Sync with SSVNC 1.0.15

x11vnc/misc/enhanced_tightvnc_viewer/README

@@ -118,9 +118,15 @@ The enhanced TightVNC viewer features are:
 	  (-popupfix option).
 
 	- Improvements to the Popup menu, all of these can now be changed
-	  dynamically via the menu: ViewOnly, CursorShape updates, X11
-	  Cursor, Cursor Alphablending, Toggle Tight/ZRLE, Toggle JPEG,
-	  FullColor/16bpp/8bpp (256/64/8 colors).
+	  dynamically via the menu: ViewOnly, Toggle Bell, CursorShape
+	  updates, X11 Cursor, Cursor Alphablending, Toggle Tight/ZRLE,
+	  Toggle JPEG, FullColor/16bpp/8bpp (256/64/8 colors), Greyscale
+	  for low color modes.
+
+	- Support for UltraVNC extensions: Single Window, Disable
+	  Server-side Input, 1/n Server side scaling, Text Chat (shell
+	  terminal UI). Both UltraVNC and x11vnc servers support these
+	  extensions
 
 	- Run vncviewer -help for all options.
 
@@ -149,7 +155,7 @@ Unix and Mac OS X:
 
     Unpack the archive:
 
-        % gzip -dc ssvnc-1.0.14.tar.gz | tar xvf -
+        % gzip -dc ssvnc-1.0.15.tar.gz | tar xvf -
 
     Run the GUI:
 
@@ -159,7 +165,7 @@ Unix and Mac OS X:
 
     On MacOSX you could also click on the SSVNC app in the Finder.
 
-    The smaller file "ssvnc_no_windows-1.0.14.tar.gz"
+    The smaller file "ssvnc_no_windows-1.0.15.tar.gz"
     could have been used as well.
 
     On MacOSX there is also a SSVNC.app directory icon you can click on
@@ -170,7 +176,7 @@ Windows:
 
     Unzip, using WinZip or a similar utility, the zip file:
 
-        ssvnc-1.0.14.zip
+        ssvnc-1.0.15.zip
 
     Run the GUI, e.g.:
 
@@ -182,7 +188,7 @@ Windows:
 
     select Open, and then OK to launch it.
 
-    The smaller file "ssvnc_windows_only-1.0.14.zip"
+    The smaller file "ssvnc_windows_only-1.0.15.zip"
     could have been used as well.
 
     You can make a Windows shortcut to this program if you want to.

x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ss_vncviewer

@@ -112,7 +112,9 @@ VNCVIEWERCMD=${VNCVIEWERCMD:-vncviewer}
 # Same for STUNNEL, e.g. set it to /path/to/stunnel or stunnel4, etc.
 #
 
-#set -xv 
+if [ "X$SS_DEBUG" != "X" ]; then
+	set -xv 
+fi
 
 PATH=$PATH:/usr/sbin:/usr/local/sbin:/dist/sbin; export PATH
 
@@ -146,6 +148,10 @@ showcert=""
 reverse=""
 
 if [ "X$1" = "X-viewerflavor" ]; then
+	if echo "$VNCVIEWERCMD" | egrep -i '^(xmessage|sleep )' > /dev/null; then
+		echo "unknown"
+		exit 0
+	fi
 	if echo "$VNCVIEWERCMD" | grep -i chicken.of > /dev/null; then
 		echo "cotvnc"
 		exit 0
@@ -167,6 +173,12 @@ if [ "X$1" = "X-viewerflavor" ]; then
 	exit 0
 fi
 
+if [ "X$SS_VNCVIEWER_NO_MAXCONN" != "X" ]; then
+	STUNNEL_EXTRA_OPTS=`echo "$STUNNEL_EXTRA_OPTS" | sed -e 's/maxconn/#maxconn/'`
+elif echo "$VNCVIEWERCMD" | egrep -i '^(xmessage|sleep )' > /dev/null; then
+	STUNNEL_EXTRA_OPTS=`echo "$STUNNEL_EXTRA_OPTS" | sed -e 's/maxconn/#maxconn/'`
+fi
+
 # grab our cmdline options:
 while [ "X$1" != "X" ]
 do
@@ -215,10 +227,6 @@ else
 fi
 if [ "X$reverse" != "X" ]; then
 	ssh_sleep=1800
-	if [ "X$use_ssh" = "X1" ]; then
-		VNCVIEWER_LISTEN_LOCALHOST=1
-		export VNCVIEWER_LISTEN_LOCALHOST
-	fi
 	if [ "X$proxy" != "X" ]; then
 		if [ "X$use_ssh" = "X" -a "X$use_sshssl" = "X" ]; then
 			echo ""
@@ -256,6 +264,15 @@ if echo "$orig" | grep '^vnc://' > /dev/null; then
 	direct_connect=1
 elif echo "$orig" | grep '^vncs://' > /dev/null; then
 	orig=`echo "$orig" | sed -e 's,vncs://,,'`
+elif echo "$orig" | grep '^vncssl://' > /dev/null; then
+	orig=`echo "$orig" | sed -e 's,vncssl://,,'`
+elif echo "$orig" | grep '^vncssh://' > /dev/null; then
+	orig=`echo "$orig" | sed -e 's,vncssh://,,'`
+	use_ssh=1
+fi
+if [ "X$reverse" != "X" -a "X$direct_connect" = "X" ]; then
+	VNCVIEWER_LISTEN_LOCALHOST=1
+	export VNCVIEWER_LISTEN_LOCALHOST
 fi
 
 # play around with host:display port:
@@ -264,6 +281,8 @@ if echo "$orig" | grep ':' > /dev/null; then
 else
 	if [ "X$reverse" = "X" ]; then
 		orig="$orig:0"
+	elif [ "X$orig" = "X" ]; then
+		orig=":0"
 	fi
 fi
 
@@ -295,11 +314,32 @@ fi
 
 date_sec=`date +%S`
 
+if echo "$VNCVIEWERCMD" | grep '^sleep[ 	][ 	]*[0-9][0-9]*' > /dev/null; then
+	if [ "X$SS_VNCVIEWER_LISTEN_PORT" = "X" ]; then
+		p=`echo "$VNCVIEWERCMD" | awk '{print $3}'`
+		if [ "X$p" != "X" ]; then
+			SS_VNCVIEWER_LISTEN_PORT=$p
+		fi
+	fi
+	p2=`echo "$VNCVIEWERCMD" | awk '{print $2}'`
+	VNCVIEWERCMD="eval sleep $p2; echo Local "
+elif echo "$VNCVIEWERCMD" | grep '^xmessage[ 	][ 	]*[0-9][0-9]*' > /dev/null; then
+	if [ "X$SS_VNCVIEWER_LISTEN_PORT" = "X" ]; then
+		p=`echo "$VNCVIEWERCMD" | awk '{print $2}'`
+		SS_VNCVIEWER_LISTEN_PORT=$p
+	fi
+fi
+
 findfree() {
 	try0=$1
 	try=$try0
 	use0=""
 
+	if [ "X$SS_VNCVIEWER_LISTEN_PORT" != "X" ]; then
+		echo "$SS_VNCVIEWER_LISTEN_PORT"
+		return	
+	fi
+
 	while [ $try -lt 6000 ]
 	do
 		if [ "X$inuse" = "X" ]; then
@@ -763,10 +803,10 @@ if [ "X$direct_connect" != "X" ]; then
 		echo ""
 		echo "NOTE: Press Ctrl-C to terminate viewer LISTEN mode."
 		echo ""
-		echo "$VNCVIEWERCMD" "$@" -listen $N
+		echo "$VNCVIEWERCMD" "$@" -listen $disp
 		trap "final" 0 2 15
 		echo ""
-		$VNCVIEWERCMD "$@" -listen $N
+		$VNCVIEWERCMD "$@" -listen $disp
 	fi
 	exit $?
 fi

x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ssvnc.tcl

@@ -3,7 +3,7 @@
 exec wish "$0" "$@"
 
 #
-# Copyright (c) 2006 by Karl J. Runge <runge@karlrunge.com>
+# Copyright (c) 2006-2007 by Karl J. Runge <runge@karlrunge.com>
 #
 # ssvnc.tcl: gui wrapper to the programs in this
 # package. Also sets up service port forwarding.
@@ -270,14 +270,30 @@ proc help {} {
      4) Pressing the "Load" button or pressing Ctrl-L or Clicking the Right
         mouse button on the main GUI will invoke the Load Profile dialog.
 
-     5) If you want to do a Direct VNC connection, with *NO* SSL or SSH
-        encryption, use the "vnc://" prefix, e.g. vnc://far-away.east:0
+     5) If you want to do a Direct VNC connection, WITH *NO* SSL OR SSH
+        ENCRYPTION, use the "vnc://" prefix, e.g. vnc://far-away.east:0
+        This also works for reverse connections (see below).
+
+        Sorry we do not make this easy to figure out how to do (e.g. a
+        button on the main panel), but the goal of SSVNC is secure 
+        connections!
 
      6) Reverse VNC connections are possible as well.  Go to Options and
         select "Reverse VNC connection".  In the 'VNC Host:Display' entry
         box put in the number (e.g. "0" or ":0") that corresponds to the
         Listening display (0 -> port 5500).  See the Options Help for more
         info.
+
+     7) On Unix to have SSVNC act as a general STUNNEL redirector (i.e. no
+        VNC), put the the desired host:port in VNC Host:Display (use a
+        negative port value if it is to be less than 200), then go to
+        Options -> Advanced -> Change VNC Viewer.  Change the "viewer"
+        command to be "xmessage OK" or "xmessage <port>" (or sleep) where
+        port is the desired local listening port.  Then click Connect.
+        If you didn't set the local port look for it in the terminal output.
+
+        On Windows set it to "NOTEPAD" or similar; you can't control
+        the port though.  It is usually 5930.
 }
 
 	.h.f.t insert end $msg
@@ -476,12 +492,14 @@ set msg {
             over using a different port.
 
             In reverse connections mode be careful to protect the listening
-            vncviewer from direct connections (neither SSL nor SSH)
+            VNC Viewer from direct connections (neither SSL nor SSH)
             connecting directly to its listening port thereby bypassing
-            the tunnel.  This can be done by a host-level firewall that only
-            lets in, say, port 5500.  Or for SSH reverse connections allows
-            no 5500+n ports in.  For SSH reverse connections the Unix viewers
-            supplied in the SSVNC package will only listen on localhost.
+            the tunnel.  This can be done by a host-level firewall that
+            only lets in, say, port 5500 (the default one ":0" for stunnel
+            to listen on).  Or for SSH reverse connections allow NO 5500+n
+            ports in.  For reverse connections, the Unix enhanced tightvnc
+            viewers supplied in the SSVNC package will only listen on
+            localhost so these precautions are not needed.
 
             Note that for SSL connections use of "Proxy/Gateway" does not
             make sense: the remote side cannot initiate its reverse connection
@@ -556,7 +574,7 @@ set msg {
 proc help_fetch_cert {} {
 	toplev .fh
 
-	scroll_text_dismiss .fh.f 85 37
+	scroll_text_dismiss .fh.f 85 35
 
 	center_win .fh
 	wm resizable .fh 1 0
@@ -849,6 +867,7 @@ proc set_defaults {} {
 	set vncauth_passwd ""
 
 	ssl_ssh_adjust ssl
+	listen_adjust
 }
 
 proc do_viewer_windows {n} {
@@ -929,6 +948,11 @@ proc do_viewer_windows {n} {
 			incr did_listening_message
 			global listening_name
 
+			set ln $listening_name
+			if {$ln == ""} {
+				set ln "this-computer:$n"
+			}
+
 			set msg "
    About to start the Listening VNC Viewer.
 
@@ -938,13 +962,14 @@ proc do_viewer_windows {n} {
 
    The VNC server should then Reverse connect to:
 
-       $listening_name
+       $ln
 
-   To stop the Viewer: right click on the VNC Icon in the taskbar
+   To stop the Viewer: right click on the VNC Icon in the tray
    and select 'Close listening daemon' (or similar).
 
    You will then return to this GUI.
 
+   Click OK now to start the Listening VNC Viewer.
 "
 			global use_ssh use_sshssl
 			if {$use_ssh || $use_sshssl} {
@@ -957,7 +982,7 @@ proc do_viewer_windows {n} {
 
 			set wll_done 0
 
-			eval text .wll.t -width 60 -height 18 $help_font
+			eval text .wll.t -width 60 -height 19 $help_font
 			button .wll.d -text "OK" -command {destroy .wll; set wll_done 1}
 			pack .wll.t .wll.d -side top -fill x
 
@@ -973,7 +998,11 @@ proc do_viewer_windows {n} {
 			vwait wll_done
 		}
 	} else {
-		append cmd " localhost:$n"
+		if [regexp {^[0-9][0-9]*$} $n] {
+			append cmd " localhost:$n"
+		} else {
+			append cmd " $n"
+		}
 	}
 	
 	mesg $cmd
@@ -2178,6 +2207,10 @@ proc direct_connect_msg {} {
 	}
 	if {$msg != ""} {
 		set msg "Direct connect via vnc://hostname\nThe following options will be disabled:\n\n$msg"
+		global is_windows
+		if {0 && $is_windows} {
+			set msg "Direct connect mode: vnc://host:disp is not supported on Windows."
+		}
 		raise .
 		tk_messageBox -type ok -icon info -message $msg
 	}
@@ -2297,6 +2330,9 @@ proc fetch_cert_unix {hp} {
 }
 
 proc fetch_cert_windows {hp} {
+
+	regsub {^vnc.*://} $hp "" hp
+
 	set hpnew  [get_ssh_hp $hp]
 	set proxy  [get_ssh_proxy $hp]
 
@@ -3048,6 +3084,22 @@ proc launch {{hp ""}} {
 	}
 	##############################################################
 
+	if [regexp {vnc://} $hp] {
+		direct_connect_msg
+		regsub {vnc://} $hp "" hp
+		direct_connect_windows $hp
+		return
+	} elseif [regexp {vncs://} $hp] {
+		set use_ssl 1
+		regsub {vncs://} $hp "" hp
+	} elseif [regexp {vncssl://} $hp] {
+		set use_ssl 1
+		regsub {vncssl://} $hp "" hp
+	} elseif [regexp {vncssh://} $hp] {
+		set use_ssh 1
+		regsub {vncssh://} $hp "" hp
+	}
+
 	check_ssh_needed
 
 	if {! $use_ssh} {
@@ -3366,6 +3418,120 @@ proc launch {{hp ""}} {
 	}
 }
 
+proc direct_connect_windows {{hp ""}} {
+	global tcl_platform is_windows
+	global env use_listen
+
+	set proxy [get_ssh_proxy $hp]
+
+	set did_port_knock 0
+
+	global listening_name
+	set listening_name ""
+
+	set list [split $hp ":"] 
+
+	set host [lindex $list 0]
+	if {$host == ""} {
+		set host "localhost"
+	}
+
+	if [regexp {^.*@} $host match] {
+		catch {raise .; update}
+		mesg "Trimming \"$match\" from hostname"
+		after 1000
+		regsub {^.*@} $host "" host
+	}
+
+	set disp [lindex $list 1]
+	set disp [string trim $disp]
+	regsub { .*$} $disp "" disp
+	if {[regexp {^-[0-9][0-9]*$} $disp]} {
+		;
+	} elseif {$disp == "" || ! [regexp {^[0-9][0-9]*$} $disp]} {
+		set disp 0
+	}
+
+	if {$disp < 0} {
+		set port [expr "- $disp"]
+	} elseif {$disp < 200} {
+		if {$use_listen} {
+			set port [expr "$disp + 5500"]
+		} else {
+			set port [expr "$disp + 5900"]
+		}
+	} else {
+		set port $disp
+	}
+
+	if {$proxy != ""} {
+		if [regexp {@} $proxy] {
+			bell
+			catch {raise .; update}
+			mesg "WARNING: SSL proxy contains \"@\" sign"
+			after 2000
+		}
+		set n2 45
+
+		set env(SSVNC_PROXY) $proxy
+		set env(SSVNC_LISTEN) [expr "$n2 + 5900"]
+		set env(SSVNC_DEST) "$host:$port"
+
+		set port [expr $n2 + 5900]
+		set host "localhost"
+	}
+
+	set fail 0
+	if {! $did_port_knock} {
+		if {! [do_port_knock $host start]} {
+			set fail 1
+		}
+		set did_port_knock 1
+	}
+
+	if {$fail} {
+		return
+	}
+
+	set proxy_pid ""
+	if {$proxy != ""} {
+		mesg "Starting TCP helper on port $port ..."
+		after 600
+		set proxy_pid [exec "connect_br.exe" &]
+		unset -nocomplain env(SSVNC_PROXY)
+		unset -nocomplain env(SSVNC_LISTEN)
+		unset -nocomplain env(SSVNC_DEST)
+	}
+
+	catch {destroy .o}
+	catch {destroy .oa}
+	wm withdraw .
+
+	if {$use_listen} {
+		set n $port
+		if {$n >= 5500} {
+			set n [expr $n - 5500]
+		}
+		do_viewer_windows "$n"
+	} else {
+		if {$port >= 5900} {
+			set port [expr $port - 5900]
+		}
+		do_viewer_windows "$host:$port"
+	}
+
+	wm deiconify .
+
+	mesg "Disconnected from $hp."
+
+	global port_knocking_list
+	if [regexp {FINISH} $port_knocking_list] {
+		do_port_knock $host finish
+	}
+
+	mesg "Disconnected from $hp."
+}
+
 proc get_idir_certs {str} {
 	global is_windows env
 	set idir ""
@@ -4599,7 +4765,7 @@ proc load_include {include dir} {
 	}
 }
 
-proc load_profile {{parent "."}} {
+proc load_profile {{parent "."} {infile ""}} {
 	global profdone
 	global vncdisplay
 
@@ -4607,8 +4773,12 @@ proc load_profile {{parent "."}} {
 
 	set dir [get_profiles_dir]
 
-	set file [tk_getOpenFile -parent $parent -defaultextension ".vnc" \
-		-initialdir $dir -title "Load VNC Profile"]
+	if {$infile != ""} {
+		set file $infile
+	} else {
+		set file [tk_getOpenFile -parent $parent -defaultextension \
+			".vnc" -initialdir $dir -title "Load VNC Profile"]
+	}
 	if {$file == ""} {
 		set profdone 1
 		return
@@ -6637,7 +6807,7 @@ proc change_vncviewer_dialog {} {
 	wm title .chviewer "Change VNC Viewer"
 
 	global help_font
-	eval text .chviewer.t -width 90 -height 24 $help_font
+	eval text .chviewer.t -width 90 -height 29 $help_font
 	apply_bg .chviewer.t
 
 	set msg {
@@ -6662,6 +6832,12 @@ proc change_vncviewer_dialog {} {
 
     Since the command line options differ between them greatly, if you know it
     is of the RealVNC 4.x flavor, indicate on the check box. Otherwise we guess.
+
+    To have SSVNC act as a general STUNNEL redirector (no VNC) set the viewer to
+    be "xmessage OK" or "xmessage <port>" or "sleep n" or "sleep n <port>" (or
+    "NOTEPAD" on Windows).  The default listen port is 5930.  The destination is
+    set in "VNC Host:Display" (for a remote port less then 200 use the negative
+    of the port value).
 }
 	.chviewer.t insert end $msg
 
@@ -7625,8 +7801,9 @@ proc set_options {} {
 	incr i
 
 	checkbutton .o.b$i -anchor w -variable use_listen -text \
-		"Reverse VNC Connection (-listen)" -command {listen_adjust}
+		"Reverse VNC Connection (-listen)" -command {listen_adjust; if {$vncdisplay == ""} {set vncdisplay ":0"}}
 	#if {$is_windows} {.o.b$i configure -state disabled}
+	if {$darwin_cotvnc} {.o.b$i configure -state disabled}
 	incr i
 
 	checkbutton .o.b$i -anchor w -variable use_viewonly -text \
@@ -7868,6 +8045,7 @@ label .f2.l -width $wl -anchor w -text "Proxy/Gateway:" -relief ridge
 entry .f2.e -width $we -textvariable vncproxy
 pack .f2.l -side left 
 pack .f2.e -side left -expand 1 -fill x
+bind .f2.e <Return> launch
 
 frame .f3
 label .f3.l -width $wl -anchor w -text "Remote SSH Command:" -relief ridge
@@ -7876,6 +8054,7 @@ pack .f3.l -side left
 pack .f3.e -side left -expand 1 -fill x
 .f3.l configure -state disabled
 .f3.e configure -state disabled
+bind .f3.e <Return> launch
 
 set remote_ssh_cmd_list {.f3.e .f3.l} 
 
@@ -7941,3 +8120,31 @@ bind .l <ButtonPress> {set button_gui_top 1}
 bind .f0.l <ButtonPress> {set button_gui_top 1}
 
 update
+
+if {$argc > 0} {
+	set item [lindex $argv 0]
+	if {$item != ""} {
+		if [file exists $item] {
+			load_profile . $item
+		} else {
+			set ok 0
+			set dir [get_profiles_dir]
+			set try "$dir/$item"
+			foreach try [list $dir/$item $dir/$item.vnc] {
+				if [file exists $try] {
+					load_profile . $try
+					set ok 1
+					break;
+				}
+			}
+			if {! $ok && [regexp {:} $item]} {
+				global vncdisplay
+				set vncdisplay $item
+				update 
+				after 750
+				launch
+			}
+		}
+	}
+}
+

x11vnc/misc/enhanced_tightvnc_viewer/bin/util/stunnel-server.conf

@@ -6,6 +6,9 @@
 # to manually start up stunnel using it.
 # (e.g. /path/to/stunnel stunnel-server.conf)
 #
+# NOTE: You MUST specify a cert = PEM file line for server mode.
+# SSVNC or x11vnc can be used to create one if you like.
+#
 # This is just an example and is not used by the tools in this package.
 # It is here in case you wanted to see how to add SSL support to any
 # VNC server you have.
@@ -18,7 +21,8 @@ RNDoverwrite = yes
 #  CApath = /path/to/.../crt-dir
 #  CAfile = /path/to/.../foo.crt
 #  verify = 2
-# My server cert could go here:
+#
+# The server cert goes here (**IT MUST BE SPECIFIED IN SERVER MODE**):
 #  cert = /path/to/.../my.pem
 #
 [vnc]

x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_bundle

@@ -1,7 +1,7 @@
 #!/bin/sh
 
 rm -rf ./src/tmp/* || exit 1
-vers=1.0.14
+vers=1.0.15
 
 cd .. || exit 1