summaryrefslogtreecommitdiffstats
path: root/x11vnc/misc/enhanced_tightvnc_viewer
diff options
context:
space:
mode:
Diffstat (limited to 'x11vnc/misc/enhanced_tightvnc_viewer')
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/COPYING340
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/README228
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/Windows/README.txt51
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/esound/download.url1
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/openssl/download.url1
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/openssl/location.url1
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/plink/download.url1
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/plink/licence.url1
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/stunnel/download.url1
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/stunnel/location.url1
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/vncviewer/download.url1
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/vncviewer/location.url1
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/stunnel-client.conf43
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/stunnel-server.conf34
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/w98/location.url1
-rwxr-xr-xx11vnc/misc/enhanced_tightvnc_viewer/bin/ssl_tightvncviewer124
-rwxr-xr-xx11vnc/misc/enhanced_tightvnc_viewer/bin/ssl_vnc_gui64
-rwxr-xr-xx11vnc/misc/enhanced_tightvnc_viewer/bin/tightvncviewer129
-rwxr-xr-xx11vnc/misc/enhanced_tightvnc_viewer/bin/util/ssl_tightvncviewer.tcl5031
-rwxr-xr-xx11vnc/misc/enhanced_tightvnc_viewer/bin/util/ssl_vncviewer530
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/bin/util/stunnel-server.conf34
-rwxr-xr-xx11vnc/misc/enhanced_tightvnc_viewer/build.unix244
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/filelist.txt280
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/src/README7
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/src/patches/README6
-rwxr-xr-xx11vnc/misc/enhanced_tightvnc_viewer/src/patches/_bundle33
-rwxr-xr-xx11vnc/misc/enhanced_tightvnc_viewer/src/patches/_getpatches3
-rwxr-xr-xx11vnc/misc/enhanced_tightvnc_viewer/src/patches/_vncpatchapplied6
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/src/patches/stunnel-maxconn.patch124
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/src/patches/tight-vncviewer-fullscreen.patch42
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/src/patches/tight-vncviewer-newfbsize.patch285
-rw-r--r--x11vnc/misc/enhanced_tightvnc_viewer/src/zips/README15
32 files changed, 7663 insertions, 0 deletions
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/COPYING b/x11vnc/misc/enhanced_tightvnc_viewer/COPYING
new file mode 100644
index 0000000..a3f6b12
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/COPYING
@@ -0,0 +1,340 @@
+ GNU GENERAL PUBLIC LICENSE
+ Version 2, June 1991
+
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.
+ 59 Temple Place - Suite 330, Boston, MA
+ 02111-1307, USA.
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+ Preamble
+
+ The licenses for most software are designed to take away your
+freedom to share and change it. By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users. This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it. (Some other Free Software Foundation software is covered by
+the GNU Library General Public License instead.) You can apply it to
+your programs, too.
+
+ When we speak of free software, we are referring to freedom, not
+price. Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+ To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+ For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have. You must make sure that they, too, receive or can get the
+source code. And you must show them these terms so they know their
+rights.
+
+ We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+ Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software. If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+ Finally, any free program is threatened constantly by software
+patents. We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary. To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+ The precise terms and conditions for copying, distribution and
+modification follow.
+
+ GNU GENERAL PUBLIC LICENSE
+ TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+ 0. This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License. The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language. (Hereinafter, translation is included without limitation in
+the term "modification".) Each licensee is addressed as "you".
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope. The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+ 1. You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+ 2. You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+ a) You must cause the modified files to carry prominent notices
+ stating that you changed the files and the date of any change.
+
+ b) You must cause any work that you distribute or publish, that in
+ whole or in part contains or is derived from the Program or any
+ part thereof, to be licensed as a whole at no charge to all third
+ parties under the terms of this License.
+
+ c) If the modified program normally reads commands interactively
+ when run, you must cause it, when started running for such
+ interactive use in the most ordinary way, to print or display an
+ announcement including an appropriate copyright notice and a
+ notice that there is no warranty (or else, saying that you provide
+ a warranty) and that users may redistribute the program under
+ these conditions, and telling the user how to view a copy of this
+ License. (Exception: if the Program itself is interactive but
+ does not normally print such an announcement, your work based on
+ the Program is not required to print an announcement.)
+
+These requirements apply to the modified work as a whole. If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works. But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+ 3. You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+ a) Accompany it with the complete corresponding machine-readable
+ source code, which must be distributed under the terms of Sections
+ 1 and 2 above on a medium customarily used for software interchange; or,
+
+ b) Accompany it with a written offer, valid for at least three
+ years, to give any third party, for a charge no more than your
+ cost of physically performing source distribution, a complete
+ machine-readable copy of the corresponding source code, to be
+ distributed under the terms of Sections 1 and 2 above on a medium
+ customarily used for software interchange; or,
+
+ c) Accompany it with the information you received as to the offer
+ to distribute corresponding source code. (This alternative is
+ allowed only for noncommercial distribution and only if you
+ received the program in object code or executable form with such
+ an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it. For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable. However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+ 4. You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License. Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+ 5. You are not required to accept this License, since you have not
+signed it. However, nothing else grants you permission to modify or
+distribute the Program or its derivative works. These actions are
+prohibited by law if you do not accept this License. Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+ 6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions. You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+ 7. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all. For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices. Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+ 8. If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded. In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+ 9. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time. Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number. If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation. If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+
+ 10. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission. For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this. Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+ NO WARRANTY
+
+ 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+ 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+ END OF TERMS AND CONDITIONS
+
+ Appendix: How to Apply These Terms to Your New Programs
+
+ If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+ To do so, attach the following notices to the program. It is safest
+to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+ <one line to give the program's name and a brief idea of what it does.>
+ Copyright (C) 19yy <name of author>
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+
+Also add information on how to contact you by electronic and paper mail.
+
+If the program is interactive, make it output a short notice like this
+when it starts in an interactive mode:
+
+ Gnomovision version 69, Copyright (C) 19yy name of author
+ Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+ This is free software, and you are welcome to redistribute it
+ under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License. Of course, the commands you use may
+be called something other than `show w' and `show c'; they could even be
+mouse-clicks or menu items--whatever suits your program.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the program, if
+necessary. Here is a sample; alter the names:
+
+ Yoyodyne, Inc., hereby disclaims all copyright interest in the program
+ `Gnomovision' (which makes passes at compilers) written by James Hacker.
+
+ <signature of Ty Coon>, 1 April 1989
+ Ty Coon, President of Vice
+
+This General Public License does not permit incorporating your program into
+proprietary programs. If your program is a subroutine library, you may
+consider it more useful to permit linking proprietary applications with the
+library. If this is what you want to do, use the GNU Library General
+Public License instead of this License.
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/README b/x11vnc/misc/enhanced_tightvnc_viewer/README
new file mode 100644
index 0000000..ff3dc39
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/README
@@ -0,0 +1,228 @@
+ Enhanced TightVNC Viewer package
+
+Copyright (c) Karl J. Runge <runge@karlrunge.com>
+All rights reserved.
+
+These packages provide 1) An enhanced TightVNC Viewer on Unix, 2) Binaries
+for many Operating Systems (including Windows) for your convenience,
+3) Wrapper scripts and etc. for gluing them all together.
+
+One can straight-forwardly download all of the components and get them
+to work together by oneself: this package is mostly for your convenience
+to combine and wrap together the freely available software.
+
+Bundled software co-shipped in this package is copyright and licensed
+by others. See these sites and related ones for more information:
+
+ http://www.tightvnc.com
+ http://www.realvnc.com
+ http://www.stunnel.org
+ http://www.openssl.org
+ http://www.chiark.greenend.org.uk/~sgtatham/putty/
+
+Note: Some of the Windows binaries included contain cryptographic software
+that you may not be allowed to download, use, or redistribute. Please
+check your situation first before downloading any of these packages.
+See the survey http://rechten.uvt.nl/koops/cryptolaw/index.htm for useful
+information. The Unix programs do not contain cryptographic software, but
+rather will make use of cryptographic libraries that are installed on your
+Unix system. Depending on your circumstances you may still need to check.
+
+All work by Karl J. Runge in this package is Copyright (c) Karl J. Runge
+and is licensed under the GPL as described in the file COPYING in this
+directory.
+
+All the files and information in this package are provided "AS IS"
+without any warranty of any kind. Use them at your own risk.
+
+
+=============================================================================
+
+This package contains a convenient collection of enhanced TightVNC viewers
+and stunnel binaries for different flavors of Unix and wrapper scripts,
+etc to glue them together. SSL and SSH encryption tunnelling is provided.
+
+Also, a Windows SSL wrapper for the co-bundled TightVNC binary and other
+utilities are provided. (Launch ssl_tightvncviewer.exe in the
+Windows subdirectory).
+
+
+Features:
+--------
+
+The enhanced TightVNC viewer features are:
+
+ - SSL support for connections using the co-bundled stunnel program.
+
+ - Automatic SSH connections from the GUI (ssh must already be
+ installed on Unix; co-bundled plink is used on Windows)
+
+ - rfbNewFBSize VNC support on Unix (screen resizing)
+
+ - cursor alphablending with x11vnc at 32bpp (-alpha option, Unix only)
+
+ - xgrabserver support for fullscreen mode, for old window
+ managers (-grab option, Unix only).
+
+ - Automatic Service tunnelling via SSH for CUPS and SMB Printing,
+ ESD/ARTSD Audio, and SMB (Windows/Samba) filesystem mounting.
+
+ - Port Knocking for "closed port" SSH/SSL connections. In addition
+ to a simple fixed port sequence and one-time-pad implementation,
+ a hook is also provided to run any port knocking client before a
+ connecting.
+
+
+Your package should have included binaries for many OS's: Linux, Solaris,
+FreeBSD, etc. See the subdirectories of
+
+ ./bin
+
+for the ones that were shipped in this package, e.g. ./bin/Linux.i686
+Run "uname -sm" to see your OS+arch combination. (See the
+./bin/tightvncviewer -h output for how to override platform autodection
+via the UNAME env. var).
+
+
+If you need to Build:
+--------------------
+
+If your OS/arch is not included, the script "build.unix" may be able to
+successfully build on for you and deposit the binaries down in ./bin/...
+using the included source code.
+
+You must run the build.unix script from this directory (that this toplevel
+README is in) and like this:
+
+ ./build.unix
+
+
+The programs:
+------------
+
+The wrapper scripts:
+
+ ./bin/ssl_tightvncviewer
+ ./bin/tightvncviewer
+
+are the main programs you will run and will try to autodetect your OS+arch
+combination and if binaries are present for it automatically use them.
+(if not found try the running the build.unix script).
+
+If you prefer a GUI to prompt for parameters and then start ssl_tightvncviewer
+you can run this instead:
+
+ ./bin/ssl_vnc_gui
+
+this is essentially the same GUI that is run on Windows (the
+ssl_tightvncviewer.exe).
+
+Using the GUI is it impossible to initiate a VNC connection that is not
+encrypted with either SSL or SSH. Unencrypted VNC connections can only
+be started by manually running the ./bin/tightvncviewer script.
+
+For convenience, you can make symlinks from a directory in your PATH to
+any of the 3 programs above you wish to run. That is all you usually
+need to do for it to pick up all of the binaries, utils, etc. E.g.
+assuming $HOME/bin is in your $PATH:
+
+ cd $HOME/bin
+ ln -s /path/to/enhanced_tightvnc_viewer/bin/{s,t}* .
+
+(note the "." at the end). The above commands is basically the way to
+"install" this package on Unix.
+
+
+On Windows run:
+
+ Windows/ssl_tightvncviewer.exe
+
+
+Examples:
+--------
+
+Use enhanced TightVNC unix viewer to connect to x11vnc via SSL:
+
+ ./bin/ssl_tightvncviewer far-away.east:0
+
+ ./bin/tightvncviewer -ssl far-away.east:0 (same)
+
+ ./bin/ssl_vnc_gui (start GUI launcher)
+
+Use enhanced TightVNC unix viewer without SSL:
+
+ ./bin/tightvncviewer far-away.east:0
+
+Use SSL to connect to a x11vnc server, and also verify the server's
+identity using the SSL Certificate in the file ./x11vnc.pem:
+
+ ./bin/ssl_tightvncviewer -alpha -verify ./x11vnc.pem far-away.east:0
+
+(also turns on the viewer-side cursor alphablending hack).
+
+
+Brief description of the subdirectories:
+---------------------------------------
+
+ ./bin/util some utility scripts, e.g. ssl_vncviewer
+ and ssl_tightvncviewer.tcl
+
+ ./src source code and patches.
+ ./src/zips zip files of source code and binaries.
+
+ ./src/vnc_unixsrc unpacked tightvnc source code tree.
+ ./src/stunnel-4.14 unpacked stunnel source code tree.
+ ./src/patches patches to TightVNC viewer for the new
+ features on Unix (used by build.unix).
+ ./src/tmp temporary build dir for build.unix
+ (the last four are used by build.unix)
+
+
+ ./man man pages for TightVNC viewer and stunnel.
+
+ ./Windows Stock TightVNC viewer and Stunnel, Openssl
+ etc Windows binaries. ssl_tightvncviewer.exe
+ is the program to run.
+
+Since they are large, depending on which package you use not all of the
+above may be present in your package.
+
+
+Help and Info:
+-------------
+
+For more help on other options and usage patterns run these:
+
+ ./bin/ssl_tightvncviewer -h
+ ./bin/tightvncviewer -h
+ ./bin/util/ssl_vncviewer -h
+
+See also:
+
+ http://www.karlrunge.com/x11vnc
+ http://www.karlrunge.com/x11vnc/#faq
+ x11vnc -h | more
+
+ http://www.stunnel.org
+ http://www.openssl.org
+ http://www.tightvnc.com
+ http://www.realvnc.com
+ http://www.chiark.greenend.org.uk/~sgtatham/putty/
+
+
+Windows:
+-------
+
+ A wrapper to create a STUNNEL tunnel and then launch the
+ Windows TightVNC viewer is provided in:
+
+ Windows/ssl_tightvncviewer.exe
+
+ Just launch it and fill in the remote VNC display.
+
+ Click the Help buttons for more info. There is also a
+ Windows/README.txt file.
+
+ On Windows you may need to terminate the STUNNEL process
+ from the System Tray if the tool cannot terminate it
+ by itself. Just right-click on the STUNNEL icon.
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/README.txt b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/README.txt
new file mode 100644
index 0000000..8710251
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/README.txt
@@ -0,0 +1,51 @@
+
+This is a Windows utility to automatically start up STUNNEL to redirect
+SSL VNC connections to a remote host. Then TightVNC Viewer (included)
+is launched to used this SSL tunnel.
+
+An example server would be "x11vnc -ssl", or any VNC server with a
+2nd STUNNEL program running on the server side.
+
+Just click on the program "ssl_tightvncviewer.exe", and then enter
+the remote VNC Server and click "Connect". Click on "Help" for more
+information. You can also set some simple options under "Options ..."
+
+Note that on Windows when the TightVNC viewer disconnects you may need to
+terminate the STUNNEL program manually. To do this: Click on the STUNNEL
+icon (dark green) on the System Tray and then click "Exit". Before that,
+however, you will be prompted if you want ssl_tightvncviewer.exe to try
+to terminate STUNNEL for you. (Note that even if STUNNEL termination is
+successful, the Tray Icon may not go away until the mouse hovers over it!)
+
+With this STUNNEL and TightVNC Viewer wrapper you can also enable using
+SSL Certificates with STUNNEL, and so the connection is not only encrypted
+but it is also not susceptible to man-in-the-middle attacks.
+
+See the STUNNEL and x11vnc documentation for how to create and add SSL
+Certificates (PEM files) for authentication. Click on the "Certs ..."
+button to specify the certificate(s). See the Help there for more info
+and also:
+
+ http://www.karlrunge.com/x11vnc
+ http://www.tightvnc.com
+ http://www.stunnel.org
+ http://www.openssl.org
+ http://www.chiark.greenend.org.uk/~sgtatham/putty/
+
+You can use x11vnc to create certificates if you like:
+
+ http://www.karlrunge.com/x11vnc/#faq-ssl-ca
+
+
+Misc:
+
+ The openssl.exe stunnel.exe vncviewer.exe libeay32.dll
+ libssl32.dll programs came from the websites mentioned above.
+
+ IMPORTANT: some of these binaries may have cryptographic
+ software that you may not be allowed to download or use.
+ See the above websites for more information and also the
+ util/info subdirectories.
+
+ Also, the kill.exe and tlist.exe programs in the w98 directory
+ came from diagnostic tools ftp site of Microsoft's.
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/esound/download.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/esound/download.url
new file mode 100644
index 0000000..59f1f6b
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/esound/download.url
@@ -0,0 +1 @@
+http://www.tux.org/~ricdude/EsounD.html
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/openssl/download.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/openssl/download.url
new file mode 100644
index 0000000..237d4b1
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/openssl/download.url
@@ -0,0 +1 @@
+http://www.stunnel.org/download/stunnel/win32/
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/openssl/location.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/openssl/location.url
new file mode 100644
index 0000000..c700866
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/openssl/location.url
@@ -0,0 +1 @@
+http://www.stunnel.org/download/binaries.html
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/plink/download.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/plink/download.url
new file mode 100644
index 0000000..a23901e
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/plink/download.url
@@ -0,0 +1 @@
+http://www.chiark.greenend.org.uk/%7esgtatham/putty/download.html
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/plink/licence.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/plink/licence.url
new file mode 100644
index 0000000..2efcc31
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/plink/licence.url
@@ -0,0 +1 @@
+http://www.chiark.greenend.org.uk/%7esgtatham/putty/licence.html
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/stunnel/download.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/stunnel/download.url
new file mode 100644
index 0000000..237d4b1
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/stunnel/download.url
@@ -0,0 +1 @@
+http://www.stunnel.org/download/stunnel/win32/
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/stunnel/location.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/stunnel/location.url
new file mode 100644
index 0000000..c700866
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/stunnel/location.url
@@ -0,0 +1 @@
+http://www.stunnel.org/download/binaries.html
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/vncviewer/download.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/vncviewer/download.url
new file mode 100644
index 0000000..36c60e4
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/vncviewer/download.url
@@ -0,0 +1 @@
+http://www.tightvnc.com/download.html
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/vncviewer/location.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/vncviewer/location.url
new file mode 100644
index 0000000..a686ae0
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/vncviewer/location.url
@@ -0,0 +1 @@
+http://www.tightvnc.com
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/stunnel-client.conf b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/stunnel-client.conf
new file mode 100644
index 0000000..7517e23
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/stunnel-client.conf
@@ -0,0 +1,43 @@
+#
+# Example SSL stunnel CLIENT configuration file. (you run stunnel on
+# this machine and point your vnc viewer to it, it goes to remote VNC
+# server via SSL)
+#
+# To use this file you will need to edit it. Then you will need
+# to manually start up stunnel using it.
+# (e.g. /path/to/stunnel stunnel-server.conf)
+#
+# This is just an example and is not used by the tools in this package.
+# It is here to show how to create outgoing SSL connections to remote
+# VNC servers when not using the tools in this package.
+#
+client = yes
+options = ALL
+RNDbytes = 2048
+RNDfile = bananarand.bin
+RNDoverwrite = yes
+#
+# Remote server certs could go here:
+# CApath = /path/to/.../crt-dir
+# CAfile = /path/to/.../foo.crt
+# verify = 2
+# My cert could go here:
+# cert = /path/to/.../my.pem
+#
+[vnc]
+#
+# Set to local listening port number (e.g. 5900 for vnc display 0):
+#
+accept = localhost:5900
+#
+# Set to remote host:port to connect to (e.g. far-away.east:5900):
+# (this is where the VNC server is. :0 -> port 5900, etc)
+#
+connect = HOST:PORT
+delay = no
+#
+# You could add additional ones going to other VNC servers:
+# [vnc2]
+# accept = localhost:5901
+# connect = HOST2:PORT2
+# etc ...
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/stunnel-server.conf b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/stunnel-server.conf
new file mode 100644
index 0000000..8e5dd50
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/stunnel-server.conf
@@ -0,0 +1,34 @@
+#
+# Example SSL stunnel SERVER configuration file. (e.g. for your VNC
+# server on this same machine.)
+#
+# To use this file you may need to edit it. Then you will need
+# to manually start up stunnel using it.
+# (e.g. /path/to/stunnel stunnel-server.conf)
+#
+# This is just an example and is not used by the tools in this package.
+# It is here in case you wanted to see how to add SSL support to any
+# VNC server you have.
+#
+RNDbytes = 2048
+RNDfile = bananarand.bin
+RNDoverwrite = yes
+#
+# Remote client certs could go here:
+# CApath = /path/to/.../crt-dir
+# CAfile = /path/to/.../foo.crt
+# verify = 2
+# My server cert could go here:
+# cert = /path/to/.../my.pem
+#
+[vnc]
+#
+# Set to local listening port number (e.g. 5901 for vnc display 1):
+# so the remote viewers would connect to: yourmachine:1
+#
+accept = 5901
+#
+# Set to localhost:port to connect to VNC server on this same machine:
+# (E.g. you run WinVNC on :0, preferably listening on localhost).
+#
+connect = localhost:5900
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/w98/location.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/w98/location.url
new file mode 100644
index 0000000..eb94b91
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/w98/location.url
@@ -0,0 +1 @@
+ftp://ftp.microsoft.com/Services/TechNet/samples/PS/Win98/Reskit/DIAGNOSE/
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssl_tightvncviewer b/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssl_tightvncviewer
new file mode 100755
index 0000000..8472853
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssl_tightvncviewer
@@ -0,0 +1,124 @@
+#!/bin/sh
+#
+# Copyright (c) 2006 by Karl J. Runge <runge@karlrunge.com>
+#
+# ssl_tightvncviewer:
+#
+# A wrapper that calls ssl_vncviewer to use the enhanced TightVNC viewer.
+#
+# The enhanced TightVNC viewer features are:
+#
+# - SSL support for connections using the co-bundled stunnel program.
+# - rfbNewFBSize VNC support (screen resizing)
+# - cursor alphablending with x11vnc at 32bpp
+# - xgrabserver support for fullscreen mode (for old window mgrs)
+#
+#
+# Your platform (e.g. Linux.i686) is autodetected and enhanced
+# vncviewer and stunnel binaries for it are used (see the ./bin directory).
+#
+# See the build.unix script if your platform is not in this package.
+# You can also set the env. var. UNAME=os.arch to any "os.arch" you want
+# to override the autodetetion.
+#
+# Usage:
+#
+# ssl_tightvncviewer [ssl_vncviewer-args] hostname:N [tightvncviewer-args]
+#
+# "hostname:N" is the host and VNC display to connect to, e.g. snoopy:0
+#
+# See the script util/ssl_vncviewer for details about its arguments:
+#
+# -verify pemfile
+# -mycert pemfile
+# -proxy phost:pport
+# -alpha
+# -grab
+#
+#
+# See the TightVNC viewer documentation for on its cmdline arguments.
+#
+# For convenience, here is the current (7/2006) TightVNC viewer -help output:
+#
+# TightVNC viewer version 1.3dev5
+#
+# Usage: vncviewer [<OPTIONS>] [<HOST>][:<DISPLAY#>]
+# vncviewer [<OPTIONS>] [<HOST>][::<PORT#>]
+# vncviewer [<OPTIONS>] -listen [<DISPLAY#>]
+# vncviewer -help
+#
+# <OPTIONS> are standard Xt options, or:
+# -via <GATEWAY>
+# -shared (set by default)
+# -noshared
+# -viewonly
+# -fullscreen
+# -noraiseonbeep
+# -passwd <PASSWD-FILENAME> (standard VNC authentication)
+# -user <USERNAME> (Unix login authentication)
+# -encodings <ENCODING-LIST> (e.g. "tight copyrect")
+# -bgr233
+# -owncmap
+# -truecolour
+# -depth <DEPTH>
+# -compresslevel <COMPRESS-VALUE> (0..9: 0-fast, 9-best)
+# -quality <JPEG-QUALITY-VALUE> (0..9: 0-low, 9-high)
+# -nojpeg
+# -nocursorshape
+# -x11cursor
+# -autopass
+#
+# Option names may be abbreviated, e.g. -bgr instead of -bgr233.
+# See the manual page for more information.
+#
+
+if [ "X$1" = "X-h" -o "X$1" = "X-help" -o "X$1" = "X--help" ]; then
+ head -70 "$0" | grep -v bin/sh
+ exit
+fi
+
+# Include /usr/bin... to be sure to get regular utilities:
+#
+PATH=$PATH:/usr/bin:/bin
+export PATH
+
+# Set this for ssl_vncviewer to pick up:
+#
+VNCVIEWERCMD="vncviewer"
+export VNCVIEWERCMD
+
+# work out os.arch platform string and check for binaries:
+#
+name=$UNAME
+if [ "X$name" = "X" ]; then
+ name=`uname -sm | sed -e 's/ /./'`
+fi
+
+if [ -L "$0" ]; then
+ d=`dirname "\`ls -l "$0" | sed -e 's/^.* -> //'\`"`
+ if echo "$d" | grep '^/' > /dev/null; then
+ dir="$d"
+ else
+ dir="`dirname "$0"`/$d"
+ fi
+else
+ dir=`dirname "$0"`
+fi
+if [ ! -d "$dir/$name" ]; then
+ echo "cannot find platform dir: $dir/$name for your OS:"
+ uname -sm
+ echo "you can set the \$UNAME env. var. to override the setting."
+ exit 1
+fi
+
+# Put our os.arch and other utils dirs at head of PATH to be sure to
+# pick them up:
+#
+PATH="$dir:$dir/$name:$dir/util:$PATH"
+
+STUNNEL_EXTRA_OPTS=${STUNNEL_EXTRA_OPTS:-"maxconn = 1"}
+export STUNNEL_EXTRA_OPTS
+
+# Force the use of tight encoding for localhost redir connection:
+#
+ssl_vncviewer "$@" -encodings 'copyrect tight zrle zlib hextile'
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssl_vnc_gui b/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssl_vnc_gui
new file mode 100755
index 0000000..abdb2d3
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssl_vnc_gui
@@ -0,0 +1,64 @@
+#!/bin/sh
+#
+# Copyright (c) 2006 by Karl J. Runge <runge@karlrunge.com>
+#
+# ssl_vnc_gui:
+#
+# A wrapper for ssl_tightvncviewer using a tcl/tk gui.
+#
+# See ssl_tightvncviewer for details.
+#
+if [ "X$XTERM_PRINT" != "X" ]; then
+ XTERM_PRINT=""
+ cat > /dev/null
+fi
+if [ "X$1" = "X-bg" ]; then
+ shift
+ $0 "$@" &
+ exit 0
+fi
+
+PATH=$PATH:/usr/bin:/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/openwin/bin
+export PATH
+
+SSL_VNC_GUI_CMD="$0 $*"
+export SSL_VNC_GUI_CMD
+SSL_VNC_LAUNCH=$SSL_VNC_GUI_CMD
+export SSL_VNC_LAUNCH
+
+# work out os.arch platform string and check for binaries:
+#
+name=$UNAME
+if [ "X$name" = "X" ]; then
+ name=`uname -sm | sed -e 's/ /./'`
+fi
+
+if [ -L "$0" ]; then
+ d=`dirname "\`ls -l "$0" | sed -e 's/^.* -> //'\`"`
+ if echo "$d" | grep '^/' > /dev/null; then
+ dir="$d"
+ else
+ dir="`dirname "$0"`/$d"
+ fi
+else
+ dir=`dirname "$0"`
+fi
+if [ ! -d "$dir/$name" ]; then
+ echo "cannot find platform dir: $dir/$name for your OS:"
+ uname -sm
+ echo "you can set the \$UNAME env. var. to override the setting."
+ exit 1
+fi
+
+# Put our os.arch and other utils dirs at head of PATH to be sure to
+# pick them up:
+#
+PATH="$dir:$dir/$name:$dir/util:$PATH"
+
+SSL_VNC_BASEDIR="$dir"
+export SSL_VNC_BASEDIR
+
+STUNNEL_EXTRA_OPTS=${STUNNEL_EXTRA_OPTS:-"maxconn = 1"}
+export STUNNEL_EXTRA_OPTS
+
+exec ssl_tightvncviewer.tcl "$@"
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/bin/tightvncviewer b/x11vnc/misc/enhanced_tightvnc_viewer/bin/tightvncviewer
new file mode 100755
index 0000000..8ba6d56
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/bin/tightvncviewer
@@ -0,0 +1,129 @@
+#!/bin/sh
+#
+# Copyright (c) 2006 by Karl J. Runge <runge@karlrunge.com>
+#
+# tightvncviewer:
+#
+# A wrapper that calls the enhanced TightVNC viewer.
+#
+# The enhanced TightVNC viewer features are:
+#
+# - SSL support for connections using the co-bundled stunnel program.
+# - rfbNewFBSize VNC support (screen resizing)
+# - cursor alphablending with x11vnc at 32bpp
+# - xgrabserver support for fullscreen mode (for old window mgrs)
+#
+#
+# Your platform (e.g. Linux.i686) is autodetected and enhanced
+# vncviewer and stunnel binaries for it are used (see the ./bin directory).
+#
+# See the build.unix script if your platform is not in this package if
+# you want to build one.
+#
+# See the build.unix script if your platform is not in this package if you want to build one.
+# You can also set the env. var. UNAME=os.arch to any "os.arch" you want
+# to override the autodetetion.
+#
+# Usage:
+#
+# tightvncviewer [tightvncviewer-args] hostname:N
+# or
+# tightvncviewer -ssl hostname:N [tightvncviewer-args]
+#
+# "hostname:N" is the host and VNC display to connect to, e.g. snoopy:0
+#
+# If the first argument is "-ssl" then ssl_tightvncviewer is called
+# instead. See that script for details.
+#
+# See the TightVNC viewer documentation for on its cmdline arguments.
+#
+# For convenience, here is the current (7/2006) TightVNC viewer -help output:
+#
+# TightVNC viewer version 1.3dev5
+#
+# Usage: vncviewer [<OPTIONS>] [<HOST>][:<DISPLAY#>]
+# vncviewer [<OPTIONS>] [<HOST>][::<PORT#>]
+# vncviewer [<OPTIONS>] -listen [<DISPLAY#>]
+# vncviewer -help
+#
+# <OPTIONS> are standard Xt options, or:
+# -via <GATEWAY>
+# -shared (set by default)
+# -noshared
+# -viewonly
+# -fullscreen
+# -noraiseonbeep
+# -passwd <PASSWD-FILENAME> (standard VNC authentication)
+# -user <USERNAME> (Unix login authentication)
+# -encodings <ENCODING-LIST> (e.g. "tight copyrect")
+# -bgr233
+# -owncmap
+# -truecolour
+# -depth <DEPTH>
+# -compresslevel <COMPRESS-VALUE> (0..9: 0-fast, 9-best)
+# -quality <JPEG-QUALITY-VALUE> (0..9: 0-low, 9-high)
+# -nojpeg
+# -nocursorshape
+# -x11cursor
+# -autopass
+#
+# Option names may be abbreviated, e.g. -bgr instead of -bgr233.
+# See the manual page for more information.
+#
+
+if [ "X$1" = "X-h" -o "X$1" = "X-help" -o "X$1" = "X--help" ]; then
+ head -69 "$0" | grep -v bin/sh
+ exit
+fi
+
+# Include /usr/bin... to be sure to get regular utilities:
+#
+PATH=$PATH:/usr/bin:/bin
+export PATH
+
+# Set this for ssl_vncviewer to pick up:
+#
+VNCVIEWERCMD="vncviewer"
+export VNCVIEWERCMD
+
+# work out os.arch platform string and check for binaries:
+#
+name=$UNAME
+if [ "X$name" = "X" ]; then
+ name=`uname -sm | sed -e 's/ /./'`
+fi
+
+if [ -L "$0" ]; then
+ d=`dirname "\`ls -l "$0" | sed -e 's/^.* -> //'\`"`
+ if echo "$d" | grep '^/' > /dev/null; then
+ dir="$d"
+ else
+ dir="`dirname "$0"`/$d"
+ fi
+else
+ dir=`dirname "$0"`
+fi
+if [ ! -d "$dir/$name" ]; then
+ echo "cannot find platform dir: $dir/$name for your OS:"
+ uname -sm
+ echo "you can set the \$UNAME env. var. to override the setting."
+ exit 1
+fi
+
+# Put our os.arch and other utils dirs at head of PATH to be sure to
+# pick them up:
+#
+PATH="$dir:$dir/$name:$dir/util:$PATH"
+
+if [ "X$1" = "X-ssl" ]; then
+ shift
+ ssl_tightvncviewer "$@"
+ exit $?
+fi
+
+STUNNEL_EXTRA_OPTS=${STUNNEL_EXTRA_OPTS:-"maxconn = 1"}
+export STUNNEL_EXTRA_OPTS
+
+# Force the use of tight encoding for localhost redir connection:
+#
+vncviewer -encodings 'copyrect tight zrle zlib hextile' "$@"
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ssl_tightvncviewer.tcl b/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ssl_tightvncviewer.tcl
new file mode 100755
index 0000000..bd9f5c9
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ssl_tightvncviewer.tcl
@@ -0,0 +1,5031 @@
+#!/bin/sh
+# the next line restarts using wish \
+exec wish "$0" "$@"
+
+#
+# Copyright (c) 2006 by Karl J. Runge <runge@karlrunge.com>
+#
+# ssl_tightvncviewer.tcl: gui wrapper to the , etc. programs in this
+# ssl_tightvncviewerpackage. Also sets up service port forwarding.
+#
+
+set buck_zero $argv0
+
+proc center_win {w} {
+ set W [winfo screenwidth $w]
+ set W [expr $W + 1]
+ wm geometry $w +$W+0
+ update
+ set x [expr [winfo screenwidth $w]/2 - [winfo width $w]/2]
+ set y [expr [winfo screenheight $w]/2 - [winfo height $w]/2]
+ wm geometry $w +$x+$y
+ update
+}
+
+proc apply_bg {w} {
+ global is_windows system_button_face
+ if {$is_windows && $system_button_face != ""} {
+ catch {$w configure -bg "$system_button_face"}
+ }
+}
+
+proc scroll_text {fr {w 80} {h 35}} {
+ global help_font is_windows
+
+ catch {destroy $fr}
+
+ frame $fr -bd 0
+
+ eval text $fr.t -width $w -height $h $help_font \
+ -setgrid 1 -bd 2 -yscrollcommand {"$fr.y set"} -relief ridge
+
+ apply_bg $fr.t
+
+ scrollbar $fr.y -orient v -relief sunken -command "$fr.t yview"
+ pack $fr.y -side right -fill y
+ pack $fr.t -side top -fill both -expand 1
+
+ focus $fr.t
+}
+
+proc scroll_text_dismiss {fr {w 80} {h 35}} {
+ global help_font
+
+ scroll_text $fr $w $h
+
+ set up $fr
+ regsub {\.[^.]*$} $up "" up
+
+ button $up.d -text "Dismiss" -command "destroy $up"
+ bind $up <Escape> "destroy $up"
+ pack $up.d -side bottom -fill x
+ pack $fr -side top -fill both -expand 1
+}
+
+proc help {} {
+ catch {destroy .h}
+ toplevel .h
+
+ scroll_text_dismiss .h.f
+
+ center_win .h
+ wm title .h "SSL TightVNC Viewer Help"
+
+ set msg {
+ Enter the VNC host and display in the 'VNC Server' entry box.
+
+ It is of the form "host:number", where "host" is the hostname of the
+ machine running the VNC Server and "number" is the VNC display number;
+ it is often "0". Examples:
+
+ snoopy:0
+ far-away.east:0
+ sunray-srv1.west:17
+ 24.67.132.27:0
+
+ Then click on "Connect". When you do so the STUNNEL program will be
+ started locally to provide you with an outgoing SSL tunnel.
+
+ Once the STUNNEL is running, the TightVNC Viewer will be automatically
+ started directed to the local SSL tunnel which, in turn, encrypts and
+ redirects the connection to the remote VNC server.
+
+ The remote VNC server must support an initial SSL handshake before
+ using the VNC protocol (i.e. VNC is tunnelled through the SSL channel
+ after it is established). "x11vnc -ssl ..." does this, and any VNC
+ server can be made to do this by using, e.g., STUNNEL on the remote side.
+
+ Click on "Options ..." if you want to use an *SSH* tunnel instead of
+ SSL (then the VNC Server does not need to speak SSL or use STUNNEL).
+
+
+ Note that on Windows when the Viewer connection is finished you may
+ need to terminate STUNNEL manually from the System Tray (right click
+ on dark green icon) and selecting "Exit".
+
+
+ Proxies: If an intermediate proxy is needed to make the SSL connection
+ (e.g. web gateway out of a firewall), supply both hosts separated
+ by spaces (with the proxy 2nd):
+
+ host:number gwhost:port
+
+ E.g.: far-way.east:0 mygateway.com:8080
+
+ See the ssl_vncviewer description and x11vnc FAQ for info on proxies:
+
+ http://www.karlrunge.com/x11vnc/#ssl_vncviewer
+ http://www.karlrunge.com/x11vnc/#faq-ssl-java-viewer-proxy
+
+
+ If you want to use a SSL Certificate (PEM) file to authenticate yourself
+ to the VNC server ("MyCert") or to verify the identity of the VNC Server
+ ("ServerCert" or "CertsDir") import the certificate file by clicking
+ the "Certs ..." button before connecting.
+
+ Certificate verification is needed to prevent Man In the Middle attacks.
+ See the x11vnc documentation:
+
+ http://www.karlrunge.com/x11vnc/ssl.html
+
+ for how to create and use PEM SSL certificate files. An easy way is:
+
+ x11vnc -ssl SAVE ...
+
+ where it will print out its automatically generated certificate to
+ the screen and that can be safely copied to the viewer side.
+
+
+ To set other Options, e.g. to use SSH instead of STUNNEL SSL,
+ click on the "Options ..." button and read the Help there.
+
+ See these links for more information:
+
+ http://www.karlrunge.com/x11vnc/#faq-ssl-tunnel-ext
+ http://www.stunnel.org
+ http://www.tightvnc.com
+
+
+ Tips:
+
+ 1) On Unix to get a 2nd GUI (e.g. for a 2nd connection) press Ctrl-N
+ on the GUI. If only the xterm window is visible you can press
+ Ctrl-N or try Ctrl-LeftButton -> New SSL_VNC_GUI. On Windows you
+ will have to manually Start a new one: Start -> Run ..., etc.
+
+ 2) If you use "user@hostname cmd=SHELL" then you get an SSH shell only:
+ no VNC viewer will be launched. On Windows "user@hostname cmd=PUTTY"
+ will try to use putty.exe (better terminal emulation than plink.exe)
+ A shortcut for this is Ctrl-S.
+}
+
+ .h.f.t insert end $msg
+ #raise .h
+}
+
+proc help_certs {} {
+ catch {destroy .ch}
+ toplevel .ch
+
+ scroll_text_dismiss .ch.f 90 33
+
+ center_win .ch
+ wm resizable .ch 1 0
+
+ wm title .ch "SSL Certificates Help"
+
+ set msg {
+ Only with SSL Certificate verification can Man In the Middle attacks be
+ prevented. Otherwise, only passive snooping attacks are prevented with SSL.
+
+ You can specify your own SSL certificate (PEM) file in "MyCert" in which case it
+ is used to authenticate you (the viewer) to the remote VNC Server. If this fails
+ the remote VNC Server will drop the connection.
+
+ Server certs can be specified in one of two ways:
+
+ - A single certificate (PEM) file for a single server
+ or a single Certificate Authority (CA)
+
+ - A directory of certificate (PEM) files stored in
+ the special OpenSSL hash fashion.
+
+
+ The former is set via "ServerCert" in this gui.
+ The latter is set via "CertsDir" in this gui.
+
+ The former corresponds to the "CAfile" STUNNEL parameter.
+ The latter corresponds to the "CApath" STUNNEL parameter.
+ See stunnel(8) or www.stunnel.org for more information.
+
+ If the remote VNC Server fails to authenticate itself with respect to the specified
+ certificate(s), then the VNC Viewer (your side) will drop the connection.
+
+ If "Use SSH instead" has been selected then SSL certs are disabled.
+
+ See the x11vnc and STUNNEL documentation for how to create and use PEM
+ certificate files:
+
+ http://www.karlrunge.com/x11vnc/#faq-ssl-tunnel-ext
+ http://www.karlrunge.com/x11vnc/ssl.html
+ http://www.stunnel.org
+}
+
+ .ch.f.t insert end $msg
+ #raise .ch
+}
+
+proc help_opts {} {
+ catch {destroy .oh}
+ toplevel .oh
+
+ scroll_text_dismiss .oh.f
+
+ center_win .oh
+
+ wm title .oh "SSL Viewer Options Help"
+
+set msg {
+ Use SSH: Instead of using STUNNEL SSL, use ssh(1) for the encrypted
+ tunnel. You must be able to log in via ssh to the remote host.
+
+ On Unix the cmdline ssh(1) program will be run in an xterm
+ for authentication, etc. On Windows the cmdline plink.exe
+ program will be launched in a Windows Console window.
+
+ You can set the "VNC Server" to "user@host:disp" to indicate
+ ssh should log in as "user" on "host". On Windows you must
+ always supply the "user@" part (due to a plink deficiency). E.g.:
+
+ fred@far-away.east:0
+
+ If a gateway machine must be used (e.g. to enter a firewall;
+ the VNC Server is not running on it), put something like this
+ in the "VNC Server" entry box:
+
+ workstation:0 user@gateway-host:port
+
+ ssh is used to login to user@gateway-host and then a -L port
+ redirection is set up to go to workstation:0 from gateway-host.
+ ":port" is optional, use it if the gateway-host SSH port is
+ not the default value 22.
+
+ At the very end of the entry box, you can also append a
+ cmd=... string to indicate that command should be run via ssh
+ on the remote machine instead of the default "sleep 15". E.g.:
+
+ user@host:0 cmd=x11vnc -nopw -display :0
+
+ (if a gateway is also needed, put it just before the cmd=...)
+
+ Trick: If you use "cmd=SHELL" then you get an SSH shell only:
+ no VNC viewer will be launched. On Windows "cmd=PUTTY" will
+ try to use putty.exe (better terminal emulation than plink.exe)
+ Ctrl-S is a shortcut for this.
+
+ Use SSH and SSL: Tunnel the SSL connection through a SSH tunnel. Use this
+ if you want end-to-end SSL and must use a SSH gateway (e.g. to
+ enter a firewall) or if additional SSH port redirs are required
+ (CUPS, Sound, SMB tunnelling: See Advanced options).
+
+
+ Putty PW: On Windows only: use the supplied password for plink SSH logins.
+ Unlike the other options the value is not saved when 'Save
+ Profile' is used. This feature useful when options under
+ "Advanced" are set that require 2 SSH's: you just have
+ to type the password once in this entry box. The bundled
+ pagent.exe and puttygen.exe programs can also be used to avoid
+ repeatedly entering passwords (note this requires setting up
+ and distributing SSH keys). Start up pagent.exe or puttygen.exe
+ and read the instructions there.
+
+ ssh-agent: On Unix only: restart the GUI in the presence of ssh-agent(1)
+ (e.g. in case you forgot to start your agent before starting
+ this GUI). An xterm will be used to enter passphrases, etc.
+ This can avoid repeatedly entering passphrases for the
+ SSH logins (note this requires setting up and distributing
+ SSH keys).
+
+
+ View Only: Have VNC Viewer ignore mouse and keyboard input.
+
+ Fullscreen: Start the VNC Viewer in fullscreen mode.
+
+ Raise On Beep: Deiconify viewer when bell rings.
+
+ Use 8bit color: Request a very low-color pixel format.
+
+ Cursor Alphablending: Use the x11vnc alpha hack for translucent cursors
+ (requires Unix, 32bpp and same endianness)
+
+ Use XGrabServer: On Unix only, use the XGrabServer workaround for
+ old window managers.
+
+ Do not use JPEG: Do not use the jpeg aspect of the tight encoding.
+
+ Compress Level/Quality: Set TightVNC encoding parameters.
+
+
+ Save and Load: You can Save the current settings by clicking on Save
+ Profile (.vnc file) and you can also read in a saved one
+ with Load Profile.
+
+ Clear Options: Set all options to their defaults (i.e. unset).
+
+ Advanced: Bring up the Advanced options dialog.
+}
+ .oh.f.t insert end $msg
+ #raise .oh
+}
+
+proc win_nokill_msg {} {
+ global help_font is_windows system_button_face
+ catch {destroy .w}
+ toplevel .w
+
+ eval text .w.t -width 60 -height 11 $help_font
+ button .w.d -text "Dismiss" -command {destroy .w}
+ pack .w.t .w.d -side top -fill x
+
+ apply_bg .w.t
+
+ center_win .w
+ wm resizable .w 1 0
+
+ wm title .w "SSL Viewer: Warning"
+
+ set msg {
+ The TightVNC Viewer has exited.
+
+ You will need to terminate STUNNEL manually.
+
+ To do this go to the System Tray and right-click on the STUNNEL
+ icon (dark green). Then click "Exit".
+
+ You can also double click on the STUNNEL icon to view the log
+ for error messages and other information.
+}
+ .w.t insert end $msg
+ #raise .w
+}
+
+proc win_kill_msg {pids} {
+ global terminate_pids
+ global help_font
+ catch {destroy .w}
+ toplevel .w
+
+ eval text .w.t -width 72 -height 19 $help_font
+ button .w.d -text "Dismiss" -command {destroy .w; set terminate_pids no}
+ button .w.k -text "Terminate STUNNEL" -command {destroy .w; set terminate_pids yes}
+ pack .w.t .w.k .w.d -side top -fill x
+
+ apply_bg .w.t
+
+ center_win .w
+ wm resizable .w 1 0
+
+ wm title .w "SSL Viewer: Warning"
+
+ set msg {
+ The TightVNC Viewer has exited.
+
+ We can terminate the following still running STUNNEL process(es):
+
+}
+ append msg " $pids\n"
+
+ append msg {
+ Click on the "Terminate STUNNEL" button below to do so.
+
+ Before terminating STUNNEL you can double click on the STUNNEL
+ Tray icon to view its log for error messages and other information.
+
+ Note: You may STILL need to terminate STUNNEL manually if we are
+ unable to kill it. To do this go to the System Tray and right-click
+ on the STUNNEL icon (dark green). Then click "Exit". You will
+ probably also need to hover the mouse over the STUNNEL Tray Icon to
+ make the Tray notice STUNNEL is gone...
+}
+ .w.t insert end $msg
+ #raise .w
+}
+
+proc win9x_plink_msg {file} {
+ catch {destroy .pl}
+ global help_font win9x_plink_msg_done
+ toplevel .pl
+
+ eval text .pl.t -width 90 -height 26 $help_font
+ button .pl.d -text "OK" -command {destroy .pl; set win9x_plink_msg_done 1}
+ wm protocol .pl WM_DELETE_WINDOW {catch {destroy .pl}; set win9x_plink_msg_done 1}
+ pack .pl.t .pl.d -side top -fill x
+
+ apply_bg .pl.t
+
+ center_win .pl
+ wm resizable .pl 1 0
+
+ wm title .pl "SSL Viewer: Win9x Warning"
+
+ set msg {
+ Due to limitations on Window 9x you will have to manually start up
+ a COMMAND.COM terminal and paste in the following command:
+
+}
+ set pwd [pwd]
+ regsub -all {/} $pwd "\\" pwd
+ append msg " $pwd\\$file\n"
+
+ append msg {
+ The reason for this is a poor Console application implementation that
+ affects many text based applications.
+
+ To start up a COMMAND.COM terminal, click on the Start -> Run, and then
+ type COMMAND in the entry box and hit Return or click OK.
+
+ To select the above command, highlight it with the mouse and then press
+ Ctrl-C. Then go over the the COMMAND.COM window and click on the
+ Clipboard paste button. Once pasted in, press Return to run the script.
+
+ This will start up a PLINK.EXE ssh login to the remote computer,
+ and after you log in successfully and indicate (QUICKLY!!) that the
+ connection is OK by clicking OK in this dialog. If the SSH connection
+ cannot be autodetected you will ALSO need to click "Success" in the
+ "plink ssh status?" dialog, the VNC Viewer will be started going
+ through the SSH tunnel.
+}
+ .pl.t insert end $msg
+ wm deiconify .pl
+}
+
+proc mesg {str} {
+ set maxx 53
+ if {[string length $str] > $maxx} {
+ set str [string range $str 0 $maxx]
+ append str " ..."
+ }
+ .l configure -text $str
+ update
+}
+
+proc get_ssh_hp {str} {
+ set str [string trim $str]
+ regsub {[ ].*$} $str "" str
+ return $str
+}
+
+proc get_ssh_cmd {str} {
+ set str [string trim $str]
+ if [regexp {cmd=(.*$)} $str m cmd] {
+ set cmd [string trim $cmd]
+ regsub -nocase {^%x11vncr$} $cmd "x11vnc -nopw -display none -rawfb rand" cmd
+ regsub -nocase {^%x11vnc$} $cmd "x11vnc -nopw -display none -rawfb null" cmd
+ return $cmd
+ } else {
+ return ""
+ }
+}
+
+proc get_ssh_proxy {str} {
+ set str [string trim $str]
+ regsub {cmd=(.*$)} $str "" str
+ set str [string trim $str]
+ if { ![regexp {[ ]} $str]} {
+ return ""
+ }
+ regsub {^.*[ ][ ]*} $str "" str
+ return $str
+}
+
+proc set_defaults {} {
+ global mycert svcert crtdir
+ global use_alpha use_grab use_ssh use_sshssl use_viewonly use_fullscreen use_bgr233
+ global use_nojpeg use_raise_on_beep use_compresslevel use_quality
+ global compresslevel_text quality_text
+ global use_cups use_sound use_smbmnt
+ global cups_local_server cups_remote_port cups_manage_rcfile
+ global cups_local_smb_server cups_remote_smb_port
+ global change_vncviewer change_vncviewer_path vncviewer_realvnc4
+ global additional_port_redirs additional_port_redirs_list
+ global sound_daemon_remote_cmd sound_daemon_remote_port sound_daemon_kill sound_daemon_restart
+ global sound_daemon_local_cmd sound_daemon_local_port sound_daemon_local_kill sound_daemon_local_start
+ global smb_su_mode smb_mount_list
+ global use_port_knocking port_knocking_list
+
+ set use_ssh 0
+ set use_sshssl 0
+ putty_pw_entry check
+
+ set use_viewonly 0
+ set use_fullscreen 0
+ set use_raise_on_beep 0
+ set use_bgr233 0
+ set use_alpha 0
+ set use_grab 0
+ set use_nojpeg 0
+ set use_compresslevel "default"
+ set use_quality "default"
+ set compresslevel_text "Compress Level: $use_compresslevel"
+ set quality_text "Quality: $use_quality"
+
+ set mycert ""
+ set svcert ""
+ set crtdir ""
+
+ set use_cups 0
+ set use_sound 0
+ set use_smbmnt 0
+
+ set change_vncviewer 0
+ set change_vncviewer_path ""
+ set cups_manage_rcfile 0
+ set vncviewer_realvnc4 0
+
+ set additional_port_redirs 0
+ set additional_port_redirs_list ""
+
+ set cups_local_server ""
+ set cups_remote_port ""
+ set cups_local_smb_server ""
+ set cups_remote_smb_port ""
+
+ set smb_su_mode "su"
+ set smb_mount_list ""
+
+ set sound_daemon_remote_cmd ""
+ set sound_daemon_remote_port ""
+ set sound_daemon_kill 0
+ set sound_daemon_restart 0
+
+ set sound_daemon_local_cmd ""
+ set sound_daemon_local_port ""
+ set sound_daemon_local_start 0
+ set sound_daemon_local_kill 0
+
+ set use_port_knocking 0
+ set port_knocking_list ""
+}
+
+proc do_viewer_windows {n} {
+ global use_alpha use_grab use_ssh use_sshssl use_viewonly use_fullscreen use_bgr233
+ global use_nojpeg use_raise_on_beep use_compresslevel use_quality
+ global change_vncviewer change_vncviewer_path vncviewer_realvnc4
+
+ set cmd "vncviewer"
+ if {$change_vncviewer && $change_vncviewer_path != ""} {
+ set cmd [string trim $change_vncviewer_path]
+ regsub -all {\\} $cmd {/} cmd
+ if {[regexp {[ \t]} $cmd]} {
+ if {[regexp -nocase {\.exe$} $cmd]} {
+ if {! [regexp {["']} $cmd]} { #"
+ # hmmm, not following instructions, are they?
+ set cmd "\"$cmd\""
+ }
+ }
+ }
+ }
+ if {$use_viewonly} {
+ if {$vncviewer_realvnc4} {
+ append cmd " viewonly=1"
+ } else {
+ append cmd " /viewonly"
+ }
+ }
+ if {$use_fullscreen} {
+ if {$vncviewer_realvnc4} {
+ append cmd " fullscreen=1"
+ } else {
+ append cmd " /fullscreen"
+ }
+ }
+ if {$use_bgr233} {
+ if {$vncviewer_realvnc4} {
+ append cmd " lowcolourlevel=1"
+ } else {
+ append cmd " /8bit"
+ }
+ }
+ if {$use_nojpeg} {
+ if {! $vncviewer_realvnc4} {
+ append cmd " /nojpeg"
+ }
+ }
+ if {$use_raise_on_beep} {
+ if {! $vncviewer_realvnc4} {
+ append cmd " /belldeiconify"
+ }
+ }
+ if {$use_compresslevel != "" && $use_compresslevel != "default"} {
+ if {$vncviewer_realvnc4} {
+ append cmd " zliblevel=$use_compresslevel"
+ } else {
+ append cmd " /compresslevel $use_compresslevel"
+ }
+ }
+ if {$use_quality != "" && $use_quality != "default"} {
+ if {! $vncviewer_realvnc4} {
+ append cmd " /quality $use_quality"
+ }
+ }
+ append cmd " localhost:$n"
+
+ mesg $cmd
+ set emess ""
+ set rc [catch {eval exec $cmd} emess]
+ if {$rc != 0} {
+ tk_messageBox -type ok -icon error -message $emess -title "Error: $cmd"
+ }
+}
+
+proc get_netstat {} {
+ set ns ""
+ catch {set ns [exec netstat -an]}
+ return $ns
+}
+
+proc get_ipconfig {} {
+ global is_win9x
+ set ip ""
+ if {! $is_win9x} {
+ catch {set ip [exec ipconfig]}
+ return $ip
+ }
+
+ set file "ip"
+ append file [pid]
+ append file ".txt"
+
+ catch {[exec winipcfg /Batch $file]}
+
+ if [file exists $file] {
+ set fh [open $file "r"]
+ while {[gets $fh line] > -1} {
+ append ip "$line\n"
+ }
+ close $fh
+ catch {file delete $file}
+ }
+ return $ip
+}
+
+proc guess_nat_ip {} {
+ global save_nat last_save_nat
+ set s ""
+
+ if {! [info exists save_nat]} {
+ set save_nat ""
+ set last_save_nat 0
+ }
+ if {$save_nat != ""} {
+ set now [clock seconds]
+ if {$now < $last_save_nat + 45} {
+ return $save_nat
+ }
+ }
+ set s ""
+ catch {set s [socket "www.whatismyip.com" 80]}
+ set ip "unknown"
+ if {$s != ""} {
+ fconfigure $s -buffering none
+ puts $s "GET / HTTP/1.1"
+ puts $s "Host: www.whatismyip.com"
+ puts $s "Connection: close"
+ puts $s ""
+ flush $s
+ set on 0
+ while { [gets $s line] > -1 } {
+ if {! $on && [regexp {<HEAD>} $line]} {set on 1}
+ if {! $on && [regexp {<HTML>} $line]} {set on 1}
+ if {! $on && [regexp {<TITLE>} $line]} {set on 1}
+ if {! $on} {
+ continue;
+ }
+ if [regexp {([0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*)} $line ip] {
+ break
+ }
+ }
+ close $s
+ }
+ if {$ip != "unknown"} {
+ set save_nat $ip
+ set last_save_nat [clock seconds]
+ }
+ return $ip
+}
+
+proc guess_ip {} {
+ global env is_windows
+ if {! $is_windows} {
+ set out ""
+ set out [get_hostname]
+ if {$out != ""} {
+ set hout ""
+ catch {set hout [exec host $out]}
+ if {$hout != ""} {
+ if [regexp {has address ([.0-9][.0-9]*)} $hout mvar ip] {
+ set ip [string trim $ip]
+ return $ip
+ }
+ }
+ }
+ return ""
+ } else {
+ set out [get_ipconfig]
+ set out [string trim $out]
+ if {$out == ""} {
+ return ""
+ }
+ foreach line [split $out "\n\r"] {
+ if {[regexp -nocase {IP Address.*:[ \t]*([.0-9][.0-9]*)} $line mvar ip]} {
+ set ip [string trim $ip]
+ if [regexp {^[.0]*$} $ip] {
+ continue
+ }
+ if [regexp {127\.0\.0\.1} $ip] {
+ continue
+ }
+ if {$ip != ""} {
+ return $ip
+ }
+ }
+ }
+ }
+}
+
+proc windows_start_sound_daemon {file} {
+ global env
+ global use_sound sound_daemon_local_cmd sound_daemon_local_start
+
+ regsub {\.bat} $file "snd.bat" file2
+ set fh2 [open $file2 "w"]
+
+ puts $fh2 $sound_daemon_local_cmd
+ puts $fh2 "del $file2"
+ close $fh2
+
+ mesg "Starting SOUND daemon..."
+ if [info exists env(COMSPEC)] {
+ exec $env(COMSPEC) /c $file2 &
+ } else {
+ exec cmd.exe /c $file2 &
+ }
+ after 1500
+}
+
+proc windows_stop_sound_daemon {} {
+ global env is_win9x
+ global use_sound sound_daemon_local_cmd sound_daemon_local_start
+
+ set cmd [string trim $sound_daemon_local_cmd]
+
+ regsub {[ \t].*$} $cmd "" cmd
+ regsub {^.*\\} $cmd "" cmd
+ regsub {^.*/} $cmd "" cmd
+
+ if {$cmd == ""} {
+ return
+ }
+
+ set output [get_task_list]
+
+ foreach line [split $output "\n\r"] {
+ if [regexp "$cmd" $line] {
+ if [regexp {(-?[0-9][0-9]*)} $line m p] {
+ set pids($p) $line
+ }
+ }
+ }
+
+ set count 0
+ foreach pid [array names pids] {
+ mesg "Stopping SOUND pid: $pid"
+ if {$is_win9x} {
+ catch {exec w98/kill.exe /f $pid}
+ } else {
+ catch {exec tskill.exe $pid}
+ }
+ if {$count == 0} {
+ after 1200
+ } else {
+ after 500
+ }
+ incr count
+ }
+}
+
+proc contag {} {
+ global concount
+ if {! [info exists concount]} {
+ set concount 0
+ }
+ incr concount
+ set str [pid]
+ set str "-$str-$concount"
+}
+
+proc launch_windows_ssh {hp file n} {
+ global is_win9x
+ global use_sshssl use_ssh putty_pw
+
+ set hpnew [get_ssh_hp $hp]
+ set proxy [get_ssh_proxy $hp]
+ set sshcmd [get_ssh_cmd $hp]
+
+ set vnc_host "localhost"
+ set vnc_disp $hpnew
+ regsub {^.*:} $vnc_disp "" vnc_disp
+
+ if {![regexp {^[0-9][0-9]*$} $vnc_disp]} {
+ if {[regexp {cmd=SHELL} $hp]} {
+ ;
+ } elseif {[regexp {cmd=PUTTY} $hp]} {
+ ;
+ } else {
+ mesg "Bad vncdisp, missing :0 ?, $vnc_disp"
+ bell
+ return 0
+ }
+ }
+
+ if {$vnc_disp < 200} {
+ set vnc_port [expr $vnc_disp + 5900]
+ } else {
+ set vnc_port $vnc_disp
+ }
+
+
+ set ssh_port 22
+ set ssh_host $hpnew
+ regsub {:.*$} $ssh_host "" ssh_host
+
+ if {$proxy != ""} {
+ set ssh_host $proxy
+ regsub {:.*$} $ssh_host "" ssh_host
+ set ssh_port $proxy
+ regsub {^.*:} $ssh_port "" ssh_port
+ if {$ssh_port == ""} {
+ set ssh_port 22
+ }
+ set vnc_host $hpnew
+ regsub {:.*$} $vnc_host "" vnc_host
+ }
+
+ if {![regexp {^[^ ][^ ]*@} $ssh_host]} {
+ mesg "You must supply a username: user@host..."
+ bell
+ return 0
+ }
+
+ set verb "-v"
+
+ set pwd ""
+ if {$is_win9x} {
+ set pwd [pwd]
+ regsub -all {/} $pwd "\\" pwd
+ }
+
+ set use [expr $n + 5900]
+
+ set_smb_mounts
+
+ global use_smbmnt use_sound sound_daemon_kill
+ set do_pre 0
+ if {$use_smbmnt} {
+ set do_pre 1
+ } elseif {$use_sound && $sound_daemon_kill} {
+ set do_pre 1
+ }
+
+ global skip_pre
+ if {$skip_pre} {
+ set do_pre 0
+ set skip_pre 0
+ }
+
+ set pw ""
+ if {$putty_pw != ""} {
+ if {! [regexp {"} $putty_pw]} { #"
+ set pw " -pw \"$putty_pw\""
+ }
+ }
+
+ set tag [contag]
+
+ set file_pre ""
+ set file_pre_cmd ""
+ if {$do_pre} {
+ set setup_cmds [ugly_setup_scripts pre $tag]
+
+ if {$setup_cmds != ""} {
+ regsub {\.bat} $file "pre.cmd" file_pre_cmd
+ set fh [open $file_pre_cmd "w"]
+ puts $fh "$setup_cmds sleep 10; "
+ close $fh
+
+ regsub {\.bat} $file "pre.bat" file_pre
+ set fh [open $file_pre "w"]
+ set plink_str "plink.exe -ssh -C -P $ssh_port -m $file_pre_cmd $verb -t"
+
+ global smb_redir_0
+ if {$smb_redir_0 != ""} {
+ append plink_str " $smb_redir_0"
+ }
+
+ append plink_str "$pw $ssh_host"
+
+ if {$pw != ""} {
+ puts $fh "echo off"
+ }
+ puts $fh $plink_str
+
+ if {$file_pre_cmd != ""} {
+ puts $fh "del $file_pre_cmd"
+ }
+ puts $fh "del $file_pre"
+
+ close $fh
+ }
+ }
+
+ if {$is_win9x} {
+ set sleep 35
+ } else {
+ set sleep 20
+ }
+
+ set setup_cmds [ugly_setup_scripts post $tag]
+
+ set do_shell 0
+ if {$sshcmd == "SHELL"} {
+ set setup_cmds ""
+ set sshcmd {$SHELL}
+ set do_shell 1
+ } elseif {$sshcmd == "PUTTY"} {
+ set setup_cmds ""
+ set do_shell 1
+ }
+
+ set file_cmd ""
+ if {$setup_cmds != ""} {
+ regsub {\.bat} $file ".cmd" file_cmd
+ set fh_cmd [open $file_cmd "w"]
+
+ set str $setup_cmds
+ if {$sshcmd != ""} {
+ append str " $sshcmd; "
+ } else {
+ append str " sleep $sleep; "
+ }
+ puts $fh_cmd $str
+ close $fh_cmd
+
+ set sshcmd $setup_cmds
+ }
+
+ if {$sshcmd == ""} {
+ set pcmd "echo; echo SSH connected OK.; echo If this state is not autodetected,; echo Go Click the Success button."
+ set sshcmd "$pcmd; sleep $sleep"
+ }
+
+ global use_sound sound_daemon_local_cmd sound_daemon_local_start
+ if {! $do_shell && ! $is_win9x && $use_sound && $sound_daemon_local_start && $sound_daemon_local_cmd != ""} {
+ windows_start_sound_daemon $file
+ }
+
+ set fh [open $file "w"]
+ if {$is_win9x} {
+ puts $fh "cd $pwd"
+ if {$file_pre != ""} {
+ puts $fh "echo Press Ctrl-C --HERE-- when done with the Pre-Command shell work."
+ puts $fh "start /w command.com /c $file_pre"
+ }
+ }
+
+ global use_cups use_smbmnt
+ set extra_redirs ""
+ if {$use_cups} {
+ append extra_redirs [get_cups_redir]
+ }
+ if {$use_sound} {
+ append extra_redirs [get_sound_redir]
+ }
+ global additional_port_redirs
+ if {$additional_port_redirs} {
+ append extra_redirs [get_additional_redir]
+ }
+
+ set plink_str "plink.exe -ssh -P $ssh_port $verb -L $use:$vnc_host:$vnc_port $extra_redirs -t"
+ if {$extra_redirs != ""} {
+ regsub {exe} $plink_str "exe -C" plink_str
+ }
+ if {$do_shell} {
+ if {$sshcmd == "PUTTY"} {
+ if {$is_win9x} {
+ set plink_str "putty.exe -ssh -C -P $ssh_port $extra_redirs -t $pw $ssh_host"
+ } else {
+ set plink_str "start \"putty $ssh_host\" putty.exe -ssh -C -P $ssh_port $extra_redirs -t $pw $ssh_host"
+ }
+ } else {
+ set plink_str "plink.exe -ssh -C -P $ssh_port $extra_redirs -t $pw $ssh_host"
+ append plink_str { "$SHELL"}
+ }
+ } elseif {$file_cmd != ""} {
+ append plink_str " -m $file_cmd$pw $ssh_host"
+ } else {
+ append plink_str "$pw $ssh_host \"$sshcmd\""
+ }
+
+ if {$pw != ""} {
+ puts $fh "echo off"
+ }
+ puts $fh $plink_str
+ if {$file_cmd != ""} {
+ puts $fh "del $file_cmd"
+ }
+ puts $fh "del $file"
+ close $fh
+
+ catch {destroy .o}
+ catch {destroy .oa}
+
+ do_port_knock $ssh_host
+
+ if {$is_win9x} {
+ wm withdraw .
+ update
+ win9x_plink_msg $file
+ global win9x_plink_msg_done
+ set win9x_plink_msg_done 0
+ vwait win9x_plink_msg_done
+ } else {
+ global env
+ set com "cmd.exe"
+ if [info exists env(COMSPEC)] {
+ set com $env(COMSPEC)
+ }
+
+ if {$file_pre != ""} {
+ exec $com /c $file_pre &
+ set sl 0
+ if {$use_smbmnt} {
+ global smb_su_mode
+ if {$smb_su_mode == "su"} {
+ set sl [expr $sl + 15]
+ } elseif {$smb_su_mode == "sudo"} {
+ set sl [expr $sl + 15]
+ } else {
+ set sl [expr $sl + 3]
+ }
+ }
+ if {$pw == ""} {
+ set sl [expr $sl + 5]
+ }
+
+ set sl [expr $sl + 5]
+ set st [clock seconds]
+ set dt 0
+ global entered_gui_top
+ set entered_gui_top 0
+
+ while {$dt < $sl} {
+ after 100
+ set dt [clock seconds]
+ set dt [expr $dt - $st]
+ mesg "Click or Enter when done with 1st SSH $dt/$sl"
+ update
+ update idletasks
+ if {$entered_gui_top != 0 && $dt >= 3} {
+ mesg "Running 2nd SSH now ..."
+ after 1000
+ break
+ }
+ }
+ mesg "Running 2nd SSH ..."
+ }
+
+ wm withdraw .
+ update
+ exec $com /c $file &
+ after 1000
+ }
+
+ if {$do_shell} {
+ wm deiconify .
+ return 1
+ }
+
+ catch {destroy .plink}
+ toplevel .plink
+ wm title .plink "plink SSH status?"
+ set wd 37
+ label .plink.l1 -anchor w -text "Login via plink/ssh to the remote server" -width $wd
+ label .plink.l2 -anchor w -text "(supply username and password as needed)." -width $wd
+ label .plink.l3 -anchor w -text "" -width $wd
+ label .plink.l4 -anchor w -text "After ssh is set up, AND if the connection" -width $wd
+ label .plink.l5 -anchor w -text "success is not autodetected, please click" -width $wd
+ label .plink.l6 -anchor w -text "one of these buttons:" -width $wd
+ global plink_status
+ button .plink.fail -text "Failed" -command {destroy .plink; set plink_status no}
+ button .plink.ok -text "Success" -command {destroy .plink; set plink_status yes}
+ pack .plink.l1 .plink.l2 .plink.l3 .plink.l4 .plink.l5 .plink.l6 .plink.fail .plink.ok -side top -fill x
+
+ wm geometry .plink +700+500
+ wm deiconify .plink
+ set plink_status ""
+ set waited 0
+ set cnt 0
+ while {$waited < 30000} {
+ after 500
+ update
+ set ns [get_netstat]
+ set re ":$use"
+ append re {[ ][ ]*[0:.][0:.]*[ ][ ]*LISTEN}
+ if [regexp $re $ns] {
+ set plink_status yes
+ }
+ if {$plink_status != ""} {
+ catch {destroy .plink}
+ break
+ }
+
+ if {$waited == 0} {
+ wm deiconify .plink
+ }
+ set waited [expr "$waited + 500"]
+
+ incr cnt
+ if {$cnt >= 12} {
+ set cnt 0
+ #catch {wm deiconify .plink}
+ }
+ }
+ if {$plink_status == ""} {
+ vwait plink_status
+ }
+
+ if {$use_sshssl} {
+ global launch_windows_ssh_files
+ if {$file != ""} {
+ append launch_windows_ssh_files "$file "
+ }
+ if {$file_pre != ""} {
+ append launch_windows_ssh_files "$file_pre "
+ }
+ if {$file_pre_cmd != ""} {
+ append launch_windows_ssh_files "$file_pre_cmd "
+ }
+ regsub { *$} $launch_windows_ssh_files "" launch_windows_ssh_files
+ return 1
+ }
+
+ if {$plink_status != "yes"} {
+ wm deiconify .
+ } else {
+ after 1000
+ do_viewer_windows $n
+ wm deiconify .
+ mesg "Disconnected from $hp"
+ }
+
+ if {$file != ""} {
+ catch {file delete $file}
+ }
+ if {$file_pre != ""} {
+ catch {file delete $file_pre}
+ }
+ if {$file_pre_cmd != ""} {
+ catch {file delete $file_pre_cmd}
+ }
+
+ global sound_daemon_local_kill
+ if {! $is_win9x && $use_sound && $sound_daemon_local_kill && $sound_daemon_local_cmd != ""} {
+ windows_stop_sound_daemon
+ }
+ return 1
+}
+
+proc check_ssh_needed {} {
+ global use_cups use_sound use_smbmnt
+ global sound_daemon_remote_cmd sound_daemon_remote_port sound_daemon_kill sound_daemon_restart
+ global sound_daemon_local_cmd sound_daemon_local_port sound_daemon_local_kill sound_daemon_local_start
+ global cups_local_server cups_remote_port cups_manage_rcfile
+ global cups_local_smb_server cups_remote_smb_port
+ global smb_su_mode smb_mount_list
+ global use_ssh use_sshssl
+
+ if {$use_ssh || $use_sshssl} {
+ return
+ }
+ set must 0
+ if {$use_cups} {
+ if {$cups_local_server != ""} {set must 1}
+ if {$cups_remote_port != ""} {set must 1}
+ if {$cups_local_smb_server != ""} {set must 1}
+ if {$cups_remote_smb_port != ""} {set must 1}
+ if {$cups_manage_rcfile != ""} {set must 1}
+ }
+ if {$use_sound} {
+ if {$sound_daemon_remote_cmd != ""} {set must 1}
+ if {$sound_daemon_remote_port != ""} {set must 1}
+ if {$sound_daemon_kill} {set must 1}
+ if {$sound_daemon_restart} {set must 1}
+ if {$sound_daemon_local_cmd != ""} {set must 1}
+ if {$sound_daemon_local_port != ""} {set must 1}
+ if {$sound_daemon_local_kill} {set must 1}
+ if {$sound_daemon_local_start} {set must 1}
+ }
+ if {$use_smbmnt} {
+ if {[regexp {//} $smb_mount_list]} {set must 1}
+ }
+ if {$must} {
+ set use_sshssl 1
+ putty_pw_entry check
+ mesg "Enabling \"Use SSH and SSL\" mode for port redir"
+ update
+ bell
+ after 4000
+ }
+}
+
+proc set_smb_mounts {} {
+ global smb_redir_0 smb_mounts use_smbmnt
+
+ set smb_redir_0 ""
+ set smb_mounts ""
+ if {$use_smbmnt} {
+ set l2 [get_smb_redir]
+ set smb_redir_0 [lindex $l2 0]
+ set smb_redir_0 [string trim $smb_redir_0]
+ set smb_mounts [lindex $l2 1]
+ }
+}
+
+proc xterm_center_geometry {} {
+ set sh [winfo screenheight .]
+ set sw [winfo screenwidth .]
+ set gw 500
+ set gh 300
+ set x [expr $sw/2 - $gw/2]
+ set y [expr $sh/2 - $gh/2]
+ if {$x < 0} {
+ set x 10
+ }
+ if {$y < 0} {
+ set y 10
+ }
+
+ return "+$x+$y"
+}
+
+proc smbmnt_wait {tee} {
+ if {$tee != ""} {
+ set start [clock seconds]
+ set cut 30
+ while {1} {
+ set now [clock seconds]
+ if {$now > $start + $cut} {
+ break;
+ }
+ if [file exists $tee] {
+ set sz 0
+ catch {set sz [file size $tee]}
+ if {$sz > 50} {
+ set cut 50
+ }
+ }
+ set g ""
+ catch {set g [exec grep vnc-helper-exiting $tee]}
+ if [regexp {vnc-helper-exiting} $g] {
+ break
+ }
+ after 1000
+ }
+ catch {file delete $tee}
+ } else {
+ global smb_su_mode
+ if {$smb_su_mode == "su"} {
+ after 15000
+ } elseif {$smb_su_mode == "sudo"} {
+ after 10000
+ }
+ }
+}
+
+proc do_unix_pre {tag proxy hp pk_hp} {
+ global env smb_redir_0 use_smbmnt
+ global did_port_knock
+
+ set setup_cmds [ugly_setup_scripts pre $tag]
+ set c "ssl_vncviewer -ssh"
+
+ if {$proxy == ""} {
+ set pxy $hp
+ regsub {:.*$} $pxy "" pxy
+ set c "$c -proxy '$pxy'"
+ } else {
+ set c "$c -proxy '$proxy'"
+ }
+
+ if {$setup_cmds != ""} {
+ set env(SSL_VNCVIEWER_SSH_CMD) "$setup_cmds sleep 10"
+ set env(SSL_VNCVIEWER_SSH_ONLY) 1
+ if {$smb_redir_0 != ""} {
+ set c "$c -sshargs '$smb_redir_0'"
+ }
+
+ do_port_knock $pk_hp
+ set did_port_knock 1
+
+ if {$use_smbmnt} {
+ set title "SSL VNC Viewer $hp -- SMB MOUNTS"
+ } else {
+ set title "SSL VNC Viewer $hp -- Pre Commands"
+ }
+
+ set tee ""
+ if {$use_smbmnt} {
+ set tee $env(HOME)
+ append tee "/.tee-etv$tag"
+ set fh ""
+ catch {set fh [open $tee "w"]}
+ if {$fh == ""} {
+ set tee ""
+ } else {
+ close $fh
+ set c "$c | tee $tee"
+ }
+ }
+
+ exec xterm -geometry "80x25+100+100" \
+ -title "$title" \
+ -e sh -c "set -xv; $c" &
+
+ set env(SSL_VNCVIEWER_SSH_CMD) ""
+ set env(SSL_VNCVIEWER_SSH_ONLY) ""
+
+ if {$use_smbmnt} {
+ smbmnt_wait $tee
+ } else {
+ after 2000
+ }
+ }
+}
+
+proc launch_unix {hp} {
+ global mycert svcert crtdir env
+ global use_alpha use_grab use_ssh use_sshssl use_viewonly use_fullscreen use_bgr233
+ global use_nojpeg use_raise_on_beep use_compresslevel use_quality
+ global change_vncviewer change_vncviewer_path vncviewer_realvnc4
+ global additional_port_redirs additional_port_redirs_list
+ global use_cups use_sound use_smbmnt
+ global smb_redir_0 smb_mounts
+ global sound_daemon_remote_cmd sound_daemon_remote_port sound_daemon_kill sound_daemon_restart
+ global sound_daemon_local_cmd sound_daemon_local_port sound_daemon_local_kill sound_daemon_local_start
+
+ set cmd ""
+
+ if [regexp {cmd=} $hp] {
+ if {! $use_ssh && ! $use_sshssl} {
+ set use_ssh 1
+ }
+ }
+ check_ssh_needed
+
+ set_smb_mounts
+
+ global did_port_knock
+ set did_port_knock 0
+ set pk_hp ""
+
+ if {$use_ssh || $use_sshssl} {
+ if {$use_ssh} {
+ set cmd "ssl_vncviewer -ssh"
+ } else {
+ set cmd "ssl_vncviewer -sshssl"
+ }
+ set hpnew [get_ssh_hp $hp]
+ set proxy [get_ssh_proxy $hp]
+ set sshcmd [get_ssh_cmd $hp]
+ set hp $hpnew
+
+ if {$proxy != ""} {
+ set cmd "$cmd -proxy '$proxy'"
+ set pk_hp $proxy
+ }
+ if {$pk_hp == ""} {
+ set pk_hp $hp
+ }
+
+ set do_pre 0
+ if {$use_smbmnt} {
+ set do_pre 1
+ } elseif {$use_sound && $sound_daemon_kill} {
+ set do_pre 1
+ }
+ global skip_pre
+ if {$skip_pre} {
+ set do_pre 0
+ set skip_pre 0
+ }
+
+ set tag [contag]
+
+ if {$do_pre} {
+ do_unix_pre $tag $proxy $hp $pk_hp
+ }
+
+
+ set setup_cmds [ugly_setup_scripts post $tag]
+
+ if {$sshcmd == "SHELL"} {
+ set env(SSL_VNCVIEWER_SSH_CMD) {$SHELL}
+ set env(SSL_VNCVIEWER_SSH_ONLY) 1
+ } elseif {$setup_cmds != ""} {
+ set env(SSL_VNCVIEWER_SSH_CMD) "$setup_cmds$sshcmd"
+ } else {
+ if {$sshcmd != ""} {
+ set cmd "$cmd -sshcmd '$sshcmd'"
+ }
+ }
+
+ set sshargs ""
+ if {$use_cups} {
+ append sshargs [get_cups_redir]
+ }
+ if {$use_sound} {
+ append sshargs [get_sound_redir]
+ }
+ if {$additional_port_redirs} {
+ append sshargs [get_additional_redir]
+ }
+
+ set sshargs [string trim $sshargs]
+ if {$sshargs != ""} {
+ set cmd "$cmd -sshargs '$sshargs'"
+ set env(SSL_VNCVIEWER_USE_C) 1
+ }
+ if {$sshcmd == "SHELL"} {
+ set env(SSL_VNCVIEWER_SSH_ONLY) 1
+ if {$proxy == ""} {
+ set hpt $hpnew
+ regsub {:[0-9]*$} $hpt "" hpt
+ set cmd "$cmd -proxy '$hpt'"
+ }
+ set geometry [xterm_center_geometry]
+ if {$pk_hp == ""} {
+ set pk_hp $hp
+ }
+ if {! $did_port_knock} {
+ do_port_knock $pk_hp
+ set did_port_knock 1
+ }
+
+ exec xterm -geometry $geometry -title "SHELL to $hp" \
+ -e sh -c "$cmd" &
+ set env(SSL_VNCVIEWER_SSH_CMD) ""
+ set env(SSL_VNCVIEWER_SSH_ONLY) ""
+ set env(SSL_VNCVIEWER_USE_C) ""
+ return
+ }
+ } else {
+ set cmd "ssl_tightvncviewer"
+ set hpnew [get_ssh_hp $hp]
+ set proxy [get_ssh_proxy $hp]
+ if {$mycert != ""} {
+ set cmd "$cmd -mycert '$mycert'"
+ }
+ if {$svcert != ""} {
+ set cmd "$cmd -verify '$svcert'"
+ } elseif {$crtdir != ""} {
+ set cmd "$cmd -verify '$crtdir'"
+ }
+ if {$proxy != ""} {
+ set cmd "$cmd -proxy '$proxy'"
+ }
+ set hp $hpnew
+ }
+
+ if {$use_alpha} {
+ set cmd "$cmd -alpha"
+ }
+ if {$use_grab} {
+ set cmd "$cmd -grab"
+ }
+
+ set cmd "$cmd $hp"
+
+ if {$use_viewonly} {
+ set cmd "$cmd -viewonly"
+ }
+ if {$use_fullscreen} {
+ set cmd "$cmd -fullscreen"
+ }
+ if {$use_bgr233} {
+ if {$vncviewer_realvnc4} {
+ set cmd "$cmd -lowcolourlevel 1"
+ } else {
+ set cmd "$cmd -bgr233"
+ }
+ }
+ if {$use_nojpeg} {
+ if {! $vncviewer_realvnc4} {
+ set cmd "$cmd -nojpeg"
+ }
+ }
+ if {! $use_raise_on_beep} {
+ if {! $vncviewer_realvnc4} {
+ set cmd "$cmd -noraiseonbeep"
+ }
+ }
+ if {$use_compresslevel != "" && $use_compresslevel != "default"} {
+ if {$vncviewer_realvnc4} {
+ set cmd "$cmd -zliblevel '$use_compresslevel'"
+ } else {
+ set cmd "$cmd -compresslevel '$use_compresslevel'"
+ }
+ }
+ if {$use_quality != "" && $use_quality != "default"} {
+ if {! $vncviewer_realvnc4} {
+ set cmd "$cmd -quality '$use_quality'"
+ }
+ }
+ if {$use_ssh || $use_sshssl} {
+ # realvnc4 -preferredencoding zrle
+ if {$vncviewer_realvnc4} {
+ set cmd "$cmd -preferredencoding zrle"
+ } else {
+ set cmd "$cmd -encodings 'copyrect tight zrle zlib hextile'"
+ }
+ }
+
+ if {$change_vncviewer && $change_vncviewer_path != ""} {
+ global env
+ set env(VNCVIEWERCMD) $change_vncviewer_path
+ } else {
+ set env(VNCVIEWERCMD) ""
+ }
+
+ catch {destroy .o}
+ catch {destroy .oa}
+ wm withdraw .
+ update
+
+ if {$sound_daemon_local_start && $sound_daemon_local_cmd != ""} {
+ mesg "running: $sound_daemon_local_cmd"
+ exec sh -c "$sound_daemon_local_cmd" >& /dev/null </dev/null &
+ update
+ after 500
+ }
+
+ if {$pk_hp == ""} {
+ set pk_hp $hp
+ }
+ if {! $did_port_knock} {
+ do_port_knock $pk_hp
+ set did_port_knock 1
+ }
+
+ set geometry [xterm_center_geometry]
+ set xrm1 "*.srinterCommand:true"
+ set xrm2 $xrm1
+ set xrm3 $xrm1
+ if {[info exists env(SSL_VNC_GUI_CMD)]} {
+ set xrm1 "*.printerCommand:env XTERM_PRINT=1 $env(SSL_VNC_GUI_CMD)"
+ set xrm2 "XTerm*VT100*translations:#override Shift<Btn3Down>:print()\\nCtrl<Key>N:print()"
+ set xrm3 "*mainMenu*print*Label: New SSL_VNC_GUI"
+ }
+ exec xterm -geometry $geometry -xrm "$xrm1" -xrm "$xrm2" -xrm "$xrm3" \
+ -title "SSL VNC Viewer $hp" \
+ -e sh -c "set -xv; $cmd; set +xv; echo; echo Done. You Can X-out or Ctrl-C this Terminal whenever you like.; echo; echo sleep 15; echo; sleep 15"
+ set env(SSL_VNCVIEWER_SSH_CMD) ""
+ set env(SSL_VNCVIEWER_USE_C) ""
+
+ if {$sound_daemon_local_kill && $sound_daemon_local_cmd != ""} {
+ set daemon [string trim $sound_daemon_local_cmd]
+ regsub {^gw[ \t]*} $daemon "" daemon
+ regsub {[ \t].*$} $daemon "" daemon
+ regsub {^.*/} $daemon "" daemon
+ mesg "killing sound daemon: $daemon"
+ if {$daemon != ""} {
+ catch {exec sh -c "killall $daemon" >/dev/null 2>/dev/null </dev/null &}
+ catch {exec sh -c "pkill -x $daemon" >/dev/null 2>/dev/null </dev/null &}
+ }
+ }
+ wm deiconify .
+ mesg "Disconnected from $hp"
+}
+
+proc kill_stunnel {pids} {
+ global is_win9x env
+
+ set count 0
+ foreach pid $pids {
+ mesg "killing STUNNEL pid: $pid"
+ if {$is_win9x} {
+ catch {exec w98/kill.exe /f $pid}
+ } else {
+ catch {exec tskill.exe $pid}
+ }
+ if {$count == 0} {
+ after 1200
+ } else {
+ after 500
+ }
+ incr count
+ }
+}
+
+proc get_task_list {} {
+ global env is_win9x
+
+ set output1 ""
+ set output2 ""
+ if {! $is_win9x} {
+ # try for tasklist on XP pro
+ catch {set output1 [exec tasklist.exe]}
+ }
+ catch {set output2 [exec w98/tlist.exe]}
+
+ set output $output1
+ append output "\n"
+ append output $output2
+
+ return $output
+}
+
+proc note_stunnel_pids {when} {
+ global env
+ global is_win9x pids_before pids_after pids_new
+
+ if {$when == "before"} {
+ array unset pids_before
+ array unset pids_after
+ set pids_new {}
+ set pids_before(none) "none"
+ set pids_after(none) "none"
+ }
+
+ set output [get_task_list]
+
+ foreach line [split $output "\n\r"] {
+ if [regexp -nocase {stunnel} $line] {
+ if [regexp {(-?[0-9][0-9]*)} $line m p] {
+ if {$when == "before"} {
+ set pids_before($p) $line
+ } else {
+ set pids_after($p) $line
+ }
+ }
+ }
+ }
+ if {$when == "after"} {
+ foreach new [array names pids_after] {
+ if {! [info exists pids_before($new)]} {
+ lappend pids_new $new
+ }
+ }
+ }
+}
+
+proc del_launch_windows_ssh_files {} {
+ global launch_windows_ssh_files
+
+ if {$launch_windows_ssh_files != ""} {
+ foreach tf [split $launch_windows_ssh_files] {
+ if {$tf == ""} {
+ continue
+ }
+ catch {file delete $tf}
+ }
+ }
+}
+
+proc launch_shell_only {} {
+ global vncdisplay is_windows
+ global skip_pre
+
+ set hp $vncdisplay
+ regsub {cmd=.*$} $vncdisplay "" hp
+ set hp [string trim $hp]
+ if {$is_windows} {
+ append hp " cmd=PUTTY"
+ } else {
+ append hp " cmd=SHELL"
+ }
+ set skip_pre 1
+ launch $hp
+}
+
+proc launch {{hp ""}} {
+ global vncdisplay env tcl_platform is_windows
+ global mycert svcert crtdir
+ global pids_before pids_after pids_new
+ global use_ssh use_sshssl
+
+ set debug 0
+ if {$hp == ""} {
+ set hp [string trim $vncdisplay]
+ }
+
+ if {[regexp {^[ ]*$} $hp]} {
+ mesg "No host:disp supplied."
+ bell
+ return
+ }
+ if {! [regexp ":" $hp]} {
+ if {! [regexp {cmd=} $hp]} {
+ append hp ":0"
+ }
+ }
+
+ mesg "Using: $hp"
+ after 600
+
+ if {$debug} {
+ mesg "\"$tcl_platform(os)\" | \"$tcl_platform(osVersion)\""
+ after 1000
+ }
+ if {! $is_windows} {
+ launch_unix $hp
+ return
+ }
+
+ if [regexp {cmd=} $hp] {
+ if {! $use_ssh && ! $use_sshssl} {
+ set use_ssh 1
+ }
+ }
+ check_ssh_needed
+
+ if {! $use_ssh} {
+ if {$mycert != ""} {
+ if {! [file exists $mycert]} {
+ mesg "MyCert does not exist: $mycert"
+ bell
+ return
+ }
+ }
+ if {$svcert != ""} {
+ if {! [file exists $svcert]} {
+ mesg "ServerCert does not exist: $svcert"
+ bell
+ return
+ }
+ } elseif {$crtdir != ""} {
+ if {! [file exists $crtdir]} {
+ mesg "CertsDir does not exist: $crtdir"
+ bell
+ return
+ }
+ }
+ }
+
+ set prefix "stunnel-vnc"
+ set suffix "conf"
+ if {$use_ssh || $use_sshssl} {
+ set prefix "plink-vnc"
+ set suffix "bat"
+ }
+
+ # we avoid parsing netstat output on Windows (but I guess we do now elsewhere):
+ set file ""
+ set n ""
+ set file2 ""
+ set n2 ""
+ set now [clock seconds]
+
+ for {set i 30} {$i < 90} {incr i} {
+ set try "$prefix-$i.$suffix"
+ if {[file exists $try]} {
+ set mt [file mtime $try]
+ set age [expr "$now - $mt"]
+ set week [expr "7 * 3600 * 24"]
+ if {$age > $week} {
+ catch {file delete $file}
+ }
+ }
+ if {! [file exists $try]} {
+ if {$use_sshssl} {
+ if {$file != ""} {
+ set file2 $try
+ set n2 $i
+ break
+ }
+ }
+ set file $try
+ set n $i
+ if {! $use_sshssl} {
+ break
+ }
+ }
+ }
+
+ if {$file == ""} {
+ mesg "could not find free stunnel file"
+ bell
+ return
+ }
+
+ global launch_windows_ssh_files
+ set launch_windows_ssh_files ""
+
+ set did_port_knock 0
+
+ if {$use_sshssl} {
+ set rc [launch_windows_ssh $hp $file2 $n2]
+ if {$rc == 0} {
+ catch {file delete $file}
+ catch {file delete $file2}
+ del_launch_windows_ssh_files
+ return
+ }
+ set did_port_knock 1
+ } elseif {$use_ssh} {
+ launch_windows_ssh $hp $file $n
+ return
+ }
+
+ if [regexp {[ ]} $hp] {
+ # proxy or cmd case (should not happen? yet?)
+ regsub {[ ].*$} $hp "" hp2
+ } else {
+ set list [split $hp ":"]
+ set host [lindex $list 0]
+ set disp [lindex $list 1]
+ set port [expr "$disp + 5900"]
+ }
+
+ set list [split $hp ":"]
+ set host [lindex $list 0]
+ set disp [lindex $list 1]
+ set port [expr "$disp + 5900"]
+
+ if {$debug} {
+ mesg "file: $file"
+ after 1000
+ }
+
+ set fh [open $file "w"]
+
+ puts $fh "client = yes"
+ puts $fh "options = ALL"
+ puts $fh "taskbar = yes"
+ puts $fh "RNDbytes = 2048"
+ puts $fh "RNDfile = bananarand.bin"
+ puts $fh "RNDoverwrite = yes"
+ puts $fh "debug = 6"
+ if {$mycert != ""} {
+ if {! [file exists $mycert]} {
+ mesg "MyCert does not exist: $mycert"
+ bell
+ return
+ }
+ puts $fh "cert = $mycert"
+ }
+ if {$svcert != ""} {
+ if {! [file exists $svcert]} {
+ mesg "ServerCert does not exist: $svcert"
+ bell
+ return
+ }
+ puts $fh "CAfile = $svcert"
+ puts $fh "verify = 2"
+ } elseif {$crtdir != ""} {
+ if {! [file exists $crtdir]} {
+ mesg "CertsDir does not exist: $crtdir"
+ bell
+ return
+ }
+ puts $fh "CApath = $crtdir"
+ puts $fh "verify = 2"
+ }
+
+ puts $fh "\[vnc$n\]"
+ set port2 [expr "$n + 5900"]
+ puts $fh "accept = localhost:$port2"
+
+ if {$use_sshssl} {
+ set port [expr "$n2 + 5900"]
+ puts $fh "connect = localhost:$port"
+ } else {
+ puts $fh "connect = $host:$port"
+ }
+
+ puts $fh "delay = no"
+ puts $fh ""
+ close $fh
+
+ mesg "Starting STUNNEL on port $port2 ..."
+ after 600
+
+ note_stunnel_pids "before"
+
+ set pids [exec stunnel $file &]
+
+ after 1300
+
+ note_stunnel_pids "after"
+
+ if {$debug} {
+ after 1000
+ mesg "pids $pids"
+ after 1000
+ } else {
+ catch {destroy .o}
+ catch {destroy .oa}
+ wm withdraw .
+ }
+
+ if {! $did_port_knock} {
+ do_port_knock $host
+ set did_port_knock 1
+ }
+
+ do_viewer_windows $n
+
+ del_launch_windows_ssh_files
+
+ catch {file delete $file}
+
+ if {$debug} {
+ ;
+ } else {
+ wm deiconify .
+ }
+ mesg "Disconnected from $hp."
+
+ if {[llength $pids_new] > 0} {
+ set plist [join $pids_new ", "]
+ global terminate_pids
+ set terminate_pids ""
+ win_kill_msg $plist
+ update
+ vwait terminate_pids
+ if {$terminate_pids == "yes"} {
+ kill_stunnel $pids_new
+ }
+ } else {
+ win_nokill_msg
+ }
+ mesg "Disconnected from $hp."
+
+ global is_win9x use_sound sound_daemon_local_kill sound_daemon_local_cmd
+ if {! $is_win9x && $use_sound && $sound_daemon_local_kill && $sound_daemon_local_cmd != ""} {
+ windows_stop_sound_daemon
+ }
+}
+
+proc get_idir {str} {
+ set idir ""
+ if {$str != ""} {
+ if [file isdirectory $str] {
+ set idir $str
+ } else {
+ set idir [file dirname $str]
+ }
+ }
+ if {$idir == ""} {
+ global env
+ if [info exists env(HOME)] {
+ set t "$env(HOME)/.vnc/certs"
+ if [file isdirectory $t] {
+ set idir $t
+ }
+ }
+ }
+ if {$idir == ""} {
+ set idir [pwd]
+ }
+ return $idir
+}
+
+proc set_mycert {} {
+ global mycert
+ set idir [get_idir $mycert]
+ if {$idir != ""} {
+ set mycert [tk_getOpenFile -initialdir $idir]
+ } else {
+ set mycert [tk_getOpenFile]
+ }
+ catch {wm deiconify .c}
+ update
+}
+
+proc set_svcert {} {
+ global svcert crtdir
+ set idir [get_idir $svcert]
+ if {$idir != ""} {
+ set svcert [tk_getOpenFile -initialdir $idir]
+ } else {
+ set svcert [tk_getOpenFile]
+ }
+ if {$svcert != ""} {
+ set crtdir ""
+ }
+ catch {wm deiconify .c}
+ update
+}
+
+proc set_crtdir {} {
+ global svcert crtdir
+ set idir [get_idir $crtdir]
+ if {$idir != ""} {
+ set crtdir [tk_chooseDirectory -initialdir $idir]
+ } else {
+ set crtdir [tk_chooseDirectory]
+ }
+ if {$crtdir != ""} {
+ set svcert ""
+ }
+ catch {wm deiconify .c}
+ update
+}
+
+proc getcerts {} {
+ global mycert svcert crtdir
+ global use_ssh use_sshssl
+ catch {destroy .c}
+ toplevel .c
+ wm title .c "Set SSL Certificates"
+ frame .c.mycert
+ frame .c.svcert
+ frame .c.crtdir
+ label .c.mycert.l -anchor w -width 12 -text "MyCert:"
+ label .c.svcert.l -anchor w -width 12 -text "ServerCert:"
+ label .c.crtdir.l -anchor w -width 12 -text "CertsDir:"
+
+ entry .c.mycert.e -width 32 -textvariable mycert
+ entry .c.svcert.e -width 32 -textvariable svcert
+ entry .c.crtdir.e -width 32 -textvariable crtdir
+ button .c.mycert.b -text "Browse..." -command {set_mycert; catch {raise .c}}
+ button .c.svcert.b -text "Browse..." -command {set_svcert; catch {raise .c}}
+ button .c.crtdir.b -text "Browse..." -command {set_crtdir; catch {raise .c}}
+
+ frame .c.b
+ button .c.b.done -text "Done" -command {catch {destroy .c}}
+ bind .c <Escape> {destroy .c}
+ button .c.b.help -text "Help" -command help_certs
+ pack .c.b.help .c.b.done -fill x -expand 1 -side left
+
+ foreach w [list mycert svcert crtdir] {
+ pack .c.$w.l -side left
+ pack .c.$w.e -side left -expand 1 -fill x
+ pack .c.$w.b -side left
+ bind .c.$w.e <Return> ".c.$w.b invoke"
+ if {$use_ssh} {
+ .c.$w.l configure -state disabled
+ .c.$w.e configure -state disabled
+ .c.$w.b configure -state disabled
+ }
+ }
+
+ pack .c.mycert .c.svcert .c.crtdir .c.b -side top -fill x
+ center_win .c
+ wm resizable .c 1 0
+
+ focus .c
+}
+
+proc get_profiles_dir {} {
+ global env is_windows
+
+ set dir ""
+ if {$is_windows} {
+ set t [file dirname [pwd]]
+ set t "$t/profiles"
+ if [file isdirectory $t] {
+ set dir $t
+ }
+ } elseif [info exists env(HOME)] {
+ set t "$env(HOME)/.vnc"
+ if [file isdirectory $t] {
+ set dir $t
+ set s "$t/profiles"
+ if {! [file exists $s]} {
+ catch {file mkdir $s}
+ }
+ }
+ }
+
+ if {$dir != ""} {
+
+ } elseif [info exists env(SSL_VNC_BASEDIR)] {
+ set dir $env(SSL_VNC_BASEDIR)
+ } else {
+ set dir [pwd]
+ }
+ if [file isdirectory "$dir/profiles"] {
+ set dir "$dir/profiles"
+ }
+ return $dir
+}
+
+proc load_profile {} {
+ global env
+ global mycert svcert crtdir vncdisplay
+ global use_alpha use_grab use_ssh use_sshssl use_viewonly use_fullscreen use_bgr233
+ global use_nojpeg use_raise_on_beep use_compresslevel use_quality
+ global compresslevel_text quality_text
+ global use_smbmnt use_sound
+ global use_cups cups_local_server cups_remote_port cups_manage_rcfile
+ global cups_local_smb_server cups_remote_smb_port
+ global smb_su_mode smb_mount_list
+ global change_vncviewer change_vncviewer_path vncviewer_realvnc4
+ global additional_port_redirs additional_port_redirs_list
+ global sound_daemon_remote_cmd sound_daemon_remote_port sound_daemon_kill sound_daemon_restart
+ global sound_daemon_local_cmd sound_daemon_local_port sound_daemon_local_kill sound_daemon_local_start
+ global use_port_knocking port_knocking_list
+ global profdone
+
+ set dir [get_profiles_dir]
+
+ set file [tk_getOpenFile -defaultextension ".vnc" \
+ -initialdir $dir -title "Load VNC Profile"]
+ if {$file == ""} {
+ set profdone 1
+ return
+ }
+ set fh [open $file "r"]
+ if {! [info exists fh]} {
+ set profdone 1
+ return
+ }
+
+ set_defaults
+
+ while {[gets $fh line] > -1} {
+ if [regexp {^disp=(.*)$} $line m val] {
+ set vncdisplay $val
+ } elseif [regexp {^ssh=(.*)$} $line m val] {
+ set use_ssh $val
+ } elseif [regexp {^sshssl=(.*)$} $line m val] {
+ set use_sshssl $val
+ } elseif [regexp {^viewonly=(.*)$} $line m val] {
+ set use_viewonly $val
+ } elseif [regexp {^fullscreen=(.*)$} $line m val] {
+ set use_fullscreen $val
+ } elseif [regexp {^belldeiconify=(.*)$} $line m val] {
+ set use_raise_on_beep $val
+ } elseif [regexp {^8bit=(.*)$} $line m val] {
+ set use_bgr233 $val
+ } elseif [regexp {^alpha=(.*)$} $line m val] {
+ set use_alpha $val
+ } elseif [regexp {^grab=(.*)$} $line m val] {
+ set use_grab $val
+ } elseif [regexp {^nojpeg=(.*)$} $line m val] {
+ set use_nojpeg $val
+ } elseif [regexp {^compresslevel=(.*)$} $line m val] {
+ set use_compresslevel $val
+ set compresslevel_text "Compress Level: $val"
+ } elseif [regexp {^quality=(.*)$} $line m val] {
+ set use_quality $val
+ set quality_text "Quality: $val"
+ } elseif [regexp {^mycert=(.*)$} $line m val] {
+ set mycert $val
+ } elseif [regexp {^svcert=(.*)$} $line m val] {
+ set svcert $val
+ } elseif [regexp {^crtdir=(.*)$} $line m val] {
+ set crtdir $val
+ } elseif [regexp {^use_smbmnt=(.*)$} $line m val] {
+ set use_smbmnt $val
+ } elseif [regexp {^use_sound=(.*)$} $line m val] {
+ set use_sound $val
+ } elseif [regexp {^use_cups=(.*)$} $line m val] {
+ set use_cups $val
+ } elseif [regexp {^cups_local_server=(.*)$} $line m val] {
+ set cups_local_server $val
+ } elseif [regexp {^cups_remote_port=(.*)$} $line m val] {
+ set cups_remote_port $val
+ } elseif [regexp {^cups_local_smb_server=(.*)$} $line m val] {
+ set cups_local_smb_server $val
+ } elseif [regexp {^cups_remote_smb_port=(.*)$} $line m val] {
+ set cups_remote_smb_port $val
+ } elseif [regexp {^cups_manage_rcfile=(.*)$} $line m val] {
+ set cups_manage_rcfile $val
+ } elseif [regexp {^smb_mount_list=(.*)$} $line m val] {
+ regsub -all {%%%} $val "\n" val
+ set smb_mount_list $val
+ } elseif [regexp {^smb_su_mode=(.*)$} $line m val] {
+ set smb_su_mode $val
+ } elseif [regexp {^port_knocking_list=(.*)$} $line m val] {
+ regsub -all {%%%} $val "\n" val
+ set port_knocking_list $val
+ } elseif [regexp {^use_port_knocking=(.*)$} $line m val] {
+ set use_port_knocking $val
+ } elseif [regexp {^sound_daemon_remote_cmd=(.*)$} $line m val] {
+ set sound_daemon_remote_cmd $val
+ } elseif [regexp {^sound_daemon_remote_port=(.*)$} $line m val] {
+ set sound_daemon_remote_port $val
+ } elseif [regexp {^sound_daemon_kill=(.*)$} $line m val] {
+ set sound_daemon_kill $val
+ } elseif [regexp {^sound_daemon_restart=(.*)$} $line m val] {
+ set sound_daemon_restart $val
+ } elseif [regexp {^sound_daemon_local_cmd=(.*)$} $line m val] {
+ set sound_daemon_local_cmd $val
+ } elseif [regexp {^sound_daemon_local_port=(.*)$} $line m val] {
+ set sound_daemon_local_port $val
+ } elseif [regexp {^sound_daemon_local_start=(.*)$} $line m val] {
+ set sound_daemon_local_start $val
+ } elseif [regexp {^sound_daemon_local_kill=(.*)$} $line m val] {
+ set sound_daemon_local_kill $val
+ } elseif [regexp {^change_vncviewer=(.*)$} $line m val] {
+ set change_vncviewer $val
+ } elseif [regexp {^change_vncviewer_path=(.*)$} $line m val] {
+ set change_vncviewer_path $val
+ } elseif [regexp {^vncviewer_realvnc4=(.*)$} $line m val] {
+ set vncviewer_realvnc4 $val
+ } elseif [regexp {^additional_port_redirs=(.*)$} $line m val] {
+ set additional_port_redirs $val
+ } elseif [regexp {^additional_port_redirs_list=(.*)$} $line m val] {
+ set additional_port_redirs_list $val
+ }
+ }
+ close $fh
+ set profdone 1
+ putty_pw_entry check
+}
+
+proc save_profile {} {
+ global env is_windows
+ global mycert svcert crtdir vncdisplay
+ global use_alpha use_grab use_ssh use_sshssl use_viewonly use_fullscreen use_bgr233
+ global use_nojpeg use_raise_on_beep use_compresslevel use_quality
+ global profdone
+
+ set dir [get_profiles_dir]
+
+ set disp [string trim $vncdisplay]
+ if {$disp != ""} {
+ regsub {[ ].*$} $disp "" disp
+ }
+ if {$is_windows} {
+ regsub -all {:} $disp "_" disp
+ }
+
+ set file [tk_getSaveFile -defaultextension ".vnc" \
+ -initialdir $dir -initialfile "$disp" -title "Save VNC Profile"]
+ if {$file == ""} {
+ set profdone 1
+ return
+ }
+ set fh [open $file "w"]
+ if {! [info exists fh]} {
+ set profdone 1
+ return
+ }
+ set h [string trim $vncdisplay]
+ set p $h
+ regsub {:.*$} $h "" h
+ set host $h
+ regsub {[ ].*$} $p "" p
+ regsub {^.*:} $p "" p
+ if {$p == ""} {
+ set p 0
+ }
+ if {$p < 200} {
+ set port [expr $p + 5900]
+ } else {
+ set port $p
+ }
+
+ set h [string trim $vncdisplay]
+ regsub {cmd=.*$} $h "" h
+ set h [string trim $h]
+ if {! [regexp {[ ]} $h]} {
+ set h ""
+ } else {
+ regsub {^.*[ ]} $h "" h
+ }
+ if {$h == ""} {
+ set proxy ""
+ set proxyport ""
+ } else {
+ set p $h
+ regsub {:.*$} $h "" h
+ set proxy $h
+ regsub {[ ].*$} $p "" p
+ regsub {^.*:} $p "" p
+ if {$p == ""} {
+ set proxyport 0
+ } else {
+ set proxyport $p
+ }
+ }
+
+ puts $fh "\[connection\]"
+ puts $fh "host=$host"
+ puts $fh "port=$port"
+ puts $fh "proxyhost=$proxy"
+ puts $fh "proxyport=$proxyport"
+ puts $fh "disp=$vncdisplay"
+ puts $fh "\n\[options\]"
+ puts $fh "ssh=$use_ssh"
+ puts $fh "sshssl=$use_sshssl"
+ puts $fh "viewonly=$use_viewonly"
+ puts $fh "fullscreen=$use_fullscreen"
+ puts $fh "belldeiconify=$use_raise_on_beep"
+ puts $fh "8bit=$use_bgr233"
+ puts $fh "alpha=$use_alpha"
+ puts $fh "grab=$use_grab"
+ puts $fh "nojpeg=$use_nojpeg"
+ puts $fh "compresslevel=$use_compresslevel"
+ puts $fh "quality=$use_quality"
+ puts $fh "mycert=$mycert"
+ puts $fh "svcert=$svcert"
+ puts $fh "crtdir=$crtdir"
+
+ global use_smbmnt use_sound
+ puts $fh "use_smbmnt=$use_smbmnt"
+ puts $fh "use_sound=$use_sound"
+
+ global use_cups cups_local_server cups_remote_port cups_manage_rcfile
+ global cups_local_smb_server cups_remote_smb_port
+ puts $fh "use_cups=$use_cups"
+ puts $fh "cups_local_server=$cups_local_server"
+ puts $fh "cups_remote_port=$cups_remote_port"
+ puts $fh "cups_local_smb_server=$cups_local_smb_server"
+ puts $fh "cups_remote_smb_port=$cups_remote_smb_port"
+ puts $fh "cups_manage_rcfile=$cups_manage_rcfile"
+
+ global change_vncviewer change_vncviewer_path vncviewer_realvnc4
+ global additional_port_redirs additional_port_redirs_list
+ puts $fh "change_vncviewer=$change_vncviewer"
+ puts $fh "change_vncviewer_path=$change_vncviewer_path"
+ puts $fh "vncviewer_realvnc4=$vncviewer_realvnc4"
+ puts $fh "additional_port_redirs=$additional_port_redirs"
+ puts $fh "additional_port_redirs_list=$additional_port_redirs_list"
+
+ global sound_daemon_remote_cmd sound_daemon_remote_port sound_daemon_kill sound_daemon_restart
+ global sound_daemon_local_cmd sound_daemon_local_port sound_daemon_local_kill sound_daemon_local_start
+ puts $fh "sound_daemon_remote_cmd=$sound_daemon_remote_cmd"
+ puts $fh "sound_daemon_remote_port=$sound_daemon_remote_port"
+ puts $fh "sound_daemon_kill=$sound_daemon_kill"
+ puts $fh "sound_daemon_restart=$sound_daemon_restart"
+ puts $fh "sound_daemon_local_cmd=$sound_daemon_local_cmd"
+ puts $fh "sound_daemon_local_port=$sound_daemon_local_port"
+ puts $fh "sound_daemon_local_kill=$sound_daemon_local_kill"
+ puts $fh "sound_daemon_local_start=$sound_daemon_local_start"
+
+ global smb_su_mode smb_mount_list
+ set list $smb_mount_list
+ regsub -all "\n" $list "%%%" list
+ puts $fh "smb_su_mode=$smb_su_mode"
+ puts $fh "smb_mount_list=$list"
+
+ global use_port_knocking port_knocking_list
+ set list $port_knocking_list
+ regsub -all "\n" $list "%%%" list
+ puts $fh "use_port_knocking=$use_port_knocking"
+ puts $fh "port_knocking_list=$list"
+
+ close $fh
+ set profdone 1
+}
+
+proc set_ssh {} {
+ global use_ssh use_sshssl
+ if {! $use_ssh && ! $use_sshssl} {
+ set use_ssh 1
+ }
+ putty_pw_entry check
+}
+
+proc expand_IP {redir} {
+ if {! [regexp {:IP:} $redir]} {
+ return $redir
+ }
+ if {! [regexp {(-R).*:IP:} $redir]} {
+ return $redir
+ }
+
+ set ip [guess_ip]
+ set ip [string trim $ip]
+ if {$ip == ""} {
+ return $redir
+ }
+
+ regsub -all {:IP:} $redir ":$ip:" redir
+ return $redir
+}
+
+proc get_cups_redir {} {
+ global cups_local_server cups_remote_port
+ global cups_local_smb_server cups_remote_smb_port
+ set redir "$cups_remote_port:$cups_local_server"
+ regsub -all {['" ]} $redir {} redir; #"
+ set redir " -R $redir"
+ if {$cups_local_smb_server != "" && $cups_remote_smb_port != ""} {
+ set redir2 "$cups_remote_smb_port:$cups_local_smb_server"
+ regsub -all {['" ]} $redir2 {} redir2; #"
+ set redir "$redir -R $redir2"
+ }
+ set redir [expand_IP $redir]
+ return $redir
+}
+
+proc get_additional_redir {} {
+ global additional_port_redirs additional_port_redirs_list
+ if {! $additional_port_redirs || $additional_port_redirs_list == ""} {
+ return ""
+ }
+ set redir [string trim $additional_port_redirs_list]
+ regsub -all {['"]} $redir {} redir; #"
+ set redir " $redir"
+ set redir [expand_IP $redir]
+ return $redir
+}
+
+proc get_sound_redir {} {
+ global sound_daemon_remote_port sound_daemon_local_port
+ set loc $sound_daemon_local_port
+ if {! [regexp {:} $loc]} {
+ set loc "localhost:$loc"
+ }
+ set redir "$sound_daemon_remote_port:$loc"
+ regsub -all {['" ]} $redir {} redir; #"
+ set redir " -R $redir"
+ set redir [expand_IP $redir]
+ return $redir
+}
+
+proc get_smb_redir {} {
+ global smb_mount_list
+
+ set s [string trim $smb_mount_list]
+ if {$s == ""} {
+ return ""
+ }
+
+ set did(0) 1
+ set redir ""
+ set mntlist ""
+
+ foreach line [split $s "\r\n"] {
+ set str [string trim $line]
+ if {$str == ""} {
+ continue
+ }
+ if {[regexp {^#} $str]} {
+ continue
+ }
+
+ set port ""
+ if [regexp {^([0-9][0-9]*)[ \t][ \t]*(.*)} $str mvar port rest] {
+ # leading port
+ set str [string trim $rest]
+ }
+
+ # grab: //share /dest [host[:port]]
+ set share ""
+ set dest ""
+ set hostport ""
+ foreach item [split $str] {
+ if {$item == ""} {
+ continue
+ }
+ if {$share == ""} {
+ set share [string trim $item]
+ } elseif {$dest == ""} {
+ set dest [string trim $item]
+ } elseif {$hostport == ""} {
+ set hostport [string trim $item]
+ }
+ }
+
+ regsub {^~/} $dest {$HOME/} dest
+
+ # work out the local host:port
+ set lhost ""
+ set lport ""
+ if {$hostport != ""} {
+ if [regexp {(.*):(.*)} $hostport mvar lhost lport] {
+ ;
+ } else {
+ set lhost $hostport
+ set lport 139
+ }
+ } else {
+ if [regexp {//([^/][^/]*)/} $share mvar h] {
+ if [regexp {(.*):(.*)} $h mvar lhost lport] {
+ ;
+ } else {
+ set lhost $h
+ set lport 139
+ }
+ } else {
+ set lhost localhost
+ set lport 139
+ }
+ }
+
+ if {$port == ""} {
+ if [info exists did("$lhost:$lport")] {
+ # reuse previous one:
+ set port $did("$lhost:$lport")
+ } else {
+ # choose one at random:
+ for {set i 0} {$i < 3} {incr i} {
+ set port [expr 20100 + 9000 * rand()]
+ set port [expr round($port)]
+ if { ! [info exists did($port)] } {
+ break
+ }
+ }
+ }
+ set did($port) 1
+ }
+
+ if {$mntlist != ""} {
+ append mntlist " "
+ }
+ append mntlist "$share,$dest,$port"
+
+ if { ! [info exists did("$lhost:$lport")] } {
+ append redir " -R $port:$lhost:$lport"
+ set did("$lhost:$lport") $port
+ }
+ }
+
+ regsub -all {['"]} $redir {} redir; #"
+ set redir [expand_IP $redir]
+
+ regsub -all {['"]} $mntlist {} mntlist; #"
+
+ set l [list]
+ lappend l $redir
+ lappend l $mntlist
+ return $l
+}
+
+proc ugly_setup_scripts {mode tag} {
+
+set cmd(1) {
+ SSHD_PID=""
+ FLAG=$HOME/.vnc-helper-flag__PID__
+
+ if [ "X$USER" = "X" ]; then
+ USER=$LOGNAME
+ fi
+
+ DO_CUPS=0
+ cups_dir=$HOME/.cups
+ cups_cfg=$cups_dir/client.conf
+ cups_host=localhost
+ cups_port=NNNN
+
+ DO_SMB=0
+ DO_SMB_SU=0
+ DO_SMB_WAIT=0
+ smb_mounts=
+ DONE_PORT=NNNN
+ smb_script=$HOME/.smb-mounts__PID__.sh
+
+ DO_SOUND=0
+ DO_SOUND_KILL=0
+ DO_SOUND_RESTART=0
+ sound_daemon_remote_prog=
+ sound_daemon_remote_args=
+
+ findpid() {
+ i=1
+ back=10
+ touch $FLAG
+
+ if [ "X$TOPPID" = "X" ]; then
+ TOPPID=$$
+ back=50
+ fi
+
+ while [ $i -lt $back ]
+ do
+ try=`expr $TOPPID - $i`
+ if ps $try 2>/dev/null | grep sshd >/dev/null; then
+ SSHD_PID="$try"
+ echo SSHD_PID=$try
+ echo
+ break
+ fi
+ i=`expr $i + 1`
+ done
+ }
+
+ wait_til_ssh_gone() {
+ try_perl=""
+ if type perl >/dev/null 2>&1; then
+ try_perl=1
+ fi
+ uname=`uname`
+ if [ "X$uname" != "XLinux" -a "X$uname" != "XSunOS" ]; then
+ try_perl=""
+ fi
+ if [ "X$try_perl" = "X1" ]; then
+ # try to avoid wasting pids:
+ perl -e "while (1) {if(! -e \"/proc/$SSHD_PID\"){exit} if(! -f \"$FLAG\"){exit} sleep 1;}"
+ else
+ while [ 1 ]
+ do
+ ps $SSHD_PID > /dev/null 2>&1
+ if [ $? != 0 ]; then
+ break
+ fi
+ if [ ! -f $FLAG ]; then
+ break
+ fi
+ sleep 1
+ done
+ fi
+ rm -f $FLAG
+ if [ "X$DO_SMB_WAIT" = "X1" ]; then
+ rm -f $smb_script
+ fi
+ }
+};
+
+set cmd(2) {
+ update_client_conf() {
+ mkdir -p $cups_dir
+ if [ -f $cups_cfg ]; then
+ cp -p $cups_cfg $cups_cfg.back
+ else
+ touch $cups_cfg.back
+ fi
+ sed -e "s/^ServerName/#-etv-#ServerName/" $cups_cfg.back > $cups_cfg
+ echo "ServerName $cups_host:$cups_port" >> $cups_cfg
+ echo
+ echo "--------------------------------------------------------------"
+ echo "The CUPS $cups_cfg config file has been set to:"
+ echo
+ cat $cups_cfg
+ echo
+ echo "If there are problems automatically restoring it, edit or"
+ echo "remove the file to go back to local CUPS settings."
+ echo
+ echo "A backup has been placed in: $cups_cfg.back"
+ echo
+ echo "See the help description for more details on printing."
+ echo
+ echo "done."
+ echo "--------------------------------------------------------------"
+ echo
+ }
+
+ reset_client_conf() {
+ cp -p $cups_cfg $cups_cfg.tmp
+ grep -v "^ServerName" $cups_cfg.tmp | sed -e "s/^#-etv-#ServerName/ServerName/" > $cups_cfg
+ rm -f $cups_cfg.tmp
+ }
+
+ cupswait() {
+ trap "" INT QUIT HUP
+ wait_til_ssh_gone
+ reset_client_conf
+ }
+};
+
+# if [ "X$DONE_PORT" != "X" ]; then
+# if type perl >/dev/null 2>&1; then
+# perl -e "use IO::Socket::INET; \$SIG{INT} = \"IGNORE\"; \$SIG{QUIT} = \"IGNORE\"; \$SIG{HUP} = \"INGORE\"; my \$client = IO::Socket::INET->new(Listen => 5, LocalAddr => \"localhost\", LocalPort => $DONE_PORT, Proto => \"tcp\")->accept(); \$line = <\$client>; close \$client; unlink \"$smb_script\";" </dev/null >/dev/null 2>/dev/null &
+# if [ $? = 0 ]; then
+# have_perl_done="1"
+# fi
+# fi
+# fi
+
+set cmd(3) {
+ smbwait() {
+ trap "" INT QUIT HUP
+ wait_til_ssh_gone
+ }
+ do_smb_mounts() {
+ if [ "X$smb_mounts" = "X" ]; then
+ return
+ fi
+ echo > $smb_script
+ have_perl_done=""
+ echo "echo" >> $smb_script
+ dests=""
+ for mnt in $smb_mounts
+ do
+ smfs=`echo "$mnt" | awk -F, "{print \\\$1}"`
+ dest=`echo "$mnt" | awk -F, "{print \\\$2}"`
+ port=`echo "$mnt" | awk -F, "{print \\\$3}"`
+ dest=`echo "$dest" | sed -e "s,__USER__,$USER,g" -e "s,__HOME__,$HOME,g"`
+ if [ ! -d $dest ]; then
+ mkdir -p $dest
+ fi
+ echo "echo SMBMOUNT:" >> $smb_script
+ echo "echo smbmount $smfs $dest -o uid=$USER,ip=127.0.0.1,port=$port" >> $smb_script
+ echo "smbmount \"$smfs\" \"$dest\" -o uid=$USER,ip=127.0.0.1,port=$port" >> $smb_script
+ echo "echo; df \"$dest\"; echo" >> $smb_script
+ dests="$dests $dest"
+ done
+ #}
+};
+
+set cmd(4) {
+ echo "(" >> $smb_script
+ echo "trap \"\" INT QUIT HUP" >> $smb_script
+
+ try_perl=""
+ if type perl >/dev/null 2>&1; then
+ try_perl=1
+ fi
+ uname=`uname`
+ if [ "X$uname" != "XLinux" -a "X$uname" != "XSunOS" ]; then
+ try_perl=""
+ fi
+
+ if [ "X$try_perl" = "X" ]; then
+ echo "while [ -f $smb_script ]" >> $smb_script
+ echo "do" >> $smb_script
+ echo " sleep 1" >> $smb_script
+ echo "done" >> $smb_script
+ else
+ echo "perl -e \"while (-f \\\\\"$smb_script\\\\\") {sleep 1;} exit 0;\"" >> $smb_script
+ fi
+ for dest in $dests
+ do
+ echo "echo smbumount $dest" >> $smb_script
+ echo "smbumount \"$dest\"" >> $smb_script
+ done
+ echo ") &" >> $smb_script
+ echo "--------------------------------------------------------------"
+ if [ "$DO_SMB_SU" = "0" ]; then
+ echo "We now run the smbmount script as user $USER"
+ echo
+ echo sh $smb_script
+ sh $smb_script
+ rc=0
+ elif [ "$DO_SMB_SU" = "1" ]; then
+ echo "We now run the smbmount script via su(1)"
+ echo
+ echo "The first \"Password:\" will be for that of root to run the smbmount script."
+ echo
+ echo "Subsequent \"Password:\" will be for the SMB share(s) (hit Return if no passwd)"
+ echo
+ echo SU:
+ echo "su root -c \"sh $smb_script\""
+ su root -c "sh $smb_script"
+ rc=$?
+ elif [ "$DO_SMB_SU" = "2" ]; then
+ echo "We now run the smbmount script via sudo(8)"
+ echo
+ echo "The first \"Password:\" will be for that of the sudo(8) password."
+ echo
+ echo "Subsequent \"Password:\" will be for the SMB shares (hit enter if no passwd)"
+ echo
+ echo SUDO:
+ echo sudo sh $smb_script
+ sudo sh $smb_script
+ rc=$?
+ fi
+};
+
+set cmd(5) {
+ #{
+ echo
+ if [ "$rc" = 0 ]; then
+ if [ "X$have_perl_done" = "X1" -o 1 = 1 ] ; then
+ echo
+ echo "Your SMB shares will be be unmounted when the VNC connection"
+ echo "closes. If that fails follow these instructions:"
+ fi
+ echo
+ echo "To unmount your SMB shares make sure no applications are still using"
+ echo "any of the files and no shells are still cd-ed into the share area,"
+ echo "then type:"
+ echo
+ echo " rm -f $smb_script"
+ echo
+ echo "(to avoid a 2nd ssh, try to do this before terminating the VNC Viewer)"
+ echo
+ echo "In the worst case run: smbumount /path/to/mount/point for each mount."
+ else
+ echo
+ if [ "$DO_SMB_SU" = "1" ]; then
+ echo "su(1) to run smbmount(8) failed."
+ elif [ "$DO_SMB_SU" = "2" ]; then
+ echo "sudo(8) to run smbmount(8) failed."
+ fi
+ rm -f $smb_script
+ fi
+ echo
+ echo "done."
+ echo "--------------------------------------------------------------"
+ echo
+ }
+};
+
+set cmd(6) {
+
+ setup_sound() {
+ dpid=""
+ d=$sound_daemon_remote_prog
+ if type pgrep >/dev/null 2>/dev/null; then
+ dpid=`pgrep -U $USER -x $d | head -1`
+ else
+ dpid=`env PATH=/usr/ucb:$PATH ps wwwwaux | grep -w $USER | grep -w $d | grep -v grep | head -1`
+ fi
+ echo "--------------------------------------------------------------"
+ echo "Setting up Sound: pid=$dpid"
+ if [ "X$dpid" != "X" ]; then
+ dcmd=`env PATH=/usr/ucb:$PATH ps wwwwaux | grep -w $USER | grep -w $d | grep -w $dpid | grep -v grep | head -1 | sed -e "s/^.*$d/$d/"`
+ if [ "X$DO_SOUND_KILL" = "X1" ]; then
+ echo "Stopping sound daemon: $sound_daemon_remote_prog $dpid"
+ echo "sound cmd: $dcmd"
+ kill -TERM $dpid
+ fi
+ fi
+ echo
+ echo "done."
+ echo "--------------------------------------------------------------"
+ echo
+ }
+
+ reset_sound() {
+ if [ "X$DO_SOUND_RESTART" = "X1" ]; then
+ d=$sound_daemon_remote_prog
+ a=$sound_daemon_remote_args
+ echo "Restaring sound daemon: $d $a"
+ $d $a </dev/null >/dev/null 2>&1 &
+ fi
+ }
+
+ soundwait() {
+ trap "" INT QUIT HUP
+ wait_til_ssh_gone
+ reset_sound
+ }
+
+ findpid
+
+ if [ $DO_SMB = 1 ]; then
+ do_smb_mounts
+ fi
+
+ waiter=0
+
+ if [ $DO_CUPS = 1 ]; then
+ update_client_conf
+ cupswait </dev/null >/dev/null 2>/dev/null &
+ waiter=1
+ fi
+
+ if [ $DO_SOUND = 1 ]; then
+ setup_sound
+ soundwait </dev/null >/dev/null 2>/dev/null &
+ waiter=1
+ fi
+ if [ $DO_SMB_WAIT = 1 ]; then
+ if [ $waiter != 1 ]; then
+ smbwait </dev/null >/dev/null 2>/dev/null &
+ waiter=1
+ fi
+ fi
+
+
+ echo "--vnc-helper-exiting--"
+ echo
+ rm -f $0
+ exit 0
+};
+
+ set cmdall ""
+
+ for {set i 1} {$i <= 6} {incr i} {
+ set v $cmd($i);
+ regsub -all "\n" $v "%" v
+ set cmd($i) $v
+ append cmdall "echo "
+ if {$i == 1} {
+ append cmdall {TOPPID=$$%}
+ }
+ append cmdall {'}
+ append cmdall $cmd($i)
+ append cmdall {' | tr '%' '\n'}
+ if {$i == 1} {
+ append cmdall {>}
+ } else {
+ append cmdall {>>}
+ }
+ append cmdall {$HOME/.vnc-helper-cmd__PID__; }
+ }
+ append cmdall {sh $HOME/.vnc-helper-cmd__PID__; }
+
+ regsub -all {vnc-helper-cmd} $cmdall "vnc-helper-cmd-$mode" cmdall
+ if {$tag == ""} {
+ set tag [pid]
+ }
+ regsub -all {__PID__} $cmdall "$tag" cmdall
+
+ set orig $cmdall
+
+ global use_cups cups_local_server cups_remote_port cups_manage_rcfile
+ if {$use_cups && $cups_manage_rcfile} {
+ if {$mode == "post"} {
+ regsub {DO_CUPS=0} $cmdall {DO_CUPS=1} cmdall
+ regsub {cups_port=NNNN} $cmdall "cups_port=$cups_remote_port" cmdall
+ }
+ }
+
+ global use_smbmnt smb_su_mode
+ if {$use_smbmnt} {
+ global smb_mounts
+ if {$smb_mounts != ""} {
+ set smbm $smb_mounts
+ regsub -all {%USER} $smbm "__USER__" smbm
+ regsub -all {%HOME} $smbm "__HOME__" smbm
+ if {$mode == "pre"} {
+ regsub {DO_SMB=0} $cmdall {DO_SMB=1} cmdall
+ if {$smb_su_mode == "su"} {
+ regsub {DO_SMB_SU=0} $cmdall {DO_SMB_SU=1} cmdall
+ } elseif {$smb_su_mode == "sudo"} {
+ regsub {DO_SMB_SU=0} $cmdall {DO_SMB_SU=2} cmdall
+ } elseif {$smb_su_mode == "none"} {
+ regsub {DO_SMB_SU=0} $cmdall {DO_SMB_SU=0} cmdall
+ } else {
+ regsub {DO_SMB_SU=0} $cmdall {DO_SMB_SU=1} cmdall
+ }
+ regsub {smb_mounts=} $cmdall "smb_mounts=\"$smbm\"" cmdall
+ } elseif {$mode == "post"} {
+ regsub {DO_SMB_WAIT=0} $cmdall {DO_SMB_WAIT=1} cmdall
+ }
+ }
+ }
+
+ global use_sound
+ if {$use_sound} {
+ if {$mode == "pre"} {
+ global sound_daemon_remote_cmd sound_daemon_kill sound_daemon_restart
+ if {$sound_daemon_kill} {
+ regsub {DO_SOUND_KILL=0} $cmdall {DO_SOUND_KILL=1} cmdall
+ regsub {DO_SOUND=0} $cmdall {DO_SOUND=1} cmdall
+ }
+ if {$sound_daemon_restart} {
+ regsub {DO_SOUND_RESTART=0} $cmdall {DO_SOUND_RESTART=1} cmdall
+ regsub {DO_SOUND=0} $cmdall {DO_SOUND=1} cmdall
+ }
+ set sp [string trim $sound_daemon_remote_cmd]
+ regsub {[ \t].*$} $sp "" sp
+ set sa [string trim $sound_daemon_remote_cmd]
+ regsub {^[^ \t][^ \t]*[ \t][ \t]*} $sa "" sa
+ regsub {sound_daemon_remote_prog=} $cmdall "sound_daemon_remote_prog=\"$sp\"" cmdall
+ regsub {sound_daemon_remote_args=} $cmdall "sound_daemon_remote_args=\"$sa\"" cmdall
+ }
+ }
+
+ if {"$orig" == "$cmdall"} {
+ return ""
+ } else {
+ return $cmdall
+ }
+}
+
+proc cups_dialog {} {
+
+ catch {destroy .cups}
+ toplevel .cups
+ wm title .cups "CUPS Tunnelling"
+ global cups_local_server cups_remote_port cups_manage_rcfile
+ global cups_local_smb_server cups_remote_smb_port
+
+ scroll_text .cups.f
+
+ set msg {
+ CUPS Printing requires SSH be used to set up the Print service port
+ redirection. This will be either of the "Use SSH instead" or "Use
+ SSH and SSL" modes under "Options". Pure SSL tunnelling will not work.
+
+ This method requires working CUPS software setups on both the remote
+ and local sides of the connection.
+
+ (See Method #1 below for perhaps the easiest way to get applications
+ to print through the tunnel; it requires admin privileges however).
+
+ You choose an actual remote CUPS port below under "Use Remote CUPS
+ Port:" (6631 is just our default and used in the examples below).
+ Note that the normal default CUPS server port is 631.
+
+ The port you choose must be unused on the VNC server machine (n.b. no
+ checking is done). Print requests connecting to it are redirected to
+ your local machine through the SSH tunnel. Note: root permission is
+ needed for ports less than 1024 (this is not recommended).
+
+ Then enter the VNC Viewer side (i.e. where you are sitting) CUPS server
+ under "Local CUPS Server". E.g. use "localhost:631" if there is one
+ on the viewer machine, or, say, "my-print-srv:631" for a nearby CUPS
+ print server.
+
+ Several methods are now described for how to get applications to
+ print through the port redirected tunnel.
+
+ Method #0: Create or edit the file $HOME/.cups/client.conf on the VNC
+ server side by putting in something like this in it:
+
+ ServerName localhost:6631
+
+ based on the port you selected above.
+
+ NOTE: For this client.conf ServerName setting to work with lp(1)
+ and lpr(1) CUPS 1.2 or greater is required. The cmdline option
+ "-h localhost:6631" can be used for older versions. For client.conf to
+ work in general (e.g. Openoffice, Firefox), a bugfix found in CUPS 1.2.3
+ is required. Two Workarounds (Methods #1 and #2) are described below.
+
+ After the remote VNC Connection is finished, to go back to the non-SSH
+ tunnelled CUPS server and either remove the client.conf file or comment
+ out the ServerName line. This restores the normal CUPS server for
+ you on the remote machine.
+
+ Select "Manage ServerName in the $HOME/.cups/client.conf file for me" to
+ attempt to do this editing of the CUPS config file for you automatically.
+
+ Method #1: If you have admin permission on the VNC Server machine you
+ can likely "Add a Printer" via a GUI dialog, wizard, lpadmin(8), etc.
+ This makes the client.conf ServerName parameter unnecessary. You will
+ need to tell the GUI dialog that the printer is at, e.g., localhost:6631,
+ and anything else needed to identify the printer (type, model, etc).
+
+ Method #2: Restarting individual applications with the IPP_PORT
+ set will enable redirected printing for them, e.g.:
+ "env IPP_PORT=6631 firefox"
+
+ Windows/SMB Printers: Under "Local SMB Print Server" you can set
+ a port redirection for a Windows (non-CUPS) SMB printer. E.g. port
+ 6632 -> localhost:139. If localhost:139 does not work, try IP:139,
+ etc. or put in the IP address manually. Then at the least you can
+ print using the smbspool(8) program like this:
+
+ smbspool smb://localhost:6632/lp job user title 1 "" myfile.ps
+
+ You could put this in a script, "myprinter". It appears on the the URI,
+ the number of copies ("1" above) and the file itself are important.
+ (XXX this might only work for Samba printers...)
+
+ If you have root permission you can configure CUPS to know about this
+ printer via lpadmin(8), etc. You basically give it the smb:// URI.
+
+ For more info see: http://www.karlrunge.com/x11vnc/#faq-cups
+}
+ .cups.f.t insert end $msg
+
+ if {$cups_local_server == ""} {
+ set cups_local_server "localhost:631"
+ }
+ if {$cups_remote_port == ""} {
+ set cups_remote_port "6631"
+ }
+ if {$cups_local_smb_server == ""} {
+ global is_windows
+ if {$is_windows} {
+ set cups_local_smb_server "IP:139"
+ } else {
+ set cups_local_smb_server "localhost:139"
+ }
+ }
+ if {$cups_remote_smb_port == ""} {
+ set cups_remote_smb_port "6632"
+ }
+
+ frame .cups.serv
+ label .cups.serv.l -text "Local CUPS Server: "
+ entry .cups.serv.e -width 40 -textvariable cups_local_server
+ pack .cups.serv.l -side left
+ pack .cups.serv.e -side left -expand 1 -fill x
+
+ frame .cups.port
+ label .cups.port.l -text "Use Remote CUPS Port:"
+ entry .cups.port.e -width 40 -textvariable cups_remote_port
+ pack .cups.port.l -side left
+ pack .cups.port.e -side left -expand 1 -fill x
+
+ frame .cups.smbs
+ label .cups.smbs.l -text "Local SMB Print Server: "
+ entry .cups.smbs.e -width 40 -textvariable cups_local_smb_server
+ pack .cups.smbs.l -side left
+ pack .cups.smbs.e -side left -expand 1 -fill x
+
+ frame .cups.smbp
+ label .cups.smbp.l -text "Use Remote SMB Print Port:"
+ entry .cups.smbp.e -width 40 -textvariable cups_remote_smb_port
+ pack .cups.smbp.l -side left
+ pack .cups.smbp.e -side left -expand 1 -fill x
+
+ checkbutton .cups.cupsrc -anchor w -variable cups_manage_rcfile -text \
+ "Manage ServerName in the remote \$HOME/.cups/client.conf file for me"
+
+ button .cups.done -text "Done" -command {destroy .cups; if {$use_cups} {set_ssh}}
+ bind .cups <Escape> {destroy .cups; if {$use_cups} {set_ssh}}
+
+ button .cups.guess -text "Help me decide ..." -command {}
+ .cups.guess configure -state disabled
+
+ pack .cups.done .cups.guess .cups.cupsrc .cups.smbp .cups.smbs .cups.port .cups.serv -side bottom -fill x
+ pack .cups.f -side top -fill both -expand 1
+
+ center_win .cups
+}
+
+proc sound_dialog {} {
+
+ global is_windows
+
+ catch {destroy .snd}
+ toplevel .snd
+ wm title .snd "ESD/ARTSD Sound Tunnelling"
+
+ scroll_text .snd.f 80 30
+
+ set msg {
+ Sound daemon tunnelling requires SSH be used to set up the service
+ port redirection. This will be either of the "Use SSH instead" or "Use
+ SSH and SSL" modes under "Options". Pure SSL tunnelling will not work.
+
+ This method requires working Sound daemon (e.g. ESD or ARTSD) software
+ setups on both the remote and local sides of the connection.
+
+ Often this means you want to run your ENTIRE remote desktop with all
+ applications instructed to use the sound daemon's network port. E.g.
+
+ esddsp -s localhost:16001 startkde
+ esddsp -s localhost:16001 gnome-session
+
+ and similarly for artsdsp, etc. You put this in your ~/.xession,
+ or other startup file. This is non standard. If you do not want to
+ do this you still can direct *individual* sound applications through
+ the tunnel, for example "esddsp -s localhost:16001 soundapp", where
+ "soundapp" is some application that makes noise (say xmms or mpg123).
+
+ Also, usually the remote Sound daemon must be killed BEFORE the SSH port
+ redir is established (because it is listening on the port we want to use
+ for the SSH redir), and, presumably, restarted when the VNC connection
+ finished.
+
+ One may also want to start and kill a local sound daemon that will
+ play the sound received over the network on the local machine.
+
+ You can indicate the remote and local Sound daemon commands below and
+ how they should be killed and/or restart. Some examples:
+
+ esd -promiscuous -as 5 -port 16001 -tcp -bind 127.0.0.1
+ artsd -n -p 7265 -F 10 -S 4096 -n -s 5 -m artsmessage -l 3 -f
+
+ or you can leave some or all blank and kill/start them manually.
+
+ For convenience, a Windows port of ESD is provided in the util/esound
+ directory, and so this might work for a Local command:
+
+ esound\esd -promiscuous -as 5 -port 16001 -tcp -bind 127.0.0.1
+
+ NOTE: If you indicate "Remote Sound daemon: Kill at start." below,
+ then THERE WILL BE TWO SSH'S: THE FIRST ONE TO KILL THE DAEMON.
+ So you may need to supply TWO SSH PASSWORDS, unless you are using
+ something like ssh-agent(1), the Putty PW setting, etc.
+
+ You will also need to supply the remote and local sound ports for the
+ SSH redirs (even though in principle the could be guessed from the
+ daemon commands...) For esd the default port is 16001, but you can
+ choose another one if you prefer.
+
+ For "Local Sound Port" you can also supply "host:port" instead of just
+ a numerical port to specify non-localhost connections, e.g. to another
+ machine.
+
+ For more info see: http://www.karlrunge.com/x11vnc/#faq-sound
+}
+ .snd.f.t insert end $msg
+
+ global sound_daemon_remote_port sound_daemon_local_port sound_daemon_local_cmd
+ if {$sound_daemon_remote_port == ""} {
+ set sound_daemon_remote_port 16001
+ }
+ if {$sound_daemon_local_port == ""} {
+ set sound_daemon_local_port 16001
+ }
+
+ if {$sound_daemon_local_cmd == ""} {
+ global is_windows
+ if {$is_windows} {
+ set sound_daemon_local_cmd {esound\esd -promiscuous -as 5 -port %PORT -tcp -bind 127.0.0.1}
+ } else {
+ set sound_daemon_local_cmd {esd -promiscuous -as 5 -port %PORT -tcp -bind 127.0.0.1}
+ }
+ regsub {%PORT} $sound_daemon_local_cmd $sound_daemon_local_port sound_daemon_local_cmd
+ }
+
+
+ frame .snd.remote
+ label .snd.remote.l -text "Remote Sound daemon cmd: "
+ entry .snd.remote.e -width 40 -textvariable sound_daemon_remote_cmd
+ pack .snd.remote.l -side left
+ pack .snd.remote.e -side left -expand 1 -fill x
+
+ frame .snd.local
+ label .snd.local.l -text "Local Sound daemon cmd: "
+ entry .snd.local.e -width 40 -textvariable sound_daemon_local_cmd
+ pack .snd.local.l -side left
+ pack .snd.local.e -side left -expand 1 -fill x
+
+ frame .snd.rport
+ label .snd.rport.l -text "Remote Sound Port: "
+ entry .snd.rport.e -width 40 -textvariable sound_daemon_remote_port
+ pack .snd.rport.l -side left
+ pack .snd.rport.e -side left -expand 1 -fill x
+
+ frame .snd.lport
+ label .snd.lport.l -text "Local Sound Port: "
+ entry .snd.lport.e -width 40 -textvariable sound_daemon_local_port
+ pack .snd.lport.l -side left
+ pack .snd.lport.e -side left -expand 1 -fill x
+
+
+ checkbutton .snd.sdk -anchor w -variable sound_daemon_kill -text \
+ "Remote Sound daemon: Kill at start."
+
+ checkbutton .snd.sdr -anchor w -variable sound_daemon_restart -text \
+ "Remote Sound daemon: Restart at end."
+
+ checkbutton .snd.sdsl -anchor w -variable sound_daemon_local_start -text \
+ "Local Sound daemon: Run at start."
+
+ checkbutton .snd.sdkl -anchor w -variable sound_daemon_local_kill -text \
+ "Local Sound daemon: Kill at end."
+
+ button .snd.guess -text "Help me decide ..." -command {}
+ .snd.guess configure -state disabled
+
+ global is_win9x
+ if {$is_win9x} {
+ .snd.local.e configure -state disabled
+ .snd.local.l configure -state disabled
+ .snd.sdsl configure -state disabled
+ .snd.sdkl configure -state disabled
+ }
+
+ button .snd.done -text "Done" -command {destroy .snd; if {$use_sound} {set_ssh}}
+ bind .snd <Escape> {destroy .snd; if {$use_sound} {set_ssh}}
+
+ pack .snd.done .snd.guess .snd.sdkl .snd.sdsl .snd.sdr .snd.sdk .snd.lport .snd.rport \
+ .snd.local .snd.remote -side bottom -fill x
+ pack .snd.f -side bottom -fill both -expand 1
+
+ center_win .snd
+}
+
+# Share ideas.
+#
+# Unix:
+#
+# if type smbclient
+# first parse smbclient -L localhost -N
+# and/or smbclient -L `hostname` -N
+# Get Sharenames and Servers and Domain.
+#
+# loop over servers, doing smbclient -L server -N
+# pile this into a huge list, sep by disk and printers.
+#
+# WinXP:
+#
+# parse "NET VIEW" output similarly.
+#
+# Have checkbox for each disk. Set default root to /var/tmp/${USER}-mnts
+# Let them change that at once and have it populate.
+#
+# use //hostname/share /var/tmp/runge-mnts/hostname/share
+#
+#
+# Printers, hmmm. Can't add to remote cups list... I guess have the list
+# ready for CUPS dialog to suggest which SMB servers they want to redirect
+# to...
+
+proc get_hostname {} {
+ global is_windows is_win9x
+ set str ""
+ if {$is_windows} {
+ if {1} {
+ catch {set str [exec hostname]}
+ regsub -all {[\r]} $str "" str
+ } else {
+ catch {set str [exec net config]}
+ if [regexp -nocase {Computer name[ \t]+\\\\([^ \t]+)} $str mv str] {
+ ;
+ } else {
+ set str ""
+ }
+ }
+ } else {
+ catch {set str [exec hostname]}
+ }
+ set str [string trim $str]
+ return $str
+}
+
+proc smb_list_windows {smbhost} {
+ global smb_local smb_local_hosts smb_this_host
+ global is_win9x
+ set dbg 0
+
+ set domain ""
+
+ if {$is_win9x} {
+ # exec net view ... doesn't work.
+ set smb_this_host "unknown"
+ return
+ }
+
+ set this_host [get_hostname]
+ set This_host [string toupper $this_host]
+ set smb_this_host $This_host
+
+ if {$smbhost == $smb_this_host} {
+ catch {set out0 [exec net view]}
+ regsub -all {[\r]} $out0 "" out0
+ foreach line [split $out0 "\n"] {
+ if [regexp -nocase {in workgroup ([^ \t]+)} $line mv wg] {
+ regsub -all {[.]} $wg "" wg
+ set domain $wg
+ } elseif [regexp {^\\\\([^ \t]+)[ \t]*(.*)} $line mv host comment] {
+ set smb_local($smbhost:server:$host) $comment
+ }
+ }
+ }
+
+ set out1 ""
+ set h "\\\\$smbhost"
+ catch {set out1 [exec net view $h]}
+ regsub -all {[\r]} $out1 "" out1
+
+ if {$dbg} {puts "SMBHOST: $smbhost"}
+
+ set mode ""
+ foreach line [split $out1 "\n"] {
+ if [regexp {^[ \t]*---} $line] {
+ continue
+ }
+ if [regexp -nocase {The command} $line] {
+ continue
+ }
+ if [regexp -nocase {Shared resources} $line] {
+ continue
+ }
+ if [regexp -nocase {^[ \t]*Share[ \t]*name} $line] {
+ set mode "shares"
+ continue
+ }
+ set line [string trim $line]
+ if {$line == ""} {
+ continue
+ }
+ if {$mode == "shares"} {
+ if [regexp {^([^ \t]+)[ \t]+([^ \t]+)[ \t]*(.*)$} $line mv name type comment] {
+ if {$dbg} {
+ puts "SHR: $name"
+ puts "---: $type"
+ puts "---: $comment"
+ }
+ if [regexp -nocase {^Disk$} $type] {
+ set smb_local($smbhost:disk:$name) $comment
+ } elseif [regexp -nocase {^Print} $type] {
+ set smb_local($smbhost:printer:$name) $comment
+ }
+ }
+ }
+ }
+
+ set smb_local($smbhost:domain) $domain
+}
+
+proc smb_list_unix {smbhost} {
+ global smb_local smb_local_hosts smb_this_host
+ set smbclient [in_path smbclient]
+ if {[in_path smbclient] == ""} {
+ return ""
+ }
+ set dbg 0
+
+ set this_host [get_hostname]
+ set This_host [string toupper $this_host]
+ set smb_this_host $This_host
+
+ set out1 ""
+ catch {set out1 [exec smbclient -N -L $smbhost 2>@ stdout]}
+
+ if {$dbg} {puts "SMBHOST: $smbhost"}
+ if {$smbhost == $this_host || $smbhost == $This_host} {
+ if {$out1 == ""} {
+ catch {set out1 [exec smbclient -N -L localhost 2>@ stdout]}
+ }
+ }
+
+ set domain ""
+ set mode ""
+ foreach line [split $out1 "\n"] {
+ if [regexp {^[ \t]*---} $line] {
+ continue
+ }
+ if [regexp {Anonymous login} $line] {
+ continue
+ }
+ if {$domain == "" && [regexp {Domain=\[([^\]]+)\]} $line mv domain]} {
+ if {$dbg} {puts "DOM: $domain"}
+ continue
+ }
+ if [regexp {^[ \t]*Sharename} $line] {
+ set mode "shares"
+ continue
+ }
+ if [regexp {^[ \t]*Server} $line] {
+ set mode "server"
+ continue
+ }
+ if [regexp {^[ \t]*Workgroup} $line] {
+ set mode "workgroup"
+ continue
+ }
+ set line [string trim $line]
+ if {$mode == "shares"} {
+ if [regexp {^([^ \t]+)[ \t]+([^ \t]+)[ \t]*(.*)$} $line mv name type comment] {
+ if {$dbg} {
+ puts "SHR: $name"
+ puts "---: $type"
+ puts "---: $comment"
+ }
+ if [regexp -nocase {^Disk$} $type] {
+ set smb_local($smbhost:disk:$name) $comment
+ } elseif [regexp -nocase {^Printer$} $type] {
+ set smb_local($smbhost:printer:$name) $comment
+ }
+ }
+ } elseif {$mode == "server"} {
+ if [regexp {^([^ \t]+)[ \t]*(.*)$} $line mv host comment] {
+ if {$dbg} {
+ puts "SVR: $host"
+ puts "---: $comment"
+ }
+ set smb_local($smbhost:server:$host) $comment
+ }
+ } elseif {$mode == "workgroup"} {
+ if [regexp {^([^ \t]+)[ \t]+(.*)$} $line mv work host] {
+ if {$dbg} {
+ puts "WRK: $work"
+ puts "---: $host"
+ }
+ if {$host != ""} {
+ set smb_local($smbhost:master:$work) $host
+ }
+ }
+ }
+ }
+
+ set smb_local($smbhost:domain) $domain
+}
+
+proc smb_list {} {
+ global is_windows smb_local smb_local_hosts
+ global smb_host_list
+
+ set smb_local(null) ""
+
+ if {! [info exists smb_host_list]} {
+ set smb_host_list ""
+ }
+ if [info exists smb_local] {
+ unset smb_local
+ }
+ if [info exists smb_local_hosts] {
+ unset smb_local_hosts
+ }
+
+ set this_host [get_hostname]
+ set this_host [string toupper $this_host]
+ if {$is_windows} {
+ smb_list_windows $this_host
+ } else {
+ smb_list_unix $this_host
+ }
+ set did($this_host) 1
+ set keys [array names smb_local]
+ foreach item [split $smb_host_list] {
+ if {$item != ""} {
+ set item [string toupper $item]
+ lappend keys "$this_host:server:$item"
+ }
+ }
+ foreach key $keys {
+ if [regexp "^$this_host:server:(.*)\$" $key mv host] {
+ if {$host == ""} {
+ continue
+ }
+ set smb_local_hosts($host) 1
+ if {! [info exists did($host)]} {
+ if {$is_windows} {
+ smb_list_windows $host
+ } else {
+ smb_list_unix $host
+ }
+ set did($host) 1
+ }
+ }
+ }
+}
+
+proc smb_check_selected {} {
+ global smbmount_exists smbmount_sumode
+ global smb_selected smb_selected_mnt smb_selected_cb smb_selected_en
+
+ set ok 0
+ if {$smbmount_exists && $smbmount_sumode != "dontknow"} {
+ set ok 1
+ }
+ set state disabled
+ if {$ok} {
+ set state normal
+ }
+
+ foreach cb [array names smb_selected_cb] {
+ catch {$cb configure -state $state}
+ }
+ foreach en [array names smb_selected_en] {
+ catch {$en configure -state $state}
+ }
+}
+
+proc make_share_widgets {w} {
+
+ set share_label $w.f.hl
+ catch {$share_label configure -text "Share Name: PROBING ..."}
+ update
+
+ smb_list
+
+ set saw_f 0
+ foreach child [winfo children $w] {
+ if {$child == "$w.f"} {
+ set saw_f 1
+ continue
+ }
+ catch {destroy $child}
+ }
+
+ set w1 47
+ set w2 44
+
+ if {! $saw_f} {
+ set wf $w.f
+ frame $wf
+ label $wf.hl -width $w1 -text "Share Name:" -anchor w
+ label $wf.hr -width $w2 -text " Mount Point:" -anchor w
+
+ pack $wf.hl $wf.hr -side left -expand 1
+ pack $wf -side top -fill x
+
+ .smbwiz.f.t window create end -window $w
+ }
+
+ global smb_local smb_local_hosts smb_this_host smb_selected smb_selected_mnt
+ global smb_selected_host smb_selected_name
+ global smb_selected_cb smb_selected_en
+ global smb_host_list
+ if [info exists smb_selected] {array unset smb_selected }
+ if [info exists smb_selected_mnt] {array unset smb_selected_mnt}
+ if [info exists smb_selected_cb] {array unset smb_selected_cb}
+ if [info exists smb_selected_en] {array unset smb_selected_en}
+ if [info exists smb_selected_host] {array unset smb_selected_host}
+ if [info exists smb_selected_name] {array unset smb_selected_name}
+
+ set hosts [list $smb_this_host]
+ lappend hosts [lsort [array names smb_local_hosts]]
+
+ set smb_host_list ""
+ set i 0
+
+ global smb_mount_prefix
+ set smb_mount_prefix "/var/tmp/%USER-mnts"
+
+ foreach host [lsort [array names smb_local_hosts]] {
+
+ if [info exists did($host)] {
+ continue
+ }
+ set did($host) 1
+
+ append smb_host_list "$host "
+
+ foreach key [lsort [array names smb_local]] {
+ if [regexp {^([^:]+):([^:]+):(.*)$} $key mv host2 type name] {
+ if {$host2 != $host} {
+ continue
+ }
+ if {$type != "disk"} {
+ continue
+ }
+ set wf $w.f$i
+ frame $wf
+ checkbutton $wf.c -anchor w -width $w1 -variable smb_selected($i) \
+ -text "//$host/$name" -relief ridge
+ if {! [info exists smb_selected($i)]} {
+ set smb_selected($i) 0
+ }
+
+ entry $wf.e -width $w2 -textvariable smb_selected_mnt($i)
+ set smb_selected_mnt($i) "$smb_mount_prefix/$host/$name"
+
+ set smb_selected_host($i) $host
+ set smb_selected_name($i) $name
+
+ set smb_selected_cb($wf.c) $i
+ set smb_selected_en($wf.e) $i
+ set comment $smb_local($key)
+
+ bind $wf.c <Enter> "$share_label configure -text {Share Name: $comment}"
+ bind $wf.c <Leave> "$share_label configure -text {Share Name:}"
+
+ $wf.c configure -state disabled
+ $wf.e configure -state disabled
+
+ pack $wf.c $wf.e -side left -expand 1
+ pack $wf -side top -fill x
+ incr i
+ }
+ }
+ }
+ if {$i == 0} {
+ global is_win9x
+ #.smbwiz.f.t insert end "\nNo SMB Share Hosts were found!\n"
+ $share_label configure -text {Share Name: No SMB Share Hosts were found!}
+ if {$is_win9x} {
+ .smbwiz.f.t insert end "\n(this feature does not work on Win9x you have have to enter them manually: //HOST/share /var/tmp/mymnt)\n"
+ }
+ } else {
+ $share_label configure -text "Share Name: Found $i SMB Shares"
+ }
+ smb_check_selected
+}
+
+proc smb_help_me_decide {} {
+ global is_windows
+ global smb_local smb_local_hosts smb_this_host smb_selected smb_selected_mnt
+ global smb_selected_host smb_selected_name
+ global smb_selected_cb smb_selected_en
+ global smb_host_list
+
+ catch {destroy .smbwiz}
+ toplevel .smbwiz
+ set title "SMB Filesystem Tunnelling -- Help Me Decide"
+ wm title .smbwiz $title
+ set id " "
+
+ scroll_text .smbwiz.f 100 40
+
+ set msg {
+For now you will have to verify the following information manually.
+
+You can do this by either logging into the remote machine to find the info or asking the sysadmin for it.
+
+}
+
+ if {! $is_windows} {
+ .smbwiz.f.t configure -font {Helvetica -12 bold}
+ }
+ .smbwiz.f.t insert end $msg
+
+ set w .smbwiz.f.t.f1
+ frame $w -bd 1 -relief ridge -cursor {top_left_arrow}
+
+ .smbwiz.f.t insert end "\n"
+
+ .smbwiz.f.t insert end "1) Indicate the existence of the 'smbmount' command on the remote system:\n"
+ .smbwiz.f.t insert end "\n$id"
+ global smbmount_exists
+ set smbmount_exists 0
+
+ checkbutton $w.smbmount_exists -pady 1 -anchor w -variable smbmount_exists \
+ -text "Yes, the 'smbmount' command exists on the remote system." \
+ -command smb_check_selected
+
+ pack $w.smbmount_exists
+ .smbwiz.f.t window create end -window $w
+
+ .smbwiz.f.t insert end "\n\n\n"
+
+ set w .smbwiz.f.t.f2
+ frame $w -bd 1 -relief ridge -cursor {top_left_arrow}
+
+ .smbwiz.f.t insert end "2) Indicate your authorization to run 'smbmount' on the remote system:\n"
+ .smbwiz.f.t insert end "\n$id"
+ global smbmount_sumode
+ set smbmount_sumode "dontknow"
+
+ radiobutton $w.dk -pady 1 -anchor w -variable smbmount_sumode -value dontknow \
+ -text "I do not know if I can mount SMB shares on the remote system via 'smbmount'" \
+ -command smb_check_selected
+ pack $w.dk -side top -fill x
+
+ radiobutton $w.su -pady 1 -anchor w -variable smbmount_sumode -value su \
+ -text "I know the Password to run commands as root on the remote system via 'su'" \
+ -command smb_check_selected
+ pack $w.su -side top -fill x
+
+ radiobutton $w.sudo -pady 1 -anchor w -variable smbmount_sumode -value sudo \
+ -text "I know the Password to run commands as root on the remote system via 'sudo'" \
+ -command smb_check_selected
+ pack $w.sudo -side top -fill x
+
+ radiobutton $w.ru -pady 1 -anchor w -variable smbmount_sumode -value none \
+ -text "I do not need to be root on the remote system to mount SMB shares via 'smbmount'" \
+ -command smb_check_selected
+ pack $w.ru -side top -fill x
+
+ .smbwiz.f.t window create end -window $w
+
+ global smb_wiz_done
+ set smb_wiz_done 0
+
+ button .smbwiz.done -text "Done" -command {set smb_wiz_done 1}
+ pack .smbwiz.done -side bottom -fill x
+ pack .smbwiz.f -side top -fill both -expand 1
+
+ wm protocol .smbwiz WM_DELETE_WINDOW {set smb_wiz_done 1}
+ center_win .smbwiz
+
+ wm title .smbwiz "Searching for Local SMB shares..."
+ update
+ wm title .smbwiz $title
+
+ global smb_local smb_this_host
+ .smbwiz.f.t insert end "\n\n\n"
+
+ set w .smbwiz.f.t.f3
+ catch {destroy $w}
+ frame $w -bd 1 -relief ridge -cursor {top_left_arrow}
+
+ .smbwiz.f.t insert end "3) Select SMB shares to mount and their mount point on the remote system:\n"
+ .smbwiz.f.t insert end "\n${id}"
+
+ make_share_widgets $w
+
+ .smbwiz.f.t insert end "\n(%USER will be expanded to the username on the remote system and %HOME the home directory)\n"
+
+ .smbwiz.f.t insert end "\n\n\n"
+
+ .smbwiz.f.t insert end "You can change the list of Local SMB hosts to probe and the mount point prefix here:\n"
+ .smbwiz.f.t insert end "\n$id"
+ set w .smbwiz.f.t.f4
+ frame $w -bd 1 -relief ridge -cursor {top_left_arrow}
+ set wf .smbwiz.f.t.f4.f
+ frame $wf
+ label $wf.l -text "SMB Hosts: " -anchor w
+ entry $wf.e -textvariable smb_host_list -width 60
+ button $wf.b -text "Apply" -command {make_share_widgets .smbwiz.f.t.f3}
+ bind $wf.e <Return> "$wf.b invoke"
+ pack $wf.l $wf.e $wf.b -side left
+ pack $wf
+ pack $w
+
+ .smbwiz.f.t window create end -window $w
+
+ .smbwiz.f.t insert end "\n$id"
+
+ set w .smbwiz.f.t.f5
+ frame $w -bd 1 -relief ridge -cursor {top_left_arrow}
+ set wf .smbwiz.f.t.f5.f
+ frame $wf
+ label $wf.l -text "Mount Prefix:" -anchor w
+ entry $wf.e -textvariable smb_mount_prefix -width 60
+ button $wf.b -text "Apply" -command {apply_mount_point_prefix .smbwiz.f.t.f5.f.e}
+ bind $wf.e <Return> "$wf.b invoke"
+ pack $wf.l $wf.e $wf.b -side left
+ pack $wf
+ pack $w
+
+ .smbwiz.f.t window create end -window $w
+
+ .smbwiz.f.t insert end "\n\n\n"
+
+ .smbwiz.f.t see 1.0
+ .smbwiz.f.t configure -state disabled
+ update
+
+ vwait smb_wiz_done
+ catch {destroy .smbwiz}
+
+ if {! $smbmount_exists || $smbmount_sumode == "dontknow"} {
+ tk_messageBox -type ok -icon warning -message "Sorry we couldn't help out!\n'smbmount' info on the remote system is required for SMB mounting" -title "SMB mounting -- aborting"
+ catch {raise .oa}
+ return
+ }
+ global smb_su_mode
+ set smb_su_mode $smbmount_sumode
+
+ set max 0
+ foreach en [array names smb_selected_en] {
+ set i $smb_selected_en($en)
+ set host $smb_selected_host($i)
+ set name $smb_selected_name($i)
+
+ set len [string length "//$host/$name"]
+ if {$len > $max} {
+ set max $len
+ }
+ }
+
+ set max [expr $max + 8]
+
+ set strs ""
+ foreach en [array names smb_selected_en] {
+ set i $smb_selected_en($en)
+ if {! $smb_selected($i)} {
+ continue
+ }
+ set host $smb_selected_host($i)
+ set name $smb_selected_name($i)
+ set mnt $smb_selected_mnt($i)
+
+ set share "//$host/$name"
+ set share [format "%-${max}s" $share]
+
+ lappend strs "$share $mnt"
+ }
+ set text ""
+ foreach str [lsort $strs] {
+ append text "$str\n"
+ }
+
+ global smb_mount_list
+ set smb_mount_list $text
+
+ smb_dialog
+}
+
+proc apply_mount_point_prefix {w} {
+ global smb_selected_host smb_selected_name
+ global smb_selected_en smb_selected_mnt
+
+ set prefix ""
+ catch {set prefix [$w get]}
+ if {$prefix == ""} {
+ mesg "No mount prefix."
+ bell
+ return
+ }
+
+ foreach en [array names smb_selected_en] {
+ set i $smb_selected_en($en)
+ set host $smb_selected_host($i)
+ set name $smb_selected_name($i)
+ set smb_selected_mnt($i) "$prefix/$host/$name"
+ }
+}
+
+proc smb_dialog {} {
+ catch {destroy .smb}
+ toplevel .smb
+ wm title .smb "SMB Filesystem Tunnelling"
+ global smb_su_mode smb_mount_list
+ global use_smbmnt
+
+ global help_font
+
+ scroll_text .smb.f
+
+ set msg {
+ Windows/Samba Filesystem mounting requires SSH be used to set up the SMB
+ service port redirection. This will be either of the "Use SSH instead"
+ or "Use SSH and SSL" modes under "Options". Pure SSL tunnelling will
+ not work.
+
+ This method requires a working Samba software setup on the remote
+ side of the connection (VNC server) and existing Samba or Windows file
+ server(s) on the local side (VNC viewer).
+
+ The smbmount(8) program MUST be installed on the remote side.
+ This evidently limits the mounting to Linux systems. Let us know
+ of similar utilities on other Unixes. Mounting onto remote Windows
+ machines is currently not supported (our SSH mode only works to Unix).
+
+ Depending on how smbmount is configured you may be able to run it
+ as a regular user, or it may require running under su(1) or sudo(8)
+ (root password or user password required, respectively). You select
+ which one you want via the checkbuttons below.
+
+ In addition to a possible su(1) or sudo(8) password, you may ALSO
+ need to supply passwords to mount each SMB share. This is an SMB passwd.
+ If it has no password just hit enter after the "Password:" prompt.
+
+ The passwords are supplied when the 1st SSH connection starts up;
+ be prepared to respond to them.
+
+ NOTE: USE OF SMB TUNNELLING MODE WILL REQUIRE TWO SSH'S, AND SO YOU
+ MAY NEED TO SUPPLY TWO LOGIN PASSWORDS UNLESS YOU ARE USING SOMETHING
+ LIKE ssh-agent(1) or the Putty PW setting.
+ %WIN
+
+ To indicate the Windows/Samba shares to mount enter them one per line
+ in either one of the forms:
+
+ //machine1/share ~/Desktop/my-mount1
+ //machine2/fubar /var/tmp/my-foobar2 192.168.100.53:3456
+ 1139 //machine3/baz /var/tmp/baz [...]
+
+ The first part is the standard SMB host and share name //hostname/dir
+ (note this share is on the local viewer-side not on the remote end).
+ A leading '#' will cause the entire line to be skipped.
+
+ The second part, e.g. /var/tmp/my-foobar2, is the directory to mount
+ the share on the remote (VNC Server) side. You must be able to
+ write to this directory. It will be created if it does not exist.
+ A leading character ~ will be expanded to $HOME. So will the string
+ %HOME. The string %USER will get expanded to the remote username.
+
+ An optional part like 192.168.100.53:3456 is used to specify the real
+ hostname or IP address, and possible non-standard port, on the local
+ side if for some reason the //hostname is not sufficient.
+
+ An optional leading numerical value, 1139 in the above example, indicates
+ which port to use on the Remote side to SSH redirect to the local side.
+ Otherwise a random one is tried (a unique one is needed for each SMB
+ server:port combination). A fixed one is preferred: choose a free
+ remote port.
+
+ The standard SMB ports are 445 and 139. 139 is used by this application.
+
+ Sometimes "localhost" will not work on Windows machines for a share
+ hostname, and you will have to specify a different network interface
+ (e.g. the machine's IP address). If you use the literal string "IP"
+ it will be attempted to replace it with the numerical IP address, e.g.:
+
+ //machine1/share ~/Desktop/my-mount1 IP
+
+ VERY IMPORTANT: Before terminating the VNC Connection, make sure no
+ applications are using any of the SMB shares (or shells are cd-ed
+ into the share). This way the shares will be automatically umounted.
+ Otherwise you will need to log in again, stop processes from using
+ the share, become root and umount the shares manually ("smbumount
+ /path/to/share", etc.)
+
+ For more info see: http://www.karlrunge.com/x11vnc/#faq-smb-shares
+}
+
+ set msg2 {
+ To speed up moving to the next step, iconify the first SSH console
+ when you are done entering passwords, etc. and then click on the
+ main panel 'VNC Server' label.
+}
+
+ global is_windows
+ if {! $is_windows} {
+ regsub { *%WIN} $msg "" msg
+ } else {
+ set msg2 [string trim $msg2]
+ regsub { *%WIN} $msg " $msg2" msg
+ }
+ .smb.f.t insert end $msg
+
+ frame .smb.r
+ label .smb.r.l -text "smbmount(8) auth mode:" -relief ridge
+ radiobutton .smb.r.none -text "None" -variable smb_su_mode -value "none"
+ radiobutton .smb.r.su -text "su(1)" -variable smb_su_mode -value "su"
+ radiobutton .smb.r.sudo -text "sudo(8)" -variable smb_su_mode -value "sudo"
+
+ pack .smb.r.l .smb.r.none .smb.r.sudo .smb.r.su -side left -fill x
+
+ label .smb.info -text "Supply the mounts (one per line) below:" -anchor w -relief ridge
+
+ eval text .smb.mnts -width 80 -height 5 $help_font
+ .smb.mnts insert end $smb_mount_list
+
+ #apply_bg .smb.mnts
+
+ button .smb.guess -text "Help me decide ..." -command {destroy .smb; smb_help_me_decide}
+ #.smb.guess configure -state disabled
+
+ button .smb.done -text "Done" -command {if {$use_smbmnt} {set_ssh; set smb_mount_list [.smb.mnts get 1.0 end]}; destroy .smb}
+ bind .smb <Escape> {if {$use_smbmnt} {set_ssh; set smb_mount_list [.smb.mnts get 1.0 end]}; destroy .smb}
+
+ pack .smb.done .smb.guess .smb.mnts .smb.info .smb.r -side bottom -fill x
+ pack .smb.f -side top -fill both -expand 1
+
+ center_win .smb
+}
+
+proc help_advanced_opts {} {
+ catch {destroy .ah}
+ toplevel .ah
+
+ scroll_text_dismiss .ah.f
+
+ center_win .ah
+
+ wm title .ah "Advanced Opts Help"
+
+ set msg {
+ These Advanced settings are experimental options that may require extra
+ software installed on the VNC server-side (the remote server machine)
+ and/or on the VNC client-side (where this gui is running).
+
+ The Service redirection options, CUPS, ESD/ARTSD, and SMB will require
+ that you use SSH for tunneling so that the -R port redirection will
+ be enabled for each service. I.e. "Use SSH instead" or "Use SSH and SSL"
+
+ These options may also require additional configuration to get them
+ to work properly. Please submit bug reports if it appears it should
+ be working for your setup but is not.
+
+ Brief descriptions:
+
+ CUPS Print tunnelling: redirect localhost:6631 (say) on the VNC
+ server to your local CUPS server.
+
+ ESD/ARTSD Audio tunnelling: redirect localhost:16001 (say) on
+ the VNC server to your local ESD, etc. sound server.
+
+ SMB mount tunnelling: redirect localhost:1139 (say) on the VNC
+ server and through that mount SMB file shares from your local
+ server. The remote machine must be Linux.
+
+ Change vncviewer: specify a non-bundled VNC Viewer (e.g.
+ UltraVNC or RealVNC) to run instead of the bundled TightVNC Viewer.
+
+ Extra Redirs: specify additional -L port:host:port and
+ -R port:host:port cmdline options for SSH to enable additional
+ services.
+
+ Port Knocking: for "closed port" services, first "knock" on the
+ firewall ports in a certain way to open the door for SSH or SSL.
+
+ About the CheckButtons:
+
+ Ahem, Well...., a klunky UI: you have to toggle the CheckButton
+ to pull up the Dialog box a 2nd, etc. time... your settings will
+ still be there.
+}
+
+ .ah.f.t insert end $msg
+ #raise .ah
+}
+
+proc set_viewer_path {} {
+ global change_vncviewer_path
+ set change_vncviewer_path [tk_getOpenFile]
+ catch {raise .chviewer}
+ update
+}
+
+proc change_vncviewer_dialog {} {
+ global change_vncviewer change_vncviewer_path vncviewer_realvnc4
+
+ catch {destroy .chviewer}
+ toplevel .chviewer
+ wm title .chviewer "Change VNC Viewer"
+
+ global help_font
+ eval text .chviewer.t -width 90 -height 16 $help_font
+ apply_bg .chviewer.t
+
+ set msg {
+ To use your own VNC Viewer (i.e. one installed by you, not included in this
+ package), e.g. UltraVNC or RealVNC, type in the program name, or browse for
+ the full path to it. You can put command line arguments after the program.
+
+ Note that due to incompatibilities with respect to command line options
+ there may be issues, especially if many command line options are supplied.
+ You can specify your own command line options below if you like (and try to
+ avoid setting any others in this GUI).
+
+ If the path to the program name has any spaces it in, please surround it with
+ double quotes, e.g. "C:\Program Files\My Vnc Viewer\VNCVIEWER.EXE"
+
+ Since the command line options differ between them greatly, if you know it
+ is of the RealVNC 4.x flavor, indicate so on the check box.
+}
+ .chviewer.t insert end $msg
+
+ frame .chviewer.path
+ label .chviewer.path.l -text "VNC Viewer:"
+ entry .chviewer.path.e -width 40 -textvariable change_vncviewer_path
+ button .chviewer.path.b -text "Browse..." -command set_viewer_path
+ checkbutton .chviewer.path.r -anchor w -variable vncviewer_realvnc4 -text \
+ "RealVNC 4.x"
+
+ pack .chviewer.path.l -side left
+ pack .chviewer.path.e -side left -expand 1 -fill x
+ pack .chviewer.path.b -side left
+ pack .chviewer.path.r -side left
+
+ button .chviewer.done -text "Done" -command {destroy .chviewer; catch {raise .oa}}
+ bind .chviewer <Escape> {destroy .chviewer; catch {raise .oa}}
+
+ pack .chviewer.t .chviewer.path .chviewer.done -side top -fill x
+
+ center_win .chviewer
+ wm resizable .chviewer 1 0
+
+ focus .chviewer.path.e
+}
+
+proc port_redir_dialog {} {
+ global additional_port_redirs additional_port_redirs_list
+
+ catch {destroy .redirs}
+ toplevel .redirs
+ wm title .redirs "Additional Port Redirections"
+
+ global help_font
+ eval text .redirs.t -width 80 -height 35 $help_font
+ apply_bg .redirs.t
+
+ set msg {
+ Specify any additional SSH port redirections you desire for the
+ connection. Put as many as you want separated by spaces. These only
+ apply to SSH and SSH+SSL connections, they do not apply to Pure SSL
+ connections.
+
+ -L port1:host:port2 will listen on port1 on the local machine (where
+ you are sitting) and redirect them to port2 on
+ "host". "host" is relative to the remote side
+ (VNC Server). Use "localhost" for the remote
+ machine itself.
+
+ -R port1:host:port2 will listen on port1 on the remote machine
+ (where the VNC server is running) and redirect
+ them to port2 on "host". "host" is relative
+ to the local side (where you are sitting).
+ Use "localhost" for this machine.
+
+ Perhaps you want a redir to a web server inside an intranet:
+
+ -L 8001:web-int:80
+
+ Or to redir a remote port to your local SSH daemon:
+
+ -R 5022:localhost:22
+
+ etc. There are many interesting possibilities.
+
+ Sometimes, especially for Windows Shares, you cannot do a -R redir to
+ localhost, but need to supply the IP address of the network interface
+ (e.g. by default the Shares do not listen on localhost:139). As a
+ convenience you can do something like -R 1139:IP:139 (for any port
+ numbers) and the IP will be attempted to be expanded. If this fails
+ for some reason you will have to use the actual numerical IP address.
+}
+ .redirs.t insert end $msg
+
+ frame .redirs.path
+ label .redirs.path.l -text "Port Redirs:"
+ entry .redirs.path.e -width 40 -textvariable additional_port_redirs_list
+
+ pack .redirs.path.l -side left
+ pack .redirs.path.e -side left -expand 1 -fill x
+
+ button .redirs.done -text "Done" -command {destroy .redirs}
+ bind .redirs <Escape> {destroy .redirs}
+
+ pack .redirs.t .redirs.path .redirs.done -side top -fill x
+
+ center_win .redirs
+ wm resizable .redirs 1 0
+
+ focus .redirs.path.e
+}
+
+proc find_netcat {} {
+ global env is_windows
+
+ set nc ""
+
+ if {! $is_windows} {
+ set nc [in_path "netcat"]
+ if {$nc == ""} {
+ set nc [in_path "nc"]
+ }
+ } else {
+ set try "netcat.exe"
+ if [file exists $try] {
+ set nc $try
+ }
+ }
+ return $nc
+}
+
+proc pk_expand {cmd host} {
+ global tcl_platform
+ set secs [clock seconds]
+ set msecs [clock clicks -milliseconds]
+ set user $tcl_platform(user)
+ if [regexp {%IP} $cmd] {
+ set ip [guess_ip]
+ if {$ip == ""} {
+ set ip "unknown"
+ }
+ regsub -all {%IP} $cmd $ip cmd
+ }
+ if [regexp {%NAT} $cmd] {
+ set ip [guess_nat_ip]
+ regsub -all {%NAT} $cmd $ip cmd
+ }
+ regsub -all {%HOST} $cmd $host cmd
+ regsub -all {%USER} $cmd $user cmd
+ regsub -all {%SECS} $cmd $secs cmd
+ regsub -all {%MSECS} $cmd $msecs cmd
+
+ return $cmd
+}
+
+proc backtick_expand {str} {
+ set str0 $str
+ set collect ""
+ set count 0
+ while {[regexp {^(.*)`([^`]+)`(.*)$} $str mv p1 cmd p2]} {
+ set out [eval exec $cmd]
+ set str "$p1$out$p2"
+ incr count
+ if {$count > 10} {
+ break
+ }
+ }
+ return $str
+}
+
+proc read_from_pad {file} {
+ set fh ""
+ if {[catch {set fh [open $file "r"]}] != 0} {
+ return "FAIL"
+ }
+
+ set accum ""
+ set match ""
+ while {[gets $fh line] > -1} {
+ if [regexp {^[ \t]*#} $line] {
+ append accum "$line\n"
+ } elseif [regexp {^[ \t]*$} $line] {
+ append accum "$line\n"
+ } elseif {$match == ""} {
+ set match $line
+ append accum "# $line\n"
+ } else {
+ append accum "$line\n"
+ }
+ }
+
+ close $fh
+
+ if {$match == ""} {
+ return "FAIL"
+ }
+
+ if {[catch {set fh [open $file "w"]}] != 0} {
+ return "FAIL"
+ }
+
+ puts -nonewline $fh $accum
+
+ return $match
+}
+
+proc do_port_knock {hp} {
+ global use_port_knocking port_knocking_list
+ global is_windows
+
+ if {! $use_port_knocking} {
+ return
+ }
+ if {$port_knocking_list == ""} {
+ return
+ }
+
+ set default_delay 0
+
+ set host [string trim $hp]
+ regsub {^.*@} $host "" host
+ regsub {:.*$} $host "" host
+ set host0 [string trim $host]
+
+ if {$host0 == ""} {
+ bell
+ mesg "No host: $hp"
+ return
+ }
+ if [regexp {PAD=([^\n]+)} $port_knocking_list mv padfile] {
+ set tlist [read_from_pad $padfile]
+ set tlist [string trim $tlist]
+ if {$tlist == "" || $tlist == "FAIL"} {
+ tk_messageBox -type ok -icon error \
+ -message "Failed to read entry from $padfile" \
+ -title "Error: Padfile $padfile"
+ return
+ }
+ regsub -all {PAD=([^\n]+)} $port_knocking_list $tlist list
+ } else {
+ set list $port_knocking_list
+ }
+
+ set spl ",\n\r"
+ if [regexp {CMD=} $list] {set spl "\n\r"}
+ if [regexp {CMDX=} $list] {set spl "\n\r"}
+ if [regexp {SEND=} $list] {set spl "\n\r"}
+ if [regexp {SENDX=} $list] {set spl "\n\r"}
+
+ set i 0
+ set pi 0
+
+ foreach line [split $list $spl] {
+ set line [string trim $line]
+ set line0 $line
+
+ if {$line == ""} {
+ continue
+ }
+ if [regexp {^#} $line] {
+ continue
+ }
+ if [regexp {^sleep[ \t][ \t]*([0-9][0-9]*)} $line mv sl] {
+ mesg "sleep: $sl"
+ after $sl
+ continue
+ }
+ if [regexp {^delay[ \t][ \t]*([0-9][0-9]*)} $line mv sl] {
+ mesg "delay: $sl"
+ set default_delay $sl
+ continue
+ }
+
+ if [regexp {^CMD=(.*)} $line mv cmd] {
+ mesg "CMD: $cmd"
+ eval exec $cmd
+ continue
+ }
+ if [regexp {^CMDX=(.*)} $line mv cmd] {
+ set cmd [pk_expand $cmd $host0]
+ mesg "CMDX: $cmd"
+ eval exec $cmd
+ continue
+ }
+
+ if [regexp {`} $line] {
+ #set line [backtick_expand $line]
+ }
+
+ set snd ""
+ if [regexp {^(.*)SEND=(.*)$} $line mv line snd] {
+ set line [string trim $line]
+ set snd [string trim $snd]
+ regsub -all {%NEWLINE} $snd "\n" snd
+ } elseif [regexp {^(.*)SENDX=(.*)$} $line mv line snd] {
+ set line [string trim $line]
+ set snd [string trim $snd]
+ set snd [pk_expand $snd $host0]
+ regsub -all {%NEWLINE} $snd "\n" snd
+ }
+
+ set udp 0
+ if [regexp -nocase {/udp} $line] {
+ set udp 1
+ regsub -all -nocase {/udp} $line "" line
+ set line [string trim $line]
+ }
+ regsub -all -nocase {/tcp} $line "" line
+ set line [string trim $line]
+
+ set delay 0
+ if [regexp {^(.*)[ \t][ \t]*([0-9][0-9]*)$} $line mv first delay] {
+ set line [string trim $first]
+ }
+
+ if {[regexp {^(.*):(.*)$} $line mv host port]} {
+ ;
+ } else {
+ set host $host0
+ set port $line
+ }
+ set host [string trim $host]
+ set port [string trim $port]
+
+ if {$host == ""} {
+ set host $host0
+ }
+
+ if {$port == ""} {
+ bell
+ mesg "No port: $line0"
+ continue
+ }
+
+ set nc ""
+ if {$udp || $snd != ""} {
+ set nc [find_netcat]
+ if {$nc == ""} {
+ bell
+ mesg "UDP: netcat(1) not found"
+ after 1000
+ continue
+ }
+ }
+
+ if {$snd != ""} {
+ global env
+ set pfile "payload$pi.txt"
+ if {! $is_windows} {
+ set pfile "$env(HOME)/.$pfile"
+ }
+ set pfiles($pi) $pfile
+ incr pi
+ set fh [open $pfile "w"]
+ puts -nonewline $fh "$snd"
+ close $fh
+
+ mesg "SEND: $host $port"
+ if {$is_windows} {
+ if {$udp} {
+ catch {exec $nc -d -u -w 1 "$host" "$port" < $pfile &}
+ } else {
+ catch {exec $nc -d -w 1 "$host" "$port" < $pfile &}
+ }
+ } else {
+ if {$udp} {
+ catch {exec $nc -u -w 1 "$host" "$port" < $pfile &}
+ } else {
+ catch {exec $nc -w 1 "$host" "$port" < $pfile &}
+ }
+ }
+ catch {after 50; file delete $pfile}
+
+ } elseif {$udp} {
+ mesg "UDP: $host $port"
+ if {! $is_windows} {
+ catch {exec echo a | $nc -u -w 1 "$host" "$port" &}
+ } else {
+ set fh [open "nc_in.txt" "w"]
+ puts $fh "a"
+ close $fh
+ catch {exec $nc -d -u -w 1 "$host" "$port" < "nc_in.txt" &}
+ }
+ } else {
+ mesg "TCP: $host $port"
+ set s ""
+ set emess ""
+ set rc [catch {set s [socket -async $host $port]} emess]
+ if {$rc != 0} {
+ tk_messageBox -type ok -icon error -message $emess -title "Error: socket -async $host $port"
+ }
+ set socks($i) $s
+ # seems we have to close it immediately to avoid multiple SYN's.
+ # does not help on Win9x.
+ catch {after 30; close $s};
+ incr i
+ }
+
+ if {$delay == 0} {
+ if {$default_delay > 0} {
+ after $default_delay
+ }
+ } elseif {$delay > 0} {
+ after $delay
+ }
+ }
+
+ if {0} {
+ for {set j 0} {$j < $i} {incr j} {
+ set $s $socks($j)
+ if {$s != ""} {
+ catch {close $s}
+ }
+ }
+ }
+ for {set j 0} {$j < $pi} {incr j} {
+ set f $pfiles($j)
+ if {$f != ""} {
+ if [file exists $f] {
+ after 100
+ }
+ catch {file delete $f}
+ }
+ }
+ if {$is_windows} {
+ catch {file delete "nc_in.txt"}
+ }
+}
+
+proc port_knocking_dialog {} {
+ catch {destroy .pk}
+ toplevel .pk
+ wm title .pk "Port Knocking"
+ global use_port_knocking port_knocking_list
+
+ global help_font
+
+ scroll_text .pk.f 85
+
+ set msg {
+ Port Knocking is where a network connection to a service is not provided
+ to just any client, but rather only to those that immediately prior to
+ connecting send a more or less secret pattern of connections to other
+ ports on the firewall.
+
+ Somewhat like "knocking" on the door with the correct sequence before it
+ being opened (but not necessarily letting you in yet). It is also possible
+ to have a single encrypted packet (e.g. UDP) payload communicate with the
+ firewall instead of knocking on a sequence of ports.
+
+ Only after the correct sequence of ports is observed by the firewall does
+ it allow the IP address of the client to attempt to connect to the service.
+
+ So, for example, instead of allowing any host on the internet to connect
+ to your SSH service and then try to login with a username and password, the
+ client first must "tickle" your firewall with the correct sequence of ports.
+ Only then will it be allowed to connect to your SSH service at all.
+
+ This does not replace the authentication and security of SSH, it merely
+ puts another layer of protection around it. E.g., suppose an exploit for
+ SSH was discovered, you would most likely have more time to fix/patch
+ the problem than if any client could directly connect to your SSH server.
+
+ For more information http://www.portknocking.org/ and
+ http://www.linuxjournal.com/article/6811
+
+ Tip: if you just want to use the Port Knocking for an SSH shell and not
+ for a VNC tunnel, then specify something like "user@hostname cmd=SHELL"
+ (or "user@hostname cmd=PUTTY" on Windows) in the VNC Server entry box
+ on the main panel. This will do everything short of starting the viewer.
+ A shortcut for this is Ctrl-S.
+
+ In the text area below put in the pattern of "knocks" needed for this
+ connection. You can separate the knocks by commas or put them one per line.
+ Whitespace is trimmed.
+
+ Each "knock" is of this form:
+
+ [host:]port[/udp] [delay]
+
+ In the simplest form just a numerical port, e.g. 5433, is supplied.
+
+ The packet is sent to the same host that the VNC (or SSH) connection will
+ be made to. If you want it to go to a different host or IP use the [host:]
+ prefix. It can be either a hostname or numerical IP.
+
+ TCP is assumed by default.
+
+ If you need to send a UDP packet, the netcat (aka "nc") program must be
+ installed on Unix (tcl/tk does not support udp connections). Indicate this
+ with "/udp" following the port number (you can also use "/tcp", but since
+ it is the default it is not necessary). For convenience a Windows netcat
+ binary is supplied.
+
+ Because an external program must be launched for each packet udp knocking will
+ be somewhat slower and less reliable. ICMP (ping) is currently not supported.
+
+ The last field is the number of milliseconds to delay before continuing.
+
+ Examples:
+
+ 5433,12321,1661
+
+ fw.example.com:5433, 12321/udp 3000,1661 2000
+
+ fw.example.com:5433
+ 12321/udp 3000
+ 1661 2000
+
+
+ Alternate actions: If the string in the text field contains anywhere the
+ strings "CMD=", "CMDX=", or "SEND=", then splitting on commas is not done:
+ it is only split on lines.
+
+ Then, if a line begins CMD=... the string after the = is run as an
+ external command. The command could be anything you want, e.g. it could
+ be a port-knocking client that does the knocking, perhaps encrypting the
+ "knocks" pattern somehow or using a Single Packet Authorization method such
+ as http://www.cipherdyne.com/fwknop/
+
+ Extra quotes (sometimes "'foo bar'") may be needed to preserve spaces in
+ command line arguments because the tcl/tk eval(n) command is used. You
+ can also use {...} for quoting strings with spaces.
+
+ If a line begins CMDX=... then before the command is run the following
+ tokens are expanded to strings:
+
+ %IP Current machine's IP address (NAT may make this not useful).
+ %NAT Try to get effective IP by contacting http://www.whatismyip.com
+ %HOST The remote host of the connection.
+ %USER The current user.
+ %SECS The current time in seconds (platform dependent).
+ %MSECS Platform dependent time having at least millisecond granularity.
+
+ Lines not matching CMD= or CMDX= are treated as normal port knocks but with
+ one exception. If a line ends in SEND=... (i.e. after the [host:]port,
+ etc., part) then the string after the = is sent as a payload for the tcp
+ or udp connection to [host:]port. netcat is used for these SEND cases
+ (and must be available on Unix). If newlines (\n) are needed in the
+ SEND string, use %NEWLINE. Sending binary data is not yet supported;
+ use CMD= with your own program.
+
+ Examples:
+
+ CMD=port_knock_client -pass wombat33
+ CMDX=port_knock_client -pass wombat33 -host %HOST -src %NAT
+
+ fw.example.com:5433/udp SEND=ASDLFKSJDF
+
+ More tricks:
+
+ To temporarily "comment out" a knock, insert a leading "#" character.
+
+ Use "sleep N" to insert a raw sleep for N milliseconds (e.g. between
+ CMD=... items or at the very end of the knocks to wait).
+
+ If a knock entry matches "delay N" the default delay is set to
+ N milliseconds.
+
+ One Time Pads:
+
+ If the text contains a (presumably single) line of the form:
+
+ PAD=/path/to/a/one/time/pad/file
+
+ then that file is opened and the first non-blank line not beginning
+ with "#" is used as the knock pattern. The pad file is rewritten
+ with that line starting with a "#" (so it will be skipped next time).
+
+ The PAD=... string is replaced with the read-in knock pattern line.
+ So, if needed, one can preface the PAD=... with "delay N" to set the
+ default delay, and one can also put a "sleep N" after the PAD=...
+ line to indicate a final sleep. One can also surround the PAD=
+ line with other knock and CMD= CMDX= lines, but that usage sounds
+ a bit rare. Example:
+
+ delay 1000
+ PAD=C:\My Pads\work-pad1.txt
+ sleep 4000
+}
+ .pk.f.t insert end $msg
+
+ label .pk.info -text "Supply port knocking pattern:" -anchor w -relief ridge
+
+ eval text .pk.rule -width 80 -height 5 $help_font
+ .pk.rule insert end $port_knocking_list
+ #apply_bg .pk.rule
+
+ button .pk.done -text "Done" -command {if {$use_port_knocking} {set port_knocking_list [.pk.rule get 1.0 end]}; destroy .pk}
+ bind .pk <Escape> {if {$use_port_knocking} {set port_knocking_list [.pk.rule get 1.0 end]}; destroy .pk}
+
+ pack .pk.done .pk.rule .pk.info -side bottom -fill x
+ pack .pk.f -side top -fill both -expand 1
+
+ center_win .pk
+}
+
+
+proc set_advanced_options {} {
+ global env
+ global use_cups use_sound use_smbmnt
+ global change_vncviewer
+ global use_port_knocking port_knocking_list
+
+ catch {destroy .o}
+ catch {destroy .oa}
+ toplevel .oa
+ wm title .oa "Advanced options"
+
+ set i 1
+
+ checkbutton .oa.b$i -anchor w -variable use_cups -text \
+ "Enable CUPS Print tunnelling" \
+ -command {if {$use_cups} {cups_dialog}}
+ incr i
+
+ checkbutton .oa.b$i -anchor w -variable use_sound -text \
+ "Enable ESD/ARTSD Audio tunnelling" \
+ -command {if {$use_sound} {sound_dialog}}
+ incr i
+
+ checkbutton .oa.b$i -anchor w -variable use_smbmnt -text \
+ "Enable SMB mount tunnelling" \
+ -command {if {$use_smbmnt} {smb_dialog}}
+ incr i
+
+
+ checkbutton .oa.b$i -anchor w -variable change_vncviewer -text \
+ "Change VNC Viewer" \
+ -command {if {$change_vncviewer} {change_vncviewer_dialog}}
+ incr i
+
+ checkbutton .oa.b$i -anchor w -variable additional_port_redirs -text \
+ "Additional Port Redirs" \
+ -command {if {$additional_port_redirs} {port_redir_dialog}}
+ incr i
+
+ checkbutton .oa.b$i -anchor w -variable use_port_knocking -text \
+ "Port Knocking" \
+ -command {if {$use_port_knocking} {port_knocking_dialog}}
+ incr i
+
+ for {set j 1} {$j < $i} {incr j} {
+ pack .oa.b$j -side top -fill x
+ }
+
+ frame .oa.b
+ button .oa.b.done -text "Done" -command {destroy .oa}
+ bind .oa <Escape> {destroy .oa}
+ button .oa.b.help -text "Help" -command help_advanced_opts
+
+ pack .oa.b.help .oa.b.done -fill x -expand 1 -side left
+
+ pack .oa.b -side top -fill x
+
+ center_win .oa
+ wm resizable .oa 1 0
+ focus .oa
+}
+
+proc in_path {cmd} {
+ global env
+ set p $env(PATH)
+ foreach dir [split $p ":"] {
+ set try "$dir/$cmd"
+ if [file exists $try] {
+ return "$try"
+ }
+ }
+ return ""
+}
+
+proc ssh_agent_restart {} {
+ global env
+
+ set got_ssh_agent 0
+ set got_ssh_add 0
+ set got_ssh_agent2 0
+ set got_ssh_add2 0
+
+ if [in_path "ssh-agent"] {set got_ssh_agent 1}
+ if [in_path "ssh-agent2"] {set got_ssh_agent2 1}
+ if [in_path "ssh-add"] {set got_ssh_add 1}
+ if [in_path "ssh-add2"] {set got_ssh_add2 1}
+
+ set ssh_agent ""
+ set ssh_add ""
+ if {[info exists env(USER)] && $env(USER) == "runge"} {
+ if {$got_ssh_agent2} {
+ set ssh_agent "ssh-agent2"
+ }
+ if {$got_ssh_add2} {
+ set ssh_add "ssh-add2"
+ }
+ }
+ if {$ssh_agent == "" && $got_ssh_agent} {
+ set ssh_agent "ssh-agent"
+ }
+ if {$ssh_add == "" && $got_ssh_add} {
+ set ssh_add "ssh-add"
+ }
+ if {$ssh_agent == ""} {
+ bell
+ mesg "could not find ssh-agent in PATH"
+ return
+ }
+ if {$ssh_add == ""} {
+ bell
+ mesg "could not find ssh-add in PATH"
+ return
+ }
+ set tmp $env(HOME)/.vnc-sa[pid]
+ set fh ""
+ catch {set fh [open $tmp "w"]}
+ if {$fh == ""} {
+ bell
+ mesg "could not open tmp file $tmp"
+ return
+ }
+
+ puts $fh "#!/bin/sh"
+ puts $fh "eval `$ssh_agent -s`"
+ puts $fh "$ssh_add"
+ puts $fh "SSL_VNC_GUI_CHILD=\"\""
+ puts $fh "export SSL_VNC_GUI_CHILD"
+
+ global buck_zero
+ set cmd $buck_zero
+
+ if [info exists env(SSL_VNC_GUI_CMD)] {
+ set cmd $env(SSL_VNC_GUI_CMD)
+ }
+ #puts $fh "$cmd </dev/null 1>/dev/null 2>/dev/null &"
+ puts $fh "nohup $cmd &"
+ puts $fh "sleep 1"
+ puts $fh "#rm -f $tmp"
+ close $fh
+
+ wm withdraw .
+ catch {wm withdraw .o}
+ catch {wm withdraw .oa}
+
+ exec xterm -geometry +200+200 -title "Restarting with ssh-agent/ssh-add" -e sh $tmp &
+ after 10000
+ destroy .
+ exit
+}
+
+proc putty_pw_entry {mode} {
+ if {$mode == "check"} {
+ global use_sshssl use_ssh
+ if {$use_sshssl || $use_ssh} {
+ putty_pw_entry enable
+ } else {
+ putty_pw_entry disable
+ }
+ return
+ }
+ if {$mode == "disable"} {
+ catch {.o.pw.l configure -state disabled}
+ catch {.o.pw.e configure -state disabled}
+ } else {
+ catch {.o.pw.l configure -state normal}
+ catch {.o.pw.e configure -state normal}
+ }
+}
+
+proc set_options {} {
+ global use_alpha use_grab use_ssh use_sshssl use_viewonly use_fullscreen use_bgr233
+ global use_nojpeg use_raise_on_beep use_compresslevel use_quality
+ global compresslevel_text quality_text
+ global env is_windows
+
+ catch {destroy .o}
+ toplevel .o
+ wm title .o "Set SSL VNC Viewer options"
+
+ set i 1
+
+ checkbutton .o.b$i -anchor w -variable use_ssh -text \
+ "Use SSH instead" \
+ -command {if {$use_ssh} {set use_sshssl 0}; putty_pw_entry check}
+ incr i
+
+ checkbutton .o.b$i -anchor w -variable use_sshssl -text \
+ "Use SSH and SSL" \
+ -command {if {$use_sshssl} {set use_ssh 0}; putty_pw_entry check}
+ set iss $i
+ incr i
+
+ checkbutton .o.b$i -anchor w -variable use_viewonly -text \
+ "View Only"
+ incr i
+
+ checkbutton .o.b$i -anchor w -variable use_fullscreen -text \
+ "Fullscreen"
+ incr i
+
+ checkbutton .o.b$i -anchor w -variable use_raise_on_beep -text \
+ "Raise On Beep"
+ incr i
+
+ checkbutton .o.b$i -anchor w -variable use_bgr233 -text \
+ "Use 8bit color (-bgr233)"
+ incr i
+
+ checkbutton .o.b$i -anchor w -variable use_alpha -text \
+ "Cursor alphablending (32bpp required)"
+ set ia $i
+ incr i
+
+ checkbutton .o.b$i -anchor w -variable use_grab -text \
+ "Use XGrabServer"
+ set ix $i
+ incr i
+
+ checkbutton .o.b$i -anchor w -variable use_nojpeg -text \
+ "Do not use JPEG (-nojpeg)"
+ incr i
+
+ menubutton .o.b$i -anchor w -menu .o.b$i.m -textvariable compresslevel_text
+ set compresslevel_text "Compress Level: $use_compresslevel"
+
+ menu .o.b$i.m -tearoff 0
+ for {set j -1} {$j < 10} {incr j} {
+ set v $j
+ set l $j
+ if {$j == -1} {
+ set v "default"
+ set l "default"
+ }
+ .o.b$i.m add radiobutton -variable use_compresslevel \
+ -value $v -label $l -command \
+ {set compresslevel_text "Compress Level: $use_compresslevel"}
+ }
+ incr i
+
+ menubutton .o.b$i -anchor w -menu .o.b$i.m -textvariable quality_text
+ set quality_text "Quality: $use_quality"
+
+ menu .o.b$i.m -tearoff 0
+ for {set j -1} {$j < 10} {incr j} {
+ set v $j
+ set l $j
+ if {$j == -1} {
+ set v "default"
+ set l "default"
+ }
+ .o.b$i.m add radiobutton -variable use_quality \
+ -value $v -label $l -command \
+ {set quality_text "Quality: $use_quality"}
+ }
+ incr i
+
+ for {set j 1} {$j < $i} {incr j} {
+ pack .o.b$j -side top -fill x
+ }
+
+ if {$is_windows} {
+ .o.b$ia configure -state disabled
+ .o.b$ix configure -state disabled
+ }
+
+ if {$is_windows} {
+ frame .o.pw
+ label .o.pw.l -text "Putty PW:"
+ entry .o.pw.e -width 10 -show * -textvariable putty_pw
+ pack .o.pw.l -side left
+ pack .o.pw.e -side left -expand 1 -fill x
+ pack .o.pw -side top -fill x
+ putty_pw_entry check
+ } else {
+ button .o.sa -text "Use ssh-agent" -command ssh_agent_restart
+ pack .o.sa -side top -fill x
+ }
+
+ button .o.s_prof -text "Save Profile ..." -command {save_profile; raise .o}
+ button .o.l_prof -text " Load Profile ..." -command {load_profile; raise .o}
+ button .o.advanced -text "Advanced ..." -command set_advanced_options
+ button .o.clear -text "Clear Options" -command set_defaults
+ pack .o.s_prof -side top -fill x
+ pack .o.l_prof -side top -fill x
+ pack .o.clear -side top -fill x
+ pack .o.advanced -side top -fill x
+
+ frame .o.b
+ button .o.b.done -text "Done" -command {destroy .o}
+ bind .o <Escape> {destroy .o}
+ button .o.b.help -text "Help" -command help_opts
+
+ pack .o.b.help .o.b.done -fill x -expand 1 -side left
+
+ pack .o.b -side top -fill x
+
+ center_win .o
+ wm resizable .o 1 0
+ focus .o
+}
+
+set is_windows 0
+set help_font "-font fixed"
+if { [regexp -nocase {Windows} $tcl_platform(os)]} {
+ cd util
+ set help_font ""
+ set is_windows 1
+}
+
+if {[regexp -nocase {Windows.9} $tcl_platform(os)]} {
+ set is_win9x 1
+} else {
+ set is_win9x 0
+}
+
+set putty_pw ""
+
+
+wm title . "SSL VNC Viewer"
+wm resizable . 1 0
+
+set_defaults
+set skip_pre 0
+
+set vncdisplay ""
+
+label .l -text "SSL TightVNC Viewer" -relief ridge
+frame .f
+label .f.l -text "VNC Server:" -relief ridge
+entry .f.e -width 40 -textvariable vncdisplay
+pack .f.l -side left
+pack .f.e -side left -expand 1 -fill x
+bind .f.e <Return> launch
+
+frame .b
+button .b.help -text "Help" -command help
+button .b.certs -text "Certs ..." -command getcerts
+button .b.opts -text "Options ..." -command set_options
+button .b.conn -text "Connect" -command launch
+button .b.exit -text "Exit" -command {destroy .; exit}
+
+
+pack .b.certs .b.opts .b.conn .b.help .b.exit -side left -expand 1 -fill x
+
+pack .l .f .b -side top -fill x
+if {![info exists env(SSL_VNC_GUI_CHILD)] || $env(SSL_VNC_GUI_CHILD) == ""} {
+ center_win .
+}
+focus .f.e
+#raise .
+
+global system_button_face
+set system_button_face ""
+foreach item [.b.help configure -bg] {
+ set system_button_face $item
+}
+
+global env
+if {[info exists env(SSL_VNC_GUI_CMD)]} {
+ set env(SSL_VNC_GUI_CHILD) 1
+ bind . <Control-n> "exec $env(SSL_VNC_GUI_CMD) &"
+}
+bind . <Control-q> "destroy .; exit"
+bind . <Shift-Escape> "destroy .; exit"
+bind . <Control-s> "launch_shell_only"
+
+global entered_gui_top
+set entered_gui_top 0
+bind . <Enter> {set entered_gui_top 1}
+
+
+#smb_help_me_decide
+update
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ssl_vncviewer b/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ssl_vncviewer
new file mode 100755
index 0000000..1d7d1a7
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ssl_vncviewer
@@ -0,0 +1,530 @@
+#!/bin/sh
+#
+# ssl_vncviewer: wrapper for vncviewer to use an stunnel SSL tunnel
+# or an SSH tunnel.
+#
+# Copyright (c) 2006 by Karl J. Runge <runge@karlrunge.com>
+#
+# You must have stunnel(8) installed on the system and in your PATH
+# (however, see the -ssh option below, in which case you will need ssh(1)
+# installed) Note: stunnel is usually installed in an "sbin" subdirectory.
+#
+# You should have "x11vnc -ssl ..." or "x11vnc -stunnel ..."
+# already running as the VNC server on the remote machine.
+# (or use stunnel on the server side for any other VNC server)
+#
+#
+# Usage: ssl_vncviewer [cert-args] host:display <vncviewer-args>
+#
+# e.g.: ssl_vncviewer snoopy:0
+# ssl_vncviewer snoopy:0 -encodings "copyrect tight zrle hextile"
+#
+# [cert-args] can be:
+#
+# -verify /path/to/cacert.pem
+# -mycert /path/to/mycert.pem
+# -proxy host:port
+#
+# -verify specifies a CA cert PEM file (or a self-signed one) for
+# authenticating the VNC server.
+#
+# -mycert specifies this client's cert+key PEM file for the VNC server to
+# authenticate this client.
+#
+# -proxy try host:port as a Web proxy to use the CONNECT method
+# to reach the VNC server (e.g. your firewall requires a proxy).
+# For the "double proxy" case use -proxy host1:port1,host2:port2
+#
+# See http://www.karlrunge.com/x11vnc/#faq-ssl-ca for details on SSL
+# certificates with VNC.
+#
+# A few other args (not related to SSL and certs):
+#
+# -ssh Use ssh instead of stunnel SSL. ssh(1) must be installed and you
+# must be able to log into the remote machine via ssh.
+#
+# In this case "host:display" may be of the form "user@host:display"
+# where "user@host" is used for the ssh login (see ssh(1) manpage).
+#
+# If -proxy is supplied it can be of the forms: "gwhost" "gwhost:port"
+# "user@gwhost" or "user@gwhost:port". "gwhost" is an incoming ssh
+# gateway machine (the VNC server is not running there), an ssh -L
+# redir is used to "host" in "host:display" from "gwhost". Any "user@"
+# part must be in the -proxy string (not in "host:display").
+#
+# Under -proxy use "gwhost:port" if connecting to any ssh port
+# other than the default (22). (even for the non-gateway case,
+# -proxy must be used to specify a non-standard ssh port)
+#
+# Examples:
+#
+# ssl_vncviewer -ssh bob@bobs-home.net:0
+# ssl_vncviewer -ssh -sshcmd 'x11vnc -localhost' bob@bobs-home.net:0
+#
+# ssl_vncviewer -ssh -proxy fred@mygate.com:2022 mymachine:0
+# ssl_vncviewer -ssh -proxy bob@bobs-home.net:2222 localhost:0
+#
+# -sshcmd cmd Run "cmd" via ssh instead of the default "sleep 15"
+# e.g. -sshcmd 'x11vnc -display :0 -localhost -rfbport 5900'
+#
+# -sshargs "args" pass "args" to the ssh process, e.g. -L/-R port redirs.
+#
+# -sshssl Tunnel the SSL connection thru a SSH connection. The tunnel as
+# under -ssh is set up and the SSL connection goes thru it. Use
+# this if you want to have and end-to-end SSL connection but must
+# go thru a SSH gateway host (e.g. not the vnc server). Or use
+# this if you need to tunnel additional services via -R and -L
+# (see -sshargs above).
+#
+# ssl_vncviewer -sshssl -proxy fred@mygate.com mymachine:0
+#
+#
+# -alpha turn on cursor alphablending hack if you are using the
+# enhanced tightvnc vncviewer.
+#
+# -grab turn on XGrabServer hack if you are using the enhanced tightvnc
+# vncviewer (e.g. for fullscreen mode in some windowmanagers like
+# fvwm that do not otherwise work in fullscreen mode)
+#
+#
+# set VNCVIEWERCMD to whatever vncviewer command you want to use.
+#
+VNCIPCMD=${VNCVIEWERCMD:-vncip}
+VNCVIEWERCMD=${VNCVIEWERCMD:-vncviewer}
+#
+# Same for STUNNEL, e.g. set it to /path/to/stunnel or stunnel4, etc.
+#
+
+
+PATH=$PATH:/usr/sbin:/usr/local/sbin:/dist/sbin; export PATH
+
+if [ "X$STUNNEL" = "X" ]; then
+ type stunnel4 > /dev/null 2>&1
+ if [ $? = 0 ]; then
+ STUNNEL=stunnel4
+ else
+ STUNNEL=stunnel
+ fi
+fi
+
+help() {
+ tail +2 "$0" | sed -e '/^$/ q'
+}
+
+gotalpha=""
+use_ssh=""
+use_sshssl=""
+ssh_sleep=15
+ssh_cmd="sleep $ssh_sleep"
+if [ "X$SSL_VNCVIEWER_SSH_CMD" != "X" ]; then
+ ssh_cmd="$SSL_VNCVIEWER_SSH_CMD"
+fi
+ssh_args=""
+
+# grab our cmdline options:
+while [ "X$1" != "X" ]
+do
+ case $1 in
+ "-verify") shift; verify="$1"
+ ;;
+ "-mycert") shift; mycert="$1"
+ ;;
+ "-proxy") shift; proxy="$1"
+ ;;
+ "-ssh") use_ssh=1
+ ;;
+ "-sshssl") use_ssh=1
+ use_sshssl=1
+ ;;
+ "-sshcmd") shift; ssh_cmd="$1"
+ ;;
+ "-sshargs") shift; ssh_args="$1"
+ ;;
+ "-alpha") gotalpha=1
+ ;;
+ "-grab") VNCVIEWER_GRAB_SERVER=1; export VNCVIEWER_GRAB_SERVER
+ ;;
+ "-h"*) help; exit 0
+ ;;
+ "--h"*) help; exit 0
+ ;;
+ *) break
+ ;;
+ esac
+ shift
+done
+
+if [ "X$gotalpha" != "X1" ]; then
+ NO_ALPHABLEND=1
+ export NO_ALPHABLEND
+fi
+
+orig="$1"
+shift
+
+if [ "X$use_ssh" = "X1" -a "X$use_sshssl" = "X" ]; then
+ if [ "X$mycert" != "X" -o "X$verify" != "X" ]; then
+ echo "-mycert and -verify cannot be used in -ssh mode"
+ exit 1
+ fi
+fi
+
+# play around with host:display port:
+if echo "$orig" | grep ':' > /dev/null; then
+ :
+else
+ orig="$orig:0"
+fi
+
+host=`echo "$orig" | awk -F: '{print $1}'`
+disp=`echo "$orig" | awk -F: '{print $2}'`
+if [ "X$host" = "X" ]; then
+ host=localhost
+fi
+if [ $disp -lt 200 ]; then
+ port=`expr $disp + 5900`
+else
+ port=$disp
+fi
+
+# try to find an open listening port via netstat(1):
+inuse=""
+if uname | grep Linux > /dev/null; then
+ inuse=`netstat -ant | egrep 'LISTEN|WAIT|ESTABLISH|CLOSE' | awk '{print $4}' | sed 's/^.*://'`
+elif uname | grep SunOS > /dev/null; then
+ inuse=`netstat -an -f inet -P tcp | grep LISTEN | awk '{print $1}' | sed 's/^.*\.//'`
+# add others...
+fi
+
+date_sec=`date +%S`
+
+findfree() {
+ try0=$1
+ try=$try0
+ use0=""
+
+ while [ $try -lt 6000 ]
+ do
+ if [ "X$inuse" = "X" ]; then
+ break
+ fi
+ if echo "$inuse" | grep -w $try > /dev/null; then
+ :
+ else
+ use0=$try
+ break
+ fi
+ try=`expr $try + 1`
+ done
+ if [ "X$use0" = "X" ]; then
+ use0=`expr $date_sec + $try0`
+ fi
+
+ echo $use0
+}
+
+use=`findfree 5930`
+
+if [ $use -ge 5900 ]; then
+ N=`expr $use - 5900`
+else
+ N=$use
+fi
+
+if echo "$0" | grep vncip > /dev/null; then
+ VNCVIEWERCMD="$VNCIPCMD"
+fi
+
+if [ "X$use_ssh" = "X1" ]; then
+ ssh_port="22"
+ ssh_host="$host"
+ vnc_host="localhost"
+ ssh=${SSH:-"ssh -x"}
+ if [ "X$proxy" != "X" ]; then
+ ssh_port=`echo "$proxy" | awk -F: '{print $2}'`
+ if [ "X$ssh_port" = "X" ]; then
+ ssh_port="22"
+ fi
+ ssh_host=`echo "$proxy" | awk -F: '{print $1}'`
+ vnc_host="$host"
+ fi
+ echo ""
+ echo "Running ssh:"
+ sz=`echo "$ssh_cmd" | wc -c`
+ if [ "$sz" -gt 200 ]; then
+ info="..."
+ else
+ info="$ssh_cmd"
+ fi
+
+ C=""
+ if [ "X$SSL_VNCVIEWER_USE_C" != "X" ]; then
+ C="-C"
+ fi
+ # the -t option actually speeds up typing response via VNC!!
+ if [ "X$SSL_VNCVIEWER_SSH_ONLY" != "X" ]; then
+ echo "$ssh -p $ssh_port -t $C $ssh_args $ssh_host \"$info\""
+ echo ""
+ $ssh -p $ssh_port -t $C $ssh_args $ssh_host "$ssh_cmd"
+ exit $?
+ elif [ "X$SSL_VNCVIEWER_NO_F" != "X" ]; then
+ echo "$ssh -p $ssh_port -t $C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host \"$info\""
+ echo ""
+ $ssh -p $ssh_port -t $C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host "$ssh_cmd"
+ else
+ echo "$ssh -f -p $ssh_port -t $C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host \"$info\""
+ echo ""
+ $ssh -f -p $ssh_port -t $C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host "$ssh_cmd"
+ fi
+ if [ "$?" != "0" ]; then
+ echo ""
+ echo "ssh to $ssh_host failed."
+ exit 1
+ fi
+ echo ""
+ if [ "X$ssh_cmd" = "Xsleep $ssh_sleep" ] ; then
+ sleep 1
+ else
+ # let any command get started a bit.
+ sleep 5
+ fi
+ echo ""
+ #reset
+ stty sane
+ if [ "X$use_sshssl" = "X" ]; then
+ echo "Running viewer:"
+ echo $VNCVIEWERCMD "$@" localhost:$N
+ echo ""
+ $VNCVIEWERCMD "$@" localhost:$N
+
+ exit $?
+ else
+ use2=`findfree 5960`
+ host0=$host
+ port0=$port
+ host=localhost
+ port=$use
+ use=$use2
+ N=`expr $use - 5900`
+ proxy=""
+ fi
+fi
+
+# create the stunnel config file:
+if [ "X$verify" != "X" ]; then
+ if [ -d $verify ]; then
+ verify="CApath = $verify"
+ else
+ verify="CAfile = $verify"
+ fi
+ verify="$verify
+verify = 2"
+fi
+if [ "X$mycert" != "X" ]; then
+ cert="cert = $mycert"
+fi
+
+mytmp() {
+ tf=$1
+ rm -rf "$tf" || exit 1
+ if [ -d "$tf" ]; then
+ echo "tmp file $tf still exists as a directory."
+ exit 1
+ elif [ -L "$tf" ]; then
+ echo "tmp file $tf still exists as a symlink."
+ exit 1
+ elif [ -f "$tf" ]; then
+ echo "tmp file $tf still exists."
+ exit 1
+ fi
+ touch "$tf" || exit 1
+ chmod 600 "$tf" || exit 1
+}
+
+if echo "$RANDOM" | grep '[^0-9]' > /dev/null; then
+ RANDOM=`date +%S`
+fi
+
+pcode() {
+ tf=$1
+ SSL_VNC_PROXY=$proxy; export SSL_VNC_PROXY
+ SSL_VNC_DEST="$host:$port"; export SSL_VNC_DEST
+ cod='#!/usr/bin/perl
+
+# A hack to glue stunnel to a Web proxy for client connections.
+
+use IO::Socket::INET;
+
+my ($first, $second) = split(/,/, $ENV{SSL_VNC_PROXY});
+my ($proxy_host, $proxy_port) = split(/:/, $first);
+my $connect = $ENV{SSL_VNC_DEST};
+
+print STDERR "\nperl script for web proxing:\n";
+print STDERR "proxy_host: $proxy_host\n";
+print STDERR "proxy_port: $proxy_port\n";
+print STDERR "proxy_connect: $connect\n";
+
+my $sock = IO::Socket::INET->new(
+ PeerAddr => $proxy_host,
+ PeerPort => $proxy_port,
+ Proto => "tcp");
+
+if (! $sock) {
+ unlink($0);
+ die "perl proxy: $!\n";
+}
+
+my $con = "";
+if ($second ne "") {
+ $con = "CONNECT $second HTTP/1.1\r\n";
+ $con .= "Host: $second\r\n\r\n";
+} else {
+ $con = "CONNECT $connect HTTP/1.1\r\n";
+ $con .= "Host: $connect\r\n\r\n";
+}
+
+print STDERR "proxy_request1:\n$con";
+print $sock $con;
+
+unlink($0);
+
+my $rep = "";
+while ($rep !~ /\r\n\r\n/) {
+ my $c = getc($sock);
+ print STDERR $c;
+ $rep .= $c;
+}
+if ($rep !~ m,HTTP/.* 200,) {
+ die "proxy error: $rep\n";
+}
+
+if ($second ne "") {
+ $con = "CONNECT $connect HTTP/1.1\r\n";
+ $con .= "Host: $connect\r\n\r\n";
+ print STDERR "proxy_request2:\n$con";
+
+ print $sock $con;
+
+ $rep = "";
+ while ($rep !~ /\r\n\r\n/) {
+ my $c = getc($sock);
+ print STDERR $c;
+ $rep .= $c;
+ }
+ if ($rep !~ m,HTTP/.* 200,) {
+ die "proxy error: $rep\n";
+ }
+}
+
+if (fork) {
+ print STDERR "parent\[$$] STDIN -> socket\n\n";
+ xfer(STDIN, $sock);
+} else {
+ print STDERR "child \[$$] socket -> STDOUT\n\n";
+ xfer($sock, STDOUT);
+}
+exit;
+
+sub xfer {
+ my($in, $out) = @_;
+ $RIN = $WIN = $EIN = "";
+ $ROUT = "";
+ vec($RIN, fileno($in), 1) = 1;
+ vec($WIN, fileno($in), 1) = 1;
+ $EIN = $RIN | $WIN;
+
+ while (1) {
+ my $nf = 0;
+ while (! $nf) {
+ $nf = select($ROUT=$RIN, undef, undef, undef);
+ }
+ my $len = sysread($in, $buf, 8192);
+ if (! defined($len)) {
+ next if $! =~ /^Interrupted/;
+ print STDERR "perl proxy\[$$]: $!\n";
+ last;
+ } elsif ($len == 0) {
+ print STDERR "perl proxy\[$$]: Input is EOF.\n";
+ last;
+ }
+ my $offset = 0;
+ my $quit = 0;
+ while ($len) {
+ my $written = syswrite($out, $buf, $len, $offset);
+ if (! defined $written) {
+ print STDERR "perl proxy\[$$]: Output is EOF. $!\n";
+ $quit = 1;
+ last;
+ }
+ $len -= $written;
+ $offset += $written;
+ }
+ last if $quit;
+ }
+ close($in);
+ close($out);
+}
+'
+ echo "$cod" > $tf
+ chmod 700 $tf
+}
+
+ptmp=""
+if [ "X$proxy" != "X" ]; then
+ ptmp="/tmp/ssl_vncviewer${RANDOM}.$$.pl"
+ mytmp "$ptmp"
+ pcode "$ptmp"
+ connect="exec = $ptmp"
+else
+ connect="connect = $host:$port"
+fi
+
+
+##debug = 7
+tmp=/tmp/ssl_vncviewer${RANDOM}.$$
+mytmp "$tmp"
+
+cat > "$tmp" <<END
+foreground = yes
+pid =
+client = yes
+debug = 6
+$STUNNEL_EXTRA_OPTS
+$verify
+$cert
+
+[vnc_stunnel]
+accept = localhost:$use
+$connect
+END
+
+echo ""
+echo "Using this stunnel configuration:"
+echo ""
+cat "$tmp" | uniq
+echo ""
+sleep 1
+
+echo ""
+echo "Running: stunnel"
+echo "$STUNNEL $tmp"
+$STUNNEL "$tmp" < /dev/tty > /dev/tty &
+pid=$!
+echo ""
+
+# pause here to let the user supply a possible passphrase for the
+# mycert key:
+if [ "X$mycert" != "X" ]; then
+ sleep 4
+fi
+sleep 2
+rm -f "$tmp"
+
+echo ""
+echo "Running viewer:"
+echo $VNCVIEWERCMD "$@" localhost:$N
+echo ""
+$VNCVIEWERCMD "$@" localhost:$N
+
+kill $pid
+sleep 1
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/stunnel-server.conf b/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/stunnel-server.conf
new file mode 100644
index 0000000..8e5dd50
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/stunnel-server.conf
@@ -0,0 +1,34 @@
+#
+# Example SSL stunnel SERVER configuration file. (e.g. for your VNC
+# server on this same machine.)
+#
+# To use this file you may need to edit it. Then you will need
+# to manually start up stunnel using it.
+# (e.g. /path/to/stunnel stunnel-server.conf)
+#
+# This is just an example and is not used by the tools in this package.
+# It is here in case you wanted to see how to add SSL support to any
+# VNC server you have.
+#
+RNDbytes = 2048
+RNDfile = bananarand.bin
+RNDoverwrite = yes
+#
+# Remote client certs could go here:
+# CApath = /path/to/.../crt-dir
+# CAfile = /path/to/.../foo.crt
+# verify = 2
+# My server cert could go here:
+# cert = /path/to/.../my.pem
+#
+[vnc]
+#
+# Set to local listening port number (e.g. 5901 for vnc display 1):
+# so the remote viewers would connect to: yourmachine:1
+#
+accept = 5901
+#
+# Set to localhost:port to connect to VNC server on this same machine:
+# (E.g. you run WinVNC on :0, preferably listening on localhost).
+#
+connect = localhost:5900
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/build.unix b/x11vnc/misc/enhanced_tightvnc_viewer/build.unix
new file mode 100755
index 0000000..9a0fc3d
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/build.unix
@@ -0,0 +1,244 @@
+#!/bin/sh
+
+# Add useful directories to PATH:
+#
+PATH=$PATH:/usr/bin:/bin:/usr/local/bin:/usr/X11R6/bin:/usr/bin/X11:/usr/openwin/bin:/opt/SUNWspro/bin:/usr/sfw/bin:/usr/ccs/bin
+export PATH
+
+# Check location:
+#
+thisdir=`dirname "$0"`
+if [ ! -d ./bin -o ! -d src/patches ]; then
+ echo "You must run this script from: $thisdir"
+ exit 1
+fi
+
+# Try to find osname.arch
+#
+name=$UNAME
+if [ "X$name" = "X" ]; then
+ name=`uname -sm | sed -e 's/ /./'`
+fi
+if [ "X$name" = "X" ]; then
+ echo "cannot determine platform: os.arch, e.g. Linux.i686"
+ echo "set \$UNAME manually and retry."
+ exit 1
+fi
+
+# Work out main destination:
+#
+dest=./bin/$name
+if [ -d $dest ]; then
+ printf "$dest exists. overwrite it? [y]/n "
+ read x
+ if [ "X$x" = "Xn" ]; then
+ exit
+ fi
+ rm -rf $dest
+fi
+mkdir -p $dest || exit 1
+
+# Create a tmp dir for this build:
+#
+tmp=./src/tmp/$name.$$
+if [ "X$TMPDIR" != "X" ]; then
+ tmp="$TMPDIR/$tmp"
+fi
+mkdir -p $tmp || exit 1
+
+# Try to find some static archives of various libraries:
+#
+libs="$tmp/libs"
+mkdir -p $libs || exit 1
+#for liba in libz.a libjpeg.a libssl.a libcrypto.a
+for liba in libz.a libjpeg.a
+do
+ for dir in /usr/lib /lib /usr/local/lib /usr/pkg/lib /usr/sfw/lib /usr/openwin/lib
+ do
+ if [ "$name" = "Linux.x86_64" -o "$name" = "Linux.ppc64" ] ; then
+ dir64=`echo "$dir" | sed -e 's,lib,lib64,'`
+ fi
+ try="$dir/$liba"
+ if [ -f $try ]; then
+ cp -p "$try" $libs
+ fi
+ done
+done
+echo "Found these static archive libraries, will try to use them..."
+ls -ld $libs
+ls -l $libs
+echo
+
+have_gcc=""
+if type gcc > /dev/null; then
+ have_gcc=1
+fi
+have_cc=""
+if type cc > /dev/null; then
+ have_cc=1
+fi
+
+if [ "X$have_cc" = "X" ]; then
+ if [ "X$have_gcc" = "X1" ]; then
+ cat > $tmp/cc <<END
+#!/bin/sh
+gcc "\$@"
+END
+ chmod 755 $tmp/cc
+ PATH=$PATH:`pwd`/$tmp
+ type cc
+ type gcc
+ fi
+fi
+
+if [ `uname` = "SunOS" ]; then
+ LDFLAGS_OS="$LDFLAGS_OS -L/usr/sfw/lib -R/usr/sfw/lib"
+ CPPFLAGS_OS="$CPPFLAGS_OS -I /usr/sfw/include"
+elif uname | grep -i bsd > /dev/null; then
+ LDFLAGS_OS="$LDFLAGS_OS -L/usr/local/lib -L/usr/pkg/lib"
+ CPPFLAGS_OS="$CPPFLAGS_OS -I /usr/local/include -I /usr/pkg/include"
+fi
+
+# Do tightvnc viewer:
+#
+tight_src=`ls -td ./src/vnc_unixsrc* | head -1`
+if [ ! -d $tight_src ]; then
+ echo "could not locate tight vnc viewer source"
+ exit 1
+fi
+
+cp -pR "$tight_src" "$tmp/vnc_unixsrc" || exit 1
+
+echo "applying tight vnc patches:"
+start=`pwd`
+cd $tmp;
+failed=0
+for patch in ../../patches/tight*
+do
+ if [ ! -f "$patch" ]; then
+ continue
+ fi
+ patch -p0 < $patch
+ if [ $? != 0 ]; then
+ failed=`expr $failed + 1`
+ fi
+done
+cd "$start"
+if [ $failed != 0 ]; then
+ ball=src/zips/vnc_unixsrc_vncviewer.patched.tar
+ echo "patches failed, trying to use backup tarball:"
+ ls -l $ball
+ sleep 2
+ cat $ball | (cd $tmp; tar -xvf -)
+fi
+echo
+
+
+cd $tmp/vnc_unixsrc
+xmkmf
+make Makefiles
+mv vncviewer/Makefile vncviewer/Makefile.orig
+sed -e "s,EXTRA_LDOPTIONS =,EXTRA_LDOPTIONS = -L$start/$libs $LDFLAGS_OS," \
+ -e "s,CCOPTIONS =,CCOPTIONS = $CPPFLAGS_OS," \
+ vncviewer/Makefile.orig > vncviewer/Makefile
+
+if [ `uname` = "SunOS" ]; then
+ for d in vncviewer libvncauth vncconnect vncpasswd
+ do
+ mv $d/Makefile $d/Makefile.orig
+ sed -e "s,CCOPTIONS =.*\$,CCOPTIONS = $CPPFLAGS_OS," \
+ $d/Makefile.orig > $d/Makefile
+ done
+fi
+
+make depend
+echo $PATH
+make all
+ls -l vncviewer/vncviewer
+cd "$start"
+src=$tmp/vnc_unixsrc/vncviewer/vncviewer
+sync
+sleep 2
+sync
+strip $src
+sync
+sleep 2
+sync
+wc $src
+sum $src
+sleep 2
+echo cp -p $src $dest/vncviewer
+cp -p $src $dest/vncviewer || exit 1
+sleep 1
+cp -p $src $dest/vncviewer || exit 1
+ls -l $src $dest/vncviewer
+$dest/vncviewer -h
+ldd $dest/vncviewer
+echo ""
+
+# Do stunnel:
+#
+stunnel_src=`ls -td ./src/stunnel* | head -1`
+if [ ! -d $stunnel_src ]; then
+ echo "could not locate stunnel source"
+ exit 1
+fi
+
+cp -pR "$stunnel_src" "$tmp/stunnel" || exit 1
+
+echo "applying stunnel patches:"
+start=`pwd`
+cd $tmp;
+failed=0
+for patch in ../../patches/stunnel*
+do
+ if [ ! -f "$patch" ]; then
+ continue
+ fi
+ patch -p0 < $patch
+ if [ $? != 0 ]; then
+ failed=`expr $failed + 1`
+ fi
+done
+cd "$start"
+if [ $failed != 0 ]; then
+ ball=src/zips/stunnel.patched.tar
+ echo "patches failed, trying to use backup tarball:"
+ ls -l $ball
+ sleep 2
+ cat $ball | (cd $tmp; tar -xvf -)
+fi
+echo
+
+
+cd $tmp/stunnel
+if [ `uname` = "SunOS" ]; then
+ cp configure configure.orig
+ sed -e "s,/var/ssl,/var/ssl /usr/sfw," configure.orig > configure
+fi
+env LDFLAGS="-L$start/$libs $LDFLAGS_OS" CPPFLAGS="$CPPFLAGS_OS" ./configure --disable-libwrap
+make
+ls -l src/stunnel
+cd "$start"
+src=$tmp/stunnel/src/stunnel
+sync
+sleep 2
+sync
+strip $src
+sync
+sleep 2
+sync
+wc $src
+sum $src
+sleep 2
+echo cp -p $src $dest/stunnel
+cp -p $src $dest/stunnel || exit 1
+sleep 1
+cp -p $src $dest/stunnel || exit 1
+ls -l $src $dest/stunnel
+$dest/stunnel -help
+ldd $dest/stunnel
+echo ""
+
+$dest/vncviewer -h
+ldd $dest/vncviewer
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/filelist.txt b/x11vnc/misc/enhanced_tightvnc_viewer/filelist.txt
new file mode 100644
index 0000000..ab5e95e
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/filelist.txt
@@ -0,0 +1,280 @@
+3277703 4 drwxr-xr-x 6 runge runge 4096 Sep 13 21:28 .
+3277704 4 drwxr-xr-x 7 runge runge 4096 Aug 2 10:05 ./src
+3277781 4 drwxr-xr-x 2 runge runge 4096 Aug 2 10:09 ./src/zips
+3277782 484 -rw-r--r-- 1 runge runge 488512 Jul 25 15:09 ./src/zips/stunnel-4.14.tar.gz
+3277783 212 -rw-r--r-- 1 runge runge 209149 Jul 25 15:10 ./src/zips/tightvnc-1.3dev7_x86_viewer.zip
+3277784 2136 -rw-r--r-- 1 runge runge 2182134 Jul 25 15:11 ./src/zips/tightvnc-1.3dev7_unixsrc.tar.gz
+3277792 4 -rw-r--r-- 1 runge runge 753 Aug 2 10:09 ./src/zips/README
+3277786 364 -rw-r--r-- 1 runge runge 368640 Jul 27 19:06 ./src/zips/vnc_unixsrc_vncviewer.patched.tar
+3277787 1996 -rw-r--r-- 1 runge runge 2037760 Jul 31 23:42 ./src/zips/stunnel.patched.tar
+2982849 4 drwxr-xr-x 2 runge runge 4096 Sep 10 14:37 ./src/patches
+2982852 4 -rw-r--r-- 1 runge runge 3750 Feb 5 2005 ./src/patches/tight-vncviewer-alphahack.patch
+2982854 4 -rw-r--r-- 1 runge runge 1143 Jul 25 15:25 ./src/patches/tight-vncviewer-fullscreen.patch
+2982865 8 -rw-r--r-- 1 runge runge 7633 Jul 27 19:01 ./src/patches/tight-vncviewer-newfbsize.patch
+2982955 4 -rwxr-xr-x 1 runge runge 1529 Sep 10 12:07 ./src/patches/_bundle
+2982877 4 -rwxr-xr-x 1 runge runge 78 Jul 27 14:41 ./src/patches/_getpatches
+2983012 4 -rw-r--r-- 1 runge runge 4072 Jul 31 22:59 ./src/patches/stunnel-maxconn.patch
+2982878 4 -rwxr-xr-x 1 runge runge 117 Jul 27 19:06 ./src/patches/_vncpatchapplied
+2982880 4 -rw-r--r-- 1 runge runge 223 Aug 24 10:11 ./src/patches/README
+2982850 4 drwxr-xr-x 8 runge runge 4096 Jul 25 15:21 ./src/vnc_unixsrc
+2982885 4 -rw-r--r-- 1 runge runge 356 Apr 30 2002 ./src/vnc_unixsrc/Imakefile
+2982886 20 -rw-r--r-- 1 runge runge 18000 Jun 11 2000 ./src/vnc_unixsrc/LICENCE.TXT
+2982887 12 -rw-r--r-- 1 runge runge 8341 Jul 4 2005 ./src/vnc_unixsrc/README
+2982888 12 -rw-r--r-- 1 runge runge 9682 Jul 4 2005 ./src/vnc_unixsrc/tightvnc.spec
+2982889 4 -rw-r--r-- 1 runge runge 486 Aug 30 2002 ./src/vnc_unixsrc/vnc-xclients.patch
+2982890 4 -rwxr-xr-x 1 runge runge 2042 Mar 19 2002 ./src/vnc_unixsrc/vncinstall
+2982891 16 -rwxr-xr-x 1 runge runge 15239 Jul 4 2005 ./src/vnc_unixsrc/vncserver
+2982892 4 -rwxr-xr-x 1 runge runge 1726 Aug 30 2002 ./src/vnc_unixsrc/vncserver.init
+2982893 4 -rw-r--r-- 1 runge runge 3070 Aug 7 2002 ./src/vnc_unixsrc/vncserver.man
+4359127 4 drwxr-xr-x 2 runge runge 4096 Jul 27 16:25 ./src/vnc_unixsrc/classes
+2851413 4 drwxr-xr-x 2 runge runge 4096 Jul 5 2005 ./src/vnc_unixsrc/include
+2851414 44 -rw-r--r-- 1 runge runge 43296 May 27 2004 ./src/vnc_unixsrc/include/rfbproto.h
+2851415 4 -rw-r--r-- 1 runge runge 1166 Jun 11 2000 ./src/vnc_unixsrc/include/vncauth.h
+2851416 4 drwxr-xr-x 2 runge runge 4096 Jul 5 2005 ./src/vnc_unixsrc/libvncauth
+2851417 4 -rw-r--r-- 1 runge runge 199 Apr 30 2002 ./src/vnc_unixsrc/libvncauth/Imakefile
+2851418 16 -rw-r--r-- 1 runge runge 15487 Jun 11 2000 ./src/vnc_unixsrc/libvncauth/d3des.c
+2851419 4 -rw-r--r-- 1 runge runge 1618 Jun 11 2000 ./src/vnc_unixsrc/libvncauth/d3des.h
+2851420 8 -rw-r--r-- 1 runge runge 5879 Mar 1 2003 ./src/vnc_unixsrc/libvncauth/vncauth.c
+2851421 4 drwxr-xr-x 2 runge runge 4096 Jul 5 2005 ./src/vnc_unixsrc/vncconnect
+2851422 4 -rw-r--r-- 1 runge runge 163 Apr 30 2002 ./src/vnc_unixsrc/vncconnect/Imakefile
+2851423 4 -rw-r--r-- 1 runge runge 1167 Nov 10 2000 ./src/vnc_unixsrc/vncconnect/vncconnect.c
+2851424 4 -rw-r--r-- 1 runge runge 1083 Feb 5 2003 ./src/vnc_unixsrc/vncconnect/vncconnect.man
+2851425 4 drwxr-xr-x 2 runge runge 4096 Jul 5 2005 ./src/vnc_unixsrc/vncpasswd
+2851426 4 -rw-r--r-- 1 runge runge 256 Apr 30 2002 ./src/vnc_unixsrc/vncpasswd/Imakefile
+2851427 8 -rw-r--r-- 1 runge runge 7681 Mar 1 2003 ./src/vnc_unixsrc/vncpasswd/vncpasswd.c
+2851428 4 -rw-r--r-- 1 runge runge 3222 Mar 1 2003 ./src/vnc_unixsrc/vncpasswd/vncpasswd.man
+2851429 4 drwxr-xr-x 2 runge runge 4096 Aug 3 19:10 ./src/vnc_unixsrc/vncviewer
+2851430 4 -rw-r--r-- 1 runge runge 1057 Mar 12 2003 ./src/vnc_unixsrc/vncviewer/Imakefile
+2851431 16 -rw-r--r-- 1 runge runge 12375 Jul 4 2005 ./src/vnc_unixsrc/vncviewer/README
+2851432 4 -rw-r--r-- 1 runge runge 3198 Feb 7 2003 ./src/vnc_unixsrc/vncviewer/Vncviewer
+2851433 16 -rw-r--r-- 1 runge runge 14159 Jul 4 2005 ./src/vnc_unixsrc/vncviewer/argsresources.c
+2851434 8 -rw-r--r-- 1 runge runge 5362 Apr 1 2003 ./src/vnc_unixsrc/vncviewer/caps.c
+2851435 4 -rw-r--r-- 1 runge runge 2074 Apr 1 2003 ./src/vnc_unixsrc/vncviewer/caps.h
+2851436 16 -rw-r--r-- 1 runge runge 15568 Apr 30 2002 ./src/vnc_unixsrc/vncviewer/colour.c
+2851437 4 -rw-r--r-- 1 runge runge 2295 Jun 11 2000 ./src/vnc_unixsrc/vncviewer/corre.c
+2851438 16 -rw-r--r-- 1 runge runge 14504 Jan 15 2003 ./src/vnc_unixsrc/vncviewer/cursor.c
+2851439 12 -rw-r--r-- 1 runge runge 11832 May 28 2004 ./src/vnc_unixsrc/vncviewer/desktop.c
+2851440 4 -rw-r--r-- 1 runge runge 2621 Oct 26 2000 ./src/vnc_unixsrc/vncviewer/dialogs.c
+2851441 12 -rw-r--r-- 1 runge runge 11671 Oct 9 2003 ./src/vnc_unixsrc/vncviewer/fullscreen.c
+2851442 4 -rw-r--r-- 1 runge runge 3639 Jun 11 2000 ./src/vnc_unixsrc/vncviewer/hextile.c
+2851443 8 -rw-r--r-- 1 runge runge 7463 Jan 16 2001 ./src/vnc_unixsrc/vncviewer/listen.c
+2851444 12 -rw-r--r-- 1 runge runge 9120 Jan 15 2003 ./src/vnc_unixsrc/vncviewer/misc.c
+2851445 4 -rw-r--r-- 1 runge runge 2749 Jun 11 2000 ./src/vnc_unixsrc/vncviewer/popup.c
+2851446 40 -rw-r--r-- 1 runge runge 38923 Mar 11 2004 ./src/vnc_unixsrc/vncviewer/rfbproto.c
+2851447 4 -rw-r--r-- 1 runge runge 2411 Jun 11 2000 ./src/vnc_unixsrc/vncviewer/rre.c
+2851448 12 -rw-r--r-- 1 runge runge 9985 Mar 3 2004 ./src/vnc_unixsrc/vncviewer/selection.c
+2851449 4 -rw-r--r-- 1 runge runge 2439 Jun 11 2000 ./src/vnc_unixsrc/vncviewer/shm.c
+2851450 12 -rw-r--r-- 1 runge runge 9253 Jan 14 2001 ./src/vnc_unixsrc/vncviewer/sockets.c
+2851451 16 -rw-r--r-- 1 runge runge 16069 Apr 30 2002 ./src/vnc_unixsrc/vncviewer/tight.c
+2851452 8 -rw-r--r-- 1 runge runge 6695 Jul 31 2003 ./src/vnc_unixsrc/vncviewer/tunnel.c
+2851453 4 -rw-r--r-- 1 runge runge 4040 Jan 13 2004 ./src/vnc_unixsrc/vncviewer/vncviewer.c
+2851454 8 -rw-r--r-- 1 runge runge 7236 Mar 11 2004 ./src/vnc_unixsrc/vncviewer/vncviewer.h
+2851455 16 -rw-r--r-- 1 runge runge 14478 Mar 11 2004 ./src/vnc_unixsrc/vncviewer/vncviewer.man
+2851456 8 -rw-r--r-- 1 runge runge 4437 Jan 16 2001 ./src/vnc_unixsrc/vncviewer/zlib.c
+2982894 36 -rw-r--r-- 1 runge runge 34369 Jul 5 2005 ./src/vnc_unixsrc/WhatsNew
+2982895 84 -rw-r--r-- 1 runge runge 80366 Jul 5 2005 ./src/vnc_unixsrc/ChangeLog
+2670933 4 drwxr-xr-x 6 runge runge 4096 Aug 2 09:03 ./src/stunnel-4.14
+3621575 4 drwxr-xr-x 2 runge runge 4096 Nov 2 2005 ./src/stunnel-4.14/auto
+3621576 44 -rwxr-xr-x 1 runge runge 43609 Aug 10 2004 ./src/stunnel-4.14/auto/config.guess
+3621577 32 -rwxr-xr-x 1 runge runge 31160 Aug 10 2004 ./src/stunnel-4.14/auto/config.sub
+3621578 16 -rwxr-xr-x 1 runge runge 13866 Aug 10 2004 ./src/stunnel-4.14/auto/depcomp
+3621579 8 -rwxr-xr-x 1 runge runge 7122 Aug 10 2004 ./src/stunnel-4.14/auto/install-sh
+3621580 184 -rw-r--r-- 1 runge runge 184019 Aug 10 2004 ./src/stunnel-4.14/auto/ltmain.sh
+3621581 12 -rwxr-xr-x 1 runge runge 10266 Aug 10 2004 ./src/stunnel-4.14/auto/missing
+3621582 4 -rwxr-xr-x 1 runge runge 1988 Aug 10 2004 ./src/stunnel-4.14/auto/mkinstalldirs
+5456722 4 drwxr-xr-x 2 runge runge 4096 Jul 31 22:47 ./src/stunnel-4.14/src
+5456723 4 -rw-r--r-- 1 runge runge 1594 Oct 15 2005 ./src/stunnel-4.14/src/Makefile.am
+5456724 20 -rw-r--r-- 1 runge runge 19314 Oct 25 2005 ./src/stunnel-4.14/src/Makefile.in
+5456725 4 -rwxr-xr-x 1 runge runge 2954 Apr 20 2005 ./src/stunnel-4.14/src/stunnel3.in
+5456727 4 -rw-r--r-- 1 runge runge 2376 Dec 31 2004 ./src/stunnel-4.14/src/env.c
+5456728 8 -rw-r--r-- 1 runge runge 7878 Oct 21 2005 ./src/stunnel-4.14/src/common.h
+5456775 12 -rw-r--r-- 1 runge runge 10893 Oct 27 2005 ./src/stunnel-4.14/src/prototypes.h
+5456776 40 -rw-r--r-- 1 runge runge 36917 Oct 24 2005 ./src/stunnel-4.14/src/client.c
+5456777 12 -rw-r--r-- 1 runge runge 9827 Sep 28 2005 ./src/stunnel-4.14/src/log.c
+5456778 44 -rw-r--r-- 1 runge runge 43728 Oct 20 2005 ./src/stunnel-4.14/src/options.c
+5456779 12 -rw-r--r-- 1 runge runge 9137 Apr 11 2005 ./src/stunnel-4.14/src/protocol.c
+5456780 20 -rw-r--r-- 1 runge runge 19335 Oct 30 2005 ./src/stunnel-4.14/src/network.c
+5456781 16 -rw-r--r-- 1 runge runge 12947 Feb 28 2005 ./src/stunnel-4.14/src/resolver.c
+5456782 28 -rw-r--r-- 1 runge runge 25216 Oct 27 2005 ./src/stunnel-4.14/src/ssl.c
+5456783 12 -rw-r--r-- 1 runge runge 9935 Oct 19 2005 ./src/stunnel-4.14/src/sthreads.c
+5456784 16 -rw-r--r-- 1 runge runge 14074 Nov 2 2005 ./src/stunnel-4.14/src/stunnel.c
+5456785 12 -rw-r--r-- 1 runge runge 8254 Jun 13 2005 ./src/stunnel-4.14/src/pty.c
+5456786 32 -rw-r--r-- 1 runge runge 28682 Sep 29 2005 ./src/stunnel-4.14/src/gui.c
+5456787 4 -rw-r--r-- 1 runge runge 227 Nov 5 2002 ./src/stunnel-4.14/src/resources.h
+5456788 4 -rw-r--r-- 1 runge runge 1441 Oct 21 2005 ./src/stunnel-4.14/src/resources.rc
+5456789 8 -rw-r--r-- 1 runge runge 4710 Jul 18 2002 ./src/stunnel-4.14/src/stunnel.ico
+5456791 4 -rw-r--r-- 1 runge runge 76 Jul 18 2002 ./src/stunnel-4.14/src/make.bat
+5456792 4 -rw-r--r-- 1 runge runge 1001 Oct 15 2005 ./src/stunnel-4.14/src/Makefile.w32
+3670989 4 drwxr-xr-x 2 runge runge 4096 Nov 2 2005 ./src/stunnel-4.14/tools
+3670990 4 -rw-r--r-- 1 runge runge 1448 Sep 14 2005 ./src/stunnel-4.14/tools/Makefile.am
+3670991 12 -rw-r--r-- 1 runge runge 12178 Oct 25 2005 ./src/stunnel-4.14/tools/Makefile.in
+3670992 4 -rw-r--r-- 1 runge runge 1436 Sep 22 2005 ./src/stunnel-4.14/tools/stunnel.conf-sample.in
+3670993 4 -rw-r--r-- 1 runge runge 966 Oct 25 2005 ./src/stunnel-4.14/tools/stunnel.init.in
+3670994 4 -rw-r--r-- 1 runge runge 1121 Jul 18 2002 ./src/stunnel-4.14/tools/ca.html
+3670995 4 -rwxr-xr-x 1 runge runge 1793 Jul 18 2002 ./src/stunnel-4.14/tools/ca.pl
+3670996 4 -rw-r--r-- 1 runge runge 409 Jul 18 2002 ./src/stunnel-4.14/tools/importCA.html
+3670997 4 -rwxr-xr-x 1 runge runge 105 Jul 18 2002 ./src/stunnel-4.14/tools/importCA.sh
+3670998 4 -rwxr-xr-x 1 runge runge 223 Apr 23 2004 ./src/stunnel-4.14/tools/script.sh
+3670999 4 -rw-r--r-- 1 runge runge 2618 Oct 21 2005 ./src/stunnel-4.14/tools/stunnel.spec
+3671000 4 -rw-r--r-- 1 runge runge 2989 Jul 6 2005 ./src/stunnel-4.14/tools/stunnel.mak
+3671001 4 -rw-r--r-- 1 runge runge 1175 Sep 1 2002 ./src/stunnel-4.14/tools/stunnel.cnf
+3671002 4 -rw-r--r-- 1 runge runge 3285 Oct 21 2005 ./src/stunnel-4.14/tools/stunnel.nsi
+3671003 4 -rw-r--r-- 1 runge runge 1148 Sep 22 2005 ./src/stunnel-4.14/tools/stunnel.conf
+2670934 4 -rw-r--r-- 1 runge runge 725 Aug 12 2002 ./src/stunnel-4.14/README
+2670935 12 -rw-r--r-- 1 runge runge 8824 Oct 25 2005 ./src/stunnel-4.14/configure.ac
+2670936 240 -rw-r--r-- 1 runge runge 239347 Oct 25 2005 ./src/stunnel-4.14/aclocal.m4
+2670937 4 -rw-r--r-- 1 runge runge 1273 Sep 14 2005 ./src/stunnel-4.14/Makefile.am
+2670938 24 -rw-r--r-- 1 runge runge 20876 Oct 25 2005 ./src/stunnel-4.14/Makefile.in
+2670939 768 -rwxr-xr-x 1 runge runge 780103 Oct 25 2005 ./src/stunnel-4.14/configure
+2670940 4 -rw-r--r-- 1 runge runge 99 Aug 12 2002 ./src/stunnel-4.14/AUTHORS
+2670941 4 -rw-r--r-- 1 runge runge 788 Sep 13 2002 ./src/stunnel-4.14/COPYING
+2670942 28 -rw-r--r-- 1 runge runge 25682 Nov 2 2005 ./src/stunnel-4.14/ChangeLog
+2670943 4 -rw-r--r-- 1 runge runge 1066 Aug 10 2002 ./src/stunnel-4.14/INSTALL
+2670944 4 -rw-r--r-- 1 runge runge 955 Aug 12 2002 ./src/stunnel-4.14/NEWS
+2670945 4 -rw-r--r-- 1 runge runge 1461 Jul 27 2005 ./src/stunnel-4.14/TODO
+2670946 4 -rw-r--r-- 1 runge runge 222 Jul 18 2002 ./src/stunnel-4.14/PORTS
+2670947 4 -rw-r--r-- 1 runge runge 270 Aug 9 2004 ./src/stunnel-4.14/BUGS
+2671491 20 -rw-r--r-- 1 runge runge 17982 Jul 18 2002 ./src/stunnel-4.14/COPYRIGHT.GPL
+2671492 4 -rw-r--r-- 1 runge runge 199 Jul 18 2002 ./src/stunnel-4.14/CREDITS
+2671493 4 -rw-r--r-- 1 runge runge 687 Jul 21 2005 ./src/stunnel-4.14/INSTALL.W32
+5653462 4 drwxr-xr-x 4 runge runge 4096 Jul 30 17:46 ./src/stunnel-4.14/doc
+5653463 4 -rw-r--r-- 1 runge runge 1009 Jan 15 2005 ./src/stunnel-4.14/doc/Makefile.am
+5653464 12 -rw-r--r-- 1 runge runge 12152 Oct 25 2005 ./src/stunnel-4.14/doc/Makefile.in
+5653465 16 -rw-r--r-- 1 runge runge 16341 Sep 29 2005 ./src/stunnel-4.14/doc/stunnel.pod
+5653466 20 -rw-r--r-- 1 runge runge 18829 Sep 29 2005 ./src/stunnel-4.14/doc/stunnel.pl.pod
+5653467 20 -rw-r--r-- 1 runge runge 17798 Dec 25 2004 ./src/stunnel-4.14/doc/stunnel.fr.pod
+5653468 24 -rw-r--r-- 1 runge runge 23885 Sep 29 2005 ./src/stunnel-4.14/doc/stunnel.8
+5653469 28 -rw-r--r-- 1 runge runge 26536 Sep 29 2005 ./src/stunnel-4.14/doc/stunnel.pl.8
+5653470 28 -rw-r--r-- 1 runge runge 24864 Jan 15 2005 ./src/stunnel-4.14/doc/stunnel.fr.8
+5653471 28 -rw-r--r-- 1 runge runge 26128 Sep 29 2005 ./src/stunnel-4.14/doc/stunnel.html
+5653472 32 -rw-r--r-- 1 runge runge 28753 Sep 29 2005 ./src/stunnel-4.14/doc/stunnel.pl.html
+5653473 28 -rw-r--r-- 1 runge runge 27205 Jan 15 2005 ./src/stunnel-4.14/doc/stunnel.fr.html
+4342742 4 drwxr-xr-x 2 runge runge 4096 Jul 18 2002 ./src/stunnel-4.14/doc/en
+4342743 12 -rw-r--r-- 1 runge runge 8414 Jul 18 2002 ./src/stunnel-4.14/doc/en/VNC_StunnelHOWTO.html
+4342744 4 -rw-r--r-- 1 runge runge 4045 Jul 18 2002 ./src/stunnel-4.14/doc/en/transproxy.txt
+4342745 4 drwxr-xr-x 2 runge runge 4096 Jul 18 2002 ./src/stunnel-4.14/doc/pl
+4342746 36 -rw-r--r-- 1 runge runge 36360 Jul 18 2002 ./src/stunnel-4.14/doc/pl/tworzenie_certyfikatow.html
+4342747 8 -rw-r--r-- 1 runge runge 5068 Jul 18 2002 ./src/stunnel-4.14/doc/pl/faq.stunnel-2.html
+3653836 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:44 ./src/tmp
+3277788 4 -rw-r--r-- 1 runge runge 301 Aug 2 10:05 ./src/README
+2851457 4 drwxr-xr-x 12 runge runge 4096 Aug 29 16:32 ./bin
+2261930 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:00 ./bin/Linux.i686
+2261967 196 -rwxr-xr-x 1 runge runge 193076 Jul 31 22:59 ./bin/Linux.i686/vncviewer
+2261999 80 -rwxr-xr-x 1 runge runge 77148 Jul 31 23:00 ./bin/Linux.i686/stunnel
+5538622 4 drwxr-xr-x 2 runge runge 4096 Sep 12 21:24 ./bin/util
+5538759 12 -rwxr-xr-x 1 runge runge 12148 Sep 12 21:24 ./bin/util/ssl_vncviewer
+5538760 136 -rwxr-xr-x 1 runge runge 132853 Sep 12 21:17 ./bin/util/ssl_tightvncviewer.tcl
+5538641 4 -rw-r--r-- 1 runge runge 981 Aug 4 09:27 ./bin/util/stunnel-server.conf
+2851794 4 -rwxr-xr-x 1 runge runge 3581 Jul 31 23:00 ./bin/ssl_tightvncviewer
+2851592 4 -rwxr-xr-x 1 runge runge 3752 Jul 31 23:01 ./bin/tightvncviewer
+2425590 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:30 ./bin/Linux.alpha
+2425595 100 -rwxr-xr-x 1 runge runge 97504 Jul 31 23:30 ./bin/Linux.alpha/stunnel
+2425596 272 -rwxr-xr-x 1 runge runge 274312 Jul 31 23:24 ./bin/Linux.alpha/vncviewer
+3883808 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:24 ./bin/Linux.x86_64
+3883809 84 -rwxr-xr-x 1 runge runge 77896 Jul 31 23:24 ./bin/Linux.x86_64/stunnel
+3883810 112 -rwxr-xr-x 1 runge runge 109656 Jul 31 23:23 ./bin/Linux.x86_64/vncviewer
+3883811 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:27 ./bin/FreeBSD.i386
+3883812 68 -rwxr-xr-x 1 runge runge 64660 Jul 31 23:27 ./bin/FreeBSD.i386/stunnel
+3883813 180 -rwxr-xr-x 1 runge runge 176796 Jul 31 23:24 ./bin/FreeBSD.i386/vncviewer
+3687167 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:27 ./bin/OpenBSD.i386
+3687164 76 -rwxr-xr-x 1 runge runge 72260 Jul 31 23:27 ./bin/OpenBSD.i386/stunnel
+3687165 180 -rwxr-xr-x 1 runge runge 179036 Jul 31 23:24 ./bin/OpenBSD.i386/vncviewer
+4359128 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:27 ./bin/NetBSD.i386
+4359129 72 -rwxr-xr-x 1 runge runge 69064 Jul 31 23:27 ./bin/NetBSD.i386/stunnel
+4359130 176 -rwxr-xr-x 1 runge runge 172624 Jul 31 23:24 ./bin/NetBSD.i386/vncviewer
+2851458 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:25 ./bin/Linux.ppc64
+2851459 76 -rwxr-xr-x 1 runge runge 72856 Jul 31 23:25 ./bin/Linux.ppc64/stunnel
+2851460 196 -rwxr-xr-x 1 runge runge 196112 Jul 31 23:24 ./bin/Linux.ppc64/vncviewer
+3064794 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:47 ./bin/SunOS.sun4u
+3064795 108 -rwxr-xr-x 1 runge runge 106260 Jul 31 23:45 ./bin/SunOS.sun4u/vncviewer
+3064796 76 -rwxr-xr-x 1 runge runge 71748 Jul 31 23:47 ./bin/SunOS.sun4u/stunnel
+2851711 4 -rwxr-xr-x 1 runge runge 1310 Aug 29 16:29 ./bin/ssl_vnc_gui
+2851793 4 -rwxr-xr-x 1 runge runge 640 Jul 31 17:22 ./bin/.linkin
+3293942 4 drwxr-xr-x 2 runge runge 4096 Aug 1 22:14 ./bin/profiles
+3277791 8 -rwxr-xr-x 1 runge runge 4814 Jul 30 17:54 ./build.unix
+3277785 20 -rw-r--r-- 1 runge runge 18043 Aug 1 2001 ./COPYING
+3277827 8 -rw-r--r-- 1 runge runge 7222 Sep 10 16:04 ./README
+5063553 4 drwxr-xr-x 3 runge runge 4096 Jul 27 16:32 ./man
+5063554 4 drwxr-xr-x 2 runge runge 4096 Jul 27 16:33 ./man/man1
+5063556 16 -rw-r--r-- 1 runge runge 14478 Jul 27 16:32 ./man/man1/vncviewer.1
+5063557 24 -rw-r--r-- 1 runge runge 23885 Jul 27 16:33 ./man/man1/stunnel.1
+5538624 4 drwxr-xr-x 4 runge runge 4096 Sep 6 16:30 ./Windows
+5538633 2312 -rw-r--r-- 1 runge runge 2361922 Sep 12 22:27 ./Windows/ssl_tightvncviewer.exe
+5538576 4 -rw-r--r-- 1 runge runge 2149 Aug 2 09:42 ./Windows/README.txt
+3293943 4 drwxr-xr-x 2 runge runge 4096 Aug 1 22:14 ./Windows/profiles
+4621136 4 drwxr-xr-x 5 runge runge 4096 Sep 6 16:30 ./Windows/util
+5096237 4 drwxr-xr-x 2 runge runge 4096 Sep 2 16:06 ./Windows/util/esound
+5096238 148 -rw-rw-rw- 1 runge runge 146432 Jun 26 2004 ./Windows/util/esound/cygaudiofile.dll
+5096239 60 -rw-rw-rw- 1 runge runge 53270 Feb 19 2003 ./Windows/util/esound/cygesd.dll
+5096241 1132 -rw-rw-rw- 1 runge runge 1153417 May 26 2004 ./Windows/util/esound/cygwin1.dll
+5096242 68 -rw-r--r-- 1 runge runge 65385 Feb 19 2003 ./Windows/util/esound/esd.exe
+5096248 24 -rw-r--r-- 1 runge runge 21282 Feb 19 2003 ./Windows/util/esound/esdcat.exe
+5096249 32 -rw-r--r-- 1 runge runge 32330 Feb 19 2003 ./Windows/util/esound/esdctl.exe
+5096251 24 -rw-r--r-- 1 runge runge 21428 Feb 19 2003 ./Windows/util/esound/esdfilt.exe
+5096252 24 -rw-r--r-- 1 runge runge 22643 Feb 19 2003 ./Windows/util/esound/esdloop.exe
+5096253 24 -rw-r--r-- 1 runge runge 21264 Feb 19 2003 ./Windows/util/esound/esdmon.exe
+5096254 28 -rw-r--r-- 1 runge runge 24835 Feb 19 2003 ./Windows/util/esound/esdplay.exe
+5096255 24 -rw-r--r-- 1 runge runge 21288 Feb 19 2003 ./Windows/util/esound/esdrec.exe
+5096256 28 -rw-r--r-- 1 runge runge 25151 Feb 19 2003 ./Windows/util/esound/esdsample.exe
+5096258 4 -rw-r--r-- 1 runge runge 51 Sep 2 16:05 ./Windows/util/esound/example.bat
+4621144 1132 -rwxr-xr-x 1 runge runge 1153024 Mar 23 2005 ./Windows/util/openssl.exe
+5538626 1548 -rwxr-xr-x 1 runge runge 1578787 Mar 23 2005 ./Windows/util/libeay32.dll
+5538629 624 -rwxr-xr-x 1 runge runge 632226 Mar 23 2005 ./Windows/util/libssl32.dll
+4621310 128 -rw-r--r-- 1 runge runge 126976 Sep 4 10:56 ./Windows/util/pageant.exe
+4621311 164 -rw-r--r-- 1 runge runge 163840 Sep 4 10:57 ./Windows/util/puttygen.exe
+5538631 76 -rwxr-xr-x 1 runge runge 73728 Feb 26 2006 ./Windows/util/stunnel.exe
+5538625 360 -rwxr-xr-x 1 runge runge 364544 Jul 5 2005 ./Windows/util/vncviewer.exe
+4621143 260 -rw-r--r-- 1 runge runge 262144 Sep 2 21:19 ./Windows/util/plink.exe
+3293944 4 drwxr-xr-x 8 runge runge 4096 Sep 5 20:57 ./Windows/util/info
+3293945 4 drwxr-xr-x 2 runge runge 4096 Aug 2 09:40 ./Windows/util/info/vncviewer
+5538627 20 -rw-r--r-- 1 runge runge 18340 Jul 6 2005 ./Windows/util/info/vncviewer/LICENCE.txt
+5538628 4 -rw-r--r-- 1 runge runge 1238 Jul 6 2005 ./Windows/util/info/vncviewer/README.txt
+3294015 4 -rw-r--r-- 1 runge runge 24 Aug 2 09:39 ./Windows/util/info/vncviewer/location.url
+3294016 4 -rw-r--r-- 1 runge runge 38 Aug 2 09:39 ./Windows/util/info/vncviewer/download.url
+3293947 4 drwxr-xr-x 2 runge runge 4096 Aug 2 09:38 ./Windows/util/info/stunnel
+3293948 4 -rw-r--r-- 1 runge runge 99 Aug 12 2002 ./Windows/util/info/stunnel/AUTHORS
+3293949 4 -rw-r--r-- 1 runge runge 788 Sep 13 2002 ./Windows/util/info/stunnel/COPYING
+3293950 20 -rw-r--r-- 1 runge runge 17982 Jul 18 2002 ./Windows/util/info/stunnel/COPYRIGHT.GPL
+3293951 4 -rw-r--r-- 1 runge runge 199 Jul 18 2002 ./Windows/util/info/stunnel/CREDITS
+3293952 4 -rw-r--r-- 1 runge runge 687 Jul 21 2005 ./Windows/util/info/stunnel/INSTALL.W32
+3293953 4 -rw-r--r-- 1 runge runge 725 Aug 12 2002 ./Windows/util/info/stunnel/README
+3293954 28 -rw-r--r-- 1 runge runge 25682 Nov 2 2005 ./Windows/util/info/stunnel/ChangeLog
+3293955 4 -rw-r--r-- 1 runge runge 1066 Aug 10 2002 ./Windows/util/info/stunnel/INSTALL
+3293956 4 -rw-r--r-- 1 runge runge 955 Aug 12 2002 ./Windows/util/info/stunnel/NEWS
+3293958 4 -rw-r--r-- 1 runge runge 222 Jul 18 2002 ./Windows/util/info/stunnel/PORTS
+3293959 4 -rw-r--r-- 1 runge runge 1461 Jul 27 2005 ./Windows/util/info/stunnel/TODO
+3293960 28 -rw-r--r-- 1 runge runge 26128 Sep 29 2005 ./Windows/util/info/stunnel/stunnel.html
+3293969 16 -rw-r--r-- 1 runge runge 14638 Aug 2 09:37 ./Windows/util/info/stunnel/download.html
+3294011 4 -rw-r--r-- 1 runge runge 47 Aug 2 09:15 ./Windows/util/info/stunnel/download.url
+3294012 24 -rw-r--r-- 1 runge runge 21815 Aug 2 09:13 ./Windows/util/info/stunnel/location.html
+3294013 4 -rw-r--r-- 1 runge runge 46 Aug 2 09:13 ./Windows/util/info/stunnel/location.url
+3293961 4 drwxr-xr-x 2 runge runge 4096 Aug 2 09:37 ./Windows/util/info/openssl
+3293965 4 -rw-r--r-- 1 runge runge 47 Aug 2 09:15 ./Windows/util/info/openssl/download.url
+3293963 4 -rw-r--r-- 1 runge runge 46 Aug 2 09:13 ./Windows/util/info/openssl/location.url
+3293964 4 -rw-r--r-- 1 runge runge 3489 Nov 28 2005 ./Windows/util/info/openssl/COPYRIGHT.SSLeay
+3293967 16 -rw-r--r-- 1 runge runge 14638 Aug 2 09:37 ./Windows/util/info/openssl/download.html
+3293962 24 -rw-r--r-- 1 runge runge 21815 Aug 2 09:13 ./Windows/util/info/openssl/location.html
+2261824 4 drwxr-xr-x 2 runge runge 4096 Aug 2 09:36 ./Windows/util/info/plink
+3293966 4 -rw-r--r-- 1 runge runge 3549 Aug 2 09:35 ./Windows/util/info/plink/licence.html
+3293968 4 -rw-r--r-- 1 runge runge 65 Aug 2 09:35 ./Windows/util/info/plink/licence.url
+2261825 28 -rw-r--r-- 1 runge runge 24744 Aug 2 09:35 ./Windows/util/info/plink/download.html
+2261826 4 -rw-r--r-- 1 runge runge 66 Aug 2 09:35 ./Windows/util/info/plink/download.url
+2229126 4 drwxr-xr-x 2 runge runge 4096 Sep 3 12:09 ./Windows/util/info/esound
+2229127 20 -rw-r--r-- 1 runge runge 17992 Sep 3 12:09 ./Windows/util/info/esound/COPYING
+2229128 4 -rw-r--r-- 1 runge runge 40 Sep 3 12:07 ./Windows/util/info/esound/download.url
+2229129 28 -rw-r--r-- 1 runge runge 25265 Sep 3 12:09 ./Windows/util/info/esound/COPYING.LIB
+2229130 4 -rw-r--r-- 1 runge runge 2153 Sep 3 12:09 ./Windows/util/info/esound/AUTHORS
+2229131 4 -rw-r--r-- 1 runge runge 1936 Sep 3 12:09 ./Windows/util/info/esound/README
+2229132 4 -rw-r--r-- 1 runge runge 178 Sep 3 12:09 ./Windows/util/info/esound/MAINTAINERS
+3113803 4 drwxr-xr-x 2 runge runge 4096 Sep 5 20:58 ./Windows/util/info/netcat
+3113804 8 -rw-r--r-- 1 runge runge 6833 Dec 27 2004 ./Windows/util/info/netcat/readme.txt
+3113805 20 -rw-r--r-- 1 runge runge 18009 Dec 27 2004 ./Windows/util/info/netcat/license.txt
+3064790 4 drwxr-xr-x 2 runge runge 4096 Aug 2 09:40 ./Windows/util/w98
+4621137 120 -rw-r--r-- 1 runge runge 118524 Feb 26 1997 ./Windows/util/w98/kill.exe
+4621138 116 -rw-r--r-- 1 runge runge 114240 Feb 26 1997 ./Windows/util/w98/tlist.exe
+3064797 24 -rw-r--r-- 1 runge runge 24576 Apr 30 1998 ./Windows/util/w98/README.DOC
+3064799 4 -rw-r--r-- 1 runge runge 75 Aug 2 08:56 ./Windows/util/w98/location.url
+4621140 4 -rw-r--r-- 1 runge runge 981 Aug 4 09:27 ./Windows/util/stunnel-server.conf
+4621142 4 -rw-r--r-- 1 runge runge 1173 Aug 4 09:27 ./Windows/util/stunnel-client.conf
+4621312 64 -rw-r--r-- 1 runge runge 61440 Dec 29 2004 ./Windows/util/netcat.exe
+5538607 416 -rw-r--r-- 1 runge runge 421888 Sep 6 14:14 ./Windows/util/putty.exe
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/README b/x11vnc/misc/enhanced_tightvnc_viewer/src/README
new file mode 100644
index 0000000..6630db9
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/README
@@ -0,0 +1,7 @@
+
+In this directory we have source zip/tgz files in zip/, the patches
+we created in patches/, a temporary build dir (used by build.unix)
+in tmp/, and unpacked sources in vnc_unixsrc/ and stunnel-4.14/ (used
+by the build.unix script).
+
+See the README in the directory one level up for more information.
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/README b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/README
new file mode 100644
index 0000000..9451e7e
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/README
@@ -0,0 +1,6 @@
+All of the patch files and scripts in this directory are
+
+ Copyright (c) 2006 by Karl J. Runge <runge@karlrunge.com>
+
+and are licensed by the GPL. See the README and COPYING files two
+directories up for more information.
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_bundle b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_bundle
new file mode 100755
index 0000000..c2eec84
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_bundle
@@ -0,0 +1,33 @@
+#!/bin/sh
+
+rm -rf ./src/tmp/* || exit 1
+vers=1.0.3
+
+cd .. || exit 1
+
+if [ -f enhanced_tightvnc_viewer-$vers.zip ]; then
+ mv enhanced_tightvnc_viewer-$vers.zip enhanced_tightvnc_viewer-$vers.zip~
+fi
+rm -f enhanced_tightvnc_viewer_all-$vers.zip
+rm -f enhanced_tightvnc_viewer-$vers.zip
+zip -9 -r enhanced_tightvnc_viewer_all-$vers.zip enhanced_tightvnc_viewer
+zip -9 -r enhanced_tightvnc_viewer-$vers.zip enhanced_tightvnc_viewer -x '*.zip' '*.tar.gz'
+tar cvf - --exclude='*.zip' --exclude='*.tar.gz' enhanced_tightvnc_viewer | gzip -9 > enhanced_tightvnc_viewer-$vers.tar.gz
+tar cvf - --exclude='*.zip' --exclude='*.tar.gz' --exclude='*.dll' --exclude='*.exe' --exclude enhanced_tightvnc_viewer/Windows/util enhanced_tightvnc_viewer | gzip -9 > enhanced_tightvnc_viewer_no_windows-$vers.tar.gz
+
+ls -l enhanced_tightvnc_viewer*-$vers.*
+
+###########################################
+
+rm -rf enhanced_tightvnc_viewer_windows_only-${vers}*
+
+cp -pR enhanced_tightvnc_viewer enhanced_tightvnc_viewer_windows_only-$vers
+rm -rf enhanced_tightvnc_viewer_windows_only-$vers/{src,bin,man}/*
+rm -rf enhanced_tightvnc_viewer_windows_only-$vers/bin/.linkin
+cp -p enhanced_tightvnc_viewer/bin/util/ssl_tightvncviewer.tcl enhanced_tightvnc_viewer_windows_only-$vers/Windows/util
+
+rm -f enhanced_tightvnc_viewer_windows_only-$vers.zip
+zip -9 -r enhanced_tightvnc_viewer_windows_only-$vers.zip enhanced_tightvnc_viewer_windows_only-$vers
+
+ls -l enhanced_tightvnc_viewer_windows_only-$vers.zip
+rm -rf enhanced_tightvnc_viewer_windows_only-${vers}
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_getpatches b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_getpatches
new file mode 100755
index 0000000..8fa3645
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_getpatches
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+cp -p /dist/src/apps/VNC/tight_vnc_1.3dev5/tight-vncviewer*patch .
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_vncpatchapplied b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_vncpatchapplied
new file mode 100755
index 0000000..0ff1931
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_vncpatchapplied
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+make clean
+rm -f *.o
+cd ../..
+tar -cvf ../../zips/vnc_unixsrc_vncviewer.patched.tar vnc_unixsrc/vncviewer
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/stunnel-maxconn.patch b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/stunnel-maxconn.patch
new file mode 100644
index 0000000..7067a7c
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/stunnel-maxconn.patch
@@ -0,0 +1,124 @@
+diff -Naur stunnel.orig/src/client.c stunnel/src/client.c
+--- stunnel.orig/src/client.c 2005-10-24 14:00:56.000000000 -0400
++++ stunnel/src/client.c 2006-07-31 21:51:37.000000000 -0400
+@@ -126,6 +126,10 @@
+ s_log(LOG_DEBUG, "%s finished (%d left)", c->opt->servname,
+ --num_clients);
+ leave_critical_section(CRIT_CLIENTS);
++ if (num_clients <= 0 && options.maxconn > 0 && num_conn >= options.maxconn) {
++ s_log(LOG_NOTICE, "client() finished: exceeded maxconn");
++ exit(0);
++ }
+ #endif
+ free(c);
+ #ifdef DEBUG_STACK_SIZE
+diff -Naur stunnel.orig/src/network.c stunnel/src/network.c
+--- stunnel.orig/src/network.c 2005-10-30 16:35:42.000000000 -0500
++++ stunnel/src/network.c 2006-07-31 21:53:49.000000000 -0400
+@@ -329,6 +329,10 @@
+ /* no logging is possible in a signal handler */
+ #ifdef USE_FORK
+ num_clients--; /* one client less */
++ if (num_clients <= 0 && options.maxconn > 0 && num_conn >= options.maxconn) {
++ s_log(LOG_NOTICE, "sigchld_handler() finished: exceeded maxconn");
++ exit(0);
++ }
+ #endif /* USE_FORK */
+ }
+ #else /* __sgi */
+@@ -375,6 +379,10 @@
+ if((pid=wait(&status))>0) {
+ num_clients--; /* one client less */
+ #endif
++ if (num_clients <= 0 && options.maxconn > 0 && num_conn >= options.maxconn) {
++ s_log(LOG_NOTICE, "client_status() finished: exceeded maxconn");
++ exit(0);
++ }
+ #ifdef WIFSIGNALED
+ if(WIFSIGNALED(status)) {
+ s_log(LOG_DEBUG, "Process %d terminated on signal %d (%d left)",
+diff -Naur stunnel.orig/src/options.c stunnel/src/options.c
+--- stunnel.orig/src/options.c 2005-10-20 03:12:07.000000000 -0400
++++ stunnel/src/options.c 2006-07-31 22:49:57.000000000 -0400
+@@ -665,6 +665,24 @@
+ break;
+ }
+
++ /* maxconn */
++ switch(cmd) {
++ case CMD_INIT:
++ options.maxconn=0;
++ break;
++ case CMD_EXEC:
++ if(strcasecmp(opt, "maxconn"))
++ break;
++ options.maxconn=atoi(arg);
++ return NULL; /* OK */
++ case CMD_DEFAULT:
++ log_raw("%-15s = 0", "maxconn");
++ break;
++ case CMD_HELP:
++ log_raw("%-15s = maximum number of accepted connections", "maxconn");
++ break;
++ }
++
+ if(cmd==CMD_EXEC)
+ return option_not_found;
+ return NULL; /* OK */
+diff -Naur stunnel.orig/src/prototypes.h stunnel/src/prototypes.h
+--- stunnel.orig/src/prototypes.h 2005-10-27 05:41:28.000000000 -0400
++++ stunnel/src/prototypes.h 2006-07-31 22:49:36.000000000 -0400
+@@ -44,6 +44,7 @@
+ /**************************************** Prototypes for stunnel.c */
+
+ extern int num_clients;
++extern int num_conn;
+
+ void main_initialize(char *, char *);
+ void main_execute(void);
+@@ -113,6 +114,7 @@
+ long session_timeout;
+ int verify_level;
+ int verify_use_only_my;
++ int maxconn;
+ long ssl_options;
+
+ /* some global data for stunnel.c */
+diff -Naur stunnel.orig/src/stunnel.c stunnel/src/stunnel.c
+--- stunnel.orig/src/stunnel.c 2005-11-02 15:18:42.000000000 -0500
++++ stunnel/src/stunnel.c 2006-07-31 21:40:04.000000000 -0400
+@@ -53,6 +53,7 @@
+ #endif
+
+ int num_clients=0; /* Current number of clients */
++int num_conn=0; /* Total number of connections */
+
+ /* Functions */
+
+@@ -138,6 +139,7 @@
+ }
+
+ num_clients=0;
++ num_conn=0;
+
+ /* bind local ports */
+ for(opt=local_options.next; opt; opt=opt->next) {
+@@ -222,6 +224,18 @@
+ return; /* error */
+ }
+ }
++ num_conn++;
++fprintf(stderr, "num_conn: %d\n", num_conn);
++ if (options.maxconn > 0 && num_conn > options.maxconn) {
++ s_log(LOG_WARNING, "Connection rejected: exceeded maxconn (%d>%d)",
++ num_conn, options.maxconn);
++ closesocket(s);
++ if (num_clients == 0) {
++ s_log(LOG_WARNING, "Finished via maxconn.");
++ exit(0);
++ }
++ return;
++ }
+ s_ntop(from_address, &addr);
+ s_log(LOG_DEBUG, "%s accepted FD=%d from %s",
+ opt->servname, s, from_address);
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/tight-vncviewer-fullscreen.patch b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/tight-vncviewer-fullscreen.patch
new file mode 100644
index 0000000..97494ee
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/tight-vncviewer-fullscreen.patch
@@ -0,0 +1,42 @@
+--- vnc_unixsrc.orig/vncviewer/fullscreen.c 2003-10-09 05:23:49.000000000 -0400
++++ vnc_unixsrc/vncviewer/fullscreen.c 2004-12-26 21:21:44.000000000 -0500
+@@ -173,9 +173,15 @@
+ XtVaSetValues(popup, XtNoverrideRedirect, True, NULL);
+
+ /* Try to get the input focus. */
+-
++
++#if 0
+ XSetInputFocus(dpy, DefaultRootWindow(dpy), RevertToPointerRoot,
+ CurrentTime);
++#else
++ XSetInputFocus(dpy, PointerRoot, RevertToPointerRoot,
++ CurrentTime);
++#endif
++
+
+ /* Optionally, grab the keyboard. */
+
+@@ -184,6 +190,10 @@
+ GrabModeAsync, CurrentTime) != GrabSuccess) {
+ fprintf(stderr, "XtGrabKeyboard() failed.\n");
+ }
++if (getenv("VNCVIEWER_GRAB_SERVER") != NULL) { /* runge bot of FullScreenOn */
++ fprintf(stderr, "calling XGrabServer(dpy)\n");
++ XGrabServer(dpy);
++}
+ }
+
+
+@@ -210,6 +220,11 @@
+
+ appData.fullScreen = False;
+
++if (getenv("VNCVIEWER_GRAB_SERVER") != NULL) { /* runge top of FullScreenOff */
++ fprintf(stderr, "calling XUngrabServer(dpy)\n");
++ XUngrabServer(dpy);
++}
++
+ if (appData.grabKeyboard)
+ XtUngrabKeyboard(desktop, CurrentTime);
+
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/tight-vncviewer-newfbsize.patch b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/tight-vncviewer-newfbsize.patch
new file mode 100644
index 0000000..d9eb114
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/tight-vncviewer-newfbsize.patch
@@ -0,0 +1,285 @@
+--- vnc_unixsrc.orig/vncviewer/desktop.c 2004-05-28 13:29:29.000000000 -0400
++++ vnc_unixsrc/vncviewer/desktop.c 2006-07-27 11:30:01.000000000 -0400
+@@ -50,6 +50,30 @@
+ },
+ };
+
++void create_image() {
++ image = NULL;
++
++#ifdef MITSHM
++ if (appData.useShm) {
++ image = CreateShmImage();
++ if (!image)
++ appData.useShm = False;
++ }
++#endif
++
++ if (!image) {
++ image = XCreateImage(dpy, vis, visdepth, ZPixmap, 0, NULL,
++ si.framebufferWidth, si.framebufferHeight,
++ BitmapPad(dpy), 0);
++
++ image->data = malloc(image->bytes_per_line * image->height);
++ if (!image->data) {
++ fprintf(stderr,"malloc failed\n");
++ exit(1);
++ }
++ }
++}
++
+
+ /*
+ * DesktopInitBeforeRealization creates the "desktop" widget and the viewport
+@@ -82,30 +106,9 @@
+ for (i = 0; i < 256; i++)
+ modifierPressed[i] = False;
+
+- image = NULL;
+-
+-#ifdef MITSHM
+- if (appData.useShm) {
+- image = CreateShmImage();
+- if (!image)
+- appData.useShm = False;
+- }
+-#endif
+-
+- if (!image) {
+- image = XCreateImage(dpy, vis, visdepth, ZPixmap, 0, NULL,
+- si.framebufferWidth, si.framebufferHeight,
+- BitmapPad(dpy), 0);
+-
+- image->data = malloc(image->bytes_per_line * image->height);
+- if (!image->data) {
+- fprintf(stderr,"malloc failed\n");
+- exit(1);
+- }
+- }
++ create_image();
+ }
+
+-
+ /*
+ * DesktopInitAfterRealization does things which require the X windows to
+ * exist. It creates some GCs and sets the dot cursor.
+@@ -460,3 +463,69 @@
+ break;
+ }
+ }
++
++static void reset_image(void) {
++ if (UsingShm()) {
++ ShmCleanup();
++ } else {
++ if (image && image->data) {
++ free(image->data);
++ XDestroyImage(image);
++ image = NULL;
++ }
++ }
++ create_image();
++ XFlush(dpy);
++}
++
++void ReDoDesktop(void) {
++ int w, h, x, y, dw, dh;
++
++ if (appData.fullScreen) {
++ if (image && image->data) {
++ int len;
++ int h = image->height;
++ int w = image->width;
++ len = image->bytes_per_line * image->height;
++ /* black out window first: */
++ memset(image->data, 0, len);
++ XPutImage(dpy, XtWindow(desktop), gc, image, 0, 0, 0, 0, w, h);
++ XFlush(dpy);
++ }
++ XtResizeWidget(desktop, si.framebufferWidth, si.framebufferHeight, 0);
++ XSync(dpy, False);
++ usleep(100*1000);
++ FullScreenOn();
++ XSync(dpy, False);
++ usleep(100*1000);
++ reset_image();
++ return;
++ }
++
++ dw = appData.wmDecorationWidth;
++ dh = appData.wmDecorationHeight;
++
++ w = si.framebufferWidth;
++ h = si.framebufferHeight;
++
++ if (w + dw >= dpyWidth) {
++ w = dpyWidth - dw;
++ }
++ if (h + dh >= dpyHeight) {
++ h = dpyHeight - dh;
++ }
++
++ XtVaSetValues(toplevel, XtNmaxWidth, w, XtNmaxHeight, h, NULL);
++
++ XtVaSetValues(desktop, XtNwidth, si.framebufferWidth,
++ XtNheight, si.framebufferHeight, NULL);
++
++ x = (dpyWidth - w - dw)/2;
++ y = (dpyHeight - h - dh)/2;
++
++ XtResizeWidget(desktop, si.framebufferWidth, si.framebufferHeight, 0);
++
++ XtConfigureWidget(toplevel, x + dw, y + dh, w, h, 0);
++
++ reset_image();
++}
+--- vnc_unixsrc.orig/vncviewer/fullscreen.c 2003-10-09 05:23:49.000000000 -0400
++++ vnc_unixsrc/vncviewer/fullscreen.c 2006-07-27 14:36:06.000000000 -0400
+@@ -85,10 +85,13 @@
+ Dimension oldViewportWidth, oldViewportHeight, clipWidth, clipHeight;
+ Position viewportX, viewportY;
+
++ Bool fsAlready = appData.fullScreen, toobig = False;
++
+ appData.fullScreen = True;
+
+ if (si.framebufferWidth > dpyWidth || si.framebufferHeight > dpyHeight) {
+
++ toobig = True;
+ XtVaSetValues(viewport, XtNforceBars, True, NULL);
+ XtVaGetValues(viewport, XtNwidth, &oldViewportWidth,
+ XtNheight, &oldViewportHeight, NULL);
+@@ -129,6 +132,7 @@
+ reparenting our window to the root. The window manager will get a
+ ReparentNotify and hopefully clean up its frame window. */
+
++if (! fsAlready) {
+ XtVaSetValues(toplevel, XtNoverrideRedirect, True, NULL);
+
+ XReparentWindow(dpy, XtWindow(toplevel), DefaultRootWindow(dpy), 0, 0);
+@@ -164,10 +168,22 @@
+
+ XtManageChild(viewport);
+
+- /* Now we can set "toplevel" to its proper size. */
++} else {
++ XSync(dpy, False);
++}
+
++ /* Now we can set "toplevel" to its proper size. */
+ XtResizeWidget(toplevel, toplevelWidth, toplevelHeight, 0);
+
++if (fsAlready) {
++ XtResizeWidget(viewport, viewportWidth, viewportHeight, 0);
++ if (! toobig) {
++ XtVaSetValues(viewport, XtNforceBars, False, NULL);
++ }
++ XMoveWindow(dpy, XtWindow(viewport), viewportX, viewportY);
++ XSync(dpy, False);
++}
++
+ /* Set the popup to overrideRedirect too */
+
+ XtVaSetValues(popup, XtNoverrideRedirect, True, NULL);
+--- vnc_unixsrc.orig/vncviewer/rfbproto.c 2004-03-11 13:14:39.000000000 -0500
++++ vnc_unixsrc/vncviewer/rfbproto.c 2006-07-25 21:51:20.000000000 -0400
+@@ -177,6 +177,9 @@
+ sig_rfbEncodingPointerPos, "Pointer position update");
+ CapsAdd(encodingCaps, rfbEncodingLastRect, rfbTightVncVendor,
+ sig_rfbEncodingLastRect, "LastRect protocol extension");
++
++ CapsAdd(encodingCaps, rfbEncodingNewFBSize, rfbTightVncVendor,
++ sig_rfbEncodingNewFBSize, "New FB size protocol extension");
+ }
+
+
+@@ -729,6 +732,7 @@
+ Bool requestCompressLevel = False;
+ Bool requestQualityLevel = False;
+ Bool requestLastRectEncoding = False;
++ Bool requestNewFBSizeEncoding = True;
+
+ spf.type = rfbSetPixelFormat;
+ spf.format = myFormat;
+@@ -806,6 +810,10 @@
+ if (se->nEncodings < MAX_ENCODINGS && requestLastRectEncoding) {
+ encs[se->nEncodings++] = Swap32IfLE(rfbEncodingLastRect);
+ }
++
++ if (se->nEncodings < MAX_ENCODINGS && requestNewFBSizeEncoding) {
++ encs[se->nEncodings++] = Swap32IfLE(rfbEncodingNewFBSize);
++ }
+ }
+ else {
+ if (SameMachine(rfbsock)) {
+@@ -849,6 +857,7 @@
+ }
+
+ encs[se->nEncodings++] = Swap32IfLE(rfbEncodingLastRect);
++ encs[se->nEncodings++] = Swap32IfLE(rfbEncodingNewFBSize);
+ }
+
+ len = sz_rfbSetEncodingsMsg + se->nEncodings * 4;
+@@ -1038,6 +1047,16 @@
+ }
+ continue;
+ }
++ if (rect.encoding == rfbEncodingNewFBSize) {
++ fprintf(stderr,"New Size: %dx%d at (%d, %d)\n",
++ rect.r.w, rect.r.h, rect.r.x, rect.r.y);
++ si.framebufferWidth = rect.r.w;
++ si.framebufferHeight = rect.r.h;
++ fprintf(stderr, "si: %d %d\n", si.framebufferWidth, si.framebufferHeight);
++ ReDoDesktop();
++
++ continue;
++ }
+
+ if ((rect.r.x + rect.r.w > si.framebufferWidth) ||
+ (rect.r.y + rect.r.h > si.framebufferHeight))
+--- vnc_unixsrc.orig/vncviewer/shm.c 2000-06-11 08:00:53.000000000 -0400
++++ vnc_unixsrc/vncviewer/shm.c 2006-07-26 23:30:42.000000000 -0400
+@@ -41,6 +41,10 @@
+ }
+ }
+
++Bool UsingShm() {
++ return needShmCleanup;
++}
++
+ static int
+ ShmCreationXErrorHandler(Display *dpy, XErrorEvent *error)
+ {
+--- vnc_unixsrc.orig/vncviewer/vncviewer.h 2004-03-11 13:14:40.000000000 -0500
++++ vnc_unixsrc/vncviewer/vncviewer.h 2006-07-26 23:31:25.000000000 -0400
+@@ -162,6 +162,8 @@
+ extern void CopyDataToScreen(char *buf, int x, int y, int width, int height);
+ extern void SynchroniseScreen();
+
++extern void ReDoDesktop();
++
+ /* dialogs.c */
+
+ extern void ServerDialogDone(Widget w, XEvent *event, String *params,
+@@ -243,6 +245,7 @@
+
+ extern XImage *CreateShmImage();
+ extern void ShmCleanup();
++extern Bool UsingShm();
+
+ /* sockets.c */
+
+--- vnc_unixsrc.orig/vncviewer/vncviewer.c 2004-01-13 09:22:05.000000000 -0500
++++ vnc_unixsrc/vncviewer/vncviewer.c 2006-07-27 19:00:25.000000000 -0400
+@@ -57,6 +57,11 @@
+ }
+ }
+
++ if (argc > 1 && strstr(argv[1], "-h") == argv[1]) {
++ usage();
++ return 0;
++ }
++
+ /* Call the main Xt initialisation function. It parses command-line options,
+ generating appropriate resource specs, and makes a connection to the X
+ display. */
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/zips/README b/x11vnc/misc/enhanced_tightvnc_viewer/src/zips/README
new file mode 100644
index 0000000..776d4bf
--- /dev/null
+++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/zips/README
@@ -0,0 +1,15 @@
+This is where we keep the 3rd party source zip and tar.gz files used
+to build this package.
+
+www.stunnel.org source 488512 Jul 25 15:09 stunnel-4.14.tar.gz
+www.tightvnc.com source 2182134 Jul 25 15:11 tightvnc-1.3dev7_unixsrc.tar.gz
+www.tightvnc.com windows
+ standalone viewer binary: 209149 Jul 25 15:10 tightvnc-1.3dev7_x86_viewer.zip
+
+To save space they may not be included in the package you downloaded.
+The should be included in the "enhanced_tightvnc_viewer_all-<version>.zip" file.
+Go to the websites indicated above or contact me if you cannot find them.
+
+The stunnel.patched.tar vnc_unixsrc_vncviewer.patched.tar
+files are tarballs of the original sources above with patches applied
+(used by build.unix script when patching fails).