TDE
/
libtdevnc
mirror of https://mirror.git.trinitydesktop.org/gitea/TDE/libtdevnc
0
0
Fork 0
Code Issues Releases Wiki Activity

X11VNC_EXTRA_HTTPS_PARAMS, X11VNC_HTTP_LISTEN_LOCALHOST, X11VNC_REOPEN_SLEEP_MAX,

Browse Source 
-findauth/-auth guess FD_XDM=1 for root, work around xhost SI:localuser:root.
pull/1/head
runge 15 years ago
parent 6153bd6983
commit 8f5c9ef01e
11 changed files with 340 additions and 85 deletions
Show Stats Download Patch File Download Diff File

8
x11vnc/ChangeLog
Unescape View File

@ -1,3 +1,11 @@
2009-12-06 Karl Runge <runge@karlrunge.com>
* x11vnc: findauth/-auth guess works with FD_XDM=1 for root
finding dm's xauthority. Work around for GDM's recent
'xhost SI:localuser:root' usage. X11VNC_REOPEN_SLEEP_MAX
for longer lived -reopen-ing. X11VNC_EXTRA_HTTPS_PARAMS for
additional URL parameters, X11VNC_HTTP_LISTEN_LOCALHOST=1 to
force libvncserver http to listen on localhost.
2009-12-04 Karl Runge <runge@karlrunge.com> 2009-12-04 Karl Runge <runge@karlrunge.com>
* classes/ssl: update binaries; new signing key; ss_vncviewer. * classes/ssl: update binaries; new signing key; ss_vncviewer.
* x11vnc: add more wish possibilities for -gui. Declare crypt() * x11vnc: add more wish possibilities for -gui. Declare crypt()

76
x11vnc/README
Unescape View File

@ -2,7 +2,7 @@
Copyright (C) 2002-2009 Karl J. Runge <runge@karlrunge.com> Copyright (C) 2002-2009 Karl J. Runge <runge@karlrunge.com>
All rights reserved. All rights reserved.
x11vnc README file Date: Fri Dec 4 20:44:56 EST 2009 x11vnc README file Date: Mon Dec 7 08:14:20 EST 2009
The following information is taken from these URLs: The following information is taken from these URLs:
@ -932,7 +932,12 @@ make
applies heuristics that try to determine the XAUTHORITY file. The applies heuristics that try to determine the XAUTHORITY file. The
use of '[130]-auth guess' will use the XAUTHORITY that -findauth use of '[130]-auth guess' will use the XAUTHORITY that -findauth
reveals. This can be handy in with the lastest GDM where the reveals. This can be handy in with the lastest GDM where the
ability to store cookies in ~/.Xauthority has been removed. ability to store cookies in ~/.Xauthority has been removed. If
x11vnc is running as root (e.g. inetd) and you add -env FD_XDM=1
to the above -findauth or -auth guess command lines, it will find
the correct XAUTHORITY for the given display (this works for
XDM/GDM/KDM if the login greeter panel is up or if someone has
already logged into an X session.)
* The FINDDISPLAY and FINDCREATEDISPLAY modes (i.e. "[131]-display * The FINDDISPLAY and FINDCREATEDISPLAY modes (i.e. "[131]-display
WAIT:cmd=...", [132]-find, [133]-create) now work correctly for WAIT:cmd=...", [132]-find, [133]-create) now work correctly for
the user-supplied login program scheme "[134]-unixpw_cmd ...", as the user-supplied login program scheme "[134]-unixpw_cmd ...", as
@ -12894,7 +12899,7 @@ x11vnc: a VNC server for real X displays
Here are all of x11vnc command line options: Here are all of x11vnc command line options:
% x11vnc -opts (see below for -help long descriptions) % x11vnc -opts (see below for -help long descriptions)
x11vnc: allow VNC connections to real X11 displays. 0.9.9 lastmod: 2009-12-04 x11vnc: allow VNC connections to real X11 displays. 0.9.9 lastmod: 2009-12-06
x11vnc options: x11vnc options:
-display disp -auth file -N -display disp -auth file -N
@ -13021,7 +13026,7 @@ libvncserver-tight-extension options:
% x11vnc -help % x11vnc -help
x11vnc: allow VNC connections to real X11 displays. 0.9.9 lastmod: 2009-12-04 x11vnc: allow VNC connections to real X11 displays. 0.9.9 lastmod: 2009-12-06
(type "x11vnc -opts" to just list the options.) (type "x11vnc -opts" to just list the options.)
@ -13089,6 +13094,12 @@ Options:
mechanism (described below) to try to guess the mechanism (described below) to try to guess the
XAUTHORITY filename and use it. XAUTHORITY filename and use it.
XDM/GDM/KDM: if you are running x11vnc as root and want
to find the XAUTHORITY before anyone has logged into an
X session yet, use: x11vnc -env FD_XDM=1 -auth guess ...
(This will also find the XAUTHORITY if a user is already
logged into the X session.)
-N If the X display is :N, try to set the VNC display to -N If the X display is :N, try to set the VNC display to
also be :N This just sets the -rfbport option to 5900+N also be :N This just sets the -rfbport option to 5900+N
The program will exit immediately if that port is not The program will exit immediately if that port is not
@ -13110,7 +13121,10 @@ Options:
for display managers like GDM (KillInitClients option) for display managers like GDM (KillInitClients option)
that kill x11vnc just after the user logs into the that kill x11vnc just after the user logs into the
X session. Note: the reopened state may be unstable. X session. Note: the reopened state may be unstable.
Set X11VNC_REOPEN_DISPLAY=n to reopen n times. Set X11VNC_REOPEN_DISPLAY=n to reopen n times and
set X11VNC_REOPEN_SLEEP_MAX to the number of seconds,
default 10, to keep trying to reopen the display (once
per second.)
Update: as of 0.9.9, x11vnc tries to automatically avoid Update: as of 0.9.9, x11vnc tries to automatically avoid
being killed by the display manager by delaying creating being killed by the display manager by delaying creating
@ -14018,17 +14032,23 @@ Options:
(i.e. all the X displays on the local machine that you (i.e. all the X displays on the local machine that you
have access rights to). have access rights to).
-findauth [disp] Apply the -find/-finddpy heuristics to try to guess the -findauth [disp] Apply the -find/-finddpy heuristics to try to guess
XAUTHORITY file for DISPLAY 'disp'. If 'disp' is not the XAUTHORITY file for DISPLAY 'disp'. If 'disp'
supplied, then the value in the -display earlier in is not supplied, then the value in the -display on
the cmdline is used; failing that $DISPLAY is used; the cmdline is used; failing that $DISPLAY is used;
and failing that ":0" is used. and failing that ":0" is used.
If nothing is printed out, that means no XAUTHORITY was If nothing is printed out, that means no XAUTHORITY was
found for 'disp'. If "XAUTHORITY=" is printed out, found for 'disp'; i.e. failure. If "XAUTHORITY="
that means use the default (i.e. do not set XAUTHORITY). is printed out, that means use the default (i.e. do
If "XAUTHORITY=/path/to/file" is printed out, then not set XAUTHORITY). If "XAUTHORITY=/path/to/file"
use that file. is printed out, then use that file.
XDM/GDM/KDM: if you are running x11vnc as root and want
to find the XAUTHORITY before anyone has logged into an
X session yet, use: x11vnc -env FD_XDM=1 -findauth ...
(This will also find the XAUTHORITY if a user is already
logged into the X session.)
-create First try to find the user's display using FINDDISPLAY, -create First try to find the user's display using FINDDISPLAY,
if that doesn't succeed create an X session via the if that doesn't succeed create an X session via the
@ -14270,6 +14290,12 @@ Options:
for how to disable this for dtgreet on Solaris and for how to disable this for dtgreet on Solaris and
possibly for other greeters. possibly for other greeters.
In -find/cmd=FINDDISPLAY mode, if you set FD_XDM=1,
e.g. 'x11vnc -env FD_XDM=1 -find ...' and x11vnc is
running as root (e.g. inetd) then it will try to find
the XAUTHORITY file of a running XDM/GDM/KDM login
greeter (i.e. no user has logged into an X session yet.)
As another special case, WAIT:cmd=HTTPONCE will allow As another special case, WAIT:cmd=HTTPONCE will allow
x11vnc to service one http request and then exit. x11vnc to service one http request and then exit.
This is usually done in -inetd mode to run on, say, This is usually done in -inetd mode to run on, say,
@ -15269,7 +15295,21 @@ Options:
to include the PORT= in the browser URL, simply supply to include the PORT= in the browser URL, simply supply
"-httpsredir" to x11vnc. "-httpsredir" to x11vnc.
This options does not work in -stunnel mode. This option does not work in -stunnel mode.
More tricks: set the env var X11VNC_EXTRA_HTTPS_PARAMS
to be extra URL parameters to use. This way you do
not need to specify extra PARAMS in the index.vnc file.
E.g. x11vnc -env X11VNC_EXTRA_HTTPS_PARAMS='?GET=1' ...
If you do not want to expose the non-SSL HTTP port to
the network (i.e. you just want the single VNC/HTTPS
port, e.g. 5900, open for connections) then specify the
option -env X11VNC_HTTP_LISTEN_LOCALHOST=1 This way
the connection to the libvncserver httpd server will
only be available on localhost (note that in -ssl mode,
HTTPS requests are redirected from SSL to the non-SSL
libvncserver HTTP server.)
-http_oneport For UN-encrypted connections mode (i.e. no -ssl, -http_oneport For UN-encrypted connections mode (i.e. no -ssl,
-stunnel, or -enc options), allow the Java VNC Viewer -stunnel, or -enc options), allow the Java VNC Viewer
@ -15301,6 +15341,10 @@ Options:
mode when using an SSH tunnel as well as for router mode when using an SSH tunnel as well as for router
port redirections. port redirections.
Note that the -env X11VNC_HTTP_LISTEN_LOCALHOST=1
option described above under -httpsredir applies for
the libvncserver httpd server in all cases (ssl or not.)
-ssh user@host:disp Create a remote listening port on machine "host" -ssh user@host:disp Create a remote listening port on machine "host"
via a SSH tunnel using the -R rport:localhost:lport via a SSH tunnel using the -R rport:localhost:lport
method. lport will be the local x11vnc listening port, method. lport will be the local x11vnc listening port,
@ -16135,6 +16179,12 @@ t
-buttonmap currently does not work on MacOSX console -buttonmap currently does not work on MacOSX console
or in -rawfb mode. or in -rawfb mode.
Workaround: use -buttonmap IJ...-LM...=n to limit the
number of mouse buttons to n, e.g. 123-123=3. This will
prevent x11vnc from crashing if the X server reports
there are 5 buttons (4/5 scroll wheel), but there are
only really 3.
-nodragging Do not update the display during mouse dragging events -nodragging Do not update the display during mouse dragging events
(mouse button held down). Greatly improves response on (mouse button held down). Greatly improves response on
slow setups, but you lose all visual feedback for drags, slow setups, but you lose all visual feedback for drags,

17
x11vnc/cleanup.c
Unescape View File

@ -325,13 +325,23 @@ static int XIOerr(Display *d) {
#if !NO_X11 #if !NO_X11
if (reopen < rmax && getenv("X11VNC_REOPEN_DISPLAY")) { if (reopen < rmax && getenv("X11VNC_REOPEN_DISPLAY")) {
int db = getenv("X11VNC_REOPEN_DEBUG") ? 1 : 0; int db = getenv("X11VNC_REOPEN_DEBUG") ? 1 : 0;
int sleepmax = 10, i;
Display *save_dpy = dpy; Display *save_dpy = dpy;
char *dstr = DisplayString(save_dpy); char *dstr = strdup(DisplayString(save_dpy));
reopen++; reopen++;
if (getenv("X11VNC_REOPEN_SLEEP_MAX")) {
sleepmax = atoi(getenv("X11VNC_REOPEN_SLEEP_MAX"));
}
rfbLog("*** XIO error: Trying to reopen[%d/%d] display '%s'\n", reopen, rmax, dstr); rfbLog("*** XIO error: Trying to reopen[%d/%d] display '%s'\n", reopen, rmax, dstr);
rfbLog("*** XIO error: Note the reopened state may be unstable.\n"); rfbLog("*** XIO error: Note the reopened state may be unstable.\n");
usleep (3000 * 1000); for (i=0; i < sleepmax; i++) {
dpy = XOpenDisplay_wr(dstr); usleep (1000 * 1000);
dpy = XOpenDisplay_wr(dstr);
rfbLog("dpy[%d/%d]: %p\n", i+1, sleepmax, dpy);
if (dpy) {
break;
}
}
last_open_xdisplay = time(NULL); last_open_xdisplay = time(NULL);
if (dpy) { if (dpy) {
rfbLog("*** XIO error: Reopened display '%s' successfully.\n", dstr); rfbLog("*** XIO error: Reopened display '%s' successfully.\n", dstr);
@ -353,6 +363,7 @@ static int XIOerr(Display *d) {
do_new_fb(1); do_new_fb(1);
if (db) rfbLog("*** XIO error: check_xevents\n"); if (db) rfbLog("*** XIO error: check_xevents\n");
check_xevents(1); check_xevents(1);
/* sadly, we can never return... */ /* sadly, we can never return... */
if (db) rfbLog("*** XIO error: watch_loop\n"); if (db) rfbLog("*** XIO error: watch_loop\n");
watch_loop(); watch_loop();

63
x11vnc/help.c
Unescape View File

@ -118,6 +118,12 @@ void print_help(int mode) {
" mechanism (described below) to try to guess the\n" " mechanism (described below) to try to guess the\n"
" XAUTHORITY filename and use it.\n" " XAUTHORITY filename and use it.\n"
"\n" "\n"
" XDM/GDM/KDM: if you are running x11vnc as root and want\n"
" to find the XAUTHORITY before anyone has logged into an\n"
" X session yet, use: x11vnc -env FD_XDM=1 -auth guess ...\n"
" (This will also find the XAUTHORITY if a user is already\n"
" logged into the X session.)\n"
"\n"
"-N If the X display is :N, try to set the VNC display to\n" "-N If the X display is :N, try to set the VNC display to\n"
" also be :N This just sets the -rfbport option to 5900+N\n" " also be :N This just sets the -rfbport option to 5900+N\n"
" The program will exit immediately if that port is not\n" " The program will exit immediately if that port is not\n"
@ -139,7 +145,10 @@ void print_help(int mode) {
" for display managers like GDM (KillInitClients option)\n" " for display managers like GDM (KillInitClients option)\n"
" that kill x11vnc just after the user logs into the\n" " that kill x11vnc just after the user logs into the\n"
" X session. Note: the reopened state may be unstable.\n" " X session. Note: the reopened state may be unstable.\n"
" Set X11VNC_REOPEN_DISPLAY=n to reopen n times.\n" " Set X11VNC_REOPEN_DISPLAY=n to reopen n times and\n"
" set X11VNC_REOPEN_SLEEP_MAX to the number of seconds,\n"
" default 10, to keep trying to reopen the display (once\n"
" per second.)\n"
"\n" "\n"
" Update: as of 0.9.9, x11vnc tries to automatically avoid\n" " Update: as of 0.9.9, x11vnc tries to automatically avoid\n"
" being killed by the display manager by delaying creating\n" " being killed by the display manager by delaying creating\n"
@ -1064,17 +1073,23 @@ void print_help(int mode) {
" (i.e. all the X displays on the local machine that you\n" " (i.e. all the X displays on the local machine that you\n"
" have access rights to).\n" " have access rights to).\n"
"\n" "\n"
"-findauth [disp] Apply the -find/-finddpy heuristics to try to guess the\n" "-findauth [disp] Apply the -find/-finddpy heuristics to try to guess\n"
" XAUTHORITY file for DISPLAY 'disp'. If 'disp' is not\n" " the XAUTHORITY file for DISPLAY 'disp'. If 'disp'\n"
" supplied, then the value in the -display earlier in\n" " is not supplied, then the value in the -display on\n"
" the cmdline is used; failing that $DISPLAY is used;\n" " the cmdline is used; failing that $DISPLAY is used;\n"
" and failing that \":0\" is used.\n" " and failing that \":0\" is used.\n"
"\n" "\n"
" If nothing is printed out, that means no XAUTHORITY was\n" " If nothing is printed out, that means no XAUTHORITY was\n"
" found for 'disp'. If \"XAUTHORITY=\" is printed out,\n" " found for 'disp'; i.e. failure. If \"XAUTHORITY=\"\n"
" that means use the default (i.e. do not set XAUTHORITY).\n" " is printed out, that means use the default (i.e. do\n"
" If \"XAUTHORITY=/path/to/file\" is printed out, then\n" " not set XAUTHORITY). If \"XAUTHORITY=/path/to/file\"\n"
" use that file.\n" " is printed out, then use that file.\n"
"\n"
" XDM/GDM/KDM: if you are running x11vnc as root and want\n"
" to find the XAUTHORITY before anyone has logged into an\n"
" X session yet, use: x11vnc -env FD_XDM=1 -findauth ...\n"
" (This will also find the XAUTHORITY if a user is already\n"
" logged into the X session.)\n"
"\n" "\n"
"-create First try to find the user's display using FINDDISPLAY,\n" "-create First try to find the user's display using FINDDISPLAY,\n"
" if that doesn't succeed create an X session via the\n" " if that doesn't succeed create an X session via the\n"
@ -1316,6 +1331,12 @@ void print_help(int mode) {
" for how to disable this for dtgreet on Solaris and\n" " for how to disable this for dtgreet on Solaris and\n"
" possibly for other greeters.\n" " possibly for other greeters.\n"
"\n" "\n"
" In -find/cmd=FINDDISPLAY mode, if you set FD_XDM=1,\n"
" e.g. 'x11vnc -env FD_XDM=1 -find ...' and x11vnc is\n"
" running as root (e.g. inetd) then it will try to find\n"
" the XAUTHORITY file of a running XDM/GDM/KDM login\n"
" greeter (i.e. no user has logged into an X session yet.)\n"
"\n"
" As another special case, WAIT:cmd=HTTPONCE will allow\n" " As another special case, WAIT:cmd=HTTPONCE will allow\n"
" x11vnc to service one http request and then exit.\n" " x11vnc to service one http request and then exit.\n"
" This is usually done in -inetd mode to run on, say,\n" " This is usually done in -inetd mode to run on, say,\n"
@ -2315,7 +2336,21 @@ void print_help(int mode) {
" to include the PORT= in the browser URL, simply supply\n" " to include the PORT= in the browser URL, simply supply\n"
" \"-httpsredir\" to x11vnc.\n" " \"-httpsredir\" to x11vnc.\n"
"\n" "\n"
" This options does not work in -stunnel mode.\n" " This option does not work in -stunnel mode.\n"
"\n"
" More tricks: set the env var X11VNC_EXTRA_HTTPS_PARAMS\n"
" to be extra URL parameters to use. This way you do\n"
" not need to specify extra PARAMS in the index.vnc file.\n"
" E.g. x11vnc -env X11VNC_EXTRA_HTTPS_PARAMS='?GET=1' ...\n"
"\n"
" If you do not want to expose the non-SSL HTTP port to\n"
" the network (i.e. you just want the single VNC/HTTPS\n"
" port, e.g. 5900, open for connections) then specify the\n"
" option -env X11VNC_HTTP_LISTEN_LOCALHOST=1 This way\n"
" the connection to the libvncserver httpd server will\n"
" only be available on localhost (note that in -ssl mode,\n"
" HTTPS requests are redirected from SSL to the non-SSL\n"
" libvncserver HTTP server.)\n"
"\n" "\n"
"-http_oneport For UN-encrypted connections mode (i.e. no -ssl,\n" "-http_oneport For UN-encrypted connections mode (i.e. no -ssl,\n"
" -stunnel, or -enc options), allow the Java VNC Viewer\n" " -stunnel, or -enc options), allow the Java VNC Viewer\n"
@ -2347,6 +2382,10 @@ void print_help(int mode) {
" mode when using an SSH tunnel as well as for router\n" " mode when using an SSH tunnel as well as for router\n"
" port redirections.\n" " port redirections.\n"
"\n" "\n"
" Note that the -env X11VNC_HTTP_LISTEN_LOCALHOST=1\n"
" option described above under -httpsredir applies for\n"
" the libvncserver httpd server in all cases (ssl or not.)\n"
"\n"
"-ssh user@host:disp Create a remote listening port on machine \"host\"\n" "-ssh user@host:disp Create a remote listening port on machine \"host\"\n"
" via a SSH tunnel using the -R rport:localhost:lport\n" " via a SSH tunnel using the -R rport:localhost:lport\n"
" method. lport will be the local x11vnc listening port,\n" " method. lport will be the local x11vnc listening port,\n"
@ -3179,6 +3218,12 @@ void print_help(int mode) {
" -buttonmap currently does not work on MacOSX console\n" " -buttonmap currently does not work on MacOSX console\n"
" or in -rawfb mode.\n" " or in -rawfb mode.\n"
"\n" "\n"
" Workaround: use -buttonmap IJ...-LM...=n to limit the\n"
" number of mouse buttons to n, e.g. 123-123=3. This will\n"
" prevent x11vnc from crashing if the X server reports\n"
" there are 5 buttons (4/5 scroll wheel), but there are\n"
" only really 3.\n"
"\n"
"-nodragging Do not update the display during mouse dragging events\n" "-nodragging Do not update the display during mouse dragging events\n"
" (mouse button held down). Greatly improves response on\n" " (mouse button held down). Greatly improves response on\n"
" slow setups, but you lose all visual feedback for drags,\n" " slow setups, but you lose all visual feedback for drags,\n"

18
x11vnc/remote.c
Unescape View File

@ -469,6 +469,20 @@ int check_httpdir(void) {
} }
} }
static void rfb_http_init_sockets(void) {
in_addr_t iface;
if (!screen) {
return;
}
iface = screen->listenInterface;
if (getenv("X11VNC_HTTP_LISTEN_LOCALHOST")) {
rfbLog("http_connections: HTTP listen on localhost only. (not HTTPS)\n");
screen->listenInterface = htonl(INADDR_LOOPBACK);
}
rfbHttpInitSockets(screen);
screen->listenInterface = iface;
}
void http_connections(int on) { void http_connections(int on) {
if (!screen) { if (!screen) {
return; return;
@ -492,7 +506,7 @@ void http_connections(int on) {
screen->httpInitDone = FALSE; screen->httpInitDone = FALSE;
if (check_httpdir()) { if (check_httpdir()) {
screen->httpDir = http_dir; screen->httpDir = http_dir;
rfbHttpInitSockets(screen); rfb_http_init_sockets();
if (screen->httpPort != 0 && screen->httpListenSock < 0) { if (screen->httpPort != 0 && screen->httpListenSock < 0) {
rfbLog("http_connections: failed to listen on http port: %d\n", screen->httpPort); rfbLog("http_connections: failed to listen on http port: %d\n", screen->httpPort);
clean_up_exit(1); clean_up_exit(1);
@ -526,7 +540,7 @@ static void reset_httpport(int old, int new) {
} }
rfbLog("reset_httpport: setting httpport %d -> %d.\n", rfbLog("reset_httpport: setting httpport %d -> %d.\n",
old == -1 ? hp : old, hp); old == -1 ? hp : old, hp);
rfbHttpInitSockets(screen); rfb_http_init_sockets();
if (screen->httpPort != 0 && screen->httpListenSock < 0) { if (screen->httpPort != 0 && screen->httpListenSock < 0) {
rfbLog("reset_httpport: failed to listen on http port: %d\n", screen->httpPort); rfbLog("reset_httpport: failed to listen on http port: %d\n", screen->httpPort);
} }

10
x11vnc/screen.c
Unescape View File

@ -3681,20 +3681,27 @@ static void announce_http(int lport, int ssl, char *iface, char *extra) {
char *host = this_host(); char *host = this_host();
char *jvu; char *jvu;
int http = 0;
if (enc_str && !strcmp(enc_str, "none") && !use_stunnel) { if (enc_str && !strcmp(enc_str, "none") && !use_stunnel) {
jvu = "Java viewer URL: http"; jvu = "Java viewer URL: http";
http = 1;
} else if (ssl == 1) { } else if (ssl == 1) {
jvu = "Java SSL viewer URL: https"; jvu = "Java SSL viewer URL: https";
} else if (ssl == 2) { } else if (ssl == 2) {
jvu = "Java SSL viewer URL: http"; jvu = "Java SSL viewer URL: http";
http = 1;
} else { } else {
jvu = "Java viewer URL: http"; jvu = "Java viewer URL: http";
http = 1;
} }
if (iface != NULL && *iface != '\0' && strcmp(iface, "any")) { if (iface != NULL && *iface != '\0' && strcmp(iface, "any")) {
host = iface; host = iface;
} }
if (http && getenv("X11VNC_HTTP_LISTEN_LOCALHOST")) {
host = "localhost";
}
if (host != NULL) { if (host != NULL) {
if (! inetd) { if (! inetd) {
fprintf(stderr, "%s://%s:%d/%s\n", jvu, host, lport, extra); fprintf(stderr, "%s://%s:%d/%s\n", jvu, host, lport, extra);
@ -3763,7 +3770,8 @@ void do_mention_java_urls(void) {
rfbLog("Where you replace \"host:port\" with that printed below, or\n"); rfbLog("Where you replace \"host:port\" with that printed below, or\n");
rfbLog("whatever is needed to reach the host e.g. Internet IP number\n"); rfbLog("whatever is needed to reach the host e.g. Internet IP number\n");
rfbLog("\n"); rfbLog("\n");
rfbLog("Append ?GET=1 to a URL for faster loading.\n"); rfbLog("Append ?GET=1 to a URL for faster loading or supply:\n");
rfbLog("-env X11VNC_EXTRA_HTTPS_PARAMS='?GET=1' to cmdline.\n");
} }
} }
rfbLog("\n"); rfbLog("\n");

22
x11vnc/sslhelper.c
Unescape View File

@ -3626,8 +3626,26 @@ void accept_openssl(int mode, int presock) {
* the rest of the SSL session to it: * the rest of the SSL session to it:
*/ */
if (n > 0) { if (n > 0) {
if (db) fprintf(stderr, "sending http buffer httpsock: %d\n'%s'\n", httpsock, buf); char *s = getenv("X11VNC_EXTRA_HTTPS_PARAMS");
write(httpsock, buf, n); int did_extra = 0;
if (db) fprintf(stderr, "sending http buffer httpsock: %d n=%d\n'%s'\n", httpsock, n, buf);
if (s != NULL) {
char *q = strstr(buf, " HTTP/");
if (q) {
int m;
*q = '\0';
m = strlen(buf);
write(httpsock, buf, m);
write(httpsock, s, strlen(s));
*q = ' ';
write(httpsock, q, n-m);
did_extra = 1;
}
}
if (!did_extra) {
write(httpsock, buf, n);
}
} }
ssl_xfer(httpsock, s_in, s_out, is_http); ssl_xfer(httpsock, s_in, s_out, is_http);
rfbLog("SSL: ssl_helper[%d]: exit case 6 (https ssl_xfer done)\n", getpid()); rfbLog("SSL: ssl_helper[%d]: exit case 6 (https ssl_xfer done)\n", getpid());

94
x11vnc/ssltools.h
Unescape View File

@ -1017,6 +1017,14 @@ char find_display[] =
" fi\n" " fi\n"
"}\n" "}\n"
"\n" "\n"
"am_root=\"\"\n"
"if id | sed -e 's/ gid.*$//' | grep -w root > /dev/null; then\n"
" am_root=1\n"
"fi\n"
"am_gdm=\"\"\n"
"if id | sed -e 's/ gid.*$//' | grep -w gdm > /dev/null; then\n"
" am_gdm=1\n"
"fi\n"
"\n" "\n"
"# this mode is to try to grab a display manager (gdm, kdm, xdm...) display\n" "# this mode is to try to grab a display manager (gdm, kdm, xdm...) display\n"
"# when we are run as root (e.g. no one is logged in yet). We look at the\n" "# when we are run as root (e.g. no one is logged in yet). We look at the\n"
@ -1037,42 +1045,72 @@ char find_display[] =
" #\n" " #\n"
" env XAUTHORITY=\"$xa\" xdpyinfo -display \"$da\" >/dev/null 2>&1\n" " env XAUTHORITY=\"$xa\" xdpyinfo -display \"$da\" >/dev/null 2>&1\n"
" if [ $? = 0 ]; then\n" " if [ $? = 0 ]; then\n"
" env XAUTHORITY=/dev/null xdpyinfo -display \"$da\" >/dev/null 2>&1\n" " si_root=\"\"\n"
" if [ $? != 0 ]; then\n" " si_gdm=\"\"\n"
" y=`prdpy $da`\n" " # recent gdm seems to use SI:localuser: for xauth.\n"
" echo \"DISPLAY=$y\"\n" " if env DISPLAY=\"$da\" xhost 2>/dev/null | grep -i '^SI:localuser:root$' > /dev/null; then\n"
" if [ \"X$showxauth\" != \"X\" ]; then\n" " si_root=1\n"
" # copy the cookie:\n" " fi\n"
" cook=`xauth -f \"$xa\" list | head -n 1 | awk '{print $NF}'`\n" " if env DISPLAY=\"$da\" xhost 2>/dev/null | grep -i '^SI:localuser:gdm$' > /dev/null; then\n"
" xtf=$HOME/.xat.$$\n" " si_gdm=1\n"
" xtf=`mytmp \"$xtf\"`\n" " fi\n"
" if [ ! -f $xtf ]; then\n" " env XAUTHORITY=/dev/null xdpyinfo -display \"$da\" >/dev/null 2>&1\n"
" xtf=/tmp/.xat.$$\n" " rc=$?\n"
" xtf=`mytmp \"$xtf\"`\n" " if [ \"X$rc\" = \"X0\" ]; then\n"
" # assume it is ok for server interpreted case.\n"
" if [ \"X$am_root\" = \"X1\" -a \"X$si_root\" = \"X1\" ]; then\n"
" rc=5\n"
" elif [ \"X$am_gdm\" = \"X1\" -a \"X$si_gdm\" = \"X1\" ]; then\n"
" rc=6\n"
" fi\n" " fi\n"
" if [ ! -f $xtf ]; then\n" " fi\n"
" xtf=/tmp/.xatb.$$\n" " if [ $rc != 0 ]; then\n"
" rm -f $xtf\n" " y=`prdpy $da`\n"
" if [ -f $xtf ]; then\n" " if [ \"X$FIND_DISPLAY_NO_SHOW_DISPLAY\" = \"X\" ]; then\n"
" exit 1\n" " echo \"DISPLAY=$y\"\n"
" fi\n"
" if [ \"X$FIND_DISPLAY_XAUTHORITY_PATH\" != \"X\" ]; then\n"
" # caller wants XAUTHORITY printed out too.\n"
" if [ \"X$xa\" != \"X\" -a -f \"$xa\" ]; then\n"
" echo \"XAUTHORITY=$xa\"\n"
" else\n"
" echo \"XAUTHORITY=$XAUTHORITY\"\n"
" fi\n"
" fi\n"
" if [ \"X$showxauth\" != \"X\" ]; then\n"
" # copy the cookie:\n"
" cook=`xauth -f \"$xa\" list | head -n 1 | awk '{print $NF}'`\n"
" xtf=$HOME/.xat.$$\n"
" xtf=`mytmp \"$xtf\"`\n"
" if [ ! -f $xtf ]; then\n"
" xtf=/tmp/.xat.$$\n"
" xtf=`mytmp \"$xtf\"`\n"
" fi\n" " fi\n"
" touch $xtf 2>/dev/null\n"
" chmod 600 $xtf 2>/dev/null\n"
" if [ ! -f $xtf ]; then\n" " if [ ! -f $xtf ]; then\n"
" exit 1\n" " xtf=/tmp/.xatb.$$\n"
" rm -f $xtf\n"
" if [ -f $xtf ]; then\n"
" exit 1\n"
" fi\n"
" touch $xtf 2>/dev/null\n"
" chmod 600 $xtf 2>/dev/null\n"
" if [ ! -f $xtf ]; then\n"
" exit 1\n"
" fi\n"
" fi\n" " fi\n"
" xauth -f $xtf add \"$da\" . $cook\n"
" xauth -f $xtf extract - \"$da\" 2>/dev/null\n"
" rm -f $xtf\n"
" fi\n" " fi\n"
" xauth -f $xtf add \"$da\" . $cook\n" " # DONE\n"
" xauth -f $xtf extract - \"$da\" 2>/dev/null\n" " exit 0\n"
" rm -f $xtf\n"
" fi\n" " fi\n"
" # DONE\n"
" exit 0\n"
" fi\n"
" fi\n" " fi\n"
" fi\n" " fi\n"
" done\n" " done\n"
" echo \"\" # failure\n" " if [ \"X$FIND_DISPLAY_XAUTHORITY_PATH\" = \"X\" ]; then\n"
" echo \"\" # failure\n"
" fi\n"
" if [ \"X$showxauth\" != \"X\" ]; then\n" " if [ \"X$showxauth\" != \"X\" ]; then\n"
" echo \"\"\n" " echo \"\"\n"
" fi\n" " fi\n"
@ -1106,7 +1144,7 @@ char find_display[] =
" for xa in /tmp/.gdm* /tmp/.Xauth* /var/run/gdm/auth-for-*/database /var/run/gdm/auth-cookie-*-for-*\n" " for xa in /tmp/.gdm* /tmp/.Xauth* /var/run/gdm/auth-for-*/database /var/run/gdm/auth-cookie-*-for-*\n"
" do\n" " do\n"
" # try to be somewhat careful about the real owner of the file:\n" " # try to be somewhat careful about the real owner of the file:\n"
" if id | sed -e 's/ gid.*$//' | grep -w root > /dev/null; then\n" " if [ \"X$am_root\" = \"X1\" ]; then\n"
" break\n" " break\n"
" fi\n" " fi\n"
" if [ -f $xa -a -r $xa ]; then\n" " if [ -f $xa -a -r $xa ]; then\n"

65
x11vnc/x11vnc.1
Unescape View File

@ -2,7 +2,7 @@
.TH X11VNC "1" "December 2009" "x11vnc " "User Commands" .TH X11VNC "1" "December 2009" "x11vnc " "User Commands"
.SH NAME .SH NAME
x11vnc - allow VNC connections to real X11 displays x11vnc - allow VNC connections to real X11 displays
version: 0.9.9, lastmod: 2009-12-04 version: 0.9.9, lastmod: 2009-12-06
.SH SYNOPSIS .SH SYNOPSIS
.B x11vnc .B x11vnc
[OPTION]... [OPTION]...
@ -80,6 +80,12 @@ man pages for more info.
Use '-auth guess' to have x11vnc use its \fB-findauth\fR Use '-auth guess' to have x11vnc use its \fB-findauth\fR
mechanism (described below) to try to guess the mechanism (described below) to try to guess the
XAUTHORITY filename and use it. XAUTHORITY filename and use it.
.IP
XDM/GDM/KDM: if you are running x11vnc as root and want
to find the XAUTHORITY before anyone has logged into an
X session yet, use: x11vnc \fB-env\fR FD_XDM=1 \fB-auth\fR guess ...
(This will also find the XAUTHORITY if a user is already
logged into the X session.)
.PP .PP
\fB-N\fR \fB-N\fR
.IP .IP
@ -110,7 +116,10 @@ reopen the X display (up to one time.) This is of use
for display managers like GDM (KillInitClients option) for display managers like GDM (KillInitClients option)
that kill x11vnc just after the user logs into the that kill x11vnc just after the user logs into the
X session. Note: the reopened state may be unstable. X session. Note: the reopened state may be unstable.
Set X11VNC_REOPEN_DISPLAY=n to reopen n times. Set X11VNC_REOPEN_DISPLAY=n to reopen n times and
set X11VNC_REOPEN_SLEEP_MAX to the number of seconds,
default 10, to keep trying to reopen the display (once
per second.)
.IP .IP
Update: as of 0.9.9, x11vnc tries to automatically avoid Update: as of 0.9.9, x11vnc tries to automatically avoid
being killed by the display manager by delaying creating being killed by the display manager by delaying creating
@ -1184,17 +1193,23 @@ have access rights to).
.PP .PP
\fB-findauth\fR \fI[disp]\fR \fB-findauth\fR \fI[disp]\fR
.IP .IP
Apply the \fB-find/-finddpy\fR heuristics to try to guess the Apply the \fB-find/-finddpy\fR heuristics to try to guess
XAUTHORITY file for DISPLAY 'disp'. If 'disp' is not the XAUTHORITY file for DISPLAY 'disp'. If 'disp'
supplied, then the value in the \fB-display\fR earlier in is not supplied, then the value in the \fB-display\fR on
the cmdline is used; failing that $DISPLAY is used; the cmdline is used; failing that $DISPLAY is used;
and failing that ":0" is used. and failing that ":0" is used.
.IP .IP
If nothing is printed out, that means no XAUTHORITY was If nothing is printed out, that means no XAUTHORITY was
found for 'disp'. If "XAUTHORITY=" is printed out, found for 'disp'; i.e. failure. If "XAUTHORITY="
that means use the default (i.e. do not set XAUTHORITY). is printed out, that means use the default (i.e. do
If "XAUTHORITY=/path/to/file" is printed out, then not set XAUTHORITY). If "XAUTHORITY=/path/to/file"
use that file. is printed out, then use that file.
.IP
XDM/GDM/KDM: if you are running x11vnc as root and want
to find the XAUTHORITY before anyone has logged into an
X session yet, use: x11vnc \fB-env\fR FD_XDM=1 \fB-findauth\fR ...
(This will also find the XAUTHORITY if a user is already
logged into the X session.)
.PP .PP
\fB-create\fR \fB-create\fR
.IP .IP
@ -1471,6 +1486,12 @@ www.karlrunge.com/x11vnc/faq.html#faq-display-manager
for how to disable this for dtgreet on Solaris and for how to disable this for dtgreet on Solaris and
possibly for other greeters. possibly for other greeters.
.IP .IP
In \fB-find/cmd=FINDDISPLAY\fR mode, if you set FD_XDM=1,
e.g. 'x11vnc \fB-env\fR FD_XDM=1 \fB-find\fR ...' and x11vnc is
running as root (e.g. inetd) then it will try to find
the XAUTHORITY file of a running XDM/GDM/KDM login
greeter (i.e. no user has logged into an X session yet.)
.IP
As another special case, WAIT:cmd=HTTPONCE will allow As another special case, WAIT:cmd=HTTPONCE will allow
x11vnc to service one http request and then exit. x11vnc to service one http request and then exit.
This is usually done in \fB-inetd\fR mode to run on, say, This is usually done in \fB-inetd\fR mode to run on, say,
@ -2540,7 +2561,21 @@ https://mygateway.com:8000/?PORT=8000. To avoid having
to include the PORT= in the browser URL, simply supply to include the PORT= in the browser URL, simply supply
"\fB-httpsredir\fR" to x11vnc. "\fB-httpsredir\fR" to x11vnc.
.IP .IP
This options does not work in \fB-stunnel\fR mode. This option does not work in \fB-stunnel\fR mode.
.IP
More tricks: set the env var X11VNC_EXTRA_HTTPS_PARAMS
to be extra URL parameters to use. This way you do
not need to specify extra PARAMS in the index.vnc file.
E.g. x11vnc \fB-env\fR X11VNC_EXTRA_HTTPS_PARAMS='?GET=1' ...
.IP
If you do not want to expose the non-SSL HTTP port to
the network (i.e. you just want the single VNC/HTTPS
port, e.g. 5900, open for connections) then specify the
option \fB-env\fR X11VNC_HTTP_LISTEN_LOCALHOST=1 This way
the connection to the libvncserver httpd server will
only be available on localhost (note that in \fB-ssl\fR mode,
HTTPS requests are redirected from SSL to the non-SSL
libvncserver HTTP server.)
.PP .PP
\fB-http_oneport\fR \fB-http_oneport\fR
.IP .IP
@ -2573,6 +2608,10 @@ it means only one port needs to be redirected.
The \fB-httpsredir\fR option may also be useful for this The \fB-httpsredir\fR option may also be useful for this
mode when using an SSH tunnel as well as for router mode when using an SSH tunnel as well as for router
port redirections. port redirections.
.IP
Note that the \fB-env\fR X11VNC_HTTP_LISTEN_LOCALHOST=1
option described above under \fB-httpsredir\fR applies for
the libvncserver httpd server in all cases (ssl or not.)
.PP .PP
\fB-ssh\fR \fIuser@host:disp\fR \fB-ssh\fR \fIuser@host:disp\fR
.IP .IP
@ -3605,6 +3644,12 @@ To include button events use "Button1", ... etc.
.IP .IP
\fB-buttonmap\fR currently does not work on MacOSX console \fB-buttonmap\fR currently does not work on MacOSX console
or in \fB-rawfb\fR mode. or in \fB-rawfb\fR mode.
.IP
Workaround: use \fB-buttonmap\fR IJ...-LM...=n to limit the
number of mouse buttons to n, e.g. 123-123=3. This will
prevent x11vnc from crashing if the X server reports
there are 5 buttons (4/5 scroll wheel), but there are
only really 3.
.PP .PP
\fB-nodragging\fR \fB-nodragging\fR
.IP .IP

50
x11vnc/x11vnc.c
Unescape View File

@ -2013,6 +2013,7 @@ int main(int argc, char* argv[]) {
int got_tls = 0; int got_tls = 0;
int got_inetd = 0; int got_inetd = 0;
int got_noxrandr = 0; int got_noxrandr = 0;
int got_findauth = 0;
/* used to pass args we do not know about to rfbGetScreen(): */ /* used to pass args we do not know about to rfbGetScreen(): */
int argc_vnc_max = 1024; int argc_vnc_max = 1024;
@ -2180,24 +2181,14 @@ int main(int argc, char* argv[]) {
continue; continue;
} }
if (!strcmp(arg, "-findauth")) { if (!strcmp(arg, "-findauth")) {
int ic = 0; got_findauth = 1;
if (use_dpy != NULL) {
set_env("DISPLAY", use_dpy);
}
use_dpy = strdup("WAIT:cmd=FINDDISPLAY-run");
if (argc > i+1) { if (argc > i+1) {
set_env("X11VNC_SKIP_DISPLAY", argv[i+1]); char *s = argv[i+1];
} else if (getenv("DISPLAY")) { if (s[0] != '-') {
set_env("X11VNC_SKIP_DISPLAY", getenv("DISPLAY")); set_env("FINDAUTH_DISPLAY", argv[i+1]);
} else { i++;
set_env("X11VNC_SKIP_DISPLAY", ":0"); }
} }
set_env("X11VNC_SKIP_DISPLAY_NEGATE", "1");
set_env("FIND_DISPLAY_XAUTHORITY_PATH", "1");
set_env("FIND_DISPLAY_NO_SHOW_XAUTH", "1");
set_env("FIND_DISPLAY_NO_SHOW_DISPLAY", "1");
wait_for_client(&ic, NULL, 0);
exit(0);
continue; continue;
} }
if (!strcmp(arg, "-create")) { if (!strcmp(arg, "-create")) {
@ -4030,6 +4021,33 @@ int main(int argc, char* argv[]) {
set_env("PATH", "/bin:/usr/bin"); set_env("PATH", "/bin:/usr/bin");
} }
/* handle -findauth case now that cmdline has been read */
if (got_findauth) {
char *s;
int ic = 0;
if (use_dpy != NULL) {
set_env("DISPLAY", use_dpy);
}
use_dpy = strdup("WAIT:cmd=FINDDISPLAY-run");
s = getenv("FINDAUTH_DISPLAY");
if (s && strcmp("", s)) {
set_env("DISPLAY", s);
}
s = getenv("DISPLAY");
if (s && strcmp("", s)) {
set_env("X11VNC_SKIP_DISPLAY", s);
} else {
set_env("X11VNC_SKIP_DISPLAY", ":0");
}
set_env("X11VNC_SKIP_DISPLAY_NEGATE", "1");
set_env("FIND_DISPLAY_XAUTHORITY_PATH", "1");
set_env("FIND_DISPLAY_NO_SHOW_XAUTH", "1");
set_env("FIND_DISPLAY_NO_SHOW_DISPLAY", "1");
wait_for_client(&ic, NULL, 0);
exit(0);
}
/* set OS struct UT */ /* set OS struct UT */
uname(&UT); uname(&UT);

2
x11vnc/x11vnc_defs.c
Unescape View File

@ -47,7 +47,7 @@ int xtrap_base_event_type = 0;
int xdamage_base_event_type = 0; int xdamage_base_event_type = 0;
/* date +'lastmod: %Y-%m-%d' */ /* date +'lastmod: %Y-%m-%d' */
char lastmod[] = "0.9.9 lastmod: 2009-12-04"; char lastmod[] = "0.9.9 lastmod: 2009-12-06";
/* X display info */ /* X display info */

Write Preview
Loading…
Cancel
Save