From 6fbba525a924961083bf2e43bb841bd15671f526 Mon Sep 17 00:00:00 2001 From: runge Date: Sat, 22 Nov 2008 18:36:33 +0000 Subject: x11vnc: x11vnc.desktop file. -reopen, -dhparams, -sslCRL, -setdefer options. -rfbport PROMPT VeNCrypt and TLSVNC SSL/TLS encryption support. Tweaks to choose_delay() algorithm. -ssl ANON anonymouse Diffie-Hellman mode. Fix bugs in certs management. Additions to tray=setpass naive user mode. --- x11vnc/sslcmds.c | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) (limited to 'x11vnc/sslcmds.c') diff --git a/x11vnc/sslcmds.c b/x11vnc/sslcmds.c index d1ed95c..127a133 100644 --- a/x11vnc/sslcmds.c +++ b/x11vnc/sslcmds.c @@ -15,10 +15,6 @@ #endif #endif -#ifdef NO_SSL_OR_UNIXPW -#undef SSLCMDS -#endif - void check_stunnel(void); int start_stunnel(int stunnel_port, int x11vnc_port); @@ -64,6 +60,7 @@ int start_stunnel(int stunnel_port, int x11vnc_port) { char *path, *p, *exe; char *stunnel_path = NULL; struct stat verify_buf; + struct stat crl_buf; int status; if (stunnel_pid) { @@ -146,6 +143,12 @@ int start_stunnel(int stunnel_port, int x11vnc_port) { clean_up_exit(1); } } + if (ssl_crl) { + if (stat(ssl_crl, &crl_buf) != 0) { + rfbLog("stunnel: %s does not exist.\n", ssl_crl); + clean_up_exit(1); + } + } stunnel_pid = fork(); @@ -180,6 +183,11 @@ int start_stunnel(int stunnel_port, int x11vnc_port) { a = "-A"; } } + + if (ssl_crl) { + rfbLog("stunnel: stunnel3 does not support CRL. %s\n", ssl_crl); + clean_up_exit(1); + } if (stunnel_pem && ssl_verify) { /* XXX double check -v 2 */ @@ -210,6 +218,13 @@ int start_stunnel(int stunnel_port, int x11vnc_port) { if (stunnel_pem) { fprintf(in, "cert = %s\n", stunnel_pem); } + if (ssl_crl) { + if(S_ISDIR(crl_buf.st_mode)) { + fprintf(in, "CRLpath = %s\n", ssl_crl); + } else { + fprintf(in, "CRLfile = %s\n", ssl_crl); + } + } if (ssl_verify) { if(S_ISDIR(verify_buf.st_mode)) { fprintf(in, "CApath = %s\n", ssl_verify); -- cgit v1.2.1