diff options
| author | runge <runge@karlrunge.com> | 2010-03-21 00:05:51 -0400 |
|---|---|---|
| committer | runge <runge@karlrunge.com> | 2010-03-21 00:05:51 -0400 |
| commit | 97540de56ca8a975ed31d86879d0e5c4cf169173 (patch) | |
| tree | 6c8c0a28c3559a15c6a76bed92dc2a4c62630914 /x11vnc | |
| parent | edb79ae2b1d39bc12d489bcded74ab966e019994 (diff) | |
| download | libtdevnc-97540de56ca8a975ed31d86879d0e5c4cf169173.tar.gz libtdevnc-97540de56ca8a975ed31d86879d0e5c4cf169173.zip | |
classes/ssl: Many improvements to Java SSL applet, onetimekey
serverCert param, debugging printout, user dialogs, catch
socket exceptions, autodetect x11vnc for GET=1.
x11vnc: misc/scripts: desktop.cgi, inet6to4, panner.pl.
X11VNC_HTTPS_DOWNLOAD_WAIT_TIME, -unixpw %xxx documented, and
can run user cmd in UNIXPW_CMD. FD_XDMCP_IF for create script,
autodetect dm on udp6 only. Queries: pointer_x, pointer_y,
pointer_same, pointer_root. Switch on -xkd if keysyms per key >
4 in all cases. daemon mode improvements for connect_switch,
inet6to4, ultravnc_repeater.pl. Dynamic change of -clip do
not create new fb if WxH is unchanged.
Diffstat (limited to 'x11vnc')
| -rw-r--r-- | x11vnc/ChangeLog | 13 | ||||
| -rw-r--r-- | x11vnc/README | 3218 | ||||
| -rw-r--r-- | x11vnc/cursor.c | 3 | ||||
| -rw-r--r-- | x11vnc/help.c | 84 | ||||
| -rw-r--r-- | x11vnc/keyboard.c | 6 | ||||
| -rw-r--r-- | x11vnc/misc/Makefile.am | 2 | ||||
| -rw-r--r-- | x11vnc/misc/README | 11 | ||||
| -rwxr-xr-x | x11vnc/misc/connect_switch | 276 | ||||
| -rwxr-xr-x | x11vnc/misc/desktop.cgi | 1134 | ||||
| -rwxr-xr-x | x11vnc/misc/inet6to4 | 400 | ||||
| -rwxr-xr-x | x11vnc/misc/panner.pl | 117 | ||||
| -rwxr-xr-x | x11vnc/misc/ultravnc_repeater.pl | 131 | ||||
| -rw-r--r-- | x11vnc/remote.c | 50 | ||||
| -rw-r--r-- | x11vnc/sslhelper.c | 49 | ||||
| -rw-r--r-- | x11vnc/ssltools.h | 35 | ||||
| -rw-r--r-- | x11vnc/user.c | 14 | ||||
| -rw-r--r-- | x11vnc/x11vnc.1 | 92 | ||||
| -rw-r--r-- | x11vnc/x11vnc.c | 25 | ||||
| -rw-r--r-- | x11vnc/x11vnc_defs.c | 2 |
19 files changed, 4036 insertions, 1626 deletions
diff --git a/x11vnc/ChangeLog b/x11vnc/ChangeLog index fb6f8ad..0117e45 100644 --- a/x11vnc/ChangeLog +++ b/x11vnc/ChangeLog @@ -1,3 +1,16 @@ +2010-03-20 Karl Runge <runge@karlrunge.com> + * classes/ssl: Many improvements to Java SSL applet, onetimekey + serverCert param, debugging printout, user dialogs, catch + socket exceptions, autodetect x11vnc for GET=1. + * x11vnc: misc/scripts: desktop.cgi, inet6to4, panner.pl. + X11VNC_HTTPS_DOWNLOAD_WAIT_TIME, -unixpw %xxx documented, and + can run user cmd in UNIXPW_CMD. FD_XDMCP_IF for create script, + autodetect dm on udp6 only. Queries: pointer_x, pointer_y, + pointer_same, pointer_root. Switch on -xkd if keysyms per key > + 4 in all cases. daemon mode improvements for connect_switch, + inet6to4, ultravnc_repeater.pl. Dynamic change of -clip do + not create new fb if WxH is unchanged. + 2010-02-22 Karl Runge <runge@karlrunge.com> * classes/ssl: Java SSL applet viewer now works with certificate chains. diff --git a/x11vnc/README b/x11vnc/README index 6aa88b4..a291367 100644 --- a/x11vnc/README +++ b/x11vnc/README @@ -2,7 +2,7 @@ Copyright (C) 2002-2010 Karl J. Runge <runge@karlrunge.com> All rights reserved. -x11vnc README file Date: Mon Feb 22 22:22:33 EST 2010 +x11vnc README file Date: Sat Mar 20 23:15:32 EDT 2010 The following information is taken from these URLs: @@ -42,8 +42,8 @@ x11vnc: a VNC server for real X displays passwords where the user does not need to memorize his VNC display/port number. Normally a virtual X session (Xvfb) is created for each user, but it also works with X sessions on physical hardware. - See the [21]tsvnc terminal services mode of the SSVNC viewer that - takes advantage of this mode. + See the [21]tsvnc terminal services mode of the SSVNC viewer for one + way to take advantage of this mode. I wrote x11vnc back in 2002 because x0rfbserver was basically impossible to build on Solaris and had poor performance. The primary @@ -63,7 +63,7 @@ x11vnc: a VNC server for real X displays massive, but you can often use your browser's find-in-page search action using a keyword to find the answer to your problem or question. - Please help [27]beta test the new performance speedup feature using + Please help [27]test the performance speedup feature using [28]viewer-side pixel caching "ncache". SSVNC: An x11vnc side-project provides an [29]Enhanced TightVNC @@ -192,8 +192,10 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick remote shell. Then fix this with the tips [44]below. Note as of Feb/2007 you can also try the [45]-find option instead of - "-display ..." and see if that finds your display and Xauthority. (End - of Common Gotcha) + "-display ..." and see if that finds your display and Xauthority. Note + as of Dec/2009 the [46]-findauth and "[47]-auth guess" options may be + helpful as well. + (End of Common Gotcha) When x11vnc starts up there will then be much chatter printed out (use "-q" to quiet it), until it finally says something like: @@ -210,10 +212,11 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick Step 3. At the place where you are sitting (sitting-here.west in this example) you now want to run a VNC viewer program. There are VNC viewers for Unix, Windows, MacOS, Java-enabled web browsers, and even - for PDA's like the Palm Pilot! You can use any of them to connect to - x11vnc (see the above VNC links under "Background:" on how to obtain a - viewer for your platform or see [46]this FAQ. For Solaris, vncviewer - is available in the [47]Companion CD package SFWvnc.) + for PDA's like the Palm Pilot and Cell Phones! You can use any of them + to connect to x11vnc (see the above VNC links under "Background:" on + how to obtain a viewer for your platform or see [48]this FAQ. For + Solaris, vncviewer is available in the [49]Companion CD package + SFWvnc.) In this example we'll use the Unix vncviewer program on sitting-here by typing the following command in a second terminal window: @@ -223,36 +226,36 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick That should pop up a viewer window on sitting-here.west showing and allowing interaction with the far-away.east:0 X11 desktop. Pretty nifty! When finished, exit the viewer: the remote x11vnc process will - shutdown automatically (or you can use the [48]-forever option to have + shutdown automatically (or you can use the [50]-forever option to have it wait for additional viewer connections.) - Common Gotcha: Nowadays there will likely be a host-level [49]firewall + Common Gotcha: Nowadays there will likely be a host-level [51]firewall on the x11vnc side that is blocking remote access to the VNC port (e.g. 5900.) You will either have to open up that port (or a range of - ports) in your firewall administration tool, or try the [50]SSH + ports) in your firewall administration tool, or try the [52]SSH tunnelling method below (even still the firewall must allow in the SSH port, 22.) Shortcut: Of course if you left x11vnc running on far-away.east:0 in a - terminal window with the [51]-forever option or as a [52]service, + terminal window with the [53]-forever option or as a [54]service, you'd only have to do Step 3 as you moved around. Be sure to use a VNC - [53]Password or [54]other measures if you do that. + [55]Password or [56]other measures if you do that. Super Shortcut: Here is a potentially very easy way to get all of it working. * Have x11vnc (0.9.3 or later) available to run on the remote host (i.e. in $PATH.) - * Download and unpack a [55]SSVNC bundle (1.0.19 or later, e.g. - [56]ssvnc_no_windows-1.0.23.tar.gz) on the Viewer-side machine. + * Download and unpack a [57]SSVNC bundle (1.0.19 or later, e.g. + [58]ssvnc_no_windows-1.0.23.tar.gz) on the Viewer-side machine. * Start the SSVNC Terminal Services mode GUI: ./ssvnc/bin/tsvnc * Enter your remote username@hostname (e.g. fred@far-away.east) in the "VNC Terminal Server" entry. * Click "Connect". That will do an SSH to username@hostname and start up x11vnc and then - connect a VNC Viewer through the SSH [57]encrypted tunnel. + connect a VNC Viewer through the SSH [59]encrypted tunnel. There are a number of things assumed here, first that you are able to SSH into the remote host; i.e. that you have a Unix account there and @@ -261,7 +264,7 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick plink binary is included in the SSVNC bundle.) Finally, it is assumed that you are already logged into an X session on the remote machine, e.g. your workstation (otherwise, a virtual X server, e.g. Xvfb, will - be [58]started for you.) + be [60]started for you.) In some cases the remote SSH server will not run commands with the same $PATH that you normally have in your shell there. In this case @@ -283,7 +286,7 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick For these cases it should be obvious how it is done. The above steps will work, but more easily the user sitting at far-away.east:0 simply starts up x11vnc from a terminal window, after which the guests would - start their VNC viewers. For this usage mode the "[59]-connect + start their VNC viewers. For this usage mode the "[61]-connect host1,host2" option may be of use to automatically connect to the vncviewers in "-listen" mode on the list of hosts. _________________________________________________________________ @@ -319,7 +322,7 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick Note that "x11vnc -localhost ..." limits incoming vncviewer connections to only those from the same machine. This is very natural for ssh tunnelling (the redirection appears to come from the same - machine.) Use of a [60]VNC password is also strongly recommended. + machine.) Use of a [62]VNC password is also strongly recommended. Note also the -t we used above (force allocate pseudoterminal), it actually seems to improve interactive typing response via VNC! @@ -335,16 +338,16 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick Some VNC viewers will do the ssh tunnelling for you automatically, the TightVNC Unix vncviewer does this when the "-via far-away.east" option is supplied to it (this requires x11vnc to be already running on - far-away.east or having it started by [61]inetd(8).) See the 3rd - script example [62]below for more info. + far-away.east or having it started by [63]inetd(8).) See the 3rd + script example [64]below for more info. - SSVNC: You may also want to look at the [63]Enhanced TightVNC Viewer + SSVNC: You may also want to look at the [65]Enhanced TightVNC Viewer (ssvnc) bundles because they contain scripts and GUIs to automatically set up SSH tunnels (e.g. the GUI, "ssvnc", does it automatically and so does this command: "ssvnc_cmd -ssh user@far-away.east:0") and can even start up x11vnc as well. - The [64]Terminal Services mode of SSVNC is perhaps the easiest way to + The [66]Terminal Services mode of SSVNC is perhaps the easiest way to use x11vnc. You just need to have x11vnc available in $PATH on the remote side (and can SSH to the host), and then on the viewer-side you type something like: @@ -368,13 +371,13 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick Once logged in, you'll need to do a second login (ssh, rsh, etc.) to the workstation machine 'OtherHost' and then start up x11vnc on it (if - it isn't already running.) (The "[65]-connect gateway:59xx" option may + it isn't already running.) (The "[67]-connect gateway:59xx" option may be another alternative here with the viewer already in -listen mode.) For an automatic way to use a gateway and have all the network traffic - encrypted (including inside the firewall) see [66]Chaining SSH's. + encrypted (including inside the firewall) see [68]Chaining SSH's. These gateway access modes also can be done automatically for you via - the "Proxy/Gateway" setting in [67]SSVNC (including the Chaining SSH's + the "Proxy/Gateway" setting in [69]SSVNC (including the Chaining SSH's case, "Double Proxy".) Firewalls/Routers: @@ -390,7 +393,7 @@ to: http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick One thing that can be done is to redirect a port on the Firewall/Router to, say, the SSH port (22) on an inside machine (how to do this depends on your particular Firewall/Router, often the - router config URL is http://192.168.100.1 See [68]www.portforward.com + router config URL is http://192.168.100.1 See [70]www.portforward.com for more info.) This way you reach these computers from anywhere on the Internet and use x11vnc to view X sessions running on them. @@ -408,7 +411,7 @@ nc -localhost -display :0' Where far-away.east means the hostname (or IP) that the Router/Firewall is using (for home setups this is usually the IP - gotten from your ISP via DHCP, the site [69]http://www.whatismyip.com/ + gotten from your ISP via DHCP, the site [71]http://www.whatismyip.com/ is a convenient way to determine what it is.) It is a good idea to add some obscurity to accessing your system via @@ -419,7 +422,7 @@ nc -localhost -display :0' Port 22 -> 192.168.1.3, Port 22 (SSH) Again, this SSH gateway access can be done automatically for you via - the "Proxy/Gateway" setting in [70]SSVNC. And under the "Remote SSH + the "Proxy/Gateway" setting in [72]SSVNC. And under the "Remote SSH Command" setting you can enter the x11vnc -localhost -display :0. Host-Level-Firewalls: even with the hardware Firewall/Router problem @@ -436,7 +439,7 @@ nc -localhost -display :0' Port 5901 -> 192.168.1.4, Port 5900 (VNC) (where 192.168.1.3 is "jills-pc" and 192.168.1.4 is "freds-pc".) This - could be used for normal, unencrypted connections and also for [71]SSL + could be used for normal, unencrypted connections and also for [73]SSL encrypted ones. The the VNC displays to enter in the VNC viewer would be, say, @@ -450,7 +453,7 @@ nc -localhost -display :0' vncviewer 24.56.78.93:0 The IP address would need to be communicated to the person running the - VNC Viewer. The site [72]http://www.whatismyip.com/ can help here. + VNC Viewer. The site [74]http://www.whatismyip.com/ can help here. _________________________________________________________________ @@ -459,7 +462,7 @@ nc -localhost -display :0' above port and display numbers may change a bit (e.g. -> 5901 and :1). However, if you "know" port 5900 will be free on the local and remote machines, you can easily automate the above two steps by using the - x11vnc option [73]-bg (forks into background after connection to the + x11vnc option [75]-bg (forks into background after connection to the display is set up) or using the -f option of ssh. Some example scripts are shown below. Feel free to try the ssh -C to enable its compression and see if that speeds things up noticeably. @@ -492,7 +495,7 @@ done #2. Another method is to start the VNC viewer in listen mode "vncviewer -listen" and have x11vnc initiate a reverse connection - using the [74]-connect option: + using the [76]-connect option: #!/bin/sh # usage: x11vnc_ssh <host>:<xdisplay> # e.g.: x11vnc_ssh snoopy.peanuts.com:0 @@ -535,7 +538,7 @@ export VNC_VIA_CMD vncviewer -via $host localhost:0 # must be TightVNC vncviewer. Of course if you already have the x11vnc running waiting for - connections (or have it started out of [75]inetd(8)), you can simply + connections (or have it started out of [77]inetd(8)), you can simply use the TightVNC "vncviewer -via gateway host:port" in its default mode to provide secure ssh tunnelling. _________________________________________________________________ @@ -543,38 +546,38 @@ vncviewer -via $host localhost:0 # must be TightVNC vncviewer. VNC password file: Also note in the #1. example script that the - [76]option "-rfbauth .vnc/passwd" provides additional protection by + [78]option "-rfbauth .vnc/passwd" provides additional protection by requiring a VNC password for every VNC viewer that connects. The - vncpasswd or storepasswd programs, or the x11vnc [77]-storepasswd + vncpasswd or storepasswd programs, or the x11vnc [79]-storepasswd option can be used to create the password file. x11vnc also has the - slightly less secure [78]-passwdfile and "-passwd XXXXX" [79]options + slightly less secure [80]-passwdfile and "-passwd XXXXX" [81]options to specify passwords. Very Important: It is up to YOU to tell x11vnc to use password protection (-rfbauth or -passwdfile), it will NOT do it for you - automatically or force you to (use [80]-usepw if you want to be forced + automatically or force you to (use [82]-usepw if you want to be forced to.) The same goes for encrypting the channel between the viewer and - x11vnc: it is up to you to use ssh, stunnel, [81]-ssl mode, a VPN, - etc. (use the [82]Enhanced TightVNC Viewer (SSVNC) GUI if you want to + x11vnc: it is up to you to use ssh, stunnel, [83]-ssl mode, a VPN, + etc. (use the [84]Enhanced TightVNC Viewer (SSVNC) GUI if you want to be forced to use SSL or SSH.) For additional safety, also look into - the -allow and -localhost [83]options and building x11vnc with - [84]tcp_wrappers support to limit host access. + the -allow and -localhost [85]options and building x11vnc with + [86]tcp_wrappers support to limit host access. _________________________________________________________________ Tunnelling x11vnc via SSL/TLS: One can also encrypt the VNC traffic using an SSL/TLS tunnel such as - [85]stunnel.mirt.net (also [86]stunnel.org) or using the built-in - (Mar/2006) [87]-ssl openssl mode. A SSL-enabled Java applet VNC Viewer + [87]stunnel.mirt.net (also [88]stunnel.org) or using the built-in + (Mar/2006) [89]-ssl openssl mode. A SSL-enabled Java applet VNC Viewer is also provided in the x11vnc package (and https can be used to download it.) Although not as ubiquitous as ssh, SSL tunnelling still provides a - useful alternative. See [88]this FAQ on -ssl and -stunnel modes for + useful alternative. See [90]this FAQ on -ssl and -stunnel modes for details and examples. - The [89]Enhanced TightVNC Viewer (SSVNC) bundles contain some + The [91]Enhanced TightVNC Viewer (SSVNC) bundles contain some convenient utilities to automatically set up an SSL tunnel from the viewer-side (i.e. to connect to "x11vnc -ssl ...".) And many other enhancements too. @@ -582,29 +585,29 @@ vncviewer -via $host localhost:0 # must be TightVNC vncviewer. Downloading x11vnc: - x11vnc is a contributed program to the [90]LibVNCServer project at + x11vnc is a contributed program to the [92]LibVNCServer project at SourceForge.net. I use libvncserver for all of the VNC aspects; I couldn't have done without it. The full source code may be found and downloaded (either file-release tarball or GIT tree) from the above - link. As of Dec 2009, the [91]x11vnc-0.9.9.tar.gz source package is - released (recommended download). The [92]x11vnc 0.9.9 release notes. + link. As of Dec 2009, the [93]x11vnc-0.9.9.tar.gz source package is + released (recommended download). The [94]x11vnc 0.9.9 release notes. The x11vnc package is the subset of the libvncserver package needed to build the x11vnc program. Also, you can get a copy of my latest, - bleeding edge [93]x11vnc-0.9.10.tar.gz tarball to build the most up to - date one. + bleeding edge [95]x11vnc-0.9.10-dev.tar.gz tarball to build the most + up to date one. - Precompiled Binaries/Packages: See the [94]FAQ below for information + Precompiled Binaries/Packages: See the [96]FAQ below for information about where you might obtain a precompiled x11vnc binary from 3rd parties and some ones I create. VNC Viewers: To obtain VNC viewers for the viewing side (Windows, Mac OS, or Unix) try these links: - * [95]http://www.tightvnc.com/download.html - * [96]http://www.realvnc.com/download-free.html - * [97]http://sourceforge.net/projects/cotvnc/ - * [98]http://www.ultravnc.com/ - * [99]Our Enhanced TightVNC Viewer (SSVNC) + * [97]http://www.tightvnc.com/download.html + * [98]http://www.realvnc.com/download-free.html + * [99]http://sourceforge.net/projects/cotvnc/ + * [100]http://www.ultravnc.com/ + * [101]Our Enhanced TightVNC Viewer (SSVNC) [ssvnc.gif] @@ -617,16 +620,16 @@ vncviewer -via $host localhost:0 # must be TightVNC vncviewer. rx11vnc.pl that attempts to tunnel the vnc traffic through an ssh port redirection (and does not assume port 5900 is free.) Have a look at them to see what they do and customize as needed: - * [100]rx11vnc wrapper script - * [101]rx11vnc.pl wrapper script to tunnel traffic thru ssh + * [102]rx11vnc wrapper script + * [103]rx11vnc.pl wrapper script to tunnel traffic thru ssh _________________________________________________________________ Building x11vnc: - Make sure you have all the needed [102]build/compile/development + Make sure you have all the needed [104]build/compile/development packages installed (e.g. Linux distributions foolishly don't install - them by default.) + them by default.) See this [105]build FAQ for more details. If your OS has libjpeg.so and libz.so in standard locations you can build as follows (example given for the 0.9.9 release of x11vnc: @@ -653,8 +656,8 @@ vncviewer -via $host localhost:0 # must be TightVNC vncviewer. Note: Currently gcc is recommended to build libvncserver. In some cases it will build with non-gcc compilers, but the resulting binary sometimes fails to run properly. For Solaris pre-built gcc binaries - are at [103]http://www.sunfreeware.com/. Some Solaris pre-built x11vnc - binaries are [104]here. + are at [106]http://www.sunfreeware.com/. Some Solaris pre-built x11vnc + binaries are [107]here. However, one user reports it does work fine when built with Sun Studio 10, so YMMV. In fact, here is a little build script to do this on @@ -674,12 +677,12 @@ export MAKE AM_CFLAGS $MAKE In general you can use the "make -e" trick if you don't like - libvncserver's choice of AM_CFLAGS. See the [105]build scripts below + libvncserver's choice of AM_CFLAGS. See the [108]build scripts below for more ideas. Scripts similar to the above have been shown to work with vendor C compilers on HP-UX (ccom: HP92453-01) and Tru64 (Compaq C V6.5-011.) - You can find information on [106]Misc. Build problems here. + You can find information on [109]Misc. Build problems here. _________________________________________________________________ @@ -717,9 +720,9 @@ r/sfw; make' If your system does not have these libraries at all you can get the source for the libraries to build them: libjpeg is available at - [107]ftp://ftp.uu.net/graphics/jpeg/ and zlib at - [108]http://www.gzip.org/zlib/. See also - [109]http://www.sunfreeware.com/ for Solaris binary packages of these + [110]ftp://ftp.uu.net/graphics/jpeg/ and zlib at + [111]http://www.gzip.org/zlib/. See also + [112]http://www.sunfreeware.com/ for Solaris binary packages of these libraries as well as for gcc. Normally they will install into /usr/local but you can install them anywhere with the --prefix=/path/to/anywhere, etc. @@ -789,10 +792,10 @@ ls -l ./x11vnc/x11vnc --with-zlib=DIR" options are handy if you want to avoid making a script. - If you need to link OpenSSL libssl.a on Solaris see this [110]method. + If you need to link OpenSSL libssl.a on Solaris see this [113]method. If you need to build on Solaris 2.5.1 or earlier or other older Unix - OS's, see [111]this workaround FAQ. + OS's, see [114]this workaround FAQ. Building on FreeBSD, OpenBSD, ...: The jpeg libraries seem to be in @@ -852,7 +855,7 @@ make is something like "/usr/bin/X11/X -force -vfb -ac :1". - Building on Mac OS X: There is now [112]native Mac OS X support for + Building on Mac OS X: There is now [115]native Mac OS X support for x11vnc by using the raw framebuffer feature. This mode does not use or need X11 at all. To build you may need to disable X11: ./configure --without-x ... @@ -866,7 +869,7 @@ make OpenSSL: Starting with version 0.8.3 x11vnc can now be built with - [113]SSL/TLS support. For this to be enabled the libssl.so library + [116]SSL/TLS support. For this to be enabled the libssl.so library needs to be available at build time. So you may need to have additional CPPFLAGS and LDFLAGS items if your libssl.so is in a non-standard place. As of x11vnc 0.9.4 there is also the @@ -892,34 +895,72 @@ make Spring 2010. The version 0.9.10 beta tarball is kept here: - [114]x11vnc-0.9.10.tar.gz + [117]x11vnc-0.9.10-dev.tar.gz There are also some Linux, Solaris, Mac OS X, and other OS test - binaries [115]here. Please kick the tires and report bugs, performance - regressions, undesired behavior, etc. to [116]me. + binaries [118]here. Please kick the tires and report bugs, performance + regressions, undesired behavior, etc. to [119]me. - To aid testing of the [117]built-in SSL/TLS support for x11vnc, a + To aid testing of the [120]built-in SSL/TLS support for x11vnc, a number of VNC Viewer packages for Unix, Mac OS X, and Windows have been created that provide SSL Support for the TightVNC Viewer (this is - done by [118]wrapper scripts and a GUI that starts [119]STUNNEL.) It + done by [121]wrapper scripts and a GUI that starts [122]STUNNEL.) It should be pretty convenient for automatic SSL and SSH connections. It - is described in detail at and can be downloaded from the [120]Enhanced + is described in detail at and can be downloaded from the [123]Enhanced TightVNC Viewer (SSVNC) page. The SSVNC Unix viewer also supports - x11vnc's symmetric key [121]encryption ciphers (see the 'UltraVNC DSM + x11vnc's symmetric key [124]encryption ciphers (see the 'UltraVNC DSM Encryption Plugin' settings panel.) Here are some features that will appear in the 0.9.10 release: - * The [122]Xdummy wrapper script for Xorg's dummy driver is updated + * The included SSL enabled Java applet viewer now supports Chained + SSL Certificates. The debugCerts=yes applet parameter aids + troubleshooting certificate validation. The x11vnc [125]-ssl mode + has always supported [126]chained SSL certificates (simply put the + intermediate certificates, in order, after the server certificate + in the pem file.) + * A bug has been fixed that would prevent the Java applet viewer + from being downloaded successfully in single-port HTTPS/VNC inetd + mode. The env. var. X11VNC_HTTPS_DOWNLOAD_WAIT_TIME can be used to + adjust for how many seconds a [127]-inetd or [128]-https httpd + download is waited for (default 15 seconds.) + * The [129]-sslScripts option prints out the SSL certificate + management scripts. + * A demo CGI script [130]desktop.cgi shows how to create a + multi-user x11vnc web login desktop service. The user logs into a + secure web site and gets his/her own virtual desktop ([131]Xvfb.) + x11vnc's SSL enabled Java Viewer Applet is launched by the web + browser for secure viewing (and so no software needs to be + installed on the viewer-side.) One can use the desktop.cgi script + for ideas to create their own fancier or customized web login + desktop service (e.g. user-creation, PHP, SQL, specialized desktop + application, etc.) More info [132]here. There is also an optional + 'port redirection' mode that allows redirection to other SSL + enabled VNC servers running inside the firewall. + * The [133]Xdummy wrapper script for Xorg's dummy driver is updated and no longer requires being run as root. New service options are provided to select Xdummy over Xvfb as the virtual X server to be created. + * The "%" unix password verification tricks for the [134]-unixpw + option are now documented. They have also been extended to run a + command as the user if one sets the environment variable + UNIXPW_CMD. The desktop.cgi demo script takes advantage of this + new feature. + * The TightVNC sercurity type (TightVNC features enabler) now works + for RFB version 3.8. + * A transitional tool is provided in [135]inet6to4 to allow x11vnc + to receive connections over [136]IPv6. + * The X property X11VNC_TRAP_XRANDR can be set on a desktop to force + x11vnc to use the [137]-xrandr screen size change trapping code. + * New remote control query options: pointer_x, pointer_y, + pointer_same, and pointer_root. A demo script using them + misc/panner.pl is provided. Here are some features that appeared in the 0.9.9 release (Dec/2009): - * The [123]-unixpw_system_greeter option, when used in combined + * The [138]-unixpw_system_greeter option, when used in combined unixpw and XDMCP FINDCREATEDISPLAY mode (for example: - [124]-xdmsvc), enables the user to press Escape to jump directly + [139]-xdmsvc), enables the user to press Escape to jump directly to the XDM/GDM/KDM login greeter screen. This way the user avoids entering his unix password twice at X session creation time. Also, the unixpw login panel now has a short help displayed if the user @@ -929,10 +970,10 @@ make clients like Eggplant and JollysFastVNC continuously spray these requests at VNC servers (regardless of whether they have received any updates or not.) Under some circumstances this could lead to - x11vnc falling behind. The [125]-extra_fbur option allows one to + x11vnc falling behind. The [140]-extra_fbur option allows one to fine tune the setting. Additionally, one may also dial down - delays: e.g. "[126]-defer 5" and "[127]-wait 5" (or to 1 or even - 0) or [128]-nonap or [129]-allinput to keep up with these VNC + delays: e.g. "[141]-defer 5" and "[142]-wait 5" (or to 1 or even + 0) or [143]-nonap or [144]-allinput to keep up with these VNC clients at the expense of increased system load. * Heuristics are applied to try to determine if the X display is currently in a Display Manager Greeter Login panel (e.g. GDM) If @@ -944,9 +985,9 @@ make the use of the XFIXES cursor fetching functionality; this avoids an Xorg bug that causes Xorg to crash right after the user logs in. - * A new option [130]-findauth runs the FINDDISPLAY script that + * A new option [145]-findauth runs the FINDDISPLAY script that applies heuristics that try to determine the XAUTHORITY file. The - use of '[131]-auth guess' will use the XAUTHORITY that -findauth + use of '[146]-auth guess' will use the XAUTHORITY that -findauth reveals. This can be handy in with the lastest GDM where the ability to store cookies in ~/.Xauthority has been removed. If x11vnc is running as root (e.g. inetd) and you add -env FD_XDM=1 @@ -954,28 +995,28 @@ make the correct XAUTHORITY for the given display (this works for XDM/GDM/KDM if the login greeter panel is up or if someone has already logged into an X session.) - * The FINDDISPLAY and FINDCREATEDISPLAY modes (i.e. "[132]-display - WAIT:cmd=...", [133]-find, [134]-create) now work correctly for - the user-supplied login program scheme "[135]-unixpw_cmd ...", as + * The FINDDISPLAY and FINDCREATEDISPLAY modes (i.e. "[147]-display + WAIT:cmd=...", [148]-find, [149]-create) now work correctly for + the user-supplied login program scheme "[150]-unixpw_cmd ...", as long as the login program supports running commands specified in the environment variable "RFB_UNIXPW_CMD_RUN" as the logged-in - user. The mode "[136]-unixpw_nis ..." has also been made more + user. The mode "[151]-unixpw_nis ..." has also been made more consistent. - * The [137]-stunnel option (like [138]-ssl but uses stunnel as an - external helper program) now works with the [139]-ssl "SAVE" and - "TMP" special certificate names. The [140]-sslverify and - [141]-sslCRL options now work correctly in [142]-stunnel mode. + * The [152]-stunnel option (like [153]-ssl but uses stunnel as an + external helper program) now works with the [154]-ssl "SAVE" and + "TMP" special certificate names. The [155]-sslverify and + [156]-sslCRL options now work correctly in [157]-stunnel mode. Single port HTTPS connections are also supported for this mode. * There is an experimental Application Sharing mode that improves - upon the -id/-sid single window sharing: [143]-appshare (run + upon the -id/-sid single window sharing: [158]-appshare (run "x11vnc -appshare -help" for more info.) It is still very primitive and approximate, but at least it displays multiple top-level windows. - * The remote control command [144]-R can be used to instruct x11vnc + * The remote control command [159]-R can be used to instruct x11vnc to resend its most recent copy of the Clipboard, Primary, or Cutbuffer selections: "x11vnc -R resend_clipboard", "x11vnc -R resend_primary", and "x11vnc -R resend_cutbuffer". - * The fonts in the GUI ([145]-gui) can now by set via environment + * The fonts in the GUI ([160]-gui) can now by set via environment variables, e.g. -env X11VNC_FONT_BOLD='Helvetica -16 bold' and -env X11VNC_FONT_FIXED='Courier -14'. * The XDAMAGE mechanism is now automatically disabled for a period @@ -985,18 +1026,18 @@ make * There is an experimental workaround: "-env X11VNC_WATCH_DX_DY=1" that tries to avoid problems with poorly constructed menu themes that place the initial position of the mouse cursor inside a menu - item's active zone. More information [146]can be found here. + item's active zone. More information [161]can be found here. Here are some features that appeared in the 0.9.8 release (Jul/2009): - * Stability improvements to [147]-threads mode. Running x11vnc this + * Stability improvements to [162]-threads mode. Running x11vnc this way is more reliable now. Threaded operation sometimes gives better interactive response and faster updates: try it out. The threaded mode now supports multiple VNC viewers using the same VNC encoding. The threaded mode can also yield a performance enhancement in the many client case (e.g. class-room broadcast.) We have tested with 30 to 50 simultaneous clients. See also - [148]-reflect. + [163]-reflect. For simultaneous clients: the ZRLE encoding is thread safe on all platforms, and the Tight and Zlib encodings are currently only thread safe on Linux where thread local storage, __thread, is @@ -1005,12 +1046,12 @@ make connected client, all encodings are safe on all platforms. Note that some features (e.g. scroll detection and -ncache) may be disabled or run with reduced functionality in -threads mode. - * Automatically tries to work around an [149]Xorg server bug + * Automatically tries to work around an [164]Xorg server bug involving infinitely repeating keys when turning off key - repeating. Use [150]-repeat if the automatic workaround fails. + repeating. Use [165]-repeat if the automatic workaround fails. * Improved reliability of the Single Port SSL VNC and HTTPS java viewer applet delivery mechanism. - * The [151]-clip mode works under [152]-rawfb. + * The [166]-clip mode works under [167]-rawfb. Here are some features that appeared in the 0.9.7 release (Mar/2009): @@ -1020,38 +1061,38 @@ make case the special file /dev/vcsa2 is used to retrieve vt2's current text. Text and colors are shown, but no graphics. * Support for less than 8 bits per pixel framebuffers (e.g. 4 or 1 - bpp) in the [153]-rawfb mode. + bpp) in the [168]-rawfb mode. * The SSL enabled UltraVNC Java viewer applet now has a [Home] entry in the "drives" drop down menu. This menu can be configured with the ftpDropDown applet parameter. All of the applet parameters are documented in classes/ssl/README. - * Experimental support for [154]VirtualGL's [155]TurboVNC (an + * Experimental support for [169]VirtualGL's [170]TurboVNC (an enhanced TightVNC for fast LAN high framerate usage.) * The CUPS Terminal Services helper mode has been improved. - * Improvements to the [156]-ncache_cr that allows smooth opaque + * Improvements to the [171]-ncache_cr that allows smooth opaque window motions using the 'copyrect' encoding when using - [157]-ncache mode. - * The [158]-rmflag option enables a way to indicate to other + [172]-ncache mode. + * The [173]-rmflag option enables a way to indicate to other processes x11vnc has exited. * Reverse connections using anonymous Diffie Hellman SSL encryption now work. Here are some features that appeared in the 0.9.6 release (Dec/2008): - * Support for [159]VeNCrypt SSL/TLS encrypted connections. It is - enabled by default in the [160]-ssl mode. VNC Viewers like - vinagre, gvncviewer/gtk-vnc, the vencrypt package, [161]SSVNC, and + * Support for [174]VeNCrypt SSL/TLS encrypted connections. It is + enabled by default in the [175]-ssl mode. VNC Viewers like + vinagre, gvncviewer/gtk-vnc, the vencrypt package, [176]SSVNC, and others support this encryption mode. It can also be used with the - [162]-unixpw option to enable Unix username and password + [177]-unixpw option to enable Unix username and password authentication (VeNCrypt's "*Plain" modes.) A similar but older VNC security type "ANONTLS" (used by vino) is supported as well. - See the [163]-vencrypt and [164]-anontls options for additional + See the [178]-vencrypt and [179]-anontls options for additional control. The difference between x11vnc's normal -ssl mode and VeNCrypt is that the former wraps the entire VNC connection in SSL (like HTTPS does for HTTP, i.e. "vncs://") while VeNCrypt switches on the SSL/TLS at a certain point during the VNC handshake. Use - [165]-sslonly to disable both VeNCrypt and ANONTLS (vino.) - * The "[166]-ssl ANON" option enables Anonymous Diffie-Hellman (ADH) + [180]-sslonly to disable both VeNCrypt and ANONTLS (vino.) + * The "[181]-ssl ANON" option enables Anonymous Diffie-Hellman (ADH) key exchange for x11vnc's normal SSL/TLS operation. Note that Anonymous Diffie-Hellman uses encryption for privacy, but provides no authentication and so is susceptible to Man-In-The-Middle @@ -1059,17 +1100,17 @@ make SAVE", etc. and have the VNC viewer verify the cert.) The ANONTLS mode (vino) only supports ADH. VeNCrypt mode supports both ADH and regular X509 SSL certificates modes. For these ADH is enabled by - default. See [167]-vencrypt and [168]-anontls for how to disable + default. See [182]-vencrypt and [183]-anontls for how to disable ADH. * For x11vnc's SSL/TLS modes, one can now specify a Certificate - Revocation List (CRL) with the [169]-sslCRL option. This will only + Revocation List (CRL) with the [184]-sslCRL option. This will only be useful for wide deployments: say a company-wide x11vnc SSL access deployment using a central Certificate Authority (CA) via - [170]-sslGenCA and [171]-sslGenCert. This way if a user has his + [185]-sslGenCA and [186]-sslGenCert. This way if a user has his laptop lost or stolen, you only have to revoke his key instead of creating a new Certificate Authority and redeploying new keys to all users. - * The default SSL/TLS mode, "[172]-ssl" (no pem file parameter + * The default SSL/TLS mode, "[187]-ssl" (no pem file parameter supplied), is now the same as "-ssl SAVE" and will save the generated self-signed cert in "~/.vnc/certs/server.pem". Previously "-ssl" would create a temporary self-signed cert that @@ -1079,45 +1120,45 @@ make same x11vnc server. Use "-ssl TMP" to regain the previous behavior. Use "-ssl SAVE_NOPROMPT" to avoid being prompted about using passphrase when the certificate is created. - * The option [173]-http_oneport enables single-port HTTP connections + * The option [188]-http_oneport enables single-port HTTP connections via the Java VNC Viewer. So, for example, the web browser URL "http://myhost.org:5900" works the same as "http://myhost.org:5800", but with the convenience of only involving one port instead of two. This works for both unencrypted - connections and for SSH tunnels (see [174]-httpsredir if the + connections and for SSH tunnels (see [189]-httpsredir if the tunnel port differs.) Note that HTTPS single-port operation in - [175]-ssl SSL encrypted mode has been available since x11vnc + [190]-ssl SSL encrypted mode has been available since x11vnc version 0.8.3. - * For the [176]-avahi/[177]-zeroconf Service Advertizing mode, if + * For the [191]-avahi/[192]-zeroconf Service Advertizing mode, if x11vnc was not compiled with the avahi-client library, then an external helper program, either avahi-publish(1) (on Unix) or dns-sd(1) (on Mac OS X), is used instead. - * The "[178]-rfbport PROMPT" option will prompt the user via the GUI + * The "[193]-rfbport PROMPT" option will prompt the user via the GUI to select the VNC port (e.g. 5901) to listen on, and a few other basic settings. This enables a handy GUI mode for naive users: x11vnc -gui tray=setpass -rfbport PROMPT -logfile $HOME/.x11vnc.log.%VNCDISP LAY suitable for putting in a launcher or menu, e.g. - [179]x11vnc.desktop. The [180]-logfile expansion is new too. In + [194]x11vnc.desktop. The [195]-logfile expansion is new too. In the GUI, the tray=setpass Properties panel has been improved. - * The [181]-solid solid background color option now works for the + * The [196]-solid solid background color option now works for the Mac OS X console. - * The [182]-reopen option instructs x11vnc to try to reopen the X + * The [197]-reopen option instructs x11vnc to try to reopen the X display if it is prematurely closed by, say, the display manager - (e.g. [183]GDM.) + (e.g. [198]GDM.) Here are some features that appeared in the 0.9.5 release (Oct/2008): - * Symmetric key [184]encryption ciphers. ARC4, AES-128, AES-256, + * Symmetric key [199]encryption ciphers. ARC4, AES-128, AES-256, blowfish, and 3des are supported. Salt and initialization vector seeding is provided. These compliment the more widely used SSL and - SSH encryption access methods. [185]SSVNC also supports these + SSH encryption access methods. [200]SSVNC also supports these encryption modes. * Scaling differently along the X- and Y-directions. E.g. - "[186]-scale 1280x1024" or "-scale 0.8x0.75" Also, - "[187]-geometry WxH" is an alias for "-scale WxH" + "[201]-scale 1280x1024" or "-scale 0.8x0.75" Also, + "[202]-geometry WxH" is an alias for "-scale WxH" * By having SSVNC version 1.0.21 or later available in your $PATH, - the [188]-chatwindow option allows a UltraVNC Text Chat window to + the [203]-chatwindow option allows a UltraVNC Text Chat window to appear on the local X11 console/display (this way the remote viewer can chat with the person at the physical display; e.g. helpdesk mode.) This also works on the Mac OS X console if the @@ -1129,47 +1170,47 @@ LAY Here are some features that appeared in the 0.9.4 release (Sep/2008): - * Improvements to the [189]-find and [190]-create X session finding + * Improvements to the [204]-find and [205]-create X session finding or creating modes: new desktop types and service redirection options. Personal cupsd daemon and SSH port redirection helper for - use with [191]SSVNC's Terminal Services feature. - * Reverse VNC connections via [192]-connect work in the [193]-find, - [194]-create and related [195]-display WAIT:... modes. + use with [206]SSVNC's Terminal Services feature. + * Reverse VNC connections via [207]-connect work in the [208]-find, + [209]-create and related [210]-display WAIT:... modes. * Reverse VNC connections (either normal or SSL) can use a Web Proxy or a SOCKS proxy, or a SSH connection, or even a CGI URL to make - the outgoing connection. See: [196]-proxy. Forward connections can - also use: [197]-ssh. - * Reverse VNC connections via the [198]UltraVNC repeater proxy + the outgoing connection. See: [211]-proxy. Forward connections can + also use: [212]-ssh. + * Reverse VNC connections via the [213]UltraVNC repeater proxy (either normal or SSL) are supported. Use either the - "[199]-connect repeater=ID:NNNN+host:port" or "[200]-connect - repeater://host:port+ID:NNNN" notation. The [201]SSVNC VNC viewer + "[214]-connect repeater=ID:NNNN+host:port" or "[215]-connect + repeater://host:port+ID:NNNN" notation. The [216]SSVNC VNC viewer also supports the UltraVNC repeater. Also, a perl repeater - implemention is here: [202]ultravnc_repeater.pl + implemention is here: [217]ultravnc_repeater.pl * Support for indexed colormaps (PseudoColor) with depths other than 8 (from 1 to 16 now work) for non-standard hardware. Option - "[203]-advertise_truecolor" to handle some workaround in this + "[218]-advertise_truecolor" to handle some workaround in this mode. * Support for the ZYWRLE encoding, this is the RealVNC ZRLE encoding extended to do motion video and photo regions more efficiently by way of a Wavelet based transformation. - * The [204]-finddpy and [205]-listdpy utilities help to debug and - configure the [206]-find, [207]-create, and [208]-display WAIT:... + * The [219]-finddpy and [220]-listdpy utilities help to debug and + configure the [221]-find, [222]-create, and [223]-display WAIT:... modes. * Some automatic detection of screen resizes are handled even if the - [209]-xrandr option is not supplied. - * The [210]-autoport options gives more control over the VNC port + [224]-xrandr option is not supplied. + * The [225]-autoport options gives more control over the VNC port x11vnc chooses. - * The [211]-ping secs can be used to help keep idle connections + * The [226]-ping secs can be used to help keep idle connections alive. * Pasting of the selection/clipboard into remote applications (e.g. Java) has been improved. * Fixed a bug if a client disconnects during the 'speed-estimation' phase. * To unset Caps_Lock, Num_Lock and raise all keys in the X server - use [212]-clear_all. + use [227]-clear_all. * Usage with dvorak keyboards has been improved. See also: - [213]-xkb. - * The [214]Java Viewer applet source code is now included in the + [228]-xkb. + * The [229]Java Viewer applet source code is now included in the x11vnc-0.9.*.tar.gz tarball. This means you can now build the Java viewer applet jar files from source. If you stopped shipping the Java viewer applet jar files due to lack of source code, you can @@ -1177,7 +1218,7 @@ LAY Here are some features that appeared in the 0.9.3 release (Oct/2007): - * [215]Viewer-side pixmap caching. A large area of pixels (at least + * [230]Viewer-side pixmap caching. A large area of pixels (at least 2-3 times as big as the framebuffer itself; the bigger the better... default is 10X) is placed below the framebuffer to act as a buffer/cache area for pixel data. The VNC CopyRect encoding @@ -1185,7 +1226,7 @@ LAY Until we start modifying viewers you will be able to see the cache area if you scroll down (this makes it easier to debug!) For testing the default is "-ncache 10". The unix Enhanced TightVNC - Viewer [216]ssvnc has a nice [217]-ycrop option to help hide the + Viewer [231]ssvnc has a nice [232]-ycrop option to help hide the pixel cache area from view. @@ -1198,14 +1239,14 @@ LAY * If UltraVNC file transfer or chat is detected, then VNC clients are "pinged" more often to prevent these side channels from becoming serviced too infrequently. - * In [218]-unixpw mode in the username and password dialog no text + * In [233]-unixpw mode in the username and password dialog no text will be echoed if the first character sent is "Escape". This enables a convenience feature in SSVNC to send the username and password automatically. Here are some features that appeared in the 0.9.1 release (May/2007): - * The [219]UltraVNC Java viewer has been enhanced to support SSL (as + * The [234]UltraVNC Java viewer has been enhanced to support SSL (as the TightVNC viewer had been previously.) The UltraVNC Java supports ultravnc filetransfer, and so can be used as a VNC viewer on Unix that supports ultravnc filetransfer. It is in the @@ -1216,12 +1257,12 @@ LAY Some other bugs in the UltraVNC Java viewer were fixed and a few improvements to the UI made. * A new Unix username login mode for VNC Viewers authenticated via a - Client SSL Certificate: "[220]-users sslpeer=". The emailAddress + Client SSL Certificate: "[235]-users sslpeer=". The emailAddress subject field is inspected for username@hostname and then acts as though "-users +username" has been supplied. This way the Unix username is identified by (i.e. simply extracted from) the Client - SSL Certificate. This could be useful with [221]-find, - [222]-create and [223]-svc modes if you are also have set up and + SSL Certificate. This could be useful with [236]-find, + [237]-create and [238]-svc modes if you are also have set up and use VNC Client SSL Certificate authentication. * For external display finding/creating programs (e.g. WAIT:cmd=...) if the VNC Viewer is authenticated via a Client SSL Certificate, @@ -1230,41 +1271,41 @@ LAY Here are some features that appeared in the 0.9 release (Apr/2007): - * [224]VNC Service advertising via mDNS / ZeroConf / BonJour with - the [225]Avahi client library. Enable via "[226]-avahi" or - "[227]-zeroconf". + * [239]VNC Service advertising via mDNS / ZeroConf / BonJour with + the [240]Avahi client library. Enable via "[241]-avahi" or + "[242]-zeroconf". * Implementations of UltraVNC's TextChat, SingleWindow, and - ServerInput extensions (requires ultravnc viewer or [228]ssvnc + ServerInput extensions (requires ultravnc viewer or [243]ssvnc Unix viewer.) They toggle the selection of a single window - ([229]-id), and disable (friendly) user input and viewing (monitor + ([244]-id), and disable (friendly) user input and viewing (monitor blank) at the VNC server. - * Short aliases "[230]-find", "[231]-create", "[232]-svc", and - "[233]-xdmsvc" for commonly used FINDCREATEDISPLAY usage modes. + * Short aliases "[245]-find", "[246]-create", "[247]-svc", and + "[248]-xdmsvc" for commonly used FINDCREATEDISPLAY usage modes. * Reverse VNC connections (viewer listening) now work in SSL - ([234]-ssl) mode. + ([249]-ssl) mode. * New options to control the Monitor power state and keyboard/mouse - grabbing: [235]-forcedpms, [236]-clientdpms, [237]-noserverdpms, - and [238]-grabalways. + grabbing: [250]-forcedpms, [251]-clientdpms, [252]-noserverdpms, + and [253]-grabalways. * A simple way to emulate inetd(8) to some degree via the - "[239]-loopbg" option. - * Monitor the accuracy of XDAMAGE and apply "[240]-noxdamage" if it - is not working well. OpenGL applications like like [241]beryl and + "[254]-loopbg" option. + * Monitor the accuracy of XDAMAGE and apply "[255]-noxdamage" if it + is not working well. OpenGL applications like like [256]beryl and MythTv have been shown to make XDAMAGE not work properly. * For Java SSL connections involving a router/firewall port - redirection, an option [242]-httpsredir to spare the user from + redirection, an option [257]-httpsredir to spare the user from needing to include &PORT=NNN in the browser URL. Here are some features that appeared in the 0.8.4 release (Feb/2007): - * Native [243]Mac OS X Aqua/Quartz support. (i.e. OSXvnc + * Native [258]Mac OS X Aqua/Quartz support. (i.e. OSXvnc alternative; some activities are faster) - * A [244]new login mode: "-display WAIT:cmd=FINDCREATEDISPLAY + * A [259]new login mode: "-display WAIT:cmd=FINDCREATEDISPLAY -unixpw ..." that will Create a new X session (either virtual or real and with or without a display manager, e.g. kdm) for the user if it cannot find the user's X session display via the FINDDISPLAY - method. See the [245]-svc and the [246]-xdmsvc aliases. - * x11vnc can act as a VNC [247]reflector/repeater using the - "[248]-reflect host:N" option. Instead of polling an X display, + method. See the [260]-svc and the [261]-xdmsvc aliases. + * x11vnc can act as a VNC [262]reflector/repeater using the + "[263]-reflect host:N" option. Instead of polling an X display, the remote VNC Server host:N is connected to and re-exported via VNC. This is intended for use in broadcasting a display to many (e.g. > 16; classroom or large demo) VNC viewers where bandwidth @@ -1272,16 +1313,16 @@ LAY number of repeaters. * Wireframe copyrect detection for local user activity (e.g. someone sitting at the physical display moving windows) Use - [249]-nowireframelocal to disable. - * The "[250]-N" option couples the VNC Display number to the X + [264]-nowireframelocal to disable. + * The "[265]-N" option couples the VNC Display number to the X Display number. E.g. if your X DISPLAY is :2 then the VNC display will be :2 (i.e. using port 5902.) If that port is taken x11vnc will exit. - * Option [251]-nodpms to avoid problems with programs like KDE's + * Option [266]-nodpms to avoid problems with programs like KDE's kdesktop_lock that keep restarting the screen saver every few seconds. * To automatically fix the common mouse motion problem on XINERAMA - (multi-headed) displays, the [252]-xwarppointer option is enabled + (multi-headed) displays, the [267]-xwarppointer option is enabled by default when XINERAMA is active. If you have a Mac please try out the native Mac OS X support, build @@ -1291,62 +1332,62 @@ LAY Here are some features that appeared in the 0.8.3 release (Nov/2006): - * The [253]-ssl option provides SSL encryption and authentication - natively via the [254]www.openssl.org library. One can use from a + * The [268]-ssl option provides SSL encryption and authentication + natively via the [269]www.openssl.org library. One can use from a simple self-signed certificate server certificate up to full CA and client certificate authentication schemes. - * Similar to -ssl, the [255]-stunnel option starts up a SSL tunnel + * Similar to -ssl, the [270]-stunnel option starts up a SSL tunnel server stunnel (that must be installed separately on the system: - [256]stunnel.mirt.net ) to allow only encrypted SSL connections + [271]stunnel.mirt.net ) to allow only encrypted SSL connections from the network. - * The [257]-sslverify option allows for authenticating VNC clients + * The [272]-sslverify option allows for authenticating VNC clients via their certificates in either -ssl or -stunnel modes. * Certificate creation and management tools are provide in the - [258]-sslGenCert, [259]-sslGenCA, and [260]related options. + [273]-sslGenCert, [274]-sslGenCA, and [275]related options. * An SSL enabled Java applet VNC Viewer applet is provided by x11vnc in classes/ssl/VncViewer.jar. In addition to normal HTTP, the applet may be loaded into the web browser via HTTPS (HTTP over SSL.) (one can use the VNC port, e.g. https://host:5900/, or also - the separate [261]-https port option.) A wrapper shell script - [262]ss_vncviewer is also provided that sets up a stunnel - client-side tunnel on Unix systems. See [263]Enhanced TightVNC + the separate [276]-https port option.) A wrapper shell script + [277]ss_vncviewer is also provided that sets up a stunnel + client-side tunnel on Unix systems. See [278]Enhanced TightVNC Viewer (SSVNC) for other SSL/SSH viewer possibilities. - * The [264]-unixpw option supports Unix username and password - authentication (a simpler variant is the [265]-unixpw_nis option + * The [279]-unixpw option supports Unix username and password + authentication (a simpler variant is the [280]-unixpw_nis option that works in environments where the encrypted passwords are - readable, e.g. NIS.) The [266]-ssl or [267]-localhost + - [268]-stunnel options are enforced in this mode to prevent + readable, e.g. NIS.) The [281]-ssl or [282]-localhost + + [283]-stunnel options are enforced in this mode to prevent password sniffing. As a convenience, these requirements are lifted if a SSH tunnel can be deduced (but -localhost still applies.) - * Coupling [269]-unixpw with "[270]-display WAIT:cmd=FINDDISPLAY" or + * Coupling [284]-unixpw with "[285]-display WAIT:cmd=FINDDISPLAY" or "-display WAIT:cmd=FINDCREATEDISPLAY" provides a way to allow a user to login with their UNIX password and have their display - connected to [271]automatically. See the [272]-svc and the - [273]-xdmsvc aliases. - * Hooks are provided in the [274]-unixpw_cmd and "[275]-passwdfile + connected to [286]automatically. See the [287]-svc and the + [288]-xdmsvc aliases. + * Hooks are provided in the [289]-unixpw_cmd and "[290]-passwdfile cmd:,custom:..." options to allow you to supply your own authentication and password lookup programs. * x11vnc can be configured and built to not depend on X11 libraries - "./configure --without-x" for [276]-rawfb only operation (e.g. + "./configure --without-x" for [291]-rawfb only operation (e.g. embedded linux console devices.) - * The [277]-rotate option enables you to rotate or reflect the + * The [292]-rotate option enables you to rotate or reflect the screen before exporting via VNC. This is intended for use on handhelds and other devices where the rotation orientation is not "natural". - * The "[278]-ultrafilexfer" alias is provided and improved UltraVNC + * The "[293]-ultrafilexfer" alias is provided and improved UltraVNC filetransfer rates have been achieved. - * Under the "[279]-connect_or_exit host" option x11vnc will exit + * Under the "[294]-connect_or_exit host" option x11vnc will exit immediately unless the reverse connection to host succeeds. The "-rfbport 0" option disables TCP listening for connections (useful for this mode.) - * The "[280]-rawfb rand" and "-rawfb none" options are useful for + * The "[295]-rawfb rand" and "-rawfb none" options are useful for testing automation scripts, etc., without requiring a full desktop. - * Reduced spewing of information at startup, use "[281]-verbose" + * Reduced spewing of information at startup, use "[296]-verbose" (also "-v") to turn it back on for debugging or if you are going to send me a problem report. - Here are some [282]Previous Release Notes + Here are some [297]Previous Release Notes _________________________________________________________________ Some Notes: @@ -1373,13 +1414,13 @@ LAY protocol.) I suggest using xsetroot, dtstyle or similar utility to set a solid background while using x11vnc. You can turn the pretty background image back on when you are using the display directly. - Update: As of Feb/2005 x11vnc has the [283]-solid [color] option that + Update: As of Feb/2005 x11vnc has the [298]-solid [color] option that works on recent GNOME, KDE, and CDE and also on classic X (background image is on the root window.) Update: As of Oct/2007 x11vnc has the - [284]-ncache option that does a reasonable job caching the background + [299]-ncache option that does a reasonable job caching the background (and other) pixmap data on the viewer side. - I also find the [285]TightVNC encoding gives the best response for my + I also find the [300]TightVNC encoding gives the best response for my usage (Unix <-> Unix over cable modem.) One needs a tightvnc-aware vncviewer to take advantage of this encoding. @@ -1391,17 +1432,17 @@ LAY is X11's default listening port.) Had port 5900 been taken by some other application, x11vnc would have next tried 5901. That would mean the viewer command above should be changed to vncviewer - far-away.east:1. You can force the port with the "[286]-rfbport NNNN" + far-away.east:1. You can force the port with the "[301]-rfbport NNNN" option where NNNN is the desired port number. If that port is already - taken, x11vnc will exit immediately. The "[287]-N" option will try to + taken, x11vnc will exit immediately. The "[302]-N" option will try to match the VNC display number to the X display. (also see the "SunRay Gotcha" note below) Options: x11vnc has (far too) many features that may be activated - via its [288]command line options. Useful options are, e.g., -scale to + via its [303]command line options. Useful options are, e.g., -scale to do server-side scaling, and -rfbauth passwd-file to use VNC password protection (the vncpasswd or storepasswd programs, or the x11vnc - [289]-storepasswd option can be used to create the password file.) + [304]-storepasswd option can be used to create the password file.) Algorithm: How does x11vnc do it? Rather brute-forcedly: it continuously polls the X11 framebuffer for changes using @@ -1429,7 +1470,7 @@ LAY first testing out the programs. You get an interesting recursive/feedback effect where vncviewer images keep popping up each one contained in the previous one and slightly shifted a bit by the - window manager decorations. There will be an [290]even more + window manager decorations. There will be an [305]even more interesting effect if -scale is used. Also, if the XKEYBOARD is supported and the XBell "beeps" once, you get an infinite loop of beeps going off. Although all of this is mildly exciting it is not @@ -1439,8 +1480,8 @@ LAY Sun Ray Notes: - You can run x11vnc on your (connected or disconnected) [291]SunRay - session. Here are some [292]notes on SunRay usage with x11vnc. + You can run x11vnc on your (connected or disconnected) [306]SunRay + session. Here are some [307]notes on SunRay usage with x11vnc. _________________________________________________________________ @@ -1452,7 +1493,7 @@ LAY than you normally do to minimize the effects (e.g. do fullpage paging rather than line-by-line scrolling, and move windows in a single, quick motion.) Recent work has provided the - [293]-scrollcopyrect and [294]-wireframe speedups using the + [308]-scrollcopyrect and [309]-wireframe speedups using the CopyRect VNC encoding and other things, but they only speed up some activities, not all. * A rate limiting factor for x11vnc performance is that graphics @@ -1511,18 +1552,19 @@ LAY but we mention it because it may be of use for special purpose applications. You may need to use the "-cc 4" option to force Xvfb to use a TrueColor visual instead of DirectColor. See also the - description of the [295]-create option that does all of this - automatically for you. + description of the [310]-create option that does all of this + automatically for you (be sure to install the Xvfb package, e.g. + apt-get install xvfb.) Also, a faster and more accurate way is to use the "dummy" Xorg/XFree86 device driver (or our Xdummy wrapper script.) See - [296]this FAQ for details. + [311]this FAQ for details. * Somewhat surprisingly, the X11 mouse (cursor) shape is write-only and cannot be queried from the X server. So traditionally in x11vnc the cursor shape stays fixed at an arrow. (see the "-cursor - X" and "-cursor some" [297]options, however, for a partial hack + X" and "-cursor some" [312]options, however, for a partial hack for the root window, etc.) However, on Solaris using the SUN_OVL overlay extension, x11vnc can show the correct mouse cursor when - the [298]-overlay option is also supplied. A similar thing is done + the [313]-overlay option is also supplied. A similar thing is done on IRIX as well when -overlay is supplied. More generally, as of Dec/2004 x11vnc supports the new XFIXES extension (in Xorg and Solaris 10) to query the X server for the @@ -1530,18 +1572,18 @@ LAY with transparency (alpha channel) need to approximated to solid RGB values (some cursors look worse than others.) * Audio from applications is of course not redirected (separate - redirectors do exist, e.g. esd, see [299]the FAQ on this below.) + redirectors do exist, e.g. esd, see [314]the FAQ on this below.) The XBell() "beeps" will work if the X server supports the XKEYBOARD extension. (Note that on Solaris XKEYBOARD is disabled by default. Passing +kb to Xsun enables it.) - * The scroll detection algorithm for the [300]-scrollcopyrect option + * The scroll detection algorithm for the [315]-scrollcopyrect option can give choppy or bunched up transient output and occasionally painting errors. * Using -threads can expose some bugs/crashes in libvncserver. - Please feel free to [301]contact me if you have any questions, + Please feel free to [316]contact me if you have any questions, problems, or comments about x11vnc, etc. - Also, some people ask if they can make a donation, see [302]this link + Also, some people ask if they can make a donation, see [317]this link for that. References @@ -1591,263 +1633,278 @@ References 43. http://www.karlrunge.com/x11vnc/faq.html#faq-xperms 44. http://www.karlrunge.com/x11vnc/faq.html#faq-xperms 45. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 46. http://www.karlrunge.com/x11vnc/faq.html#faq-viewer-download - 47. http://www.sun.com/software/solaris/freeware/ - 48. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-forever - 49. http://www.karlrunge.com/x11vnc/index.html#firewalls - 50. http://www.karlrunge.com/x11vnc/index.html#tunnelling - 51. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-forever - 52. http://www.karlrunge.com/x11vnc/faq.html#faq-service - 53. http://www.karlrunge.com/x11vnc/faq.html#faq-passwd - 54. http://www.karlrunge.com/x11vnc/index.html#vnc_password_file - 55. http://www.karlrunge.com/x11vnc/ssvnc.html#download - 56. http://downloads.sourceforge.net/ssvnc/ssvnc_no_windows-1.0.23.tar.gz?use_mirror - 57. http://www.karlrunge.com/x11vnc/index.html#tunnelling - 58. http://www.karlrunge.com/x11vnc/ssvnc.html#tsvnc - 59. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect - 60. http://www.karlrunge.com/x11vnc/index.html#vnc_password_file - 61. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd - 62. http://www.karlrunge.com/x11vnc/index.html#tightvnc_via - 63. http://www.karlrunge.com/x11vnc/ssvnc.html - 64. http://www.karlrunge.com/x11vnc/ssvnc.html#tsvnc - 65. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect - 66. http://www.karlrunge.com/x11vnc/chainingssh.html - 67. http://www.karlrunge.com/x11vnc/ssvnc.html - 68. http://www.portforward.com/routers.htm - 69. http://www.whatismyip.com/ - 70. http://www.karlrunge.com/x11vnc/ssvnc.html - 71. http://www.karlrunge.com/x11vnc/index.html#ssl-tunnel - 72. http://www.whatismyip.com/ - 73. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-bg - 74. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect - 75. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd - 76. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbauth - 77. http://www.karlrunge.com/x11vnc/faq.html#faq-passwd - 78. http://www.karlrunge.com/x11vnc/faq.html#faq-passwdfile - 79. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwdfile - 80. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-usepw - 81. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 82. http://www.karlrunge.com/x11vnc/ssvnc.html - 83. http://www.karlrunge.com/x11vnc/faq.html#faq-allow-opt - 84. http://www.karlrunge.com/x11vnc/faq.html#faq-tcp_wrappers - 85. http://stunnel.mirt.net/ - 86. http://www.stunnel.org/ - 87. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 88. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int - 89. http://www.karlrunge.com/x11vnc/ssvnc.html - 90. http://sourceforge.net/projects/libvncserver/ - 91. http://sourceforge.net/projects/libvncserver/files/x11vnc/0.9.9/ - 92. http://sourceforge.net/projects/libvncserver/files/x11vnc/0.9.9/release-notes-0.9.9.txt/view - 93. http://x11vnc.sourceforge.net/dev/x11vnc-0.9.10.tar.gz - 94. http://www.karlrunge.com/x11vnc/faq.html#faq-binaries - 95. http://www.tightvnc.com/download.html - 96. http://www.realvnc.com/products/free/4.1/download.html - 97. http://sourceforge.net/projects/cotvnc/ - 98. http://www.ultravnc.com/ - 99. http://www.karlrunge.com/x11vnc/ssvnc.html - 100. http://www.karlrunge.com/x11vnc/rx11vnc - 101. http://www.karlrunge.com/x11vnc/rx11vnc.pl - 102. http://www.karlrunge.com/x11vnc/faq.html#faq-build - 103. http://www.sunfreeware.com/ - 104. http://www.karlrunge.com/x11vnc/bins - 105. http://www.karlrunge.com/x11vnc/index.html#solarisbuilding - 106. http://www.karlrunge.com/x11vnc/miscbuild.html - 107. ftp://ftp.uu.net/graphics/jpeg/ - 108. http://www.gzip.org/zlib/ - 109. http://www.sunfreeware.com/ - 110. http://www.karlrunge.com/x11vnc/index.html#build-openssl - 111. http://www.karlrunge.com/x11vnc/faq.html#faq-solaris251build - 112. http://www.karlrunge.com/x11vnc/faq.html#faq-macosx - 113. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int - 114. http://x11vnc.sourceforge.net/dev/x11vnc-0.9.10.tar.gz - 115. http://www.karlrunge.com/x11vnc/bins - 116. mailto:xvml@karlrunge.com - 117. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int - 118. http://www.karlrunge.com/x11vnc/faq.html#infaq_ss_vncviewer - 119. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-ext - 120. http://www.karlrunge.com/x11vnc/ssvnc.html - 121. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-enc - 122. http://www.karlrunge.com/x11vnc/Xdummy - 123. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_system_greeter - 124. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc - 125. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-extra_fbur - 126. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer - 127. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait - 128. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nonap - 129. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-allinput - 130. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-findauth - 131. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth - 132. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT - 133. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 134. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 135. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_cmd - 136. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_nis - 137. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel - 138. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 139. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 140. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslverify - 141. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslCRL - 142. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel - 143. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-appshare - 144. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remote - 145. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-gui - 146. http://ubuntuforums.org/showthread.php?t=1223490 - 147. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-threads - 148. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reflect - 149. http://bugs.freedesktop.org/show_bug.cgi?id=21454 - 150. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-repeat - 151. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clip - 152. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb - 153. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb - 154. http://www.virtualgl.org/ - 155. http://www.karlrunge.com/x11vnc/faq.html#faq-turbovnc - 156. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache_cr - 157. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache - 158. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rmflag - 159. http://sourceforge.net/projects/vencrypt/ - 160. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 161. http://www.karlrunge.com/x11vnc/ssvnc.html - 162. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw - 163. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-vencrypt - 164. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-anontls - 165. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslonly - 166. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 167. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-vencrypt - 168. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-anontls - 169. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslCRL - 170. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCA - 171. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCert - 172. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 173. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http_oneport - 174. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpsredir + 46. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-findauth + 47. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth + 48. http://www.karlrunge.com/x11vnc/faq.html#faq-viewer-download + 49. http://www.sun.com/software/solaris/freeware/ + 50. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-forever + 51. http://www.karlrunge.com/x11vnc/index.html#firewalls + 52. http://www.karlrunge.com/x11vnc/index.html#tunnelling + 53. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-forever + 54. http://www.karlrunge.com/x11vnc/faq.html#faq-service + 55. http://www.karlrunge.com/x11vnc/faq.html#faq-passwd + 56. http://www.karlrunge.com/x11vnc/index.html#vnc_password_file + 57. http://www.karlrunge.com/x11vnc/ssvnc.html#download + 58. http://downloads.sourceforge.net/ssvnc/ssvnc_no_windows-1.0.23.tar.gz?use_mirror + 59. http://www.karlrunge.com/x11vnc/index.html#tunnelling + 60. http://www.karlrunge.com/x11vnc/ssvnc.html#tsvnc + 61. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect + 62. http://www.karlrunge.com/x11vnc/index.html#vnc_password_file + 63. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd + 64. http://www.karlrunge.com/x11vnc/index.html#tightvnc_via + 65. http://www.karlrunge.com/x11vnc/ssvnc.html + 66. http://www.karlrunge.com/x11vnc/ssvnc.html#tsvnc + 67. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect + 68. http://www.karlrunge.com/x11vnc/chainingssh.html + 69. http://www.karlrunge.com/x11vnc/ssvnc.html + 70. http://www.portforward.com/routers.htm + 71. http://www.whatismyip.com/ + 72. http://www.karlrunge.com/x11vnc/ssvnc.html + 73. http://www.karlrunge.com/x11vnc/index.html#ssl-tunnel + 74. http://www.whatismyip.com/ + 75. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-bg + 76. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect + 77. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd + 78. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbauth + 79. http://www.karlrunge.com/x11vnc/faq.html#faq-passwd + 80. http://www.karlrunge.com/x11vnc/faq.html#faq-passwdfile + 81. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwdfile + 82. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-usepw + 83. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 84. http://www.karlrunge.com/x11vnc/ssvnc.html + 85. http://www.karlrunge.com/x11vnc/faq.html#faq-allow-opt + 86. http://www.karlrunge.com/x11vnc/faq.html#faq-tcp_wrappers + 87. http://stunnel.mirt.net/ + 88. http://www.stunnel.org/ + 89. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 90. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int + 91. http://www.karlrunge.com/x11vnc/ssvnc.html + 92. http://sourceforge.net/projects/libvncserver/ + 93. http://sourceforge.net/projects/libvncserver/files/x11vnc/0.9.9/ + 94. http://sourceforge.net/projects/libvncserver/files/x11vnc/0.9.9/release-notes-0.9.9.txt/view + 95. http://x11vnc.sourceforge.net/dev/x11vnc-0.9.10-dev.tar.gz + 96. http://www.karlrunge.com/x11vnc/faq.html#faq-binaries + 97. http://www.tightvnc.com/download.html + 98. http://www.realvnc.com/products/free/4.1/download.html + 99. http://sourceforge.net/projects/cotvnc/ + 100. http://www.ultravnc.com/ + 101. http://www.karlrunge.com/x11vnc/ssvnc.html + 102. http://www.karlrunge.com/x11vnc/rx11vnc + 103. http://www.karlrunge.com/x11vnc/rx11vnc.pl + 104. http://www.karlrunge.com/x11vnc/faq.html#faq-build + 105. http://www.karlrunge.com/x11vnc/faq.html#faq-build + 106. http://www.sunfreeware.com/ + 107. http://www.karlrunge.com/x11vnc/bins + 108. http://www.karlrunge.com/x11vnc/index.html#solarisbuilding + 109. http://www.karlrunge.com/x11vnc/miscbuild.html + 110. ftp://ftp.uu.net/graphics/jpeg/ + 111. http://www.gzip.org/zlib/ + 112. http://www.sunfreeware.com/ + 113. http://www.karlrunge.com/x11vnc/index.html#build-openssl + 114. http://www.karlrunge.com/x11vnc/faq.html#faq-solaris251build + 115. http://www.karlrunge.com/x11vnc/faq.html#faq-macosx + 116. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int + 117. http://x11vnc.sourceforge.net/dev/x11vnc-0.9.10-dev.tar.gz + 118. http://www.karlrunge.com/x11vnc/bins + 119. mailto:xvml@karlrunge.com + 120. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int + 121. http://www.karlrunge.com/x11vnc/faq.html#infaq_ss_vncviewer + 122. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-ext + 123. http://www.karlrunge.com/x11vnc/ssvnc.html + 124. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-enc + 125. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 126. http://www.karlrunge.com/x11vnc/ssl.html#chained-certificates + 127. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-inetd + 128. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-https + 129. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslScripts + 130. http://www.karlrunge.com/x11vnc/desktop.cgi.pl + 131. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb + 132. http://www.karlrunge.com/x11vnc/faq.html#faq-web-login + 133. http://www.karlrunge.com/x11vnc/Xdummy + 134. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw + 135. http://www.karlrunge.com/x11vnc/inet6to4 + 136. http://www.karlrunge.com/x11vnc/faq.html#faq-ipv6 + 137. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xrandr + 138. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_system_greeter + 139. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc + 140. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-extra_fbur + 141. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer + 142. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait + 143. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nonap + 144. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-allinput + 145. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-findauth + 146. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth + 147. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT + 148. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 149. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 150. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_cmd + 151. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_nis + 152. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel + 153. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 154. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 155. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslverify + 156. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslCRL + 157. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel + 158. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-appshare + 159. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remote + 160. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-gui + 161. http://ubuntuforums.org/showthread.php?t=1223490 + 162. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-threads + 163. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reflect + 164. http://bugs.freedesktop.org/show_bug.cgi?id=21454 + 165. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-repeat + 166. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clip + 167. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 168. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 169. http://www.virtualgl.org/ + 170. http://www.karlrunge.com/x11vnc/faq.html#faq-turbovnc + 171. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache_cr + 172. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache + 173. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rmflag + 174. http://sourceforge.net/projects/vencrypt/ 175. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 176. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-avahi - 177. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-zeroconf - 178. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbport - 179. http://www.karlrunge.com/x11vnc/x11vnc.desktop - 180. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-o - 181. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid - 182. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reopen - 183. http://www.karlrunge.com/x11vnc/faq.html#infaq_gdm - 184. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-enc - 185. http://www.karlrunge.com/x11vnc/ssvnc.html - 186. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale - 187. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-geometry - 188. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-chatwindow - 189. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 190. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 191. http://www.karlrunge.com/x11vnc/ssvnc.html - 192. http://www.karlrunge.com/x11vnc/faq.html#faq-reverse-connect - 193. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 194. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 195. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay - 196. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-proxy - 197. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssh - 198. http://www.uvnc.com/addons/repeater.html - 199. http://www.karlrunge.com/x11vnc/faq.html#faq-reverse-connect - 200. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect - 201. http://www.karlrunge.com/x11vnc/ssvnc.html - 202. http://www.karlrunge.com/x11vnc/ultravnc_repeater.pl - 203. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-advertise_truecolor - 204. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-finddpy - 205. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-listdpy - 206. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 207. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 208. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay - 209. http://www.karlrunge.com/x11vnc/faq.html#faq-xrandr - 210. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-autoport - 211. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ping - 212. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_all - 213. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb - 214. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-viewers - 215. http://www.karlrunge.com/x11vnc/faq.html#faq-client-caching + 176. http://www.karlrunge.com/x11vnc/ssvnc.html + 177. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw + 178. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-vencrypt + 179. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-anontls + 180. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslonly + 181. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 182. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-vencrypt + 183. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-anontls + 184. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslCRL + 185. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCA + 186. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCert + 187. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 188. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http_oneport + 189. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpsredir + 190. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 191. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-avahi + 192. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-zeroconf + 193. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbport + 194. http://www.karlrunge.com/x11vnc/x11vnc.desktop + 195. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-o + 196. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid + 197. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reopen + 198. http://www.karlrunge.com/x11vnc/faq.html#infaq_gdm + 199. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-enc + 200. http://www.karlrunge.com/x11vnc/ssvnc.html + 201. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale + 202. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-geometry + 203. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-chatwindow + 204. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 205. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 206. http://www.karlrunge.com/x11vnc/ssvnc.html + 207. http://www.karlrunge.com/x11vnc/faq.html#faq-reverse-connect + 208. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 209. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 210. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay + 211. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-proxy + 212. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssh + 213. http://www.uvnc.com/addons/repeater.html + 214. http://www.karlrunge.com/x11vnc/faq.html#faq-reverse-connect + 215. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect 216. http://www.karlrunge.com/x11vnc/ssvnc.html - 217. http://www.karlrunge.com/x11vnc/ssvnc.html#ycrop - 218. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw - 219. http://www.ultravnc.com/ - 220. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users - 221. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 217. http://www.karlrunge.com/x11vnc/ultravnc_repeater.pl + 218. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-advertise_truecolor + 219. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-finddpy + 220. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-listdpy + 221. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find 222. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 223. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 224. http://www.karlrunge.com/x11vnc/faq.html#faq-avahi - 225. http://www.avahi.org/ - 226. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-avahi - 227. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-zeroconf - 228. http://www.karlrunge.com/x11vnc/ssvnc.html - 229. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 230. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 231. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 232. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc - 233. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc - 234. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 235. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-forcedpms - 236. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clientdpms - 237. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noserverdpms - 238. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-grabalways - 239. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop - 240. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage - 241. http://www.karlrunge.com/x11vnc/faq.html#faq-beryl - 242. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpsredir - 243. http://www.karlrunge.com/x11vnc/faq.html#faq-macosx - 244. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay - 245. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc - 246. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc - 247. http://www.karlrunge.com/x11vnc/faq.html#faq-reflect - 248. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reflect - 249. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nowireframelocal - 250. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-N - 251. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodpms - 252. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xwarppointer - 253. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 254. http://www.openssl.org/ - 255. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel - 256. http://stunnel.mirt.net/ - 257. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslverify - 258. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCert - 259. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCA - 260. http://www.karlrunge.com/x11vnc/ssl.html - 261. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-https - 262. http://www.karlrunge.com/x11vnc/faq.html#infaq_ss_vncviewer - 263. http://www.karlrunge.com/x11vnc/ssvnc.html - 264. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw - 265. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_nis - 266. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 267. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost - 268. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel - 269. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw - 270. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT - 271. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin - 272. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc - 273. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc - 274. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_cmd - 275. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwdfile - 276. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb - 277. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rotate - 278. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ultrafilexfer - 279. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect_or_exit - 280. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb - 281. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-v, - 282. http://www.karlrunge.com/x11vnc/prevrels.html - 283. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid - 284. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache - 285. http://www.tightvnc.com/ - 286. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbport - 287. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-N - 288. http://www.karlrunge.com/x11vnc/x11vnc_opts.html - 289. http://www.karlrunge.com/x11vnc/faq.html#faq-passwd - 290. http://www.karlrunge.com/x11vnc/recurse_x11vnc.jpg - 291. http://www.sun.com/sunray/index.html - 292. http://www.karlrunge.com/x11vnc/sunray.html - 293. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect - 294. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe - 295. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay - 296. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb - 297. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor - 298. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-overlay - 299. http://www.karlrunge.com/x11vnc/faq.html#faq-sound - 300. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect - 301. mailto:xvml@karlrunge.com - 302. http://www.karlrunge.com/x11vnc/faq.html#faq-thanks + 223. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay + 224. http://www.karlrunge.com/x11vnc/faq.html#faq-xrandr + 225. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-autoport + 226. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ping + 227. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_all + 228. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb + 229. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-viewers + 230. http://www.karlrunge.com/x11vnc/faq.html#faq-client-caching + 231. http://www.karlrunge.com/x11vnc/ssvnc.html + 232. http://www.karlrunge.com/x11vnc/ssvnc.html#ycrop + 233. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw + 234. http://www.ultravnc.com/ + 235. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users + 236. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 237. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 238. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 239. http://www.karlrunge.com/x11vnc/faq.html#faq-avahi + 240. http://www.avahi.org/ + 241. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-avahi + 242. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-zeroconf + 243. http://www.karlrunge.com/x11vnc/ssvnc.html + 244. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 245. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 246. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 247. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc + 248. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc + 249. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 250. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-forcedpms + 251. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clientdpms + 252. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noserverdpms + 253. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-grabalways + 254. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop + 255. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage + 256. http://www.karlrunge.com/x11vnc/faq.html#faq-beryl + 257. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpsredir + 258. http://www.karlrunge.com/x11vnc/faq.html#faq-macosx + 259. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay + 260. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc + 261. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc + 262. http://www.karlrunge.com/x11vnc/faq.html#faq-reflect + 263. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reflect + 264. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nowireframelocal + 265. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-N + 266. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodpms + 267. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xwarppointer + 268. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 269. http://www.openssl.org/ + 270. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel + 271. http://stunnel.mirt.net/ + 272. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslverify + 273. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCert + 274. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCA + 275. http://www.karlrunge.com/x11vnc/ssl.html + 276. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-https + 277. http://www.karlrunge.com/x11vnc/faq.html#infaq_ss_vncviewer + 278. http://www.karlrunge.com/x11vnc/ssvnc.html + 279. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw + 280. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_nis + 281. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 282. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost + 283. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel + 284. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw + 285. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT + 286. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin + 287. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc + 288. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc + 289. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw_cmd + 290. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwdfile + 291. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 292. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rotate + 293. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ultrafilexfer + 294. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect_or_exit + 295. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 296. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-v, + 297. http://www.karlrunge.com/x11vnc/prevrels.html + 298. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid + 299. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache + 300. http://www.tightvnc.com/ + 301. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbport + 302. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-N + 303. http://www.karlrunge.com/x11vnc/x11vnc_opts.html + 304. http://www.karlrunge.com/x11vnc/faq.html#faq-passwd + 305. http://www.karlrunge.com/x11vnc/recurse_x11vnc.jpg + 306. http://www.sun.com/sunray/index.html + 307. http://www.karlrunge.com/x11vnc/sunray.html + 308. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect + 309. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe + 310. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay + 311. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb + 312. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor + 313. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-overlay + 314. http://www.karlrunge.com/x11vnc/faq.html#faq-sound + 315. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect + 316. mailto:xvml@karlrunge.com + 317. http://www.karlrunge.com/x11vnc/faq.html#faq-thanks ======================================================================= http://www.karlrunge.com/x11vnc/faq.html: @@ -2096,150 +2153,153 @@ http://www.karlrunge.com/x11vnc/faq.html: [68]Q-66: Can reverse connections be made to go through a Web or SOCKS proxy or SSH? - [69]Q-67: Can I use x11vnc as a replacement for Xvnc? (i.e. not for a + [69]Q-67: Can x11vnc provide a multi-user desktop web login service as + an Apache CGI or PHP script? + + [70]Q-68: Can I use x11vnc as a replacement for Xvnc? (i.e. not for a real display, but for a virtual one I keep around.) - [70]Q-68: How can I use x11vnc on "headless" machines? Why might I + [71]Q-69: How can I use x11vnc on "headless" machines? Why might I want to? [Resource Usage and Performance] - [71]Q-69: I have lots of memory, but why does x11vnc fail with + [72]Q-70: I have lots of memory, but why does x11vnc fail with shmget: No space left on device or Minor opcode of failed request: 1 (X_ShmAttach)? - [72]Q-70: How can I make x11vnc use less system resources? + [73]Q-71: How can I make x11vnc use less system resources? - [73]Q-71: How can I make x11vnc use MORE system resources? + [74]Q-72: How can I make x11vnc use MORE system resources? - [74]Q-72: I use x11vnc over a slow link with high latency (e.g. dialup + [75]Q-73: I use x11vnc over a slow link with high latency (e.g. dialup modem or broadband), is there anything I can do to speed things up? - [75]Q-73: Does x11vnc support the X DAMAGE Xserver extension to find + [76]Q-74: Does x11vnc support the X DAMAGE Xserver extension to find modified regions of the screen quickly and efficiently? - [76]Q-74: My OpenGL application shows no screen updates unless I + [77]Q-75: My OpenGL application shows no screen updates unless I supply the -noxdamage option to x11vnc. - [77]Q-75: When I drag windows around with the mouse or scroll up and + [78]Q-76: When I drag windows around with the mouse or scroll up and down things really bog down (unless I do the drag in a single, quick motion.) Is there anything to do to improve things? - [78]Q-76: Why not do something like wireframe animations to avoid the + [79]Q-77: Why not do something like wireframe animations to avoid the windows "lurching" when being moved or resized? - [79]Q-77: Can x11vnc try to apply heuristics to detect when a window + [80]Q-78: Can x11vnc try to apply heuristics to detect when a window is scrolling its contents and use the CopyRect encoding for a speedup? - [80]Q-78: Can x11vnc do client-side caching of pixel data? I.e. so + [81]Q-79: Can x11vnc do client-side caching of pixel data? I.e. so when that pixel data is needed again it does not have to be retransmitted over the network. - [81]Q-79: Does x11vnc support TurboVNC? + [82]Q-80: Does x11vnc support TurboVNC? [Mouse Cursor Shapes] - [82]Q-80: Why isn't the mouse cursor shape (the little icon shape + [83]Q-81: Why isn't the mouse cursor shape (the little icon shape where the mouse pointer is) correct as I move from window to window? - [83]Q-81: When using XFIXES cursorshape mode, some of the cursors look + [84]Q-82: When using XFIXES cursorshape mode, some of the cursors look really bad with extra black borders around the cursor and other cruft. How can I improve their appearance? - [84]Q-82: In XFIXES mode, are there any hacks to handle cursor + [85]Q-83: In XFIXES mode, are there any hacks to handle cursor transparency ("alpha channel") exactly? [Mouse Pointer] - [85]Q-83: Why does the mouse arrow just stay in one corner in my + [86]Q-84: Why does the mouse arrow just stay in one corner in my vncviewer, whereas my cursor (that does move) is just a dot? - [86]Q-84: Can I take advantage of the TightVNC extension to the VNC + [87]Q-85: Can I take advantage of the TightVNC extension to the VNC protocol where Cursor Positions Updates are sent back to all connected clients (i.e. passive viewers can see the mouse cursor being moved around by another viewer)? - [87]Q-85: Is it possible to swap the mouse buttons (e.g. left-handed + [88]Q-86: Is it possible to swap the mouse buttons (e.g. left-handed operation), or arbitrarily remap them? How about mapping button clicks to keystrokes, e.g. to partially emulate Mouse wheel scrolling? [Keyboard Issues] - [88]Q-86: How can I get my AltGr and Shift modifiers to work between + [89]Q-87: How can I get my AltGr and Shift modifiers to work between keyboards for different languages? - [89]Q-87: When I try to type a "<" (i.e. less than) instead I get ">" + [90]Q-88: When I try to type a "<" (i.e. less than) instead I get ">" (i.e. greater than)! Strangely, typing ">" works OK!! - [90]Q-88: Extra Character Inserted, E.g.: When I try to type a "<" + [91]Q-89: Extra Character Inserted, E.g.: When I try to type a "<" (i.e. less than) instead I get "<," (i.e. an extra comma.) - [91]Q-89: I'm using an "international" keyboard (e.g. German "de", or + [92]Q-90: I'm using an "international" keyboard (e.g. German "de", or Danish "dk") and the -modtweak mode works well if the VNC viewer is run on a Unix/Linux machine with a similar keyboard. But if I run the VNC viewer on Unix/Linux with a different keyboard (e.g. "us") or Windows with any keyboard, I can't type some keys like: "@", "$", "<", ">", etc. How can I fix this? - [92]Q-90: When typing I sometimes get double, triple, or more of my + [93]Q-91: When typing I sometimes get double, triple, or more of my keystrokes repeated. I'm sure I only typed them once, what can I do? - [93]Q-91: The x11vnc -norepeat mode is in effect, but I still get + [94]Q-92: The x11vnc -norepeat mode is in effect, but I still get repeated keystrokes!! - [94]Q-92: After using x11vnc for a while, I find that I cannot type + [95]Q-93: After using x11vnc for a while, I find that I cannot type some (or any) characters or my mouse clicks and drags no longer have any effect, or they lead to strange effects. What happened? - [95]Q-93: The machine where I run x11vnc has an AltGr key, but the + [96]Q-94: The machine where I run x11vnc has an AltGr key, but the local machine where I run the VNC viewer does not. Is there a way I can map a local unused key to send an AltGr? How about a Compose key as well? - [96]Q-94: I have a Sun machine I run x11vnc on. Its Sun keyboard has + [97]Q-95: I have a Sun machine I run x11vnc on. Its Sun keyboard has just one Alt key labelled "Alt" and two Meta keys labelled with little diamonds. The machine where I run the VNC viewer only has Alt keys. How can I send a Meta keypress? (e.g. emacs needs this) - [97]Q-95: Running x11vnc on HP-UX I cannot type "#" I just get a "3" + [98]Q-96: Running x11vnc on HP-UX I cannot type "#" I just get a "3" instead. - [98]Q-96: Can I map a keystroke to a mouse button click on the remote + [99]Q-97: Can I map a keystroke to a mouse button click on the remote machine? - [99]Q-97: How can I get Caps_Lock to work between my VNC viewer and + [100]Q-98: How can I get Caps_Lock to work between my VNC viewer and x11vnc? [Screen Related Issues and Features] - [100]Q-98: The remote display is larger (in number of pixels) than the + [101]Q-99: The remote display is larger (in number of pixels) than the local display I am running the vncviewer on. I don't like the vncviewer scrollbars, what I can do? - [101]Q-99: Does x11vnc support server-side framebuffer scaling? (E.g. + [102]Q-100: Does x11vnc support server-side framebuffer scaling? (E.g. to make the desktop smaller.) - [102]Q-100: Does x11vnc work with Xinerama? (i.e. multiple monitors + [103]Q-101: Does x11vnc work with Xinerama? (i.e. multiple monitors joined together to form one big, single screen.) - [103]Q-101: Can I use x11vnc on a multi-headed display that is not + [104]Q-102: Can I use x11vnc on a multi-headed display that is not Xinerama (i.e. separate screens :0.0, :0.1, ... for each monitor)? - [104]Q-102: Can x11vnc show only a portion of the display? (E.g. for a + [105]Q-103: Can x11vnc show only a portion of the display? (E.g. for a special purpose application or a very large screen.) - [105]Q-103: Does x11vnc support the XRANDR (X Resize, Rotate and + [106]Q-104: Does x11vnc support the XRANDR (X Resize, Rotate and Reflection) extension? Whenever I rotate or resize the screen x11vnc just seems to crash. - [106]Q-104: Independent of any XRANDR, can I have x11vnc rotate and/or + [107]Q-105: Independent of any XRANDR, can I have x11vnc rotate and/or reflect the screen that the VNC viewers see? (e.g. for a handheld whose screen is rotated 90 degrees.) - [107]Q-105: Why is the view in my VNC viewer completely black? Or why + [108]Q-106: Why is the view in my VNC viewer completely black? Or why is everything flashing around randomly? - [108]Q-106: I use Linux Virtual Terminals (VT's) to implement 'Fast + [109]Q-107: I use Linux Virtual Terminals (VT's) to implement 'Fast User Switching' between users' sessions (e.g. Betty is on Ctrl-Alt-F7, Bobby is on Ctrl-Alt-F8, and Sid is on Ctrl-Alt-F1: they use those keystrokes to switch between their sessions.) How come the view in a @@ -2247,83 +2307,83 @@ http://www.karlrunge.com/x11vnc/faq.html: otherwise all messed up unless the X session x11vnc is attached to is in the active VT? - [109]Q-107: I am using x11vnc where my local machine has "popup/hidden + [110]Q-108: I am using x11vnc where my local machine has "popup/hidden taskbars" and the remote display where x11vnc runs also has "popup/hidden taskbars" and they interfere and fight with each other. What can I do? - [110]Q-108: Help! x11vnc and my KDE screensaver keep switching each + [111]Q-109: Help! x11vnc and my KDE screensaver keep switching each other on and off every few seconds. - [111]Q-109: I am running the beryl 3D window manager (or compiz, + [112]Q-110: I am running the beryl 3D window manager (or compiz, MythTv, Google Earth, or some other OpenGL app) and I do not get screen updates in x11vnc. - [112]Q-110: Can I use x11vnc to view my VMWare session remotely? + [113]Q-111: Can I use x11vnc to view my VMWare session remotely? [Exporting non-X11 devices via VNC] - [113]Q-111: Can non-X devices (e.g. a raw framebuffer) be viewed (and + [114]Q-112: Can non-X devices (e.g. a raw framebuffer) be viewed (and even controlled) via VNC with x11vnc? - [114]Q-112: Can I export the Linux Console (Virtual Terminals) via VNC + [115]Q-113: Can I export the Linux Console (Virtual Terminals) via VNC using x11vnc? - [115]Q-113: Can I export via VNC a Webcam or TV tuner framebuffer + [116]Q-114: Can I export via VNC a Webcam or TV tuner framebuffer using x11vnc? - [116]Q-114: Can I connect via VNC to a Qt-embedded/Qtopia application + [117]Q-115: Can I connect via VNC to a Qt-embedded/Qtopia application running on my handheld or PC using the Linux console framebuffer (i.e. not X11)? - [117]Q-115: Now that non-X11 devices can be exported via VNC using + [118]Q-116: Now that non-X11 devices can be exported via VNC using x11vnc, can I build it with no dependencies on X11 header files and libraries? - [118]Q-116: Does x11vnc support Mac OS X Aqua/Quartz displays natively + [119]Q-117: Does x11vnc support Mac OS X Aqua/Quartz displays natively (i.e. no X11 involved)? - [119]Q-117: Can x11vnc be used as a VNC reflector/repeater to improve + [120]Q-118: Can x11vnc be used as a VNC reflector/repeater to improve performance for the case of a large number of simultaneous VNC viewers (e.g. classroom broadcasting or a large demo)? - [120]Q-118: Can x11vnc be used during a Linux, Solaris, etc. system + [121]Q-119: Can x11vnc be used during a Linux, Solaris, etc. system Installation so the Installation can be done remotely? [Misc: Clipboard, File Transfer/Sharing, Printing, Sound, Beeps, Thanks, etc.] - [121]Q-119: Does the Clipboard/Selection get transferred between the + [122]Q-120: Does the Clipboard/Selection get transferred between the vncviewer and the X display? - [122]Q-120: Can I use x11vnc to record a Shock Wave Flash (or other + [123]Q-121: Can I use x11vnc to record a Shock Wave Flash (or other format) video of my desktop, e.g. to record a tutorial or demo? - [123]Q-121: Can I transfer files back and forth with x11vnc? + [124]Q-122: Can I transfer files back and forth with x11vnc? - [124]Q-122: Which UltraVNC extensions are supported? + [125]Q-123: Which UltraVNC extensions are supported? - [125]Q-123: Can x11vnc emulate UltraVNC's Single Click helpdesk mode + [126]Q-124: Can x11vnc emulate UltraVNC's Single Click helpdesk mode for Unix? I.e. something very simple for a naive user to initiate a reverse vnc connection from their Unix desktop to a helpdesk operator's VNC Viewer. - [126]Q-124: Can I (temporarily) mount my local (viewer-side) + [127]Q-125: Can I (temporarily) mount my local (viewer-side) Windows/Samba File share on the machine where x11vnc is running? - [127]Q-125: Can I redirect CUPS print jobs from the remote desktop + [128]Q-126: Can I redirect CUPS print jobs from the remote desktop where x11vnc is running to a printer on my local (viewer-side) machine? - [128]Q-126: How can I hear the sound (audio) from the remote + [129]Q-127: How can I hear the sound (audio) from the remote applications on the desktop I am viewing via x11vnc? - [129]Q-127: Why don't I hear the "Beeps" in my X session (e.g. when + [130]Q-128: Why don't I hear the "Beeps" in my X session (e.g. when typing tput bel in an xterm)? - [130]Q-128: Does x11vnc work with IPv6? + [131]Q-129: Does x11vnc work with IPv6? - [131]Q-129: Thanks for your program or for your help! Can I make a + [132]Q-130: Thanks for your program or for your help! Can I make a donation? _________________________________________________________________ @@ -2336,7 +2396,7 @@ http://www.karlrunge.com/x11vnc/faq.html: For the former error, you need to specify the X display to connect to (it also needs to be on the same machine the x11vnc process is to run - on.) Set your DISPLAY environment variable (or use the [132]-display + on.) Set your DISPLAY environment variable (or use the [133]-display option) to specify it. Nearly always the correct value will be ":0" (in fact, x11vnc will now assume :0 if given no other information.) @@ -2353,9 +2413,9 @@ http://www.karlrunge.com/x11vnc/faq.html: working when you try to start x11vnc via, say, a remote shell. How to Solve: See the xauth(1), Xsecurity(7), and xhost(1) man pages - or [133]this Howto for much info on X11 permissions. For example, you + or [134]this Howto for much info on X11 permissions. For example, you may need to set your XAUTHORITY environment variable (or use the - [134]-auth option) to point to the correct MIT-MAGIC-COOKIE file (e.g. + [135]-auth option) to point to the correct MIT-MAGIC-COOKIE file (e.g. /home/joe/.Xauthority or /var/gdm/:0.Xauth or /var/lib/kdm/A:0-crWk72K or /tmp/.gdmzndVlR, etc, etc.), or simply be sure you run x11vnc as the correct user (i.e. the user who is logged into the X session you @@ -2377,10 +2437,10 @@ http://www.karlrunge.com/x11vnc/faq.html: x11vnc -display :0 -auth /var/gdm/:0.Xauth (this is for the display manager gdm and requires root permission to - read the gdm cookie file, see [135]this faq for other display manager + read the gdm cookie file, see [136]this faq for other display manager cookie file names.) - Note as of Feb/2007 you can also try the [136]-find option instead of + Note as of Feb/2007 you can also try the [137]-find option instead of "-display ..." and see if that finds your display and Xauthority. Less safe, but to avoid figuring out where the correct XAUTHORITY file @@ -2389,7 +2449,7 @@ http://www.karlrunge.com/x11vnc/faq.html: (from the same machine.) The person could then type "xhost -localhost" after x11vnc has connected to go back to the default permissions. Also, for some situations the "-users lurk=" option may soon be of use - (please read the documentation on the [137]-users option.) + (please read the documentation on the [138]-users option.) To test out your X11 permissions from a remote shell, set DISPLAY and possibly XAUTHORITY (see your shell's man page, bash(1), tcsh(1), on @@ -2408,7 +2468,7 @@ http://www.karlrunge.com/x11vnc/faq.html: properly.) Firewalls: Speaking of permissions, it should go without saying that - the host-level [138]firewall will need to be configured to allow + the host-level [139]firewall will need to be configured to allow connections in on a port. E.g. 5900 (default VNC port) or 22 (default SSH port for tunnelling VNC.) Most systems these days have firewalls turned on by default, so you will actively have to do something to @@ -2457,63 +2517,56 @@ libssl.so libcrypto.so libcrypt.so See `config.log' for more details. there is quite a bit wrong with the build environment. Hopefully - simply adding -dev packages and/or gcc will fix it. + simply adding -dev packages and/or gcc or make will fix it. For Debian the list seems to be: gcc make libc6-dev - libjpeg62-dev + libjpeg8-dev (formerly libjpeg62-dev) libx11-dev + x11proto-core-dev (formerly x-dev) libxext-dev + libxtst-dev + libxdamage-dev + libxfixes-dev libxrandr-dev libxinerama-dev - libxtst-dev - x-dev - xlibs-static-dev + libxss-dev (formerly xlibs-static-dev) zlib1g-dev libssl-dev + libavahi-client-dev + linux-libc-dev (only needed for linux console rawfb support) - (note that depending on your OS version the above names may have been - changed and/or additional packages may be needed.) + Note that depending on your OS version the above names may have been + changed and/or additional packages may be needed. For Redhat the list seems to be: gcc make glibc-devel libjpeg-devel - xorg-x11-devel or XFree86-devel + libX11-devel + xorg-x11-proto-devel + libXdamage-devel + libXfixes-devel + libXrandr-devel zlib-devel - openssl097a - - (there are probably some more now; send us a list for recent Redhat if - you have it building and see the need to add more -devel packages.) + openssl-devel + avahi-devel + kernel-headers (only needed for linux console rawfb support) For other distros or OS's the package names may not be the same but will look similar. Also, distros tend to rename packages as well so the above list may be out of date. So only use the above lists as hints for the package names that are needed. - Have a look at [139]Misc. Build Problems for additional fixes. + Have a look at [140]Misc. Build Problems for additional fixes. Note: there is growing trend in Linux and other distros to slice up core X11 software into more and smaller packages. So be prepared for more headaches compiling software... - libssl: One user pointed out that if you use a precompiled binary - (either one you downloaded or built on another machine) there is a - chance it won't work because that x11vnc binary requires libssl0.9.7 - but the system only has libssl0.9.8 (which evidently is incompatible - with 0.9.7 and has a different SONAME.) Your distro should allow you - do have both runtimes installed on your system: - % dpkg -l libssl0.9.7 libssl0.9.8 - ... - ii libssl0.9.7 0.9.7g-5ubuntu SSL shared libraries - ii libssl0.9.8 0.9.8a-7ubuntu SSL shared libraries - - (in fact it should have installed both by default if it knew what it - was doing.) See [140]here too. - Q-3: I just built x11vnc successfully, but when I use it my keystrokes and mouse button clicks are ignored (I am able to move the mouse @@ -4152,7 +4205,7 @@ exec @ARGV; channel using an external tool like stunnel? It is possible to use a "lighter weight" encryption setup than SSH or - IPSEC. SSL tunnels such as [318]stunnel (also [319]stunnel.mirt.net) + IPSEC. SSL tunnels such as [318]stunnel (also [319]stunnel.org) provide an encrypted channel without the need for Unix users, passwords, and key passphrases required for ssh (and at the other extreme SSL can also provide a complete signed certificate chain of @@ -4438,7 +4491,7 @@ connect = 5900 tunnel for you using stunnel. The -ssl method is the preferred way, but for historical reference we keep the -stunnel info here. - The [358]-stunnel mode requires the [359]www.stunnel.org command + The [358]-stunnel mode requires the [359]stunnel.mirt.net command stunnel(8) to be installed on the system. Some -stunnel examples: @@ -4834,15 +4887,19 @@ connect = 5900 SSL from the Internet with a Web browser to x11vnc running on their workstations behind a firewall? Yes. You will need to configure apache to forward these connections. - It is discussed [390]here. This provides a clean alternative to the - traditional method where the user uses SSH to log in through the - gateway to create the encrypted port redirection to x11vnc running on - her desktop. + It is discussed [390]here. This SSL VNC portal provides a clean + alternative to the traditional method where the user uses SSH to log + in through the gateway to create the encrypted port redirection to + x11vnc running on her desktop. + + Also see the [391]desktop.cgi CGI script method that achieves much of + what this Apache VNC SSL portal method does (as long as desktop.cgi's + 'port redirection' mode is enabled.) Q-57: Can I create and use my own SSL Certificate Authority (CA) with x11vnc? - Yes, see [391]this page for how to do this and the utility commands + Yes, see [392]this page for how to do this and the utility commands x11vnc provides to create and manage many types of certificates and private keys. @@ -4861,14 +4918,14 @@ connect = 5900 need to have sufficient permissions to connect to the X display. Here are some ideas: - * Use the description under "Continuously" in the [392]FAQ on x11vnc + * Use the description under "Continuously" in the [393]FAQ on x11vnc and Display Managers - * Use the description in the [393]FAQ on x11vnc and inetd(8) - * Use the description in the [394]FAQ on Unix user logins and + * Use the description in the [394]FAQ on x11vnc and inetd(8) + * Use the description in the [395]FAQ on Unix user logins and inetd(8) * Start x11vnc from your $HOME/.xsession (or $HOME/.xinitrc or autostart script or ...) - * Although less reliable, see the [395]x11vnc_loop rc.local hack + * Although less reliable, see the [396]x11vnc_loop rc.local hack below. The display manager scheme will not be specific to which user has the @@ -4890,9 +4947,9 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg X startup scripts (traditionally .xsession/.xinitrc) may have to be in a different directory or have a different basename. One user recommends the description under 'Running Scripts Automatically' at - [396]this link. + [397]this link. - Firewalls: note all methods will require the host-level [397]firewall + Firewalls: note all methods will require the host-level [398]firewall to be configured to allow connections in on a port. E.g. 5900 (default VNC port) or 22 (default SSH port for tunnelling VNC.) Most systems these days have firewalls turned on by default, so you will actively @@ -4916,23 +4973,30 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg It is usually possible to do this by just adjusting the XAUTHORITY environment variable to point to the correct MIT-COOKIE auth file - while running x11vnc as root, e.g. for the gnome display manager, gdm: + while running x11vnc as root, e.g. for the gnome display manager, GDM: x11vnc -auth /var/gdm/:0.Xauth -display :0 - (the [398]-auth option sets the XAUTHORITY variable for you.) + (the [399]-auth option sets the XAUTHORITY variable for you.) - There will be a similar thing for xdm using however a different auth - directory path (perhaps something like - /var/lib/xdm/authdir/authfiles/A:0-XQvaJk for xdm or + There will be a similar thing to do for xdm using however a different + auth directory path (perhaps something like + /var/lib/xdm/authdir/authfiles/A:0-XQvaJk) for the xdm greeter or /var/lib/kdm/A:0-crWk72 (or /var/run/xauth/A:0-qQPftr, etc. etc) for - kdm, where the random characters in the basename will vary.) Read your - system docs to find out where the display manager cookie files are - kept. + the kdm greeter. Of course, the random characters in the file basename + will vary and you will need to use the actual filename on your system. + Read your system docs to find out where the display manager cookie + files are kept. Trick: sometimes ps(1) can reveal the X server process -auth argument - (e.g. "ps wwwaux | grep auth") and hence the path to the auth file. + (e.g. "ps wwaux | grep auth") and hence the path to the auth file. + + x11vnc must be run as root for this because the /var/gdm/:0.Xauth, + /var/lib/kdm/A:0-crWk72, etc. auth files are only readable by root. If + you do not want to run x11vnc as root, you can copy (as root or sudo) + the auth file to some location and make it readable by your userid. + Then run x11vnc as your userid with -auth pointed to the copied file. - Update Dec/2009: use "[399]-auth guess" to have x11vnc try to guess + Update Dec/2009: use "[400]-auth guess" to have x11vnc try to guess the location of the auth file for you. You next connect to x11vnc with a VNC viewer, give your username and @@ -4950,10 +5014,10 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg (BTW, the auth file should be in /var/dt), you'll also need to add something like Dtlogin*grabServer:False to the Xconfig file (/etc/dt/config/Xconfig or /usr/dt/config/Xconfig on Solaris, see - [400]the example at the end of this FAQ.) Then restart dtlogin, e.g.: + [401]the example at the end of this FAQ.) Then restart dtlogin, e.g.: /etc/init.d/dtlogin stop; /etc/init.d/dtlogin start or reboot. - Update Nov/2008: Regarding GDM KillInitClients: see the [401]-reopen + Update Nov/2008: Regarding GDM KillInitClients: see the [402]-reopen option for another possible workaround. Update Oct/2009: Regarding GDM KillInitClients: starting with x11vnc @@ -4980,7 +5044,7 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg Please consider the security implications of this! The VNC display for the X session always accessible (but hopefully password protected.) - Add [402]-localhost if you only plan to access via a [403]SSH tunnel. + Add [403]-localhost if you only plan to access via a [404]SSH tunnel. The name of the display manager startup script file depends on desktop used and seem to be: @@ -5018,7 +5082,7 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg -forever -bg where you should customize the exact command to your needs (e.g. - [404]-localhost for SSH tunnel-only access; [405]-ssl SAVE for SSL + [405]-localhost for SSH tunnel-only access; [406]-ssl SAVE for SSL access; etc.) Happy, happy, joy, joy: Note that we do not need to specify -display @@ -5026,7 +5090,7 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg and XAUTHORITY environment variables for the Xsetup script!!! You may also want to force the VNC port with something like "-rfbport - 5900" (or [406]-N) to avoid autoselecting one if 5900 is already + 5900" (or [407]-N) to avoid autoselecting one if 5900 is already taken. _________________________________________________________________ @@ -5042,7 +5106,7 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg Then restart: /usr/sbin/gdm-restart (or reboot.) The KillInitClients=false setting is important: without it x11vnc will be - killed immediately after the user logs in. Here are [407]full details + killed immediately after the user logs in. Here are [408]full details on how to configure gdm _________________________________________________________________ @@ -5084,16 +5148,16 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg If you do not want to deal with any display manager startup scripts, here is a kludgey script that can be run manually or out of a boot - file like rc.local: [408]x11vnc_loop It will need some local + file like rc.local: [409]x11vnc_loop It will need some local customization before running. Because the XAUTHORITY auth file must be guessed by this script, use of the display manager script method - described above is greatly preferred. There is also the [409]-loop + described above is greatly preferred. There is also the [410]-loop option that does something similar. If the machine is a traditional Xterminal you may want to read - [410]this FAQ. + [411]this FAQ. - Firewalls: note all methods will require the host-level [411]firewall + Firewalls: note all methods will require the host-level [412]firewall to be configured to allow connections in on a port. E.g. 5900 (default VNC port) or 22 (default SSH port for tunnelling VNC.) Most systems these days have firewalls turned on by default, so you will actively @@ -5109,7 +5173,7 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg 5900 stream tcp nowait root /usr/sbin/tcpd /usr/local/bin/x11vnc_sh - where the shell script /usr/local/bin/x11vnc_sh uses the [412]-inetd + where the shell script /usr/local/bin/x11vnc_sh uses the [413]-inetd option and looks something like (you'll need to customize to your settings.) #!/bin/sh @@ -5122,7 +5186,7 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg and that confuses it greatly, causing it to abort.) If you do not use a wrapper script as above but rather call x11vnc directly in /etc/inetd.conf and do not redirect stderr to a file, then you must - specify the -q (aka [413]-quiet) option: "/usr/local/bin/x11vnc -q + specify the -q (aka [414]-quiet) option: "/usr/local/bin/x11vnc -q -inetd ...". When you supply both -q and -inet and no "-o logfile" then stderr will automatically be closed (to prevent, e.g. library stderr messages leaking out to the viewer.) The recommended practice @@ -5130,12 +5194,12 @@ x11vnc -logfile $HOME/.x11vnc.log -rfbauth $HOME/.vnc/passwd -forever -bg script with "2>logfile" redirection because the errors and warnings printed out are very useful in troubleshooting problems. - Note also the need to set XAUTHORITY via [414]-auth to point to the + Note also the need to set XAUTHORITY via [415]-auth to point to the MIT-COOKIE auth file to get permission to connect to the X display (setting and exporting the XAUTHORITY variable accomplishes the same thing.) See the x11vnc_loop file in the previous question for more ideas on what that auth file may be, etc. The scheme described in the - [415]FAQ on Unix user logins and inetd(8) works around the XAUTHORITY + [416]FAQ on Unix user logins and inetd(8) works around the XAUTHORITY issue nicely. Note: On Solaris you cannot have the bare number 5900 in @@ -5201,8 +5265,8 @@ service x11vncservice #!/bin/sh COLUMNS=256 export COLUMNS -authfile=`ps wwwaux | grep '/X.*-auth' | grep -v grep | sed -e 's/^.*-auth *//' - -e 's/ .*$//' | head -n 1` +authfile=`ps wwaux | grep '/X.*-auth' | grep -v grep | sed -e 's/^.*-auth *//' +-e 's/ .*$//' | head -n 1` if [ -r "$authfile" ]; then exec /usr/local/bin/x11vnc -inetd -o /var/log/x11vnc.log -display :0 -a @@ -5220,9 +5284,9 @@ exec /usr/local/bin/x11vnc -inetd -o /var/log/x11vnc.log -find -env FD_XDM=1 it automatically? Yes, as of Feb/2007 x11vnc supports mDNS / Zeroconf advertising of its - service via the Avahi client library. Use the option [416]-avahi (same - as [417]-mdns or [418]-zeroconf) to enable it. Depending on your setup - you may need to install [419]Avahi (including the development/build + service via the Avahi client library. Use the option [417]-avahi (same + as [418]-mdns or [419]-zeroconf) to enable it. Depending on your setup + you may need to install [420]Avahi (including the development/build packages), enable the server: avahi-daemon and avahi-dnsconfd, and possibly open up UDP port 5353 on your firewall. @@ -5251,11 +5315,11 @@ exec /usr/local/bin/x11vnc -inetd -o /var/log/x11vnc.log -find -env FD_XDM=1 machine and then attach to it? How about starting an X session if one cannot be found? - The easiest way to do this is via [420]inetd(8) using the [421]-unixpw - and [422]-display WAIT options. The reason inetd(8) makes this easier + The easiest way to do this is via [421]inetd(8) using the [422]-unixpw + and [423]-display WAIT options. The reason inetd(8) makes this easier is that it starts a new x11vnc process for each new user connection. Otherwise a wrapper would have to listen for connections and spawn new - x11vnc's (see [423]this example and also the [424]-loopbg option.) + x11vnc's (see [424]this example and also the [425]-loopbg option.) inetd(8) is not required for this, but it makes some aspects more general. @@ -5263,23 +5327,23 @@ exec /usr/local/bin/x11vnc -inetd -o /var/log/x11vnc.log -find -env FD_XDM=1 hostname:0, and do not need to memorize a special VNC display number just for their personal use, etc. - Update: Use the [425]-find, [426]-create, [427]-svc, and [428]-xdmsvc + Update: Use the [426]-find, [427]-create, [428]-svc, and [429]-xdmsvc options that are shorthand for common FINDCREATEDISPLAY usage modes (e.g. terminal services) described below. (i.e. simply use "-svc" instead of the cumbersome "-display WAIT:cmd=FINDCREATEDISPLAY-Xvfb -unixpw -users unixpw= -ssl SAVE") - The [429]-display WAIT option makes x11vnc wait until a VNC viewer is + The [430]-display WAIT option makes x11vnc wait until a VNC viewer is connected before attaching to the X display. Additionally it can be used to run an external command that returns the DISPLAY and XAUTHORITY data. We provide some useful builtin ones (FINDDISPLAY and FINDCREATEDISPLAY below), but in principle one could supply his own script: "-display WAIT:cmd=/path/to/find_display" where - the script find_display might look something like [430]this. + the script find_display might look something like [431]this. A default script somewhat like the above is used under "-display - WAIT:cmd=FINDDISPLAY" (same as [431]-find) The format for any such + WAIT:cmd=FINDDISPLAY" (same as [432]-find) The format for any such command is that it returns DISPLAY=:disp as the first line and any remaining lines are either XAUTHORITY=file or raw xauth data (the above example does the latter.) If applicable (-unixpw mode), the @@ -5290,10 +5354,10 @@ exec /usr/local/bin/x11vnc -inetd -o /var/log/x11vnc.log -find -env FD_XDM=1 only the X server process ID is known it appends ",XPID=n" (a chvt will be attempted by x11vnc.) - Tip: Note that the [432]-find option is an alias for "-display + Tip: Note that the [433]-find option is an alias for "-display WAIT:cmd=FINDDISPLAY". Use it! - The [433]-unixpw option allows [434]UNIX password logins. It + The [434]-unixpw option allows [435]UNIX password logins. It conveniently knows the Unix username whose X display should be found. Here are a couple /etc/inetd.conf examples of this usage: 5900 stream tcp nowait nobody /usr/sbin/tcpd /usr/local/bin/x11vnc -inetd @@ -5303,19 +5367,19 @@ exec /usr/local/bin/x11vnc -inetd -o /var/log/x11vnc.log -find -env FD_XDM=1 -unixpw \ -find -o /var/log/x11vnc.log -ssl SAVE -users unixpw= - Note we have used the [435]-find alias and the very long lines have + Note we have used the [436]-find alias and the very long lines have been split. An alternative is to use a wrapper script, e.g. /usr/local/bin/x11vnc.sh that has all of the options. (see also the - [436]-svc alias.) + [437]-svc alias.) In the first inetd line x11vnc is run as user "nobody" and stays user nobody during the whole session. The permissions of the log files and certs directory will need to be set up to allow "nobody" to use them. In the second one x11vnc is run as root and switches to the user that - logs in due to the "[437]-users unixpw=" option. + logs in due to the "[438]-users unixpw=" option. - Note that [438]SSL is required for this mode because otherwise the + Note that [439]SSL is required for this mode because otherwise the Unix password would be passed in clear text over the network. In general -unixpw is not required for this sort of scheme, but it is convenient because it determines exactly who the Unix user is whose @@ -5323,17 +5387,17 @@ exec /usr/local/bin/x11vnc -inetd -o /var/log/x11vnc.log -find -env FD_XDM=1 to use some method to work out DISPLAY, XAUTHORITY, etc (perhaps you use multiple inetd ports and hardwire usernames for different ports.) - If you really want to disable the SSL or SSH [439]-localhost + If you really want to disable the SSL or SSH [440]-localhost constraints (this is not recommended unless you really know what you are doing: Unix passwords sent in clear text is a very bad idea...) - read the [440]-unixpw documentation. + read the [441]-unixpw documentation. A inetd(8) scheme for a fixed user that doesn't use SSL or unix passwds could be: /usr/local/bin/x11vnc -inetd -users =fred -find -rfbauth /home/fred/.vnc/pass wd -o /var/log/x11vnc.log - The "[441]-users =fred" option will cause x11vnc to switch to user + The "[442]-users =fred" option will cause x11vnc to switch to user fred and then find his X display. The VNC password (-rfbauth) as opposed to Unix password (-unixpw) is used to authenticate the VNC client. @@ -5350,8 +5414,11 @@ wd -o /var/log/x11vnc.log tries to start up an X server (normally it just attaches to an existing one.) + For virtual sessions you will need to install the Xvfb program (e.g. + apt-get install xvfb) or our Xdummy program (see below.) + By default it will only try to start up virtual (non-hardware) X - servers: first [442]Xvfb and if that is not available then Xdummy + servers: first [443]Xvfb and if that is not available then Xdummy (included in the x11vnc source code.) Note that Xdummy only works on Linux whereas Xvfb works just about everywhere (and in some situations Xdummy must be run as root.) An advantage of Xdummy over Xvfb is that @@ -5365,16 +5432,16 @@ wd -o /var/log/x11vnc.log -ssl SAVE -unixpw -users unixpw= -display WAIT:cmd=FINDCREATEDISPLAY Where the very long lines have been split. See below where that long - and cumbersome last line is replaced by the [443]-svc alias. + and cumbersome last line is replaced by the [444]-svc alias. - The above mode will allow direct SSL (e.g. [444]ss_vncviewer or - [445]SSVNC) access and also Java Web browers access via: + The above mode will allow direct SSL (e.g. [445]ss_vncviewer or + [446]SSVNC) access and also Java Web browers access via: https://hostname:5900/. - Tip: Note that the [446]-create option is an alias for "-display + Tip: Note that the [447]-create option is an alias for "-display WAIT:cmd=FINDCREATEDISPLAY-Xvfb". - Tip: Note that [447]-svc is a short hand for the long "-ssl SAVE + Tip: Note that [448]-svc is a short hand for the long "-ssl SAVE -unixpw -users unixpw= -display WAIT:cmd=FINDCREATEDISPLAY" part. Unlike -create, this alias also sets up SSL encryption and Unix password login. @@ -5386,7 +5453,7 @@ wd -o /var/log/x11vnc.log Tip: In addition to the usual unixpw parameters, inside the VNC viewer the user can specify after his username (following a ":" see - [448]-display WAIT for details) for FINDCREATEDISPLAY they can add + [449]-display WAIT for details) for FINDCREATEDISPLAY they can add "geom=WxH" or "geom=WxHxD" to specify the width, height, and optionally the color depth. E.g. "fred:geom=800x600" at the login: prompt. Also if the env. var X11VNC_CREATE_GEOM is set to the desired @@ -5420,10 +5487,10 @@ bin/x11vnc -svc To print out the script in this case use "-display WAIT:cmd=FINDCREATEDISPLAY-print". To change the preference of Xservers and which to try list them, e.g.: "-display - WAIT:cmd=FINDCREATEDISPLAY-X,Xvfb,Xdummy" or use "[449]-create_xsrv + WAIT:cmd=FINDCREATEDISPLAY-X,Xvfb,Xdummy" or use "[450]-create_xsrv X,Xvfb,Xdummy". The "X" one means to try to start up a real, hardware X server, e.g. startx(1) (if there is already a real X server running - this may only work on Linux and the chvt program may [450]need to be + this may only work on Linux and the chvt program may [451]need to be run to switch to the correct Linux virtual terminal.) x11vnc will try to run chvt automatically if it can determine which VT should be switched to. @@ -5452,7 +5519,7 @@ bin/x11vnc -svc will also typically block UDP (port 177 for XDMCP) by default effectively limiting the UDP connections to localhost. - Tip: Note that [451]-xdmsvc is a short hand alias for the long "-ssl + Tip: Note that [452]-xdmsvc is a short hand alias for the long "-ssl SAVE -unixpw -users unixpw= -display WAIT:cmd=FINDCREATEDISPLAY-Xvfb.xdmcp". So we simply use: service x11vnc @@ -5521,15 +5588,15 @@ t:5 Q-63: Can I have x11vnc restart itself after it terminates? One could do this in a shell script, but now there is an option - [452]-loop that makes it easier. Of course when x11vnc restarts it + [453]-loop that makes it easier. Of course when x11vnc restarts it needs to have permissions to connect to the (potentially new) X display. This mode could be useful if the X server restarts often. Use e.g. "-loop5000" to sleep 5000 ms between restarts. Also "-loop2000,5" to sleep 2000 ms and only restart 5 times. - One can also use the [453]-loopbg to emulate inetd(8) to some degree, + One can also use the [454]-loopbg to emulate inetd(8) to some degree, where each connected process runs in the background. It could be - combined, say, with the [454]-svc option to provide simple terminal + combined, say, with the [455]-svc option to provide simple terminal services without using inetd(8). @@ -5537,7 +5604,7 @@ t:5 web browser? To have x11vnc serve up a Java VNC viewer applet to any web browsers - that connect to it, run x11vnc with this [455]option: + that connect to it, run x11vnc with this [456]option: -httpdir /path/to/the/java/classes/dir (this directory will contain the files index.vnc and, for example, @@ -5556,7 +5623,7 @@ t:5 then you can connect to that URL with any Java enabled browser. Feel free to customize the default index.vnc file in the classes directory. - As of May/2005 the [456]-http option will try to guess where the Java + As of May/2005 the [457]-http option will try to guess where the Java classes jar file is by looking in expected locations and ones relative to the x11vnc binary. @@ -5565,7 +5632,7 @@ t:5 either the java or appletviewer commands to run the program. java -cp ./VncViewer.jar VncViewer HOST far-away.east PORT 5900 - Proxies: See the [457]discussion here if the web browser must use a + Proxies: See the [458]discussion here if the web browser must use a web proxy to connect to the internet. It is tricky to get Java applets to work in this case: a signed applet must be used so it can connect to the proxy and ask for the redirection to the VNC server. One way to @@ -5581,7 +5648,7 @@ t:5 As of Mar/2004 x11vnc supports reverse connections. On Unix one starts the VNC viewer in listen mode: "vncviewer -listen" (see your documentation for Windows, etc), and then starts up x11vnc with the - [458]-connect option. To connect immediately at x11vnc startup time + [459]-connect option. To connect immediately at x11vnc startup time use the "-connect host:port" option (use commas for a list of hosts to connect to.) The ":port" is optional (default is VNC listening port is 5500.) @@ -5590,11 +5657,11 @@ t:5 file is checked periodically (about once a second) for new hosts to connect to. - The [459]-remote control option (aka -R) can also be used to do this + The [460]-remote control option (aka -R) can also be used to do this during an active x11vnc session, e.g.: x11vnc -display :0 -R connect:hostname.domain - Use the "[460]-connect_or_exit" option to have x11vnc exit if the + Use the "[461]-connect_or_exit" option to have x11vnc exit if the reverse connection fails. Also, note the "-rfbport 0" option disables TCP listening for connections (potentially useful for reverse connection mode, assuming you do not want any "forward" connections.) @@ -5607,7 +5674,7 @@ x11vnc -display :0 -R connect:hostname.domain X11VNC_REVERSE_CONNECTION_NO_AUTH=1" to x11vnc. Vncconnect command: To use the vncconnect(1) program (from the core - VNC package at www.realvnc.com) specify the [461]-vncconnect option to + VNC package at www.realvnc.com) specify the [462]-vncconnect option to x11vnc (Note: as of Dec/2004 -vncconnect is now the default.) vncconnect(1) must be pointed to the same X11 DISPLAY as x11vnc (since it uses X properties to communicate with x11vnc.) If you do not have @@ -5626,7 +5693,7 @@ xprop -root -f VNC_CONNECT 8s -set VNC_CONNECT "$1" proxy or SSH? Yes, as of Oct/2007 x11vnc supports reverse connections through - proxies: use the "[462]-proxy host:port" option. The default is to + proxies: use the "[463]-proxy host:port" option. The default is to assume the proxy is a Web proxy. Note that most Web proxies only allow proxy destination connections to ports 443 (HTTPS) and 563 (SNEWS) and so this might not be too useful unless the proxy has been modified @@ -5646,11 +5713,11 @@ xprop -root -f VNC_CONNECT 8s -set VNC_CONNECT "$1" connections. An experimental mode is "-proxy http://host:port/..." where the URL - (e.g. a CGI script) is retrieved via the GET method. See [463]-proxy + (e.g. a CGI script) is retrieved via the GET method. See [464]-proxy for more info. Another experimental mode is "-proxy ssh://user@host" in which case a - SSH tunnel is used for the proxying. See [464]-proxy for more info. + SSH tunnel is used for the proxying. See [465]-proxy for more info. Up to 3 proxies may be chained together by listing them by commas e.g.: "-proxy http://host1:port1,socks5://host2:port2" in case one @@ -5658,7 +5725,34 @@ xprop -root -f VNC_CONNECT 8s -set VNC_CONNECT "$1" listening viewer. - Q-67: Can I use x11vnc as a replacement for Xvnc? (i.e. not for a real + Q-67: Can x11vnc provide a multi-user desktop web login service as an + Apache CGI or PHP script? + Yes. See the example script [466]desktop.cgi for ideas. It is in the + source tree in the directory x11vnc/misc. It serves x11vnc's SSL + enabled Java Applet to the web browser with the correct connection + information for the user's virtual desktop (an [467]Xvfb session via + [468]-create; be sure to add the Xvfb package.) HTTPS/SSL enabled + Apache should be used to serve the script to avoid unix and vnc + passwords from being sent in cleartext and sniffed. + + By default it uses a separate VNC port for each user desktop (either + by autoprobing in a range of ports or using a port based on the userid + number.) The web server's firewall must allow incoming connections to + these ports. + + It is somewhat difficult to do all of this with x11vnc listening on a + single port, however there is also a 'fixed port' scheme described in + the script based on [469]-loopbg that works fairly well (but more + experience is needed to see what problems contention for the same port + causes; however at worst one user may need to re-login.) + + There is also an optional 'port redirection' mode for desktop.cgi that + allows redirection to other machines inside the firewall already + running SSL enabled VNC servers. This provides much of the + functionality as the [470]SSL Portal and is easier to set up. + + + Q-68: Can I use x11vnc as a replacement for Xvnc? (i.e. not for a real display, but for a virtual one I keep around.) You can, but you would not be doing this for performance reasons (for @@ -5672,14 +5766,17 @@ xprop -root -f VNC_CONNECT 8s -set VNC_CONNECT "$1" Another method, faster and more accurate, is to use the "dummy" Device Driver in XFree86/Xorg (see below.) + For these virtual sessions you will need to install the Xvfb program + (e.g. apt-get install xvfb) or our Xdummy program (see below.) + In either case, one can view this desktop both remotely and also - [465]locally using vncviewer. Make sure vncviewer's "-encodings raw" + [471]locally using vncviewer. Make sure vncviewer's "-encodings raw" is in effect for local viewing (compression seems to slow things down locally.) For local viewing you set up a "bare" window manager that - just starts up vncviewer and nothing else ([466]See how below.) + just starts up vncviewer and nothing else ([472]See how below.) Here is one way to start up Xvfb: - xinit -- /usr/X11R6/bin/Xvfb :1 -cc 4 -screen 0 1024x768x16 + xinit -- /usr/bin/Xvfb :1 -cc 4 -screen 0 1024x768x16 This starts up a 16bpp virtual display. To export it via VNC use x11vnc -display :1 ... @@ -5696,19 +5793,19 @@ xprop -root -f VNC_CONNECT 8s -set VNC_CONNECT "$1" "screen scrape" it very efficiently (more than, say, 100X faster than normal video hardware.) - Update Nov/2006: See the [467]FINDCREATEDISPLAY discussion of the - "[468]-display WAIT:cmd=FINDDISPLAY" option where virtual (Xvfb or + Update Nov/2006: See the [473]FINDCREATEDISPLAY discussion of the + "[474]-display WAIT:cmd=FINDDISPLAY" option where virtual (Xvfb or Xdummy, or even real ones by changing an option) X servers are started automatically for new users connecting. This provides a "desktop service" for the machine. You either get your real X session or your virtual (Xvfb/Xdummy) one whenever you connect to the machine - (inetd(8) is a nice way to provide this service.) The [469]-find, - [470]-create, [471]-svc, and [472]-xdmsvc aliases can also come in + (inetd(8) is a nice way to provide this service.) The [475]-find, + [476]-create, [477]-svc, and [478]-xdmsvc aliases can also come in handy here. There are some annoyances WRT Xvfb however. The default keyboard mapping seems to be very poor. One should run x11vnc with - [473]-add_keysyms option to have keysyms added automatically. Also, to + [479]-add_keysyms option to have keysyms added automatically. Also, to add the Shift_R and Control_R modifiers something like this is needed: #!/bin/sh xmodmap -e "keycode any = Shift_R" @@ -5720,7 +5817,7 @@ xmodmap -e "keycode any = Alt_R" xmodmap -e "keycode any = Meta_L" xmodmap -e "add Mod1 = Alt_L Alt_R Meta_L" - (note: these are applied automatically in the [474]FINDCREATEDISPLAY + (note: these are applied automatically in the [480]FINDCREATEDISPLAY mode of x11vnc.) Perhaps the Xvfb options -xkbdb or -xkbmap could be used to get a better default keyboard mapping... @@ -5735,11 +5832,11 @@ xmodmap -e "add Mod1 = Alt_L Alt_R Meta_L" The main drawback to this method (besides requiring extra configuration and possibly root permission) is that it also does the - Linux Virtual Console/Terminal (VC/VT) [475]switching even though it + Linux Virtual Console/Terminal (VC/VT) [481]switching even though it does not need to (since it doesn't use a real framebuffer.) There are some "dual headed" (actually multi-headed/multi-user) patches to the X server that turn off the VT usage in the X server. Update: As of - Jul/2005 we have an LD_PRELOAD script [476]Xdummy that allows you to + Jul/2005 we have an LD_PRELOAD script [482]Xdummy that allows you to use a stock (i.e. unpatched) Xorg or XFree86 server with the "dummy" driver and not have any VT switching problems! An advantage of Xdummy over Xvfb is that Xdummy supports RANDR dynamic screen resizing. @@ -5766,7 +5863,7 @@ x11vnc -display :5 -rfbport 5905 -bg vncviewer -geometry +0+0 -encodings raw -passwd $HOME/.vnc/passwd localhost:5 The display numbers (VNC and X) will likely be different (you could - also try [477]-find), and you may not need the -passwd. Recent RealVNC + also try [483]-find), and you may not need the -passwd. Recent RealVNC viewers might be this: #!/bin/sh x11vnc -display :5 -rfbport 5905 -bg @@ -5784,10 +5881,10 @@ t:5 XDM/GDM/KDM One-Shot X sessions: For the general replacement of Xvnc by Xvfb+x11vnc, one user describes a similar setup he created where the X sessions are one-shot's (destroyed after the vncviewer - disconnects) and it uses the XDM/GDM/KDM login greeter [478]here. + disconnects) and it uses the XDM/GDM/KDM login greeter [484]here. - Q-68: How can I use x11vnc on "headless" machines? Why might I want + Q-69: How can I use x11vnc on "headless" machines? Why might I want to? An interesting application of x11vnc is to let it export displays of @@ -5799,7 +5896,7 @@ t:5 An X server can be started on the headless machine (sometimes this requires configuring the X server to not fail if it cannot detect a keyboard or mouse, see the next paragraph.) Then you can export that X - display via x11vnc (e.g. see [479]this FAQ) and access it from + display via x11vnc (e.g. see [485]this FAQ) and access it from anywhere on the network via a VNC viewer. Some tips on getting X servers to start on machines without keyboard @@ -5823,15 +5920,15 @@ t:5 cards as it can hold to provide multiple simultaneous access or testing on different kinds of video hardware. - See also the [480]FINDCREATEDISPLAY discussion of the "[481]-display + See also the [486]FINDCREATEDISPLAY discussion of the "[487]-display WAIT:cmd=FINDDISPLAY" option where virtual Xvfb or Xdummy, or real X servers are started automatically for new users connecting. The - [482]-find, [483]-create, [484]-svc, and [485]-xdmsvc aliases can also + [488]-find, [489]-create, [490]-svc, and [491]-xdmsvc aliases can also come in handy here. [Resource Usage and Performance] - Q-69: I have lots of memory, but why does x11vnc fail with shmget: + Q-70: I have lots of memory, but why does x11vnc fail with shmget: No space left on device or Minor opcode of failed request: 1 (X_ShmAttach)? @@ -5849,7 +5946,7 @@ t:5 19/03/2004 10:10:58 error creating tile-row shm for len=4 19/03/2004 10:10:58 reverting to single_copytile mode - Here is a shell script [486]shm_clear to list and prompt for removal + Here is a shell script [492]shm_clear to list and prompt for removal of your unattached shm segments (attached ones are skipped.) I use it while debugging x11vnc (I use "shm_clear -y" to assume "yes" for each prompt.) If x11vnc is regularly not cleaning up its shm segments, @@ -5883,49 +5980,49 @@ ied) in /etc/system. See the next paragraph for more workarounds. To minimize the number of shm segments used by x11vnc try using the - [487]-onetile option (corresponds to only 3 shm segments used, and + [493]-onetile option (corresponds to only 3 shm segments used, and adding -fs 1.0 knocks it down to 2.) If you are having much trouble with shm segments, consider disabling shm completely via the - [488]-noshm option. Performance will be somewhat degraded but when + [494]-noshm option. Performance will be somewhat degraded but when done over local machine sockets it should be acceptable (see an - [489]earlier question discussing -noshm.) + [495]earlier question discussing -noshm.) - Q-70: How can I make x11vnc use less system resources? + Q-71: How can I make x11vnc use less system resources? - The [490]-nap (now on by default; use -nonap to disable) and - "[491]-wait n" (where n is the sleep between polls in milliseconds, + The [496]-nap (now on by default; use -nonap to disable) and + "[497]-wait n" (where n is the sleep between polls in milliseconds, the default is 30 or so) option are good places to start. In addition, - something like "[492]-sb 15" will cause x11vnc to go into a deep-sleep + something like "[498]-sb 15" will cause x11vnc to go into a deep-sleep mode after 15 seconds of no activity (instead of the default 60.) Reducing the X server bits per pixel depth (e.g. to 16bpp or even 8bpp) will further decrease memory I/O and network I/O. The ShadowFB X server setting will make x11vnc's screen polling less severe. Using - the [493]-onetile option will use less memory and use fewer shared - memory slots (add [494]-fs 1.0 for one less slot.) + the [499]-onetile option will use less memory and use fewer shared + memory slots (add [500]-fs 1.0 for one less slot.) - Q-71: How can I make x11vnc use MORE system resources? + Q-72: How can I make x11vnc use MORE system resources? - You can try [495]-threads (note this mode can be unstable and/or + You can try [501]-threads (note this mode can be unstable and/or crash; and as of May/2008 is strongly discouraged, see the option description) or dial down the wait time (e.g. -wait 1) and possibly - dial down [496]-defer as well. Note that if you try to increase the + dial down [502]-defer as well. Note that if you try to increase the "frame rate" too much you can bog down the server end with the extra work it needs to do compressing the framebuffer data, etc. That said, it is possible to "stream" video via x11vnc if the video window is small enough. E.g. a 256x192 xawtv TV capture window (using - the x11vnc [497]-id option) can be streamed over a LAN or wireless at + the x11vnc [503]-id option) can be streamed over a LAN or wireless at a reasonable frame rate. If the graphics card's framebuffer read rate - is [498]faster than normal then the video window size and frame rate - can be much higher. The use of [499]TurboVNC and/or TurboJPEG can make + is [504]faster than normal then the video window size and frame rate + can be much higher. The use of [505]TurboVNC and/or TurboJPEG can make the frame rate somewhat higher still (but most of this hinges on the graphics card's read rate.) - Q-72: I use x11vnc over a slow link with high latency (e.g. dialup + Q-73: I use x11vnc over a slow link with high latency (e.g. dialup modem or broadband), is there anything I can do to speed things up? Some things you might want to experiment with (many of which will help @@ -5937,7 +6034,7 @@ ied) * Use a smaller desktop size (e.g. 1024x768 instead of 1280x1024) * Make sure the desktop background is a solid color (the background is resent every time it is re-exposed.) Consider using the - [500]-solid [color] option to try to do this automatically. + [506]-solid [color] option to try to do this automatically. * Configure your window manager or desktop "theme" to not use fancy images, shading, and gradients for the window decorations, etc. Disable window animations, etc. Maybe your desktop has a "low @@ -5946,9 +6043,9 @@ ied) -> Use Smooth Scrolling (deselect it.) * Avoid small scrolls of large windows using the Arrow keys or scrollbar. Try to use PageUp/PageDown instead. (not so much of a - problem in x11vnc 0.7.2 if [501]-scrollcopyrect is active and + problem in x11vnc 0.7.2 if [507]-scrollcopyrect is active and detecting scrolls for the application.) - * If the [502]-wireframe option is not available (earlier than + * If the [508]-wireframe option is not available (earlier than x11vnc 0.7.2 or you have disabled it via -nowireframe) then Disable Opaque Moves and Resizes in the window manager/desktop. * However if -wireframe is active (on by default in x11vnc 0.7.2) @@ -5971,7 +6068,7 @@ ied) noticed. VNC viewer parameters: - * Use a [503]TightVNC enabled viewer! (Actually, RealVNC 4.x viewer + * Use a [509]TightVNC enabled viewer! (Actually, RealVNC 4.x viewer with ZRLE encoding is not too bad either; some claim it is faster.) * Make sure the tight (or zrle) encoding is being used (look at @@ -5979,7 +6076,7 @@ ied) * Request 8 bits per pixel using -bgr233 (up to 4X speedup over depth 24 TrueColor (32bpp), but colors will be off) * RealVNC 4.x viewer has some extremely low color modes (only 64 and - even 8 colors.) [504]SSVNC does too. The colors are poor, but it + even 8 colors.) [510]SSVNC does too. The colors are poor, but it is usually noticeably faster than bgr233 (256 colors.) * Try increasing the TightVNC -compresslevel (compresses more on server side before sending, but uses more CPU) @@ -5993,39 +6090,39 @@ ied) file. x11vnc parameters: - * Make sure the [505]-wireframe option is active (it should be on by + * Make sure the [511]-wireframe option is active (it should be on by default) and you have Opaque Moves/Resizes Enabled in the window manager. - * Make sure the [506]-scrollcopyrect option is active (it should be + * Make sure the [512]-scrollcopyrect option is active (it should be on by default.) This detects scrolls in many (but not all) applications an applies the CopyRect encoding for a big speedup. * Enforce a solid background when VNC viewers are connected via - [507]-solid - * Try x11vnc's client-side caching [508]client-side caching scheme: - [509]-ncache - * Specify [510]-speeds modem to force the wireframe and + [513]-solid + * Try x11vnc's client-side caching [514]client-side caching scheme: + [515]-ncache + * Specify [516]-speeds modem to force the wireframe and scrollcopyrect heuristic parameters (and any future ones) to those of a dialup modem connection (or supply the rd,bw,lat numerical values that characterize your link.) * If wireframe and scrollcopyrect aren't working, try using the more - drastic [511]-nodragging (no screen updates when dragging mouse, + drastic [517]-nodragging (no screen updates when dragging mouse, but sometimes you miss visual feedback) - * Set [512]-fs 1.0 (disables fullscreen updates) - * Try increasing [513]-wait or [514]-defer (reduces the maximum + * Set [518]-fs 1.0 (disables fullscreen updates) + * Try increasing [519]-wait or [520]-defer (reduces the maximum "frame rate", but won't help much for large screen changes) - * Try the [515]-progressive pixelheight mode with the block + * Try the [521]-progressive pixelheight mode with the block pixelheight 100 or so (delays sending vertical blocks since they may change while viewer is receiving earlier ones) - * If you just want to watch one (simple) window use [516]-id or - [517]-appshare (cuts down extraneous polling and updates, but can + * If you just want to watch one (simple) window use [522]-id or + [523]-appshare (cuts down extraneous polling and updates, but can be buggy or insufficient) - * Set [518]-nosel (disables all clipboard selection exchange) - * Use [519]-nocursor and [520]-nocursorpos (repainting the remote + * Set [524]-nosel (disables all clipboard selection exchange) + * Use [525]-nocursor and [526]-nocursorpos (repainting the remote cursor position and shape takes resources and round trips) * On very slow links (e.g. <= 28.8) you may need to increase the - [521]-readtimeout n setting if it sometimes takes more than 20sec + [527]-readtimeout n setting if it sometimes takes more than 20sec to paint the full screen, etc. - * Do not use [522]-fixscreen to automatically refresh the whole + * Do not use [528]-fixscreen to automatically refresh the whole screen, tap three Alt_L's then the screen has painting errors (rare problem.) @@ -6076,7 +6173,7 @@ ied) * TBD. - Q-73: Does x11vnc support the X DAMAGE Xserver extension to find + Q-74: Does x11vnc support the X DAMAGE Xserver extension to find modified regions of the screen quickly and efficiently? Yes, as of Mar/2005 x11vnc will use the X DAMAGE extension by default @@ -6094,7 +6191,7 @@ ied) Note that the DAMAGE extension does not speed up the actual reading of pixels from the video card framebuffer memory, by, say, mirroring them - in main memory. So reading the fb is still painfully [523]slow (e.g. + in main memory. So reading the fb is still painfully [529]slow (e.g. 5MB/sec), and so even using X DAMAGE when large changes occur on the screen the bulk of the time is still spent retrieving them. Not ideal, but use of the ShadowFB XFree86/Xorg option speeds up the reading @@ -6112,45 +6209,45 @@ ied) DAMAGE rectangles to contain real damage. The larger rectangles are only used as hints to focus the traditional scanline polling (i.e. if a scanline doesn't intersect a recent DAMAGE rectangle, the scan is - skipped.) You can use the "[524]-xd_area A" option to adjust the size + skipped.) You can use the "[530]-xd_area A" option to adjust the size of the trusted DAMAGE rectangles. The default is 20000 pixels (e.g. a 140x140 square, etc.) Use "-xd_area 0" to disable the cutoff and trust all DAMAGE rectangles. - The option "[525]-xd_mem f" may also be of use in tuning the - algorithm. To disable using DAMAGE entirely use "[526]-noxdamage". + The option "[531]-xd_mem f" may also be of use in tuning the + algorithm. To disable using DAMAGE entirely use "[532]-noxdamage". - Q-74: My OpenGL application shows no screen updates unless I supply + Q-75: My OpenGL application shows no screen updates unless I supply the -noxdamage option to x11vnc. One user reports in his environment (MythTV using the NVIDIA OpenGL drivers) he gets no updates after the initial screen is drawn unless - he uses the "[527]-noxdamage" option. + he uses the "[533]-noxdamage" option. This seems to be a bug in the X DAMAGE implementation of that driver. You may have to use -noxdamage as well. A way to autodetect this will be tried, probably the best it will do is automatically stop using X DAMAGE. - A developer for [528]MiniMyth reports that the 'alphapulse' tag of the + A developer for [534]MiniMyth reports that the 'alphapulse' tag of the theme G.A.N.T. can also cause problems, and should be avoided when using VNC. - Update: see [529]this FAQ too. + Update: see [535]this FAQ too. - Q-75: When I drag windows around with the mouse or scroll up and down + Q-76: When I drag windows around with the mouse or scroll up and down things really bog down (unless I do the drag in a single, quick motion.) Is there anything to do to improve things? - This problem is primarily due to [530]slow hardware read rates from + This problem is primarily due to [536]slow hardware read rates from video cards: as you scroll or move a large window around the screen changes are much too rapid for x11vnc to keep up them (it can usually only read the video card at about 5-10 MB/sec, so it can take a good fraction of a second to read the changes induce from moving a large window, if this to be done a number of times in succession the window or scroll appears to "lurch" forward.) See the description in the - [531]-pointer_mode option for more info. The next bottleneck is + [537]-pointer_mode option for more info. The next bottleneck is compressing all of these changes and sending them out to connected viewers, however the VNC protocol is pretty much self-adapting with respect to that (updates are only packaged and sent when viewers ask @@ -6160,27 +6257,27 @@ ied) default should now be much better than before and dragging small windows around should no longer be a huge pain. If for some reason these changes make matters worse, you can go back to the old way via - the "[532]-pointer_mode 1" option. + the "[538]-pointer_mode 1" option. - Also added was the [533]-nodragging option that disables all screen + Also added was the [539]-nodragging option that disables all screen updates while dragging with the mouse (i.e. mouse motion with a button held down.) This gives the snappiest response, but might be undesired in some circumstances when you want to see the visual feedback while dragging (e.g. menu traversal or text selection.) - As of Dec/2004 the [534]-pointer_mode n option was introduced. n=1 is + As of Dec/2004 the [540]-pointer_mode n option was introduced. n=1 is the original mode, n=2 an improvement, etc.. See the -pointer_mode n help for more info. - Also, in some circumstances the [535]-threads option can improve + Also, in some circumstances the [541]-threads option can improve response considerably. Be forewarned that if more than one vncviewer is connected at the same time then libvncserver may not be thread safe (try to get the viewers to use different VNC encodings, e.g. tight and ZRLE.) This option can be unstable and so as of Feb/2008 it is disabled by default. Set env. X11VNC_THREADED=1 to re-enable. - As of Apr/2005 two new options (see the [536]wireframe FAQ and - [537]scrollcopyrect FAQ below) provide schemes to sweep this problem + As of Apr/2005 two new options (see the [542]wireframe FAQ and + [543]scrollcopyrect FAQ below) provide schemes to sweep this problem under the rug for window moves or resizes and for some (but not all) window scrolls. These are the preferred way of avoiding the "lurching" problem, contact me if they are not working. Note on SuSE and some @@ -6193,7 +6290,7 @@ Section "Module" EndSection - Q-76: Why not do something like wireframe animations to avoid the + Q-77: Why not do something like wireframe animations to avoid the windows "lurching" when being moved or resized? Nice idea for a hack! As of Apr/2005 x11vnc by default will apply @@ -6204,8 +6301,8 @@ EndSection the window move/resize stops, it returns to normal processing: you should only see the window appear in the new position. This spares you from interacting with a "lurching" window between all of the - intermediate steps. BTW the lurching is due to [538]slow video card - read rates (see [539]here too.) A displacement, even a small one, of a + intermediate steps. BTW the lurching is due to [544]slow video card + read rates (see [545]here too.) A displacement, even a small one, of a large window requires a non-negligible amount of time, a good fraction of a second, to read in from the hardware framebuffer. @@ -6213,7 +6310,7 @@ EndSection for -wireframe to do any good. The mode is currently on by default because most people are afflicted - with the problem. It can be disabled with the [540]-nowireframe option + with the problem. It can be disabled with the [546]-nowireframe option (aka -nowf.) Why might one want to turn off the wireframing? Since x11vnc is merely guessing when windows are being moved/resized, it may guess poorly for your window-manager or desktop, or even for the way @@ -6259,13 +6356,13 @@ EndSection * Maximum time to show a wireframe animation. * Minimum time between sending wireframe outlines. - See the [541]"-wireframe tweaks" option for more details. On a slow + See the [547]"-wireframe tweaks" option for more details. On a slow link, e.g. dialup modem, the parameters may be automatically adjusted for better response. CopyRect encoding: In addition to the above there is the - [542]"-wirecopyrect mode" option. It is also on by default. This + [548]"-wirecopyrect mode" option. It is also on by default. This instructs x11vnc to not only show the wireframe animation, but to also instruct all connected VNC viewers to locally translate the window image data from the original position to the new position on the @@ -6296,7 +6393,7 @@ EndSection -nowirecopyrect if this or other painting errors are unacceptable. - Q-77: Can x11vnc try to apply heuristics to detect when a window is + Q-78: Can x11vnc try to apply heuristics to detect when a window is scrolling its contents and use the CopyRect encoding for a speedup? Another nice idea for a hack! As of May/2005 x11vnc will by default @@ -6313,7 +6410,7 @@ EndSection requiring the image data to be transmitted over the network. For fast links the speedup is primarily due to x11vnc not having to read the scrolled framebuffer data from the X server (recall that reading from - the hardware framebuffer is [543]slow.) + the hardware framebuffer is [549]slow.) To do this x11vnc uses the RECORD X extension to snoop the X11 protocol between the X client with the focus window and the X server. @@ -6340,10 +6437,10 @@ EndSection the X server display: if one falls too far behind it could become a mess... - The initial implementation of [544]-scrollcopyrect option is useful in + The initial implementation of [550]-scrollcopyrect option is useful in that it detects many scrolls and thus gives a much nicer working - environment (especially when combined with the [545]-wireframe - [546]-wirecopyrect [547]options, which are also on by default; and if + environment (especially when combined with the [551]-wireframe + [552]-wirecopyrect [553]options, which are also on by default; and if you are willing to enable the ShadowFB things are very fast.) The fact that there aren't long delays or lurches during scrolling is the primary improvement. @@ -6376,10 +6473,10 @@ EndSection One can tap the Alt_L key (Left "Alt" key) 3 times in a row to signal x11vnc to refresh the screen to all viewers. Your VNC-viewer may have its own screen refresh hot-key or button. See - also: [548]-fixscreen + also: [554]-fixscreen * Some applications, notably OpenOffice, do XCopyArea scrolls in weird ways that assume ancestor window clipping is taking place. - See the [549]-scr_skip option for ways to tweak this on a + See the [555]-scr_skip option for ways to tweak this on a per-application basis. * Selecting text while dragging the mouse may be slower, especially if the Button-down event happens near the window's edge. This is @@ -6396,7 +6493,7 @@ EndSection because it fails to detect scrolls in it. Sometimes clicking inside the application window or selecting some text in it to force the focus helps. - * When using the [550]-scale option there will be a quick CopyRect + * When using the [556]-scale option there will be a quick CopyRect scroll, but it needs to be followed by a slower "cleanup" update. This is because for a fixed finite screen resolution (e.g. 75 dpi) scaling and copyrect-ing are not exactly independent. Scaling @@ -6409,7 +6506,7 @@ EndSection If you find the -scrollcopyrect behavior too approximate or distracting you can go back to the standard polling-only update method - with the [551]-noscrollcopyrect (or -noscr for short.) If you find + with the [557]-noscrollcopyrect (or -noscr for short.) If you find some extremely bad and repeatable behavior for -scrollcopyrect please report a bug. @@ -6430,13 +6527,13 @@ EndSection errors. - Q-78: Can x11vnc do client-side caching of pixel data? I.e. so when + Q-79: Can x11vnc do client-side caching of pixel data? I.e. so when that pixel data is needed again it does not have to be retransmitted over the network. - As of Dec/2006 in the [552]0.9 development tarball there is an + As of Dec/2006 in the [558]0.9 development tarball there is an experimental client-side caching implementation enabled by the - "[553]-ncache n" option. In fact, during the test period it was on by + "[559]-ncache n" option. In fact, during the test period it was on by default with n set to 10. To disable it use "-noncache". It is a simple scheme where a (very large) lower portion of the @@ -6463,7 +6560,7 @@ EndSection there is a bug: you can scroll down in your viewer and see a strange "history" of windows on your desktop. This is working as intended. One will need to try to adjust the size of his VNC Viewer window so the - cache area cannot be seen. [554]SSVNC (see below) can do this + cache area cannot be seen. [560]SSVNC (see below) can do this automatically. At some point LibVNCServer may implement a "rfbFBCrop" pseudoencoding @@ -6473,7 +6570,7 @@ EndSection rendering...) The Enhanced TightVNC Viewer (SSVNC) Unix viewer has a nice - [555]-ycrop option to help hide the pixel cache area from view. It + [561]-ycrop option to help hide the pixel cache area from view. It will turn on automatically if the framebuffer appears to be very tall (height more than twice the width), or you can supply the actual value for the height. If the screen is resized by scaling, etc, the ycrop @@ -6504,7 +6601,7 @@ EndSection an additional factor of 2 in memory use. However, even in the smallest usage mode with n equal 2 and - [556]-ncache_no_rootpixmap set (this requires only 2X additional + [562]-ncache_no_rootpixmap set (this requires only 2X additional framebuffer memory) there is still a noticable improvement for many activities, although it is not as dramatic as with, say n equal 12 and rootpixmap (desktop background) caching enabled. @@ -6515,7 +6612,7 @@ EndSection be tuned to use less, or the VNC community will extend the protocol to allow caching and replaying of compressed blobs of data. - Another option to experiment with is "[557]-ncache_cr". By specifying + Another option to experiment with is "[563]-ncache_cr". By specifying it, x11vnc will try to do smooth opaque window moves instead of its wireframe. This can give a very nice effect (note: on Unix the realvnc viewer seems to be smoother than the tightvnc viewer), but can lead to @@ -6568,28 +6665,28 @@ EndSection improving VNC performance by client side caching. - Q-79: Does x11vnc support TurboVNC? + Q-80: Does x11vnc support TurboVNC? As of Feb/2009 (development tarball) there is an experimental kludge to let you build x11vnc using TurboVNC's modified TightVNC encoding. - [558]TurboVNC is part of the [559]VirtualGL project. It does two main + [564]TurboVNC is part of the [565]VirtualGL project. It does two main things to speed up the TightVNC encoding: * It eliminates bottlenecks, overheads, wait-times in the TightVNC encoding implementation and instead only worries about sending very well (and quickly) compressed JPEG data. * A fast proprietary JPEG implemention is used (Intel IPP on x86) - instead of the usual libjpeg implementation. [560]TurboJPEG is an + instead of the usual libjpeg implementation. [566]TurboJPEG is an interface library, libturbojpeg, provided by the project that achieves this. TurboVNC works very well over LAN and evidently fast Broadband too. When using it with x11vnc in such a situation you may want to dial - down the delays, e.g. "[561]-wait 5" and "[562]-defer 5" (or even a + down the delays, e.g. "[567]-wait 5" and "[568]-defer 5" (or even a smaller setting) to poll and pump things out more quickly. See the instructions in "x11vnc/misc/turbovnc/README" for how to build x11vnc with TurboVNC support. You will also need to download the - [563]TurboJPEG software. + [569]TurboJPEG software. In brief, the steps look like this: cd x11vnc-x.y.z/x11vnc/misc/turbovnc @@ -6601,22 +6698,22 @@ EndSection where you replace "/DIR" with the directory containing libturbojpeg.so you downloaded separately. If it works out well enough TurboVNC support will be integrated into x11vnc and more of its tuning features - will be implemented. Support for TurboVNC in [564]SSVNC viewer has + will be implemented. Support for TurboVNC in [570]SSVNC viewer has been added as an experiment as well. If you try either one, let us know how it went. There also may be some Linux.i686 and Darwin.i386 x11vnc binaries with - TurboVNC support in the [565]misc. bins directory. For other platforms + TurboVNC support in the [571]misc. bins directory. For other platforms you will need to compile yourself. On relatively cheap and old hardware (Althon64 X2 5000+ / GeForce - 6200) x11vnc and [566]SSVNC, both TurboVNC enabled, were able to + 6200) x11vnc and [572]SSVNC, both TurboVNC enabled, were able to sustain 13.5 frames/sec (fps) and 15 Megapixels/sec using the VirtualGL supplied OpenGL benchmark program glxspheres. VirtualGL on - higher-end hardware can sustain [567]20-30 fps with the glxspheres + higher-end hardware can sustain [573]20-30 fps with the glxspheres benchmark. - Potential Slowdown: As we describe [568]elsewhere, unless you use + Potential Slowdown: As we describe [574]elsewhere, unless you use x11vnc with an X server using, say, NVidia proprietary drivers (or a virtual X server like Xvfb or Xdummy, or in ShadowFB mode), then the read rate from the graphics card can be rather slow (e.g. 10 MB/sec) @@ -6641,7 +6738,7 @@ EndSection [Mouse Cursor Shapes] - Q-80: Why isn't the mouse cursor shape (the little icon shape where + Q-81: Why isn't the mouse cursor shape (the little icon shape where the mouse pointer is) correct as I move from window to window? On X servers supporting XFIXES or Solaris/IRIX Overlay extensions it @@ -6656,23 +6753,23 @@ EndSection this is because the cursor shape is often downloaded to the graphics hardware (video card), but I could be mistaken. - A simple kludge is provided by the "[569]-cursor X" option that + A simple kludge is provided by the "[575]-cursor X" option that changes the cursor when the mouse is on the root background (or any window has the same cursor as the root background.) Note that desktops like GNOME or KDE often cover up the root background, so this won't - work for those cases. Also see the "[570]-cursor some" option for + work for those cases. Also see the "[576]-cursor some" option for additional kludges. Note that as of Aug/2004 on Solaris using the SUN_OVL overlay extension and IRIX, x11vnc can show the correct mouse cursor when the - [571]-overlay option is supplied. See [572]this FAQ for more info. + [577]-overlay option is supplied. See [578]this FAQ for more info. Also as of Dec/2004 XFIXES X extension support has been added to allow exact extraction of the mouse cursor shape. XFIXES fixes the problem of the cursor-shape being write-only: x11vnc can now query the X server for the current shape and send it back to the connected viewers. XFIXES is available on recent Linux Xorg based distros and - [573]Solaris 10. + [579]Solaris 10. The only XFIXES issue is the handling of alpha channel transparency in cursors. If a cursor has any translucency then in general it must be @@ -6680,10 +6777,10 @@ EndSection situations where the cursor transparency can also handled exactly: when the VNC Viewer requires the cursor shape be drawn into the VNC framebuffer or if you apply a patch to your VNC Viewer to extract - hidden alpha channel data under 32bpp. [574]Details can be found here. + hidden alpha channel data under 32bpp. [580]Details can be found here. - Q-81: When using XFIXES cursorshape mode, some of the cursors look + Q-82: When using XFIXES cursorshape mode, some of the cursors look really bad with extra black borders around the cursor and other cruft. How can I improve their appearance? @@ -6713,17 +6810,17 @@ EndSection for most cursor themes and you don't have to worry about it. In case it still looks bad for your cursor theme, there are (of - course!) some tunable parameters. The "[575]-alphacut n" option lets + course!) some tunable parameters. The "[581]-alphacut n" option lets you set the threshold "n" (between 0 and 255): cursor pixels with alpha values below n will be considered completely transparent while values equal to or above n will be completely opaque. The default is - 240. The "[576]-alphafrac f" option tries to correct individual + 240. The "[582]-alphafrac f" option tries to correct individual cursors that did not fare well with the default -alphacut value: if a cursor has less than fraction f (between 0.0 and 1.0) of its pixels selected by the default -alphacut, the threshold is lowered until f of its pixels are selected. The default fraction is 0.33. - Finally, there is an option [577]-alpharemove that is useful for + Finally, there is an option [583]-alpharemove that is useful for themes where many cursors are light colored (e.g. "whiteglass".) XFIXES returns the cursor data with the RGB values pre-multiplied by the alpha value. If the white cursors look too grey, specify @@ -6741,7 +6838,7 @@ EndSection heavily on redglass) look fine with the apparent default of alphacut:255. - Q-82: In XFIXES mode, are there any hacks to handle cursor + Q-83: In XFIXES mode, are there any hacks to handle cursor transparency ("alpha channel") exactly? As of Jan/2005 libvncserver has been modified to allow an alpha @@ -6749,10 +6846,10 @@ EndSection alpha channel data to libvncserver. However, this data will only be used for VNC clients that do not support the CursorShapeUpdates VNC extension (or have disabled it.) It can be disabled for all clients - with the [578]-nocursorshape x11vnc option. In this case the cursor is + with the [584]-nocursorshape x11vnc option. In this case the cursor is drawn, correctly blended with the background, into the VNC framebuffer before being sent out to the client. So the alpha blending is done on - the x11vnc side. Use the [579]-noalphablend option to disable this + the x11vnc side. Use the [585]-noalphablend option to disable this behavior (always approximate transparent cursors with opaque RGB values.) @@ -6776,17 +6873,17 @@ EndSection example on how to change the Windows TightVNC viewer to achieve the same thing (send me the patch if you get that working.) - This patch is applied to the [580]Enhanced TightVNC Viewer (SSVNC) + This patch is applied to the [586]Enhanced TightVNC Viewer (SSVNC) package we provide. [Mouse Pointer] - Q-83: Why does the mouse arrow just stay in one corner in my + Q-84: Why does the mouse arrow just stay in one corner in my vncviewer, whereas my cursor (that does move) is just a dot? - This default takes advantage of a [581]tightvnc extension + This default takes advantage of a [587]tightvnc extension (CursorShapeUpdates) that allows specifying a cursor image shape for - the local VNC viewer. You may disable it with the [582]-nocursor + the local VNC viewer. You may disable it with the [588]-nocursor option to x11vnc if your viewer does not have this extension. Note: as of Aug/2004 this should be fixed: the default for @@ -6795,22 +6892,22 @@ EndSection can also be disabled via -nocursor. - Q-84: Can I take advantage of the TightVNC extension to the VNC + Q-85: Can I take advantage of the TightVNC extension to the VNC protocol where Cursor Positions Updates are sent back to all connected clients (i.e. passive viewers can see the mouse cursor being moved around by another viewer)? - Use the [583]-cursorpos option when starting x11vnc. A VNC viewer must + Use the [589]-cursorpos option when starting x11vnc. A VNC viewer must support the Cursor Positions Updates for the user to see the mouse motions (the TightVNC viewers support this.) As of Aug/2004 -cursorpos - is the default. See also [584]-nocursorpos and [585]-nocursorshape. + is the default. See also [590]-nocursorpos and [591]-nocursorshape. - Q-85: Is it possible to swap the mouse buttons (e.g. left-handed + Q-86: Is it possible to swap the mouse buttons (e.g. left-handed operation), or arbitrarily remap them? How about mapping button clicks to keystrokes, e.g. to partially emulate Mouse wheel scrolling? - You can remap the mouse buttons via something like: [586]-buttonmap + You can remap the mouse buttons via something like: [592]-buttonmap 13-31 (or perhaps 12-21.) Also, note that xmodmap(1) lets you directly adjust the X server's button mappings, but in some circumstances it might be more desirable to have x11vnc do it. @@ -6818,7 +6915,7 @@ EndSection One user had an X server with only one mouse button(!) and was able to map all of the VNC client mouse buttons to it via: -buttonmap 123-111. - Note that the [587]-debug_pointer option prints out much info for + Note that the [593]-debug_pointer option prints out much info for every mouse/pointer event and is handy in solving problems. To map mouse button clicks to keystrokes you can use the alternate @@ -6840,7 +6937,7 @@ EndSection Exactly what keystroke "scrolling" events they should be bound to depends on one's taste. If this method is too approximate, one could - consider not using [588]-buttonmap but rather configuring the X server + consider not using [594]-buttonmap but rather configuring the X server to think it has a mouse with 5 buttons even though the physical mouse does not. (e.g. 'Option "ZAxisMapping" "4 5"'.) @@ -6867,10 +6964,10 @@ EndSection "click" usually gives a multi-line scroll.) [Keyboard Issues] - Q-86: How can I get my AltGr and Shift modifiers to work between + Q-87: How can I get my AltGr and Shift modifiers to work between keyboards for different languages? - The option [589]-modtweak should help here. It is a mode that monitors + The option [595]-modtweak should help here. It is a mode that monitors the state of the Shift and AltGr Modifiers and tries to deduce the correct keycode to send, possibly by sending fake modifier key presses and releases in addition to the actual keystroke. @@ -6879,25 +6976,25 @@ EndSection to get the old behavior.) This was done because it was noticed on newer XFree86 setups even on bland "us" keyboards like "pc104 us" XFree86 included a "ghost" key with both "<" and ">" it. This key does - not exist on the keyboard (see [590]this FAQ for more info.) Without + not exist on the keyboard (see [596]this FAQ for more info.) Without -modtweak there was then an ambiguity in the reverse map keysym => keycode, making it so the "<" symbol could not be typed. - Also see the [591]FAQ about the -xkb option for a more powerful method + Also see the [597]FAQ about the -xkb option for a more powerful method of modifier tweaking for use on X servers with the XKEYBOARD extension. When trying to resolve keyboard mapping problems, note that the - [592]-debug_keyboard option prints out much info for every keystroke + [598]-debug_keyboard option prints out much info for every keystroke and so can be useful debugging things. Note that one user had a strange setup and none of the above helped. - His solution was to disable all of the above and use [593]-nomodtweak. + His solution was to disable all of the above and use [599]-nomodtweak. This is the simplest form of keystroke insertion and it actually solved the problem. Try it if the other options don't help. - Q-87: When I try to type a "<" (i.e. less than) instead I get ">" + Q-88: When I try to type a "<" (i.e. less than) instead I get ">" (i.e. greater than)! Strangely, typing ">" works OK!! Does your keyboard have a single key with both "<" and ">" on it? Even @@ -6905,9 +7002,9 @@ EndSection (e.g. pc105 in the XF86Config file when it should be something else, say pc104.) - Short Cut: Try the [594]-xkb or [595]-sloppy_keys options and see if + Short Cut: Try the [600]-xkb or [601]-sloppy_keys options and see if that helps the situation. The discussion below is a bit outdated (e.g. - [596]-modtweak is now the default) but it is useful reference for + [602]-modtweak is now the default) but it is useful reference for various tricks and so is kept. @@ -6950,25 +7047,25 @@ EndSection -remap less-comma These are convenient in that they do not modify the actual X server - settings. The former ([597]-modtweak) is a mode that monitors the + settings. The former ([603]-modtweak) is a mode that monitors the state of the Shift and AltGr modifiers and tries to deduce the correct keycode sequence to send. Since Jul/2004 -modtweak is now the default. - The latter ([598]-remap less-comma) is an immediate remapping of the + The latter ([604]-remap less-comma) is an immediate remapping of the keysym less to the keysym comma when it comes in from a client (so when Shift is down the comma press will yield "<".) - See also the [599]FAQ about the -xkb option as a possible workaround + See also the [605]FAQ about the -xkb option as a possible workaround using the XKEYBOARD extension. - Note that the [600]-debug_keyboard option prints out much info for + Note that the [606]-debug_keyboard option prints out much info for every keystroke to aid debugging keyboard problems. - Q-88: Extra Character Inserted, E.g.: When I try to type a "<" (i.e. + Q-89: Extra Character Inserted, E.g.: When I try to type a "<" (i.e. less than) instead I get "<," (i.e. an extra comma.) This is likely because you press "Shift" then "<" but then released - the Shift key before releasing the "<". Because of a [601]keymapping + the Shift key before releasing the "<". Because of a [607]keymapping ambiguity the last event "< up" is interpreted as "," because that key unshifted is the comma. @@ -6976,16 +7073,16 @@ EndSection characters: in general it can happen whenever the Shift key is released early. - This should not happen in [602]-xkb mode, because it works hard to + This should not happen in [608]-xkb mode, because it works hard to resolve the ambiguities. If you do not want to use -xkb, try the - option [603]-sloppy_keys to attempt a similar type of algorithm. + option [609]-sloppy_keys to attempt a similar type of algorithm. One user had this problem for Italian and German keyboards with the key containing ":" and "." When he typed ":" he would get an extra "." inserted after the ":". The solution was -sloppy_keys. - Q-89: I'm using an "international" keyboard (e.g. German "de", or + Q-90: I'm using an "international" keyboard (e.g. German "de", or Danish "dk") and the -modtweak mode works well if the VNC viewer is run on a Unix/Linux machine with a similar keyboard. But if I run the VNC viewer on Unix/Linux with a different keyboard (e.g. "us") or @@ -7006,7 +7103,7 @@ EndSection In both cases no AltGr is sent to the VNC server, but we know AltGr is needed on the physical international keyboard to type a "@". - This all worked fine with x11vnc running with the [604]-modtweak + This all worked fine with x11vnc running with the [610]-modtweak option (it figures out how to adjust the Modifier keys (Shift or AltGr) to get the "@".) However it fails under recent versions of XFree86 (and the X.org fork.) These run the XKEYBOARD extension by @@ -7023,7 +7120,7 @@ EndSection * there is a new option -xkb to use the XKEYBOARD extension API to do the Modifier key tweaking. - The [605]-xkb option seems to fix all of the missing keys: "@", "<", + The [611]-xkb option seems to fix all of the missing keys: "@", "<", ">", etc.: it is recommended that you try it if you have this sort of problem. Let us know if there are any remaining problems (see the next paragraph for some known problems.) If you specify the -debug_keyboard @@ -7031,7 +7128,7 @@ EndSection debugging output (send it along with any problems you report.) Update: as of Jun/2005 x11vnc will try to automatically enable - [606]-xkb if it appears that would be beneficial (e.g. if it sees any + [612]-xkb if it appears that would be beneficial (e.g. if it sees any of "@", "<", ">", "[" and similar keys are mapped in a way that needs the -xkb to access them.) To disable this automatic check use -noxkb. @@ -7046,7 +7143,7 @@ EndSection was attached to keycode 93 (no physical key generates this keycode) while ISO_Level3_Shift was attached to keycode 113. The keycode skipping option was used to disable the ghost key: - [607]-skip_keycodes 93 + [613]-skip_keycodes 93 * In implementing -xkb we noticed that some characters were still not getting through, e.g. "~" and "^". This is not really an XKEYBOARD problem. What was happening was the VNC viewer was @@ -7064,16 +7161,16 @@ EndSection What to do? In general the VNC protocol has not really solved this problem: what should be done if the VNC viewer sends a keysym not recognized by the VNC server side? Workarounds can possibly be - created using the [608]-remap x11vnc option: + created using the [614]-remap x11vnc option: -remap asciitilde-dead_tilde,asciicircum-dead_circumflex etc. Use -remap filename if the list is long. Please send us your workarounds for this problem on your keyboard. Perhaps we can have x11vnc adjust automatically at some point. Also see the - [609]-add_keysyms option in the next paragraph. - Update: for convenience "[610]-remap DEAD" does many of these + [615]-add_keysyms option in the next paragraph. + Update: for convenience "[616]-remap DEAD" does many of these mappings at once. - * To complement the above workaround using the [611]-remap, an - option [612]-add_keysyms was added. This option instructs x11vnc + * To complement the above workaround using the [617]-remap, an + option [618]-add_keysyms was added. This option instructs x11vnc to bind any unknown Keysyms coming in from VNC viewers to unused Keycodes in the X server. This modifies the global state of the X server. When x11vnc exits it removes the extra keymappings it @@ -7084,7 +7181,7 @@ EndSection disable. - Q-90: When typing I sometimes get double, triple, or more of my + Q-91: When typing I sometimes get double, triple, or more of my keystrokes repeated. I'm sure I only typed them once, what can I do? This may be due to an interplay between your X server's key autorepeat @@ -7092,7 +7189,7 @@ EndSection Short answer: disable key autorepeating by running the command "xset r off" on the Xserver where x11vnc is run (restore via "xset r on") or - use the new (Jul/2004) [613]-norepeat x11vnc option. You will still + use the new (Jul/2004) [619]-norepeat x11vnc option. You will still have autorepeating because that is taken care of on your VNC viewer side. @@ -7116,18 +7213,18 @@ EndSection off", does the problem go away? The workaround is to manually apply "xset r off" and "xset r on" as - needed, or to use the [614]-norepeat (which has since Dec/2004 been + needed, or to use the [620]-norepeat (which has since Dec/2004 been made the default.) Note that with X server autorepeat turned off the VNC viewer side of the connection will (nearly always) do its own autorepeating so there is no big loss here, unless someone is also working at the physical display and misses his autorepeating. - Q-91: The x11vnc -norepeat mode is in effect, but I still get repeated + Q-92: The x11vnc -norepeat mode is in effect, but I still get repeated keystrokes!! Are you using x11vnc to log in to an X session via display manager? - (as described in [615]this FAQ) If so, x11vnc is starting before your + (as described in [621]this FAQ) If so, x11vnc is starting before your session and it disables autorepeat when you connect, but then after you log in your session startup (GNOME, KDE, ...) could be resetting the autorepeat to be on. Or it could be something inside your desktop @@ -7147,7 +7244,7 @@ EndSection should figure out how to disable that somehow. - Q-92: After using x11vnc for a while, I find that I cannot type some + Q-93: After using x11vnc for a while, I find that I cannot type some (or any) characters or my mouse clicks and drags no longer have any effect, or they lead to strange effects. What happened? @@ -7188,11 +7285,11 @@ EndSection desktop manages these "warps". If the viewer is not notified it cannot know it needs to release the modifiers. - You can also use the [616]-clear_mods option to try to clear all of + You can also use the [622]-clear_mods option to try to clear all of the modifier keys at x11vnc startup. You will still have to be careful that you do not leave the modifier key pressed down during your session. It is difficult to prevent this problem from occurring (short - of using [617]-remap to prevent sending all of the problem modifier + of using [623]-remap to prevent sending all of the problem modifier keys, which would make the destkop pretty unusable.) During a session these x11vnc remote control commands can also help: @@ -7205,16 +7302,16 @@ EndSection Num_Lock down. When these are locked on the remote side it can sometimes lead to strange desktop behavior (e.g. cannot drag or click on windows.) As above you may not notice this because the lock isn't - down on the local (Viewer) side. See [618]this FAQ on lock keys - problem. These options may help avoid the problem: [619]-skip_lockkeys - and [620]-capslock. See also [621]-clear_all. + down on the local (Viewer) side. See [624]this FAQ on lock keys + problem. These options may help avoid the problem: [625]-skip_lockkeys + and [626]-capslock. See also [627]-clear_all. - Q-93: The machine where I run x11vnc has an AltGr key, but the local + Q-94: The machine where I run x11vnc has an AltGr key, but the local machine where I run the VNC viewer does not. Is there a way I can map a local unused key to send an AltGr? How about a Compose key as well? - Something like "[622]-remap Super_R-Mode_switch" x11vnc option may + Something like "[628]-remap Super_R-Mode_switch" x11vnc option may work. Note that Super_R is the "Right Windoze(tm) Flaggie" key; you may want to choose another. The -debug_keyboard option comes in handy in finding keysym names (so does xev(1).) @@ -7225,7 +7322,7 @@ EndSection specify remappings from a file. - Q-94: I have a Sun machine I run x11vnc on. Its Sun keyboard has just + Q-95: I have a Sun machine I run x11vnc on. Its Sun keyboard has just one Alt key labelled "Alt" and two Meta keys labelled with little diamonds. The machine where I run the VNC viewer only has Alt keys. How can I send a Meta keypress? (e.g. emacs needs this) @@ -7237,13 +7334,13 @@ EndSection Since xmodmap(1) modifies the X server mappings you may not want to do this (because it affects local work on that machine.) Something like - the [623]-remap Alt_L-Meta_L to x11vnc may be sufficient for ones + the [629]-remap Alt_L-Meta_L to x11vnc may be sufficient for ones needs, and does not modify the X server environment. Note that you cannot send Alt_L in this case, maybe -remap Super_L-Meta_L would be a better choice if the Super_L key is typically unused in Unix. - Q-95: Running x11vnc on HP-UX I cannot type "#" I just get a "3" + Q-96: Running x11vnc on HP-UX I cannot type "#" I just get a "3" instead. One user reports this problem on HP-UX Rel_B.11.23. The problem was @@ -7257,7 +7354,7 @@ EndSection and similar triple mappings (with two in the AltGr/Mode_switch group) of a keysum to a single keycode. - Use the [624]-nomodtweak option as a workaround. You can also use + Use the [630]-nomodtweak option as a workaround. You can also use xmodmap to correct these mappings in the server, e.g.: xmodmap -e "keycode 47 = 3 numbersign" @@ -7266,12 +7363,12 @@ EndSection handle these mappings better. - Q-96: Can I map a keystroke to a mouse button click on the remote + Q-97: Can I map a keystroke to a mouse button click on the remote machine? This can be done directly in some X servers using AccessX and Pointer_EnableKeys, but is a bit awkward. It may be more convenient to - have x11vnc do the remapping. This can be done via the [625]-remap + have x11vnc do the remapping. This can be done via the [631]-remap option using the fake "keysyms" Button1, Button2, etc. as the "to" keys (i.e. the ones after the "-") @@ -7280,7 +7377,7 @@ EndSection button "paste" because (using XFree86/Xorg Emulate3Buttons) you have to click both buttons on the touch pad at the same time. This remapping: - [626]-remap Super_R-Button2 + [632]-remap Super_R-Button2 maps the Super_R "flag" key press to the Button2 click, thereby making X pasting a bit easier. @@ -7289,7 +7386,7 @@ EndSection are generated immediately on the x11vnc side. When the key is released (i.e. goes up) no events are generated. - Q-97: How can I get Caps_Lock to work between my VNC viewer and + Q-98: How can I get Caps_Lock to work between my VNC viewer and x11vnc? This is a little tricky because it is possible to get the Caps_Lock @@ -7299,13 +7396,13 @@ EndSection Caps_Lock in the viewer your local machine goes into the Caps_Lock on state and sends keysym "A" say when you press "a". x11vnc will then fake things up so that Shift is held down to generate "A". The - [627]-skip_lockkeys option should help to accomplish this. For finer - grain control use something like: "[628]-remap Caps_Lock-None". + [633]-skip_lockkeys option should help to accomplish this. For finer + grain control use something like: "[634]-remap Caps_Lock-None". - Also try the [629]-nomodtweak and [630]-capslock options. + Also try the [635]-nomodtweak and [636]-capslock options. Another useful option that turns off any Lock keys on the remote side - at startup and end is the [631]-clear_all option. During a session you + at startup and end is the [637]-clear_all option. During a session you can run these remote control commands to modify the Lock keys: x11vnc -R clear_locks x11vnc -R clear_all @@ -7315,7 +7412,7 @@ EndSection etc.) [Screen Related Issues and Features] - Q-98: The remote display is larger (in number of pixels) than the + Q-99: The remote display is larger (in number of pixels) than the local display I am running the vncviewer on. I don't like the vncviewer scrollbars, what I can do? @@ -7334,15 +7431,15 @@ EndSection There may also be scaling viewers out there (e.g. TightVNC or UltraVNC on Windows) that automatically shrink or expand the remote framebuffer to fit the local display. Especially for hand-held devices. See also - [632]the next FAQ on x11vnc scaling. + [638]the next FAQ on x11vnc scaling. - Q-99: Does x11vnc support server-side framebuffer scaling? (E.g. to + Q-100: Does x11vnc support server-side framebuffer scaling? (E.g. to make the desktop smaller.) As of Jun/2004 x11vnc provides basic server-side scaling. It is a global scaling of the desktop, not a per-client setting. To enable it - use the "[633]-scale fraction" option. "fraction" can either be a + use the "[639]-scale fraction" option. "fraction" can either be a floating point number (e.g. -scale 0.75) or the alternative m/n fraction notation (e.g. -scale 3/4.) Note that if fraction is greater than one the display is magnified. @@ -7367,7 +7464,7 @@ EndSection One can also use the ":nb" with an integer scale factor (say "-scale 2:nb") to use x11vnc as a screen magnifier for vision impaired - [634]applications. Since with integer scale factors the framebuffers + [640]applications. Since with integer scale factors the framebuffers become huge and scaling operations time consuming, be sure to use ":nb" for the fastest response. @@ -7393,7 +7490,7 @@ EndSection If one desires per-client scaling for something like 1:1 from a workstation and 1:2 from a smaller device (e.g. handheld), currently the only option is to run two (or more) x11vnc processes with - different scalings listening on separate ports ([635]-rfbport option, + different scalings listening on separate ports ([641]-rfbport option, etc.) Update: As of May/2006 x11vnc also supports the UltraVNC server-side @@ -7403,8 +7500,8 @@ EndSection "-rfbversion 3.6" for this to be recognized by UltraVNC viewers. BTW, whenever you run two or more x11vnc's on the same X display and - use the [636]GUI, then to avoid all of the x11vnc's simultaneously - answering the gui you will need to use something like [637]"-connect + use the [642]GUI, then to avoid all of the x11vnc's simultaneously + answering the gui you will need to use something like [643]"-connect file1 -gui ..." with different connect files for each x11vnc you want to control via the gui (or remote-control.) The "-connect file1" usage gives separate communication channels between a x11vnc process and the @@ -7413,12 +7510,12 @@ EndSection Update: As of Mar/2005 x11vnc now scales the mouse cursor with the same scale factor as the screen. If you don't want that, use the - [638]"-scale_cursor frac" option to set the cursor scaling to a + [644]"-scale_cursor frac" option to set the cursor scaling to a different factor (e.g. use "-scale_cursor 1" to keep the cursor at its natural unscaled size.) - Q-100: Does x11vnc work with Xinerama? (i.e. multiple monitors joined + Q-101: Does x11vnc work with Xinerama? (i.e. multiple monitors joined together to form one big, single screen.) Yes, it should generally work because it simply polls the big @@ -7441,26 +7538,26 @@ EndSection screen is not rectangular (e.g. 1280x1024 and 1024x768 monitors joined together), then there will be "non-existent" areas on the screen. The X server will return "garbage" image data for these areas and so they - may be distracting to the viewer. The [639]-blackout x11vnc option + may be distracting to the viewer. The [645]-blackout x11vnc option allows you to blacken-out rectangles by manually specifying their WxH+X+Y geometries. If your system has the libXinerama library, the - [640]-xinerama x11vnc option can be used to have it automatically + [646]-xinerama x11vnc option can be used to have it automatically determine the rectangles to be blackened out. (Note on 8bpp PseudoColor displays the fill color may not be black.) Update: - [641]-xinerama is now on by default. + [647]-xinerama is now on by default. Some users have reported that the mouse does not behave properly for their Xinerama display: i.e. the mouse cannot be moved to all regions - of the large display. If this happens try using the [642]-xwarppointer + of the large display. If this happens try using the [648]-xwarppointer option. This instructs x11vnc to fake mouse pointer motions using the XWarpPointer function instead of the XTestFakeMotionEvent XTEST function. (This may be due to a bug in the X server for XTEST when - Xinerama is enabled.) Update: As of Dec/2006 [643]-xwarppointer will + Xinerama is enabled.) Update: As of Dec/2006 [649]-xwarppointer will be applied automatically if Xinerama is detected. To disable use: -noxwarppointer - Q-101: Can I use x11vnc on a multi-headed display that is not Xinerama + Q-102: Can I use x11vnc on a multi-headed display that is not Xinerama (i.e. separate screens :0.0, :0.1, ... for each monitor)? You can, but it is a little bit awkward: you must start separate @@ -7478,32 +7575,32 @@ EndSection Note: if you are running on Solaris 8 or earlier you can easily hit up against the maximum of 6 shm segments per process (for Xsun in this case) from running multiple x11vnc processes. You should modify - /etc/system as mentioned in another [644]FAQ to increase the limit. It - is probably also a good idea to run with the [645]-onetile option in + /etc/system as mentioned in another [650]FAQ to increase the limit. It + is probably also a good idea to run with the [651]-onetile option in this case (to limit each x11vnc to 3 shm segments), or even - [646]-noshm to use no shm segments. + [652]-noshm to use no shm segments. - Q-102: Can x11vnc show only a portion of the display? (E.g. for a + Q-103: Can x11vnc show only a portion of the display? (E.g. for a special purpose application or a very large screen.) - As of Mar/2005 x11vnc has the "[647]-clip WxH+X+Y" option to select a + As of Mar/2005 x11vnc has the "[653]-clip WxH+X+Y" option to select a rectangle of width W, height H and offset (X, Y). Thus the VNC screen will be the clipped sub-region of the display and be only WxH in size. - One user used -clip to split up a large [648]Xinerama screen into two + One user used -clip to split up a large [654]Xinerama screen into two more managable smaller screens. This also works to view a sub-region of a single application window if - the [649]-id or [650]-sid options are used. The offset is measured + the [655]-id or [656]-sid options are used. The offset is measured from the upper left corner of the selected window. - Q-103: Does x11vnc support the XRANDR (X Resize, Rotate and + Q-104: Does x11vnc support the XRANDR (X Resize, Rotate and Reflection) extension? Whenever I rotate or resize the screen x11vnc just seems to crash. As of Dec/2004 x11vnc supports XRANDR. You enable it with the - [651]-xrandr option to make x11vnc monitor XRANDR events and also trap + [657]-xrandr option to make x11vnc monitor XRANDR events and also trap X server errors if the screen change occurred in the middle of an X call like XGetImage. Once it traps the screen change it will create a new framebuffer using the new screen. @@ -7513,9 +7610,9 @@ EndSection then the viewer will automatically resize. Otherwise, the new framebuffer is fit as best as possible into the original viewer size (portions of the screen may be clipped, unused, etc.) For these - viewers you can try the [652]-padgeom option to make the region big + viewers you can try the [658]-padgeom option to make the region big enough to hold all resizes and rotations. We have fixed this problem - for the TightVNC Viewer on Unix: [653]SSVNC + for the TightVNC Viewer on Unix: [659]SSVNC If you specify "-xrandr newfbsize" then vnc viewers that do not support NewFBSize will be disconnected before the resize. If you @@ -7523,21 +7620,21 @@ EndSection terminate. - Q-104: Independent of any XRANDR, can I have x11vnc rotate and/or + Q-105: Independent of any XRANDR, can I have x11vnc rotate and/or reflect the screen that the VNC viewers see? (e.g. for a handheld whose screen is rotated 90 degrees.) - As of Jul/2006 there is the [654]-rotate option allow this. E.g's: + As of Jul/2006 there is the [660]-rotate option allow this. E.g's: "-rotate +90", "-rotate -90", "-rotate x", etc. - Q-105: Why is the view in my VNC viewer completely black? Or why is + Q-106: Why is the view in my VNC viewer completely black? Or why is everything flashing around randomly? See the next FAQ for a possible explanation. - Q-106: I use Linux Virtual Terminals (VT's) to implement 'Fast User + Q-107: I use Linux Virtual Terminals (VT's) to implement 'Fast User Switching' between users' sessions (e.g. Betty is on Ctrl-Alt-F7, Bobby is on Ctrl-Alt-F8, and Sid is on Ctrl-Alt-F1: they use those keystrokes to switch between their sessions.) How come the view in a @@ -7566,7 +7663,7 @@ EndSection "chvt 7" for VT #7. - Q-107: I am using x11vnc where my local machine has "popup/hidden + Q-108: I am using x11vnc where my local machine has "popup/hidden taskbars" and the remote display where x11vnc runs also has "popup/hidden taskbars" and they interfere and fight with each other. What can I do? @@ -7581,7 +7678,7 @@ EndSection click on the task bar panel, and uncheck "enable auto-hide" from the panel properties dialog box. This will make the panel always visible. - Q-108: Help! x11vnc and my KDE screensaver keep switching each other + Q-109: Help! x11vnc and my KDE screensaver keep switching each other on and off every few seconds. This is a new (Jul/2006) problem seen, say, on the version of KDE that @@ -7592,13 +7689,13 @@ EndSection This may be a bug in kdesktop_lock. For now the only workaround is to disable the screensaver. You can try using another one such as - straight xscreensaver (see the instructions [655]here for how to + straight xscreensaver (see the instructions [661]here for how to disable kdesktop_lock.) If you have more info on this or see it outside of KDE please let us know. Update: It appears this is due to kdesktop_lock enabling the screen saver when the Monitor is in DPMS low-power state (e.g. standby, - suspend, or off.) In Nov/2006 the x11vnc [656]-nodpms option was added + suspend, or off.) In Nov/2006 the x11vnc [662]-nodpms option was added as a workaround. Normally it is a good thing that the monitor powers down (since x11vnc can still poll the framebuffer in this state), but if you experience the kdesktop_lock problem you can specify the @@ -7608,22 +7705,22 @@ EndSection disable the screensaver.) Feel free to file a bug against kdesktop_lock with KDE. - Q-109: I am running the beryl 3D window manager (or compiz, MythTv, + Q-110: I am running the beryl 3D window manager (or compiz, MythTv, Google Earth, or some other OpenGL app) and I do not get screen updates in x11vnc. This appears to be because the 3D OpenGL/GLX hardware screen updates do not get reported via the XDAMAGE mechanism. So this is a bug in - [657]beryl/compiz or XDAMAGE/Xorg or the (possibly 3rd party) video + [663]beryl/compiz or XDAMAGE/Xorg or the (possibly 3rd party) video card driver. - As a workaround apply the [658]-noxdamage option. As of Feb/2007 + As a workaround apply the [664]-noxdamage option. As of Feb/2007 x11vnc will try to autodetect the problem and disable XDAMAGE if is appears to be missing a lot of updates. But if you know you are using - beryl you might as well always supply -noxdamage. Thanks to [659]this + beryl you might as well always supply -noxdamage. Thanks to [665]this user who reported the problem and discovered the workaround. - A developer for [660]MiniMyth reports that the 'alphapulse' tag of the + A developer for [666]MiniMyth reports that the 'alphapulse' tag of the theme G.A.N.T. can also cause problems, and should be avoided when using VNC. @@ -7632,7 +7729,7 @@ EndSection responsiveness (especially for typing) and also leads to unnecessary CPU and memory I/O load due to the extra polling. - Q-110: Can I use x11vnc to view my VMWare session remotely? + Q-111: Can I use x11vnc to view my VMWare session remotely? Yes, since VMWare usually runs as an X application you can view it via x11vnc in the normal way. @@ -7643,9 +7740,9 @@ EndSection * Fullscreen mode The way VMWare does Fullscreen mode on Linux is to display the Guest - desktop in a separate Virtual Terminal (e.g. VT 8) (see [661]this FAQ + desktop in a separate Virtual Terminal (e.g. VT 8) (see [667]this FAQ on VT's for background.) Unfortunately, this Fullscreen VT is not an X - server. So x11vnc cannot access it (however, [662]see this discussion + server. So x11vnc cannot access it (however, [668]see this discussion of -rawfb for a possible workaround.) x11vnc works fine with "Normal X application window" and "Quick-Switch mode" because these use X. @@ -7666,13 +7763,13 @@ EndSection improve response. One can also cut the display depth (e.g. to 16bpp) in this 2nd X session to improve video performance. This 2nd X session emulates Fullscreen mode to some degree and can be viewed via x11vnc - as long as the VMWare X session [663]is in the active VT. + as long as the VMWare X session [669]is in the active VT. Also note that with a little bit of playing with "xwininfo -all -children" output one can extract the (non-toplevel) window-id of the of the Guest desktop only when VMWare is running as a normal X application. Then one can export just the guest desktop (i.e. without - the VMWare menu buttons) by use of the [664]-id windowid option. The + the VMWare menu buttons) by use of the [670]-id windowid option. The caveats are the X session VMWare is in must be in the active VT and the window must be fully visible, so this mode is not terribly convenient, but could be useful in some circumstances (e.g. running @@ -7684,14 +7781,14 @@ EndSection [Exporting non-X11 devices via VNC] - Q-111: Can non-X devices (e.g. a raw framebuffer) be viewed (and even + Q-112: Can non-X devices (e.g. a raw framebuffer) be viewed (and even controlled) via VNC with x11vnc? As of Apr/2005 there is support for this. Two options were added: - "[665]-rawfb string" (to indicate the raw frame buffer device, file, - etc. and its parameters) and "[666]-pipeinput command" (to provide an + "[671]-rawfb string" (to indicate the raw frame buffer device, file, + etc. and its parameters) and "[672]-pipeinput command" (to provide an external program that will inject or otherwise process mouse and - keystroke input.) Some useful [667]-pipeinput schemes, VID, CONSOLE, + keystroke input.) Some useful [673]-pipeinput schemes, VID, CONSOLE, and UINPUT, have since been built into x11vnc for convenience. This non-X mode for x11vnc is somewhat experimental because it is so @@ -7731,9 +7828,9 @@ EndSection access method.) Only use file if map isn't working. BTW, "mmap" is an alias for "map" and if you do not supply a type and the file exists, map is assumed (see the -help output and below for some exceptions to - this.) The "snap:" setting applies the [668]-snapfb option with + this.) The "snap:" setting applies the [674]-snapfb option with "file:" type reading (this is useful for exporting webcams or TV tuner - video; see [669]the next FAQ for more info.) + video; see [675]the next FAQ for more info.) Also, if the string is of the form "setup:cmd" then cmd is run and the first line of its output retrieved and used as the rawfb string. This @@ -7778,7 +7875,7 @@ EndSection screen to either shm or a mapped file. The format of these is XWD and so the initial header should be skipped. BTW, since XWD is not strictly RGB the view will only be approximate, but usable. Of course - for the case of Xvfb x11vnc can poll it much better via the [670]X + for the case of Xvfb x11vnc can poll it much better via the [676]X API, but you get the idea. By default in -rawfb mode x11vnc will actually close any X display it @@ -7809,13 +7906,13 @@ minal #2) tty1-tty6), or X graphical display (usually starting at tty7.) In addition to the text console other graphical ones may be viewed and interacted with as well, e.g. DirectFB or SVGAlib apps, VMWare non-X - fullscreen, or [671]Qt-embedded apps (PDAs/Handhelds.) By default the + fullscreen, or [677]Qt-embedded apps (PDAs/Handhelds.) By default the pipeinput mechanisms UINPUT and CONSOLE (keystrokes only) are automatically attempted in this mode under "-rawfb console". The Video4Linux Capture device, /dev/video0, etc is either a Webcam or a TV capture device and needs to have its driver enabled in the - kernel. See [672]this FAQ for details. If specified via "-rawfb Video" + kernel. See [678]this FAQ for details. If specified via "-rawfb Video" then the pipeinput method "VID" is applied (it lets you change video parameters dynamically via keystrokes.) @@ -7823,10 +7920,10 @@ minal #2) also useful in testing. - All of the above [673]-rawfb options are just for viewing the raw + All of the above [679]-rawfb options are just for viewing the raw framebuffer (although some of the aliases do imply keystroke and mouse pipeinput methods.) That may be enough for certain applications of - this feature (e.g. suppose a [674]video camera mapped its framebuffer + this feature (e.g. suppose a [680]video camera mapped its framebuffer into memory and you just wanted to look at it via VNC.) To handle the pointer and keyboard input from the viewer users the "-pipeinput cmd" option was added to indicate a helper program to @@ -7864,7 +7961,7 @@ minal #2) keystrokes into the Linux console (e.g. the virtual consoles: /dev/tty1, /dev/tty2, etc) in x11vnc/misc/vcinject.pl. It is based on the vncterm/LinuxVNC.c program also in the libvncserver CVS. So to - view and interact with VT #2 (assuming it is the [675]active VT) one + view and interact with VT #2 (assuming it is the [681]active VT) one can run something like: x11vnc -rawfb map:/dev/fb0@1024x768x16 -pipeinput './vcinject.pl 2' @@ -7919,7 +8016,7 @@ minal #2) better to use the more accurate and faster LinuxVNC program. The advantage x11vnc -rawfb might have is that it can allow interaction with a non-text application, e.g. one based on SVGAlib or - [676]Qt-embedded Also, for example the [677]VMWare Fullscreen mode is + [682]Qt-embedded Also, for example the [683]VMWare Fullscreen mode is actually viewable under -rawfb and can be interacted with if uinput is enabled. @@ -7936,7 +8033,7 @@ minal #2) program that passes the framebuffer to libvncserver. - Q-112: Can I export the Linux Console (Virtual Terminals) via VNC + Q-113: Can I export the Linux Console (Virtual Terminals) via VNC using x11vnc? Yes, you may need to be root to access the devices that make up the @@ -7981,12 +8078,12 @@ minal #2) startx (or similar, e.g. gdm) in the virtual terminal. A 2nd x11vnc could be used to see if the X server is now working correctly. - Q-113: Can I export via VNC a Webcam or TV tuner framebuffer using + Q-114: Can I export via VNC a Webcam or TV tuner framebuffer using x11vnc? - Yes, this is possible to some degree with the [678]-rawfb option. + Yes, this is possible to some degree with the [684]-rawfb option. There is no X11 involved: snapshots from the video capture device are - used for the screen image data. See the [679]previous FAQ on -rawfb + used for the screen image data. See the [685]previous FAQ on -rawfb for background. For best results, use x11vnc version 0.8.1 or later. Roughly, one would do something like this: @@ -7998,7 +8095,7 @@ minal #2) snapshot to a file that you point -rawfb to; ask me if it is not clear what to do.) - The "snap:" enforces [680]-snapfb mode which appears to be necessary. + The "snap:" enforces [686]-snapfb mode which appears to be necessary. The read pointer for video capture devices cannot be repositioned (which would be needed for scanline polling), but you can read a full frame of data from the device. @@ -8020,7 +8117,7 @@ minal #2) Many video4linux drivers tend to set the framebuffer to be 24bpp (as opposed to 32bpp.) Since this can cause problems with VNC viewers, - etc, the [681]-24to32 option will be automatically imposed when in + etc, the [687]-24to32 option will be automatically imposed when in 24bpp. Note that by its very nature, video capture involves rapid change in @@ -8028,7 +8125,7 @@ minal #2) wavering in brightness is always happening. This can lead to much network bandwidth consumption for the VNC traffic and also local CPU and I/O resource usage. You may want to experiment with "dialing down" - the framerate via the [682]-wait, [683]-slow_fb, or [684]-defer + the framerate via the [688]-wait, [689]-slow_fb, or [690]-defer options. Decreasing the window size and bpp also helps. @@ -8117,16 +8214,16 @@ minal #2) format to HI240, RGB565, RGB24, RGB32, RGB555, and GREY respectively. See -rawfb video for details. - See also the [685]-freqtab option to supply your own xawtv channel to + See also the [691]-freqtab option to supply your own xawtv channel to frequency mappings for your country (only ntsc-cable-us is built into x11vnc.) - Q-114: Can I connect via VNC to a Qt-embedded/Qtopia application + Q-115: Can I connect via VNC to a Qt-embedded/Qtopia application running on my handheld or PC using the Linux console framebuffer (i.e. not X11)? - Yes, the basic method for this is the [686]-rawfb scheme where the + Yes, the basic method for this is the [692]-rawfb scheme where the Linux console framebuffer (usually /dev/fb0) is polled and the uinput driver is used to inject keystrokes and mouse input. Often you will just have to type: @@ -8139,7 +8236,7 @@ minal #2) x11vnc -rawfb /dev/fb0@640x480x16 Also, to force usage of the uinput injection method use "-pipeinput - UINPUT". See the [687]-pipeinput description for tunable parameters, + UINPUT". See the [693]-pipeinput description for tunable parameters, etc. One problem with the x11vnc uinput scheme is that it cannot guess the @@ -8155,7 +8252,7 @@ minal #2) Even with the correct acceleration setting there is still some drift (probably because of the mouse threshold where the acceleration kicks in) and so x11vnc needs to reposition the cursor from 0,0 about 5 - times a second. See the [688]-pipeinput UINPUT option for tuning + times a second. See the [694]-pipeinput UINPUT option for tuning parameters that can be set (there are some experimental thresh=N tuning parameters as well) @@ -8187,10 +8284,10 @@ minal #2) not work. - Q-115: Now that non-X11 devices can be exported via VNC using x11vnc, + Q-116: Now that non-X11 devices can be exported via VNC using x11vnc, can I build it with no dependencies on X11 header files and libraries? - Yes, as of Jul/2006 x11vnc enables building for [689]-rawfb only + Yes, as of Jul/2006 x11vnc enables building for [695]-rawfb only support. Just do something like when building: ./configure --without-x (plus any other flags) make @@ -8201,16 +8298,16 @@ minal #2) know what you did. - Q-116: Does x11vnc support Mac OS X Aqua/Quartz displays natively + Q-117: Does x11vnc support Mac OS X Aqua/Quartz displays natively (i.e. no X11 involved)? Yes, since Nov/2006 in the development tree (x11vnc-0.8.4 tarball) there is support for native Mac OS X Aqua/Quartz displays using the - [690]-rawfb mechanism described above. The mouse and keyboard input is + [696]-rawfb mechanism described above. The mouse and keyboard input is achieved via Mac OS X API's. - So you can use x11vnc as an alternative to [691]OSXvnc (aka Vine - Server), or [692]Apple Remote Desktop (ARD). Perhaps there is some + So you can use x11vnc as an alternative to [697]OSXvnc (aka Vine + Server), or [698]Apple Remote Desktop (ARD). Perhaps there is some x11vnc feature you'd like to use on Mac OS X, etc. For a number of activities (e.g. window drags) it seems to be faster than OSXvnc. @@ -8220,7 +8317,7 @@ minal #2) (XDarwin) running on Mac OS X (people often install this software to display remote X11 apps on their Mac OS X system, or use some old favorites locally such as xterm.) However in this case x11vnc will - only work reasonably in single window [693]-id windowid mode (and the + only work reasonably in single window [699]-id windowid mode (and the window may need to have mouse focus.) If you do not have the DISPLAY env. variable set, x11vnc will assume @@ -8238,9 +8335,9 @@ minal #2) ./configure --without-x make - Win2VNC/x2vnc: One handy use is to use the [694]-nofb mode to + Win2VNC/x2vnc: One handy use is to use the [700]-nofb mode to redirect mouse and keyboard input to a nearby Mac (i.e. one to the - side of your desk) via [695]x2vnc or Win2VNC. See [696]this FAQ for + side of your desk) via [701]x2vnc or Win2VNC. See [702]this FAQ for more info. Options: Here are the Mac OS X specific x11vnc options: @@ -8310,17 +8407,17 @@ rm -f $tmp command for you.) Then once you are connected via VNC, iconify the Terminal windows (you can't delete them since that will kill x11vnc.) - Q-117: Can x11vnc be used as a VNC reflector/repeater to improve + Q-118: Can x11vnc be used as a VNC reflector/repeater to improve performance for the case of a large number of simultaneous VNC viewers (e.g. classroom broadcasting or a large demo)? - Yes, as of Feb/2007 there is the "[697]-reflect host:N" option to + Yes, as of Feb/2007 there is the "[703]-reflect host:N" option to connect to the VNC server "host:N" (either another x11vnc or any other VNC server) and re-export it. VNC viewers then connect to the x11vnc(s) running -reflect. The -reflect option is the same as: "-rawfb vnc:host:N". See the - [698]-rawfb description under "VNC HOST" for more details. + [704]-rawfb description under "VNC HOST" for more details. You can replace "host:N" with "listen" or "listen:port" for reverse connections. @@ -8381,18 +8478,18 @@ rm -f $tmp re-exports via VNC to its clients C.) However, CopyRect and CursorShape encodings are preserved in the reflection and that helps. Dragging windows with the mouse can be a problem (especially if S is - not doing wireframing somehow, consider [699]-nodragging if the + not doing wireframing somehow, consider [705]-nodragging if the problem is severe) For a really fast reflector/repeater it would have to be implemented from scratch with performance in mind. See these other projects: - [700]http://sourceforge.net/projects/vnc-reflector/, - [701]http://www.tightvnc.com/projector/ (closed source?), + [706]http://sourceforge.net/projects/vnc-reflector/, + [707]http://www.tightvnc.com/projector/ (closed source?), Automation via Reverse Connections: Instead of having the R's connect directly to S and then the C's connect directly to the R they should use, some convenience can be achieved by using reverse - connections (the x11vnc "[702]"-connect host1,host2,..." option.) + connections (the x11vnc "[708]"-connect host1,host2,..." option.) Suppose all the clients "C" are started up in Listen mode: client1> vncviewer -listen client2> vncviewer -listen @@ -8419,7 +8516,7 @@ rm -f $tmp us know what you did. A really nice thing would be some sort of auto-discovery of your repeater, etc... - Q-118: Can x11vnc be used during a Linux, Solaris, etc. system + Q-119: Can x11vnc be used during a Linux, Solaris, etc. system Installation so the Installation can be done remotely? This can be done, but it doesn't always work because it depends on how @@ -8451,7 +8548,7 @@ rm -f $tmp If the Solaris install is an older X-based one, there will be a menu for you to get a terminal window. From that window you might be able to retrieve x11vnc.static via wget, scp, or ftp. Remember to do "chmod - 755 ./x11vnc.static" and then find the -auth file as in [703]this FAQ. + 755 ./x11vnc.static" and then find the -auth file as in [709]this FAQ. If it is a Linux install that uses an X server (e.g. SuSE and probably Fedora), then you can often get a shell by pressing Ctrl-Alt-F2 or @@ -8460,8 +8557,8 @@ rm -f $tmp wget http://192.168.0.22/x11vnc.static chmod 755 ./x11vnc.static - Find the name of the auth file as in [704]this FAQ. (maybe run "ps - wwwaux | grep auth".) Then run it like this: + Find the name of the auth file as in [710]this FAQ. (maybe run "ps + wwaux | grep auth".) Then run it like this: ./x11vnc.static -forever -nopw -display :0 -auth /tmp/wherever/the/authfile then press Alt-F7 to go back to the X install. You should now be able @@ -8469,7 +8566,7 @@ rm -f $tmp the display being :1, etc. If there is a firewall blocking incoming connections during the - install, use the [705]"-connect hostname" option option for a reverse + install, use the [711]"-connect hostname" option option for a reverse connection to the hostname running the VNC viewer in listen mode. Debian based installs are either console-text or console-framebuffer @@ -8512,7 +8609,7 @@ rm -f $tmp [Misc: Clipboard, File Transfer/Sharing, Printing, Sound, Beeps, Thanks, etc.] - Q-119: Does the Clipboard/Selection get transferred between the + Q-120: Does the Clipboard/Selection get transferred between the vncviewer and the X display? As of Jan/2004 x11vnc supports the "CutText" part of the RFB (aka VNC) @@ -8531,7 +8628,7 @@ rm -f $tmp as 'for power users' or 'an Easter Egg'. As soon as text is highlighted it is set to the PRIMARY selection and so it is immediately ready for pasting, usually via the Middle Mouse Button or - "Shift+Insert". See [706]this jwz link for more information. + "Shift+Insert". See [712]this jwz link for more information. x11vnc's default behavior is to watch both CLIPBOARD and PRIMARY and whenever one of them changes, it sends the new text to connected @@ -8548,37 +8645,37 @@ rm -f $tmp You may not like these defaults. Here are ways to change the behavior: * If you don't want the Clipboard/Selection exchanged at all use the - [707]-nosel option. + [713]-nosel option. * If you want changes in PRIMARY to be ignored use the - [708]-noprimary option. + [714]-noprimary option. * If you want changes in CLIPBOARD to be ignored use the - [709]-noclipboard option. + [715]-noclipboard option. * If you don't want x11vnc to set PRIMARY to the "CutText" received - from viewers use the [710]-nosetprimary option. + from viewers use the [716]-nosetprimary option. * If you don't want x11vnc to set CLIPBOARD to the "CutText" - received from viewers use the [711]-nosetclipboard option. + received from viewers use the [717]-nosetclipboard option. - You can also fine-tune it a bit with the [712]-seldir dir option and - also [713]-input. + You can also fine-tune it a bit with the [718]-seldir dir option and + also [719]-input. You may need to watch out for desktop utilities such as KDE's "Klipper" that do odd things with the selection, clipboard, and cutbuffers. - Q-120: Can I use x11vnc to record a Shock Wave Flash (or other format) + Q-121: Can I use x11vnc to record a Shock Wave Flash (or other format) video of my desktop, e.g. to record a tutorial or demo? Yes, it is possible with a number of tools that record VNC and transform it to swf format or others. One such popular tool is - [714]pyvnc2swf. There are a number of [715]tutorials (broken link?) on + [720]pyvnc2swf. There are a number of [721]tutorials (broken link?) on how to do this. Another option is to use the vnc2mpg that comes in the LibVNCServer package. An important thing to remember when doing this is that tuning parameters should be applied to x11vnc to speed up its polling for this sort of application, e.g. "-wait 10 -defer 10". - Q-121: Can I transfer files back and forth with x11vnc? + Q-122: Can I transfer files back and forth with x11vnc? As of Oct/2005 and May/2006 x11vnc enables, respectively, the TightVNC and UltraVNC file transfer implementations that were added to @@ -8586,11 +8683,11 @@ rm -f $tmp (and Windows viewers only support filetransfer it appears... but they do work to some degree under Wine on Linux.) - The [716]SSVNC Unix VNC viewer supports UltraVNC file transfer by use + The [722]SSVNC Unix VNC viewer supports UltraVNC file transfer by use of a Java helper program. TightVNC file transfer is off by default, if you want to enable it use - the [717]-tightfilexfer option. + the [723]-tightfilexfer option. UltraVNC file transfer is off by default, to enable it use something like "-rfbversion 3.6 -permitfiletransfer" @@ -8613,7 +8710,7 @@ rm -f $tmp IMPORTANT: please understand if -ultrafilexfer or -tightfilexfer is specified and you run x11vnc as root for, say, inetd or display manager (gdm, kdm, ...) access and you do not have it switch users via - the [718]-users option, then VNC Viewers that connect are able to do + the [724]-users option, then VNC Viewers that connect are able to do filetransfer reads and writes as *root*. The UltraVNC and TightVNC settings can be toggled on and off inside @@ -8626,13 +8723,13 @@ rm -f $tmp control you will probably be foiled by the "-rfbversion 3.6" issue. - Q-122: Which UltraVNC extensions are supported? + Q-123: Which UltraVNC extensions are supported? Some of them are supported. To get UltraVNC Viewers to attempt to use these extensions you will need to supply this option to x11vnc: -rfbversion 3.6 - Or use [719]-ultrafilexfer which is an alias for the above option and + Or use [725]-ultrafilexfer which is an alias for the above option and "-permitfiletransfer". UltraVNC evidently treats any other RFB version number as non-UltraVNC. @@ -8644,31 +8741,31 @@ rm -f $tmp * 1/n Server Scaling * rfbEncodingUltra compression encoding - The [720]SSVNC Unix VNC viewer supports these UltraVNC extensions. + The [726]SSVNC Unix VNC viewer supports these UltraVNC extensions. - To disable SingleWindow and ServerInput use [721]-noultraext (the + To disable SingleWindow and ServerInput use [727]-noultraext (the others are managed by LibVNCServer.) See this option too: - [722]-noserverdpms. + [728]-noserverdpms. - Also, the [723]UltraVNC repeater proxy is supported for use with - reverse connections: "[724]-connect repeater://host:port+ID:NNNN". Use + Also, the [729]UltraVNC repeater proxy is supported for use with + reverse connections: "[730]-connect repeater://host:port+ID:NNNN". Use it for both plaintext and SSL connections. This mode can send any string before switching to the VNC protocol, and so could be used with other proxy/gateway tools. Also, a perl repeater implemention is here: - [725]ultravnc_repeater.pl + [731]ultravnc_repeater.pl - Q-123: Can x11vnc emulate UltraVNC's Single Click helpdesk mode for + Q-124: Can x11vnc emulate UltraVNC's Single Click helpdesk mode for Unix? I.e. something very simple for a naive user to initiate a reverse vnc connection from their Unix desktop to a helpdesk operator's VNC Viewer. - Yes, UltraVNC's [726]Single Click (SC) mode can be emulated fairly + Yes, UltraVNC's [732]Single Click (SC) mode can be emulated fairly well on Unix. We use the term "helpdesk" below, but it could be any sort of remote assistance you want to set up, e.g. something for Unix-using friends - or family to use. This includes [727]Mac OS X. + or family to use. This includes [733]Mac OS X. Assume you create a helpdesk directory "hd" on your website: http://www.mysite.com/hd (any website that you can upload files to @@ -8724,7 +8821,7 @@ chmod 755 ./x11vnc # platform, use $webhost/`uname`/x11vnc So I guess this is about 3-4 clicks (start a terminal and paste) and pressing "Enter" instead of "single click"... - See [728]this page for some variations on this method, e.g. how to add + See [734]this page for some variations on this method, e.g. how to add a password, SSL Certificates, etc. @@ -8736,11 +8833,11 @@ chmod 755 ./x11vnc # platform, use $webhost/`uname`/x11vnc A bit of obscurity security could be put in with a -passwd, -rfbauth options, etc. (note that x11vnc will require a password even for - reverse connections.) More info [729]here. + reverse connections.) More info [735]here. Firewalls: If the helpdesk (you) with the vncviewer is behind a - NAT/Firewall/Router the [730]router will have to be configured to + NAT/Firewall/Router the [736]router will have to be configured to redirect a port (i.e. 5500 or maybe different one if you like) to the vncviewer machine. If the vncviewer machine also has its own host-level firewall, you will have to open up the port there as well. @@ -8750,7 +8847,7 @@ chmod 755 ./x11vnc # platform, use $webhost/`uname`/x11vnc configuring a router to do a port redirection (i.e. on your side, the HelpDesk.) To avoid modifying either firewall/router, one would need some public (IP address reachable on the internet) redirection/proxy - service. Perhaps such a thing exists. [731]http://sc.uvnc.com provides + service. Perhaps such a thing exists. [737]http://sc.uvnc.com provides this service for their UltraVNC Single Click users. @@ -8786,7 +8883,7 @@ chmod 755 ./x11vnc # platform, use $webhost/`uname`/x11vnc As of Apr/2007 x11vnc supports reverse connections in SSL and so we can do this. On the Helpdesk side (Viewer) you will need STUNNEL or - better use the [732]Enhanced TightVNC Viewer (SSVNC) package we + better use the [738]Enhanced TightVNC Viewer (SSVNC) package we provide that automates all of the SSL for you. To do this create a file named "vncs" in the website "hd" directory @@ -8816,11 +8913,11 @@ chmod 755 ./x11vnc # platform, use $webhost/`uname`/x11vnc with the hostnames or IP addresses customized to your case. - The only change from the "vnc" above is the addition of the [733]-ssl + The only change from the "vnc" above is the addition of the [739]-ssl option to x11vnc. This will create a temporary SSL cert: openssl(1) will need to be installed on the user's end. A fixed SSL cert file could be used to avoid this (and provide some authentication; more - info [734]here.) + info [740]here.) The naive user will be doing this: wget -qO - http://www.mysite.com/hd/vncs | sh - @@ -8829,7 +8926,7 @@ chmod 755 ./x11vnc # platform, use $webhost/`uname`/x11vnc But before that, the helpdesk operator needs to have "vncviewer -listen" running as before, however he needs an SSL tunnel at his end. - The easiest way to do this is use [735]Enhanced TightVNC Viewer + The easiest way to do this is use [741]Enhanced TightVNC Viewer (SSVNC). Start it, and select Options -> 'Reverse VNC Connection (-listen)'. Then UN-select 'Verify All Certs' (this can be enabled later if you want; you'll need the x11vnc SSL certificate), and click @@ -8859,7 +8956,7 @@ connect = localhost:5501 answer the prompts with whatever you want; you can take the default for all of them if you like. The openssl(1) package must be installed. - See [736]this link and [737]this one too for more info on SSL certs. + See [742]this link and [743]this one too for more info on SSL certs. This creates $HOME/.vnc/certs/server-self:mystunnel.pem, then you would change the "stunnel.cfg" to look something like: foreground = yes @@ -8880,7 +8977,7 @@ connect = localhost:5501 then all bets are off!. More SSL variations and info about certificates can be found - [738]here. + [744]here. OpenSSL libssl.so.0.9.7 problems: @@ -8890,16 +8987,16 @@ connect = localhost:5501 distros are currently a bit of a mess regarding which version of libssl is installed. - You will find the [739]details here. + You will find the [745]details here. - Q-124: Can I (temporarily) mount my local (viewer-side) Windows/Samba + Q-125: Can I (temporarily) mount my local (viewer-side) Windows/Samba File share on the machine where x11vnc is running? You will have to use an external network redirection for this. Filesystem mounting is not part of the VNC protocol. - We show a simple [740]Samba example here. + We show a simple [746]Samba example here. First you will need a tunnel to redirect the SMB requests from the remote machine to the one you sitting at. We use an ssh tunnel: @@ -8939,17 +9036,17 @@ d,ip=127.0.0.1,port=1139 far-away> smbumount /home/fred/smb-haystack-pub At some point we hope to fold some automation for SMB ssh redir setup - into the [741]Enhanced TightVNC Viewer (SSVNC) package we provide (as + into the [747]Enhanced TightVNC Viewer (SSVNC) package we provide (as of Sep 2006 it is there for testing.) - Q-125: Can I redirect CUPS print jobs from the remote desktop where + Q-126: Can I redirect CUPS print jobs from the remote desktop where x11vnc is running to a printer on my local (viewer-side) machine? You will have to use an external network redirection for this. Printing is not part of the VNC protocol. - We show a simple Unix to Unix [742]CUPS example here. Non-CUPS port + We show a simple Unix to Unix [748]CUPS example here. Non-CUPS port redirections (e.g. LPD) should also be possible, but may be a bit more tricky. If you are viewing on Windows SMB and don't have a local cups server it may be trickier still (see below.) @@ -9031,11 +9128,11 @@ d,ip=127.0.0.1,port=1139 "localhost". At some point we hope to fold some automation for CUPS ssh redir setup - into the [743]Enhanced TightVNC Viewer (SSVNC) package we provide (as + into the [749]Enhanced TightVNC Viewer (SSVNC) package we provide (as of Sep 2006 it is there for testing.) - Q-126: How can I hear the sound (audio) from the remote applications + Q-127: How can I hear the sound (audio) from the remote applications on the desktop I am viewing via x11vnc? You will have to use an external network audio mechanism for this. @@ -9132,11 +9229,11 @@ or: the applications will fail to run because LD_PRELOAD will point to libraries of the wrong wordsize. * At some point we hope to fold some automation for esd or artsd ssh - redir setup into the [744]Enhanced TightVNC Viewer (SSVNC) package + redir setup into the [750]Enhanced TightVNC Viewer (SSVNC) package we provide (as of Sep/2006 it is there for testing.) - Q-127: Why don't I hear the "Beeps" in my X session (e.g. when typing + Q-128: Why don't I hear the "Beeps" in my X session (e.g. when typing tput bel in an xterm)? As of Dec/2003 "Beep" XBell events are tracked by default. The X @@ -9144,31 +9241,65 @@ or: in Solaris, see Xserver(1) for how to turn it on via +kb), and so you won't hear them if the extension is not present. - If you don't want to hear the beeps use the [745]-nobell option. If + If you don't want to hear the beeps use the [751]-nobell option. If you want to hear the audio from the remote applications, consider - trying a [746]redirector such as esd. + trying a [752]redirector such as esd. + + + Q-129: Does x11vnc work with IPv6? + + Currently the only way to do this is via a separate helper program + such as [753]inetd. You configure x11vnc to be run from inetd or + xinetd and instruct it to listen on an IPv6 address. For xinetd the + setting "flags = IPv6" will be needed. For inetd.conf, for example: + 5900 stream tcp6 nowait root /usr/sbin/tcpd /usr/local/bin/x11vnc_wrapper.sh + We also provide a transitional tool in "[754]x11vnc/misc/inet6to4" + that acts as a relay for any IPv4 application to allow connections + over IPv6. For example: + inet6to4 5900 localhost:5900 - Q-128: Does x11vnc work with IPv6? + where x11vnc is listening on IPv4 port 5900. - Currently the only way to do this is via [747]inetd. You configure - x11vnc to be run from inetd or xinetd and instruct it to listen on an - IPv6 address. For xinetd the setting "flags = IPv6" will be needed. + Also note that not all VNC Viewers are IPv6 enabled, so a redirector + may also be needed for them. "inet6to4 -r ..." can do this as well. + + # ./inet6to4 -help + + inet6to4: Act as an ipv6-to-ipv4 relay for tcp applications that + do not support ipv6. + + Usage: inet6to4 + inet6to4 -r + + Examples: inet6to4 5900 localhost:5900 + inet6to4 8080 web1:80 + inet6to4 -r 5900 fe80::217:f2ff:fee6:6f5a%eth0:5900 + + The -r option reverses the direction of translation (e.g. for ipv4 + clients that need to connect to ipv6 servers.) Reversing is the default + if this script is named 'inet4to6' (e.g. by a symlink.) + + Use Ctrl-C to stop this program. + + You can also set env. vars INET6TO4_LOOP=1 or INET6TO4_LOOP=BG + to have an outer loop restarting this program (BG means do that + in the background), and INET6TO4_LOGFILE for a log file. + Also set INET6TO4_VERBOSE to verbosity level and INET6TO4_WAITTIME + and INET6TO4_PIDFILE (see below.) + + The "INET6TO4_LOOP=BG" and "INET6TO4_LOGFILE=..." env. variables make + the tool run reliably as a daemon for very long periods. Read the top + part of the script for more information. - Unfortunately this will be inefficient if multiple VNC Viewers are - connected at the same time (there will be a separate x11vnc for each - connection.) Some sort of ipv4-to-ipv6 redirector tool (perhaps even a - perl script) could be useful to avoid this. - Also note that not all VNC Viewers are [748]IPv6 enabled, so a - redirector could even be needed on the client side. Contributions: - Q-129: Thanks for your program or for your help! Can I make a + Q-130: Thanks for your program or for your help! Can I make a donation? Please do (any amount is appreciated; very few have donated) and thank @@ -9246,78 +9377,78 @@ References 66. http://www.karlrunge.com/x11vnc/faq.html#faq-java-http 67. http://www.karlrunge.com/x11vnc/faq.html#faq-reverse-connect 68. http://www.karlrunge.com/x11vnc/faq.html#faq-reverse-connect-proxy - 69. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb - 70. http://www.karlrunge.com/x11vnc/faq.html#faq-headless - 71. http://www.karlrunge.com/x11vnc/faq.html#faq-solshm - 72. http://www.karlrunge.com/x11vnc/faq.html#faq-less-resource - 73. http://www.karlrunge.com/x11vnc/faq.html#faq-more-resource - 74. http://www.karlrunge.com/x11vnc/faq.html#faq-slow-link - 75. http://www.karlrunge.com/x11vnc/faq.html#faq-xdamage - 76. http://www.karlrunge.com/x11vnc/faq.html#faq-xdamage-opengl - 77. http://www.karlrunge.com/x11vnc/faq.html#faq-pointer-mode - 78. http://www.karlrunge.com/x11vnc/faq.html#faq-wireframe - 79. http://www.karlrunge.com/x11vnc/faq.html#faq-scrollcopyrect - 80. http://www.karlrunge.com/x11vnc/faq.html#faq-client-caching - 81. http://www.karlrunge.com/x11vnc/faq.html#faq-turbovnc - 82. http://www.karlrunge.com/x11vnc/faq.html#faq-cursor-shape - 83. http://www.karlrunge.com/x11vnc/faq.html#faq-xfixes-alpha - 84. http://www.karlrunge.com/x11vnc/faq.html#faq-xfixes-alpha-hacks - 85. http://www.karlrunge.com/x11vnc/faq.html#faq-cursor-arrow - 86. http://www.karlrunge.com/x11vnc/faq.html#faq-cursor-positions - 87. http://www.karlrunge.com/x11vnc/faq.html#faq-buttonmap-opt - 88. http://www.karlrunge.com/x11vnc/faq.html#faq-altgr - 89. http://www.karlrunge.com/x11vnc/faq.html#faq-greaterless - 90. http://www.karlrunge.com/x11vnc/faq.html#faq-greaterless-sloppy - 91. http://www.karlrunge.com/x11vnc/faq.html#faq-xkbmodtweak - 92. http://www.karlrunge.com/x11vnc/faq.html#faq-repeated-keys - 93. http://www.karlrunge.com/x11vnc/faq.html#faq-repeated-keys-still - 94. http://www.karlrunge.com/x11vnc/faq.html#faq-mod-stuck-down - 95. http://www.karlrunge.com/x11vnc/faq.html#faq-remap-opt - 96. http://www.karlrunge.com/x11vnc/faq.html#faq-sun-alt-meta - 97. http://www.karlrunge.com/x11vnc/faq.html#faq-hpux-multi-key - 98. http://www.karlrunge.com/x11vnc/faq.html#faq-remap-button-click - 99. http://www.karlrunge.com/x11vnc/faq.html#faq-remap-capslock - 100. http://www.karlrunge.com/x11vnc/faq.html#faq-scrollbars - 101. http://www.karlrunge.com/x11vnc/faq.html#faq-scaling - 102. http://www.karlrunge.com/x11vnc/faq.html#faq-xinerama - 103. http://www.karlrunge.com/x11vnc/faq.html#faq-multi-screen - 104. http://www.karlrunge.com/x11vnc/faq.html#faq-clip-screen - 105. http://www.karlrunge.com/x11vnc/faq.html#faq-xrandr - 106. http://www.karlrunge.com/x11vnc/faq.html#faq-rotate - 107. http://www.karlrunge.com/x11vnc/faq.html#faq-black-screen - 108. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc - 109. http://www.karlrunge.com/x11vnc/faq.html#faq-hidden-taskbars - 110. http://www.karlrunge.com/x11vnc/faq.html#faq-kde-screensaver - 111. http://www.karlrunge.com/x11vnc/faq.html#faq-beryl - 112. http://www.karlrunge.com/x11vnc/faq.html#faq-vmware - 113. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb - 114. http://www.karlrunge.com/x11vnc/faq.html#faq-linux-vt - 115. http://www.karlrunge.com/x11vnc/faq.html#faq-video - 116. http://www.karlrunge.com/x11vnc/faq.html#faq-qt-embedded - 117. http://www.karlrunge.com/x11vnc/faq.html#faq-no-x11 - 118. http://www.karlrunge.com/x11vnc/faq.html#faq-macosx - 119. http://www.karlrunge.com/x11vnc/faq.html#faq-reflect - 120. http://www.karlrunge.com/x11vnc/faq.html#faq-os-install - 121. http://www.karlrunge.com/x11vnc/faq.html#faq-clipboard - 122. http://www.karlrunge.com/x11vnc/faq.html#faq-record-swf - 123. http://www.karlrunge.com/x11vnc/faq.html#faq-filexfer - 124. http://www.karlrunge.com/x11vnc/faq.html#faq-ultravnc - 125. http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick - 126. http://www.karlrunge.com/x11vnc/faq.html#faq-smb-shares - 127. http://www.karlrunge.com/x11vnc/faq.html#faq-cups - 128. http://www.karlrunge.com/x11vnc/faq.html#faq-sound - 129. http://www.karlrunge.com/x11vnc/faq.html#faq-beeps - 130. http://www.karlrunge.com/x11vnc/faq.html#faq-ipv6 - 131. http://www.karlrunge.com/x11vnc/faq.html#faq-thanks - 132. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display - 133. http://www.tldp.org/HOWTO/Remote-X-Apps.html - 134. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth - 135. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager - 136. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 137. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users - 138. http://www.karlrunge.com/x11vnc/index.html#firewalls - 139. http://www.karlrunge.com/x11vnc/miscbuild.html - 140. http://www.karlrunge.com/x11vnc/faq.html#infaq_libssl-problems + 69. http://www.karlrunge.com/x11vnc/faq.html#faq-web-login + 70. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb + 71. http://www.karlrunge.com/x11vnc/faq.html#faq-headless + 72. http://www.karlrunge.com/x11vnc/faq.html#faq-solshm + 73. http://www.karlrunge.com/x11vnc/faq.html#faq-less-resource + 74. http://www.karlrunge.com/x11vnc/faq.html#faq-more-resource + 75. http://www.karlrunge.com/x11vnc/faq.html#faq-slow-link + 76. http://www.karlrunge.com/x11vnc/faq.html#faq-xdamage + 77. http://www.karlrunge.com/x11vnc/faq.html#faq-xdamage-opengl + 78. http://www.karlrunge.com/x11vnc/faq.html#faq-pointer-mode + 79. http://www.karlrunge.com/x11vnc/faq.html#faq-wireframe + 80. http://www.karlrunge.com/x11vnc/faq.html#faq-scrollcopyrect + 81. http://www.karlrunge.com/x11vnc/faq.html#faq-client-caching + 82. http://www.karlrunge.com/x11vnc/faq.html#faq-turbovnc + 83. http://www.karlrunge.com/x11vnc/faq.html#faq-cursor-shape + 84. http://www.karlrunge.com/x11vnc/faq.html#faq-xfixes-alpha + 85. http://www.karlrunge.com/x11vnc/faq.html#faq-xfixes-alpha-hacks + 86. http://www.karlrunge.com/x11vnc/faq.html#faq-cursor-arrow + 87. http://www.karlrunge.com/x11vnc/faq.html#faq-cursor-positions + 88. http://www.karlrunge.com/x11vnc/faq.html#faq-buttonmap-opt + 89. http://www.karlrunge.com/x11vnc/faq.html#faq-altgr + 90. http://www.karlrunge.com/x11vnc/faq.html#faq-greaterless + 91. http://www.karlrunge.com/x11vnc/faq.html#faq-greaterless-sloppy + 92. http://www.karlrunge.com/x11vnc/faq.html#faq-xkbmodtweak + 93. http://www.karlrunge.com/x11vnc/faq.html#faq-repeated-keys + 94. http://www.karlrunge.com/x11vnc/faq.html#faq-repeated-keys-still + 95. http://www.karlrunge.com/x11vnc/faq.html#faq-mod-stuck-down + 96. http://www.karlrunge.com/x11vnc/faq.html#faq-remap-opt + 97. http://www.karlrunge.com/x11vnc/faq.html#faq-sun-alt-meta + 98. http://www.karlrunge.com/x11vnc/faq.html#faq-hpux-multi-key + 99. http://www.karlrunge.com/x11vnc/faq.html#faq-remap-button-click + 100. http://www.karlrunge.com/x11vnc/faq.html#faq-remap-capslock + 101. http://www.karlrunge.com/x11vnc/faq.html#faq-scrollbars + 102. http://www.karlrunge.com/x11vnc/faq.html#faq-scaling + 103. http://www.karlrunge.com/x11vnc/faq.html#faq-xinerama + 104. http://www.karlrunge.com/x11vnc/faq.html#faq-multi-screen + 105. http://www.karlrunge.com/x11vnc/faq.html#faq-clip-screen + 106. http://www.karlrunge.com/x11vnc/faq.html#faq-xrandr + 107. http://www.karlrunge.com/x11vnc/faq.html#faq-rotate + 108. http://www.karlrunge.com/x11vnc/faq.html#faq-black-screen + 109. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc + 110. http://www.karlrunge.com/x11vnc/faq.html#faq-hidden-taskbars + 111. http://www.karlrunge.com/x11vnc/faq.html#faq-kde-screensaver + 112. http://www.karlrunge.com/x11vnc/faq.html#faq-beryl + 113. http://www.karlrunge.com/x11vnc/faq.html#faq-vmware + 114. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb + 115. http://www.karlrunge.com/x11vnc/faq.html#faq-linux-vt + 116. http://www.karlrunge.com/x11vnc/faq.html#faq-video + 117. http://www.karlrunge.com/x11vnc/faq.html#faq-qt-embedded + 118. http://www.karlrunge.com/x11vnc/faq.html#faq-no-x11 + 119. http://www.karlrunge.com/x11vnc/faq.html#faq-macosx + 120. http://www.karlrunge.com/x11vnc/faq.html#faq-reflect + 121. http://www.karlrunge.com/x11vnc/faq.html#faq-os-install + 122. http://www.karlrunge.com/x11vnc/faq.html#faq-clipboard + 123. http://www.karlrunge.com/x11vnc/faq.html#faq-record-swf + 124. http://www.karlrunge.com/x11vnc/faq.html#faq-filexfer + 125. http://www.karlrunge.com/x11vnc/faq.html#faq-ultravnc + 126. http://www.karlrunge.com/x11vnc/faq.html#faq-singleclick + 127. http://www.karlrunge.com/x11vnc/faq.html#faq-smb-shares + 128. http://www.karlrunge.com/x11vnc/faq.html#faq-cups + 129. http://www.karlrunge.com/x11vnc/faq.html#faq-sound + 130. http://www.karlrunge.com/x11vnc/faq.html#faq-beeps + 131. http://www.karlrunge.com/x11vnc/faq.html#faq-ipv6 + 132. http://www.karlrunge.com/x11vnc/faq.html#faq-thanks + 133. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display + 134. http://www.tldp.org/HOWTO/Remote-X-Apps.html + 135. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth + 136. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager + 137. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 138. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users + 139. http://www.karlrunge.com/x11vnc/index.html#firewalls + 140. http://www.karlrunge.com/x11vnc/miscbuild.html 141. http://www.karlrunge.com/x11vnc/index.html#solarisbuilding 142. http://www.karlrunge.com/x11vnc/x11vnc_sunos4.html 143. http://www.karlrunge.com/x11vnc/index.html#building @@ -9495,13 +9626,13 @@ References 315. http://www.karlrunge.com/x11vnc/chainingssh.html#gateway_double_ssh 316. http://www.karlrunge.com/x11vnc/index.html#tunnelling 317. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect - 318. http://www.stunnel.org/ - 319. http://stunnel.mirt.net/ + 318. http://stunnel.mirt.net/ + 319. http://www.stunnel.org/ 320. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl 321. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel 322. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslverify 323. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int - 324. http://www.stunnel.org/ + 324. http://stunnel.mirt.net/ 325. http://www.karlrunge.com/x11vnc/ssl.html 326. http://www.karlrunge.com/x11vnc/faq.html#ss_vncviewer 327. http://www.karlrunge.com/x11vnc/ssvnc.html @@ -9536,7 +9667,7 @@ References 356. http://www.karlrunge.com/x11vnc/ssl.html 357. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel 358. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-stunnel - 359. http://www.stunnel.org/ + 359. http://stunnel.mirt.net/ 360. http://www.karlrunge.com/x11vnc/faq.html#infaq_viewer-side-stunnel 361. http://www.karlrunge.com/x11vnc/faq.html#ss_vncviewer 362. http://www.karlrunge.com/x11vnc/ssvnc.html @@ -9568,364 +9699,370 @@ References 388. http://www.karlrunge.com/x11vnc/faq.html#ss_vncviewer 389. http://www.karlrunge.com/x11vnc/ssvnc.html 390. http://www.karlrunge.com/x11vnc/ssl-portal.html - 391. http://www.karlrunge.com/x11vnc/ssl.html - 392. http://www.karlrunge.com/x11vnc/faq.html#infaq_display-manager-continuously - 393. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd - 394. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin - 395. http://www.karlrunge.com/x11vnc/faq.html#infaq_x11vnc_loop - 396. http://club.mandriva.com/xwiki/bin/view/KB/XwinXset - 397. http://www.karlrunge.com/x11vnc/index.html#firewalls - 398. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth + 391. http://www.karlrunge.com/x11vnc/faq.html#faq-web-login + 392. http://www.karlrunge.com/x11vnc/ssl.html + 393. http://www.karlrunge.com/x11vnc/faq.html#infaq_display-manager-continuously + 394. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd + 395. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin + 396. http://www.karlrunge.com/x11vnc/faq.html#infaq_x11vnc_loop + 397. http://club.mandriva.com/xwiki/bin/view/KB/XwinXset + 398. http://www.karlrunge.com/x11vnc/index.html#firewalls 399. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth - 400. http://www.karlrunge.com/x11vnc/faq.html#infaq_dtlogin_solaris - 401. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reopen - 402. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost - 403. http://www.karlrunge.com/x11vnc/index.html#tunnelling - 404. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost - 405. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl - 406. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-N - 407. http://www.jirka.org/gdm-documentation/x241.html - 408. http://www.karlrunge.com/x11vnc/x11vnc_loop - 409. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop - 410. http://www.karlrunge.com/x11vnc/faq.html#faq-xterminal-xauth - 411. http://www.karlrunge.com/x11vnc/index.html#firewalls - 412. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-inetd - 413. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-q, - 414. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth - 415. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin - 416. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-avahi - 417. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-mdns - 418. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-zeroconf - 419. http://www.avahi.org/ - 420. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd - 421. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw - 422. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT - 423. http://www.karlrunge.com/x11vnc/faq.html#infaq_stunnel-inetd - 424. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop - 425. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 426. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 427. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc - 428. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc - 429. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT - 430. http://www.karlrunge.com/x11vnc/find_display.html - 431. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 400. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth + 401. http://www.karlrunge.com/x11vnc/faq.html#infaq_dtlogin_solaris + 402. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reopen + 403. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost + 404. http://www.karlrunge.com/x11vnc/index.html#tunnelling + 405. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost + 406. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 407. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-N + 408. http://www.jirka.org/gdm-documentation/x241.html + 409. http://www.karlrunge.com/x11vnc/x11vnc_loop + 410. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop + 411. http://www.karlrunge.com/x11vnc/faq.html#faq-xterminal-xauth + 412. http://www.karlrunge.com/x11vnc/index.html#firewalls + 413. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-inetd + 414. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-q, + 415. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-auth + 416. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin + 417. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-avahi + 418. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-mdns + 419. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-zeroconf + 420. http://www.avahi.org/ + 421. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd + 422. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw + 423. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT + 424. http://www.karlrunge.com/x11vnc/faq.html#infaq_stunnel-inetd + 425. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop + 426. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 427. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 428. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc + 429. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc + 430. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT + 431. http://www.karlrunge.com/x11vnc/find_display.html 432. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 433. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw - 434. http://www.karlrunge.com/x11vnc/faq.html#faq-unix-passwords - 435. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 436. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc - 437. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users - 438. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int - 439. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost - 440. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw - 441. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users - 442. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb - 443. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc - 444. http://www.karlrunge.com/x11vnc/faq.html#ss_vncviewer - 445. http://www.karlrunge.com/x11vnc/ssvnc.html - 446. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 447. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc - 448. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT - 449. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create_xsrv - 450. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc - 451. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc - 452. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop + 433. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 434. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw + 435. http://www.karlrunge.com/x11vnc/faq.html#faq-unix-passwords + 436. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 437. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc + 438. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users + 439. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-int + 440. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-localhost + 441. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw + 442. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users + 443. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb + 444. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc + 445. http://www.karlrunge.com/x11vnc/faq.html#ss_vncviewer + 446. http://www.karlrunge.com/x11vnc/ssvnc.html + 447. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 448. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc + 449. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT + 450. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create_xsrv + 451. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc + 452. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc 453. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop - 454. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc - 455. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpdir - 456. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http - 457. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-java-viewer-proxy - 458. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect - 459. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remote - 460. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect_or_exit - 461. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-vncconnect - 462. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-proxy + 454. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop + 455. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc + 456. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-httpdir + 457. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http + 458. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-java-viewer-proxy + 459. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect + 460. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remote + 461. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect_or_exit + 462. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-vncconnect 463. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-proxy 464. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-proxy - 465. http://www.karlrunge.com/x11vnc/faq.html#infaq_localaccess - 466. http://www.karlrunge.com/x11vnc/faq.html#infaq_localaccess - 467. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay - 468. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT - 469. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 470. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 471. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc - 472. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc - 473. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms - 474. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay - 475. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc - 476. http://www.karlrunge.com/x11vnc/Xdummy - 477. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 478. http://www.karlrunge.com/x11vnc/xdm_one_shot.html - 479. http://www.karlrunge.com/x11vnc/faq.html#infaq_display-manager-continuously + 465. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-proxy + 466. http://www.karlrunge.com/x11vnc/desktop.cgi.pl + 467. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb + 468. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 469. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-loop + 470. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-portal + 471. http://www.karlrunge.com/x11vnc/faq.html#infaq_localaccess + 472. http://www.karlrunge.com/x11vnc/faq.html#infaq_localaccess + 473. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay + 474. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT + 475. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 476. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 477. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc + 478. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc + 479. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms 480. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay - 481. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT - 482. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 483. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 484. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc - 485. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc - 486. http://www.karlrunge.com/x11vnc/shm_clear - 487. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile - 488. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noshm - 489. http://www.karlrunge.com/x11vnc/faq.html#faq-noshm - 490. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nap - 491. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait - 492. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sb + 481. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc + 482. http://www.karlrunge.com/x11vnc/Xdummy + 483. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 484. http://www.karlrunge.com/x11vnc/xdm_one_shot.html + 485. http://www.karlrunge.com/x11vnc/faq.html#infaq_display-manager-continuously + 486. http://www.karlrunge.com/x11vnc/faq.html#infaq_findcreatedisplay + 487. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT + 488. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 489. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 490. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-svc + 491. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xdmsvc + 492. http://www.karlrunge.com/x11vnc/shm_clear 493. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile - 494. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fs - 495. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-threads - 496. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer - 497. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 498. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow - 499. http://www.karlrunge.com/x11vnc/faq.html#faq-turbovnc - 500. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid - 501. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect - 502. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe - 503. http://www.tightvnc.com/ - 504. http://www.karlrunge.com/x11vnc/ssvnc.html - 505. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe - 506. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect - 507. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid - 508. http://www.karlrunge.com/x11vnc/faq.html#faq-client-caching - 509. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache - 510. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-speeds - 511. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging - 512. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fs - 513. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait - 514. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer - 515. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-progressive - 516. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 517. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-appshare - 518. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosel - 519. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursor - 520. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorpos - 521. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-readtimeout - 522. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fixscreen - 523. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow - 524. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xd_area - 525. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xd_mem - 526. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage - 527. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage - 528. http://minimyth.org/ - 529. http://www.karlrunge.com/x11vnc/faq.html#faq-beryl - 530. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow - 531. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode - 532. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode - 533. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging - 534. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode - 535. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-threads - 536. http://www.karlrunge.com/x11vnc/faq.html#faq-wireframe - 537. http://www.karlrunge.com/x11vnc/faq.html#faq-scrollcopyrect - 538. http://www.karlrunge.com/x11vnc/faq.html#faq-pointer-mode - 539. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow - 540. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe - 541. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe - 542. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe - 543. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow - 544. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect - 545. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe - 546. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wirecopyrect - 547. http://www.karlrunge.com/x11vnc/faq.html#faq-wireframe - 548. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fixscreen - 549. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scr_skip - 550. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale - 551. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect - 552. http://www.karlrunge.com/x11vnc/index.html#beta-test - 553. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache - 554. http://www.karlrunge.com/x11vnc/ssvnc.html - 555. http://www.karlrunge.com/x11vnc/ssvnc.html#ycrop - 556. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache_no_rootpixmap - 557. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache_cr - 558. http://www.virtualgl.org/About/TurboVNC - 559. http://www.virtualgl.org/ - 560. http://sourceforge.net/project/showfiles.php?group_id=117509&package_id=166100 - 561. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait - 562. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer - 563. http://sourceforge.net/project/showfiles.php?group_id=117509&package_id=166100 - 564. http://www.karlrunge.com/x11vnc/ssvnc.html - 565. http://www.karlrunge.com/x11vnc/bins - 566. http://www.karlrunge.com/x11vnc/ssvnc.html - 567. http://www.virtualgl.org/About/Reports - 568. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow - 569. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor - 570. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor - 571. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-overlay - 572. http://www.karlrunge.com/x11vnc/faq.html#infaq_the-overlay-mode - 573. http://www.karlrunge.com/x11vnc/index.html#solaris10-build - 574. http://www.karlrunge.com/x11vnc/faq.html#faq-xfixes-alpha-hacks - 575. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alphacut - 576. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alphafrac - 577. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alpharemove - 578. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorshape - 579. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noalphablend - 580. http://www.karlrunge.com/x11vnc/ssvnc.html - 581. http://www.tightvnc.com/ - 582. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursor - 583. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursorpos - 584. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorpos - 585. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorshape - 586. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-buttonmap - 587. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_pointer - 588. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-buttonmap - 589. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak - 590. http://www.karlrunge.com/x11vnc/faq.html#faq-greaterless - 591. http://www.karlrunge.com/x11vnc/faq.html#faq-xkbmodtweak - 592. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_keyboard - 593. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak - 594. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb - 595. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sloppy_keys - 596. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak - 597. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak - 598. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 599. http://www.karlrunge.com/x11vnc/faq.html#faq-xkbmodtweak - 600. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_keyboard - 601. http://www.karlrunge.com/x11vnc/faq.html#faq-greaterless - 602. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb - 603. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sloppy_keys - 604. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak - 605. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb - 606. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb - 607. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_keycodes - 608. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 609. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms - 610. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 611. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 612. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms - 613. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-norepeat - 614. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-norepeat - 615. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager - 616. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_mods + 494. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noshm + 495. http://www.karlrunge.com/x11vnc/faq.html#faq-noshm + 496. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nap + 497. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait + 498. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sb + 499. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile + 500. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fs + 501. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-threads + 502. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer + 503. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 504. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow + 505. http://www.karlrunge.com/x11vnc/faq.html#faq-turbovnc + 506. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid + 507. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect + 508. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe + 509. http://www.tightvnc.com/ + 510. http://www.karlrunge.com/x11vnc/ssvnc.html + 511. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe + 512. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect + 513. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-solid + 514. http://www.karlrunge.com/x11vnc/faq.html#faq-client-caching + 515. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache + 516. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-speeds + 517. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging + 518. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fs + 519. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait + 520. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer + 521. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-progressive + 522. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 523. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-appshare + 524. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosel + 525. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursor + 526. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorpos + 527. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-readtimeout + 528. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fixscreen + 529. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow + 530. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xd_area + 531. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xd_mem + 532. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage + 533. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage + 534. http://minimyth.org/ + 535. http://www.karlrunge.com/x11vnc/faq.html#faq-beryl + 536. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow + 537. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode + 538. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode + 539. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging + 540. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pointer_mode + 541. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-threads + 542. http://www.karlrunge.com/x11vnc/faq.html#faq-wireframe + 543. http://www.karlrunge.com/x11vnc/faq.html#faq-scrollcopyrect + 544. http://www.karlrunge.com/x11vnc/faq.html#faq-pointer-mode + 545. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow + 546. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe + 547. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe + 548. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe + 549. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow + 550. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect + 551. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wireframe + 552. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wirecopyrect + 553. http://www.karlrunge.com/x11vnc/faq.html#faq-wireframe + 554. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-fixscreen + 555. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scr_skip + 556. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale + 557. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scrollcopyrect + 558. http://www.karlrunge.com/x11vnc/index.html#beta-test + 559. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache + 560. http://www.karlrunge.com/x11vnc/ssvnc.html + 561. http://www.karlrunge.com/x11vnc/ssvnc.html#ycrop + 562. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache_no_rootpixmap + 563. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ncache_cr + 564. http://www.virtualgl.org/About/TurboVNC + 565. http://www.virtualgl.org/ + 566. http://sourceforge.net/project/showfiles.php?group_id=117509&package_id=166100 + 567. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait + 568. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer + 569. http://sourceforge.net/project/showfiles.php?group_id=117509&package_id=166100 + 570. http://www.karlrunge.com/x11vnc/ssvnc.html + 571. http://www.karlrunge.com/x11vnc/bins + 572. http://www.karlrunge.com/x11vnc/ssvnc.html + 573. http://www.virtualgl.org/About/Reports + 574. http://www.karlrunge.com/x11vnc/index.html#fb_read_slow + 575. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor + 576. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursor + 577. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-overlay + 578. http://www.karlrunge.com/x11vnc/faq.html#infaq_the-overlay-mode + 579. http://www.karlrunge.com/x11vnc/index.html#solaris10-build + 580. http://www.karlrunge.com/x11vnc/faq.html#faq-xfixes-alpha-hacks + 581. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alphacut + 582. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alphafrac + 583. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-alpharemove + 584. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorshape + 585. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noalphablend + 586. http://www.karlrunge.com/x11vnc/ssvnc.html + 587. http://www.tightvnc.com/ + 588. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursor + 589. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-cursorpos + 590. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorpos + 591. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nocursorshape + 592. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-buttonmap + 593. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_pointer + 594. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-buttonmap + 595. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak + 596. http://www.karlrunge.com/x11vnc/faq.html#faq-greaterless + 597. http://www.karlrunge.com/x11vnc/faq.html#faq-xkbmodtweak + 598. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_keyboard + 599. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak + 600. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb + 601. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sloppy_keys + 602. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak + 603. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak + 604. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap + 605. http://www.karlrunge.com/x11vnc/faq.html#faq-xkbmodtweak + 606. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-debug_keyboard + 607. http://www.karlrunge.com/x11vnc/faq.html#faq-greaterless + 608. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb + 609. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sloppy_keys + 610. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-modtweak + 611. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb + 612. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xkb + 613. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_keycodes + 614. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap + 615. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms + 616. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap 617. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 618. http://www.karlrunge.com/x11vnc/faq.html#faq-remap-capslock - 619. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_lockkeys - 620. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-capslock - 621. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_all - 622. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap + 618. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-add_keysyms + 619. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-norepeat + 620. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-norepeat + 621. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager + 622. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_mods 623. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 624. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nomodtweak - 625. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 626. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 627. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_lockkeys + 624. http://www.karlrunge.com/x11vnc/faq.html#faq-remap-capslock + 625. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_lockkeys + 626. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-capslock + 627. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_all 628. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap - 629. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nomodtweak - 630. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-capslock - 631. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_all - 632. http://www.karlrunge.com/x11vnc/faq.html#faq-scaling - 633. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale - 634. http://people.pwf.cam.ac.uk/ssb22/setup/vnc-magnification.html - 635. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbport - 636. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-gui - 637. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect - 638. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale_cursor - 639. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-blackout - 640. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xinerama - 641. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xinerama - 642. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xwarppointer - 643. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xwarppointer - 644. http://www.karlrunge.com/x11vnc/faq.html#faq-solshm - 645. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile - 646. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noshm - 647. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clip - 648. http://www.karlrunge.com/x11vnc/faq.html#faq-xinerama - 649. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 650. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 651. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xrandr - 652. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-padgeom - 653. http://www.karlrunge.com/x11vnc/ssvnc.html - 654. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rotate - 655. http://www.jwz.org/xscreensaver/man1.html - 656. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodpms - 657. http://www.beryl-project.org/ - 658. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage - 659. http://www.dslinux.org/blogs/pepsiman/?p=73 - 660. http://minimyth.org/ - 661. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc - 662. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb - 663. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc - 664. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 665. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb - 666. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput - 667. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput - 668. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-snapfb - 669. http://www.karlrunge.com/x11vnc/faq.html#faq-video - 670. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb - 671. http://www.karlrunge.com/x11vnc/faq.html#faq-qt-embedded - 672. http://www.karlrunge.com/x11vnc/faq.html#faq-video - 673. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb - 674. http://www.karlrunge.com/x11vnc/faq.html#faq-video - 675. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc - 676. http://www.karlrunge.com/x11vnc/faq.html#faq-qt-embedded - 677. http://www.karlrunge.com/x11vnc/faq.html#faq-vmware - 678. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb - 679. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb - 680. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-snapfb - 681. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-24to32 - 682. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait - 683. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-slow_fb - 684. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer - 685. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-freqtab - 686. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb - 687. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput - 688. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput - 689. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb - 690. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb - 691. http://www.testplant.com/products/vine_server/OS_X - 692. http://www.apple.com/remotedesktop/ - 693. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id - 694. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nofb - 695. http://fredrik.hubbe.net/x2vnc.html - 696. http://www.karlrunge.com/x11vnc/faq.html#faq-win2vnc - 697. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reflect - 698. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb - 699. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging - 700. http://sourceforge.net/projects/vnc-reflector/ - 701. http://www.tightvnc.com/projector/ - 702. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect - 703. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager - 704. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager - 705. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect - 706. http://www.jwz.org/doc/x-cut-and-paste.html - 707. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosel - 708. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noprimary - 709. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noclipboard - 710. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosetprimary - 711. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosetclipboard - 712. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-seldir - 713. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-input - 714. http://www.unixuser.org/~euske/vnc2swf/ - 715. http://wolphination.com/linux/2006/06/30/how-to-record-videos-of-your-desktop/ - 716. http://www.karlrunge.com/x11vnc/ssvnc.html - 717. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-tightfilexfer - 718. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users - 719. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ultrafilexfer - 720. http://www.karlrunge.com/x11vnc/ssvnc.html - 721. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noultraext - 722. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noserverdpms - 723. http://www.uvnc.com/addons/repeater.html - 724. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect - 725. http://www.karlrunge.com/x11vnc/ultravnc_repeater.pl - 726. http://www.uvnc.com/addons/singleclick.html - 727. http://www.karlrunge.com/x11vnc/faq.html#faq-macosx - 728. http://www.karlrunge.com/x11vnc/single-click.html - 729. http://www.karlrunge.com/x11vnc/single-click.html - 730. http://www.karlrunge.com/x11vnc/index.html#firewalls - 731. http://sc.uvnc.com/ - 732. http://www.karlrunge.com/x11vnc/ssvnc.html - 733. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 629. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap + 630. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nomodtweak + 631. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap + 632. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap + 633. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-skip_lockkeys + 634. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-remap + 635. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nomodtweak + 636. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-capslock + 637. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clear_all + 638. http://www.karlrunge.com/x11vnc/faq.html#faq-scaling + 639. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale + 640. http://people.pwf.cam.ac.uk/ssb22/setup/vnc-magnification.html + 641. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbport + 642. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-gui + 643. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect + 644. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-scale_cursor + 645. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-blackout + 646. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xinerama + 647. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xinerama + 648. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xwarppointer + 649. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xwarppointer + 650. http://www.karlrunge.com/x11vnc/faq.html#faq-solshm + 651. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-onetile + 652. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noshm + 653. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-clip + 654. http://www.karlrunge.com/x11vnc/faq.html#faq-xinerama + 655. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 656. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 657. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-xrandr + 658. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-padgeom + 659. http://www.karlrunge.com/x11vnc/ssvnc.html + 660. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rotate + 661. http://www.jwz.org/xscreensaver/man1.html + 662. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodpms + 663. http://www.beryl-project.org/ + 664. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noxdamage + 665. http://www.dslinux.org/blogs/pepsiman/?p=73 + 666. http://minimyth.org/ + 667. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc + 668. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb + 669. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc + 670. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 671. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 672. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput + 673. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput + 674. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-snapfb + 675. http://www.karlrunge.com/x11vnc/faq.html#faq-video + 676. http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb + 677. http://www.karlrunge.com/x11vnc/faq.html#faq-qt-embedded + 678. http://www.karlrunge.com/x11vnc/faq.html#faq-video + 679. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 680. http://www.karlrunge.com/x11vnc/faq.html#faq-video + 681. http://www.karlrunge.com/x11vnc/faq.html#faq-linuxvc + 682. http://www.karlrunge.com/x11vnc/faq.html#faq-qt-embedded + 683. http://www.karlrunge.com/x11vnc/faq.html#faq-vmware + 684. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 685. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb + 686. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-snapfb + 687. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-24to32 + 688. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-wait + 689. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-slow_fb + 690. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-defer + 691. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-freqtab + 692. http://www.karlrunge.com/x11vnc/faq.html#faq-rawfb + 693. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput + 694. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-pipeinput + 695. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 696. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 697. http://www.testplant.com/products/vine_server/OS_X + 698. http://www.apple.com/remotedesktop/ + 699. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-id + 700. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nofb + 701. http://fredrik.hubbe.net/x2vnc.html + 702. http://www.karlrunge.com/x11vnc/faq.html#faq-win2vnc + 703. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-reflect + 704. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rawfb + 705. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nodragging + 706. http://sourceforge.net/projects/vnc-reflector/ + 707. http://www.tightvnc.com/projector/ + 708. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect + 709. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager + 710. http://www.karlrunge.com/x11vnc/faq.html#faq-display-manager + 711. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect + 712. http://www.jwz.org/doc/x-cut-and-paste.html + 713. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosel + 714. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noprimary + 715. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noclipboard + 716. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosetprimary + 717. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nosetclipboard + 718. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-seldir + 719. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-input + 720. http://www.unixuser.org/~euske/vnc2swf/ + 721. http://wolphination.com/linux/2006/06/30/how-to-record-videos-of-your-desktop/ + 722. http://www.karlrunge.com/x11vnc/ssvnc.html + 723. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-tightfilexfer + 724. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-users + 725. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ultrafilexfer + 726. http://www.karlrunge.com/x11vnc/ssvnc.html + 727. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noultraext + 728. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-noserverdpms + 729. http://www.uvnc.com/addons/repeater.html + 730. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-connect + 731. http://www.karlrunge.com/x11vnc/ultravnc_repeater.pl + 732. http://www.uvnc.com/addons/singleclick.html + 733. http://www.karlrunge.com/x11vnc/faq.html#faq-macosx 734. http://www.karlrunge.com/x11vnc/single-click.html - 735. http://www.karlrunge.com/x11vnc/ssvnc.html - 736. http://www.karlrunge.com/x11vnc/single-click.html - 737. http://www.karlrunge.com/x11vnc/ssl.html - 738. http://www.karlrunge.com/x11vnc/single-click.html - 739. http://www.karlrunge.com/x11vnc/single-click.html#libssl-problems - 740. http://www.samba.org/ + 735. http://www.karlrunge.com/x11vnc/single-click.html + 736. http://www.karlrunge.com/x11vnc/index.html#firewalls + 737. http://sc.uvnc.com/ + 738. http://www.karlrunge.com/x11vnc/ssvnc.html + 739. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-ssl + 740. http://www.karlrunge.com/x11vnc/single-click.html 741. http://www.karlrunge.com/x11vnc/ssvnc.html - 742. http://www.cups.org/ - 743. http://www.karlrunge.com/x11vnc/ssvnc.html - 744. http://www.karlrunge.com/x11vnc/ssvnc.html - 745. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nobell - 746. http://www.karlrunge.com/x11vnc/faq.html#faq-sound - 747. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd - 748. http://jungla.dit.upm.es/~acosta/paginas/vncIPv6.html + 742. http://www.karlrunge.com/x11vnc/single-click.html + 743. http://www.karlrunge.com/x11vnc/ssl.html + 744. http://www.karlrunge.com/x11vnc/single-click.html + 745. http://www.karlrunge.com/x11vnc/single-click.html#libssl-problems + 746. http://www.samba.org/ + 747. http://www.karlrunge.com/x11vnc/ssvnc.html + 748. http://www.cups.org/ + 749. http://www.karlrunge.com/x11vnc/ssvnc.html + 750. http://www.karlrunge.com/x11vnc/ssvnc.html + 751. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-nobell + 752. http://www.karlrunge.com/x11vnc/faq.html#faq-sound + 753. http://www.karlrunge.com/x11vnc/faq.html#faq-inetd + 754. http://www.karlrunge.com/x11vnc/inet6to4 ======================================================================= http://www.karlrunge.com/x11vnc/chainingssh.html: @@ -11220,11 +11357,21 @@ http://www.karlrunge.com/x11vnc/ssl-portal.html: ([2]ss_vncviewer) can also take advantage of the method described here with its -proxy option. - Simpler Solutions: This apache solution may be too much for you. It is - mainly intended for automatically redirecting to MULTIPLE workstations - inside the firewall. If you only have one inside machine that you want - to access, the method described here is overly complicated. See - [3]below for some simpler (and still non-SSH) encrypted setups. + _________________________________________________________________ + + Simpler Solutions: This apache SSL VNC portal solution may be too much + for you. It is mainly intended for automatically redirecting to + MULTIPLE workstations inside the firewall. If you only have one or two + inside machines that you want to access, the method described here is + overly complicated! See [3]below for some simpler (and still non-SSH) + encrypted setups. + + Also see the recent (Mar/2010) [4]desktop.cgi x11vnc desktop web login + CGI script that achieves much of what the method describes here + (especially if its 'port redirection' feature is enabled.) + _________________________________________________________________ + + There are numerous ways to achieve this with Apache. We present one of the simplest ones here. @@ -11232,7 +11379,7 @@ http://www.karlrunge.com/x11vnc/ssl-portal.html: Important: these sorts of schemes allow incoming connections from anywhere on the Internet to fixed ports on machines inside the firewall. Care must be taken to implement and test thoroughly. If one - is paranoid one can (and should) add [4]extra layers of protection. + is paranoid one can (and should) add [5]extra layers of protection. (e.g. extra passwords, packet filtering, SSL certificate verification, etc). @@ -11259,7 +11406,7 @@ http://www.karlrunge.com/x11vnc/ssl-portal.html: It is the last item that makes it tricky (otherwise the method described on this page will work). If you are interested in such a solution and are willing to run a separate helper program - (connect_switch) [5]look here. Also, see [6]this apache patch. + (connect_switch) [6]look here. Also, see [7]this apache patch. _________________________________________________________________ Example: @@ -11276,7 +11423,7 @@ http://www.karlrunge.com/x11vnc/ssl-portal.html: In this example suppose the gateway machine running apache is named "www.gateway.east" (e.g. it may also provide normal web service). We also choose the Internet-facing port for this VNC service to be port - 563. One could choose any port, including the [7]default HTTP port 80. + 563. One could choose any port, including the [8]default HTTP port 80. Detail: We choose 563 because it is the rarely used SNEWS port that is often allowed by Web proxies for the CONNECT method. The idea is the @@ -11301,8 +11448,8 @@ http://www.karlrunge.com/x11vnc/ssl-portal.html: i.e. we force SSL VNC connections, port 5915, serve the Java VNC viewer applet, and require a VNC password (another option would be - [8]-unixpw). The above command could also be run out of [9]inetd(8). - It can also be used to [10]autodetect the user's display and + [9]-unixpw). The above command could also be run out of [10]inetd(8). + It can also be used to [11]autodetect the user's display and Xauthority data. @@ -11434,7 +11581,7 @@ hostname2 15 This will involve downloading a signed java viewer applet jar file that is able to interact with the internal proxy for the VNC - connection. See [11]this FAQ for more info on how this works. Note: + connection. See [12]this FAQ for more info on how this works. Note: sometimes with the Proxy case if you see 'Bad Gateway' error you will have to wait 10 or so seconds and then hit reload. This seems to be due to having to wait for a Connection Keepalive to terminate... @@ -11506,7 +11653,7 @@ blah,blah... of a outgoing proxy socket connection. Use it only if the Web browser is inside a separate Web proxying environment (i.e. large corporation) - The rewrites with parameter urlPrefix are described under [12]Tricks + The rewrites with parameter urlPrefix are described under [13]Tricks for Better Response. The "trust" ones (also described under Tricks) with trustAllVncCerts tell the Java VNC applet to skip a dialog asking about the VNC Certificate. They are a bit faster and more reliable @@ -11535,7 +11682,7 @@ blah,blah... are not encrypted via SSL, and so in principle could be tampered with by a really bad guy. The subsequent VNC connection, however, is encrypted through a single SSL connection (it makes a CONNECT straight - to x11vnc). [13]See below for how to have these initial downloads + to x11vnc). [14]See below for how to have these initial downloads encrypted as well (if the apache web server has SSL/mod_ssl, i.e. https, enabled and configured). @@ -11544,36 +11691,36 @@ blah,blah... certificate 'always'). This is because an applet it cannot open local files, etc. Sadly, the applet cannot even remember certificates in the same browser session because it is completely reinitialized for each - connection (see [14]below). + connection (see [15]below). _________________________________________________________________ Too Much? If these apache rules are a little too much for you, there is a little - bit [15]simpler scheme where you have to list each of the individual + bit [16]simpler scheme where you have to list each of the individual machines in the httpd.conf and ssl.conf files. It may be a little more typing to maintain, but perhaps being more straight forward (less RewriteRule's) is desirable. _________________________________________________________________ - Problems: + Problems? To see example x11vnc output for a successful https://host:5900/ - connection with the Java Applet see [16]This Page. + connection with the Java Applet see [17]This Page. _________________________________________________________________ Some Ideas for adding extra authentication, etc. for the paranoid: - * VNC passwords: [17]-rfbauth, [18]-passwdfile, or [19]-usepw. Even + * VNC passwords: [18]-rfbauth, [19]-passwdfile, or [20]-usepw. Even adding a simple company-wide VNC password helps block unwanted access. - * Unix passwords: [20]-unixpw - * SSL Client certificates: [21]-sslverify + * Unix passwords: [21]-unixpw + * SSL Client certificates: [22]-sslverify * Apache AuthUserFile directive: .htaccess, etc. * Filter connections based on IP address or hostname. - * Use Port-knocking on your firewall as described in: [22]Enhanced + * Use Port-knocking on your firewall as described in: [23]Enhanced TightVNC Viewer (ssvnc). * Add proxy password authentication (requires Viewer changes?) * Run a separate instance of Apache that provides this VNC service @@ -11588,7 +11735,7 @@ blah,blah... Using non-Java viewers with this scheme: - The [23]ss_vncviewer stunnel wrapper script for VNC viewers has the + The [24]ss_vncviewer stunnel wrapper script for VNC viewers has the -proxy option that can take advantage of this method. ss_vncviewer -proxy www.gateway.east:563 host1:15 @@ -11596,7 +11743,7 @@ blah,blah... separated by a comma. ss_vncviewer -proxy proxy1.foobar.com:8080,www.gateway.east:563 host1:15 - For the [24]Enhanced TightVNC Viewer (ssvnc) GUI (it uses ss_vncviewer + For the [25]Enhanced TightVNC Viewer (ssvnc) GUI (it uses ss_vncviewer on Unix) put 'host1:15' into the 'VNC Server' entry box, and here are possible Proxy/Gateway entries Proxy/Gateway: www.gateway.east:563 @@ -11610,10 +11757,10 @@ blah,blah... To have the Java applet downloaded to the user's Web Browser via an encrypted (and evidently safer) SSL connection the Apache webserver - should be configured for SSL via [25]mod_ssl. + should be configured for SSL via [26]mod_ssl. - It is actually possible to use the x11vnc [26]Key Management utility - "[27]-sslGenCert" to generate your Apache/SSL .crt and .key files. (In + It is actually possible to use the x11vnc [27]Key Management utility + "[28]-sslGenCert" to generate your Apache/SSL .crt and .key files. (In brief, run something like "x11vnc -sslGenCert server self:apache" then copy the resulting self:apache.crt file to conf/ssl.crt/server.crt and extract the private key part from self:apache.pem and paste it into @@ -11621,7 +11768,7 @@ blah,blah... before running x11vnc will bump up the expiration date (3 years in this case). - Or you can use the standard methods described in the [28]Apache + Or you can use the standard methods described in the [29]Apache mod_ssl documentation to create your keys. Then restart Apache, usually something like "apachectl stop" followed by "apachectl startssl" @@ -11738,7 +11885,7 @@ stAllVncCerts=yes [R,NE,L] The "vncs/trust" ones are like the "trust" ones described earlier https://www.gateway.east/vncs/trust/mach2 - and similarly for the httpsPort ones. See [29]Tricks for Better + and similarly for the httpsPort ones. See [30]Tricks for Better Response. In all of the above cases the VNC traffic from Viewer to x11vnc is @@ -11760,7 +11907,7 @@ stAllVncCerts=yes [R,NE,L] The special entries "/vnc443" are only used for the special helper program (connect_switch) for the https port 443 only mode - [30]discussed here. + [31]discussed here. _________________________________________________________________ @@ -11799,16 +11946,16 @@ stAllVncCerts=yes [R,NE,L] -ssl SAVE -http -unixpw -localhost -users unixpw= \ -find - (we have used the alias [31]-find for "-display + (we have used the alias [32]-find for "-display WAIT:cmd=FINDDISPLAY".) This way the user must supply his Unix username and password and then his display and Xauthority data on that machine will be located and returned to x11vnc to allow it to attach. If he doesn't have a display running on that machine or he fails to log in correctly, the connection will be dropped. - The variant "[32]-display WAIT:cmd=FINDCREATEDISPLAY" (aliased by - "[33]-create") will actually create a (virtual or real) X server - session for the user if one doesn't already exist. See [34]here for + The variant "[33]-display WAIT:cmd=FINDCREATEDISPLAY" (aliased by + "[34]-create") will actually create a (virtual or real) X server + session for the user if one doesn't already exist. See [35]here for details. To enable inetd operation for the non-HTTPS Java viewer download (port @@ -11820,8 +11967,8 @@ stAllVncCerts=yes [R,NE,L] -http_ssl -display WAIT:cmd=HTTPONCE where the long inetd.conf line has been split. Note how the - [35]-http_ssl tries to automatically find the .../classes/ssl - subdirectory. This requires the [36]-prog option available in x11vnc + [36]-http_ssl tries to automatically find the .../classes/ssl + subdirectory. This requires the [37]-prog option available in x11vnc 0.8.4 (a shell script wrapper, e.g. /usr/local/bin/x11vnc_http.sh can be used to work around this). @@ -11868,7 +12015,7 @@ stAllVncCerts=yes [R,NE,L] or using the stunnel wrapper script: ss_vncviewer 24.35.46.57:1 - One can acheive similar things with dedicated firewall/routers (e.g. + One can achieve similar things with dedicated firewall/routers (e.g. Linksys) using the device's web or other interface to configure the firewall. @@ -11880,7 +12027,7 @@ stAllVncCerts=yes [R,NE,L] - The redirection could also be done at the application level using a TCP redirect program (e.g. ip_relay or fancier ones). Evidently more careful internal hostname checking, etc., could be performed by the - special purpose application to add security. See [37]connect_switch + special purpose application to add security. See [38]connect_switch which is somewhat related. - One might imagine the ProxyPass could be done for the VNC traffic as @@ -11986,40 +12133,41 @@ References 1. http://www.karlrunge.com/x11vnc/ssvnc.html 2. http://www.karlrunge.com/x11vnc/faq.html#ss_vncviewer 3. http://www.karlrunge.com/x11vnc/ssl-portal.html#no-apache - 4. http://www.karlrunge.com/x11vnc/ssl-portal.html#precautions - 5. http://www.karlrunge.com/x11vnc/ssl-single-443.html - 6. https://issues.apache.org/bugzilla/show_bug.cgi?id=29744 - 7. http://www.karlrunge.com/x11vnc/ssl-portal.html#port-variations - 8. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw - 9. http://www.karlrunge.com/x11vnc/ssl-portal.html#inetd - 10. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin - 11. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-java-viewer-proxy - 12. http://www.karlrunge.com/x11vnc/ssl-portal.html#tricks - 13. http://www.karlrunge.com/x11vnc/ssl-portal.html#https-applet - 14. http://www.karlrunge.com/x11vnc/ssl-portal.html#https-applet" - 15. http://www.karlrunge.com/x11vnc/ssl-portal-orig.html - 16. http://www.karlrunge.com/x11vnc/ssl-output.html - 17. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbauth - 18. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwdfile - 19. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-usepw - 20. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw - 21. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslverify - 22. http://www.karlrunge.com/x11vnc/ssvnc.html - 23. http://www.karlrunge.com/x11vnc/faq.html#ss_vncviewer - 24. http://www.karlrunge.com/x11vnc/ssvnc.html - 25. http://httpd.apache.org/docs/2.0/mod/mod_ssl.html - 26. http://www.karlrunge.com/x11vnc/ssl.html - 27. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCert - 28. http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#selfcert - 29. http://www.karlrunge.com/x11vnc/ssl-portal.html#tricks - 30. http://www.karlrunge.com/x11vnc/ssl-single-443.html - 31. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find - 32. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT - 33. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create - 34. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin - 35. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http_ssl - 36. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-prog - 37. http://www.karlrunge.com/x11vnc/ssl-single-443.html + 4. http://www.karlrunge.com/x11vnc/faq.html#faq-web-login + 5. http://www.karlrunge.com/x11vnc/ssl-portal.html#precautions + 6. http://www.karlrunge.com/x11vnc/ssl-single-443.html + 7. https://issues.apache.org/bugzilla/show_bug.cgi?id=29744 + 8. http://www.karlrunge.com/x11vnc/ssl-portal.html#port-variations + 9. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw + 10. http://www.karlrunge.com/x11vnc/ssl-portal.html#inetd + 11. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin + 12. http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-java-viewer-proxy + 13. http://www.karlrunge.com/x11vnc/ssl-portal.html#tricks + 14. http://www.karlrunge.com/x11vnc/ssl-portal.html#https-applet + 15. http://www.karlrunge.com/x11vnc/ssl-portal.html#https-applet" + 16. http://www.karlrunge.com/x11vnc/ssl-portal-orig.html + 17. http://www.karlrunge.com/x11vnc/ssl-output.html + 18. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-rfbauth + 19. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-passwdfile + 20. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-usepw + 21. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-unixpw + 22. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslverify + 23. http://www.karlrunge.com/x11vnc/ssvnc.html + 24. http://www.karlrunge.com/x11vnc/faq.html#ss_vncviewer + 25. http://www.karlrunge.com/x11vnc/ssvnc.html + 26. http://httpd.apache.org/docs/2.0/mod/mod_ssl.html + 27. http://www.karlrunge.com/x11vnc/ssl.html + 28. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-sslGenCert + 29. http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#selfcert + 30. http://www.karlrunge.com/x11vnc/ssl-portal.html#tricks + 31. http://www.karlrunge.com/x11vnc/ssl-single-443.html + 32. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-find + 33. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-display_WAIT + 34. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-create + 35. http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin + 36. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-http_ssl + 37. http://www.karlrunge.com/x11vnc/x11vnc_opts.html#opt-prog + 38. http://www.karlrunge.com/x11vnc/ssl-single-443.html ======================================================================= http://www.karlrunge.com/x11vnc/enhanced_tightvnc_viewer.html: @@ -13101,8 +13249,8 @@ Unix VNCviewer (0.5MB) redistribute the above because of cryptographic software they contain or for other reasons. Please check out your situation and information at the following and related sites: - [73]http://www.stunnel.org - [74]http://stunnel.mirt.net + [73]http://stunnel.mirt.net + [74]http://www.stunnel.org [75]http://www.openssl.org [76]http://www.chiark.greenend.org.uk/~sgtatham/putty/ [77]http://www.tightvnc.com @@ -13186,8 +13334,8 @@ References 70. http://sourceforge.net/projects/ssvnc/files/ssvnc/1.0.23/ 71. http://sourceforge.net/projects/ssvnc/files/ssvnc/1.0.24/ 72. http://sourceforge.net/projects/ssvnc/files/ssvnc/1.0.25/ - 73. http://www.stunnel.org/ - 74. http://stunnel.mirt.net/ + 73. http://stunnel.mirt.net/ + 74. http://www.stunnel.org/ 75. http://www.openssl.org/ 76. http://www.chiark.greenend.org.uk/~sgtatham/putty/ 77. http://www.tightvnc.com/ @@ -13206,7 +13354,7 @@ x11vnc: a VNC server for real X displays Here are all of x11vnc command line options: % x11vnc -opts (see below for -help long descriptions) -x11vnc: allow VNC connections to real X11 displays. 0.9.10 lastmod: 2010-02-21 +x11vnc: allow VNC connections to real X11 displays. 0.9.10 lastmod: 2010-03-20 x11vnc options: -display disp -auth file -N @@ -13334,7 +13482,7 @@ libvncserver-tight-extension options: % x11vnc -help -x11vnc: allow VNC connections to real X11 displays. 0.9.10 lastmod: 2010-02-21 +x11vnc: allow VNC connections to real X11 displays. 0.9.10 lastmod: 2010-03-20 (type "x11vnc -opts" to just list the options.) @@ -13795,6 +13943,11 @@ Options: -stunnel the ssl classes subdirectory is sought. -http_ssl As -http, but force lookup for ssl classes subdir. + Note that for HTTPS, single-port Java applet delivery + you can set X11VNC_HTTPS_DOWNLOAD_WAIT_TIME to the + max number of seconds to wait for the applet download + to finish. The default is 15. + -avahi Use the Avahi/mDNS ZeroConf protocol to advertise this VNC server to the local network. (Related terms: Rendezvous, Bonjour). Depending on your setup, you @@ -14232,9 +14385,31 @@ Options: the user is allowed, but the option values associated with it do apply as normal. - There are also some utilities for testing password + There are also some utilities for checking passwords if [list] starts with the "%" character. See the - quick_pw() function in the source for details. + quick_pw() function for more details. Description: + "%-" or "%stdin" means read one line from stdin. + "%env" means it is in $UNIXPW env var. A leading + "%/" or "%." means read the first line from the + filename that follows after the % character. % by + itself means prompt for the username and password. + Otherwise: %user:pass E.g. -unixpw %fred:swordfish + For the other cases user:pass is read from the indicated + source. If the password is correct 'Y user' is printed + and the program exit code is 0. If the password is + incorrect it prints 'N user' and the exit code is 1. + If there is some other error the exit code is 2. + This feature enables x11vnc to be a general unix user + password checking tool; it could be used from scripts + or other programs. These % password checks also apply + to the -unixpw_nis and -unixpw_cmd options. + + For the % password check, if the env. var. UNIXPW_CMD + is set to a command then it is run as the user (assuming + the password is correct.) The output of the command is + not printed, the program or script must manage that by + some other means. The exit code of x11vnc will depend + on the exit code of the command that is run. Use -nounixpw to disable unixpw mode if it was enabled earlier in the cmd line (e.g. -svc mode) @@ -14339,8 +14514,11 @@ Options: supplied unixpw_cmd to do user switching if desired and if it has the permissions to do so. --find Find the user's display using FINDDISPLAY. This is an - alias for "-display WAIT:cmd=FINDDISPLAY". +-find Find the user's display using FINDDISPLAY. This + is an alias for "-display WAIT:cmd=FINDDISPLAY". + + Note: if a -display occurs later on the command line + it will override the -find setting. For this and the next few options see -display WAIT:... below for all of the details. @@ -14378,6 +14556,9 @@ Options: FINDCREATEDISPLAY method. This is an alias for "-display WAIT:cmd=FINDCREATEDISPLAY-Xvfb". + Note: if a -display occurs later on the command line + it will override the -create setting. + SSH NOTE: for both -find and -create you can (should!) add the "-localhost" option to force SSH tunnel access. @@ -14395,6 +14576,10 @@ Options: -display WAIT:cmd=FINDCREATEDISPLAY-Xvfb -unixpw -users unixpw= -ssl SAVE Also "-service". + Note: if a -display, -unixpw, -users, or -ssl occurs + later on the command line it will override the -svc + setting. + -svc_xdummy As -svc except Xdummy instead of Xvfb. -svc_xvnc As -svc except Xvnc instead of Xvfb. -svc_xdummy_xvfb As -svc with Xdummy,Xvfb. @@ -14403,6 +14588,10 @@ Options: Alias for -display WAIT:cmd=FINDCREATEDISPLAY-Xvfb.xdmcp -unixpw -users unixpw= -ssl SAVE Also "-xdm_service". + Note: if a -display, -unixpw, -users, or -ssl occurs + later on the command line it will override the -xdmsvc + setting. + To create a session a user will have to first log in to the -unixpw dialog and then log in again to the XDM/GDM/KDM prompt. Subsequent re-connections will @@ -14753,6 +14942,11 @@ Options: X property, that makes FINDDISPLAY only find sessions with that tag value. + Set FD_XDMCP_IF to the network interface that the + display manager is running on; default is 'localhost' + but you may need to set it to '::1' on some IPv6 only + systems or misconfigured display managers. + If you want the FINDCREATEDISPLAY session to contact an XDMCP login manager (xdm/gdm/kdm) on the same machine, then use "Xvfb.xdmcp" instead of "Xvfb", etc. @@ -15414,7 +15608,7 @@ Options: exits. --stunnel [pem] Use the stunnel(8) (www.stunnel.org) to provide an +-stunnel [pem] Use the stunnel(8) (stunnel.mirt.net) to provide an encrypted SSL tunnel between viewers and x11vnc. This external tunnel method was implemented prior to the @@ -18244,6 +18438,10 @@ n for root window, use +id for children. grab_state get state of pointer and keyboard grab. pointer_pos print XQueryPointer x,y cursor position. + pointer_x print XQueryPointer x cursor position. + pointer_y print XQueryPointer y cursor position. + pointer_same print XQueryPointer ptr on same screen. + pointer_root print XQueryPointer curr ptr rootwin. mouse_x print x11vnc's idea of cursor position. mouse_y print x11vnc's idea of cursor position. noop do nothing. @@ -18542,18 +18740,18 @@ n http_url auth xauth users rootshift clipshift scale_str scaled_x scaled_y scale_numer scale_denom scale_fac_x scale_fac_y scaling_blend scaling_nomult4 scaling_pad - scaling_interpolate inetd privremote unsafe safer - nocmds passwdfile unixpw unixpw_nis unixpw_list ssl - ssl_pem sslverify stunnel stunnel_pem https httpsredir - usepw using_shm logfile o flag rmflag rc norc h help - V version lastmod bg sigpipe threads readrate netrate - netlatency pipeinput clients client_count pid ext_xtest - ext_xtrap ext_xrecord ext_xkb ext_xshm ext_xinerama - ext_overlay ext_xfixes ext_xdamage ext_xrandr rootwin - num_buttons button_mask mouse_x mouse_y grab_state - pointer_pos bpp depth indexed_color dpy_x dpy_y wdpy_x - wdpy_y off_x off_y cdpy_x cdpy_y coff_x coff_y rfbauth - passwd viewpasswd + scaling_interpolate inetd privremote unsafe safer nocmds + passwdfile unixpw unixpw_nis unixpw_list ssl ssl_pem + sslverify stunnel stunnel_pem https httpsredir usepw + using_shm logfile o flag rmflag rc norc h help V version + lastmod bg sigpipe threads readrate netrate netlatency + pipeinput clients client_count pid ext_xtest ext_xtrap + ext_xrecord ext_xkb ext_xshm ext_xinerama ext_overlay + ext_xfixes ext_xdamage ext_xrandr rootwin num_buttons + button_mask mouse_x mouse_y grab_state pointer_pos + pointer_x pointer_y pointer_same pointer_root bpp depth + indexed_color dpy_x dpy_y wdpy_x wdpy_y off_x off_y + cdpy_x cdpy_y coff_x coff_y rfbauth passwd viewpasswd -QD variable Just like -query variable, but returns the default value for that parameter (no running x11vnc server diff --git a/x11vnc/cursor.c b/x11vnc/cursor.c index 12700f4..3d613a6 100644 --- a/x11vnc/cursor.c +++ b/x11vnc/cursor.c @@ -908,6 +908,9 @@ static void tree_descend_cursor(int *depth, Window *w, win_str_info_t *winfo) { *(winfo->res_name) = '\0'; *(winfo->res_class) = '\0'; + for (i=0; i < maxtries; i++) { + wins[i] = None; + } /* some times a window can go away before we get to it */ trapped_xerror = 0; diff --git a/x11vnc/help.c b/x11vnc/help.c index 874291c..7a89a32 100644 --- a/x11vnc/help.c +++ b/x11vnc/help.c @@ -518,6 +518,11 @@ void print_help(int mode) { " -stunnel the ssl classes subdirectory is sought.\n" "-http_ssl As -http, but force lookup for ssl classes subdir.\n" "\n" +" Note that for HTTPS, single-port Java applet delivery\n" +" you can set X11VNC_HTTPS_DOWNLOAD_WAIT_TIME to the\n" +" max number of seconds to wait for the applet download\n" +" to finish. The default is 15.\n" +"\n" "-avahi Use the Avahi/mDNS ZeroConf protocol to advertise\n" " this VNC server to the local network. (Related terms:\n" " Rendezvous, Bonjour). Depending on your setup, you\n" @@ -965,9 +970,31 @@ void print_help(int mode) { " the user is allowed, but the option values associated\n" " with it do apply as normal.\n" "\n" -" There are also some utilities for testing password\n" +" There are also some utilities for checking passwords\n" " if [list] starts with the \"%%\" character. See the\n" -" quick_pw() function in the source for details.\n" +" quick_pw() function for more details. Description:\n" +" \"%%-\" or \"%%stdin\" means read one line from stdin.\n" +" \"%%env\" means it is in $UNIXPW env var. A leading\n" +" \"%%/\" or \"%%.\" means read the first line from the\n" +" filename that follows after the %% character. %% by\n" +" itself means prompt for the username and password.\n" +" Otherwise: %%user:pass E.g. -unixpw %%fred:swordfish\n" +" For the other cases user:pass is read from the indicated\n" +" source. If the password is correct 'Y user' is printed\n" +" and the program exit code is 0. If the password is\n" +" incorrect it prints 'N user' and the exit code is 1.\n" +" If there is some other error the exit code is 2.\n" +" This feature enables x11vnc to be a general unix user\n" +" password checking tool; it could be used from scripts\n" +" or other programs. These %% password checks also apply\n" +" to the -unixpw_nis and -unixpw_cmd options.\n" +"\n" +" For the %% password check, if the env. var. UNIXPW_CMD\n" +" is set to a command then it is run as the user (assuming\n" +" the password is correct.) The output of the command is\n" +" not printed, the program or script must manage that by\n" +" some other means. The exit code of x11vnc will depend\n" +" on the exit code of the command that is run.\n" "\n" " Use -nounixpw to disable unixpw mode if it was enabled\n" " earlier in the cmd line (e.g. -svc mode)\n" @@ -1072,8 +1099,11 @@ void print_help(int mode) { " supplied unixpw_cmd to do user switching if desired\n" " and if it has the permissions to do so.\n" "\n" -"-find Find the user's display using FINDDISPLAY. This is an\n" -" alias for \"-display WAIT:cmd=FINDDISPLAY\".\n" +"-find Find the user's display using FINDDISPLAY. This\n" +" is an alias for \"-display WAIT:cmd=FINDDISPLAY\".\n" +"\n" +" Note: if a -display occurs later on the command line\n" +" it will override the -find setting.\n" "\n" " For this and the next few options see -display WAIT:...\n" " below for all of the details.\n" @@ -1111,6 +1141,9 @@ void print_help(int mode) { " FINDCREATEDISPLAY method. This is an alias for\n" " \"-display WAIT:cmd=FINDCREATEDISPLAY-Xvfb\".\n" "\n" +" Note: if a -display occurs later on the command line\n" +" it will override the -create setting.\n" +"\n" " SSH NOTE: for both -find and -create you can (should!)\n" " add the \"-localhost\" option to force SSH tunnel access.\n" "\n" @@ -1128,6 +1161,10 @@ void print_help(int mode) { " -display WAIT:cmd=FINDCREATEDISPLAY-Xvfb -unixpw -users\n" " unixpw= -ssl SAVE Also \"-service\".\n" "\n" +" Note: if a -display, -unixpw, -users, or -ssl occurs\n" +" later on the command line it will override the -svc\n" +" setting.\n" +"\n" "-svc_xdummy As -svc except Xdummy instead of Xvfb.\n" "-svc_xvnc As -svc except Xvnc instead of Xvfb.\n" "-svc_xdummy_xvfb As -svc with Xdummy,Xvfb.\n" @@ -1136,6 +1173,10 @@ void print_help(int mode) { " Alias for -display WAIT:cmd=FINDCREATEDISPLAY-Xvfb.xdmcp\n" " -unixpw -users unixpw= -ssl SAVE Also \"-xdm_service\".\n" "\n" +" Note: if a -display, -unixpw, -users, or -ssl occurs\n" +" later on the command line it will override the -xdmsvc\n" +" setting.\n" +"\n" " To create a session a user will have to first log in\n" " to the -unixpw dialog and then log in again to the\n" " XDM/GDM/KDM prompt. Subsequent re-connections will\n" @@ -1485,6 +1526,11 @@ void print_help(int mode) { " X property, that makes FINDDISPLAY only find sessions\n" " with that tag value.\n" "\n" +" Set FD_XDMCP_IF to the network interface that the\n" +" display manager is running on; default is 'localhost'\n" +" but you may need to set it to '::1' on some IPv6 only\n" +" systems or misconfigured display managers.\n" +"\n" " If you want the FINDCREATEDISPLAY session to contact an\n" " XDMCP login manager (xdm/gdm/kdm) on the same machine,\n" " then use \"Xvfb.xdmcp\" instead of \"Xvfb\", etc.\n" @@ -2147,7 +2193,7 @@ void print_help(int mode) { " exits.\n" "\n" "\n" -"-stunnel [pem] Use the stunnel(8) (www.stunnel.org) to provide an\n" +"-stunnel [pem] Use the stunnel(8) (stunnel.mirt.net) to provide an\n" " encrypted SSL tunnel between viewers and x11vnc.\n" "\n" " This external tunnel method was implemented prior to the\n" @@ -4980,6 +5026,10 @@ void print_help(int mode) { " for root window, use +id for children.\n" " grab_state get state of pointer and keyboard grab.\n" " pointer_pos print XQueryPointer x,y cursor position.\n" +" pointer_x print XQueryPointer x cursor position.\n" +" pointer_y print XQueryPointer y cursor position.\n" +" pointer_same print XQueryPointer ptr on same screen.\n" +" pointer_root print XQueryPointer curr ptr rootwin.\n" " mouse_x print x11vnc's idea of cursor position.\n" " mouse_y print x11vnc's idea of cursor position.\n" " noop do nothing.\n" @@ -5278,18 +5328,18 @@ void print_help(int mode) { " http_url auth xauth users rootshift clipshift scale_str\n" " scaled_x scaled_y scale_numer scale_denom scale_fac_x\n" " scale_fac_y scaling_blend scaling_nomult4 scaling_pad\n" -" scaling_interpolate inetd privremote unsafe safer\n" -" nocmds passwdfile unixpw unixpw_nis unixpw_list ssl\n" -" ssl_pem sslverify stunnel stunnel_pem https httpsredir\n" -" usepw using_shm logfile o flag rmflag rc norc h help\n" -" V version lastmod bg sigpipe threads readrate netrate\n" -" netlatency pipeinput clients client_count pid ext_xtest\n" -" ext_xtrap ext_xrecord ext_xkb ext_xshm ext_xinerama\n" -" ext_overlay ext_xfixes ext_xdamage ext_xrandr rootwin\n" -" num_buttons button_mask mouse_x mouse_y grab_state\n" -" pointer_pos bpp depth indexed_color dpy_x dpy_y wdpy_x\n" -" wdpy_y off_x off_y cdpy_x cdpy_y coff_x coff_y rfbauth\n" -" passwd viewpasswd\n" +" scaling_interpolate inetd privremote unsafe safer nocmds\n" +" passwdfile unixpw unixpw_nis unixpw_list ssl ssl_pem\n" +" sslverify stunnel stunnel_pem https httpsredir usepw\n" +" using_shm logfile o flag rmflag rc norc h help V version\n" +" lastmod bg sigpipe threads readrate netrate netlatency\n" +" pipeinput clients client_count pid ext_xtest ext_xtrap\n" +" ext_xrecord ext_xkb ext_xshm ext_xinerama ext_overlay\n" +" ext_xfixes ext_xdamage ext_xrandr rootwin num_buttons\n" +" button_mask mouse_x mouse_y grab_state pointer_pos\n" +" pointer_x pointer_y pointer_same pointer_root bpp depth\n" +" indexed_color dpy_x dpy_y wdpy_x wdpy_y off_x off_y\n" +" cdpy_x cdpy_y coff_x coff_y rfbauth passwd viewpasswd\n" "\n" "-QD variable Just like -query variable, but returns the default\n" " value for that parameter (no running x11vnc server\n" diff --git a/x11vnc/keyboard.c b/x11vnc/keyboard.c index cdf85e9..edce680 100644 --- a/x11vnc/keyboard.c +++ b/x11vnc/keyboard.c @@ -1114,7 +1114,8 @@ void switch_to_xkb_if_better(void) { n = k; XFree_wr(keymap); - if (missing_noxkb == 0 && syms_gt_4 >= 8) { + if (missing_noxkb == 0 && syms_per_keycode > 4 && syms_gt_4 >= 0) { + /* we used to have syms_gt_4 >= 8, now always on. */ if (! raw_fb_str) { rfbLog("\n"); rfbLog("XKEYBOARD: number of keysyms per keycode %d is greater\n", syms_per_keycode); @@ -1123,6 +1124,7 @@ void switch_to_xkb_if_better(void) { rfbLog(" If this makes the key mapping worse you can\n"); rfbLog(" disable it with the \"-noxkb\" option.\n"); rfbLog(" Also, remember \"-remap DEAD\" for accenting characters.\n"); + rfbLog("\n"); } use_xkb_modtweak = 1; @@ -1135,6 +1137,7 @@ void switch_to_xkb_if_better(void) { rfbLog(" Not automatically switching to -xkb mode.\n"); rfbLog(" If some keys still cannot be typed, try using -xkb.\n"); rfbLog(" Also, remember \"-remap DEAD\" for accenting characters.\n"); + rfbLog("\n"); } return; } @@ -1217,6 +1220,7 @@ void switch_to_xkb_if_better(void) { rfbLog(" Also, remember \"-remap DEAD\" for accenting" " characters.\n"); } + rfbLog("\n"); } /* sets up all the keymapping info via Xkb API */ diff --git a/x11vnc/misc/Makefile.am b/x11vnc/misc/Makefile.am index f814315..98a7511 100644 --- a/x11vnc/misc/Makefile.am +++ b/x11vnc/misc/Makefile.am @@ -1,3 +1,3 @@ SUBDIRS = turbovnc DIST_SUBDIRS = turbovnc -EXTRA_DIST=README blockdpy.c dtVncPopup rx11vnc rx11vnc.pl shm_clear ranfb.pl slide.pl vcinject.pl x11vnc_loop Xdummy ultravnc_repeater.pl connect_switch +EXTRA_DIST=README blockdpy.c dtVncPopup rx11vnc rx11vnc.pl shm_clear ranfb.pl slide.pl vcinject.pl x11vnc_loop Xdummy ultravnc_repeater.pl connect_switch panner.pl desktop.cgi inet6to4 diff --git a/x11vnc/misc/README b/x11vnc/misc/README index abb60f6..f38616e 100644 --- a/x11vnc/misc/README +++ b/x11vnc/misc/README @@ -33,3 +33,14 @@ Misc. scripts: use Xsetup mechanism. Xdummy An LD_PRELOAD kludge to run the Xorg "dummy" device driver like Xvfb. + + ultravnc_repeater.pl: Unix script to act as UltraVNC repeater proxy. + + connect_switch: Share HTTPS, VNC, SSH, etc. through a single port (e.g. 443) + + panner.pl Allows a small rectangle to pan around a desktop more or less. + + desktop.cgi CGI script for creating multi-user virtual desktops on a + server. Also can do port-redirection to internal machines. + + inet6to4 ipv6 to ipv4 relay (i.e. until libvncserver supports ipv6) diff --git a/x11vnc/misc/connect_switch b/x11vnc/misc/connect_switch index ad6d138..212157f 100755 --- a/x11vnc/misc/connect_switch +++ b/x11vnc/misc/connect_switch @@ -1,6 +1,6 @@ #!/usr/bin/perl # -# Copyright (c) 2006-2009 by Karl J. Runge <runge@karlrunge.com> +# Copyright (c) 2006-2010 by Karl J. Runge <runge@karlrunge.com> # # connect_switch is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -35,10 +35,14 @@ # because the CONNECT request appears to be forwarded encrypted to # the remote host and so the SSL dies immediately. # +# It can also be used to redirect ANY protocol, e.g. SSH, not just VNC. +# See CONNECT_SWITCH_APPLY_VNC_OFFSET=0 to disable VNC 5900 shift. +# # Note: There is no need to use this script for a non-ssl apache webserver # port because mod_proxy works fine for doing the switching all inside # apache (see ProxyRequests and AllowCONNECT parameters). # +# # Apache configuration: # # The mod_ssl configuration is often in a file named ssl.conf. In the @@ -68,6 +72,126 @@ # It is probably a good idea to set $listen_host below to the known # IP address you want the service to listen on (to avoid localhost where # apache is listening). +# + +#################################################################### +# NOTE: For more info on configuration settings, read below for +# all of the CONNECT_SWITCH_* env. var. parameters. +#################################################################### + + +#################################################################### +# Allow env vars to also be specified on cmdline: +# +foreach my $arg (@ARGV) { + if ($arg =~ /^(CONNECT_SWITCH.*?)=(.*)$/) { + $ENV{$1} = $2; + } +} + +# Set up logging: +# +if (exists $ENV{CONNECT_SWITCH_LOGFILE}) { + close STDOUT; + if (!open(STDOUT, ">>$ENV{CONNECT_SWITCH_LOGFILE}")) { + die "connect_switch: $ENV{CONNECT_SWITCH_LOGFILE} $!\n"; + } + close STDERR; + open(STDERR, ">&STDOUT"); +} +select(STDERR); $| = 1; +select(STDOUT); $| = 1; + +# interrupt handler: +# +my $looppid = ''; +my $pidfile = ''; +my $listen_sock = ''; # declared here for get_out() +# +sub get_out { + print STDERR "$_[0]:\t$$ looppid=$looppid\n"; + close $listen_sock if $listen_sock; + if ($looppid) { + kill 'TERM', $looppid; + fsleep(0.2); + } + unlink $pidfile if $pidfile; + exit 0; +} +$SIG{INT} = \&get_out; +$SIG{TERM} = \&get_out; + +# pidfile: +# +sub open_pidfile { + if (exists $ENV{CONNECT_SWITCH_PIDFILE}) { + my $pf = $ENV{CONNECT_SWITCH_PIDFILE}; + if (open(PID, ">$pf")) { + print PID "$$\n"; + close PID; + $pidfile = $pf; + } else { + print STDERR "could not open pidfile: $pf - $! - continuing...\n"; + } + delete $ENV{CONNECT_SWITCH_PIDFILE}; + } +} + +#################################################################### +# Set CONNECT_SWITCH_LOOP=1 to have this script create an outer loop +# restarting itself if it ever exits. Set CONNECT_SWITCH_LOOP=BG to +# do this in the background as a daemon. + +if (exists $ENV{CONNECT_SWITCH_LOOP}) { + my $csl = $ENV{CONNECT_SWITCH_LOOP}; + if ($csl ne 'BG' && $csl ne '1') { + die "connect_switch: invalid CONNECT_SWITCH_LOOP.\n"; + } + if ($csl eq 'BG') { + # go into bg as "daemon": + setpgrp(0, 0); + my $pid = fork(); + if (! defined $pid) { + die "connect_switch: $!\n"; + } elsif ($pid) { + wait; + exit 0; + } + if (fork) { + exit 0; + } + setpgrp(0, 0); + close STDIN; + if (! $ENV{CONNECT_SWITCH_LOGFILE}) { + close STDOUT; + close STDERR; + } + } + delete $ENV{CONNECT_SWITCH_LOOP}; + + if (exists $ENV{CONNECT_SWITCH_PIDFILE}) { + open_pidfile(); + } + + print STDERR "connect_switch: starting service at ", scalar(localtime), " master-pid=$$\n"; + while (1) { + $looppid = fork; + if (! defined $looppid) { + sleep 10; + } elsif ($looppid) { + wait; + } else { + exec $0; + exit 1; + } + print STDERR "connect_switch: re-starting service at ", scalar(localtime), " master-pid=$$\n"; + sleep 1; + } + exit 0; +} +if (exists $ENV{CONNECT_SWITCH_PIDFILE}) { + open_pidfile(); +} ############################################################################ @@ -83,15 +207,29 @@ # CONNECT_SWITCH_VERBOSE # CONNECT_SWITCH_APPLY_VNC_OFFSET # CONNECT_SWITCH_VNC_OFFSET +# CONNECT_SWITCH_LISTEN_IPV6 +# CONNECT_SWITCH_BUFSIZE +# CONNECT_SWITCH_LOGFILE +# CONNECT_SWITCH_PIDFILE +# +# You can also set these on the cmdline: +# connect_switch CONNECT_SWITCH_LISTEN=X CONNECT_SWITCH_ALLOW_FILE=Y ... +# +# By default we will use hostname and assume it resolves: +# my $hostname = `hostname`; chomp $hostname; my $listen_host = $hostname; my $listen_port = 443; +# Let user override listening situation, e.g. multihomed: +# if (exists $ENV{CONNECT_SWITCH_LISTEN}) { + # # E.g. CONNECT_SWITCH_LISTEN=192.168.0.32:443 + # ($listen_host, $listen_port) = split(/:/, $ENV{CONNECT_SWITCH_LISTEN}); } @@ -99,10 +237,21 @@ my $httpd_host = 'localhost'; my $httpd_port = 443; if (exists $ENV{CONNECT_SWITCH_HTTPD}) { + # # E.g. CONNECT_SWITCH_HTTPD=127.0.0.1:443 + # ($httpd_host, $httpd_port) = split(/:/, $ENV{CONNECT_SWITCH_HTTPD}); } +my $bufsize = 8192; +if (exists $ENV{CONNECT_SWITCH_BUFSIZE}) { + # + # E.g. CONNECT_SWITCH_BUFSIZE=32768 + # + $bufsize = $ENV{CONNECT_SWITCH_BUFSIZE}; +} + + ############################################################################ # You can/should override the host/port settings here: # @@ -113,6 +262,9 @@ if (exists $ENV{CONNECT_SWITCH_HTTPD}) { # You must set the allowed host:port CONNECT redirection list. # Only these host:port pairs will be redirected to. +# Port ranges are allowed too: host:5900-5930. +# If there is one entry named ALL all connections are allow. +# You must supply something, default is deny. # my @allowed = qw( machine1:5915 @@ -141,6 +293,8 @@ if (exists $ENV{CONNECT_SWITCH_ALLOWED}) { # fredsbox 15 # rupert 1 +# For examply, mine is: +# my $allow_file = '/dist/apache/2.0/conf/vnc.hosts'; $allow_file = ''; @@ -158,25 +312,34 @@ my $apply_vnc_offset = 1; my $vnc_offset = 5900; if (exists $ENV{CONNECT_SWITCH_APPLY_VNC_OFFSET}) { + # # E.g. CONNECT_SWITCH_APPLY_VNC_OFFSET=0 + # $apply_vnc_offset = $ENV{CONNECT_SWITCH_APPLY_VNC_OFFSET}; } if (exists $ENV{CONNECT_SWITCH_VNC_OFFSET}) { + # # E.g. CONNECT_SWITCH_VNC_OFFSET=6000 + # $vnc_offset = $ENV{CONNECT_SWITCH_VNC_OFFSET}; } -# Set to 1 for more debugging output: +# Set to 1 or higher for more info output: # my $verbose = 0; if (exists $ENV{CONNECT_SWITCH_VERBOSE}) { + # # E.g. CONNECT_SWITCH_VERBOSE=1 + # $verbose = $ENV{CONNECT_SWITCH_VERBOSE}; } -############################################################################ + + +#=========================================================================== # No need for any changes below here. +#=========================================================================== use IO::Socket::INET; use strict; @@ -186,12 +349,29 @@ my $killpid = 1; setpgrp(0, 0); -my $listen_sock = IO::Socket::INET->new( - Listen => 10, - LocalAddr => $listen_host, - LocalPort => $listen_port, - Proto => "tcp" -); +if (exists $ENV{CONNECT_SWITCH_LISTEN_IPV6}) { + # note we leave out LocalAddr. + my $cmd = ' + use IO::Socket::INET6; + $listen_sock = IO::Socket::INET6->new( + Listen => 10, + LocalPort => $listen_port, + ReuseAddr => 1, + Domain => AF_INET6, + Proto => "tcp" + ); + '; + eval $cmd; + die "$@\n" if $@; +} else { + $listen_sock = IO::Socket::INET->new( + Listen => 10, + LocalAddr => $listen_host, + LocalPort => $listen_port, + ReuseAddr => 1, + Proto => "tcp" + ); +} if (! $listen_sock) { die "connect_switch: $!\n"; @@ -210,7 +390,7 @@ while (1) { fsleep(0.5); next; } - print STDERR "conn: $conn -- ", $client->peerhost(), "\n" if $verbose; + print STDERR "conn: $conn -- ", $client->peerhost(), " at ", scalar(localtime), "\n" if $verbose; my $pid = fork(); if (! defined $pid) { @@ -237,6 +417,10 @@ sub handle_conn { my @allow = @allowed; + # read allow file. Note we read it for every connection + # to allow the admin to modify it w/o restarting us. + # better way would be to read in parent and check mtime. + # if ($allow_file && -f $allow_file) { if (open(ALLOW, "<$allow_file")) { while (<ALLOW>) { @@ -259,6 +443,8 @@ sub handle_conn { } } + # Read the first 7 bytes of connection, see if it is 'CONNECT' + # my $str = ''; my $N = 0; my $isconn = 1; @@ -267,7 +453,7 @@ sub handle_conn { sysread($client, $b, 1); $str .= $b; $N++; - print STDERR "read: '$str'\n" if $verbose; + print STDERR "read: '$str'\n" if $verbose > 1; my $cstr = substr('CONNECT', 0, $i+1); if ($str ne $cstr) { $isconn = 0; @@ -276,28 +462,60 @@ sub handle_conn { } my $sock = ''; + if ($isconn) { + # it is CONNECT, read rest of HTTP header: + # while ($str !~ /\r\n\r\n/) { my $b; sysread($client, $b, 1); $str .= $b; } - print STDERR "read: $str\n" if $verbose; + print STDERR "read: $str\n" if $verbose > 1; + # get http version and host:port + # my $ok = 0; my $hostport = ''; my $http_vers = '1.0'; if ($str =~ /^CONNECT\s+(\S+)\s+HTTP\/(\S+)/) { $hostport = $1; $http_vers = $2; - foreach my $hp (@allow) { - if ($hp eq $hostport) { - $ok = 1; - last; + + my ($h, $p) = split(/:/, $hostport); + if ($p =~ /^\d+$/) { + # check allowed host list: + foreach my $hp (@allow) { + if ($hp eq 'ALL') { + $ok = 1; + } + if ($hp eq $hostport) { + $ok = 1; + } + if ($hp =~ /^(.*):(\d+)-(\d+)$/) { + my $ahost = $1; + my $pmin = $2; + my $pmax = $3; + if ($h eq $ahost) { + if ($p >= $pmin && $p <= $pmax) { + $ok = 1; + } + } + } + last if $ok; } } } + + my $msg_1 = "HTTP/$http_vers 200 Connection Established\r\n" + . "Proxy-agent: connect_switch v0.2\r\n\r\n"; + my $msg_2 = "HTTP/$http_vers 502 Bad Gateway\r\n" + . "Connection: close\r\n\r\n"; + if (! $ok) { + # disallowed. drop with message. + # + syswrite($client, $msg_2, length($msg_2)); close $client; exit 0; } @@ -312,18 +530,20 @@ sub handle_conn { Proto => "tcp" ); my $msg; + + # send the connect proxy reply: + # if ($sock) { - $msg = "HTTP/$http_vers 200 Connection Established\r\n" - . "Proxy-agent: connect_switch v0.2\r\n\r\n"; + $msg = $msg_1; } else { - $msg = "HTTP/$http_vers 502 Bad Gateway\r\n" - . "Connection: close\r\n\r\n"; + $msg = $msg_2; } syswrite($client, $msg, length($msg)); $str = ''; } else { - print STDERR "connecting to: $httpd_host:$httpd_port\n" - if $verbose; + # otherwise, redirect to apache for normal https: + # + print STDERR "connecting to: $httpd_host:$httpd_port\n" if $verbose; $sock = IO::Socket::INET->new( PeerAddr => $httpd_host, PeerPort => $httpd_port, @@ -336,6 +556,8 @@ sub handle_conn { die "connect_switch: $!\n"; } + # get ready for xfer phase: + # $current_fh1 = $client; $current_fh2 = $sock; @@ -349,6 +571,8 @@ sub handle_conn { kill 'TERM', $child; } } else { + # write those first bytes if not CONNECT: + # if ($str ne '' && $N > 0) { syswrite($sock, $str, $N); } @@ -358,9 +582,9 @@ sub handle_conn { kill 'TERM', $parent; } } - if ($verbose) { + if ($verbose > 1) { my $dt = time() - $start; - print STDERR "dt\[$$]: $dt\n"; + print STDERR "duration\[$$]: $dt seconds. ", scalar(localtime), "\n"; } exit 0; } @@ -380,7 +604,7 @@ sub xfer { while (! $nf) { $nf = select($ROUT=$RIN, undef, undef, undef); } - my $len = sysread($in, $buf, 8192); + my $len = sysread($in, $buf, $bufsize); if (! defined($len)) { next if $! =~ /^Interrupted/; print STDERR "connect_switch\[$lab/$conn/$$]: $!\n"; @@ -392,7 +616,7 @@ sub xfer { } if (0) { - # verbose debugging of data: + # very verbose debugging of data: syswrite(STDERR , "\n$lab: ", 6); syswrite(STDERR , $buf, $len); } diff --git a/x11vnc/misc/desktop.cgi b/x11vnc/misc/desktop.cgi new file mode 100755 index 0000000..c2f9cc9 --- /dev/null +++ b/x11vnc/misc/desktop.cgi @@ -0,0 +1,1134 @@ +#!/usr/bin/perl +# +# desktop.cgi +# +# An example cgi script to provide multi-user web access to x11vnc +# desktops. This script should/must be served by an HTTPS webserver, +# otherwise the unix and vnc passwords are sent over the network +# unencrypted (see below to disable) +# +# Note that the x11vnc -create virtual desktop service used below requires +# that you install the 'Xvfb' program. +# +# You should put this script in, say, a cgi-bin directory. +# +# You will *also* need to copy the x11vnc classes/ssl/UltraViewerSSL.jar +# file to the document root: /UltraViewerSSL.jar (or change the html +# at bottom.) +# +# Each x11vnc server created for a login will listen on its own port (see +# below for port selection schemes.) Your firewall must let in these ports. +# It is difficult and not as reliable to do all of this through a single port; +# however, see the fixed port scheme find_free_port = 'fixed:5900' below. +# +# Note there are two SSL certificates involved that the user may be +# asked to inspect: apache's SSL cert and x11vnc's SSL cert. This may +# confuse the user. +# +# This script provides one example on how to provide the service. You can +# customize to meet your needs, e.g. switch to php, newer modules, +# different authentication, SQL database, etc. If you plan to use it +# in production, please examine all security aspects of it carefully; +# read the comments in the script for more info. +# +# More information and background: +# +# http://www.karlrunge.com/x11vnc/faq.html#faq-xvfb +# http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-tunnel-viewers +# http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-java-viewer-proxy +# http://www.karlrunge.com/x11vnc/faq.html#faq-ssl-portal +# http://www.karlrunge.com/x11vnc/faq.html#faq-unix-passwords +# http://www.karlrunge.com/x11vnc/faq.html#faq-userlogin + + +#------------------------------------------------------------------------- +# Copyright (c) 2010 by Karl J. Runge <runge@karlrunge.com> +# +# desktop.cgi is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or (at +# your option) any later version. +# +# desktop.cgi is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with desktop.cgi; if not, write to the Free Software +# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA +# or see <http://www.gnu.org/licenses/>. +#------------------------------------------------------------------------- + +use strict; +use IO::Socket::INET; + + +# TCP Ports: +# +# Set find_free_port to 1 (or the other modes described below) to +# autoselect a free port to use. The default is to use a fixed port +# based on the userid. +# +my $find_free_port = 0; +# +# Or specify a port range: +# +#$find_free_port = '7000-8000'; +# +# Or indicate to use a kludge to try to do everything through a SINGLE +# port. To try to avoid contention on the port, simultaneous instances +# of this script attempt to 'take turns' using it. +# +#$find_free_port = 'fixed:5900'; + + +# Port redirection mode: +# +# This is to allow port redirection mode: username@host:port If username +# is valid, there will be a port redirection to internal machine +# host:port. Presumably there is already an SSL enabled and password +# protected VNC server running there. We don't start that server. +# See the next setting for an allowed hosts file. The default for port +# redirection is off. +# +my $enable_port_redirection = 0; + +# A file with allowed port redirections. The empty string '' (the +# default) means all host:port redirections would be allowed. +# +# Format of the file: A list of 'user@host:port' or 'host:port' +# entries, one per line. Port ranges, e.g. host:n-m are also accepted. +# +# Leading and trailing whitespace is trimmed off each line. Blank lines +# and comment lines starting with '#' are skipped. A line consisting of +# 'ALL' matches everything. If no match can be found or the file cannot +# be opened the connection is dropped. +# +my $port_redirection_allowed_hosts = ''; + + +# Set to 0 to have the java applet html set the parameter +# trustUrlVncCert=no, i.e. the applet will not automatically accept an +# SSL cert already accepted by an HTTPS URL. See print_applet_html() +# below for more info. +# +my $trustUrlVncCert = 1; + + +# Comment this out if you don't want PATH modified: +# +$ENV{PATH} = "/usr/bin:bin:$ENV{PATH}"; + + +# For the next two settings, note that most users will be confused that +# geometry and session are ignored when they are returning to their +# existing desktop session (x11vnc FINDDISPLAY action.) + +# Used below if user did not specify preferred geometry and color depth: +# +my $default_geometry = '1024x768x24'; + + +# Set this to the list of x11vnc -create sessions types to show a session +# dropdown for the user to select from. +# +my $session_types = ''; +# +# example: +#$session_types = 'gnome kde xfce lxde wmaker enlightenment mwm twm failsafe'; + + +# Set this to 1 to enable user setting a unique tag for each one +# of his desktops and so can have multiple ones simultaneously and +# select which one he wants. For now we just hack this onto geometry +# 1024x768x24:my_2nd_desktop but ultimately there should be a form entry +# for it. Search for enable_unique_tags for more info: +# +my $enable_unique_tags = 0; +my $unique_tag = ''; + +# You can set some extra x11vnc cmdline options here: +# +my $x11vnc_extra_opts = ''; + + +# Path to x11vnc program: +# +my $x11vnc = '/usr/bin/x11vnc'; + +if (`uname -n` =~ /haystack/) { + # for my testing: + if (-f "/home/runge/dtcgi.test") { + eval `cat /home/runge/dtcgi.test`; + } +} + + +# http header: +# +print STDOUT "Content-Type: text/html\r\n\r\n"; + + +# Require HTTPS so that unix and vnc passwords are not sent in clear text +# (perhaps it is too late...) Disable HTTPS at your own risk. +# +if ($ENV{HTTPS} !~ /^on$/i) { + bye("HTTPS must be used (to encrypt passwords)"); +} + + +# Read request: +# +my $request; +if ($ENV{'REQUEST_METHOD'} eq "POST") { + read(STDIN, $request, $ENV{'CONTENT_LENGTH'}); +} elsif ($ENV{'REQUEST_METHOD'} eq "GET" ) { + $request = $ENV{'QUERY_STRING'}; +} else { + $request = $ARGV[0]; +} + +my %request = url_decode(split(/[&=]/, $request)); + + +# Experiment for FD_TAG x11vnc feature for multiple desktops: +# +# we hide it in geometry:tag for now: +# +if ($enable_unique_tags && $request{geometry} =~ /^(.*):(\w+)$/) { + $request{geometry} = $1; + $unique_tag = $2; +} + +# Check/set geometry and session: +# +if (!exists $request{geometry} || $request{geometry} !~ /^[x\d]+$/) { + # default geometry and depth: + $request{geometry} = $default_geometry; +} +if (!exists $request{session} || $request{session} =~ /^\s*$/) { + $request{session} = ''; +} + + +# String for the login form: +# +my $login_str = <<"END"; +<title>x11vnc web access</title> +<h3>x11vnc web access</h3> +<form action="$ENV{REQUEST_URI}" method="post"> + <table border="0"> + <tr><td colspan=2><h2>Login</h2></td></tr> + <tr><td>Username:</td><td> + <input type="text" name="username" maxlength="40" value="$request{username}"> + </td></tr> + <tr><td>Password:</td><td> + <input type="password" name="password" maxlength="50"> + </td></tr> + <tr><td>Geometry:</td><td> + <input type="text" name="geometry" maxlength="40" value="$request{geometry}"> + </td></tr> + <!-- session --> + <tr><td colspan="2" align="right"> + <input type="submit" name="submit" value="Login"> + </td></tr> + </table> +</form> +END + + +# Set up user selected desktop session list, if enabled: +# +my %sessions; + +if ($session_types ne '') { + my $str = "<tr><td>Session:</td><td>\n<select name=session>"; + $str .= "<option value=none>select</option>"; + + foreach my $sess (split(' ', $session_types)) { + next if $sess =~ /^\s*$/; + next if $sess !~ /^\w+$/; # alphanumeric + $sessions{$sess} = 1; + $str .= "<option value=$sess>$sess</option>"; + } + $str .= "</select>\n</td></tr>"; + + # This forces $request{session} to be a valid one: + # + if (! exists $sessions{$request{session}}) { + $request{session} = 'none'; + } + + # Insert into login_str: + # + my $r = $request{session}; + $str =~ s/option value=\Q$r\E/option selected value=$r/; + $login_str =~ s/<!-- session -->/$str/; +} + + +# If no username or password, show login form: +# +if (!$request{username} && !$request{password}) { + bye($login_str); +} elsif (!$request{username}) { + bye("No Username.<p>$login_str"); +} elsif (!$request{password}) { + bye("No Password.<p>$login_str"); +} + + +# Some shorthand names: +# +my $username = $request{username}; +my $password = $request{password}; +my $geometry = $request{geometry}; +my $session = $request{session}; + + +# If port redirection is enabled, split username@host:port +# +my $redirect_host = ''; +my $current_fh1 = ''; +my $current_fh2 = ''; + +if ($enable_port_redirection) { + ($username, $redirect_host) = split(/@/, $username, 2); + if ($redirect_host ne '') { + # will exit if the redirection is not allowed: + check_redirect_host(); + } +} + + +# Require username to be alphanumeric + '-' + '_': +# (one may want to add '.' as well) +# +if ($username !~ /^\w[-\w]*$/) { + bye("Invalid Username.<p>$login_str"); +} + + +# Get the userid number, we may use it as his VNC display port; this +# also checks if the username exists: +# +my $uid = `/usr/bin/id -u '$username'`; +chomp $uid; +if ($? != 0 || $uid !~ /^\d+$/) { + bye("Invalid Username.<p>$login_str"); +} + + +# Use x11vnc trick to check if the unix password is valid: +# +if (!open(X11VNC, "| $x11vnc -unixpw \%stdin > /dev/null")) { + bye("Internal Error #1"); +} +print X11VNC "$username:$password\n"; + +if (!close X11VNC) { + # x11vnc returns non-zero for invalid username+password: + bye("Invalid Password.<p>$login_str"); +} + + +# Initialize random number generator for use below: +# +initialize_random(); + + +# Set vnc port: +# +my $vnc_port = 0; +my $fixed_port = 0; + +if (! $find_free_port) { + # Fixed port based on userid (we assume it is free): + # + $vnc_port = 7000 + $uid; + +} elsif ($find_free_port =~ /^fixed:(\d+)$/) { + # + # Enable the -loopbg method that tries to share a single port: + # + $vnc_port = $1; + $fixed_port = 1; +} else { + # Autoselect a port, either default range (7000-8000) or a user + # supplied range. (note that $find_free_port will now contain + # a socket listening on the found port so that it is held.) + # + $vnc_port = auto_select_port(); +} + +# Check for crazy port value: +# +if ($vnc_port > 64000 || $vnc_port < 1) { + bye("Internal Error #2 $vnc_port"); +} + + +# If port redirection is enabled and the user selected it via +# username@host:port, we do that right now and then exit. +# +if ($enable_port_redirection && $redirect_host ne '') { + port_redir(); + exit 0; +} + + +# Make a random, onetime vnc password: +# +my $pass = ''; +my $chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; +my @abc = split(//, $chars); + +for (my $i = 0; $i < 8; $i++) { + $pass .= $abc[ rand(scalar(@abc)) ]; +} + +# Use x11vnc trick to switch to user and store vnc pass in the passwdfile. +# Result is $pass is placed in user's $HOME/x11vnc.pw +# +# (This is actually difficult to do without untrusted local users being +# able to see the pass as well, see copy_password_to_user() for details +# on how we try to avoid this.) +# +copy_password_to_user($pass); + + +# Make a tmp file for x11vnc launcher script: +# +my $tmpfile = `/bin/mktemp /tmp/desktop.cgi.XXXXXX`; +chomp $tmpfile; + +# Check if the tmpfile is valid: +# +if (! -e $tmpfile || ! -o $tmpfile || -l $tmpfile) { + unlink $tmpfile; + bye("Internal Error #3"); +} +if (!chmod 0644, $tmpfile) { + unlink $tmpfile; + bye("Internal Error #4"); +} +if (!open(TMP, ">$tmpfile")) { + unlink $tmpfile; + bye("Internal Error #5"); +} + + +# The x11vnc command. You adjust it to suit your needs. +# +# some ideas: -env FD_PROG=/usr/bin/gnome-session +# -env FD_SESS=kde +# -env FD_TAG=my_2nd_desktop +# -ultrafilexfer +# +# Note that -timeout will cause it to exit if client does not connect +# and -sslonly disables VeNCrypt SSL connections. + +# Some settings: +# +my $timeout = 75; +my $extra = ''; +if ($fixed_port) { + # settings for fixed port case: + $timeout = 45; + $extra .= " -loopbg100,1"; +} +if ($session_types ne '') { + # settings for session selection case: + if (exists $sessions{$session}) { + $extra .= " -env FD_SESS='$session'"; + } +} +if ($enable_unique_tags && $unique_tag ne '' && $unique_tag =~ /^\w+$/) { + $extra .= " -env FD_TAG='$unique_tag'"; +} + +# This md5sum check of the vnc passwd is for extra safety (see +# copy_password_to_user for details.) +# +my $md5sum = ''; +system("type md5sum > /dev/null"); +if ($? == 0) { + my $md5 = `/bin/mktemp /tmp/desktop.cgi.XXXXXX`; + chomp $md5; + # compute md5sum of password: + if (-o $md5 && open(MD5, "| md5sum > $md5")) { + print MD5 "$pass\n"; + close MD5; + if (open(MD5, "<$md5")) { + # read it: + my $line = <MD5>; + close MD5; + my ($s, $t) = split(' ', $line); + if (length($s) >= 32 && $s =~ /^\w+$/) { + # shell code for user to check he has correct passwd: + $md5sum = "if md5sum \$HOME/x11vnc.pw | grep '$s' > /dev/null; then true; else exit 1; fi"; + } + } + } + unlink $md5; +} + +# write x11vnc command to the tmp file: +# +print TMP <<"END"; +#!/bin/sh +export PATH=/usr/bin:/bin:\$PATH +$md5sum +$x11vnc -sigpipe ignore:HUP -nopw -rfbport $vnc_port \\ + -passwdfile \$HOME/x11vnc.pw -oa \$HOME/x11vnc.log \\ + -create -ssl SAVE -sslonly -env FD_GEOM=$geometry \\ + -timeout $timeout $extra $x11vnc_extra_opts \\ + >/dev/null 2>/dev/null </dev/null & +sleep 2 +exit 0 +END + +close TMP; + +# Now launch x11vnc to switch to user and run the wrapper script: +# (this requires x11vnc 0.9.10 or later.) +# +$ENV{UNIXPW_CMD} = "/bin/sh $tmpfile"; + +# For the fixed port scheme we try to cooperate via lock file: +# +my $rmlock = ''; +# +if ($fixed_port) { + # try to grab the fixed port for the next 90 secs removing stale + # locks older than 60 secs: + # + $rmlock = lock_fixed_port(90, 60); +} + +# Start the x11vnc cmd: +# +if (!open(X11VNC, "| $x11vnc -unixpw \%stdin > /dev/null")) { + unlink $tmpfile; + unlink $rmlock if $rmlock; + bye("Internal Error #6"); +} + +select(X11VNC); $| = 1; select(STDOUT); + +# Close any port we held. There is still a gap of time between now +# and when when x11vnc in $tmpfile reopens the port after the password +# authentication. So another instance of this script could accidentally +# think it is free... +# +sleep 1; +close $find_free_port if $find_free_port; + +print X11VNC "$username:$password\n"; +close X11VNC; # note we ignore return value. +unlink $tmpfile; + +if ($rmlock) { + # let our x11vnc proceed a bit before removing lock. + sleep 2; + unlink $rmlock; +} + +# Return html for the java applet to connect to x11vnc. +# +print_applet_html(); + +exit 0; + +################################################################# +# Subroutines: + +# print the message to client and exit with success. +# +sub bye { + my $msg = shift; + print STDOUT "<html>$msg</html>\n"; + exit 0; +} + +# decode %xx to character: +# +sub url_decode { + foreach (@_) { + tr/+/ /; + s/%(..)/pack("c",hex($1))/ge; + } + @_; +} + +# seed random +# +sub initialize_random { + my $rbytes = ''; + if (open(RAN, "</dev/urandom")) { + read(RAN, $rbytes, 8); + } elsif (open(RAN, "</dev/random")) { + read(RAN, $rbytes, 8); + } else { + $rbytes = sprintf("%08d", $$); + } + close RAN; + + # set seed: + # + my $seed = join('', unpack("C8", $rbytes)); + $seed = substr($seed, -9); + srand($seed); + + for (my $i = 0; $i < ($$ % 4096); $i++) { + # Mix it up even a little bit more. There should be + # over 1 billion possible vnc passwords now. + rand(); + } +} + +# Autoselect a port for vnc. Note that a socket for the found port +# is kept open (and stored in $find_free_port) until we call x11vnc at +# the end. +# +sub auto_select_port { + my $pmin = 7000; # default range. + my $pmax = 8000; + + if ($find_free_port =~ /^(\d+)-(\d+)$/) { + # user supplied a range: + $pmin = $1; + $pmax = $2; + if ($pmin > $pmax) { + ($pmin, $pmax) = ($pmax, $pmin); + } + } elsif ($find_free_port > 1024) { + # user supplied a starting port: + $pmin = $find_free_port; + $pmax = $pmin + 1000; + } + + # Try to add a bit of randomness to the starting port so + # simultaneous instances of this script won't be fooled by the gap + # of time before x11vnc reopens the port (see near the bottom.) + # + my $dp = int(rand(1.0) * 0.25 * ($pmax - $pmin)); + if ($pmin + $dp < $pmax - 20) { + $pmin = $pmin + $dp; + } + + my $port = 0; + + # Now try to find a free one: + # + for (my $p = $pmin; $p <= $pmax; $p++) { + my $sock = IO::Socket::INET->new( + Listen => 1, + LocalPort => $p, + ReuseAddr => 1, + Proto => "tcp" + ); + if ($sock) { + # we will keep this open until we call x11vnc: + $find_free_port = $sock; + $port = $p; + last; + } + } + return $port; +} + +# Since apache typically runs as user 'apache', 'nobody', etc, and not +# as root it is tricky for us to copy the pass string to a file owned by +# the user without some other untrusted local user being able to learn +# the password (e.g. via reading a file or watching ps.) Note that with +# the x11vnc -unixpw trick we unfortunately can't use a pipe because +# the user command is run in its own tty. +# +# The best way would be a sudo action or a special setuid program for +# copying. So consider using that and thereby simplify this function. +# +# Short of a special program doing this, we use a fifo so ONLY ONE +# process can read the password. If the untrusted local user reads it, +# then the logging-in user's x11vnc won't get it. The login and x11vnc +# will fail, but the untrusted user won't gain access to the logging-in +# user's desktop. +# +# So here we start long, tedious work carefully managing the fifo. +# +sub copy_password_to_user { + + my $pass = shift; + + my $use_fifo = ''; + + # Find a command to make a fifo: + # + system("type mkfifo > /dev/null"); + if ($? == 0) { + $use_fifo = 'mkfifo %s'; + } else { + system("type mknod > /dev/null"); + if ($? == 0) { + $use_fifo = 'mknod %s p'; + } + } + + # Create the filename for our fifo: + # + my $fifo = `/bin/mktemp /tmp/desktop.cgi.XXXXXX`; + chomp $fifo; + + if (! -e $fifo || ! -o $fifo || -l $fifo) { + unlink $fifo; + bye("Internal Error #7"); + } + + # Make the fifo: + # + if ($use_fifo) { + $use_fifo = sprintf($use_fifo, $fifo); + + # there is a small race here: + system("umask 077; rm -f $fifo; $use_fifo; chmod 600 $fifo"); + + if (!chmod 0600, $fifo) { + # we chmod once more.. + unlink $fifo; + bye("Internal Error #8"); + } + + if (! -o $fifo || ! -p $fifo || -l $fifo) { + # but we get out if not owned by us anymore: + unlink $fifo; + bye("Internal Error #9"); + } + } + + # Build cmd for user to read our fifo: + # + my $upw = '$HOME/x11vnc.pw'; + $ENV{UNIXPW_CMD} = "touch $upw; chmod 600 $upw; cat $fifo > $upw"; + + # Start it: + # + if (!open(X11VNC, "| $x11vnc -unixpw \%stdin > /dev/null")) { + unlink $fifo; + bye("Internal Error #10"); + } + select(X11VNC); $| = 1; select(STDOUT); + + if (! $use_fifo) { + # regular file, we need to write it now. + if (!open(FIFO, ">$fifo")) { + close X11VNC; + unlink $fifo; + bye("Internal Error #11"); + } + print FIFO "$pass\n"; + close FIFO; + } + + # open fifo up for reading. + # (this means the bad guy can read it too.) + # + if (!chmod 0644, $fifo) { + unlink $fifo; + bye("Internal Error #12"); + } + + # send the user's passwd now: + # + print X11VNC "$username:$password\n"; + + if ($use_fifo) { + # wait a bit for the cat $fifo to start, reader will block. + sleep 1; + if (!open(FIFO, ">$fifo")) { + close X11VNC; + unlink $fifo; + bye("Internal Error #13"); + } + # here it goes: + print FIFO "$pass\n"; + close FIFO; + } + close X11VNC; # note we ignore return value. + fsleep(0.5); + #print STDERR `ls -l $fifo ~$username/x11vnc.pw`; + unlink $fifo; + + # Done! +} + +# For fixed, single port mode. Try to open and lock the port before +# proceeding. +# +sub lock_fixed_port { + my ($t_max, $t_age) = @_; + + # lock file name: + # + my $lock = '/tmp/desktop.cgi.lock'; + my $remove = ''; + + my $t = 0; + my $sock = ''; + + while ($t < $t_max) { + if (-e $lock) { + # clean out stale locks if possible: + if (! -l $lock) { + unlink $lock; + } else { + my ($pid, $time) = split(/:/, readlink($lock)); + if (! -d "/proc/$pid") { + unlink $lock; + } + if (time() > $time + $t_age) { + unlink $lock; + } + } + } + + my $reason = ''; + + if (-l $lock) { + # someone has locked it. + $reason = 'locked'; + } else { + # unlocked, try to listen on port: + $sock = IO::Socket::INET->new( + Listen => 1, + LocalPort => $vnc_port, + ReuseAddr => 1, + Proto => "tcp" + ); + if ($sock) { + # we got it, now try to lock: + my $str = "$$:" . time(); + if (symlink($str, $lock)) { + $remove = $lock; + $find_free_port = $sock; + last; + } + # wow, we didn't lock it... + $reason = "symlink failed: $!"; + close $sock; + } else { + $reason = "listen failed: $!"; + } + } + # sleep a bit and then try again: + # + print STDERR "$$ failed to get fixed port $vnc_port for $username at $t ($reason)\n"; + $sock = ''; + $t += 5; + sleep 5; + } + if (! $sock) { + bye("Failed to lock fixed TCP port. Try again a bit later.<p>$login_str"); + } + print STDERR "$$ got fixed port $vnc_port for $username at $t\n"; + + # Return the file to remove, if any: + # + return $remove; +} + + +# Return html for the java applet to connect to x11vnc. +# +# N.B. Please examine the applet params, e.g. trustUrlVncCert=yes to +# see if you agree with them. See x11vnc classes/ssl/README for all +# parameters. +# +# Note how we do not take extreme care to authenticate the server to +# the client applet (but note that trustUrlVncCert=yes is better than +# trustAllVncCerts=yes) One can tighten all of this up at the expense +# of extra certificate dialogs (assuming the user bothers to check...) +# +# This assumes /UltraViewerSSL.jar is at document root; you need to put +# it there. +# +sub print_applet_html { + my ($W, $H, $D) = split(/x/, $geometry); + $W = 640; # make it smaller since we 'Open New Window' below anyway. + $H = 480; + my $tUVC = ($trustUrlVncCert ? 'yes' : 'no'); + my $str = <<"END"; +<html> +<TITLE> +x11vnc desktop ($uid/$vnc_port) +</TITLE> +<APPLET CODE=VncViewer.class ARCHIVE=/UltraViewerSSL.jar WIDTH=$W HEIGHT=$H> +<param name=PORT value=$vnc_port> +<param name=VNCSERVERPORT value=$vnc_port> +<param name=PASSWORD value=$pass> +<param name=trustUrlVncCert value=$tUVC> +<param name="Open New Window" value=yes> +<param name="Offer Relogin" value=no> +<param name="ignoreMSLogonCheck" value=yes> +<param name="delayAuthPanel" value=yes> +<!-- extra --> +</APPLET> +<br> +<a href="$ENV{REQUEST_URI}">Login page</a><br> +<a href=http://www.karlrunge.com/x11vnc>x11vnc website</a> +</html> +END + + if ($enable_port_redirection && $redirect_host ne '') { + $str =~ s/name=PASSWORD value=.*>/name=NOT_USED value=yes>/; + #$str =~ s/<!-- extra -->/<!-- extra -->\n<param name="ignoreProxy" value=yes>/; + } + + print $str; +} + +########################################################################## +# The following subroutines are for port redirection only, which is +# disabled by default ($enable_port_redirection == 0) +# +sub port_redir { + # To aid in avoiding zombies: + # + setpgrp(0, 0); + + # For the fixed port scheme we try to cooperate via lock file: + # + my $rmlock = ''; + # + if ($fixed_port) { + # try to grab the fixed port for the next 90 secs removing + # stale locks older than 60 secs: + # + $rmlock = lock_fixed_port(90, 60); + + } elsif ($find_free_port eq '0') { + $find_free_port = IO::Socket::INET->new( + Listen => 1, + LocalPort => $vnc_port, + ReuseAddr => 1, + Proto => "tcp" + ); + } + # In all cases, at this point $find_free_port is the listening + # socket. + + # fork a helper process to do the port redir: + # + # Actually we need to spawn 4(!) of them in case the proxy check + # /check.https.proxy.connection (it is by default) and the other + # test connections. Spawn one for each expected connection, for + # whatever applet parameter usage mode you set up. + # + for (my $n = 1; $n <= 4; $n++) { + my $pid = fork(); + if (! defined $pid) { + bye("Internal Error #14"); + } elsif ($pid) { + wait; + } else { + if (fork) { + exit 0; + } + setpgrp(0, 0); + handle_conn(); + exit 0; + } + } + + # We now close the listening socket: + # + close $find_free_port; + + if ($rmlock) { + # let our process proceed a bit before removing lock. + sleep 1; + unlink $rmlock; + } + + # Now send html to the browser so it can connect: + # + print_applet_html(); + + exit 0; +} + +# This checks the validity of a username@host:port for the port +# redirection mode. Finishes and exits if it is invalid. +# +sub check_redirect_host { + # First check that the host:port string is valid: + # + if ($redirect_host !~ /^\w[-\w\.]*:\d+$/) { + bye("Invalid Redirect Host:Port.<p>$login_str"); + } + # Second, check if the allowed host file permits it: + # + if ($port_redirection_allowed_hosts ne '') { + if (! open(ALLOWED, "<$port_redirection_allowed_hosts")) { + bye("Internal Error #15"); + } + my $ok = 0; + while (my $line = <ALLOWED>) { + chomp $line; + # skip blank lines and '#' comments: + next if $line =~ /^\s*$/; + next if $line =~ /^\s*#/; + + # trim spaces from ends: + $line =~ s/^\s*//; + $line =~ s/\s*$//; + + # collect host:ports in case port range given: + my @items; + if ($line =~ /^(.*):(\d+)-(\d+)$/) { + # port range: + my $host = $1; + my $pmin = $2; + my $pmax = $3; + for (my $p = $pmin; $p <= $pmax; $p++) { + push @items, "$host:$p"; + } + } else { + push @items, $line; + } + + # now check each item for a match: + foreach my $item (@items) { + if ($item eq 'ALL') { + $ok = 1; + last; + } elsif ($item =~ /@/) { + if ("$username\@$redirect_host" eq $item) { + $ok = 1; + last; + } + } elsif ($redirect_host eq $item) { + $ok = 1; + last; + } + } + # got a match: + last if $ok; + } + close ALLOWED; + + if (! $ok) { + bye("Disallowed Redirect Host:Port.<p>$login_str"); + } + } +} + +# Much of this code is borrowed from 'connect_switch': +# +sub handle_conn { + close STDIN; + close STDOUT; + close STDERR; + + $SIG{ALRM} = sub {close $find_free_port; exit 0}; + + # We only wait 30 secs for the redir case, esp. since + # we need to spawn so many helpers... + # + alarm(30); + + my ($client, $ip) = $find_free_port->accept(); + + alarm(0); + + close $find_free_port; + + if (!$client) { + exit 1; + } + + my ($host, $port) = split(/:/, $redirect_host); + + my $sock = IO::Socket::INET->new( + PeerAddr => $host, + PeerPort => $port, + Proto => "tcp" + ); + + if (! $sock) { + close $client; + exit 1; + } + + $current_fh1 = $client; + $current_fh2 = $sock; + + $SIG{TERM} = sub {close $current_fh1; close $current_fh2; exit 0}; + + my $killpid = 1; + + my $parent = $$; + if (my $child = fork()) { + xfer($sock, $client, 'S->C'); + if ($killpid) { + fsleep(0.5); + kill 'TERM', $child; + } + } else { + xfer($client, $sock, 'C->S'); + if ($killpid) { + fsleep(0.75); + kill 'TERM', $parent; + } + } + exit 0; +} + +# This does socket data transfer in one direction. +# +sub xfer { + my($in, $out, $lab) = @_; + my ($RIN, $WIN, $EIN, $ROUT); + $RIN = $WIN = $EIN = ""; + $ROUT = ""; + vec($RIN, fileno($in), 1) = 1; + vec($WIN, fileno($in), 1) = 1; + $EIN = $RIN | $WIN; + my $buf; + + while (1) { + my $nf = 0; + while (! $nf) { + $nf = select($ROUT=$RIN, undef, undef, undef); + } + my $len = sysread($in, $buf, 8192); + if (! defined($len)) { + next if $! =~ /^Interrupted/; + last; + } elsif ($len == 0) { + last; + } + + my $offset = 0; + my $quit = 0; + while ($len) { + my $written = syswrite($out, $buf, $len, $offset); + if (! defined $written) { + $quit = 1; + last; + } + $len -= $written; + $offset += $written; + } + last if $quit; + } + close($in); + close($out); +} + +# Sleep a small amount of time (float) +# +sub fsleep { + my ($time) = @_; + select(undef, undef, undef, $time) if $time; +} diff --git a/x11vnc/misc/inet6to4 b/x11vnc/misc/inet6to4 new file mode 100755 index 0000000..b5c2fd1 --- /dev/null +++ b/x11vnc/misc/inet6to4 @@ -0,0 +1,400 @@ +#!/usr/bin/perl +# +# inet6to4: Act as an ipv6-to-ipv4 relay for tcp applications that +# do not support ipv6. +# +# Usage: inet6to4 <ipv6-listen-port> <ipv4-host:port> +# inet6to4 -r <ipv4-listen-port> <ipv6-host:port> +# +# Examples: inet6to4 5900 localhost:5900 +# inet6to4 8080 web1:80 +# inet6to4 -r 5900 fe80::217:f2ff:fee6:6f5a%eth0:5900 +# +# The -r option reverses the direction of translation (e.g. for ipv4 +# clients that need to connect to ipv6 servers.) Reversing is the default +# if this script is named 'inet4to6' (e.g. by a symlink.) +# +# Use Ctrl-C to stop this program. +# +# You can also set env. vars INET6TO4_LOOP=1 or INET6TO4_LOOP=BG +# to have an outer loop restarting this program (BG means do that +# in the background), and INET6TO4_LOGFILE for a log file. +# Also set INET6TO4_VERBOSE to verbosity level and INET6TO4_WAITTIME +# and INET6TO4_PIDFILE (see below.) +# + +#------------------------------------------------------------------------- +# Copyright (c) 2010 by Karl J. Runge <runge@karlrunge.com> +# +# inet6to4 is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or (at +# your option) any later version. +# +# inet6to4 is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with inet6to4; if not, write to the Free Software +# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA +# or see <http://www.gnu.org/licenses/>. +#------------------------------------------------------------------------- + +# Set up logging: +# +if (exists $ENV{INET6TO4_LOGFILE}) { + close STDOUT; + if (!open(STDOUT, ">>$ENV{INET6TO4_LOGFILE}")) { + die "inet6to4: $ENV{INET6TO4_LOGFILE} $!\n"; + } + close STDERR; + open(STDERR, ">&STDOUT"); +} +select(STDERR); $| = 1; +select(STDOUT); $| = 1; + +# interrupt handler: +# +my $looppid = ''; +my $pidfile = ''; +my $listen_sock = ''; # declared here for get_out() +# +sub get_out { + print STDERR "$_[0]:\t$$ looppid=$looppid\n"; + close $listen_sock if $listen_sock; + if ($looppid) { + kill 'TERM', $looppid; + fsleep(0.2); + } + unlink $pidfile if $pidfile; + exit 0; +} +$SIG{INT} = \&get_out; +$SIG{TERM} = \&get_out; + +# pidfile: +# +sub open_pidfile { + if (exists $ENV{INET6TO4_PIDFILE}) { + my $pf = $ENV{INET6TO4_PIDFILE}; + if (open(PID, ">$pf")) { + print PID "$$\n"; + close PID; + $pidfile = $pf; + } else { + print STDERR "could not open pidfile: $pf - $! - continuing...\n"; + } + delete $ENV{INET6TO4_PIDFILE}; + } +} + +#################################################################### +# Set INET6TO4_LOOP=1 to have this script create an outer loop +# restarting itself if it ever exits. Set INET6TO4_LOOP=BG to +# do this in the background as a daemon. + +if (exists $ENV{INET6TO4_LOOP}) { + my $csl = $ENV{INET6TO4_LOOP}; + if ($csl ne 'BG' && $csl ne '1') { + die "inet6to4: invalid INET6TO4_LOOP.\n"; + } + if ($csl eq 'BG') { + # go into bg as "daemon": + setpgrp(0, 0); + my $pid = fork(); + if (! defined $pid) { + die "inet6to4: $!\n"; + } elsif ($pid) { + wait; + exit 0; + } + if (fork) { + exit 0; + } + setpgrp(0, 0); + close STDIN; + if (! $ENV{INET6TO4_LOGFILE}) { + close STDOUT; + close STDERR; + } + } + delete $ENV{INET6TO4_LOOP}; + + if (exists $ENV{INET6TO4_PIDFILE}) { + open_pidfile(); + } + + print STDERR "inet6to4: starting service at ", scalar(localtime), " master-pid=$$\n"; + while (1) { + $looppid = fork; + if (! defined $looppid) { + sleep 10; + } elsif ($looppid) { + wait; + } else { + exec $0, @ARGV; + exit 1; + } + print STDERR "inet6to4: re-starting service at ", scalar(localtime), " master-pid=$$\n"; + sleep 1; + } + exit 0; +} +if (exists $ENV{INET6TO4_PIDFILE}) { + open_pidfile(); +} + +use IO::Socket::INET6; +use strict; +use warnings; + +# some settings: +# +my $verbose = 1; # set to 0 for no messages, 2 for more. +my $killpid = 1; # does kill(2) at end of connection. +my $waittime = 0.25; # time to wait between connections. +my $reverse = 0; # -r switch (or file named inet4to6) + +if (exists $ENV{INET6TO4_VERBOSE}) { + $verbose = $ENV{INET6TO4_VERBOSE}; +} +if (exists $ENV{INET6TO4_WAITTIME}) { + $waittime = $ENV{INET6TO4_WAITTIME}; +} + +# process command line args: + +if (! @ARGV || $ARGV[0] =~ '^-+h') { # -help + open(ME, "<$0"); + while (<ME>) { + last unless /^#/; + next if /usr.bin.perl/; + $_ =~ s/# ?//; + print; + } + exit; +} + +if ($ARGV[0] eq '-r') { # -r + shift; + $reverse = 1; +} elsif ($0 =~ /inet4to6$/) { + $reverse = 1; +} + +my $listen_port = shift; # ipv6-listen-port +my $connect_to = shift; # ipv4-host:port + +die "no listen port or connect-to-host:port\n" if ! $listen_port || ! $connect_to; + +# connect to host: +# +my $host = ''; +my $port = ''; +if ($connect_to =~ /^(.*):(\d+)$/) { + $host = $1; + $port = $2; +} +die "invalid connect-to-host:port\n" if ! $host || ! $port; + +setpgrp(0, 0); + +# create listening socket: +# +if (!$reverse) { + $listen_sock = IO::Socket::INET6->new( + Listen => 10, + LocalPort => $listen_port, + Domain => AF_INET6, + ReuseAddr => 1, + Proto => "tcp" + ); +} else { + $listen_sock = IO::Socket::INET->new( + Listen => 10, + LocalPort => $listen_port, + ReuseAddr => 1, + Proto => "tcp" + ); +} +if (! $listen_sock) { + die "inet6to4: $!\n"; +} + +# for use by the xfer helper processes' interrupt handlers: +# +my $current_fh1 = ''; +my $current_fh2 = ''; + +# connection counter: +# +my $conn = 0; + +# loop forever waiting for connections: +# +while (1) { + $conn++; + print STDERR "listening for connection: $conn\n" if $verbose; + my ($client, $ip) = $listen_sock->accept(); + + if ($client && !$reverse && $port == $listen_port) { + # This happens on Darwin 'tcp46' + if ($client->peerhost() =~ /^::ffff:/) { + print STDERR "closing client we think is actually us: ", + $client->peerhost(), "\n"; + close $client; + $client = undef; + } + } + if (! $client) { + # to throttle runaways + fsleep(2 * $waittime); + next; + } + print STDERR "conn: $conn -- ", $client->peerhost(), " at ", scalar(localtime), "\n" if $verbose; + + # spawn helper: + # + my $pid = fork(); + if (! defined $pid) { + die "inet6to4: $!\n"; + } elsif ($pid) { + wait; + # to throttle runaways + fsleep($waittime); + next; + } else { + # this is to avoid zombies: + close $listen_sock; + if (fork) { + exit 0; + } + setpgrp(0, 0); + handle_conn($client); + } +} + +exit 0; + +sub handle_conn { + my $client = shift; + + my $start = time(); + + print STDERR "connecting to: $host:$port\n" if $verbose; + + my $sock = ''; + if (!$reverse) { + $sock = IO::Socket::INET->new( + PeerAddr => $host, + PeerPort => $port, + Proto => "tcp" + ); + } else { + $sock = IO::Socket::INET6->new( + PeerAddr => $host, + PeerPort => $port, + Domain => AF_INET6, + Proto => "tcp" + ); + } + + if (! $sock) { + close $client; + die "inet6to4: $!\n"; + } + + $current_fh1 = $client; + $current_fh2 = $sock; + + # interrupt handler: + # + $SIG{TERM} = sub {print STDERR "got sigterm\[$$]\n" if $verbose; close $current_fh1; close $current_fh2; exit 0}; + + # spawn another helper and transfer the data: + # + my $parent = $$; + if (my $child = fork()) { + xfer($sock, $client, 'S->C'); + if ($killpid) { + fsleep(0.5); + kill 'TERM', $child; + } + } else { + xfer($client, $sock, 'C->S'); + if ($killpid) { + fsleep(0.75); + kill 'TERM', $parent; + } + } + + # done. + # + if ($verbose > 1) { + my $dt = time() - $start; + print STDERR "dt\[$$]: $dt\n"; + } + exit 0; +} + +# transfers data in one direction: +# +sub xfer { + my($in, $out, $lab) = @_; + my ($RIN, $WIN, $EIN, $ROUT); + $RIN = $WIN = $EIN = ""; + $ROUT = ""; + vec($RIN, fileno($in), 1) = 1; + vec($WIN, fileno($in), 1) = 1; + $EIN = $RIN | $WIN; + my $buf; + + while (1) { + my $nf = 0; + while (! $nf) { + $nf = select($ROUT=$RIN, undef, undef, undef); + } + my $len = sysread($in, $buf, 8192); + if (! defined($len)) { + next if $! =~ /^Interrupted/; + print STDERR "inet6to4\[$lab/$conn/$$]: $!\n"; + last; + } elsif ($len == 0) { + print STDERR "inet6to4\[$lab/$conn/$$]: " + . "Input is EOF.\n"; + last; + } + + if ($verbose > 4) { + # verbose debugging of data: + syswrite(STDERR , "\n$lab: ", 6); + syswrite(STDERR , $buf, $len); + } + + my $offset = 0; + my $quit = 0; + while ($len) { + my $written = syswrite($out, $buf, $len, $offset); + if (! defined $written) { + print STDERR "inet6to4\[$lab/$conn/$$]: " + . "Output is EOF. $!\n"; + $quit = 1; + last; + } + $len -= $written; + $offset += $written; + } + last if $quit; + } + close($in); + close($out); +} + +# sleep a fraction of a second: +# +sub fsleep { + my ($time) = @_; + select(undef, undef, undef, $time) if $time; +} diff --git a/x11vnc/misc/panner.pl b/x11vnc/misc/panner.pl new file mode 100755 index 0000000..344beee --- /dev/null +++ b/x11vnc/misc/panner.pl @@ -0,0 +1,117 @@ +#!/usr/bin/perl +# +# panner.pl: start up x11vnc in '-clip' mode viewing a small (WxH) +# rectangular region of the screen. Allow the viewer user +# to 'pan' around the display region by moving the mouse. +# +# Remote interaction with applications, e.g. clicking a +# button though the VNC viewer, will be very difficult. +# This may be useful in a 'demo' mode where the user sitting +# at the physical display is the only one moving the mouse. +# Depending on your usage the following x11vnc options may +# be useful: -nonap +# +# Usage: panner.pl WxH <x11vnc-args> (e.g. -display ...) +# or panner.pl WxH:0.05 <x11vnc-args> (e.g. 0.05 is polling time in secs.) + +use strict; + +my $WxH = shift; +my $poll_time; + +# split off poll time: +# +($WxH, $poll_time) = split(/:/, $WxH); +my ($W, $H) = split(/x/, $WxH); + +$poll_time = 0.1 unless $poll_time ne ''; + +# set to x11vnc command (e.g. full PATH) +# +my $x11vnc = "x11vnc"; + +# check if display was given: +# +my $query_args = ""; +for (my $i=0; $i < @ARGV; $i++) { + if ($ARGV[$i] eq '-display') { + $query_args = "-display $ARGV[$i+1]"; + } +} + +# find the size of display and the current mouse position: +my %v; +vset("DIRECT:wdpy_x,wdpy_y,pointer_x,pointer_y,pointer_same"); + +# set a -clip argument based on the above: +# +my $clip = ''; +clip_set(); +$clip = "${W}x${H}+0+0" unless $v{pointer_same}; + +# launch x11vnc with -clip in the background: +# +my $cmd = "$x11vnc -clip $clip -bg " . join(" ", @ARGV); +print STDERR "running: $cmd\n"; +system $cmd; + +# user can hit Ctrl-C or kill this script to quit (and stop x11vnc) +# +sub quit { + system("$x11vnc $query_args -R stop"); + exit 0; +} + +$SIG{INT} = \&quit; +$SIG{TERM} = \&quit; + +# loop forever waiting for mouse position to change, then shift -clip: +# +my $clip_old = $clip; +while (1) { + fsleep($poll_time); + vset("pointer_x,pointer_y,pointer_same"); + next unless $v{pointer_same}; + clip_set(); + if ($clip ne $clip_old) { + system("$x11vnc $query_args -R clip:$clip"); + $clip_old = $clip + } +} + +exit 0; + +# short sleep: +# +sub fsleep { + my ($time) = @_; + select(undef, undef, undef, $time) if $time; +} + +# set the -clip string, making sure view doesn't go off edges of display: +# +sub clip_set { + my $x = int($v{pointer_x} - $W/2); + my $y = int($v{pointer_y} - $H/2); + $x = 0 if $x < 0; + $y = 0 if $y < 0; + $x = $v{wdpy_x} - $W if $x + $W > $v{wdpy_x}; + $y = $v{wdpy_y} - $H if $y + $H > $v{wdpy_y}; + $clip = "${W}x${H}+$x+$y"; +} + +# query x11vnc for values, put results in the %v hash: +# +sub vset { + my $str = shift; + my $out = `$x11vnc $query_args -Q $str 2>/dev/null`; + chomp $out; + foreach my $pair (split(/,/, $out)) { + $pair =~ s/^a..=//; + my ($k, $v) = split(/:/, $pair, 2); + if ($k ne '' && $v ne '') { + print STDERR "k=$k v=$v\n" if $ENV{DEBUG}; + $v{$k} = $v; + } + } +} diff --git a/x11vnc/misc/ultravnc_repeater.pl b/x11vnc/misc/ultravnc_repeater.pl index 40af575..a305ebe 100755 --- a/x11vnc/misc/ultravnc_repeater.pl +++ b/x11vnc/misc/ultravnc_repeater.pl @@ -1,6 +1,6 @@ #!/usr/bin/env perl # -# Copyright (c) 2009 by Karl J. Runge <runge@karlrunge.com> +# Copyright (c) 2009-2010 by Karl J. Runge <runge@karlrunge.com> # # ultravnc_repeater.pl is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -41,17 +41,137 @@ usage: ultravnc_repeater.pl [-r] [client_port [server_port]] Use -r to refuse new server/client connections with an existing server/client ID. The default is to close the previous one. +To write to a log file set the env. var ULTRAVNC_REPEATER_LOGFILE. + +To run in a loop restarting the server if it exits set the env. var. +ULTRAVNC_REPEATER_LOOP=1 or ULTRAVNC_REPEATER_LOOP=BG, the latter +forks into the background. Set ULTRAVNC_REPEATER_PIDFILE to a file +to store the master pid in. + + Examples: + ultravnc_repeater.pl ultravnc_repeater.pl -r ultravnc_repeater.pl 5901 ultravnc_repeater.pl 5901 5501 + env ULTRAVNC_REPEATER_LOOP=BG ULTRAVNC_REPEATER_LOGFILE=/tmp/u.log ultravnc_repeater.pl ... + '; -use warnings; use strict; +# Set up logging: +# +if (exists $ENV{ULTRAVNC_REPEATER_LOGFILE}) { + close STDOUT; + if (!open(STDOUT, ">>$ENV{ULTRAVNC_REPEATER_LOGFILE}")) { + die "ultravnc_repeater.pl: $ENV{ULTRAVNC_REPEATER_LOGFILE} $!\n"; + } + close STDERR; + open(STDERR, ">&STDOUT"); +} +select(STDERR); $| = 1; +select(STDOUT); $| = 1; + +# interrupt handler: +# +my $looppid = ''; +my $pidfile = ''; +# +sub get_out { + print STDERR "$_[0]:\t$$ looppid=$looppid\n"; + if ($looppid) { + kill 'TERM', $looppid; + fsleep(0.2); + } + unlink $pidfile if $pidfile; + cleanup(); + exit 0; +} + +# These are overridden in actual server thread: +# +$SIG{INT} = \&get_out; +$SIG{TERM} = \&get_out; + +# pidfile: +# +sub open_pidfile { + if (exists $ENV{ULTRAVNC_REPEATER_PIDFILE}) { + my $pf = $ENV{ULTRAVNC_REPEATER_PIDFILE}; + if (open(PID, ">$pf")) { + print PID "$$\n"; + close PID; + $pidfile = $pf; + } else { + print STDERR "could not open pidfile: $pf - $! - continuing...\n"; + } + delete $ENV{ULTRAVNC_REPEATER_PIDFILE}; + } +} + +#################################################################### +# Set ULTRAVNC_REPEATER_LOOP=1 to have this script create an outer loop +# restarting itself if it ever exits. Set ULTRAVNC_REPEATER_LOOP=BG to +# do this in the background as a daemon. + +if (exists $ENV{ULTRAVNC_REPEATER_LOOP}) { + my $csl = $ENV{ULTRAVNC_REPEATER_LOOP}; + if ($csl ne 'BG' && $csl ne '1') { + die "ultravnc_repeater.pl: invalid ULTRAVNC_REPEATER_LOOP.\n"; + } + if ($csl eq 'BG') { + # go into bg as "daemon": + setpgrp(0, 0); + my $pid = fork(); + if (! defined $pid) { + die "ultravnc_repeater.pl: $!\n"; + } elsif ($pid) { + wait; + exit 0; + } + if (fork) { + exit 0; + } + setpgrp(0, 0); + close STDIN; + if (! $ENV{ULTRAVNC_REPEATER_LOGFILE}) { + close STDOUT; + close STDERR; + } + } + delete $ENV{ULTRAVNC_REPEATER_LOOP}; + + if (exists $ENV{ULTRAVNC_REPEATER_PIDFILE}) { + open_pidfile(); + } + + print STDERR "ultravnc_repeater.pl: starting service at ", scalar(localtime), " master-pid=$$\n"; + while (1) { + $looppid = fork; + if (! defined $looppid) { + sleep 10; + } elsif ($looppid) { + wait; + } else { + exec $0, @ARGV; + exit 1; + } + print STDERR "ultravnc_repeater.pl: re-starting service at ", scalar(localtime), " master-pid=$$\n"; + sleep 1; + } + exit 0; +} +if (exists $ENV{ULTRAVNC_REPEATER_PIDFILE}) { + open_pidfile(); +} + +# End of background/daemon stuff. +#################################################################### + +use warnings; use IO::Socket::INET; use IO::Select; @@ -85,6 +205,7 @@ my ($RIN, $WIN, $EIN, $ROUT); my $client_listen = IO::Socket::INET->new( Listen => 10, LocalPort => $client_port, + ReuseAddr => 1, Proto => "tcp" ); if (! $client_listen) { @@ -95,6 +216,7 @@ if (! $client_listen) { my $server_listen = IO::Socket::INET->new( Listen => 10, LocalPort => $server_port, + ReuseAddr => 1, Proto => "tcp" ); if (! $server_listen) { @@ -103,7 +225,7 @@ if (! $server_listen) { } my $select = new IO::Select(); -if (! select) { +if (! $select) { cleanup(); die "$prog: select $!\n"; } @@ -120,9 +242,6 @@ my $CURR = ''; print "watching for connections on ports $server_port/server and $client_port/client\n"; -select(STDERR); $| = 1; -select(STDOUT); $| = 1; - my $alarm_sock = ''; my $got_alarm = 0; sub alarm_handler { diff --git a/x11vnc/remote.c b/x11vnc/remote.c index 5985464..953f963 100644 --- a/x11vnc/remote.c +++ b/x11vnc/remote.c @@ -1191,7 +1191,23 @@ char *process_remote_cmd(char *cmd, int stringonly) { goto qry; } p += strlen("clip:"); - if (clip_str) free(clip_str); + if (clip_str) { + int w, h, x, y; + free(clip_str); + /* try to handle easy case where WxH is unchanged: */ + if (parse_geom(p, &w, &h, &x, &y, wdpy_x, wdpy_y)) { + if (cdpy_x == w && cdpy_y == h) { + if (x >= 0 && y >= 0) { + if (x + w <= wdpy_x && y + h <= wdpy_y) { + coff_x = x; + coff_y = y; + clip_str = strdup(p); + goto done; + } + } + } + } + } clip_str = strdup(p); /* OK, this requires a new fb... */ @@ -5925,15 +5941,25 @@ char *process_remote_cmd(char *cmd, int stringonly) { } goto qry; } - - if (!strcmp(p, "pointer_pos")) { + if (!strcmp(p, "pointer_pos") || !strcmp(p, "pointer_x") || !strcmp(p, "pointer_y") || !strcmp(p, "pointer_same") || !strcmp(p, "pointer_root")) { int px = -1, py = -1; int wx, wy; unsigned int m; Window r, c; + Bool same_screen = True; - snprintf(buf, bufn, "aro=%s:%d,%d", p, px, py); + if (!strcmp(p, "pointer_pos")) { /* skip-cmd-list */ + snprintf(buf, bufn, "aro=%s:%d,%d", p, px, py); + } else if (!strcmp(p, "pointer_x")) { /* skip-cmd-list */ + snprintf(buf, bufn, "aro=%s:%d", p, px); + } else if (!strcmp(p, "pointer_y")) { /* skip-cmd-list */ + snprintf(buf, bufn, "aro=%s:%d", p, py); + } else if (!strcmp(p, "pointer_same")) { /* skip-cmd-list */ + snprintf(buf, bufn, "aro=%s:%d", p, same_screen); + } else if (!strcmp(p, "pointer_root")) { /* skip-cmd-list */ + snprintf(buf, bufn, "aro=%s:0x%x", p, (unsigned int) rootwin); + } if (!dpy) { goto qry; } @@ -5941,12 +5967,22 @@ char *process_remote_cmd(char *cmd, int stringonly) { goto qry; #else X_LOCK; - XQueryPointer_wr(dpy, rootwin, &r, &c, &px, &py, &wx, &wy, &m); + same_screen = XQueryPointer_wr(dpy, rootwin, &r, &c, &px, &py, &wx, &wy, &m); X_UNLOCK; #endif - snprintf(buf, bufn, "aro=%s:%d,%d", p, px, py); - rfbLog("remote_cmd: pointer_pos: %s\n", buf); + if (!strcmp(p, "pointer_pos")) { /* skip-cmd-list */ + snprintf(buf, bufn, "aro=%s:%d,%d", p, px, py); + } else if (!strcmp(p, "pointer_x")) { /* skip-cmd-list */ + snprintf(buf, bufn, "aro=%s:%d", p, px); + } else if (!strcmp(p, "pointer_y")) { /* skip-cmd-list */ + snprintf(buf, bufn, "aro=%s:%d", p, py); + } else if (!strcmp(p, "pointer_same")) { /* skip-cmd-list */ + snprintf(buf, bufn, "aro=%s:%d", p, same_screen); + } else if (!strcmp(p, "pointer_root")) { /* skip-cmd-list */ + snprintf(buf, bufn, "aro=%s:0x%x", p, (unsigned int) r); + } + rfbLog("remote_cmd: %s: %s\n", p, buf); goto qry; } if (!strcmp(p, "bpp")) { diff --git a/x11vnc/sslhelper.c b/x11vnc/sslhelper.c index 3d19834..ab2a43f 100644 --- a/x11vnc/sslhelper.c +++ b/x11vnc/sslhelper.c @@ -3460,6 +3460,7 @@ void accept_openssl(int mode, int presock) { char reply[] = "HTTP/1.0 200 OK\r\n" "Content-Type: octet-stream\r\n" "Connection: Keep-Alive\r\n" + "VNC-Server: x11vnc\r\n" "Pragma: no-cache\r\n\r\n"; /* * special case proxy coming thru https @@ -3503,6 +3504,7 @@ void accept_openssl(int mode, int presock) { char reply[] = "HTTP/1.0 200 OK\r\n" "Connection: close\r\n" "Content-Type: octet-stream\r\n" + "VNC-Server: x11vnc\r\n" "Pragma: no-cache\r\n\r\n"; rfbLog("Handling Check HTTPS request via https GET. [%d]\n", getpid()); @@ -3782,14 +3784,14 @@ void accept_openssl(int mode, int presock) { q = strstr(rcookie, "VENCRYPT="); if (q && sscanf(q, "VENCRYPT=%d,", &vencrypt_sel) == 1) { if (vencrypt_sel != 0) { - rfbLog("SSL: VENCRYPT mode=%d accepted.\n", vencrypt_sel); + rfbLog("SSL: VENCRYPT mode=%d accepted. helper[%d]\n", vencrypt_sel, pid); goto accept_client; } } q = strstr(rcookie, "ANONTLS="); if (q && sscanf(q, "ANONTLS=%d,", &anontls_sel) == 1) { if (anontls_sel != 0) { - rfbLog("SSL: ANONTLS mode=%d accepted.\n", anontls_sel); + rfbLog("SSL: ANONTLS mode=%d accepted. helper[%d]\n", anontls_sel, pid); goto accept_client; } } @@ -3803,6 +3805,12 @@ void accept_openssl(int mode, int presock) { if (strstr(rcookie, uniq) == rcookie) { int i; + double https_download_wait_time = 15.0; + + if (getenv("X11VNC_HTTPS_DOWNLOAD_WAIT_TIME")) { + https_download_wait_time = atof(getenv("X11VNC_HTTPS_DOWNLOAD_WAIT_TIME")); + } + rfbLog("SSL: BUT WAIT! HTTPS for helper process[%d] succeeded. Good.\n", pid); if (mode != OPENSSL_HTTPS) { last_https = dnow(); @@ -3814,6 +3822,7 @@ void accept_openssl(int mode, int presock) { } if (rcookie && strstr(rcookie, "VncViewer.class")) { rfbLog("\n"); + rfbLog("helper[%d]:\n", pid); rfbLog("***********************************************************\n"); rfbLog("SSL: WARNING CLIENT ASKED FOR NONEXISTENT 'VncViewer.class'\n"); rfbLog("SSL: USER NEEDS TO **RESTART** HIS WEB BROWSER.\n"); @@ -3841,31 +3850,34 @@ void accept_openssl(int mode, int presock) { } screen->port = useport; if (origport != useport) { - rfbLog("SSL: -httpsredir guess port: %d\n", screen->port); + rfbLog("SSL: -httpsredir guess port: %d helper[%d]\n", screen->port, pid); } start = dnow(); - while (dnow() < start + 10.0) { + while (dnow() < start + https_download_wait_time) { if (screen->httpSock >= 0) saw_httpsock = 1; rfbPE(10000); usleep(10000); if (screen->httpSock >= 0) saw_httpsock = 1; waitpid(pid, &status, WNOHANG); if (kill(pid, 0) != 0) { - rfbPE(10000); - rfbPE(10000); + rfbLog("SSL: helper[%d] pid finished\n", pid); break; } - if (saw_httpsock && screen->httpSock < 0) { + if (0 && saw_httpsock && screen->httpSock < 0) { + /* this check can kill the helper too soon. */ rfbLog("SSL: httpSock for helper[%d] went away\n", pid); - rfbPE(10000); - rfbPE(10000); break; } } - screen->port = origport; rfbLog("SSL: guessing child helper[%d] https finished. dt=%.6f\n", pid, dnow() - start); + + rfbPE(10000); + rfbPE(10000); + rfbPE(10000); + + screen->port = origport; ssl_helper_pid(0, -2); if (mode == OPENSSL_INETD) { clean_up_exit(1); @@ -3888,31 +3900,34 @@ void accept_openssl(int mode, int presock) { } } } - rfbLog("SSL: screen->port %d\n", screen->port); + rfbLog("SSL: screen->port %d for helper[%d]\n", screen->port, pid); /* kludge for https fetch via inetd */ start = dnow(); - while (dnow() < start + 10.0) { + while (dnow() < start + https_download_wait_time) { if (screen->httpSock >= 0) saw_httpsock = 1; rfbPE(10000); usleep(10000); if (screen->httpSock >= 0) saw_httpsock = 1; waitpid(pid, &status, WNOHANG); if (kill(pid, 0) != 0) { - rfbPE(10000); - rfbPE(10000); + rfbLog("SSL: helper[%d] pid finished\n", pid); break; } - if (saw_httpsock && screen->httpSock < 0) { + if (0 && saw_httpsock && screen->httpSock < 0) { + /* this check can kill the helper too soon. */ rfbLog("SSL: httpSock for helper[%d] went away\n", pid); - rfbPE(10000); - rfbPE(10000); break; } } rfbLog("SSL: OPENSSL_INETD guessing " "child helper[%d] https finished. dt=%.6f\n", pid, dnow() - start); + + rfbPE(10000); + rfbPE(10000); + rfbPE(10000); + ssl_helper_pid(0, -2); clean_up_exit(1); } diff --git a/x11vnc/ssltools.h b/x11vnc/ssltools.h index a08ebb8..534dbdd 100644 --- a/x11vnc/ssltools.h +++ b/x11vnc/ssltools.h @@ -1603,7 +1603,7 @@ char create_display[] = " fi\n" " if [ -f \"$home/.dmrc\" ]; then\n" " if [ \"X$have_startkde\" != \"X\" ]; then\n" -" if egrep -i 'Session=(default|kde)' \"$home/.dmrc\" > /dev/null; then\n" +" if egrep -i 'Session=kde' \"$home/.dmrc\" > /dev/null; then\n" " echo \"$have_startkde\"\n" " return\n" " fi\n" @@ -1632,6 +1632,18 @@ char create_display[] = " fi\n" " \n" " done\n" +" if egrep -i 'Session=default' \"$home/.dmrc\" > /dev/null; then\n" +" if [ \"X$have_gnome_session\" != \"X\" ]; then\n" +" echo \"$have_gnome_session\"\n" +" return\n" +" elif [ \"X$have_startkde\" != \"X\" ]; then\n" +" echo \"$have_startkde\"\n" +" return\n" +" elif [ \"X$have_startxfce\" != \"X\" ]; then\n" +" echo \"$have_startxfce\"\n" +" return\n" +" fi\n" +" fi\n" " fi\n" " if [ -f \"$home/.xsession\" ]; then\n" " echo \"$home/.xsession\"\n" @@ -1851,19 +1863,30 @@ char create_display[] = "\n" " if [ \"X$use_xdmcp_query\" = \"X1\" ]; then\n" " # we cannot use -nolisten tcp\n" -" echo \"$* -once -query localhost $FD_OPTS\" 1>&2\n" +" if [ \"X$FD_XDMCP_IF\" != \"X\" ]; then\n" +" lhost=$FD_XDMCP_IF\n" +" elif [ \"X$have_netstat\" = \"X\" ]; then\n" +" lhost=localhost\n" +" elif $have_netstat -an | grep -w 177 | grep -w udp > /dev/null; then\n" +" lhost=localhost\n" +" elif $have_netstat -an | grep -w 177 | grep -w udp6 > /dev/null; then\n" +" lhost=::1\n" +" else\n" +" lhost=localhost\n" +" fi\n" +" echo \"$* -once -query $lhost $FD_OPTS\" 1>&2\n" " if [ \"X$have_root\" != \"X\" ]; then\n" " if [ -r $authfile ]; then\n" -" $have_nohup $* -once -query localhost -auth $authfile $FD_OPTS 1>&2 &\n" +" $have_nohup $* -once -query $lhost -auth $authfile $FD_OPTS 1>&2 &\n" " else\n" " # why did we have this?\n" -" $have_nohup $* -once -query localhost $FD_OPTS 1>&2 &\n" +" $have_nohup $* -once -query $lhost $FD_OPTS 1>&2 &\n" " fi\n" " else\n" " if [ \"X$ns\" = \"X0\" ]; then\n" -" $have_nohup sh -c \"$* -once -query localhost -auth $authfile $FD_OPTS\" 1>&2 &\n" +" $have_nohup sh -c \"$* -once -query $lhost -auth $authfile $FD_OPTS\" 1>&2 &\n" " else\n" -" $have_nohup sh -c \"(sleep $ns; $* -once -query localhost -auth $authfile $FD_OPTS)\" 1>&2 &\n" +" $have_nohup sh -c \"(sleep $ns; $* -once -query $lhost -auth $authfile $FD_OPTS)\" 1>&2 &\n" " #result=1\n" " fi\n" " fi\n" diff --git a/x11vnc/user.c b/x11vnc/user.c index 12783f0..be2370e 100644 --- a/x11vnc/user.c +++ b/x11vnc/user.c @@ -1956,7 +1956,7 @@ static char *build_create_cmd(char *cmd, int *saw_xdmcp, char *usslpeer, char *t char st[] = ""; char fdgeom[128], fdsess[128], fdopts[128], fdextra[256], fdprog[128]; char fdxsrv[128], fdxdum[128], fdcups[128], fdesd[128]; - char fdnas[128], fdsmb[128], fdtag[128]; + char fdnas[128], fdsmb[128], fdtag[128], fdxdmcpif[128]; char cdout[128]; if (opts) { @@ -1980,6 +1980,7 @@ static char *build_create_cmd(char *cmd, int *saw_xdmcp, char *usslpeer, char *t fdnas[0] = '\0'; fdsmb[0] = '\0'; fdtag[0] = '\0'; + fdxdmcpif[0] = '\0'; cdout[0] = '\0'; if (unixpw && keep_unixpw_opts && keep_unixpw_opts[0] != '\0') { @@ -2122,6 +2123,9 @@ static char *build_create_cmd(char *cmd, int *saw_xdmcp, char *usslpeer, char *t if (fdtag[0] == '\0' && getenv("FD_TAG")) { snprintf(fdtag, 120, "%s", getenv("FD_TAG")); } + if (fdxdmcpif[0] == '\0' && getenv("FD_XDMCP_IF")) { + snprintf(fdxdmcpif, 120, "%s", getenv("FD_XDMCP_IF")); + } if (fdxdum[0] == '\0' && getenv("FD_XDUMMY_RUN_AS_ROOT")) { snprintf(fdxdum, 120, "%s", getenv("FD_XDUMMY_RUN_AS_ROOT")); } @@ -2139,6 +2143,7 @@ static char *build_create_cmd(char *cmd, int *saw_xdmcp, char *usslpeer, char *t if (strchr(fdnas, '\'')) fdnas[0] = '\0'; if (strchr(fdsmb, '\'')) fdsmb[0] = '\0'; if (strchr(fdtag, '\'')) fdtag[0] = '\0'; + if (strchr(fdxdmcpif, '\'')) fdxdmcpif[0] = '\0'; if (strchr(fdxdum, '\'')) fdxdum[0] = '\0'; if (strchr(fdsess, '\'')) fdsess[0] = '\0'; if (strchr(cdout, '\'')) cdout[0] = '\0'; @@ -2153,6 +2158,7 @@ static char *build_create_cmd(char *cmd, int *saw_xdmcp, char *usslpeer, char *t set_env("FD_NAS", fdnas); set_env("FD_SMB", fdsmb); set_env("FD_TAG", fdtag); + set_env("FD_XDMCP_IF", fdxdmcpif); set_env("FD_XDUMMY_RUN_AS_ROOT", fdxdum); set_env("FD_SESS", fdsess); @@ -2176,6 +2182,7 @@ static char *build_create_cmd(char *cmd, int *saw_xdmcp, char *usslpeer, char *t + strlen("FD_NAS='' ") + strlen("FD_SMB='' ") + strlen("FD_TAG='' ") + + strlen("FD_XDMCP_IF='' ") + strlen("FD_XDUMMY_RUN_AS_ROOT='' ") + strlen("FD_SESS='' /bin/sh ") + strlen(uu) + 1 @@ -2189,16 +2196,17 @@ static char *build_create_cmd(char *cmd, int *saw_xdmcp, char *usslpeer, char *t + strlen(fdnas) + 1 + strlen(fdsmb) + 1 + strlen(fdtag) + 1 + + strlen(fdxdmcpif) + 1 + strlen(fdxdum) + 1 + strlen(fdsess) + 1 + strlen(cdout) + 1 + strlen(opts) + 1); sprintf(create_cmd, "env USER='%s' FD_GEOM='%s' FD_SESS='%s' " "FD_OPTS='%s' FD_EXTRA='%s' FD_PROG='%s' FD_XSRV='%s' FD_CUPS='%s' " - "FD_ESD='%s' FD_NAS='%s' FD_SMB='%s' FD_TAG='%s' " + "FD_ESD='%s' FD_NAS='%s' FD_SMB='%s' FD_TAG='%s' FD_XDMCP_IF='%s' " "FD_XDUMMY_RUN_AS_ROOT='%s' %s /bin/sh %s %s", uu, fdgeom, fdsess, fdopts, fdextra, fdprog, fdxsrv, - fdcups, fdesd, fdnas, fdsmb, fdtag, fdxdum, cdout, tmp, opts); + fdcups, fdesd, fdnas, fdsmb, fdtag, fdxdmcpif, fdxdum, cdout, tmp, opts); } else { create_cmd = (char *) malloc(strlen(tmp) + strlen("/bin/sh ") + 1 + strlen(opts) + 1); diff --git a/x11vnc/x11vnc.1 b/x11vnc/x11vnc.1 index 4d193c3..41e41ad 100644 --- a/x11vnc/x11vnc.1 +++ b/x11vnc/x11vnc.1 @@ -1,8 +1,8 @@ .\" This file was automatically generated from x11vnc -help output. -.TH X11VNC "1" "February 2010" "x11vnc " "User Commands" +.TH X11VNC "1" "March 2010" "x11vnc " "User Commands" .SH NAME x11vnc - allow VNC connections to real X11 displays - version: 0.9.10, lastmod: 2010-02-21 + version: 0.9.10, lastmod: 2010-03-20 .SH SYNOPSIS .B x11vnc [OPTION]... @@ -558,6 +558,11 @@ to the program location and in standard locations \fB-http_ssl\fR .IP As \fB-http,\fR but force lookup for ssl classes subdir. +.IP +Note that for HTTPS, single-port Java applet delivery +you can set X11VNC_HTTPS_DOWNLOAD_WAIT_TIME to the +max number of seconds to wait for the applet download +to finish. The default is 15. .PP \fB-avahi\fR .IP @@ -1061,9 +1066,31 @@ Use "deny" to explicitly deny some users if you use the user is allowed, but the option values associated with it do apply as normal. .IP -There are also some utilities for testing password +There are also some utilities for checking passwords if [list] starts with the "%" character. See the -quick_pw() function in the source for details. +quick_pw() function for more details. Description: +"%-" or "%stdin" means read one line from stdin. +"%env" means it is in $UNIXPW env var. A leading +"%/" or "%." means read the first line from the +filename that follows after the % character. % by +itself means prompt for the username and password. +Otherwise: %user:pass E.g. \fB-unixpw\fR %fred:swordfish +For the other cases user:pass is read from the indicated +source. If the password is correct 'Y user' is printed +and the program exit code is 0. If the password is +incorrect it prints 'N user' and the exit code is 1. +If there is some other error the exit code is 2. +This feature enables x11vnc to be a general unix user +password checking tool; it could be used from scripts +or other programs. These % password checks also apply +to the \fB-unixpw_nis\fR and \fB-unixpw_cmd\fR options. +.IP +For the % password check, if the env. var. UNIXPW_CMD +is set to a command then it is run as the user (assuming +the password is correct.) The output of the command is +not printed, the program or script must manage that by +some other means. The exit code of x11vnc will depend +on the exit code of the command that is run. .IP Use \fB-nounixpw\fR to disable unixpw mode if it was enabled earlier in the cmd line (e.g. \fB-svc\fR mode) @@ -1184,8 +1211,11 @@ and if it has the permissions to do so. .PP \fB-find\fR .IP -Find the user's display using FINDDISPLAY. This is an -alias for "\fB-display\fR \fIWAIT:cmd=FINDDISPLAY\fR". +Find the user's display using FINDDISPLAY. This +is an alias for "\fB-display\fR \fIWAIT:cmd=FINDDISPLAY\fR". +.IP +Note: if a \fB-display\fR occurs later on the command line +it will override the \fB-find\fR setting. .IP For this and the next few options see \fB-display\fR WAIT:... below for all of the details. @@ -1232,6 +1262,9 @@ if that doesn't succeed create an X session via the FINDCREATEDISPLAY method. This is an alias for "\fB-display\fR \fIWAIT:cmd=FINDCREATEDISPLAY-Xvfb\fR". .IP +Note: if a \fB-display\fR occurs later on the command line +it will override the \fB-create\fR setting. +.IP SSH NOTE: for both \fB-find\fR and \fB-create\fR you can (should!) add the "\fB-localhost\fR" option to force SSH tunnel access. .PP @@ -1263,6 +1296,10 @@ Example: \fB-svc\fR ... \fB-create_xsrv\fR Xdummy,X Terminal services mode based on SSL access. Alias for \fB-display\fR WAIT:cmd=FINDCREATEDISPLAY-Xvfb \fB-unixpw\fR \fB-users\fR unixpw= \fB-ssl\fR SAVE Also "\fB-service\fR". +.IP +Note: if a \fB-display,\fR \fB-unixpw,\fR \fB-users,\fR or \fB-ssl\fR occurs +later on the command line it will override the \fB-svc\fR +setting. .PP \fB-svc_xdummy\fR .IP @@ -1282,6 +1319,10 @@ Display manager Terminal services mode based on SSL. Alias for \fB-display\fR WAIT:cmd=FINDCREATEDISPLAY-Xvfb.xdmcp \fB-unixpw\fR \fB-users\fR unixpw= \fB-ssl\fR SAVE Also "\fB-xdm_service\fR". .IP +Note: if a \fB-display,\fR \fB-unixpw,\fR \fB-users,\fR or \fB-ssl\fR occurs +later on the command line it will override the \fB-xdmsvc\fR +setting. +.IP To create a session a user will have to first log in to the \fB-unixpw\fR dialog and then log in again to the XDM/GDM/KDM prompt. Subsequent re-connections will @@ -1654,6 +1695,11 @@ to be a unique name for the session, it is set as an X property, that makes FINDDISPLAY only find sessions with that tag value. .IP +Set FD_XDMCP_IF to the network interface that the +display manager is running on; default is 'localhost' +but you may need to set it to '::1' on some IPv6 only +systems or misconfigured display managers. +.IP If you want the FINDCREATEDISPLAY session to contact an XDMCP login manager (xdm/gdm/kdm) on the same machine, then use "Xvfb.xdmcp" instead of "Xvfb", etc. @@ -2370,7 +2416,7 @@ exits. .IP Use the .IR stunnel (8) -(www.stunnel.org) to provide an +(stunnel.mirt.net) to provide an encrypted SSL tunnel between viewers and x11vnc. .IP This external tunnel method was implemented prior to the @@ -5838,6 +5884,14 @@ grab_state get state of pointer and keyboard grab. .IP pointer_pos print XQueryPointer x,y cursor position. .IP +pointer_x print XQueryPointer x cursor position. +.IP +pointer_y print XQueryPointer y cursor position. +.IP +pointer_same print XQueryPointer ptr on same screen. +.IP +pointer_root print XQueryPointer curr ptr rootwin. +.IP mouse_x print x11vnc's idea of cursor position. .IP mouse_y print x11vnc's idea of cursor position. @@ -6234,18 +6288,18 @@ loop loopbg desktopname guess_desktop guess_dbus http_url auth xauth users rootshift clipshift scale_str scaled_x scaled_y scale_numer scale_denom scale_fac_x scale_fac_y scaling_blend scaling_nomult4 scaling_pad -scaling_interpolate inetd privremote unsafe safer -nocmds passwdfile unixpw unixpw_nis unixpw_list ssl -ssl_pem sslverify stunnel stunnel_pem https httpsredir -usepw using_shm logfile o flag rmflag rc norc h help -V version lastmod bg sigpipe threads readrate netrate -netlatency pipeinput clients client_count pid ext_xtest -ext_xtrap ext_xrecord ext_xkb ext_xshm ext_xinerama -ext_overlay ext_xfixes ext_xdamage ext_xrandr rootwin -num_buttons button_mask mouse_x mouse_y grab_state -pointer_pos bpp depth indexed_color dpy_x dpy_y wdpy_x -wdpy_y off_x off_y cdpy_x cdpy_y coff_x coff_y rfbauth -passwd viewpasswd +scaling_interpolate inetd privremote unsafe safer nocmds +passwdfile unixpw unixpw_nis unixpw_list ssl ssl_pem +sslverify stunnel stunnel_pem https httpsredir usepw +using_shm logfile o flag rmflag rc norc h help V version +lastmod bg sigpipe threads readrate netrate netlatency +pipeinput clients client_count pid ext_xtest ext_xtrap +ext_xrecord ext_xkb ext_xshm ext_xinerama ext_overlay +ext_xfixes ext_xdamage ext_xrandr rootwin num_buttons +button_mask mouse_x mouse_y grab_state pointer_pos +pointer_x pointer_y pointer_same pointer_root bpp depth +indexed_color dpy_x dpy_y wdpy_x wdpy_y off_x off_y +cdpy_x cdpy_y coff_x coff_y rfbauth passwd viewpasswd .PP \fB-QD\fR \fIvariable\fR .IP diff --git a/x11vnc/x11vnc.c b/x11vnc/x11vnc.c index d3a4b7c..d659651 100644 --- a/x11vnc/x11vnc.c +++ b/x11vnc/x11vnc.c @@ -1321,10 +1321,10 @@ static void quick_pw(char *str) { if (db) fprintf(stderr, "quick_pw: %s\n", str); if (! str || str[0] == '\0') { - exit(1); + exit(2); } if (str[0] != '%') { - exit(1); + exit(2); } /* * "%-" or "%stdin" means read one line from stdin. @@ -1339,19 +1339,19 @@ static void quick_pw(char *str) { */ if (!strcmp(str, "%-") || !strcmp(str, "%stdin")) { if(fgets(tmp, 1024, stdin) == NULL) { - exit(1); + exit(2); } q = strdup(tmp); } else if (!strcmp(str, "%env")) { if (getenv("UNIXPW") == NULL) { - exit(1); + exit(2); } q = strdup(getenv("UNIXPW")); } else if (!strcmp(str, "%%") || !strcmp(str, "%")) { char *t, inp[1024]; fprintf(stdout, "username: "); if(fgets(tmp, 128, stdin) == NULL) { - exit(1); + exit(2); } strcpy(inp, tmp); t = strchr(inp, '\n'); @@ -1367,7 +1367,7 @@ static void quick_pw(char *str) { if(fgets(tmp, 128, stdin) == NULL) { fprintf(stdout, "\n"); system("stty echo"); - exit(1); + exit(2); } system("stty echo"); fprintf(stdout, "\n"); @@ -1376,10 +1376,10 @@ static void quick_pw(char *str) { } else if (str[1] == '/' || str[1] == '.') { FILE *in = fopen(str+1, "r"); if (in == NULL) { - exit(1); + exit(2); } if(fgets(tmp, 1024, in) == NULL) { - exit(1); + exit(2); } q = strdup(tmp); } else { @@ -1392,7 +1392,7 @@ static void quick_pw(char *str) { } if ((q = strchr(p, ':')) == NULL) { - exit(1); + exit(2); } *q = '\0'; if (db) fprintf(stderr, "'%s' '%s'\n", p, q+1); @@ -1413,7 +1413,8 @@ static void quick_pw(char *str) { exit(1); } } else { - if (su_verify(p, q+1, NULL, NULL, NULL, 1)) { + char *ucmd = getenv("UNIXPW_CMD"); + if (su_verify(p, q+1, ucmd, NULL, NULL, 1)) { fprintf(stdout, "Y %s\n", p); exit(0); } else { @@ -1422,7 +1423,7 @@ static void quick_pw(char *str) { } } /* NOTREACHED */ - exit(1); + exit(2); } static void print_settings(int try_http, int bg, char *gui_str) { @@ -2629,7 +2630,7 @@ int main(int argc, char* argv[]) { if (s[0] == '%') { unixpw_list = NULL; quick_pw(s); - exit(1); + exit(2); } } if (strstr(arg, "_unsafe")) { diff --git a/x11vnc/x11vnc_defs.c b/x11vnc/x11vnc_defs.c index 42211e2..740b4a3 100644 --- a/x11vnc/x11vnc_defs.c +++ b/x11vnc/x11vnc_defs.c @@ -47,7 +47,7 @@ int xtrap_base_event_type = 0; int xdamage_base_event_type = 0; /* date +'lastmod: %Y-%m-%d' */ -char lastmod[] = "0.9.10 lastmod: 2010-02-21"; +char lastmod[] = "0.9.10 lastmod: 2010-03-20"; /* X display info */ |