summaryrefslogtreecommitdiffstats
path: root/x11vnc/sslhelper.c
diff options
context:
space:
mode:
authorrunge <runge@karlrunge.com>2010-03-21 00:05:51 -0400
committerrunge <runge@karlrunge.com>2010-03-21 00:05:51 -0400
commit97540de56ca8a975ed31d86879d0e5c4cf169173 (patch)
tree6c8c0a28c3559a15c6a76bed92dc2a4c62630914 /x11vnc/sslhelper.c
parentedb79ae2b1d39bc12d489bcded74ab966e019994 (diff)
downloadlibtdevnc-97540de56ca8a975ed31d86879d0e5c4cf169173.tar.gz
libtdevnc-97540de56ca8a975ed31d86879d0e5c4cf169173.zip
classes/ssl: Many improvements to Java SSL applet, onetimekey
serverCert param, debugging printout, user dialogs, catch socket exceptions, autodetect x11vnc for GET=1. x11vnc: misc/scripts: desktop.cgi, inet6to4, panner.pl. X11VNC_HTTPS_DOWNLOAD_WAIT_TIME, -unixpw %xxx documented, and can run user cmd in UNIXPW_CMD. FD_XDMCP_IF for create script, autodetect dm on udp6 only. Queries: pointer_x, pointer_y, pointer_same, pointer_root. Switch on -xkd if keysyms per key > 4 in all cases. daemon mode improvements for connect_switch, inet6to4, ultravnc_repeater.pl. Dynamic change of -clip do not create new fb if WxH is unchanged.
Diffstat (limited to 'x11vnc/sslhelper.c')
-rw-r--r--x11vnc/sslhelper.c49
1 files changed, 32 insertions, 17 deletions
diff --git a/x11vnc/sslhelper.c b/x11vnc/sslhelper.c
index 3d19834..ab2a43f 100644
--- a/x11vnc/sslhelper.c
+++ b/x11vnc/sslhelper.c
@@ -3460,6 +3460,7 @@ void accept_openssl(int mode, int presock) {
char reply[] = "HTTP/1.0 200 OK\r\n"
"Content-Type: octet-stream\r\n"
"Connection: Keep-Alive\r\n"
+ "VNC-Server: x11vnc\r\n"
"Pragma: no-cache\r\n\r\n";
/*
* special case proxy coming thru https
@@ -3503,6 +3504,7 @@ void accept_openssl(int mode, int presock) {
char reply[] = "HTTP/1.0 200 OK\r\n"
"Connection: close\r\n"
"Content-Type: octet-stream\r\n"
+ "VNC-Server: x11vnc\r\n"
"Pragma: no-cache\r\n\r\n";
rfbLog("Handling Check HTTPS request via https GET. [%d]\n", getpid());
@@ -3782,14 +3784,14 @@ void accept_openssl(int mode, int presock) {
q = strstr(rcookie, "VENCRYPT=");
if (q && sscanf(q, "VENCRYPT=%d,", &vencrypt_sel) == 1) {
if (vencrypt_sel != 0) {
- rfbLog("SSL: VENCRYPT mode=%d accepted.\n", vencrypt_sel);
+ rfbLog("SSL: VENCRYPT mode=%d accepted. helper[%d]\n", vencrypt_sel, pid);
goto accept_client;
}
}
q = strstr(rcookie, "ANONTLS=");
if (q && sscanf(q, "ANONTLS=%d,", &anontls_sel) == 1) {
if (anontls_sel != 0) {
- rfbLog("SSL: ANONTLS mode=%d accepted.\n", anontls_sel);
+ rfbLog("SSL: ANONTLS mode=%d accepted. helper[%d]\n", anontls_sel, pid);
goto accept_client;
}
}
@@ -3803,6 +3805,12 @@ void accept_openssl(int mode, int presock) {
if (strstr(rcookie, uniq) == rcookie) {
int i;
+ double https_download_wait_time = 15.0;
+
+ if (getenv("X11VNC_HTTPS_DOWNLOAD_WAIT_TIME")) {
+ https_download_wait_time = atof(getenv("X11VNC_HTTPS_DOWNLOAD_WAIT_TIME"));
+ }
+
rfbLog("SSL: BUT WAIT! HTTPS for helper process[%d] succeeded. Good.\n", pid);
if (mode != OPENSSL_HTTPS) {
last_https = dnow();
@@ -3814,6 +3822,7 @@ void accept_openssl(int mode, int presock) {
}
if (rcookie && strstr(rcookie, "VncViewer.class")) {
rfbLog("\n");
+ rfbLog("helper[%d]:\n", pid);
rfbLog("***********************************************************\n");
rfbLog("SSL: WARNING CLIENT ASKED FOR NONEXISTENT 'VncViewer.class'\n");
rfbLog("SSL: USER NEEDS TO **RESTART** HIS WEB BROWSER.\n");
@@ -3841,31 +3850,34 @@ void accept_openssl(int mode, int presock) {
}
screen->port = useport;
if (origport != useport) {
- rfbLog("SSL: -httpsredir guess port: %d\n", screen->port);
+ rfbLog("SSL: -httpsredir guess port: %d helper[%d]\n", screen->port, pid);
}
start = dnow();
- while (dnow() < start + 10.0) {
+ while (dnow() < start + https_download_wait_time) {
if (screen->httpSock >= 0) saw_httpsock = 1;
rfbPE(10000);
usleep(10000);
if (screen->httpSock >= 0) saw_httpsock = 1;
waitpid(pid, &status, WNOHANG);
if (kill(pid, 0) != 0) {
- rfbPE(10000);
- rfbPE(10000);
+ rfbLog("SSL: helper[%d] pid finished\n", pid);
break;
}
- if (saw_httpsock && screen->httpSock < 0) {
+ if (0 && saw_httpsock && screen->httpSock < 0) {
+ /* this check can kill the helper too soon. */
rfbLog("SSL: httpSock for helper[%d] went away\n", pid);
- rfbPE(10000);
- rfbPE(10000);
break;
}
}
- screen->port = origport;
rfbLog("SSL: guessing child helper[%d] https finished. dt=%.6f\n",
pid, dnow() - start);
+
+ rfbPE(10000);
+ rfbPE(10000);
+ rfbPE(10000);
+
+ screen->port = origport;
ssl_helper_pid(0, -2);
if (mode == OPENSSL_INETD) {
clean_up_exit(1);
@@ -3888,31 +3900,34 @@ void accept_openssl(int mode, int presock) {
}
}
}
- rfbLog("SSL: screen->port %d\n", screen->port);
+ rfbLog("SSL: screen->port %d for helper[%d]\n", screen->port, pid);
/* kludge for https fetch via inetd */
start = dnow();
- while (dnow() < start + 10.0) {
+ while (dnow() < start + https_download_wait_time) {
if (screen->httpSock >= 0) saw_httpsock = 1;
rfbPE(10000);
usleep(10000);
if (screen->httpSock >= 0) saw_httpsock = 1;
waitpid(pid, &status, WNOHANG);
if (kill(pid, 0) != 0) {
- rfbPE(10000);
- rfbPE(10000);
+ rfbLog("SSL: helper[%d] pid finished\n", pid);
break;
}
- if (saw_httpsock && screen->httpSock < 0) {
+ if (0 && saw_httpsock && screen->httpSock < 0) {
+ /* this check can kill the helper too soon. */
rfbLog("SSL: httpSock for helper[%d] went away\n", pid);
- rfbPE(10000);
- rfbPE(10000);
break;
}
}
rfbLog("SSL: OPENSSL_INETD guessing "
"child helper[%d] https finished. dt=%.6f\n",
pid, dnow() - start);
+
+ rfbPE(10000);
+ rfbPE(10000);
+ rfbPE(10000);
+
ssl_helper_pid(0, -2);
clean_up_exit(1);
}