root / vnc.c @ 1ea879e5
History | View | Annotate | Download (67.3 kB)
1 |
/*
|
---|---|
2 |
* QEMU VNC display driver
|
3 |
*
|
4 |
* Copyright (C) 2006 Anthony Liguori <anthony@codemonkey.ws>
|
5 |
* Copyright (C) 2006 Fabrice Bellard
|
6 |
*
|
7 |
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
8 |
* of this software and associated documentation files (the "Software"), to deal
|
9 |
* in the Software without restriction, including without limitation the rights
|
10 |
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
11 |
* copies of the Software, and to permit persons to whom the Software is
|
12 |
* furnished to do so, subject to the following conditions:
|
13 |
*
|
14 |
* The above copyright notice and this permission notice shall be included in
|
15 |
* all copies or substantial portions of the Software.
|
16 |
*
|
17 |
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
18 |
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
19 |
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
|
20 |
* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
21 |
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
22 |
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
23 |
* THE SOFTWARE.
|
24 |
*/
|
25 |
|
26 |
#include "qemu-common.h" |
27 |
#include "console.h" |
28 |
#include "sysemu.h" |
29 |
#include "qemu_socket.h" |
30 |
#include "qemu-timer.h" |
31 |
#include "audio/audio.h" |
32 |
|
33 |
#define VNC_REFRESH_INTERVAL (1000 / 30) |
34 |
|
35 |
#include "vnc_keysym.h" |
36 |
#include "keymaps.c" |
37 |
#include "d3des.h" |
38 |
|
39 |
#ifdef CONFIG_VNC_TLS
|
40 |
#include <gnutls/gnutls.h> |
41 |
#include <gnutls/x509.h> |
42 |
#endif /* CONFIG_VNC_TLS */ |
43 |
|
44 |
// #define _VNC_DEBUG 1
|
45 |
|
46 |
#ifdef _VNC_DEBUG
|
47 |
#define VNC_DEBUG(fmt, ...) do { fprintf(stderr, fmt, ## __VA_ARGS__); } while (0) |
48 |
|
49 |
#if CONFIG_VNC_TLS && _VNC_DEBUG >= 2 |
50 |
/* Very verbose, so only enabled for _VNC_DEBUG >= 2 */
|
51 |
static void vnc_debug_gnutls_log(int level, const char* str) { |
52 |
VNC_DEBUG("%d %s", level, str);
|
53 |
} |
54 |
#endif /* CONFIG_VNC_TLS && _VNC_DEBUG */ |
55 |
#else
|
56 |
#define VNC_DEBUG(fmt, ...) do { } while (0) |
57 |
#endif
|
58 |
|
59 |
|
60 |
typedef struct Buffer |
61 |
{ |
62 |
size_t capacity; |
63 |
size_t offset; |
64 |
uint8_t *buffer; |
65 |
} Buffer; |
66 |
|
67 |
typedef struct VncState VncState; |
68 |
|
69 |
typedef int VncReadEvent(VncState *vs, uint8_t *data, size_t len); |
70 |
|
71 |
typedef void VncWritePixels(VncState *vs, void *data, int size); |
72 |
|
73 |
typedef void VncSendHextileTile(VncState *vs, |
74 |
int x, int y, int w, int h, |
75 |
void *last_bg,
|
76 |
void *last_fg,
|
77 |
int *has_bg, int *has_fg); |
78 |
|
79 |
#define VNC_MAX_WIDTH 2048 |
80 |
#define VNC_MAX_HEIGHT 2048 |
81 |
#define VNC_DIRTY_WORDS (VNC_MAX_WIDTH / (16 * 32)) |
82 |
|
83 |
#define VNC_AUTH_CHALLENGE_SIZE 16 |
84 |
|
85 |
enum {
|
86 |
VNC_AUTH_INVALID = 0,
|
87 |
VNC_AUTH_NONE = 1,
|
88 |
VNC_AUTH_VNC = 2,
|
89 |
VNC_AUTH_RA2 = 5,
|
90 |
VNC_AUTH_RA2NE = 6,
|
91 |
VNC_AUTH_TIGHT = 16,
|
92 |
VNC_AUTH_ULTRA = 17,
|
93 |
VNC_AUTH_TLS = 18,
|
94 |
VNC_AUTH_VENCRYPT = 19
|
95 |
}; |
96 |
|
97 |
#ifdef CONFIG_VNC_TLS
|
98 |
enum {
|
99 |
VNC_WIREMODE_CLEAR, |
100 |
VNC_WIREMODE_TLS, |
101 |
}; |
102 |
|
103 |
enum {
|
104 |
VNC_AUTH_VENCRYPT_PLAIN = 256,
|
105 |
VNC_AUTH_VENCRYPT_TLSNONE = 257,
|
106 |
VNC_AUTH_VENCRYPT_TLSVNC = 258,
|
107 |
VNC_AUTH_VENCRYPT_TLSPLAIN = 259,
|
108 |
VNC_AUTH_VENCRYPT_X509NONE = 260,
|
109 |
VNC_AUTH_VENCRYPT_X509VNC = 261,
|
110 |
VNC_AUTH_VENCRYPT_X509PLAIN = 262,
|
111 |
}; |
112 |
|
113 |
#define X509_CA_CERT_FILE "ca-cert.pem" |
114 |
#define X509_CA_CRL_FILE "ca-crl.pem" |
115 |
#define X509_SERVER_KEY_FILE "server-key.pem" |
116 |
#define X509_SERVER_CERT_FILE "server-cert.pem" |
117 |
|
118 |
#endif /* CONFIG_VNC_TLS */ |
119 |
|
120 |
struct VncState
|
121 |
{ |
122 |
QEMUTimer *timer; |
123 |
int lsock;
|
124 |
int csock;
|
125 |
DisplayState *ds; |
126 |
int need_update;
|
127 |
int width;
|
128 |
int height;
|
129 |
uint32_t dirty_row[VNC_MAX_HEIGHT][VNC_DIRTY_WORDS]; |
130 |
char *old_data;
|
131 |
int depth; /* internal VNC frame buffer byte per pixel */ |
132 |
int has_resize;
|
133 |
int has_hextile;
|
134 |
int has_pointer_type_change;
|
135 |
int has_WMVi;
|
136 |
int absolute;
|
137 |
int last_x;
|
138 |
int last_y;
|
139 |
|
140 |
int major;
|
141 |
int minor;
|
142 |
|
143 |
char *display;
|
144 |
char *password;
|
145 |
int auth;
|
146 |
#ifdef CONFIG_VNC_TLS
|
147 |
int subauth;
|
148 |
int x509verify;
|
149 |
|
150 |
char *x509cacert;
|
151 |
char *x509cacrl;
|
152 |
char *x509cert;
|
153 |
char *x509key;
|
154 |
#endif
|
155 |
char challenge[VNC_AUTH_CHALLENGE_SIZE];
|
156 |
|
157 |
#ifdef CONFIG_VNC_TLS
|
158 |
int wiremode;
|
159 |
gnutls_session_t tls_session; |
160 |
#endif
|
161 |
|
162 |
Buffer output; |
163 |
Buffer input; |
164 |
kbd_layout_t *kbd_layout; |
165 |
/* current output mode information */
|
166 |
VncWritePixels *write_pixels; |
167 |
VncSendHextileTile *send_hextile_tile; |
168 |
int pix_bpp, pix_big_endian;
|
169 |
int client_red_shift, client_red_max, server_red_shift, server_red_max;
|
170 |
int client_green_shift, client_green_max, server_green_shift, server_green_max;
|
171 |
int client_blue_shift, client_blue_max, server_blue_shift, server_blue_max;
|
172 |
|
173 |
CaptureVoiceOut *audio_cap; |
174 |
struct audsettings as;
|
175 |
|
176 |
VncReadEvent *read_handler; |
177 |
size_t read_handler_expect; |
178 |
/* input */
|
179 |
uint8_t modifiers_state[256];
|
180 |
}; |
181 |
|
182 |
static VncState *vnc_state; /* needed for info vnc */ |
183 |
|
184 |
void do_info_vnc(void) |
185 |
{ |
186 |
if (vnc_state == NULL) |
187 |
term_printf("VNC server disabled\n");
|
188 |
else {
|
189 |
term_printf("VNC server active on: ");
|
190 |
term_print_filename(vnc_state->display); |
191 |
term_printf("\n");
|
192 |
|
193 |
if (vnc_state->csock == -1) |
194 |
term_printf("No client connected\n");
|
195 |
else
|
196 |
term_printf("Client connected\n");
|
197 |
} |
198 |
} |
199 |
|
200 |
/* TODO
|
201 |
1) Get the queue working for IO.
|
202 |
2) there is some weirdness when using the -S option (the screen is grey
|
203 |
and not totally invalidated
|
204 |
3) resolutions > 1024
|
205 |
*/
|
206 |
|
207 |
static void vnc_write(VncState *vs, const void *data, size_t len); |
208 |
static void vnc_write_u32(VncState *vs, uint32_t value); |
209 |
static void vnc_write_s32(VncState *vs, int32_t value); |
210 |
static void vnc_write_u16(VncState *vs, uint16_t value); |
211 |
static void vnc_write_u8(VncState *vs, uint8_t value); |
212 |
static void vnc_flush(VncState *vs); |
213 |
static void vnc_update_client(void *opaque); |
214 |
static void vnc_client_read(void *opaque); |
215 |
|
216 |
static void vnc_colordepth(DisplayState *ds, int depth); |
217 |
|
218 |
static inline void vnc_set_bit(uint32_t *d, int k) |
219 |
{ |
220 |
d[k >> 5] |= 1 << (k & 0x1f); |
221 |
} |
222 |
|
223 |
static inline void vnc_clear_bit(uint32_t *d, int k) |
224 |
{ |
225 |
d[k >> 5] &= ~(1 << (k & 0x1f)); |
226 |
} |
227 |
|
228 |
static inline void vnc_set_bits(uint32_t *d, int n, int nb_words) |
229 |
{ |
230 |
int j;
|
231 |
|
232 |
j = 0;
|
233 |
while (n >= 32) { |
234 |
d[j++] = -1;
|
235 |
n -= 32;
|
236 |
} |
237 |
if (n > 0) |
238 |
d[j++] = (1 << n) - 1; |
239 |
while (j < nb_words)
|
240 |
d[j++] = 0;
|
241 |
} |
242 |
|
243 |
static inline int vnc_get_bit(const uint32_t *d, int k) |
244 |
{ |
245 |
return (d[k >> 5] >> (k & 0x1f)) & 1; |
246 |
} |
247 |
|
248 |
static inline int vnc_and_bits(const uint32_t *d1, const uint32_t *d2, |
249 |
int nb_words)
|
250 |
{ |
251 |
int i;
|
252 |
for(i = 0; i < nb_words; i++) { |
253 |
if ((d1[i] & d2[i]) != 0) |
254 |
return 1; |
255 |
} |
256 |
return 0; |
257 |
} |
258 |
|
259 |
static void vnc_dpy_update(DisplayState *ds, int x, int y, int w, int h) |
260 |
{ |
261 |
VncState *vs = ds->opaque; |
262 |
int i;
|
263 |
|
264 |
h += y; |
265 |
|
266 |
/* round x down to ensure the loop only spans one 16-pixel block per,
|
267 |
iteration. otherwise, if (x % 16) != 0, the last iteration may span
|
268 |
two 16-pixel blocks but we only mark the first as dirty
|
269 |
*/
|
270 |
w += (x % 16);
|
271 |
x -= (x % 16);
|
272 |
|
273 |
x = MIN(x, vs->width); |
274 |
y = MIN(y, vs->height); |
275 |
w = MIN(x + w, vs->width) - x; |
276 |
h = MIN(h, vs->height); |
277 |
|
278 |
for (; y < h; y++)
|
279 |
for (i = 0; i < w; i += 16) |
280 |
vnc_set_bit(vs->dirty_row[y], (x + i) / 16);
|
281 |
} |
282 |
|
283 |
static void vnc_framebuffer_update(VncState *vs, int x, int y, int w, int h, |
284 |
int32_t encoding) |
285 |
{ |
286 |
vnc_write_u16(vs, x); |
287 |
vnc_write_u16(vs, y); |
288 |
vnc_write_u16(vs, w); |
289 |
vnc_write_u16(vs, h); |
290 |
|
291 |
vnc_write_s32(vs, encoding); |
292 |
} |
293 |
|
294 |
static void vnc_dpy_resize(DisplayState *ds, int w, int h) |
295 |
{ |
296 |
int size_changed;
|
297 |
VncState *vs = ds->opaque; |
298 |
|
299 |
ds->data = qemu_realloc(ds->data, w * h * vs->depth); |
300 |
vs->old_data = qemu_realloc(vs->old_data, w * h * vs->depth); |
301 |
|
302 |
if (ds->data == NULL || vs->old_data == NULL) { |
303 |
fprintf(stderr, "vnc: memory allocation failed\n");
|
304 |
exit(1);
|
305 |
} |
306 |
|
307 |
if (ds->depth != vs->depth * 8) { |
308 |
ds->depth = vs->depth * 8;
|
309 |
console_color_init(ds); |
310 |
} |
311 |
size_changed = ds->width != w || ds->height != h; |
312 |
ds->width = w; |
313 |
ds->height = h; |
314 |
ds->linesize = w * vs->depth; |
315 |
if (size_changed) {
|
316 |
vs->width = ds->width; |
317 |
vs->height = ds->height; |
318 |
if (vs->csock != -1 && vs->has_resize) { |
319 |
vnc_write_u8(vs, 0); /* msg id */ |
320 |
vnc_write_u8(vs, 0);
|
321 |
vnc_write_u16(vs, 1); /* number of rects */ |
322 |
vnc_framebuffer_update(vs, 0, 0, ds->width, ds->height, -223); |
323 |
vnc_flush(vs); |
324 |
} |
325 |
} |
326 |
|
327 |
memset(vs->dirty_row, 0xFF, sizeof(vs->dirty_row)); |
328 |
memset(vs->old_data, 42, ds_get_linesize(vs->ds) * ds_get_height(vs->ds));
|
329 |
} |
330 |
|
331 |
/* fastest code */
|
332 |
static void vnc_write_pixels_copy(VncState *vs, void *pixels, int size) |
333 |
{ |
334 |
vnc_write(vs, pixels, size); |
335 |
} |
336 |
|
337 |
/* slowest but generic code. */
|
338 |
static void vnc_convert_pixel(VncState *vs, uint8_t *buf, uint32_t v) |
339 |
{ |
340 |
uint8_t r, g, b; |
341 |
|
342 |
r = ((v >> vs->server_red_shift) & vs->server_red_max) * (vs->client_red_max + 1) /
|
343 |
(vs->server_red_max + 1);
|
344 |
g = ((v >> vs->server_green_shift) & vs->server_green_max) * (vs->client_green_max + 1) /
|
345 |
(vs->server_green_max + 1);
|
346 |
b = ((v >> vs->server_blue_shift) & vs->server_blue_max) * (vs->client_blue_max + 1) /
|
347 |
(vs->server_blue_max + 1);
|
348 |
v = (r << vs->client_red_shift) | |
349 |
(g << vs->client_green_shift) | |
350 |
(b << vs->client_blue_shift); |
351 |
switch(vs->pix_bpp) {
|
352 |
case 1: |
353 |
buf[0] = v;
|
354 |
break;
|
355 |
case 2: |
356 |
if (vs->pix_big_endian) {
|
357 |
buf[0] = v >> 8; |
358 |
buf[1] = v;
|
359 |
} else {
|
360 |
buf[1] = v >> 8; |
361 |
buf[0] = v;
|
362 |
} |
363 |
break;
|
364 |
default:
|
365 |
case 4: |
366 |
if (vs->pix_big_endian) {
|
367 |
buf[0] = v >> 24; |
368 |
buf[1] = v >> 16; |
369 |
buf[2] = v >> 8; |
370 |
buf[3] = v;
|
371 |
} else {
|
372 |
buf[3] = v >> 24; |
373 |
buf[2] = v >> 16; |
374 |
buf[1] = v >> 8; |
375 |
buf[0] = v;
|
376 |
} |
377 |
break;
|
378 |
} |
379 |
} |
380 |
|
381 |
static void vnc_write_pixels_generic(VncState *vs, void *pixels1, int size) |
382 |
{ |
383 |
uint8_t buf[4];
|
384 |
|
385 |
if (vs->depth == 4) { |
386 |
uint32_t *pixels = pixels1; |
387 |
int n, i;
|
388 |
n = size >> 2;
|
389 |
for(i = 0; i < n; i++) { |
390 |
vnc_convert_pixel(vs, buf, pixels[i]); |
391 |
vnc_write(vs, buf, vs->pix_bpp); |
392 |
} |
393 |
} else if (vs->depth == 2) { |
394 |
uint16_t *pixels = pixels1; |
395 |
int n, i;
|
396 |
n = size >> 1;
|
397 |
for(i = 0; i < n; i++) { |
398 |
vnc_convert_pixel(vs, buf, pixels[i]); |
399 |
vnc_write(vs, buf, vs->pix_bpp); |
400 |
} |
401 |
} else if (vs->depth == 1) { |
402 |
uint8_t *pixels = pixels1; |
403 |
int n, i;
|
404 |
n = size; |
405 |
for(i = 0; i < n; i++) { |
406 |
vnc_convert_pixel(vs, buf, pixels[i]); |
407 |
vnc_write(vs, buf, vs->pix_bpp); |
408 |
} |
409 |
} else {
|
410 |
fprintf(stderr, "vnc_write_pixels_generic: VncState color depth not supported\n");
|
411 |
} |
412 |
} |
413 |
|
414 |
static void send_framebuffer_update_raw(VncState *vs, int x, int y, int w, int h) |
415 |
{ |
416 |
int i;
|
417 |
uint8_t *row; |
418 |
|
419 |
vnc_framebuffer_update(vs, x, y, w, h, 0);
|
420 |
|
421 |
row = ds_get_data(vs->ds) + y * ds_get_linesize(vs->ds) + x * vs->depth; |
422 |
for (i = 0; i < h; i++) { |
423 |
vs->write_pixels(vs, row, w * vs->depth); |
424 |
row += ds_get_linesize(vs->ds); |
425 |
} |
426 |
} |
427 |
|
428 |
static void hextile_enc_cord(uint8_t *ptr, int x, int y, int w, int h) |
429 |
{ |
430 |
ptr[0] = ((x & 0x0F) << 4) | (y & 0x0F); |
431 |
ptr[1] = (((w - 1) & 0x0F) << 4) | ((h - 1) & 0x0F); |
432 |
} |
433 |
|
434 |
#define BPP 8 |
435 |
#include "vnchextile.h" |
436 |
#undef BPP
|
437 |
|
438 |
#define BPP 16 |
439 |
#include "vnchextile.h" |
440 |
#undef BPP
|
441 |
|
442 |
#define BPP 32 |
443 |
#include "vnchextile.h" |
444 |
#undef BPP
|
445 |
|
446 |
#define GENERIC
|
447 |
#define BPP 8 |
448 |
#include "vnchextile.h" |
449 |
#undef BPP
|
450 |
#undef GENERIC
|
451 |
|
452 |
#define GENERIC
|
453 |
#define BPP 16 |
454 |
#include "vnchextile.h" |
455 |
#undef BPP
|
456 |
#undef GENERIC
|
457 |
|
458 |
#define GENERIC
|
459 |
#define BPP 32 |
460 |
#include "vnchextile.h" |
461 |
#undef BPP
|
462 |
#undef GENERIC
|
463 |
|
464 |
static void send_framebuffer_update_hextile(VncState *vs, int x, int y, int w, int h) |
465 |
{ |
466 |
int i, j;
|
467 |
int has_fg, has_bg;
|
468 |
uint8_t *last_fg, *last_bg; |
469 |
|
470 |
vnc_framebuffer_update(vs, x, y, w, h, 5);
|
471 |
|
472 |
last_fg = (uint8_t *) malloc(vs->depth); |
473 |
last_bg = (uint8_t *) malloc(vs->depth); |
474 |
has_fg = has_bg = 0;
|
475 |
for (j = y; j < (y + h); j += 16) { |
476 |
for (i = x; i < (x + w); i += 16) { |
477 |
vs->send_hextile_tile(vs, i, j, |
478 |
MIN(16, x + w - i), MIN(16, y + h - j), |
479 |
last_bg, last_fg, &has_bg, &has_fg); |
480 |
} |
481 |
} |
482 |
free(last_fg); |
483 |
free(last_bg); |
484 |
|
485 |
} |
486 |
|
487 |
static void send_framebuffer_update(VncState *vs, int x, int y, int w, int h) |
488 |
{ |
489 |
if (vs->has_hextile)
|
490 |
send_framebuffer_update_hextile(vs, x, y, w, h); |
491 |
else
|
492 |
send_framebuffer_update_raw(vs, x, y, w, h); |
493 |
} |
494 |
|
495 |
static void vnc_copy(DisplayState *ds, int src_x, int src_y, int dst_x, int dst_y, int w, int h) |
496 |
{ |
497 |
int src, dst;
|
498 |
uint8_t *src_row; |
499 |
uint8_t *dst_row; |
500 |
char *old_row;
|
501 |
int y = 0; |
502 |
int pitch = ds_get_linesize(ds);
|
503 |
VncState *vs = ds->opaque; |
504 |
|
505 |
vnc_update_client(vs); |
506 |
|
507 |
if (dst_y > src_y) {
|
508 |
y = h - 1;
|
509 |
pitch = -pitch; |
510 |
} |
511 |
|
512 |
src = (ds_get_linesize(ds) * (src_y + y) + vs->depth * src_x); |
513 |
dst = (ds_get_linesize(ds) * (dst_y + y) + vs->depth * dst_x); |
514 |
|
515 |
src_row = ds_get_data(ds) + src; |
516 |
dst_row = ds_get_data(ds) + dst; |
517 |
old_row = vs->old_data + dst; |
518 |
|
519 |
for (y = 0; y < h; y++) { |
520 |
memmove(old_row, src_row, w * vs->depth); |
521 |
memmove(dst_row, src_row, w * vs->depth); |
522 |
src_row += pitch; |
523 |
dst_row += pitch; |
524 |
old_row += pitch; |
525 |
} |
526 |
|
527 |
vnc_write_u8(vs, 0); /* msg id */ |
528 |
vnc_write_u8(vs, 0);
|
529 |
vnc_write_u16(vs, 1); /* number of rects */ |
530 |
vnc_framebuffer_update(vs, dst_x, dst_y, w, h, 1);
|
531 |
vnc_write_u16(vs, src_x); |
532 |
vnc_write_u16(vs, src_y); |
533 |
vnc_flush(vs); |
534 |
} |
535 |
|
536 |
static int find_dirty_height(VncState *vs, int y, int last_x, int x) |
537 |
{ |
538 |
int h;
|
539 |
|
540 |
for (h = 1; h < (vs->height - y); h++) { |
541 |
int tmp_x;
|
542 |
if (!vnc_get_bit(vs->dirty_row[y + h], last_x))
|
543 |
break;
|
544 |
for (tmp_x = last_x; tmp_x < x; tmp_x++)
|
545 |
vnc_clear_bit(vs->dirty_row[y + h], tmp_x); |
546 |
} |
547 |
|
548 |
return h;
|
549 |
} |
550 |
|
551 |
static void vnc_update_client(void *opaque) |
552 |
{ |
553 |
VncState *vs = opaque; |
554 |
|
555 |
if (vs->need_update && vs->csock != -1) { |
556 |
int y;
|
557 |
uint8_t *row; |
558 |
char *old_row;
|
559 |
uint32_t width_mask[VNC_DIRTY_WORDS]; |
560 |
int n_rectangles;
|
561 |
int saved_offset;
|
562 |
int has_dirty = 0; |
563 |
|
564 |
vga_hw_update(); |
565 |
|
566 |
vnc_set_bits(width_mask, (vs->width / 16), VNC_DIRTY_WORDS);
|
567 |
|
568 |
/* Walk through the dirty map and eliminate tiles that
|
569 |
really aren't dirty */
|
570 |
row = ds_get_data(vs->ds); |
571 |
old_row = vs->old_data; |
572 |
|
573 |
for (y = 0; y < vs->height; y++) { |
574 |
if (vnc_and_bits(vs->dirty_row[y], width_mask, VNC_DIRTY_WORDS)) {
|
575 |
int x;
|
576 |
uint8_t *ptr; |
577 |
char *old_ptr;
|
578 |
|
579 |
ptr = row; |
580 |
old_ptr = (char*)old_row;
|
581 |
|
582 |
for (x = 0; x < ds_get_width(vs->ds); x += 16) { |
583 |
if (memcmp(old_ptr, ptr, 16 * vs->depth) == 0) { |
584 |
vnc_clear_bit(vs->dirty_row[y], (x / 16));
|
585 |
} else {
|
586 |
has_dirty = 1;
|
587 |
memcpy(old_ptr, ptr, 16 * vs->depth);
|
588 |
} |
589 |
|
590 |
ptr += 16 * vs->depth;
|
591 |
old_ptr += 16 * vs->depth;
|
592 |
} |
593 |
} |
594 |
|
595 |
row += ds_get_linesize(vs->ds); |
596 |
old_row += ds_get_linesize(vs->ds); |
597 |
} |
598 |
|
599 |
if (!has_dirty && !vs->audio_cap) {
|
600 |
qemu_mod_timer(vs->timer, qemu_get_clock(rt_clock) + VNC_REFRESH_INTERVAL); |
601 |
return;
|
602 |
} |
603 |
|
604 |
/* Count rectangles */
|
605 |
n_rectangles = 0;
|
606 |
vnc_write_u8(vs, 0); /* msg id */ |
607 |
vnc_write_u8(vs, 0);
|
608 |
saved_offset = vs->output.offset; |
609 |
vnc_write_u16(vs, 0);
|
610 |
|
611 |
for (y = 0; y < vs->height; y++) { |
612 |
int x;
|
613 |
int last_x = -1; |
614 |
for (x = 0; x < vs->width / 16; x++) { |
615 |
if (vnc_get_bit(vs->dirty_row[y], x)) {
|
616 |
if (last_x == -1) { |
617 |
last_x = x; |
618 |
} |
619 |
vnc_clear_bit(vs->dirty_row[y], x); |
620 |
} else {
|
621 |
if (last_x != -1) { |
622 |
int h = find_dirty_height(vs, y, last_x, x);
|
623 |
send_framebuffer_update(vs, last_x * 16, y, (x - last_x) * 16, h); |
624 |
n_rectangles++; |
625 |
} |
626 |
last_x = -1;
|
627 |
} |
628 |
} |
629 |
if (last_x != -1) { |
630 |
int h = find_dirty_height(vs, y, last_x, x);
|
631 |
send_framebuffer_update(vs, last_x * 16, y, (x - last_x) * 16, h); |
632 |
n_rectangles++; |
633 |
} |
634 |
} |
635 |
vs->output.buffer[saved_offset] = (n_rectangles >> 8) & 0xFF; |
636 |
vs->output.buffer[saved_offset + 1] = n_rectangles & 0xFF; |
637 |
vnc_flush(vs); |
638 |
|
639 |
} |
640 |
|
641 |
if (vs->csock != -1) { |
642 |
qemu_mod_timer(vs->timer, qemu_get_clock(rt_clock) + VNC_REFRESH_INTERVAL); |
643 |
} |
644 |
|
645 |
} |
646 |
|
647 |
static int vnc_listen_poll(void *opaque) |
648 |
{ |
649 |
VncState *vs = opaque; |
650 |
if (vs->csock == -1) |
651 |
return 1; |
652 |
return 0; |
653 |
} |
654 |
|
655 |
static void buffer_reserve(Buffer *buffer, size_t len) |
656 |
{ |
657 |
if ((buffer->capacity - buffer->offset) < len) {
|
658 |
buffer->capacity += (len + 1024);
|
659 |
buffer->buffer = qemu_realloc(buffer->buffer, buffer->capacity); |
660 |
if (buffer->buffer == NULL) { |
661 |
fprintf(stderr, "vnc: out of memory\n");
|
662 |
exit(1);
|
663 |
} |
664 |
} |
665 |
} |
666 |
|
667 |
static int buffer_empty(Buffer *buffer) |
668 |
{ |
669 |
return buffer->offset == 0; |
670 |
} |
671 |
|
672 |
static uint8_t *buffer_end(Buffer *buffer)
|
673 |
{ |
674 |
return buffer->buffer + buffer->offset;
|
675 |
} |
676 |
|
677 |
static void buffer_reset(Buffer *buffer) |
678 |
{ |
679 |
buffer->offset = 0;
|
680 |
} |
681 |
|
682 |
static void buffer_append(Buffer *buffer, const void *data, size_t len) |
683 |
{ |
684 |
memcpy(buffer->buffer + buffer->offset, data, len); |
685 |
buffer->offset += len; |
686 |
} |
687 |
|
688 |
/* audio */
|
689 |
static void audio_capture_notify(void *opaque, audcnotification_e cmd) |
690 |
{ |
691 |
VncState *vs = opaque; |
692 |
|
693 |
switch (cmd) {
|
694 |
case AUD_CNOTIFY_DISABLE:
|
695 |
vnc_write_u8(vs, 255);
|
696 |
vnc_write_u8(vs, 1);
|
697 |
vnc_write_u16(vs, 0);
|
698 |
vnc_flush(vs); |
699 |
break;
|
700 |
|
701 |
case AUD_CNOTIFY_ENABLE:
|
702 |
vnc_write_u8(vs, 255);
|
703 |
vnc_write_u8(vs, 1);
|
704 |
vnc_write_u16(vs, 1);
|
705 |
vnc_flush(vs); |
706 |
break;
|
707 |
} |
708 |
} |
709 |
|
710 |
static void audio_capture_destroy(void *opaque) |
711 |
{ |
712 |
} |
713 |
|
714 |
static void audio_capture(void *opaque, void *buf, int size) |
715 |
{ |
716 |
VncState *vs = opaque; |
717 |
|
718 |
vnc_write_u8(vs, 255);
|
719 |
vnc_write_u8(vs, 1);
|
720 |
vnc_write_u16(vs, 2);
|
721 |
vnc_write_u32(vs, size); |
722 |
vnc_write(vs, buf, size); |
723 |
vnc_flush(vs); |
724 |
} |
725 |
|
726 |
static void audio_add(VncState *vs) |
727 |
{ |
728 |
struct audio_capture_ops ops;
|
729 |
|
730 |
if (vs->audio_cap) {
|
731 |
term_printf ("audio already running\n");
|
732 |
return;
|
733 |
} |
734 |
|
735 |
ops.notify = audio_capture_notify; |
736 |
ops.destroy = audio_capture_destroy; |
737 |
ops.capture = audio_capture; |
738 |
|
739 |
vs->audio_cap = AUD_add_capture(NULL, &vs->as, &ops, vs);
|
740 |
if (!vs->audio_cap) {
|
741 |
term_printf ("Failed to add audio capture\n");
|
742 |
} |
743 |
} |
744 |
|
745 |
static void audio_del(VncState *vs) |
746 |
{ |
747 |
if (vs->audio_cap) {
|
748 |
AUD_del_capture(vs->audio_cap, vs); |
749 |
vs->audio_cap = NULL;
|
750 |
} |
751 |
} |
752 |
|
753 |
static int vnc_client_io_error(VncState *vs, int ret, int last_errno) |
754 |
{ |
755 |
if (ret == 0 || ret == -1) { |
756 |
if (ret == -1) { |
757 |
switch (last_errno) {
|
758 |
case EINTR:
|
759 |
case EAGAIN:
|
760 |
#ifdef _WIN32
|
761 |
case WSAEWOULDBLOCK:
|
762 |
#endif
|
763 |
return 0; |
764 |
default:
|
765 |
break;
|
766 |
} |
767 |
} |
768 |
|
769 |
VNC_DEBUG("Closing down client sock %d %d\n", ret, ret < 0 ? last_errno : 0); |
770 |
qemu_set_fd_handler2(vs->csock, NULL, NULL, NULL, NULL); |
771 |
closesocket(vs->csock); |
772 |
vs->csock = -1;
|
773 |
vs->ds->idle = 1;
|
774 |
buffer_reset(&vs->input); |
775 |
buffer_reset(&vs->output); |
776 |
vs->need_update = 0;
|
777 |
#ifdef CONFIG_VNC_TLS
|
778 |
if (vs->tls_session) {
|
779 |
gnutls_deinit(vs->tls_session); |
780 |
vs->tls_session = NULL;
|
781 |
} |
782 |
vs->wiremode = VNC_WIREMODE_CLEAR; |
783 |
#endif /* CONFIG_VNC_TLS */ |
784 |
audio_del(vs); |
785 |
return 0; |
786 |
} |
787 |
return ret;
|
788 |
} |
789 |
|
790 |
static void vnc_client_error(VncState *vs) |
791 |
{ |
792 |
vnc_client_io_error(vs, -1, EINVAL);
|
793 |
} |
794 |
|
795 |
static void vnc_client_write(void *opaque) |
796 |
{ |
797 |
long ret;
|
798 |
VncState *vs = opaque; |
799 |
|
800 |
#ifdef CONFIG_VNC_TLS
|
801 |
if (vs->tls_session) {
|
802 |
ret = gnutls_write(vs->tls_session, vs->output.buffer, vs->output.offset); |
803 |
if (ret < 0) { |
804 |
if (ret == GNUTLS_E_AGAIN)
|
805 |
errno = EAGAIN; |
806 |
else
|
807 |
errno = EIO; |
808 |
ret = -1;
|
809 |
} |
810 |
} else
|
811 |
#endif /* CONFIG_VNC_TLS */ |
812 |
ret = send(vs->csock, vs->output.buffer, vs->output.offset, 0);
|
813 |
ret = vnc_client_io_error(vs, ret, socket_error()); |
814 |
if (!ret)
|
815 |
return;
|
816 |
|
817 |
memmove(vs->output.buffer, vs->output.buffer + ret, (vs->output.offset - ret)); |
818 |
vs->output.offset -= ret; |
819 |
|
820 |
if (vs->output.offset == 0) { |
821 |
qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, NULL, vs); |
822 |
} |
823 |
} |
824 |
|
825 |
static void vnc_read_when(VncState *vs, VncReadEvent *func, size_t expecting) |
826 |
{ |
827 |
vs->read_handler = func; |
828 |
vs->read_handler_expect = expecting; |
829 |
} |
830 |
|
831 |
static void vnc_client_read(void *opaque) |
832 |
{ |
833 |
VncState *vs = opaque; |
834 |
long ret;
|
835 |
|
836 |
buffer_reserve(&vs->input, 4096);
|
837 |
|
838 |
#ifdef CONFIG_VNC_TLS
|
839 |
if (vs->tls_session) {
|
840 |
ret = gnutls_read(vs->tls_session, buffer_end(&vs->input), 4096);
|
841 |
if (ret < 0) { |
842 |
if (ret == GNUTLS_E_AGAIN)
|
843 |
errno = EAGAIN; |
844 |
else
|
845 |
errno = EIO; |
846 |
ret = -1;
|
847 |
} |
848 |
} else
|
849 |
#endif /* CONFIG_VNC_TLS */ |
850 |
ret = recv(vs->csock, buffer_end(&vs->input), 4096, 0); |
851 |
ret = vnc_client_io_error(vs, ret, socket_error()); |
852 |
if (!ret)
|
853 |
return;
|
854 |
|
855 |
vs->input.offset += ret; |
856 |
|
857 |
while (vs->read_handler && vs->input.offset >= vs->read_handler_expect) {
|
858 |
size_t len = vs->read_handler_expect; |
859 |
int ret;
|
860 |
|
861 |
ret = vs->read_handler(vs, vs->input.buffer, len); |
862 |
if (vs->csock == -1) |
863 |
return;
|
864 |
|
865 |
if (!ret) {
|
866 |
memmove(vs->input.buffer, vs->input.buffer + len, (vs->input.offset - len)); |
867 |
vs->input.offset -= len; |
868 |
} else {
|
869 |
vs->read_handler_expect = ret; |
870 |
} |
871 |
} |
872 |
} |
873 |
|
874 |
static void vnc_write(VncState *vs, const void *data, size_t len) |
875 |
{ |
876 |
buffer_reserve(&vs->output, len); |
877 |
|
878 |
if (buffer_empty(&vs->output)) {
|
879 |
qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, vnc_client_write, vs);
|
880 |
} |
881 |
|
882 |
buffer_append(&vs->output, data, len); |
883 |
} |
884 |
|
885 |
static void vnc_write_s32(VncState *vs, int32_t value) |
886 |
{ |
887 |
vnc_write_u32(vs, *(uint32_t *)&value); |
888 |
} |
889 |
|
890 |
static void vnc_write_u32(VncState *vs, uint32_t value) |
891 |
{ |
892 |
uint8_t buf[4];
|
893 |
|
894 |
buf[0] = (value >> 24) & 0xFF; |
895 |
buf[1] = (value >> 16) & 0xFF; |
896 |
buf[2] = (value >> 8) & 0xFF; |
897 |
buf[3] = value & 0xFF; |
898 |
|
899 |
vnc_write(vs, buf, 4);
|
900 |
} |
901 |
|
902 |
static void vnc_write_u16(VncState *vs, uint16_t value) |
903 |
{ |
904 |
uint8_t buf[2];
|
905 |
|
906 |
buf[0] = (value >> 8) & 0xFF; |
907 |
buf[1] = value & 0xFF; |
908 |
|
909 |
vnc_write(vs, buf, 2);
|
910 |
} |
911 |
|
912 |
static void vnc_write_u8(VncState *vs, uint8_t value) |
913 |
{ |
914 |
vnc_write(vs, (char *)&value, 1); |
915 |
} |
916 |
|
917 |
static void vnc_flush(VncState *vs) |
918 |
{ |
919 |
if (vs->output.offset)
|
920 |
vnc_client_write(vs); |
921 |
} |
922 |
|
923 |
static uint8_t read_u8(uint8_t *data, size_t offset)
|
924 |
{ |
925 |
return data[offset];
|
926 |
} |
927 |
|
928 |
static uint16_t read_u16(uint8_t *data, size_t offset)
|
929 |
{ |
930 |
return ((data[offset] & 0xFF) << 8) | (data[offset + 1] & 0xFF); |
931 |
} |
932 |
|
933 |
static int32_t read_s32(uint8_t *data, size_t offset)
|
934 |
{ |
935 |
return (int32_t)((data[offset] << 24) | (data[offset + 1] << 16) | |
936 |
(data[offset + 2] << 8) | data[offset + 3]); |
937 |
} |
938 |
|
939 |
static uint32_t read_u32(uint8_t *data, size_t offset)
|
940 |
{ |
941 |
return ((data[offset] << 24) | (data[offset + 1] << 16) | |
942 |
(data[offset + 2] << 8) | data[offset + 3]); |
943 |
} |
944 |
|
945 |
#ifdef CONFIG_VNC_TLS
|
946 |
static ssize_t vnc_tls_push(gnutls_transport_ptr_t transport,
|
947 |
const void *data, |
948 |
size_t len) { |
949 |
struct VncState *vs = (struct VncState *)transport; |
950 |
int ret;
|
951 |
|
952 |
retry:
|
953 |
ret = send(vs->csock, data, len, 0);
|
954 |
if (ret < 0) { |
955 |
if (errno == EINTR)
|
956 |
goto retry;
|
957 |
return -1; |
958 |
} |
959 |
return ret;
|
960 |
} |
961 |
|
962 |
|
963 |
static ssize_t vnc_tls_pull(gnutls_transport_ptr_t transport,
|
964 |
void *data,
|
965 |
size_t len) { |
966 |
struct VncState *vs = (struct VncState *)transport; |
967 |
int ret;
|
968 |
|
969 |
retry:
|
970 |
ret = recv(vs->csock, data, len, 0);
|
971 |
if (ret < 0) { |
972 |
if (errno == EINTR)
|
973 |
goto retry;
|
974 |
return -1; |
975 |
} |
976 |
return ret;
|
977 |
} |
978 |
#endif /* CONFIG_VNC_TLS */ |
979 |
|
980 |
static void client_cut_text(VncState *vs, size_t len, uint8_t *text) |
981 |
{ |
982 |
} |
983 |
|
984 |
static void check_pointer_type_change(VncState *vs, int absolute) |
985 |
{ |
986 |
if (vs->has_pointer_type_change && vs->absolute != absolute) {
|
987 |
vnc_write_u8(vs, 0);
|
988 |
vnc_write_u8(vs, 0);
|
989 |
vnc_write_u16(vs, 1);
|
990 |
vnc_framebuffer_update(vs, absolute, 0,
|
991 |
ds_get_width(vs->ds), ds_get_height(vs->ds), -257);
|
992 |
vnc_flush(vs); |
993 |
} |
994 |
vs->absolute = absolute; |
995 |
} |
996 |
|
997 |
static void pointer_event(VncState *vs, int button_mask, int x, int y) |
998 |
{ |
999 |
int buttons = 0; |
1000 |
int dz = 0; |
1001 |
|
1002 |
if (button_mask & 0x01) |
1003 |
buttons |= MOUSE_EVENT_LBUTTON; |
1004 |
if (button_mask & 0x02) |
1005 |
buttons |= MOUSE_EVENT_MBUTTON; |
1006 |
if (button_mask & 0x04) |
1007 |
buttons |= MOUSE_EVENT_RBUTTON; |
1008 |
if (button_mask & 0x08) |
1009 |
dz = -1;
|
1010 |
if (button_mask & 0x10) |
1011 |
dz = 1;
|
1012 |
|
1013 |
if (vs->absolute) {
|
1014 |
kbd_mouse_event(x * 0x7FFF / (ds_get_width(vs->ds) - 1), |
1015 |
y * 0x7FFF / (ds_get_height(vs->ds) - 1), |
1016 |
dz, buttons); |
1017 |
} else if (vs->has_pointer_type_change) { |
1018 |
x -= 0x7FFF;
|
1019 |
y -= 0x7FFF;
|
1020 |
|
1021 |
kbd_mouse_event(x, y, dz, buttons); |
1022 |
} else {
|
1023 |
if (vs->last_x != -1) |
1024 |
kbd_mouse_event(x - vs->last_x, |
1025 |
y - vs->last_y, |
1026 |
dz, buttons); |
1027 |
vs->last_x = x; |
1028 |
vs->last_y = y; |
1029 |
} |
1030 |
|
1031 |
check_pointer_type_change(vs, kbd_mouse_is_absolute()); |
1032 |
} |
1033 |
|
1034 |
static void reset_keys(VncState *vs) |
1035 |
{ |
1036 |
int i;
|
1037 |
for(i = 0; i < 256; i++) { |
1038 |
if (vs->modifiers_state[i]) {
|
1039 |
if (i & 0x80) |
1040 |
kbd_put_keycode(0xe0);
|
1041 |
kbd_put_keycode(i | 0x80);
|
1042 |
vs->modifiers_state[i] = 0;
|
1043 |
} |
1044 |
} |
1045 |
} |
1046 |
|
1047 |
static void press_key(VncState *vs, int keysym) |
1048 |
{ |
1049 |
kbd_put_keycode(keysym2scancode(vs->kbd_layout, keysym) & 0x7f);
|
1050 |
kbd_put_keycode(keysym2scancode(vs->kbd_layout, keysym) | 0x80);
|
1051 |
} |
1052 |
|
1053 |
static void do_key_event(VncState *vs, int down, int keycode, int sym) |
1054 |
{ |
1055 |
/* QEMU console switch */
|
1056 |
switch(keycode) {
|
1057 |
case 0x2a: /* Left Shift */ |
1058 |
case 0x36: /* Right Shift */ |
1059 |
case 0x1d: /* Left CTRL */ |
1060 |
case 0x9d: /* Right CTRL */ |
1061 |
case 0x38: /* Left ALT */ |
1062 |
case 0xb8: /* Right ALT */ |
1063 |
if (down)
|
1064 |
vs->modifiers_state[keycode] = 1;
|
1065 |
else
|
1066 |
vs->modifiers_state[keycode] = 0;
|
1067 |
break;
|
1068 |
case 0x02 ... 0x0a: /* '1' to '9' keys */ |
1069 |
if (down && vs->modifiers_state[0x1d] && vs->modifiers_state[0x38]) { |
1070 |
/* Reset the modifiers sent to the current console */
|
1071 |
reset_keys(vs); |
1072 |
console_select(keycode - 0x02);
|
1073 |
return;
|
1074 |
} |
1075 |
break;
|
1076 |
case 0x3a: /* CapsLock */ |
1077 |
case 0x45: /* NumLock */ |
1078 |
if (!down)
|
1079 |
vs->modifiers_state[keycode] ^= 1;
|
1080 |
break;
|
1081 |
} |
1082 |
|
1083 |
if (keycode_is_keypad(vs->kbd_layout, keycode)) {
|
1084 |
/* If the numlock state needs to change then simulate an additional
|
1085 |
keypress before sending this one. This will happen if the user
|
1086 |
toggles numlock away from the VNC window.
|
1087 |
*/
|
1088 |
if (keysym_is_numlock(vs->kbd_layout, sym & 0xFFFF)) { |
1089 |
if (!vs->modifiers_state[0x45]) { |
1090 |
vs->modifiers_state[0x45] = 1; |
1091 |
press_key(vs, 0xff7f);
|
1092 |
} |
1093 |
} else {
|
1094 |
if (vs->modifiers_state[0x45]) { |
1095 |
vs->modifiers_state[0x45] = 0; |
1096 |
press_key(vs, 0xff7f);
|
1097 |
} |
1098 |
} |
1099 |
} |
1100 |
|
1101 |
if (is_graphic_console()) {
|
1102 |
if (keycode & 0x80) |
1103 |
kbd_put_keycode(0xe0);
|
1104 |
if (down)
|
1105 |
kbd_put_keycode(keycode & 0x7f);
|
1106 |
else
|
1107 |
kbd_put_keycode(keycode | 0x80);
|
1108 |
} else {
|
1109 |
/* QEMU console emulation */
|
1110 |
if (down) {
|
1111 |
switch (keycode) {
|
1112 |
case 0x2a: /* Left Shift */ |
1113 |
case 0x36: /* Right Shift */ |
1114 |
case 0x1d: /* Left CTRL */ |
1115 |
case 0x9d: /* Right CTRL */ |
1116 |
case 0x38: /* Left ALT */ |
1117 |
case 0xb8: /* Right ALT */ |
1118 |
break;
|
1119 |
case 0xc8: |
1120 |
kbd_put_keysym(QEMU_KEY_UP); |
1121 |
break;
|
1122 |
case 0xd0: |
1123 |
kbd_put_keysym(QEMU_KEY_DOWN); |
1124 |
break;
|
1125 |
case 0xcb: |
1126 |
kbd_put_keysym(QEMU_KEY_LEFT); |
1127 |
break;
|
1128 |
case 0xcd: |
1129 |
kbd_put_keysym(QEMU_KEY_RIGHT); |
1130 |
break;
|
1131 |
case 0xd3: |
1132 |
kbd_put_keysym(QEMU_KEY_DELETE); |
1133 |
break;
|
1134 |
case 0xc7: |
1135 |
kbd_put_keysym(QEMU_KEY_HOME); |
1136 |
break;
|
1137 |
case 0xcf: |
1138 |
kbd_put_keysym(QEMU_KEY_END); |
1139 |
break;
|
1140 |
case 0xc9: |
1141 |
kbd_put_keysym(QEMU_KEY_PAGEUP); |
1142 |
break;
|
1143 |
case 0xd1: |
1144 |
kbd_put_keysym(QEMU_KEY_PAGEDOWN); |
1145 |
break;
|
1146 |
default:
|
1147 |
kbd_put_keysym(sym); |
1148 |
break;
|
1149 |
} |
1150 |
} |
1151 |
} |
1152 |
} |
1153 |
|
1154 |
static void key_event(VncState *vs, int down, uint32_t sym) |
1155 |
{ |
1156 |
int keycode;
|
1157 |
|
1158 |
if (sym >= 'A' && sym <= 'Z' && is_graphic_console()) |
1159 |
sym = sym - 'A' + 'a'; |
1160 |
|
1161 |
keycode = keysym2scancode(vs->kbd_layout, sym & 0xFFFF);
|
1162 |
do_key_event(vs, down, keycode, sym); |
1163 |
} |
1164 |
|
1165 |
static void ext_key_event(VncState *vs, int down, |
1166 |
uint32_t sym, uint16_t keycode) |
1167 |
{ |
1168 |
/* if the user specifies a keyboard layout, always use it */
|
1169 |
if (keyboard_layout)
|
1170 |
key_event(vs, down, sym); |
1171 |
else
|
1172 |
do_key_event(vs, down, keycode, sym); |
1173 |
} |
1174 |
|
1175 |
static void framebuffer_update_request(VncState *vs, int incremental, |
1176 |
int x_position, int y_position, |
1177 |
int w, int h) |
1178 |
{ |
1179 |
if (x_position > ds_get_width(vs->ds))
|
1180 |
x_position = ds_get_width(vs->ds); |
1181 |
if (y_position > ds_get_height(vs->ds))
|
1182 |
y_position = ds_get_height(vs->ds); |
1183 |
if (x_position + w >= ds_get_width(vs->ds))
|
1184 |
w = ds_get_width(vs->ds) - x_position; |
1185 |
if (y_position + h >= ds_get_height(vs->ds))
|
1186 |
h = ds_get_height(vs->ds) - y_position; |
1187 |
|
1188 |
int i;
|
1189 |
vs->need_update = 1;
|
1190 |
if (!incremental) {
|
1191 |
char *old_row = vs->old_data + y_position * ds_get_linesize(vs->ds);
|
1192 |
|
1193 |
for (i = 0; i < h; i++) { |
1194 |
vnc_set_bits(vs->dirty_row[y_position + i], |
1195 |
(ds_get_width(vs->ds) / 16), VNC_DIRTY_WORDS);
|
1196 |
memset(old_row, 42, ds_get_width(vs->ds) * vs->depth);
|
1197 |
old_row += ds_get_linesize(vs->ds); |
1198 |
} |
1199 |
} |
1200 |
} |
1201 |
|
1202 |
static void send_ext_key_event_ack(VncState *vs) |
1203 |
{ |
1204 |
vnc_write_u8(vs, 0);
|
1205 |
vnc_write_u8(vs, 0);
|
1206 |
vnc_write_u16(vs, 1);
|
1207 |
vnc_framebuffer_update(vs, 0, 0, ds_get_width(vs->ds), ds_get_height(vs->ds), -258); |
1208 |
vnc_flush(vs); |
1209 |
} |
1210 |
|
1211 |
static void send_ext_audio_ack(VncState *vs) |
1212 |
{ |
1213 |
vnc_write_u8(vs, 0);
|
1214 |
vnc_write_u8(vs, 0);
|
1215 |
vnc_write_u16(vs, 1);
|
1216 |
vnc_framebuffer_update(vs, 0, 0, ds_get_width(vs->ds), ds_get_height(vs->ds), -259); |
1217 |
vnc_flush(vs); |
1218 |
} |
1219 |
|
1220 |
static void set_encodings(VncState *vs, int32_t *encodings, size_t n_encodings) |
1221 |
{ |
1222 |
int i;
|
1223 |
|
1224 |
vs->has_hextile = 0;
|
1225 |
vs->has_resize = 0;
|
1226 |
vs->has_pointer_type_change = 0;
|
1227 |
vs->has_WMVi = 0;
|
1228 |
vs->absolute = -1;
|
1229 |
vs->ds->dpy_copy = NULL;
|
1230 |
|
1231 |
for (i = n_encodings - 1; i >= 0; i--) { |
1232 |
switch (encodings[i]) {
|
1233 |
case 0: /* Raw */ |
1234 |
vs->has_hextile = 0;
|
1235 |
break;
|
1236 |
case 1: /* CopyRect */ |
1237 |
vs->ds->dpy_copy = vnc_copy; |
1238 |
break;
|
1239 |
case 5: /* Hextile */ |
1240 |
vs->has_hextile = 1;
|
1241 |
break;
|
1242 |
case -223: /* DesktopResize */ |
1243 |
vs->has_resize = 1;
|
1244 |
break;
|
1245 |
case -257: |
1246 |
vs->has_pointer_type_change = 1;
|
1247 |
break;
|
1248 |
case -258: |
1249 |
send_ext_key_event_ack(vs); |
1250 |
break;
|
1251 |
case -259: |
1252 |
send_ext_audio_ack(vs); |
1253 |
break;
|
1254 |
case 0x574D5669: |
1255 |
vs->has_WMVi = 1;
|
1256 |
break;
|
1257 |
default:
|
1258 |
break;
|
1259 |
} |
1260 |
} |
1261 |
|
1262 |
check_pointer_type_change(vs, kbd_mouse_is_absolute()); |
1263 |
} |
1264 |
|
1265 |
static void set_pixel_format(VncState *vs, |
1266 |
int bits_per_pixel, int depth, |
1267 |
int big_endian_flag, int true_color_flag, |
1268 |
int red_max, int green_max, int blue_max, |
1269 |
int red_shift, int green_shift, int blue_shift) |
1270 |
{ |
1271 |
int host_big_endian_flag;
|
1272 |
|
1273 |
#ifdef WORDS_BIGENDIAN
|
1274 |
host_big_endian_flag = 1;
|
1275 |
#else
|
1276 |
host_big_endian_flag = 0;
|
1277 |
#endif
|
1278 |
if (!true_color_flag) {
|
1279 |
fail:
|
1280 |
vnc_client_error(vs); |
1281 |
return;
|
1282 |
} |
1283 |
if (bits_per_pixel == 32 && |
1284 |
bits_per_pixel == vs->depth * 8 &&
|
1285 |
host_big_endian_flag == big_endian_flag && |
1286 |
red_max == 0xff && green_max == 0xff && blue_max == 0xff && |
1287 |
red_shift == 16 && green_shift == 8 && blue_shift == 0) { |
1288 |
vs->depth = 4;
|
1289 |
vs->write_pixels = vnc_write_pixels_copy; |
1290 |
vs->send_hextile_tile = send_hextile_tile_32; |
1291 |
} else
|
1292 |
if (bits_per_pixel == 16 && |
1293 |
bits_per_pixel == vs->depth * 8 &&
|
1294 |
host_big_endian_flag == big_endian_flag && |
1295 |
red_max == 31 && green_max == 63 && blue_max == 31 && |
1296 |
red_shift == 11 && green_shift == 5 && blue_shift == 0) { |
1297 |
vs->depth = 2;
|
1298 |
vs->write_pixels = vnc_write_pixels_copy; |
1299 |
vs->send_hextile_tile = send_hextile_tile_16; |
1300 |
} else
|
1301 |
if (bits_per_pixel == 8 && |
1302 |
bits_per_pixel == vs->depth * 8 &&
|
1303 |
red_max == 7 && green_max == 7 && blue_max == 3 && |
1304 |
red_shift == 5 && green_shift == 2 && blue_shift == 0) { |
1305 |
vs->depth = 1;
|
1306 |
vs->write_pixels = vnc_write_pixels_copy; |
1307 |
vs->send_hextile_tile = send_hextile_tile_8; |
1308 |
} else
|
1309 |
{ |
1310 |
/* generic and slower case */
|
1311 |
if (bits_per_pixel != 8 && |
1312 |
bits_per_pixel != 16 &&
|
1313 |
bits_per_pixel != 32)
|
1314 |
goto fail;
|
1315 |
if (vs->depth == 4) { |
1316 |
vs->send_hextile_tile = send_hextile_tile_generic_32; |
1317 |
} else if (vs->depth == 2) { |
1318 |
vs->send_hextile_tile = send_hextile_tile_generic_16; |
1319 |
} else {
|
1320 |
vs->send_hextile_tile = send_hextile_tile_generic_8; |
1321 |
} |
1322 |
|
1323 |
vs->pix_big_endian = big_endian_flag; |
1324 |
vs->write_pixels = vnc_write_pixels_generic; |
1325 |
} |
1326 |
|
1327 |
vs->client_red_shift = red_shift; |
1328 |
vs->client_red_max = red_max; |
1329 |
vs->client_green_shift = green_shift; |
1330 |
vs->client_green_max = green_max; |
1331 |
vs->client_blue_shift = blue_shift; |
1332 |
vs->client_blue_max = blue_max; |
1333 |
vs->pix_bpp = bits_per_pixel / 8;
|
1334 |
|
1335 |
vga_hw_invalidate(); |
1336 |
vga_hw_update(); |
1337 |
} |
1338 |
|
1339 |
static void pixel_format_message (VncState *vs) { |
1340 |
char pad[3] = { 0, 0, 0 }; |
1341 |
|
1342 |
vnc_write_u8(vs, vs->depth * 8); /* bits-per-pixel */ |
1343 |
if (vs->depth == 4) vnc_write_u8(vs, 24); /* depth */ |
1344 |
else vnc_write_u8(vs, vs->depth * 8); /* depth */ |
1345 |
|
1346 |
#ifdef WORDS_BIGENDIAN
|
1347 |
vnc_write_u8(vs, 1); /* big-endian-flag */ |
1348 |
#else
|
1349 |
vnc_write_u8(vs, 0); /* big-endian-flag */ |
1350 |
#endif
|
1351 |
vnc_write_u8(vs, 1); /* true-color-flag */ |
1352 |
if (vs->depth == 4) { |
1353 |
vnc_write_u16(vs, 0xFF); /* red-max */ |
1354 |
vnc_write_u16(vs, 0xFF); /* green-max */ |
1355 |
vnc_write_u16(vs, 0xFF); /* blue-max */ |
1356 |
vnc_write_u8(vs, 16); /* red-shift */ |
1357 |
vnc_write_u8(vs, 8); /* green-shift */ |
1358 |
vnc_write_u8(vs, 0); /* blue-shift */ |
1359 |
vs->send_hextile_tile = send_hextile_tile_32; |
1360 |
} else if (vs->depth == 2) { |
1361 |
vnc_write_u16(vs, 31); /* red-max */ |
1362 |
vnc_write_u16(vs, 63); /* green-max */ |
1363 |
vnc_write_u16(vs, 31); /* blue-max */ |
1364 |
vnc_write_u8(vs, 11); /* red-shift */ |
1365 |
vnc_write_u8(vs, 5); /* green-shift */ |
1366 |
vnc_write_u8(vs, 0); /* blue-shift */ |
1367 |
vs->send_hextile_tile = send_hextile_tile_16; |
1368 |
} else if (vs->depth == 1) { |
1369 |
/* XXX: change QEMU pixel 8 bit pixel format to match the VNC one ? */
|
1370 |
vnc_write_u16(vs, 7); /* red-max */ |
1371 |
vnc_write_u16(vs, 7); /* green-max */ |
1372 |
vnc_write_u16(vs, 3); /* blue-max */ |
1373 |
vnc_write_u8(vs, 5); /* red-shift */ |
1374 |
vnc_write_u8(vs, 2); /* green-shift */ |
1375 |
vnc_write_u8(vs, 0); /* blue-shift */ |
1376 |
vs->send_hextile_tile = send_hextile_tile_8; |
1377 |
} |
1378 |
vs->client_red_max = vs->server_red_max; |
1379 |
vs->client_green_max = vs->server_green_max; |
1380 |
vs->client_blue_max = vs->server_blue_max; |
1381 |
vs->client_red_shift = vs->server_red_shift; |
1382 |
vs->client_green_shift = vs->server_green_shift; |
1383 |
vs->client_blue_shift = vs->server_blue_shift; |
1384 |
vs->pix_bpp = vs->depth * 8;
|
1385 |
vs->write_pixels = vnc_write_pixels_copy; |
1386 |
|
1387 |
vnc_write(vs, pad, 3); /* padding */ |
1388 |
} |
1389 |
|
1390 |
static void vnc_colordepth(DisplayState *ds, int depth) |
1391 |
{ |
1392 |
int host_big_endian_flag;
|
1393 |
struct VncState *vs = ds->opaque;
|
1394 |
|
1395 |
switch (depth) {
|
1396 |
case 24: |
1397 |
if (ds->depth == 32) return; |
1398 |
depth = 32;
|
1399 |
break;
|
1400 |
case 15: |
1401 |
case 8: |
1402 |
case 0: |
1403 |
return;
|
1404 |
default:
|
1405 |
break;
|
1406 |
} |
1407 |
|
1408 |
#ifdef WORDS_BIGENDIAN
|
1409 |
host_big_endian_flag = 1;
|
1410 |
#else
|
1411 |
host_big_endian_flag = 0;
|
1412 |
#endif
|
1413 |
|
1414 |
switch (depth) {
|
1415 |
case 8: |
1416 |
vs->depth = depth / 8;
|
1417 |
vs->server_red_max = 7;
|
1418 |
vs->server_green_max = 7;
|
1419 |
vs->server_blue_max = 3;
|
1420 |
vs->server_red_shift = 5;
|
1421 |
vs->server_green_shift = 2;
|
1422 |
vs->server_blue_shift = 0;
|
1423 |
break;
|
1424 |
case 16: |
1425 |
vs->depth = depth / 8;
|
1426 |
vs->server_red_max = 31;
|
1427 |
vs->server_green_max = 63;
|
1428 |
vs->server_blue_max = 31;
|
1429 |
vs->server_red_shift = 11;
|
1430 |
vs->server_green_shift = 5;
|
1431 |
vs->server_blue_shift = 0;
|
1432 |
break;
|
1433 |
case 32: |
1434 |
vs->depth = 4;
|
1435 |
vs->server_red_max = 255;
|
1436 |
vs->server_green_max = 255;
|
1437 |
vs->server_blue_max = 255;
|
1438 |
vs->server_red_shift = 16;
|
1439 |
vs->server_green_shift = 8;
|
1440 |
vs->server_blue_shift = 0;
|
1441 |
break;
|
1442 |
default:
|
1443 |
return;
|
1444 |
} |
1445 |
|
1446 |
if (vs->csock != -1 && vs->has_WMVi) { |
1447 |
/* Sending a WMVi message to notify the client*/
|
1448 |
vnc_write_u8(vs, 0); /* msg id */ |
1449 |
vnc_write_u8(vs, 0);
|
1450 |
vnc_write_u16(vs, 1); /* number of rects */ |
1451 |
vnc_framebuffer_update(vs, 0, 0, ds->width, ds->height, 0x574D5669); |
1452 |
pixel_format_message(vs); |
1453 |
vnc_flush(vs); |
1454 |
} else {
|
1455 |
if (vs->pix_bpp == 4 && vs->depth == 4 && |
1456 |
host_big_endian_flag == vs->pix_big_endian && |
1457 |
vs->client_red_max == 0xff && vs->client_green_max == 0xff && vs->client_blue_max == 0xff && |
1458 |
vs->client_red_shift == 16 && vs->client_green_shift == 8 && vs->client_blue_shift == 0) { |
1459 |
vs->write_pixels = vnc_write_pixels_copy; |
1460 |
vs->send_hextile_tile = send_hextile_tile_32; |
1461 |
} else if (vs->pix_bpp == 2 && vs->depth == 2 && |
1462 |
host_big_endian_flag == vs->pix_big_endian && |
1463 |
vs->client_red_max == 31 && vs->client_green_max == 63 && vs->client_blue_max == 31 && |
1464 |
vs->client_red_shift == 11 && vs->client_green_shift == 5 && vs->client_blue_shift == 0) { |
1465 |
vs->write_pixels = vnc_write_pixels_copy; |
1466 |
vs->send_hextile_tile = send_hextile_tile_16; |
1467 |
} else if (vs->pix_bpp == 1 && vs->depth == 1 && |
1468 |
host_big_endian_flag == vs->pix_big_endian && |
1469 |
vs->client_red_max == 7 && vs->client_green_max == 7 && vs->client_blue_max == 3 && |
1470 |
vs->client_red_shift == 5 && vs->client_green_shift == 2 && vs->client_blue_shift == 0) { |
1471 |
vs->write_pixels = vnc_write_pixels_copy; |
1472 |
vs->send_hextile_tile = send_hextile_tile_8; |
1473 |
} else {
|
1474 |
if (vs->depth == 4) { |
1475 |
vs->send_hextile_tile = send_hextile_tile_generic_32; |
1476 |
} else if (vs->depth == 2) { |
1477 |
vs->send_hextile_tile = send_hextile_tile_generic_16; |
1478 |
} else {
|
1479 |
vs->send_hextile_tile = send_hextile_tile_generic_8; |
1480 |
} |
1481 |
vs->write_pixels = vnc_write_pixels_generic; |
1482 |
} |
1483 |
} |
1484 |
} |
1485 |
|
1486 |
static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len) |
1487 |
{ |
1488 |
int i;
|
1489 |
uint16_t limit; |
1490 |
|
1491 |
switch (data[0]) { |
1492 |
case 0: |
1493 |
if (len == 1) |
1494 |
return 20; |
1495 |
|
1496 |
set_pixel_format(vs, read_u8(data, 4), read_u8(data, 5), |
1497 |
read_u8(data, 6), read_u8(data, 7), |
1498 |
read_u16(data, 8), read_u16(data, 10), |
1499 |
read_u16(data, 12), read_u8(data, 14), |
1500 |
read_u8(data, 15), read_u8(data, 16)); |
1501 |
break;
|
1502 |
case 2: |
1503 |
if (len == 1) |
1504 |
return 4; |
1505 |
|
1506 |
if (len == 4) |
1507 |
return 4 + (read_u16(data, 2) * 4); |
1508 |
|
1509 |
limit = read_u16(data, 2);
|
1510 |
for (i = 0; i < limit; i++) { |
1511 |
int32_t val = read_s32(data, 4 + (i * 4)); |
1512 |
memcpy(data + 4 + (i * 4), &val, sizeof(val)); |
1513 |
} |
1514 |
|
1515 |
set_encodings(vs, (int32_t *)(data + 4), limit);
|
1516 |
break;
|
1517 |
case 3: |
1518 |
if (len == 1) |
1519 |
return 10; |
1520 |
|
1521 |
framebuffer_update_request(vs, |
1522 |
read_u8(data, 1), read_u16(data, 2), read_u16(data, 4), |
1523 |
read_u16(data, 6), read_u16(data, 8)); |
1524 |
break;
|
1525 |
case 4: |
1526 |
if (len == 1) |
1527 |
return 8; |
1528 |
|
1529 |
key_event(vs, read_u8(data, 1), read_u32(data, 4)); |
1530 |
break;
|
1531 |
case 5: |
1532 |
if (len == 1) |
1533 |
return 6; |
1534 |
|
1535 |
pointer_event(vs, read_u8(data, 1), read_u16(data, 2), read_u16(data, 4)); |
1536 |
break;
|
1537 |
case 6: |
1538 |
if (len == 1) |
1539 |
return 8; |
1540 |
|
1541 |
if (len == 8) { |
1542 |
uint32_t dlen = read_u32(data, 4);
|
1543 |
if (dlen > 0) |
1544 |
return 8 + dlen; |
1545 |
} |
1546 |
|
1547 |
client_cut_text(vs, read_u32(data, 4), data + 8); |
1548 |
break;
|
1549 |
case 255: |
1550 |
if (len == 1) |
1551 |
return 2; |
1552 |
|
1553 |
switch (read_u8(data, 1)) { |
1554 |
case 0: |
1555 |
if (len == 2) |
1556 |
return 12; |
1557 |
|
1558 |
ext_key_event(vs, read_u16(data, 2),
|
1559 |
read_u32(data, 4), read_u32(data, 8)); |
1560 |
break;
|
1561 |
case 1: |
1562 |
if (len == 2) |
1563 |
return 4; |
1564 |
|
1565 |
switch (read_u16 (data, 2)) { |
1566 |
case 0: |
1567 |
audio_add(vs); |
1568 |
break;
|
1569 |
case 1: |
1570 |
audio_del(vs); |
1571 |
break;
|
1572 |
case 2: |
1573 |
if (len == 4) |
1574 |
return 10; |
1575 |
switch (read_u8(data, 4)) { |
1576 |
case 0: vs->as.fmt = AUD_FMT_U8; break; |
1577 |
case 1: vs->as.fmt = AUD_FMT_S8; break; |
1578 |
case 2: vs->as.fmt = AUD_FMT_U16; break; |
1579 |
case 3: vs->as.fmt = AUD_FMT_S16; break; |
1580 |
case 4: vs->as.fmt = AUD_FMT_U32; break; |
1581 |
case 5: vs->as.fmt = AUD_FMT_S32; break; |
1582 |
default:
|
1583 |
printf("Invalid audio format %d\n", read_u8(data, 4)); |
1584 |
vnc_client_error(vs); |
1585 |
break;
|
1586 |
} |
1587 |
vs->as.nchannels = read_u8(data, 5);
|
1588 |
if (vs->as.nchannels != 1 && vs->as.nchannels != 2) { |
1589 |
printf("Invalid audio channel coount %d\n",
|
1590 |
read_u8(data, 5));
|
1591 |
vnc_client_error(vs); |
1592 |
break;
|
1593 |
} |
1594 |
vs->as.freq = read_u32(data, 6);
|
1595 |
break;
|
1596 |
default:
|
1597 |
printf ("Invalid audio message %d\n", read_u8(data, 4)); |
1598 |
vnc_client_error(vs); |
1599 |
break;
|
1600 |
} |
1601 |
break;
|
1602 |
|
1603 |
default:
|
1604 |
printf("Msg: %d\n", read_u16(data, 0)); |
1605 |
vnc_client_error(vs); |
1606 |
break;
|
1607 |
} |
1608 |
break;
|
1609 |
default:
|
1610 |
printf("Msg: %d\n", data[0]); |
1611 |
vnc_client_error(vs); |
1612 |
break;
|
1613 |
} |
1614 |
|
1615 |
vnc_read_when(vs, protocol_client_msg, 1);
|
1616 |
return 0; |
1617 |
} |
1618 |
|
1619 |
static int protocol_client_init(VncState *vs, uint8_t *data, size_t len) |
1620 |
{ |
1621 |
char buf[1024]; |
1622 |
int size;
|
1623 |
|
1624 |
vs->width = ds_get_width(vs->ds); |
1625 |
vs->height = ds_get_height(vs->ds); |
1626 |
vnc_write_u16(vs, ds_get_width(vs->ds)); |
1627 |
vnc_write_u16(vs, ds_get_height(vs->ds)); |
1628 |
|
1629 |
pixel_format_message(vs); |
1630 |
|
1631 |
if (qemu_name)
|
1632 |
size = snprintf(buf, sizeof(buf), "QEMU (%s)", qemu_name); |
1633 |
else
|
1634 |
size = snprintf(buf, sizeof(buf), "QEMU"); |
1635 |
|
1636 |
vnc_write_u32(vs, size); |
1637 |
vnc_write(vs, buf, size); |
1638 |
vnc_flush(vs); |
1639 |
|
1640 |
vnc_read_when(vs, protocol_client_msg, 1);
|
1641 |
|
1642 |
return 0; |
1643 |
} |
1644 |
|
1645 |
static void make_challenge(VncState *vs) |
1646 |
{ |
1647 |
int i;
|
1648 |
|
1649 |
srand(time(NULL)+getpid()+getpid()*987654+rand()); |
1650 |
|
1651 |
for (i = 0 ; i < sizeof(vs->challenge) ; i++) |
1652 |
vs->challenge[i] = (int) (256.0*rand()/(RAND_MAX+1.0)); |
1653 |
} |
1654 |
|
1655 |
static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len) |
1656 |
{ |
1657 |
unsigned char response[VNC_AUTH_CHALLENGE_SIZE]; |
1658 |
int i, j, pwlen;
|
1659 |
unsigned char key[8]; |
1660 |
|
1661 |
if (!vs->password || !vs->password[0]) { |
1662 |
VNC_DEBUG("No password configured on server");
|
1663 |
vnc_write_u32(vs, 1); /* Reject auth */ |
1664 |
if (vs->minor >= 8) { |
1665 |
static const char err[] = "Authentication failed"; |
1666 |
vnc_write_u32(vs, sizeof(err));
|
1667 |
vnc_write(vs, err, sizeof(err));
|
1668 |
} |
1669 |
vnc_flush(vs); |
1670 |
vnc_client_error(vs); |
1671 |
return 0; |
1672 |
} |
1673 |
|
1674 |
memcpy(response, vs->challenge, VNC_AUTH_CHALLENGE_SIZE); |
1675 |
|
1676 |
/* Calculate the expected challenge response */
|
1677 |
pwlen = strlen(vs->password); |
1678 |
for (i=0; i<sizeof(key); i++) |
1679 |
key[i] = i<pwlen ? vs->password[i] : 0;
|
1680 |
deskey(key, EN0); |
1681 |
for (j = 0; j < VNC_AUTH_CHALLENGE_SIZE; j += 8) |
1682 |
des(response+j, response+j); |
1683 |
|
1684 |
/* Compare expected vs actual challenge response */
|
1685 |
if (memcmp(response, data, VNC_AUTH_CHALLENGE_SIZE) != 0) { |
1686 |
VNC_DEBUG("Client challenge reponse did not match\n");
|
1687 |
vnc_write_u32(vs, 1); /* Reject auth */ |
1688 |
if (vs->minor >= 8) { |
1689 |
static const char err[] = "Authentication failed"; |
1690 |
vnc_write_u32(vs, sizeof(err));
|
1691 |
vnc_write(vs, err, sizeof(err));
|
1692 |
} |
1693 |
vnc_flush(vs); |
1694 |
vnc_client_error(vs); |
1695 |
} else {
|
1696 |
VNC_DEBUG("Accepting VNC challenge response\n");
|
1697 |
vnc_write_u32(vs, 0); /* Accept auth */ |
1698 |
vnc_flush(vs); |
1699 |
|
1700 |
vnc_read_when(vs, protocol_client_init, 1);
|
1701 |
} |
1702 |
return 0; |
1703 |
} |
1704 |
|
1705 |
static int start_auth_vnc(VncState *vs) |
1706 |
{ |
1707 |
make_challenge(vs); |
1708 |
/* Send client a 'random' challenge */
|
1709 |
vnc_write(vs, vs->challenge, sizeof(vs->challenge));
|
1710 |
vnc_flush(vs); |
1711 |
|
1712 |
vnc_read_when(vs, protocol_client_auth_vnc, sizeof(vs->challenge));
|
1713 |
return 0; |
1714 |
} |
1715 |
|
1716 |
|
1717 |
#ifdef CONFIG_VNC_TLS
|
1718 |
#define DH_BITS 1024 |
1719 |
static gnutls_dh_params_t dh_params;
|
1720 |
|
1721 |
static int vnc_tls_initialize(void) |
1722 |
{ |
1723 |
static int tlsinitialized = 0; |
1724 |
|
1725 |
if (tlsinitialized)
|
1726 |
return 1; |
1727 |
|
1728 |
if (gnutls_global_init () < 0) |
1729 |
return 0; |
1730 |
|
1731 |
/* XXX ought to re-generate diffie-hellmen params periodically */
|
1732 |
if (gnutls_dh_params_init (&dh_params) < 0) |
1733 |
return 0; |
1734 |
if (gnutls_dh_params_generate2 (dh_params, DH_BITS) < 0) |
1735 |
return 0; |
1736 |
|
1737 |
#if defined(_VNC_DEBUG) && _VNC_DEBUG >= 2 |
1738 |
gnutls_global_set_log_level(10);
|
1739 |
gnutls_global_set_log_function(vnc_debug_gnutls_log); |
1740 |
#endif
|
1741 |
|
1742 |
tlsinitialized = 1;
|
1743 |
|
1744 |
return 1; |
1745 |
} |
1746 |
|
1747 |
static gnutls_anon_server_credentials vnc_tls_initialize_anon_cred(void) |
1748 |
{ |
1749 |
gnutls_anon_server_credentials anon_cred; |
1750 |
int ret;
|
1751 |
|
1752 |
if ((ret = gnutls_anon_allocate_server_credentials(&anon_cred)) < 0) { |
1753 |
VNC_DEBUG("Cannot allocate credentials %s\n", gnutls_strerror(ret));
|
1754 |
return NULL; |
1755 |
} |
1756 |
|
1757 |
gnutls_anon_set_server_dh_params(anon_cred, dh_params); |
1758 |
|
1759 |
return anon_cred;
|
1760 |
} |
1761 |
|
1762 |
|
1763 |
static gnutls_certificate_credentials_t vnc_tls_initialize_x509_cred(VncState *vs)
|
1764 |
{ |
1765 |
gnutls_certificate_credentials_t x509_cred; |
1766 |
int ret;
|
1767 |
|
1768 |
if (!vs->x509cacert) {
|
1769 |
VNC_DEBUG("No CA x509 certificate specified\n");
|
1770 |
return NULL; |
1771 |
} |
1772 |
if (!vs->x509cert) {
|
1773 |
VNC_DEBUG("No server x509 certificate specified\n");
|
1774 |
return NULL; |
1775 |
} |
1776 |
if (!vs->x509key) {
|
1777 |
VNC_DEBUG("No server private key specified\n");
|
1778 |
return NULL; |
1779 |
} |
1780 |
|
1781 |
if ((ret = gnutls_certificate_allocate_credentials(&x509_cred)) < 0) { |
1782 |
VNC_DEBUG("Cannot allocate credentials %s\n", gnutls_strerror(ret));
|
1783 |
return NULL; |
1784 |
} |
1785 |
if ((ret = gnutls_certificate_set_x509_trust_file(x509_cred,
|
1786 |
vs->x509cacert, |
1787 |
GNUTLS_X509_FMT_PEM)) < 0) {
|
1788 |
VNC_DEBUG("Cannot load CA certificate %s\n", gnutls_strerror(ret));
|
1789 |
gnutls_certificate_free_credentials(x509_cred); |
1790 |
return NULL; |
1791 |
} |
1792 |
|
1793 |
if ((ret = gnutls_certificate_set_x509_key_file (x509_cred,
|
1794 |
vs->x509cert, |
1795 |
vs->x509key, |
1796 |
GNUTLS_X509_FMT_PEM)) < 0) {
|
1797 |
VNC_DEBUG("Cannot load certificate & key %s\n", gnutls_strerror(ret));
|
1798 |
gnutls_certificate_free_credentials(x509_cred); |
1799 |
return NULL; |
1800 |
} |
1801 |
|
1802 |
if (vs->x509cacrl) {
|
1803 |
if ((ret = gnutls_certificate_set_x509_crl_file(x509_cred,
|
1804 |
vs->x509cacrl, |
1805 |
GNUTLS_X509_FMT_PEM)) < 0) {
|
1806 |
VNC_DEBUG("Cannot load CRL %s\n", gnutls_strerror(ret));
|
1807 |
gnutls_certificate_free_credentials(x509_cred); |
1808 |
return NULL; |
1809 |
} |
1810 |
} |
1811 |
|
1812 |
gnutls_certificate_set_dh_params (x509_cred, dh_params); |
1813 |
|
1814 |
return x509_cred;
|
1815 |
} |
1816 |
|
1817 |
static int vnc_validate_certificate(struct VncState *vs) |
1818 |
{ |
1819 |
int ret;
|
1820 |
unsigned int status; |
1821 |
const gnutls_datum_t *certs;
|
1822 |
unsigned int nCerts, i; |
1823 |
time_t now; |
1824 |
|
1825 |
VNC_DEBUG("Validating client certificate\n");
|
1826 |
if ((ret = gnutls_certificate_verify_peers2 (vs->tls_session, &status)) < 0) { |
1827 |
VNC_DEBUG("Verify failed %s\n", gnutls_strerror(ret));
|
1828 |
return -1; |
1829 |
} |
1830 |
|
1831 |
if ((now = time(NULL)) == ((time_t)-1)) { |
1832 |
return -1; |
1833 |
} |
1834 |
|
1835 |
if (status != 0) { |
1836 |
if (status & GNUTLS_CERT_INVALID)
|
1837 |
VNC_DEBUG("The certificate is not trusted.\n");
|
1838 |
|
1839 |
if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
|
1840 |
VNC_DEBUG("The certificate hasn't got a known issuer.\n");
|
1841 |
|
1842 |
if (status & GNUTLS_CERT_REVOKED)
|
1843 |
VNC_DEBUG("The certificate has been revoked.\n");
|
1844 |
|
1845 |
if (status & GNUTLS_CERT_INSECURE_ALGORITHM)
|
1846 |
VNC_DEBUG("The certificate uses an insecure algorithm\n");
|
1847 |
|
1848 |
return -1; |
1849 |
} else {
|
1850 |
VNC_DEBUG("Certificate is valid!\n");
|
1851 |
} |
1852 |
|
1853 |
/* Only support x509 for now */
|
1854 |
if (gnutls_certificate_type_get(vs->tls_session) != GNUTLS_CRT_X509)
|
1855 |
return -1; |
1856 |
|
1857 |
if (!(certs = gnutls_certificate_get_peers(vs->tls_session, &nCerts)))
|
1858 |
return -1; |
1859 |
|
1860 |
for (i = 0 ; i < nCerts ; i++) { |
1861 |
gnutls_x509_crt_t cert; |
1862 |
VNC_DEBUG ("Checking certificate chain %d\n", i);
|
1863 |
if (gnutls_x509_crt_init (&cert) < 0) |
1864 |
return -1; |
1865 |
|
1866 |
if (gnutls_x509_crt_import(cert, &certs[i], GNUTLS_X509_FMT_DER) < 0) { |
1867 |
gnutls_x509_crt_deinit (cert); |
1868 |
return -1; |
1869 |
} |
1870 |
|
1871 |
if (gnutls_x509_crt_get_expiration_time (cert) < now) {
|
1872 |
VNC_DEBUG("The certificate has expired\n");
|
1873 |
gnutls_x509_crt_deinit (cert); |
1874 |
return -1; |
1875 |
} |
1876 |
|
1877 |
if (gnutls_x509_crt_get_activation_time (cert) > now) {
|
1878 |
VNC_DEBUG("The certificate is not yet activated\n");
|
1879 |
gnutls_x509_crt_deinit (cert); |
1880 |
return -1; |
1881 |
} |
1882 |
|
1883 |
if (gnutls_x509_crt_get_activation_time (cert) > now) {
|
1884 |
VNC_DEBUG("The certificate is not yet activated\n");
|
1885 |
gnutls_x509_crt_deinit (cert); |
1886 |
return -1; |
1887 |
} |
1888 |
|
1889 |
gnutls_x509_crt_deinit (cert); |
1890 |
} |
1891 |
|
1892 |
return 0; |
1893 |
} |
1894 |
|
1895 |
|
1896 |
static int start_auth_vencrypt_subauth(VncState *vs) |
1897 |
{ |
1898 |
switch (vs->subauth) {
|
1899 |
case VNC_AUTH_VENCRYPT_TLSNONE:
|
1900 |
case VNC_AUTH_VENCRYPT_X509NONE:
|
1901 |
VNC_DEBUG("Accept TLS auth none\n");
|
1902 |
vnc_write_u32(vs, 0); /* Accept auth completion */ |
1903 |
vnc_read_when(vs, protocol_client_init, 1);
|
1904 |
break;
|
1905 |
|
1906 |
case VNC_AUTH_VENCRYPT_TLSVNC:
|
1907 |
case VNC_AUTH_VENCRYPT_X509VNC:
|
1908 |
VNC_DEBUG("Start TLS auth VNC\n");
|
1909 |
return start_auth_vnc(vs);
|
1910 |
|
1911 |
default: /* Should not be possible, but just in case */ |
1912 |
VNC_DEBUG("Reject auth %d\n", vs->auth);
|
1913 |
vnc_write_u8(vs, 1);
|
1914 |
if (vs->minor >= 8) { |
1915 |
static const char err[] = "Unsupported authentication type"; |
1916 |
vnc_write_u32(vs, sizeof(err));
|
1917 |
vnc_write(vs, err, sizeof(err));
|
1918 |
} |
1919 |
vnc_client_error(vs); |
1920 |
} |
1921 |
|
1922 |
return 0; |
1923 |
} |
1924 |
|
1925 |
static void vnc_handshake_io(void *opaque); |
1926 |
|
1927 |
static int vnc_continue_handshake(struct VncState *vs) { |
1928 |
int ret;
|
1929 |
|
1930 |
if ((ret = gnutls_handshake(vs->tls_session)) < 0) { |
1931 |
if (!gnutls_error_is_fatal(ret)) {
|
1932 |
VNC_DEBUG("Handshake interrupted (blocking)\n");
|
1933 |
if (!gnutls_record_get_direction(vs->tls_session))
|
1934 |
qemu_set_fd_handler(vs->csock, vnc_handshake_io, NULL, vs);
|
1935 |
else
|
1936 |
qemu_set_fd_handler(vs->csock, NULL, vnc_handshake_io, vs);
|
1937 |
return 0; |
1938 |
} |
1939 |
VNC_DEBUG("Handshake failed %s\n", gnutls_strerror(ret));
|
1940 |
vnc_client_error(vs); |
1941 |
return -1; |
1942 |
} |
1943 |
|
1944 |
if (vs->x509verify) {
|
1945 |
if (vnc_validate_certificate(vs) < 0) { |
1946 |
VNC_DEBUG("Client verification failed\n");
|
1947 |
vnc_client_error(vs); |
1948 |
return -1; |
1949 |
} else {
|
1950 |
VNC_DEBUG("Client verification passed\n");
|
1951 |
} |
1952 |
} |
1953 |
|
1954 |
VNC_DEBUG("Handshake done, switching to TLS data mode\n");
|
1955 |
vs->wiremode = VNC_WIREMODE_TLS; |
1956 |
qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, vnc_client_write, vs);
|
1957 |
|
1958 |
return start_auth_vencrypt_subauth(vs);
|
1959 |
} |
1960 |
|
1961 |
static void vnc_handshake_io(void *opaque) { |
1962 |
struct VncState *vs = (struct VncState *)opaque; |
1963 |
|
1964 |
VNC_DEBUG("Handshake IO continue\n");
|
1965 |
vnc_continue_handshake(vs); |
1966 |
} |
1967 |
|
1968 |
#define NEED_X509_AUTH(vs) \
|
1969 |
((vs)->subauth == VNC_AUTH_VENCRYPT_X509NONE || \ |
1970 |
(vs)->subauth == VNC_AUTH_VENCRYPT_X509VNC || \ |
1971 |
(vs)->subauth == VNC_AUTH_VENCRYPT_X509PLAIN) |
1972 |
|
1973 |
|
1974 |
static int vnc_start_tls(struct VncState *vs) { |
1975 |
static const int cert_type_priority[] = { GNUTLS_CRT_X509, 0 }; |
1976 |
static const int protocol_priority[]= { GNUTLS_TLS1_1, GNUTLS_TLS1_0, GNUTLS_SSL3, 0 }; |
1977 |
static const int kx_anon[] = {GNUTLS_KX_ANON_DH, 0}; |
1978 |
static const int kx_x509[] = {GNUTLS_KX_DHE_DSS, GNUTLS_KX_RSA, GNUTLS_KX_DHE_RSA, GNUTLS_KX_SRP, 0}; |
1979 |
|
1980 |
VNC_DEBUG("Do TLS setup\n");
|
1981 |
if (vnc_tls_initialize() < 0) { |
1982 |
VNC_DEBUG("Failed to init TLS\n");
|
1983 |
vnc_client_error(vs); |
1984 |
return -1; |
1985 |
} |
1986 |
if (vs->tls_session == NULL) { |
1987 |
if (gnutls_init(&vs->tls_session, GNUTLS_SERVER) < 0) { |
1988 |
vnc_client_error(vs); |
1989 |
return -1; |
1990 |
} |
1991 |
|
1992 |
if (gnutls_set_default_priority(vs->tls_session) < 0) { |
1993 |
gnutls_deinit(vs->tls_session); |
1994 |
vs->tls_session = NULL;
|
1995 |
vnc_client_error(vs); |
1996 |
return -1; |
1997 |
} |
1998 |
|
1999 |
if (gnutls_kx_set_priority(vs->tls_session, NEED_X509_AUTH(vs) ? kx_x509 : kx_anon) < 0) { |
2000 |
gnutls_deinit(vs->tls_session); |
2001 |
vs->tls_session = NULL;
|
2002 |
vnc_client_error(vs); |
2003 |
return -1; |
2004 |
} |
2005 |
|
2006 |
if (gnutls_certificate_type_set_priority(vs->tls_session, cert_type_priority) < 0) { |
2007 |
gnutls_deinit(vs->tls_session); |
2008 |
vs->tls_session = NULL;
|
2009 |
vnc_client_error(vs); |
2010 |
return -1; |
2011 |
} |
2012 |
|
2013 |
if (gnutls_protocol_set_priority(vs->tls_session, protocol_priority) < 0) { |
2014 |
gnutls_deinit(vs->tls_session); |
2015 |
vs->tls_session = NULL;
|
2016 |
vnc_client_error(vs); |
2017 |
return -1; |
2018 |
} |
2019 |
|
2020 |
if (NEED_X509_AUTH(vs)) {
|
2021 |
gnutls_certificate_server_credentials x509_cred = vnc_tls_initialize_x509_cred(vs); |
2022 |
if (!x509_cred) {
|
2023 |
gnutls_deinit(vs->tls_session); |
2024 |
vs->tls_session = NULL;
|
2025 |
vnc_client_error(vs); |
2026 |
return -1; |
2027 |
} |
2028 |
if (gnutls_credentials_set(vs->tls_session, GNUTLS_CRD_CERTIFICATE, x509_cred) < 0) { |
2029 |
gnutls_deinit(vs->tls_session); |
2030 |
vs->tls_session = NULL;
|
2031 |
gnutls_certificate_free_credentials(x509_cred); |
2032 |
vnc_client_error(vs); |
2033 |
return -1; |
2034 |
} |
2035 |
if (vs->x509verify) {
|
2036 |
VNC_DEBUG("Requesting a client certificate\n");
|
2037 |
gnutls_certificate_server_set_request (vs->tls_session, GNUTLS_CERT_REQUEST); |
2038 |
} |
2039 |
|
2040 |
} else {
|
2041 |
gnutls_anon_server_credentials anon_cred = vnc_tls_initialize_anon_cred(); |
2042 |
if (!anon_cred) {
|
2043 |
gnutls_deinit(vs->tls_session); |
2044 |
vs->tls_session = NULL;
|
2045 |
vnc_client_error(vs); |
2046 |
return -1; |
2047 |
} |
2048 |
if (gnutls_credentials_set(vs->tls_session, GNUTLS_CRD_ANON, anon_cred) < 0) { |
2049 |
gnutls_deinit(vs->tls_session); |
2050 |
vs->tls_session = NULL;
|
2051 |
gnutls_anon_free_server_credentials(anon_cred); |
2052 |
vnc_client_error(vs); |
2053 |
return -1; |
2054 |
} |
2055 |
} |
2056 |
|
2057 |
gnutls_transport_set_ptr(vs->tls_session, (gnutls_transport_ptr_t)vs); |
2058 |
gnutls_transport_set_push_function(vs->tls_session, vnc_tls_push); |
2059 |
gnutls_transport_set_pull_function(vs->tls_session, vnc_tls_pull); |
2060 |
} |
2061 |
|
2062 |
VNC_DEBUG("Start TLS handshake process\n");
|
2063 |
return vnc_continue_handshake(vs);
|
2064 |
} |
2065 |
|
2066 |
static int protocol_client_vencrypt_auth(VncState *vs, uint8_t *data, size_t len) |
2067 |
{ |
2068 |
int auth = read_u32(data, 0); |
2069 |
|
2070 |
if (auth != vs->subauth) {
|
2071 |
VNC_DEBUG("Rejecting auth %d\n", auth);
|
2072 |
vnc_write_u8(vs, 0); /* Reject auth */ |
2073 |
vnc_flush(vs); |
2074 |
vnc_client_error(vs); |
2075 |
} else {
|
2076 |
VNC_DEBUG("Accepting auth %d, starting handshake\n", auth);
|
2077 |
vnc_write_u8(vs, 1); /* Accept auth */ |
2078 |
vnc_flush(vs); |
2079 |
|
2080 |
if (vnc_start_tls(vs) < 0) { |
2081 |
VNC_DEBUG("Failed to complete TLS\n");
|
2082 |
return 0; |
2083 |
} |
2084 |
|
2085 |
if (vs->wiremode == VNC_WIREMODE_TLS) {
|
2086 |
VNC_DEBUG("Starting VeNCrypt subauth\n");
|
2087 |
return start_auth_vencrypt_subauth(vs);
|
2088 |
} else {
|
2089 |
VNC_DEBUG("TLS handshake blocked\n");
|
2090 |
return 0; |
2091 |
} |
2092 |
} |
2093 |
return 0; |
2094 |
} |
2095 |
|
2096 |
static int protocol_client_vencrypt_init(VncState *vs, uint8_t *data, size_t len) |
2097 |
{ |
2098 |
if (data[0] != 0 || |
2099 |
data[1] != 2) { |
2100 |
VNC_DEBUG("Unsupported VeNCrypt protocol %d.%d\n", (int)data[0], (int)data[1]); |
2101 |
vnc_write_u8(vs, 1); /* Reject version */ |
2102 |
vnc_flush(vs); |
2103 |
vnc_client_error(vs); |
2104 |
} else {
|
2105 |
VNC_DEBUG("Sending allowed auth %d\n", vs->subauth);
|
2106 |
vnc_write_u8(vs, 0); /* Accept version */ |
2107 |
vnc_write_u8(vs, 1); /* Number of sub-auths */ |
2108 |
vnc_write_u32(vs, vs->subauth); /* The supported auth */
|
2109 |
vnc_flush(vs); |
2110 |
vnc_read_when(vs, protocol_client_vencrypt_auth, 4);
|
2111 |
} |
2112 |
return 0; |
2113 |
} |
2114 |
|
2115 |
static int start_auth_vencrypt(VncState *vs) |
2116 |
{ |
2117 |
/* Send VeNCrypt version 0.2 */
|
2118 |
vnc_write_u8(vs, 0);
|
2119 |
vnc_write_u8(vs, 2);
|
2120 |
|
2121 |
vnc_read_when(vs, protocol_client_vencrypt_init, 2);
|
2122 |
return 0; |
2123 |
} |
2124 |
#endif /* CONFIG_VNC_TLS */ |
2125 |
|
2126 |
static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len) |
2127 |
{ |
2128 |
/* We only advertise 1 auth scheme at a time, so client
|
2129 |
* must pick the one we sent. Verify this */
|
2130 |
if (data[0] != vs->auth) { /* Reject auth */ |
2131 |
VNC_DEBUG("Reject auth %d\n", (int)data[0]); |
2132 |
vnc_write_u32(vs, 1);
|
2133 |
if (vs->minor >= 8) { |
2134 |
static const char err[] = "Authentication failed"; |
2135 |
vnc_write_u32(vs, sizeof(err));
|
2136 |
vnc_write(vs, err, sizeof(err));
|
2137 |
} |
2138 |
vnc_client_error(vs); |
2139 |
} else { /* Accept requested auth */ |
2140 |
VNC_DEBUG("Client requested auth %d\n", (int)data[0]); |
2141 |
switch (vs->auth) {
|
2142 |
case VNC_AUTH_NONE:
|
2143 |
VNC_DEBUG("Accept auth none\n");
|
2144 |
if (vs->minor >= 8) { |
2145 |
vnc_write_u32(vs, 0); /* Accept auth completion */ |
2146 |
vnc_flush(vs); |
2147 |
} |
2148 |
vnc_read_when(vs, protocol_client_init, 1);
|
2149 |
break;
|
2150 |
|
2151 |
case VNC_AUTH_VNC:
|
2152 |
VNC_DEBUG("Start VNC auth\n");
|
2153 |
return start_auth_vnc(vs);
|
2154 |
|
2155 |
#ifdef CONFIG_VNC_TLS
|
2156 |
case VNC_AUTH_VENCRYPT:
|
2157 |
VNC_DEBUG("Accept VeNCrypt auth\n");;
|
2158 |
return start_auth_vencrypt(vs);
|
2159 |
#endif /* CONFIG_VNC_TLS */ |
2160 |
|
2161 |
default: /* Should not be possible, but just in case */ |
2162 |
VNC_DEBUG("Reject auth %d\n", vs->auth);
|
2163 |
vnc_write_u8(vs, 1);
|
2164 |
if (vs->minor >= 8) { |
2165 |
static const char err[] = "Authentication failed"; |
2166 |
vnc_write_u32(vs, sizeof(err));
|
2167 |
vnc_write(vs, err, sizeof(err));
|
2168 |
} |
2169 |
vnc_client_error(vs); |
2170 |
} |
2171 |
} |
2172 |
return 0; |
2173 |
} |
2174 |
|
2175 |
static int protocol_version(VncState *vs, uint8_t *version, size_t len) |
2176 |
{ |
2177 |
char local[13]; |
2178 |
|
2179 |
memcpy(local, version, 12);
|
2180 |
local[12] = 0; |
2181 |
|
2182 |
if (sscanf(local, "RFB %03d.%03d\n", &vs->major, &vs->minor) != 2) { |
2183 |
VNC_DEBUG("Malformed protocol version %s\n", local);
|
2184 |
vnc_client_error(vs); |
2185 |
return 0; |
2186 |
} |
2187 |
VNC_DEBUG("Client request protocol version %d.%d\n", vs->major, vs->minor);
|
2188 |
if (vs->major != 3 || |
2189 |
(vs->minor != 3 &&
|
2190 |
vs->minor != 4 &&
|
2191 |
vs->minor != 5 &&
|
2192 |
vs->minor != 7 &&
|
2193 |
vs->minor != 8)) {
|
2194 |
VNC_DEBUG("Unsupported client version\n");
|
2195 |
vnc_write_u32(vs, VNC_AUTH_INVALID); |
2196 |
vnc_flush(vs); |
2197 |
vnc_client_error(vs); |
2198 |
return 0; |
2199 |
} |
2200 |
/* Some broken clients report v3.4 or v3.5, which spec requires to be treated
|
2201 |
* as equivalent to v3.3 by servers
|
2202 |
*/
|
2203 |
if (vs->minor == 4 || vs->minor == 5) |
2204 |
vs->minor = 3;
|
2205 |
|
2206 |
if (vs->minor == 3) { |
2207 |
if (vs->auth == VNC_AUTH_NONE) {
|
2208 |
VNC_DEBUG("Tell client auth none\n");
|
2209 |
vnc_write_u32(vs, vs->auth); |
2210 |
vnc_flush(vs); |
2211 |
vnc_read_when(vs, protocol_client_init, 1);
|
2212 |
} else if (vs->auth == VNC_AUTH_VNC) { |
2213 |
VNC_DEBUG("Tell client VNC auth\n");
|
2214 |
vnc_write_u32(vs, vs->auth); |
2215 |
vnc_flush(vs); |
2216 |
start_auth_vnc(vs); |
2217 |
} else {
|
2218 |
VNC_DEBUG("Unsupported auth %d for protocol 3.3\n", vs->auth);
|
2219 |
vnc_write_u32(vs, VNC_AUTH_INVALID); |
2220 |
vnc_flush(vs); |
2221 |
vnc_client_error(vs); |
2222 |
} |
2223 |
} else {
|
2224 |
VNC_DEBUG("Telling client we support auth %d\n", vs->auth);
|
2225 |
vnc_write_u8(vs, 1); /* num auth */ |
2226 |
vnc_write_u8(vs, vs->auth); |
2227 |
vnc_read_when(vs, protocol_client_auth, 1);
|
2228 |
vnc_flush(vs); |
2229 |
} |
2230 |
|
2231 |
return 0; |
2232 |
} |
2233 |
|
2234 |
static void vnc_connect(VncState *vs) |
2235 |
{ |
2236 |
VNC_DEBUG("New client on socket %d\n", vs->csock);
|
2237 |
vs->ds->idle = 0;
|
2238 |
socket_set_nonblock(vs->csock); |
2239 |
qemu_set_fd_handler2(vs->csock, NULL, vnc_client_read, NULL, vs); |
2240 |
vnc_write(vs, "RFB 003.008\n", 12); |
2241 |
vnc_flush(vs); |
2242 |
vnc_read_when(vs, protocol_version, 12);
|
2243 |
memset(vs->old_data, 0, ds_get_linesize(vs->ds) * ds_get_height(vs->ds));
|
2244 |
memset(vs->dirty_row, 0xFF, sizeof(vs->dirty_row)); |
2245 |
vs->has_resize = 0;
|
2246 |
vs->has_hextile = 0;
|
2247 |
vs->ds->dpy_copy = NULL;
|
2248 |
vnc_update_client(vs); |
2249 |
reset_keys(vs); |
2250 |
} |
2251 |
|
2252 |
static void vnc_listen_read(void *opaque) |
2253 |
{ |
2254 |
VncState *vs = opaque; |
2255 |
struct sockaddr_in addr;
|
2256 |
socklen_t addrlen = sizeof(addr);
|
2257 |
|
2258 |
/* Catch-up */
|
2259 |
vga_hw_update(); |
2260 |
|
2261 |
vs->csock = accept(vs->lsock, (struct sockaddr *)&addr, &addrlen);
|
2262 |
if (vs->csock != -1) { |
2263 |
vnc_connect(vs); |
2264 |
} |
2265 |
} |
2266 |
|
2267 |
void vnc_display_init(DisplayState *ds)
|
2268 |
{ |
2269 |
VncState *vs; |
2270 |
|
2271 |
vs = qemu_mallocz(sizeof(VncState));
|
2272 |
if (!vs)
|
2273 |
exit(1);
|
2274 |
|
2275 |
ds->opaque = vs; |
2276 |
ds->idle = 1;
|
2277 |
vnc_state = vs; |
2278 |
vs->display = NULL;
|
2279 |
vs->password = NULL;
|
2280 |
|
2281 |
vs->lsock = -1;
|
2282 |
vs->csock = -1;
|
2283 |
vs->last_x = -1;
|
2284 |
vs->last_y = -1;
|
2285 |
|
2286 |
vs->ds = ds; |
2287 |
|
2288 |
if (keyboard_layout)
|
2289 |
vs->kbd_layout = init_keyboard_layout(keyboard_layout); |
2290 |
else
|
2291 |
vs->kbd_layout = init_keyboard_layout("en-us");
|
2292 |
|
2293 |
if (!vs->kbd_layout)
|
2294 |
exit(1);
|
2295 |
|
2296 |
vs->timer = qemu_new_timer(rt_clock, vnc_update_client, vs); |
2297 |
|
2298 |
vs->ds->data = NULL;
|
2299 |
vs->ds->dpy_update = vnc_dpy_update; |
2300 |
vs->ds->dpy_resize = vnc_dpy_resize; |
2301 |
vs->ds->dpy_refresh = NULL;
|
2302 |
|
2303 |
vnc_colordepth(vs->ds, 32);
|
2304 |
vnc_dpy_resize(vs->ds, 640, 400); |
2305 |
|
2306 |
vs->as.freq = 44100;
|
2307 |
vs->as.nchannels = 2;
|
2308 |
vs->as.fmt = AUD_FMT_S16; |
2309 |
vs->as.endianness = 0;
|
2310 |
} |
2311 |
|
2312 |
#ifdef CONFIG_VNC_TLS
|
2313 |
static int vnc_set_x509_credential(VncState *vs, |
2314 |
const char *certdir, |
2315 |
const char *filename, |
2316 |
char **cred,
|
2317 |
int ignoreMissing)
|
2318 |
{ |
2319 |
struct stat sb;
|
2320 |
|
2321 |
if (*cred) {
|
2322 |
qemu_free(*cred); |
2323 |
*cred = NULL;
|
2324 |
} |
2325 |
|
2326 |
if (!(*cred = qemu_malloc(strlen(certdir) + strlen(filename) + 2))) |
2327 |
return -1; |
2328 |
|
2329 |
strcpy(*cred, certdir); |
2330 |
strcat(*cred, "/");
|
2331 |
strcat(*cred, filename); |
2332 |
|
2333 |
VNC_DEBUG("Check %s\n", *cred);
|
2334 |
if (stat(*cred, &sb) < 0) { |
2335 |
qemu_free(*cred); |
2336 |
*cred = NULL;
|
2337 |
if (ignoreMissing && errno == ENOENT)
|
2338 |
return 0; |
2339 |
return -1; |
2340 |
} |
2341 |
|
2342 |
return 0; |
2343 |
} |
2344 |
|
2345 |
static int vnc_set_x509_credential_dir(VncState *vs, |
2346 |
const char *certdir) |
2347 |
{ |
2348 |
if (vnc_set_x509_credential(vs, certdir, X509_CA_CERT_FILE, &vs->x509cacert, 0) < 0) |
2349 |
goto cleanup;
|
2350 |
if (vnc_set_x509_credential(vs, certdir, X509_CA_CRL_FILE, &vs->x509cacrl, 1) < 0) |
2351 |
goto cleanup;
|
2352 |
if (vnc_set_x509_credential(vs, certdir, X509_SERVER_CERT_FILE, &vs->x509cert, 0) < 0) |
2353 |
goto cleanup;
|
2354 |
if (vnc_set_x509_credential(vs, certdir, X509_SERVER_KEY_FILE, &vs->x509key, 0) < 0) |
2355 |
goto cleanup;
|
2356 |
|
2357 |
return 0; |
2358 |
|
2359 |
cleanup:
|
2360 |
qemu_free(vs->x509cacert); |
2361 |
qemu_free(vs->x509cacrl); |
2362 |
qemu_free(vs->x509cert); |
2363 |
qemu_free(vs->x509key); |
2364 |
vs->x509cacert = vs->x509cacrl = vs->x509cert = vs->x509key = NULL;
|
2365 |
return -1; |
2366 |
} |
2367 |
#endif /* CONFIG_VNC_TLS */ |
2368 |
|
2369 |
void vnc_display_close(DisplayState *ds)
|
2370 |
{ |
2371 |
VncState *vs = ds ? (VncState *)ds->opaque : vnc_state; |
2372 |
|
2373 |
if (vs->display) {
|
2374 |
qemu_free(vs->display); |
2375 |
vs->display = NULL;
|
2376 |
} |
2377 |
if (vs->lsock != -1) { |
2378 |
qemu_set_fd_handler2(vs->lsock, NULL, NULL, NULL, NULL); |
2379 |
close(vs->lsock); |
2380 |
vs->lsock = -1;
|
2381 |
} |
2382 |
if (vs->csock != -1) { |
2383 |
qemu_set_fd_handler2(vs->csock, NULL, NULL, NULL, NULL); |
2384 |
closesocket(vs->csock); |
2385 |
vs->csock = -1;
|
2386 |
buffer_reset(&vs->input); |
2387 |
buffer_reset(&vs->output); |
2388 |
vs->need_update = 0;
|
2389 |
#ifdef CONFIG_VNC_TLS
|
2390 |
if (vs->tls_session) {
|
2391 |
gnutls_deinit(vs->tls_session); |
2392 |
vs->tls_session = NULL;
|
2393 |
} |
2394 |
vs->wiremode = VNC_WIREMODE_CLEAR; |
2395 |
#endif /* CONFIG_VNC_TLS */ |
2396 |
} |
2397 |
vs->auth = VNC_AUTH_INVALID; |
2398 |
#ifdef CONFIG_VNC_TLS
|
2399 |
vs->subauth = VNC_AUTH_INVALID; |
2400 |
vs->x509verify = 0;
|
2401 |
#endif
|
2402 |
audio_del(vs); |
2403 |
} |
2404 |
|
2405 |
int vnc_display_password(DisplayState *ds, const char *password) |
2406 |
{ |
2407 |
VncState *vs = ds ? (VncState *)ds->opaque : vnc_state; |
2408 |
|
2409 |
if (vs->password) {
|
2410 |
qemu_free(vs->password); |
2411 |
vs->password = NULL;
|
2412 |
} |
2413 |
if (password && password[0]) { |
2414 |
if (!(vs->password = qemu_strdup(password)))
|
2415 |
return -1; |
2416 |
} |
2417 |
|
2418 |
return 0; |
2419 |
} |
2420 |
|
2421 |
int vnc_display_open(DisplayState *ds, const char *display) |
2422 |
{ |
2423 |
VncState *vs = ds ? (VncState *)ds->opaque : vnc_state; |
2424 |
const char *options; |
2425 |
int password = 0; |
2426 |
int reverse = 0; |
2427 |
int to_port = 0; |
2428 |
#ifdef CONFIG_VNC_TLS
|
2429 |
int tls = 0, x509 = 0; |
2430 |
#endif
|
2431 |
|
2432 |
vnc_display_close(ds); |
2433 |
if (strcmp(display, "none") == 0) |
2434 |
return 0; |
2435 |
|
2436 |
if (!(vs->display = strdup(display)))
|
2437 |
return -1; |
2438 |
|
2439 |
options = display; |
2440 |
while ((options = strchr(options, ','))) { |
2441 |
options++; |
2442 |
if (strncmp(options, "password", 8) == 0) { |
2443 |
password = 1; /* Require password auth */ |
2444 |
} else if (strncmp(options, "reverse", 7) == 0) { |
2445 |
reverse = 1;
|
2446 |
} else if (strncmp(options, "to=", 3) == 0) { |
2447 |
to_port = atoi(options+3) + 5900; |
2448 |
#ifdef CONFIG_VNC_TLS
|
2449 |
} else if (strncmp(options, "tls", 3) == 0) { |
2450 |
tls = 1; /* Require TLS */ |
2451 |
} else if (strncmp(options, "x509", 4) == 0) { |
2452 |
char *start, *end;
|
2453 |
x509 = 1; /* Require x509 certificates */ |
2454 |
if (strncmp(options, "x509verify", 10) == 0) |
2455 |
vs->x509verify = 1; /* ...and verify client certs */ |
2456 |
|
2457 |
/* Now check for 'x509=/some/path' postfix
|
2458 |
* and use that to setup x509 certificate/key paths */
|
2459 |
start = strchr(options, '=');
|
2460 |
end = strchr(options, ',');
|
2461 |
if (start && (!end || (start < end))) {
|
2462 |
int len = end ? end-(start+1) : strlen(start+1); |
2463 |
char *path = qemu_strndup(start + 1, len); |
2464 |
|
2465 |
VNC_DEBUG("Trying certificate path '%s'\n", path);
|
2466 |
if (vnc_set_x509_credential_dir(vs, path) < 0) { |
2467 |
fprintf(stderr, "Failed to find x509 certificates/keys in %s\n", path);
|
2468 |
qemu_free(path); |
2469 |
qemu_free(vs->display); |
2470 |
vs->display = NULL;
|
2471 |
return -1; |
2472 |
} |
2473 |
qemu_free(path); |
2474 |
} else {
|
2475 |
fprintf(stderr, "No certificate path provided\n");
|
2476 |
qemu_free(vs->display); |
2477 |
vs->display = NULL;
|
2478 |
return -1; |
2479 |
} |
2480 |
#endif
|
2481 |
} |
2482 |
} |
2483 |
|
2484 |
if (password) {
|
2485 |
#ifdef CONFIG_VNC_TLS
|
2486 |
if (tls) {
|
2487 |
vs->auth = VNC_AUTH_VENCRYPT; |
2488 |
if (x509) {
|
2489 |
VNC_DEBUG("Initializing VNC server with x509 password auth\n");
|
2490 |
vs->subauth = VNC_AUTH_VENCRYPT_X509VNC; |
2491 |
} else {
|
2492 |
VNC_DEBUG("Initializing VNC server with TLS password auth\n");
|
2493 |
vs->subauth = VNC_AUTH_VENCRYPT_TLSVNC; |
2494 |
} |
2495 |
} else {
|
2496 |
#endif
|
2497 |
VNC_DEBUG("Initializing VNC server with password auth\n");
|
2498 |
vs->auth = VNC_AUTH_VNC; |
2499 |
#ifdef CONFIG_VNC_TLS
|
2500 |
vs->subauth = VNC_AUTH_INVALID; |
2501 |
} |
2502 |
#endif
|
2503 |
} else {
|
2504 |
#ifdef CONFIG_VNC_TLS
|
2505 |
if (tls) {
|
2506 |
vs->auth = VNC_AUTH_VENCRYPT; |
2507 |
if (x509) {
|
2508 |
VNC_DEBUG("Initializing VNC server with x509 no auth\n");
|
2509 |
vs->subauth = VNC_AUTH_VENCRYPT_X509NONE; |
2510 |
} else {
|
2511 |
VNC_DEBUG("Initializing VNC server with TLS no auth\n");
|
2512 |
vs->subauth = VNC_AUTH_VENCRYPT_TLSNONE; |
2513 |
} |
2514 |
} else {
|
2515 |
#endif
|
2516 |
VNC_DEBUG("Initializing VNC server with no auth\n");
|
2517 |
vs->auth = VNC_AUTH_NONE; |
2518 |
#ifdef CONFIG_VNC_TLS
|
2519 |
vs->subauth = VNC_AUTH_INVALID; |
2520 |
} |
2521 |
#endif
|
2522 |
} |
2523 |
|
2524 |
if (reverse) {
|
2525 |
/* connect to viewer */
|
2526 |
if (strncmp(display, "unix:", 5) == 0) |
2527 |
vs->lsock = unix_connect(display+5);
|
2528 |
else
|
2529 |
vs->lsock = inet_connect(display, SOCK_STREAM); |
2530 |
if (-1 == vs->lsock) { |
2531 |
free(vs->display); |
2532 |
vs->display = NULL;
|
2533 |
return -1; |
2534 |
} else {
|
2535 |
vs->csock = vs->lsock; |
2536 |
vs->lsock = -1;
|
2537 |
vnc_connect(vs); |
2538 |
} |
2539 |
return 0; |
2540 |
|
2541 |
} else {
|
2542 |
/* listen for connects */
|
2543 |
char *dpy;
|
2544 |
dpy = qemu_malloc(256);
|
2545 |
if (strncmp(display, "unix:", 5) == 0) { |
2546 |
strcpy(dpy, "unix:");
|
2547 |
vs->lsock = unix_listen(display+5, dpy+5, 256-5); |
2548 |
} else {
|
2549 |
vs->lsock = inet_listen(display, dpy, 256, SOCK_STREAM, 5900); |
2550 |
} |
2551 |
if (-1 == vs->lsock) { |
2552 |
free(dpy); |
2553 |
return -1; |
2554 |
} else {
|
2555 |
free(vs->display); |
2556 |
vs->display = dpy; |
2557 |
} |
2558 |
} |
2559 |
|
2560 |
return qemu_set_fd_handler2(vs->lsock, vnc_listen_poll, vnc_listen_read, NULL, vs); |
2561 |
} |