]> git.proxmox.com Git - mirror_qemu.git/blob - ui/vnc.c
projects / mirror_qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge remote-tracking branch 'remotes/kraxel/tags/vga-20180903-pull-request' into...
[mirror_qemu.git] / ui / vnc.c
1 /*
2 * QEMU VNC display driver
3 *
4 * Copyright (C) 2006 Anthony Liguori <anthony@codemonkey.ws>
5 * Copyright (C) 2006 Fabrice Bellard
6 * Copyright (C) 2009 Red Hat, Inc
7 *
8 * Permission is hereby granted, free of charge, to any person obtaining a copy
9 * of this software and associated documentation files (the "Software"), to deal
10 * in the Software without restriction, including without limitation the rights
11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
12 * copies of the Software, and to permit persons to whom the Software is
13 * furnished to do so, subject to the following conditions:
14 *
15 * The above copyright notice and this permission notice shall be included in
16 * all copies or substantial portions of the Software.
17 *
18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
21 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
24 * THE SOFTWARE.
25 */
26
27 #include "qemu/osdep.h"
28 #include "vnc.h"
29 #include "vnc-jobs.h"
30 #include "trace.h"
31 #include "sysemu/sysemu.h"
32 #include "qemu/error-report.h"
33 #include "qemu/option.h"
34 #include "qemu/sockets.h"
35 #include "qemu/timer.h"
36 #include "qemu/acl.h"
37 #include "qemu/config-file.h"
38 #include "qapi/qapi-events.h"
39 #include "qapi/error.h"
40 #include "qapi/qapi-commands-ui.h"
41 #include "ui/input.h"
42 #include "crypto/hash.h"
43 #include "crypto/tlscredsanon.h"
44 #include "crypto/tlscredsx509.h"
45 #include "qom/object_interfaces.h"
46 #include "qemu/cutils.h"
47 #include "io/dns-resolver.h"
48
49 #define VNC_REFRESH_INTERVAL_BASE GUI_REFRESH_INTERVAL_DEFAULT
50 #define VNC_REFRESH_INTERVAL_INC 50
51 #define VNC_REFRESH_INTERVAL_MAX GUI_REFRESH_INTERVAL_IDLE
52 static const struct timeval VNC_REFRESH_STATS = { 0, 500000 };
53 static const struct timeval VNC_REFRESH_LOSSY = { 2, 0 };
54
55 #include "vnc_keysym.h"
56 #include "crypto/cipher.h"
57
58 static QTAILQ_HEAD(, VncDisplay) vnc_displays =
59 QTAILQ_HEAD_INITIALIZER(vnc_displays);
60
61 static int vnc_cursor_define(VncState *vs);
62 static void vnc_release_modifiers(VncState *vs);
63 static void vnc_update_throttle_offset(VncState *vs);
64
65 static void vnc_set_share_mode(VncState *vs, VncShareMode mode)
66 {
67 #ifdef _VNC_DEBUG
68 static const char *mn[] = {
69 [0] = "undefined",
70 [VNC_SHARE_MODE_CONNECTING] = "connecting",
71 [VNC_SHARE_MODE_SHARED] = "shared",
72 [VNC_SHARE_MODE_EXCLUSIVE] = "exclusive",
73 [VNC_SHARE_MODE_DISCONNECTED] = "disconnected",
74 };
75 fprintf(stderr, "%s/%p: %s -> %s\n", __func__,
76 vs->ioc, mn[vs->share_mode], mn[mode]);
77 #endif
78
79 switch (vs->share_mode) {
80 case VNC_SHARE_MODE_CONNECTING:
81 vs->vd->num_connecting--;
82 break;
83 case VNC_SHARE_MODE_SHARED:
84 vs->vd->num_shared--;
85 break;
86 case VNC_SHARE_MODE_EXCLUSIVE:
87 vs->vd->num_exclusive--;
88 break;
89 default:
90 break;
91 }
92
93 vs->share_mode = mode;
94
95 switch (vs->share_mode) {
96 case VNC_SHARE_MODE_CONNECTING:
97 vs->vd->num_connecting++;
98 break;
99 case VNC_SHARE_MODE_SHARED:
100 vs->vd->num_shared++;
101 break;
102 case VNC_SHARE_MODE_EXCLUSIVE:
103 vs->vd->num_exclusive++;
104 break;
105 default:
106 break;
107 }
108 }
109
110
111 static void vnc_init_basic_info(SocketAddress *addr,
112 VncBasicInfo *info,
113 Error **errp)
114 {
115 switch (addr->type) {
116 case SOCKET_ADDRESS_TYPE_INET:
117 info->host = g_strdup(addr->u.inet.host);
118 info->service = g_strdup(addr->u.inet.port);
119 if (addr->u.inet.ipv6) {
120 info->family = NETWORK_ADDRESS_FAMILY_IPV6;
121 } else {
122 info->family = NETWORK_ADDRESS_FAMILY_IPV4;
123 }
124 break;
125
126 case SOCKET_ADDRESS_TYPE_UNIX:
127 info->host = g_strdup("");
128 info->service = g_strdup(addr->u.q_unix.path);
129 info->family = NETWORK_ADDRESS_FAMILY_UNIX;
130 break;
131
132 case SOCKET_ADDRESS_TYPE_VSOCK:
133 case SOCKET_ADDRESS_TYPE_FD:
134 error_setg(errp, "Unsupported socket address type %s",
135 SocketAddressType_str(addr->type));
136 break;
137 default:
138 abort();
139 }
140
141 return;
142 }
143
144 static void vnc_init_basic_info_from_server_addr(QIOChannelSocket *ioc,
145 VncBasicInfo *info,
146 Error **errp)
147 {
148 SocketAddress *addr = NULL;
149
150 if (!ioc) {
151 error_setg(errp, "No listener socket available");
152 return;
153 }
154
155 addr = qio_channel_socket_get_local_address(ioc, errp);
156 if (!addr) {
157 return;
158 }
159
160 vnc_init_basic_info(addr, info, errp);
161 qapi_free_SocketAddress(addr);
162 }
163
164 static void vnc_init_basic_info_from_remote_addr(QIOChannelSocket *ioc,
165 VncBasicInfo *info,
166 Error **errp)
167 {
168 SocketAddress *addr = NULL;
169
170 addr = qio_channel_socket_get_remote_address(ioc, errp);
171 if (!addr) {
172 return;
173 }
174
175 vnc_init_basic_info(addr, info, errp);
176 qapi_free_SocketAddress(addr);
177 }
178
179 static const char *vnc_auth_name(VncDisplay *vd) {
180 switch (vd->auth) {
181 case VNC_AUTH_INVALID:
182 return "invalid";
183 case VNC_AUTH_NONE:
184 return "none";
185 case VNC_AUTH_VNC:
186 return "vnc";
187 case VNC_AUTH_RA2:
188 return "ra2";
189 case VNC_AUTH_RA2NE:
190 return "ra2ne";
191 case VNC_AUTH_TIGHT:
192 return "tight";
193 case VNC_AUTH_ULTRA:
194 return "ultra";
195 case VNC_AUTH_TLS:
196 return "tls";
197 case VNC_AUTH_VENCRYPT:
198 switch (vd->subauth) {
199 case VNC_AUTH_VENCRYPT_PLAIN:
200 return "vencrypt+plain";
201 case VNC_AUTH_VENCRYPT_TLSNONE:
202 return "vencrypt+tls+none";
203 case VNC_AUTH_VENCRYPT_TLSVNC:
204 return "vencrypt+tls+vnc";
205 case VNC_AUTH_VENCRYPT_TLSPLAIN:
206 return "vencrypt+tls+plain";
207 case VNC_AUTH_VENCRYPT_X509NONE:
208 return "vencrypt+x509+none";
209 case VNC_AUTH_VENCRYPT_X509VNC:
210 return "vencrypt+x509+vnc";
211 case VNC_AUTH_VENCRYPT_X509PLAIN:
212 return "vencrypt+x509+plain";
213 case VNC_AUTH_VENCRYPT_TLSSASL:
214 return "vencrypt+tls+sasl";
215 case VNC_AUTH_VENCRYPT_X509SASL:
216 return "vencrypt+x509+sasl";
217 default:
218 return "vencrypt";
219 }
220 case VNC_AUTH_SASL:
221 return "sasl";
222 }
223 return "unknown";
224 }
225
226 static VncServerInfo *vnc_server_info_get(VncDisplay *vd)
227 {
228 VncServerInfo *info;
229 Error *err = NULL;
230
231 if (!vd->listener || !vd->listener->nsioc) {
232 return NULL;
233 }
234
235 info = g_malloc0(sizeof(*info));
236 vnc_init_basic_info_from_server_addr(vd->listener->sioc[0],
237 qapi_VncServerInfo_base(info), &err);
238 info->has_auth = true;
239 info->auth = g_strdup(vnc_auth_name(vd));
240 if (err) {
241 qapi_free_VncServerInfo(info);
242 info = NULL;
243 error_free(err);
244 }
245 return info;
246 }
247
248 static void vnc_client_cache_auth(VncState *client)
249 {
250 if (!client->info) {
251 return;
252 }
253
254 if (client->tls) {
255 client->info->x509_dname =
256 qcrypto_tls_session_get_peer_name(client->tls);
257 client->info->has_x509_dname =
258 client->info->x509_dname != NULL;
259 }
260 #ifdef CONFIG_VNC_SASL
261 if (client->sasl.conn &&
262 client->sasl.username) {
263 client->info->has_sasl_username = true;
264 client->info->sasl_username = g_strdup(client->sasl.username);
265 }
266 #endif
267 }
268
269 static void vnc_client_cache_addr(VncState *client)
270 {
271 Error *err = NULL;
272
273 client->info = g_malloc0(sizeof(*client->info));
274 vnc_init_basic_info_from_remote_addr(client->sioc,
275 qapi_VncClientInfo_base(client->info),
276 &err);
277 if (err) {
278 qapi_free_VncClientInfo(client->info);
279 client->info = NULL;
280 error_free(err);
281 }
282 }
283
284 static void vnc_qmp_event(VncState *vs, QAPIEvent event)
285 {
286 VncServerInfo *si;
287
288 if (!vs->info) {
289 return;
290 }
291
292 si = vnc_server_info_get(vs->vd);
293 if (!si) {
294 return;
295 }
296
297 switch (event) {
298 case QAPI_EVENT_VNC_CONNECTED:
299 qapi_event_send_vnc_connected(si, qapi_VncClientInfo_base(vs->info));
300 break;
301 case QAPI_EVENT_VNC_INITIALIZED:
302 qapi_event_send_vnc_initialized(si, vs->info);
303 break;
304 case QAPI_EVENT_VNC_DISCONNECTED:
305 qapi_event_send_vnc_disconnected(si, vs->info);
306 break;
307 default:
308 break;
309 }
310
311 qapi_free_VncServerInfo(si);
312 }
313
314 static VncClientInfo *qmp_query_vnc_client(const VncState *client)
315 {
316 VncClientInfo *info;
317 Error *err = NULL;
318
319 info = g_malloc0(sizeof(*info));
320
321 vnc_init_basic_info_from_remote_addr(client->sioc,
322 qapi_VncClientInfo_base(info),
323 &err);
324 if (err) {
325 error_free(err);
326 qapi_free_VncClientInfo(info);
327 return NULL;
328 }
329
330 info->websocket = client->websocket;
331
332 if (client->tls) {
333 info->x509_dname = qcrypto_tls_session_get_peer_name(client->tls);
334 info->has_x509_dname = info->x509_dname != NULL;
335 }
336 #ifdef CONFIG_VNC_SASL
337 if (client->sasl.conn && client->sasl.username) {
338 info->has_sasl_username = true;
339 info->sasl_username = g_strdup(client->sasl.username);
340 }
341 #endif
342
343 return info;
344 }
345
346 static VncDisplay *vnc_display_find(const char *id)
347 {
348 VncDisplay *vd;
349
350 if (id == NULL) {
351 return QTAILQ_FIRST(&vnc_displays);
352 }
353 QTAILQ_FOREACH(vd, &vnc_displays, next) {
354 if (strcmp(id, vd->id) == 0) {
355 return vd;
356 }
357 }
358 return NULL;
359 }
360
361 static VncClientInfoList *qmp_query_client_list(VncDisplay *vd)
362 {
363 VncClientInfoList *cinfo, *prev = NULL;
364 VncState *client;
365
366 QTAILQ_FOREACH(client, &vd->clients, next) {
367 cinfo = g_new0(VncClientInfoList, 1);
368 cinfo->value = qmp_query_vnc_client(client);
369 cinfo->next = prev;
370 prev = cinfo;
371 }
372 return prev;
373 }
374
375 VncInfo *qmp_query_vnc(Error **errp)
376 {
377 VncInfo *info = g_malloc0(sizeof(*info));
378 VncDisplay *vd = vnc_display_find(NULL);
379 SocketAddress *addr = NULL;
380
381 if (vd == NULL || !vd->listener || !vd->listener->nsioc) {
382 info->enabled = false;
383 } else {
384 info->enabled = true;
385
386 /* for compatibility with the original command */
387 info->has_clients = true;
388 info->clients = qmp_query_client_list(vd);
389
390 addr = qio_channel_socket_get_local_address(vd->listener->sioc[0],
391 errp);
392 if (!addr) {
393 goto out_error;
394 }
395
396 switch (addr->type) {
397 case SOCKET_ADDRESS_TYPE_INET:
398 info->host = g_strdup(addr->u.inet.host);
399 info->service = g_strdup(addr->u.inet.port);
400 if (addr->u.inet.ipv6) {
401 info->family = NETWORK_ADDRESS_FAMILY_IPV6;
402 } else {
403 info->family = NETWORK_ADDRESS_FAMILY_IPV4;
404 }
405 break;
406
407 case SOCKET_ADDRESS_TYPE_UNIX:
408 info->host = g_strdup("");
409 info->service = g_strdup(addr->u.q_unix.path);
410 info->family = NETWORK_ADDRESS_FAMILY_UNIX;
411 break;
412
413 case SOCKET_ADDRESS_TYPE_VSOCK:
414 case SOCKET_ADDRESS_TYPE_FD:
415 error_setg(errp, "Unsupported socket address type %s",
416 SocketAddressType_str(addr->type));
417 goto out_error;
418 default:
419 abort();
420 }
421
422 info->has_host = true;
423 info->has_service = true;
424 info->has_family = true;
425
426 info->has_auth = true;
427 info->auth = g_strdup(vnc_auth_name(vd));
428 }
429
430 qapi_free_SocketAddress(addr);
431 return info;
432
433 out_error:
434 qapi_free_SocketAddress(addr);
435 qapi_free_VncInfo(info);
436 return NULL;
437 }
438
439
440 static void qmp_query_auth(int auth, int subauth,
441 VncPrimaryAuth *qmp_auth,
442 VncVencryptSubAuth *qmp_vencrypt,
443 bool *qmp_has_vencrypt);
444
445 static VncServerInfo2List *qmp_query_server_entry(QIOChannelSocket *ioc,
446 bool websocket,
447 int auth,
448 int subauth,
449 VncServerInfo2List *prev)
450 {
451 VncServerInfo2List *list;
452 VncServerInfo2 *info;
453 Error *err = NULL;
454 SocketAddress *addr;
455
456 addr = qio_channel_socket_get_local_address(ioc, &err);
457 if (!addr) {
458 error_free(err);
459 return prev;
460 }
461
462 info = g_new0(VncServerInfo2, 1);
463 vnc_init_basic_info(addr, qapi_VncServerInfo2_base(info), &err);
464 qapi_free_SocketAddress(addr);
465 if (err) {
466 qapi_free_VncServerInfo2(info);
467 error_free(err);
468 return prev;
469 }
470 info->websocket = websocket;
471
472 qmp_query_auth(auth, subauth, &info->auth,
473 &info->vencrypt, &info->has_vencrypt);
474
475 list = g_new0(VncServerInfo2List, 1);
476 list->value = info;
477 list->next = prev;
478 return list;
479 }
480
481 static void qmp_query_auth(int auth, int subauth,
482 VncPrimaryAuth *qmp_auth,
483 VncVencryptSubAuth *qmp_vencrypt,
484 bool *qmp_has_vencrypt)
485 {
486 switch (auth) {
487 case VNC_AUTH_VNC:
488 *qmp_auth = VNC_PRIMARY_AUTH_VNC;
489 break;
490 case VNC_AUTH_RA2:
491 *qmp_auth = VNC_PRIMARY_AUTH_RA2;
492 break;
493 case VNC_AUTH_RA2NE:
494 *qmp_auth = VNC_PRIMARY_AUTH_RA2NE;
495 break;
496 case VNC_AUTH_TIGHT:
497 *qmp_auth = VNC_PRIMARY_AUTH_TIGHT;
498 break;
499 case VNC_AUTH_ULTRA:
500 *qmp_auth = VNC_PRIMARY_AUTH_ULTRA;
501 break;
502 case VNC_AUTH_TLS:
503 *qmp_auth = VNC_PRIMARY_AUTH_TLS;
504 break;
505 case VNC_AUTH_VENCRYPT:
506 *qmp_auth = VNC_PRIMARY_AUTH_VENCRYPT;
507 *qmp_has_vencrypt = true;
508 switch (subauth) {
509 case VNC_AUTH_VENCRYPT_PLAIN:
510 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_PLAIN;
511 break;
512 case VNC_AUTH_VENCRYPT_TLSNONE:
513 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_NONE;
514 break;
515 case VNC_AUTH_VENCRYPT_TLSVNC:
516 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_VNC;
517 break;
518 case VNC_AUTH_VENCRYPT_TLSPLAIN:
519 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_PLAIN;
520 break;
521 case VNC_AUTH_VENCRYPT_X509NONE:
522 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_NONE;
523 break;
524 case VNC_AUTH_VENCRYPT_X509VNC:
525 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_VNC;
526 break;
527 case VNC_AUTH_VENCRYPT_X509PLAIN:
528 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_PLAIN;
529 break;
530 case VNC_AUTH_VENCRYPT_TLSSASL:
531 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_TLS_SASL;
532 break;
533 case VNC_AUTH_VENCRYPT_X509SASL:
534 *qmp_vencrypt = VNC_VENCRYPT_SUB_AUTH_X509_SASL;
535 break;
536 default:
537 *qmp_has_vencrypt = false;
538 break;
539 }
540 break;
541 case VNC_AUTH_SASL:
542 *qmp_auth = VNC_PRIMARY_AUTH_SASL;
543 break;
544 case VNC_AUTH_NONE:
545 default:
546 *qmp_auth = VNC_PRIMARY_AUTH_NONE;
547 break;
548 }
549 }
550
551 VncInfo2List *qmp_query_vnc_servers(Error **errp)
552 {
553 VncInfo2List *item, *prev = NULL;
554 VncInfo2 *info;
555 VncDisplay *vd;
556 DeviceState *dev;
557 size_t i;
558
559 QTAILQ_FOREACH(vd, &vnc_displays, next) {
560 info = g_new0(VncInfo2, 1);
561 info->id = g_strdup(vd->id);
562 info->clients = qmp_query_client_list(vd);
563 qmp_query_auth(vd->auth, vd->subauth, &info->auth,
564 &info->vencrypt, &info->has_vencrypt);
565 if (vd->dcl.con) {
566 dev = DEVICE(object_property_get_link(OBJECT(vd->dcl.con),
567 "device", NULL));
568 info->has_display = true;
569 info->display = g_strdup(dev->id);
570 }
571 for (i = 0; vd->listener != NULL && i < vd->listener->nsioc; i++) {
572 info->server = qmp_query_server_entry(
573 vd->listener->sioc[i], false, vd->auth, vd->subauth,
574 info->server);
575 }
576 for (i = 0; vd->wslistener != NULL && i < vd->wslistener->nsioc; i++) {
577 info->server = qmp_query_server_entry(
578 vd->wslistener->sioc[i], true, vd->ws_auth,
579 vd->ws_subauth, info->server);
580 }
581
582 item = g_new0(VncInfo2List, 1);
583 item->value = info;
584 item->next = prev;
585 prev = item;
586 }
587 return prev;
588 }
589
590 /* TODO
591 1) Get the queue working for IO.
592 2) there is some weirdness when using the -S option (the screen is grey
593 and not totally invalidated
594 3) resolutions > 1024
595 */
596
597 static int vnc_update_client(VncState *vs, int has_dirty);
598 static void vnc_disconnect_start(VncState *vs);
599
600 static void vnc_colordepth(VncState *vs);
601 static void framebuffer_update_request(VncState *vs, int incremental,
602 int x_position, int y_position,
603 int w, int h);
604 static void vnc_refresh(DisplayChangeListener *dcl);
605 static int vnc_refresh_server_surface(VncDisplay *vd);
606
607 static int vnc_width(VncDisplay *vd)
608 {
609 return MIN(VNC_MAX_WIDTH, ROUND_UP(surface_width(vd->ds),
610 VNC_DIRTY_PIXELS_PER_BIT));
611 }
612
613 static int vnc_height(VncDisplay *vd)
614 {
615 return MIN(VNC_MAX_HEIGHT, surface_height(vd->ds));
616 }
617
618 static void vnc_set_area_dirty(DECLARE_BITMAP(dirty[VNC_MAX_HEIGHT],
619 VNC_MAX_WIDTH / VNC_DIRTY_PIXELS_PER_BIT),
620 VncDisplay *vd,
621 int x, int y, int w, int h)
622 {
623 int width = vnc_width(vd);
624 int height = vnc_height(vd);
625
626 /* this is needed this to ensure we updated all affected
627 * blocks if x % VNC_DIRTY_PIXELS_PER_BIT != 0 */
628 w += (x % VNC_DIRTY_PIXELS_PER_BIT);
629 x -= (x % VNC_DIRTY_PIXELS_PER_BIT);
630
631 x = MIN(x, width);
632 y = MIN(y, height);
633 w = MIN(x + w, width) - x;
634 h = MIN(y + h, height);
635
636 for (; y < h; y++) {
637 bitmap_set(dirty[y], x / VNC_DIRTY_PIXELS_PER_BIT,
638 DIV_ROUND_UP(w, VNC_DIRTY_PIXELS_PER_BIT));
639 }
640 }
641
642 static void vnc_dpy_update(DisplayChangeListener *dcl,
643 int x, int y, int w, int h)
644 {
645 VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
646 struct VncSurface *s = &vd->guest;
647
648 vnc_set_area_dirty(s->dirty, vd, x, y, w, h);
649 }
650
651 void vnc_framebuffer_update(VncState *vs, int x, int y, int w, int h,
652 int32_t encoding)
653 {
654 vnc_write_u16(vs, x);
655 vnc_write_u16(vs, y);
656 vnc_write_u16(vs, w);
657 vnc_write_u16(vs, h);
658
659 vnc_write_s32(vs, encoding);
660 }
661
662
663 static void vnc_desktop_resize(VncState *vs)
664 {
665 if (vs->ioc == NULL || !vnc_has_feature(vs, VNC_FEATURE_RESIZE)) {
666 return;
667 }
668 if (vs->client_width == pixman_image_get_width(vs->vd->server) &&
669 vs->client_height == pixman_image_get_height(vs->vd->server)) {
670 return;
671 }
672
673 assert(pixman_image_get_width(vs->vd->server) < 65536 &&
674 pixman_image_get_width(vs->vd->server) >= 0);
675 assert(pixman_image_get_height(vs->vd->server) < 65536 &&
676 pixman_image_get_height(vs->vd->server) >= 0);
677 vs->client_width = pixman_image_get_width(vs->vd->server);
678 vs->client_height = pixman_image_get_height(vs->vd->server);
679 vnc_lock_output(vs);
680 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
681 vnc_write_u8(vs, 0);
682 vnc_write_u16(vs, 1); /* number of rects */
683 vnc_framebuffer_update(vs, 0, 0, vs->client_width, vs->client_height,
684 VNC_ENCODING_DESKTOPRESIZE);
685 vnc_unlock_output(vs);
686 vnc_flush(vs);
687 }
688
689 static void vnc_abort_display_jobs(VncDisplay *vd)
690 {
691 VncState *vs;
692
693 QTAILQ_FOREACH(vs, &vd->clients, next) {
694 vnc_lock_output(vs);
695 vs->abort = true;
696 vnc_unlock_output(vs);
697 }
698 QTAILQ_FOREACH(vs, &vd->clients, next) {
699 vnc_jobs_join(vs);
700 }
701 QTAILQ_FOREACH(vs, &vd->clients, next) {
702 vnc_lock_output(vs);
703 vs->abort = false;
704 vnc_unlock_output(vs);
705 }
706 }
707
708 int vnc_server_fb_stride(VncDisplay *vd)
709 {
710 return pixman_image_get_stride(vd->server);
711 }
712
713 void *vnc_server_fb_ptr(VncDisplay *vd, int x, int y)
714 {
715 uint8_t *ptr;
716
717 ptr = (uint8_t *)pixman_image_get_data(vd->server);
718 ptr += y * vnc_server_fb_stride(vd);
719 ptr += x * VNC_SERVER_FB_BYTES;
720 return ptr;
721 }
722
723 static void vnc_update_server_surface(VncDisplay *vd)
724 {
725 int width, height;
726
727 qemu_pixman_image_unref(vd->server);
728 vd->server = NULL;
729
730 if (QTAILQ_EMPTY(&vd->clients)) {
731 return;
732 }
733
734 width = vnc_width(vd);
735 height = vnc_height(vd);
736 vd->server = pixman_image_create_bits(VNC_SERVER_FB_FORMAT,
737 width, height,
738 NULL, 0);
739
740 memset(vd->guest.dirty, 0x00, sizeof(vd->guest.dirty));
741 vnc_set_area_dirty(vd->guest.dirty, vd, 0, 0,
742 width, height);
743 }
744
745 static void vnc_dpy_switch(DisplayChangeListener *dcl,
746 DisplaySurface *surface)
747 {
748 static const char placeholder_msg[] =
749 "Display output is not active.";
750 static DisplaySurface *placeholder;
751 VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
752 VncState *vs;
753
754 if (surface == NULL) {
755 if (placeholder == NULL) {
756 placeholder = qemu_create_message_surface(640, 480, placeholder_msg);
757 }
758 surface = placeholder;
759 }
760
761 vnc_abort_display_jobs(vd);
762 vd->ds = surface;
763
764 /* server surface */
765 vnc_update_server_surface(vd);
766
767 /* guest surface */
768 qemu_pixman_image_unref(vd->guest.fb);
769 vd->guest.fb = pixman_image_ref(surface->image);
770 vd->guest.format = surface->format;
771
772 QTAILQ_FOREACH(vs, &vd->clients, next) {
773 vnc_colordepth(vs);
774 vnc_desktop_resize(vs);
775 if (vs->vd->cursor) {
776 vnc_cursor_define(vs);
777 }
778 memset(vs->dirty, 0x00, sizeof(vs->dirty));
779 vnc_set_area_dirty(vs->dirty, vd, 0, 0,
780 vnc_width(vd),
781 vnc_height(vd));
782 vnc_update_throttle_offset(vs);
783 }
784 }
785
786 /* fastest code */
787 static void vnc_write_pixels_copy(VncState *vs,
788 void *pixels, int size)
789 {
790 vnc_write(vs, pixels, size);
791 }
792
793 /* slowest but generic code. */
794 void vnc_convert_pixel(VncState *vs, uint8_t *buf, uint32_t v)
795 {
796 uint8_t r, g, b;
797
798 #if VNC_SERVER_FB_FORMAT == PIXMAN_FORMAT(32, PIXMAN_TYPE_ARGB, 0, 8, 8, 8)
799 r = (((v & 0x00ff0000) >> 16) << vs->client_pf.rbits) >> 8;
800 g = (((v & 0x0000ff00) >> 8) << vs->client_pf.gbits) >> 8;
801 b = (((v & 0x000000ff) >> 0) << vs->client_pf.bbits) >> 8;
802 #else
803 # error need some bits here if you change VNC_SERVER_FB_FORMAT
804 #endif
805 v = (r << vs->client_pf.rshift) |
806 (g << vs->client_pf.gshift) |
807 (b << vs->client_pf.bshift);
808 switch (vs->client_pf.bytes_per_pixel) {
809 case 1:
810 buf[0] = v;
811 break;
812 case 2:
813 if (vs->client_be) {
814 buf[0] = v >> 8;
815 buf[1] = v;
816 } else {
817 buf[1] = v >> 8;
818 buf[0] = v;
819 }
820 break;
821 default:
822 case 4:
823 if (vs->client_be) {
824 buf[0] = v >> 24;
825 buf[1] = v >> 16;
826 buf[2] = v >> 8;
827 buf[3] = v;
828 } else {
829 buf[3] = v >> 24;
830 buf[2] = v >> 16;
831 buf[1] = v >> 8;
832 buf[0] = v;
833 }
834 break;
835 }
836 }
837
838 static void vnc_write_pixels_generic(VncState *vs,
839 void *pixels1, int size)
840 {
841 uint8_t buf[4];
842
843 if (VNC_SERVER_FB_BYTES == 4) {
844 uint32_t *pixels = pixels1;
845 int n, i;
846 n = size >> 2;
847 for (i = 0; i < n; i++) {
848 vnc_convert_pixel(vs, buf, pixels[i]);
849 vnc_write(vs, buf, vs->client_pf.bytes_per_pixel);
850 }
851 }
852 }
853
854 int vnc_raw_send_framebuffer_update(VncState *vs, int x, int y, int w, int h)
855 {
856 int i;
857 uint8_t *row;
858 VncDisplay *vd = vs->vd;
859
860 row = vnc_server_fb_ptr(vd, x, y);
861 for (i = 0; i < h; i++) {
862 vs->write_pixels(vs, row, w * VNC_SERVER_FB_BYTES);
863 row += vnc_server_fb_stride(vd);
864 }
865 return 1;
866 }
867
868 int vnc_send_framebuffer_update(VncState *vs, int x, int y, int w, int h)
869 {
870 int n = 0;
871 bool encode_raw = false;
872 size_t saved_offs = vs->output.offset;
873
874 switch(vs->vnc_encoding) {
875 case VNC_ENCODING_ZLIB:
876 n = vnc_zlib_send_framebuffer_update(vs, x, y, w, h);
877 break;
878 case VNC_ENCODING_HEXTILE:
879 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_HEXTILE);
880 n = vnc_hextile_send_framebuffer_update(vs, x, y, w, h);
881 break;
882 case VNC_ENCODING_TIGHT:
883 n = vnc_tight_send_framebuffer_update(vs, x, y, w, h);
884 break;
885 case VNC_ENCODING_TIGHT_PNG:
886 n = vnc_tight_png_send_framebuffer_update(vs, x, y, w, h);
887 break;
888 case VNC_ENCODING_ZRLE:
889 n = vnc_zrle_send_framebuffer_update(vs, x, y, w, h);
890 break;
891 case VNC_ENCODING_ZYWRLE:
892 n = vnc_zywrle_send_framebuffer_update(vs, x, y, w, h);
893 break;
894 default:
895 encode_raw = true;
896 break;
897 }
898
899 /* If the client has the same pixel format as our internal buffer and
900 * a RAW encoding would need less space fall back to RAW encoding to
901 * save bandwidth and processing power in the client. */
902 if (!encode_raw && vs->write_pixels == vnc_write_pixels_copy &&
903 12 + h * w * VNC_SERVER_FB_BYTES <= (vs->output.offset - saved_offs)) {
904 vs->output.offset = saved_offs;
905 encode_raw = true;
906 }
907
908 if (encode_raw) {
909 vnc_framebuffer_update(vs, x, y, w, h, VNC_ENCODING_RAW);
910 n = vnc_raw_send_framebuffer_update(vs, x, y, w, h);
911 }
912
913 return n;
914 }
915
916 static void vnc_mouse_set(DisplayChangeListener *dcl,
917 int x, int y, int visible)
918 {
919 /* can we ask the client(s) to move the pointer ??? */
920 }
921
922 static int vnc_cursor_define(VncState *vs)
923 {
924 QEMUCursor *c = vs->vd->cursor;
925 int isize;
926
927 if (vnc_has_feature(vs, VNC_FEATURE_RICH_CURSOR)) {
928 vnc_lock_output(vs);
929 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
930 vnc_write_u8(vs, 0); /* padding */
931 vnc_write_u16(vs, 1); /* # of rects */
932 vnc_framebuffer_update(vs, c->hot_x, c->hot_y, c->width, c->height,
933 VNC_ENCODING_RICH_CURSOR);
934 isize = c->width * c->height * vs->client_pf.bytes_per_pixel;
935 vnc_write_pixels_generic(vs, c->data, isize);
936 vnc_write(vs, vs->vd->cursor_mask, vs->vd->cursor_msize);
937 vnc_unlock_output(vs);
938 return 0;
939 }
940 return -1;
941 }
942
943 static void vnc_dpy_cursor_define(DisplayChangeListener *dcl,
944 QEMUCursor *c)
945 {
946 VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
947 VncState *vs;
948
949 cursor_put(vd->cursor);
950 g_free(vd->cursor_mask);
951
952 vd->cursor = c;
953 cursor_get(vd->cursor);
954 vd->cursor_msize = cursor_get_mono_bpl(c) * c->height;
955 vd->cursor_mask = g_malloc0(vd->cursor_msize);
956 cursor_get_mono_mask(c, 0, vd->cursor_mask);
957
958 QTAILQ_FOREACH(vs, &vd->clients, next) {
959 vnc_cursor_define(vs);
960 }
961 }
962
963 static int find_and_clear_dirty_height(VncState *vs,
964 int y, int last_x, int x, int height)
965 {
966 int h;
967
968 for (h = 1; h < (height - y); h++) {
969 if (!test_bit(last_x, vs->dirty[y + h])) {
970 break;
971 }
972 bitmap_clear(vs->dirty[y + h], last_x, x - last_x);
973 }
974
975 return h;
976 }
977
978 /*
979 * Figure out how much pending data we should allow in the output
980 * buffer before we throttle incremental display updates, and/or
981 * drop audio samples.
982 *
983 * We allow for equiv of 1 full display's worth of FB updates,
984 * and 1 second of audio samples. If audio backlog was larger
985 * than that the client would already suffering awful audio
986 * glitches, so dropping samples is no worse really).
987 */
988 static void vnc_update_throttle_offset(VncState *vs)
989 {
990 size_t offset =
991 vs->client_width * vs->client_height * vs->client_pf.bytes_per_pixel;
992
993 if (vs->audio_cap) {
994 int bps;
995 switch (vs->as.fmt) {
996 default:
997 case AUD_FMT_U8:
998 case AUD_FMT_S8:
999 bps = 1;
1000 break;
1001 case AUD_FMT_U16:
1002 case AUD_FMT_S16:
1003 bps = 2;
1004 break;
1005 case AUD_FMT_U32:
1006 case AUD_FMT_S32:
1007 bps = 4;
1008 break;
1009 }
1010 offset += vs->as.freq * bps * vs->as.nchannels;
1011 }
1012
1013 /* Put a floor of 1MB on offset, so that if we have a large pending
1014 * buffer and the display is resized to a small size & back again
1015 * we don't suddenly apply a tiny send limit
1016 */
1017 offset = MAX(offset, 1024 * 1024);
1018
1019 if (vs->throttle_output_offset != offset) {
1020 trace_vnc_client_throttle_threshold(
1021 vs, vs->ioc, vs->throttle_output_offset, offset, vs->client_width,
1022 vs->client_height, vs->client_pf.bytes_per_pixel, vs->audio_cap);
1023 }
1024
1025 vs->throttle_output_offset = offset;
1026 }
1027
1028 static bool vnc_should_update(VncState *vs)
1029 {
1030 switch (vs->update) {
1031 case VNC_STATE_UPDATE_NONE:
1032 break;
1033 case VNC_STATE_UPDATE_INCREMENTAL:
1034 /* Only allow incremental updates if the pending send queue
1035 * is less than the permitted threshold, and the job worker
1036 * is completely idle.
1037 */
1038 if (vs->output.offset < vs->throttle_output_offset &&
1039 vs->job_update == VNC_STATE_UPDATE_NONE) {
1040 return true;
1041 }
1042 trace_vnc_client_throttle_incremental(
1043 vs, vs->ioc, vs->job_update, vs->output.offset);
1044 break;
1045 case VNC_STATE_UPDATE_FORCE:
1046 /* Only allow forced updates if the pending send queue
1047 * does not contain a previous forced update, and the
1048 * job worker is completely idle.
1049 *
1050 * Note this means we'll queue a forced update, even if
1051 * the output buffer size is otherwise over the throttle
1052 * output limit.
1053 */
1054 if (vs->force_update_offset == 0 &&
1055 vs->job_update == VNC_STATE_UPDATE_NONE) {
1056 return true;
1057 }
1058 trace_vnc_client_throttle_forced(
1059 vs, vs->ioc, vs->job_update, vs->force_update_offset);
1060 break;
1061 }
1062 return false;
1063 }
1064
1065 static int vnc_update_client(VncState *vs, int has_dirty)
1066 {
1067 VncDisplay *vd = vs->vd;
1068 VncJob *job;
1069 int y;
1070 int height, width;
1071 int n = 0;
1072
1073 if (vs->disconnecting) {
1074 vnc_disconnect_finish(vs);
1075 return 0;
1076 }
1077
1078 vs->has_dirty += has_dirty;
1079 if (!vnc_should_update(vs)) {
1080 return 0;
1081 }
1082
1083 if (!vs->has_dirty && vs->update != VNC_STATE_UPDATE_FORCE) {
1084 return 0;
1085 }
1086
1087 /*
1088 * Send screen updates to the vnc client using the server
1089 * surface and server dirty map. guest surface updates
1090 * happening in parallel don't disturb us, the next pass will
1091 * send them to the client.
1092 */
1093 job = vnc_job_new(vs);
1094
1095 height = pixman_image_get_height(vd->server);
1096 width = pixman_image_get_width(vd->server);
1097
1098 y = 0;
1099 for (;;) {
1100 int x, h;
1101 unsigned long x2;
1102 unsigned long offset = find_next_bit((unsigned long *) &vs->dirty,
1103 height * VNC_DIRTY_BPL(vs),
1104 y * VNC_DIRTY_BPL(vs));
1105 if (offset == height * VNC_DIRTY_BPL(vs)) {
1106 /* no more dirty bits */
1107 break;
1108 }
1109 y = offset / VNC_DIRTY_BPL(vs);
1110 x = offset % VNC_DIRTY_BPL(vs);
1111 x2 = find_next_zero_bit((unsigned long *) &vs->dirty[y],
1112 VNC_DIRTY_BPL(vs), x);
1113 bitmap_clear(vs->dirty[y], x, x2 - x);
1114 h = find_and_clear_dirty_height(vs, y, x, x2, height);
1115 x2 = MIN(x2, width / VNC_DIRTY_PIXELS_PER_BIT);
1116 if (x2 > x) {
1117 n += vnc_job_add_rect(job, x * VNC_DIRTY_PIXELS_PER_BIT, y,
1118 (x2 - x) * VNC_DIRTY_PIXELS_PER_BIT, h);
1119 }
1120 if (!x && x2 == width / VNC_DIRTY_PIXELS_PER_BIT) {
1121 y += h;
1122 if (y == height) {
1123 break;
1124 }
1125 }
1126 }
1127
1128 vs->job_update = vs->update;
1129 vs->update = VNC_STATE_UPDATE_NONE;
1130 vnc_job_push(job);
1131 vs->has_dirty = 0;
1132 return n;
1133 }
1134
1135 /* audio */
1136 static void audio_capture_notify(void *opaque, audcnotification_e cmd)
1137 {
1138 VncState *vs = opaque;
1139
1140 assert(vs->magic == VNC_MAGIC);
1141 switch (cmd) {
1142 case AUD_CNOTIFY_DISABLE:
1143 vnc_lock_output(vs);
1144 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU);
1145 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO);
1146 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_END);
1147 vnc_unlock_output(vs);
1148 vnc_flush(vs);
1149 break;
1150
1151 case AUD_CNOTIFY_ENABLE:
1152 vnc_lock_output(vs);
1153 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU);
1154 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO);
1155 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_BEGIN);
1156 vnc_unlock_output(vs);
1157 vnc_flush(vs);
1158 break;
1159 }
1160 }
1161
1162 static void audio_capture_destroy(void *opaque)
1163 {
1164 }
1165
1166 static void audio_capture(void *opaque, void *buf, int size)
1167 {
1168 VncState *vs = opaque;
1169
1170 assert(vs->magic == VNC_MAGIC);
1171 vnc_lock_output(vs);
1172 if (vs->output.offset < vs->throttle_output_offset) {
1173 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU);
1174 vnc_write_u8(vs, VNC_MSG_SERVER_QEMU_AUDIO);
1175 vnc_write_u16(vs, VNC_MSG_SERVER_QEMU_AUDIO_DATA);
1176 vnc_write_u32(vs, size);
1177 vnc_write(vs, buf, size);
1178 } else {
1179 trace_vnc_client_throttle_audio(vs, vs->ioc, vs->output.offset);
1180 }
1181 vnc_unlock_output(vs);
1182 vnc_flush(vs);
1183 }
1184
1185 static void audio_add(VncState *vs)
1186 {
1187 struct audio_capture_ops ops;
1188
1189 if (vs->audio_cap) {
1190 error_report("audio already running");
1191 return;
1192 }
1193
1194 ops.notify = audio_capture_notify;
1195 ops.destroy = audio_capture_destroy;
1196 ops.capture = audio_capture;
1197
1198 vs->audio_cap = AUD_add_capture(&vs->as, &ops, vs);
1199 if (!vs->audio_cap) {
1200 error_report("Failed to add audio capture");
1201 }
1202 }
1203
1204 static void audio_del(VncState *vs)
1205 {
1206 if (vs->audio_cap) {
1207 AUD_del_capture(vs->audio_cap, vs);
1208 vs->audio_cap = NULL;
1209 }
1210 }
1211
1212 static void vnc_disconnect_start(VncState *vs)
1213 {
1214 if (vs->disconnecting) {
1215 return;
1216 }
1217 trace_vnc_client_disconnect_start(vs, vs->ioc);
1218 vnc_set_share_mode(vs, VNC_SHARE_MODE_DISCONNECTED);
1219 if (vs->ioc_tag) {
1220 g_source_remove(vs->ioc_tag);
1221 vs->ioc_tag = 0;
1222 }
1223 qio_channel_close(vs->ioc, NULL);
1224 vs->disconnecting = TRUE;
1225 }
1226
1227 void vnc_disconnect_finish(VncState *vs)
1228 {
1229 int i;
1230
1231 trace_vnc_client_disconnect_finish(vs, vs->ioc);
1232
1233 vnc_jobs_join(vs); /* Wait encoding jobs */
1234
1235 vnc_lock_output(vs);
1236 vnc_qmp_event(vs, QAPI_EVENT_VNC_DISCONNECTED);
1237
1238 buffer_free(&vs->input);
1239 buffer_free(&vs->output);
1240
1241 qapi_free_VncClientInfo(vs->info);
1242
1243 vnc_zlib_clear(vs);
1244 vnc_tight_clear(vs);
1245 vnc_zrle_clear(vs);
1246
1247 #ifdef CONFIG_VNC_SASL
1248 vnc_sasl_client_cleanup(vs);
1249 #endif /* CONFIG_VNC_SASL */
1250 audio_del(vs);
1251 vnc_release_modifiers(vs);
1252
1253 if (vs->mouse_mode_notifier.notify != NULL) {
1254 qemu_remove_mouse_mode_change_notifier(&vs->mouse_mode_notifier);
1255 }
1256 QTAILQ_REMOVE(&vs->vd->clients, vs, next);
1257 if (QTAILQ_EMPTY(&vs->vd->clients)) {
1258 /* last client gone */
1259 vnc_update_server_surface(vs->vd);
1260 }
1261
1262 vnc_unlock_output(vs);
1263
1264 qemu_mutex_destroy(&vs->output_mutex);
1265 if (vs->bh != NULL) {
1266 qemu_bh_delete(vs->bh);
1267 }
1268 buffer_free(&vs->jobs_buffer);
1269
1270 for (i = 0; i < VNC_STAT_ROWS; ++i) {
1271 g_free(vs->lossy_rect[i]);
1272 }
1273 g_free(vs->lossy_rect);
1274
1275 object_unref(OBJECT(vs->ioc));
1276 vs->ioc = NULL;
1277 object_unref(OBJECT(vs->sioc));
1278 vs->sioc = NULL;
1279 vs->magic = 0;
1280 g_free(vs);
1281 }
1282
1283 size_t vnc_client_io_error(VncState *vs, ssize_t ret, Error **errp)
1284 {
1285 if (ret <= 0) {
1286 if (ret == 0) {
1287 trace_vnc_client_eof(vs, vs->ioc);
1288 vnc_disconnect_start(vs);
1289 } else if (ret != QIO_CHANNEL_ERR_BLOCK) {
1290 trace_vnc_client_io_error(vs, vs->ioc,
1291 errp ? error_get_pretty(*errp) :
1292 "Unknown");
1293 vnc_disconnect_start(vs);
1294 }
1295
1296 if (errp) {
1297 error_free(*errp);
1298 *errp = NULL;
1299 }
1300 return 0;
1301 }
1302 return ret;
1303 }
1304
1305
1306 void vnc_client_error(VncState *vs)
1307 {
1308 VNC_DEBUG("Closing down client sock: protocol error\n");
1309 vnc_disconnect_start(vs);
1310 }
1311
1312
1313 /*
1314 * Called to write a chunk of data to the client socket. The data may
1315 * be the raw data, or may have already been encoded by SASL.
1316 * The data will be written either straight onto the socket, or
1317 * written via the GNUTLS wrappers, if TLS/SSL encryption is enabled
1318 *
1319 * NB, it is theoretically possible to have 2 layers of encryption,
1320 * both SASL, and this TLS layer. It is highly unlikely in practice
1321 * though, since SASL encryption will typically be a no-op if TLS
1322 * is active
1323 *
1324 * Returns the number of bytes written, which may be less than
1325 * the requested 'datalen' if the socket would block. Returns
1326 * 0 on I/O error, and disconnects the client socket.
1327 */
1328 size_t vnc_client_write_buf(VncState *vs, const uint8_t *data, size_t datalen)
1329 {
1330 Error *err = NULL;
1331 ssize_t ret;
1332 ret = qio_channel_write(
1333 vs->ioc, (const char *)data, datalen, &err);
1334 VNC_DEBUG("Wrote wire %p %zd -> %ld\n", data, datalen, ret);
1335 return vnc_client_io_error(vs, ret, &err);
1336 }
1337
1338
1339 /*
1340 * Called to write buffered data to the client socket, when not
1341 * using any SASL SSF encryption layers. Will write as much data
1342 * as possible without blocking. If all buffered data is written,
1343 * will switch the FD poll() handler back to read monitoring.
1344 *
1345 * Returns the number of bytes written, which may be less than
1346 * the buffered output data if the socket would block. Returns
1347 * 0 on I/O error, and disconnects the client socket.
1348 */
1349 static size_t vnc_client_write_plain(VncState *vs)
1350 {
1351 size_t offset;
1352 size_t ret;
1353
1354 #ifdef CONFIG_VNC_SASL
1355 VNC_DEBUG("Write Plain: Pending output %p size %zd offset %zd. Wait SSF %d\n",
1356 vs->output.buffer, vs->output.capacity, vs->output.offset,
1357 vs->sasl.waitWriteSSF);
1358
1359 if (vs->sasl.conn &&
1360 vs->sasl.runSSF &&
1361 vs->sasl.waitWriteSSF) {
1362 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->sasl.waitWriteSSF);
1363 if (ret)
1364 vs->sasl.waitWriteSSF -= ret;
1365 } else
1366 #endif /* CONFIG_VNC_SASL */
1367 ret = vnc_client_write_buf(vs, vs->output.buffer, vs->output.offset);
1368 if (!ret)
1369 return 0;
1370
1371 if (ret >= vs->force_update_offset) {
1372 if (vs->force_update_offset != 0) {
1373 trace_vnc_client_unthrottle_forced(vs, vs->ioc);
1374 }
1375 vs->force_update_offset = 0;
1376 } else {
1377 vs->force_update_offset -= ret;
1378 }
1379 offset = vs->output.offset;
1380 buffer_advance(&vs->output, ret);
1381 if (offset >= vs->throttle_output_offset &&
1382 vs->output.offset < vs->throttle_output_offset) {
1383 trace_vnc_client_unthrottle_incremental(vs, vs->ioc, vs->output.offset);
1384 }
1385
1386 if (vs->output.offset == 0) {
1387 if (vs->ioc_tag) {
1388 g_source_remove(vs->ioc_tag);
1389 }
1390 vs->ioc_tag = qio_channel_add_watch(
1391 vs->ioc, G_IO_IN, vnc_client_io, vs, NULL);
1392 }
1393
1394 return ret;
1395 }
1396
1397
1398 /*
1399 * First function called whenever there is data to be written to
1400 * the client socket. Will delegate actual work according to whether
1401 * SASL SSF layers are enabled (thus requiring encryption calls)
1402 */
1403 static void vnc_client_write_locked(VncState *vs)
1404 {
1405 #ifdef CONFIG_VNC_SASL
1406 if (vs->sasl.conn &&
1407 vs->sasl.runSSF &&
1408 !vs->sasl.waitWriteSSF) {
1409 vnc_client_write_sasl(vs);
1410 } else
1411 #endif /* CONFIG_VNC_SASL */
1412 {
1413 vnc_client_write_plain(vs);
1414 }
1415 }
1416
1417 static void vnc_client_write(VncState *vs)
1418 {
1419 assert(vs->magic == VNC_MAGIC);
1420 vnc_lock_output(vs);
1421 if (vs->output.offset) {
1422 vnc_client_write_locked(vs);
1423 } else if (vs->ioc != NULL) {
1424 if (vs->ioc_tag) {
1425 g_source_remove(vs->ioc_tag);
1426 }
1427 vs->ioc_tag = qio_channel_add_watch(
1428 vs->ioc, G_IO_IN, vnc_client_io, vs, NULL);
1429 }
1430 vnc_unlock_output(vs);
1431 }
1432
1433 void vnc_read_when(VncState *vs, VncReadEvent *func, size_t expecting)
1434 {
1435 vs->read_handler = func;
1436 vs->read_handler_expect = expecting;
1437 }
1438
1439
1440 /*
1441 * Called to read a chunk of data from the client socket. The data may
1442 * be the raw data, or may need to be further decoded by SASL.
1443 * The data will be read either straight from to the socket, or
1444 * read via the GNUTLS wrappers, if TLS/SSL encryption is enabled
1445 *
1446 * NB, it is theoretically possible to have 2 layers of encryption,
1447 * both SASL, and this TLS layer. It is highly unlikely in practice
1448 * though, since SASL encryption will typically be a no-op if TLS
1449 * is active
1450 *
1451 * Returns the number of bytes read, which may be less than
1452 * the requested 'datalen' if the socket would block. Returns
1453 * 0 on I/O error or EOF, and disconnects the client socket.
1454 */
1455 size_t vnc_client_read_buf(VncState *vs, uint8_t *data, size_t datalen)
1456 {
1457 ssize_t ret;
1458 Error *err = NULL;
1459 ret = qio_channel_read(
1460 vs->ioc, (char *)data, datalen, &err);
1461 VNC_DEBUG("Read wire %p %zd -> %ld\n", data, datalen, ret);
1462 return vnc_client_io_error(vs, ret, &err);
1463 }
1464
1465
1466 /*
1467 * Called to read data from the client socket to the input buffer,
1468 * when not using any SASL SSF encryption layers. Will read as much
1469 * data as possible without blocking.
1470 *
1471 * Returns the number of bytes read, which may be less than
1472 * the requested 'datalen' if the socket would block. Returns
1473 * 0 on I/O error or EOF, and disconnects the client socket.
1474 */
1475 static size_t vnc_client_read_plain(VncState *vs)
1476 {
1477 size_t ret;
1478 VNC_DEBUG("Read plain %p size %zd offset %zd\n",
1479 vs->input.buffer, vs->input.capacity, vs->input.offset);
1480 buffer_reserve(&vs->input, 4096);
1481 ret = vnc_client_read_buf(vs, buffer_end(&vs->input), 4096);
1482 if (!ret)
1483 return 0;
1484 vs->input.offset += ret;
1485 return ret;
1486 }
1487
1488 static void vnc_jobs_bh(void *opaque)
1489 {
1490 VncState *vs = opaque;
1491
1492 assert(vs->magic == VNC_MAGIC);
1493 vnc_jobs_consume_buffer(vs);
1494 }
1495
1496 /*
1497 * First function called whenever there is more data to be read from
1498 * the client socket. Will delegate actual work according to whether
1499 * SASL SSF layers are enabled (thus requiring decryption calls)
1500 * Returns 0 on success, -1 if client disconnected
1501 */
1502 static int vnc_client_read(VncState *vs)
1503 {
1504 size_t ret;
1505
1506 #ifdef CONFIG_VNC_SASL
1507 if (vs->sasl.conn && vs->sasl.runSSF)
1508 ret = vnc_client_read_sasl(vs);
1509 else
1510 #endif /* CONFIG_VNC_SASL */
1511 ret = vnc_client_read_plain(vs);
1512 if (!ret) {
1513 if (vs->disconnecting) {
1514 vnc_disconnect_finish(vs);
1515 return -1;
1516 }
1517 return 0;
1518 }
1519
1520 while (vs->read_handler && vs->input.offset >= vs->read_handler_expect) {
1521 size_t len = vs->read_handler_expect;
1522 int ret;
1523
1524 ret = vs->read_handler(vs, vs->input.buffer, len);
1525 if (vs->disconnecting) {
1526 vnc_disconnect_finish(vs);
1527 return -1;
1528 }
1529
1530 if (!ret) {
1531 buffer_advance(&vs->input, len);
1532 } else {
1533 vs->read_handler_expect = ret;
1534 }
1535 }
1536 return 0;
1537 }
1538
1539 gboolean vnc_client_io(QIOChannel *ioc G_GNUC_UNUSED,
1540 GIOCondition condition, void *opaque)
1541 {
1542 VncState *vs = opaque;
1543
1544 assert(vs->magic == VNC_MAGIC);
1545 if (condition & G_IO_IN) {
1546 if (vnc_client_read(vs) < 0) {
1547 /* vs is free()ed here */
1548 return TRUE;
1549 }
1550 }
1551 if (condition & G_IO_OUT) {
1552 vnc_client_write(vs);
1553 }
1554
1555 if (vs->disconnecting) {
1556 if (vs->ioc_tag != 0) {
1557 g_source_remove(vs->ioc_tag);
1558 }
1559 vs->ioc_tag = 0;
1560 }
1561 return TRUE;
1562 }
1563
1564
1565 /*
1566 * Scale factor to apply to vs->throttle_output_offset when checking for
1567 * hard limit. Worst case normal usage could be x2, if we have a complete
1568 * incremental update and complete forced update in the output buffer.
1569 * So x3 should be good enough, but we pick x5 to be conservative and thus
1570 * (hopefully) never trigger incorrectly.
1571 */
1572 #define VNC_THROTTLE_OUTPUT_LIMIT_SCALE 5
1573
1574 void vnc_write(VncState *vs, const void *data, size_t len)
1575 {
1576 assert(vs->magic == VNC_MAGIC);
1577 if (vs->disconnecting) {
1578 return;
1579 }
1580 /* Protection against malicious client/guest to prevent our output
1581 * buffer growing without bound if client stops reading data. This
1582 * should rarely trigger, because we have earlier throttling code
1583 * which stops issuing framebuffer updates and drops audio data
1584 * if the throttle_output_offset value is exceeded. So we only reach
1585 * this higher level if a huge number of pseudo-encodings get
1586 * triggered while data can't be sent on the socket.
1587 *
1588 * NB throttle_output_offset can be zero during early protocol
1589 * handshake, or from the job thread's VncState clone
1590 */
1591 if (vs->throttle_output_offset != 0 &&
1592 (vs->output.offset / VNC_THROTTLE_OUTPUT_LIMIT_SCALE) >
1593 vs->throttle_output_offset) {
1594 trace_vnc_client_output_limit(vs, vs->ioc, vs->output.offset,
1595 vs->throttle_output_offset);
1596 vnc_disconnect_start(vs);
1597 return;
1598 }
1599 buffer_reserve(&vs->output, len);
1600
1601 if (vs->ioc != NULL && buffer_empty(&vs->output)) {
1602 if (vs->ioc_tag) {
1603 g_source_remove(vs->ioc_tag);
1604 }
1605 vs->ioc_tag = qio_channel_add_watch(
1606 vs->ioc, G_IO_IN | G_IO_OUT, vnc_client_io, vs, NULL);
1607 }
1608
1609 buffer_append(&vs->output, data, len);
1610 }
1611
1612 void vnc_write_s32(VncState *vs, int32_t value)
1613 {
1614 vnc_write_u32(vs, *(uint32_t *)&value);
1615 }
1616
1617 void vnc_write_u32(VncState *vs, uint32_t value)
1618 {
1619 uint8_t buf[4];
1620
1621 buf[0] = (value >> 24) & 0xFF;
1622 buf[1] = (value >> 16) & 0xFF;
1623 buf[2] = (value >> 8) & 0xFF;
1624 buf[3] = value & 0xFF;
1625
1626 vnc_write(vs, buf, 4);
1627 }
1628
1629 void vnc_write_u16(VncState *vs, uint16_t value)
1630 {
1631 uint8_t buf[2];
1632
1633 buf[0] = (value >> 8) & 0xFF;
1634 buf[1] = value & 0xFF;
1635
1636 vnc_write(vs, buf, 2);
1637 }
1638
1639 void vnc_write_u8(VncState *vs, uint8_t value)
1640 {
1641 vnc_write(vs, (char *)&value, 1);
1642 }
1643
1644 void vnc_flush(VncState *vs)
1645 {
1646 vnc_lock_output(vs);
1647 if (vs->ioc != NULL && vs->output.offset) {
1648 vnc_client_write_locked(vs);
1649 }
1650 if (vs->disconnecting) {
1651 if (vs->ioc_tag != 0) {
1652 g_source_remove(vs->ioc_tag);
1653 }
1654 vs->ioc_tag = 0;
1655 }
1656 vnc_unlock_output(vs);
1657 }
1658
1659 static uint8_t read_u8(uint8_t *data, size_t offset)
1660 {
1661 return data[offset];
1662 }
1663
1664 static uint16_t read_u16(uint8_t *data, size_t offset)
1665 {
1666 return ((data[offset] & 0xFF) << 8) | (data[offset + 1] & 0xFF);
1667 }
1668
1669 static int32_t read_s32(uint8_t *data, size_t offset)
1670 {
1671 return (int32_t)((data[offset] << 24) | (data[offset + 1] << 16) |
1672 (data[offset + 2] << 8) | data[offset + 3]);
1673 }
1674
1675 uint32_t read_u32(uint8_t *data, size_t offset)
1676 {
1677 return ((data[offset] << 24) | (data[offset + 1] << 16) |
1678 (data[offset + 2] << 8) | data[offset + 3]);
1679 }
1680
1681 static void client_cut_text(VncState *vs, size_t len, uint8_t *text)
1682 {
1683 }
1684
1685 static void check_pointer_type_change(Notifier *notifier, void *data)
1686 {
1687 VncState *vs = container_of(notifier, VncState, mouse_mode_notifier);
1688 int absolute = qemu_input_is_absolute();
1689
1690 if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE) && vs->absolute != absolute) {
1691 vnc_lock_output(vs);
1692 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
1693 vnc_write_u8(vs, 0);
1694 vnc_write_u16(vs, 1);
1695 vnc_framebuffer_update(vs, absolute, 0,
1696 pixman_image_get_width(vs->vd->server),
1697 pixman_image_get_height(vs->vd->server),
1698 VNC_ENCODING_POINTER_TYPE_CHANGE);
1699 vnc_unlock_output(vs);
1700 vnc_flush(vs);
1701 }
1702 vs->absolute = absolute;
1703 }
1704
1705 static void pointer_event(VncState *vs, int button_mask, int x, int y)
1706 {
1707 static uint32_t bmap[INPUT_BUTTON__MAX] = {
1708 [INPUT_BUTTON_LEFT] = 0x01,
1709 [INPUT_BUTTON_MIDDLE] = 0x02,
1710 [INPUT_BUTTON_RIGHT] = 0x04,
1711 [INPUT_BUTTON_WHEEL_UP] = 0x08,
1712 [INPUT_BUTTON_WHEEL_DOWN] = 0x10,
1713 };
1714 QemuConsole *con = vs->vd->dcl.con;
1715 int width = pixman_image_get_width(vs->vd->server);
1716 int height = pixman_image_get_height(vs->vd->server);
1717
1718 if (vs->last_bmask != button_mask) {
1719 qemu_input_update_buttons(con, bmap, vs->last_bmask, button_mask);
1720 vs->last_bmask = button_mask;
1721 }
1722
1723 if (vs->absolute) {
1724 qemu_input_queue_abs(con, INPUT_AXIS_X, x, 0, width);
1725 qemu_input_queue_abs(con, INPUT_AXIS_Y, y, 0, height);
1726 } else if (vnc_has_feature(vs, VNC_FEATURE_POINTER_TYPE_CHANGE)) {
1727 qemu_input_queue_rel(con, INPUT_AXIS_X, x - 0x7FFF);
1728 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - 0x7FFF);
1729 } else {
1730 if (vs->last_x != -1) {
1731 qemu_input_queue_rel(con, INPUT_AXIS_X, x - vs->last_x);
1732 qemu_input_queue_rel(con, INPUT_AXIS_Y, y - vs->last_y);
1733 }
1734 vs->last_x = x;
1735 vs->last_y = y;
1736 }
1737 qemu_input_event_sync();
1738 }
1739
1740 static void reset_keys(VncState *vs)
1741 {
1742 int i;
1743 for(i = 0; i < 256; i++) {
1744 if (vs->modifiers_state[i]) {
1745 qemu_input_event_send_key_number(vs->vd->dcl.con, i, false);
1746 qemu_input_event_send_key_delay(vs->vd->key_delay_ms);
1747 vs->modifiers_state[i] = 0;
1748 }
1749 }
1750 }
1751
1752 static void press_key(VncState *vs, int keysym)
1753 {
1754 int keycode = keysym2scancode(vs->vd->kbd_layout, keysym,
1755 false, false, false) & SCANCODE_KEYMASK;
1756 qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, true);
1757 qemu_input_event_send_key_delay(vs->vd->key_delay_ms);
1758 qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, false);
1759 qemu_input_event_send_key_delay(vs->vd->key_delay_ms);
1760 }
1761
1762 static void vnc_led_state_change(VncState *vs)
1763 {
1764 if (!vnc_has_feature(vs, VNC_FEATURE_LED_STATE)) {
1765 return;
1766 }
1767
1768 vnc_lock_output(vs);
1769 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
1770 vnc_write_u8(vs, 0);
1771 vnc_write_u16(vs, 1);
1772 vnc_framebuffer_update(vs, 0, 0, 1, 1, VNC_ENCODING_LED_STATE);
1773 vnc_write_u8(vs, vs->vd->ledstate);
1774 vnc_unlock_output(vs);
1775 vnc_flush(vs);
1776 }
1777
1778 static void kbd_leds(void *opaque, int ledstate)
1779 {
1780 VncDisplay *vd = opaque;
1781 VncState *client;
1782
1783 trace_vnc_key_guest_leds((ledstate & QEMU_CAPS_LOCK_LED),
1784 (ledstate & QEMU_NUM_LOCK_LED),
1785 (ledstate & QEMU_SCROLL_LOCK_LED));
1786
1787 if (ledstate == vd->ledstate) {
1788 return;
1789 }
1790
1791 vd->ledstate = ledstate;
1792
1793 QTAILQ_FOREACH(client, &vd->clients, next) {
1794 vnc_led_state_change(client);
1795 }
1796 }
1797
1798 static void do_key_event(VncState *vs, int down, int keycode, int sym)
1799 {
1800 /* QEMU console switch */
1801 switch(keycode) {
1802 case 0x2a: /* Left Shift */
1803 case 0x36: /* Right Shift */
1804 case 0x1d: /* Left CTRL */
1805 case 0x9d: /* Right CTRL */
1806 case 0x38: /* Left ALT */
1807 case 0xb8: /* Right ALT */
1808 if (down)
1809 vs->modifiers_state[keycode] = 1;
1810 else
1811 vs->modifiers_state[keycode] = 0;
1812 break;
1813 case 0x02 ... 0x0a: /* '1' to '9' keys */
1814 if (vs->vd->dcl.con == NULL &&
1815 down && vs->modifiers_state[0x1d] && vs->modifiers_state[0x38]) {
1816 /* Reset the modifiers sent to the current console */
1817 reset_keys(vs);
1818 console_select(keycode - 0x02);
1819 return;
1820 }
1821 break;
1822 case 0x3a: /* CapsLock */
1823 case 0x45: /* NumLock */
1824 if (down)
1825 vs->modifiers_state[keycode] ^= 1;
1826 break;
1827 }
1828
1829 /* Turn off the lock state sync logic if the client support the led
1830 state extension.
1831 */
1832 if (down && vs->vd->lock_key_sync &&
1833 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) &&
1834 keycode_is_keypad(vs->vd->kbd_layout, keycode)) {
1835 /* If the numlock state needs to change then simulate an additional
1836 keypress before sending this one. This will happen if the user
1837 toggles numlock away from the VNC window.
1838 */
1839 if (keysym_is_numlock(vs->vd->kbd_layout, sym & 0xFFFF)) {
1840 if (!vs->modifiers_state[0x45]) {
1841 trace_vnc_key_sync_numlock(true);
1842 vs->modifiers_state[0x45] = 1;
1843 press_key(vs, 0xff7f);
1844 }
1845 } else {
1846 if (vs->modifiers_state[0x45]) {
1847 trace_vnc_key_sync_numlock(false);
1848 vs->modifiers_state[0x45] = 0;
1849 press_key(vs, 0xff7f);
1850 }
1851 }
1852 }
1853
1854 if (down && vs->vd->lock_key_sync &&
1855 !vnc_has_feature(vs, VNC_FEATURE_LED_STATE) &&
1856 ((sym >= 'A' && sym <= 'Z') || (sym >= 'a' && sym <= 'z'))) {
1857 /* If the capslock state needs to change then simulate an additional
1858 keypress before sending this one. This will happen if the user
1859 toggles capslock away from the VNC window.
1860 */
1861 int uppercase = !!(sym >= 'A' && sym <= 'Z');
1862 int shift = !!(vs->modifiers_state[0x2a] | vs->modifiers_state[0x36]);
1863 int capslock = !!(vs->modifiers_state[0x3a]);
1864 if (capslock) {
1865 if (uppercase == shift) {
1866 trace_vnc_key_sync_capslock(false);
1867 vs->modifiers_state[0x3a] = 0;
1868 press_key(vs, 0xffe5);
1869 }
1870 } else {
1871 if (uppercase != shift) {
1872 trace_vnc_key_sync_capslock(true);
1873 vs->modifiers_state[0x3a] = 1;
1874 press_key(vs, 0xffe5);
1875 }
1876 }
1877 }
1878
1879 if (qemu_console_is_graphic(NULL)) {
1880 qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, down);
1881 qemu_input_event_send_key_delay(vs->vd->key_delay_ms);
1882 } else {
1883 bool numlock = vs->modifiers_state[0x45];
1884 bool control = (vs->modifiers_state[0x1d] ||
1885 vs->modifiers_state[0x9d]);
1886 /* QEMU console emulation */
1887 if (down) {
1888 switch (keycode) {
1889 case 0x2a: /* Left Shift */
1890 case 0x36: /* Right Shift */
1891 case 0x1d: /* Left CTRL */
1892 case 0x9d: /* Right CTRL */
1893 case 0x38: /* Left ALT */
1894 case 0xb8: /* Right ALT */
1895 break;
1896 case 0xc8:
1897 kbd_put_keysym(QEMU_KEY_UP);
1898 break;
1899 case 0xd0:
1900 kbd_put_keysym(QEMU_KEY_DOWN);
1901 break;
1902 case 0xcb:
1903 kbd_put_keysym(QEMU_KEY_LEFT);
1904 break;
1905 case 0xcd:
1906 kbd_put_keysym(QEMU_KEY_RIGHT);
1907 break;
1908 case 0xd3:
1909 kbd_put_keysym(QEMU_KEY_DELETE);
1910 break;
1911 case 0xc7:
1912 kbd_put_keysym(QEMU_KEY_HOME);
1913 break;
1914 case 0xcf:
1915 kbd_put_keysym(QEMU_KEY_END);
1916 break;
1917 case 0xc9:
1918 kbd_put_keysym(QEMU_KEY_PAGEUP);
1919 break;
1920 case 0xd1:
1921 kbd_put_keysym(QEMU_KEY_PAGEDOWN);
1922 break;
1923
1924 case 0x47:
1925 kbd_put_keysym(numlock ? '7' : QEMU_KEY_HOME);
1926 break;
1927 case 0x48:
1928 kbd_put_keysym(numlock ? '8' : QEMU_KEY_UP);
1929 break;
1930 case 0x49:
1931 kbd_put_keysym(numlock ? '9' : QEMU_KEY_PAGEUP);
1932 break;
1933 case 0x4b:
1934 kbd_put_keysym(numlock ? '4' : QEMU_KEY_LEFT);
1935 break;
1936 case 0x4c:
1937 kbd_put_keysym('5');
1938 break;
1939 case 0x4d:
1940 kbd_put_keysym(numlock ? '6' : QEMU_KEY_RIGHT);
1941 break;
1942 case 0x4f:
1943 kbd_put_keysym(numlock ? '1' : QEMU_KEY_END);
1944 break;
1945 case 0x50:
1946 kbd_put_keysym(numlock ? '2' : QEMU_KEY_DOWN);
1947 break;
1948 case 0x51:
1949 kbd_put_keysym(numlock ? '3' : QEMU_KEY_PAGEDOWN);
1950 break;
1951 case 0x52:
1952 kbd_put_keysym('0');
1953 break;
1954 case 0x53:
1955 kbd_put_keysym(numlock ? '.' : QEMU_KEY_DELETE);
1956 break;
1957
1958 case 0xb5:
1959 kbd_put_keysym('/');
1960 break;
1961 case 0x37:
1962 kbd_put_keysym('*');
1963 break;
1964 case 0x4a:
1965 kbd_put_keysym('-');
1966 break;
1967 case 0x4e:
1968 kbd_put_keysym('+');
1969 break;
1970 case 0x9c:
1971 kbd_put_keysym('\n');
1972 break;
1973
1974 default:
1975 if (control) {
1976 kbd_put_keysym(sym & 0x1f);
1977 } else {
1978 kbd_put_keysym(sym);
1979 }
1980 break;
1981 }
1982 }
1983 }
1984 }
1985
1986 static void vnc_release_modifiers(VncState *vs)
1987 {
1988 static const int keycodes[] = {
1989 /* shift, control, alt keys, both left & right */
1990 0x2a, 0x36, 0x1d, 0x9d, 0x38, 0xb8,
1991 };
1992 int i, keycode;
1993
1994 if (!qemu_console_is_graphic(NULL)) {
1995 return;
1996 }
1997 for (i = 0; i < ARRAY_SIZE(keycodes); i++) {
1998 keycode = keycodes[i];
1999 if (!vs->modifiers_state[keycode]) {
2000 continue;
2001 }
2002 qemu_input_event_send_key_number(vs->vd->dcl.con, keycode, false);
2003 qemu_input_event_send_key_delay(vs->vd->key_delay_ms);
2004 }
2005 }
2006
2007 static const char *code2name(int keycode)
2008 {
2009 return QKeyCode_str(qemu_input_key_number_to_qcode(keycode));
2010 }
2011
2012 static void key_event(VncState *vs, int down, uint32_t sym)
2013 {
2014 bool shift = vs->modifiers_state[0x2a] || vs->modifiers_state[0x36];
2015 bool altgr = vs->modifiers_state[0xb8];
2016 bool ctrl = vs->modifiers_state[0x1d] || vs->modifiers_state[0x9d];
2017 int keycode;
2018 int lsym = sym;
2019
2020 if (lsym >= 'A' && lsym <= 'Z' && qemu_console_is_graphic(NULL)) {
2021 lsym = lsym - 'A' + 'a';
2022 }
2023
2024 keycode = keysym2scancode(vs->vd->kbd_layout, lsym & 0xFFFF,
2025 shift, altgr, ctrl) & SCANCODE_KEYMASK;
2026 trace_vnc_key_event_map(down, sym, keycode, code2name(keycode));
2027 do_key_event(vs, down, keycode, sym);
2028 }
2029
2030 static void ext_key_event(VncState *vs, int down,
2031 uint32_t sym, uint16_t keycode)
2032 {
2033 /* if the user specifies a keyboard layout, always use it */
2034 if (keyboard_layout) {
2035 key_event(vs, down, sym);
2036 } else {
2037 trace_vnc_key_event_ext(down, sym, keycode, code2name(keycode));
2038 do_key_event(vs, down, keycode, sym);
2039 }
2040 }
2041
2042 static void framebuffer_update_request(VncState *vs, int incremental,
2043 int x, int y, int w, int h)
2044 {
2045 if (incremental) {
2046 if (vs->update != VNC_STATE_UPDATE_FORCE) {
2047 vs->update = VNC_STATE_UPDATE_INCREMENTAL;
2048 }
2049 } else {
2050 vs->update = VNC_STATE_UPDATE_FORCE;
2051 vnc_set_area_dirty(vs->dirty, vs->vd, x, y, w, h);
2052 }
2053 }
2054
2055 static void send_ext_key_event_ack(VncState *vs)
2056 {
2057 vnc_lock_output(vs);
2058 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
2059 vnc_write_u8(vs, 0);
2060 vnc_write_u16(vs, 1);
2061 vnc_framebuffer_update(vs, 0, 0,
2062 pixman_image_get_width(vs->vd->server),
2063 pixman_image_get_height(vs->vd->server),
2064 VNC_ENCODING_EXT_KEY_EVENT);
2065 vnc_unlock_output(vs);
2066 vnc_flush(vs);
2067 }
2068
2069 static void send_ext_audio_ack(VncState *vs)
2070 {
2071 vnc_lock_output(vs);
2072 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
2073 vnc_write_u8(vs, 0);
2074 vnc_write_u16(vs, 1);
2075 vnc_framebuffer_update(vs, 0, 0,
2076 pixman_image_get_width(vs->vd->server),
2077 pixman_image_get_height(vs->vd->server),
2078 VNC_ENCODING_AUDIO);
2079 vnc_unlock_output(vs);
2080 vnc_flush(vs);
2081 }
2082
2083 static void set_encodings(VncState *vs, int32_t *encodings, size_t n_encodings)
2084 {
2085 int i;
2086 unsigned int enc = 0;
2087
2088 vs->features = 0;
2089 vs->vnc_encoding = 0;
2090 vs->tight.compression = 9;
2091 vs->tight.quality = -1; /* Lossless by default */
2092 vs->absolute = -1;
2093
2094 /*
2095 * Start from the end because the encodings are sent in order of preference.
2096 * This way the preferred encoding (first encoding defined in the array)
2097 * will be set at the end of the loop.
2098 */
2099 for (i = n_encodings - 1; i >= 0; i--) {
2100 enc = encodings[i];
2101 switch (enc) {
2102 case VNC_ENCODING_RAW:
2103 vs->vnc_encoding = enc;
2104 break;
2105 case VNC_ENCODING_COPYRECT:
2106 vs->features |= VNC_FEATURE_COPYRECT_MASK;
2107 break;
2108 case VNC_ENCODING_HEXTILE:
2109 vs->features |= VNC_FEATURE_HEXTILE_MASK;
2110 vs->vnc_encoding = enc;
2111 break;
2112 case VNC_ENCODING_TIGHT:
2113 vs->features |= VNC_FEATURE_TIGHT_MASK;
2114 vs->vnc_encoding = enc;
2115 break;
2116 #ifdef CONFIG_VNC_PNG
2117 case VNC_ENCODING_TIGHT_PNG:
2118 vs->features |= VNC_FEATURE_TIGHT_PNG_MASK;
2119 vs->vnc_encoding = enc;
2120 break;
2121 #endif
2122 case VNC_ENCODING_ZLIB:
2123 vs->features |= VNC_FEATURE_ZLIB_MASK;
2124 vs->vnc_encoding = enc;
2125 break;
2126 case VNC_ENCODING_ZRLE:
2127 vs->features |= VNC_FEATURE_ZRLE_MASK;
2128 vs->vnc_encoding = enc;
2129 break;
2130 case VNC_ENCODING_ZYWRLE:
2131 vs->features |= VNC_FEATURE_ZYWRLE_MASK;
2132 vs->vnc_encoding = enc;
2133 break;
2134 case VNC_ENCODING_DESKTOPRESIZE:
2135 vs->features |= VNC_FEATURE_RESIZE_MASK;
2136 break;
2137 case VNC_ENCODING_POINTER_TYPE_CHANGE:
2138 vs->features |= VNC_FEATURE_POINTER_TYPE_CHANGE_MASK;
2139 break;
2140 case VNC_ENCODING_RICH_CURSOR:
2141 vs->features |= VNC_FEATURE_RICH_CURSOR_MASK;
2142 if (vs->vd->cursor) {
2143 vnc_cursor_define(vs);
2144 }
2145 break;
2146 case VNC_ENCODING_EXT_KEY_EVENT:
2147 send_ext_key_event_ack(vs);
2148 break;
2149 case VNC_ENCODING_AUDIO:
2150 send_ext_audio_ack(vs);
2151 break;
2152 case VNC_ENCODING_WMVi:
2153 vs->features |= VNC_FEATURE_WMVI_MASK;
2154 break;
2155 case VNC_ENCODING_LED_STATE:
2156 vs->features |= VNC_FEATURE_LED_STATE_MASK;
2157 break;
2158 case VNC_ENCODING_COMPRESSLEVEL0 ... VNC_ENCODING_COMPRESSLEVEL0 + 9:
2159 vs->tight.compression = (enc & 0x0F);
2160 break;
2161 case VNC_ENCODING_QUALITYLEVEL0 ... VNC_ENCODING_QUALITYLEVEL0 + 9:
2162 if (vs->vd->lossy) {
2163 vs->tight.quality = (enc & 0x0F);
2164 }
2165 break;
2166 default:
2167 VNC_DEBUG("Unknown encoding: %d (0x%.8x): %d\n", i, enc, enc);
2168 break;
2169 }
2170 }
2171 vnc_desktop_resize(vs);
2172 check_pointer_type_change(&vs->mouse_mode_notifier, NULL);
2173 vnc_led_state_change(vs);
2174 }
2175
2176 static void set_pixel_conversion(VncState *vs)
2177 {
2178 pixman_format_code_t fmt = qemu_pixman_get_format(&vs->client_pf);
2179
2180 if (fmt == VNC_SERVER_FB_FORMAT) {
2181 vs->write_pixels = vnc_write_pixels_copy;
2182 vnc_hextile_set_pixel_conversion(vs, 0);
2183 } else {
2184 vs->write_pixels = vnc_write_pixels_generic;
2185 vnc_hextile_set_pixel_conversion(vs, 1);
2186 }
2187 }
2188
2189 static void send_color_map(VncState *vs)
2190 {
2191 int i;
2192
2193 vnc_write_u8(vs, VNC_MSG_SERVER_SET_COLOUR_MAP_ENTRIES);
2194 vnc_write_u8(vs, 0); /* padding */
2195 vnc_write_u16(vs, 0); /* first color */
2196 vnc_write_u16(vs, 256); /* # of colors */
2197
2198 for (i = 0; i < 256; i++) {
2199 PixelFormat *pf = &vs->client_pf;
2200
2201 vnc_write_u16(vs, (((i >> pf->rshift) & pf->rmax) << (16 - pf->rbits)));
2202 vnc_write_u16(vs, (((i >> pf->gshift) & pf->gmax) << (16 - pf->gbits)));
2203 vnc_write_u16(vs, (((i >> pf->bshift) & pf->bmax) << (16 - pf->bbits)));
2204 }
2205 }
2206
2207 static void set_pixel_format(VncState *vs, int bits_per_pixel,
2208 int big_endian_flag, int true_color_flag,
2209 int red_max, int green_max, int blue_max,
2210 int red_shift, int green_shift, int blue_shift)
2211 {
2212 if (!true_color_flag) {
2213 /* Expose a reasonable default 256 color map */
2214 bits_per_pixel = 8;
2215 red_max = 7;
2216 green_max = 7;
2217 blue_max = 3;
2218 red_shift = 0;
2219 green_shift = 3;
2220 blue_shift = 6;
2221 }
2222
2223 switch (bits_per_pixel) {
2224 case 8:
2225 case 16:
2226 case 32:
2227 break;
2228 default:
2229 vnc_client_error(vs);
2230 return;
2231 }
2232
2233 vs->client_pf.rmax = red_max ? red_max : 0xFF;
2234 vs->client_pf.rbits = ctpopl(red_max);
2235 vs->client_pf.rshift = red_shift;
2236 vs->client_pf.rmask = red_max << red_shift;
2237 vs->client_pf.gmax = green_max ? green_max : 0xFF;
2238 vs->client_pf.gbits = ctpopl(green_max);
2239 vs->client_pf.gshift = green_shift;
2240 vs->client_pf.gmask = green_max << green_shift;
2241 vs->client_pf.bmax = blue_max ? blue_max : 0xFF;
2242 vs->client_pf.bbits = ctpopl(blue_max);
2243 vs->client_pf.bshift = blue_shift;
2244 vs->client_pf.bmask = blue_max << blue_shift;
2245 vs->client_pf.bits_per_pixel = bits_per_pixel;
2246 vs->client_pf.bytes_per_pixel = bits_per_pixel / 8;
2247 vs->client_pf.depth = bits_per_pixel == 32 ? 24 : bits_per_pixel;
2248 vs->client_be = big_endian_flag;
2249
2250 if (!true_color_flag) {
2251 send_color_map(vs);
2252 }
2253
2254 set_pixel_conversion(vs);
2255
2256 graphic_hw_invalidate(vs->vd->dcl.con);
2257 graphic_hw_update(vs->vd->dcl.con);
2258 }
2259
2260 static void pixel_format_message (VncState *vs) {
2261 char pad[3] = { 0, 0, 0 };
2262
2263 vs->client_pf = qemu_default_pixelformat(32);
2264
2265 vnc_write_u8(vs, vs->client_pf.bits_per_pixel); /* bits-per-pixel */
2266 vnc_write_u8(vs, vs->client_pf.depth); /* depth */
2267
2268 #ifdef HOST_WORDS_BIGENDIAN
2269 vnc_write_u8(vs, 1); /* big-endian-flag */
2270 #else
2271 vnc_write_u8(vs, 0); /* big-endian-flag */
2272 #endif
2273 vnc_write_u8(vs, 1); /* true-color-flag */
2274 vnc_write_u16(vs, vs->client_pf.rmax); /* red-max */
2275 vnc_write_u16(vs, vs->client_pf.gmax); /* green-max */
2276 vnc_write_u16(vs, vs->client_pf.bmax); /* blue-max */
2277 vnc_write_u8(vs, vs->client_pf.rshift); /* red-shift */
2278 vnc_write_u8(vs, vs->client_pf.gshift); /* green-shift */
2279 vnc_write_u8(vs, vs->client_pf.bshift); /* blue-shift */
2280 vnc_write(vs, pad, 3); /* padding */
2281
2282 vnc_hextile_set_pixel_conversion(vs, 0);
2283 vs->write_pixels = vnc_write_pixels_copy;
2284 }
2285
2286 static void vnc_colordepth(VncState *vs)
2287 {
2288 if (vnc_has_feature(vs, VNC_FEATURE_WMVI)) {
2289 /* Sending a WMVi message to notify the client*/
2290 vnc_lock_output(vs);
2291 vnc_write_u8(vs, VNC_MSG_SERVER_FRAMEBUFFER_UPDATE);
2292 vnc_write_u8(vs, 0);
2293 vnc_write_u16(vs, 1); /* number of rects */
2294 vnc_framebuffer_update(vs, 0, 0,
2295 pixman_image_get_width(vs->vd->server),
2296 pixman_image_get_height(vs->vd->server),
2297 VNC_ENCODING_WMVi);
2298 pixel_format_message(vs);
2299 vnc_unlock_output(vs);
2300 vnc_flush(vs);
2301 } else {
2302 set_pixel_conversion(vs);
2303 }
2304 }
2305
2306 static int protocol_client_msg(VncState *vs, uint8_t *data, size_t len)
2307 {
2308 int i;
2309 uint16_t limit;
2310 uint32_t freq;
2311 VncDisplay *vd = vs->vd;
2312
2313 if (data[0] > 3) {
2314 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE);
2315 }
2316
2317 switch (data[0]) {
2318 case VNC_MSG_CLIENT_SET_PIXEL_FORMAT:
2319 if (len == 1)
2320 return 20;
2321
2322 set_pixel_format(vs, read_u8(data, 4),
2323 read_u8(data, 6), read_u8(data, 7),
2324 read_u16(data, 8), read_u16(data, 10),
2325 read_u16(data, 12), read_u8(data, 14),
2326 read_u8(data, 15), read_u8(data, 16));
2327 break;
2328 case VNC_MSG_CLIENT_SET_ENCODINGS:
2329 if (len == 1)
2330 return 4;
2331
2332 if (len == 4) {
2333 limit = read_u16(data, 2);
2334 if (limit > 0)
2335 return 4 + (limit * 4);
2336 } else
2337 limit = read_u16(data, 2);
2338
2339 for (i = 0; i < limit; i++) {
2340 int32_t val = read_s32(data, 4 + (i * 4));
2341 memcpy(data + 4 + (i * 4), &val, sizeof(val));
2342 }
2343
2344 set_encodings(vs, (int32_t *)(data + 4), limit);
2345 break;
2346 case VNC_MSG_CLIENT_FRAMEBUFFER_UPDATE_REQUEST:
2347 if (len == 1)
2348 return 10;
2349
2350 framebuffer_update_request(vs,
2351 read_u8(data, 1), read_u16(data, 2), read_u16(data, 4),
2352 read_u16(data, 6), read_u16(data, 8));
2353 break;
2354 case VNC_MSG_CLIENT_KEY_EVENT:
2355 if (len == 1)
2356 return 8;
2357
2358 key_event(vs, read_u8(data, 1), read_u32(data, 4));
2359 break;
2360 case VNC_MSG_CLIENT_POINTER_EVENT:
2361 if (len == 1)
2362 return 6;
2363
2364 pointer_event(vs, read_u8(data, 1), read_u16(data, 2), read_u16(data, 4));
2365 break;
2366 case VNC_MSG_CLIENT_CUT_TEXT:
2367 if (len == 1) {
2368 return 8;
2369 }
2370 if (len == 8) {
2371 uint32_t dlen = read_u32(data, 4);
2372 if (dlen > (1 << 20)) {
2373 error_report("vnc: client_cut_text msg payload has %u bytes"
2374 " which exceeds our limit of 1MB.", dlen);
2375 vnc_client_error(vs);
2376 break;
2377 }
2378 if (dlen > 0) {
2379 return 8 + dlen;
2380 }
2381 }
2382
2383 client_cut_text(vs, read_u32(data, 4), data + 8);
2384 break;
2385 case VNC_MSG_CLIENT_QEMU:
2386 if (len == 1)
2387 return 2;
2388
2389 switch (read_u8(data, 1)) {
2390 case VNC_MSG_CLIENT_QEMU_EXT_KEY_EVENT:
2391 if (len == 2)
2392 return 12;
2393
2394 ext_key_event(vs, read_u16(data, 2),
2395 read_u32(data, 4), read_u32(data, 8));
2396 break;
2397 case VNC_MSG_CLIENT_QEMU_AUDIO:
2398 if (len == 2)
2399 return 4;
2400
2401 switch (read_u16 (data, 2)) {
2402 case VNC_MSG_CLIENT_QEMU_AUDIO_ENABLE:
2403 audio_add(vs);
2404 break;
2405 case VNC_MSG_CLIENT_QEMU_AUDIO_DISABLE:
2406 audio_del(vs);
2407 break;
2408 case VNC_MSG_CLIENT_QEMU_AUDIO_SET_FORMAT:
2409 if (len == 4)
2410 return 10;
2411 switch (read_u8(data, 4)) {
2412 case 0: vs->as.fmt = AUD_FMT_U8; break;
2413 case 1: vs->as.fmt = AUD_FMT_S8; break;
2414 case 2: vs->as.fmt = AUD_FMT_U16; break;
2415 case 3: vs->as.fmt = AUD_FMT_S16; break;
2416 case 4: vs->as.fmt = AUD_FMT_U32; break;
2417 case 5: vs->as.fmt = AUD_FMT_S32; break;
2418 default:
2419 VNC_DEBUG("Invalid audio format %d\n", read_u8(data, 4));
2420 vnc_client_error(vs);
2421 break;
2422 }
2423 vs->as.nchannels = read_u8(data, 5);
2424 if (vs->as.nchannels != 1 && vs->as.nchannels != 2) {
2425 VNC_DEBUG("Invalid audio channel count %d\n",
2426 read_u8(data, 5));
2427 vnc_client_error(vs);
2428 break;
2429 }
2430 freq = read_u32(data, 6);
2431 /* No official limit for protocol, but 48khz is a sensible
2432 * upper bound for trustworthy clients, and this limit
2433 * protects calculations involving 'vs->as.freq' later.
2434 */
2435 if (freq > 48000) {
2436 VNC_DEBUG("Invalid audio frequency %u > 48000", freq);
2437 vnc_client_error(vs);
2438 break;
2439 }
2440 vs->as.freq = freq;
2441 break;
2442 default:
2443 VNC_DEBUG("Invalid audio message %d\n", read_u8(data, 4));
2444 vnc_client_error(vs);
2445 break;
2446 }
2447 break;
2448
2449 default:
2450 VNC_DEBUG("Msg: %d\n", read_u16(data, 0));
2451 vnc_client_error(vs);
2452 break;
2453 }
2454 break;
2455 default:
2456 VNC_DEBUG("Msg: %d\n", data[0]);
2457 vnc_client_error(vs);
2458 break;
2459 }
2460
2461 vnc_update_throttle_offset(vs);
2462 vnc_read_when(vs, protocol_client_msg, 1);
2463 return 0;
2464 }
2465
2466 static int protocol_client_init(VncState *vs, uint8_t *data, size_t len)
2467 {
2468 char buf[1024];
2469 VncShareMode mode;
2470 int size;
2471
2472 mode = data[0] ? VNC_SHARE_MODE_SHARED : VNC_SHARE_MODE_EXCLUSIVE;
2473 switch (vs->vd->share_policy) {
2474 case VNC_SHARE_POLICY_IGNORE:
2475 /*
2476 * Ignore the shared flag. Nothing to do here.
2477 *
2478 * Doesn't conform to the rfb spec but is traditional qemu
2479 * behavior, thus left here as option for compatibility
2480 * reasons.
2481 */
2482 break;
2483 case VNC_SHARE_POLICY_ALLOW_EXCLUSIVE:
2484 /*
2485 * Policy: Allow clients ask for exclusive access.
2486 *
2487 * Implementation: When a client asks for exclusive access,
2488 * disconnect all others. Shared connects are allowed as long
2489 * as no exclusive connection exists.
2490 *
2491 * This is how the rfb spec suggests to handle the shared flag.
2492 */
2493 if (mode == VNC_SHARE_MODE_EXCLUSIVE) {
2494 VncState *client;
2495 QTAILQ_FOREACH(client, &vs->vd->clients, next) {
2496 if (vs == client) {
2497 continue;
2498 }
2499 if (client->share_mode != VNC_SHARE_MODE_EXCLUSIVE &&
2500 client->share_mode != VNC_SHARE_MODE_SHARED) {
2501 continue;
2502 }
2503 vnc_disconnect_start(client);
2504 }
2505 }
2506 if (mode == VNC_SHARE_MODE_SHARED) {
2507 if (vs->vd->num_exclusive > 0) {
2508 vnc_disconnect_start(vs);
2509 return 0;
2510 }
2511 }
2512 break;
2513 case VNC_SHARE_POLICY_FORCE_SHARED:
2514 /*
2515 * Policy: Shared connects only.
2516 * Implementation: Disallow clients asking for exclusive access.
2517 *
2518 * Useful for shared desktop sessions where you don't want
2519 * someone forgetting to say -shared when running the vnc
2520 * client disconnect everybody else.
2521 */
2522 if (mode == VNC_SHARE_MODE_EXCLUSIVE) {
2523 vnc_disconnect_start(vs);
2524 return 0;
2525 }
2526 break;
2527 }
2528 vnc_set_share_mode(vs, mode);
2529
2530 if (vs->vd->num_shared > vs->vd->connections_limit) {
2531 vnc_disconnect_start(vs);
2532 return 0;
2533 }
2534
2535 assert(pixman_image_get_width(vs->vd->server) < 65536 &&
2536 pixman_image_get_width(vs->vd->server) >= 0);
2537 assert(pixman_image_get_height(vs->vd->server) < 65536 &&
2538 pixman_image_get_height(vs->vd->server) >= 0);
2539 vs->client_width = pixman_image_get_width(vs->vd->server);
2540 vs->client_height = pixman_image_get_height(vs->vd->server);
2541 vnc_write_u16(vs, vs->client_width);
2542 vnc_write_u16(vs, vs->client_height);
2543
2544 pixel_format_message(vs);
2545
2546 if (qemu_name) {
2547 size = snprintf(buf, sizeof(buf), "QEMU (%s)", qemu_name);
2548 if (size > sizeof(buf)) {
2549 size = sizeof(buf);
2550 }
2551 } else {
2552 size = snprintf(buf, sizeof(buf), "QEMU");
2553 }
2554
2555 vnc_write_u32(vs, size);
2556 vnc_write(vs, buf, size);
2557 vnc_flush(vs);
2558
2559 vnc_client_cache_auth(vs);
2560 vnc_qmp_event(vs, QAPI_EVENT_VNC_INITIALIZED);
2561
2562 vnc_read_when(vs, protocol_client_msg, 1);
2563
2564 return 0;
2565 }
2566
2567 void start_client_init(VncState *vs)
2568 {
2569 vnc_read_when(vs, protocol_client_init, 1);
2570 }
2571
2572 static void make_challenge(VncState *vs)
2573 {
2574 int i;
2575
2576 srand(time(NULL)+getpid()+getpid()*987654+rand());
2577
2578 for (i = 0 ; i < sizeof(vs->challenge) ; i++)
2579 vs->challenge[i] = (int) (256.0*rand()/(RAND_MAX+1.0));
2580 }
2581
2582 static int protocol_client_auth_vnc(VncState *vs, uint8_t *data, size_t len)
2583 {
2584 unsigned char response[VNC_AUTH_CHALLENGE_SIZE];
2585 size_t i, pwlen;
2586 unsigned char key[8];
2587 time_t now = time(NULL);
2588 QCryptoCipher *cipher = NULL;
2589 Error *err = NULL;
2590
2591 if (!vs->vd->password) {
2592 trace_vnc_auth_fail(vs, vs->auth, "password is not set", "");
2593 goto reject;
2594 }
2595 if (vs->vd->expires < now) {
2596 trace_vnc_auth_fail(vs, vs->auth, "password is expired", "");
2597 goto reject;
2598 }
2599
2600 memcpy(response, vs->challenge, VNC_AUTH_CHALLENGE_SIZE);
2601
2602 /* Calculate the expected challenge response */
2603 pwlen = strlen(vs->vd->password);
2604 for (i=0; i<sizeof(key); i++)
2605 key[i] = i<pwlen ? vs->vd->password[i] : 0;
2606
2607 cipher = qcrypto_cipher_new(
2608 QCRYPTO_CIPHER_ALG_DES_RFB,
2609 QCRYPTO_CIPHER_MODE_ECB,
2610 key, G_N_ELEMENTS(key),
2611 &err);
2612 if (!cipher) {
2613 trace_vnc_auth_fail(vs, vs->auth, "cannot create cipher",
2614 error_get_pretty(err));
2615 error_free(err);
2616 goto reject;
2617 }
2618
2619 if (qcrypto_cipher_encrypt(cipher,
2620 vs->challenge,
2621 response,
2622 VNC_AUTH_CHALLENGE_SIZE,
2623 &err) < 0) {
2624 trace_vnc_auth_fail(vs, vs->auth, "cannot encrypt challenge response",
2625 error_get_pretty(err));
2626 error_free(err);
2627 goto reject;
2628 }
2629
2630 /* Compare expected vs actual challenge response */
2631 if (memcmp(response, data, VNC_AUTH_CHALLENGE_SIZE) != 0) {
2632 trace_vnc_auth_fail(vs, vs->auth, "mis-matched challenge response", "");
2633 goto reject;
2634 } else {
2635 trace_vnc_auth_pass(vs, vs->auth);
2636 vnc_write_u32(vs, 0); /* Accept auth */
2637 vnc_flush(vs);
2638
2639 start_client_init(vs);
2640 }
2641
2642 qcrypto_cipher_free(cipher);
2643 return 0;
2644
2645 reject:
2646 vnc_write_u32(vs, 1); /* Reject auth */
2647 if (vs->minor >= 8) {
2648 static const char err[] = "Authentication failed";
2649 vnc_write_u32(vs, sizeof(err));
2650 vnc_write(vs, err, sizeof(err));
2651 }
2652 vnc_flush(vs);
2653 vnc_client_error(vs);
2654 qcrypto_cipher_free(cipher);
2655 return 0;
2656 }
2657
2658 void start_auth_vnc(VncState *vs)
2659 {
2660 make_challenge(vs);
2661 /* Send client a 'random' challenge */
2662 vnc_write(vs, vs->challenge, sizeof(vs->challenge));
2663 vnc_flush(vs);
2664
2665 vnc_read_when(vs, protocol_client_auth_vnc, sizeof(vs->challenge));
2666 }
2667
2668
2669 static int protocol_client_auth(VncState *vs, uint8_t *data, size_t len)
2670 {
2671 /* We only advertise 1 auth scheme at a time, so client
2672 * must pick the one we sent. Verify this */
2673 if (data[0] != vs->auth) { /* Reject auth */
2674 trace_vnc_auth_reject(vs, vs->auth, (int)data[0]);
2675 vnc_write_u32(vs, 1);
2676 if (vs->minor >= 8) {
2677 static const char err[] = "Authentication failed";
2678 vnc_write_u32(vs, sizeof(err));
2679 vnc_write(vs, err, sizeof(err));
2680 }
2681 vnc_client_error(vs);
2682 } else { /* Accept requested auth */
2683 trace_vnc_auth_start(vs, vs->auth);
2684 switch (vs->auth) {
2685 case VNC_AUTH_NONE:
2686 if (vs->minor >= 8) {
2687 vnc_write_u32(vs, 0); /* Accept auth completion */
2688 vnc_flush(vs);
2689 }
2690 trace_vnc_auth_pass(vs, vs->auth);
2691 start_client_init(vs);
2692 break;
2693
2694 case VNC_AUTH_VNC:
2695 start_auth_vnc(vs);
2696 break;
2697
2698 case VNC_AUTH_VENCRYPT:
2699 start_auth_vencrypt(vs);
2700 break;
2701
2702 #ifdef CONFIG_VNC_SASL
2703 case VNC_AUTH_SASL:
2704 start_auth_sasl(vs);
2705 break;
2706 #endif /* CONFIG_VNC_SASL */
2707
2708 default: /* Should not be possible, but just in case */
2709 trace_vnc_auth_fail(vs, vs->auth, "Unhandled auth method", "");
2710 vnc_write_u8(vs, 1);
2711 if (vs->minor >= 8) {
2712 static const char err[] = "Authentication failed";
2713 vnc_write_u32(vs, sizeof(err));
2714 vnc_write(vs, err, sizeof(err));
2715 }
2716 vnc_client_error(vs);
2717 }
2718 }
2719 return 0;
2720 }
2721
2722 static int protocol_version(VncState *vs, uint8_t *version, size_t len)
2723 {
2724 char local[13];
2725
2726 memcpy(local, version, 12);
2727 local[12] = 0;
2728
2729 if (sscanf(local, "RFB %03d.%03d\n", &vs->major, &vs->minor) != 2) {
2730 VNC_DEBUG("Malformed protocol version %s\n", local);
2731 vnc_client_error(vs);
2732 return 0;
2733 }
2734 VNC_DEBUG("Client request protocol version %d.%d\n", vs->major, vs->minor);
2735 if (vs->major != 3 ||
2736 (vs->minor != 3 &&
2737 vs->minor != 4 &&
2738 vs->minor != 5 &&
2739 vs->minor != 7 &&
2740 vs->minor != 8)) {
2741 VNC_DEBUG("Unsupported client version\n");
2742 vnc_write_u32(vs, VNC_AUTH_INVALID);
2743 vnc_flush(vs);
2744 vnc_client_error(vs);
2745 return 0;
2746 }
2747 /* Some broken clients report v3.4 or v3.5, which spec requires to be treated
2748 * as equivalent to v3.3 by servers
2749 */
2750 if (vs->minor == 4 || vs->minor == 5)
2751 vs->minor = 3;
2752
2753 if (vs->minor == 3) {
2754 trace_vnc_auth_start(vs, vs->auth);
2755 if (vs->auth == VNC_AUTH_NONE) {
2756 vnc_write_u32(vs, vs->auth);
2757 vnc_flush(vs);
2758 trace_vnc_auth_pass(vs, vs->auth);
2759 start_client_init(vs);
2760 } else if (vs->auth == VNC_AUTH_VNC) {
2761 VNC_DEBUG("Tell client VNC auth\n");
2762 vnc_write_u32(vs, vs->auth);
2763 vnc_flush(vs);
2764 start_auth_vnc(vs);
2765 } else {
2766 trace_vnc_auth_fail(vs, vs->auth,
2767 "Unsupported auth method for v3.3", "");
2768 vnc_write_u32(vs, VNC_AUTH_INVALID);
2769 vnc_flush(vs);
2770 vnc_client_error(vs);
2771 }
2772 } else {
2773 vnc_write_u8(vs, 1); /* num auth */
2774 vnc_write_u8(vs, vs->auth);
2775 vnc_read_when(vs, protocol_client_auth, 1);
2776 vnc_flush(vs);
2777 }
2778
2779 return 0;
2780 }
2781
2782 static VncRectStat *vnc_stat_rect(VncDisplay *vd, int x, int y)
2783 {
2784 struct VncSurface *vs = &vd->guest;
2785
2786 return &vs->stats[y / VNC_STAT_RECT][x / VNC_STAT_RECT];
2787 }
2788
2789 void vnc_sent_lossy_rect(VncState *vs, int x, int y, int w, int h)
2790 {
2791 int i, j;
2792
2793 w = (x + w) / VNC_STAT_RECT;
2794 h = (y + h) / VNC_STAT_RECT;
2795 x /= VNC_STAT_RECT;
2796 y /= VNC_STAT_RECT;
2797
2798 for (j = y; j <= h; j++) {
2799 for (i = x; i <= w; i++) {
2800 vs->lossy_rect[j][i] = 1;
2801 }
2802 }
2803 }
2804
2805 static int vnc_refresh_lossy_rect(VncDisplay *vd, int x, int y)
2806 {
2807 VncState *vs;
2808 int sty = y / VNC_STAT_RECT;
2809 int stx = x / VNC_STAT_RECT;
2810 int has_dirty = 0;
2811
2812 y = QEMU_ALIGN_DOWN(y, VNC_STAT_RECT);
2813 x = QEMU_ALIGN_DOWN(x, VNC_STAT_RECT);
2814
2815 QTAILQ_FOREACH(vs, &vd->clients, next) {
2816 int j;
2817
2818 /* kernel send buffers are full -> refresh later */
2819 if (vs->output.offset) {
2820 continue;
2821 }
2822
2823 if (!vs->lossy_rect[sty][stx]) {
2824 continue;
2825 }
2826
2827 vs->lossy_rect[sty][stx] = 0;
2828 for (j = 0; j < VNC_STAT_RECT; ++j) {
2829 bitmap_set(vs->dirty[y + j],
2830 x / VNC_DIRTY_PIXELS_PER_BIT,
2831 VNC_STAT_RECT / VNC_DIRTY_PIXELS_PER_BIT);
2832 }
2833 has_dirty++;
2834 }
2835
2836 return has_dirty;
2837 }
2838
2839 static int vnc_update_stats(VncDisplay *vd, struct timeval * tv)
2840 {
2841 int width = MIN(pixman_image_get_width(vd->guest.fb),
2842 pixman_image_get_width(vd->server));
2843 int height = MIN(pixman_image_get_height(vd->guest.fb),
2844 pixman_image_get_height(vd->server));
2845 int x, y;
2846 struct timeval res;
2847 int has_dirty = 0;
2848
2849 for (y = 0; y < height; y += VNC_STAT_RECT) {
2850 for (x = 0; x < width; x += VNC_STAT_RECT) {
2851 VncRectStat *rect = vnc_stat_rect(vd, x, y);
2852
2853 rect->updated = false;
2854 }
2855 }
2856
2857 qemu_timersub(tv, &VNC_REFRESH_STATS, &res);
2858
2859 if (timercmp(&vd->guest.last_freq_check, &res, >)) {
2860 return has_dirty;
2861 }
2862 vd->guest.last_freq_check = *tv;
2863
2864 for (y = 0; y < height; y += VNC_STAT_RECT) {
2865 for (x = 0; x < width; x += VNC_STAT_RECT) {
2866 VncRectStat *rect= vnc_stat_rect(vd, x, y);
2867 int count = ARRAY_SIZE(rect->times);
2868 struct timeval min, max;
2869
2870 if (!timerisset(&rect->times[count - 1])) {
2871 continue ;
2872 }
2873
2874 max = rect->times[(rect->idx + count - 1) % count];
2875 qemu_timersub(tv, &max, &res);
2876
2877 if (timercmp(&res, &VNC_REFRESH_LOSSY, >)) {
2878 rect->freq = 0;
2879 has_dirty += vnc_refresh_lossy_rect(vd, x, y);
2880 memset(rect->times, 0, sizeof (rect->times));
2881 continue ;
2882 }
2883
2884 min = rect->times[rect->idx];
2885 max = rect->times[(rect->idx + count - 1) % count];
2886 qemu_timersub(&max, &min, &res);
2887
2888 rect->freq = res.tv_sec + res.tv_usec / 1000000.;
2889 rect->freq /= count;
2890 rect->freq = 1. / rect->freq;
2891 }
2892 }
2893 return has_dirty;
2894 }
2895
2896 double vnc_update_freq(VncState *vs, int x, int y, int w, int h)
2897 {
2898 int i, j;
2899 double total = 0;
2900 int num = 0;
2901
2902 x = QEMU_ALIGN_DOWN(x, VNC_STAT_RECT);
2903 y = QEMU_ALIGN_DOWN(y, VNC_STAT_RECT);
2904
2905 for (j = y; j <= y + h; j += VNC_STAT_RECT) {
2906 for (i = x; i <= x + w; i += VNC_STAT_RECT) {
2907 total += vnc_stat_rect(vs->vd, i, j)->freq;
2908 num++;
2909 }
2910 }
2911
2912 if (num) {
2913 return total / num;
2914 } else {
2915 return 0;
2916 }
2917 }
2918
2919 static void vnc_rect_updated(VncDisplay *vd, int x, int y, struct timeval * tv)
2920 {
2921 VncRectStat *rect;
2922
2923 rect = vnc_stat_rect(vd, x, y);
2924 if (rect->updated) {
2925 return ;
2926 }
2927 rect->times[rect->idx] = *tv;
2928 rect->idx = (rect->idx + 1) % ARRAY_SIZE(rect->times);
2929 rect->updated = true;
2930 }
2931
2932 static int vnc_refresh_server_surface(VncDisplay *vd)
2933 {
2934 int width = MIN(pixman_image_get_width(vd->guest.fb),
2935 pixman_image_get_width(vd->server));
2936 int height = MIN(pixman_image_get_height(vd->guest.fb),
2937 pixman_image_get_height(vd->server));
2938 int cmp_bytes, server_stride, line_bytes, guest_ll, guest_stride, y = 0;
2939 uint8_t *guest_row0 = NULL, *server_row0;
2940 VncState *vs;
2941 int has_dirty = 0;
2942 pixman_image_t *tmpbuf = NULL;
2943
2944 struct timeval tv = { 0, 0 };
2945
2946 if (!vd->non_adaptive) {
2947 gettimeofday(&tv, NULL);
2948 has_dirty = vnc_update_stats(vd, &tv);
2949 }
2950
2951 /*
2952 * Walk through the guest dirty map.
2953 * Check and copy modified bits from guest to server surface.
2954 * Update server dirty map.
2955 */
2956 server_row0 = (uint8_t *)pixman_image_get_data(vd->server);
2957 server_stride = guest_stride = guest_ll =
2958 pixman_image_get_stride(vd->server);
2959 cmp_bytes = MIN(VNC_DIRTY_PIXELS_PER_BIT * VNC_SERVER_FB_BYTES,
2960 server_stride);
2961 if (vd->guest.format != VNC_SERVER_FB_FORMAT) {
2962 int width = pixman_image_get_width(vd->server);
2963 tmpbuf = qemu_pixman_linebuf_create(VNC_SERVER_FB_FORMAT, width);
2964 } else {
2965 int guest_bpp =
2966 PIXMAN_FORMAT_BPP(pixman_image_get_format(vd->guest.fb));
2967 guest_row0 = (uint8_t *)pixman_image_get_data(vd->guest.fb);
2968 guest_stride = pixman_image_get_stride(vd->guest.fb);
2969 guest_ll = pixman_image_get_width(vd->guest.fb)
2970 * DIV_ROUND_UP(guest_bpp, 8);
2971 }
2972 line_bytes = MIN(server_stride, guest_ll);
2973
2974 for (;;) {
2975 int x;
2976 uint8_t *guest_ptr, *server_ptr;
2977 unsigned long offset = find_next_bit((unsigned long *) &vd->guest.dirty,
2978 height * VNC_DIRTY_BPL(&vd->guest),
2979 y * VNC_DIRTY_BPL(&vd->guest));
2980 if (offset == height * VNC_DIRTY_BPL(&vd->guest)) {
2981 /* no more dirty bits */
2982 break;
2983 }
2984 y = offset / VNC_DIRTY_BPL(&vd->guest);
2985 x = offset % VNC_DIRTY_BPL(&vd->guest);
2986
2987 server_ptr = server_row0 + y * server_stride + x * cmp_bytes;
2988
2989 if (vd->guest.format != VNC_SERVER_FB_FORMAT) {
2990 qemu_pixman_linebuf_fill(tmpbuf, vd->guest.fb, width, 0, y);
2991 guest_ptr = (uint8_t *)pixman_image_get_data(tmpbuf);
2992 } else {
2993 guest_ptr = guest_row0 + y * guest_stride;
2994 }
2995 guest_ptr += x * cmp_bytes;
2996
2997 for (; x < DIV_ROUND_UP(width, VNC_DIRTY_PIXELS_PER_BIT);
2998 x++, guest_ptr += cmp_bytes, server_ptr += cmp_bytes) {
2999 int _cmp_bytes = cmp_bytes;
3000 if (!test_and_clear_bit(x, vd->guest.dirty[y])) {
3001 continue;
3002 }
3003 if ((x + 1) * cmp_bytes > line_bytes) {
3004 _cmp_bytes = line_bytes - x * cmp_bytes;
3005 }
3006 assert(_cmp_bytes >= 0);
3007 if (memcmp(server_ptr, guest_ptr, _cmp_bytes) == 0) {
3008 continue;
3009 }
3010 memcpy(server_ptr, guest_ptr, _cmp_bytes);
3011 if (!vd->non_adaptive) {
3012 vnc_rect_updated(vd, x * VNC_DIRTY_PIXELS_PER_BIT,
3013 y, &tv);
3014 }
3015 QTAILQ_FOREACH(vs, &vd->clients, next) {
3016 set_bit(x, vs->dirty[y]);
3017 }
3018 has_dirty++;
3019 }
3020
3021 y++;
3022 }
3023 qemu_pixman_image_unref(tmpbuf);
3024 return has_dirty;
3025 }
3026
3027 static void vnc_refresh(DisplayChangeListener *dcl)
3028 {
3029 VncDisplay *vd = container_of(dcl, VncDisplay, dcl);
3030 VncState *vs, *vn;
3031 int has_dirty, rects = 0;
3032
3033 if (QTAILQ_EMPTY(&vd->clients)) {
3034 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_MAX);
3035 return;
3036 }
3037
3038 graphic_hw_update(vd->dcl.con);
3039
3040 if (vnc_trylock_display(vd)) {
3041 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE);
3042 return;
3043 }
3044
3045 has_dirty = vnc_refresh_server_surface(vd);
3046 vnc_unlock_display(vd);
3047
3048 QTAILQ_FOREACH_SAFE(vs, &vd->clients, next, vn) {
3049 rects += vnc_update_client(vs, has_dirty);
3050 /* vs might be free()ed here */
3051 }
3052
3053 if (has_dirty && rects) {
3054 vd->dcl.update_interval /= 2;
3055 if (vd->dcl.update_interval < VNC_REFRESH_INTERVAL_BASE) {
3056 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_BASE;
3057 }
3058 } else {
3059 vd->dcl.update_interval += VNC_REFRESH_INTERVAL_INC;
3060 if (vd->dcl.update_interval > VNC_REFRESH_INTERVAL_MAX) {
3061 vd->dcl.update_interval = VNC_REFRESH_INTERVAL_MAX;
3062 }
3063 }
3064 }
3065
3066 static void vnc_connect(VncDisplay *vd, QIOChannelSocket *sioc,
3067 bool skipauth, bool websocket)
3068 {
3069 VncState *vs = g_new0(VncState, 1);
3070 bool first_client = QTAILQ_EMPTY(&vd->clients);
3071 int i;
3072
3073 trace_vnc_client_connect(vs, sioc);
3074 vs->magic = VNC_MAGIC;
3075 vs->sioc = sioc;
3076 object_ref(OBJECT(vs->sioc));
3077 vs->ioc = QIO_CHANNEL(sioc);
3078 object_ref(OBJECT(vs->ioc));
3079 vs->vd = vd;
3080
3081 buffer_init(&vs->input, "vnc-input/%p", sioc);
3082 buffer_init(&vs->output, "vnc-output/%p", sioc);
3083 buffer_init(&vs->jobs_buffer, "vnc-jobs_buffer/%p", sioc);
3084
3085 buffer_init(&vs->tight.tight, "vnc-tight/%p", sioc);
3086 buffer_init(&vs->tight.zlib, "vnc-tight-zlib/%p", sioc);
3087 buffer_init(&vs->tight.gradient, "vnc-tight-gradient/%p", sioc);
3088 #ifdef CONFIG_VNC_JPEG
3089 buffer_init(&vs->tight.jpeg, "vnc-tight-jpeg/%p", sioc);
3090 #endif
3091 #ifdef CONFIG_VNC_PNG
3092 buffer_init(&vs->tight.png, "vnc-tight-png/%p", sioc);
3093 #endif
3094 buffer_init(&vs->zlib.zlib, "vnc-zlib/%p", sioc);
3095 buffer_init(&vs->zrle.zrle, "vnc-zrle/%p", sioc);
3096 buffer_init(&vs->zrle.fb, "vnc-zrle-fb/%p", sioc);
3097 buffer_init(&vs->zrle.zlib, "vnc-zrle-zlib/%p", sioc);
3098
3099 if (skipauth) {
3100 vs->auth = VNC_AUTH_NONE;
3101 vs->subauth = VNC_AUTH_INVALID;
3102 } else {
3103 if (websocket) {
3104 vs->auth = vd->ws_auth;
3105 vs->subauth = VNC_AUTH_INVALID;
3106 } else {
3107 vs->auth = vd->auth;
3108 vs->subauth = vd->subauth;
3109 }
3110 }
3111 VNC_DEBUG("Client sioc=%p ws=%d auth=%d subauth=%d\n",
3112 sioc, websocket, vs->auth, vs->subauth);
3113
3114 vs->lossy_rect = g_malloc0(VNC_STAT_ROWS * sizeof (*vs->lossy_rect));
3115 for (i = 0; i < VNC_STAT_ROWS; ++i) {
3116 vs->lossy_rect[i] = g_new0(uint8_t, VNC_STAT_COLS);
3117 }
3118
3119 VNC_DEBUG("New client on socket %p\n", vs->sioc);
3120 update_displaychangelistener(&vd->dcl, VNC_REFRESH_INTERVAL_BASE);
3121 qio_channel_set_blocking(vs->ioc, false, NULL);
3122 if (vs->ioc_tag) {
3123 g_source_remove(vs->ioc_tag);
3124 }
3125 if (websocket) {
3126 vs->websocket = 1;
3127 if (vd->tlscreds) {
3128 vs->ioc_tag = qio_channel_add_watch(
3129 vs->ioc, G_IO_IN, vncws_tls_handshake_io, vs, NULL);
3130 } else {
3131 vs->ioc_tag = qio_channel_add_watch(
3132 vs->ioc, G_IO_IN, vncws_handshake_io, vs, NULL);
3133 }
3134 } else {
3135 vs->ioc_tag = qio_channel_add_watch(
3136 vs->ioc, G_IO_IN, vnc_client_io, vs, NULL);
3137 }
3138
3139 vnc_client_cache_addr(vs);
3140 vnc_qmp_event(vs, QAPI_EVENT_VNC_CONNECTED);
3141 vnc_set_share_mode(vs, VNC_SHARE_MODE_CONNECTING);
3142
3143 vs->last_x = -1;
3144 vs->last_y = -1;
3145
3146 vs->as.freq = 44100;
3147 vs->as.nchannels = 2;
3148 vs->as.fmt = AUD_FMT_S16;
3149 vs->as.endianness = 0;
3150
3151 qemu_mutex_init(&vs->output_mutex);
3152 vs->bh = qemu_bh_new(vnc_jobs_bh, vs);
3153
3154 QTAILQ_INSERT_TAIL(&vd->clients, vs, next);
3155 if (first_client) {
3156 vnc_update_server_surface(vd);
3157 }
3158
3159 graphic_hw_update(vd->dcl.con);
3160
3161 if (!vs->websocket) {
3162 vnc_start_protocol(vs);
3163 }
3164
3165 if (vd->num_connecting > vd->connections_limit) {
3166 QTAILQ_FOREACH(vs, &vd->clients, next) {
3167 if (vs->share_mode == VNC_SHARE_MODE_CONNECTING) {
3168 vnc_disconnect_start(vs);
3169 return;
3170 }
3171 }
3172 }
3173 }
3174
3175 void vnc_start_protocol(VncState *vs)
3176 {
3177 vnc_write(vs, "RFB 003.008\n", 12);
3178 vnc_flush(vs);
3179 vnc_read_when(vs, protocol_version, 12);
3180
3181 vs->mouse_mode_notifier.notify = check_pointer_type_change;
3182 qemu_add_mouse_mode_change_notifier(&vs->mouse_mode_notifier);
3183 }
3184
3185 static void vnc_listen_io(QIONetListener *listener,
3186 QIOChannelSocket *cioc,
3187 void *opaque)
3188 {
3189 VncDisplay *vd = opaque;
3190 bool isWebsock = listener == vd->wslistener;
3191
3192 qio_channel_set_name(QIO_CHANNEL(cioc),
3193 isWebsock ? "vnc-ws-server" : "vnc-server");
3194 qio_channel_set_delay(QIO_CHANNEL(cioc), false);
3195 vnc_connect(vd, cioc, false, isWebsock);
3196 }
3197
3198 static const DisplayChangeListenerOps dcl_ops = {
3199 .dpy_name = "vnc",
3200 .dpy_refresh = vnc_refresh,
3201 .dpy_gfx_update = vnc_dpy_update,
3202 .dpy_gfx_switch = vnc_dpy_switch,
3203 .dpy_gfx_check_format = qemu_pixman_check_format,
3204 .dpy_mouse_set = vnc_mouse_set,
3205 .dpy_cursor_define = vnc_dpy_cursor_define,
3206 };
3207
3208 void vnc_display_init(const char *id)
3209 {
3210 VncDisplay *vd;
3211
3212 if (vnc_display_find(id) != NULL) {
3213 return;
3214 }
3215 vd = g_malloc0(sizeof(*vd));
3216
3217 vd->id = strdup(id);
3218 QTAILQ_INSERT_TAIL(&vnc_displays, vd, next);
3219
3220 QTAILQ_INIT(&vd->clients);
3221 vd->expires = TIME_MAX;
3222
3223 if (keyboard_layout) {
3224 trace_vnc_key_map_init(keyboard_layout);
3225 vd->kbd_layout = init_keyboard_layout(name2keysym, keyboard_layout);
3226 } else {
3227 vd->kbd_layout = init_keyboard_layout(name2keysym, "en-us");
3228 }
3229
3230 if (!vd->kbd_layout) {
3231 exit(1);
3232 }
3233
3234 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
3235 vd->connections_limit = 32;
3236
3237 qemu_mutex_init(&vd->mutex);
3238 vnc_start_worker_thread();
3239
3240 vd->dcl.ops = &dcl_ops;
3241 register_displaychangelistener(&vd->dcl);
3242 }
3243
3244
3245 static void vnc_display_close(VncDisplay *vd)
3246 {
3247 if (!vd) {
3248 return;
3249 }
3250 vd->is_unix = false;
3251
3252 if (vd->listener) {
3253 qio_net_listener_disconnect(vd->listener);
3254 object_unref(OBJECT(vd->listener));
3255 }
3256 vd->listener = NULL;
3257
3258 if (vd->wslistener) {
3259 qio_net_listener_disconnect(vd->wslistener);
3260 object_unref(OBJECT(vd->wslistener));
3261 }
3262 vd->wslistener = NULL;
3263
3264 vd->auth = VNC_AUTH_INVALID;
3265 vd->subauth = VNC_AUTH_INVALID;
3266 if (vd->tlscreds) {
3267 object_unparent(OBJECT(vd->tlscreds));
3268 vd->tlscreds = NULL;
3269 }
3270 g_free(vd->tlsaclname);
3271 vd->tlsaclname = NULL;
3272 if (vd->lock_key_sync) {
3273 qemu_remove_led_event_handler(vd->led);
3274 vd->led = NULL;
3275 }
3276 }
3277
3278 int vnc_display_password(const char *id, const char *password)
3279 {
3280 VncDisplay *vd = vnc_display_find(id);
3281
3282 if (!vd) {
3283 return -EINVAL;
3284 }
3285 if (vd->auth == VNC_AUTH_NONE) {
3286 error_printf_unless_qmp("If you want use passwords please enable "
3287 "password auth using '-vnc ${dpy},password'.\n");
3288 return -EINVAL;
3289 }
3290
3291 g_free(vd->password);
3292 vd->password = g_strdup(password);
3293
3294 return 0;
3295 }
3296
3297 int vnc_display_pw_expire(const char *id, time_t expires)
3298 {
3299 VncDisplay *vd = vnc_display_find(id);
3300
3301 if (!vd) {
3302 return -EINVAL;
3303 }
3304
3305 vd->expires = expires;
3306 return 0;
3307 }
3308
3309 static void vnc_display_print_local_addr(VncDisplay *vd)
3310 {
3311 SocketAddress *addr;
3312 Error *err = NULL;
3313
3314 if (!vd->listener || !vd->listener->nsioc) {
3315 return;
3316 }
3317
3318 addr = qio_channel_socket_get_local_address(vd->listener->sioc[0], &err);
3319 if (!addr) {
3320 return;
3321 }
3322
3323 if (addr->type != SOCKET_ADDRESS_TYPE_INET) {
3324 qapi_free_SocketAddress(addr);
3325 return;
3326 }
3327 error_printf_unless_qmp("VNC server running on %s:%s\n",
3328 addr->u.inet.host,
3329 addr->u.inet.port);
3330 qapi_free_SocketAddress(addr);
3331 }
3332
3333 static QemuOptsList qemu_vnc_opts = {
3334 .name = "vnc",
3335 .head = QTAILQ_HEAD_INITIALIZER(qemu_vnc_opts.head),
3336 .implied_opt_name = "vnc",
3337 .desc = {
3338 {
3339 .name = "vnc",
3340 .type = QEMU_OPT_STRING,
3341 },{
3342 .name = "websocket",
3343 .type = QEMU_OPT_STRING,
3344 },{
3345 .name = "tls-creds",
3346 .type = QEMU_OPT_STRING,
3347 },{
3348 .name = "share",
3349 .type = QEMU_OPT_STRING,
3350 },{
3351 .name = "display",
3352 .type = QEMU_OPT_STRING,
3353 },{
3354 .name = "head",
3355 .type = QEMU_OPT_NUMBER,
3356 },{
3357 .name = "connections",
3358 .type = QEMU_OPT_NUMBER,
3359 },{
3360 .name = "to",
3361 .type = QEMU_OPT_NUMBER,
3362 },{
3363 .name = "ipv4",
3364 .type = QEMU_OPT_BOOL,
3365 },{
3366 .name = "ipv6",
3367 .type = QEMU_OPT_BOOL,
3368 },{
3369 .name = "password",
3370 .type = QEMU_OPT_BOOL,
3371 },{
3372 .name = "reverse",
3373 .type = QEMU_OPT_BOOL,
3374 },{
3375 .name = "lock-key-sync",
3376 .type = QEMU_OPT_BOOL,
3377 },{
3378 .name = "key-delay-ms",
3379 .type = QEMU_OPT_NUMBER,
3380 },{
3381 .name = "sasl",
3382 .type = QEMU_OPT_BOOL,
3383 },{
3384 .name = "acl",
3385 .type = QEMU_OPT_BOOL,
3386 },{
3387 .name = "lossy",
3388 .type = QEMU_OPT_BOOL,
3389 },{
3390 .name = "non-adaptive",
3391 .type = QEMU_OPT_BOOL,
3392 },
3393 { /* end of list */ }
3394 },
3395 };
3396
3397
3398 static int
3399 vnc_display_setup_auth(int *auth,
3400 int *subauth,
3401 QCryptoTLSCreds *tlscreds,
3402 bool password,
3403 bool sasl,
3404 bool websocket,
3405 Error **errp)
3406 {
3407 /*
3408 * We have a choice of 3 authentication options
3409 *
3410 * 1. none
3411 * 2. vnc
3412 * 3. sasl
3413 *
3414 * The channel can be run in 2 modes
3415 *
3416 * 1. clear
3417 * 2. tls
3418 *
3419 * And TLS can use 2 types of credentials
3420 *
3421 * 1. anon
3422 * 2. x509
3423 *
3424 * We thus have 9 possible logical combinations
3425 *
3426 * 1. clear + none
3427 * 2. clear + vnc
3428 * 3. clear + sasl
3429 * 4. tls + anon + none
3430 * 5. tls + anon + vnc
3431 * 6. tls + anon + sasl
3432 * 7. tls + x509 + none
3433 * 8. tls + x509 + vnc
3434 * 9. tls + x509 + sasl
3435 *
3436 * These need to be mapped into the VNC auth schemes
3437 * in an appropriate manner. In regular VNC, all the
3438 * TLS options get mapped into VNC_AUTH_VENCRYPT
3439 * sub-auth types.
3440 *
3441 * In websockets, the https:// protocol already provides
3442 * TLS support, so there is no need to make use of the
3443 * VeNCrypt extension. Furthermore, websockets browser
3444 * clients could not use VeNCrypt even if they wanted to,
3445 * as they cannot control when the TLS handshake takes
3446 * place. Thus there is no option but to rely on https://,
3447 * meaning combinations 4->6 and 7->9 will be mapped to
3448 * VNC auth schemes in the same way as combos 1->3.
3449 *
3450 * Regardless of fact that we have a different mapping to
3451 * VNC auth mechs for plain VNC vs websockets VNC, the end
3452 * result has the same security characteristics.
3453 */
3454 if (websocket || !tlscreds) {
3455 if (password) {
3456 VNC_DEBUG("Initializing VNC server with password auth\n");
3457 *auth = VNC_AUTH_VNC;
3458 } else if (sasl) {
3459 VNC_DEBUG("Initializing VNC server with SASL auth\n");
3460 *auth = VNC_AUTH_SASL;
3461 } else {
3462 VNC_DEBUG("Initializing VNC server with no auth\n");
3463 *auth = VNC_AUTH_NONE;
3464 }
3465 *subauth = VNC_AUTH_INVALID;
3466 } else {
3467 bool is_x509 = object_dynamic_cast(OBJECT(tlscreds),
3468 TYPE_QCRYPTO_TLS_CREDS_X509) != NULL;
3469 bool is_anon = object_dynamic_cast(OBJECT(tlscreds),
3470 TYPE_QCRYPTO_TLS_CREDS_ANON) != NULL;
3471
3472 if (!is_x509 && !is_anon) {
3473 error_setg(errp,
3474 "Unsupported TLS cred type %s",
3475 object_get_typename(OBJECT(tlscreds)));
3476 return -1;
3477 }
3478 *auth = VNC_AUTH_VENCRYPT;
3479 if (password) {
3480 if (is_x509) {
3481 VNC_DEBUG("Initializing VNC server with x509 password auth\n");
3482 *subauth = VNC_AUTH_VENCRYPT_X509VNC;
3483 } else {
3484 VNC_DEBUG("Initializing VNC server with TLS password auth\n");
3485 *subauth = VNC_AUTH_VENCRYPT_TLSVNC;
3486 }
3487
3488 } else if (sasl) {
3489 if (is_x509) {
3490 VNC_DEBUG("Initializing VNC server with x509 SASL auth\n");
3491 *subauth = VNC_AUTH_VENCRYPT_X509SASL;
3492 } else {
3493 VNC_DEBUG("Initializing VNC server with TLS SASL auth\n");
3494 *subauth = VNC_AUTH_VENCRYPT_TLSSASL;
3495 }
3496 } else {
3497 if (is_x509) {
3498 VNC_DEBUG("Initializing VNC server with x509 no auth\n");
3499 *subauth = VNC_AUTH_VENCRYPT_X509NONE;
3500 } else {
3501 VNC_DEBUG("Initializing VNC server with TLS no auth\n");
3502 *subauth = VNC_AUTH_VENCRYPT_TLSNONE;
3503 }
3504 }
3505 }
3506 return 0;
3507 }
3508
3509
3510 static int vnc_display_get_address(const char *addrstr,
3511 bool websocket,
3512 bool reverse,
3513 int displaynum,
3514 int to,
3515 bool has_ipv4,
3516 bool has_ipv6,
3517 bool ipv4,
3518 bool ipv6,
3519 SocketAddress **retaddr,
3520 Error **errp)
3521 {
3522 int ret = -1;
3523 SocketAddress *addr = NULL;
3524
3525 addr = g_new0(SocketAddress, 1);
3526
3527 if (strncmp(addrstr, "unix:", 5) == 0) {
3528 addr->type = SOCKET_ADDRESS_TYPE_UNIX;
3529 addr->u.q_unix.path = g_strdup(addrstr + 5);
3530
3531 if (websocket) {
3532 error_setg(errp, "UNIX sockets not supported with websock");
3533 goto cleanup;
3534 }
3535
3536 if (to) {
3537 error_setg(errp, "Port range not support with UNIX socket");
3538 goto cleanup;
3539 }
3540 ret = 0;
3541 } else {
3542 const char *port;
3543 size_t hostlen;
3544 unsigned long long baseport = 0;
3545 InetSocketAddress *inet;
3546
3547 port = strrchr(addrstr, ':');
3548 if (!port) {
3549 if (websocket) {
3550 hostlen = 0;
3551 port = addrstr;
3552 } else {
3553 error_setg(errp, "no vnc port specified");
3554 goto cleanup;
3555 }
3556 } else {
3557 hostlen = port - addrstr;
3558 port++;
3559 if (*port == '\0') {
3560 error_setg(errp, "vnc port cannot be empty");
3561 goto cleanup;
3562 }
3563 }
3564
3565 addr->type = SOCKET_ADDRESS_TYPE_INET;
3566 inet = &addr->u.inet;
3567 if (addrstr[0] == '[' && addrstr[hostlen - 1] == ']') {
3568 inet->host = g_strndup(addrstr + 1, hostlen - 2);
3569 } else {
3570 inet->host = g_strndup(addrstr, hostlen);
3571 }
3572 /* plain VNC port is just an offset, for websocket
3573 * port is absolute */
3574 if (websocket) {
3575 if (g_str_equal(addrstr, "") ||
3576 g_str_equal(addrstr, "on")) {
3577 if (displaynum == -1) {
3578 error_setg(errp, "explicit websocket port is required");
3579 goto cleanup;
3580 }
3581 inet->port = g_strdup_printf(
3582 "%d", displaynum + 5700);
3583 if (to) {
3584 inet->has_to = true;
3585 inet->to = to + 5700;
3586 }
3587 } else {
3588 inet->port = g_strdup(port);
3589 }
3590 } else {
3591 int offset = reverse ? 0 : 5900;
3592 if (parse_uint_full(port, &baseport, 10) < 0) {
3593 error_setg(errp, "can't convert to a number: %s", port);
3594 goto cleanup;
3595 }
3596 if (baseport > 65535 ||
3597 baseport + offset > 65535) {
3598 error_setg(errp, "port %s out of range", port);
3599 goto cleanup;
3600 }
3601 inet->port = g_strdup_printf(
3602 "%d", (int)baseport + offset);
3603
3604 if (to) {
3605 inet->has_to = true;
3606 inet->to = to + offset;
3607 }
3608 }
3609
3610 inet->ipv4 = ipv4;
3611 inet->has_ipv4 = has_ipv4;
3612 inet->ipv6 = ipv6;
3613 inet->has_ipv6 = has_ipv6;
3614
3615 ret = baseport;
3616 }
3617
3618 *retaddr = addr;
3619
3620 cleanup:
3621 if (ret < 0) {
3622 qapi_free_SocketAddress(addr);
3623 }
3624 return ret;
3625 }
3626
3627 static void vnc_free_addresses(SocketAddress ***retsaddr,
3628 size_t *retnsaddr)
3629 {
3630 size_t i;
3631
3632 for (i = 0; i < *retnsaddr; i++) {
3633 qapi_free_SocketAddress((*retsaddr)[i]);
3634 }
3635 g_free(*retsaddr);
3636
3637 *retsaddr = NULL;
3638 *retnsaddr = 0;
3639 }
3640
3641 static int vnc_display_get_addresses(QemuOpts *opts,
3642 bool reverse,
3643 SocketAddress ***retsaddr,
3644 size_t *retnsaddr,
3645 SocketAddress ***retwsaddr,
3646 size_t *retnwsaddr,
3647 Error **errp)
3648 {
3649 SocketAddress *saddr = NULL;
3650 SocketAddress *wsaddr = NULL;
3651 QemuOptsIter addriter;
3652 const char *addr;
3653 int to = qemu_opt_get_number(opts, "to", 0);
3654 bool has_ipv4 = qemu_opt_get(opts, "ipv4");
3655 bool has_ipv6 = qemu_opt_get(opts, "ipv6");
3656 bool ipv4 = qemu_opt_get_bool(opts, "ipv4", false);
3657 bool ipv6 = qemu_opt_get_bool(opts, "ipv6", false);
3658 int displaynum = -1;
3659 int ret = -1;
3660
3661 *retsaddr = NULL;
3662 *retnsaddr = 0;
3663 *retwsaddr = NULL;
3664 *retnwsaddr = 0;
3665
3666 addr = qemu_opt_get(opts, "vnc");
3667 if (addr == NULL || g_str_equal(addr, "none")) {
3668 ret = 0;
3669 goto cleanup;
3670 }
3671 if (qemu_opt_get(opts, "websocket") &&
3672 !qcrypto_hash_supports(QCRYPTO_HASH_ALG_SHA1)) {
3673 error_setg(errp,
3674 "SHA1 hash support is required for websockets");
3675 goto cleanup;
3676 }
3677
3678 qemu_opt_iter_init(&addriter, opts, "vnc");
3679 while ((addr = qemu_opt_iter_next(&addriter)) != NULL) {
3680 int rv;
3681 rv = vnc_display_get_address(addr, false, reverse, 0, to,
3682 has_ipv4, has_ipv6,
3683 ipv4, ipv6,
3684 &saddr, errp);
3685 if (rv < 0) {
3686 goto cleanup;
3687 }
3688 /* Historical compat - first listen address can be used
3689 * to set the default websocket port
3690 */
3691 if (displaynum == -1) {
3692 displaynum = rv;
3693 }
3694 *retsaddr = g_renew(SocketAddress *, *retsaddr, *retnsaddr + 1);
3695 (*retsaddr)[(*retnsaddr)++] = saddr;
3696 }
3697
3698 /* If we had multiple primary displays, we don't do defaults
3699 * for websocket, and require explicit config instead. */
3700 if (*retnsaddr > 1) {
3701 displaynum = -1;
3702 }
3703
3704 qemu_opt_iter_init(&addriter, opts, "websocket");
3705 while ((addr = qemu_opt_iter_next(&addriter)) != NULL) {
3706 if (vnc_display_get_address(addr, true, reverse, displaynum, to,
3707 has_ipv4, has_ipv6,
3708 ipv4, ipv6,
3709 &wsaddr, errp) < 0) {
3710 goto cleanup;
3711 }
3712
3713 /* Historical compat - if only a single listen address was
3714 * provided, then this is used to set the default listen
3715 * address for websocket too
3716 */
3717 if (*retnsaddr == 1 &&
3718 (*retsaddr)[0]->type == SOCKET_ADDRESS_TYPE_INET &&
3719 wsaddr->type == SOCKET_ADDRESS_TYPE_INET &&
3720 g_str_equal(wsaddr->u.inet.host, "") &&
3721 !g_str_equal((*retsaddr)[0]->u.inet.host, "")) {
3722 g_free(wsaddr->u.inet.host);
3723 wsaddr->u.inet.host = g_strdup((*retsaddr)[0]->u.inet.host);
3724 }
3725
3726 *retwsaddr = g_renew(SocketAddress *, *retwsaddr, *retnwsaddr + 1);
3727 (*retwsaddr)[(*retnwsaddr)++] = wsaddr;
3728 }
3729
3730 ret = 0;
3731 cleanup:
3732 if (ret < 0) {
3733 vnc_free_addresses(retsaddr, retnsaddr);
3734 vnc_free_addresses(retwsaddr, retnwsaddr);
3735 }
3736 return ret;
3737 }
3738
3739 static int vnc_display_connect(VncDisplay *vd,
3740 SocketAddress **saddr,
3741 size_t nsaddr,
3742 SocketAddress **wsaddr,
3743 size_t nwsaddr,
3744 Error **errp)
3745 {
3746 /* connect to viewer */
3747 QIOChannelSocket *sioc = NULL;
3748 if (nwsaddr != 0) {
3749 error_setg(errp, "Cannot use websockets in reverse mode");
3750 return -1;
3751 }
3752 if (nsaddr != 1) {
3753 error_setg(errp, "Expected a single address in reverse mode");
3754 return -1;
3755 }
3756 /* TODO SOCKET_ADDRESS_TYPE_FD when fd has AF_UNIX */
3757 vd->is_unix = saddr[0]->type == SOCKET_ADDRESS_TYPE_UNIX;
3758 sioc = qio_channel_socket_new();
3759 qio_channel_set_name(QIO_CHANNEL(sioc), "vnc-reverse");
3760 if (qio_channel_socket_connect_sync(sioc, saddr[0], errp) < 0) {
3761 return -1;
3762 }
3763 vnc_connect(vd, sioc, false, false);
3764 object_unref(OBJECT(sioc));
3765 return 0;
3766 }
3767
3768
3769 static int vnc_display_listen(VncDisplay *vd,
3770 SocketAddress **saddr,
3771 size_t nsaddr,
3772 SocketAddress **wsaddr,
3773 size_t nwsaddr,
3774 Error **errp)
3775 {
3776 size_t i;
3777
3778 if (nsaddr) {
3779 vd->listener = qio_net_listener_new();
3780 qio_net_listener_set_name(vd->listener, "vnc-listen");
3781 for (i = 0; i < nsaddr; i++) {
3782 if (qio_net_listener_open_sync(vd->listener,
3783 saddr[i],
3784 errp) < 0) {
3785 return -1;
3786 }
3787 }
3788
3789 qio_net_listener_set_client_func(vd->listener,
3790 vnc_listen_io, vd, NULL);
3791 }
3792
3793 if (nwsaddr) {
3794 vd->wslistener = qio_net_listener_new();
3795 qio_net_listener_set_name(vd->wslistener, "vnc-ws-listen");
3796 for (i = 0; i < nwsaddr; i++) {
3797 if (qio_net_listener_open_sync(vd->wslistener,
3798 wsaddr[i],
3799 errp) < 0) {
3800 return -1;
3801 }
3802 }
3803
3804 qio_net_listener_set_client_func(vd->wslistener,
3805 vnc_listen_io, vd, NULL);
3806 }
3807
3808 return 0;
3809 }
3810
3811
3812 void vnc_display_open(const char *id, Error **errp)
3813 {
3814 VncDisplay *vd = vnc_display_find(id);
3815 QemuOpts *opts = qemu_opts_find(&qemu_vnc_opts, id);
3816 SocketAddress **saddr = NULL, **wsaddr = NULL;
3817 size_t nsaddr, nwsaddr;
3818 const char *share, *device_id;
3819 QemuConsole *con;
3820 bool password = false;
3821 bool reverse = false;
3822 const char *credid;
3823 bool sasl = false;
3824 #ifdef CONFIG_VNC_SASL
3825 int saslErr;
3826 #endif
3827 int acl = 0;
3828 int lock_key_sync = 1;
3829 int key_delay_ms;
3830
3831 if (!vd) {
3832 error_setg(errp, "VNC display not active");
3833 return;
3834 }
3835 vnc_display_close(vd);
3836
3837 if (!opts) {
3838 return;
3839 }
3840
3841 reverse = qemu_opt_get_bool(opts, "reverse", false);
3842 if (vnc_display_get_addresses(opts, reverse, &saddr, &nsaddr,
3843 &wsaddr, &nwsaddr, errp) < 0) {
3844 goto fail;
3845 }
3846
3847 password = qemu_opt_get_bool(opts, "password", false);
3848 if (password) {
3849 if (fips_get_state()) {
3850 error_setg(errp,
3851 "VNC password auth disabled due to FIPS mode, "
3852 "consider using the VeNCrypt or SASL authentication "
3853 "methods as an alternative");
3854 goto fail;
3855 }
3856 if (!qcrypto_cipher_supports(
3857 QCRYPTO_CIPHER_ALG_DES_RFB, QCRYPTO_CIPHER_MODE_ECB)) {
3858 error_setg(errp,
3859 "Cipher backend does not support DES RFB algorithm");
3860 goto fail;
3861 }
3862 }
3863
3864 lock_key_sync = qemu_opt_get_bool(opts, "lock-key-sync", true);
3865 key_delay_ms = qemu_opt_get_number(opts, "key-delay-ms", 10);
3866 sasl = qemu_opt_get_bool(opts, "sasl", false);
3867 #ifndef CONFIG_VNC_SASL
3868 if (sasl) {
3869 error_setg(errp, "VNC SASL auth requires cyrus-sasl support");
3870 goto fail;
3871 }
3872 #endif /* CONFIG_VNC_SASL */
3873 credid = qemu_opt_get(opts, "tls-creds");
3874 if (credid) {
3875 Object *creds;
3876 creds = object_resolve_path_component(
3877 object_get_objects_root(), credid);
3878 if (!creds) {
3879 error_setg(errp, "No TLS credentials with id '%s'",
3880 credid);
3881 goto fail;
3882 }
3883 vd->tlscreds = (QCryptoTLSCreds *)
3884 object_dynamic_cast(creds,
3885 TYPE_QCRYPTO_TLS_CREDS);
3886 if (!vd->tlscreds) {
3887 error_setg(errp, "Object with id '%s' is not TLS credentials",
3888 credid);
3889 goto fail;
3890 }
3891 object_ref(OBJECT(vd->tlscreds));
3892
3893 if (vd->tlscreds->endpoint != QCRYPTO_TLS_CREDS_ENDPOINT_SERVER) {
3894 error_setg(errp,
3895 "Expecting TLS credentials with a server endpoint");
3896 goto fail;
3897 }
3898 }
3899 acl = qemu_opt_get_bool(opts, "acl", false);
3900
3901 share = qemu_opt_get(opts, "share");
3902 if (share) {
3903 if (strcmp(share, "ignore") == 0) {
3904 vd->share_policy = VNC_SHARE_POLICY_IGNORE;
3905 } else if (strcmp(share, "allow-exclusive") == 0) {
3906 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
3907 } else if (strcmp(share, "force-shared") == 0) {
3908 vd->share_policy = VNC_SHARE_POLICY_FORCE_SHARED;
3909 } else {
3910 error_setg(errp, "unknown vnc share= option");
3911 goto fail;
3912 }
3913 } else {
3914 vd->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
3915 }
3916 vd->connections_limit = qemu_opt_get_number(opts, "connections", 32);
3917
3918 #ifdef CONFIG_VNC_JPEG
3919 vd->lossy = qemu_opt_get_bool(opts, "lossy", false);
3920 #endif
3921 vd->non_adaptive = qemu_opt_get_bool(opts, "non-adaptive", false);
3922 /* adaptive updates are only used with tight encoding and
3923 * if lossy updates are enabled so we can disable all the
3924 * calculations otherwise */
3925 if (!vd->lossy) {
3926 vd->non_adaptive = true;
3927 }
3928
3929 if (acl) {
3930 if (strcmp(vd->id, "default") == 0) {
3931 vd->tlsaclname = g_strdup("vnc.x509dname");
3932 } else {
3933 vd->tlsaclname = g_strdup_printf("vnc.%s.x509dname", vd->id);
3934 }
3935 qemu_acl_init(vd->tlsaclname);
3936 }
3937 #ifdef CONFIG_VNC_SASL
3938 if (acl && sasl) {
3939 char *aclname;
3940
3941 if (strcmp(vd->id, "default") == 0) {
3942 aclname = g_strdup("vnc.username");
3943 } else {
3944 aclname = g_strdup_printf("vnc.%s.username", vd->id);
3945 }
3946 vd->sasl.acl = qemu_acl_init(aclname);
3947 g_free(aclname);
3948 }
3949 #endif
3950
3951 if (vnc_display_setup_auth(&vd->auth, &vd->subauth,
3952 vd->tlscreds, password,
3953 sasl, false, errp) < 0) {
3954 goto fail;
3955 }
3956 trace_vnc_auth_init(vd, 0, vd->auth, vd->subauth);
3957
3958 if (vnc_display_setup_auth(&vd->ws_auth, &vd->ws_subauth,
3959 vd->tlscreds, password,
3960 sasl, true, errp) < 0) {
3961 goto fail;
3962 }
3963 trace_vnc_auth_init(vd, 1, vd->ws_auth, vd->ws_subauth);
3964
3965 #ifdef CONFIG_VNC_SASL
3966 if ((saslErr = sasl_server_init(NULL, "qemu")) != SASL_OK) {
3967 error_setg(errp, "Failed to initialize SASL auth: %s",
3968 sasl_errstring(saslErr, NULL, NULL));
3969 goto fail;
3970 }
3971 #endif
3972 vd->lock_key_sync = lock_key_sync;
3973 if (lock_key_sync) {
3974 vd->led = qemu_add_led_event_handler(kbd_leds, vd);
3975 }
3976 vd->ledstate = 0;
3977 vd->key_delay_ms = key_delay_ms;
3978
3979 device_id = qemu_opt_get(opts, "display");
3980 if (device_id) {
3981 int head = qemu_opt_get_number(opts, "head", 0);
3982 Error *err = NULL;
3983
3984 con = qemu_console_lookup_by_device_name(device_id, head, &err);
3985 if (err) {
3986 error_propagate(errp, err);
3987 goto fail;
3988 }
3989 } else {
3990 con = NULL;
3991 }
3992
3993 if (con != vd->dcl.con) {
3994 unregister_displaychangelistener(&vd->dcl);
3995 vd->dcl.con = con;
3996 register_displaychangelistener(&vd->dcl);
3997 }
3998
3999 if (saddr == NULL) {
4000 goto cleanup;
4001 }
4002
4003 if (reverse) {
4004 if (vnc_display_connect(vd, saddr, nsaddr, wsaddr, nwsaddr, errp) < 0) {
4005 goto fail;
4006 }
4007 } else {
4008 if (vnc_display_listen(vd, saddr, nsaddr, wsaddr, nwsaddr, errp) < 0) {
4009 goto fail;
4010 }
4011 }
4012
4013 if (qemu_opt_get(opts, "to")) {
4014 vnc_display_print_local_addr(vd);
4015 }
4016
4017 cleanup:
4018 vnc_free_addresses(&saddr, &nsaddr);
4019 vnc_free_addresses(&wsaddr, &nwsaddr);
4020 return;
4021
4022 fail:
4023 vnc_display_close(vd);
4024 goto cleanup;
4025 }
4026
4027 void vnc_display_add_client(const char *id, int csock, bool skipauth)
4028 {
4029 VncDisplay *vd = vnc_display_find(id);
4030 QIOChannelSocket *sioc;
4031
4032 if (!vd) {
4033 return;
4034 }
4035
4036 sioc = qio_channel_socket_new_fd(csock, NULL);
4037 if (sioc) {
4038 qio_channel_set_name(QIO_CHANNEL(sioc), "vnc-server");
4039 vnc_connect(vd, sioc, skipauth, false);
4040 object_unref(OBJECT(sioc));
4041 }
4042 }
4043
4044 static void vnc_auto_assign_id(QemuOptsList *olist, QemuOpts *opts)
4045 {
4046 int i = 2;
4047 char *id;
4048
4049 id = g_strdup("default");
4050 while (qemu_opts_find(olist, id)) {
4051 g_free(id);
4052 id = g_strdup_printf("vnc%d", i++);
4053 }
4054 qemu_opts_set_id(opts, id);
4055 }
4056
4057 QemuOpts *vnc_parse(const char *str, Error **errp)
4058 {
4059 QemuOptsList *olist = qemu_find_opts("vnc");
4060 QemuOpts *opts = qemu_opts_parse(olist, str, true, errp);
4061 const char *id;
4062
4063 if (!opts) {
4064 return NULL;
4065 }
4066
4067 id = qemu_opts_id(opts);
4068 if (!id) {
4069 /* auto-assign id if not present */
4070 vnc_auto_assign_id(olist, opts);
4071 }
4072 return opts;
4073 }
4074
4075 int vnc_init_func(void *opaque, QemuOpts *opts, Error **errp)
4076 {
4077 Error *local_err = NULL;
4078 char *id = (char *)qemu_opts_id(opts);
4079
4080 assert(id);
4081 vnc_display_init(id);
4082 vnc_display_open(id, &local_err);
4083 if (local_err != NULL) {
4084 error_reportf_err(local_err, "Failed to start VNC server: ");
4085 exit(1);
4086 }
4087 return 0;
4088 }
4089
4090 static void vnc_register_config(void)
4091 {
4092 qemu_add_opts(&qemu_vnc_opts);
4093 }
4094 opts_init(vnc_register_config);
QEMU mirror