From d11b2abd8cf4d9afb1257695f8be1125d5625a65 Mon Sep 17 00:00:00 2001 From: runge Date: Sun, 14 Jun 2009 19:00:09 -0400 Subject: X11VNC_REFLECT_PASSWORD env. var., warning about compiz, improve single-port. --- x11vnc/ChangeLog | 5 +++ x11vnc/README | 30 ++++++++++--- x11vnc/connections.c | 12 +++-- x11vnc/help.c | 5 +++ x11vnc/screen.c | 37 +++++++++++++++ x11vnc/sslhelper.c | 124 ++++++++++++++++++++++++++++++++++++++------------- x11vnc/x11vnc.1 | 9 +++- x11vnc/x11vnc.c | 5 +++ x11vnc/x11vnc_defs.c | 2 +- 9 files changed, 185 insertions(+), 44 deletions(-) (limited to 'x11vnc') diff --git a/x11vnc/ChangeLog b/x11vnc/ChangeLog index e3b59bb..bff166a 100644 --- a/x11vnc/ChangeLog +++ b/x11vnc/ChangeLog @@ -1,3 +1,8 @@ +2009-06-14 Karl Runge + * x11vnc: Add X11VNC_REFLECT_PASSWORD env. var. for -reflect mode. + Message to user about compiz problems suggesting -noxdamage. + Improvements to single-port detection and logging. + 2009-05-21 Karl Runge * x11vnc: Thread safety improvements. Add 'OpenOffice' to special case list for scroll detection. Fix -clip mode under -rawfb. diff --git a/x11vnc/README b/x11vnc/README index 651ea1f..5426bf6 100644 --- a/x11vnc/README +++ b/x11vnc/README @@ -2,7 +2,7 @@ Copyright (C) 2002-2009 Karl J. Runge All rights reserved. -x11vnc README file Date: Thu May 21 10:41:49 EDT 2009 +x11vnc README file Date: Sun Jun 14 13:03:59 EDT 2009 The following information is taken from these URLs: @@ -3222,6 +3222,13 @@ TrueColor defdepth 24 and finally supply the [222]-noshm option (this enables the polling over the network). + If the Xterminal's X display is open to the network for connections, + you might use something like "-display xterm123:0". If you are trying + to do this via an SSH tunnel (assuming you can actually ssh into the + Xterminal) it will be a little tricky (either use the ssh "-R" option + or consider ssh-ing in the other direction.) In all cases the X11 + permissions need to allow the connection. + The response will likely be sluggish (maybe only one "frame" per second). This mode is not recommended except for "quick checks" of hard to get to X servers. Use something like "-wait 150" to cut down @@ -9375,7 +9382,7 @@ References 462. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc 463. http://www.karlrunge.com/x11vnc/Xdummy 464. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 465. http://www.isc.cnrs.fr/informatique/public_notice/x11vnc + 465. http://www.karlrunge.com/x11vnc/xdm_one_shot.html 466. http://www.karlrunge.com/x11vnc/faq.html#infaq_display-manager-continuously 467. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay 468. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT @@ -11655,6 +11662,10 @@ Enhanced TightVNC Viewer (SSVNC: SSL/SSH VNC viewer) inside the viewport via Arrow keys or a mouse drag. * Scrollbar width setting: -sbwidth n, the default is very thin, 2 pixels, for less distracting -ycrop usage. + * Selection text sending and receiving can be fine-tuned with the + -sendclipboard, -sendalways, and -recvtext options. + * TightVNC compression and quality levels are automatically set + based on observed network latency (n.b. not bandwidth.) * Improvements to the [29]Popup menu, all of these can now be changed dynamically via the menu: ViewOnly, Toggle Bell, CursorShape updates, X11 Cursor, Cursor Alphablending, Toggle @@ -12307,6 +12318,8 @@ r Quality Level ~ -quality (both Tight and ZYWRLE) Compress Level ~ -compresslevel Disable JPEG: ~ -nojpeg (Tight) + Pipeline Updates ~ -pipeline + Full Color as many colors as local screen allows. Grey scale (16 & 8-bpp) ~ -grey, for low colors 16/8bpp modes only. 16 bit color (BGR565) ~ -16bpp / -bgr565 @@ -12320,7 +12333,6 @@ r Set Y Crop (y-max) ~ -ycrop Set Scrollbar Width ~ -sbwidth XGrabServer ~ -graball - Pipeline Updates ~ -pipeline UltraVNC Extensions: @@ -12335,6 +12347,9 @@ r Note: the Ultravnc extensions only apply to servers that support them. x11vnc/libvncserver supports some of them. + Send Clipboard not Primary ~ -sendclipboard + Send Selection Every time ~ -sendalways + Nearly all of these can be changed dynamically in the Popup menu (press F8 for it): @@ -12598,7 +12613,7 @@ x11vnc: a VNC server for real X displays Here are all of x11vnc command line options: % x11vnc -opts (see below for -help long descriptions) -x11vnc: allow VNC connections to real X11 displays. 0.9.8 lastmod: 2009-05-18 +x11vnc: allow VNC connections to real X11 displays. 0.9.8 lastmod: 2009-06-14 x11vnc options: -display disp -auth file -N @@ -12723,7 +12738,7 @@ libvncserver-tight-extension options: % x11vnc -help -x11vnc: allow VNC connections to real X11 displays. 0.9.8 lastmod: 2009-05-18 +x11vnc: allow VNC connections to real X11 displays. 0.9.8 lastmod: 2009-06-14 (type "x11vnc -opts" to just list the options.) @@ -16696,6 +16711,11 @@ t window dragging. Consider the -nodragging option if the problem is severe. + The env. var. X11VNC_REFLECT_PASSWORD can be set to + the password needed to log into the vnc host server, or + to "file:path_to_file" to indicate a file containing + the password as its first line. + The VNC HOST mode implies -shared. Use -noshared as a subsequent cmdline option to disable sharing. diff --git a/x11vnc/connections.c b/x11vnc/connections.c index b0fa11a..8c3e474 100644 --- a/x11vnc/connections.c +++ b/x11vnc/connections.c @@ -817,7 +817,10 @@ void client_gone(rfbClientPtr client) { rfbLog("connect_once: invalid password or early " "disconnect.\n"); rfbLog("connect_once: waiting for next connection.\n"); - accepted_client = 0; + accepted_client--; + if (accepted_client < 0) { + accepted_client = 0; + } CLIENT_UNLOCK; return; } @@ -2995,8 +2998,8 @@ enum rfbNewClientAction new_client(rfbClientPtr client) { if (connect_once) { if (screen->dontDisconnect && screen->neverShared) { if (! shared && accepted_client) { - rfbLog("denying additional client: %s\n", - client->host); + rfbLog("denying additional client: %s:%d\n", + client->host, get_remote_port(client->sock)); CLIENT_UNLOCK; return(RFB_CLIENT_REFUSE); } @@ -3095,7 +3098,8 @@ enum rfbNewClientAction new_client(rfbClientPtr client) { cd->cmp_bytes_sent = 0; cd->raw_bytes_sent = 0; - accepted_client = 1; + rfbLog("incr accepted_client for %s:%d.\n", client->host, get_remote_port(client->sock)); + accepted_client++; last_client = time(NULL); if (ncache) { diff --git a/x11vnc/help.c b/x11vnc/help.c index 824028b..0d28f28 100644 --- a/x11vnc/help.c +++ b/x11vnc/help.c @@ -4031,6 +4031,11 @@ void print_help(int mode) { " window dragging. Consider the -nodragging option if\n" " the problem is severe.\n" "\n" +" The env. var. X11VNC_REFLECT_PASSWORD can be set to\n" +" the password needed to log into the vnc host server, or\n" +" to \"file:path_to_file\" to indicate a file containing\n" +" the password as its first line.\n" +"\n" " The VNC HOST mode implies -shared. Use -noshared as\n" " a subsequent cmdline option to disable sharing.\n" "\n" diff --git a/x11vnc/screen.c b/x11vnc/screen.c index 8c2779c..71f4462 100644 --- a/x11vnc/screen.c +++ b/x11vnc/screen.c @@ -1175,6 +1175,39 @@ rfbBool vnc_reflect_resize(rfbClient *cl) { return cl->frameBuffer ? TRUE : FALSE; } +static char* vnc_reflect_get_password(rfbClient* client) { + char *q, *p, *str = getenv("X11VNC_REFLECT_PASSWORD"); + int len = 110; + + if (str) { + len += 2*strlen(str); + } + p = (char *) calloc(len, 1); + if (!str || strlen(str) == 0) { + fprintf(stderr, "VNC Reflect Password: "); + fgets(p, 100, stdin); + } else { + if (strstr(str, "file:") == str) { + FILE *f = fopen(str + strlen("file:"), "r"); + if (f) { + fgets(p, 100, f); + fclose(f); + } + } + if (p[0] == '\0') { + strncpy(p, str, 100); + } + } + q = p; + while (*q != '\0') { + if (*q == '\n') { + *q = '\0'; + } + q++; + } + return p; +} + char *vnc_reflect_guess(char *str, char **raw_fb_addr) { static int first = 1; @@ -1206,6 +1239,10 @@ char *vnc_reflect_guess(char *str, char **raw_fb_addr) { client->canHandleNewFBSize = TRUE; client->GotFrameBufferUpdate = vnc_reflect_got_update; + if (getenv("X11VNC_REFLECT_PASSWORD")) { + client->GetPassword = vnc_reflect_get_password; + } + if (first) { argv[argc++] = "x11vnc_rawfb_vnc"; if (strstr(hp, "listen") == hp) { diff --git a/x11vnc/sslhelper.c b/x11vnc/sslhelper.c index 39ab41c..89a4da7 100644 --- a/x11vnc/sslhelper.c +++ b/x11vnc/sslhelper.c @@ -124,7 +124,7 @@ static void init_prng(void); static void sslerrexit(void); static char *get_input(char *tag, char **in); static char *create_tmp_pem(char *path, int prompt); -static int ssl_init(int s_in, int s_out, int skip_vnc_tls); +static int ssl_init(int s_in, int s_out, int skip_vnc_tls, double last_https); static void ssl_xfer(int csock, int s_in, int s_out, int is_https); #ifndef FORK_OK @@ -1397,7 +1397,7 @@ if (db) fprintf(stderr, " waitret1=%d\n", wret); } } -static int is_ssl_readable(int s_in, time_t last_https, char *last_get, +static int is_ssl_readable(int s_in, double last_https, char *last_get, int mode) { int nfd, db = 0; struct timeval tv; @@ -1427,7 +1427,7 @@ static int is_ssl_readable(int s_in, time_t last_https, char *last_get, * increase the timeout if we know HTTP traffic has occurred * recently: */ - if (time(NULL) < last_https + 30) { + if (dnow() < last_https + 30.0) { tv.tv_sec = 10; if (last_get && strstr(last_get, "VncViewer")) { tv.tv_sec = 5; @@ -1613,7 +1613,7 @@ int proxy_hack(int vncsock, int listen, int s_in, int s_out, char *cookie, if (db) fprintf(stderr, "got applet input sock1: %d\n", sock1); - if (! ssl_init(sock1, sock1, 0)) { + if (! ssl_init(sock1, sock1, 0, 0.0)) { if (db) fprintf(stderr, "ssl_init FAILED\n"); exit(1); } @@ -1789,7 +1789,7 @@ void accept_openssl(int mode, int presock) { char cookie[256], rcookie[256], *name = NULL; int vencrypt_sel = 0; int anontls_sel = 0; - static time_t last_https = 0; + static double last_https = 0.0; static char last_get[256]; static int first = 1; unsigned char *rb; @@ -1972,6 +1972,11 @@ void accept_openssl(int mode, int presock) { /* now fork the child to handle the SSL: */ pid = fork(); + if (pid > 0) { + rfbLog("SSL: helper for peerport %d is pid %d: \n", + peerport, (int) pid); + } + if (pid < 0) { rfbLog("SSL: accept_openssl: could not fork.\n"); rfbLogPerror("fork"); @@ -2023,6 +2028,7 @@ void accept_openssl(int mode, int presock) { if (vncsock < 0) { rfbLog("SSL: ssl_helper[%d]: could not connect" " back to: %d\n", getpid(), cport); + rfbLog("SSL: ssl_helper[%d]: exit case 1 (no local vncsock)\n", getpid()); exit(1); } if (db) fprintf(stderr, "vncsock %d\n", vncsock); @@ -2036,8 +2042,9 @@ void accept_openssl(int mode, int presock) { s_in = s_out = sock; } - if (! ssl_init(s_in, s_out, skip_vnc_tls)) { + if (! ssl_init(s_in, s_out, skip_vnc_tls, last_https)) { close(vncsock); + rfbLog("SSL: ssl_helper[%d]: exit case 2 (ssl_init failed)\n", getpid()); exit(1); } @@ -2075,6 +2082,7 @@ void accept_openssl(int mode, int presock) { rfbLog("SSL: accept_openssl[%d]: no httpd socket for " "-https mode\n", getpid()); close(vncsock); + rfbLog("SSL: ssl_helper[%d]: exit case 3 (no httpd sock)\n", getpid()); exit(1); } @@ -2186,6 +2194,7 @@ void accept_openssl(int mode, int presock) { write(vncsock, tbuf, strlen(tbuf)); close(vncsock); + rfbLog("SSL: ssl_helper[%d]: exit case 4 (check.https.proxy.connection)\n", getpid()); exit(0); } connect_to_httpd: @@ -2282,6 +2291,7 @@ void accept_openssl(int mode, int presock) { if (httpsock < 0) { /* UGH, after all of that! */ rfbLog("Could not connect to httpd socket!\n"); + rfbLog("SSL: ssl_helper[%d]: exit case 5.\n", getpid()); exit(1); } if (db) fprintf(stderr, "ssl_helper[%d]: httpsock: %d %d\n", @@ -2296,6 +2306,7 @@ void accept_openssl(int mode, int presock) { write(httpsock, buf, n); } ssl_xfer(httpsock, s_in, s_out, is_http); + rfbLog("SSL: ssl_helper[%d]: exit case 6 (https ssl_xfer done)\n", getpid()); exit(0); } @@ -2311,6 +2322,7 @@ void accept_openssl(int mode, int presock) { wrote_cookie: ssl_xfer(vncsock, s_in, s_out, 0); + rfbLog("SSL: ssl_helper[%d]: exit case 7 (ssl_xfer done)\n", getpid()); exit(0); } /* parent here */ @@ -2333,7 +2345,7 @@ void accept_openssl(int mode, int presock) { if (vsock < 0) { - rfbLog("SSL: accept_openssl: connection from ssl_helper FAILED.\n"); + rfbLog("SSL: accept_openssl: connection from ssl_helper[%d] FAILED.\n", pid); rfbLogPerror("accept"); kill(pid, SIGTERM); @@ -2441,15 +2453,15 @@ void accept_openssl(int mode, int presock) { } if (n != (int) strlen(cookie) || strncmp(cookie, rcookie, n)) { - rfbLog("SSL: accept_openssl: cookie from ssl_helper FAILED. %d\n", n); + rfbLog("SSL: accept_openssl: cookie from ssl_helper[%d] FAILED. %d\n", pid, n); if (db) fprintf(stderr, "'%s'\n'%s'\n", cookie, rcookie); close(vsock); if (strstr(rcookie, uniq) == rcookie) { int i; - rfbLog("SSL: BUT WAIT! HTTPS for helper process succeeded. Good.\n"); + rfbLog("SSL: BUT WAIT! HTTPS for helper process[%d] succeeded. Good.\n", pid); if (mode != OPENSSL_HTTPS) { - last_https = time(NULL); + last_https = dnow(); for (i=0; i<256; i++) { last_get[i] = '\0'; } @@ -2470,6 +2482,7 @@ void accept_openssl(int mode, int presock) { double start; int origport = screen->port; int useport = screen->port; + int saw_httpsock = 0; /* to expand $PORT correctly in index.vnc */ if (https_port_redir < 0) { char *q = strstr(rcookie, "HP="); @@ -2489,23 +2502,34 @@ void accept_openssl(int mode, int presock) { start = dnow(); while (dnow() < start + 10.0) { + if (screen->httpSock >= 0) saw_httpsock = 1; rfbPE(10000); usleep(10000); + if (screen->httpSock >= 0) saw_httpsock = 1; waitpid(pid, &status, WNOHANG); if (kill(pid, 0) != 0) { rfbPE(10000); rfbPE(10000); break; } + if (saw_httpsock && screen->httpSock < 0) { + rfbLog("SSL: httpSock for helper[%d] went away\n", pid); + rfbPE(10000); + rfbPE(10000); + break; + } } screen->port = origport; - rfbLog("SSL: guessing child https finished.\n"); + rfbLog("SSL: guessing child helper[%d] https finished. dt=%.6f\n", + pid, dnow() - start); ssl_helper_pid(0, -2); if (mode == OPENSSL_INETD) { clean_up_exit(1); } } else if (mode == OPENSSL_INETD) { double start; + int saw_httpsock = 0; + /* to expand $PORT correctly in index.vnc */ if (screen->port == 0) { int fd = fileno(stdin); @@ -2524,17 +2548,26 @@ void accept_openssl(int mode, int presock) { /* kludge for https fetch via inetd */ start = dnow(); while (dnow() < start + 10.0) { + if (screen->httpSock >= 0) saw_httpsock = 1; rfbPE(10000); usleep(10000); + if (screen->httpSock >= 0) saw_httpsock = 1; waitpid(pid, &status, WNOHANG); if (kill(pid, 0) != 0) { rfbPE(10000); rfbPE(10000); break; } + if (saw_httpsock && screen->httpSock < 0) { + rfbLog("SSL: httpSock for helper[%d] went away\n", pid); + rfbPE(10000); + rfbPE(10000); + break; + } } rfbLog("SSL: OPENSSL_INETD guessing " - "child https finished.\n"); + "child helper[%d] https finished. dt=%.6f\n", + pid, dnow() - start); ssl_helper_pid(0, -2); clean_up_exit(1); } @@ -2554,7 +2587,7 @@ void accept_openssl(int mode, int presock) { if (db) fprintf(stderr, "accept_openssl: cookie good: %s\n", cookie); - rfbLog("SSL: handshake with helper process succeeded.\n"); + rfbLog("SSL: handshake with helper process[%d] succeeded.\n", pid); openssl_last_helper_pid = pid; ssl_helper_pid(pid, vsock); @@ -3006,8 +3039,8 @@ static int vencrypt_dialog(int s_in, int s_out) { return 1; } -static int check_vnc_tls_mode(int s_in, int s_out) { - double waited = 0.0, dt = 0.01, start = dnow(); +static int check_vnc_tls_mode(int s_in, int s_out, double last_https) { + double waited = 0.0, waitmax = 1.4, dt = 0.01, start = dnow(); struct timeval tv; int input = 0, i, n, ok; int major, minor, sectype = -1; @@ -3038,7 +3071,20 @@ static int check_vnc_tls_mode(int s_in, int s_out) { return 1; } - while (waited < 1.1) { + if (last_https > 0.0) { + double now = dnow(); + if (now < last_https + 5.0) { + waitmax = 20.0; + } else if (now < last_https + 15.0) { + waitmax = 10.0; + } else if (now < last_https + 30.0) { + waitmax = 5.0; + } else if (now < last_https + 60.0) { + waitmax = 2.5; + } + } + + while (waited < waitmax) { fd_set rfds; FD_ZERO(&rfds); FD_SET(s_in, &rfds); @@ -3052,7 +3098,8 @@ static int check_vnc_tls_mode(int s_in, int s_out) { usleep((int) (1000 * 1000 * dt)); waited += dt; } - rfbLog("check_vnc_tls_mode: waited: %f input: %s\n", dnow() - start, input ? "SSL Handshake" : "(future) RFB Handshake"); + rfbLog("check_vnc_tls_mode: waited: %f / %.2f input: %s\n", + dnow() - start, waitmax, input ? "SSL Handshake" : "(future) RFB Handshake"); if (input) { /* got SSL client hello, can only assume normal SSL */ @@ -3079,7 +3126,7 @@ static int check_vnc_tls_mode(int s_in, int s_out) { int i; rfbLog("check_vnc_tls_mode: abnormal handshake: '%s'\nbytes: ", buf); for (i=0; i < 12; i++) { - fprintf(stderr, "%x.", (int) buf[i]); + fprintf(stderr, "%d.", (unsigned char) buf[i]); } fprintf(stderr, "\n"); close(s_in); close(s_out); @@ -3197,7 +3244,7 @@ static void ssl_timeout (int sig) { exit(1); } -static int ssl_init(int s_in, int s_out, int skip_vnc_tls) { +static int ssl_init(int s_in, int s_out, int skip_vnc_tls, double last_https) { unsigned char *sid = (unsigned char *) "x11vnc SID"; char *name = NULL; int peerport = 0; @@ -3220,7 +3267,7 @@ static int ssl_init(int s_in, int s_out, int skip_vnc_tls) { if (skip_vnc_tls) { rfbLog("SSL: ssl_helper[%d]: HTTPS mode, skipping check_vnc_tls_mode()\n", getpid()); - } else if (!check_vnc_tls_mode(s_in, s_out)) { + } else if (!check_vnc_tls_mode(s_in, s_out, last_https)) { return 0; } @@ -3419,7 +3466,7 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) { * time), but we also want the timeout shorter at the beginning * in case the client went away. */ - time_t start; + double start, now; int tv_https_early = 60; int tv_https_later = 20; int tv_vnc_early = 40; @@ -3442,13 +3489,14 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) { } return; } + if (getenv("SSL_DEBUG")) { db = atoi(getenv("SSL_DEBUG")); } if (db) fprintf(stderr, "ssl_xfer begin\n"); - start = time(NULL); + start = dnow(); if (is_https) { tv_use = tv_https_early; } else { @@ -3567,7 +3615,8 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) { } } - if (tv_cutover && time(NULL) > start + tv_cutover) { + now = dnow(); + if (tv_cutover && now > start + tv_cutover) { rfbLog("SSL: ssl_xfer[%d]: tv_cutover: %d\n", getpid(), tv_cutover); tv_cutover = 0; @@ -3589,6 +3638,7 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) { closing = 1; tv_use = tv_closing; } + tv.tv_sec = tv_use; tv.tv_usec = 0; @@ -3603,11 +3653,13 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) { if (db > 1) fprintf(stderr, "nfd: %d\n", nfd); +if (0) fprintf(stderr, "nfd[%d]: %d w/r csock: %d %d s_in: %d %d\n", getpid(), nfd, FD_ISSET(csock, &wr), FD_ISSET(csock, &rd), FD_ISSET(s_out, &wr), FD_ISSET(s_in, &rd)); + if (nfd < 0) { rfbLog("SSL: ssl_xfer[%d]: select error: %d\n", getpid(), nfd); perror("select"); /* connection finished */ - return; + goto done; } if (nfd == 0) { @@ -3623,7 +3675,7 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) { rfbLog("SSL: ssl_xfer[%d]: connection timedout. %d tv_use: %d\n", getpid(), ndata, tv_use); /* connection finished */ - return; + goto done; } /* used to see if SSL_pending() should be checked: */ @@ -3638,12 +3690,12 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) { if (n < 0) { if (errno != EINTR) { /* connection finished */ - return; + goto done; } /* proceed */ } else if (n == 0) { /* connection finished XXX double check */ - return; + goto done; } else { /* shift over the data in sbuf by n */ memmove(sbuf, sbuf + n, sptr - n); @@ -3691,7 +3743,7 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) { } else if (err == SSL_ERROR_SYSCALL) { if (n < 0 && errno != EINTR) { /* connection finished */ - return; + goto done; } /* proceed */ } else if (err == SSL_ERROR_ZERO_RETURN) { @@ -3700,7 +3752,7 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) { s_wr = 0; } else if (err == SSL_ERROR_SSL) { /* connection finished */ - return; + goto done; } } } @@ -3715,7 +3767,7 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) { if (n < 0) { if (errno != EINTR) { /* connection finished */ - return; + goto done; } /* proceed */ } else if (n == 0) { @@ -3760,7 +3812,7 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) { if (n < 0) { if(errno != EINTR) { /* connection finished */ - return; + goto done; } /* proceed */ } else { @@ -3783,11 +3835,19 @@ static void ssl_xfer(int csock, int s_in, int s_out, int is_https) { } } else if (err == SSL_ERROR_SSL) { /* connection finished */ - return; + goto done; } } } } + + done: + rfbLog("SSL: ssl_xfer[%d]: closing sockets %d, %d, %d\n", + getpid(), csock, s_in, s_out); + close(csock); + close(s_in); + close(s_out); + return; } void check_openssl(void) { diff --git a/x11vnc/x11vnc.1 b/x11vnc/x11vnc.1 index fcb499b..802c94b 100644 --- a/x11vnc/x11vnc.1 +++ b/x11vnc/x11vnc.1 @@ -1,8 +1,8 @@ .\" This file was automatically generated from x11vnc -help output. -.TH X11VNC "1" "May 2009" "x11vnc " "User Commands" +.TH X11VNC "1" "June 2009" "x11vnc " "User Commands" .SH NAME x11vnc - allow VNC connections to real X11 displays - version: 0.9.8, lastmod: 2009-05-18 + version: 0.9.8, lastmod: 2009-06-14 .SH SYNOPSIS .B x11vnc [OPTION]... @@ -4632,6 +4632,11 @@ wireframing that gives much better response than opaque window dragging. Consider the \fB-nodragging\fR option if the problem is severe. .IP +The env. var. X11VNC_REFLECT_PASSWORD can be set to +the password needed to log into the vnc host server, or +to "file:path_to_file" to indicate a file containing +the password as its first line. +.IP The VNC HOST mode implies \fB-shared.\fR Use \fB-noshared\fR as a subsequent cmdline option to disable sharing. .PP diff --git a/x11vnc/x11vnc.c b/x11vnc/x11vnc.c index bbe3e21..95e042c 100644 --- a/x11vnc/x11vnc.c +++ b/x11vnc/x11vnc.c @@ -4785,6 +4785,11 @@ if (0) fprintf(stderr, "XA: %s\n", getenv("XAUTHORITY")); if (! quiet && xdamage_present && use_xdamage && ! raw_fb_str) { rfbLog("X DAMAGE available on display, using it for polling hints.\n"); rfbLog(" To disable this behavior use: '-noxdamage'\n"); + rfbLog("\n"); + rfbLog(" Most compositing window managers like 'compiz' or 'beryl'\n"); + rfbLog(" cause X DAMAGE to fail, and so you may not see any screen\n"); + rfbLog(" updates via VNC. Either disable 'compiz' (recommended) or\n"); + rfbLog(" supply the x11vnc '-noxdamage' command line option.\n"); } if (! quiet && wireframe && ! raw_fb_str) { diff --git a/x11vnc/x11vnc_defs.c b/x11vnc/x11vnc_defs.c index 6e0d3df..34817e4 100644 --- a/x11vnc/x11vnc_defs.c +++ b/x11vnc/x11vnc_defs.c @@ -47,7 +47,7 @@ int xtrap_base_event_type = 0; int xdamage_base_event_type = 0; /* date +'lastmod: %Y-%m-%d' */ -char lastmod[] = "0.9.8 lastmod: 2009-05-18"; +char lastmod[] = "0.9.8 lastmod: 2009-06-14"; /* X display info */ -- cgit v1.2.1