x11vnc: -DENC_HAVE_OPENSSL=0 to disable enc.h but still

        have ssl. Tweak ps command in find_display. Try to handle
        AIX su. Ignore an initial newline at login: for -unixpw.

7 files changed, 91 insertions, 19 deletions

diff --git a/x11vnc/ChangeLog b/x11vnc/ChangeLog
index 0f7e547..c3c8382 100644
--- a/x11vnc/ChangeLog
+++ b/x11vnc/ChangeLog
@@ -1,3 +1,8 @@
+2009-12-21  Karl Runge <runge@karlrunge.com>
+	* x11vnc: -DENC_HAVE_OPENSSL=0 to disable enc.h but still
+	  have ssl. Tweak ps command in find_display. Try to handle
+	  AIX su. Ignore an initial newline at login: for -unixpw.
+
 2009-12-18  Karl Runge <runge@karlrunge.com>
 	* x11vnc: fix keycode and other remote control actions under
 	  DIRECT: with an extra XFlush and other safety measures.
diff --git a/x11vnc/README b/x11vnc/README
index 597e2ef..685f9a6 100644
--- a/x11vnc/README
+++ b/x11vnc/README
@@ -2,7 +2,7 @@
 Copyright (C) 2002-2009 Karl J. Runge <runge@karlrunge.com>
 All rights reserved.
 
-x11vnc README file                         Date: Fri Dec 18 22:19:55 EST 2009
+x11vnc README file                         Date: Mon Dec 21 00:00:59 EST 2009
 
 The following information is taken from these URLs:
 
@@ -842,6 +842,15 @@ make
    also want to make sure that /usr/lpp/X11/include, etc is being picked
    up by the configure and make.
 
+   For a recent build on AIX 5.3 we needed to add these CFLAGS to be able
+   to build with gcc:
+  env CFLAGS='-maix64 -Xlinker -bbigtoc' ./configure ...
+
+   we also built our own libjpeg and libz using -maix64.
+
+   BTW, one way to run an Xvfb-like virtual X server for testing on AIX
+   is something like "/usr/bin/X11/X -force -vfb -ac :1".
+
 
    Building on Mac OS X:   There is now [112]native Mac OS X support for
    x11vnc by using the raw framebuffer feature. This mode does not use or
@@ -12905,7 +12914,7 @@ x11vnc: a VNC server for real X displays
    Here are all of x11vnc command line options:
 % x11vnc -opts      (see below for -help long descriptions)
 
-x11vnc: allow VNC connections to real X11 displays. 0.9.9 lastmod: 2009-12-18
+x11vnc: allow VNC connections to real X11 displays. 0.9.9 lastmod: 2009-12-21
 
 x11vnc options:
   -display disp            -auth file               -N                     
@@ -13032,7 +13041,7 @@ libvncserver-tight-extension options:
 
 % x11vnc -help
 
-x11vnc: allow VNC connections to real X11 displays. 0.9.9 lastmod: 2009-12-18
+x11vnc: allow VNC connections to real X11 displays. 0.9.9 lastmod: 2009-12-21
 
 (type "x11vnc -opts" to just list the options.)
 
diff --git a/x11vnc/sslhelper.c b/x11vnc/sslhelper.c
index 42a5728..5af3376 100644
--- a/x11vnc/sslhelper.c
+++ b/x11vnc/sslhelper.c
@@ -2940,11 +2940,11 @@ if (db) fprintf(stderr, "tv_sec: %d - '%s'\n", (int) tv.tv_sec, last_get);
 	FD_ZERO(&rd);
 	FD_SET(s_in, &rd);
 
-	if (db) fprintf(stderr, "is_ssl_readable: begin  select(%d secs) %.6f\n", tv.tv_sec, dnow());
+	if (db) fprintf(stderr, "is_ssl_readable: begin  select(%d secs) %.6f\n", (int) tv.tv_sec, dnow());
 	do {
 		nfd = select(s_in+1, &rd, NULL, NULL, &tv);
 	} while (nfd < 0 && errno == EINTR);
-	if (db) fprintf(stderr, "is_ssl_readable: finish select(%d secs) %.6f\n", tv.tv_sec, dnow());
+	if (db) fprintf(stderr, "is_ssl_readable: finish select(%d secs) %.6f\n", (int) tv.tv_sec, dnow());
 
 	if (db) fprintf(stderr, "https nfd: %d\n", nfd);
 
@@ -4081,12 +4081,18 @@ if (db) rfbLog("raw_xfer bad write:  %d -> %d | %d/%d  errno=%d\n", csock, s_out
 #endif	/* FORK_OK */
 }
 
+/* compile with -DENC_HAVE_OPENSSL=0 to disable enc stuff but still have ssl */
+
 #define ENC_MODULE
+
 #if LIBVNCSERVER_HAVE_LIBSSL
+#ifndef ENC_HAVE_OPENSSL
 #define ENC_HAVE_OPENSSL 1
+#endif
 #else
 #define ENC_HAVE_OPENSSL 0
 #endif
+
 #include "enc.h"
 
 static void symmetric_encryption_xfer(int csock, int s_in, int s_out) {
diff --git a/x11vnc/ssltools.h b/x11vnc/ssltools.h
index 1d0b1ab..1be120f 100644
--- a/x11vnc/ssltools.h
+++ b/x11vnc/ssltools.h
@@ -893,14 +893,23 @@ char find_display[] =
 "\n"
 "# save uname, netstat, and ps output:\n"
 "uname=`uname`\n"
-"nsout=`netstat -an`\n"
+"is_bsd=\"\"\n"
+"if echo \"$uname\" | grep -i bsd > /dev/null; then\n"
+"	is_bsd=1\n"
+"fi\n"
+"\n"
 "if [ \"X$uname\" = \"XDarwin\" ]; then\n"
-"	psout=`ps aux 2>/dev/null | grep -wv PID | grep -v grep`\n"
-"	pslist=`echo \"$psout\" | awk '{print $2}'`\n"
+"	psout=`ps aux 2>/dev/null              | grep -wv PID | grep -v grep`\n"
+"elif [ \"X$uname\" = \"XLinux\" -o \"X$is_bsd\" = \"X1\" ]; then\n"
+"	psout=`ps wwwaux 2>/dev/null           | grep -wv PID | grep -v grep`\n"
+"elif [ \"X$uname\" = \"XSunOS\" -a -x /usr/ucb/ps ]; then\n"
+"	psout=`/usr/ucb/ps wwwaux 2>/dev/null  | grep -wv PID | grep -v grep`\n"
 "else\n"
 "	psout=`ps -ef 2>/dev/null | grep -wv PID | grep -v grep`\n"
-"	pslist=`echo \"$psout\" | awk '{print $2}'`\n"
 "fi\n"
+"pslist=`echo \"$psout\" | awk '{print $2}'`\n"
+"\n"
+"nsout=`netstat -an`\n"
 "\n"
 "rchk() {\n"
 "	rr=rr	\n"
diff --git a/x11vnc/unixpw.c b/x11vnc/unixpw.c
index 96a066d..ef28ef2 100644
--- a/x11vnc/unixpw.c
+++ b/x11vnc/unixpw.c
@@ -954,7 +954,7 @@ int su_verify(char *user, char *pass, char *cmd, char *rbuf, int *rbuf_size, int
 	pid_t pid, pidw;
 	struct stat sbuf;
 	static int first = 1;
-	char instr[32], cbuf[10];
+	char instr[64], cbuf[10];
 
 	if (first) {
 		set_db();
@@ -1210,7 +1210,7 @@ int su_verify(char *user, char *pass, char *cmd, char *rbuf, int *rbuf_size, int
 	 * 	auth      sufficient  pam_self.so
 	 * it may be commented out without problem.
 	 */
-	for (i=0; i<32; i++) {
+	for (i=0; i<sizeof(instr); i++) {
 		instr[i] = '\0';
 	}
 
@@ -1221,7 +1221,7 @@ int su_verify(char *user, char *pass, char *cmd, char *rbuf, int *rbuf_size, int
 	j = 0;
 	for (i=0; i < (int) strlen("Password:"); i++) {
 		char pstr[] = "password:";
-		int n;	
+		int n, problem;	
 
 		cbuf[0] = '\0';
 		cbuf[1] = '\0';
@@ -1229,7 +1229,7 @@ int su_verify(char *user, char *pass, char *cmd, char *rbuf, int *rbuf_size, int
 		n = read(fd, cbuf, 1);
 		if (n < 0 && errno == EINTR) {
 			i--;
-			if (i < 0) i = 0;
+			if (i < -1) i = -1;
 			continue;
 		}
 
@@ -1250,10 +1250,10 @@ int su_verify(char *user, char *pass, char *cmd, char *rbuf, int *rbuf_size, int
 		if (n == 1) {
 			if (isspace((unsigned char) cbuf[0])) {
 				i--;
-				if (i < 0) i = 0;
+				if (i < -1) i = -1;
 				continue;
 			}
-			if (j >= 32-1) {
+			if (j >= sizeof(instr)-1) {
 				rfbLog("su_verify: problem finding Password:\n");	
 				fflush(stderr);
 				return 0;
@@ -1261,7 +1261,42 @@ int su_verify(char *user, char *pass, char *cmd, char *rbuf, int *rbuf_size, int
 			instr[j++] = tolower((unsigned char)cbuf[0]);
 		}
 
-		if (n <= 0 || strstr(pstr, instr) != pstr) {
+		problem = 0;
+		if (n <= 0) {
+			problem = 1;
+		} else if (strstr(pstr, instr) != pstr) {
+#ifdef _AIX
+			if (UT.sysname && strstr(UT.sysname, "AIX")) {
+				/* handle: runge's Password: */
+				char *luser = (char *) malloc(strlen(user) + 10);
+
+				sprintf(luser, "%s's", user);
+				lowercase(luser);
+				if (strstr(luser, instr) == luser) {
+					if (!strcmp(luser, instr)) {
+						i = -1;	
+						j = 0;
+						memset(instr, 0, sizeof(instr));
+						free(luser);
+						continue;
+					} else {
+						i--;
+						if (i < -1) i = -1;
+						free(luser);
+						continue;
+					}
+				} else {
+					problem = 1;
+				}
+				free(luser);
+			} else
+#endif
+			{
+				problem = 1;
+			}
+		}
+
+		if (problem) {
 
 			if (db) {
 				fprintf(stderr, "\"Password:\" did not "
@@ -1571,7 +1606,7 @@ static void set_db(void) {
 void unixpw_keystroke(rfbBool down, rfbKeySym keysym, int init) {
 	int x, y, i, rc, nmax = 100;
 	static char user_r[100], user[100], pass[100];
-	static int  u_cnt = 0, p_cnt = 0, first = 1;
+	static int  u_cnt = 0, p_cnt = 0, t_cnt = 0, first = 1;
 	static int echo = 1;
 	char keystr[100];
 	char *str;
@@ -1601,6 +1636,7 @@ void unixpw_keystroke(rfbBool down, rfbKeySym keysym, int init) {
 
 		u_cnt = 0;
 		p_cnt = 0;
+		t_cnt = 0;
 		for (i=0; i<nmax; i++) {
 			user[i] = '\0';
 			pass[i] = '\0';
@@ -1725,6 +1761,8 @@ void unixpw_keystroke(rfbBool down, rfbKeySym keysym, int init) {
 		return;
 	}
 
+	t_cnt++;
+
 	if (in_login) {
 		if (keysym == XK_BackSpace || keysym == XK_Delete) {
 			if (u_cnt > 0) {
@@ -1768,6 +1806,11 @@ void unixpw_keystroke(rfbBool down, rfbKeySym keysym, int init) {
 				return;
 			}
 
+			if (t_cnt == 1) {
+				/* accidental initial return, e.g. from xterm */
+				return;
+			}
+
 			in_login = 0;
 			in_passwd = 1;
 
diff --git a/x11vnc/x11vnc.1 b/x11vnc/x11vnc.1
index adf87b4..68c73c3 100644
--- a/x11vnc/x11vnc.1
+++ b/x11vnc/x11vnc.1
@@ -2,7 +2,7 @@
 .TH X11VNC "1" "December 2009" "x11vnc " "User Commands"
 .SH NAME
 x11vnc - allow VNC connections to real X11 displays
-         version: 0.9.9, lastmod: 2009-12-18
+         version: 0.9.9, lastmod: 2009-12-21
 .SH SYNOPSIS
 .B x11vnc
 [OPTION]...
diff --git a/x11vnc/x11vnc_defs.c b/x11vnc/x11vnc_defs.c
index 42a8198..351fea7 100644
--- a/x11vnc/x11vnc_defs.c
+++ b/x11vnc/x11vnc_defs.c
@@ -47,7 +47,7 @@ int xtrap_base_event_type = 0;
 int xdamage_base_event_type = 0;
 
 /*               date +'lastmod: %Y-%m-%d' */
-char lastmod[] = "0.9.9 lastmod: 2009-12-18";
+char lastmod[] = "0.9.9 lastmod: 2009-12-21";
 
 /* X display info */