "Are you sure you want to continue? [y]/n " echo -n "Are you sure you want to continue? [y]/n "
fi
read x read x
fi
if [ "X$x" = "Xn" ]; then if [ "X$x" = "Xn" ]; then
exit 1 exit 1
fi fi
......
...@@ -276,7 +276,8 @@ proc help {} { ...@@ -276,7 +276,8 @@ proc help {} {
Sorry we do not make this easy to figure out how to do (e.g. a Sorry we do not make this easy to figure out how to do (e.g. a
button on the main panel), but the goal of SSVNC is secure button on the main panel), but the goal of SSVNC is secure
connections! connections! Set the env var SSVNC_NO_ENC_WARN=1 (or use Vnc://)
to skip the warning prompts.
6) Reverse VNC connections are possible as well. Go to Options and 6) Reverse VNC connections are possible as well. Go to Options and
select "Reverse VNC connection". In the 'VNC Host:Display' entry select "Reverse VNC connection". In the 'VNC Host:Display' entry
...@@ -294,6 +295,30 @@ proc help {} { ...@@ -294,6 +295,30 @@ proc help {} {
On Windows set it to "NOTEPAD" or similar; you can't control On Windows set it to "NOTEPAD" or similar; you can't control
the port though. It is usually 5930. the port though. It is usually 5930.
8) On Unix if you are going to an older SSH server (e.g. Solaris 10),
you will probably need to set the env. var. SS_VNCVIEWER_NO_T=1
to disable the ssh "-t" option being used (that can prevent the
command from being run).
9) In the VNC Host:Display entry you can also use these "URL-like"
prefixes: vncs://host:0, vncssl://host:0, and vnc+ssl://host:0
(for SSL) and vncssh://host:0 and vnc+ssh://host:0 for SSH. There
is no need to toggle the SSL/SSH else. These also work from the
command line, e.g.: ssvnc vnc+ssh://mymachine:10
10) Mobile USB memory stick / flash drive usage: You can unpack ssvnc
to a flash drive for impromptu usage (e.g. from a friends computer)
If you create a directory "Home" in the toplevel ssvnc directory,
then that will be the default location for your VNC profiles and
certs. So they follow the drive this way. If you run like this:
"ssvnc ." or "ssvnc.exe ." the "Home" directory will be created for
you. WARNING: if you use ssvnc from an "Internet Cafe", i.e. an
untrusted computer, an intruder may be capturing keystrokes, etc.
You can also set the SSVNC_HOME env. var. to point to any
directory you want. It can be set after starting ssvnc by putting
HOME=/path/to/dir in the Host:Display box and clicking "Connect".
} }
.h.f.t insert end $msg .h.f.t insert end $msg
...@@ -2065,7 +2090,7 @@ proc do_unix_pre {tag proxy hp pk_hp} { ...@@ -2065,7 +2090,7 @@ proc do_unix_pre {tag proxy hp pk_hp} {
set tee "" set tee ""
if {$use_smbmnt} { if {$use_smbmnt} {
set tee $env(HOME) set tee $env(SSVNC_HOME)
append tee "/.tee-etv$tag" append tee "/.tee-etv$tag"
set fh "" set fh ""
catch {set fh [open $tee "w"]} catch {set fh [open $tee "w"]}
...@@ -2182,6 +2207,7 @@ proc port_knock_only {hp {mode KNOCK}} { ...@@ -2182,6 +2207,7 @@ proc port_knock_only {hp {mode KNOCK}} {
proc direct_connect_msg {} { proc direct_connect_msg {} {
set msg "" set msg ""
global env
globalize globalize
if {$use_sshssl} { if {$use_sshssl} {
append msg " - SSH + SSL tunnelling\n" append msg " - SSH + SSL tunnelling\n"
...@@ -2190,6 +2216,9 @@ proc direct_connect_msg {} { ...@@ -2190,6 +2216,9 @@ proc direct_connect_msg {} {
} else { } else {
append msg " - SSL tunnelling\n" append msg " - SSL tunnelling\n"
} }
if [info exists env(SSVNC_NO_ENC_WARN)] {
set msg ""
}
if {$use_smbmnt} { if {$use_smbmnt} {
append msg " - SMB Mount Port Redirection\n" append msg " - SMB Mount Port Redirection\n"
} }
...@@ -2512,6 +2541,7 @@ proc launch_unix {hp} { ...@@ -2512,6 +2541,7 @@ proc launch_unix {hp} {
set pk_hp "" set pk_hp ""
set skip_ssh 0 set skip_ssh 0
if [regexp {vnc://} $hp] { if [regexp {vnc://} $hp] {
set skip_ssh 1 set skip_ssh 1
direct_connect_msg direct_connect_msg
...@@ -2753,7 +2783,7 @@ proc launch_unix {hp} { ...@@ -2753,7 +2783,7 @@ proc launch_unix {hp} {
set passwdfile "" set passwdfile ""
if {$vncauth_passwd != ""} { if {$vncauth_passwd != ""} {
global use_listen global use_listen
set passwdfile "$env(HOME)/.vncauth_tmp.[pid]" set passwdfile "$env(SSVNC_HOME)/.vncauth_tmp.[pid]"
catch {exec vncstorepw $vncauth_passwd $passwdfile} catch {exec vncstorepw $vncauth_passwd $passwdfile}
catch {exec chmod 600 $passwdfile} catch {exec chmod 600 $passwdfile}
if {$use_listen} { if {$use_listen} {
...@@ -3041,6 +3071,14 @@ proc launch {{hp ""}} { ...@@ -3041,6 +3071,14 @@ proc launch {{hp ""}} {
set hp [get_vncdisplay] set hp [get_vncdisplay]
} }
if {[regexp {^HOME=} $hp] || [regexp {^SSVNC_HOME=} $hp]} {
set t $hp
regsub {^.*HOME=} $t "" t
set env(SSVNC_HOME) $t
mesg "set SSVNC_HOME to $t"
return 0
}
regsub {[ ]*cmd=.*$} $hp "" tt regsub {[ ]*cmd=.*$} $hp "" tt
if {[regexp {^[ ]*$} $tt]} { if {[regexp {^[ ]*$} $tt]} {
...@@ -3078,12 +3116,17 @@ proc launch {{hp ""}} { ...@@ -3078,12 +3116,17 @@ proc launch {{hp ""}} {
mesg "\"$tcl_platform(os)\" | \"$tcl_platform(osVersion)\"" mesg "\"$tcl_platform(os)\" | \"$tcl_platform(osVersion)\""
after 1000 after 1000
} }
if [regexp {V[Nn][Cc]://} $hp] {
set env(SSVNC_NO_ENC_WARN) 1
regsub {V[Nn][Cc]://} $hp "vnc://" hp
}
if {! $is_windows} { if {! $is_windows} {
launch_unix $hp launch_unix $hp
return return
} }
############################################################## ##############################################################
if [regexp {vnc://} $hp] { if [regexp {vnc://} $hp] {
direct_connect_msg direct_connect_msg
regsub {vnc://} $hp "" hp regsub {vnc://} $hp "" hp
...@@ -3095,9 +3138,15 @@ proc launch {{hp ""}} { ...@@ -3095,9 +3138,15 @@ proc launch {{hp ""}} {
} elseif [regexp {vncssl://} $hp] { } elseif [regexp {vncssl://} $hp] {
set use_ssl 1 set use_ssl 1
regsub {vncssl://} $hp "" hp regsub {vncssl://} $hp "" hp
} elseif [regexp {vnc\+ssl://} $hp] {
set use_ssl 1
regsub {vnc\+ssl://} $hp "" hp
} elseif [regexp {vncssh://} $hp] { } elseif [regexp {vncssh://} $hp] {
set use_ssh 1 set use_ssh 1
regsub {vncssh://} $hp "" hp regsub {vncssh://} $hp "" hp
} elseif [regexp {vnc\+ssh://} $hp] {
set use_ssh 1
regsub {vnc\+ssh://} $hp "" hp
} }
check_ssh_needed check_ssh_needed
...@@ -3548,14 +3597,14 @@ proc get_idir_certs {str} { ...@@ -3548,14 +3597,14 @@ proc get_idir_certs {str} {
} }
if {$idir == ""} { if {$idir == ""} {
if {$is_windows} { if {$is_windows} {
if [info exists env(HOME)] { if [info exists env(SSVNC_HOME)] {
set t "$env(HOME)/ss_vnc" set t "$env(SSVNC_HOME)/ss_vnc"
regsub -all {\\} $t "/" t regsub -all {\\} $t "/" t
regsub -all {//*} $t "/" t regsub -all {//*} $t "/" t
if {! [file isdirectory $t]} { if {! [file isdirectory $t]} {
catch {file mkdir $t} catch {file mkdir $t}
} }
set t "$env(HOME)/ss_vnc/certs" set t "$env(SSVNC_HOME)/ss_vnc/certs"
regsub -all {\\} $t "/" t regsub -all {\\} $t "/" t
regsub -all {//*} $t "/" t regsub -all {//*} $t "/" t
if {! [file isdirectory $t]} { if {! [file isdirectory $t]} {
...@@ -3574,8 +3623,8 @@ proc get_idir_certs {str} { ...@@ -3574,8 +3623,8 @@ proc get_idir_certs {str} {
} }
} }
if {$idir == ""} { if {$idir == ""} {
if [info exists env(HOME)] { if [info exists env(SSVNC_HOME)] {
set t "$env(HOME)/.vnc/certs" set t "$env(SSVNC_HOME)/.vnc/certs"
if [file isdirectory $t] { if [file isdirectory $t] {
set idir $t set idir $t
} }
...@@ -4653,8 +4702,8 @@ proc get_profiles_dir {} { ...@@ -4653,8 +4702,8 @@ proc get_profiles_dir {} {
set dir "" set dir ""
if {$is_windows} { if {$is_windows} {
if [info exists env(HOME)] { if [info exists env(SSVNC_HOME)] {
set t "$env(HOME)/ss_vnc" set t "$env(SSVNC_HOME)/ss_vnc"
regsub -all {\\} $t "/" t regsub -all {\\} $t "/" t
regsub -all {//*} $t "/" t regsub -all {//*} $t "/" t
if {! [file isdirectory $t]} { if {! [file isdirectory $t]} {
...@@ -4675,8 +4724,8 @@ proc get_profiles_dir {} { ...@@ -4675,8 +4724,8 @@ proc get_profiles_dir {} {
set dir $t set dir $t
} }
} }
} elseif [info exists env(HOME)] { } elseif [info exists env(SSVNC_HOME)] {
set t "$env(HOME)/.vnc" set t "$env(SSVNC_HOME)/.vnc"
if [file isdirectory $t] { if [file isdirectory $t] {
set dir $t set dir $t
set s "$t/profiles" set s "$t/profiles"
...@@ -7215,7 +7264,7 @@ proc do_port_knock {hp mode} { ...@@ -7215,7 +7264,7 @@ proc do_port_knock {hp mode} {
global env global env
set pfile "payload$pi.txt" set pfile "payload$pi.txt"
if {! $is_windows} { if {! $is_windows} {
set pfile "$env(HOME)/.$pfile" set pfile "$env(SSVNC_HOME)/.$pfile"
} }
set pfiles($pi) $pfile set pfiles($pi) $pfile
incr pi incr pi
...@@ -7663,7 +7712,7 @@ proc ssh_agent_restart {} { ...@@ -7663,7 +7712,7 @@ proc ssh_agent_restart {} {
mesg "could not find ssh-add in PATH" mesg "could not find ssh-add in PATH"
return return
} }
set tmp $env(HOME)/.vnc-sa[pid] set tmp $env(SSVNC_HOME)/.vnc-sa[pid]
set fh "" set fh ""
catch {set fh [open $tmp "w"]} catch {set fh [open $tmp "w"]}
if {$fh == ""} { if {$fh == ""} {
...@@ -7938,8 +7987,8 @@ proc check_writable {} { ...@@ -7938,8 +7987,8 @@ proc check_writable {} {
if ![file exists $test] { if ![file exists $test] {
global env global env
if [info exists env(HOME)] { if [info exists env(SSVNC_HOME)] {
set dir "$env(HOME)/ss_vnc/cache" set dir "$env(SSVNC_HOME)/ss_vnc/cache"
catch {file mkdir $dir} catch {file mkdir $dir}
if ![file exists $dir] { if ![file exists $dir] {
return return
...@@ -7973,6 +8022,75 @@ if {[regexp -nocase {Windows.9} $tcl_platform(os)]} { ...@@ -7973,6 +8022,75 @@ if {[regexp -nocase {Windows.9} $tcl_platform(os)]} {
set is_win9x 0 set is_win9x 0
} }
# set SSVNC_HOME to HOME in case we modify it for mobile use:
if [info exists env(HOME)] {
if {! [info exists env(SSVNC_HOME)]} {
set env(SSVNC_HOME) $env(HOME)
}
}
# For mobile use, e.g. from a USB flash drive, we look for a "home" or "Home"
# directory relative to this script where the profiles and certs will be kept
# by default.
if [file exists $buck_zero] {
#puts "$buck_zero"
set up [file dirname $buck_zero]
if {$up == "."} {
# this is actually bad news on windows because we cd'd to util.
set up ".."
} else {
set up [file dirname $up]
}
set dirs [list $up]
if {! $is_windows && $up != ".."} {
# get rid of bin
set up [file dirname $up]
lappend dirs $up
}
if {$argc > 0} {
set i [lindex $argv 0]
if {$i == "."} {
if {![file isdirectory "$up/home"] && ![file isdirectory "$up/Home"]} {
catch {file mkdir "$up/Home"}
}
}
}
set gotone 0
foreach d $dirs {
set try "$d/home"
#puts "$try"
if [file isdirectory $try] {
set env(SSVNC_HOME) $try
set gotone 1
break
}
set try "$d/Home"
#puts "$try"
if [file isdirectory $try] {
set env(SSVNC_HOME) $try
set gotone 1
break
}
}
if {$gotone} {
set b ""
if {$is_windows} {
set b "$env(SSVNC_HOME)/ss_vnc"
} else {
set b "$env(SSVNC_HOME)/.vnc"
}
catch {file mkdir $b}
catch {file mkdir "$b/certs"}
catch {file mkdir "$b/profiles"}
}
#puts "HOME: $env(SSVNC_HOME)"
}
if {$is_windows} { if {$is_windows} {
check_writable check_writable
} }
...@@ -7987,8 +8105,8 @@ if {$uname == "Darwin"} { ...@@ -7987,8 +8105,8 @@ if {$uname == "Darwin"} {
if {! [info exists env(DISPLAY)]} { if {! [info exists env(DISPLAY)]} {
set darwin_cotvnc 1 set darwin_cotvnc 1
} }
if [info exists env(HOME)] { if [info exists env(SSVNC_HOME)] {
set t "$env(HOME)/.vnc" set t "$env(SSVNC_HOME)/.vnc"
if {! [file exists $t]} { if {! [file exists $t]} {
catch {file mkdir $t} catch {file mkdir $t}
} }
...@@ -8123,6 +8241,12 @@ update ...@@ -8123,6 +8241,12 @@ update
if {$argc > 0} { if {$argc > 0} {
set item [lindex $argv 0] set item [lindex $argv 0]
if {$item == "."} {
set item ""
if {$argc > 1} {
set item [lindex $argv 1]
}
}
if {$item != ""} { if {$item != ""} {
if [file exists $item] { if [file exists $item] {
load_profile . $item load_profile . $item
...@@ -8148,3 +8272,4 @@ if {$argc > 0} { ...@@ -8148,3 +8272,4 @@ if {$argc > 0} {
} }
} }
#mesg "$buck_zero"
#!/bin/sh #!/bin/sh
rm -rf ./src/tmp/* || exit 1 rm -rf ./src/tmp/* || exit 1
vers=1.0.15 vers=1.0.16
cd .. || exit 1 cd .. || exit 1
cp -p ssvnc/bin/ssvnc_cmd ssvnc/bin/tightvncviewer
########################################### ###########################################
dest=./t.unix_only dest=./t.unix_only
rm -rf $dest rm -rf $dest
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment