diff options
author | runge <runge@karlrunge.com> | 2010-02-22 22:33:50 -0500 |
---|---|---|
committer | runge <runge@karlrunge.com> | 2010-02-22 22:33:50 -0500 |
commit | 521b9d98a4b772689061b24bcfd57dcce976aacc (patch) | |
tree | a0e4ed61ae608dd0bdca48d95d3e5960f46253c2 /x11vnc/help.c | |
parent | 909683fd970fa842a12d2437ea30a624caf2e761 (diff) | |
download | libtdevnc-521b9d98a4b772689061b24bcfd57dcce976aacc.tar.gz libtdevnc-521b9d98a4b772689061b24bcfd57dcce976aacc.zip |
classes/ssl: Java SSL applet viewer now works with certificate chains.
x11vnc: Printout option -sslScripts. Suggest -auth guess in error message. Set fake_screen width and height. Test for +kb in Xvfb.
Diffstat (limited to 'x11vnc/help.c')
-rw-r--r-- | x11vnc/help.c | 34 |
1 files changed, 23 insertions, 11 deletions
diff --git a/x11vnc/help.c b/x11vnc/help.c index 80288f6..874291c 100644 --- a/x11vnc/help.c +++ b/x11vnc/help.c @@ -1753,14 +1753,14 @@ void print_help(int mode) { " ssh) and you do not want x11vnc waiting around for more\n" " connections, tying up ports, etc.\n" "\n" -"-ssldir [dir] Use [dir] as an alternate ssl certificate and key\n" +"-ssldir dir Use \"dir\" as an alternate ssl certificate and key\n" " management toplevel directory. The default is\n" " ~/.vnc/certs\n" "\n" " This directory is used to store server and other\n" " certificates and keys and also other materials. E.g. in\n" " the simplest case, \"-ssl SAVE\" will store the x11vnc\n" -" server cert in [dir]/server.pem\n" +" server cert in dir/server.pem\n" "\n" " Use of alternate directories via -ssldir allows you to\n" " manage multiple VNC Certificate Authority (CA) keys.\n" @@ -1772,14 +1772,14 @@ void print_help(int mode) { " -ssldir affects nearly all of the other -ssl* options,\n" " e.g. -ssl SAVE, -sslGenCert, etc..\n" "\n" -"-sslverify [path] For either of the -ssl or -stunnel modes, use [path]\n" +"-sslverify path For either of the -ssl or -stunnel modes, use \"path\"\n" " to provide certificates to authenticate incoming VNC\n" " *Client* connections (normally only the server is\n" " authenticated in SSL.) This can be used as a method\n" " to replace standard password authentication of clients.\n" "\n" -" If [path] is a directory it contains the client (or CA)\n" -" certificates in separate files. If [path] is a file,\n" +" If \"path\" is a directory it contains the client (or CA)\n" +" certificates in separate files. If path is a file,\n" " it contains one or more certificates. See special tokens\n" " below. These correspond to the \"CApath = dir\" and\n" " \"CAfile = file\" stunnel options. See the stunnel(8)\n" @@ -1789,7 +1789,7 @@ void print_help(int mode) { " x11vnc -ssl -sslverify ~/my.crt\n" " x11vnc -ssl -sslverify ~/my_pem_dir/\n" "\n" -" Note that if [path] is a directory, it must contain\n" +" Note that if path is a directory, it must contain\n" " the certs in separate files named like <HASH>.0, where\n" " the value of <HASH> is found by running the command\n" " \"openssl x509 -hash -noout -in file.crt\". Evidently\n" @@ -1801,7 +1801,7 @@ void print_help(int mode) { " subdirs it manages. Then you can point -sslverify to\n" " the HASH subdir.\n" "\n" -" Special tokens: in -ssl mode, if [path] is not a file or\n" +" Special tokens: in -ssl mode, if \"path\" is not a file or\n" " a directory, it is taken as a comma separated list of\n" " tokens that are interpreted as follows:\n" "\n" @@ -2090,7 +2090,7 @@ void print_help(int mode) { " REQ_ARGS='-days 1095' to bump up the expiration date\n" " (3 years in this case).\n" "\n" -"-sslEncKey [pem] Utility to encrypt an existing PEM file with a\n" +"-sslEncKey pem Utility to encrypt an existing PEM file with a\n" " passphrase you supply when prompted. For that key to be\n" " used (e.g. by x11vnc) the passphrase must be supplied\n" " each time.\n" @@ -2108,7 +2108,7 @@ void print_help(int mode) { " x11vnc -sslEncKey SAVE\n" " x11vnc -sslEncKey SAVE-charlie\n" "\n" -"-sslCertInfo [pem] Prints out information about an existing PEM file.\n" +"-sslCertInfo pem Prints out information about an existing PEM file.\n" " In addition the public certificate is also printed.\n" " The openssl(1) program must be in PATH. Basically the\n" " command \"openssl x509 -text\" is run on the pem.\n" @@ -2137,10 +2137,15 @@ void print_help(int mode) { " The LIST, LISTL, LL, ALL, HASHON, HASHOFF words can\n" " also be lowercase, e.g. \"list\".\n" "\n" -"-sslDelCert [pem] Prompts you to delete all .crt .pem .key .req files\n" +"-sslDelCert pem Prompts you to delete all .crt .pem .key .req files\n" " associated with [pem]. \"SAVE\" and lookups as in\n" " -sslCertInfo apply as well.\n" "\n" +"-sslScripts Prints out both the 'genCA' and 'genCert' x11vnc\n" +" openssl wrapper scripts for you to examine, modify, etc.\n" +" The scripts are printed to stdout and then the program\n" +" exits.\n" +"\n" "\n" "-stunnel [pem] Use the stunnel(8) (www.stunnel.org) to provide an\n" " encrypted SSL tunnel between viewers and x11vnc.\n" @@ -5530,7 +5535,7 @@ void xopen_display_fail_message(char *disp) { " x11vnc.\n"); fprintf(stderr, " - Being root is usually not enough because the" " incorrect MIT-MAGIC-COOKIE\n"); - fprintf(stderr, " file will be accessed. The cookie file contains" + fprintf(stderr, " file may be accessed. The cookie file contains" " the secret key that\n"); fprintf(stderr, " allows x11vnc to connect to the desired" " X DISPLAY.\n"); @@ -5542,6 +5547,7 @@ void xopen_display_fail_message(char *disp) { fprintf(stderr, " x11vnc -auth /tmp/.gdmzndVlR" " -display :0\n"); fprintf(stderr, " you must have read permission for the auth file.\n"); + fprintf(stderr, " See also '-auth guess' and '-findauth' discussed below.\n"); fprintf(stderr, "\n"); fprintf(stderr, "** If NO ONE is logged into an X session yet, but" " there is a greeter login\n"); @@ -5561,6 +5567,12 @@ void xopen_display_fail_message(char *disp) { fprintf(stderr, " Sometimes the command \"ps wwwwaux | grep auth\"" " can reveal the file location.\n"); fprintf(stderr, "\n"); + fprintf(stderr, " Starting with x11vnc 0.9.9 you can have it try to guess by using:\n"); + fprintf(stderr, "\n"); + fprintf(stderr, " -auth guess\n"); + fprintf(stderr, "\n"); + fprintf(stderr, " (see also the x11vnc -findauth option.)\n"); + fprintf(stderr, "\n"); fprintf(stderr, " Only root will have read permission for the" " file, and so x11vnc must be run\n"); fprintf(stderr, " as root (or copy it). The random characters in the filenames" |