Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Contribute to GitLab
Sign in
Toggle navigation
L
libvncserver
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
rasky
libvncserver
Commits
d538e4e2
Commit
d538e4e2
authored
May 12, 2008
by
runge
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
x11vnc: SSL fixes. Increase cert lifetimes to 2 years. Print ssl err msg.
parent
fa531979
Changes
7
Show whitespace changes
Inline
Side-by-side
Showing
7 changed files
with
41 additions
and
19 deletions
+41
-19
README
x11vnc/README
+7
-7
help.c
x11vnc/help.c
+2
-2
selection.c
x11vnc/selection.c
+0
-2
sslhelper.c
x11vnc/sslhelper.c
+18
-1
ssltools.h
x11vnc/ssltools.h
+10
-3
x11vnc.1
x11vnc/x11vnc.1
+3
-3
x11vnc_defs.c
x11vnc/x11vnc_defs.c
+1
-1
No files found.
x11vnc/README
View file @
d538e4e2
x11vnc
README
file
Date
:
Wed
May
7
20
:
58
:
51
EDT
2008
x11vnc
README
file
Date
:
Sat
May
10
12
:
54
:
59
EDT
2008
The
following
information
is
taken
from
these
URLs
:
...
...
@@ -10341,8 +10341,8 @@ blah,blah...
brief, run something like "
x11vnc
-
sslGenCert
server
self
:
apache
" then
copy the resulting self:apache.crt file to conf/ssl.crt/server.crt and
extract the private key part from self:apache.pem and paste it into
conf/ssl.key/server.key). Setting the env var REQ_ARGS='-days
730
'
before running x11vnc will bump up the expiration date (
2
years in
conf/ssl.key/server.key). Setting the env var REQ_ARGS='-days
1095
'
before running x11vnc will bump up the expiration date (
3
years in
this case).
Or you can use the standard methods described in the [27]Apache
...
...
@@ -12039,7 +12039,7 @@ x11vnc: a VNC server for real X displays
Here
are
all
of
x11vnc
command
line
options
:
%
x11vnc
-
opts
(
see
below
for
-
help
long
descriptions
)
x11vnc
:
allow
VNC
connections
to
real
X11
displays
.
0.9.4
lastmod
:
2008
-
05
-
07
x11vnc
:
allow
VNC
connections
to
real
X11
displays
.
0.9.4
lastmod
:
2008
-
05
-
10
x11vnc
options
:
-
display
disp
-
auth
file
-
N
...
...
@@ -12158,7 +12158,7 @@ libvncserver-tight-extension options:
% x11vnc -help
x11vnc: allow VNC connections to real X11 displays. 0.9.4 lastmod: 2008-05-
07
x11vnc: allow VNC connections to real X11 displays. 0.9.4 lastmod: 2008-05-
10
(type "x11vnc -opts" to just list the options.)
...
...
@@ -13709,8 +13709,8 @@ e
If
you
set
the
env
.
var
REQ_ARGS
=
'...'
it
will
be
passed
to
openssl
req
(
1
).
A
common
use
would
be
REQ_ARGS
=
'-days
730
'
to
bump
up
the
expiration
date
(
2
years
in
this
case
).
REQ_ARGS
=
'-days
1095
'
to
bump
up
the
expiration
date
(
3
years
in
this
case
).
-
sslEncKey
[
pem
]
Utility
to
encrypt
an
existing
PEM
file
with
a
passphrase
you
supply
when
prompted
.
For
that
key
to
be
...
...
x11vnc/help.c
View file @
d538e4e2
...
...
@@ -1575,8 +1575,8 @@ void print_help(int mode) {
"
\n
"
" If you set the env. var REQ_ARGS='...' it will be
\n
"
" passed to openssl req(1). A common use would be
\n
"
" REQ_ARGS='-days
730
' to bump up the expiration date
\n
"
" (
2
years in this case).
\n
"
" REQ_ARGS='-days
1095
' to bump up the expiration date
\n
"
" (
3
years in this case).
\n
"
"
\n
"
"-sslEncKey [pem] Utility to encrypt an existing PEM file with a
\n
"
" passphrase you supply when prompted. For that key to be
\n
"
...
...
x11vnc/selection.c
View file @
d538e4e2
...
...
@@ -133,8 +133,6 @@ void selection_request(XEvent *ev, char *type) {
targets
[
0
]
=
(
Atom
)
xa_targets
;
targets
[
1
]
=
(
Atom
)
XA_STRING
;
data
=
(
unsigned
char
*
)
str
;
ret
=
XChangeProperty
(
ev
->
xselectionrequest
.
display
,
ev
->
xselectionrequest
.
requestor
,
ev
->
xselectionrequest
.
property
,
...
...
x11vnc/sslhelper.c
View file @
d538e4e2
...
...
@@ -2130,8 +2130,16 @@ if (db > 1) fprintf(stderr, "ssl_init: 4\n");
return
0
;
}
else
if
(
rc
<
0
)
{
unsigned
long
err
;
int
cnt
=
0
;
rfbLog
(
"SSL: ssl_helper[%d]: SSL_accept() *FATAL: %d
\n
"
,
getpid
(),
rc
);
rfbLog
(
"SSL: ssl_helper[%d]: SSL_accept() *FATAL: %d SSL FAILED
\n
"
,
getpid
(),
rc
);
while
((
err
=
ERR_get_error
())
!=
0
)
{
rfbLog
(
"SSL: %s
\n
"
,
ERR_error_string
(
err
,
NULL
));
if
(
cnt
++
>
100
)
{
break
;
}
}
return
0
;
}
else
if
(
dnow
()
>
start
+
3
.
0
)
{
...
...
@@ -2174,9 +2182,18 @@ if (db > 1) fprintf(stderr, "ssl_init: 4\n");
}
}
else
{
rfbLog
(
"SSL: ssl_helper[%d]: accepted client %s x509 cert is:
\n
"
,
getpid
(),
name
);
#if LIBVNCSERVER_HAVE_X509_PRINT_EX_FP
X509_print_ex_fp
(
stderr
,
x
,
0
,
XN_FLAG_MULTILINE
);
#endif
if
(
cr
!=
NULL
)
{
#if LIBVNCSERVER_HAVE_X509_PRINT_EX_FP
X509_print_ex_fp
(
cr
,
x
,
0
,
XN_FLAG_MULTILINE
);
#else
rfbLog
(
"** not compiled with libssl X509_print_ex_fp() function **
\n
"
);
if
(
users_list
&&
strstr
(
users_list
,
"sslpeer="
))
{
rfbLog
(
"** -users sslpeer= will not work! **
\n
"
);
}
#endif
fclose
(
cr
);
}
}
...
...
x11vnc/ssltools.h
View file @
d538e4e2
...
...
@@ -76,7 +76,7 @@ char genCA[] =
"name_opt = ca_default # Subject Name options
\n
"
"cert_opt = ca_default # Certificate field options
\n
"
"
\n
"
"default_days =
365
# how long to certify for
\n
"
"default_days =
730
# how long to certify for
\n
"
"default_crl_days= 30 # how long before next CRL
\n
"
"default_md = md5 # which md to use.
\n
"
"preserve = no # keep passed DN ordering
\n
"
...
...
@@ -333,6 +333,13 @@ char genCert[] =
" echo
\"
Creating new x11vnc certificate and key for name: $type $name0
\"\n
"
" echo
\"\"\n
"
"
\n
"
" req_args=$REQ_ARGS
\n
"
" if echo
\"
$req_args
\"
| grep 'days' > /dev/null; then
\n
"
" :
\n
"
" else
\n
"
" req_args=
\"
$req_args -days 730
\"\n
"
" fi
\n
"
"
\n
"
" cnf=
\"
$DIR/tmp/cnf.$$
\"\n
"
" trap
\"
rm -f
\\\"
$cnf
\\\"\"
0 1 2 15
\n
"
"
\n
"
...
...
@@ -343,7 +350,7 @@ char genCert[] =
" direrror
\"
$DIR/CA/self.cnf.$type
\"\n
"
" fi
\n
"
" cat
\"
$DIR/CA/self.cnf.$type
\"
| sed -e
\"
s/%NAME/$name0/
\"
>
\"
$cnf
\"
|| exit 1
\n
"
"
\"
$OPENSSL
\"
req -config
\"
$cnf
\"
-nodes -new -newkey rsa:2048 -x509 $
REQ_ARGS
\\\n
"
"
\"
$OPENSSL
\"
req -config
\"
$cnf
\"
-nodes -new -newkey rsa:2048 -x509 $
req_args
\\\n
"
" -keyout
\"
$DIR/$dest.key
\"
\\\n
"
" -out
\"
$DIR/$dest.crt
\"\n
"
" else
\n
"
...
...
@@ -351,7 +358,7 @@ char genCert[] =
" direrror
\"
$DIR/CA/ssl.cnf.$type
\"\n
"
" fi
\n
"
" cat
\"
$DIR/CA/ssl.cnf.$type
\"
| sed -e
\"
s/%NAME/$name0/
\"
>
\"
$cnf
\"
|| exit 1
\n
"
"
\"
$OPENSSL
\"
req -config
\"
$cnf
\"
-nodes -new -newkey rsa:2048 $
REQ_ARGS
\\\n
"
"
\"
$OPENSSL
\"
req -config
\"
$cnf
\"
-nodes -new -newkey rsa:2048 $
req_args
\\\n
"
" -keyout
\"
$DIR/$dest.key
\"
\\\n
"
" -out
\"
$DIR/$dest.req
\"\n
"
" fi
\n
"
...
...
x11vnc/x11vnc.1
View file @
d538e4e2
...
...
@@ -2,7 +2,7 @@
.TH X11VNC "1" "May 2008" "x11vnc " "User Commands"
.SH NAME
x11vnc - allow VNC connections to real X11 displays
version: 0.9.4, lastmod: 2008-05-
07
version: 0.9.4, lastmod: 2008-05-
10
.SH SYNOPSIS
.B x11vnc
[OPTION]...
...
...
@@ -1787,8 +1787,8 @@ If you set the env. var REQ_ARGS='...' it will be
passed to openssl
.IR req (1).
A common use would be
REQ_ARGS='-days
730
' to bump up the expiration date
(
2
years in this case).
REQ_ARGS='-days
1095
' to bump up the expiration date
(
3
years in this case).
.PP
\fB-sslEncKey\fR \fI[pem]\fR
.IP
...
...
x11vnc/x11vnc_defs.c
View file @
d538e4e2
...
...
@@ -15,7 +15,7 @@ int xtrap_base_event_type = 0;
int
xdamage_base_event_type
=
0
;
/* date +'lastmod: %Y-%m-%d' */
char
lastmod
[]
=
"0.9.4 lastmod: 2008-05-
07
"
;
char
lastmod
[]
=
"0.9.4 lastmod: 2008-05-
10
"
;
/* X display info */
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment