From 1d495291e434af3d8bb8d6ceaf5aa926dea065e9 Mon Sep 17 00:00:00 2001 From: runge Date: Sat, 5 May 2007 18:28:32 +0000 Subject: [PATCH] filexfer warnings and messages. --- x11vnc/README | 81 ++++++++++++++++++++++++++++---------------- x11vnc/connections.c | 2 ++ x11vnc/help.c | 18 +++++++++- x11vnc/remote.c | 2 ++ x11vnc/sslhelper.c | 2 +- x11vnc/unixpw.c | 4 ++- x11vnc/x11vnc.1 | 18 +++++++++- x11vnc/x11vnc.c | 2 ++ x11vnc/xevents.c | 3 +- 9 files changed, 98 insertions(+), 34 deletions(-) diff --git a/x11vnc/README b/x11vnc/README index 61b40f0..2899a78 100644 --- a/x11vnc/README +++ b/x11vnc/README @@ -1,5 +1,5 @@ -x11vnc README file Date: Sat May 5 10:47:52 EDT 2007 +x11vnc README file Date: Sat May 5 14:09:28 EDT 2007 The following information is taken from these URLs: @@ -6827,6 +6827,12 @@ ateway and not a broadcaster?) implemented, you cannot do Tightvnc file transfer in -unixpw mode. UltraVNC file transfer does work, however. + IMPORTANT: please understand if -ultrafilexfer or -tightfilexfer is + specified and you run x11vnc as root for, say, inetd or display + manager (gdm, kdm, ...) access and you do not have it switch users via + the [778]-users option, then VNC Viewers that connect are able to do + filetransfer reads and writes as *root*. + The UltraVNC and TightVNC settings can be toggled on and off inside the gui or by -R remote control. However for TightVNC the changed setting only applies for NEW clients, current clients retain their @@ -6843,7 +6849,7 @@ ateway and not a broadcaster?) these extensions you will need to supply this option to x11vnc: -rfbversion 3.6 - Or use [778]-ultrafilexfer which is an alias for the above option and + Or use [779]-ultrafilexfer which is an alias for the above option and "-permitfiletransfer". UltraVNC evidently treats any other RFB version number as non-UltraVNC. @@ -6855,21 +6861,21 @@ ateway and not a broadcaster?) * 1/n Server Scaling * rfbEncodingUltra compression encoding - To disable SingleWindow and ServerInput use [779]-noultraext (the + To disable SingleWindow and ServerInput use [780]-noultraext (the others are managed by LibVNCServer). See this option too: - [780]-noserverdpms. + [781]-noserverdpms. Q-112: Can x11vnc emulate UltraVNC's Single Click helpdesk mode? I.e. something very simple for a naive user to initiate a reverse vnc connection from their desktop to a helpdesk operator's VNC Viewer. - Yes, UltraVNC's [781]Single Click (SC) mode can be emulated reasonably + Yes, UltraVNC's [782]Single Click (SC) mode can be emulated reasonably well on Unix. We use the term "helpdesk" below, but it could be any sort of remote assistance you want to set up, e.g. something for unix-using friends - or family to use. This includes [782]Mac OS X. + or family to use. This includes [783]Mac OS X. Assume you create a helpdesk directory "hd" on your website: http://www.mysite.com/hd @@ -6972,9 +6978,9 @@ fi SSL Encrypted Helpdesk Connections: Currently x11vnc does not support - reverse connections in SSL [783]-ssl mode. This may change in a future + reverse connections in SSL [784]-ssl mode. This may change in a future release, until then you would need to cook up something with - [784]STUNNEL. + [785]STUNNEL. Update: as of Apr/2007 x11vnc supports reverse connections in SSL. Recipe below will be updated (TBD), basically you just add "-ssl SAVE" @@ -7130,7 +7136,7 @@ rypto.a -lwrap You will have to use an external network redirection for this. Filesystem mounting is not part of the VNC protocol. - We show a simple [785]Samba example here. + We show a simple [786]Samba example here. First you will need a tunnel to redirect the SMB requests from the remote machine to the one you sitting at. We use an ssh tunnel: @@ -7167,7 +7173,7 @@ d,ip=127.0.0.1,port=1139 far-away> smbumount /home/fred/smb-haystack-pub At some point we hope to fold some automation for SMB ssh redir setup - into the [786]Enhanced TightVNC Viewer (SSVNC) package we provide (as + into the [787]Enhanced TightVNC Viewer (SSVNC) package we provide (as of Sep 2006 it is there for testing). @@ -7177,7 +7183,7 @@ d,ip=127.0.0.1,port=1139 You will have to use an external network redirection for this. Printing is not part of the VNC protocol. - We show a simple Unix to Unix [787]CUPS example here. Non-CUPS port + We show a simple Unix to Unix [788]CUPS example here. Non-CUPS port redirections (e.g. LPD) should also be possible, but may be a bit more tricky. If you are viewing on Windows SMB and don't have a local cups server it may be trickier still (see below). @@ -7249,7 +7255,7 @@ d,ip=127.0.0.1,port=1139 "localhost". At some point we hope to fold some automation for CUPS ssh redir setup - into the [788]Enhanced TightVNC Viewer (SSVNC) package we provide (as + into the [789]Enhanced TightVNC Viewer (SSVNC) package we provide (as of Sep 2006 it is there for testing). @@ -7350,7 +7356,7 @@ or: the applications will fail to run because LD_PRELOAD will point to libraries of the wrong wordsize. * At some point we hope to fold some automation for esd or artsd ssh - redir setup into the [789]Enhanced TightVNC Viewer (SSVNC) package + redir setup into the [790]Enhanced TightVNC Viewer (SSVNC) package we provide (as of Sep/2006 it is there for testing). @@ -7362,9 +7368,9 @@ or: in Solaris, see Xserver(1) for how to turn it on via +kb), and so you won't hear them if the extension is not present. - If you don't want to hear the beeps use the [790]-nobell option. If + If you don't want to hear the beeps use the [791]-nobell option. If you want to hear the audio from the remote applications, consider - trying a [791]redirector such as esd. + trying a [792]redirector such as esd. @@ -8158,20 +8164,21 @@ References 775. http://www.unixuser.org/~euske/vnc2swf/ 776. http://wolphination.com/linux/2006/06/30/how-to-record-videos-of-your-desktop/ 777. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nofilexfer - 778. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ultrafilexfer - 779. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noultraext - 780. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noserverdpms - 781. http://www.uvnc.com/addons/singleclick.html - 782. http://www.karlrunge.com/x11vnc/index.html#faq-macosx - 783. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 784. http://stunnel.mirt.net/ - 785. http://www.samba.org/ - 786. http://www.karlrunge.com/x11vnc/ssvnc.html - 787. http://www.cups.org/ - 788. http://www.karlrunge.com/x11vnc/ssvnc.html + 778. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users + 779. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ultrafilexfer + 780. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noultraext + 781. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noserverdpms + 782. http://www.uvnc.com/addons/singleclick.html + 783. http://www.karlrunge.com/x11vnc/index.html#faq-macosx + 784. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 785. http://stunnel.mirt.net/ + 786. http://www.samba.org/ + 787. http://www.karlrunge.com/x11vnc/ssvnc.html + 788. http://www.cups.org/ 789. http://www.karlrunge.com/x11vnc/ssvnc.html - 790. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nobell - 791. http://www.karlrunge.com/x11vnc/index.html#faq-sound + 790. http://www.karlrunge.com/x11vnc/ssvnc.html + 791. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nobell + 792. http://www.karlrunge.com/x11vnc/index.html#faq-sound ======================================================================= http://www.karlrunge.com/x11vnc/chainingssh.html: @@ -11203,11 +11210,27 @@ Options: per-client viewonly state the filetransfer permissions will NOT change. + IMPORTANT: please understand if -tightfilexfer is + specified and you run x11vnc as root for, say, inetd + or display manager (gdm, kdm, ...) access and you do + not have it switch users via the -users option, then + VNC Viewers that connect are able to do filetransfer + reads and writes as *root*. + + Also, tightfilexfer is disabled in -unixpw mode. + -ultrafilexfer Note: to enable UltraVNC filetransfer and to get it to work you probably need to supply these libvncserver options: "-rfbversion 3.6 -permitfiletransfer" "-ultrafilexfer" is an alias for this combination. + IMPORTANT: please understand if -ultrafilexfer is + specified and you run x11vnc as root for, say, inetd + or display manager (gdm, kdm, ...) access and you do + not have it switch users via the -users option, then + VNC Viewers that connect are able to do filetransfer + reads and writes as *root*. + Note that sadly you cannot do both -tightfilexfer and -ultrafilexfer at the same time because the latter requires setting the version to 3.6 and tightvnc will @@ -12467,7 +12490,7 @@ Options: character. E.g. "-users +bob" or "-users +nobody". The latter (i.e. switching immediately to user - "nobody") is probably the only use of this option + "nobody") is the only obvious use of the -users option that increases security. Use the following notation to associate a group with diff --git a/x11vnc/connections.c b/x11vnc/connections.c index 3a31f5f..b26c790 100644 --- a/x11vnc/connections.c +++ b/x11vnc/connections.c @@ -676,6 +676,7 @@ void client_gone(rfbClientPtr client) { screen->permitFileTransfer = unixpw_file_xfer_save; if ((tightfilexfer = unixpw_tightvnc_xfer_save)) { #ifdef LIBVNCSERVER_WITH_TIGHTVNC_FILETRANSFER + rfbLog("rfbRegisterTightVNCFileTransferExtension: 3\n"); rfbRegisterTightVNCFileTransferExtension(); #endif } @@ -2220,6 +2221,7 @@ enum rfbNewClientAction new_client(rfbClientPtr client) { unixpw_tightvnc_xfer_save = tightfilexfer; tightfilexfer = 0; #ifdef LIBVNCSERVER_WITH_TIGHTVNC_FILETRANSFER + rfbLog("rfbUnregisterTightVNCFileTransferExtension: 1\n"); rfbUnregisterTightVNCFileTransferExtension(); #endif diff --git a/x11vnc/help.c b/x11vnc/help.c index b465773..77ea6de 100644 --- a/x11vnc/help.c +++ b/x11vnc/help.c @@ -360,11 +360,27 @@ void print_help(int mode) { " per-client viewonly state the filetransfer permissions\n" " will NOT change.\n" "\n" +" IMPORTANT: please understand if -tightfilexfer is\n" +" specified and you run x11vnc as root for, say, inetd\n" +" or display manager (gdm, kdm, ...) access and you do\n" +" not have it switch users via the -users option, then\n" +" VNC Viewers that connect are able to do filetransfer\n" +" reads and writes as *root*.\n" +"\n" +" Also, tightfilexfer is disabled in -unixpw mode.\n" +"\n" "-ultrafilexfer Note: to enable UltraVNC filetransfer and to get it to\n" " work you probably need to supply these libvncserver\n" " options: \"-rfbversion 3.6 -permitfiletransfer\"\n" " \"-ultrafilexfer\" is an alias for this combination.\n" "\n" +" IMPORTANT: please understand if -ultrafilexfer is\n" +" specified and you run x11vnc as root for, say, inetd\n" +" or display manager (gdm, kdm, ...) access and you do\n" +" not have it switch users via the -users option, then\n" +" VNC Viewers that connect are able to do filetransfer\n" +" reads and writes as *root*.\n" +"\n" " Note that sadly you cannot do both -tightfilexfer and\n" " -ultrafilexfer at the same time because the latter\n" " requires setting the version to 3.6 and tightvnc will\n" @@ -1643,7 +1659,7 @@ void print_help(int mode) { " character. E.g. \"-users +bob\" or \"-users +nobody\".\n" "\n" " The latter (i.e. switching immediately to user\n" -" \"nobody\") is probably the only use of this option\n" +" \"nobody\") is the only obvious use of the -users option\n" " that increases security.\n" "\n" " Use the following notation to associate a group with\n" diff --git a/x11vnc/remote.c b/x11vnc/remote.c index e2631a8..08455e4 100644 --- a/x11vnc/remote.c +++ b/x11vnc/remote.c @@ -1274,6 +1274,7 @@ char *process_remote_cmd(char *cmd, int stringonly) { if (! tightfilexfer) { rfbLog("remote_cmd: enabling -tightfilexfer for *NEW* clients.\n"); tightfilexfer = 1; + rfbLog("rfbRegisterTightVNCFileTransferExtension: 4\n"); rfbRegisterTightVNCFileTransferExtension(); } #else @@ -1289,6 +1290,7 @@ char *process_remote_cmd(char *cmd, int stringonly) { if (tightfilexfer) { rfbLog("remote_cmd: disabling -tightfilexfer for *NEW* clients.\n"); tightfilexfer = 0; + rfbLog("rfbUnregisterTightVNCFileTransferExtension: 2\n"); rfbUnregisterTightVNCFileTransferExtension(); } #else diff --git a/x11vnc/sslhelper.c b/x11vnc/sslhelper.c index 36aeb8d..035c423 100644 --- a/x11vnc/sslhelper.c +++ b/x11vnc/sslhelper.c @@ -1852,7 +1852,7 @@ if (db) fprintf(stderr, "iface: %s\n", iface); certret_str = NULL; } if (0 && certret_str) { - fprintf(stderr, "certret_str[%d]:\n%s\n", sbuf.st_size, certret_str); + fprintf(stderr, "certret_str[%d]:\n%s\n", (int) sbuf.st_size, certret_str); } } diff --git a/x11vnc/unixpw.c b/x11vnc/unixpw.c index d28cba2..c4a08b9 100644 --- a/x11vnc/unixpw.c +++ b/x11vnc/unixpw.c @@ -1554,8 +1554,9 @@ void unixpw_accept(char *user) { unixpw_in_progress = 0; screen->permitFileTransfer = unixpw_file_xfer_save; if ((tightfilexfer = unixpw_tightvnc_xfer_save)) { - /* this doesn't work the current client is never registered */ + /* this doesn't work: the current client is never registered! */ #ifdef LIBVNCSERVER_WITH_TIGHTVNC_FILETRANSFER + rfbLog("rfbRegisterTightVNCFileTransferExtension: 1\n"); rfbRegisterTightVNCFileTransferExtension(); #endif } @@ -1602,6 +1603,7 @@ void unixpw_deny(void) { screen->permitFileTransfer = unixpw_file_xfer_save; if ((tightfilexfer = unixpw_tightvnc_xfer_save)) { #ifdef LIBVNCSERVER_WITH_TIGHTVNC_FILETRANSFER + rfbLog("rfbRegisterTightVNCFileTransferExtension: 2\n"); rfbRegisterTightVNCFileTransferExtension(); #endif } diff --git a/x11vnc/x11vnc.1 b/x11vnc/x11vnc.1 index 462a9a7..f0b09ef 100644 --- a/x11vnc/x11vnc.1 +++ b/x11vnc/x11vnc.1 @@ -422,6 +422,15 @@ viewonly cannot transfer files. However, if the remote control mechanism is used to change the global or per-client viewonly state the filetransfer permissions will NOT change. +.IP +IMPORTANT: please understand if \fB-tightfilexfer\fR is +specified and you run x11vnc as root for, say, inetd +or display manager (gdm, kdm, ...) access and you do +not have it switch users via the \fB-users\fR option, then +VNC Viewers that connect are able to do filetransfer +reads and writes as *root*. +.IP +Also, tightfilexfer is disabled in \fB-unixpw\fR mode. .PP \fB-ultrafilexfer\fR .IP @@ -430,6 +439,13 @@ work you probably need to supply these libvncserver options: "\fB-rfbversion\fR \fI3.6 \fB-permitfiletransfer\fR"\fR "\fB-ultrafilexfer\fR" is an alias for this combination. .IP +IMPORTANT: please understand if \fB-ultrafilexfer\fR is +specified and you run x11vnc as root for, say, inetd +or display manager (gdm, kdm, ...) access and you do +not have it switch users via the \fB-users\fR option, then +VNC Viewers that connect are able to do filetransfer +reads and writes as *root*. +.IP Note that sadly you cannot do both \fB-tightfilexfer\fR and \fB-ultrafilexfer\fR at the same time because the latter requires setting the version to 3.6 and tightvnc will @@ -1866,7 +1882,7 @@ can be reopened prefix the username with the "+" character. E.g. "\fB-users\fR \fI+bob\fR" or "\fB-users\fR \fI+nobody\fR". .IP The latter (i.e. switching immediately to user -"nobody") is probably the only use of this option +"nobody") is the only obvious use of the \fB-users\fR option that increases security. .IP Use the following notation to associate a group with diff --git a/x11vnc/x11vnc.c b/x11vnc/x11vnc.c index b9abaf3..7c8f0ce 100644 --- a/x11vnc/x11vnc.c +++ b/x11vnc/x11vnc.c @@ -3227,8 +3227,10 @@ int main(int argc, char* argv[]) { #ifdef LIBVNCSERVER_WITH_TIGHTVNC_FILETRANSFER if (tightfilexfer) { + rfbLog("rfbRegisterTightVNCFileTransferExtension: 6\n"); rfbRegisterTightVNCFileTransferExtension(); } else { + rfbLog("rfbUnregisterTightVNCFileTransferExtension: 3\n"); rfbUnregisterTightVNCFileTransferExtension(); } #endif diff --git a/x11vnc/xevents.c b/x11vnc/xevents.c index 3126a56..3948949 100644 --- a/x11vnc/xevents.c +++ b/x11vnc/xevents.c @@ -1422,7 +1422,8 @@ int get_keyboard_led_state_hook(rfbScreenInfoPtr s) { int get_file_transfer_permitted(rfbClientPtr cl) { allowed_input_t input; if (unixpw_in_progress) { - rfbLog("get_file_transfer_permitted: unixpw_in_progress, skipping.\n"); + rfbLog("get_file_transfer_permitted: unixpw_in_progress, dropping client.\n"); + rfbCloseClient(cl); return FALSE; } if (0) fprintf(stderr, "get_file_transfer_permitted called\n");