From be2b77f2f28cf195e2dfe3556b05b06d7d440f05 Mon Sep 17 00:00:00 2001 From: runge Date: Fri, 15 Sep 2006 15:26:40 +0000 Subject: [PATCH] x11vnc: clear DISPLAY for -unixpw su_verify, user supplied sig ignore. --- libvncserver/rfbserver.c | 4 +- x11vnc/ChangeLog | 5 +++ x11vnc/README | 52 ++++++++++++++++-------- x11vnc/cleanup.c | 87 ++++++++++++++++++++++++++++++++++++++++ x11vnc/help.c | 46 ++++++++++++++------- x11vnc/screen.c | 3 +- x11vnc/unixpw.c | 10 +++++ x11vnc/x11vnc.1 | 49 ++++++++++++++-------- x11vnc/x11vnc_defs.c | 2 +- 9 files changed, 207 insertions(+), 51 deletions(-) diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c index ae4877b..eebbd47 100644 --- a/libvncserver/rfbserver.c +++ b/libvncserver/rfbserver.c @@ -2971,9 +2971,9 @@ rfbSendNewFBSize(rfbClientPtr cl, } if (cl->PalmVNC==TRUE) - rfbLog("Sending a rfbEncodingNewFBSize in response to a PalmVNC style frameuffer resize request (%dx%d)\n", w, h); + rfbLog("Sending rfbEncodingNewFBSize in response to a PalmVNC style framebuffer resize (%dx%d)\n", w, h); else - rfbLog("Sending a rfbEncodingNewFBSize in response to a UltraVNC style frameuffer resize request (%dx%d)\n", w, h); + rfbLog("Sending rfbEncodingNewFBSize for resize to (%dx%d)\n", w, h); rect.encoding = Swap32IfLE(rfbEncodingNewFBSize); rect.r.x = 0; diff --git a/x11vnc/ChangeLog b/x11vnc/ChangeLog index 690ba0b..43bd5b8 100644 --- a/x11vnc/ChangeLog +++ b/x11vnc/ChangeLog @@ -1,3 +1,8 @@ +2006-09-15 Karl Runge + * x11vnc: allow user set signals to ignore, clear DISPLAY in + -unixpw su_verify. -rawfb none same as null. + * rfbserver.c: shorten rfbEncodingNewFBSize message. + 2006-09-13 Karl Runge * x11vnc: document 'ssh -t' improved keyboard response. add extra rfbPE() around keystrokes. diff --git a/x11vnc/README b/x11vnc/README index 2fa8ddb..94ca1b7 100644 --- a/x11vnc/README +++ b/x11vnc/README @@ -1,5 +1,5 @@ -x11vnc README file Date: Wed Sep 13 21:30:41 EDT 2006 +x11vnc README file Date: Fri Sep 15 11:12:28 EDT 2006 The following information is taken from these URLs: @@ -8061,7 +8061,7 @@ x11vnc: a VNC server for real X displays Here are all of x11vnc command line options: % x11vnc -opts (see below for -help long descriptions) -x11vnc: allow VNC connections to real X11 displays. 0.8.3 lastmod: 2006-09-13 +x11vnc: allow VNC connections to real X11 displays. 0.8.3 lastmod: 2006-09-15 x11vnc options: -display disp -auth file -id windowid @@ -8160,7 +8160,7 @@ libvncserver-tight-extension options: % x11vnc -help -x11vnc: allow VNC connections to real X11 displays. 0.8.3 lastmod: 2006-09-13 +x11vnc: allow VNC connections to real X11 displays. 0.8.3 lastmod: 2006-09-15 (type "x11vnc -opts" to just list the options.) @@ -8713,20 +8713,31 @@ Options: -unixpw_nis [list] As -unixpw above, however do not use su(1) but rather use the traditional getpwnam(3) + crypt(3) method to - verify passwords instead. This requires that the - encrypted passwords be readable. Passwords stored - in /etc/shadow will be inaccessible unless x11vnc - is run as root. + verify passwords. All of the above -unixpw options and + contraints apply. + + This mode requires that the encrypted passwords be + readable. Encrypted passwords stored in /etc/shadow + will be inaccessible unless x11vnc is run as root. This is called "NIS" mode simply because in most - NIS setups the user encrypted passwords are accessible - (e.g. "ypcat passwd"). NIS is not required for this - mode to work (only that getpwnam(3) return the encrypted - password is required), but it is unlikely it will work - for any other modern environment unless x11vnc is run - as root (which, btw, is often done when running x11vnc - from inetd and xdm/gdm/kdm). All of the -unixpw options - and contraints apply. + NIS setups user encrypted passwords are accessible + (e.g. "ypcat passwd") by an ordinary user and so that + user can authenticate ANY user. + + NIS is not required for this mode to work (only that + getpwnam(3) return the encrypted password is required), + but it is unlikely it will work for any most modern + environments unless x11vnc is run as root to be able + to access /etc/shadow (note running as root is often + done when running x11vnc from inetd and xdm/gdm/kdm). + + Looked at another way, if you do not want to use the + su(1) method provided by -unixpw, you can run x11vnc + as root and use -unixpw_nis. Any users with passwords + in /etc/shadow can then be authenticated. You may want + to use -users unixpw= to switch the process user after + the user logs in. -display_WAIT :... A special usage mode for the normal -display option. Useful with -unixpw, but can be used independently @@ -10500,8 +10511,15 @@ Options: "ignore" or "exit". For "ignore" libvncserver will handle the abrupt loss of a client and continue, for "exit" x11vnc will cleanup and exit at the 1st - broken connection. Default: "ignore". This option - is obsolete. + broken connection. + + This option is not really needed since libvncserver + is doing the correct thing now for quite some time. + However, for convenience you can use it to ignore other + signals, e.g. "-sigpipe ignore:HUP,INT,TERM" in case + that would be useful for some sort of application. + You can also put "exit:.." in there. + -threads Whether or not to use the threaded libvncserver -nothreads algorithm [rfbRunEventLoop] if libpthread is available Default: -nothreads diff --git a/x11vnc/cleanup.c b/x11vnc/cleanup.c index c6992fb..38edec3 100644 --- a/x11vnc/cleanup.c +++ b/x11vnc/cleanup.c @@ -405,6 +405,83 @@ static void interrupted (int sig) { } } +static void ignore_sigs(char *list) { + char *str, *p; + int ignore = 1; + if (list == NULL || *list == '\0') { + return; + } + str = strdup(list); + p = strtok(str, ":,"); + +#define SETSIG(x, y) \ + if (strstr(p, x)) { \ + if (ignore) { \ + signal(y, SIG_IGN); \ + } else { \ + signal(y, interrupted); \ + } \ + } + +#ifdef SIG_IGN + while (p) { + if (!strcmp(p, "ignore")) { + ignore = 1; + } else if (!strcmp(p, "exit")) { + ignore = 0; + } + /* Take off every 'sig' ;-) */ +#ifdef SIGHUP + SETSIG("HUP", SIGHUP); +#endif +#ifdef SIGINT + SETSIG("INT", SIGINT); +#endif +#ifdef SIGQUIT + SETSIG("QUIT", SIGQUIT); +#endif +#ifdef SIGTRAP + SETSIG("TRAP", SIGTRAP); +#endif +#ifdef SIGABRT + SETSIG("ABRT", SIGABRT); +#endif +#ifdef SIGBUS + SETSIG("BUS", SIGBUS); +#endif +#ifdef SIGFPE + SETSIG("FPE", SIGFPE); +#endif +#ifdef SIGSEGV + SETSIG("SEGV", SIGSEGV); +#endif +#ifdef SIGPIPE + SETSIG("PIPE", SIGPIPE); +#endif +#ifdef SIGTERM + SETSIG("TERM", SIGTERM); +#endif +#ifdef SIGUSR1 + SETSIG("USR1", SIGUSR1); +#endif +#ifdef SIGUSR2 + SETSIG("USR2", SIGUSR2); +#endif +#ifdef SIGCONT + SETSIG("CONT", SIGCONT); +#endif +#ifdef SIGSTOP + SETSIG("STOP", SIGSTOP); +#endif +#ifdef SIGTSTP + SETSIG("TSTP", SIGTSTP); +#endif + p = strtok(NULL, ":,"); + } +#endif /* SIG_IGN */ + free(str); +} + /* signal handlers */ void initialize_signals(void) { signal(SIGHUP, interrupted); @@ -418,6 +495,10 @@ void initialize_signals(void) { if (!sigpipe || *sigpipe == '\0' || !strcmp(sigpipe, "skip")) { ; + } else if (strstr(sigpipe, "ignore:") == sigpipe) { + ignore_sigs(sigpipe); + } else if (strstr(sigpipe, "exit:") == sigpipe) { + ignore_sigs(sigpipe); } else if (!strcmp(sigpipe, "ignore")) { #ifdef SIG_IGN signal(SIGPIPE, SIG_IGN); @@ -454,6 +535,12 @@ int known_sigpipe_mode(char *s) { /* * skip, ignore, exit */ + if (strstr(s, "ignore:") == s) { + return 1; + } + if (strstr(s, "exit:") == s) { + return 1; + } if (strcmp(s, "skip") && strcmp(s, "ignore") && strcmp(s, "exit")) { return 0; diff --git a/x11vnc/help.c b/x11vnc/help.c index 63cbafb..5f8aa10 100644 --- a/x11vnc/help.c +++ b/x11vnc/help.c @@ -574,20 +574,31 @@ void print_help(int mode) { "\n" "-unixpw_nis [list] As -unixpw above, however do not use su(1) but rather\n" " use the traditional getpwnam(3) + crypt(3) method to\n" -" verify passwords instead. This requires that the\n" -" encrypted passwords be readable. Passwords stored\n" -" in /etc/shadow will be inaccessible unless x11vnc\n" -" is run as root.\n" +" verify passwords. All of the above -unixpw options and\n" +" contraints apply.\n" +"\n" +" This mode requires that the encrypted passwords be\n" +" readable. Encrypted passwords stored in /etc/shadow\n" +" will be inaccessible unless x11vnc is run as root.\n" "\n" " This is called \"NIS\" mode simply because in most\n" -" NIS setups the user encrypted passwords are accessible\n" -" (e.g. \"ypcat passwd\"). NIS is not required for this\n" -" mode to work (only that getpwnam(3) return the encrypted\n" -" password is required), but it is unlikely it will work\n" -" for any other modern environment unless x11vnc is run\n" -" as root (which, btw, is often done when running x11vnc\n" -" from inetd and xdm/gdm/kdm). All of the -unixpw options\n" -" and contraints apply.\n" +" NIS setups user encrypted passwords are accessible\n" +" (e.g. \"ypcat passwd\") by an ordinary user and so that\n" +" user can authenticate ANY user.\n" +"\n" +" NIS is not required for this mode to work (only that\n" +" getpwnam(3) return the encrypted password is required),\n" +" but it is unlikely it will work for any most modern\n" +" environments unless x11vnc is run as root to be able\n" +" to access /etc/shadow (note running as root is often\n" +" done when running x11vnc from inetd and xdm/gdm/kdm).\n" +"\n" +" Looked at another way, if you do not want to use the\n" +" su(1) method provided by -unixpw, you can run x11vnc\n" +" as root and use -unixpw_nis. Any users with passwords\n" +" in /etc/shadow can then be authenticated. You may want\n" +" to use -users unixpw= to switch the process user after\n" +" the user logs in.\n" "\n" #endif "-display WAIT:... A special usage mode for the normal -display option.\n" @@ -2374,8 +2385,15 @@ void print_help(int mode) { " \"ignore\" or \"exit\". For \"ignore\" libvncserver\n" " will handle the abrupt loss of a client and continue,\n" " for \"exit\" x11vnc will cleanup and exit at the 1st\n" -" broken connection. Default: \"ignore\". This option\n" -" is obsolete.\n" +" broken connection.\n" +"\n" +" This option is not really needed since libvncserver\n" +" is doing the correct thing now for quite some time.\n" +" However, for convenience you can use it to ignore other\n" +" signals, e.g. \"-sigpipe ignore:HUP,INT,TERM\" in case\n" +" that would be useful for some sort of application.\n" +" You can also put \"exit:..\" in there.\n" +"\n" "-threads Whether or not to use the threaded libvncserver\n" "-nothreads algorithm [rfbRunEventLoop] if libpthread is available\n" " Default: %s\n" diff --git a/x11vnc/screen.c b/x11vnc/screen.c index 5b58375..fd3ce33 100644 --- a/x11vnc/screen.c +++ b/x11vnc/screen.c @@ -880,7 +880,8 @@ if (db) fprintf(stderr, "initialize_raw_fb reset\n"); if (! raw_fb_str) { return NULL; } - if (!strcasecmp(raw_fb_str, "NULL") || !strcasecmp(raw_fb_str, "ZERO")) { + if (!strcasecmp(raw_fb_str, "NULL") || !strcasecmp(raw_fb_str, "ZERO") + || !strcasecmp(raw_fb_str, "NONE")) { raw_fb_str = strdup("map:/dev/zero@640x480x32"); } if (!strcasecmp(raw_fb_str, "RAND")) { diff --git a/x11vnc/unixpw.c b/x11vnc/unixpw.c index b482fc0..9804fe9 100644 --- a/x11vnc/unixpw.c +++ b/x11vnc/unixpw.c @@ -584,6 +584,11 @@ if (db) fprintf(stderr, "slave is: %s fd=%d\n", slave, fd); try_to_be_nobody(); #if LIBVNCSERVER_HAVE_GETUID + if (0 && db > 1) { + /* does not work, writes to pty... */ + fprintf(stderr, "getuid=%d geteuid=%d\n", + getuid(), geteuid()); + } if (getuid() == 0 || geteuid() == 0) { exit(1); } @@ -594,6 +599,11 @@ if (db) fprintf(stderr, "slave is: %s fd=%d\n", slave, fd); set_env("LC_ALL", "C"); set_env("LANG", "C"); set_env("SHELL", "/bin/sh"); + if (!cmd && getenv("DISPLAY")) { + /* this will cause timeout problems with pam_xauth */ + char *s = getenv("DISPLAY"); + if (s) *(s-2) = '_'; + } /* synchronize with parent: */ write(2, "C", 1); diff --git a/x11vnc/x11vnc.1 b/x11vnc/x11vnc.1 index e3deed8..0aaaf9e 100644 --- a/x11vnc/x11vnc.1 +++ b/x11vnc/x11vnc.1 @@ -2,7 +2,7 @@ .TH X11VNC "1" "September 2006" "x11vnc " "User Commands" .SH NAME x11vnc - allow VNC connections to real X11 displays - version: 0.8.3, lastmod: 2006-09-13 + version: 0.8.3, lastmod: 2006-09-15 .SH SYNOPSIS .B x11vnc [OPTION]... @@ -692,22 +692,33 @@ use the traditional + .IR crypt (3) method to -verify passwords instead. This requires that the -encrypted passwords be readable. Passwords stored -in /etc/shadow will be inaccessible unless x11vnc -is run as root. +verify passwords. All of the above \fB-unixpw\fR options and +contraints apply. +.IP +This mode requires that the encrypted passwords be +readable. Encrypted passwords stored in /etc/shadow +will be inaccessible unless x11vnc is run as root. .IP This is called "NIS" mode simply because in most -NIS setups the user encrypted passwords are accessible -(e.g. "ypcat passwd"). NIS is not required for this -mode to work (only that +NIS setups user encrypted passwords are accessible +(e.g. "ypcat passwd") by an ordinary user and so that +user can authenticate ANY user. +.IP +NIS is not required for this mode to work (only that .IR getpwnam (3) -return the encrypted -password is required), but it is unlikely it will work -for any other modern environment unless x11vnc is run -as root (which, btw, is often done when running x11vnc -from inetd and xdm/gdm/kdm). All of the \fB-unixpw\fR options -and contraints apply. +return the encrypted password is required), +but it is unlikely it will work for any most modern +environments unless x11vnc is run as root to be able +to access /etc/shadow (note running as root is often +done when running x11vnc from inetd and xdm/gdm/kdm). +.IP +Looked at another way, if you do not want to use the +.IR su (1) +method provided by \fB-unixpw,\fR you can run x11vnc +as root and use \fB-unixpw_nis.\fR Any users with passwords +in /etc/shadow can then be authenticated. You may want +to use \fB-users\fR unixpw= to switch the process user after +the user logs in. .PP \fB-display\fR \fIWAIT:...\fR .IP @@ -2801,8 +2812,14 @@ Broken pipe (SIGPIPE) handling. \fIstring\fR can be "ignore" or "exit". For "ignore" libvncserver will handle the abrupt loss of a client and continue, for "exit" x11vnc will cleanup and exit at the 1st -broken connection. Default: "ignore". This option -is obsolete. +broken connection. +.IP +This option is not really needed since libvncserver +is doing the correct thing now for quite some time. +However, for convenience you can use it to ignore other +signals, e.g. "\fB-sigpipe\fR \fIignore:HUP,INT,TERM\fR" in case +that would be useful for some sort of application. +You can also put "exit:.." in there. .PP \fB-threads,\fR \fB-nothreads\fR .IP diff --git a/x11vnc/x11vnc_defs.c b/x11vnc/x11vnc_defs.c index 16c5e53..170c981 100644 --- a/x11vnc/x11vnc_defs.c +++ b/x11vnc/x11vnc_defs.c @@ -15,7 +15,7 @@ int xtrap_base_event_type = 0; int xdamage_base_event_type = 0; /* date +'lastmod: %Y-%m-%d' */ -char lastmod[] = "0.8.3 lastmod: 2006-09-13"; +char lastmod[] = "0.8.3 lastmod: 2006-09-15"; /* X display info */