x11vnc: SSL fixes. Increase cert lifetimes to 2 years. Print ssl err msg.

1 files changed, 10 insertions, 3 deletions

diff --git a/x11vnc/ssltools.h b/x11vnc/ssltools.h
index c056e97..c261af9 100644
--- a/x11vnc/ssltools.h
+++ b/x11vnc/ssltools.h
@@ -76,7 +76,7 @@ char genCA[] =
 "name_opt 	= ca_default		# Subject Name options\n"
 "cert_opt 	= ca_default		# Certificate field options\n"
 "\n"
-"default_days	= 365			# how long to certify for\n"
+"default_days	= 730			# how long to certify for\n"
 "default_crl_days= 30			# how long before next CRL\n"
 "default_md	= md5			# which md to use.\n"
 "preserve	= no			# keep passed DN ordering\n"
@@ -333,6 +333,13 @@ char genCert[] =
 "	echo \"Creating new x11vnc certificate and key for name: $type $name0\"\n"
 "	echo \"\"\n"
 "\n"
+"	req_args=$REQ_ARGS\n"
+"	if echo \"$req_args\" | grep 'days' > /dev/null; then\n"
+"		:\n"
+"	else\n"
+"		req_args=\"$req_args -days 730\"\n"
+"	fi\n"
+"\n"
 "	cnf=\"$DIR/tmp/cnf.$$\"\n"
 "	trap \"rm -f \\\"$cnf\\\"\" 0 1 2 15\n"
 "\n"
@@ -343,7 +350,7 @@ char genCert[] =
 "			direrror \"$DIR/CA/self.cnf.$type\"\n"
 "		fi\n"
 "		cat \"$DIR/CA/self.cnf.$type\" | sed -e \"s/%NAME/$name0/\" > \"$cnf\" || exit 1\n"
-"		\"$OPENSSL\" req -config \"$cnf\" -nodes -new -newkey rsa:2048 -x509 $REQ_ARGS \\\n"
+"		\"$OPENSSL\" req -config \"$cnf\" -nodes -new -newkey rsa:2048 -x509 $req_args \\\n"
 "			-keyout \"$DIR/$dest.key\" \\\n"
 "			-out    \"$DIR/$dest.crt\"\n"
 "	else\n"
@@ -351,7 +358,7 @@ char genCert[] =
 "			direrror \"$DIR/CA/ssl.cnf.$type\"\n"
 "		fi\n"
 "		cat \"$DIR/CA/ssl.cnf.$type\" | sed  -e \"s/%NAME/$name0/\" > \"$cnf\" || exit 1\n"
-"		\"$OPENSSL\" req -config \"$cnf\" -nodes -new -newkey rsa:2048 $REQ_ARGS \\\n"
+"		\"$OPENSSL\" req -config \"$cnf\" -nodes -new -newkey rsa:2048 $req_args \\\n"
 "			-keyout \"$DIR/$dest.key\" \\\n"
 "			-out    \"$DIR/$dest.req\"\n"
 "	fi\n"