diff options
| author | runge <runge> | 2009-01-12 01:56:14 +0000 |
|---|---|---|
| committer | runge <runge> | 2009-01-12 01:56:14 +0000 |
| commit | a774823bdfbef51654c3e7292feab817262a556e (patch) | |
| tree | e5c60a42f8363db0392ef7272f8472e94e5fef94 /classes/ssl | |
| parent | 8d55891ded08ca706ed9e99cbde8761f1159e9a1 (diff) | |
| download | libvncserver-a774823bdfbef51654c3e7292feab817262a556e.zip libvncserver-a774823bdfbef51654c3e7292feab817262a556e.tar.gz | |
classes/ssl: Add configurable Ultra java applet Filexfer Drives
drop down (e.g. ftpDropDown=Home.Desktop.bin). Document all
applet parameters in classes/ssl/README.
Diffstat (limited to 'classes/ssl')
| -rw-r--r-- | classes/ssl/README | 189 | ||||
| -rw-r--r-- | classes/ssl/SignedUltraViewerSSL.jar | bin | 103294 -> 103546 bytes | |||
| -rw-r--r-- | classes/ssl/SignedVncViewer.jar | bin | 79618 -> 79620 bytes | |||
| -rw-r--r-- | classes/ssl/UltraViewerSSL.jar | bin | 100413 -> 100667 bytes | |||
| -rw-r--r-- | classes/ssl/VncViewer.jar | bin | 76830 -> 76830 bytes | |||
| -rwxr-xr-x | classes/ssl/ss_vncviewer | 576 | ||||
| -rw-r--r-- | classes/ssl/ultravnc-102-JavaViewer-ssl-etc.patch | 176 |
7 files changed, 687 insertions, 254 deletions
diff --git a/classes/ssl/README b/classes/ssl/README index 1b794e4..0e3694b 100644 --- a/classes/ssl/README +++ b/classes/ssl/README @@ -84,3 +84,192 @@ SignedUltraViewerSSL.jar ultra.vnc ultraproxy.vnc ultravnc-102-JavaViewer-ssl-etc.patch + +--------------------------------------------------------------- +Applet Parameters: + +Some additional applet parameters can be set via the URL, e.g. + + http://host:5800/?param=value + http://host:5800/ultra.vnc?param=value + https://host:5900/ultra.vnc?param=value + +etc. If running java from command line as show above, it comes +in as java ... VncViewer param value ... + +There is a limitation with libvncserver that param and value can +only be alphanumeric, underscore, "+" (for space), or "." + +We have added some applet parameters to the stock VNC java +viewers. Here are the applet parameters: + +Both TightVNC and UltraVNC Java viewers: + + HOST + string, default: none. + The Hostname to connect to. + + PORT + number, default: 0 + The VNC server port to connect to. + + Open New Window + yes/no, default: no + Run applet in separate frame. + + Show Controls + yes/no, default: yes + Show Controls button panel. + + Show Offline Desktop + yes/no, default: no + Do we continue showing desktop on remote disconnect? + + Defer screen updates + number, default: 20 + Milliseconds delay + + Defer cursor updates + number, default: 10 + Milliseconds delay + + Defer update requests + number, default: 50 + Milliseconds delay + + + The following are added by x11vnc and/or ssvnc project + + VNCSERVERPORT + number, default: 0 + Like PORT, but if there is a firewall this is the Actual VNC + server port. PORT might be a redir port on the firewall. + + DisableSSL + yes/no, default: no + Do unencrypted connection, no SSL. + + httpsPort + number, default: none + When checking for proxy, use this at the url port number. + + CONNECT + string, default: none + Sets to host:port for the CONNECT line to a Web proxy. + The Web proxy should connect us to it. + + GET + yes/no, default: no + Set to do a special HTTP GET (/request.https.vnc.connection) + to the vnc server that will cause it to switch to VNC instead. + This is to speedup/make more robust, the single port HTTPS and VNC + mode of x11vnc (e.g. both services thru port 5900, etc) + + urlPrefix + string, default: none + set to a string that will be prefixed to all URL's when contacting + the VNC server. Idea is a special proxy will use this to indicate + internal hostname, etc. + + oneTimeKey + string, default: none + set a special hex "key" to correspond to an SSL X.509 cert. + See the 'onetimekey' helper script. Can also be PROMPT to + prompt the user to paste the hex key string in. + + This is to try to work around the problem that the Java + applet cannot keep an SSL keystore on disk, etc. + E.g. if they log into an HTTPS website via password they + are authenticated and encrypted, then the website can + safely put oneTimeKey=... on the URL. The Vncviewer + authenticates the VNC server with this key. + + forceProxy + yes/no, default: no + Assume there is a proxy. + + ignoreProxy + yes/no, default: no + Don't check for a proxy, assume there is none. + + trustAllVncCerts + yes/no, default: no + Automatically trust any cert received from the VNC server + (obviously this could be dangerous and lead to man in the + middle attack). Do not ask the user to verify any of these + certs from the VNC server. + + trustUrlVncCert + yes/no, default: no + Automatically trust any cert that the web browsers has accepted. + E.g. the user said "Yes" or "Continue" to a web browser dialog + regarding a certificate. If we get the same cert from the VNC + server we trust it without prompting the user. + +TightVNC Java viewer only: + + Offer Relogin + yes/no, default: yes + "Offer Relogin" set to "No" disables "Login again" + + SocketFactory + string, default: none + set Java Socket class factory. + +UltraVNC Java viewer only: + + PASSWORD + string, default: none + VNC session password in plain text. + + ENCPASSWORD + string, default: none + VNC session password in encrypted in DES with KNOWN FIXED + key. It is a hex string. This is like the ~/.vnc/passwd format. + + The following are added by x11vnc and/or ssvnc project + + ftpDropDown + string, default: none + Sets the file transfer "drives" dropdown to the "." separated + list. Use "+" for space. The default is + + My+Documents.Desktop.Home + + for 3 entries in the dropdown in addition to the "drives" + (e.g. C:\) These items should be expanded properly by the VNC + Server. x11vnc will prepend $HOME to them, which is normally + what one wants. To include a "/" use "_2F_". Another example: + + Home.Desktop.bin_2F_linux + + ftpOnly + yes/no, default: no + The VNC viewer only shows the filetransfer panel, no desktop + is displayed. + + graftFtp + yes/no, default: no + As ftpOnly, the VNC viewer only shows the filetransfer panel, + no desktop is displayed, however it is "grafted" onto an existing + SSVNC unix vncviewer. The special SSVNC vncviewer merges the two + channels. + + dsmActive + yes/no, default: no + Special usage mode with the SSVNC unix vncviewer. The UltraVNC + DSM encryption is active. Foolishly, UltraVNC DSM encryption + *MODIFIES* the VNC protocol when active (it is not a pure tunnel). + This option indicates to modify the VNC protocol to make this work. + Usually only used with graftFtp and SSVNC unix vncviewer. + + delayAuthPanel + yes/no, default: no + This is another special usage mode with the SSVNC unix vncviewer. + A login panel is delayed (not shown at startup.) Could be useful + for non SSVNC usage too. + + ignoreMSLogonCheck + yes/no, default: no + Similar to delayAuthPanel, do not put up a popup asking for + Windows username, etc. diff --git a/classes/ssl/SignedUltraViewerSSL.jar b/classes/ssl/SignedUltraViewerSSL.jar Binary files differindex 8e4896c..38c841f 100644 --- a/classes/ssl/SignedUltraViewerSSL.jar +++ b/classes/ssl/SignedUltraViewerSSL.jar diff --git a/classes/ssl/SignedVncViewer.jar b/classes/ssl/SignedVncViewer.jar Binary files differindex b44fa04..903b00d 100644 --- a/classes/ssl/SignedVncViewer.jar +++ b/classes/ssl/SignedVncViewer.jar diff --git a/classes/ssl/UltraViewerSSL.jar b/classes/ssl/UltraViewerSSL.jar Binary files differindex 24faa92..123d50f 100644 --- a/classes/ssl/UltraViewerSSL.jar +++ b/classes/ssl/UltraViewerSSL.jar diff --git a/classes/ssl/VncViewer.jar b/classes/ssl/VncViewer.jar Binary files differindex 34ffcbc..c152d5a 100644 --- a/classes/ssl/VncViewer.jar +++ b/classes/ssl/VncViewer.jar diff --git a/classes/ssl/ss_vncviewer b/classes/ssl/ss_vncviewer index 12fe6b2..2231108 100755 --- a/classes/ssl/ss_vncviewer +++ b/classes/ssl/ss_vncviewer @@ -23,6 +23,7 @@ # # -verify /path/to/cacert.pem # -mycert /path/to/mycert.pem +# -crl /path/to/my_crl.pem (or directory) # -proxy host:port # # -verify specifies a CA cert PEM file (or a self-signed one) for @@ -125,13 +126,31 @@ fi PATH=$PATH:/usr/sbin:/usr/local/sbin:/dist/sbin; export PATH -# work out which stunnel t use (debian installs as stunnel4) +localhost="localhost" +if uname | grep Darwin >/dev/null; then + localhost="127.0.0.1" +fi + +# work out which stunnel to use (debian installs as stunnel4) if [ "X$STUNNEL" = "X" ]; then - type stunnel4 > /dev/null 2>&1 - if [ $? = 0 ]; then - STUNNEL=stunnel4 - else - STUNNEL=stunnel + check_stunnel=1 + if [ "X$SSVNC_BASEDIRNAME" != "X" ]; then + if [ -x "$SSVNC_BASEDIRNAME/stunnel" ]; then + type stunnel > /dev/null 2>&1 + if [ $? = 0 ]; then + # found ours + STUNNEL=stunnel + check_stunnel=0 + fi + fi + fi + if [ "X$check_stunnel" = "X1" ]; then + type stunnel4 > /dev/null 2>&1 + if [ $? = 0 ]; then + STUNNEL=stunnel4 + else + STUNNEL=stunnel + fi fi fi @@ -164,6 +183,11 @@ reverse="" ciphers="" anondh="ALL:RC4+RSA:+SSLv2:@STRENGTH" +anondh_set="" +stunnel_debug="6" +if [ "X$SS_DEBUG" != "X" -o "X$SSVNC_VENCRYPT_DEBUG" != "X" -o "X$SSVNC_STUNNEL_DEBUG" != "X" ]; then + stunnel_debug="7" +fi if [ "X$1" = "X-viewerflavor" ]; then # special case, try to guess which viewer: @@ -193,16 +217,9 @@ if [ "X$1" = "X-viewerflavor" ]; then fi exit 0 fi - -# maxconn is something we added to stunnel, this disables it: -if [ "X$SS_VNCVIEWER_NO_MAXCONN" != "X" ]; then - STUNNEL_EXTRA_OPTS=`echo "$STUNNEL_EXTRA_OPTS" | sed -e 's/maxconn/#maxconn/'` -elif echo "$VNCVIEWERCMD" | egrep -i '^(xmessage|sleep )' > /dev/null; then - STUNNEL_EXTRA_OPTS=`echo "$STUNNEL_EXTRA_OPTS" | sed -e 's/maxconn/#maxconn/'` -else - STUNNEL_ONCE=1; export STUNNEL_ONCE - STUNNEL_MAX_CLIENTS=1; export STUNNEL_MAX_CLIENTS - STUNNEL_NO_SYSLOG=1; export STUNNEL_NO_SYSLOG +if [ "X$1" = "X-viewerhelp" ]; then + $VNCVIEWERCMD -h 2>&1 + exit 0 fi # grab our cmdline options: @@ -213,6 +230,8 @@ do ;; "-mycert") shift; mycert="$1" ;; + "-crl") shift; crl="$1" + ;; "-proxy") shift; proxy="$1" ;; "-ssh") use_ssh=1 @@ -225,6 +244,7 @@ do "-sshargs") shift; ssh_args="$1" ;; "-anondh") ciphers="ciphers=$anondh" + anondh_set=1 ;; "-ciphers") shift; ciphers="ciphers=$1" ;; @@ -246,6 +266,8 @@ do ;; "-scale") shift; SSVNC_SCALE="$1"; export SSVNC_SCALE ;; + "-onelisten") SSVNC_LISTEN_ONCE=1; export SSVNC_LISTEN_ONCE + ;; "-escape") shift; VNCVIEWER_ESCAPE="$1"; export VNCVIEWER_ESCAPE ;; "-ssvnc_encodings") shift; VNCVIEWER_ENCODINGS="$1"; export VNCVIEWER_ENCODINGS @@ -268,7 +290,28 @@ do shift done -# this is the -t ssh option (gives better keyboard responsd thru SSH tunnel) +# maxconn is something we added to stunnel, this disables it: +if [ "X$SS_VNCVIEWER_NO_MAXCONN" != "X" ]; then + STUNNEL_EXTRA_OPTS=`echo "$STUNNEL_EXTRA_OPTS" | sed -e 's/maxconn/#maxconn/'` +elif echo "$VNCVIEWERCMD" | egrep -i '^(xmessage|sleep )' > /dev/null; then + STUNNEL_EXTRA_OPTS=`echo "$STUNNEL_EXTRA_OPTS" | sed -e 's/maxconn/#maxconn/'` +elif [ "X$reverse" != "X" ]; then + STUNNEL_EXTRA_OPTS=`echo "$STUNNEL_EXTRA_OPTS" | sed -e 's/maxconn/#maxconn/'` +else + # new way (our patches). other than the above, we set these: + if [ "X$SKIP_STUNNEL_ONCE" = "X" ]; then + STUNNEL_ONCE=1; export STUNNEL_ONCE + fi + if [ "X$SKIP_STUNNEL_MAX_CLIENTS" = "X" ]; then + STUNNEL_MAX_CLIENTS=1; export STUNNEL_MAX_CLIENTS + fi +fi +# always set this one: +if [ "X$SKIP_STUNNEL_NO_SYSLOG" = "X" ]; then + STUNNEL_NO_SYSLOG=1; export STUNNEL_NO_SYSLOG +fi + +# this is the -t ssh option (gives better keyboard response thru SSH tunnel) targ="-t" if [ "X$SS_VNCVIEWER_NO_T" != "X" ]; then targ="" @@ -289,18 +332,18 @@ if [ "X$reverse" != "X" ]; then # check proxy usage under reverse connection: if [ "X$use_ssh" = "X" -a "X$use_sshssl" = "X" ]; then echo "" - if echo "$proxy" | egrep "repeater://" > /dev/null; then + if echo "$proxy" | egrep -i "(repeater|vencrypt)://" > /dev/null; then : else echo "*Warning*: SSL -listen and a Web proxy does not make sense." - sleep 3 + sleep 2 fi elif echo "$proxy" | grep "," > /dev/null; then : else echo "" echo "*Warning*: -listen and a single proxy/gateway does not make sense." - sleep 3 + sleep 2 fi SSVNC_LISTEN_ONCE=1; export SSVNC_LISTEN_ONCE fi @@ -320,6 +363,14 @@ if uname -sr | egrep 'SunOS 5\.[5-8]' > /dev/null; then dL="-h" fi +rchk() { + # a kludge to set $RANDOM if we are not bash: + if [ "X$BASH_VERSION" = "X" ]; then + RANDOM=`date +%S``sh -c 'echo $$'``ps -elf 2>&1 | sum 2>&1 | awk '{print $1}'` + fi +} +rchk + # a portable, but not absolutely safe, tmp file creator mytmp() { tf=$1 @@ -397,6 +448,7 @@ if echo "$orig" | grep '^vnc://' > /dev/null; then orig=`echo "$orig" | sed -e 's,vnc://,,'` verify="" mycert="" + crl="" use_ssh="" use_sshssl="" direct_connect=1 @@ -417,6 +469,7 @@ fi if [ "X$SSVNC_ULTRA_DSM" != "X" ]; then verify="" mycert="" + crl="" use_ssh="" use_sshssl="" direct_connect=1 @@ -459,7 +512,7 @@ fi host=`echo "$orig" | awk -F: '{print $1}'` disp=`echo "$orig" | awk -F: '{print $2}'` if [ "X$host" = "X" ]; then - host=localhost + host=$localhost fi if [ "X$disp" = "X" ]; then port="" # probably -listen mode. @@ -483,9 +536,9 @@ inuse="" if uname | grep Linux > /dev/null; then inuse=`netstat -ant | egrep 'LISTEN|WAIT|ESTABLISH|CLOSE' | awk '{print $4}' | sed 's/^.*://'` elif uname | grep SunOS > /dev/null; then - inuse=`netstat -an -f inet -P tcp | grep LISTEN | awk '{print $1}' | sed 's/^.*\.//'` -elif uname | grep -i bsd > /dev/null; then - inuse=`netstat -ant -f inet | grep LISTEN | awk '{print $4}' | sed 's/^.*\.//'` + inuse=`netstat -an -f inet -P tcp | egrep 'LISTEN|WAIT|ESTABLISH|CLOSE' | awk '{print $1}' | sed 's/^.*\.//'` +elif uname | egrep -i 'bsd|darwin' > /dev/null; then + inuse=`netstat -ant -f inet | egrep 'LISTEN|WAIT|ESTABLISH|CLOSE' | awk '{print $4}' | sed 's/^.*\.//'` # add others... fi @@ -590,7 +643,14 @@ final() { if [ "X$reverse" = "X" ]; then # normal connections try 5930-5999: - use=`findfree 5930` + if [ "X$showcert" = "X" ]; then + use=`findfree 5930` + else + # move away from normal place for (possibly many) -showcert + pstart=`date +%S` + pstart=`expr 6130 + $pstart + $pstart` + use=`findfree $pstart` + fi if [ $use -ge 5900 ]; then N=`expr $use - 5900` else @@ -612,14 +672,6 @@ if echo "$0" | grep vncip > /dev/null; then VNCVIEWERCMD="$VNCIPCMD" fi -rchk() { - # a kludge to set $RANDOM if we are not bash: - if [ "X$BASH_VERSION" = "X" ]; then - RANDOM=`date +%S``sh -c 'echo $$'``ps -elf 2>&1 | sum 2>&1 | awk '{print $1}'` - fi -} -rchk - # trick for the undocumented rsh://host:port method. rsh_setup() { if echo "$ssh_host" | grep '@' > /dev/null; then @@ -670,7 +722,7 @@ if (exists $ENV{PPROXY_SLEEP}) { foreach my $var (qw(PPROXY_PROXY PPROXY_SOCKS PPROXY_DEST PPROXY_LISTEN PPROXY_REVERSE PPROXY_REPEATER PPROXY_REMOVE PPROXY_KILLPID PPROXY_SLEEP)) { - if (0 || $ENV{SS_DEBUG}) { + if (0 || $ENV{SS_DEBUG} || $ENV{SSVNC_VENCRYPT_DEBUG}) { print STDERR "$var: $ENV{$var}\n"; } } @@ -683,7 +735,7 @@ if ($ENV{PPROXY_SOCKS} ne "" && $ENV{PPROXY_PROXY} !~ m,^socks5?://,i) { } } -my $rfbSecTypeTlsVnc = 18; +my $rfbSecTypeAnonTls = 18; my $rfbSecTypeVencrypt = 19; my $rfbVencryptPlain = 256; @@ -755,13 +807,24 @@ if ($ENV{PPROXY_REVERSE} ne "") { die "pproxy: $! -- PPROXY_REVERSE\n"; } print STDERR "PPROXY_REVERSE: connected to $rhost $rport\n"; + } elsif ($ENV{PPROXY_LISTEN} ne "") { - my $listen_sock = IO::Socket::INET->new( - Listen => 2, - LocalAddr => "localhost", - LocalPort => $ENV{PPROXY_LISTEN}, - Proto => "tcp" - ); + my $listen_sock = ""; + if ($ENV{PPROXY_LISTEN} =~ /^INADDR_ANY:(.*)/) { + my $p = $1; + $listen_sock = IO::Socket::INET->new( + Listen => 2, + LocalPort => $p, + Proto => "tcp" + ); + } else { + $listen_sock = IO::Socket::INET->new( + Listen => 2, + LocalAddr => "127.0.0.1", + LocalPort => $ENV{PPROXY_LISTEN}, + Proto => "tcp" + ); + } if (! $listen_sock) { die "pproxy: $! -- PPROXY_LISTEN\n"; } @@ -770,6 +833,7 @@ if ($ENV{PPROXY_REVERSE} ne "") { if (! $listen_handle) { die "pproxy: $!\n"; } + close $listen_sock; } my $sock = IO::Socket::INET->new( @@ -786,6 +850,13 @@ if (! $sock) { unlink($0) if $ENV{PPROXY_REMOVE}; +if ($ENV{PPROXY_PROXY} =~ /^vencrypt:/ && $ENV{PPROXY_LISTEN} =~ /^INADDR_ANY:/) { + print STDERR "PPROXY: vencrypt+reverse: swapping listen socket with connect socket.\n"; + my $tmp_swap = $sock; + $sock = $listen_handle; + $listen_handle = $tmp_swap; +} + $cur_proxy = $first; setmode($mode_1st); @@ -810,7 +881,14 @@ if ($second ne "") { $parent = $$; $child = fork; if (! defined $child) { - kill "TERM", $ENV{PPROXY_KILLPID} if $ENV{PPROXY_KILLPID}; + if ($ENV{PPROXY_KILLPID}) { + foreach my $p (split(/,/, $ENV{PPROXY_KILLPID})) { + if ($p =~ /^(\+|-)/) { + $p = $parent + $p; + } + kill "TERM", $p; + } + } exit 1; } @@ -824,7 +902,7 @@ if ($child) { select(undef, undef, undef, 0.25); if (kill 0, $child) { select(undef, undef, undef, 1.5); - #print STDERR "pproxy\[$$]: kill TERM $child\n"; + print STDERR "pproxy\[$$]: kill TERM $child\n"; kill "TERM", $child; } } else { @@ -837,16 +915,20 @@ if ($child) { select(undef, undef, undef, 0.25); if (kill 0, $parent) { select(undef, undef, undef, 1.5); - #print STDERR "pproxy\[$$]: kill TERM $parent\n"; + print STDERR "pproxy\[$$]: kill TERM $parent\n"; kill "TERM", $parent; } } if ($ENV{PPROXY_KILLPID} ne "") { - if ($ENV{PPROXY_KILLPID} =~ /^(\+|-)/) { - $ENV{PPROXY_KILLPID} = $$ + $ENV{PPROXY_KILLPID}; + if ($ENV{PPROXY_KILLPID}) { + foreach my $p (split(/,/, $ENV{PPROXY_KILLPID})) { + if ($p =~ /^(\+|-)/) { + $p = $parent + $p; + } + print STDERR "kill TERM, $p (PPROXY_KILLPID)\n"; + kill "TERM", $p; + } } - print STDERR "kill TERM, $ENV{PPROXY_KILLPID}\n"; - kill "TERM", $ENV{PPROXY_KILLPID}; } exit; @@ -1079,12 +1161,12 @@ sub vdie { exit(1); } -sub tlsvnc_handshake { +sub anontls_handshake { my ($vmode, $db) = @_; - print STDERR "PPROXY: Doing TLSVNC Handshake\n"; + print STDERR "PPROXY: Doing ANONTLS Handshake\n"; - my $psec = pack("C", $rfbSecTypeTlsVnc); + my $psec = pack("C", $rfbSecTypeAnonTls); syswrite($sock, $psec, 1); append_handshake("done\n"); @@ -1097,6 +1179,13 @@ sub vencrypt_handshake { print STDERR "PPROXY: Doing VeNCrypt Handshake\n"; my $psec = pack("C", $rfbSecTypeVencrypt); + + if (exists $ENV{SSVNC_TEST_SEC_TYPE}) { + my $fake = $ENV{SSVNC_TEST_SEC_TYPE}; + print STDERR "PPROXY: sending sec-type: $fake\n"; + $psec = pack("C", $fake); + } + syswrite($sock, $psec, 1); my $vmajor; @@ -1108,10 +1197,14 @@ sub vencrypt_handshake { $vmajor = unpack("C", $vmajor); $vminor = unpack("C", $vminor); - print STDERR "$vmajor.$vminor\n" if $db; + print STDERR "server vencrypt version $vmajor.$vminor\n" if $db; - vdie if $vmajor ne 0; - vdie if $vminor < 2; + if (exists $ENV{SSVNC_TEST_SEC_TYPE}) { + print STDERR "PPROXY: continuing on in test mode.\n"; + } else { + vdie if $vmajor ne 0; + vdie if $vminor < 2; + } $vmajor = pack("C", 0); $vminor = pack("C", 2); @@ -1122,6 +1215,7 @@ sub vencrypt_handshake { my $result; sysread($sock, $result, 1); + print STDERR "result empty\n" if $db && $result eq ""; vdie if $result eq ""; $result = unpack("C", $result); @@ -1170,12 +1264,23 @@ sub vencrypt_handshake { $subtype = $rfbVencryptTlsPlain; print STDERR "selected rfbVencryptTlsPlain\n" if $db; } + + if (exists $ENV{SSVNC_TEST_SEC_SUBTYPE}) { + my $fake = $ENV{SSVNC_TEST_SEC_SUBTYPE}; + print STDERR "PPROXY: sending sec-subtype: $fake\n"; + $subtype = $fake; + } + append_handshake("subtype=$subtype\n"); my $pst = pack("N", $subtype); syswrite($sock, $pst, 4); - vdie if $subtype == 0; + if (exists $ENV{SSVNC_TEST_SEC_SUBTYPE}) { + print STDERR "PPROXY: continuing on in test mode.\n"; + } else { + vdie if $subtype == 0; + } my $ok; sysread($sock, $ok, 1); @@ -1192,11 +1297,12 @@ sub vencrypt_dialog { my $db = 0; $db = 1 if exists $ENV{SS_DEBUG}; + $db = 1 if exists $ENV{SSVNC_VENCRYPT_DEBUG}; append_handshake("mode=$vmode\n"); my $server_rfb = ""; - syswrite($sock, $rep, 250); + #syswrite($sock, $rep, 250); for (my $i = 0; $i < 12; $i++) { my $c; sysread($sock, $c, 1); @@ -1246,10 +1352,10 @@ sub vencrypt_dialog { print STDERR "found rfbSecTypeVencrypt\n" if $db; append_handshake("sectype=$rfbSecTypeVencrypt\n"); vencrypt_handshake($vmode, $db); - } elsif (exists $sectypes{$rfbSecTypeTlsVnc}) { - print STDERR "found rfbSecTypeTlsVnc\n" if $db; - append_handshake("sectype=$rfbSecTypeTlsVnc\n"); - tlsvnc_handshake($vmode, $db); + } elsif (exists $sectypes{$rfbSecTypeAnonTls}) { + print STDERR "found rfbSecTypeAnonTls\n" if $db; + append_handshake("sectype=$rfbSecTypeAnonTls\n"); + anontls_handshake($vmode, $db); } else { print STDERR "No supported sec-type found\n" if $db; vdie; @@ -1296,9 +1402,12 @@ sub xfer { close($out); } ' + # ' # xpg_echo will expand \n \r, etc. # try to unset and then test for it. - shopt -u xpg_echo >/dev/null 2>&1 + if type shopt > /dev/null 2>&1; then + shopt -u xpg_echo >/dev/null 2>&1 + fi v='print STDOUT "abc\n";' echo "$v" > $tf chmod 700 $tf @@ -1314,6 +1423,67 @@ sub xfer { perl -e 'use IO::Socket::INET; select(undef, undef, undef, 0.01)' >/dev/null 2>&1 } +# make_tcert is no longer invoked via the ssvnc gui (Listen mode). +# make_tcert is for testing only now via -mycert BUILTIN +make_tcert() { + tcert="/tmp/ss_vnc_viewer_tcert${RANDOM}.$$" + tcert=`mytmp "$tcert"` + cat > $tcert <<END +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAvkfXxb0wcxgrjV2ziFikjII+ze8iKcTBt47L0GM/c21efelN ++zZpJUUXLu4zz8Ryq8Q+sQgfNy7uTOpN9bUUaOk1TnD7gaDQnQWiNHmqbW2kL+DS +OKngJVPo9dETAS8hf7+D1e1DBZxjTc1a4RQqWJixwpYj99ixWzu8VC2m/xXsjvOs +jp4+DLBB490nbkwvstmhmiWm1CmI5O5xOkgioVNQqHvQMdVKOSz9PpbjvZiRX1Uo +qoMrk+2NOqwP90TB35yPASXb9zXKpO7DLhkube+yYGf+yk46aD707L07Eb7cosFP +S84vNZ9gX7rQ0UOwm5rYA/oZTBskgaqhtIzkLwIDAQABAoIBAD4ot/sXt5kRn0Ca +CIkU9AQWlC+v28grR2EQW9JiaZrqcoDNUzUqbCTJsi4ZkIFh2lf0TsqELbZYNW6Y +6AjJM7al4E0UqYSKJTv2WCuuRxdiRs2BMwthqyBmjeanev7bB6V0ybt7u3Y8xU/o +MrTuYnr4vrEjXPKdLirwk7AoDbKsRXHSIiHEIBOq1+dUQ32t36ukdnnza4wKDLZc +PKHiCdCk/wOGhuDlxD6RspqUAlRnJ8/aEhrgWxadFXw1hRhRsf/v1shtB0T3DmTe +Jchjwyiw9mryb9JZAcKxW+fUc4EVvj6VdQGqYInQJY5Yxm5JAlVQUJicuuJEvn6A +rj5osQECgYEA552CaHpUiFlB4HGkjaH00kL+f0+gRF4PANCPk6X3UPDVYzKnzmuu +yDvIdEETGFWBwoztUrOOKqVvPEQ+kBa2+DWWYaERZLtg2cI5byfDJxQ3ldzilS3J +1S3WgCojqcsG/hlxoQJ1dZFanUy/QhUZ0B+wlC+Zp1Q8AyuGQvhHp68CgYEA0lBI +eqq2GGCdJuNHMPFbi8Q0BnX55LW5C1hWjhuYiEkb3hOaIJuJrqvayBlhcQa2cGqp +uP34e9UCfoeLgmoCQ0b4KpL2NGov/mL4i8bMgog4hcoYuIi3qxN18vVR14VKEh4U +RLk0igAYPU+IK2QByaQlBo9OSaKkcfm7U1/pK4ECgYAxr6VpGk0GDvfF2Tsusv6d +GIgV8ZP09qSLTTJvvxvF/lQYeqZq7sjI5aJD5i3de4JhpO/IXQJzfZfWOuGc8XKA +3qYK/Y2IqXXGYRcHFGWV/Y1LFd55mCADHlk0l1WdOBOg8P5iRu/Br9PbiLpCx9oI +vrOXpnp03eod1/luZmqguwKBgQCWFRSj9Q7ddpSvG6HCG3ro0qsNsUMTI1tZ7UBX +SPogx4tLf1GN03D9ZUZLZVFUByZKMtPLX/Hi7K9K/A9ikaPrvsl6GEX6QYzeTGJx +3Pw0amFrmDzr8ySewNR6/PXahxPEuhJcuI31rPufRRI3ZLah3rFNbRbBFX+klkJH +zTnoAQKBgDbUK/aQFGduSy7WUT7LlM3UlGxJ2sA90TQh4JRQwzur0ACN5GdYZkqM +YBts4sBJVwwJoxD9OpbvKu3uKCt41BSj0/KyoBzjT44S2io2tj1syujtlVUsyyBy +/ca0A7WBB8lD1D7QMIhYUm2O9kYtSCLlUTHt5leqGaRG38DqlX36 +-----END RSA PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIIDzDCCArQCCQDSzxzxqhyqLzANBgkqhkiG9w0BAQQFADCBpzELMAkGA1UEBhMC +VVMxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxDzANBgNVBAcTBkJvc3RvbjETMBEG +A1UEChMKTXkgQ29tcGFueTEcMBoGA1UECxMTUHJvZHVjdCBEZXZlbG9wbWVudDEZ +MBcGA1UEAxMQd3d3Lm5vd2hlcmUubm9uZTEhMB8GCSqGSIb3DQEJARYSYWRtaW5A +bm93aGVyZS5ub25lMB4XDTA3MDMyMzE4MDc0NVoXDTI2MDUyMjE4MDc0NVowgacx +CzAJBgNVBAYTAlVTMRYwFAYDVQQIEw1NYXNzYWNodXNldHRzMQ8wDQYDVQQHEwZC +b3N0b24xEzARBgNVBAoTCk15IENvbXBhbnkxHDAaBgNVBAsTE1Byb2R1Y3QgRGV2 +ZWxvcG1lbnQxGTAXBgNVBAMTEHd3dy5ub3doZXJlLm5vbmUxITAfBgkqhkiG9w0B +CQEWEmFkbWluQG5vd2hlcmUubm9uZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC +AQoCggEBAL5H18W9MHMYK41ds4hYpIyCPs3vIinEwbeOy9BjP3NtXn3pTfs2aSVF +Fy7uM8/EcqvEPrEIHzcu7kzqTfW1FGjpNU5w+4Gg0J0FojR5qm1tpC/g0jip4CVT +6PXREwEvIX+/g9XtQwWcY03NWuEUKliYscKWI/fYsVs7vFQtpv8V7I7zrI6ePgyw +QePdJ25ML7LZoZolptQpiOTucTpIIqFTUKh70DHVSjks/T6W472YkV9VKKqDK5Pt +jTqsD/dEwd+cjwEl2/c1yqTuwy4ZLm3vsmBn/spOOmg+9Oy9OxG+3KLBT0vOLzWf +YF+60NFDsJua2AP6GUwbJIGqobSM5C8CAwEAATANBgkqhkiG9w0BAQQFAAOCAQEA +vGomHEp6TVU83X2EBUgnbOhzKJ9u3fOI/Uf5L7p//Vxqow7OR1cguzh/YEzmXOIL +ilMVnzX9nj/bvcLAuqEP7MR1A8f4+E807p/L/Sf49BiCcwQq5I966sGKYXjkve+T +2GTBNwMSq+5kLSf6QY8VZI+qnrAudEQMeJByQhTZZ0dH8Njeq8EGl9KUio+VWaiW +CQK6xJuAvAHqa06OjLmwu1fYD4GLGSrOIiRVkSXV8qLIUmzxdJaIRznkFWsrCEKR +wAH966SAOvd2s6yOHMvyDRIL7WHxfESB6rDHsdIW/yny1fBePjv473KrxyXtbz7I +dMw1yW09l+eEo4A7GzwOdw== +-----END CERTIFICATE----- +END + chmod 600 $tcert + echo "$tcert" +} + Kecho() { if [ "X$USER" = "Xrunge" ]; then echo "dbg: $*" @@ -1326,7 +1496,7 @@ if [ "X$use_ssh" = "X1" ]; then # ssh_port="22" ssh_host="$host" - vnc_host="localhost" + vnc_host="$localhost" # let user override ssh via $SSH ssh=${SSH:-"ssh -x"} @@ -1444,9 +1614,9 @@ if [ "X$use_ssh" = "X1" ]; then u=`echo "$host" | sed -e 's/@.*$/@/'` fi - proxy="${u}localhost:$nd" + proxy="${u}$localhost:$nd" else - proxy="${sproxy1_user}localhost:$nd" + proxy="${sproxy1_user}$localhost:$nd" fi if [ "X$sproxy_rest" != "X" ]; then proxy="$proxy,$sproxy_rest" @@ -1487,7 +1657,7 @@ if [ "X$use_ssh" = "X1" ]; then ssh_args="$ssh_args -o NoHostAuthenticationForLocalhost=yes" sleep 1 stty sane - proxy="${ssh_user2}localhost:$proxport" + proxy="${ssh_user2}$localhost:$proxport" fi if [ "X$proxy" != "X" ]; then @@ -1515,14 +1685,14 @@ if [ "X$use_ssh" = "X1" ]; then getport="" teeport="" - if echo "$ssh_cmd" | egrep "^(PORT=|P=)" > /dev/null; then + if echo "$ssh_cmd" | egrep "(PORT=|P=) " > /dev/null; then getport=1 - if echo "$ssh_cmd" | egrep "^P=" > /dev/null; then + if echo "$ssh_cmd" | egrep "P= " > /dev/null; then teeport=1 fi PORT="" - ssh_cmd=`echo "$ssh_cmd" | sed -e 's/^PORT=[ ]*//' -e 's/^P=//'` + ssh_cmd=`echo "$ssh_cmd" | sed -e 's/PORT=[ ]*//' -e 's/P=//'` SSVNC_NO_ENC_WARN=1 if [ "X$use_sshssl" = "X" ]; then direct_connect=1 @@ -1561,7 +1731,7 @@ if [ "X$use_ssh" = "X1" ]; then tport=`mytmp "$tport"` if [ "X$rsh" != "X1" ]; then - if echo "$ssh_cmd" | grep -w sudo > /dev/null; then + if echo "$ssh_cmd" | grep "sudo " > /dev/null; then echo "" echo "Initial ssh with 'sudo id' to prime sudo so hopefully the next one" echo "will require no password..." @@ -1634,9 +1804,9 @@ if [ "X$use_ssh" = "X1" ]; then PPROXY_SOCKS=5 fi export PPROXY_SOCKS - host="localhost" + host="$localhost" port="$PORT" - proxy="localhost:$use" + proxy="$localhost:$use" else if [ "X$rsh" != "X1" ]; then @@ -1665,13 +1835,19 @@ if [ "X$use_ssh" = "X1" ]; then c=0 pssh="" - mssh=`echo "$ssh" | sed -e 's/^env.*ssh/ssh/'` - while [ $c -lt 30 ] + while [ $c -lt 40 ] do p=`expr $pmark + $c` - if ps -p "$p" 2>&1 | grep "$mssh" > /dev/null; then - pssh=$p - break + pout=`ps -p "$p" 2>/dev/null | grep -v '^[ ]*PID' | sed -e 's/-L.*$//' -e 's/-x .*$//'` + if echo "$pout" | grep "ssh" > /dev/null; then + if echo "$pout" | egrep -i 'ssh.*(-add|-agent|-ask|-keygen|-argv0|vnc)' >/dev/null; then + : + elif echo "$pout" | egrep -i 'scp|sshd' >/dev/null; then + : + else + pssh=$p + break + fi fi c=`expr $c + 1` done @@ -1697,20 +1873,20 @@ if [ "X$use_ssh" = "X1" ]; then echo "sleep $SSVNC_EXTRA_SLEEP" sleep $SSVNC_EXTRA_SLEEP fi - #echo "pssh=\"$pssh\"" + echo "ssh_pid='$pssh'"; echo if [ "X$use_sshssl" = "X" -a "X$getport" = "X" ]; then echo "Running viewer:" trap "final" 0 2 15 if [ "X$reverse" = "X" ]; then - echo "$VNCVIEWERCMD" "$@" localhost:$N + echo "$VNCVIEWERCMD" "$@" $localhost:$N echo "" - $VNCVIEWERCMD "$@" localhost:$N + $VNCVIEWERCMD "$@" $localhost:$N if [ $? != 0 ]; then echo "vncviewer command failed: $?" if [ "X$secondtry" = "X1" ]; then sleep 2 - $VNCVIEWERCMD "$@" localhost:$N + $VNCVIEWERCMD "$@" $localhost:$N fi fi else @@ -1734,7 +1910,7 @@ if [ "X$use_ssh" = "X1" ]; then use2=`findfree 5960` host0=$host port0=$port - host=localhost + host=$localhost port=$use use=$use2 N=`expr $use - 5900` @@ -1760,6 +1936,13 @@ fi if [ "X$mycert" != "X" ]; then cert="cert = $mycert" fi +if [ "X$crl" != "X" ]; then + if [ -d $crl ]; then + crl="CRLpath = $crl" + else + crl="CRLfile = $crl" + fi +fi ptmp="" if [ "X$proxy" != "X" ]; then @@ -1769,19 +1952,24 @@ if [ "X$proxy" != "X" ]; then pcode "$ptmp" if [ "X$showcert" != "X1" -a "X$direct_connect" = "X" ]; then if uname | egrep 'Darwin|SunOS' >/dev/null; then - # on mac we need to listen on socket instead of stdio: - nd=`findfree 6700` - PPROXY_LISTEN=$nd - export PPROXY_LISTEN - if [ "X$reverse" = "X" ]; then - #$ptmp 2>/dev/null & - $ptmp & + vout=`echo "$proxy" | grep -i vencrypt` + if [ "X$vout" != "X" -a "X$reverse" = "X1" ]; then + # need to exec for reverse vencrypt + connect="exec = $ptmp" + else + # on mac and solaris we need to listen on socket instead of stdio: + nd=`findfree 6700` + PPROXY_LISTEN=$nd + export PPROXY_LISTEN + if [ "X$reverse" = "X" ]; then + #$ptmp 2>/dev/null & + $ptmp & + fi + sleep 2 + host="$localhost" + port="$nd" + connect="connect = $localhost:$nd" fi - #sleep 3 - sleep 2 - host="localhost" - port="$nd" - connect="connect = localhost:$nd" else # otherwise on unix we can exec it: connect="exec = $ptmp" @@ -1803,7 +1991,7 @@ if [ "X$showcert" = "X1" ]; then $ptmp 2>/dev/null & fi sleep 1 - host="localhost" + host="$localhost" port="$use" fi cipher_args="" @@ -1811,8 +1999,63 @@ if [ "X$showcert" = "X1" ]; then cipher_args=`echo "$ciphers" | sed -e 's/ciphers=/-cipher /'` fi #echo "openssl s_client $cipher_args -connect $host:$port" - openssl s_client $cipher_args -prexit -connect $host:$port 2>&1 < /dev/null - rc=$? + if [ "X$reverse" = "X" ]; then + openssl s_client $cipher_args -prexit -connect $host:$port 2>&1 < /dev/null + rc=$? + else + tcert="" + if [ "X$mycert" = "X" ]; then + tcert=`make_tcert` + cert_args="-cert $tcert -CAfile $tcert" + else + cert_args="-cert $mycert -CAfile $mycert" + fi + tmp_out=/tmp/showcert_out${RANDOM}.$$ + tmp_out=`mytmp "$tmp_out"` + tmp_err=/tmp/showcert_err${RANDOM}.$$ + tmp_err=`mytmp "$tmp_err"` + + #echo "openssl s_server $cipher_args $cert_args -accept $port -verify 2 > $tmp_out 2> $tmp_err" 1>&2 + + perl -e " + \$p = open(O, \"|openssl s_server $cipher_args $cert_args -accept $port -verify 2 1>$tmp_out 2> $tmp_err\"); + exit 1 unless \$p; + while (1) { + sleep 1; + if (!open(F, \"<$tmp_out\")) { + kill \$p; + exit 1; + } + while (<F>) { + if (/RFB 00/) { + fsleep(0.25); + print O \"RFB 000.000\\n\"; + fsleep(1.00); + kill \$p; + fsleep(0.25); + exit 0; + } + } + close F; + } + sub fsleep { + select(undef, undef, undef, shift); + } + "; + + echo "" + cat $tmp_out + echo "" + echo "----2----" + cat $tmp_err + if grep BEGIN.CERTIFICATE $tmp_out >/dev/null; then + rc=0 + else + rc=1 + fi + + rm -f $tmp_out $tmp_err + fi if [ "X$SSVNC_PREDIGESTED_HANDSHAKE" != "X" ]; then rm -f $SSVNC_PREDIGESTED_HANDSHAKE fi @@ -1860,7 +2103,7 @@ if [ "X$direct_connect" != "X" ]; then PPROXY_LISTEN=$use export PPROXY_LISTEN else - PPROXY_REVERSE="localhost:$use" + PPROXY_REVERSE="$localhost:$use" export PPROXY_REVERSE pps=3 if [ "X$SSVNC_EXTRA_SLEEP" != "X" ]; then @@ -1877,7 +2120,7 @@ if [ "X$direct_connect" != "X" ]; then #echo T sleep 1 sleep 1 fi - host="localhost" + host="$localhost" disp="$N" port=`expr $disp + 5900` fi @@ -1894,7 +2137,7 @@ if [ "X$direct_connect" != "X" ]; then pf=`findfree 5970` cmd="$SSVNC_ULTRA_DSM -$pf $host:$port" pf=`expr $pf - 5900` - hostdisp="localhost:$pf" + hostdisp="$localhost:$pf" ustr=`echo "$cmd" | sed -e 's/pw=[^ ]*/pw=******/g'` echo "Running:" echo @@ -1930,7 +2173,7 @@ if [ "X$direct_connect" != "X" ]; then VNCVIEWER_LISTEN_LOCALHOST=1 export VNCVIEWER_LISTEN_LOCALHOST dport=`expr 5500 + $disp` - cmd="$SSVNC_ULTRA_DSM $dport localhost:$use" + cmd="$SSVNC_ULTRA_DSM $dport $localhost:$use" ustr=`echo "$cmd" | sed -e 's/pw=[^ ]*/pw=******/g'` echo "Running:" echo @@ -1961,69 +2204,10 @@ fi tmp_cfg=/tmp/ss_vncviewer${RANDOM}.$$ tmp_cfg=`mytmp "$tmp_cfg"` -# make_tcert is no longer invoked via the ssvnc gui (Listen mode). -# make_tcert is for testing only now via -mycert BUILTIN -make_tcert() { - tcert="/tmp/ss_vnc_viewer_tcert${RANDOM}.$$" - tcert=`mytmp "$tcert"` - cat > $tcert <<END ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAvkfXxb0wcxgrjV2ziFikjII+ze8iKcTBt47L0GM/c21efelN -+zZpJUUXLu4zz8Ryq8Q+sQgfNy7uTOpN9bUUaOk1TnD7gaDQnQWiNHmqbW2kL+DS -OKngJVPo9dETAS8hf7+D1e1DBZxjTc1a4RQqWJixwpYj99ixWzu8VC2m/xXsjvOs -jp4+DLBB490nbkwvstmhmiWm1CmI5O5xOkgioVNQqHvQMdVKOSz9PpbjvZiRX1Uo -qoMrk+2NOqwP90TB35yPASXb9zXKpO7DLhkube+yYGf+yk46aD707L07Eb7cosFP -S84vNZ9gX7rQ0UOwm5rYA/oZTBskgaqhtIzkLwIDAQABAoIBAD4ot/sXt5kRn0Ca -CIkU9AQWlC+v28grR2EQW9JiaZrqcoDNUzUqbCTJsi4ZkIFh2lf0TsqELbZYNW6Y -6AjJM7al4E0UqYSKJTv2WCuuRxdiRs2BMwthqyBmjeanev7bB6V0ybt7u3Y8xU/o -MrTuYnr4vrEjXPKdLirwk7AoDbKsRXHSIiHEIBOq1+dUQ32t36ukdnnza4wKDLZc -PKHiCdCk/wOGhuDlxD6RspqUAlRnJ8/aEhrgWxadFXw1hRhRsf/v1shtB0T3DmTe -Jchjwyiw9mryb9JZAcKxW+fUc4EVvj6VdQGqYInQJY5Yxm5JAlVQUJicuuJEvn6A -rj5osQECgYEA552CaHpUiFlB4HGkjaH00kL+f0+gRF4PANCPk6X3UPDVYzKnzmuu -yDvIdEETGFWBwoztUrOOKqVvPEQ+kBa2+DWWYaERZLtg2cI5byfDJxQ3ldzilS3J -1S3WgCojqcsG/hlxoQJ1dZFanUy/QhUZ0B+wlC+Zp1Q8AyuGQvhHp68CgYEA0lBI -eqq2GGCdJuNHMPFbi8Q0BnX55LW5C1hWjhuYiEkb3hOaIJuJrqvayBlhcQa2cGqp -uP34e9UCfoeLgmoCQ0b4KpL2NGov/mL4i8bMgog4hcoYuIi3qxN18vVR14VKEh4U -RLk0igAYPU+IK2QByaQlBo9OSaKkcfm7U1/pK4ECgYAxr6VpGk0GDvfF2Tsusv6d -GIgV8ZP09qSLTTJvvxvF/lQYeqZq7sjI5aJD5i3de4JhpO/IXQJzfZfWOuGc8XKA -3qYK/Y2IqXXGYRcHFGWV/Y1LFd55mCADHlk0l1WdOBOg8P5iRu/Br9PbiLpCx9oI -vrOXpnp03eod1/luZmqguwKBgQCWFRSj9Q7ddpSvG6HCG3ro0qsNsUMTI1tZ7UBX -SPogx4tLf1GN03D9ZUZLZVFUByZKMtPLX/Hi7K9K/A9ikaPrvsl6GEX6QYzeTGJx -3Pw0amFrmDzr8ySewNR6/PXahxPEuhJcuI31rPufRRI3ZLah3rFNbRbBFX+klkJH -zTnoAQKBgDbUK/aQFGduSy7WUT7LlM3UlGxJ2sA90TQh4JRQwzur0ACN5GdYZkqM -YBts4sBJVwwJoxD9OpbvKu3uKCt41BSj0/KyoBzjT44S2io2tj1syujtlVUsyyBy -/ca0A7WBB8lD1D7QMIhYUm2O9kYtSCLlUTHt5leqGaRG38DqlX36 ------END RSA PRIVATE KEY----- ------BEGIN CERTIFICATE----- -MIIDzDCCArQCCQDSzxzxqhyqLzANBgkqhkiG9w0BAQQFADCBpzELMAkGA1UEBhMC -VVMxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxDzANBgNVBAcTBkJvc3RvbjETMBEG -A1UEChMKTXkgQ29tcGFueTEcMBoGA1UECxMTUHJvZHVjdCBEZXZlbG9wbWVudDEZ -MBcGA1UEAxMQd3d3Lm5vd2hlcmUubm9uZTEhMB8GCSqGSIb3DQEJARYSYWRtaW5A -bm93aGVyZS5ub25lMB4XDTA3MDMyMzE4MDc0NVoXDTI2MDUyMjE4MDc0NVowgacx -CzAJBgNVBAYTAlVTMRYwFAYDVQQIEw1NYXNzYWNodXNldHRzMQ8wDQYDVQQHEwZC -b3N0b24xEzARBgNVBAoTCk15IENvbXBhbnkxHDAaBgNVBAsTE1Byb2R1Y3QgRGV2 -ZWxvcG1lbnQxGTAXBgNVBAMTEHd3dy5ub3doZXJlLm5vbmUxITAfBgkqhkiG9w0B -CQEWEmFkbWluQG5vd2hlcmUubm9uZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC -AQoCggEBAL5H18W9MHMYK41ds4hYpIyCPs3vIinEwbeOy9BjP3NtXn3pTfs2aSVF -Fy7uM8/EcqvEPrEIHzcu7kzqTfW1FGjpNU5w+4Gg0J0FojR5qm1tpC/g0jip4CVT -6PXREwEvIX+/g9XtQwWcY03NWuEUKliYscKWI/fYsVs7vFQtpv8V7I7zrI6ePgyw -QePdJ25ML7LZoZolptQpiOTucTpIIqFTUKh70DHVSjks/T6W472YkV9VKKqDK5Pt -jTqsD/dEwd+cjwEl2/c1yqTuwy4ZLm3vsmBn/spOOmg+9Oy9OxG+3KLBT0vOLzWf -YF+60NFDsJua2AP6GUwbJIGqobSM5C8CAwEAATANBgkqhkiG9w0BAQQFAAOCAQEA -vGomHEp6TVU83X2EBUgnbOhzKJ9u3fOI/Uf5L7p//Vxqow7OR1cguzh/YEzmXOIL -ilMVnzX9nj/bvcLAuqEP7MR1A8f4+E807p/L/Sf49BiCcwQq5I966sGKYXjkve+T -2GTBNwMSq+5kLSf6QY8VZI+qnrAudEQMeJByQhTZZ0dH8Njeq8EGl9KUio+VWaiW -CQK6xJuAvAHqa06OjLmwu1fYD4GLGSrOIiRVkSXV8qLIUmzxdJaIRznkFWsrCEKR -wAH966SAOvd2s6yOHMvyDRIL7WHxfESB6rDHsdIW/yny1fBePjv473KrxyXtbz7I -dMw1yW09l+eEo4A7GzwOdw== ------END CERTIFICATE----- -END - chmod 600 $tcert - echo "$tcert" -} - stunnel_exec="" -if echo $STUNNEL_EXTRA_SVC_OPTS | grep '#stunnel-exec' > /dev/null; then +if [ "X$SSVNC_USE_OURS" != "X1" ]; then + : +elif echo $STUNNEL_EXTRA_SVC_OPTS | grep '#stunnel-exec' > /dev/null; then stunnel_exec="#" fi @@ -2042,25 +2226,29 @@ if [ "X$reverse" = "X" ]; then foreground = yes pid = client = yes -debug = 6 +debug = $stunnel_debug $ciphers $STUNNEL_EXTRA_OPTS $STUNNEL_EXTRA_OPTS_USER -$verify $cert +$crl +$verify ${stunnel_exec}[vnc_stunnel] -${stunnel_exec}accept = localhost:$use +${stunnel_exec}accept = $localhost:$use $connect $STUNNEL_EXTRA_SVC_OPTS $STUNNEL_EXTRA_SVC_OPTS_USER END + else + # REVERSE case: + stunnel_exec="" # doesn't work for listening. p2=`expr 5500 + $N` - connect="connect = localhost:$p2" + connect="connect = $localhost:$p2" if [ "X$cert" = "XBUILTIN" ]; then ttcert=`make_tcert` cert="cert = $ttcert" @@ -2068,22 +2256,33 @@ else # Note for listen mode, an empty cert will cause stunnel to fail. # The ssvnc gui will have already taken care of this. - STUNNEL_EXTRA_OPTS=`echo "$STUNNEL_EXTRA_OPTS" | sed -e 's/maxconn/#maxconn/'` hloc="" if [ "X$use_ssh" = "X1" ]; then - hloc="localhost:" + hloc="$localhost:" + fi + if echo "$proxy" | grep -i '^vencrypt:' > /dev/null; then + hloc="$localhost:" + pv=`findfree 5570` + proxy="vencrypt:$pv:$port" + port=$pv + if [ "X$anondh_set" = "X1" ]; then + # not needed for ANONDH in this mode + #ciphers="ciphers = ADH:@STRENGTH" + : + fi fi cat > "$tmp_cfg" <<END foreground = yes pid = client = no -debug = 6 +debug = $stunnel_debug $ciphers $STUNNEL_EXTRA_OPTS $STUNNEL_EXTRA_OPTS_USER -$verify $cert +$crl +$verify [vnc_stunnel] accept = $hloc$port @@ -2092,6 +2291,7 @@ $STUNNEL_EXTRA_SVC_OPTS $STUNNEL_EXTRA_SVC_OPTS_USER END + fi echo "" @@ -2114,11 +2314,21 @@ if [ "X$stunnel_exec" = "X" ]; then # pause here to let the user supply a possible passphrase for the # mycert key: if [ "X$mycert" != "X" ]; then - sleep 1 - echo "" - echo "(** pausing for possible certificate passphrase dialog **)" - echo "" - sleep 4 + nsl=10 + dsl=0 + if [ ! -f $mycert ]; then + dsl=0 + elif grep -i 'Proc-Type.*ENCRYPTED' "$mycert" > /dev/null 2>/dev/null; then + dsl=1 + fi + if [ "X$dsl" = "X1" ]; then + echo "" + echo "(** pausing $nsl secs for possible certificate passphrase dialog **)" + echo "" + sleep $nsl + echo "(** done pausing for passphrase **)" + echo "" + fi fi #echo T sleep 1 sleep 1 @@ -2133,7 +2343,7 @@ if [ "X$SSVNC_EXTRA_SLEEP" != "X" ]; then fi echo "Running viewer:" if [ "X$reverse" = "X" ]; then - vnc_hp=localhost:$N + vnc_hp=$localhost:$N if [ "X$stunnel_exec" != "X" ]; then vnc_hp="exec=$STUNNEL $tmp_cfg" fi @@ -2163,8 +2373,18 @@ else trap "final" 0 2 15 echo "" if [ "X$proxy" != "X" ]; then - PPROXY_REVERSE="localhost:$port"; export PPROXY_REVERSE - PPROXY_SLEEP=1; export PPROXY_SLEEP; + if echo "$proxy" | grep -i '^vencrypt:' > /dev/null; then + pstunnel=`echo "$proxy" | awk -F: '{print $2}'` + plisten=`echo "$proxy" | awk -F: '{print $3}'` + PPROXY_LISTEN="INADDR_ANY:$plisten"; export PPROXY_LISTEN + PPROXY_PROXY="vencrypt://$localhost:$pstunnel"; export PPROXY_PROXY + PPROXY_DEST="$localhost:$pstunnel"; export PPROXY_DEST + STUNNEL_ONCE=1; export STUNNEL_ONCE + STUNNEL_MAX_CLIENTS=1; export STUNNEL_MAX_CLIENTS + else + PPROXY_REVERSE="$localhost:$port"; export PPROXY_REVERSE + PPROXY_SLEEP=1; export PPROXY_SLEEP; + fi PPROXY_KILLPID=+1; export PPROXY_KILLPID; $ptmp & fi diff --git a/classes/ssl/ultravnc-102-JavaViewer-ssl-etc.patch b/classes/ssl/ultravnc-102-JavaViewer-ssl-etc.patch index 3720673..8ee3129 100644 --- a/classes/ssl/ultravnc-102-JavaViewer-ssl-etc.patch +++ b/classes/ssl/ultravnc-102-JavaViewer-ssl-etc.patch @@ -121,7 +121,7 @@ diff -Naur JavaViewer.orig/ButtonPanel.java JavaViewer/ButtonPanel.java } diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java --- JavaViewer.orig/FTPFrame.java 2005-03-15 23:53:14.000000000 -0500 -+++ JavaViewer/FTPFrame.java 2008-10-04 18:09:36.000000000 -0400 ++++ JavaViewer/FTPFrame.java 2009-01-11 12:10:06.000000000 -0500 @@ -24,8 +24,17 @@ import java.io.*; import java.util.ArrayList; @@ -244,7 +244,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java // Loop through the string to create a String[] for (int i = 0; i < size; i = i + 3) { -@@ -150,26 +231,52 @@ +@@ -150,26 +231,62 @@ driveType = str.substring(i + 2, i + 3); if (driveType.compareTo("f") == 0) drive[i / 3] += "\\ Floppy"; @@ -265,11 +265,21 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java remoteDrivesComboBox.addItem(drive[i / 3]); +System.out.println("ComboBox: Add " + idx + " '" + drive[i/3] + "'"); + idx++; - } ++ } + + // runge -+ remoteDrivesComboBox.addItem(" [My Documents]"); -+ remoteDrivesComboBox.addItem(" [Desktop]"); ++ if (viewer.ftpDropDown != null) { ++ String[] dd = viewer.ftpDropDown.split("\\."); ++ for (int i=0; i < dd.length; i++) { ++ if (!dd[i].equals("")) { ++ remoteDrivesComboBox.addItem(" [" + dd[i] + "]"); ++ } ++ } ++ } else { ++ remoteDrivesComboBox.addItem(" [My Documents]"); ++ remoteDrivesComboBox.addItem(" [Desktop]"); ++ remoteDrivesComboBox.addItem(" [Home]"); + } + //sf@ - Select Drive C:as default if possible boolean bFound = false; @@ -303,7 +313,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java updateDriveList = false; return drive; } -@@ -185,6 +292,8 @@ +@@ -185,6 +302,8 @@ stopButton.setVisible(true); stopButton.setEnabled(true); receiveButton.setEnabled(false); @@ -312,7 +322,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java remoteTopButton.setEnabled(false); sendButton.setEnabled(false); remoteFileTable.setEnabled(false); -@@ -207,6 +316,8 @@ +@@ -207,6 +326,8 @@ stopButton.setVisible(false); stopButton.setEnabled(false); receiveButton.setEnabled(true); @@ -321,7 +331,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java remoteTopButton.setEnabled(true); sendButton.setEnabled(true); remoteFileTable.setEnabled(true); -@@ -221,10 +332,11 @@ +@@ -221,10 +342,11 @@ /* * Print Directory prints out all the contents of a directory */ @@ -334,7 +344,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } remoteFileTable.setListData(remoteList); } -@@ -235,10 +347,12 @@ +@@ -235,10 +357,12 @@ * @return void */ private void initialize() { @@ -348,7 +358,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java /** * This method initializes jContentPane. This is the main content pane * -@@ -253,6 +367,33 @@ +@@ -253,6 +377,33 @@ jContentPane.add(getRemotePanel(), java.awt.BorderLayout.EAST); jContentPane.add(getLocalPanel(), java.awt.BorderLayout.WEST); jContentPane.add(getButtonPanel(), java.awt.BorderLayout.CENTER); @@ -382,7 +392,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return jContentPane; } -@@ -270,6 +411,7 @@ +@@ -270,6 +421,7 @@ topPanelLocal.add(getLocalMachineLabel(), java.awt.BorderLayout.CENTER); topPanelLocal.add(getLocalTopButton(), java.awt.BorderLayout.EAST); topPanelLocal.setBackground(java.awt.Color.lightGray); @@ -390,7 +400,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return topPanelLocal; } -@@ -288,6 +430,7 @@ +@@ -288,6 +440,7 @@ topPanelRemote.add(getRemoteMachineLabel(), java.awt.BorderLayout.CENTER); topPanelRemote.add(getRemoteTopButton(), java.awt.BorderLayout.EAST); topPanelRemote.setBackground(java.awt.Color.lightGray); @@ -398,7 +408,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return topPanelRemote; } -@@ -301,6 +444,7 @@ +@@ -301,6 +454,7 @@ if (topPanelCenter == null) { topPanelCenter = new javax.swing.JPanel(); topPanelCenter.add(getDummyButton(), null); @@ -406,7 +416,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return topPanelCenter; } -@@ -328,6 +472,7 @@ +@@ -328,6 +482,7 @@ topPanel.add(getRemoteTopButton(), null); topPanel.setBackground(java.awt.Color.lightGray); */ @@ -414,7 +424,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return topPanel; } -@@ -348,6 +493,7 @@ +@@ -348,6 +503,7 @@ statusPanel.add(getJProgressBar(), null); statusPanel.add(getConnectionStatus(), null); statusPanel.setBackground(java.awt.Color.lightGray); @@ -422,7 +432,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return statusPanel; -@@ -368,6 +514,7 @@ +@@ -368,6 +524,7 @@ remotePanel.add(getRemoteScrollPane(), null); remotePanel.add(getRemoteStatus(), null); remotePanel.setBackground(java.awt.Color.lightGray); @@ -430,7 +440,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return remotePanel; } -@@ -390,6 +537,7 @@ +@@ -390,6 +547,7 @@ localPanel.setComponentOrientation( java.awt.ComponentOrientation.UNKNOWN); localPanel.setName("localPanel"); @@ -438,7 +448,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return localPanel; } -@@ -405,12 +553,15 @@ +@@ -405,12 +563,15 @@ buttonPanel = new javax.swing.JPanel(); buttonPanel.setLayout(null); buttonPanel.add(getReceiveButton(), null); @@ -454,7 +464,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return buttonPanel; } -@@ -422,10 +573,11 @@ +@@ -422,10 +583,11 @@ private javax.swing.JButton getSendButton() { if (sendButton == null) { sendButton = new javax.swing.JButton(); @@ -467,7 +477,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return sendButton; -@@ -438,7 +590,7 @@ +@@ -438,7 +600,7 @@ private javax.swing.JButton getReceiveButton() { if (receiveButton == null) { receiveButton = new javax.swing.JButton(); @@ -476,7 +486,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java receiveButton.setText("<< Receive"); receiveButton.setName("receiveButton"); receiveButton.addActionListener(this); -@@ -453,7 +605,7 @@ +@@ -453,7 +615,7 @@ private javax.swing.JButton getDeleteButton() { if (deleteButton == null) { deleteButton = new javax.swing.JButton(); @@ -485,7 +495,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java deleteButton.setText("Delete File"); deleteButton.setName("deleteButton"); deleteButton.addActionListener(this); -@@ -468,7 +620,7 @@ +@@ -468,7 +630,7 @@ private javax.swing.JButton getNewFolderButton() { if (newFolderButton == null) { newFolderButton = new javax.swing.JButton(); @@ -494,7 +504,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java newFolderButton.setText("New Folder"); newFolderButton.setName("newFolderButton"); newFolderButton.addActionListener(this); -@@ -476,6 +628,39 @@ +@@ -476,6 +638,39 @@ return newFolderButton; } @@ -534,7 +544,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java /** * This method initializes stopButton * -@@ -486,7 +671,7 @@ +@@ -486,7 +681,7 @@ if (stopButton == null) { stopButton = new javax.swing.JButton(); @@ -543,7 +553,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java stopButton.setText("Stop"); stopButton.setName("stopButton"); stopButton.addActionListener(this); -@@ -503,8 +688,12 @@ +@@ -503,8 +698,12 @@ private javax.swing.JButton getCloseButton() { if (closeButton == null) { closeButton = new javax.swing.JButton(); @@ -558,7 +568,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java closeButton.setName("closeButton"); closeButton.addActionListener(this); } -@@ -551,6 +740,7 @@ +@@ -551,6 +750,7 @@ //Select the second entry (e.g. C:\) // localDrivesComboBox.setSelectedIndex(1); localDrivesComboBox.addActionListener(this); @@ -566,7 +576,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } updateDriveList = false; return localDrivesComboBox; -@@ -567,6 +757,7 @@ +@@ -567,6 +767,7 @@ remoteDrivesComboBox.setFont( new java.awt.Font("Dialog", java.awt.Font.PLAIN, 10)); remoteDrivesComboBox.addActionListener(this); @@ -574,7 +584,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return remoteDrivesComboBox; -@@ -587,6 +778,7 @@ +@@ -587,6 +788,7 @@ localMachineLabel.setFont( new java.awt.Font("Dialog", java.awt.Font.BOLD, 11)); localMachineLabel.setEditable(false); @@ -582,7 +592,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return localMachineLabel; } -@@ -622,6 +814,7 @@ +@@ -622,6 +824,7 @@ localTopButton.setFont( new java.awt.Font("Dialog", java.awt.Font.BOLD, 10)); localTopButton.addActionListener(this); @@ -590,7 +600,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return localTopButton; } -@@ -638,6 +831,7 @@ +@@ -638,6 +841,7 @@ remoteTopButton.setFont( new java.awt.Font("Dialog", java.awt.Font.BOLD, 10)); remoteTopButton.addActionListener(this); @@ -598,7 +608,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return remoteTopButton; } -@@ -650,9 +844,24 @@ +@@ -650,9 +854,24 @@ private javax.swing.JList getLocalFileTable() { if (localFileTable == null) { localList = new Vector(0); @@ -623,7 +633,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return localFileTable; } -@@ -669,6 +878,7 @@ +@@ -669,6 +888,7 @@ localScrollPane.setFont( new java.awt.Font("Dialog", java.awt.Font.PLAIN, 10)); localScrollPane.setName("localFileList"); @@ -631,7 +641,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return localScrollPane; } -@@ -680,10 +890,25 @@ +@@ -680,10 +900,25 @@ private javax.swing.JList getRemoteFileTable() { if (remoteFileTable == null) { remoteList = new Vector(0); @@ -657,7 +667,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return remoteFileTable; -@@ -698,6 +923,7 @@ +@@ -698,6 +933,7 @@ remoteScrollPane = new javax.swing.JScrollPane(); remoteScrollPane.setViewportView(getRemoteFileTable()); remoteScrollPane.setPreferredSize(new java.awt.Dimension(325, 418)); @@ -665,7 +675,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return remoteScrollPane; } -@@ -716,6 +942,7 @@ +@@ -716,6 +952,7 @@ remoteLocation.setBackground(new Color(255,255,238)); remoteLocation.setFont( new java.awt.Font("Dialog", java.awt.Font.PLAIN, 10)); @@ -673,7 +683,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return remoteLocation; } -@@ -732,6 +959,7 @@ +@@ -732,6 +969,7 @@ localLocation.setBackground( new Color(255,255,238)); localLocation.setFont( new java.awt.Font("Dialog", java.awt.Font.PLAIN, 10)); @@ -681,7 +691,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return localLocation; } -@@ -748,6 +976,7 @@ +@@ -748,6 +986,7 @@ localStatus.setFont( new java.awt.Font("Dialog", java.awt.Font.PLAIN, 10)); localStatus.setEditable(false); @@ -689,7 +699,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return localStatus; } -@@ -764,6 +993,7 @@ +@@ -764,6 +1003,7 @@ remoteStatus.setFont( new java.awt.Font("Dialog", java.awt.Font.PLAIN, 10)); remoteStatus.setEditable(false); @@ -697,7 +707,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return remoteStatus; } -@@ -777,9 +1007,10 @@ +@@ -777,9 +1017,10 @@ historyComboBox = new javax.swing.JComboBox(); historyComboBox.setFont( new java.awt.Font("Dialog", java.awt.Font.BOLD, 10)); @@ -709,7 +719,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return historyComboBox; } -@@ -791,6 +1022,7 @@ +@@ -791,6 +1032,7 @@ private javax.swing.JProgressBar getJProgressBar() { if (jProgressBar == null) { jProgressBar = new javax.swing.JProgressBar(); @@ -717,7 +727,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } return jProgressBar; } -@@ -806,6 +1038,7 @@ +@@ -806,6 +1048,7 @@ connectionStatus.setBackground(java.awt.Color.lightGray); connectionStatus.setFont( new java.awt.Font("Dialog", java.awt.Font.PLAIN, 10)); @@ -725,7 +735,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } connectionStatus.setEditable(false); return connectionStatus; -@@ -815,7 +1048,12 @@ +@@ -815,7 +1058,12 @@ * Implements Action listener. */ public void actionPerformed(ActionEvent evt) { @@ -739,7 +749,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java if (evt.getSource() == closeButton) { // Close Button -@@ -829,15 +1067,27 @@ +@@ -829,15 +1077,27 @@ { doReceive(); } @@ -769,7 +779,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } else if (evt.getSource() == localTopButton) { -@@ -845,12 +1095,17 @@ +@@ -845,12 +1105,17 @@ } else if (evt.getSource() == remoteTopButton) { @@ -787,7 +797,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java else if(evt.getSource()==newFolderButton) { doNewFolder(); -@@ -864,7 +1119,7 @@ +@@ -864,7 +1129,7 @@ private void doNewFolder() { @@ -796,7 +806,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java if(selectedTable.equals("remote")) { name = remoteLocation.getText()+name; -@@ -880,34 +1135,106 @@ +@@ -880,34 +1145,106 @@ historyComboBox.setSelectedIndex(0); } } @@ -913,7 +923,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java return; } -@@ -916,7 +1243,7 @@ +@@ -916,7 +1253,7 @@ // sf@2004 - Delete prompt if (remoteList.contains(sFileName)) { @@ -922,7 +932,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java if (r == JOptionPane.NO_OPTION) return; } -@@ -926,18 +1253,22 @@ +@@ -926,18 +1263,22 @@ } else { @@ -948,7 +958,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java if (r == JOptionPane.NO_OPTION) return; } -@@ -952,21 +1283,25 @@ +@@ -952,21 +1293,25 @@ private void doReceive() { @@ -978,7 +988,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java if (r == JOptionPane.NO_OPTION) return; } -@@ -979,23 +1314,101 @@ +@@ -979,23 +1324,101 @@ viewer.rfb.requestRemoteFile(remoteFileName,localDestinationPath); } @@ -1084,7 +1094,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java if (r == JOptionPane.NO_OPTION) return; } -@@ -1013,6 +1426,7 @@ +@@ -1013,6 +1436,7 @@ // private void doStop() { @@ -1092,7 +1102,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java viewer.rfb.fAbort = true; } /** -@@ -1024,6 +1438,14 @@ +@@ -1024,6 +1448,14 @@ System.out.println("History: " + message); historyComboBox.insertItemAt(new String(message), 0); } @@ -1107,7 +1117,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java /** * This method updates the file table to the current selection of the remoteComboBox -@@ -1034,11 +1456,41 @@ +@@ -1034,11 +1466,44 @@ remoteSelection = null; if (!updateDriveList) { @@ -1128,6 +1138,9 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java + } else { + drive = instr.substring(2); + } ++ if (drive.equals("Home")) { ++ drive = ""; ++ } + drive += "\\"; + doingShortcutDir = true; + } else { @@ -1152,7 +1165,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java remoteFileTable.setListData(remoteList); } /** -@@ -1048,6 +1500,7 @@ +@@ -1048,6 +1513,7 @@ private void changeLocalDrive() { File currentDrive = new File(localDrivesComboBox.getSelectedItem().toString()); @@ -1160,7 +1173,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java if(currentDrive.canRead()) { localSelection = null; -@@ -1057,9 +1510,11 @@ +@@ -1057,9 +1523,11 @@ else { localList.clear(); @@ -1172,7 +1185,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } /** * Determines which FileTable was double-clicked and updates the table -@@ -1098,10 +1553,18 @@ +@@ -1098,10 +1566,18 @@ selectedTable = "remote"; localFileTable.setBackground(new Color(238, 238, 238)); remoteFileTable.setBackground(new Color(255, 255, 255)); @@ -1193,7 +1206,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } /* -@@ -1115,10 +1578,38 @@ +@@ -1115,10 +1591,38 @@ localFileTable.setBackground(new Color(255, 255, 255)); File currentSelection = new File(currentLocalDirectory, getTrimmedSelection()); @@ -1233,7 +1246,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java /** * Updates the Remote File Table based on selection. Called from mouseClicked handler */ -@@ -1126,20 +1617,29 @@ +@@ -1126,20 +1630,29 @@ String name = null; String action = null; String drive = null; @@ -1265,7 +1278,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java remoteFileTable.setListData(remoteList); } else if (!name.substring(0, 2).equals(" [") && !name.substring((name.length() - 1), name.length()).equals("]")) -@@ -1149,6 +1649,7 @@ +@@ -1149,6 +1662,7 @@ remoteSelection = remoteLocation.getText() + name.substring(0, name.length()); drive = remoteLocation.getText(); // ?? @@ -1273,7 +1286,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } else { -@@ -1159,10 +1660,12 @@ +@@ -1159,10 +1673,12 @@ remoteLocation.setText(drive); viewer.rfb.readServerDirectory(drive); remoteList.clear(); @@ -1286,7 +1299,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java /** * Updates the Local File Table based on selection. Called from MouseClicked handler */ -@@ -1188,6 +1691,7 @@ +@@ -1188,6 +1704,7 @@ else if (currentSelection.isFile()) { localSelection = currentSelection.getAbsoluteFile(); @@ -1294,7 +1307,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } else if (currentSelection.isDirectory()) { -@@ -1201,13 +1705,22 @@ +@@ -1201,13 +1718,22 @@ * */ private String getTrimmedSelection(){ @@ -1324,7 +1337,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java } /* -@@ -1241,36 +1754,148 @@ +@@ -1241,36 +1767,148 @@ return null; } @@ -1481,7 +1494,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java FilesList.clear(); DirsList.clear(); -@@ -1296,3 +1921,147 @@ +@@ -1296,3 +1934,147 @@ } } // @jve:visual-info decl-index=0 visual-constraint="10,10" @@ -4208,7 +4221,7 @@ diff -Naur JavaViewer.orig/VncCanvas.java JavaViewer/VncCanvas.java result = 0; // Transparent pixel diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java --- JavaViewer.orig/VncViewer.java 2006-05-24 15:14:40.000000000 -0400 -+++ JavaViewer/VncViewer.java 2008-09-14 10:36:37.000000000 -0400 ++++ JavaViewer/VncViewer.java 2009-01-11 12:28:55.000000000 -0500 @@ -80,11 +80,11 @@ GridBagLayout gridbag; ButtonPanel buttonPanel; @@ -4232,7 +4245,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java String passwordParam; String encPasswordParam; boolean showControls; -@@ -115,28 +115,67 @@ +@@ -115,28 +115,68 @@ int i; // mslogon support 2 end @@ -4243,6 +4256,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java +String urlPrefix; +String httpsPort; +String oneTimeKey; ++String ftpDropDown; +boolean forceProxy; +boolean ignoreProxy; +boolean trustAllVncCerts; @@ -4306,7 +4320,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java // authenticator = new AuthPanel(false); // mslogon support : go to connectAndAuthenticate() if (RecordingFrame.checkSecurity()) rec = new RecordingFrame(this); -@@ -147,10 +186,11 @@ +@@ -147,10 +187,11 @@ cursorUpdatesDef = null; eightBitColorsDef = null; @@ -4320,7 +4334,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java rfbThread = new Thread(this); rfbThread.start(); } -@@ -186,6 +226,30 @@ +@@ -186,6 +227,30 @@ gbc.weightx = 1.0; gbc.weighty = 1.0; @@ -4351,7 +4365,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java // Add ScrollPanel to applet mode // Create a panel which itself is resizeable and can hold -@@ -286,6 +350,24 @@ +@@ -286,6 +351,24 @@ void connectAndAuthenticate() throws Exception { @@ -4376,7 +4390,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java // If "ENCPASSWORD" parameter is set, decrypt the password into // the passwordParam string. -@@ -336,7 +418,22 @@ +@@ -336,7 +419,22 @@ // @@ -4400,7 +4414,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java authenticator = new AuthPanel(mslogon); -@@ -390,6 +487,10 @@ +@@ -390,6 +488,10 @@ break; //mslogon support end @@ -4411,7 +4425,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java // Retry on authentication failure. authenticator.retry(); } -@@ -405,9 +506,11 @@ +@@ -405,9 +507,11 @@ void prologueDetectAuthProtocol() throws Exception { @@ -4425,7 +4439,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java System.out.println("RFB server supports protocol version " + rfb.serverMajor + "." + rfb.serverMinor); -@@ -431,16 +534,36 @@ +@@ -431,16 +535,36 @@ boolean tryAuthenticate(String us, String pw) throws Exception { @@ -4468,7 +4482,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java switch (authScheme) { -@@ -629,6 +752,10 @@ +@@ -629,6 +753,10 @@ void doProtocolInitialisation() throws IOException { @@ -4479,7 +4493,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java rfb.writeClientInit(); rfb.readServerInit(); -@@ -775,8 +902,25 @@ +@@ -775,8 +903,25 @@ } } @@ -4507,7 +4521,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java if (inAnApplet) { str = readParameter("Open New Window", false); -@@ -804,6 +948,95 @@ +@@ -804,6 +949,105 @@ deferScreenUpdates = readIntParameter("Defer screen updates", 20); deferCursorUpdates = readIntParameter("Defer cursor updates", 10); deferUpdateRequests = readIntParameter("Defer update requests", 50); @@ -4549,6 +4563,16 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java + } + System.out.println("urlPrefix: '" + urlPrefix + "'"); + ++ ftpDropDown = readParameter("ftpDropDown", false); ++ if (ftpDropDown != null) { ++ ftpDropDown = ftpDropDown.replaceAll("%2F", "/"); ++ ftpDropDown = ftpDropDown.replaceAll("%2f", "/"); ++ ftpDropDown = ftpDropDown.replaceAll("_2F_", "/"); ++ ftpDropDown = ftpDropDown.replaceAll("%20", " "); ++ System.out.println("ftpDropDown: '" + ftpDropDown + "'"); ++ } ++ ++ + oneTimeKey = readParameter("oneTimeKey", false); + if (oneTimeKey != null) { + System.out.println("oneTimeKey: is set"); |
