diff options
| author | runge <runge> | 2006-04-16 18:31:48 +0000 |
|---|---|---|
| committer | runge <runge> | 2006-04-16 18:31:48 +0000 |
| commit | 0ef122b61c4bc1f0652cd98fcc331e484b00ea0f (patch) | |
| tree | d192e55f2d6ac15518913ab428d46e9583f02689 /classes/ssl | |
| parent | d14cf0a84c88a02222caad1692228584b610aacc (diff) | |
| download | libvncserver-0ef122b61c4bc1f0652cd98fcc331e484b00ea0f.zip libvncserver-0ef122b61c4bc1f0652cd98fcc331e484b00ea0f.tar.gz | |
Apache SSL gateway. More web proxy cases for Java and ssl_vncviewer.
Diffstat (limited to 'classes/ssl')
| -rw-r--r-- | classes/ssl/SignedVncViewer.jar | bin | 73493 -> 75021 bytes | |||
| -rw-r--r-- | classes/ssl/VncViewer.jar | bin | 70763 -> 72295 bytes | |||
| -rwxr-xr-x | classes/ssl/ssl_vncviewer | 170 | ||||
| -rw-r--r-- | classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch | 373 |
4 files changed, 454 insertions, 89 deletions
diff --git a/classes/ssl/SignedVncViewer.jar b/classes/ssl/SignedVncViewer.jar Binary files differindex 20b3ddc..292e163 100644 --- a/classes/ssl/SignedVncViewer.jar +++ b/classes/ssl/SignedVncViewer.jar diff --git a/classes/ssl/VncViewer.jar b/classes/ssl/VncViewer.jar Binary files differindex 116f49c..fa7d8fa 100644 --- a/classes/ssl/VncViewer.jar +++ b/classes/ssl/VncViewer.jar diff --git a/classes/ssl/ssl_vncviewer b/classes/ssl/ssl_vncviewer index 4f69a1c..8bbbe29 100755 --- a/classes/ssl/ssl_vncviewer +++ b/classes/ssl/ssl_vncviewer @@ -1,6 +1,8 @@ #!/bin/sh # -# ssl_vncviewer: wrapper for vncviewer to use stunnel SSL tunnel. +# ssl_vncviewer: wrapper for vncviewer to use an stunnel SSL tunnel. +# +# Copyright (c) 2006 by Karl J. Runge <runge@karlrunge.com> # # You must have stunnel(8) installed on the system and in your # PATH (n.b. stunnel is usually in an sbin subdir). @@ -16,6 +18,7 @@ # [cert-args] can be: # -verify /path/to/cacert.pem # -mycert /path/to/mycert.pem +# -proxy host:port # # -verify specifies a CA cert PEM file (or a self-signed one) for # authenticating the VNC server. @@ -23,12 +26,19 @@ # -mycert specifies this client's cert+key PEM file for the VNC server to # authenticate this client. # +# -proxy try host:port as a Web proxy to use the CONNECT method +# to reach the VNC server (e.g. your firewall requires a proxy). +# For the "double proxy" case use -proxy host1:port1,host2:port2 +# +# +# set VNCVIEWERCMD to whatever vncviewer command you want to use: +# +VNCVIEWERCMD=${VNCVIEWERCMD:-vncviewer} -VNCVIEWERCMD="vncviewer" PATH=$PATH:/usr/sbin:/usr/local/sbin:/dist/sbin; export PATH help() { - head -26 $0 | tail +2 + head -36 $0 | tail +2 } # grab our cmdline options: @@ -39,6 +49,8 @@ do ;; "-mycert") shift; mycert="$1" ;; + "-proxy") shift; proxy="$1" + ;; "-h"*) help; exit 0 ;; *) break @@ -59,12 +71,19 @@ host=`echo "$orig" | awk -F: '{print $1}'` disp=`echo "$orig" | awk -F: '{print $2}'` if [ $disp -lt 200 ]; then port=`expr $disp + 5900` +else + port=$disp fi # try to find an open listening port via netstat(1): use="" +inuse="" if uname | grep Linux > /dev/null; then inuse=`netstat -ant | grep LISTEN | awk '{print $4}' | sed 's/^.*://'` +elif uname | grep SunOS > /dev/null; then + inuse=`netstat -an -f inet -P tcp | grep LISTEN | awk '{print $1}' | sed 's/^.*\.//'` +fi +if [ "x$inuse" != "x" ]; then try=5920 while [ $try -lt 6000 ] do @@ -95,6 +114,145 @@ if [ "X$mycert" != "X" ]; then cert="cert = $mycert" fi +pcode() { + tf=$1 + SSL_VNC_PROXY=$proxy; export SSL_VNC_PROXY + SSL_VNC_DEST="$host:$port"; export SSL_VNC_DEST + cod='#!/usr/bin/perl + +# A hack to glue stunnel to a Web proxy for client connections. + +use IO::Socket::INET; + +my ($first, $second) = split(/,/, $ENV{SSL_VNC_PROXY}); +my ($proxy_host, $proxy_port) = split(/:/, $first); +my $connect = $ENV{SSL_VNC_DEST}; + +print STDERR "\nperl script for web proxing:\n"; +print STDERR "proxy_host: $proxy_host\n"; +print STDERR "proxy_port: $proxy_port\n"; +print STDERR "proxy_connect: $connect\n"; + +my $sock = IO::Socket::INET->new( + PeerAddr => $proxy_host, + PeerPort => $proxy_port, + Proto => "tcp"); + +if (! $sock) { + unlink($0); + die "perl proxy: $!\n"; +} + +my $con = ""; +if ($second ne "") { + $con = "CONNECT $second HTTP/1.1\r\n"; + $con .= "Host: $second\r\n\r\n"; +} else { + $con = "CONNECT $connect HTTP/1.1\r\n"; + $con .= "Host: $connect\r\n\r\n"; +} + +print STDERR "proxy_request1:\n$con"; +print $sock $con; + +unlink($0); + +my $rep = ""; +while ($rep !~ /\r\n\r\n/) { + my $c = getc($sock); + print STDERR $c; + $rep .= $c; +} +if ($rep !~ m,HTTP/.* 200,) { + die "proxy error: $rep\n"; +} + +if ($second ne "") { + $con = "CONNECT $connect HTTP/1.1\r\n"; + $con .= "Host: $connect\r\n\r\n"; + print STDERR "proxy_request2:\n$con"; + + print $sock $con; + + $rep = ""; + while ($rep !~ /\r\n\r\n/) { + my $c = getc($sock); + print STDERR $c; + $rep .= $c; + } + if ($rep !~ m,HTTP/.* 200,) { + die "proxy error: $rep\n"; + } +} + +if (fork) { + print STDERR "parent\[$$] STDIN -> socket\n\n"; + xfer(STDIN, $sock); +} else { + print STDERR "child \[$$] socket -> STDOUT\n\n"; + xfer($sock, STDOUT); +} +exit; + +sub xfer { + my($in, $out) = @_; + $RIN = $WIN = $EIN = ""; + $ROUT = ""; + vec($RIN, fileno($in), 1) = 1; + vec($WIN, fileno($in), 1) = 1; + $EIN = $RIN | $WIN; + + while (1) { + my $nf = 0; + while (! $nf) { + $nf = select($ROUT=$RIN, undef, undef, undef); + } + my $len = sysread($in, $buf, 8192); + if (! defined($len)) { + next if $! =~ /^Interrupted/; + print STDERR "perl proxy\[$$]: $!\n"; + last; + } elsif ($len == 0) { + print STDERR "perl proxy\[$$]: Input is EOF.\n"; + last; + } + my $offset = 0; + my $quit = 0; + while ($len) { + my $written = syswrite($out, $buf, $len, $offset); + if (! defined $written) { + print STDERR "perl proxy\[$$]: Output is EOF. $!\n"; + $quit = 1; + last; + } + $len -= $written; + $offset += $written; + } + last if $quit; + } + close($in); + close($out); +} +' + rm -f $tf + if [ -f $tf ]; then + echo "$tf still exists!" + exit 1 + fi + echo "$cod" > $tf + chmod 700 $tf +} + +ptmp="" +if [ "X$proxy" != "X" ]; then + ptmp="/tmp/ssl_vncviewer.$$.pl" + pcode $ptmp + connect="exec = $ptmp" +else + connect="connect = $host:$port" +fi + + ##debug = 7 tmp=/tmp/ssl_vncviewer.$$ cat > $tmp <<END @@ -106,12 +264,13 @@ $cert [vnc_stunnel] accept = $use -connect= $host:$port +$connect END echo "" echo "Using this stunnel configuration:" -cat $tmp +echo "" +cat $tmp | uniq echo "" sleep 1 @@ -140,3 +299,4 @@ else fi kill $pid +sleep 1 diff --git a/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch b/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch index 298f7f9..e579a57 100644 --- a/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch +++ b/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch @@ -38,34 +38,43 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/Makefile vnc_javasrc/Makefile @$(ExportJavaClasses) diff -x VncCanvas.java -Naur vnc_javasrc.orig/RfbProto.java vnc_javasrc/RfbProto.java --- vnc_javasrc.orig/RfbProto.java 2004-03-04 08:34:25.000000000 -0500 -+++ vnc_javasrc/RfbProto.java 2006-04-03 11:22:30.000000000 -0400 ++++ vnc_javasrc/RfbProto.java 2006-04-16 11:17:37.000000000 -0400 @@ -199,7 +199,21 @@ host = h; port = p; - if (viewer.socketFactory == null) { + if (! viewer.disableSSL) { -+ System.out.println("new SSLSocketToMe"); -+ SSLSocketToMe ssl; -+ try { -+ ssl = new SSLSocketToMe(host, port, v); -+ } catch (Exception e) { -+ throw new IOException(e.getMessage()); -+ } -+ -+ try { -+ sock = ssl.connectSock(); -+ } catch (Exception es) { -+ throw new IOException(es.getMessage()); -+ } ++ System.out.println("new SSLSocketToMe"); ++ SSLSocketToMe ssl; ++ try { ++ ssl = new SSLSocketToMe(host, port, v); ++ } catch (Exception e) { ++ throw new IOException(e.getMessage()); ++ } ++ ++ try { ++ sock = ssl.connectSock(); ++ } catch (Exception es) { ++ throw new IOException(es.getMessage()); ++ } + } else if (viewer.socketFactory == null) { sock = new Socket(host, port); } else { try { +@@ -255,7 +269,7 @@ + || (b[10] < '0') || (b[10] > '9') || (b[11] != '\n')) + { + throw new Exception("Host " + host + " port " + port + +- " is not an RFB server"); ++ " is not an RFB server: " + b); + } + + serverMajor = (b[4] - '0') * 100 + (b[5] - '0') * 10 + (b[6] - '0'); diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSLSocketToMe.java --- vnc_javasrc.orig/SSLSocketToMe.java 1969-12-31 19:00:00.000000000 -0500 -+++ vnc_javasrc/SSLSocketToMe.java 2006-04-04 13:17:39.000000000 -0400 -@@ -0,0 +1,1040 @@ ++++ vnc_javasrc/SSLSocketToMe.java 2006-04-16 11:21:30.000000000 -0400 +@@ -0,0 +1,1204 @@ +/* + * SSLSocketToMe.java: add SSL encryption to Java VNC Viewer. + * @@ -111,10 +120,14 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL + + /* fallback for Proxy connection */ + boolean proxy_in_use = false; ++ boolean proxy_is_https = false; + boolean proxy_failure = false; + public DataInputStream is = null; + public OutputStream os = null; + ++ String proxy_dialog_host = null; ++ int proxy_dialog_port = 0; ++ + Socket proxySock; + DataInputStream proxy_is; + OutputStream proxy_os; @@ -149,7 +162,6 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL + + /* create trust managers used if initial handshake fails: */ + -+ + trustAllCerts = new TrustManager[] { + /* + * this one accepts everything. @@ -349,15 +361,17 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL + return false; + } + -+ public Socket connectSock() throws IOException { ++ public void check_for_proxy() { ++ ++ boolean result = false; ++ String ustr = "https://" + host + ":" + port; ++ ustr += viewer.urlPrefix + "/check.https.proxy.connection"; ++ ++ trusturlCerts = null; ++ proxy_in_use = false; + -+ /* -+ * first try a https connection to detect a proxy, and -+ * also grab the VNC server cert. -+ */ -+ URL url = new URL("https://" + host + ":" + port + -+ "/check.https.proxy.connection"); + try { ++ URL url = new URL(ustr); + HttpsURLConnection https = (HttpsURLConnection) + url.openConnection(); + @@ -374,15 +388,59 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL + + if (https.usingProxy()) { + proxy_in_use = true; ++ proxy_is_https = true; + dbg("HTTPS proxy in use. There may be connection problems."); + } + Object output = https.getContent(); + https.disconnect(); ++ result = true; ++ ++ } catch(Exception e) { ++ dbg("HttpsURLConnection: " + e.getMessage()); ++ } ++ ++ if (proxy_in_use) { ++ return; ++ } ++ ++ ustr = "http://" + host + ":" + port; ++ ustr += viewer.urlPrefix + "/index.vnc"; ++ ++ try { ++ URL url = new URL(ustr); ++ HttpURLConnection http = (HttpURLConnection) ++ url.openConnection(); ++ ++ http.setUseCaches(false); ++ http.setRequestMethod("GET"); ++ http.setRequestProperty("Pragma", "No-Cache"); ++ http.setRequestProperty("Proxy-Connection", ++ "Keep-Alive"); ++ http.setDoInput(true); ++ ++ http.connect(); ++ ++ if (http.usingProxy()) { ++ proxy_in_use = true; ++ proxy_is_https = false; ++ dbg("HTTP proxy in use. There may be connection problems."); ++ } ++ Object output = http.getContent(); ++ http.disconnect(); + + } catch(Exception e) { -+ trusturlCerts = null; ++ dbg("HttpURLConnection: " + e.getMessage()); + } ++ } + ++ public Socket connectSock() throws IOException { ++ ++ /* ++ * first try a https connection to detect a proxy, and ++ * also grab the VNC server cert. ++ */ ++ check_for_proxy(); ++ + if (use_url_cert_for_auth && trusturlCerts != null) { + factory = trusturl_ctx.getSocketFactory(); + } else { @@ -391,11 +449,23 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL + + socket = null; + try { ++ if (proxy_in_use && viewer.forceProxy) { ++ throw new Exception("forcing proxy (forceProxy)"); ++ } else if (viewer.CONNECT != null) { ++ throw new Exception("forcing CONNECT"); ++ } ++ + socket = (SSLSocket) factory.createSocket(host, port); ++ + } catch (Exception esock) { -+ if (proxy_in_use) { ++ dbg("esock: " + esock.getMessage()); ++ if (proxy_in_use || viewer.CONNECT != null) { + proxy_failure = true; -+ dbg("HTTPS proxy in use. Trying to go with it."); ++ if (proxy_in_use) { ++ dbg("HTTPS proxy in use. Trying to go with it."); ++ } else { ++ dbg("viewer.CONNECT reverse proxy in use. Trying to go with it."); ++ } + try { + socket = proxy_socket(factory); + } catch (Exception e) { @@ -522,6 +592,31 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL + } + } + ++ if (socket != null && viewer.GET != null) { ++ String str = "GET "; ++ str += viewer.urlPrefix; ++ str += "/request.https.vnc.connection"; ++ str += " HTTP/1.0\r\n"; ++ str += "Pragma: No-Cache\r\n"; ++ str += "\r\n"; ++ System.out.println("sending GET: " + str); ++ OutputStream os = socket.getOutputStream(); ++ os.write(str.getBytes()); ++ os.flush(); ++ if (false) { ++ String rep = ""; ++ DataInputStream is = new DataInputStream( ++ new BufferedInputStream(socket.getInputStream(), 16384)); ++ while (true) { ++ rep += readline(is); ++ if (rep.indexOf("\r\n\r\n") >= 0) { ++ break; ++ } ++ } ++ System.out.println("rep: " + rep); ++ } ++ } ++ + dbg("SSL returning socket to caller."); + return (Socket) socket; + } @@ -532,10 +627,24 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL + } + } + ++ private int gint(String s) { ++ int n = -1; ++ try { ++ Integer I = new Integer(s); ++ n = I.intValue(); ++ } catch (Exception ex) { ++ return -1; ++ } ++ return n; ++ } ++ + public SSLSocket proxy_socket(SSLSocketFactory factory) { + Properties props = null; + String proxyHost = null; + int proxyPort = 0; ++ String proxyHost_nossl = null; ++ int proxyPort_nossl = 0; ++ String str; + + /* see if we can guess the proxy info from Properties: */ + try { @@ -548,16 +657,33 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL + props.list(System.out); + dbg("\n---------------\n\n"); + -+ for (Enumeration e = props.propertyNames(); e.hasMoreElements(); ) { ++ for (Enumeration e = props.propertyNames(); e.hasMoreElements(); ) { + String s = (String) e.nextElement(); + String v = System.getProperty(s); -+ String l1 = s.toLowerCase(); -+ String l2 = v.toLowerCase(); ++ String s2 = s.toLowerCase(); ++ String v2 = v.toLowerCase(); + -+ if (l1.indexOf("proxy") < 0 && l2.indexOf("proxy") < 0) { ++ if (s2.indexOf("proxy") < 0 && v2.indexOf("proxy") < 0) { + continue; + } -+ if (l2.indexOf("https") < 0) { ++ if (v2.indexOf("https") < 0) { ++ continue; ++ } ++ ++ if (s2.indexOf("proxy.https.host") >= 0) { ++ proxyHost = v2; ++ continue; ++ } ++ if (s2.indexOf("proxy.https.port") >= 0) { ++ proxyPort = gint(v2); ++ continue; ++ } ++ if (s2.indexOf("proxy.http.host") >= 0) { ++ proxyHost_nossl = v2; ++ continue; ++ } ++ if (s2.indexOf("proxy.http.port") >= 0) { ++ proxyPort_nossl = gint(v2); + continue; + } + @@ -578,10 +704,9 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL + continue; + } + if (hp[0].length() > 1 && hp[1].length() > 1) { -+ try { -+ Integer I = new Integer(hp[1]); -+ proxyPort = I.intValue(); -+ } catch (Exception ex) { ++ ++ proxyPort = gint(hp[1]); ++ if (proxyPort < 0) { + continue; + } + proxyHost = new String(hp[0]); @@ -591,65 +716,113 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL + } + } + if (proxyHost != null) { -+ dbg("Lucky us! we figured out the Proxy parameters: " + proxyHost + " " + proxyPort); -+ } else { -+ /* ask user to help us: */ -+ ProxyDialog pd = new ProxyDialog(proxyHost, proxyPort); -+ pd.queryUser(); -+ proxyHost = pd.getHost(); -+ proxyPort = pd.getPort(); -+ dbg("User said host: " + pd.getHost() + " port: " + pd.getPort()); ++ if (proxyHost_nossl != null && proxyPort_nossl > 0) { ++ dbg("Using http proxy info instead of https."); ++ proxyHost = proxyHost_nossl; ++ proxyPort = proxyPort_nossl; ++ } + } + -+ proxySock = psocket(proxyHost, proxyPort); -+ if (proxySock == null) { -+ dbg("1 sadly, returning a null socket"); -+ return null; -+ } -+ String hp = host + ":" + port; ++ if (proxy_in_use) { ++ if (proxy_dialog_host != null && proxy_dialog_port > 0) { ++ proxyHost = proxy_dialog_host; ++ proxyPort = proxy_dialog_port; ++ } ++ if (proxyHost != null) { ++ dbg("Lucky us! we figured out the Proxy parameters: " + proxyHost + " " + proxyPort); ++ } else { ++ /* ask user to help us: */ ++ ProxyDialog pd = new ProxyDialog(proxyHost, proxyPort); ++ pd.queryUser(); ++ proxyHost = pd.getHost(); ++ proxyPort = pd.getPort(); ++ proxy_dialog_host = new String(proxyHost); ++ proxy_dialog_port = proxyPort; ++ dbg("User said host: " + pd.getHost() + " port: " + pd.getPort()); ++ } + -+ String req1 = "CONNECT " + hp + " HTTP/1.1\r\n" -+ + "Host: " + hp + "\r\n\r\n"; ++ dbg("proxy_in_use psocket:"); ++ proxySock = psocket(proxyHost, proxyPort); ++ if (proxySock == null) { ++ dbg("1-a sadly, returning a null socket"); ++ return null; ++ } ++ String hp = host + ":" + port; + -+ /* not working for SSL yet: */ -+ String req2 = "GET https://" + hp -+ + "/request.https.proxy.connection HTTP/1.1\r\n" -+ + "Host: " + hp + "\r\n\r\n"; ++ String req1 = "CONNECT " + hp + " HTTP/1.1\r\n" ++ + "Host: " + hp + "\r\n\r\n"; + -+ dbg("requesting: " + req1); ++ dbg("requesting1: " + req1); + -+ try { -+ proxy_os.write(req1.getBytes()); -+ String reply = readline(proxy_is); ++ try { ++ proxy_os.write(req1.getBytes()); ++ String reply = readline(proxy_is); + -+ dbg("proxy replied: " + reply); ++ dbg("proxy replied1: " + reply.trim()); + -+ if (reply.indexOf("HTTP/1.") < 0 && reply.indexOf(" 200") < 0) { -+ proxySock.close(); -+ proxySock = psocket(proxyHost, proxyPort); -+ if (proxySock == null) { -+ dbg("2 sadly, returning a null socket"); -+ return null; ++ if (reply.indexOf("HTTP/1.") < 0 && reply.indexOf(" 200") < 0) { ++ proxySock.close(); ++ proxySock = psocket(proxyHost, proxyPort); ++ if (proxySock == null) { ++ dbg("2-a sadly, returning a null socket"); ++ return null; ++ } + } -+ dbg("requesting: " + req2); ++ } catch(Exception e) { ++ dbg("sock prob1: " + e.getMessage()); ++ } ++ ++ while (true) { ++ String line = readline(proxy_is); ++ dbg("proxy line1: " + line.trim()); ++ if (line.equals("\r\n") || line.equals("\n")) { ++ break; ++ } ++ } ++ } else if (viewer.CONNECT != null) { ++ dbg("viewer.CONNECT psocket:"); ++ proxySock = psocket(host, port); ++ if (proxySock == null) { ++ dbg("1-b sadly, returning a null socket"); ++ return null; ++ } ++ } ++ ++ if (viewer.CONNECT != null) { ++ String hp = viewer.CONNECT; ++ String req2 = "CONNECT " + hp + " HTTP/1.1\r\n" ++ + "Host: " + hp + "\r\n\r\n"; ++ ++ dbg("requesting2: " + req2); ++ ++ try { + proxy_os.write(req2.getBytes()); ++ String reply = readline(proxy_is); + -+ reply = readline(proxy_is); ++ dbg("proxy replied2: " + reply.trim()); + -+ dbg("proxy replied: " + reply); ++ if (reply.indexOf("HTTP/1.") < 0 && reply.indexOf(" 200") < 0) { ++ proxySock.close(); ++ proxySock = psocket(proxyHost, proxyPort); ++ if (proxySock == null) { ++ dbg("2-b sadly, returning a null socket"); ++ return null; ++ } ++ } ++ } catch(Exception e) { ++ dbg("sock prob2: " + e.getMessage()); + } -+ } catch(Exception e) { -+ dbg("sock prob: " + e.getMessage()); -+ } + -+ while (true) { -+ String line = readline(proxy_is); -+ dbg("proxy line: " + line); -+ if (line.equals("\r\n") || line.equals("\n")) { -+ break; ++ while (true) { ++ String line = readline(proxy_is); ++ dbg("proxy line2: " + line.trim()); ++ if (line.equals("\r\n") || line.equals("\n")) { ++ break; ++ } + } ++ + } -+ ++ + Socket sslsock = null; + try { + sslsock = factory.createSocket(proxySock, host, port, true); @@ -1108,16 +1281,21 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL +} diff -x VncCanvas.java -Naur vnc_javasrc.orig/VncViewer.java vnc_javasrc/VncViewer.java --- vnc_javasrc.orig/VncViewer.java 2004-03-04 08:34:25.000000000 -0500 -+++ vnc_javasrc/VncViewer.java 2006-03-27 22:20:19.000000000 -0500 -@@ -87,6 +87,7 @@ - int deferScreenUpdates; ++++ vnc_javasrc/VncViewer.java 2006-04-16 11:21:13.000000000 -0400 +@@ -88,6 +88,12 @@ int deferCursorUpdates; int deferUpdateRequests; -+ boolean disableSSL; ++ boolean disableSSL; ++ String GET; ++ String CONNECT; ++ String urlPrefix; ++ boolean forceProxy; ++ // Reference to this applet for inter-applet communication. public static java.applet.Applet refApplet; -@@ -626,6 +627,12 @@ + +@@ -626,6 +632,39 @@ // SocketFactory. socketFactory = readParameter("SocketFactory", false); @@ -1127,6 +1305,33 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/VncViewer.java vnc_javasrc/VncView + str = readParameter("DisableSSL", false); + if (str != null && str.equalsIgnoreCase("Yes")) + disableSSL = true; ++ ++ // Extra GET, CONNECT string: ++ CONNECT = readParameter("CONNECT", false); ++ if (CONNECT != null) { ++ CONNECT = CONNECT.replaceAll(" ", ":"); ++ } ++ GET = readParameter("GET", false); ++ urlPrefix = ""; ++ if (GET != null) { ++ GET = GET.replaceAll("%2F", "/"); ++ GET = GET.replaceAll("%2f", "/"); ++ GET = GET.replaceAll("_2F_", "/"); ++ if (! GET.equals("1")) { ++ if (GET.indexOf("/") != 0) { ++ urlPrefix += "/"; ++ } ++ urlPrefix += GET; ++ } ++ } ++ urlPrefix = urlPrefix.replaceAll("%2f", "/"); ++ System.out.println("urlPrefix: " + urlPrefix); ++ ++ forceProxy = false; ++ str = readParameter("forceProxy", false); ++ if (str != null && str.equalsIgnoreCase("Yes")) { ++ forceProxy = true; ++ } } public String readParameter(String name, boolean required) { |
