X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;ds=sidebyside;f=vncterm.c;h=0e33791e2a095ff181320c447ba94c4e9eb998a4;hb=df4b12152dd24de0acc420407aedf85541a87c6d;hp=ec5394b6ec3d5f4349c24b35a23382abf662752c;hpb=c9e46b9a7d167336b77c73c102eb6eb1c25b141c;p=vncterm.git

diff --git a/vncterm.c b/vncterm.c
index ec5394b..0e33791 100644
--- a/vncterm.c
+++ b/vncterm.c
@@ -169,7 +169,7 @@ static void vnc_debug_gnutls_log(int level, const char* str) {
 }
 #endif
 
-#define DH_BITS 1024
+#define DH_BITS 2048
 static gnutls_dh_params_t dh_params;
 
 typedef struct {
@@ -2196,6 +2196,8 @@ new_client (rfbClientPtr client)
   return RFB_CLIENT_ACCEPT;
 }
 
+static char *vncticket = NULL;
+
 vncTerm *
 create_vncterm (int argc, char** argv, int maxx, int maxy)
 {
@@ -2204,6 +2206,8 @@ create_vncterm (int argc, char** argv, int maxx, int maxy)
   rfbScreenInfoPtr screen = rfbGetScreen (&argc, argv, maxx, maxy, 8, 1, 1);
   screen->frameBuffer=(char*)calloc(maxx*maxy, 1);
 
+  char **passwds = calloc(sizeof(char**), 2);
+
   vncTerm *vt = (vncTerm *)calloc (sizeof(vncTerm), 1);
 
   rfbColourMap *cmap =&screen->colourMap;
@@ -2272,7 +2276,15 @@ create_vncterm (int argc, char** argv, int maxx, int maxy)
 
   //screen->autoPort = 1;
 
-  rfbRegisterSecurityHandler(&VncSecurityHandlerVencrypt);
+  if (vncticket) {
+      passwds[0] = vncticket;
+      passwds[1] = NULL;
+  
+      screen->authPasswdData = (void *)passwds;
+      screen->passwordCheck = rfbCheckPasswordByList;
+  } else {
+      rfbRegisterSecurityHandler(&VncSecurityHandlerVencrypt);
+  }
 
   rfbInitServer(screen);
 
@@ -2322,20 +2334,26 @@ main (int argc, char** argv)
     if (!strcmp (argv[i], "-timeout")) {
       CHECK_ARGC (argc, argv, i);
       idle_timeout = atoi(argv[i+1]);
-      rfbPurgeArguments(&argc, &i, 2, argv);
-    }
-    if (!strcmp (argv[i], "-authpath")) {
+      rfbPurgeArguments(&argc, &i, 2, argv); i--;
+    } else if (!strcmp (argv[i], "-authpath")) {
       CHECK_ARGC (argc, argv, i);
       auth_path = argv[i+1];
-      rfbPurgeArguments(&argc, &i, 2, argv);
-    }
-    if (!strcmp (argv[i], "-perm")) {
+      rfbPurgeArguments(&argc, &i, 2, argv); i--;
+    } else if (!strcmp (argv[i], "-perm")) {
       CHECK_ARGC (argc, argv, i);
       auth_perm = argv[i+1];
-      rfbPurgeArguments(&argc, &i, 2, argv);
+      rfbPurgeArguments(&argc, &i, 2, argv); i--;
+    } else if (!strcmp (argv[i], "-notls")) {
+        rfbPurgeArguments(&argc, &i, 1, argv); i--;
+        if ((vncticket = getenv("PVE_VNC_TICKET")) == NULL) {
+          fprintf(stderr, "missing env PVE_VNC_TICKET (-notls)\n");
+	  exit(-1);           
+        }
     }
   }
 
+  unsetenv("PVE_VNC_TICKET"); // do not expose this to child
+
 #ifdef DEBUG
   rfbLogEnable (1);
   gnutls_global_set_log_level(10);