diff options
42 files changed, 8764 insertions, 1035 deletions
diff --git a/classes/ssl/ssl_vncviewer b/classes/ssl/ssl_vncviewer index 1052cf2..1d7d1a7 100755 --- a/classes/ssl/ssl_vncviewer +++ b/classes/ssl/ssl_vncviewer @@ -256,19 +256,25 @@ if [ "X$use_ssh" = "X1" ]; then else info="$ssh_cmd" fi + + C="" + if [ "X$SSL_VNCVIEWER_USE_C" != "X" ]; then + C="-C" + fi + # the -t option actually speeds up typing response via VNC!! if [ "X$SSL_VNCVIEWER_SSH_ONLY" != "X" ]; then - echo "$ssh -p $ssh_port -t -C $ssh_args $ssh_host \"$info\"" + echo "$ssh -p $ssh_port -t $C $ssh_args $ssh_host \"$info\"" echo "" - $ssh -p $ssh_port -t -C $ssh_args $ssh_host "$ssh_cmd" + $ssh -p $ssh_port -t $C $ssh_args $ssh_host "$ssh_cmd" exit $? elif [ "X$SSL_VNCVIEWER_NO_F" != "X" ]; then - echo "$ssh -p $ssh_port -C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host \"$info\"" + echo "$ssh -p $ssh_port -t $C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host \"$info\"" echo "" - $ssh -p $ssh_port -C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host "$ssh_cmd" + $ssh -p $ssh_port -t $C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host "$ssh_cmd" else - echo "$ssh -f -p $ssh_port -C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host \"$info\"" + echo "$ssh -f -p $ssh_port -t $C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host \"$info\"" echo "" - $ssh -f -p $ssh_port -C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host "$ssh_cmd" + $ssh -f -p $ssh_port -t $C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host "$ssh_cmd" fi if [ "$?" != "0" ]; then echo "" @@ -283,6 +289,8 @@ if [ "X$use_ssh" = "X1" ]; then sleep 5 fi echo "" + #reset + stty sane if [ "X$use_sshssl" = "X" ]; then echo "Running viewer:" echo $VNCVIEWERCMD "$@" localhost:$N diff --git a/x11vnc/ChangeLog b/x11vnc/ChangeLog index a85a2a3..690ba0b 100644 --- a/x11vnc/ChangeLog +++ b/x11vnc/ChangeLog @@ -1,3 +1,9 @@ +2006-09-13 Karl Runge <runge@karlrunge.com> + * x11vnc: document 'ssh -t' improved keyboard response. add + extra rfbPE() around keystrokes. + misc/enhanced_tightvnc_viewer: incorporate scripts, documentation, + etc. for the enhanced tightvnc viewer package. + 2006-09-10 Karl Runge <runge@karlrunge.com> * x11vnc: minor changes: REQ_ARGS for -sslGenCert, EV_SYN SYN_REPORT check restore cursor most under -display WAIT. diff --git a/x11vnc/README b/x11vnc/README index 7b44a05..2fa8ddb 100644 --- a/x11vnc/README +++ b/x11vnc/README @@ -1,5 +1,5 @@ -x11vnc README file Date: Sun Sep 10 16:46:16 EDT 2006 +x11vnc README file Date: Wed Sep 13 21:30:41 EDT 2006 The following information is taken from these URLs: @@ -197,8 +197,8 @@ x11vnc: a VNC server for real X displays remote machines (certainly when going over the internet) it is best to use ssh, or use a VPN. For x11vnc one can tunnel the VNC protocol through the encrypted ssh channel. It would look something like this: - sitting-here> ssh -L 5900:localhost:5900 far-away.east 'x11vnc -localhost -di -splay :0' + sitting-here> ssh -t -L 5900:localhost:5900 far-away.east 'x11vnc -localhost +-display :0' (you will likely have to provide passwords/passphrases for the ssh login) and then in another terminal window on sitting-here run the @@ -223,6 +223,9 @@ splay :0' far-away.east or having it started by [37]inetd(8)). See the 3rd script example [38]below for more info. + Note the -t we used above (force allocate pseudoterminal), it actually + seems to improve interactive typing response via VNC! + If the machine you SSH into is not the same machine with the X display you wish to view (e.g. your company provides incoming SSH access to a gateway machine), then you need to change the above to, e.g.: "-L @@ -262,7 +265,7 @@ if [ "x$disp" = "x" ]; then disp=0; fi cmd="x11vnc -display :$disp -localhost -rfbauth .vnc/passwd" enc="copyrect tight zrle hextile zlib corre rre raw" -ssh -f -L 5900:localhost:5900 $host "$cmd" +ssh -f -t -L 5900:localhost:5900 $host "$cmd" for i in 1 2 3 do @@ -291,7 +294,7 @@ enc="copyrect tight zrle hextile zlib corre rre raw" vncviewer -encodings "$enc" -listen & pid=$! -ssh -R 5500:localhost:5500 $host "$cmd" +ssh -t -R 5500:localhost:5500 $host "$cmd" kill $pid Note the use of the ssh option "-R" instead of "-L" to set up a remote @@ -311,8 +314,8 @@ host=`echo $1 | awk -F: '{print $1}'` disp=`echo $1 | awk -F: '{print $2}'` if [ "x$disp" = "x" ]; then disp=0; fi -VNC_VIA_CMD="ssh -f -L %L:%H:%R %G x11vnc -localhost -rfbport 5900 -display :$d -isp; sleep 5" +VNC_VIA_CMD="ssh -f -t -L %L:%H:%R %G x11vnc -localhost -rfbport 5900 -display +:$disp; sleep 5" export VNC_VIA_CMD vncviewer -via $host localhost:0 # must be TightVNC vncviewer. @@ -1028,182 +1031,185 @@ make [168]Q-40: Can I have x11vnc automatically lock the screen when I disconnect the VNC viewer? + [169]Q-41: Help! x11vnc and my KDE screensaver keep switching each + other on and off every few seconds. + [Encrypted Connections] - [169]Q-41: How can I tunnel my connection to x11vnc via an encrypted + [170]Q-42: How can I tunnel my connection to x11vnc via an encrypted SSH channel between two Unix machines? - [170]Q-42: How can I tunnel my connection to x11vnc via an encrypted + [171]Q-43: How can I tunnel my connection to x11vnc via an encrypted SSH channel from Windows using an SSH client like Putty? - [171]Q-43: How can I tunnel my connection to x11vnc via an encrypted + [172]Q-44: How can I tunnel my connection to x11vnc via an encrypted SSL channel using an external tool like stunnel? - [172]Q-44: Does x11vnc have built-in SSL tunneling? + [173]Q-45: Does x11vnc have built-in SSL tunneling? - [173]Q-45: How do I use VNC Viewers with built-in SSL tunneling? + [174]Q-46: How do I use VNC Viewers with built-in SSL tunneling? - [174]Q-46: How do I use VNC Viewers with built-in SSL tunneling when + [175]Q-47: How do I use VNC Viewers with built-in SSL tunneling when going through a Web Proxy? - [175]Q-47: Can Apache web server act as a gateway for users to connect + [176]Q-48: Can Apache web server act as a gateway for users to connect via SSL from the Internet with a Web browser to x11vnc running on their workstations behind a firewall? - [176]Q-48: Can I create and use my own SSL Certificate Authority (CA) + [177]Q-49: Can I create and use my own SSL Certificate Authority (CA) with x11vnc? [Display Managers and Services] - [177]Q-49: How can I run x11vnc as a "service" that is always + [178]Q-50: How can I run x11vnc as a "service" that is always available? - [178]Q-50: How can I use x11vnc to connect to an X login screen like + [179]Q-51: How can I use x11vnc to connect to an X login screen like xdm, GNOME gdm, KDE kdm, or CDE dtlogin? (i.e. nobody is logged into an X session yet). - [179]Q-51: Can I run x11vnc out of inetd(8)? How about xinetd(8)? + [180]Q-52: Can I run x11vnc out of inetd(8)? How about xinetd(8)? - [180]Q-52: Can I have x11vnc allow a user to log in with her UNIX + [181]Q-53: Can I have x11vnc allow a user to log in with her UNIX password and then have it find her X display on that machine and connect to it? - [181]Q-53: Can I have x11vnc restart itself after it terminates? + [182]Q-54: Can I have x11vnc restart itself after it terminates? - [182]Q-54: How do I make x11vnc work with the Java VNC viewer applet + [183]Q-55: How do I make x11vnc work with the Java VNC viewer applet in a web browser? - [183]Q-55: Are reverse connections (i.e. the VNC server connecting to + [184]Q-56: Are reverse connections (i.e. the VNC server connecting to the VNC viewer) using "vncviewer -listen" and vncconnect(1) supported? - [184]Q-56: Can I use x11vnc as a replacement for Xvnc? (i.e. not for a + [185]Q-57: Can I use x11vnc as a replacement for Xvnc? (i.e. not for a real display, but for a virtual one I keep around). - [185]Q-57: How can I use x11vnc on "headless" machines? Why might I + [186]Q-58: How can I use x11vnc on "headless" machines? Why might I want to? [Resource Usage and Performance] - [186]Q-58: I have lots of memory, but why does x11vnc fail with + [187]Q-59: I have lots of memory, but why does x11vnc fail with shmget: No space left on device or Minor opcode of failed request: 1 (X_ShmAttach)? - [187]Q-59: How can I make x11vnc use less system resources? + [188]Q-60: How can I make x11vnc use less system resources? - [188]Q-60: How can I make x11vnc use MORE system resources? + [189]Q-61: How can I make x11vnc use MORE system resources? - [189]Q-61: I use x11vnc over a slow link with high latency (e.g. + [190]Q-62: I use x11vnc over a slow link with high latency (e.g. dialup modem), is there anything I can do to speed things up? - [190]Q-62: Does x11vnc support the X DAMAGE Xserver extension to find + [191]Q-63: Does x11vnc support the X DAMAGE Xserver extension to find modified regions of the screen quickly and efficiently? - [191]Q-63: When I drag windows around with the mouse or scroll up and + [192]Q-64: When I drag windows around with the mouse or scroll up and down things really bog down (unless I do the drag in a single, quick motion). Is there anything to do to improve things? - [192]Q-64: Why not do something like wireframe animations to avoid the + [193]Q-65: Why not do something like wireframe animations to avoid the windows "lurching" when being moved or resized? - [193]Q-65: Can x11vnc try to apply heuristics to detect when a window + [194]Q-66: Can x11vnc try to apply heuristics to detect when a window is scrolling its contents and use the CopyRect encoding for a speedup? [Mouse Cursor Shapes] - [194]Q-66: Why isn't the mouse cursor shape (the little icon shape + [195]Q-67: Why isn't the mouse cursor shape (the little icon shape where the mouse pointer is) correct as I move from window to window? - [195]Q-67: When using XFIXES cursorshape mode, some of the cursors + [196]Q-68: When using XFIXES cursorshape mode, some of the cursors look really bad with extra black borders around the cursor and other cruft. How can I improve their appearance? - [196]Q-68: In XFIXES mode, are there any hacks to handle cursor + [197]Q-69: In XFIXES mode, are there any hacks to handle cursor transparency ("alpha channel") exactly? [Mouse Pointer] - [197]Q-69: Why does the mouse arrow just stay in one corner in my + [198]Q-70: Why does the mouse arrow just stay in one corner in my vncviewer, whereas my cursor (that does move) is just a dot? - [198]Q-70: Can I take advantage of the TightVNC extension to the VNC + [199]Q-71: Can I take advantage of the TightVNC extension to the VNC protocol where Cursor Positions Updates are sent back to all connected clients (i.e. passive viewers can see the mouse cursor being moved around by another viewer)? - [199]Q-71: Is it possible to swap the mouse buttons (e.g. left-handed + [200]Q-72: Is it possible to swap the mouse buttons (e.g. left-handed operation), or arbitrarily remap them? How about mapping button clicks to keystrokes, e.g. to partially emulate Mouse wheel scrolling? [Keyboard Issues] - [200]Q-72: How can I get my AltGr and Shift modifiers to work between + [201]Q-73: How can I get my AltGr and Shift modifiers to work between keyboards for different languages? - [201]Q-73: When I try to type a "<" (i.e. less than) instead I get ">" + [202]Q-74: When I try to type a "<" (i.e. less than) instead I get ">" (i.e. greater than)! Strangely, typing ">" works OK!! - [202]Q-74: When I try to type a "<" (i.e. less than) instead I get + [203]Q-75: When I try to type a "<" (i.e. less than) instead I get "<," (i.e. an extra comma). - [203]Q-75: I'm using an "international" keyboard (e.g. German "de", or + [204]Q-76: I'm using an "international" keyboard (e.g. German "de", or Danish "dk") and the -modtweak mode works well if the VNC viewer is run on a Unix/Linux machine with a similar keyboard. But if I run the VNC viewer on Unix/Linux with a different keyboard (e.g. "us") or Windows with any keyboard, I can't type some keys like: "@", "$", "<", ">", etc. How can I fix this? - [204]Q-76: When typing I sometimes get double, triple, or more of my + [205]Q-77: When typing I sometimes get double, triple, or more of my keystrokes repeated. I'm sure I only typed them once, what can I do? - [205]Q-77: The x11vnc -norepeat mode is in effect, but I still get + [206]Q-78: The x11vnc -norepeat mode is in effect, but I still get repeated keystrokes!! - [206]Q-78: The machine where I run x11vnc has an AltGr key, but the + [207]Q-79: The machine where I run x11vnc has an AltGr key, but the local machine where I run the VNC viewer does not. Is there a way I can map a local unused key to send an AltGr? How about a Compose key as well? - [207]Q-79: I have a Sun machine I run x11vnc on. Its Sun keyboard has + [208]Q-80: I have a Sun machine I run x11vnc on. Its Sun keyboard has just one Alt key labelled "Alt" and two Meta keys labelled with little diamonds. The machine where I run the VNC viewer only has Alt keys. How can I send a Meta keypress? (e.g. emacs needs this) - [208]Q-80: Can I map a keystroke to a mouse button click on the remote + [209]Q-81: Can I map a keystroke to a mouse button click on the remote machine? - [209]Q-81: How can I get Caps_Lock to work between my VNC viewer and + [210]Q-82: How can I get Caps_Lock to work between my VNC viewer and x11vnc? [Screen Related Issues and Features] - [210]Q-82: The remote display is larger (in number of pixels) than the + [211]Q-83: The remote display is larger (in number of pixels) than the local display I am running the vncviewer on. I don't like the vncviewer scrollbars, what I can do? - [211]Q-83: Does x11vnc support server-side framebuffer scaling? (E.g. + [212]Q-84: Does x11vnc support server-side framebuffer scaling? (E.g. to make the desktop smaller). - [212]Q-84: Does x11vnc work with Xinerama? (i.e. multiple monitors + [213]Q-85: Does x11vnc work with Xinerama? (i.e. multiple monitors joined together to form one big, single screen). - [213]Q-85: Can I use x11vnc on a multi-headed display that is not + [214]Q-86: Can I use x11vnc on a multi-headed display that is not Xinerama (i.e. separate screens :0.0, :0.1, ... for each monitor)? - [214]Q-86: Can x11vnc show only a portion of the display? (E.g. for a + [215]Q-87: Can x11vnc show only a portion of the display? (E.g. for a special purpose rfb application). - [215]Q-87: Does x11vnc support the XRANDR (X Resize, Rotate and + [216]Q-88: Does x11vnc support the XRANDR (X Resize, Rotate and Reflection) extension? Whenever I rotate or resize the screen x11vnc just seems to crash. - [216]Q-88: Independent of any XRANDR, can I have x11vnc rotate and/or + [217]Q-89: Independent of any XRANDR, can I have x11vnc rotate and/or reflect the screen that the VNC viewers see? (e.g. for a handheld whose screen is rotated 90 degrees). - [217]Q-89: Why is the view in my VNC viewer completely black? Or why + [218]Q-90: Why is the view in my VNC viewer completely black? Or why is everything flashing around randomly? - [218]Q-90: I use Linux Virtual Consoles (VC's) to implement 'Fast User + [219]Q-91: I use Linux Virtual Consoles (VC's) to implement 'Fast User Switching' between users' sessions (e.g. Betty is on Ctrl-Alt-F7, Bobby is on Ctrl-Alt-F8, and Sid is on Ctrl-Alt-F1: they use those keystrokes to switch between their sessions). How come the view in a @@ -1211,53 +1217,53 @@ make otherwise all messed up unless the X session x11vnc is attached to is in the active VC? - [219]Q-91: I am using x11vnc where my local machine has "popup/hidden + [220]Q-92: I am using x11vnc where my local machine has "popup/hidden taskbars" (e.g. GNOME or MacOS X) and the remote display where x11vnc runs also has "popup/hidden taskbars" (e.g. GNOME). When I move the mouse to the edge of the screen where the popups happen, the taskbars interfere and fight with each other in strange ways. What can I do? - [220]Q-92: Can I use x11vnc to view my VMWare session remotely? + [221]Q-93: Can I use x11vnc to view my VMWare session remotely? - [221]Q-93: Can non-X devices (e.g. a raw framebuffer) be viewed (and + [222]Q-94: Can non-X devices (e.g. a raw framebuffer) be viewed (and even controlled) via VNC with x11vnc? - [222]Q-94: Can I export via VNC a Webcam or TV tuner framebuffer using + [223]Q-95: Can I export via VNC a Webcam or TV tuner framebuffer using x11vnc? - [223]Q-95: Can I connect via VNC to a Qt-embedded/Qtopia application + [224]Q-96: Can I connect via VNC to a Qt-embedded/Qtopia application running on my handheld or PC using the Linux console framebuffer (i.e. not X11)? - [224]Q-96: Now that non-X11 devices can be exported via VNC using + [225]Q-97: Now that non-X11 devices can be exported via VNC using x11vnc, can I build it with no dependencies on X11 header files and libraries? - [225]Q-97: Can I use x11vnc to record a Shock Wave Flash (or other + [226]Q-98: Can I use x11vnc to record a Shock Wave Flash (or other format) video of my desktop, e.g. to record a tutorial or demo? [Misc: Clipboard, File Transfer/Sharing, Printing, Sound, Beeps, Thanks, etc.] - [226]Q-98: Does the Clipboard/Selection get transferred between the + [227]Q-99: Does the Clipboard/Selection get transferred between the vncviewer and the X display? - [227]Q-99: Can I transfer files back and forth with x11vnc? + [228]Q-100: Can I transfer files back and forth with x11vnc? - [228]Q-100: Can I (temporarily) mount my local (viewer-side) + [229]Q-101: Can I (temporarily) mount my local (viewer-side) Windows/Samba File share on the machine where x11vnc is running? - [229]Q-101: Can I redirect CUPS print jobs from the remote desktop + [230]Q-102: Can I redirect CUPS print jobs from the remote desktop where x11vnc is running to a printer on my local (viewer-side) machine? - [230]Q-102: How can I hear the sound (audio) from the remote + [231]Q-103: How can I hear the sound (audio) from the remote applications on the desktop I am viewing via x11vnc? - [231]Q-103: Why don't I hear the "Beeps" in my X session (e.g. when + [232]Q-104: Why don't I hear the "Beeps" in my X session (e.g. when typing tput bel in an xterm)? - [232]Q-104: Thanks for your program and for your help! Can I make a + [233]Q-105: Thanks for your program and for your help! Can I make a donation? _________________________________________________________________ @@ -1270,7 +1276,7 @@ make For the former error, you need to specify the X display to connect to (it also needs to be on the same machine the x11vnc process is to run - on). Set your DISPLAY environment variable or use the [233]-display + on). Set your DISPLAY environment variable or use the [234]-display option to specify it. Nearly always the correct value will be ":0" (in fact, x11vnc will now assume :0 if given no other information). @@ -1287,9 +1293,9 @@ make working when you try to start x11vnc via, say, a remote shell. How to Solve: See the xauth(1), Xsecurity(7), and xhost(1) man pages - or [234]this Howto for much info on X11 permissions. For example, you + or [235]this Howto for much info on X11 permissions. For example, you may need to set your XAUTHORITY environment variable or use the - [235]-auth option to point to the correct MIT-MAGIC-COOKIE file (e.g. + [236]-auth option to point to the correct MIT-MAGIC-COOKIE file (e.g. /home/joe/.Xauthority or /var/gdm/:0.Xauth or /var/lib/kdm/A:0-crWk72K or /tmp/.gdmzndVlR, etc.), or simply be sure you run x11vnc as the correct user (i.e. the user who is logged into the X session you wish @@ -1311,7 +1317,7 @@ make x11vnc -display :0 -auth /var/gdm/:0.Xauth (this is for the display manager gdm and requires root permission to - read the gdm cookie file, see [236]this faq for other display manager + read the gdm cookie file, see [237]this faq for other display manager cookie file names). While running x11vnc as root, remember it comes with no warranty ;-). @@ -1321,7 +1327,7 @@ make (from the same machine). The person could then type "xhost -localhost" after x11vnc has connected to go back to the default permissions. Also, for some situations the "-users lurk=" option may be of use - (please read the documentation on the [237]-users option). + (please read the documentation on the [238]-users option). To test out your X11 permissions from a remote shell, set DISPLAY and possibly XAUTHORITY (see your shell's man page, bash(1), tcsh(1), on @@ -1433,7 +1439,7 @@ h earlier and perhaps non-Solaris): First use the environment settings (CPPFLAGS, LDFLAGS, etc.) in the - above [238]Solaris build script to run the configure command. That + above [239]Solaris build script to run the configure command. That should succeed without failure. Then you have to hand edit the autogenerated rfb/rfbconfig.h file in the source tree, and just before the last #endif at the bottom of that file insert these workaround @@ -1459,7 +1465,7 @@ typedef unsigned int in_addr_t; on other older OS (Solaris, Linux, ...) releases. Here are some notes for similar steps that need to be done to build on - [239]SunOS 4.x + [240]SunOS 4.x Please let us know if you had to use the above workaround (and whether it worked or not). If there is enough demand we will try to push clean @@ -1469,28 +1475,28 @@ typedef unsigned int in_addr_t; Q-5: Where can I get a precompiled x11vnc binary for my Operating System? - Hopefully the [240]build steps above and [241]FAQ provide enough info + Hopefully the [241]build steps above and [242]FAQ provide enough info for a painless compile for most environments. Please report problems with the x11vnc configure, make, etc. on your system (if your system is known to compile other GNU packages successfully). There are precompiled x11vnc binaries built by other groups that are available at the following locations: - Debian: (.deb) [242]http://packages.debian.org/x11vnc - - Slackware: (.tgz) [243]http://www.linuxpackages.net/ Redhat/Fedora: - (.rpm) [244]http://dag.wieers.com/packages/x11vnc/ - [245]http://dries.ulyssis.org/rpm/packages/x11vnc SuSE: (.rpm) - [246]http://linux01.gwdg.de/~pbleser/ Solaris: (pkg) - [247]http://www.sunfreeware.com/ FreeBSD: (.tbz) - [248]http://www.freebsd.org/ [249]http://www.freshports.org/net/x11vnc - OpenBSD: (.tgz) [250]http://www.openbsd.org/ NetBSD: (src) - [251]http://pkgsrc.se/x11/x11vnc Nokia 770 (.deb) - [252]http://mike.saunby.net/770/x11vnc/ Sharp Zaurus - [253]http://www.pdaxrom.org/ and [254]http://www.focv.com/ + Debian: (.deb) [243]http://packages.debian.org/x11vnc + + Slackware: (.tgz) [244]http://www.linuxpackages.net/ Redhat/Fedora: + (.rpm) [245]http://dag.wieers.com/packages/x11vnc/ + [246]http://dries.ulyssis.org/rpm/packages/x11vnc SuSE: (.rpm) + [247]http://linux01.gwdg.de/~pbleser/ Solaris: (pkg) + [248]http://www.sunfreeware.com/ FreeBSD: (.tbz) + [249]http://www.freebsd.org/ [250]http://www.freshports.org/net/x11vnc + OpenBSD: (.tgz) [251]http://www.openbsd.org/ NetBSD: (src) + [252]http://pkgsrc.se/x11/x11vnc Nokia 770 (.deb) + [253]http://mike.saunby.net/770/x11vnc/ Sharp Zaurus + [254]http://www.pdaxrom.org/ and [255]http://www.focv.com/ If the above binaries don't work and building x11vnc on your OS fails - (and all else fails!) you can try one of [255]my collection of + (and all else fails!) you can try one of [256]my collection of binaries for various OS's and x11vnc releases. As a general note, the x11vnc program is simple enough you don't @@ -1511,11 +1517,11 @@ typedef unsigned int in_addr_t; To obtain VNC viewers for the viewing side (Windows, Mac OS, or Unix) try here: - * [256]http://www.tightvnc.com/download.html - * [257]http://www.realvnc.com/download-free.html - * [258]http://sourceforge.net/projects/cotvnc/ - * [259]http://www.ultravnc.com/ - * [260]Our Enhanced TightVNC Viewer packages + * [257]http://www.tightvnc.com/download.html + * [258]http://www.realvnc.com/download-free.html + * [259]http://sourceforge.net/projects/cotvnc/ + * [260]http://www.ultravnc.com/ + * [261]Our Enhanced TightVNC Viewer packages Q-7: How can I see all of x11vnc's command line options and @@ -1523,7 +1529,7 @@ typedef unsigned int in_addr_t; Run: x11vnc -opts to list just the option names or run: x11vnc -help for long descriptions about each option. The output is listed - [261]here as well. Yes, x11vnc does have a lot of options, doesn't + [262]here as well. Yes, x11vnc does have a lot of options, doesn't it... @@ -1555,10 +1561,10 @@ display :0 program is needed for operation. The gui is not particularly user-friendly, it just provides a point and click mode to set all the many x11vnc parameters and obtain help on them. It is also very useful - for testing. See the [262]-gui option for more info. Examples: "x11vnc + for testing. See the [263]-gui option for more info. Examples: "x11vnc ... -gui" and "x11vnc ... -gui other:0" in the latter case the gui is displayed on other:0, not the X display x11vnc is polling. There is - also a "[263]-gui tray" system tray mode. + also a "[264]-gui tray" system tray mode. Q-9: How can I get the GUI to run in the System Tray, or at least be a @@ -1597,11 +1603,11 @@ display :0 Q-11: Can I make x11vnc more quiet and also go into the background after starting up? - Use the [264]-q and [265]-bg options, respectively. (also: -quiet is + Use the [265]-q and [266]-bg options, respectively. (also: -quiet is an alias for -q) Note that under -bg the stderr messages will be lost unless you use - the "[266]-o logfile" option. + the "[267]-o logfile" option. Q-12: Sometimes when a VNC viewer dies abruptly, x11vnc also dies with @@ -1622,7 +1628,7 @@ display :0 There are some options. They are enabled by adding something like -Dxxxx=1 to the CPPFLAGS environment variable before running configure - (see the [267]build notes for general background). + (see the [268]build notes for general background). /* * Mar/2006 * Build-time customization via CPPFLAGS. @@ -1693,21 +1699,21 @@ display :0 dual-screen mode to pass the keystrokes and mouse motions to the X11 display? - Yes, for best response start up x11vnc with the "[268]-nofb" option + Yes, for best response start up x11vnc with the "[269]-nofb" option (disables framebuffer polling, and does other optimizations) on the secondary display (X11) machine. Then start up Win2VNC on the primary display (Windows) referring it to the secondary display. - This will also work X11 to X11 using [269]x2vnc, however you would + This will also work X11 to X11 using [270]x2vnc, however you would probably just want to avoid VNC and use x2x for that. For reference, here are some links to Win2VNC-like programs for multiple monitor setups: - * [270]Original Win2VNC - * [271]Enhanced Win2VNC and [272]sourceforge link - * [273]x2vnc - * [274]x2x also [275]here - * [276]zvnc (MorphOS) + * [271]Original Win2VNC + * [272]Enhanced Win2VNC and [273]sourceforge link + * [274]x2vnc + * [275]x2x also [276]here + * [277]zvnc (MorphOS) All of them will work with x11vnc (except x2x where it is not needed). @@ -1727,7 +1733,7 @@ display :0 on your display to be depth 24 TrueColor? Sun machines often have 8+24 overlay/multi-depth visuals, and you can make the default visual depth 24 TrueColor (see fbconfig(1) and Xsun(1)). 2) As of Feb/2004 x11vnc - has the [277]-visual option to allow you to force the framebuffer + has the [278]-visual option to allow you to force the framebuffer visual to whatever you want (this usually messes up the colors unless you are very clever). In this case, the option provides a convenient workaround for the Win2VNC bug: @@ -1742,7 +1748,7 @@ display :0 PseudoColor (i.e. only 256 distinct colors). The x11vnc colors may start out OK, but after a while they are incorrect in certain windows. - Use the [278]-flashcmap option to have x11vnc watch for changes in the + Use the [279]-flashcmap option to have x11vnc watch for changes in the colormap, and propagate those changes back to connected clients. This can be slow (since the whole screen must be updated over the network whenever the colormap changes). This flashing colormap behavior often @@ -1751,13 +1757,13 @@ display :0 example of this. Consider reconfiguring the system to 16 bpp or depth 24 TrueColor if at all possible. - Also note the option [279]-8to24 (Jan/2006) can often remove the need + Also note the option [280]-8to24 (Jan/2006) can often remove the need for flashing the colormap. Everything is dynamically transformed to depth 24 at 32 bpp using the colormaps. There may be painting errors however (see the following FAQ for tips on reducing and correcting them). - In some rare cases the [280]-notruecolor option has corrected colors + In some rare cases the [281]-notruecolor option has corrected colors on 8bpp displays. The red, green, and blue masks were non-zero in 8bpp PseudoColor on an obscure setup, and this option corrected the problems. @@ -1768,13 +1774,13 @@ display :0 different color depths: e.g. there are both depth 8 and 24 visuals available at the same time. - You may want to review the [281]previous question regarding 8 bpp + You may want to review the [282]previous question regarding 8 bpp PseudoColor. - On some hardware (Sun/SPARC and SGI), the [282]-overlay option + On some hardware (Sun/SPARC and SGI), the [283]-overlay option discussed a couple paragraphs down may solve this for you (you may want to skip to it directly). On other hardware the less robust - [283]-8to24 option may help (also discussed below). + [284]-8to24 option may help (also discussed below). Run xdpyinfo(1) to see what the default visual is and what the depths of the other visuals are. Does the default visual have a depth of 8 @@ -1810,7 +1816,7 @@ TrueColor defdepth 24 The -overlay mode: Another option is if the system with overlay visuals is a Sun system running Solaris or SGI running IRIX you can - use the [284]-overlay x11vnc option (Aug/2004) to have x11vnc use the + use the [285]-overlay x11vnc option (Aug/2004) to have x11vnc use the Solaris XReadScreen(3X11) function to poll the "true view" of the whole screen at depth 24 TrueColor. XReadDisplay(3X11) is used on IRIX. This is useful for Legacy applications (older versions of @@ -1835,7 +1841,7 @@ TrueColor defdepth 24 Xsun, e.g. in your /etc/dt/config/Xservers file). - The -8to24 mode: The [285]-8to24 x11vnc option (Jan/2006) is a kludge + The -8to24 mode: The [286]-8to24 x11vnc option (Jan/2006) is a kludge to try to dynamically rewrite the pixel values so that the 8bpp part of the screen is mapped onto depth 24 TrueColor. This is less robust than the -overlay mode because it is done by x11vnc outside of the X @@ -1849,11 +1855,11 @@ TrueColor defdepth 24 32bpp view is exported via VNC. Even on pure 8bpp displays it can be used as an alternative to - [286]-flashcmap to avoid color flashing completely. + [287]-flashcmap to avoid color flashing completely. This scheme is approximate and can often lead to painting errors. You can manually correct most painting errors by pressing 3 Alt_L's in a - row, or by using something like: [287]-fixscreen V=3.0 to + row, or by using something like: [288]-fixscreen V=3.0 to automatically refresh the screen every 3 seconds. Also -fixscreen 8=3.0 has been added to just refresh the non-default visual parts of the screen. @@ -1866,23 +1872,23 @@ TrueColor defdepth 24 nogetimage can give a nice speedup if the default depth 24 X server supports hiding the 8bpp bits in bits 25-32 of the framebuffer data. On very slow machines -8to24 poll=0.2,cachewin=5.0 gives an useful - speedup. See the [288]-8to24 help description for information on + speedup. See the [289]-8to24 help description for information on tunable parameters, etc. Colors still not working correctly? Run xwininfo on the application with the incorrect colors to verify that the depth of its visual is different from the default visual depth (gotten from xdpyinfo). One - possible workaround in this case is to use the [289]-id option to + possible workaround in this case is to use the [290]-id option to point x11vnc at the application window itself. If the application is complicated (lots of toplevel windows and popup menus) this may not be acceptable, and may even crash x11vnc (but not the application). It is theoretically possible to solve this problem in general (see xwd(1) for example), but it does not seem trivial or sufficiently fast - for x11vnc to be able to do so in real time. The [290]-8to24 method + for x11vnc to be able to do so in real time. The [291]-8to24 method does this approximately and is somewhat usable. Fortunately the - [291]-overlay option works for Solaris machines with overlay visuals + [292]-overlay option works for Solaris machines with overlay visuals where most of this problem occurs. @@ -1893,9 +1899,9 @@ TrueColor defdepth 24 the desired application window. After clicking, it will print out much information, including the window id (e.g. 0x6000010). Also, the visual and depth of the window printed out is often useful in - debugging x11vnc [292]color problems. + debugging x11vnc [293]color problems. - Also, as of Dec/2004 you can use "[293]-id pick" to have x11vnc run + Also, as of Dec/2004 you can use "[294]-id pick" to have x11vnc run xwininfo(1) for you and after you click the window it extracts the windowid. Besides "pick" there is also "id:root" to allow you to go back to root window when doing remote-control. @@ -1913,7 +1919,7 @@ TrueColor defdepth 24 you should be able to see these transient windows. If things are not working and you still want to do the single window - polling, try the [294]-sid windowid option ("shifted" windowid). + polling, try the [295]-sid windowid option ("shifted" windowid). Q-20: My X display is depth 24 at 24bpp (instead of the normal depth @@ -1948,7 +1954,7 @@ TrueColor defdepth 24 handle 24bpp from the server, so you may want to use those. They evidently request 32 bpp and libvncserver obliges. - Update: as of Apr/2006 you can use the [295]-24to32 option to have + Update: as of Apr/2006 you can use the [296]-24to32 option to have x11vnc dynamically transform the 24bpp pixel data to 32bpp. This extra transformation could slow things down further however. @@ -1967,15 +1973,15 @@ TrueColor defdepth 24 since you will be polling the X display over the network as opposed to over the local hardware. To do this, run x11vnc on a UNIX machine as close as possible network-wise (e.g. same switch) to the Xterminal - machine. Use the [296]-display option to point the display to that of + machine. Use the [297]-display option to point the display to that of the Xterminal (you'll of course need basic X11 permission to do that) - and finally supply the [297]-noshm option (this enables the polling + and finally supply the [298]-noshm option (this enables the polling over the network). The response will likely be sluggish (maybe only one "frame" per second). This mode is not recommended except for "quick checks" of hard to get to X servers. Use something like "-wait 150" to cut down - on the polling rate. You may also need [298]-flipbyteorder if the + on the polling rate. You may also need [299]-flipbyteorder if the colors get messed up due to endian byte order differences. Q-22: How do I get my X permissions (MIT-MAGIC-COOKIE file) correct @@ -1999,7 +2005,7 @@ TrueColor defdepth 24 copied to the Xterminal. If $HOME/.Xauthority is exported via NFS (this is insecure of course, but has been going on for decades), then x11vnc can simply pick it up via NFS (you may need to use the - [299]-auth option to point to the correct file). Other options include + [300]-auth option to point to the correct file). Other options include copying the auth file using scp, or something like: central-server> xauth nextract - xterm123:0 | ssh xterm123 xauth nmerge - @@ -2011,7 +2017,7 @@ TrueColor defdepth 24 details. If the display name in the cookie file needs to be changed between the - two hosts, see [300]this note on the "xauth add ..." command. + two hosts, see [301]this note on the "xauth add ..." command. A less secure option is to run something like "xhost +127.0.0.1" while sitting at the Xterminal box to allow cookie-free local access for @@ -2025,7 +2031,7 @@ TrueColor defdepth 24 occasional app more efficiently locally on the Xterminal box (e.g. realplayer). - Not recommended, but as a last resort, you could have x11vnc [301]poll + Not recommended, but as a last resort, you could have x11vnc [302]poll the Xterminal Display over the network. For this you would run a "x11vnc -noshm ..." process on the central-server (and hope the network admin doesn't get angry...) @@ -2054,13 +2060,13 @@ TrueColor defdepth 24 Q-23: I'm having trouble using x11vnc with my Sun Ray session. - The [302]Sun Ray technology is a bit like "VNC done in hardware" (the + The [303]Sun Ray technology is a bit like "VNC done in hardware" (the Sun Ray terminal device, DTU, playing the role of the vncviewer). Completely independent of that, the SunRay user's session is still an X server that speaks the X11 protocol and so x11vnc simply talks to the X server part to export the SunRay desktop to any place in the world (i.e. not only to a Sun Ray terminal device), creating a sort of - "Soft Ray". Please see [303]this discussion of Sun Ray issues for + "Soft Ray". Please see [304]this discussion of Sun Ray issues for solutions to problems. [Remote Control] @@ -2068,18 +2074,18 @@ TrueColor defdepth 24 Q-24: How do I stop x11vnc once it is running in the background? As of Dec/2004 there is a remote control feature. It can change a huge - amount of things on the fly: see the [304]-remote and [305]-query + amount of things on the fly: see the [305]-remote and [306]-query options. To shut down the running x11vnc server just type "x11vnc -R stop". To disconnect all clients do "x11vnc -R disconnect:all", etc. - If the [306]-forever option has not been supplied, x11vnc will + If the [307]-forever option has not been supplied, x11vnc will automatically exit after the first client disconnects. In general if you cannot use the remote control, then you will have to kill the x11vnc process This can be done via: "kill NNNNN" (where NNNNN is the x11vnc process id number found from ps(1)), or "pkill x11vnc", or "killall x11vnc" (Linux only). - If you have not put x11vnc in the background via the [307]-bg option + If you have not put x11vnc in the background via the [308]-bg option or shell & operator, then simply press Ctrl-C in the shell where x11vnc is running to stop it. @@ -2089,15 +2095,15 @@ TrueColor defdepth 24 down state in the Xserver. Tapping the stuck key (either via a new x11vnc or at the physical console) will release it from the stuck state. If the keyboard seems to be acting strangely it is often fixed - by tapping Ctrl, Shift, and Alt. Alternatively, the [308]-clear_mods - option and [309]-clear_keys option can be used to release pressed keys + by tapping Ctrl, Shift, and Alt. Alternatively, the [309]-clear_mods + option and [310]-clear_keys option can be used to release pressed keys at startup and exit. Q-25: Can I change settings in x11vnc without having to restart it? Can I remote control it? - Look at the [310]-remote (same as -R) and [311]-query (same as -Q) + Look at the [311]-remote (same as -R) and [312]-query (same as -Q) options added in Dec/2004. They allow nearly everything to be changed dynamically and settings to be queried. Examples: "x11vnc -R shared", "x11vnc -R forever", "x11vnc -R scale:3/4", "x11vnc -Q modtweak", @@ -2108,7 +2114,7 @@ TrueColor defdepth 24 correctly for communication to be possible. There is also a simple Tcl/Tk gui based on this remote control - mechanism. See the [312]-gui option for more info. You will need to + mechanism. See the [313]-gui option for more info. You will need to have Tcl/Tk (i.e. /usr/bin/wish) installed for it to work. It can also run in the system tray: "-gui tray" or as a standalone icon window: "-gui icon". @@ -2123,12 +2129,12 @@ TrueColor defdepth 24 vncpasswd(1) program from those packages. As of Jun/2004 x11vnc supports the -storepasswd "pass" "file" - [313]option, which is the same functionality of storepasswd. Be sure + [314]option, which is the same functionality of storepasswd. Be sure to quote the "pass" if it contains shell meta characters, spaces, etc. Example: x11vnc -storepasswd 'sword*fish' $HOME/myvncpasswd - You then use the password via the x11vnc option: "[314]-rfbauth + You then use the password via the x11vnc option: "[315]-rfbauth $HOME/myvncpasswd" As of Jan/2006 if you do not supply any arguments: @@ -2140,11 +2146,11 @@ TrueColor defdepth 24 ~/.mypass", the password you are prompted for will be stored in that file. - x11vnc also has the [315]-passwdfile and -passwd/-viewpasswd plain + x11vnc also has the [316]-passwdfile and -passwd/-viewpasswd plain text (i.e. not obscured like the -rfbauth VNC passwords) password options. - You can use the [316]-usepw option to automatically use any password + You can use the [317]-usepw option to automatically use any password file you have in ~/.vnc/passwd or ~/.vnc/passwdfile (the latter is used with the -passwdfile option). @@ -2176,14 +2182,14 @@ TrueColor defdepth 24 Q-28: Can I have two passwords for VNC viewers, one for full access and the other for view-only access to the display? - Yes, as of May/2004 there is the [317]-viewpasswd option to supply the - view-only password. Note the full-access password option [318]-passwd + Yes, as of May/2004 there is the [318]-viewpasswd option to supply the + view-only password. Note the full-access password option [319]-passwd must be supplied at the same time. E.g.: -passwd sword -viewpasswd fish. To avoid specifying the passwords on the command line (where they could be observed via the ps(1) command by any user) you can use the - [319]-passwdfile option to specify a file containing plain text + [320]-passwdfile option to specify a file containing plain text passwords. Presumably this file is readable only by you, and ideally it is located on the machine x11vnc is run on (to avoid being snooped on over the network). The first line of this file is the full-access @@ -2191,7 +2197,7 @@ TrueColor defdepth 24 it is taken as the view-only password. (use "__EMPTY__" to supply an empty one). - View-only passwords currently do not work for the [320]-rfbauth + View-only passwords currently do not work for the [321]-rfbauth password option (standard VNC password storing mechanism). FWIW, note that although the output (usually placed in $HOME/.vnc/passwd) by the vncpasswd or storepasswd programs (or from x11vnc -storepasswd) looks @@ -2204,7 +2210,7 @@ TrueColor defdepth 24 Q-29: Can I have as many full-access and view-only passwords as I like? - Yes, as of Jan/2006 in the libvncserver CVS the [321]-passwdfile + Yes, as of Jan/2006 in the libvncserver CVS the [322]-passwdfile option has been extended to handle as many passwords as you like. You put the view-only passwords after a line __BEGIN_VIEWONLY__. @@ -2214,7 +2220,7 @@ TrueColor defdepth 24 Q-30: Does x11vnc support Unix usernames and passwords? Can I further limit the set of Unix usernames who can connect to the VNC desktop? - Update: as of Feb/2006 x11vnc has the [322]-unixpw option that does + Update: as of Feb/2006 x11vnc has the [323]-unixpw option that does this outside of the VNC protocol and libvncserver. The standard su(1) program is used to validate the user's password. A familiar "login:" and "Password:" dialog is presented to the user on a black screen @@ -2224,7 +2230,7 @@ TrueColor defdepth 24 A list of allowed Unix usernames may also be supplied along with per-user settings. - There is also the [323]-unixpw_nis option for non-shadow-password + There is also the [324]-unixpw_nis option for non-shadow-password (typically NIS environments, hence the name) systems where the traditional getpwnam() and crypt() functions are used instead of su(1). The encrypted user passwords must be accessible to the user @@ -2233,11 +2239,11 @@ TrueColor defdepth 24 shadow(5). Two settings are enforced in the -unixpw and -unixpw_nis modes to - provide extra security: the 1) [324]-localhost and 2) [325]-stunnel or - [326]-ssl options. Without these one might send the Unix username and + provide extra security: the 1) [325]-localhost and 2) [326]-stunnel or + [327]-ssl options. Without these one might send the Unix username and password data in clear text over the network which is a very bad idea. They can be relaxed if you want to provide encryption other than - stunnel or [327]-ssl (the constraint is automatically relaxed if + stunnel or [328]-ssl (the constraint is automatically relaxed if SSH_CONNECTION is set and indicates you have ssh-ed in, however the -localhost requirement is still enforced). @@ -2256,13 +2262,13 @@ TrueColor defdepth 24 approximate at best. One approximate method involves starting x11vnc with the - [328]-localhost option. This basically requires the viewer user to log + [329]-localhost option. This basically requires the viewer user to log into the workstation where x11vnc is running via their Unix username and password, and then somehow set up a port redirection of his vncviewer connection to make it appear to emanate from the local machine. As discussed above, ssh is useful for this: "ssh -L 5900:localhost:5900 user@hostname ..." See the ssh wrapper scripts - mentioned [329]elsewhere on this page. [330]stunnel does this as well. + mentioned [330]elsewhere on this page. [331]stunnel does this as well. Of course a malicious user could allow other users to get in through his channel, but that is a problem with every method. Another thing to @@ -2273,7 +2279,7 @@ TrueColor defdepth 24 traditional way would be to further require a VNC password to supplied (-rfbauth, -passwd, etc) and only tell the people allowed in what the VNC password is. A scheme that avoids a second password involves using - the [331]-accept option that runs a program to examine the connection + the [332]-accept option that runs a program to examine the connection information to determine which user is connecting from the local machine. That may be difficult to do, but, for example, the program could use the ident service on the local machine (normally ident @@ -2312,15 +2318,15 @@ exit 1 # reject it These defaults are simple safety measures to avoid someone unknowingly leaving his X11 desktop exposed (to the internet, say) for long - periods of time. Use the [332]-forever option (aka -many) to have + periods of time. Use the [333]-forever option (aka -many) to have x11vnc wait for more connections after the first client disconnects. - Use the [333]-shared option to have x11vnc allow multiple clients to + Use the [334]-shared option to have x11vnc allow multiple clients to connect simultaneously. - Recommended additional safety measures include using ssh ([334]see - above), stunnel, [335]-ssl, or a VPN to authenticate and encrypt the + Recommended additional safety measures include using ssh ([335]see + above), stunnel, [336]-ssl, or a VPN to authenticate and encrypt the viewer connections or to at least use the -rfbauth passwd-file - [336]option to use VNC password protection (or [337]-passwdfile) It is + [337]option to use VNC password protection (or [338]-passwdfile) It is up to YOU to apply these security measures, they will not be done for you automatically. @@ -2328,7 +2334,7 @@ exit 1 # reject it Q-32: Can I limit which machines incoming VNC clients can connect from? - Yes, look at the [338]-allow and [339]-localhost options to limit + Yes, look at the [339]-allow and [340]-localhost options to limit connections by hostname or IP address. E.g. x11vnc -allow 192.168.0.1,192.168.0.2 @@ -2340,7 +2346,7 @@ exit 1 # reject it Note that -localhost achieves the same thing as "-allow 127.0.0.1" For more control, build libvncserver with libwrap support - [340](tcp_wrappers) and then use /etc/hosts.allow See hosts_access(5) + [341](tcp_wrappers) and then use /etc/hosts.allow See hosts_access(5) for complete details. @@ -2360,7 +2366,7 @@ exit 1 # reject it is "vnc", e.g.: vnc: 192.168.100.3 .example.com - Note that if you run x11vnc out of [341]inetd you do not need to build + Note that if you run x11vnc out of [342]inetd you do not need to build x11vnc with libwrap support because the /usr/sbin/tcpd reference in /etc/inetd.conf handles the tcp_wrappers stuff. @@ -2369,15 +2375,15 @@ exit 1 # reject it internal LAN) rather than having it listen on all network interfaces and relying on -allow to filter unwanted connections out? - As of Mar/2005 there is the "[342]-listen ipaddr" option that enables + As of Mar/2005 there is the "[343]-listen ipaddr" option that enables this. For ipaddr either supply the desired network interface's IP address (or use a hostname that resolves to it) or use the string "localhost". For additional filtering simultaneously use the - "[343]-allow host1,..." option to allow only specific hosts in. + "[344]-allow host1,..." option to allow only specific hosts in. This option is useful if you want to insure that no one can even begin a dialog with x11vnc from untrusted network interfaces (e.g. ppp0). - The option [344]-localhost now implies "-listen localhost" since that + The option [345]-localhost now implies "-listen localhost" since that is what most people expect it to do. @@ -2385,7 +2391,7 @@ exit 1 # reject it interface, how I can occasionally allow in a non-localhost via the -R allowonce remote control command? - To do this specify "[345]-allow localhost". Unlike [346]-localhost + To do this specify "[346]-allow localhost". Unlike [347]-localhost this will leave x11vnc listening on all interfaces (but of course only allowing in local connections, e.g. ssh redirs). Then you can later run "x11vnc -R allowonce:somehost" or use to gui to permit a one-shot @@ -2396,7 +2402,7 @@ exit 1 # reject it some users just be able to move the mouse, but not click or type anything? - As of Feb/2005, the [347]-input option allows you to do this. "K", + As of Feb/2005, the [348]-input option allows you to do this. "K", "M", "B", and "C" stand for Keystroke, Mouse-motion, Button-clicks, and Clipboard, respectively. The setting: "-input M" makes attached viewers only able to move the mouse. "-input KMBC,M" lets normal @@ -2411,7 +2417,7 @@ exit 1 # reject it some clients view-only? How about running an arbitrary program to make the decisions? - Yes, look at the "[348]-accept command" option, it allows you to + Yes, look at the "[349]-accept command" option, it allows you to specify an external command that is run for each new client. (use quotes around the command if it contains spaces, etc.). If the external command returns 0 the client is accepted, otherwise the @@ -2430,7 +2436,7 @@ exit 1 # reject it own simple popup window. To accept the client press "y" or click mouse on the "Yes" button. To reject the client press "n" or click mouse on the "No" button. To accept the client View-only, press "v" or click - mouse on the "View" button. If the [349]-viewonly option has been + mouse on the "View" button. If the [350]-viewonly option has been supplied, the "View" action will not be present: the whole display is view only in that case. @@ -2446,7 +2452,7 @@ exit 1 # reject it program to prompt the user whether the client should be accepted or not. This requires that you have xmessage installed and available via PATH. In case it is not already on your system, the xmessage program - is available at [350]ftp://ftp.x.org/ + is available at [351]ftp://ftp.x.org/ To include view-only decisions for the external commands, prefix the command something like this: "yes:0,no:*,view:3 mycommand ..." This @@ -2485,7 +2491,7 @@ elif [ $rc = 4 ]; then fi exit 1 - Stefan Radman has written a nice dtksh script [351]dtVncPopup for use + Stefan Radman has written a nice dtksh script [352]dtVncPopup for use in CDE environments to do the same sort of thing. Information on how to use it is found at the top of the file. He encourages you to provide feedback to him to help improve the script. @@ -2494,13 +2500,13 @@ exit 1 popup is being run, so attached clients will not receive screen updates, etc during this period. - To run a command when a client disconnects, use the "[352]-gone + To run a command when a client disconnects, use the "[353]-gone command" option. This is for the user's convenience only: the return code of the command is not interpreted by x11vnc. The same environment variables are set as in "-accept command" (except that RFB_MODE will be "gone"). - As of Jan/2006 the "[353]-afteraccept command" option will run the + As of Jan/2006 the "[354]-afteraccept command" option will run the command only after the VNC client has been accepted and authenticated. Like -gone the return code is not interprted. RFB_MODE will be "afteraccept"). @@ -2510,7 +2516,7 @@ exit 1 display manager like gdm(1). Can I have x11vnc later switch to a different user? - As of Feb/2005 x11vnc has the [354]-users option that allows things + As of Feb/2005 x11vnc has the [355]-users option that allows things like this. Please read the documentation on it (also in the x11vnc -help output) carefully for features and caveats. It's use can often decrease security unless care is taken. @@ -2535,7 +2541,7 @@ exit 1 In any event, as of Jun/2004 there is an experimental utility to make it more difficult for nosey people to see your x11vnc activities. The - source for it is [355]blockdpy.c The idea behind it is simple (but + source for it is [356]blockdpy.c The idea behind it is simple (but obviously not bulletproof): when a VNC client attaches to x11vnc put the display monitor in the DPMS "off" state, if the DPMS state ever changes immediately start up the screen-lock program. The x11vnc user @@ -2551,8 +2557,8 @@ exit 1 bulletproof. A really robust solution would likely require X server and perhaps even video hardware support. - The blockdpy utility is launched by the [356]-accept option and told - to exit via the [357]-gone option (the vnc client user should + The blockdpy utility is launched by the [357]-accept option and told + to exit via the [358]-gone option (the vnc client user should obviously re-lock the screen before disconnecting!). Instructions can be found in the source code for the utility at the above link. @@ -2560,7 +2566,7 @@ exit 1 Q-40: Can I have x11vnc automatically lock the screen when I disconnect the VNC viewer? - Yes, a user mentions he uses the [358]-gone option under CDE to run a + Yes, a user mentions he uses the [359]-gone option under CDE to run a screen lock program: x11vnc -display :0 -forever -gone 'dtaction LockDisplay' @@ -2569,7 +2575,7 @@ exit 1 x11vnc -display :0 -forever -gone 'kdesktop_lock' x11vnc -display :0 -forever -gone 'xlock &' - Here is a scheme using the [359]-afteraccept option (in version 0.7.3) + Here is a scheme using the [360]-afteraccept option (in version 0.7.3) to unlock the screen after the first valid VNC login and to lock the screen after the last valid VNC login disconnects: x11vnc -display :0 -forever -shared -afteraccept ./myxlocker -gone ./myxlocke @@ -2594,27 +2600,41 @@ elif [ "X$RFB_MODE" = "Xgone" ]; then fi fi + Q-41: Help! x11vnc and my KDE screensaver keep switching each other on + and off every few seconds. + + This is a new (Jul/2006) problem seen, say, on the version of KDE that + is shipped with SuSE 10.1. It is not yet clear what is causing this... + If you move the mouse through x11vnc the screensaver shuts off like it + should but then a second or two after you stop moving the mouse the + screensaver snaps back on. + + This may be a bug in kdesktop_lock. For now the only workaround is to + disable the screensaver. You can try using another one such as + straight xscreensaver (see the instructions [361]here for how to + disable kdesktop_lock). If you have more info on this or see it + outside of KDE please let us know. [Encrypted Connections] - Q-41: How can I tunnel my connection to x11vnc via an encrypted SSH + Q-42: How can I tunnel my connection to x11vnc via an encrypted SSH channel between two Unix machines? - See the description earlier on this page on [360]how to tunnel VNC via + See the description earlier on this page on [362]how to tunnel VNC via SSH from Unix to Unix. A number of ways are described along with some issues you may encounter. Other secure encrypted methods exists, e.g. stunnel, IPSEC, various VPNs, etc. - See also the [361]Enhanced TightVNC Viewer page where much of this is + See also the [363]Enhanced TightVNC Viewer page where much of this is now automated. - Q-42: How can I tunnel my connection to x11vnc via an encrypted SSH + Q-43: How can I tunnel my connection to x11vnc via an encrypted SSH channel from Windows using an SSH client like Putty? - [362]Above we described how to tunnel VNC via SSH from Unix to Unix, + [364]Above we described how to tunnel VNC via SSH from Unix to Unix, you may want to review it. To do this from Windows using Putty it would go something like this: * In the Putty dialog window under 'Session' enter the hostname or @@ -2635,11 +2655,11 @@ fi :0 (plus other cmdline options) in the 'Remote command' Putty setting under 'Connections/SSH'. - See also the [363]Enhanced TightVNC Viewer page where much of this is + See also the [365]Enhanced TightVNC Viewer page where much of this is now automated via the Putty plink utility. - For extra protection feel free to run x11vnc with the [364]-localhost - and [365]-rfbauth/[366]-passwdfile options. + For extra protection feel free to run x11vnc with the [366]-localhost + and [367]-rfbauth/[368]-passwdfile options. If the machine you SSH into via Putty is not the same machine with the X display you wish to view (e.g. your company provides incoming SSH @@ -2647,21 +2667,21 @@ fi dialog setting to: 'Destination: otherhost:5900', Once logged in, you'll need to do a second login (ssh or rsh) to the workstation machine 'otherhost' and then start up x11vnc on it. This can also be - automated by [367]chaining ssh's. + automated by [369]chaining ssh's. - As discussed [368]above another option is to first start the VNC + As discussed [370]above another option is to first start the VNC viewer in "listen" mode, and then launch x11vnc with the - "[369]-connect localhost" option to establish the reverse connection. + "[371]-connect localhost" option to establish the reverse connection. In this case a Remote port redirection (not Local) is needed for port 5500 instead of 5900 (i.e. 'Source port: 5500' and 'Destination: localhost:5500' for a Remote connection). - Q-43: How can I tunnel my connection to x11vnc via an encrypted SSL + Q-44: How can I tunnel my connection to x11vnc via an encrypted SSL channel using an external tool like stunnel? It is possible to use a "lighter weight" encryption setup than SSH or - IPSEC. SSL tunnels such as [370]stunnel provide an encrypted channel + IPSEC. SSL tunnels such as [372]stunnel provide an encrypted channel without the need for Unix users, passwords, and key passphrases required for ssh (and at the other extreme SSL can also provide a complete signed certificate chain of trust). OTOH, since SSH is @@ -2669,12 +2689,12 @@ fi ssh is frequently the path of least resistance (it also nicely manages public keys for you). - Update: As of Feb/2006 x11vnc has the options [371]-ssl, - [372]-stunnel, and [373]-sslverify to provide integrated SSL schemes. - They are discussed [374]in the Next FAQ (you may want to skip to it + Update: As of Feb/2006 x11vnc has the options [373]-ssl, + [374]-stunnel, and [375]-sslverify to provide integrated SSL schemes. + They are discussed [376]in the Next FAQ (you may want to skip to it now). - Here are some basic examples using [375]stunnel but the general idea + Here are some basic examples using [377]stunnel but the general idea for any SSL tunnel utility is the same: * Start up x11vnc and constrain it to listen on localhost. * Then start up the SSL tunnel running on the same machine to @@ -2698,7 +2718,7 @@ fi The above two commands are run on host "far-away.east". The stunnel.pem is the self-signed PEM file certificate created when - stunnel is built. One can also create certificates [376]signed by + stunnel is built. One can also create certificates [378]signed by Certificate Authorities or self-signed if desired using the x11vnc utilities described there. @@ -2712,7 +2732,7 @@ fi Then point the viewer to the local tunnel on port 5902: vncviewer -encodings "copyrect tight zrle hextile" localhost:2 - That's it. (note that the [377]ssl_vncviewer script can automate + That's it. (note that the [379]ssl_vncviewer script can automate this.) Be sure to use a VNC password because unlike ssh by default the @@ -2720,13 +2740,13 @@ fi some extra configuration one could also set up certificates to provide authentication of either or both sides as well (and hence avoid man-in-the-middle attacks). See the stunnel and openssl documentation - and also [378]the key management section for details. + and also [380]the key management section for details. stunnel has also been ported to Windows, and there are likely others to choose from for that OS. Much info for using it on Windows can be - found at the stunnel site and in this [379]article The article also + found at the stunnel site and in this [381]article The article also shows the detailed steps to set up all the authentication - certificates. (for both server and clients, see also the [380]x11vnc + certificates. (for both server and clients, see also the [382]x11vnc utilities that do this). The default Windows client setup (no certs) is simpler and only 4 files are needed in a folder: stunnel.exe, stunnel.conf, libssl32.dll, libeay32.dll. We used an stunnel.conf @@ -2747,7 +2767,7 @@ connect = far-away.east:5901 As an aside, if you don't like the little "gap" of unencrypted TCP traffic (and a localhost listening socket) on the local machine between stunnel and x11vnc it can actually be closed by having stunnel - start up x11vnc in [381]-inetd mode: + start up x11vnc in [383]-inetd mode: stunnel -p /path/to/stunnel.pem -P none -d 5900 -l ./x11vnc_sh Where the script x11vnc_sh starts up x11vnc: @@ -2790,28 +2810,28 @@ connect = 5900 they probably wouldn't work since the SSL negotiation is likely embedded in the VNC protocol unlike our case where it is external. - Note: as of Mar/2006 libvncserver/x11vnc provides a [382]SSL-enabled - Java applet that can be served up via the [383]-httpdir or [384]-http - options when [385]-ssl is enabled. It will also be served via HTTPS + Note: as of Mar/2006 libvncserver/x11vnc provides a [384]SSL-enabled + Java applet that can be served up via the [385]-httpdir or [386]-http + options when [387]-ssl is enabled. It will also be served via HTTPS via either the VNC port (e.g. https://host:5900/) or a 2nd port via - the [386]-https option. + the [388]-https option. In general current SSL VNC solutions are not particularly "seemless". But it can be done, and with a wrapper script on the viewer side and - the [387]-stunnel or [388]-ssl option on the server side it works well - and is convenient. Here is a simple script [389]ssl_vncviewer that + the [389]-stunnel or [390]-ssl option on the server side it works well + and is convenient. Here is a simple script [391]ssl_vncviewer that automates running stunnel on the VNC viewer side on Unix a little more carefully than the commands printed above. (One could probably do a similar thing with a .BAT file on Windows in the stunnel folder.) - Update Jul/2006: we now provide an [390]Enhanced TightVNC Viewer + Update Jul/2006: we now provide an [392]Enhanced TightVNC Viewer package that starts up STUNNEL automatically along with some other features. All binaries are provided in the package. - Q-44: Does x11vnc have built-in SSL tunneling? + Q-45: Does x11vnc have built-in SSL tunneling? - You can read about non-built-in methods [391]in the Previous FAQ + You can read about non-built-in methods [393]in the Previous FAQ SSL tunnels provide an encrypted channel without the need for Unix users, passwords, and key passphrases required for ssh (and at the @@ -2822,14 +2842,14 @@ connect = 5900 Built-in SSL x11vnc options: - As of Feb/2006 the x11vnc [392]-ssl and [393]-stunnel options automate - the SSL tunnel creation on the x11vnc server side. An [394]SSL-enabled + As of Feb/2006 the x11vnc [394]-ssl and [395]-stunnel options automate + the SSL tunnel creation on the x11vnc server side. An [396]SSL-enabled Java Viewer applet is also provided that can be served via HTTP or HTTPS to automate SSL on the client side. - The [395]-ssl mode uses the [396]www.openssl.org library if available - at build time. The [397]-stunnel mode requires the - [398]www.stunnel.org command stunnel(8) to be installed on the system. + The [397]-ssl mode uses the [398]www.openssl.org library if available + at build time. The [399]-stunnel mode requires the + [400]www.stunnel.org command stunnel(8) to be installed on the system. Both modes require an SSL certificate and key (i.e. .pem file). These are usually created via the openssl(1) (in fact in for options "-ssl" @@ -2881,12 +2901,12 @@ connect = 5900 is to encrypt the key with a passphrase (note however this requires supplying the passphrase each time x11vnc is started up). - See the discussion on [399]x11vnc Key Management for some utilities + See the discussion on [401]x11vnc Key Management for some utilities provided for creating and managing certificates and keys and even for creating your own Certificate Authority (CA) for signing VNC server and client certificates. This may be done by importing the certificate into Web Browser or Java plugin keystores, or pointing stunnel to it. - The wrapper script [400]ssl_vncviewer provides an example on unix + The wrapper script [402]ssl_vncviewer provides an example on unix (-verify option). Here are some notes on the simpler default (non-CA) operation. To have @@ -2902,7 +2922,7 @@ connect = 5900 to machines where the VNC Viewer will be run to enable authenticating the x11vnc SSL VNC server to the clients. When authentication takes place this way (or via the more sophisticated CA signing described - [401]here), then Man-In-The-Middle-Attacks are prevented. Otherwise, + [403]here), then Man-In-The-Middle-Attacks are prevented. Otherwise, the SSL encryption only provides protection against passive network traffic "sniffing". Nowadays, most people seem mostly concerned about only the latter (and the default x11vnc SSL modes protect against it.) @@ -2927,10 +2947,10 @@ connect = 5900 including using https to download it into the browser and connect to x11vnc. - See the [402]next FAQ for SSL enabled VNC Viewers. + See the [404]next FAQ for SSL enabled VNC Viewers. - Q-45: How do I use VNC Viewers with built-in SSL tunneling? + Q-46: How do I use VNC Viewers with built-in SSL tunneling? Notes on the SSL enabled Java VNC Viewer provided in classes/ssl/VncViewer.jar: @@ -2938,9 +2958,9 @@ connect = 5900 The SSL enabled Java VNC Viewer (VncViewer.jar) in the x11vnc package supports only SSL based connections by default (set the applet parameter disableSSL=yes in index.vnc to override). As mentioned above - the [403]-httpdir can be used to specify the path to .../classes/ssl. + the [405]-httpdir can be used to specify the path to .../classes/ssl. A typical location might be /usr/local/share/x11vnc/classes/ssl. Or - [404]-http can be used to try to have it find the directory + [406]-http can be used to try to have it find the directory automatically. The Java viewer uses SSL to communicate securely with x11vnc. Note @@ -2965,7 +2985,7 @@ connect = 5900 example) can occasionally be slow or unreliable (it has to read some input and try to guess if the connection is VNC or HTTP). If it is unreliable and you still want to serve the Java applet via https, use - the [405]-https option to get an additional port dedicated to https + the [407]-https option to get an additional port dedicated to https (its URL will also be printed in the output). Another possibility is to add the GET applet parameter: @@ -2978,7 +2998,7 @@ connect = 5900 You may also use "?GET=somestring" to have /somestring prepended to /request.https.vnc.connection". Perhaps you are using a web server - [406]proxy scheme to enter a firewall or otherwise have rules applied + [408]proxy scheme to enter a firewall or otherwise have rules applied to the URL. If you need to have any slashes "/" in "somestring" use "_2F_" (a deficiency in libvncserver prevents using the more natural "%2F".) @@ -3002,7 +3022,7 @@ connect = 5900 connection is VNC instead of the HTTPS it actually is (but since you have paused too long at the dialog the GET request comes too late). Often hitting Reload and going through the dialogs more quickly will - let you connect. Use the [407]-https option if you want a dedicated + let you connect. Use the [409]-https option if you want a dedicated port for HTTPS connections instead of sharing the VNC port. @@ -3011,10 +3031,10 @@ connect = 5900 If you want to use a native VNC Viewer with the SSL enabled x11vnc you will need to run an external SSL tunnel on the Viewer side. There do not seem to be any native SSL VNC Viewers outside of the x11vnc - package. The basic ideas of doing this were discussed [408]for + package. The basic ideas of doing this were discussed [410]for external tunnel utilities here. - The [409]ssl_vncviewer script provided with x11vnc can set up the + The [411]ssl_vncviewer script provided with x11vnc can set up the stunnel tunnel automatically on unix as long as the stunnel command is installed on the Viewer machine and available in PATH (and vncviewer too of course). Note that on Debian based system you will need to @@ -3046,19 +3066,19 @@ connect = 5900 The fifth one shows that Web proxies can be used if that is the only way to get out of the firewall. If the "double proxy" situation arises - separate the two by commas. See [410]this page for more information on + separate the two by commas. See [412]this page for more information on how Web proxies come into play. - If one uses a Certificate Authority (CA) scheme described [411]here, + If one uses a Certificate Authority (CA) scheme described [413]here, the wrapper script would use the CA cert instead of the server cert: 3') ssl_vncviewer -verify ./cacert.crt far-away.east:0 - Update Jul/2006: we now provide an [412]Enhanced TightVNC Viewer + Update Jul/2006: we now provide an [414]Enhanced TightVNC Viewer package that starts up STUNNEL automatically along with some other features. All binaries are provided in the package. - Q-46: How do I use VNC Viewers with built-in SSL tunneling when going + Q-47: How do I use VNC Viewers with built-in SSL tunneling when going through a Web Proxy? The SSL enabled Java VNC Viewer and firewall Proxies: @@ -3089,7 +3109,7 @@ connect = 5900 (instead of the unsigned one in https://yourmachine.com:5900/ that gives the default index.vnc) - Note that the [413]ssl_vncviewer stunnel wrapper script can use Web + Note that the [415]ssl_vncviewer stunnel wrapper script can use Web proxies as well. Proxies that limit CONNECT to ports 443 and 563: @@ -3118,23 +3138,23 @@ connect = 5900 https://yourmachine.com/proxy.vnc?PORT=443 this is cleaner because it avoids editing the file, but requires more - parameters in the URL. To use the GET [414]trick discussed above, do: + parameters in the URL. To use the GET [416]trick discussed above, do: https://yourmachine.com/proxy.vnc?PORT=443&GET=1 - Q-47: Can Apache web server act as a gateway for users to connect via + Q-48: Can Apache web server act as a gateway for users to connect via SSL from the Internet with a Web browser to x11vnc running on their workstations behind a firewall? Yes. You will need to configure apache to forward these connections. - It is discussed [415]here. This provides a clean alternative to the + It is discussed [417]here. This provides a clean alternative to the traditional method where the user uses SSH to log in through the gateway to create the encrypted port redirection to x11vnc running on her desktop. - Q-48: Can I create and use my own SSL Certificate Authority (CA) with + Q-49: Can I create and use my own SSL Certificate Authority (CA) with x11vnc? - Yes, see [416]this page for how to do this and the utility commands + Yes, see [418]this page for how to do this and the utility commands x11vnc provides to create and manage many types of certificates and private keys. @@ -3142,7 +3162,7 @@ connect = 5900 [Display Managers and Services] - Q-49: How can I run x11vnc as a "service" that is always available? + Q-50: How can I run x11vnc as a "service" that is always available? There are a number of ways to do this. The primary thing you need to decide is whether you want x11vnc to connect to the X session on the @@ -3153,13 +3173,13 @@ connect = 5900 need to have sufficient permissions to connect to the X display. Here are some ideas: - * Use the description under "Continuously" in the [417]FAQ on x11vnc + * Use the description under "Continuously" in the [419]FAQ on x11vnc and Display Managers - * Use the description in the [418]FAQ on x11vnc and inetd(8) - * Use the description in the [419]FAQ on Unix user logins and + * Use the description in the [420]FAQ on x11vnc and inetd(8) + * Use the description in the [421]FAQ on Unix user logins and inetd(8) * Start x11vnc from your $HOME/.xsession (or $HOME/.xinitrc) - * Although less reliable, see the [420]x11vnc_loop rc.local hack + * Although less reliable, see the [422]x11vnc_loop rc.local hack below. The display manager scheme will not be specific to which user has the @@ -3178,7 +3198,7 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg plus any other options you desire. - Q-50: How can I use x11vnc to connect to an X login screen like xdm, + Q-51: How can I use x11vnc to connect to an X login screen like xdm, GNOME gdm, KDE kdm, or CDE dtlogin? (i.e. nobody is logged into an X session yet). @@ -3190,7 +3210,7 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg while running x11vnc as root, e.g. for the gnome display manager, gdm: x11vnc -auth /var/gdm/:0.Xauth -display :0 - (the [421]-auth option sets the XAUTHORITY variable for you). + (the [423]-auth option sets the XAUTHORITY variable for you). There will be a similar thing for xdm using however a different auth directory path (perhaps something like @@ -3215,7 +3235,7 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg auth file should be in /var/dt), you'll also need to add something like Dtlogin*grabServer:False to the Xconfig file (/etc/dt/config/Xconfig or /usr/dt/config/Xconfig on Solaris, see - [422]the example at the end of this FAQ). Then restart dtlogin, e.g.: + [424]the example at the end of this FAQ). Then restart dtlogin, e.g.: /etc/init.d/dtlogin stop; /etc/init.d/dtlogin start or reboot. Continuously. Have x11vnc reattach each time the X server is @@ -3278,7 +3298,7 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg Then restart: /usr/sbin/gdm-restart (or reboot). The KillInitClients=false setting is important: without it x11vnc will be - killed immediately after the user logs in. Here are [423]full details + killed immediately after the user logs in. Here are [425]full details on how to configure gdm _________________________________________________________________ @@ -3320,24 +3340,24 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg If you do not want to deal with any display manager startup scripts, here is a kludgey script that can be run manually or out of a boot - file like rc.local: [424]x11vnc_loop It will need some local + file like rc.local: [426]x11vnc_loop It will need some local customization before running. Because the XAUTHORITY auth file must be guessed by this script, use of the display manager script method - described above is greatly preferred. There is also the [425]-loop + described above is greatly preferred. There is also the [427]-loop option that does something similar. If the machine is a traditional Xterminal you may want to read - [426]this FAQ. + [428]this FAQ. - Q-51: Can I run x11vnc out of inetd(8)? How about xinetd(8)? + Q-52: Can I run x11vnc out of inetd(8)? How about xinetd(8)? Yes, perhaps a line something like this in /etc/inetd.conf will do it for you: 5900 stream tcp nowait root /usr/sbin/tcpd /usr/local/bin/x11vnc_sh - where the shell script /usr/local/bin/x11vnc_sh uses the [427]-inetd + where the shell script /usr/local/bin/x11vnc_sh uses the [429]-inetd option and looks something like (you'll need to customize to your settings). #!/bin/sh @@ -3350,7 +3370,7 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg and that confuses it greatly, causing it to abort). If you do not use a wrapper script as above but rather call x11vnc directly in /etc/inetd.conf and do not redirect stderr to a file, then you must - specify the -q (aka [428]-quiet) option: "/usr/local/bin/x11vnc -q + specify the -q (aka [430]-quiet) option: "/usr/local/bin/x11vnc -q -inetd ...". When you supply both -q and -inet and no "-o logfile" then stderr will automatically be closed (to prevent, e.g. library stderr messages leaking out to the viewer). The recommended practice @@ -3358,12 +3378,12 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg script with "2>logfile" redirection because the errors and warnings printed out are very useful in troubleshooting problems. - Note also the need to set XAUTHORITY via [429]-auth to point to the + Note also the need to set XAUTHORITY via [431]-auth to point to the MIT-COOKIE auth file to get permission to connect to the X display (setting and exporting the XAUTHORITY variable accomplishes the same thing). See the x11vnc_loop file in the previous question for more ideas on what that auth file may be, etc. The scheme described in the - [430]FAQ on Unix user logins and inetd(8) works around the XAUTHORITY + [432]FAQ on Unix user logins and inetd(8) works around the XAUTHORITY issue nicely. Note: On Solaris you cannot have the bare number 5900 in @@ -3425,16 +3445,16 @@ service x11vncservice capture a log) - Q-52: Can I have x11vnc allow a user to log in with her UNIX password + Q-53: Can I have x11vnc allow a user to log in with her UNIX password and then have it find her X display on that machine and connect to it? - The easiest way to do this is via [431]inetd(8) using the [432]-unixpw - and [433]-display WAIT options. The reason inetd(8) makes this easier + The easiest way to do this is via [433]inetd(8) using the [434]-unixpw + and [435]-display WAIT options. The reason inetd(8) makes this easier is that it starts a new x11vnc process for each new user connection. Otherwise a wrapper would have to listen for connections and spawn new - x11vnc's (see [434]this example). + x11vnc's (see [436]this example). - The [435]-display WAIT option makes x11vnc wait until a VNC viewer is + The [437]-display WAIT option makes x11vnc wait until a VNC viewer is connected before attaching to the X display. Additionally it can be used to run an external command that returns the DISPLAY and XAUTHORITY data. So one could supply "-display @@ -3477,7 +3497,7 @@ exit 0 as the first line and any remaining lines are either XAUTHORITY=file or raw xauth data (the above example does the latter). - The [436]-unixpw option allows [437]UNIX password logins. Here are a + The [438]-unixpw option allows [439]UNIX password logins. Here are a couple /etc/inetd.conf examples for this: 5900 stream tcp nowait nobody /usr/sbin/tcpd /usr/local/bin/x11vnc -inetd -unixpw \ @@ -3497,9 +3517,9 @@ xpw= directory will need to be set up to allow "nobody" to use them. In the second one x11vnc is run as root and switches to the user that - logs in due to the "[438]-users unixpw=" option. + logs in due to the "[440]-users unixpw=" option. - Note that [439]SSL is required for this mode because otherwise the + Note that [441]SSL is required for this mode because otherwise the unix password would be passed in clear text over the network. In general -unixpw is not required for this sort of scheme, but it is convenient because it determines exactly who the user is whose display @@ -3507,21 +3527,21 @@ xpw= some method to work out DISPLAY, XAUTHORITY, etc. - Q-53: Can I have x11vnc restart itself after it terminates? + Q-54: Can I have x11vnc restart itself after it terminates? One could do this in a shell script, but now there is an option - [440]-loop that makes it easier. Of course when x11vnc restarts it + [442]-loop that makes it easier. Of course when x11vnc restarts it needs to have permissions to connect to the (potentially new) X display. This mode could be useful if the X server restarts often. Use e.g. "-loop5000" to sleep 5000 ms between restarts. Also "-loop2000,5" to sleep 2000 ms and only restart 5 times. - Q-54: How do I make x11vnc work with the Java VNC viewer applet in a + Q-55: How do I make x11vnc work with the Java VNC viewer applet in a web browser? To have x11vnc serve up a Java VNC viewer applet to any web browsers - that connect to it, run x11vnc with this [441]option: + that connect to it, run x11vnc with this [443]option: -httpdir /path/to/the/java/classes/dir (this directory will contain the files index.vnc and, for example, @@ -3540,7 +3560,7 @@ xpw= then you can connect to that URL with any Java enabled browser. Feel free to customize the default index.vnc file in the classes directory. - As of May/2005 the [442]-http option will try to guess where the Java + As of May/2005 the [444]-http option will try to guess where the Java classes jar file is by looking in expected locations and ones relative to the x11vnc binary. @@ -3550,13 +3570,13 @@ xpw= java -cp ./VncViewer.jar VncViewer HOST far-away.east PORT 5900 - Q-55: Are reverse connections (i.e. the VNC server connecting to the + Q-56: Are reverse connections (i.e. the VNC server connecting to the VNC viewer) using "vncviewer -listen" and vncconnect(1) supported? As of Mar/2004 x11vnc supports reverse connections. On Unix one starts the VNC viewer in listen mode: vncviewer -listen (see your documentation for Windows, etc), and then starts up x11vnc with the - [443]-connect option. To connect immediately at x11vnc startup time + [445]-connect option. To connect immediately at x11vnc startup time use the "-connect host:port" option (use commas for a list of hosts to connect to). The ":port" is optional (default is 5500). @@ -3564,7 +3584,7 @@ xpw= file is checked periodically (about once a second) for new hosts to connect to. - The [444]-remote control option (aka -R) can also be used to do this + The [446]-remote control option (aka -R) can also be used to do this during an active x11vnc session, e.g.: x11vnc -display :0 -R connect:hostname.domain @@ -3576,7 +3596,7 @@ x11vnc -display :0 -R connect:hostname.domain starting x11vnc. To use the vncconnect(1) program (from the core VNC package at - www.realvnc.com) specify the [445]-vncconnect option to x11vnc (Note: + www.realvnc.com) specify the [447]-vncconnect option to x11vnc (Note: as of Dec/2004 -vncconnect is now the default). vncconnect(1) must be pointed to the same X11 DISPLAY as x11vnc (since it uses X properties to communicate with x11vnc). If you do not have or do not want to get @@ -3590,7 +3610,7 @@ x11vnc -display :0 -R connect:hostname.domain xprop -root -f VNC_CONNECT 8s -set VNC_CONNECT "$1" - Q-56: Can I use x11vnc as a replacement for Xvnc? (i.e. not for a real + Q-57: Can I use x11vnc as a replacement for Xvnc? (i.e. not for a real display, but for a virtual one I keep around). You can, but you would not be doing this for performance reasons (for @@ -3621,7 +3641,7 @@ xprop -root -f VNC_CONNECT 8s -set VNC_CONNECT "$1" There are some annoyances WRT Xvfb though. The default keyboard mapping seems to be very poor. One should run x11vnc with - [446]-add_keysyms option to have keysyms added automatically. Also, to + [448]-add_keysyms option to have keysyms added automatically. Also, to add the Shift_R and Control_R modifiers something like this is needed: #!/bin/sh xmodmap -e "keycode any = Shift_R" @@ -3643,11 +3663,11 @@ xmodmap -e "add Control = Control_L Control_R" The main drawback to this method (besides requiring extra configuration and possibly root permission) is that it also does the - Linux Virtual Console/Terminal (VC/VT) [447]switching even though it + Linux Virtual Console/Terminal (VC/VT) [449]switching even though it does not need to (since it doesn't use a real framebuffer). There are some "dual headed" (actually multi-headed/multi-user) patches to the X server that turn off the VT usage in the X server. Update: As of - Jul/2005 we have an LD_PRELOAD script [448]Xdummy that allows you to + Jul/2005 we have an LD_PRELOAD script [450]Xdummy that allows you to use a stock (i.e. unpatched) Xorg or XFree86 server with the "dummy" driver and not have any VT switching problems! Currently Xdummy needs to be run as root, but with some luck that may be relaxed in the @@ -3667,7 +3687,7 @@ startx -- /path/to/Xdummy :1 testing x11vnc). - Q-57: How can I use x11vnc on "headless" machines? Why might I want + Q-58: How can I use x11vnc on "headless" machines? Why might I want to? An interesting application of x11vnc is to let it export displays of @@ -3679,7 +3699,7 @@ startx -- /path/to/Xdummy :1 An X server can be started on the headless machine (sometimes this requires configuring the X server to not fail if it cannot detect a keyboard or mouse, see the next paragraph). Then you can export that X - display via x11vnc (e.g. see [449]this FAQ) and access it from + display via x11vnc (e.g. see [451]this FAQ) and access it from anywhere on the network via a VNC viewer. Some tips on getting X servers to start on machines without keyboard @@ -3704,7 +3724,7 @@ startx -- /path/to/Xdummy :1 [Resource Usage and Performance] - Q-58: I have lots of memory, but why does x11vnc fail with shmget: + Q-59: I have lots of memory, but why does x11vnc fail with shmget: No space left on device or Minor opcode of failed request: 1 (X_ShmAttach)? @@ -3722,7 +3742,7 @@ startx -- /path/to/Xdummy :1 19/03/2004 10:10:58 error creating tile-row shm for len=4 19/03/2004 10:10:58 reverting to single_copytile mode - Here is a shell script [450]shm_clear to list and prompt for removal + Here is a shell script [452]shm_clear to list and prompt for removal of your unattached shm segments (attached ones are skipped). I use it while debugging x11vnc (I use "shm_clear -y" to assume "yes" for each prompt). If x11vnc is regularly not cleaning up its shm segments, @@ -3756,44 +3776,44 @@ ied) in /etc/system. See the next paragraph for more workarounds. To minimize the number of shm segments used by x11vnc try using the - [451]-onetile option (corresponds to only 3 shm segments used, and + [453]-onetile option (corresponds to only 3 shm segments used, and adding -fs 1.0 knocks it down to 2). If you are having much trouble with shm segments, consider disabling shm completely via the - [452]-noshm option. Performance will be somewhat degraded but when + [454]-noshm option. Performance will be somewhat degraded but when done over local machine sockets it should be acceptable (see an - [453]earlier question discussing -noshm). + [455]earlier question discussing -noshm). - Q-59: How can I make x11vnc use less system resources? + Q-60: How can I make x11vnc use less system resources? - The [454]-nap (now on by default) and "[455]-wait n" (where n is the + The [456]-nap (now on by default) and "[457]-wait n" (where n is the sleep between polls in milliseconds, the default is 30 or so) option - are good places to start. Something like "[456]-sb 15" will cause + are good places to start. Something like "[458]-sb 15" will cause x11vnc to go into a deep-sleep mode after 15 seconds of no activity (instead of the default 60). Reducing the X server bits per pixel depth (e.g. to 16bpp or even 8bpp) will further decrease memory I/O and network I/O. The ShadowFB - will make x11vnc's screen polling less severe. Using the [457]-onetile + will make x11vnc's screen polling less severe. Using the [459]-onetile option will use less memory and use fewer shared memory slots (add - [458]-fs 1.0 for one less slot). + [460]-fs 1.0 for one less slot). - Q-60: How can I make x11vnc use MORE system resources? + Q-61: How can I make x11vnc use MORE system resources? - You can try [459]-threads and dial down the wait time (e.g. -wait 1) - and possibly dial down [460]-defer as well. Note that if you try to + You can try [461]-threads and dial down the wait time (e.g. -wait 1) + and possibly dial down [462]-defer as well. Note that if you try to increase the "frame rate" too much you can bog down the server end with the extra work it needs to do compressing the framebuffer data, etc. That said, it is possible to "stream" video via x11vnc if the video window is small enough. E.g. a 256x192 xawtv TV capture window (using - the x11vnc [461]-id option) can be streamed over a LAN or wireless at + the x11vnc [463]-id option) can be streamed over a LAN or wireless at a reasonable frame rate. - Q-61: I use x11vnc over a slow link with high latency (e.g. dialup + Q-62: I use x11vnc over a slow link with high latency (e.g. dialup modem), is there anything I can do to speed things up? Some things you might want to experiment with (many of which will help @@ -3805,7 +3825,7 @@ ied) * Use a smaller desktop size (e.g. 1024x768 instead of 1280x1024) * Make sure the desktop background is a solid color (the background is resent every time it is re-exposed). Consider using the - [462]-solid [color] option to try to do this automatically. + [464]-solid [color] option to try to do this automatically. * Configure your window manager or desktop "theme" to not use fancy images, shading, and gradients for the window decorations, etc. Disable window animations, etc. Maybe your desktop has a "low @@ -3814,9 +3834,9 @@ ied) -> Use Smooth Scrolling (deselect it). * Avoid small scrolls of large windows using the Arrow keys or scrollbar. Try to use PageUp/PageDown instead. (not so much of a - problem in x11vnc 0.7.2 if [463]-scrollcopyrect is active and + problem in x11vnc 0.7.2 if [465]-scrollcopyrect is active and detecting scrolls for the application). - * If the [464]-wireframe option is not available (earlier than + * If the [466]-wireframe option is not available (earlier than x11vnc 0.7.2 or you have disabled it via -nowireframe) then Disable Opaque Moves and Resizes in the window manager/desktop. * However if -wireframe is active (on by default in x11vnc 0.7.2) @@ -3836,7 +3856,7 @@ ied) noticed. VNC viewer parameters: - * Use a [465]TightVNC enabled viewer! (Actually, RealVNC 4.x viewer + * Use a [467]TightVNC enabled viewer! (Actually, RealVNC 4.x viewer with ZRLE encoding is not too bad either; some claim it is faster). * Make sure the tight (or zrle) encoding is being used (look at @@ -3858,42 +3878,42 @@ ied) file. x11vnc parameters: - * Make sure the [466]-wireframe option is active (it should be on by + * Make sure the [468]-wireframe option is active (it should be on by default) and you have Opaque Moves/Resizes Enabled in the window manager. - * Make sure the [467]-scrollcopyrect option is active (it should be + * Make sure the [469]-scrollcopyrect option is active (it should be on by default). This detects scrolls in many (but not all) applications an applies the CopyRect encoding for a big speedup. * Enforce a solid background when VNC viewers are connected via - [468]-solid - * Specify [469]-speeds modem to force the wireframe and + [470]-solid + * Specify [471]-speeds modem to force the wireframe and scrollcopyrect heuristic parameters (and any future ones) to those of a dialup modem connection (or supply the rd,bw,lat numerical values that characterize your link). * If wireframe and scrollcopyrect aren't working, try using the more - drastic [470]-nodragging (no screen updates when dragging mouse, + drastic [472]-nodragging (no screen updates when dragging mouse, but sometimes you miss visual feedback) - * Set [471]-fs 1.0 (disables fullscreen updates) - * Try increasing [472]-wait or [473]-defer (reduces the maximum + * Set [473]-fs 1.0 (disables fullscreen updates) + * Try increasing [474]-wait or [475]-defer (reduces the maximum "frame rate", but won't help much for large screen changes) - * Try the [474]-progressive pixelheight mode with the block + * Try the [476]-progressive pixelheight mode with the block pixelheight 100 or so (delays sending vertical blocks since they may change while viewer is receiving earlier ones) - * If you just want to watch one (simple) window use [475]-id (cuts + * If you just want to watch one (simple) window use [477]-id (cuts down extraneous polling and updates, but can be buggy or insufficient) - * Set [476]-nosel (disables all clipboard selection exchange) - * Use [477]-nocursor and [478]-nocursorpos (repainting the remote + * Set [478]-nosel (disables all clipboard selection exchange) + * Use [479]-nocursor and [480]-nocursorpos (repainting the remote cursor position and shape takes resources and round trips) * On very slow links (e.g. <= 28.8) you may need to increase the - [479]-readtimeout n setting if it sometimes takes more than 20sec + [481]-readtimeout n setting if it sometimes takes more than 20sec to paint the full screen, etc. - * Do not use [480]-fixscreen to automatically refresh the whole + * Do not use [482]-fixscreen to automatically refresh the whole screen, tap three Alt_L's then the screen has painting errors (rare problem). - Q-62: Does x11vnc support the X DAMAGE Xserver extension to find + Q-63: Does x11vnc support the X DAMAGE Xserver extension to find modified regions of the screen quickly and efficiently? Yes, as of Mar/2005 x11vnc will use the X DAMAGE extension by default @@ -3911,7 +3931,7 @@ ied) Note that the DAMAGE extension does not speed up the actual reading of pixels from the video card framebuffer memory, by, say, mirroring them - in main memory. So reading the fb is still painfully [481]slow (e.g. + in main memory. So reading the fb is still painfully [483]slow (e.g. 5MB/sec), and so even using X DAMAGE when large changes occur on the screen the bulk of the time is still spent retrieving them. Not ideal, but use of the ShadowFB XFree86/Xorg option speeds up the reading @@ -3929,27 +3949,27 @@ ied) DAMAGE rectangles to contain real damage. The larger rectangles are only used as hints to focus the traditional scanline polling (i.e. if a scanline doesn't intersect a recent DAMAGE rectangle, the scan is - skipped). You can use the "[482]-xd_area A" option to adjust the size + skipped). You can use the "[484]-xd_area A" option to adjust the size of the trusted DAMAGE rectangles. The default is 20000 pixels (e.g. a 140x140 square, etc). Use "-xd_area 0" to disable the cutoff and trust all DAMAGE rectangles. - The option "[483]-xd_mem f" may also be of use in tuning the - algorithm. To disable using DAMAGE entirely use "[484]-noxdamage". + The option "[485]-xd_mem f" may also be of use in tuning the + algorithm. To disable using DAMAGE entirely use "[486]-noxdamage". - Q-63: When I drag windows around with the mouse or scroll up and down + Q-64: When I drag windows around with the mouse or scroll up and down things really bog down (unless I do the drag in a single, quick motion). Is there anything to do to improve things? - This problem is primarily due to [485]slow hardware read rates from + This problem is primarily due to [487]slow hardware read rates from video cards: as you scroll or move a large window around the screen changes are much too rapid for x11vnc to keep up them (it can usually only read the video card at about 5-10 MB/sec, so it can take a good fraction of a second to read the changes induce from moving a large window, if this to be done a number of times in succession the window or scroll appears to "lurch" forward). See the description in the - [486]-pointer_mode option for more info. The next bottleneck is + [488]-pointer_mode option for more info. The next bottleneck is compressing all of these changes and sending them out to connected viewers, however the VNC protocol is pretty much self-adapting with respect to that (updates are only packaged and sent when viewers ask @@ -3959,26 +3979,26 @@ ied) default should now be much better than before and dragging small windows around should no longer be a huge pain. If for some reason these changes make matters worse, you can go back to the old way via - the "[487]-pointer_mode 1" option. + the "[489]-pointer_mode 1" option. - Also added was the [488]-nodragging option that disables all screen + Also added was the [490]-nodragging option that disables all screen updates while dragging with the mouse (i.e. mouse motion with a button held down). This gives the snappiest response, but might be undesired in some circumstances when you want to see the visual feedback while dragging (e.g. menu traversal or text selection). - As of Dec/2004 the [489]-pointer_mode n option was introduced. n=1 is + As of Dec/2004 the [491]-pointer_mode n option was introduced. n=1 is the original mode, n=2 an improvement, etc.. See the -pointer_mode n help for more info. - Also, in some circumstances the [490]-threads option can improve + Also, in some circumstances the [492]-threads option can improve response considerably. Be forewarned that if more than one vncviewer is connected at the same time then libvncserver may not be thread safe (try to get the viewers to use different VNC encodings, e.g. tight and ZRLE). - As of Apr/2005 two new options (see the [491]wireframe FAQ and - [492]scrollcopyrect FAQ below) provide schemes to sweep this problem + As of Apr/2005 two new options (see the [493]wireframe FAQ and + [494]scrollcopyrect FAQ below) provide schemes to sweep this problem under the rug for window moves or resizes and for some (but not all) window scrolls. These are the preferred way of avoiding the "lurching" problem, contact me if they are not working. (Note on SuSE the RECORD @@ -3986,7 +4006,7 @@ ied) on in xorg.conf) - Q-64: Why not do something like wireframe animations to avoid the + Q-65: Why not do something like wireframe animations to avoid the windows "lurching" when being moved or resized? Nice idea for a hack! As of Apr/2005 x11vnc by default will apply @@ -3997,8 +4017,8 @@ ied) the window move/resize stops, it returns to normal processing: you should only see the window appear in the new position. This spares you from interacting with a "lurching" window between all of the - intermediate steps. BTW the lurching is due to [493]slow video card - read rates (see [494]here too). A displacement, even a small one, of a + intermediate steps. BTW the lurching is due to [495]slow video card + read rates (see [496]here too). A displacement, even a small one, of a large window requires a non-negligible amount of time, a good fraction of a second, to read in from the hardware framebuffer. @@ -4006,7 +4026,7 @@ ied) for -wireframe to do any good. The mode is currently on by default because most people are afflicted - with the problem. It can be disabled with the [495]-nowireframe option + with the problem. It can be disabled with the [497]-nowireframe option (aka -nowf). Why might one want to turn off the wireframing? Since x11vnc is merely guessing when windows are being moved/resized, it may guess poorly for your window-manager or desktop, or even for the way @@ -4051,13 +4071,13 @@ ied) * Maximum time to show a wireframe animation. * Minimum time between sending wireframe outlines. - See the [496]"-wireframe tweaks" option for more details. On a slow + See the [498]"-wireframe tweaks" option for more details. On a slow link, e.g. dialup modem, the parameters may be automatically adjusted for better response. CopyRect encoding: In addition to the above there is the - [497]"-wirecopyrect mode" option. It is also on by default. This + [499]"-wirecopyrect mode" option. It is also on by default. This instructs x11vnc to not only show the wireframe animation, but to also instruct all connected VNC viewers to locally translate the window image data from the original position to the new position on the @@ -4088,7 +4108,7 @@ ied) -nowirecopyrect if this or other painting errors are unacceptable. - Q-65: Can x11vnc try to apply heuristics to detect when a window is + Q-66: Can x11vnc try to apply heuristics to detect when a window is scrolling its contents and use the CopyRect encoding for a speedup? Another nice idea for a hack! As of May/2005 x11vnc will by default @@ -4105,7 +4125,7 @@ ied) requiring the image data to be transmitted over the network. For fast links the speedup is primarily due to x11vnc not having to read the scrolled framebuffer data from the X server (recall that reading from - the hardware framebuffer is [498]slow). + the hardware framebuffer is [500]slow). To do this x11vnc uses the RECORD X extension to snoop the X11 protocol between the X client with the focus window and the X server. @@ -4127,10 +4147,10 @@ ied) the X server display: if one falls too far behind it could become a mess... - The initial implementation of [499]-scrollcopyrect option is useful in + The initial implementation of [501]-scrollcopyrect option is useful in that it detects many scrolls and thus gives a much nicer working - environment (especially when combined with the [500]-wireframe - [501]-wirecopyrect [502]options, which are also on by default; and if + environment (especially when combined with the [502]-wireframe + [503]-wirecopyrect [504]options, which are also on by default; and if you are willing to enable the ShadowFB things are very fast). The fact that there aren't long delays or lurches during scrolling is the primary improvement. @@ -4163,10 +4183,10 @@ ied) One can tap the Alt_L key (Left "Alt" key) 3 times in a row to signal x11vnc to refresh the screen to all viewers. Your VNC-viewer may have its own screen refresh hot-key or button. See - also: [503]-fixscreen + also: [505]-fixscreen * Some applications, notably OpenOffice, do XCopyArea scrolls in weird ways that assume ancestor window clipping is taking place. - See the [504]-scr_skip option for ways to tweak this on a + See the [506]-scr_skip option for ways to tweak this on a per-application basis. * Selecting text while dragging the mouse may be slower, especially if the Button-down event happens near the window's edge. This is @@ -4183,7 +4203,7 @@ ied) because it fails to detect scrolls in it. Sometimes clicking inside the application window or selecting some text in it to force the focus helps. - * When using the [505]-scale option there will be a quick CopyRect + * When using the [507]-scale option there will be a quick CopyRect scroll, but it needs to be followed by a slower "cleanup" update. This is because for a fixed finite screen resolution (e.g. 75 dpi) scaling and copyrect-ing are not exactly independent. Scaling @@ -4196,7 +4216,7 @@ ied) If you find the -scrollcopyrect behavior too approximate or distracting you can go back to the standard polling-only update method - with the [506]-noscrollcopyrect (or -noscr for short). If you find + with the [508]-noscrollcopyrect (or -noscr for short). If you find some extremely bad and repeatable behavior for -scrollcopyrect please report a bug. @@ -4220,7 +4240,7 @@ ied) [Mouse Cursor Shapes] - Q-66: Why isn't the mouse cursor shape (the little icon shape where + Q-67: Why isn't the mouse cursor shape (the little icon shape where the mouse pointer is) correct as I move from window to window? On X servers supporting XFIXES or Solaris/IRIX Overlay extensions it @@ -4235,23 +4255,23 @@ ied) this is because the cursor shape is often downloaded to the graphics hardware (video card), but I could be mistaken. - A simple kludge is provided by the "[507]-cursor X" option that + A simple kludge is provided by the "[509]-cursor X" option that changes the cursor when the mouse is on the root background (or any window has the same cursor as the root background). Note that desktops like GNOME or KDE often cover up the root background, so this won't - work for those cases. Also see the "[508]-cursor some" option for + work for those cases. Also see the "[510]-cursor some" option for additional kludges. Note that as of Aug/2004 on Solaris using the SUN_OVL overlay extension and IRIX, x11vnc can show the correct mouse cursor when the - [509]-overlay option is supplied. See [510]this FAQ for more info. + [511]-overlay option is supplied. See [512]this FAQ for more info. Also as of Dec/2004 XFIXES X extension support has been added to allow exact extraction of the mouse cursor shape. XFIXES fixes the problem of the cursor-shape being write-only: x11vnc can now query the X server for the current shape and send it back to the connected viewers. XFIXES is available on recent Linux Xorg based distros and - [511]Solaris 10. + [513]Solaris 10. The only XFIXES issue is the handling of alpha channel transparency in cursors. If a cursor has any translucency then in general it must be @@ -4259,10 +4279,10 @@ ied) situations where the cursor transparency can also handled exactly: when the VNC Viewer requires the cursor shape be drawn into the VNC framebuffer or if you apply a patch to your VNC Viewer to extract - hidden alpha channel data under 32bpp. [512]Details can be found here. + hidden alpha channel data under 32bpp. [514]Details can be found here. - Q-67: When using XFIXES cursorshape mode, some of the cursors look + Q-68: When using XFIXES cursorshape mode, some of the cursors look really bad with extra black borders around the cursor and other cruft. How can I improve their appearance? @@ -4292,17 +4312,17 @@ ied) for most cursor themes and you don't have to worry about it. In case it still looks bad for your cursor theme, there are (of - course!) some tunable parameters. The "[513]-alphacut n" option lets + course!) some tunable parameters. The "[515]-alphacut n" option lets you set the threshold "n" (between 0 and 255): cursor pixels with alpha values below n will be considered completely transparent while values equal to or above n will be completely opaque. The default is - 240. The "[514]-alphafrac f" option tries to correct individual + 240. The "[516]-alphafrac f" option tries to correct individual cursors that did not fare well with the default -alphacut value: if a cursor has less than fraction f (between 0.0 and 1.0) of its pixels selected by the default -alphacut, the threshold is lowered until f of its pixels are selected. The default fraction is 0.33. - Finally, there is an option [515]-alpharemove that is useful for + Finally, there is an option [517]-alpharemove that is useful for themes where many cursors are light colored (e.g. "whiteglass"). XFIXES returns the cursor data with the RGB values pre-multiplied by the alpha value. If the white cursors look too grey, specify @@ -4320,7 +4340,7 @@ ied) heavily on redglass) look fine with the apparent default of alphacut:255. - Q-68: In XFIXES mode, are there any hacks to handle cursor + Q-69: In XFIXES mode, are there any hacks to handle cursor transparency ("alpha channel") exactly? As of Jan/2005 libvncserver has been modified to allow an alpha @@ -4328,10 +4348,10 @@ ied) alpha channel data to libvncserver. However, this data will only be used for VNC clients that do not support the CursorShapeUpdates VNC extension (or have disabled it). It can be disabled for all clients - with the [516]-nocursorshape x11vnc option. In this case the cursor is + with the [518]-nocursorshape x11vnc option. In this case the cursor is drawn, correctly blended with the background, into the VNC framebuffer before being sent out to the client. So the alpha blending is done on - the x11vnc side. Use the [517]-noalphablend option to disable this + the x11vnc side. Use the [519]-noalphablend option to disable this behavior (always approximate transparent cursors with opaque RGB values). @@ -4355,17 +4375,17 @@ ied) example on how to change the Windows TightVNC viewer to achieve the same thing (send me the patch if you get that working). - This patch is applied to the [518]Enhanced TightVNC Viewer package we + This patch is applied to the [520]Enhanced TightVNC Viewer package we provide. [Mouse Pointer] - Q-69: Why does the mouse arrow just stay in one corner in my + Q-70: Why does the mouse arrow just stay in one corner in my vncviewer, whereas my cursor (that does move) is just a dot? - This default takes advantage of a [519]tightvnc extension + This default takes advantage of a [521]tightvnc extension (CursorShapeUpdates) that allows specifying a cursor image shape for - the local VNC viewer. You may disable it with the [520]-nocursor + the local VNC viewer. You may disable it with the [522]-nocursor option to x11vnc if your viewer does not have this extension. Note: as of Aug/2004 this should be fixed: the default for @@ -4374,22 +4394,22 @@ ied) can also be disabled via -nocursor. - Q-70: Can I take advantage of the TightVNC extension to the VNC + Q-71: Can I take advantage of the TightVNC extension to the VNC protocol where Cursor Positions Updates are sent back to all connected clients (i.e. passive viewers can see the mouse cursor being moved around by another viewer)? - Use the [521]-cursorpos option when starting x11vnc. A VNC viewer must + Use the [523]-cursorpos option when starting x11vnc. A VNC viewer must support the Cursor Positions Updates for the user to see the mouse motions (the TightVNC viewers support this). As of Aug/2004 -cursorpos - is the default. See also [522]-nocursorpos and [523]-nocursorshape. + is the default. See also [524]-nocursorpos and [525]-nocursorshape. - Q-71: Is it possible to swap the mouse buttons (e.g. left-handed + Q-72: Is it possible to swap the mouse buttons (e.g. left-handed operation), or arbitrarily remap them? How about mapping button clicks to keystrokes, e.g. to partially emulate Mouse wheel scrolling? - You can remap the mouse buttons via something like: [524]-buttonmap + You can remap the mouse buttons via something like: [526]-buttonmap 13-31 (or perhaps 12-21). Also, note that xmodmap(1) lets you directly adjust the X server's button mappings, but in some circumstances it might be more desirable to have x11vnc do it. @@ -4397,7 +4417,7 @@ ied) One user had an X server with only one mouse button(!) and was able to map all of the VNC client mouse buttons to it via: -buttonmap 123-111. - Note that the [525]-debug_pointer option prints out much info for + Note that the [527]-debug_pointer option prints out much info for every mouse/pointer event and is handy in solving problems. To map mouse button clicks to keystrokes you can use the alternate @@ -4419,7 +4439,7 @@ ied) Exactly what keystroke "scrolling" events they should be bound to depends on one's taste. If this method is too approximate, one could - consider not using [526]-buttonmap but rather configuring the X server + consider not using [528]-buttonmap but rather configuring the X server to think it has a mouse with 5 buttons even though the physical mouse does not. (e.g. 'Option "ZAxisMapping" "4 5"'). @@ -4446,10 +4466,10 @@ ied) "click" usually gives a multi-line scroll). [Keyboard Issues] - Q-72: How can I get my AltGr and Shift modifiers to work between + Q-73: How can I get my AltGr and Shift modifiers to work between keyboards for different languages? - The option [527]-modtweak should help here. It is a mode that monitors + The option [529]-modtweak should help here. It is a mode that monitors the state of the Shift and AltGr Modifiers and tries to deduce the correct keycode to send, possibly by sending fake modifier key presses and releases in addition to the actual keystroke. @@ -4458,20 +4478,20 @@ ied) to get the old behavior). This was done because it was noticed on newer XFree86 setups even on bland "us" keyboards like "pc104 us" XFree86 included a "ghost" key with both "<" and ">" it. This key does - not exist on the keyboard (see [528]this FAQ for more info). Without + not exist on the keyboard (see [530]this FAQ for more info). Without -modtweak there was then an ambiguity in the reverse map keysym => keycode, making it so the "<" symbol could not be typed. - Also see the [529]FAQ about the -xkb option for a more powerful method + Also see the [531]FAQ about the -xkb option for a more powerful method of modifier tweaking for use on X servers with the XKEYBOARD extension. When trying to resolve keyboard mapping problems, note that the - [530]-debug_keyboard option prints out much info for every keystroke + [532]-debug_keyboard option prints out much info for every keystroke and so can be useful debugging things. - Q-73: When I try to type a "<" (i.e. less than) instead I get ">" + Q-74: When I try to type a "<" (i.e. less than) instead I get ">" (i.e. greater than)! Strangely, typing ">" works OK!! Does your keyboard have a single key with both "<" and ">" on it? Even @@ -4479,9 +4499,9 @@ ied) (e.g. pc105 in the XF86Config file when it should be something else, say pc104). - Short Cut: Try the [531]-xkb or [532]-sloppy_keys options and see if + Short Cut: Try the [533]-xkb or [534]-sloppy_keys options and see if that helps the situation. The discussion below is a bit outdated (e.g. - [533]-modtweak is now the default) but it is useful reference for + [535]-modtweak is now the default) but it is useful reference for various tricks and so is kept. @@ -4524,34 +4544,34 @@ ied) -remap less-comma These are convenient in that they do not modify the actual X server - settings. The former ([534]-modtweak) is a mode that monitors the + settings. The former ([536]-modtweak) is a mode that monitors the state of the Shift and AltGr modifiers and tries to deduce the correct keycode sequence to send. Since Jul/2004 -modtweak is now the default. - The latter ([535]-remap less-comma) is an immediate remapping of the + The latter ([537]-remap less-comma) is an immediate remapping of the keysym less to the keysym comma when it comes in from a client (so when Shift is down the comma press will yield "<"). - See also the [536]FAQ about the -xkb option as a possible workaround + See also the [538]FAQ about the -xkb option as a possible workaround using the XKEYBOARD extension. - Note that the [537]-debug_keyboard option prints out much info for + Note that the [539]-debug_keyboard option prints out much info for every keystroke to aid debugging keyboard problems. - Q-74: When I try to type a "<" (i.e. less than) instead I get "<," + Q-75: When I try to type a "<" (i.e. less than) instead I get "<," (i.e. an extra comma). This is likely because you press "Shift" then "<" but then released - the Shift key before releasing the "<". Because of a [538]keymapping + the Shift key before releasing the "<". Because of a [540]keymapping ambiguity the last event "< up" is interpreted as "," because that key unshifted is the comma. - This should not happen in [539]-xkb mode, because it works hard to + This should not happen in [541]-xkb mode, because it works hard to resolve the ambiguities. If you do not want to use -xkb, try the - option [540]-sloppy_keys to attempt a similar type of algorithm. + option [542]-sloppy_keys to attempt a similar type of algorithm. - Q-75: I'm using an "international" keyboard (e.g. German "de", or + Q-76: I'm using an "international" keyboard (e.g. German "de", or Danish "dk") and the -modtweak mode works well if the VNC viewer is run on a Unix/Linux machine with a similar keyboard. But if I run the VNC viewer on Unix/Linux with a different keyboard (e.g. "us") or @@ -4572,7 +4592,7 @@ ied) In both cases no AltGr is sent to the VNC server, but we know AltGr is needed on the physical international keyboard to type a "@". - This all worked fine with x11vnc running with the [541]-modtweak + This all worked fine with x11vnc running with the [543]-modtweak option (it figures out how to adjust the Modifier keys (Shift or AltGr) to get the "@"). However it fails under recent versions of XFree86 (and the X.org fork). These run the XKEYBOARD extension by @@ -4589,7 +4609,7 @@ ied) * there is a new option -xkb to use the XKEYBOARD extension API to do the Modifier key tweaking. - The [542]-xkb option seems to fix all of the missing keys: "@", "<", + The [544]-xkb option seems to fix all of the missing keys: "@", "<", ">", etc.: it is recommended that you try it if you have this sort of problem. Let us know if there are any remaining problems (see the next paragraph for some known problems). If you specify the -debug_keyboard @@ -4597,7 +4617,7 @@ ied) debugging output (send it along with any problems you report). Update: as of Jun/2005 x11vnc will try to automatically enable - [543]-xkb if it appears that would be beneficial (e.g. if it sees any + [545]-xkb if it appears that would be beneficial (e.g. if it sees any of "@", "<", ">", "[" and similar keys are mapped in a way that needs the -xkb to access them). To disable this automatic check use -noxkb. @@ -4612,7 +4632,7 @@ ied) was attached to keycode 93 (no physical key generates this keycode) while ISO_Level3_Shift was attached to keycode 113. The keycode skipping option was used to disable the ghost key: - [544]-skip_keycodes 93 + [546]-skip_keycodes 93 * In implementing -xkb we noticed that some characters were still not getting through, e.g. "~" and "^". This is not really an XKEYBOARD problem. What was happening was the VNC viewer was @@ -4630,16 +4650,16 @@ ied) What to do? In general the VNC protocol has not really solved this problem: what should be done if the VNC viewer sends a keysym not recognized by the VNC server side? Workarounds can possibly be - created using the [545]-remap x11vnc option: + created using the [547]-remap x11vnc option: -remap asciitilde-dead_tilde,asciicircum-dead_circumflex etc. Use -remap filename if the list is long. Please send us your workarounds for this problem on your keyboard. Perhaps we can have x11vnc adjust automatically at some point. Also see the - [546]-add_keysyms option in the next paragraph. - Update: for convenience "[547]-remap DEAD" does many of these + [548]-add_keysyms option in the next paragraph. + Update: for convenience "[549]-remap DEAD" does many of these mappings at once. - * To complement the above workaround using the [548]-remap, an - option [549]-add_keysyms was added. This option instructs x11vnc + * To complement the above workaround using the [550]-remap, an + option [551]-add_keysyms was added. This option instructs x11vnc to bind any unknown Keysyms coming in from VNC viewers to unused Keycodes in the X server. This modifies the global state of the X server. When x11vnc exits it removes the extra keymappings it @@ -4650,7 +4670,7 @@ ied) disable. - Q-76: When typing I sometimes get double, triple, or more of my + Q-77: When typing I sometimes get double, triple, or more of my keystrokes repeated. I'm sure I only typed them once, what can I do? This may be due to an interplay between your X server's key autorepeat @@ -4658,7 +4678,7 @@ ied) Short answer: disable key autorepeating by running the command "xset r off" on the Xserver where x11vnc is run (restore via "xset r on") or - use the new (Jul/2004) [550]-norepeat x11vnc option. You will still + use the new (Jul/2004) [552]-norepeat x11vnc option. You will still have autorepeating because that is taken care of on your VNC viewer side. @@ -4682,18 +4702,18 @@ ied) off", does the problem go away? The workaround is to manually apply "xset r off" and "xset r on" as - needed, or to use the [551]-norepeat (which has since Dec/2004 been + needed, or to use the [553]-norepeat (which has since Dec/2004 been made the default). Note that with X server autorepeat turned off the VNC viewer side of the connection will (nearly always) do its own autorepeating so there is no big loss here, unless someone is also working at the physical display and misses his autorepeating. - Q-77: The x11vnc -norepeat mode is in effect, but I still get repeated + Q-78: The x11vnc -norepeat mode is in effect, but I still get repeated keystrokes!! Are you using x11vnc to log in to an X session via display manager? - (as described in [552]this FAQ) If so, x11vnc is starting before your + (as described in [554]this FAQ) If so, x11vnc is starting before your session and it disables autorepeat when you connect, but then after you log in your session startup (GNOME, KDE, ...) could be resetting the autorepeat to be on. Or it could be something inside your desktop @@ -4713,11 +4733,11 @@ ied) should figure out how to disable that somehow. - Q-78: The machine where I run x11vnc has an AltGr key, but the local + Q-79: The machine where I run x11vnc has an AltGr key, but the local machine where I run the VNC viewer does not. Is there a way I can map a local unused key to send an AltGr? How about a Compose key as well? - Something like "[553]-remap Super_R-Mode_switch" x11vnc option may + Something like "[555]-remap Super_R-Mode_switch" x11vnc option may work. Note that Super_R is the "Right Windoze(tm) Flaggie" key; you may want to choose another. The -debug_keyboard option comes in handy in finding keysym names (so does xev(1)). @@ -4728,7 +4748,7 @@ ied) specify remappings from a file. - Q-79: I have a Sun machine I run x11vnc on. Its Sun keyboard has just + Q-80: I have a Sun machine I run x11vnc on. Its Sun keyboard has just one Alt key labelled "Alt" and two Meta keys labelled with little diamonds. The machine where I run the VNC viewer only has Alt keys. How can I send a Meta keypress? (e.g. emacs needs this) @@ -4740,18 +4760,18 @@ ied) Since xmodmap(1) modifies the X server mappings you may not want to do this (because it affects local work on that machine). Something like - the [554]-remap Alt_L-Meta_L to x11vnc may be sufficient for ones + the [556]-remap Alt_L-Meta_L to x11vnc may be sufficient for ones needs, and does not modify the X server environment. Note that you cannot send Alt_L in this case, maybe -remap Super_L-Meta_L would be a better choice if the Super_L key is typically unused in Unix. - Q-80: Can I map a keystroke to a mouse button click on the remote + Q-81: Can I map a keystroke to a mouse button click on the remote machine? This can be done directly in some X servers using AccessX and Pointer_EnableKeys, but is a bit awkward. It may be more convenient to - have x11vnc do the remapping. This can be done via the [555]-remap + have x11vnc do the remapping. This can be done via the [557]-remap option using the fake "keysyms" Button1, Button2, etc. as the "to" keys (i.e. the ones after the "-") @@ -4760,7 +4780,7 @@ ied) button "paste" because (using XFree86/Xorg Emulate3Buttons) you have to click both buttons on the touch pad at the same time. This remapping: - [556]-remap Super_R-Button2 + [558]-remap Super_R-Button2 maps the Super_R "flag" key press to the Button2 click, thereby making X pasting a bit easier. @@ -4769,7 +4789,7 @@ ied) are generated immediately on the x11vnc side. When the key is released (i.e. goes up) no events are generated. - Q-81: How can I get Caps_Lock to work between my VNC viewer and + Q-82: How can I get Caps_Lock to work between my VNC viewer and x11vnc? This is a little tricky because it is possible to get the Caps_Lock @@ -4779,14 +4799,14 @@ ied) Caps_Lock in the viewer your local machine goes into the Caps_Lock on state and sends keysym "A" say when you press "a". x11vnc will then fake things up so that Shift is held down to generate "A". The - [557]-skip_lockkeys option should help to accomplish this. For finer - grain control use something like: "[558]-remap Caps_Lock-None". + [559]-skip_lockkeys option should help to accomplish this. For finer + grain control use something like: "[560]-remap Caps_Lock-None". - Also try the [559]-nomodtweak and [560]-capslock options. + Also try the [561]-nomodtweak and [562]-capslock options. [Screen Related Issues and Features] - Q-82: The remote display is larger (in number of pixels) than the + Q-83: The remote display is larger (in number of pixels) than the local display I am running the vncviewer on. I don't like the vncviewer scrollbars, what I can do? @@ -4805,15 +4825,15 @@ ied) There may also be scaling viewers out there (e.g. TightVNC or UltraVNC on Windows) that automatically shrink or expand the remote framebuffer to fit the local display. Especially for hand-held devices. See also - [561]this FAQ on x11vnc scaling. + [563]this FAQ on x11vnc scaling. - Q-83: Does x11vnc support server-side framebuffer scaling? (E.g. to + Q-84: Does x11vnc support server-side framebuffer scaling? (E.g. to make the desktop smaller). As of Jun/2004 x11vnc provides basic server-side scaling. It is a global scaling of the desktop, not a per-client setting. To enable it - use the "[562]-scale fraction" option. "fraction" can either be a + use the "[564]-scale fraction" option. "fraction" can either be a floating point number (e.g. -scale 0.5) or the alternative m/n fraction notation (e.g. -scale 3/4). Note that if fraction is greater than one the display is magnified. @@ -4834,7 +4854,7 @@ ied) One can also use the ":nb" with an integer scale factor (say "-scale 2:nb") to use x11vnc as a screen magnifier for vision impaired - [563]applications. Since with integer scale factors the framebuffers + [565]applications. Since with integer scale factors the framebuffers become huge and scaling operations time consuming, be sure to use ":nb" for the fastest response. @@ -4860,7 +4880,7 @@ ied) If one desires per-client scaling for something like 1:1 from a workstation and 1:2 from a smaller device (e.g. handheld), currently the only option is to run two (or more) x11vnc processes with - different scalings listening on separate ports ([564]-rfbport option, + different scalings listening on separate ports ([566]-rfbport option, etc.). Update: As of May/2006 x11vnc also supports the UltraVNC server-side @@ -4870,8 +4890,8 @@ ied) "-rfbversion 3.6" for this to be recognized by UltraVNC viewers. BTW, whenever you run two or more x11vnc's on the same X display and - use the [565]GUI, then to avoid all of the x11vnc's simultaneously - answering the gui you will need to use something like [566]"-connect + use the [567]GUI, then to avoid all of the x11vnc's simultaneously + answering the gui you will need to use something like [568]"-connect file1 -gui ..." with different connect files for each x11vnc you want to control via the gui (or remote-control). The "-connect file1" usage gives separate communication channels between a x11vnc proces and the @@ -4880,12 +4900,12 @@ ied) Update: As of Mar/2005 x11vnc now scales the mouse cursor with the same scale factor as the screen. If you don't want that, use the - [567]"-scale_cursor frac" option to set the cursor scaling to a + [569]"-scale_cursor frac" option to set the cursor scaling to a different factor (e.g. use "-scale_cursor 1" to keep the cursor at its natural unscaled size). - Q-84: Does x11vnc work with Xinerama? (i.e. multiple monitors joined + Q-85: Does x11vnc work with Xinerama? (i.e. multiple monitors joined together to form one big, single screen). Yes, it should generally work because it simply polls the big @@ -4902,24 +4922,24 @@ ied) screen is not rectangular (e.g. 1280x1024 and 1024x768 monitors joined together), then there will be "non-existent" areas on the screen. The X server will return "garbage" image data for these areas and so they - may be distracting to the viewer. The [568]-blackout x11vnc option + may be distracting to the viewer. The [570]-blackout x11vnc option allows you to blacken-out rectangles by manually specifying their WxH+X+Y geometries. If your system has the libXinerama library, the - [569]-xinerama x11vnc option can be used to have it automatically + [571]-xinerama x11vnc option can be used to have it automatically determine the rectangles to be blackened out. (Note on 8bpp PseudoColor displays the fill color may not be black). Update: - [570]-xinerama is now on by default. + [572]-xinerama is now on by default. Some users have reported that the mouse does not behave properly for their Xinerama display: i.e. the mouse cannot be moved to all regions - of the large display. If this happens try using the [571]-xwarppointer + of the large display. If this happens try using the [573]-xwarppointer option. This instructs x11vnc to fake mouse pointer motions using the XWarpPointer function instead of the XTestFakeMotionEvent XTEST function. (This may be due to a bug in the X server for XTEST when Xinerama is enabled). - Q-85: Can I use x11vnc on a multi-headed display that is not Xinerama + Q-86: Can I use x11vnc on a multi-headed display that is not Xinerama (i.e. separate screens :0.0, :0.1, ... for each monitor)? You can, but it is a little bit awkward: you must start separate @@ -4937,32 +4957,32 @@ ied) Note: if you are running on Solaris 8 or earlier you can easily hit up against the maximum of 6 shm segments per process (for Xsun in this case) from running multiple x11vnc processes. You should modify - /etc/system as mentioned in another [572]FAQ to increase the limit. It - is probably also a good idea to run with the [573]-onetile option in + /etc/system as mentioned in another [574]FAQ to increase the limit. It + is probably also a good idea to run with the [575]-onetile option in this case (to limit each x11vnc to 3 shm segments), or even - [574]-noshm to use no shm segments. + [576]-noshm to use no shm segments. - Q-86: Can x11vnc show only a portion of the display? (E.g. for a + Q-87: Can x11vnc show only a portion of the display? (E.g. for a special purpose rfb application). - As of Mar/2005 x11vnc has the "[575]-clip WxH+X+Y" option to select a + As of Mar/2005 x11vnc has the "[577]-clip WxH+X+Y" option to select a rectangle of width W, height H and offset (X, Y). Thus the VNC screen will be the clipped sub-region of the display and be only WxH in size. - One user used -clip to split up a large [576]Xinerama screen into two + One user used -clip to split up a large [578]Xinerama screen into two more managable smaller screens. This also works to view a sub-region of a single application window if - the [577]-id or [578]-sid options are used. The offset is measured + the [579]-id or [580]-sid options are used. The offset is measured from the upper left corner of the selected window. - Q-87: Does x11vnc support the XRANDR (X Resize, Rotate and Reflection) + Q-88: Does x11vnc support the XRANDR (X Resize, Rotate and Reflection) extension? Whenever I rotate or resize the screen x11vnc just seems to crash. As of Dec/2004 x11vnc supports XRANDR. You enable it with the - [579]-xrandr option to make x11vnc monitor XRANDR events and also trap + [581]-xrandr option to make x11vnc monitor XRANDR events and also trap X server errors if the screen change occurred in the middle of an X call like XGetImage. Once it traps the screen change it will create a new framebuffer using the new screen. @@ -4972,9 +4992,9 @@ ied) then the viewer will automatically resize. Otherwise, the new framebuffer is fit as best as possible into the original viewer size (portions of the screen may be clipped, unused, etc). For these - viewers you can try the [580]-padgeom option to make the region big + viewers you can try the [582]-padgeom option to make the region big enough to hold all resizes and rotations. We have fixed this problem - for the TightVNC Viewer on Unix: [581]enhanced_tightvnc_viewer + for the TightVNC Viewer on Unix: [583]enhanced_tightvnc_viewer If you specify "-xrandr newfbsize" then vnc viewers that do not support NewFBSize will be disconnected before the resize. If you @@ -4982,21 +5002,21 @@ ied) terminate. - Q-88: Independent of any XRANDR, can I have x11vnc rotate and/or + Q-89: Independent of any XRANDR, can I have x11vnc rotate and/or reflect the screen that the VNC viewers see? (e.g. for a handheld whose screen is rotated 90 degrees). - As of Jul/2006 there is the [582]-rotate option allow this. E.g's: + As of Jul/2006 there is the [584]-rotate option allow this. E.g's: "-rotate +90", "-rotate -90", "-rotate x", etc. - Q-89: Why is the view in my VNC viewer completely black? Or why is + Q-90: Why is the view in my VNC viewer completely black? Or why is everything flashing around randomly? See the next FAQ for a possible explanation. - Q-90: I use Linux Virtual Consoles (VC's) to implement 'Fast User + Q-91: I use Linux Virtual Consoles (VC's) to implement 'Fast User Switching' between users' sessions (e.g. Betty is on Ctrl-Alt-F7, Bobby is on Ctrl-Alt-F8, and Sid is on Ctrl-Alt-F1: they use those keystrokes to switch between their sessions). How come the view in a @@ -5025,7 +5045,7 @@ ied) "chvt 7" for VC #7. - Q-91: I am using x11vnc where my local machine has "popup/hidden + Q-92: I am using x11vnc where my local machine has "popup/hidden taskbars" (e.g. GNOME or MacOS X) and the remote display where x11vnc runs also has "popup/hidden taskbars" (e.g. GNOME). When I move the mouse to the edge of the screen where the popups happen, the taskbars @@ -5038,7 +5058,7 @@ ied) click on the task bar panel, and uncheck "enable auto-hide" from the panel properties dialog box. This will make the panel always visible. - Q-92: Can I use x11vnc to view my VMWare session remotely? + Q-93: Can I use x11vnc to view my VMWare session remotely? Yes, since VMWare usually runs as an X application you can view it via x11vnc in the normal way. @@ -5049,9 +5069,9 @@ ied) * Fullscreen mode The way VMWare does Fullscreen mode on Linux is to display the Guest - desktop in a separate Virtual Console (e.g. VC 8) (see [583]this FAQ + desktop in a separate Virtual Console (e.g. VC 8) (see [585]this FAQ on VC's for background). Unfortunately, this Fullscreen VC is not an X - server. So x11vnc cannot access it (however, [584]see this discussion + server. So x11vnc cannot access it (however, [586]see this discussion of -rawfb for a possible workaround). x11vnc works fine with "Normal X application window" and "Quick-Switch mode" because these use X. @@ -5072,13 +5092,13 @@ ied) improve response. One can also cut the display depth (e.g. to 16bpp) in this 2nd X session to improve video performance. This 2nd X session emulates Fullscreen mode to some degree and can be viewed via x11vnc - as long as the VMWare X session [585]is in the active VC. + as long as the VMWare X session [587]is in the active VC. Also note that with a little bit of playing with "xwininfo -all -children" output one can extract the (non-toplevel) windowid of the of the Guest desktop only when VMWare is running as a normal X application. Then one can export just the guest desktop (i.e. without - the VMWare menu buttons) by use of the [586]-id windowid option. The + the VMWare menu buttons) by use of the [588]-id windowid option. The caveats are the X session VMWare is in must be in the active VC and the window must be fully visible, so this mode is not terribly convenient, but could be useful in some circumstances (e.g. running @@ -5087,14 +5107,14 @@ ied) mouse)). - Q-93: Can non-X devices (e.g. a raw framebuffer) be viewed (and even + Q-94: Can non-X devices (e.g. a raw framebuffer) be viewed (and even controlled) via VNC with x11vnc? As of Apr/2005 there is support for this. Two options were added: - "[587]-rawfb string" (to indicate the raw framembuffer device, file, - etc. and its parameters) and "[588]-pipeinput command" (to provide an + "[589]-rawfb string" (to indicate the raw framembuffer device, file, + etc. and its parameters) and "[590]-pipeinput command" (to provide an external program that will inject or otherwise process mouse and - keystroke input). Some useful [589]-pipeinput schemes, VID, CONSOLE, + keystroke input). Some useful [591]-pipeinput schemes, VID, CONSOLE, and UINPUT, have since been built into x11vnc for convenience. This non-X mode for x11vnc is somewhat experimental because it is so @@ -5132,9 +5152,9 @@ ied) access method). Only use file if map isn't working. BTW, "mmap" is an alias for "map" and if you do not supply a type and the file exists, map is assumed (see the -help output and below for some exceptions to - this). The "snap:" setting applies the [590]-snapfb option with + this). The "snap:" setting applies the [592]-snapfb option with "file:" type reading (this is useful for exporting webcams or TV tuner - video; see [591]the next FAQ for more info). + video; see [593]the next FAQ for more info). Also, if the string is of the form "setup:cmd" then cmd is run and the first line of its output retrieved and used as the rawfb string. This @@ -5175,7 +5195,7 @@ ied) screen to either shm or a mapped file. The format of these is XWD and so the initial header should be skipped. BTW, since XWD is not strictly RGB the view will only be approximate, but usable. Of course - for the case of Xvfb x11vnc can poll it much better via the [592]X + for the case of Xvfb x11vnc can poll it much better via the [594]X API, but you get the idea. By default in -rawfb mode x11vnc will actually close any X display it @@ -5204,13 +5224,13 @@ ied) tty1-tty6), or X graphical display (usually starting at tty7). In addition to the text console other graphical ones may be viewed and interacted with as well, e.g. DirectFB or SVGAlib apps, VMWare non-X - fullscreen, or [593]Qt-embedded apps (PDAs/Handhelds). By default the + fullscreen, or [595]Qt-embedded apps (PDAs/Handhelds). By default the pipeinput mechanisms UINPUT and CONSOLE (keystrokes only) are automatically attempted in this mode under "-rawfb console". The Video4Linux Capture device, /dev/video0, etc is either a Webcam or a TV capture device and needs to have its driver enabled in the - kernel. See [594]this FAQ for details. If specified via "-rawfb Video" + kernel. See [596]this FAQ for details. If specified via "-rawfb Video" then the pipeinput method "VID" is applied (it lets you change video parameters dynamically via keystrokes). @@ -5218,10 +5238,10 @@ ied) also useful in testing. - All of the above [595]-rawfb options are just for viewing the raw + All of the above [597]-rawfb options are just for viewing the raw framebuffer (although some of the aliases do imply keystroke and mouse pipeinput methods). That may be enough for certain applications of - this feature (e.g. suppose a [596]video camera mapped its framebuffer + this feature (e.g. suppose a [598]video camera mapped its framebuffer into memory and you just wanted to look at it via VNC). To handle the pointer and keyboard input from the viewer users the "-pipeinput cmd" option was added to indicate a helper program to @@ -5259,7 +5279,7 @@ ied) keystrokes into the Linux console (e.g. the virtual consoles: /dev/tty1, /dev/tty2, etc) in x11vnc/misc/vcinject.pl. It is based on the vncterm/LinuxVNC.c program also in the libvncserver CVS. So to - view and interact with VC #2 (assuming it is the [597]active VC) one + view and interact with VC #2 (assuming it is the [599]active VC) one can run something like: x11vnc -rawfb map:/dev/fb0@1024x768x16 -pipeinput './vcinject.pl 2' @@ -5314,7 +5334,7 @@ ied) better to use the more accurate and faster LinuxVNC program. The advantage x11vnc -rawfb might have is that it can allow interaction with a non-text application, e.g. one based on SVGAlib or - [598]Qt-embedded Also, for example the [599]VMWare Fullscreen mode is + [600]Qt-embedded Also, for example the [601]VMWare Fullscreen mode is actually viewable under -rawfb and can be interacted with if uinput is enabled. @@ -5331,12 +5351,12 @@ ied) program that passes the framebuffer to libvncserver. - Q-94: Can I export via VNC a Webcam or TV tuner framebuffer using + Q-95: Can I export via VNC a Webcam or TV tuner framebuffer using x11vnc? - Yes, this is possible to some degree with the [600]-rawfb option. + Yes, this is possible to some degree with the [602]-rawfb option. There is no X11 involved: snapshots from the video capture device are - used for the screen image data. See the [601]previous FAQ on -rawfb + used for the screen image data. See the [603]previous FAQ on -rawfb for background. For best results, use x11vnc version 0.8.1 or later. Roughly, one would do something like this: @@ -5348,7 +5368,7 @@ ied) snapshot to a file that you point -rawfb to; ask me if it is not clear what to do). - The "snap:" enforces [602]-snapfb mode which appears to be necessary. + The "snap:" enforces [604]-snapfb mode which appears to be necessary. The read pointer for video capture devices cannot be repositioned (which would be needed for scanline polling), but you can read a full frame of data from the device. @@ -5370,7 +5390,7 @@ ied) Many video4linux drivers tend to set the framebuffer to be 24bpp (as opposed to 32bpp). Since this can cause problems with VNC viewers, - etc, the [603]-24to32 option will be automatically imposed when in + etc, the [605]-24to32 option will be automatically imposed when in 24bpp. Note that by its very nature, video capture involves rapid change in @@ -5378,7 +5398,7 @@ ied) wavering in brightness is always happening. This can lead to much network bandwidth consumption for the VNC traffic and also local CPU and I/O resource usage. You may want to experiment with "dialing down" - the framerate via the [604]-wait, [605]-slow_fb, or [606]-defer + the framerate via the [606]-wait, [607]-slow_fb, or [608]-defer options. Decreasing the window size and bpp also helps. @@ -5467,16 +5487,16 @@ ied) format to HI240, RGB565, RGB24, RGB32, RGB555, and GREY respectively. See -rawfb video for details. - See also the [607]-freqtab option to supply your own xawtv channel to + See also the [609]-freqtab option to supply your own xawtv channel to frequency mappings for your country (only ntsc-cable-us is built into x11vnc). - Q-95: Can I connect via VNC to a Qt-embedded/Qtopia application + Q-96: Can I connect via VNC to a Qt-embedded/Qtopia application running on my handheld or PC using the Linux console framebuffer (i.e. not X11)? - Yes, the basic method for this is the [608]-rawfb scheme where the + Yes, the basic method for this is the [610]-rawfb scheme where the Linux console framebuffer (usually /dev/fb0) is polled and the uinput driver is used to inject keystrokes and mouse input. Often you will just have to type: @@ -5489,7 +5509,7 @@ ied) x11vnc -rawfb /dev/fb0@640x480x16 Also, to force usage of the uinput injection method use "-pipeinput - UINPUT". See the [609]-pipeinput description for tunable parameters, + UINPUT". See the [611]-pipeinput description for tunable parameters, etc. One problem with the x11vnc uinput scheme is that it cannot guess the @@ -5505,7 +5525,7 @@ ied) Even with the correct acceleration setting there is stil some drift (probably because of the mouse threshold where the acceleration kicks in) and so x11vnc needs to reposition the cursor from 0,0 about 5 - times a second. See the [610]-pipeinput UINPUT option for tuning + times a second. See the [612]-pipeinput UINPUT option for tuning parameters that can be set (there are some experimental thresh=N tuning parameters as well) @@ -5536,10 +5556,10 @@ ied) x11vnc on your device and letting us know what does and does not work. - Q-96: Now that non-X11 devices can be exported via VNC using x11vnc, + Q-97: Now that non-X11 devices can be exported via VNC using x11vnc, can I build it with no dependencies on X11 header files and libraries? - Yes, as of Jul/2006 x11vnc enables building for [611]-rawfb only + Yes, as of Jul/2006 x11vnc enables building for [613]-rawfb only support. Just do something like when building: ./configure --without-x (plus any other flags) make @@ -5550,12 +5570,12 @@ ied) know what you did. - Q-97: Can I use x11vnc to record a Shock Wave Flash (or other format) + Q-98: Can I use x11vnc to record a Shock Wave Flash (or other format) video of my desktop, e.g. to record a tutorial or demo? Yes, it is possible with a number of tools that record VNC and transform it to swf format or others. One such popular tool is - [612]pyvnc2swf. There are a number of [613]tutorials on how to do + [614]pyvnc2swf. There are a number of [615]tutorials on how to do this. Another option is to use the vnc2mpg that comes in the LibVNCServer package. An important thing to remember when doing this is that tuning @@ -5566,24 +5586,24 @@ ied) [Misc: Clipboard, File Transfer/Sharing, Printing, Sound, Beeps, Thanks, etc.] - Q-98: Does the Clipboard/Selection get transferred between the + Q-99: Does the Clipboard/Selection get transferred between the vncviewer and the X display? As of Jan/2004 x11vnc supports the "CutText" part of the rfb protocol. Furthermore, x11vnc is able to hold the PRIMARY and CLIPBOARD selection (Xvnc does not seem to do this). If you don't want the - Clipboard/Selection exchanged use the [614]-nosel option. If you don't + Clipboard/Selection exchanged use the [616]-nosel option. If you don't want the PRIMARY selection to be polled for changes use the - [615]-noprimary option. (with a similar thing for CLIPBOARD). You can - also fine-tune it a bit with the [616]-seldir dir option and also - [617]-input. + [617]-noprimary option. (with a similar thing for CLIPBOARD). You can + also fine-tune it a bit with the [618]-seldir dir option and also + [619]-input. You may need to watch out for desktop utilities such as KDE's "Klipper" that do odd things with the selection, clipboard, and cutbuffers. - Q-99: Can I transfer files back and forth with x11vnc? + Q-100: Can I transfer files back and forth with x11vnc? As of Oct/2005 and May/2006 x11vnc enables, respectively, the TightVNC and UltraVNC file transfer implementations that were added to @@ -5591,7 +5611,7 @@ ied) (and Windows viewers only support filetransfer it appears). TightVNC file transfer is on by default, if you want to disable it use - the [618]-nofilexfer option. UltraVNC file transfer is currently off + the [620]-nofilexfer option. UltraVNC file transfer is currently off by default, to enable it use something like "-rfbversion 3.6 -permitfiletransfer" options (UltraVNC incorrectly uses the RFB protocol version to @@ -5599,24 +5619,24 @@ ied) be version 3.6). If you find any bugs or performance issues with the file transfer, - please report them to the [619]LibVNCServer team. + please report them to the [621]LibVNCServer team. - Q-100: Can I (temporarily) mount my local (viewer-side) Windows/Samba + Q-101: Can I (temporarily) mount my local (viewer-side) Windows/Samba File share on the machine where x11vnc is running? You will have to use an external network redirection for this. Filesystem mounting is not part of the VNC protocol. - We show a simple [620]Samba example here. + We show a simple [622]Samba example here. First you will need a tunnel to redirect the SMB requests from the remote machine to the one you sitting at. We use an ssh tunnel: sitting-here> ssh -C -R 1139:localhost:139 far-away.east Or one could combine this with the VNC tunnel at the same time, e.g.: - sitting-here> ssh -C -R 1139:localhost:139 -L 5900:localhost:5900 far-away.ea -st 'x11vnc -localhost -display :0' + sitting-here> ssh -C -R 1139:localhost:139 -t -L 5900:localhost:5900 far-away +.east 'x11vnc -localhost -display :0' Port 139 is the Windows Service port. For Windows systems instead of Samba, you may need to use the actual IP address of the Window machine @@ -5645,17 +5665,17 @@ d,ip=127.0.0.1,port=1139 far-away> smbumount /home/fred/smb-haystack-pub At some point we hope to fold some automation for SMB ssh redir setup - into the [621]Enhanced TightVNC Viewer package we provide (as of Sep + into the [623]Enhanced TightVNC Viewer package we provide (as of Sep 2006 it is there for testing). - Q-101: Can I redirect CUPS print jobs from the remote desktop where + Q-102: Can I redirect CUPS print jobs from the remote desktop where x11vnc is running to a printer on my local (viewer-side) machine? You will have to use an external network redirection for this. Printing is not part of the VNC protocol. - We show a simple Unix to Unix [622]CUPS example here. Non-CUPS port + We show a simple Unix to Unix [624]CUPS example here. Non-CUPS port redirections (e.g. LPD) should also be possible, but may be a bit more tricky. If you are viewing on Windows SMB and don't have a local cups server it may be trickier still (see below). @@ -5665,8 +5685,8 @@ d,ip=127.0.0.1,port=1139 sitting-here> ssh -C -R 6631:localhost:631 far-away.east Or one could combine this with the VNC tunnel at the same time, e.g.: - sitting-here> ssh -C -R 6631:localhost:631 -L 5900:localhost:5900 far-away.ea -st 'x11vnc -localhost -display :0' + sitting-here> ssh -C -R 6631:localhost:631 -t -L 5900:localhost:5900 far-away +.east 'x11vnc -localhost -display :0' Port 631 is the default CUPS port. The above assumes you have a Cups server running on your viewer machine (localhost:631), if not, use @@ -5727,11 +5747,11 @@ st 'x11vnc -localhost -display :0' "localhost". At some point we hope to fold some automation for CUPS ssh redir setup - into the [623]Enhanced TightVNC Viewer package we provide (as of Sep + into the [625]Enhanced TightVNC Viewer package we provide (as of Sep 2006 it is there for testing). - Q-102: How can I hear the sound (audio) from the remote applications + Q-103: How can I hear the sound (audio) from the remote applications on the desktop I am viewing via x11vnc? You will have to use an external network audio mechanism for this. @@ -5746,8 +5766,8 @@ st 'x11vnc -localhost -display :0' sitting-here> ssh -C -R 16001:localhost:16001 far-away.east Or one could combine this with the VNC tunnel at the same time, e.g.: - sitting-here> ssh -C -R 16001:localhost:16001 -L 5900:localhost:5900 far-away -.east 'x11vnc -localhost -display :0' + sitting-here> ssh -C -R 16001:localhost:16001 -t -L 5900:localhost:5900 far-a +way.east 'x11vnc -localhost -display :0' Port 16001 is the default ESD uses. So when an application on the remote desktop makes a sound it will connect to this tunnel and be @@ -5827,11 +5847,11 @@ or: the applications will fail to run because LD_PRELOAD will point to libraries of the wrong wordsize. * At some point we hope to fold some automation for esd or artsd ssh - redir setup into the [624]Enhanced TightVNC Viewer package we + redir setup into the [626]Enhanced TightVNC Viewer package we provide (as of Sep 2006 it is there for testing). - Q-103: Why don't I hear the "Beeps" in my X session (e.g. when typing + Q-104: Why don't I hear the "Beeps" in my X session (e.g. when typing tput bel in an xterm)? As of Dec/2003 "Beep" XBell events are tracked by default. The X @@ -5839,16 +5859,16 @@ or: in Solaris, see Xserver(1) for how to turn it on via +kb), and so you won't hear them if the extension is not present. - If you don't want to hear the beeps use the [625]-nobell option. If + If you don't want to hear the beeps use the [627]-nobell option. If you want to hear the audio from the remote applications, consider - trying a [626]redirector such as esd. + trying a [628]redirector such as esd. Contributions: - Q-104: Thanks for your program and for your help! Can I make a + Q-105: Thanks for your program and for your help! Can I make a donation? Please do (any amount is appreciated) and thank you for your support! @@ -6026,464 +6046,466 @@ References 166. http://www.karlrunge.com/x11vnc/index.html#faq-users-opt 167. http://www.karlrunge.com/x11vnc/index.html#faq-blockdpy 168. http://www.karlrunge.com/x11vnc/index.html#faq-gone-lock - 169. http://www.karlrunge.com/x11vnc/index.html#faq-ssh-unix - 170. http://www.karlrunge.com/x11vnc/index.html#faq-ssh-putty - 171. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-ext - 172. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-int - 173. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-viewers - 174. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-java-viewer-proxy - 175. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-portal - 176. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-ca - 177. http://www.karlrunge.com/x11vnc/index.html#faq-service - 178. http://www.karlrunge.com/x11vnc/index.html#faq-display-manager - 179. http://www.karlrunge.com/x11vnc/index.html#faq-inetd - 180. http://www.karlrunge.com/x11vnc/index.html#faq-userlogin - 181. http://www.karlrunge.com/x11vnc/index.html#faq-loop - 182. http://www.karlrunge.com/x11vnc/index.html#faq-java-http - 183. http://www.karlrunge.com/x11vnc/index.html#faq-reverse-connect - 184. http://www.karlrunge.com/x11vnc/index.html#faq-xvfb - 185. http://www.karlrunge.com/x11vnc/index.html#faq-headless - 186. http://www.karlrunge.com/x11vnc/index.html#faq-solshm - 187. http://www.karlrunge.com/x11vnc/index.html#faq-less-resource - 188. http://www.karlrunge.com/x11vnc/index.html#faq-more-resource - 189. http://www.karlrunge.com/x11vnc/index.html#faq-slow-link - 190. http://www.karlrunge.com/x11vnc/index.html#faq-xdamage - 191. http://www.karlrunge.com/x11vnc/index.html#faq-pointer-mode - 192. http://www.karlrunge.com/x11vnc/index.html#faq-wireframe - 193. http://www.karlrunge.com/x11vnc/index.html#faq-scrollcopyrect - 194. http://www.karlrunge.com/x11vnc/index.html#faq-cursor-shape - 195. http://www.karlrunge.com/x11vnc/index.html#faq-xfixes-alpha - 196. http://www.karlrunge.com/x11vnc/index.html#faq-xfixes-alpha-hacks - 197. http://www.karlrunge.com/x11vnc/index.html#faq-cursor-arrow - 198. http://www.karlrunge.com/x11vnc/index.html#faq-cursor-positions - 199. http://www.karlrunge.com/x11vnc/index.html#faq-buttonmap-opt - 200. http://www.karlrunge.com/x11vnc/index.html#faq-altgr - 201. http://www.karlrunge.com/x11vnc/index.html#faq-greaterless - 202. http://www.karlrunge.com/x11vnc/index.html#faq-greaterless-sloppy - 203. http://www.karlrunge.com/x11vnc/index.html#faq-xkbmodtweak - 204. http://www.karlrunge.com/x11vnc/index.html#faq-repeated-keys - 205. http://www.karlrunge.com/x11vnc/index.html#faq-repeated-keys-still - 206. http://www.karlrunge.com/x11vnc/index.html#faq-remap-opt - 207. http://www.karlrunge.com/x11vnc/index.html#faq-sun-alt-meta - 208. http://www.karlrunge.com/x11vnc/index.html#faq-remap-button-click - 209. http://www.karlrunge.com/x11vnc/index.html#faq-remap-capslock - 210. http://www.karlrunge.com/x11vnc/index.html#faq-scrollbars - 211. http://www.karlrunge.com/x11vnc/index.html#faq-scaling - 212. http://www.karlrunge.com/x11vnc/index.html#faq-xinerama - 213. http://www.karlrunge.com/x11vnc/index.html#faq-multi-screen - 214. http://www.karlrunge.com/x11vnc/index.html#faq-clip-screen - 215. http://www.karlrunge.com/x11vnc/index.html#faq-xrandr - 216. http://www.karlrunge.com/x11vnc/index.html#faq-rotate - 217. http://www.karlrunge.com/x11vnc/index.html#faq-black-screen - 218. http://www.karlrunge.com/x11vnc/index.html#faq-linuxvc - 219. http://www.karlrunge.com/x11vnc/index.html#faq-hidden-taskbars - 220. http://www.karlrunge.com/x11vnc/index.html#faq-vmware - 221. http://www.karlrunge.com/x11vnc/index.html#faq-rawfb - 222. http://www.karlrunge.com/x11vnc/index.html#faq-video - 223. http://www.karlrunge.com/x11vnc/index.html#faq-qt-embedded - 224. http://www.karlrunge.com/x11vnc/index.html#faq-no-x11 - 225. http://www.karlrunge.com/x11vnc/index.html#faq-record-swf - 226. http://www.karlrunge.com/x11vnc/index.html#faq-clipboard - 227. http://www.karlrunge.com/x11vnc/index.html#faq-filexfer - 228. http://www.karlrunge.com/x11vnc/index.html#faq-smb-shares - 229. http://www.karlrunge.com/x11vnc/index.html#faq-cups - 230. http://www.karlrunge.com/x11vnc/index.html#faq-sound - 231. http://www.karlrunge.com/x11vnc/index.html#faq-beeps - 232. http://www.karlrunge.com/x11vnc/index.html#faq-thanks - 233. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display - 234. http://www.tldp.org/HOWTO/Remote-X-Apps.html - 235. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth - 236. http://www.karlrunge.com/x11vnc/index.html#faq-display-manager - 237. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users - 238. http://www.karlrunge.com/x11vnc/index.html#solarisbuilding - 239. http://www.karlrunge.com/x11vnc/x11vnc_sunos4.html - 240. http://www.karlrunge.com/x11vnc/index.html#building - 241. http://www.karlrunge.com/x11vnc/index.html#faq-build - 242. http://packages.debian.org/x11vnc - 243. http://www.linuxpackages.net/search_view.php?by=name&name=x11vnc - 244. http://dag.wieers.com/packages/x11vnc/ - 245. http://dries.ulyssis.org/rpm/packages/x11vnc/info.html - 246. http://linux01.gwdg.de/~pbleser/rpm-navigation.php?cat=Network/x11vnc/ - 247. http://www.sunfreeware.com/ - 248. http://www.freebsd.org/cgi/ports.cgi?query=x11vnc&stype=all - 249. http://www.freshports.org/net/x11vnc - 250. http://www.openbsd.org/3.9_packages/i386/x11vnc-0.6.2.tgz-long.html - 251. http://pkgsrc.se/x11/x11vnc - 252. http://mike.saunby.net/770/x11vnc/ - 253. http://www.pdaxrom.org/ipk_feed.php?menuid=11&showfeed=unstable#x11vnc - 254. http://www.focv.com/ipkg/ - 255. http://www.karlrunge.com/x11vnc/bins - 256. http://www.tightvnc.com/download.html - 257. http://www.realvnc.com/download-free.html - 258. http://sourceforge.net/projects/cotvnc/ - 259. http://www.ultravnc.com/ - 260. http://www.karlrunge.com/x11vnc/enhanced_tightvnc_viewer.html - 261. http://www.karlrunge.com/x11vnc/x11vnc_opts.html - 262. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-gui - 263. http://www.karlrunge.com/x11vnc/index.html#faq-gui-tray - 264. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-q - 265. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-bg - 266. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-o - 267. http://www.karlrunge.com/x11vnc/index.html#solarisbuilding - 268. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nofb - 269. http://fredrik.hubbe.net/x2vnc.html - 270. http://www.hubbe.net/~hubbe/win2vnc.html - 271. http://www.deboer.gmxhome.de/ - 272. http://sourceforge.net/projects/win2vnc/ - 273. http://fredrik.hubbe.net/x2vnc.html - 274. http://freshmeat.net/projects/x2x/ - 275. http://ftp.digital.com/pub/Digital/SRC/x2x/ - 276. http://zapek.com/software/zvnc/ - 277. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-visual - 278. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-flashcmap - 279. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-8to24 - 280. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-notruecolor - 281. http://www.karlrunge.com/x11vnc/index.html#faq-8bpp - 282. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-overlay - 283. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-8to24 - 284. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-overlay - 285. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-8to24 - 286. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-flashcmap - 287. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fixscreen - 288. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-8to24 - 289. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 290. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-8to24 - 291. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-overlay - 292. http://www.karlrunge.com/x11vnc/index.html#faq-overlays - 293. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 294. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sid - 295. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-24to32 - 296. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display - 297. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noshm - 298. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-flipbyteorder - 299. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth - 300. http://www.karlrunge.com/x11vnc/index.html#xauth_pain - 301. http://www.karlrunge.com/x11vnc/index.html#faq-noshm - 302. http://wwws.sun.com/sunray/index.html - 303. http://www.karlrunge.com/x11vnc/sunray.html - 304. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remote - 305. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-query - 306. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-forever - 307. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-bg - 308. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_mods - 309. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_keys - 310. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remote - 311. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-query - 312. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-gui - 313. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-storepasswd - 314. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbauth - 315. http://www.karlrunge.com/x11vnc/index.html#faq-passwdfile - 316. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-usepw - 317. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-viewpasswd - 318. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwd - 319. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwdfile - 320. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbauth - 321. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwdfile - 322. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw - 323. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_nis - 324. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost - 325. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel - 326. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 169. http://www.karlrunge.com/x11vnc/index.html#faq-kde-screensaver + 170. http://www.karlrunge.com/x11vnc/index.html#faq-ssh-unix + 171. http://www.karlrunge.com/x11vnc/index.html#faq-ssh-putty + 172. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-ext + 173. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-int + 174. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-viewers + 175. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-java-viewer-proxy + 176. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-portal + 177. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-ca + 178. http://www.karlrunge.com/x11vnc/index.html#faq-service + 179. http://www.karlrunge.com/x11vnc/index.html#faq-display-manager + 180. http://www.karlrunge.com/x11vnc/index.html#faq-inetd + 181. http://www.karlrunge.com/x11vnc/index.html#faq-userlogin + 182. http://www.karlrunge.com/x11vnc/index.html#faq-loop + 183. http://www.karlrunge.com/x11vnc/index.html#faq-java-http + 184. http://www.karlrunge.com/x11vnc/index.html#faq-reverse-connect + 185. http://www.karlrunge.com/x11vnc/index.html#faq-xvfb + 186. http://www.karlrunge.com/x11vnc/index.html#faq-headless + 187. http://www.karlrunge.com/x11vnc/index.html#faq-solshm + 188. http://www.karlrunge.com/x11vnc/index.html#faq-less-resource + 189. http://www.karlrunge.com/x11vnc/index.html#faq-more-resource + 190. http://www.karlrunge.com/x11vnc/index.html#faq-slow-link + 191. http://www.karlrunge.com/x11vnc/index.html#faq-xdamage + 192. http://www.karlrunge.com/x11vnc/index.html#faq-pointer-mode + 193. http://www.karlrunge.com/x11vnc/index.html#faq-wireframe + 194. http://www.karlrunge.com/x11vnc/index.html#faq-scrollcopyrect + 195. http://www.karlrunge.com/x11vnc/index.html#faq-cursor-shape + 196. http://www.karlrunge.com/x11vnc/index.html#faq-xfixes-alpha + 197. http://www.karlrunge.com/x11vnc/index.html#faq-xfixes-alpha-hacks + 198. http://www.karlrunge.com/x11vnc/index.html#faq-cursor-arrow + 199. http://www.karlrunge.com/x11vnc/index.html#faq-cursor-positions + 200. http://www.karlrunge.com/x11vnc/index.html#faq-buttonmap-opt + 201. http://www.karlrunge.com/x11vnc/index.html#faq-altgr + 202. http://www.karlrunge.com/x11vnc/index.html#faq-greaterless + 203. http://www.karlrunge.com/x11vnc/index.html#faq-greaterless-sloppy + 204. http://www.karlrunge.com/x11vnc/index.html#faq-xkbmodtweak + 205. http://www.karlrunge.com/x11vnc/index.html#faq-repeated-keys + 206. http://www.karlrunge.com/x11vnc/index.html#faq-repeated-keys-still + 207. http://www.karlrunge.com/x11vnc/index.html#faq-remap-opt + 208. http://www.karlrunge.com/x11vnc/index.html#faq-sun-alt-meta + 209. http://www.karlrunge.com/x11vnc/index.html#faq-remap-button-click + 210. http://www.karlrunge.com/x11vnc/index.html#faq-remap-capslock + 211. http://www.karlrunge.com/x11vnc/index.html#faq-scrollbars + 212. http://www.karlrunge.com/x11vnc/index.html#faq-scaling + 213. http://www.karlrunge.com/x11vnc/index.html#faq-xinerama + 214. http://www.karlrunge.com/x11vnc/index.html#faq-multi-screen + 215. http://www.karlrunge.com/x11vnc/index.html#faq-clip-screen + 216. http://www.karlrunge.com/x11vnc/index.html#faq-xrandr + 217. http://www.karlrunge.com/x11vnc/index.html#faq-rotate + 218. http://www.karlrunge.com/x11vnc/index.html#faq-black-screen + 219. http://www.karlrunge.com/x11vnc/index.html#faq-linuxvc + 220. http://www.karlrunge.com/x11vnc/index.html#faq-hidden-taskbars + 221. http://www.karlrunge.com/x11vnc/index.html#faq-vmware + 222. http://www.karlrunge.com/x11vnc/index.html#faq-rawfb + 223. http://www.karlrunge.com/x11vnc/index.html#faq-video + 224. http://www.karlrunge.com/x11vnc/index.html#faq-qt-embedded + 225. http://www.karlrunge.com/x11vnc/index.html#faq-no-x11 + 226. http://www.karlrunge.com/x11vnc/index.html#faq-record-swf + 227. http://www.karlrunge.com/x11vnc/index.html#faq-clipboard + 228. http://www.karlrunge.com/x11vnc/index.html#faq-filexfer + 229. http://www.karlrunge.com/x11vnc/index.html#faq-smb-shares + 230. http://www.karlrunge.com/x11vnc/index.html#faq-cups + 231. http://www.karlrunge.com/x11vnc/index.html#faq-sound + 232. http://www.karlrunge.com/x11vnc/index.html#faq-beeps + 233. http://www.karlrunge.com/x11vnc/index.html#faq-thanks + 234. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display + 235. http://www.tldp.org/HOWTO/Remote-X-Apps.html + 236. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth + 237. http://www.karlrunge.com/x11vnc/index.html#faq-display-manager + 238. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users + 239. http://www.karlrunge.com/x11vnc/index.html#solarisbuilding + 240. http://www.karlrunge.com/x11vnc/x11vnc_sunos4.html + 241. http://www.karlrunge.com/x11vnc/index.html#building + 242. http://www.karlrunge.com/x11vnc/index.html#faq-build + 243. http://packages.debian.org/x11vnc + 244. http://www.linuxpackages.net/search_view.php?by=name&name=x11vnc + 245. http://dag.wieers.com/packages/x11vnc/ + 246. http://dries.ulyssis.org/rpm/packages/x11vnc/info.html + 247. http://linux01.gwdg.de/~pbleser/rpm-navigation.php?cat=Network/x11vnc/ + 248. http://www.sunfreeware.com/ + 249. http://www.freebsd.org/cgi/ports.cgi?query=x11vnc&stype=all + 250. http://www.freshports.org/net/x11vnc + 251. http://www.openbsd.org/3.9_packages/i386/x11vnc-0.6.2.tgz-long.html + 252. http://pkgsrc.se/x11/x11vnc + 253. http://mike.saunby.net/770/x11vnc/ + 254. http://www.pdaxrom.org/ipk_feed.php?menuid=11&showfeed=unstable#x11vnc + 255. http://www.focv.com/ipkg/ + 256. http://www.karlrunge.com/x11vnc/bins + 257. http://www.tightvnc.com/download.html + 258. http://www.realvnc.com/download-free.html + 259. http://sourceforge.net/projects/cotvnc/ + 260. http://www.ultravnc.com/ + 261. http://www.karlrunge.com/x11vnc/enhanced_tightvnc_viewer.html + 262. http://www.karlrunge.com/x11vnc/x11vnc_opts.html + 263. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-gui + 264. http://www.karlrunge.com/x11vnc/index.html#faq-gui-tray + 265. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-q + 266. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-bg + 267. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-o + 268. http://www.karlrunge.com/x11vnc/index.html#solarisbuilding + 269. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nofb + 270. http://fredrik.hubbe.net/x2vnc.html + 271. http://www.hubbe.net/~hubbe/win2vnc.html + 272. http://www.deboer.gmxhome.de/ + 273. http://sourceforge.net/projects/win2vnc/ + 274. http://fredrik.hubbe.net/x2vnc.html + 275. http://freshmeat.net/projects/x2x/ + 276. http://ftp.digital.com/pub/Digital/SRC/x2x/ + 277. http://zapek.com/software/zvnc/ + 278. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-visual + 279. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-flashcmap + 280. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-8to24 + 281. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-notruecolor + 282. http://www.karlrunge.com/x11vnc/index.html#faq-8bpp + 283. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-overlay + 284. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-8to24 + 285. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-overlay + 286. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-8to24 + 287. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-flashcmap + 288. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fixscreen + 289. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-8to24 + 290. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 291. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-8to24 + 292. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-overlay + 293. http://www.karlrunge.com/x11vnc/index.html#faq-overlays + 294. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 295. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sid + 296. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-24to32 + 297. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display + 298. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noshm + 299. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-flipbyteorder + 300. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth + 301. http://www.karlrunge.com/x11vnc/index.html#xauth_pain + 302. http://www.karlrunge.com/x11vnc/index.html#faq-noshm + 303. http://wwws.sun.com/sunray/index.html + 304. http://www.karlrunge.com/x11vnc/sunray.html + 305. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remote + 306. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-query + 307. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-forever + 308. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-bg + 309. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_mods + 310. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_keys + 311. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remote + 312. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-query + 313. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-gui + 314. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-storepasswd + 315. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbauth + 316. http://www.karlrunge.com/x11vnc/index.html#faq-passwdfile + 317. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-usepw + 318. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-viewpasswd + 319. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwd + 320. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwdfile + 321. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbauth + 322. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwdfile + 323. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw + 324. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_nis + 325. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost + 326. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel 327. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 328. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost - 329. http://www.karlrunge.com/x11vnc/index.html#tunnelling - 330. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel - 331. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-accept - 332. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-forever - 333. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-shared - 334. http://www.karlrunge.com/x11vnc/index.html#tunnelling - 335. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 336. http://www.karlrunge.com/x11vnc/index.html#faq-passwd - 337. http://www.karlrunge.com/x11vnc/index.html#faq-passwdfile - 338. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-allow - 339. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost - 340. http://www.karlrunge.com/x11vnc/index.html#faq-tcp_wrappers - 341. http://www.karlrunge.com/x11vnc/index.html#faq-inetd - 342. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-listen - 343. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-allow - 344. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost - 345. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-allow - 346. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost - 347. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-input - 348. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-accept - 349. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-viewonly - 350. ftp://ftp.x.org/ - 351. http://www.karlrunge.com/x11vnc/dtVncPopup - 352. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-gone - 353. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-afteraccept - 354. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users - 355. http://www.karlrunge.com/x11vnc/blockdpy.c - 356. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-accept - 357. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-gone + 328. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 329. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost + 330. http://www.karlrunge.com/x11vnc/index.html#tunnelling + 331. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel + 332. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-accept + 333. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-forever + 334. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-shared + 335. http://www.karlrunge.com/x11vnc/index.html#tunnelling + 336. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 337. http://www.karlrunge.com/x11vnc/index.html#faq-passwd + 338. http://www.karlrunge.com/x11vnc/index.html#faq-passwdfile + 339. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-allow + 340. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost + 341. http://www.karlrunge.com/x11vnc/index.html#faq-tcp_wrappers + 342. http://www.karlrunge.com/x11vnc/index.html#faq-inetd + 343. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-listen + 344. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-allow + 345. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost + 346. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-allow + 347. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost + 348. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-input + 349. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-accept + 350. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-viewonly + 351. ftp://ftp.x.org/ + 352. http://www.karlrunge.com/x11vnc/dtVncPopup + 353. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-gone + 354. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-afteraccept + 355. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users + 356. http://www.karlrunge.com/x11vnc/blockdpy.c + 357. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-accept 358. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-gone - 359. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-afteraccept - 360. http://www.karlrunge.com/x11vnc/index.html#tunnelling - 361. http://www.karlrunge.com/x11vnc/enhanced_tightvnc_viewer.html + 359. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-gone + 360. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-afteraccept + 361. http://www.jwz.org/xscreensaver/man1.html 362. http://www.karlrunge.com/x11vnc/index.html#tunnelling 363. http://www.karlrunge.com/x11vnc/enhanced_tightvnc_viewer.html - 364. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost - 365. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbauth - 366. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwdfile - 367. http://www.karlrunge.com/x11vnc/index.html#gateway_double_ssh - 368. http://www.karlrunge.com/x11vnc/index.html#tunnelling - 369. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect - 370. http://www.stunnel.org/ - 371. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 372. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel - 373. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslverify - 374. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-int - 375. http://www.stunnel.org/ - 376. http://www.karlrunge.com/x11vnc/ssl.html - 377. http://www.karlrunge.com/x11vnc/index.html#ssl_vncviewer + 364. http://www.karlrunge.com/x11vnc/index.html#tunnelling + 365. http://www.karlrunge.com/x11vnc/enhanced_tightvnc_viewer.html + 366. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost + 367. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbauth + 368. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwdfile + 369. http://www.karlrunge.com/x11vnc/index.html#gateway_double_ssh + 370. http://www.karlrunge.com/x11vnc/index.html#tunnelling + 371. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect + 372. http://www.stunnel.org/ + 373. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 374. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel + 375. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslverify + 376. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-int + 377. http://www.stunnel.org/ 378. http://www.karlrunge.com/x11vnc/ssl.html - 379. http://www.securityfocus.com/infocus/1677 + 379. http://www.karlrunge.com/x11vnc/index.html#ssl_vncviewer 380. http://www.karlrunge.com/x11vnc/ssl.html - 381. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-inetd - 382. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-viewers - 383. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpdir - 384. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http - 385. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 386. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-https - 387. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel - 388. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 389. http://www.karlrunge.com/x11vnc/index.html#ssl_vncviewer - 390. http://www.karlrunge.com/x11vnc/enhanced_tightvnc_viewer.html - 391. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-ext - 392. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 393. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel - 394. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-viewers - 395. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 396. http://www.openssl.org/ - 397. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel - 398. http://www.stunnel.org/ - 399. http://www.karlrunge.com/x11vnc/ssl.html - 400. http://www.karlrunge.com/x11vnc/index.html#ssl_vncviewer + 381. http://www.securityfocus.com/infocus/1677 + 382. http://www.karlrunge.com/x11vnc/ssl.html + 383. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-inetd + 384. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-viewers + 385. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpdir + 386. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http + 387. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 388. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-https + 389. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel + 390. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 391. http://www.karlrunge.com/x11vnc/index.html#ssl_vncviewer + 392. http://www.karlrunge.com/x11vnc/enhanced_tightvnc_viewer.html + 393. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-ext + 394. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 395. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel + 396. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-viewers + 397. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 398. http://www.openssl.org/ + 399. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel + 400. http://www.stunnel.org/ 401. http://www.karlrunge.com/x11vnc/ssl.html - 402. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-viewers - 403. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpdir - 404. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http - 405. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-https - 406. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-portal + 402. http://www.karlrunge.com/x11vnc/index.html#ssl_vncviewer + 403. http://www.karlrunge.com/x11vnc/ssl.html + 404. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-viewers + 405. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpdir + 406. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http 407. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-https - 408. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-ext - 409. http://www.karlrunge.com/x11vnc/ssl_vncviewer - 410. http://www.karlrunge.com/x11vnc/ssl-portal.html - 411. http://www.karlrunge.com/x11vnc/ssl.html - 412. http://www.karlrunge.com/x11vnc/enhanced_tightvnc_viewer.html - 413. http://www.karlrunge.com/x11vnc/index.html#ssl_vncviewer - 414. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-viewers - 415. http://www.karlrunge.com/x11vnc/ssl-portal.html - 416. http://www.karlrunge.com/x11vnc/ssl.html - 417. http://www.karlrunge.com/x11vnc/index.html#display-manager-continuously - 418. http://www.karlrunge.com/x11vnc/index.html#faq-inetd - 419. http://www.karlrunge.com/x11vnc/index.html#faq-userlogin - 420. http://www.karlrunge.com/x11vnc/index.html#x11vnc_loop - 421. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth - 422. http://www.karlrunge.com/x11vnc/index.html#dtlogin_solaris - 423. http://www.jirka.org/gdm-documentation/x241.html - 424. http://www.karlrunge.com/x11vnc/x11vnc_loop - 425. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop - 426. http://www.karlrunge.com/x11vnc/index.html#faq-xterminal-xauth - 427. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-inetd - 428. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-q - 429. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth - 430. http://www.karlrunge.com/x11vnc/index.html#faq-userlogin - 431. http://www.karlrunge.com/x11vnc/index.html#faq-inetd - 432. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw - 433. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT - 434. http://www.karlrunge.com/x11vnc/index.html#stunnel-inetd + 408. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-portal + 409. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-https + 410. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-ext + 411. http://www.karlrunge.com/x11vnc/ssl_vncviewer + 412. http://www.karlrunge.com/x11vnc/ssl-portal.html + 413. http://www.karlrunge.com/x11vnc/ssl.html + 414. http://www.karlrunge.com/x11vnc/enhanced_tightvnc_viewer.html + 415. http://www.karlrunge.com/x11vnc/index.html#ssl_vncviewer + 416. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-viewers + 417. http://www.karlrunge.com/x11vnc/ssl-portal.html + 418. http://www.karlrunge.com/x11vnc/ssl.html + 419. http://www.karlrunge.com/x11vnc/index.html#display-manager-continuously + 420. http://www.karlrunge.com/x11vnc/index.html#faq-inetd + 421. http://www.karlrunge.com/x11vnc/index.html#faq-userlogin + 422. http://www.karlrunge.com/x11vnc/index.html#x11vnc_loop + 423. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth + 424. http://www.karlrunge.com/x11vnc/index.html#dtlogin_solaris + 425. http://www.jirka.org/gdm-documentation/x241.html + 426. http://www.karlrunge.com/x11vnc/x11vnc_loop + 427. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop + 428. http://www.karlrunge.com/x11vnc/index.html#faq-xterminal-xauth + 429. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-inetd + 430. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-q + 431. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth + 432. http://www.karlrunge.com/x11vnc/index.html#faq-userlogin + 433. http://www.karlrunge.com/x11vnc/index.html#faq-inetd + 434. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw 435. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT - 436. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw - 437. http://www.karlrunge.com/x11vnc/index.html#faq-unix-passwords - 438. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users - 439. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-int - 440. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop - 441. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpdir - 442. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http - 443. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect - 444. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remote - 445. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-vncconnect - 446. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms - 447. http://www.karlrunge.com/x11vnc/index.html#faq-linuxvc - 448. http://www.karlrunge.com/x11vnc/Xdummy - 449. http://www.karlrunge.com/x11vnc/index.html#display-manager-continuously - 450. http://www.karlrunge.com/x11vnc/shm_clear - 451. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile - 452. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noshm - 453. http://www.karlrunge.com/x11vnc/index.html#faq-noshm - 454. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nap - 455. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait - 456. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sb - 457. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile - 458. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fs - 459. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-threads - 460. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer - 461. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 462. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid - 463. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect - 464. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe - 465. http://www.tightvnc.com/ + 436. http://www.karlrunge.com/x11vnc/index.html#stunnel-inetd + 437. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT + 438. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw + 439. http://www.karlrunge.com/x11vnc/index.html#faq-unix-passwords + 440. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users + 441. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-int + 442. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop + 443. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpdir + 444. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http + 445. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect + 446. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remote + 447. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-vncconnect + 448. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms + 449. http://www.karlrunge.com/x11vnc/index.html#faq-linuxvc + 450. http://www.karlrunge.com/x11vnc/Xdummy + 451. http://www.karlrunge.com/x11vnc/index.html#display-manager-continuously + 452. http://www.karlrunge.com/x11vnc/shm_clear + 453. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile + 454. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noshm + 455. http://www.karlrunge.com/x11vnc/index.html#faq-noshm + 456. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nap + 457. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait + 458. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sb + 459. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile + 460. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fs + 461. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-threads + 462. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer + 463. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 464. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid + 465. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect 466. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe - 467. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect - 468. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid - 469. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-speeds - 470. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging - 471. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fs - 472. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait - 473. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer - 474. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-progressive - 475. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 476. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosel - 477. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursor - 478. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorpos - 479. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-readtimeout - 480. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fixscreen - 481. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow - 482. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xd_area - 483. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xd_mem - 484. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage - 485. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow - 486. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode - 487. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode - 488. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging + 467. http://www.tightvnc.com/ + 468. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe + 469. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect + 470. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid + 471. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-speeds + 472. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging + 473. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fs + 474. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait + 475. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer + 476. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-progressive + 477. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 478. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosel + 479. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursor + 480. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorpos + 481. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-readtimeout + 482. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fixscreen + 483. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow + 484. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xd_area + 485. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xd_mem + 486. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage + 487. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow + 488. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode 489. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode - 490. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-threads - 491. http://www.karlrunge.com/x11vnc/index.html#faq-wireframe - 492. http://www.karlrunge.com/x11vnc/index.html#faq-scrollcopyrect - 493. http://www.karlrunge.com/x11vnc/index.html#faq-pointer-mode - 494. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow - 495. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe - 496. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe + 490. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging + 491. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode + 492. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-threads + 493. http://www.karlrunge.com/x11vnc/index.html#faq-wireframe + 494. http://www.karlrunge.com/x11vnc/index.html#faq-scrollcopyrect + 495. http://www.karlrunge.com/x11vnc/index.html#faq-pointer-mode + 496. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow 497. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe - 498. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow - 499. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect - 500. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe - 501. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wirecopyrect - 502. http://www.karlrunge.com/x11vnc/index.html#faq-wireframe - 503. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fixscreen - 504. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scr_skip - 505. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale - 506. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect - 507. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor - 508. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor - 509. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-overlay - 510. http://www.karlrunge.com/x11vnc/index.html#the-overlay-mode - 511. http://www.karlrunge.com/x11vnc/index.html#solaris10-build - 512. http://www.karlrunge.com/x11vnc/index.html#faq-xfixes-alpha-hacks - 513. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alphacut - 514. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alphafrac - 515. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alpharemove - 516. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorshape - 517. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noalphablend - 518. http://www.karlrunge.com/x11vnc/enhanced_tightvnc_viewer.html - 519. http://www.tightvnc.com/ - 520. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursor - 521. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursorpos - 522. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorpos - 523. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorshape - 524. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-buttonmap - 525. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_pointer + 498. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe + 499. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe + 500. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow + 501. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect + 502. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe + 503. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wirecopyrect + 504. http://www.karlrunge.com/x11vnc/index.html#faq-wireframe + 505. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fixscreen + 506. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scr_skip + 507. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale + 508. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect + 509. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor + 510. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor + 511. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-overlay + 512. http://www.karlrunge.com/x11vnc/index.html#the-overlay-mode + 513. http://www.karlrunge.com/x11vnc/index.html#solaris10-build + 514. http://www.karlrunge.com/x11vnc/index.html#faq-xfixes-alpha-hacks + 515. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alphacut + 516. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alphafrac + 517. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alpharemove + 518. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorshape + 519. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noalphablend + 520. http://www.karlrunge.com/x11vnc/enhanced_tightvnc_viewer.html + 521. http://www.tightvnc.com/ + 522. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursor + 523. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursorpos + 524. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorpos + 525. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorshape 526. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-buttonmap - 527. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak - 528. http://www.karlrunge.com/x11vnc/index.html#faq-greaterless - 529. http://www.karlrunge.com/x11vnc/index.html#faq-xkbmodtweak - 530. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_keyboard - 531. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb - 532. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sloppy_keys - 533. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak - 534. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak - 535. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 536. http://www.karlrunge.com/x11vnc/index.html#faq-xkbmodtweak - 537. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_keyboard - 538. http://www.karlrunge.com/x11vnc/index.html#faq-greaterless - 539. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb - 540. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sloppy_keys - 541. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak - 542. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb - 543. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb - 544. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_keycodes - 545. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 546. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms + 527. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_pointer + 528. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-buttonmap + 529. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak + 530. http://www.karlrunge.com/x11vnc/index.html#faq-greaterless + 531. http://www.karlrunge.com/x11vnc/index.html#faq-xkbmodtweak + 532. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_keyboard + 533. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb + 534. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sloppy_keys + 535. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak + 536. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak + 537. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap + 538. http://www.karlrunge.com/x11vnc/index.html#faq-xkbmodtweak + 539. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_keyboard + 540. http://www.karlrunge.com/x11vnc/index.html#faq-greaterless + 541. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb + 542. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sloppy_keys + 543. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak + 544. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb + 545. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb + 546. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_keycodes 547. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 548. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 549. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms - 550. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-norepeat - 551. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-norepeat - 552. http://www.karlrunge.com/x11vnc/index.html#faq-display-manager - 553. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 554. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap + 548. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms + 549. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap + 550. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap + 551. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms + 552. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-norepeat + 553. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-norepeat + 554. http://www.karlrunge.com/x11vnc/index.html#faq-display-manager 555. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap 556. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 557. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_lockkeys + 557. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap 558. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 559. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nomodtweak - 560. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-capslock - 561. http://www.karlrunge.com/x11vnc/index.html#faq-scaling - 562. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale - 563. http://www.cus.cam.ac.uk/~ssb22/source/vnc-magnification.html - 564. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbport - 565. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-gui - 566. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect - 567. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale_cursor - 568. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-blackout - 569. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xinerama - 570. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xinerama - 571. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xwarppointer - 572. http://www.karlrunge.com/x11vnc/index.html#faq-solshm - 573. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile - 574. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noshm - 575. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clip - 576. http://www.karlrunge.com/x11vnc/index.html#faq-xinerama - 577. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 578. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 579. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xrandr - 580. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-padgeom - 581. http://www.karlrunge.com/x11vnc/enhanced_tightvnc_viewer.html - 582. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rotate - 583. http://www.karlrunge.com/x11vnc/index.html#faq-linuxvc - 584. http://www.karlrunge.com/x11vnc/index.html#faq-rawfb + 559. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_lockkeys + 560. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap + 561. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nomodtweak + 562. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-capslock + 563. http://www.karlrunge.com/x11vnc/index.html#faq-scaling + 564. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale + 565. http://www.cus.cam.ac.uk/~ssb22/source/vnc-magnification.html + 566. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbport + 567. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-gui + 568. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect + 569. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale_cursor + 570. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-blackout + 571. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xinerama + 572. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xinerama + 573. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xwarppointer + 574. http://www.karlrunge.com/x11vnc/index.html#faq-solshm + 575. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile + 576. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noshm + 577. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clip + 578. http://www.karlrunge.com/x11vnc/index.html#faq-xinerama + 579. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 580. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 581. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xrandr + 582. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-padgeom + 583. http://www.karlrunge.com/x11vnc/enhanced_tightvnc_viewer.html + 584. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rotate 585. http://www.karlrunge.com/x11vnc/index.html#faq-linuxvc - 586. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 587. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb - 588. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput - 589. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput - 590. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-snapfb - 591. http://www.karlrunge.com/x11vnc/index.html#faq-video - 592. http://www.karlrunge.com/x11vnc/index.html#faq-xvfb - 593. http://www.karlrunge.com/x11vnc/index.html#faq-qt-embedded - 594. http://www.karlrunge.com/x11vnc/index.html#faq-video - 595. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 586. http://www.karlrunge.com/x11vnc/index.html#faq-rawfb + 587. http://www.karlrunge.com/x11vnc/index.html#faq-linuxvc + 588. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 589. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 590. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput + 591. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput + 592. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-snapfb + 593. http://www.karlrunge.com/x11vnc/index.html#faq-video + 594. http://www.karlrunge.com/x11vnc/index.html#faq-xvfb + 595. http://www.karlrunge.com/x11vnc/index.html#faq-qt-embedded 596. http://www.karlrunge.com/x11vnc/index.html#faq-video - 597. http://www.karlrunge.com/x11vnc/index.html#faq-linuxvc - 598. http://www.karlrunge.com/x11vnc/index.html#faq-qt-embedded - 599. http://www.karlrunge.com/x11vnc/index.html#faq-vmware - 600. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb - 601. http://www.karlrunge.com/x11vnc/index.html#faq-rawfb - 602. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-snapfb - 603. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-24to32 - 604. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait - 605. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-slow_fb - 606. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer - 607. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-freqtab - 608. http://www.karlrunge.com/x11vnc/index.html#faq-rawfb - 609. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput - 610. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput - 611. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb - 612. http://www.unixuser.org/~euske/vnc2swf/ - 613. http://wolphination.com/linux/2006/06/30/how-to-record-videos-of-your-desktop/ - 614. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosel - 615. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noprimary - 616. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-seldir - 617. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-input - 618. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nofilexfer - 619. http://sourceforge.net/projects/libvncserver - 620. http://www.samba.org/ - 621. http://www.karlrunge.com/x11vnc/enhanced_tightvnc_viewer.html - 622. http://www.cups.org/ + 597. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 598. http://www.karlrunge.com/x11vnc/index.html#faq-video + 599. http://www.karlrunge.com/x11vnc/index.html#faq-linuxvc + 600. http://www.karlrunge.com/x11vnc/index.html#faq-qt-embedded + 601. http://www.karlrunge.com/x11vnc/index.html#faq-vmware + 602. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 603. http://www.karlrunge.com/x11vnc/index.html#faq-rawfb + 604. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-snapfb + 605. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-24to32 + 606. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait + 607. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-slow_fb + 608. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer + 609. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-freqtab + 610. http://www.karlrunge.com/x11vnc/index.html#faq-rawfb + 611. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput + 612. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput + 613. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 614. http://www.unixuser.org/~euske/vnc2swf/ + 615. http://wolphination.com/linux/2006/06/30/how-to-record-videos-of-your-desktop/ + 616. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosel + 617. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noprimary + 618. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-seldir + 619. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-input + 620. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nofilexfer + 621. http://sourceforge.net/projects/libvncserver + 622. http://www.samba.org/ 623. http://www.karlrunge.com/x11vnc/enhanced_tightvnc_viewer.html - 624. http://www.karlrunge.com/x11vnc/enhanced_tightvnc_viewer.html - 625. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nobell - 626. http://www.karlrunge.com/x11vnc/index.html#faq-sound + 624. http://www.cups.org/ + 625. http://www.karlrunge.com/x11vnc/enhanced_tightvnc_viewer.html + 626. http://www.karlrunge.com/x11vnc/enhanced_tightvnc_viewer.html + 627. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nobell + 628. http://www.karlrunge.com/x11vnc/index.html#faq-sound ======================================================================= http://www.karlrunge.com/x11vnc/chainingssh.html: @@ -7266,7 +7288,7 @@ http://www.karlrunge.com/x11vnc/ssl-portal.html: The standard way to allow access to x11vnc running on workstations inside a firewall is via SSH. The user somewhere out on the Internet logs in to the SSH gateway machine and uses port forwarding (e.g. ssh - -L 5900:myworkstation:5900 user@gateway) to set up the encrypted + -t -L 5900:myworkstation:5900 user@gateway) to set up the encrypted channel that VNC is then tunneled through. Next he starts up the VNC viewer on the machine where he is sitting directed to the local tunnel port. @@ -7663,7 +7685,7 @@ Enhanced TightVNC Viewer Windows and Unix that automatically starts up a STUNNEL SSL tunnel for SSL connections to [1]x11vnc (or any other VNC Server also running an SSL tunnel, such as STUNNEL, at their end), and then launches the - TightVNC Viewer. The frontend program can also be used to set up SSH + TightVNC Viewer. The front-end program can also be used to set up SSH tunnelled connections instead. Patches were created for the TightVNC 1.3dev7 vnc_unixsrc tree (and @@ -7682,9 +7704,9 @@ Enhanced TightVNC Viewer to a simple fixed port sequence and one-time-pad implementation, a hook is also provided to run any port knocking client before connecting. - * You can also use your own, e.g. non-TightVNC, Viewer with the - frontend if you like. - * Sets up any additional SSH port redirections you need. + * You can also use your own, e.g. UltraVNC or RealVNC, VNC Viewer + with the front-end if you like. + * Sets up any additional SSH port redirections that you want. The Viewer SSL support is done via a wrapper script (bin/ssl_tightvncviewer) that starts up the STUNNEL tunnel first and @@ -8039,7 +8061,7 @@ x11vnc: a VNC server for real X displays Here are all of x11vnc command line options: % x11vnc -opts (see below for -help long descriptions) -x11vnc: allow VNC connections to real X11 displays. 0.8.3 lastmod: 2006-09-10 +x11vnc: allow VNC connections to real X11 displays. 0.8.3 lastmod: 2006-09-13 x11vnc options: -display disp -auth file -id windowid @@ -8138,7 +8160,7 @@ libvncserver-tight-extension options: % x11vnc -help -x11vnc: allow VNC connections to real X11 displays. 0.8.3 lastmod: 2006-09-10 +x11vnc: allow VNC connections to real X11 displays. 0.8.3 lastmod: 2006-09-13 (type "x11vnc -opts" to just list the options.) @@ -8165,7 +8187,7 @@ as soon as the client disconnects. See -shared and -forever below to override these protections. See the FAQ for details how to tunnel the VNC connection through an encrypted channel such as ssh(1). In brief: - ssh -L 5900:localhost:5900 far-host 'x11vnc -localhost -display :0' + ssh -t -L 5900:localhost:5900 far-host 'x11vnc -localhost -display :0' vncviewer -encodings 'copyrect tight zrle hextile' localhost:0 @@ -8232,15 +8254,15 @@ Options: a colormap histogram. Example: -shiftcmap 240 -notruecolor For 8bpp displays, force indexed color (i.e. a colormap) even if it looks like 8bpp TrueColor (rare problem). --visual n Experimental option: probably does not do what you - think. It simply *forces* the visual used for the - framebuffer; this may be a bad thing... (e.g. messes - up colors or cause a crash). It is useful for testing - and for some workarounds. n may be a decimal number, - or 0x hex. Run xdpyinfo(1) for the values. One may - also use "TrueColor", etc. see <X11/X.h> for a list. - If the string ends in ":m" then for better or for - worse the visual depth is forced to be m. +-visual n This option probably does not do what you think. + It simply *forces* the visual used for the framebuffer; + this may be a bad thing... (e.g. messes up colors or + cause a crash). It is useful for testing and for some + workarounds. n may be a decimal number, or 0x hex. + Run xdpyinfo(1) for the values. One may also use + "TrueColor", etc. see <X11/X.h> for a list. If the + string ends in ":m" then for better or for worse the + visual depth is forced to be m. -overlay Handle multiple depth visuals on one screen, e.g. 8+24 and 24+8 overlay visuals (the 32 bits per pixel are @@ -9648,10 +9670,11 @@ Options: -bg Go into the background after screen setup. Messages to stderr are lost unless -o logfile is used. Something like this could be useful in a script: - port=`ssh $host "x11vnc -display :0 -bg" | grep PORT` - port=`echo "$port" | sed -e 's/PORT=//'` - port=`expr $port - 5900` - vncviewer $host:$port + port=`ssh -t $host "x11vnc -display :0 -bg" | grep PORT +` + port=`echo "$port" | sed -e 's/PORT=//'` + port=`expr $port - 5900` + vncviewer $host:$port -modtweak Option -modtweak automatically tries to adjust the AltGr -nomodtweak and Shift modifiers for differing language keyboards @@ -10507,8 +10530,8 @@ Options: It may be of use in video capture-like applications, or where window tearing is a problem. --rawfb string Experimental option, instead of polling X, poll the - memory object specified in "string". +-rawfb string Instead of polling X, poll the memory object specified + in "string". For shared memory segments string is of the form: "shm:N@WxHxB" which specifies a shmid @@ -10737,16 +10760,16 @@ Options: You can make your own freqtab by copying the xawtv format. --pipeinput cmd Another experimental option: it lets you supply an - external command in "cmd" that x11vnc will pipe - all of the user input events to in a simple format. - In -pipeinput mode by default x11vnc will not process - any of the user input events. If you prefix "cmd" - with "tee:" it will both send them to the pipe - command and process them. For a description of the - format run "-pipeinput tee:/bin/cat". Another prefix - is "reopen" which means to reopen pipe if it exits. - Separate multiple prefixes with commas. +-pipeinput cmd This option lets you supply an external command in + "cmd" that x11vnc will pipe all of the user input + events to in a simple format. In -pipeinput mode by + default x11vnc will not process any of the user input + events. If you prefix "cmd" with "tee:" it will + both send them to the pipe command and process them. + For a description of the format run "-pipeinput + tee:/bin/cat". Another prefix is "reopen" which + means to reopen pipe if it exits. Separate multiple + prefixes with commas. In combination with -rawfb one might be able to do amusing things (e.g. control non-X devices). diff --git a/x11vnc/help.c b/x11vnc/help.c index 75d8544..63cbafb 100644 --- a/x11vnc/help.c +++ b/x11vnc/help.c @@ -45,7 +45,7 @@ void print_help(int mode) { "these protections. See the FAQ for details how to tunnel the VNC connection\n" "through an encrypted channel such as ssh(1). In brief:\n" "\n" -" ssh -L 5900:localhost:5900 far-host 'x11vnc -localhost -display :0'\n" +" ssh -t -L 5900:localhost:5900 far-host 'x11vnc -localhost -display :0'\n" "\n" " vncviewer -encodings 'copyrect tight zrle hextile' localhost:0\n" "\n" @@ -112,15 +112,15 @@ void print_help(int mode) { " a colormap histogram. Example: -shiftcmap 240\n" "-notruecolor For 8bpp displays, force indexed color (i.e. a colormap)\n" " even if it looks like 8bpp TrueColor (rare problem).\n" -"-visual n Experimental option: probably does not do what you\n" -" think. It simply *forces* the visual used for the\n" -" framebuffer; this may be a bad thing... (e.g. messes\n" -" up colors or cause a crash). It is useful for testing\n" -" and for some workarounds. n may be a decimal number,\n" -" or 0x hex. Run xdpyinfo(1) for the values. One may\n" -" also use \"TrueColor\", etc. see <X11/X.h> for a list.\n" -" If the string ends in \":m\" then for better or for\n" -" worse the visual depth is forced to be m.\n" +"-visual n This option probably does not do what you think.\n" +" It simply *forces* the visual used for the framebuffer;\n" +" this may be a bad thing... (e.g. messes up colors or\n" +" cause a crash). It is useful for testing and for some\n" +" workarounds. n may be a decimal number, or 0x hex.\n" +" Run xdpyinfo(1) for the values. One may also use\n" +" \"TrueColor\", etc. see <X11/X.h> for a list. If the\n" +" string ends in \":m\" then for better or for worse the\n" +" visual depth is forced to be m.\n" "\n" "-overlay Handle multiple depth visuals on one screen, e.g. 8+24\n" " and 24+8 overlay visuals (the 32 bits per pixel are\n" @@ -1537,10 +1537,10 @@ void print_help(int mode) { "-bg Go into the background after screen setup. Messages to\n" " stderr are lost unless -o logfile is used. Something\n" " like this could be useful in a script:\n" -" port=`ssh $host \"x11vnc -display :0 -bg\" | grep PORT`\n" -" port=`echo \"$port\" | sed -e 's/PORT=//'`\n" -" port=`expr $port - 5900`\n" -" vncviewer $host:$port\n" +" port=`ssh -t $host \"x11vnc -display :0 -bg\" | grep PORT`\n" +" port=`echo \"$port\" | sed -e 's/PORT=//'`\n" +" port=`expr $port - 5900`\n" +" vncviewer $host:$port\n" "\n" "-modtweak Option -modtweak automatically tries to adjust the AltGr\n" "-nomodtweak and Shift modifiers for differing language keyboards\n" @@ -2404,8 +2404,8 @@ void print_help(int mode) { " It may be of use in video capture-like applications,\n" " or where window tearing is a problem.\n" "\n" -"-rawfb string Experimental option, instead of polling X, poll the\n" -" memory object specified in \"string\".\n" +"-rawfb string Instead of polling X, poll the memory object specified\n" +" in \"string\".\n" "\n" " For shared memory segments string is of the\n" " form: \"shm:N@WxHxB\" which specifies a shmid\n" @@ -2634,16 +2634,16 @@ void print_help(int mode) { " You can make your own freqtab by copying the xawtv\n" " format.\n" "\n" -"-pipeinput cmd Another experimental option: it lets you supply an\n" -" external command in \"cmd\" that x11vnc will pipe\n" -" all of the user input events to in a simple format.\n" -" In -pipeinput mode by default x11vnc will not process\n" -" any of the user input events. If you prefix \"cmd\"\n" -" with \"tee:\" it will both send them to the pipe\n" -" command and process them. For a description of the\n" -" format run \"-pipeinput tee:/bin/cat\". Another prefix\n" -" is \"reopen\" which means to reopen pipe if it exits.\n" -" Separate multiple prefixes with commas.\n" +"-pipeinput cmd This option lets you supply an external command in\n" +" \"cmd\" that x11vnc will pipe all of the user input\n" +" events to in a simple format. In -pipeinput mode by\n" +" default x11vnc will not process any of the user input\n" +" events. If you prefix \"cmd\" with \"tee:\" it will\n" +" both send them to the pipe command and process them.\n" +" For a description of the format run \"-pipeinput\n" +" tee:/bin/cat\". Another prefix is \"reopen\" which\n" +" means to reopen pipe if it exits. Separate multiple\n" +" prefixes with commas.\n" "\n" " In combination with -rawfb one might be able to\n" " do amusing things (e.g. control non-X devices).\n" diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/COPYING b/x11vnc/misc/enhanced_tightvnc_viewer/COPYING new file mode 100644 index 0000000..a3f6b12 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/COPYING @@ -0,0 +1,340 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc. + 59 Temple Place - Suite 330, Boston, MA + 02111-1307, USA. + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Library General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + Appendix: How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + <one line to give the program's name and a brief idea of what it does.> + Copyright (C) 19yy <name of author> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) 19yy name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + <signature of Ty Coon>, 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Library General +Public License instead of this License. diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/README b/x11vnc/misc/enhanced_tightvnc_viewer/README new file mode 100644 index 0000000..ff3dc39 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/README @@ -0,0 +1,228 @@ + Enhanced TightVNC Viewer package + +Copyright (c) Karl J. Runge <runge@karlrunge.com> +All rights reserved. + +These packages provide 1) An enhanced TightVNC Viewer on Unix, 2) Binaries +for many Operating Systems (including Windows) for your convenience, +3) Wrapper scripts and etc. for gluing them all together. + +One can straight-forwardly download all of the components and get them +to work together by oneself: this package is mostly for your convenience +to combine and wrap together the freely available software. + +Bundled software co-shipped in this package is copyright and licensed +by others. See these sites and related ones for more information: + + http://www.tightvnc.com + http://www.realvnc.com + http://www.stunnel.org + http://www.openssl.org + http://www.chiark.greenend.org.uk/~sgtatham/putty/ + +Note: Some of the Windows binaries included contain cryptographic software +that you may not be allowed to download, use, or redistribute. Please +check your situation first before downloading any of these packages. +See the survey http://rechten.uvt.nl/koops/cryptolaw/index.htm for useful +information. The Unix programs do not contain cryptographic software, but +rather will make use of cryptographic libraries that are installed on your +Unix system. Depending on your circumstances you may still need to check. + +All work by Karl J. Runge in this package is Copyright (c) Karl J. Runge +and is licensed under the GPL as described in the file COPYING in this +directory. + +All the files and information in this package are provided "AS IS" +without any warranty of any kind. Use them at your own risk. + + +============================================================================= + +This package contains a convenient collection of enhanced TightVNC viewers +and stunnel binaries for different flavors of Unix and wrapper scripts, +etc to glue them together. SSL and SSH encryption tunnelling is provided. + +Also, a Windows SSL wrapper for the co-bundled TightVNC binary and other +utilities are provided. (Launch ssl_tightvncviewer.exe in the +Windows subdirectory). + + +Features: +-------- + +The enhanced TightVNC viewer features are: + + - SSL support for connections using the co-bundled stunnel program. + + - Automatic SSH connections from the GUI (ssh must already be + installed on Unix; co-bundled plink is used on Windows) + + - rfbNewFBSize VNC support on Unix (screen resizing) + + - cursor alphablending with x11vnc at 32bpp (-alpha option, Unix only) + + - xgrabserver support for fullscreen mode, for old window + managers (-grab option, Unix only). + + - Automatic Service tunnelling via SSH for CUPS and SMB Printing, + ESD/ARTSD Audio, and SMB (Windows/Samba) filesystem mounting. + + - Port Knocking for "closed port" SSH/SSL connections. In addition + to a simple fixed port sequence and one-time-pad implementation, + a hook is also provided to run any port knocking client before a + connecting. + + +Your package should have included binaries for many OS's: Linux, Solaris, +FreeBSD, etc. See the subdirectories of + + ./bin + +for the ones that were shipped in this package, e.g. ./bin/Linux.i686 +Run "uname -sm" to see your OS+arch combination. (See the +./bin/tightvncviewer -h output for how to override platform autodection +via the UNAME env. var). + + +If you need to Build: +-------------------- + +If your OS/arch is not included, the script "build.unix" may be able to +successfully build on for you and deposit the binaries down in ./bin/... +using the included source code. + +You must run the build.unix script from this directory (that this toplevel +README is in) and like this: + + ./build.unix + + +The programs: +------------ + +The wrapper scripts: + + ./bin/ssl_tightvncviewer + ./bin/tightvncviewer + +are the main programs you will run and will try to autodetect your OS+arch +combination and if binaries are present for it automatically use them. +(if not found try the running the build.unix script). + +If you prefer a GUI to prompt for parameters and then start ssl_tightvncviewer +you can run this instead: + + ./bin/ssl_vnc_gui + +this is essentially the same GUI that is run on Windows (the +ssl_tightvncviewer.exe). + +Using the GUI is it impossible to initiate a VNC connection that is not +encrypted with either SSL or SSH. Unencrypted VNC connections can only +be started by manually running the ./bin/tightvncviewer script. + +For convenience, you can make symlinks from a directory in your PATH to +any of the 3 programs above you wish to run. That is all you usually +need to do for it to pick up all of the binaries, utils, etc. E.g. +assuming $HOME/bin is in your $PATH: + + cd $HOME/bin + ln -s /path/to/enhanced_tightvnc_viewer/bin/{s,t}* . + +(note the "." at the end). The above commands is basically the way to +"install" this package on Unix. + + +On Windows run: + + Windows/ssl_tightvncviewer.exe + + +Examples: +-------- + +Use enhanced TightVNC unix viewer to connect to x11vnc via SSL: + + ./bin/ssl_tightvncviewer far-away.east:0 + + ./bin/tightvncviewer -ssl far-away.east:0 (same) + + ./bin/ssl_vnc_gui (start GUI launcher) + +Use enhanced TightVNC unix viewer without SSL: + + ./bin/tightvncviewer far-away.east:0 + +Use SSL to connect to a x11vnc server, and also verify the server's +identity using the SSL Certificate in the file ./x11vnc.pem: + + ./bin/ssl_tightvncviewer -alpha -verify ./x11vnc.pem far-away.east:0 + +(also turns on the viewer-side cursor alphablending hack). + + +Brief description of the subdirectories: +--------------------------------------- + + ./bin/util some utility scripts, e.g. ssl_vncviewer + and ssl_tightvncviewer.tcl + + ./src source code and patches. + ./src/zips zip files of source code and binaries. + + ./src/vnc_unixsrc unpacked tightvnc source code tree. + ./src/stunnel-4.14 unpacked stunnel source code tree. + ./src/patches patches to TightVNC viewer for the new + features on Unix (used by build.unix). + ./src/tmp temporary build dir for build.unix + (the last four are used by build.unix) + + + ./man man pages for TightVNC viewer and stunnel. + + ./Windows Stock TightVNC viewer and Stunnel, Openssl + etc Windows binaries. ssl_tightvncviewer.exe + is the program to run. + +Since they are large, depending on which package you use not all of the +above may be present in your package. + + +Help and Info: +------------- + +For more help on other options and usage patterns run these: + + ./bin/ssl_tightvncviewer -h + ./bin/tightvncviewer -h + ./bin/util/ssl_vncviewer -h + +See also: + + http://www.karlrunge.com/x11vnc + http://www.karlrunge.com/x11vnc/#faq + x11vnc -h | more + + http://www.stunnel.org + http://www.openssl.org + http://www.tightvnc.com + http://www.realvnc.com + http://www.chiark.greenend.org.uk/~sgtatham/putty/ + + +Windows: +------- + + A wrapper to create a STUNNEL tunnel and then launch the + Windows TightVNC viewer is provided in: + + Windows/ssl_tightvncviewer.exe + + Just launch it and fill in the remote VNC display. + + Click the Help buttons for more info. There is also a + Windows/README.txt file. + + On Windows you may need to terminate the STUNNEL process + from the System Tray if the tool cannot terminate it + by itself. Just right-click on the STUNNEL icon. diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/README.txt b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/README.txt new file mode 100644 index 0000000..8710251 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/README.txt @@ -0,0 +1,51 @@ +
+This is a Windows utility to automatically start up STUNNEL to redirect
+SSL VNC connections to a remote host. Then TightVNC Viewer (included)
+is launched to used this SSL tunnel.
+
+An example server would be "x11vnc -ssl", or any VNC server with a
+2nd STUNNEL program running on the server side.
+
+Just click on the program "ssl_tightvncviewer.exe", and then enter
+the remote VNC Server and click "Connect". Click on "Help" for more
+information. You can also set some simple options under "Options ..."
+
+Note that on Windows when the TightVNC viewer disconnects you may need to
+terminate the STUNNEL program manually. To do this: Click on the STUNNEL
+icon (dark green) on the System Tray and then click "Exit". Before that,
+however, you will be prompted if you want ssl_tightvncviewer.exe to try
+to terminate STUNNEL for you. (Note that even if STUNNEL termination is
+successful, the Tray Icon may not go away until the mouse hovers over it!)
+
+With this STUNNEL and TightVNC Viewer wrapper you can also enable using
+SSL Certificates with STUNNEL, and so the connection is not only encrypted
+but it is also not susceptible to man-in-the-middle attacks.
+
+See the STUNNEL and x11vnc documentation for how to create and add SSL
+Certificates (PEM files) for authentication. Click on the "Certs ..."
+button to specify the certificate(s). See the Help there for more info
+and also:
+
+ http://www.karlrunge.com/x11vnc
+ http://www.tightvnc.com
+ http://www.stunnel.org
+ http://www.openssl.org
+ http://www.chiark.greenend.org.uk/~sgtatham/putty/
+
+You can use x11vnc to create certificates if you like:
+
+ http://www.karlrunge.com/x11vnc/#faq-ssl-ca
+
+
+Misc:
+
+ The openssl.exe stunnel.exe vncviewer.exe libeay32.dll
+ libssl32.dll programs came from the websites mentioned above.
+
+ IMPORTANT: some of these binaries may have cryptographic
+ software that you may not be allowed to download or use.
+ See the above websites for more information and also the
+ util/info subdirectories.
+
+ Also, the kill.exe and tlist.exe programs in the w98 directory
+ came from diagnostic tools ftp site of Microsoft's.
diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/esound/download.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/esound/download.url new file mode 100644 index 0000000..59f1f6b --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/esound/download.url @@ -0,0 +1 @@ +http://www.tux.org/~ricdude/EsounD.html diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/openssl/download.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/openssl/download.url new file mode 100644 index 0000000..237d4b1 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/openssl/download.url @@ -0,0 +1 @@ +http://www.stunnel.org/download/stunnel/win32/ diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/openssl/location.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/openssl/location.url new file mode 100644 index 0000000..c700866 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/openssl/location.url @@ -0,0 +1 @@ +http://www.stunnel.org/download/binaries.html diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/plink/download.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/plink/download.url new file mode 100644 index 0000000..a23901e --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/plink/download.url @@ -0,0 +1 @@ +http://www.chiark.greenend.org.uk/%7esgtatham/putty/download.html diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/plink/licence.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/plink/licence.url new file mode 100644 index 0000000..2efcc31 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/plink/licence.url @@ -0,0 +1 @@ +http://www.chiark.greenend.org.uk/%7esgtatham/putty/licence.html diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/stunnel/download.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/stunnel/download.url new file mode 100644 index 0000000..237d4b1 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/stunnel/download.url @@ -0,0 +1 @@ +http://www.stunnel.org/download/stunnel/win32/ diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/stunnel/location.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/stunnel/location.url new file mode 100644 index 0000000..c700866 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/stunnel/location.url @@ -0,0 +1 @@ +http://www.stunnel.org/download/binaries.html diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/vncviewer/download.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/vncviewer/download.url new file mode 100644 index 0000000..36c60e4 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/vncviewer/download.url @@ -0,0 +1 @@ +http://www.tightvnc.com/download.html diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/vncviewer/location.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/vncviewer/location.url new file mode 100644 index 0000000..a686ae0 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/info/vncviewer/location.url @@ -0,0 +1 @@ +http://www.tightvnc.com diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/stunnel-client.conf b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/stunnel-client.conf new file mode 100644 index 0000000..7517e23 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/stunnel-client.conf @@ -0,0 +1,43 @@ +# +# Example SSL stunnel CLIENT configuration file. (you run stunnel on +# this machine and point your vnc viewer to it, it goes to remote VNC +# server via SSL) +# +# To use this file you will need to edit it. Then you will need +# to manually start up stunnel using it. +# (e.g. /path/to/stunnel stunnel-server.conf) +# +# This is just an example and is not used by the tools in this package. +# It is here to show how to create outgoing SSL connections to remote +# VNC servers when not using the tools in this package. +# +client = yes +options = ALL +RNDbytes = 2048 +RNDfile = bananarand.bin +RNDoverwrite = yes +# +# Remote server certs could go here: +# CApath = /path/to/.../crt-dir +# CAfile = /path/to/.../foo.crt +# verify = 2 +# My cert could go here: +# cert = /path/to/.../my.pem +# +[vnc] +# +# Set to local listening port number (e.g. 5900 for vnc display 0): +# +accept = localhost:5900 +# +# Set to remote host:port to connect to (e.g. far-away.east:5900): +# (this is where the VNC server is. :0 -> port 5900, etc) +# +connect = HOST:PORT +delay = no +# +# You could add additional ones going to other VNC servers: +# [vnc2] +# accept = localhost:5901 +# connect = HOST2:PORT2 +# etc ... diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/stunnel-server.conf b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/stunnel-server.conf new file mode 100644 index 0000000..8e5dd50 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/stunnel-server.conf @@ -0,0 +1,34 @@ +# +# Example SSL stunnel SERVER configuration file. (e.g. for your VNC +# server on this same machine.) +# +# To use this file you may need to edit it. Then you will need +# to manually start up stunnel using it. +# (e.g. /path/to/stunnel stunnel-server.conf) +# +# This is just an example and is not used by the tools in this package. +# It is here in case you wanted to see how to add SSL support to any +# VNC server you have. +# +RNDbytes = 2048 +RNDfile = bananarand.bin +RNDoverwrite = yes +# +# Remote client certs could go here: +# CApath = /path/to/.../crt-dir +# CAfile = /path/to/.../foo.crt +# verify = 2 +# My server cert could go here: +# cert = /path/to/.../my.pem +# +[vnc] +# +# Set to local listening port number (e.g. 5901 for vnc display 1): +# so the remote viewers would connect to: yourmachine:1 +# +accept = 5901 +# +# Set to localhost:port to connect to VNC server on this same machine: +# (E.g. you run WinVNC on :0, preferably listening on localhost). +# +connect = localhost:5900 diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/w98/location.url b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/w98/location.url new file mode 100644 index 0000000..eb94b91 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/Windows/util/w98/location.url @@ -0,0 +1 @@ +ftp://ftp.microsoft.com/Services/TechNet/samples/PS/Win98/Reskit/DIAGNOSE/ diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssl_tightvncviewer b/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssl_tightvncviewer new file mode 100755 index 0000000..8472853 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssl_tightvncviewer @@ -0,0 +1,124 @@ +#!/bin/sh +# +# Copyright (c) 2006 by Karl J. Runge <runge@karlrunge.com> +# +# ssl_tightvncviewer: +# +# A wrapper that calls ssl_vncviewer to use the enhanced TightVNC viewer. +# +# The enhanced TightVNC viewer features are: +# +# - SSL support for connections using the co-bundled stunnel program. +# - rfbNewFBSize VNC support (screen resizing) +# - cursor alphablending with x11vnc at 32bpp +# - xgrabserver support for fullscreen mode (for old window mgrs) +# +# +# Your platform (e.g. Linux.i686) is autodetected and enhanced +# vncviewer and stunnel binaries for it are used (see the ./bin directory). +# +# See the build.unix script if your platform is not in this package. +# You can also set the env. var. UNAME=os.arch to any "os.arch" you want +# to override the autodetetion. +# +# Usage: +# +# ssl_tightvncviewer [ssl_vncviewer-args] hostname:N [tightvncviewer-args] +# +# "hostname:N" is the host and VNC display to connect to, e.g. snoopy:0 +# +# See the script util/ssl_vncviewer for details about its arguments: +# +# -verify pemfile +# -mycert pemfile +# -proxy phost:pport +# -alpha +# -grab +# +# +# See the TightVNC viewer documentation for on its cmdline arguments. +# +# For convenience, here is the current (7/2006) TightVNC viewer -help output: +# +# TightVNC viewer version 1.3dev5 +# +# Usage: vncviewer [<OPTIONS>] [<HOST>][:<DISPLAY#>] +# vncviewer [<OPTIONS>] [<HOST>][::<PORT#>] +# vncviewer [<OPTIONS>] -listen [<DISPLAY#>] +# vncviewer -help +# +# <OPTIONS> are standard Xt options, or: +# -via <GATEWAY> +# -shared (set by default) +# -noshared +# -viewonly +# -fullscreen +# -noraiseonbeep +# -passwd <PASSWD-FILENAME> (standard VNC authentication) +# -user <USERNAME> (Unix login authentication) +# -encodings <ENCODING-LIST> (e.g. "tight copyrect") +# -bgr233 +# -owncmap +# -truecolour +# -depth <DEPTH> +# -compresslevel <COMPRESS-VALUE> (0..9: 0-fast, 9-best) +# -quality <JPEG-QUALITY-VALUE> (0..9: 0-low, 9-high) +# -nojpeg +# -nocursorshape +# -x11cursor +# -autopass +# +# Option names may be abbreviated, e.g. -bgr instead of -bgr233. +# See the manual page for more information. +# + +if [ "X$1" = "X-h" -o "X$1" = "X-help" -o "X$1" = "X--help" ]; then + head -70 "$0" | grep -v bin/sh + exit +fi + +# Include /usr/bin... to be sure to get regular utilities: +# +PATH=$PATH:/usr/bin:/bin +export PATH + +# Set this for ssl_vncviewer to pick up: +# +VNCVIEWERCMD="vncviewer" +export VNCVIEWERCMD + +# work out os.arch platform string and check for binaries: +# +name=$UNAME +if [ "X$name" = "X" ]; then + name=`uname -sm | sed -e 's/ /./'` +fi + +if [ -L "$0" ]; then + d=`dirname "\`ls -l "$0" | sed -e 's/^.* -> //'\`"` + if echo "$d" | grep '^/' > /dev/null; then + dir="$d" + else + dir="`dirname "$0"`/$d" + fi +else + dir=`dirname "$0"` +fi +if [ ! -d "$dir/$name" ]; then + echo "cannot find platform dir: $dir/$name for your OS:" + uname -sm + echo "you can set the \$UNAME env. var. to override the setting." + exit 1 +fi + +# Put our os.arch and other utils dirs at head of PATH to be sure to +# pick them up: +# +PATH="$dir:$dir/$name:$dir/util:$PATH" + +STUNNEL_EXTRA_OPTS=${STUNNEL_EXTRA_OPTS:-"maxconn = 1"} +export STUNNEL_EXTRA_OPTS + +# Force the use of tight encoding for localhost redir connection: +# +ssl_vncviewer "$@" -encodings 'copyrect tight zrle zlib hextile' diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssl_vnc_gui b/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssl_vnc_gui new file mode 100755 index 0000000..abdb2d3 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/bin/ssl_vnc_gui @@ -0,0 +1,64 @@ +#!/bin/sh +# +# Copyright (c) 2006 by Karl J. Runge <runge@karlrunge.com> +# +# ssl_vnc_gui: +# +# A wrapper for ssl_tightvncviewer using a tcl/tk gui. +# +# See ssl_tightvncviewer for details. +# +if [ "X$XTERM_PRINT" != "X" ]; then + XTERM_PRINT="" + cat > /dev/null +fi +if [ "X$1" = "X-bg" ]; then + shift + $0 "$@" & + exit 0 +fi + +PATH=$PATH:/usr/bin:/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/openwin/bin +export PATH + +SSL_VNC_GUI_CMD="$0 $*" +export SSL_VNC_GUI_CMD +SSL_VNC_LAUNCH=$SSL_VNC_GUI_CMD +export SSL_VNC_LAUNCH + +# work out os.arch platform string and check for binaries: +# +name=$UNAME +if [ "X$name" = "X" ]; then + name=`uname -sm | sed -e 's/ /./'` +fi + +if [ -L "$0" ]; then + d=`dirname "\`ls -l "$0" | sed -e 's/^.* -> //'\`"` + if echo "$d" | grep '^/' > /dev/null; then + dir="$d" + else + dir="`dirname "$0"`/$d" + fi +else + dir=`dirname "$0"` +fi +if [ ! -d "$dir/$name" ]; then + echo "cannot find platform dir: $dir/$name for your OS:" + uname -sm + echo "you can set the \$UNAME env. var. to override the setting." + exit 1 +fi + +# Put our os.arch and other utils dirs at head of PATH to be sure to +# pick them up: +# +PATH="$dir:$dir/$name:$dir/util:$PATH" + +SSL_VNC_BASEDIR="$dir" +export SSL_VNC_BASEDIR + +STUNNEL_EXTRA_OPTS=${STUNNEL_EXTRA_OPTS:-"maxconn = 1"} +export STUNNEL_EXTRA_OPTS + +exec ssl_tightvncviewer.tcl "$@" diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/bin/tightvncviewer b/x11vnc/misc/enhanced_tightvnc_viewer/bin/tightvncviewer new file mode 100755 index 0000000..8ba6d56 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/bin/tightvncviewer @@ -0,0 +1,129 @@ +#!/bin/sh +# +# Copyright (c) 2006 by Karl J. Runge <runge@karlrunge.com> +# +# tightvncviewer: +# +# A wrapper that calls the enhanced TightVNC viewer. +# +# The enhanced TightVNC viewer features are: +# +# - SSL support for connections using the co-bundled stunnel program. +# - rfbNewFBSize VNC support (screen resizing) +# - cursor alphablending with x11vnc at 32bpp +# - xgrabserver support for fullscreen mode (for old window mgrs) +# +# +# Your platform (e.g. Linux.i686) is autodetected and enhanced +# vncviewer and stunnel binaries for it are used (see the ./bin directory). +# +# See the build.unix script if your platform is not in this package if +# you want to build one. +# +# See the build.unix script if your platform is not in this package if you want to build one. +# You can also set the env. var. UNAME=os.arch to any "os.arch" you want +# to override the autodetetion. +# +# Usage: +# +# tightvncviewer [tightvncviewer-args] hostname:N +# or +# tightvncviewer -ssl hostname:N [tightvncviewer-args] +# +# "hostname:N" is the host and VNC display to connect to, e.g. snoopy:0 +# +# If the first argument is "-ssl" then ssl_tightvncviewer is called +# instead. See that script for details. +# +# See the TightVNC viewer documentation for on its cmdline arguments. +# +# For convenience, here is the current (7/2006) TightVNC viewer -help output: +# +# TightVNC viewer version 1.3dev5 +# +# Usage: vncviewer [<OPTIONS>] [<HOST>][:<DISPLAY#>] +# vncviewer [<OPTIONS>] [<HOST>][::<PORT#>] +# vncviewer [<OPTIONS>] -listen [<DISPLAY#>] +# vncviewer -help +# +# <OPTIONS> are standard Xt options, or: +# -via <GATEWAY> +# -shared (set by default) +# -noshared +# -viewonly +# -fullscreen +# -noraiseonbeep +# -passwd <PASSWD-FILENAME> (standard VNC authentication) +# -user <USERNAME> (Unix login authentication) +# -encodings <ENCODING-LIST> (e.g. "tight copyrect") +# -bgr233 +# -owncmap +# -truecolour +# -depth <DEPTH> +# -compresslevel <COMPRESS-VALUE> (0..9: 0-fast, 9-best) +# -quality <JPEG-QUALITY-VALUE> (0..9: 0-low, 9-high) +# -nojpeg +# -nocursorshape +# -x11cursor +# -autopass +# +# Option names may be abbreviated, e.g. -bgr instead of -bgr233. +# See the manual page for more information. +# + +if [ "X$1" = "X-h" -o "X$1" = "X-help" -o "X$1" = "X--help" ]; then + head -69 "$0" | grep -v bin/sh + exit +fi + +# Include /usr/bin... to be sure to get regular utilities: +# +PATH=$PATH:/usr/bin:/bin +export PATH + +# Set this for ssl_vncviewer to pick up: +# +VNCVIEWERCMD="vncviewer" +export VNCVIEWERCMD + +# work out os.arch platform string and check for binaries: +# +name=$UNAME +if [ "X$name" = "X" ]; then + name=`uname -sm | sed -e 's/ /./'` +fi + +if [ -L "$0" ]; then + d=`dirname "\`ls -l "$0" | sed -e 's/^.* -> //'\`"` + if echo "$d" | grep '^/' > /dev/null; then + dir="$d" + else + dir="`dirname "$0"`/$d" + fi +else + dir=`dirname "$0"` +fi +if [ ! -d "$dir/$name" ]; then + echo "cannot find platform dir: $dir/$name for your OS:" + uname -sm + echo "you can set the \$UNAME env. var. to override the setting." + exit 1 +fi + +# Put our os.arch and other utils dirs at head of PATH to be sure to +# pick them up: +# +PATH="$dir:$dir/$name:$dir/util:$PATH" + +if [ "X$1" = "X-ssl" ]; then + shift + ssl_tightvncviewer "$@" + exit $? +fi + +STUNNEL_EXTRA_OPTS=${STUNNEL_EXTRA_OPTS:-"maxconn = 1"} +export STUNNEL_EXTRA_OPTS + +# Force the use of tight encoding for localhost redir connection: +# +vncviewer -encodings 'copyrect tight zrle zlib hextile' "$@" diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ssl_tightvncviewer.tcl b/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ssl_tightvncviewer.tcl new file mode 100755 index 0000000..bd9f5c9 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ssl_tightvncviewer.tcl @@ -0,0 +1,5031 @@ +#!/bin/sh +# the next line restarts using wish \ +exec wish "$0" "$@" + +# +# Copyright (c) 2006 by Karl J. Runge <runge@karlrunge.com> +# +# ssl_tightvncviewer.tcl: gui wrapper to the , etc. programs in this +# ssl_tightvncviewerpackage. Also sets up service port forwarding. +# + +set buck_zero $argv0 + +proc center_win {w} { + set W [winfo screenwidth $w] + set W [expr $W + 1] + wm geometry $w +$W+0 + update + set x [expr [winfo screenwidth $w]/2 - [winfo width $w]/2] + set y [expr [winfo screenheight $w]/2 - [winfo height $w]/2] + wm geometry $w +$x+$y + update +} + +proc apply_bg {w} { + global is_windows system_button_face + if {$is_windows && $system_button_face != ""} { + catch {$w configure -bg "$system_button_face"} + } +} + +proc scroll_text {fr {w 80} {h 35}} { + global help_font is_windows + + catch {destroy $fr} + + frame $fr -bd 0 + + eval text $fr.t -width $w -height $h $help_font \ + -setgrid 1 -bd 2 -yscrollcommand {"$fr.y set"} -relief ridge + + apply_bg $fr.t + + scrollbar $fr.y -orient v -relief sunken -command "$fr.t yview" + pack $fr.y -side right -fill y + pack $fr.t -side top -fill both -expand 1 + + focus $fr.t +} + +proc scroll_text_dismiss {fr {w 80} {h 35}} { + global help_font + + scroll_text $fr $w $h + + set up $fr + regsub {\.[^.]*$} $up "" up + + button $up.d -text "Dismiss" -command "destroy $up" + bind $up <Escape> "destroy $up" + pack $up.d -side bottom -fill x + pack $fr -side top -fill both -expand 1 +} + +proc help {} { + catch {destroy .h} + toplevel .h + + scroll_text_dismiss .h.f + + center_win .h + wm title .h "SSL TightVNC Viewer Help" + + set msg { + Enter the VNC host and display in the 'VNC Server' entry box. + + It is of the form "host:number", where "host" is the hostname of the + machine running the VNC Server and "number" is the VNC display number; + it is often "0". Examples: + + snoopy:0 + far-away.east:0 + sunray-srv1.west:17 + 24.67.132.27:0 + + Then click on "Connect". When you do so the STUNNEL program will be + started locally to provide you with an outgoing SSL tunnel. + + Once the STUNNEL is running, the TightVNC Viewer will be automatically + started directed to the local SSL tunnel which, in turn, encrypts and + redirects the connection to the remote VNC server. + + The remote VNC server must support an initial SSL handshake before + using the VNC protocol (i.e. VNC is tunnelled through the SSL channel + after it is established). "x11vnc -ssl ..." does this, and any VNC + server can be made to do this by using, e.g., STUNNEL on the remote side. + + Click on "Options ..." if you want to use an *SSH* tunnel instead of + SSL (then the VNC Server does not need to speak SSL or use STUNNEL). + + + Note that on Windows when the Viewer connection is finished you may + need to terminate STUNNEL manually from the System Tray (right click + on dark green icon) and selecting "Exit". + + + Proxies: If an intermediate proxy is needed to make the SSL connection + (e.g. web gateway out of a firewall), supply both hosts separated + by spaces (with the proxy 2nd): + + host:number gwhost:port + + E.g.: far-way.east:0 mygateway.com:8080 + + See the ssl_vncviewer description and x11vnc FAQ for info on proxies: + + http://www.karlrunge.com/x11vnc/#ssl_vncviewer + http://www.karlrunge.com/x11vnc/#faq-ssl-java-viewer-proxy + + + If you want to use a SSL Certificate (PEM) file to authenticate yourself + to the VNC server ("MyCert") or to verify the identity of the VNC Server + ("ServerCert" or "CertsDir") import the certificate file by clicking + the "Certs ..." button before connecting. + + Certificate verification is needed to prevent Man In the Middle attacks. + See the x11vnc documentation: + + http://www.karlrunge.com/x11vnc/ssl.html + + for how to create and use PEM SSL certificate files. An easy way is: + + x11vnc -ssl SAVE ... + + where it will print out its automatically generated certificate to + the screen and that can be safely copied to the viewer side. + + + To set other Options, e.g. to use SSH instead of STUNNEL SSL, + click on the "Options ..." button and read the Help there. + + See these links for more information: + + http://www.karlrunge.com/x11vnc/#faq-ssl-tunnel-ext + http://www.stunnel.org + http://www.tightvnc.com + + + Tips: + + 1) On Unix to get a 2nd GUI (e.g. for a 2nd connection) press Ctrl-N + on the GUI. If only the xterm window is visible you can press + Ctrl-N or try Ctrl-LeftButton -> New SSL_VNC_GUI. On Windows you + will have to manually Start a new one: Start -> Run ..., etc. + + 2) If you use "user@hostname cmd=SHELL" then you get an SSH shell only: + no VNC viewer will be launched. On Windows "user@hostname cmd=PUTTY" + will try to use putty.exe (better terminal emulation than plink.exe) + A shortcut for this is Ctrl-S. +} + + .h.f.t insert end $msg + #raise .h +} + +proc help_certs {} { + catch {destroy .ch} + toplevel .ch + + scroll_text_dismiss .ch.f 90 33 + + center_win .ch + wm resizable .ch 1 0 + + wm title .ch "SSL Certificates Help" + + set msg { + Only with SSL Certificate verification can Man In the Middle attacks be + prevented. Otherwise, only passive snooping attacks are prevented with SSL. + + You can specify your own SSL certificate (PEM) file in "MyCert" in which case it + is used to authenticate you (the viewer) to the remote VNC Server. If this fails + the remote VNC Server will drop the connection. + + Server certs can be specified in one of two ways: + + - A single certificate (PEM) file for a single server + or a single Certificate Authority (CA) + + - A directory of certificate (PEM) files stored in + the special OpenSSL hash fashion. + + + The former is set via "ServerCert" in this gui. + The latter is set via "CertsDir" in this gui. + + The former corresponds to the "CAfile" STUNNEL parameter. + The latter corresponds to the "CApath" STUNNEL parameter. + See stunnel(8) or www.stunnel.org for more information. + + If the remote VNC Server fails to authenticate itself with respect to the specified + certificate(s), then the VNC Viewer (your side) will drop the connection. + + If "Use SSH instead" has been selected then SSL certs are disabled. + + See the x11vnc and STUNNEL documentation for how to create and use PEM + certificate files: + + http://www.karlrunge.com/x11vnc/#faq-ssl-tunnel-ext + http://www.karlrunge.com/x11vnc/ssl.html + http://www.stunnel.org +} + + .ch.f.t insert end $msg + #raise .ch +} + +proc help_opts {} { + catch {destroy .oh} + toplevel .oh + + scroll_text_dismiss .oh.f + + center_win .oh + + wm title .oh "SSL Viewer Options Help" + +set msg { + Use SSH: Instead of using STUNNEL SSL, use ssh(1) for the encrypted + tunnel. You must be able to log in via ssh to the remote host. + + On Unix the cmdline ssh(1) program will be run in an xterm + for authentication, etc. On Windows the cmdline plink.exe + program will be launched in a Windows Console window. + + You can set the "VNC Server" to "user@host:disp" to indicate + ssh should log in as "user" on "host". On Windows you must + always supply the "user@" part (due to a plink deficiency). E.g.: + + fred@far-away.east:0 + + If a gateway machine must be used (e.g. to enter a firewall; + the VNC Server is not running on it), put something like this + in the "VNC Server" entry box: + + workstation:0 user@gateway-host:port + + ssh is used to login to user@gateway-host and then a -L port + redirection is set up to go to workstation:0 from gateway-host. + ":port" is optional, use it if the gateway-host SSH port is + not the default value 22. + + At the very end of the entry box, you can also append a + cmd=... string to indicate that command should be run via ssh + on the remote machine instead of the default "sleep 15". E.g.: + + user@host:0 cmd=x11vnc -nopw -display :0 + + (if a gateway is also needed, put it just before the cmd=...) + + Trick: If you use "cmd=SHELL" then you get an SSH shell only: + no VNC viewer will be launched. On Windows "cmd=PUTTY" will + try to use putty.exe (better terminal emulation than plink.exe) + Ctrl-S is a shortcut for this. + + Use SSH and SSL: Tunnel the SSL connection through a SSH tunnel. Use this + if you want end-to-end SSL and must use a SSH gateway (e.g. to + enter a firewall) or if additional SSH port redirs are required + (CUPS, Sound, SMB tunnelling: See Advanced options). + + + Putty PW: On Windows only: use the supplied password for plink SSH logins. + Unlike the other options the value is not saved when 'Save + Profile' is used. This feature useful when options under + "Advanced" are set that require 2 SSH's: you just have + to type the password once in this entry box. The bundled + pagent.exe and puttygen.exe programs can also be used to avoid + repeatedly entering passwords (note this requires setting up + and distributing SSH keys). Start up pagent.exe or puttygen.exe + and read the instructions there. + + ssh-agent: On Unix only: restart the GUI in the presence of ssh-agent(1) + (e.g. in case you forgot to start your agent before starting + this GUI). An xterm will be used to enter passphrases, etc. + This can avoid repeatedly entering passphrases for the + SSH logins (note this requires setting up and distributing + SSH keys). + + + View Only: Have VNC Viewer ignore mouse and keyboard input. + + Fullscreen: Start the VNC Viewer in fullscreen mode. + + Raise On Beep: Deiconify viewer when bell rings. + + Use 8bit color: Request a very low-color pixel format. + + Cursor Alphablending: Use the x11vnc alpha hack for translucent cursors + (requires Unix, 32bpp and same endianness) + + Use XGrabServer: On Unix only, use the XGrabServer workaround for + old window managers. + + Do not use JPEG: Do not use the jpeg aspect of the tight encoding. + + Compress Level/Quality: Set TightVNC encoding parameters. + + + Save and Load: You can Save the current settings by clicking on Save + Profile (.vnc file) and you can also read in a saved one + with Load Profile. + + Clear Options: Set all options to their defaults (i.e. unset). + + Advanced: Bring up the Advanced options dialog. +} + .oh.f.t insert end $msg + #raise .oh +} + +proc win_nokill_msg {} { + global help_font is_windows system_button_face + catch {destroy .w} + toplevel .w + + eval text .w.t -width 60 -height 11 $help_font + button .w.d -text "Dismiss" -command {destroy .w} + pack .w.t .w.d -side top -fill x + + apply_bg .w.t + + center_win .w + wm resizable .w 1 0 + + wm title .w "SSL Viewer: Warning" + + set msg { + The TightVNC Viewer has exited. + + You will need to terminate STUNNEL manually. + + To do this go to the System Tray and right-click on the STUNNEL + icon (dark green). Then click "Exit". + + You can also double click on the STUNNEL icon to view the log + for error messages and other information. +} + .w.t insert end $msg + #raise .w +} + +proc win_kill_msg {pids} { + global terminate_pids + global help_font + catch {destroy .w} + toplevel .w + + eval text .w.t -width 72 -height 19 $help_font + button .w.d -text "Dismiss" -command {destroy .w; set terminate_pids no} + button .w.k -text "Terminate STUNNEL" -command {destroy .w; set terminate_pids yes} + pack .w.t .w.k .w.d -side top -fill x + + apply_bg .w.t + + center_win .w + wm resizable .w 1 0 + + wm title .w "SSL Viewer: Warning" + + set msg { + The TightVNC Viewer has exited. + + We can terminate the following still running STUNNEL process(es): + +} + append msg " $pids\n" + + append msg { + Click on the "Terminate STUNNEL" button below to do so. + + Before terminating STUNNEL you can double click on the STUNNEL + Tray icon to view its log for error messages and other information. + + Note: You may STILL need to terminate STUNNEL manually if we are + unable to kill it. To do this go to the System Tray and right-click + on the STUNNEL icon (dark green). Then click "Exit". You will + probably also need to hover the mouse over the STUNNEL Tray Icon to + make the Tray notice STUNNEL is gone... +} + .w.t insert end $msg + #raise .w +} + +proc win9x_plink_msg {file} { + catch {destroy .pl} + global help_font win9x_plink_msg_done + toplevel .pl + + eval text .pl.t -width 90 -height 26 $help_font + button .pl.d -text "OK" -command {destroy .pl; set win9x_plink_msg_done 1} + wm protocol .pl WM_DELETE_WINDOW {catch {destroy .pl}; set win9x_plink_msg_done 1} + pack .pl.t .pl.d -side top -fill x + + apply_bg .pl.t + + center_win .pl + wm resizable .pl 1 0 + + wm title .pl "SSL Viewer: Win9x Warning" + + set msg { + Due to limitations on Window 9x you will have to manually start up + a COMMAND.COM terminal and paste in the following command: + +} + set pwd [pwd] + regsub -all {/} $pwd "\\" pwd + append msg " $pwd\\$file\n" + + append msg { + The reason for this is a poor Console application implementation that + affects many text based applications. + + To start up a COMMAND.COM terminal, click on the Start -> Run, and then + type COMMAND in the entry box and hit Return or click OK. + + To select the above command, highlight it with the mouse and then press + Ctrl-C. Then go over the the COMMAND.COM window and click on the + Clipboard paste button. Once pasted in, press Return to run the script. + + This will start up a PLINK.EXE ssh login to the remote computer, + and after you log in successfully and indicate (QUICKLY!!) that the + connection is OK by clicking OK in this dialog. If the SSH connection + cannot be autodetected you will ALSO need to click "Success" in the + "plink ssh status?" dialog, the VNC Viewer will be started going + through the SSH tunnel. +} + .pl.t insert end $msg + wm deiconify .pl +} + +proc mesg {str} { + set maxx 53 + if {[string length $str] > $maxx} { + set str [string range $str 0 $maxx] + append str " ..." + } + .l configure -text $str + update +} + +proc get_ssh_hp {str} { + set str [string trim $str] + regsub {[ ].*$} $str "" str + return $str +} + +proc get_ssh_cmd {str} { + set str [string trim $str] + if [regexp {cmd=(.*$)} $str m cmd] { + set cmd [string trim $cmd] + regsub -nocase {^%x11vncr$} $cmd "x11vnc -nopw -display none -rawfb rand" cmd + regsub -nocase {^%x11vnc$} $cmd "x11vnc -nopw -display none -rawfb null" cmd + return $cmd + } else { + return "" + } +} + +proc get_ssh_proxy {str} { + set str [string trim $str] + regsub {cmd=(.*$)} $str "" str + set str [string trim $str] + if { ![regexp {[ ]} $str]} { + return "" + } + regsub {^.*[ ][ ]*} $str "" str + return $str +} + +proc set_defaults {} { + global mycert svcert crtdir + global use_alpha use_grab use_ssh use_sshssl use_viewonly use_fullscreen use_bgr233 + global use_nojpeg use_raise_on_beep use_compresslevel use_quality + global compresslevel_text quality_text + global use_cups use_sound use_smbmnt + global cups_local_server cups_remote_port cups_manage_rcfile + global cups_local_smb_server cups_remote_smb_port + global change_vncviewer change_vncviewer_path vncviewer_realvnc4 + global additional_port_redirs additional_port_redirs_list + global sound_daemon_remote_cmd sound_daemon_remote_port sound_daemon_kill sound_daemon_restart + global sound_daemon_local_cmd sound_daemon_local_port sound_daemon_local_kill sound_daemon_local_start + global smb_su_mode smb_mount_list + global use_port_knocking port_knocking_list + + set use_ssh 0 + set use_sshssl 0 + putty_pw_entry check + + set use_viewonly 0 + set use_fullscreen 0 + set use_raise_on_beep 0 + set use_bgr233 0 + set use_alpha 0 + set use_grab 0 + set use_nojpeg 0 + set use_compresslevel "default" + set use_quality "default" + set compresslevel_text "Compress Level: $use_compresslevel" + set quality_text "Quality: $use_quality" + + set mycert "" + set svcert "" + set crtdir "" + + set use_cups 0 + set use_sound 0 + set use_smbmnt 0 + + set change_vncviewer 0 + set change_vncviewer_path "" + set cups_manage_rcfile 0 + set vncviewer_realvnc4 0 + + set additional_port_redirs 0 + set additional_port_redirs_list "" + + set cups_local_server "" + set cups_remote_port "" + set cups_local_smb_server "" + set cups_remote_smb_port "" + + set smb_su_mode "su" + set smb_mount_list "" + + set sound_daemon_remote_cmd "" + set sound_daemon_remote_port "" + set sound_daemon_kill 0 + set sound_daemon_restart 0 + + set sound_daemon_local_cmd "" + set sound_daemon_local_port "" + set sound_daemon_local_start 0 + set sound_daemon_local_kill 0 + + set use_port_knocking 0 + set port_knocking_list "" +} + +proc do_viewer_windows {n} { + global use_alpha use_grab use_ssh use_sshssl use_viewonly use_fullscreen use_bgr233 + global use_nojpeg use_raise_on_beep use_compresslevel use_quality + global change_vncviewer change_vncviewer_path vncviewer_realvnc4 + + set cmd "vncviewer" + if {$change_vncviewer && $change_vncviewer_path != ""} { + set cmd [string trim $change_vncviewer_path] + regsub -all {\\} $cmd {/} cmd + if {[regexp {[ \t]} $cmd]} { + if {[regexp -nocase {\.exe$} $cmd]} { + if {! [regexp {["']} $cmd]} { #" + # hmmm, not following instructions, are they? + set cmd "\"$cmd\"" + } + } + } + } + if {$use_viewonly} { + if {$vncviewer_realvnc4} { + append cmd " viewonly=1" + } else { + append cmd " /viewonly" + } + } + if {$use_fullscreen} { + if {$vncviewer_realvnc4} { + append cmd " fullscreen=1" + } else { + append cmd " /fullscreen" + } + } + if {$use_bgr233} { + if {$vncviewer_realvnc4} { + append cmd " lowcolourlevel=1" + } else { + append cmd " /8bit" + } + } + if {$use_nojpeg} { + if {! $vncviewer_realvnc4} { + append cmd " /nojpeg" + } + } + if {$use_raise_on_beep} { + if {! $vncviewer_realvnc4} { + append cmd " /belldeiconify" + } + } + if {$use_compresslevel != "" && $use_compresslevel != "default"} { + if {$vncviewer_realvnc4} { + append cmd " zliblevel=$use_compresslevel" + } else { + append cmd " /compresslevel $use_compresslevel" + } + } + if {$use_quality != "" && $use_quality != "default"} { + if {! $vncviewer_realvnc4} { + append cmd " /quality $use_quality" + } + } + append cmd " localhost:$n" + + mesg $cmd + set emess "" + set rc [catch {eval exec $cmd} emess] + if {$rc != 0} { + tk_messageBox -type ok -icon error -message $emess -title "Error: $cmd" + } +} + +proc get_netstat {} { + set ns "" + catch {set ns [exec netstat -an]} + return $ns +} + +proc get_ipconfig {} { + global is_win9x + set ip "" + if {! $is_win9x} { + catch {set ip [exec ipconfig]} + return $ip + } + + set file "ip" + append file [pid] + append file ".txt" + + catch {[exec winipcfg /Batch $file]} + + if [file exists $file] { + set fh [open $file "r"] + while {[gets $fh line] > -1} { + append ip "$line\n" + } + close $fh + catch {file delete $file} + } + return $ip +} + +proc guess_nat_ip {} { + global save_nat last_save_nat + set s "" + + if {! [info exists save_nat]} { + set save_nat "" + set last_save_nat 0 + } + if {$save_nat != ""} { + set now [clock seconds] + if {$now < $last_save_nat + 45} { + return $save_nat + } + } + set s "" + catch {set s [socket "www.whatismyip.com" 80]} + set ip "unknown" + if {$s != ""} { + fconfigure $s -buffering none + puts $s "GET / HTTP/1.1" + puts $s "Host: www.whatismyip.com" + puts $s "Connection: close" + puts $s "" + flush $s + set on 0 + while { [gets $s line] > -1 } { + if {! $on && [regexp {<HEAD>} $line]} {set on 1} + if {! $on && [regexp {<HTML>} $line]} {set on 1} + if {! $on && [regexp {<TITLE>} $line]} {set on 1} + if {! $on} { + continue; + } + if [regexp {([0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*)} $line ip] { + break + } + } + close $s + } + if {$ip != "unknown"} { + set save_nat $ip + set last_save_nat [clock seconds] + } + return $ip +} + +proc guess_ip {} { + global env is_windows + if {! $is_windows} { + set out "" + set out [get_hostname] + if {$out != ""} { + set hout "" + catch {set hout [exec host $out]} + if {$hout != ""} { + if [regexp {has address ([.0-9][.0-9]*)} $hout mvar ip] { + set ip [string trim $ip] + return $ip + } + } + } + return "" + } else { + set out [get_ipconfig] + set out [string trim $out] + if {$out == ""} { + return "" + } + foreach line [split $out "\n\r"] { + if {[regexp -nocase {IP Address.*:[ \t]*([.0-9][.0-9]*)} $line mvar ip]} { + set ip [string trim $ip] + if [regexp {^[.0]*$} $ip] { + continue + } + if [regexp {127\.0\.0\.1} $ip] { + continue + } + if {$ip != ""} { + return $ip + } + } + } + } +} + +proc windows_start_sound_daemon {file} { + global env + global use_sound sound_daemon_local_cmd sound_daemon_local_start + + regsub {\.bat} $file "snd.bat" file2 + set fh2 [open $file2 "w"] + + puts $fh2 $sound_daemon_local_cmd + puts $fh2 "del $file2" + close $fh2 + + mesg "Starting SOUND daemon..." + if [info exists env(COMSPEC)] { + exec $env(COMSPEC) /c $file2 & + } else { + exec cmd.exe /c $file2 & + } + after 1500 +} + +proc windows_stop_sound_daemon {} { + global env is_win9x + global use_sound sound_daemon_local_cmd sound_daemon_local_start + + set cmd [string trim $sound_daemon_local_cmd] + + regsub {[ \t].*$} $cmd "" cmd + regsub {^.*\\} $cmd "" cmd + regsub {^.*/} $cmd "" cmd + + if {$cmd == ""} { + return + } + + set output [get_task_list] + + foreach line [split $output "\n\r"] { + if [regexp "$cmd" $line] { + if [regexp {(-?[0-9][0-9]*)} $line m p] { + set pids($p) $line + } + } + } + + set count 0 + foreach pid [array names pids] { + mesg "Stopping SOUND pid: $pid" + if {$is_win9x} { + catch {exec w98/kill.exe /f $pid} + } else { + catch {exec tskill.exe $pid} + } + if {$count == 0} { + after 1200 + } else { + after 500 + } + incr count + } +} + +proc contag {} { + global concount + if {! [info exists concount]} { + set concount 0 + } + incr concount + set str [pid] + set str "-$str-$concount" +} + +proc launch_windows_ssh {hp file n} { + global is_win9x + global use_sshssl use_ssh putty_pw + + set hpnew [get_ssh_hp $hp] + set proxy [get_ssh_proxy $hp] + set sshcmd [get_ssh_cmd $hp] + + set vnc_host "localhost" + set vnc_disp $hpnew + regsub {^.*:} $vnc_disp "" vnc_disp + + if {![regexp {^[0-9][0-9]*$} $vnc_disp]} { + if {[regexp {cmd=SHELL} $hp]} { + ; + } elseif {[regexp {cmd=PUTTY} $hp]} { + ; + } else { + mesg "Bad vncdisp, missing :0 ?, $vnc_disp" + bell + return 0 + } + } + + if {$vnc_disp < 200} { + set vnc_port [expr $vnc_disp + 5900] + } else { + set vnc_port $vnc_disp + } + + + set ssh_port 22 + set ssh_host $hpnew + regsub {:.*$} $ssh_host "" ssh_host + + if {$proxy != ""} { + set ssh_host $proxy + regsub {:.*$} $ssh_host "" ssh_host + set ssh_port $proxy + regsub {^.*:} $ssh_port "" ssh_port + if {$ssh_port == ""} { + set ssh_port 22 + } + set vnc_host $hpnew + regsub {:.*$} $vnc_host "" vnc_host + } + + if {![regexp {^[^ ][^ ]*@} $ssh_host]} { + mesg "You must supply a username: user@host..." + bell + return 0 + } + + set verb "-v" + + set pwd "" + if {$is_win9x} { + set pwd [pwd] + regsub -all {/} $pwd "\\" pwd + } + + set use [expr $n + 5900] + + set_smb_mounts + + global use_smbmnt use_sound sound_daemon_kill + set do_pre 0 + if {$use_smbmnt} { + set do_pre 1 + } elseif {$use_sound && $sound_daemon_kill} { + set do_pre 1 + } + + global skip_pre + if {$skip_pre} { + set do_pre 0 + set skip_pre 0 + } + + set pw "" + if {$putty_pw != ""} { + if {! [regexp {"} $putty_pw]} { #" + set pw " -pw \"$putty_pw\"" + } + } + + set tag [contag] + + set file_pre "" + set file_pre_cmd "" + if {$do_pre} { + set setup_cmds [ugly_setup_scripts pre $tag] + + if {$setup_cmds != ""} { + regsub {\.bat} $file "pre.cmd" file_pre_cmd + set fh [open $file_pre_cmd "w"] + puts $fh "$setup_cmds sleep 10; " + close $fh + + regsub {\.bat} $file "pre.bat" file_pre + set fh [open $file_pre "w"] + set plink_str "plink.exe -ssh -C -P $ssh_port -m $file_pre_cmd $verb -t" + + global smb_redir_0 + if {$smb_redir_0 != ""} { + append plink_str " $smb_redir_0" + } + + append plink_str "$pw $ssh_host" + + if {$pw != ""} { + puts $fh "echo off" + } + puts $fh $plink_str + + if {$file_pre_cmd != ""} { + puts $fh "del $file_pre_cmd" + } + puts $fh "del $file_pre" + + close $fh + } + } + + if {$is_win9x} { + set sleep 35 + } else { + set sleep 20 + } + + set setup_cmds [ugly_setup_scripts post $tag] + + set do_shell 0 + if {$sshcmd == "SHELL"} { + set setup_cmds "" + set sshcmd {$SHELL} + set do_shell 1 + } elseif {$sshcmd == "PUTTY"} { + set setup_cmds "" + set do_shell 1 + } + + set file_cmd "" + if {$setup_cmds != ""} { + regsub {\.bat} $file ".cmd" file_cmd + set fh_cmd [open $file_cmd "w"] + + set str $setup_cmds + if {$sshcmd != ""} { + append str " $sshcmd; " + } else { + append str " sleep $sleep; " + } + puts $fh_cmd $str + close $fh_cmd + + set sshcmd $setup_cmds + } + + if {$sshcmd == ""} { + set pcmd "echo; echo SSH connected OK.; echo If this state is not autodetected,; echo Go Click the Success button." + set sshcmd "$pcmd; sleep $sleep" + } + + global use_sound sound_daemon_local_cmd sound_daemon_local_start + if {! $do_shell && ! $is_win9x && $use_sound && $sound_daemon_local_start && $sound_daemon_local_cmd != ""} { + windows_start_sound_daemon $file + } + + set fh [open $file "w"] + if {$is_win9x} { + puts $fh "cd $pwd" + if {$file_pre != ""} { + puts $fh "echo Press Ctrl-C --HERE-- when done with the Pre-Command shell work." + puts $fh "start /w command.com /c $file_pre" + } + } + + global use_cups use_smbmnt + set extra_redirs "" + if {$use_cups} { + append extra_redirs [get_cups_redir] + } + if {$use_sound} { + append extra_redirs [get_sound_redir] + } + global additional_port_redirs + if {$additional_port_redirs} { + append extra_redirs [get_additional_redir] + } + + set plink_str "plink.exe -ssh -P $ssh_port $verb -L $use:$vnc_host:$vnc_port $extra_redirs -t" + if {$extra_redirs != ""} { + regsub {exe} $plink_str "exe -C" plink_str + } + if {$do_shell} { + if {$sshcmd == "PUTTY"} { + if {$is_win9x} { + set plink_str "putty.exe -ssh -C -P $ssh_port $extra_redirs -t $pw $ssh_host" + } else { + set plink_str "start \"putty $ssh_host\" putty.exe -ssh -C -P $ssh_port $extra_redirs -t $pw $ssh_host" + } + } else { + set plink_str "plink.exe -ssh -C -P $ssh_port $extra_redirs -t $pw $ssh_host" + append plink_str { "$SHELL"} + } + } elseif {$file_cmd != ""} { + append plink_str " -m $file_cmd$pw $ssh_host" + } else { + append plink_str "$pw $ssh_host \"$sshcmd\"" + } + + if {$pw != ""} { + puts $fh "echo off" + } + puts $fh $plink_str + if {$file_cmd != ""} { + puts $fh "del $file_cmd" + } + puts $fh "del $file" + close $fh + + catch {destroy .o} + catch {destroy .oa} + + do_port_knock $ssh_host + + if {$is_win9x} { + wm withdraw . + update + win9x_plink_msg $file + global win9x_plink_msg_done + set win9x_plink_msg_done 0 + vwait win9x_plink_msg_done + } else { + global env + set com "cmd.exe" + if [info exists env(COMSPEC)] { + set com $env(COMSPEC) + } + + if {$file_pre != ""} { + exec $com /c $file_pre & + set sl 0 + if {$use_smbmnt} { + global smb_su_mode + if {$smb_su_mode == "su"} { + set sl [expr $sl + 15] + } elseif {$smb_su_mode == "sudo"} { + set sl [expr $sl + 15] + } else { + set sl [expr $sl + 3] + } + } + if {$pw == ""} { + set sl [expr $sl + 5] + } + + set sl [expr $sl + 5] + set st [clock seconds] + set dt 0 + global entered_gui_top + set entered_gui_top 0 + + while {$dt < $sl} { + after 100 + set dt [clock seconds] + set dt [expr $dt - $st] + mesg "Click or Enter when done with 1st SSH $dt/$sl" + update + update idletasks + if {$entered_gui_top != 0 && $dt >= 3} { + mesg "Running 2nd SSH now ..." + after 1000 + break + } + } + mesg "Running 2nd SSH ..." + } + + wm withdraw . + update + exec $com /c $file & + after 1000 + } + + if {$do_shell} { + wm deiconify . + return 1 + } + + catch {destroy .plink} + toplevel .plink + wm title .plink "plink SSH status?" + set wd 37 + label .plink.l1 -anchor w -text "Login via plink/ssh to the remote server" -width $wd + label .plink.l2 -anchor w -text "(supply username and password as needed)." -width $wd + label .plink.l3 -anchor w -text "" -width $wd + label .plink.l4 -anchor w -text "After ssh is set up, AND if the connection" -width $wd + label .plink.l5 -anchor w -text "success is not autodetected, please click" -width $wd + label .plink.l6 -anchor w -text "one of these buttons:" -width $wd + global plink_status + button .plink.fail -text "Failed" -command {destroy .plink; set plink_status no} + button .plink.ok -text "Success" -command {destroy .plink; set plink_status yes} + pack .plink.l1 .plink.l2 .plink.l3 .plink.l4 .plink.l5 .plink.l6 .plink.fail .plink.ok -side top -fill x + + wm geometry .plink +700+500 + wm deiconify .plink + set plink_status "" + set waited 0 + set cnt 0 + while {$waited < 30000} { + after 500 + update + set ns [get_netstat] + set re ":$use" + append re {[ ][ ]*[0:.][0:.]*[ ][ ]*LISTEN} + if [regexp $re $ns] { + set plink_status yes + } + if {$plink_status != ""} { + catch {destroy .plink} + break + } + + if {$waited == 0} { + wm deiconify .plink + } + set waited [expr "$waited + 500"] + + incr cnt + if {$cnt >= 12} { + set cnt 0 + #catch {wm deiconify .plink} + } + } + if {$plink_status == ""} { + vwait plink_status + } + + if {$use_sshssl} { + global launch_windows_ssh_files + if {$file != ""} { + append launch_windows_ssh_files "$file " + } + if {$file_pre != ""} { + append launch_windows_ssh_files "$file_pre " + } + if {$file_pre_cmd != ""} { + append launch_windows_ssh_files "$file_pre_cmd " + } + regsub { *$} $launch_windows_ssh_files "" launch_windows_ssh_files + return 1 + } + + if {$plink_status != "yes"} { + wm deiconify . + } else { + after 1000 + do_viewer_windows $n + wm deiconify . + mesg "Disconnected from $hp" + } + + if {$file != ""} { + catch {file delete $file} + } + if {$file_pre != ""} { + catch {file delete $file_pre} + } + if {$file_pre_cmd != ""} { + catch {file delete $file_pre_cmd} + } + + global sound_daemon_local_kill + if {! $is_win9x && $use_sound && $sound_daemon_local_kill && $sound_daemon_local_cmd != ""} { + windows_stop_sound_daemon + } + return 1 +} + +proc check_ssh_needed {} { + global use_cups use_sound use_smbmnt + global sound_daemon_remote_cmd sound_daemon_remote_port sound_daemon_kill sound_daemon_restart + global sound_daemon_local_cmd sound_daemon_local_port sound_daemon_local_kill sound_daemon_local_start + global cups_local_server cups_remote_port cups_manage_rcfile + global cups_local_smb_server cups_remote_smb_port + global smb_su_mode smb_mount_list + global use_ssh use_sshssl + + if {$use_ssh || $use_sshssl} { + return + } + set must 0 + if {$use_cups} { + if {$cups_local_server != ""} {set must 1} + if {$cups_remote_port != ""} {set must 1} + if {$cups_local_smb_server != ""} {set must 1} + if {$cups_remote_smb_port != ""} {set must 1} + if {$cups_manage_rcfile != ""} {set must 1} + } + if {$use_sound} { + if {$sound_daemon_remote_cmd != ""} {set must 1} + if {$sound_daemon_remote_port != ""} {set must 1} + if {$sound_daemon_kill} {set must 1} + if {$sound_daemon_restart} {set must 1} + if {$sound_daemon_local_cmd != ""} {set must 1} + if {$sound_daemon_local_port != ""} {set must 1} + if {$sound_daemon_local_kill} {set must 1} + if {$sound_daemon_local_start} {set must 1} + } + if {$use_smbmnt} { + if {[regexp {//} $smb_mount_list]} {set must 1} + } + if {$must} { + set use_sshssl 1 + putty_pw_entry check + mesg "Enabling \"Use SSH and SSL\" mode for port redir" + update + bell + after 4000 + } +} + +proc set_smb_mounts {} { + global smb_redir_0 smb_mounts use_smbmnt + + set smb_redir_0 "" + set smb_mounts "" + if {$use_smbmnt} { + set l2 [get_smb_redir] + set smb_redir_0 [lindex $l2 0] + set smb_redir_0 [string trim $smb_redir_0] + set smb_mounts [lindex $l2 1] + } +} + +proc xterm_center_geometry {} { + set sh [winfo screenheight .] + set sw [winfo screenwidth .] + set gw 500 + set gh 300 + set x [expr $sw/2 - $gw/2] + set y [expr $sh/2 - $gh/2] + if {$x < 0} { + set x 10 + } + if {$y < 0} { + set y 10 + } + + return "+$x+$y" +} + +proc smbmnt_wait {tee} { + if {$tee != ""} { + set start [clock seconds] + set cut 30 + while {1} { + set now [clock seconds] + if {$now > $start + $cut} { + break; + } + if [file exists $tee] { + set sz 0 + catch {set sz [file size $tee]} + if {$sz > 50} { + set cut 50 + } + } + set g "" + catch {set g [exec grep vnc-helper-exiting $tee]} + if [regexp {vnc-helper-exiting} $g] { + break + } + after 1000 + } + catch {file delete $tee} + } else { + global smb_su_mode + if {$smb_su_mode == "su"} { + after 15000 + } elseif {$smb_su_mode == "sudo"} { + after 10000 + } + } +} + +proc do_unix_pre {tag proxy hp pk_hp} { + global env smb_redir_0 use_smbmnt + global did_port_knock + + set setup_cmds [ugly_setup_scripts pre $tag] + set c "ssl_vncviewer -ssh" + + if {$proxy == ""} { + set pxy $hp + regsub {:.*$} $pxy "" pxy + set c "$c -proxy '$pxy'" + } else { + set c "$c -proxy '$proxy'" + } + + if {$setup_cmds != ""} { + set env(SSL_VNCVIEWER_SSH_CMD) "$setup_cmds sleep 10" + set env(SSL_VNCVIEWER_SSH_ONLY) 1 + if {$smb_redir_0 != ""} { + set c "$c -sshargs '$smb_redir_0'" + } + + do_port_knock $pk_hp + set did_port_knock 1 + + if {$use_smbmnt} { + set title "SSL VNC Viewer $hp -- SMB MOUNTS" + } else { + set title "SSL VNC Viewer $hp -- Pre Commands" + } + + set tee "" + if {$use_smbmnt} { + set tee $env(HOME) + append tee "/.tee-etv$tag" + set fh "" + catch {set fh [open $tee "w"]} + if {$fh == ""} { + set tee "" + } else { + close $fh + set c "$c | tee $tee" + } + } + + exec xterm -geometry "80x25+100+100" \ + -title "$title" \ + -e sh -c "set -xv; $c" & + + set env(SSL_VNCVIEWER_SSH_CMD) "" + set env(SSL_VNCVIEWER_SSH_ONLY) "" + + if {$use_smbmnt} { + smbmnt_wait $tee + } else { + after 2000 + } + } +} + +proc launch_unix {hp} { + global mycert svcert crtdir env + global use_alpha use_grab use_ssh use_sshssl use_viewonly use_fullscreen use_bgr233 + global use_nojpeg use_raise_on_beep use_compresslevel use_quality + global change_vncviewer change_vncviewer_path vncviewer_realvnc4 + global additional_port_redirs additional_port_redirs_list + global use_cups use_sound use_smbmnt + global smb_redir_0 smb_mounts + global sound_daemon_remote_cmd sound_daemon_remote_port sound_daemon_kill sound_daemon_restart + global sound_daemon_local_cmd sound_daemon_local_port sound_daemon_local_kill sound_daemon_local_start + + set cmd "" + + if [regexp {cmd=} $hp] { + if {! $use_ssh && ! $use_sshssl} { + set use_ssh 1 + } + } + check_ssh_needed + + set_smb_mounts + + global did_port_knock + set did_port_knock 0 + set pk_hp "" + + if {$use_ssh || $use_sshssl} { + if {$use_ssh} { + set cmd "ssl_vncviewer -ssh" + } else { + set cmd "ssl_vncviewer -sshssl" + } + set hpnew [get_ssh_hp $hp] + set proxy [get_ssh_proxy $hp] + set sshcmd [get_ssh_cmd $hp] + set hp $hpnew + + if {$proxy != ""} { + set cmd "$cmd -proxy '$proxy'" + set pk_hp $proxy + } + if {$pk_hp == ""} { + set pk_hp $hp + } + + set do_pre 0 + if {$use_smbmnt} { + set do_pre 1 + } elseif {$use_sound && $sound_daemon_kill} { + set do_pre 1 + } + global skip_pre + if {$skip_pre} { + set do_pre 0 + set skip_pre 0 + } + + set tag [contag] + + if {$do_pre} { + do_unix_pre $tag $proxy $hp $pk_hp + } + + + set setup_cmds [ugly_setup_scripts post $tag] + + if {$sshcmd == "SHELL"} { + set env(SSL_VNCVIEWER_SSH_CMD) {$SHELL} + set env(SSL_VNCVIEWER_SSH_ONLY) 1 + } elseif {$setup_cmds != ""} { + set env(SSL_VNCVIEWER_SSH_CMD) "$setup_cmds$sshcmd" + } else { + if {$sshcmd != ""} { + set cmd "$cmd -sshcmd '$sshcmd'" + } + } + + set sshargs "" + if {$use_cups} { + append sshargs [get_cups_redir] + } + if {$use_sound} { + append sshargs [get_sound_redir] + } + if {$additional_port_redirs} { + append sshargs [get_additional_redir] + } + + set sshargs [string trim $sshargs] + if {$sshargs != ""} { + set cmd "$cmd -sshargs '$sshargs'" + set env(SSL_VNCVIEWER_USE_C) 1 + } + if {$sshcmd == "SHELL"} { + set env(SSL_VNCVIEWER_SSH_ONLY) 1 + if {$proxy == ""} { + set hpt $hpnew + regsub {:[0-9]*$} $hpt "" hpt + set cmd "$cmd -proxy '$hpt'" + } + set geometry [xterm_center_geometry] + if {$pk_hp == ""} { + set pk_hp $hp + } + if {! $did_port_knock} { + do_port_knock $pk_hp + set did_port_knock 1 + } + + exec xterm -geometry $geometry -title "SHELL to $hp" \ + -e sh -c "$cmd" & + set env(SSL_VNCVIEWER_SSH_CMD) "" + set env(SSL_VNCVIEWER_SSH_ONLY) "" + set env(SSL_VNCVIEWER_USE_C) "" + return + } + } else { + set cmd "ssl_tightvncviewer" + set hpnew [get_ssh_hp $hp] + set proxy [get_ssh_proxy $hp] + if {$mycert != ""} { + set cmd "$cmd -mycert '$mycert'" + } + if {$svcert != ""} { + set cmd "$cmd -verify '$svcert'" + } elseif {$crtdir != ""} { + set cmd "$cmd -verify '$crtdir'" + } + if {$proxy != ""} { + set cmd "$cmd -proxy '$proxy'" + } + set hp $hpnew + } + + if {$use_alpha} { + set cmd "$cmd -alpha" + } + if {$use_grab} { + set cmd "$cmd -grab" + } + + set cmd "$cmd $hp" + + if {$use_viewonly} { + set cmd "$cmd -viewonly" + } + if {$use_fullscreen} { + set cmd "$cmd -fullscreen" + } + if {$use_bgr233} { + if {$vncviewer_realvnc4} { + set cmd "$cmd -lowcolourlevel 1" + } else { + set cmd "$cmd -bgr233" + } + } + if {$use_nojpeg} { + if {! $vncviewer_realvnc4} { + set cmd "$cmd -nojpeg" + } + } + if {! $use_raise_on_beep} { + if {! $vncviewer_realvnc4} { + set cmd "$cmd -noraiseonbeep" + } + } + if {$use_compresslevel != "" && $use_compresslevel != "default"} { + if {$vncviewer_realvnc4} { + set cmd "$cmd -zliblevel '$use_compresslevel'" + } else { + set cmd "$cmd -compresslevel '$use_compresslevel'" + } + } + if {$use_quality != "" && $use_quality != "default"} { + if {! $vncviewer_realvnc4} { + set cmd "$cmd -quality '$use_quality'" + } + } + if {$use_ssh || $use_sshssl} { + # realvnc4 -preferredencoding zrle + if {$vncviewer_realvnc4} { + set cmd "$cmd -preferredencoding zrle" + } else { + set cmd "$cmd -encodings 'copyrect tight zrle zlib hextile'" + } + } + + if {$change_vncviewer && $change_vncviewer_path != ""} { + global env + set env(VNCVIEWERCMD) $change_vncviewer_path + } else { + set env(VNCVIEWERCMD) "" + } + + catch {destroy .o} + catch {destroy .oa} + wm withdraw . + update + + if {$sound_daemon_local_start && $sound_daemon_local_cmd != ""} { + mesg "running: $sound_daemon_local_cmd" + exec sh -c "$sound_daemon_local_cmd" >& /dev/null </dev/null & + update + after 500 + } + + if {$pk_hp == ""} { + set pk_hp $hp + } + if {! $did_port_knock} { + do_port_knock $pk_hp + set did_port_knock 1 + } + + set geometry [xterm_center_geometry] + set xrm1 "*.srinterCommand:true" + set xrm2 $xrm1 + set xrm3 $xrm1 + if {[info exists env(SSL_VNC_GUI_CMD)]} { + set xrm1 "*.printerCommand:env XTERM_PRINT=1 $env(SSL_VNC_GUI_CMD)" + set xrm2 "XTerm*VT100*translations:#override Shift<Btn3Down>:print()\\nCtrl<Key>N:print()" + set xrm3 "*mainMenu*print*Label: New SSL_VNC_GUI" + } + exec xterm -geometry $geometry -xrm "$xrm1" -xrm "$xrm2" -xrm "$xrm3" \ + -title "SSL VNC Viewer $hp" \ + -e sh -c "set -xv; $cmd; set +xv; echo; echo Done. You Can X-out or Ctrl-C this Terminal whenever you like.; echo; echo sleep 15; echo; sleep 15" + set env(SSL_VNCVIEWER_SSH_CMD) "" + set env(SSL_VNCVIEWER_USE_C) "" + + if {$sound_daemon_local_kill && $sound_daemon_local_cmd != ""} { + set daemon [string trim $sound_daemon_local_cmd] + regsub {^gw[ \t]*} $daemon "" daemon + regsub {[ \t].*$} $daemon "" daemon + regsub {^.*/} $daemon "" daemon + mesg "killing sound daemon: $daemon" + if {$daemon != ""} { + catch {exec sh -c "killall $daemon" >/dev/null 2>/dev/null </dev/null &} + catch {exec sh -c "pkill -x $daemon" >/dev/null 2>/dev/null </dev/null &} + } + } + wm deiconify . + mesg "Disconnected from $hp" +} + +proc kill_stunnel {pids} { + global is_win9x env + + set count 0 + foreach pid $pids { + mesg "killing STUNNEL pid: $pid" + if {$is_win9x} { + catch {exec w98/kill.exe /f $pid} + } else { + catch {exec tskill.exe $pid} + } + if {$count == 0} { + after 1200 + } else { + after 500 + } + incr count + } +} + +proc get_task_list {} { + global env is_win9x + + set output1 "" + set output2 "" + if {! $is_win9x} { + # try for tasklist on XP pro + catch {set output1 [exec tasklist.exe]} + } + catch {set output2 [exec w98/tlist.exe]} + + set output $output1 + append output "\n" + append output $output2 + + return $output +} + +proc note_stunnel_pids {when} { + global env + global is_win9x pids_before pids_after pids_new + + if {$when == "before"} { + array unset pids_before + array unset pids_after + set pids_new {} + set pids_before(none) "none" + set pids_after(none) "none" + } + + set output [get_task_list] + + foreach line [split $output "\n\r"] { + if [regexp -nocase {stunnel} $line] { + if [regexp {(-?[0-9][0-9]*)} $line m p] { + if {$when == "before"} { + set pids_before($p) $line + } else { + set pids_after($p) $line + } + } + } + } + if {$when == "after"} { + foreach new [array names pids_after] { + if {! [info exists pids_before($new)]} { + lappend pids_new $new + } + } + } +} + +proc del_launch_windows_ssh_files {} { + global launch_windows_ssh_files + + if {$launch_windows_ssh_files != ""} { + foreach tf [split $launch_windows_ssh_files] { + if {$tf == ""} { + continue + } + catch {file delete $tf} + } + } +} + +proc launch_shell_only {} { + global vncdisplay is_windows + global skip_pre + + set hp $vncdisplay + regsub {cmd=.*$} $vncdisplay "" hp + set hp [string trim $hp] + if {$is_windows} { + append hp " cmd=PUTTY" + } else { + append hp " cmd=SHELL" + } + set skip_pre 1 + launch $hp +} + +proc launch {{hp ""}} { + global vncdisplay env tcl_platform is_windows + global mycert svcert crtdir + global pids_before pids_after pids_new + global use_ssh use_sshssl + + set debug 0 + if {$hp == ""} { + set hp [string trim $vncdisplay] + } + + if {[regexp {^[ ]*$} $hp]} { + mesg "No host:disp supplied." + bell + return + } + if {! [regexp ":" $hp]} { + if {! [regexp {cmd=} $hp]} { + append hp ":0" + } + } + + mesg "Using: $hp" + after 600 + + if {$debug} { + mesg "\"$tcl_platform(os)\" | \"$tcl_platform(osVersion)\"" + after 1000 + } + if {! $is_windows} { + launch_unix $hp + return + } + + if [regexp {cmd=} $hp] { + if {! $use_ssh && ! $use_sshssl} { + set use_ssh 1 + } + } + check_ssh_needed + + if {! $use_ssh} { + if {$mycert != ""} { + if {! [file exists $mycert]} { + mesg "MyCert does not exist: $mycert" + bell + return + } + } + if {$svcert != ""} { + if {! [file exists $svcert]} { + mesg "ServerCert does not exist: $svcert" + bell + return + } + } elseif {$crtdir != ""} { + if {! [file exists $crtdir]} { + mesg "CertsDir does not exist: $crtdir" + bell + return + } + } + } + + set prefix "stunnel-vnc" + set suffix "conf" + if {$use_ssh || $use_sshssl} { + set prefix "plink-vnc" + set suffix "bat" + } + + # we avoid parsing netstat output on Windows (but I guess we do now elsewhere): + set file "" + set n "" + set file2 "" + set n2 "" + set now [clock seconds] + + for {set i 30} {$i < 90} {incr i} { + set try "$prefix-$i.$suffix" + if {[file exists $try]} { + set mt [file mtime $try] + set age [expr "$now - $mt"] + set week [expr "7 * 3600 * 24"] + if {$age > $week} { + catch {file delete $file} + } + } + if {! [file exists $try]} { + if {$use_sshssl} { + if {$file != ""} { + set file2 $try + set n2 $i + break + } + } + set file $try + set n $i + if {! $use_sshssl} { + break + } + } + } + + if {$file == ""} { + mesg "could not find free stunnel file" + bell + return + } + + global launch_windows_ssh_files + set launch_windows_ssh_files "" + + set did_port_knock 0 + + if {$use_sshssl} { + set rc [launch_windows_ssh $hp $file2 $n2] + if {$rc == 0} { + catch {file delete $file} + catch {file delete $file2} + del_launch_windows_ssh_files + return + } + set did_port_knock 1 + } elseif {$use_ssh} { + launch_windows_ssh $hp $file $n + return + } + + if [regexp {[ ]} $hp] { + # proxy or cmd case (should not happen? yet?) + regsub {[ ].*$} $hp "" hp2 + } else { + set list [split $hp ":"] + set host [lindex $list 0] + set disp [lindex $list 1] + set port [expr "$disp + 5900"] + } + + set list [split $hp ":"] + set host [lindex $list 0] + set disp [lindex $list 1] + set port [expr "$disp + 5900"] + + if {$debug} { + mesg "file: $file" + after 1000 + } + + set fh [open $file "w"] + + puts $fh "client = yes" + puts $fh "options = ALL" + puts $fh "taskbar = yes" + puts $fh "RNDbytes = 2048" + puts $fh "RNDfile = bananarand.bin" + puts $fh "RNDoverwrite = yes" + puts $fh "debug = 6" + if {$mycert != ""} { + if {! [file exists $mycert]} { + mesg "MyCert does not exist: $mycert" + bell + return + } + puts $fh "cert = $mycert" + } + if {$svcert != ""} { + if {! [file exists $svcert]} { + mesg "ServerCert does not exist: $svcert" + bell + return + } + puts $fh "CAfile = $svcert" + puts $fh "verify = 2" + } elseif {$crtdir != ""} { + if {! [file exists $crtdir]} { + mesg "CertsDir does not exist: $crtdir" + bell + return + } + puts $fh "CApath = $crtdir" + puts $fh "verify = 2" + } + + puts $fh "\[vnc$n\]" + set port2 [expr "$n + 5900"] + puts $fh "accept = localhost:$port2" + + if {$use_sshssl} { + set port [expr "$n2 + 5900"] + puts $fh "connect = localhost:$port" + } else { + puts $fh "connect = $host:$port" + } + + puts $fh "delay = no" + puts $fh "" + close $fh + + mesg "Starting STUNNEL on port $port2 ..." + after 600 + + note_stunnel_pids "before" + + set pids [exec stunnel $file &] + + after 1300 + + note_stunnel_pids "after" + + if {$debug} { + after 1000 + mesg "pids $pids" + after 1000 + } else { + catch {destroy .o} + catch {destroy .oa} + wm withdraw . + } + + if {! $did_port_knock} { + do_port_knock $host + set did_port_knock 1 + } + + do_viewer_windows $n + + del_launch_windows_ssh_files + + catch {file delete $file} + + if {$debug} { + ; + } else { + wm deiconify . + } + mesg "Disconnected from $hp." + + if {[llength $pids_new] > 0} { + set plist [join $pids_new ", "] + global terminate_pids + set terminate_pids "" + win_kill_msg $plist + update + vwait terminate_pids + if {$terminate_pids == "yes"} { + kill_stunnel $pids_new + } + } else { + win_nokill_msg + } + mesg "Disconnected from $hp." + + global is_win9x use_sound sound_daemon_local_kill sound_daemon_local_cmd + if {! $is_win9x && $use_sound && $sound_daemon_local_kill && $sound_daemon_local_cmd != ""} { + windows_stop_sound_daemon + } +} + +proc get_idir {str} { + set idir "" + if {$str != ""} { + if [file isdirectory $str] { + set idir $str + } else { + set idir [file dirname $str] + } + } + if {$idir == ""} { + global env + if [info exists env(HOME)] { + set t "$env(HOME)/.vnc/certs" + if [file isdirectory $t] { + set idir $t + } + } + } + if {$idir == ""} { + set idir [pwd] + } + return $idir +} + +proc set_mycert {} { + global mycert + set idir [get_idir $mycert] + if {$idir != ""} { + set mycert [tk_getOpenFile -initialdir $idir] + } else { + set mycert [tk_getOpenFile] + } + catch {wm deiconify .c} + update +} + +proc set_svcert {} { + global svcert crtdir + set idir [get_idir $svcert] + if {$idir != ""} { + set svcert [tk_getOpenFile -initialdir $idir] + } else { + set svcert [tk_getOpenFile] + } + if {$svcert != ""} { + set crtdir "" + } + catch {wm deiconify .c} + update +} + +proc set_crtdir {} { + global svcert crtdir + set idir [get_idir $crtdir] + if {$idir != ""} { + set crtdir [tk_chooseDirectory -initialdir $idir] + } else { + set crtdir [tk_chooseDirectory] + } + if {$crtdir != ""} { + set svcert "" + } + catch {wm deiconify .c} + update +} + +proc getcerts {} { + global mycert svcert crtdir + global use_ssh use_sshssl + catch {destroy .c} + toplevel .c + wm title .c "Set SSL Certificates" + frame .c.mycert + frame .c.svcert + frame .c.crtdir + label .c.mycert.l -anchor w -width 12 -text "MyCert:" + label .c.svcert.l -anchor w -width 12 -text "ServerCert:" + label .c.crtdir.l -anchor w -width 12 -text "CertsDir:" + + entry .c.mycert.e -width 32 -textvariable mycert + entry .c.svcert.e -width 32 -textvariable svcert + entry .c.crtdir.e -width 32 -textvariable crtdir + button .c.mycert.b -text "Browse..." -command {set_mycert; catch {raise .c}} + button .c.svcert.b -text "Browse..." -command {set_svcert; catch {raise .c}} + button .c.crtdir.b -text "Browse..." -command {set_crtdir; catch {raise .c}} + + frame .c.b + button .c.b.done -text "Done" -command {catch {destroy .c}} + bind .c <Escape> {destroy .c} + button .c.b.help -text "Help" -command help_certs + pack .c.b.help .c.b.done -fill x -expand 1 -side left + + foreach w [list mycert svcert crtdir] { + pack .c.$w.l -side left + pack .c.$w.e -side left -expand 1 -fill x + pack .c.$w.b -side left + bind .c.$w.e <Return> ".c.$w.b invoke" + if {$use_ssh} { + .c.$w.l configure -state disabled + .c.$w.e configure -state disabled + .c.$w.b configure -state disabled + } + } + + pack .c.mycert .c.svcert .c.crtdir .c.b -side top -fill x + center_win .c + wm resizable .c 1 0 + + focus .c +} + +proc get_profiles_dir {} { + global env is_windows + + set dir "" + if {$is_windows} { + set t [file dirname [pwd]] + set t "$t/profiles" + if [file isdirectory $t] { + set dir $t + } + } elseif [info exists env(HOME)] { + set t "$env(HOME)/.vnc" + if [file isdirectory $t] { + set dir $t + set s "$t/profiles" + if {! [file exists $s]} { + catch {file mkdir $s} + } + } + } + + if {$dir != ""} { + + } elseif [info exists env(SSL_VNC_BASEDIR)] { + set dir $env(SSL_VNC_BASEDIR) + } else { + set dir [pwd] + } + if [file isdirectory "$dir/profiles"] { + set dir "$dir/profiles" + } + return $dir +} + +proc load_profile {} { + global env + global mycert svcert crtdir vncdisplay + global use_alpha use_grab use_ssh use_sshssl use_viewonly use_fullscreen use_bgr233 + global use_nojpeg use_raise_on_beep use_compresslevel use_quality + global compresslevel_text quality_text + global use_smbmnt use_sound + global use_cups cups_local_server cups_remote_port cups_manage_rcfile + global cups_local_smb_server cups_remote_smb_port + global smb_su_mode smb_mount_list + global change_vncviewer change_vncviewer_path vncviewer_realvnc4 + global additional_port_redirs additional_port_redirs_list + global sound_daemon_remote_cmd sound_daemon_remote_port sound_daemon_kill sound_daemon_restart + global sound_daemon_local_cmd sound_daemon_local_port sound_daemon_local_kill sound_daemon_local_start + global use_port_knocking port_knocking_list + global profdone + + set dir [get_profiles_dir] + + set file [tk_getOpenFile -defaultextension ".vnc" \ + -initialdir $dir -title "Load VNC Profile"] + if {$file == ""} { + set profdone 1 + return + } + set fh [open $file "r"] + if {! [info exists fh]} { + set profdone 1 + return + } + + set_defaults + + while {[gets $fh line] > -1} { + if [regexp {^disp=(.*)$} $line m val] { + set vncdisplay $val + } elseif [regexp {^ssh=(.*)$} $line m val] { + set use_ssh $val + } elseif [regexp {^sshssl=(.*)$} $line m val] { + set use_sshssl $val + } elseif [regexp {^viewonly=(.*)$} $line m val] { + set use_viewonly $val + } elseif [regexp {^fullscreen=(.*)$} $line m val] { + set use_fullscreen $val + } elseif [regexp {^belldeiconify=(.*)$} $line m val] { + set use_raise_on_beep $val + } elseif [regexp {^8bit=(.*)$} $line m val] { + set use_bgr233 $val + } elseif [regexp {^alpha=(.*)$} $line m val] { + set use_alpha $val + } elseif [regexp {^grab=(.*)$} $line m val] { + set use_grab $val + } elseif [regexp {^nojpeg=(.*)$} $line m val] { + set use_nojpeg $val + } elseif [regexp {^compresslevel=(.*)$} $line m val] { + set use_compresslevel $val + set compresslevel_text "Compress Level: $val" + } elseif [regexp {^quality=(.*)$} $line m val] { + set use_quality $val + set quality_text "Quality: $val" + } elseif [regexp {^mycert=(.*)$} $line m val] { + set mycert $val + } elseif [regexp {^svcert=(.*)$} $line m val] { + set svcert $val + } elseif [regexp {^crtdir=(.*)$} $line m val] { + set crtdir $val + } elseif [regexp {^use_smbmnt=(.*)$} $line m val] { + set use_smbmnt $val + } elseif [regexp {^use_sound=(.*)$} $line m val] { + set use_sound $val + } elseif [regexp {^use_cups=(.*)$} $line m val] { + set use_cups $val + } elseif [regexp {^cups_local_server=(.*)$} $line m val] { + set cups_local_server $val + } elseif [regexp {^cups_remote_port=(.*)$} $line m val] { + set cups_remote_port $val + } elseif [regexp {^cups_local_smb_server=(.*)$} $line m val] { + set cups_local_smb_server $val + } elseif [regexp {^cups_remote_smb_port=(.*)$} $line m val] { + set cups_remote_smb_port $val + } elseif [regexp {^cups_manage_rcfile=(.*)$} $line m val] { + set cups_manage_rcfile $val + } elseif [regexp {^smb_mount_list=(.*)$} $line m val] { + regsub -all {%%%} $val "\n" val + set smb_mount_list $val + } elseif [regexp {^smb_su_mode=(.*)$} $line m val] { + set smb_su_mode $val + } elseif [regexp {^port_knocking_list=(.*)$} $line m val] { + regsub -all {%%%} $val "\n" val + set port_knocking_list $val + } elseif [regexp {^use_port_knocking=(.*)$} $line m val] { + set use_port_knocking $val + } elseif [regexp {^sound_daemon_remote_cmd=(.*)$} $line m val] { + set sound_daemon_remote_cmd $val + } elseif [regexp {^sound_daemon_remote_port=(.*)$} $line m val] { + set sound_daemon_remote_port $val + } elseif [regexp {^sound_daemon_kill=(.*)$} $line m val] { + set sound_daemon_kill $val + } elseif [regexp {^sound_daemon_restart=(.*)$} $line m val] { + set sound_daemon_restart $val + } elseif [regexp {^sound_daemon_local_cmd=(.*)$} $line m val] { + set sound_daemon_local_cmd $val + } elseif [regexp {^sound_daemon_local_port=(.*)$} $line m val] { + set sound_daemon_local_port $val + } elseif [regexp {^sound_daemon_local_start=(.*)$} $line m val] { + set sound_daemon_local_start $val + } elseif [regexp {^sound_daemon_local_kill=(.*)$} $line m val] { + set sound_daemon_local_kill $val + } elseif [regexp {^change_vncviewer=(.*)$} $line m val] { + set change_vncviewer $val + } elseif [regexp {^change_vncviewer_path=(.*)$} $line m val] { + set change_vncviewer_path $val + } elseif [regexp {^vncviewer_realvnc4=(.*)$} $line m val] { + set vncviewer_realvnc4 $val + } elseif [regexp {^additional_port_redirs=(.*)$} $line m val] { + set additional_port_redirs $val + } elseif [regexp {^additional_port_redirs_list=(.*)$} $line m val] { + set additional_port_redirs_list $val + } + } + close $fh + set profdone 1 + putty_pw_entry check +} + +proc save_profile {} { + global env is_windows + global mycert svcert crtdir vncdisplay + global use_alpha use_grab use_ssh use_sshssl use_viewonly use_fullscreen use_bgr233 + global use_nojpeg use_raise_on_beep use_compresslevel use_quality + global profdone + + set dir [get_profiles_dir] + + set disp [string trim $vncdisplay] + if {$disp != ""} { + regsub {[ ].*$} $disp "" disp + } + if {$is_windows} { + regsub -all {:} $disp "_" disp + } + + set file [tk_getSaveFile -defaultextension ".vnc" \ + -initialdir $dir -initialfile "$disp" -title "Save VNC Profile"] + if {$file == ""} { + set profdone 1 + return + } + set fh [open $file "w"] + if {! [info exists fh]} { + set profdone 1 + return + } + set h [string trim $vncdisplay] + set p $h + regsub {:.*$} $h "" h + set host $h + regsub {[ ].*$} $p "" p + regsub {^.*:} $p "" p + if {$p == ""} { + set p 0 + } + if {$p < 200} { + set port [expr $p + 5900] + } else { + set port $p + } + + set h [string trim $vncdisplay] + regsub {cmd=.*$} $h "" h + set h [string trim $h] + if {! [regexp {[ ]} $h]} { + set h "" + } else { + regsub {^.*[ ]} $h "" h + } + if {$h == ""} { + set proxy "" + set proxyport "" + } else { + set p $h + regsub {:.*$} $h "" h + set proxy $h + regsub {[ ].*$} $p "" p + regsub {^.*:} $p "" p + if {$p == ""} { + set proxyport 0 + } else { + set proxyport $p + } + } + + puts $fh "\[connection\]" + puts $fh "host=$host" + puts $fh "port=$port" + puts $fh "proxyhost=$proxy" + puts $fh "proxyport=$proxyport" + puts $fh "disp=$vncdisplay" + puts $fh "\n\[options\]" + puts $fh "ssh=$use_ssh" + puts $fh "sshssl=$use_sshssl" + puts $fh "viewonly=$use_viewonly" + puts $fh "fullscreen=$use_fullscreen" + puts $fh "belldeiconify=$use_raise_on_beep" + puts $fh "8bit=$use_bgr233" + puts $fh "alpha=$use_alpha" + puts $fh "grab=$use_grab" + puts $fh "nojpeg=$use_nojpeg" + puts $fh "compresslevel=$use_compresslevel" + puts $fh "quality=$use_quality" + puts $fh "mycert=$mycert" + puts $fh "svcert=$svcert" + puts $fh "crtdir=$crtdir" + + global use_smbmnt use_sound + puts $fh "use_smbmnt=$use_smbmnt" + puts $fh "use_sound=$use_sound" + + global use_cups cups_local_server cups_remote_port cups_manage_rcfile + global cups_local_smb_server cups_remote_smb_port + puts $fh "use_cups=$use_cups" + puts $fh "cups_local_server=$cups_local_server" + puts $fh "cups_remote_port=$cups_remote_port" + puts $fh "cups_local_smb_server=$cups_local_smb_server" + puts $fh "cups_remote_smb_port=$cups_remote_smb_port" + puts $fh "cups_manage_rcfile=$cups_manage_rcfile" + + global change_vncviewer change_vncviewer_path vncviewer_realvnc4 + global additional_port_redirs additional_port_redirs_list + puts $fh "change_vncviewer=$change_vncviewer" + puts $fh "change_vncviewer_path=$change_vncviewer_path" + puts $fh "vncviewer_realvnc4=$vncviewer_realvnc4" + puts $fh "additional_port_redirs=$additional_port_redirs" + puts $fh "additional_port_redirs_list=$additional_port_redirs_list" + + global sound_daemon_remote_cmd sound_daemon_remote_port sound_daemon_kill sound_daemon_restart + global sound_daemon_local_cmd sound_daemon_local_port sound_daemon_local_kill sound_daemon_local_start + puts $fh "sound_daemon_remote_cmd=$sound_daemon_remote_cmd" + puts $fh "sound_daemon_remote_port=$sound_daemon_remote_port" + puts $fh "sound_daemon_kill=$sound_daemon_kill" + puts $fh "sound_daemon_restart=$sound_daemon_restart" + puts $fh "sound_daemon_local_cmd=$sound_daemon_local_cmd" + puts $fh "sound_daemon_local_port=$sound_daemon_local_port" + puts $fh "sound_daemon_local_kill=$sound_daemon_local_kill" + puts $fh "sound_daemon_local_start=$sound_daemon_local_start" + + global smb_su_mode smb_mount_list + set list $smb_mount_list + regsub -all "\n" $list "%%%" list + puts $fh "smb_su_mode=$smb_su_mode" + puts $fh "smb_mount_list=$list" + + global use_port_knocking port_knocking_list + set list $port_knocking_list + regsub -all "\n" $list "%%%" list + puts $fh "use_port_knocking=$use_port_knocking" + puts $fh "port_knocking_list=$list" + + close $fh + set profdone 1 +} + +proc set_ssh {} { + global use_ssh use_sshssl + if {! $use_ssh && ! $use_sshssl} { + set use_ssh 1 + } + putty_pw_entry check +} + +proc expand_IP {redir} { + if {! [regexp {:IP:} $redir]} { + return $redir + } + if {! [regexp {(-R).*:IP:} $redir]} { + return $redir + } + + set ip [guess_ip] + set ip [string trim $ip] + if {$ip == ""} { + return $redir + } + + regsub -all {:IP:} $redir ":$ip:" redir + return $redir +} + +proc get_cups_redir {} { + global cups_local_server cups_remote_port + global cups_local_smb_server cups_remote_smb_port + set redir "$cups_remote_port:$cups_local_server" + regsub -all {['" ]} $redir {} redir; #" + set redir " -R $redir" + if {$cups_local_smb_server != "" && $cups_remote_smb_port != ""} { + set redir2 "$cups_remote_smb_port:$cups_local_smb_server" + regsub -all {['" ]} $redir2 {} redir2; #" + set redir "$redir -R $redir2" + } + set redir [expand_IP $redir] + return $redir +} + +proc get_additional_redir {} { + global additional_port_redirs additional_port_redirs_list + if {! $additional_port_redirs || $additional_port_redirs_list == ""} { + return "" + } + set redir [string trim $additional_port_redirs_list] + regsub -all {['"]} $redir {} redir; #" + set redir " $redir" + set redir [expand_IP $redir] + return $redir +} + +proc get_sound_redir {} { + global sound_daemon_remote_port sound_daemon_local_port + set loc $sound_daemon_local_port + if {! [regexp {:} $loc]} { + set loc "localhost:$loc" + } + set redir "$sound_daemon_remote_port:$loc" + regsub -all {['" ]} $redir {} redir; #" + set redir " -R $redir" + set redir [expand_IP $redir] + return $redir +} + +proc get_smb_redir {} { + global smb_mount_list + + set s [string trim $smb_mount_list] + if {$s == ""} { + return "" + } + + set did(0) 1 + set redir "" + set mntlist "" + + foreach line [split $s "\r\n"] { + set str [string trim $line] + if {$str == ""} { + continue + } + if {[regexp {^#} $str]} { + continue + } + + set port "" + if [regexp {^([0-9][0-9]*)[ \t][ \t]*(.*)} $str mvar port rest] { + # leading port + set str [string trim $rest] + } + + # grab: //share /dest [host[:port]] + set share "" + set dest "" + set hostport "" + foreach item [split $str] { + if {$item == ""} { + continue + } + if {$share == ""} { + set share [string trim $item] + } elseif {$dest == ""} { + set dest [string trim $item] + } elseif {$hostport == ""} { + set hostport [string trim $item] + } + } + + regsub {^~/} $dest {$HOME/} dest + + # work out the local host:port + set lhost "" + set lport "" + if {$hostport != ""} { + if [regexp {(.*):(.*)} $hostport mvar lhost lport] { + ; + } else { + set lhost $hostport + set lport 139 + } + } else { + if [regexp {//([^/][^/]*)/} $share mvar h] { + if [regexp {(.*):(.*)} $h mvar lhost lport] { + ; + } else { + set lhost $h + set lport 139 + } + } else { + set lhost localhost + set lport 139 + } + } + + if {$port == ""} { + if [info exists did("$lhost:$lport")] { + # reuse previous one: + set port $did("$lhost:$lport") + } else { + # choose one at random: + for {set i 0} {$i < 3} {incr i} { + set port [expr 20100 + 9000 * rand()] + set port [expr round($port)] + if { ! [info exists did($port)] } { + break + } + } + } + set did($port) 1 + } + + if {$mntlist != ""} { + append mntlist " " + } + append mntlist "$share,$dest,$port" + + if { ! [info exists did("$lhost:$lport")] } { + append redir " -R $port:$lhost:$lport" + set did("$lhost:$lport") $port + } + } + + regsub -all {['"]} $redir {} redir; #" + set redir [expand_IP $redir] + + regsub -all {['"]} $mntlist {} mntlist; #" + + set l [list] + lappend l $redir + lappend l $mntlist + return $l +} + +proc ugly_setup_scripts {mode tag} { + +set cmd(1) { + SSHD_PID="" + FLAG=$HOME/.vnc-helper-flag__PID__ + + if [ "X$USER" = "X" ]; then + USER=$LOGNAME + fi + + DO_CUPS=0 + cups_dir=$HOME/.cups + cups_cfg=$cups_dir/client.conf + cups_host=localhost + cups_port=NNNN + + DO_SMB=0 + DO_SMB_SU=0 + DO_SMB_WAIT=0 + smb_mounts= + DONE_PORT=NNNN + smb_script=$HOME/.smb-mounts__PID__.sh + + DO_SOUND=0 + DO_SOUND_KILL=0 + DO_SOUND_RESTART=0 + sound_daemon_remote_prog= + sound_daemon_remote_args= + + findpid() { + i=1 + back=10 + touch $FLAG + + if [ "X$TOPPID" = "X" ]; then + TOPPID=$$ + back=50 + fi + + while [ $i -lt $back ] + do + try=`expr $TOPPID - $i` + if ps $try 2>/dev/null | grep sshd >/dev/null; then + SSHD_PID="$try" + echo SSHD_PID=$try + echo + break + fi + i=`expr $i + 1` + done + } + + wait_til_ssh_gone() { + try_perl="" + if type perl >/dev/null 2>&1; then + try_perl=1 + fi + uname=`uname` + if [ "X$uname" != "XLinux" -a "X$uname" != "XSunOS" ]; then + try_perl="" + fi + if [ "X$try_perl" = "X1" ]; then + # try to avoid wasting pids: + perl -e "while (1) {if(! -e \"/proc/$SSHD_PID\"){exit} if(! -f \"$FLAG\"){exit} sleep 1;}" + else + while [ 1 ] + do + ps $SSHD_PID > /dev/null 2>&1 + if [ $? != 0 ]; then + break + fi + if [ ! -f $FLAG ]; then + break + fi + sleep 1 + done + fi + rm -f $FLAG + if [ "X$DO_SMB_WAIT" = "X1" ]; then + rm -f $smb_script + fi + } +}; + +set cmd(2) { + update_client_conf() { + mkdir -p $cups_dir + if [ -f $cups_cfg ]; then + cp -p $cups_cfg $cups_cfg.back + else + touch $cups_cfg.back + fi + sed -e "s/^ServerName/#-etv-#ServerName/" $cups_cfg.back > $cups_cfg + echo "ServerName $cups_host:$cups_port" >> $cups_cfg + echo + echo "--------------------------------------------------------------" + echo "The CUPS $cups_cfg config file has been set to:" + echo + cat $cups_cfg + echo + echo "If there are problems automatically restoring it, edit or" + echo "remove the file to go back to local CUPS settings." + echo + echo "A backup has been placed in: $cups_cfg.back" + echo + echo "See the help description for more details on printing." + echo + echo "done." + echo "--------------------------------------------------------------" + echo + } + + reset_client_conf() { + cp -p $cups_cfg $cups_cfg.tmp + grep -v "^ServerName" $cups_cfg.tmp | sed -e "s/^#-etv-#ServerName/ServerName/" > $cups_cfg + rm -f $cups_cfg.tmp + } + + cupswait() { + trap "" INT QUIT HUP + wait_til_ssh_gone + reset_client_conf + } +}; + +# if [ "X$DONE_PORT" != "X" ]; then +# if type perl >/dev/null 2>&1; then +# perl -e "use IO::Socket::INET; \$SIG{INT} = \"IGNORE\"; \$SIG{QUIT} = \"IGNORE\"; \$SIG{HUP} = \"INGORE\"; my \$client = IO::Socket::INET->new(Listen => 5, LocalAddr => \"localhost\", LocalPort => $DONE_PORT, Proto => \"tcp\")->accept(); \$line = <\$client>; close \$client; unlink \"$smb_script\";" </dev/null >/dev/null 2>/dev/null & +# if [ $? = 0 ]; then +# have_perl_done="1" +# fi +# fi +# fi + +set cmd(3) { + smbwait() { + trap "" INT QUIT HUP + wait_til_ssh_gone + } + do_smb_mounts() { + if [ "X$smb_mounts" = "X" ]; then + return + fi + echo > $smb_script + have_perl_done="" + echo "echo" >> $smb_script + dests="" + for mnt in $smb_mounts + do + smfs=`echo "$mnt" | awk -F, "{print \\\$1}"` + dest=`echo "$mnt" | awk -F, "{print \\\$2}"` + port=`echo "$mnt" | awk -F, "{print \\\$3}"` + dest=`echo "$dest" | sed -e "s,__USER__,$USER,g" -e "s,__HOME__,$HOME,g"` + if [ ! -d $dest ]; then + mkdir -p $dest + fi + echo "echo SMBMOUNT:" >> $smb_script + echo "echo smbmount $smfs $dest -o uid=$USER,ip=127.0.0.1,port=$port" >> $smb_script + echo "smbmount \"$smfs\" \"$dest\" -o uid=$USER,ip=127.0.0.1,port=$port" >> $smb_script + echo "echo; df \"$dest\"; echo" >> $smb_script + dests="$dests $dest" + done + #} +}; + +set cmd(4) { + echo "(" >> $smb_script + echo "trap \"\" INT QUIT HUP" >> $smb_script + + try_perl="" + if type perl >/dev/null 2>&1; then + try_perl=1 + fi + uname=`uname` + if [ "X$uname" != "XLinux" -a "X$uname" != "XSunOS" ]; then + try_perl="" + fi + + if [ "X$try_perl" = "X" ]; then + echo "while [ -f $smb_script ]" >> $smb_script + echo "do" >> $smb_script + echo " sleep 1" >> $smb_script + echo "done" >> $smb_script + else + echo "perl -e \"while (-f \\\\\"$smb_script\\\\\") {sleep 1;} exit 0;\"" >> $smb_script + fi + for dest in $dests + do + echo "echo smbumount $dest" >> $smb_script + echo "smbumount \"$dest\"" >> $smb_script + done + echo ") &" >> $smb_script + echo "--------------------------------------------------------------" + if [ "$DO_SMB_SU" = "0" ]; then + echo "We now run the smbmount script as user $USER" + echo + echo sh $smb_script + sh $smb_script + rc=0 + elif [ "$DO_SMB_SU" = "1" ]; then + echo "We now run the smbmount script via su(1)" + echo + echo "The first \"Password:\" will be for that of root to run the smbmount script." + echo + echo "Subsequent \"Password:\" will be for the SMB share(s) (hit Return if no passwd)" + echo + echo SU: + echo "su root -c \"sh $smb_script\"" + su root -c "sh $smb_script" + rc=$? + elif [ "$DO_SMB_SU" = "2" ]; then + echo "We now run the smbmount script via sudo(8)" + echo + echo "The first \"Password:\" will be for that of the sudo(8) password." + echo + echo "Subsequent \"Password:\" will be for the SMB shares (hit enter if no passwd)" + echo + echo SUDO: + echo sudo sh $smb_script + sudo sh $smb_script + rc=$? + fi +}; + +set cmd(5) { + #{ + echo + if [ "$rc" = 0 ]; then + if [ "X$have_perl_done" = "X1" -o 1 = 1 ] ; then + echo + echo "Your SMB shares will be be unmounted when the VNC connection" + echo "closes. If that fails follow these instructions:" + fi + echo + echo "To unmount your SMB shares make sure no applications are still using" + echo "any of the files and no shells are still cd-ed into the share area," + echo "then type:" + echo + echo " rm -f $smb_script" + echo + echo "(to avoid a 2nd ssh, try to do this before terminating the VNC Viewer)" + echo + echo "In the worst case run: smbumount /path/to/mount/point for each mount." + else + echo + if [ "$DO_SMB_SU" = "1" ]; then + echo "su(1) to run smbmount(8) failed." + elif [ "$DO_SMB_SU" = "2" ]; then + echo "sudo(8) to run smbmount(8) failed." + fi + rm -f $smb_script + fi + echo + echo "done." + echo "--------------------------------------------------------------" + echo + } +}; + +set cmd(6) { + + setup_sound() { + dpid="" + d=$sound_daemon_remote_prog + if type pgrep >/dev/null 2>/dev/null; then + dpid=`pgrep -U $USER -x $d | head -1` + else + dpid=`env PATH=/usr/ucb:$PATH ps wwwwaux | grep -w $USER | grep -w $d | grep -v grep | head -1` + fi + echo "--------------------------------------------------------------" + echo "Setting up Sound: pid=$dpid" + if [ "X$dpid" != "X" ]; then + dcmd=`env PATH=/usr/ucb:$PATH ps wwwwaux | grep -w $USER | grep -w $d | grep -w $dpid | grep -v grep | head -1 | sed -e "s/^.*$d/$d/"` + if [ "X$DO_SOUND_KILL" = "X1" ]; then + echo "Stopping sound daemon: $sound_daemon_remote_prog $dpid" + echo "sound cmd: $dcmd" + kill -TERM $dpid + fi + fi + echo + echo "done." + echo "--------------------------------------------------------------" + echo + } + + reset_sound() { + if [ "X$DO_SOUND_RESTART" = "X1" ]; then + d=$sound_daemon_remote_prog + a=$sound_daemon_remote_args + echo "Restaring sound daemon: $d $a" + $d $a </dev/null >/dev/null 2>&1 & + fi + } + + soundwait() { + trap "" INT QUIT HUP + wait_til_ssh_gone + reset_sound + } + + findpid + + if [ $DO_SMB = 1 ]; then + do_smb_mounts + fi + + waiter=0 + + if [ $DO_CUPS = 1 ]; then + update_client_conf + cupswait </dev/null >/dev/null 2>/dev/null & + waiter=1 + fi + + if [ $DO_SOUND = 1 ]; then + setup_sound + soundwait </dev/null >/dev/null 2>/dev/null & + waiter=1 + fi + if [ $DO_SMB_WAIT = 1 ]; then + if [ $waiter != 1 ]; then + smbwait </dev/null >/dev/null 2>/dev/null & + waiter=1 + fi + fi + + + echo "--vnc-helper-exiting--" + echo + rm -f $0 + exit 0 +}; + + set cmdall "" + + for {set i 1} {$i <= 6} {incr i} { + set v $cmd($i); + regsub -all "\n" $v "%" v + set cmd($i) $v + append cmdall "echo " + if {$i == 1} { + append cmdall {TOPPID=$$%} + } + append cmdall {'} + append cmdall $cmd($i) + append cmdall {' | tr '%' '\n'} + if {$i == 1} { + append cmdall {>} + } else { + append cmdall {>>} + } + append cmdall {$HOME/.vnc-helper-cmd__PID__; } + } + append cmdall {sh $HOME/.vnc-helper-cmd__PID__; } + + regsub -all {vnc-helper-cmd} $cmdall "vnc-helper-cmd-$mode" cmdall + if {$tag == ""} { + set tag [pid] + } + regsub -all {__PID__} $cmdall "$tag" cmdall + + set orig $cmdall + + global use_cups cups_local_server cups_remote_port cups_manage_rcfile + if {$use_cups && $cups_manage_rcfile} { + if {$mode == "post"} { + regsub {DO_CUPS=0} $cmdall {DO_CUPS=1} cmdall + regsub {cups_port=NNNN} $cmdall "cups_port=$cups_remote_port" cmdall + } + } + + global use_smbmnt smb_su_mode + if {$use_smbmnt} { + global smb_mounts + if {$smb_mounts != ""} { + set smbm $smb_mounts + regsub -all {%USER} $smbm "__USER__" smbm + regsub -all {%HOME} $smbm "__HOME__" smbm + if {$mode == "pre"} { + regsub {DO_SMB=0} $cmdall {DO_SMB=1} cmdall + if {$smb_su_mode == "su"} { + regsub {DO_SMB_SU=0} $cmdall {DO_SMB_SU=1} cmdall + } elseif {$smb_su_mode == "sudo"} { + regsub {DO_SMB_SU=0} $cmdall {DO_SMB_SU=2} cmdall + } elseif {$smb_su_mode == "none"} { + regsub {DO_SMB_SU=0} $cmdall {DO_SMB_SU=0} cmdall + } else { + regsub {DO_SMB_SU=0} $cmdall {DO_SMB_SU=1} cmdall + } + regsub {smb_mounts=} $cmdall "smb_mounts=\"$smbm\"" cmdall + } elseif {$mode == "post"} { + regsub {DO_SMB_WAIT=0} $cmdall {DO_SMB_WAIT=1} cmdall + } + } + } + + global use_sound + if {$use_sound} { + if {$mode == "pre"} { + global sound_daemon_remote_cmd sound_daemon_kill sound_daemon_restart + if {$sound_daemon_kill} { + regsub {DO_SOUND_KILL=0} $cmdall {DO_SOUND_KILL=1} cmdall + regsub {DO_SOUND=0} $cmdall {DO_SOUND=1} cmdall + } + if {$sound_daemon_restart} { + regsub {DO_SOUND_RESTART=0} $cmdall {DO_SOUND_RESTART=1} cmdall + regsub {DO_SOUND=0} $cmdall {DO_SOUND=1} cmdall + } + set sp [string trim $sound_daemon_remote_cmd] + regsub {[ \t].*$} $sp "" sp + set sa [string trim $sound_daemon_remote_cmd] + regsub {^[^ \t][^ \t]*[ \t][ \t]*} $sa "" sa + regsub {sound_daemon_remote_prog=} $cmdall "sound_daemon_remote_prog=\"$sp\"" cmdall + regsub {sound_daemon_remote_args=} $cmdall "sound_daemon_remote_args=\"$sa\"" cmdall + } + } + + if {"$orig" == "$cmdall"} { + return "" + } else { + return $cmdall + } +} + +proc cups_dialog {} { + + catch {destroy .cups} + toplevel .cups + wm title .cups "CUPS Tunnelling" + global cups_local_server cups_remote_port cups_manage_rcfile + global cups_local_smb_server cups_remote_smb_port + + scroll_text .cups.f + + set msg { + CUPS Printing requires SSH be used to set up the Print service port + redirection. This will be either of the "Use SSH instead" or "Use + SSH and SSL" modes under "Options". Pure SSL tunnelling will not work. + + This method requires working CUPS software setups on both the remote + and local sides of the connection. + + (See Method #1 below for perhaps the easiest way to get applications + to print through the tunnel; it requires admin privileges however). + + You choose an actual remote CUPS port below under "Use Remote CUPS + Port:" (6631 is just our default and used in the examples below). + Note that the normal default CUPS server port is 631. + + The port you choose must be unused on the VNC server machine (n.b. no + checking is done). Print requests connecting to it are redirected to + your local machine through the SSH tunnel. Note: root permission is + needed for ports less than 1024 (this is not recommended). + + Then enter the VNC Viewer side (i.e. where you are sitting) CUPS server + under "Local CUPS Server". E.g. use "localhost:631" if there is one + on the viewer machine, or, say, "my-print-srv:631" for a nearby CUPS + print server. + + Several methods are now described for how to get applications to + print through the port redirected tunnel. + + Method #0: Create or edit the file $HOME/.cups/client.conf on the VNC + server side by putting in something like this in it: + + ServerName localhost:6631 + + based on the port you selected above. + + NOTE: For this client.conf ServerName setting to work with lp(1) + and lpr(1) CUPS 1.2 or greater is required. The cmdline option + "-h localhost:6631" can be used for older versions. For client.conf to + work in general (e.g. Openoffice, Firefox), a bugfix found in CUPS 1.2.3 + is required. Two Workarounds (Methods #1 and #2) are described below. + + After the remote VNC Connection is finished, to go back to the non-SSH + tunnelled CUPS server and either remove the client.conf file or comment + out the ServerName line. This restores the normal CUPS server for + you on the remote machine. + + Select "Manage ServerName in the $HOME/.cups/client.conf file for me" to + attempt to do this editing of the CUPS config file for you automatically. + + Method #1: If you have admin permission on the VNC Server machine you + can likely "Add a Printer" via a GUI dialog, wizard, lpadmin(8), etc. + This makes the client.conf ServerName parameter unnecessary. You will + need to tell the GUI dialog that the printer is at, e.g., localhost:6631, + and anything else needed to identify the printer (type, model, etc). + + Method #2: Restarting individual applications with the IPP_PORT + set will enable redirected printing for them, e.g.: + "env IPP_PORT=6631 firefox" + + Windows/SMB Printers: Under "Local SMB Print Server" you can set + a port redirection for a Windows (non-CUPS) SMB printer. E.g. port + 6632 -> localhost:139. If localhost:139 does not work, try IP:139, + etc. or put in the IP address manually. Then at the least you can + print using the smbspool(8) program like this: + + smbspool smb://localhost:6632/lp job user title 1 "" myfile.ps + + You could put this in a script, "myprinter". It appears on the the URI, + the number of copies ("1" above) and the file itself are important. + (XXX this might only work for Samba printers...) + + If you have root permission you can configure CUPS to know about this + printer via lpadmin(8), etc. You basically give it the smb:// URI. + + For more info see: http://www.karlrunge.com/x11vnc/#faq-cups +} + .cups.f.t insert end $msg + + if {$cups_local_server == ""} { + set cups_local_server "localhost:631" + } + if {$cups_remote_port == ""} { + set cups_remote_port "6631" + } + if {$cups_local_smb_server == ""} { + global is_windows + if {$is_windows} { + set cups_local_smb_server "IP:139" + } else { + set cups_local_smb_server "localhost:139" + } + } + if {$cups_remote_smb_port == ""} { + set cups_remote_smb_port "6632" + } + + frame .cups.serv + label .cups.serv.l -text "Local CUPS Server: " + entry .cups.serv.e -width 40 -textvariable cups_local_server + pack .cups.serv.l -side left + pack .cups.serv.e -side left -expand 1 -fill x + + frame .cups.port + label .cups.port.l -text "Use Remote CUPS Port:" + entry .cups.port.e -width 40 -textvariable cups_remote_port + pack .cups.port.l -side left + pack .cups.port.e -side left -expand 1 -fill x + + frame .cups.smbs + label .cups.smbs.l -text "Local SMB Print Server: " + entry .cups.smbs.e -width 40 -textvariable cups_local_smb_server + pack .cups.smbs.l -side left + pack .cups.smbs.e -side left -expand 1 -fill x + + frame .cups.smbp + label .cups.smbp.l -text "Use Remote SMB Print Port:" + entry .cups.smbp.e -width 40 -textvariable cups_remote_smb_port + pack .cups.smbp.l -side left + pack .cups.smbp.e -side left -expand 1 -fill x + + checkbutton .cups.cupsrc -anchor w -variable cups_manage_rcfile -text \ + "Manage ServerName in the remote \$HOME/.cups/client.conf file for me" + + button .cups.done -text "Done" -command {destroy .cups; if {$use_cups} {set_ssh}} + bind .cups <Escape> {destroy .cups; if {$use_cups} {set_ssh}} + + button .cups.guess -text "Help me decide ..." -command {} + .cups.guess configure -state disabled + + pack .cups.done .cups.guess .cups.cupsrc .cups.smbp .cups.smbs .cups.port .cups.serv -side bottom -fill x + pack .cups.f -side top -fill both -expand 1 + + center_win .cups +} + +proc sound_dialog {} { + + global is_windows + + catch {destroy .snd} + toplevel .snd + wm title .snd "ESD/ARTSD Sound Tunnelling" + + scroll_text .snd.f 80 30 + + set msg { + Sound daemon tunnelling requires SSH be used to set up the service + port redirection. This will be either of the "Use SSH instead" or "Use + SSH and SSL" modes under "Options". Pure SSL tunnelling will not work. + + This method requires working Sound daemon (e.g. ESD or ARTSD) software + setups on both the remote and local sides of the connection. + + Often this means you want to run your ENTIRE remote desktop with all + applications instructed to use the sound daemon's network port. E.g. + + esddsp -s localhost:16001 startkde + esddsp -s localhost:16001 gnome-session + + and similarly for artsdsp, etc. You put this in your ~/.xession, + or other startup file. This is non standard. If you do not want to + do this you still can direct *individual* sound applications through + the tunnel, for example "esddsp -s localhost:16001 soundapp", where + "soundapp" is some application that makes noise (say xmms or mpg123). + + Also, usually the remote Sound daemon must be killed BEFORE the SSH port + redir is established (because it is listening on the port we want to use + for the SSH redir), and, presumably, restarted when the VNC connection + finished. + + One may also want to start and kill a local sound daemon that will + play the sound received over the network on the local machine. + + You can indicate the remote and local Sound daemon commands below and + how they should be killed and/or restart. Some examples: + + esd -promiscuous -as 5 -port 16001 -tcp -bind 127.0.0.1 + artsd -n -p 7265 -F 10 -S 4096 -n -s 5 -m artsmessage -l 3 -f + + or you can leave some or all blank and kill/start them manually. + + For convenience, a Windows port of ESD is provided in the util/esound + directory, and so this might work for a Local command: + + esound\esd -promiscuous -as 5 -port 16001 -tcp -bind 127.0.0.1 + + NOTE: If you indicate "Remote Sound daemon: Kill at start." below, + then THERE WILL BE TWO SSH'S: THE FIRST ONE TO KILL THE DAEMON. + So you may need to supply TWO SSH PASSWORDS, unless you are using + something like ssh-agent(1), the Putty PW setting, etc. + + You will also need to supply the remote and local sound ports for the + SSH redirs (even though in principle the could be guessed from the + daemon commands...) For esd the default port is 16001, but you can + choose another one if you prefer. + + For "Local Sound Port" you can also supply "host:port" instead of just + a numerical port to specify non-localhost connections, e.g. to another + machine. + + For more info see: http://www.karlrunge.com/x11vnc/#faq-sound +} + .snd.f.t insert end $msg + + global sound_daemon_remote_port sound_daemon_local_port sound_daemon_local_cmd + if {$sound_daemon_remote_port == ""} { + set sound_daemon_remote_port 16001 + } + if {$sound_daemon_local_port == ""} { + set sound_daemon_local_port 16001 + } + + if {$sound_daemon_local_cmd == ""} { + global is_windows + if {$is_windows} { + set sound_daemon_local_cmd {esound\esd -promiscuous -as 5 -port %PORT -tcp -bind 127.0.0.1} + } else { + set sound_daemon_local_cmd {esd -promiscuous -as 5 -port %PORT -tcp -bind 127.0.0.1} + } + regsub {%PORT} $sound_daemon_local_cmd $sound_daemon_local_port sound_daemon_local_cmd + } + + + frame .snd.remote + label .snd.remote.l -text "Remote Sound daemon cmd: " + entry .snd.remote.e -width 40 -textvariable sound_daemon_remote_cmd + pack .snd.remote.l -side left + pack .snd.remote.e -side left -expand 1 -fill x + + frame .snd.local + label .snd.local.l -text "Local Sound daemon cmd: " + entry .snd.local.e -width 40 -textvariable sound_daemon_local_cmd + pack .snd.local.l -side left + pack .snd.local.e -side left -expand 1 -fill x + + frame .snd.rport + label .snd.rport.l -text "Remote Sound Port: " + entry .snd.rport.e -width 40 -textvariable sound_daemon_remote_port + pack .snd.rport.l -side left + pack .snd.rport.e -side left -expand 1 -fill x + + frame .snd.lport + label .snd.lport.l -text "Local Sound Port: " + entry .snd.lport.e -width 40 -textvariable sound_daemon_local_port + pack .snd.lport.l -side left + pack .snd.lport.e -side left -expand 1 -fill x + + + checkbutton .snd.sdk -anchor w -variable sound_daemon_kill -text \ + "Remote Sound daemon: Kill at start." + + checkbutton .snd.sdr -anchor w -variable sound_daemon_restart -text \ + "Remote Sound daemon: Restart at end." + + checkbutton .snd.sdsl -anchor w -variable sound_daemon_local_start -text \ + "Local Sound daemon: Run at start." + + checkbutton .snd.sdkl -anchor w -variable sound_daemon_local_kill -text \ + "Local Sound daemon: Kill at end." + + button .snd.guess -text "Help me decide ..." -command {} + .snd.guess configure -state disabled + + global is_win9x + if {$is_win9x} { + .snd.local.e configure -state disabled + .snd.local.l configure -state disabled + .snd.sdsl configure -state disabled + .snd.sdkl configure -state disabled + } + + button .snd.done -text "Done" -command {destroy .snd; if {$use_sound} {set_ssh}} + bind .snd <Escape> {destroy .snd; if {$use_sound} {set_ssh}} + + pack .snd.done .snd.guess .snd.sdkl .snd.sdsl .snd.sdr .snd.sdk .snd.lport .snd.rport \ + .snd.local .snd.remote -side bottom -fill x + pack .snd.f -side bottom -fill both -expand 1 + + center_win .snd +} + +# Share ideas. +# +# Unix: +# +# if type smbclient +# first parse smbclient -L localhost -N +# and/or smbclient -L `hostname` -N +# Get Sharenames and Servers and Domain. +# +# loop over servers, doing smbclient -L server -N +# pile this into a huge list, sep by disk and printers. +# +# WinXP: +# +# parse "NET VIEW" output similarly. +# +# Have checkbox for each disk. Set default root to /var/tmp/${USER}-mnts +# Let them change that at once and have it populate. +# +# use //hostname/share /var/tmp/runge-mnts/hostname/share +# +# +# Printers, hmmm. Can't add to remote cups list... I guess have the list +# ready for CUPS dialog to suggest which SMB servers they want to redirect +# to... + +proc get_hostname {} { + global is_windows is_win9x + set str "" + if {$is_windows} { + if {1} { + catch {set str [exec hostname]} + regsub -all {[\r]} $str "" str + } else { + catch {set str [exec net config]} + if [regexp -nocase {Computer name[ \t]+\\\\([^ \t]+)} $str mv str] { + ; + } else { + set str "" + } + } + } else { + catch {set str [exec hostname]} + } + set str [string trim $str] + return $str +} + +proc smb_list_windows {smbhost} { + global smb_local smb_local_hosts smb_this_host + global is_win9x + set dbg 0 + + set domain "" + + if {$is_win9x} { + # exec net view ... doesn't work. + set smb_this_host "unknown" + return + } + + set this_host [get_hostname] + set This_host [string toupper $this_host] + set smb_this_host $This_host + + if {$smbhost == $smb_this_host} { + catch {set out0 [exec net view]} + regsub -all {[\r]} $out0 "" out0 + foreach line [split $out0 "\n"] { + if [regexp -nocase {in workgroup ([^ \t]+)} $line mv wg] { + regsub -all {[.]} $wg "" wg + set domain $wg + } elseif [regexp {^\\\\([^ \t]+)[ \t]*(.*)} $line mv host comment] { + set smb_local($smbhost:server:$host) $comment + } + } + } + + set out1 "" + set h "\\\\$smbhost" + catch {set out1 [exec net view $h]} + regsub -all {[\r]} $out1 "" out1 + + if {$dbg} {puts "SMBHOST: $smbhost"} + + set mode "" + foreach line [split $out1 "\n"] { + if [regexp {^[ \t]*---} $line] { + continue + } + if [regexp -nocase {The command} $line] { + continue + } + if [regexp -nocase {Shared resources} $line] { + continue + } + if [regexp -nocase {^[ \t]*Share[ \t]*name} $line] { + set mode "shares" + continue + } + set line [string trim $line] + if {$line == ""} { + continue + } + if {$mode == "shares"} { + if [regexp {^([^ \t]+)[ \t]+([^ \t]+)[ \t]*(.*)$} $line mv name type comment] { + if {$dbg} { + puts "SHR: $name" + puts "---: $type" + puts "---: $comment" + } + if [regexp -nocase {^Disk$} $type] { + set smb_local($smbhost:disk:$name) $comment + } elseif [regexp -nocase {^Print} $type] { + set smb_local($smbhost:printer:$name) $comment + } + } + } + } + + set smb_local($smbhost:domain) $domain +} + +proc smb_list_unix {smbhost} { + global smb_local smb_local_hosts smb_this_host + set smbclient [in_path smbclient] + if {[in_path smbclient] == ""} { + return "" + } + set dbg 0 + + set this_host [get_hostname] + set This_host [string toupper $this_host] + set smb_this_host $This_host + + set out1 "" + catch {set out1 [exec smbclient -N -L $smbhost 2>@ stdout]} + + if {$dbg} {puts "SMBHOST: $smbhost"} + if {$smbhost == $this_host || $smbhost == $This_host} { + if {$out1 == ""} { + catch {set out1 [exec smbclient -N -L localhost 2>@ stdout]} + } + } + + set domain "" + set mode "" + foreach line [split $out1 "\n"] { + if [regexp {^[ \t]*---} $line] { + continue + } + if [regexp {Anonymous login} $line] { + continue + } + if {$domain == "" && [regexp {Domain=\[([^\]]+)\]} $line mv domain]} { + if {$dbg} {puts "DOM: $domain"} + continue + } + if [regexp {^[ \t]*Sharename} $line] { + set mode "shares" + continue + } + if [regexp {^[ \t]*Server} $line] { + set mode "server" + continue + } + if [regexp {^[ \t]*Workgroup} $line] { + set mode "workgroup" + continue + } + set line [string trim $line] + if {$mode == "shares"} { + if [regexp {^([^ \t]+)[ \t]+([^ \t]+)[ \t]*(.*)$} $line mv name type comment] { + if {$dbg} { + puts "SHR: $name" + puts "---: $type" + puts "---: $comment" + } + if [regexp -nocase {^Disk$} $type] { + set smb_local($smbhost:disk:$name) $comment + } elseif [regexp -nocase {^Printer$} $type] { + set smb_local($smbhost:printer:$name) $comment + } + } + } elseif {$mode == "server"} { + if [regexp {^([^ \t]+)[ \t]*(.*)$} $line mv host comment] { + if {$dbg} { + puts "SVR: $host" + puts "---: $comment" + } + set smb_local($smbhost:server:$host) $comment + } + } elseif {$mode == "workgroup"} { + if [regexp {^([^ \t]+)[ \t]+(.*)$} $line mv work host] { + if {$dbg} { + puts "WRK: $work" + puts "---: $host" + } + if {$host != ""} { + set smb_local($smbhost:master:$work) $host + } + } + } + } + + set smb_local($smbhost:domain) $domain +} + +proc smb_list {} { + global is_windows smb_local smb_local_hosts + global smb_host_list + + set smb_local(null) "" + + if {! [info exists smb_host_list]} { + set smb_host_list "" + } + if [info exists smb_local] { + unset smb_local + } + if [info exists smb_local_hosts] { + unset smb_local_hosts + } + + set this_host [get_hostname] + set this_host [string toupper $this_host] + if {$is_windows} { + smb_list_windows $this_host + } else { + smb_list_unix $this_host + } + set did($this_host) 1 + set keys [array names smb_local] + foreach item [split $smb_host_list] { + if {$item != ""} { + set item [string toupper $item] + lappend keys "$this_host:server:$item" + } + } + foreach key $keys { + if [regexp "^$this_host:server:(.*)\$" $key mv host] { + if {$host == ""} { + continue + } + set smb_local_hosts($host) 1 + if {! [info exists did($host)]} { + if {$is_windows} { + smb_list_windows $host + } else { + smb_list_unix $host + } + set did($host) 1 + } + } + } +} + +proc smb_check_selected {} { + global smbmount_exists smbmount_sumode + global smb_selected smb_selected_mnt smb_selected_cb smb_selected_en + + set ok 0 + if {$smbmount_exists && $smbmount_sumode != "dontknow"} { + set ok 1 + } + set state disabled + if {$ok} { + set state normal + } + + foreach cb [array names smb_selected_cb] { + catch {$cb configure -state $state} + } + foreach en [array names smb_selected_en] { + catch {$en configure -state $state} + } +} + +proc make_share_widgets {w} { + + set share_label $w.f.hl + catch {$share_label configure -text "Share Name: PROBING ..."} + update + + smb_list + + set saw_f 0 + foreach child [winfo children $w] { + if {$child == "$w.f"} { + set saw_f 1 + continue + } + catch {destroy $child} + } + + set w1 47 + set w2 44 + + if {! $saw_f} { + set wf $w.f + frame $wf + label $wf.hl -width $w1 -text "Share Name:" -anchor w + label $wf.hr -width $w2 -text " Mount Point:" -anchor w + + pack $wf.hl $wf.hr -side left -expand 1 + pack $wf -side top -fill x + + .smbwiz.f.t window create end -window $w + } + + global smb_local smb_local_hosts smb_this_host smb_selected smb_selected_mnt + global smb_selected_host smb_selected_name + global smb_selected_cb smb_selected_en + global smb_host_list + if [info exists smb_selected] {array unset smb_selected } + if [info exists smb_selected_mnt] {array unset smb_selected_mnt} + if [info exists smb_selected_cb] {array unset smb_selected_cb} + if [info exists smb_selected_en] {array unset smb_selected_en} + if [info exists smb_selected_host] {array unset smb_selected_host} + if [info exists smb_selected_name] {array unset smb_selected_name} + + set hosts [list $smb_this_host] + lappend hosts [lsort [array names smb_local_hosts]] + + set smb_host_list "" + set i 0 + + global smb_mount_prefix + set smb_mount_prefix "/var/tmp/%USER-mnts" + + foreach host [lsort [array names smb_local_hosts]] { + + if [info exists did($host)] { + continue + } + set did($host) 1 + + append smb_host_list "$host " + + foreach key [lsort [array names smb_local]] { + if [regexp {^([^:]+):([^:]+):(.*)$} $key mv host2 type name] { + if {$host2 != $host} { + continue + } + if {$type != "disk"} { + continue + } + set wf $w.f$i + frame $wf + checkbutton $wf.c -anchor w -width $w1 -variable smb_selected($i) \ + -text "//$host/$name" -relief ridge + if {! [info exists smb_selected($i)]} { + set smb_selected($i) 0 + } + + entry $wf.e -width $w2 -textvariable smb_selected_mnt($i) + set smb_selected_mnt($i) "$smb_mount_prefix/$host/$name" + + set smb_selected_host($i) $host + set smb_selected_name($i) $name + + set smb_selected_cb($wf.c) $i + set smb_selected_en($wf.e) $i + set comment $smb_local($key) + + bind $wf.c <Enter> "$share_label configure -text {Share Name: $comment}" + bind $wf.c <Leave> "$share_label configure -text {Share Name:}" + + $wf.c configure -state disabled + $wf.e configure -state disabled + + pack $wf.c $wf.e -side left -expand 1 + pack $wf -side top -fill x + incr i + } + } + } + if {$i == 0} { + global is_win9x + #.smbwiz.f.t insert end "\nNo SMB Share Hosts were found!\n" + $share_label configure -text {Share Name: No SMB Share Hosts were found!} + if {$is_win9x} { + .smbwiz.f.t insert end "\n(this feature does not work on Win9x you have have to enter them manually: //HOST/share /var/tmp/mymnt)\n" + } + } else { + $share_label configure -text "Share Name: Found $i SMB Shares" + } + smb_check_selected +} + +proc smb_help_me_decide {} { + global is_windows + global smb_local smb_local_hosts smb_this_host smb_selected smb_selected_mnt + global smb_selected_host smb_selected_name + global smb_selected_cb smb_selected_en + global smb_host_list + + catch {destroy .smbwiz} + toplevel .smbwiz + set title "SMB Filesystem Tunnelling -- Help Me Decide" + wm title .smbwiz $title + set id " " + + scroll_text .smbwiz.f 100 40 + + set msg { +For now you will have to verify the following information manually. + +You can do this by either logging into the remote machine to find the info or asking the sysadmin for it. + +} + + if {! $is_windows} { + .smbwiz.f.t configure -font {Helvetica -12 bold} + } + .smbwiz.f.t insert end $msg + + set w .smbwiz.f.t.f1 + frame $w -bd 1 -relief ridge -cursor {top_left_arrow} + + .smbwiz.f.t insert end "\n" + + .smbwiz.f.t insert end "1) Indicate the existence of the 'smbmount' command on the remote system:\n" + .smbwiz.f.t insert end "\n$id" + global smbmount_exists + set smbmount_exists 0 + + checkbutton $w.smbmount_exists -pady 1 -anchor w -variable smbmount_exists \ + -text "Yes, the 'smbmount' command exists on the remote system." \ + -command smb_check_selected + + pack $w.smbmount_exists + .smbwiz.f.t window create end -window $w + + .smbwiz.f.t insert end "\n\n\n" + + set w .smbwiz.f.t.f2 + frame $w -bd 1 -relief ridge -cursor {top_left_arrow} + + .smbwiz.f.t insert end "2) Indicate your authorization to run 'smbmount' on the remote system:\n" + .smbwiz.f.t insert end "\n$id" + global smbmount_sumode + set smbmount_sumode "dontknow" + + radiobutton $w.dk -pady 1 -anchor w -variable smbmount_sumode -value dontknow \ + -text "I do not know if I can mount SMB shares on the remote system via 'smbmount'" \ + -command smb_check_selected + pack $w.dk -side top -fill x + + radiobutton $w.su -pady 1 -anchor w -variable smbmount_sumode -value su \ + -text "I know the Password to run commands as root on the remote system via 'su'" \ + -command smb_check_selected + pack $w.su -side top -fill x + + radiobutton $w.sudo -pady 1 -anchor w -variable smbmount_sumode -value sudo \ + -text "I know the Password to run commands as root on the remote system via 'sudo'" \ + -command smb_check_selected + pack $w.sudo -side top -fill x + + radiobutton $w.ru -pady 1 -anchor w -variable smbmount_sumode -value none \ + -text "I do not need to be root on the remote system to mount SMB shares via 'smbmount'" \ + -command smb_check_selected + pack $w.ru -side top -fill x + + .smbwiz.f.t window create end -window $w + + global smb_wiz_done + set smb_wiz_done 0 + + button .smbwiz.done -text "Done" -command {set smb_wiz_done 1} + pack .smbwiz.done -side bottom -fill x + pack .smbwiz.f -side top -fill both -expand 1 + + wm protocol .smbwiz WM_DELETE_WINDOW {set smb_wiz_done 1} + center_win .smbwiz + + wm title .smbwiz "Searching for Local SMB shares..." + update + wm title .smbwiz $title + + global smb_local smb_this_host + .smbwiz.f.t insert end "\n\n\n" + + set w .smbwiz.f.t.f3 + catch {destroy $w} + frame $w -bd 1 -relief ridge -cursor {top_left_arrow} + + .smbwiz.f.t insert end "3) Select SMB shares to mount and their mount point on the remote system:\n" + .smbwiz.f.t insert end "\n${id}" + + make_share_widgets $w + + .smbwiz.f.t insert end "\n(%USER will be expanded to the username on the remote system and %HOME the home directory)\n" + + .smbwiz.f.t insert end "\n\n\n" + + .smbwiz.f.t insert end "You can change the list of Local SMB hosts to probe and the mount point prefix here:\n" + .smbwiz.f.t insert end "\n$id" + set w .smbwiz.f.t.f4 + frame $w -bd 1 -relief ridge -cursor {top_left_arrow} + set wf .smbwiz.f.t.f4.f + frame $wf + label $wf.l -text "SMB Hosts: " -anchor w + entry $wf.e -textvariable smb_host_list -width 60 + button $wf.b -text "Apply" -command {make_share_widgets .smbwiz.f.t.f3} + bind $wf.e <Return> "$wf.b invoke" + pack $wf.l $wf.e $wf.b -side left + pack $wf + pack $w + + .smbwiz.f.t window create end -window $w + + .smbwiz.f.t insert end "\n$id" + + set w .smbwiz.f.t.f5 + frame $w -bd 1 -relief ridge -cursor {top_left_arrow} + set wf .smbwiz.f.t.f5.f + frame $wf + label $wf.l -text "Mount Prefix:" -anchor w + entry $wf.e -textvariable smb_mount_prefix -width 60 + button $wf.b -text "Apply" -command {apply_mount_point_prefix .smbwiz.f.t.f5.f.e} + bind $wf.e <Return> "$wf.b invoke" + pack $wf.l $wf.e $wf.b -side left + pack $wf + pack $w + + .smbwiz.f.t window create end -window $w + + .smbwiz.f.t insert end "\n\n\n" + + .smbwiz.f.t see 1.0 + .smbwiz.f.t configure -state disabled + update + + vwait smb_wiz_done + catch {destroy .smbwiz} + + if {! $smbmount_exists || $smbmount_sumode == "dontknow"} { + tk_messageBox -type ok -icon warning -message "Sorry we couldn't help out!\n'smbmount' info on the remote system is required for SMB mounting" -title "SMB mounting -- aborting" + catch {raise .oa} + return + } + global smb_su_mode + set smb_su_mode $smbmount_sumode + + set max 0 + foreach en [array names smb_selected_en] { + set i $smb_selected_en($en) + set host $smb_selected_host($i) + set name $smb_selected_name($i) + + set len [string length "//$host/$name"] + if {$len > $max} { + set max $len + } + } + + set max [expr $max + 8] + + set strs "" + foreach en [array names smb_selected_en] { + set i $smb_selected_en($en) + if {! $smb_selected($i)} { + continue + } + set host $smb_selected_host($i) + set name $smb_selected_name($i) + set mnt $smb_selected_mnt($i) + + set share "//$host/$name" + set share [format "%-${max}s" $share] + + lappend strs "$share $mnt" + } + set text "" + foreach str [lsort $strs] { + append text "$str\n" + } + + global smb_mount_list + set smb_mount_list $text + + smb_dialog +} + +proc apply_mount_point_prefix {w} { + global smb_selected_host smb_selected_name + global smb_selected_en smb_selected_mnt + + set prefix "" + catch {set prefix [$w get]} + if {$prefix == ""} { + mesg "No mount prefix." + bell + return + } + + foreach en [array names smb_selected_en] { + set i $smb_selected_en($en) + set host $smb_selected_host($i) + set name $smb_selected_name($i) + set smb_selected_mnt($i) "$prefix/$host/$name" + } +} + +proc smb_dialog {} { + catch {destroy .smb} + toplevel .smb + wm title .smb "SMB Filesystem Tunnelling" + global smb_su_mode smb_mount_list + global use_smbmnt + + global help_font + + scroll_text .smb.f + + set msg { + Windows/Samba Filesystem mounting requires SSH be used to set up the SMB + service port redirection. This will be either of the "Use SSH instead" + or "Use SSH and SSL" modes under "Options". Pure SSL tunnelling will + not work. + + This method requires a working Samba software setup on the remote + side of the connection (VNC server) and existing Samba or Windows file + server(s) on the local side (VNC viewer). + + The smbmount(8) program MUST be installed on the remote side. + This evidently limits the mounting to Linux systems. Let us know + of similar utilities on other Unixes. Mounting onto remote Windows + machines is currently not supported (our SSH mode only works to Unix). + + Depending on how smbmount is configured you may be able to run it + as a regular user, or it may require running under su(1) or sudo(8) + (root password or user password required, respectively). You select + which one you want via the checkbuttons below. + + In addition to a possible su(1) or sudo(8) password, you may ALSO + need to supply passwords to mount each SMB share. This is an SMB passwd. + If it has no password just hit enter after the "Password:" prompt. + + The passwords are supplied when the 1st SSH connection starts up; + be prepared to respond to them. + + NOTE: USE OF SMB TUNNELLING MODE WILL REQUIRE TWO SSH'S, AND SO YOU + MAY NEED TO SUPPLY TWO LOGIN PASSWORDS UNLESS YOU ARE USING SOMETHING + LIKE ssh-agent(1) or the Putty PW setting. + %WIN + + To indicate the Windows/Samba shares to mount enter them one per line + in either one of the forms: + + //machine1/share ~/Desktop/my-mount1 + //machine2/fubar /var/tmp/my-foobar2 192.168.100.53:3456 + 1139 //machine3/baz /var/tmp/baz [...] + + The first part is the standard SMB host and share name //hostname/dir + (note this share is on the local viewer-side not on the remote end). + A leading '#' will cause the entire line to be skipped. + + The second part, e.g. /var/tmp/my-foobar2, is the directory to mount + the share on the remote (VNC Server) side. You must be able to + write to this directory. It will be created if it does not exist. + A leading character ~ will be expanded to $HOME. So will the string + %HOME. The string %USER will get expanded to the remote username. + + An optional part like 192.168.100.53:3456 is used to specify the real + hostname or IP address, and possible non-standard port, on the local + side if for some reason the //hostname is not sufficient. + + An optional leading numerical value, 1139 in the above example, indicates + which port to use on the Remote side to SSH redirect to the local side. + Otherwise a random one is tried (a unique one is needed for each SMB + server:port combination). A fixed one is preferred: choose a free + remote port. + + The standard SMB ports are 445 and 139. 139 is used by this application. + + Sometimes "localhost" will not work on Windows machines for a share + hostname, and you will have to specify a different network interface + (e.g. the machine's IP address). If you use the literal string "IP" + it will be attempted to replace it with the numerical IP address, e.g.: + + //machine1/share ~/Desktop/my-mount1 IP + + VERY IMPORTANT: Before terminating the VNC Connection, make sure no + applications are using any of the SMB shares (or shells are cd-ed + into the share). This way the shares will be automatically umounted. + Otherwise you will need to log in again, stop processes from using + the share, become root and umount the shares manually ("smbumount + /path/to/share", etc.) + + For more info see: http://www.karlrunge.com/x11vnc/#faq-smb-shares +} + + set msg2 { + To speed up moving to the next step, iconify the first SSH console + when you are done entering passwords, etc. and then click on the + main panel 'VNC Server' label. +} + + global is_windows + if {! $is_windows} { + regsub { *%WIN} $msg "" msg + } else { + set msg2 [string trim $msg2] + regsub { *%WIN} $msg " $msg2" msg + } + .smb.f.t insert end $msg + + frame .smb.r + label .smb.r.l -text "smbmount(8) auth mode:" -relief ridge + radiobutton .smb.r.none -text "None" -variable smb_su_mode -value "none" + radiobutton .smb.r.su -text "su(1)" -variable smb_su_mode -value "su" + radiobutton .smb.r.sudo -text "sudo(8)" -variable smb_su_mode -value "sudo" + + pack .smb.r.l .smb.r.none .smb.r.sudo .smb.r.su -side left -fill x + + label .smb.info -text "Supply the mounts (one per line) below:" -anchor w -relief ridge + + eval text .smb.mnts -width 80 -height 5 $help_font + .smb.mnts insert end $smb_mount_list + + #apply_bg .smb.mnts + + button .smb.guess -text "Help me decide ..." -command {destroy .smb; smb_help_me_decide} + #.smb.guess configure -state disabled + + button .smb.done -text "Done" -command {if {$use_smbmnt} {set_ssh; set smb_mount_list [.smb.mnts get 1.0 end]}; destroy .smb} + bind .smb <Escape> {if {$use_smbmnt} {set_ssh; set smb_mount_list [.smb.mnts get 1.0 end]}; destroy .smb} + + pack .smb.done .smb.guess .smb.mnts .smb.info .smb.r -side bottom -fill x + pack .smb.f -side top -fill both -expand 1 + + center_win .smb +} + +proc help_advanced_opts {} { + catch {destroy .ah} + toplevel .ah + + scroll_text_dismiss .ah.f + + center_win .ah + + wm title .ah "Advanced Opts Help" + + set msg { + These Advanced settings are experimental options that may require extra + software installed on the VNC server-side (the remote server machine) + and/or on the VNC client-side (where this gui is running). + + The Service redirection options, CUPS, ESD/ARTSD, and SMB will require + that you use SSH for tunneling so that the -R port redirection will + be enabled for each service. I.e. "Use SSH instead" or "Use SSH and SSL" + + These options may also require additional configuration to get them + to work properly. Please submit bug reports if it appears it should + be working for your setup but is not. + + Brief descriptions: + + CUPS Print tunnelling: redirect localhost:6631 (say) on the VNC + server to your local CUPS server. + + ESD/ARTSD Audio tunnelling: redirect localhost:16001 (say) on + the VNC server to your local ESD, etc. sound server. + + SMB mount tunnelling: redirect localhost:1139 (say) on the VNC + server and through that mount SMB file shares from your local + server. The remote machine must be Linux. + + Change vncviewer: specify a non-bundled VNC Viewer (e.g. + UltraVNC or RealVNC) to run instead of the bundled TightVNC Viewer. + + Extra Redirs: specify additional -L port:host:port and + -R port:host:port cmdline options for SSH to enable additional + services. + + Port Knocking: for "closed port" services, first "knock" on the + firewall ports in a certain way to open the door for SSH or SSL. + + About the CheckButtons: + + Ahem, Well...., a klunky UI: you have to toggle the CheckButton + to pull up the Dialog box a 2nd, etc. time... your settings will + still be there. +} + + .ah.f.t insert end $msg + #raise .ah +} + +proc set_viewer_path {} { + global change_vncviewer_path + set change_vncviewer_path [tk_getOpenFile] + catch {raise .chviewer} + update +} + +proc change_vncviewer_dialog {} { + global change_vncviewer change_vncviewer_path vncviewer_realvnc4 + + catch {destroy .chviewer} + toplevel .chviewer + wm title .chviewer "Change VNC Viewer" + + global help_font + eval text .chviewer.t -width 90 -height 16 $help_font + apply_bg .chviewer.t + + set msg { + To use your own VNC Viewer (i.e. one installed by you, not included in this + package), e.g. UltraVNC or RealVNC, type in the program name, or browse for + the full path to it. You can put command line arguments after the program. + + Note that due to incompatibilities with respect to command line options + there may be issues, especially if many command line options are supplied. + You can specify your own command line options below if you like (and try to + avoid setting any others in this GUI). + + If the path to the program name has any spaces it in, please surround it with + double quotes, e.g. "C:\Program Files\My Vnc Viewer\VNCVIEWER.EXE" + + Since the command line options differ between them greatly, if you know it + is of the RealVNC 4.x flavor, indicate so on the check box. +} + .chviewer.t insert end $msg + + frame .chviewer.path + label .chviewer.path.l -text "VNC Viewer:" + entry .chviewer.path.e -width 40 -textvariable change_vncviewer_path + button .chviewer.path.b -text "Browse..." -command set_viewer_path + checkbutton .chviewer.path.r -anchor w -variable vncviewer_realvnc4 -text \ + "RealVNC 4.x" + + pack .chviewer.path.l -side left + pack .chviewer.path.e -side left -expand 1 -fill x + pack .chviewer.path.b -side left + pack .chviewer.path.r -side left + + button .chviewer.done -text "Done" -command {destroy .chviewer; catch {raise .oa}} + bind .chviewer <Escape> {destroy .chviewer; catch {raise .oa}} + + pack .chviewer.t .chviewer.path .chviewer.done -side top -fill x + + center_win .chviewer + wm resizable .chviewer 1 0 + + focus .chviewer.path.e +} + +proc port_redir_dialog {} { + global additional_port_redirs additional_port_redirs_list + + catch {destroy .redirs} + toplevel .redirs + wm title .redirs "Additional Port Redirections" + + global help_font + eval text .redirs.t -width 80 -height 35 $help_font + apply_bg .redirs.t + + set msg { + Specify any additional SSH port redirections you desire for the + connection. Put as many as you want separated by spaces. These only + apply to SSH and SSH+SSL connections, they do not apply to Pure SSL + connections. + + -L port1:host:port2 will listen on port1 on the local machine (where + you are sitting) and redirect them to port2 on + "host". "host" is relative to the remote side + (VNC Server). Use "localhost" for the remote + machine itself. + + -R port1:host:port2 will listen on port1 on the remote machine + (where the VNC server is running) and redirect + them to port2 on "host". "host" is relative + to the local side (where you are sitting). + Use "localhost" for this machine. + + Perhaps you want a redir to a web server inside an intranet: + + -L 8001:web-int:80 + + Or to redir a remote port to your local SSH daemon: + + -R 5022:localhost:22 + + etc. There are many interesting possibilities. + + Sometimes, especially for Windows Shares, you cannot do a -R redir to + localhost, but need to supply the IP address of the network interface + (e.g. by default the Shares do not listen on localhost:139). As a + convenience you can do something like -R 1139:IP:139 (for any port + numbers) and the IP will be attempted to be expanded. If this fails + for some reason you will have to use the actual numerical IP address. +} + .redirs.t insert end $msg + + frame .redirs.path + label .redirs.path.l -text "Port Redirs:" + entry .redirs.path.e -width 40 -textvariable additional_port_redirs_list + + pack .redirs.path.l -side left + pack .redirs.path.e -side left -expand 1 -fill x + + button .redirs.done -text "Done" -command {destroy .redirs} + bind .redirs <Escape> {destroy .redirs} + + pack .redirs.t .redirs.path .redirs.done -side top -fill x + + center_win .redirs + wm resizable .redirs 1 0 + + focus .redirs.path.e +} + +proc find_netcat {} { + global env is_windows + + set nc "" + + if {! $is_windows} { + set nc [in_path "netcat"] + if {$nc == ""} { + set nc [in_path "nc"] + } + } else { + set try "netcat.exe" + if [file exists $try] { + set nc $try + } + } + return $nc +} + +proc pk_expand {cmd host} { + global tcl_platform + set secs [clock seconds] + set msecs [clock clicks -milliseconds] + set user $tcl_platform(user) + if [regexp {%IP} $cmd] { + set ip [guess_ip] + if {$ip == ""} { + set ip "unknown" + } + regsub -all {%IP} $cmd $ip cmd + } + if [regexp {%NAT} $cmd] { + set ip [guess_nat_ip] + regsub -all {%NAT} $cmd $ip cmd + } + regsub -all {%HOST} $cmd $host cmd + regsub -all {%USER} $cmd $user cmd + regsub -all {%SECS} $cmd $secs cmd + regsub -all {%MSECS} $cmd $msecs cmd + + return $cmd +} + +proc backtick_expand {str} { + set str0 $str + set collect "" + set count 0 + while {[regexp {^(.*)`([^`]+)`(.*)$} $str mv p1 cmd p2]} { + set out [eval exec $cmd] + set str "$p1$out$p2" + incr count + if {$count > 10} { + break + } + } + return $str +} + +proc read_from_pad {file} { + set fh "" + if {[catch {set fh [open $file "r"]}] != 0} { + return "FAIL" + } + + set accum "" + set match "" + while {[gets $fh line] > -1} { + if [regexp {^[ \t]*#} $line] { + append accum "$line\n" + } elseif [regexp {^[ \t]*$} $line] { + append accum "$line\n" + } elseif {$match == ""} { + set match $line + append accum "# $line\n" + } else { + append accum "$line\n" + } + } + + close $fh + + if {$match == ""} { + return "FAIL" + } + + if {[catch {set fh [open $file "w"]}] != 0} { + return "FAIL" + } + + puts -nonewline $fh $accum + + return $match +} + +proc do_port_knock {hp} { + global use_port_knocking port_knocking_list + global is_windows + + if {! $use_port_knocking} { + return + } + if {$port_knocking_list == ""} { + return + } + + set default_delay 0 + + set host [string trim $hp] + regsub {^.*@} $host "" host + regsub {:.*$} $host "" host + set host0 [string trim $host] + + if {$host0 == ""} { + bell + mesg "No host: $hp" + return + } + if [regexp {PAD=([^\n]+)} $port_knocking_list mv padfile] { + set tlist [read_from_pad $padfile] + set tlist [string trim $tlist] + if {$tlist == "" || $tlist == "FAIL"} { + tk_messageBox -type ok -icon error \ + -message "Failed to read entry from $padfile" \ + -title "Error: Padfile $padfile" + return + } + regsub -all {PAD=([^\n]+)} $port_knocking_list $tlist list + } else { + set list $port_knocking_list + } + + set spl ",\n\r" + if [regexp {CMD=} $list] {set spl "\n\r"} + if [regexp {CMDX=} $list] {set spl "\n\r"} + if [regexp {SEND=} $list] {set spl "\n\r"} + if [regexp {SENDX=} $list] {set spl "\n\r"} + + set i 0 + set pi 0 + + foreach line [split $list $spl] { + set line [string trim $line] + set line0 $line + + if {$line == ""} { + continue + } + if [regexp {^#} $line] { + continue + } + if [regexp {^sleep[ \t][ \t]*([0-9][0-9]*)} $line mv sl] { + mesg "sleep: $sl" + after $sl + continue + } + if [regexp {^delay[ \t][ \t]*([0-9][0-9]*)} $line mv sl] { + mesg "delay: $sl" + set default_delay $sl + continue + } + + if [regexp {^CMD=(.*)} $line mv cmd] { + mesg "CMD: $cmd" + eval exec $cmd + continue + } + if [regexp {^CMDX=(.*)} $line mv cmd] { + set cmd [pk_expand $cmd $host0] + mesg "CMDX: $cmd" + eval exec $cmd + continue + } + + if [regexp {`} $line] { + #set line [backtick_expand $line] + } + + set snd "" + if [regexp {^(.*)SEND=(.*)$} $line mv line snd] { + set line [string trim $line] + set snd [string trim $snd] + regsub -all {%NEWLINE} $snd "\n" snd + } elseif [regexp {^(.*)SENDX=(.*)$} $line mv line snd] { + set line [string trim $line] + set snd [string trim $snd] + set snd [pk_expand $snd $host0] + regsub -all {%NEWLINE} $snd "\n" snd + } + + set udp 0 + if [regexp -nocase {/udp} $line] { + set udp 1 + regsub -all -nocase {/udp} $line "" line + set line [string trim $line] + } + regsub -all -nocase {/tcp} $line "" line + set line [string trim $line] + + set delay 0 + if [regexp {^(.*)[ \t][ \t]*([0-9][0-9]*)$} $line mv first delay] { + set line [string trim $first] + } + + if {[regexp {^(.*):(.*)$} $line mv host port]} { + ; + } else { + set host $host0 + set port $line + } + set host [string trim $host] + set port [string trim $port] + + if {$host == ""} { + set host $host0 + } + + if {$port == ""} { + bell + mesg "No port: $line0" + continue + } + + set nc "" + if {$udp || $snd != ""} { + set nc [find_netcat] + if {$nc == ""} { + bell + mesg "UDP: netcat(1) not found" + after 1000 + continue + } + } + + if {$snd != ""} { + global env + set pfile "payload$pi.txt" + if {! $is_windows} { + set pfile "$env(HOME)/.$pfile" + } + set pfiles($pi) $pfile + incr pi + set fh [open $pfile "w"] + puts -nonewline $fh "$snd" + close $fh + + mesg "SEND: $host $port" + if {$is_windows} { + if {$udp} { + catch {exec $nc -d -u -w 1 "$host" "$port" < $pfile &} + } else { + catch {exec $nc -d -w 1 "$host" "$port" < $pfile &} + } + } else { + if {$udp} { + catch {exec $nc -u -w 1 "$host" "$port" < $pfile &} + } else { + catch {exec $nc -w 1 "$host" "$port" < $pfile &} + } + } + catch {after 50; file delete $pfile} + + } elseif {$udp} { + mesg "UDP: $host $port" + if {! $is_windows} { + catch {exec echo a | $nc -u -w 1 "$host" "$port" &} + } else { + set fh [open "nc_in.txt" "w"] + puts $fh "a" + close $fh + catch {exec $nc -d -u -w 1 "$host" "$port" < "nc_in.txt" &} + } + } else { + mesg "TCP: $host $port" + set s "" + set emess "" + set rc [catch {set s [socket -async $host $port]} emess] + if {$rc != 0} { + tk_messageBox -type ok -icon error -message $emess -title "Error: socket -async $host $port" + } + set socks($i) $s + # seems we have to close it immediately to avoid multiple SYN's. + # does not help on Win9x. + catch {after 30; close $s}; + incr i + } + + if {$delay == 0} { + if {$default_delay > 0} { + after $default_delay + } + } elseif {$delay > 0} { + after $delay + } + } + + if {0} { + for {set j 0} {$j < $i} {incr j} { + set $s $socks($j) + if {$s != ""} { + catch {close $s} + } + } + } + for {set j 0} {$j < $pi} {incr j} { + set f $pfiles($j) + if {$f != ""} { + if [file exists $f] { + after 100 + } + catch {file delete $f} + } + } + if {$is_windows} { + catch {file delete "nc_in.txt"} + } +} + +proc port_knocking_dialog {} { + catch {destroy .pk} + toplevel .pk + wm title .pk "Port Knocking" + global use_port_knocking port_knocking_list + + global help_font + + scroll_text .pk.f 85 + + set msg { + Port Knocking is where a network connection to a service is not provided + to just any client, but rather only to those that immediately prior to + connecting send a more or less secret pattern of connections to other + ports on the firewall. + + Somewhat like "knocking" on the door with the correct sequence before it + being opened (but not necessarily letting you in yet). It is also possible + to have a single encrypted packet (e.g. UDP) payload communicate with the + firewall instead of knocking on a sequence of ports. + + Only after the correct sequence of ports is observed by the firewall does + it allow the IP address of the client to attempt to connect to the service. + + So, for example, instead of allowing any host on the internet to connect + to your SSH service and then try to login with a username and password, the + client first must "tickle" your firewall with the correct sequence of ports. + Only then will it be allowed to connect to your SSH service at all. + + This does not replace the authentication and security of SSH, it merely + puts another layer of protection around it. E.g., suppose an exploit for + SSH was discovered, you would most likely have more time to fix/patch + the problem than if any client could directly connect to your SSH server. + + For more information http://www.portknocking.org/ and + http://www.linuxjournal.com/article/6811 + + Tip: if you just want to use the Port Knocking for an SSH shell and not + for a VNC tunnel, then specify something like "user@hostname cmd=SHELL" + (or "user@hostname cmd=PUTTY" on Windows) in the VNC Server entry box + on the main panel. This will do everything short of starting the viewer. + A shortcut for this is Ctrl-S. + + In the text area below put in the pattern of "knocks" needed for this + connection. You can separate the knocks by commas or put them one per line. + Whitespace is trimmed. + + Each "knock" is of this form: + + [host:]port[/udp] [delay] + + In the simplest form just a numerical port, e.g. 5433, is supplied. + + The packet is sent to the same host that the VNC (or SSH) connection will + be made to. If you want it to go to a different host or IP use the [host:] + prefix. It can be either a hostname or numerical IP. + + TCP is assumed by default. + + If you need to send a UDP packet, the netcat (aka "nc") program must be + installed on Unix (tcl/tk does not support udp connections). Indicate this + with "/udp" following the port number (you can also use "/tcp", but since + it is the default it is not necessary). For convenience a Windows netcat + binary is supplied. + + Because an external program must be launched for each packet udp knocking will + be somewhat slower and less reliable. ICMP (ping) is currently not supported. + + The last field is the number of milliseconds to delay before continuing. + + Examples: + + 5433,12321,1661 + + fw.example.com:5433, 12321/udp 3000,1661 2000 + + fw.example.com:5433 + 12321/udp 3000 + 1661 2000 + + + Alternate actions: If the string in the text field contains anywhere the + strings "CMD=", "CMDX=", or "SEND=", then splitting on commas is not done: + it is only split on lines. + + Then, if a line begins CMD=... the string after the = is run as an + external command. The command could be anything you want, e.g. it could + be a port-knocking client that does the knocking, perhaps encrypting the + "knocks" pattern somehow or using a Single Packet Authorization method such + as http://www.cipherdyne.com/fwknop/ + + Extra quotes (sometimes "'foo bar'") may be needed to preserve spaces in + command line arguments because the tcl/tk eval(n) command is used. You + can also use {...} for quoting strings with spaces. + + If a line begins CMDX=... then before the command is run the following + tokens are expanded to strings: + + %IP Current machine's IP address (NAT may make this not useful). + %NAT Try to get effective IP by contacting http://www.whatismyip.com + %HOST The remote host of the connection. + %USER The current user. + %SECS The current time in seconds (platform dependent). + %MSECS Platform dependent time having at least millisecond granularity. + + Lines not matching CMD= or CMDX= are treated as normal port knocks but with + one exception. If a line ends in SEND=... (i.e. after the [host:]port, + etc., part) then the string after the = is sent as a payload for the tcp + or udp connection to [host:]port. netcat is used for these SEND cases + (and must be available on Unix). If newlines (\n) are needed in the + SEND string, use %NEWLINE. Sending binary data is not yet supported; + use CMD= with your own program. + + Examples: + + CMD=port_knock_client -pass wombat33 + CMDX=port_knock_client -pass wombat33 -host %HOST -src %NAT + + fw.example.com:5433/udp SEND=ASDLFKSJDF + + More tricks: + + To temporarily "comment out" a knock, insert a leading "#" character. + + Use "sleep N" to insert a raw sleep for N milliseconds (e.g. between + CMD=... items or at the very end of the knocks to wait). + + If a knock entry matches "delay N" the default delay is set to + N milliseconds. + + One Time Pads: + + If the text contains a (presumably single) line of the form: + + PAD=/path/to/a/one/time/pad/file + + then that file is opened and the first non-blank line not beginning + with "#" is used as the knock pattern. The pad file is rewritten + with that line starting with a "#" (so it will be skipped next time). + + The PAD=... string is replaced with the read-in knock pattern line. + So, if needed, one can preface the PAD=... with "delay N" to set the + default delay, and one can also put a "sleep N" after the PAD=... + line to indicate a final sleep. One can also surround the PAD= + line with other knock and CMD= CMDX= lines, but that usage sounds + a bit rare. Example: + + delay 1000 + PAD=C:\My Pads\work-pad1.txt + sleep 4000 +} + .pk.f.t insert end $msg + + label .pk.info -text "Supply port knocking pattern:" -anchor w -relief ridge + + eval text .pk.rule -width 80 -height 5 $help_font + .pk.rule insert end $port_knocking_list + #apply_bg .pk.rule + + button .pk.done -text "Done" -command {if {$use_port_knocking} {set port_knocking_list [.pk.rule get 1.0 end]}; destroy .pk} + bind .pk <Escape> {if {$use_port_knocking} {set port_knocking_list [.pk.rule get 1.0 end]}; destroy .pk} + + pack .pk.done .pk.rule .pk.info -side bottom -fill x + pack .pk.f -side top -fill both -expand 1 + + center_win .pk +} + + +proc set_advanced_options {} { + global env + global use_cups use_sound use_smbmnt + global change_vncviewer + global use_port_knocking port_knocking_list + + catch {destroy .o} + catch {destroy .oa} + toplevel .oa + wm title .oa "Advanced options" + + set i 1 + + checkbutton .oa.b$i -anchor w -variable use_cups -text \ + "Enable CUPS Print tunnelling" \ + -command {if {$use_cups} {cups_dialog}} + incr i + + checkbutton .oa.b$i -anchor w -variable use_sound -text \ + "Enable ESD/ARTSD Audio tunnelling" \ + -command {if {$use_sound} {sound_dialog}} + incr i + + checkbutton .oa.b$i -anchor w -variable use_smbmnt -text \ + "Enable SMB mount tunnelling" \ + -command {if {$use_smbmnt} {smb_dialog}} + incr i + + + checkbutton .oa.b$i -anchor w -variable change_vncviewer -text \ + "Change VNC Viewer" \ + -command {if {$change_vncviewer} {change_vncviewer_dialog}} + incr i + + checkbutton .oa.b$i -anchor w -variable additional_port_redirs -text \ + "Additional Port Redirs" \ + -command {if {$additional_port_redirs} {port_redir_dialog}} + incr i + + checkbutton .oa.b$i -anchor w -variable use_port_knocking -text \ + "Port Knocking" \ + -command {if {$use_port_knocking} {port_knocking_dialog}} + incr i + + for {set j 1} {$j < $i} {incr j} { + pack .oa.b$j -side top -fill x + } + + frame .oa.b + button .oa.b.done -text "Done" -command {destroy .oa} + bind .oa <Escape> {destroy .oa} + button .oa.b.help -text "Help" -command help_advanced_opts + + pack .oa.b.help .oa.b.done -fill x -expand 1 -side left + + pack .oa.b -side top -fill x + + center_win .oa + wm resizable .oa 1 0 + focus .oa +} + +proc in_path {cmd} { + global env + set p $env(PATH) + foreach dir [split $p ":"] { + set try "$dir/$cmd" + if [file exists $try] { + return "$try" + } + } + return "" +} + +proc ssh_agent_restart {} { + global env + + set got_ssh_agent 0 + set got_ssh_add 0 + set got_ssh_agent2 0 + set got_ssh_add2 0 + + if [in_path "ssh-agent"] {set got_ssh_agent 1} + if [in_path "ssh-agent2"] {set got_ssh_agent2 1} + if [in_path "ssh-add"] {set got_ssh_add 1} + if [in_path "ssh-add2"] {set got_ssh_add2 1} + + set ssh_agent "" + set ssh_add "" + if {[info exists env(USER)] && $env(USER) == "runge"} { + if {$got_ssh_agent2} { + set ssh_agent "ssh-agent2" + } + if {$got_ssh_add2} { + set ssh_add "ssh-add2" + } + } + if {$ssh_agent == "" && $got_ssh_agent} { + set ssh_agent "ssh-agent" + } + if {$ssh_add == "" && $got_ssh_add} { + set ssh_add "ssh-add" + } + if {$ssh_agent == ""} { + bell + mesg "could not find ssh-agent in PATH" + return + } + if {$ssh_add == ""} { + bell + mesg "could not find ssh-add in PATH" + return + } + set tmp $env(HOME)/.vnc-sa[pid] + set fh "" + catch {set fh [open $tmp "w"]} + if {$fh == ""} { + bell + mesg "could not open tmp file $tmp" + return + } + + puts $fh "#!/bin/sh" + puts $fh "eval `$ssh_agent -s`" + puts $fh "$ssh_add" + puts $fh "SSL_VNC_GUI_CHILD=\"\"" + puts $fh "export SSL_VNC_GUI_CHILD" + + global buck_zero + set cmd $buck_zero + + if [info exists env(SSL_VNC_GUI_CMD)] { + set cmd $env(SSL_VNC_GUI_CMD) + } + #puts $fh "$cmd </dev/null 1>/dev/null 2>/dev/null &" + puts $fh "nohup $cmd &" + puts $fh "sleep 1" + puts $fh "#rm -f $tmp" + close $fh + + wm withdraw . + catch {wm withdraw .o} + catch {wm withdraw .oa} + + exec xterm -geometry +200+200 -title "Restarting with ssh-agent/ssh-add" -e sh $tmp & + after 10000 + destroy . + exit +} + +proc putty_pw_entry {mode} { + if {$mode == "check"} { + global use_sshssl use_ssh + if {$use_sshssl || $use_ssh} { + putty_pw_entry enable + } else { + putty_pw_entry disable + } + return + } + if {$mode == "disable"} { + catch {.o.pw.l configure -state disabled} + catch {.o.pw.e configure -state disabled} + } else { + catch {.o.pw.l configure -state normal} + catch {.o.pw.e configure -state normal} + } +} + +proc set_options {} { + global use_alpha use_grab use_ssh use_sshssl use_viewonly use_fullscreen use_bgr233 + global use_nojpeg use_raise_on_beep use_compresslevel use_quality + global compresslevel_text quality_text + global env is_windows + + catch {destroy .o} + toplevel .o + wm title .o "Set SSL VNC Viewer options" + + set i 1 + + checkbutton .o.b$i -anchor w -variable use_ssh -text \ + "Use SSH instead" \ + -command {if {$use_ssh} {set use_sshssl 0}; putty_pw_entry check} + incr i + + checkbutton .o.b$i -anchor w -variable use_sshssl -text \ + "Use SSH and SSL" \ + -command {if {$use_sshssl} {set use_ssh 0}; putty_pw_entry check} + set iss $i + incr i + + checkbutton .o.b$i -anchor w -variable use_viewonly -text \ + "View Only" + incr i + + checkbutton .o.b$i -anchor w -variable use_fullscreen -text \ + "Fullscreen" + incr i + + checkbutton .o.b$i -anchor w -variable use_raise_on_beep -text \ + "Raise On Beep" + incr i + + checkbutton .o.b$i -anchor w -variable use_bgr233 -text \ + "Use 8bit color (-bgr233)" + incr i + + checkbutton .o.b$i -anchor w -variable use_alpha -text \ + "Cursor alphablending (32bpp required)" + set ia $i + incr i + + checkbutton .o.b$i -anchor w -variable use_grab -text \ + "Use XGrabServer" + set ix $i + incr i + + checkbutton .o.b$i -anchor w -variable use_nojpeg -text \ + "Do not use JPEG (-nojpeg)" + incr i + + menubutton .o.b$i -anchor w -menu .o.b$i.m -textvariable compresslevel_text + set compresslevel_text "Compress Level: $use_compresslevel" + + menu .o.b$i.m -tearoff 0 + for {set j -1} {$j < 10} {incr j} { + set v $j + set l $j + if {$j == -1} { + set v "default" + set l "default" + } + .o.b$i.m add radiobutton -variable use_compresslevel \ + -value $v -label $l -command \ + {set compresslevel_text "Compress Level: $use_compresslevel"} + } + incr i + + menubutton .o.b$i -anchor w -menu .o.b$i.m -textvariable quality_text + set quality_text "Quality: $use_quality" + + menu .o.b$i.m -tearoff 0 + for {set j -1} {$j < 10} {incr j} { + set v $j + set l $j + if {$j == -1} { + set v "default" + set l "default" + } + .o.b$i.m add radiobutton -variable use_quality \ + -value $v -label $l -command \ + {set quality_text "Quality: $use_quality"} + } + incr i + + for {set j 1} {$j < $i} {incr j} { + pack .o.b$j -side top -fill x + } + + if {$is_windows} { + .o.b$ia configure -state disabled + .o.b$ix configure -state disabled + } + + if {$is_windows} { + frame .o.pw + label .o.pw.l -text "Putty PW:" + entry .o.pw.e -width 10 -show * -textvariable putty_pw + pack .o.pw.l -side left + pack .o.pw.e -side left -expand 1 -fill x + pack .o.pw -side top -fill x + putty_pw_entry check + } else { + button .o.sa -text "Use ssh-agent" -command ssh_agent_restart + pack .o.sa -side top -fill x + } + + button .o.s_prof -text "Save Profile ..." -command {save_profile; raise .o} + button .o.l_prof -text " Load Profile ..." -command {load_profile; raise .o} + button .o.advanced -text "Advanced ..." -command set_advanced_options + button .o.clear -text "Clear Options" -command set_defaults + pack .o.s_prof -side top -fill x + pack .o.l_prof -side top -fill x + pack .o.clear -side top -fill x + pack .o.advanced -side top -fill x + + frame .o.b + button .o.b.done -text "Done" -command {destroy .o} + bind .o <Escape> {destroy .o} + button .o.b.help -text "Help" -command help_opts + + pack .o.b.help .o.b.done -fill x -expand 1 -side left + + pack .o.b -side top -fill x + + center_win .o + wm resizable .o 1 0 + focus .o +} + +set is_windows 0 +set help_font "-font fixed" +if { [regexp -nocase {Windows} $tcl_platform(os)]} { + cd util + set help_font "" + set is_windows 1 +} + +if {[regexp -nocase {Windows.9} $tcl_platform(os)]} { + set is_win9x 1 +} else { + set is_win9x 0 +} + +set putty_pw "" + + +wm title . "SSL VNC Viewer" +wm resizable . 1 0 + +set_defaults +set skip_pre 0 + +set vncdisplay "" + +label .l -text "SSL TightVNC Viewer" -relief ridge +frame .f +label .f.l -text "VNC Server:" -relief ridge +entry .f.e -width 40 -textvariable vncdisplay +pack .f.l -side left +pack .f.e -side left -expand 1 -fill x +bind .f.e <Return> launch + +frame .b +button .b.help -text "Help" -command help +button .b.certs -text "Certs ..." -command getcerts +button .b.opts -text "Options ..." -command set_options +button .b.conn -text "Connect" -command launch +button .b.exit -text "Exit" -command {destroy .; exit} + + +pack .b.certs .b.opts .b.conn .b.help .b.exit -side left -expand 1 -fill x + +pack .l .f .b -side top -fill x +if {![info exists env(SSL_VNC_GUI_CHILD)] || $env(SSL_VNC_GUI_CHILD) == ""} { + center_win . +} +focus .f.e +#raise . + +global system_button_face +set system_button_face "" +foreach item [.b.help configure -bg] { + set system_button_face $item +} + +global env +if {[info exists env(SSL_VNC_GUI_CMD)]} { + set env(SSL_VNC_GUI_CHILD) 1 + bind . <Control-n> "exec $env(SSL_VNC_GUI_CMD) &" +} +bind . <Control-q> "destroy .; exit" +bind . <Shift-Escape> "destroy .; exit" +bind . <Control-s> "launch_shell_only" + +global entered_gui_top +set entered_gui_top 0 +bind . <Enter> {set entered_gui_top 1} + + +#smb_help_me_decide +update diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ssl_vncviewer b/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ssl_vncviewer new file mode 100755 index 0000000..1d7d1a7 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/ssl_vncviewer @@ -0,0 +1,530 @@ +#!/bin/sh +# +# ssl_vncviewer: wrapper for vncviewer to use an stunnel SSL tunnel +# or an SSH tunnel. +# +# Copyright (c) 2006 by Karl J. Runge <runge@karlrunge.com> +# +# You must have stunnel(8) installed on the system and in your PATH +# (however, see the -ssh option below, in which case you will need ssh(1) +# installed) Note: stunnel is usually installed in an "sbin" subdirectory. +# +# You should have "x11vnc -ssl ..." or "x11vnc -stunnel ..." +# already running as the VNC server on the remote machine. +# (or use stunnel on the server side for any other VNC server) +# +# +# Usage: ssl_vncviewer [cert-args] host:display <vncviewer-args> +# +# e.g.: ssl_vncviewer snoopy:0 +# ssl_vncviewer snoopy:0 -encodings "copyrect tight zrle hextile" +# +# [cert-args] can be: +# +# -verify /path/to/cacert.pem +# -mycert /path/to/mycert.pem +# -proxy host:port +# +# -verify specifies a CA cert PEM file (or a self-signed one) for +# authenticating the VNC server. +# +# -mycert specifies this client's cert+key PEM file for the VNC server to +# authenticate this client. +# +# -proxy try host:port as a Web proxy to use the CONNECT method +# to reach the VNC server (e.g. your firewall requires a proxy). +# For the "double proxy" case use -proxy host1:port1,host2:port2 +# +# See http://www.karlrunge.com/x11vnc/#faq-ssl-ca for details on SSL +# certificates with VNC. +# +# A few other args (not related to SSL and certs): +# +# -ssh Use ssh instead of stunnel SSL. ssh(1) must be installed and you +# must be able to log into the remote machine via ssh. +# +# In this case "host:display" may be of the form "user@host:display" +# where "user@host" is used for the ssh login (see ssh(1) manpage). +# +# If -proxy is supplied it can be of the forms: "gwhost" "gwhost:port" +# "user@gwhost" or "user@gwhost:port". "gwhost" is an incoming ssh +# gateway machine (the VNC server is not running there), an ssh -L +# redir is used to "host" in "host:display" from "gwhost". Any "user@" +# part must be in the -proxy string (not in "host:display"). +# +# Under -proxy use "gwhost:port" if connecting to any ssh port +# other than the default (22). (even for the non-gateway case, +# -proxy must be used to specify a non-standard ssh port) +# +# Examples: +# +# ssl_vncviewer -ssh bob@bobs-home.net:0 +# ssl_vncviewer -ssh -sshcmd 'x11vnc -localhost' bob@bobs-home.net:0 +# +# ssl_vncviewer -ssh -proxy fred@mygate.com:2022 mymachine:0 +# ssl_vncviewer -ssh -proxy bob@bobs-home.net:2222 localhost:0 +# +# -sshcmd cmd Run "cmd" via ssh instead of the default "sleep 15" +# e.g. -sshcmd 'x11vnc -display :0 -localhost -rfbport 5900' +# +# -sshargs "args" pass "args" to the ssh process, e.g. -L/-R port redirs. +# +# -sshssl Tunnel the SSL connection thru a SSH connection. The tunnel as +# under -ssh is set up and the SSL connection goes thru it. Use +# this if you want to have and end-to-end SSL connection but must +# go thru a SSH gateway host (e.g. not the vnc server). Or use +# this if you need to tunnel additional services via -R and -L +# (see -sshargs above). +# +# ssl_vncviewer -sshssl -proxy fred@mygate.com mymachine:0 +# +# +# -alpha turn on cursor alphablending hack if you are using the +# enhanced tightvnc vncviewer. +# +# -grab turn on XGrabServer hack if you are using the enhanced tightvnc +# vncviewer (e.g. for fullscreen mode in some windowmanagers like +# fvwm that do not otherwise work in fullscreen mode) +# +# +# set VNCVIEWERCMD to whatever vncviewer command you want to use. +# +VNCIPCMD=${VNCVIEWERCMD:-vncip} +VNCVIEWERCMD=${VNCVIEWERCMD:-vncviewer} +# +# Same for STUNNEL, e.g. set it to /path/to/stunnel or stunnel4, etc. +# + + +PATH=$PATH:/usr/sbin:/usr/local/sbin:/dist/sbin; export PATH + +if [ "X$STUNNEL" = "X" ]; then + type stunnel4 > /dev/null 2>&1 + if [ $? = 0 ]; then + STUNNEL=stunnel4 + else + STUNNEL=stunnel + fi +fi + +help() { + tail +2 "$0" | sed -e '/^$/ q' +} + +gotalpha="" +use_ssh="" +use_sshssl="" +ssh_sleep=15 +ssh_cmd="sleep $ssh_sleep" +if [ "X$SSL_VNCVIEWER_SSH_CMD" != "X" ]; then + ssh_cmd="$SSL_VNCVIEWER_SSH_CMD" +fi +ssh_args="" + +# grab our cmdline options: +while [ "X$1" != "X" ] +do + case $1 in + "-verify") shift; verify="$1" + ;; + "-mycert") shift; mycert="$1" + ;; + "-proxy") shift; proxy="$1" + ;; + "-ssh") use_ssh=1 + ;; + "-sshssl") use_ssh=1 + use_sshssl=1 + ;; + "-sshcmd") shift; ssh_cmd="$1" + ;; + "-sshargs") shift; ssh_args="$1" + ;; + "-alpha") gotalpha=1 + ;; + "-grab") VNCVIEWER_GRAB_SERVER=1; export VNCVIEWER_GRAB_SERVER + ;; + "-h"*) help; exit 0 + ;; + "--h"*) help; exit 0 + ;; + *) break + ;; + esac + shift +done + +if [ "X$gotalpha" != "X1" ]; then + NO_ALPHABLEND=1 + export NO_ALPHABLEND +fi + +orig="$1" +shift + +if [ "X$use_ssh" = "X1" -a "X$use_sshssl" = "X" ]; then + if [ "X$mycert" != "X" -o "X$verify" != "X" ]; then + echo "-mycert and -verify cannot be used in -ssh mode" + exit 1 + fi +fi + +# play around with host:display port: +if echo "$orig" | grep ':' > /dev/null; then + : +else + orig="$orig:0" +fi + +host=`echo "$orig" | awk -F: '{print $1}'` +disp=`echo "$orig" | awk -F: '{print $2}'` +if [ "X$host" = "X" ]; then + host=localhost +fi +if [ $disp -lt 200 ]; then + port=`expr $disp + 5900` +else + port=$disp +fi + +# try to find an open listening port via netstat(1): +inuse="" +if uname | grep Linux > /dev/null; then + inuse=`netstat -ant | egrep 'LISTEN|WAIT|ESTABLISH|CLOSE' | awk '{print $4}' | sed 's/^.*://'` +elif uname | grep SunOS > /dev/null; then + inuse=`netstat -an -f inet -P tcp | grep LISTEN | awk '{print $1}' | sed 's/^.*\.//'` +# add others... +fi + +date_sec=`date +%S` + +findfree() { + try0=$1 + try=$try0 + use0="" + + while [ $try -lt 6000 ] + do + if [ "X$inuse" = "X" ]; then + break + fi + if echo "$inuse" | grep -w $try > /dev/null; then + : + else + use0=$try + break + fi + try=`expr $try + 1` + done + if [ "X$use0" = "X" ]; then + use0=`expr $date_sec + $try0` + fi + + echo $use0 +} + +use=`findfree 5930` + +if [ $use -ge 5900 ]; then + N=`expr $use - 5900` +else + N=$use +fi + +if echo "$0" | grep vncip > /dev/null; then + VNCVIEWERCMD="$VNCIPCMD" +fi + +if [ "X$use_ssh" = "X1" ]; then + ssh_port="22" + ssh_host="$host" + vnc_host="localhost" + ssh=${SSH:-"ssh -x"} + if [ "X$proxy" != "X" ]; then + ssh_port=`echo "$proxy" | awk -F: '{print $2}'` + if [ "X$ssh_port" = "X" ]; then + ssh_port="22" + fi + ssh_host=`echo "$proxy" | awk -F: '{print $1}'` + vnc_host="$host" + fi + echo "" + echo "Running ssh:" + sz=`echo "$ssh_cmd" | wc -c` + if [ "$sz" -gt 200 ]; then + info="..." + else + info="$ssh_cmd" + fi + + C="" + if [ "X$SSL_VNCVIEWER_USE_C" != "X" ]; then + C="-C" + fi + # the -t option actually speeds up typing response via VNC!! + if [ "X$SSL_VNCVIEWER_SSH_ONLY" != "X" ]; then + echo "$ssh -p $ssh_port -t $C $ssh_args $ssh_host \"$info\"" + echo "" + $ssh -p $ssh_port -t $C $ssh_args $ssh_host "$ssh_cmd" + exit $? + elif [ "X$SSL_VNCVIEWER_NO_F" != "X" ]; then + echo "$ssh -p $ssh_port -t $C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host \"$info\"" + echo "" + $ssh -p $ssh_port -t $C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host "$ssh_cmd" + else + echo "$ssh -f -p $ssh_port -t $C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host \"$info\"" + echo "" + $ssh -f -p $ssh_port -t $C -L ${use}:${vnc_host}:${port} $ssh_args $ssh_host "$ssh_cmd" + fi + if [ "$?" != "0" ]; then + echo "" + echo "ssh to $ssh_host failed." + exit 1 + fi + echo "" + if [ "X$ssh_cmd" = "Xsleep $ssh_sleep" ] ; then + sleep 1 + else + # let any command get started a bit. + sleep 5 + fi + echo "" + #reset + stty sane + if [ "X$use_sshssl" = "X" ]; then + echo "Running viewer:" + echo $VNCVIEWERCMD "$@" localhost:$N + echo "" + $VNCVIEWERCMD "$@" localhost:$N + + exit $? + else + use2=`findfree 5960` + host0=$host + port0=$port + host=localhost + port=$use + use=$use2 + N=`expr $use - 5900` + proxy="" + fi +fi + +# create the stunnel config file: +if [ "X$verify" != "X" ]; then + if [ -d $verify ]; then + verify="CApath = $verify" + else + verify="CAfile = $verify" + fi + verify="$verify +verify = 2" +fi +if [ "X$mycert" != "X" ]; then + cert="cert = $mycert" +fi + +mytmp() { + tf=$1 + rm -rf "$tf" || exit 1 + if [ -d "$tf" ]; then + echo "tmp file $tf still exists as a directory." + exit 1 + elif [ -L "$tf" ]; then + echo "tmp file $tf still exists as a symlink." + exit 1 + elif [ -f "$tf" ]; then + echo "tmp file $tf still exists." + exit 1 + fi + touch "$tf" || exit 1 + chmod 600 "$tf" || exit 1 +} + +if echo "$RANDOM" | grep '[^0-9]' > /dev/null; then + RANDOM=`date +%S` +fi + +pcode() { + tf=$1 + SSL_VNC_PROXY=$proxy; export SSL_VNC_PROXY + SSL_VNC_DEST="$host:$port"; export SSL_VNC_DEST + cod='#!/usr/bin/perl + +# A hack to glue stunnel to a Web proxy for client connections. + +use IO::Socket::INET; + +my ($first, $second) = split(/,/, $ENV{SSL_VNC_PROXY}); +my ($proxy_host, $proxy_port) = split(/:/, $first); +my $connect = $ENV{SSL_VNC_DEST}; + +print STDERR "\nperl script for web proxing:\n"; +print STDERR "proxy_host: $proxy_host\n"; +print STDERR "proxy_port: $proxy_port\n"; +print STDERR "proxy_connect: $connect\n"; + +my $sock = IO::Socket::INET->new( + PeerAddr => $proxy_host, + PeerPort => $proxy_port, + Proto => "tcp"); + +if (! $sock) { + unlink($0); + die "perl proxy: $!\n"; +} + +my $con = ""; +if ($second ne "") { + $con = "CONNECT $second HTTP/1.1\r\n"; + $con .= "Host: $second\r\n\r\n"; +} else { + $con = "CONNECT $connect HTTP/1.1\r\n"; + $con .= "Host: $connect\r\n\r\n"; +} + +print STDERR "proxy_request1:\n$con"; +print $sock $con; + +unlink($0); + +my $rep = ""; +while ($rep !~ /\r\n\r\n/) { + my $c = getc($sock); + print STDERR $c; + $rep .= $c; +} +if ($rep !~ m,HTTP/.* 200,) { + die "proxy error: $rep\n"; +} + +if ($second ne "") { + $con = "CONNECT $connect HTTP/1.1\r\n"; + $con .= "Host: $connect\r\n\r\n"; + print STDERR "proxy_request2:\n$con"; + + print $sock $con; + + $rep = ""; + while ($rep !~ /\r\n\r\n/) { + my $c = getc($sock); + print STDERR $c; + $rep .= $c; + } + if ($rep !~ m,HTTP/.* 200,) { + die "proxy error: $rep\n"; + } +} + +if (fork) { + print STDERR "parent\[$$] STDIN -> socket\n\n"; + xfer(STDIN, $sock); +} else { + print STDERR "child \[$$] socket -> STDOUT\n\n"; + xfer($sock, STDOUT); +} +exit; + +sub xfer { + my($in, $out) = @_; + $RIN = $WIN = $EIN = ""; + $ROUT = ""; + vec($RIN, fileno($in), 1) = 1; + vec($WIN, fileno($in), 1) = 1; + $EIN = $RIN | $WIN; + + while (1) { + my $nf = 0; + while (! $nf) { + $nf = select($ROUT=$RIN, undef, undef, undef); + } + my $len = sysread($in, $buf, 8192); + if (! defined($len)) { + next if $! =~ /^Interrupted/; + print STDERR "perl proxy\[$$]: $!\n"; + last; + } elsif ($len == 0) { + print STDERR "perl proxy\[$$]: Input is EOF.\n"; + last; + } + my $offset = 0; + my $quit = 0; + while ($len) { + my $written = syswrite($out, $buf, $len, $offset); + if (! defined $written) { + print STDERR "perl proxy\[$$]: Output is EOF. $!\n"; + $quit = 1; + last; + } + $len -= $written; + $offset += $written; + } + last if $quit; + } + close($in); + close($out); +} +' + echo "$cod" > $tf + chmod 700 $tf +} + +ptmp="" +if [ "X$proxy" != "X" ]; then + ptmp="/tmp/ssl_vncviewer${RANDOM}.$$.pl" + mytmp "$ptmp" + pcode "$ptmp" + connect="exec = $ptmp" +else + connect="connect = $host:$port" +fi + + +##debug = 7 +tmp=/tmp/ssl_vncviewer${RANDOM}.$$ +mytmp "$tmp" + +cat > "$tmp" <<END +foreground = yes +pid = +client = yes +debug = 6 +$STUNNEL_EXTRA_OPTS +$verify +$cert + +[vnc_stunnel] +accept = localhost:$use +$connect +END + +echo "" +echo "Using this stunnel configuration:" +echo "" +cat "$tmp" | uniq +echo "" +sleep 1 + +echo "" +echo "Running: stunnel" +echo "$STUNNEL $tmp" +$STUNNEL "$tmp" < /dev/tty > /dev/tty & +pid=$! +echo "" + +# pause here to let the user supply a possible passphrase for the +# mycert key: +if [ "X$mycert" != "X" ]; then + sleep 4 +fi +sleep 2 +rm -f "$tmp" + +echo "" +echo "Running viewer:" +echo $VNCVIEWERCMD "$@" localhost:$N +echo "" +$VNCVIEWERCMD "$@" localhost:$N + +kill $pid +sleep 1 diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/stunnel-server.conf b/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/stunnel-server.conf new file mode 100644 index 0000000..8e5dd50 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/bin/util/stunnel-server.conf @@ -0,0 +1,34 @@ +# +# Example SSL stunnel SERVER configuration file. (e.g. for your VNC +# server on this same machine.) +# +# To use this file you may need to edit it. Then you will need +# to manually start up stunnel using it. +# (e.g. /path/to/stunnel stunnel-server.conf) +# +# This is just an example and is not used by the tools in this package. +# It is here in case you wanted to see how to add SSL support to any +# VNC server you have. +# +RNDbytes = 2048 +RNDfile = bananarand.bin +RNDoverwrite = yes +# +# Remote client certs could go here: +# CApath = /path/to/.../crt-dir +# CAfile = /path/to/.../foo.crt +# verify = 2 +# My server cert could go here: +# cert = /path/to/.../my.pem +# +[vnc] +# +# Set to local listening port number (e.g. 5901 for vnc display 1): +# so the remote viewers would connect to: yourmachine:1 +# +accept = 5901 +# +# Set to localhost:port to connect to VNC server on this same machine: +# (E.g. you run WinVNC on :0, preferably listening on localhost). +# +connect = localhost:5900 diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/build.unix b/x11vnc/misc/enhanced_tightvnc_viewer/build.unix new file mode 100755 index 0000000..9a0fc3d --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/build.unix @@ -0,0 +1,244 @@ +#!/bin/sh + +# Add useful directories to PATH: +# +PATH=$PATH:/usr/bin:/bin:/usr/local/bin:/usr/X11R6/bin:/usr/bin/X11:/usr/openwin/bin:/opt/SUNWspro/bin:/usr/sfw/bin:/usr/ccs/bin +export PATH + +# Check location: +# +thisdir=`dirname "$0"` +if [ ! -d ./bin -o ! -d src/patches ]; then + echo "You must run this script from: $thisdir" + exit 1 +fi + +# Try to find osname.arch +# +name=$UNAME +if [ "X$name" = "X" ]; then + name=`uname -sm | sed -e 's/ /./'` +fi +if [ "X$name" = "X" ]; then + echo "cannot determine platform: os.arch, e.g. Linux.i686" + echo "set \$UNAME manually and retry." + exit 1 +fi + +# Work out main destination: +# +dest=./bin/$name +if [ -d $dest ]; then + printf "$dest exists. overwrite it? [y]/n " + read x + if [ "X$x" = "Xn" ]; then + exit + fi + rm -rf $dest +fi +mkdir -p $dest || exit 1 + +# Create a tmp dir for this build: +# +tmp=./src/tmp/$name.$$ +if [ "X$TMPDIR" != "X" ]; then + tmp="$TMPDIR/$tmp" +fi +mkdir -p $tmp || exit 1 + +# Try to find some static archives of various libraries: +# +libs="$tmp/libs" +mkdir -p $libs || exit 1 +#for liba in libz.a libjpeg.a libssl.a libcrypto.a +for liba in libz.a libjpeg.a +do + for dir in /usr/lib /lib /usr/local/lib /usr/pkg/lib /usr/sfw/lib /usr/openwin/lib + do + if [ "$name" = "Linux.x86_64" -o "$name" = "Linux.ppc64" ] ; then + dir64=`echo "$dir" | sed -e 's,lib,lib64,'` + fi + try="$dir/$liba" + if [ -f $try ]; then + cp -p "$try" $libs + fi + done +done +echo "Found these static archive libraries, will try to use them..." +ls -ld $libs +ls -l $libs +echo + +have_gcc="" +if type gcc > /dev/null; then + have_gcc=1 +fi +have_cc="" +if type cc > /dev/null; then + have_cc=1 +fi + +if [ "X$have_cc" = "X" ]; then + if [ "X$have_gcc" = "X1" ]; then + cat > $tmp/cc <<END +#!/bin/sh +gcc "\$@" +END + chmod 755 $tmp/cc + PATH=$PATH:`pwd`/$tmp + type cc + type gcc + fi +fi + +if [ `uname` = "SunOS" ]; then + LDFLAGS_OS="$LDFLAGS_OS -L/usr/sfw/lib -R/usr/sfw/lib" + CPPFLAGS_OS="$CPPFLAGS_OS -I /usr/sfw/include" +elif uname | grep -i bsd > /dev/null; then + LDFLAGS_OS="$LDFLAGS_OS -L/usr/local/lib -L/usr/pkg/lib" + CPPFLAGS_OS="$CPPFLAGS_OS -I /usr/local/include -I /usr/pkg/include" +fi + +# Do tightvnc viewer: +# +tight_src=`ls -td ./src/vnc_unixsrc* | head -1` +if [ ! -d $tight_src ]; then + echo "could not locate tight vnc viewer source" + exit 1 +fi + +cp -pR "$tight_src" "$tmp/vnc_unixsrc" || exit 1 + +echo "applying tight vnc patches:" +start=`pwd` +cd $tmp; +failed=0 +for patch in ../../patches/tight* +do + if [ ! -f "$patch" ]; then + continue + fi + patch -p0 < $patch + if [ $? != 0 ]; then + failed=`expr $failed + 1` + fi +done +cd "$start" +if [ $failed != 0 ]; then + ball=src/zips/vnc_unixsrc_vncviewer.patched.tar + echo "patches failed, trying to use backup tarball:" + ls -l $ball + sleep 2 + cat $ball | (cd $tmp; tar -xvf -) +fi +echo + + +cd $tmp/vnc_unixsrc +xmkmf +make Makefiles +mv vncviewer/Makefile vncviewer/Makefile.orig +sed -e "s,EXTRA_LDOPTIONS =,EXTRA_LDOPTIONS = -L$start/$libs $LDFLAGS_OS," \ + -e "s,CCOPTIONS =,CCOPTIONS = $CPPFLAGS_OS," \ + vncviewer/Makefile.orig > vncviewer/Makefile + +if [ `uname` = "SunOS" ]; then + for d in vncviewer libvncauth vncconnect vncpasswd + do + mv $d/Makefile $d/Makefile.orig + sed -e "s,CCOPTIONS =.*\$,CCOPTIONS = $CPPFLAGS_OS," \ + $d/Makefile.orig > $d/Makefile + done +fi + +make depend +echo $PATH +make all +ls -l vncviewer/vncviewer +cd "$start" +src=$tmp/vnc_unixsrc/vncviewer/vncviewer +sync +sleep 2 +sync +strip $src +sync +sleep 2 +sync +wc $src +sum $src +sleep 2 +echo cp -p $src $dest/vncviewer +cp -p $src $dest/vncviewer || exit 1 +sleep 1 +cp -p $src $dest/vncviewer || exit 1 +ls -l $src $dest/vncviewer +$dest/vncviewer -h +ldd $dest/vncviewer +echo "" + +# Do stunnel: +# +stunnel_src=`ls -td ./src/stunnel* | head -1` +if [ ! -d $stunnel_src ]; then + echo "could not locate stunnel source" + exit 1 +fi + +cp -pR "$stunnel_src" "$tmp/stunnel" || exit 1 + +echo "applying stunnel patches:" +start=`pwd` +cd $tmp; +failed=0 +for patch in ../../patches/stunnel* +do + if [ ! -f "$patch" ]; then + continue + fi + patch -p0 < $patch + if [ $? != 0 ]; then + failed=`expr $failed + 1` + fi +done +cd "$start" +if [ $failed != 0 ]; then + ball=src/zips/stunnel.patched.tar + echo "patches failed, trying to use backup tarball:" + ls -l $ball + sleep 2 + cat $ball | (cd $tmp; tar -xvf -) +fi +echo + + +cd $tmp/stunnel +if [ `uname` = "SunOS" ]; then + cp configure configure.orig + sed -e "s,/var/ssl,/var/ssl /usr/sfw," configure.orig > configure +fi +env LDFLAGS="-L$start/$libs $LDFLAGS_OS" CPPFLAGS="$CPPFLAGS_OS" ./configure --disable-libwrap +make +ls -l src/stunnel +cd "$start" +src=$tmp/stunnel/src/stunnel +sync +sleep 2 +sync +strip $src +sync +sleep 2 +sync +wc $src +sum $src +sleep 2 +echo cp -p $src $dest/stunnel +cp -p $src $dest/stunnel || exit 1 +sleep 1 +cp -p $src $dest/stunnel || exit 1 +ls -l $src $dest/stunnel +$dest/stunnel -help +ldd $dest/stunnel +echo "" + +$dest/vncviewer -h +ldd $dest/vncviewer diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/filelist.txt b/x11vnc/misc/enhanced_tightvnc_viewer/filelist.txt new file mode 100644 index 0000000..ab5e95e --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/filelist.txt @@ -0,0 +1,280 @@ +3277703 4 drwxr-xr-x 6 runge runge 4096 Sep 13 21:28 . +3277704 4 drwxr-xr-x 7 runge runge 4096 Aug 2 10:05 ./src +3277781 4 drwxr-xr-x 2 runge runge 4096 Aug 2 10:09 ./src/zips +3277782 484 -rw-r--r-- 1 runge runge 488512 Jul 25 15:09 ./src/zips/stunnel-4.14.tar.gz +3277783 212 -rw-r--r-- 1 runge runge 209149 Jul 25 15:10 ./src/zips/tightvnc-1.3dev7_x86_viewer.zip +3277784 2136 -rw-r--r-- 1 runge runge 2182134 Jul 25 15:11 ./src/zips/tightvnc-1.3dev7_unixsrc.tar.gz +3277792 4 -rw-r--r-- 1 runge runge 753 Aug 2 10:09 ./src/zips/README +3277786 364 -rw-r--r-- 1 runge runge 368640 Jul 27 19:06 ./src/zips/vnc_unixsrc_vncviewer.patched.tar +3277787 1996 -rw-r--r-- 1 runge runge 2037760 Jul 31 23:42 ./src/zips/stunnel.patched.tar +2982849 4 drwxr-xr-x 2 runge runge 4096 Sep 10 14:37 ./src/patches +2982852 4 -rw-r--r-- 1 runge runge 3750 Feb 5 2005 ./src/patches/tight-vncviewer-alphahack.patch +2982854 4 -rw-r--r-- 1 runge runge 1143 Jul 25 15:25 ./src/patches/tight-vncviewer-fullscreen.patch +2982865 8 -rw-r--r-- 1 runge runge 7633 Jul 27 19:01 ./src/patches/tight-vncviewer-newfbsize.patch +2982955 4 -rwxr-xr-x 1 runge runge 1529 Sep 10 12:07 ./src/patches/_bundle +2982877 4 -rwxr-xr-x 1 runge runge 78 Jul 27 14:41 ./src/patches/_getpatches +2983012 4 -rw-r--r-- 1 runge runge 4072 Jul 31 22:59 ./src/patches/stunnel-maxconn.patch +2982878 4 -rwxr-xr-x 1 runge runge 117 Jul 27 19:06 ./src/patches/_vncpatchapplied +2982880 4 -rw-r--r-- 1 runge runge 223 Aug 24 10:11 ./src/patches/README +2982850 4 drwxr-xr-x 8 runge runge 4096 Jul 25 15:21 ./src/vnc_unixsrc +2982885 4 -rw-r--r-- 1 runge runge 356 Apr 30 2002 ./src/vnc_unixsrc/Imakefile +2982886 20 -rw-r--r-- 1 runge runge 18000 Jun 11 2000 ./src/vnc_unixsrc/LICENCE.TXT +2982887 12 -rw-r--r-- 1 runge runge 8341 Jul 4 2005 ./src/vnc_unixsrc/README +2982888 12 -rw-r--r-- 1 runge runge 9682 Jul 4 2005 ./src/vnc_unixsrc/tightvnc.spec +2982889 4 -rw-r--r-- 1 runge runge 486 Aug 30 2002 ./src/vnc_unixsrc/vnc-xclients.patch +2982890 4 -rwxr-xr-x 1 runge runge 2042 Mar 19 2002 ./src/vnc_unixsrc/vncinstall +2982891 16 -rwxr-xr-x 1 runge runge 15239 Jul 4 2005 ./src/vnc_unixsrc/vncserver +2982892 4 -rwxr-xr-x 1 runge runge 1726 Aug 30 2002 ./src/vnc_unixsrc/vncserver.init +2982893 4 -rw-r--r-- 1 runge runge 3070 Aug 7 2002 ./src/vnc_unixsrc/vncserver.man +4359127 4 drwxr-xr-x 2 runge runge 4096 Jul 27 16:25 ./src/vnc_unixsrc/classes +2851413 4 drwxr-xr-x 2 runge runge 4096 Jul 5 2005 ./src/vnc_unixsrc/include +2851414 44 -rw-r--r-- 1 runge runge 43296 May 27 2004 ./src/vnc_unixsrc/include/rfbproto.h +2851415 4 -rw-r--r-- 1 runge runge 1166 Jun 11 2000 ./src/vnc_unixsrc/include/vncauth.h +2851416 4 drwxr-xr-x 2 runge runge 4096 Jul 5 2005 ./src/vnc_unixsrc/libvncauth +2851417 4 -rw-r--r-- 1 runge runge 199 Apr 30 2002 ./src/vnc_unixsrc/libvncauth/Imakefile +2851418 16 -rw-r--r-- 1 runge runge 15487 Jun 11 2000 ./src/vnc_unixsrc/libvncauth/d3des.c +2851419 4 -rw-r--r-- 1 runge runge 1618 Jun 11 2000 ./src/vnc_unixsrc/libvncauth/d3des.h +2851420 8 -rw-r--r-- 1 runge runge 5879 Mar 1 2003 ./src/vnc_unixsrc/libvncauth/vncauth.c +2851421 4 drwxr-xr-x 2 runge runge 4096 Jul 5 2005 ./src/vnc_unixsrc/vncconnect +2851422 4 -rw-r--r-- 1 runge runge 163 Apr 30 2002 ./src/vnc_unixsrc/vncconnect/Imakefile +2851423 4 -rw-r--r-- 1 runge runge 1167 Nov 10 2000 ./src/vnc_unixsrc/vncconnect/vncconnect.c +2851424 4 -rw-r--r-- 1 runge runge 1083 Feb 5 2003 ./src/vnc_unixsrc/vncconnect/vncconnect.man +2851425 4 drwxr-xr-x 2 runge runge 4096 Jul 5 2005 ./src/vnc_unixsrc/vncpasswd +2851426 4 -rw-r--r-- 1 runge runge 256 Apr 30 2002 ./src/vnc_unixsrc/vncpasswd/Imakefile +2851427 8 -rw-r--r-- 1 runge runge 7681 Mar 1 2003 ./src/vnc_unixsrc/vncpasswd/vncpasswd.c +2851428 4 -rw-r--r-- 1 runge runge 3222 Mar 1 2003 ./src/vnc_unixsrc/vncpasswd/vncpasswd.man +2851429 4 drwxr-xr-x 2 runge runge 4096 Aug 3 19:10 ./src/vnc_unixsrc/vncviewer +2851430 4 -rw-r--r-- 1 runge runge 1057 Mar 12 2003 ./src/vnc_unixsrc/vncviewer/Imakefile +2851431 16 -rw-r--r-- 1 runge runge 12375 Jul 4 2005 ./src/vnc_unixsrc/vncviewer/README +2851432 4 -rw-r--r-- 1 runge runge 3198 Feb 7 2003 ./src/vnc_unixsrc/vncviewer/Vncviewer +2851433 16 -rw-r--r-- 1 runge runge 14159 Jul 4 2005 ./src/vnc_unixsrc/vncviewer/argsresources.c +2851434 8 -rw-r--r-- 1 runge runge 5362 Apr 1 2003 ./src/vnc_unixsrc/vncviewer/caps.c +2851435 4 -rw-r--r-- 1 runge runge 2074 Apr 1 2003 ./src/vnc_unixsrc/vncviewer/caps.h +2851436 16 -rw-r--r-- 1 runge runge 15568 Apr 30 2002 ./src/vnc_unixsrc/vncviewer/colour.c +2851437 4 -rw-r--r-- 1 runge runge 2295 Jun 11 2000 ./src/vnc_unixsrc/vncviewer/corre.c +2851438 16 -rw-r--r-- 1 runge runge 14504 Jan 15 2003 ./src/vnc_unixsrc/vncviewer/cursor.c +2851439 12 -rw-r--r-- 1 runge runge 11832 May 28 2004 ./src/vnc_unixsrc/vncviewer/desktop.c +2851440 4 -rw-r--r-- 1 runge runge 2621 Oct 26 2000 ./src/vnc_unixsrc/vncviewer/dialogs.c +2851441 12 -rw-r--r-- 1 runge runge 11671 Oct 9 2003 ./src/vnc_unixsrc/vncviewer/fullscreen.c +2851442 4 -rw-r--r-- 1 runge runge 3639 Jun 11 2000 ./src/vnc_unixsrc/vncviewer/hextile.c +2851443 8 -rw-r--r-- 1 runge runge 7463 Jan 16 2001 ./src/vnc_unixsrc/vncviewer/listen.c +2851444 12 -rw-r--r-- 1 runge runge 9120 Jan 15 2003 ./src/vnc_unixsrc/vncviewer/misc.c +2851445 4 -rw-r--r-- 1 runge runge 2749 Jun 11 2000 ./src/vnc_unixsrc/vncviewer/popup.c +2851446 40 -rw-r--r-- 1 runge runge 38923 Mar 11 2004 ./src/vnc_unixsrc/vncviewer/rfbproto.c +2851447 4 -rw-r--r-- 1 runge runge 2411 Jun 11 2000 ./src/vnc_unixsrc/vncviewer/rre.c +2851448 12 -rw-r--r-- 1 runge runge 9985 Mar 3 2004 ./src/vnc_unixsrc/vncviewer/selection.c +2851449 4 -rw-r--r-- 1 runge runge 2439 Jun 11 2000 ./src/vnc_unixsrc/vncviewer/shm.c +2851450 12 -rw-r--r-- 1 runge runge 9253 Jan 14 2001 ./src/vnc_unixsrc/vncviewer/sockets.c +2851451 16 -rw-r--r-- 1 runge runge 16069 Apr 30 2002 ./src/vnc_unixsrc/vncviewer/tight.c +2851452 8 -rw-r--r-- 1 runge runge 6695 Jul 31 2003 ./src/vnc_unixsrc/vncviewer/tunnel.c +2851453 4 -rw-r--r-- 1 runge runge 4040 Jan 13 2004 ./src/vnc_unixsrc/vncviewer/vncviewer.c +2851454 8 -rw-r--r-- 1 runge runge 7236 Mar 11 2004 ./src/vnc_unixsrc/vncviewer/vncviewer.h +2851455 16 -rw-r--r-- 1 runge runge 14478 Mar 11 2004 ./src/vnc_unixsrc/vncviewer/vncviewer.man +2851456 8 -rw-r--r-- 1 runge runge 4437 Jan 16 2001 ./src/vnc_unixsrc/vncviewer/zlib.c +2982894 36 -rw-r--r-- 1 runge runge 34369 Jul 5 2005 ./src/vnc_unixsrc/WhatsNew +2982895 84 -rw-r--r-- 1 runge runge 80366 Jul 5 2005 ./src/vnc_unixsrc/ChangeLog +2670933 4 drwxr-xr-x 6 runge runge 4096 Aug 2 09:03 ./src/stunnel-4.14 +3621575 4 drwxr-xr-x 2 runge runge 4096 Nov 2 2005 ./src/stunnel-4.14/auto +3621576 44 -rwxr-xr-x 1 runge runge 43609 Aug 10 2004 ./src/stunnel-4.14/auto/config.guess +3621577 32 -rwxr-xr-x 1 runge runge 31160 Aug 10 2004 ./src/stunnel-4.14/auto/config.sub +3621578 16 -rwxr-xr-x 1 runge runge 13866 Aug 10 2004 ./src/stunnel-4.14/auto/depcomp +3621579 8 -rwxr-xr-x 1 runge runge 7122 Aug 10 2004 ./src/stunnel-4.14/auto/install-sh +3621580 184 -rw-r--r-- 1 runge runge 184019 Aug 10 2004 ./src/stunnel-4.14/auto/ltmain.sh +3621581 12 -rwxr-xr-x 1 runge runge 10266 Aug 10 2004 ./src/stunnel-4.14/auto/missing +3621582 4 -rwxr-xr-x 1 runge runge 1988 Aug 10 2004 ./src/stunnel-4.14/auto/mkinstalldirs +5456722 4 drwxr-xr-x 2 runge runge 4096 Jul 31 22:47 ./src/stunnel-4.14/src +5456723 4 -rw-r--r-- 1 runge runge 1594 Oct 15 2005 ./src/stunnel-4.14/src/Makefile.am +5456724 20 -rw-r--r-- 1 runge runge 19314 Oct 25 2005 ./src/stunnel-4.14/src/Makefile.in +5456725 4 -rwxr-xr-x 1 runge runge 2954 Apr 20 2005 ./src/stunnel-4.14/src/stunnel3.in +5456727 4 -rw-r--r-- 1 runge runge 2376 Dec 31 2004 ./src/stunnel-4.14/src/env.c +5456728 8 -rw-r--r-- 1 runge runge 7878 Oct 21 2005 ./src/stunnel-4.14/src/common.h +5456775 12 -rw-r--r-- 1 runge runge 10893 Oct 27 2005 ./src/stunnel-4.14/src/prototypes.h +5456776 40 -rw-r--r-- 1 runge runge 36917 Oct 24 2005 ./src/stunnel-4.14/src/client.c +5456777 12 -rw-r--r-- 1 runge runge 9827 Sep 28 2005 ./src/stunnel-4.14/src/log.c +5456778 44 -rw-r--r-- 1 runge runge 43728 Oct 20 2005 ./src/stunnel-4.14/src/options.c +5456779 12 -rw-r--r-- 1 runge runge 9137 Apr 11 2005 ./src/stunnel-4.14/src/protocol.c +5456780 20 -rw-r--r-- 1 runge runge 19335 Oct 30 2005 ./src/stunnel-4.14/src/network.c +5456781 16 -rw-r--r-- 1 runge runge 12947 Feb 28 2005 ./src/stunnel-4.14/src/resolver.c +5456782 28 -rw-r--r-- 1 runge runge 25216 Oct 27 2005 ./src/stunnel-4.14/src/ssl.c +5456783 12 -rw-r--r-- 1 runge runge 9935 Oct 19 2005 ./src/stunnel-4.14/src/sthreads.c +5456784 16 -rw-r--r-- 1 runge runge 14074 Nov 2 2005 ./src/stunnel-4.14/src/stunnel.c +5456785 12 -rw-r--r-- 1 runge runge 8254 Jun 13 2005 ./src/stunnel-4.14/src/pty.c +5456786 32 -rw-r--r-- 1 runge runge 28682 Sep 29 2005 ./src/stunnel-4.14/src/gui.c +5456787 4 -rw-r--r-- 1 runge runge 227 Nov 5 2002 ./src/stunnel-4.14/src/resources.h +5456788 4 -rw-r--r-- 1 runge runge 1441 Oct 21 2005 ./src/stunnel-4.14/src/resources.rc +5456789 8 -rw-r--r-- 1 runge runge 4710 Jul 18 2002 ./src/stunnel-4.14/src/stunnel.ico +5456791 4 -rw-r--r-- 1 runge runge 76 Jul 18 2002 ./src/stunnel-4.14/src/make.bat +5456792 4 -rw-r--r-- 1 runge runge 1001 Oct 15 2005 ./src/stunnel-4.14/src/Makefile.w32 +3670989 4 drwxr-xr-x 2 runge runge 4096 Nov 2 2005 ./src/stunnel-4.14/tools +3670990 4 -rw-r--r-- 1 runge runge 1448 Sep 14 2005 ./src/stunnel-4.14/tools/Makefile.am +3670991 12 -rw-r--r-- 1 runge runge 12178 Oct 25 2005 ./src/stunnel-4.14/tools/Makefile.in +3670992 4 -rw-r--r-- 1 runge runge 1436 Sep 22 2005 ./src/stunnel-4.14/tools/stunnel.conf-sample.in +3670993 4 -rw-r--r-- 1 runge runge 966 Oct 25 2005 ./src/stunnel-4.14/tools/stunnel.init.in +3670994 4 -rw-r--r-- 1 runge runge 1121 Jul 18 2002 ./src/stunnel-4.14/tools/ca.html +3670995 4 -rwxr-xr-x 1 runge runge 1793 Jul 18 2002 ./src/stunnel-4.14/tools/ca.pl +3670996 4 -rw-r--r-- 1 runge runge 409 Jul 18 2002 ./src/stunnel-4.14/tools/importCA.html +3670997 4 -rwxr-xr-x 1 runge runge 105 Jul 18 2002 ./src/stunnel-4.14/tools/importCA.sh +3670998 4 -rwxr-xr-x 1 runge runge 223 Apr 23 2004 ./src/stunnel-4.14/tools/script.sh +3670999 4 -rw-r--r-- 1 runge runge 2618 Oct 21 2005 ./src/stunnel-4.14/tools/stunnel.spec +3671000 4 -rw-r--r-- 1 runge runge 2989 Jul 6 2005 ./src/stunnel-4.14/tools/stunnel.mak +3671001 4 -rw-r--r-- 1 runge runge 1175 Sep 1 2002 ./src/stunnel-4.14/tools/stunnel.cnf +3671002 4 -rw-r--r-- 1 runge runge 3285 Oct 21 2005 ./src/stunnel-4.14/tools/stunnel.nsi +3671003 4 -rw-r--r-- 1 runge runge 1148 Sep 22 2005 ./src/stunnel-4.14/tools/stunnel.conf +2670934 4 -rw-r--r-- 1 runge runge 725 Aug 12 2002 ./src/stunnel-4.14/README +2670935 12 -rw-r--r-- 1 runge runge 8824 Oct 25 2005 ./src/stunnel-4.14/configure.ac +2670936 240 -rw-r--r-- 1 runge runge 239347 Oct 25 2005 ./src/stunnel-4.14/aclocal.m4 +2670937 4 -rw-r--r-- 1 runge runge 1273 Sep 14 2005 ./src/stunnel-4.14/Makefile.am +2670938 24 -rw-r--r-- 1 runge runge 20876 Oct 25 2005 ./src/stunnel-4.14/Makefile.in +2670939 768 -rwxr-xr-x 1 runge runge 780103 Oct 25 2005 ./src/stunnel-4.14/configure +2670940 4 -rw-r--r-- 1 runge runge 99 Aug 12 2002 ./src/stunnel-4.14/AUTHORS +2670941 4 -rw-r--r-- 1 runge runge 788 Sep 13 2002 ./src/stunnel-4.14/COPYING +2670942 28 -rw-r--r-- 1 runge runge 25682 Nov 2 2005 ./src/stunnel-4.14/ChangeLog +2670943 4 -rw-r--r-- 1 runge runge 1066 Aug 10 2002 ./src/stunnel-4.14/INSTALL +2670944 4 -rw-r--r-- 1 runge runge 955 Aug 12 2002 ./src/stunnel-4.14/NEWS +2670945 4 -rw-r--r-- 1 runge runge 1461 Jul 27 2005 ./src/stunnel-4.14/TODO +2670946 4 -rw-r--r-- 1 runge runge 222 Jul 18 2002 ./src/stunnel-4.14/PORTS +2670947 4 -rw-r--r-- 1 runge runge 270 Aug 9 2004 ./src/stunnel-4.14/BUGS +2671491 20 -rw-r--r-- 1 runge runge 17982 Jul 18 2002 ./src/stunnel-4.14/COPYRIGHT.GPL +2671492 4 -rw-r--r-- 1 runge runge 199 Jul 18 2002 ./src/stunnel-4.14/CREDITS +2671493 4 -rw-r--r-- 1 runge runge 687 Jul 21 2005 ./src/stunnel-4.14/INSTALL.W32 +5653462 4 drwxr-xr-x 4 runge runge 4096 Jul 30 17:46 ./src/stunnel-4.14/doc +5653463 4 -rw-r--r-- 1 runge runge 1009 Jan 15 2005 ./src/stunnel-4.14/doc/Makefile.am +5653464 12 -rw-r--r-- 1 runge runge 12152 Oct 25 2005 ./src/stunnel-4.14/doc/Makefile.in +5653465 16 -rw-r--r-- 1 runge runge 16341 Sep 29 2005 ./src/stunnel-4.14/doc/stunnel.pod +5653466 20 -rw-r--r-- 1 runge runge 18829 Sep 29 2005 ./src/stunnel-4.14/doc/stunnel.pl.pod +5653467 20 -rw-r--r-- 1 runge runge 17798 Dec 25 2004 ./src/stunnel-4.14/doc/stunnel.fr.pod +5653468 24 -rw-r--r-- 1 runge runge 23885 Sep 29 2005 ./src/stunnel-4.14/doc/stunnel.8 +5653469 28 -rw-r--r-- 1 runge runge 26536 Sep 29 2005 ./src/stunnel-4.14/doc/stunnel.pl.8 +5653470 28 -rw-r--r-- 1 runge runge 24864 Jan 15 2005 ./src/stunnel-4.14/doc/stunnel.fr.8 +5653471 28 -rw-r--r-- 1 runge runge 26128 Sep 29 2005 ./src/stunnel-4.14/doc/stunnel.html +5653472 32 -rw-r--r-- 1 runge runge 28753 Sep 29 2005 ./src/stunnel-4.14/doc/stunnel.pl.html +5653473 28 -rw-r--r-- 1 runge runge 27205 Jan 15 2005 ./src/stunnel-4.14/doc/stunnel.fr.html +4342742 4 drwxr-xr-x 2 runge runge 4096 Jul 18 2002 ./src/stunnel-4.14/doc/en +4342743 12 -rw-r--r-- 1 runge runge 8414 Jul 18 2002 ./src/stunnel-4.14/doc/en/VNC_StunnelHOWTO.html +4342744 4 -rw-r--r-- 1 runge runge 4045 Jul 18 2002 ./src/stunnel-4.14/doc/en/transproxy.txt +4342745 4 drwxr-xr-x 2 runge runge 4096 Jul 18 2002 ./src/stunnel-4.14/doc/pl +4342746 36 -rw-r--r-- 1 runge runge 36360 Jul 18 2002 ./src/stunnel-4.14/doc/pl/tworzenie_certyfikatow.html +4342747 8 -rw-r--r-- 1 runge runge 5068 Jul 18 2002 ./src/stunnel-4.14/doc/pl/faq.stunnel-2.html +3653836 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:44 ./src/tmp +3277788 4 -rw-r--r-- 1 runge runge 301 Aug 2 10:05 ./src/README +2851457 4 drwxr-xr-x 12 runge runge 4096 Aug 29 16:32 ./bin +2261930 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:00 ./bin/Linux.i686 +2261967 196 -rwxr-xr-x 1 runge runge 193076 Jul 31 22:59 ./bin/Linux.i686/vncviewer +2261999 80 -rwxr-xr-x 1 runge runge 77148 Jul 31 23:00 ./bin/Linux.i686/stunnel +5538622 4 drwxr-xr-x 2 runge runge 4096 Sep 12 21:24 ./bin/util +5538759 12 -rwxr-xr-x 1 runge runge 12148 Sep 12 21:24 ./bin/util/ssl_vncviewer +5538760 136 -rwxr-xr-x 1 runge runge 132853 Sep 12 21:17 ./bin/util/ssl_tightvncviewer.tcl +5538641 4 -rw-r--r-- 1 runge runge 981 Aug 4 09:27 ./bin/util/stunnel-server.conf +2851794 4 -rwxr-xr-x 1 runge runge 3581 Jul 31 23:00 ./bin/ssl_tightvncviewer +2851592 4 -rwxr-xr-x 1 runge runge 3752 Jul 31 23:01 ./bin/tightvncviewer +2425590 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:30 ./bin/Linux.alpha +2425595 100 -rwxr-xr-x 1 runge runge 97504 Jul 31 23:30 ./bin/Linux.alpha/stunnel +2425596 272 -rwxr-xr-x 1 runge runge 274312 Jul 31 23:24 ./bin/Linux.alpha/vncviewer +3883808 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:24 ./bin/Linux.x86_64 +3883809 84 -rwxr-xr-x 1 runge runge 77896 Jul 31 23:24 ./bin/Linux.x86_64/stunnel +3883810 112 -rwxr-xr-x 1 runge runge 109656 Jul 31 23:23 ./bin/Linux.x86_64/vncviewer +3883811 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:27 ./bin/FreeBSD.i386 +3883812 68 -rwxr-xr-x 1 runge runge 64660 Jul 31 23:27 ./bin/FreeBSD.i386/stunnel +3883813 180 -rwxr-xr-x 1 runge runge 176796 Jul 31 23:24 ./bin/FreeBSD.i386/vncviewer +3687167 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:27 ./bin/OpenBSD.i386 +3687164 76 -rwxr-xr-x 1 runge runge 72260 Jul 31 23:27 ./bin/OpenBSD.i386/stunnel +3687165 180 -rwxr-xr-x 1 runge runge 179036 Jul 31 23:24 ./bin/OpenBSD.i386/vncviewer +4359128 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:27 ./bin/NetBSD.i386 +4359129 72 -rwxr-xr-x 1 runge runge 69064 Jul 31 23:27 ./bin/NetBSD.i386/stunnel +4359130 176 -rwxr-xr-x 1 runge runge 172624 Jul 31 23:24 ./bin/NetBSD.i386/vncviewer +2851458 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:25 ./bin/Linux.ppc64 +2851459 76 -rwxr-xr-x 1 runge runge 72856 Jul 31 23:25 ./bin/Linux.ppc64/stunnel +2851460 196 -rwxr-xr-x 1 runge runge 196112 Jul 31 23:24 ./bin/Linux.ppc64/vncviewer +3064794 4 drwxr-xr-x 2 runge runge 4096 Jul 31 23:47 ./bin/SunOS.sun4u +3064795 108 -rwxr-xr-x 1 runge runge 106260 Jul 31 23:45 ./bin/SunOS.sun4u/vncviewer +3064796 76 -rwxr-xr-x 1 runge runge 71748 Jul 31 23:47 ./bin/SunOS.sun4u/stunnel +2851711 4 -rwxr-xr-x 1 runge runge 1310 Aug 29 16:29 ./bin/ssl_vnc_gui +2851793 4 -rwxr-xr-x 1 runge runge 640 Jul 31 17:22 ./bin/.linkin +3293942 4 drwxr-xr-x 2 runge runge 4096 Aug 1 22:14 ./bin/profiles +3277791 8 -rwxr-xr-x 1 runge runge 4814 Jul 30 17:54 ./build.unix +3277785 20 -rw-r--r-- 1 runge runge 18043 Aug 1 2001 ./COPYING +3277827 8 -rw-r--r-- 1 runge runge 7222 Sep 10 16:04 ./README +5063553 4 drwxr-xr-x 3 runge runge 4096 Jul 27 16:32 ./man +5063554 4 drwxr-xr-x 2 runge runge 4096 Jul 27 16:33 ./man/man1 +5063556 16 -rw-r--r-- 1 runge runge 14478 Jul 27 16:32 ./man/man1/vncviewer.1 +5063557 24 -rw-r--r-- 1 runge runge 23885 Jul 27 16:33 ./man/man1/stunnel.1 +5538624 4 drwxr-xr-x 4 runge runge 4096 Sep 6 16:30 ./Windows +5538633 2312 -rw-r--r-- 1 runge runge 2361922 Sep 12 22:27 ./Windows/ssl_tightvncviewer.exe +5538576 4 -rw-r--r-- 1 runge runge 2149 Aug 2 09:42 ./Windows/README.txt +3293943 4 drwxr-xr-x 2 runge runge 4096 Aug 1 22:14 ./Windows/profiles +4621136 4 drwxr-xr-x 5 runge runge 4096 Sep 6 16:30 ./Windows/util +5096237 4 drwxr-xr-x 2 runge runge 4096 Sep 2 16:06 ./Windows/util/esound +5096238 148 -rw-rw-rw- 1 runge runge 146432 Jun 26 2004 ./Windows/util/esound/cygaudiofile.dll +5096239 60 -rw-rw-rw- 1 runge runge 53270 Feb 19 2003 ./Windows/util/esound/cygesd.dll +5096241 1132 -rw-rw-rw- 1 runge runge 1153417 May 26 2004 ./Windows/util/esound/cygwin1.dll +5096242 68 -rw-r--r-- 1 runge runge 65385 Feb 19 2003 ./Windows/util/esound/esd.exe +5096248 24 -rw-r--r-- 1 runge runge 21282 Feb 19 2003 ./Windows/util/esound/esdcat.exe +5096249 32 -rw-r--r-- 1 runge runge 32330 Feb 19 2003 ./Windows/util/esound/esdctl.exe +5096251 24 -rw-r--r-- 1 runge runge 21428 Feb 19 2003 ./Windows/util/esound/esdfilt.exe +5096252 24 -rw-r--r-- 1 runge runge 22643 Feb 19 2003 ./Windows/util/esound/esdloop.exe +5096253 24 -rw-r--r-- 1 runge runge 21264 Feb 19 2003 ./Windows/util/esound/esdmon.exe +5096254 28 -rw-r--r-- 1 runge runge 24835 Feb 19 2003 ./Windows/util/esound/esdplay.exe +5096255 24 -rw-r--r-- 1 runge runge 21288 Feb 19 2003 ./Windows/util/esound/esdrec.exe +5096256 28 -rw-r--r-- 1 runge runge 25151 Feb 19 2003 ./Windows/util/esound/esdsample.exe +5096258 4 -rw-r--r-- 1 runge runge 51 Sep 2 16:05 ./Windows/util/esound/example.bat +4621144 1132 -rwxr-xr-x 1 runge runge 1153024 Mar 23 2005 ./Windows/util/openssl.exe +5538626 1548 -rwxr-xr-x 1 runge runge 1578787 Mar 23 2005 ./Windows/util/libeay32.dll +5538629 624 -rwxr-xr-x 1 runge runge 632226 Mar 23 2005 ./Windows/util/libssl32.dll +4621310 128 -rw-r--r-- 1 runge runge 126976 Sep 4 10:56 ./Windows/util/pageant.exe +4621311 164 -rw-r--r-- 1 runge runge 163840 Sep 4 10:57 ./Windows/util/puttygen.exe +5538631 76 -rwxr-xr-x 1 runge runge 73728 Feb 26 2006 ./Windows/util/stunnel.exe +5538625 360 -rwxr-xr-x 1 runge runge 364544 Jul 5 2005 ./Windows/util/vncviewer.exe +4621143 260 -rw-r--r-- 1 runge runge 262144 Sep 2 21:19 ./Windows/util/plink.exe +3293944 4 drwxr-xr-x 8 runge runge 4096 Sep 5 20:57 ./Windows/util/info +3293945 4 drwxr-xr-x 2 runge runge 4096 Aug 2 09:40 ./Windows/util/info/vncviewer +5538627 20 -rw-r--r-- 1 runge runge 18340 Jul 6 2005 ./Windows/util/info/vncviewer/LICENCE.txt +5538628 4 -rw-r--r-- 1 runge runge 1238 Jul 6 2005 ./Windows/util/info/vncviewer/README.txt +3294015 4 -rw-r--r-- 1 runge runge 24 Aug 2 09:39 ./Windows/util/info/vncviewer/location.url +3294016 4 -rw-r--r-- 1 runge runge 38 Aug 2 09:39 ./Windows/util/info/vncviewer/download.url +3293947 4 drwxr-xr-x 2 runge runge 4096 Aug 2 09:38 ./Windows/util/info/stunnel +3293948 4 -rw-r--r-- 1 runge runge 99 Aug 12 2002 ./Windows/util/info/stunnel/AUTHORS +3293949 4 -rw-r--r-- 1 runge runge 788 Sep 13 2002 ./Windows/util/info/stunnel/COPYING +3293950 20 -rw-r--r-- 1 runge runge 17982 Jul 18 2002 ./Windows/util/info/stunnel/COPYRIGHT.GPL +3293951 4 -rw-r--r-- 1 runge runge 199 Jul 18 2002 ./Windows/util/info/stunnel/CREDITS +3293952 4 -rw-r--r-- 1 runge runge 687 Jul 21 2005 ./Windows/util/info/stunnel/INSTALL.W32 +3293953 4 -rw-r--r-- 1 runge runge 725 Aug 12 2002 ./Windows/util/info/stunnel/README +3293954 28 -rw-r--r-- 1 runge runge 25682 Nov 2 2005 ./Windows/util/info/stunnel/ChangeLog +3293955 4 -rw-r--r-- 1 runge runge 1066 Aug 10 2002 ./Windows/util/info/stunnel/INSTALL +3293956 4 -rw-r--r-- 1 runge runge 955 Aug 12 2002 ./Windows/util/info/stunnel/NEWS +3293958 4 -rw-r--r-- 1 runge runge 222 Jul 18 2002 ./Windows/util/info/stunnel/PORTS +3293959 4 -rw-r--r-- 1 runge runge 1461 Jul 27 2005 ./Windows/util/info/stunnel/TODO +3293960 28 -rw-r--r-- 1 runge runge 26128 Sep 29 2005 ./Windows/util/info/stunnel/stunnel.html +3293969 16 -rw-r--r-- 1 runge runge 14638 Aug 2 09:37 ./Windows/util/info/stunnel/download.html +3294011 4 -rw-r--r-- 1 runge runge 47 Aug 2 09:15 ./Windows/util/info/stunnel/download.url +3294012 24 -rw-r--r-- 1 runge runge 21815 Aug 2 09:13 ./Windows/util/info/stunnel/location.html +3294013 4 -rw-r--r-- 1 runge runge 46 Aug 2 09:13 ./Windows/util/info/stunnel/location.url +3293961 4 drwxr-xr-x 2 runge runge 4096 Aug 2 09:37 ./Windows/util/info/openssl +3293965 4 -rw-r--r-- 1 runge runge 47 Aug 2 09:15 ./Windows/util/info/openssl/download.url +3293963 4 -rw-r--r-- 1 runge runge 46 Aug 2 09:13 ./Windows/util/info/openssl/location.url +3293964 4 -rw-r--r-- 1 runge runge 3489 Nov 28 2005 ./Windows/util/info/openssl/COPYRIGHT.SSLeay +3293967 16 -rw-r--r-- 1 runge runge 14638 Aug 2 09:37 ./Windows/util/info/openssl/download.html +3293962 24 -rw-r--r-- 1 runge runge 21815 Aug 2 09:13 ./Windows/util/info/openssl/location.html +2261824 4 drwxr-xr-x 2 runge runge 4096 Aug 2 09:36 ./Windows/util/info/plink +3293966 4 -rw-r--r-- 1 runge runge 3549 Aug 2 09:35 ./Windows/util/info/plink/licence.html +3293968 4 -rw-r--r-- 1 runge runge 65 Aug 2 09:35 ./Windows/util/info/plink/licence.url +2261825 28 -rw-r--r-- 1 runge runge 24744 Aug 2 09:35 ./Windows/util/info/plink/download.html +2261826 4 -rw-r--r-- 1 runge runge 66 Aug 2 09:35 ./Windows/util/info/plink/download.url +2229126 4 drwxr-xr-x 2 runge runge 4096 Sep 3 12:09 ./Windows/util/info/esound +2229127 20 -rw-r--r-- 1 runge runge 17992 Sep 3 12:09 ./Windows/util/info/esound/COPYING +2229128 4 -rw-r--r-- 1 runge runge 40 Sep 3 12:07 ./Windows/util/info/esound/download.url +2229129 28 -rw-r--r-- 1 runge runge 25265 Sep 3 12:09 ./Windows/util/info/esound/COPYING.LIB +2229130 4 -rw-r--r-- 1 runge runge 2153 Sep 3 12:09 ./Windows/util/info/esound/AUTHORS +2229131 4 -rw-r--r-- 1 runge runge 1936 Sep 3 12:09 ./Windows/util/info/esound/README +2229132 4 -rw-r--r-- 1 runge runge 178 Sep 3 12:09 ./Windows/util/info/esound/MAINTAINERS +3113803 4 drwxr-xr-x 2 runge runge 4096 Sep 5 20:58 ./Windows/util/info/netcat +3113804 8 -rw-r--r-- 1 runge runge 6833 Dec 27 2004 ./Windows/util/info/netcat/readme.txt +3113805 20 -rw-r--r-- 1 runge runge 18009 Dec 27 2004 ./Windows/util/info/netcat/license.txt +3064790 4 drwxr-xr-x 2 runge runge 4096 Aug 2 09:40 ./Windows/util/w98 +4621137 120 -rw-r--r-- 1 runge runge 118524 Feb 26 1997 ./Windows/util/w98/kill.exe +4621138 116 -rw-r--r-- 1 runge runge 114240 Feb 26 1997 ./Windows/util/w98/tlist.exe +3064797 24 -rw-r--r-- 1 runge runge 24576 Apr 30 1998 ./Windows/util/w98/README.DOC +3064799 4 -rw-r--r-- 1 runge runge 75 Aug 2 08:56 ./Windows/util/w98/location.url +4621140 4 -rw-r--r-- 1 runge runge 981 Aug 4 09:27 ./Windows/util/stunnel-server.conf +4621142 4 -rw-r--r-- 1 runge runge 1173 Aug 4 09:27 ./Windows/util/stunnel-client.conf +4621312 64 -rw-r--r-- 1 runge runge 61440 Dec 29 2004 ./Windows/util/netcat.exe +5538607 416 -rw-r--r-- 1 runge runge 421888 Sep 6 14:14 ./Windows/util/putty.exe diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/README b/x11vnc/misc/enhanced_tightvnc_viewer/src/README new file mode 100644 index 0000000..6630db9 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/README @@ -0,0 +1,7 @@ + +In this directory we have source zip/tgz files in zip/, the patches +we created in patches/, a temporary build dir (used by build.unix) +in tmp/, and unpacked sources in vnc_unixsrc/ and stunnel-4.14/ (used +by the build.unix script). + +See the README in the directory one level up for more information. diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/README b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/README new file mode 100644 index 0000000..9451e7e --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/README @@ -0,0 +1,6 @@ +All of the patch files and scripts in this directory are + + Copyright (c) 2006 by Karl J. Runge <runge@karlrunge.com> + +and are licensed by the GPL. See the README and COPYING files two +directories up for more information. diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_bundle b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_bundle new file mode 100755 index 0000000..c2eec84 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_bundle @@ -0,0 +1,33 @@ +#!/bin/sh + +rm -rf ./src/tmp/* || exit 1 +vers=1.0.3 + +cd .. || exit 1 + +if [ -f enhanced_tightvnc_viewer-$vers.zip ]; then + mv enhanced_tightvnc_viewer-$vers.zip enhanced_tightvnc_viewer-$vers.zip~ +fi +rm -f enhanced_tightvnc_viewer_all-$vers.zip +rm -f enhanced_tightvnc_viewer-$vers.zip +zip -9 -r enhanced_tightvnc_viewer_all-$vers.zip enhanced_tightvnc_viewer +zip -9 -r enhanced_tightvnc_viewer-$vers.zip enhanced_tightvnc_viewer -x '*.zip' '*.tar.gz' +tar cvf - --exclude='*.zip' --exclude='*.tar.gz' enhanced_tightvnc_viewer | gzip -9 > enhanced_tightvnc_viewer-$vers.tar.gz +tar cvf - --exclude='*.zip' --exclude='*.tar.gz' --exclude='*.dll' --exclude='*.exe' --exclude enhanced_tightvnc_viewer/Windows/util enhanced_tightvnc_viewer | gzip -9 > enhanced_tightvnc_viewer_no_windows-$vers.tar.gz + +ls -l enhanced_tightvnc_viewer*-$vers.* + +########################################### + +rm -rf enhanced_tightvnc_viewer_windows_only-${vers}* + +cp -pR enhanced_tightvnc_viewer enhanced_tightvnc_viewer_windows_only-$vers +rm -rf enhanced_tightvnc_viewer_windows_only-$vers/{src,bin,man}/* +rm -rf enhanced_tightvnc_viewer_windows_only-$vers/bin/.linkin +cp -p enhanced_tightvnc_viewer/bin/util/ssl_tightvncviewer.tcl enhanced_tightvnc_viewer_windows_only-$vers/Windows/util + +rm -f enhanced_tightvnc_viewer_windows_only-$vers.zip +zip -9 -r enhanced_tightvnc_viewer_windows_only-$vers.zip enhanced_tightvnc_viewer_windows_only-$vers + +ls -l enhanced_tightvnc_viewer_windows_only-$vers.zip +rm -rf enhanced_tightvnc_viewer_windows_only-${vers} diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_getpatches b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_getpatches new file mode 100755 index 0000000..8fa3645 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_getpatches @@ -0,0 +1,3 @@ +#!/bin/sh + +cp -p /dist/src/apps/VNC/tight_vnc_1.3dev5/tight-vncviewer*patch . diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_vncpatchapplied b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_vncpatchapplied new file mode 100755 index 0000000..0ff1931 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/_vncpatchapplied @@ -0,0 +1,6 @@ +#!/bin/sh + +make clean +rm -f *.o +cd ../.. +tar -cvf ../../zips/vnc_unixsrc_vncviewer.patched.tar vnc_unixsrc/vncviewer diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/stunnel-maxconn.patch b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/stunnel-maxconn.patch new file mode 100644 index 0000000..7067a7c --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/stunnel-maxconn.patch @@ -0,0 +1,124 @@ +diff -Naur stunnel.orig/src/client.c stunnel/src/client.c +--- stunnel.orig/src/client.c 2005-10-24 14:00:56.000000000 -0400 ++++ stunnel/src/client.c 2006-07-31 21:51:37.000000000 -0400 +@@ -126,6 +126,10 @@ + s_log(LOG_DEBUG, "%s finished (%d left)", c->opt->servname, + --num_clients); + leave_critical_section(CRIT_CLIENTS); ++ if (num_clients <= 0 && options.maxconn > 0 && num_conn >= options.maxconn) { ++ s_log(LOG_NOTICE, "client() finished: exceeded maxconn"); ++ exit(0); ++ } + #endif + free(c); + #ifdef DEBUG_STACK_SIZE +diff -Naur stunnel.orig/src/network.c stunnel/src/network.c +--- stunnel.orig/src/network.c 2005-10-30 16:35:42.000000000 -0500 ++++ stunnel/src/network.c 2006-07-31 21:53:49.000000000 -0400 +@@ -329,6 +329,10 @@ + /* no logging is possible in a signal handler */ + #ifdef USE_FORK + num_clients--; /* one client less */ ++ if (num_clients <= 0 && options.maxconn > 0 && num_conn >= options.maxconn) { ++ s_log(LOG_NOTICE, "sigchld_handler() finished: exceeded maxconn"); ++ exit(0); ++ } + #endif /* USE_FORK */ + } + #else /* __sgi */ +@@ -375,6 +379,10 @@ + if((pid=wait(&status))>0) { + num_clients--; /* one client less */ + #endif ++ if (num_clients <= 0 && options.maxconn > 0 && num_conn >= options.maxconn) { ++ s_log(LOG_NOTICE, "client_status() finished: exceeded maxconn"); ++ exit(0); ++ } + #ifdef WIFSIGNALED + if(WIFSIGNALED(status)) { + s_log(LOG_DEBUG, "Process %d terminated on signal %d (%d left)", +diff -Naur stunnel.orig/src/options.c stunnel/src/options.c +--- stunnel.orig/src/options.c 2005-10-20 03:12:07.000000000 -0400 ++++ stunnel/src/options.c 2006-07-31 22:49:57.000000000 -0400 +@@ -665,6 +665,24 @@ + break; + } + ++ /* maxconn */ ++ switch(cmd) { ++ case CMD_INIT: ++ options.maxconn=0; ++ break; ++ case CMD_EXEC: ++ if(strcasecmp(opt, "maxconn")) ++ break; ++ options.maxconn=atoi(arg); ++ return NULL; /* OK */ ++ case CMD_DEFAULT: ++ log_raw("%-15s = 0", "maxconn"); ++ break; ++ case CMD_HELP: ++ log_raw("%-15s = maximum number of accepted connections", "maxconn"); ++ break; ++ } ++ + if(cmd==CMD_EXEC) + return option_not_found; + return NULL; /* OK */ +diff -Naur stunnel.orig/src/prototypes.h stunnel/src/prototypes.h +--- stunnel.orig/src/prototypes.h 2005-10-27 05:41:28.000000000 -0400 ++++ stunnel/src/prototypes.h 2006-07-31 22:49:36.000000000 -0400 +@@ -44,6 +44,7 @@ + /**************************************** Prototypes for stunnel.c */ + + extern int num_clients; ++extern int num_conn; + + void main_initialize(char *, char *); + void main_execute(void); +@@ -113,6 +114,7 @@ + long session_timeout; + int verify_level; + int verify_use_only_my; ++ int maxconn; + long ssl_options; + + /* some global data for stunnel.c */ +diff -Naur stunnel.orig/src/stunnel.c stunnel/src/stunnel.c +--- stunnel.orig/src/stunnel.c 2005-11-02 15:18:42.000000000 -0500 ++++ stunnel/src/stunnel.c 2006-07-31 21:40:04.000000000 -0400 +@@ -53,6 +53,7 @@ + #endif + + int num_clients=0; /* Current number of clients */ ++int num_conn=0; /* Total number of connections */ + + /* Functions */ + +@@ -138,6 +139,7 @@ + } + + num_clients=0; ++ num_conn=0; + + /* bind local ports */ + for(opt=local_options.next; opt; opt=opt->next) { +@@ -222,6 +224,18 @@ + return; /* error */ + } + } ++ num_conn++; ++fprintf(stderr, "num_conn: %d\n", num_conn); ++ if (options.maxconn > 0 && num_conn > options.maxconn) { ++ s_log(LOG_WARNING, "Connection rejected: exceeded maxconn (%d>%d)", ++ num_conn, options.maxconn); ++ closesocket(s); ++ if (num_clients == 0) { ++ s_log(LOG_WARNING, "Finished via maxconn."); ++ exit(0); ++ } ++ return; ++ } + s_ntop(from_address, &addr); + s_log(LOG_DEBUG, "%s accepted FD=%d from %s", + opt->servname, s, from_address); diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/tight-vncviewer-fullscreen.patch b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/tight-vncviewer-fullscreen.patch new file mode 100644 index 0000000..97494ee --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/tight-vncviewer-fullscreen.patch @@ -0,0 +1,42 @@ +--- vnc_unixsrc.orig/vncviewer/fullscreen.c 2003-10-09 05:23:49.000000000 -0400 ++++ vnc_unixsrc/vncviewer/fullscreen.c 2004-12-26 21:21:44.000000000 -0500 +@@ -173,9 +173,15 @@ + XtVaSetValues(popup, XtNoverrideRedirect, True, NULL); + + /* Try to get the input focus. */ +- ++ ++#if 0 + XSetInputFocus(dpy, DefaultRootWindow(dpy), RevertToPointerRoot, + CurrentTime); ++#else ++ XSetInputFocus(dpy, PointerRoot, RevertToPointerRoot, ++ CurrentTime); ++#endif ++ + + /* Optionally, grab the keyboard. */ + +@@ -184,6 +190,10 @@ + GrabModeAsync, CurrentTime) != GrabSuccess) { + fprintf(stderr, "XtGrabKeyboard() failed.\n"); + } ++if (getenv("VNCVIEWER_GRAB_SERVER") != NULL) { /* runge bot of FullScreenOn */ ++ fprintf(stderr, "calling XGrabServer(dpy)\n"); ++ XGrabServer(dpy); ++} + } + + +@@ -210,6 +220,11 @@ + + appData.fullScreen = False; + ++if (getenv("VNCVIEWER_GRAB_SERVER") != NULL) { /* runge top of FullScreenOff */ ++ fprintf(stderr, "calling XUngrabServer(dpy)\n"); ++ XUngrabServer(dpy); ++} ++ + if (appData.grabKeyboard) + XtUngrabKeyboard(desktop, CurrentTime); + diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/tight-vncviewer-newfbsize.patch b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/tight-vncviewer-newfbsize.patch new file mode 100644 index 0000000..d9eb114 --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/patches/tight-vncviewer-newfbsize.patch @@ -0,0 +1,285 @@ +--- vnc_unixsrc.orig/vncviewer/desktop.c 2004-05-28 13:29:29.000000000 -0400 ++++ vnc_unixsrc/vncviewer/desktop.c 2006-07-27 11:30:01.000000000 -0400 +@@ -50,6 +50,30 @@ + }, + }; + ++void create_image() { ++ image = NULL; ++ ++#ifdef MITSHM ++ if (appData.useShm) { ++ image = CreateShmImage(); ++ if (!image) ++ appData.useShm = False; ++ } ++#endif ++ ++ if (!image) { ++ image = XCreateImage(dpy, vis, visdepth, ZPixmap, 0, NULL, ++ si.framebufferWidth, si.framebufferHeight, ++ BitmapPad(dpy), 0); ++ ++ image->data = malloc(image->bytes_per_line * image->height); ++ if (!image->data) { ++ fprintf(stderr,"malloc failed\n"); ++ exit(1); ++ } ++ } ++} ++ + + /* + * DesktopInitBeforeRealization creates the "desktop" widget and the viewport +@@ -82,30 +106,9 @@ + for (i = 0; i < 256; i++) + modifierPressed[i] = False; + +- image = NULL; +- +-#ifdef MITSHM +- if (appData.useShm) { +- image = CreateShmImage(); +- if (!image) +- appData.useShm = False; +- } +-#endif +- +- if (!image) { +- image = XCreateImage(dpy, vis, visdepth, ZPixmap, 0, NULL, +- si.framebufferWidth, si.framebufferHeight, +- BitmapPad(dpy), 0); +- +- image->data = malloc(image->bytes_per_line * image->height); +- if (!image->data) { +- fprintf(stderr,"malloc failed\n"); +- exit(1); +- } +- } ++ create_image(); + } + +- + /* + * DesktopInitAfterRealization does things which require the X windows to + * exist. It creates some GCs and sets the dot cursor. +@@ -460,3 +463,69 @@ + break; + } + } ++ ++static void reset_image(void) { ++ if (UsingShm()) { ++ ShmCleanup(); ++ } else { ++ if (image && image->data) { ++ free(image->data); ++ XDestroyImage(image); ++ image = NULL; ++ } ++ } ++ create_image(); ++ XFlush(dpy); ++} ++ ++void ReDoDesktop(void) { ++ int w, h, x, y, dw, dh; ++ ++ if (appData.fullScreen) { ++ if (image && image->data) { ++ int len; ++ int h = image->height; ++ int w = image->width; ++ len = image->bytes_per_line * image->height; ++ /* black out window first: */ ++ memset(image->data, 0, len); ++ XPutImage(dpy, XtWindow(desktop), gc, image, 0, 0, 0, 0, w, h); ++ XFlush(dpy); ++ } ++ XtResizeWidget(desktop, si.framebufferWidth, si.framebufferHeight, 0); ++ XSync(dpy, False); ++ usleep(100*1000); ++ FullScreenOn(); ++ XSync(dpy, False); ++ usleep(100*1000); ++ reset_image(); ++ return; ++ } ++ ++ dw = appData.wmDecorationWidth; ++ dh = appData.wmDecorationHeight; ++ ++ w = si.framebufferWidth; ++ h = si.framebufferHeight; ++ ++ if (w + dw >= dpyWidth) { ++ w = dpyWidth - dw; ++ } ++ if (h + dh >= dpyHeight) { ++ h = dpyHeight - dh; ++ } ++ ++ XtVaSetValues(toplevel, XtNmaxWidth, w, XtNmaxHeight, h, NULL); ++ ++ XtVaSetValues(desktop, XtNwidth, si.framebufferWidth, ++ XtNheight, si.framebufferHeight, NULL); ++ ++ x = (dpyWidth - w - dw)/2; ++ y = (dpyHeight - h - dh)/2; ++ ++ XtResizeWidget(desktop, si.framebufferWidth, si.framebufferHeight, 0); ++ ++ XtConfigureWidget(toplevel, x + dw, y + dh, w, h, 0); ++ ++ reset_image(); ++} +--- vnc_unixsrc.orig/vncviewer/fullscreen.c 2003-10-09 05:23:49.000000000 -0400 ++++ vnc_unixsrc/vncviewer/fullscreen.c 2006-07-27 14:36:06.000000000 -0400 +@@ -85,10 +85,13 @@ + Dimension oldViewportWidth, oldViewportHeight, clipWidth, clipHeight; + Position viewportX, viewportY; + ++ Bool fsAlready = appData.fullScreen, toobig = False; ++ + appData.fullScreen = True; + + if (si.framebufferWidth > dpyWidth || si.framebufferHeight > dpyHeight) { + ++ toobig = True; + XtVaSetValues(viewport, XtNforceBars, True, NULL); + XtVaGetValues(viewport, XtNwidth, &oldViewportWidth, + XtNheight, &oldViewportHeight, NULL); +@@ -129,6 +132,7 @@ + reparenting our window to the root. The window manager will get a + ReparentNotify and hopefully clean up its frame window. */ + ++if (! fsAlready) { + XtVaSetValues(toplevel, XtNoverrideRedirect, True, NULL); + + XReparentWindow(dpy, XtWindow(toplevel), DefaultRootWindow(dpy), 0, 0); +@@ -164,10 +168,22 @@ + + XtManageChild(viewport); + +- /* Now we can set "toplevel" to its proper size. */ ++} else { ++ XSync(dpy, False); ++} + ++ /* Now we can set "toplevel" to its proper size. */ + XtResizeWidget(toplevel, toplevelWidth, toplevelHeight, 0); + ++if (fsAlready) { ++ XtResizeWidget(viewport, viewportWidth, viewportHeight, 0); ++ if (! toobig) { ++ XtVaSetValues(viewport, XtNforceBars, False, NULL); ++ } ++ XMoveWindow(dpy, XtWindow(viewport), viewportX, viewportY); ++ XSync(dpy, False); ++} ++ + /* Set the popup to overrideRedirect too */ + + XtVaSetValues(popup, XtNoverrideRedirect, True, NULL); +--- vnc_unixsrc.orig/vncviewer/rfbproto.c 2004-03-11 13:14:39.000000000 -0500 ++++ vnc_unixsrc/vncviewer/rfbproto.c 2006-07-25 21:51:20.000000000 -0400 +@@ -177,6 +177,9 @@ + sig_rfbEncodingPointerPos, "Pointer position update"); + CapsAdd(encodingCaps, rfbEncodingLastRect, rfbTightVncVendor, + sig_rfbEncodingLastRect, "LastRect protocol extension"); ++ ++ CapsAdd(encodingCaps, rfbEncodingNewFBSize, rfbTightVncVendor, ++ sig_rfbEncodingNewFBSize, "New FB size protocol extension"); + } + + +@@ -729,6 +732,7 @@ + Bool requestCompressLevel = False; + Bool requestQualityLevel = False; + Bool requestLastRectEncoding = False; ++ Bool requestNewFBSizeEncoding = True; + + spf.type = rfbSetPixelFormat; + spf.format = myFormat; +@@ -806,6 +810,10 @@ + if (se->nEncodings < MAX_ENCODINGS && requestLastRectEncoding) { + encs[se->nEncodings++] = Swap32IfLE(rfbEncodingLastRect); + } ++ ++ if (se->nEncodings < MAX_ENCODINGS && requestNewFBSizeEncoding) { ++ encs[se->nEncodings++] = Swap32IfLE(rfbEncodingNewFBSize); ++ } + } + else { + if (SameMachine(rfbsock)) { +@@ -849,6 +857,7 @@ + } + + encs[se->nEncodings++] = Swap32IfLE(rfbEncodingLastRect); ++ encs[se->nEncodings++] = Swap32IfLE(rfbEncodingNewFBSize); + } + + len = sz_rfbSetEncodingsMsg + se->nEncodings * 4; +@@ -1038,6 +1047,16 @@ + } + continue; + } ++ if (rect.encoding == rfbEncodingNewFBSize) { ++ fprintf(stderr,"New Size: %dx%d at (%d, %d)\n", ++ rect.r.w, rect.r.h, rect.r.x, rect.r.y); ++ si.framebufferWidth = rect.r.w; ++ si.framebufferHeight = rect.r.h; ++ fprintf(stderr, "si: %d %d\n", si.framebufferWidth, si.framebufferHeight); ++ ReDoDesktop(); ++ ++ continue; ++ } + + if ((rect.r.x + rect.r.w > si.framebufferWidth) || + (rect.r.y + rect.r.h > si.framebufferHeight)) +--- vnc_unixsrc.orig/vncviewer/shm.c 2000-06-11 08:00:53.000000000 -0400 ++++ vnc_unixsrc/vncviewer/shm.c 2006-07-26 23:30:42.000000000 -0400 +@@ -41,6 +41,10 @@ + } + } + ++Bool UsingShm() { ++ return needShmCleanup; ++} ++ + static int + ShmCreationXErrorHandler(Display *dpy, XErrorEvent *error) + { +--- vnc_unixsrc.orig/vncviewer/vncviewer.h 2004-03-11 13:14:40.000000000 -0500 ++++ vnc_unixsrc/vncviewer/vncviewer.h 2006-07-26 23:31:25.000000000 -0400 +@@ -162,6 +162,8 @@ + extern void CopyDataToScreen(char *buf, int x, int y, int width, int height); + extern void SynchroniseScreen(); + ++extern void ReDoDesktop(); ++ + /* dialogs.c */ + + extern void ServerDialogDone(Widget w, XEvent *event, String *params, +@@ -243,6 +245,7 @@ + + extern XImage *CreateShmImage(); + extern void ShmCleanup(); ++extern Bool UsingShm(); + + /* sockets.c */ + +--- vnc_unixsrc.orig/vncviewer/vncviewer.c 2004-01-13 09:22:05.000000000 -0500 ++++ vnc_unixsrc/vncviewer/vncviewer.c 2006-07-27 19:00:25.000000000 -0400 +@@ -57,6 +57,11 @@ + } + } + ++ if (argc > 1 && strstr(argv[1], "-h") == argv[1]) { ++ usage(); ++ return 0; ++ } ++ + /* Call the main Xt initialisation function. It parses command-line options, + generating appropriate resource specs, and makes a connection to the X + display. */ diff --git a/x11vnc/misc/enhanced_tightvnc_viewer/src/zips/README b/x11vnc/misc/enhanced_tightvnc_viewer/src/zips/README new file mode 100644 index 0000000..776d4bf --- /dev/null +++ b/x11vnc/misc/enhanced_tightvnc_viewer/src/zips/README @@ -0,0 +1,15 @@ +This is where we keep the 3rd party source zip and tar.gz files used +to build this package. + +www.stunnel.org source 488512 Jul 25 15:09 stunnel-4.14.tar.gz +www.tightvnc.com source 2182134 Jul 25 15:11 tightvnc-1.3dev7_unixsrc.tar.gz +www.tightvnc.com windows + standalone viewer binary: 209149 Jul 25 15:10 tightvnc-1.3dev7_x86_viewer.zip + +To save space they may not be included in the package you downloaded. +The should be included in the "enhanced_tightvnc_viewer_all-<version>.zip" file. +Go to the websites indicated above or contact me if you cannot find them. + +The stunnel.patched.tar vnc_unixsrc_vncviewer.patched.tar +files are tarballs of the original sources above with patches applied +(used by build.unix script when patching fails). diff --git a/x11vnc/remote.c b/x11vnc/remote.c index f764192..3db6d30 100644 --- a/x11vnc/remote.c +++ b/x11vnc/remote.c @@ -620,8 +620,6 @@ int remote_control_access_ok(void) { #endif /* NO_X11 */ } -static int hack_val = 0; - /* * Huge, ugly switch to handle all remote commands and queries * -remote/-R and -query/-Q. diff --git a/x11vnc/util.c b/x11vnc/util.c index 15453b5..079d53c 100644 --- a/x11vnc/util.c +++ b/x11vnc/util.c @@ -417,6 +417,12 @@ void rfbPE(long usec) { return; } + if (debug_tiles > 2) { + double tm = dnow(); + fprintf(stderr, "rfbPE(%d) t: %.4f\n", + (int) usec, tm - x11vnc_start); + } + if (usec > USEC_MAX) { usec = USEC_MAX; } @@ -445,6 +451,13 @@ void rfbCFD(long usec) { usec = USEC_MAX; } + if (debug_tiles > 2) { + double tm = dnow(); + fprintf(stderr, "rfbCFD(%d) t: %.4f\n", + (int) usec, tm - x11vnc_start); + } + + if (! use_threads) { if (0 && all_input) { static int cnt = 0; diff --git a/x11vnc/x11vnc.1 b/x11vnc/x11vnc.1 index c3b2607..e3deed8 100644 --- a/x11vnc/x11vnc.1 +++ b/x11vnc/x11vnc.1 @@ -2,7 +2,7 @@ .TH X11VNC "1" "September 2006" "x11vnc " "User Commands" .SH NAME x11vnc - allow VNC connections to real X11 displays - version: 0.8.3, lastmod: 2006-09-10 + version: 0.8.3, lastmod: 2006-09-13 .SH SYNOPSIS .B x11vnc [OPTION]... @@ -32,8 +32,8 @@ these protections. See the FAQ for details how to tunnel the VNC connection through an encrypted channel such as .IR ssh (1). In brief: -.PP -% ssh -L 5900:localhost:5900 far-host 'x11vnc -localhost -display :0' +.IP +ssh \fB-t\fR \fB-L\fR 5900:localhost:5900 far-host 'x11vnc \fB-localhost\fR \fB-display\fR :0' .PP % vncviewer -encodings 'copyrect tight zrle hextile' localhost:0 .PP @@ -130,17 +130,17 @@ even if it looks like 8bpp TrueColor (rare problem). .PP \fB-visual\fR \fIn\fR .IP -Experimental option: probably does not do what you -think. It simply *forces* the visual used for the -framebuffer; this may be a bad thing... (e.g. messes -up colors or cause a crash). It is useful for testing -and for some workarounds. n may be a decimal number, -or 0x hex. Run +This option probably does not do what you think. +It simply *forces* the visual used for the framebuffer; +this may be a bad thing... (e.g. messes up colors or +cause a crash). It is useful for testing and for some +workarounds. n may be a decimal number, or 0x hex. +Run .IR xdpyinfo (1) -for the values. One may -also use "TrueColor", etc. see <X11/X.h> for a list. -If the string ends in ":m" then for better or for -worse the visual depth is forced to be m. +for the values. One may also use +"TrueColor", etc. see <X11/X.h> for a list. If the +string ends in ":m" then for better or for worse the +visual depth is forced to be m. .PP \fB-overlay\fR .IP @@ -1788,7 +1788,7 @@ Go into the background after screen setup. Messages to stderr are lost unless \fB-o\fR logfile is used. Something like this could be useful in a script: .IP -port=`ssh $host "x11vnc -display :0 -bg" | grep PORT` +port=`ssh -t $host "x11vnc -display :0 -bg" | grep PORT` .IP port=`echo "$port" | sed -e 's/PORT=//'` .IP @@ -2852,8 +2852,8 @@ or where window tearing is a problem. .PP \fB-rawfb\fR \fIstring\fR .IP -Experimental option, instead of polling X, poll the -memory object specified in \fIstring\fR. +Instead of polling X, poll the memory object specified +in \fIstring\fR. .IP For shared memory segments string is of the form: "shm:N@WxHxB" which specifies a shmid @@ -3102,16 +3102,16 @@ format. .PP \fB-pipeinput\fR \fIcmd\fR .IP -Another experimental option: it lets you supply an -external command in \fIcmd\fR that x11vnc will pipe -all of the user input events to in a simple format. -In \fB-pipeinput\fR mode by default x11vnc will not process -any of the user input events. If you prefix \fIcmd\fR -with "tee:" it will both send them to the pipe -command and process them. For a description of the -format run "\fB-pipeinput\fR \fItee:/bin/cat\fR". Another prefix -is "reopen" which means to reopen pipe if it exits. -Separate multiple prefixes with commas. +This option lets you supply an external command in +\fIcmd\fR that x11vnc will pipe all of the user input +events to in a simple format. In \fB-pipeinput\fR mode by +default x11vnc will not process any of the user input +events. If you prefix \fIcmd\fR with "tee:" it will +both send them to the pipe command and process them. +For a description of the format run "-pipeinput +tee:/bin/cat". Another prefix is "reopen" which +means to reopen pipe if it exits. Separate multiple +prefixes with commas. .IP In combination with \fB-rawfb\fR one might be able to do amusing things (e.g. control non-X devices). diff --git a/x11vnc/x11vnc.c b/x11vnc/x11vnc.c index f81493d..e43c87f 100644 --- a/x11vnc/x11vnc.c +++ b/x11vnc/x11vnc.c @@ -431,7 +431,21 @@ static void watch_loop(void) { unixpw_in_rfbPE = 1; - rfbPE(-1); + /* + * do a few more since a key press may + * have induced a small change we want to + * see quickly (just 1 rfbPE will likely + * only process the subsequent "up" event) + */ + if (tm < last_keyboard_time + 0.16) { + rfbPE(0); + rfbPE(0); + rfbPE(-1); + rfbPE(0); + rfbPE(0); + } else { + rfbPE(-1); + } unixpw_in_rfbPE = 0; diff --git a/x11vnc/x11vnc.h b/x11vnc/x11vnc.h index fb2c6d1..6d518d6 100644 --- a/x11vnc/x11vnc.h +++ b/x11vnc/x11vnc.h @@ -450,6 +450,8 @@ extern double last_copyrect_fix; extern double servertime_diff; extern double x11vnc_start; +extern int hack_val; + /* last client to move pointer */ extern rfbClientPtr last_pointer_client; diff --git a/x11vnc/x11vnc_defs.c b/x11vnc/x11vnc_defs.c index fd14ea8..16c5e53 100644 --- a/x11vnc/x11vnc_defs.c +++ b/x11vnc/x11vnc_defs.c @@ -15,7 +15,7 @@ int xtrap_base_event_type = 0; int xdamage_base_event_type = 0; /* date +'lastmod: %Y-%m-%d' */ -char lastmod[] = "0.8.3 lastmod: 2006-09-10"; +char lastmod[] = "0.8.3 lastmod: 2006-09-13"; /* X display info */ @@ -123,6 +123,8 @@ double last_copyrect_fix = 0.0; double servertime_diff = 0.0; double x11vnc_start = 0.0; +int hack_val = 0; + /* last client to move pointer */ rfbClientPtr last_pointer_client = NULL; |