You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
libtdevnc/classes/ssl/README

87 lines
3.0 KiB

This directory contains a patched Java applet VNC viewer that is SSL
enabled.
The patches in the *.patch files are relative to the source tarball:
tightvnc-1.3dev7_javasrc.tar.gz
currently (4/06) available here:
http://prdownloads.sourceforge.net/vnc-tight/tightvnc-1.3dev7_javasrc.tar.gz?download
It also includes some simple patches to:
- fix richcursor colors
- make the Java Applet cursor (not the cursor drawn to the canvas
framebuffer) invisible when it is inside the canvas.
- allow Tab (and some other) keystrokes to be sent to the vnc
server instead of doing widget traversal.
This SSL applet should work with any VNC viewer that has an SSL tunnel in
front of it. It has been tested on x11vnc and using the stunnel tunnel
to other VNC servers.
By default this Vnc Viewer will only do SSL. To do unencrypted traffic
see the "DisableSSL" applet parameter (e.g. set it to Yes in index.vnc).
Proxies: they are a general problem with java socket applets (a socket
connection does not go through the proxy). See the info in the proxy.vnc
file for a workaround. It uses SignedVncViewer.jar which is simply
a signed version of VncViewer.jar. The basic idea is the user clicks
"Yes" to trust the applet and then it can connect directly to the proxy
and issue a CONNECT request.
This applet has been tested on versions 1.4.2 and 1.5.0 of the Sun
Java plugin. It may not work on older releases or different vendor VM's.
Send full Java Console output for failures.
---------------------------------------------------------------
Tips:
When doing single-port proxy connections (e.g. both VNC and HTTPS
thru port 5900) it helps to move through the 'do you trust this site'
dialogs quickly. x11vnc has to wait to see if the traffic is VNC or
HTTP and this can cause timeouts if you don't move thru them quickly.
You may have to restart your browser completely if it gets into a
weird state. For one case we saw the JVM requesting VncViewer.class
even when no such file exists.
---------------------------------------------------------------
Extras:
ss_vncviewer (not Java):
Wrapper script for native VNC viewer to connect to x11vnc in
SSL mode. Script launches stunnel(8) and then connects to it
via localhost which in turn is then redirected to x11vnc via an
SSL tunnel. stunnel(8) must be installed and available in PATH.
Running Java SSL VncViewer from the command line:
From this directory:
java -cp ./VncViewer.jar VncViewer HOST <thehost> PORT <theport>
substitute <thehost> and <theport> with the actual values.
You can add any other parameters, e.g.: ignoreProxy yes
---------------------------------------------------------------
UltraVNC:
The UltraVNC java viewer has also been patched to support SSL. Various
bugs in the UltraVNC java viewer were also fixed. This viewer can be
useful because is support UltraVNC filetransfer, and so it works on
Unix, etc.
UltraViewerSSL.jar
SignedUltraViewerSSL.jar
ultra.vnc
ultraproxy.vnc
ultravnc-102-JavaViewer-ssl-etc.patch