summaryrefslogtreecommitdiffstats
path: root/x11vnc/user.c
diff options
context:
space:
mode:
authorChristian Beier <dontmind@freeshell.org>2014-09-03 20:54:39 +0200
committerChristian Beier <dontmind@freeshell.org>2014-09-03 20:54:39 +0200
commit498d222976975f53dea885cfe43ef0f805abd412 (patch)
treebac684fbde46fdc3e4cc3817616816b71bb67f9f /x11vnc/user.c
parent8d2db0486dcc167f1b02d4454ebf4624ce03e1de (diff)
downloadlibtdevnc-498d222976975f53dea885cfe43ef0f805abd412.tar.gz
libtdevnc-498d222976975f53dea885cfe43ef0f805abd412.zip
Remove x11vnc subdir.
The new x11vnc repo is at https://github.com/LibVNC/x11vnc.
Diffstat (limited to 'x11vnc/user.c')
-rw-r--r--x11vnc/user.c3155
1 files changed, 0 insertions, 3155 deletions
diff --git a/x11vnc/user.c b/x11vnc/user.c
deleted file mode 100644
index f09fbb9..0000000
--- a/x11vnc/user.c
+++ /dev/null
@@ -1,3155 +0,0 @@
-/*
- Copyright (C) 2002-2010 Karl J. Runge <runge@karlrunge.com>
- All rights reserved.
-
-This file is part of x11vnc.
-
-x11vnc is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2 of the License, or (at
-your option) any later version.
-
-x11vnc is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with x11vnc; if not, write to the Free Software
-Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
-or see <http://www.gnu.org/licenses/>.
-
-In addition, as a special exception, Karl J. Runge
-gives permission to link the code of its release of x11vnc with the
-OpenSSL project's "OpenSSL" library (or with modified versions of it
-that use the same license as the "OpenSSL" library), and distribute
-the linked executables. You must obey the GNU General Public License
-in all respects for all of the code used other than "OpenSSL". If you
-modify this file, you may extend this exception to your version of the
-file, but you are not obligated to do so. If you do not wish to do
-so, delete this exception statement from your version.
-*/
-
-/* -- user.c -- */
-
-#include "x11vnc.h"
-#include "solid.h"
-#include "cleanup.h"
-#include "scan.h"
-#include "screen.h"
-#include "unixpw.h"
-#include "sslhelper.h"
-#include "xwrappers.h"
-#include "connections.h"
-#include "inet.h"
-#include "keyboard.h"
-#include "cursor.h"
-#include "remote.h"
-#include "sslhelper.h"
-#include "avahi.h"
-
-void check_switched_user(void);
-void lurk_loop(char *str);
-int switch_user(char *user, int fb_mode);
-int read_passwds(char *passfile);
-void install_passwds(void);
-void check_new_passwds(int force);
-void progress_client(void);
-int wait_for_client(int *argc, char** argv, int http);
-rfbBool custom_passwd_check(rfbClientPtr cl, const char *response, int len);
-char *xdmcp_insert = NULL;
-
-static void switch_user_task_dummy(void);
-static void switch_user_task_solid_bg(void);
-static char *get_login_list(int with_display);
-static char **user_list(char *user_str);
-static void user2uid(char *user, uid_t *uid, gid_t *gid, char **name, char **home);
-static int lurk(char **users);
-static int guess_user_and_switch(char *str, int fb_mode);
-static int try_user_and_display(uid_t uid, gid_t gid, char *dpystr);
-static int switch_user_env(uid_t uid, gid_t gid, char *name, char *home, int fb_mode);
-static void try_to_switch_users(void);
-
-
-/* tasks for after we switch */
-static void switch_user_task_dummy(void) {
- ; /* dummy does nothing */
-}
-static void switch_user_task_solid_bg(void) {
- /* we have switched users, some things to do. */
- if (use_solid_bg && client_count) {
- solid_bg(0);
- }
-}
-
-void check_switched_user(void) {
- static time_t sched_switched_user = 0;
- static int did_solid = 0;
- static int did_dummy = 0;
- int delay = 15;
- time_t now = time(NULL);
-
- if (unixpw_in_progress) return;
-
- if (started_as_root == 1 && users_list) {
- try_to_switch_users();
- if (started_as_root == 2) {
- /*
- * schedule the switch_user_tasks() call
- * 15 secs is for piggy desktops to start up.
- * might not be enough for slow machines...
- */
- sched_switched_user = now;
- did_dummy = 0;
- did_solid = 0;
- /* add other activities */
- }
- }
- if (! sched_switched_user) {
- return;
- }
-
- if (! did_dummy) {
- switch_user_task_dummy();
- did_dummy = 1;
- }
- if (! did_solid) {
- int doit = 0;
- char *ss = solid_str;
- if (now >= sched_switched_user + delay) {
- doit = 1;
- } else if (ss && strstr(ss, "root:") == ss) {
- if (now >= sched_switched_user + 3) {
- doit = 1;
- }
- } else if (strcmp("root", guess_desktop())) {
- usleep(1000 * 1000);
- doit = 1;
- }
- if (doit) {
- switch_user_task_solid_bg();
- did_solid = 1;
- }
- }
-
- if (did_dummy && did_solid) {
- sched_switched_user = 0;
- }
-}
-
-/* utilities for switching users */
-static char *get_login_list(int with_display) {
- char *out;
-#if LIBVNCSERVER_HAVE_UTMPX_H
- int i, cnt, max = 200, ut_namesize = 32;
- int dpymax = 1000, sawdpy[1000];
- struct utmpx *utx;
-
- /* size based on "username:999," * max */
- out = (char *) malloc(max * (ut_namesize+1+3+1) + 1);
- out[0] = '\0';
-
- for (i=0; i<dpymax; i++) {
- sawdpy[i] = 0;
- }
-
- setutxent();
- cnt = 0;
- while (1) {
- char *user, *line, *host, *id;
- char tmp[10];
- int d = -1;
- utx = getutxent();
- if (! utx) {
- break;
- }
- if (utx->ut_type != USER_PROCESS) {
- continue;
- }
- user = lblanks(utx->ut_user);
- if (*user == '\0') {
- continue;
- }
- if (strchr(user, ',')) {
- continue; /* unlikely, but comma is our sep. */
- }
-
- line = lblanks(utx->ut_line);
- host = lblanks(utx->ut_host);
- id = lblanks(utx->ut_id);
-
- if (with_display) {
- if (0 && line[0] != ':' && strcmp(line, "dtlocal")) {
- /* XXX useful? */
- continue;
- }
-
- if (line[0] == ':') {
- if (sscanf(line, ":%d", &d) != 1) {
- d = -1;
- }
- }
- if (d < 0 && host[0] == ':') {
- if (sscanf(host, ":%d", &d) != 1) {
- d = -1;
- }
- }
- if (d < 0 && id[0] == ':') {
- if (sscanf(id, ":%d", &d) != 1) {
- d = -1;
- }
- }
-
- if (d < 0 || d >= dpymax || sawdpy[d]) {
- continue;
- }
- sawdpy[d] = 1;
- sprintf(tmp, ":%d", d);
- } else {
- /* try to eliminate repeats */
- int repeat = 0;
- char *q;
-
- q = out;
- while ((q = strstr(q, user)) != NULL) {
- char *p = q + strlen(user) + strlen(":DPY");
- if (q == out || *(q-1) == ',') {
- /* bounded on left. */
- if (*p == ',' || *p == '\0') {
- /* bounded on right. */
- repeat = 1;
- break;
- }
- }
- q = p;
- }
- if (repeat) {
- continue;
- }
- sprintf(tmp, ":DPY");
- }
-
- if (*out) {
- strcat(out, ",");
- }
- strcat(out, user);
- strcat(out, tmp);
-
- cnt++;
- if (cnt >= max) {
- break;
- }
- }
- endutxent();
-#else
- out = strdup("");
-#endif
- return out;
-}
-
-static char **user_list(char *user_str) {
- int n, i;
- char *p, **list;
-
- p = user_str;
- n = 1;
- while (*p++) {
- if (*p == ',') {
- n++;
- }
- }
- list = (char **) calloc((n+1)*sizeof(char *), 1);
-
- p = strtok(user_str, ",");
- i = 0;
- while (p) {
- list[i++] = strdup(p);
- p = strtok(NULL, ",");
- }
- list[i] = NULL;
- return list;
-}
-
-static void user2uid(char *user, uid_t *uid, gid_t *gid, char **name, char **home) {
- int numerical = 1, gotgroup = 0;
- char *q;
-
- *uid = (uid_t) -1;
- *name = NULL;
- *home = NULL;
-
- q = user;
- while (*q) {
- if (! isdigit((unsigned char) (*q++))) {
- numerical = 0;
- break;
- }
- }
-
- if (user2group != NULL) {
- static int *did = NULL;
- int i;
-
- if (did == NULL) {
- int n = 0;
- i = 0;
- while (user2group[i] != NULL) {
- n++;
- i++;
- }
- did = (int *) malloc((n+1) * sizeof(int));
- i = 0;
- for (i=0; i<n; i++) {
- did[i] = 0;
- }
- }
- i = 0;
- while (user2group[i] != NULL) {
- if (strstr(user2group[i], user) == user2group[i]) {
- char *w = user2group[i] + strlen(user);
- if (*w == '.') {
-#if (SMALL_FOOTPRINT > 2)
- gotgroup = 0;
-#else
- struct group* gr = getgrnam(++w);
- if (! gr) {
- rfbLog("Invalid group: %s\n", w);
- clean_up_exit(1);
- }
- *gid = gr->gr_gid;
- if (! did[i]) {
- rfbLog("user2uid: using group %s (%d) for %s\n",
- w, (int) *gid, user);
- did[i] = 1;
- }
- gotgroup = 1;
-#endif
- }
- }
- i++;
- }
- }
-
- if (numerical) {
- int u = atoi(user);
-
- if (u < 0) {
- return;
- }
- *uid = (uid_t) u;
- }
-
-#if LIBVNCSERVER_HAVE_PWD_H
- if (1) {
- struct passwd *pw;
- if (numerical) {
- pw = getpwuid(*uid);
- } else {
- pw = getpwnam(user);
- }
- if (pw) {
- *uid = pw->pw_uid;
- if (! gotgroup) {
- *gid = pw->pw_gid;
- }
- *name = pw->pw_name; /* n.b. use immediately */
- *home = pw->pw_dir;
- }
- }
-#endif
-}
-
-
-static int lurk(char **users) {
- uid_t uid;
- gid_t gid;
- int success = 0, dmin = -1, dmax = -1;
- char *p, *logins, **u;
- char **list;
- int lind;
-
- if ((u = users) != NULL && *u != NULL && *(*u) == ':') {
- int len;
- char *tmp;
-
- /* extract min and max display numbers */
- tmp = *u;
- if (strchr(tmp, '-')) {
- if (sscanf(tmp, ":%d-%d", &dmin, &dmax) != 2) {
- dmin = -1;
- dmax = -1;
- }
- }
- if (dmin < 0) {
- if (sscanf(tmp, ":%d", &dmin) != 1) {
- dmin = -1;
- dmax = -1;
- } else {
- dmax = dmin;
- }
- }
- if ((dmin < 0 || dmax < 0) || dmin > dmax || dmax > 10000) {
- dmin = -1;
- dmax = -1;
- }
-
- /* get user logins regardless of having a display: */
- logins = get_login_list(0);
-
- /*
- * now we append the list in users (might as well try
- * them) this will probably allow weird ways of starting
- * xservers to work.
- */
- len = strlen(logins);
- u++;
- while (*u != NULL) {
- len += strlen(*u) + strlen(":DPY,");
- u++;
- }
- tmp = (char *) malloc(len+1);
- strcpy(tmp, logins);
-
- /* now concatenate them: */
- u = users+1;
- while (*u != NULL) {
- char *q, chk[100];
- snprintf(chk, 100, "%s:DPY", *u);
- q = strstr(tmp, chk);
- if (q) {
- char *p = q + strlen(chk);
-
- if (q == tmp || *(q-1) == ',') {
- /* bounded on left. */
- if (*p == ',' || *p == '\0') {
- /* bounded on right. */
- u++;
- continue;
- }
- }
- }
-
- if (*tmp) {
- strcat(tmp, ",");
- }
- strcat(tmp, *u);
- strcat(tmp, ":DPY");
- u++;
- }
- free(logins);
- logins = tmp;
-
- } else {
- logins = get_login_list(1);
- }
-
- list = (char **) calloc((strlen(logins)+2)*sizeof(char *), 1);
- lind = 0;
- p = strtok(logins, ",");
- while (p) {
- list[lind++] = strdup(p);
- p = strtok(NULL, ",");
- }
- free(logins);
-
- lind = 0;
- while (list[lind] != NULL) {
- char *user, *name, *home, dpystr[10];
- char *q, *t;
- int ok = 1, dn;
-
- p = list[lind++];
-
- t = strdup(p); /* bob:0 */
- q = strchr(t, ':');
- if (! q) {
- free(t);
- break;
- }
- *q = '\0';
- user = t;
- snprintf(dpystr, 10, ":%s", q+1);
-
- if (users) {
- u = users;
- ok = 0;
- while (*u != NULL) {
- if (*(*u) == ':') {
- u++;
- continue;
- }
- if (!strcmp(user, *u++)) {
- ok = 1;
- break;
- }
- }
- }
-
- user2uid(user, &uid, &gid, &name, &home);
- free(t);
-
- if (! uid || ! gid) {
- ok = 0;
- }
-
- if (! ok) {
- continue;
- }
-
- for (dn = dmin; dn <= dmax; dn++) {
- if (dn >= 0) {
- sprintf(dpystr, ":%d", dn);
- }
- if (try_user_and_display(uid, gid, dpystr)) {
- if (switch_user_env(uid, gid, name, home, 0)) {
- rfbLog("lurk: now user: %s @ %s\n",
- name, dpystr);
- started_as_root = 2;
- success = 1;
- }
- set_env("DISPLAY", dpystr);
- break;
- }
- }
- if (success) {
- break;
- }
- }
-
- lind = 0;
- while (list[lind] != NULL) {
- free(list[lind]);
- lind++;
- }
-
- return success;
-}
-
-void lurk_loop(char *str) {
- char *tstr = NULL, **users = NULL;
-
- if (strstr(str, "lurk=") != str) {
- exit(1);
- }
- rfbLog("lurking for logins using: '%s'\n", str);
- if (strlen(str) > strlen("lurk=")) {
- char *q = strchr(str, '=');
- tstr = strdup(q+1);
- users = user_list(tstr);
- }
-
- while (1) {
- if (lurk(users)) {
- break;
- }
- sleep(3);
- }
- if (tstr) {
- free(tstr);
- }
- if (users) {
- free(users);
- }
-}
-
-static int guess_user_and_switch(char *str, int fb_mode) {
- char *dstr, *d;
- char *p, *tstr = NULL, *allowed = NULL, *logins, **users = NULL;
- int dpy1, ret = 0;
- char **list;
- int lind;
-
- RAWFB_RET(0)
-
- d = DisplayString(dpy);
- /* pick out ":N" */
- dstr = strchr(d, ':');
- if (! dstr) {
- return 0;
- }
- if (sscanf(dstr, ":%d", &dpy1) != 1) {
- return 0;
- }
- if (dpy1 < 0) {
- return 0;
- }
-
- if (strstr(str, "guess=") == str && strlen(str) > strlen("guess=")) {
- allowed = strchr(str, '=');
- allowed++;
-
- tstr = strdup(allowed);
- users = user_list(tstr);
- }
-
- /* loop over the utmpx entries looking for this display */
- logins = get_login_list(1);
-
- list = (char **) calloc((strlen(logins)+2)*sizeof(char *), 1);
- lind = 0;
- p = strtok(logins, ",");
- while (p) {
- list[lind++] = strdup(p);
- p = strtok(NULL, ",");
- }
-
- lind = 0;
- while (list[lind] != NULL) {
- char *user, *q, *t;
- int dpy2, ok = 1;
-
- p = list[lind++];
-
- t = strdup(p);
- q = strchr(t, ':');
- if (! q) {
- free(t);
- break;
- }
- *q = '\0';
- user = t;
- dpy2 = atoi(q+1);
-
- if (users) {
- char **u = users;
- ok = 0;
- while (*u != NULL) {
- if (!strcmp(user, *u++)) {
- ok = 1;
- break;
- }
- }
- }
- if (dpy1 != dpy2) {
- ok = 0;
- }
-
- if (! ok) {
- free(t);
- continue;
- }
-
- if (switch_user(user, fb_mode)) {
- rfbLog("switched to guessed user: %s\n", user);
- free(t);
- ret = 1;
- break;
- }
- }
- if (tstr) {
- free(tstr);
- }
- if (users) {
- free(users);
- }
- if (logins) {
- free(logins);
- }
- return ret;
-}
-
-static int try_user_and_display(uid_t uid, gid_t gid, char *dpystr) {
- /* NO strtoks */
-#if LIBVNCSERVER_HAVE_FORK && LIBVNCSERVER_HAVE_SYS_WAIT_H && LIBVNCSERVER_HAVE_PWD_H
- pid_t pid, pidw;
- char *home, *name;
- int st;
- struct passwd *pw;
-
- pw = getpwuid(uid);
- if (pw) {
- name = pw->pw_name;
- home = pw->pw_dir;
- } else {
- return 0;
- }
-
- /*
- * We fork here and try to open the display again as the
- * new user. Unreadable XAUTHORITY could be a problem...
- * This is not really needed since we have DISPLAY open but:
- * 1) is a good indicator this user owns the session and 2)
- * some activities do spawn new X apps, e.g. xmessage(1), etc.
- */
- if ((pid = fork()) > 0) {
- ;
- } else if (pid == -1) {
- fprintf(stderr, "could not fork\n");
- rfbLogPerror("fork");
- return 0;
- } else {
- /* child */
- Display *dpy2 = NULL;
- int rc;
-
- signal(SIGHUP, SIG_DFL);
- signal(SIGINT, SIG_DFL);
- signal(SIGQUIT, SIG_DFL);
- signal(SIGTERM, SIG_DFL);
-
- rc = switch_user_env(uid, gid, name, home, 0);
- if (! rc) {
- exit(1);
- }
-
- fclose(stderr);
- dpy2 = XOpenDisplay_wr(dpystr);
- if (dpy2) {
- XCloseDisplay_wr(dpy2);
- exit(0); /* success */
- } else {
- exit(2); /* fail */
- }
- }
-
- /* see what the child says: */
- pidw = waitpid(pid, &st, 0);
- if (pidw == pid && WIFEXITED(st) && WEXITSTATUS(st) == 0) {
- return 1;
- }
-#endif /* LIBVNCSERVER_HAVE_FORK ... */
- return 0;
-}
-
-int switch_user(char *user, int fb_mode) {
- /* NO strtoks */
- int doit = 0;
- uid_t uid = 0;
- gid_t gid = 0;
- char *name, *home;
-
- if (*user == '+') {
- doit = 1;
- user++;
- }
-
- ssl_helper_pid(0, -2); /* waitall */
-
- if (strstr(user, "guess=") == user) {
- return guess_user_and_switch(user, fb_mode);
- }
-
- user2uid(user, &uid, &gid, &name, &home);
-
- if (uid == (uid_t) -1 || uid == 0) {
- return 0;
- }
- if (gid == 0) {
- return 0;
- }
-
- if (! doit && dpy) {
- /* see if this display works: */
- char *dstr = DisplayString(dpy);
- doit = try_user_and_display(uid, gid, dstr);
- }
-
- if (doit) {
- int rc = switch_user_env(uid, gid, name, home, fb_mode);
- if (rc) {
- started_as_root = 2;
- }
- return rc;
- } else {
- return 0;
- }
-}
-
-static int switch_user_env(uid_t uid, gid_t gid, char *name, char *home, int fb_mode) {
- /* NO strtoks */
- char *xauth;
- int reset_fb = 0;
- int grp_ok = 0;
-
-#if !LIBVNCSERVER_HAVE_SETUID
- return 0;
-#else
- /*
- * OK, tricky here, we need to free the shm... otherwise
- * we won't be able to delete it as the other user...
- */
- if (fb_mode == 1 && (using_shm && ! xform24to32)) {
- reset_fb = 1;
- clean_shm(0);
- free_tiles();
- }
-#if LIBVNCSERVER_HAVE_INITGROUPS
-#if LIBVNCSERVER_HAVE_PWD_H
- if (getpwuid(uid) != NULL && getenv("X11VNC_SINGLE_GROUP") == NULL) {
- struct passwd *p = getpwuid(uid);
- /* another possibility is p->pw_gid instead of gid */
- if (setgid(gid) == 0 && initgroups(p->pw_name, gid) == 0) {
- grp_ok = 1;
- } else {
- rfbLogPerror("initgroups");
- }
- endgrent();
- }
-#endif
-#endif
- if (! grp_ok) {
- if (setgid(gid) == 0) {
- grp_ok = 1;
- }
- }
- if (! grp_ok) {
- if (reset_fb) {
- /* 2 means we did clean_shm and free_tiles */
- do_new_fb(2);
- }
- return 0;
- }
-
- if (setuid(uid) != 0) {
- if (reset_fb) {
- /* 2 means we did clean_shm and free_tiles */
- do_new_fb(2);
- }
- return 0;
- }
-#endif
- if (reset_fb) {
- do_new_fb(2);
- }
-
- xauth = getenv("XAUTHORITY");
- if (xauth && access(xauth, R_OK) != 0) {
- *(xauth-2) = '_'; /* yow */
- }
-
- set_env("USER", name);
- set_env("LOGNAME", name);
- set_env("HOME", home);
- return 1;
-}
-
-static void try_to_switch_users(void) {
- static time_t last_try = 0;
- time_t now = time(NULL);
- char *users, *p;
-
- if (getuid() && geteuid()) {
- rfbLog("try_to_switch_users: not root\n");
- started_as_root = 2;
- return;
- }
- if (!last_try) {
- last_try = now;
- } else if (now <= last_try + 2) {
- /* try every 3 secs or so */
- return;
- }
- last_try = now;
-
- users = strdup(users_list);
-
- if (strstr(users, "guess=") == users) {
- if (switch_user(users, 1)) {
- started_as_root = 2;
- }
- free(users);
- return;
- }
-
- p = strtok(users, ",");
- while (p) {
- if (switch_user(p, 1)) {
- started_as_root = 2;
- rfbLog("try_to_switch_users: now %s\n", p);
- break;
- }
- p = strtok(NULL, ",");
- }
- free(users);
-}
-
-int read_passwds(char *passfile) {
- char line[1024];
- char *filename;
- char **old_passwd_list = passwd_list;
- int linecount = 0, i, remove = 0, read_mode = 0, begin_vo = -1;
- struct stat sbuf;
- static int max = -1;
- FILE *in = NULL;
- static time_t last_read = 0;
- static int read_cnt = 0;
- int db_passwd = 0;
-
- if (max < 0) {
- max = 1000;
- if (getenv("X11VNC_MAX_PASSWDS")) {
- max = atoi(getenv("X11VNC_MAX_PASSWDS"));
- }
- }
-
- filename = passfile;
- if (strstr(filename, "rm:") == filename) {
- filename += strlen("rm:");
- remove = 1;
- } else if (strstr(filename, "read:") == filename) {
- filename += strlen("read:");
- read_mode = 1;
- if (stat(filename, &sbuf) == 0) {
- if (sbuf.st_mtime <= last_read) {
- return 1;
- }
- last_read = sbuf.st_mtime;
- }
- } else if (strstr(filename, "cmd:") == filename) {
- int rc;
-
- filename += strlen("cmd:");
- read_mode = 1;
- in = tmpfile();
- if (in == NULL) {
- rfbLog("run_user_command tmpfile() failed: %s\n",
- filename);
- clean_up_exit(1);
- }
- rc = run_user_command(filename, latest_client, "read_passwds",
- NULL, 0, in);
- if (rc != 0) {
- rfbLog("run_user_command command failed: %s\n",
- filename);
- clean_up_exit(1);
- }
- rewind(in);
- } else if (strstr(filename, "custom:") == filename) {
- return 1;
- }
-
- if (in == NULL && stat(filename, &sbuf) == 0) {
- /* (poor...) upper bound to number of lines */
- max = (int) sbuf.st_size;
- last_read = sbuf.st_mtime;
- }
-
- /* create 1 more than max to have it be the ending NULL */
- passwd_list = (char **) malloc( (max+1) * (sizeof(char *)) );
- for (i=0; i<max+1; i++) {
- passwd_list[i] = NULL;
- }
-
- if (in == NULL) {
- in = fopen(filename, "r");
- }
- if (in == NULL) {
- rfbLog("cannot open passwdfile: %s\n", passfile);
- rfbLogPerror("fopen");
- if (remove) {
- unlink(filename);
- }
- clean_up_exit(1);
- }
-
- if (getenv("DEBUG_PASSWDFILE") != NULL) {
- db_passwd = 1;
- }
-
- while (fgets(line, 1024, in) != NULL) {
- char *p;
- int blank = 1;
- int len = strlen(line);
-
- if (db_passwd) {
- fprintf(stderr, "read_passwds: raw line: %s\n", line);
- }
-
- if (len == 0) {
- continue;
- } else if (line[len-1] == '\n') {
- line[len-1] = '\0';
- }
- if (line[0] == '\0') {
- continue;
- }
- if (strstr(line, "__SKIP__") != NULL) {
- continue;
- }
- if (strstr(line, "__COMM__") == line) {
- continue;
- }
- if (!strcmp(line, "__BEGIN_VIEWONLY__")) {
- if (begin_vo < 0) {
- begin_vo = linecount;
- }
- continue;
- }
- if (line[0] == '#') {
- /* commented out, cannot have password beginning with # */
- continue;
- }
- p = line;
- while (*p != '\0') {
- if (! isspace((unsigned char) (*p))) {
- blank = 0;
- break;
- }
- p++;
- }
- if (blank) {
- continue;
- }
-
- passwd_list[linecount++] = strdup(line);
- if (db_passwd) {
- fprintf(stderr, "read_passwds: keepline: %s\n", line);
- fprintf(stderr, "read_passwds: begin_vo: %d\n", begin_vo);
- }
-
- if (linecount >= max) {
- rfbLog("read_passwds: hit max passwd: %d\n", max);
- break;
- }
- }
- fclose(in);
-
- for (i=0; i<1024; i++) {
- line[i] = '\0';
- }
-
- if (remove) {
- unlink(filename);
- }
-
- if (! linecount) {
- rfbLog("cannot read a valid line from passwdfile: %s\n",
- passfile);
- if (read_cnt == 0) {
- clean_up_exit(1);
- } else {
- return 0;
- }
- }
- read_cnt++;
-
- for (i=0; i<linecount; i++) {
- char *q, *p = passwd_list[i];
- if (!strcmp(p, "__EMPTY__")) {
- *p = '\0';
- } else if ((q = strstr(p, "__COMM__")) != NULL) {
- *q = '\0';
- }
- passwd_list[i] = strdup(p);
- if (db_passwd) {
- fprintf(stderr, "read_passwds: trimline: %s\n", p);
- }
- strzero(p);
- }
-
- begin_viewonly = begin_vo;
- if (read_mode && read_cnt > 1) {
- if (viewonly_passwd) {
- free(viewonly_passwd);
- viewonly_passwd = NULL;
- }
- }
-
- if (begin_viewonly < 0 && linecount == 2) {
- /* for compatibility with previous 2-line usage: */
- viewonly_passwd = strdup(passwd_list[1]);
- if (db_passwd) {
- fprintf(stderr, "read_passwds: linecount is 2.\n");
- }
- if (screen) {
- char **apd = (char **) screen->authPasswdData;
- if (apd) {
- if (apd[0] != NULL) {
- strzero(apd[0]);
- }
- apd[0] = strdup(passwd_list[0]);
- }
- }
- begin_viewonly = 1;
- }
-
- if (old_passwd_list != NULL) {
- char *p;
- i = 0;
- while (old_passwd_list[i] != NULL) {
- p = old_passwd_list[i];
- strzero(p);
- free(old_passwd_list[i]);
- i++;
- }
- free(old_passwd_list);
- }
- return 1;
-}
-
-void install_passwds(void) {
- if (viewonly_passwd) {
- /* append the view only passwd after the normal passwd */
- char **passwds_new = (char **) malloc(3*sizeof(char *));
- char **passwds_old = (char **) screen->authPasswdData;
- passwds_new[0] = passwds_old[0];
- passwds_new[1] = viewonly_passwd;
- passwds_new[2] = NULL;
- /* mutex */
- screen->authPasswdData = (void*) passwds_new;
- } else if (passwd_list) {
- int i = 0;
- while(passwd_list[i] != NULL) {
- i++;
- }
- if (begin_viewonly < 0) {
- begin_viewonly = i+1;
- }
- /* mutex */
- screen->authPasswdData = (void*) passwd_list;
- screen->authPasswdFirstViewOnly = begin_viewonly;
- }
-}
-
-void check_new_passwds(int force) {
- static time_t last_check = 0;
- time_t now;
-
- if (! passwdfile) {
- return;
- }
- if (strstr(passwdfile, "read:") != passwdfile) {
- return;
- }
- if (unixpw_in_progress) return;
-
- if (force) {
- last_check = 0;
- }
-
- now = time(NULL);
- if (now > last_check + 1) {
- if (read_passwds(passwdfile)) {
- install_passwds();
- }
- last_check = now;
- }
-}
-
-rfbBool custom_passwd_check(rfbClientPtr cl, const char *response, int len) {
- char *input, *cmd;
- char num[16];
- int j, i, n, rc;
-
- rfbLog("custom_passwd_check: len=%d\n", len);
-
- if (!passwdfile || strstr(passwdfile, "custom:") != passwdfile) {
- return FALSE;
- }
- cmd = passwdfile + strlen("custom:");
-
- sprintf(num, "%d\n", len);
-
- input = (char *) malloc(2 * len + 16 + 1);
-
- input[0] = '\0';
- strcat(input, num);
- n = strlen(num);
-
- j = n;
- for (i=0; i < len; i++) {
- input[j] = cl->authChallenge[i];
- j++;
- }
- for (i=0; i < len; i++) {
- input[j] = response[i];
- j++;
- }
- rc = run_user_command(cmd, cl, "custom_passwd", input, n+2*len, NULL);
- free(input);
- if (rc == 0) {
- return TRUE;
- } else {
- return FALSE;
- }
-}
-
-static void handle_one_http_request(void) {
- rfbLog("handle_one_http_request: begin.\n");
- if (inetd || screen->httpPort == 0) {
- int port = find_free_port(5800, 5860);
- if (port) {
- /* mutex */
- screen->httpPort = port;
- } else {
- rfbLog("handle_one_http_request: no http port.\n");
- clean_up_exit(1);
- }
- }
- screen->autoPort = FALSE;
- screen->port = 0;
-
- http_connections(1);
-
- rfbInitServer(screen);
-
- if (!inetd) {
- /* XXX ipv6 */
- int conn = 0;
- while (1) {
- if (0) fprintf(stderr, "%d %d %d %d\n", conn, screen->listenSock, screen->httpSock, screen->httpListenSock);
- usleep(10 * 1000);
- rfbHttpCheckFds(screen);
- if (conn) {
- if (screen->httpSock < 0) {
- break;
- }
- } else {
- if (screen->httpSock >= 0) {
- conn = 1;
- }
- }
- if (!screen->httpDir) {
- break;
- }
- if (screen->httpListenSock < 0) {
- break;
- }
- }
- rfbLog("handle_one_http_request: finished.\n");
- return;
- } else {
- /* inetd case: */
-#if LIBVNCSERVER_HAVE_FORK
- pid_t pid;
- int s_in = screen->inetdSock;
- if (s_in < 0) {
- rfbLog("handle_one_http_request: inetdSock not set up.\n");
- clean_up_exit(1);
- }
- pid = fork();
- if (pid < 0) {
- rfbLog("handle_one_http_request: could not fork.\n");
- clean_up_exit(1);
- } else if (pid > 0) {
- int status;
- pid_t pidw;
- while (1) {
- rfbHttpCheckFds(screen);
- pidw = waitpid(pid, &status, WNOHANG);
- if (pidw == pid && WIFEXITED(status)) {
- break;
- } else if (pidw < 0) {
- break;
- }
- }
- rfbLog("handle_one_http_request: finished.\n");
- return;
- } else {
- int sock = connect_tcp("127.0.0.1", screen->httpPort);
- if (sock < 0) {
- exit(1);
- }
- raw_xfer(sock, s_in, s_in);
- exit(0);
- }
-#else
- rfbLog("handle_one_http_request: fork not supported.\n");
- clean_up_exit(1);
-#endif
- }
-}
-
-void user_supplied_opts(char *opts) {
- char *p, *str;
- char *allow[] = {
- "skip-display", "skip-auth", "skip-shared",
- "scale", "scale_cursor", "sc", "solid", "so", "id",
- "clear_mods", "cm", "clear_keys", "ck", "repeat",
- "clear_all", "ca",
- "speeds", "sp", "readtimeout", "rd",
- "rotate", "ro",
- "geometry", "geom", "ge",
- "noncache", "nc",
- "nodisplay", "nd",
- "viewonly", "vo",
- "tag",
- NULL
- };
-
- if (getenv("X11VNC_NO_UNIXPW_OPTS")) {
- return;
- }
-
- str = strdup(opts);
-
- p = strtok(str, ",");
- while (p) {
- char *q;
- int i, n, m, ok = 0;
-
- i = 0;
- while (allow[i] != NULL) {
- if (strstr(allow[i], "skip-")) {
- i++;
- continue;
- }
- if (strstr(p, allow[i]) == p) {
- ok = 1;
- break;
- }
- i++;
- }
-
- if (! ok && strpbrk(p, "0123456789") == p &&
- sscanf(p, "%d/%d", &n, &m) == 2) {
- if (scale_str) free(scale_str);
- scale_str = strdup(p);
- } else if (ok) {
- if (0 && strstr(p, "display=") == p) {
- if (use_dpy) free(use_dpy);
- use_dpy = strdup(p + strlen("display="));
- } else if (0 && strstr(p, "auth=") == p) {
- if (auth_file) free(auth_file);
- auth_file = strdup(p + strlen("auth="));
- } else if (0 && !strcmp(p, "shared")) {
- shared = 1;
- } else if (strstr(p, "scale=") == p) {
- if (scale_str) free(scale_str);
- scale_str = strdup(p + strlen("scale="));
- } else if (strstr(p, "scale_cursor=") == p ||
- strstr(p, "sc=") == p) {
- if (scale_cursor_str) free(scale_cursor_str);
- q = strchr(p, '=') + 1;
- scale_cursor_str = strdup(q);
- } else if (strstr(p, "rotate=") == p ||
- strstr(p, "ro=") == p) {
- if (rotating_str) free(rotating_str);
- q = strchr(p, '=') + 1;
- rotating_str = strdup(q);
- } else if (!strcmp(p, "solid") || !strcmp(p, "so")) {
- use_solid_bg = 1;
- if (!solid_str) {
- solid_str = strdup(solid_default);
- }
- } else if (!strcmp(p, "viewonly") || !strcmp(p, "vo")) {
- view_only = 1;
- } else if (strstr(p, "solid=") == p ||
- strstr(p, "so=") == p) {
- use_solid_bg = 1;
- if (solid_str) free(solid_str);
- q = strchr(p, '=') + 1;
- if (!strcmp(q, "R")) {
- solid_str = strdup("root:");
- } else {
- solid_str = strdup(q);
- }
- } else if (strstr(p, "id=") == p) {
- unsigned long win;
- q = p + strlen("id=");
- if (strcmp(q, "pick")) {
- if (scan_hexdec(q, &win)) {
- subwin = win;
- }
- }
- } else if (!strcmp(p, "clear_mods") ||
- !strcmp(p, "cm")) {
- clear_mods = 1;
- } else if (!strcmp(p, "clear_keys") ||
- !strcmp(p, "ck")) {
- clear_mods = 2;
- } else if (!strcmp(p, "clear_all") ||
- !strcmp(p, "ca")) {
- clear_mods = 3;
- } else if (!strcmp(p, "noncache") ||
- !strcmp(p, "nc")) {
- ncache = 0;
- ncache0 = 0;
- } else if (strstr(p, "nc=") == p) {
- int n2 = atoi(p + strlen("nc="));
- if (nabs(n2) < nabs(ncache)) {
- if (ncache < 0) {
- ncache = -nabs(n2);
- } else {
- ncache = nabs(n2);
- }
- }
- } else if (!strcmp(p, "repeat")) {
- no_autorepeat = 0;
- } else if (strstr(p, "speeds=") == p ||
- strstr(p, "sp=") == p) {
- if (speeds_str) free(speeds_str);
- q = strchr(p, '=') + 1;
- speeds_str = strdup(q);
- q = speeds_str;
- while (*q != '\0') {
- if (*q == '-') {
- *q = ',';
- }
- q++;
- }
- } else if (strstr(p, "readtimeout=") == p ||
- strstr(p, "rd=") == p) {
- q = strchr(p, '=') + 1;
- rfbMaxClientWait = atoi(q) * 1000;
- }
- } else {
- rfbLog("skipping option: %s\n", p);
- }
- p = strtok(NULL, ",");
- }
- free(str);
-}
-
-static void vnc_redirect_timeout (int sig) {
- write(2, "timeout: no clients connected.\n", 31);
- if (sig) {};
- exit(0);
-}
-
-static void do_chvt(int vt) {
- char chvt[100];
- sprintf(chvt, "chvt %d >/dev/null 2>/dev/null &", vt);
- rfbLog("running: %s\n", chvt);
- system(chvt);
- sleep(2);
-}
-
-static void setup_fake_fb(XImage* fb_image, int w, int h, int b) {
- if (fake_fb) {
- free(fake_fb);
- }
- fake_fb = (char *) calloc(w*h*b/8, 1);
-
- fb_image->data = fake_fb;
- fb_image->format = ZPixmap;
- fb_image->width = w;
- fb_image->height = h;
- fb_image->bits_per_pixel = b;
- fb_image->bytes_per_line = w*b/8;
- fb_image->bitmap_unit = -1;
- if (b >= 24) {
- fb_image->depth = 24;
- fb_image->red_mask = 0xff0000;
- fb_image->green_mask = 0x00ff00;
- fb_image->blue_mask = 0x0000ff;
- } else if (b >= 16) {
- fb_image->depth = 16;
- fb_image->red_mask = 0x003f;
- fb_image->green_mask = 0x07c0;
- fb_image->blue_mask = 0xf800;
- } else if (b >= 2) {
- fb_image->depth = 8;
- fb_image->red_mask = 0x07;
- fb_image->green_mask = 0x38;
- fb_image->blue_mask = 0xc0;
- } else {
- fb_image->depth = 1;
- fb_image->red_mask = 0x1;
- fb_image->green_mask = 0x1;
- fb_image->blue_mask = 0x1;
- }
-
- depth = fb_image->depth;
-
- dpy_x = wdpy_x = w;
- dpy_y = wdpy_y = h;
- off_x = 0;
- off_y = 0;
-}
-
-void do_announce_http(void);
-void do_mention_java_urls(void);
-
-static void setup_service(void) {
- if (remote_direct) {
- return;
- }
- if (!inetd) {
- do_mention_java_urls();
- do_announce_http();
- if (!use_openssl) {
- announce(screen->port, use_openssl, NULL);
- fprintf(stdout, "PORT=%d\n", screen->port);
- } else {
- fprintf(stdout, "PORT=%d\n", screen->port);
- if (stunnel_port) {
- fprintf(stdout, "SSLPORT=%d\n", stunnel_port);
- } else if (use_openssl) {
- fprintf(stdout, "SSLPORT=%d\n", screen->port);
- }
- }
- fflush(stdout);
- } else if (!use_openssl && avahi) {
- char *name = rfb_desktop_name;
- if (!name) {
- name = use_dpy;
- }
- avahi_initialise();
- avahi_advertise(name, this_host(), screen->port);
- }
-}
-
-static void check_waitbg(void) {
- if (getenv("WAITBG")) {
-#if LIBVNCSERVER_HAVE_FORK && LIBVNCSERVER_HAVE_SETSID
- int p, n;
- if ((p = fork()) > 0) {
- exit(0);
- } else if (p == -1) {
- rfbLogEnable(1);
- fprintf(stderr, "could not fork\n");
- perror("fork");
- clean_up_exit(1);
- }
- if (setsid() == -1) {
- rfbLogEnable(1);
- fprintf(stderr, "setsid failed\n");
- perror("setsid");
- clean_up_exit(1);
- }
- /* adjust our stdio */
- n = open("/dev/null", O_RDONLY);
- dup2(n, 0);
- dup2(n, 1);
- if (! logfile) {
- dup2(n, 2);
- }
- if (n > 2) {
- close(n);
- }
-#else
- clean_up_exit(1);
-#endif
- }
-}
-
-static void setup_client_connect(int *did_client_connect) {
- if (client_connect != NULL) {
- char *remainder = NULL;
- if (inetd) {
- rfbLog("wait_for_client: -connect disallowed in inetd mode: %s\n",
- client_connect);
- } else if (screen && screen->clientHead) {
- rfbLog("wait_for_client: -connect disallowed: client exists: %s\n",
- client_connect);
- } else if (strchr(client_connect, '=')) {
- rfbLog("wait_for_client: invalid -connect string: %s\n",
- client_connect);
- } else {
- char *q = strchr(client_connect, ',');
- if (q) {
- rfbLog("wait_for_client: only using first"
- " connect host in: %s\n", client_connect);
- remainder = strdup(q+1);
- *q = '\0';
- }
- rfbLog("wait_for_client: reverse_connect(%s)\n",
- client_connect);
- reverse_connect(client_connect);
- *did_client_connect = 1;
- }
- free(client_connect);
- if (remainder != NULL) {
- /* reset to host2,host3,... */
- client_connect = remainder;
- } else {
- client_connect = NULL;
- }
- }
-}
-
-static void loop_for_connect(int did_client_connect) {
- int loop = 0;
- time_t start = time(NULL);
-
- if (first_conn_timeout < 0) {
- first_conn_timeout = -first_conn_timeout;
- }
-
- while (1) {
- loop++;
- if (first_conn_timeout && time(NULL) > start + first_conn_timeout) {
- rfbLog("no client connect after %d seconds.\n", first_conn_timeout);
- shut_down = 1;
- }
- if (shut_down) {
- clean_up_exit(0);
- }
- if (loop < 2) {
- if (did_client_connect) {
- goto screen_check;
- }
- if (inetd) {
- goto screen_check;
- }
- if (screen && screen->clientHead) {
- goto screen_check;
- }
- }
- if ((use_openssl || use_stunnel) && !inetd) {
- int enc_none = (enc_str && !strcmp(enc_str, "none"));
- if (!use_stunnel || enc_none) {
- check_openssl();
- check_https();
- }
- /*
- * This is to handle an initial verify cert from viewer,
- * they disconnect right after fetching the cert.
- */
- if (use_threads) {
- usleep(10 * 1000);
- } else {
- rfbPE(-1);
- }
- if (screen && screen->clientHead) {
- int i;
- if (unixpw) {
- if (! unixpw_in_progress && !vencrypt_enable_plain_login) {
- rfbLog("unixpw but no unixpw_in_progress\n");
- clean_up_exit(1);
- }
- if (unixpw_client && unixpw_client->onHold) {
- rfbLog("taking unixpw_client off hold\n");
- unixpw_client->onHold = FALSE;
- }
- }
- for (i=0; i<10; i++) {
- if (shut_down) {
- clean_up_exit(0);
- }
- usleep(20 * 1000);
- if (0) rfbLog("wait_for_client: %d\n", i);
-
- if (! use_threads) {
- if (unixpw) {
- unixpw_in_rfbPE = 1;
- }
- rfbPE(-1);
- if (unixpw) {
- unixpw_in_rfbPE = 0;
- }
- }
-
- if (unixpw && !unixpw_in_progress) {
- /* XXX too soon. */
- goto screen_check;
- }
- if (!screen->clientHead) {
- break;
- }
- }
- }
- } else if (use_openssl) {
- check_openssl();
- }
-
- if (use_threads) {
- usleep(10 * 1000);
- } else {
- rfbPE(-1);
- }
-
- screen_check:
- if (! screen || ! screen->clientHead) {
- usleep(100 * 1000);
- continue;
- }
-
- rfbLog("wait_for_client: got client\n");
- break;
- }
-}
-
-static void do_unixpw_loop(void) {
- if (unixpw) {
- if (! unixpw_in_progress && !vencrypt_enable_plain_login) {
- rfbLog("unixpw but no unixpw_in_progress\n");
- clean_up_exit(1);
- }
- if (unixpw_client && unixpw_client->onHold) {
- rfbLog("taking unixpw_client off hold.\n");
- unixpw_client->onHold = FALSE;
- }
- while (1) {
- if (shut_down) {
- clean_up_exit(0);
- }
- if (! use_threads) {
- unixpw_in_rfbPE = 1;
- rfbPE(-1);
- unixpw_in_rfbPE = 0;
- }
- if (unixpw_in_progress) {
- static double lping = 0.0;
- if (lping < dnow() + 5) {
- mark_rect_as_modified(0, 0, 1, 1, 1);
- lping = dnow();
- }
- if (time(NULL) > unixpw_last_try_time + 45) {
- rfbLog("unixpw_deny: timed out waiting for reply.\n");
- unixpw_deny();
- }
- usleep(20 * 1000);
- continue;
- }
- rfbLog("wait_for_client: unixpw finished.\n");
- break;
- }
- }
-}
-
-static void vnc_redirect_loop(char *vnc_redirect_test, int *vnc_redirect_cnt) {
- if (unixpw) {
- rfbLog("wait_for_client: -unixpw and Xvnc.redirect not allowed\n");
- clean_up_exit(1);
- }
- if (client_connect) {
- rfbLog("wait_for_client: -connect and Xvnc.redirect not allowed\n");
- clean_up_exit(1);
- }
- if (inetd) {
- if (use_openssl) {
- accept_openssl(OPENSSL_INETD, -1);
- }
- } else {
- pid_t pid = 0;
- /* XXX ipv6 */
- if (screen->httpListenSock >= 0) {
-#if LIBVNCSERVER_HAVE_FORK
- if ((pid = fork()) > 0) {
- close(screen->httpListenSock);
- /* mutex */
- screen->httpListenSock = -2;
- usleep(500 * 1000);
- } else {
- close(screen->listenSock);
- screen->listenSock = -1;
- while (1) {
- usleep(10 * 1000);
- rfbHttpCheckFds(screen);
- }
- exit(1);
- }
-#else
- clean_up_exit(1);
-#endif
- }
- if (first_conn_timeout) {
- if (first_conn_timeout < 0) {
- first_conn_timeout = -first_conn_timeout;
- }
- signal(SIGALRM, vnc_redirect_timeout);
- alarm(first_conn_timeout);
- }
- if (use_openssl) {
- int i;
- if (pid == 0) {
- accept_openssl(OPENSSL_VNC, -1);
- } else {
- for (i=0; i < 16; i++) {
- accept_openssl(OPENSSL_VNC, -1);
- rfbLog("iter %d: vnc_redirect_sock: %d\n", i, vnc_redirect_sock);
- if (vnc_redirect_sock >= 0) {
- break;
- }
- }
- }
- } else {
- struct sockaddr_in addr;
-#ifdef __hpux
- int addrlen = sizeof(addr);
-#else
- socklen_t addrlen = sizeof(addr);
-#endif
- if (screen->listenSock < 0) {
- rfbLog("wait_for_client: Xvnc.redirect not listening... sock=%d port=%d\n", screen->listenSock, screen->port);
- clean_up_exit(1);
- }
- vnc_redirect_sock = accept(screen->listenSock, (struct sockaddr *)&addr, &addrlen);
- }
- if (first_conn_timeout) {
- alarm(0);
- }
- if (pid > 0) {
-#if LIBVNCSERVER_HAVE_FORK
- int rc;
- pid_t pidw;
- rfbLog("wait_for_client: kill TERM: %d\n", (int) pid);
- kill(pid, SIGTERM);
- usleep(1000 * 1000); /* 1.0 sec */
- pidw = waitpid(pid, &rc, WNOHANG);
- if (pidw <= 0) {
- usleep(1000 * 1000); /* 1.0 sec */
- pidw = waitpid(pid, &rc, WNOHANG);
- }
-#else
- clean_up_exit(1);
-#endif
- }
- }
- if (vnc_redirect_sock < 0) {
- rfbLog("wait_for_client: vnc_redirect failed.\n");
- clean_up_exit(1);
- }
- if (!inetd && use_openssl) {
- /* check for Fetch Cert closing */
- fd_set rfds;
- struct timeval tv;
- int nfds;
-
- usleep(300*1000);
-
- FD_ZERO(&rfds);
- FD_SET(vnc_redirect_sock, &rfds);
-
- tv.tv_sec = 0;
- tv.tv_usec = 200000;
- nfds = select(vnc_redirect_sock+1, &rfds, NULL, NULL, &tv);
-
- rfbLog("wait_for_client: vnc_redirect nfds: %d\n", nfds);
- if (nfds > 0) {
- int n;
- n = read(vnc_redirect_sock, vnc_redirect_test, 1);
- if (n <= 0) {
- close(vnc_redirect_sock);
- vnc_redirect_sock = -1;
- rfbLog("wait_for_client: waiting for 2nd connection (Fetch Cert?)\n");
- accept_openssl(OPENSSL_VNC, -1);
- if (vnc_redirect_sock < 0) {
- rfbLog("wait_for_client: vnc_redirect failed.\n");
- clean_up_exit(1);
- }
- } else {
- *vnc_redirect_cnt = n;
- }
- }
- }
-}
-
-static void do_vnc_redirect(int created_disp, char *vnc_redirect_host, int vnc_redirect_port,
- int vnc_redirect_cnt, char *vnc_redirect_test) {
- char *q = strrchr(use_dpy, ':');
- int vdpy = -1, sock = -1;
- int s_in, s_out, i;
- if (vnc_redirect == 2) {
- char num[32];
- sprintf(num, ":%d", vnc_redirect_port);
- q = num;
- }
- if (!q) {
- rfbLog("wait_for_client: can't find number in X display: %s\n", use_dpy);
- clean_up_exit(1);
- }
- if (sscanf(q+1, "%d", &vdpy) != 1) {
- rfbLog("wait_for_client: can't find number in X display: %s\n", q);
- clean_up_exit(1);
- }
- if (vdpy == -1 && vnc_redirect != 2) {
- rfbLog("wait_for_client: can't find number in X display: %s\n", q);
- clean_up_exit(1);
- }
- if (vnc_redirect == 2) {
- if (vdpy < 0) {
- vdpy = -vdpy;
- } else if (vdpy < 200) {
- vdpy += 5900;
- }
- } else {
- vdpy += 5900;
- }
- if (created_disp) {
- usleep(1000*1000);
- }
- for (i=0; i < 20; i++) {
- sock = connect_tcp(vnc_redirect_host, vdpy);
- if (sock >= 0) {
- break;
- }
- rfbLog("wait_for_client: ...\n");
- usleep(500*1000);
- }
- if (sock < 0) {
- rfbLog("wait_for_client: could not connect to a VNC Server at %s:%d\n", vnc_redirect_host, vdpy);
- clean_up_exit(1);
- }
- if (inetd) {
- s_in = fileno(stdin);
- s_out = fileno(stdout);
- } else {
- s_in = s_out = vnc_redirect_sock;
- }
- if (vnc_redirect_cnt > 0) {
- write(vnc_redirect_sock, vnc_redirect_test, vnc_redirect_cnt);
- }
- rfbLog("wait_for_client: switching control to VNC Server at %s:%d\n", vnc_redirect_host, vdpy);
- raw_xfer(sock, s_in, s_out);
-}
-
-extern char find_display[];
-extern char create_display[];
-
-char *setup_cmd(char *str, int *vnc_redirect, char **vnc_redirect_host, int *vnc_redirect_port, int db) {
- char *cmd = NULL;
-
- if (no_external_cmds || !cmd_ok("WAIT")) {
- rfbLog("wait_for_client external cmds not allowed:"
- " %s\n", use_dpy);
- clean_up_exit(1);
- }
-
- cmd = str + strlen("cmd=");
- if (!strcmp(cmd, "FINDDISPLAY-print")) {
- fprintf(stdout, "%s", find_display);
- clean_up_exit(0);
- }
- if (!strcmp(cmd, "FINDDISPLAY-run")) {
- char tmp[] = "/tmp/fd.XXXXXX";
- char com[100];
- int fd = mkstemp(tmp);
- if (fd >= 0) {
- int ret;
- write(fd, find_display, strlen(find_display));
- close(fd);
- set_env("FINDDISPLAY_run", "1");
- sprintf(com, "/bin/sh %s -n", tmp);
- ret = system(com);
- if (WIFEXITED(ret) && WEXITSTATUS(ret) != 0) {
- if (got_findauth && !getenv("FD_XDM")) {
- if (getuid() == 0 || geteuid() == 0) {
- set_env("FD_XDM", "1");
- system(com);
- }
- }
- }
- }
- unlink(tmp);
- exit(0);
- }
- if (!strcmp(str, "FINDCREATEDISPLAY-print")) {
- fprintf(stdout, "%s", create_display);
- clean_up_exit(0);
- }
- if (db) fprintf(stderr, "cmd: %s\n", cmd);
- if (strstr(str, "FINDCREATEDISPLAY") || strstr(str, "FINDDISPLAY")) {
- if (strstr(str, "Xvnc.redirect") || strstr(str, "X.redirect")) {
- *vnc_redirect = 1;
- }
- }
- if (strstr(cmd, "FINDDISPLAY-vnc_redirect") == cmd) {
- int p;
- char h[256];
- if (strlen(cmd) >= 256) {
- rfbLog("wait_for_client string too long: %s\n", str);
- clean_up_exit(1);
- }
- h[0] = '\0';
- if (sscanf(cmd, "FINDDISPLAY-vnc_redirect=%d", &p) == 1) {
- ;
- } else if (sscanf(cmd, "FINDDISPLAY-vnc_redirect=%s %d", h, &p) == 2) {
- ;
- } else {
- rfbLog("wait_for_client bad string: %s\n", cmd);
- clean_up_exit(1);
- }
- *vnc_redirect_port = p;
- if (strcmp(h, "")) {
- *vnc_redirect_host = strdup(h);
- }
- *vnc_redirect = 2;
- rfbLog("wait_for_client: vnc_redirect: %s:%d\n", *vnc_redirect_host, *vnc_redirect_port);
- }
- return cmd;
-}
-
-static char *build_create_cmd(char *cmd, int *saw_xdmcp, char *usslpeer, char *tmp) {
- char *create_cmd = NULL;
- char *opts = strchr(cmd, '-');
- char st[] = "";
- char fdgeom[128], fdsess[128], fdopts[128], fdextra[256], fdprog[128];
- char fdxsrv[128], fdxdum[128], fdcups[128], fdesd[128];
- char fdnas[128], fdsmb[128], fdtag[128], fdxdmcpif[128];
- char cdout[128];
-
- if (opts) {
- opts++;
- if (strstr(opts, "xdmcp")) {
- *saw_xdmcp = 1;
- }
- } else {
- opts = st;
- }
- sprintf(fdgeom, "NONE");
- fdsess[0] = '\0';
- fdgeom[0] = '\0';
- fdopts[0] = '\0';
- fdextra[0] = '\0';
- fdprog[0] = '\0';
- fdxsrv[0] = '\0';
- fdxdum[0] = '\0';
- fdcups[0] = '\0';
- fdesd[0] = '\0';
- fdnas[0] = '\0';
- fdsmb[0] = '\0';
- fdtag[0] = '\0';
- fdxdmcpif[0] = '\0';
- cdout[0] = '\0';
-
- if (unixpw && keep_unixpw_opts && !getenv("X11VNC_NO_UNIXPW_OPTS")) {
- char *q, *p, *t = strdup(keep_unixpw_opts);
-
- if (strstr(t, "gnome")) {
- sprintf(fdsess, "gnome");
- } else if (strstr(t, "kde")) {
- sprintf(fdsess, "kde");
- } else if (strstr(t, "lxde")) {
- sprintf(fdsess, "lxde");
- } else if (strstr(t, "twm")) {
- sprintf(fdsess, "twm");
- } else if (strstr(t, "fvwm")) {
- sprintf(fdsess, "fvwm");
- } else if (strstr(t, "mwm")) {
- sprintf(fdsess, "mwm");
- } else if (strstr(t, "cde")) {
- sprintf(fdsess, "cde");
- } else if (strstr(t, "dtwm")) {
- sprintf(fdsess, "dtwm");
- } else if (strstr(t, "xterm")) {
- sprintf(fdsess, "xterm");
- } else if (strstr(t, "wmaker")) {
- sprintf(fdsess, "wmaker");
- } else if (strstr(t, "xfce")) {
- sprintf(fdsess, "xfce");
- } else if (strstr(t, "enlightenment")) {
- sprintf(fdsess, "enlightenment");
- } else if (strstr(t, "Xsession")) {
- sprintf(fdsess, "Xsession");
- } else if (strstr(t, "failsafe")) {
- sprintf(fdsess, "failsafe");
- }
-
- q = strstr(t, "ge=");
- if (! q) q = strstr(t, "geom=");
- if (! q) q = strstr(t, "geometry=");
- if (q) {
- int ok = 1;
- q = strstr(q, "=");
- q++;
- p = strstr(q, ",");
- if (p) *p = '\0';
- p = q;
- while (*p) {
- if (*p == 'x') {
- ;
- } else if (isdigit((int) *p)) {
- ;
- } else {
- ok = 0;
- break;
- }
- p++;
- }
- if (ok && strlen(q) < 32) {
- sprintf(fdgeom, "%s", q);
- if (!quiet) {
- rfbLog("set create display geom: %s\n", fdgeom);
- }
- }
- }
- q = strstr(t, "cups=");
- if (q) {
- int p;
- if (sscanf(q, "cups=%d", &p) == 1) {
- sprintf(fdcups, "%d", p);
- }
- }
- q = strstr(t, "esd=");
- if (q) {
- int p;
- if (sscanf(q, "esd=%d", &p) == 1) {
- sprintf(fdesd, "%d", p);
- }
- }
- if (!getenv("FD_TAG")) {
- char *s = NULL;
-
- q = strstr(t, "tag=");
- if (q) s = strchr(q, ',');
- if (s) *s = '\0';
-
- if (q && strlen(q) < 120) {
- char *p;
- int ok = 1;
- q = strchr(q, '=') + 1;
- p = q;
- while (*p != '\0') {
- char c = *p;
- if (*p == '_' || *p == '-') {
- ;
- } else if (!isalnum((int) c)) {
- ok = 0;
- rfbLog("bad tag char: '%c' in '%s'\n", c, q);
- break;
- }
- p++;
- }
- if (ok) {
- sprintf(fdtag, "%s", q);
- }
- }
- if (s) *s = ',';
- }
- free(t);
- }
- if (fdgeom[0] == '\0' && getenv("FD_GEOM")) {
- snprintf(fdgeom, 120, "%s", getenv("FD_GEOM"));
- }
- if (fdsess[0] == '\0' && getenv("FD_SESS")) {
- snprintf(fdsess, 120, "%s", getenv("FD_SESS"));
- }
- if (fdopts[0] == '\0' && getenv("FD_OPTS")) {
- snprintf(fdopts, 120, "%s", getenv("FD_OPTS"));
- }
- if (fdextra[0] == '\0' && getenv("FD_EXTRA")) {
- if (!strchr(getenv("FD_EXTRA"), '\'')) {
- snprintf(fdextra, 250, "%s", getenv("FD_EXTRA"));
- }
- }
- if (fdprog[0] == '\0' && getenv("FD_PROG")) {
- snprintf(fdprog, 120, "%s", getenv("FD_PROG"));
- }
- if (fdxsrv[0] == '\0' && getenv("FD_XSRV")) {
- snprintf(fdxsrv, 120, "%s", getenv("FD_XSRV"));
- }
- if (fdcups[0] == '\0' && getenv("FD_CUPS")) {
- snprintf(fdcups, 120, "%s", getenv("FD_CUPS"));
- }
- if (fdesd[0] == '\0' && getenv("FD_ESD")) {
- snprintf(fdesd, 120, "%s", getenv("FD_ESD"));
- }
- if (fdnas[0] == '\0' && getenv("FD_NAS")) {
- snprintf(fdnas, 120, "%s", getenv("FD_NAS"));
- }
- if (fdsmb[0] == '\0' && getenv("FD_SMB")) {
- snprintf(fdsmb, 120, "%s", getenv("FD_SMB"));
- }
- if (fdtag[0] == '\0' && getenv("FD_TAG")) {
- snprintf(fdtag, 120, "%s", getenv("FD_TAG"));
- }
- if (fdxdmcpif[0] == '\0' && getenv("FD_XDMCP_IF")) {
- snprintf(fdxdmcpif, 120, "%s", getenv("FD_XDMCP_IF"));
- }
- if (fdxdum[0] == '\0' && getenv("FD_XDUMMY_RUN_AS_ROOT")) {
- snprintf(fdxdum, 120, "%s", getenv("FD_XDUMMY_RUN_AS_ROOT"));
- }
- if (getenv("CREATE_DISPLAY_OUTPUT")) {
- snprintf(cdout, 120, "CREATE_DISPLAY_OUTPUT='%s'", getenv("CREATE_DISPLAY_OUTPUT"));
- }
-
- if (strchr(fdgeom, '\'')) fdgeom[0] = '\0';
- if (strchr(fdopts, '\'')) fdopts[0] = '\0';
- if (strchr(fdextra, '\'')) fdextra[0] = '\0';
- if (strchr(fdprog, '\'')) fdprog[0] = '\0';
- if (strchr(fdxsrv, '\'')) fdxsrv[0] = '\0';
- if (strchr(fdcups, '\'')) fdcups[0] = '\0';
- if (strchr(fdesd, '\'')) fdesd[0] = '\0';
- if (strchr(fdnas, '\'')) fdnas[0] = '\0';
- if (strchr(fdsmb, '\'')) fdsmb[0] = '\0';
- if (strchr(fdtag, '\'')) fdtag[0] = '\0';
- if (strchr(fdxdmcpif, '\'')) fdxdmcpif[0] = '\0';
- if (strchr(fdxdum, '\'')) fdxdum[0] = '\0';
- if (strchr(fdsess, '\'')) fdsess[0] = '\0';
- if (strchr(cdout, '\'')) cdout[0] = '\0';
-
- set_env("FD_GEOM", fdgeom);
- set_env("FD_OPTS", fdopts);
- set_env("FD_EXTRA", fdextra);
- set_env("FD_PROG", fdprog);
- set_env("FD_XSRV", fdxsrv);
- set_env("FD_CUPS", fdcups);
- set_env("FD_ESD", fdesd);
- set_env("FD_NAS", fdnas);
- set_env("FD_SMB", fdsmb);
- set_env("FD_TAG", fdtag);
- set_env("FD_XDMCP_IF", fdxdmcpif);
- set_env("FD_XDUMMY_RUN_AS_ROOT", fdxdum);
- set_env("FD_SESS", fdsess);
-
- if (usslpeer || (unixpw && keep_unixpw_user)) {
- char *uu = usslpeer;
- if (!uu) {
- uu = keep_unixpw_user;
- }
- if (strchr(uu, '\'')) {
- uu = "";
- }
- create_cmd = (char *) malloc(strlen(tmp)+1
- + strlen("env USER='' ")
- + strlen("FD_GEOM='' ")
- + strlen("FD_OPTS='' ")
- + strlen("FD_EXTRA='' ")
- + strlen("FD_PROG='' ")
- + strlen("FD_XSRV='' ")
- + strlen("FD_CUPS='' ")
- + strlen("FD_ESD='' ")
- + strlen("FD_NAS='' ")
- + strlen("FD_SMB='' ")
- + strlen("FD_TAG='' ")
- + strlen("FD_XDMCP_IF='' ")
- + strlen("FD_XDUMMY_RUN_AS_ROOT='' ")
- + strlen("FD_SESS='' /bin/sh ")
- + strlen(uu) + 1
- + strlen(fdgeom) + 1
- + strlen(fdopts) + 1
- + strlen(fdextra) + 1
- + strlen(fdprog) + 1
- + strlen(fdxsrv) + 1
- + strlen(fdcups) + 1
- + strlen(fdesd) + 1
- + strlen(fdnas) + 1
- + strlen(fdsmb) + 1
- + strlen(fdtag) + 1
- + strlen(fdxdmcpif) + 1
- + strlen(fdxdum) + 1
- + strlen(fdsess) + 1
- + strlen(cdout) + 1
- + strlen(opts) + 1);
- sprintf(create_cmd, "env USER='%s' FD_GEOM='%s' FD_SESS='%s' "
- "FD_OPTS='%s' FD_EXTRA='%s' FD_PROG='%s' FD_XSRV='%s' FD_CUPS='%s' "
- "FD_ESD='%s' FD_NAS='%s' FD_SMB='%s' FD_TAG='%s' FD_XDMCP_IF='%s' "
- "FD_XDUMMY_RUN_AS_ROOT='%s' %s /bin/sh %s %s",
- uu, fdgeom, fdsess, fdopts, fdextra, fdprog, fdxsrv,
- fdcups, fdesd, fdnas, fdsmb, fdtag, fdxdmcpif, fdxdum, cdout, tmp, opts);
- } else {
- create_cmd = (char *) malloc(strlen(tmp)
- + strlen("/bin/sh ") + 1 + strlen(opts) + 1);
- sprintf(create_cmd, "/bin/sh %s %s", tmp, opts);
- }
- return create_cmd;
-}
-
-static char *certret_extract() {
- char *q, *p, *str = strdup(certret_str);
- char *upeer = NULL;
- int ok = 0;
-
- q = strstr(str, "Subject: ");
- if (! q) return NULL;
-
- p = strstr(q, "\n");
- if (p) *p = '\0';
-
- q = strstr(q, "CN=");
- if (! q) return NULL;
-
- if (! getenv("X11VNC_SSLPEER_CN")) {
- p = q;
- q = strstr(q, "/emailAddress=");
- if (! q) q = strstr(p, "/Email=");
- if (! q) return NULL;
- }
-
- q = strstr(q, "=");
- if (! q) return NULL;
-
- q++;
- p = strstr(q, " ");
- if (p) *p = '\0';
- p = strstr(q, "@");
- if (p) *p = '\0';
- p = strstr(q, "/");
- if (p) *p = '\0';
-
- upeer = strdup(q);
-
- if (strcmp(upeer, "")) {
- p = upeer;
- while (*p != '\0') {
- char c = *p;
- if (!isalnum((int) c)) {
- *p = '\0';
- break;
- }
- p++;
- }
- if (strcmp(upeer, "")) {
- ok = 1;
- }
- }
- if (! ok) {
- upeer = NULL;
- }
- return upeer;
-}
-
-static void check_nodisplay(char **nd, char **tag) {
- if (unixpw && !getenv("X11VNC_NO_UNIXPW_OPTS") && keep_unixpw_opts && keep_unixpw_opts[0] != '\0') {
- char *q, *t2, *t = keep_unixpw_opts;
- q = strstr(t, "nd=");
- if (! q) q = strstr(t, "nodisplay=");
- if (q) {
- q = strchr(q, '=') + 1;
- t = strdup(q);
- q = t;
- t2 = strchr(t, ',');
- if (t2) *t2 = '\0';
-
- while (*t != '\0') {
- if (*t == '+') {
- *t = ',';
- }
- t++;
- }
- if (!strchr(q, '\'') && !strpbrk(q, "[](){}`'\"$&*|<>")) {
- if (! quiet) rfbLog("set X11VNC_SKIP_DISPLAY: %s\n", q);
- *nd = q;
- }
- }
-
- q = strstr(keep_unixpw_opts, "tag=");
- if (getenv("FD_TAG")) {
- *tag = strdup(getenv("FD_TAG"));
- } else if (q) {
- q = strchr(q, '=') + 1;
- t = strdup(q);
- q = t;
- t2 = strchr(t, ',');
- if (t2) *t2 = '\0';
-
- if (strlen(q) < 120) {
- int ok = 1;
- while (*t != '\0') {
- char c = *t;
- if (*t == '_' || *t == '-') {
- ;
- } else if (!isalnum((int) c)) {
- ok = 0;
- rfbLog("bad tag char: '%c' in '%s'\n", c, q);
- break;
- }
- t++;
- }
- if (ok) {
- if (! quiet) rfbLog("set FD_TAG: %s\n", q);
- *tag = q;
- }
- }
- }
- }
- if (unixpw_system_greeter_active == 2) {
- if (!keep_unixpw_user) {
- clean_up_exit(1);
- }
- *nd = strdup("all");
- }
-}
-
-static char *get_usslpeer() {
- char *u = NULL, *upeer = NULL;
-
- if (certret_str) {
- upeer = certret_extract();
- }
- if (!upeer) {
- return NULL;
- }
- rfbLog("sslpeer unix username extracted from x509 cert: %s\n", upeer);
-
- u = (char *) malloc(strlen(upeer+2));
- u[0] = '\0';
- if (!strcmp(users_list, "sslpeer=")) {
- sprintf(u, "+%s", upeer);
- } else {
- char *p, *str = strdup(users_list);
- p = strtok(str + strlen("sslpeer="), ",");
- while (p) {
- if (!strcmp(p, upeer)) {
- sprintf(u, "+%s", upeer);
- break;
- }
- p = strtok(NULL, ",");
- }
- free(str);
- }
- if (u[0] == '\0') {
- rfbLog("sslpeer cannot determine user: %s\n", upeer);
- free(u);
- return NULL;
- }
- free(u);
- return upeer;
-}
-
-static void do_try_switch(char *usslpeer, char *users_list_save) {
- if (unixpw_system_greeter_active == 2) {
- rfbLog("unixpw_system_greeter: not trying switch to user '%s'\n", usslpeer ? usslpeer : "");
- return;
- }
- if (usslpeer) {
- char *u = (char *) malloc(strlen(usslpeer+2));
- sprintf(u, "+%s", usslpeer);
- if (switch_user(u, 0)) {
- rfbLog("sslpeer switched to user: %s\n", usslpeer);
- } else {
- rfbLog("sslpeer failed to switch to user: %s\n", usslpeer);
- }
- free(u);
-
- } else if (users_list_save && keep_unixpw_user) {
- char *user = keep_unixpw_user;
- char *u = (char *)malloc(strlen(user)+1);
-
- users_list = users_list_save;
-
- u[0] = '\0';
- if (!strcmp(users_list, "unixpw=")) {
- sprintf(u, "+%s", user);
- } else {
- char *p, *str = strdup(users_list);
- p = strtok(str + strlen("unixpw="), ",");
- while (p) {
- if (!strcmp(p, user)) {
- sprintf(u, "+%s", user);
- break;
- }
- p = strtok(NULL, ",");
- }
- free(str);
- }
-
- if (u[0] == '\0') {
- rfbLog("unixpw_accept skipping switch to user: %s (drc)\n", user);
- } else if (switch_user(u, 0)) {
- rfbLog("unixpw_accept switched to user: %s (drc)\n", user);
- } else {
- rfbLog("unixpw_accept failed to switch to user: %s (drc)\n", user);
- }
- free(u);
- }
-}
-
-static void path_lookup(char *prog) {
- /* see create_display script */
- char *create_display_extra = "/usr/X11R6/bin:/usr/bin/X11:/usr/openwin/bin:/usr/dt/bin:/opt/kde4/bin:/opt/kde3/bin:/opt/gnome/bin:/usr/bin:/bin:/usr/sfw/bin:/usr/local/bin";
- char *path, *try, *p;
- int found = 0, len = strlen(create_display_extra);
-
- if (getenv("PATH")) {
- len += strlen(getenv("PATH")) + 1;
- path = (char *) malloc((len+1) * sizeof(char));
- sprintf(path, "%s:%s", getenv("PATH"), create_display_extra);
- } else {
- path = (char *) malloc((len+1) * sizeof(char));
- sprintf(path, "%s", create_display_extra);
- }
- try = (char *) malloc((len+2+strlen(prog)) * sizeof(char));
-
- p = strtok(path, ":");
- while (p) {
- struct stat sbuf;
-
- sprintf(try, "%s/%s", p, prog);
- if (stat(try, &sbuf) == 0) {
- found = 1;
- break;
- }
- p = strtok(NULL, ":");
- }
-
- free(path);
- free(try);
-
- if (!found) {
- fprintf(stderr, "\n");
- fprintf(stderr, "The program \"%s\" could not be found in PATH and standard locations.\n", prog);
- fprintf(stderr, "You probably need to install a package that provides the \"%s\" program.\n", prog);
- fprintf(stderr, "Without it FINDCREATEDISPLAY mode may not be able to create an X display.\n");
- fprintf(stderr, "\n");
- }
-}
-
-static int do_run_cmd(char *cmd, char *create_cmd, char *users_list_save, int created_disp, int db) {
- char tmp[] = "/tmp/x11vnc-find_display.XXXXXX";
- char line1[1024], line2[16384];
- char *q, *usslpeer = NULL;
- int n, nodisp = 0, saw_xdmcp = 0;
- int tmp_fd = -1;
- int internal_cmd = 0;
- int tried_switch = 0;
-
- memset(line1, 0, sizeof(line1));
- memset(line2, 0, sizeof(line2));
-
- if (users_list && strstr(users_list, "sslpeer=") == users_list) {
- usslpeer = get_usslpeer();
- if (! usslpeer) {
- return 0;
- }
- }
- if (getenv("DEBUG_RUN_CMD")) db = 1;
-
- /* only sets environment variables: */
- run_user_command("", latest_client, "env", NULL, 0, NULL);
-
- if (program_name) {
- set_env("X11VNC_PROG", program_name);
- } else {
- set_env("X11VNC_PROG", "x11vnc");
- }
-
- if (!strcmp(cmd, "FINDDISPLAY") ||
- strstr(cmd, "FINDCREATEDISPLAY") == cmd) {
- char *nd = "";
- char *tag = "";
- char fdout[128];
-
- internal_cmd = 1;
-
- tmp_fd = mkstemp(tmp);
-
- if (tmp_fd < 0) {
- rfbLog("wait_for_client: open failed: %s\n", tmp);
- rfbLogPerror("mkstemp");
- clean_up_exit(1);
- }
- chmod(tmp, 0644);
- if (getenv("X11VNC_FINDDISPLAY_ALWAYS_FAILS")) {
- char *s = "#!/bin/sh\necho _FAIL_\nexit 1\n";
- write(tmp_fd, s, strlen(s));
- } else {
- write(tmp_fd, find_display, strlen(find_display));
- }
- close(tmp_fd);
- nodisp = 1;
-
- if (strstr(cmd, "FINDCREATEDISPLAY") == cmd) {
- create_cmd = build_create_cmd(cmd, &saw_xdmcp, usslpeer, tmp);
- if (db) fprintf(stderr, "create_cmd: %s\n", create_cmd);
- }
- if (getenv("X11VNC_SKIP_DISPLAY")) {
- nd = strdup(getenv("X11VNC_SKIP_DISPLAY"));
- }
- check_nodisplay(&nd, &tag);
-
- fdout[0] = '\0';
- if (getenv("FIND_DISPLAY_OUTPUT")) {
- snprintf(fdout, 120, " FIND_DISPLAY_OUTPUT='%s' ", getenv("FIND_DISPLAY_OUTPUT"));
- }
-
- cmd = (char *) malloc(strlen("env X11VNC_SKIP_DISPLAY='' ")
- + strlen(nd) + strlen(" FD_TAG='' ") + strlen(tag) + strlen(tmp) + strlen("/bin/sh ") + strlen(fdout) + 1);
-
- if (strcmp(tag, "")) {
- sprintf(cmd, "env X11VNC_SKIP_DISPLAY='%s' FD_TAG='%s' %s /bin/sh %s", nd, tag, fdout, tmp);
- } else {
- sprintf(cmd, "env X11VNC_SKIP_DISPLAY='%s' %s /bin/sh %s", nd, fdout, tmp);
- }
- }
-
- rfbLog("wait_for_client: running: %s\n", cmd);
-
- if (create_cmd != NULL) {
- if (strstr(create_cmd, "Xvfb")) {
- path_lookup("Xvfb");
- }
- if (strstr(create_cmd, "Xvnc")) {
- path_lookup("Xvnc");
- }
- if (strstr(create_cmd, "Xdummy")) {
- path_lookup("Xdummy");
- }
- }
-
- if (unixpw && !unixpw_nis) {
- int res = 0, k, j, i;
- char line[18000];
-
- memset(line, 0, sizeof(line));
-
- if (unixpw_system_greeter_active == 2) {
- rfbLog("unixpw_system_greeter: forcing find display failure.\n");
- res = 0;
- } else if (keep_unixpw_user && keep_unixpw_pass) {
- n = sizeof(line);
- if (unixpw_cmd != NULL) {
- res = unixpw_cmd_run(keep_unixpw_user,
- keep_unixpw_pass, cmd, line, &n);
- } else {
- res = su_verify(keep_unixpw_user,
- keep_unixpw_pass, cmd, line, &n, nodisp);
- }
- }
-
-if (db) {fprintf(stderr, "line: "); write(2, line, n); write(2, "\n", 1); fprintf(stderr, "res=%d n=%d\n", res, n);}
- if (! res) {
- rfbLog("wait_for_client: find display cmd failed.\n");
- }
-
- if (! res && create_cmd) {
- FILE *mt = fopen(tmp, "w");
- if (! mt) {
- rfbLog("wait_for_client: open failed: %s\n", tmp);
- rfbLogPerror("fopen");
- clean_up_exit(1);
- }
- fprintf(mt, "%s", create_display);
- fclose(mt);
-
- findcreatedisplay = 1;
-
- if (unixpw_cmd != NULL) {
- /* let the external unixpw command do it: */
- n = sizeof(line);
- close_exec_fds();
- res = unixpw_cmd_run(keep_unixpw_user,
- keep_unixpw_pass, create_cmd, line, &n);
- } else if (getuid() != 0 && unixpw_system_greeter_active != 2) {
- /* if not root, run as the other user... */
- n = sizeof(line);
- close_exec_fds();
- res = su_verify(keep_unixpw_user,
- keep_unixpw_pass, create_cmd, line, &n, nodisp);
-if (db) fprintf(stderr, "c-res=%d n=%d line: '%s'\n", res, n, line);
-
- } else {
- FILE *p;
- close_exec_fds();
- if (unixpw_system_greeter_active == 2) {
- rfbLog("unixpw_system_greeter: not trying su_verify() to run\n");
- rfbLog("unixpw_system_greeter: create display command.\n");
- }
- rfbLog("wait_for_client: running: %s\n", create_cmd);
- p = popen(create_cmd, "r");
- if (! p) {
- rfbLog("wait_for_client: popen failed: %s\n", create_cmd);
- res = 0;
- } else if (fgets(line1, 1024, p) == NULL) {
- rfbLog("wait_for_client: read failed: %s\n", create_cmd);
- res = 0;
- } else {
- n = fread(line2, 1, 16384, p);
- if (pclose(p) != 0) {
- res = 0;
- } else {
- strncpy(line, line1, 100);
- memcpy(line + strlen(line1), line2, n);
-if (db) fprintf(stderr, "line1: '%s'\n", line1);
- n += strlen(line1);
- created_disp = 1;
- res = 1;
- }
- }
- }
- if (res && saw_xdmcp && unixpw_system_greeter_active != 2) {
- xdmcp_insert = strdup(keep_unixpw_user);
- }
- }
-
- if (tmp_fd >= 0) {
- unlink(tmp);
- }
-
- if (! res) {
- rfbLog("wait_for_client: cmd failed: %s\n", cmd);
- unixpw_msg("No DISPLAY found.", 3);
- clean_up_exit(1);
- }
-
- /*
- * we need to hunt for DISPLAY= since there may be
- * a login banner or something at the beginning.
- */
- q = strstr(line, "DISPLAY=");
- if (! q) {
- q = line;
- }
- n -= (q - line);
-
- for (k = 0; k < 1024; k++) {
- line1[k] = q[k];
- if (q[k] == '\n') {
- k++;
- break;
- }
- }
- n -= k;
- i = 0;
- for (j = 0; j < 16384; j++) {
- if (j < 16384 - 1) {
- /* xauth data, assume pty added CR */
- if (q[k+j] == '\r' && q[k+j+1] == '\n') {
- continue;
- }
- }
-
- line2[i] = q[k+j];
- i++;
- }
-if (db) write(2, line, 100);
-if (db) fprintf(stderr, "\n");
-
- } else {
- FILE *p;
- int rc;
- close_exec_fds();
-
- if (usslpeer) {
- char *c;
- if (getuid() == 0) {
- c = (char *) malloc(strlen("su - '' -c \"")
- + strlen(usslpeer) + strlen(cmd) + 1 + 1);
- sprintf(c, "su - '%s' -c \"%s\"", usslpeer, cmd);
- } else {
- c = strdup(cmd);
- }
- p = popen(c, "r");
- free(c);
-
- } else if (unixpw_nis && keep_unixpw_user) {
- char *c;
- if (getuid() == 0) {
- c = (char *) malloc(strlen("su - '' -c \"")
- + strlen(keep_unixpw_user) + strlen(cmd) + 1 + 1);
- sprintf(c, "su - '%s' -c \"%s\"", keep_unixpw_user, cmd);
- } else {
- c = strdup(cmd);
- }
- p = popen(c, "r");
- free(c);
-
- } else {
- p = popen(cmd, "r");
- }
-
- if (! p) {
- rfbLog("wait_for_client: cmd failed: %s\n", cmd);
- rfbLogPerror("popen");
- if (tmp_fd >= 0) {
- unlink(tmp);
- }
- clean_up_exit(1);
- }
- if (fgets(line1, 1024, p) == NULL) {
- rfbLog("wait_for_client: read failed: %s\n", cmd);
- rfbLogPerror("fgets");
- if (tmp_fd >= 0) {
- unlink(tmp);
- }
- clean_up_exit(1);
- }
- n = fread(line2, 1, 16384, p);
- rc = pclose(p);
-
- if (rc != 0) {
- rfbLog("wait_for_client: find display cmd failed.\n");
- }
-
- if (create_cmd && rc != 0) {
- FILE *mt = fopen(tmp, "w");
- if (! mt) {
- rfbLog("wait_for_client: open failed: %s\n", tmp);
- rfbLogPerror("fopen");
- if (tmp_fd >= 0) {
- unlink(tmp);
- }
- clean_up_exit(1);
- }
- fprintf(mt, "%s", create_display);
- fclose(mt);
-
- findcreatedisplay = 1;
-
- rfbLog("wait_for_client: FINDCREATEDISPLAY cmd: %s\n", create_cmd);
-
- p = popen(create_cmd, "r");
- if (! p) {
- rfbLog("wait_for_client: cmd failed: %s\n", create_cmd);
- rfbLogPerror("popen");
- if (tmp_fd >= 0) {
- unlink(tmp);
- }
- clean_up_exit(1);
- }
- if (fgets(line1, 1024, p) == NULL) {
- rfbLog("wait_for_client: read failed: %s\n", create_cmd);
- rfbLogPerror("fgets");
- if (tmp_fd >= 0) {
- unlink(tmp);
- }
- clean_up_exit(1);
- }
- n = fread(line2, 1, 16384, p);
- pclose(p);
- }
- if (tmp_fd >= 0) {
- unlink(tmp);
- }
- }
-
-if (db) fprintf(stderr, "line1=%s\n", line1);
-
- if (strstr(line1, "DISPLAY=") != line1) {
- rfbLog("wait_for_client: bad reply '%s'\n", line1);
- if (unixpw) {
- unixpw_msg("No DISPLAY found.", 3);
- }
- clean_up_exit(1);
- }
-
-
- if (strstr(line1, ",VT=")) {
- int vt;
- char *t = strstr(line1, ",VT=");
- vt = atoi(t + strlen(",VT="));
- *t = '\0';
- if (7 <= vt && vt <= 15) {
- do_chvt(vt);
- }
- } else if (strstr(line1, ",XPID=")) {
- int i, pvt, vt = -1;
- char *t = strstr(line1, ",XPID=");
- pvt = atoi(t + strlen(",XPID="));
- *t = '\0';
- if (pvt > 0) {
- for (i=3; i <= 10; i++) {
- int k;
- char proc[100];
- char buf[100];
- sprintf(proc, "/proc/%d/fd/%d", pvt, i);
-if (db) fprintf(stderr, "%d -- %s\n", i, proc);
- for (k=0; k < 100; k++) {
- buf[k] = '\0';
- }
-
- if (readlink(proc, buf, 100) != -1) {
- buf[100-1] = '\0';
-if (db) fprintf(stderr, "%d -- %s -- %s\n", i, proc, buf);
- if (strstr(buf, "/dev/tty") == buf) {
- vt = atoi(buf + strlen("/dev/tty"));
- if (vt > 0) {
- break;
- }
- }
- }
- }
- }
- if (7 <= vt && vt <= 12) {
- do_chvt(vt);
- }
- }
-
- use_dpy = strdup(line1 + strlen("DISPLAY="));
- q = use_dpy;
- while (*q != '\0') {
- if (*q == '\n' || *q == '\r') *q = '\0';
- q++;
- }
- if (line2[0] != '\0') {
- if (strstr(line2, "XAUTHORITY=") == line2) {
- q = line2;
- while (*q != '\0') {
- if (*q == '\n' || *q == '\r') *q = '\0';
- q++;
- }
- if (auth_file) {
- free(auth_file);
- }
- auth_file = strdup(line2 + strlen("XAUTHORITY="));
-
- } else {
- xauth_raw_data = (char *)malloc(n);
- xauth_raw_len = n;
- memcpy(xauth_raw_data, line2, n);
-if (db) {fprintf(stderr, "xauth_raw_len: %d\n", n);
-write(2, xauth_raw_data, n);
-fprintf(stderr, "\n");}
- }
- }
-
- if (!tried_switch) {
- do_try_switch(usslpeer, users_list_save);
- tried_switch = 1;
- }
-
- if (unixpw) {
- /* Some cleanup and messaging for -unixpw case: */
- char str[32];
-
- if (keep_unixpw_user && keep_unixpw_pass) {
- strzero(keep_unixpw_user);
- strzero(keep_unixpw_pass);
- keep_unixpw = 0;
- }
-
- if (created_disp) {
- snprintf(str, 30, "Created DISPLAY %s", use_dpy);
- } else {
- snprintf(str, 30, "Using DISPLAY %s", use_dpy);
- }
- unixpw_msg(str, 2);
- }
- return 1;
-}
-
-void ssh_remote_tunnel(char *, int);
-
-static XImage ximage_struct;
-
-void progress_client(void) {
- int i, j = 0, progressed = 0, db = 0;
- double start = dnow();
- if (getenv("PROGRESS_CLIENT_DBG")) {
- rfbLog("progress_client: begin\n");
- db = 1;
- }
- for (i = 0; i < 15; i++) {
- if (latest_client) {
- for (j = 0; j < 10; j++) {
- if (latest_client->state != RFB_PROTOCOL_VERSION) {
- progressed = 1;
- break;
- }
- if (db) rfbLog("progress_client: calling-1 rfbCFD(1) %.6f\n", dnow()-start);
- rfbCFD(1);
- }
- }
- if (progressed) {
- break;
- }
- if (db) rfbLog("progress_client: calling-2 rfbCFD(1) %.6f\n", dnow()-start);
- rfbCFD(1);
- }
- if (!quiet) {
- rfbLog("client progressed=%d in %d/%d %.6f s\n",
- progressed, i, j, dnow() - start);
- }
-}
-
-int wait_for_client(int *argc, char** argv, int http) {
- /* ugh, here we go... */
- XImage* fb_image;
- int w = 640, h = 480, b = 32;
- int w0 = -1, h0 = -1, i, chg_raw_fb = 0;
- char *str, *q, *cmd = NULL;
- int db = 0, dt = 0;
- char *create_cmd = NULL;
- char *users_list_save = NULL;
- int created_disp = 0, ncache_save;
- int did_client_connect = 0;
- char *vnc_redirect_host = "localhost";
- int vnc_redirect_port = -1, vnc_redirect_cnt = 0;
- char vnc_redirect_test[10];
-
- if (getenv("WAIT_FOR_CLIENT_DB")) {
- db = 1;
- }
-
- vnc_redirect = 0;
-
- if (! use_dpy || strstr(use_dpy, "WAIT:") != use_dpy) {
- return 0;
- }
-
- for (i=0; i < *argc; i++) {
- if (!strcmp(argv[i], "-desktop")) {
- dt = 1;
- }
- if (db) fprintf(stderr, "args %d %s\n", i, argv[i]);
- }
- if (!quiet && !strstr(use_dpy, "FINDDISPLAY-run")) {
- rfbLog("\n");
- rfbLog("wait_for_client: %s\n", use_dpy);
- rfbLog("\n");
- }
-
- str = strdup(use_dpy);
- str += strlen("WAIT");
-
- xdmcp_insert = NULL;
-
- /* get any leading geometry: */
- q = strchr(str+1, ':');
- if (q) {
- *q = '\0';
- if (sscanf(str+1, "%dx%d", &w0, &h0) == 2) {
- w = w0;
- h = h0;
- rfbLog("wait_for_client set: w=%d h=%d\n", w, h);
- } else {
- w0 = -1;
- h0 = -1;
- }
- *q = ':';
- str = q;
- }
- if ((w0 == -1 || h0 == -1) && pad_geometry != NULL) {
- int b0, del = 0;
- char *s = pad_geometry;
- if (strstr(s, "once:") == s) {
- del = 1;
- s += strlen("once:");
- }
- if (sscanf(s, "%dx%dx%d", &w0, &h0, &b0) == 3) {
- w = nabs(w0);
- h = nabs(h0);
- b = nabs(b0);
- } else if (sscanf(s, "%dx%d", &w0, &h0) == 2) {
- w = nabs(w0);
- h = nabs(h0);
- }
- if (del) {
- pad_geometry = NULL;
- }
- }
-
- /* str currently begins with a ':' */
- if (strstr(str, ":cmd=") == str) {
- /* cmd=/path/to/mycommand */
- str++;
- } else if (strpbrk(str, "0123456789") == str+1) {
- /* :0.0 */
- ;
- } else {
- /* hostname:0.0 */
- str++;
- }
-
- if (db) fprintf(stderr, "str: %s\n", str);
-
- if (strstr(str, "cmd=") == str) {
- cmd = setup_cmd(str, &vnc_redirect, &vnc_redirect_host, &vnc_redirect_port, db);
- }
-
- fb_image = &ximage_struct;
- setup_fake_fb(fb_image, w, h, b);
-
- if (! dt) {
- char *s;
- argv[*argc] = strdup("-desktop");
- *argc = (*argc) + 1;
-
- if (cmd) {
- char *q;
- s = choose_title(":0");
- q = strstr(s, ":0");
- if (q) {
- *q = '\0';
- }
- } else {
- s = choose_title(str);
- }
- rfb_desktop_name = strdup(s);
- argv[*argc] = s;
- *argc = (*argc) + 1;
- }
-
- ncache_save = ncache;
- ncache = 0;
-
- initialize_allowed_input();
-
- if (! multiple_cursors_mode) {
- multiple_cursors_mode = strdup("default");
- }
- initialize_cursors_mode();
-
- initialize_screen(argc, argv, fb_image);
-
- if (! inetd && ! use_openssl) {
- if (! screen->port || screen->listenSock < 0) {
- if (got_rfbport && got_rfbport_val == 0) {
- ;
- } else if (ipv6_listen && ipv6_listen_fd >= 0) {
- rfbLog("Info: listening on IPv6 interface only. (wait for client)\n");
- } else {
- rfbLogEnable(1);
- rfbLog("Error: could not obtain listening port. (wait for client)\n");
- if (!got_rfbport && !got_ipv6_listen) {
- rfbLog("If this system is IPv6-only, use the -6 option.\n");
- }
- clean_up_exit(1);
- }
- }
- }
-
- initialize_signals();
-
- if (ssh_str != NULL) {
- ssh_remote_tunnel(ssh_str, screen->port);
- }
-
- if (! raw_fb) {
- chg_raw_fb = 1;
- /* kludge to get RAWFB_RET with dpy == NULL guards */
- raw_fb = (char *) 0x1;
- }
-
- if (cmd && !strcmp(cmd, "HTTPONCE")) {
- handle_one_http_request();
- clean_up_exit(0);
- }
-
- if (http && check_httpdir()) {
- http_connections(1);
- }
-
- if (cmd && unixpw) {
- keep_unixpw = 1;
- }
-
- setup_service();
-
- check_waitbg();
-
- if (vnc_redirect) {
- vnc_redirect_loop(vnc_redirect_test, &vnc_redirect_cnt);
- } else {
-
- if (use_threads && !started_rfbRunEventLoop) {
- started_rfbRunEventLoop = 1;
- rfbRunEventLoop(screen, -1, TRUE);
- }
-
- if (inetd && use_openssl) {
- accept_openssl(OPENSSL_INETD, -1);
- }
-
- setup_client_connect(&did_client_connect);
-
- loop_for_connect(did_client_connect);
-
- if (unixpw) {
- if (cmd && strstr(cmd, "FINDCREATEDISPLAY") == cmd) {
- if (users_list && strstr(users_list, "unixpw=") == users_list) {
- users_list_save = users_list;
- users_list = NULL;
- }
- }
- do_unixpw_loop();
- } else if (cmd && !use_threads) {
- /* try to get RFB proto done now. */
- progress_client();
- }
- }
-
- if (vnc_redirect == 2) {
- ;
- } else if (cmd) {
- if (!do_run_cmd(cmd, create_cmd, users_list_save, created_disp, db)) {
- return 0;
- }
- } else {
- use_dpy = strdup(str);
- }
- if (chg_raw_fb) {
- raw_fb = NULL;
- }
-
- ncache = ncache_save;
-
- if (unixpw && keep_unixpw_opts && keep_unixpw_opts[0] != '\0') {
- user_supplied_opts(keep_unixpw_opts);
- }
- if (create_cmd) {
- free(create_cmd);
- }
-
- if (vnc_redirect) {
- do_vnc_redirect(created_disp, vnc_redirect_host, vnc_redirect_port,
- vnc_redirect_cnt, vnc_redirect_test);
- clean_up_exit(0);
- }
-
- return 1;
-}
-