summaryrefslogtreecommitdiffstats
path: root/classes/ssl
diff options
context:
space:
mode:
Diffstat (limited to 'classes/ssl')
-rw-r--r--classes/ssl/SignedVncViewer.jarbin73493 -> 75021 bytes
-rw-r--r--classes/ssl/VncViewer.jarbin70763 -> 72295 bytes
-rwxr-xr-xclasses/ssl/ssl_vncviewer170
-rw-r--r--classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch373
4 files changed, 454 insertions, 89 deletions
diff --git a/classes/ssl/SignedVncViewer.jar b/classes/ssl/SignedVncViewer.jar
index 20b3ddc..292e163 100644
--- a/classes/ssl/SignedVncViewer.jar
+++ b/classes/ssl/SignedVncViewer.jar
Binary files differ
diff --git a/classes/ssl/VncViewer.jar b/classes/ssl/VncViewer.jar
index 116f49c..fa7d8fa 100644
--- a/classes/ssl/VncViewer.jar
+++ b/classes/ssl/VncViewer.jar
Binary files differ
diff --git a/classes/ssl/ssl_vncviewer b/classes/ssl/ssl_vncviewer
index 4f69a1c..8bbbe29 100755
--- a/classes/ssl/ssl_vncviewer
+++ b/classes/ssl/ssl_vncviewer
@@ -1,6 +1,8 @@
#!/bin/sh
#
-# ssl_vncviewer: wrapper for vncviewer to use stunnel SSL tunnel.
+# ssl_vncviewer: wrapper for vncviewer to use an stunnel SSL tunnel.
+#
+# Copyright (c) 2006 by Karl J. Runge <[email protected]>
#
# You must have stunnel(8) installed on the system and in your
# PATH (n.b. stunnel is usually in an sbin subdir).
@@ -16,6 +18,7 @@
# [cert-args] can be:
# -verify /path/to/cacert.pem
# -mycert /path/to/mycert.pem
+# -proxy host:port
#
# -verify specifies a CA cert PEM file (or a self-signed one) for
# authenticating the VNC server.
@@ -23,12 +26,19 @@
# -mycert specifies this client's cert+key PEM file for the VNC server to
# authenticate this client.
#
+# -proxy try host:port as a Web proxy to use the CONNECT method
+# to reach the VNC server (e.g. your firewall requires a proxy).
+# For the "double proxy" case use -proxy host1:port1,host2:port2
+#
+#
+# set VNCVIEWERCMD to whatever vncviewer command you want to use:
+#
+VNCVIEWERCMD=${VNCVIEWERCMD:-vncviewer}
-VNCVIEWERCMD="vncviewer"
PATH=$PATH:/usr/sbin:/usr/local/sbin:/dist/sbin; export PATH
help() {
- head -26 $0 | tail +2
+ head -36 $0 | tail +2
}
# grab our cmdline options:
@@ -39,6 +49,8 @@ do
;;
"-mycert") shift; mycert="$1"
;;
+ "-proxy") shift; proxy="$1"
+ ;;
"-h"*) help; exit 0
;;
*) break
@@ -59,12 +71,19 @@ host=`echo "$orig" | awk -F: '{print $1}'`
disp=`echo "$orig" | awk -F: '{print $2}'`
if [ $disp -lt 200 ]; then
port=`expr $disp + 5900`
+else
+ port=$disp
fi
# try to find an open listening port via netstat(1):
use=""
+inuse=""
if uname | grep Linux > /dev/null; then
inuse=`netstat -ant | grep LISTEN | awk '{print $4}' | sed 's/^.*://'`
+elif uname | grep SunOS > /dev/null; then
+ inuse=`netstat -an -f inet -P tcp | grep LISTEN | awk '{print $1}' | sed 's/^.*\.//'`
+fi
+if [ "x$inuse" != "x" ]; then
try=5920
while [ $try -lt 6000 ]
do
@@ -95,6 +114,145 @@ if [ "X$mycert" != "X" ]; then
cert="cert = $mycert"
fi
+pcode() {
+ tf=$1
+ SSL_VNC_PROXY=$proxy; export SSL_VNC_PROXY
+ SSL_VNC_DEST="$host:$port"; export SSL_VNC_DEST
+ cod='#!/usr/bin/perl
+
+# A hack to glue stunnel to a Web proxy for client connections.
+
+use IO::Socket::INET;
+
+my ($first, $second) = split(/,/, $ENV{SSL_VNC_PROXY});
+my ($proxy_host, $proxy_port) = split(/:/, $first);
+my $connect = $ENV{SSL_VNC_DEST};
+
+print STDERR "\nperl script for web proxing:\n";
+print STDERR "proxy_host: $proxy_host\n";
+print STDERR "proxy_port: $proxy_port\n";
+print STDERR "proxy_connect: $connect\n";
+
+my $sock = IO::Socket::INET->new(
+ PeerAddr => $proxy_host,
+ PeerPort => $proxy_port,
+ Proto => "tcp");
+
+if (! $sock) {
+ unlink($0);
+ die "perl proxy: $!\n";
+}
+
+my $con = "";
+if ($second ne "") {
+ $con = "CONNECT $second HTTP/1.1\r\n";
+ $con .= "Host: $second\r\n\r\n";
+} else {
+ $con = "CONNECT $connect HTTP/1.1\r\n";
+ $con .= "Host: $connect\r\n\r\n";
+}
+
+print STDERR "proxy_request1:\n$con";
+print $sock $con;
+
+unlink($0);
+
+my $rep = "";
+while ($rep !~ /\r\n\r\n/) {
+ my $c = getc($sock);
+ print STDERR $c;
+ $rep .= $c;
+}
+if ($rep !~ m,HTTP/.* 200,) {
+ die "proxy error: $rep\n";
+}
+
+if ($second ne "") {
+ $con = "CONNECT $connect HTTP/1.1\r\n";
+ $con .= "Host: $connect\r\n\r\n";
+ print STDERR "proxy_request2:\n$con";
+
+ print $sock $con;
+
+ $rep = "";
+ while ($rep !~ /\r\n\r\n/) {
+ my $c = getc($sock);
+ print STDERR $c;
+ $rep .= $c;
+ }
+ if ($rep !~ m,HTTP/.* 200,) {
+ die "proxy error: $rep\n";
+ }
+}
+
+if (fork) {
+ print STDERR "parent\[$$] STDIN -> socket\n\n";
+ xfer(STDIN, $sock);
+} else {
+ print STDERR "child \[$$] socket -> STDOUT\n\n";
+ xfer($sock, STDOUT);
+}
+exit;
+
+sub xfer {
+ my($in, $out) = @_;
+ $RIN = $WIN = $EIN = "";
+ $ROUT = "";
+ vec($RIN, fileno($in), 1) = 1;
+ vec($WIN, fileno($in), 1) = 1;
+ $EIN = $RIN | $WIN;
+
+ while (1) {
+ my $nf = 0;
+ while (! $nf) {
+ $nf = select($ROUT=$RIN, undef, undef, undef);
+ }
+ my $len = sysread($in, $buf, 8192);
+ if (! defined($len)) {
+ next if $! =~ /^Interrupted/;
+ print STDERR "perl proxy\[$$]: $!\n";
+ last;
+ } elsif ($len == 0) {
+ print STDERR "perl proxy\[$$]: Input is EOF.\n";
+ last;
+ }
+ my $offset = 0;
+ my $quit = 0;
+ while ($len) {
+ my $written = syswrite($out, $buf, $len, $offset);
+ if (! defined $written) {
+ print STDERR "perl proxy\[$$]: Output is EOF. $!\n";
+ $quit = 1;
+ last;
+ }
+ $len -= $written;
+ $offset += $written;
+ }
+ last if $quit;
+ }
+ close($in);
+ close($out);
+}
+'
+ rm -f $tf
+ if [ -f $tf ]; then
+ echo "$tf still exists!"
+ exit 1
+ fi
+ echo "$cod" > $tf
+ chmod 700 $tf
+}
+
+ptmp=""
+if [ "X$proxy" != "X" ]; then
+ ptmp="/tmp/ssl_vncviewer.$$.pl"
+ pcode $ptmp
+ connect="exec = $ptmp"
+else
+ connect="connect = $host:$port"
+fi
+
+
##debug = 7
tmp=/tmp/ssl_vncviewer.$$
cat > $tmp <<END
@@ -106,12 +264,13 @@ $cert
[vnc_stunnel]
accept = $use
-connect= $host:$port
+$connect
END
echo ""
echo "Using this stunnel configuration:"
-cat $tmp
+echo ""
+cat $tmp | uniq
echo ""
sleep 1
@@ -140,3 +299,4 @@ else
fi
kill $pid
+sleep 1
diff --git a/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch b/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch
index 298f7f9..e579a57 100644
--- a/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch
+++ b/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch
@@ -38,34 +38,43 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/Makefile vnc_javasrc/Makefile
@$(ExportJavaClasses)
diff -x VncCanvas.java -Naur vnc_javasrc.orig/RfbProto.java vnc_javasrc/RfbProto.java
--- vnc_javasrc.orig/RfbProto.java 2004-03-04 08:34:25.000000000 -0500
-+++ vnc_javasrc/RfbProto.java 2006-04-03 11:22:30.000000000 -0400
++++ vnc_javasrc/RfbProto.java 2006-04-16 11:17:37.000000000 -0400
@@ -199,7 +199,21 @@
host = h;
port = p;
- if (viewer.socketFactory == null) {
+ if (! viewer.disableSSL) {
-+ System.out.println("new SSLSocketToMe");
-+ SSLSocketToMe ssl;
-+ try {
-+ ssl = new SSLSocketToMe(host, port, v);
-+ } catch (Exception e) {
-+ throw new IOException(e.getMessage());
-+ }
-+
-+ try {
-+ sock = ssl.connectSock();
-+ } catch (Exception es) {
-+ throw new IOException(es.getMessage());
-+ }
++ System.out.println("new SSLSocketToMe");
++ SSLSocketToMe ssl;
++ try {
++ ssl = new SSLSocketToMe(host, port, v);
++ } catch (Exception e) {
++ throw new IOException(e.getMessage());
++ }
++
++ try {
++ sock = ssl.connectSock();
++ } catch (Exception es) {
++ throw new IOException(es.getMessage());
++ }
+ } else if (viewer.socketFactory == null) {
sock = new Socket(host, port);
} else {
try {
+@@ -255,7 +269,7 @@
+ || (b[10] < '0') || (b[10] > '9') || (b[11] != '\n'))
+ {
+ throw new Exception("Host " + host + " port " + port +
+- " is not an RFB server");
++ " is not an RFB server: " + b);
+ }
+
+ serverMajor = (b[4] - '0') * 100 + (b[5] - '0') * 10 + (b[6] - '0');
diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSLSocketToMe.java
--- vnc_javasrc.orig/SSLSocketToMe.java 1969-12-31 19:00:00.000000000 -0500
-+++ vnc_javasrc/SSLSocketToMe.java 2006-04-04 13:17:39.000000000 -0400
-@@ -0,0 +1,1040 @@
++++ vnc_javasrc/SSLSocketToMe.java 2006-04-16 11:21:30.000000000 -0400
+@@ -0,0 +1,1204 @@
+/*
+ * SSLSocketToMe.java: add SSL encryption to Java VNC Viewer.
+ *
@@ -111,10 +120,14 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+
+ /* fallback for Proxy connection */
+ boolean proxy_in_use = false;
++ boolean proxy_is_https = false;
+ boolean proxy_failure = false;
+ public DataInputStream is = null;
+ public OutputStream os = null;
+
++ String proxy_dialog_host = null;
++ int proxy_dialog_port = 0;
++
+ Socket proxySock;
+ DataInputStream proxy_is;
+ OutputStream proxy_os;
@@ -149,7 +162,6 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+
+ /* create trust managers used if initial handshake fails: */
+
-+
+ trustAllCerts = new TrustManager[] {
+ /*
+ * this one accepts everything.
@@ -349,15 +361,17 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+ return false;
+ }
+
-+ public Socket connectSock() throws IOException {
++ public void check_for_proxy() {
++
++ boolean result = false;
++ String ustr = "https://" + host + ":" + port;
++ ustr += viewer.urlPrefix + "/check.https.proxy.connection";
++
++ trusturlCerts = null;
++ proxy_in_use = false;
+
-+ /*
-+ * first try a https connection to detect a proxy, and
-+ * also grab the VNC server cert.
-+ */
-+ URL url = new URL("https://" + host + ":" + port +
-+ "/check.https.proxy.connection");
+ try {
++ URL url = new URL(ustr);
+ HttpsURLConnection https = (HttpsURLConnection)
+ url.openConnection();
+
@@ -374,15 +388,59 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+
+ if (https.usingProxy()) {
+ proxy_in_use = true;
++ proxy_is_https = true;
+ dbg("HTTPS proxy in use. There may be connection problems.");
+ }
+ Object output = https.getContent();
+ https.disconnect();
++ result = true;
++
++ } catch(Exception e) {
++ dbg("HttpsURLConnection: " + e.getMessage());
++ }
++
++ if (proxy_in_use) {
++ return;
++ }
++
++ ustr = "http://" + host + ":" + port;
++ ustr += viewer.urlPrefix + "/index.vnc";
++
++ try {
++ URL url = new URL(ustr);
++ HttpURLConnection http = (HttpURLConnection)
++ url.openConnection();
++
++ http.setUseCaches(false);
++ http.setRequestMethod("GET");
++ http.setRequestProperty("Pragma", "No-Cache");
++ http.setRequestProperty("Proxy-Connection",
++ "Keep-Alive");
++ http.setDoInput(true);
++
++ http.connect();
++
++ if (http.usingProxy()) {
++ proxy_in_use = true;
++ proxy_is_https = false;
++ dbg("HTTP proxy in use. There may be connection problems.");
++ }
++ Object output = http.getContent();
++ http.disconnect();
+
+ } catch(Exception e) {
-+ trusturlCerts = null;
++ dbg("HttpURLConnection: " + e.getMessage());
+ }
++ }
+
++ public Socket connectSock() throws IOException {
++
++ /*
++ * first try a https connection to detect a proxy, and
++ * also grab the VNC server cert.
++ */
++ check_for_proxy();
++
+ if (use_url_cert_for_auth && trusturlCerts != null) {
+ factory = trusturl_ctx.getSocketFactory();
+ } else {
@@ -391,11 +449,23 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+
+ socket = null;
+ try {
++ if (proxy_in_use && viewer.forceProxy) {
++ throw new Exception("forcing proxy (forceProxy)");
++ } else if (viewer.CONNECT != null) {
++ throw new Exception("forcing CONNECT");
++ }
++
+ socket = (SSLSocket) factory.createSocket(host, port);
++
+ } catch (Exception esock) {
-+ if (proxy_in_use) {
++ dbg("esock: " + esock.getMessage());
++ if (proxy_in_use || viewer.CONNECT != null) {
+ proxy_failure = true;
-+ dbg("HTTPS proxy in use. Trying to go with it.");
++ if (proxy_in_use) {
++ dbg("HTTPS proxy in use. Trying to go with it.");
++ } else {
++ dbg("viewer.CONNECT reverse proxy in use. Trying to go with it.");
++ }
+ try {
+ socket = proxy_socket(factory);
+ } catch (Exception e) {
@@ -522,6 +592,31 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+ }
+ }
+
++ if (socket != null && viewer.GET != null) {
++ String str = "GET ";
++ str += viewer.urlPrefix;
++ str += "/request.https.vnc.connection";
++ str += " HTTP/1.0\r\n";
++ str += "Pragma: No-Cache\r\n";
++ str += "\r\n";
++ System.out.println("sending GET: " + str);
++ OutputStream os = socket.getOutputStream();
++ os.write(str.getBytes());
++ os.flush();
++ if (false) {
++ String rep = "";
++ DataInputStream is = new DataInputStream(
++ new BufferedInputStream(socket.getInputStream(), 16384));
++ while (true) {
++ rep += readline(is);
++ if (rep.indexOf("\r\n\r\n") >= 0) {
++ break;
++ }
++ }
++ System.out.println("rep: " + rep);
++ }
++ }
++
+ dbg("SSL returning socket to caller.");
+ return (Socket) socket;
+ }
@@ -532,10 +627,24 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+ }
+ }
+
++ private int gint(String s) {
++ int n = -1;
++ try {
++ Integer I = new Integer(s);
++ n = I.intValue();
++ } catch (Exception ex) {
++ return -1;
++ }
++ return n;
++ }
++
+ public SSLSocket proxy_socket(SSLSocketFactory factory) {
+ Properties props = null;
+ String proxyHost = null;
+ int proxyPort = 0;
++ String proxyHost_nossl = null;
++ int proxyPort_nossl = 0;
++ String str;
+
+ /* see if we can guess the proxy info from Properties: */
+ try {
@@ -548,16 +657,33 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+ props.list(System.out);
+ dbg("\n---------------\n\n");
+
-+ for (Enumeration e = props.propertyNames(); e.hasMoreElements(); ) {
++ for (Enumeration e = props.propertyNames(); e.hasMoreElements(); ) {
+ String s = (String) e.nextElement();
+ String v = System.getProperty(s);
-+ String l1 = s.toLowerCase();
-+ String l2 = v.toLowerCase();
++ String s2 = s.toLowerCase();
++ String v2 = v.toLowerCase();
+
-+ if (l1.indexOf("proxy") < 0 && l2.indexOf("proxy") < 0) {
++ if (s2.indexOf("proxy") < 0 && v2.indexOf("proxy") < 0) {
+ continue;
+ }
-+ if (l2.indexOf("https") < 0) {
++ if (v2.indexOf("https") < 0) {
++ continue;
++ }
++
++ if (s2.indexOf("proxy.https.host") >= 0) {
++ proxyHost = v2;
++ continue;
++ }
++ if (s2.indexOf("proxy.https.port") >= 0) {
++ proxyPort = gint(v2);
++ continue;
++ }
++ if (s2.indexOf("proxy.http.host") >= 0) {
++ proxyHost_nossl = v2;
++ continue;
++ }
++ if (s2.indexOf("proxy.http.port") >= 0) {
++ proxyPort_nossl = gint(v2);
+ continue;
+ }
+
@@ -578,10 +704,9 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+ continue;
+ }
+ if (hp[0].length() > 1 && hp[1].length() > 1) {
-+ try {
-+ Integer I = new Integer(hp[1]);
-+ proxyPort = I.intValue();
-+ } catch (Exception ex) {
++
++ proxyPort = gint(hp[1]);
++ if (proxyPort < 0) {
+ continue;
+ }
+ proxyHost = new String(hp[0]);
@@ -591,65 +716,113 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+ }
+ }
+ if (proxyHost != null) {
-+ dbg("Lucky us! we figured out the Proxy parameters: " + proxyHost + " " + proxyPort);
-+ } else {
-+ /* ask user to help us: */
-+ ProxyDialog pd = new ProxyDialog(proxyHost, proxyPort);
-+ pd.queryUser();
-+ proxyHost = pd.getHost();
-+ proxyPort = pd.getPort();
-+ dbg("User said host: " + pd.getHost() + " port: " + pd.getPort());
++ if (proxyHost_nossl != null && proxyPort_nossl > 0) {
++ dbg("Using http proxy info instead of https.");
++ proxyHost = proxyHost_nossl;
++ proxyPort = proxyPort_nossl;
++ }
+ }
+
-+ proxySock = psocket(proxyHost, proxyPort);
-+ if (proxySock == null) {
-+ dbg("1 sadly, returning a null socket");
-+ return null;
-+ }
-+ String hp = host + ":" + port;
++ if (proxy_in_use) {
++ if (proxy_dialog_host != null && proxy_dialog_port > 0) {
++ proxyHost = proxy_dialog_host;
++ proxyPort = proxy_dialog_port;
++ }
++ if (proxyHost != null) {
++ dbg("Lucky us! we figured out the Proxy parameters: " + proxyHost + " " + proxyPort);
++ } else {
++ /* ask user to help us: */
++ ProxyDialog pd = new ProxyDialog(proxyHost, proxyPort);
++ pd.queryUser();
++ proxyHost = pd.getHost();
++ proxyPort = pd.getPort();
++ proxy_dialog_host = new String(proxyHost);
++ proxy_dialog_port = proxyPort;
++ dbg("User said host: " + pd.getHost() + " port: " + pd.getPort());
++ }
+
-+ String req1 = "CONNECT " + hp + " HTTP/1.1\r\n"
-+ + "Host: " + hp + "\r\n\r\n";
++ dbg("proxy_in_use psocket:");
++ proxySock = psocket(proxyHost, proxyPort);
++ if (proxySock == null) {
++ dbg("1-a sadly, returning a null socket");
++ return null;
++ }
++ String hp = host + ":" + port;
+
-+ /* not working for SSL yet: */
-+ String req2 = "GET https://" + hp
-+ + "/request.https.proxy.connection HTTP/1.1\r\n"
-+ + "Host: " + hp + "\r\n\r\n";
++ String req1 = "CONNECT " + hp + " HTTP/1.1\r\n"
++ + "Host: " + hp + "\r\n\r\n";
+
-+ dbg("requesting: " + req1);
++ dbg("requesting1: " + req1);
+
-+ try {
-+ proxy_os.write(req1.getBytes());
-+ String reply = readline(proxy_is);
++ try {
++ proxy_os.write(req1.getBytes());
++ String reply = readline(proxy_is);
+
-+ dbg("proxy replied: " + reply);
++ dbg("proxy replied1: " + reply.trim());
+
-+ if (reply.indexOf("HTTP/1.") < 0 && reply.indexOf(" 200") < 0) {
-+ proxySock.close();
-+ proxySock = psocket(proxyHost, proxyPort);
-+ if (proxySock == null) {
-+ dbg("2 sadly, returning a null socket");
-+ return null;
++ if (reply.indexOf("HTTP/1.") < 0 && reply.indexOf(" 200") < 0) {
++ proxySock.close();
++ proxySock = psocket(proxyHost, proxyPort);
++ if (proxySock == null) {
++ dbg("2-a sadly, returning a null socket");
++ return null;
++ }
+ }
-+ dbg("requesting: " + req2);
++ } catch(Exception e) {
++ dbg("sock prob1: " + e.getMessage());
++ }
++
++ while (true) {
++ String line = readline(proxy_is);
++ dbg("proxy line1: " + line.trim());
++ if (line.equals("\r\n") || line.equals("\n")) {
++ break;
++ }
++ }
++ } else if (viewer.CONNECT != null) {
++ dbg("viewer.CONNECT psocket:");
++ proxySock = psocket(host, port);
++ if (proxySock == null) {
++ dbg("1-b sadly, returning a null socket");
++ return null;
++ }
++ }
++
++ if (viewer.CONNECT != null) {
++ String hp = viewer.CONNECT;
++ String req2 = "CONNECT " + hp + " HTTP/1.1\r\n"
++ + "Host: " + hp + "\r\n\r\n";
++
++ dbg("requesting2: " + req2);
++
++ try {
+ proxy_os.write(req2.getBytes());
++ String reply = readline(proxy_is);
+
-+ reply = readline(proxy_is);
++ dbg("proxy replied2: " + reply.trim());
+
-+ dbg("proxy replied: " + reply);
++ if (reply.indexOf("HTTP/1.") < 0 && reply.indexOf(" 200") < 0) {
++ proxySock.close();
++ proxySock = psocket(proxyHost, proxyPort);
++ if (proxySock == null) {
++ dbg("2-b sadly, returning a null socket");
++ return null;
++ }
++ }
++ } catch(Exception e) {
++ dbg("sock prob2: " + e.getMessage());
+ }
-+ } catch(Exception e) {
-+ dbg("sock prob: " + e.getMessage());
-+ }
+
-+ while (true) {
-+ String line = readline(proxy_is);
-+ dbg("proxy line: " + line);
-+ if (line.equals("\r\n") || line.equals("\n")) {
-+ break;
++ while (true) {
++ String line = readline(proxy_is);
++ dbg("proxy line2: " + line.trim());
++ if (line.equals("\r\n") || line.equals("\n")) {
++ break;
++ }
+ }
++
+ }
-+
++
+ Socket sslsock = null;
+ try {
+ sslsock = factory.createSocket(proxySock, host, port, true);
@@ -1108,16 +1281,21 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+}
diff -x VncCanvas.java -Naur vnc_javasrc.orig/VncViewer.java vnc_javasrc/VncViewer.java
--- vnc_javasrc.orig/VncViewer.java 2004-03-04 08:34:25.000000000 -0500
-+++ vnc_javasrc/VncViewer.java 2006-03-27 22:20:19.000000000 -0500
-@@ -87,6 +87,7 @@
- int deferScreenUpdates;
++++ vnc_javasrc/VncViewer.java 2006-04-16 11:21:13.000000000 -0400
+@@ -88,6 +88,12 @@
int deferCursorUpdates;
int deferUpdateRequests;
-+ boolean disableSSL;
++ boolean disableSSL;
++ String GET;
++ String CONNECT;
++ String urlPrefix;
++ boolean forceProxy;
++
// Reference to this applet for inter-applet communication.
public static java.applet.Applet refApplet;
-@@ -626,6 +627,12 @@
+
+@@ -626,6 +632,39 @@
// SocketFactory.
socketFactory = readParameter("SocketFactory", false);
@@ -1127,6 +1305,33 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/VncViewer.java vnc_javasrc/VncView
+ str = readParameter("DisableSSL", false);
+ if (str != null && str.equalsIgnoreCase("Yes"))
+ disableSSL = true;
++
++ // Extra GET, CONNECT string:
++ CONNECT = readParameter("CONNECT", false);
++ if (CONNECT != null) {
++ CONNECT = CONNECT.replaceAll(" ", ":");
++ }
++ GET = readParameter("GET", false);
++ urlPrefix = "";
++ if (GET != null) {
++ GET = GET.replaceAll("%2F", "/");
++ GET = GET.replaceAll("%2f", "/");
++ GET = GET.replaceAll("_2F_", "/");
++ if (! GET.equals("1")) {
++ if (GET.indexOf("/") != 0) {
++ urlPrefix += "/";
++ }
++ urlPrefix += GET;
++ }
++ }
++ urlPrefix = urlPrefix.replaceAll("%2f", "/");
++ System.out.println("urlPrefix: " + urlPrefix);
++
++ forceProxy = false;
++ str = readParameter("forceProxy", false);
++ if (str != null && str.equalsIgnoreCase("Yes")) {
++ forceProxy = true;
++ }
}
public String readParameter(String name, boolean required) {