summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorrunge <runge>2007-05-26 23:22:48 +0000
committerrunge <runge>2007-05-26 23:22:48 +0000
commit7fffc5d3b41565d7ff43cf582c00cee1bdf76474 (patch)
tree4b54a24366182e80f7f44a9f7ecfc9019769750b
parentcb227d4b693333389907efe91c4627badd4b5f20 (diff)
downloadlibtdevnc-7fffc5d3.tar.gz
libtdevnc-7fffc5d3.zip
x11vnc: in -unixpw, initial Escape means no echo username.
-rw-r--r--prepare_x11vnc_dist.sh2
-rw-r--r--x11vnc/ChangeLog4
-rw-r--r--x11vnc/README180
-rw-r--r--x11vnc/help.c40
-rw-r--r--x11vnc/options.c4
-rw-r--r--x11vnc/unixpw.c17
-rw-r--r--x11vnc/x11vnc.140
-rw-r--r--x11vnc/x11vnc_defs.c2
8 files changed, 187 insertions, 102 deletions
diff --git a/prepare_x11vnc_dist.sh b/prepare_x11vnc_dist.sh
index 45f600a..3c83215 100644
--- a/prepare_x11vnc_dist.sh
+++ b/prepare_x11vnc_dist.sh
@@ -1,6 +1,6 @@
#!/bin/bash
-VERSION="0.9.1"
+VERSION="0.9.2"
cd "$(dirname "$0")"
diff --git a/x11vnc/ChangeLog b/x11vnc/ChangeLog
index c44e212..f542281 100644
--- a/x11vnc/ChangeLog
+++ b/x11vnc/ChangeLog
@@ -1,3 +1,7 @@
+2007-05-26 Karl Runge <runge@karlrunge.com>
+ * x11vnc: set to version 0.9.2, back to NCACHE -12 for testing.
+ in -unixpw, initial Escape means no echo username (see ssvnc).
+
2007-05-21 Karl Runge <runge@karlrunge.com>
* x11vnc: set things up (NCACHE = -1) to not have -ncache
on by default; just give a blurb about it.
diff --git a/x11vnc/README b/x11vnc/README
index d31abaf..e0e2645 100644
--- a/x11vnc/README
+++ b/x11vnc/README
@@ -1,5 +1,5 @@
-x11vnc README file Date: Mon May 21 17:57:42 EDT 2007
+x11vnc README file Date: Sat May 26 19:09:57 EDT 2007
The following information is taken from these URLs:
@@ -398,12 +398,12 @@ vncviewer -via $host localhost:0 # must be TightVNC vncviewer.
SourceForge.net. I use libvncserver for all of the VNC aspects; I
couldn't have done without it. The full source code may be found and
downloaded (either file-release tarball or CVS tree) from the above
- link. As of Apr 2007, the [70]x11vnc-0.9.tar.gz source package is
- released (recommended download). The [71]x11vnc 0.9 release notes.
+ link. As of May 2007, the [70]x11vnc-0.9.1.tar.gz source package is
+ released (recommended download). The [71]x11vnc 0.9.1 release notes.
The x11vnc package is the subset of the libvncserver package needed to
build the x11vnc program. Also, you can get a copy of my latest,
- bleeding edge [72]x11vnc-0.9.1.tar.gz tarball to build the most up to
+ bleeding edge [72]x11vnc-0.9.2.tar.gz tarball to build the most up to
date one.
Precompiled Binaries/Packages: See the [73]FAQ below for information
@@ -436,13 +436,13 @@ vncviewer -via $host localhost:0 # must be TightVNC vncviewer.
Building x11vnc:
If your OS has libjpeg.so and libz.so in standard locations you can
- build as follows (example given for the 0.9 release of x11vnc: replace
- with the version you downloaded):
+ build as follows (example given for the 0.9.1 release of x11vnc:
+ replace with the version you downloaded):
(un-tar the x11vnc+libvncserver tarball)
-# gzip -dc x11vnc-0.9.tar.gz | tar -xvf -
+# gzip -dc x11vnc-0.9.1.tar.gz | tar -xvf -
(cd to the source directory)
-# cd x11vnc-0.9
+# cd x11vnc-0.9.1
(run configure and then run make)
# ./configure
@@ -658,14 +658,14 @@ make
I don't have any formal beta-testers for the releases of x11vnc, so
I'd appreciate any additional testing very much.
- Thanks to those who suggested features and helped beta test x11vnc 0.9
- released in Apr 2007!
+ Thanks to those who suggested features and helped beta test x11vnc
+ 0.9.1 released in May 2007!
- Please help test and debug the 0.9.1 version for release sometime in
+ Please help test and debug the 0.9.2 version for release sometime in
Summer 2007.
- The version 0.9.1 beta tarball is kept here:
- [91]x11vnc-0.9.1.tar.gz
+ The version 0.9.2 beta tarball is kept here:
+ [91]x11vnc-0.9.2.tar.gz
There are also some Linux, Solaris, Mac OS X, and other OS test
binaries [92]here. Please kick the tires and report bugs, performance
@@ -680,7 +680,7 @@ make
[97]Enhanced TightVNC Viewer (SSVNC) page.
- Here are some features that will appear in the 0.9.1 release:
+ Here are some features that will appear in the 0.9.2 release:
* [98]Viewer-side pixmap caching. This one will benefit from much
testing. A large area of pixels (at least 2-3 times as big as the
framebuffer itself; the bigger the better... default is 12X) is
@@ -692,6 +692,9 @@ make
"-ncache 12". The unix Enhanced TightVNC Viewer [99]ssvnc has a
nice [100]-ycrop option to help hide the pixel cache area from
view.
+
+
+ Here are some features that appeared in the 0.9.1 release:
* The [101]UltraVNC Java viewer has been enhanced to support SSL (as
the TightVNC viewer had been previously). The UltraVNC Java
supports ultravnc filetransfer, and so can be used as a VNC viewer
@@ -6675,7 +6678,7 @@ EndSection
Building: If you don't have the X11 build and runtime packages
installed you will need to build it like this:
- (cd to the x11vnc-0.9, etc, source directory)
+ (cd to the e.g. x11vnc-0.9, source directory)
./configure --without-x
make
@@ -7551,9 +7554,9 @@ References
67. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-int
68. http://www.karlrunge.com/x11vnc/ssvnc.html
69. http://sourceforge.net/projects/libvncserver/
- 70. http://sourceforge.net/project/showfiles.php?group_id=32584&package_id=119006&release_id=502277
- 71. http://sourceforge.net/project/shownotes.php?group_id=32584&release_id=502277
- 72. http://www.karlrunge.com/x11vnc/x11vnc-0.9.1.tar.gz
+ 70. http://sourceforge.net/project/showfiles.php?group_id=32584&package_id=119006&release_id=510888
+ 71. http://sourceforge.net/project/shownotes.php?release_id=510888&group_id=32584
+ 72. http://www.karlrunge.com/x11vnc/x11vnc-0.9.2.tar.gz
73. http://www.karlrunge.com/x11vnc/index.html#faq-binaries
74. http://www.tightvnc.com/download.html
75. http://www.realvnc.com/download-free.html
@@ -7572,7 +7575,7 @@ References
88. http://www.karlrunge.com/x11vnc/index.html#faq-solaris251build
89. http://www.karlrunge.com/x11vnc/index.html#faq-macosx
90. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-int
- 91. http://www.karlrunge.com/x11vnc/x11vnc-0.9.1.tar.gz
+ 91. http://www.karlrunge.com/x11vnc/x11vnc-0.9.2.tar.gz
92. http://www.karlrunge.com/x11vnc/bins
93. mailto:xvml-beta@karlrunge.com
94. http://www.karlrunge.com/x11vnc/index.html#faq-ssl-tunnel-int
@@ -10031,6 +10034,8 @@ Enhanced TightVNC Viewer (SSVNC: SSL/SSH VNC viewer)
* [5]Dynamic VNC Server Port determination and redirection (using
ssh's builtin SOCKS proxy, -D) for servers like x11vnc that print
out PORT= at startup.
+ * Unix Username and Password entry for use with "x11vnc -unixpw"
+ type login dialogs.
[6]Unix TightVNC Viewer improvements (these only apply to the Unix VNC
viewer):
@@ -10056,15 +10061,16 @@ Enhanced TightVNC Viewer (SSVNC: SSL/SSH VNC viewer)
(-grab/-graball option).
* Fix for Popup menu positioning for old window managers (-popupfix
option).
+ * Option "-unixpw ..." for use with "x11vnc -unixpw" type login
+ dialogs.
* Improvements to the Popup menu, all of these can now be changed
dynamically via the menu: ViewOnly, Toggle Bell, CursorShape
updates, X11 Cursor, Cursor Alphablending, Toggle Tight/ZRLE,
Toggle JPEG, FullColor/16bpp/8bpp (256/64/8 colors), Greyscale for
low color modes.
- * Support for UltraVNC extensions: Single Window, Disable
- Server-side Input, 1/n Server side scaling, Text Chat (shell
- terminal UI). Both UltraVNC and x11vnc servers support these
- extensions.
+ * Support for UltraVNC extensions: 1/n Server side scaling, Text
+ Chat, Single Window, Disable Server-side Input. Both UltraVNC and
+ x11vnc servers support these extensions.
The list of software bundled in the archive files:
* TightVNC Viewer (windows, unix, macosx)
@@ -10305,13 +10311,43 @@ Enhanced TightVNC viewer (SSVNC) options:
-noshm Disable use of MIT shared memory extension (not recommended
)
+ -termchat Do the UltraVNC chat in the terminal vncviewer is in
+ instead of in an independent window.
+
+ -unixpw str Useful for logging into x11vnc in -unixpw mode. "str" is a
+ string that allows many ways to enter the Unix Username
+ and Unix Password. These characters: username, newline,
+ password, newline are sent to the VNC server after any VNC
+ authentication has taken place. Under x11vnc they are
+ used for the -unixpw login. Other VNC servers could do
+ something similar.
+
+ You can also indicate "str" via the environment
+ variable SSVNC_UNIXPW.
+
+ Note that the Escape key is actually sent first to tell
+ x11vnc to not echo the Unix Username back to the VNC
+ viewer. Set SSVNC_UNIXPW_NOESC=1 to override this.
+
+ If str is ".", then you are prompted at the command line
+ for the username and password in the normal way. If str is
+ "-" the stdin is read via getpass(3) for username@password.
+ Otherwise if str is a file, it is opened and the first line
+ read is taken as the Unix username and the 2nd as the
+ password. If str prefixed by "rm:" the file is removed
+ after reading. Otherwise, if str has a "@" character,
+ it is taken as username@password. Otherwise, the program
+ exits with an error. Got all that?
+
+
New Popup actions:
+ ViewOnly: ~ -viewonly
+ Disable Bell: ~ -nobell
Cursor Shape: ~ -nocursorshape
X11 Cursor: ~ -x11cursor
Cursor Alphablend: ~ -alpha
Disable JPEG: ~ -nojpeg
- Prefer raw for localhost ~ -rawlocal
Full Color as many colors as local screen allows.
Grey scale (16 & 8-bpp) ~ -grey, for low colors 16/8bpp modes only.
16 bit color (BGR565) ~ -16bpp / -bgr565
@@ -10320,14 +10356,15 @@ Enhanced TightVNC viewer (SSVNC) options:
64 colors ~ -bgr222 / -use64
8 colors ~ -bgr111 / -use8
+ UltraVNC Extensions:
Disable Remote Input Ultravnc ext. Try to prevent input and
viewing of monitor at physical display.
Single Window Ultravnc ext. Grab and view a single window.
(click on the window you want).
Set 1/n Server Scale Ultravnc ext. Scale desktop by 1/n.
prompt is from the terminal.
- Text Chat Ultravnc ext. Do Text Chat, currently
- input via the terminal (no window).
+ Text Chat Ultravnc ext. Do Text Chat.
+
Note: the Ultravnc extensions only apply to servers that support
them. x11vnc/libvncserver supports some of them.
@@ -10394,12 +10431,18 @@ es and source AND full archives in the zip dir. (~15MB)
You can try for an older one by replacing, e.g. ".16" by ".11", etc.
- Sorry for the inconvenience of lumping all the Unix binaries and
- source together in one archive. To save space you can delete the src
- subdirectory if you like.
+ Here are the corresponding "development" bundles:
+ [24]ssvnc_windows_only-1.0.17.zip
+ [25]ssvnc_no_windows-1.0.17.tar.gz
+ [26]ssvnc_unix_only-1.0.17.tar.gz
+ [27]ssvnc_unix_minimal-1.0.17.tar.gz
+
+ [28]ssvnc-1.0.17.tar.gz
+ [29]ssvnc-1.0.17.zip
+ [30]ssvnc_all-1.0.17.zip
A self-extracting and running file for the "ssvnc_unix_minimal"
- package is here: [24]ssvnc. Save it as filename "ssvnc", type "chmod
+ package is here: [31]ssvnc. Save it as filename "ssvnc", type "chmod
755 ./ssvnc", and then launch the GUI via typing "./ssvnc". Note that
this "ssvnc_unix_minimal" mode requires you install the "stunnel" and
"vncviewer" programs externally (for example, install your distros'
@@ -10438,13 +10481,13 @@ es and source AND full archives in the zip dir. (~15MB)
redistribute the above because of cryptographic software they contain
or for other reasons. Please check out your situation and information
at the following and related sites:
- [25]http://www.stunnel.org
- [26]http://stunnel.mirt.net
- [27]http://www.openssl.org
- [28]http://www.chiark.greenend.org.uk/~sgtatham/putty/
- [29]http://www.tightvnc.com
- [30]http://www.realvnc.com
- [31]http://sourceforge.net/projects/cotvnc/
+ [32]http://www.stunnel.org
+ [33]http://stunnel.mirt.net
+ [34]http://www.openssl.org
+ [35]http://www.chiark.greenend.org.uk/~sgtatham/putty/
+ [36]http://www.tightvnc.com
+ [37]http://www.realvnc.com
+ [38]http://sourceforge.net/projects/cotvnc/
_________________________________________________________________
Here is the toplevel README from the bundle:
@@ -10915,14 +10958,21 @@ References
21. http://www.karlrunge.com/x11vnc/etv/ssvnc-1.0.16.tar.gz
22. http://www.karlrunge.com/x11vnc/etv/ssvnc-1.0.16.zip
23. http://www.karlrunge.com/x11vnc/etv/ssvnc_all-1.0.16.zip
- 24. http://www.karlrunge.com/x11vnc/etv/ssvnc
- 25. http://www.stunnel.org/
- 26. http://stunnel.mirt.net/
- 27. http://www.openssl.org/
- 28. http://www.chiark.greenend.org.uk/~sgtatham/putty/
- 29. http://www.tightvnc.com/
- 30. http://www.realvnc.com/
- 31. http://sourceforge.net/projects/cotvnc/
+ 24. http://www.karlrunge.com/x11vnc/etv/ssvnc_windows_only-1.0.17.zip
+ 25. http://www.karlrunge.com/x11vnc/etv/ssvnc_no_windows-1.0.17.tar.gz
+ 26. http://www.karlrunge.com/x11vnc/etv/ssvnc_unix_only-1.0.17.tar.gz
+ 27. http://www.karlrunge.com/x11vnc/etv/ssvnc_unix_minimal-1.0.17.tar.gz
+ 28. http://www.karlrunge.com/x11vnc/etv/ssvnc-1.0.17.tar.gz
+ 29. http://www.karlrunge.com/x11vnc/etv/ssvnc-1.0.17.zip
+ 30. http://www.karlrunge.com/x11vnc/etv/ssvnc_all-1.0.17.zip
+ 31. http://www.karlrunge.com/x11vnc/etv/ssvnc
+ 32. http://www.stunnel.org/
+ 33. http://stunnel.mirt.net/
+ 34. http://www.openssl.org/
+ 35. http://www.chiark.greenend.org.uk/~sgtatham/putty/
+ 36. http://www.tightvnc.com/
+ 37. http://www.realvnc.com/
+ 38. http://sourceforge.net/projects/cotvnc/
=======================================================================
http://www.karlrunge.com/x11vnc/x11vnc_opts.html:
@@ -10935,7 +10985,7 @@ x11vnc: a VNC server for real X displays
Here are all of x11vnc command line options:
% x11vnc -opts (see below for -help long descriptions)
-x11vnc: allow VNC connections to real X11 displays. 0.9.1 lastmod: 2007-05-21
+x11vnc: allow VNC connections to real X11 displays. 0.9.2 lastmod: 2007-05-26
x11vnc options:
-display disp -auth file -N
@@ -11049,7 +11099,7 @@ libvncserver-tight-extension options:
% x11vnc -help
-x11vnc: allow VNC connections to real X11 displays. 0.9.1 lastmod: 2007-05-21
+x11vnc: allow VNC connections to real X11 displays. 0.9.2 lastmod: 2007-05-26
(type "x11vnc -opts" to just list the options.)
@@ -11631,27 +11681,32 @@ Options:
send one before a 25 second timeout. Existing clients
are view-only during this period.
+ If the first character received is "Escape" then the
+ unix username will not be displayed after "login:"
+ as it is typed. This could be of use for VNC viewers
+ that automatically type the username and password.
+
Since the detailed behavior of su(1) can vary from
OS to OS and for local configurations, test the mode
- carefully on your systems before using it in production.
- Test different combinations of valid/invalid usernames
- and valid/invalid passwords to see if it behaves as
- expected. x11vnc will attempt to be conservative and
+ carefully. x11vnc will attempt to be conservative and
reject a login if anything abnormal occurs.
- On FreeBSD and the other BSD's by default it is
- impossible for the user running x11vnc to validate
- his *own* password via su(1) (evidently commenting out
+ One case to note: FreeBSD and the other BSD's by
+ default it is impossible for the user running x11vnc to
+ validate his *own* password via su(1) (commenting out
the pam_self.so entry in /etc/pam.d/su eliminates this
- problem). So the x11vnc login will always *fail* for
+ behavior). So the x11vnc login will always *FAIL* for
this case (even when the correct password is supplied).
- A possible workaround for this would be to start
- x11vnc as root with the "-users +nobody" option to
- immediately switch to user nobody. Another source of
- problems are PAM modules that prompt for extra info,
- e.g. password aging modules. These logins will fail
- as well even when the correct password is supplied.
+ A possible workaround for this on *BSD would be to
+ start x11vnc as root with the "-users +nobody" option
+ to immediately switch to user nobody where the su'ing
+ will proceed normally.
+
+ Another source of potential problems are PAM modules
+ that prompt for extra info, e.g. password aging modules.
+ These logins will fail as well even when the correct
+ password is supplied.
**IMPORTANT**: to prevent the Unix password being sent
in *clear text* over the network, one of two schemes
@@ -12720,6 +12775,9 @@ t
commands, RFB_SSL_CLIENT_CERT will be set to the
client's x509 certificate string.
+ The sslpeer= mode can aid finding X sessions via the
+ FINDDISPLAY and FINDCREATEDISPLAY mechanisms.
+
To immediately switch to a user *before* connections
to the X display are made or any files opened use the
"=" character: "-users =bob". That user needs to
diff --git a/x11vnc/help.c b/x11vnc/help.c
index da8ac5c..3aa8147 100644
--- a/x11vnc/help.c
+++ b/x11vnc/help.c
@@ -603,27 +603,32 @@ void print_help(int mode) {
" send one before a 25 second timeout. Existing clients\n"
" are view-only during this period.\n"
"\n"
+" If the first character received is \"Escape\" then the\n"
+" unix username will not be displayed after \"login:\"\n"
+" as it is typed. This could be of use for VNC viewers\n"
+" that automatically type the username and password.\n"
+"\n"
" Since the detailed behavior of su(1) can vary from\n"
" OS to OS and for local configurations, test the mode\n"
-" carefully on your systems before using it in production.\n"
-" Test different combinations of valid/invalid usernames\n"
-" and valid/invalid passwords to see if it behaves as\n"
-" expected. x11vnc will attempt to be conservative and\n"
+" carefully. x11vnc will attempt to be conservative and\n"
" reject a login if anything abnormal occurs.\n"
"\n"
-" On FreeBSD and the other BSD's by default it is\n"
-" impossible for the user running x11vnc to validate\n"
-" his *own* password via su(1) (evidently commenting out\n"
+" One case to note: FreeBSD and the other BSD's by\n"
+" default it is impossible for the user running x11vnc to\n"
+" validate his *own* password via su(1) (commenting out\n"
" the pam_self.so entry in /etc/pam.d/su eliminates this\n"
-" problem). So the x11vnc login will always *fail* for\n"
+" behavior). So the x11vnc login will always *FAIL* for\n"
" this case (even when the correct password is supplied).\n"
"\n"
-" A possible workaround for this would be to start\n"
-" x11vnc as root with the \"-users +nobody\" option to\n"
-" immediately switch to user nobody. Another source of\n"
-" problems are PAM modules that prompt for extra info,\n"
-" e.g. password aging modules. These logins will fail\n"
-" as well even when the correct password is supplied.\n"
+" A possible workaround for this on *BSD would be to\n"
+" start x11vnc as root with the \"-users +nobody\" option\n"
+" to immediately switch to user nobody where the su'ing\n"
+" will proceed normally.\n"
+"\n"
+" Another source of potential problems are PAM modules\n"
+" that prompt for extra info, e.g. password aging modules.\n"
+" These logins will fail as well even when the correct\n"
+" password is supplied.\n"
"\n"
" **IMPORTANT**: to prevent the Unix password being sent\n"
" in *clear text* over the network, one of two schemes\n"
@@ -676,10 +681,6 @@ void print_help(int mode) {
" (default port 5500). Please use a ssh or stunnel port\n"
" redirection to the viewer machine to tunnel the reverse\n"
" connection over an encrypted channel.\n"
-#if 0
-" Note that in -ssl\n"
-" mode reverse connection are disabled (see below). XXX\n"
-#endif
"\n"
" In -inetd mode the Method 1) will be enforced (not\n"
" Method 2). With -ssl in effect reverse connections\n"
@@ -1707,6 +1708,9 @@ void print_help(int mode) {
" commands, RFB_SSL_CLIENT_CERT will be set to the\n"
" client's x509 certificate string.\n"
"\n"
+" The sslpeer= mode can aid finding X sessions via the\n"
+" FINDDISPLAY and FINDCREATEDISPLAY mechanisms.\n"
+"\n"
" To immediately switch to a user *before* connections\n"
" to the X display are made or any files opened use the\n"
" \"=\" character: \"-users =bob\". That user needs to\n"
diff --git a/x11vnc/options.c b/x11vnc/options.c
index 5d052b6..0a3ec9c 100644
--- a/x11vnc/options.c
+++ b/x11vnc/options.c
@@ -206,8 +206,8 @@ int wireframe_local = 1;
#ifdef NO_NCACHE
#define NCACHE 0
#else
-#define xxNCACHE -12
-#define NCACHE -1
+#define NCACHE -12
+#define xxNCACHE -1
#endif
#endif
diff --git a/x11vnc/unixpw.c b/x11vnc/unixpw.c
index c4a08b9..9390b43 100644
--- a/x11vnc/unixpw.c
+++ b/x11vnc/unixpw.c
@@ -1126,6 +1126,7 @@ void unixpw_keystroke(rfbBool down, rfbKeySym keysym, int init) {
int x, y, i, rc, nmax = 100;
static char user_r[100], user[100], pass[100];
static int u_cnt = 0, p_cnt = 0, first = 1;
+ static int echo = 1;
char keystr[100];
char *str;
@@ -1143,6 +1144,7 @@ void unixpw_keystroke(rfbBool down, rfbKeySym keysym, int init) {
in_login = 1;
in_passwd = 0;
unixpw_denied = 0;
+ echo = 1;
if (init == 1) {
tries = 0;
}
@@ -1209,6 +1211,11 @@ void unixpw_keystroke(rfbBool down, rfbKeySym keysym, int init) {
} else if (! down) {
return;
}
+ if (in_login && keysym == XK_Escape && u_cnt == 0) {
+ echo = 0;
+ rfbLog("unixpw_keystroke: echo off.\n");
+ return;
+ }
if (in_login) {
if (keysym == XK_BackSpace || keysym == XK_Delete) {
@@ -1295,8 +1302,10 @@ void unixpw_keystroke(rfbBool down, rfbKeySym keysym, int init) {
x = text_x();
y = text_y();
- rfbDrawString(pscreen, &default8x16Font, x, y,
- str, white_pixel());
+ if (echo) {
+ rfbDrawString(pscreen, &default8x16Font, x, y,
+ str, white_pixel());
+ }
mark_rect_as_modified(x, y-char_h, x+char_w,
y, scaling);
char_col++;
@@ -1340,7 +1349,9 @@ void unixpw_keystroke(rfbBool down, rfbKeySym keysym, int init) {
if (db && db <= 2) fprintf(stderr, "u_cnt: %d %d/%d ks: 0x%x '%s'\n", u_cnt, x, y, keysym, keystr);
- rfbDrawString(pscreen, &default8x16Font, x, y, keystr, white_pixel());
+ if (echo ) {
+ rfbDrawString(pscreen, &default8x16Font, x, y, keystr, white_pixel());
+ }
mark_rect_as_modified(x, y-char_h, x+char_w, y, scaling);
char_col++;
diff --git a/x11vnc/x11vnc.1 b/x11vnc/x11vnc.1
index ab5336a..83d0b82 100644
--- a/x11vnc/x11vnc.1
+++ b/x11vnc/x11vnc.1
@@ -2,7 +2,7 @@
.TH X11VNC "1" "May 2007" "x11vnc " "User Commands"
.SH NAME
x11vnc - allow VNC connections to real X11 displays
- version: 0.9.1, lastmod: 2007-05-21
+ version: 0.9.2, lastmod: 2007-05-26
.SH SYNOPSIS
.B x11vnc
[OPTION]...
@@ -718,31 +718,36 @@ to supply the correct password in 3 tries or does not
send one before a 25 second timeout. Existing clients
are view-only during this period.
.IP
+If the first character received is "Escape" then the
+unix username will not be displayed after "login:"
+as it is typed. This could be of use for VNC viewers
+that automatically type the username and password.
+.IP
Since the detailed behavior of
.IR su (1)
can vary from
OS to OS and for local configurations, test the mode
-carefully on your systems before using it in production.
-Test different combinations of valid/invalid usernames
-and valid/invalid passwords to see if it behaves as
-expected. x11vnc will attempt to be conservative and
+carefully. x11vnc will attempt to be conservative and
reject a login if anything abnormal occurs.
.IP
-On FreeBSD and the other BSD's by default it is
-impossible for the user running x11vnc to validate
-his *own* password via
+One case to note: FreeBSD and the other BSD's by
+default it is impossible for the user running x11vnc to
+validate his *own* password via
.IR su (1)
-(evidently commenting out
+(commenting out
the pam_self.so entry in /etc/pam.d/su eliminates this
-problem). So the x11vnc login will always *fail* for
+behavior). So the x11vnc login will always *FAIL* for
this case (even when the correct password is supplied).
.IP
-A possible workaround for this would be to start
-x11vnc as root with the "\fB-users\fR \fI+nobody\fR" option to
-immediately switch to user nobody. Another source of
-problems are PAM modules that prompt for extra info,
-e.g. password aging modules. These logins will fail
-as well even when the correct password is supplied.
+A possible workaround for this on *BSD would be to
+start x11vnc as root with the "\fB-users\fR \fI+nobody\fR" option
+to immediately switch to user nobody where the su'ing
+will proceed normally.
+.IP
+Another source of potential problems are PAM modules
+that prompt for extra info, e.g. password aging modules.
+These logins will fail as well even when the correct
+password is supplied.
.IP
**IMPORTANT**: to prevent the Unix password being sent
in *clear text* over the network, one of two schemes
@@ -1934,6 +1939,9 @@ env. vars. (see \fB-accept)\fR passed to external cmd=
commands, RFB_SSL_CLIENT_CERT will be set to the
client's x509 certificate string.
.IP
+The sslpeer= mode can aid finding X sessions via the
+FINDDISPLAY and FINDCREATEDISPLAY mechanisms.
+.IP
To immediately switch to a user *before* connections
to the X display are made or any files opened use the
"=" character: "\fB-users\fR \fI=bob\fR". That user needs to
diff --git a/x11vnc/x11vnc_defs.c b/x11vnc/x11vnc_defs.c
index 6e6bf1f..6fc1b49 100644
--- a/x11vnc/x11vnc_defs.c
+++ b/x11vnc/x11vnc_defs.c
@@ -15,7 +15,7 @@ int xtrap_base_event_type = 0;
int xdamage_base_event_type = 0;
/* date +'lastmod: %Y-%m-%d' */
-char lastmod[] = "0.9.1 lastmod: 2007-05-21";
+char lastmod[] = "0.9.2 lastmod: 2007-05-26";
/* X display info */