From 85303147a02cce513cb62fc25ab728238dec69b7 Mon Sep 17 00:00:00 2001 From: runge Date: Tue, 1 May 2007 22:51:56 +0000 Subject: ssl: java viewer patches, onetimekey; x11vnc setsid/setpgrp and -cc 4 for -create --- classes/ssl/Makefile.am | 2 +- classes/ssl/SignedVncViewer.jar | Bin 77722 -> 79005 bytes classes/ssl/VncViewer.jar | Bin 74996 -> 76220 bytes classes/ssl/onetimekey | 47 +++++++++++++++++++++ classes/ssl/ss_vncviewer | 21 +++++---- .../tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch | Bin 41372 -> 44072 bytes 6 files changed, 61 insertions(+), 9 deletions(-) create mode 100755 classes/ssl/onetimekey (limited to 'classes') diff --git a/classes/ssl/Makefile.am b/classes/ssl/Makefile.am index 29ee895..b0d3664 100644 --- a/classes/ssl/Makefile.am +++ b/classes/ssl/Makefile.am @@ -1,2 +1,2 @@ -EXTRA_DIST=VncViewer.jar index.vnc SignedVncViewer.jar proxy.vnc README ss_vncviewer +EXTRA_DIST=VncViewer.jar index.vnc SignedVncViewer.jar proxy.vnc README ss_vncviewer onetimekey diff --git a/classes/ssl/SignedVncViewer.jar b/classes/ssl/SignedVncViewer.jar index 573dbce..1d60cb1 100644 Binary files a/classes/ssl/SignedVncViewer.jar and b/classes/ssl/SignedVncViewer.jar differ diff --git a/classes/ssl/VncViewer.jar b/classes/ssl/VncViewer.jar index 4d32237..b4ac298 100644 Binary files a/classes/ssl/VncViewer.jar and b/classes/ssl/VncViewer.jar differ diff --git a/classes/ssl/onetimekey b/classes/ssl/onetimekey new file mode 100755 index 0000000..5c0c26d --- /dev/null +++ b/classes/ssl/onetimekey @@ -0,0 +1,47 @@ +#!/bin/sh +# +# usage: onetimekey path/to/mycert.pem +# +# Takes an openssl cert+key pem file and turns into a long string +# for the x11vnc SSL VNC Java Viewer. +# +# The Java applet URL parameter can be oneTimeKey= where str is +# the output of this program, or can be oneTimeKey=PROMPT in which +# case the applet will ask you to paste in the string. +# +# The problem trying to be solved here is it is difficult to get +# the Java applet to have or use a keystore with the key saved +# in it. Also, as the name implies, an HTTPS server can create +# a one time key to send to the applet (the user has already +# logged in via password to the HTTPS server). + +in=$1 +der=/tmp/1time$$.der +touch $der +chmod 600 $der + +openssl pkcs8 -topk8 -nocrypt -in "$in" -out "$der" -outform der + +pbinhex=/tmp/pbinhex.$$ +cat > $pbinhex <