Home | History | Annotate | Download | only in x11vnc

Lines Matching defs:ssl

147 			rfbLog("Using SSL Certificate:\n");
285 	/* ssl */
286 	if (no_external_cmds || !cmd_ok("ssl")) {
300 	rfbLog("get the certificate information to the VNC viewers SSL\n");	
309 	rfbLog("authenticate this server for this session.  See the -ssl\n");
722  * This is because on older systems both zlib.h and ssl.h define
728 #include <openssl/ssl.h>
735 static SSL *ssl = NULL;
747 	    " ssl helper process.\n");
762 		fprintf(stderr, "ssl error: %s\n", str);
971 		rfbLog("Initializing SSL (%s connect mode).\n", isclient ? "client":"server");
1430 			if (no_external_cmds || !cmd_ok("ssl")) {
1569 	/* continue with SSL/TLS */
1726 	/* continue with SSL/TLS */
1743 		/* only normal SSL */
1752 			/* otherwise we must assume normal SSL (we send client hello) */
1758 		/* fallback to normal SSL */
1790 	    dnow() - start, waitmax, input ? "SSL Handshake" : "(future) RFB Handshake");
1793 		/* got SSL client hello, can only assume normal SSL */
1795 			rfbLog("check_vnc_tls_mode: VENCRYPT_FORCE/ANONTLS_FORCE prevents normal SSL\n");
1902 	if (ssl == NULL) {
1905 	c = SSL_get_current_cipher(ssl);
1906 	s = SSL_get_session(ssl);
1918 		rfbLog("SSL: ssl_helper[%d]: Cipher: %s %s Proto: %s\n", getpid(),
1921 		rfbLog("SSL: ssl_helper[%d]: Proto: %s\n", getpid(),
1929 	rfbLog("To increase the SSL initialization timeout use, e.g.:\n");
1956 		rfbLog("SSL: ssl_init[%d]: detected 'repeater' in connect string.\n", getpid());
1957 		rfbLog("SSL: setting timeout to 1 hour: -env SSL_INIT_TIMEOUT=3600\n");
1958 		rfbLog("SSL: use that option to set a different timeout value,\n");
1959 		rfbLog("SSL: however note that with Windows UltraVNC repeater it\n");
1960 		rfbLog("SSL: may timeout before your setting due to other reasons.\n");
1965 		rfbLog("SSL: ssl_helper[%d]: HTTPS mode, skipping check_vnc_tls_mode()\n",
1970 	rfbLog("SSL: ssl_init[%d]: %d/%d initialization timeout: %d secs.\n",
1973 	ssl = SSL_new(ctx);
1974 	if (ssl == NULL) {
1980 	SSL_set_session_id_context(ssl, sid, strlen((char *)sid));
1983 		if (! SSL_set_fd(ssl, ssock)) {
1988 		if (! SSL_set_rfd(ssl, s_in)) {
1992 		if (! SSL_set_wfd(ssl, s_out)) {
2000 		SSL_set_connect_state(ssl);
2002 		SSL_set_accept_state(ssl);
2023 			rc = SSL_connect(ssl);
2026 			rc = SSL_accept(ssl);
2028 		err = SSL_get_error(ssl, rc);
2043 			rfbLog("SSL: ssl_helper[%d]: %s() failed for: %s:%d 1\n",
2051 			rfbLog("SSL: ssl_helper[%d]: %s() failed for: %s:%d 2\n",
2059 			rfbLog("SSL: ssl_helper[%d]: %s() failed for: %s:%d 3\n",
2067 			rfbLog("SSL: ssl_helper[%d]: %s() failed for: %s:%d 4\n",
2076 			rfbLog("SSL: ssl_helper[%d]: %s() *FATAL: %d SSL FAILED\n",
2079 				rfbLog("SSL: %s\n", ERR_error_string(err, NULL));
2089 			rfbLog("SSL: ssl_helper[%d]: timeout looping %s() "
2095 			BIO *bio = SSL_get_rbio(ssl);
2097 				rfbLog("SSL: ssl_helper[%d]: ssl BIO is null. "
2103 				rfbLog("SSL: ssl_helper[%d]: ssl BIO is EOF. "
2113 		rfbLog("SSL: ssl_helper[%d]: SSL_connect() succeeded for: %s:%d\n", getpid(), name, peerport);
2115 		rfbLog("SSL: ssl_helper[%d]: SSL_accept() succeeded for: %s:%d\n", getpid(), name, peerport);
2120 	if (SSL_get_verify_result(ssl) == X509_V_OK) {
2127 		x = SSL_get_peer_certificate(ssl);	
2129 			rfbLog("SSL: ssl_helper[%d]: accepted client %s x509 peer cert is null\n", getpid(), name);
2135 			rfbLog("SSL: ssl_helper[%d]: accepted client %s x509 cert is:\n", getpid(), name);
2213 	 * ssock: ssl data socket with remote vnc viewer. "S"
2218 	 * cbuf[] is data from csock that we have read but not passed on to ssl 
2219 	 * sbuf[] is data from ssl that we have read but not passed on to csock 
2240 	s_rd = 1;	/* ssl data (remote client)  socket open for reading */
2241 	s_wr = 1;	/* ssl data (remote client)  socket open for writing */
2297 			 * OR ssl is waiting for more BIO to be able to
2300 			if (sptr < ABSIZE || (cptr > 0 && SSL_want_read(ssl))) {
2314 			 * OR ssl is waiting for more BIO to be able
2317 			if (cptr > 0 || (sptr < ABSIZE && SSL_want_write(ssl))) {
2324 			rfbLog("SSL: ssl_xfer[%d]: tv_cutover: %d\n", getpid(),
2363 			rfbLog("SSL: ssl_xfer[%d]: select error: %d\n", getpid(), nfd);
2374 					rfbLog("SSL: ssl_xfer[%d]: early time"
2379 			rfbLog("SSL: ssl_xfer[%d]: connection timedout. %d  tv_use: %d\n",
2422 			    (SSL_want_read(ssl) && FD_ISSET(s_in, &rd))) {
2426 				n = SSL_write(ssl, cbuf, cptr);
2427 				err = SSL_get_error(ssl, n);
2436 						SSL_shutdown(ssl);
2482 					SSL_shutdown(ssl);
2495 			    (SSL_want_write(ssl) && FD_ISSET(s_out, &wr)) ||
2496 			    (check_pending && SSL_pending(ssl))) {
2500 				n = SSL_read(ssl, sbuf + sptr, ABSIZE - sptr);
2501 				err = SSL_get_error(ssl, n);
2532 						SSL_shutdown(ssl);
2549 	rfbLog("SSL: ssl_xfer[%d]: closing sockets %d, %d, %d\n",
2664 		rfbLog("SSL: accept_openssl(OPENSSL_VNC)\n");
2668 		rfbLog("SSL: accept_openssl(OPENSSL_VNC6)\n");
2711 		rfbLog("SSL: accept_openssl(OPENSSL_HTTPS)\n");
2715 		rfbLog("SSL: accept_openssl(OPENSSL_HTTPS6)\n");
2917 	 * to redo all SSL ctx.
3058 	 * absolute proof that SSL_read is ready (XXX use SSL utility).
3130 		n = SSL_read(ssl, buf, 2);
3131 		err = SSL_get_error(ssl, n);
3143 		if (db) fprintf(stderr, "watch_for_http_traffic ssl err: %d/%d\n", err, n);
3169 		n2 = SSL_read(ssl, buf + n, ABSIZE - n);
3209 	/* due to "Fetch Cert" activities for SSL really need to "allow twice" */
3219 			rfbLog("SSL: Permitting 30 sec grace period for allowonce.\n");
3220 			rfbLog("SSL: Set X11VNC_NO_SSL_ALLOW_TWICE=1 to disable.\n");
3280 			rfbLog("SSL: accept_openssl: accept connection failed\n");
3297 			rfbLog("SSL: accept_openssl: accept connection failed\n");
3311 			rfbLog("SSL: accept_openssl: connection failed\n");
3326 			rfbLog("SSL: accept_openssl: accept connection failed\n");
3335 	if (db) fprintf(stderr, "SSL: accept_openssl: sock: %d\n", sock);
3352 		rfbLog("SSL: accept_openssl: denying client %s\n", openssl_last_ip);
3353 		rfbLog("SSL: accept_openssl: does not match -allow or other reason.\n");
3366 		rfbLog("SSL: accept_openssl: seeking IPv6 port.\n");
3368 		rfbLog("SSL: accept_openssl: IPv6 port: %d\n", cport);
3371 		rfbLog("SSL: accept_openssl: could not find open port.\n");
3383 		rfbLog("SSL: accept_openssl: could not listen on port %d.\n",
3428 			rfbLog("SSL: (inetd) spawning helper process "
3431 			rfbLog("SSL: spawning helper process to handle: "
3472 	/* now fork the child to handle the SSL: */
3476 SSL: helper for peerport %d is pid %d: \n",
3481 		rfbLog("SSL: accept_openssl: could not fork.\n");
3529 			rfbLog("SSL: ssl_helper[%d]: could not connect"
3531 			rfbLog("SSL: ssl_helper[%d]: exit case 1 (no local vncsock)\n", getpid());
3536 		/* try to initialize SSL with the remote client */
3547 			rfbLog("SSL: ssl_helper[%d]: exit case 2 (ssl_init failed)\n", getpid());
3568 		 * SSL socket.
3583 			rfbLog("SSL: accept_openssl[%d]: no httpd socket for "
3586 			rfbLog("SSL: ssl_helper[%d]: exit case 3 (no httpd sock)\n", getpid());
3654 				 * instead of a direct SSL connection.
3665 					SSL_write(ssl, reply, strlen(reply));
3675 						n = SSL_read(ssl, buf2 + ptr, 1);
3703 				SSL_write(ssl, reply, strlen(reply));
3704 				SSL_shutdown(ssl);
3712 				rfbLog("SSL: ssl_helper[%d]: exit case 4 (check.https.proxy.connection)\n", getpid());
3809 				rfbLog("SSL: ssl_helper[%d]: exit case 5.\n", getpid());
3817 			 * the rest of the SSL session to it:
3842 			rfbLog("SSL: ssl_helper[%d]: exit case 6 (https ssl_xfer done)\n", getpid());
3849 		 * libvncserver), and connect the rest of the SSL session
3857 		rfbLog("SSL: ssl_helper[%d]: exit case 7 (ssl_xfer done)\n", getpid());
3881 		rfbLog("SSL: accept_openssl: connection from ssl_helper[%d] FAILED.\n", pid);
3974 					rfbLog("SSL: VENCRYPT mode=%d accepted. helper[%d]\n", vencrypt_sel, pid);
3981 					rfbLog("SSL: ANONTLS mode=%d accepted. helper[%d]\n", anontls_sel, pid);
3989 		rfbLog("SSL: accept_openssl: cookie from ssl_helper[%d] FAILED. %d\n", pid, n);
4001 			rfbLog("SSL: BUT WAIT! HTTPS for helper process[%d] succeeded. Good.\n", pid);
4014 				rfbLog("SSL: WARNING CLIENT ASKED FOR NONEXISTENT 'VncViewer.class'\n");
4015 				rfbLog("SSL: USER NEEDS TO MAKE SURE THE JAVA PLUGIN IS INSTALLED\n");
4016 				rfbLog("SSL: AND WORKING PROPERLY (e.g. a test-java-plugin page.)\n");
4017 				rfbLog("SSL: AND/OR USER NEEDS TO **RESTART** HIS WEB BROWSER.\n");
4018 				rfbLog("SSL: SOMETIMES THE BROWSER 'REMEMBERS' FAILED APPLET DOWN-\n");
4019 				rfbLog("SSL: LOADS AND RESTARTING IT IS THE ONLY WAY TO FIX THINGS.\n");
4044 					rfbLog("SSL: -httpsredir guess port: %d  helper[%d]\n", screen->port, pid);
4055 						rfbLog("SSL: helper[%d] pid finished\n", pid);
4060 						rfbLog("SSL: httpSock for helper[%d] went away\n", pid);
4064 				rfbLog("SSL: guessing child helper[%d] https finished. dt=%.6f\n",
4094 				rfbLog("SSL: screen->port %d for helper[%d]\n", screen->port, pid);
4105 						rfbLog("SSL: helper[%d] pid finished\n", pid);
4110 						rfbLog("SSL: httpSock for helper[%d] went away\n", pid);
4114 				rfbLog("SSL: OPENSSL_INETD guessing "
4141 	rfbLog("SSL: handshake with helper process[%d] succeeded.\n", pid);
4201 		rfbLog("SSL: accept_openssl: rfbNewClient failed.\n");
4232 	/* this is for testing or special helper usage, no SSL just socket redir */
4302 /* compile with -DENC_HAVE_OPENSSL=0 to disable enc stuff but still have ssl */