x11vnc: -users sslpeer= option. RFB_SSL_CLIENT_CERT, -ncache 10 default

pull/1/head
runge 18 years ago
parent 2d0b184f8b
commit 3fcab6f1ec

Binary file not shown.

Binary file not shown.

@ -1,3 +1,9 @@
2007-04-28 Karl Runge <runge@karlrunge.com>
* x11vnc: -users sslpeer= option. RFB_SSL_CLIENT_CERT var.
X11VNC_FINDDISPLAY_ALWAYS_FAILS var. -ncache default 10.
gid switch fix.
* ssvnc: Linux.i*86 fix and code sync.
2007-04-07 Karl Runge <runge@karlrunge.com>
* x11vnc: add gnome, kde, etc. FINDCREATEDISPLAY tags.
In check_ncache periodically check for changed desktop.

File diff suppressed because it is too large Load Diff

@ -413,6 +413,11 @@ int run_user_command(char *cmd, rfbClientPtr client, char *mode, char *input,
} else {
set_env("RFB_STATE", "UNKNOWN");
}
if (certret_str) {
set_env("RFB_SSL_CLIENT_CERT", certret_str);
} else {
set_env("RFB_SSL_CLIENT_CERT", "");
}
/* set RFB_CLIENT_PORT to peer port for command to use */
if (cd && cd->client_port > 0) {
@ -491,6 +496,9 @@ int run_user_command(char *cmd, rfbClientPtr client, char *mode, char *input,
/* gone, accept, afteraccept */
ok = 0;
if (!strcmp(mode, "env")) {
return 1;
}
if (!strcmp(mode, "accept") && cmd_ok("accept")) {
ok = 1;
}

@ -869,7 +869,8 @@ void print_help(int mode) {
"\n"
" In this mode you can set X11VNC_SKIP_DISPLAY to a comma\n"
" separated list of displays (e.g. \":0,:1\") to ignore\n"
" in the finding process.\n"
" in the finding process. This can also be set by the\n"
" user via \"nd=\" using \"-\" instead of \",\"\n"
"\n"
" An interesting option is WAIT:cmd=FINDCREATEDISPLAY\n"
" that is like FINDDISPLAY in that is uses the same method\n"
@ -906,6 +907,10 @@ void print_help(int mode) {
"\n"
" Where /.../x11vnc is the full path to x11vnc.\n"
"\n"
" If for some reason you do not want x11vnc to ever\n"
" try to find an existing display set the env. var\n"
" X11VNC_FINDDISPLAY_ALWAYS_FAILS=1 (also -env ...)\n"
"\n"
" Use WAIT:cmd=FINDCREATEDISPLAY-print to print out the\n"
" script used. You can specify the preferred order via\n"
" e.g., WAIT:cmd=FINDCREATEDISPLAY-Xdummy,Xvfb,X and/or\n"
@ -1643,6 +1648,28 @@ void print_help(int mode) {
" If you want to limit which users this will be done for,\n"
" provide them as a comma separated list after \"unixpw=\"\n"
"\n"
" Similarly, in -ssl mode, if \"-users sslpeer=\" is\n"
" supplied then after an SSL client authenticates with his\n"
" cert (the -sslverify option is required for this) x11vnc\n"
" will extract a UNIX username from the \"emailAddress\"\n"
" field (username@hostname.com) of the \"Subject\" in the\n"
" x509 SSL cert and then try to switch to that user as\n"
" though \"-users +username\" had been supplied. If you\n"
" want to limit which users this will be done for, provide\n"
" them as a comma separated list after \"sslpeer=\".\n"
" Set the env. var X11VNC_SSLPEER_CN to use the Common\n"
" Name (normally a hostname) instead of the Email field.\n"
" NOTE: the x11vnc administrator must take great care\n"
" that any client certs he adds to -sslverify have the\n"
" correct UNIX username in the \"emailAddress\" field\n"
" of the cert. Otherwise a user may be able to log in\n"
" as another. The following command can be of use in\n"
" checking: \"openssl x509 -text -in file.crt\", see the\n"
" \"Subject:\" line. Also, along with the normal RFB_*\n"
" env. vars. (see -accept) passed to external cmd=\n"
" commands, RFB_SSL_CLIENT_CERT will be set to the\n"
" client's x509 certificate string.\n"
"\n"
" To immediately switch to a user *before* connections\n"
" to the X display are made or any files opened use the\n"
" \"=\" character: \"-users =bob\". That user needs to\n"
@ -2175,6 +2202,8 @@ void print_help(int mode) {
" for rapid retrieval. So a W x H frambuffer is expanded\n"
" to a W x (n+1)*H one. Use 0 to disable. Default: XXX.\n"
"\n"
" The \"n\" is actually optional, the default is 10.\n"
"\n"
" For this and the other -ncache* options below you can\n"
" abbreviate \"-ncache\" with \"-nc\". Also, \"-nonc\"\n"
" is the same as \"-ncache 0\"\n"

@ -234,9 +234,9 @@ Solaris, FreeBSD, etc. Unpack your archive and see the subdirectories of
./bin
for the ones that were shipped in this project, e.g. ./bin/Linux.i686
Run "uname -sm" to see your OS+arch combination. (See the
./bin/ssvnc_cmd -h output for how to override platform autodection
via the UNAME env. var).
Run "uname -sm" to see your OS+arch combination (n.b. all Linux x86 are
mapped to Linux.i686). (See the ./bin/ssvnc_cmd -h output for how to
override platform autodection via the UNAME env. var).
External Dependencies:

@ -25,16 +25,12 @@ if [ "X$FULLNAME" = "XKarl J. Runge" ]; then
VNCVIEWER_POPUP_FIX=1
export VNCVIEWER_POPUP_FIX
#if uname -smr | grep 'Linux 2\.4.*i686' > /dev/null; then
# UNAME="Linux.i686.older"
# export UNAME
#fi
PATH=`echo "$PATH" | sed -e 's,runge/bin/override,-------------,'`
fi
if [ "X$WISH" = "X" ]; then
WISH=wish
for try in wish wish8.3 wish8.4 wish8.5
for try in wish wish8.3 wish8.4 wish8.5 wish8.6
do
if type $try > /dev/null; then
WISH=$try
@ -53,7 +49,7 @@ export SSVNC_LAUNCH
#
name=$UNAME
if [ "X$name" = "X" ]; then
name=`uname -sm | sed -e 's/ /./g'`
name=`uname -sm | sed -e 's/ /./g' -e 's/Linux\.i.86/Linux.i686/'`
fi
f="$0"

@ -113,7 +113,7 @@ fi
#
name=$UNAME
if [ "X$name" = "X" ]; then
name=`uname -sm | sed -e 's/ /./g'`
name=`uname -sm | sed -e 's/ /./g' -e 's/Linux\.i.86/Linux.i686/'`
fi
f="$0"

@ -2760,7 +2760,7 @@ proc launch_unix {hp} {
global env
set env(SS_VNCVIEWER_RM) $passwdfile
} else {
catch {exec sh -c "sleep 15; rm $passwdfile" &}
catch {exec sh -c "sleep 15; rm $passwdfile 2>/dev/null" &}
}
if {$darwin_cotvnc} {
set cmd "$cmd --PasswordFile $passwdfile"

@ -49,7 +49,7 @@ fi
#
name=$UNAME
if [ "X$name" = "X" ]; then
name=`uname -sm | sed -e 's/ /./g'`
name=`uname -sm | sed -e 's/ /./g' -e 's/Linux\.i.86/Linux.i686/'`
fi
if [ "X$name" = "X" ]; then
echo "cannot determine platform: os.arch, e.g. Linux.i686"
@ -71,7 +71,8 @@ if [ -d $dest ]; then
if [ "X$x" = "Xn" ]; then
exit
fi
rm -rf $dest
rm -f $dest/*stunnel*
rm -f $dest/*vncviewer*
fi
mkdir -p $dest || exit 1

@ -5557,507 +5557,6 @@ diff -Naur -X ./exclude vnc_unixsrc.orig/vncviewer/tight.c vnc_unixsrc/vncviewer
return True;
}
diff -Naur -X ./exclude vnc_unixsrc.orig/vncviewer/vncviewer._man vnc_unixsrc/vncviewer/vncviewer._man
--- vnc_unixsrc.orig/vncviewer/vncviewer._man 1969-12-31 19:00:00.000000000 -0500
+++ vnc_unixsrc/vncviewer/vncviewer._man 2007-03-20 10:11:33.000000000 -0400
@@ -0,0 +1,497 @@
+'\" t
+.\" ** The above line should force tbl to be a preprocessor **
+.\" Man page for X vncviewer
+.\"
+.\" Copyright (C) 1998 Marcus.Brinkmann@ruhr-uni-bochum.de
+.\" Copyright (C) 2000,2001 Red Hat, Inc.
+.\" Copyright (C) 2001-2003 Constantin Kaplinsky <const@ce.cctpu.edu.ru>
+.\"
+.\" You may distribute under the terms of the GNU General Public
+.\" License as specified in the file LICENCE.TXT that comes with the
+.\" TightVNC distribution.
+.\"
+.TH vncviewer 1 "January 2003" "" "TightVNC"
+.SH NAME
+vncviewer \- an X viewer client for VNC
+.SH SYNOPSIS
+.B vncviewer
+.RI [\| options \|]
+.RI [\| host \|][\| :display \|]
+.br
+.B vncviewer
+.RI [\| options \|]
+.RI [\| host \|][\| ::port \|]
+.br
+.B vncviewer
+.RI [\| options \|]
+.IR \-listen
+.RI [\| display \|]
+.br
+.B vncviewer
+.IR \-help
+.br
+.SH DESCRIPTION
+.B vncviewer
+is an Xt\-based client application for the VNC (Virtual Network
+Computing) system. It can connect to any VNC\-compatible server such
+as \fBXvnc\fR or WinVNC, allowing you to control desktop environment
+of a different machine.
+
+You can use F8 to display a pop\-up utility menu. Press F8 twice to
+pass single F8 to the remote side.
+.SH OPTIONS
+.TP
+\fB\-help\fR
+Prints a short usage notice to stderr.
+.TP
+\fB\-listen\fR
+Make the viewer listen on port 5500+\fIdisplay\fR for reverse
+connections from a server. WinVNC supports reverse connections using
+the "Add New Client" menu option, or the \-connect command line
+option. \fBXvnc\fR requires the use of the helper program
+\fBvncconnect\fR.
+.TP
+\fB\-via\fR \fIgateway\fR
+Automatically create encrypted TCP tunnel to the \fIgateway\fR machine
+before connection, connect to the \fIhost\fR through that tunnel
+(TightVNC\-specific). By default, this option invokes SSH local port
+forwarding, assuming that SSH client binary can be accessed as
+/usr/bin/ssh. Note that when using the \fB\-via\fR option, the host
+machine name should be specified as known to the gateway machine, e.g.
+"localhost" denotes the \fIgateway\fR, not the machine where vncviewer
+was launched. See the ENVIRONMENT section below for the information on
+configuring the \fB\-via\fR option.
+.TP
+\fB\-shared\fR
+When connecting, specify that a shared connection is requested. In
+TightVNC, this is the default mode, allowing you to share the desktop
+with other clients already using it.
+.TP
+\fB\-noshared\fR
+When connecting, specify that the session may not be shared. This
+would either disconnect other connected clients or refuse your
+connection, depending on the server configuration.
+.TP
+\fB\-viewonly\fR
+Disable transfer of mouse and keyboard events from the client to the
+server.
+.TP
+\fB\-fullscreen\fR
+Start in full\-screen mode. Please be aware that operating in
+full\-screen mode may confuse X window managers. Typically, such
+conflicts cause incorrect handling of input focus or make the viewer
+window disappear mysteriously. See the grabKeyboard setting in the
+RESOURCES section below for a method to solve input focus problem.
+.TP
+\fB\-noraiseonbeep\fR
+By default, the viewer shows and raises its window on remote beep
+(bell) event. This option disables such behaviour
+(TightVNC\-specific).
+.TP
+\fB\-user\fR \fIusername\fR
+User name for Unix login authentication. Default is to use current
+Unix user name. If this option was given, the viewer will prefer Unix
+login authentication over the standard VNC authentication.
+.TP
+\fB\-passwd\fR \fIpasswd\-file\fR
+File from which to get the password (as generated by the
+\fBvncpasswd\fR(1) program). This option affects only the standard VNC
+authentication.
+.TP
+\fB\-encodings\fR \fIencoding\-list\fR
+TightVNC supports several different compression methods to encode
+screen updates; this option specifies a set of them to use in order of
+preference. Encodings are specified separated with spaces, and must
+thus be enclosed in quotes if more than one is specified. Available
+encodings, in default order for a remote connection, are "copyrect
+tight hextile zlib corre rre raw". For a local connection (to the same
+machine), the default order to try is "raw copyrect tight hextile zlib
+corre rre". Raw encoding is always assumed as a last option if no
+other encoding can be used for some reason. For more information on
+encodings, see the section ENCODINGS below.
+.TP
+\fB\-bgr233\fR
+Always use the BGR233 format to encode pixel data. This reduces
+network traffic, but colors may be represented inaccurately. The
+bgr233 format is an 8\-bit "true color" format, with 2 bits blue, 3
+bits green, and 3 bits red.
+.TP
+\fB\-owncmap\fR
+Try to use a PseudoColor visual and a private colormap. This allows
+the VNC server to control the colormap.
+.TP
+\fB\-truecolour\fR, \fB\-truecolor\fR
+Try to use a TrueColor visual.
+.TP
+\fB\-depth\fR \fIdepth\fR
+On an X server which supports multiple TrueColor visuals of different
+depths, attempt to use the specified one (in bits per pixel); if
+successful, this depth will be requested from the VNC server.
+.TP
+\fB\-compresslevel \fIlevel\fR
+Use specified compression \fIlevel\fR (0..9) for "tight" and "zlib"
+encodings (TightVNC\-specific). Level 1 uses minimum of CPU time and
+achieves weak compression ratios, while level 9 offers best
+compression but is slow in terms of CPU time consumption on the server
+side. Use high levels with very slow network connections, and low
+levels when working over high\-speed LANs. It's not recommended to use
+compression level 0, reasonable choices start from the level 1.
+.TP
+\fB\-quality \fIlevel\fR
+Use the specified JPEG quality \fIlevel\fR (0..9) for the "tight"
+encoding (TightVNC\-specific). Quality level 0 denotes bad image
+quality but very impressive compression ratios, while level 9 offers
+very good image quality at lower compression ratios. Note that the
+"tight" encoder uses JPEG to encode only those screen areas that look
+suitable for lossy compression, so quality level 0 does not always
+mean unacceptable image quality.
+.TP
+\fB\-nojpeg\fR
+Disable lossy JPEG compression in Tight encoding (TightVNC\-specific).
+Disabling JPEG compression is not a good idea in typical cases, as
+that makes the Tight encoder less efficient. You might want to use
+this option if it's absolutely necessary to achieve perfect image
+quality (see also the \fB\-quality\fR option).
+.TP
+\fB\-nocursorshape\fR
+Disable cursor shape updates, protocol extensions used to handle
+remote cursor movements locally on the client side
+(TightVNC\-specific). Using cursor shape updates decreases delays with
+remote cursor movements, and can improve bandwidth usage dramatically.
+.TP
+\fB\-x11cursor\fR
+Use a real X11 cursor with X-style cursor shape updates, instead of
+drawing the remote cursor on the framebuffer. This option also
+disables the dot cursor, and disables cursor position updates in
+non-fullscreen mode.
+.TP
+\fB\-autopass\fR
+Read a plain-text password from stdin. This option affects only the
+standard VNC authentication.
+
+.SH Enhanced TightVNC Viewer OPTIONS
+.TP
+Enhanced TightVNC Viewer web page is located at:
+.TP
+http://www.karlrunge.com/x11vnc/ssvnc.html
+.TP
+Note: ZRLE encoding is now supported.
+.TP
+Note: F9 is shortcut to Toggle FullScreen mode.
+.TP
+\fB\-use64\fR
+In \fB\-bgr233\fR mode, use 64 colors instead of 256.
+.TP
+\fB\-bgr222\fR
+Same as \fB\-use64\fR.
+.TP
+\fB\-use8\fR
+In \fB\-bgr233\fR mode, use 8 colors instead of 256.
+.TP
+\fB\-bgr111\fR
+Same as \fB\-use8\fR.
+.TP
+\fB\-16bpp\fR
+If the vnc viewer X display is depth 24 at 32bpp
+request a 16bpp format from the VNC server to cut
+network traffic by up to 2X, then tranlate the
+pixels to 32bpp locally.
+.TP
+\fB\-bgr565\fR
+Same as \fB\-16bpp\fR.
+.TP
+\fB\-alpha\fR
+Use alphablending transparency for local cursors
+requires: x11vnc server, both client and server
+must be 32bpp and same endianness.
+.TP
+\fB\-ycrop\fR n
+Only show the top n rows of the framebuffer. For
+use with x11vnc \fB\-ncache\fR client caching option
+to help "hide" the pixel cache region.
+Use a negative value (e.g. \fB\-1\fR) for autodetection.
+Autodetection will always take place if the remote
+fb height is more than 2 times the width.
+.TP
+\fB\-sbwidth\fR n
+Scrollbar width, default is very narrow: 2 pixels,
+it is narrow to avoid distraction in \fB\-ycrop\fR mode.
+.TP
+\fB\-rawlocal\fR
+Prefer raw encoding for localhost, default is
+no, i.e. assumes you have a SSH tunnel instead.
+.TP
+\fB\-graball\fR
+Grab the entire X server when in fullscreen mode,
+needed by some old window managers like fvwm2.
+.TP
+\fB\-popupfix\fR
+Warp the popup back to the pointer position,
+needed by some old window managers like fvwm2.
+.TP
+\fB\-grabkbd\fR
+Grab the X keyboard when in fullscreen mode,
+needed by some window managers. Same as \fB\-grabkeyboard\fR.
+\fB\-grabkbd\fR is the default, use \fB\-nograbkbd\fR to disable.
+.TP
+\fB\-bs/-nobs\fR
+Whether or not to use X server Backingstore for the
+main viewer window. The default is to not, mainly
+because most Linux, etc, systems X servers disable
+*all* Backingstore by default. To re-enable it put
+
+Option "Backingstore"
+
+in the Device section of /etc/X11/xorg.conf.
+In -bs mode with no X server backingstore, whenever an
+area of the screen is re-exposed it must go out to the
+VNC server to retrieve the pixels. This is too slow.
+
+In -nobs mode, memory is allocated by the viewer to
+provide its own backing of the main viewer window. This
+actually makes some activities faster (changes in large
+regions) but can appear to "flash" too much.
+.TP
+\fB\-noshm\fR
+Disable use of MIT shared memory extension (not recommended)
+.TP
+\fB New Popup actions:\fR
+
+ Cursor Shape: ~ -nocursorshape
+ X11 Cursor: ~ -x11cursor
+ Cursor Alphablend: ~ -alpha
+ Disable JPEG: ~ -nojpeg
+ Prefer raw for localhost ~ -rawlocal
+ Full Color as many colors as local screen allows.
+ Grey scale (16 & 8-bpp) ~ -grey, for low colors 16/8bpp modes only.
+ 16 bit color (BGR565) ~ -bgr565
+ 8 bit color (BGR233) ~ -bgr233
+ 256 colors ~ -bgr233 default # of colors.
+ 64 colors ~ -bgr222 / -use64
+ 8 colors ~ -bgr111 / -use8
+
+
+ Disable Remote Input Ultravnc ext. Try to prevent input and
+ viewing of monitor at physical display.
+ Single Window Ultravnc ext. Grab and a single window.
+ (click on the window you want).
+ Set 1/n Server Scale Ultravnc ext. Scale desktop by 1/n.
+ prompt is from the terminal.
+ Text Chat Ultravnc ext. Do Text Chat, currently
+ input via the terminal (no window).
+
+ Note: the Ultravnc extensions only apply to servers that support
+ them. x11vnc/libvncserver supports some of them.
+
+.SH ENCODINGS
+The server supplies information in whatever format is desired by the
+client, in order to make the client as easy as possible to implement.
+If the client represents itself as able to use multiple formats, the
+server will choose one.
+
+.I Pixel format
+refers to the representation of an individual pixel. The most common
+formats are 24 and 16 bit "true\-color" values, and 8\-bit "color map"
+representations, where an arbitrary map converts the color number to
+RGB values.
+
+.I Encoding
+refers to how a rectangle of pixels are sent (all pixel information in
+VNC is sent as rectangles). All rectangles come with a header giving
+the location and size of the rectangle and an encoding type used by
+the data which follows. These types are listed below.
+.TP
+.B Raw
+The raw encoding simply sends width*height pixel values. All clients
+are required to support this encoding type. Raw is also the fastest
+when the server and viewer are on the same machine, as the connection
+speed is essentially infinite and raw encoding minimizes processing
+time.
+.TP
+.B CopyRect
+The Copy Rectangle encoding is efficient when something is being
+moved; the only data sent is the location of a rectangle from which
+data should be copied to the current location. Copyrect could also be
+used to efficiently transmit a repeated pattern.
+.TP
+.B RRE
+The Rise\-and\-Run\-length\-Encoding is basically a 2D version of
+run\-length encoding (RLE). In this encoding, a sequence of identical
+pixels are compressed to a single value and repeat count. In VNC, this
+is implemented with a background color, and then specifications of an
+arbitrary number of subrectangles and color for each. This is an
+efficient encoding for large blocks of constant color.
+.TP
+.B CoRRE
+This is a minor variation on RRE, using a maximum of 255x255 pixel
+rectangles. This allows for single\-byte values to be used, reducing
+packet size. This is in general more efficient, because the savings
+from sending 1\-byte values generally outweighs the losses from the
+(relatively rare) cases where very large regions are painted the same
+color.
+.TP
+.B Hextile
+Here, rectangles are split up in to 16x16 tiles, which are sent in a
+predetermined order. The data within the tiles is sent either raw or
+as a variant on RRE. Hextile encoding is usually the best choice for
+using in high\-speed network environments (e.g. Ethernet local\-area
+networks).
+.TP
+.B Zlib
+Zlib is a very simple encoding that uses zlib library to compress raw
+pixel data. This encoding achieves good compression, but consumes a
+lot of CPU time. Support for this encoding is provided for
+compatibility with VNC servers that might not understand Tight
+encoding which is more efficient than Zlib in nearly all real\-life
+situations.
+.TP
+.B Tight
+Like Zlib encoding, Tight encoding uses zlib library to compress the
+pixel data, but it pre\-processes data to maximize compression ratios,
+and to minimize CPU usage on compression. Also, JPEG compression may
+be used to encode color\-rich screen areas (see the description of
+\-quality and \-nojpeg options above). Tight encoding is usually the
+best choice for low\-bandwidth network environments (e.g. slow modem
+connections).
+.SH RESOURCES
+X resources that \fBvncviewer\fR knows about, aside from the
+normal Xt resources, are as follows:
+.TP
+.B shareDesktop
+Equivalent of \fB\-shared\fR/\fB\-noshared\fR options. Default true.
+.TP
+.B viewOnly
+Equivalent of \fB\-viewonly\fR option. Default false.
+.TP
+.B fullScreen
+Equivalent of \fB\-fullscreen\fR option. Default false.
+.TP
+.B grabKeyboard
+Grab keyboard in full-screen mode. This can help to solve problems
+with losing keyboard focus. Default false.
+.TP
+.B raiseOnBeep
+Equivalent of \fB\-noraiseonbeep\fR option, when set to false. Default
+true.
+.TP
+.B passwordFile
+Equivalent of \fB\-passwd\fR option.
+.TP
+.B userLogin
+Equivalent of \fB\-user\fR option.
+.TP
+.B passwordDialog
+Whether to use a dialog box to get the password (true) or get it from
+the tty (false). Irrelevant if \fBpasswordFile\fR is set. Default
+false.
+.TP
+.B encodings
+Equivalent of \fB\-encodings\fR option.
+.TP
+.B compressLevel
+Equivalent of \fB\-compresslevel\fR option (TightVNC\-specific).
+.TP
+.B qualityLevel
+Equivalent of \fB\-quality\fR option (TightVNC\-specific).
+.TP
+.B enableJPEG
+Equivalent of \fB\-nojpeg\fR option, when set to false. Default true.
+.TP
+.B useRemoteCursor
+Equivalent of \fB\-nocursorshape\fR option, when set to false
+(TightVNC\-specific). Default true.
+.TP
+.B useBGR233
+Equivalent of \fB\-bgr233\fR option. Default false.
+.TP
+.B nColours
+When using BGR233, try to allocate this many "exact" colors from the
+BGR233 color cube. When using a shared colormap, setting this resource
+lower leaves more colors for other X clients. Irrelevant when using
+truecolor. Default is 256 (i.e. all of them).
+.TP
+.B useSharedColours
+If the number of "exact" BGR233 colors successfully allocated is less
+than 256 then the rest are filled in using the "nearest" colors
+available. This resource says whether to only use the "exact" BGR233
+colors for this purpose, or whether to use other clients' "shared"
+colors as well. Default true (i.e. use other clients' colors).
+.TP
+.B forceOwnCmap
+Equivalent of \fB\-owncmap\fR option. Default false.
+.TP
+.B forceTrueColour
+Equivalent of \fB\-truecolour\fR option. Default false.
+.TP
+.B requestedDepth
+Equivalent of \fB\-depth\fR option.
+.TP
+.B useSharedMemory
+Use MIT shared memory extension if on the same machine as the X
+server. Default true.
+.TP
+.B wmDecorationWidth, wmDecorationHeight
+The total width and height taken up by window manager decorations.
+This is used to calculate the maximum size of the VNC viewer window.
+Default is width 4, height 24.
+.TP
+.B bumpScrollTime, bumpScrollPixels
+When in full screen mode and the VNC desktop is bigger than the X
+display, scrolling happens whenever the mouse hits the edge of the
+screen. The maximum speed of scrolling is bumpScrollPixels pixels
+every bumpScrollTime milliseconds. The actual speed of scrolling will
+be slower than this, of course, depending on how fast your machine is.
+Default 20 pixels every 25 milliseconds.
+.TP
+.B popupButtonCount
+The number of buttons in the popup window. See the README file for
+more information on how to customize the buttons.
+.TP
+.B debug
+For debugging. Default false.
+.TP
+.B rawDelay, copyRectDelay
+For debugging, see the README file for details. Default 0 (off).
+.SH ENVIRONMENT
+When started with the \fB\-via\fR option, vncviewer reads the
+\fBVNC_VIA_CMD\fR environment variable, expands patterns beginning
+with the "%" character, and executes result as a command assuming that
+it would create TCP tunnel that should be used for VNC connection. If
+not set, this environment variable defaults to "/usr/bin/ssh -f -L
+%L:%H:%R %G sleep 20".
+
+The following patterns are recognized in the \fBVNC_VIA_CMD\fR (note
+that all the patterns %G, %H, %L and %R must be present in the command
+template):
+.TP
+.B %%
+A literal "%";
+.TP
+.B %G
+gateway host name;
+.TP
+.B %H
+remote VNC host name, as known to the gateway;
+.TP
+.B %L
+local TCP port number;
+.TP
+.B %R
+remote TCP port number.
+.SH SEE ALSO
+\fBvncserver\fR(1), \fBXvnc\fR(1), \fBvncpasswd\fR(1),
+\fBvncconnect\fR(1), \fBssh\fR(1)
+.SH AUTHORS
+Original VNC was developed in AT&T Laboratories Cambridge. TightVNC
+additions was implemented by Constantin Kaplinsky. Many other people
+participated in development, testing and support.
+
+\fBMan page authors:\fR
+.br
+Marcus Brinkmann <Marcus.Brinkmann@ruhr-uni-bochum.de>,
+.br
+Terran Melconian <terran@consistent.org>,
+.br
+Tim Waugh <twaugh@redhat.com>,
+.br
+Constantin Kaplinsky <const@ce.cctpu.edu.ru>
diff -Naur -X ./exclude vnc_unixsrc.orig/vncviewer/vncviewer.c vnc_unixsrc/vncviewer/vncviewer.c
--- vnc_unixsrc.orig/vncviewer/vncviewer.c 2004-01-13 09:22:05.000000000 -0500
+++ vnc_unixsrc/vncviewer/vncviewer.c 2007-04-10 14:14:58.000000000 -0400

@ -220,6 +220,7 @@ int ncache_pad = 0;
#endif
int ncache_xrootpmap = NCACHE_XROOTPMAP;
int ncache0 = 0;
int ncache_default = 10;
int ncache_copyrect = 0;
int ncache_wf_raises = 1;
int ncache_dt_change = 1;

@ -162,6 +162,7 @@ extern int wireframe_in_progress;
extern int ncache;
extern int ncache0;
extern int ncache_default;
extern int ncache_copyrect;
extern int ncache_wf_raises;
extern int ncache_dt_change;

@ -1315,6 +1315,11 @@ if (db) fprintf(stderr, "buf: '%s'\n", buf);
return 1;
}
static char *certret = NULL;
static int certret_fd = -1;
static mode_t omode;
char *certret_str = NULL;
void accept_openssl(int mode, int presock) {
int sock = -1, listen = -1, cport, csock, vsock;
int status, n, i, db = 0;
@ -1456,6 +1461,23 @@ void accept_openssl(int mode, int presock) {
name = NULL;
}
if (certret) {
free(certret);
}
if (certret_str) {
free(certret_str);
certret_str = NULL;
}
certret = strdup("/tmp/x11vnc-certret.XXXXXX");
omode = umask(077);
certret_fd = mkstemp(certret);
umask(omode);
if (certret_fd < 0) {
free(certret);
certret = NULL;
certret_fd = -1;
}
/* now fork the child to handle the SSL: */
pid = fork();
@ -1785,6 +1807,7 @@ if (db) fprintf(stderr, "iface: %s\n", iface);
signal(SIGALRM, SIG_DFL);
close(csock);
if (vsock < 0) {
rfbLog("SSL: accept_openssl: connection from ssl_helper failed.\n");
rfbLogPerror("accept");
@ -1794,11 +1817,42 @@ if (db) fprintf(stderr, "iface: %s\n", iface);
if (mode == OPENSSL_INETD || ssl_no_fail) {
clean_up_exit(1);
}
if (certret_fd >= 0) {
close(certret_fd);
certret_fd = -1;
}
if (certret) {
unlink(certret);
}
return;
}
if (db) fprintf(stderr, "accept_openssl: vsock: %d\n", vsock);
n = read(vsock, rcookie, strlen(cookie));
if (certret) {
struct stat sbuf;
sbuf.st_size = 0;
if (certret_fd >= 0 && stat(certret, &sbuf) == 0 && sbuf.st_size > 0) {
certret_str = (char *) malloc(sbuf.st_size+1);
read(certret_fd, certret_str, sbuf.st_size);
close(certret_fd);
certret_fd = -1;
}
if (certret_fd >= 0) {
close(certret_fd);
certret_fd = -1;
}
unlink(certret);
if (certret_str && strstr(certret_str, "NOCERT") == certret_str) {
free(certret_str);
certret_str = NULL;
}
if (0 && certret_str) {
fprintf(stderr, "certret_str[%d]:\n%s\n", sbuf.st_size, certret_str);
}
}
if (n != (int) strlen(cookie) || strncmp(cookie, rcookie, n)) {
rfbLog("SSL: accept_openssl: cookie from ssl_helper failed. %d\n", n);
if (errno != 0) {
@ -2065,6 +2119,30 @@ if (db > 1) fprintf(stderr, "ssl_init: 4\n");
}
rfbLog("SSL: ssl_helper[%d]: SSL_accept() succeeded for: %s\n", getpid(), name);
if (SSL_get_verify_result(ssl) == X509_V_OK) {
X509 *x;
FILE *cr = NULL;
if (certret != NULL) {
cr = fopen(certret, "w");
}
x = SSL_get_peer_certificate(ssl);
if (x == NULL) {
rfbLog("SSL: ssl_helper[%d]: accepted client %s x509 peer cert is null\n", getpid(), name);
if (cr != NULL) {
fprintf(cr, "NOCERT\n");
fclose(cr);
}
} else {
rfbLog("SSL: ssl_helper[%d]: accepted client %s x509 cert is:\n", getpid(), name);
X509_print_ex_fp(stderr, x, 0, XN_FLAG_MULTILINE);
if (cr != NULL) {
X509_print_ex_fp(cr, x, 0, XN_FLAG_MULTILINE);
fclose(cr);
}
}
}
free(name);
return 1;

@ -14,6 +14,7 @@ extern int openssl_port_num;
extern int https_sock;
extern pid_t openssl_last_helper_pid;
extern char *openssl_last_ip;
extern char *certret_str;
extern void raw_xfer(int csock, int s_in, int s_out);

@ -1295,7 +1295,7 @@ char create_display[] =
"\n"
"have_root=\"\"\n"
"id0=`id`\n"
"if id | grep -w root > /dev/null; then\n"
"if id | sed -e 's/ gid.*$//' | grep -w root > /dev/null; then\n"
" have_root=\"1\"\n"
"fi\n"
"\n"

@ -29,11 +29,11 @@ static void switch_user_task_dummy(void);
static void switch_user_task_solid_bg(void);
static char *get_login_list(int with_display);
static char **user_list(char *user_str);
static void user2uid(char *user, uid_t *uid, char **name, char **home);
static void user2uid(char *user, uid_t *uid, gid_t *gid, char **name, char **home);
static int lurk(char **users);
static int guess_user_and_switch(char *str, int fb_mode);
static int try_user_and_display(uid_t uid, char *dpystr);
static int switch_user_env(uid_t uid, char *name, char *home, int fb_mode);
static int try_user_and_display(uid_t uid, gid_t gid, char *dpystr);
static int switch_user_env(uid_t uid, gid_t gid, char *name, char *home, int fb_mode);
static void try_to_switch_users(void);
@ -236,7 +236,7 @@ static char **user_list(char *user_str) {
return list;
}
static void user2uid(char *user, uid_t *uid, char **name, char **home) {
static void user2uid(char *user, uid_t *uid, gid_t *gid, char **name, char **home) {
int numerical = 1;
char *q;
@ -271,6 +271,7 @@ static void user2uid(char *user, uid_t *uid, char **name, char **home) {
}
if (pw) {
*uid = pw->pw_uid;
*gid = pw->pw_gid;
*name = pw->pw_name; /* n.b. use immediately */
*home = pw->pw_dir;
}
@ -281,6 +282,7 @@ static void user2uid(char *user, uid_t *uid, char **name, char **home) {
static int lurk(char **users) {
uid_t uid;
gid_t gid;
int success = 0, dmin = -1, dmax = -1;
char *p, *logins, **u;
@ -390,10 +392,10 @@ static int lurk(char **users) {
}
}
user2uid(user, &uid, &name, &home);
user2uid(user, &uid, &gid, &name, &home);
free(t);
if (! uid) {
if (! uid || ! gid) {
ok = 0;
}
@ -406,8 +408,8 @@ static int lurk(char **users) {
if (dn >= 0) {
sprintf(dpystr, ":%d", dn);
}
if (try_user_and_display(uid, dpystr)) {
if (switch_user_env(uid, name, home, 0)) {
if (try_user_and_display(uid, gid, dpystr)) {
if (switch_user_env(uid, gid, name, home, 0)) {
rfbLog("lurk: now user: %s @ %s\n",
name, dpystr);
started_as_root = 2;
@ -539,7 +541,7 @@ static int guess_user_and_switch(char *str, int fb_mode) {
return ret;
}
static int try_user_and_display(uid_t uid, char *dpystr) {
static int try_user_and_display(uid_t uid, gid_t gid, char *dpystr) {
/* NO strtoks */
#if LIBVNCSERVER_HAVE_FORK && LIBVNCSERVER_HAVE_SYS_WAIT_H && LIBVNCSERVER_HAVE_PWD_H
pid_t pid, pidw;
@ -578,7 +580,7 @@ static int try_user_and_display(uid_t uid, char *dpystr) {
signal(SIGQUIT, SIG_DFL);
signal(SIGTERM, SIG_DFL);
rc = switch_user_env(uid, name, home, 0);
rc = switch_user_env(uid, gid, name, home, 0);
if (! rc) {
exit(1);
}
@ -606,6 +608,7 @@ int switch_user(char *user, int fb_mode) {
/* NO strtoks */
int doit = 0;
uid_t uid = 0;
gid_t gid = 0;
char *name, *home;
if (*user == '+') {
@ -617,20 +620,23 @@ int switch_user(char *user, int fb_mode) {
return guess_user_and_switch(user, fb_mode);
}
user2uid(user, &uid, &name, &home);
user2uid(user, &uid, &gid, &name, &home);
if (uid == (uid_t) -1 || uid == 0) {
return 0;
}
if (gid == 0) {
return 0;
}
if (! doit && dpy) {
/* see if this display works: */
char *dstr = DisplayString(dpy);
doit = try_user_and_display(uid, dstr);
doit = try_user_and_display(uid, gid, dstr);
}
if (doit) {
int rc = switch_user_env(uid, name, home, fb_mode);
int rc = switch_user_env(uid, gid, name, home, fb_mode);
if (rc) {
started_as_root = 2;
}
@ -640,7 +646,7 @@ int switch_user(char *user, int fb_mode) {
}
}
static int switch_user_env(uid_t uid, char *name, char *home, int fb_mode) {
static int switch_user_env(uid_t uid, gid_t gid, char *name, char *home, int fb_mode) {
/* NO strtoks */
char *xauth;
int reset_fb = 0;
@ -657,6 +663,13 @@ static int switch_user_env(uid_t uid, char *name, char *home, int fb_mode) {
clean_shm(0);
free_tiles();
}
if (setgid(gid) != 0) {
if (reset_fb) {
/* 2 means we did clean_shm and free_tiles */
do_new_fb(2);
}
return 0;
}
if (setuid(uid) != 0) {
if (reset_fb) {
/* 2 means we did clean_shm and free_tiles */
@ -1115,6 +1128,7 @@ void user_supplied_opts(char *opts) {
"rotate", "ro",
"geometry", "geom", "ge",
"noncache", "nc",
"nodisplay", "nd",
NULL
};
@ -1485,12 +1499,89 @@ if (0) db = 1;
int n;
int nodisp = 0;
int saw_xdmcp = 0;
char *usslpeer = NULL;
memset(line1, 0, 1024);
memset(line2, 0, 16384);
if (users_list && strstr(users_list, "sslpeer=") == users_list) {
int ok = 0;
char *u = NULL, *upeer = NULL;
if (certret_str) {
char *q, *p, *str = strdup(certret_str);
q = strstr(str, "Subject: ");
if (! q) return 0;
p = strstr(q, "\n");
if (p) *p = '\0';
q = strstr(q, "CN=");
if (! q) return 0;
if (! getenv("X11VNC_SSLPEER_CN")) {
p = q;
q = strstr(q, "/emailAddress=");
if (! q) q = strstr(p, "/Email=");
if (! q) return 0;
}
q = strstr(q, "=");
if (! q) return 0;
q++;
p = strstr(q, " ");
if (p) *p = '\0';
p = strstr(q, "@");
if (p) *p = '\0';
p = strstr(q, "/");
if (p) *p = '\0';
upeer = strdup(q);
if (strcmp(upeer, "")) {
p = upeer;
while (*p != '\0') {
char c = *p;
if (!isalnum((int) c)) {
*p = '\0';
break;
}
p++;
}
if (strcmp(upeer, "")) {
ok = 1;
}
}
}
if (! ok || !upeer) {
return 0;
}
rfbLog("sslpeer unix username extracted from x509 cert: %s\n", upeer);
u = (char *) malloc(strlen(upeer+2));
u[0] = '\0';
if (!strcmp(users_list, "sslpeer=")) {
sprintf(u, "+%s", upeer);
} else {
char *p, *str = strdup(users_list);
p = strtok(str + strlen("sslpeer="), ",");
while (p) {
if (!strcmp(p, upeer)) {
sprintf(u, "+%s", upeer);
break;
}
p = strtok(NULL, ",");
}
free(str);
}
if (u[0] == '\0') {
rfbLog("sslpeer cannot determine user: %s\n", upeer);
free(u);
return 0;
}
free(u);
usslpeer = upeer;
}
/* only sets environment variables: */
run_user_command("", latest_client, "env", NULL, 0, NULL);
if (!strcmp(cmd, "FINDDISPLAY") ||
strstr(cmd, "FINDCREATEDISPLAY") == cmd) {
char *nd = "";
tmp_fd = mkstemp(tmp);
if (tmp_fd < 0) {
rfbLog("wait_for_client: open failed: %s\n", tmp);
@ -1498,7 +1589,12 @@ if (0) db = 1;
clean_up_exit(1);
}
chmod(tmp, 0644);
write(tmp_fd, find_display, strlen(find_display));
if (getenv("X11VNC_FINDDISPLAY_ALWAYS_FAILS")) {
char *s = "#!/bin/sh\necho _FAIL_\nexit 1\n";
write(tmp_fd, s, strlen(s));
} else {
write(tmp_fd, find_display, strlen(find_display));
}
close(tmp_fd);
nodisp = 1;
@ -1536,6 +1632,7 @@ if (!keep_unixpw_opts) {
} else if (strstr(t, "failsafe")) {
sprintf(xsess, "failsafe");
}
q = strstr(t, "ge=");
if (! q) q = strstr(t, "geom=");
if (! q) q = strstr(t, "geometry=");
@ -1566,28 +1663,60 @@ if (!keep_unixpw_opts) {
}
free(t);
}
set_env("FD_GEOM", geom);
set_env("FD_SESS", xsess);
if (unixpw && keep_unixpw_user) {
create_cmd = (char *) malloc(strlen(tmp)
if (usslpeer || (unixpw && keep_unixpw_user)) {
char *uu = usslpeer;
if (!uu) {
uu = keep_unixpw_user;
}
create_cmd = (char *) malloc(strlen(tmp)+1
+ strlen("env USER='' ")
+ strlen("env FD_SESS='' ")
+ strlen("env FD_GEOM='' /bin/sh ")
+ strlen(keep_unixpw_user) + 1
+ strlen("FD_GEOM='' ")
+ strlen("FD_SESS='' /bin/sh ")
+ strlen(uu) + 1
+ strlen(geom) + 1
+ strlen(xsess) + 1
+ strlen(opts) + 1);
sprintf(create_cmd, "env USER='%s' FD_GEOM='%s' FD_SESS='%s' /bin/sh %s %s",
keep_unixpw_user, geom, xsess, tmp, opts);
uu, geom, xsess, tmp, opts);
} else {
create_cmd = (char *) malloc(strlen(tmp)
+ strlen("/bin/sh ") + 1 + strlen(opts) + 1);
sprintf(create_cmd, "/bin/sh %s %s", tmp, opts);
}
if (db) fprintf(stderr, "create_cmd: %s\n", create_cmd);
}
cmd = (char *) malloc(strlen(tmp) + strlen("/bin/sh ") + 1);
sprintf(cmd, "/bin/sh %s", tmp);
if (unixpw && keep_unixpw_opts && keep_unixpw_opts[0] != '\0') {
char *q, *t = keep_unixpw_opts;
q = strstr(t, "nd=");
if (! q) q = strstr(t, "nodisplay=");
if (q) {
char *t2;
q = strchr(q, '=') + 1;
t = strdup(q);
q = t;
t2 = strchr(t, ',');
if (t2) *t2 = '\0';
while (*t != '\0') {
if (*t == '-') {
*t = ',';
}
t++;
}
if (!strchr(q, '\'')) {
if (! quiet) rfbLog("set X11VNC_SKIP_DISPLAY: %s\n", q);
nd = q;
}
}
}
cmd = (char *) malloc(strlen("env X11VNC_SKIP_DISPLAY='' ")
+ strlen(nd) + strlen(tmp) + strlen("/bin/sh ") + 1);
sprintf(cmd, "env X11VNC_SKIP_DISPLAY='%s' /bin/sh %s", nd, tmp);
}
rfbLog("wait_for_client: running: %s\n", cmd);
@ -1605,6 +1734,9 @@ if (db) fprintf(stderr, "create_cmd: %s\n", create_cmd);
}
if (db) {fprintf(stderr, "line: "); write(2, line, n); write(2, "\n", 1); fprintf(stderr, "res=%d n=%d\n", res, n);}
if (! res) {
rfbLog("wait_for_client: find display cmd failed\n");
}
if (! res && create_cmd) {
FILE *mt = fopen(tmp, "w");
@ -1702,7 +1834,22 @@ if (db) fprintf(stderr, "\n");
FILE *p;
int rc;
close_exec_fds();
p = popen(cmd, "r");
if (usslpeer) {
char *c;
if (getuid() == 0) {
c = (char *) malloc(strlen("su - '' -c \"")
+ strlen(usslpeer) + strlen(cmd) + 1 + 1);
sprintf(c, "su - '%s' -c \"%s\"", usslpeer, cmd);
} else {
c = strdup(cmd);
}
p = popen(c, "r");
free(c);
} else {
p = popen(cmd, "r");
}
if (! p) {
rfbLog("wait_for_client: cmd failed: %s\n", cmd);
rfbLogPerror("popen");
@ -1722,6 +1869,10 @@ if (db) fprintf(stderr, "\n");
n = fread(line2, 1, 16384, p);
rc = pclose(p);
if (rc != 0) {
rfbLog("wait_for_client: find display cmd failed\n");
}
if (create_cmd && rc != 0) {
FILE *mt = fopen(tmp, "w");
if (! mt) {
@ -1767,7 +1918,9 @@ if (db) fprintf(stderr, "line1=%s\n", line1);
if (strstr(line1, "DISPLAY=") != line1) {
rfbLog("wait_for_client: bad reply '%s'\n", line1);
unixpw_msg("No DISPLAY found.", 3);
if (unixpw) {
unixpw_msg("No DISPLAY found.", 3);
}
clean_up_exit(1);
}
@ -1849,7 +2002,17 @@ fprintf(stderr, "\n");}
}
}
if (users_list_save && keep_unixpw_user) {
if (usslpeer) {
char *u = (char *) malloc(strlen(usslpeer+2));
sprintf(u, "+%s", usslpeer);
if (switch_user(u, 0)) {
rfbLog("sslpeer switched to user: %s\n", usslpeer);
} else {
rfbLog("sslpeer failed to switch to user: %s\n", usslpeer);
}
free(u);
} else if (users_list_save && keep_unixpw_user) {
char *user = keep_unixpw_user;
char *u = (char *)malloc(strlen(user)+1);

@ -2,7 +2,7 @@
.TH X11VNC "1" "April 2007" "x11vnc " "User Commands"
.SH NAME
x11vnc - allow VNC connections to real X11 displays
version: 0.9.1, lastmod: 2007-04-18
version: 0.9.1, lastmod: 2007-04-27
.SH SYNOPSIS
.B x11vnc
[OPTION]...
@ -1016,7 +1016,8 @@ It is used in the Apache SSL-portal example (see FAQ).
.IP
In this mode you can set X11VNC_SKIP_DISPLAY to a comma
separated list of displays (e.g. ":0,:1") to ignore
in the finding process.
in the finding process. This can also be set by the
user via "nd=" using "-" instead of ","
.IP
An interesting option is WAIT:cmd=FINDCREATEDISPLAY
that is like FINDDISPLAY in that is uses the same method
@ -1055,6 +1056,10 @@ on the machine. E.g. a desktop service:
.IP
Where /.../x11vnc is the full path to x11vnc.
.IP
If for some reason you do not want x11vnc to ever
try to find an existing display set the env. var
X11VNC_FINDDISPLAY_ALWAYS_FAILS=1 (also \fB-env\fR ...)
.IP
Use WAIT:cmd=FINDCREATEDISPLAY-print to print out the
script used. You can specify the preferred order via
e.g., WAIT:cmd=FINDCREATEDISPLAY-Xdummy,Xvfb,X and/or
@ -1866,6 +1871,28 @@ user as though "\fB-users\fR \fI+username\fR" had been supplied.
If you want to limit which users this will be done for,
provide them as a comma separated list after "unixpw="
.IP
Similarly, in \fB-ssl\fR mode, if "\fB-users\fR \fIsslpeer=\fR" is
supplied then after an SSL client authenticates with his
cert (the \fB-sslverify\fR option is required for this) x11vnc
will extract a UNIX username from the "emailAddress"
field (username@hostname.com) of the "Subject" in the
x509 SSL cert and then try to switch to that user as
though "\fB-users\fR \fI+username\fR" had been supplied. If you
want to limit which users this will be done for, provide
them as a comma separated list after "sslpeer=".
Set the env. var X11VNC_SSLPEER_CN to use the Common
Name (normally a hostname) instead of the Email field.
NOTE: the x11vnc administrator must take great care
that any client certs he adds to \fB-sslverify\fR have the
correct UNIX username in the "emailAddress" field
of the cert. Otherwise a user may be able to log in
as another. The following command can be of use in
checking: "openssl x509 \fB-text\fR \fB-in\fR file.crt", see the
"Subject:" line. Also, along with the normal RFB_*
env. vars. (see \fB-accept)\fR passed to external cmd=
commands, RFB_SSL_CLIENT_CERT will be set to the
client's x509 certificate string.
.IP
To immediately switch to a user *before* connections
to the X display are made or any files opened use the
"=" character: "\fB-users\fR \fI=bob\fR". That user needs to
@ -2552,6 +2579,8 @@ below the actual framebuffer to cache screen contents
for rapid retrieval. So a W x H frambuffer is expanded
to a W x (n+1)*H one. Use 0 to disable. Default: XXX.
.IP
The \fIn\fR is actually optional, the default is 10.
.IP
For this and the other \fB-ncache*\fR options below you can
abbreviate "\fB-ncache\fR" with "\fB-nc\fR". Also, "\fB-nonc\fR"
is the same as "\fB-ncache\fR \fI0\fR"

@ -2248,8 +2248,17 @@ int main(int argc, char* argv[]) {
show_dragging = 0;
#ifndef NO_NCACHE
} else if (!strcmp(arg, "-ncache") || !strcmp(arg, "-nc")) {
CHECK_ARGC
ncache = atoi(argv[++i]);
if (i < argc-1) {
char *s = argv[i+1];
if (s[0] != '-') {
ncache = atoi(s);
i++;
} else {
ncache = ncache_default;
}
} else {
ncache = ncache_default;
}
if (ncache % 2 != 0) {
ncache++;
}

@ -15,7 +15,7 @@ int xtrap_base_event_type = 0;
int xdamage_base_event_type = 0;
/* date +'lastmod: %Y-%m-%d' */
char lastmod[] = "0.9.1 lastmod: 2007-04-18";
char lastmod[] = "0.9.1 lastmod: 2007-04-27";
/* X display info */

Loading…
Cancel
Save