TDE
/
libtdevnc
mirror of https://mirror.git.trinitydesktop.org/gitea/TDE/libtdevnc
0
0
Fork 0
Code Issues Releases Wiki Activity

X11VNC_REFLECT_PASSWORD env. var., warning about compiz, improve single-port.

Browse Source
pull/1/head
runge 15 years ago
parent 0e7499fb39
commit d11b2abd8c
9 changed files with 185 additions and 44 deletions
Show Stats Download Patch File Download Diff File

5
x11vnc/ChangeLog
Unescape View File

@ -1,3 +1,8 @@
2009-06-14 Karl Runge <runge@karlrunge.com>
* x11vnc: Add X11VNC_REFLECT_PASSWORD env. var. for -reflect mode.
Message to user about compiz problems suggesting -noxdamage.
Improvements to single-port detection and logging.
2009-05-21 Karl Runge <runge@karlrunge.com> 2009-05-21 Karl Runge <runge@karlrunge.com>
* x11vnc: Thread safety improvements. Add 'OpenOffice' to special * x11vnc: Thread safety improvements. Add 'OpenOffice' to special
case list for scroll detection. Fix -clip mode under -rawfb. case list for scroll detection. Fix -clip mode under -rawfb.

30
x11vnc/README
Unescape View File

@ -2,7 +2,7 @@
Copyright (C) 2002-2009 Karl J. Runge <runge@karlrunge.com> Copyright (C) 2002-2009 Karl J. Runge <runge@karlrunge.com>
All rights reserved. All rights reserved.
x11vnc README file Date: Thu May 21 10:41:49 EDT 2009 x11vnc README file Date: Sun Jun 14 13:03:59 EDT 2009
The following information is taken from these URLs: The following information is taken from these URLs:
@ -3222,6 +3222,13 @@ TrueColor defdepth 24
and finally supply the [222]-noshm option (this enables the polling and finally supply the [222]-noshm option (this enables the polling
over the network). over the network).
If the Xterminal's X display is open to the network for connections,
you might use something like "-display xterm123:0". If you are trying
to do this via an SSH tunnel (assuming you can actually ssh into the
Xterminal) it will be a little tricky (either use the ssh "-R" option
or consider ssh-ing in the other direction.) In all cases the X11
permissions need to allow the connection.
The response will likely be sluggish (maybe only one "frame" per The response will likely be sluggish (maybe only one "frame" per
second). This mode is not recommended except for "quick checks" of second). This mode is not recommended except for "quick checks" of
hard to get to X servers. Use something like "-wait 150" to cut down hard to get to X servers. Use something like "-wait 150" to cut down
@ -9375,7 +9382,7 @@ References
462. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc 462. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc
463. http://www.karlrunge.com/x11vnc/Xdummy 463. http://www.karlrunge.com/x11vnc/Xdummy
464. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find 464. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find
465. http://www.isc.cnrs.fr/informatique/public_notice/x11vnc 465. http://www.karlrunge.com/x11vnc/xdm_one_shot.html
466. http://www.karlrunge.com/x11vnc/faq.html#infaq_display-manager-continuously 466. http://www.karlrunge.com/x11vnc/faq.html#infaq_display-manager-continuously
467. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay 467. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay
468. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT 468. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT
@ -11655,6 +11662,10 @@ Enhanced TightVNC Viewer (SSVNC: SSL/SSH VNC viewer)
inside the viewport via Arrow keys or a mouse drag. inside the viewport via Arrow keys or a mouse drag.
* Scrollbar width setting: -sbwidth n, the default is very thin, 2 * Scrollbar width setting: -sbwidth n, the default is very thin, 2
pixels, for less distracting -ycrop usage. pixels, for less distracting -ycrop usage.
* Selection text sending and receiving can be fine-tuned with the
-sendclipboard, -sendalways, and -recvtext options.
* TightVNC compression and quality levels are automatically set
based on observed network latency (n.b. not bandwidth.)
* Improvements to the [29]Popup menu, all of these can now be * Improvements to the [29]Popup menu, all of these can now be
changed dynamically via the menu: ViewOnly, Toggle Bell, changed dynamically via the menu: ViewOnly, Toggle Bell,
CursorShape updates, X11 Cursor, Cursor Alphablending, Toggle CursorShape updates, X11 Cursor, Cursor Alphablending, Toggle
@ -12307,6 +12318,8 @@ r
Quality Level ~ -quality (both Tight and ZYWRLE) Quality Level ~ -quality (both Tight and ZYWRLE)
Compress Level ~ -compresslevel Compress Level ~ -compresslevel
Disable JPEG: ~ -nojpeg (Tight) Disable JPEG: ~ -nojpeg (Tight)
Pipeline Updates ~ -pipeline
Full Color as many colors as local screen allows. Full Color as many colors as local screen allows.
Grey scale (16 & 8-bpp) ~ -grey, for low colors 16/8bpp modes only. Grey scale (16 & 8-bpp) ~ -grey, for low colors 16/8bpp modes only.
16 bit color (BGR565) ~ -16bpp / -bgr565 16 bit color (BGR565) ~ -16bpp / -bgr565
@ -12320,7 +12333,6 @@ r
Set Y Crop (y-max) ~ -ycrop Set Y Crop (y-max) ~ -ycrop
Set Scrollbar Width ~ -sbwidth Set Scrollbar Width ~ -sbwidth
XGrabServer ~ -graball XGrabServer ~ -graball
Pipeline Updates ~ -pipeline
UltraVNC Extensions: UltraVNC Extensions:
@ -12335,6 +12347,9 @@ r
Note: the Ultravnc extensions only apply to servers that support Note: the Ultravnc extensions only apply to servers that support
them. x11vnc/libvncserver supports some of them. them. x11vnc/libvncserver supports some of them.
Send Clipboard not Primary ~ -sendclipboard
Send Selection Every time ~ -sendalways
Nearly all of these can be changed dynamically in the Popup menu Nearly all of these can be changed dynamically in the Popup menu
(press F8 for it): (press F8 for it):
@ -12598,7 +12613,7 @@ x11vnc: a VNC server for real X displays
Here are all of x11vnc command line options: Here are all of x11vnc command line options:
% x11vnc -opts (see below for -help long descriptions) % x11vnc -opts (see below for -help long descriptions)
x11vnc: allow VNC connections to real X11 displays. 0.9.8 lastmod: 2009-05-18 x11vnc: allow VNC connections to real X11 displays. 0.9.8 lastmod: 2009-06-14
x11vnc options: x11vnc options:
-display disp -auth file -N -display disp -auth file -N
@ -12723,7 +12738,7 @@ libvncserver-tight-extension options:
% x11vnc -help % x11vnc -help
x11vnc: allow VNC connections to real X11 displays. 0.9.8 lastmod: 2009-05-18 x11vnc: allow VNC connections to real X11 displays. 0.9.8 lastmod: 2009-06-14
(type "x11vnc -opts" to just list the options.) (type "x11vnc -opts" to just list the options.)
@ -16696,6 +16711,11 @@ t
window dragging. Consider the -nodragging option if window dragging. Consider the -nodragging option if
the problem is severe. the problem is severe.
The env. var. X11VNC_REFLECT_PASSWORD can be set to
the password needed to log into the vnc host server, or
to "file:path_to_file" to indicate a file containing
the password as its first line.
The VNC HOST mode implies -shared. Use -noshared as The VNC HOST mode implies -shared. Use -noshared as
a subsequent cmdline option to disable sharing. a subsequent cmdline option to disable sharing.

12
x11vnc/connections.c
Unescape View File

@ -817,7 +817,10 @@ void client_gone(rfbClientPtr client) {
rfbLog("connect_once: invalid password or early " rfbLog("connect_once: invalid password or early "
"disconnect.\n"); "disconnect.\n");
rfbLog("connect_once: waiting for next connection.\n"); rfbLog("connect_once: waiting for next connection.\n");
accepted_client = 0; accepted_client--;
if (accepted_client < 0) {
accepted_client = 0;
}
CLIENT_UNLOCK; CLIENT_UNLOCK;
return; return;
} }
@ -2995,8 +2998,8 @@ enum rfbNewClientAction new_client(rfbClientPtr client) {
if (connect_once) { if (connect_once) {
if (screen->dontDisconnect && screen->neverShared) { if (screen->dontDisconnect && screen->neverShared) {
if (! shared && accepted_client) { if (! shared && accepted_client) {
rfbLog("denying additional client: %s\n", rfbLog("denying additional client: %s:%d\n",
client->host); client->host, get_remote_port(client->sock));
CLIENT_UNLOCK; CLIENT_UNLOCK;
return(RFB_CLIENT_REFUSE); return(RFB_CLIENT_REFUSE);
} }
@ -3095,7 +3098,8 @@ enum rfbNewClientAction new_client(rfbClientPtr client) {
cd->cmp_bytes_sent = 0; cd->cmp_bytes_sent = 0;
cd->raw_bytes_sent = 0; cd->raw_bytes_sent = 0;
accepted_client = 1; rfbLog("incr accepted_client for %s:%d.\n", client->host, get_remote_port(client->sock));
accepted_client++;
last_client = time(NULL); last_client = time(NULL);
if (ncache) { if (ncache) {

5
x11vnc/help.c
Unescape View File

@ -4031,6 +4031,11 @@ void print_help(int mode) {
" window dragging. Consider the -nodragging option if\n" " window dragging. Consider the -nodragging option if\n"
" the problem is severe.\n" " the problem is severe.\n"
"\n" "\n"
" The env. var. X11VNC_REFLECT_PASSWORD can be set to\n"
" the password needed to log into the vnc host server, or\n"
" to \"file:path_to_file\" to indicate a file containing\n"
" the password as its first line.\n"
"\n"
" The VNC HOST mode implies -shared. Use -noshared as\n" " The VNC HOST mode implies -shared. Use -noshared as\n"
" a subsequent cmdline option to disable sharing.\n" " a subsequent cmdline option to disable sharing.\n"
"\n" "\n"

37
x11vnc/screen.c
Unescape View File

@ -1175,6 +1175,39 @@ rfbBool vnc_reflect_resize(rfbClient *cl) {
return cl->frameBuffer ? TRUE : FALSE; return cl->frameBuffer ? TRUE : FALSE;
} }
static char* vnc_reflect_get_password(rfbClient* client) {
char *q, *p, *str = getenv("X11VNC_REFLECT_PASSWORD");
int len = 110;
if (str) {
len += 2*strlen(str);
}
p = (char *) calloc(len, 1);
if (!str || strlen(str) == 0) {
fprintf(stderr, "VNC Reflect Password: ");
fgets(p, 100, stdin);
} else {
if (strstr(str, "file:") == str) {
FILE *f = fopen(str + strlen("file:"), "r");
if (f) {
fgets(p, 100, f);
fclose(f);
}
}
if (p[0] == '\0') {
strncpy(p, str, 100);
}
}
q = p;
while (*q != '\0') {
if (*q == '\n') {
*q = '\0';
}
q++;
}
return p;
}
char *vnc_reflect_guess(char *str, char **raw_fb_addr) { char *vnc_reflect_guess(char *str, char **raw_fb_addr) {
static int first = 1; static int first = 1;
@ -1206,6 +1239,10 @@ char *vnc_reflect_guess(char *str, char **raw_fb_addr) {
client->canHandleNewFBSize = TRUE; client->canHandleNewFBSize = TRUE;
client->GotFrameBufferUpdate = vnc_reflect_got_update; client->GotFrameBufferUpdate = vnc_reflect_got_update;
if (getenv("X11VNC_REFLECT_PASSWORD")) {
client->GetPassword = vnc_reflect_get_password;
}
if (first) { if (first) {
argv[argc++] = "x11vnc_rawfb_vnc"; argv[argc++] = "x11vnc_rawfb_vnc";
if (strstr(hp, "listen") == hp) { if (strstr(hp, "listen") == hp) {

124
x11vnc/sslhelper.c
Unescape View File

@ -124,7 +124,7 @@ static void init_prng(void);
static void sslerrexit(void); static void sslerrexit(void);
static char *get_input(char *tag, char **in); static char *get_input(char *tag, char **in);
static char *create_tmp_pem(char *path, int prompt); static char *create_tmp_pem(char *path, int prompt);
static int ssl_init(int s_in, int s_out, int skip_vnc_tls); static int ssl_init(int s_in, int s_out, int skip_vnc_tls, double last_https);
static void ssl_xfer(int csock, int s_in, int s_out, int is_https); static void ssl_xfer(int csock, int s_in, int s_out, int is_https);
#ifndef FORK_OK #ifndef FORK_OK
@ -1397,7 +1397,7 @@ if (db) fprintf(stderr, " waitret1=%d\n", wret);
} }
} }
static int is_ssl_readable(int s_in, time_t last_https, char *last_get, static int is_ssl_readable(int s_in, double last_https, char *last_get,
int mode) { int mode) {
int nfd, db = 0; int nfd, db = 0;
struct timeval tv; struct timeval tv;
@ -1427,7 +1427,7 @@ static int is_ssl_readable(int s_in, time_t last_https, char *last_get,
* increase the timeout if we know HTTP traffic has occurred * increase the timeout if we know HTTP traffic has occurred
* recently: * recently:
*/ */
if (time(NULL) < last_https + 30) { if (dnow() < last_https + 30.0) {
tv.tv_sec = 10; tv.tv_sec = 10;
if (last_get && strstr(last_get, "VncViewer")) { if (last_get && strstr(last_get, "VncViewer")) {
tv.tv_sec = 5; tv.tv_sec = 5;
@ -1613,7 +1613,7 @@ int proxy_hack(int vncsock, int listen, int s_in, int s_out, char *cookie,
if (db) fprintf(stderr, "got applet input sock1: %d\n", sock1); if (db) fprintf(stderr, "got applet input sock1: %d\n", sock1);
if (! ssl_init(sock1, sock1, 0)) { if (! ssl_init(sock1, sock1, 0, 0.0)) {
if (db) fprintf(stderr, "ssl_init FAILED\n"); if (db) fprintf(stderr, "ssl_init FAILED\n");
exit(1); exit(1);
} }
@ -1789,7 +1789,7 @@ void accept_openssl(int mode, int presock) {
char cookie[256], rcookie[256], *name = NULL; char cookie[256], rcookie[256], *name = NULL;
int vencrypt_sel = 0; int vencrypt_sel = 0;
int anontls_sel = 0; int anontls_sel = 0;
static time_t last_https = 0; static double last_https = 0.0;
static char last_get[256]; static char last_get[256];
static int first = 1; static int first = 1;
unsigned char *rb; unsigned char *rb;
@ -1972,6 +1972,11 @@ void accept_openssl(int mode, int presock) {
/* now fork the child to handle the SSL: */ /* now fork the child to handle the SSL: */
pid = fork(); pid = fork();
if (pid > 0) {
rfbLog("SSL: helper for peerport %d is pid %d: \n",
peerport, (int) pid);
}
if (pid < 0) { if (pid < 0) {
rfbLog("SSL: accept_openssl: could not fork.\n"); rfbLog("SSL: accept_openssl: could not fork.\n");
rfbLogPerror("fork"); rfbLogPerror("fork");
@ -2023,6 +2028,7 @@ void accept_openssl(int mode, int presock) {
if (vncsock < 0) { if (vncsock < 0) {
rfbLog("SSL: ssl_helper[%d]: could not connect" rfbLog("SSL: ssl_helper[%d]: could not connect"
" back to: %d\n", getpid(), cport); " back to: %d\n", getpid(), cport);
rfbLog("SSL: ssl_helper[%d]: exit case 1 (no local vncsock)\n", getpid());
exit(1); exit(1);
} }
if (db) fprintf(stderr, "vncsock %d\n", vncsock); if (db) fprintf(stderr, "vncsock %d\n", vncsock);
@ -2036,8 +2042,9 @@ void accept_openssl(int mode, int presock) {
s_in = s_out = sock; s_in = s_out = sock;
} }
if (! ssl_init(s_in, s_out, skip_vnc_tls)) { if (! ssl_init(s_in, s_out, skip_vnc_tls, last_https)) {
close(vncsock); close(vncsock);
rfbLog("SSL: ssl_helper[%d]: exit case 2 (ssl_init failed)\n", getpid());
exit(1); exit(1);
} }
@ -2075,6 +2082,7 @@ void accept_openssl(int mode, int presock) {
rfbLog("SSL: accept_openssl[%d]: no httpd socket for " rfbLog("SSL: accept_openssl[%d]: no httpd socket for "
"-https mode\n", getpid()); "-https mode\n", getpid());
close(vncsock); close(vncsock);
rfbLog("SSL: ssl_helper[%d]: exit case 3 (no httpd sock)\n", getpid());
exit(1); exit(1);
} }
@ -2186,6 +2194,7 @@ void accept_openssl(int mode, int presock) {
write(vncsock, tbuf, strlen(tbuf)); write(vncsock, tbuf, strlen(tbuf));
close(vncsock); close(vncsock);
rfbLog("SSL: ssl_helper[%d]: exit case 4 (check.https.proxy.connection)\n", getpid());
exit(0); exit(0);
} }
connect_to_httpd: connect_to_httpd:
@ -2282,6 +2291,7 @@ void accept_openssl(int mode, int presock) {
if (httpsock < 0) { if (httpsock < 0) {
/* UGH, after all of that! */ /* UGH, after all of that! */
rfbLog("Could not connect to httpd socket!\n"); rfbLog("Could not connect to httpd socket!\n");
rfbLog("SSL: ssl_helper[%d]: exit case 5.\n", getpid());
exit(1); exit(1);
} }
if (db) fprintf(stderr, "ssl_helper[%d]: httpsock: %d %d\n", if (db) fprintf(stderr, "ssl_helper[%d]: httpsock: %d %d\n",
@ -2296,6 +2306,7 @@ void accept_openssl(int mode, int presock) {
write(httpsock, buf, n); write(httpsock, buf, n);
} }
ssl_xfer(httpsock, s_in, s_out, is_http); ssl_xfer(httpsock, s_in, s_out, is_http);
rfbLog("SSL: ssl_helper[%d]: exit case 6 (https ssl_xfer done)\n", getpid());
exit(0); exit(0);
} }
@ -2311,6 +2322,7 @@ void accept_openssl(int mode, int presock) {
wrote_cookie: wrote_cookie:
ssl_xfer(vncsock, s_in, s_out, 0); ssl_xfer(vncsock, s_in, s_out, 0);
rfbLog("SSL: ssl_helper[%d]: exit case 7 (ssl_xfer done)\n", getpid());
exit(0); exit(0);
} }
/* parent here */ /* parent here */
@ -2333,7 +2345,7 @@ void accept_openssl(int mode, int presock) {
if (vsock < 0) { if (vsock < 0) {
rfbLog("SSL: accept_openssl: connection from ssl_helper FAILED.\n"); rfbLog("SSL: accept_openssl: connection from ssl_helper[%d] FAILED.\n", pid);
rfbLogPerror("accept"); rfbLogPerror("accept");
kill(pid, SIGTERM); kill(pid, SIGTERM);
@ -2441,15 +2453,15 @@ void accept_openssl(int mode, int presock) {
} }
if (n != (int) strlen(cookie) || strncmp(cookie, rcookie, n)) { if (n != (int) strlen(cookie) || strncmp(cookie, rcookie, n)) {
rfbLog("SSL: accept_openssl: cookie from ssl_helper FAILED. %d\n", n); rfbLog("SSL: accept_openssl: cookie from ssl_helper[%d] FAILED. %d\n", pid, n);
if (db) fprintf(stderr, "'%s'\n'%s'\n", cookie, rcookie); if (db) fprintf(stderr, "'%s'\n'%s'\n", cookie, rcookie);
close(vsock); close(vsock);
if (strstr(rcookie, uniq) == rcookie) { if (strstr(rcookie, uniq) == rcookie) {
int i; int i;
rfbLog("SSL: BUT WAIT! HTTPS for helper process succeeded. Good.\n"); rfbLog("SSL: BUT WAIT! HTTPS for helper process[%d] succeeded. Good.\n", pid);
if (mode != OPENSSL_HTTPS) { if (mode != OPENSSL_HTTPS) {
last_https = time(NULL); last_https = dnow();
for (i=0; i<256; i++) { for (i=0; i<256; i++) {
last_get[i] = '\0'; last_get[i] = '\0';
} }
@ -2470,6 +2482,7 @@ void accept_openssl(int mode, int presock) {
double start; double start;
int origport = screen->port; int origport = screen->port;
int useport = screen->port; int useport = screen->port;
int saw_httpsock = 0;
/* to expand $PORT correctly in index.vnc */ /* to expand $PORT correctly in index.vnc */
if (https_port_redir < 0) { if (https_port_redir < 0) {
char *q = strstr(rcookie, "HP="); char *q = strstr(rcookie, "HP=");
@ -2489,23 +2502,34 @@ void accept_openssl(int mode, int presock) {
start = dnow(); start = dnow();
while (dnow() < start + 10.0) { while (dnow() < start + 10.0) {
if (screen->httpSock >= 0) saw_httpsock = 1;
rfbPE(10000); rfbPE(10000);
usleep(10000); usleep(10000);
if (screen->httpSock >= 0) saw_httpsock = 1;
waitpid(pid, &status, WNOHANG); waitpid(pid, &status, WNOHANG);
if (kill(pid, 0) != 0) { if (kill(pid, 0) != 0) {
rfbPE(10000); rfbPE(10000);
rfbPE(10000); rfbPE(10000);
break; break;
} }
if (saw_httpsock && screen->httpSock < 0) {
rfbLog("SSL: httpSock for helper[%d] went away\n", pid);
rfbPE(10000);
rfbPE(10000);
break;
}
} }
screen->port = origport; screen->port = origport;
rfbLog("SSL: guessing child https finished.\n"); rfbLog("SSL: guessing child helper[%d] https finished. dt=%.6f\n",
pid, dnow() - start);
ssl_helper_pid(0, -2); ssl_helper_pid(0, -2);
if (mode == OPENSSL_INETD) { if (mode == OPENSSL_INETD) {
clean_up_exit(1); clean_up_exit(1);
} }
} else if (mode == OPENSSL_INETD) { } else if (mode == OPENSSL_INETD) {
double start; double start;
int saw_httpsock = 0;
/* to expand $PORT correctly in index.vnc */ /* to expand $PORT correctly in index.vnc */
if (screen->port == 0) { if (screen->port == 0) {
int fd = fileno(stdin); int fd = fileno(stdin);
@ -2524,17 +2548,26 @@ void accept_openssl(int mode, int presock) {
/* kludge for https fetch via inetd */ /* kludge for https fetch via inetd */
start = dnow(); start = dnow();
while (dnow() < start + 10.0) { while (dnow() < start + 10.0) {
if (screen->httpSock >= 0) saw_httpsock = 1;
rfbPE(10000); rfbPE(10000);
usleep(10000); usleep(10000);
if (screen->httpSock >= 0) saw_httpsock = 1;
waitpid(pid, &status, WNOHANG); waitpid(pid, &status, WNOHANG);
if (kill(pid, 0) != 0) { if (kill(pid, 0) != 0) {
rfbPE(10000); rfbPE(10000);
rfbPE(10000); rfbPE(10000);
break; break;
} }
if (saw_httpsock && screen->httpSock < 0) {
rfbLog("SSL: httpSock for helper[%d] went away\n", pid);
rfbPE(10000);
rfbPE(10000);
break;
}
} }
rfbLog("SSL: OPENSSL_INETD guessing " rfbLog("SSL: OPENSSL_INETD guessing "
"child https finished.\n"); "child helper[%d] https finished. dt=%.6f\n",
pid, dnow() - start);
ssl_helper_pid(0, -2); ssl_helper_pid(0, -2);
clean_up_exit(1); clean_up_exit(1);
} }
@ -2554,7 +2587,7 @@ void accept_openssl(int mode, int presock) {
if (db) fprintf(stderr, "accept_openssl: cookie good: %s\n", cookie); if (db) fprintf(stderr, "accept_openssl: cookie good: %s\n", cookie);
rfbLog("SSL: handshake with helper process succeeded.\n"); rfbLog("SSL: handshake with helper process[%d] succeeded.\n", pid);
openssl_last_helper_pid = pid; openssl_last_helper_pid = pid;
ssl_helper_pid(pid, vsock); ssl_helper_pid(pid, vsock);
@ -3006,8 +3039,8 @@ static int vencrypt_dialog(int s_in, int s_out) {
return 1; return 1;
} }
static int check_vnc_tls_mode(int s_in, int s_out) { static int check_vnc_tls_mode(int s_in, int s_out, double last_https) {
double waited = 0.0, dt = 0.01, start = dnow(); double waited = 0.0, waitmax = 1.4, dt = 0.01, start = dnow();
struct timeval tv; struct timeval tv;
int input = 0, i, n, ok; int input = 0, i, n, ok;
int major, minor, sectype = -1; int major, minor, sectype = -1;
@ -3038,7 +3071,20 @@ static int check_vnc_tls_mode(int s_in, int s_out) {
return 1; return 1;
} }
while (waited < 1.1) { if (last_https > 0.0) {
double now = dnow();
if (now < last_https + 5.0) {
waitmax = 20.0;
} else if (now < last_https + 15.0) {
waitmax = 10.0;
} else if (now < last_https + 30.0) {
waitmax = 5.0;
} else if (now < last_https + 60.0) {
waitmax = 2.5;
}
}
while (waited < waitmax) {
fd_set rfds; fd_set rfds;
FD_ZERO(&rfds); FD_ZERO(&rfds);
FD_SET(s_in, &rfds); FD_SET(s_in, &rfds);
@ -3052,7 +3098,8 @@ static int check_vnc_tls_mode(int s_in, int s_out) {
usleep((int) (1000 * 1000 * dt)); usleep((int) (1000 * 1000 * dt));
waited += dt; waited += dt;
} }
rfbLog("check_vnc_tls_mode: waited: %f input: %s\n", dnow() - start, input ? "SSL Handshake" : "(future) RFB Handshake"); rfbLog("check_vnc_tls_mode: waited: %f / %.2f input: %s\n",
dnow() - start, waitmax, input ? "SSL Handshake" : "(future) RFB Handshake");
if (input) { if (input) {
/* got SSL client hello, can only assume normal SSL */ /* got SSL client hello, can only assume normal SSL */
@ -3079,7 +3126,7 @@ static int check_vnc_tls_mode(int s_in, int s_out) {
int i; int i;
rfbLog("check_vnc_tls_mode: abnormal handshake: '%s'\nbytes: ", buf); rfbLog("check_vnc_tls_mode: abnormal handshake: '%s'\nbytes: ", buf);
for (i=0; i < 12; i++) { for (i=0; i < 12; i++) {
fprintf(stderr, "%x.", (int) buf[i]); fprintf(stderr, "%d.", (unsigned char) buf[i]);
} }
fprintf(stderr, "\n"); fprintf(stderr, "\n");
close(s_in); close(s_out); close(s_in); close(s_out);
@ -3197,7 +3244,7 @@ static void ssl_timeout (int sig) {
exit(1); exit(1);
} }
static int ssl_init(int s_in, int s_out, int skip_vnc_tls) { static int ssl_init(int s_in, int s_out, int skip_vnc_tls, double last_https) {
unsigned char *sid = (unsigned char *) "x11vnc SID"; unsigned char *sid = (unsigned char *) "x11vnc SID";
char *name = NULL; char *name = NULL;
int peerport = 0; int peerport = 0;
@ -3220,7 +3267,7 @@ static int ssl_init(int s_in, int s_out, int skip_vnc_tls) {
if (skip_vnc_tls) { if (skip_vnc_tls) {
rfbLog("SSL: ssl_helper[%d]: HTTPS mode, skipping check_vnc_tls_mode()\n", rfbLog("SSL: ssl_helper[%d]: HTTPS mode, skipping check_vnc_tls_mode()\n",
getpid()); getpid());
} else if (!check_vnc_tls_mode(s_in, s_out)) { } else if (!check_vnc_tls_mode(s_in, s_out, last_https)) {
return 0; return 0;
} }
@ -3419,7 +3466,7 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) {
* time), but we also want the timeout shorter at the beginning * time), but we also want the timeout shorter at the beginning
* in case the client went away. * in case the client went away.
*/ */
time_t start; double start, now;
int tv_https_early = 60; int tv_https_early = 60;
int tv_https_later = 20; int tv_https_later = 20;
int tv_vnc_early = 40; int tv_vnc_early = 40;
@ -3442,13 +3489,14 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) {
} }
return; return;
} }
if (getenv("SSL_DEBUG")) { if (getenv("SSL_DEBUG")) {
db = atoi(getenv("SSL_DEBUG")); db = atoi(getenv("SSL_DEBUG"));
} }
if (db) fprintf(stderr, "ssl_xfer begin\n"); if (db) fprintf(stderr, "ssl_xfer begin\n");
start = time(NULL); start = dnow();
if (is_https) { if (is_https) {
tv_use = tv_https_early; tv_use = tv_https_early;
} else { } else {
@ -3567,7 +3615,8 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) {
} }
} }
if (tv_cutover && time(NULL) > start + tv_cutover) { now = dnow();
if (tv_cutover && now > start + tv_cutover) {
rfbLog("SSL: ssl_xfer[%d]: tv_cutover: %d\n", getpid(), rfbLog("SSL: ssl_xfer[%d]: tv_cutover: %d\n", getpid(),
tv_cutover); tv_cutover);
tv_cutover = 0; tv_cutover = 0;
@ -3589,6 +3638,7 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) {
closing = 1; closing = 1;
tv_use = tv_closing; tv_use = tv_closing;
} }
tv.tv_sec = tv_use; tv.tv_sec = tv_use;
tv.tv_usec = 0; tv.tv_usec = 0;
@ -3603,11 +3653,13 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) {
if (db > 1) fprintf(stderr, "nfd: %d\n", nfd); if (db > 1) fprintf(stderr, "nfd: %d\n", nfd);
if (0) fprintf(stderr, "nfd[%d]: %d w/r csock: %d %d s_in: %d %d\n", getpid(), nfd, FD_ISSET(csock, &wr), FD_ISSET(csock, &rd), FD_ISSET(s_out, &wr), FD_ISSET(s_in, &rd));
if (nfd < 0) { if (nfd < 0) {
rfbLog("SSL: ssl_xfer[%d]: select error: %d\n", getpid(), nfd); rfbLog("SSL: ssl_xfer[%d]: select error: %d\n", getpid(), nfd);
perror("select"); perror("select");
/* connection finished */ /* connection finished */
return; goto done;
} }
if (nfd == 0) { if (nfd == 0) {
@ -3623,7 +3675,7 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) {
rfbLog("SSL: ssl_xfer[%d]: connection timedout. %d tv_use: %d\n", rfbLog("SSL: ssl_xfer[%d]: connection timedout. %d tv_use: %d\n",
getpid(), ndata, tv_use); getpid(), ndata, tv_use);
/* connection finished */ /* connection finished */
return; goto done;
} }
/* used to see if SSL_pending() should be checked: */ /* used to see if SSL_pending() should be checked: */
@ -3638,12 +3690,12 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) {
if (n < 0) { if (n < 0) {
if (errno != EINTR) { if (errno != EINTR) {
/* connection finished */ /* connection finished */
return; goto done;
} }
/* proceed */ /* proceed */
} else if (n == 0) { } else if (n == 0) {
/* connection finished XXX double check */ /* connection finished XXX double check */
return; goto done;
} else { } else {
/* shift over the data in sbuf by n */ /* shift over the data in sbuf by n */
memmove(sbuf, sbuf + n, sptr - n); memmove(sbuf, sbuf + n, sptr - n);
@ -3691,7 +3743,7 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) {
} else if (err == SSL_ERROR_SYSCALL) { } else if (err == SSL_ERROR_SYSCALL) {
if (n < 0 && errno != EINTR) { if (n < 0 && errno != EINTR) {
/* connection finished */ /* connection finished */
return; goto done;
} }
/* proceed */ /* proceed */
} else if (err == SSL_ERROR_ZERO_RETURN) { } else if (err == SSL_ERROR_ZERO_RETURN) {
@ -3700,7 +3752,7 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) {
s_wr = 0; s_wr = 0;
} else if (err == SSL_ERROR_SSL) { } else if (err == SSL_ERROR_SSL) {
/* connection finished */ /* connection finished */
return; goto done;
} }
} }
} }
@ -3715,7 +3767,7 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) {
if (n < 0) { if (n < 0) {
if (errno != EINTR) { if (errno != EINTR) {
/* connection finished */ /* connection finished */
return; goto done;
} }
/* proceed */ /* proceed */
} else if (n == 0) { } else if (n == 0) {
@ -3760,7 +3812,7 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) {
if (n < 0) { if (n < 0) {
if(errno != EINTR) { if(errno != EINTR) {
/* connection finished */ /* connection finished */
return; goto done;
} }
/* proceed */ /* proceed */
} else { } else {
@ -3783,11 +3835,19 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) {
} }
} else if (err == SSL_ERROR_SSL) { } else if (err == SSL_ERROR_SSL) {
/* connection finished */ /* connection finished */
return; goto done;
} }
} }
} }
} }
done:
rfbLog("SSL: ssl_xfer[%d]: closing sockets %d, %d, %d\n",
getpid(), csock, s_in, s_out);
close(csock);
close(s_in);
close(s_out);
return;
} }
void check_openssl(void) { void check_openssl(void) {

9
x11vnc/x11vnc.1
Unescape View File

@ -1,8 +1,8 @@
.\" This file was automatically generated from x11vnc -help output. .\" This file was automatically generated from x11vnc -help output.
.TH X11VNC "1" "May 2009" "x11vnc " "User Commands" .TH X11VNC "1" "June 2009" "x11vnc " "User Commands"
.SH NAME .SH NAME
x11vnc - allow VNC connections to real X11 displays x11vnc - allow VNC connections to real X11 displays
version: 0.9.8, lastmod: 2009-05-18 version: 0.9.8, lastmod: 2009-06-14
.SH SYNOPSIS .SH SYNOPSIS
.B x11vnc .B x11vnc
[OPTION]... [OPTION]...
@ -4632,6 +4632,11 @@ wireframing that gives much better response than opaque
window dragging. Consider the \fB-nodragging\fR option if window dragging. Consider the \fB-nodragging\fR option if
the problem is severe. the problem is severe.
.IP .IP
The env. var. X11VNC_REFLECT_PASSWORD can be set to
the password needed to log into the vnc host server, or
to "file:path_to_file" to indicate a file containing
the password as its first line.
.IP
The VNC HOST mode implies \fB-shared.\fR Use \fB-noshared\fR as The VNC HOST mode implies \fB-shared.\fR Use \fB-noshared\fR as
a subsequent cmdline option to disable sharing. a subsequent cmdline option to disable sharing.
.PP .PP

5
x11vnc/x11vnc.c
Unescape View File

@ -4785,6 +4785,11 @@ if (0) fprintf(stderr, "XA: %s\n", getenv("XAUTHORITY"));
if (! quiet && xdamage_present && use_xdamage && ! raw_fb_str) { if (! quiet && xdamage_present && use_xdamage && ! raw_fb_str) {
rfbLog("X DAMAGE available on display, using it for polling hints.\n"); rfbLog("X DAMAGE available on display, using it for polling hints.\n");
rfbLog(" To disable this behavior use: '-noxdamage'\n"); rfbLog(" To disable this behavior use: '-noxdamage'\n");
rfbLog("\n");
rfbLog(" Most compositing window managers like 'compiz' or 'beryl'\n");
rfbLog(" cause X DAMAGE to fail, and so you may not see any screen\n");
rfbLog(" updates via VNC. Either disable 'compiz' (recommended) or\n");
rfbLog(" supply the x11vnc '-noxdamage' command line option.\n");
} }
if (! quiet && wireframe && ! raw_fb_str) { if (! quiet && wireframe && ! raw_fb_str) {

2
x11vnc/x11vnc_defs.c
Unescape View File

@ -47,7 +47,7 @@ int xtrap_base_event_type = 0;
int xdamage_base_event_type = 0; int xdamage_base_event_type = 0;
/* date +'lastmod: %Y-%m-%d' */ /* date +'lastmod: %Y-%m-%d' */
char lastmod[] = "0.9.8 lastmod: 2009-05-18"; char lastmod[] = "0.9.8 lastmod: 2009-06-14";
/* X display info */ /* X display info */

Write Preview
Loading…
Cancel
Save