classes/ssl: improve timeouts, port fallback, and connection time.

e3055251 · runge · 84d6dd0e · e3055251 · e3055251 · e3055251
Commit e3055251 authored Sep 05, 2007 by runge
11 changed files
--- a/ChangeLog
+++ b/ChangeLog
+2007-09-04  Karl Runge <runge@karlrunge.com>
+	* classes/ssl: improve timeouts, port fallback, and connection
+	  time of the SSL Java viewers.
+
 2007-08-10  Timo Ketola <timo@riihineva.no-ip.org>
 	* libvncclient/rfbproto.c: add missing else (so that GotRect
 	  handling overrides the default operation).

--- a/classes/ssl/Makefile.am
+++ b/classes/ssl/Makefile.am
-EXTRA_DIST=VncViewer.jar index.vnc SignedVncViewer.jar proxy.vnc README ss_vncviewer onetimekey UltraViewerSSL.jar SignedUltraViewerSSL.jar ultra.vnc ultrasigned.vnc
+EXTRA_DIST=VncViewer.jar index.vnc SignedVncViewer.jar proxy.vnc README ss_vncviewer onetimekey UltraViewerSSL.jar SignedUltraViewerSSL.jar ultra.vnc ultrasigned.vnc ultraproxy.vnc

--- a/classes/ssl/SignedUltraViewerSSL.jar
+++ b/classes/ssl/SignedUltraViewerSSL.jar
--- a/classes/ssl/SignedVncViewer.jar
+++ b/classes/ssl/SignedVncViewer.jar
--- a/classes/ssl/UltraViewerSSL.jar
+++ b/classes/ssl/UltraViewerSSL.jar
--- a/classes/ssl/VncViewer.jar
+++ b/classes/ssl/VncViewer.jar
--- a/classes/ssl/proxy.vnc
+++ b/classes/ssl/proxy.vnc
@@ -52,7 +52,7 @@ SignedVncViewer.jar is just a signed version of VncViewer.jar

 The URL to use for this file:  https://host:port/proxy.vnc

-Note LIBVNCSERVERPORT, we assume $PARAMS will have the correct PORT setting
+Note VNCSERVERPORT, we assume $PARAMS will have the correct PORT setting
 (e.g. 563), not the one libvncserver puts in....

 -->
@@ -64,7 +64,7 @@ $USER's $DESKTOP desktop ($DISPLAY)
 </TITLE>
 <APPLET CODE=VncViewer.class ARCHIVE=SignedVncViewer.jar
        WIDTH=$APPLETWIDTH HEIGHT=$APPLETHEIGHT>
-<param name=LIBVNCSERVERPORT value=$PORT>
+<param name=VNCSERVERPORT value=$PORT>
 <param name="Open New Window" value=yes>
 $PARAMS
 </APPLET>

--- a/classes/ssl/ss_vncviewer
+++ b/classes/ssl/ss_vncviewer
@@ -500,7 +500,7 @@ if [ "X$use_ssh" = "X1" ]; then
 	echo ""
 	echo "Running ssh:"
 	sz=`echo "$ssh_cmd" | wc -c`
-	if [ "$sz" -gt 200 ]; then
+	if [ "$sz" -gt 300 ]; then
 		info="..."
 	else
 		info="$ssh_cmd"
@@ -691,10 +691,11 @@ my ($first, $second) = split(/,/, $ENV{PPROXY_PROXY});
 my ($proxy_host, $proxy_port) = split(/:/, $first);
 my $connect = $ENV{PPROXY_DEST};

-print STDERR "\nPPROXY v0.0: a tool for Web proxies and SOCKS connections.\n";
+print STDERR "\nPPROXY v0.1: a tool for Web proxies and SOCKS connections.\n";
 print STDERR "proxy_host:       $proxy_host\n";
 print STDERR "proxy_port:       $proxy_port\n";
 print STDERR "proxy_connect:    $connect\n";
+print STDERR "\n";

 my $listen_handle = "";
 if ($ENV{PPROXY_LISTEN} != "") {

--- a/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch
+++ b/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch
@@ -73,8 +73,8 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/RfbProto.java vnc_javasrc/RfbProto
     serverMajor = (b[4] - '0') * 100 + (b[5] - '0') * 10 + (b[6] - '0');
 diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSLSocketToMe.java
 --- vnc_javasrc.orig/SSLSocketToMe.java	1969-12-31 19:00:00.000000000 -0500
-+++ vnc_javasrc/SSLSocketToMe.java	2007-04-29 20:40:35.000000000 -0400
-@@ -0,0 +1,1421 @@
+++ vnc_javasrc/SSLSocketToMe.java	2007-09-04 23:13:00.000000000 -0400
+@@ -0,0 +1,1452 @@
 +/*
 + * SSLSocketToMe.java: add SSL encryption to Java VNC Viewer.
 + *
@@ -587,7 +587,15 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +				throw new Exception("forcing CONNECT");
 +			}
 +
-+			socket = (SSLSocket) factory.createSocket(host, port);
+			int timeout = 10;
+			if (timeout > 0) {
+				socket = (SSLSocket) factory.createSocket();
+				InetSocketAddress inetaddr = new InetSocketAddress(host, port);
+				dbg("Using timeout of " + timeout + " secs to: " + host + ":" + port);
+				socket.connect(inetaddr, timeout * 1000);
+			} else {
+				socket = (SSLSocket) factory.createSocket(host, port);
+			}
 +
 +		} catch (Exception esock) {
 +			dbg("esock: " + esock.getMessage());
@@ -640,7 +648,9 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +				user_wants_to_see_cert = false;
 +			} else {
 +				bcd = new BrowserCertsDialog(serv, host + ":" + port);
+				dbg("bcd START");
 +				bcd.queryUser();
+				dbg("bcd DONE");
 +				if (bcd.showCertDialog) {
 +					String msg = "user wants to see cert";
 +					dbg(msg);
@@ -745,8 +755,22 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +			str += "\r\n";
 +			System.out.println("sending GET: " + str);
 +    			OutputStream os = socket.getOutputStream();
-+			os.write(str.getBytes());
-+			os.flush();
+			String type = "os";
+			if (type == "os") {
+				os.write(str.getBytes());
+				os.flush();
+				System.out.println("used OutputStream");
+			} else if (type == "bs") {
+				BufferedOutputStream bs = new BufferedOutputStream(os);
+				bs.write(str.getBytes());
+				bs.flush();
+				System.out.println("used BufferedOutputStream");
+			} else if (type == "ds") {
+				DataOutputStream ds = new DataOutputStream(os);
+				ds.write(str.getBytes());
+				ds.flush();
+				System.out.println("used DataOutputStream");
+			}
 +			if (false) {
 +				String rep = "";
 +				DataInputStream is = new DataInputStream(
@@ -1178,13 +1202,15 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +			} else {
 +				trust_this_session = false;
 +			}
-+			dialog.dispose();
+			//dialog.dispose();
+			dialog.hide();
 +
 +		} else if (evt.getSource() == cancel) {
 +			/* Cancel button clicked */
 +			trust_this_session = false;
 +
-+			dialog.dispose();
+			//dialog.dispose();
+			dialog.hide();
 +		}
 +	}
 +
@@ -1316,7 +1342,8 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +		System.out.println(evt.getActionCommand());
 +		if (evt.getSource() == ok) {
 +			reply = entry.getText();
-+			dialog.dispose();
+			//dialog.dispose();
+			dialog.hide();
 +		}
 +	}
 +}
@@ -1361,7 +1388,8 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +		System.out.println(evt.getActionCommand());
 +		if (evt.getSource() == ok) {
 +			reply = entry.getText();
-+			dialog.dispose();
+			//dialog.dispose();
+			dialog.hide();
 +		}
 +	}
 +}
@@ -1426,7 +1454,9 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +		dialog.pack();
 +		dialog.resize(dialog.preferredSize());
 +
+		System.out.println("calling show()");
 +		dialog.show();	/* block here til Yes or No pressed. */
+		System.out.println("done    show()");
 +		return;
 +	}
 +
@@ -1434,11 +1464,12 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +		System.out.println(evt.getActionCommand());
 +		if (evt.getSource() == yes) {
 +			showCertDialog = false;
-+			dialog.dispose();
 +		} else if (evt.getSource() == no) {
 +			showCertDialog = true;
-+			dialog.dispose();
 +		}
+		//dialog.dispose();
+		dialog.hide();
+		System.out.println("done actionPerformed()");
 +	}
 +}
 +
@@ -1498,7 +1529,16 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
 +}
 diff -x VncCanvas.java -Naur vnc_javasrc.orig/VncViewer.java vnc_javasrc/VncViewer.java
 --- vnc_javasrc.orig/VncViewer.java	2004-03-04 08:34:25.000000000 -0500
-+++ vnc_javasrc/VncViewer.java	2007-03-31 23:35:26.000000000 -0400
+++ vnc_javasrc/VncViewer.java	2007-09-03 23:22:13.000000000 -0400
+@@ -80,7 +80,7 @@
+   // Variables read from parameter values.
+   String socketFactory;
+   String host;
+-  int port;
+  int port, vncserverport;
+   boolean showControls;
+   boolean offerRelogin;
+   boolean showOfflineDesktop;
 @@ -88,6 +88,17 @@
   int deferCursorUpdates;
   int deferUpdateRequests;
@@ -1517,7 +1557,35 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/VncViewer.java vnc_javasrc/VncView
   // Reference to this applet for inter-applet communication.
   public static java.applet.Applet refApplet;
 
-@@ -626,6 +637,68 @@
+@@ -591,8 +602,25 @@
+       }
+     }
+ 
+-    String str = readParameter("PORT", true);
+-    port = Integer.parseInt(str);
+    port = 0;
+    String str = readParameter("PORT", false);
+    if (str != null) {
+	port = Integer.parseInt(str);
+    }
+    // When there is a proxy VNCSERVERPORT may be inaccessible (inside firewall).
+    vncserverport = 0;
+    str = readParameter("VNCSERVERPORT", false);
+    if (str != null) {
+	vncserverport = Integer.parseInt(str);
+    }
+    if (port == 0 && vncserverport == 0) {
+	fatalError("Neither PORT nor VNCSERVERPORT parameters specified");
+    }
+    if (port == 0) {
+	// Nevertheless, fall back to vncserverport if we have to.
+	System.out.println("using vncserverport: '" + vncserverport + "' for PORT.");
+	port = vncserverport;
+    }
+ 
+     if (inAnApplet) {
+       str = readParameter("Open New Window", false);
+@@ -626,6 +654,68 @@
 
     // SocketFactory.
     socketFactory = readParameter("SocketFactory", false);

--- a/classes/ssl/ultraproxy.vnc
+++ b/classes/ssl/ultraproxy.vnc
+<!-- 
+     index.vnc - default HTML page for TightVNC Java viewer applet, to be
+     used with Xvnc. On any file ending in .vnc, the HTTP server embedded in
+     Xvnc will substitute the following variables when preceded by a dollar:
+     USER, DESKTOP, DISPLAY, APPLETWIDTH, APPLETHEIGHT, WIDTH, HEIGHT, PORT,
+     PARAMS. Use two dollar signs ($$) to get a dollar sign in the generated
+     HTML page.
+
+     NOTE: the $PARAMS variable is not supported by the standard VNC, so
+     make sure you have TightVNC on the server side, if you're using this
+     variable.
+-->
+
+<HTML>
+<TITLE>
+$USER's $DESKTOP desktop ($DISPLAY)
+</TITLE>
+<APPLET CODE=VncViewer.class ARCHIVE=SignedUltraViewerSSL.jar
+        WIDTH=$APPLETWIDTH HEIGHT=$APPLETHEIGHT>
+<param name="Open New Window" value=yes>
+<param name="ignoreMSLogonCheck" value=yes>
+<param name="delayAuthPanel" value=yes>
+<param name=VNCSERVERPORT value=$PORT>
+$PARAMS
+</APPLET>
+<BR>
+<A href="http://www.ultravnc.com/">UltraVNC site</A>
+</HTML>
--- a/classes/ssl/ultravnc-102-JavaViewer-ssl-etc.patch
+++ b/classes/ssl/ultravnc-102-JavaViewer-ssl-etc.patch
@@ -1815,8 +1815,8 @@ diff -Naur JavaViewer.orig/RfbProto.java JavaViewer/RfbProto.java
 
 diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 --- JavaViewer.orig/SSLSocketToMe.java	1969-12-31 19:00:00.000000000 -0500
-+++ JavaViewer/SSLSocketToMe.java	2007-04-29 20:40:35.000000000 -0400
-@@ -0,0 +1,1421 @@
+++ JavaViewer/SSLSocketToMe.java	2007-09-04 23:13:00.000000000 -0400
+@@ -0,0 +1,1452 @@
 +/*
 + * SSLSocketToMe.java: add SSL encryption to Java VNC Viewer.
 + *
@@ -2329,7 +2329,15 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +				throw new Exception("forcing CONNECT");
 +			}
 +
-+			socket = (SSLSocket) factory.createSocket(host, port);
+			int timeout = 10;
+			if (timeout > 0) {
+				socket = (SSLSocket) factory.createSocket();
+				InetSocketAddress inetaddr = new InetSocketAddress(host, port);
+				dbg("Using timeout of " + timeout + " secs to: " + host + ":" + port);
+				socket.connect(inetaddr, timeout * 1000);
+			} else {
+				socket = (SSLSocket) factory.createSocket(host, port);
+			}
 +
 +		} catch (Exception esock) {
 +			dbg("esock: " + esock.getMessage());
@@ -2382,7 +2390,9 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +				user_wants_to_see_cert = false;
 +			} else {
 +				bcd = new BrowserCertsDialog(serv, host + ":" + port);
+				dbg("bcd START");
 +				bcd.queryUser();
+				dbg("bcd DONE");
 +				if (bcd.showCertDialog) {
 +					String msg = "user wants to see cert";
 +					dbg(msg);
@@ -2487,8 +2497,22 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +			str += "\r\n";
 +			System.out.println("sending GET: " + str);
 +    			OutputStream os = socket.getOutputStream();
-+			os.write(str.getBytes());
-+			os.flush();
+			String type = "os";
+			if (type == "os") {
+				os.write(str.getBytes());
+				os.flush();
+				System.out.println("used OutputStream");
+			} else if (type == "bs") {
+				BufferedOutputStream bs = new BufferedOutputStream(os);
+				bs.write(str.getBytes());
+				bs.flush();
+				System.out.println("used BufferedOutputStream");
+			} else if (type == "ds") {
+				DataOutputStream ds = new DataOutputStream(os);
+				ds.write(str.getBytes());
+				ds.flush();
+				System.out.println("used DataOutputStream");
+			}
 +			if (false) {
 +				String rep = "";
 +				DataInputStream is = new DataInputStream(
@@ -2920,13 +2944,15 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +			} else {
 +				trust_this_session = false;
 +			}
-+			dialog.dispose();
+			//dialog.dispose();
+			dialog.hide();
 +
 +		} else if (evt.getSource() == cancel) {
 +			/* Cancel button clicked */
 +			trust_this_session = false;
 +
-+			dialog.dispose();
+			//dialog.dispose();
+			dialog.hide();
 +		}
 +	}
 +
@@ -3058,7 +3084,8 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +		System.out.println(evt.getActionCommand());
 +		if (evt.getSource() == ok) {
 +			reply = entry.getText();
-+			dialog.dispose();
+			//dialog.dispose();
+			dialog.hide();
 +		}
 +	}
 +}
@@ -3103,7 +3130,8 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +		System.out.println(evt.getActionCommand());
 +		if (evt.getSource() == ok) {
 +			reply = entry.getText();
-+			dialog.dispose();
+			//dialog.dispose();
+			dialog.hide();
 +		}
 +	}
 +}
@@ -3168,7 +3196,9 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +		dialog.pack();
 +		dialog.resize(dialog.preferredSize());
 +
+		System.out.println("calling show()");
 +		dialog.show();	/* block here til Yes or No pressed. */
+		System.out.println("done    show()");
 +		return;
 +	}
 +
@@ -3176,11 +3206,12 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
 +		System.out.println(evt.getActionCommand());
 +		if (evt.getSource() == yes) {
 +			showCertDialog = false;
-+			dialog.dispose();
 +		} else if (evt.getSource() == no) {
 +			showCertDialog = true;
-+			dialog.dispose();
 +		}
+		//dialog.dispose();
+		dialog.hide();
+		System.out.println("done actionPerformed()");
 +	}
 +}
 +
@@ -3363,7 +3394,7 @@ diff -Naur JavaViewer.orig/VncCanvas.java JavaViewer/VncCanvas.java
 						result = 0; // Transparent pixel
 diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
 --- JavaViewer.orig/VncViewer.java	2006-05-24 15:14:40.000000000 -0400
-+++ JavaViewer/VncViewer.java	2007-05-31 16:13:10.000000000 -0400
+++ JavaViewer/VncViewer.java	2007-09-03 23:31:31.000000000 -0400
 @@ -80,7 +80,7 @@
   GridBagLayout gridbag;
   ButtonPanel buttonPanel;
@@ -3373,6 +3404,15 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
   OptionsFrame options;
   ClipboardFrame clipboard;
   RecordingFrame rec;
+@@ -96,7 +96,7 @@
+ 
+   // Variables read from parameter values.
+   String host;
+-  int port;
+  int port, vncserverport;
+   String passwordParam;
+   String encPasswordParam;
+   boolean showControls;
 @@ -115,6 +115,28 @@
   int i;
   // mslogon support 2 end
@@ -3597,7 +3637,35 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
     rfb.writeClientInit();
 
     rfb.readServerInit();
-@@ -804,6 +914,90 @@
+@@ -775,8 +885,25 @@
+       }
+     }
+ 
+-    String str = readParameter("PORT", true);
+-    port = Integer.parseInt(str);
+    port = 0;
+    String str = readParameter("PORT", false);
+    if (str != null) {
+	port = Integer.parseInt(str);
+    }
+    // When there is a proxy VNCSERVERPORT may be inaccessible (inside firewall).
+    vncserverport = 0;
+    str = readParameter("VNCSERVERPORT", false);
+    if (str != null) {
+	vncserverport = Integer.parseInt(str);
+    }
+    if (port == 0 && vncserverport == 0) {
+	fatalError("Neither PORT nor VNCSERVERPORT parameters specified");
+    }
+    if (port == 0) {
+	// Nevertheless, fall back to vncserverport if we have to.
+	System.out.println("using vncserverport: '" + vncserverport + "' for PORT.");
+	port = vncserverport;
+    }
+ 
+     if (inAnApplet) {
+       str = readParameter("Open New Window", false);
+@@ -804,6 +931,90 @@
     deferScreenUpdates = readIntParameter("Defer screen updates", 20);
     deferCursorUpdates = readIntParameter("Defer cursor updates", 10);
     deferUpdateRequests = readIntParameter("Defer update requests", 50);