summaryrefslogtreecommitdiffstats
path: root/classes/ssl
diff options
context:
space:
mode:
authorrunge <runge>2009-01-12 01:56:14 +0000
committerrunge <runge>2009-01-12 01:56:14 +0000
commita774823bdfbef51654c3e7292feab817262a556e (patch)
treee5c60a42f8363db0392ef7272f8472e94e5fef94 /classes/ssl
parent8d55891ded08ca706ed9e99cbde8761f1159e9a1 (diff)
downloadlibtdevnc-a774823bdfbef51654c3e7292feab817262a556e.tar.gz
libtdevnc-a774823bdfbef51654c3e7292feab817262a556e.zip
classes/ssl: Add configurable Ultra java applet Filexfer Drives
drop down (e.g. ftpDropDown=Home.Desktop.bin). Document all applet parameters in classes/ssl/README.
Diffstat (limited to 'classes/ssl')
-rw-r--r--classes/ssl/README189
-rw-r--r--classes/ssl/SignedUltraViewerSSL.jarbin103294 -> 103546 bytes
-rw-r--r--classes/ssl/SignedVncViewer.jarbin79618 -> 79620 bytes
-rw-r--r--classes/ssl/UltraViewerSSL.jarbin100413 -> 100667 bytes
-rw-r--r--classes/ssl/VncViewer.jarbin76830 -> 76830 bytes
-rwxr-xr-xclasses/ssl/ss_vncviewer576
-rw-r--r--classes/ssl/ultravnc-102-JavaViewer-ssl-etc.patch176
7 files changed, 687 insertions, 254 deletions
diff --git a/classes/ssl/README b/classes/ssl/README
index 1b794e4..0e3694b 100644
--- a/classes/ssl/README
+++ b/classes/ssl/README
@@ -84,3 +84,192 @@ SignedUltraViewerSSL.jar
ultra.vnc
ultraproxy.vnc
ultravnc-102-JavaViewer-ssl-etc.patch
+
+---------------------------------------------------------------
+Applet Parameters:
+
+Some additional applet parameters can be set via the URL, e.g.
+
+ http://host:5800/?param=value
+ http://host:5800/ultra.vnc?param=value
+ https://host:5900/ultra.vnc?param=value
+
+etc. If running java from command line as show above, it comes
+in as java ... VncViewer param value ...
+
+There is a limitation with libvncserver that param and value can
+only be alphanumeric, underscore, "+" (for space), or "."
+
+We have added some applet parameters to the stock VNC java
+viewers. Here are the applet parameters:
+
+Both TightVNC and UltraVNC Java viewers:
+
+ HOST
+ string, default: none.
+ The Hostname to connect to.
+
+ PORT
+ number, default: 0
+ The VNC server port to connect to.
+
+ Open New Window
+ yes/no, default: no
+ Run applet in separate frame.
+
+ Show Controls
+ yes/no, default: yes
+ Show Controls button panel.
+
+ Show Offline Desktop
+ yes/no, default: no
+ Do we continue showing desktop on remote disconnect?
+
+ Defer screen updates
+ number, default: 20
+ Milliseconds delay
+
+ Defer cursor updates
+ number, default: 10
+ Milliseconds delay
+
+ Defer update requests
+ number, default: 50
+ Milliseconds delay
+
+
+ The following are added by x11vnc and/or ssvnc project
+
+ VNCSERVERPORT
+ number, default: 0
+ Like PORT, but if there is a firewall this is the Actual VNC
+ server port. PORT might be a redir port on the firewall.
+
+ DisableSSL
+ yes/no, default: no
+ Do unencrypted connection, no SSL.
+
+ httpsPort
+ number, default: none
+ When checking for proxy, use this at the url port number.
+
+ CONNECT
+ string, default: none
+ Sets to host:port for the CONNECT line to a Web proxy.
+ The Web proxy should connect us to it.
+
+ GET
+ yes/no, default: no
+ Set to do a special HTTP GET (/request.https.vnc.connection)
+ to the vnc server that will cause it to switch to VNC instead.
+ This is to speedup/make more robust, the single port HTTPS and VNC
+ mode of x11vnc (e.g. both services thru port 5900, etc)
+
+ urlPrefix
+ string, default: none
+ set to a string that will be prefixed to all URL's when contacting
+ the VNC server. Idea is a special proxy will use this to indicate
+ internal hostname, etc.
+
+ oneTimeKey
+ string, default: none
+ set a special hex "key" to correspond to an SSL X.509 cert.
+ See the 'onetimekey' helper script. Can also be PROMPT to
+ prompt the user to paste the hex key string in.
+
+ This is to try to work around the problem that the Java
+ applet cannot keep an SSL keystore on disk, etc.
+ E.g. if they log into an HTTPS website via password they
+ are authenticated and encrypted, then the website can
+ safely put oneTimeKey=... on the URL. The Vncviewer
+ authenticates the VNC server with this key.
+
+ forceProxy
+ yes/no, default: no
+ Assume there is a proxy.
+
+ ignoreProxy
+ yes/no, default: no
+ Don't check for a proxy, assume there is none.
+
+ trustAllVncCerts
+ yes/no, default: no
+ Automatically trust any cert received from the VNC server
+ (obviously this could be dangerous and lead to man in the
+ middle attack). Do not ask the user to verify any of these
+ certs from the VNC server.
+
+ trustUrlVncCert
+ yes/no, default: no
+ Automatically trust any cert that the web browsers has accepted.
+ E.g. the user said "Yes" or "Continue" to a web browser dialog
+ regarding a certificate. If we get the same cert from the VNC
+ server we trust it without prompting the user.
+
+TightVNC Java viewer only:
+
+ Offer Relogin
+ yes/no, default: yes
+ "Offer Relogin" set to "No" disables "Login again"
+
+ SocketFactory
+ string, default: none
+ set Java Socket class factory.
+
+UltraVNC Java viewer only:
+
+ PASSWORD
+ string, default: none
+ VNC session password in plain text.
+
+ ENCPASSWORD
+ string, default: none
+ VNC session password in encrypted in DES with KNOWN FIXED
+ key. It is a hex string. This is like the ~/.vnc/passwd format.
+
+ The following are added by x11vnc and/or ssvnc project
+
+ ftpDropDown
+ string, default: none
+ Sets the file transfer "drives" dropdown to the "." separated
+ list. Use "+" for space. The default is
+
+ My+Documents.Desktop.Home
+
+ for 3 entries in the dropdown in addition to the "drives"
+ (e.g. C:\) These items should be expanded properly by the VNC
+ Server. x11vnc will prepend $HOME to them, which is normally
+ what one wants. To include a "/" use "_2F_". Another example:
+
+ Home.Desktop.bin_2F_linux
+
+ ftpOnly
+ yes/no, default: no
+ The VNC viewer only shows the filetransfer panel, no desktop
+ is displayed.
+
+ graftFtp
+ yes/no, default: no
+ As ftpOnly, the VNC viewer only shows the filetransfer panel,
+ no desktop is displayed, however it is "grafted" onto an existing
+ SSVNC unix vncviewer. The special SSVNC vncviewer merges the two
+ channels.
+
+ dsmActive
+ yes/no, default: no
+ Special usage mode with the SSVNC unix vncviewer. The UltraVNC
+ DSM encryption is active. Foolishly, UltraVNC DSM encryption
+ *MODIFIES* the VNC protocol when active (it is not a pure tunnel).
+ This option indicates to modify the VNC protocol to make this work.
+ Usually only used with graftFtp and SSVNC unix vncviewer.
+
+ delayAuthPanel
+ yes/no, default: no
+ This is another special usage mode with the SSVNC unix vncviewer.
+ A login panel is delayed (not shown at startup.) Could be useful
+ for non SSVNC usage too.
+
+ ignoreMSLogonCheck
+ yes/no, default: no
+ Similar to delayAuthPanel, do not put up a popup asking for
+ Windows username, etc.
diff --git a/classes/ssl/SignedUltraViewerSSL.jar b/classes/ssl/SignedUltraViewerSSL.jar
index 8e4896c..38c841f 100644
--- a/classes/ssl/SignedUltraViewerSSL.jar
+++ b/classes/ssl/SignedUltraViewerSSL.jar
Binary files differ
diff --git a/classes/ssl/SignedVncViewer.jar b/classes/ssl/SignedVncViewer.jar
index b44fa04..903b00d 100644
--- a/classes/ssl/SignedVncViewer.jar
+++ b/classes/ssl/SignedVncViewer.jar
Binary files differ
diff --git a/classes/ssl/UltraViewerSSL.jar b/classes/ssl/UltraViewerSSL.jar
index 24faa92..123d50f 100644
--- a/classes/ssl/UltraViewerSSL.jar
+++ b/classes/ssl/UltraViewerSSL.jar
Binary files differ
diff --git a/classes/ssl/VncViewer.jar b/classes/ssl/VncViewer.jar
index 34ffcbc..c152d5a 100644
--- a/classes/ssl/VncViewer.jar
+++ b/classes/ssl/VncViewer.jar
Binary files differ
diff --git a/classes/ssl/ss_vncviewer b/classes/ssl/ss_vncviewer
index 12fe6b2..2231108 100755
--- a/classes/ssl/ss_vncviewer
+++ b/classes/ssl/ss_vncviewer
@@ -23,6 +23,7 @@
#
# -verify /path/to/cacert.pem
# -mycert /path/to/mycert.pem
+# -crl /path/to/my_crl.pem (or directory)
# -proxy host:port
#
# -verify specifies a CA cert PEM file (or a self-signed one) for
@@ -125,13 +126,31 @@ fi
PATH=$PATH:/usr/sbin:/usr/local/sbin:/dist/sbin; export PATH
-# work out which stunnel t use (debian installs as stunnel4)
+localhost="localhost"
+if uname | grep Darwin >/dev/null; then
+ localhost="127.0.0.1"
+fi
+
+# work out which stunnel to use (debian installs as stunnel4)
if [ "X$STUNNEL" = "X" ]; then
- type stunnel4 > /dev/null 2>&1
- if [ $? = 0 ]; then
- STUNNEL=stunnel4
- else
- STUNNEL=stunnel
+ check_stunnel=1
+ if [ "X$SSVNC_BASEDIRNAME" != "X" ]; then
+ if [ -x "$SSVNC_BASEDIRNAME/stunnel" ]; then
+ type stunnel > /dev/null 2>&1
+ if [ $? = 0 ]; then
+ # found ours
+ STUNNEL=stunnel
+ check_stunnel=0
+ fi
+ fi
+ fi
+ if [ "X$check_stunnel" = "X1" ]; then
+ type stunnel4 > /dev/null 2>&1
+ if [ $? = 0 ]; then
+ STUNNEL=stunnel4
+ else
+ STUNNEL=stunnel
+ fi
fi
fi
@@ -164,6 +183,11 @@ reverse=""
ciphers=""
anondh="ALL:RC4+RSA:+SSLv2:@STRENGTH"
+anondh_set=""
+stunnel_debug="6"
+if [ "X$SS_DEBUG" != "X" -o "X$SSVNC_VENCRYPT_DEBUG" != "X" -o "X$SSVNC_STUNNEL_DEBUG" != "X" ]; then
+ stunnel_debug="7"
+fi
if [ "X$1" = "X-viewerflavor" ]; then
# special case, try to guess which viewer:
@@ -193,16 +217,9 @@ if [ "X$1" = "X-viewerflavor" ]; then
fi
exit 0
fi
-
-# maxconn is something we added to stunnel, this disables it:
-if [ "X$SS_VNCVIEWER_NO_MAXCONN" != "X" ]; then
- STUNNEL_EXTRA_OPTS=`echo "$STUNNEL_EXTRA_OPTS" | sed -e 's/maxconn/#maxconn/'`
-elif echo "$VNCVIEWERCMD" | egrep -i '^(xmessage|sleep )' > /dev/null; then
- STUNNEL_EXTRA_OPTS=`echo "$STUNNEL_EXTRA_OPTS" | sed -e 's/maxconn/#maxconn/'`
-else
- STUNNEL_ONCE=1; export STUNNEL_ONCE
- STUNNEL_MAX_CLIENTS=1; export STUNNEL_MAX_CLIENTS
- STUNNEL_NO_SYSLOG=1; export STUNNEL_NO_SYSLOG
+if [ "X$1" = "X-viewerhelp" ]; then
+ $VNCVIEWERCMD -h 2>&1
+ exit 0
fi
# grab our cmdline options:
@@ -213,6 +230,8 @@ do
;;
"-mycert") shift; mycert="$1"
;;
+ "-crl") shift; crl="$1"
+ ;;
"-proxy") shift; proxy="$1"
;;
"-ssh") use_ssh=1
@@ -225,6 +244,7 @@ do
"-sshargs") shift; ssh_args="$1"
;;
"-anondh") ciphers="ciphers=$anondh"
+ anondh_set=1
;;
"-ciphers") shift; ciphers="ciphers=$1"
;;
@@ -246,6 +266,8 @@ do
;;
"-scale") shift; SSVNC_SCALE="$1"; export SSVNC_SCALE
;;
+ "-onelisten") SSVNC_LISTEN_ONCE=1; export SSVNC_LISTEN_ONCE
+ ;;
"-escape") shift; VNCVIEWER_ESCAPE="$1"; export VNCVIEWER_ESCAPE
;;
"-ssvnc_encodings") shift; VNCVIEWER_ENCODINGS="$1"; export VNCVIEWER_ENCODINGS
@@ -268,7 +290,28 @@ do
shift
done
-# this is the -t ssh option (gives better keyboard responsd thru SSH tunnel)
+# maxconn is something we added to stunnel, this disables it:
+if [ "X$SS_VNCVIEWER_NO_MAXCONN" != "X" ]; then
+ STUNNEL_EXTRA_OPTS=`echo "$STUNNEL_EXTRA_OPTS" | sed -e 's/maxconn/#maxconn/'`
+elif echo "$VNCVIEWERCMD" | egrep -i '^(xmessage|sleep )' > /dev/null; then
+ STUNNEL_EXTRA_OPTS=`echo "$STUNNEL_EXTRA_OPTS" | sed -e 's/maxconn/#maxconn/'`
+elif [ "X$reverse" != "X" ]; then
+ STUNNEL_EXTRA_OPTS=`echo "$STUNNEL_EXTRA_OPTS" | sed -e 's/maxconn/#maxconn/'`
+else
+ # new way (our patches). other than the above, we set these:
+ if [ "X$SKIP_STUNNEL_ONCE" = "X" ]; then
+ STUNNEL_ONCE=1; export STUNNEL_ONCE
+ fi
+ if [ "X$SKIP_STUNNEL_MAX_CLIENTS" = "X" ]; then
+ STUNNEL_MAX_CLIENTS=1; export STUNNEL_MAX_CLIENTS
+ fi
+fi
+# always set this one:
+if [ "X$SKIP_STUNNEL_NO_SYSLOG" = "X" ]; then
+ STUNNEL_NO_SYSLOG=1; export STUNNEL_NO_SYSLOG
+fi
+
+# this is the -t ssh option (gives better keyboard response thru SSH tunnel)
targ="-t"
if [ "X$SS_VNCVIEWER_NO_T" != "X" ]; then
targ=""
@@ -289,18 +332,18 @@ if [ "X$reverse" != "X" ]; then
# check proxy usage under reverse connection:
if [ "X$use_ssh" = "X" -a "X$use_sshssl" = "X" ]; then
echo ""
- if echo "$proxy" | egrep "repeater://" > /dev/null; then
+ if echo "$proxy" | egrep -i "(repeater|vencrypt)://" > /dev/null; then
:
else
echo "*Warning*: SSL -listen and a Web proxy does not make sense."
- sleep 3
+ sleep 2
fi
elif echo "$proxy" | grep "," > /dev/null; then
:
else
echo ""
echo "*Warning*: -listen and a single proxy/gateway does not make sense."
- sleep 3
+ sleep 2
fi
SSVNC_LISTEN_ONCE=1; export SSVNC_LISTEN_ONCE
fi
@@ -320,6 +363,14 @@ if uname -sr | egrep 'SunOS 5\.[5-8]' > /dev/null; then
dL="-h"
fi
+rchk() {
+ # a kludge to set $RANDOM if we are not bash:
+ if [ "X$BASH_VERSION" = "X" ]; then
+ RANDOM=`date +%S``sh -c 'echo $$'``ps -elf 2>&1 | sum 2>&1 | awk '{print $1}'`
+ fi
+}
+rchk
+
# a portable, but not absolutely safe, tmp file creator
mytmp() {
tf=$1
@@ -397,6 +448,7 @@ if echo "$orig" | grep '^vnc://' > /dev/null; then
orig=`echo "$orig" | sed -e 's,vnc://,,'`
verify=""
mycert=""
+ crl=""
use_ssh=""
use_sshssl=""
direct_connect=1
@@ -417,6 +469,7 @@ fi
if [ "X$SSVNC_ULTRA_DSM" != "X" ]; then
verify=""
mycert=""
+ crl=""
use_ssh=""
use_sshssl=""
direct_connect=1
@@ -459,7 +512,7 @@ fi
host=`echo "$orig" | awk -F: '{print $1}'`
disp=`echo "$orig" | awk -F: '{print $2}'`
if [ "X$host" = "X" ]; then
- host=localhost
+ host=$localhost
fi
if [ "X$disp" = "X" ]; then
port="" # probably -listen mode.
@@ -483,9 +536,9 @@ inuse=""
if uname | grep Linux > /dev/null; then
inuse=`netstat -ant | egrep 'LISTEN|WAIT|ESTABLISH|CLOSE' | awk '{print $4}' | sed 's/^.*://'`
elif uname | grep SunOS > /dev/null; then
- inuse=`netstat -an -f inet -P tcp | grep LISTEN | awk '{print $1}' | sed 's/^.*\.//'`
-elif uname | grep -i bsd > /dev/null; then
- inuse=`netstat -ant -f inet | grep LISTEN | awk '{print $4}' | sed 's/^.*\.//'`
+ inuse=`netstat -an -f inet -P tcp | egrep 'LISTEN|WAIT|ESTABLISH|CLOSE' | awk '{print $1}' | sed 's/^.*\.//'`
+elif uname | egrep -i 'bsd|darwin' > /dev/null; then
+ inuse=`netstat -ant -f inet | egrep 'LISTEN|WAIT|ESTABLISH|CLOSE' | awk '{print $4}' | sed 's/^.*\.//'`
# add others...
fi
@@ -590,7 +643,14 @@ final() {
if [ "X$reverse" = "X" ]; then
# normal connections try 5930-5999:
- use=`findfree 5930`
+ if [ "X$showcert" = "X" ]; then
+ use=`findfree 5930`
+ else
+ # move away from normal place for (possibly many) -showcert
+ pstart=`date +%S`
+ pstart=`expr 6130 + $pstart + $pstart`
+ use=`findfree $pstart`
+ fi
if [ $use -ge 5900 ]; then
N=`expr $use - 5900`
else
@@ -612,14 +672,6 @@ if echo "$0" | grep vncip > /dev/null; then
VNCVIEWERCMD="$VNCIPCMD"
fi
-rchk() {
- # a kludge to set $RANDOM if we are not bash:
- if [ "X$BASH_VERSION" = "X" ]; then
- RANDOM=`date +%S``sh -c 'echo $$'``ps -elf 2>&1 | sum 2>&1 | awk '{print $1}'`
- fi
-}
-rchk
-
# trick for the undocumented rsh://host:port method.
rsh_setup() {
if echo "$ssh_host" | grep '@' > /dev/null; then
@@ -670,7 +722,7 @@ if (exists $ENV{PPROXY_SLEEP}) {
foreach my $var (qw(PPROXY_PROXY PPROXY_SOCKS PPROXY_DEST PPROXY_LISTEN
PPROXY_REVERSE PPROXY_REPEATER PPROXY_REMOVE PPROXY_KILLPID PPROXY_SLEEP)) {
- if (0 || $ENV{SS_DEBUG}) {
+ if (0 || $ENV{SS_DEBUG} || $ENV{SSVNC_VENCRYPT_DEBUG}) {
print STDERR "$var: $ENV{$var}\n";
}
}
@@ -683,7 +735,7 @@ if ($ENV{PPROXY_SOCKS} ne "" && $ENV{PPROXY_PROXY} !~ m,^socks5?://,i) {
}
}
-my $rfbSecTypeTlsVnc = 18;
+my $rfbSecTypeAnonTls = 18;
my $rfbSecTypeVencrypt = 19;
my $rfbVencryptPlain = 256;
@@ -755,13 +807,24 @@ if ($ENV{PPROXY_REVERSE} ne "") {
die "pproxy: $! -- PPROXY_REVERSE\n";
}
print STDERR "PPROXY_REVERSE: connected to $rhost $rport\n";
+
} elsif ($ENV{PPROXY_LISTEN} ne "") {
- my $listen_sock = IO::Socket::INET->new(
- Listen => 2,
- LocalAddr => "localhost",
- LocalPort => $ENV{PPROXY_LISTEN},
- Proto => "tcp"
- );
+ my $listen_sock = "";
+ if ($ENV{PPROXY_LISTEN} =~ /^INADDR_ANY:(.*)/) {
+ my $p = $1;
+ $listen_sock = IO::Socket::INET->new(
+ Listen => 2,
+ LocalPort => $p,
+ Proto => "tcp"
+ );
+ } else {
+ $listen_sock = IO::Socket::INET->new(
+ Listen => 2,
+ LocalAddr => "127.0.0.1",
+ LocalPort => $ENV{PPROXY_LISTEN},
+ Proto => "tcp"
+ );
+ }
if (! $listen_sock) {
die "pproxy: $! -- PPROXY_LISTEN\n";
}
@@ -770,6 +833,7 @@ if ($ENV{PPROXY_REVERSE} ne "") {
if (! $listen_handle) {
die "pproxy: $!\n";
}
+ close $listen_sock;
}
my $sock = IO::Socket::INET->new(
@@ -786,6 +850,13 @@ if (! $sock) {
unlink($0) if $ENV{PPROXY_REMOVE};
+if ($ENV{PPROXY_PROXY} =~ /^vencrypt:/ && $ENV{PPROXY_LISTEN} =~ /^INADDR_ANY:/) {
+ print STDERR "PPROXY: vencrypt+reverse: swapping listen socket with connect socket.\n";
+ my $tmp_swap = $sock;
+ $sock = $listen_handle;
+ $listen_handle = $tmp_swap;
+}
+
$cur_proxy = $first;
setmode($mode_1st);
@@ -810,7 +881,14 @@ if ($second ne "") {
$parent = $$;
$child = fork;
if (! defined $child) {
- kill "TERM", $ENV{PPROXY_KILLPID} if $ENV{PPROXY_KILLPID};
+ if ($ENV{PPROXY_KILLPID}) {
+ foreach my $p (split(/,/, $ENV{PPROXY_KILLPID})) {
+ if ($p =~ /^(\+|-)/) {
+ $p = $parent + $p;
+ }
+ kill "TERM", $p;
+ }
+ }
exit 1;
}
@@ -824,7 +902,7 @@ if ($child) {
select(undef, undef, undef, 0.25);
if (kill 0, $child) {
select(undef, undef, undef, 1.5);
- #print STDERR "pproxy\[$$]: kill TERM $child\n";
+ print STDERR "pproxy\[$$]: kill TERM $child\n";
kill "TERM", $child;
}
} else {
@@ -837,16 +915,20 @@ if ($child) {
select(undef, undef, undef, 0.25);
if (kill 0, $parent) {
select(undef, undef, undef, 1.5);
- #print STDERR "pproxy\[$$]: kill TERM $parent\n";
+ print STDERR "pproxy\[$$]: kill TERM $parent\n";
kill "TERM", $parent;
}
}
if ($ENV{PPROXY_KILLPID} ne "") {
- if ($ENV{PPROXY_KILLPID} =~ /^(\+|-)/) {
- $ENV{PPROXY_KILLPID} = $$ + $ENV{PPROXY_KILLPID};
+ if ($ENV{PPROXY_KILLPID}) {
+ foreach my $p (split(/,/, $ENV{PPROXY_KILLPID})) {
+ if ($p =~ /^(\+|-)/) {
+ $p = $parent + $p;
+ }
+ print STDERR "kill TERM, $p (PPROXY_KILLPID)\n";
+ kill "TERM", $p;
+ }
}
- print STDERR "kill TERM, $ENV{PPROXY_KILLPID}\n";
- kill "TERM", $ENV{PPROXY_KILLPID};
}
exit;
@@ -1079,12 +1161,12 @@ sub vdie {
exit(1);
}
-sub tlsvnc_handshake {
+sub anontls_handshake {
my ($vmode, $db) = @_;
- print STDERR "PPROXY: Doing TLSVNC Handshake\n";
+ print STDERR "PPROXY: Doing ANONTLS Handshake\n";
- my $psec = pack("C", $rfbSecTypeTlsVnc);
+ my $psec = pack("C", $rfbSecTypeAnonTls);
syswrite($sock, $psec, 1);
append_handshake("done\n");
@@ -1097,6 +1179,13 @@ sub vencrypt_handshake {
print STDERR "PPROXY: Doing VeNCrypt Handshake\n";
my $psec = pack("C", $rfbSecTypeVencrypt);
+
+ if (exists $ENV{SSVNC_TEST_SEC_TYPE}) {
+ my $fake = $ENV{SSVNC_TEST_SEC_TYPE};
+ print STDERR "PPROXY: sending sec-type: $fake\n";
+ $psec = pack("C", $fake);
+ }
+
syswrite($sock, $psec, 1);
my $vmajor;
@@ -1108,10 +1197,14 @@ sub vencrypt_handshake {
$vmajor = unpack("C", $vmajor);
$vminor = unpack("C", $vminor);
- print STDERR "$vmajor.$vminor\n" if $db;
+ print STDERR "server vencrypt version $vmajor.$vminor\n" if $db;
- vdie if $vmajor ne 0;
- vdie if $vminor < 2;
+ if (exists $ENV{SSVNC_TEST_SEC_TYPE}) {
+ print STDERR "PPROXY: continuing on in test mode.\n";
+ } else {
+ vdie if $vmajor ne 0;
+ vdie if $vminor < 2;
+ }
$vmajor = pack("C", 0);
$vminor = pack("C", 2);
@@ -1122,6 +1215,7 @@ sub vencrypt_handshake {
my $result;
sysread($sock, $result, 1);
+ print STDERR "result empty\n" if $db && $result eq "";
vdie if $result eq "";
$result = unpack("C", $result);
@@ -1170,12 +1264,23 @@ sub vencrypt_handshake {
$subtype = $rfbVencryptTlsPlain;
print STDERR "selected rfbVencryptTlsPlain\n" if $db;
}
+
+ if (exists $ENV{SSVNC_TEST_SEC_SUBTYPE}) {
+ my $fake = $ENV{SSVNC_TEST_SEC_SUBTYPE};
+ print STDERR "PPROXY: sending sec-subtype: $fake\n";
+ $subtype = $fake;
+ }
+
append_handshake("subtype=$subtype\n");
my $pst = pack("N", $subtype);
syswrite($sock, $pst, 4);
- vdie if $subtype == 0;
+ if (exists $ENV{SSVNC_TEST_SEC_SUBTYPE}) {
+ print STDERR "PPROXY: continuing on in test mode.\n";
+ } else {
+ vdie if $subtype == 0;
+ }
my $ok;
sysread($sock, $ok, 1);
@@ -1192,11 +1297,12 @@ sub vencrypt_dialog {
my $db = 0;
$db = 1 if exists $ENV{SS_DEBUG};
+ $db = 1 if exists $ENV{SSVNC_VENCRYPT_DEBUG};
append_handshake("mode=$vmode\n");
my $server_rfb = "";
- syswrite($sock, $rep, 250);
+ #syswrite($sock, $rep, 250);
for (my $i = 0; $i < 12; $i++) {
my $c;
sysread($sock, $c, 1);
@@ -1246,10 +1352,10 @@ sub vencrypt_dialog {
print STDERR "found rfbSecTypeVencrypt\n" if $db;
append_handshake("sectype=$rfbSecTypeVencrypt\n");
vencrypt_handshake($vmode, $db);
- } elsif (exists $sectypes{$rfbSecTypeTlsVnc}) {
- print STDERR "found rfbSecTypeTlsVnc\n" if $db;
- append_handshake("sectype=$rfbSecTypeTlsVnc\n");
- tlsvnc_handshake($vmode, $db);
+ } elsif (exists $sectypes{$rfbSecTypeAnonTls}) {
+ print STDERR "found rfbSecTypeAnonTls\n" if $db;
+ append_handshake("sectype=$rfbSecTypeAnonTls\n");
+ anontls_handshake($vmode, $db);
} else {
print STDERR "No supported sec-type found\n" if $db;
vdie;
@@ -1296,9 +1402,12 @@ sub xfer {
close($out);
}
'
+ # '
# xpg_echo will expand \n \r, etc.
# try to unset and then test for it.
- shopt -u xpg_echo >/dev/null 2>&1
+ if type shopt > /dev/null 2>&1; then
+ shopt -u xpg_echo >/dev/null 2>&1
+ fi
v='print STDOUT "abc\n";'
echo "$v" > $tf
chmod 700 $tf
@@ -1314,6 +1423,67 @@ sub xfer {
perl -e 'use IO::Socket::INET; select(undef, undef, undef, 0.01)' >/dev/null 2>&1
}
+# make_tcert is no longer invoked via the ssvnc gui (Listen mode).
+# make_tcert is for testing only now via -mycert BUILTIN
+make_tcert() {
+ tcert="/tmp/ss_vnc_viewer_tcert${RANDOM}.$$"
+ tcert=`mytmp "$tcert"`
+ cat > $tcert <<END
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAvkfXxb0wcxgrjV2ziFikjII+ze8iKcTBt47L0GM/c21efelN
++zZpJUUXLu4zz8Ryq8Q+sQgfNy7uTOpN9bUUaOk1TnD7gaDQnQWiNHmqbW2kL+DS
+OKngJVPo9dETAS8hf7+D1e1DBZxjTc1a4RQqWJixwpYj99ixWzu8VC2m/xXsjvOs
+jp4+DLBB490nbkwvstmhmiWm1CmI5O5xOkgioVNQqHvQMdVKOSz9PpbjvZiRX1Uo
+qoMrk+2NOqwP90TB35yPASXb9zXKpO7DLhkube+yYGf+yk46aD707L07Eb7cosFP
+S84vNZ9gX7rQ0UOwm5rYA/oZTBskgaqhtIzkLwIDAQABAoIBAD4ot/sXt5kRn0Ca
+CIkU9AQWlC+v28grR2EQW9JiaZrqcoDNUzUqbCTJsi4ZkIFh2lf0TsqELbZYNW6Y
+6AjJM7al4E0UqYSKJTv2WCuuRxdiRs2BMwthqyBmjeanev7bB6V0ybt7u3Y8xU/o
+MrTuYnr4vrEjXPKdLirwk7AoDbKsRXHSIiHEIBOq1+dUQ32t36ukdnnza4wKDLZc
+PKHiCdCk/wOGhuDlxD6RspqUAlRnJ8/aEhrgWxadFXw1hRhRsf/v1shtB0T3DmTe
+Jchjwyiw9mryb9JZAcKxW+fUc4EVvj6VdQGqYInQJY5Yxm5JAlVQUJicuuJEvn6A
+rj5osQECgYEA552CaHpUiFlB4HGkjaH00kL+f0+gRF4PANCPk6X3UPDVYzKnzmuu
+yDvIdEETGFWBwoztUrOOKqVvPEQ+kBa2+DWWYaERZLtg2cI5byfDJxQ3ldzilS3J
+1S3WgCojqcsG/hlxoQJ1dZFanUy/QhUZ0B+wlC+Zp1Q8AyuGQvhHp68CgYEA0lBI
+eqq2GGCdJuNHMPFbi8Q0BnX55LW5C1hWjhuYiEkb3hOaIJuJrqvayBlhcQa2cGqp
+uP34e9UCfoeLgmoCQ0b4KpL2NGov/mL4i8bMgog4hcoYuIi3qxN18vVR14VKEh4U
+RLk0igAYPU+IK2QByaQlBo9OSaKkcfm7U1/pK4ECgYAxr6VpGk0GDvfF2Tsusv6d
+GIgV8ZP09qSLTTJvvxvF/lQYeqZq7sjI5aJD5i3de4JhpO/IXQJzfZfWOuGc8XKA
+3qYK/Y2IqXXGYRcHFGWV/Y1LFd55mCADHlk0l1WdOBOg8P5iRu/Br9PbiLpCx9oI
+vrOXpnp03eod1/luZmqguwKBgQCWFRSj9Q7ddpSvG6HCG3ro0qsNsUMTI1tZ7UBX
+SPogx4tLf1GN03D9ZUZLZVFUByZKMtPLX/Hi7K9K/A9ikaPrvsl6GEX6QYzeTGJx
+3Pw0amFrmDzr8ySewNR6/PXahxPEuhJcuI31rPufRRI3ZLah3rFNbRbBFX+klkJH
+zTnoAQKBgDbUK/aQFGduSy7WUT7LlM3UlGxJ2sA90TQh4JRQwzur0ACN5GdYZkqM
+YBts4sBJVwwJoxD9OpbvKu3uKCt41BSj0/KyoBzjT44S2io2tj1syujtlVUsyyBy
+/ca0A7WBB8lD1D7QMIhYUm2O9kYtSCLlUTHt5leqGaRG38DqlX36
+-----END RSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIDzDCCArQCCQDSzxzxqhyqLzANBgkqhkiG9w0BAQQFADCBpzELMAkGA1UEBhMC
+VVMxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxDzANBgNVBAcTBkJvc3RvbjETMBEG
+A1UEChMKTXkgQ29tcGFueTEcMBoGA1UECxMTUHJvZHVjdCBEZXZlbG9wbWVudDEZ
+MBcGA1UEAxMQd3d3Lm5vd2hlcmUubm9uZTEhMB8GCSqGSIb3DQEJARYSYWRtaW5A
+bm93aGVyZS5ub25lMB4XDTA3MDMyMzE4MDc0NVoXDTI2MDUyMjE4MDc0NVowgacx
+CzAJBgNVBAYTAlVTMRYwFAYDVQQIEw1NYXNzYWNodXNldHRzMQ8wDQYDVQQHEwZC
+b3N0b24xEzARBgNVBAoTCk15IENvbXBhbnkxHDAaBgNVBAsTE1Byb2R1Y3QgRGV2
+ZWxvcG1lbnQxGTAXBgNVBAMTEHd3dy5ub3doZXJlLm5vbmUxITAfBgkqhkiG9w0B
+CQEWEmFkbWluQG5vd2hlcmUubm9uZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAL5H18W9MHMYK41ds4hYpIyCPs3vIinEwbeOy9BjP3NtXn3pTfs2aSVF
+Fy7uM8/EcqvEPrEIHzcu7kzqTfW1FGjpNU5w+4Gg0J0FojR5qm1tpC/g0jip4CVT
+6PXREwEvIX+/g9XtQwWcY03NWuEUKliYscKWI/fYsVs7vFQtpv8V7I7zrI6ePgyw
+QePdJ25ML7LZoZolptQpiOTucTpIIqFTUKh70DHVSjks/T6W472YkV9VKKqDK5Pt
+jTqsD/dEwd+cjwEl2/c1yqTuwy4ZLm3vsmBn/spOOmg+9Oy9OxG+3KLBT0vOLzWf
+YF+60NFDsJua2AP6GUwbJIGqobSM5C8CAwEAATANBgkqhkiG9w0BAQQFAAOCAQEA
+vGomHEp6TVU83X2EBUgnbOhzKJ9u3fOI/Uf5L7p//Vxqow7OR1cguzh/YEzmXOIL
+ilMVnzX9nj/bvcLAuqEP7MR1A8f4+E807p/L/Sf49BiCcwQq5I966sGKYXjkve+T
+2GTBNwMSq+5kLSf6QY8VZI+qnrAudEQMeJByQhTZZ0dH8Njeq8EGl9KUio+VWaiW
+CQK6xJuAvAHqa06OjLmwu1fYD4GLGSrOIiRVkSXV8qLIUmzxdJaIRznkFWsrCEKR
+wAH966SAOvd2s6yOHMvyDRIL7WHxfESB6rDHsdIW/yny1fBePjv473KrxyXtbz7I
+dMw1yW09l+eEo4A7GzwOdw==
+-----END CERTIFICATE-----
+END
+ chmod 600 $tcert
+ echo "$tcert"
+}
+
Kecho() {
if [ "X$USER" = "Xrunge" ]; then
echo "dbg: $*"
@@ -1326,7 +1496,7 @@ if [ "X$use_ssh" = "X1" ]; then
#
ssh_port="22"
ssh_host="$host"
- vnc_host="localhost"
+ vnc_host="$localhost"
# let user override ssh via $SSH
ssh=${SSH:-"ssh -x"}
@@ -1444,9 +1614,9 @@ if [ "X$use_ssh" = "X1" ]; then
u=`echo "$host" | sed -e 's/@.*$/@/'`
fi
- proxy="${u}localhost:$nd"
+ proxy="${u}$localhost:$nd"
else
- proxy="${sproxy1_user}localhost:$nd"
+ proxy="${sproxy1_user}$localhost:$nd"
fi
if [ "X$sproxy_rest" != "X" ]; then
proxy="$proxy,$sproxy_rest"
@@ -1487,7 +1657,7 @@ if [ "X$use_ssh" = "X1" ]; then
ssh_args="$ssh_args -o NoHostAuthenticationForLocalhost=yes"
sleep 1
stty sane
- proxy="${ssh_user2}localhost:$proxport"
+ proxy="${ssh_user2}$localhost:$proxport"
fi
if [ "X$proxy" != "X" ]; then
@@ -1515,14 +1685,14 @@ if [ "X$use_ssh" = "X1" ]; then
getport=""
teeport=""
- if echo "$ssh_cmd" | egrep "^(PORT=|P=)" > /dev/null; then
+ if echo "$ssh_cmd" | egrep "(PORT=|P=) " > /dev/null; then
getport=1
- if echo "$ssh_cmd" | egrep "^P=" > /dev/null; then
+ if echo "$ssh_cmd" | egrep "P= " > /dev/null; then
teeport=1
fi
PORT=""
- ssh_cmd=`echo "$ssh_cmd" | sed -e 's/^PORT=[ ]*//' -e 's/^P=//'`
+ ssh_cmd=`echo "$ssh_cmd" | sed -e 's/PORT=[ ]*//' -e 's/P=//'`
SSVNC_NO_ENC_WARN=1
if [ "X$use_sshssl" = "X" ]; then
direct_connect=1
@@ -1561,7 +1731,7 @@ if [ "X$use_ssh" = "X1" ]; then
tport=`mytmp "$tport"`
if [ "X$rsh" != "X1" ]; then
- if echo "$ssh_cmd" | grep -w sudo > /dev/null; then
+ if echo "$ssh_cmd" | grep "sudo " > /dev/null; then
echo ""
echo "Initial ssh with 'sudo id' to prime sudo so hopefully the next one"
echo "will require no password..."
@@ -1634,9 +1804,9 @@ if [ "X$use_ssh" = "X1" ]; then
PPROXY_SOCKS=5
fi
export PPROXY_SOCKS
- host="localhost"
+ host="$localhost"
port="$PORT"
- proxy="localhost:$use"
+ proxy="$localhost:$use"
else
if [ "X$rsh" != "X1" ]; then
@@ -1665,13 +1835,19 @@ if [ "X$use_ssh" = "X1" ]; then
c=0
pssh=""
- mssh=`echo "$ssh" | sed -e 's/^env.*ssh/ssh/'`
- while [ $c -lt 30 ]
+ while [ $c -lt 40 ]
do
p=`expr $pmark + $c`
- if ps -p "$p" 2>&1 | grep "$mssh" > /dev/null; then
- pssh=$p
- break
+ pout=`ps -p "$p" 2>/dev/null | grep -v '^[ ]*PID' | sed -e 's/-L.*$//' -e 's/-x .*$//'`
+ if echo "$pout" | grep "ssh" > /dev/null; then
+ if echo "$pout" | egrep -i 'ssh.*(-add|-agent|-ask|-keygen|-argv0|vnc)' >/dev/null; then
+ :
+ elif echo "$pout" | egrep -i 'scp|sshd' >/dev/null; then
+ :
+ else
+ pssh=$p
+ break
+ fi
fi
c=`expr $c + 1`
done
@@ -1697,20 +1873,20 @@ if [ "X$use_ssh" = "X1" ]; then
echo "sleep $SSVNC_EXTRA_SLEEP"
sleep $SSVNC_EXTRA_SLEEP
fi
- #echo "pssh=\"$pssh\""
+ echo "ssh_pid='$pssh'"; echo
if [ "X$use_sshssl" = "X" -a "X$getport" = "X" ]; then
echo "Running viewer:"
trap "final" 0 2 15
if [ "X$reverse" = "X" ]; then
- echo "$VNCVIEWERCMD" "$@" localhost:$N
+ echo "$VNCVIEWERCMD" "$@" $localhost:$N
echo ""
- $VNCVIEWERCMD "$@" localhost:$N
+ $VNCVIEWERCMD "$@" $localhost:$N
if [ $? != 0 ]; then
echo "vncviewer command failed: $?"
if [ "X$secondtry" = "X1" ]; then
sleep 2
- $VNCVIEWERCMD "$@" localhost:$N
+ $VNCVIEWERCMD "$@" $localhost:$N
fi
fi
else
@@ -1734,7 +1910,7 @@ if [ "X$use_ssh" = "X1" ]; then
use2=`findfree 5960`
host0=$host
port0=$port
- host=localhost
+ host=$localhost
port=$use
use=$use2
N=`expr $use - 5900`
@@ -1760,6 +1936,13 @@ fi
if [ "X$mycert" != "X" ]; then
cert="cert = $mycert"
fi
+if [ "X$crl" != "X" ]; then
+ if [ -d $crl ]; then
+ crl="CRLpath = $crl"
+ else
+ crl="CRLfile = $crl"
+ fi
+fi
ptmp=""
if [ "X$proxy" != "X" ]; then
@@ -1769,19 +1952,24 @@ if [ "X$proxy" != "X" ]; then
pcode "$ptmp"
if [ "X$showcert" != "X1" -a "X$direct_connect" = "X" ]; then
if uname | egrep 'Darwin|SunOS' >/dev/null; then
- # on mac we need to listen on socket instead of stdio:
- nd=`findfree 6700`
- PPROXY_LISTEN=$nd
- export PPROXY_LISTEN
- if [ "X$reverse" = "X" ]; then
- #$ptmp 2>/dev/null &
- $ptmp &
+ vout=`echo "$proxy" | grep -i vencrypt`
+ if [ "X$vout" != "X" -a "X$reverse" = "X1" ]; then
+ # need to exec for reverse vencrypt
+ connect="exec = $ptmp"
+ else
+ # on mac and solaris we need to listen on socket instead of stdio:
+ nd=`findfree 6700`
+ PPROXY_LISTEN=$nd
+ export PPROXY_LISTEN
+ if [ "X$reverse" = "X" ]; then
+ #$ptmp 2>/dev/null &
+ $ptmp &
+ fi
+ sleep 2
+ host="$localhost"
+ port="$nd"
+ connect="connect = $localhost:$nd"
fi
- #sleep 3
- sleep 2
- host="localhost"
- port="$nd"
- connect="connect = localhost:$nd"
else
# otherwise on unix we can exec it:
connect="exec = $ptmp"
@@ -1803,7 +1991,7 @@ if [ "X$showcert" = "X1" ]; then
$ptmp 2>/dev/null &
fi
sleep 1
- host="localhost"
+ host="$localhost"
port="$use"
fi
cipher_args=""
@@ -1811,8 +1999,63 @@ if [ "X$showcert" = "X1" ]; then
cipher_args=`echo "$ciphers" | sed -e 's/ciphers=/-cipher /'`
fi
#echo "openssl s_client $cipher_args -connect $host:$port"
- openssl s_client $cipher_args -prexit -connect $host:$port 2>&1 < /dev/null
- rc=$?
+ if [ "X$reverse" = "X" ]; then
+ openssl s_client $cipher_args -prexit -connect $host:$port 2>&1 < /dev/null
+ rc=$?
+ else
+ tcert=""
+ if [ "X$mycert" = "X" ]; then
+ tcert=`make_tcert`
+ cert_args="-cert $tcert -CAfile $tcert"
+ else
+ cert_args="-cert $mycert -CAfile $mycert"
+ fi
+ tmp_out=/tmp/showcert_out${RANDOM}.$$
+ tmp_out=`mytmp "$tmp_out"`
+ tmp_err=/tmp/showcert_err${RANDOM}.$$
+ tmp_err=`mytmp "$tmp_err"`
+
+ #echo "openssl s_server $cipher_args $cert_args -accept $port -verify 2 > $tmp_out 2> $tmp_err" 1>&2
+
+ perl -e "
+ \$p = open(O, \"|openssl s_server $cipher_args $cert_args -accept $port -verify 2 1>$tmp_out 2> $tmp_err\");
+ exit 1 unless \$p;
+ while (1) {
+ sleep 1;
+ if (!open(F, \"<$tmp_out\")) {
+ kill \$p;
+ exit 1;
+ }
+ while (<F>) {
+ if (/RFB 00/) {
+ fsleep(0.25);
+ print O \"RFB 000.000\\n\";
+ fsleep(1.00);
+ kill \$p;
+ fsleep(0.25);
+ exit 0;
+ }
+ }
+ close F;
+ }
+ sub fsleep {
+ select(undef, undef, undef, shift);
+ }
+ ";
+
+ echo ""
+ cat $tmp_out
+ echo ""
+ echo "----2----"
+ cat $tmp_err
+ if grep BEGIN.CERTIFICATE $tmp_out >/dev/null; then
+ rc=0
+ else
+ rc=1
+ fi
+
+ rm -f $tmp_out $tmp_err
+ fi
if [ "X$SSVNC_PREDIGESTED_HANDSHAKE" != "X" ]; then
rm -f $SSVNC_PREDIGESTED_HANDSHAKE
fi
@@ -1860,7 +2103,7 @@ if [ "X$direct_connect" != "X" ]; then
PPROXY_LISTEN=$use
export PPROXY_LISTEN
else
- PPROXY_REVERSE="localhost:$use"
+ PPROXY_REVERSE="$localhost:$use"
export PPROXY_REVERSE
pps=3
if [ "X$SSVNC_EXTRA_SLEEP" != "X" ]; then
@@ -1877,7 +2120,7 @@ if [ "X$direct_connect" != "X" ]; then
#echo T sleep 1
sleep 1
fi
- host="localhost"
+ host="$localhost"
disp="$N"
port=`expr $disp + 5900`
fi
@@ -1894,7 +2137,7 @@ if [ "X$direct_connect" != "X" ]; then
pf=`findfree 5970`
cmd="$SSVNC_ULTRA_DSM -$pf $host:$port"
pf=`expr $pf - 5900`
- hostdisp="localhost:$pf"
+ hostdisp="$localhost:$pf"
ustr=`echo "$cmd" | sed -e 's/pw=[^ ]*/pw=******/g'`
echo "Running:"
echo
@@ -1930,7 +2173,7 @@ if [ "X$direct_connect" != "X" ]; then
VNCVIEWER_LISTEN_LOCALHOST=1
export VNCVIEWER_LISTEN_LOCALHOST
dport=`expr 5500 + $disp`
- cmd="$SSVNC_ULTRA_DSM $dport localhost:$use"
+ cmd="$SSVNC_ULTRA_DSM $dport $localhost:$use"
ustr=`echo "$cmd" | sed -e 's/pw=[^ ]*/pw=******/g'`
echo "Running:"
echo
@@ -1961,69 +2204,10 @@ fi
tmp_cfg=/tmp/ss_vncviewer${RANDOM}.$$
tmp_cfg=`mytmp "$tmp_cfg"`
-# make_tcert is no longer invoked via the ssvnc gui (Listen mode).
-# make_tcert is for testing only now via -mycert BUILTIN
-make_tcert() {
- tcert="/tmp/ss_vnc_viewer_tcert${RANDOM}.$$"
- tcert=`mytmp "$tcert"`
- cat > $tcert <<END
------BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEAvkfXxb0wcxgrjV2ziFikjII+ze8iKcTBt47L0GM/c21efelN
-+zZpJUUXLu4zz8Ryq8Q+sQgfNy7uTOpN9bUUaOk1TnD7gaDQnQWiNHmqbW2kL+DS
-OKngJVPo9dETAS8hf7+D1e1DBZxjTc1a4RQqWJixwpYj99ixWzu8VC2m/xXsjvOs
-jp4+DLBB490nbkwvstmhmiWm1CmI5O5xOkgioVNQqHvQMdVKOSz9PpbjvZiRX1Uo
-qoMrk+2NOqwP90TB35yPASXb9zXKpO7DLhkube+yYGf+yk46aD707L07Eb7cosFP
-S84vNZ9gX7rQ0UOwm5rYA/oZTBskgaqhtIzkLwIDAQABAoIBAD4ot/sXt5kRn0Ca
-CIkU9AQWlC+v28grR2EQW9JiaZrqcoDNUzUqbCTJsi4ZkIFh2lf0TsqELbZYNW6Y
-6AjJM7al4E0UqYSKJTv2WCuuRxdiRs2BMwthqyBmjeanev7bB6V0ybt7u3Y8xU/o
-MrTuYnr4vrEjXPKdLirwk7AoDbKsRXHSIiHEIBOq1+dUQ32t36ukdnnza4wKDLZc
-PKHiCdCk/wOGhuDlxD6RspqUAlRnJ8/aEhrgWxadFXw1hRhRsf/v1shtB0T3DmTe
-Jchjwyiw9mryb9JZAcKxW+fUc4EVvj6VdQGqYInQJY5Yxm5JAlVQUJicuuJEvn6A
-rj5osQECgYEA552CaHpUiFlB4HGkjaH00kL+f0+gRF4PANCPk6X3UPDVYzKnzmuu
-yDvIdEETGFWBwoztUrOOKqVvPEQ+kBa2+DWWYaERZLtg2cI5byfDJxQ3ldzilS3J
-1S3WgCojqcsG/hlxoQJ1dZFanUy/QhUZ0B+wlC+Zp1Q8AyuGQvhHp68CgYEA0lBI
-eqq2GGCdJuNHMPFbi8Q0BnX55LW5C1hWjhuYiEkb3hOaIJuJrqvayBlhcQa2cGqp
-uP34e9UCfoeLgmoCQ0b4KpL2NGov/mL4i8bMgog4hcoYuIi3qxN18vVR14VKEh4U
-RLk0igAYPU+IK2QByaQlBo9OSaKkcfm7U1/pK4ECgYAxr6VpGk0GDvfF2Tsusv6d
-GIgV8ZP09qSLTTJvvxvF/lQYeqZq7sjI5aJD5i3de4JhpO/IXQJzfZfWOuGc8XKA
-3qYK/Y2IqXXGYRcHFGWV/Y1LFd55mCADHlk0l1WdOBOg8P5iRu/Br9PbiLpCx9oI
-vrOXpnp03eod1/luZmqguwKBgQCWFRSj9Q7ddpSvG6HCG3ro0qsNsUMTI1tZ7UBX
-SPogx4tLf1GN03D9ZUZLZVFUByZKMtPLX/Hi7K9K/A9ikaPrvsl6GEX6QYzeTGJx
-3Pw0amFrmDzr8ySewNR6/PXahxPEuhJcuI31rPufRRI3ZLah3rFNbRbBFX+klkJH
-zTnoAQKBgDbUK/aQFGduSy7WUT7LlM3UlGxJ2sA90TQh4JRQwzur0ACN5GdYZkqM
-YBts4sBJVwwJoxD9OpbvKu3uKCt41BSj0/KyoBzjT44S2io2tj1syujtlVUsyyBy
-/ca0A7WBB8lD1D7QMIhYUm2O9kYtSCLlUTHt5leqGaRG38DqlX36
------END RSA PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIIDzDCCArQCCQDSzxzxqhyqLzANBgkqhkiG9w0BAQQFADCBpzELMAkGA1UEBhMC
-VVMxFjAUBgNVBAgTDU1hc3NhY2h1c2V0dHMxDzANBgNVBAcTBkJvc3RvbjETMBEG
-A1UEChMKTXkgQ29tcGFueTEcMBoGA1UECxMTUHJvZHVjdCBEZXZlbG9wbWVudDEZ
-MBcGA1UEAxMQd3d3Lm5vd2hlcmUubm9uZTEhMB8GCSqGSIb3DQEJARYSYWRtaW5A
-bm93aGVyZS5ub25lMB4XDTA3MDMyMzE4MDc0NVoXDTI2MDUyMjE4MDc0NVowgacx
-CzAJBgNVBAYTAlVTMRYwFAYDVQQIEw1NYXNzYWNodXNldHRzMQ8wDQYDVQQHEwZC
-b3N0b24xEzARBgNVBAoTCk15IENvbXBhbnkxHDAaBgNVBAsTE1Byb2R1Y3QgRGV2
-ZWxvcG1lbnQxGTAXBgNVBAMTEHd3dy5ub3doZXJlLm5vbmUxITAfBgkqhkiG9w0B
-CQEWEmFkbWluQG5vd2hlcmUubm9uZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
-AQoCggEBAL5H18W9MHMYK41ds4hYpIyCPs3vIinEwbeOy9BjP3NtXn3pTfs2aSVF
-Fy7uM8/EcqvEPrEIHzcu7kzqTfW1FGjpNU5w+4Gg0J0FojR5qm1tpC/g0jip4CVT
-6PXREwEvIX+/g9XtQwWcY03NWuEUKliYscKWI/fYsVs7vFQtpv8V7I7zrI6ePgyw
-QePdJ25ML7LZoZolptQpiOTucTpIIqFTUKh70DHVSjks/T6W472YkV9VKKqDK5Pt
-jTqsD/dEwd+cjwEl2/c1yqTuwy4ZLm3vsmBn/spOOmg+9Oy9OxG+3KLBT0vOLzWf
-YF+60NFDsJua2AP6GUwbJIGqobSM5C8CAwEAATANBgkqhkiG9w0BAQQFAAOCAQEA
-vGomHEp6TVU83X2EBUgnbOhzKJ9u3fOI/Uf5L7p//Vxqow7OR1cguzh/YEzmXOIL
-ilMVnzX9nj/bvcLAuqEP7MR1A8f4+E807p/L/Sf49BiCcwQq5I966sGKYXjkve+T
-2GTBNwMSq+5kLSf6QY8VZI+qnrAudEQMeJByQhTZZ0dH8Njeq8EGl9KUio+VWaiW
-CQK6xJuAvAHqa06OjLmwu1fYD4GLGSrOIiRVkSXV8qLIUmzxdJaIRznkFWsrCEKR
-wAH966SAOvd2s6yOHMvyDRIL7WHxfESB6rDHsdIW/yny1fBePjv473KrxyXtbz7I
-dMw1yW09l+eEo4A7GzwOdw==
------END CERTIFICATE-----
-END
- chmod 600 $tcert
- echo "$tcert"
-}
-
stunnel_exec=""
-if echo $STUNNEL_EXTRA_SVC_OPTS | grep '#stunnel-exec' > /dev/null; then
+if [ "X$SSVNC_USE_OURS" != "X1" ]; then
+ :
+elif echo $STUNNEL_EXTRA_SVC_OPTS | grep '#stunnel-exec' > /dev/null; then
stunnel_exec="#"
fi
@@ -2042,25 +2226,29 @@ if [ "X$reverse" = "X" ]; then
foreground = yes
pid =
client = yes
-debug = 6
+debug = $stunnel_debug
$ciphers
$STUNNEL_EXTRA_OPTS
$STUNNEL_EXTRA_OPTS_USER
-$verify
$cert
+$crl
+$verify
${stunnel_exec}[vnc_stunnel]
-${stunnel_exec}accept = localhost:$use
+${stunnel_exec}accept = $localhost:$use
$connect
$STUNNEL_EXTRA_SVC_OPTS
$STUNNEL_EXTRA_SVC_OPTS_USER
END
+
else
+ # REVERSE case:
+
stunnel_exec="" # doesn't work for listening.
p2=`expr 5500 + $N`
- connect="connect = localhost:$p2"
+ connect="connect = $localhost:$p2"
if [ "X$cert" = "XBUILTIN" ]; then
ttcert=`make_tcert`
cert="cert = $ttcert"
@@ -2068,22 +2256,33 @@ else
# Note for listen mode, an empty cert will cause stunnel to fail.
# The ssvnc gui will have already taken care of this.
- STUNNEL_EXTRA_OPTS=`echo "$STUNNEL_EXTRA_OPTS" | sed -e 's/maxconn/#maxconn/'`
hloc=""
if [ "X$use_ssh" = "X1" ]; then
- hloc="localhost:"
+ hloc="$localhost:"
+ fi
+ if echo "$proxy" | grep -i '^vencrypt:' > /dev/null; then
+ hloc="$localhost:"
+ pv=`findfree 5570`
+ proxy="vencrypt:$pv:$port"
+ port=$pv
+ if [ "X$anondh_set" = "X1" ]; then
+ # not needed for ANONDH in this mode
+ #ciphers="ciphers = ADH:@STRENGTH"
+ :
+ fi
fi
cat > "$tmp_cfg" <<END
foreground = yes
pid =
client = no
-debug = 6
+debug = $stunnel_debug
$ciphers
$STUNNEL_EXTRA_OPTS
$STUNNEL_EXTRA_OPTS_USER
-$verify
$cert
+$crl
+$verify
[vnc_stunnel]
accept = $hloc$port
@@ -2092,6 +2291,7 @@ $STUNNEL_EXTRA_SVC_OPTS
$STUNNEL_EXTRA_SVC_OPTS_USER
END
+
fi
echo ""
@@ -2114,11 +2314,21 @@ if [ "X$stunnel_exec" = "X" ]; then
# pause here to let the user supply a possible passphrase for the
# mycert key:
if [ "X$mycert" != "X" ]; then
- sleep 1
- echo ""
- echo "(** pausing for possible certificate passphrase dialog **)"
- echo ""
- sleep 4
+ nsl=10
+ dsl=0
+ if [ ! -f $mycert ]; then
+ dsl=0
+ elif grep -i 'Proc-Type.*ENCRYPTED' "$mycert" > /dev/null 2>/dev/null; then
+ dsl=1
+ fi
+ if [ "X$dsl" = "X1" ]; then
+ echo ""
+ echo "(** pausing $nsl secs for possible certificate passphrase dialog **)"
+ echo ""
+ sleep $nsl
+ echo "(** done pausing for passphrase **)"
+ echo ""
+ fi
fi
#echo T sleep 1
sleep 1
@@ -2133,7 +2343,7 @@ if [ "X$SSVNC_EXTRA_SLEEP" != "X" ]; then
fi
echo "Running viewer:"
if [ "X$reverse" = "X" ]; then
- vnc_hp=localhost:$N
+ vnc_hp=$localhost:$N
if [ "X$stunnel_exec" != "X" ]; then
vnc_hp="exec=$STUNNEL $tmp_cfg"
fi
@@ -2163,8 +2373,18 @@ else
trap "final" 0 2 15
echo ""
if [ "X$proxy" != "X" ]; then
- PPROXY_REVERSE="localhost:$port"; export PPROXY_REVERSE
- PPROXY_SLEEP=1; export PPROXY_SLEEP;
+ if echo "$proxy" | grep -i '^vencrypt:' > /dev/null; then
+ pstunnel=`echo "$proxy" | awk -F: '{print $2}'`
+ plisten=`echo "$proxy" | awk -F: '{print $3}'`
+ PPROXY_LISTEN="INADDR_ANY:$plisten"; export PPROXY_LISTEN
+ PPROXY_PROXY="vencrypt://$localhost:$pstunnel"; export PPROXY_PROXY
+ PPROXY_DEST="$localhost:$pstunnel"; export PPROXY_DEST
+ STUNNEL_ONCE=1; export STUNNEL_ONCE
+ STUNNEL_MAX_CLIENTS=1; export STUNNEL_MAX_CLIENTS
+ else
+ PPROXY_REVERSE="$localhost:$port"; export PPROXY_REVERSE
+ PPROXY_SLEEP=1; export PPROXY_SLEEP;
+ fi
PPROXY_KILLPID=+1; export PPROXY_KILLPID;
$ptmp &
fi
diff --git a/classes/ssl/ultravnc-102-JavaViewer-ssl-etc.patch b/classes/ssl/ultravnc-102-JavaViewer-ssl-etc.patch
index 3720673..8ee3129 100644
--- a/classes/ssl/ultravnc-102-JavaViewer-ssl-etc.patch
+++ b/classes/ssl/ultravnc-102-JavaViewer-ssl-etc.patch
@@ -121,7 +121,7 @@ diff -Naur JavaViewer.orig/ButtonPanel.java JavaViewer/ButtonPanel.java
}
diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
--- JavaViewer.orig/FTPFrame.java 2005-03-15 23:53:14.000000000 -0500
-+++ JavaViewer/FTPFrame.java 2008-10-04 18:09:36.000000000 -0400
++++ JavaViewer/FTPFrame.java 2009-01-11 12:10:06.000000000 -0500
@@ -24,8 +24,17 @@
import java.io.*;
import java.util.ArrayList;
@@ -244,7 +244,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
// Loop through the string to create a String[]
for (int i = 0; i < size; i = i + 3) {
-@@ -150,26 +231,52 @@
+@@ -150,26 +231,62 @@
driveType = str.substring(i + 2, i + 3);
if (driveType.compareTo("f") == 0)
drive[i / 3] += "\\ Floppy";
@@ -265,11 +265,21 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
remoteDrivesComboBox.addItem(drive[i / 3]);
+System.out.println("ComboBox: Add " + idx + " '" + drive[i/3] + "'");
+ idx++;
- }
++ }
+
+ // runge
-+ remoteDrivesComboBox.addItem(" [My Documents]");
-+ remoteDrivesComboBox.addItem(" [Desktop]");
++ if (viewer.ftpDropDown != null) {
++ String[] dd = viewer.ftpDropDown.split("\\.");
++ for (int i=0; i < dd.length; i++) {
++ if (!dd[i].equals("")) {
++ remoteDrivesComboBox.addItem(" [" + dd[i] + "]");
++ }
++ }
++ } else {
++ remoteDrivesComboBox.addItem(" [My Documents]");
++ remoteDrivesComboBox.addItem(" [Desktop]");
++ remoteDrivesComboBox.addItem(" [Home]");
+ }
+
//sf@ - Select Drive C:as default if possible
boolean bFound = false;
@@ -303,7 +313,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
updateDriveList = false;
return drive;
}
-@@ -185,6 +292,8 @@
+@@ -185,6 +302,8 @@
stopButton.setVisible(true);
stopButton.setEnabled(true);
receiveButton.setEnabled(false);
@@ -312,7 +322,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
remoteTopButton.setEnabled(false);
sendButton.setEnabled(false);
remoteFileTable.setEnabled(false);
-@@ -207,6 +316,8 @@
+@@ -207,6 +326,8 @@
stopButton.setVisible(false);
stopButton.setEnabled(false);
receiveButton.setEnabled(true);
@@ -321,7 +331,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
remoteTopButton.setEnabled(true);
sendButton.setEnabled(true);
remoteFileTable.setEnabled(true);
-@@ -221,10 +332,11 @@
+@@ -221,10 +342,11 @@
/*
* Print Directory prints out all the contents of a directory
*/
@@ -334,7 +344,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
remoteFileTable.setListData(remoteList);
}
-@@ -235,10 +347,12 @@
+@@ -235,10 +357,12 @@
* @return void
*/
private void initialize() {
@@ -348,7 +358,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
/**
* This method initializes jContentPane. This is the main content pane
*
-@@ -253,6 +367,33 @@
+@@ -253,6 +377,33 @@
jContentPane.add(getRemotePanel(), java.awt.BorderLayout.EAST);
jContentPane.add(getLocalPanel(), java.awt.BorderLayout.WEST);
jContentPane.add(getButtonPanel(), java.awt.BorderLayout.CENTER);
@@ -382,7 +392,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return jContentPane;
}
-@@ -270,6 +411,7 @@
+@@ -270,6 +421,7 @@
topPanelLocal.add(getLocalMachineLabel(), java.awt.BorderLayout.CENTER);
topPanelLocal.add(getLocalTopButton(), java.awt.BorderLayout.EAST);
topPanelLocal.setBackground(java.awt.Color.lightGray);
@@ -390,7 +400,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return topPanelLocal;
}
-@@ -288,6 +430,7 @@
+@@ -288,6 +440,7 @@
topPanelRemote.add(getRemoteMachineLabel(), java.awt.BorderLayout.CENTER);
topPanelRemote.add(getRemoteTopButton(), java.awt.BorderLayout.EAST);
topPanelRemote.setBackground(java.awt.Color.lightGray);
@@ -398,7 +408,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return topPanelRemote;
}
-@@ -301,6 +444,7 @@
+@@ -301,6 +454,7 @@
if (topPanelCenter == null) {
topPanelCenter = new javax.swing.JPanel();
topPanelCenter.add(getDummyButton(), null);
@@ -406,7 +416,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return topPanelCenter;
}
-@@ -328,6 +472,7 @@
+@@ -328,6 +482,7 @@
topPanel.add(getRemoteTopButton(), null);
topPanel.setBackground(java.awt.Color.lightGray);
*/
@@ -414,7 +424,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return topPanel;
}
-@@ -348,6 +493,7 @@
+@@ -348,6 +503,7 @@
statusPanel.add(getJProgressBar(), null);
statusPanel.add(getConnectionStatus(), null);
statusPanel.setBackground(java.awt.Color.lightGray);
@@ -422,7 +432,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return statusPanel;
-@@ -368,6 +514,7 @@
+@@ -368,6 +524,7 @@
remotePanel.add(getRemoteScrollPane(), null);
remotePanel.add(getRemoteStatus(), null);
remotePanel.setBackground(java.awt.Color.lightGray);
@@ -430,7 +440,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return remotePanel;
}
-@@ -390,6 +537,7 @@
+@@ -390,6 +547,7 @@
localPanel.setComponentOrientation(
java.awt.ComponentOrientation.UNKNOWN);
localPanel.setName("localPanel");
@@ -438,7 +448,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return localPanel;
}
-@@ -405,12 +553,15 @@
+@@ -405,12 +563,15 @@
buttonPanel = new javax.swing.JPanel();
buttonPanel.setLayout(null);
buttonPanel.add(getReceiveButton(), null);
@@ -454,7 +464,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return buttonPanel;
}
-@@ -422,10 +573,11 @@
+@@ -422,10 +583,11 @@
private javax.swing.JButton getSendButton() {
if (sendButton == null) {
sendButton = new javax.swing.JButton();
@@ -467,7 +477,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return sendButton;
-@@ -438,7 +590,7 @@
+@@ -438,7 +600,7 @@
private javax.swing.JButton getReceiveButton() {
if (receiveButton == null) {
receiveButton = new javax.swing.JButton();
@@ -476,7 +486,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
receiveButton.setText("<< Receive");
receiveButton.setName("receiveButton");
receiveButton.addActionListener(this);
-@@ -453,7 +605,7 @@
+@@ -453,7 +615,7 @@
private javax.swing.JButton getDeleteButton() {
if (deleteButton == null) {
deleteButton = new javax.swing.JButton();
@@ -485,7 +495,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
deleteButton.setText("Delete File");
deleteButton.setName("deleteButton");
deleteButton.addActionListener(this);
-@@ -468,7 +620,7 @@
+@@ -468,7 +630,7 @@
private javax.swing.JButton getNewFolderButton() {
if (newFolderButton == null) {
newFolderButton = new javax.swing.JButton();
@@ -494,7 +504,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
newFolderButton.setText("New Folder");
newFolderButton.setName("newFolderButton");
newFolderButton.addActionListener(this);
-@@ -476,6 +628,39 @@
+@@ -476,6 +638,39 @@
return newFolderButton;
}
@@ -534,7 +544,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
/**
* This method initializes stopButton
*
-@@ -486,7 +671,7 @@
+@@ -486,7 +681,7 @@
if (stopButton == null)
{
stopButton = new javax.swing.JButton();
@@ -543,7 +553,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
stopButton.setText("Stop");
stopButton.setName("stopButton");
stopButton.addActionListener(this);
-@@ -503,8 +688,12 @@
+@@ -503,8 +698,12 @@
private javax.swing.JButton getCloseButton() {
if (closeButton == null) {
closeButton = new javax.swing.JButton();
@@ -558,7 +568,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
closeButton.setName("closeButton");
closeButton.addActionListener(this);
}
-@@ -551,6 +740,7 @@
+@@ -551,6 +750,7 @@
//Select the second entry (e.g. C:\)
// localDrivesComboBox.setSelectedIndex(1);
localDrivesComboBox.addActionListener(this);
@@ -566,7 +576,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
updateDriveList = false;
return localDrivesComboBox;
-@@ -567,6 +757,7 @@
+@@ -567,6 +767,7 @@
remoteDrivesComboBox.setFont(
new java.awt.Font("Dialog", java.awt.Font.PLAIN, 10));
remoteDrivesComboBox.addActionListener(this);
@@ -574,7 +584,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return remoteDrivesComboBox;
-@@ -587,6 +778,7 @@
+@@ -587,6 +788,7 @@
localMachineLabel.setFont(
new java.awt.Font("Dialog", java.awt.Font.BOLD, 11));
localMachineLabel.setEditable(false);
@@ -582,7 +592,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return localMachineLabel;
}
-@@ -622,6 +814,7 @@
+@@ -622,6 +824,7 @@
localTopButton.setFont(
new java.awt.Font("Dialog", java.awt.Font.BOLD, 10));
localTopButton.addActionListener(this);
@@ -590,7 +600,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return localTopButton;
}
-@@ -638,6 +831,7 @@
+@@ -638,6 +841,7 @@
remoteTopButton.setFont(
new java.awt.Font("Dialog", java.awt.Font.BOLD, 10));
remoteTopButton.addActionListener(this);
@@ -598,7 +608,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return remoteTopButton;
}
-@@ -650,9 +844,24 @@
+@@ -650,9 +854,24 @@
private javax.swing.JList getLocalFileTable() {
if (localFileTable == null) {
localList = new Vector(0);
@@ -623,7 +633,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return localFileTable;
}
-@@ -669,6 +878,7 @@
+@@ -669,6 +888,7 @@
localScrollPane.setFont(
new java.awt.Font("Dialog", java.awt.Font.PLAIN, 10));
localScrollPane.setName("localFileList");
@@ -631,7 +641,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return localScrollPane;
}
-@@ -680,10 +890,25 @@
+@@ -680,10 +900,25 @@
private javax.swing.JList getRemoteFileTable() {
if (remoteFileTable == null) {
remoteList = new Vector(0);
@@ -657,7 +667,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return remoteFileTable;
-@@ -698,6 +923,7 @@
+@@ -698,6 +933,7 @@
remoteScrollPane = new javax.swing.JScrollPane();
remoteScrollPane.setViewportView(getRemoteFileTable());
remoteScrollPane.setPreferredSize(new java.awt.Dimension(325, 418));
@@ -665,7 +675,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return remoteScrollPane;
}
-@@ -716,6 +942,7 @@
+@@ -716,6 +952,7 @@
remoteLocation.setBackground(new Color(255,255,238));
remoteLocation.setFont(
new java.awt.Font("Dialog", java.awt.Font.PLAIN, 10));
@@ -673,7 +683,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return remoteLocation;
}
-@@ -732,6 +959,7 @@
+@@ -732,6 +969,7 @@
localLocation.setBackground( new Color(255,255,238));
localLocation.setFont(
new java.awt.Font("Dialog", java.awt.Font.PLAIN, 10));
@@ -681,7 +691,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return localLocation;
}
-@@ -748,6 +976,7 @@
+@@ -748,6 +986,7 @@
localStatus.setFont(
new java.awt.Font("Dialog", java.awt.Font.PLAIN, 10));
localStatus.setEditable(false);
@@ -689,7 +699,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return localStatus;
}
-@@ -764,6 +993,7 @@
+@@ -764,6 +1003,7 @@
remoteStatus.setFont(
new java.awt.Font("Dialog", java.awt.Font.PLAIN, 10));
remoteStatus.setEditable(false);
@@ -697,7 +707,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return remoteStatus;
}
-@@ -777,9 +1007,10 @@
+@@ -777,9 +1017,10 @@
historyComboBox = new javax.swing.JComboBox();
historyComboBox.setFont(
new java.awt.Font("Dialog", java.awt.Font.BOLD, 10));
@@ -709,7 +719,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return historyComboBox;
}
-@@ -791,6 +1022,7 @@
+@@ -791,6 +1032,7 @@
private javax.swing.JProgressBar getJProgressBar() {
if (jProgressBar == null) {
jProgressBar = new javax.swing.JProgressBar();
@@ -717,7 +727,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
return jProgressBar;
}
-@@ -806,6 +1038,7 @@
+@@ -806,6 +1048,7 @@
connectionStatus.setBackground(java.awt.Color.lightGray);
connectionStatus.setFont(
new java.awt.Font("Dialog", java.awt.Font.PLAIN, 10));
@@ -725,7 +735,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
connectionStatus.setEditable(false);
return connectionStatus;
-@@ -815,7 +1048,12 @@
+@@ -815,7 +1058,12 @@
* Implements Action listener.
*/
public void actionPerformed(ActionEvent evt) {
@@ -739,7 +749,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
if (evt.getSource() == closeButton)
{ // Close Button
-@@ -829,15 +1067,27 @@
+@@ -829,15 +1077,27 @@
{
doReceive();
}
@@ -769,7 +779,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
else if (evt.getSource() == localTopButton)
{
-@@ -845,12 +1095,17 @@
+@@ -845,12 +1105,17 @@
}
else if (evt.getSource() == remoteTopButton)
{
@@ -787,7 +797,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
else if(evt.getSource()==newFolderButton)
{
doNewFolder();
-@@ -864,7 +1119,7 @@
+@@ -864,7 +1129,7 @@
private void doNewFolder()
{
@@ -796,7 +806,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
if(selectedTable.equals("remote"))
{
name = remoteLocation.getText()+name;
-@@ -880,34 +1135,106 @@
+@@ -880,34 +1145,106 @@
historyComboBox.setSelectedIndex(0);
}
}
@@ -913,7 +923,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
return;
}
-@@ -916,7 +1243,7 @@
+@@ -916,7 +1253,7 @@
// sf@2004 - Delete prompt
if (remoteList.contains(sFileName))
{
@@ -922,7 +932,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
if (r == JOptionPane.NO_OPTION)
return;
}
-@@ -926,18 +1253,22 @@
+@@ -926,18 +1263,22 @@
}
else
{
@@ -948,7 +958,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
if (r == JOptionPane.NO_OPTION)
return;
}
-@@ -952,21 +1283,25 @@
+@@ -952,21 +1293,25 @@
private void doReceive()
{
@@ -978,7 +988,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
if (r == JOptionPane.NO_OPTION)
return;
}
-@@ -979,23 +1314,101 @@
+@@ -979,23 +1324,101 @@
viewer.rfb.requestRemoteFile(remoteFileName,localDestinationPath);
}
@@ -1084,7 +1094,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
if (r == JOptionPane.NO_OPTION)
return;
}
-@@ -1013,6 +1426,7 @@
+@@ -1013,6 +1436,7 @@
//
private void doStop()
{
@@ -1092,7 +1102,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
viewer.rfb.fAbort = true;
}
/**
-@@ -1024,6 +1438,14 @@
+@@ -1024,6 +1448,14 @@
System.out.println("History: " + message);
historyComboBox.insertItemAt(new String(message), 0);
}
@@ -1107,7 +1117,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
/**
* This method updates the file table to the current selection of the remoteComboBox
-@@ -1034,11 +1456,41 @@
+@@ -1034,11 +1466,44 @@
remoteSelection = null;
if (!updateDriveList) {
@@ -1128,6 +1138,9 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
+ } else {
+ drive = instr.substring(2);
+ }
++ if (drive.equals("Home")) {
++ drive = "";
++ }
+ drive += "\\";
+ doingShortcutDir = true;
+ } else {
@@ -1152,7 +1165,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
remoteFileTable.setListData(remoteList);
}
/**
-@@ -1048,6 +1500,7 @@
+@@ -1048,6 +1513,7 @@
private void changeLocalDrive()
{
File currentDrive = new File(localDrivesComboBox.getSelectedItem().toString());
@@ -1160,7 +1173,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
if(currentDrive.canRead())
{
localSelection = null;
-@@ -1057,9 +1510,11 @@
+@@ -1057,9 +1523,11 @@
else
{
localList.clear();
@@ -1172,7 +1185,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
/**
* Determines which FileTable was double-clicked and updates the table
-@@ -1098,10 +1553,18 @@
+@@ -1098,10 +1566,18 @@
selectedTable = "remote";
localFileTable.setBackground(new Color(238, 238, 238));
remoteFileTable.setBackground(new Color(255, 255, 255));
@@ -1193,7 +1206,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
/*
-@@ -1115,10 +1578,38 @@
+@@ -1115,10 +1591,38 @@
localFileTable.setBackground(new Color(255, 255, 255));
File currentSelection = new File(currentLocalDirectory, getTrimmedSelection());
@@ -1233,7 +1246,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
/**
* Updates the Remote File Table based on selection. Called from mouseClicked handler
*/
-@@ -1126,20 +1617,29 @@
+@@ -1126,20 +1630,29 @@
String name = null;
String action = null;
String drive = null;
@@ -1265,7 +1278,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
remoteFileTable.setListData(remoteList);
}
else if (!name.substring(0, 2).equals(" [") && !name.substring((name.length() - 1), name.length()).equals("]"))
-@@ -1149,6 +1649,7 @@
+@@ -1149,6 +1662,7 @@
remoteSelection = remoteLocation.getText() + name.substring(0, name.length());
drive = remoteLocation.getText();
// ??
@@ -1273,7 +1286,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
else
{
-@@ -1159,10 +1660,12 @@
+@@ -1159,10 +1673,12 @@
remoteLocation.setText(drive);
viewer.rfb.readServerDirectory(drive);
remoteList.clear();
@@ -1286,7 +1299,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
/**
* Updates the Local File Table based on selection. Called from MouseClicked handler
*/
-@@ -1188,6 +1691,7 @@
+@@ -1188,6 +1704,7 @@
else if (currentSelection.isFile())
{
localSelection = currentSelection.getAbsoluteFile();
@@ -1294,7 +1307,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
else if (currentSelection.isDirectory())
{
-@@ -1201,13 +1705,22 @@
+@@ -1201,13 +1718,22 @@
*
*/
private String getTrimmedSelection(){
@@ -1324,7 +1337,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
}
/*
-@@ -1241,36 +1754,148 @@
+@@ -1241,36 +1767,148 @@
return null;
}
@@ -1481,7 +1494,7 @@ diff -Naur JavaViewer.orig/FTPFrame.java JavaViewer/FTPFrame.java
FilesList.clear();
DirsList.clear();
-@@ -1296,3 +1921,147 @@
+@@ -1296,3 +1934,147 @@
}
} // @jve:visual-info decl-index=0 visual-constraint="10,10"
@@ -4208,7 +4221,7 @@ diff -Naur JavaViewer.orig/VncCanvas.java JavaViewer/VncCanvas.java
result = 0; // Transparent pixel
diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
--- JavaViewer.orig/VncViewer.java 2006-05-24 15:14:40.000000000 -0400
-+++ JavaViewer/VncViewer.java 2008-09-14 10:36:37.000000000 -0400
++++ JavaViewer/VncViewer.java 2009-01-11 12:28:55.000000000 -0500
@@ -80,11 +80,11 @@
GridBagLayout gridbag;
ButtonPanel buttonPanel;
@@ -4232,7 +4245,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
String passwordParam;
String encPasswordParam;
boolean showControls;
-@@ -115,28 +115,67 @@
+@@ -115,28 +115,68 @@
int i;
// mslogon support 2 end
@@ -4243,6 +4256,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
+String urlPrefix;
+String httpsPort;
+String oneTimeKey;
++String ftpDropDown;
+boolean forceProxy;
+boolean ignoreProxy;
+boolean trustAllVncCerts;
@@ -4306,7 +4320,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
// authenticator = new AuthPanel(false); // mslogon support : go to connectAndAuthenticate()
if (RecordingFrame.checkSecurity())
rec = new RecordingFrame(this);
-@@ -147,10 +186,11 @@
+@@ -147,10 +187,11 @@
cursorUpdatesDef = null;
eightBitColorsDef = null;
@@ -4320,7 +4334,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
rfbThread = new Thread(this);
rfbThread.start();
}
-@@ -186,6 +226,30 @@
+@@ -186,6 +227,30 @@
gbc.weightx = 1.0;
gbc.weighty = 1.0;
@@ -4351,7 +4365,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
// Add ScrollPanel to applet mode
// Create a panel which itself is resizeable and can hold
-@@ -286,6 +350,24 @@
+@@ -286,6 +351,24 @@
void connectAndAuthenticate() throws Exception {
@@ -4376,7 +4390,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
// If "ENCPASSWORD" parameter is set, decrypt the password into
// the passwordParam string.
-@@ -336,7 +418,22 @@
+@@ -336,7 +419,22 @@
//
@@ -4400,7 +4414,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
authenticator = new AuthPanel(mslogon);
-@@ -390,6 +487,10 @@
+@@ -390,6 +488,10 @@
break;
//mslogon support end
@@ -4411,7 +4425,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
// Retry on authentication failure.
authenticator.retry();
}
-@@ -405,9 +506,11 @@
+@@ -405,9 +507,11 @@
void prologueDetectAuthProtocol() throws Exception {
@@ -4425,7 +4439,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
System.out.println("RFB server supports protocol version " +
rfb.serverMajor + "." + rfb.serverMinor);
-@@ -431,16 +534,36 @@
+@@ -431,16 +535,36 @@
boolean tryAuthenticate(String us, String pw) throws Exception {
@@ -4468,7 +4482,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
switch (authScheme) {
-@@ -629,6 +752,10 @@
+@@ -629,6 +753,10 @@
void doProtocolInitialisation() throws IOException {
@@ -4479,7 +4493,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
rfb.writeClientInit();
rfb.readServerInit();
-@@ -775,8 +902,25 @@
+@@ -775,8 +903,25 @@
}
}
@@ -4507,7 +4521,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
if (inAnApplet) {
str = readParameter("Open New Window", false);
-@@ -804,6 +948,95 @@
+@@ -804,6 +949,105 @@
deferScreenUpdates = readIntParameter("Defer screen updates", 20);
deferCursorUpdates = readIntParameter("Defer cursor updates", 10);
deferUpdateRequests = readIntParameter("Defer update requests", 50);
@@ -4549,6 +4563,16 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
+ }
+ System.out.println("urlPrefix: '" + urlPrefix + "'");
+
++ ftpDropDown = readParameter("ftpDropDown", false);
++ if (ftpDropDown != null) {
++ ftpDropDown = ftpDropDown.replaceAll("%2F", "/");
++ ftpDropDown = ftpDropDown.replaceAll("%2f", "/");
++ ftpDropDown = ftpDropDown.replaceAll("_2F_", "/");
++ ftpDropDown = ftpDropDown.replaceAll("%20", " ");
++ System.out.println("ftpDropDown: '" + ftpDropDown + "'");
++ }
++
++
+ oneTimeKey = readParameter("oneTimeKey", false);
+ if (oneTimeKey != null) {
+ System.out.println("oneTimeKey: is set");