summaryrefslogtreecommitdiffstats
path: root/x11vnc/sslhelper.c
diff options
context:
space:
mode:
Diffstat (limited to 'x11vnc/sslhelper.c')
-rw-r--r--x11vnc/sslhelper.c36
1 files changed, 24 insertions, 12 deletions
diff --git a/x11vnc/sslhelper.c b/x11vnc/sslhelper.c
index 0cb120c..a363eee 100644
--- a/x11vnc/sslhelper.c
+++ b/x11vnc/sslhelper.c
@@ -1923,6 +1923,8 @@ static void pr_ssl_info(int verb) {
static void ssl_timeout (int sig) {
int i;
rfbLog("sig: %d, ssl_init[%d] timed out.\n", sig, getpid());
+ rfbLog("To increase the SSL initialization timeout use, e.g.:\n");
+ rfbLog(" -env SSL_INIT_TIMEOUT=120 (for 120 seconds)\n");
for (i=0; i < 256; i++) {
close(i);
}
@@ -1944,10 +1946,17 @@ static int ssl_init(int s_in, int s_out, int skip_vnc_tls, double last_https) {
if (getenv("SSL_DEBUG")) {
db = atoi(getenv("SSL_DEBUG"));
}
+ usleep(100 * 1000);
if (getenv("SSL_INIT_TIMEOUT")) {
timeout = atoi(getenv("SSL_INIT_TIMEOUT"));
+ } else if (client_connect != NULL && strstr(client_connect, "repeater")) {
+ rfbLog("SSL: ssl_init[%d]: detected 'repeater' in connect string.\n", getpid());
+ rfbLog("SSL: setting timeout to 1 hour: -env SSL_INIT_TIMEOUT=3600\n");
+ rfbLog("SSL: use that option to set a different timeout value,\n");
+ rfbLog("SSL: however note that with Windows UltraVNC repeater it\n");
+ rfbLog("SSL: may timeout before your setting due to other reasons.\n");
+ timeout = 3600;
}
- if (db) fprintf(stderr, "ssl_init: %d/%d\n", s_in, s_out);
if (skip_vnc_tls) {
rfbLog("SSL: ssl_helper[%d]: HTTPS mode, skipping check_vnc_tls_mode()\n",
@@ -1955,6 +1964,8 @@ static int ssl_init(int s_in, int s_out, int skip_vnc_tls, double last_https) {
} else if (!check_vnc_tls_mode(s_in, s_out, last_https)) {
return 0;
}
+ rfbLog("SSL: ssl_init[%d]: %d/%d initialization timeout: %d secs.\n",
+ getpid(), s_in, s_out, timeout);
ssl = SSL_new(ctx);
if (ssl == NULL) {
@@ -2026,32 +2037,32 @@ static int ssl_init(int s_in, int s_out, int skip_vnc_tls, double last_https) {
} else if (err == SSL_ERROR_WANT_READ) {
if (db) fprintf(stderr, "got SSL_ERROR_WANT_READ\n");
- rfbLog("SSL: ssl_helper[%d]: SSL_accept() failed for: %s:%d\n",
- getpid(), name, peerport);
+ rfbLog("SSL: ssl_helper[%d]: %s() failed for: %s:%d 1\n",
+ getpid(), ssl_client_mode ? "SSL_connect" : "SSL_accept", name, peerport);
pr_ssl_info(1);
return 0;
} else if (err == SSL_ERROR_WANT_WRITE) {
if (db) fprintf(stderr, "got SSL_ERROR_WANT_WRITE\n");
- rfbLog("SSL: ssl_helper[%d]: SSL_accept() failed for: %s:%d\n",
- getpid(), name, peerport);
+ rfbLog("SSL: ssl_helper[%d]: %s() failed for: %s:%d 2\n",
+ getpid(), ssl_client_mode ? "SSL_connect" : "SSL_accept", name, peerport);
pr_ssl_info(1);
return 0;
} else if (err == SSL_ERROR_SYSCALL) {
if (db) fprintf(stderr, "got SSL_ERROR_SYSCALL\n");
- rfbLog("SSL: ssl_helper[%d]: SSL_accept() failed for: %s:%d\n",
- getpid(), name, peerport);
+ rfbLog("SSL: ssl_helper[%d]: %s() failed for: %s:%d 3\n",
+ getpid(), ssl_client_mode ? "SSL_connect" : "SSL_accept", name, peerport);
pr_ssl_info(1);
return 0;
} else if (err == SSL_ERROR_ZERO_RETURN) {
if (db) fprintf(stderr, "got SSL_ERROR_ZERO_RETURN\n");
- rfbLog("SSL: ssl_helper[%d]: SSL_accept() failed for: %s:%d\n",
- getpid(), name, peerport);
+ rfbLog("SSL: ssl_helper[%d]: %s() failed for: %s:%d 4\n",
+ getpid(), ssl_client_mode ? "SSL_connect" : "SSL_accept", name, peerport);
pr_ssl_info(1);
return 0;
@@ -2059,7 +2070,8 @@ static int ssl_init(int s_in, int s_out, int skip_vnc_tls, double last_https) {
unsigned long err;
int cnt = 0;
- rfbLog("SSL: ssl_helper[%d]: SSL_accept() *FATAL: %d SSL FAILED\n", getpid(), rc);
+ rfbLog("SSL: ssl_helper[%d]: %s() *FATAL: %d SSL FAILED\n",
+ getpid(), ssl_client_mode ? "SSL_connect" : "SSL_accept", rc);
while ((err = ERR_get_error()) != 0) {
rfbLog("SSL: %s\n", ERR_error_string(err, NULL));
if (cnt++ > 100) {
@@ -2071,8 +2083,8 @@ static int ssl_init(int s_in, int s_out, int skip_vnc_tls, double last_https) {
} else if (dnow() > start + 3.0) {
- rfbLog("SSL: ssl_helper[%d]: timeout looping SSL_accept() "
- "fatal.\n", getpid());
+ rfbLog("SSL: ssl_helper[%d]: timeout looping %s() "
+ "fatal.\n", getpid(), ssl_client_mode ? "SSL_connect" : "SSL_accept");
pr_ssl_info(1);
return 0;