diff options
Diffstat (limited to 'x11vnc/misc')
32 files changed, 7663 insertions, 0 deletions
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/COPYING b/x11vnc/misc/enhanced_tightvnc_viewer/COPYING new file mode 100644 index 0000000..a3f6b12 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/COPYING @@ -0,0 +1,340 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc. + 59 Temple Place - Suite 330, Boston, MA + 02111-1307, USA. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Library General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + Appendix: How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + <one line to give the program's name and a brief idea of what it does.> + Copyright (C) 19yy <name of author> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) 19yy name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + <signature of Ty Coon>, 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Library General +Public License instead of this License. diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/README b/x11vnc/misc/enhanced_tightvnc_viewer/README new file mode 100644 index 0000000..ff3dc39 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/README @@ -0,0 +1,228 @@ + Enhanced TightVNC Viewer package + +Copyright (c) Karl J. Runge <runge@karlrunge.com> +All rights reserved. + +These packages provide 1) An enhanced TightVNC Viewer on Unix, 2) Binaries +for many Operating Systems (including Windows) for your convenience, +3) Wrapper scripts and etc. for gluing them all together. + +One can straight-forwardly download all of the components and get them +to work together by oneself: this package is mostly for your convenience +to combine and wrap together the freely available software. + +Bundled software co-shipped in this package is copyright and licensed +by others. See these sites and related ones for more information: + + http://www.tightvnc.com + http://www.realvnc.com + http://www.stunnel.org + http://www.openssl.org + http://www.chiark.greenend.org.uk/~sgtatham/putty/ + +Note: Some of the Windows binaries included contain cryptographic software +that you may not be allowed to download, use, or redistribute. Please +check your situation first before downloading any of these packages. +See the survey http://rechten.uvt.nl/koops/cryptolaw/index.htm for useful +information. The Unix programs do not contain cryptographic software, but +rather will make use of cryptographic libraries that are installed on your +Unix system. Depending on your circumstances you may still need to check. + +All work by Karl J. Runge in this package is Copyright (c) Karl J. Runge +and is licensed under the GPL as described in the file COPYING in this +directory. + +All the files and information in this package are provided "AS IS" +without any warranty of any kind. Use them at your own risk. + + +============================================================================= + +This package contains a convenient collection of enhanced TightVNC viewers +and stunnel binaries for different flavors of Unix and wrapper scripts, +etc to glue them together. SSL and SSH encryption tunnelling is provided. + +Also, a Windows SSL wrapper for the co-bundled TightVNC binary and other +utilities are provided. (Launch ssl_tightvncviewer.exe in the +Windows subdirectory). + + +Features: +-------- + +The enhanced TightVNC viewer features are: + + - SSL support for connections using the co-bundled stunnel program. + + - Automatic SSH connections from the GUI (ssh must already be + installed on Unix; co-bundled plink is used on Windows) + + - rfbNewFBSize VNC support on Unix (screen resizing) + + - cursor alphablending with x11vnc at 32bpp (-alpha option, Unix only) + + - xgrabserver support for fullscreen mode, for old window + managers (-grab option, Unix only). + + - Automatic Service tunnelling via SSH for CUPS and SMB Printing, + ESD/ARTSD Audio, and SMB (Windows/Samba) filesystem mounting. + + - Port Knocking for "closed port" SSH/SSL connections. In addition + to a simple fixed port sequence and one-time-pad implementation, + a hook is also provided to run any port knocking client before a + connecting. + + +Your package should have included binaries for many OS's: Linux, Solaris, +FreeBSD, etc. See the subdirectories of + + ./bin + +for the ones that were shipped in this package, e.g. ./bin/Linux.i686 +Run "uname -sm" to see your OS+arch combination. (See the +./bin/tightvncviewer -h output for how to override platform autodection +via the UNAME env. var). + + +If you need to Build: +-------------------- + +If your OS/arch is not included, the script "build.unix" may be able to +successfully build on for you and deposit the binaries down in ./bin/... +using the included source code. + +You must run the build.unix script from this directory (that this toplevel +README is in) and like this: + + ./build.unix + + +The programs: +------------ + +The wrapper scripts: + + ./bin/ssl_tightvncviewer + ./bin/tightvncviewer + +are the main programs you will run and will try to autodetect your OS+arch +combination and if binaries are present for it automatically use them. +(if not found try the running the build.unix script). + +If you prefer a GUI to prompt for parameters and then start ssl_tightvncviewer +you can run this instead: + + ./bin/ssl_vnc_gui + +this is essentially the same GUI that is run on Windows (the +ssl_tightvncviewer.exe). + +Using the GUI is it impossible to initiate a VNC connection that is not +encrypted with either SSL or SSH. Unencrypted VNC connections can only +be started by manually running the ./bin/tightvncviewer script. + +For convenience, you can make symlinks from a directory in your PATH to +any of the 3 programs above you wish to run. That is all you usually +need to do for it to pick up all of the binaries, utils, etc. E.g. +assuming $HOME/bin is in your $PATH: + + cd $HOME/bin + ln -s /path/to/enhanced_tightvnc_viewer/bin/{s,t}* . + +(note the "." at the end). The above commands is basically the way to +"install" this package on Unix. + + +On Windows run: + + Windows/ssl_tightvncviewer.exe + + +Examples: +-------- + +Use enhanced TightVNC unix viewer to connect to x11vnc via SSL: + + ./bin/ssl_tightvncviewer far-away.east:0 + + ./bin/tightvncviewer -ssl far-away.east:0 (same) + + ./bin/ssl_vnc_gui (start GUI launcher) + +Use enhanced TightVNC unix viewer without SSL: + + ./bin/tightvncviewer far-away.east:0 + +Use SSL to connect to a x11vnc server, and also verify the server's +identity using the SSL Certificate in the file ./x11vnc.pem: + + ./bin/ssl_tightvncviewer -alpha -verify ./x11vnc.pem far-away.east:0 + +(also turns on the viewer-side cursor alphablending hack). + + +Brief description of the subdirectories: +--------------------------------------- + + ./bin/util some utility scripts, e.g. ssl_vncviewer + and ssl_tightvncviewer.tcl + + ./src source code and patches. + ./src/zips zip files of source code and binaries. + + ./src/vnc_unixsrc unpacked tightvnc source code tree. + ./src/stunnel-4.14 unpacked stunnel source code tree. + ./src/patches patches to TightVNC viewer for the new + features on Unix (used by build.unix). + ./src/tmp temporary build dir for build.unix + (the last four are used by build.unix) + + + ./man man pages for TightVNC viewer and stunnel. + + ./Windows Stock TightVNC viewer and Stunnel, Openssl + etc Windows binaries. ssl_tightvncviewer.exe + is the program to run. + +Since they are large, depending on which package you use not all of the +above may be present in your package. + + +Help and Info: +------------- + +For more help on other options and usage patterns run these: + + ./bin/ssl_tightvncviewer -h + ./bin/tightvncviewer -h + ./bin/util/ssl_vncviewer -h + +See also: + + http://www.karlrunge.com/x11vnc + http://www.karlrunge.com/x11vnc/#faq + x11vnc -h | more + + http://www.stunnel.org + http://www.openssl.org + http://www.tightvnc.com + http://www.realvnc.com + http://www.chiark.greenend.org.uk/~sgtatham/putty/ + + +Windows: +------- + + A wrapper to create a STUNNEL tunnel and then launch the + Windows TightVNC viewer is provided in: + + Windows/ssl_tightvncviewer.exe + + Just launch it and fill in the remote VNC display. + + Click the Help buttons for more info. There is also a + Windows/README.txt file. + + On Windows you may need to terminate the STUNNEL process + from the System Tray if the tool cannot terminate it + by itself. Just right-click on the STUNNEL icon. diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/README.txt b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/README.txt new file mode 100644 index 0000000..8710251 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/README.txt @@ -0,0 +1,51 @@ +
+This is a Windows utility to automatically start up STUNNEL to redirect
+SSL VNC connections to a remote host. Then TightVNC Viewer (included)
+is launched to used this SSL tunnel.
+
+An example server would be "x11vnc -ssl", or any VNC server with a
+2nd STUNNEL program running on the server side.
+
+Just click on the program "ssl_tightvncviewer.exe", and then enter
+the remote VNC Server and click "Connect". Click on "Help" for more
+information. You can also set some simple options under "Options ..."
+
+Note that on Windows when the TightVNC viewer disconnects you may need to
+terminate the STUNNEL program manually. To do this: Click on the STUNNEL
+icon (dark green) on the System Tray and then click "Exit". Before that,
+however, you will be prompted if you want ssl_tightvncviewer.exe to try
+to terminate STUNNEL for you. (Note that even if STUNNEL termination is
+successful, the Tray Icon may not go away until the mouse hovers over it!)
+
+With this STUNNEL and TightVNC Viewer wrapper you can also enable using
+SSL Certificates with STUNNEL, and so the connection is not only encrypted
+but it is also not susceptible to man-in-the-middle attacks.
+
+See the STUNNEL and x11vnc documentation for how to create and add SSL
+Certificates (PEM files) for authentication. Click on the "Certs ..."
+button to specify the certificate(s). See the Help there for more info
+and also:
+
+ http://www.karlrunge.com/x11vnc
+ http://www.tightvnc.com
+ http://www.stunnel.org
+ http://www.openssl.org
+ http://www.chiark.greenend.org.uk/~sgtatham/putty/
+
+You can use x11vnc to create certificates if you like:
+
+ http://www.karlrunge.com/x11vnc/#faq-ssl-ca
+
+
+Misc:
+
+ The openssl.exe stunnel.exe vncviewer.exe libeay32.dll
+ libssl32.dll programs came from the websites mentioned above.
+
+ IMPORTANT: some of these binaries may have cryptographic
+ software that you may not be allowed to download or use.
+ See the above websites for more information and also the
+ util/info subdirectories.
+
+ Also, the kill.exe and tlist.exe programs in the w98 directory
+ came from diagnostic tools ftp site of Microsoft's.
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/esound/download.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/esound/download.url new file mode 100644 index 0000000..59f1f6b --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/esound/download.url @@ -0,0 +1 @@ +http://www.tux.org/~ricdude/EsounD.html diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/openssl/download.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/openssl/download.url new file mode 100644 index 0000000..237d4b1 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/openssl/download.url @@ -0,0 +1 @@ +http://www.stunnel.org/download/stunnel/win32/ diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/openssl/location.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/openssl/location.url new file mode 100644 index 0000000..c700866 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/openssl/location.url @@ -0,0 +1 @@ +http://www.stunnel.org/download/binaries.html diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/plink/download.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/plink/download.url new file mode 100644 index 0000000..a23901e --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/plink/download.url @@ -0,0 +1 @@ +http://www.chiark.greenend.org.uk/%7esgtatham/putty/download.html diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/plink/licence.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/plink/licence.url new file mode 100644 index 0000000..2efcc31 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/plink/licence.url @@ -0,0 +1 @@ +http://www.chiark.greenend.org.uk/%7esgtatham/putty/licence.html diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/stunnel/download.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/stunnel/download.url new file mode 100644 index 0000000..237d4b1 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/stunnel/download.url @@ -0,0 +1 @@ +http://www.stunnel.org/download/stunnel/win32/ diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/stunnel/location.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/stunnel/location.url new file mode 100644 index 0000000..c700866 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/stunnel/location.url @@ -0,0 +1 @@ +http://www.stunnel.org/download/binaries.html diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/vncviewer/download.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/vncviewer/download.url new file mode 100644 index 0000000..36c60e4 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/vncviewer/download.url @@ -0,0 +1 @@ +http://www.tightvnc.com/download.html diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/vncviewer/location.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/vncviewer/location.url new file mode 100644 index 0000000..a686ae0 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/vncviewer/location.url @@ -0,0 +1 @@ +http://www.tightvnc.com diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/stunnel-client.conf b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/stunnel-client.conf new file mode 100644 index 0000000..7517e23 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/stunnel-client.conf @@ -0,0 +1,43 @@ +# +# Example SSL stunnel CLIENT configuration file. (you run stunnel on +# this machine and point your vnc viewer to it, it goes to remote VNC +# server via SSL) +# +# To use this file you will need to edit it. Then you will need +# to manually start up stunnel using it. +# (e.g. /path/to/stunnel stunnel-server.conf) +# +# This is just an example and is not used by the tools in this package. +# It is here to show how to create outgoing SSL connections to remote +# VNC servers when not using the tools in this package. +# +client = yes +options = ALL +RNDbytes = 2048 +RNDfile = bananarand.bin +RNDoverwrite = yes +# +# Remote server certs could go here: +# CApath = /path/to/.../crt-dir +# CAfile = /path/to/.../foo.crt +# verify = 2 +# My cert could go here: +# cert = /path/to/.../my.pem +# +[vnc] +# +# Set to local listening port number (e.g. 5900 for vnc display 0): +# +accept = localhost:5900 +# +# Set to remote host:port to connect to (e.g. far-away.east:5900): +# (this is where the VNC server is. :0 -> port 5900, etc) +# +connect = HOST:PORT +delay = no +# +# You could add additional ones going to other VNC servers: +# [vnc2] +# accept = localhost:5901 +# connect = HOST2:PORT2 +# etc ... diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/stunnel-server.conf b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/stunnel-server.conf new file mode 100644 index 0000000..8e5dd50 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/stunnel-server.conf @@ -0,0 +1,34 @@ +# +# Example SSL stunnel SERVER configuration file. (e.g. for your VNC +# server on this same machine.) +# +# To use this file you may need to edit it. Then you will need +# to manually start up stunnel using it. +# (e.g. /path/to/stunnel stunnel-server.conf) +# +# This is just an example and is not used by the tools in this package. +# It is here in case you wanted to see how to add SSL support to any +# VNC server you have. +# +RNDbytes = 2048 +RNDfile = bananarand.bin +RNDoverwrite = yes +# +# Remote client certs could go here: +# CApath = /path/to/.../crt-dir +# CAfile = /path/to/.../foo.crt +# verify = 2 +# My server cert could go here: +# cert = /path/to/.../my.pem +# +[vnc] +# +# Set to local listening port number (e.g. 5901 for vnc display 1): +# so the remote viewers would connect to: yourmachine:1 +# +accept = 5901 +# +# Set to localhost:port to connect to VNC server on this same machine: +# (E.g. you run WinVNC on :0, preferably listening on localhost). +# +connect = localhost:5900 diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/w98/location.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/w98/location.url new file mode 100644 index 0000000..eb94b91 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/w98/location.url @@ -0,0 +1 @@ +ftp://ftp.microsoft.com/Services/TechNet/samples/PS/Win98/Reskit/DIAGNOSE/ diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssl_tightvncviewer b/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssl_tightvncviewer new file mode 100755 index 0000000..8472853 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssl_tightvncviewer @@ -0,0 +1,124 @@ +#!/bin/sh +# +# Copyright (c) 2006 by Karl J. Runge <runge@karlrunge.com> +# +# ssl_tightvncviewer: +# +# A wrapper that calls ssl_vncviewer to use the enhanced TightVNC viewer. +# +# The enhanced TightVNC viewer features are: +# +# - SSL support for connections using the co-bundled stunnel program. +# - rfbNewFBSize VNC support (screen resizing) +# - cursor alphablending with x11vnc at 32bpp +# - xgrabserver support for fullscreen mode (for old window mgrs) +# +# +# Your platform (e.g. Linux.i686) is autodetected and enhanced +# vncviewer and stunnel binaries for it are used (see the ./bin directory). +# +# See the build.unix script if your platform is not in this package. +# You can also set the env. var. UNAME=os.arch to any "os.arch" you want +# to override the autodetetion. +# +# Usage: +# +# ssl_tightvncviewer [ssl_vncviewer-args] hostname:N [tightvncviewer-args] +# +# "hostname:N" is the host and VNC display to connect to, e.g. snoopy:0 +# +# See the script util/ssl_vncviewer for details about its arguments: +# +# -verify pemfile +# -mycert pemfile +# -proxy phost:pport +# -alpha +# -grab +# +# +# See the TightVNC viewer documentation for on its cmdline arguments. +# +# For convenience, here is the current (7/2006) TightVNC viewer -help output: +# +# TightVNC viewer version 1.3dev5 +# +# Usage: vncviewer [<OPTIONS>] [<HOST>][:<DISPLAY#>] +# vncviewer [<OPTIONS>] [<HOST>][::<PORT#>] +# vncviewer [<OPTIONS>] -listen [<DISPLAY#>] +# vncviewer -help +# +# <OPTIONS> are standard Xt options, or: +# -via <GATEWAY> +# -shared (set by default) +# -noshared +# -viewonly +# -fullscreen +# -noraiseonbeep +# -passwd <PASSWD-FILENAME> (standard VNC authentication) +# -user <USERNAME> (Unix login authentication) +# -encodings <ENCODING-LIST> (e.g. "tight copyrect") +# -bgr233 +# -owncmap +# -truecolour +# -depth <DEPTH> +# -compresslevel <COMPRESS-VALUE> (0..9: 0-fast, 9-best) +# -quality <JPEG-QUALITY-VALUE> (0..9: 0-low, 9-high) +# -nojpeg +# -nocursorshape +# -x11cursor +# -autopass +# +# Option names may be abbreviated, e.g. -bgr instead of -bgr233. +# See the manual page for more information. +# + +if [ "X$1" = "X-h" -o "X$1" = "X-help" -o "X$1" = "X--help" ]; then + head -70 "$0" | grep -v bin/sh + exit +fi + +# Include /usr/bin... to be sure to get regular utilities: +# +PATH=$PATH:/usr/bin:/bin +export PATH + +# Set this for ssl_vncviewer to pick up: +# +VNCVIEWERCMD="vncviewer" +export VNCVIEWERCMD + +# work out os.arch platform string and check for binaries: +# +name=$UNAME +if [ "X$name" = "X" ]; then + name=`uname -sm | sed -e 's/ /./'` +fi + +if [ -L "$0" ]; then + d=`dirname "\`ls -l "$0" | sed -e 's/^.* -> //'\`"` + if echo "$d" | grep '^/' > /dev/null; then + dir="$d" + else + dir="`dirname "$0"`/$d" + fi +else + dir=`dirname "$0"` +fi +if [ ! -d "$dir/$name" ]; then + echo "cannot find platform dir: $dir/$name for your OS:" + uname -sm + echo "you can set the \$UNAME env. var. to override the setting." + exit 1 +fi + +# Put our os.arch and other utils dirs at head of PATH to be sure to +# pick them up: +# +PATH="$dir:$dir/$name:$dir/util:$PATH" + +STUNNEL_EXTRA_OPTS=${STUNNEL_EXTRA_OPTS:-"maxconn = 1"} +export STUNNEL_EXTRA_OPTS + +# Force the use of tight encoding for localhost redir connection: +# +ssl_vncviewer "$@" -encodings 'copyrect tight zrle zlib hextile' diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssl_vnc_gui b/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssl_vnc_gui new file mode 100755 index 0000000..abdb2d3 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssl_vnc_gui @@ -0,0 +1,64 @@ +#!/bin/sh +# +# Copyright (c) 2006 by Karl J. Runge <runge@karlrunge.com> +# +# ssl_vnc_gui: +# +# A wrapper for ssl_tightvncviewer using a tcl/tk gui. +# +# See ssl_tightvncviewer for details. +# +if [ "X$XTERM_PRINT" != "X" ]; then + XTERM_PRINT="" + cat > /dev/null +fi +if [ "X$1" = "X-bg" ]; then + shift + $0 "$@" & + exit 0 +fi + +PATH=$PATH:/usr/bin:/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/openwin/bin +export PATH + +SSL_VNC_GUI_CMD="$0 $*" +export SSL_VNC_GUI_CMD +SSL_VNC_LAUNCH=$SSL_VNC_GUI_CMD +export SSL_VNC_LAUNCH + +# work out os.arch platform string and check for binaries: +# +name=$UNAME +if [ "X$name" = "X" ]; then + name=`uname -sm | sed -e 's/ /./'` +fi + +if [ -L "$0" ]; then + d=`dirname "\`ls -l "$0" | sed -e 's/^.* -> //'\`"` + if echo "$d" | grep '^/' > /dev/null; then + dir="$d" + else + dir="`dirname "$0"`/$d" + fi +else + dir=`dirname "$0"` +fi +if [ ! -d "$dir/$name" ]; then + echo "cannot find platform dir: $dir/$name for your OS:" + uname -sm + echo "you can set the \$UNAME env. var. to override the setting." + exit 1 +fi + +# Put our os.arch and other utils dirs at head of PATH to be sure to +# pick them up: +# +PATH="$dir:$dir/$name:$dir/util:$PATH" + +SSL_VNC_BASEDIR="$dir" +export SSL_VNC_BASEDIR + +STUNNEL_EXTRA_OPTS=${STUNNEL_EXTRA_OPTS:-"maxconn = 1"} +export STUNNEL_EXTRA_OPTS + +exec ssl_tightvncviewer.tcl "$@" diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/bin/tightvncviewer b/x11vnc/misc/enhanced_tightvnc_viewer/bin/tightvncviewer new file mode 100755 index 0000000..8ba6d56 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/bin/tightvncviewer @@ -0,0 +1,129 @@ +#!/bin/sh +# +# Copyright (c) 2006 by Karl J. Runge <runge@karlrunge.com> +# +# tightvncviewer: +# +# A wrapper that calls the enhanced TightVNC viewer. +# +# The enhanced TightVNC viewer features are: +# +# - SSL support for connections using the co-bundled stunnel program. +# - rfbNewFBSize VNC support (screen resizing) +# - cursor alphablending with x11vnc at 32bpp +# - xgrabserver support for fullscreen mode (for old window mgrs) +# +# +# Your platform (e.g. Linux.i686) is autodetected and enhanced +# vncviewer and stunnel binaries for it are used (see the ./bin directory). +# +# See the build.unix script if your platform is not in this package if +# you want to build one. +# +# See the build.unix script if your platform is not in this package if you want to build one. +# You can also set the env. var. UNAME=os.arch to any "os.arch" you want +# to override the autodetetion. +# +# Usage: +# +# tightvncviewer [tightvncviewer-args] hostname:N +# or +# tightvncviewer -ssl hostname:N [tightvncviewer-args] +# +# "hostname:N" is the host and VNC display to connect to, e.g. snoopy:0 +# +# If the first argument is "-ssl" then ssl_tightvncviewer is called +# instead. See that script for details. +# +# See the TightVNC viewer documentation for on its cmdline arguments. +# +# For convenience, here is the current (7/2006) TightVNC viewer -help output: +# +# TightVNC viewer version 1.3dev5 +# +# Usage: vncviewer [<OPTIONS>] [<HOST>][:<DISPLAY#>] +# vncviewer [<OPTIONS>] [<HOST>][::<PORT#>] +# vncviewer [<OPTIONS>] -listen [<DISPLAY#>] +# vncviewer -help +# +# <OPTIONS> are standard Xt options, or: +# -via <GATEWAY> +# -shared (set by default) +# -noshared +# -viewonly +# -fullscreen +# -noraiseonbeep +# -passwd <PASSWD-FILENAME> (standard VNC authentication) +# -user <USERNAME> (Unix login authentication) +# -encodings <ENCODING-LIST> (e.g. "tight copyrect") +# -bgr233 +# -owncmap +# -truecolour +# -depth <DEPTH> +# -compresslevel <COMPRESS-VALUE> (0..9: 0-fast, 9-best) +# -quality <JPEG-QUALITY-VALUE> (0..9: 0-low, 9-high) +# -nojpeg +# -nocursorshape +# -x11cursor +# -autopass +# +# Option names may be abbreviated, e.g. -bgr instead of -bgr233. +# See the manual page for more information. +# + +if [ "X$1" = "X-h" -o "X$1" = "X-help" -o "X$1" = "X--help" ]; then + head -69 "$0" | grep -v bin/sh + exit +fi + +# Include /usr/bin... to be sure to get regular utilities: +# +PATH=$PATH:/usr/bin:/bin +export PATH + +# Set this for ssl_vncviewer to pick up: +# +VNCVIEWERCMD="vncviewer" +export VNCVIEWERCMD + +# work out os.arch platform string and check for binaries: +# +name=$UNAME +if [ "X$name" = "X" ]; then + name=`uname -sm | sed -e 's/ /./'` +fi + +if [ -L "$0" ]; then + d=`dirname "\`ls -l "$0" | sed -e 's/^.* -> //'\`"` + if echo "$d" | grep '^/' > /dev/null; then + dir="$d" + else + dir="`dirname "$0"`/$d" + fi +else + dir=`dirname "$0"` +fi +if [ ! -d "$dir/$name" ]; then + echo "cannot find platform dir: $dir/$name for your OS:" + uname -sm + echo "you can set the \$UNAME env. var. to override the setting." + exit 1 +fi + +# Put our os.arch and other utils dirs at head of PATH to be sure to +# pick them up: +# +PATH="$dir:$dir/$name:$dir/util:$PATH" + +if [ "X$1" = "X-ssl" ]; then + shift + ssl_tightvncviewer "$@" + exit $? +fi + +STUNNEL_EXTRA_OPTS=${STUNNEL_EXTRA_OPTS:-"maxconn = 1"} +export STUNNEL_EXTRA_OPTS + +# Force the use of tight encoding for localhost redir connection: +# +vncviewer -encodings 'copyrect tight zrle zlib hextile' "$@" diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ssl_tightvncviewer.tcl b/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ssl_tightvncviewer.tcl new file mode 100755 index 0000000..bd9f5c9 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ssl_tightvncviewer.tcl @@ -0,0 +1,5031 @@ +#!/bin/sh +# the next line restarts using wish \ +exec wish "$0" "$@" + +# +# Copyright (c) 2006 by Karl J. Runge <runge@karlrunge.com> +# +# ssl_tightvncviewer.tcl: gui wrapper to the , etc. programs in this +# ssl_tightvncviewerpackage. Also sets up service port forwarding. +# + +set buck_zero $argv0 + +proc center_win {w} { + set W [winfo screenwidth $w] + set W [expr $W + 1] + wm geometry $w +$W+0 + update + set x [expr [winfo screenwidth $w]/2 - [winfo width $w]/2] + set y [expr [winfo screenheight $w]/2 - [winfo height $w]/2] + wm geometry $w +$x+$y + update +} + +proc apply_bg {w} { + global is_windows system_button_face + if {$is_windows && $system_button_face != ""} { + catch {$w configure -bg "$system_button_face"} + } +} + +proc scroll_text {fr {w 80} {h 35}} { + global help_font is_windows + + catch {destroy $fr} + + frame $fr -bd 0 + + eval text $fr.t -width $w -height $h $help_font \ + -setgrid 1 -bd 2 -yscrollcommand {"$fr.y set"} -relief ridge + + apply_bg $fr.t + + scrollbar $fr.y -orient v -relief sunken -command "$fr.t yview" + pack $fr.y -side right -fill y + pack $fr.t -side top -fill both -expand 1 + + focus $fr.t +} + +proc scroll_text_dismiss {fr {w 80} {h 35}} { + global help_font + + scroll_text $fr $w $h + + set up $fr + regsub {\.[^.]*$} $up "" up + + button $up.d -text "Dismiss" -command "destroy $up" + bind $up <Escape> "destroy $up" + pack $up.d -side bottom -fill x + pack $fr -side top -fill both -expand 1 +} + +proc help {} { + catch {destroy .h} + toplevel .h + + scroll_text_dismiss .h.f + + center_win .h + wm title .h "SSL TightVNC Viewer Help" + + set msg { + Enter the VNC host and display in the 'VNC Server' entry box. + + It is of the form "host:number", where "host" is the hostname of the + machine running the VNC Server and "number" is the VNC display number; + it is often "0". Examples: + + snoopy:0 + far-away.east:0 + sunray-srv1.west:17 + 24.67.132.27:0 + + Then click on "Connect". When you do so the STUNNEL program will be + started locally to provide you with an outgoing SSL tunnel. + + Once the STUNNEL is running, the TightVNC Viewer will be automatically + started directed to the local SSL tunnel which, in turn, encrypts and + redirects the connection to the remote VNC server. + + The remote VNC server must support an initial SSL handshake before + using the VNC protocol (i.e. VNC is tunnelled through the SSL channel + after it is established). "x11vnc -ssl ..." does this, and any VNC + server can be made to do this by using, e.g., STUNNEL on the remote side. + + Click on "Options ..." if you want to use an *SSH* tunnel instead of + SSL (then the VNC Server does not need to speak SSL or use STUNNEL). + + + Note that on Windows when the Viewer connection is finished you may + need to terminate STUNNEL manually from the System Tray (right click + on dark green icon) and selecting "Exit". + + + Proxies: If an intermediate proxy is needed to make the SSL connection + (e.g. web gateway out of a firewall), supply both hosts separated + by spaces (with the proxy 2nd): + + host:number gwhost:port + + E.g.: far-way.east:0 mygateway.com:8080 + + See the ssl_vncviewer description and x11vnc FAQ for info on proxies: + + http://www.karlrunge.com/x11vnc/#ssl_vncviewer + http://www.karlrunge.com/x11vnc/#faq-ssl-java-viewer-proxy + + + If you want to use a SSL Certificate (PEM) file to authenticate yourself + to the VNC server ("MyCert") or to verify the identity of the VNC Server + ("ServerCert" or "CertsDir") import the certificate file by clicking + the "Certs ..." button before connecting. + + Certificate verification is needed to prevent Man In the Middle attacks. + See the x11vnc documentation: + + http://www.karlrunge.com/x11vnc/ssl.html + + for how to create and use PEM SSL certificate files. An easy way is: + + x11vnc -ssl SAVE ... + + where it will print out its automatically generated certificate to + the screen and that can be safely copied to the viewer side. + + + To set other Options, e.g. to use SSH instead of STUNNEL SSL, + click on the "Options ..." button and read the Help there. + + See these links for more information: + + http://www.karlrunge.com/x11vnc/#faq-ssl-tunnel-ext + http://www.stunnel.org + http://www.tightvnc.com + + + Tips: + + 1) On Unix to get a 2nd GUI (e.g. for a 2nd connection) press Ctrl-N + on the GUI. If only the xterm window is visible you can press + Ctrl-N or try Ctrl-LeftButton -> New SSL_VNC_GUI. On Windows you + will have to manually Start a new one: Start -> Run ..., etc. + + 2) If you use "user@hostname cmd=SHELL" then you get an SSH shell only: + no VNC viewer will be launched. On Windows "user@hostname cmd=PUTTY" + will try to use putty.exe (better terminal emulation than plink.exe) + A shortcut for this is Ctrl-S. +} + + .h.f.t insert end $msg + #raise .h +} + +proc help_certs {} { + catch {destroy .ch} + toplevel .ch + + scroll_text_dismiss .ch.f 90 33 + + center_win .ch + wm resizable .ch 1 0 + + wm title .ch "SSL Certificates Help" + + set msg { + Only with SSL Certificate verification can Man In the Middle attacks be + prevented. Otherwise, only passive snooping attacks are prevented with SSL. + + You can specify your own SSL certificate (PEM) file in "MyCert" in which case it + is used to authenticate you (the viewer) to the remote VNC Server. If this fails + the remote VNC Server will drop the connection. + + Server certs can be specified in one of two ways: + + - A single certificate (PEM) file for a single server + or a single Certificate Authority (CA) + + - A directory of certificate (PEM) files stored in + the special OpenSSL hash fashion. + + + The former is set via "ServerCert" in this gui. + The latter is set via "CertsDir" in this gui. + + The former corresponds to the "CAfile" STUNNEL parameter. + The latter corresponds to the "CApath" STUNNEL parameter. + See stunnel(8) or www.stunnel.org for more information. + + If the remote VNC Server fails to authenticate itself with respect to the specified + certificate(s), then the VNC Viewer (your side) will drop the connection. + + If "Use SSH instead" has been selected then SSL certs are disabled. + + See the x11vnc and STUNNEL documentation for how to create and use PEM + certificate files: + + http://www.karlrunge.com/x11vnc/#faq-ssl-tunnel-ext + http://www.karlrunge.com/x11vnc/ssl.html + http://www.stunnel.org +} + + .ch.f.t insert end $msg + #raise .ch +} + +proc help_opts {} { + catch {destroy .oh} + toplevel .oh + + scroll_text_dismiss .oh.f + + center_win .oh + + wm title .oh "SSL Viewer Options Help" + +set msg { + Use SSH: Instead of using STUNNEL SSL, use ssh(1) for the encrypted + tunnel. You must be able to log in via ssh to the remote host. + + On Unix the cmdline ssh(1) program will be run in an xterm + for authentication, etc. On Windows the cmdline plink.exe + program will be launched in a Windows Console window. + + You can set the "VNC Server" to "user@host:disp" to indicate + ssh should log in as "user" on "host". On Windows you must + always supply the "user@" part (due to a plink deficiency). E.g.: + + fred@far-away.east:0 + + If a gateway machine must be used (e.g. to enter a firewall; + the VNC Server is not running on it), put something like this + in the "VNC Server" entry box: + + workstation:0 user@gateway-host:port + + ssh is used to login to user@gateway-host and then a -L port + redirection is set up to go to workstation:0 from gateway-host. + ":port" is optional, use it if the gateway-host SSH port is + not the default value 22. + + At the very end of the entry box, you can also append a + cmd=... string to indicate that command should be run via ssh + on the remote machine instead of the default "sleep 15". E.g.: + + user@host:0 cmd=x11vnc -nopw -display :0 + + (if a gateway is also needed, put it just before the cmd=...) + + Trick: If you use "cmd=SHELL" then you get an SSH shell only: + no VNC viewer will be launched. On Windows "cmd=PUTTY" will + try to use putty.exe (better terminal emulation than plink.exe) + Ctrl-S is a shortcut for this. + + Use SSH and SSL: Tunnel the SSL connection through a SSH tunnel. Use this + if you want end-to-end SSL and must use a SSH gateway (e.g. to + enter a firewall) or if additional SSH port redirs are required + (CUPS, Sound, SMB tunnelling: See Advanced options). + + + Putty PW: On Windows only: use the supplied password for plink SSH logins. + Unlike the other options the value is not saved when 'Save + Profile' is used. This feature useful when options under + "Advanced" are set that require 2 SSH's: you just have + to type the password once in this entry box. The bundled + pagent.exe and puttygen.exe programs can also be used to avoid + repeatedly entering passwords (note this requires setting up + and distributing SSH keys). Start up pagent.exe or puttygen.exe + and read the instructions there. + + ssh-agent: On Unix only: restart the GUI in the presence of ssh-agent(1) + (e.g. in case you forgot to start your agent before starting + this GUI). An xterm will be used to enter passphrases, etc. + This can avoid repeatedly entering passphrases for the + SSH logins (note this requires setting up and distributing + SSH keys). + + + View Only: Have VNC Viewer ignore mouse and keyboard input. + + Fullscreen: Start the VNC Viewer in fullscreen mode. + + Raise On Beep: Deiconify viewer when bell rings. + + Use 8bit color: Request a very low-color pixel format. + + Cursor Alphablending: Use the x11vnc alpha hack for translucent cursors + (requires Unix, 32bpp and same endianness) + + Use XGrabServer: On Unix only, use the XGrabServer workaround for + old window managers. + + Do not use JPEG: Do not use the jpeg aspect of the tight encoding. + + Compress Level/Quality: Set TightVNC encoding parameters. + + + Save and Load: You can Save the current settings by clicking on Save + Profile (.vnc file) and you can also read in a saved one + with Load Profile. + + Clear Options: Set all options to their defaults (i.e. unset). + + Advanced: Bring up the Advanced options dialog. +} + .oh.f.t insert end $msg + #raise .oh +} + +proc win_nokill_msg {} { + global help_font is_windows system_button_face + catch {destroy .w} + toplevel .w + + eval text .w.t -width 60 -height 11 $help_font + button .w.d -text "Dismiss" -command {destroy .w} + pack .w.t .w.d -side top -fill x + + apply_bg .w.t + + center_win .w + wm resizable .w 1 0 + + wm title .w "SSL Viewer: Warning" + + set msg { + The TightVNC Viewer has exited. + + You will need to terminate STUNNEL manually. + + To do this go to the System Tray and right-click on the STUNNEL + icon (dark green). Then click "Exit". + + You can also double click on the STUNNEL icon to view the log + for error messages and other information. +} + .w.t insert end $msg + #raise .w +} + +proc win_kill_msg {pids} { + global terminate_pids + global help_font + catch {destroy .w} + toplevel .w + + eval text .w.t -width 72 -height 19 $help_font + button .w.d -text "Dismiss" -command {destroy .w; set terminate_pids no} + button .w.k -text "Terminate STUNNEL" -command {destroy .w; set terminate_pids yes} + pack .w.t .w.k .w.d -side top -fill x + + apply_bg .w.t + + center_win .w + wm resizable .w 1 0 + + wm title .w "SSL Viewer: Warning" + + set msg { + The TightVNC Viewer has exited. + + We can terminate the following still running STUNNEL process(es): + +} + append msg " $pids\n" + + append msg { + Click on the "Terminate STUNNEL" button below to do so. + + Before terminating STUNNEL you can double click on the STUNNEL + Tray icon to view its log for error messages and other information. + + Note: You may STILL need to terminate STUNNEL manually if we are + unable to kill it. To do this go to the System Tray and right-click + on the STUNNEL icon (dark green). Then click "Exit". You will + probably also need to hover the mouse over the STUNNEL Tray Icon to + make the Tray notice STUNNEL is gone... +} + .w.t insert end $msg + #raise .w +} + +proc win9x_plink_msg {file} { + catch {destroy .pl} + global help_font win9x_plink_msg_done + toplevel .pl + + eval text .pl.t -width 90 -height 26 $help_font + button .pl.d -text "OK" -command {destroy .pl; set win9x_plink_msg_done 1} + wm protocol .pl WM_DELETE_WINDOW {catch {destroy .pl}; set win9x_plink_msg_done 1} + pack .pl.t .pl.d -side top -fill x + + apply_bg .pl.t + + center_win .pl + wm resizable .pl 1 0 + + wm title .pl "SSL Viewer: Win9x Warning" + + set msg { + Due to limitations on Window 9x you will have to manually start up + a COMMAND.COM terminal and paste in the following command: + +} + set pwd [pwd] + regsub -all {/} $pwd "\\" pwd + append msg " $pwd\\$file\n" + + append msg { + The reason for this is a poor Console application implementation that + affects many text based applications. + + To start up a COMMAND.COM terminal, click on the Start -> Run, and then + type COMMAND in the entry box and hit Return or click OK. + + To select the above command, highlight it with the mouse and then press + Ctrl-C. Then go over the the COMMAND.COM window and click on the + Clipboard paste button. Once pasted in, press Return to run the script. + + This will start up a PLINK.EXE ssh login to the remote computer, + and after you log in successfully and indicate (QUICKLY!!) that the + connection is OK by clicking OK in this dialog. If the SSH connection + cannot be autodetected you will ALSO need to click "Success" in the + "plink ssh status?" dialog, the VNC Viewer will be started going + through the SSH tunnel. +} + .pl.t insert end $msg + wm deiconify .pl +} + +proc mesg {str} { + set maxx 53 + if {[string length $str] > $maxx} { + set str [string range $str 0 $maxx] + append str " ..." + } + .l configure -text $str + update +} + +proc get_ssh_hp {str} { + set str [string trim $str] + regsub {[ ].*$} $str "" str + return $str +} + +proc get_ssh_cmd {str} { + set str [string trim $str] + if [regexp {cmd=(.*$)} $str m cmd] { + set cmd [string trim $cmd] + regsub -nocase {^%x11vncr$} $cmd "x11vnc -nopw -display none -rawfb rand" cmd + regsub -nocase {^%x11vnc$} $cmd "x11vnc -nopw -display none -rawfb null" cmd + return $cmd + } else { + return "" + } +} + +proc get_ssh_proxy {str} { + set str [string trim $str] + regsub {cmd=(.*$)} $str "" str + set str [string trim $str] + if { ![regexp {[ ]} $str]} { + return "" + } + regsub {^.*[ ][ ]*} $str "" str + return $str +} + +proc set_defaults {} { + global mycert svcert crtdir + global use_alpha use_grab use_ssh use_sshssl use_viewonly use_fullscreen use_bgr233 + global use_nojpeg use_raise_on_beep use_compresslevel use_quality + global compresslevel_text quality_text + global use_cups use_sound use_smbmnt + global cups_local_server cups_remote_port cups_manage_rcfile + global cups_local_smb_server cups_remote_smb_port + global change_vncviewer change_vncviewer_path vncviewer_realvnc4 + global additional_port_redirs additional_port_redirs_list + global sound_daemon_remote_cmd sound_daemon_remote_port sound_daemon_kill sound_daemon_restart + global sound_daemon_local_cmd sound_daemon_local_port sound_daemon_local_kill sound_daemon_local_start + global smb_su_mode smb_mount_list + global use_port_knocking port_knocking_list + + set use_ssh 0 + set use_sshssl 0 + putty_pw_entry check + + set use_viewonly 0 + set use_fullscreen 0 + set use_raise_on_beep 0 + set use_bgr233 0 + set use_alpha 0 + set use_grab 0 + set use_nojpeg 0 + set use_compresslevel "default" + set use_quality "default" + set compresslevel_text "Compress Level: $use_compresslevel" + set quality_text "Quality: $use_quality" + + set mycert "" + set svcert "" + set crtdir "" + + set use_cups 0 + set use_sound 0 + set use_smbmnt 0 + + set change_vncviewer 0 + set change_vncviewer_path "" + set cups_manage_rcfile 0 + set vncviewer_realvnc4 0 + + set additional_port_redirs 0 + set additional_port_redirs_list "" + + set cups_local_server "" + set cups_remote_port "" + set cups_local_smb_server "" + set cups_remote_smb_port "" + + set smb_su_mode "su" + set smb_mount_list "" + + set sound_daemon_remote_cmd "" + set sound_daemon_remote_port "" + set sound_daemon_kill 0 + set sound_daemon_restart 0 + + set sound_daemon_local_cmd "" + set sound_daemon_local_port "" + set sound_daemon_local_start 0 + set sound_daemon_local_kill 0 + + set use_port_knocking 0 + set port_knocking_list "" +} + +proc do_viewer_windows {n} { + global use_alpha use_grab use_ssh use_sshssl use_viewonly use_fullscreen use_bgr233 + global use_nojpeg use_raise_on_beep use_compresslevel use_quality + global change_vncviewer change_vncviewer_path vncviewer_realvnc4 + + set cmd "vncviewer" + if {$change_vncviewer && $change_vncviewer_path != ""} { + set cmd [string trim $change_vncviewer_path] + regsub -all {\\} $cmd {/} cmd + if {[regexp {[ \t]} $cmd]} { + if {[regexp -nocase {\.exe$} $cmd]} { + if {! [regexp {["']} $cmd]} { #" + # hmmm, not following instructions, are they? + set cmd "\"$cmd\"" + } + } + } + } + if {$use_viewonly} { + if {$vncviewer_realvnc4} { + append cmd " viewonly=1" + } else { + append cmd " /viewonly" + } + } + if {$use_fullscreen} { + if {$vncviewer_realvnc4} { + append cmd " fullscreen=1" + } else { + append cmd " /fullscreen" + } + } + if {$use_bgr233} { + if {$vncviewer_realvnc4} { + append cmd " lowcolourlevel=1" + } else { + append cmd " /8bit" + } + } + if {$use_nojpeg} { + if {! $vncviewer_realvnc4} { + append cmd " /nojpeg" + } + } + if {$use_raise_on_beep} { + if {! $vncviewer_realvnc4} { + append cmd " /belldeiconify" + } + } + if {$use_compresslevel != "" && $use_compresslevel != "default"} { + if {$vncviewer_realvnc4} { + append cmd " zliblevel=$use_compresslevel" + } else { + append cmd " /compresslevel $use_compresslevel" + } + } + if {$use_quality != "" && $use_quality != "default"} { + if {! $vncviewer_realvnc4} { + append cmd " /quality $use_quality" + } + } + append cmd " localhost:$n" + + mesg $cmd + set emess "" + set rc [catch {eval exec $cmd} emess] + if {$rc != 0} { + tk_messageBox -type ok -icon error -message $emess -title "Error: $cmd" + } +} + +proc get_netstat {} { + set ns "" + catch {set ns [exec netstat -an]} + return $ns +} + +proc get_ipconfig {} { + global is_win9x + set ip "" + if {! $is_win9x} { + catch {set ip [exec ipconfig]} + return $ip + } + + set file "ip" + append file [pid] + append file ".txt" + + catch {[exec winipcfg /Batch $file]} + + if [file exists $file] { + set fh [open $file "r"] + while {[gets $fh line] > -1} { + append ip "$line\n" + } + close $fh + catch {file delete $file} + } + return $ip +} + +proc guess_nat_ip {} { + global save_nat last_save_nat + set s "" + + if {! [info exists save_nat]} { + set save_nat "" + set last_save_nat 0 + } + if {$save_nat != ""} { + set now [clock seconds] + if {$now < $last_save_nat + 45} { + return $save_nat + } + } + set s "" + catch {set s [socket "www.whatismyip.com" 80]} + set ip "unknown" + if {$s != ""} { + fconfigure $s -buffering none + puts $s "GET / HTTP/1.1" + puts $s "Host: www.whatismyip.com" + puts $s "Connection: close" + puts $s "" + flush $s + set on 0 + while { [gets $s line] > -1 } { + if {! $on && [regexp {<HEAD>} $line]} {set on 1} + if {! $on && [regexp {<HTML>} $line]} {set on 1} + if {! $on && [regexp {<TITLE>} $line]} {set on 1} + if {! $on} { + continue; + } + if [regexp {([0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*)} $line ip] { + break + } + } + close $s + } + if {$ip != "unknown"} { + set save_nat $ip + set last_save_nat [clock seconds] + } + return $ip +} + +proc guess_ip {} { + global env is_windows + if {! $is_windows} { + set out "" + set out [get_hostname] + if {$out != ""} { + set hout "" + catch {set hout [exec host $out]} + if {$hout != ""} { + if [regexp {has address ([.0-9][.0-9]*)} $hout mvar ip] { + set ip [string trim $ip] + return $ip + } + } + } + return "" + } else { + set out [get_ipconfig] + set out [string trim $out] + if {$out == ""} { + return "" + } + foreach line [split $out "\n\r"] { + if {[regexp -nocase {IP Address.*:[ \t]*([.0-9][.0-9]*)} $line mvar ip]} { + set ip [string trim $ip] + if [regexp {^[.0]*$} $ip] { + continue + } + if [regexp {127\.0\.0\.1} $ip] { + continue + } + if {$ip != ""} { + return $ip + } + } + } + } +} + +proc windows_start_sound_daemon {file} { + global env + global use_sound sound_daemon_local_cmd sound_daemon_local_start + + regsub {\.bat} $file "snd.bat" file2 + set fh2 [open $file2 "w"] + + puts $fh2 $sound_daemon_local_cmd + puts $fh2 "del $file2" + close $fh2 + + mesg "Starting SOUND daemon..." + if [info exists env(COMSPEC)] { + exec $env(COMSPEC) /c $file2 & + } else { + exec cmd.exe /c $file2 & + } + after 1500 +} + +proc windows_stop_sound_daemon {} { + global env is_win9x + global use_sound sound_daemon_local_cmd sound_daemon_local_start + + set cmd [string trim $sound_daemon_local_cmd] + + regsub {[ \t].*$} $cmd "" cmd + regsub {^.*\\} $cmd "" cmd + regsub {^.*/} $cmd "" cmd + + if {$cmd == ""} { + return + } + + set output [get_task_list] + + foreach line [split $output "\n\r"] { + if [regexp "$cmd" $line] { + if [regexp {(-?[0-9][0-9]*)} $line m p] { + set pids($p) $line + } + } + } + + set count 0 + foreach pid [array names pids] { + mesg "Stopping SOUND pid: $pid" + if {$is_win9x} { + catch {exec w98/kill.exe /f $pid} + } else { + catch {exec tskill.exe $pid} + } + if {$count == 0} { + after 1200 + } else { + after 500 + } + incr count + } +} + +proc contag {} { + global concount + if {! [info exists concount]} { + set concount 0 + } + incr concount + set str [pid] + set str "-$str-$concount" +} + +proc launch_windows_ssh {hp file n} { + global is_win9x + global use_sshssl use_ssh putty_pw + + set hpnew [get_ssh_hp $hp] + set proxy [get_ssh_proxy $hp] + set sshcmd [get_ssh_cmd $hp] + + set vnc_host "localhost" + set vnc_disp $hpnew + regsub {^.*:} $vnc_disp "" vnc_disp + + if {![regexp {^[0-9][0-9]*$} $vnc_disp]} { + if {[regexp {cmd=SHELL} $hp]} { + ; + } elseif {[regexp {cmd=PUTTY} $hp]} { + ; + } else { + mesg "Bad vncdisp, missing :0 ?, $vnc_disp" + bell + return 0 + } + } + + if {$vnc_disp < 200} { + set vnc_port [expr $vnc_disp + 5900] + } else { + set vnc_port $vnc_disp + } + + + set ssh_port 22 + set ssh_host $hpnew + regsub {:.*$} $ssh_host "" ssh_host + + if {$proxy != ""} { + set ssh_host $proxy + regsub {:.*$} $ssh_host "" ssh_host + set ssh_port $proxy + regsub {^.*:} $ssh_port "" ssh_port + if {$ssh_port == ""} { + set ssh_port 22 + } + set vnc_host $hpnew + regsub {:.*$} $vnc_host "" vnc_host + } + + if {![regexp {^[^ ][^ ]*@} $ssh_host]} { + mesg "You must supply a username: user@host..." + bell + return 0 + } + + set verb "-v" + + set pwd "" + if {$is_win9x} { + set pwd [pwd] + regsub -all {/} $pwd "\\" pwd + } + + set use [expr $n + 5900] + + set_smb_mounts + + global use_smbmnt use_sound sound_daemon_kill + set do_pre 0 + if {$use_smbmnt} { + set do_pre 1 + } elseif {$use_sound && $sound_daemon_kill} { + set do_pre 1 + } + + global skip_pre + if {$skip_pre} { + set do_pre 0 + set skip_pre 0 + } + + set pw "" + if {$putty_pw != ""} { + if {! [regexp {"} $putty_pw]} { #" + set pw " -pw \"$putty_pw\"" + } + } + + set tag [contag] + + set file_pre "" + set file_pre_cmd "" + if {$do_pre} { + set setup_cmds [ugly_setup_scripts pre $tag] + + if {$setup_cmds != ""} { + regsub {\.bat} $file "pre.cmd" file_pre_cmd + set fh [open $file_pre_cmd "w"] + puts $fh "$setup_cmds sleep 10; " + close $fh + + regsub {\.bat} $file "pre.bat" file_pre + set fh [open $file_pre "w"] + set plink_str "plink.exe -ssh -C -P $ssh_port -m $file_pre_cmd $verb -t" + + global smb_redir_0 + if {$smb_redir_0 != ""} { + append plink_str " $smb_redir_0" + } + + append plink_str "$pw $ssh_host" + + if {$pw != ""} { + puts $fh "echo off" + } + puts $fh $plink_str + + if {$file_pre_cmd != ""} { + puts $fh "del $file_pre_cmd" + } + puts $fh "del $file_pre" + + close $fh + } + } + + if {$is_win9x} { + set sleep 35 + } else { + set sleep 20 + } + + set setup_cmds [ugly_setup_scripts post $tag] + + set do_shell 0 + if {$sshcmd == "SHELL"} { + set setup_cmds "" + set sshcmd {$SHELL} + set do_shell 1 + } elseif {$sshcmd == "PUTTY"} { + set setup_cmds "" + set do_shell 1 + } + + set file_cmd "" + if {$setup_cmds != ""} { + regsub {\.bat} $file ".cmd" file_cmd + set fh_cmd [open $file_cmd "w"] + + set str $setup_cmds + if {$sshcmd != ""} { + append str " $sshcmd; " + } else { + append str " sleep $sleep; " + } + puts $fh_cmd $str + close $fh_cmd + + set sshcmd $setup_cmds + } + + if {$sshcmd == ""} { + set pcmd "echo; echo SSH connected OK.; echo If this state is not autodetected,; echo Go Click the Success button." + set sshcmd "$pcmd; sleep $sleep" + } + + global use_sound sound_daemon_local_cmd sound_daemon_local_start + if {! $do_shell && ! $is_win9x && $use_sound && $sound_daemon_local_start && $sound_daemon_local_cmd != ""} { + windows_start_sound_daemon $file + } + + set fh [open $file "w"] + if {$is_win9x} { + puts $fh "cd $pwd" + if {$file_pre != ""} { + puts $fh "echo Press Ctrl-C --HERE-- when done with the Pre-Command shell work." + puts $fh "start /w command.com /c $file_pre" + } + } + + global use_cups use_smbmnt + set extra_redirs "" + if {$use_cups} { + append extra_redirs [get_cups_redir] + } + if {$use_sound} { + append extra_redirs [get_sound_redir] + } + global additional_port_redirs + if {$additional_port_redirs} { + append extra_redirs [get_additional_redir] + } + + set plink_str "plink.exe -ssh -P $ssh_port $verb -L $use:$vnc_host:$vnc_port $extra_redirs -t" + if {$extra_redirs != ""} { + regsub {exe} $plink_str "exe -C" plink_str + } + if {$do_shell} { + if {$sshcmd == "PUTTY"} { + if {$is_win9x} { + set plink_str "putty.exe -ssh -C -P $ssh_port $extra_redirs -t $pw $ssh_host" + } else { + set plink_str "start \"putty $ssh_host\" putty.exe -ssh -C -P $ssh_port $extra_redirs -t $pw $ssh_host" + } + } else { + set plink_str "plink.exe -ssh -C -P $ssh_port $extra_redirs -t $pw $ssh_host" + append plink_str { "$SHELL"} + } + } elseif {$file_cmd != ""} { + append plink_str " -m $file_cmd$pw $ssh_host" + } else { + append plink_str "$pw $ssh_host \"$sshcmd\"" + } + + if {$pw != ""} { + puts $fh "echo off" + } + puts $fh $plink_str + if {$file_cmd != ""} { + puts $fh "del $file_cmd" + } + puts $fh "del $file" + close $fh + + catch {destroy .o} + catch {destroy .oa} + + do_port_knock $ssh_host + + if {$is_win9x} { + wm withdraw . + update + win9x_plink_msg $file + global win9x_plink_msg_done + set win9x_plink_msg_done 0 + vwait win9x_plink_msg_done + } else { + global env + set com "cmd.exe" + if [info exists env(COMSPEC)] { + set com $env(COMSPEC) + } + + if {$file_pre != ""} { + exec $com /c $file_pre & + set sl 0 + if {$use_smbmnt} { + global smb_su_mode + if {$smb_su_mode == "su"} { + set sl [expr $sl + 15] + } elseif {$smb_su_mode == "sudo"} { + set sl [expr $sl + 15] + } else { + set sl [expr $sl + 3] + } + } + if {$pw == ""} { + set sl [expr $sl + 5] + } + + set sl [expr $sl + 5] + set st [clock seconds] + set dt 0 + global entered_gui_top + set entered_gui_top 0 + + while {$dt < $sl} { + after 100 + set dt [clock seconds] + set dt [expr $dt - $st] + mesg "Click or Enter when done with 1st SSH $dt/$sl" + update + update idletasks + if {$entered_gui_top != 0 && $dt >= 3} { + mesg "Running 2nd SSH now ..." + after 1000 + break + } + } + mesg "Running 2nd SSH ..." + } + + wm withdraw . + update + exec $com /c $file & + after 1000 + } + + if {$do_shell} { + wm deiconify . + return 1 + } + + catch {destroy .plink} + toplevel .plink + wm title .plink "plink SSH status?" + set wd 37 + label .plink.l1 -anchor w -text "Login via plink/ssh to the remote server" -width $wd + label .plink.l2 -anchor w -text "(supply username and password as needed)." -width $wd + label .plink.l3 -anchor w -text "" -width $wd + label .plink.l4 -anchor w -text "After ssh is set up, AND if the connection" -width $wd + label .plink.l5 -anchor w -text "success is not autodetected, please click" -width $wd + label .plink.l6 -anchor w -text "one of these buttons:" -width $wd + global plink_status + button .plink.fail -text "Failed" -command {destroy .plink; set plink_status no} + button .plink.ok -text "Success" -command {destroy .plink; set plink_status yes} + pack .plink.l1 .plink.l2 .plink.l3 .plink.l4 .plink.l5 .plink.l6 .plink.fail .plink.ok -side top -fill x + + wm geometry .plink +700+500 + wm deiconify .plink + set plink_status "" + set waited 0 + set cnt 0 + while {$waited < 30000} { + after 500 + update + set ns [get_netstat] + set re ":$use" + append re {[ ][ ]*[0:.][0:.]*[ ][ ]*LISTEN} + if [regexp $re $ns] { + set plink_status yes + } + if {$plink_status != ""} { + catch {destroy .plink} + break + } + + if {$waited == 0} { + wm deiconify .plink + } + set waited [expr "$waited + 500"] + + incr cnt + if {$cnt >= 12} { + set cnt 0 + #catch {wm deiconify .plink} + } + } + if {$plink_status == ""} { + vwait plink_status + } + + if {$use_sshssl} { + global launch_windows_ssh_files + if {$file != ""} { + append launch_windows_ssh_files "$file " + } + if {$file_pre != ""} { + append launch_windows_ssh_files "$file_pre " + } + if {$file_pre_cmd != ""} { + append launch_windows_ssh_files "$file_pre_cmd " + } + regsub { *$} $launch_windows_ssh_files "" launch_windows_ssh_files + return 1 + } + + if {$plink_status != "yes"} { + wm deiconify . + } else { + after 1000 + do_viewer_windows $n + wm deiconify . + mesg "Disconnected from $hp" + } + + if {$file != ""} { + catch {file delete $file} + } + if {$file_pre != ""} { + catch {file delete $file_pre} + } + if {$file_pre_cmd != ""} { + catch {file delete $file_pre_cmd} + } + + global sound_daemon_local_kill + if {! $is_win9x && $use_sound && $sound_daemon_local_kill && $sound_daemon_local_cmd != ""} { + windows_stop_sound_daemon + } + return 1 +} + +proc check_ssh_needed {} { + global use_cups use_sound use_smbmnt + global sound_daemon_remote_cmd sound_daemon_remote_port sound_daemon_kill sound_daemon_restart + global sound_daemon_local_cmd sound_daemon_local_port sound_daemon_local_kill sound_daemon_local_start + global cups_local_server cups_remote_port cups_manage_rcfile + global cups_local_smb_server cups_remote_smb_port + global smb_su_mode smb_mount_list + global use_ssh use_sshssl + + if {$use_ssh || $use_sshssl} { + return + } + set must 0 + if {$use_cups} { + if {$cups_local_server != ""} {set must 1} + if {$cups_remote_port != ""} {set must 1} + if {$cups_local_smb_server != ""} {set must 1} + if {$cups_remote_smb_port != ""} {set must 1} + if {$cups_manage_rcfile != ""} {set must 1} + } + if {$use_sound} { + if {$sound_daemon_remote_cmd != ""} {set must 1} + if {$sound_daemon_remote_port != ""} {set must 1} + if {$sound_daemon_kill} {set must 1} + if {$sound_daemon_restart} {set must 1} + if {$sound_daemon_local_cmd != ""} {set must 1} + if {$sound_daemon_local_port != ""} {set must 1} + if {$sound_daemon_local_kill} {set must 1} + if {$sound_daemon_local_start} {set must 1} + } + if {$use_smbmnt} { + if {[regexp {//} $smb_mount_list]} {set must 1} + } + if {$must} { + set use_sshssl 1 + putty_pw_entry check + mesg "Enabling \"Use SSH and SSL\" mode for port redir" + update + bell + after 4000 + } +} + +proc set_smb_mounts {} { + global smb_redir_0 smb_mounts use_smbmnt + + set smb_redir_0 "" + set smb_mounts "" + if {$use_smbmnt} { + set l2 [get_smb_redir] + set smb_redir_0 [lindex $l2 0] + set smb_redir_0 [string trim $smb_redir_0] + set smb_mounts [lindex $l2 1] + } +} + +proc xterm_center_geometry {} { + set sh [winfo screenheight .] + set sw [winfo screenwidth .] + set gw 500 + set gh 300 + set x [expr $sw/2 - $gw/2] + set y [expr $sh/2 - $gh/2] + if {$x < 0} { + set x 10 + } + if {$y < 0} { + set y 10 + } + + return "+$x+$y" +} + +proc smbmnt_wait {tee} { + if {$tee != ""} { + set start [clock seconds] + set cut 30 + while {1} { + set now [clock seconds] + if {$now > $start + $cut} { + break; + } + if [file exists $tee] { + set sz 0 + catch {set sz [file size $tee]} + if {$sz > 50} { + set cut 50 + } + } + set g "" + catch {set g [exec grep vnc-helper-exiting $tee]} + if [regexp {vnc-helper-exiting} $g] { + break + } + after 1000 + } + catch {file delete $tee} + } else { + global smb_su_mode + if {$smb_su_mode == "su"} { + after 15000 + } elseif {$smb_su_mode == "sudo"} { + after 10000 + } + } +} + +proc do_unix_pre {tag proxy hp pk_hp} { + global env smb_redir_0 use_smbmnt + global did_port_knock + + set setup_cmds [ugly_setup_scripts pre $tag] + set c "ssl_vncviewer -ssh" + + if {$proxy == ""} { + set pxy $hp + regsub {:.*$} $pxy "" pxy + set c "$c -proxy '$pxy'" + } else { + set c "$c -proxy '$proxy'" + } + + if {$setup_cmds != ""} { + set env(SSL_VNCVIEWER_SSH_CMD) "$setup_cmds sleep 10" + set env(SSL_VNCVIEWER_SSH_ONLY) 1 + if {$smb_redir_0 != ""} { + set c "$c -sshargs '$smb_redir_0'" + } + + do_port_knock $pk_hp + set did_port_knock 1 + + if {$use_smbmnt} { + set title "SSL VNC Viewer $hp -- SMB MOUNTS" + } else { + set title "SSL VNC Viewer $hp -- Pre Commands" + } + + set tee "" + if {$use_smbmnt} { + set tee $env(HOME) + append tee "/.tee-etv$tag" + set fh "" + catch {set fh [open $tee "w"]} + if {$fh == ""} { + set tee "" + } else { + close $fh + set c "$c | tee $tee" + } + } + + exec xterm -geometry "80x25+100+100" \ + -title "$title" \ + -e sh -c "set -xv; $c" & + + set env(SSL_VNCVIEWER_SSH_CMD) "" + set env(SSL_VNCVIEWER_SSH_ONLY) "" + + if {$use_smbmnt} { + smbmnt_wait $tee + } else { + after 2000 + } + } +} + +proc launch_unix {hp} { + global mycert svcert crtdir env + global use_alpha use_grab use_ssh use_sshssl use_viewonly use_fullscreen use_bgr233 + global use_nojpeg use_raise_on_beep use_compresslevel use_quality + global change_vncviewer change_vncviewer_path vncviewer_realvnc4 + global additional_port_redirs additional_port_redirs_list + global use_cups use_sound use_smbmnt + global smb_redir_0 smb_mounts + global sound_daemon_remote_cmd sound_daemon_remote_port sound_daemon_kill sound_daemon_restart + global sound_daemon_local_cmd sound_daemon_local_port sound_daemon_local_kill sound_daemon_local_start + + set cmd "" + + if [regexp {cmd=} $hp] { + if {! $use_ssh && ! $use_sshssl} { + set use_ssh 1 + } + } + check_ssh_needed + + set_smb_mounts + + global did_port_knock + set did_port_knock 0 + set pk_hp "" + + if {$use_ssh || $use_sshssl} { + if {$use_ssh} { + set cmd "ssl_vncviewer -ssh" + } else { + set cmd "ssl_vncviewer -sshssl" + } + set hpnew [get_ssh_hp $hp] + set proxy [get_ssh_proxy $hp] + set sshcmd [get_ssh_cmd $hp] + set hp $hpnew + + if {$proxy != ""} { + set cmd "$cmd -proxy '$proxy'" + set pk_hp $proxy + } + if {$pk_hp == ""} { + set pk_hp $hp + } + + set do_pre 0 + if {$use_smbmnt} { + set do_pre 1 + } elseif {$use_sound && $sound_daemon_kill} { + set do_pre 1 + } + global skip_pre + if {$skip_pre} { + set do_pre 0 + set skip_pre 0 + } + + set tag [contag] + + if {$do_pre} { + do_unix_pre $tag $proxy $hp $pk_hp + } + + + set setup_cmds [ugly_setup_scripts post $tag] + + if {$sshcmd == "SHELL"} { + set env(SSL_VNCVIEWER_SSH_CMD) {$SHELL} + set env(SSL_VNCVIEWER_SSH_ONLY) 1 + } elseif {$setup_cmds != ""} { + set env(SSL_VNCVIEWER_SSH_CMD) "$setup_cmds$sshcmd" + } else { + if {$sshcmd != ""} { + set cmd "$cmd -sshcmd '$sshcmd'" + } + } + + set sshargs "" + if {$use_cups} { + append sshargs [get_cups_redir] + } + if {$use_sound} { + append sshargs [get_sound_redir] + } + if {$additional_port_redirs} { + append sshargs [get_additional_redir] + } + + set sshargs [string trim $sshargs] + if {$sshargs != ""} { + set cmd "$cmd -sshargs '$sshargs'" + set env(SSL_VNCVIEWER_USE_C) 1 + } + if {$sshcmd == "SHELL"} { + set env(SSL_VNCVIEWER_SSH_ONLY) 1 + if {$proxy == ""} { + set hpt $hpnew + regsub {:[0-9]*$} $hpt "" hpt + set cmd "$cmd -proxy '$hpt'" + } + set geometry [xterm_center_geometry] + if {$pk_hp == ""} { + set pk_hp $hp + } + if {! $did_port_knock} { + do_port_knock $pk_hp + set did_port_knock 1 + } + + exec xterm -geometry $geometry -title "SHELL to $hp" \ + -e sh -c "$cmd" & + set env(SSL_VNCVIEWER_SSH_CMD) "" + set env(SSL_VNCVIEWER_SSH_ONLY) "" + set env(SSL_VNCVIEWER_USE_C) "" + return + } + } else { + set cmd "ssl_tightvncviewer" + set hpnew [get_ssh_hp $hp] + set proxy [get_ssh_proxy $hp] + if {$mycert != ""} { + set cmd "$cmd -mycert '$mycert'" + } + if {$svcert != ""} { + set cmd "$cmd -verify '$svcert'" + } elseif {$crtdir != ""} { + set cmd "$cmd -verify '$crtdir'" + } + if {$proxy != ""} { + set cmd "$cmd -proxy '$proxy'" + } + set hp $hpnew + } + + if {$use_alpha} { + set cmd "$cmd -alpha" + } + if {$use_grab} { + set cmd "$cmd -grab" + } + + set cmd "$cmd $hp" + + if {$use_viewonly} { + set cmd "$cmd -viewonly" + } + if {$use_fullscreen} { + set cmd "$cmd -fullscreen" + } + if {$use_bgr233} { + if {$vncviewer_realvnc4} { + set cmd "$cmd -lowcolourlevel 1" + } else { + set cmd "$cmd -bgr233" + } + } + if {$use_nojpeg} { + if {! $vncviewer_realvnc4} { + set cmd "$cmd -nojpeg" + } + } + if {! $use_raise_on_beep} { + if {! $vncviewer_realvnc4} { + set cmd "$cmd -noraiseonbeep" + } + } + if {$use_compresslevel != "" && $use_compresslevel != "default"} { + if {$vncviewer_realvnc4} { + set cmd "$cmd -zliblevel '$use_compresslevel'" + } else { + set cmd "$cmd -compresslevel '$use_compresslevel'" + } + } + if {$use_quality != "" && $use_quality != "default"} { + if {! $vncviewer_realvnc4} { + set cmd "$cmd -quality '$use_quality'" + } + } + if {$use_ssh || $use_sshssl} { + # realvnc4 -preferredencoding zrle + if {$vncviewer_realvnc4} { + set cmd "$cmd -preferredencoding zrle" + } else { + set cmd "$cmd -encodings 'copyrect tight zrle zlib hextile'" + } + } + + if {$change_vncviewer && $change_vncviewer_path != ""} { + global env + set env(VNCVIEWERCMD) $change_vncviewer_path + } else { + set env(VNCVIEWERCMD) "" + } + + catch {destroy .o} + catch {destroy .oa} + wm withdraw . + update + + if {$sound_daemon_local_start && $sound_daemon_local_cmd != ""} { + mesg "running: $sound_daemon_local_cmd" + exec sh -c "$sound_daemon_local_cmd" >& /dev/null </dev/null & + update + after 500 + } + + if {$pk_hp == ""} { + set pk_hp $hp + } + if {! $did_port_knock} { + do_port_knock $pk_hp + set did_port_knock 1 + } + + set geometry [xterm_center_geometry] + set xrm1 "*.srinterCommand:true" + set xrm2 $xrm1 + set xrm3 $xrm1 + if {[info exists env(SSL_VNC_GUI_CMD)]} { + set xrm1 "*.printerCommand:env XTERM_PRINT=1 $env(SSL_VNC_GUI_CMD)" + set xrm2 "XTerm*VT100*translations:#override Shift<Btn3Down>:print()\\nCtrl<Key>N:print()" + set xrm3 "*mainMenu*print*Label: New SSL_VNC_GUI" + } + exec xterm -geometry $geometry -xrm "$xrm1" -xrm "$xrm2" -xrm "$xrm3" \ + -title "SSL VNC Viewer $hp" \ + -e sh -c "set -xv; $cmd; set +xv; echo; echo Done. You Can X-out or Ctrl-C this Terminal whenever you like.; echo; echo sleep 15; echo; sleep 15" + set env(SSL_VNCVIEWER_SSH_CMD) "" + set env(SSL_VNCVIEWER_USE_C) "" + + if {$sound_daemon_local_kill && $sound_daemon_local_cmd != ""} { + set daemon [string trim $sound_daemon_local_cmd] + regsub {^gw[ \t]*} $daemon "" daemon + regsub {[ \t].*$} $daemon "" daemon + regsub {^.*/} $daemon "" daemon + mesg "killing sound daemon: $daemon" + if {$daemon != ""} { + catch {exec sh -c "killall $daemon" >/dev/null 2>/dev/null </dev/null &} + catch {exec sh -c "pkill -x $daemon" >/dev/null 2>/dev/null </dev/null &} + } + } + wm deiconify . + mesg "Disconnected from $hp" +} + +proc kill_stunnel {pids} { + global is_win9x env + + set count 0 + foreach pid $pids { + mesg "killing STUNNEL pid: $pid" + if {$is_win9x} { + catch {exec w98/kill.exe /f $pid} + } else { + catch {exec tskill.exe $pid} + } + if {$count == 0} { + after 1200 + } else { + after 500 + } + incr count + } +} + +proc get_task_list {} { + global env is_win9x + + set output1 "" + set output2 "" + if {! $is_win9x} { + # try for tasklist on XP pro + catch {set output1 [exec tasklist.exe]} + } + catch {set output2 [exec w98/tlist.exe]} + + set output $output1 + append output "\n" + append output $output2 + + return $output +} + +proc note_stunnel_pids {when} { + global env + global is_win9x pids_before pids_after pids_new + + if {$when == "before"} { + array unset pids_before + array unset pids_after + set pids_new {} + set pids_before(none) "none" + set pids_after(none) "none" + } + + set output [get_task_list] + + foreach line [split $output "\n\r"] { + if [regexp -nocase {stunnel} $line] { + if [regexp {(-?[0-9][0-9]*)} $line m p] { + if {$when == "before"} { + set pids_before($p) $line + } else { + set pids_after($p) $line + } + } + } + } + if {$when == "after"} { + foreach new [array names pids_after] { + if {! [info exists pids_before($new)]} { + lappend pids_new $new + } + } + } +} + +proc del_launch_windows_ssh_files {} { + global launch_windows_ssh_files + + if {$launch_windows_ssh_files != ""} { + foreach tf [split $launch_windows_ssh_files] { + if {$tf == ""} { + continue + } + catch {file delete $tf} + } + } +} + +proc launch_shell_only {} { + global vncdisplay is_windows + global skip_pre + + set hp $vncdisplay + regsub {cmd=.*$} $vncdisplay "" hp + set hp [string trim $hp] + if {$is_windows} { + append hp " cmd=PUTTY" + } else { + append hp " cmd=SHELL" + } + set skip_pre 1 + launch $hp +} + +proc launch {{hp ""}} { + global vncdisplay env tcl_platform is_windows + global mycert svcert crtdir + global pids_before pids_after pids_new + global use_ssh use_sshssl + + set debug 0 + if {$hp == ""} { + set hp [string trim $vncdisplay] + } + + if {[regexp {^[ ]*$} $hp]} { + mesg "No host:disp supplied." + bell + return + } + if {! [regexp ":" $hp]} { + if {! [regexp {cmd=} $hp]} { + append hp ":0" + } + } + + mesg "Using: $hp" + after 600 + + if {$debug} { + mesg "\"$tcl_platform(os)\" | \"$tcl_platform(osVersion)\"" + after 1000 + } + if {! $is_windows} { + launch_unix $hp + return + } + + if [regexp {cmd=} $hp] { + if {! $use_ssh && ! $use_sshssl} { + set use_ssh 1 + } + } + check_ssh_needed + + if {! $use_ssh} { + if {$mycert != ""} { + if {! [file exists $mycert]} { + mesg "MyCert does not exist: $mycert" + bell + return + } + } + if {$svcert != ""} { + if {! [file exists $svcert]} { + mesg "ServerCert does not exist: $svcert" + bell + return + } + } elseif {$crtdir != ""} { + if {! [file exists $crtdir]} { + mesg "CertsDir does not exist: $crtdir" + bell + return + } + } + } + + set prefix "stunnel-vnc" + set suffix "conf" + if {$use_ssh || $use_sshssl} { + set prefix "plink-vnc" + set suffix "bat" + } + + # we avoid parsing netstat output on Windows (but I guess we do now elsewhere): + set file "" + set n "" + set file2 "" + set n2 "" + set now [clock seconds] + + for {set i 30} {$i < 90} {incr i} { + set try "$prefix-$i.$suffix" + if {[file exists $try]} { + set mt [file mtime $try] + set age [expr "$now - $mt"] + set week [expr "7 * 3600 * 24"] + if {$age > $week} { + catch {file delete $file} + } + } + if {! [file exists $try]} { + if {$use_sshssl} { + if {$file != ""} { + set file2 $try + set n2 $i + break + } + } + set file $try + set n $i + if {! $use_sshssl} { + break + } + } + } + + if {$file == ""} { + mesg "could not find free stunnel file" + bell + return + } + + global launch_windows_ssh_files + set launch_windows_ssh_files "" + + set did_port_knock 0 + + if {$use_sshssl} { + set rc [launch_windows_ssh $hp $file2 $n2] + if {$rc == 0} { + catch {file delete $file} + catch {file delete $file2} + del_launch_windows_ssh_files + return + } + set did_port_knock 1 + } elseif {$use_ssh} { + launch_windows_ssh $hp $file $n + return + } + + if [regexp {[ ]} $hp] { + # proxy or cmd case (should not happen? yet?) + regsub {[ ].*$} $hp "" hp2 + } else { + set list [split $hp ":"] + set host [lindex $list 0] + set disp [lindex $list 1] + set port [expr "$disp + 5900"] + } + + set list [split $hp ":"] + set host [lindex $list 0] + set disp [lindex $list 1] + set port [expr "$disp + 5900"] + + if {$debug} { + mesg "file: $file" + after 1000 + } + + set fh [open $file "w"] + + puts $fh "client = yes" + puts $fh "options = ALL" + puts $fh "taskbar = yes" + puts $fh "RNDbytes = 2048" + puts $fh "RNDfile = bananarand.bin" + puts $fh "RNDoverwrite = yes" + puts $fh "debug = 6" + if {$mycert != ""} { + if {! [file exists $mycert]} { + mesg "MyCert does not exist: $mycert" + bell + return + } + puts $fh "cert = $mycert" + } + if {$svcert != ""} { + if {! [file exists $svcert]} { + mesg "ServerCert does not exist: $svcert" + bell + return + } + puts $fh "CAfile = $svcert" + puts $fh "verify = 2" + } elseif {$crtdir != ""} { + if {! [file exists $crtdir]} { + mesg "CertsDir does not exist: $crtdir" + bell + return + } + puts $fh "CApath = $crtdir" + puts $fh "verify = 2" + } + + puts $fh "\[vnc$n\]" + set port2 [expr "$n + 5900"] + puts $fh "accept = localhost:$port2" + + if {$use_sshssl} { + set port [expr "$n2 + 5900"] + puts $fh "connect = localhost:$port" + } else { + puts $fh "connect = $host:$port" + } + + puts $fh "delay = no" + puts $fh "" + close $fh + + mesg "Starting STUNNEL on port $port2 ..." + after 600 + + note_stunnel_pids "before" + + set pids [exec stunnel $file &] + + after 1300 + + note_stunnel_pids "after" + + if {$debug} { + after 1000 + mesg "pids $pids" + after 1000 + } else { + catch {destroy .o} + catch {destroy .oa} + wm withdraw . + } + + if {! $did_port_knock} { + do_port_knock $host + set did_port_knock 1 + } + + do_viewer_windows $n + + del_launch_windows_ssh_files + + catch {file delete $file} + + if {$debug} { + ; + } else { + wm deiconify . + } + mesg "Disconnected from $hp." + + if {[llength $pids_new] > 0} { + set plist [join $pids_new ", "] + global terminate_pids + set terminate_pids "" + win_kill_msg $plist + update + vwait terminate_pids + if {$terminate_pids == "yes"} { + kill_stunnel $pids_new + } + } else { + win_nokill_msg + } + mesg "Disconnected from $hp." + + global is_win9x use_sound sound_daemon_local_kill sound_daemon_local_cmd + if {! $is_win9x && $use_sound && $sound_daemon_local_kill && $sound_daemon_local_cmd != ""} { + windows_stop_sound_daemon + } +} + +proc get_idir {str} { + set idir "" + if {$str != ""} { + if [file isdirectory $str] { + set idir $str + } else { + set idir [file dirname $str] + } + } + if {$idir == ""} { + global env + if [info exists env(HOME)] { + set t "$env(HOME)/.vnc/certs" + if [file isdirectory $t] { + set idir $t + } + } + } + if {$idir == ""} { + set idir [pwd] + } + return $idir +} + +proc set_mycert {} { + global mycert + set idir [get_idir $mycert] + if {$idir != ""} { + set mycert [tk_getOpenFile -initialdir $idir] + } else { + set mycert [tk_getOpenFile] + } + catch {wm deiconify .c} + update +} + +proc set_svcert {} { + global svcert crtdir + set idir [get_idir $svcert] + if {$idir != ""} { + set svcert [tk_getOpenFile -initialdir $idir] + } else { + set svcert [tk_getOpenFile] + } + if {$svcert != ""} { + set crtdir "" + } + catch {wm deiconify .c} + update +} + +proc set_crtdir {} { + global svcert crtdir + set idir [get_idir $crtdir] + if {$idir != ""} { + set crtdir [tk_chooseDirectory -initialdir $idir] + } else { + set crtdir [tk_chooseDirectory] + } + if {$crtdir != ""} { + set svcert "" + } + catch {wm deiconify .c} + update +} + +proc getcerts {} { + global mycert svcert crtdir + global use_ssh use_sshssl + catch {destroy .c} + toplevel .c + wm title .c "Set SSL Certificates" + frame .c.mycert + frame .c.svcert + frame .c.crtdir + label .c.mycert.l -anchor w -width 12 -text "MyCert:" + label .c.svcert.l -anchor w -width 12 -text "ServerCert:" + label .c.crtdir.l -anchor w -width 12 -text "CertsDir:" + + entry .c.mycert.e -width 32 -textvariable mycert + entry .c.svcert.e -width 32 -textvariable svcert + entry .c.crtdir.e -width 32 -textvariable crtdir + button .c.mycert.b -text "Browse..." -command {set_mycert; catch {raise .c}} + button .c.svcert.b -text "Browse..." -command {set_svcert; catch {raise .c}} + button .c.crtdir.b -text "Browse..." -command {set_crtdir; catch {raise .c}} + + frame .c.b + button .c.b.done -text "Done" -command {catch {destroy .c}} + bind .c <Escape> {destroy .c} + button .c.b.help -text "Help" -command help_certs + pack .c.b.help .c.b.done -fill x -expand 1 -side left + + foreach w [list mycert svcert crtdir] { + pack .c.$w.l -side left + pack .c.$w.e -side left -expand 1 -fill x + pack .c.$w.b -side left + bind .c.$w.e <Return> ".c.$w.b invoke" + if {$use_ssh} { + .c.$w.l configure -state disabled + .c.$w.e configure -state disabled + .c.$w.b configure -state disabled + } + } + + pack .c.mycert .c.svcert .c.crtdir .c.b -side top -fill x + center_win .c + wm resizable .c 1 0 + + focus .c +} + +proc get_profiles_dir {} { + global env is_windows + + set dir "" + if {$is_windows} { + set t [file dirname [pwd]] + set t "$t/profiles" + if [file isdirectory $t] { + set dir $t + } + } elseif [info exists env(HOME)] { + set t "$env(HOME)/.vnc" + if [file isdirectory $t] { + set dir $t + set s "$t/profiles" + if {! [file exists $s]} { + catch {file mkdir $s} + } + } + } + + if {$dir != ""} { + + } elseif [info exists env(SSL_VNC_BASEDIR)] { + set dir $env(SSL_VNC_BASEDIR) + } else { + set dir [pwd] + } + if [file isdirectory "$dir/profiles"] { + set dir "$dir/profiles" + } + return $dir +} + +proc load_profile {} { + global env + global mycert svcert crtdir vncdisplay + global use_alpha use_grab use_ssh use_sshssl use_viewonly use_fullscreen use_bgr233 + global use_nojpeg use_raise_on_beep use_compresslevel use_quality + global compresslevel_text quality_text + global use_smbmnt use_sound + global use_cups cups_local_server cups_remote_port cups_manage_rcfile + global cups_local_smb_server cups_remote_smb_port + global smb_su_mode smb_mount_list + global change_vncviewer change_vncviewer_path vncviewer_realvnc4 + global additional_port_redirs additional_port_redirs_list + global sound_daemon_remote_cmd sound_daemon_remote_port sound_daemon_kill sound_daemon_restart + global sound_daemon_local_cmd sound_daemon_local_port sound_daemon_local_kill sound_daemon_local_start + global use_port_knocking port_knocking_list + global profdone + + set dir [get_profiles_dir] + + set file [tk_getOpenFile -defaultextension ".vnc" \ + -initialdir $dir -title "Load VNC Profile"] + if {$file == ""} { + set profdone 1 + return + } + set fh [open $file "r"] + if {! [info exists fh]} { + set profdone 1 + return + } + + set_defaults + + while {[gets $fh line] > -1} { + if [regexp {^disp=(.*)$} $line m val] { + set vncdisplay $val + } elseif [regexp {^ssh=(.*)$} $line m val] { + set use_ssh $val + } elseif [regexp {^sshssl=(.*)$} $line m val] { + set use_sshssl $val + } elseif [regexp {^viewonly=(.*)$} $line m val] { + set use_viewonly $val + } elseif [regexp {^fullscreen=(.*)$} $line m val] { + set use_fullscreen $val + } elseif [regexp {^belldeiconify=(.*)$} $line m val] { + set use_raise_on_beep $val + } elseif [regexp {^8bit=(.*)$} $line m val] { + set use_bgr233 $val + } elseif [regexp {^alpha=(.*)$} $line m val] { + set use_alpha $val + } elseif [regexp {^grab=(.*)$} $line m val] { + set use_grab $val + } elseif [regexp {^nojpeg=(.*)$} $line m val] { + set use_nojpeg $val + } elseif [regexp {^compresslevel=(.*)$} $line m val] { + set use_compresslevel $val + set compresslevel_text "Compress Level: $val" + } elseif [regexp {^quality=(.*)$} $line m val] { + set use_quality $val + set quality_text "Quality: $val" + } elseif [regexp {^mycert=(.*)$} $line m val] { + set mycert $val + } elseif [regexp {^svcert=(.*)$} $line m val] { + set svcert $val + } elseif [regexp {^crtdir=(.*)$} $line m val] { + set crtdir $val + } elseif [regexp {^use_smbmnt=(.*)$} $line m val] { + set use_smbmnt $val + } elseif [regexp {^use_sound=(.*)$} $line m val] { + set use_sound $val + } elseif [regexp {^use_cups=(.*)$} $line m val] { + set use_cups $val + } elseif [regexp {^cups_local_server=(.*)$} $line m val] { + set cups_local_server $val + } elseif [regexp {^cups_remote_port=(.*)$} $line m val] { + set cups_remote_port $val + } elseif [regexp {^cups_local_smb_server=(.*)$} $line m val] { + set cups_local_smb_server $val + } elseif [regexp {^cups_remote_smb_port=(.*)$} $line m val] { + set cups_remote_smb_port $val + } elseif [regexp {^cups_manage_rcfile=(.*)$} $line m val] { + set cups_manage_rcfile $val + } elseif [regexp {^smb_mount_list=(.*)$} $line m val] { + regsub -all {%%%} $val "\n" val + set smb_mount_list $val + } elseif [regexp {^smb_su_mode=(.*)$} $line m val] { + set smb_su_mode $val + } elseif [regexp {^port_knocking_list=(.*)$} $line m val] { + regsub -all {%%%} $val "\n" val + set port_knocking_list $val + } elseif [regexp {^use_port_knocking=(.*)$} $line m val] { + set use_port_knocking $val + } elseif [regexp {^sound_daemon_remote_cmd=(.*)$} $line m val] { + set sound_daemon_remote_cmd $val + } elseif [regexp {^sound_daemon_remote_port=(.*)$} $line m val] { + set sound_daemon_remote_port $val + } elseif [regexp {^sound_daemon_kill=(.*)$} $line m val] { + set sound_daemon_kill $val + } elseif [regexp {^sound_daemon_restart=(.*)$} $line m val] { + set sound_daemon_restart $val + } elseif [regexp {^sound_daemon_local_cmd=(.*)$} $line m val] { + set sound_daemon_local_cmd $val + } elseif [regexp {^sound_daemon_local_port=(.*)$} $line m val] { + set sound_daemon_local_port $val + } elseif [regexp {^sound_daemon_local_start=(.*)$} $line m val] { + set sound_daemon_local_start $val + } elseif [regexp {^sound_daemon_local_kill=(.*)$} $line m val] { + set sound_daemon_local_kill $val + } elseif [regexp {^change_vncviewer=(.*)$} $line m val] { + set change_vncviewer $val + } elseif [regexp {^change_vncviewer_path=(.*)$} $line m val] { + set change_vncviewer_path $val + } elseif [regexp {^vncviewer_realvnc4=(.*)$} $line m val] { + set vncviewer_realvnc4 $val + } elseif [regexp {^additional_port_redirs=(.*)$} $line m val] { + set additional_port_redirs $val + } elseif [regexp {^additional_port_redirs_list=(.*)$} $line m val] { + set additional_port_redirs_list $val + } + } + close $fh + set profdone 1 + putty_pw_entry check +} + +proc save_profile {} { + global env is_windows + global mycert svcert crtdir vncdisplay + global use_alpha use_grab use_ssh use_sshssl use_viewonly use_fullscreen use_bgr233 + global use_nojpeg use_raise_on_beep use_compresslevel use_quality + global profdone + + set dir [get_profiles_dir] + + set disp [string trim $vncdisplay] + if {$disp != ""} { + regsub {[ ].*$} $disp "" disp + } + if {$is_windows} { + regsub -all {:} $disp "_" disp + } + + set file [tk_getSaveFile -defaultextension ".vnc" \ + -initialdir $dir -initialfile "$disp" -title "Save VNC Profile"] + if {$file == ""} { + set profdone 1 + return + } + set fh [open $file "w"] + if {! [info exists fh]} { + set profdone 1 + return + } + set h [string trim $vncdisplay] + set p $h + regsub {:.*$} $h "" h + set host $h + regsub {[ ].*$} $p "" p + regsub {^.*:} $p "" p + if {$p == ""} { + set p 0 + } + if {$p < 200} { + set port [expr $p + 5900] + } else { + set port $p + } + + set h [string trim $vncdisplay] + regsub {cmd=.*$} $h "" h + set h [string trim $h] + if {! [regexp {[ ]} $h]} { + set h "" + } else { + regsub {^.*[ ]} $h "" h + } + if {$h == ""} { + set proxy "" + set proxyport "" + } else { + set p $h + regsub {:.*$} $h "" h + set proxy $h + regsub {[ ].*$} $p "" p + regsub {^.*:} $p "" p + if {$p == ""} { + set proxyport 0 + } else { + set proxyport $p + } + } + + puts $fh "\[connection\]" + puts $fh "host=$host" + puts $fh "port=$port" + puts $fh "proxyhost=$proxy" + puts $fh "proxyport=$proxyport" + puts $fh "disp=$vncdisplay" + puts $fh "\n\[options\]" + puts $fh "ssh=$use_ssh" + puts $fh "sshssl=$use_sshssl" + puts $fh "viewonly=$use_viewonly" + puts $fh "fullscreen=$use_fullscreen" + puts $fh "belldeiconify=$use_raise_on_beep" + puts $fh "8bit=$use_bgr233" + puts $fh "alpha=$use_alpha" + puts $fh "grab=$use_grab" + puts $fh "nojpeg=$use_nojpeg" + puts $fh "compresslevel=$use_compresslevel" + puts $fh "quality=$use_quality" + puts $fh "mycert=$mycert" + puts $fh "svcert=$svcert" + puts $fh "crtdir=$crtdir" + + global use_smbmnt use_sound + puts $fh "use_smbmnt=$use_smbmnt" + puts $fh "use_sound=$use_sound" + + global use_cups cups_local_server cups_remote_port cups_manage_rcfile + global cups_local_smb_server cups_remote_smb_port + puts $fh "use_cups=$use_cups" + puts $fh "cups_local_server=$cups_local_server" + puts $fh "cups_remote_port=$cups_remote_port" + puts $fh "cups_local_smb_server=$cups_local_smb_server" + puts $fh "cups_remote_smb_port=$cups_remote_smb_port" + puts $fh "cups_manage_rcfile=$cups_manage_rcfile" + + global change_vncviewer change_vncviewer_path vncviewer_realvnc4 + global additional_port_redirs additional_port_redirs_list + puts $fh "change_vncviewer=$change_vncviewer" + puts $fh "change_vncviewer_path=$change_vncviewer_path" + puts $fh "vncviewer_realvnc4=$vncviewer_realvnc4" + puts $fh "additional_port_redirs=$additional_port_redirs" + puts $fh "additional_port_redirs_list=$additional_port_redirs_list" + + global sound_daemon_remote_cmd sound_daemon_remote_port sound_daemon_kill sound_daemon_restart + global sound_daemon_local_cmd sound_daemon_local_port sound_daemon_local_kill sound_daemon_local_start + puts $fh "sound_daemon_remote_cmd=$sound_daemon_remote_cmd" + puts $fh "sound_daemon_remote_port=$sound_daemon_remote_port" + puts $fh "sound_daemon_kill=$sound_daemon_kill" + puts $fh "sound_daemon_restart=$sound_daemon_restart" + puts $fh "sound_daemon_local_cmd=$sound_daemon_local_cmd" + puts $fh "sound_daemon_local_port=$sound_daemon_local_port" + puts $fh "sound_daemon_local_kill=$sound_daemon_local_kill" + puts $fh "sound_daemon_local_start=$sound_daemon_local_start" + + global smb_su_mode smb_mount_list + set list $smb_mount_list + regsub -all "\n" $list "%%%" list + puts $fh "smb_su_mode=$smb_su_mode" + puts $fh "smb_mount_list=$list" + + global use_port_knocking port_knocking_list + set list $port_knocking_list + regsub -all "\n" $list "%%%" list + puts $fh "use_port_knocking=$use_port_knocking" + puts $fh "port_knocking_list=$list" + + close $fh + set profdone 1 +} + +proc set_ssh {} { + global use_ssh use_sshssl + if {! $use_ssh && ! $use_sshssl} { + set use_ssh 1 + } + putty_pw_entry check +} + +proc expand_IP {redir} { + if {! [regexp {:IP:} $redir]} { + return $redir + } + if {! [regexp {(-R).*:IP:} $redir]} { + return $redir + } + + set ip [guess_ip] + set ip [string trim $ip] + if {$ip == ""} { + return $redir + } + + regsub -all {:IP:} $redir ":$ip:" redir + return $redir +} + +proc get_cups_redir {} { + global cups_local_server cups_remote_port + global cups_local_smb_server cups_remote_smb_port + set redir "$cups_remote_port:$cups_local_server" + regsub -all {['" ]} $redir {} redir; #" + set redir " -R $redir" + if {$cups_local_smb_server != "" && $cups_remote_smb_port != ""} { + set redir2 "$cups_remote_smb_port:$cups_local_smb_server" + regsub -all {['" ]} $redir2 {} redir2; #" + set redir "$redir -R $redir2" + } + set redir [expand_IP $redir] + return $redir +} + +proc get_additional_redir {} { + global additional_port_redirs additional_port_redirs_list + if {! $additional_port_redirs || $additional_port_redirs_list == ""} { + return "" + } + set redir [string trim $additional_port_redirs_list] + regsub -all {['"]} $redir {} redir; #" + set redir " $redir" + set redir [expand_IP $redir] + return $redir +} + +proc get_sound_redir {} { + global sound_daemon_remote_port sound_daemon_local_port + set loc $sound_daemon_local_port + if {! [regexp {:} $loc]} { + set loc "localhost:$loc" + } + set redir "$sound_daemon_remote_port:$loc" + regsub -all {['" ]} $redir {} redir; #" + set redir " -R $redir" + set redir [expand_IP $redir] + return $redir +} + +proc get_smb_redir {} { + global smb_mount_list + + set s [string trim $smb_mount_list] + if {$s == ""} { + return "" + } + + set did(0) 1 + set redir "" + set mntlist "" + + foreach line [split $s "\r\n"] { + set str [string trim $line] + if {$str == ""} { + continue + } + if {[regexp {^#} $str]} { + continue + } + + set port "" + if [regexp {^([0-9][0-9]*)[ \t][ \t]*(.*)} $str mvar port rest] { + # leading port + set str [string trim $rest] + } + + # grab: //share /dest [host[:port]] + set share "" + set dest "" + set hostport "" + foreach item [split $str] { + if {$item == ""} { + continue + } + if {$share == ""} { + set share [string trim $item] + } elseif {$dest == ""} { + set dest [string trim $item] + } elseif {$hostport == ""} { + set hostport [string trim $item] + } + } + + regsub {^~/} $dest {$HOME/} dest + + # work out the local host:port + set lhost "" + set lport "" + if {$hostport != ""} { + if [regexp {(.*):(.*)} $hostport mvar lhost lport] { + ; + } else { + set lhost $hostport + set lport 139 + } + } else { + if [regexp {//([^/][^/]*)/} $share mvar h] { + if [regexp {(.*):(.*)} $h mvar lhost lport] { + ; + } else { + set lhost $h + set lport 139 + } + } else { + set lhost localhost + set lport 139 + } + } + + if {$port == ""} { + if [info exists did("$lhost:$lport")] { + # reuse previous one: + set port $did("$lhost:$lport") + } else { + # choose one at random: + for {set i 0} {$i < 3} {incr i} { + set port [expr 20100 + 9000 * rand()] + set port [expr round($port)] + if { ! [info exists did($port)] } { + break + } + } + } + set did($port) 1 + } + + if {$mntlist != ""} { + append mntlist " " + } + append mntlist "$share,$dest,$port" + + if { ! [info exists did("$lhost:$lport")] } { + append redir " -R $port:$lhost:$lport" + set did("$lhost:$lport") $port + } + } + + regsub -all {['"]} $redir {} redir; #" + set redir [expand_IP $redir] + + regsub -all {['"]} $mntlist {} mntlist; #" + + set l [list] + lappend l $redir + lappend l $mntlist + return $l +} + +proc ugly_setup_scripts {mode tag} { + +set cmd(1) { + SSHD_PID="" + FLAG=$HOME/.vnc-helper-flag__PID__ + + if [ "X$USER" = "X" ]; then + USER=$LOGNAME + fi + + DO_CUPS=0 + cups_dir=$HOME/.cups + cups_cfg=$cups_dir/client.conf + cups_host=localhost + cups_port=NNNN + + DO_SMB=0 + DO_SMB_SU=0 + DO_SMB_WAIT=0 + smb_mounts= + DONE_PORT=NNNN + smb_script=$HOME/.smb-mounts__PID__.sh + + DO_SOUND=0 + DO_SOUND_KILL=0 + DO_SOUND_RESTART=0 + sound_daemon_remote_prog= + sound_daemon_remote_args= + + findpid() { + i=1 + back=10 + touch $FLAG + + if [ "X$TOPPID" = "X" ]; then + TOPPID=$$ + back=50 + fi + + while [ $i -lt $back ] + do + try=`expr $TOPPID - $i` + if ps $try 2>/dev/null | grep sshd >/dev/null; then + SSHD_PID="$try" + echo SSHD_PID=$try + echo + break + fi + i=`expr $i + 1` + done + } + + wait_til_ssh_gone() { + try_perl="" + if type perl >/dev/null 2>&1; then + try_perl=1 + fi + uname=`uname` + if [ "X$uname" != "XLinux" -a "X$uname" != "XSunOS" ]; then + try_perl="" + fi + if [ "X$try_perl" = "X1" ]; then + # try to avoid wasting pids: + perl -e "while (1) {if(! -e \"/proc/$SSHD_PID\"){exit} if(! -f \"$FLAG\"){exit} sleep 1;}" + else + while [ 1 ] + do + ps $SSHD_PID > /dev/null 2>&1 + if [ $? != 0 ]; then + break + fi + if [ ! -f $FLAG ]; then + break + fi + sleep 1 + done + fi + rm -f $FLAG + if [ "X$DO_SMB_WAIT" = "X1" ]; then + rm -f $smb_script + fi + } +}; + +set cmd(2) { + update_client_conf() { + mkdir -p $cups_dir + if [ -f $cups_cfg ]; then + cp -p $cups_cfg $cups_cfg.back + else + touch $cups_cfg.back + fi + sed -e "s/^ServerName/#-etv-#ServerName/" $cups_cfg.back > $cups_cfg + echo "ServerName $cups_host:$cups_port" >> $cups_cfg + echo + echo "--------------------------------------------------------------" + echo "The CUPS $cups_cfg config file has been set to:" + echo + cat $cups_cfg + echo + echo "If there are problems automatically restoring it, edit or" + echo "remove the file to go back to local CUPS settings." + echo + echo "A backup has been placed in: $cups_cfg.back" + echo + echo "See the help description for more details on printing." + echo + echo "done." + echo "--------------------------------------------------------------" + echo + } + + reset_client_conf() { + cp -p $cups_cfg $cups_cfg.tmp + grep -v "^ServerName" $cups_cfg.tmp | sed -e "s/^#-etv-#ServerName/ServerName/" > $cups_cfg + rm -f $cups_cfg.tmp + } + + cupswait() { + trap "" INT QUIT HUP + wait_til_ssh_gone + reset_client_conf + } +}; + +# if [ "X$DONE_PORT" != "X" ]; then +# if type perl >/dev/null 2>&1; then +# perl -e "use IO::Socket::INET; \$SIG{INT} = \"IGNORE\"; \$SIG{QUIT} = \"IGNORE\"; \$SIG{HUP} = \"INGORE\"; my \$client = IO::Socket::INET->new(Listen => 5, LocalAddr => \"localhost\", LocalPort => $DONE_PORT, Proto => \"tcp\")->accept(); \$line = <\$client>; close \$client; unlink \"$smb_script\";" </dev/null >/dev/null 2>/dev/null & +# if [ $? = 0 ]; then +# have_perl_done="1" +# fi +# fi +# fi + +set cmd(3) { + smbwait() { + trap "" INT QUIT HUP + wait_til_ssh_gone + } + do_smb_mounts() { + if [ "X$smb_mounts" = "X" ]; then + return + fi + echo > $smb_script + have_perl_done="" + echo "echo" >> $smb_script + dests="" + for mnt in $smb_mounts + do + smfs=`echo "$mnt" | awk -F, "{print \\\$1}"` + dest=`echo "$mnt" | awk -F, "{print \\\$2}"` + port=`echo "$mnt" | awk -F, "{print \\\$3}"` + dest=`echo "$dest" | sed -e "s,__USER__,$USER,g" -e "s,__HOME__,$HOME,g"` + if [ ! -d $dest ]; then + mkdir -p $dest + fi + echo "echo SMBMOUNT:" >> $smb_script + echo "echo smbmount $smfs $dest -o uid=$USER,ip=127.0.0.1,port=$port" >> $smb_script + echo "smbmount \"$smfs\" \"$dest\" -o uid=$USER,ip=127.0.0.1,port=$port" >> $smb_script + echo "echo; df \"$dest\"; echo" >> $smb_script + dests="$dests $dest" + done + #} +}; + +set cmd(4) { + echo "(" >> $smb_script + echo "trap \"\" INT QUIT HUP" >> $smb_script + + try_perl="" + if type perl >/dev/null 2>&1; then + try_perl=1 + fi + uname=`uname` + if [ "X$uname" != "XLinux" -a "X$uname" != "XSunOS" ]; then + try_perl="" + fi + + if [ "X$try_perl" = "X" ]; then + echo "while [ -f $smb_script ]" >> $smb_script + echo "do" >> $smb_script + echo " sleep 1" >> $smb_script + echo "done" >> $smb_script + else + echo "perl -e \"while (-f \\\\\"$smb_script\\\\\") {sleep 1;} exit 0;\"" >> $smb_script + fi + for dest in $dests + do + echo "echo smbumount $dest" >> $smb_script + echo "smbumount \"$dest\"" >> $smb_script + done + echo ") &" >> $smb_script + echo "--------------------------------------------------------------" + if [ "$DO_SMB_SU" = "0" ]; then + echo "We now run the smbmount script as user $USER" + echo + echo sh $smb_script + sh $smb_script + rc=0 + elif [ "$DO_SMB_SU" = "1" ]; then + echo "We now run the smbmount script via su(1)" + echo + echo "The first \"Password:\" will be for that of root to run the smbmount script." + echo + echo "Subsequent \"Password:\" will be for the SMB share(s) (hit Return if no passwd)" + echo + echo SU: + echo "su root -c \"sh $smb_script\"" + su root -c "sh $smb_script" + rc=$? + elif [ "$DO_SMB_SU" = "2" ]; then + echo "We now run the smbmount script via sudo(8)" + echo + echo "The first \"Password:\" will be for that of the sudo(8) password." + echo + echo "Subsequent \"Password:\" will be for the SMB shares (hit enter if no passwd)" + echo + echo SUDO: + echo sudo sh $smb_script + sudo sh $smb_script + rc=$? + fi +}; + +set cmd(5) { + #{ + echo + if [ "$rc" = 0 ]; then + if [ "X$have_perl_done" = "X1" -o 1 = 1 ] ; then + echo + echo "Your SMB shares will be be unmounted when the VNC connection" + echo "closes. If that fails follow these instructions:" + fi + echo + echo "To unmount your SMB shares make sure no applications are still using" + echo "any of the files and no shells are still cd-ed into the share area," + echo "then type:" + echo + echo " rm -f $smb_script" + echo + echo "(to avoid a 2nd ssh, try to do this before terminating the VNC Viewer)" + echo + echo "In the worst case run: smbumount /path/to/mount/point for each mount." + else + echo + if [ "$DO_SMB_SU" = "1" ]; then + echo "su(1) to run smbmount(8) failed." + elif [ "$DO_SMB_SU" = "2" ]; then + echo "sudo(8) to run smbmount(8) failed." + fi + rm -f $smb_script + fi + echo + echo "done." + echo "--------------------------------------------------------------" + echo + } +}; + +set cmd(6) { + + setup_sound() { + dpid="" + d=$sound_daemon_remote_prog + if type pgrep >/dev/null 2>/dev/null; then + dpid=`pgrep -U $USER -x $d | head -1` + else + dpid=`env PATH=/usr/ucb:$PATH ps wwwwaux | grep -w $USER | grep -w $d | grep -v grep | head -1` + fi + echo "--------------------------------------------------------------" + echo "Setting up Sound: pid=$dpid" + if [ "X$dpid" != "X" ]; then + dcmd=`env PATH=/usr/ucb:$PATH ps wwwwaux | grep -w $USER | grep -w $d | grep -w $dpid | grep -v grep | head -1 | sed -e "s/^.*$d/$d/"` + if [ "X$DO_SOUND_KILL" = "X1" ]; then + echo "Stopping sound daemon: $sound_daemon_remote_prog $dpid" + echo "sound cmd: $dcmd" + kill -TERM $dpid + fi + fi + echo + echo "done." + echo "--------------------------------------------------------------" + echo + } + + reset_sound() { + if [ "X$DO_SOUND_RESTART" = "X1" ]; then + d=$sound_daemon_remote_prog + a=$sound_daemon_remote_args + echo "Restaring sound daemon: $d $a" + $d $a </dev/null >/dev/null 2>&1 & + fi + } + + soundwait() { + trap "" INT QUIT HUP + wait_til_ssh_gone + reset_sound + } + + findpid + + if [ $DO_SMB = 1 ]; then + do_smb_mounts + fi + + waiter=0 + + if [ $DO_CUPS = 1 ]; then + update_client_conf + cupswait </dev/null >/dev/null 2>/dev/null & + waiter=1 + fi + + if [ $DO_SOUND = 1 ]; then + setup_sound + soundwait </dev/null >/dev/null 2>/dev/null & + waiter=1 + fi + if [ $DO_SMB_WAIT = 1 ]; then + if [ $waiter != 1 ]; then + smbwait </dev/null >/dev/null 2>/dev/null & + waiter=1 + fi + fi + + + echo "--vnc-helper-exiting--" + echo + rm -f $0 + exit 0 +}; + + set cmdall "" + + for {set i 1} {$i <= 6} {incr i} { + set v $cmd($i); + regsub -all "\n" $v "%" v + set cmd($i) $v + append cmdall "echo " + if {$i == 1} { + append cmdall {TOPPID=$$%} + } + append cmdall {'} + append cmdall $cmd($i) + append cmdall {' | tr '%' '\n'} + if {$i == 1} { + append cmdall {>} + } else { + append cmdall {>>} + } + append cmdall {$HOME/.vnc-helper-cmd__PID__; } + } + append cmdall {sh $HOME/.vnc-helper-cmd__PID__; } + + regsub -all {vnc-helper-cmd} $cmdall "vnc-helper-cmd-$mode" cmdall + if {$tag == ""} { + set tag [pid] + } + regsub -all {__PID__} $cmdall "$tag" cmdall + + set orig $cmdall + + global use_cups cups_local_server cups_remote_port cups_manage_rcfile + if {$use_cups && $cups_manage_rcfile} { + if {$mode == "post"} { + regsub {DO_CUPS=0} $cmdall {DO_CUPS=1} cmdall + regsub {cups_port=NNNN} $cmdall "cups_port=$cups_remote_port" cmdall + } + } + + global use_smbmnt smb_su_mode + if {$use_smbmnt} { + global smb_mounts + if {$smb_mounts != ""} { + set smbm $smb_mounts + regsub -all {%USER} $smbm "__USER__" smbm + regsub -all {%HOME} $smbm "__HOME__" smbm + if {$mode == "pre"} { + regsub {DO_SMB=0} $cmdall {DO_SMB=1} cmdall + if {$smb_su_mode == "su"} { + regsub {DO_SMB_SU=0} $cmdall {DO_SMB_SU=1} cmdall + } elseif {$smb_su_mode == "sudo"} { + regsub {DO_SMB_SU=0} $cmdall {DO_SMB_SU=2} cmdall + } elseif {$smb_su_mode == "none"} { + regsub {DO_SMB_SU=0} $cmdall {DO_SMB_SU=0} cmdall + } else { + regsub {DO_SMB_SU=0} $cmdall {DO_SMB_SU=1} cmdall + } + regsub {smb_mounts=} $cmdall "smb_mounts=\"$smbm\"" cmdall + } elseif {$mode == "post"} { + regsub {DO_SMB_WAIT=0} $cmdall {DO_SMB_WAIT=1} cmdall + } + } + } + + global use_sound + if {$use_sound} { + if {$mode == "pre"} { + global sound_daemon_remote_cmd sound_daemon_kill sound_daemon_restart + if {$sound_daemon_kill} { + regsub {DO_SOUND_KILL=0} $cmdall {DO_SOUND_KILL=1} cmdall + regsub {DO_SOUND=0} $cmdall {DO_SOUND=1} cmdall + } + if {$sound_daemon_restart} { + regsub {DO_SOUND_RESTART=0} $cmdall {DO_SOUND_RESTART=1} cmdall + regsub {DO_SOUND=0} $cmdall {DO_SOUND=1} cmdall + } + set sp [string trim $sound_daemon_remote_cmd] + regsub {[ \t].*$} $sp "" sp + set sa [string trim $sound_daemon_remote_cmd] + regsub {^[^ \t][^ \t]*[ \t][ \t]*} $sa "" sa + regsub {sound_daemon_remote_prog=} $cmdall "sound_daemon_remote_prog=\"$sp\"" cmdall + regsub {sound_daemon_remote_args=} $cmdall "sound_daemon_remote_args=\"$sa\"" cmdall + } + } + + if {"$orig" == "$cmdall"} { + return "" + } else { + return $cmdall + } +} + +proc cups_dialog {} { + + catch {destroy .cups} + toplevel .cups + wm title .cups "CUPS Tunnelling" + global cups_local_server cups_remote_port cups_manage_rcfile + global cups_local_smb_server cups_remote_smb_port + + scroll_text .cups.f + + set msg { + CUPS Printing requires SSH be used to set up the Print service port + redirection. This will be either of the "Use SSH instead" or "Use + SSH and SSL" modes under "Options". Pure SSL tunnelling will not work. + + This method requires working CUPS software setups on both the remote + and local sides of the connection. + + (See Method #1 below for perhaps the easiest way to get applications + to print through the tunnel; it requires admin privileges however). + + You choose an actual remote CUPS port below under "Use Remote CUPS + Port:" (6631 is just our default and used in the examples below). + Note that the normal default CUPS server port is 631. + + The port you choose must be unused on the VNC server machine (n.b. no + checking is done). Print requests connecting to it are redirected to + your local machine through the SSH tunnel. Note: root permission is + needed for ports less than 1024 (this is not recommended). + + Then enter the VNC Viewer side (i.e. where you are sitting) CUPS server + under "Local CUPS Server". E.g. use "localhost:631" if there is one + on the viewer machine, or, say, "my-print-srv:631" for a nearby CUPS + print server. + + Several methods are now described for how to get applications to + print through the port redirected tunnel. + + Method #0: Create or edit the file $HOME/.cups/client.conf on the VNC + server side by putting in something like this in it: + + ServerName localhost:6631 + + based on the port you selected above. + + NOTE: For this client.conf ServerName setting to work with lp(1) + and lpr(1) CUPS 1.2 or greater is required. The cmdline option + "-h localhost:6631" can be used for older versions. For client.conf to + work in general (e.g. Openoffice, Firefox), a bugfix found in CUPS 1.2.3 + is required. Two Workarounds (Methods #1 and #2) are described below. + + After the remote VNC Connection is finished, to go back to the non-SSH + tunnelled CUPS server and either remove the client.conf file or comment + out the ServerName line. This restores the normal CUPS server for + you on the remote machine. + + Select "Manage ServerName in the $HOME/.cups/client.conf file for me" to + attempt to do this editing of the CUPS config file for you automatically. + + Method #1: If you have admin permission on the VNC Server machine you + can likely "Add a Printer" via a GUI dialog, wizard, lpadmin(8), etc. + This makes the client.conf ServerName parameter unnecessary. You will + need to tell the GUI dialog that the printer is at, e.g., localhost:6631, + and anything else needed to identify the printer (type, model, etc). + + Method #2: Restarting individual applications with the IPP_PORT + set will enable redirected printing for them, e.g.: + "env IPP_PORT=6631 firefox" + + Windows/SMB Printers: Under "Local SMB Print Server" you can set + a port redirection for a Windows (non-CUPS) SMB printer. E.g. port + 6632 -> localhost:139. If localhost:139 does not work, try IP:139, + etc. or put in the IP address manually. Then at the least you can + print using the smbspool(8) program like this: + + smbspool smb://localhost:6632/lp job user title 1 "" myfile.ps + + You could put this in a script, "myprinter". It appears on the the URI, + the number of copies ("1" above) and the file itself are important. + (XXX this might only work for Samba printers...) + + If you have root permission you can configure CUPS to know about this + printer via lpadmin(8), etc. You basically give it the smb:// URI. + + For more info see: http://www.karlrunge.com/x11vnc/#faq-cups +} + .cups.f.t insert end $msg + + if {$cups_local_server == ""} { + set cups_local_server "localhost:631" + } + if {$cups_remote_port == ""} { + set cups_remote_port "6631" + } + if {$cups_local_smb_server == ""} { + global is_windows + if {$is_windows} { + set cups_local_smb_server "IP:139" + } else { + set cups_local_smb_server "localhost:139" + } + } + if {$cups_remote_smb_port == ""} { + set cups_remote_smb_port "6632" + } + + frame .cups.serv + label .cups.serv.l -text "Local CUPS Server: " + entry .cups.serv.e -width 40 -textvariable cups_local_server + pack .cups.serv.l -side left + pack .cups.serv.e -side left -expand 1 -fill x + + frame .cups.port + label .cups.port.l -text "Use Remote CUPS Port:" + entry .cups.port.e -width 40 -textvariable cups_remote_port + pack .cups.port.l -side left + pack .cups.port.e -side left -expand 1 -fill x + + frame .cups.smbs + label .cups.smbs.l -text "Local SMB Print Server: " + entry .cups.smbs.e -width 40 -textvariable cups_local_smb_server + pack .cups.smbs.l -side left + pack .cups.smbs.e -side left -expand 1 -fill x + + frame .cups.smbp + label .cups.smbp.l -text "Use Remote SMB Print Port:" + entry .cups.smbp.e -width 40 -textvariable cups_remote_smb_port + pack .cups.smbp.l -side left + pack .cups.smbp.e -side left -expand 1 -fill x + + checkbutton .cups.cupsrc -anchor w -variable cups_manage_rcfile -text \ + "Manage ServerName in the remote \$HOME/.cups/client.conf file for me" + + button .cups.done -text "Done" -command {destroy .cups; if {$use_cups} {set_ssh}} + bind .cups <Escape> {destroy .cups; if {$use_cups} {set_ssh}} + + button .cups.guess -text "Help me decide ..." -command {} + .cups.guess configure -state disabled + + pack .cups.done .cups.guess .cups.cupsrc .cups.smbp .cups.smbs .cups.port .cups.serv -side bottom -fill x + pack .cups.f -side top -fill both -expand 1 + + center_win .cups +} + +proc sound_dialog {} { + + global is_windows + + catch {destroy .snd} + toplevel .snd + wm title .snd "ESD/ARTSD Sound Tunnelling" + + scroll_text .snd.f 80 30 + + set msg { + Sound daemon tunnelling requires SSH be used to set up the service + port redirection. This will be either of the "Use SSH instead" or "Use + SSH and SSL" modes under "Options". Pure SSL tunnelling will not work. + + This method requires working Sound daemon (e.g. ESD or ARTSD) software + setups on both the remote and local sides of the connection. + + Often this means you want to run your ENTIRE remote desktop with all + applications instructed to use the sound daemon's network port. E.g. + + esddsp -s localhost:16001 startkde + esddsp -s localhost:16001 gnome-session + + and similarly for artsdsp, etc. You put this in your ~/.xession, + or other startup file. This is non standard. If you do not want to + do this you still can direct *individual* sound applications through + the tunnel, for example "esddsp -s localhost:16001 soundapp", where + "soundapp" is some application that makes noise (say xmms or mpg123). + + Also, usually the remote Sound daemon must be killed BEFORE the SSH port + redir is established (because it is listening on the port we want to use + for the SSH redir), and, presumably, restarted when the VNC connection + finished. + + One may also want to start and kill a local sound daemon that will + play the sound received over the network on the local machine. + + You can indicate the remote and local Sound daemon commands below and + how they should be killed and/or restart. Some examples: + + esd -promiscuous -as 5 -port 16001 -tcp -bind 127.0.0.1 + artsd -n -p 7265 -F 10 -S 4096 -n -s 5 -m artsmessage -l 3 -f + + or you can leave some or all blank and kill/start them manually. + + For convenience, a Windows port of ESD is provided in the util/esound + directory, and so this might work for a Local command: + + esound\esd -promiscuous -as 5 -port 16001 -tcp -bind 127.0.0.1 + + NOTE: If you indicate "Remote Sound daemon: Kill at start." below, + then THERE WILL BE TWO SSH'S: THE FIRST ONE TO KILL THE DAEMON. + So you may need to supply TWO SSH PASSWORDS, unless you are using + something like ssh-agent(1), the Putty PW setting, etc. + + You will also need to supply the remote and local sound ports for the + SSH redirs (even though in principle the could be guessed from the + daemon commands...) For esd the default port is 16001, but you can + choose another one if you prefer. + + For "Local Sound Port" you can also supply "host:port" instead of just + a numerical port to specify non-localhost connections, e.g. to another + machine. + + For more info see: http://www.karlrunge.com/x11vnc/#faq-sound +} + .snd.f.t insert end $msg + + global sound_daemon_remote_port sound_daemon_local_port sound_daemon_local_cmd + if {$sound_daemon_remote_port == ""} { + set sound_daemon_remote_port 16001 + } + if {$sound_daemon_local_port == ""} { + set sound_daemon_local_port 16001 + } + + if {$sound_daemon_local_cmd == ""} { + global is_windows + if {$is_windows} { + set sound_daemon_local_cmd {esound\esd -promiscuous -as 5 -port %PORT -tcp -bind 127.0.0.1} + } else { + set sound_daemon_local_cmd {esd -promiscuous -as 5 -port %PORT -tcp -bind 127.0.0.1} + } + regsub {%PORT} $sound_daemon_local_cmd $sound_daemon_local_port sound_daemon_local_cmd + } + + + frame .snd.remote + label .snd.remote.l -text "Remote Sound daemon cmd: " + entry .snd.remote.e -width 40 -textvariable sound_daemon_remote_cmd + pack .snd.remote.l -side left + pack .snd.remote.e -side left -expand 1 -fill x + + frame .snd.local + label .snd.local.l -text "Local Sound daemon cmd: " + entry .snd.local.e -width 40 -textvariable sound_daemon_local_cmd + pack .snd.local.l -side left + pack .snd.local.e -side left -expand 1 -fill x + + frame .snd.rport + label .snd.rport.l -text "Remote Sound Port: " + entry .snd.rport.e -width 40 -textvariable sound_daemon_remote_port + pack .snd.rport.l -side left + pack .snd.rport.e -side left -expand 1 -fill x + + frame .snd.lport + label .snd.lport.l -text "Local Sound Port: " + entry .snd.lport.e -width 40 -textvariable sound_daemon_local_port + pack .snd.lport.l -side left + pack .snd.lport.e -side left -expand 1 -fill x + + + checkbutton .snd.sdk -anchor w -variable sound_daemon_kill -text \ + "Remote Sound daemon: Kill at start." + + checkbutton .snd.sdr -anchor w -variable sound_daemon_restart -text \ + "Remote Sound daemon: Restart at end." + + checkbutton .snd.sdsl -anchor w -variable sound_daemon_local_start -text \ + "Local Sound daemon: Run at start." + + checkbutton .snd.sdkl -anchor w -variable sound_daemon_local_kill -text \ + "Local Sound daemon: Kill at end." + + button .snd.guess -text "Help me decide ..." -command {} + .snd.guess configure -state disabled + + global is_win9x + if {$is_win9x} { + .snd.local.e configure -state disabled + .snd.local.l configure -state disabled + .snd.sdsl configure -state disabled + .snd.sdkl configure -state disabled + } + + button .snd.done -text "Done" -command {destroy .snd; if {$use_sound} {set_ssh}} + bind .snd <Escape> {destroy .snd; if {$use_sound} {set_ssh}} + + pack .snd.done .snd.guess .snd.sdkl .snd.sdsl .snd.sdr .snd.sdk .snd.lport .snd.rport \ + .snd.local .snd.remote -side bottom -fill x + pack .snd.f -side bottom -fill both -expand 1 + + center_win .snd +} + +# Share ideas. +# +# Unix: +# +# if type smbclient +# first parse smbclient -L localhost -N +# and/or smbclient -L `hostname` -N +# Get Sharenames and Servers and Domain. +# +# loop over servers, doing smbclient -L server -N +# pile this into a huge list, sep by disk and printers. +# +# WinXP: +# +# parse "NET VIEW" output similarly. +# +# Have checkbox for each disk. Set default root to /var/tmp/${USER}-mnts +# Let them change that at once and have it populate. +# +# use //hostname/share /var/tmp/runge-mnts/hostname/share +# +# +# Printers, hmmm. Can't add to remote cups list... I guess have the list +# ready for CUPS dialog to suggest which SMB servers they want to redirect +# to... + +proc get_hostname {} { + global is_windows is_win9x + set str "" + if {$is_windows} { + if {1} { + catch {set str [exec hostname]} + regsub -all {[\r]} $str "" str + } else { + catch {set str [exec net config]} + if [regexp -nocase {Computer name[ \t]+\\\\([^ \t]+)} $str mv str] { + ; + } else { + set str "" + } + } + } else { + catch {set str [exec hostname]} + } + set str [string trim $str] + return $str +} + +proc smb_list_windows {smbhost} { + global smb_local smb_local_hosts smb_this_host + global is_win9x + set dbg 0 + + set domain "" + + if {$is_win9x} { + # exec net view ... doesn't work. + set smb_this_host "unknown" + return + } + + set this_host [get_hostname] + set This_host [string toupper $this_host] + set smb_this_host $This_host + + if {$smbhost == $smb_this_host} { + catch {set out0 [exec net view]} + regsub -all {[\r]} $out0 "" out0 + foreach line [split $out0 "\n"] { + if [regexp -nocase {in workgroup ([^ \t]+)} $line mv wg] { + regsub -all {[.]} $wg "" wg + set domain $wg + } elseif [regexp {^\\\\([^ \t]+)[ \t]*(.*)} $line mv host comment] { + set smb_local($smbhost:server:$host) $comment + } + } + } + + set out1 "" + set h "\\\\$smbhost" + catch {set out1 [exec net view $h]} + regsub -all {[\r]} $out1 "" out1 + + if {$dbg} {puts "SMBHOST: $smbhost"} + + set mode "" + foreach line [split $out1 "\n"] { + if [regexp {^[ \t]*---} $line] { + continue + } + if [regexp -nocase {The command} $line] { + continue + } + if [regexp -nocase {Shared resources} $line] { + continue + } + if [regexp -nocase {^[ \t]*Share[ \t]*name} $line] { + set mode "shares" + continue + } + set line [string trim $line] + if {$line == ""} { + continue + } + if {$mode == "shares"} { + if [regexp {^([^ \t]+)[ \t]+([^ \t]+)[ \t]*(.*)$} $line mv name type comment] { + if {$dbg} { + puts "SHR: $name" + puts "---: $type" + puts "---: $comment" + } + if [regexp -nocase {^Disk$} $type] { + set smb_local($smbhost:disk:$name) $comment + } elseif [regexp -nocase {^Print} $type] { + set smb_local($smbhost:printer:$name) $comment + } + } + } + } + + set smb_local($smbhost:domain) $domain +} + +proc smb_list_unix {smbhost} { + global smb_local smb_local_hosts smb_this_host + set smbclient [in_path smbclient] + if {[in_path smbclient] == ""} { + return "" + } + set dbg 0 + + set this_host [get_hostname] + set This_host [string toupper $this_host] + set smb_this_host $This_host + + set out1 "" + catch {set out1 [exec smbclient -N -L $smbhost 2>@ stdout]} + + if {$dbg} {puts "SMBHOST: $smbhost"} + if {$smbhost == $this_host || $smbhost == $This_host} { + if {$out1 == ""} { + catch {set out1 [exec smbclient -N -L localhost 2>@ stdout]} + } + } + + set domain "" + set mode "" + foreach line [split $out1 "\n"] { + if [regexp {^[ \t]*---} $line] { + continue + } + if [regexp {Anonymous login} $line] { + continue + } + if {$domain == "" && [regexp {Domain=\[([^\]]+)\]} $line mv domain]} { + if {$dbg} {puts "DOM: $domain"} + continue + } + if [regexp {^[ \t]*Sharename} $line] { + set mode "shares" + continue + } + if [regexp {^[ \t]*Server} $line] { + set mode "server" + continue + } + if [regexp {^[ \t]*Workgroup} $line] { + set mode "workgroup" + continue + } + set line [string trim $line] + if {$mode == "shares"} { + if [regexp {^([^ \t]+)[ \t]+([^ \t]+)[ \t]*(.*)$} $line mv name type comment] { + if {$dbg} { + puts "SHR: $name" + puts "---: $type" + puts "---: $comment" + } + if [regexp -nocase {^Disk$} $type] { + set smb_local($smbhost:disk:$name) $comment + } elseif [regexp -nocase {^Printer$} $type] { + set smb_local($smbhost:printer:$name) $comment + } + } + } elseif {$mode == "server"} { + if [regexp {^([^ \t]+)[ \t]*(.*)$} $line mv host comment] { + if {$dbg} { + puts "SVR: $host" + puts "---: $comment" + } + set smb_local($smbhost:server:$host) $comment + } + } elseif {$mode == "workgroup"} { + if [regexp {^([^ \t]+)[ \t]+(.*)$} $line mv work host] { + if {$dbg} { + puts "WRK: $work" + puts "---: $host" + } + if {$host != ""} { + set smb_local($smbhost:master:$work) $host + } + } + } + } + + set smb_local($smbhost:domain) $domain +} + +proc smb_list {} { + global is_windows smb_local smb_local_hosts + global smb_host_list + + set smb_local(null) "" + + if {! [info exists smb_host_list]} { + set smb_host_list "" + } + if [info exists smb_local] { + unset smb_local + } + if [info exists smb_local_hosts] { + unset smb_local_hosts + } + + set this_host [get_hostname] + set this_host [string toupper $this_host] + if {$is_windows} { + smb_list_windows $this_host + } else { + smb_list_unix $this_host + } + set did($this_host) 1 + set keys [array names smb_local] + foreach item [split $smb_host_list] { + if {$item != ""} { + set item [string toupper $item] + lappend keys "$this_host:server:$item" + } + } + foreach key $keys { + if [regexp "^$this_host:server:(.*)\$" $key mv host] { + if {$host == ""} { + continue + } + set smb_local_hosts($host) 1 + if {! [info exists did($host)]} { + if {$is_windows} { + smb_list_windows $host + } else { + smb_list_unix $host + } + set did($host) 1 + } + } + } +} + +proc smb_check_selected {} { + global smbmount_exists smbmount_sumode + global smb_selected smb_selected_mnt smb_selected_cb smb_selected_en + + set ok 0 + if {$smbmount_exists && $smbmount_sumode != "dontknow"} { + set ok 1 + } + set state disabled + if {$ok} { + set state normal + } + + foreach cb [array names smb_selected_cb] { + catch {$cb configure -state $state} + } + foreach en [array names smb_selected_en] { + catch {$en configure -state $state} + } +} + +proc make_share_widgets {w} { + + set share_label $w.f.hl + catch {$share_label configure -text "Share Name: PROBING ..."} + update + + smb_list + + set saw_f 0 + foreach child [winfo children $w] { + if {$child == "$w.f"} { + set saw_f 1 + continue + } + catch {destroy $child} + } + + set w1 47 + set w2 44 + + if {! $saw_f} { + set wf $w.f + frame $wf + label $wf.hl -width $w1 -text "Share Name:" -anchor w + label $wf.hr -width $w2 -text " Mount Point:" -anchor w + + pack $wf.hl $wf.hr -side left -expand 1 + pack $wf -side top -fill x + + .smbwiz.f.t window create end -window $w + } + + global smb_local smb_local_hosts smb_this_host smb_selected smb_selected_mnt + global smb_selected_host smb_selected_name + global smb_selected_cb smb_selected_en + global smb_host_list + if [info exists smb_selected] {array unset smb_selected } + if [info exists smb_selected_mnt] {array unset smb_selected_mnt} + if [info exists smb_selected_cb] {array unset smb_selected_cb} + if [info exists smb_selected_en] {array unset smb_selected_en} + if [info exists smb_selected_host] {array unset smb_selected_host} + if [info exists smb_selected_name] {array unset smb_selected_name} + + set hosts [list $smb_this_host] + lappend hosts [lsort [array names smb_local_hosts]] + + set smb_host_list "" + set i 0 + + global smb_mount_prefix + set smb_mount_prefix "/var/tmp/%USER-mnts" + + foreach host [lsort [array names smb_local_hosts]] { + + if [info exists did($host)] { + continue + } + set did($host) 1 + + append smb_host_list "$host " + + foreach key [lsort [array names smb_local]] { + if [regexp {^([^:]+):([^:]+):(.*)$} $key mv host2 type name] { + if {$host2 != $host} { + continue + } + if {$type != "disk"} { + continue + } + set wf $w.f$i + frame $wf + checkbutton $wf.c -anchor w -width $w1 -variable smb_selected($i) \ + -text "//$host/$name" -relief ridge + if {! [info exists smb_selected($i)]} { + set smb_selected($i) 0 + } + + entry $wf.e -width $w2 -textvariable smb_selected_mnt($i) + set smb_selected_mnt($i) "$smb_mount_prefix/$host/$name" + + set smb_selected_host($i) $host + set smb_selected_name($i) $name + + set smb_selected_cb($wf.c) $i + set smb_selected_en($wf.e) $i + set comment $smb_local($key) + + bind $wf.c <Enter> "$share_label configure -text {Share Name: $comment}" + bind $wf.c <Leave> "$share_label configure -text {Share Name:}" + + $wf.c configure -state disabled + $wf.e configure -state disabled + + pack $wf.c $wf.e -side left -expand 1 + pack $wf -side top -fill x + incr i + } + } + } + if {$i == 0} { + global is_win9x + #.smbwiz.f.t insert end "\nNo SMB Share Hosts were found!\n" + $share_label configure -text {Share Name: No SMB Share Hosts were found!} + if {$is_win9x} { + .smbwiz.f.t insert end "\n(this feature does not work on Win9x you have have to enter them manually: //HOST/share /var/tmp/mymnt)\n" + } + } else { + $share_label configure -text "Share Name: Found $i SMB Shares" + } + smb_check_selected +} + +proc smb_help_me_decide {} { + global is_windows + global smb_local smb_local_hosts smb_this_host smb_selected smb_selected_mnt + global smb_selected_host smb_selected_name + global smb_selected_cb smb_selected_en + global smb_host_list + + catch {destroy .smbwiz} + toplevel .smbwiz + set title "SMB Filesystem Tunnelling -- Help Me Decide" + wm title .smbwiz $title + set id " " + + scroll_text .smbwiz.f 100 40 + + set msg { +For now you will have to verify the following information manually. + +You can do this by either logging into the remote machine to find the info or asking the sysadmin for it. + +} + + if {! $is_windows} { + .smbwiz.f.t configure -font {Helvetica -12 bold} + } + .smbwiz.f.t insert end $msg + + set w .smbwiz.f.t.f1 + frame $w -bd 1 -relief ridge -cursor {top_left_arrow} + + .smbwiz.f.t insert end "\n" + + .smbwiz.f.t insert end "1) Indicate the existence of the 'smbmount' command on the remote system:\n" + .smbwiz.f.t insert end "\n$id" + global smbmount_exists + set smbmount_exists 0 + + checkbutton $w.smbmount_exists -pady 1 -anchor w -variable smbmount_exists \ + -text "Yes, the 'smbmount' command exists on the remote system." \ + -command smb_check_selected + + pack $w.smbmount_exists + .smbwiz.f.t window create end -window $w + + .smbwiz.f.t insert end "\n\n\n" + + set w .smbwiz.f.t.f2 + frame $w -bd 1 -relief ridge -cursor {top_left_arrow} + + .smbwiz.f.t insert end "2) Indicate your authorization to run 'smbmount' on the remote system:\n" + .smbwiz.f.t insert end "\n$id" + global smbmount_sumode + set smbmount_sumode "dontknow" + + radiobutton $w.dk -pady 1 -anchor w -variable smbmount_sumode -value dontknow \ + -text "I do not know if I can mount SMB shares on the remote system via 'smbmount'" \ + -command smb_check_selected + pack $w.dk -side top -fill x + + radiobutton $w.su -pady 1 -anchor w -variable smbmount_sumode -value su \ + -text "I know the Password to run commands as root on the remote system via 'su'" \ + -command smb_check_selected + pack $w.su -side top -fill x + + radiobutton $w.sudo -pady 1 -anchor w -variable smbmount_sumode -value sudo \ + -text "I know the Password to run commands as root on the remote system via 'sudo'" \ + -command smb_check_selected + pack $w.sudo -side top -fill x + + radiobutton $w.ru -pady 1 -anchor w -variable smbmount_sumode -value none \ + -text "I do not need to be root on the remote system to mount SMB shares via 'smbmount'" \ + -command smb_check_selected + pack $w.ru -side top -fill x + + .smbwiz.f.t window create end -window $w + + global smb_wiz_done + set smb_wiz_done 0 + + button .smbwiz.done -text "Done" -command {set smb_wiz_done 1} + pack .smbwiz.done -side bottom -fill x + pack .smbwiz.f -side top -fill both -expand 1 + + wm protocol .smbwiz WM_DELETE_WINDOW {set smb_wiz_done 1} + center_win .smbwiz + + wm title .smbwiz "Searching for Local SMB shares..." + update + wm title .smbwiz $title + + global smb_local smb_this_host + .smbwiz.f.t insert end "\n\n\n" + + set w .smbwiz.f.t.f3 + catch {destroy $w} + frame $w -bd 1 -relief ridge -cursor {top_left_arrow} + + .smbwiz.f.t insert end "3) Select SMB shares to mount and their mount point on the remote system:\n" + .smbwiz.f.t insert end "\n${id}" + + make_share_widgets $w + + .smbwiz.f.t insert end "\n(%USER will be expanded to the username on the remote system and %HOME the home directory)\n" + + .smbwiz.f.t insert end "\n\n\n" + + .smbwiz.f.t insert end "You can change the list of Local SMB hosts to probe and the mount point prefix here:\n" + .smbwiz.f.t insert end "\n$id" + set w .smbwiz.f.t.f4 + frame $w -bd 1 -relief ridge -cursor {top_left_arrow} + set wf .smbwiz.f.t.f4.f + frame $wf + label $wf.l -text "SMB Hosts: " -anchor w + entry $wf.e -textvariable smb_host_list -width 60 + button $wf.b -text "Apply" -command {make_share_widgets .smbwiz.f.t.f3} + bind $wf.e <Return> "$wf.b invoke" + pack $wf.l $wf.e $wf.b -side left + pack $wf + pack $w + + .smbwiz.f.t window create end -window $w + + .smbwiz.f.t insert end "\n$id" + + set w .smbwiz.f.t.f5 + frame $w -bd 1 -relief ridge -cursor {top_left_arrow} + set wf .smbwiz.f.t.f5.f + frame $wf + label $wf.l -text "Mount Prefix:" -anchor w + entry $wf.e -textvariable smb_mount_prefix -width 60 + button $wf.b -text "Apply" -command {apply_mount_point_prefix .smbwiz.f.t.f5.f.e} + bind $wf.e <Return> "$wf.b invoke" + pack $wf.l $wf.e $wf.b -side left + pack $wf + pack $w + + .smbwiz.f.t window create end -window $w + + .smbwiz.f.t insert end "\n\n\n" + + .smbwiz.f.t see 1.0 + .smbwiz.f.t configure -state disabled + update + + vwait smb_wiz_done + catch {destroy .smbwiz} + + if {! $smbmount_exists || $smbmount_sumode == "dontknow"} { + tk_messageBox -type ok -icon warning -message "Sorry we couldn't help out!\n'smbmount' info on the remote system is required for SMB mounting" -title "SMB mounting -- aborting" + catch {raise .oa} + return + } + global smb_su_mode + set smb_su_mode $smbmount_sumode + + set max 0 + foreach en [array names smb_selected_en] { + set i $smb_selected_en($en) + set host $smb_selected_host($i) + set name $smb_selected_name($i) + + set len [string length "//$host/$name"] + if {$len > $max} { + set max $len + } + } + + set max [expr $max + 8] + + set strs "" + foreach en [array names smb_selected_en] { + set i $smb_selected_en($en) + if {! $smb_selected($i)} { + continue + } + set host $smb_selected_host($i) + set name $smb_selected_name($i) + set mnt $smb_selected_mnt($i) + + set share "//$host/$name" + set share [format "%-${max}s" $share] + + lappend strs "$share $mnt" + } + set text "" + foreach str [lsort $strs] { + append text "$str\n" + } + + global smb_mount_list + set smb_mount_list $text + + smb_dialog +} + +proc apply_mount_point_prefix {w} { + global smb_selected_host smb_selected_name + global smb_selected_en smb_selected_mnt + + set prefix "" + catch {set prefix [$w get]} + if {$prefix == ""} { + mesg "No mount prefix." + bell + return + } + + foreach en [array names smb_selected_en] { + set i $smb_selected_en($en) + set host $smb_selected_host($i) + set name $smb_selected_name($i) + set smb_selected_mnt($i) "$prefix/$host/$name" + } +} + +proc smb_dialog {} { + catch {destroy .smb} + toplevel .smb + wm title .smb "SMB Filesystem Tunnelling" + global smb_su_mode smb_mount_list + global use_smbmnt + + global help_font + + scroll_text .smb.f + + set msg { + Windows/Samba Filesystem mounting requires SSH be used to set up the SMB + service port redirection. This will be either of the "Use SSH instead" + or "Use SSH and SSL" modes under "Options". Pure SSL tunnelling will + not work. + + This method requires a working Samba software setup on the remote + side of the connection (VNC server) and existing Samba or Windows file + server(s) on the local side (VNC viewer). + + The smbmount(8) program MUST be installed on the remote side. + This evidently limits the mounting to Linux systems. Let us know + of similar utilities on other Unixes. Mounting onto remote Windows + machines is currently not supported (our SSH mode only works to Unix). + + Depending on how smbmount is configured you may be able to run it + as a regular user, or it may require running under su(1) or sudo(8) + (root password or user password required, respectively). You select + which one you want via the checkbuttons below. + + In addition to a possible su(1) or sudo(8) password, you may ALSO + need to supply passwords to mount each SMB share. This is an SMB passwd. + If it has no password just hit enter after the "Password:" prompt. + + The passwords are supplied when the 1st SSH connection starts up; + be prepared to respond to them. + + NOTE: USE OF SMB TUNNELLING MODE WILL REQUIRE TWO SSH'S, AND SO YOU + MAY NEED TO SUPPLY TWO LOGIN PASSWORDS UNLESS YOU ARE USING SOMETHING + LIKE ssh-agent(1) or the Putty PW setting. + %WIN + + To indicate the Windows/Samba shares to mount enter them one per line + in either one of the forms: + + //machine1/share ~/Desktop/my-mount1 + //machine2/fubar /var/tmp/my-foobar2 192.168.100.53:3456 + 1139 //machine3/baz /var/tmp/baz [...] + + The first part is the standard SMB host and share name //hostname/dir + (note this share is on the local viewer-side not on the remote end). + A leading '#' will cause the entire line to be skipped. + + The second part, e.g. /var/tmp/my-foobar2, is the directory to mount + the share on the remote (VNC Server) side. You must be able to + write to this directory. It will be created if it does not exist. + A leading character ~ will be expanded to $HOME. So will the string + %HOME. The string %USER will get expanded to the remote username. + + An optional part like 192.168.100.53:3456 is used to specify the real + hostname or IP address, and possible non-standard port, on the local + side if for some reason the //hostname is not sufficient. + + An optional leading numerical value, 1139 in the above example, indicates + which port to use on the Remote side to SSH redirect to the local side. + Otherwise a random one is tried (a unique one is needed for each SMB + server:port combination). A fixed one is preferred: choose a free + remote port. + + The standard SMB ports are 445 and 139. 139 is used by this application. + + Sometimes "localhost" will not work on Windows machines for a share + hostname, and you will have to specify a different network interface + (e.g. the machine's IP address). If you use the literal string "IP" + it will be attempted to replace it with the numerical IP address, e.g.: + + //machine1/share ~/Desktop/my-mount1 IP + + VERY IMPORTANT: Before terminating the VNC Connection, make sure no + applications are using any of the SMB shares (or shells are cd-ed + into the share). This way the shares will be automatically umounted. + Otherwise you will need to log in again, stop processes from using + the share, become root and umount the shares manually ("smbumount + /path/to/share", etc.) + + For more info see: http://www.karlrunge.com/x11vnc/#faq-smb-shares +} + + set msg2 { + To speed up moving to the next step, iconify the first SSH console + when you are done entering passwords, etc. and then click on the + main panel 'VNC Server' label. +} + + global is_windows + if {! $is_windows} { + regsub { *%WIN} $msg "" msg + } else { + set msg2 [string trim $msg2] + regsub { *%WIN} $msg " $msg2" msg + } + .smb.f.t insert end $msg + + frame .smb.r + label .smb.r.l -text "smbmount(8) auth mode:" -relief ridge + radiobutton .smb.r.none -text "None" -variable smb_su_mode -value "none" + radiobutton .smb.r.su -text "su(1)" -variable smb_su_mode -value "su" + radiobutton .smb.r.sudo -text "sudo(8)" -variable smb_su_mode -value "sudo" + + pack .smb.r.l .smb.r.none .smb.r.sudo .smb.r.su -side left -fill x + + label .smb.info -text "Supply the mounts (one per line) below:" -anchor w -relief ridge + + eval text .smb.mnts -width 80 -height 5 $help_font + .smb.mnts insert end $smb_mount_list + + #apply_bg .smb.mnts + + button .smb.guess -text "Help me decide ..." -command {destroy .smb; smb_help_me_decide} + #.smb.guess configure -state disabled + + button .smb.done -text "Done" -command {if {$use_smbmnt} {set_ssh; set smb_mount_list [.smb.mnts get 1.0 end]}; destroy .smb} + bind .smb <Escape> {if {$use_smbmnt} {set_ssh; set smb_mount_list [.smb.mnts get 1.0 end]}; destroy .smb} + + pack .smb.done .smb.guess .smb.mnts .smb.info .smb.r -side bottom -fill x + pack .smb.f -side top -fill both -expand 1 + + center_win .smb +} + +proc help_advanced_opts {} { + catch {destroy .ah} + toplevel .ah + + scroll_text_dismiss .ah.f + + center_win .ah + + wm title .ah "Advanced Opts Help" + + set msg { + These Advanced settings are experimental options that may require extra + software installed on the VNC server-side (the remote server machine) + and/or on the VNC client-side (where this gui is running). + + The Service redirection options, CUPS, ESD/ARTSD, and SMB will require + that you use SSH for tunneling so that the -R port redirection will + be enabled for each service. I.e. "Use SSH instead" or "Use SSH and SSL" + + These options may also require additional configuration to get them + to work properly. Please submit bug reports if it appears it should + be working for your setup but is not. + + Brief descriptions: + + CUPS Print tunnelling: redirect localhost:6631 (say) on the VNC + server to your local CUPS server. + + ESD/ARTSD Audio tunnelling: redirect localhost:16001 (say) on + the VNC server to your local ESD, etc. sound server. + + SMB mount tunnelling: redirect localhost:1139 (say) on the VNC + server and through that mount SMB file shares from your local + server. The remote machine must be Linux. + + Change vncviewer: specify a non-bundled VNC Viewer (e.g. + UltraVNC or RealVNC) to run instead of the bundled TightVNC Viewer. + + Extra Redirs: specify additional -L port:host:port and + -R port:host:port cmdline options for SSH to enable additional + services. + + Port Knocking: for "closed port" services, first "knock" on the + firewall ports in a certain way to open the door for SSH or SSL. + + About the CheckButtons: + + Ahem, Well...., a klunky UI: you have to toggle the CheckButton + to pull up the Dialog box a 2nd, etc. time... your settings will + still be there. +} + + .ah.f.t insert end $msg + #raise .ah +} + +proc set_viewer_path {} { + global change_vncviewer_path + set change_vncviewer_path [tk_getOpenFile] + catch {raise .chviewer} + update +} + +proc change_vncviewer_dialog {} { + global change_vncviewer change_vncviewer_path vncviewer_realvnc4 + + catch {destroy .chviewer} + toplevel .chviewer + wm title .chviewer "Change VNC Viewer" + + global help_font + eval text .chviewer.t -width 90 -height 16 $help_font + apply_bg .chviewer.t + + set msg { + To use your own VNC Viewer (i.e. one installed by you, not included in this + package), e.g. UltraVNC or RealVNC, type in the program name, or browse for + the full path to it. You can put command line arguments after the program. + + Note that due to incompatibilities with respect to command line options + there may be issues, especially if many command line options are supplied. + You can specify your own command line options below if you like (and try to + avoid setting any others in this GUI). + + If the path to the program name has any spaces it in, please surround it with + double quotes, e.g. "C:\Program Files\My Vnc Viewer\VNCVIEWER.EXE" + + Since the command line options differ between them greatly, if you know it + is of the RealVNC 4.x flavor, indicate so on the check box. +} + .chviewer.t insert end $msg + + frame .chviewer.path + label .chviewer.path.l -text "VNC Viewer:" + entry .chviewer.path.e -width 40 -textvariable change_vncviewer_path + button .chviewer.path.b -text "Browse..." -command set_viewer_path + checkbutton .chviewer.path.r -anchor w -variable vncviewer_realvnc4 -text \ + "RealVNC 4.x" + + pack .chviewer.path.l -side left + pack .chviewer.path.e -side left -expand 1 -fill x + pack .chviewer.path.b -side left + pack .chviewer.path.r -side left + + button .chviewer.done -text "Done" -command {destroy .chviewer; catch {raise .oa}} + bind .chviewer <Escape> {destroy .chviewer; catch {raise .oa}} + + pack .chviewer.t .chviewer.path .chviewer.done -side top -fill x + + center_win .chviewer + wm resizable .chviewer 1 0 + + focus .chviewer.path.e +} + +proc port_redir_dialog {} { + global additional_port_redirs additional_port_redirs_list + + catch {destroy .redirs} + toplevel .redirs + wm title .redirs "Additional Port Redirections" + + global help_font + eval text .redirs.t -width 80 -height 35 $help_font + apply_bg .redirs.t + + set msg { + Specify any additional SSH port redirections you desire for the + connection. Put as many as you want separated by spaces. These only + apply to SSH and SSH+SSL connections, they do not apply to Pure SSL + connections. + + -L port1:host:port2 will listen on port1 on the local machine (where + you are sitting) and redirect them to port2 on + "host". "host" is relative to the remote side + (VNC Server). Use "localhost" for the remote + machine itself. + + -R port1:host:port2 will listen on port1 on the remote machine + (where the VNC server is running) and redirect + them to port2 on "host". "host" is relative + to the local side (where you are sitting). + Use "localhost" for this machine. + + Perhaps you want a redir to a web server inside an intranet: + + -L 8001:web-int:80 + + Or to redir a remote port to your local SSH daemon: + + -R 5022:localhost:22 + + etc. There are many interesting possibilities. + + Sometimes, especially for Windows Shares, you cannot do a -R redir to + localhost, but need to supply the IP address of the network interface + (e.g. by default the Shares do not listen on localhost:139). As a + convenience you can do something like -R 1139:IP:139 (for any port + numbers) and the IP will be attempted to be expanded. If this fails + for some reason you will have to use the actual numerical IP address. +} + .redirs.t insert end $msg + + frame .redirs.path + label .redirs.path.l -text "Port Redirs:" + entry .redirs.path.e -width 40 -textvariable additional_port_redirs_list + + pack .redirs.path.l -side left + pack .redirs.path.e -side left -expand 1 -fill x + + button .redirs.done -text "Done" -command {destroy .redirs} + bind .redirs <Escape> {destroy .redirs} + + pack .redirs.t .redirs.path .redirs.done -side top -fill x + + center_win .redirs + wm resizable .redirs 1 0 + + focus .redirs.path.e +} + +proc find_netcat {} { + global env is_windows + + set nc "" + + if {! $is_windows} { + set nc [in_path "netcat"] + if {$nc == ""} { + set nc [in_path "nc"] + } + } else { + set try "netcat.exe" + if [file exists $try] { + set nc $try + } + } + return $nc +} + +proc pk_expand {cmd host} { + global tcl_platform + set secs [clock seconds] + set msecs [clock clicks -milliseconds] + set user $tcl_platform(user) + if [regexp {%IP} $cmd] { + set ip [guess_ip] + if {$ip == ""} { + set ip "unknown" + } + regsub -all {%IP} $cmd $ip cmd + } + if [regexp {%NAT} $cmd] { + set ip [guess_nat_ip] + regsub -all {%NAT} $cmd $ip cmd + } + regsub -all {%HOST} $cmd $host cmd + regsub -all {%USER} $cmd $user cmd + regsub -all {%SECS} $cmd $secs cmd + regsub -all {%MSECS} $cmd $msecs cmd + + return $cmd +} + +proc backtick_expand {str} { + set str0 $str + set collect "" + set count 0 + while {[regexp {^(.*)`([^`]+)`(.*)$} $str mv p1 cmd p2]} { + set out [eval exec $cmd] + set str "$p1$out$p2" + incr count + if {$count > 10} { + break + } + } + return $str +} + +proc read_from_pad {file} { + set fh "" + if {[catch {set fh [open $file "r"]}] != 0} { + return "FAIL" + } + + set accum "" + set match "" + while {[gets $fh line] > -1} { + if [regexp {^[ \t]*#} $line] { + append accum "$line\n" + } elseif [regexp {^[ \t]*$} $line] { + append accum "$line\n" + } elseif {$match == ""} { + set match $line + append accum "# $line\n" + } else { + append accum "$line\n" + } + } + + close $fh + + if {$match == ""} { + return "FAIL" + } + + if {[catch {set fh [open $file "w"]}] != 0} { + return "FAIL" + } + + puts -nonewline $fh $accum + + return $match +} + +proc do_port_knock {hp} { + global use_port_knocking port_knocking_list + global is_windows + + if {! $use_port_knocking} { + return + } + if {$port_knocking_list == ""} { + return + } + + set default_delay 0 + + set host [string trim $hp] + regsub {^.*@} $host "" host + regsub {:.*$} $host "" host + set host0 [string trim $host] + + if {$host0 == ""} { + bell + mesg "No host: $hp" + return + } + if [regexp {PAD=([^\n]+)} $port_knocking_list mv padfile] { + set tlist [read_from_pad $padfile] + set tlist [string trim $tlist] + if {$tlist == "" || $tlist == "FAIL"} { + tk_messageBox -type ok -icon error \ + -message "Failed to read entry from $padfile" \ + -title "Error: Padfile $padfile" + return + } + regsub -all {PAD=([^\n]+)} $port_knocking_list $tlist list + } else { + set list $port_knocking_list + } + + set spl ",\n\r" + if [regexp {CMD=} $list] {set spl "\n\r"} + if [regexp {CMDX=} $list] {set spl "\n\r"} + if [regexp {SEND=} $list] {set spl "\n\r"} + if [regexp {SENDX=} $list] {set spl "\n\r"} + + set i 0 + set pi 0 + + foreach line [split $list $spl] { + set line [string trim $line] + set line0 $line + + if {$line == ""} { + continue + } + if [regexp {^#} $line] { + continue + } + if [regexp {^sleep[ \t][ \t]*([0-9][0-9]*)} $line mv sl] { + mesg "sleep: $sl" + after $sl + continue + } + if [regexp {^delay[ \t][ \t]*([0-9][0-9]*)} $line mv sl] { + mesg "delay: $sl" + set default_delay $sl + continue + } + + if [regexp {^CMD=(.*)} $line mv cmd] { + mesg "CMD: $cmd" + eval exec $cmd + continue + } + if [regexp {^CMDX=(.*)} $line mv cmd] { + set cmd [pk_expand $cmd $host0] + mesg "CMDX: $cmd" + eval exec $cmd + continue + } + + if [regexp {`} $line] { + #set line [backtick_expand $line] + } + + set snd "" + if [regexp {^(.*)SEND=(.*)$} $line mv line snd] { + set line [string trim $line] + set snd [string trim $snd] + regsub -all {%NEWLINE} $snd "\n" snd + } elseif [regexp {^(.*)SENDX=(.*)$} $line mv line snd] { + set line [string trim $line] + set snd [string trim $snd] + set snd [pk_expand $snd $host0] + regsub -all {%NEWLINE} $snd "\n" snd + } + + set udp 0 + if [regexp -nocase {/udp} $line] { + set udp 1 + regsub -all -nocase {/udp} $line "" line + set line [string trim $line] + } + regsub -all -nocase {/tcp} $line "" line + set line [string trim $line] + + set delay 0 + if [regexp {^(.*)[ \t][ \t]*([0-9][0-9]*)$} $line mv first delay] { + set line [string trim $first] + } + + if {[regexp {^(.*):(.*)$} $line mv host port]} { + ; + } else { + set host $host0 + set port $line + } + set host [string trim $host] + set port [string trim $port] + + if {$host == ""} { + set host $host0 + } + + if {$port == ""} { + bell + mesg "No port: $line0" + continue + } + + set nc "" + if {$udp || $snd != ""} { + set nc [find_netcat] + if {$nc == ""} { + bell + mesg "UDP: netcat(1) not found" + after 1000 + continue + } + } + + if {$snd != ""} { + global env + set pfile "payload$pi.txt" + if {! $is_windows} { + set pfile "$env(HOME)/.$pfile" + } + set pfiles($pi) $pfile + incr pi + set fh [open $pfile "w"] + puts -nonewline $fh "$snd" + close $fh + + mesg "SEND: $host $port" + if {$is_windows} { + if {$udp} { + catch {exec $nc -d -u -w 1 "$host" "$port" < $pfile &} + } else { + catch {exec $nc -d -w 1 "$host" "$port" < $pfile &} + } + } else { + if {$udp} { + catch {exec $nc -u -w 1 "$host" "$port" < $pfile &} + } else { + catch {exec $nc -w 1 "$host" "$port" < $pfile &} + } + } + catch {after 50; file delete $pfile} + + } elseif {$udp} { + mesg "UDP: $host $port" + if {! $is_windows} { + catch {exec echo a | $nc -u -w 1 "$host" "$port" &} + } else { + set fh [open "nc_in.txt" "w"] + puts $fh "a" + close $fh + catch {exec $nc -d -u -w 1 "$host" "$port" < "nc_in.txt" &} + } + } else { + mesg "TCP: $host $port" + set s "" + set emess "" + set rc [catch {set s [socket -async $host $port]} emess] + if {$rc != 0} { + tk_messageBox -type ok -icon error -message $emess -title "Error: socket -async $host $port" + } + set socks($i) $s + # seems we have to close it immediately to avoid multiple SYN's. + # does not help on Win9x. + catch {after 30; close $s}; + incr i + } + + if {$delay == 0} { + if {$default_delay > 0} { + after $default_delay + } + } elseif {$delay > 0} { + after $delay + } + } + + if {0} { + for {set j 0} {$j < $i} {incr j} { + set $s $socks($j) + if {$s != ""} { + catch {close $s} + } + } + } + for {set j 0} {$j < $pi} {incr j} { + set f $pfiles($j) + if {$f != ""} { + if [file exists $f] { + after 100 + } + catch {file delete $f} + } + } + if {$is_windows} { + catch {file delete "nc_in.txt"} + } +} + +proc port_knocking_dialog {} { + catch {destroy .pk} + toplevel .pk + wm title .pk "Port Knocking" + global use_port_knocking port_knocking_list + + global help_font + + scroll_text .pk.f 85 + + set msg { + Port Knocking is where a network connection to a service is not provided + to just any client, but rather only to those that immediately prior to + connecting send a more or less secret pattern of connections to other + ports on the firewall. + + Somewhat like "knocking" on the door with the correct sequence before it + being opened (but not necessarily letting you in yet). It is also possible + to have a single encrypted packet (e.g. UDP) payload communicate with the + firewall instead of knocking on a sequence of ports. + + Only after the correct sequence of ports is observed by the firewall does + it allow the IP address of the client to attempt to connect to the service. + + So, for example, instead of allowing any host on the internet to connect + to your SSH service and then try to login with a username and password, the + client first must "tickle" your firewall with the correct sequence of ports. + Only then will it be allowed to connect to your SSH service at all. + + This does not replace the authentication and security of SSH, it merely + puts another layer of protection around it. E.g., suppose an exploit for + SSH was discovered, you would most likely have more time to fix/patch + the problem than if any client could directly connect to your SSH server. + + For more information http://www.portknocking.org/ and + http://www.linuxjournal.com/article/6811 + + Tip: if you just want to use the Port Knocking for an SSH shell and not + for a VNC tunnel, then specify something like "user@hostname cmd=SHELL" + (or "user@hostname cmd=PUTTY" on Windows) in the VNC Server entry box + on the main panel. This will do everything short of starting the viewer. + A shortcut for this is Ctrl-S. + + In the text area below put in the pattern of "knocks" needed for this + connection. You can separate the knocks by commas or put them one per line. + Whitespace is trimmed. + + Each "knock" is of this form: + + [host:]port[/udp] [delay] + + In the simplest form just a numerical port, e.g. 5433, is supplied. + + The packet is sent to the same host that the VNC (or SSH) connection will + be made to. If you want it to go to a different host or IP use the [host:] + prefix. It can be either a hostname or numerical IP. + + TCP is assumed by default. + + If you need to send a UDP packet, the netcat (aka "nc") program must be + installed on Unix (tcl/tk does not support udp connections). Indicate this + with "/udp" following the port number (you can also use "/tcp", but since + it is the default it is not necessary). For convenience a Windows netcat + binary is supplied. + + Because an external program must be launched for each packet udp knocking will + be somewhat slower and less reliable. ICMP (ping) is currently not supported. + + The last field is the number of milliseconds to delay before continuing. + + Examples: + + 5433,12321,1661 + + fw.example.com:5433, 12321/udp 3000,1661 2000 + + fw.example.com:5433 + 12321/udp 3000 + 1661 2000 + + + Alternate actions: If the string in the text field contains anywhere the + strings "CMD=", "CMDX=", or "SEND=", then splitting on commas is not done: + it is only split on lines. + + Then, if a line begins CMD=... the string after the = is run as an + external command. The command could be anything you want, e.g. it could + be a port-knocking client that does the knocking, perhaps encrypting the + "knocks" pattern somehow or using a Single Packet Authorization method such + as http://www.cipherdyne.com/fwknop/ + + Extra quotes (sometimes "'foo bar'") may be needed to preserve spaces in + command line arguments because the tcl/tk eval(n) command is used. You + can also use {...} for quoting strings with spaces. + + If a line begins CMDX=... then before the command is run the following + tokens are expanded to strings: + + %IP Current machine's IP address (NAT may make this not useful). + %NAT Try to get effective IP by contacting http://www.whatismyip.com + %HOST The remote host of the connection. + %USER The current user. + %SECS The current time in seconds (platform dependent). + %MSECS Platform dependent time having at least millisecond granularity. + + Lines not matching CMD= or CMDX= are treated as normal port knocks but with + one exception. If a line ends in SEND=... (i.e. after the [host:]port, + etc., part) then the string after the = is sent as a payload for the tcp + or udp connection to [host:]port. netcat is used for these SEND cases + (and must be available on Unix). If newlines (\n) are needed in the + SEND string, use %NEWLINE. Sending binary data is not yet supported; + use CMD= with your own program. + + Examples: + + CMD=port_knock_client -pass wombat33 + CMDX=port_knock_client -pass wombat33 -host %HOST -src %NAT + + fw.example.com:5433/udp SEND=ASDLFKSJDF + + More tricks: + + To temporarily "comment out" a knock, insert a leading "#" character. + + Use "sleep N" to insert a raw sleep for N milliseconds (e.g. between + CMD=... items or at the very end of the knocks to wait). + + If a knock entry matches "delay N" the default delay is set to + N milliseconds. + + One Time Pads: + + If the text contains a (presumably single) line of the form: + + PAD=/path/to/a/one/time/pad/file + + then that file is opened and the first non-blank line not beginning + with "#" is used as the knock pattern. The pad file is rewritten + with that line starting with a "#" (so it will be skipped next time). + + The PAD=... string is replaced with the read-in knock pattern line. + So, if needed, one can preface the PAD=... with "delay N" to set the + default delay, and one can also put a "sleep N" after the PAD=... + line to indicate a final sleep. One can also surround the PAD= + line with other knock and CMD= CMDX= lines, but that usage sounds + a bit rare. Example: + + delay 1000 + PAD=C:\My Pads\work-pad1.txt + sleep 4000 +} + .pk.f.t insert end $msg + + label .pk.info -text "Supply port knocking pattern:" -anchor w -relief ridge + + eval text .pk.rule -width 80 -height 5 $help_font + .pk.rule insert end $port_knocking_list + #apply_bg .pk.rule + + button .pk.done -text "Done" -command {if {$use_port_knocking} {set port_knocking_list [.pk.rule get 1.0 end]}; destroy .pk} + bind .pk <Escape> {if {$use_port_knocking} {set port_knocking_list [.pk.rule get 1.0 end]}; destroy .pk} + + pack .pk.done .pk.rule .pk.info -side bottom -fill x + pack .pk.f -side top -fill both -expand 1 + + center_win .pk +} + + +proc set_advanced_options {} { + global env + global use_cups use_sound use_smbmnt + global change_vncviewer + global use_port_knocking port_knocking_list + + catch {destroy .o} + catch {destroy .oa} + toplevel .oa + wm title .oa "Advanced options" + + set i 1 + + checkbutton .oa.b$i -anchor w -variable use_cups -text \ + "Enable CUPS Print tunnelling" \ + -command {if {$use_cups} {cups_dialog}} + incr i + + checkbutton .oa.b$i -anchor w -variable use_sound -text \ + "Enable ESD/ARTSD Audio tunnelling" \ + -command {if {$use_sound} {sound_dialog}} + incr i + + checkbutton .oa.b$i -anchor w -variable use_smbmnt -text \ + "Enable SMB mount tunnelling" \ + -command {if {$use_smbmnt} {smb_dialog}} + incr i + + + checkbutton .oa.b$i -anchor w -variable change_vncviewer -text \ + "Change VNC Viewer" \ + -command {if {$change_vncviewer} {change_vncviewer_dialog}} + incr i + + checkbutton .oa.b$i -anchor w -variable additional_port_redirs -text \ + "Additional Port Redirs" \ + -command {if {$additional_port_redirs} {port_redir_dialog}} + incr i + + checkbutton .oa.b$i -anchor w -variable use_port_knocking -text \ + "Port Knocking" \ + -command {if {$use_port_knocking} {port_knocking_dialog}} + incr i + + for {set j 1} {$j < $i} {incr j} { + pack .oa.b$j -side top -fill x + } + + frame .oa.b + button .oa.b.done -text "Done" -command {destroy .oa} + bind .oa <Escape> {destroy .oa} + button .oa.b.help -text "Help" -command help_advanced_opts + + pack .oa.b.help .oa.b.done -fill x -expand 1 -side left + + pack .oa.b -side top -fill x + + center_win .oa + wm resizable .oa 1 0 + focus .oa +} + +proc in_path {cmd} { + global env + set p $env(PATH) + foreach dir [split $p ":"] { + set try "$dir/$cmd" + if [file exists $try] { + return "$try" + } + } + return "" +} + +proc ssh_agent_restart {} { + global env + + set got_ssh_agent 0 + set got_ssh_add 0 + set got_ssh_agent2 0 + set got_ssh_add2 0 + + if [in_path "ssh-agent"] {set got_ssh_agent 1} + if [in_path "ssh-agent2"] {set got_ssh_agent2 1} + if [in_path "ssh-add"] {set got_ssh_add 1} + if [in_path "ssh-add2"] {set got_ssh_add2 1} + + set ssh_agent "" + set ssh_add "" + if {[info exists env(USER)] && $env(USER) == "runge"} { + if {$got_ssh_agent2} { + set ssh_agent "ssh-agent2" + } + if {$got_ssh_add2} { + set ssh_add "ssh-add2" + } + } + if {$ssh_agent == "" && $got_ssh_agent} { + set ssh_agent "ssh-agent" + } + if {$ssh_add == "" && $got_ssh_add} { + set ssh_add "ssh-add" + } + if {$ssh_agent == ""} { + bell + mesg "could not find ssh-agent in PATH" + return + } + if {$ssh_add == ""} { + bell + mesg "could not find ssh-add in PATH" + return + } + set tmp $env(HOME)/.vnc-sa[pid] + set fh "" + catch {set fh [open $tmp "w"]} + if {$fh == ""} { + bell + mesg "could not open tmp file $tmp" + return + } + + puts $fh "#!/bin/sh" + puts $fh "eval `$ssh_agent -s`" + puts $fh "$ssh_add" + puts $fh "SSL_VNC_GUI_CHILD=\"\"" + puts $fh "export SSL_VNC_GUI_CHILD" + + global buck_zero + set cmd $buck_zero + + if [info exists env(SSL_VNC_GUI_CMD)] { + set cmd $env(SSL_VNC_GUI_CMD) + } + #puts $fh "$cmd </dev/null 1>/dev/null 2>/dev/null &" + puts $fh "nohup $cmd &" + puts $fh "sleep 1" + puts $fh "#rm -f $tmp" + close $fh + + wm withdraw . + catch {wm withdraw .o} + catch {wm withdraw .oa} + + exec xterm -geometry +200+200 -title "Restarting with ssh-agent/ssh-add" -e sh $tmp & + after 10000 + destroy . + exit +} + +proc putty_pw_entry {mode} { + if {$mode == "check"} { + global use_sshssl use_ssh + if {$use_sshssl || $use_ssh} { + putty_pw_entry enable + } else { + putty_pw_entry disable + } + return + } + if {$mode == "disable"} { + catch {.o.pw.l configure -state disabled} + catch {.o.pw.e configure -state disabled} + } else { + catch {.o.pw.l configure -state normal} + catch {.o.pw.e configure -state normal} + } +} + +proc set_options {} { + global use_alpha use_grab use_ssh use_sshssl use_viewonly use_fullscreen use_bgr233 + global use_nojpeg use_raise_on_beep use_compresslevel use_quality + global compresslevel_text quality_text + global env is_windows + + catch {destroy .o} + toplevel .o + wm title .o "Set SSL VNC Viewer options" + + set i 1 + + checkbutton .o.b$i -anchor w -variable use_ssh -text \ + "Use SSH instead" \ + -command {if {$use_ssh} {set use_sshssl 0}; putty_pw_entry check} + incr i + + checkbutton .o.b$i -anchor w -variable use_sshssl -text \ + "Use SSH and SSL" \ + -command {if {$use_sshssl} {set use_ssh 0}; putty_pw_entry check} + set iss $i + incr i + + checkbutton .o.b$i -anchor w -variable use_viewonly -text \ + "View Only" + incr i + + checkbutton .o.b$i -anchor w -variable use_fullscreen -text \ + "Fullscreen" + incr i + + checkbutton .o.b$i -anchor w -variable use_raise_on_beep -text \ + "Raise On Beep" + incr i + + checkbutton .o.b$i -anchor w -variable use_bgr233 -text \ + "Use 8bit color (-bgr233)" + incr i + + checkbutton .o.b$i -anchor w -variable use_alpha -text \ + "Cursor alphablending (32bpp required)" + set ia $i + incr i + + checkbutton .o.b$i -anchor w -variable use_grab -text \ + "Use XGrabServer" + set ix $i + incr i + + checkbutton .o.b$i -anchor w -variable use_nojpeg -text \ + "Do not use JPEG (-nojpeg)" + incr i + + menubutton .o.b$i -anchor w -menu .o.b$i.m -textvariable compresslevel_text + set compresslevel_text "Compress Level: $use_compresslevel" + + menu .o.b$i.m -tearoff 0 + for {set j -1} {$j < 10} {incr j} { + set v $j + set l $j + if {$j == -1} { + set v "default" + set l "default" + } + .o.b$i.m add radiobutton -variable use_compresslevel \ + -value $v -label $l -command \ + {set compresslevel_text "Compress Level: $use_compresslevel"} + } + incr i + + menubutton .o.b$i -anchor w -menu .o.b$i.m -textvariable quality_text + set quality_text "Quality: $use_quality" + + menu .o.b$i.m -tearoff 0 + for {set j -1} {$j < 10} {incr j} { + set v $j + set l $j + if {$j == -1} { + set v "default" + set l "default" + } + .o.b$i.m add radiobutton -variable use_quality \ + -value $v -label $l -command \ + {set quality_text "Quality: $use_quality"} + } + incr i + + for {set j 1} {$j < $i} {incr j} { + pack .o.b$j -side top -fill x + } + + if {$is_windows} { + .o.b$ia configure -state disabled + .o.b$ix configure -state disabled + } + + if {$is_windows} { + frame .o.pw + label .o.pw.l -text "Putty PW:" + entry .o.pw.e -width 10 -show * -textvariable putty_pw + pack .o.pw.l -side left + pack .o.pw.e -side left -expand 1 -fill x + pack .o.pw -side top -fill x + putty_pw_entry check + } else { + button .o.sa -text "Use ssh-agent" -command ssh_agent_restart + pack .o.sa -side top -fill x + } + + button .o.s_prof -text "Save Profile ..." -command {save_profile; raise .o} + button .o.l_prof -text " Load Profile ..." -command {load_profile; raise .o} + button .o.advanced -text "Advanced ..." -command set_advanced_options + button .o.clear -text "Clear Options" -command set_defaults + pack .o.s_prof -side top -fill x + pack .o.l_prof -side top -fill x + pack .o.clear -side top -fill x + pack .o.advanced -side top -fill x + + frame .o.b + button .o.b.done -text "Done" -command {destroy .o} + bind .o <Escape> {destroy .o} + button .o.b.help -text "Help" -command help_opts + + pack .o.b.help .o.b.done -fill x -expand 1 -side left + + pack .o.b -side top -fill x + + center_win .o + wm resizable .o 1 0 + focus .o +} + +set is_windows 0 +set help_font "-font fixed" +if { [regexp -nocase {Windows} $tcl_platform(os)]} { + cd util + set help_font "" + set is_windows 1 +} + +if {[regexp -nocase {Windows.9} $tcl_platform(os)]} { + set is_win9x 1 +} else { + set is_win9x 0 +} + +set putty_pw "" + + +wm title . "SSL VNC Viewer" +wm resizable . 1 0 + +set_defaults +set skip_pre 0 + +set vncdisplay "" + +label .l -text "SSL TightVNC Viewer" -relief ridge +frame .f +label .f.l -text "VNC Server:" -relief ridge +entry .f.e -width 40 -textvariable vncdisplay +pack .f.l -side left +pack .f.e -side left -expand 1 -fill x +bind .f.e <Return> launch + +frame .b +button .b.help -text "Help" -command help +button .b.certs -text "Certs ..." -command getcerts +button .b.opts -text "Options ..." -command set_options +button .b.conn -text "Connect" -command launch +button .b.exit -text "Exit" -command {destroy .; exit} + + +pack .b.certs .b.opts .b.conn .b.help .b.exit -side left -expand 1 -fill x + +pack .l .f .b -side top -fill x +if {![info exists env(SSL_VNC_GUI_CHILD)] || $env(SSL_VNC_GUI_CHILD) == ""} { + center_win . +} +focus .f.e +#raise . + +global system_button_face +set system_button_face "" +foreach item [.b.help configure -bg] { + set system_button_face $item +} + +global env +if {[info exists env(SSL_VNC_GUI_CMD)]} { + set env(SSL_VNC_GUI_CHILD) 1 + bind . <Control-n> "exec $env(SSL_VNC_GUI_CMD) &" +} +bind . <Control-q> "destroy .; exit" +bind . <Shift-Escape> "destroy .; exit" +bind . <Control-s> "launch_shell_only" + +global entered_gui_top +set entered_gui_top 0 +bind . <Enter> {set entered_gui_top 1} + + +#smb_help_me_decide +update diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ssl_vncviewer b/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ssl_vncviewer new file mode 100755 index 0000000..1d7d1a7 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ssl_vncviewer @@ -0,0 +1,530 @@ +#!/bin/sh +# +# ssl_vncviewer: wrapper for vncviewer to use an stunnel SSL tunnel +# or an SSH tunnel. +# +# Copyright (c) 2006 by Karl J. Runge <runge@karlrunge.com> +# +# You must have stunnel(8) installed on the system and in your PATH +# (however, see the -ssh option below, in which case you will need ssh(1) +# installed) Note: stunnel is usually installed in an "sbin" subdirectory. +# +# You should have "x11vnc -ssl ..." or "x11vnc -stunnel ..." +# already running as the VNC server on the remote machine. +# (or use stunnel on the server side for any other VNC server) +# +# +# Usage: ssl_vncviewer [cert-args] host:display <vncviewer-args> +# +# e.g.: ssl_vncviewer snoopy:0 +# ssl_vncviewer snoopy:0 -encodings "copyrect tight zrle hextile" +# +# [cert-args] can be: +# +# -verify /path/to/cacert.pem +# -mycert /path/to/mycert.pem +# -proxy host:port +# +# -verify specifies a CA cert PEM file (or a self-signed one) for +# authenticating the VNC server. +# +# -mycert specifies this client's cert+key PEM file for the VNC server to +# authenticate this client. +# +# -proxy try host:port as a Web proxy to use the CONNECT method +# to reach the VNC server (e.g. your firewall requires a proxy). +# For the "double proxy" case use -proxy host1:port1,host2:port2 +# +# See http://www.karlrunge.com/x11vnc/#faq-ssl-ca for details on SSL +# certificates with VNC. +# +# A few other args (not related to SSL and certs): +# +# -ssh Use ssh instead of stunnel SSL. ssh(1) must be installed and you +# must be able to log into the remote machine via ssh. +# +# In this case "host:display" may be of the form "user@host:display" +# where "user@host" is used for the ssh login (see ssh(1) manpage). +# +# If -proxy is supplied it can be of the forms: "gwhost" "gwhost:port" +# "user@gwhost" or "user@gwhost:port". "gwhost" is an incoming ssh +# gateway machine (the VNC server is not running there), an ssh -L +# redir is used to "host" in "host:display" from "gwhost". Any "user@" +# part must be in the -proxy string (not in "host:display"). +# +# Under -proxy use "gwhost:port" if connecting to any ssh port +# other than the default (22). (even for the non-gateway case, +# -proxy must be used to specify a non-standard ssh port) +# +# Examples: +# +# ssl_vncviewer -ssh bob@bobs-home.net:0 +# ssl_vncviewer -ssh -sshcmd 'x11vnc -localhost' bob@bobs-home.net:0 +# +# ssl_vncviewer -ssh -proxy fred@mygate.com:2022 mymachine:0 +# ssl_vncviewer -ssh -proxy bob@bobs-home.net:2222 localhost:0 +# +# -sshcmd cmd Run "cmd" via ssh instead of the default "sleep 15" +# e.g. -sshcmd 'x11vnc -display :0 -localhost -rfbport 5900' +# +# -sshargs "args" pass "args" to the ssh process, e.g. -L/-R port redirs. +# +# -sshssl Tunnel the SSL connection thru a SSH connection. The tunnel as +# under -ssh is set up and the SSL connection goes thru it. Use +# this if you want to have and end-to-end SSL connection but must +# go thru a SSH gateway host (e.g. not the vnc server). Or use +# this if you need to tunnel additional services via -R and -L +# (see -sshargs above). +# +# ssl_vncviewer -sshssl -proxy fred@mygate.com mymachine:0 +# +# +# -alpha turn on cursor alphablending hack if you are using the +# enhanced tightvnc vncviewer. +# +# -grab turn on XGrabServer hack if you are using the enhanced tightvnc +# vncviewer (e.g. for fullscreen mode in some windowmanagers like +# fvwm that do not otherwise work in fullscreen mode) +# +# +# set VNCVIEWERCMD to whatever vncviewer command you want to use. +# +VNCIPCMD=${VNCVIEWERCMD:-vncip} +VNCVIEWERCMD=${VNCVIEWERCMD:-vncviewer} +# +# Same for STUNNEL, e.g. set it to /path/to/stunnel or stunnel4, etc. +# + + +PATH=$PATH:/usr/sbin:/usr/local/sbin:/dist/sbin; export PATH + +if [ "X$STUNNEL" = "X" ]; then + type stunnel4 > /dev/null 2>&1 + if [ $? = 0 ]; then + STUNNEL=stunnel4 + else + STUNNEL=stunnel + fi +fi + +help() { + tail +2 "$0" | sed -e '/^$/ q' +} + +gotalpha="" +use_ssh="" +use_sshssl="" +ssh_sleep=15 +ssh_cmd="sleep $ssh_sleep" +if [ "X$SSL_VNCVIEWER_SSH_CMD" != "X" ]; then + ssh_cmd="$SSL_VNCVIEWER_SSH_CMD" +fi +ssh_args="" + +# grab our cmdline options: +while [ "X$1" != "X" ] +do + case $1 in + "-verify") shift; verify="$1" + ;; + "-mycert") shift; mycert="$1" + ;; + "-proxy") shift; proxy="$1" + ;; + "-ssh") use_ssh=1 + ;; + "-sshssl") use_ssh=1 + use_sshssl=1 + ;; + "-sshcmd") shift; ssh_cmd="$1" + ;; + "-sshargs") shift; ssh_args="$1" + ;; + "-alpha") gotalpha=1 + ;; + "-grab") VNCVIEWER_GRAB_SERVER=1; export VNCVIEWER_GRAB_SERVER + ;; + "-h"*) help; exit 0 + ;; + "--h"*) help; exit 0 + ;; + *) break + ;; + esac + shift +done + +if [ "X$gotalpha" != "X1" ]; then + NO_ALPHABLEND=1 + export NO_ALPHABLEND +fi + +orig="$1" +shift + +if [ "X$use_ssh" = "X1" -a "X$use_sshssl" = "X" ]; then + if [ "X$mycert" != "X" -o "X$verify" != "X" ]; then + echo "-mycert and -verify cannot be used in -ssh mode" + exit 1 + fi +fi + +# play around with host:display port: +if echo "$orig" | grep ':' > /dev/null; then + : +else + orig="$orig:0" +fi + +host=`echo "$orig" | awk -F: '{print $1}'` +disp=`echo "$orig" | awk -F: '{print $2}'` +if [ "X$host" = "X" ]; then + host=localhost +fi +if [ $disp -lt 200 ]; then + port=`expr $disp + 5900` +else + port=$disp +fi + +# try to find an open listening port via netstat(1): +inuse="" +if uname | grep Linux > /dev/null; then + inuse=`netstat -ant | egrep 'LISTEN|WAIT|ESTABLISH|CLOSE' | awk '{print $4}' | sed 's/^.*://'` +elif uname | grep SunOS > /dev/null; then + inuse=`netstat -an -f inet -P tcp | grep LISTEN | awk '{print $1}' | sed 's/^.*\.//'` +# add others... +fi + +date_sec=`date +%S` + +findfree() { + try0=$1 + try=$try0 + use0="" + + while [ $try -lt 6000 ] + do + if [ "X$inuse" = "X" ]; then + break + fi + if echo "$inuse" | grep -w $try > /dev/null; then + : + else + use0=$try + break + fi + try=`expr $try + 1` + done + if [ "X$use0" = "X" ]; then + use0=`expr $date_sec + $try0` + fi + + echo $use0 +} + +use=`findfree 5930` + +if [ $use -ge 5900 ]; then + N=`expr $use - 5900` +else + N=$use +fi + +if echo "$0" | grep vncip > /dev/null; then + VNCVIEWERCMD="$VNCIPCMD" +fi + +if [ "X$use_ssh" = "X1" ]; then + ssh_port="22" + ssh_host="$host" + vnc_host="localhost" + ssh=${SSH:-"ssh -x"} + if [ "X$proxy" != "X" ]; then + ssh_port=`echo "$proxy" | awk -F: '{print $2}'` + if [ "X$ssh_port" = "X" ]; then + ssh_port="22" + fi + ssh_host=`echo "$proxy" | awk -F: '{print $1}'` + vnc_host="$host" + fi + echo "" + echo "Running ssh:" + sz=`echo "$ssh_cmd" | wc -c` + if [ "$sz" -gt 200 ]; then + info="..." + else + info="$ssh_cmd" + fi + + C="" + if [ "X$SSL_VNCVIEWER_USE_C" != "X" ]; then + C="-C" + fi + # the -t option actually speeds up typing response via VNC!! + if [ "X$SSL_VNCVIEWER_SSH_ONLY" != "X" ]; then + echo "$ssh -p $ssh_port -t $C $ssh_args $ssh_host \"$info\"" + echo "" + $ssh -p $ssh_port -t $C $ssh_args $ssh_host "$ssh_cmd" + exit $? + elif [ "X$SSL_VNCVIEWER_NO_F" != "X" ]; then + echo "$ssh -p $ssh_port -t $C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host \"$info\"" + echo "" + $ssh -p $ssh_port -t $C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host "$ssh_cmd" + else + echo "$ssh -f -p $ssh_port -t $C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host \"$info\"" + echo "" + $ssh -f -p $ssh_port -t $C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host "$ssh_cmd" + fi + if [ "$?" != "0" ]; then + echo "" + echo "ssh to $ssh_host failed." + exit 1 + fi + echo "" + if [ "X$ssh_cmd" = "Xsleep $ssh_sleep" ] ; then + sleep 1 + else + # let any command get started a bit. + sleep 5 + fi + echo "" + #reset + stty sane + if [ "X$use_sshssl" = "X" ]; then + echo "Running viewer:" + echo $VNCVIEWERCMD "$@" localhost:$N + echo "" + $VNCVIEWERCMD "$@" localhost:$N + + exit $? + else + use2=`findfree 5960` + host0=$host + port0=$port + host=localhost + port=$use + use=$use2 + N=`expr $use - 5900` + proxy="" + fi +fi + +# create the stunnel config file: +if [ "X$verify" != "X" ]; then + if [ -d $verify ]; then + verify="CApath = $verify" + else + verify="CAfile = $verify" + fi + verify="$verify +verify = 2" +fi +if [ "X$mycert" != "X" ]; then + cert="cert = $mycert" +fi + +mytmp() { + tf=$1 + rm -rf "$tf" || exit 1 + if [ -d "$tf" ]; then + echo "tmp file $tf still exists as a directory." + exit 1 + elif [ -L "$tf" ]; then + echo "tmp file $tf still exists as a symlink." + exit 1 + elif [ -f "$tf" ]; then + echo "tmp file $tf still exists." + exit 1 + fi + touch "$tf" || exit 1 + chmod 600 "$tf" || exit 1 +} + +if echo "$RANDOM" | grep '[^0-9]' > /dev/null; then + RANDOM=`date +%S` +fi + +pcode() { + tf=$1 + SSL_VNC_PROXY=$proxy; export SSL_VNC_PROXY + SSL_VNC_DEST="$host:$port"; export SSL_VNC_DEST + cod='#!/usr/bin/perl + +# A hack to glue stunnel to a Web proxy for client connections. + +use IO::Socket::INET; + +my ($first, $second) = split(/,/, $ENV{SSL_VNC_PROXY}); +my ($proxy_host, $proxy_port) = split(/:/, $first); +my $connect = $ENV{SSL_VNC_DEST}; + +print STDERR "\nperl script for web proxing:\n"; +print STDERR "proxy_host: $proxy_host\n"; +print STDERR "proxy_port: $proxy_port\n"; +print STDERR "proxy_connect: $connect\n"; + +my $sock = IO::Socket::INET->new( + PeerAddr => $proxy_host, + PeerPort => $proxy_port, + Proto => "tcp"); + +if (! $sock) { + unlink($0); + die "perl proxy: $!\n"; +} + +my $con = ""; +if ($second ne "") { + $con = "CONNECT $second HTTP/1.1\r\n"; + $con .= "Host: $second\r\n\r\n"; +} else { + $con = "CONNECT $connect HTTP/1.1\r\n"; + $con .= "Host: $connect\r\n\r\n"; +} + +print STDERR "proxy_request1:\n$con"; +print $sock $con; + +unlink($0); + +my $rep = ""; +while ($rep !~ /\r\n\r\n/) { + my $c = getc($sock); + print STDERR $c; + $rep .= $c; +} +if ($rep !~ m,HTTP/.* 200,) { + die "proxy error: $rep\n"; +} + +if ($second ne "") { + $con = "CONNECT $connect HTTP/1.1\r\n"; + $con .= "Host: $connect\r\n\r\n"; + print STDERR "proxy_request2:\n$con"; + + print $sock $con; + + $rep = ""; + while ($rep !~ /\r\n\r\n/) { + my $c = getc($sock); + print STDERR $c; + $rep .= $c; + } + if ($rep !~ m,HTTP/.* 200,) { + die "proxy error: $rep\n"; + } +} + +if (fork) { + print STDERR "parent\[$$] STDIN -> socket\n\n"; + xfer(STDIN, $sock); +} else { + print STDERR "child \[$$] socket -> STDOUT\n\n"; + xfer($sock, STDOUT); +} +exit; + +sub xfer { + my($in, $out) = @_; + $RIN = $WIN = $EIN = ""; + $ROUT = ""; + vec($RIN, fileno($in), 1) = 1; + vec($WIN, fileno($in), 1) = 1; + $EIN = $RIN | $WIN; + + while (1) { + my $nf = 0; + while (! $nf) { + $nf = select($ROUT=$RIN, undef, undef, undef); + } + my $len = sysread($in, $buf, 8192); + if (! defined($len)) { + next if $! =~ /^Interrupted/; + print STDERR "perl proxy\[$$]: $!\n"; + last; + } elsif ($len == 0) { + print STDERR "perl proxy\[$$]: Input is EOF.\n"; + last; + } + my $offset = 0; + my $quit = 0; + while ($len) { + my $written = syswrite($out, $buf, $len, $offset); + if (! defined $written) { + print STDERR "perl proxy\[$$]: Output is EOF. $!\n"; + $quit = 1; + last; + } + $len -= $written; + $offset += $written; + } + last if $quit; + } + close($in); + close($out); +} +' + echo "$cod" > $tf + chmod 700 $tf +} + +ptmp="" +if [ "X$proxy" != "X" ]; then + ptmp="/tmp/ssl_vncviewer${RANDOM}.$$.pl" + mytmp "$ptmp" + pcode "$ptmp" + connect="exec = $ptmp" +else + connect="connect = $host:$port" +fi + + +##debug = 7 +tmp=/tmp/ssl_vncviewer${RANDOM}.$$ +mytmp "$tmp" + +cat > "$tmp" <<END +foreground = yes +pid = +client = yes +debug = 6 +$STUNNEL_EXTRA_OPTS +$verify +$cert + +[vnc_stunnel] +accept = localhost:$use +$connect +END + +echo "" +echo "Using this stunnel configuration:" +echo "" +cat "$tmp" | uniq +echo "" +sleep 1 + +echo "" +echo "Running: stunnel" +echo "$STUNNEL $tmp" +$STUNNEL "$tmp" < /dev/tty > /dev/tty & +pid=$! +echo "" + +# pause here to let the user supply a possible passphrase for the +# mycert key: +if [ "X$mycert" != "X" ]; then + sleep 4 +fi +sleep 2 +rm -f "$tmp" + +echo "" +echo "Running viewer:" +echo $VNCVIEWERCMD "$@" localhost:$N +echo "" +$VNCVIEWERCMD "$@" localhost:$N + +kill $pid +sleep 1 diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/stunnel-server.conf b/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/stunnel-server.conf new file mode 100644 index 0000000..8e5dd50 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/stunnel-server.conf @@ -0,0 +1,34 @@ +# +# Example SSL stunnel SERVER configuration file. (e.g. for your VNC +# server on this same machine.) +# +# To use this file you may need to edit it. Then you will need +# to manually start up stunnel using it. +# (e.g. /path/to/stunnel stunnel-server.conf) +# +# This is just an example and is not used by the tools in this package. +# It is here in case you wanted to see how to add SSL support to any +# VNC server you have. +# +RNDbytes = 2048 +RNDfile = bananarand.bin +RNDoverwrite = yes +# +# Remote client certs could go here: +# CApath = /path/to/.../crt-dir +# CAfile = /path/to/.../foo.crt +# verify = 2 +# My server cert could go here: +# cert = /path/to/.../my.pem +# +[vnc] +# +# Set to local listening port number (e.g. 5901 for vnc display 1): +# so the remote viewers would connect to: yourmachine:1 +# +accept = 5901 +# +# Set to localhost:port to connect to VNC server on this same machine: +# (E.g. you run WinVNC on :0, preferably listening on localhost). +# +connect = localhost:5900 diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/build.unix b/x11vnc/misc/enhanced_tightvnc_viewer/build.unix new file mode 100755 index 0000000..9a0fc3d --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/build.unix @@ -0,0 +1,244 @@ +#!/bin/sh + +# Add useful directories to PATH: +# +PATH=$PATH:/usr/bin:/bin:/usr/local/bin:/usr/X11R6/bin:/usr/bin/X11:/usr/openwin/bin:/opt/SUNWspro/bin:/usr/sfw/bin:/usr/ccs/bin +export PATH + +# Check location: +# +thisdir=`dirname "$0"` +if [ ! -d ./bin -o ! -d src/patches ]; then + echo "You must run this script from: $thisdir" + exit 1 +fi + +# Try to find osname.arch +# +name=$UNAME +if [ "X$name" = "X" ]; then + name=`uname -sm | sed -e 's/ /./'` +fi +if [ "X$name" = "X" ]; then + echo "cannot determine platform: os.arch, e.g. Linux.i686" + echo "set \$UNAME manually and retry." + exit 1 +fi + +# Work out main destination: +# +dest=./bin/$name +if [ -d $dest ]; then + printf "$dest exists. overwrite it? [y]/n " + read x + if [ "X$x" = "Xn" ]; then + exit + fi + rm -rf $dest +fi +mkdir -p $dest || exit 1 + +# Create a tmp dir for this build: +# +tmp=./src/tmp/$name.$$ +if [ "X$TMPDIR" != "X" ]; then + tmp="$TMPDIR/$tmp" +fi +mkdir -p $tmp || exit 1 + +# Try to find some static archives of various libraries: +# +libs="$tmp/libs" +mkdir -p $libs || exit 1 +#for liba in libz.a libjpeg.a libssl.a libcrypto.a +for liba in libz.a libjpeg.a +do + for dir in /usr/lib /lib /usr/local/lib /usr/pkg/lib /usr/sfw/lib /usr/openwin/lib + do + if [ "$name" = "Linux.x86_64" -o "$name" = "Linux.ppc64" ] ; then + dir64=`echo "$dir" | sed -e 's,lib,lib64,'` + fi + try="$dir/$liba" + if [ -f $try ]; then + cp -p "$try" $libs + fi + done +done +echo "Found these static archive libraries, will try to use them..." +ls -ld $libs +ls -l $libs +echo + +have_gcc="" +if type gcc > /dev/null; then + have_gcc=1 +fi +have_cc="" +if type cc > /dev/null; then + have_cc=1 +fi + +if [ "X$have_cc" = "X" ]; then + if [ "X$have_gcc" = "X1" ]; then + cat > $tmp/cc <<END +#!/bin/sh +gcc "\$@" +END + chmod 755 $tmp/cc + PATH=$PATH:`pwd`/$tmp + type cc + type gcc + fi +fi + +if [ `uname` = "SunOS" ]; then + LDFLAGS_OS="$LDFLAGS_OS -L/usr/sfw/lib -R/usr/sfw/lib" + CPPFLAGS_OS="$CPPFLAGS_OS -I /usr/sfw/include" +elif uname | grep -i bsd > /dev/null; then + LDFLAGS_OS="$LDFLAGS_OS -L/usr/local/lib -L/usr/pkg/lib" + CPPFLAGS_OS="$CPPFLAGS_OS -I /usr/local/include -I /usr/pkg/include" +fi + +# Do tightvnc viewer: +# +tight_src=`ls -td ./src/vnc_unixsrc* | head -1` +if [ ! -d $tight_src ]; then + echo "could not locate tight vnc viewer source" + exit 1 +fi + +cp -pR "$tight_src" "$tmp/vnc_unixsrc" || exit 1 + +echo "applying tight vnc patches:" +start=`pwd` +cd $tmp; +failed=0 +for patch in ../../patches/tight* +do + if [ ! -f "$patch" ]; then + continue + fi + patch -p0 < $patch + if [ $? != 0 ]; then + failed=`expr $failed + 1` + fi +done +cd "$start" +if [ $failed != 0 ]; then + ball=src/zips/vnc_unixsrc_vncviewer.patched.tar + echo "patches failed, trying to use backup tarball:" + ls -l $ball + sleep 2 + cat $ball | (cd $tmp; tar -xvf -) +fi +echo + + +cd $tmp/vnc_unixsrc +xmkmf +make Makefiles +mv vncviewer/Makefile vncviewer/Makefile.orig +sed -e "s,EXTRA_LDOPTIONS =,EXTRA_LDOPTIONS = -L$start/$libs $LDFLAGS_OS," \ + -e "s,CCOPTIONS =,CCOPTIONS = $CPPFLAGS_OS," \ + vncviewer/Makefile.orig > vncviewer/Makefile + +if [ `uname` = "SunOS" ]; then + for d in vncviewer libvncauth vncconnect vncpasswd + do + mv $d/Makefile $d/Makefile.orig + sed -e "s,CCOPTIONS =.*\$,CCOPTIONS = $CPPFLAGS_OS," \ + $d/Makefile.orig > $d/Makefile + done +fi + +make depend +echo $PATH +make all +ls -l vncviewer/vncviewer +cd "$start" +src=$tmp/vnc_unixsrc/vncviewer/vncviewer +sync +sleep 2 +sync +strip $src +sync +sleep 2 +sync +wc $src +sum $src +sleep 2 +echo cp -p $src $dest/vncviewer +cp -p $src $dest/vncviewer || exit 1 +sleep 1 +cp -p $src $dest/vncviewer || exit 1 +ls -l $src $dest/vncviewer +$dest/vncviewer -h +ldd $dest/vncviewer +echo "" + +# Do stunnel: +# +stunnel_src=`ls -td ./src/stunnel* | head -1` +if [ ! -d $stunnel_src ]; then + echo "could not locate stunnel source" + exit 1 +fi + +cp -pR "$stunnel_src" "$tmp/stunnel" || exit 1 + +echo "applying stunnel patches:" +start=`pwd` +cd $tmp; +failed=0 +for patch in ../../patches/stunnel* +do + if [ ! -f "$patch" ]; then + continue + fi + patch -p0 < $patch + if [ $? != 0 ]; then + failed=`expr $failed + 1` + fi +done +cd "$start" +if [ $failed != 0 ]; then + ball=src/zips/stunnel.patched.tar + echo "patches failed, trying to use backup tarball:" + ls -l $ball + sleep 2 + cat $ball | (cd $tmp; tar -xvf -) +fi +echo + + +cd $tmp/stunnel +if [ `uname` = "SunOS" ]; then + cp configure configure.orig + sed -e "s,/var/ssl,/var/ssl /usr/sfw," configure.orig > configure +fi +env LDFLAGS="-L$start/$libs $LDFLAGS_OS" CPPFLAGS="$CPPFLAGS_OS" ./configure --disable-libwrap +make +ls -l src/stunnel +cd "$start" +src=$tmp/stunnel/src/stunnel +sync +sleep 2 +sync +strip $src +sync +sleep 2 +sync +wc $src +sum $src +sleep 2 +echo cp -p $src $dest/stunnel +cp -p $src $dest/stunnel || exit 1 +sleep 1 +cp -p $src $dest/stunnel || exit 1 +ls -l $src $dest/stunnel +$dest/stunnel -help +ldd $dest/stunnel +echo "" + +$dest/vncviewer -h +ldd $dest/vncviewer diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/filelist.txt b/x11vnc/misc/enhanced_tightvnc_viewer/filelist.txt new file mode 100644 index 0000000..ab5e95e --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/filelist.txt @@ -0,0 +1,280 @@ +3277703 4 drwxr-xr-x 6 runge runge 4096 Sep 13 21:28 . +3277704 4 drwxr-xr-x 7 runge runge 4096 Aug 2 10:05 ./src +3277781 4 drwxr-xr-x 2 runge runge 4096 Aug 2 10:09 ./src/zips +3277782 484 -rw-r--r-- 1 runge runge 488512 Jul 25 15:09 ./src/zips/stunnel-4.14.tar.gz +3277783 212 -rw-r--r-- 1 runge runge 209149 Jul 25 15:10 ./src/zips/tightvnc-1.3dev7_x86_viewer.zip +3277784 2136 -rw-r--r-- 1 runge runge 2182134 Jul 25 15:11 ./src/zips/tightvnc-1.3dev7_unixsrc.tar.gz +3277792 4 -rw-r--r-- 1 runge runge 753 Aug 2 10:09 ./src/zips/README +3277786 364 -rw-r--r-- 1 runge runge 368640 Jul 27 19:06 ./src/zips/vnc_unixsrc_vncviewer.patched.tar +3277787 1996 -rw-r--r-- 1 runge runge 2037760 Jul 31 23:42 ./src/zips/stunnel.patched.tar +2982849 4 drwxr-xr-x 2 runge runge 4096 Sep 10 14:37 ./src/patches +2982852 4 -rw-r--r-- 1 runge runge 3750 Feb 5 2005 ./src/patches/tight-vncviewer-alphahack.patch +2982854 4 -rw-r--r-- 1 runge runge 1143 Jul 25 15:25 ./src/patches/tight-vncviewer-fullscreen.patch +2982865 8 -rw-r--r-- 1 runge runge 7633 Jul 27 19:01 ./src/patches/tight-vncviewer-newfbsize.patch +2982955 4 -rwxr-xr-x 1 runge runge 1529 Sep 10 12:07 ./src/patches/_bundle +2982877 4 -rwxr-xr-x 1 runge runge 78 Jul 27 14:41 ./src/patches/_getpatches +2983012 4 -rw-r--r-- 1 runge runge 4072 Jul 31 22:59 ./src/patches/stunnel-maxconn.patch +2982878 4 -rwxr-xr-x 1 runge runge 117 Jul 27 19:06 ./src/patches/_vncpatchapplied +2982880 4 -rw-r--r-- 1 runge runge 223 Aug 24 10:11 ./src/patches/README +2982850 4 drwxr-xr-x 8 runge runge 4096 Jul 25 15:21 ./src/vnc_unixsrc +2982885 4 -rw-r--r-- 1 runge runge 356 Apr 30 2002 ./src/vnc_unixsrc/Imakefile +2982886 20 -rw-r--r-- 1 runge runge 18000 Jun 11 2000 ./src/vnc_unixsrc/LICENCE.TXT +2982887 12 -rw-r--r-- 1 runge runge 8341 Jul 4 2005 ./src/vnc_unixsrc/README +2982888 12 -rw-r--r-- 1 runge runge 9682 Jul 4 2005 ./src/vnc_unixsrc/tightvnc.spec +2982889 4 -rw-r--r-- 1 runge runge 486 Aug 30 2002 ./src/vnc_unixsrc/vnc-xclients.patch +2982890 4 -rwxr-xr-x 1 runge runge 2042 Mar 19 2002 ./src/vnc_unixsrc/vncinstall +2982891 16 -rwxr-xr-x 1 runge runge 15239 Jul 4 2005 ./src/vnc_unixsrc/vncserver +2982892 4 -rwxr-xr-x 1 runge runge 1726 Aug 30 2002 ./src/vnc_unixsrc/vncserver.init +2982893 4 -rw-r--r-- 1 runge runge 3070 Aug 7 2002 ./src/vnc_unixsrc/vncserver.man +4359127 4 drwxr-xr-x 2 runge runge 4096 Jul 27 16:25 ./src/vnc_unixsrc/classes +2851413 4 drwxr-xr-x 2 runge runge 4096 Jul 5 2005 ./src/vnc_unixsrc/include +2851414 44 -rw-r--r-- 1 runge runge 43296 May 27 2004 ./src/vnc_unixsrc/include/rfbproto.h +2851415 4 -rw-r--r-- 1 runge runge 1166 Jun 11 2000 ./src/vnc_unixsrc/include/vncauth.h +2851416 4 drwxr-xr-x 2 runge runge 4096 Jul 5 2005 ./src/vnc_unixsrc/libvncauth +2851417 4 -rw-r--r-- 1 runge runge 199 Apr 30 2002 ./src/vnc_unixsrc/libvncauth/Imakefile +2851418 16 -rw-r--r-- 1 runge runge 15487 Jun 11 2000 ./src/vnc_unixsrc/libvncauth/d3des.c +2851419 4 -rw-r--r-- 1 runge runge 1618 Jun 11 2000 ./src/vnc_unixsrc/libvncauth/d3des.h +2851420 8 -rw-r--r-- 1 runge runge 5879 Mar 1 2003 ./src/vnc_unixsrc/libvncauth/vncauth.c +2851421 4 drwxr-xr-x 2 runge runge 4096 Jul 5 2005 ./src/vnc_unixsrc/vncconnect +2851422 4 -rw-r--r-- 1 runge runge 163 Apr 30 2002 ./src/vnc_unixsrc/vncconnect/Imakefile +2851423 4 -rw-r--r-- 1 runge runge 1167 Nov 10 2000 ./src/vnc_unixsrc/vncconnect/vncconnect.c +2851424 4 -rw-r--r-- 1 runge runge 1083 Feb 5 2003 ./src/vnc_unixsrc/vncconnect/vncconnect.man +2851425 4 drwxr-xr-x 2 runge runge 4096 Jul 5 2005 ./src/vnc_unixsrc/vncpasswd +2851426 4 -rw-r--r-- 1 runge runge 256 Apr 30 2002 ./src/vnc_unixsrc/vncpasswd/Imakefile +2851427 8 -rw-r--r-- 1 runge runge 7681 Mar 1 2003 ./src/vnc_unixsrc/vncpasswd/vncpasswd.c +2851428 4 -rw-r--r-- 1 runge runge 3222 Mar 1 2003 ./src/vnc_unixsrc/vncpasswd/vncpasswd.man +2851429 4 drwxr-xr-x 2 runge runge 4096 Aug 3 19:10 ./src/vnc_unixsrc/vncviewer +2851430 4 -rw-r--r-- 1 runge runge 1057 Mar 12 2003 ./src/vnc_unixsrc/vncviewer/Imakefile +2851431 16 -rw-r--r-- 1 runge runge 12375 Jul 4 2005 ./src/vnc_unixsrc/vncviewer/README +2851432 4 -rw-r--r-- 1 runge runge 3198 Feb 7 2003 ./src/vnc_unixsrc/vncviewer/Vncviewer +2851433 16 -rw-r--r-- 1 runge runge 14159 Jul 4 2005 ./src/vnc_unixsrc/vncviewer/argsresources.c +2851434 8 -rw-r--r-- 1 runge runge 5362 Apr 1 2003 ./src/vnc_unixsrc/vncviewer/caps.c +2851435 4 -rw-r--r-- 1 runge runge 2074 Apr 1 2003 ./src/vnc_unixsrc/vncviewer/caps.h +2851436 16 -rw-r--r-- 1 runge runge 15568 Apr 30 2002 ./src/vnc_unixsrc/vncviewer/colour.c +2851437 4 -rw-r--r-- 1 runge runge 2295 Jun 11 2000 ./src/vnc_unixsrc/vncviewer/corre.c +2851438 16 -rw-r--r-- 1 runge runge 14504 Jan 15 2003 ./src/vnc_unixsrc/vncviewer/cursor.c +2851439 12 -rw-r--r-- 1 runge runge 11832 May 28 2004 ./src/vnc_unixsrc/vncviewer/desktop.c +2851440 4 -rw-r--r-- 1 runge runge 2621 Oct 26 2000 ./src/vnc_unixsrc/vncviewer/dialogs.c +2851441 12 -rw-r--r-- 1 runge runge 11671 Oct 9 2003 ./src/vnc_unixsrc/vncviewer/fullscreen.c +2851442 4 -rw-r--r-- 1 runge runge 3639 Jun 11 2000 ./src/vnc_unixsrc/vncviewer/hextile.c +2851443 8 -rw-r--r-- 1 runge runge 7463 Jan 16 2001 ./src/vnc_unixsrc/vncviewer/listen.c +2851444 12 -rw-r--r-- 1 runge runge 9120 Jan 15 2003 ./src/vnc_unixsrc/vncviewer/misc.c +2851445 4 -rw-r--r-- 1 runge runge 2749 Jun 11 2000 ./src/vnc_unixsrc/vncviewer/popup.c +2851446 40 -rw-r--r-- 1 runge runge 38923 Mar 11 2004 ./src/vnc_unixsrc/vncviewer/rfbproto.c +2851447 4 -rw-r--r-- 1 runge runge 2411 Jun 11 2000 ./src/vnc_unixsrc/vncviewer/rre.c +2851448 12 -rw-r--r-- 1 runge runge 9985 Mar 3 2004 ./src/vnc_unixsrc/vncviewer/selection.c +2851449 4 -rw-r--r-- 1 runge runge 2439 Jun 11 2000 ./src/vnc_unixsrc/vncviewer/shm.c +2851450 12 -rw-r--r-- 1 runge runge 9253 Jan 14 2001 ./src/vnc_unixsrc/vncviewer/sockets.c +2851451 16 -rw-r--r-- 1 runge runge 16069 Apr 30 2002 ./src/vnc_unixsrc/vncviewer/tight.c +2851452 8 -rw-r--r-- 1 runge runge 6695 Jul 31 2003 ./src/vnc_unixsrc/vncviewer/tunnel.c +2851453 4 -rw-r--r-- 1 runge runge 4040 Jan 13 2004 ./src/vnc_unixsrc/vncviewer/vncviewer.c +2851454 8 -rw-r--r-- 1 runge runge 7236 Mar 11 2004 ./src/vnc_unixsrc/vncviewer/vncviewer.h +2851455 16 -rw-r--r-- 1 runge runge 14478 Mar 11 2004 ./src/vnc_unixsrc/vncviewer/vncviewer.man +2851456 8 -rw-r--r-- 1 runge runge 4437 Jan 16 2001 ./src/vnc_unixsrc/vncviewer/zlib.c +2982894 36 -rw-r--r-- 1 runge runge 34369 Jul 5 2005 ./src/vnc_unixsrc/WhatsNew +2982895 84 -rw-r--r-- 1 runge runge 80366 Jul 5 2005 ./src/vnc_unixsrc/ChangeLog +2670933 4 drwxr-xr-x 6 runge runge 4096 Aug 2 09:03 ./src/stunnel-4.14 +3621575 4 drwxr-xr-x 2 runge runge 4096 Nov 2 2005 ./src/stunnel-4.14/auto +3621576 44 -rwxr-xr-x 1 runge runge 43609 Aug 10 2004 ./src/stunnel-4.14/auto/config.guess +3621577 32 -rwxr-xr-x 1 runge runge 31160 Aug 10 2004 ./src/stunnel-4.14/auto/config.sub +3621578 16 -rwxr-xr-x 1 runge runge 13866 Aug 10 2004 ./src/stunnel-4.14/auto/depcomp +3621579 8 -rwxr-xr-x 1 runge runge 7122 Aug 10 2004 ./src/stunnel-4.14/auto/install-sh +3621580 184 -rw-r--r-- 1 runge runge 184019 Aug 10 2004 ./src/stunnel-4.14/auto/ltmain.sh +3621581 12 -rwxr-xr-x 1 runge runge 10266 Aug 10 2004 ./src/stunnel-4.14/auto/missing +3621582 4 -rwxr-xr-x 1 runge runge 1988 Aug 10 2004 ./src/stunnel-4.14/auto/mkinstalldirs +5456722 4 drwxr-xr-x 2 runge runge 4096 Jul 31 22:47 ./src/stunnel-4.14/src +5456723 4 -rw-r--r-- 1 runge runge 1594 Oct 15 2005 ./src/stunnel-4.14/src/Makefile.am +5456724 20 -rw-r--r-- 1 runge runge 19314 Oct 25 2005 ./src/stunnel-4.14/src/Makefile.in +5456725 4 -rwxr-xr-x 1 runge runge 2954 Apr 20 2005 ./src/stunnel-4.14/src/stunnel3.in +5456727 4 -rw-r--r-- 1 runge runge 2376 Dec 31 2004 ./src/stunnel-4.14/src/env.c +5456728 8 -rw-r--r-- 1 runge runge 7878 Oct 21 2005 ./src/stunnel-4.14/src/common.h +5456775 12 -rw-r--r-- 1 runge runge 10893 Oct 27 2005 ./src/stunnel-4.14/src/prototypes.h +5456776 40 -rw-r--r-- 1 runge runge 36917 Oct 24 2005 ./src/stunnel-4.14/src/client.c +5456777 12 -rw-r--r-- 1 runge runge 9827 Sep 28 2005 ./src/stunnel-4.14/src/log.c +5456778 44 -rw-r--r-- 1 runge runge 43728 Oct 20 2005 ./src/stunnel-4.14/src/options.c +5456779 12 -rw-r--r-- 1 runge runge 9137 Apr 11 2005 ./src/stunnel-4.14/src/protocol.c +5456780 20 -rw-r--r-- 1 runge runge 19335 Oct 30 2005 ./src/stunnel-4.14/src/network.c +5456781 16 -rw-r--r-- 1 runge runge 12947 Feb 28 2005 ./src/stunnel-4.14/src/resolver.c +5456782 28 -rw-r--r-- 1 runge runge 25216 Oct 27 2005 ./src/stunnel-4.14/src/ssl.c +5456783 12 -rw-r--r-- 1 runge runge 9935 Oct 19 2005 ./src/stunnel-4.14/src/sthreads.c +5456784 16 -rw-r--r-- 1 runge runge 14074 Nov 2 2005 ./src/stunnel-4.14/src/stunnel.c +5456785 12 -rw-r--r-- 1 runge runge 8254 Jun 13 2005 ./src/stunnel-4.14/src/pty.c +5456786 32 -rw-r--r-- 1 runge runge 28682 Sep 29 2005 ./src/stunnel-4.14/src/gui.c +5456787 4 -rw-r--r-- 1 runge runge 227 Nov 5 2002 ./src/stunnel-4.14/src/resources.h +5456788 4 -rw-r--r-- 1 runge runge 1441 Oct 21 2005 ./src/stunnel-4.14/src/resources.rc +5456789 8 -rw-r--r-- 1 runge runge 4710 Jul 18 2002 ./src/stunnel-4.14/src/stunnel.ico +5456791 4 -rw-r--r-- 1 runge runge 76 Jul 18 2002 ./src/stunnel-4.14/src/make.bat +5456792 4 -rw-r--r-- 1 runge runge 1001 Oct 15 2005 ./src/stunnel-4.14/src/Makefile.w32 +3670989 4 drwxr-xr-x 2 runge runge 4096 Nov 2 2005 ./src/stunnel-4.14/tools +3670990 4 -rw-r--r-- 1 runge runge 1448 Sep 14 2005 ./src/stunnel-4.14/tools/Makefile.am +3670991 12 -rw-r--r-- 1 runge runge 12178 Oct 25 2005 ./src/stunnel-4.14/tools/Makefile.in +3670992 4 -rw-r--r-- 1 runge runge 1436 Sep 22 2005 ./src/stunnel-4.14/tools/stunnel.conf-sample.in +3670993 4 -rw-r--r-- 1 runge runge 966 Oct 25 2005 ./src/stunnel-4.14/tools/stunnel.init.in +3670994 4 -rw-r--r-- 1 runge runge 1121 Jul 18 2002 ./src/stunnel-4.14/tools/ca.html +3670995 4 -rwxr-xr-x 1 runge runge 1793 Jul 18 2002 ./src/stunnel-4.14/tools/ca.pl +3670996 4 -rw-r--r-- 1 runge runge 409 Jul 18 2002 ./src/stunnel-4.14/tools/importCA.html +3670997 4 -rwxr-xr-x 1 runge runge 105 Jul 18 2002 ./src/stunnel-4.14/tools/importCA.sh +3670998 4 -rwxr-xr-x 1 runge runge 223 Apr 23 2004 ./src/stunnel-4.14/tools/script.sh +3670999 4 -rw-r--r-- 1 runge runge 2618 Oct 21 2005 ./src/stunnel-4.14/tools/stunnel.spec +3671000 4 -rw-r--r-- 1 runge runge 2989 Jul 6 2005 ./src/stunnel-4.14/tools/stunnel.mak +3671001 4 -rw-r--r-- 1 runge runge 1175 Sep 1 2002 ./src/stunnel-4.14/tools/stunnel.cnf +3671002 4 -rw-r--r-- 1 runge runge 3285 Oct 21 2005 ./src/stunnel-4.14/tools/stunnel.nsi +3671003 4 -rw-r--r-- 1 runge runge 1148 Sep 22 2005 ./src/stunnel-4.14/tools/stunnel.conf +2670934 4 -rw-r--r-- 1 runge runge 725 Aug 12 2002 ./src/stunnel-4.14/README +2670935 12 -rw-r--r-- 1 runge runge 8824 Oct 25 2005 ./src/stunnel-4.14/configure.ac +2670936 240 -rw-r--r-- 1 runge runge 239347 Oct 25 2005 ./src/stunnel-4.14/aclocal.m4 +2670937 4 -rw-r--r-- 1 runge runge 1273 Sep 14 2005 ./src/stunnel-4.14/Makefile.am +2670938 24 -rw-r--r-- 1 runge runge 20876 Oct 25 2005 ./src/stunnel-4.14/Makefile.in +2670939 768 -rwxr-xr-x 1 runge runge 780103 Oct 25 2005 ./src/stunnel-4.14/configure +2670940 4 -rw-r--r-- 1 runge runge 99 Aug 12 2002 ./src/stunnel-4.14/AUTHORS +2670941 4 -rw-r--r-- 1 runge runge 788 Sep 13 2002 ./src/stunnel-4.14/COPYING +2670942 28 -rw-r--r-- 1 runge runge 25682 Nov 2 2005 ./src/stunnel-4.14/ChangeLog +2670943 4 -rw-r--r-- 1 runge runge 1066 Aug 10 2002 ./src/stunnel-4.14/INSTALL +2670944 4 -rw-r--r-- 1 runge runge 955 Aug 12 2002 ./src/stunnel-4.14/NEWS +2670945 4 -rw-r--r-- 1 runge runge 1461 Jul 27 2005 ./src/stunnel-4.14/TODO +2670946 4 -rw-r--r-- 1 runge runge 222 Jul 18 2002 ./src/stunnel-4.14/PORTS +2670947 4 -rw-r--r-- 1 runge runge 270 Aug 9 2004 ./src/stunnel-4.14/BUGS +2671491 20 -rw-r--r-- 1 runge runge 17982 Jul 18 2002 ./src/stunnel-4.14/COPYRIGHT.GPL +2671492 4 -rw-r--r-- 1 runge runge 199 Jul 18 2002 ./src/stunnel-4.14/CREDITS +2671493 4 -rw-r--r-- 1 runge runge 687 Jul 21 2005 ./src/stunnel-4.14/INSTALL.W32 +5653462 4 drwxr-xr-x 4 runge runge 4096 Jul 30 17:46 ./src/stunnel-4.14/doc +5653463 4 -rw-r--r-- 1 runge runge 1009 Jan 15 2005 ./src/stunnel-4.14/doc/Makefile.am +5653464 12 -rw-r--r-- 1 runge runge 12152 Oct 25 2005 ./src/stunnel-4.14/doc/Makefile.in +5653465 16 -rw-r--r-- 1 runge runge 16341 Sep 29 2005 ./src/stunnel-4.14/doc/stunnel.pod +5653466 20 -rw-r--r-- 1 runge runge 18829 Sep 29 2005 ./src/stunnel-4.14/doc/stunnel.pl.pod +5653467 20 -rw-r--r-- 1 runge runge 17798 Dec 25 2004 ./src/stunnel-4.14/doc/stunnel.fr.pod +5653468 24 -rw-r--r-- 1 runge runge 23885 Sep 29 2005 ./src/stunnel-4.14/doc/stunnel.8 +5653469 28 -rw-r--r-- 1 runge runge 26536 Sep 29 2005 ./src/stunnel-4.14/doc/stunnel.pl.8 +5653470 28 -rw-r--r-- 1 runge runge 24864 Jan 15 2005 ./src/stunnel-4.14/doc/stunnel.fr.8 +5653471 28 -rw-r--r-- 1 runge runge 26128 Sep 29 2005 ./src/stunnel-4.14/doc/stunnel.html +5653472 32 -rw-r--r-- 1 runge runge 28753 Sep 29 2005 ./src/stunnel-4.14/doc/stunnel.pl.html +5653473 28 -rw-r--r-- 1 runge runge 27205 Jan 15 2005 ./src/stunnel-4.14/doc/stunnel.fr.html +4342742 4 drwxr-xr-x 2 runge runge 4096 Jul 18 2002 ./src/stunnel-4.14/doc/en +4342743 12 -rw-r--r-- 1 runge runge 8414 Jul 18 2002 ./src/stunnel-4.14/doc/en/VNC_StunnelHOWTO.html +4342744 4 -rw-r--r-- 1 runge runge 4045 Jul 18 2002 ./src/stunnel-4.14/doc/en/transproxy.txt +4342745 4 drwxr-xr-x 2 runge runge 4096 Jul 18 2002 ./src/stunnel-4.14/doc/pl +4342746 36 -rw-r--r-- 1 runge runge 36360 Jul 18 2002 ./src/stunnel-4.14/doc/pl/tworzenie_certyfikatow.html +4342747 8 -rw-r--r-- 1 runge runge 5068 Jul 18 2002 ./src/stunnel-4.14/doc/pl/faq.stunnel-2.html +3653836 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:44 ./src/tmp +3277788 4 -rw-r--r-- 1 runge runge 301 Aug 2 10:05 ./src/README +2851457 4 drwxr-xr-x 12 runge runge 4096 Aug 29 16:32 ./bin +2261930 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:00 ./bin/Linux.i686 +2261967 196 -rwxr-xr-x 1 runge runge 193076 Jul 31 22:59 ./bin/Linux.i686/vncviewer +2261999 80 -rwxr-xr-x 1 runge runge 77148 Jul 31 23:00 ./bin/Linux.i686/stunnel +5538622 4 drwxr-xr-x 2 runge runge 4096 Sep 12 21:24 ./bin/util +5538759 12 -rwxr-xr-x 1 runge runge 12148 Sep 12 21:24 ./bin/util/ssl_vncviewer +5538760 136 -rwxr-xr-x 1 runge runge 132853 Sep 12 21:17 ./bin/util/ssl_tightvncviewer.tcl +5538641 4 -rw-r--r-- 1 runge runge 981 Aug 4 09:27 ./bin/util/stunnel-server.conf +2851794 4 -rwxr-xr-x 1 runge runge 3581 Jul 31 23:00 ./bin/ssl_tightvncviewer +2851592 4 -rwxr-xr-x 1 runge runge 3752 Jul 31 23:01 ./bin/tightvncviewer +2425590 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:30 ./bin/Linux.alpha +2425595 100 -rwxr-xr-x 1 runge runge 97504 Jul 31 23:30 ./bin/Linux.alpha/stunnel +2425596 272 -rwxr-xr-x 1 runge runge 274312 Jul 31 23:24 ./bin/Linux.alpha/vncviewer +3883808 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:24 ./bin/Linux.x86_64 +3883809 84 -rwxr-xr-x 1 runge runge 77896 Jul 31 23:24 ./bin/Linux.x86_64/stunnel +3883810 112 -rwxr-xr-x 1 runge runge 109656 Jul 31 23:23 ./bin/Linux.x86_64/vncviewer +3883811 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:27 ./bin/FreeBSD.i386 +3883812 68 -rwxr-xr-x 1 runge runge 64660 Jul 31 23:27 ./bin/FreeBSD.i386/stunnel +3883813 180 -rwxr-xr-x 1 runge runge 176796 Jul 31 23:24 ./bin/FreeBSD.i386/vncviewer +3687167 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:27 ./bin/OpenBSD.i386 +3687164 76 -rwxr-xr-x 1 runge runge 72260 Jul 31 23:27 ./bin/OpenBSD.i386/stunnel +3687165 180 -rwxr-xr-x 1 runge runge 179036 Jul 31 23:24 ./bin/OpenBSD.i386/vncviewer +4359128 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:27 ./bin/NetBSD.i386 +4359129 72 -rwxr-xr-x 1 runge runge 69064 Jul 31 23:27 ./bin/NetBSD.i386/stunnel +4359130 176 -rwxr-xr-x 1 runge runge 172624 Jul 31 23:24 ./bin/NetBSD.i386/vncviewer +2851458 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:25 ./bin/Linux.ppc64 +2851459 76 -rwxr-xr-x 1 runge runge 72856 Jul 31 23:25 ./bin/Linux.ppc64/stunnel +2851460 196 -rwxr-xr-x 1 runge runge 196112 Jul 31 23:24 ./bin/Linux.ppc64/vncviewer +3064794 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:47 ./bin/SunOS.sun4u +3064795 108 -rwxr-xr-x 1 runge runge 106260 Jul 31 23:45 ./bin/SunOS.sun4u/vncviewer +3064796 76 -rwxr-xr-x 1 runge runge 71748 Jul 31 23:47 ./bin/SunOS.sun4u/stunnel +2851711 4 -rwxr-xr-x 1 runge runge 1310 Aug 29 16:29 ./bin/ssl_vnc_gui +2851793 4 -rwxr-xr-x 1 runge runge 640 Jul 31 17:22 ./bin/.linkin +3293942 4 drwxr-xr-x 2 runge runge 4096 Aug 1 22:14 ./bin/profiles +3277791 8 -rwxr-xr-x 1 runge runge 4814 Jul 30 17:54 ./build.unix +3277785 20 -rw-r--r-- 1 runge runge 18043 Aug 1 2001 ./COPYING +3277827 8 -rw-r--r-- 1 runge runge 7222 Sep 10 16:04 ./README +5063553 4 drwxr-xr-x 3 runge runge 4096 Jul 27 16:32 ./man +5063554 4 drwxr-xr-x 2 runge runge 4096 Jul 27 16:33 ./man/man1 +5063556 16 -rw-r--r-- 1 runge runge 14478 Jul 27 16:32 ./man/man1/vncviewer.1 +5063557 24 -rw-r--r-- 1 runge runge 23885 Jul 27 16:33 ./man/man1/stunnel.1 +5538624 4 drwxr-xr-x 4 runge runge 4096 Sep 6 16:30 ./Windows +5538633 2312 -rw-r--r-- 1 runge runge 2361922 Sep 12 22:27 ./Windows/ssl_tightvncviewer.exe +5538576 4 -rw-r--r-- 1 runge runge 2149 Aug 2 09:42 ./Windows/README.txt +3293943 4 drwxr-xr-x 2 runge runge 4096 Aug 1 22:14 ./Windows/profiles +4621136 4 drwxr-xr-x 5 runge runge 4096 Sep 6 16:30 ./Windows/util +5096237 4 drwxr-xr-x 2 runge runge 4096 Sep 2 16:06 ./Windows/util/esound +5096238 148 -rw-rw-rw- 1 runge runge 146432 Jun 26 2004 ./Windows/util/esound/cygaudiofile.dll +5096239 60 -rw-rw-rw- 1 runge runge 53270 Feb 19 2003 ./Windows/util/esound/cygesd.dll +5096241 1132 -rw-rw-rw- 1 runge runge 1153417 May 26 2004 ./Windows/util/esound/cygwin1.dll +5096242 68 -rw-r--r-- 1 runge runge 65385 Feb 19 2003 ./Windows/util/esound/esd.exe +5096248 24 -rw-r--r-- 1 runge runge 21282 Feb 19 2003 ./Windows/util/esound/esdcat.exe +5096249 32 -rw-r--r-- 1 runge runge 32330 Feb 19 2003 ./Windows/util/esound/esdctl.exe +5096251 24 -rw-r--r-- 1 runge runge 21428 Feb 19 2003 ./Windows/util/esound/esdfilt.exe +5096252 24 -rw-r--r-- 1 runge runge 22643 Feb 19 2003 ./Windows/util/esound/esdloop.exe +5096253 24 -rw-r--r-- 1 runge runge 21264 Feb 19 2003 ./Windows/util/esound/esdmon.exe +5096254 28 -rw-r--r-- 1 runge runge 24835 Feb 19 2003 ./Windows/util/esound/esdplay.exe +5096255 24 -rw-r--r-- 1 runge runge 21288 Feb 19 2003 ./Windows/util/esound/esdrec.exe +5096256 28 -rw-r--r-- 1 runge runge 25151 Feb 19 2003 ./Windows/util/esound/esdsample.exe +5096258 4 -rw-r--r-- 1 runge runge 51 Sep 2 16:05 ./Windows/util/esound/example.bat +4621144 1132 -rwxr-xr-x 1 runge runge 1153024 Mar 23 2005 ./Windows/util/openssl.exe +5538626 1548 -rwxr-xr-x 1 runge runge 1578787 Mar 23 2005 ./Windows/util/libeay32.dll +5538629 624 -rwxr-xr-x 1 runge runge 632226 Mar 23 2005 ./Windows/util/libssl32.dll +4621310 128 -rw-r--r-- 1 runge runge 126976 Sep 4 10:56 ./Windows/util/pageant.exe +4621311 164 -rw-r--r-- 1 runge runge 163840 Sep 4 10:57 ./Windows/util/puttygen.exe +5538631 76 -rwxr-xr-x 1 runge runge 73728 Feb 26 2006 ./Windows/util/stunnel.exe +5538625 360 -rwxr-xr-x 1 runge runge 364544 Jul 5 2005 ./Windows/util/vncviewer.exe +4621143 260 -rw-r--r-- 1 runge runge 262144 Sep 2 21:19 ./Windows/util/plink.exe +3293944 4 drwxr-xr-x 8 runge runge 4096 Sep 5 20:57 ./Windows/util/info +3293945 4 drwxr-xr-x 2 runge runge 4096 Aug 2 09:40 ./Windows/util/info/vncviewer +5538627 20 -rw-r--r-- 1 runge runge 18340 Jul 6 2005 ./Windows/util/info/vncviewer/LICENCE.txt +5538628 4 -rw-r--r-- 1 runge runge 1238 Jul 6 2005 ./Windows/util/info/vncviewer/README.txt +3294015 4 -rw-r--r-- 1 runge runge 24 Aug 2 09:39 ./Windows/util/info/vncviewer/location.url +3294016 4 -rw-r--r-- 1 runge runge 38 Aug 2 09:39 ./Windows/util/info/vncviewer/download.url +3293947 4 drwxr-xr-x 2 runge runge 4096 Aug 2 09:38 ./Windows/util/info/stunnel +3293948 4 -rw-r--r-- 1 runge runge 99 Aug 12 2002 ./Windows/util/info/stunnel/AUTHORS +3293949 4 -rw-r--r-- 1 runge runge 788 Sep 13 2002 ./Windows/util/info/stunnel/COPYING +3293950 20 -rw-r--r-- 1 runge runge 17982 Jul 18 2002 ./Windows/util/info/stunnel/COPYRIGHT.GPL +3293951 4 -rw-r--r-- 1 runge runge 199 Jul 18 2002 ./Windows/util/info/stunnel/CREDITS +3293952 4 -rw-r--r-- 1 runge runge 687 Jul 21 2005 ./Windows/util/info/stunnel/INSTALL.W32 +3293953 4 -rw-r--r-- 1 runge runge 725 Aug 12 2002 ./Windows/util/info/stunnel/README +3293954 28 -rw-r--r-- 1 runge runge 25682 Nov 2 2005 ./Windows/util/info/stunnel/ChangeLog +3293955 4 -rw-r--r-- 1 runge runge 1066 Aug 10 2002 ./Windows/util/info/stunnel/INSTALL +3293956 4 -rw-r--r-- 1 runge runge 955 Aug 12 2002 ./Windows/util/info/stunnel/NEWS +3293958 4 -rw-r--r-- 1 runge runge 222 Jul 18 2002 ./Windows/util/info/stunnel/PORTS +3293959 4 -rw-r--r-- 1 runge runge 1461 Jul 27 2005 ./Windows/util/info/stunnel/TODO +3293960 28 -rw-r--r-- 1 runge runge 26128 Sep 29 2005 ./Windows/util/info/stunnel/stunnel.html +3293969 16 -rw-r--r-- 1 runge runge 14638 Aug 2 09:37 ./Windows/util/info/stunnel/download.html +3294011 4 -rw-r--r-- 1 runge runge 47 Aug 2 09:15 ./Windows/util/info/stunnel/download.url +3294012 24 -rw-r--r-- 1 runge runge 21815 Aug 2 09:13 ./Windows/util/info/stunnel/location.html +3294013 4 -rw-r--r-- 1 runge runge 46 Aug 2 09:13 ./Windows/util/info/stunnel/location.url +3293961 4 drwxr-xr-x 2 runge runge 4096 Aug 2 09:37 ./Windows/util/info/openssl +3293965 4 -rw-r--r-- 1 runge runge 47 Aug 2 09:15 ./Windows/util/info/openssl/download.url +3293963 4 -rw-r--r-- 1 runge runge 46 Aug 2 09:13 ./Windows/util/info/openssl/location.url +3293964 4 -rw-r--r-- 1 runge runge 3489 Nov 28 2005 ./Windows/util/info/openssl/COPYRIGHT.SSLeay +3293967 16 -rw-r--r-- 1 runge runge 14638 Aug 2 09:37 ./Windows/util/info/openssl/download.html +3293962 24 -rw-r--r-- 1 runge runge 21815 Aug 2 09:13 ./Windows/util/info/openssl/location.html +2261824 4 drwxr-xr-x 2 runge runge 4096 Aug 2 09:36 ./Windows/util/info/plink +3293966 4 -rw-r--r-- 1 runge runge 3549 Aug 2 09:35 ./Windows/util/info/plink/licence.html +3293968 4 -rw-r--r-- 1 runge runge 65 Aug 2 09:35 ./Windows/util/info/plink/licence.url +2261825 28 -rw-r--r-- 1 runge runge 24744 Aug 2 09:35 ./Windows/util/info/plink/download.html +2261826 4 -rw-r--r-- 1 runge runge 66 Aug 2 09:35 ./Windows/util/info/plink/download.url +2229126 4 drwxr-xr-x 2 runge runge 4096 Sep 3 12:09 ./Windows/util/info/esound +2229127 20 -rw-r--r-- 1 runge runge 17992 Sep 3 12:09 ./Windows/util/info/esound/COPYING +2229128 4 -rw-r--r-- 1 runge runge 40 Sep 3 12:07 ./Windows/util/info/esound/download.url +2229129 28 -rw-r--r-- 1 runge runge 25265 Sep 3 12:09 ./Windows/util/info/esound/COPYING.LIB +2229130 4 -rw-r--r-- 1 runge runge 2153 Sep 3 12:09 ./Windows/util/info/esound/AUTHORS +2229131 4 -rw-r--r-- 1 runge runge 1936 Sep 3 12:09 ./Windows/util/info/esound/README +2229132 4 -rw-r--r-- 1 runge runge 178 Sep 3 12:09 ./Windows/util/info/esound/MAINTAINERS +3113803 4 drwxr-xr-x 2 runge runge 4096 Sep 5 20:58 ./Windows/util/info/netcat +3113804 8 -rw-r--r-- 1 runge runge 6833 Dec 27 2004 ./Windows/util/info/netcat/readme.txt +3113805 20 -rw-r--r-- 1 runge runge 18009 Dec 27 2004 ./Windows/util/info/netcat/license.txt +3064790 4 drwxr-xr-x 2 runge runge 4096 Aug 2 09:40 ./Windows/util/w98 +4621137 120 -rw-r--r-- 1 runge runge 118524 Feb 26 1997 ./Windows/util/w98/kill.exe +4621138 116 -rw-r--r-- 1 runge runge 114240 Feb 26 1997 ./Windows/util/w98/tlist.exe +3064797 24 -rw-r--r-- 1 runge runge 24576 Apr 30 1998 ./Windows/util/w98/README.DOC +3064799 4 -rw-r--r-- 1 runge runge 75 Aug 2 08:56 ./Windows/util/w98/location.url +4621140 4 -rw-r--r-- 1 runge runge 981 Aug 4 09:27 ./Windows/util/stunnel-server.conf +4621142 4 -rw-r--r-- 1 runge runge 1173 Aug 4 09:27 ./Windows/util/stunnel-client.conf +4621312 64 -rw-r--r-- 1 runge runge 61440 Dec 29 2004 ./Windows/util/netcat.exe +5538607 416 -rw-r--r-- 1 runge runge 421888 Sep 6 14:14 ./Windows/util/putty.exe diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/README b/x11vnc/misc/enhanced_tightvnc_viewer/src/README new file mode 100644 index 0000000..6630db9 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/README @@ -0,0 +1,7 @@ + +In this directory we have source zip/tgz files in zip/, the patches +we created in patches/, a temporary build dir (used by build.unix) +in tmp/, and unpacked sources in vnc_unixsrc/ and stunnel-4.14/ (used +by the build.unix script). + +See the README in the directory one level up for more information. diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/README b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/README new file mode 100644 index 0000000..9451e7e --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/README @@ -0,0 +1,6 @@ +All of the patch files and scripts in this directory are + + Copyright (c) 2006 by Karl J. Runge <runge@karlrunge.com> + +and are licensed by the GPL. See the README and COPYING files two +directories up for more information. diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_bundle b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_bundle new file mode 100755 index 0000000..c2eec84 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_bundle @@ -0,0 +1,33 @@ +#!/bin/sh + +rm -rf ./src/tmp/* || exit 1 +vers=1.0.3 + +cd .. || exit 1 + +if [ -f enhanced_tightvnc_viewer-$vers.zip ]; then + mv enhanced_tightvnc_viewer-$vers.zip enhanced_tightvnc_viewer-$vers.zip~ +fi +rm -f enhanced_tightvnc_viewer_all-$vers.zip +rm -f enhanced_tightvnc_viewer-$vers.zip +zip -9 -r enhanced_tightvnc_viewer_all-$vers.zip enhanced_tightvnc_viewer +zip -9 -r enhanced_tightvnc_viewer-$vers.zip enhanced_tightvnc_viewer -x '*.zip' '*.tar.gz' +tar cvf - --exclude='*.zip' --exclude='*.tar.gz' enhanced_tightvnc_viewer | gzip -9 > enhanced_tightvnc_viewer-$vers.tar.gz +tar cvf - --exclude='*.zip' --exclude='*.tar.gz' --exclude='*.dll' --exclude='*.exe' --exclude enhanced_tightvnc_viewer/Windows/util enhanced_tightvnc_viewer | gzip -9 > enhanced_tightvnc_viewer_no_windows-$vers.tar.gz + +ls -l enhanced_tightvnc_viewer*-$vers.* + +########################################### + +rm -rf enhanced_tightvnc_viewer_windows_only-${vers}* + +cp -pR enhanced_tightvnc_viewer enhanced_tightvnc_viewer_windows_only-$vers +rm -rf enhanced_tightvnc_viewer_windows_only-$vers/{src,bin,man}/* +rm -rf enhanced_tightvnc_viewer_windows_only-$vers/bin/.linkin +cp -p enhanced_tightvnc_viewer/bin/util/ssl_tightvncviewer.tcl enhanced_tightvnc_viewer_windows_only-$vers/Windows/util + +rm -f enhanced_tightvnc_viewer_windows_only-$vers.zip +zip -9 -r enhanced_tightvnc_viewer_windows_only-$vers.zip enhanced_tightvnc_viewer_windows_only-$vers + +ls -l enhanced_tightvnc_viewer_windows_only-$vers.zip +rm -rf enhanced_tightvnc_viewer_windows_only-${vers} diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_getpatches b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_getpatches new file mode 100755 index 0000000..8fa3645 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_getpatches @@ -0,0 +1,3 @@ +#!/bin/sh + +cp -p /dist/src/apps/VNC/tight_vnc_1.3dev5/tight-vncviewer*patch . diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_vncpatchapplied b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_vncpatchapplied new file mode 100755 index 0000000..0ff1931 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_vncpatchapplied @@ -0,0 +1,6 @@ +#!/bin/sh + +make clean +rm -f *.o +cd ../.. +tar -cvf ../../zips/vnc_unixsrc_vncviewer.patched.tar vnc_unixsrc/vncviewer diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/stunnel-maxconn.patch b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/stunnel-maxconn.patch new file mode 100644 index 0000000..7067a7c --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/stunnel-maxconn.patch @@ -0,0 +1,124 @@ +diff -Naur stunnel.orig/src/client.c stunnel/src/client.c +--- stunnel.orig/src/client.c 2005-10-24 14:00:56.000000000 -0400 ++++ stunnel/src/client.c 2006-07-31 21:51:37.000000000 -0400 +@@ -126,6 +126,10 @@ + s_log(LOG_DEBUG, "%s finished (%d left)", c->opt->servname, + --num_clients); + leave_critical_section(CRIT_CLIENTS); ++ if (num_clients <= 0 && options.maxconn > 0 && num_conn >= options.maxconn) { ++ s_log(LOG_NOTICE, "client() finished: exceeded maxconn"); ++ exit(0); ++ } + #endif + free(c); + #ifdef DEBUG_STACK_SIZE +diff -Naur stunnel.orig/src/network.c stunnel/src/network.c +--- stunnel.orig/src/network.c 2005-10-30 16:35:42.000000000 -0500 ++++ stunnel/src/network.c 2006-07-31 21:53:49.000000000 -0400 +@@ -329,6 +329,10 @@ + /* no logging is possible in a signal handler */ + #ifdef USE_FORK + num_clients--; /* one client less */ ++ if (num_clients <= 0 && options.maxconn > 0 && num_conn >= options.maxconn) { ++ s_log(LOG_NOTICE, "sigchld_handler() finished: exceeded maxconn"); ++ exit(0); ++ } + #endif /* USE_FORK */ + } + #else /* __sgi */ +@@ -375,6 +379,10 @@ + if((pid=wait(&status))>0) { + num_clients--; /* one client less */ + #endif ++ if (num_clients <= 0 && options.maxconn > 0 && num_conn >= options.maxconn) { ++ s_log(LOG_NOTICE, "client_status() finished: exceeded maxconn"); ++ exit(0); ++ } + #ifdef WIFSIGNALED + if(WIFSIGNALED(status)) { + s_log(LOG_DEBUG, "Process %d terminated on signal %d (%d left)", +diff -Naur stunnel.orig/src/options.c stunnel/src/options.c +--- stunnel.orig/src/options.c 2005-10-20 03:12:07.000000000 -0400 ++++ stunnel/src/options.c 2006-07-31 22:49:57.000000000 -0400 +@@ -665,6 +665,24 @@ + break; + } + ++ /* maxconn */ ++ switch(cmd) { ++ case CMD_INIT: ++ options.maxconn=0; ++ break; ++ case CMD_EXEC: ++ if(strcasecmp(opt, "maxconn")) ++ break; ++ options.maxconn=atoi(arg); ++ return NULL; /* OK */ ++ case CMD_DEFAULT: ++ log_raw("%-15s = 0", "maxconn"); ++ break; ++ case CMD_HELP: ++ log_raw("%-15s = maximum number of accepted connections", "maxconn"); ++ break; ++ } ++ + if(cmd==CMD_EXEC) + return option_not_found; + return NULL; /* OK */ +diff -Naur stunnel.orig/src/prototypes.h stunnel/src/prototypes.h +--- stunnel.orig/src/prototypes.h 2005-10-27 05:41:28.000000000 -0400 ++++ stunnel/src/prototypes.h 2006-07-31 22:49:36.000000000 -0400 +@@ -44,6 +44,7 @@ + /**************************************** Prototypes for stunnel.c */ + + extern int num_clients; ++extern int num_conn; + + void main_initialize(char *, char *); + void main_execute(void); +@@ -113,6 +114,7 @@ + long session_timeout; + int verify_level; + int verify_use_only_my; ++ int maxconn; + long ssl_options; + + /* some global data for stunnel.c */ +diff -Naur stunnel.orig/src/stunnel.c stunnel/src/stunnel.c +--- stunnel.orig/src/stunnel.c 2005-11-02 15:18:42.000000000 -0500 ++++ stunnel/src/stunnel.c 2006-07-31 21:40:04.000000000 -0400 +@@ -53,6 +53,7 @@ + #endif + + int num_clients=0; /* Current number of clients */ ++int num_conn=0; /* Total number of connections */ + + /* Functions */ + +@@ -138,6 +139,7 @@ + } + + num_clients=0; ++ num_conn=0; + + /* bind local ports */ + for(opt=local_options.next; opt; opt=opt->next) { +@@ -222,6 +224,18 @@ + return; /* error */ + } + } ++ num_conn++; ++fprintf(stderr, "num_conn: %d\n", num_conn); ++ if (options.maxconn > 0 && num_conn > options.maxconn) { ++ s_log(LOG_WARNING, "Connection rejected: exceeded maxconn (%d>%d)", ++ num_conn, options.maxconn); ++ closesocket(s); ++ if (num_clients == 0) { ++ s_log(LOG_WARNING, "Finished via maxconn."); ++ exit(0); ++ } ++ return; ++ } + s_ntop(from_address, &addr); + s_log(LOG_DEBUG, "%s accepted FD=%d from %s", + opt->servname, s, from_address); diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/tight-vncviewer-fullscreen.patch b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/tight-vncviewer-fullscreen.patch new file mode 100644 index 0000000..97494ee --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/tight-vncviewer-fullscreen.patch @@ -0,0 +1,42 @@ +--- vnc_unixsrc.orig/vncviewer/fullscreen.c 2003-10-09 05:23:49.000000000 -0400 ++++ vnc_unixsrc/vncviewer/fullscreen.c 2004-12-26 21:21:44.000000000 -0500 +@@ -173,9 +173,15 @@ + XtVaSetValues(popup, XtNoverrideRedirect, True, NULL); + + /* Try to get the input focus. */ +- ++ ++#if 0 + XSetInputFocus(dpy, DefaultRootWindow(dpy), RevertToPointerRoot, + CurrentTime); ++#else ++ XSetInputFocus(dpy, PointerRoot, RevertToPointerRoot, ++ CurrentTime); ++#endif ++ + + /* Optionally, grab the keyboard. */ + +@@ -184,6 +190,10 @@ + GrabModeAsync, CurrentTime) != GrabSuccess) { + fprintf(stderr, "XtGrabKeyboard() failed.\n"); + } ++if (getenv("VNCVIEWER_GRAB_SERVER") != NULL) { /* runge bot of FullScreenOn */ ++ fprintf(stderr, "calling XGrabServer(dpy)\n"); ++ XGrabServer(dpy); ++} + } + + +@@ -210,6 +220,11 @@ + + appData.fullScreen = False; + ++if (getenv("VNCVIEWER_GRAB_SERVER") != NULL) { /* runge top of FullScreenOff */ ++ fprintf(stderr, "calling XUngrabServer(dpy)\n"); ++ XUngrabServer(dpy); ++} ++ + if (appData.grabKeyboard) + XtUngrabKeyboard(desktop, CurrentTime); + diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/tight-vncviewer-newfbsize.patch b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/tight-vncviewer-newfbsize.patch new file mode 100644 index 0000000..d9eb114 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/tight-vncviewer-newfbsize.patch @@ -0,0 +1,285 @@ +--- vnc_unixsrc.orig/vncviewer/desktop.c 2004-05-28 13:29:29.000000000 -0400 ++++ vnc_unixsrc/vncviewer/desktop.c 2006-07-27 11:30:01.000000000 -0400 +@@ -50,6 +50,30 @@ + }, + }; + ++void create_image() { ++ image = NULL; ++ ++#ifdef MITSHM ++ if (appData.useShm) { ++ image = CreateShmImage(); ++ if (!image) ++ appData.useShm = False; ++ } ++#endif ++ ++ if (!image) { ++ image = XCreateImage(dpy, vis, visdepth, ZPixmap, 0, NULL, ++ si.framebufferWidth, si.framebufferHeight, ++ BitmapPad(dpy), 0); ++ ++ image->data = malloc(image->bytes_per_line * image->height); ++ if (!image->data) { ++ fprintf(stderr,"malloc failed\n"); ++ exit(1); ++ } ++ } ++} ++ + + /* + * DesktopInitBeforeRealization creates the "desktop" widget and the viewport +@@ -82,30 +106,9 @@ + for (i = 0; i < 256; i++) + modifierPressed[i] = False; + +- image = NULL; +- +-#ifdef MITSHM +- if (appData.useShm) { +- image = CreateShmImage(); +- if (!image) +- appData.useShm = False; +- } +-#endif +- +- if (!image) { +- image = XCreateImage(dpy, vis, visdepth, ZPixmap, 0, NULL, +- si.framebufferWidth, si.framebufferHeight, +- BitmapPad(dpy), 0); +- +- image->data = malloc(image->bytes_per_line * image->height); +- if (!image->data) { +- fprintf(stderr,"malloc failed\n"); +- exit(1); +- } +- } ++ create_image(); + } + +- + /* + * DesktopInitAfterRealization does things which require the X windows to + * exist. It creates some GCs and sets the dot cursor. +@@ -460,3 +463,69 @@ + break; + } + } ++ ++static void reset_image(void) { ++ if (UsingShm()) { ++ ShmCleanup(); ++ } else { ++ if (image && image->data) { ++ free(image->data); ++ XDestroyImage(image); ++ image = NULL; ++ } ++ } ++ create_image(); ++ XFlush(dpy); ++} ++ ++void ReDoDesktop(void) { ++ int w, h, x, y, dw, dh; ++ ++ if (appData.fullScreen) { ++ if (image && image->data) { ++ int len; ++ int h = image->height; ++ int w = image->width; ++ len = image->bytes_per_line * image->height; ++ /* black out window first: */ ++ memset(image->data, 0, len); ++ XPutImage(dpy, XtWindow(desktop), gc, image, 0, 0, 0, 0, w, h); ++ XFlush(dpy); ++ } ++ XtResizeWidget(desktop, si.framebufferWidth, si.framebufferHeight, 0); ++ XSync(dpy, False); ++ usleep(100*1000); ++ FullScreenOn(); ++ XSync(dpy, False); ++ usleep(100*1000); ++ reset_image(); ++ return; ++ } ++ ++ dw = appData.wmDecorationWidth; ++ dh = appData.wmDecorationHeight; ++ ++ w = si.framebufferWidth; ++ h = si.framebufferHeight; ++ ++ if (w + dw >= dpyWidth) { ++ w = dpyWidth - dw; ++ } ++ if (h + dh >= dpyHeight) { ++ h = dpyHeight - dh; ++ } ++ ++ XtVaSetValues(toplevel, XtNmaxWidth, w, XtNmaxHeight, h, NULL); ++ ++ XtVaSetValues(desktop, XtNwidth, si.framebufferWidth, ++ XtNheight, si.framebufferHeight, NULL); ++ ++ x = (dpyWidth - w - dw)/2; ++ y = (dpyHeight - h - dh)/2; ++ ++ XtResizeWidget(desktop, si.framebufferWidth, si.framebufferHeight, 0); ++ ++ XtConfigureWidget(toplevel, x + dw, y + dh, w, h, 0); ++ ++ reset_image(); ++} +--- vnc_unixsrc.orig/vncviewer/fullscreen.c 2003-10-09 05:23:49.000000000 -0400 ++++ vnc_unixsrc/vncviewer/fullscreen.c 2006-07-27 14:36:06.000000000 -0400 +@@ -85,10 +85,13 @@ + Dimension oldViewportWidth, oldViewportHeight, clipWidth, clipHeight; + Position viewportX, viewportY; + ++ Bool fsAlready = appData.fullScreen, toobig = False; ++ + appData.fullScreen = True; + + if (si.framebufferWidth > dpyWidth || si.framebufferHeight > dpyHeight) { + ++ toobig = True; + XtVaSetValues(viewport, XtNforceBars, True, NULL); + XtVaGetValues(viewport, XtNwidth, &oldViewportWidth, + XtNheight, &oldViewportHeight, NULL); +@@ -129,6 +132,7 @@ + reparenting our window to the root. The window manager will get a + ReparentNotify and hopefully clean up its frame window. */ + ++if (! fsAlready) { + XtVaSetValues(toplevel, XtNoverrideRedirect, True, NULL); + + XReparentWindow(dpy, XtWindow(toplevel), DefaultRootWindow(dpy), 0, 0); +@@ -164,10 +168,22 @@ + + XtManageChild(viewport); + +- /* Now we can set "toplevel" to its proper size. */ ++} else { ++ XSync(dpy, False); ++} + ++ /* Now we can set "toplevel" to its proper size. */ + XtResizeWidget(toplevel, toplevelWidth, toplevelHeight, 0); + ++if (fsAlready) { ++ XtResizeWidget(viewport, viewportWidth, viewportHeight, 0); ++ if (! toobig) { ++ XtVaSetValues(viewport, XtNforceBars, False, NULL); ++ } ++ XMoveWindow(dpy, XtWindow(viewport), viewportX, viewportY); ++ XSync(dpy, False); ++} ++ + /* Set the popup to overrideRedirect too */ + + XtVaSetValues(popup, XtNoverrideRedirect, True, NULL); +--- vnc_unixsrc.orig/vncviewer/rfbproto.c 2004-03-11 13:14:39.000000000 -0500 ++++ vnc_unixsrc/vncviewer/rfbproto.c 2006-07-25 21:51:20.000000000 -0400 +@@ -177,6 +177,9 @@ + sig_rfbEncodingPointerPos, "Pointer position update"); + CapsAdd(encodingCaps, rfbEncodingLastRect, rfbTightVncVendor, + sig_rfbEncodingLastRect, "LastRect protocol extension"); ++ ++ CapsAdd(encodingCaps, rfbEncodingNewFBSize, rfbTightVncVendor, ++ sig_rfbEncodingNewFBSize, "New FB size protocol extension"); + } + + +@@ -729,6 +732,7 @@ + Bool requestCompressLevel = False; + Bool requestQualityLevel = False; + Bool requestLastRectEncoding = False; ++ Bool requestNewFBSizeEncoding = True; + + spf.type = rfbSetPixelFormat; + spf.format = myFormat; +@@ -806,6 +810,10 @@ + if (se->nEncodings < MAX_ENCODINGS && requestLastRectEncoding) { + encs[se->nEncodings++] = Swap32IfLE(rfbEncodingLastRect); + } ++ ++ if (se->nEncodings < MAX_ENCODINGS && requestNewFBSizeEncoding) { ++ encs[se->nEncodings++] = Swap32IfLE(rfbEncodingNewFBSize); ++ } + } + else { + if (SameMachine(rfbsock)) { +@@ -849,6 +857,7 @@ + } + + encs[se->nEncodings++] = Swap32IfLE(rfbEncodingLastRect); ++ encs[se->nEncodings++] = Swap32IfLE(rfbEncodingNewFBSize); + } + + len = sz_rfbSetEncodingsMsg + se->nEncodings * 4; +@@ -1038,6 +1047,16 @@ + } + continue; + } ++ if (rect.encoding == rfbEncodingNewFBSize) { ++ fprintf(stderr,"New Size: %dx%d at (%d, %d)\n", ++ rect.r.w, rect.r.h, rect.r.x, rect.r.y); ++ si.framebufferWidth = rect.r.w; ++ si.framebufferHeight = rect.r.h; ++ fprintf(stderr, "si: %d %d\n", si.framebufferWidth, si.framebufferHeight); ++ ReDoDesktop(); ++ ++ continue; ++ } + + if ((rect.r.x + rect.r.w > si.framebufferWidth) || + (rect.r.y + rect.r.h > si.framebufferHeight)) +--- vnc_unixsrc.orig/vncviewer/shm.c 2000-06-11 08:00:53.000000000 -0400 ++++ vnc_unixsrc/vncviewer/shm.c 2006-07-26 23:30:42.000000000 -0400 +@@ -41,6 +41,10 @@ + } + } + ++Bool UsingShm() { ++ return needShmCleanup; ++} ++ + static int + ShmCreationXErrorHandler(Display *dpy, XErrorEvent *error) + { +--- vnc_unixsrc.orig/vncviewer/vncviewer.h 2004-03-11 13:14:40.000000000 -0500 ++++ vnc_unixsrc/vncviewer/vncviewer.h 2006-07-26 23:31:25.000000000 -0400 +@@ -162,6 +162,8 @@ + extern void CopyDataToScreen(char *buf, int x, int y, int width, int height); + extern void SynchroniseScreen(); + ++extern void ReDoDesktop(); ++ + /* dialogs.c */ + + extern void ServerDialogDone(Widget w, XEvent *event, String *params, +@@ -243,6 +245,7 @@ + + extern XImage *CreateShmImage(); + extern void ShmCleanup(); ++extern Bool UsingShm(); + + /* sockets.c */ + +--- vnc_unixsrc.orig/vncviewer/vncviewer.c 2004-01-13 09:22:05.000000000 -0500 ++++ vnc_unixsrc/vncviewer/vncviewer.c 2006-07-27 19:00:25.000000000 -0400 +@@ -57,6 +57,11 @@ + } + } + ++ if (argc > 1 && strstr(argv[1], "-h") == argv[1]) { ++ usage(); ++ return 0; ++ } ++ + /* Call the main Xt initialisation function. It parses command-line options, + generating appropriate resource specs, and makes a connection to the X + display. */ diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/zips/README b/x11vnc/misc/enhanced_tightvnc_viewer/src/zips/README new file mode 100644 index 0000000..776d4bf --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/zips/README @@ -0,0 +1,15 @@ +This is where we keep the 3rd party source zip and tar.gz files used +to build this package. + +www.stunnel.org source 488512 Jul 25 15:09 stunnel-4.14.tar.gz +www.tightvnc.com source 2182134 Jul 25 15:11 tightvnc-1.3dev7_unixsrc.tar.gz +www.tightvnc.com windows + standalone viewer binary: 209149 Jul 25 15:10 tightvnc-1.3dev7_x86_viewer.zip + +To save space they may not be included in the package you downloaded. +The should be included in the "enhanced_tightvnc_viewer_all-<version>.zip" file. +Go to the websites indicated above or contact me if you cannot find them. + +The stunnel.patched.tar vnc_unixsrc_vncviewer.patched.tar +files are tarballs of the original sources above with patches applied +(used by build.unix script when patching fails). |