summaryrefslogtreecommitdiffstats
path: root/classes/ssl
diff options
context:
space:
mode:
Diffstat (limited to 'classes/ssl')
-rw-r--r--classes/ssl/README9
-rw-r--r--classes/ssl/SignedUltraViewerSSL.jarbin107710 -> 108090 bytes
-rw-r--r--classes/ssl/SignedVncViewer.jarbin83719 -> 84103 bytes
-rw-r--r--classes/ssl/UltraViewerSSL.jarbin104686 -> 105068 bytes
-rw-r--r--classes/ssl/VncViewer.jarbin80791 -> 81177 bytes
-rw-r--r--classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch123
-rw-r--r--classes/ssl/ultravnc-102-JavaViewer-ssl-etc.patch139
7 files changed, 129 insertions, 142 deletions
diff --git a/classes/ssl/README b/classes/ssl/README
index a9dcc7a..0767ce9 100644
--- a/classes/ssl/README
+++ b/classes/ssl/README
@@ -218,8 +218,13 @@ Both TightVNC and UltraVNC Java viewers:
yes/no, default: no
Automatically trust any cert that the web browsers has accepted.
E.g. the user said "Yes" or "Continue" to a web browser dialog
- regarding a certificate. If we get the same cert from the VNC
- server we trust it without prompting the user.
+ regarding a certificate. If we get the same cert (chain) from
+ the VNC server we trust it without prompting the user.
+
+ debugCerts
+ yes/no, default: no
+ Print out every cert in the Server, TrustUrl, TrustAll chains.
+
TightVNC Java viewer only:
diff --git a/classes/ssl/SignedUltraViewerSSL.jar b/classes/ssl/SignedUltraViewerSSL.jar
index 312b9d6..5a562ff 100644
--- a/classes/ssl/SignedUltraViewerSSL.jar
+++ b/classes/ssl/SignedUltraViewerSSL.jar
Binary files differ
diff --git a/classes/ssl/SignedVncViewer.jar b/classes/ssl/SignedVncViewer.jar
index 0377714..a795e57 100644
--- a/classes/ssl/SignedVncViewer.jar
+++ b/classes/ssl/SignedVncViewer.jar
Binary files differ
diff --git a/classes/ssl/UltraViewerSSL.jar b/classes/ssl/UltraViewerSSL.jar
index 13e7b79..15f6867 100644
--- a/classes/ssl/UltraViewerSSL.jar
+++ b/classes/ssl/UltraViewerSSL.jar
Binary files differ
diff --git a/classes/ssl/VncViewer.jar b/classes/ssl/VncViewer.jar
index d71b9d8..a93d323 100644
--- a/classes/ssl/VncViewer.jar
+++ b/classes/ssl/VncViewer.jar
Binary files differ
diff --git a/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch b/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch
index bb70214..f35a4e9 100644
--- a/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch
+++ b/classes/ssl/tightvnc-1.3dev7_javasrc-vncviewer-ssl.patch
@@ -73,8 +73,8 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/RfbProto.java vnc_javasrc/RfbProto
serverMajor = (b[4] - '0') * 100 + (b[5] - '0') * 10 + (b[6] - '0');
diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSLSocketToMe.java
--- vnc_javasrc.orig/SSLSocketToMe.java 1969-12-31 19:00:00.000000000 -0500
-+++ vnc_javasrc/SSLSocketToMe.java 2009-08-13 09:16:42.000000000 -0400
-@@ -0,0 +1,1727 @@
++++ vnc_javasrc/SSLSocketToMe.java 2010-02-22 20:03:11.000000000 -0500
+@@ -0,0 +1,1712 @@
+/*
+ * SSLSocketToMe.java: add SSL encryption to Java VNC Viewer.
+ *
@@ -151,6 +151,7 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+
+ boolean use_url_cert_for_auth = true;
+ boolean user_wants_to_see_cert = true;
++ boolean debug_certs = false;
+
+ /* cert(s) we retrieve from VNC server */
+ java.security.cert.Certificate[] trustallCerts = null;
@@ -180,6 +181,8 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+ port = p;
+ viewer = v;
+
++ debug_certs = v.debugCerts;
++
+ /* we will first try default factory for certification: */
+
+ factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
@@ -237,21 +240,6 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+ throw new CertificateException(
+ "No Trust url Certs.");
+ }
-+ if (trusturlCerts.length > 1) {
-+ int i;
-+ boolean ok = true;
-+ for (i = 0; i < trusturlCerts.length - 1; i++) {
-+ if (! trusturlCerts[i].equals(trusturlCerts[i+1])) {
-+ ok = false;
-+ }
-+ }
-+ if (! ok) {
-+ throw new CertificateException(
-+ "Too many Trust url Certs: "
-+ + trusturlCerts.length
-+ );
-+ }
-+ }
+ if (certs == null) {
+ throw new CertificateException(
+ "No this-certs array.");
@@ -260,26 +248,32 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+ throw new CertificateException(
+ "No this-certs Certs.");
+ }
-+ if (certs.length > 1) {
-+ int i;
-+ boolean ok = true;
-+ for (i = 0; i < certs.length - 1; i++) {
-+ if (! certs[i].equals(certs[i+1])) {
-+ ok = false;
-+ }
++ if (certs.length != trusturlCerts.length) {
++ throw new CertificateException(
++ "certs.length != trusturlCerts.length " + certs.length + " " + trusturlCerts.length);
++ }
++ boolean ok = true;
++ for (int i = 0; i < certs.length; i++) {
++ if (! trusturlCerts[i].equals(certs[i])) {
++ ok = false;
++ dbg("URL: cert mismatch at i=" + i);
++ dbg("URL: cert mismatch cert" + certs[i]);
++ dbg("URL: cert mismatch url" + trusturlCerts[i]);
+ }
-+ if (! ok) {
-+ throw new CertificateException(
-+ "Too many this-certs: "
-+ + certs.length
-+ );
++ if (debug_certs) {
++ dbg("\n***********************************************");
++ dbg("URL: cert info at i=" + i);
++ dbg("URL: cert info cert" + certs[i]);
++ dbg("===============================================");
++ dbg("URL: cert info url" + trusturlCerts[i]);
++ dbg("***********************************************");
+ }
+ }
-+ if (! trusturlCerts[0].equals(certs[0])) {
++ if (!ok) {
+ throw new CertificateException(
-+ "Server Cert Changed != URL.");
++ "Server Cert Chain != URL Cert Chain.");
+ }
-+ dbg("URL: trusturlCerts[0] matches certs[0]");
++ dbg("URL: trusturlCerts[i] matches certs[i] i=0:" + (certs.length-1));
+ }
+ }
+ };
@@ -309,21 +303,6 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+ throw new CertificateException(
+ "No Trust All Server Certs.");
+ }
-+ if (trustallCerts.length > 1) {
-+ int i;
-+ boolean ok = true;
-+ for (i = 0; i < trustallCerts.length - 1; i++) {
-+ if (! trustallCerts[i].equals(trustallCerts[i+1])) {
-+ ok = false;
-+ }
-+ }
-+ if (! ok) {
-+ throw new CertificateException(
-+ "Too many Trust All Server Certs: "
-+ + trustallCerts.length
-+ );
-+ }
-+ }
+ if (certs == null) {
+ throw new CertificateException(
+ "No this-certs array.");
@@ -332,26 +311,32 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+ throw new CertificateException(
+ "No this-certs Certs.");
+ }
-+ if (certs.length > 1) {
-+ int i;
-+ boolean ok = true;
-+ for (i = 0; i < certs.length - 1; i++) {
-+ if (! certs[i].equals(certs[i+1])) {
-+ ok = false;
-+ }
++ if (certs.length != trustallCerts.length) {
++ throw new CertificateException(
++ "certs.length != trustallCerts.length " + certs.length + " " + trustallCerts.length);
++ }
++ boolean ok = true;
++ for (int i = 0; i < certs.length; i++) {
++ if (! trustallCerts[i].equals(certs[i])) {
++ ok = false;
++ dbg("ONE: cert mismatch at i=" + i);
++ dbg("ONE: cert mismatch cert" + certs[i]);
++ dbg("ONE: cert mismatch all" + trustallCerts[i]);
+ }
-+ if (! ok) {
-+ throw new CertificateException(
-+ "Too many this-certs: "
-+ + certs.length
-+ );
++ if (debug_certs) {
++ dbg("\n***********************************************");
++ dbg("ONE: cert info at i=" + i);
++ dbg("ONE: cert info cert" + certs[i]);
++ dbg("===============================================");
++ dbg("ONE: cert info all" + trustallCerts[i]);
++ dbg("***********************************************");
+ }
+ }
-+ if (! trustallCerts[0].equals(certs[0])) {
++ if (!ok) {
+ throw new CertificateException(
-+ "Server Cert Changed != TRUSTALL.");
++ "Server Cert Chain != TRUSTALL Cert Chain.");
+ }
-+ dbg("ONE: trustallCerts[0] matches certs[0]");
++ dbg("ONE: trustallCerts[i] matches certs[i] i=0:" + (certs.length-1));
+ }
+ }
+ };
@@ -1804,7 +1789,7 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/SSLSocketToMe.java vnc_javasrc/SSL
+}
diff -x VncCanvas.java -Naur vnc_javasrc.orig/VncViewer.java vnc_javasrc/VncViewer.java
--- vnc_javasrc.orig/VncViewer.java 2004-03-04 08:34:25.000000000 -0500
-+++ vnc_javasrc/VncViewer.java 2009-06-19 10:32:03.000000000 -0400
++++ vnc_javasrc/VncViewer.java 2010-02-22 19:25:19.000000000 -0500
@@ -80,7 +80,7 @@
// Variables read from parameter values.
String socketFactory;
@@ -1814,7 +1799,7 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/VncViewer.java vnc_javasrc/VncView
boolean showControls;
boolean offerRelogin;
boolean showOfflineDesktop;
-@@ -88,6 +88,19 @@
+@@ -88,6 +88,20 @@
int deferCursorUpdates;
int deferUpdateRequests;
@@ -1830,11 +1815,12 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/VncViewer.java vnc_javasrc/VncView
+ boolean ignoreProxy;
+ boolean trustAllVncCerts;
+ boolean trustUrlVncCert;
++ boolean debugCerts;
+
// Reference to this applet for inter-applet communication.
public static java.applet.Applet refApplet;
-@@ -591,8 +604,25 @@
+@@ -591,8 +605,25 @@
}
}
@@ -1862,7 +1848,7 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/VncViewer.java vnc_javasrc/VncView
if (inAnApplet) {
str = readParameter("Open New Window", false);
-@@ -626,6 +656,96 @@
+@@ -626,6 +657,101 @@
// SocketFactory.
socketFactory = readParameter("SocketFactory", false);
@@ -1956,6 +1942,11 @@ diff -x VncCanvas.java -Naur vnc_javasrc.orig/VncViewer.java vnc_javasrc/VncView
+ if (str != null && str.equalsIgnoreCase("Yes")) {
+ trustUrlVncCert = true;
+ }
++ debugCerts = false;
++ str = readParameter("debugCerts", false);
++ if (str != null && str.equalsIgnoreCase("Yes")) {
++ debugCerts = true;
++ }
}
public String readParameter(String name, boolean required) {
diff --git a/classes/ssl/ultravnc-102-JavaViewer-ssl-etc.patch b/classes/ssl/ultravnc-102-JavaViewer-ssl-etc.patch
index 6e61cf3..369a221 100644
--- a/classes/ssl/ultravnc-102-JavaViewer-ssl-etc.patch
+++ b/classes/ssl/ultravnc-102-JavaViewer-ssl-etc.patch
@@ -2644,8 +2644,8 @@ diff -Naur JavaViewer.orig/RfbProto.java JavaViewer/RfbProto.java
// }
diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
--- JavaViewer.orig/SSLSocketToMe.java 1969-12-31 19:00:00.000000000 -0500
-+++ JavaViewer/SSLSocketToMe.java 2009-08-13 09:16:42.000000000 -0400
-@@ -0,0 +1,1727 @@
++++ JavaViewer/SSLSocketToMe.java 2010-02-22 20:03:11.000000000 -0500
+@@ -0,0 +1,1712 @@
+/*
+ * SSLSocketToMe.java: add SSL encryption to Java VNC Viewer.
+ *
@@ -2722,6 +2722,7 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
+
+ boolean use_url_cert_for_auth = true;
+ boolean user_wants_to_see_cert = true;
++ boolean debug_certs = false;
+
+ /* cert(s) we retrieve from VNC server */
+ java.security.cert.Certificate[] trustallCerts = null;
@@ -2751,6 +2752,8 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
+ port = p;
+ viewer = v;
+
++ debug_certs = v.debugCerts;
++
+ /* we will first try default factory for certification: */
+
+ factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
@@ -2808,21 +2811,6 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
+ throw new CertificateException(
+ "No Trust url Certs.");
+ }
-+ if (trusturlCerts.length > 1) {
-+ int i;
-+ boolean ok = true;
-+ for (i = 0; i < trusturlCerts.length - 1; i++) {
-+ if (! trusturlCerts[i].equals(trusturlCerts[i+1])) {
-+ ok = false;
-+ }
-+ }
-+ if (! ok) {
-+ throw new CertificateException(
-+ "Too many Trust url Certs: "
-+ + trusturlCerts.length
-+ );
-+ }
-+ }
+ if (certs == null) {
+ throw new CertificateException(
+ "No this-certs array.");
@@ -2831,26 +2819,32 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
+ throw new CertificateException(
+ "No this-certs Certs.");
+ }
-+ if (certs.length > 1) {
-+ int i;
-+ boolean ok = true;
-+ for (i = 0; i < certs.length - 1; i++) {
-+ if (! certs[i].equals(certs[i+1])) {
-+ ok = false;
-+ }
++ if (certs.length != trusturlCerts.length) {
++ throw new CertificateException(
++ "certs.length != trusturlCerts.length " + certs.length + " " + trusturlCerts.length);
++ }
++ boolean ok = true;
++ for (int i = 0; i < certs.length; i++) {
++ if (! trusturlCerts[i].equals(certs[i])) {
++ ok = false;
++ dbg("URL: cert mismatch at i=" + i);
++ dbg("URL: cert mismatch cert" + certs[i]);
++ dbg("URL: cert mismatch url" + trusturlCerts[i]);
+ }
-+ if (! ok) {
-+ throw new CertificateException(
-+ "Too many this-certs: "
-+ + certs.length
-+ );
++ if (debug_certs) {
++ dbg("\n***********************************************");
++ dbg("URL: cert info at i=" + i);
++ dbg("URL: cert info cert" + certs[i]);
++ dbg("===============================================");
++ dbg("URL: cert info url" + trusturlCerts[i]);
++ dbg("***********************************************");
+ }
+ }
-+ if (! trusturlCerts[0].equals(certs[0])) {
++ if (!ok) {
+ throw new CertificateException(
-+ "Server Cert Changed != URL.");
++ "Server Cert Chain != URL Cert Chain.");
+ }
-+ dbg("URL: trusturlCerts[0] matches certs[0]");
++ dbg("URL: trusturlCerts[i] matches certs[i] i=0:" + (certs.length-1));
+ }
+ }
+ };
@@ -2880,21 +2874,6 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
+ throw new CertificateException(
+ "No Trust All Server Certs.");
+ }
-+ if (trustallCerts.length > 1) {
-+ int i;
-+ boolean ok = true;
-+ for (i = 0; i < trustallCerts.length - 1; i++) {
-+ if (! trustallCerts[i].equals(trustallCerts[i+1])) {
-+ ok = false;
-+ }
-+ }
-+ if (! ok) {
-+ throw new CertificateException(
-+ "Too many Trust All Server Certs: "
-+ + trustallCerts.length
-+ );
-+ }
-+ }
+ if (certs == null) {
+ throw new CertificateException(
+ "No this-certs array.");
@@ -2903,26 +2882,32 @@ diff -Naur JavaViewer.orig/SSLSocketToMe.java JavaViewer/SSLSocketToMe.java
+ throw new CertificateException(
+ "No this-certs Certs.");
+ }
-+ if (certs.length > 1) {
-+ int i;
-+ boolean ok = true;
-+ for (i = 0; i < certs.length - 1; i++) {
-+ if (! certs[i].equals(certs[i+1])) {
-+ ok = false;
-+ }
++ if (certs.length != trustallCerts.length) {
++ throw new CertificateException(
++ "certs.length != trustallCerts.length " + certs.length + " " + trustallCerts.length);
++ }
++ boolean ok = true;
++ for (int i = 0; i < certs.length; i++) {
++ if (! trustallCerts[i].equals(certs[i])) {
++ ok = false;
++ dbg("ONE: cert mismatch at i=" + i);
++ dbg("ONE: cert mismatch cert" + certs[i]);
++ dbg("ONE: cert mismatch all" + trustallCerts[i]);
+ }
-+ if (! ok) {
-+ throw new CertificateException(
-+ "Too many this-certs: "
-+ + certs.length
-+ );
++ if (debug_certs) {
++ dbg("\n***********************************************");
++ dbg("ONE: cert info at i=" + i);
++ dbg("ONE: cert info cert" + certs[i]);
++ dbg("===============================================");
++ dbg("ONE: cert info all" + trustallCerts[i]);
++ dbg("***********************************************");
+ }
+ }
-+ if (! trustallCerts[0].equals(certs[0])) {
++ if (!ok) {
+ throw new CertificateException(
-+ "Server Cert Changed != TRUSTALL.");
++ "Server Cert Chain != TRUSTALL Cert Chain.");
+ }
-+ dbg("ONE: trustallCerts[0] matches certs[0]");
++ dbg("ONE: trustallCerts[i] matches certs[i] i=0:" + (certs.length-1));
+ }
+ }
+ };
@@ -4498,7 +4483,7 @@ diff -Naur JavaViewer.orig/VncCanvas.java JavaViewer/VncCanvas.java
result = 0; // Transparent pixel
diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
--- JavaViewer.orig/VncViewer.java 2006-05-24 15:14:40.000000000 -0400
-+++ JavaViewer/VncViewer.java 2009-06-19 10:31:23.000000000 -0400
++++ JavaViewer/VncViewer.java 2010-02-22 21:58:51.000000000 -0500
@@ -80,11 +80,11 @@
GridBagLayout gridbag;
ButtonPanel buttonPanel;
@@ -4522,7 +4507,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
String passwordParam;
String encPasswordParam;
boolean showControls;
-@@ -115,28 +115,70 @@
+@@ -115,28 +115,71 @@
int i;
// mslogon support 2 end
@@ -4540,6 +4525,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
+boolean ignoreProxy;
+boolean trustAllVncCerts;
+boolean trustUrlVncCert;
++boolean debugCerts;
+
+boolean ignoreMSLogonCheck;
+boolean delayAuthPanel;
@@ -4599,7 +4585,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
// authenticator = new AuthPanel(false); // mslogon support : go to connectAndAuthenticate()
if (RecordingFrame.checkSecurity())
rec = new RecordingFrame(this);
-@@ -147,10 +189,11 @@
+@@ -147,10 +190,11 @@
cursorUpdatesDef = null;
eightBitColorsDef = null;
@@ -4613,7 +4599,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
rfbThread = new Thread(this);
rfbThread.start();
}
-@@ -186,6 +229,30 @@
+@@ -186,6 +230,30 @@
gbc.weightx = 1.0;
gbc.weighty = 1.0;
@@ -4644,7 +4630,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
// Add ScrollPanel to applet mode
// Create a panel which itself is resizeable and can hold
-@@ -286,6 +353,24 @@
+@@ -286,6 +354,24 @@
void connectAndAuthenticate() throws Exception {
@@ -4669,7 +4655,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
// If "ENCPASSWORD" parameter is set, decrypt the password into
// the passwordParam string.
-@@ -336,7 +421,22 @@
+@@ -336,7 +422,22 @@
//
@@ -4693,7 +4679,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
authenticator = new AuthPanel(mslogon);
-@@ -390,6 +490,10 @@
+@@ -390,6 +491,10 @@
break;
//mslogon support end
@@ -4704,7 +4690,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
// Retry on authentication failure.
authenticator.retry();
}
-@@ -405,9 +509,11 @@
+@@ -405,9 +510,11 @@
void prologueDetectAuthProtocol() throws Exception {
@@ -4718,7 +4704,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
System.out.println("RFB server supports protocol version " +
rfb.serverMajor + "." + rfb.serverMinor);
-@@ -431,16 +537,36 @@
+@@ -431,16 +538,36 @@
boolean tryAuthenticate(String us, String pw) throws Exception {
@@ -4761,7 +4747,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
switch (authScheme) {
-@@ -629,6 +755,10 @@
+@@ -629,6 +756,10 @@
void doProtocolInitialisation() throws IOException {
@@ -4772,7 +4758,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
rfb.writeClientInit();
rfb.readServerInit();
-@@ -775,8 +905,25 @@
+@@ -775,8 +906,25 @@
}
}
@@ -4800,7 +4786,7 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
if (inAnApplet) {
str = readParameter("Open New Window", false);
-@@ -804,6 +951,133 @@
+@@ -804,6 +952,138 @@
deferScreenUpdates = readIntParameter("Defer screen updates", 20);
deferCursorUpdates = readIntParameter("Defer cursor updates", 10);
deferUpdateRequests = readIntParameter("Defer update requests", 50);
@@ -4905,6 +4891,11 @@ diff -Naur JavaViewer.orig/VncViewer.java JavaViewer/VncViewer.java
+ if (str != null && str.equalsIgnoreCase("Yes")) {
+ trustUrlVncCert = true;
+ }
++ debugCerts = false;
++ str = readParameter("debugCerts", false);
++ if (str != null && str.equalsIgnoreCase("Yes")) {
++ debugCerts = true;
++ }
+ ignoreMSLogonCheck = false;
+ str = readParameter("ignoreMSLogonCheck", false);
+ if (str != null && str.equalsIgnoreCase("Yes")) {