vnc/patches/vnc-via.patch

--- vnc-4_1-unixsrc/unix/vncviewer/vncviewer.cxx.via	2005-03-03 23:20:33.000000000 +0000
+++ vnc-4_1-unixsrc/unix/vncviewer/vncviewer.cxx	2005-03-03 23:23:33.000000000 +0000
@@ -41,6 +41,7 @@
 
 using namespace network;
 using namespace rfb;
+using namespace std;
 
 IntParameter pointerEventInterval("PointerEventInterval",
                                   "Time in milliseconds to rate-limit"
@@ -95,6 +96,9 @@
 StringParameter geometry("geometry", "X geometry specification", "");
 StringParameter displayname("display", "The X display", "");
 
+/* Support for tunnelling */
+StringParameter via("via", "Gateway to tunnel via", "");
+
 char aboutText[256];
 char* programName;
 extern char buildtime[];
@@ -157,6 +161,61 @@
   exit(1);
 }
 
+/* Tunnelling support. */
+static void
+interpretViaParam (char **gatewayHost, char **remoteHost,
+                  int *remotePort, char **vncServerName,
+                  int localPort)
+{
+  const int SERVER_PORT_OFFSET = 5900;
+  char *pos = strchr (*vncServerName, ':');
+  if (pos == NULL)
+    *remotePort = SERVER_PORT_OFFSET;
+  else {
+    int portOffset = SERVER_PORT_OFFSET;
+    size_t len;
+    *pos++ = '\0';
+    len = strlen (pos);
+    if (*pos == ':') {
+      /* Two colons is an absolute port number, not an offset. */
+      pos++;
+      len--;
+      portOffset = 0;
+    }
+    if (!len || strspn (pos, "-0123456789") != len )
+      usage ();
+    *remotePort = atoi (pos) + portOffset;
+  }
+
+  if (**vncServerName != '\0')
+    *remoteHost = *vncServerName;
+
+  *gatewayHost = strDup (via.getValueStr ());
+  *vncServerName = new char[50];
+  sprintf (*vncServerName, "localhost::%d", localPort);
+}
+
+static void
+createTunnel (const char *gatewayHost, const char *remoteHost,
+             int remotePort, int localPort)
+{
+  char *cmd = getenv ("VNC_VIA_CMD");
+  char *percent;
+  char lport[10], rport[10];
+  sprintf (lport, "%d", localPort);
+  sprintf (rport, "%d", remotePort);
+  setenv ("G", gatewayHost, 1);
+  setenv ("H", remoteHost, 1);
+  setenv ("R", rport, 1);
+  setenv ("L", lport, 1);
+  if (!cmd)
+    cmd = "/usr/bin/ssh -f -L \"$L\":\"$H\":\"$R\" \"$G\" sleep 20";
+  /* Compatibility with TightVNC's method. */
+  while ((percent = strchr (cmd, '%')) != NULL)
+    *percent = '$';
+  system (cmd);
+}
+
 int main(int argc, char** argv)
 {
   sprintf(aboutText, "VNC Viewer Free Edition 4.1 for X - built %s\n"
@@ -190,8 +249,6 @@
       usage();
     }
 
-    if (vncServerName)
-      usage();
     vncServerName = argv[i];
   }
 
@@ -207,6 +264,19 @@
     vlog.error("Could not create .vnc directory: environment variable $HOME not set.");
 
   try {
+    /* Tunnelling support. */
+    if (strlen (via.getValueStr ()) > 0) {
+      char *gatewayHost = "";
+      char *remoteHost = "localhost";
+      int localPort = findFreeTcpPort ();
+      int remotePort;
+      if (!vncServerName)
+        usage();
+      interpretViaParam (&gatewayHost, &remoteHost, &remotePort,
+                        &vncServerName, localPort);
+      createTunnel (gatewayHost, remoteHost, remotePort, localPort);
+    }
+
     Socket* sock = 0;
 
     if (listenMode) {
--- vnc-4_1-unixsrc/unix/vncviewer/vncviewer.man.via	2005-03-03 23:23:41.000000000 +0000
+++ vnc-4_1-unixsrc/unix/vncviewer/vncviewer.man	2005-03-03 23:24:18.000000000 +0000
@@ -174,6 +174,23 @@
 specified as an X11 keysym name (these can be obtained by removing the XK_
 prefix from the entries in "/usr/include/X11/keysymdef.h").  Default is F8.
 
+.TP
+\fB\-via\fR \fIgateway\fR
+Automatically create encrypted TCP tunnel to the \fIgateway\fR machine
+before connection, connect to the \fIhost\fR through that tunnel
+(TightVNC\-specific). By default, this option invokes SSH local port
+forwarding, assuming that SSH client binary can be accessed as
+/usr/bin/ssh. Note that when using the \fB\-via\fR option, the host
+machine name should be specified as known to the gateway machine, e.g.
+"localhost" denotes the \fIgateway\fR, not the machine where vncviewer
+was launched. The environment variable \fIVNC_VIA_CMD\fR can override
+the default tunnel command of
+\fB/usr/bin/ssh\ -f\ -L\ "$L":"$H":"$R"\ "$G"\ sleep\ 20\fR.  The tunnel
+command is executed with the environment variables \fIL\fR, \fIH\fR,
+\fIR\fR, and \fIG\fR taken the values of the local port number, the remote
+host, the port number on the remote host, and the gateway machine
+respectively.
+
 .SH SEE ALSO
 .BR Xvnc (1),
 .BR vncpasswd (1),
--- vnc-4_1-unixsrc/common/network/TcpSocket.cxx.via	2005-03-03 23:17:55.000000000 +0000
+++ vnc-4_1-unixsrc/common/network/TcpSocket.cxx	2005-03-03 23:19:49.000000000 +0000
@@ -54,6 +54,29 @@
 
 static rfb::LogWriter vlog("TcpSocket");
 
+/* Tunnelling support. */
+int network::findFreeTcpPort (void)
+{
+  int sock, port;
+  struct sockaddr_in addr;
+  memset(&addr, 0, sizeof(addr));
+  addr.sin_family = AF_INET;
+  addr.sin_addr.s_addr = INADDR_ANY;
+
+  if ((sock = socket (AF_INET, SOCK_STREAM, 0)) < 0)
+    throw SocketException ("unable to create socket", errorNumber);
+
+  for (port = TUNNEL_PORT_OFFSET + 99; port > TUNNEL_PORT_OFFSET; port--) {
+    addr.sin_port = htons ((unsigned short) port);
+    if (bind (sock, (struct sockaddr *)&addr, sizeof (addr)) == 0) {
+      close (sock);
+      return port;
+    }
+  }
+  throw SocketException ("no free port in range", 0);
+  return 0;
+}
+
 
 // -=- Socket initialisation
 static bool socketsInitialised = false;
--- vnc-4_1-unixsrc/common/network/TcpSocket.h.via	2005-03-03 23:19:58.000000000 +0000
+++ vnc-4_1-unixsrc/common/network/TcpSocket.h	2005-03-03 23:20:21.000000000 +0000
@@ -32,8 +32,14 @@
 
 #include <list>
 
+/* Tunnelling support. */
+#define TUNNEL_PORT_OFFSET 5500
+
 namespace network {
 
+  /* Tunnelling support. */
+  int findFreeTcpPort (void);
+
   class TcpSocket : public Socket {
   public:
     TcpSocket(int sock, bool close=true);
1	--- vnc-4_1-unixsrc/unix/vncviewer/vncviewer.cxx.via 2005-03-03 23:20:33.000000000 +0000
2	+++ vnc-4_1-unixsrc/unix/vncviewer/vncviewer.cxx 2005-03-03 23:23:33.000000000 +0000
3	@@ -41,6 +41,7 @@
4
5	using namespace network;
6	using namespace rfb;
7	+using namespace std;
8
9	IntParameter pointerEventInterval("PointerEventInterval",
10	"Time in milliseconds to rate-limit"
11	@@ -95,6 +96,9 @@
12	StringParameter geometry("geometry", "X geometry specification", "");
13	StringParameter displayname("display", "The X display", "");
14
15	+/* Support for tunnelling */
16	+StringParameter via("via", "Gateway to tunnel via", "");
17	+
18	char aboutText[256];
19	char* programName;
20	extern char buildtime[];
21	@@ -157,6 +161,61 @@
22	exit(1);
23	}
24
25	+/* Tunnelling support. */
26	+static void
27	+interpretViaParam (char gatewayHost, char remoteHost,
28	+ int remotePort, char *vncServerName,
29	+ int localPort)
30	+{
31	+ const int SERVER_PORT_OFFSET = 5900;
32	+ char pos = strchr (vncServerName, ':');
33	+ if (pos == NULL)
34	+ *remotePort = SERVER_PORT_OFFSET;
35	+ else {
36	+ int portOffset = SERVER_PORT_OFFSET;
37	+ size_t len;
38	+ *pos++ = '\0';
39	+ len = strlen (pos);
40	+ if (*pos == ':') {
41	+ /* Two colons is an absolute port number, not an offset. */
42	+ pos++;
43	+ len--;
44	+ portOffset = 0;
45	+ }
46	+ if (!len \|\| strspn (pos, "-0123456789") != len )
47	+ usage ();
48	+ *remotePort = atoi (pos) + portOffset;
49	+ }
50	+
51	+ if (**vncServerName != '\0')
52	+ remoteHost = vncServerName;
53	+
54	+ *gatewayHost = strDup (via.getValueStr ());
55	+ *vncServerName = new char[50];
56	+ sprintf (*vncServerName, "localhost::%d", localPort);
57	+}
58	+
59	+static void
60	+createTunnel (const char gatewayHost, const char remoteHost,
61	+ int remotePort, int localPort)
62	+{
63	+ char *cmd = getenv ("VNC_VIA_CMD");
64	+ char *percent;
65	+ char lport[10], rport[10];
66	+ sprintf (lport, "%d", localPort);
67	+ sprintf (rport, "%d", remotePort);
68	+ setenv ("G", gatewayHost, 1);
69	+ setenv ("H", remoteHost, 1);
70	+ setenv ("R", rport, 1);
71	+ setenv ("L", lport, 1);
72	+ if (!cmd)
73	+ cmd = "/usr/bin/ssh -f -L \"$L\":\"$H\":\"$R\" \"$G\" sleep 20";
74	+ /* Compatibility with TightVNC's method. */
75	+ while ((percent = strchr (cmd, '%')) != NULL)
76	+ *percent = '$';
77	+ system (cmd);
78	+}
79	+
80	int main(int argc, char** argv)
81	{
82	sprintf(aboutText, "VNC Viewer Free Edition 4.1 for X - built %s\n"
83	@@ -190,8 +249,6 @@
84	usage();
85	}
86
87	- if (vncServerName)
88	- usage();
89	vncServerName = argv[i];
90	}
91
92	@@ -207,6 +264,19 @@
93	vlog.error("Could not create .vnc directory: environment variable $HOME not set.");
94
95	try {
96	+ /* Tunnelling support. */
97	+ if (strlen (via.getValueStr ()) > 0) {
98	+ char *gatewayHost = "";
99	+ char *remoteHost = "localhost";
100	+ int localPort = findFreeTcpPort ();
101	+ int remotePort;
102	+ if (!vncServerName)
103	+ usage();
104	+ interpretViaParam (&gatewayHost, &remoteHost, &remotePort,
105	+ &vncServerName, localPort);
106	+ createTunnel (gatewayHost, remoteHost, remotePort, localPort);
107	+ }
108	+
109	Socket* sock = 0;
110
111	if (listenMode) {
112	--- vnc-4_1-unixsrc/unix/vncviewer/vncviewer.man.via 2005-03-03 23:23:41.000000000 +0000
113	+++ vnc-4_1-unixsrc/unix/vncviewer/vncviewer.man 2005-03-03 23:24:18.000000000 +0000
114	@@ -174,6 +174,23 @@
115	specified as an X11 keysym name (these can be obtained by removing the XK_
116	prefix from the entries in "/usr/include/X11/keysymdef.h"). Default is F8.
117
118	+.TP
119	+\fB\-via\fR \fIgateway\fR
120	+Automatically create encrypted TCP tunnel to the \fIgateway\fR machine
121	+before connection, connect to the \fIhost\fR through that tunnel
122	+(TightVNC\-specific). By default, this option invokes SSH local port
123	+forwarding, assuming that SSH client binary can be accessed as
124	+/usr/bin/ssh. Note that when using the \fB\-via\fR option, the host
125	+machine name should be specified as known to the gateway machine, e.g.
126	+"localhost" denotes the \fIgateway\fR, not the machine where vncviewer
127	+was launched. The environment variable \fIVNC_VIA_CMD\fR can override
128	+the default tunnel command of
129	+\fB/usr/bin/ssh\ -f\ -L\ "$L":"$H":"$R"\ "$G"\ sleep\ 20\fR. The tunnel
130	+command is executed with the environment variables \fIL\fR, \fIH\fR,
131	+\fIR\fR, and \fIG\fR taken the values of the local port number, the remote
132	+host, the port number on the remote host, and the gateway machine
133	+respectively.
134	+
135	.SH SEE ALSO
136	.BR Xvnc (1),
137	.BR vncpasswd (1),
138	--- vnc-4_1-unixsrc/common/network/TcpSocket.cxx.via 2005-03-03 23:17:55.000000000 +0000
139	+++ vnc-4_1-unixsrc/common/network/TcpSocket.cxx 2005-03-03 23:19:49.000000000 +0000
140	@@ -54,6 +54,29 @@
141
142	static rfb::LogWriter vlog("TcpSocket");
143
144	+/* Tunnelling support. */
145	+int network::findFreeTcpPort (void)
146	+{
147	+ int sock, port;
148	+ struct sockaddr_in addr;
149	+ memset(&addr, 0, sizeof(addr));
150	+ addr.sin_family = AF_INET;
151	+ addr.sin_addr.s_addr = INADDR_ANY;
152	+
153	+ if ((sock = socket (AF_INET, SOCK_STREAM, 0)) < 0)
154	+ throw SocketException ("unable to create socket", errorNumber);
155	+
156	+ for (port = TUNNEL_PORT_OFFSET + 99; port > TUNNEL_PORT_OFFSET; port--) {
157	+ addr.sin_port = htons ((unsigned short) port);
158	+ if (bind (sock, (struct sockaddr *)&addr, sizeof (addr)) == 0) {
159	+ close (sock);
160	+ return port;
161	+ }
162	+ }
163	+ throw SocketException ("no free port in range", 0);
164	+ return 0;
165	+}
166	+
167
168	// -=- Socket initialisation
169	static bool socketsInitialised = false;
170	--- vnc-4_1-unixsrc/common/network/TcpSocket.h.via 2005-03-03 23:19:58.000000000 +0000
171	+++ vnc-4_1-unixsrc/common/network/TcpSocket.h 2005-03-03 23:20:21.000000000 +0000
172	@@ -32,8 +32,14 @@
173
174	#include <list>
175
176	+/* Tunnelling support. */
177	+#define TUNNEL_PORT_OFFSET 5500
178	+
179	namespace network {
180
181	+ /* Tunnelling support. */
182	+ int findFreeTcpPort (void);
183	+
184	class TcpSocket : public Socket {
185	public:
186	TcpSocket(int sock, bool close=true);