[pve-devel] r5409 - vncterm/pve2/vncpatches
svn-commits at proxmox.com
svn-commits at proxmox.com
Fri Jan 21 10:27:11 CET 2011
Author: dietmar
Date: 2011-01-21 10:27:11 +0100 (Fri, 21 Jan 2011)
New Revision: 5409
Modified:
vncterm/pve2/vncpatches/patch2.diff
Log:
Modified: vncterm/pve2/vncpatches/patch2.diff
===================================================================
--- vncterm/pve2/vncpatches/patch2.diff 2011-01-21 09:17:00 UTC (rev 5408)
+++ vncterm/pve2/vncpatches/patch2.diff 2011-01-21 09:27:11 UTC (rev 5409)
@@ -1,7 +1,79 @@
Index: vnc/libvncserver/auth.c
===================================================================
--- vnc.orig/libvncserver/auth.c 2006-12-15 02:43:52.000000000 +0100
-+++ vnc/libvncserver/auth.c 2011-01-20 13:35:13.000000000 +0100
++++ vnc/libvncserver/auth.c 2011-01-21 10:19:08.000000000 +0100
+@@ -8,7 +8,7 @@
+ /*
+ * Copyright (C) 2005 Rohit Kumar, Johannes E. Schindelin
+ * OSXvnc Copyright (C) 2001 Dan McGuirk <mcguirk at incompleteness.net>.
+- * Original Xvnc code Copyright (C) 1999 AT&T Laboratories Cambridge.
++ * Original Xvnc code Copyright (C) 1999 AT&T Laboratories Cambridge.
+ * All Rights Reserved.
+ *
+ * This is free software; you can redistribute it and/or modify
+@@ -40,8 +40,8 @@
+ static rfbSecurityHandler* securityHandlers = NULL;
+
+ /*
+- * This method registers a list of new security types.
+- * It avoids same security type getting registered multiple times.
++ * This method registers a list of new security types.
++ * It avoids same security type getting registered multiple times.
+ * The order is not preserved if multiple security types are
+ * registered at one-go.
+ */
+@@ -71,9 +71,9 @@
+ }
+
+ /*
+- * This method unregisters a list of security types.
++ * This method unregisters a list of security types.
+ * These security types won't be available for any new
+- * client connection.
++ * client connection.
+ */
+ void
+ rfbUnregisterSecurityHandler(rfbSecurityHandler* handler)
+@@ -109,8 +109,8 @@
+ static void
+ rfbVncAuthSendChallenge(rfbClientPtr cl)
+ {
+-
+- /* 4 byte header is alreay sent. Which is rfbSecTypeVncAuth
++
++ /* 4 byte header is alreay sent. Which is rfbSecTypeVncAuth
+ (same as rfbVncAuth). Just send the challenge. */
+ rfbRandomBytes(cl->authChallenge);
+ if (rfbWriteExact(cl, (char *)cl->authChallenge, CHALLENGESIZE) < 0) {
+@@ -118,7 +118,7 @@
+ rfbCloseClient(cl);
+ return;
+ }
+-
++
+ /* Dispatch client input to rfbVncAuthProcessResponse. */
+ cl->state = RFB_AUTHENTICATION;
+ }
+@@ -147,8 +147,8 @@
+
+
+ /*
+- * Advertise the supported security types (protocol 3.7). Here before sending
+- * the list of security types to the client one more security type is added
++ * Advertise the supported security types (protocol 3.7). Here before sending
++ * the list of security types to the client one more security type is added
+ * to the list if primaryType is not set to rfbSecTypeInvalid. This security
+ * type is the standard vnc security type which does the vnc authentication
+ * or it will be security type for no authentication.
+@@ -166,7 +166,7 @@
+ rfbVncAuthNone,
+ NULL
+ };
+-
++
+
+ static void
+ rfbSendSecurityTypeList(rfbClientPtr cl, int primaryType)
@@ -270,8 +270,9 @@
int32_t securityType = rfbSecTypeInvalid;
@@ -14,26 +86,37 @@
} else if (cl->screen->authPasswdData) {
securityType = rfbSecTypeVncAuth;
}
+@@ -302,7 +303,7 @@
+ int n;
+ uint8_t chosenType;
+ rfbSecurityHandler* handler;
+-
++
+ /* Read the security type. */
+ n = rfbReadExact(cl, (char *)&chosenType, 1);
+ if (n <= 0) {
Index: vnc/newterm/Makefile.am
===================================================================
--- vnc.orig/newterm/Makefile.am 2011-01-20 13:31:26.000000000 +0100
-+++ vnc/newterm/Makefile.am 2011-01-20 13:45:06.000000000 +0100
-@@ -1,7 +1,7 @@
++++ vnc/newterm/Makefile.am 2011-01-21 10:20:21.000000000 +0100
+@@ -1,9 +1,9 @@
-AM_CFLAGS=-I $(top_srcdir)
+AM_CFLAGS=-I $(top_srcdir) -DDEBUG
-LDADD=../libvncserver/libvncserver.la @WSOCKLIB@ -lutil
--INCLUDES=-I.
+LDADD= ../libvncserver/libvncserver.la @WSOCKLIB@ -lgnutls -lutil
-+INCLUDES=-I.
+ INCLUDES=-I.
- noinst_PROGRAMS=vncterm
+-noinst_PROGRAMS=vncterm
++noinst_PROGRAMS=vncterm
vncterm_SOURCES=vncterm.c vncterm.h
+
+
Index: vnc/newterm/vncterm.c
===================================================================
--- vnc.orig/newterm/vncterm.c 2011-01-20 13:41:18.000000000 +0100
-+++ vnc/newterm/vncterm.c 2011-01-21 08:29:20.000000000 +0100
-@@ -37,6 +37,170 @@
++++ vnc/newterm/vncterm.c 2011-01-21 10:24:41.000000000 +0100
+@@ -37,6 +37,173 @@
#include "vncterm.h"
#include "glyphs.h"
@@ -41,14 +124,15 @@
+#include <gnutls/x509.h>
+
+char *auth_path = "/";
++char *auth_perm = "VM.Console";
+
+/* launch expernal script to verify credential */
-+int
++int
+pve_auth_verify(const char *username, const char *passwd)
+{
+ sigset_t oldmask, mask;
+ int pid, status;
-+ char *args[4];
++ char *args[20];
+ char **parg;
+ char *env[2];
+ char **penv;
@@ -57,7 +141,7 @@
+
+ sprintf(pwenv, "PVE_PW_TICKET=%s", passwd);
+
-+ const char *script ="/usr/bin/pve-authhelper";
++ const char *script ="/usr/sbin/pveum";
+
+ sigemptyset(&mask);
+ sigaddset(&mask, SIGCHLD);
@@ -77,8 +161,10 @@
+ }
+ parg = args;
+ *parg++ = (char *)script;
++ *parg++ = "auth";
+ *parg++ = (char *)auth_path;
+ *parg++ = (char *)username;
++ *parg++ = (char *)auth_perm;
+ *parg = NULL;
+ penv = env;
+ *penv++ = (char *)pwenv;
@@ -204,7 +290,7 @@
/* define this for debugging */
//#define DEBUG
-@@ -45,10 +209,275 @@
+@@ -45,10 +212,275 @@
#define rfbSecTypeVencrypt 19
#define rfbVencryptTlsPlain 259
@@ -284,7 +370,7 @@
+ rfbWriteExact(cl, buf, 4);
+ if (cl->protocolMinorVersion >= 8) {
+ int elen = strlen(err);
-+ rfbEncodeU32(buf, elen);
++ rfbEncodeU32(buf, elen);
+ rfbWriteExact(cl, buf, 4);
+ rfbWriteExact(cl, err, elen);
+ }
@@ -383,7 +469,7 @@
+ rfbLog("gnutls_init failed\n");
+ rfbCloseClient(cl);
+ return;
-+
++
+ }
+
+ if ((ret = gnutls_set_default_priority(sd->session)) < 0) {
@@ -394,17 +480,17 @@
+ }
+
+ /* optimize for speed */
-+ static const int cipher_priority_performance[] = {
-+ GNUTLS_CIPHER_ARCFOUR_128,
-+ GNUTLS_CIPHER_AES_128_CBC,
-+ GNUTLS_CIPHER_3DES_CBC, 0
++ static const int cipher_priority_performance[] = {
++ GNUTLS_CIPHER_ARCFOUR_128,
++ GNUTLS_CIPHER_AES_128_CBC,
++ GNUTLS_CIPHER_3DES_CBC, 0
+ };
+
+ if ((ret = gnutls_cipher_set_priority(sd->session, cipher_priority_performance)) < 0) {
+ rfbLog("gnutls_cipher_set_priority failed: %s\n", gnutls_strerror(ret));
+ sd->session = NULL;
+ rfbCloseClient(cl);
-+ return;
++ return;
+ }
+
+ static const int kx_anon[] = {GNUTLS_KX_ANON_DH, 0};
@@ -412,16 +498,16 @@
+ rfbLog("gnutls_kx_set_priority failed: %s\n", gnutls_strerror(ret));
+ sd->session = NULL;
+ rfbCloseClient(cl);
-+ return;
++ return;
+ }
+
+ static const int cert_type_priority[] = { GNUTLS_CRT_X509, 0 };
+ if ((ret = gnutls_certificate_type_set_priority(sd->session, cert_type_priority)) < 0) {
-+ rfbLog("gnutls_certificate_type_set_priority failed: %s\n",
++ rfbLog("gnutls_certificate_type_set_priority failed: %s\n",
+ gnutls_strerror(ret));
+ sd->session = NULL;
+ rfbCloseClient(cl);
-+ return;
++ return;
+ }
+
+ static const int protocol_priority[]= { GNUTLS_TLS1_1, GNUTLS_TLS1_0, GNUTLS_SSL3, 0 };
@@ -430,7 +516,7 @@
+ gnutls_strerror(ret));
+ sd->session = NULL;
+ rfbCloseClient(cl);
-+ return;
++ return;
+ }
+
+ gnutls_anon_server_credentials anon_cred;
@@ -438,7 +524,7 @@
+ if (!(anon_cred = tls_initialize_anon_cred())) {
+ sd->session = NULL;
+ rfbCloseClient(cl);
-+ return;
++ return;
+ }
+
+ if ((ret = gnutls_credentials_set(sd->session, GNUTLS_CRD_ANON, anon_cred)) < 0) {
@@ -446,7 +532,7 @@
+ gnutls_anon_free_server_credentials(anon_cred);
+ sd->session = NULL;
+ rfbCloseClient(cl);
-+ return;
++ return;
+ }
+
+ gnutls_transport_set_ptr(sd->session, (gnutls_transport_ptr_t)cl);
@@ -480,7 +566,7 @@
}
static rfbSecurityHandler VncSecurityHandlerVencrypt = {
-@@ -1759,6 +2188,21 @@
+@@ -1759,6 +2191,21 @@
time_t elapsed, cur_time;
struct winsize dimensions;
@@ -502,7 +588,7 @@
for (i = 1; i < argc; i++) {
if (!strcmp (argv[i], "-c")) {
command = argv[i+1];
-@@ -1784,6 +2228,8 @@
+@@ -1784,6 +2231,8 @@
#ifdef DEBUG
rfbLogEnable (1);
@@ -514,7 +600,34 @@
Index: vnc/libvncserver/sockets.c
===================================================================
--- vnc.orig/libvncserver/sockets.c 2011-01-20 16:42:41.000000000 +0100
-+++ vnc/libvncserver/sockets.c 2011-01-21 06:32:42.000000000 +0100
++++ vnc/libvncserver/sockets.c 2011-01-21 10:20:03.000000000 +0100
+@@ -21,7 +21,7 @@
+ /*
+ * Copyright (C) 2005 Rohit Kumar, Johannes E. Schindelin
+ * OSXvnc Copyright (C) 2001 Dan McGuirk <mcguirk at incompleteness.net>.
+- * Original Xvnc code Copyright (C) 1999 AT&T Laboratories Cambridge.
++ * Original Xvnc code Copyright (C) 1999 AT&T Laboratories Cambridge.
+ * All Rights Reserved.
+ *
+ * This is free software; you can redistribute it and/or modify
+@@ -63,7 +63,7 @@
+ #endif
+
+ #if defined(__linux__) && defined(NEED_TIMEVAL)
+-struct timeval
++struct timeval
+ {
+ long int tv_sec,tv_usec;
+ }
+@@ -229,7 +229,7 @@
+ int result = 0;
+
+ if (!rfbScreen->inetdInitDone && rfbScreen->inetdSock != -1) {
+- rfbNewClientConnection(rfbScreen,rfbScreen->inetdSock);
++ rfbNewClientConnection(rfbScreen,rfbScreen->inetdSock);
+ rfbScreen->inetdInitDone = TRUE;
+ }
+
@@ -454,8 +454,12 @@
fd_set fds;
struct timeval tv;
@@ -524,7 +637,7 @@
- n = read(sock, buf, len);
+ if (cl->sock_read_fn)
+ n = cl->sock_read_fn(cl, buf, len);
-+ else
++ else
+ n = read(sock, buf, len);
if (n > 0) {
More information about the pve-devel
mailing list