diff options
| author | runge <runge> | 2006-03-12 05:50:01 +0000 |
|---|---|---|
| committer | runge <runge> | 2006-03-12 05:50:01 +0000 |
| commit | e2e9347946bbaf1bf87c571d4a1fd9115fe90954 (patch) | |
| tree | e58c0b2d9dcddf0a8d2f90930119945020cb1f5c /x11vnc/sslcmds.c | |
| parent | 5e72609631a1893acfe6a31d0129553ed3044a20 (diff) | |
| download | libtdevnc-e2e9347946bbaf1bf87c571d4a1fd9115fe90954.tar.gz libtdevnc-e2e9347946bbaf1bf87c571d4a1fd9115fe90954.zip | |
x11vnc: add -ssl mode using libssl. Include Xdummy in misc.
Diffstat (limited to 'x11vnc/sslcmds.c')
| -rw-r--r-- | x11vnc/sslcmds.c | 57 |
1 files changed, 42 insertions, 15 deletions
diff --git a/x11vnc/sslcmds.c b/x11vnc/sslcmds.c index 63ffacf..e9e3208 100644 --- a/x11vnc/sslcmds.c +++ b/x11vnc/sslcmds.c @@ -46,6 +46,7 @@ int start_stunnel(int stunnel_port, int x11vnc_port) { char extra[] = ":/usr/sbin:/usr/local/sbin"; char *path, *p, *exe; char *stunnel_path = NULL; + struct stat verify_buf; int status; if (stunnel_pid) { @@ -110,13 +111,11 @@ int start_stunnel(int stunnel_port, int x11vnc_port) { stunnel_port, x11vnc_port); } - if (0) { - fprintf(stderr, "foreground = yes\n"); - fprintf(stderr, "pid =\n"); - fprintf(stderr, ";debug = 7\n"); - fprintf(stderr, "[x11vnc_stunnel]\n"); - fprintf(stderr, "accept = %d\n", stunnel_port); - fprintf(stderr, "connect = %d\n", x11vnc_port); + if (ssl_verify) { + if (stat(ssl_verify, &verify_buf) != 0) { + rfbLog("stunnel: %s does not exist.\n", ssl_verify); + return 0; + } } stunnel_pid = fork(); @@ -137,18 +136,37 @@ int start_stunnel(int stunnel_port, int x11vnc_port) { } if (use_stunnel == 3) { - char sp[20], xp[20]; + char sp[20], xp[20], *a = NULL; + char *st = stunnel_path; + char *pm = stunnel_pem; + char *sv = ssl_verify; sprintf(sp, "%d", stunnel_port); sprintf(xp, "%d", x11vnc_port); + + if (ssl_verify) { + if(S_ISDIR(verify_buf.st_mode)) { + a = "-a"; + } else { + a = "-A"; + } + } - if (stunnel_pem) { - execlp(stunnel_path, stunnel_path, "-f", "-d", - sp, "-r", xp, "-P", "none", "-p", - stunnel_pem, (char *) NULL); + if (stunnel_pem && ssl_verify) { + execlp(st, st, "-f", "-d", sp, "-r", xp, "-P", + "none", "-p", pm, a, sv, "-v", "2", + (char *) NULL); + } else if (stunnel_pem && !ssl_verify) { + execlp(st, st, "-f", "-d", sp, "-r", xp, "-P", + "none", "-p", pm, + (char *) NULL); + } else if (!stunnel_pem && ssl_verify) { + execlp(st, st, "-f", "-d", sp, "-r", xp, "-P", + "none", a, sv, "-v", "2", + (char *) NULL); } else { - execlp(stunnel_path, stunnel_path, "-f", "-d", - sp, "-r", xp, "-P", "none", (char *) NULL); + execlp(st, st, "-f", "-d", sp, "-r", xp, "-P", + "none", (char *) NULL); } exit(1); } @@ -162,7 +180,15 @@ int start_stunnel(int stunnel_port, int x11vnc_port) { if (stunnel_pem) { fprintf(in, "cert = %s\n", stunnel_pem); } - fprintf(in, ";debug = 7\n"); + if (ssl_verify) { + if(S_ISDIR(verify_buf.st_mode)) { + fprintf(in, "CApath = %s\n", ssl_verify); + } else { + fprintf(in, "CAfile = %s\n", ssl_verify); + } + fprintf(in, "verify = 2\n"); + } + fprintf(in, ";debug = 7\n\n"); fprintf(in, "[x11vnc_stunnel]\n"); fprintf(in, "accept = %d\n", stunnel_port); fprintf(in, "connect = %d\n", x11vnc_port); @@ -256,6 +282,7 @@ void setup_stunnel(int rport, int *argc, char **argv) { } } stunnel_port = rport; + ssl_initialized = 1; return; } |