From e2e9347946bbaf1bf87c571d4a1fd9115fe90954 Mon Sep 17 00:00:00 2001 From: runge Date: Sun, 12 Mar 2006 05:50:01 +0000 Subject: x11vnc: add -ssl mode using libssl. Include Xdummy in misc. --- x11vnc/connections.c | 41 ++++++++++++++++++++++++++++++++++++----- 1 file changed, 36 insertions(+), 5 deletions(-) (limited to 'x11vnc/connections.c') diff --git a/x11vnc/connections.c b/x11vnc/connections.c index 53231ee..2219c18 100644 --- a/x11vnc/connections.c +++ b/x11vnc/connections.c @@ -11,6 +11,8 @@ #include "screen.h" #include "unixpw.h" #include "scan.h" +#include "sslcmds.h" +#include "sslhelper.h" /* * routines for handling incoming, outgoing, etc connections @@ -542,6 +544,7 @@ static int accepted_client = 0; * callback for when a client disconnects */ static void client_gone(rfbClientPtr client) { + ClientData *cd = NULL; client_count--; if (client_count < 0) client_count = 0; @@ -559,17 +562,27 @@ static void client_gone(rfbClientPtr client) { } } + if (no_autorepeat && client_count == 0) { autorepeat(1, 0); } if (use_solid_bg && client_count == 0) { solid_bg(1); } - if (gone_cmd && *gone_cmd != '\0') { - ClientData *cd = NULL; - if (client->clientData) { - cd = (ClientData *) client->clientData; + if (client->clientData) { + cd = (ClientData *) client->clientData; + if (cd->ssh_helper_pid > 0) { + int status; + rfbLog("sending SIGTERM to ssh_helper_pid: %d\n", + cd->ssh_helper_pid); + kill(cd->ssh_helper_pid, SIGTERM); +#if LIBVNCSERVER_HAVE_SYS_WAIT_H && LIBVNCSERVER_HAVE_WAITPID + waitpid(cd->ssh_helper_pid, &status, WNOHANG); +#endif + ssh_helper_pid(cd->ssh_helper_pid, -1); /* delete */ } + } + if (gone_cmd && *gone_cmd != '\0') { if (strstr(gone_cmd, "popup") == gone_cmd) { int x = -64000, y = -64000, timeout = 120; char *userhost = ident_username(client); @@ -1452,6 +1465,10 @@ static int do_reverse_connect(char *str) { rfbLog("reverse_connect: screen not setup yet.\n"); return 0; } + if (use_openssl && !getenv("X11VNC_SSL_ALLOW_REVERSE")) { + rfbLog("reverse connections disabled in -ssl mode.\n"); + return 0; + } /* copy in to host */ host = (char *) malloc(len+1); @@ -1476,7 +1493,7 @@ static int do_reverse_connect(char *str) { return 0; } } - if (! getenv("UNIXPW_DISABLE_STUNNEL") && ! have_ssh_env()) { + if (! getenv("UNIXPW_DISABLE_SSL") && ! have_ssh_env()) { rfbLog("reverse_connect: in -inetd stunnel/ssh\n"); rfbLog("required under -unixpw\n"); return 0; @@ -1824,6 +1841,13 @@ enum rfbNewClientAction new_client(rfbClientPtr client) { clients_served++; if (0) fprintf(stderr, "new_client: %s %d\n", client->host, clients_served); + if (use_openssl || use_stunnel) { + if (! ssl_initialized) { + rfbLog("denying additional client: %s ssl not setup" + " yet.\n", client->host); + return(RFB_CLIENT_REFUSE); + } + } if (unixpw && unixpw_in_progress) { rfbLog("denying additional client: %s during -unixpw login.\n", client->host); @@ -1857,6 +1881,13 @@ if (0) fprintf(stderr, "new_client: %s %d\n", client->host, clients_served); cd->input[0] = '-'; cd->login_viewonly = -1; cd->login_time = time(0); + cd->ssh_helper_pid = 0; + + if (use_openssl && openssl_last_helper_pid) { +if (0) fprintf(stderr, "SET ssh_helper_pid: %d\n", openssl_last_helper_pid); + cd->ssh_helper_pid = openssl_last_helper_pid; + openssl_last_helper_pid = 0; + } if (! accept_client(client)) { rfbLog("denying client: %s local user rejected connection.\n", -- cgit v1.2.1