search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
pc-dimm: add busy slot check and slot auto-allocation
[qemu/ar7.git] / ui / vnc.c
blob1684206184a22c5d9e1f0a69542e78b78a7aad31
1 /*
2 * QEMU VNC display driver
3 *
4 * Copyright (C) 2006 Anthony Liguori <anthony@codemonkey.ws>
5 * Copyright (C) 2006 Fabrice Bellard
6 * Copyright (C) 2009 Red Hat, Inc
7 *
8 * Permission is hereby granted, free of charge, to any person obtaining a copy
9 * of this software and associated documentation files (the "Software"), to deal
10 * in the Software without restriction, including without limitation the rights
11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
12 * copies of the Software, and to permit persons to whom the Software is
13 * furnished to do so, subject to the following conditions:
14 *
15 * The above copyright notice and this permission notice shall be included in
16 * all copies or substantial portions of the Software.
17 *
18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
21 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
24 * THE SOFTWARE.
25 */
26
27 #include "vnc.h"
28 #include "vnc-jobs.h"
29 #include "trace.h"
30 #include "sysemu/sysemu.h"
31 #include "qemu/sockets.h"
32 #include "qemu/timer.h"
33 #include "qemu/acl.h"
34 #include "qapi/qmp/types.h"
35 #include "qmp-commands.h"
36 #include "qemu/osdep.h"
37 #include "ui/input.h"
38
39 #define VNC_REFRESH_INTERVAL_BASE GUI_REFRESH_INTERVAL_DEFAULT
40 #define VNC_REFRESH_INTERVAL_INC 50
41 #define VNC_REFRESH_INTERVAL_MAX GUI_REFRESH_INTERVAL_IDLE
42 static const struct timeval VNC_REFRESH_STATS = { 0, 500000 };
43 static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 };
44
45 #include "vnc_keysym.h"
46 #include "d3des.h"
47
48 static VncDisplay *vnc_display; /* needed for info vnc */
49
50 static int vnc_cursor_define(VncState *vs);
51 static void vnc_release_modifiers(VncState *vs);
52
53 static void vnc_set_share_mode(VncState *vs, VncShareMode mode)
54 {
55 #ifdef _VNC_DEBUG
56 static const char *mn[] = {
57 [0] = "undefined",
58 [VNC_SHARE_MODE_CONNECTING] = "connecting",
59 [VNC_SHARE_MODE_SHARED] = "shared",
60 [VNC_SHARE_MODE_EXCLUSIVE] = "exclusive",
61 [VNC_SHARE_MODE_DISCONNECTED] = "disconnected",
62 };
63 fprintf(stderr, "%s/%d: %s -> %s\n", __func__,
64 vs->csock, mn[vs->share_mode], mn[mode]);
65 #endif
66
67 if (vs->share_mode == VNC_SHARE_MODE_EXCLUSIVE) {
68 vs->vd->num_exclusive--;
69 }
70 vs->share_mode = mode;
71 if (vs->share_mode == VNC_SHARE_MODE_EXCLUSIVE) {
72 vs->vd->num_exclusive++;
73 }
74 }
75
76 static char *addr_to_string(const char *format,
77 struct sockaddr_storage *sa,
78 socklen_t salen) {
79 char *addr;
80 char host[NI_MAXHOST];
81 char serv[NI_MAXSERV];
82 int err;
83 size_t addrlen;
84
85 if ((err = getnameinfo((struct sockaddr *)sa, salen,
86 host, sizeof(host),
87 serv, sizeof(serv),
88 NI_NUMERICHOST | NI_NUMERICSERV)) != 0) {
89 VNC_DEBUG("Cannot resolve address %d: %s\n",
90 err, gai_strerror(err));
91 return NULL;
92 }
93
94 /* Enough for the existing format + the 2 vars we're
95 * substituting in. */
96 addrlen = strlen(format) + strlen(host) + strlen(serv);
97 addr = g_malloc(addrlen + 1);
98 snprintf(addr, addrlen, format, host, serv);
99 addr[addrlen] = '\0';
100
101 return addr;
102 }
103
104
105 char *vnc_socket_local_addr(const char *format, int fd) {
106 struct sockaddr_storage sa;
107 socklen_t salen;
108
109 salen = sizeof(sa);
110 if (getsockname(fd, (struct sockaddr*)&sa, &salen) < 0)
111 return NULL;
112
113 return addr_to_string(format, &sa, salen);
114 }
115
116 char *vnc_socket_remote_addr(const char *format, int fd) {
117 struct sockaddr_storage sa;
118 socklen_t salen;
119
120 salen = sizeof(sa);
121 if (getpeername(fd, (struct sockaddr*)&sa, &salen) < 0)
122 return NULL;
123
124 return addr_to_string(format, &sa, salen);
125 }
126
127 static int put_addr_qdict(QDict *qdict, struct sockaddr_storage *sa,
128 socklen_t salen)
129 {
130 char host[NI_MAXHOST];
131 char serv[NI_MAXSERV];
132 int err;
133
134 if ((err = getnameinfo((struct sockaddr *)sa, salen,
135 host, sizeof(host),
136 serv, sizeof(serv),
137 NI_NUMERICHOST | NI_NUMERICSERV)) != 0) {
138 VNC_DEBUG("Cannot resolve address %d: %s\n",
139 err, gai_strerror(err));
140 return -1;
141 }
142
143 qdict_put(qdict, "host", qstring_from_str(host));
144 qdict_put(qdict, "service", qstring_from_str(serv));
145 qdict_put(qdict, "family",qstring_from_str(inet_strfamily(sa->ss_family)));
146
147 return 0;
148 }
149
150 static int vnc_server_addr_put(QDict *qdict, int fd)
151 {
152 struct sockaddr_storage sa;
153 socklen_t salen;
154
155 salen = sizeof(sa);
156 if (getsockname(fd, (struct sockaddr*)&sa, &salen) < 0) {
157 return -1;
158 }
159
160 return put_addr_qdict(qdict, &sa, salen);
161 }
162
163 static int vnc_qdict_remote_addr(QDict *qdict, int fd)
164 {
165 struct sockaddr_storage sa;
166 socklen_t salen;
167
168 salen = sizeof(sa);
169 if (getpeername(fd, (struct sockaddr*)&sa, &salen) < 0) {
170 return -1;
171 }
172
173 return put_addr_qdict(qdict, &sa, salen);
174 }
175
176 static const char *vnc_auth_name(VncDisplay *vd) {
177 switch (vd->auth) {
178 case VNC_AUTH_INVALID:
179 return "invalid";
180 case VNC_AUTH_NONE:
181 return "none";
182 case VNC_AUTH_VNC:
183 return "vnc";
184 case VNC_AUTH_RA2:
185 return "ra2";
186 case VNC_AUTH_RA2NE:
187 return "ra2ne";
188 case VNC_AUTH_TIGHT:
189 return "tight";
190 case VNC_AUTH_ULTRA:
191 return "ultra";
192 case VNC_AUTH_TLS:
193 return "tls";
194 case VNC_AUTH_VENCRYPT:
195 #ifdef CONFIG_VNC_TLS
196 switch (vd->subauth) {
197 case VNC_AUTH_VENCRYPT_PLAIN:
198 return "vencrypt+plain";
199 case VNC_AUTH_VENCRYPT_TLSNONE:
200 return "vencrypt+tls+none";
201 case VNC_AUTH_VENCRYPT_TLSVNC:
202 return "vencrypt+tls+vnc";
203 case VNC_AUTH_VENCRYPT_TLSPLAIN:
204 return "vencrypt+tls+plain";
205 case VNC_AUTH_VENCRYPT_X509NONE:
206 return "vencrypt+x509+none";
207 case VNC_AUTH_VENCRYPT_X509VNC:
208 return "vencrypt+x509+vnc";
209 case VNC_AUTH_VENCRYPT_X509PLAIN:
210 return "vencrypt+x509+plain";
211 case VNC_AUTH_VENCRYPT_TLSSASL:
212 return "vencrypt+tls+sasl";
213 case VNC_AUTH_VENCRYPT_X509SASL:
214 return "vencrypt+x509+sasl";
215 default:
216 return "vencrypt";
217 }
218 #else
219 return "vencrypt";
220 #endif
221 case VNC_AUTH_SASL:
222 return "sasl";
223 }
224 return "unknown";
225 }
226
227 static int vnc_server_info_put(QDict *qdict)
228 {
229 if (vnc_server_addr_put(qdict, vnc_display->lsock) < 0) {
230 return -1;
231 }
232
233 qdict_put(qdict, "auth", qstring_from_str(vnc_auth_name(vnc_display)));
234 return 0;
235 }
236
237 static void vnc_client_cache_auth(VncState *client)
238 {
239 #if defined(CONFIG_VNC_TLS) || defined(CONFIG_VNC_SASL)
240 QDict *qdict;
241 #endif
242
243 if (!client->info) {
244 return;
245 }
246
247 #if defined(CONFIG_VNC_TLS) || defined(CONFIG_VNC_SASL)
248 qdict = qobject_to_qdict(client->info);
249 #endif
250
251 #ifdef CONFIG_VNC_TLS
252 if (client->tls.session &&
253 client->tls.dname) {
254 qdict_put(qdict, "x509_dname", qstring_from_str(client->tls.dname));
255 }
256 #endif
257 #ifdef CONFIG_VNC_SASL
258 if (client->sasl.conn &&
259 client->sasl.username) {
260 qdict_put(qdict, "sasl_username",
261 qstring_from_str(client->sasl.username));
262 }
263 #endif
264 }
265
266 static void vnc_client_cache_addr(VncState *client)
267 {
268 QDict *qdict;
269
270 qdict = qdict_new();
271 if (vnc_qdict_remote_addr(qdict, client->csock) < 0) {
272 QDECREF(qdict);
273 /* XXX: how to report the error? */
274 return;
275 }
276
277 client->info = QOBJECT(qdict);
278 }
279
280 static void vnc_qmp_event(VncState *vs, MonitorEvent event)
281 {
282 QDict *server;
283 QObject *data;
284
285 if (!vs->info) {
286 return;
287 }
288
289 server = qdict_new();
290 if (vnc_server_info_put(server) < 0) {
291 QDECREF(server);
292 return;
293 }
294
295 data = qobject_from_jsonf("{ 'client': %p, 'server': %p }",
296 vs->info, QOBJECT(server));
297
298 monitor_protocol_event(event, data);
299
300 qobject_incref(vs->info);
301 qobject_decref(data);
302 }
303
304 static VncClientInfo *qmp_query_vnc_client(const VncState *client)
305 {
306 struct sockaddr_storage sa;
307 socklen_t salen = sizeof(sa);
308 char host[NI_MAXHOST];
309 char serv[NI_MAXSERV];
310 VncClientInfo *info;
311
312 if (getpeername(client->csock, (struct sockaddr *)&sa, &salen) < 0) {
313 return NULL;
314 }
315
316 if (getnameinfo((struct sockaddr *)&sa, salen,
317 host, sizeof(host),
318 serv, sizeof(serv),
319 NI_NUMERICHOST | NI_NUMERICSERV) < 0) {
320 return NULL;
321 }
322
323 info = g_malloc0(sizeof(*info));
324 info->host = g_strdup(host);
325 info->service = g_strdup(serv);
326 info->family = g_strdup(inet_strfamily(sa.ss_family));
327
328 #ifdef CONFIG_VNC_TLS
329 if (client->tls.session && client->tls.dname) {
330 info->has_x509_dname = true;
331 info->x509_dname = g_strdup(client->tls.dname);
332 }
333 #endif
334 #ifdef CONFIG_VNC_SASL
335 if (client->sasl.conn && client->sasl.username) {
336 info->has_sasl_username = true;
337 info->sasl_username = g_strdup(client->sasl.username);
338 }
339 #endif
340
341 return info;
342 }
343
344 VncInfo *qmp_query_vnc(Error **errp)
345 {
346 VncInfo *info = g_malloc0(sizeof(*info));
347
348 if (vnc_display == NULL || vnc_display->display == NULL) {
349 info->enabled = false;
350 } else {
351 VncClientInfoList *cur_item = NULL;
352 struct sockaddr_storage sa;
353 socklen_t salen = sizeof(sa);
354 char host[NI_MAXHOST];
355 char serv[NI_MAXSERV];
356 VncState *client;
357
358 info->enabled = true;
359
360 /* for compatibility with the original command */
361 info->has_clients = true;
362
363 QTAILQ_FOREACH(client, &vnc_display->clients, next) {
364 VncClientInfoList *cinfo = g_malloc0(sizeof(*info));
365 cinfo->value = qmp_query_vnc_client(client);
366
367 /* XXX: waiting for the qapi to support GSList */
368 if (!cur_item) {
369 info->clients = cur_item = cinfo;
370 } else {
371 cur_item->next = cinfo;
372 cur_item = cinfo;
373 }
374 }
375
376 if (vnc_display->lsock == -1) {
377 return info;
378 }
379
380 if (getsockname(vnc_display->lsock, (struct sockaddr *)&sa,
381 &salen) == -1) {
382 error_set(errp, QERR_UNDEFINED_ERROR);
383 goto out_error;
384 }
385
386 if (getnameinfo((struct sockaddr *)&sa, salen,
387 host, sizeof(host),
388 serv, sizeof(serv),
389 NI_NUMERICHOST | NI_NUMERICSERV) < 0) {
390 error_set(errp, QERR_UNDEFINED_ERROR);
391 goto out_error;
392 }
393
394 info->has_host = true;
395 info->host = g_strdup(host);
396
397 info->has_service = true;
398 info->service = g_strdup(serv);
399
400 info->has_family = true;
401 info->family = g_strdup(inet_strfamily(sa.ss_family));
402
403 info->has_auth = true;
404 info->auth = g_strdup(vnc_auth_name(vnc_display));
405 }
406
407 return info;
408
409 out_error:
410 qapi_free_VncInfo(info);
411 return NULL;
412 }
413
414 /* TODO
415 1) Get the queue working for IO.
416 2) there is some weirdness when using the -S option (the screen is grey
417 and not totally invalidated
418 3) resolutions > 1024
419 */
420
421 static int vnc_update_client(VncState *vs, int has_dirty, bool sync);
422 static void vnc_disconnect_start(VncState *vs);
423
424 static void vnc_colordepth(VncState *vs);
425 static void framebuffer_update_request(VncState *vs, int incremental,
426 int x_position, int y_position,
427 int w, int h);
428 static void vnc_refresh(DisplayChangeListener *dcl);
429 static int vnc_refresh_server_surface(VncDisplay *vd);
430
431 static void vnc_dpy_update(DisplayChangeListener *dcl,
432 int x, int y, int w, int h)
433 {
434 VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
435 struct VncSurface *s = &vd->guest;
436 int width = surface_width(vd->ds);
437 int height = surface_height(vd->ds);
438
439 /* this is needed this to ensure we updated all affected
440 * blocks if x % VNC_DIRTY_PIXELS_PER_BIT != 0 */
441 w += (x % VNC_DIRTY_PIXELS_PER_BIT);
442 x -= (x % VNC_DIRTY_PIXELS_PER_BIT);
443
444 x = MIN(x, width);
445 y = MIN(y, height);
446 w = MIN(x + w, width) - x;
447 h = MIN(y + h, height);
448
449 for (; y < h; y++) {
450 bitmap_set(s->dirty[y], x / VNC_DIRTY_PIXELS_PER_BIT,
451 DIV_ROUND_UP(w, VNC_DIRTY_PIXELS_PER_BIT));
452 }
453 }
454
455 void vnc_framebuffer_update(VncState *vs, int x, int y, int w, int h,
456 int32_t encoding)
457 {
458 vnc_write_u16(vs, x);
459 vnc_write_u16(vs, y);
460 vnc_write_u16(vs, w);
461 vnc_write_u16(vs, h);
462
463 vnc_write_s32(vs, encoding);
464 }
465
466 void buffer_reserve(Buffer *buffer, size_t len)
467 {
468 if ((buffer->capacity - buffer->offset) < len) {
469 buffer->capacity += (len + 1024);
470 buffer->buffer = g_realloc(buffer->buffer, buffer->capacity);
471 if (buffer->buffer == NULL) {
472 fprintf(stderr, "vnc: out of memory\n");
473 exit(1);
474 }
475 }
476 }
477
478 static int buffer_empty(Buffer *buffer)
479 {
480 return buffer->offset == 0;
481 }
482
483 uint8_t *buffer_end(Buffer *buffer)
484 {
485 return buffer->buffer + buffer->offset;
486 }
487
488 void buffer_reset(Buffer *buffer)
489 {
490 buffer->offset = 0;
491 }
492
493 void buffer_free(Buffer *buffer)
494 {
495 g_free(buffer->buffer);
496 buffer->offset = 0;
497 buffer->capacity = 0;
498 buffer->buffer = NULL;
499 }
500
501 void buffer_append(Buffer *buffer, const void *data, size_t len)
502 {
503 memcpy(buffer->buffer + buffer->offset, data, len);
504 buffer->offset += len;
505 }
506
507 void buffer_advance(Buffer *buf, size_t len)
508 {
509 memmove(buf->buffer, buf->buffer + len,
510 (buf->offset - len));
511 buf->offset -= len;
512 }
513
514 static void vnc_desktop_resize(VncState *vs)
515 {
516 DisplaySurface *ds = vs->vd->ds;
517
518 if (vs->csock == -1 || !vnc_has_feature(vs, VNC_FEATURE_RESIZE)) {
519 return;
520 }
521 if (vs->client_width == surface_width(ds) &&
522 vs->client_height == surface_height(ds)) {
523 return;
524 }
525 vs->client_width = surface_width(ds);
526 vs->client_height = surface_height(ds);
527 vnc_lock_output(vs);
528 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
529 vnc_write_u8(vs, 0);
530 vnc_write_u16(vs, 1); /* number of rects */
531 vnc_framebuffer_update(vs, 0, 0, vs->client_width, vs->client_height,
532 VNC_ENCODING_DESKTOPRESIZE);
533 vnc_unlock_output(vs);
534 vnc_flush(vs);
535 }
536
537 static void vnc_abort_display_jobs(VncDisplay *vd)
538 {
539 VncState *vs;
540
541 QTAILQ_FOREACH(vs, &vd->clients, next) {
542 vnc_lock_output(vs);
543 vs->abort = true;
544 vnc_unlock_output(vs);
545 }
546 QTAILQ_FOREACH(vs, &vd->clients, next) {
547 vnc_jobs_join(vs);
548 }
549 QTAILQ_FOREACH(vs, &vd->clients, next) {
550 vnc_lock_output(vs);
551 vs->abort = false;
552 vnc_unlock_output(vs);
553 }
554 }
555
556 int vnc_server_fb_stride(VncDisplay *vd)
557 {
558 return pixman_image_get_stride(vd->server);
559 }
560
561 void *vnc_server_fb_ptr(VncDisplay *vd, int x, int y)
562 {
563 uint8_t *ptr;
564
565 ptr = (uint8_t *)pixman_image_get_data(vd->server);
566 ptr += y * vnc_server_fb_stride(vd);
567 ptr += x * VNC_SERVER_FB_BYTES;
568 return ptr;
569 }
570 /* this sets only the visible pixels of a dirty bitmap */
571 #define VNC_SET_VISIBLE_PIXELS_DIRTY(bitmap, w, h) {\
572 int y;\
573 memset(bitmap, 0x00, sizeof(bitmap));\
574 for (y = 0; y < h; y++) {\
575 bitmap_set(bitmap[y], 0,\
576 DIV_ROUND_UP(w, VNC_DIRTY_PIXELS_PER_BIT));\
577 } \
578 }
579
580 static void vnc_dpy_switch(DisplayChangeListener *dcl,
581 DisplaySurface *surface)
582 {
583 VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
584 VncState *vs;
585
586 vnc_abort_display_jobs(vd);
587
588 /* server surface */
589 qemu_pixman_image_unref(vd->server);
590 vd->ds = surface;
591 vd->server = pixman_image_create_bits(VNC_SERVER_FB_FORMAT,
592 surface_width(vd->ds),
593 surface_height(vd->ds),
594 NULL, 0);
595
596 /* guest surface */
597 #if 0 /* FIXME */
598 if (ds_get_bytes_per_pixel(ds) != vd->guest.ds->pf.bytes_per_pixel)
599 console_color_init(ds);
600 #endif
601 qemu_pixman_image_unref(vd->guest.fb);
602 vd->guest.fb = pixman_image_ref(surface->image);
603 vd->guest.format = surface->format;
604 VNC_SET_VISIBLE_PIXELS_DIRTY(vd->guest.dirty,
605 surface_width(vd->ds),
606 surface_height(vd->ds));
607
608 QTAILQ_FOREACH(vs, &vd->clients, next) {
609 vnc_colordepth(vs);
610 vnc_desktop_resize(vs);
611 if (vs->vd->cursor) {
612 vnc_cursor_define(vs);
613 }
614 VNC_SET_VISIBLE_PIXELS_DIRTY(vs->dirty,
615 surface_width(vd->ds),
616 surface_height(vd->ds));
617 }
618 }
619
620 /* fastest code */
621 static void vnc_write_pixels_copy(VncState *vs,
622 void *pixels, int size)
623 {
624 vnc_write(vs, pixels, size);
625 }
626
627 /* slowest but generic code. */
628 void vnc_convert_pixel(VncState *vs, uint8_t *buf, uint32_t v)
629 {
630 uint8_t r, g, b;
631
632 #if VNC_SERVER_FB_FORMAT == PIXMAN_FORMAT(32, PIXMAN_TYPE_ARGB, 0, 8, 8, 8)
633 r = (((v & 0x00ff0000) >> 16) << vs->client_pf.rbits) >> 8;
634 g = (((v & 0x0000ff00) >> 8) << vs->client_pf.gbits) >> 8;
635 b = (((v & 0x000000ff) >> 0) << vs->client_pf.bbits) >> 8;
636 #else
637 # error need some bits here if you change VNC_SERVER_FB_FORMAT
638 #endif
639 v = (r << vs->client_pf.rshift) |
640 (g << vs->client_pf.gshift) |
641 (b << vs->client_pf.bshift);
642 switch (vs->client_pf.bytes_per_pixel) {
643 case 1:
644 buf[0] = v;
645 break;
646 case 2:
647 if (vs->client_be) {
648 buf[0] = v >> 8;
649 buf[1] = v;
650 } else {
651 buf[1] = v >> 8;
652 buf[0] = v;
653 }
654 break;
655 default:
656 case 4:
657 if (vs->client_be) {
658 buf[0] = v >> 24;
659 buf[1] = v >> 16;
660 buf[2] = v >> 8;
661 buf[3] = v;
662 } else {
663 buf[3] = v >> 24;
664 buf[2] = v >> 16;
665 buf[1] = v >> 8;
666 buf[0] = v;
667 }
668 break;
669 }
670 }
671
672 static void vnc_write_pixels_generic(VncState *vs,
673 void *pixels1, int size)
674 {
675 uint8_t buf[4];
676
677 if (VNC_SERVER_FB_BYTES == 4) {
678 uint32_t *pixels = pixels1;
679 int n, i;
680 n = size >> 2;
681 for (i = 0; i < n; i++) {
682 vnc_convert_pixel(vs, buf, pixels[i]);
683 vnc_write(vs, buf, vs->client_pf.bytes_per_pixel);
684 }
685 }
686 }
687
688 int vnc_raw_send_framebuffer_update(VncState *vs, int x, int y, int w, int h)
689 {
690 int i;
691 uint8_t *row;
692 VncDisplay *vd = vs->vd;
693
694 row = vnc_server_fb_ptr(vd, x, y);
695 for (i = 0; i < h; i++) {
696 vs->write_pixels(vs, row, w * VNC_SERVER_FB_BYTES);
697 row += vnc_server_fb_stride(vd);
698 }
699 return 1;
700 }
701
702 int vnc_send_framebuffer_update(VncState *vs, int x, int y, int w, int h)
703 {
704 int n = 0;
705
706 switch(vs->vnc_encoding) {
707 case VNC_ENCODING_ZLIB:
708 n = vnc_zlib_send_framebuffer_update(vs, x, y, w, h);
709 break;
710 case VNC_ENCODING_HEXTILE:
711 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_HEXTILE);
712 n = vnc_hextile_send_framebuffer_update(vs, x, y, w, h);
713 break;
714 case VNC_ENCODING_TIGHT:
715 n = vnc_tight_send_framebuffer_update(vs, x, y, w, h);
716 break;
717 case VNC_ENCODING_TIGHT_PNG:
718 n = vnc_tight_png_send_framebuffer_update(vs, x, y, w, h);
719 break;
720 case VNC_ENCODING_ZRLE:
721 n = vnc_zrle_send_framebuffer_update(vs, x, y, w, h);
722 break;
723 case VNC_ENCODING_ZYWRLE:
724 n = vnc_zywrle_send_framebuffer_update(vs, x, y, w, h);
725 break;
726 default:
727 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_RAW);
728 n = vnc_raw_send_framebuffer_update(vs, x, y, w, h);
729 break;
730 }
731 return n;
732 }
733
734 static void vnc_copy(VncState *vs, int src_x, int src_y, int dst_x, int dst_y, int w, int h)
735 {
736 /* send bitblit op to the vnc client */
737 vnc_lock_output(vs);
738 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
739 vnc_write_u8(vs, 0);
740 vnc_write_u16(vs, 1); /* number of rects */
741 vnc_framebuffer_update(vs, dst_x, dst_y, w, h, VNC_ENCODING_COPYRECT);
742 vnc_write_u16(vs, src_x);
743 vnc_write_u16(vs, src_y);
744 vnc_unlock_output(vs);
745 vnc_flush(vs);
746 }
747
748 static void vnc_dpy_copy(DisplayChangeListener *dcl,
749 int src_x, int src_y,
750 int dst_x, int dst_y, int w, int h)
751 {
752 VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
753 VncState *vs, *vn;
754 uint8_t *src_row;
755 uint8_t *dst_row;
756 int i, x, y, pitch, inc, w_lim, s;
757 int cmp_bytes;
758
759 vnc_refresh_server_surface(vd);
760 QTAILQ_FOREACH_SAFE(vs, &vd->clients, next, vn) {
761 if (vnc_has_feature(vs, VNC_FEATURE_COPYRECT)) {
762 vs->force_update = 1;
763 vnc_update_client(vs, 1, true);
764 /* vs might be free()ed here */
765 }
766 }
767
768 /* do bitblit op on the local surface too */
769 pitch = vnc_server_fb_stride(vd);
770 src_row = vnc_server_fb_ptr(vd, src_x, src_y);
771 dst_row = vnc_server_fb_ptr(vd, dst_x, dst_y);
772 y = dst_y;
773 inc = 1;
774 if (dst_y > src_y) {
775 /* copy backwards */
776 src_row += pitch * (h-1);
777 dst_row += pitch * (h-1);
778 pitch = -pitch;
779 y = dst_y + h - 1;
780 inc = -1;
781 }
782 w_lim = w - (VNC_DIRTY_PIXELS_PER_BIT - (dst_x % VNC_DIRTY_PIXELS_PER_BIT));
783 if (w_lim < 0) {
784 w_lim = w;
785 } else {
786 w_lim = w - (w_lim % VNC_DIRTY_PIXELS_PER_BIT);
787 }
788 for (i = 0; i < h; i++) {
789 for (x = 0; x <= w_lim;
790 x += s, src_row += cmp_bytes, dst_row += cmp_bytes) {
791 if (x == w_lim) {
792 if ((s = w - w_lim) == 0)
793 break;
794 } else if (!x) {
795 s = (VNC_DIRTY_PIXELS_PER_BIT -
796 (dst_x % VNC_DIRTY_PIXELS_PER_BIT));
797 s = MIN(s, w_lim);
798 } else {
799 s = VNC_DIRTY_PIXELS_PER_BIT;
800 }
801 cmp_bytes = s * VNC_SERVER_FB_BYTES;
802 if (memcmp(src_row, dst_row, cmp_bytes) == 0)
803 continue;
804 memmove(dst_row, src_row, cmp_bytes);
805 QTAILQ_FOREACH(vs, &vd->clients, next) {
806 if (!vnc_has_feature(vs, VNC_FEATURE_COPYRECT)) {
807 set_bit(((x + dst_x) / VNC_DIRTY_PIXELS_PER_BIT),
808 vs->dirty[y]);
809 }
810 }
811 }
812 src_row += pitch - w * VNC_SERVER_FB_BYTES;
813 dst_row += pitch - w * VNC_SERVER_FB_BYTES;
814 y += inc;
815 }
816
817 QTAILQ_FOREACH(vs, &vd->clients, next) {
818 if (vnc_has_feature(vs, VNC_FEATURE_COPYRECT)) {
819 vnc_copy(vs, src_x, src_y, dst_x, dst_y, w, h);
820 }
821 }
822 }
823
824 static void vnc_mouse_set(DisplayChangeListener *dcl,
825 int x, int y, int visible)
826 {
827 /* can we ask the client(s) to move the pointer ??? */
828 }
829
830 static int vnc_cursor_define(VncState *vs)
831 {
832 QEMUCursor *c = vs->vd->cursor;
833 int isize;
834
835 if (vnc_has_feature(vs, VNC_FEATURE_RICH_CURSOR)) {
836 vnc_lock_output(vs);
837 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
838 vnc_write_u8(vs, 0); /* padding */
839 vnc_write_u16(vs, 1); /* # of rects */
840 vnc_framebuffer_update(vs, c->hot_x, c->hot_y, c->width, c->height,
841 VNC_ENCODING_RICH_CURSOR);
842 isize = c->width * c->height * vs->client_pf.bytes_per_pixel;
843 vnc_write_pixels_generic(vs, c->data, isize);
844 vnc_write(vs, vs->vd->cursor_mask, vs->vd->cursor_msize);
845 vnc_unlock_output(vs);
846 return 0;
847 }
848 return -1;
849 }
850
851 static void vnc_dpy_cursor_define(DisplayChangeListener *dcl,
852 QEMUCursor *c)
853 {
854 VncDisplay *vd = vnc_display;
855 VncState *vs;
856
857 cursor_put(vd->cursor);
858 g_free(vd->cursor_mask);
859
860 vd->cursor = c;
861 cursor_get(vd->cursor);
862 vd->cursor_msize = cursor_get_mono_bpl(c) * c->height;
863 vd->cursor_mask = g_malloc0(vd->cursor_msize);
864 cursor_get_mono_mask(c, 0, vd->cursor_mask);
865
866 QTAILQ_FOREACH(vs, &vd->clients, next) {
867 vnc_cursor_define(vs);
868 }
869 }
870
871 static int find_and_clear_dirty_height(struct VncState *vs,
872 int y, int last_x, int x, int height)
873 {
874 int h;
875
876 for (h = 1; h < (height - y); h++) {
877 if (!test_bit(last_x, vs->dirty[y + h])) {
878 break;
879 }
880 bitmap_clear(vs->dirty[y + h], last_x, x - last_x);
881 }
882
883 return h;
884 }
885
886 static int vnc_update_client(VncState *vs, int has_dirty, bool sync)
887 {
888 if (vs->need_update && vs->csock != -1) {
889 VncDisplay *vd = vs->vd;
890 VncJob *job;
891 int y;
892 int height, width;
893 int n = 0;
894
895 if (vs->output.offset && !vs->audio_cap && !vs->force_update)
896 /* kernel send buffers are full -> drop frames to throttle */
897 return 0;
898
899 if (!has_dirty && !vs->audio_cap && !vs->force_update)
900 return 0;
901
902 /*
903 * Send screen updates to the vnc client using the server
904 * surface and server dirty map. guest surface updates
905 * happening in parallel don't disturb us, the next pass will
906 * send them to the client.
907 */
908 job = vnc_job_new(vs);
909
910 height = MIN(pixman_image_get_height(vd->server), vs->client_height);
911 width = MIN(pixman_image_get_width(vd->server), vs->client_width);
912
913 y = 0;
914 for (;;) {
915 int x, h;
916 unsigned long x2;
917 unsigned long offset = find_next_bit((unsigned long *) &vs->dirty,
918 height * VNC_DIRTY_BPL(vs),
919 y * VNC_DIRTY_BPL(vs));
920 if (offset == height * VNC_DIRTY_BPL(vs)) {
921 /* no more dirty bits */
922 break;
923 }
924 y = offset / VNC_DIRTY_BPL(vs);
925 x = offset % VNC_DIRTY_BPL(vs);
926 x2 = find_next_zero_bit((unsigned long *) &vs->dirty[y],
927 VNC_DIRTY_BPL(vs), x);
928 bitmap_clear(vs->dirty[y], x, x2 - x);
929 h = find_and_clear_dirty_height(vs, y, x, x2, height);
930 x2 = MIN(x2, width / VNC_DIRTY_PIXELS_PER_BIT);
931 if (x2 > x) {
932 n += vnc_job_add_rect(job, x * VNC_DIRTY_PIXELS_PER_BIT, y,
933 (x2 - x) * VNC_DIRTY_PIXELS_PER_BIT, h);
934 }
935 }
936
937 vnc_job_push(job);
938 vs->force_update = 0;
939 return n;
940 }
941
942 if (vs->csock == -1) {
943 vnc_disconnect_finish(vs);
944 } else if (sync) {
945 vnc_jobs_join(vs);
946 }
947
948 return 0;
949 }
950
951 /* audio */
952 static void audio_capture_notify(void *opaque, audcnotification_e cmd)
953 {
954 VncState *vs = opaque;
955
956 switch (cmd) {
957 case AUD_CNOTIFY_DISABLE:
958 vnc_lock_output(vs);
959 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU);
960 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO);
961 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_END);
962 vnc_unlock_output(vs);
963 vnc_flush(vs);
964 break;
965
966 case AUD_CNOTIFY_ENABLE:
967 vnc_lock_output(vs);
968 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU);
969 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO);
970 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_BEGIN);
971 vnc_unlock_output(vs);
972 vnc_flush(vs);
973 break;
974 }
975 }
976
977 static void audio_capture_destroy(void *opaque)
978 {
979 }
980
981 static void audio_capture(void *opaque, void *buf, int size)
982 {
983 VncState *vs = opaque;
984
985 vnc_lock_output(vs);
986 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU);
987 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO);
988 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_DATA);
989 vnc_write_u32(vs, size);
990 vnc_write(vs, buf, size);
991 vnc_unlock_output(vs);
992 vnc_flush(vs);
993 }
994
995 static void audio_add(VncState *vs)
996 {
997 struct audio_capture_ops ops;
998
999 if (vs->audio_cap) {
1000 error_report("audio already running");
1001 return;
1002 }
1003
1004 ops.notify = audio_capture_notify;
1005 ops.destroy = audio_capture_destroy;
1006 ops.capture = audio_capture;
1007
1008 vs->audio_cap = AUD_add_capture(&vs->as, &ops, vs);
1009 if (!vs->audio_cap) {
1010 error_report("Failed to add audio capture");
1011 }
1012 }
1013
1014 static void audio_del(VncState *vs)
1015 {
1016 if (vs->audio_cap) {
1017 AUD_del_capture(vs->audio_cap, vs);
1018 vs->audio_cap = NULL;
1019 }
1020 }
1021
1022 static void vnc_disconnect_start(VncState *vs)
1023 {
1024 if (vs->csock == -1)
1025 return;
1026 vnc_set_share_mode(vs, VNC_SHARE_MODE_DISCONNECTED);
1027 qemu_set_fd_handler2(vs->csock, NULL, NULL, NULL, NULL);
1028 closesocket(vs->csock);
1029 vs->csock = -1;
1030 }
1031
1032 void vnc_disconnect_finish(VncState *vs)
1033 {
1034 int i;
1035
1036 vnc_jobs_join(vs); /* Wait encoding jobs */
1037
1038 vnc_lock_output(vs);
1039 vnc_qmp_event(vs, QEVENT_VNC_DISCONNECTED);
1040
1041 buffer_free(&vs->input);
1042 buffer_free(&vs->output);
1043 #ifdef CONFIG_VNC_WS
1044 buffer_free(&vs->ws_input);
1045 buffer_free(&vs->ws_output);
1046 #endif /* CONFIG_VNC_WS */
1047
1048 qobject_decref(vs->info);
1049
1050 vnc_zlib_clear(vs);
1051 vnc_tight_clear(vs);
1052 vnc_zrle_clear(vs);
1053
1054 #ifdef CONFIG_VNC_TLS
1055 vnc_tls_client_cleanup(vs);
1056 #endif /* CONFIG_VNC_TLS */
1057 #ifdef CONFIG_VNC_SASL
1058 vnc_sasl_client_cleanup(vs);
1059 #endif /* CONFIG_VNC_SASL */
1060 audio_del(vs);
1061 vnc_release_modifiers(vs);
1062
1063 if (vs->initialized) {
1064 QTAILQ_REMOVE(&vs->vd->clients, vs, next);
1065 qemu_remove_mouse_mode_change_notifier(&vs->mouse_mode_notifier);
1066 }
1067
1068 if (vs->vd->lock_key_sync)
1069 qemu_remove_led_event_handler(vs->led);
1070 vnc_unlock_output(vs);
1071
1072 qemu_mutex_destroy(&vs->output_mutex);
1073 if (vs->bh != NULL) {
1074 qemu_bh_delete(vs->bh);
1075 }
1076 buffer_free(&vs->jobs_buffer);
1077
1078 for (i = 0; i < VNC_STAT_ROWS; ++i) {
1079 g_free(vs->lossy_rect[i]);
1080 }
1081 g_free(vs->lossy_rect);
1082 g_free(vs);
1083 }
1084
1085 int vnc_client_io_error(VncState *vs, int ret, int last_errno)
1086 {
1087 if (ret == 0 || ret == -1) {
1088 if (ret == -1) {
1089 switch (last_errno) {
1090 case EINTR:
1091 case EAGAIN:
1092 #ifdef _WIN32
1093 case WSAEWOULDBLOCK:
1094 #endif
1095 return 0;
1096 default:
1097 break;
1098 }
1099 }
1100
1101 VNC_DEBUG("Closing down client sock: ret %d, errno %d\n",
1102 ret, ret < 0 ? last_errno : 0);
1103 vnc_disconnect_start(vs);
1104
1105 return 0;
1106 }
1107 return ret;
1108 }
1109
1110
1111 void vnc_client_error(VncState *vs)
1112 {
1113 VNC_DEBUG("Closing down client sock: protocol error\n");
1114 vnc_disconnect_start(vs);
1115 }
1116
1117 #ifdef CONFIG_VNC_TLS
1118 static long vnc_client_write_tls(gnutls_session_t *session,
1119 const uint8_t *data,
1120 size_t datalen)
1121 {
1122 long ret = gnutls_write(*session, data, datalen);
1123 if (ret < 0) {
1124 if (ret == GNUTLS_E_AGAIN) {
1125 errno = EAGAIN;
1126 } else {
1127 errno = EIO;
1128 }
1129 ret = -1;
1130 }
1131 return ret;
1132 }
1133 #endif /* CONFIG_VNC_TLS */
1134
1135 /*
1136 * Called to write a chunk of data to the client socket. The data may
1137 * be the raw data, or may have already been encoded by SASL.
1138 * The data will be written either straight onto the socket, or
1139 * written via the GNUTLS wrappers, if TLS/SSL encryption is enabled
1140 *
1141 * NB, it is theoretically possible to have 2 layers of encryption,
1142 * both SASL, and this TLS layer. It is highly unlikely in practice
1143 * though, since SASL encryption will typically be a no-op if TLS
1144 * is active
1145 *
1146 * Returns the number of bytes written, which may be less than
1147 * the requested 'datalen' if the socket would block. Returns
1148 * -1 on error, and disconnects the client socket.
1149 */
1150 long vnc_client_write_buf(VncState *vs, const uint8_t *data, size_t datalen)
1151 {
1152 long ret;
1153 #ifdef CONFIG_VNC_TLS
1154 if (vs->tls.session) {
1155 ret = vnc_client_write_tls(&vs->tls.session, data, datalen);
1156 } else {
1157 #ifdef CONFIG_VNC_WS
1158 if (vs->ws_tls.session) {
1159 ret = vnc_client_write_tls(&vs->ws_tls.session, data, datalen);
1160 } else
1161 #endif /* CONFIG_VNC_WS */
1162 #endif /* CONFIG_VNC_TLS */
1163 {
1164 ret = send(vs->csock, (const void *)data, datalen, 0);
1165 }
1166 #ifdef CONFIG_VNC_TLS
1167 }
1168 #endif /* CONFIG_VNC_TLS */
1169 VNC_DEBUG("Wrote wire %p %zd -> %ld\n", data, datalen, ret);
1170 return vnc_client_io_error(vs, ret, socket_error());
1171 }
1172
1173
1174 /*
1175 * Called to write buffered data to the client socket, when not
1176 * using any SASL SSF encryption layers. Will write as much data
1177 * as possible without blocking. If all buffered data is written,
1178 * will switch the FD poll() handler back to read monitoring.
1179 *
1180 * Returns the number of bytes written, which may be less than
1181 * the buffered output data if the socket would block. Returns
1182 * -1 on error, and disconnects the client socket.
1183 */
1184 static long vnc_client_write_plain(VncState *vs)
1185 {
1186 long ret;
1187
1188 #ifdef CONFIG_VNC_SASL
1189 VNC_DEBUG("Write Plain: Pending output %p size %zd offset %zd. Wait SSF %d\n",
1190 vs->output.buffer, vs->output.capacity, vs->output.offset,
1191 vs->sasl.waitWriteSSF);
1192
1193 if (vs->sasl.conn &&
1194 vs->sasl.runSSF &&
1195 vs->sasl.waitWriteSSF) {
1196 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->sasl.waitWriteSSF);
1197 if (ret)
1198 vs->sasl.waitWriteSSF -= ret;
1199 } else
1200 #endif /* CONFIG_VNC_SASL */
1201 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->output.offset);
1202 if (!ret)
1203 return 0;
1204
1205 buffer_advance(&vs->output, ret);
1206
1207 if (vs->output.offset == 0) {
1208 qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, NULL, vs);
1209 }
1210
1211 return ret;
1212 }
1213
1214
1215 /*
1216 * First function called whenever there is data to be written to
1217 * the client socket. Will delegate actual work according to whether
1218 * SASL SSF layers are enabled (thus requiring encryption calls)
1219 */
1220 static void vnc_client_write_locked(void *opaque)
1221 {
1222 VncState *vs = opaque;
1223
1224 #ifdef CONFIG_VNC_SASL
1225 if (vs->sasl.conn &&
1226 vs->sasl.runSSF &&
1227 !vs->sasl.waitWriteSSF) {
1228 vnc_client_write_sasl(vs);
1229 } else
1230 #endif /* CONFIG_VNC_SASL */
1231 {
1232 #ifdef CONFIG_VNC_WS
1233 if (vs->encode_ws) {
1234 vnc_client_write_ws(vs);
1235 } else
1236 #endif /* CONFIG_VNC_WS */
1237 {
1238 vnc_client_write_plain(vs);
1239 }
1240 }
1241 }
1242
1243 void vnc_client_write(void *opaque)
1244 {
1245 VncState *vs = opaque;
1246
1247 vnc_lock_output(vs);
1248 if (vs->output.offset
1249 #ifdef CONFIG_VNC_WS
1250 || vs->ws_output.offset
1251 #endif
1252 ) {
1253 vnc_client_write_locked(opaque);
1254 } else if (vs->csock != -1) {
1255 qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, NULL, vs);
1256 }
1257 vnc_unlock_output(vs);
1258 }
1259
1260 void vnc_read_when(VncState *vs, VncReadEvent *func, size_t expecting)
1261 {
1262 vs->read_handler = func;
1263 vs->read_handler_expect = expecting;
1264 }
1265
1266 #ifdef CONFIG_VNC_TLS
1267 static long vnc_client_read_tls(gnutls_session_t *session, uint8_t *data,
1268 size_t datalen)
1269 {
1270 long ret = gnutls_read(*session, data, datalen);
1271 if (ret < 0) {
1272 if (ret == GNUTLS_E_AGAIN) {
1273 errno = EAGAIN;
1274 } else {
1275 errno = EIO;
1276 }
1277 ret = -1;
1278 }
1279 return ret;
1280 }
1281 #endif /* CONFIG_VNC_TLS */
1282
1283 /*
1284 * Called to read a chunk of data from the client socket. The data may
1285 * be the raw data, or may need to be further decoded by SASL.
1286 * The data will be read either straight from to the socket, or
1287 * read via the GNUTLS wrappers, if TLS/SSL encryption is enabled
1288 *
1289 * NB, it is theoretically possible to have 2 layers of encryption,
1290 * both SASL, and this TLS layer. It is highly unlikely in practice
1291 * though, since SASL encryption will typically be a no-op if TLS
1292 * is active
1293 *
1294 * Returns the number of bytes read, which may be less than
1295 * the requested 'datalen' if the socket would block. Returns
1296 * -1 on error, and disconnects the client socket.
1297 */
1298 long vnc_client_read_buf(VncState *vs, uint8_t *data, size_t datalen)
1299 {
1300 long ret;
1301 #ifdef CONFIG_VNC_TLS
1302 if (vs->tls.session) {
1303 ret = vnc_client_read_tls(&vs->tls.session, data, datalen);
1304 } else {
1305 #ifdef CONFIG_VNC_WS
1306 if (vs->ws_tls.session) {
1307 ret = vnc_client_read_tls(&vs->ws_tls.session, data, datalen);
1308 } else
1309 #endif /* CONFIG_VNC_WS */
1310 #endif /* CONFIG_VNC_TLS */
1311 {
1312 ret = qemu_recv(vs->csock, data, datalen, 0);
1313 }
1314 #ifdef CONFIG_VNC_TLS
1315 }
1316 #endif /* CONFIG_VNC_TLS */
1317 VNC_DEBUG("Read wire %p %zd -> %ld\n", data, datalen, ret);
1318 return vnc_client_io_error(vs, ret, socket_error());
1319 }
1320
1321
1322 /*
1323 * Called to read data from the client socket to the input buffer,
1324 * when not using any SASL SSF encryption layers. Will read as much
1325 * data as possible without blocking.
1326 *
1327 * Returns the number of bytes read. Returns -1 on error, and
1328 * disconnects the client socket.
1329 */
1330 static long vnc_client_read_plain(VncState *vs)
1331 {
1332 int ret;
1333 VNC_DEBUG("Read plain %p size %zd offset %zd\n",
1334 vs->input.buffer, vs->input.capacity, vs->input.offset);
1335 buffer_reserve(&vs->input, 4096);
1336 ret = vnc_client_read_buf(vs, buffer_end(&vs->input), 4096);
1337 if (!ret)
1338 return 0;
1339 vs->input.offset += ret;
1340 return ret;
1341 }
1342
1343 static void vnc_jobs_bh(void *opaque)
1344 {
1345 VncState *vs = opaque;
1346
1347 vnc_jobs_consume_buffer(vs);
1348 }
1349
1350 /*
1351 * First function called whenever there is more data to be read from
1352 * the client socket. Will delegate actual work according to whether
1353 * SASL SSF layers are enabled (thus requiring decryption calls)
1354 */
1355 void vnc_client_read(void *opaque)
1356 {
1357 VncState *vs = opaque;
1358 long ret;
1359
1360 #ifdef CONFIG_VNC_SASL
1361 if (vs->sasl.conn && vs->sasl.runSSF)
1362 ret = vnc_client_read_sasl(vs);
1363 else
1364 #endif /* CONFIG_VNC_SASL */
1365 #ifdef CONFIG_VNC_WS
1366 if (vs->encode_ws) {
1367 ret = vnc_client_read_ws(vs);
1368 if (ret == -1) {
1369 vnc_disconnect_start(vs);
1370 return;
1371 } else if (ret == -2) {
1372 vnc_client_error(vs);
1373 return;
1374 }
1375 } else
1376 #endif /* CONFIG_VNC_WS */
1377 {
1378 ret = vnc_client_read_plain(vs);
1379 }
1380 if (!ret) {
1381 if (vs->csock == -1)
1382 vnc_disconnect_finish(vs);
1383 return;
1384 }
1385
1386 while (vs->read_handler && vs->input.offset >= vs->read_handler_expect) {
1387 size_t len = vs->read_handler_expect;
1388 int ret;
1389
1390 ret = vs->read_handler(vs, vs->input.buffer, len);
1391 if (vs->csock == -1) {
1392 vnc_disconnect_finish(vs);
1393 return;
1394 }
1395
1396 if (!ret) {
1397 buffer_advance(&vs->input, len);
1398 } else {
1399 vs->read_handler_expect = ret;
1400 }
1401 }
1402 }
1403
1404 void vnc_write(VncState *vs, const void *data, size_t len)
1405 {
1406 buffer_reserve(&vs->output, len);
1407
1408 if (vs->csock != -1 && buffer_empty(&vs->output)) {
1409 qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, vnc_client_write, vs);
1410 }
1411
1412 buffer_append(&vs->output, data, len);
1413 }
1414
1415 void vnc_write_s32(VncState *vs, int32_t value)
1416 {
1417 vnc_write_u32(vs, *(uint32_t *)&value);
1418 }
1419
1420 void vnc_write_u32(VncState *vs, uint32_t value)
1421 {
1422 uint8_t buf[4];
1423
1424 buf[0] = (value >> 24) & 0xFF;
1425 buf[1] = (value >> 16) & 0xFF;
1426 buf[2] = (value >> 8) & 0xFF;
1427 buf[3] = value & 0xFF;
1428
1429 vnc_write(vs, buf, 4);
1430 }
1431
1432 void vnc_write_u16(VncState *vs, uint16_t value)
1433 {
1434 uint8_t buf[2];
1435
1436 buf[0] = (value >> 8) & 0xFF;
1437 buf[1] = value & 0xFF;
1438
1439 vnc_write(vs, buf, 2);
1440 }
1441
1442 void vnc_write_u8(VncState *vs, uint8_t value)
1443 {
1444 vnc_write(vs, (char *)&value, 1);
1445 }
1446
1447 void vnc_flush(VncState *vs)
1448 {
1449 vnc_lock_output(vs);
1450 if (vs->csock != -1 && (vs->output.offset
1451 #ifdef CONFIG_VNC_WS
1452 || vs->ws_output.offset
1453 #endif
1454 )) {
1455 vnc_client_write_locked(vs);
1456 }
1457 vnc_unlock_output(vs);
1458 }
1459
1460 static uint8_t read_u8(uint8_t *data, size_t offset)
1461 {
1462 return data[offset];
1463 }
1464
1465 static uint16_t read_u16(uint8_t *data, size_t offset)
1466 {
1467 return ((data[offset] & 0xFF) << 8) | (data[offset + 1] & 0xFF);
1468 }
1469
1470 static int32_t read_s32(uint8_t *data, size_t offset)
1471 {
1472 return (int32_t)((data[offset] << 24) | (data[offset + 1] << 16) |
1473 (data[offset + 2] << 8) | data[offset + 3]);
1474 }
1475
1476 uint32_t read_u32(uint8_t *data, size_t offset)
1477 {
1478 return ((data[offset] << 24) | (data[offset + 1] << 16) |
1479 (data[offset + 2] << 8) | data[offset + 3]);
1480 }
1481
1482 static void client_cut_text(VncState *vs, size_t len, uint8_t *text)
1483 {
1484 }
1485
1486 static void check_pointer_type_change(Notifier *notifier, void *data)
1487 {
1488 VncState *vs = container_of(notifier, VncState, mouse_mode_notifier);
1489 int absolute = qemu_input_is_absolute();
1490
1491 if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE) && vs->absolute != absolute) {
1492 vnc_lock_output(vs);
1493 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
1494 vnc_write_u8(vs, 0);
1495 vnc_write_u16(vs, 1);
1496 vnc_framebuffer_update(vs, absolute, 0,
1497 surface_width(vs->vd->ds),
1498 surface_height(vs->vd->ds),
1499 VNC_ENCODING_POINTER_TYPE_CHANGE);
1500 vnc_unlock_output(vs);
1501 vnc_flush(vs);
1502 }
1503 vs->absolute = absolute;
1504 }
1505
1506 static void pointer_event(VncState *vs, int button_mask, int x, int y)
1507 {
1508 static uint32_t bmap[INPUT_BUTTON_MAX] = {
1509 [INPUT_BUTTON_LEFT] = 0x01,
1510 [INPUT_BUTTON_MIDDLE] = 0x02,
1511 [INPUT_BUTTON_RIGHT] = 0x04,
1512 [INPUT_BUTTON_WHEEL_UP] = 0x08,
1513 [INPUT_BUTTON_WHEEL_DOWN] = 0x10,
1514 };
1515 QemuConsole *con = vs->vd->dcl.con;
1516 int width = surface_width(vs->vd->ds);
1517 int height = surface_height(vs->vd->ds);
1518
1519 if (vs->last_bmask != button_mask) {
1520 qemu_input_update_buttons(con, bmap, vs->last_bmask, button_mask);
1521 vs->last_bmask = button_mask;
1522 }
1523
1524 if (vs->absolute) {
1525 qemu_input_queue_abs(con, INPUT_AXIS_X, x, width);
1526 qemu_input_queue_abs(con, INPUT_AXIS_Y, y, height);
1527 } else if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE)) {
1528 qemu_input_queue_rel(con, INPUT_AXIS_X, x - 0x7FFF);
1529 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - 0x7FFF);
1530 } else {
1531 if (vs->last_x != -1) {
1532 qemu_input_queue_rel(con, INPUT_AXIS_X, x - vs->last_x);
1533 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - vs->last_y);
1534 }
1535 vs->last_x = x;
1536 vs->last_y = y;
1537 }
1538 qemu_input_event_sync();
1539 }
1540
1541 static void reset_keys(VncState *vs)
1542 {
1543 int i;
1544 for(i = 0; i < 256; i++) {
1545 if (vs->modifiers_state[i]) {
1546 qemu_input_event_send_key_number(vs->vd->dcl.con, i, false);
1547 vs->modifiers_state[i] = 0;
1548 }
1549 }
1550 }
1551
1552 static void press_key(VncState *vs, int keysym)
1553 {
1554 int keycode = keysym2scancode(vs->vd->kbd_layout, keysym) & SCANCODE_KEYMASK;
1555 qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, true);
1556 qemu_input_event_send_key_delay(0);
1557 qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, false);
1558 qemu_input_event_send_key_delay(0);
1559 }
1560
1561 static int current_led_state(VncState *vs)
1562 {
1563 int ledstate = 0;
1564
1565 if (vs->modifiers_state[0x46]) {
1566 ledstate |= QEMU_SCROLL_LOCK_LED;
1567 }
1568 if (vs->modifiers_state[0x45]) {
1569 ledstate |= QEMU_NUM_LOCK_LED;
1570 }
1571 if (vs->modifiers_state[0x3a]) {
1572 ledstate |= QEMU_CAPS_LOCK_LED;
1573 }
1574
1575 return ledstate;
1576 }
1577
1578 static void vnc_led_state_change(VncState *vs)
1579 {
1580 int ledstate = 0;
1581
1582 if (!vnc_has_feature(vs, VNC_FEATURE_LED_STATE)) {
1583 return;
1584 }
1585
1586 ledstate = current_led_state(vs);
1587 vnc_lock_output(vs);
1588 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
1589 vnc_write_u8(vs, 0);
1590 vnc_write_u16(vs, 1);
1591 vnc_framebuffer_update(vs, 0, 0, 1, 1, VNC_ENCODING_LED_STATE);
1592 vnc_write_u8(vs, ledstate);
1593 vnc_unlock_output(vs);
1594 vnc_flush(vs);
1595 }
1596
1597 static void kbd_leds(void *opaque, int ledstate)
1598 {
1599 VncState *vs = opaque;
1600 int caps, num, scr;
1601 bool has_changed = (ledstate != current_led_state(vs));
1602
1603 trace_vnc_key_guest_leds((ledstate & QEMU_CAPS_LOCK_LED),
1604 (ledstate & QEMU_NUM_LOCK_LED),
1605 (ledstate & QEMU_SCROLL_LOCK_LED));
1606
1607 caps = ledstate & QEMU_CAPS_LOCK_LED ? 1 : 0;
1608 num = ledstate & QEMU_NUM_LOCK_LED ? 1 : 0;
1609 scr = ledstate & QEMU_SCROLL_LOCK_LED ? 1 : 0;
1610
1611 if (vs->modifiers_state[0x3a] != caps) {
1612 vs->modifiers_state[0x3a] = caps;
1613 }
1614 if (vs->modifiers_state[0x45] != num) {
1615 vs->modifiers_state[0x45] = num;
1616 }
1617 if (vs->modifiers_state[0x46] != scr) {
1618 vs->modifiers_state[0x46] = scr;
1619 }
1620
1621 /* Sending the current led state message to the client */
1622 if (has_changed) {
1623 vnc_led_state_change(vs);
1624 }
1625 }
1626
1627 static void do_key_event(VncState *vs, int down, int keycode, int sym)
1628 {
1629 /* QEMU console switch */
1630 switch(keycode) {
1631 case 0x2a: /* Left Shift */
1632 case 0x36: /* Right Shift */
1633 case 0x1d: /* Left CTRL */
1634 case 0x9d: /* Right CTRL */
1635 case 0x38: /* Left ALT */
1636 case 0xb8: /* Right ALT */
1637 if (down)
1638 vs->modifiers_state[keycode] = 1;
1639 else
1640 vs->modifiers_state[keycode] = 0;
1641 break;
1642 case 0x02 ... 0x0a: /* '1' to '9' keys */
1643 if (down && vs->modifiers_state[0x1d] && vs->modifiers_state[0x38]) {
1644 /* Reset the modifiers sent to the current console */
1645 reset_keys(vs);
1646 console_select(keycode - 0x02);
1647 return;
1648 }
1649 break;
1650 case 0x3a: /* CapsLock */
1651 case 0x45: /* NumLock */
1652 if (down)
1653 vs->modifiers_state[keycode] ^= 1;
1654 break;
1655 }
1656
1657 /* Turn off the lock state sync logic if the client support the led
1658 state extension.
1659 */
1660 if (down && vs->vd->lock_key_sync &&
1661 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) &&
1662 keycode_is_keypad(vs->vd->kbd_layout, keycode)) {
1663 /* If the numlock state needs to change then simulate an additional
1664 keypress before sending this one. This will happen if the user
1665 toggles numlock away from the VNC window.
1666 */
1667 if (keysym_is_numlock(vs->vd->kbd_layout, sym & 0xFFFF)) {
1668 if (!vs->modifiers_state[0x45]) {
1669 trace_vnc_key_sync_numlock(true);
1670 vs->modifiers_state[0x45] = 1;
1671 press_key(vs, 0xff7f);
1672 }
1673 } else {
1674 if (vs->modifiers_state[0x45]) {
1675 trace_vnc_key_sync_numlock(false);
1676 vs->modifiers_state[0x45] = 0;
1677 press_key(vs, 0xff7f);
1678 }
1679 }
1680 }
1681
1682 if (down && vs->vd->lock_key_sync &&
1683 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) &&
1684 ((sym >= 'A' && sym <= 'Z') || (sym >= 'a' && sym <= 'z'))) {
1685 /* If the capslock state needs to change then simulate an additional
1686 keypress before sending this one. This will happen if the user
1687 toggles capslock away from the VNC window.
1688 */
1689 int uppercase = !!(sym >= 'A' && sym <= 'Z');
1690 int shift = !!(vs->modifiers_state[0x2a] | vs->modifiers_state[0x36]);
1691 int capslock = !!(vs->modifiers_state[0x3a]);
1692 if (capslock) {
1693 if (uppercase == shift) {
1694 trace_vnc_key_sync_capslock(false);
1695 vs->modifiers_state[0x3a] = 0;
1696 press_key(vs, 0xffe5);
1697 }
1698 } else {
1699 if (uppercase != shift) {
1700 trace_vnc_key_sync_capslock(true);
1701 vs->modifiers_state[0x3a] = 1;
1702 press_key(vs, 0xffe5);
1703 }
1704 }
1705 }
1706
1707 if (qemu_console_is_graphic(NULL)) {
1708 qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, down);
1709 } else {
1710 bool numlock = vs->modifiers_state[0x45];
1711 bool control = (vs->modifiers_state[0x1d] ||
1712 vs->modifiers_state[0x9d]);
1713 /* QEMU console emulation */
1714 if (down) {
1715 switch (keycode) {
1716 case 0x2a: /* Left Shift */
1717 case 0x36: /* Right Shift */
1718 case 0x1d: /* Left CTRL */
1719 case 0x9d: /* Right CTRL */
1720 case 0x38: /* Left ALT */
1721 case 0xb8: /* Right ALT */
1722 break;
1723 case 0xc8:
1724 kbd_put_keysym(QEMU_KEY_UP);
1725 break;
1726 case 0xd0:
1727 kbd_put_keysym(QEMU_KEY_DOWN);
1728 break;
1729 case 0xcb:
1730 kbd_put_keysym(QEMU_KEY_LEFT);
1731 break;
1732 case 0xcd:
1733 kbd_put_keysym(QEMU_KEY_RIGHT);
1734 break;
1735 case 0xd3:
1736 kbd_put_keysym(QEMU_KEY_DELETE);
1737 break;
1738 case 0xc7:
1739 kbd_put_keysym(QEMU_KEY_HOME);
1740 break;
1741 case 0xcf:
1742 kbd_put_keysym(QEMU_KEY_END);
1743 break;
1744 case 0xc9:
1745 kbd_put_keysym(QEMU_KEY_PAGEUP);
1746 break;
1747 case 0xd1:
1748 kbd_put_keysym(QEMU_KEY_PAGEDOWN);
1749 break;
1750
1751 case 0x47:
1752 kbd_put_keysym(numlock ? '7' : QEMU_KEY_HOME);
1753 break;
1754 case 0x48:
1755 kbd_put_keysym(numlock ? '8' : QEMU_KEY_UP);
1756 break;
1757 case 0x49:
1758 kbd_put_keysym(numlock ? '9' : QEMU_KEY_PAGEUP);
1759 break;
1760 case 0x4b:
1761 kbd_put_keysym(numlock ? '4' : QEMU_KEY_LEFT);
1762 break;
1763 case 0x4c:
1764 kbd_put_keysym('5');
1765 break;
1766 case 0x4d:
1767 kbd_put_keysym(numlock ? '6' : QEMU_KEY_RIGHT);
1768 break;
1769 case 0x4f:
1770 kbd_put_keysym(numlock ? '1' : QEMU_KEY_END);
1771 break;
1772 case 0x50:
1773 kbd_put_keysym(numlock ? '2' : QEMU_KEY_DOWN);
1774 break;
1775 case 0x51:
1776 kbd_put_keysym(numlock ? '3' : QEMU_KEY_PAGEDOWN);
1777 break;
1778 case 0x52:
1779 kbd_put_keysym('0');
1780 break;
1781 case 0x53:
1782 kbd_put_keysym(numlock ? '.' : QEMU_KEY_DELETE);
1783 break;
1784
1785 case 0xb5:
1786 kbd_put_keysym('/');
1787 break;
1788 case 0x37:
1789 kbd_put_keysym('*');
1790 break;
1791 case 0x4a:
1792 kbd_put_keysym('-');
1793 break;
1794 case 0x4e:
1795 kbd_put_keysym('+');
1796 break;
1797 case 0x9c:
1798 kbd_put_keysym('\n');
1799 break;
1800
1801 default:
1802 if (control) {
1803 kbd_put_keysym(sym & 0x1f);
1804 } else {
1805 kbd_put_keysym(sym);
1806 }
1807 break;
1808 }
1809 }
1810 }
1811 }
1812
1813 static void vnc_release_modifiers(VncState *vs)
1814 {
1815 static const int keycodes[] = {
1816 /* shift, control, alt keys, both left & right */
1817 0x2a, 0x36, 0x1d, 0x9d, 0x38, 0xb8,
1818 };
1819 int i, keycode;
1820
1821 if (!qemu_console_is_graphic(NULL)) {
1822 return;
1823 }
1824 for (i = 0; i < ARRAY_SIZE(keycodes); i++) {
1825 keycode = keycodes[i];
1826 if (!vs->modifiers_state[keycode]) {
1827 continue;
1828 }
1829 qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, false);
1830 }
1831 }
1832
1833 static const char *code2name(int keycode)
1834 {
1835 return QKeyCode_lookup[qemu_input_key_number_to_qcode(keycode)];
1836 }
1837
1838 static void key_event(VncState *vs, int down, uint32_t sym)
1839 {
1840 int keycode;
1841 int lsym = sym;
1842
1843 if (lsym >= 'A' && lsym <= 'Z' && qemu_console_is_graphic(NULL)) {
1844 lsym = lsym - 'A' + 'a';
1845 }
1846
1847 keycode = keysym2scancode(vs->vd->kbd_layout, lsym & 0xFFFF) & SCANCODE_KEYMASK;
1848 trace_vnc_key_event_map(down, sym, keycode, code2name(keycode));
1849 do_key_event(vs, down, keycode, sym);
1850 }
1851
1852 static void ext_key_event(VncState *vs, int down,
1853 uint32_t sym, uint16_t keycode)
1854 {
1855 /* if the user specifies a keyboard layout, always use it */
1856 if (keyboard_layout) {
1857 key_event(vs, down, sym);
1858 } else {
1859 trace_vnc_key_event_ext(down, sym, keycode, code2name(keycode));
1860 do_key_event(vs, down, keycode, sym);
1861 }
1862 }
1863
1864 static void framebuffer_update_request(VncState *vs, int incremental,
1865 int x_position, int y_position,
1866 int w, int h)
1867 {
1868 int i;
1869 const size_t width = surface_width(vs->vd->ds) / VNC_DIRTY_PIXELS_PER_BIT;
1870 const size_t height = surface_height(vs->vd->ds);
1871
1872 if (y_position > height) {
1873 y_position = height;
1874 }
1875 if (y_position + h >= height) {
1876 h = height - y_position;
1877 }
1878
1879 vs->need_update = 1;
1880 if (!incremental) {
1881 vs->force_update = 1;
1882 for (i = 0; i < h; i++) {
1883 bitmap_set(vs->dirty[y_position + i], 0, width);
1884 bitmap_clear(vs->dirty[y_position + i], width,
1885 VNC_DIRTY_BITS - width);
1886 }
1887 }
1888 }
1889
1890 static void send_ext_key_event_ack(VncState *vs)
1891 {
1892 vnc_lock_output(vs);
1893 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
1894 vnc_write_u8(vs, 0);
1895 vnc_write_u16(vs, 1);
1896 vnc_framebuffer_update(vs, 0, 0,
1897 surface_width(vs->vd->ds),
1898 surface_height(vs->vd->ds),
1899 VNC_ENCODING_EXT_KEY_EVENT);
1900 vnc_unlock_output(vs);
1901 vnc_flush(vs);
1902 }
1903
1904 static void send_ext_audio_ack(VncState *vs)
1905 {
1906 vnc_lock_output(vs);
1907 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
1908 vnc_write_u8(vs, 0);
1909 vnc_write_u16(vs, 1);
1910 vnc_framebuffer_update(vs, 0, 0,
1911 surface_width(vs->vd->ds),
1912 surface_height(vs->vd->ds),
1913 VNC_ENCODING_AUDIO);
1914 vnc_unlock_output(vs);
1915 vnc_flush(vs);
1916 }
1917
1918 static void set_encodings(VncState *vs, int32_t *encodings, size_t n_encodings)
1919 {
1920 int i;
1921 unsigned int enc = 0;
1922
1923 vs->features = 0;
1924 vs->vnc_encoding = 0;
1925 vs->tight.compression = 9;
1926 vs->tight.quality = -1; /* Lossless by default */
1927 vs->absolute = -1;
1928
1929 /*
1930 * Start from the end because the encodings are sent in order of preference.
1931 * This way the preferred encoding (first encoding defined in the array)
1932 * will be set at the end of the loop.
1933 */
1934 for (i = n_encodings - 1; i >= 0; i--) {
1935 enc = encodings[i];
1936 switch (enc) {
1937 case VNC_ENCODING_RAW:
1938 vs->vnc_encoding = enc;
1939 break;
1940 case VNC_ENCODING_COPYRECT:
1941 vs->features |= VNC_FEATURE_COPYRECT_MASK;
1942 break;
1943 case VNC_ENCODING_HEXTILE:
1944 vs->features |= VNC_FEATURE_HEXTILE_MASK;
1945 vs->vnc_encoding = enc;
1946 break;
1947 case VNC_ENCODING_TIGHT:
1948 vs->features |= VNC_FEATURE_TIGHT_MASK;
1949 vs->vnc_encoding = enc;
1950 break;
1951 #ifdef CONFIG_VNC_PNG
1952 case VNC_ENCODING_TIGHT_PNG:
1953 vs->features |= VNC_FEATURE_TIGHT_PNG_MASK;
1954 vs->vnc_encoding = enc;
1955 break;
1956 #endif
1957 case VNC_ENCODING_ZLIB:
1958 vs->features |= VNC_FEATURE_ZLIB_MASK;
1959 vs->vnc_encoding = enc;
1960 break;
1961 case VNC_ENCODING_ZRLE:
1962 vs->features |= VNC_FEATURE_ZRLE_MASK;
1963 vs->vnc_encoding = enc;
1964 break;
1965 case VNC_ENCODING_ZYWRLE:
1966 vs->features |= VNC_FEATURE_ZYWRLE_MASK;
1967 vs->vnc_encoding = enc;
1968 break;
1969 case VNC_ENCODING_DESKTOPRESIZE:
1970 vs->features |= VNC_FEATURE_RESIZE_MASK;
1971 break;
1972 case VNC_ENCODING_POINTER_TYPE_CHANGE:
1973 vs->features |= VNC_FEATURE_POINTER_TYPE_CHANGE_MASK;
1974 break;
1975 case VNC_ENCODING_RICH_CURSOR:
1976 vs->features |= VNC_FEATURE_RICH_CURSOR_MASK;
1977 break;
1978 case VNC_ENCODING_EXT_KEY_EVENT:
1979 send_ext_key_event_ack(vs);
1980 break;
1981 case VNC_ENCODING_AUDIO:
1982 send_ext_audio_ack(vs);
1983 break;
1984 case VNC_ENCODING_WMVi:
1985 vs->features |= VNC_FEATURE_WMVI_MASK;
1986 break;
1987 case VNC_ENCODING_LED_STATE:
1988 vs->features |= VNC_FEATURE_LED_STATE_MASK;
1989 break;
1990 case VNC_ENCODING_COMPRESSLEVEL0 ... VNC_ENCODING_COMPRESSLEVEL0 + 9:
1991 vs->tight.compression = (enc & 0x0F);
1992 break;
1993 case VNC_ENCODING_QUALITYLEVEL0 ... VNC_ENCODING_QUALITYLEVEL0 + 9:
1994 if (vs->vd->lossy) {
1995 vs->tight.quality = (enc & 0x0F);
1996 }
1997 break;
1998 default:
1999 VNC_DEBUG("Unknown encoding: %d (0x%.8x): %d\n", i, enc, enc);
2000 break;
2001 }
2002 }
2003 vnc_desktop_resize(vs);
2004 check_pointer_type_change(&vs->mouse_mode_notifier, NULL);
2005 vnc_led_state_change(vs);
2006 }
2007
2008 static void set_pixel_conversion(VncState *vs)
2009 {
2010 pixman_format_code_t fmt = qemu_pixman_get_format(&vs->client_pf);
2011
2012 if (fmt == VNC_SERVER_FB_FORMAT) {
2013 vs->write_pixels = vnc_write_pixels_copy;
2014 vnc_hextile_set_pixel_conversion(vs, 0);
2015 } else {
2016 vs->write_pixels = vnc_write_pixels_generic;
2017 vnc_hextile_set_pixel_conversion(vs, 1);
2018 }
2019 }
2020
2021 static void set_pixel_format(VncState *vs,
2022 int bits_per_pixel, int depth,
2023 int big_endian_flag, int true_color_flag,
2024 int red_max, int green_max, int blue_max,
2025 int red_shift, int green_shift, int blue_shift)
2026 {
2027 if (!true_color_flag) {
2028 vnc_client_error(vs);
2029 return;
2030 }
2031
2032 vs->client_pf.rmax = red_max;
2033 vs->client_pf.rbits = hweight_long(red_max);
2034 vs->client_pf.rshift = red_shift;
2035 vs->client_pf.rmask = red_max << red_shift;
2036 vs->client_pf.gmax = green_max;
2037 vs->client_pf.gbits = hweight_long(green_max);
2038 vs->client_pf.gshift = green_shift;
2039 vs->client_pf.gmask = green_max << green_shift;
2040 vs->client_pf.bmax = blue_max;
2041 vs->client_pf.bbits = hweight_long(blue_max);
2042 vs->client_pf.bshift = blue_shift;
2043 vs->client_pf.bmask = blue_max << blue_shift;
2044 vs->client_pf.bits_per_pixel = bits_per_pixel;
2045 vs->client_pf.bytes_per_pixel = bits_per_pixel / 8;
2046 vs->client_pf.depth = bits_per_pixel == 32 ? 24 : bits_per_pixel;
2047 vs->client_be = big_endian_flag;
2048
2049 set_pixel_conversion(vs);
2050
2051 graphic_hw_invalidate(NULL);
2052 graphic_hw_update(NULL);
2053 }
2054
2055 static void pixel_format_message (VncState *vs) {
2056 char pad[3] = { 0, 0, 0 };
2057
2058 vs->client_pf = qemu_default_pixelformat(32);
2059
2060 vnc_write_u8(vs, vs->client_pf.bits_per_pixel); /* bits-per-pixel */
2061 vnc_write_u8(vs, vs->client_pf.depth); /* depth */
2062
2063 #ifdef HOST_WORDS_BIGENDIAN
2064 vnc_write_u8(vs, 1); /* big-endian-flag */
2065 #else
2066 vnc_write_u8(vs, 0); /* big-endian-flag */
2067 #endif
2068 vnc_write_u8(vs, 1); /* true-color-flag */
2069 vnc_write_u16(vs, vs->client_pf.rmax); /* red-max */
2070 vnc_write_u16(vs, vs->client_pf.gmax); /* green-max */
2071 vnc_write_u16(vs, vs->client_pf.bmax); /* blue-max */
2072 vnc_write_u8(vs, vs->client_pf.rshift); /* red-shift */
2073 vnc_write_u8(vs, vs->client_pf.gshift); /* green-shift */
2074 vnc_write_u8(vs, vs->client_pf.bshift); /* blue-shift */
2075 vnc_write(vs, pad, 3); /* padding */
2076
2077 vnc_hextile_set_pixel_conversion(vs, 0);
2078 vs->write_pixels = vnc_write_pixels_copy;
2079 }
2080
2081 static void vnc_colordepth(VncState *vs)
2082 {
2083 if (vnc_has_feature(vs, VNC_FEATURE_WMVI)) {
2084 /* Sending a WMVi message to notify the client*/
2085 vnc_lock_output(vs);
2086 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
2087 vnc_write_u8(vs, 0);
2088 vnc_write_u16(vs, 1); /* number of rects */
2089 vnc_framebuffer_update(vs, 0, 0,
2090 surface_width(vs->vd->ds),
2091 surface_height(vs->vd->ds),
2092 VNC_ENCODING_WMVi);
2093 pixel_format_message(vs);
2094 vnc_unlock_output(vs);
2095 vnc_flush(vs);
2096 } else {
2097 set_pixel_conversion(vs);
2098 }
2099 }
2100
2101 static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len)
2102 {
2103 int i;
2104 uint16_t limit;
2105 VncDisplay *vd = vs->vd;
2106
2107 if (data[0] > 3) {
2108 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE);
2109 }
2110
2111 switch (data[0]) {
2112 case VNC_MSG_CLIENT_SET_PIXEL_FORMAT:
2113 if (len == 1)
2114 return 20;
2115
2116 set_pixel_format(vs, read_u8(data, 4), read_u8(data, 5),
2117 read_u8(data, 6), read_u8(data, 7),
2118 read_u16(data, 8), read_u16(data, 10),
2119 read_u16(data, 12), read_u8(data, 14),
2120 read_u8(data, 15), read_u8(data, 16));
2121 break;
2122 case VNC_MSG_CLIENT_SET_ENCODINGS:
2123 if (len == 1)
2124 return 4;
2125
2126 if (len == 4) {
2127 limit = read_u16(data, 2);
2128 if (limit > 0)
2129 return 4 + (limit * 4);
2130 } else
2131 limit = read_u16(data, 2);
2132
2133 for (i = 0; i < limit; i++) {
2134 int32_t val = read_s32(data, 4 + (i * 4));
2135 memcpy(data + 4 + (i * 4), &val, sizeof(val));
2136 }
2137
2138 set_encodings(vs, (int32_t *)(data + 4), limit);
2139 break;
2140 case VNC_MSG_CLIENT_FRAMEBUFFER_UPDATE_REQUEST:
2141 if (len == 1)
2142 return 10;
2143
2144 framebuffer_update_request(vs,
2145 read_u8(data, 1), read_u16(data, 2), read_u16(data, 4),
2146 read_u16(data, 6), read_u16(data, 8));
2147 break;
2148 case VNC_MSG_CLIENT_KEY_EVENT:
2149 if (len == 1)
2150 return 8;
2151
2152 key_event(vs, read_u8(data, 1), read_u32(data, 4));
2153 break;
2154 case VNC_MSG_CLIENT_POINTER_EVENT:
2155 if (len == 1)
2156 return 6;
2157
2158 pointer_event(vs, read_u8(data, 1), read_u16(data, 2), read_u16(data, 4));
2159 break;
2160 case VNC_MSG_CLIENT_CUT_TEXT:
2161 if (len == 1)
2162 return 8;
2163
2164 if (len == 8) {
2165 uint32_t dlen = read_u32(data, 4);
2166 if (dlen > 0)
2167 return 8 + dlen;
2168 }
2169
2170 client_cut_text(vs, read_u32(data, 4), data + 8);
2171 break;
2172 case VNC_MSG_CLIENT_QEMU:
2173 if (len == 1)
2174 return 2;
2175
2176 switch (read_u8(data, 1)) {
2177 case VNC_MSG_CLIENT_QEMU_EXT_KEY_EVENT:
2178 if (len == 2)
2179 return 12;
2180
2181 ext_key_event(vs, read_u16(data, 2),
2182 read_u32(data, 4), read_u32(data, 8));
2183 break;
2184 case VNC_MSG_CLIENT_QEMU_AUDIO:
2185 if (len == 2)
2186 return 4;
2187
2188 switch (read_u16 (data, 2)) {
2189 case VNC_MSG_CLIENT_QEMU_AUDIO_ENABLE:
2190 audio_add(vs);
2191 break;
2192 case VNC_MSG_CLIENT_QEMU_AUDIO_DISABLE:
2193 audio_del(vs);
2194 break;
2195 case VNC_MSG_CLIENT_QEMU_AUDIO_SET_FORMAT:
2196 if (len == 4)
2197 return 10;
2198 switch (read_u8(data, 4)) {
2199 case 0: vs->as.fmt = AUD_FMT_U8; break;
2200 case 1: vs->as.fmt = AUD_FMT_S8; break;
2201 case 2: vs->as.fmt = AUD_FMT_U16; break;
2202 case 3: vs->as.fmt = AUD_FMT_S16; break;
2203 case 4: vs->as.fmt = AUD_FMT_U32; break;
2204 case 5: vs->as.fmt = AUD_FMT_S32; break;
2205 default:
2206 printf("Invalid audio format %d\n", read_u8(data, 4));
2207 vnc_client_error(vs);
2208 break;
2209 }
2210 vs->as.nchannels = read_u8(data, 5);
2211 if (vs->as.nchannels != 1 && vs->as.nchannels != 2) {
2212 printf("Invalid audio channel coount %d\n",
2213 read_u8(data, 5));
2214 vnc_client_error(vs);
2215 break;
2216 }
2217 vs->as.freq = read_u32(data, 6);
2218 break;
2219 default:
2220 printf ("Invalid audio message %d\n", read_u8(data, 4));
2221 vnc_client_error(vs);
2222 break;
2223 }
2224 break;
2225
2226 default:
2227 printf("Msg: %d\n", read_u16(data, 0));
2228 vnc_client_error(vs);
2229 break;
2230 }
2231 break;
2232 default:
2233 printf("Msg: %d\n", data[0]);
2234 vnc_client_error(vs);
2235 break;
2236 }
2237
2238 vnc_read_when(vs, protocol_client_msg, 1);
2239 return 0;
2240 }
2241
2242 static int protocol_client_init(VncState *vs, uint8_t *data, size_t len)
2243 {
2244 char buf[1024];
2245 VncShareMode mode;
2246 int size;
2247
2248 mode = data[0] ? VNC_SHARE_MODE_SHARED : VNC_SHARE_MODE_EXCLUSIVE;
2249 switch (vs->vd->share_policy) {
2250 case VNC_SHARE_POLICY_IGNORE:
2251 /*
2252 * Ignore the shared flag. Nothing to do here.
2253 *
2254 * Doesn't conform to the rfb spec but is traditional qemu
2255 * behavior, thus left here as option for compatibility
2256 * reasons.
2257 */
2258 break;
2259 case VNC_SHARE_POLICY_ALLOW_EXCLUSIVE:
2260 /*
2261 * Policy: Allow clients ask for exclusive access.
2262 *
2263 * Implementation: When a client asks for exclusive access,
2264 * disconnect all others. Shared connects are allowed as long
2265 * as no exclusive connection exists.
2266 *
2267 * This is how the rfb spec suggests to handle the shared flag.
2268 */
2269 if (mode == VNC_SHARE_MODE_EXCLUSIVE) {
2270 VncState *client;
2271 QTAILQ_FOREACH(client, &vs->vd->clients, next) {
2272 if (vs == client) {
2273 continue;
2274 }
2275 if (client->share_mode != VNC_SHARE_MODE_EXCLUSIVE &&
2276 client->share_mode != VNC_SHARE_MODE_SHARED) {
2277 continue;
2278 }
2279 vnc_disconnect_start(client);
2280 }
2281 }
2282 if (mode == VNC_SHARE_MODE_SHARED) {
2283 if (vs->vd->num_exclusive > 0) {
2284 vnc_disconnect_start(vs);
2285 return 0;
2286 }
2287 }
2288 break;
2289 case VNC_SHARE_POLICY_FORCE_SHARED:
2290 /*
2291 * Policy: Shared connects only.
2292 * Implementation: Disallow clients asking for exclusive access.
2293 *
2294 * Useful for shared desktop sessions where you don't want
2295 * someone forgetting to say -shared when running the vnc
2296 * client disconnect everybody else.
2297 */
2298 if (mode == VNC_SHARE_MODE_EXCLUSIVE) {
2299 vnc_disconnect_start(vs);
2300 return 0;
2301 }
2302 break;
2303 }
2304 vnc_set_share_mode(vs, mode);
2305
2306 vs->client_width = surface_width(vs->vd->ds);
2307 vs->client_height = surface_height(vs->vd->ds);
2308 vnc_write_u16(vs, vs->client_width);
2309 vnc_write_u16(vs, vs->client_height);
2310
2311 pixel_format_message(vs);
2312
2313 if (qemu_name)
2314 size = snprintf(buf, sizeof(buf), "QEMU (%s)", qemu_name);
2315 else
2316 size = snprintf(buf, sizeof(buf), "QEMU");
2317
2318 vnc_write_u32(vs, size);
2319 vnc_write(vs, buf, size);
2320 vnc_flush(vs);
2321
2322 vnc_client_cache_auth(vs);
2323 vnc_qmp_event(vs, QEVENT_VNC_INITIALIZED);
2324
2325 vnc_read_when(vs, protocol_client_msg, 1);
2326
2327 return 0;
2328 }
2329
2330 void start_client_init(VncState *vs)
2331 {
2332 vnc_read_when(vs, protocol_client_init, 1);
2333 }
2334
2335 static void make_challenge(VncState *vs)
2336 {
2337 int i;
2338
2339 srand(time(NULL)+getpid()+getpid()*987654+rand());
2340
2341 for (i = 0 ; i < sizeof(vs->challenge) ; i++)
2342 vs->challenge[i] = (int) (256.0*rand()/(RAND_MAX+1.0));
2343 }
2344
2345 static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len)
2346 {
2347 unsigned char response[VNC_AUTH_CHALLENGE_SIZE];
2348 int i, j, pwlen;
2349 unsigned char key[8];
2350 time_t now = time(NULL);
2351
2352 if (!vs->vd->password) {
2353 VNC_DEBUG("No password configured on server");
2354 goto reject;
2355 }
2356 if (vs->vd->expires < now) {
2357 VNC_DEBUG("Password is expired");
2358 goto reject;
2359 }
2360
2361 memcpy(response, vs->challenge, VNC_AUTH_CHALLENGE_SIZE);
2362
2363 /* Calculate the expected challenge response */
2364 pwlen = strlen(vs->vd->password);
2365 for (i=0; i<sizeof(key); i++)
2366 key[i] = i<pwlen ? vs->vd->password[i] : 0;
2367 deskey(key, EN0);
2368 for (j = 0; j < VNC_AUTH_CHALLENGE_SIZE; j += 8)
2369 des(response+j, response+j);
2370
2371 /* Compare expected vs actual challenge response */
2372 if (memcmp(response, data, VNC_AUTH_CHALLENGE_SIZE) != 0) {
2373 VNC_DEBUG("Client challenge response did not match\n");
2374 goto reject;
2375 } else {
2376 VNC_DEBUG("Accepting VNC challenge response\n");
2377 vnc_write_u32(vs, 0); /* Accept auth */
2378 vnc_flush(vs);
2379
2380 start_client_init(vs);
2381 }
2382 return 0;
2383
2384 reject:
2385 vnc_write_u32(vs, 1); /* Reject auth */
2386 if (vs->minor >= 8) {
2387 static const char err[] = "Authentication failed";
2388 vnc_write_u32(vs, sizeof(err));
2389 vnc_write(vs, err, sizeof(err));
2390 }
2391 vnc_flush(vs);
2392 vnc_client_error(vs);
2393 return 0;
2394 }
2395
2396 void start_auth_vnc(VncState *vs)
2397 {
2398 make_challenge(vs);
2399 /* Send client a 'random' challenge */
2400 vnc_write(vs, vs->challenge, sizeof(vs->challenge));
2401 vnc_flush(vs);
2402
2403 vnc_read_when(vs, protocol_client_auth_vnc, sizeof(vs->challenge));
2404 }
2405
2406
2407 static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len)
2408 {
2409 /* We only advertise 1 auth scheme at a time, so client
2410 * must pick the one we sent. Verify this */
2411 if (data[0] != vs->auth) { /* Reject auth */
2412 VNC_DEBUG("Reject auth %d because it didn't match advertized\n", (int)data[0]);
2413 vnc_write_u32(vs, 1);
2414 if (vs->minor >= 8) {
2415 static const char err[] = "Authentication failed";
2416 vnc_write_u32(vs, sizeof(err));
2417 vnc_write(vs, err, sizeof(err));
2418 }
2419 vnc_client_error(vs);
2420 } else { /* Accept requested auth */
2421 VNC_DEBUG("Client requested auth %d\n", (int)data[0]);
2422 switch (vs->auth) {
2423 case VNC_AUTH_NONE:
2424 VNC_DEBUG("Accept auth none\n");
2425 if (vs->minor >= 8) {
2426 vnc_write_u32(vs, 0); /* Accept auth completion */
2427 vnc_flush(vs);
2428 }
2429 start_client_init(vs);
2430 break;
2431
2432 case VNC_AUTH_VNC:
2433 VNC_DEBUG("Start VNC auth\n");
2434 start_auth_vnc(vs);
2435 break;
2436
2437 #ifdef CONFIG_VNC_TLS
2438 case VNC_AUTH_VENCRYPT:
2439 VNC_DEBUG("Accept VeNCrypt auth\n");
2440 start_auth_vencrypt(vs);
2441 break;
2442 #endif /* CONFIG_VNC_TLS */
2443
2444 #ifdef CONFIG_VNC_SASL
2445 case VNC_AUTH_SASL:
2446 VNC_DEBUG("Accept SASL auth\n");
2447 start_auth_sasl(vs);
2448 break;
2449 #endif /* CONFIG_VNC_SASL */
2450
2451 default: /* Should not be possible, but just in case */
2452 VNC_DEBUG("Reject auth %d server code bug\n", vs->auth);
2453 vnc_write_u8(vs, 1);
2454 if (vs->minor >= 8) {
2455 static const char err[] = "Authentication failed";
2456 vnc_write_u32(vs, sizeof(err));
2457 vnc_write(vs, err, sizeof(err));
2458 }
2459 vnc_client_error(vs);
2460 }
2461 }
2462 return 0;
2463 }
2464
2465 static int protocol_version(VncState *vs, uint8_t *version, size_t len)
2466 {
2467 char local[13];
2468
2469 memcpy(local, version, 12);
2470 local[12] = 0;
2471
2472 if (sscanf(local, "RFB %03d.%03d\n", &vs->major, &vs->minor) != 2) {
2473 VNC_DEBUG("Malformed protocol version %s\n", local);
2474 vnc_client_error(vs);
2475 return 0;
2476 }
2477 VNC_DEBUG("Client request protocol version %d.%d\n", vs->major, vs->minor);
2478 if (vs->major != 3 ||
2479 (vs->minor != 3 &&
2480 vs->minor != 4 &&
2481 vs->minor != 5 &&
2482 vs->minor != 7 &&
2483 vs->minor != 8)) {
2484 VNC_DEBUG("Unsupported client version\n");
2485 vnc_write_u32(vs, VNC_AUTH_INVALID);
2486 vnc_flush(vs);
2487 vnc_client_error(vs);
2488 return 0;
2489 }
2490 /* Some broken clients report v3.4 or v3.5, which spec requires to be treated
2491 * as equivalent to v3.3 by servers
2492 */
2493 if (vs->minor == 4 || vs->minor == 5)
2494 vs->minor = 3;
2495
2496 if (vs->minor == 3) {
2497 if (vs->auth == VNC_AUTH_NONE) {
2498 VNC_DEBUG("Tell client auth none\n");
2499 vnc_write_u32(vs, vs->auth);
2500 vnc_flush(vs);
2501 start_client_init(vs);
2502 } else if (vs->auth == VNC_AUTH_VNC) {
2503 VNC_DEBUG("Tell client VNC auth\n");
2504 vnc_write_u32(vs, vs->auth);
2505 vnc_flush(vs);
2506 start_auth_vnc(vs);
2507 } else {
2508 VNC_DEBUG("Unsupported auth %d for protocol 3.3\n", vs->auth);
2509 vnc_write_u32(vs, VNC_AUTH_INVALID);
2510 vnc_flush(vs);
2511 vnc_client_error(vs);
2512 }
2513 } else {
2514 VNC_DEBUG("Telling client we support auth %d\n", vs->auth);
2515 vnc_write_u8(vs, 1); /* num auth */
2516 vnc_write_u8(vs, vs->auth);
2517 vnc_read_when(vs, protocol_client_auth, 1);
2518 vnc_flush(vs);
2519 }
2520
2521 return 0;
2522 }
2523
2524 static VncRectStat *vnc_stat_rect(VncDisplay *vd, int x, int y)
2525 {
2526 struct VncSurface *vs = &vd->guest;
2527
2528 return &vs->stats[y / VNC_STAT_RECT][x / VNC_STAT_RECT];
2529 }
2530
2531 void vnc_sent_lossy_rect(VncState *vs, int x, int y, int w, int h)
2532 {
2533 int i, j;
2534
2535 w = (x + w) / VNC_STAT_RECT;
2536 h = (y + h) / VNC_STAT_RECT;
2537 x /= VNC_STAT_RECT;
2538 y /= VNC_STAT_RECT;
2539
2540 for (j = y; j <= h; j++) {
2541 for (i = x; i <= w; i++) {
2542 vs->lossy_rect[j][i] = 1;
2543 }
2544 }
2545 }
2546
2547 static int vnc_refresh_lossy_rect(VncDisplay *vd, int x, int y)
2548 {
2549 VncState *vs;
2550 int sty = y / VNC_STAT_RECT;
2551 int stx = x / VNC_STAT_RECT;
2552 int has_dirty = 0;
2553
2554 y = y / VNC_STAT_RECT * VNC_STAT_RECT;
2555 x = x / VNC_STAT_RECT * VNC_STAT_RECT;
2556
2557 QTAILQ_FOREACH(vs, &vd->clients, next) {
2558 int j;
2559
2560 /* kernel send buffers are full -> refresh later */
2561 if (vs->output.offset) {
2562 continue;
2563 }
2564
2565 if (!vs->lossy_rect[sty][stx]) {
2566 continue;
2567 }
2568
2569 vs->lossy_rect[sty][stx] = 0;
2570 for (j = 0; j < VNC_STAT_RECT; ++j) {
2571 bitmap_set(vs->dirty[y + j],
2572 x / VNC_DIRTY_PIXELS_PER_BIT,
2573 VNC_STAT_RECT / VNC_DIRTY_PIXELS_PER_BIT);
2574 }
2575 has_dirty++;
2576 }
2577
2578 return has_dirty;
2579 }
2580
2581 static int vnc_update_stats(VncDisplay *vd, struct timeval * tv)
2582 {
2583 int width = pixman_image_get_width(vd->guest.fb);
2584 int height = pixman_image_get_height(vd->guest.fb);
2585 int x, y;
2586 struct timeval res;
2587 int has_dirty = 0;
2588
2589 for (y = 0; y < height; y += VNC_STAT_RECT) {
2590 for (x = 0; x < width; x += VNC_STAT_RECT) {
2591 VncRectStat *rect = vnc_stat_rect(vd, x, y);
2592
2593 rect->updated = false;
2594 }
2595 }
2596
2597 qemu_timersub(tv, &VNC_REFRESH_STATS, &res);
2598
2599 if (timercmp(&vd->guest.last_freq_check, &res, >)) {
2600 return has_dirty;
2601 }
2602 vd->guest.last_freq_check = *tv;
2603
2604 for (y = 0; y < height; y += VNC_STAT_RECT) {
2605 for (x = 0; x < width; x += VNC_STAT_RECT) {
2606 VncRectStat *rect= vnc_stat_rect(vd, x, y);
2607 int count = ARRAY_SIZE(rect->times);
2608 struct timeval min, max;
2609
2610 if (!timerisset(&rect->times[count - 1])) {
2611 continue ;
2612 }
2613
2614 max = rect->times[(rect->idx + count - 1) % count];
2615 qemu_timersub(tv, &max, &res);
2616
2617 if (timercmp(&res, &VNC_REFRESH_LOSSY, >)) {
2618 rect->freq = 0;
2619 has_dirty += vnc_refresh_lossy_rect(vd, x, y);
2620 memset(rect->times, 0, sizeof (rect->times));
2621 continue ;
2622 }
2623
2624 min = rect->times[rect->idx];
2625 max = rect->times[(rect->idx + count - 1) % count];
2626 qemu_timersub(&max, &min, &res);
2627
2628 rect->freq = res.tv_sec + res.tv_usec / 1000000.;
2629 rect->freq /= count;
2630 rect->freq = 1. / rect->freq;
2631 }
2632 }
2633 return has_dirty;
2634 }
2635
2636 double vnc_update_freq(VncState *vs, int x, int y, int w, int h)
2637 {
2638 int i, j;
2639 double total = 0;
2640 int num = 0;
2641
2642 x = (x / VNC_STAT_RECT) * VNC_STAT_RECT;
2643 y = (y / VNC_STAT_RECT) * VNC_STAT_RECT;
2644
2645 for (j = y; j <= y + h; j += VNC_STAT_RECT) {
2646 for (i = x; i <= x + w; i += VNC_STAT_RECT) {
2647 total += vnc_stat_rect(vs->vd, i, j)->freq;
2648 num++;
2649 }
2650 }
2651
2652 if (num) {
2653 return total / num;
2654 } else {
2655 return 0;
2656 }
2657 }
2658
2659 static void vnc_rect_updated(VncDisplay *vd, int x, int y, struct timeval * tv)
2660 {
2661 VncRectStat *rect;
2662
2663 rect = vnc_stat_rect(vd, x, y);
2664 if (rect->updated) {
2665 return ;
2666 }
2667 rect->times[rect->idx] = *tv;
2668 rect->idx = (rect->idx + 1) % ARRAY_SIZE(rect->times);
2669 rect->updated = true;
2670 }
2671
2672 static int vnc_refresh_server_surface(VncDisplay *vd)
2673 {
2674 int width = pixman_image_get_width(vd->guest.fb);
2675 int height = pixman_image_get_height(vd->guest.fb);
2676 int y;
2677 uint8_t *guest_row0 = NULL, *server_row0;
2678 int guest_stride = 0, server_stride;
2679 int cmp_bytes;
2680 VncState *vs;
2681 int has_dirty = 0;
2682 pixman_image_t *tmpbuf = NULL;
2683
2684 struct timeval tv = { 0, 0 };
2685
2686 if (!vd->non_adaptive) {
2687 gettimeofday(&tv, NULL);
2688 has_dirty = vnc_update_stats(vd, &tv);
2689 }
2690
2691 /*
2692 * Walk through the guest dirty map.
2693 * Check and copy modified bits from guest to server surface.
2694 * Update server dirty map.
2695 */
2696 cmp_bytes = VNC_DIRTY_PIXELS_PER_BIT * VNC_SERVER_FB_BYTES;
2697 if (cmp_bytes > vnc_server_fb_stride(vd)) {
2698 cmp_bytes = vnc_server_fb_stride(vd);
2699 }
2700 if (vd->guest.format != VNC_SERVER_FB_FORMAT) {
2701 int width = pixman_image_get_width(vd->server);
2702 tmpbuf = qemu_pixman_linebuf_create(VNC_SERVER_FB_FORMAT, width);
2703 } else {
2704 guest_row0 = (uint8_t *)pixman_image_get_data(vd->guest.fb);
2705 guest_stride = pixman_image_get_stride(vd->guest.fb);
2706 }
2707 server_row0 = (uint8_t *)pixman_image_get_data(vd->server);
2708 server_stride = pixman_image_get_stride(vd->server);
2709
2710 y = 0;
2711 for (;;) {
2712 int x;
2713 uint8_t *guest_ptr, *server_ptr;
2714 unsigned long offset = find_next_bit((unsigned long *) &vd->guest.dirty,
2715 height * VNC_DIRTY_BPL(&vd->guest),
2716 y * VNC_DIRTY_BPL(&vd->guest));
2717 if (offset == height * VNC_DIRTY_BPL(&vd->guest)) {
2718 /* no more dirty bits */
2719 break;
2720 }
2721 y = offset / VNC_DIRTY_BPL(&vd->guest);
2722 x = offset % VNC_DIRTY_BPL(&vd->guest);
2723
2724 server_ptr = server_row0 + y * server_stride + x * cmp_bytes;
2725
2726 if (vd->guest.format != VNC_SERVER_FB_FORMAT) {
2727 qemu_pixman_linebuf_fill(tmpbuf, vd->guest.fb, width, 0, y);
2728 guest_ptr = (uint8_t *)pixman_image_get_data(tmpbuf);
2729 } else {
2730 guest_ptr = guest_row0 + y * guest_stride;
2731 }
2732 guest_ptr += x * cmp_bytes;
2733
2734 for (; x < DIV_ROUND_UP(width, VNC_DIRTY_PIXELS_PER_BIT);
2735 x++, guest_ptr += cmp_bytes, server_ptr += cmp_bytes) {
2736 if (!test_and_clear_bit(x, vd->guest.dirty[y])) {
2737 continue;
2738 }
2739 if (memcmp(server_ptr, guest_ptr, cmp_bytes) == 0) {
2740 continue;
2741 }
2742 memcpy(server_ptr, guest_ptr, cmp_bytes);
2743 if (!vd->non_adaptive) {
2744 vnc_rect_updated(vd, x * VNC_DIRTY_PIXELS_PER_BIT,
2745 y, &tv);
2746 }
2747 QTAILQ_FOREACH(vs, &vd->clients, next) {
2748 set_bit(x, vs->dirty[y]);
2749 }
2750 has_dirty++;
2751 }
2752
2753 y++;
2754 }
2755 qemu_pixman_image_unref(tmpbuf);
2756 return has_dirty;
2757 }
2758
2759 static void vnc_refresh(DisplayChangeListener *dcl)
2760 {
2761 VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
2762 VncState *vs, *vn;
2763 int has_dirty, rects = 0;
2764
2765 graphic_hw_update(NULL);
2766
2767 if (vnc_trylock_display(vd)) {
2768 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE);
2769 return;
2770 }
2771
2772 has_dirty = vnc_refresh_server_surface(vd);
2773 vnc_unlock_display(vd);
2774
2775 QTAILQ_FOREACH_SAFE(vs, &vd->clients, next, vn) {
2776 rects += vnc_update_client(vs, has_dirty, false);
2777 /* vs might be free()ed here */
2778 }
2779
2780 if (QTAILQ_EMPTY(&vd->clients)) {
2781 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_MAX);
2782 return;
2783 }
2784
2785 if (has_dirty && rects) {
2786 vd->dcl.update_interval /= 2;
2787 if (vd->dcl.update_interval < VNC_REFRESH_INTERVAL_BASE) {
2788 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_BASE;
2789 }
2790 } else {
2791 vd->dcl.update_interval += VNC_REFRESH_INTERVAL_INC;
2792 if (vd->dcl.update_interval > VNC_REFRESH_INTERVAL_MAX) {
2793 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_MAX;
2794 }
2795 }
2796 }
2797
2798 static void vnc_connect(VncDisplay *vd, int csock,
2799 bool skipauth, bool websocket)
2800 {
2801 VncState *vs = g_malloc0(sizeof(VncState));
2802 int i;
2803
2804 vs->csock = csock;
2805
2806 if (skipauth) {
2807 vs->auth = VNC_AUTH_NONE;
2808 #ifdef CONFIG_VNC_TLS
2809 vs->subauth = VNC_AUTH_INVALID;
2810 #endif
2811 } else {
2812 vs->auth = vd->auth;
2813 #ifdef CONFIG_VNC_TLS
2814 vs->subauth = vd->subauth;
2815 #endif
2816 }
2817
2818 vs->lossy_rect = g_malloc0(VNC_STAT_ROWS * sizeof (*vs->lossy_rect));
2819 for (i = 0; i < VNC_STAT_ROWS; ++i) {
2820 vs->lossy_rect[i] = g_malloc0(VNC_STAT_COLS * sizeof (uint8_t));
2821 }
2822
2823 VNC_DEBUG("New client on socket %d\n", csock);
2824 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE);
2825 qemu_set_nonblock(vs->csock);
2826 #ifdef CONFIG_VNC_WS
2827 if (websocket) {
2828 vs->websocket = 1;
2829 #ifdef CONFIG_VNC_TLS
2830 if (vd->tls.x509cert) {
2831 qemu_set_fd_handler2(vs->csock, NULL, vncws_tls_handshake_peek,
2832 NULL, vs);
2833 } else
2834 #endif /* CONFIG_VNC_TLS */
2835 {
2836 qemu_set_fd_handler2(vs->csock, NULL, vncws_handshake_read,
2837 NULL, vs);
2838 }
2839 } else
2840 #endif /* CONFIG_VNC_WS */
2841 {
2842 qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, NULL, vs);
2843 }
2844
2845 vnc_client_cache_addr(vs);
2846 vnc_qmp_event(vs, QEVENT_VNC_CONNECTED);
2847 vnc_set_share_mode(vs, VNC_SHARE_MODE_CONNECTING);
2848
2849 vs->vd = vd;
2850
2851 #ifdef CONFIG_VNC_WS
2852 if (!vs->websocket)
2853 #endif
2854 {
2855 vnc_init_state(vs);
2856 }
2857 }
2858
2859 void vnc_init_state(VncState *vs)
2860 {
2861 vs->initialized = true;
2862 VncDisplay *vd = vs->vd;
2863
2864 vs->last_x = -1;
2865 vs->last_y = -1;
2866
2867 vs->as.freq = 44100;
2868 vs->as.nchannels = 2;
2869 vs->as.fmt = AUD_FMT_S16;
2870 vs->as.endianness = 0;
2871
2872 qemu_mutex_init(&vs->output_mutex);
2873 vs->bh = qemu_bh_new(vnc_jobs_bh, vs);
2874
2875 QTAILQ_INSERT_HEAD(&vd->clients, vs, next);
2876
2877 graphic_hw_update(NULL);
2878
2879 vnc_write(vs, "RFB 003.008\n", 12);
2880 vnc_flush(vs);
2881 vnc_read_when(vs, protocol_version, 12);
2882 reset_keys(vs);
2883 if (vs->vd->lock_key_sync)
2884 vs->led = qemu_add_led_event_handler(kbd_leds, vs);
2885
2886 vs->mouse_mode_notifier.notify = check_pointer_type_change;
2887 qemu_add_mouse_mode_change_notifier(&vs->mouse_mode_notifier);
2888
2889 /* vs might be free()ed here */
2890 }
2891
2892 static void vnc_listen_read(void *opaque, bool websocket)
2893 {
2894 VncDisplay *vs = opaque;
2895 struct sockaddr_in addr;
2896 socklen_t addrlen = sizeof(addr);
2897 int csock;
2898
2899 /* Catch-up */
2900 graphic_hw_update(NULL);
2901 #ifdef CONFIG_VNC_WS
2902 if (websocket) {
2903 csock = qemu_accept(vs->lwebsock, (struct sockaddr *)&addr, &addrlen);
2904 } else
2905 #endif /* CONFIG_VNC_WS */
2906 {
2907 csock = qemu_accept(vs->lsock, (struct sockaddr *)&addr, &addrlen);
2908 }
2909
2910 if (csock != -1) {
2911 vnc_connect(vs, csock, false, websocket);
2912 }
2913 }
2914
2915 static void vnc_listen_regular_read(void *opaque)
2916 {
2917 vnc_listen_read(opaque, false);
2918 }
2919
2920 #ifdef CONFIG_VNC_WS
2921 static void vnc_listen_websocket_read(void *opaque)
2922 {
2923 vnc_listen_read(opaque, true);
2924 }
2925 #endif /* CONFIG_VNC_WS */
2926
2927 static const DisplayChangeListenerOps dcl_ops = {
2928 .dpy_name = "vnc",
2929 .dpy_refresh = vnc_refresh,
2930 .dpy_gfx_copy = vnc_dpy_copy,
2931 .dpy_gfx_update = vnc_dpy_update,
2932 .dpy_gfx_switch = vnc_dpy_switch,
2933 .dpy_mouse_set = vnc_mouse_set,
2934 .dpy_cursor_define = vnc_dpy_cursor_define,
2935 };
2936
2937 void vnc_display_init(DisplayState *ds)
2938 {
2939 VncDisplay *vs = g_malloc0(sizeof(*vs));
2940
2941 vnc_display = vs;
2942
2943 vs->lsock = -1;
2944 #ifdef CONFIG_VNC_WS
2945 vs->lwebsock = -1;
2946 #endif
2947
2948 QTAILQ_INIT(&vs->clients);
2949 vs->expires = TIME_MAX;
2950
2951 if (keyboard_layout) {
2952 trace_vnc_key_map_init(keyboard_layout);
2953 vs->kbd_layout = init_keyboard_layout(name2keysym, keyboard_layout);
2954 } else {
2955 vs->kbd_layout = init_keyboard_layout(name2keysym, "en-us");
2956 }
2957
2958 if (!vs->kbd_layout)
2959 exit(1);
2960
2961 qemu_mutex_init(&vs->mutex);
2962 vnc_start_worker_thread();
2963
2964 vs->dcl.ops = &dcl_ops;
2965 register_displaychangelistener(&vs->dcl);
2966 }
2967
2968
2969 static void vnc_display_close(DisplayState *ds)
2970 {
2971 VncDisplay *vs = vnc_display;
2972
2973 if (!vs)
2974 return;
2975 if (vs->display) {
2976 g_free(vs->display);
2977 vs->display = NULL;
2978 }
2979 if (vs->lsock != -1) {
2980 qemu_set_fd_handler2(vs->lsock, NULL, NULL, NULL, NULL);
2981 close(vs->lsock);
2982 vs->lsock = -1;
2983 }
2984 #ifdef CONFIG_VNC_WS
2985 g_free(vs->ws_display);
2986 vs->ws_display = NULL;
2987 if (vs->lwebsock != -1) {
2988 qemu_set_fd_handler2(vs->lwebsock, NULL, NULL, NULL, NULL);
2989 close(vs->lwebsock);
2990 vs->lwebsock = -1;
2991 }
2992 #endif /* CONFIG_VNC_WS */
2993 vs->auth = VNC_AUTH_INVALID;
2994 #ifdef CONFIG_VNC_TLS
2995 vs->subauth = VNC_AUTH_INVALID;
2996 vs->tls.x509verify = 0;
2997 #endif
2998 }
2999
3000 int vnc_display_password(DisplayState *ds, const char *password)
3001 {
3002 VncDisplay *vs = vnc_display;
3003
3004 if (!vs) {
3005 return -EINVAL;
3006 }
3007 if (vs->auth == VNC_AUTH_NONE) {
3008 error_printf_unless_qmp("If you want use passwords please enable "
3009 "password auth using '-vnc ${dpy},password'.");
3010 return -EINVAL;
3011 }
3012
3013 if (vs->password) {
3014 g_free(vs->password);
3015 vs->password = NULL;
3016 }
3017 if (password) {
3018 vs->password = g_strdup(password);
3019 }
3020
3021 return 0;
3022 }
3023
3024 int vnc_display_pw_expire(DisplayState *ds, time_t expires)
3025 {
3026 VncDisplay *vs = vnc_display;
3027
3028 if (!vs) {
3029 return -EINVAL;
3030 }
3031
3032 vs->expires = expires;
3033 return 0;
3034 }
3035
3036 char *vnc_display_local_addr(DisplayState *ds)
3037 {
3038 VncDisplay *vs = vnc_display;
3039
3040 return vnc_socket_local_addr("%s:%s", vs->lsock);
3041 }
3042
3043 void vnc_display_open(DisplayState *ds, const char *display, Error **errp)
3044 {
3045 VncDisplay *vs = vnc_display;
3046 const char *options;
3047 int password = 0;
3048 int reverse = 0;
3049 #ifdef CONFIG_VNC_TLS
3050 int tls = 0, x509 = 0;
3051 #endif
3052 #ifdef CONFIG_VNC_SASL
3053 int sasl = 0;
3054 int saslErr;
3055 #endif
3056 #if defined(CONFIG_VNC_TLS) || defined(CONFIG_VNC_SASL)
3057 int acl = 0;
3058 #endif
3059 int lock_key_sync = 1;
3060
3061 if (!vnc_display) {
3062 error_setg(errp, "VNC display not active");
3063 return;
3064 }
3065 vnc_display_close(ds);
3066 if (strcmp(display, "none") == 0)
3067 return;
3068
3069 vs->display = g_strdup(display);
3070 vs->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
3071
3072 options = display;
3073 while ((options = strchr(options, ','))) {
3074 options++;
3075 if (strncmp(options, "password", 8) == 0) {
3076 if (fips_get_state()) {
3077 error_setg(errp,
3078 "VNC password auth disabled due to FIPS mode, "
3079 "consider using the VeNCrypt or SASL authentication "
3080 "methods as an alternative");
3081 goto fail;
3082 }
3083 password = 1; /* Require password auth */
3084 } else if (strncmp(options, "reverse", 7) == 0) {
3085 reverse = 1;
3086 } else if (strncmp(options, "no-lock-key-sync", 16) == 0) {
3087 lock_key_sync = 0;
3088 #ifdef CONFIG_VNC_SASL
3089 } else if (strncmp(options, "sasl", 4) == 0) {
3090 sasl = 1; /* Require SASL auth */
3091 #endif
3092 #ifdef CONFIG_VNC_WS
3093 } else if (strncmp(options, "websocket", 9) == 0) {
3094 char *start, *end;
3095 vs->websocket = 1;
3096
3097 /* Check for 'websocket=<port>' */
3098 start = strchr(options, '=');
3099 end = strchr(options, ',');
3100 if (start && (!end || (start < end))) {
3101 int len = end ? end-(start+1) : strlen(start+1);
3102 if (len < 6) {
3103 /* extract the host specification from display */
3104 char *host = NULL, *port = NULL, *host_end = NULL;
3105 port = g_strndup(start + 1, len);
3106
3107 /* ipv6 hosts have colons */
3108 end = strchr(display, ',');
3109 host_end = g_strrstr_len(display, end - display, ":");
3110
3111 if (host_end) {
3112 host = g_strndup(display, host_end - display + 1);
3113 } else {
3114 host = g_strndup(":", 1);
3115 }
3116 vs->ws_display = g_strconcat(host, port, NULL);
3117 g_free(host);
3118 g_free(port);
3119 }
3120 }
3121 #endif /* CONFIG_VNC_WS */
3122 #ifdef CONFIG_VNC_TLS
3123 } else if (strncmp(options, "tls", 3) == 0) {
3124 tls = 1; /* Require TLS */
3125 } else if (strncmp(options, "x509", 4) == 0) {
3126 char *start, *end;
3127 x509 = 1; /* Require x509 certificates */
3128 if (strncmp(options, "x509verify", 10) == 0)
3129 vs->tls.x509verify = 1; /* ...and verify client certs */
3130
3131 /* Now check for 'x509=/some/path' postfix
3132 * and use that to setup x509 certificate/key paths */
3133 start = strchr(options, '=');
3134 end = strchr(options, ',');
3135 if (start && (!end || (start < end))) {
3136 int len = end ? end-(start+1) : strlen(start+1);
3137 char *path = g_strndup(start + 1, len);
3138
3139 VNC_DEBUG("Trying certificate path '%s'\n", path);
3140 if (vnc_tls_set_x509_creds_dir(vs, path) < 0) {
3141 error_setg(errp, "Failed to find x509 certificates/keys in %s", path);
3142 g_free(path);
3143 goto fail;
3144 }
3145 g_free(path);
3146 } else {
3147 error_setg(errp, "No certificate path provided");
3148 goto fail;
3149 }
3150 #endif
3151 #if defined(CONFIG_VNC_TLS) || defined(CONFIG_VNC_SASL)
3152 } else if (strncmp(options, "acl", 3) == 0) {
3153 acl = 1;
3154 #endif
3155 } else if (strncmp(options, "lossy", 5) == 0) {
3156 #ifdef CONFIG_VNC_JPEG
3157 vs->lossy = true;
3158 #endif
3159 } else if (strncmp(options, "non-adaptive", 12) == 0) {
3160 vs->non_adaptive = true;
3161 } else if (strncmp(options, "share=", 6) == 0) {
3162 if (strncmp(options+6, "ignore", 6) == 0) {
3163 vs->share_policy = VNC_SHARE_POLICY_IGNORE;
3164 } else if (strncmp(options+6, "allow-exclusive", 15) == 0) {
3165 vs->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
3166 } else if (strncmp(options+6, "force-shared", 12) == 0) {
3167 vs->share_policy = VNC_SHARE_POLICY_FORCE_SHARED;
3168 } else {
3169 error_setg(errp, "unknown vnc share= option");
3170 goto fail;
3171 }
3172 }
3173 }
3174
3175 /* adaptive updates are only used with tight encoding and
3176 * if lossy updates are enabled so we can disable all the
3177 * calculations otherwise */
3178 if (!vs->lossy) {
3179 vs->non_adaptive = true;
3180 }
3181
3182 #ifdef CONFIG_VNC_TLS
3183 if (acl && x509 && vs->tls.x509verify) {
3184 if (!(vs->tls.acl = qemu_acl_init("vnc.x509dname"))) {
3185 fprintf(stderr, "Failed to create x509 dname ACL\n");
3186 exit(1);
3187 }
3188 }
3189 #endif
3190 #ifdef CONFIG_VNC_SASL
3191 if (acl && sasl) {
3192 if (!(vs->sasl.acl = qemu_acl_init("vnc.username"))) {
3193 fprintf(stderr, "Failed to create username ACL\n");
3194 exit(1);
3195 }
3196 }
3197 #endif
3198
3199 /*
3200 * Combinations we support here:
3201 *
3202 * - no-auth (clear text, no auth)
3203 * - password (clear text, weak auth)
3204 * - sasl (encrypt, good auth *IF* using Kerberos via GSSAPI)
3205 * - tls (encrypt, weak anonymous creds, no auth)
3206 * - tls + password (encrypt, weak anonymous creds, weak auth)
3207 * - tls + sasl (encrypt, weak anonymous creds, good auth)
3208 * - tls + x509 (encrypt, good x509 creds, no auth)
3209 * - tls + x509 + password (encrypt, good x509 creds, weak auth)
3210 * - tls + x509 + sasl (encrypt, good x509 creds, good auth)
3211 *
3212 * NB1. TLS is a stackable auth scheme.
3213 * NB2. the x509 schemes have option to validate a client cert dname
3214 */
3215 if (password) {
3216 #ifdef CONFIG_VNC_TLS
3217 if (tls) {
3218 vs->auth = VNC_AUTH_VENCRYPT;
3219 if (x509) {
3220 VNC_DEBUG("Initializing VNC server with x509 password auth\n");
3221 vs->subauth = VNC_AUTH_VENCRYPT_X509VNC;
3222 } else {
3223 VNC_DEBUG("Initializing VNC server with TLS password auth\n");
3224 vs->subauth = VNC_AUTH_VENCRYPT_TLSVNC;
3225 }
3226 } else {
3227 #endif /* CONFIG_VNC_TLS */
3228 VNC_DEBUG("Initializing VNC server with password auth\n");
3229 vs->auth = VNC_AUTH_VNC;
3230 #ifdef CONFIG_VNC_TLS
3231 vs->subauth = VNC_AUTH_INVALID;
3232 }
3233 #endif /* CONFIG_VNC_TLS */
3234 #ifdef CONFIG_VNC_SASL
3235 } else if (sasl) {
3236 #ifdef CONFIG_VNC_TLS
3237 if (tls) {
3238 vs->auth = VNC_AUTH_VENCRYPT;
3239 if (x509) {
3240 VNC_DEBUG("Initializing VNC server with x509 SASL auth\n");
3241 vs->subauth = VNC_AUTH_VENCRYPT_X509SASL;
3242 } else {
3243 VNC_DEBUG("Initializing VNC server with TLS SASL auth\n");
3244 vs->subauth = VNC_AUTH_VENCRYPT_TLSSASL;
3245 }
3246 } else {
3247 #endif /* CONFIG_VNC_TLS */
3248 VNC_DEBUG("Initializing VNC server with SASL auth\n");
3249 vs->auth = VNC_AUTH_SASL;
3250 #ifdef CONFIG_VNC_TLS
3251 vs->subauth = VNC_AUTH_INVALID;
3252 }
3253 #endif /* CONFIG_VNC_TLS */
3254 #endif /* CONFIG_VNC_SASL */
3255 } else {
3256 #ifdef CONFIG_VNC_TLS
3257 if (tls) {
3258 vs->auth = VNC_AUTH_VENCRYPT;
3259 if (x509) {
3260 VNC_DEBUG("Initializing VNC server with x509 no auth\n");
3261 vs->subauth = VNC_AUTH_VENCRYPT_X509NONE;
3262 } else {
3263 VNC_DEBUG("Initializing VNC server with TLS no auth\n");
3264 vs->subauth = VNC_AUTH_VENCRYPT_TLSNONE;
3265 }
3266 } else {
3267 #endif
3268 VNC_DEBUG("Initializing VNC server with no auth\n");
3269 vs->auth = VNC_AUTH_NONE;
3270 #ifdef CONFIG_VNC_TLS
3271 vs->subauth = VNC_AUTH_INVALID;
3272 }
3273 #endif
3274 }
3275
3276 #ifdef CONFIG_VNC_SASL
3277 if ((saslErr = sasl_server_init(NULL, "qemu")) != SASL_OK) {
3278 error_setg(errp, "Failed to initialize SASL auth: %s",
3279 sasl_errstring(saslErr, NULL, NULL));
3280 goto fail;
3281 }
3282 #endif
3283 vs->lock_key_sync = lock_key_sync;
3284
3285 if (reverse) {
3286 /* connect to viewer */
3287 int csock;
3288 vs->lsock = -1;
3289 #ifdef CONFIG_VNC_WS
3290 vs->lwebsock = -1;
3291 #endif
3292 if (strncmp(display, "unix:", 5) == 0) {
3293 csock = unix_connect(display+5, errp);
3294 } else {
3295 csock = inet_connect(display, errp);
3296 }
3297 if (csock < 0) {
3298 goto fail;
3299 }
3300 vnc_connect(vs, csock, false, false);
3301 } else {
3302 /* listen for connects */
3303 char *dpy;
3304 dpy = g_malloc(256);
3305 if (strncmp(display, "unix:", 5) == 0) {
3306 pstrcpy(dpy, 256, "unix:");
3307 vs->lsock = unix_listen(display+5, dpy+5, 256-5, errp);
3308 } else {
3309 vs->lsock = inet_listen(display, dpy, 256,
3310 SOCK_STREAM, 5900, errp);
3311 if (vs->lsock < 0) {
3312 g_free(dpy);
3313 goto fail;
3314 }
3315 #ifdef CONFIG_VNC_WS
3316 if (vs->websocket) {
3317 if (vs->ws_display) {
3318 vs->lwebsock = inet_listen(vs->ws_display, NULL, 256,
3319 SOCK_STREAM, 0, errp);
3320 } else {
3321 vs->lwebsock = inet_listen(vs->display, NULL, 256,
3322 SOCK_STREAM, 5700, errp);
3323 }
3324
3325 if (vs->lwebsock < 0) {
3326 if (vs->lsock) {
3327 close(vs->lsock);
3328 vs->lsock = -1;
3329 }
3330 g_free(dpy);
3331 goto fail;
3332 }
3333 }
3334 #endif /* CONFIG_VNC_WS */
3335 }
3336 g_free(vs->display);
3337 vs->display = dpy;
3338 qemu_set_fd_handler2(vs->lsock, NULL,
3339 vnc_listen_regular_read, NULL, vs);
3340 #ifdef CONFIG_VNC_WS
3341 if (vs->websocket) {
3342 qemu_set_fd_handler2(vs->lwebsock, NULL,
3343 vnc_listen_websocket_read, NULL, vs);
3344 }
3345 #endif /* CONFIG_VNC_WS */
3346 }
3347 return;
3348
3349 fail:
3350 g_free(vs->display);
3351 vs->display = NULL;
3352 #ifdef CONFIG_VNC_WS
3353 g_free(vs->ws_display);
3354 vs->ws_display = NULL;
3355 #endif /* CONFIG_VNC_WS */
3356 }
3357
3358 void vnc_display_add_client(DisplayState *ds, int csock, bool skipauth)
3359 {
3360 VncDisplay *vs = vnc_display;
3361
3362 vnc_connect(vs, csock, skipauth, false);
3363 }
AR7 emulation for QEMU