diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/README b/x11vnc/misc/enhanced_tightvnc_viewer/README index db329e0..8eaab87 100644 --- a/x11vnc/misc/enhanced_tightvnc_viewer/README +++ b/x11vnc/misc/enhanced_tightvnc_viewer/README @@ -1,18 +1,18 @@ - Enhanced TightVNC Viewer package + Enhanced TightVNC Viewer (ssvnc: SSL/SSH VNC viewer) -Copyright (c) Karl J. Runge +Copyright (c) 2006 Karl J. Runge All rights reserved. -These packages provide 1) An enhanced TightVNC Viewer on Unix, 2) Binaries -for many Operating Systems (including Windows) for your convenience, -3) Wrapper scripts and etc. for gluing them all together. +These bundles provide 1) An enhanced TightVNC Viewer on Unix, 2) Binaries +for many Operating Systems (including Windows and Mac OS X) for your +convenience, 3) Wrapper scripts and a GUI for gluing them all together. One can straight-forwardly download all of the components and get them -to work together by oneself: this package is mostly for your convenience +to work together by oneself: this bundle is mostly for your convenience to combine and wrap together the freely available software. -Bundled software co-shipped in this package is copyright and licensed -by others. See these sites and related ones for more information: +Bundled software co-shipped is copyright and licensed by others. +See these sites and related ones for more information: http://www.tightvnc.com http://www.realvnc.com @@ -24,31 +24,33 @@ by others. See these sites and related ones for more information: Note: Some of the Windows binaries included contain cryptographic software that you may not be allowed to download, use, or redistribute. Please -check your situation first before downloading any of these packages. +check your situation first before downloading any of these bundles. See the survey http://rechten.uvt.nl/koops/cryptolaw/index.htm for useful information. The Unix programs do not contain cryptographic software, but rather will make use of cryptographic libraries that are installed on your Unix system. Depending on your circumstances you may still need to check. -All work by Karl J. Runge in this package is Copyright (c) Karl J. Runge +All work by Karl J. Runge in this project is Copyright (c) 2006 Karl J. Runge and is licensed under the GPL as described in the file COPYING in this directory. -All the files and information in this package are provided "AS IS" +All the files and information in this project are provided "AS IS" without any warranty of any kind. Use them at your own risk. ============================================================================= -This package contains a convenient collection of enhanced TightVNC viewers -and stunnel binaries for different flavors of Unix and wrapper scripts, -etc to glue them together. SSL and SSH encryption tunnelling is provided. +This bundle contains a convenient collection of enhanced TightVNC +viewers and stunnel binaries for different flavors of Unix and wrapper +scripts and a GUI front-end to glue them together. Automatic SSL and +SSH encryption tunnelling is provided. -Also, a Windows SSL wrapper for the co-bundled TightVNC binary and other -utilities are provided. (Launch ssl_tightvncviewer.exe in the -Windows subdirectory). +A Windows SSL wrapper for the bundled TightVNC binary and other utilities +are provided. (Launch ssvnc.exe in the Windows subdirectory). -It is a self-contained package, you could carry it around on, say, +The short name of the project is "ssvnc" for SSL/SSH VNC Viewer. + +It is a self-contained bundle, you could carry it around on, say, a USB memory stick for secure VNC viewing from almost any machine, Unix or Windows. @@ -57,17 +59,10 @@ Features: The enhanced TightVNC viewer features are: - - SSL support for connections using the co-bundled stunnel program. + - SSL support for connections using the bundled stunnel program. - Automatic SSH connections from the GUI (ssh must already be - installed on Unix; co-bundled plink is used on Windows) - - - rfbNewFBSize VNC support on Unix (screen resizing) - - - cursor alphablending with x11vnc at 32bpp (-alpha option, Unix only) - - - xgrabserver support for fullscreen mode, for old window - managers (-grab option, Unix only). + installed on Unix; bundled plink is used on Windows) - Create or Import SSL Certificates and Private Keys. @@ -80,31 +75,154 @@ The enhanced TightVNC viewer features are: connecting. - You can also use your own VNC Viewer, e.g. UltraVNC or RealVNC, - with the front-end if you like. + with the front-end GUI or scripts if you like. + + - Sets up any additional SSH port redirections that you desire. + + - Support for native MacOS X usage with bundled Chicken of the + VNC viewer. + + + (these 3 features only apply to the bundled Unix tightvnc viewer) + + - rfbNewFBSize VNC support on Unix (screen resizing, Unix only) + + - cursor alphablending with x11vnc at 32bpp (-alpha option, Unix only) + + - xgrabserver support for fullscreen mode, for old window + managers (-grab option, Unix only). + + +The list of software bundled in the archive files: + + TightVNC Viewer (windows, unix, macosx) + Chicken of the VNC Viewer (macosx) + Stunnel (windows, unix, macosx) + Putty/Plink/Pageant (windows) + OpenSSL (windows) + esound (windows) + +These are all self-contained in the bundle directory: they will not be +installed on your system. Just un-zip or un-tar the file you downloaded +and run it straight from its directory. + + +Quick Start: +----------- + +Unix and Mac OS X: + + Inside a Terminal do something like the following. + + Unpack the archive: + + % gzip -dc ssvnc-1.0.8.tar.gz | tar xvf - + + Run the GUI: + + % ./ssvnc/Unix/ssvnc (for Unix) + + % ./ssvnc/MacOSX/ssvnc (for Mac OS X) + + actually both of the above are equivalent, and the same as running + + % ./ssvnc/bin/ssvnc + + + The smaller file "ssvnc_no_windows-1.0.8.tar.gz" + could have been used as well. + + +Windows: + + Unzip, using WinZip or a similar utility, the zip file: - - Sets up any additional SSH port redirections that you want. + ssvnc-1.0.8.zip + Run the GUI, e.g.: -Your package should have included binaries for many OS's: Linux, Solaris, -FreeBSD, etc. Unpack your archive and see the subdirectories of + Start -> Run -> Browse + + and then navigate to + + .../ssvnc/Windows/ssvnc.exe + + select Open, and then OK to launch it. + + The smaller file "ssvnc_windows_only-1.0.8.zip" + could have been used as well. + + You can make a Windows shortcut to this program if you want to. + + See the Windows/README.txt for more info. + + +Bundle Info: +------------ + +The bundle files unpack a directory/folder named: ssvnc + +It contains these programs to launch the GUI: + + Windows/ssvnc.exe for Windows + MacOSX/ssvnc for Mac OS X + Unix/ssvnc for Unix + +(the Mac OS X and Unix launchers are simply links to the bin directory). + + +Your bundle file should have included binaries for many OS's: Linux, +Solaris, FreeBSD, etc. Unpack your archive and see the subdirectories of ./bin -for the ones that were shipped in this package, e.g. ./bin/Linux.i686 +for the ones that were shipped in this project, e.g. ./bin/Linux.i686 Run "uname -sm" to see your OS+arch combination. (See the -./bin/tightvncviewer -h output for how to override platform autodection +./bin/ssvnc_cmd -h output for how to override platform autodection via the UNAME env. var). +External Dependencies: +---------------------- + +On Windows everything is included. Let us know if you find otherwise. + +On Unix depending on what you do you need these programs installed: + + - basic unix utilities (sh, ls, cat, awk, sed, etc..) + - tcl/tk (wish interpreter) + - xterm + - perl + - ssh + - openssl + + Lesser used ones: netcat, esd/artsd, smbclient, smbmount, cups + +On Mac OS X depending on what you do you need these programs installed: + + - basic unix utilities (sh, ls, cat, awk, sed, etc..) + - tcl/tk (wish interpreter) + - Terminal + - perl + - ssh + - openssl + + Lesser used ones: netcat, smbclient, cups + + +Most Mac OS X and Unix OS come with the main components installed. + + If you need to Build: -------------------- -If your OS/arch is not included, the script "build.unix" may be able to +If your OS/arch is not included or the provided binary has the wrong +library dependencies, etc. the script "build.unix" may be able to successfully build on for you and deposit the binaries down in ./bin/... using the included source code. -You must run the build.unix script from this directory (that this toplevel -README is in) and like this: +You MUST run the build.unix script from this directory (that this toplevel +README is in, i.e "ssvnc") and like this: ./build.unix @@ -116,27 +234,21 @@ The programs: ------------ Unpack your archive, and you will see "bin", "Windows", "src" directories -and other files. The wrapper scripts: +and other files. The command line wrapper scripts: - ./bin/ssl_tightvncviewer + ./bin/ssvnc_cmd ./bin/tightvncviewer -are the main programs you will run and will try to autodetect your OS+arch +are the main programs that are run and will try to autodetect your OS+arch combination and if binaries are present for it automatically use them. (if not found try the running the build.unix script). -If you prefer a GUI to prompt for parameters and then start ssl_tightvncviewer +If you prefer a GUI to prompt for parameters and then start ssvnc_cmd you can run this instead: - ./bin/ssl_vnc_gui - -this is essentially the same GUI that is run on Windows (the -ssl_tightvncviewer.exe). + ./bin/ssvnc -Using the GUI is it not possible (well not easy) to initiate -a VNC connection that is not encrypted with either SSL or SSH. -Unencrypted VNC connections can only be started by manually running the -./bin/tightvncviewer script. +this is the same GUI that is run on Windows (the ssvnc.exe). For convenience, you can make symlinks from a directory in your PATH to any of the 3 programs above you wish to run. That is all you usually @@ -144,19 +256,19 @@ need to do for it to pick up all of the binaries, utils, etc. E.g. assuming $HOME/bin is in your $PATH: cd $HOME/bin - ln -s /path/to/enhanced_tightvnc_viewer/bin/{s,t}* . + ln -s /path/to/ssvnc/bin/{s,t}* . (note the "." at the end). The above commands is basically the way to -"install" this package on Unix. +"install" this on Unix. Also symlinks to the GUI launcher script are provided in: - MacOSX/ssl_vnc_gui.sh - Unix/ssl_vnc_gui + MacOSX/ssvnc + Unix/ssvnc On Windows unpack your archive and run: - Windows/ssl_tightvncviewer.exe + Windows/ssvnc.exe Examples: @@ -167,11 +279,11 @@ archive you unpacked. Use enhanced TightVNC unix viewer to connect to x11vnc via SSL: - ./bin/ssl_tightvncviewer far-away.east:0 + ./bin/ssvnc_cmd far-away.east:0 ./bin/tightvncviewer -ssl far-away.east:0 (same) - ./bin/ssl_vnc_gui (start GUI launcher) + ./bin/ssvnc (start GUI launcher) Use enhanced TightVNC unix viewer without SSL: @@ -180,7 +292,7 @@ Use enhanced TightVNC unix viewer without SSL: Use SSL to connect to a x11vnc server, and also verify the server's identity using the SSL Certificate in the file ./x11vnc.pem: - ./bin/ssl_tightvncviewer -alpha -verify ./x11vnc.pem far-away.east:0 + ./bin/ssvnc_cmd -alpha -verify ./x11vnc.pem far-away.east:0 (also turns on the viewer-side cursor alphablending hack). @@ -188,8 +300,8 @@ identity using the SSL Certificate in the file ./x11vnc.pem: Brief description of the subdirectories: --------------------------------------- - ./bin/util some utility scripts, e.g. ssl_vncviewer - and ssl_tightvncviewer.tcl + ./bin/util some utility scripts, e.g. ss_vncviewer + and ssvnc.tcl ./src source code and patches. ./src/zips zip files of source code and binaries. @@ -205,11 +317,24 @@ Brief description of the subdirectories: ./man man pages for TightVNC viewer and stunnel. ./Windows Stock TightVNC viewer and Stunnel, Openssl - etc Windows binaries. ssl_tightvncviewer.exe - is the program to run. + etc Windows binaries. ssvnc.exe is the + program to run. + + ./MacOSX contains an unpacked Chicken of the VNC + viewer and a symlink to ssvnc. + + ./Unix contains a symlink to ssvnc. -Since they are large, depending on which package you use not all of the -above may be present in your package. +Depending on which bundle you use not all of the above may be present. +The smallest bundles with binaries are: + + ssvnc_windows_only-1.x.y.zip Windows + ssvnc_no_windows-1.x.y.tar.gz Unix and MacOSX + +however, the tiny scripts only one (only 60KB) will run properly on Unix +as long as you install external vncviewer and stunnel packages: + + ssvnc_unix_minimal-1.x.y.tar.gz Help and Info: @@ -217,9 +342,8 @@ Help and Info: For more help on other options and usage patterns run these: - ./bin/ssl_tightvncviewer -h - ./bin/tightvncviewer -h - ./bin/util/ssl_vncviewer -h + ./bin/ssvnc_cmd -h + ./bin/util/ss_vncviewer -h See also: @@ -234,26 +358,3 @@ See also: http://www.realvnc.com http://www.chiark.greenend.org.uk/~sgtatham/putty/ http://sourceforge.net/projects/cotvnc/ - - -Windows: -------- - - Unpack the zip archive somewhere. - - A wrapper to create a STUNNEL tunnel and then launch the - Windows TightVNC viewer is provided in: - - Windows/ssl_tightvncviewer.exe - - Just launch it (Start ... Run) and fill in the remote VNC - display then click "Connect". You can make a shortcut if - you prefer. - - Click the Help buttons for more info. There is also a - Windows/README.txt file. - - On Windows you may need to terminate the STUNNEL process - from the System Tray if the tool cannot terminate it - by itself. Just right-click on the STUNNEL icon. - diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/README.txt b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/README.txt index 8710251..f77e9c0 100644 --- a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/README.txt +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/README.txt @@ -6,16 +6,16 @@ is launched to used this SSL tunnel. An example server would be "x11vnc -ssl", or any VNC server with a 2nd STUNNEL program running on the server side. -Just click on the program "ssl_tightvncviewer.exe", and then enter -the remote VNC Server and click "Connect". Click on "Help" for more +Just click on the program "ssvnc.exe", and then enter the remote +VNC Server and click "Connect". Click on "Help" for more information information. You can also set some simple options under "Options ..." Note that on Windows when the TightVNC viewer disconnects you may need to terminate the STUNNEL program manually. To do this: Click on the STUNNEL icon (dark green) on the System Tray and then click "Exit". Before that, -however, you will be prompted if you want ssl_tightvncviewer.exe to try -to terminate STUNNEL for you. (Note that even if STUNNEL termination is -successful, the Tray Icon may not go away until the mouse hovers over it!) +however, you will be prompted if you want ssvnc.exe to try to terminate +STUNNEL for you. (Note that even if STUNNEL termination is successful, +the Tray Icon may not go away until the mouse hovers over it!) With this STUNNEL and TightVNC Viewer wrapper you can also enable using SSL Certificates with STUNNEL, and so the connection is not only encrypted diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/connect_br.tcl b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/connect_br.tcl index e8654a3..a023c1f 100755 --- a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/connect_br.tcl +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/connect_br.tcl @@ -9,25 +9,25 @@ set server_fh "" set debug 0 if {$debug} { - if {! [info exists env(SSL_VNC_DEST)]} { - set env(SSL_VNC_DEST) "haystack:2037" + if {! [info exists env(SSVNC_DEST)]} { + set env(SSVNC_DEST) "haystack:2037" } - if {! [info exists env(SSL_VNC_PROXY)]} { - set env(SSL_VNC_PROXY) "haystack:2037" + if {! [info exists env(SSVNC_PROXY)]} { + set env(SSVNC_PROXY) "haystack:2037" } - if {! [info exists env(SSL_VNC_LISTEN)]} { - set env(SSL_VNC_LISTEN) "6789" + if {! [info exists env(SSVNC_LISTEN)]} { + set env(SSVNC_LISTEN) "6789" } } -set dest $env(SSL_VNC_DEST) +set dest $env(SSVNC_DEST) -if [regexp {,} $env(SSL_VNC_PROXY)] { - set s [split $env(SSL_VNC_PROXY) ","] +if [regexp {,} $env(SSVNC_PROXY)] { + set s [split $env(SSVNC_PROXY) ","] set proxy1 [lindex $s 0] set proxy2 [lindex $s 1] } else { - set proxy1 $env(SSL_VNC_PROXY) + set proxy1 $env(SSVNC_PROXY) } set s [split $proxy1 ":"] @@ -40,7 +40,7 @@ if {$proxy2 != ""} { set proxy2_port [lindex $s 1] } -set lport $env(SSL_VNC_LISTEN) +set lport $env(SSVNC_LISTEN) set got_connection 0 set lsock [socket -myaddr 127.0.0.1 -server handle_connection $lport] diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssvnc b/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssvnc index a077054..50e96b0 100755 --- a/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssvnc +++ b/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssvnc @@ -2,11 +2,11 @@ # # Copyright (c) 2006 by Karl J. Runge # -# ssl_vnc_gui: +# sslvnc: # -# A wrapper for ssl_tightvncviewer using a tcl/tk gui. +# A wrapper for ssvnc_cmd using a tcl/tk gui. # -# See ssl_tightvncviewer for details. +# See ssvnc_cmd for details. # if [ "X$XTERM_PRINT" != "X" ]; then XTERM_PRINT="" @@ -18,14 +18,25 @@ if [ "X$1" = "X-bg" ]; then exit 0 fi -PATH=$PATH:/usr/bin:/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/openwin/bin +PATH=$PATH:/usr/bin:/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/openwin/bin:/usr/sfw/bin:/usr/local/bin export PATH +if [ "X$WISH" = "X" ]; then + WISH=wish + for try in wish wish8.3 wish8.4 wish8.5 + do + if type $try > /dev/null; then + WISH=$try + break + fi + done +fi -SSL_VNC_GUI_CMD="$0 $*" -export SSL_VNC_GUI_CMD -SSL_VNC_LAUNCH=$SSL_VNC_GUI_CMD -export SSL_VNC_LAUNCH + +SSVNC_GUI_CMD="$0 $*" +export SSVNC_GUI_CMD +SSVNC_LAUNCH=$SSVNC_GUI_CMD +export SSVNC_LAUNCH # work out os.arch platform string and check for binaries: # @@ -50,13 +61,48 @@ do fi done dir=`dirname "$f"` +PATH="$dir:$PATH" -if [ ! -d "$dir/$name" ]; then - echo "cannot find platform dir: $dir/$name for your OS:" - uname -sm - echo "you can set the \$UNAME env. var. to override the setting." - exit 1 +nearby=0 +if [ -x "$dir/vncviewer" -a -x "$dir/stunnel" ]; then + nearby=1 fi +if [ ! -d "$dir/$name" -a $nearby = 0 ]; then + echo + echo "Cannot find platform dir for your OS `uname -sm`:" + echo + echo " $dir/$name" + echo + PATH=$PATH:/usr/sbin:/usr/local/sbin:/dist/sbin + + quit=0 + if type vncviewer >/dev/null 2>/dev/null; then + : + else + echo "vncviewer not found in PATH." + quit=1 + fi + if type stunnel >/dev/null 2>/dev/null; then + : + else + echo "stunnel not found in PATH." + quit=1 + fi + echo + if [ "X$quit" = "X1" ]; then + echo "You can set the \$UNAME env. var. to override the OS setting." + echo "Or, if available, run the ./build.unix script to build it." + echo "Or install external \"vncviewer\" and \"stunnel\" packages." + exit 1 + fi + echo "Using externel \"vncviewer\" and \"stunnel\" found in PATH." +else + STUNNEL_EXTRA_OPTS=${STUNNEL_EXTRA_OPTS:-"maxconn = 1"} + export STUNNEL_EXTRA_OPTS + SSVNC_VIEWER_INTERNAL=1 + export SSVNC_VIEWER_INTERNAL +fi + # Put our os.arch and other utils dirs at head of PATH to be sure to # pick them up: @@ -69,10 +115,11 @@ else PATH="$dir:$dir/$name:$dir/util:$PATH" fi -SSL_VNC_BASEDIR="$dir" -export SSL_VNC_BASEDIR +SSVNC_BASEDIR="$dir" +export SSVNC_BASEDIR -STUNNEL_EXTRA_OPTS=${STUNNEL_EXTRA_OPTS:-"maxconn = 1"} -export STUNNEL_EXTRA_OPTS - -exec ssl_tightvncviewer.tcl "$@" +if [ "X$WISH" = "Xwish" ]; then + exec ssvnc.tcl "$@" +else + exec $WISH $dir/util/ssvnc.tcl "$@" +fi diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssvnc_cmd b/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssvnc_cmd index 3f0de56..7aab487 100755 --- a/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssvnc_cmd +++ b/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssvnc_cmd @@ -2,9 +2,9 @@ # # Copyright (c) 2006 by Karl J. Runge # -# ssl_tightvncviewer: +# ssvnc_cmd: # -# A wrapper that calls ssl_vncviewer to use the enhanced TightVNC viewer. +# A wrapper that calls ss_vncviewer to use the enhanced TightVNC viewer. # # The enhanced TightVNC viewer features are: # @@ -23,11 +23,11 @@ # # Usage: # -# ssl_tightvncviewer [ssl_vncviewer-args] hostname:N [tightvncviewer-args] +# ssvnc_cmd [ss_vncviewer-args] hostname:N [tightvncviewer-args] # # "hostname:N" is the host and VNC display to connect to, e.g. snoopy:0 # -# See the script util/ssl_vncviewer for details about its arguments: +# See the script util/ss_vncviewer for details about its arguments: # # -verify pemfile # -mycert pemfile @@ -86,18 +86,25 @@ fi PATH=$PATH:/usr/bin:/bin export PATH -# Set this for ssl_vncviewer to pick up: +# Set this for ss_vncviewer to pick up: # -use_ours=0 if [ "X$1" = "X-cotvnc" ]; then shift DARWIN_COTVNC=1 export DARWIN_COTVNC +elif [ "X$DARWIN_COTVNC" = "X" -a "X$DISPLAY" = "X" ]; then + uname=`uname` + if [ "X$uname" = "XDarwin" ]; then + DARWIN_COTVNC=1 + export DARWIN_COTVNC + fi fi + +use_ours=0 if [ "X$VNCVIEWERCMD" = "X" ]; then VNCVIEWERCMD="vncviewer" export VNCVIEWERCMD - if [ "X$DARWIN_COTVNC" = "X" ]; then + if [ "X$DARWIN_COTVNC" != "X" ]; then use_ours=1 fi fi @@ -110,7 +117,7 @@ if [ "X$name" = "X" ]; then fi f="$0" -for t in 1 2 3 4 5 +for t in 1 2 3 4 5 6 do if [ -L "$f" ]; then f0="$f" @@ -125,12 +132,55 @@ do fi done dir=`dirname "$f"` +PATH="$dir:$PATH" + +nearby=0 +if [ -x "$dir/vncviewer" -a -x "$dir/stunnel" ]; then + nearby=1 +fi +if [ ! -d "$dir/$name" -a $nearby = 0 ]; then + echo + echo "Cannot find platform dir for your OS `uname -sm`:" + echo + echo " $dir/$name" + echo + PATH=$PATH:/usr/sbin:/usr/local/sbin:/dist/sbin + + quit=0 + if type vncviewer >/dev/null 2>/dev/null; then + : + else + echo "vncviewer not found in PATH." + quit=1 + fi + if type stunnel >/dev/null 2>/dev/null; then + : + else + echo "stunnel not found in PATH." + quit=1 + fi + echo + if [ "X$quit" = "X1" ]; then + echo "You can set the \$UNAME env. var. to override the OS setting." + echo "Or, if available, run the ./build.unix script to build it." + echo "Or install external \"vncviewer\" and \"stunnel\" packages." + exit 1 + fi + echo "Using externel \"vncviewer\" and \"stunnel\" found in PATH." -if [ ! -d "$dir/$name" ]; then - echo "cannot find platform dir: $dir/$name for your OS:" - uname -sm - echo "you can set the \$UNAME env. var. to override the setting." - exit 1 + if [ "X$DARWIN_COTVNC" = "X" -a "X$VNCVIEWERCMD" = "Xvncviewer" ]; then + hstr=`"$VNCVIEWERCMD" -h 2>&1 | head -5` + if echo "$hstr" | grep '^TightVNC.*version 1\.[23]' > /dev/null; then + # we need to avoid raw encoding + use_ours=1 + fi + fi +else + STUNNEL_EXTRA_OPTS=${STUNNEL_EXTRA_OPTS:-"maxconn = 1"} + export STUNNEL_EXTRA_OPTS + SSVNC_VIEWER_INTERNAL=1 + export SSVNC_VIEWER_INTERNAL + use_ours=1 fi # Put our os.arch and other utils dirs at head of PATH to be sure to @@ -144,15 +194,26 @@ else PATH="$dir:$dir/$name:$dir/util:$PATH" fi -STUNNEL_EXTRA_OPTS=${STUNNEL_EXTRA_OPTS:-"maxconn = 1"} -export STUNNEL_EXTRA_OPTS +base=`basename "$0"` +if [ "X$1" = "X-ssl" ]; then + shift + base="ssvnc_cmd" +fi # If ours (and not cotvnc), force the use of tight encoding for localhost # redir connection: # # if [ $use_ours = 1 ]; then - ssl_vncviewer "$@" -encodings 'copyrect tight zrle zlib hextile' + if [ "X$base" = "Xtightvncviewer" ]; then + "$VNCVIEWERCMD" -encodings 'copyrect tight zrle zlib hextile' "$@" + else + ss_vncviewer "$@" -encodings 'copyrect tight zrle zlib hextile' + fi else - ssl_vncviewer "$@" + if [ "X$base" = "Xtightvncviewer" ]; then + "$VNCVIEWERCMD" "$@" + else + ss_vncviewer "$@" + fi fi diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ss_vncviewer b/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ss_vncviewer index 0477eee..3f8bd42 100755 --- a/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ss_vncviewer +++ b/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ss_vncviewer @@ -1,7 +1,7 @@ #!/bin/sh # -# ssl_vncviewer: wrapper for vncviewer to use an stunnel SSL tunnel -# or an SSH tunnel. +# ss_vncviewer: wrapper for vncviewer to use an stunnel SSL tunnel +# or an SSH tunnel. # # Copyright (c) 2006 by Karl J. Runge # @@ -14,10 +14,10 @@ # (or use stunnel on the server side for any other VNC server) # # -# Usage: ssl_vncviewer [cert-args] host:display +# Usage: ss_vncviewer [cert-args] host:display # -# e.g.: ssl_vncviewer snoopy:0 -# ssl_vncviewer snoopy:0 -encodings "copyrect tight zrle hextile" +# e.g.: ss_vncviewer snoopy:0 +# ss_vncviewer snoopy:0 -encodings "copyrect tight zrle hextile" # # [cert-args] can be: # @@ -69,13 +69,13 @@ # # Examples: # -# ssl_vncviewer -ssh bob@bobs-home.net:0 -# ssl_vncviewer -ssh -sshcmd 'x11vnc -localhost' bob@bobs-home.net:0 +# ss_vncviewer -ssh bob@bobs-home.net:0 +# ss_vncviewer -ssh -sshcmd 'x11vnc -localhost' bob@bobs-home.net:0 # -# ssl_vncviewer -ssh -proxy fred@mygate.com:2022 mymachine:0 -# ssl_vncviewer -ssh -proxy bob@bobs-home.net:2222 localhost:0 +# ss_vncviewer -ssh -proxy fred@mygate.com:2022 mymachine:0 +# ss_vncviewer -ssh -proxy bob@bobs-home.net:2222 localhost:0 # -# ssl_vncviewer -ssh -proxy fred@gw-host,fred@peecee localhost:0 +# ss_vncviewer -ssh -proxy fred@gw-host,fred@peecee localhost:0 # # -sshcmd cmd Run "cmd" via ssh instead of the default "sleep 15" # e.g. -sshcmd 'x11vnc -display :0 -localhost -rfbport 5900' @@ -89,7 +89,7 @@ # this if you need to tunnel additional services via -R and -L # (see -sshargs above). # -# ssl_vncviewer -sshssl -proxy fred@mygate.com mymachine:0 +# ss_vncviewer -sshssl -proxy fred@mygate.com mymachine:0 # # # -alpha turn on cursor alphablending hack if you are using the @@ -129,11 +129,29 @@ use_sshssl="" direct_connect="" ssh_sleep=15 ssh_cmd="sleep $ssh_sleep" -if [ "X$SSL_VNCVIEWER_SSH_CMD" != "X" ]; then - ssh_cmd="$SSL_VNCVIEWER_SSH_CMD" +if [ "X$SS_VNCVIEWER_SSH_CMD" != "X" ]; then + ssh_cmd="$SS_VNCVIEWER_SSH_CMD" fi ssh_args="" +if [ "X$1" = "X-viewerflavor" ]; then + if echo "$VNCVIEWERCMD" | grep -i chicken.of > /dev/null; then + echo "cotvnc" + exit 0 + fi + str=`"$VNCVIEWERCMD" -h 2>&1 | head -5` + if echo "$str" | grep -i 'TightVNC.viewer' > /dev/null; then + echo "tightvnc" + elif echo "$str" | grep -i 'RealVNC.Ltd' > /dev/null; then + echo "realvnc4" + elif echo "$str" | grep -i 'VNC viewer version 3' > /dev/null; then + echo "realvnc3" + else + echo "unknown" + fi + exit 0 +fi + # grab our cmdline options: while [ "X$1" != "X" ] do @@ -312,16 +330,16 @@ if [ "X$use_ssh" = "X1" ]; then fi C="" - if [ "X$SSL_VNCVIEWER_USE_C" != "X" ]; then + if [ "X$SS_VNCVIEWER_USE_C" != "X" ]; then C="-C" fi # the -t option actually speeds up typing response via VNC!! - if [ "X$SSL_VNCVIEWER_SSH_ONLY" != "X" ]; then + if [ "X$SS_VNCVIEWER_SSH_ONLY" != "X" ]; then echo "$ssh -x -p $ssh_port -t $C $ssh_args $ssh_host \"$info\"" echo "" $ssh -x -p $ssh_port -t $C $ssh_args $ssh_host "$ssh_cmd" exit $? - elif [ "X$SSL_VNCVIEWER_NO_F" != "X" ]; then + elif [ "X$SS_VNCVIEWER_NO_F" != "X" ]; then echo "$ssh -x -p $ssh_port -t $C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host \"$info\"" echo "" $ssh -x -p $ssh_port -t $C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host "$ssh_cmd" @@ -401,17 +419,17 @@ fi pcode() { tf=$1 - SSL_VNC_PROXY=$proxy; export SSL_VNC_PROXY - SSL_VNC_DEST="$host:$port"; export SSL_VNC_DEST + SSVNC_PROXY=$proxy; export SSVNC_PROXY + SSVNC_DEST="$host:$port"; export SSVNC_DEST cod='#!/usr/bin/perl # A hack to glue stunnel to a Web proxy for client connections. use IO::Socket::INET; -my ($first, $second) = split(/,/, $ENV{SSL_VNC_PROXY}); +my ($first, $second) = split(/,/, $ENV{SSVNC_PROXY}); my ($proxy_host, $proxy_port) = split(/:/, $first); -my $connect = $ENV{SSL_VNC_DEST}; +my $connect = $ENV{SSVNC_DEST}; print STDERR "\nperl script for web proxing:\n"; print STDERR "proxy_host: $proxy_host\n"; @@ -419,11 +437,11 @@ print STDERR "proxy_port: $proxy_port\n"; print STDERR "proxy_connect: $connect\n"; my $listen_handle = ""; -if ($ENV{SSL_VNC_LISTEN} != "") { +if ($ENV{SSVNC_LISTEN} != "") { my $listen_sock = IO::Socket::INET->new( Listen => 2, LocalAddr => "localhost", - LocalPort => $ENV{SSL_VNC_LISTEN}, + LocalPort => $ENV{SSVNC_LISTEN}, Proto => "tcp"); if (! $listen_sock) { die "perl proxy: $!\n"; @@ -550,7 +568,7 @@ sub xfer { ptmp="" if [ "X$proxy" != "X" ]; then - ptmp="/tmp/ssl_vncviewer${RANDOM}.$$.pl" + ptmp="/tmp/ss_vncviewer${RANDOM}.$$.pl" mytmp "$ptmp" pcode "$ptmp" connect="exec = $ptmp" @@ -575,8 +593,8 @@ if [ "X$direct_connect" != "X" ]; then fi echo "" if [ "X$ptmp" != "X" ]; then - SSL_VNC_LISTEN=$use - export SSL_VNC_LISTEN + SSVNC_LISTEN=$use + export SSVNC_LISTEN $ptmp & sleep 2 host="localhost" @@ -589,7 +607,7 @@ if [ "X$direct_connect" != "X" ]; then fi ##debug = 7 -tmp=/tmp/ssl_vncviewer${RANDOM}.$$ +tmp=/tmp/ss_vncviewer${RANDOM}.$$ mytmp "$tmp" cat > "$tmp" < # -# ssl_tightvncviewer.tcl: gui wrapper to the , etc. programs in this -# ssl_tightvncviewerpackage. Also sets up service port forwarding. +# ssvnc.tcl: gui wrapper to the programs in this +# package. Also sets up service port forwarding. # set buck_zero $argv0 @@ -71,9 +71,11 @@ proc help {} { scroll_text_dismiss .h.f center_win .h - wm title .h "SSL TightVNC Viewer Help" + wm title .h "SSL/SSH VNC Viewer Help" set msg { + Hosts: + Enter the VNC host and display in the 'VNC Host:Display' entry box. It is of the form "host:number", where "host" is the hostname of the @@ -88,27 +90,34 @@ proc help {} { Then click on "Connect". When you do so the STUNNEL program will be started locally to provide you with an outgoing SSL tunnel. - Once the STUNNEL is running, the TightVNC Viewer will be automatically - started directed to the local SSL tunnel which, in turn, encrypts and - redirects the connection to the remote VNC server. + Once the STUNNEL is running, the TightVNC Viewer (Or Chicken-of-the-VNC + on Mac OS X) will be automatically started directed to the local SSL + tunnel which, in turn, encrypts and redirects the connection to the + remote VNC server. The remote VNC server must support an initial SSL handshake before using the VNC protocol (i.e. VNC is tunnelled through the SSL channel after it is established). "x11vnc -ssl ..." does this, and any VNC server can be made to do this by using, e.g., STUNNEL on the remote side. - Click on "Options ..." if you want to use an *SSH* tunnel instead of - SSL (then the VNC Server does not need to speak SSL or use STUNNEL). - - Note that on Windows when the Viewer connection is finished you may need to terminate STUNNEL manually from the System Tray (right click on dark green icon) and selecting "Exit". - Proxies: If an intermediate proxy is needed to make the SSL connection - (e.g. web gateway out of a firewall), supply both hosts separated - by spaces (with the proxy second): + SSH: + + Click on "Use SSH" or go to "Options ..." if you want to use an *SSH* + tunnel instead of SSL (then the VNC Server does not need to speak SSL or + use STUNNEL). "Use SSH and SSL" is similar: see the Help under Options. + + + Proxies: + + If an intermediate proxy is needed to make the SSL connection + (e.g. web gateway out of a firewall) enter it in the "Proxy/Gateway" + entry box, or Alternatively supply both hosts separated by spaces + (with the proxy second) in the VNC Host:Display box: host:number gwhost:port @@ -119,18 +128,41 @@ proc help {} { far-away:0 local-proxy:8080,mygateway.com:443 - See the ssl_vncviewer description and x11vnc FAQ for info on proxies: + (either as above, or putting the 2nd string in the "Proxy/Gateway" + entry box). + + See the ss_vncviewer description and x11vnc FAQ for info on proxies: - http://www.karlrunge.com/x11vnc/#ssl_vncviewer + http://www.karlrunge.com/x11vnc/#ss_vncviewer http://www.karlrunge.com/x11vnc/#faq-ssl-java-viewer-proxy + Remote SSH Command: + + In SSH or SSH and SSL mode you can also specify a remote command to run + on the remote ssh host in the "Remote SSH Command" entry. The default + is just to sleep a bit (sleep 30) to make sure the port tunnels are + active. Alternatively you could have the remote command start the + VNC server, e.g. x11vnc -nopw -display :0 -rfbport 5900 -localhost + + You can also specify the remote SSH command by putting a string like + + cmd=x11vnc -nopw -display :0 -rfbport 5900 -localhost + + (use any command you wish to run) at the END of the VNC Host:Display + entry. In general, you can cram it all in the VNC Host:Display if + you like: host:disp proxy:port cmd=... (this is the way it is + stored internally). + + + SSL Certificates: + If you want to use a SSL Certificate (PEM) file to authenticate yourself to the VNC server ("MyCert") or to verify the identity of the VNC Server ("ServerCert" or "CertsDir") select the certificate file by clicking the "Certs ..." button before connecting. - Certificate verification is needed to prevent Man In the Middle attacks. + Certificate verification is needed to prevent Man-In-The-Middle attacks. See the x11vnc documentation: http://www.karlrunge.com/x11vnc/ssl.html @@ -150,10 +182,18 @@ proc help {} { from a file. - To set other Options, e.g. to use SSH instead of STUNNEL SSL, - click on the "Options ..." button and read the Help there. + More Options: + + To set other Options, e.g. to use SSH instead of STUNNEL SSL, or + View-Only usage, click on the "Options ..." button and read the Help + there. To load in a saved Options profile, click on the "Load" button. + This is the same as the "Load Profile" button under "Options" + See "Save Profile" under "Options" to save a profile. + + + More Info: See these links for more information: @@ -162,24 +202,26 @@ proc help {} { http://www.tightvnc.com - Tips and Tricks: + Tips and Tricks: 1) On Unix to get a 2nd GUI (e.g. for a 2nd connection) press Ctrl-N on the GUI. If only the xterm window is visible you can press - Ctrl-N or try Ctrl-LeftButton -> New SSL_VNC_GUI. On Windows you + Ctrl-N or try Ctrl-LeftButton -> New SSVNC_GUI. On Windows you will have to manually Start a new one: Start -> Run ..., etc. 2) If you use "user@hostname cmd=SHELL" then you get an SSH shell only: no VNC viewer will be launched. On Windows "user@hostname cmd=PUTTY" will try to use putty.exe (better terminal emulation than plink.exe). A shortcut for this is Ctrl-S as long as user@hostname - is present in the entry box. + is present in the entry box. You can also put the string in the + "Remote SSH Command" entry. 3) If you use "user@hostname cmd=KNOCK" then only the port-knocking is performed. A shortcut for this is Ctrl-P as long as hostname is present in the entry box. If it matches cmd=KNOCKF, i.e. an extra "F", then the port-knocking "FINISH" sequence is sent, if any. A shortcut for this Shift-Ctrl-P as long as hostname is present. + You can also put the string in the "Remote SSH Command" entry. 4) Pressing the "Load" button or pressing Ctrl-L or Clicking the Right mouse button on the main GUI will invoke the Load Profile dialog. @@ -204,7 +246,9 @@ proc help_certs {} { wm title .ch "SSL Certificates Help" set msg { - Only with SSL Certificate verification can Man In the Middle attacks be + Description: + + Only with SSL Certificate verification can Man-In-The-Middle attacks be prevented. Otherwise, only passive snooping attacks are prevented with SSL. The SSL Certificate files described below can have been created externally @@ -214,14 +258,14 @@ proc help_certs {} { of the generated files to the VNC Server. - Your Certificate + Key: + Your Certificate + Key: You can specify your own SSL certificate (PEM) file in "MyCert" in which case it is used to authenticate you (the viewer) to the remote VNC Server. If this fails the remote VNC Server will drop the connection. - Server Certificates: + Server Certificates: Server certs can be specified in one of two ways: @@ -246,7 +290,10 @@ proc help_certs {} { Once selected, if you click the Right Mouse button on the "Browse..." button then information about the certificate will be displayed. - If "Use SSH instead" has been selected then SSL certs are disabled. + + Notes: + + If "Use SSH" has been selected then SSL certs are disabled. See the x11vnc and STUNNEL documentation for how to create and use PEM certificate files: @@ -279,15 +326,19 @@ proc help_opts {} { center_win .oh - wm title .oh "SSL Viewer Options Help" + wm title .oh "SSL/SSH Viewer Options Help" set msg { + Use SSL: The default, use SSL via STUNNEL (this requires SSL aware VNC + server, e.g. x11vnc -ssl SAVE ...) + Use SSH: Instead of using STUNNEL SSL, use ssh(1) for the encrypted tunnel. You must be able to log in via ssh to the remote host. - On Unix the cmdline ssh(1) program will be run in an xterm - for passphrase authentication, etc. On Windows the cmdline - plink.exe program will be launched in a Windows Console window. + On Unix the cmdline ssh(1) program (it must already be installed) + will be run in an xterm for passphrase authentication, etc. On + Windows the cmdline plink.exe program will be launched in + a Windows Console window. You can set the "VNC Host:Display" to "user@host:disp" to indicate ssh should log in as "user" on "host". NOTE: On Windows you MUST @@ -296,8 +347,9 @@ set msg { fred@far-away.east:0 If an intermediate gateway machine must be used (e.g. to enter - a firewall; the VNC Server is not running on it), put something - like this in the "VNC Host:Display" entry box: + a firewall; the VNC Server is not running on it), put it in the + Proxy/Gateway entry or you can put something like this in the + "VNC Host:Display" entry box: workstation:0 user@gateway-host:port @@ -315,30 +367,34 @@ set msg { :0 user@gateway-host:port,user@workstation:port + (or in the Proxy/Gateway entry). - At the very end of the entry box, you can also append a - cmd=... string to indicate that command should be run via ssh - on the remote machine instead of the default "sleep 15". E.g.: + In the "Remote SSH Command" entry you can to indicate that a + remote command to be run. The default is "sleep 15". Also, at + the very end of the entry box, you can append a cmd=... string + to to achieve the same thing. E.g. user@host:0 cmd=x11vnc -nopw -display :0 - (if a gateway is also needed, put it just before the cmd=...) + (if a gateway is also needed, put it just before the cmd=... + e.g. host:0 user@gateway-host:port cmd=x11vnc -nopw ) Trick: If you use "cmd=SHELL" then you get an SSH shell only: no VNC viewer will be launched. On Windows "cmd=PUTTY" will try to use putty.exe (better terminal emulation than plink.exe) - A shortcut for this is Ctrl-S as long as user@hostname is present. + A shortcut for this is Ctrl-S as long as user@hostname is present + in the "VNC Host:Display" box. Use SSH and SSL: Tunnel the SSL connection through a SSH tunnel. Use this if you want end-to-end SSL and must use a SSH gateway (e.g. to enter a firewall) or if additional SSH port redirs are required - (CUPS, Sound, SMB tunnelling: See Advanced options). + (CUPS, Sound, SMB tunnelling: See Advanced Options). Putty PW: On Windows only: use the supplied password for plink SSH logins. Unlike the other options the value is not saved when 'Save - Profile' is performed. This feature useful when options under + Profile' is performed. This feature is useful when options under "Advanced" are set that require TWO SSH's: you just have to type the password once in this entry box. The bundled pagent.exe and puttygen.exe programs can also be used to avoid @@ -381,7 +437,7 @@ set msg { the main GUI will invoke the Load Profile dialog. Note: On Windows since the TightVNC Viewer will save - its own settings in the registry, some unexpected + its own settings in the Registry, some unexpected behavior is possible because the viewer is nearly always directed to the VNC host "localhost:30". E.g. if you specify "View Only" in this gui once but not next @@ -391,7 +447,7 @@ set msg { Clear Options: Set all options to their defaults (i.e. unset). - Advanced: Bring up the Advanced options dialog. + Advanced: Bring up the Advanced Options dialog. } .oh.f.t insert end $msg } @@ -410,10 +466,10 @@ proc win_nokill_msg {} { center_win .w wm resizable .w 1 0 - wm title .w "SSL Viewer: Warning" + wm title .w "SSL/SSH Viewer: Warning" set msg { - The TightVNC Viewer has exited. + The VNC Viewer has exited. You will need to terminate STUNNEL manually. @@ -442,10 +498,10 @@ proc win_kill_msg {pids} { center_win .w wm resizable .w 1 0 - wm title .w "SSL Viewer: Warning" + wm title .w "SSL/SSH Viewer: Warning" set msg { - The TightVNC Viewer has exited. + The VNC Viewer has exited. We can terminate the following still running STUNNEL process(es): @@ -482,7 +538,7 @@ proc win9x_plink_msg {file} { center_win .pl wm resizable .pl 1 0 - wm title .pl "SSL Viewer: Win9x Warning" + wm title .pl "SSL/SSH Viewer: Win9x Warning" set msg { Due to limitations on Window 9x you will have to manually start up @@ -526,6 +582,7 @@ proc mesg {str} { } proc get_ssh_hp {str} { + regsub {cmd=.*$} $str "" str set str [string trim $str] regsub {[ ].*$} $str "" str return $str @@ -545,7 +602,7 @@ proc get_ssh_cmd {str} { proc get_ssh_proxy {str} { set str [string trim $str] - regsub {cmd=(.*$)} $str "" str + regsub {cmd=.*$} $str "" str set str [string trim $str] if { ![regexp {[ ]} $str]} { return "" @@ -558,7 +615,7 @@ proc set_defaults {} { global defs global mycert svcert crtdir - global use_alpha use_grab use_ssh use_sshssl use_viewonly use_fullscreen use_bgr233 + global use_alpha use_grab use_ssl use_ssh use_sshssl use_viewonly use_fullscreen use_bgr233 global use_nojpeg use_raise_on_beep use_compresslevel use_quality global compresslevel_text quality_text global use_cups use_sound use_smbmnt @@ -572,9 +629,6 @@ proc set_defaults {} { global use_port_knocking port_knocking_list global include_list - set defs(use_ssh) 0 - set defs(use_sshssl) 0 - set defs(use_viewonly) 0 set defs(use_fullscreen) 0 set defs(use_raise_on_beep) 0 @@ -626,11 +680,15 @@ proc set_defaults {} { set defs(include_list) "" + set defs(use_ssl) 1 + set defs(use_ssh) 0 + set defs(use_sshssl) 0 + foreach var [array names defs] { set $var $defs($var) } - putty_pw_entry check + ssl_ssh_adjust ssl } proc do_viewer_windows {n} { @@ -1438,34 +1496,55 @@ proc check_ssh_needed {} { if {$use_ssh || $use_sshssl} { return } - set must 0 + set must_cups 0 + set must_snd 0 + set must_smb 0 + set must_addl 0 if {$use_cups} { - if {$cups_local_server != ""} {set must 1} - if {$cups_remote_port != ""} {set must 1} - if {$cups_local_smb_server != ""} {set must 1} - if {$cups_remote_smb_port != ""} {set must 1} - if {$cups_manage_rcfile != ""} {set must 1} + if {$cups_local_server != ""} {set must_cups 1} + if {$cups_remote_port != ""} {set must_cups 1} + if {$cups_local_smb_server != ""} {set must_cups 1} + if {$cups_remote_smb_port != ""} {set must_cups 1} + if {$cups_manage_rcfile != ""} {set must_cups 1} } if {$use_sound} { - if {$sound_daemon_remote_cmd != ""} {set must 1} - if {$sound_daemon_remote_port != ""} {set must 1} - if {$sound_daemon_kill} {set must 1} - if {$sound_daemon_restart} {set must 1} - if {$sound_daemon_local_cmd != ""} {set must 1} - if {$sound_daemon_local_port != ""} {set must 1} - if {$sound_daemon_local_kill} {set must 1} - if {$sound_daemon_local_start} {set must 1} + if {$sound_daemon_remote_cmd != ""} {set must_snd 1} + if {$sound_daemon_remote_port != ""} {set must_snd 1} + if {$sound_daemon_kill} {set must_snd 1} + if {$sound_daemon_restart} {set must_snd 1} + if {$sound_daemon_local_cmd != ""} {set must_snd 1} + if {$sound_daemon_local_port != ""} {set must_snd 1} + if {$sound_daemon_local_kill} {set must_snd 1} + if {$sound_daemon_local_start} {set must_snd 1} } if {$use_smbmnt} { - if {[regexp {//} $smb_mount_list]} {set must 1} + if {[regexp {//} $smb_mount_list]} {set must_smb 1} } - if {$must} { - set use_sshssl 1 - putty_pw_entry check - mesg "Enabling \"Use SSH and SSL\" mode for port redir" - update + if {$additional_port_redirs} { + set must_addl 1 + } + if {$must_cups || $must_snd || $must_smb || $must_addl} { +# set use_sshssl 1 +# ssl_ssh_adjust sshssl +# mesg "Enabling \"Use SSH and SSL\" mode for port redir" + mesg "Cannot do Port redirs in non-SSH mode (SSL)" + set msg "" + if {$must_smb} { + append msg " - SMB Mount Port Redirection\n" + } + if {$must_snd} { + append msg " - ESD Sound Port Redirection\n" + } + if {$must_cups} { + append msg " - CUPS Port Redirection\n" + } + if {$must_addl} { + append msg " - Additional Port Redirections\n" + } + set msg "\"Use SSL\" mode selected (no SSH)\nThe following options will be disabled:\n\n$msg" bell - after 4000 + update + tk_messageBox -type ok -icon info -message $msg } } @@ -1590,15 +1669,15 @@ proc unix_terminal_cmd {{geometry "+100+100"} {title "xterm-command"} {cmd "echo } if {$bg} { if {$xrm1 == ""} { - exec xterm -geometry "$geometry" -title "$title" -e sh -c "$cmd" & + exec xterm -geometry "$geometry" -title "$title" -e sh -c "$cmd" 2>@stdout & } else { - exec xterm -geometry "$geometry" -title "$title" -xrm "$xrm1" -xrm "$xrm2" -xrm "$xrm3" -e sh -c "$cmd" & + exec xterm -geometry "$geometry" -title "$title" -xrm "$xrm1" -xrm "$xrm2" -xrm "$xrm3" -e sh -c "$cmd" 2>@stdout & } } else { if {$xrm1 == ""} { - exec xterm -geometry "$geometry" -title "$title" -e sh -c "$cmd" + exec xterm -geometry "$geometry" -title "$title" -e sh -c "$cmd" 2>@stdout } else { - exec xterm -geometry "$geometry" -title "$title" -xrm "$xrm1" -xrm "$xrm2" -xrm "$xrm3" -e sh -c "$cmd" + exec xterm -geometry "$geometry" -title "$title" -xrm "$xrm1" -xrm "$xrm2" -xrm "$xrm3" -e sh -c "$cmd" 2>@stdout } } } @@ -1659,7 +1738,7 @@ proc do_unix_pre {tag proxy hp pk_hp} { global did_port_knock set setup_cmds [ugly_setup_scripts pre $tag] - set c "ssl_vncviewer -ssh" + set c "ss_vncviewer -ssh" if {$proxy == ""} { set pxy $hp @@ -1670,8 +1749,8 @@ proc do_unix_pre {tag proxy hp pk_hp} { } if {$setup_cmds != ""} { - set env(SSL_VNCVIEWER_SSH_CMD) "$setup_cmds sleep 10" - set env(SSL_VNCVIEWER_SSH_ONLY) 1 + set env(SS_VNCVIEWER_SSH_CMD) "$setup_cmds sleep 10" + set env(SS_VNCVIEWER_SSH_ONLY) 1 if {$smb_redir_0 != ""} { set c "$c -sshargs '$smb_redir_0'" } @@ -1682,9 +1761,9 @@ proc do_unix_pre {tag proxy hp pk_hp} { set did_port_knock 1 if {$use_smbmnt} { - set title "SSL VNC Viewer $hp -- SMB MOUNTS" + set title "SSL/SSH VNC Viewer $hp -- SMB MOUNTS" } else { - set title "SSL VNC Viewer $hp -- Pre Commands" + set title "SSL/SSH VNC Viewer $hp -- Pre Commands" } set tee "" @@ -1701,14 +1780,10 @@ proc do_unix_pre {tag proxy hp pk_hp} { } } -# exec xterm -geometry "80x25+100+100" \ -# -title "$title" \ -# -e sh -c "set -xv; $c" & - unix_terminal_cmd "80x25+100+100" "$title" "set -xv; $c" 1 - set env(SSL_VNCVIEWER_SSH_CMD) "" - set env(SSL_VNCVIEWER_SSH_ONLY) "" + set env(SS_VNCVIEWER_SSH_CMD) "" + set env(SS_VNCVIEWER_SSH_ONLY) "" if {$use_smbmnt} { smbmnt_wait $tee @@ -1717,11 +1792,72 @@ proc do_unix_pre {tag proxy hp pk_hp} { } } } +proc init_vncdisplay {} { + global vncdisplay vncproxy remote_ssh_cmd + set vncdisplay [string trim $vncdisplay] + + if {$vncdisplay == ""} { + set vncproxy "" + set remote_ssh_cmd "" + return + } + + set hpnew [get_ssh_hp $vncdisplay] + set proxy [get_ssh_proxy $vncdisplay] + set sshcmd [get_ssh_cmd $vncdisplay] + + set vncdisplay $hpnew + set vncproxy $proxy + set remote_ssh_cmd $sshcmd + + if {$sshcmd != ""} { + global use_ssl use_ssh use_sshssl + set use_ssl 0 + if {! $use_ssh && ! $use_sshssl} { + set use_ssh 1 + } + } + # ssl_ssh_adjust will be called. +} + +proc get_vncdisplay {} { + global vncdisplay vncproxy remote_ssh_cmd + set vncdisplay [string trim $vncdisplay] + + set t $vncdisplay + regsub {[ \t]*cmd=.*$} $t "" t + set t [string trim $t] + + set str "" + if [regexp {[ \t]} $t] { + set str $t + } else { + if {$vncproxy != "" && $t == ""} { + set str "--nohost-- $vncproxy" + } else { + set str "$t $vncproxy" + } + } + if [regexp {cmd=.*$} $vncdisplay match] { + if {$str == ""} { + set str "--nohost--" + } + set str "$str $match" + } else { + if {$remote_ssh_cmd != ""} { + if {$str == ""} { + set str "--nohost--" + } + set str "$str cmd=$remote_ssh_cmd" + } + } + set str [string trim $str] + return $str +} proc port_knock_only {hp {mode KNOCK}} { if {$hp == ""} { - global vncdisplay - set hp $vncdisplay + set hp [get_vncdisplay] if {$hp == ""} { mesg "No host port found" bell @@ -1785,11 +1921,6 @@ proc launch_unix {hp} { set cmd "" - if [regexp {cmd=} $hp] { - if {! $use_ssh && ! $use_sshssl} { - set use_ssh 1 - } - } check_ssh_needed set_smb_mounts @@ -1806,11 +1937,11 @@ proc launch_unix {hp} { if {$use_ssh || $use_sshssl} { if {$skip_ssh} { - set cmd "ssl_vncviewer" + set cmd "ss_vncviewer" } elseif {$use_ssh} { - set cmd "ssl_vncviewer -ssh" + set cmd "ss_vncviewer -ssh" } else { - set cmd "ssl_vncviewer -sshssl" + set cmd "ss_vncviewer -sshssl" if {$mycert != ""} { set cmd "$cmd -mycert '$mycert'" } @@ -1858,10 +1989,10 @@ proc launch_unix {hp} { } if {$sshcmd == "SHELL"} { - set env(SSL_VNCVIEWER_SSH_CMD) {$SHELL} - set env(SSL_VNCVIEWER_SSH_ONLY) 1 + set env(SS_VNCVIEWER_SSH_CMD) {$SHELL} + set env(SS_VNCVIEWER_SSH_ONLY) 1 } elseif {$setup_cmds != ""} { - set env(SSL_VNCVIEWER_SSH_CMD) "$setup_cmds$sshcmd" + set env(SS_VNCVIEWER_SSH_CMD) "$setup_cmds$sshcmd" } else { if {$sshcmd != ""} { set cmd "$cmd -sshcmd '$sshcmd'" @@ -1885,10 +2016,10 @@ proc launch_unix {hp} { } if {$sshargs != ""} { set cmd "$cmd -sshargs '$sshargs'" - set env(SSL_VNCVIEWER_USE_C) 1 + set env(SS_VNCVIEWER_USE_C) 1 } if {$sshcmd == "SHELL"} { - set env(SSL_VNCVIEWER_SSH_ONLY) 1 + set env(SS_VNCVIEWER_SSH_ONLY) 1 if {$proxy == ""} { set hpt $hpnew regsub {:[0-9]*$} $hpt "" hpt @@ -1908,24 +2039,20 @@ proc launch_unix {hp} { if {[regexp {FINISH} $port_knocking_list]} { wm withdraw . update -# exec xterm -geometry $geometry \ -# -title "SHELL to $hp" -e sh -c "$cmd" unix_terminal_cmd $geometry "SHELL to $hp" "$cmd" wm deiconify . update do_port_knock $pk_hp finish } else { -# exec xterm -geometry $geometry \ -# -title "SHELL to $hp" -e sh -c "$cmd" & unix_terminal_cmd $geometry "SHELL to $hp" "$cmd" 1 } - set env(SSL_VNCVIEWER_SSH_CMD) "" - set env(SSL_VNCVIEWER_SSH_ONLY) "" - set env(SSL_VNCVIEWER_USE_C) "" + set env(SS_VNCVIEWER_SSH_CMD) "" + set env(SS_VNCVIEWER_SSH_ONLY) "" + set env(SS_VNCVIEWER_USE_C) "" return } } else { - set cmd "ssl_tightvncviewer" + set cmd "ssvnc_cmd" set hpnew [get_ssh_hp $hp] set proxy [get_ssh_proxy $hp] if {$mycert != ""} { @@ -1940,6 +2067,18 @@ proc launch_unix {hp} { set cmd "$cmd -proxy '$proxy'" } set hp $hpnew + if [regexp {^.*@} $hp match] { + catch {raise .; update} + mesg "Trimming \"$match\" from hostname" + after 1000 + regsub {^.*@} $hp "" hp + } + if [regexp {@} $proxy] { + bell + catch {raise .; update} + mesg "WARNING: SSL proxy contains \"@\" sign" + after 2000 + } } if {$use_alpha} { @@ -1956,6 +2095,29 @@ proc launch_unix {hp} { set cmd "$cmd $hp" + if {$change_vncviewer && $change_vncviewer_path != ""} { + set env(VNCVIEWERCMD) $change_vncviewer_path + } else { + set env(VNCVIEWERCMD) "" + } + + set realvnc4 $vncviewer_realvnc4 + set realvnc3 0 + set flavor "" + if {! $darwin_cotvnc} { + catch {set flavor [exec ss_vncviewer -viewerflavor 2>/dev/null]} + } + if [regexp {realvnc4} $flavor] { + set realvnc4 1 + } + if [regexp {tightvnc} $flavor] { + set realvnc4 0 + } + if [regexp {realvnc3} $flavor] { + set realvnc4 0 + set realvnc3 1 + } + if {$use_viewonly} { if {$darwin_cotvnc} { set cmd "$cmd --ViewOnly" @@ -1971,7 +2133,7 @@ proc launch_unix {hp} { } } if {$use_bgr233} { - if {$vncviewer_realvnc4} { + if {$realvnc4} { set cmd "$cmd -lowcolourlevel 1" } else { set cmd "$cmd -bgr233" @@ -1980,19 +2142,21 @@ proc launch_unix {hp} { if {$use_nojpeg} { if {$darwin_cotvnc} { ; - } elseif {! $vncviewer_realvnc4} { + } elseif {! $realvnc4 && ! $realvnc3} { set cmd "$cmd -nojpeg" } } if {! $use_raise_on_beep} { if {$darwin_cotvnc} { ; - } elseif {! $vncviewer_realvnc4} { + } elseif {! $realvnc4 && ! $realvnc3} { set cmd "$cmd -noraiseonbeep" } } if {$use_compresslevel != "" && $use_compresslevel != "default"} { - if {$vncviewer_realvnc4} { + if {$realvnc3} { + ; + } elseif {$realvnc4} { set cmd "$cmd -zliblevel '$use_compresslevel'" } else { set cmd "$cmd -compresslevel '$use_compresslevel'" @@ -2001,7 +2165,7 @@ proc launch_unix {hp} { if {$use_quality != "" && $use_quality != "default"} { if {$darwin_cotvnc} { ; - } elseif {! $vncviewer_realvnc4} { + } elseif {! $realvnc4 && ! $realvnc3} { set cmd "$cmd -quality '$use_quality'" } } @@ -2009,19 +2173,13 @@ proc launch_unix {hp} { # realvnc4 -preferredencoding zrle if {$darwin_cotvnc} { ; - } elseif {$vncviewer_realvnc4} { + } elseif {$realvnc4} { set cmd "$cmd -preferredencoding zrle" } else { set cmd "$cmd -encodings 'copyrect tight zrle zlib hextile'" } } - if {$change_vncviewer && $change_vncviewer_path != ""} { - set env(VNCVIEWERCMD) $change_vncviewer_path - } else { - set env(VNCVIEWERCMD) "" - } - catch {destroy .o} catch {destroy .oa} update @@ -2051,24 +2209,21 @@ proc launch_unix {hp} { set xrm1 "*.srinterCommand:true" set xrm2 $xrm1 set xrm3 $xrm1 - if {[info exists env(SSL_VNC_GUI_CMD)]} { - set xrm1 "*.printerCommand:env XTERM_PRINT=1 $env(SSL_VNC_GUI_CMD)" + if {[info exists env(SSVNC_GUI_CMD)]} { + set xrm1 "*.printerCommand:env XTERM_PRINT=1 $env(SSVNC_GUI_CMD)" set xrm2 "XTerm*VT100*translations:#override Shift:print()\\nCtrlN:print()" - set xrm3 "*mainMenu*print*Label: New SSL_VNC_GUI" + set xrm3 "*mainMenu*print*Label: New SSVNC_GUI" } -# exec xterm -geometry $geometry -xrm "$xrm1" -xrm "$xrm2" -xrm "$xrm3" \ -# -title "SSL VNC Viewer $hp" \ -# -e sh -c "set -xv; $cmd; set +xv; echo; echo Done. You Can X-out or Ctrl-C this Terminal if you like.; echo; echo sleep 15; echo; sleep 15" set m "Done. You Can X-out or Ctrl-C this Terminal if you like." global uname if {$uname == "Darwin"} { regsub {X-out or } $m "" m } - unix_terminal_cmd $geometry "SSL VNC Viewer $hp" \ + unix_terminal_cmd $geometry "SSL/SSH VNC Viewer $hp" \ "set -xv; $cmd; set +xv; echo; echo $m; echo; echo sleep 15; echo; sleep 15" 0 $xrm1 $xrm2 $xrm3 - set env(SSL_VNCVIEWER_SSH_CMD) "" - set env(SSL_VNCVIEWER_USE_C) "" + set env(SS_VNCVIEWER_SSH_CMD) "" + set env(SS_VNCVIEWER_USE_C) "" if {$sound_daemon_local_kill && $sound_daemon_local_cmd != ""} { set daemon [string trim $sound_daemon_local_cmd] @@ -2173,11 +2328,11 @@ proc del_launch_windows_ssh_files {} { } proc launch_shell_only {} { - global vncdisplay is_windows + global is_windows global skip_pre - set hp $vncdisplay - regsub {cmd=.*$} $vncdisplay "" hp + set hp [get_vncdisplay] + regsub {cmd=.*$} $hp "" hp set hp [string trim $hp] if {$is_windows} { append hp " cmd=PUTTY" @@ -2189,7 +2344,7 @@ proc launch_shell_only {} { } proc launch {{hp ""}} { - global vncdisplay tcl_platform is_windows + global tcl_platform is_windows global mycert svcert crtdir global pids_before pids_after pids_new global env @@ -2197,10 +2352,18 @@ proc launch {{hp ""}} { set debug 0 if {$hp == ""} { - set hp [string trim $vncdisplay] + set hp [get_vncdisplay] } - if {[regexp {^[ ]*$} $hp]} { + regsub {[ ]*cmd=.*$} $hp "" tt + + if {[regexp {^[ ]*$} $tt]} { + mesg "No host:disp supplied." + bell + catch {raise .} + return + } + if {[regexp -- {--nohost--} $tt]} { mesg "No host:disp supplied." bell catch {raise .} @@ -2234,11 +2397,6 @@ proc launch {{hp ""}} { return } - if [regexp {cmd=} $hp] { - if {! $use_ssh && ! $use_sshssl} { - set use_ssh 1 - } - } check_ssh_needed if {! $use_ssh} { @@ -2340,6 +2498,13 @@ proc launch {{hp ""}} { set host "localhost" } + if [regexp {^.*@} $host match] { + catch {raise .; update} + mesg "Trimming \"$match\" from hostname" + after 1000 + regsub {^.*@} $host "" host + } + set disp [lindex $list 1] set disp [string trim $disp] regsub { .*$} $disp "" disp @@ -2349,9 +2514,15 @@ proc launch {{hp ""}} { set port [expr "$disp + 5900"] if {$proxy != ""} { - set env(SSL_VNC_PROXY) $proxy - set env(SSL_VNC_LISTEN) [expr "$n2 + 5900"] - set env(SSL_VNC_DEST) "$host:$port" + if [regexp {@} $proxy] { + bell + catch {raise .; update} + mesg "WARNING: SSL proxy contains \"@\" sign" + after 2000 + } + set env(SSVNC_PROXY) $proxy + set env(SSVNC_LISTEN) [expr "$n2 + 5900"] + set env(SSVNC_DEST) "$host:$port" } if {$debug} { @@ -2434,9 +2605,9 @@ proc launch {{hp ""}} { mesg "Starting TCP helper on port $port ..." after 600 set proxy_pid [exec "connect_br.exe" &] - unset -nocomplain env(SSL_VNC_PROXY) - unset -nocomplain env(SSL_VNC_LISTEN) - unset -nocomplain env(SSL_VNC_DEST) + unset -nocomplain env(SSVNC_PROXY) + unset -nocomplain env(SSVNC_LISTEN) + unset -nocomplain env(SSVNC_DEST) } mesg "Starting STUNNEL on port $port2 ..." @@ -2508,13 +2679,36 @@ proc get_idir_certs {str} { } else { set idir [file dirname $str] } + if {$is_windows} { + regsub -all {\\} $idir "/" idir + regsub -all {//*} $idir "/" idir + } } if {$idir == ""} { if {$is_windows} { - set t [file dirname [pwd]] - set t "$t/certs" - if [file isdirectory $t] { - set idir $t + if [info exists env(HOME)] { + set t "$env(HOME)/ss_vnc" + regsub -all {\\} $t "/" t + regsub -all {//*} $t "/" t + if {! [file isdirectory $t]} { + catch {file mkdir $t} + } + set t "$env(HOME)/ss_vnc/certs" + regsub -all {\\} $t "/" t + regsub -all {//*} $t "/" t + if {! [file isdirectory $t]} { + catch {file mkdir $t} + } + if [file isdirectory $t] { + set idir $t + } + } + if {$idir == ""} { + set t [file dirname [pwd]] + set t "$t/certs" + if [file isdirectory $t] { + set idir $t + } } } if {$idir == ""} { @@ -2869,7 +3063,6 @@ emailAddress_max = 64 } else { set geometry [xterm_center_geometry] update -# exec xterm -geometry $geometry -title "Running OpenSSL" -e sh -c "$cmd" unix_terminal_cmd $geometry "Running OpenSSL" "$cmd" catch {file attributes $pem -permissions go-rw} catch {file attributes $crt -permissions go-w} @@ -3483,10 +3676,27 @@ proc get_profiles_dir {} { set dir "" if {$is_windows} { - set t [file dirname [pwd]] - set t "$t/profiles" - if [file isdirectory $t] { - set dir $t + if [info exists env(HOME)] { + set t "$env(HOME)/ss_vnc" + regsub -all {\\} $t "/" t + regsub -all {//*} $t "/" t + if {! [file isdirectory $t]} { + catch {file mkdir $t} + } + if [file isdirectory $t] { + set dir $t + set s "$t/profiles" + if {! [file exists $s]} { + catch {file mkdir $s} + } + } + } + if {$dir == ""} { + set t [file dirname [pwd]] + set t "$t/profiles" + if [file isdirectory $t] { + set dir $t + } } } elseif [info exists env(HOME)] { set t "$env(HOME)/.vnc" @@ -3501,8 +3711,8 @@ proc get_profiles_dir {} { if {$dir != ""} { - } elseif [info exists env(SSL_VNC_BASEDIR)] { - set dir $env(SSL_VNC_BASEDIR) + } elseif [info exists env(SSVNC_BASEDIR)] { + set dir $env(SSVNC_BASEDIR) } else { set dir [pwd] } @@ -3620,6 +3830,11 @@ proc load_profile {} { } } + global use_ssl use_ssh use_sshssl + set use_ssl 0 + set use_ssh 0 + set use_sshssl 0 + global defs foreach line [split $str "\n"] { set line [string trim $line] @@ -3647,6 +3862,24 @@ proc load_profile {} { } } + init_vncdisplay + if {! $use_ssl && ! $use_ssh && ! $use_sshssl} { + set use_ssl 1 + } + if {$use_ssl} { + set use_ssh 0 + set use_sshssl 0 + } elseif {$use_ssh && $use_sshssl} { + set use_ssh 0 + } + if {$use_ssl} { + ssl_ssh_adjust ssl + } elseif {$use_ssh} { + ssl_ssh_adjust ssh + } elseif {$use_sshssl} { + ssl_ssh_adjust sshssl + } + set compresslevel_text "Compress Level: $use_compresslevel" set quality_text "Quality: $use_quality" @@ -3656,7 +3889,6 @@ proc load_profile {} { proc save_profile {} { global is_windows uname - global vncdisplay global profdone global include_vars defs @@ -3664,7 +3896,9 @@ proc save_profile {} { set dir [get_profiles_dir] - set disp [string trim $vncdisplay] + set vncdisp [get_vncdisplay] + + set disp [string trim $vncdisp] if {$disp != ""} { regsub {[ ].*$} $disp "" disp regsub -all {/} $disp "" disp @@ -3684,7 +3918,7 @@ proc save_profile {} { set profdone 1 return } - set h [string trim $vncdisplay] + set h [string trim $vncdisp] set p $h regsub {:.*$} $h "" h set host $h @@ -3700,7 +3934,7 @@ proc save_profile {} { set port $p } - set h [string trim $vncdisplay] + set h [string trim $vncdisp] regsub {cmd=.*$} $h "" h set h [string trim $h] if {! [regexp {[ ]} $h]} { @@ -3729,7 +3963,7 @@ proc save_profile {} { puts $fh "port=$port" puts $fh "proxyhost=$proxy" puts $fh "proxyport=$proxyport" - puts $fh "disp=$vncdisplay" + puts $fh "disp=$vncdisp" puts $fh "\n\[options\]" if {$include_list != ""} { @@ -3769,11 +4003,10 @@ proc save_profile {} { } proc set_ssh {} { - global use_ssh use_sshssl - if {! $use_ssh && ! $use_sshssl} { - set use_ssh 1 + global use_ssl + if {$use_ssl} { + ssl_ssh_adjust ssh } - putty_pw_entry check } proc expand_IP {redir} { @@ -4410,8 +4643,8 @@ proc cups_dialog {} { set msg { CUPS Printing requires SSH be used to set up the Print service port - redirection. This will be either of the "Use SSH instead" or "Use - SSH and SSL" modes under "Options". Pure SSL tunnelling will not work. + redirection. This will be either of the "Use SSH" or "Use SSH and + SSL" modes under "Options". Pure SSL tunnelling will not work. This method requires working CUPS software setups on both the remote and local sides of the connection. @@ -4567,10 +4800,10 @@ proc sound_dialog {} { } set msg { - Sound tunnelling to a sound daemon requires SSH be used to set up the - service port redirection. This will be either of the "Use SSH instead" - or "Use SSH and SSL" modes under "Options". Pure SSL tunnelling will - not work. + Sound tunnelling to a sound daemon requires SSH be used to set up + the service port redirection. This will be either of the "Use SSH" + or "Use SSH and SSL" modes under "Options". Pure SSL tunnelling + will not work. This method requires working Sound daemon (e.g. ESD or ARTSD) software setups on both the remote and local sides of the connection. @@ -5327,10 +5560,10 @@ proc smb_dialog {} { } set msg { - Windows/Samba Filesystem mounting requires SSH be used to set up the SMB - service port redirection. This will be either of the "Use SSH instead" - or "Use SSH and SSL" modes under "Options". Pure SSL tunnelling will - not work. + Windows/Samba Filesystem mounting requires SSH be used to set up the + SMB service port redirection. This will be either of the "Use SSH" + or "Use SSH and SSL" modes under "Options". Pure SSL tunnelling + will not work. This method requires a working Samba software setup on the remote side of the connection (VNC server) and existing Samba or Windows file @@ -5454,16 +5687,16 @@ proc help_advanced_opts {} { center_win .ah - wm title .ah "Advanced Opts Help" + wm title .ah "Advanced Options Help" set msg { - These Advanced options that may require extra software installed on + These Advanced Options that may require extra software installed on the VNC server-side (the remote server machine) and/or on the VNC client-side (where this gui is running). - The Service redirection options, CUPS, ESD/ARTSD, and SMB will require - that you use SSH for tunneling so that they can use the -R port - redirection will be enabled for each service. I.e. "Use SSH instead" + The Service redirection options, CUPS, ESD/ARTSD, and SMB will + require that you use SSH for tunneling so that they can use the -R + port redirection will be enabled for each service. I.e. "Use SSH" or "Use SSH and SSL" mode. These options may also require additional configuration to get them @@ -6033,6 +6266,8 @@ proc port_knocking_dialog {} { } set msg { + Description: + Port Knocking is where a network connection to a service is not provided to just any client, but rather only to those that immediately prior to connecting send a more or less secret pattern of connections to other @@ -6059,14 +6294,17 @@ proc port_knocking_dialog {} { For more information http://www.portknocking.org/ and http://www.linuxjournal.com/article/6811 - Tip: if you just want to use the Port Knocking for an SSH shell and not + + Tip: + + If you just want to use the Port Knocking for an SSH shell and not for a VNC tunnel, then specify something like "user@hostname cmd=SHELL" (or "user@hostname cmd=PUTTY" on Windows) in the VNC Host:Display entry box on the main panel. This will do everything short of starting the viewer. A shortcut for this is Ctrl-S as long as user@hostname is present. - Specifying the Knocks: + Specifying the Knocks: In the text area below "Supply port knocking pattern" you put in the pattern of "knocks" needed for this connection. You can separate the knocks by @@ -6096,7 +6334,7 @@ proc port_knocking_dialog {} { before continuing on to the next knock. - Examples: + Examples: 5433, 12321, 1661 @@ -6127,7 +6365,7 @@ proc port_knocking_dialog {} { (or one can split them up via lines as above.) - Advanced port knock actions: + Advanced port knock actions: If the string in the text field contains anywhere the strings "CMD=", "CMDX=", or "SEND=", then splitting on commas is not done: it is only split on lines. @@ -6160,14 +6398,16 @@ proc port_knocking_dialog {} { SEND string, use %NEWLINE. Sending binary data is not yet supported; use CMD= with your own program. - Examples: + + Advanced Examples: CMD=port_knock_client -password wombat33 CMDX=port_knock_client -password wombat33 -host %HOST -src %NAT fw.example.com:5433/udp SEND=ASDLFKSJDF - More tricks: + + More tricks: To temporarily "comment out" a knock, insert a leading "#" character. @@ -6177,7 +6417,8 @@ proc port_knocking_dialog {} { If a knock entry matches "delay N" the default delay is set to N milliseconds (it is 150 initially). - One Time Pads: + + One Time Pads: If the text contains a (presumably single) line of the form: @@ -6199,7 +6440,7 @@ proc port_knocking_dialog {} { sleep 4000 - Port knock only: + Port knock only: If, in the 'VNC Host:Display' entry, you use "user@hostname cmd=KNOCK" then only the port-knocking is performed. A shortcut for this is @@ -6234,7 +6475,7 @@ proc set_advanced_options {} { catch {destroy .o} catch {destroy .oa} toplevel .oa - wm title .oa "Advanced options" + wm title .oa "Advanced Options" set i 1 @@ -6282,15 +6523,17 @@ proc set_advanced_options {} { pack .oa.b$j -side top -fill x } - button .oa.connect -text "Connect" -command launch - pack .oa.connect -side top -fill x +# button .oa.connect -text "Connect" -command launch +# pack .oa.connect -side top -fill x frame .oa.b button .oa.b.done -text "Done" -command {destroy .oa} bind .oa {destroy .oa} button .oa.b.help -text "Help" -command help_advanced_opts - pack .oa.b.help .oa.b.done -fill x -expand 1 -side left + button .oa.b.connect -text "Connect" -command launch + + pack .oa.b.help .oa.b.connect .oa.b.done -fill x -expand 1 -side left pack .oa.b -side top -fill x @@ -6362,14 +6605,14 @@ proc ssh_agent_restart {} { puts $fh "#!/bin/sh" puts $fh "eval `$ssh_agent -s`" puts $fh "$ssh_add" - puts $fh "SSL_VNC_GUI_CHILD=\"\"" - puts $fh "export SSL_VNC_GUI_CHILD" + puts $fh "SSVNC_GUI_CHILD=\"\"" + puts $fh "export SSVNC_GUI_CHILD" global buck_zero set cmd $buck_zero - if [info exists env(SSL_VNC_GUI_CMD)] { - set cmd $env(SSL_VNC_GUI_CMD) + if [info exists env(SSVNC_GUI_CMD)] { + set cmd $env(SSVNC_GUI_CMD) } #puts $fh "$cmd /dev/null 2>/dev/null &" puts $fh "nohup $cmd &" @@ -6381,7 +6624,6 @@ proc ssh_agent_restart {} { catch {wm withdraw .o} catch {wm withdraw .oa} -# exec xterm -geometry +200+200 -title "Restarting with ssh-agent/ssh-add" -e sh $tmp & unix_terminal_cmd "+200+200" "Restarting with ssh-agent/ssh-add" "sh $tmp" 1 after 10000 destroy . @@ -6407,6 +6649,48 @@ proc putty_pw_entry {mode} { } } +proc ssl_ssh_adjust {which} { + global use_ssl use_ssh use_sshssl sshssl_sw + global remote_ssh_cmd_list + + if {$which == "ssl"} { + set use_ssl 1 + set use_ssh 0 + set use_sshssl 0 + set sshssl_sw "ssl" + } elseif {$which == "ssh"} { + set use_ssl 0 + set use_ssh 1 + set use_sshssl 0 + set sshssl_sw "ssh" + } elseif {$which == "sshssl"} { + set use_ssl 0 + set use_ssh 0 + set use_sshssl 1 + set sshssl_sw "sshssl" + } + + if [info exists remote_ssh_cmd_list] { + if {$use_ssh || $use_sshssl} { + foreach w $remote_ssh_cmd_list { + $w configure -state normal + } + } + if {$use_ssl} { + foreach w $remote_ssh_cmd_list { + $w configure -state disabled + } + } + } + + if {! $use_ssl && ! $use_ssh && ! $use_sshssl} { + set use_ssl 1 + set sshssl_sw "ssl" + } + + putty_pw_entry check +} + proc set_options {} { global use_alpha use_grab use_ssh use_sshssl use_viewonly use_fullscreen use_bgr233 global use_nojpeg use_raise_on_beep use_compresslevel use_quality @@ -6415,18 +6699,20 @@ proc set_options {} { catch {destroy .o} toplevel .o - wm title .o "Set SSL VNC Viewer options" + wm title .o "SSL/SSH VNC Options" set i 1 - checkbutton .o.b$i -anchor w -variable use_ssh -text \ - "Use SSH instead" \ - -command {if {$use_ssh} {set use_sshssl 0}; putty_pw_entry check} + radiobutton .o.b$i -anchor w -variable sshssl_sw -value ssl -text \ + "Use SSL" -command {ssl_ssh_adjust ssl} incr i - checkbutton .o.b$i -anchor w -variable use_sshssl -text \ - "Use SSH and SSL" \ - -command {if {$use_sshssl} {set use_ssh 0}; putty_pw_entry check} + radiobutton .o.b$i -anchor w -variable sshssl_sw -value ssh -text \ + "Use SSH" -command {ssl_ssh_adjust ssh} + incr i + + radiobutton .o.b$i -anchor w -variable sshssl_sw -value sshssl -text \ + "Use SSH and SSL" -command {ssl_ssh_adjust sshssl} set iss $i incr i @@ -6526,21 +6812,21 @@ proc set_options {} { button .o.s_prof -text "Save Profile ..." -command {save_profile; raise .o} button .o.l_prof -text " Load Profile ..." -command {load_profile; raise .o} button .o.advanced -text "Advanced ..." -command set_advanced_options - button .o.connect -text "Connect" -command launch +# button .o.connect -text "Connect" -command launch button .o.clear -text "Clear Options" -command set_defaults +# pack .o.connect -side top -fill x + pack .o.clear -side top -fill x pack .o.s_prof -side top -fill x pack .o.l_prof -side top -fill x - #pack .o.inc -side top -fill x - pack .o.clear -side top -fill x pack .o.advanced -side top -fill x - pack .o.connect -side top -fill x frame .o.b button .o.b.done -text "Done" -command {destroy .o} bind .o {destroy .o} button .o.b.help -text "Help" -command help_opts + button .o.b.connect -text "Connect" -command launch - pack .o.b.help .o.b.done -fill x -expand 1 -side left + pack .o.b.help .o.b.connect .o.b.done -fill x -expand 1 -side left pack .o.b -side top -fill x @@ -6580,6 +6866,7 @@ if {$uname == "Darwin"} { catch {file mkdir $t} } } + set help_font "-font {Monaco 10}" } set putty_pw "" @@ -6587,21 +6874,28 @@ set putty_pw "" global scroll_text_focus set scroll_text_focus 1 -wm title . "SSL VNC Viewer" +set multientry 1 + +wm title . "SSL/SSH VNC Viewer" wm resizable . 1 0 set_defaults set skip_pre 0 set vncdisplay "" +set vncproxy "" +set remote_ssh_cmd "" -label .l -text "SSL TightVNC Viewer" -relief ridge +label .l -text "SSL/SSH VNC Viewer" -relief ridge set wl 21 set we 40 frame .f0 -#label .f0.l -width $wl -anchor w -text "VNC Host:Display" -relief ridge -label .f0.l -anchor w -text "VNC Host:Display" -relief ridge +if {$multientry} { + label .f0.l -width $wl -anchor w -text "VNC Host:Display" -relief ridge +} else { + label .f0.l -anchor w -text "VNC Host:Display" -relief ridge +} entry .f0.e -width $we -textvariable vncdisplay pack .f0.l -side left pack .f0.e -side left -expand 1 -fill x @@ -6609,26 +6903,28 @@ bind .f0.e launch frame .f1 label .f1.l -width $wl -anchor w -text "Proxy/Gateway:" -relief ridge -entry .f1.e -width $we -textvariable vncdisplay +entry .f1.e -width $we -textvariable vncproxy pack .f1.l -side left pack .f1.e -side left -expand 1 -fill x frame .f2 label .f2.l -width $wl -anchor w -text "Remote SSH Command:" -relief ridge -entry .f2.e -width $we -textvariable vncdisplay +entry .f2.e -width $we -textvariable remote_ssh_cmd pack .f2.l -side left pack .f2.e -side left -expand 1 -fill x .f2.l configure -state disabled .f2.e configure -state disabled +set remote_ssh_cmd_list {.f2.e .f2.l} + frame .f3 -# -command -checkbutton .f3.ssl -anchor w -variable use_ssl -text "Use SSL" -checkbutton .f3.ssh -anchor w -variable use_ssh -text "Use SSH" -checkbutton .f3.sshssl -anchor w -variable use_sshssl -text "Use SSH and SSL" -set use_ssl 1 +radiobutton .f3.ssl -anchor w -variable sshssl_sw -value ssl -command {ssl_ssh_adjust ssl} -text "Use SSL" +radiobutton .f3.ssh -anchor w -variable sshssl_sw -value ssh -command {ssl_ssh_adjust ssh} -text "Use SSH" +radiobutton .f3.sshssl -anchor w -variable sshssl_sw -value sshssl -command {ssl_ssh_adjust sshssl} -text "Use SSH and SSL" pack .f3.ssl .f3.ssh .f3.sshssl -side left -fill x +ssl_ssh_adjust ssl + frame .b button .b.help -text "Help" -command help button .b.certs -text "Certs ..." -command getcerts @@ -6640,9 +6936,12 @@ button .b.exit -text "Exit" -command {destroy .; exit} pack .b.certs .b.opts .b.load .b.conn .b.help .b.exit -side left -expand 1 -fill x -#pack .l .f0 .f1 .f2 .f3 .b -side top -fill x -pack .l .f0 .b -side top -fill x -if {![info exists env(SSL_VNC_GUI_CHILD)] || $env(SSL_VNC_GUI_CHILD) == ""} { +if {$multientry} { + pack .l .f0 .f1 .f2 .f3 .b -side top -fill x +} else { + pack .l .f0 .b -side top -fill x +} +if {![info exists env(SSVNC_GUI_CHILD)] || $env(SSVNC_GUI_CHILD) == ""} { center_win . } focus .f0.e @@ -6653,9 +6952,9 @@ foreach item [.b.help configure -bg] { set system_button_face $item } -if {[info exists env(SSL_VNC_GUI_CMD)]} { - set env(SSL_VNC_GUI_CHILD) 1 - bind . "exec $env(SSL_VNC_GUI_CMD) &" +if {[info exists env(SSVNC_GUI_CMD)]} { + set env(SSVNC_GUI_CHILD) 1 + bind . "exec $env(SSVNC_GUI_CMD) &" } bind . "destroy .; exit" bind . "destroy .; exit" diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/build.unix b/x11vnc/misc/enhanced_tightvnc_viewer/build.unix index d262498..0fcfb9d 100755 --- a/x11vnc/misc/enhanced_tightvnc_viewer/build.unix +++ b/x11vnc/misc/enhanced_tightvnc_viewer/build.unix @@ -4,7 +4,7 @@ # # e.g. on Darwin we did: # -# env LDFLAGS_OS="-L/Volumes/someplace/common/lib/" CPPFLAGS_OS="-I /Volumes/someplace/common/include" ./build.unix +# env LDFLAGS_OS="-L/Volumes/someplace/common/lib" CPPFLAGS_OS="-I /Volumes/someplace/common/include" ./build.unix # @@ -16,9 +16,33 @@ export PATH # Check location: # thisdir=`dirname "$0"` -if [ ! -d ./bin -o ! -d src/patches ]; then +if [ ! -d ./bin -o ! -d src/patches -o ! -f ./build.unix ]; then + echo "" echo "You must run this script from: $thisdir" - exit 1 + echo "" + echo "Maybe:" + echo "" + echo " cd $thisdir" + echo " ./build.unix" + if [ "X$BUILD_UNIX" != "X" ]; then + sleep 2 + exit 1 + fi + echo "" + sleep 1 + printf "Do you want me to run those for you? y/[n] " + read x + if [ "X$x" = "Xy" ]; then + BUILD_UNIX=1 + export BUILD_UNIX + cd "$thisdir" || exit 1 + echo "pwd:" + pwd + sleep 1 + ./build.unix + fi + + exit $? fi # Try to find osname.arch @@ -112,6 +136,12 @@ elif uname | grep -i bsd > /dev/null; then CPPFLAGS_OS="$CPPFLAGS_OS -I /usr/local/include -I /usr/pkg/include" fi +cnt=`ls ./src/patches/*.patch | wc -c` +if [ $cnt -lt 1 ]; then + echo "Could not find any patches in ./src/patches. Is your tarball missing them?" + exit 1 +fi + # Do tightvnc viewer: # tight_src=`ls -td ./src/vnc_unixsrc* | head -1` @@ -126,18 +156,25 @@ echo "applying tight vnc patches:" start=`pwd` cd $tmp; failed=0 +count=0 for patch in ../../patches/tight* do if [ ! -f "$patch" ]; then continue fi - patch -p0 < $patch + echo PATCHING WITH: "$patch" + ls -l "$patch" + sleep 1 + patch -p0 < "$patch" if [ $? != 0 ]; then failed=`expr $failed + 1` + else + count=`expr $count + 1` fi done +sleep 1 cd "$start" -if [ $failed != 0 ]; then +if [ $failed != 0 -o $count = 0 ]; then ball=src/zips/vnc_unixsrc_vncviewer.patched.tar echo "patches failed, trying to use backup tarball:" ls -l $ball @@ -207,18 +244,25 @@ echo "applying stunnel patches:" start=`pwd` cd $tmp; failed=0 +count=0 for patch in ../../patches/stunnel* do if [ ! -f "$patch" ]; then continue fi + echo PATCHING WITH: "$patch" + ls -l "$patch" + sleep 1 patch -p0 < $patch if [ $? != 0 ]; then failed=`expr $failed + 1` + else + count=`expr $count + 1` fi done +sleep 1 cd "$start" -if [ $failed != 0 ]; then +if [ $failed != 0 -o $count = 0 ]; then ball=src/zips/stunnel.patched.tar echo "patches failed, trying to use backup tarball:" ls -l $ball diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/filelist.txt b/x11vnc/misc/enhanced_tightvnc_viewer/filelist.txt index ab5e95e..d104f25 100644 --- a/x11vnc/misc/enhanced_tightvnc_viewer/filelist.txt +++ b/x11vnc/misc/enhanced_tightvnc_viewer/filelist.txt @@ -162,10 +162,10 @@ 2261967 196 -rwxr-xr-x 1 runge runge 193076 Jul 31 22:59 ./bin/Linux.i686/vncviewer 2261999 80 -rwxr-xr-x 1 runge runge 77148 Jul 31 23:00 ./bin/Linux.i686/stunnel 5538622 4 drwxr-xr-x 2 runge runge 4096 Sep 12 21:24 ./bin/util -5538759 12 -rwxr-xr-x 1 runge runge 12148 Sep 12 21:24 ./bin/util/ssl_vncviewer -5538760 136 -rwxr-xr-x 1 runge runge 132853 Sep 12 21:17 ./bin/util/ssl_tightvncviewer.tcl +5538759 12 -rwxr-xr-x 1 runge runge 12148 Sep 12 21:24 ./bin/util/ss_vncviewer +5538760 136 -rwxr-xr-x 1 runge runge 132853 Sep 12 21:17 ./bin/util/ssvnc.tcl 5538641 4 -rw-r--r-- 1 runge runge 981 Aug 4 09:27 ./bin/util/stunnel-server.conf -2851794 4 -rwxr-xr-x 1 runge runge 3581 Jul 31 23:00 ./bin/ssl_tightvncviewer +2851794 4 -rwxr-xr-x 1 runge runge 3581 Jul 31 23:00 ./bin/ssvnc_cmd 2851592 4 -rwxr-xr-x 1 runge runge 3752 Jul 31 23:01 ./bin/tightvncviewer 2425590 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:30 ./bin/Linux.alpha 2425595 100 -rwxr-xr-x 1 runge runge 97504 Jul 31 23:30 ./bin/Linux.alpha/stunnel @@ -188,7 +188,7 @@ 3064794 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:47 ./bin/SunOS.sun4u 3064795 108 -rwxr-xr-x 1 runge runge 106260 Jul 31 23:45 ./bin/SunOS.sun4u/vncviewer 3064796 76 -rwxr-xr-x 1 runge runge 71748 Jul 31 23:47 ./bin/SunOS.sun4u/stunnel -2851711 4 -rwxr-xr-x 1 runge runge 1310 Aug 29 16:29 ./bin/ssl_vnc_gui +2851711 4 -rwxr-xr-x 1 runge runge 1310 Aug 29 16:29 ./bin/ssvnc 2851793 4 -rwxr-xr-x 1 runge runge 640 Jul 31 17:22 ./bin/.linkin 3293942 4 drwxr-xr-x 2 runge runge 4096 Aug 1 22:14 ./bin/profiles 3277791 8 -rwxr-xr-x 1 runge runge 4814 Jul 30 17:54 ./build.unix @@ -199,7 +199,7 @@ 5063556 16 -rw-r--r-- 1 runge runge 14478 Jul 27 16:32 ./man/man1/vncviewer.1 5063557 24 -rw-r--r-- 1 runge runge 23885 Jul 27 16:33 ./man/man1/stunnel.1 5538624 4 drwxr-xr-x 4 runge runge 4096 Sep 6 16:30 ./Windows -5538633 2312 -rw-r--r-- 1 runge runge 2361922 Sep 12 22:27 ./Windows/ssl_tightvncviewer.exe +5538633 2312 -rw-r--r-- 1 runge runge 2361922 Sep 12 22:27 ./Windows/ssvnc.exe 5538576 4 -rw-r--r-- 1 runge runge 2149 Aug 2 09:42 ./Windows/README.txt 3293943 4 drwxr-xr-x 2 runge runge 4096 Aug 1 22:14 ./Windows/profiles 4621136 4 drwxr-xr-x 5 runge runge 4096 Sep 6 16:30 ./Windows/util diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_bundle b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_bundle index 00e347a..54010b1 100755 --- a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_bundle +++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_bundle @@ -1,35 +1,84 @@ #!/bin/sh rm -rf ./src/tmp/* || exit 1 -vers=1.0.7 +vers=1.0.8 cd .. || exit 1 -if [ -f enhanced_tightvnc_viewer-$vers.zip ]; then - mv enhanced_tightvnc_viewer-$vers.zip enhanced_tightvnc_viewer-$vers.zip~ +########################################### +dest=./t.unix_only +rm -rf $dest +mkdir -p $dest || exit 1 + +tar cvf - ssvnc/{README,COPYING} ssvnc/bin ssvnc/Unix | (cd $dest; tar xvf -) +rm -f $dest/ssvnc/bin/.linkin + +tar=ssvnc_unix_only-${vers}.tar.gz +(cd $dest; tar czvf ../$tar ssvnc) +ls -l $tar +rm -rf $dest + +########################################### +dest=./t.unix_minimal +rm -rf $dest +mkdir -p $dest || exit 1 + +#tar cvf - ssvnc/{README,COPYING} ssvnc/bin/{ss*,util/ss*} ssvnc/Unix | (cd $dest; tar xvf -) +tar cvf - ssvnc/{README,COPYING} ssvnc/bin/{ss*,util/ss*} | (cd $dest; tar xvf -) + +tar=ssvnc_unix_minimal-${vers}.tar.gz +(cd $dest; tar czvf ../$tar ssvnc) +ls -l $tar +rm -rf $dest + +top='#!/bin/sh +n=11 +tmp=`mktemp -d "/tmp/ssvnc.XXXXXX"` || exit 1 +if [ "X$tmp" = "X" -o ! -d "$tmp" ]; then exit 1; fi +trap "cd /tmp; rm -rf $tmp" 0 2 15 + +tail +$n "$0" | (cd $tmp; tar xf -) || exit 1 +$tmp/bin/ssvnc "$@" +exit 0 +data__() {' + +scr=./ssvnc.sh +echo "$top" > $scr +(cd ssvnc; tar cvf - README COPYING bin/{ss*,util/ss*}) >> $scr +chmod 755 $scr +ls -l $scr + +if [ "X$1" = "Xquick" ]; then + exit 0 fi -rm -f enhanced_tightvnc_viewer_all-$vers.zip -rm -f enhanced_tightvnc_viewer-$vers.zip -zip -9 -r enhanced_tightvnc_viewer_all-$vers.zip enhanced_tightvnc_viewer -zip -9 -r enhanced_tightvnc_viewer-$vers.zip enhanced_tightvnc_viewer -x '*.zip' '*.tar.gz' -tar cvf - --exclude='*.zip' --exclude='*.tar.gz' enhanced_tightvnc_viewer | gzip -9 > enhanced_tightvnc_viewer-$vers.tar.gz -tar cvf - --exclude='*.zip' --exclude='*.tar.gz' --exclude='*.dll' --exclude='*.exe' --exclude enhanced_tightvnc_viewer/Windows/util enhanced_tightvnc_viewer | gzip -9 > enhanced_tightvnc_viewer_no_windows-$vers.tar.gz -ls -l enhanced_tightvnc_viewer*-$vers.* +########################################### +rm -f ssvnc_all-$vers.zip +rm -f ssvnc-$vers.zip +zip -9 -r ssvnc_all-$vers.zip ssvnc +zip -9 -r ssvnc-$vers.zip ssvnc -x '*.zip' '*.tar.gz' +tar cvf - --exclude='*.zip' --exclude='*.tar.gz' ssvnc | gzip -9 > ssvnc-$vers.tar.gz +tar cvf - --exclude='*.zip' --exclude='*.tar.gz' --exclude='*.dll' --exclude='*.exe' --exclude ssvnc/Windows/util ssvnc | gzip -9 > ssvnc_no_windows-$vers.tar.gz + +ls -l ssvnc*-$vers.* ########################################### +dest=./t.windows_only +rm -rf ${dest} +mkdir -p $dest || exit 1 -rm -rf enhanced_tightvnc_viewer_windows_only-${vers}* +cp -pR ssvnc $dest +rm -rf $dest/ssvnc/{src,bin,man} +rm -rf $dest/ssvnc/MacOSX +rm -rf $dest/ssvnc/Unix +rm -f $dest/ssvnc/build.unix +rm -f $dest/ssvnc/filelist.txt +cp -p ssvnc/bin/util/ssvnc.tcl $dest/ssvnc/Windows/util -cp -pR enhanced_tightvnc_viewer enhanced_tightvnc_viewer_windows_only-$vers -rm -rf enhanced_tightvnc_viewer_windows_only-$vers/{src,bin,man}/* -rm -rf enhanced_tightvnc_viewer_windows_only-$vers/bin/.linkin -rm -rf enhanced_tightvnc_viewer_windows_only-$vers/MacOSX -rm -rf enhanced_tightvnc_viewer_windows_only-$vers/Unix -cp -p enhanced_tightvnc_viewer/bin/util/ssl_tightvncviewer.tcl enhanced_tightvnc_viewer_windows_only-$vers/Windows/util +zip=ssvnc_windows_only-${vers}.zip +rm -f $zip +(cd $dest; zip -9 -r ../$zip ssvnc) -rm -f enhanced_tightvnc_viewer_windows_only-$vers.zip -zip -9 -r enhanced_tightvnc_viewer_windows_only-$vers.zip enhanced_tightvnc_viewer_windows_only-$vers +ls -l $zip +rm -rf $dest -ls -l enhanced_tightvnc_viewer_windows_only-$vers.zip -rm -rf enhanced_tightvnc_viewer_windows_only-${vers} diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/zips/README b/x11vnc/misc/enhanced_tightvnc_viewer/src/zips/README index e2405b2..a211377 100644 --- a/x11vnc/misc/enhanced_tightvnc_viewer/src/zips/README +++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/zips/README @@ -8,7 +8,7 @@ www.tightvnc.com windows standalone viewer binary: 209149 Jul 25 15:10 tightvnc-1.3dev7_x86_viewer.zip To save space they may not be included in the package you downloaded. -The should be included in the "enhanced_tightvnc_viewer_all-.zip" file. +The should be included in the "ssvnc_all-.zip" file. Go to the websites indicated above or contact me if you cannot find them. The stunnel.patched.tar vnc_unixsrc_vncviewer.patched.tar