summaryrefslogtreecommitdiffstats
path: root/classes/ssl/onetimekey
diff options
context:
space:
mode:
authorrunge <runge@karlrunge.com>2010-03-21 00:05:51 -0400
committerrunge <runge@karlrunge.com>2010-03-21 00:05:51 -0400
commit97540de56ca8a975ed31d86879d0e5c4cf169173 (patch)
tree6c8c0a28c3559a15c6a76bed92dc2a4c62630914 /classes/ssl/onetimekey
parentedb79ae2b1d39bc12d489bcded74ab966e019994 (diff)
downloadlibtdevnc-97540de56ca8a975ed31d86879d0e5c4cf169173.tar.gz
libtdevnc-97540de56ca8a975ed31d86879d0e5c4cf169173.zip
classes/ssl: Many improvements to Java SSL applet, onetimekey
serverCert param, debugging printout, user dialogs, catch socket exceptions, autodetect x11vnc for GET=1. x11vnc: misc/scripts: desktop.cgi, inet6to4, panner.pl. X11VNC_HTTPS_DOWNLOAD_WAIT_TIME, -unixpw %xxx documented, and can run user cmd in UNIXPW_CMD. FD_XDMCP_IF for create script, autodetect dm on udp6 only. Queries: pointer_x, pointer_y, pointer_same, pointer_root. Switch on -xkd if keysyms per key > 4 in all cases. daemon mode improvements for connect_switch, inet6to4, ultravnc_repeater.pl. Dynamic change of -clip do not create new fb if WxH is unchanged.
Diffstat (limited to 'classes/ssl/onetimekey')
-rwxr-xr-xclasses/ssl/onetimekey20
1 files changed, 19 insertions, 1 deletions
diff --git a/classes/ssl/onetimekey b/classes/ssl/onetimekey
index 5c0c26d..bf57c8f 100755
--- a/classes/ssl/onetimekey
+++ b/classes/ssl/onetimekey
@@ -1,6 +1,7 @@
#!/bin/sh
#
# usage: onetimekey path/to/mycert.pem
+# onetimekey -certonly path/to/mycert.pem
#
# Takes an openssl cert+key pem file and turns into a long string
# for the x11vnc SSL VNC Java Viewer.
@@ -14,6 +15,19 @@
# in it. Also, as the name implies, an HTTPS server can create
# a one time key to send to the applet (the user has already
# logged in via password to the HTTPS server).
+#
+# Note oneTimeKey is to provide a CLIENT Certificate for the viewer
+# to authenticate itself to the VNC Server.
+#
+# There is also the serverCert=<str> Applet parameter. This is
+# a cert to authenticate the VNC server against. To create that
+# string with this tool specify -certonly as the first argument.
+
+certonly=""
+if [ "X$1" = "X-certonly" ]; then
+ shift
+ certonly=1
+fi
in=$1
der=/tmp/1time$$.der
@@ -43,5 +57,9 @@ rm -f "$der"
n=`grep -n 'BEGIN CERTIFICATE' $in | awk -F: '{print $1}' | head -1`
str2=`tail +$n $in | $pbinhex`
-echo "$str1,$str2"
+if [ "X$certonly" = "X1" ]; then
+ echo "$str2"
+else
+ echo "$str1,$str2"
+fi
rm -f $pbinhex