diff options
author | runge <runge@karlrunge.com> | 2010-03-21 00:05:51 -0400 |
---|---|---|
committer | runge <runge@karlrunge.com> | 2010-03-21 00:05:51 -0400 |
commit | 97540de56ca8a975ed31d86879d0e5c4cf169173 (patch) | |
tree | 6c8c0a28c3559a15c6a76bed92dc2a4c62630914 /classes/ssl/onetimekey | |
parent | edb79ae2b1d39bc12d489bcded74ab966e019994 (diff) | |
download | libtdevnc-97540de56ca8a975ed31d86879d0e5c4cf169173.tar.gz libtdevnc-97540de56ca8a975ed31d86879d0e5c4cf169173.zip |
classes/ssl: Many improvements to Java SSL applet, onetimekey
serverCert param, debugging printout, user dialogs, catch
socket exceptions, autodetect x11vnc for GET=1.
x11vnc: misc/scripts: desktop.cgi, inet6to4, panner.pl.
X11VNC_HTTPS_DOWNLOAD_WAIT_TIME, -unixpw %xxx documented, and
can run user cmd in UNIXPW_CMD. FD_XDMCP_IF for create script,
autodetect dm on udp6 only. Queries: pointer_x, pointer_y,
pointer_same, pointer_root. Switch on -xkd if keysyms per key >
4 in all cases. daemon mode improvements for connect_switch,
inet6to4, ultravnc_repeater.pl. Dynamic change of -clip do
not create new fb if WxH is unchanged.
Diffstat (limited to 'classes/ssl/onetimekey')
-rwxr-xr-x | classes/ssl/onetimekey | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/classes/ssl/onetimekey b/classes/ssl/onetimekey index 5c0c26d..bf57c8f 100755 --- a/classes/ssl/onetimekey +++ b/classes/ssl/onetimekey @@ -1,6 +1,7 @@ #!/bin/sh # # usage: onetimekey path/to/mycert.pem +# onetimekey -certonly path/to/mycert.pem # # Takes an openssl cert+key pem file and turns into a long string # for the x11vnc SSL VNC Java Viewer. @@ -14,6 +15,19 @@ # in it. Also, as the name implies, an HTTPS server can create # a one time key to send to the applet (the user has already # logged in via password to the HTTPS server). +# +# Note oneTimeKey is to provide a CLIENT Certificate for the viewer +# to authenticate itself to the VNC Server. +# +# There is also the serverCert=<str> Applet parameter. This is +# a cert to authenticate the VNC server against. To create that +# string with this tool specify -certonly as the first argument. + +certonly="" +if [ "X$1" = "X-certonly" ]; then + shift + certonly=1 +fi in=$1 der=/tmp/1time$$.der @@ -43,5 +57,9 @@ rm -f "$der" n=`grep -n 'BEGIN CERTIFICATE' $in | awk -F: '{print $1}' | head -1` str2=`tail +$n $in | $pbinhex` -echo "$str1,$str2" +if [ "X$certonly" = "X1" ]; then + echo "$str2" +else + echo "$str1,$str2" +fi rm -f $pbinhex |